Date
July 4, 2025, 3:11 p.m.
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 14.340772] ================================================================== [ 14.341691] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 14.342328] Write of size 2 at addr ffff8881029e5677 by task kunit_try_catch/193 [ 14.343084] [ 14.343389] CPU: 1 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 14.343544] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.343572] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.343619] Call Trace: [ 14.343651] <TASK> [ 14.343688] dump_stack_lvl+0x73/0xb0 [ 14.343739] print_report+0xd1/0x650 [ 14.343773] ? __virt_addr_valid+0x1db/0x2d0 [ 14.343804] ? kmalloc_oob_memset_2+0x166/0x330 [ 14.343834] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.343857] ? kmalloc_oob_memset_2+0x166/0x330 [ 14.343881] kasan_report+0x141/0x180 [ 14.343904] ? kmalloc_oob_memset_2+0x166/0x330 [ 14.343931] kasan_check_range+0x10c/0x1c0 [ 14.343953] __asan_memset+0x27/0x50 [ 14.343973] kmalloc_oob_memset_2+0x166/0x330 [ 14.343997] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 14.344020] ? __schedule+0x10cc/0x2b60 [ 14.344044] ? __pfx_read_tsc+0x10/0x10 [ 14.344068] ? ktime_get_ts64+0x86/0x230 [ 14.344103] kunit_try_run_case+0x1a5/0x480 [ 14.344129] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.344151] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.344176] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.344199] ? __kthread_parkme+0x82/0x180 [ 14.344223] ? preempt_count_sub+0x50/0x80 [ 14.344249] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.344273] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.344296] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.344319] kthread+0x337/0x6f0 [ 14.344355] ? trace_preempt_on+0x20/0xc0 [ 14.344383] ? __pfx_kthread+0x10/0x10 [ 14.344402] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.344424] ? calculate_sigpending+0x7b/0xa0 [ 14.344449] ? __pfx_kthread+0x10/0x10 [ 14.344468] ret_from_fork+0x41/0x80 [ 14.344489] ? __pfx_kthread+0x10/0x10 [ 14.344508] ret_from_fork_asm+0x1a/0x30 [ 14.344542] </TASK> [ 14.344554] [ 14.356553] Allocated by task 193: [ 14.356911] kasan_save_stack+0x45/0x70 [ 14.357382] kasan_save_track+0x18/0x40 [ 14.357574] kasan_save_alloc_info+0x3b/0x50 [ 14.357681] __kasan_kmalloc+0xb7/0xc0 [ 14.357773] __kmalloc_cache_noprof+0x189/0x420 [ 14.357874] kmalloc_oob_memset_2+0xac/0x330 [ 14.357972] kunit_try_run_case+0x1a5/0x480 [ 14.358093] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.358597] kthread+0x337/0x6f0 [ 14.358959] ret_from_fork+0x41/0x80 [ 14.359302] ret_from_fork_asm+0x1a/0x30 [ 14.359691] [ 14.359892] The buggy address belongs to the object at ffff8881029e5600 [ 14.359892] which belongs to the cache kmalloc-128 of size 128 [ 14.361067] The buggy address is located 119 bytes inside of [ 14.361067] allocated 120-byte region [ffff8881029e5600, ffff8881029e5678) [ 14.362219] [ 14.362469] The buggy address belongs to the physical page: [ 14.362907] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e5 [ 14.363485] flags: 0x200000000000000(node=0|zone=2) [ 14.363842] page_type: f5(slab) [ 14.364168] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.364499] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.365068] page dumped because: kasan: bad access detected [ 14.365357] [ 14.365544] Memory state around the buggy address: [ 14.365923] ffff8881029e5500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.366567] ffff8881029e5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.366947] >ffff8881029e5600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 14.367539] ^ [ 14.367992] ffff8881029e5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.368352] ffff8881029e5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.368849] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 14.303866] ================================================================== [ 14.304314] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 14.305441] Write of size 128 at addr ffff8881029e5500 by task kunit_try_catch/191 [ 14.306304] [ 14.306507] CPU: 1 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 14.306598] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.306614] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.306640] Call Trace: [ 14.306666] <TASK> [ 14.306698] dump_stack_lvl+0x73/0xb0 [ 14.306736] print_report+0xd1/0x650 [ 14.306763] ? __virt_addr_valid+0x1db/0x2d0 [ 14.306788] ? kmalloc_oob_in_memset+0x15f/0x320 [ 14.306811] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.306834] ? kmalloc_oob_in_memset+0x15f/0x320 [ 14.306857] kasan_report+0x141/0x180 [ 14.306880] ? kmalloc_oob_in_memset+0x15f/0x320 [ 14.306909] kasan_check_range+0x10c/0x1c0 [ 14.306930] __asan_memset+0x27/0x50 [ 14.306951] kmalloc_oob_in_memset+0x15f/0x320 [ 14.306974] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 14.306997] ? __schedule+0x10cc/0x2b60 [ 14.307021] ? __pfx_read_tsc+0x10/0x10 [ 14.307042] ? ktime_get_ts64+0x86/0x230 [ 14.307102] kunit_try_run_case+0x1a5/0x480 [ 14.307167] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.307210] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.307261] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.307310] ? __kthread_parkme+0x82/0x180 [ 14.307371] ? preempt_count_sub+0x50/0x80 [ 14.307404] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.307428] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.307452] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.307475] kthread+0x337/0x6f0 [ 14.307494] ? trace_preempt_on+0x20/0xc0 [ 14.307518] ? __pfx_kthread+0x10/0x10 [ 14.307537] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.307559] ? calculate_sigpending+0x7b/0xa0 [ 14.307581] ? __pfx_kthread+0x10/0x10 [ 14.307602] ret_from_fork+0x41/0x80 [ 14.307624] ? __pfx_kthread+0x10/0x10 [ 14.307643] ret_from_fork_asm+0x1a/0x30 [ 14.307676] </TASK> [ 14.307689] [ 14.319320] Allocated by task 191: [ 14.319857] kasan_save_stack+0x45/0x70 [ 14.320410] kasan_save_track+0x18/0x40 [ 14.320866] kasan_save_alloc_info+0x3b/0x50 [ 14.321252] __kasan_kmalloc+0xb7/0xc0 [ 14.321534] __kmalloc_cache_noprof+0x189/0x420 [ 14.322032] kmalloc_oob_in_memset+0xac/0x320 [ 14.322467] kunit_try_run_case+0x1a5/0x480 [ 14.322964] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.323454] kthread+0x337/0x6f0 [ 14.323797] ret_from_fork+0x41/0x80 [ 14.324211] ret_from_fork_asm+0x1a/0x30 [ 14.324574] [ 14.324836] The buggy address belongs to the object at ffff8881029e5500 [ 14.324836] which belongs to the cache kmalloc-128 of size 128 [ 14.325719] The buggy address is located 0 bytes inside of [ 14.325719] allocated 120-byte region [ffff8881029e5500, ffff8881029e5578) [ 14.326422] [ 14.326707] The buggy address belongs to the physical page: [ 14.327225] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e5 [ 14.327822] flags: 0x200000000000000(node=0|zone=2) [ 14.328327] page_type: f5(slab) [ 14.328732] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.329229] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.329888] page dumped because: kasan: bad access detected [ 14.330199] [ 14.330386] Memory state around the buggy address: [ 14.330890] ffff8881029e5400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.331331] ffff8881029e5480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.331930] >ffff8881029e5500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 14.332366] ^ [ 14.332789] ffff8881029e5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.333483] ffff8881029e5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.334059] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 14.258644] ================================================================== [ 14.259209] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 14.259910] Read of size 16 at addr ffff888102317920 by task kunit_try_catch/189 [ 14.261373] [ 14.261632] CPU: 1 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 14.261734] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.261762] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.261806] Call Trace: [ 14.261858] <TASK> [ 14.261894] dump_stack_lvl+0x73/0xb0 [ 14.261959] print_report+0xd1/0x650 [ 14.262005] ? __virt_addr_valid+0x1db/0x2d0 [ 14.262053] ? kmalloc_uaf_16+0x47b/0x4c0 [ 14.262105] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.262130] ? kmalloc_uaf_16+0x47b/0x4c0 [ 14.262153] kasan_report+0x141/0x180 [ 14.262177] ? kmalloc_uaf_16+0x47b/0x4c0 [ 14.262209] __asan_report_load16_noabort+0x18/0x20 [ 14.262275] kmalloc_uaf_16+0x47b/0x4c0 [ 14.262314] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 14.262366] ? __schedule+0x10cc/0x2b60 [ 14.262394] ? __pfx_read_tsc+0x10/0x10 [ 14.262417] ? ktime_get_ts64+0x86/0x230 [ 14.262444] kunit_try_run_case+0x1a5/0x480 [ 14.262471] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.262493] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.262518] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.262542] ? __kthread_parkme+0x82/0x180 [ 14.262565] ? preempt_count_sub+0x50/0x80 [ 14.262592] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.262615] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.262639] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.262662] kthread+0x337/0x6f0 [ 14.262680] ? trace_preempt_on+0x20/0xc0 [ 14.262704] ? __pfx_kthread+0x10/0x10 [ 14.262724] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.262746] ? calculate_sigpending+0x7b/0xa0 [ 14.262769] ? __pfx_kthread+0x10/0x10 [ 14.262789] ret_from_fork+0x41/0x80 [ 14.262810] ? __pfx_kthread+0x10/0x10 [ 14.262829] ret_from_fork_asm+0x1a/0x30 [ 14.262861] </TASK> [ 14.262874] [ 14.275945] Allocated by task 189: [ 14.276649] kasan_save_stack+0x45/0x70 [ 14.277028] kasan_save_track+0x18/0x40 [ 14.277904] kasan_save_alloc_info+0x3b/0x50 [ 14.278424] __kasan_kmalloc+0xb7/0xc0 [ 14.278889] __kmalloc_cache_noprof+0x189/0x420 [ 14.279427] kmalloc_uaf_16+0x15b/0x4c0 [ 14.279738] kunit_try_run_case+0x1a5/0x480 [ 14.280614] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.281064] kthread+0x337/0x6f0 [ 14.281643] ret_from_fork+0x41/0x80 [ 14.281886] ret_from_fork_asm+0x1a/0x30 [ 14.282073] [ 14.282259] Freed by task 189: [ 14.282852] kasan_save_stack+0x45/0x70 [ 14.283138] kasan_save_track+0x18/0x40 [ 14.283287] kasan_save_free_info+0x3f/0x60 [ 14.283448] __kasan_slab_free+0x56/0x70 [ 14.283771] kfree+0x222/0x3f0 [ 14.284058] kmalloc_uaf_16+0x1d6/0x4c0 [ 14.284888] kunit_try_run_case+0x1a5/0x480 [ 14.285420] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.286039] kthread+0x337/0x6f0 [ 14.286582] ret_from_fork+0x41/0x80 [ 14.286794] ret_from_fork_asm+0x1a/0x30 [ 14.287019] [ 14.287139] The buggy address belongs to the object at ffff888102317920 [ 14.287139] which belongs to the cache kmalloc-16 of size 16 [ 14.287724] The buggy address is located 0 bytes inside of [ 14.287724] freed 16-byte region [ffff888102317920, ffff888102317930) [ 14.288274] [ 14.289601] The buggy address belongs to the physical page: [ 14.289857] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102317 [ 14.290491] flags: 0x200000000000000(node=0|zone=2) [ 14.290754] page_type: f5(slab) [ 14.291076] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.291558] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.291985] page dumped because: kasan: bad access detected [ 14.292282] [ 14.293147] Memory state around the buggy address: [ 14.294016] ffff888102317800: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.294794] ffff888102317880: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.295480] >ffff888102317900: 00 00 fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 14.295838] ^ [ 14.296071] ffff888102317980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.296525] ffff888102317a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.297011] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 14.212794] ================================================================== [ 14.213647] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 14.213991] Write of size 16 at addr ffff8881023178c0 by task kunit_try_catch/187 [ 14.214261] [ 14.215644] CPU: 1 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 14.215767] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.215792] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.215836] Call Trace: [ 14.215866] <TASK> [ 14.215907] dump_stack_lvl+0x73/0xb0 [ 14.216131] print_report+0xd1/0x650 [ 14.216180] ? __virt_addr_valid+0x1db/0x2d0 [ 14.216378] ? kmalloc_oob_16+0x452/0x4a0 [ 14.216419] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.216458] ? kmalloc_oob_16+0x452/0x4a0 [ 14.216495] kasan_report+0x141/0x180 [ 14.216535] ? kmalloc_oob_16+0x452/0x4a0 [ 14.216584] __asan_report_store16_noabort+0x1b/0x30 [ 14.216619] kmalloc_oob_16+0x452/0x4a0 [ 14.216654] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 14.216692] ? __schedule+0x10cc/0x2b60 [ 14.216732] ? __pfx_read_tsc+0x10/0x10 [ 14.216768] ? ktime_get_ts64+0x86/0x230 [ 14.216820] kunit_try_run_case+0x1a5/0x480 [ 14.216867] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.216907] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.216951] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.216995] ? __kthread_parkme+0x82/0x180 [ 14.217056] ? preempt_count_sub+0x50/0x80 [ 14.217108] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.217153] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.217376] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.217418] kthread+0x337/0x6f0 [ 14.217464] ? trace_preempt_on+0x20/0xc0 [ 14.217525] ? __pfx_kthread+0x10/0x10 [ 14.217567] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.217605] ? calculate_sigpending+0x7b/0xa0 [ 14.217651] ? __pfx_kthread+0x10/0x10 [ 14.217693] ret_from_fork+0x41/0x80 [ 14.217741] ? __pfx_kthread+0x10/0x10 [ 14.217783] ret_from_fork_asm+0x1a/0x30 [ 14.217859] </TASK> [ 14.217888] [ 14.235169] Allocated by task 187: [ 14.235728] kasan_save_stack+0x45/0x70 [ 14.236179] kasan_save_track+0x18/0x40 [ 14.236547] kasan_save_alloc_info+0x3b/0x50 [ 14.236962] __kasan_kmalloc+0xb7/0xc0 [ 14.237441] __kmalloc_cache_noprof+0x189/0x420 [ 14.237814] kmalloc_oob_16+0xa8/0x4a0 [ 14.238196] kunit_try_run_case+0x1a5/0x480 [ 14.238880] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.239448] kthread+0x337/0x6f0 [ 14.239620] ret_from_fork+0x41/0x80 [ 14.239961] ret_from_fork_asm+0x1a/0x30 [ 14.240447] [ 14.240642] The buggy address belongs to the object at ffff8881023178c0 [ 14.240642] which belongs to the cache kmalloc-16 of size 16 [ 14.241713] The buggy address is located 0 bytes inside of [ 14.241713] allocated 13-byte region [ffff8881023178c0, ffff8881023178cd) [ 14.242621] [ 14.242807] The buggy address belongs to the physical page: [ 14.243654] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102317 [ 14.244139] flags: 0x200000000000000(node=0|zone=2) [ 14.244761] page_type: f5(slab) [ 14.245244] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.245926] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.246783] page dumped because: kasan: bad access detected [ 14.247227] [ 14.247355] Memory state around the buggy address: [ 14.247981] ffff888102317780: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 14.248269] ffff888102317800: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.249679] >ffff888102317880: 00 04 fc fc fa fb fc fc 00 05 fc fc 00 00 fc fc [ 14.250067] ^ [ 14.250423] ffff888102317900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.251429] ffff888102317980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.251796] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 14.161865] ================================================================== [ 14.162737] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 14.164125] Read of size 1 at addr ffff88810034f400 by task kunit_try_catch/185 [ 14.164675] [ 14.164815] CPU: 0 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 14.164877] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.164891] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.164915] Call Trace: [ 14.164932] <TASK> [ 14.164960] dump_stack_lvl+0x73/0xb0 [ 14.164998] print_report+0xd1/0x650 [ 14.165043] ? __virt_addr_valid+0x1db/0x2d0 [ 14.165075] ? krealloc_uaf+0x53c/0x5e0 [ 14.165107] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.165145] ? krealloc_uaf+0x53c/0x5e0 [ 14.165178] kasan_report+0x141/0x180 [ 14.165221] ? krealloc_uaf+0x53c/0x5e0 [ 14.165269] __asan_report_load1_noabort+0x18/0x20 [ 14.165311] krealloc_uaf+0x53c/0x5e0 [ 14.165367] ? __pfx_krealloc_uaf+0x10/0x10 [ 14.165448] ? finish_task_switch.isra.0+0x153/0x700 [ 14.165497] ? __switch_to+0x5d9/0xf60 [ 14.165533] ? dequeue_task_fair+0x166/0x4e0 [ 14.165574] ? __schedule+0x10cc/0x2b60 [ 14.165618] ? __pfx_read_tsc+0x10/0x10 [ 14.165655] ? ktime_get_ts64+0x86/0x230 [ 14.165697] kunit_try_run_case+0x1a5/0x480 [ 14.165746] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.165789] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.165840] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.165891] ? __kthread_parkme+0x82/0x180 [ 14.165940] ? preempt_count_sub+0x50/0x80 [ 14.165978] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.166004] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.166030] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.166056] kthread+0x337/0x6f0 [ 14.166080] ? trace_preempt_on+0x20/0xc0 [ 14.166112] ? __pfx_kthread+0x10/0x10 [ 14.166132] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.166156] ? calculate_sigpending+0x7b/0xa0 [ 14.166180] ? __pfx_kthread+0x10/0x10 [ 14.166201] ret_from_fork+0x41/0x80 [ 14.166236] ? __pfx_kthread+0x10/0x10 [ 14.166267] ret_from_fork_asm+0x1a/0x30 [ 14.166322] </TASK> [ 14.166355] [ 14.180625] Allocated by task 185: [ 14.181033] kasan_save_stack+0x45/0x70 [ 14.181626] kasan_save_track+0x18/0x40 [ 14.182628] kasan_save_alloc_info+0x3b/0x50 [ 14.183070] __kasan_kmalloc+0xb7/0xc0 [ 14.183269] __kmalloc_cache_noprof+0x189/0x420 [ 14.183494] krealloc_uaf+0xbb/0x5e0 [ 14.184013] kunit_try_run_case+0x1a5/0x480 [ 14.184559] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.184860] kthread+0x337/0x6f0 [ 14.185192] ret_from_fork+0x41/0x80 [ 14.185941] ret_from_fork_asm+0x1a/0x30 [ 14.186361] [ 14.186571] Freed by task 185: [ 14.186798] kasan_save_stack+0x45/0x70 [ 14.187107] kasan_save_track+0x18/0x40 [ 14.187670] kasan_save_free_info+0x3f/0x60 [ 14.187978] __kasan_slab_free+0x56/0x70 [ 14.188170] kfree+0x222/0x3f0 [ 14.188348] krealloc_uaf+0x13d/0x5e0 [ 14.188661] kunit_try_run_case+0x1a5/0x480 [ 14.189062] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.190107] kthread+0x337/0x6f0 [ 14.190944] ret_from_fork+0x41/0x80 [ 14.191512] ret_from_fork_asm+0x1a/0x30 [ 14.191773] [ 14.191973] The buggy address belongs to the object at ffff88810034f400 [ 14.191973] which belongs to the cache kmalloc-256 of size 256 [ 14.192754] The buggy address is located 0 bytes inside of [ 14.192754] freed 256-byte region [ffff88810034f400, ffff88810034f500) [ 14.193435] [ 14.193871] The buggy address belongs to the physical page: [ 14.194532] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10034e [ 14.194959] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.195518] flags: 0x200000000000040(head|node=0|zone=2) [ 14.195940] page_type: f5(slab) [ 14.196253] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 14.197040] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.197684] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 14.198516] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.199510] head: 0200000000000001 ffffea000400d381 00000000ffffffff 00000000ffffffff [ 14.199794] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 14.200521] page dumped because: kasan: bad access detected [ 14.200974] [ 14.201072] Memory state around the buggy address: [ 14.201198] ffff88810034f300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.201845] ffff88810034f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.202659] >ffff88810034f400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.203167] ^ [ 14.203980] ffff88810034f480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.204482] ffff88810034f500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.204913] ================================================================== [ 14.117997] ================================================================== [ 14.119261] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 14.119584] Read of size 1 at addr ffff88810034f400 by task kunit_try_catch/185 [ 14.120111] [ 14.121164] CPU: 0 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 14.121294] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.121321] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.121378] Call Trace: [ 14.121407] <TASK> [ 14.121443] dump_stack_lvl+0x73/0xb0 [ 14.121484] print_report+0xd1/0x650 [ 14.121512] ? __virt_addr_valid+0x1db/0x2d0 [ 14.121540] ? krealloc_uaf+0x1b8/0x5e0 [ 14.121560] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.121585] ? krealloc_uaf+0x1b8/0x5e0 [ 14.121605] kasan_report+0x141/0x180 [ 14.121629] ? krealloc_uaf+0x1b8/0x5e0 [ 14.121652] ? krealloc_uaf+0x1b8/0x5e0 [ 14.121672] __kasan_check_byte+0x3d/0x50 [ 14.121697] krealloc_noprof+0x3f/0x340 [ 14.121725] krealloc_uaf+0x1b8/0x5e0 [ 14.121745] ? __pfx_krealloc_uaf+0x10/0x10 [ 14.121764] ? finish_task_switch.isra.0+0x153/0x700 [ 14.121791] ? __switch_to+0x5d9/0xf60 [ 14.121815] ? dequeue_task_fair+0x166/0x4e0 [ 14.121841] ? __schedule+0x10cc/0x2b60 [ 14.121867] ? __pfx_read_tsc+0x10/0x10 [ 14.121889] ? ktime_get_ts64+0x86/0x230 [ 14.121918] kunit_try_run_case+0x1a5/0x480 [ 14.121947] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.121971] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.121999] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.122024] ? __kthread_parkme+0x82/0x180 [ 14.122050] ? preempt_count_sub+0x50/0x80 [ 14.122076] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.122102] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.122127] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.122152] kthread+0x337/0x6f0 [ 14.122170] ? trace_preempt_on+0x20/0xc0 [ 14.122197] ? __pfx_kthread+0x10/0x10 [ 14.122217] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.122241] ? calculate_sigpending+0x7b/0xa0 [ 14.122362] ? __pfx_kthread+0x10/0x10 [ 14.122400] ret_from_fork+0x41/0x80 [ 14.122427] ? __pfx_kthread+0x10/0x10 [ 14.122448] ret_from_fork_asm+0x1a/0x30 [ 14.122484] </TASK> [ 14.122496] [ 14.137441] Allocated by task 185: [ 14.137797] kasan_save_stack+0x45/0x70 [ 14.138382] kasan_save_track+0x18/0x40 [ 14.138946] kasan_save_alloc_info+0x3b/0x50 [ 14.139475] __kasan_kmalloc+0xb7/0xc0 [ 14.139871] __kmalloc_cache_noprof+0x189/0x420 [ 14.140432] krealloc_uaf+0xbb/0x5e0 [ 14.140617] kunit_try_run_case+0x1a5/0x480 [ 14.140984] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.141696] kthread+0x337/0x6f0 [ 14.141898] ret_from_fork+0x41/0x80 [ 14.142211] ret_from_fork_asm+0x1a/0x30 [ 14.142888] [ 14.143302] Freed by task 185: [ 14.143595] kasan_save_stack+0x45/0x70 [ 14.143982] kasan_save_track+0x18/0x40 [ 14.144331] kasan_save_free_info+0x3f/0x60 [ 14.144484] __kasan_slab_free+0x56/0x70 [ 14.144583] kfree+0x222/0x3f0 [ 14.144665] krealloc_uaf+0x13d/0x5e0 [ 14.144752] kunit_try_run_case+0x1a5/0x480 [ 14.144851] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.144963] kthread+0x337/0x6f0 [ 14.145061] ret_from_fork+0x41/0x80 [ 14.145644] ret_from_fork_asm+0x1a/0x30 [ 14.146184] [ 14.146416] The buggy address belongs to the object at ffff88810034f400 [ 14.146416] which belongs to the cache kmalloc-256 of size 256 [ 14.148026] The buggy address is located 0 bytes inside of [ 14.148026] freed 256-byte region [ffff88810034f400, ffff88810034f500) [ 14.148816] [ 14.149382] The buggy address belongs to the physical page: [ 14.149811] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10034e [ 14.150624] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.151606] flags: 0x200000000000040(head|node=0|zone=2) [ 14.152010] page_type: f5(slab) [ 14.152431] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 14.153007] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.153816] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 14.154374] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.154893] head: 0200000000000001 ffffea000400d381 00000000ffffffff 00000000ffffffff [ 14.155256] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 14.155521] page dumped because: kasan: bad access detected [ 14.155985] [ 14.156153] Memory state around the buggy address: [ 14.157095] ffff88810034f300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.157633] ffff88810034f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.157908] >ffff88810034f400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.158891] ^ [ 14.159115] ffff88810034f480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.159364] ffff88810034f500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.160243] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 14.043020] ================================================================== [ 14.044067] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 14.045396] Write of size 1 at addr ffff8881022aa0ea by task kunit_try_catch/183 [ 14.046223] [ 14.046431] CPU: 0 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 14.046536] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.046561] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.046604] Call Trace: [ 14.046649] <TASK> [ 14.046696] dump_stack_lvl+0x73/0xb0 [ 14.046757] print_report+0xd1/0x650 [ 14.046804] ? __virt_addr_valid+0x1db/0x2d0 [ 14.046848] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 14.046886] ? kasan_addr_to_slab+0x11/0xa0 [ 14.046928] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 14.046969] kasan_report+0x141/0x180 [ 14.047014] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 14.047069] __asan_report_store1_noabort+0x1b/0x30 [ 14.047111] krealloc_less_oob_helper+0xe90/0x11d0 [ 14.047158] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 14.047200] ? finish_task_switch.isra.0+0x153/0x700 [ 14.047244] ? __switch_to+0x5d9/0xf60 [ 14.047283] ? dequeue_task_fair+0x166/0x4e0 [ 14.047332] ? __schedule+0x10cc/0x2b60 [ 14.047395] ? __pfx_read_tsc+0x10/0x10 [ 14.047444] krealloc_large_less_oob+0x1c/0x30 [ 14.047483] kunit_try_run_case+0x1a5/0x480 [ 14.047531] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.047571] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.047618] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.047665] ? __kthread_parkme+0x82/0x180 [ 14.047708] ? preempt_count_sub+0x50/0x80 [ 14.047757] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.047802] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.047847] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.047892] kthread+0x337/0x6f0 [ 14.047933] ? __pfx_kthread+0x10/0x10 [ 14.047975] ? calculate_sigpending+0x7b/0xa0 [ 14.048019] ? __pfx_kthread+0x10/0x10 [ 14.048058] ret_from_fork+0x41/0x80 [ 14.048099] ? __pfx_kthread+0x10/0x10 [ 14.048135] ret_from_fork_asm+0x1a/0x30 [ 14.048201] </TASK> [ 14.048224] [ 14.068026] The buggy address belongs to the physical page: [ 14.068895] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022a8 [ 14.069444] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.070219] flags: 0x200000000000040(head|node=0|zone=2) [ 14.070532] page_type: f8(unknown) [ 14.071069] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.071896] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.072628] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.072997] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.073579] head: 0200000000000002 ffffea000408aa01 00000000ffffffff 00000000ffffffff [ 14.074448] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.075289] page dumped because: kasan: bad access detected [ 14.075933] [ 14.076142] Memory state around the buggy address: [ 14.076692] ffff8881022a9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.077415] ffff8881022aa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.078191] >ffff8881022aa080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 14.078619] ^ [ 14.079191] ffff8881022aa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.079598] ffff8881022aa180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.079928] ================================================================== [ 13.980836] ================================================================== [ 13.981549] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 13.981968] Write of size 1 at addr ffff8881022aa0d0 by task kunit_try_catch/183 [ 13.983010] [ 13.983323] CPU: 0 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 13.983454] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.983473] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.983499] Call Trace: [ 13.983525] <TASK> [ 13.983553] dump_stack_lvl+0x73/0xb0 [ 13.983594] print_report+0xd1/0x650 [ 13.983621] ? __virt_addr_valid+0x1db/0x2d0 [ 13.983646] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 13.983668] ? kasan_addr_to_slab+0x11/0xa0 [ 13.983690] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 13.983712] kasan_report+0x141/0x180 [ 13.983736] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 13.983763] __asan_report_store1_noabort+0x1b/0x30 [ 13.983786] krealloc_less_oob_helper+0xe23/0x11d0 [ 13.983810] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 13.983832] ? finish_task_switch.isra.0+0x153/0x700 [ 13.983857] ? __switch_to+0x5d9/0xf60 [ 13.983879] ? dequeue_task_fair+0x166/0x4e0 [ 13.983904] ? __schedule+0x10cc/0x2b60 [ 13.983929] ? __pfx_read_tsc+0x10/0x10 [ 13.983954] krealloc_large_less_oob+0x1c/0x30 [ 13.983974] kunit_try_run_case+0x1a5/0x480 [ 13.984001] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.984024] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.984050] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.984401] ? __kthread_parkme+0x82/0x180 [ 13.984470] ? preempt_count_sub+0x50/0x80 [ 13.984808] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.984901] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.984954] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.985004] kthread+0x337/0x6f0 [ 13.985061] ? __pfx_kthread+0x10/0x10 [ 13.985108] ? calculate_sigpending+0x7b/0xa0 [ 13.985135] ? __pfx_kthread+0x10/0x10 [ 13.985156] ret_from_fork+0x41/0x80 [ 13.985180] ? __pfx_kthread+0x10/0x10 [ 13.985200] ret_from_fork_asm+0x1a/0x30 [ 13.985261] </TASK> [ 13.985281] [ 13.997330] The buggy address belongs to the physical page: [ 13.998734] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022a8 [ 13.999689] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.000421] flags: 0x200000000000040(head|node=0|zone=2) [ 14.000865] page_type: f8(unknown) [ 14.001168] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.001689] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.002072] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.002483] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.002908] head: 0200000000000002 ffffea000408aa01 00000000ffffffff 00000000ffffffff [ 14.004147] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.004616] page dumped because: kasan: bad access detected [ 14.005096] [ 14.005476] Memory state around the buggy address: [ 14.005708] ffff8881022a9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.006169] ffff8881022aa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.006676] >ffff8881022aa080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 14.006969] ^ [ 14.007205] ffff8881022aa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.007622] ffff8881022aa180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.008260] ================================================================== [ 13.669191] ================================================================== [ 13.670594] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 13.671179] Write of size 1 at addr ffff888100aa12c9 by task kunit_try_catch/179 [ 13.672270] [ 13.672446] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 13.672506] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.672520] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.672544] Call Trace: [ 13.672562] <TASK> [ 13.672589] dump_stack_lvl+0x73/0xb0 [ 13.672627] print_report+0xd1/0x650 [ 13.672653] ? __virt_addr_valid+0x1db/0x2d0 [ 13.672679] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 13.672700] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.672724] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 13.672745] kasan_report+0x141/0x180 [ 13.672769] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 13.672796] __asan_report_store1_noabort+0x1b/0x30 [ 13.672817] krealloc_less_oob_helper+0xd70/0x11d0 [ 13.672841] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 13.672863] ? finish_task_switch.isra.0+0x153/0x700 [ 13.672888] ? __switch_to+0x5d9/0xf60 [ 13.672911] ? dequeue_task_fair+0x156/0x4e0 [ 13.672936] ? __schedule+0x10cc/0x2b60 [ 13.672960] ? __pfx_read_tsc+0x10/0x10 [ 13.672986] krealloc_less_oob+0x1c/0x30 [ 13.673006] kunit_try_run_case+0x1a5/0x480 [ 13.673052] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.673089] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.673135] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.673180] ? __kthread_parkme+0x82/0x180 [ 13.673222] ? preempt_count_sub+0x50/0x80 [ 13.673268] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.673316] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.673663] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.673746] kthread+0x337/0x6f0 [ 13.673783] ? trace_preempt_on+0x20/0xc0 [ 13.673824] ? __pfx_kthread+0x10/0x10 [ 13.673854] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.673891] ? calculate_sigpending+0x7b/0xa0 [ 13.673927] ? __pfx_kthread+0x10/0x10 [ 13.673947] ret_from_fork+0x41/0x80 [ 13.673970] ? __pfx_kthread+0x10/0x10 [ 13.673989] ret_from_fork_asm+0x1a/0x30 [ 13.674023] </TASK> [ 13.674036] [ 13.690854] Allocated by task 179: [ 13.691835] kasan_save_stack+0x45/0x70 [ 13.693241] kasan_save_track+0x18/0x40 [ 13.693957] kasan_save_alloc_info+0x3b/0x50 [ 13.695384] __kasan_krealloc+0x190/0x1f0 [ 13.696156] krealloc_noprof+0xf3/0x340 [ 13.696388] krealloc_less_oob_helper+0x1aa/0x11d0 [ 13.696592] krealloc_less_oob+0x1c/0x30 [ 13.696769] kunit_try_run_case+0x1a5/0x480 [ 13.696931] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.697998] kthread+0x337/0x6f0 [ 13.698370] ret_from_fork+0x41/0x80 [ 13.698684] ret_from_fork_asm+0x1a/0x30 [ 13.699006] [ 13.699186] The buggy address belongs to the object at ffff888100aa1200 [ 13.699186] which belongs to the cache kmalloc-256 of size 256 [ 13.700321] The buggy address is located 0 bytes to the right of [ 13.700321] allocated 201-byte region [ffff888100aa1200, ffff888100aa12c9) [ 13.701158] [ 13.701878] The buggy address belongs to the physical page: [ 13.702579] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aa0 [ 13.703050] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.703696] flags: 0x200000000000040(head|node=0|zone=2) [ 13.704194] page_type: f5(slab) [ 13.704691] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.705025] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.706040] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.706649] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.707383] head: 0200000000000001 ffffea000402a801 00000000ffffffff 00000000ffffffff [ 13.707852] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 13.708151] page dumped because: kasan: bad access detected [ 13.708700] [ 13.708897] Memory state around the buggy address: [ 13.709756] ffff888100aa1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.710473] ffff888100aa1200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.710711] >ffff888100aa1280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 13.711464] ^ [ 13.711786] ffff888100aa1300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.712530] ffff888100aa1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.712977] ================================================================== [ 13.714775] ================================================================== [ 13.715398] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 13.716535] Write of size 1 at addr ffff888100aa12d0 by task kunit_try_catch/179 [ 13.716830] [ 13.717104] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 13.717207] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.717232] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.717370] Call Trace: [ 13.717419] <TASK> [ 13.717462] dump_stack_lvl+0x73/0xb0 [ 13.717526] print_report+0xd1/0x650 [ 13.717776] ? __virt_addr_valid+0x1db/0x2d0 [ 13.717855] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 13.717905] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.717954] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 13.717995] kasan_report+0x141/0x180 [ 13.718036] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 13.718102] __asan_report_store1_noabort+0x1b/0x30 [ 13.718138] krealloc_less_oob_helper+0xe23/0x11d0 [ 13.718186] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 13.718238] ? finish_task_switch.isra.0+0x153/0x700 [ 13.718277] ? __switch_to+0x5d9/0xf60 [ 13.718311] ? dequeue_task_fair+0x156/0x4e0 [ 13.718367] ? __schedule+0x10cc/0x2b60 [ 13.718398] ? __pfx_read_tsc+0x10/0x10 [ 13.718424] krealloc_less_oob+0x1c/0x30 [ 13.718444] kunit_try_run_case+0x1a5/0x480 [ 13.718471] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.718494] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.718519] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.718543] ? __kthread_parkme+0x82/0x180 [ 13.718567] ? preempt_count_sub+0x50/0x80 [ 13.718591] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.718615] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.718639] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.718662] kthread+0x337/0x6f0 [ 13.718681] ? trace_preempt_on+0x20/0xc0 [ 13.718705] ? __pfx_kthread+0x10/0x10 [ 13.718726] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.718749] ? calculate_sigpending+0x7b/0xa0 [ 13.718771] ? __pfx_kthread+0x10/0x10 [ 13.718791] ret_from_fork+0x41/0x80 [ 13.718812] ? __pfx_kthread+0x10/0x10 [ 13.718831] ret_from_fork_asm+0x1a/0x30 [ 13.718864] </TASK> [ 13.718877] [ 13.732006] Allocated by task 179: [ 13.732371] kasan_save_stack+0x45/0x70 [ 13.732990] kasan_save_track+0x18/0x40 [ 13.733267] kasan_save_alloc_info+0x3b/0x50 [ 13.733487] __kasan_krealloc+0x190/0x1f0 [ 13.734060] krealloc_noprof+0xf3/0x340 [ 13.734558] krealloc_less_oob_helper+0x1aa/0x11d0 [ 13.735332] krealloc_less_oob+0x1c/0x30 [ 13.735654] kunit_try_run_case+0x1a5/0x480 [ 13.735863] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.736092] kthread+0x337/0x6f0 [ 13.736263] ret_from_fork+0x41/0x80 [ 13.736630] ret_from_fork_asm+0x1a/0x30 [ 13.736996] [ 13.737180] The buggy address belongs to the object at ffff888100aa1200 [ 13.737180] which belongs to the cache kmalloc-256 of size 256 [ 13.739842] The buggy address is located 7 bytes to the right of [ 13.739842] allocated 201-byte region [ffff888100aa1200, ffff888100aa12c9) [ 13.740961] [ 13.741412] The buggy address belongs to the physical page: [ 13.741944] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aa0 [ 13.742614] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.743353] flags: 0x200000000000040(head|node=0|zone=2) [ 13.743725] page_type: f5(slab) [ 13.743960] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.744303] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.744595] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.745406] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.745928] head: 0200000000000001 ffffea000402a801 00000000ffffffff 00000000ffffffff [ 13.747116] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 13.747860] page dumped because: kasan: bad access detected [ 13.748737] [ 13.748904] Memory state around the buggy address: [ 13.749487] ffff888100aa1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.749818] ffff888100aa1200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.751007] >ffff888100aa1280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 13.751413] ^ [ 13.751862] ffff888100aa1300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.752466] ffff888100aa1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.753573] ================================================================== [ 14.009096] ================================================================== [ 14.009611] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 14.009999] Write of size 1 at addr ffff8881022aa0da by task kunit_try_catch/183 [ 14.012410] [ 14.012583] CPU: 0 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 14.012682] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.012710] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.012755] Call Trace: [ 14.012797] <TASK> [ 14.012835] dump_stack_lvl+0x73/0xb0 [ 14.012898] print_report+0xd1/0x650 [ 14.012944] ? __virt_addr_valid+0x1db/0x2d0 [ 14.012992] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 14.013052] ? kasan_addr_to_slab+0x11/0xa0 [ 14.013099] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 14.013142] kasan_report+0x141/0x180 [ 14.013198] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 14.013243] __asan_report_store1_noabort+0x1b/0x30 [ 14.013279] krealloc_less_oob_helper+0xec6/0x11d0 [ 14.013316] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 14.013369] ? finish_task_switch.isra.0+0x153/0x700 [ 14.013411] ? __switch_to+0x5d9/0xf60 [ 14.013446] ? dequeue_task_fair+0x166/0x4e0 [ 14.013474] ? __schedule+0x10cc/0x2b60 [ 14.013501] ? __pfx_read_tsc+0x10/0x10 [ 14.013527] krealloc_large_less_oob+0x1c/0x30 [ 14.013550] kunit_try_run_case+0x1a5/0x480 [ 14.013578] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.013603] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.013630] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.013657] ? __kthread_parkme+0x82/0x180 [ 14.013681] ? preempt_count_sub+0x50/0x80 [ 14.013708] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.013733] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.013759] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.013784] kthread+0x337/0x6f0 [ 14.013805] ? __pfx_kthread+0x10/0x10 [ 14.013828] ? calculate_sigpending+0x7b/0xa0 [ 14.013853] ? __pfx_kthread+0x10/0x10 [ 14.013874] ret_from_fork+0x41/0x80 [ 14.013897] ? __pfx_kthread+0x10/0x10 [ 14.013917] ret_from_fork_asm+0x1a/0x30 [ 14.013952] </TASK> [ 14.013965] [ 14.027214] The buggy address belongs to the physical page: [ 14.027506] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022a8 [ 14.027986] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.029385] flags: 0x200000000000040(head|node=0|zone=2) [ 14.029790] page_type: f8(unknown) [ 14.029998] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.030287] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.031503] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.032133] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.033430] head: 0200000000000002 ffffea000408aa01 00000000ffffffff 00000000ffffffff [ 14.033872] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.034685] page dumped because: kasan: bad access detected [ 14.034992] [ 14.035466] Memory state around the buggy address: [ 14.035834] ffff8881022a9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.037527] ffff8881022aa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.038179] >ffff8881022aa080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 14.038771] ^ [ 14.039262] ffff8881022aa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.040746] ffff8881022aa180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.041581] ================================================================== [ 14.080941] ================================================================== [ 14.081554] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 14.082120] Write of size 1 at addr ffff8881022aa0eb by task kunit_try_catch/183 [ 14.082827] [ 14.083063] CPU: 0 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 14.083176] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.083205] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.083250] Call Trace: [ 14.083294] <TASK> [ 14.083381] dump_stack_lvl+0x73/0xb0 [ 14.083454] print_report+0xd1/0x650 [ 14.083495] ? __virt_addr_valid+0x1db/0x2d0 [ 14.083529] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 14.083563] ? kasan_addr_to_slab+0x11/0xa0 [ 14.083598] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 14.083632] kasan_report+0x141/0x180 [ 14.083669] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 14.083711] __asan_report_store1_noabort+0x1b/0x30 [ 14.083743] krealloc_less_oob_helper+0xd47/0x11d0 [ 14.083780] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 14.083812] ? finish_task_switch.isra.0+0x153/0x700 [ 14.083848] ? __switch_to+0x5d9/0xf60 [ 14.083881] ? dequeue_task_fair+0x166/0x4e0 [ 14.083921] ? __schedule+0x10cc/0x2b60 [ 14.083959] ? __pfx_read_tsc+0x10/0x10 [ 14.083996] krealloc_large_less_oob+0x1c/0x30 [ 14.084030] kunit_try_run_case+0x1a5/0x480 [ 14.084075] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.084111] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.084153] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.084190] ? __kthread_parkme+0x82/0x180 [ 14.084234] ? preempt_count_sub+0x50/0x80 [ 14.084272] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.084310] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.084388] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.084433] kthread+0x337/0x6f0 [ 14.084470] ? __pfx_kthread+0x10/0x10 [ 14.084505] ? calculate_sigpending+0x7b/0xa0 [ 14.084546] ? __pfx_kthread+0x10/0x10 [ 14.084581] ret_from_fork+0x41/0x80 [ 14.084620] ? __pfx_kthread+0x10/0x10 [ 14.084657] ret_from_fork_asm+0x1a/0x30 [ 14.084723] </TASK> [ 14.084748] [ 14.098071] The buggy address belongs to the physical page: [ 14.098737] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022a8 [ 14.100128] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.100976] flags: 0x200000000000040(head|node=0|zone=2) [ 14.101303] page_type: f8(unknown) [ 14.101726] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.102417] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.102727] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.104025] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.104670] head: 0200000000000002 ffffea000408aa01 00000000ffffffff 00000000ffffffff [ 14.105353] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.105892] page dumped because: kasan: bad access detected [ 14.106175] [ 14.106617] Memory state around the buggy address: [ 14.106987] ffff8881022a9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.107397] ffff8881022aa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.108018] >ffff8881022aa080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 14.108948] ^ [ 14.109695] ffff8881022aa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.110121] ffff8881022aa180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.110440] ================================================================== [ 13.836478] ================================================================== [ 13.837186] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 13.837917] Write of size 1 at addr ffff888100aa12eb by task kunit_try_catch/179 [ 13.838645] [ 13.838977] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 13.839107] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.839144] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.839190] Call Trace: [ 13.839278] <TASK> [ 13.839356] dump_stack_lvl+0x73/0xb0 [ 13.839419] print_report+0xd1/0x650 [ 13.839460] ? __virt_addr_valid+0x1db/0x2d0 [ 13.839498] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 13.839530] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.839568] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 13.839601] kasan_report+0x141/0x180 [ 13.839636] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 13.839678] __asan_report_store1_noabort+0x1b/0x30 [ 13.839714] krealloc_less_oob_helper+0xd47/0x11d0 [ 13.839754] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 13.839787] ? finish_task_switch.isra.0+0x153/0x700 [ 13.839825] ? __switch_to+0x5d9/0xf60 [ 13.839863] ? dequeue_task_fair+0x156/0x4e0 [ 13.839908] ? __schedule+0x10cc/0x2b60 [ 13.839999] ? __pfx_read_tsc+0x10/0x10 [ 13.840043] krealloc_less_oob+0x1c/0x30 [ 13.840108] kunit_try_run_case+0x1a5/0x480 [ 13.840154] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.840198] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.840242] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.840281] ? __kthread_parkme+0x82/0x180 [ 13.840316] ? preempt_count_sub+0x50/0x80 [ 13.840378] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.840421] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.840466] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.840542] kthread+0x337/0x6f0 [ 13.840579] ? trace_preempt_on+0x20/0xc0 [ 13.840643] ? __pfx_kthread+0x10/0x10 [ 13.840681] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.840720] ? calculate_sigpending+0x7b/0xa0 [ 13.840749] ? __pfx_kthread+0x10/0x10 [ 13.840769] ret_from_fork+0x41/0x80 [ 13.840792] ? __pfx_kthread+0x10/0x10 [ 13.840812] ret_from_fork_asm+0x1a/0x30 [ 13.840846] </TASK> [ 13.840860] [ 13.855078] Allocated by task 179: [ 13.855497] kasan_save_stack+0x45/0x70 [ 13.856177] kasan_save_track+0x18/0x40 [ 13.856593] kasan_save_alloc_info+0x3b/0x50 [ 13.856966] __kasan_krealloc+0x190/0x1f0 [ 13.857476] krealloc_noprof+0xf3/0x340 [ 13.858499] krealloc_less_oob_helper+0x1aa/0x11d0 [ 13.858768] krealloc_less_oob+0x1c/0x30 [ 13.859534] kunit_try_run_case+0x1a5/0x480 [ 13.860024] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.860430] kthread+0x337/0x6f0 [ 13.860800] ret_from_fork+0x41/0x80 [ 13.861202] ret_from_fork_asm+0x1a/0x30 [ 13.862015] [ 13.862228] The buggy address belongs to the object at ffff888100aa1200 [ 13.862228] which belongs to the cache kmalloc-256 of size 256 [ 13.862701] The buggy address is located 34 bytes to the right of [ 13.862701] allocated 201-byte region [ffff888100aa1200, ffff888100aa12c9) [ 13.864157] [ 13.864564] The buggy address belongs to the physical page: [ 13.864893] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aa0 [ 13.865428] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.866054] flags: 0x200000000000040(head|node=0|zone=2) [ 13.866862] page_type: f5(slab) [ 13.867128] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.867478] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.867819] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.869465] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.869804] head: 0200000000000001 ffffea000402a801 00000000ffffffff 00000000ffffffff [ 13.870415] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 13.870758] page dumped because: kasan: bad access detected [ 13.871024] [ 13.871633] Memory state around the buggy address: [ 13.871970] ffff888100aa1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.872223] ffff888100aa1200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.872676] >ffff888100aa1280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 13.873000] ^ [ 13.873495] ffff888100aa1300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.873801] ffff888100aa1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.874107] ================================================================== [ 13.795899] ================================================================== [ 13.796554] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 13.796953] Write of size 1 at addr ffff888100aa12ea by task kunit_try_catch/179 [ 13.797537] [ 13.797705] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 13.797805] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.797829] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.797886] Call Trace: [ 13.797930] <TASK> [ 13.797976] dump_stack_lvl+0x73/0xb0 [ 13.798042] print_report+0xd1/0x650 [ 13.798127] ? __virt_addr_valid+0x1db/0x2d0 [ 13.798178] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 13.798247] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.798297] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 13.798478] kasan_report+0x141/0x180 [ 13.798538] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 13.798591] __asan_report_store1_noabort+0x1b/0x30 [ 13.798642] krealloc_less_oob_helper+0xe90/0x11d0 [ 13.798703] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 13.798745] ? finish_task_switch.isra.0+0x153/0x700 [ 13.798797] ? __switch_to+0x5d9/0xf60 [ 13.798841] ? dequeue_task_fair+0x156/0x4e0 [ 13.798889] ? __schedule+0x10cc/0x2b60 [ 13.798932] ? __pfx_read_tsc+0x10/0x10 [ 13.798978] krealloc_less_oob+0x1c/0x30 [ 13.799016] kunit_try_run_case+0x1a5/0x480 [ 13.799101] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.799145] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.799195] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.799274] ? __kthread_parkme+0x82/0x180 [ 13.799323] ? preempt_count_sub+0x50/0x80 [ 13.799392] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.799434] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.799473] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.799510] kthread+0x337/0x6f0 [ 13.799539] ? trace_preempt_on+0x20/0xc0 [ 13.799576] ? __pfx_kthread+0x10/0x10 [ 13.799607] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.799643] ? calculate_sigpending+0x7b/0xa0 [ 13.799678] ? __pfx_kthread+0x10/0x10 [ 13.799710] ret_from_fork+0x41/0x80 [ 13.799744] ? __pfx_kthread+0x10/0x10 [ 13.799776] ret_from_fork_asm+0x1a/0x30 [ 13.799815] </TASK> [ 13.799829] [ 13.814493] Allocated by task 179: [ 13.814846] kasan_save_stack+0x45/0x70 [ 13.815651] kasan_save_track+0x18/0x40 [ 13.815894] kasan_save_alloc_info+0x3b/0x50 [ 13.816133] __kasan_krealloc+0x190/0x1f0 [ 13.816418] krealloc_noprof+0xf3/0x340 [ 13.816707] krealloc_less_oob_helper+0x1aa/0x11d0 [ 13.817055] krealloc_less_oob+0x1c/0x30 [ 13.817483] kunit_try_run_case+0x1a5/0x480 [ 13.818121] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.818634] kthread+0x337/0x6f0 [ 13.818931] ret_from_fork+0x41/0x80 [ 13.819728] ret_from_fork_asm+0x1a/0x30 [ 13.820036] [ 13.820836] The buggy address belongs to the object at ffff888100aa1200 [ 13.820836] which belongs to the cache kmalloc-256 of size 256 [ 13.821879] The buggy address is located 33 bytes to the right of [ 13.821879] allocated 201-byte region [ffff888100aa1200, ffff888100aa12c9) [ 13.822647] [ 13.822826] The buggy address belongs to the physical page: [ 13.823535] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aa0 [ 13.823964] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.824424] flags: 0x200000000000040(head|node=0|zone=2) [ 13.824841] page_type: f5(slab) [ 13.825086] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.826407] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.826873] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.827460] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.828000] head: 0200000000000001 ffffea000402a801 00000000ffffffff 00000000ffffffff [ 13.828905] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 13.829653] page dumped because: kasan: bad access detected [ 13.829982] [ 13.830773] Memory state around the buggy address: [ 13.831002] ffff888100aa1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.831531] ffff888100aa1200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.832560] >ffff888100aa1280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 13.832968] ^ [ 13.833700] ffff888100aa1300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.834554] ffff888100aa1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.835037] ================================================================== [ 13.754766] ================================================================== [ 13.755239] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 13.755608] Write of size 1 at addr ffff888100aa12da by task kunit_try_catch/179 [ 13.756395] [ 13.756633] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 13.756742] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.756770] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.756816] Call Trace: [ 13.756860] <TASK> [ 13.756904] dump_stack_lvl+0x73/0xb0 [ 13.757365] print_report+0xd1/0x650 [ 13.757744] ? __virt_addr_valid+0x1db/0x2d0 [ 13.757883] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 13.757918] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.757945] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 13.757968] kasan_report+0x141/0x180 [ 13.757994] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 13.758022] __asan_report_store1_noabort+0x1b/0x30 [ 13.758044] krealloc_less_oob_helper+0xec6/0x11d0 [ 13.758074] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 13.758106] ? finish_task_switch.isra.0+0x153/0x700 [ 13.758131] ? __switch_to+0x5d9/0xf60 [ 13.758154] ? dequeue_task_fair+0x156/0x4e0 [ 13.758179] ? __schedule+0x10cc/0x2b60 [ 13.758207] ? __pfx_read_tsc+0x10/0x10 [ 13.758260] krealloc_less_oob+0x1c/0x30 [ 13.758290] kunit_try_run_case+0x1a5/0x480 [ 13.758330] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.758384] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.758425] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.758462] ? __kthread_parkme+0x82/0x180 [ 13.758497] ? preempt_count_sub+0x50/0x80 [ 13.758537] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.758575] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.758614] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.758646] kthread+0x337/0x6f0 [ 13.758665] ? trace_preempt_on+0x20/0xc0 [ 13.758690] ? __pfx_kthread+0x10/0x10 [ 13.758710] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.758733] ? calculate_sigpending+0x7b/0xa0 [ 13.758756] ? __pfx_kthread+0x10/0x10 [ 13.758776] ret_from_fork+0x41/0x80 [ 13.758797] ? __pfx_kthread+0x10/0x10 [ 13.758816] ret_from_fork_asm+0x1a/0x30 [ 13.758849] </TASK> [ 13.758862] [ 13.773424] Allocated by task 179: [ 13.773919] kasan_save_stack+0x45/0x70 [ 13.774654] kasan_save_track+0x18/0x40 [ 13.774837] kasan_save_alloc_info+0x3b/0x50 [ 13.775006] __kasan_krealloc+0x190/0x1f0 [ 13.775596] krealloc_noprof+0xf3/0x340 [ 13.776000] krealloc_less_oob_helper+0x1aa/0x11d0 [ 13.776671] krealloc_less_oob+0x1c/0x30 [ 13.777391] kunit_try_run_case+0x1a5/0x480 [ 13.777716] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.777936] kthread+0x337/0x6f0 [ 13.778838] ret_from_fork+0x41/0x80 [ 13.779065] ret_from_fork_asm+0x1a/0x30 [ 13.779253] [ 13.779480] The buggy address belongs to the object at ffff888100aa1200 [ 13.779480] which belongs to the cache kmalloc-256 of size 256 [ 13.780577] The buggy address is located 17 bytes to the right of [ 13.780577] allocated 201-byte region [ffff888100aa1200, ffff888100aa12c9) [ 13.782464] [ 13.782599] The buggy address belongs to the physical page: [ 13.783351] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aa0 [ 13.783989] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.785034] flags: 0x200000000000040(head|node=0|zone=2) [ 13.785723] page_type: f5(slab) [ 13.785930] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.786750] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.787418] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.787854] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.788647] head: 0200000000000001 ffffea000402a801 00000000ffffffff 00000000ffffffff [ 13.789476] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 13.789971] page dumped because: kasan: bad access detected [ 13.790409] [ 13.790794] Memory state around the buggy address: [ 13.791128] ffff888100aa1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.791578] ffff888100aa1200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.791936] >ffff888100aa1280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 13.793278] ^ [ 13.793768] ffff888100aa1300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.794457] ffff888100aa1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.794806] ================================================================== [ 13.942758] ================================================================== [ 13.943763] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 13.944505] Write of size 1 at addr ffff8881022aa0c9 by task kunit_try_catch/183 [ 13.945138] [ 13.945573] CPU: 0 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 13.945731] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.945779] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.945828] Call Trace: [ 13.945859] <TASK> [ 13.945900] dump_stack_lvl+0x73/0xb0 [ 13.946019] print_report+0xd1/0x650 [ 13.946075] ? __virt_addr_valid+0x1db/0x2d0 [ 13.946123] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 13.946165] ? kasan_addr_to_slab+0x11/0xa0 [ 13.946240] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 13.946300] kasan_report+0x141/0x180 [ 13.946391] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 13.946426] __asan_report_store1_noabort+0x1b/0x30 [ 13.946451] krealloc_less_oob_helper+0xd70/0x11d0 [ 13.946478] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 13.946501] ? finish_task_switch.isra.0+0x153/0x700 [ 13.946541] ? __switch_to+0x5d9/0xf60 [ 13.946580] ? dequeue_task_fair+0x166/0x4e0 [ 13.946621] ? __schedule+0x10cc/0x2b60 [ 13.946660] ? __pfx_read_tsc+0x10/0x10 [ 13.946699] krealloc_large_less_oob+0x1c/0x30 [ 13.946732] kunit_try_run_case+0x1a5/0x480 [ 13.946774] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.946808] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.946848] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.946884] ? __kthread_parkme+0x82/0x180 [ 13.946921] ? preempt_count_sub+0x50/0x80 [ 13.946961] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.947000] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.947039] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.947064] kthread+0x337/0x6f0 [ 13.947109] ? __pfx_kthread+0x10/0x10 [ 13.947209] ? calculate_sigpending+0x7b/0xa0 [ 13.947252] ? __pfx_kthread+0x10/0x10 [ 13.947283] ret_from_fork+0x41/0x80 [ 13.947319] ? __pfx_kthread+0x10/0x10 [ 13.947359] ret_from_fork_asm+0x1a/0x30 [ 13.947398] </TASK> [ 13.947412] [ 13.967400] The buggy address belongs to the physical page: [ 13.968162] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022a8 [ 13.968877] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.969892] flags: 0x200000000000040(head|node=0|zone=2) [ 13.970399] page_type: f8(unknown) [ 13.970575] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.970803] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.971625] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.972019] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.973000] head: 0200000000000002 ffffea000408aa01 00000000ffffffff 00000000ffffffff [ 13.973565] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.973989] page dumped because: kasan: bad access detected [ 13.974740] [ 13.974930] Memory state around the buggy address: [ 13.975938] ffff8881022a9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.976881] ffff8881022aa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.977611] >ffff8881022aa080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 13.978092] ^ [ 13.979082] ffff8881022aa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.979517] ffff8881022aa180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.979866] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 13.597211] ================================================================== [ 13.598097] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 13.598747] Write of size 1 at addr ffff88810034f2eb by task kunit_try_catch/177 [ 13.599331] [ 13.599555] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 13.599658] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.599684] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.599729] Call Trace: [ 13.599770] <TASK> [ 13.599811] dump_stack_lvl+0x73/0xb0 [ 13.599896] print_report+0xd1/0x650 [ 13.599960] ? __virt_addr_valid+0x1db/0x2d0 [ 13.600009] ? krealloc_more_oob_helper+0x821/0x930 [ 13.600053] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.600131] ? krealloc_more_oob_helper+0x821/0x930 [ 13.600171] kasan_report+0x141/0x180 [ 13.600217] ? krealloc_more_oob_helper+0x821/0x930 [ 13.600267] __asan_report_store1_noabort+0x1b/0x30 [ 13.600314] krealloc_more_oob_helper+0x821/0x930 [ 13.600375] ? trace_hardirqs_on+0x37/0xe0 [ 13.600427] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 13.600464] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.600527] ? __pfx_krealloc_more_oob+0x10/0x10 [ 13.600575] krealloc_more_oob+0x1c/0x30 [ 13.600609] kunit_try_run_case+0x1a5/0x480 [ 13.600670] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.600729] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.600776] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.600803] ? __kthread_parkme+0x82/0x180 [ 13.600828] ? preempt_count_sub+0x50/0x80 [ 13.600856] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.600881] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.600906] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.600931] kthread+0x337/0x6f0 [ 13.600949] ? trace_preempt_on+0x20/0xc0 [ 13.600973] ? __pfx_kthread+0x10/0x10 [ 13.600993] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.601029] ? calculate_sigpending+0x7b/0xa0 [ 13.601056] ? __pfx_kthread+0x10/0x10 [ 13.601106] ret_from_fork+0x41/0x80 [ 13.601134] ? __pfx_kthread+0x10/0x10 [ 13.601154] ret_from_fork_asm+0x1a/0x30 [ 13.601188] </TASK> [ 13.601205] [ 13.612897] Allocated by task 177: [ 13.613710] kasan_save_stack+0x45/0x70 [ 13.614124] kasan_save_track+0x18/0x40 [ 13.614486] kasan_save_alloc_info+0x3b/0x50 [ 13.614725] __kasan_krealloc+0x190/0x1f0 [ 13.615042] krealloc_noprof+0xf3/0x340 [ 13.615234] krealloc_more_oob_helper+0x1a9/0x930 [ 13.615584] krealloc_more_oob+0x1c/0x30 [ 13.615769] kunit_try_run_case+0x1a5/0x480 [ 13.616046] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.616268] kthread+0x337/0x6f0 [ 13.616650] ret_from_fork+0x41/0x80 [ 13.616992] ret_from_fork_asm+0x1a/0x30 [ 13.617348] [ 13.617597] The buggy address belongs to the object at ffff88810034f200 [ 13.617597] which belongs to the cache kmalloc-256 of size 256 [ 13.618479] The buggy address is located 0 bytes to the right of [ 13.618479] allocated 235-byte region [ffff88810034f200, ffff88810034f2eb) [ 13.619136] [ 13.619266] The buggy address belongs to the physical page: [ 13.619778] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10034e [ 13.620501] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.620959] flags: 0x200000000000040(head|node=0|zone=2) [ 13.621582] page_type: f5(slab) [ 13.621941] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.622475] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.622901] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.623401] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.623900] head: 0200000000000001 ffffea000400d381 00000000ffffffff 00000000ffffffff [ 13.624474] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 13.624889] page dumped because: kasan: bad access detected [ 13.625298] [ 13.625518] Memory state around the buggy address: [ 13.625758] ffff88810034f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.626292] ffff88810034f200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.626702] >ffff88810034f280: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 13.627266] ^ [ 13.627649] ffff88810034f300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.628111] ffff88810034f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.628515] ================================================================== [ 13.909177] ================================================================== [ 13.909563] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 13.909938] Write of size 1 at addr ffff888102b460f0 by task kunit_try_catch/181 [ 13.910941] [ 13.911235] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 13.911615] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.911644] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.911686] Call Trace: [ 13.911765] <TASK> [ 13.911826] dump_stack_lvl+0x73/0xb0 [ 13.911896] print_report+0xd1/0x650 [ 13.911946] ? __virt_addr_valid+0x1db/0x2d0 [ 13.912024] ? krealloc_more_oob_helper+0x7eb/0x930 [ 13.912069] ? kasan_addr_to_slab+0x11/0xa0 [ 13.912125] ? krealloc_more_oob_helper+0x7eb/0x930 [ 13.912171] kasan_report+0x141/0x180 [ 13.912205] ? krealloc_more_oob_helper+0x7eb/0x930 [ 13.912232] __asan_report_store1_noabort+0x1b/0x30 [ 13.912255] krealloc_more_oob_helper+0x7eb/0x930 [ 13.912274] ? __schedule+0x10cc/0x2b60 [ 13.912301] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 13.912323] ? finish_task_switch.isra.0+0x153/0x700 [ 13.912376] ? __switch_to+0x5d9/0xf60 [ 13.912411] ? dequeue_task_fair+0x166/0x4e0 [ 13.912460] ? __schedule+0x10cc/0x2b60 [ 13.912534] ? __pfx_read_tsc+0x10/0x10 [ 13.912598] krealloc_large_more_oob+0x1c/0x30 [ 13.912647] kunit_try_run_case+0x1a5/0x480 [ 13.912696] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.912766] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.912821] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.912884] ? __kthread_parkme+0x82/0x180 [ 13.912925] ? preempt_count_sub+0x50/0x80 [ 13.912961] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.912986] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.913020] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.913051] kthread+0x337/0x6f0 [ 13.913077] ? trace_preempt_on+0x20/0xc0 [ 13.913111] ? __pfx_kthread+0x10/0x10 [ 13.913131] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.913155] ? calculate_sigpending+0x7b/0xa0 [ 13.913178] ? __pfx_kthread+0x10/0x10 [ 13.913198] ret_from_fork+0x41/0x80 [ 13.913221] ? __pfx_kthread+0x10/0x10 [ 13.913240] ret_from_fork_asm+0x1a/0x30 [ 13.913275] </TASK> [ 13.913288] [ 13.924867] The buggy address belongs to the physical page: [ 13.925301] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b44 [ 13.925882] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.926480] flags: 0x200000000000040(head|node=0|zone=2) [ 13.926969] page_type: f8(unknown) [ 13.927416] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.927873] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.928461] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.928896] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.929459] head: 0200000000000002 ffffea00040ad101 00000000ffffffff 00000000ffffffff [ 13.930025] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.930487] page dumped because: kasan: bad access detected [ 13.930837] [ 13.930952] Memory state around the buggy address: [ 13.931239] ffff888102b45f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.932054] ffff888102b46000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.932651] >ffff888102b46080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 13.933099] ^ [ 13.933656] ffff888102b46100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.934225] ffff888102b46180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.934766] ================================================================== [ 13.882801] ================================================================== [ 13.883378] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 13.884071] Write of size 1 at addr ffff888102b460eb by task kunit_try_catch/181 [ 13.884708] [ 13.885289] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 13.885506] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.885528] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.885569] Call Trace: [ 13.885591] <TASK> [ 13.885618] dump_stack_lvl+0x73/0xb0 [ 13.885655] print_report+0xd1/0x650 [ 13.885682] ? __virt_addr_valid+0x1db/0x2d0 [ 13.885708] ? krealloc_more_oob_helper+0x821/0x930 [ 13.885729] ? kasan_addr_to_slab+0x11/0xa0 [ 13.885751] ? krealloc_more_oob_helper+0x821/0x930 [ 13.885772] kasan_report+0x141/0x180 [ 13.885796] ? krealloc_more_oob_helper+0x821/0x930 [ 13.885822] __asan_report_store1_noabort+0x1b/0x30 [ 13.885844] krealloc_more_oob_helper+0x821/0x930 [ 13.885864] ? __schedule+0x10cc/0x2b60 [ 13.885887] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 13.885909] ? finish_task_switch.isra.0+0x153/0x700 [ 13.885934] ? __switch_to+0x5d9/0xf60 [ 13.885956] ? dequeue_task_fair+0x166/0x4e0 [ 13.885981] ? __schedule+0x10cc/0x2b60 [ 13.886003] ? __pfx_read_tsc+0x10/0x10 [ 13.886029] krealloc_large_more_oob+0x1c/0x30 [ 13.886050] kunit_try_run_case+0x1a5/0x480 [ 13.886102] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.886125] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.886150] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.886174] ? __kthread_parkme+0x82/0x180 [ 13.886197] ? preempt_count_sub+0x50/0x80 [ 13.886222] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.886245] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.886269] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.886292] kthread+0x337/0x6f0 [ 13.886310] ? trace_preempt_on+0x20/0xc0 [ 13.886353] ? __pfx_kthread+0x10/0x10 [ 13.886376] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.886399] ? calculate_sigpending+0x7b/0xa0 [ 13.886422] ? __pfx_kthread+0x10/0x10 [ 13.886442] ret_from_fork+0x41/0x80 [ 13.886463] ? __pfx_kthread+0x10/0x10 [ 13.886482] ret_from_fork_asm+0x1a/0x30 [ 13.886514] </TASK> [ 13.886526] [ 13.898383] The buggy address belongs to the physical page: [ 13.898788] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b44 [ 13.899333] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.899637] flags: 0x200000000000040(head|node=0|zone=2) [ 13.899904] page_type: f8(unknown) [ 13.900315] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.900929] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.901519] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.902229] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.902743] head: 0200000000000002 ffffea00040ad101 00000000ffffffff 00000000ffffffff [ 13.903217] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.903819] page dumped because: kasan: bad access detected [ 13.904261] [ 13.904462] Memory state around the buggy address: [ 13.904791] ffff888102b45f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.905276] ffff888102b46000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.905924] >ffff888102b46080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 13.906373] ^ [ 13.906937] ffff888102b46100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.907439] ffff888102b46180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.907903] ================================================================== [ 13.630386] ================================================================== [ 13.630851] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 13.631531] Write of size 1 at addr ffff88810034f2f0 by task kunit_try_catch/177 [ 13.631900] [ 13.632149] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 13.632248] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.632274] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.632318] Call Trace: [ 13.632374] <TASK> [ 13.632416] dump_stack_lvl+0x73/0xb0 [ 13.632476] print_report+0xd1/0x650 [ 13.632526] ? __virt_addr_valid+0x1db/0x2d0 [ 13.632571] ? krealloc_more_oob_helper+0x7eb/0x930 [ 13.632611] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.632655] ? krealloc_more_oob_helper+0x7eb/0x930 [ 13.632695] kasan_report+0x141/0x180 [ 13.632739] ? krealloc_more_oob_helper+0x7eb/0x930 [ 13.632794] __asan_report_store1_noabort+0x1b/0x30 [ 13.632837] krealloc_more_oob_helper+0x7eb/0x930 [ 13.632873] ? trace_hardirqs_on+0x37/0xe0 [ 13.632922] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 13.632961] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.633032] ? __pfx_krealloc_more_oob+0x10/0x10 [ 13.633120] krealloc_more_oob+0x1c/0x30 [ 13.633163] kunit_try_run_case+0x1a5/0x480 [ 13.633214] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.633256] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.633304] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.633396] ? __kthread_parkme+0x82/0x180 [ 13.633447] ? preempt_count_sub+0x50/0x80 [ 13.633503] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.633542] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.633580] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.633616] kthread+0x337/0x6f0 [ 13.633644] ? trace_preempt_on+0x20/0xc0 [ 13.633680] ? __pfx_kthread+0x10/0x10 [ 13.633711] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.633736] ? calculate_sigpending+0x7b/0xa0 [ 13.633761] ? __pfx_kthread+0x10/0x10 [ 13.633781] ret_from_fork+0x41/0x80 [ 13.633806] ? __pfx_kthread+0x10/0x10 [ 13.633829] ret_from_fork_asm+0x1a/0x30 [ 13.633864] </TASK> [ 13.633877] [ 13.647678] Allocated by task 177: [ 13.648025] kasan_save_stack+0x45/0x70 [ 13.648351] kasan_save_track+0x18/0x40 [ 13.648645] kasan_save_alloc_info+0x3b/0x50 [ 13.649045] __kasan_krealloc+0x190/0x1f0 [ 13.649287] krealloc_noprof+0xf3/0x340 [ 13.649714] krealloc_more_oob_helper+0x1a9/0x930 [ 13.649927] krealloc_more_oob+0x1c/0x30 [ 13.650117] kunit_try_run_case+0x1a5/0x480 [ 13.650534] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.650953] kthread+0x337/0x6f0 [ 13.651166] ret_from_fork+0x41/0x80 [ 13.651531] ret_from_fork_asm+0x1a/0x30 [ 13.651736] [ 13.651866] The buggy address belongs to the object at ffff88810034f200 [ 13.651866] which belongs to the cache kmalloc-256 of size 256 [ 13.652690] The buggy address is located 5 bytes to the right of [ 13.652690] allocated 235-byte region [ffff88810034f200, ffff88810034f2eb) [ 13.653490] [ 13.653677] The buggy address belongs to the physical page: [ 13.654005] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10034e [ 13.654383] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.654919] flags: 0x200000000000040(head|node=0|zone=2) [ 13.655368] page_type: f5(slab) [ 13.655560] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.655973] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.656257] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.656832] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.657266] head: 0200000000000001 ffffea000400d381 00000000ffffffff 00000000ffffffff [ 13.657568] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 13.658111] page dumped because: kasan: bad access detected [ 13.658547] [ 13.658722] Memory state around the buggy address: [ 13.659117] ffff88810034f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.659577] ffff88810034f200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.659878] >ffff88810034f280: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 13.660523] ^ [ 13.660787] ffff88810034f300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.661290] ffff88810034f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.661819] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 55.021931] ================================================================== [ 55.022437] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 55.022437] [ 55.022782] Use-after-free read at 0x(____ptrval____) (in kfence-#185): [ 55.023266] test_krealloc+0x6fc/0xbe0 [ 55.023485] kunit_try_run_case+0x1a5/0x480 [ 55.023801] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 55.024083] kthread+0x337/0x6f0 [ 55.024365] ret_from_fork+0x41/0x80 [ 55.024697] ret_from_fork_asm+0x1a/0x30 [ 55.024912] [ 55.025103] kfence-#185: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 55.025103] [ 55.025498] allocated by task 358 on cpu 1 at 55.020913s (0.004580s ago): [ 55.025833] test_alloc+0x364/0x10f0 [ 55.026110] test_krealloc+0xad/0xbe0 [ 55.026489] kunit_try_run_case+0x1a5/0x480 [ 55.026791] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 55.027086] kthread+0x337/0x6f0 [ 55.027351] ret_from_fork+0x41/0x80 [ 55.027540] ret_from_fork_asm+0x1a/0x30 [ 55.027734] [ 55.027849] freed by task 358 on cpu 1 at 55.021391s (0.006454s ago): [ 55.028376] krealloc_noprof+0x108/0x340 [ 55.028852] test_krealloc+0x226/0xbe0 [ 55.029243] kunit_try_run_case+0x1a5/0x480 [ 55.029534] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 55.029939] kthread+0x337/0x6f0 [ 55.030298] ret_from_fork+0x41/0x80 [ 55.030524] ret_from_fork_asm+0x1a/0x30 [ 55.030723] [ 55.030895] CPU: 1 UID: 0 PID: 358 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 55.031678] Tainted: [B]=BAD_PAGE, [N]=TEST [ 55.032185] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 55.032704] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 54.925245] ================================================================== [ 54.925770] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 54.925770] [ 54.926149] Use-after-free read at 0x(____ptrval____) (in kfence-#184): [ 54.927429] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 54.927660] kunit_try_run_case+0x1a5/0x480 [ 54.927787] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 54.927903] kthread+0x337/0x6f0 [ 54.927990] ret_from_fork+0x41/0x80 [ 54.928081] ret_from_fork_asm+0x1a/0x30 [ 54.928178] [ 54.928237] kfence-#184: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 54.928237] [ 54.928429] allocated by task 356 on cpu 1 at 54.917890s (0.010536s ago): [ 54.928592] test_alloc+0x2a6/0x10f0 [ 54.928686] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 54.928797] kunit_try_run_case+0x1a5/0x480 [ 54.928895] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 54.929026] kthread+0x337/0x6f0 [ 54.929117] ret_from_fork+0x41/0x80 [ 54.929210] ret_from_fork_asm+0x1a/0x30 [ 54.929307] [ 54.930998] freed by task 356 on cpu 1 at 54.918113s (0.012878s ago): [ 54.931610] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 54.932099] kunit_try_run_case+0x1a5/0x480 [ 54.932587] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 54.933426] kthread+0x337/0x6f0 [ 54.933594] ret_from_fork+0x41/0x80 [ 54.933762] ret_from_fork_asm+0x1a/0x30 [ 54.933946] [ 54.934092] CPU: 1 UID: 0 PID: 356 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 54.934492] Tainted: [B]=BAD_PAGE, [N]=TEST [ 54.934674] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 54.934995] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 29.752076] ================================================================== [ 29.752680] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 29.752680] [ 29.753073] Invalid read at 0x(____ptrval____): [ 29.753302] test_invalid_access+0xf0/0x210 [ 29.753521] kunit_try_run_case+0x1a5/0x480 [ 29.753714] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.753922] kthread+0x337/0x6f0 [ 29.754082] ret_from_fork+0x41/0x80 [ 29.754252] ret_from_fork_asm+0x1a/0x30 [ 29.754463] [ 29.754608] CPU: 0 UID: 0 PID: 352 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 29.754964] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.755125] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.755426] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 21.485476] ================================================================== [ 21.485955] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 21.485955] [ 21.486359] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#103): [ 21.486873] test_out_of_bounds_write+0x10d/0x260 [ 21.487141] kunit_try_run_case+0x1a5/0x480 [ 21.487657] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.488104] kthread+0x337/0x6f0 [ 21.488455] ret_from_fork+0x41/0x80 [ 21.488802] ret_from_fork_asm+0x1a/0x30 [ 21.489312] [ 21.489551] kfence-#103: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 21.489551] [ 21.490350] allocated by task 312 on cpu 0 at 21.485157s (0.005188s ago): [ 21.490792] test_alloc+0x364/0x10f0 [ 21.491217] test_out_of_bounds_write+0xd4/0x260 [ 21.491528] kunit_try_run_case+0x1a5/0x480 [ 21.491917] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.492287] kthread+0x337/0x6f0 [ 21.492637] ret_from_fork+0x41/0x80 [ 21.493002] ret_from_fork_asm+0x1a/0x30 [ 21.493320] [ 21.493613] CPU: 0 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 21.494370] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.494646] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.495256] ================================================================== [ 21.796856] ================================================================== [ 21.797766] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 21.797766] [ 21.798123] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#106): [ 21.798476] test_out_of_bounds_write+0x10d/0x260 [ 21.798904] kunit_try_run_case+0x1a5/0x480 [ 21.799310] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.799798] kthread+0x337/0x6f0 [ 21.800206] ret_from_fork+0x41/0x80 [ 21.800695] ret_from_fork_asm+0x1a/0x30 [ 21.801053] [ 21.801387] kfence-#106: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 21.801387] [ 21.801971] allocated by task 314 on cpu 0 at 21.796750s (0.005215s ago): [ 21.802577] test_alloc+0x2a6/0x10f0 [ 21.802908] test_out_of_bounds_write+0xd4/0x260 [ 21.803192] kunit_try_run_case+0x1a5/0x480 [ 21.803661] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.803996] kthread+0x337/0x6f0 [ 21.804521] ret_from_fork+0x41/0x80 [ 21.804772] ret_from_fork_asm+0x1a/0x30 [ 21.805006] [ 21.805748] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 21.806507] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.806748] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.807415] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 29.499909] ================================================================== [ 29.500484] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 29.500484] [ 29.500810] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#180): [ 29.501648] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 29.501870] kunit_try_run_case+0x1a5/0x480 [ 29.502036] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.502269] kthread+0x337/0x6f0 [ 29.502453] ret_from_fork+0x41/0x80 [ 29.502648] ret_from_fork_asm+0x1a/0x30 [ 29.502930] [ 29.503046] kfence-#180: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 29.503046] [ 29.503415] allocated by task 346 on cpu 0 at 29.499435s (0.003976s ago): [ 29.503683] test_alloc+0x364/0x10f0 [ 29.503845] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 29.504040] kunit_try_run_case+0x1a5/0x480 [ 29.504246] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.504464] kthread+0x337/0x6f0 [ 29.504618] ret_from_fork+0x41/0x80 [ 29.504781] ret_from_fork_asm+0x1a/0x30 [ 29.504947] [ 29.505081] freed by task 346 on cpu 0 at 29.499684s (0.005391s ago): [ 29.505345] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 29.505553] kunit_try_run_case+0x1a5/0x480 [ 29.505734] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.505940] kthread+0x337/0x6f0 [ 29.506124] ret_from_fork+0x41/0x80 [ 29.506294] ret_from_fork_asm+0x1a/0x30 [ 29.506477] [ 29.506623] CPU: 0 UID: 0 PID: 346 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 29.506973] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.507164] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.507464] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 29.181197] ================================================================== [ 29.181717] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 29.181717] [ 29.182083] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#177): [ 29.182789] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 29.183280] kunit_try_run_case+0x1a5/0x480 [ 29.183608] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.183892] kthread+0x337/0x6f0 [ 29.184164] ret_from_fork+0x41/0x80 [ 29.184591] ret_from_fork_asm+0x1a/0x30 [ 29.184790] [ 29.184914] kfence-#177: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 29.184914] [ 29.185839] allocated by task 344 on cpu 1 at 29.180816s (0.005018s ago): [ 29.186491] test_alloc+0x364/0x10f0 [ 29.186719] test_kmalloc_aligned_oob_read+0x105/0x560 [ 29.187111] kunit_try_run_case+0x1a5/0x480 [ 29.187483] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.187887] kthread+0x337/0x6f0 [ 29.188239] ret_from_fork+0x41/0x80 [ 29.188488] ret_from_fork_asm+0x1a/0x30 [ 29.188708] [ 29.188890] CPU: 1 UID: 0 PID: 344 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 29.189613] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.189806] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.190115] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 22.837246] ================================================================== [ 22.837673] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 22.837673] [ 22.837939] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#116): [ 22.838635] test_corruption+0x2df/0x3e0 [ 22.838885] kunit_try_run_case+0x1a5/0x480 [ 22.839064] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.839548] kthread+0x337/0x6f0 [ 22.839827] ret_from_fork+0x41/0x80 [ 22.840147] ret_from_fork_asm+0x1a/0x30 [ 22.840392] [ 22.840514] kfence-#116: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 22.840514] [ 22.841079] allocated by task 332 on cpu 0 at 22.836838s (0.004236s ago): [ 22.841682] test_alloc+0x364/0x10f0 [ 22.841886] test_corruption+0x1cb/0x3e0 [ 22.842278] kunit_try_run_case+0x1a5/0x480 [ 22.842564] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.842879] kthread+0x337/0x6f0 [ 22.843105] ret_from_fork+0x41/0x80 [ 22.843352] ret_from_fork_asm+0x1a/0x30 [ 22.843596] [ 22.843714] freed by task 332 on cpu 0 at 22.836976s (0.006733s ago): [ 22.844065] test_corruption+0x2df/0x3e0 [ 22.844405] kunit_try_run_case+0x1a5/0x480 [ 22.844746] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.845180] kthread+0x337/0x6f0 [ 22.845400] ret_from_fork+0x41/0x80 [ 22.845641] ret_from_fork_asm+0x1a/0x30 [ 22.845841] [ 22.846051] CPU: 0 UID: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 22.846915] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.847299] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.847642] ================================================================== [ 23.045073] ================================================================== [ 23.045714] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 23.045714] [ 23.046316] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#118): [ 23.047518] test_corruption+0x131/0x3e0 [ 23.047914] kunit_try_run_case+0x1a5/0x480 [ 23.048364] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.048827] kthread+0x337/0x6f0 [ 23.049171] ret_from_fork+0x41/0x80 [ 23.049476] ret_from_fork_asm+0x1a/0x30 [ 23.049649] [ 23.049719] kfence-#118: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 23.049719] [ 23.049901] allocated by task 334 on cpu 0 at 23.044824s (0.005075s ago): [ 23.050061] test_alloc+0x2a6/0x10f0 [ 23.050402] test_corruption+0xe6/0x3e0 [ 23.050748] kunit_try_run_case+0x1a5/0x480 [ 23.051119] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.051631] kthread+0x337/0x6f0 [ 23.051959] ret_from_fork+0x41/0x80 [ 23.052313] ret_from_fork_asm+0x1a/0x30 [ 23.052721] [ 23.052907] freed by task 334 on cpu 0 at 23.044924s (0.007978s ago): [ 23.053555] test_corruption+0x131/0x3e0 [ 23.053762] kunit_try_run_case+0x1a5/0x480 [ 23.053972] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.054213] kthread+0x337/0x6f0 [ 23.054398] ret_from_fork+0x41/0x80 [ 23.054578] ret_from_fork_asm+0x1a/0x30 [ 23.054764] [ 23.055005] CPU: 0 UID: 0 PID: 334 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 23.055503] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.055840] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.056512] ================================================================== [ 22.733365] ================================================================== [ 22.733825] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 22.733825] [ 22.734159] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#115): [ 22.735720] test_corruption+0x2d2/0x3e0 [ 22.736015] kunit_try_run_case+0x1a5/0x480 [ 22.736705] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.737056] kthread+0x337/0x6f0 [ 22.737495] ret_from_fork+0x41/0x80 [ 22.738058] ret_from_fork_asm+0x1a/0x30 [ 22.738328] [ 22.738454] kfence-#115: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 22.738454] [ 22.739030] allocated by task 332 on cpu 0 at 22.733045s (0.005980s ago): [ 22.739499] test_alloc+0x364/0x10f0 [ 22.739849] test_corruption+0xe6/0x3e0 [ 22.740051] kunit_try_run_case+0x1a5/0x480 [ 22.740449] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.740877] kthread+0x337/0x6f0 [ 22.741068] ret_from_fork+0x41/0x80 [ 22.741905] ret_from_fork_asm+0x1a/0x30 [ 22.742468] [ 22.742791] freed by task 332 on cpu 0 at 22.733195s (0.009590s ago): [ 22.743500] test_corruption+0x2d2/0x3e0 [ 22.743748] kunit_try_run_case+0x1a5/0x480 [ 22.743934] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.744422] kthread+0x337/0x6f0 [ 22.744667] ret_from_fork+0x41/0x80 [ 22.744911] ret_from_fork_asm+0x1a/0x30 [ 22.745180] [ 22.745878] CPU: 0 UID: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 22.746582] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.747079] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.747712] ================================================================== [ 23.773069] ================================================================== [ 23.773562] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 23.773562] [ 23.773846] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#125): [ 23.774668] test_corruption+0x216/0x3e0 [ 23.775021] kunit_try_run_case+0x1a5/0x480 [ 23.775205] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.775474] kthread+0x337/0x6f0 [ 23.775789] ret_from_fork+0x41/0x80 [ 23.776177] ret_from_fork_asm+0x1a/0x30 [ 23.776507] [ 23.776690] kfence-#125: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 23.776690] [ 23.777281] allocated by task 334 on cpu 0 at 23.772838s (0.004437s ago): [ 23.777722] test_alloc+0x2a6/0x10f0 [ 23.778003] test_corruption+0x1cb/0x3e0 [ 23.778361] kunit_try_run_case+0x1a5/0x480 [ 23.778628] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.778942] kthread+0x337/0x6f0 [ 23.779138] ret_from_fork+0x41/0x80 [ 23.779376] ret_from_fork_asm+0x1a/0x30 [ 23.779741] [ 23.779939] freed by task 334 on cpu 0 at 23.772946s (0.006987s ago): [ 23.780587] test_corruption+0x216/0x3e0 [ 23.780944] kunit_try_run_case+0x1a5/0x480 [ 23.781406] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.781718] kthread+0x337/0x6f0 [ 23.781907] ret_from_fork+0x41/0x80 [ 23.782101] ret_from_fork_asm+0x1a/0x30 [ 23.782315] [ 23.782594] CPU: 0 UID: 0 PID: 334 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 23.783454] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.783699] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.784230] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 22.629174] ================================================================== [ 22.629640] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 22.629640] [ 22.629913] Invalid free of 0x(____ptrval____) (in kfence-#114): [ 22.630196] test_invalid_addr_free+0xfb/0x260 [ 22.630581] kunit_try_run_case+0x1a5/0x480 [ 22.630871] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.631222] kthread+0x337/0x6f0 [ 22.632180] ret_from_fork+0x41/0x80 [ 22.632890] ret_from_fork_asm+0x1a/0x30 [ 22.633242] [ 22.633450] kfence-#114: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 22.633450] [ 22.633995] allocated by task 330 on cpu 1 at 22.628944s (0.005046s ago): [ 22.634579] test_alloc+0x2a6/0x10f0 [ 22.634947] test_invalid_addr_free+0xdb/0x260 [ 22.635315] kunit_try_run_case+0x1a5/0x480 [ 22.635709] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.635991] kthread+0x337/0x6f0 [ 22.636325] ret_from_fork+0x41/0x80 [ 22.636557] ret_from_fork_asm+0x1a/0x30 [ 22.636947] [ 22.637219] CPU: 1 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 22.637838] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.638243] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.638742] ================================================================== [ 22.525180] ================================================================== [ 22.525608] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 22.525608] [ 22.525824] Invalid free of 0x(____ptrval____) (in kfence-#113): [ 22.525963] test_invalid_addr_free+0x1e1/0x260 [ 22.526107] kunit_try_run_case+0x1a5/0x480 [ 22.526447] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.526891] kthread+0x337/0x6f0 [ 22.527277] ret_from_fork+0x41/0x80 [ 22.527628] ret_from_fork_asm+0x1a/0x30 [ 22.527950] [ 22.528144] kfence-#113: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 22.528144] [ 22.528737] allocated by task 328 on cpu 0 at 22.524914s (0.003818s ago): [ 22.528996] test_alloc+0x364/0x10f0 [ 22.529193] test_invalid_addr_free+0xdb/0x260 [ 22.529419] kunit_try_run_case+0x1a5/0x480 [ 22.529626] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.529854] kthread+0x337/0x6f0 [ 22.530163] ret_from_fork+0x41/0x80 [ 22.531063] ret_from_fork_asm+0x1a/0x30 [ 22.531836] [ 22.532119] CPU: 0 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 22.533001] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.533307] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.533709] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 22.421188] ================================================================== [ 22.421682] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 22.421682] [ 22.421961] Invalid free of 0x(____ptrval____) (in kfence-#112): [ 22.422431] test_double_free+0x112/0x260 [ 22.422909] kunit_try_run_case+0x1a5/0x480 [ 22.423092] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.423555] kthread+0x337/0x6f0 [ 22.423809] ret_from_fork+0x41/0x80 [ 22.424124] ret_from_fork_asm+0x1a/0x30 [ 22.424385] [ 22.424577] kfence-#112: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 22.424577] [ 22.425229] allocated by task 326 on cpu 1 at 22.420880s (0.004343s ago): [ 22.425658] test_alloc+0x2a6/0x10f0 [ 22.425878] test_double_free+0xdb/0x260 [ 22.426140] kunit_try_run_case+0x1a5/0x480 [ 22.426592] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.427057] kthread+0x337/0x6f0 [ 22.427608] ret_from_fork+0x41/0x80 [ 22.428033] ret_from_fork_asm+0x1a/0x30 [ 22.428483] [ 22.428609] freed by task 326 on cpu 1 at 22.420987s (0.007617s ago): [ 22.428900] test_double_free+0xfa/0x260 [ 22.429416] kunit_try_run_case+0x1a5/0x480 [ 22.429840] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.430411] kthread+0x337/0x6f0 [ 22.430700] ret_from_fork+0x41/0x80 [ 22.431036] ret_from_fork_asm+0x1a/0x30 [ 22.431443] [ 22.431628] CPU: 1 UID: 0 PID: 326 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 22.432681] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.432946] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.433547] ================================================================== [ 22.317486] ================================================================== [ 22.319067] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 22.319067] [ 22.321106] Invalid free of 0x(____ptrval____) (in kfence-#111): [ 22.322154] test_double_free+0x1d3/0x260 [ 22.323429] kunit_try_run_case+0x1a5/0x480 [ 22.324570] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.325827] kthread+0x337/0x6f0 [ 22.326038] ret_from_fork+0x41/0x80 [ 22.326214] ret_from_fork_asm+0x1a/0x30 [ 22.326399] [ 22.326505] kfence-#111: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 22.326505] [ 22.326782] allocated by task 324 on cpu 0 at 22.317018s (0.009760s ago): [ 22.327031] test_alloc+0x364/0x10f0 [ 22.328302] test_double_free+0xdb/0x260 [ 22.328941] kunit_try_run_case+0x1a5/0x480 [ 22.329931] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.330394] kthread+0x337/0x6f0 [ 22.330638] ret_from_fork+0x41/0x80 [ 22.330987] ret_from_fork_asm+0x1a/0x30 [ 22.331421] [ 22.331529] freed by task 324 on cpu 0 at 22.317157s (0.014367s ago): [ 22.331785] test_double_free+0x1e0/0x260 [ 22.332054] kunit_try_run_case+0x1a5/0x480 [ 22.332394] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.332813] kthread+0x337/0x6f0 [ 22.333252] ret_from_fork+0x41/0x80 [ 22.333632] ret_from_fork_asm+0x1a/0x30 [ 22.334027] [ 22.334254] CPU: 0 UID: 0 PID: 324 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 22.335084] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.335451] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.335911] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 22.005099] ================================================================== [ 22.005577] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 22.005577] [ 22.005953] Use-after-free read at 0x(____ptrval____) (in kfence-#108): [ 22.006583] test_use_after_free_read+0x129/0x270 [ 22.007737] kunit_try_run_case+0x1a5/0x480 [ 22.008292] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.008661] kthread+0x337/0x6f0 [ 22.008933] ret_from_fork+0x41/0x80 [ 22.009353] ret_from_fork_asm+0x1a/0x30 [ 22.009646] [ 22.009849] kfence-#108: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 22.009849] [ 22.010373] allocated by task 318 on cpu 1 at 22.004859s (0.005508s ago): [ 22.010864] test_alloc+0x2a6/0x10f0 [ 22.011090] test_use_after_free_read+0xdc/0x270 [ 22.011571] kunit_try_run_case+0x1a5/0x480 [ 22.011791] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.012022] kthread+0x337/0x6f0 [ 22.012226] ret_from_fork+0x41/0x80 [ 22.012415] ret_from_fork_asm+0x1a/0x30 [ 22.012599] [ 22.012716] freed by task 318 on cpu 1 at 22.004955s (0.007756s ago): [ 22.013373] test_use_after_free_read+0xfb/0x270 [ 22.013793] kunit_try_run_case+0x1a5/0x480 [ 22.014145] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.014410] kthread+0x337/0x6f0 [ 22.014639] ret_from_fork+0x41/0x80 [ 22.014980] ret_from_fork_asm+0x1a/0x30 [ 22.015378] [ 22.015635] CPU: 1 UID: 0 PID: 318 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 22.016329] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.016547] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.017251] ================================================================== [ 21.901321] ================================================================== [ 21.901826] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 21.901826] [ 21.902507] Use-after-free read at 0x(____ptrval____) (in kfence-#107): [ 21.902870] test_use_after_free_read+0x129/0x270 [ 21.903218] kunit_try_run_case+0x1a5/0x480 [ 21.903603] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.903826] kthread+0x337/0x6f0 [ 21.904176] ret_from_fork+0x41/0x80 [ 21.904497] ret_from_fork_asm+0x1a/0x30 [ 21.904695] [ 21.904821] kfence-#107: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 21.904821] [ 21.905439] allocated by task 316 on cpu 1 at 21.900937s (0.004497s ago): [ 21.906003] test_alloc+0x364/0x10f0 [ 21.906287] test_use_after_free_read+0xdc/0x270 [ 21.906703] kunit_try_run_case+0x1a5/0x480 [ 21.906963] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.907193] kthread+0x337/0x6f0 [ 21.907380] ret_from_fork+0x41/0x80 [ 21.907597] ret_from_fork_asm+0x1a/0x30 [ 21.908062] [ 21.908303] freed by task 316 on cpu 1 at 21.901047s (0.007251s ago): [ 21.908834] test_use_after_free_read+0x1e7/0x270 [ 21.909101] kunit_try_run_case+0x1a5/0x480 [ 21.909449] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.909768] kthread+0x337/0x6f0 [ 21.910069] ret_from_fork+0x41/0x80 [ 21.910354] ret_from_fork_asm+0x1a/0x30 [ 21.910575] [ 21.910801] CPU: 1 UID: 0 PID: 316 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 21.911442] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.911701] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.912015] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 20.444966] ================================================================== [ 20.445573] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 20.445573] [ 20.445987] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#93): [ 20.446420] test_out_of_bounds_read+0x126/0x4e0 [ 20.446814] kunit_try_run_case+0x1a5/0x480 [ 20.447370] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.448177] kthread+0x337/0x6f0 [ 20.448414] ret_from_fork+0x41/0x80 [ 20.448864] ret_from_fork_asm+0x1a/0x30 [ 20.449293] [ 20.449419] kfence-#93: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 20.449419] [ 20.450118] allocated by task 310 on cpu 1 at 20.444854s (0.005259s ago): [ 20.450781] test_alloc+0x2a6/0x10f0 [ 20.451235] test_out_of_bounds_read+0xed/0x4e0 [ 20.451490] kunit_try_run_case+0x1a5/0x480 [ 20.451922] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.452271] kthread+0x337/0x6f0 [ 20.452605] ret_from_fork+0x41/0x80 [ 20.452887] ret_from_fork_asm+0x1a/0x30 [ 20.453259] [ 20.453465] CPU: 1 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 20.454106] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.454523] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.455385] ================================================================== [ 20.133178] ================================================================== [ 20.133624] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 20.133624] [ 20.134107] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#90): [ 20.134708] test_out_of_bounds_read+0x216/0x4e0 [ 20.135033] kunit_try_run_case+0x1a5/0x480 [ 20.135404] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.135702] kthread+0x337/0x6f0 [ 20.135869] ret_from_fork+0x41/0x80 [ 20.136062] ret_from_fork_asm+0x1a/0x30 [ 20.137004] [ 20.137255] kfence-#90: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 20.137255] [ 20.137890] allocated by task 308 on cpu 0 at 20.132821s (0.005065s ago): [ 20.138785] test_alloc+0x364/0x10f0 [ 20.139069] test_out_of_bounds_read+0x1e2/0x4e0 [ 20.139313] kunit_try_run_case+0x1a5/0x480 [ 20.139500] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.139912] kthread+0x337/0x6f0 [ 20.140168] ret_from_fork+0x41/0x80 [ 20.140412] ret_from_fork_asm+0x1a/0x30 [ 20.140752] [ 20.140982] CPU: 0 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 20.141642] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.142294] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.142967] ================================================================== [ 20.030498] ================================================================== [ 20.031059] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 20.031059] [ 20.031767] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#89): [ 20.032364] test_out_of_bounds_read+0x126/0x4e0 [ 20.032707] kunit_try_run_case+0x1a5/0x480 [ 20.033095] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.033525] kthread+0x337/0x6f0 [ 20.033791] ret_from_fork+0x41/0x80 [ 20.034014] ret_from_fork_asm+0x1a/0x30 [ 20.034211] [ 20.034348] kfence-#89: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 20.034348] [ 20.035074] allocated by task 308 on cpu 0 at 20.028851s (0.006217s ago): [ 20.035708] test_alloc+0x364/0x10f0 [ 20.035936] test_out_of_bounds_read+0xed/0x4e0 [ 20.036311] kunit_try_run_case+0x1a5/0x480 [ 20.036564] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.036974] kthread+0x337/0x6f0 [ 20.037315] ret_from_fork+0x41/0x80 [ 20.037581] ret_from_fork_asm+0x1a/0x30 [ 20.037996] [ 20.038249] CPU: 0 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 20.039049] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.039273] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.039612] ================================================================== [ 21.068925] ================================================================== [ 21.069624] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 21.069624] [ 21.070466] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#99): [ 21.070765] test_out_of_bounds_read+0x216/0x4e0 [ 21.071228] kunit_try_run_case+0x1a5/0x480 [ 21.071610] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.071972] kthread+0x337/0x6f0 [ 21.072262] ret_from_fork+0x41/0x80 [ 21.072953] ret_from_fork_asm+0x1a/0x30 [ 21.073814] [ 21.073934] kfence-#99: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 21.073934] [ 21.074873] allocated by task 310 on cpu 1 at 21.068822s (0.006045s ago): [ 21.075590] test_alloc+0x2a6/0x10f0 [ 21.075988] test_out_of_bounds_read+0x1e2/0x4e0 [ 21.076432] kunit_try_run_case+0x1a5/0x480 [ 21.076755] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.077050] kthread+0x337/0x6f0 [ 21.077784] ret_from_fork+0x41/0x80 [ 21.078020] ret_from_fork_asm+0x1a/0x30 [ 21.078205] [ 21.078611] CPU: 1 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 21.079437] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.079815] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.080483] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-kmalloc_track_caller_oob_right
[ 13.391703] ================================================================== [ 13.393465] BUG: KFENCE: memory corruption in kmalloc_track_caller_oob_right+0x288/0x520 [ 13.393465] [ 13.393929] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#53): [ 13.395721] kmalloc_track_caller_oob_right+0x288/0x520 [ 13.396021] kunit_try_run_case+0x1a5/0x480 [ 13.396511] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.397068] kthread+0x337/0x6f0 [ 13.397405] ret_from_fork+0x41/0x80 [ 13.398124] ret_from_fork_asm+0x1a/0x30 [ 13.398414] [ 13.398827] kfence-#53: 0x(____ptrval____)-0x(____ptrval____), size=120, cache=kmalloc-128 [ 13.398827] [ 13.399560] allocated by task 163 on cpu 1 at 13.388747s (0.010725s ago): [ 13.400078] kmalloc_track_caller_oob_right+0x19a/0x520 [ 13.400989] kunit_try_run_case+0x1a5/0x480 [ 13.401603] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.402118] kthread+0x337/0x6f0 [ 13.402623] ret_from_fork+0x41/0x80 [ 13.402962] ret_from_fork_asm+0x1a/0x30 [ 13.403623] [ 13.403984] freed by task 163 on cpu 1 at 13.391032s (0.012805s ago): [ 13.404708] kmalloc_track_caller_oob_right+0x288/0x520 [ 13.405070] kunit_try_run_case+0x1a5/0x480 [ 13.405648] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.406406] kthread+0x337/0x6f0 [ 13.406715] ret_from_fork+0x41/0x80 [ 13.406877] ret_from_fork_asm+0x1a/0x30 [ 13.407634] [ 13.407924] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 13.408667] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.408961] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.409737] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 19.888249] ================================================================== [ 19.888874] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 19.889297] Write of size 121 at addr ffff888102b20500 by task kunit_try_catch/306 [ 19.890008] [ 19.890289] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 19.890411] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.890441] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.890524] Call Trace: [ 19.890590] <TASK> [ 19.890639] dump_stack_lvl+0x73/0xb0 [ 19.890736] print_report+0xd1/0x650 [ 19.890811] ? __virt_addr_valid+0x1db/0x2d0 [ 19.890860] ? strncpy_from_user+0x2e/0x1d0 [ 19.890909] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.890989] ? strncpy_from_user+0x2e/0x1d0 [ 19.891044] kasan_report+0x141/0x180 [ 19.891142] ? strncpy_from_user+0x2e/0x1d0 [ 19.891232] kasan_check_range+0x10c/0x1c0 [ 19.891299] __kasan_check_write+0x18/0x20 [ 19.891359] strncpy_from_user+0x2e/0x1d0 [ 19.891405] ? __kasan_check_read+0x15/0x20 [ 19.891442] copy_user_test_oob+0x760/0x10f0 [ 19.891477] ? __pfx_copy_user_test_oob+0x10/0x10 [ 19.891501] ? finish_task_switch.isra.0+0x153/0x700 [ 19.891530] ? __switch_to+0x5d9/0xf60 [ 19.891567] ? dequeue_task_fair+0x166/0x4e0 [ 19.891606] ? __schedule+0x10cc/0x2b60 [ 19.891633] ? __pfx_read_tsc+0x10/0x10 [ 19.891656] ? ktime_get_ts64+0x86/0x230 [ 19.891685] kunit_try_run_case+0x1a5/0x480 [ 19.891714] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.891739] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.891767] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.891793] ? __kthread_parkme+0x82/0x180 [ 19.891818] ? preempt_count_sub+0x50/0x80 [ 19.891845] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.891870] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.891897] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.891922] kthread+0x337/0x6f0 [ 19.891941] ? trace_preempt_on+0x20/0xc0 [ 19.891968] ? __pfx_kthread+0x10/0x10 [ 19.891988] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.892011] ? calculate_sigpending+0x7b/0xa0 [ 19.892037] ? __pfx_kthread+0x10/0x10 [ 19.892058] ret_from_fork+0x41/0x80 [ 19.892107] ? __pfx_kthread+0x10/0x10 [ 19.892129] ret_from_fork_asm+0x1a/0x30 [ 19.892167] </TASK> [ 19.892182] [ 19.905897] Allocated by task 306: [ 19.906320] kasan_save_stack+0x45/0x70 [ 19.906652] kasan_save_track+0x18/0x40 [ 19.906919] kasan_save_alloc_info+0x3b/0x50 [ 19.907401] __kasan_kmalloc+0xb7/0xc0 [ 19.907646] __kmalloc_noprof+0x1c9/0x500 [ 19.907877] kunit_kmalloc_array+0x25/0x60 [ 19.908559] copy_user_test_oob+0xab/0x10f0 [ 19.908853] kunit_try_run_case+0x1a5/0x480 [ 19.909145] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.909470] kthread+0x337/0x6f0 [ 19.909663] ret_from_fork+0x41/0x80 [ 19.909878] ret_from_fork_asm+0x1a/0x30 [ 19.910707] [ 19.910923] The buggy address belongs to the object at ffff888102b20500 [ 19.910923] which belongs to the cache kmalloc-128 of size 128 [ 19.912167] The buggy address is located 0 bytes inside of [ 19.912167] allocated 120-byte region [ffff888102b20500, ffff888102b20578) [ 19.912802] [ 19.912936] The buggy address belongs to the physical page: [ 19.913405] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b20 [ 19.913726] flags: 0x200000000000000(node=0|zone=2) [ 19.914283] page_type: f5(slab) [ 19.914772] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 19.915280] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.915753] page dumped because: kasan: bad access detected [ 19.916105] [ 19.916554] Memory state around the buggy address: [ 19.916891] ffff888102b20400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.917651] ffff888102b20480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.918652] >ffff888102b20500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.919114] ^ [ 19.919504] ffff888102b20580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.919975] ffff888102b20600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.920501] ================================================================== [ 19.922182] ================================================================== [ 19.923759] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 19.924117] Write of size 1 at addr ffff888102b20578 by task kunit_try_catch/306 [ 19.924641] [ 19.924813] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 19.924892] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.924912] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.924946] Call Trace: [ 19.924983] <TASK> [ 19.925028] dump_stack_lvl+0x73/0xb0 [ 19.925117] print_report+0xd1/0x650 [ 19.925178] ? __virt_addr_valid+0x1db/0x2d0 [ 19.925231] ? strncpy_from_user+0x1a5/0x1d0 [ 19.925281] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.925352] ? strncpy_from_user+0x1a5/0x1d0 [ 19.925406] kasan_report+0x141/0x180 [ 19.925459] ? strncpy_from_user+0x1a5/0x1d0 [ 19.925528] __asan_report_store1_noabort+0x1b/0x30 [ 19.925578] strncpy_from_user+0x1a5/0x1d0 [ 19.925662] copy_user_test_oob+0x760/0x10f0 [ 19.925780] ? __pfx_copy_user_test_oob+0x10/0x10 [ 19.925829] ? finish_task_switch.isra.0+0x153/0x700 [ 19.925888] ? __switch_to+0x5d9/0xf60 [ 19.925928] ? dequeue_task_fair+0x166/0x4e0 [ 19.925986] ? __schedule+0x10cc/0x2b60 [ 19.926044] ? __pfx_read_tsc+0x10/0x10 [ 19.926091] ? ktime_get_ts64+0x86/0x230 [ 19.926135] kunit_try_run_case+0x1a5/0x480 [ 19.926167] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.926193] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.926221] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.926248] ? __kthread_parkme+0x82/0x180 [ 19.926275] ? preempt_count_sub+0x50/0x80 [ 19.926303] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.926330] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.926379] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.926405] kthread+0x337/0x6f0 [ 19.926426] ? trace_preempt_on+0x20/0xc0 [ 19.926452] ? __pfx_kthread+0x10/0x10 [ 19.926474] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.926498] ? calculate_sigpending+0x7b/0xa0 [ 19.926523] ? __pfx_kthread+0x10/0x10 [ 19.926544] ret_from_fork+0x41/0x80 [ 19.926567] ? __pfx_kthread+0x10/0x10 [ 19.926589] ret_from_fork_asm+0x1a/0x30 [ 19.926626] </TASK> [ 19.926640] [ 19.940122] Allocated by task 306: [ 19.940522] kasan_save_stack+0x45/0x70 [ 19.940899] kasan_save_track+0x18/0x40 [ 19.941187] kasan_save_alloc_info+0x3b/0x50 [ 19.941629] __kasan_kmalloc+0xb7/0xc0 [ 19.941958] __kmalloc_noprof+0x1c9/0x500 [ 19.942271] kunit_kmalloc_array+0x25/0x60 [ 19.942518] copy_user_test_oob+0xab/0x10f0 [ 19.942798] kunit_try_run_case+0x1a5/0x480 [ 19.943003] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.943504] kthread+0x337/0x6f0 [ 19.943821] ret_from_fork+0x41/0x80 [ 19.944172] ret_from_fork_asm+0x1a/0x30 [ 19.944442] [ 19.944617] The buggy address belongs to the object at ffff888102b20500 [ 19.944617] which belongs to the cache kmalloc-128 of size 128 [ 19.945356] The buggy address is located 0 bytes to the right of [ 19.945356] allocated 120-byte region [ffff888102b20500, ffff888102b20578) [ 19.946221] [ 19.946439] The buggy address belongs to the physical page: [ 19.946822] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b20 [ 19.947319] flags: 0x200000000000000(node=0|zone=2) [ 19.947670] page_type: f5(slab) [ 19.947986] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 19.948465] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.948762] page dumped because: kasan: bad access detected [ 19.949231] [ 19.949437] Memory state around the buggy address: [ 19.949829] ffff888102b20400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.950307] ffff888102b20480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.950766] >ffff888102b20500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.951167] ^ [ 19.951507] ffff888102b20580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.952119] ffff888102b20600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.952636] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 19.764604] ================================================================== [ 19.765021] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 19.765597] Write of size 121 at addr ffff888102b20500 by task kunit_try_catch/306 [ 19.766202] [ 19.766457] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 19.766573] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.766603] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.766649] Call Trace: [ 19.766684] <TASK> [ 19.766729] dump_stack_lvl+0x73/0xb0 [ 19.766798] print_report+0xd1/0x650 [ 19.766853] ? __virt_addr_valid+0x1db/0x2d0 [ 19.766903] ? copy_user_test_oob+0x3fd/0x10f0 [ 19.766936] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.766971] ? copy_user_test_oob+0x3fd/0x10f0 [ 19.767002] kasan_report+0x141/0x180 [ 19.767035] ? copy_user_test_oob+0x3fd/0x10f0 [ 19.767082] kasan_check_range+0x10c/0x1c0 [ 19.767123] __kasan_check_write+0x18/0x20 [ 19.767147] copy_user_test_oob+0x3fd/0x10f0 [ 19.767172] ? __pfx_copy_user_test_oob+0x10/0x10 [ 19.767194] ? finish_task_switch.isra.0+0x153/0x700 [ 19.767222] ? __switch_to+0x5d9/0xf60 [ 19.767245] ? dequeue_task_fair+0x166/0x4e0 [ 19.767273] ? __schedule+0x10cc/0x2b60 [ 19.767299] ? __pfx_read_tsc+0x10/0x10 [ 19.767321] ? ktime_get_ts64+0x86/0x230 [ 19.767403] kunit_try_run_case+0x1a5/0x480 [ 19.767443] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.767483] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.767533] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.767585] ? __kthread_parkme+0x82/0x180 [ 19.767639] ? preempt_count_sub+0x50/0x80 [ 19.767699] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.767757] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.767809] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.767838] kthread+0x337/0x6f0 [ 19.767858] ? trace_preempt_on+0x20/0xc0 [ 19.767886] ? __pfx_kthread+0x10/0x10 [ 19.767907] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.767932] ? calculate_sigpending+0x7b/0xa0 [ 19.767958] ? __pfx_kthread+0x10/0x10 [ 19.767980] ret_from_fork+0x41/0x80 [ 19.768003] ? __pfx_kthread+0x10/0x10 [ 19.768023] ret_from_fork_asm+0x1a/0x30 [ 19.768057] </TASK> [ 19.768092] [ 19.779175] Allocated by task 306: [ 19.779541] kasan_save_stack+0x45/0x70 [ 19.779925] kasan_save_track+0x18/0x40 [ 19.780140] kasan_save_alloc_info+0x3b/0x50 [ 19.780378] __kasan_kmalloc+0xb7/0xc0 [ 19.780696] __kmalloc_noprof+0x1c9/0x500 [ 19.780911] kunit_kmalloc_array+0x25/0x60 [ 19.781109] copy_user_test_oob+0xab/0x10f0 [ 19.781404] kunit_try_run_case+0x1a5/0x480 [ 19.781599] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.781813] kthread+0x337/0x6f0 [ 19.781974] ret_from_fork+0x41/0x80 [ 19.782135] ret_from_fork_asm+0x1a/0x30 [ 19.782429] [ 19.782605] The buggy address belongs to the object at ffff888102b20500 [ 19.782605] which belongs to the cache kmalloc-128 of size 128 [ 19.783042] The buggy address is located 0 bytes inside of [ 19.783042] allocated 120-byte region [ffff888102b20500, ffff888102b20578) [ 19.783475] [ 19.783607] The buggy address belongs to the physical page: [ 19.783840] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b20 [ 19.784088] flags: 0x200000000000000(node=0|zone=2) [ 19.784277] page_type: f5(slab) [ 19.784455] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 19.784693] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.784938] page dumped because: kasan: bad access detected [ 19.785227] [ 19.785408] Memory state around the buggy address: [ 19.785790] ffff888102b20400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.790555] ffff888102b20480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.791666] >ffff888102b20500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.792502] ^ [ 19.793551] ffff888102b20580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.794016] ffff888102b20600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.794414] ================================================================== [ 19.858994] ================================================================== [ 19.859823] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 19.860546] Read of size 121 at addr ffff888102b20500 by task kunit_try_catch/306 [ 19.860971] [ 19.861700] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 19.861797] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.861814] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.861842] Call Trace: [ 19.861871] <TASK> [ 19.861903] dump_stack_lvl+0x73/0xb0 [ 19.861943] print_report+0xd1/0x650 [ 19.861970] ? __virt_addr_valid+0x1db/0x2d0 [ 19.861999] ? copy_user_test_oob+0x604/0x10f0 [ 19.862023] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.862049] ? copy_user_test_oob+0x604/0x10f0 [ 19.862115] kasan_report+0x141/0x180 [ 19.862199] ? copy_user_test_oob+0x604/0x10f0 [ 19.862307] kasan_check_range+0x10c/0x1c0 [ 19.862355] __kasan_check_read+0x15/0x20 [ 19.862382] copy_user_test_oob+0x604/0x10f0 [ 19.862410] ? __pfx_copy_user_test_oob+0x10/0x10 [ 19.862432] ? finish_task_switch.isra.0+0x153/0x700 [ 19.862462] ? __switch_to+0x5d9/0xf60 [ 19.862487] ? dequeue_task_fair+0x166/0x4e0 [ 19.862515] ? __schedule+0x10cc/0x2b60 [ 19.862541] ? __pfx_read_tsc+0x10/0x10 [ 19.862563] ? ktime_get_ts64+0x86/0x230 [ 19.862592] kunit_try_run_case+0x1a5/0x480 [ 19.862621] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.862646] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.862673] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.862698] ? __kthread_parkme+0x82/0x180 [ 19.862724] ? preempt_count_sub+0x50/0x80 [ 19.862750] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.862777] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.862803] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.862829] kthread+0x337/0x6f0 [ 19.862849] ? trace_preempt_on+0x20/0xc0 [ 19.862876] ? __pfx_kthread+0x10/0x10 [ 19.862897] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.862920] ? calculate_sigpending+0x7b/0xa0 [ 19.862944] ? __pfx_kthread+0x10/0x10 [ 19.862965] ret_from_fork+0x41/0x80 [ 19.862988] ? __pfx_kthread+0x10/0x10 [ 19.863008] ret_from_fork_asm+0x1a/0x30 [ 19.863043] </TASK> [ 19.863056] [ 19.873584] Allocated by task 306: [ 19.873966] kasan_save_stack+0x45/0x70 [ 19.874352] kasan_save_track+0x18/0x40 [ 19.874759] kasan_save_alloc_info+0x3b/0x50 [ 19.875105] __kasan_kmalloc+0xb7/0xc0 [ 19.875380] __kmalloc_noprof+0x1c9/0x500 [ 19.875765] kunit_kmalloc_array+0x25/0x60 [ 19.876019] copy_user_test_oob+0xab/0x10f0 [ 19.876353] kunit_try_run_case+0x1a5/0x480 [ 19.876746] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.877146] kthread+0x337/0x6f0 [ 19.877518] ret_from_fork+0x41/0x80 [ 19.877718] ret_from_fork_asm+0x1a/0x30 [ 19.878111] [ 19.878315] The buggy address belongs to the object at ffff888102b20500 [ 19.878315] which belongs to the cache kmalloc-128 of size 128 [ 19.879058] The buggy address is located 0 bytes inside of [ 19.879058] allocated 120-byte region [ffff888102b20500, ffff888102b20578) [ 19.879883] [ 19.880123] The buggy address belongs to the physical page: [ 19.880480] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b20 [ 19.881057] flags: 0x200000000000000(node=0|zone=2) [ 19.881321] page_type: f5(slab) [ 19.881718] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 19.882444] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.882872] page dumped because: kasan: bad access detected [ 19.883413] [ 19.883647] Memory state around the buggy address: [ 19.883909] ffff888102b20400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.884447] ffff888102b20480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.884728] >ffff888102b20500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.885400] ^ [ 19.885951] ffff888102b20580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.886561] ffff888102b20600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.887010] ================================================================== [ 19.826488] ================================================================== [ 19.826998] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 19.827697] Write of size 121 at addr ffff888102b20500 by task kunit_try_catch/306 [ 19.828144] [ 19.828435] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 19.828549] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.828579] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.828658] Call Trace: [ 19.828719] <TASK> [ 19.828769] dump_stack_lvl+0x73/0xb0 [ 19.828812] print_report+0xd1/0x650 [ 19.828841] ? __virt_addr_valid+0x1db/0x2d0 [ 19.828868] ? copy_user_test_oob+0x557/0x10f0 [ 19.828892] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.828929] ? copy_user_test_oob+0x557/0x10f0 [ 19.828967] kasan_report+0x141/0x180 [ 19.829025] ? copy_user_test_oob+0x557/0x10f0 [ 19.829145] kasan_check_range+0x10c/0x1c0 [ 19.829214] __kasan_check_write+0x18/0x20 [ 19.829262] copy_user_test_oob+0x557/0x10f0 [ 19.829351] ? __pfx_copy_user_test_oob+0x10/0x10 [ 19.829414] ? finish_task_switch.isra.0+0x153/0x700 [ 19.829470] ? __switch_to+0x5d9/0xf60 [ 19.829513] ? dequeue_task_fair+0x166/0x4e0 [ 19.829553] ? __schedule+0x10cc/0x2b60 [ 19.829590] ? __pfx_read_tsc+0x10/0x10 [ 19.829614] ? ktime_get_ts64+0x86/0x230 [ 19.829644] kunit_try_run_case+0x1a5/0x480 [ 19.829675] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.829700] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.829729] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.829756] ? __kthread_parkme+0x82/0x180 [ 19.829783] ? preempt_count_sub+0x50/0x80 [ 19.829811] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.829839] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.829865] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.829892] kthread+0x337/0x6f0 [ 19.829912] ? trace_preempt_on+0x20/0xc0 [ 19.829940] ? __pfx_kthread+0x10/0x10 [ 19.829962] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.829987] ? calculate_sigpending+0x7b/0xa0 [ 19.830012] ? __pfx_kthread+0x10/0x10 [ 19.830034] ret_from_fork+0x41/0x80 [ 19.830057] ? __pfx_kthread+0x10/0x10 [ 19.830101] ret_from_fork_asm+0x1a/0x30 [ 19.830138] </TASK> [ 19.830153] [ 19.844024] Allocated by task 306: [ 19.844284] kasan_save_stack+0x45/0x70 [ 19.844527] kasan_save_track+0x18/0x40 [ 19.844889] kasan_save_alloc_info+0x3b/0x50 [ 19.845457] __kasan_kmalloc+0xb7/0xc0 [ 19.845702] __kmalloc_noprof+0x1c9/0x500 [ 19.846017] kunit_kmalloc_array+0x25/0x60 [ 19.846410] copy_user_test_oob+0xab/0x10f0 [ 19.846680] kunit_try_run_case+0x1a5/0x480 [ 19.847088] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.847323] kthread+0x337/0x6f0 [ 19.847641] ret_from_fork+0x41/0x80 [ 19.847987] ret_from_fork_asm+0x1a/0x30 [ 19.848283] [ 19.848469] The buggy address belongs to the object at ffff888102b20500 [ 19.848469] which belongs to the cache kmalloc-128 of size 128 [ 19.849102] The buggy address is located 0 bytes inside of [ 19.849102] allocated 120-byte region [ffff888102b20500, ffff888102b20578) [ 19.849976] [ 19.850218] The buggy address belongs to the physical page: [ 19.850752] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b20 [ 19.852009] flags: 0x200000000000000(node=0|zone=2) [ 19.852313] page_type: f5(slab) [ 19.852642] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 19.852974] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.853462] page dumped because: kasan: bad access detected [ 19.853837] [ 19.853962] Memory state around the buggy address: [ 19.854216] ffff888102b20400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.854829] ffff888102b20480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.855436] >ffff888102b20500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.855894] ^ [ 19.856209] ffff888102b20580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.856755] ffff888102b20600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.857505] ================================================================== [ 19.796097] ================================================================== [ 19.796614] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 19.796936] Read of size 121 at addr ffff888102b20500 by task kunit_try_catch/306 [ 19.797535] [ 19.797747] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 19.797848] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.797880] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.797932] Call Trace: [ 19.797980] <TASK> [ 19.798022] dump_stack_lvl+0x73/0xb0 [ 19.798106] print_report+0xd1/0x650 [ 19.798149] ? __virt_addr_valid+0x1db/0x2d0 [ 19.798188] ? copy_user_test_oob+0x4aa/0x10f0 [ 19.798222] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.798293] ? copy_user_test_oob+0x4aa/0x10f0 [ 19.798401] kasan_report+0x141/0x180 [ 19.798453] ? copy_user_test_oob+0x4aa/0x10f0 [ 19.798512] kasan_check_range+0x10c/0x1c0 [ 19.798564] __kasan_check_read+0x15/0x20 [ 19.798644] copy_user_test_oob+0x4aa/0x10f0 [ 19.798701] ? __pfx_copy_user_test_oob+0x10/0x10 [ 19.798744] ? finish_task_switch.isra.0+0x153/0x700 [ 19.798793] ? __switch_to+0x5d9/0xf60 [ 19.798860] ? dequeue_task_fair+0x166/0x4e0 [ 19.798918] ? __schedule+0x10cc/0x2b60 [ 19.798973] ? __pfx_read_tsc+0x10/0x10 [ 19.799014] ? ktime_get_ts64+0x86/0x230 [ 19.799117] kunit_try_run_case+0x1a5/0x480 [ 19.799182] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.799233] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.799282] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.799358] ? __kthread_parkme+0x82/0x180 [ 19.799412] ? preempt_count_sub+0x50/0x80 [ 19.799490] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.799541] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.799597] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.799637] kthread+0x337/0x6f0 [ 19.799660] ? trace_preempt_on+0x20/0xc0 [ 19.799689] ? __pfx_kthread+0x10/0x10 [ 19.799710] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.799735] ? calculate_sigpending+0x7b/0xa0 [ 19.799763] ? __pfx_kthread+0x10/0x10 [ 19.799801] ret_from_fork+0x41/0x80 [ 19.799828] ? __pfx_kthread+0x10/0x10 [ 19.799848] ret_from_fork_asm+0x1a/0x30 [ 19.799884] </TASK> [ 19.799898] [ 19.811854] Allocated by task 306: [ 19.812275] kasan_save_stack+0x45/0x70 [ 19.812542] kasan_save_track+0x18/0x40 [ 19.812757] kasan_save_alloc_info+0x3b/0x50 [ 19.813191] __kasan_kmalloc+0xb7/0xc0 [ 19.813636] __kmalloc_noprof+0x1c9/0x500 [ 19.813943] kunit_kmalloc_array+0x25/0x60 [ 19.814441] copy_user_test_oob+0xab/0x10f0 [ 19.814756] kunit_try_run_case+0x1a5/0x480 [ 19.815211] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.815586] kthread+0x337/0x6f0 [ 19.815774] ret_from_fork+0x41/0x80 [ 19.816152] ret_from_fork_asm+0x1a/0x30 [ 19.816583] [ 19.816774] The buggy address belongs to the object at ffff888102b20500 [ 19.816774] which belongs to the cache kmalloc-128 of size 128 [ 19.817461] The buggy address is located 0 bytes inside of [ 19.817461] allocated 120-byte region [ffff888102b20500, ffff888102b20578) [ 19.818281] [ 19.818441] The buggy address belongs to the physical page: [ 19.818860] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b20 [ 19.819649] flags: 0x200000000000000(node=0|zone=2) [ 19.819968] page_type: f5(slab) [ 19.820197] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 19.820497] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.821208] page dumped because: kasan: bad access detected [ 19.821460] [ 19.821585] Memory state around the buggy address: [ 19.821995] ffff888102b20400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.822636] ffff888102b20480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.823260] >ffff888102b20500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.823786] ^ [ 19.824321] ffff888102b20580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.824757] ffff888102b20600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.825347] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 19.726124] ================================================================== [ 19.726579] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x4a/0x70 [ 19.727030] Read of size 121 at addr ffff888102b20500 by task kunit_try_catch/306 [ 19.728028] [ 19.728433] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 19.728503] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.728520] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.728546] Call Trace: [ 19.728574] <TASK> [ 19.728606] dump_stack_lvl+0x73/0xb0 [ 19.728644] print_report+0xd1/0x650 [ 19.728672] ? __virt_addr_valid+0x1db/0x2d0 [ 19.728699] ? _copy_to_user+0x4a/0x70 [ 19.728723] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.728748] ? _copy_to_user+0x4a/0x70 [ 19.728771] kasan_report+0x141/0x180 [ 19.728797] ? _copy_to_user+0x4a/0x70 [ 19.728824] kasan_check_range+0x10c/0x1c0 [ 19.728848] __kasan_check_read+0x15/0x20 [ 19.728871] _copy_to_user+0x4a/0x70 [ 19.728893] copy_user_test_oob+0x364/0x10f0 [ 19.728919] ? __pfx_copy_user_test_oob+0x10/0x10 [ 19.728940] ? finish_task_switch.isra.0+0x153/0x700 [ 19.728967] ? __switch_to+0x5d9/0xf60 [ 19.728991] ? dequeue_task_fair+0x166/0x4e0 [ 19.729032] ? __schedule+0x10cc/0x2b60 [ 19.729064] ? __pfx_read_tsc+0x10/0x10 [ 19.729100] ? ktime_get_ts64+0x86/0x230 [ 19.729134] kunit_try_run_case+0x1a5/0x480 [ 19.729162] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.729187] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.729215] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.729242] ? __kthread_parkme+0x82/0x180 [ 19.729279] ? preempt_count_sub+0x50/0x80 [ 19.729325] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.729392] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.729442] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.729513] kthread+0x337/0x6f0 [ 19.729568] ? trace_preempt_on+0x20/0xc0 [ 19.729634] ? __pfx_kthread+0x10/0x10 [ 19.729680] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.729726] ? calculate_sigpending+0x7b/0xa0 [ 19.729762] ? __pfx_kthread+0x10/0x10 [ 19.729785] ret_from_fork+0x41/0x80 [ 19.729810] ? __pfx_kthread+0x10/0x10 [ 19.729832] ret_from_fork_asm+0x1a/0x30 [ 19.729868] </TASK> [ 19.729884] [ 19.743155] Allocated by task 306: [ 19.743451] kasan_save_stack+0x45/0x70 [ 19.743758] kasan_save_track+0x18/0x40 [ 19.744058] kasan_save_alloc_info+0x3b/0x50 [ 19.744449] __kasan_kmalloc+0xb7/0xc0 [ 19.744702] __kmalloc_noprof+0x1c9/0x500 [ 19.744910] kunit_kmalloc_array+0x25/0x60 [ 19.745122] copy_user_test_oob+0xab/0x10f0 [ 19.745347] kunit_try_run_case+0x1a5/0x480 [ 19.745666] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.746144] kthread+0x337/0x6f0 [ 19.746477] ret_from_fork+0x41/0x80 [ 19.746886] ret_from_fork_asm+0x1a/0x30 [ 19.748065] [ 19.748212] The buggy address belongs to the object at ffff888102b20500 [ 19.748212] which belongs to the cache kmalloc-128 of size 128 [ 19.748885] The buggy address is located 0 bytes inside of [ 19.748885] allocated 120-byte region [ffff888102b20500, ffff888102b20578) [ 19.749814] [ 19.750217] The buggy address belongs to the physical page: [ 19.750473] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b20 [ 19.751122] flags: 0x200000000000000(node=0|zone=2) [ 19.751506] page_type: f5(slab) [ 19.751810] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 19.752546] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.752889] page dumped because: kasan: bad access detected [ 19.753501] [ 19.753624] Memory state around the buggy address: [ 19.754284] ffff888102b20400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.754699] ffff888102b20480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.755488] >ffff888102b20500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.755839] ^ [ 19.756512] ffff888102b20580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.756925] ffff888102b20600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.757584] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 19.688058] ================================================================== [ 19.688894] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 19.689923] Write of size 121 at addr ffff888102b20500 by task kunit_try_catch/306 [ 19.690395] [ 19.690626] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 19.690696] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.690712] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.690740] Call Trace: [ 19.690760] <TASK> [ 19.690801] dump_stack_lvl+0x73/0xb0 [ 19.690844] print_report+0xd1/0x650 [ 19.690874] ? __virt_addr_valid+0x1db/0x2d0 [ 19.690902] ? _copy_from_user+0x32/0x90 [ 19.690925] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.690952] ? _copy_from_user+0x32/0x90 [ 19.690974] kasan_report+0x141/0x180 [ 19.690999] ? _copy_from_user+0x32/0x90 [ 19.691026] kasan_check_range+0x10c/0x1c0 [ 19.691049] __kasan_check_write+0x18/0x20 [ 19.691136] _copy_from_user+0x32/0x90 [ 19.691191] copy_user_test_oob+0x2be/0x10f0 [ 19.691248] ? __pfx_copy_user_test_oob+0x10/0x10 [ 19.691359] ? finish_task_switch.isra.0+0x153/0x700 [ 19.691424] ? __switch_to+0x5d9/0xf60 [ 19.691476] ? dequeue_task_fair+0x166/0x4e0 [ 19.691537] ? __schedule+0x10cc/0x2b60 [ 19.691605] ? __pfx_read_tsc+0x10/0x10 [ 19.691669] ? ktime_get_ts64+0x86/0x230 [ 19.691733] kunit_try_run_case+0x1a5/0x480 [ 19.691790] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.691819] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.691849] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.691876] ? __kthread_parkme+0x82/0x180 [ 19.691903] ? preempt_count_sub+0x50/0x80 [ 19.691931] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.691958] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.691985] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.692012] kthread+0x337/0x6f0 [ 19.692033] ? trace_preempt_on+0x20/0xc0 [ 19.692092] ? __pfx_kthread+0x10/0x10 [ 19.692119] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.692145] ? calculate_sigpending+0x7b/0xa0 [ 19.692172] ? __pfx_kthread+0x10/0x10 [ 19.692194] ret_from_fork+0x41/0x80 [ 19.692218] ? __pfx_kthread+0x10/0x10 [ 19.692240] ret_from_fork_asm+0x1a/0x30 [ 19.692276] </TASK> [ 19.692294] [ 19.706302] Allocated by task 306: [ 19.706734] kasan_save_stack+0x45/0x70 [ 19.707422] kasan_save_track+0x18/0x40 [ 19.707664] kasan_save_alloc_info+0x3b/0x50 [ 19.708000] __kasan_kmalloc+0xb7/0xc0 [ 19.708492] __kmalloc_noprof+0x1c9/0x500 [ 19.708685] kunit_kmalloc_array+0x25/0x60 [ 19.709306] copy_user_test_oob+0xab/0x10f0 [ 19.709523] kunit_try_run_case+0x1a5/0x480 [ 19.710111] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.710556] kthread+0x337/0x6f0 [ 19.711007] ret_from_fork+0x41/0x80 [ 19.711268] ret_from_fork_asm+0x1a/0x30 [ 19.711785] [ 19.711924] The buggy address belongs to the object at ffff888102b20500 [ 19.711924] which belongs to the cache kmalloc-128 of size 128 [ 19.712662] The buggy address is located 0 bytes inside of [ 19.712662] allocated 120-byte region [ffff888102b20500, ffff888102b20578) [ 19.713740] [ 19.713958] The buggy address belongs to the physical page: [ 19.714349] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b20 [ 19.714714] flags: 0x200000000000000(node=0|zone=2) [ 19.714983] page_type: f5(slab) [ 19.715301] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 19.716206] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.716797] page dumped because: kasan: bad access detected [ 19.717034] [ 19.717316] Memory state around the buggy address: [ 19.717697] ffff888102b20400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.718479] ffff888102b20480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.718826] >ffff888102b20500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.719422] ^ [ 19.720021] ffff888102b20580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.720302] ffff888102b20600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.720881] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 19.633732] ================================================================== [ 19.634789] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 19.637381] Write of size 8 at addr ffff8881025faa78 by task kunit_try_catch/302 [ 19.638002] [ 19.638409] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 19.638675] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.638706] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.638736] Call Trace: [ 19.638760] <TASK> [ 19.638790] dump_stack_lvl+0x73/0xb0 [ 19.638836] print_report+0xd1/0x650 [ 19.638866] ? __virt_addr_valid+0x1db/0x2d0 [ 19.638894] ? copy_to_kernel_nofault+0x99/0x260 [ 19.638919] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.638946] ? copy_to_kernel_nofault+0x99/0x260 [ 19.638970] kasan_report+0x141/0x180 [ 19.638998] ? copy_to_kernel_nofault+0x99/0x260 [ 19.639026] kasan_check_range+0x10c/0x1c0 [ 19.639051] __kasan_check_write+0x18/0x20 [ 19.639097] copy_to_kernel_nofault+0x99/0x260 [ 19.639123] copy_to_kernel_nofault_oob+0x288/0x560 [ 19.639152] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 19.639179] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 19.639210] ? trace_hardirqs_on+0x37/0xe0 [ 19.639246] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 19.639278] kunit_try_run_case+0x1a5/0x480 [ 19.639309] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.639353] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.639387] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.639416] ? __kthread_parkme+0x82/0x180 [ 19.639443] ? preempt_count_sub+0x50/0x80 [ 19.639474] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.639502] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.639530] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.639571] kthread+0x337/0x6f0 [ 19.639594] ? trace_preempt_on+0x20/0xc0 [ 19.639621] ? __pfx_kthread+0x10/0x10 [ 19.639644] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.639670] ? calculate_sigpending+0x7b/0xa0 [ 19.639696] ? __pfx_kthread+0x10/0x10 [ 19.639718] ret_from_fork+0x41/0x80 [ 19.639744] ? __pfx_kthread+0x10/0x10 [ 19.639766] ret_from_fork_asm+0x1a/0x30 [ 19.639802] </TASK> [ 19.639816] [ 19.652719] Allocated by task 302: [ 19.653376] kasan_save_stack+0x45/0x70 [ 19.653869] kasan_save_track+0x18/0x40 [ 19.654099] kasan_save_alloc_info+0x3b/0x50 [ 19.654666] __kasan_kmalloc+0xb7/0xc0 [ 19.654990] __kmalloc_cache_noprof+0x189/0x420 [ 19.655290] copy_to_kernel_nofault_oob+0x12f/0x560 [ 19.655588] kunit_try_run_case+0x1a5/0x480 [ 19.655896] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.656684] kthread+0x337/0x6f0 [ 19.656868] ret_from_fork+0x41/0x80 [ 19.657230] ret_from_fork_asm+0x1a/0x30 [ 19.657813] [ 19.658145] The buggy address belongs to the object at ffff8881025faa00 [ 19.658145] which belongs to the cache kmalloc-128 of size 128 [ 19.658799] The buggy address is located 0 bytes to the right of [ 19.658799] allocated 120-byte region [ffff8881025faa00, ffff8881025faa78) [ 19.659905] [ 19.660029] The buggy address belongs to the physical page: [ 19.660492] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025fa [ 19.661377] flags: 0x200000000000000(node=0|zone=2) [ 19.661850] page_type: f5(slab) [ 19.662194] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 19.662807] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.663275] page dumped because: kasan: bad access detected [ 19.663694] [ 19.663878] Memory state around the buggy address: [ 19.664523] ffff8881025fa900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.664900] ffff8881025fa980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.665525] >ffff8881025faa00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.665866] ^ [ 19.666218] ffff8881025faa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.666706] ffff8881025fab00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.666998] ================================================================== [ 19.605796] ================================================================== [ 19.606523] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 19.606941] Read of size 8 at addr ffff8881025faa78 by task kunit_try_catch/302 [ 19.607934] [ 19.608603] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 19.608739] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.608771] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.608837] Call Trace: [ 19.608875] <TASK> [ 19.608916] dump_stack_lvl+0x73/0xb0 [ 19.608977] print_report+0xd1/0x650 [ 19.609028] ? __virt_addr_valid+0x1db/0x2d0 [ 19.609106] ? copy_to_kernel_nofault+0x225/0x260 [ 19.609136] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.609166] ? copy_to_kernel_nofault+0x225/0x260 [ 19.609191] kasan_report+0x141/0x180 [ 19.609219] ? copy_to_kernel_nofault+0x225/0x260 [ 19.609250] __asan_report_load8_noabort+0x18/0x20 [ 19.609275] copy_to_kernel_nofault+0x225/0x260 [ 19.609302] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 19.609331] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 19.609381] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 19.609414] ? trace_hardirqs_on+0x37/0xe0 [ 19.609452] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 19.609485] kunit_try_run_case+0x1a5/0x480 [ 19.609518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.609544] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.609575] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.609605] ? __kthread_parkme+0x82/0x180 [ 19.609635] ? preempt_count_sub+0x50/0x80 [ 19.609667] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.609695] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.609723] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.609751] kthread+0x337/0x6f0 [ 19.609772] ? trace_preempt_on+0x20/0xc0 [ 19.609799] ? __pfx_kthread+0x10/0x10 [ 19.609821] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.609849] ? calculate_sigpending+0x7b/0xa0 [ 19.609876] ? __pfx_kthread+0x10/0x10 [ 19.609899] ret_from_fork+0x41/0x80 [ 19.609925] ? __pfx_kthread+0x10/0x10 [ 19.609947] ret_from_fork_asm+0x1a/0x30 [ 19.609985] </TASK> [ 19.610001] [ 19.619946] Allocated by task 302: [ 19.620297] kasan_save_stack+0x45/0x70 [ 19.620660] kasan_save_track+0x18/0x40 [ 19.620899] kasan_save_alloc_info+0x3b/0x50 [ 19.621245] __kasan_kmalloc+0xb7/0xc0 [ 19.621530] __kmalloc_cache_noprof+0x189/0x420 [ 19.621825] copy_to_kernel_nofault_oob+0x12f/0x560 [ 19.622058] kunit_try_run_case+0x1a5/0x480 [ 19.622267] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.622757] kthread+0x337/0x6f0 [ 19.623066] ret_from_fork+0x41/0x80 [ 19.623490] ret_from_fork_asm+0x1a/0x30 [ 19.623731] [ 19.623855] The buggy address belongs to the object at ffff8881025faa00 [ 19.623855] which belongs to the cache kmalloc-128 of size 128 [ 19.624940] The buggy address is located 0 bytes to the right of [ 19.624940] allocated 120-byte region [ffff8881025faa00, ffff8881025faa78) [ 19.625462] [ 19.625681] The buggy address belongs to the physical page: [ 19.626024] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025fa [ 19.626567] flags: 0x200000000000000(node=0|zone=2) [ 19.626903] page_type: f5(slab) [ 19.627265] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 19.627618] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.628030] page dumped because: kasan: bad access detected [ 19.628255] [ 19.628397] Memory state around the buggy address: [ 19.628615] ffff8881025fa900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.628888] ffff8881025fa980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.629176] >ffff8881025faa00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.629584] ^ [ 19.630173] ffff8881025faa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.630754] ffff8881025fab00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.631425] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 18.166543] ================================================================== [ 18.166997] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 18.167358] Write of size 4 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 18.168031] [ 18.168586] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 18.168699] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.168718] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.168746] Call Trace: [ 18.168774] <TASK> [ 18.168804] dump_stack_lvl+0x73/0xb0 [ 18.168844] print_report+0xd1/0x650 [ 18.168872] ? __virt_addr_valid+0x1db/0x2d0 [ 18.168901] ? kasan_atomics_helper+0xd47/0x5450 [ 18.168927] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.168955] ? kasan_atomics_helper+0xd47/0x5450 [ 18.168981] kasan_report+0x141/0x180 [ 18.169007] ? kasan_atomics_helper+0xd47/0x5450 [ 18.169054] kasan_check_range+0x10c/0x1c0 [ 18.169122] __kasan_check_write+0x18/0x20 [ 18.169181] kasan_atomics_helper+0xd47/0x5450 [ 18.169236] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.169316] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.169390] ? kasan_atomics+0x152/0x310 [ 18.169461] kasan_atomics+0x1dc/0x310 [ 18.169505] ? __pfx_kasan_atomics+0x10/0x10 [ 18.169534] ? __pfx_read_tsc+0x10/0x10 [ 18.169558] ? ktime_get_ts64+0x86/0x230 [ 18.169591] kunit_try_run_case+0x1a5/0x480 [ 18.169620] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.169647] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.169677] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.169706] ? __kthread_parkme+0x82/0x180 [ 18.169733] ? preempt_count_sub+0x50/0x80 [ 18.169762] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.169791] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.169819] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.169848] kthread+0x337/0x6f0 [ 18.169871] ? trace_preempt_on+0x20/0xc0 [ 18.169899] ? __pfx_kthread+0x10/0x10 [ 18.169921] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.169948] ? calculate_sigpending+0x7b/0xa0 [ 18.169975] ? __pfx_kthread+0x10/0x10 [ 18.169997] ret_from_fork+0x41/0x80 [ 18.170021] ? __pfx_kthread+0x10/0x10 [ 18.170043] ret_from_fork_asm+0x1a/0x30 [ 18.170106] </TASK> [ 18.170121] [ 18.183591] Allocated by task 286: [ 18.185444] kasan_save_stack+0x45/0x70 [ 18.185836] kasan_save_track+0x18/0x40 [ 18.186254] kasan_save_alloc_info+0x3b/0x50 [ 18.186994] __kasan_kmalloc+0xb7/0xc0 [ 18.187421] __kmalloc_cache_noprof+0x189/0x420 [ 18.187693] kasan_atomics+0x95/0x310 [ 18.188002] kunit_try_run_case+0x1a5/0x480 [ 18.188373] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.189062] kthread+0x337/0x6f0 [ 18.189422] ret_from_fork+0x41/0x80 [ 18.189647] ret_from_fork_asm+0x1a/0x30 [ 18.189891] [ 18.190068] The buggy address belongs to the object at ffff888102b21f80 [ 18.190068] which belongs to the cache kmalloc-64 of size 64 [ 18.190933] The buggy address is located 0 bytes to the right of [ 18.190933] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 18.191770] [ 18.192046] The buggy address belongs to the physical page: [ 18.192322] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 18.192898] flags: 0x200000000000000(node=0|zone=2) [ 18.193315] page_type: f5(slab) [ 18.193585] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.193977] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.194312] page dumped because: kasan: bad access detected [ 18.195172] [ 18.195257] Memory state around the buggy address: [ 18.195421] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.196391] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.196874] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.197556] ^ [ 18.197820] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.198429] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.198716] ================================================================== [ 18.200657] ================================================================== [ 18.201241] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 18.201515] Write of size 4 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 18.202701] [ 18.203196] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 18.203273] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.203298] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.203359] Call Trace: [ 18.203406] <TASK> [ 18.203590] dump_stack_lvl+0x73/0xb0 [ 18.203644] print_report+0xd1/0x650 [ 18.203675] ? __virt_addr_valid+0x1db/0x2d0 [ 18.203704] ? kasan_atomics_helper+0xde0/0x5450 [ 18.203730] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.203759] ? kasan_atomics_helper+0xde0/0x5450 [ 18.203786] kasan_report+0x141/0x180 [ 18.203812] ? kasan_atomics_helper+0xde0/0x5450 [ 18.203843] kasan_check_range+0x10c/0x1c0 [ 18.203868] __kasan_check_write+0x18/0x20 [ 18.203892] kasan_atomics_helper+0xde0/0x5450 [ 18.203920] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.203947] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.203974] ? kasan_atomics+0x152/0x310 [ 18.204001] kasan_atomics+0x1dc/0x310 [ 18.204024] ? __pfx_kasan_atomics+0x10/0x10 [ 18.204049] ? __pfx_read_tsc+0x10/0x10 [ 18.204098] ? ktime_get_ts64+0x86/0x230 [ 18.204129] kunit_try_run_case+0x1a5/0x480 [ 18.204159] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.204185] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.204214] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.204242] ? __kthread_parkme+0x82/0x180 [ 18.204269] ? preempt_count_sub+0x50/0x80 [ 18.204299] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.204328] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.204377] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.204407] kthread+0x337/0x6f0 [ 18.204429] ? trace_preempt_on+0x20/0xc0 [ 18.204457] ? __pfx_kthread+0x10/0x10 [ 18.204479] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.204505] ? calculate_sigpending+0x7b/0xa0 [ 18.204531] ? __pfx_kthread+0x10/0x10 [ 18.204554] ret_from_fork+0x41/0x80 [ 18.204578] ? __pfx_kthread+0x10/0x10 [ 18.204600] ret_from_fork_asm+0x1a/0x30 [ 18.204636] </TASK> [ 18.204651] [ 18.215819] Allocated by task 286: [ 18.216067] kasan_save_stack+0x45/0x70 [ 18.216378] kasan_save_track+0x18/0x40 [ 18.216580] kasan_save_alloc_info+0x3b/0x50 [ 18.216789] __kasan_kmalloc+0xb7/0xc0 [ 18.217005] __kmalloc_cache_noprof+0x189/0x420 [ 18.217448] kasan_atomics+0x95/0x310 [ 18.217796] kunit_try_run_case+0x1a5/0x480 [ 18.218213] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.218685] kthread+0x337/0x6f0 [ 18.218996] ret_from_fork+0x41/0x80 [ 18.219455] ret_from_fork_asm+0x1a/0x30 [ 18.219729] [ 18.219853] The buggy address belongs to the object at ffff888102b21f80 [ 18.219853] which belongs to the cache kmalloc-64 of size 64 [ 18.220723] The buggy address is located 0 bytes to the right of [ 18.220723] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 18.221321] [ 18.221538] The buggy address belongs to the physical page: [ 18.221902] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 18.222328] flags: 0x200000000000000(node=0|zone=2) [ 18.222767] page_type: f5(slab) [ 18.223059] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.223492] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.223773] page dumped because: kasan: bad access detected [ 18.223991] [ 18.224100] Memory state around the buggy address: [ 18.224539] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.225117] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.225716] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.226396] ^ [ 18.226641] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.227026] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.227600] ================================================================== [ 18.230138] ================================================================== [ 18.230813] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 18.231370] Write of size 4 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 18.232059] [ 18.232237] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 18.232352] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.232382] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.232433] Call Trace: [ 18.232477] <TASK> [ 18.232522] dump_stack_lvl+0x73/0xb0 [ 18.232593] print_report+0xd1/0x650 [ 18.232651] ? __virt_addr_valid+0x1db/0x2d0 [ 18.232706] ? kasan_atomics_helper+0xe78/0x5450 [ 18.232759] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.232807] ? kasan_atomics_helper+0xe78/0x5450 [ 18.232856] kasan_report+0x141/0x180 [ 18.232904] ? kasan_atomics_helper+0xe78/0x5450 [ 18.232961] kasan_check_range+0x10c/0x1c0 [ 18.233007] __kasan_check_write+0x18/0x20 [ 18.233068] kasan_atomics_helper+0xe78/0x5450 [ 18.233120] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.233176] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.233232] ? kasan_atomics+0x152/0x310 [ 18.233292] kasan_atomics+0x1dc/0x310 [ 18.233346] ? __pfx_kasan_atomics+0x10/0x10 [ 18.233393] ? __pfx_read_tsc+0x10/0x10 [ 18.233434] ? ktime_get_ts64+0x86/0x230 [ 18.233488] kunit_try_run_case+0x1a5/0x480 [ 18.233544] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.233596] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.233655] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.233712] ? __kthread_parkme+0x82/0x180 [ 18.233761] ? preempt_count_sub+0x50/0x80 [ 18.233815] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.233868] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.233929] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.233992] kthread+0x337/0x6f0 [ 18.234037] ? trace_preempt_on+0x20/0xc0 [ 18.234102] ? __pfx_kthread+0x10/0x10 [ 18.234150] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.234207] ? calculate_sigpending+0x7b/0xa0 [ 18.234262] ? __pfx_kthread+0x10/0x10 [ 18.234312] ret_from_fork+0x41/0x80 [ 18.234382] ? __pfx_kthread+0x10/0x10 [ 18.234430] ret_from_fork_asm+0x1a/0x30 [ 18.234511] </TASK> [ 18.234542] [ 18.244571] Allocated by task 286: [ 18.244908] kasan_save_stack+0x45/0x70 [ 18.245383] kasan_save_track+0x18/0x40 [ 18.245749] kasan_save_alloc_info+0x3b/0x50 [ 18.246177] __kasan_kmalloc+0xb7/0xc0 [ 18.246611] __kmalloc_cache_noprof+0x189/0x420 [ 18.247065] kasan_atomics+0x95/0x310 [ 18.247455] kunit_try_run_case+0x1a5/0x480 [ 18.247883] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.248269] kthread+0x337/0x6f0 [ 18.248613] ret_from_fork+0x41/0x80 [ 18.248952] ret_from_fork_asm+0x1a/0x30 [ 18.249457] [ 18.249661] The buggy address belongs to the object at ffff888102b21f80 [ 18.249661] which belongs to the cache kmalloc-64 of size 64 [ 18.250100] The buggy address is located 0 bytes to the right of [ 18.250100] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 18.250807] [ 18.251071] The buggy address belongs to the physical page: [ 18.251692] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 18.252509] flags: 0x200000000000000(node=0|zone=2) [ 18.252983] page_type: f5(slab) [ 18.253353] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.253865] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.254488] page dumped because: kasan: bad access detected [ 18.254763] [ 18.254884] Memory state around the buggy address: [ 18.255101] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.255391] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.255657] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.256245] ^ [ 18.256666] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.257428] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.258059] ================================================================== [ 18.595447] ================================================================== [ 18.596038] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 18.596466] Read of size 8 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 18.597212] [ 18.597558] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 18.597676] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.597709] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.597762] Call Trace: [ 18.597811] <TASK> [ 18.597862] dump_stack_lvl+0x73/0xb0 [ 18.597923] print_report+0xd1/0x650 [ 18.597965] ? __virt_addr_valid+0x1db/0x2d0 [ 18.598009] ? kasan_atomics_helper+0x13b5/0x5450 [ 18.598046] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.598089] ? kasan_atomics_helper+0x13b5/0x5450 [ 18.598128] kasan_report+0x141/0x180 [ 18.598166] ? kasan_atomics_helper+0x13b5/0x5450 [ 18.598213] kasan_check_range+0x10c/0x1c0 [ 18.598251] __kasan_check_read+0x15/0x20 [ 18.598285] kasan_atomics_helper+0x13b5/0x5450 [ 18.598327] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.598396] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.598439] ? kasan_atomics+0x152/0x310 [ 18.598480] kasan_atomics+0x1dc/0x310 [ 18.598515] ? __pfx_kasan_atomics+0x10/0x10 [ 18.598650] ? __pfx_read_tsc+0x10/0x10 [ 18.598709] ? ktime_get_ts64+0x86/0x230 [ 18.598768] kunit_try_run_case+0x1a5/0x480 [ 18.598833] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.598887] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.598946] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.599007] ? __kthread_parkme+0x82/0x180 [ 18.599061] ? preempt_count_sub+0x50/0x80 [ 18.599114] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.599146] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.599176] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.599205] kthread+0x337/0x6f0 [ 18.599227] ? trace_preempt_on+0x20/0xc0 [ 18.599254] ? __pfx_kthread+0x10/0x10 [ 18.599276] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.599303] ? calculate_sigpending+0x7b/0xa0 [ 18.599329] ? __pfx_kthread+0x10/0x10 [ 18.599374] ret_from_fork+0x41/0x80 [ 18.599399] ? __pfx_kthread+0x10/0x10 [ 18.599421] ret_from_fork_asm+0x1a/0x30 [ 18.599463] </TASK> [ 18.599477] [ 18.610478] Allocated by task 286: [ 18.610688] kasan_save_stack+0x45/0x70 [ 18.610895] kasan_save_track+0x18/0x40 [ 18.611107] kasan_save_alloc_info+0x3b/0x50 [ 18.611531] __kasan_kmalloc+0xb7/0xc0 [ 18.611841] __kmalloc_cache_noprof+0x189/0x420 [ 18.612472] kasan_atomics+0x95/0x310 [ 18.613217] kunit_try_run_case+0x1a5/0x480 [ 18.613668] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.614178] kthread+0x337/0x6f0 [ 18.614501] ret_from_fork+0x41/0x80 [ 18.614824] ret_from_fork_asm+0x1a/0x30 [ 18.615195] [ 18.615394] The buggy address belongs to the object at ffff888102b21f80 [ 18.615394] which belongs to the cache kmalloc-64 of size 64 [ 18.616405] The buggy address is located 0 bytes to the right of [ 18.616405] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 18.617384] [ 18.617595] The buggy address belongs to the physical page: [ 18.617959] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 18.618680] flags: 0x200000000000000(node=0|zone=2) [ 18.619484] page_type: f5(slab) [ 18.619879] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.620226] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.620526] page dumped because: kasan: bad access detected [ 18.620748] [ 18.620867] Memory state around the buggy address: [ 18.621090] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.621716] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.622413] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.623144] ^ [ 18.623577] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.624127] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.624713] ================================================================== [ 18.048427] ================================================================== [ 18.048998] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 18.049378] Write of size 4 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 18.049689] [ 18.049859] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 18.049970] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.050001] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.050053] Call Trace: [ 18.050097] <TASK> [ 18.050139] dump_stack_lvl+0x73/0xb0 [ 18.050205] print_report+0xd1/0x650 [ 18.050255] ? __virt_addr_valid+0x1db/0x2d0 [ 18.050317] ? kasan_atomics_helper+0xac7/0x5450 [ 18.050386] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.050435] ? kasan_atomics_helper+0xac7/0x5450 [ 18.050483] kasan_report+0x141/0x180 [ 18.050533] ? kasan_atomics_helper+0xac7/0x5450 [ 18.050599] kasan_check_range+0x10c/0x1c0 [ 18.050651] __kasan_check_write+0x18/0x20 [ 18.050704] kasan_atomics_helper+0xac7/0x5450 [ 18.050765] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.050827] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.050883] ? kasan_atomics+0x152/0x310 [ 18.050944] kasan_atomics+0x1dc/0x310 [ 18.050994] ? __pfx_kasan_atomics+0x10/0x10 [ 18.051050] ? __pfx_read_tsc+0x10/0x10 [ 18.051097] ? ktime_get_ts64+0x86/0x230 [ 18.051160] kunit_try_run_case+0x1a5/0x480 [ 18.051224] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.051320] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.051399] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.051461] ? __kthread_parkme+0x82/0x180 [ 18.051516] ? preempt_count_sub+0x50/0x80 [ 18.051580] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.051642] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.051705] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.051768] kthread+0x337/0x6f0 [ 18.051812] ? trace_preempt_on+0x20/0xc0 [ 18.051870] ? __pfx_kthread+0x10/0x10 [ 18.051918] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.051976] ? calculate_sigpending+0x7b/0xa0 [ 18.052030] ? __pfx_kthread+0x10/0x10 [ 18.052073] ret_from_fork+0x41/0x80 [ 18.052115] ? __pfx_kthread+0x10/0x10 [ 18.052155] ret_from_fork_asm+0x1a/0x30 [ 18.052219] </TASK> [ 18.052244] [ 18.067303] Allocated by task 286: [ 18.067649] kasan_save_stack+0x45/0x70 [ 18.068026] kasan_save_track+0x18/0x40 [ 18.068285] kasan_save_alloc_info+0x3b/0x50 [ 18.068560] __kasan_kmalloc+0xb7/0xc0 [ 18.068873] __kmalloc_cache_noprof+0x189/0x420 [ 18.069145] kasan_atomics+0x95/0x310 [ 18.069354] kunit_try_run_case+0x1a5/0x480 [ 18.069706] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.070150] kthread+0x337/0x6f0 [ 18.070470] ret_from_fork+0x41/0x80 [ 18.070790] ret_from_fork_asm+0x1a/0x30 [ 18.071181] [ 18.071409] The buggy address belongs to the object at ffff888102b21f80 [ 18.071409] which belongs to the cache kmalloc-64 of size 64 [ 18.071893] The buggy address is located 0 bytes to the right of [ 18.071893] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 18.072370] [ 18.072560] The buggy address belongs to the physical page: [ 18.072979] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 18.073660] flags: 0x200000000000000(node=0|zone=2) [ 18.074056] page_type: f5(slab) [ 18.074418] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.074806] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.075126] page dumped because: kasan: bad access detected [ 18.075421] [ 18.075592] Memory state around the buggy address: [ 18.076036] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.076488] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.076888] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.077437] ^ [ 18.077660] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.077934] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.078503] ================================================================== [ 17.814625] ================================================================== [ 17.815705] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 17.816265] Write of size 4 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 17.816947] [ 17.817350] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 17.817562] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.817592] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.817620] Call Trace: [ 17.817648] <TASK> [ 17.817678] dump_stack_lvl+0x73/0xb0 [ 17.817719] print_report+0xd1/0x650 [ 17.817749] ? __virt_addr_valid+0x1db/0x2d0 [ 17.817778] ? kasan_atomics_helper+0x5fe/0x5450 [ 17.817806] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.817834] ? kasan_atomics_helper+0x5fe/0x5450 [ 17.817861] kasan_report+0x141/0x180 [ 17.817888] ? kasan_atomics_helper+0x5fe/0x5450 [ 17.817952] kasan_check_range+0x10c/0x1c0 [ 17.817978] __kasan_check_write+0x18/0x20 [ 17.818003] kasan_atomics_helper+0x5fe/0x5450 [ 17.818031] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.818061] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.818101] ? kasan_atomics+0x152/0x310 [ 17.818130] kasan_atomics+0x1dc/0x310 [ 17.818153] ? __pfx_kasan_atomics+0x10/0x10 [ 17.818180] ? __pfx_read_tsc+0x10/0x10 [ 17.818205] ? ktime_get_ts64+0x86/0x230 [ 17.818236] kunit_try_run_case+0x1a5/0x480 [ 17.818267] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.818294] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.818323] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.818373] ? __kthread_parkme+0x82/0x180 [ 17.818401] ? preempt_count_sub+0x50/0x80 [ 17.818432] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.818461] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.818490] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.818519] kthread+0x337/0x6f0 [ 17.818542] ? trace_preempt_on+0x20/0xc0 [ 17.818569] ? __pfx_kthread+0x10/0x10 [ 17.818591] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.818617] ? calculate_sigpending+0x7b/0xa0 [ 17.818642] ? __pfx_kthread+0x10/0x10 [ 17.818665] ret_from_fork+0x41/0x80 [ 17.818688] ? __pfx_kthread+0x10/0x10 [ 17.818709] ret_from_fork_asm+0x1a/0x30 [ 17.818744] </TASK> [ 17.818758] [ 17.831440] Allocated by task 286: [ 17.831739] kasan_save_stack+0x45/0x70 [ 17.832109] kasan_save_track+0x18/0x40 [ 17.832471] kasan_save_alloc_info+0x3b/0x50 [ 17.832783] __kasan_kmalloc+0xb7/0xc0 [ 17.832985] __kmalloc_cache_noprof+0x189/0x420 [ 17.833216] kasan_atomics+0x95/0x310 [ 17.833587] kunit_try_run_case+0x1a5/0x480 [ 17.834127] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.834777] kthread+0x337/0x6f0 [ 17.835155] ret_from_fork+0x41/0x80 [ 17.835485] ret_from_fork_asm+0x1a/0x30 [ 17.835851] [ 17.836093] The buggy address belongs to the object at ffff888102b21f80 [ 17.836093] which belongs to the cache kmalloc-64 of size 64 [ 17.836756] The buggy address is located 0 bytes to the right of [ 17.836756] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 17.837211] [ 17.837346] The buggy address belongs to the physical page: [ 17.837580] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 17.838257] flags: 0x200000000000000(node=0|zone=2) [ 17.838704] page_type: f5(slab) [ 17.839022] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.840306] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.840806] page dumped because: kasan: bad access detected [ 17.841107] [ 17.841365] Memory state around the buggy address: [ 17.841741] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.842469] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.843025] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.843713] ^ [ 17.844073] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.844727] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.845208] ================================================================== [ 18.878934] ================================================================== [ 18.879382] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 18.879972] Write of size 8 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 18.880429] [ 18.880583] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 18.880682] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.880710] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.880768] Call Trace: [ 18.880831] <TASK> [ 18.880889] dump_stack_lvl+0x73/0xb0 [ 18.880978] print_report+0xd1/0x650 [ 18.881048] ? __virt_addr_valid+0x1db/0x2d0 [ 18.881136] ? kasan_atomics_helper+0x1818/0x5450 [ 18.881189] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.881244] ? kasan_atomics_helper+0x1818/0x5450 [ 18.881369] kasan_report+0x141/0x180 [ 18.881433] ? kasan_atomics_helper+0x1818/0x5450 [ 18.881513] kasan_check_range+0x10c/0x1c0 [ 18.881573] __kasan_check_write+0x18/0x20 [ 18.881628] kasan_atomics_helper+0x1818/0x5450 [ 18.881688] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.881745] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.881810] ? kasan_atomics+0x152/0x310 [ 18.881883] kasan_atomics+0x1dc/0x310 [ 18.881935] ? __pfx_kasan_atomics+0x10/0x10 [ 18.881978] ? __pfx_read_tsc+0x10/0x10 [ 18.882013] ? ktime_get_ts64+0x86/0x230 [ 18.882046] kunit_try_run_case+0x1a5/0x480 [ 18.882102] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.882131] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.882162] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.882190] ? __kthread_parkme+0x82/0x180 [ 18.882218] ? preempt_count_sub+0x50/0x80 [ 18.882248] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.882276] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.882305] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.882353] kthread+0x337/0x6f0 [ 18.882378] ? trace_preempt_on+0x20/0xc0 [ 18.882409] ? __pfx_kthread+0x10/0x10 [ 18.882431] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.882458] ? calculate_sigpending+0x7b/0xa0 [ 18.882485] ? __pfx_kthread+0x10/0x10 [ 18.882508] ret_from_fork+0x41/0x80 [ 18.882531] ? __pfx_kthread+0x10/0x10 [ 18.882554] ret_from_fork_asm+0x1a/0x30 [ 18.882591] </TASK> [ 18.882605] [ 18.892330] Allocated by task 286: [ 18.892713] kasan_save_stack+0x45/0x70 [ 18.893134] kasan_save_track+0x18/0x40 [ 18.893536] kasan_save_alloc_info+0x3b/0x50 [ 18.893928] __kasan_kmalloc+0xb7/0xc0 [ 18.894350] __kmalloc_cache_noprof+0x189/0x420 [ 18.894748] kasan_atomics+0x95/0x310 [ 18.895098] kunit_try_run_case+0x1a5/0x480 [ 18.895484] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.895928] kthread+0x337/0x6f0 [ 18.896256] ret_from_fork+0x41/0x80 [ 18.896514] ret_from_fork_asm+0x1a/0x30 [ 18.896723] [ 18.896843] The buggy address belongs to the object at ffff888102b21f80 [ 18.896843] which belongs to the cache kmalloc-64 of size 64 [ 18.898046] The buggy address is located 0 bytes to the right of [ 18.898046] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 18.898787] [ 18.898951] The buggy address belongs to the physical page: [ 18.899291] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 18.899840] flags: 0x200000000000000(node=0|zone=2) [ 18.900270] page_type: f5(slab) [ 18.900486] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.900780] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.901069] page dumped because: kasan: bad access detected [ 18.901579] [ 18.901777] Memory state around the buggy address: [ 18.902219] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.902800] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.903503] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.904043] ^ [ 18.904394] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.904672] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.904938] ================================================================== [ 19.290049] ================================================================== [ 19.290469] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 19.291864] Read of size 8 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 19.292535] [ 19.292780] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 19.292890] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.292920] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.292971] Call Trace: [ 19.293031] <TASK> [ 19.293082] dump_stack_lvl+0x73/0xb0 [ 19.293161] print_report+0xd1/0x650 [ 19.293193] ? __virt_addr_valid+0x1db/0x2d0 [ 19.293224] ? kasan_atomics_helper+0x4f71/0x5450 [ 19.293251] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.293281] ? kasan_atomics_helper+0x4f71/0x5450 [ 19.293308] kasan_report+0x141/0x180 [ 19.293354] ? kasan_atomics_helper+0x4f71/0x5450 [ 19.293392] __asan_report_load8_noabort+0x18/0x20 [ 19.293421] kasan_atomics_helper+0x4f71/0x5450 [ 19.293450] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 19.293478] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.293506] ? kasan_atomics+0x152/0x310 [ 19.293534] kasan_atomics+0x1dc/0x310 [ 19.293559] ? __pfx_kasan_atomics+0x10/0x10 [ 19.293585] ? __pfx_read_tsc+0x10/0x10 [ 19.293610] ? ktime_get_ts64+0x86/0x230 [ 19.293643] kunit_try_run_case+0x1a5/0x480 [ 19.293675] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.293702] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.293732] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.293761] ? __kthread_parkme+0x82/0x180 [ 19.293789] ? preempt_count_sub+0x50/0x80 [ 19.293820] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.293849] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.293879] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.293909] kthread+0x337/0x6f0 [ 19.293931] ? trace_preempt_on+0x20/0xc0 [ 19.293960] ? __pfx_kthread+0x10/0x10 [ 19.293983] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.294010] ? calculate_sigpending+0x7b/0xa0 [ 19.294038] ? __pfx_kthread+0x10/0x10 [ 19.294062] ret_from_fork+0x41/0x80 [ 19.294096] ? __pfx_kthread+0x10/0x10 [ 19.294119] ret_from_fork_asm+0x1a/0x30 [ 19.294156] </TASK> [ 19.294170] [ 19.305161] Allocated by task 286: [ 19.305516] kasan_save_stack+0x45/0x70 [ 19.305901] kasan_save_track+0x18/0x40 [ 19.306222] kasan_save_alloc_info+0x3b/0x50 [ 19.306656] __kasan_kmalloc+0xb7/0xc0 [ 19.306894] __kmalloc_cache_noprof+0x189/0x420 [ 19.307151] kasan_atomics+0x95/0x310 [ 19.307369] kunit_try_run_case+0x1a5/0x480 [ 19.307747] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.308175] kthread+0x337/0x6f0 [ 19.308523] ret_from_fork+0x41/0x80 [ 19.308880] ret_from_fork_asm+0x1a/0x30 [ 19.309292] [ 19.309508] The buggy address belongs to the object at ffff888102b21f80 [ 19.309508] which belongs to the cache kmalloc-64 of size 64 [ 19.310327] The buggy address is located 0 bytes to the right of [ 19.310327] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 19.310801] [ 19.311000] The buggy address belongs to the physical page: [ 19.311573] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 19.312130] flags: 0x200000000000000(node=0|zone=2) [ 19.312382] page_type: f5(slab) [ 19.312625] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 19.312956] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.313546] page dumped because: kasan: bad access detected [ 19.314003] [ 19.314187] Memory state around the buggy address: [ 19.314641] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.315234] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.315601] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.315884] ^ [ 19.316372] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.316935] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.317657] ================================================================== [ 19.437897] ================================================================== [ 19.438609] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 19.439192] Write of size 8 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 19.439700] [ 19.439926] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 19.440061] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.440109] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.440160] Call Trace: [ 19.440210] <TASK> [ 19.440258] dump_stack_lvl+0x73/0xb0 [ 19.440329] print_report+0xd1/0x650 [ 19.440401] ? __virt_addr_valid+0x1db/0x2d0 [ 19.440478] ? kasan_atomics_helper+0x218a/0x5450 [ 19.440531] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.440600] ? kasan_atomics_helper+0x218a/0x5450 [ 19.440658] kasan_report+0x141/0x180 [ 19.440724] ? kasan_atomics_helper+0x218a/0x5450 [ 19.440801] kasan_check_range+0x10c/0x1c0 [ 19.440869] __kasan_check_write+0x18/0x20 [ 19.440928] kasan_atomics_helper+0x218a/0x5450 [ 19.440988] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 19.441068] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.441121] ? kasan_atomics+0x152/0x310 [ 19.441171] kasan_atomics+0x1dc/0x310 [ 19.441216] ? __pfx_kasan_atomics+0x10/0x10 [ 19.441273] ? __pfx_read_tsc+0x10/0x10 [ 19.441378] ? ktime_get_ts64+0x86/0x230 [ 19.441445] kunit_try_run_case+0x1a5/0x480 [ 19.441510] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.441567] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.441621] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.441681] ? __kthread_parkme+0x82/0x180 [ 19.441738] ? preempt_count_sub+0x50/0x80 [ 19.441802] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.441862] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.441926] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.441988] kthread+0x337/0x6f0 [ 19.442036] ? trace_preempt_on+0x20/0xc0 [ 19.442103] ? __pfx_kthread+0x10/0x10 [ 19.442168] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.442218] ? calculate_sigpending+0x7b/0xa0 [ 19.442271] ? __pfx_kthread+0x10/0x10 [ 19.442318] ret_from_fork+0x41/0x80 [ 19.442386] ? __pfx_kthread+0x10/0x10 [ 19.442425] ret_from_fork_asm+0x1a/0x30 [ 19.442488] </TASK> [ 19.442516] [ 19.455187] Allocated by task 286: [ 19.455609] kasan_save_stack+0x45/0x70 [ 19.456157] kasan_save_track+0x18/0x40 [ 19.456526] kasan_save_alloc_info+0x3b/0x50 [ 19.456908] __kasan_kmalloc+0xb7/0xc0 [ 19.457794] __kmalloc_cache_noprof+0x189/0x420 [ 19.458615] kasan_atomics+0x95/0x310 [ 19.458803] kunit_try_run_case+0x1a5/0x480 [ 19.459245] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.459692] kthread+0x337/0x6f0 [ 19.460051] ret_from_fork+0x41/0x80 [ 19.460310] ret_from_fork_asm+0x1a/0x30 [ 19.460781] [ 19.461027] The buggy address belongs to the object at ffff888102b21f80 [ 19.461027] which belongs to the cache kmalloc-64 of size 64 [ 19.462052] The buggy address is located 0 bytes to the right of [ 19.462052] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 19.462989] [ 19.463449] The buggy address belongs to the physical page: [ 19.463776] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 19.464478] flags: 0x200000000000000(node=0|zone=2) [ 19.464873] page_type: f5(slab) [ 19.465398] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 19.465970] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.466583] page dumped because: kasan: bad access detected [ 19.466947] [ 19.467103] Memory state around the buggy address: [ 19.467855] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.468417] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.469035] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.469735] ^ [ 19.470015] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.470798] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.471253] ================================================================== [ 18.535157] ================================================================== [ 18.535492] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 18.535895] Write of size 4 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 18.536673] [ 18.536908] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 18.537052] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.537097] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.537146] Call Trace: [ 18.537194] <TASK> [ 18.537250] dump_stack_lvl+0x73/0xb0 [ 18.537350] print_report+0xd1/0x650 [ 18.537412] ? __virt_addr_valid+0x1db/0x2d0 [ 18.537471] ? kasan_atomics_helper+0x12e6/0x5450 [ 18.537522] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.537578] ? kasan_atomics_helper+0x12e6/0x5450 [ 18.537632] kasan_report+0x141/0x180 [ 18.537698] ? kasan_atomics_helper+0x12e6/0x5450 [ 18.537781] kasan_check_range+0x10c/0x1c0 [ 18.537836] __kasan_check_write+0x18/0x20 [ 18.537894] kasan_atomics_helper+0x12e6/0x5450 [ 18.537954] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.538028] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.538104] ? kasan_atomics+0x152/0x310 [ 18.538159] kasan_atomics+0x1dc/0x310 [ 18.538221] ? __pfx_kasan_atomics+0x10/0x10 [ 18.538290] ? __pfx_read_tsc+0x10/0x10 [ 18.538328] ? ktime_get_ts64+0x86/0x230 [ 18.538389] kunit_try_run_case+0x1a5/0x480 [ 18.538429] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.538461] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.538512] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.538559] ? __kthread_parkme+0x82/0x180 [ 18.538604] ? preempt_count_sub+0x50/0x80 [ 18.538661] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.538723] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.538794] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.538854] kthread+0x337/0x6f0 [ 18.538893] ? trace_preempt_on+0x20/0xc0 [ 18.538947] ? __pfx_kthread+0x10/0x10 [ 18.539000] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.539064] ? calculate_sigpending+0x7b/0xa0 [ 18.539114] ? __pfx_kthread+0x10/0x10 [ 18.539160] ret_from_fork+0x41/0x80 [ 18.539203] ? __pfx_kthread+0x10/0x10 [ 18.539245] ret_from_fork_asm+0x1a/0x30 [ 18.539317] </TASK> [ 18.539367] [ 18.550015] Allocated by task 286: [ 18.550380] kasan_save_stack+0x45/0x70 [ 18.550631] kasan_save_track+0x18/0x40 [ 18.550841] kasan_save_alloc_info+0x3b/0x50 [ 18.551298] __kasan_kmalloc+0xb7/0xc0 [ 18.551664] __kmalloc_cache_noprof+0x189/0x420 [ 18.552021] kasan_atomics+0x95/0x310 [ 18.552387] kunit_try_run_case+0x1a5/0x480 [ 18.552686] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.553095] kthread+0x337/0x6f0 [ 18.553392] ret_from_fork+0x41/0x80 [ 18.553657] ret_from_fork_asm+0x1a/0x30 [ 18.554012] [ 18.554271] The buggy address belongs to the object at ffff888102b21f80 [ 18.554271] which belongs to the cache kmalloc-64 of size 64 [ 18.554935] The buggy address is located 0 bytes to the right of [ 18.554935] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 18.555570] [ 18.555779] The buggy address belongs to the physical page: [ 18.556216] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 18.556702] flags: 0x200000000000000(node=0|zone=2) [ 18.557035] page_type: f5(slab) [ 18.557396] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.557868] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.558530] page dumped because: kasan: bad access detected [ 18.558849] [ 18.559032] Memory state around the buggy address: [ 18.559368] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.559828] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.560144] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.560709] ^ [ 18.560932] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.561219] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.561496] ================================================================== [ 17.618457] ================================================================== [ 17.618749] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 17.619621] Write of size 4 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 17.620923] [ 17.621436] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 17.621573] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.621602] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.621651] Call Trace: [ 17.621953] <TASK> [ 17.622037] dump_stack_lvl+0x73/0xb0 [ 17.622263] print_report+0xd1/0x650 [ 17.622328] ? __virt_addr_valid+0x1db/0x2d0 [ 17.622403] ? kasan_atomics_helper+0x4b6e/0x5450 [ 17.622456] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.622543] ? kasan_atomics_helper+0x4b6e/0x5450 [ 17.622610] kasan_report+0x141/0x180 [ 17.622693] ? kasan_atomics_helper+0x4b6e/0x5450 [ 17.622776] __asan_report_store4_noabort+0x1b/0x30 [ 17.622838] kasan_atomics_helper+0x4b6e/0x5450 [ 17.622898] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.622940] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.622968] ? kasan_atomics+0x152/0x310 [ 17.622997] kasan_atomics+0x1dc/0x310 [ 17.623021] ? __pfx_kasan_atomics+0x10/0x10 [ 17.623047] ? __pfx_read_tsc+0x10/0x10 [ 17.623119] ? ktime_get_ts64+0x86/0x230 [ 17.623155] kunit_try_run_case+0x1a5/0x480 [ 17.623185] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.623212] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.623242] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.623270] ? __kthread_parkme+0x82/0x180 [ 17.623297] ? preempt_count_sub+0x50/0x80 [ 17.623327] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.623377] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.623408] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.623438] kthread+0x337/0x6f0 [ 17.623459] ? trace_preempt_on+0x20/0xc0 [ 17.623488] ? __pfx_kthread+0x10/0x10 [ 17.623512] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.623539] ? calculate_sigpending+0x7b/0xa0 [ 17.623567] ? __pfx_kthread+0x10/0x10 [ 17.623590] ret_from_fork+0x41/0x80 [ 17.623615] ? __pfx_kthread+0x10/0x10 [ 17.623637] ret_from_fork_asm+0x1a/0x30 [ 17.623674] </TASK> [ 17.623690] [ 17.637101] Allocated by task 286: [ 17.637480] kasan_save_stack+0x45/0x70 [ 17.637827] kasan_save_track+0x18/0x40 [ 17.638232] kasan_save_alloc_info+0x3b/0x50 [ 17.638477] __kasan_kmalloc+0xb7/0xc0 [ 17.638677] __kmalloc_cache_noprof+0x189/0x420 [ 17.638892] kasan_atomics+0x95/0x310 [ 17.639327] kunit_try_run_case+0x1a5/0x480 [ 17.640186] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.640691] kthread+0x337/0x6f0 [ 17.641019] ret_from_fork+0x41/0x80 [ 17.641824] ret_from_fork_asm+0x1a/0x30 [ 17.642039] [ 17.643667] The buggy address belongs to the object at ffff888102b21f80 [ 17.643667] which belongs to the cache kmalloc-64 of size 64 [ 17.645681] The buggy address is located 0 bytes to the right of [ 17.645681] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 17.646637] [ 17.646765] The buggy address belongs to the physical page: [ 17.646970] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 17.649359] flags: 0x200000000000000(node=0|zone=2) [ 17.650195] page_type: f5(slab) [ 17.650800] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.652404] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.652911] page dumped because: kasan: bad access detected [ 17.653665] [ 17.653794] Memory state around the buggy address: [ 17.654294] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.654981] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.655359] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.656106] ^ [ 17.656465] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.656943] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.657392] ================================================================== [ 18.354022] ================================================================== [ 18.354734] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 18.356040] Write of size 4 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 18.356390] [ 18.356562] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 18.356672] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.356702] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.356752] Call Trace: [ 18.356801] <TASK> [ 18.356850] dump_stack_lvl+0x73/0xb0 [ 18.356921] print_report+0xd1/0x650 [ 18.356979] ? __virt_addr_valid+0x1db/0x2d0 [ 18.357044] ? kasan_atomics_helper+0x1079/0x5450 [ 18.357096] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.357150] ? kasan_atomics_helper+0x1079/0x5450 [ 18.357197] kasan_report+0x141/0x180 [ 18.357252] ? kasan_atomics_helper+0x1079/0x5450 [ 18.357312] kasan_check_range+0x10c/0x1c0 [ 18.357380] __kasan_check_write+0x18/0x20 [ 18.357432] kasan_atomics_helper+0x1079/0x5450 [ 18.357494] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.357554] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.357669] ? kasan_atomics+0x152/0x310 [ 18.357728] kasan_atomics+0x1dc/0x310 [ 18.357771] ? __pfx_kasan_atomics+0x10/0x10 [ 18.357820] ? __pfx_read_tsc+0x10/0x10 [ 18.357871] ? ktime_get_ts64+0x86/0x230 [ 18.357939] kunit_try_run_case+0x1a5/0x480 [ 18.358003] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.358058] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.358116] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.358176] ? __kthread_parkme+0x82/0x180 [ 18.358233] ? preempt_count_sub+0x50/0x80 [ 18.358296] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.358375] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.358441] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.358504] kthread+0x337/0x6f0 [ 18.358549] ? trace_preempt_on+0x20/0xc0 [ 18.358605] ? __pfx_kthread+0x10/0x10 [ 18.358633] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.358660] ? calculate_sigpending+0x7b/0xa0 [ 18.358685] ? __pfx_kthread+0x10/0x10 [ 18.358707] ret_from_fork+0x41/0x80 [ 18.358733] ? __pfx_kthread+0x10/0x10 [ 18.358755] ret_from_fork_asm+0x1a/0x30 [ 18.358792] </TASK> [ 18.358807] [ 18.369796] Allocated by task 286: [ 18.370172] kasan_save_stack+0x45/0x70 [ 18.370601] kasan_save_track+0x18/0x40 [ 18.370929] kasan_save_alloc_info+0x3b/0x50 [ 18.371218] __kasan_kmalloc+0xb7/0xc0 [ 18.371515] __kmalloc_cache_noprof+0x189/0x420 [ 18.371734] kasan_atomics+0x95/0x310 [ 18.371920] kunit_try_run_case+0x1a5/0x480 [ 18.372204] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.372670] kthread+0x337/0x6f0 [ 18.372970] ret_from_fork+0x41/0x80 [ 18.373413] ret_from_fork_asm+0x1a/0x30 [ 18.373771] [ 18.373973] The buggy address belongs to the object at ffff888102b21f80 [ 18.373973] which belongs to the cache kmalloc-64 of size 64 [ 18.374508] The buggy address is located 0 bytes to the right of [ 18.374508] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 18.374941] [ 18.375065] The buggy address belongs to the physical page: [ 18.375294] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 18.375971] flags: 0x200000000000000(node=0|zone=2) [ 18.376474] page_type: f5(slab) [ 18.376837] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.377600] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.378196] page dumped because: kasan: bad access detected [ 18.378616] [ 18.378767] Memory state around the buggy address: [ 18.378986] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.379257] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.379818] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.380358] ^ [ 18.380753] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.381043] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.381310] ================================================================== [ 18.847436] ================================================================== [ 18.848025] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 18.848463] Write of size 8 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 18.849117] [ 18.849413] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 18.849527] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.849559] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.849610] Call Trace: [ 18.849658] <TASK> [ 18.849709] dump_stack_lvl+0x73/0xb0 [ 18.849773] print_report+0xd1/0x650 [ 18.849868] ? __virt_addr_valid+0x1db/0x2d0 [ 18.849974] ? kasan_atomics_helper+0x177f/0x5450 [ 18.850020] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.850118] ? kasan_atomics_helper+0x177f/0x5450 [ 18.850170] kasan_report+0x141/0x180 [ 18.850214] ? kasan_atomics_helper+0x177f/0x5450 [ 18.850264] kasan_check_range+0x10c/0x1c0 [ 18.850307] __kasan_check_write+0x18/0x20 [ 18.850363] kasan_atomics_helper+0x177f/0x5450 [ 18.850408] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.850455] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.850506] ? kasan_atomics+0x152/0x310 [ 18.850589] kasan_atomics+0x1dc/0x310 [ 18.850651] ? __pfx_kasan_atomics+0x10/0x10 [ 18.850704] ? __pfx_read_tsc+0x10/0x10 [ 18.850754] ? ktime_get_ts64+0x86/0x230 [ 18.850819] kunit_try_run_case+0x1a5/0x480 [ 18.850880] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.850928] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.850960] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.850990] ? __kthread_parkme+0x82/0x180 [ 18.851017] ? preempt_count_sub+0x50/0x80 [ 18.851047] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.851115] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.851171] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.851253] kthread+0x337/0x6f0 [ 18.851384] ? trace_preempt_on+0x20/0xc0 [ 18.851457] ? __pfx_kthread+0x10/0x10 [ 18.851506] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.851561] ? calculate_sigpending+0x7b/0xa0 [ 18.851609] ? __pfx_kthread+0x10/0x10 [ 18.851643] ret_from_fork+0x41/0x80 [ 18.851670] ? __pfx_kthread+0x10/0x10 [ 18.851693] ret_from_fork_asm+0x1a/0x30 [ 18.851732] </TASK> [ 18.851747] [ 18.863520] Allocated by task 286: [ 18.863826] kasan_save_stack+0x45/0x70 [ 18.864272] kasan_save_track+0x18/0x40 [ 18.864760] kasan_save_alloc_info+0x3b/0x50 [ 18.865040] __kasan_kmalloc+0xb7/0xc0 [ 18.866325] __kmalloc_cache_noprof+0x189/0x420 [ 18.866781] kasan_atomics+0x95/0x310 [ 18.867004] kunit_try_run_case+0x1a5/0x480 [ 18.867252] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.867538] kthread+0x337/0x6f0 [ 18.867734] ret_from_fork+0x41/0x80 [ 18.867940] ret_from_fork_asm+0x1a/0x30 [ 18.868398] [ 18.868663] The buggy address belongs to the object at ffff888102b21f80 [ 18.868663] which belongs to the cache kmalloc-64 of size 64 [ 18.869023] The buggy address is located 0 bytes to the right of [ 18.869023] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 18.870676] [ 18.870820] The buggy address belongs to the physical page: [ 18.871104] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 18.872179] flags: 0x200000000000000(node=0|zone=2) [ 18.872641] page_type: f5(slab) [ 18.872975] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.873464] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.873955] page dumped because: kasan: bad access detected [ 18.874362] [ 18.874556] Memory state around the buggy address: [ 18.874891] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.875354] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.875793] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.876275] ^ [ 18.876622] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.877109] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.877548] ================================================================== [ 17.783135] ================================================================== [ 17.783620] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 17.784430] Write of size 4 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 17.784853] [ 17.785109] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 17.785226] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.785258] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.785355] Call Trace: [ 17.785405] <TASK> [ 17.785482] dump_stack_lvl+0x73/0xb0 [ 17.785574] print_report+0xd1/0x650 [ 17.785637] ? __virt_addr_valid+0x1db/0x2d0 [ 17.785692] ? kasan_atomics_helper+0x565/0x5450 [ 17.785746] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.785840] ? kasan_atomics_helper+0x565/0x5450 [ 17.785937] kasan_report+0x141/0x180 [ 17.786013] ? kasan_atomics_helper+0x565/0x5450 [ 17.786095] kasan_check_range+0x10c/0x1c0 [ 17.786146] __kasan_check_write+0x18/0x20 [ 17.786196] kasan_atomics_helper+0x565/0x5450 [ 17.786253] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.786312] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.786382] ? kasan_atomics+0x152/0x310 [ 17.786453] kasan_atomics+0x1dc/0x310 [ 17.786499] ? __pfx_kasan_atomics+0x10/0x10 [ 17.786560] ? __pfx_read_tsc+0x10/0x10 [ 17.786609] ? ktime_get_ts64+0x86/0x230 [ 17.786690] kunit_try_run_case+0x1a5/0x480 [ 17.786752] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.786780] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.786812] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.786840] ? __kthread_parkme+0x82/0x180 [ 17.786867] ? preempt_count_sub+0x50/0x80 [ 17.786897] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.786925] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.786953] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.786982] kthread+0x337/0x6f0 [ 17.787002] ? trace_preempt_on+0x20/0xc0 [ 17.787030] ? __pfx_kthread+0x10/0x10 [ 17.787052] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.787100] ? calculate_sigpending+0x7b/0xa0 [ 17.787127] ? __pfx_kthread+0x10/0x10 [ 17.787149] ret_from_fork+0x41/0x80 [ 17.787173] ? __pfx_kthread+0x10/0x10 [ 17.787194] ret_from_fork_asm+0x1a/0x30 [ 17.787231] </TASK> [ 17.787246] [ 17.797918] Allocated by task 286: [ 17.798695] kasan_save_stack+0x45/0x70 [ 17.799799] kasan_save_track+0x18/0x40 [ 17.800258] kasan_save_alloc_info+0x3b/0x50 [ 17.800695] __kasan_kmalloc+0xb7/0xc0 [ 17.801039] __kmalloc_cache_noprof+0x189/0x420 [ 17.801525] kasan_atomics+0x95/0x310 [ 17.801754] kunit_try_run_case+0x1a5/0x480 [ 17.801975] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.802635] kthread+0x337/0x6f0 [ 17.802964] ret_from_fork+0x41/0x80 [ 17.803379] ret_from_fork_asm+0x1a/0x30 [ 17.803783] [ 17.803993] The buggy address belongs to the object at ffff888102b21f80 [ 17.803993] which belongs to the cache kmalloc-64 of size 64 [ 17.804511] The buggy address is located 0 bytes to the right of [ 17.804511] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 17.805365] [ 17.805642] The buggy address belongs to the physical page: [ 17.806163] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 17.806668] flags: 0x200000000000000(node=0|zone=2) [ 17.806903] page_type: f5(slab) [ 17.807266] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.807914] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.808452] page dumped because: kasan: bad access detected [ 17.808948] [ 17.809142] Memory state around the buggy address: [ 17.809413] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.809997] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.810806] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.811362] ^ [ 17.811669] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.812131] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.812749] ================================================================== [ 17.965103] ================================================================== [ 17.965753] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 17.966542] Write of size 4 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 17.967063] [ 17.967282] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 17.967397] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.967430] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.967478] Call Trace: [ 17.967526] <TASK> [ 17.967570] dump_stack_lvl+0x73/0xb0 [ 17.967634] print_report+0xd1/0x650 [ 17.967690] ? __virt_addr_valid+0x1db/0x2d0 [ 17.967748] ? kasan_atomics_helper+0x8f9/0x5450 [ 17.967806] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.967866] ? kasan_atomics_helper+0x8f9/0x5450 [ 17.967923] kasan_report+0x141/0x180 [ 17.967980] ? kasan_atomics_helper+0x8f9/0x5450 [ 17.968047] kasan_check_range+0x10c/0x1c0 [ 17.968107] __kasan_check_write+0x18/0x20 [ 17.968154] kasan_atomics_helper+0x8f9/0x5450 [ 17.968212] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.968269] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.968326] ? kasan_atomics+0x152/0x310 [ 17.968404] kasan_atomics+0x1dc/0x310 [ 17.968456] ? __pfx_kasan_atomics+0x10/0x10 [ 17.968512] ? __pfx_read_tsc+0x10/0x10 [ 17.968566] ? ktime_get_ts64+0x86/0x230 [ 17.968625] kunit_try_run_case+0x1a5/0x480 [ 17.968688] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.968744] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.968806] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.968859] ? __kthread_parkme+0x82/0x180 [ 17.968916] ? preempt_count_sub+0x50/0x80 [ 17.968981] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.969050] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.969112] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.969176] kthread+0x337/0x6f0 [ 17.969225] ? trace_preempt_on+0x20/0xc0 [ 17.969284] ? __pfx_kthread+0x10/0x10 [ 17.969348] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.969409] ? calculate_sigpending+0x7b/0xa0 [ 17.969470] ? __pfx_kthread+0x10/0x10 [ 17.969520] ret_from_fork+0x41/0x80 [ 17.969570] ? __pfx_kthread+0x10/0x10 [ 17.969611] ret_from_fork_asm+0x1a/0x30 [ 17.969671] </TASK> [ 17.969696] [ 17.979667] Allocated by task 286: [ 17.979878] kasan_save_stack+0x45/0x70 [ 17.980107] kasan_save_track+0x18/0x40 [ 17.980466] kasan_save_alloc_info+0x3b/0x50 [ 17.980814] __kasan_kmalloc+0xb7/0xc0 [ 17.981156] __kmalloc_cache_noprof+0x189/0x420 [ 17.981588] kasan_atomics+0x95/0x310 [ 17.981838] kunit_try_run_case+0x1a5/0x480 [ 17.982100] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.982386] kthread+0x337/0x6f0 [ 17.982573] ret_from_fork+0x41/0x80 [ 17.982766] ret_from_fork_asm+0x1a/0x30 [ 17.982962] [ 17.983083] The buggy address belongs to the object at ffff888102b21f80 [ 17.983083] which belongs to the cache kmalloc-64 of size 64 [ 17.984309] The buggy address is located 0 bytes to the right of [ 17.984309] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 17.985278] [ 17.985432] The buggy address belongs to the physical page: [ 17.985674] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 17.985982] flags: 0x200000000000000(node=0|zone=2) [ 17.986528] page_type: f5(slab) [ 17.986814] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.987441] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.987979] page dumped because: kasan: bad access detected [ 17.988418] [ 17.988537] Memory state around the buggy address: [ 17.988757] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.989039] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.989600] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.990301] ^ [ 17.990706] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.991108] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.991466] ================================================================== [ 19.156984] ================================================================== [ 19.158025] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 19.158587] Write of size 8 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 19.159458] [ 19.159631] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 19.159735] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.159766] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.159799] Call Trace: [ 19.159832] <TASK> [ 19.159863] dump_stack_lvl+0x73/0xb0 [ 19.159902] print_report+0xd1/0x650 [ 19.159931] ? __virt_addr_valid+0x1db/0x2d0 [ 19.159960] ? kasan_atomics_helper+0x1d7a/0x5450 [ 19.159987] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.160014] ? kasan_atomics_helper+0x1d7a/0x5450 [ 19.160042] kasan_report+0x141/0x180 [ 19.160371] ? kasan_atomics_helper+0x1d7a/0x5450 [ 19.160481] kasan_check_range+0x10c/0x1c0 [ 19.160534] __kasan_check_write+0x18/0x20 [ 19.160585] kasan_atomics_helper+0x1d7a/0x5450 [ 19.160674] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 19.160732] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.160782] ? kasan_atomics+0x152/0x310 [ 19.160835] kasan_atomics+0x1dc/0x310 [ 19.160885] ? __pfx_kasan_atomics+0x10/0x10 [ 19.160935] ? __pfx_read_tsc+0x10/0x10 [ 19.160979] ? ktime_get_ts64+0x86/0x230 [ 19.161055] kunit_try_run_case+0x1a5/0x480 [ 19.161123] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.161153] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.161186] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.161214] ? __kthread_parkme+0x82/0x180 [ 19.161243] ? preempt_count_sub+0x50/0x80 [ 19.161307] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.161359] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.161391] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.161422] kthread+0x337/0x6f0 [ 19.161444] ? trace_preempt_on+0x20/0xc0 [ 19.161472] ? __pfx_kthread+0x10/0x10 [ 19.161496] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.161522] ? calculate_sigpending+0x7b/0xa0 [ 19.161550] ? __pfx_kthread+0x10/0x10 [ 19.161573] ret_from_fork+0x41/0x80 [ 19.161599] ? __pfx_kthread+0x10/0x10 [ 19.161622] ret_from_fork_asm+0x1a/0x30 [ 19.161660] </TASK> [ 19.161676] [ 19.175577] Allocated by task 286: [ 19.175982] kasan_save_stack+0x45/0x70 [ 19.176434] kasan_save_track+0x18/0x40 [ 19.176846] kasan_save_alloc_info+0x3b/0x50 [ 19.177287] __kasan_kmalloc+0xb7/0xc0 [ 19.177679] __kmalloc_cache_noprof+0x189/0x420 [ 19.178105] kasan_atomics+0x95/0x310 [ 19.178365] kunit_try_run_case+0x1a5/0x480 [ 19.178898] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.179146] kthread+0x337/0x6f0 [ 19.179581] ret_from_fork+0x41/0x80 [ 19.179916] ret_from_fork_asm+0x1a/0x30 [ 19.180385] [ 19.180584] The buggy address belongs to the object at ffff888102b21f80 [ 19.180584] which belongs to the cache kmalloc-64 of size 64 [ 19.181562] The buggy address is located 0 bytes to the right of [ 19.181562] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 19.182432] [ 19.182582] The buggy address belongs to the physical page: [ 19.182825] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 19.183731] flags: 0x200000000000000(node=0|zone=2) [ 19.184022] page_type: f5(slab) [ 19.184468] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 19.185053] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.185520] page dumped because: kasan: bad access detected [ 19.186068] [ 19.186280] Memory state around the buggy address: [ 19.186854] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.187659] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.188010] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.188846] ^ [ 19.189165] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.189651] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.190372] ================================================================== [ 18.259487] ================================================================== [ 18.259857] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 18.260876] Write of size 4 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 18.261595] [ 18.261839] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 18.262033] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.262081] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.262130] Call Trace: [ 18.262180] <TASK> [ 18.262228] dump_stack_lvl+0x73/0xb0 [ 18.262303] print_report+0xd1/0x650 [ 18.262375] ? __virt_addr_valid+0x1db/0x2d0 [ 18.262431] ? kasan_atomics_helper+0xf10/0x5450 [ 18.262513] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.262591] ? kasan_atomics_helper+0xf10/0x5450 [ 18.262647] kasan_report+0x141/0x180 [ 18.262694] ? kasan_atomics_helper+0xf10/0x5450 [ 18.262757] kasan_check_range+0x10c/0x1c0 [ 18.262842] __kasan_check_write+0x18/0x20 [ 18.262909] kasan_atomics_helper+0xf10/0x5450 [ 18.262969] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.263031] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.263094] ? kasan_atomics+0x152/0x310 [ 18.263145] kasan_atomics+0x1dc/0x310 [ 18.263194] ? __pfx_kasan_atomics+0x10/0x10 [ 18.263273] ? __pfx_read_tsc+0x10/0x10 [ 18.263347] ? ktime_get_ts64+0x86/0x230 [ 18.263413] kunit_try_run_case+0x1a5/0x480 [ 18.263475] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.263528] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.263589] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.263649] ? __kthread_parkme+0x82/0x180 [ 18.263705] ? preempt_count_sub+0x50/0x80 [ 18.263768] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.263827] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.263887] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.263949] kthread+0x337/0x6f0 [ 18.263980] ? trace_preempt_on+0x20/0xc0 [ 18.264017] ? __pfx_kthread+0x10/0x10 [ 18.264041] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.264073] ? calculate_sigpending+0x7b/0xa0 [ 18.264107] ? __pfx_kthread+0x10/0x10 [ 18.264129] ret_from_fork+0x41/0x80 [ 18.264154] ? __pfx_kthread+0x10/0x10 [ 18.264176] ret_from_fork_asm+0x1a/0x30 [ 18.264213] </TASK> [ 18.264228] [ 18.276769] Allocated by task 286: [ 18.277161] kasan_save_stack+0x45/0x70 [ 18.277639] kasan_save_track+0x18/0x40 [ 18.277974] kasan_save_alloc_info+0x3b/0x50 [ 18.278281] __kasan_kmalloc+0xb7/0xc0 [ 18.278672] __kmalloc_cache_noprof+0x189/0x420 [ 18.278981] kasan_atomics+0x95/0x310 [ 18.279401] kunit_try_run_case+0x1a5/0x480 [ 18.279732] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.280198] kthread+0x337/0x6f0 [ 18.280516] ret_from_fork+0x41/0x80 [ 18.280854] ret_from_fork_asm+0x1a/0x30 [ 18.281261] [ 18.281543] The buggy address belongs to the object at ffff888102b21f80 [ 18.281543] which belongs to the cache kmalloc-64 of size 64 [ 18.282412] The buggy address is located 0 bytes to the right of [ 18.282412] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 18.283261] [ 18.283513] The buggy address belongs to the physical page: [ 18.283850] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 18.284382] flags: 0x200000000000000(node=0|zone=2) [ 18.284842] page_type: f5(slab) [ 18.285263] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.285818] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.286353] page dumped because: kasan: bad access detected [ 18.286795] [ 18.287018] Memory state around the buggy address: [ 18.287445] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.287968] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.288637] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.289234] ^ [ 18.289678] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.290178] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.290857] ================================================================== [ 18.659453] ================================================================== [ 18.659867] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 18.660377] Write of size 8 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 18.661038] [ 18.661330] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 18.661477] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.661512] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.661561] Call Trace: [ 18.661612] <TASK> [ 18.661659] dump_stack_lvl+0x73/0xb0 [ 18.661727] print_report+0xd1/0x650 [ 18.661849] ? __virt_addr_valid+0x1db/0x2d0 [ 18.661896] ? kasan_atomics_helper+0x1467/0x5450 [ 18.661940] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.661988] ? kasan_atomics_helper+0x1467/0x5450 [ 18.662037] kasan_report+0x141/0x180 [ 18.662112] ? kasan_atomics_helper+0x1467/0x5450 [ 18.662177] kasan_check_range+0x10c/0x1c0 [ 18.662256] __kasan_check_write+0x18/0x20 [ 18.662306] kasan_atomics_helper+0x1467/0x5450 [ 18.662374] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.662425] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.662472] ? kasan_atomics+0x152/0x310 [ 18.662522] kasan_atomics+0x1dc/0x310 [ 18.662563] ? __pfx_kasan_atomics+0x10/0x10 [ 18.662608] ? __pfx_read_tsc+0x10/0x10 [ 18.662650] ? ktime_get_ts64+0x86/0x230 [ 18.662706] kunit_try_run_case+0x1a5/0x480 [ 18.662756] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.662800] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.662852] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.662903] ? __kthread_parkme+0x82/0x180 [ 18.662948] ? preempt_count_sub+0x50/0x80 [ 18.663004] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.663056] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.663104] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.663151] kthread+0x337/0x6f0 [ 18.663185] ? trace_preempt_on+0x20/0xc0 [ 18.663239] ? __pfx_kthread+0x10/0x10 [ 18.663289] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.663358] ? calculate_sigpending+0x7b/0xa0 [ 18.663412] ? __pfx_kthread+0x10/0x10 [ 18.663455] ret_from_fork+0x41/0x80 [ 18.664194] ? __pfx_kthread+0x10/0x10 [ 18.664250] ret_from_fork_asm+0x1a/0x30 [ 18.664319] </TASK> [ 18.664364] [ 18.674228] Allocated by task 286: [ 18.674465] kasan_save_stack+0x45/0x70 [ 18.674703] kasan_save_track+0x18/0x40 [ 18.674897] kasan_save_alloc_info+0x3b/0x50 [ 18.675217] __kasan_kmalloc+0xb7/0xc0 [ 18.675565] __kmalloc_cache_noprof+0x189/0x420 [ 18.675965] kasan_atomics+0x95/0x310 [ 18.676365] kunit_try_run_case+0x1a5/0x480 [ 18.676764] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.676993] kthread+0x337/0x6f0 [ 18.677205] ret_from_fork+0x41/0x80 [ 18.677401] ret_from_fork_asm+0x1a/0x30 [ 18.677589] [ 18.677698] The buggy address belongs to the object at ffff888102b21f80 [ 18.677698] which belongs to the cache kmalloc-64 of size 64 [ 18.678117] The buggy address is located 0 bytes to the right of [ 18.678117] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 18.678564] [ 18.678706] The buggy address belongs to the physical page: [ 18.678942] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 18.679493] flags: 0x200000000000000(node=0|zone=2) [ 18.679961] page_type: f5(slab) [ 18.680362] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.680893] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.681443] page dumped because: kasan: bad access detected [ 18.681937] [ 18.682194] Memory state around the buggy address: [ 18.682414] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.682781] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.683094] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.683375] ^ [ 18.683565] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.683818] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.684091] ================================================================== [ 19.319495] ================================================================== [ 19.320164] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 19.320721] Write of size 8 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 19.321033] [ 19.321268] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 19.321440] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.321473] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.321524] Call Trace: [ 19.321574] <TASK> [ 19.321624] dump_stack_lvl+0x73/0xb0 [ 19.321695] print_report+0xd1/0x650 [ 19.321756] ? __virt_addr_valid+0x1db/0x2d0 [ 19.321815] ? kasan_atomics_helper+0x2006/0x5450 [ 19.321872] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.321931] ? kasan_atomics_helper+0x2006/0x5450 [ 19.321989] kasan_report+0x141/0x180 [ 19.322045] ? kasan_atomics_helper+0x2006/0x5450 [ 19.322112] kasan_check_range+0x10c/0x1c0 [ 19.322167] __kasan_check_write+0x18/0x20 [ 19.322221] kasan_atomics_helper+0x2006/0x5450 [ 19.322282] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 19.322354] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.322404] ? kasan_atomics+0x152/0x310 [ 19.322456] kasan_atomics+0x1dc/0x310 [ 19.322493] ? __pfx_kasan_atomics+0x10/0x10 [ 19.322535] ? __pfx_read_tsc+0x10/0x10 [ 19.322580] ? ktime_get_ts64+0x86/0x230 [ 19.322638] kunit_try_run_case+0x1a5/0x480 [ 19.322728] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.322799] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.322861] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.322940] ? __kthread_parkme+0x82/0x180 [ 19.323006] ? preempt_count_sub+0x50/0x80 [ 19.323095] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.323152] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.323210] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.323269] kthread+0x337/0x6f0 [ 19.323312] ? trace_preempt_on+0x20/0xc0 [ 19.323390] ? __pfx_kthread+0x10/0x10 [ 19.323440] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.323496] ? calculate_sigpending+0x7b/0xa0 [ 19.323545] ? __pfx_kthread+0x10/0x10 [ 19.323594] ret_from_fork+0x41/0x80 [ 19.323647] ? __pfx_kthread+0x10/0x10 [ 19.323695] ret_from_fork_asm+0x1a/0x30 [ 19.323770] </TASK> [ 19.323798] [ 19.337710] Allocated by task 286: [ 19.338081] kasan_save_stack+0x45/0x70 [ 19.338547] kasan_save_track+0x18/0x40 [ 19.338861] kasan_save_alloc_info+0x3b/0x50 [ 19.339103] __kasan_kmalloc+0xb7/0xc0 [ 19.339538] __kmalloc_cache_noprof+0x189/0x420 [ 19.340617] kasan_atomics+0x95/0x310 [ 19.340967] kunit_try_run_case+0x1a5/0x480 [ 19.341498] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.341846] kthread+0x337/0x6f0 [ 19.342069] ret_from_fork+0x41/0x80 [ 19.342316] ret_from_fork_asm+0x1a/0x30 [ 19.342547] [ 19.342700] The buggy address belongs to the object at ffff888102b21f80 [ 19.342700] which belongs to the cache kmalloc-64 of size 64 [ 19.343298] The buggy address is located 0 bytes to the right of [ 19.343298] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 19.343818] [ 19.343948] The buggy address belongs to the physical page: [ 19.344179] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 19.344818] flags: 0x200000000000000(node=0|zone=2) [ 19.345267] page_type: f5(slab) [ 19.345714] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 19.346300] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.346909] page dumped because: kasan: bad access detected [ 19.347283] [ 19.347424] Memory state around the buggy address: [ 19.347643] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.347910] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.348445] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.349213] ^ [ 19.350055] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.350912] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.351510] ================================================================== [ 19.380876] ================================================================== [ 19.382024] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 19.382473] Write of size 8 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 19.382969] [ 19.383214] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 19.383311] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.383355] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.383419] Call Trace: [ 19.383481] <TASK> [ 19.383531] dump_stack_lvl+0x73/0xb0 [ 19.383621] print_report+0xd1/0x650 [ 19.383690] ? __virt_addr_valid+0x1db/0x2d0 [ 19.383757] ? kasan_atomics_helper+0x20c8/0x5450 [ 19.383813] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.383879] ? kasan_atomics_helper+0x20c8/0x5450 [ 19.383943] kasan_report+0x141/0x180 [ 19.383994] ? kasan_atomics_helper+0x20c8/0x5450 [ 19.384053] kasan_check_range+0x10c/0x1c0 [ 19.384109] __kasan_check_write+0x18/0x20 [ 19.384156] kasan_atomics_helper+0x20c8/0x5450 [ 19.384214] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 19.384270] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.384325] ? kasan_atomics+0x152/0x310 [ 19.384405] kasan_atomics+0x1dc/0x310 [ 19.384459] ? __pfx_kasan_atomics+0x10/0x10 [ 19.384517] ? __pfx_read_tsc+0x10/0x10 [ 19.384569] ? ktime_get_ts64+0x86/0x230 [ 19.384634] kunit_try_run_case+0x1a5/0x480 [ 19.384695] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.384752] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.384813] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.384874] ? __kthread_parkme+0x82/0x180 [ 19.384930] ? preempt_count_sub+0x50/0x80 [ 19.384993] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.385068] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.385121] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.385174] kthread+0x337/0x6f0 [ 19.385210] ? trace_preempt_on+0x20/0xc0 [ 19.385259] ? __pfx_kthread+0x10/0x10 [ 19.385302] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.385392] ? calculate_sigpending+0x7b/0xa0 [ 19.385450] ? __pfx_kthread+0x10/0x10 [ 19.385508] ret_from_fork+0x41/0x80 [ 19.385569] ? __pfx_kthread+0x10/0x10 [ 19.385619] ret_from_fork_asm+0x1a/0x30 [ 19.385701] </TASK> [ 19.385729] [ 19.396621] Allocated by task 286: [ 19.396927] kasan_save_stack+0x45/0x70 [ 19.397391] kasan_save_track+0x18/0x40 [ 19.397742] kasan_save_alloc_info+0x3b/0x50 [ 19.398048] __kasan_kmalloc+0xb7/0xc0 [ 19.398293] __kmalloc_cache_noprof+0x189/0x420 [ 19.398720] kasan_atomics+0x95/0x310 [ 19.398966] kunit_try_run_case+0x1a5/0x480 [ 19.399424] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.399694] kthread+0x337/0x6f0 [ 19.399883] ret_from_fork+0x41/0x80 [ 19.400077] ret_from_fork_asm+0x1a/0x30 [ 19.400565] [ 19.400742] The buggy address belongs to the object at ffff888102b21f80 [ 19.400742] which belongs to the cache kmalloc-64 of size 64 [ 19.401746] The buggy address is located 0 bytes to the right of [ 19.401746] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 19.402272] [ 19.402437] The buggy address belongs to the physical page: [ 19.402707] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 19.403060] flags: 0x200000000000000(node=0|zone=2) [ 19.403320] page_type: f5(slab) [ 19.403646] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 19.404237] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.405038] page dumped because: kasan: bad access detected [ 19.405657] [ 19.405844] Memory state around the buggy address: [ 19.406227] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.406521] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.406798] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.407053] ^ [ 19.407466] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.408024] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.408511] ================================================================== [ 19.000731] ================================================================== [ 19.001097] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 19.001686] Write of size 8 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 19.003009] [ 19.003210] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 19.003298] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.003326] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.003394] Call Trace: [ 19.003441] <TASK> [ 19.003632] dump_stack_lvl+0x73/0xb0 [ 19.003682] print_report+0xd1/0x650 [ 19.003714] ? __virt_addr_valid+0x1db/0x2d0 [ 19.003743] ? kasan_atomics_helper+0x1a7f/0x5450 [ 19.003769] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.003797] ? kasan_atomics_helper+0x1a7f/0x5450 [ 19.003824] kasan_report+0x141/0x180 [ 19.003850] ? kasan_atomics_helper+0x1a7f/0x5450 [ 19.003881] kasan_check_range+0x10c/0x1c0 [ 19.003906] __kasan_check_write+0x18/0x20 [ 19.003930] kasan_atomics_helper+0x1a7f/0x5450 [ 19.003958] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 19.003985] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.004012] ? kasan_atomics+0x152/0x310 [ 19.004039] kasan_atomics+0x1dc/0x310 [ 19.004062] ? __pfx_kasan_atomics+0x10/0x10 [ 19.004100] ? __pfx_read_tsc+0x10/0x10 [ 19.004125] ? ktime_get_ts64+0x86/0x230 [ 19.004155] kunit_try_run_case+0x1a5/0x480 [ 19.004185] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.004211] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.004240] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.004269] ? __kthread_parkme+0x82/0x180 [ 19.004295] ? preempt_count_sub+0x50/0x80 [ 19.004325] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.004374] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.004404] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.004433] kthread+0x337/0x6f0 [ 19.004454] ? trace_preempt_on+0x20/0xc0 [ 19.004481] ? __pfx_kthread+0x10/0x10 [ 19.004503] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.004530] ? calculate_sigpending+0x7b/0xa0 [ 19.004555] ? __pfx_kthread+0x10/0x10 [ 19.004578] ret_from_fork+0x41/0x80 [ 19.004602] ? __pfx_kthread+0x10/0x10 [ 19.004623] ret_from_fork_asm+0x1a/0x30 [ 19.004658] </TASK> [ 19.004672] [ 19.017331] Allocated by task 286: [ 19.017726] kasan_save_stack+0x45/0x70 [ 19.018183] kasan_save_track+0x18/0x40 [ 19.018522] kasan_save_alloc_info+0x3b/0x50 [ 19.018913] __kasan_kmalloc+0xb7/0xc0 [ 19.019177] __kmalloc_cache_noprof+0x189/0x420 [ 19.019605] kasan_atomics+0x95/0x310 [ 19.019937] kunit_try_run_case+0x1a5/0x480 [ 19.020349] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.020772] kthread+0x337/0x6f0 [ 19.021134] ret_from_fork+0x41/0x80 [ 19.021452] ret_from_fork_asm+0x1a/0x30 [ 19.021807] [ 19.021938] The buggy address belongs to the object at ffff888102b21f80 [ 19.021938] which belongs to the cache kmalloc-64 of size 64 [ 19.022412] The buggy address is located 0 bytes to the right of [ 19.022412] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 19.023407] [ 19.023601] The buggy address belongs to the physical page: [ 19.024038] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 19.024616] flags: 0x200000000000000(node=0|zone=2) [ 19.024901] page_type: f5(slab) [ 19.025281] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 19.025885] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.026361] page dumped because: kasan: bad access detected [ 19.026743] [ 19.026948] Memory state around the buggy address: [ 19.027246] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.027732] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.028225] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.028732] ^ [ 19.028954] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.029281] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.029862] ================================================================== [ 19.353400] ================================================================== [ 19.353795] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 19.354802] Read of size 8 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 19.355169] [ 19.355465] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 19.355594] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.355625] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.355690] Call Trace: [ 19.355737] <TASK> [ 19.355782] dump_stack_lvl+0x73/0xb0 [ 19.355851] print_report+0xd1/0x650 [ 19.355909] ? __virt_addr_valid+0x1db/0x2d0 [ 19.355967] ? kasan_atomics_helper+0x4f98/0x5450 [ 19.356019] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.356093] ? kasan_atomics_helper+0x4f98/0x5450 [ 19.356147] kasan_report+0x141/0x180 [ 19.356206] ? kasan_atomics_helper+0x4f98/0x5450 [ 19.356284] __asan_report_load8_noabort+0x18/0x20 [ 19.356349] kasan_atomics_helper+0x4f98/0x5450 [ 19.356408] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 19.356464] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.356523] ? kasan_atomics+0x152/0x310 [ 19.356574] kasan_atomics+0x1dc/0x310 [ 19.356607] ? __pfx_kasan_atomics+0x10/0x10 [ 19.356642] ? __pfx_read_tsc+0x10/0x10 [ 19.356673] ? ktime_get_ts64+0x86/0x230 [ 19.356712] kunit_try_run_case+0x1a5/0x480 [ 19.356743] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.356768] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.356799] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.356827] ? __kthread_parkme+0x82/0x180 [ 19.356854] ? preempt_count_sub+0x50/0x80 [ 19.356896] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.356941] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.356971] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.357000] kthread+0x337/0x6f0 [ 19.357034] ? trace_preempt_on+0x20/0xc0 [ 19.357069] ? __pfx_kthread+0x10/0x10 [ 19.357101] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.357129] ? calculate_sigpending+0x7b/0xa0 [ 19.357156] ? __pfx_kthread+0x10/0x10 [ 19.357179] ret_from_fork+0x41/0x80 [ 19.357204] ? __pfx_kthread+0x10/0x10 [ 19.357227] ret_from_fork_asm+0x1a/0x30 [ 19.357265] </TASK> [ 19.357282] [ 19.367417] Allocated by task 286: [ 19.367775] kasan_save_stack+0x45/0x70 [ 19.368134] kasan_save_track+0x18/0x40 [ 19.368547] kasan_save_alloc_info+0x3b/0x50 [ 19.368901] __kasan_kmalloc+0xb7/0xc0 [ 19.369215] __kmalloc_cache_noprof+0x189/0x420 [ 19.369555] kasan_atomics+0x95/0x310 [ 19.369904] kunit_try_run_case+0x1a5/0x480 [ 19.370136] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.370594] kthread+0x337/0x6f0 [ 19.370852] ret_from_fork+0x41/0x80 [ 19.371194] ret_from_fork_asm+0x1a/0x30 [ 19.371562] [ 19.371710] The buggy address belongs to the object at ffff888102b21f80 [ 19.371710] which belongs to the cache kmalloc-64 of size 64 [ 19.372428] The buggy address is located 0 bytes to the right of [ 19.372428] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 19.373145] [ 19.373386] The buggy address belongs to the physical page: [ 19.373725] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 19.374076] flags: 0x200000000000000(node=0|zone=2) [ 19.374362] page_type: f5(slab) [ 19.374588] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 19.374923] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.375235] page dumped because: kasan: bad access detected [ 19.375784] [ 19.375966] Memory state around the buggy address: [ 19.376382] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.376936] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.377620] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.378196] ^ [ 19.378623] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.379173] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.379717] ================================================================== [ 17.512967] ================================================================== [ 17.514506] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 17.514956] Read of size 4 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 17.515224] [ 17.516048] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 17.516133] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.516149] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.516176] Call Trace: [ 17.516194] <TASK> [ 17.516228] dump_stack_lvl+0x73/0xb0 [ 17.516282] print_report+0xd1/0x650 [ 17.516313] ? __virt_addr_valid+0x1db/0x2d0 [ 17.516363] ? kasan_atomics_helper+0x4bbc/0x5450 [ 17.516394] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.516420] ? kasan_atomics_helper+0x4bbc/0x5450 [ 17.516445] kasan_report+0x141/0x180 [ 17.516470] ? kasan_atomics_helper+0x4bbc/0x5450 [ 17.516499] __asan_report_load4_noabort+0x18/0x20 [ 17.516525] kasan_atomics_helper+0x4bbc/0x5450 [ 17.516552] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.516578] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.516605] ? kasan_atomics+0x152/0x310 [ 17.516632] kasan_atomics+0x1dc/0x310 [ 17.516653] ? __pfx_kasan_atomics+0x10/0x10 [ 17.516677] ? __pfx_read_tsc+0x10/0x10 [ 17.516701] ? ktime_get_ts64+0x86/0x230 [ 17.516732] kunit_try_run_case+0x1a5/0x480 [ 17.516762] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.516786] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.516814] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.516841] ? __kthread_parkme+0x82/0x180 [ 17.516867] ? preempt_count_sub+0x50/0x80 [ 17.516896] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.516922] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.516949] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.516976] kthread+0x337/0x6f0 [ 17.516996] ? trace_preempt_on+0x20/0xc0 [ 17.517039] ? __pfx_kthread+0x10/0x10 [ 17.517065] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.517106] ? calculate_sigpending+0x7b/0xa0 [ 17.517149] ? __pfx_kthread+0x10/0x10 [ 17.517189] ret_from_fork+0x41/0x80 [ 17.517231] ? __pfx_kthread+0x10/0x10 [ 17.517272] ret_from_fork_asm+0x1a/0x30 [ 17.517346] </TASK> [ 17.517368] [ 17.531961] Allocated by task 286: [ 17.532406] kasan_save_stack+0x45/0x70 [ 17.532983] kasan_save_track+0x18/0x40 [ 17.533448] kasan_save_alloc_info+0x3b/0x50 [ 17.533901] __kasan_kmalloc+0xb7/0xc0 [ 17.534391] __kmalloc_cache_noprof+0x189/0x420 [ 17.534915] kasan_atomics+0x95/0x310 [ 17.535259] kunit_try_run_case+0x1a5/0x480 [ 17.535589] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.535786] kthread+0x337/0x6f0 [ 17.535932] ret_from_fork+0x41/0x80 [ 17.536324] ret_from_fork_asm+0x1a/0x30 [ 17.536734] [ 17.536912] The buggy address belongs to the object at ffff888102b21f80 [ 17.536912] which belongs to the cache kmalloc-64 of size 64 [ 17.538073] The buggy address is located 0 bytes to the right of [ 17.538073] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 17.538946] [ 17.539247] The buggy address belongs to the physical page: [ 17.539792] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 17.540980] flags: 0x200000000000000(node=0|zone=2) [ 17.541594] page_type: f5(slab) [ 17.541770] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.542581] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.543794] page dumped because: kasan: bad access detected [ 17.544095] [ 17.544414] Memory state around the buggy address: [ 17.544649] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.544998] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.546028] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.546970] ^ [ 17.547447] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.547758] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.548059] ================================================================== [ 17.877393] ================================================================== [ 17.877883] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 17.878262] Write of size 4 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 17.878976] [ 17.879815] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 17.879947] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.879997] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.880048] Call Trace: [ 17.880129] <TASK> [ 17.880179] dump_stack_lvl+0x73/0xb0 [ 17.880249] print_report+0xd1/0x650 [ 17.880304] ? __virt_addr_valid+0x1db/0x2d0 [ 17.880384] ? kasan_atomics_helper+0x72f/0x5450 [ 17.880455] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.880513] ? kasan_atomics_helper+0x72f/0x5450 [ 17.880567] kasan_report+0x141/0x180 [ 17.880619] ? kasan_atomics_helper+0x72f/0x5450 [ 17.880678] kasan_check_range+0x10c/0x1c0 [ 17.880740] __kasan_check_write+0x18/0x20 [ 17.880810] kasan_atomics_helper+0x72f/0x5450 [ 17.880853] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.880882] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.880909] ? kasan_atomics+0x152/0x310 [ 17.880937] kasan_atomics+0x1dc/0x310 [ 17.880961] ? __pfx_kasan_atomics+0x10/0x10 [ 17.880986] ? __pfx_read_tsc+0x10/0x10 [ 17.881020] ? ktime_get_ts64+0x86/0x230 [ 17.881059] kunit_try_run_case+0x1a5/0x480 [ 17.881112] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.881141] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.881172] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.881201] ? __kthread_parkme+0x82/0x180 [ 17.881229] ? preempt_count_sub+0x50/0x80 [ 17.881291] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.881324] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.881375] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.881405] kthread+0x337/0x6f0 [ 17.881427] ? trace_preempt_on+0x20/0xc0 [ 17.881456] ? __pfx_kthread+0x10/0x10 [ 17.881479] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.881507] ? calculate_sigpending+0x7b/0xa0 [ 17.881534] ? __pfx_kthread+0x10/0x10 [ 17.881557] ret_from_fork+0x41/0x80 [ 17.881583] ? __pfx_kthread+0x10/0x10 [ 17.881605] ret_from_fork_asm+0x1a/0x30 [ 17.881643] </TASK> [ 17.881658] [ 17.891828] Allocated by task 286: [ 17.892036] kasan_save_stack+0x45/0x70 [ 17.892430] kasan_save_track+0x18/0x40 [ 17.892789] kasan_save_alloc_info+0x3b/0x50 [ 17.893310] __kasan_kmalloc+0xb7/0xc0 [ 17.893675] __kmalloc_cache_noprof+0x189/0x420 [ 17.894089] kasan_atomics+0x95/0x310 [ 17.894423] kunit_try_run_case+0x1a5/0x480 [ 17.894764] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.895234] kthread+0x337/0x6f0 [ 17.895470] ret_from_fork+0x41/0x80 [ 17.895673] ret_from_fork_asm+0x1a/0x30 [ 17.895917] [ 17.896046] The buggy address belongs to the object at ffff888102b21f80 [ 17.896046] which belongs to the cache kmalloc-64 of size 64 [ 17.896634] The buggy address is located 0 bytes to the right of [ 17.896634] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 17.897075] [ 17.897205] The buggy address belongs to the physical page: [ 17.897457] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 17.897765] flags: 0x200000000000000(node=0|zone=2) [ 17.898057] page_type: f5(slab) [ 17.898400] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.898997] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.899666] page dumped because: kasan: bad access detected [ 17.900107] [ 17.900291] Memory state around the buggy address: [ 17.900710] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.900991] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.901812] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.902262] ^ [ 17.902623] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.903005] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.903235] ================================================================== [ 18.382989] ================================================================== [ 18.383806] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 18.384589] Read of size 4 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 18.384876] [ 18.385050] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 18.385157] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.385185] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.385234] Call Trace: [ 18.385281] <TASK> [ 18.385331] dump_stack_lvl+0x73/0xb0 [ 18.385416] print_report+0xd1/0x650 [ 18.385471] ? __virt_addr_valid+0x1db/0x2d0 [ 18.385530] ? kasan_atomics_helper+0x4a1c/0x5450 [ 18.385585] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.385643] ? kasan_atomics_helper+0x4a1c/0x5450 [ 18.385691] kasan_report+0x141/0x180 [ 18.385748] ? kasan_atomics_helper+0x4a1c/0x5450 [ 18.385816] __asan_report_load4_noabort+0x18/0x20 [ 18.385871] kasan_atomics_helper+0x4a1c/0x5450 [ 18.385946] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.386027] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.386075] ? kasan_atomics+0x152/0x310 [ 18.386126] kasan_atomics+0x1dc/0x310 [ 18.386172] ? __pfx_kasan_atomics+0x10/0x10 [ 18.386243] ? __pfx_read_tsc+0x10/0x10 [ 18.386292] ? ktime_get_ts64+0x86/0x230 [ 18.386379] kunit_try_run_case+0x1a5/0x480 [ 18.386437] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.386485] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.386544] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.386604] ? __kthread_parkme+0x82/0x180 [ 18.386655] ? preempt_count_sub+0x50/0x80 [ 18.386708] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.386757] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.386814] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.386872] kthread+0x337/0x6f0 [ 18.386915] ? trace_preempt_on+0x20/0xc0 [ 18.386972] ? __pfx_kthread+0x10/0x10 [ 18.387021] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.387075] ? calculate_sigpending+0x7b/0xa0 [ 18.387124] ? __pfx_kthread+0x10/0x10 [ 18.387173] ret_from_fork+0x41/0x80 [ 18.387222] ? __pfx_kthread+0x10/0x10 [ 18.387272] ret_from_fork_asm+0x1a/0x30 [ 18.387367] </TASK> [ 18.387399] [ 18.398049] Allocated by task 286: [ 18.398414] kasan_save_stack+0x45/0x70 [ 18.398827] kasan_save_track+0x18/0x40 [ 18.399109] kasan_save_alloc_info+0x3b/0x50 [ 18.399386] __kasan_kmalloc+0xb7/0xc0 [ 18.399584] __kmalloc_cache_noprof+0x189/0x420 [ 18.399976] kasan_atomics+0x95/0x310 [ 18.400465] kunit_try_run_case+0x1a5/0x480 [ 18.400841] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.401086] kthread+0x337/0x6f0 [ 18.401274] ret_from_fork+0x41/0x80 [ 18.401584] ret_from_fork_asm+0x1a/0x30 [ 18.401966] [ 18.402173] The buggy address belongs to the object at ffff888102b21f80 [ 18.402173] which belongs to the cache kmalloc-64 of size 64 [ 18.402961] The buggy address is located 0 bytes to the right of [ 18.402961] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 18.403915] [ 18.404041] The buggy address belongs to the physical page: [ 18.404510] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 18.404990] flags: 0x200000000000000(node=0|zone=2) [ 18.405234] page_type: f5(slab) [ 18.405625] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.406220] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.406661] page dumped because: kasan: bad access detected [ 18.406887] [ 18.407000] Memory state around the buggy address: [ 18.407214] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.407805] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.408480] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.409043] ^ [ 18.409417] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.409693] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.409961] ================================================================== [ 18.411759] ================================================================== [ 18.412548] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 18.413195] Write of size 4 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 18.413696] [ 18.413916] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 18.414031] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.414064] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.414108] Call Trace: [ 18.414153] <TASK> [ 18.414200] dump_stack_lvl+0x73/0xb0 [ 18.414269] print_report+0xd1/0x650 [ 18.414320] ? __virt_addr_valid+0x1db/0x2d0 [ 18.414413] ? kasan_atomics_helper+0x1148/0x5450 [ 18.414463] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.414512] ? kasan_atomics_helper+0x1148/0x5450 [ 18.414556] kasan_report+0x141/0x180 [ 18.414606] ? kasan_atomics_helper+0x1148/0x5450 [ 18.414669] kasan_check_range+0x10c/0x1c0 [ 18.414721] __kasan_check_write+0x18/0x20 [ 18.414768] kasan_atomics_helper+0x1148/0x5450 [ 18.414828] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.414883] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.414932] ? kasan_atomics+0x152/0x310 [ 18.414990] kasan_atomics+0x1dc/0x310 [ 18.415039] ? __pfx_kasan_atomics+0x10/0x10 [ 18.415102] ? __pfx_read_tsc+0x10/0x10 [ 18.415146] ? ktime_get_ts64+0x86/0x230 [ 18.415207] kunit_try_run_case+0x1a5/0x480 [ 18.415266] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.415321] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.415463] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.415520] ? __kthread_parkme+0x82/0x180 [ 18.415576] ? preempt_count_sub+0x50/0x80 [ 18.415639] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.415696] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.415758] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.415819] kthread+0x337/0x6f0 [ 18.415866] ? trace_preempt_on+0x20/0xc0 [ 18.415922] ? __pfx_kthread+0x10/0x10 [ 18.415971] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.416025] ? calculate_sigpending+0x7b/0xa0 [ 18.416240] ? __pfx_kthread+0x10/0x10 [ 18.416302] ret_from_fork+0x41/0x80 [ 18.416367] ? __pfx_kthread+0x10/0x10 [ 18.416418] ret_from_fork_asm+0x1a/0x30 [ 18.416495] </TASK> [ 18.416526] [ 18.428688] Allocated by task 286: [ 18.428903] kasan_save_stack+0x45/0x70 [ 18.429141] kasan_save_track+0x18/0x40 [ 18.429387] kasan_save_alloc_info+0x3b/0x50 [ 18.429624] __kasan_kmalloc+0xb7/0xc0 [ 18.430305] __kmalloc_cache_noprof+0x189/0x420 [ 18.430746] kasan_atomics+0x95/0x310 [ 18.431048] kunit_try_run_case+0x1a5/0x480 [ 18.431427] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.431885] kthread+0x337/0x6f0 [ 18.432444] ret_from_fork+0x41/0x80 [ 18.432943] ret_from_fork_asm+0x1a/0x30 [ 18.433237] [ 18.433454] The buggy address belongs to the object at ffff888102b21f80 [ 18.433454] which belongs to the cache kmalloc-64 of size 64 [ 18.434323] The buggy address is located 0 bytes to the right of [ 18.434323] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 18.435792] [ 18.435964] The buggy address belongs to the physical page: [ 18.436651] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 18.436963] flags: 0x200000000000000(node=0|zone=2) [ 18.437226] page_type: f5(slab) [ 18.437427] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.437711] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.437964] page dumped because: kasan: bad access detected [ 18.438526] [ 18.438662] Memory state around the buggy address: [ 18.438885] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.439924] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.440713] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.440991] ^ [ 18.441284] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.441611] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.441861] ================================================================== [ 18.443860] ================================================================== [ 18.444758] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 18.445096] Read of size 4 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 18.445785] [ 18.446045] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 18.446481] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.446512] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.446560] Call Trace: [ 18.446605] <TASK> [ 18.446649] dump_stack_lvl+0x73/0xb0 [ 18.446712] print_report+0xd1/0x650 [ 18.446760] ? __virt_addr_valid+0x1db/0x2d0 [ 18.446808] ? kasan_atomics_helper+0x4a02/0x5450 [ 18.446856] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.446905] ? kasan_atomics_helper+0x4a02/0x5450 [ 18.446955] kasan_report+0x141/0x180 [ 18.447005] ? kasan_atomics_helper+0x4a02/0x5450 [ 18.447077] __asan_report_load4_noabort+0x18/0x20 [ 18.447121] kasan_atomics_helper+0x4a02/0x5450 [ 18.447166] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.447216] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.447266] ? kasan_atomics+0x152/0x310 [ 18.447324] kasan_atomics+0x1dc/0x310 [ 18.448107] ? __pfx_kasan_atomics+0x10/0x10 [ 18.448193] ? __pfx_read_tsc+0x10/0x10 [ 18.448237] ? ktime_get_ts64+0x86/0x230 [ 18.448293] kunit_try_run_case+0x1a5/0x480 [ 18.448362] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.448410] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.448464] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.448517] ? __kthread_parkme+0x82/0x180 [ 18.448563] ? preempt_count_sub+0x50/0x80 [ 18.448619] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.448670] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.448722] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.448772] kthread+0x337/0x6f0 [ 18.448808] ? trace_preempt_on+0x20/0xc0 [ 18.448859] ? __pfx_kthread+0x10/0x10 [ 18.448900] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.448949] ? calculate_sigpending+0x7b/0xa0 [ 18.449000] ? __pfx_kthread+0x10/0x10 [ 18.449056] ret_from_fork+0x41/0x80 [ 18.449137] ? __pfx_kthread+0x10/0x10 [ 18.449182] ret_from_fork_asm+0x1a/0x30 [ 18.449253] </TASK> [ 18.449281] [ 18.462892] Allocated by task 286: [ 18.463856] kasan_save_stack+0x45/0x70 [ 18.464506] kasan_save_track+0x18/0x40 [ 18.464833] kasan_save_alloc_info+0x3b/0x50 [ 18.465247] __kasan_kmalloc+0xb7/0xc0 [ 18.465671] __kmalloc_cache_noprof+0x189/0x420 [ 18.465906] kasan_atomics+0x95/0x310 [ 18.466539] kunit_try_run_case+0x1a5/0x480 [ 18.466930] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.467572] kthread+0x337/0x6f0 [ 18.467925] ret_from_fork+0x41/0x80 [ 18.468240] ret_from_fork_asm+0x1a/0x30 [ 18.468623] [ 18.468866] The buggy address belongs to the object at ffff888102b21f80 [ 18.468866] which belongs to the cache kmalloc-64 of size 64 [ 18.469697] The buggy address is located 0 bytes to the right of [ 18.469697] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 18.470320] [ 18.470745] The buggy address belongs to the physical page: [ 18.471456] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 18.471929] flags: 0x200000000000000(node=0|zone=2) [ 18.472575] page_type: f5(slab) [ 18.472857] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.473720] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.474312] page dumped because: kasan: bad access detected [ 18.474552] [ 18.474749] Memory state around the buggy address: [ 18.475069] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.475442] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.476030] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.476407] ^ [ 18.476655] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.476989] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.478026] ================================================================== [ 19.537923] ================================================================== [ 19.538305] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 19.538866] Read of size 8 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 19.539263] [ 19.540021] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 19.540180] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.540213] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.540258] Call Trace: [ 19.540306] <TASK> [ 19.540365] dump_stack_lvl+0x73/0xb0 [ 19.540565] print_report+0xd1/0x650 [ 19.540612] ? __virt_addr_valid+0x1db/0x2d0 [ 19.540660] ? kasan_atomics_helper+0x5115/0x5450 [ 19.540714] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.540983] ? kasan_atomics_helper+0x5115/0x5450 [ 19.541031] kasan_report+0x141/0x180 [ 19.541101] ? kasan_atomics_helper+0x5115/0x5450 [ 19.541138] __asan_report_load8_noabort+0x18/0x20 [ 19.541166] kasan_atomics_helper+0x5115/0x5450 [ 19.541194] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 19.541223] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.541251] ? kasan_atomics+0x152/0x310 [ 19.541279] kasan_atomics+0x1dc/0x310 [ 19.541314] ? __pfx_kasan_atomics+0x10/0x10 [ 19.541368] ? __pfx_read_tsc+0x10/0x10 [ 19.541396] ? ktime_get_ts64+0x86/0x230 [ 19.541429] kunit_try_run_case+0x1a5/0x480 [ 19.541460] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.541487] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.541518] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.541547] ? __kthread_parkme+0x82/0x180 [ 19.541574] ? preempt_count_sub+0x50/0x80 [ 19.541605] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.541634] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.541664] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.541693] kthread+0x337/0x6f0 [ 19.541714] ? trace_preempt_on+0x20/0xc0 [ 19.541743] ? __pfx_kthread+0x10/0x10 [ 19.541767] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.541794] ? calculate_sigpending+0x7b/0xa0 [ 19.541820] ? __pfx_kthread+0x10/0x10 [ 19.541843] ret_from_fork+0x41/0x80 [ 19.541867] ? __pfx_kthread+0x10/0x10 [ 19.541888] ret_from_fork_asm+0x1a/0x30 [ 19.541925] </TASK> [ 19.541940] [ 19.555493] Allocated by task 286: [ 19.555767] kasan_save_stack+0x45/0x70 [ 19.556382] kasan_save_track+0x18/0x40 [ 19.556735] kasan_save_alloc_info+0x3b/0x50 [ 19.557176] __kasan_kmalloc+0xb7/0xc0 [ 19.557583] __kmalloc_cache_noprof+0x189/0x420 [ 19.558007] kasan_atomics+0x95/0x310 [ 19.558400] kunit_try_run_case+0x1a5/0x480 [ 19.558743] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.559036] kthread+0x337/0x6f0 [ 19.559746] ret_from_fork+0x41/0x80 [ 19.559994] ret_from_fork_asm+0x1a/0x30 [ 19.560174] [ 19.560562] The buggy address belongs to the object at ffff888102b21f80 [ 19.560562] which belongs to the cache kmalloc-64 of size 64 [ 19.561359] The buggy address is located 0 bytes to the right of [ 19.561359] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 19.562110] [ 19.562313] The buggy address belongs to the physical page: [ 19.562625] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 19.563041] flags: 0x200000000000000(node=0|zone=2) [ 19.563773] page_type: f5(slab) [ 19.563935] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 19.564133] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.564417] page dumped because: kasan: bad access detected [ 19.564850] [ 19.565046] Memory state around the buggy address: [ 19.565952] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.566266] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.566845] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.567157] ^ [ 19.567571] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.567883] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.568920] ================================================================== [ 17.906245] ================================================================== [ 17.906607] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 17.906902] Write of size 4 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 17.907167] [ 17.907321] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 17.907733] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.907783] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.907835] Call Trace: [ 17.907886] <TASK> [ 17.907932] dump_stack_lvl+0x73/0xb0 [ 17.907998] print_report+0xd1/0x650 [ 17.908047] ? __virt_addr_valid+0x1db/0x2d0 [ 17.908115] ? kasan_atomics_helper+0x7c7/0x5450 [ 17.908159] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.908211] ? kasan_atomics_helper+0x7c7/0x5450 [ 17.908260] kasan_report+0x141/0x180 [ 17.908302] ? kasan_atomics_helper+0x7c7/0x5450 [ 17.908468] kasan_check_range+0x10c/0x1c0 [ 17.908939] __kasan_check_write+0x18/0x20 [ 17.909006] kasan_atomics_helper+0x7c7/0x5450 [ 17.909071] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.909117] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.909175] ? kasan_atomics+0x152/0x310 [ 17.909227] kasan_atomics+0x1dc/0x310 [ 17.910064] ? __pfx_kasan_atomics+0x10/0x10 [ 17.910157] ? __pfx_read_tsc+0x10/0x10 [ 17.910210] ? ktime_get_ts64+0x86/0x230 [ 17.910277] kunit_try_run_case+0x1a5/0x480 [ 17.910357] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.910415] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.910477] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.910534] ? __kthread_parkme+0x82/0x180 [ 17.910588] ? preempt_count_sub+0x50/0x80 [ 17.910648] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.912707] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.912821] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.912876] kthread+0x337/0x6f0 [ 17.912917] ? trace_preempt_on+0x20/0xc0 [ 17.912967] ? __pfx_kthread+0x10/0x10 [ 17.913007] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.913069] ? calculate_sigpending+0x7b/0xa0 [ 17.913120] ? __pfx_kthread+0x10/0x10 [ 17.913164] ret_from_fork+0x41/0x80 [ 17.913209] ? __pfx_kthread+0x10/0x10 [ 17.913249] ret_from_fork_asm+0x1a/0x30 [ 17.913318] </TASK> [ 17.913364] [ 17.925490] Allocated by task 286: [ 17.925740] kasan_save_stack+0x45/0x70 [ 17.926071] kasan_save_track+0x18/0x40 [ 17.926432] kasan_save_alloc_info+0x3b/0x50 [ 17.926776] __kasan_kmalloc+0xb7/0xc0 [ 17.927104] __kmalloc_cache_noprof+0x189/0x420 [ 17.927504] kasan_atomics+0x95/0x310 [ 17.927836] kunit_try_run_case+0x1a5/0x480 [ 17.928225] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.928546] kthread+0x337/0x6f0 [ 17.928779] ret_from_fork+0x41/0x80 [ 17.929069] ret_from_fork_asm+0x1a/0x30 [ 17.929381] [ 17.929514] The buggy address belongs to the object at ffff888102b21f80 [ 17.929514] which belongs to the cache kmalloc-64 of size 64 [ 17.930154] The buggy address is located 0 bytes to the right of [ 17.930154] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 17.930685] [ 17.930820] The buggy address belongs to the physical page: [ 17.931054] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 17.931652] flags: 0x200000000000000(node=0|zone=2) [ 17.932038] page_type: f5(slab) [ 17.932367] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.932708] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.933110] page dumped because: kasan: bad access detected [ 17.933557] [ 17.933744] Memory state around the buggy address: [ 17.934053] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.934460] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.934742] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.935228] ^ [ 17.935527] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.935985] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.936461] ================================================================== [ 18.934515] ================================================================== [ 18.935195] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 18.935459] Write of size 8 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 18.935996] [ 18.936228] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 18.936354] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.936386] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.936437] Call Trace: [ 18.936487] <TASK> [ 18.936537] dump_stack_lvl+0x73/0xb0 [ 18.936603] print_report+0xd1/0x650 [ 18.936662] ? __virt_addr_valid+0x1db/0x2d0 [ 18.936719] ? kasan_atomics_helper+0x194a/0x5450 [ 18.936773] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.936838] ? kasan_atomics_helper+0x194a/0x5450 [ 18.936895] kasan_report+0x141/0x180 [ 18.936953] ? kasan_atomics_helper+0x194a/0x5450 [ 18.937029] kasan_check_range+0x10c/0x1c0 [ 18.937082] __kasan_check_write+0x18/0x20 [ 18.937136] kasan_atomics_helper+0x194a/0x5450 [ 18.937196] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.937258] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.937318] ? kasan_atomics+0x152/0x310 [ 18.937388] kasan_atomics+0x1dc/0x310 [ 18.937435] ? __pfx_kasan_atomics+0x10/0x10 [ 18.937487] ? __pfx_read_tsc+0x10/0x10 [ 18.937538] ? ktime_get_ts64+0x86/0x230 [ 18.937603] kunit_try_run_case+0x1a5/0x480 [ 18.937666] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.937724] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.937786] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.937847] ? __kthread_parkme+0x82/0x180 [ 18.937933] ? preempt_count_sub+0x50/0x80 [ 18.938035] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.938117] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.938198] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.938276] kthread+0x337/0x6f0 [ 18.938319] ? trace_preempt_on+0x20/0xc0 [ 18.938405] ? __pfx_kthread+0x10/0x10 [ 18.938455] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.938512] ? calculate_sigpending+0x7b/0xa0 [ 18.938567] ? __pfx_kthread+0x10/0x10 [ 18.938613] ret_from_fork+0x41/0x80 [ 18.938654] ? __pfx_kthread+0x10/0x10 [ 18.938700] ret_from_fork_asm+0x1a/0x30 [ 18.938777] </TASK> [ 18.938810] [ 18.949591] Allocated by task 286: [ 18.949867] kasan_save_stack+0x45/0x70 [ 18.950118] kasan_save_track+0x18/0x40 [ 18.950320] kasan_save_alloc_info+0x3b/0x50 [ 18.950554] __kasan_kmalloc+0xb7/0xc0 [ 18.950751] __kmalloc_cache_noprof+0x189/0x420 [ 18.950955] kasan_atomics+0x95/0x310 [ 18.951345] kunit_try_run_case+0x1a5/0x480 [ 18.951863] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.952492] kthread+0x337/0x6f0 [ 18.952849] ret_from_fork+0x41/0x80 [ 18.953256] ret_from_fork_asm+0x1a/0x30 [ 18.953637] [ 18.953832] The buggy address belongs to the object at ffff888102b21f80 [ 18.953832] which belongs to the cache kmalloc-64 of size 64 [ 18.954791] The buggy address is located 0 bytes to the right of [ 18.954791] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 18.955773] [ 18.955993] The buggy address belongs to the physical page: [ 18.956423] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 18.956927] flags: 0x200000000000000(node=0|zone=2) [ 18.957497] page_type: f5(slab) [ 18.957735] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.958312] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.960951] page dumped because: kasan: bad access detected [ 18.961650] [ 18.961804] Memory state around the buggy address: [ 18.962114] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.962530] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.962947] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.964648] ^ [ 18.964831] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.964979] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.965793] ================================================================== [ 17.690213] ================================================================== [ 17.690690] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 17.690948] Read of size 4 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 17.691154] [ 17.691275] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 17.691369] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.691392] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.691429] Call Trace: [ 17.691468] <TASK> [ 17.691508] dump_stack_lvl+0x73/0xb0 [ 17.691933] print_report+0xd1/0x650 [ 17.692048] ? __virt_addr_valid+0x1db/0x2d0 [ 17.692121] ? kasan_atomics_helper+0x4b54/0x5450 [ 17.692185] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.692314] ? kasan_atomics_helper+0x4b54/0x5450 [ 17.692398] kasan_report+0x141/0x180 [ 17.692466] ? kasan_atomics_helper+0x4b54/0x5450 [ 17.692540] __asan_report_load4_noabort+0x18/0x20 [ 17.692598] kasan_atomics_helper+0x4b54/0x5450 [ 17.692659] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.692719] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.692773] ? kasan_atomics+0x152/0x310 [ 17.692823] kasan_atomics+0x1dc/0x310 [ 17.692868] ? __pfx_kasan_atomics+0x10/0x10 [ 17.692961] ? __pfx_read_tsc+0x10/0x10 [ 17.693021] ? ktime_get_ts64+0x86/0x230 [ 17.693120] kunit_try_run_case+0x1a5/0x480 [ 17.693220] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.693279] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.693352] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.693406] ? __kthread_parkme+0x82/0x180 [ 17.693437] ? preempt_count_sub+0x50/0x80 [ 17.693469] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.693498] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.693530] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.693560] kthread+0x337/0x6f0 [ 17.693581] ? trace_preempt_on+0x20/0xc0 [ 17.693610] ? __pfx_kthread+0x10/0x10 [ 17.693632] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.693659] ? calculate_sigpending+0x7b/0xa0 [ 17.693686] ? __pfx_kthread+0x10/0x10 [ 17.693709] ret_from_fork+0x41/0x80 [ 17.693734] ? __pfx_kthread+0x10/0x10 [ 17.693756] ret_from_fork_asm+0x1a/0x30 [ 17.693793] </TASK> [ 17.693808] [ 17.705206] Allocated by task 286: [ 17.705495] kasan_save_stack+0x45/0x70 [ 17.705924] kasan_save_track+0x18/0x40 [ 17.706250] kasan_save_alloc_info+0x3b/0x50 [ 17.706622] __kasan_kmalloc+0xb7/0xc0 [ 17.706960] __kmalloc_cache_noprof+0x189/0x420 [ 17.707406] kasan_atomics+0x95/0x310 [ 17.707751] kunit_try_run_case+0x1a5/0x480 [ 17.708093] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.708657] kthread+0x337/0x6f0 [ 17.708907] ret_from_fork+0x41/0x80 [ 17.709125] ret_from_fork_asm+0x1a/0x30 [ 17.709423] [ 17.709621] The buggy address belongs to the object at ffff888102b21f80 [ 17.709621] which belongs to the cache kmalloc-64 of size 64 [ 17.710602] The buggy address is located 0 bytes to the right of [ 17.710602] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 17.711677] [ 17.711867] The buggy address belongs to the physical page: [ 17.712144] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 17.712471] flags: 0x200000000000000(node=0|zone=2) [ 17.712700] page_type: f5(slab) [ 17.713121] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.713810] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.714517] page dumped because: kasan: bad access detected [ 17.714993] [ 17.715189] Memory state around the buggy address: [ 17.715522] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.715804] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.716113] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.716721] ^ [ 17.717257] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.717855] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.718444] ================================================================== [ 17.549689] ================================================================== [ 17.550128] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 17.550841] Write of size 4 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 17.551621] [ 17.551897] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 17.552013] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.552043] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.552119] Call Trace: [ 17.552150] <TASK> [ 17.552192] dump_stack_lvl+0x73/0xb0 [ 17.552647] print_report+0xd1/0x650 [ 17.552679] ? __virt_addr_valid+0x1db/0x2d0 [ 17.552709] ? kasan_atomics_helper+0x4ba2/0x5450 [ 17.552736] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.552763] ? kasan_atomics_helper+0x4ba2/0x5450 [ 17.552788] kasan_report+0x141/0x180 [ 17.552812] ? kasan_atomics_helper+0x4ba2/0x5450 [ 17.552842] __asan_report_store4_noabort+0x1b/0x30 [ 17.552867] kasan_atomics_helper+0x4ba2/0x5450 [ 17.552894] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.552920] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.552945] ? kasan_atomics+0x152/0x310 [ 17.552972] kasan_atomics+0x1dc/0x310 [ 17.552995] ? __pfx_kasan_atomics+0x10/0x10 [ 17.553034] ? __pfx_read_tsc+0x10/0x10 [ 17.553061] ? ktime_get_ts64+0x86/0x230 [ 17.553103] kunit_try_run_case+0x1a5/0x480 [ 17.553134] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.553161] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.553190] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.553238] ? __kthread_parkme+0x82/0x180 [ 17.553278] ? preempt_count_sub+0x50/0x80 [ 17.553327] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.553376] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.553405] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.553434] kthread+0x337/0x6f0 [ 17.553454] ? trace_preempt_on+0x20/0xc0 [ 17.553482] ? __pfx_kthread+0x10/0x10 [ 17.553504] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.553530] ? calculate_sigpending+0x7b/0xa0 [ 17.553556] ? __pfx_kthread+0x10/0x10 [ 17.553577] ret_from_fork+0x41/0x80 [ 17.553601] ? __pfx_kthread+0x10/0x10 [ 17.553623] ret_from_fork_asm+0x1a/0x30 [ 17.553660] </TASK> [ 17.553673] [ 17.570128] Allocated by task 286: [ 17.570444] kasan_save_stack+0x45/0x70 [ 17.570910] kasan_save_track+0x18/0x40 [ 17.571437] kasan_save_alloc_info+0x3b/0x50 [ 17.571911] __kasan_kmalloc+0xb7/0xc0 [ 17.572035] __kmalloc_cache_noprof+0x189/0x420 [ 17.572245] kasan_atomics+0x95/0x310 [ 17.572607] kunit_try_run_case+0x1a5/0x480 [ 17.572840] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.573132] kthread+0x337/0x6f0 [ 17.573478] ret_from_fork+0x41/0x80 [ 17.573826] ret_from_fork_asm+0x1a/0x30 [ 17.574051] [ 17.574172] The buggy address belongs to the object at ffff888102b21f80 [ 17.574172] which belongs to the cache kmalloc-64 of size 64 [ 17.574783] The buggy address is located 0 bytes to the right of [ 17.574783] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 17.576566] [ 17.576690] The buggy address belongs to the physical page: [ 17.577759] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 17.577944] flags: 0x200000000000000(node=0|zone=2) [ 17.578066] page_type: f5(slab) [ 17.578248] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.578829] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.579706] page dumped because: kasan: bad access detected [ 17.580177] [ 17.580429] Memory state around the buggy address: [ 17.580643] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.581132] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.581951] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.582801] ^ [ 17.583014] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.583308] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.583558] ================================================================== [ 19.097570] ================================================================== [ 19.097931] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 19.099049] Read of size 8 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 19.099422] [ 19.099556] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 19.099640] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.099661] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.099697] Call Trace: [ 19.099739] <TASK> [ 19.099778] dump_stack_lvl+0x73/0xb0 [ 19.099832] print_report+0xd1/0x650 [ 19.099872] ? __virt_addr_valid+0x1db/0x2d0 [ 19.099910] ? kasan_atomics_helper+0x4f30/0x5450 [ 19.099948] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.099986] ? kasan_atomics_helper+0x4f30/0x5450 [ 19.100024] kasan_report+0x141/0x180 [ 19.100063] ? kasan_atomics_helper+0x4f30/0x5450 [ 19.100111] __asan_report_load8_noabort+0x18/0x20 [ 19.100154] kasan_atomics_helper+0x4f30/0x5450 [ 19.100204] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 19.100256] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.100312] ? kasan_atomics+0x152/0x310 [ 19.100381] kasan_atomics+0x1dc/0x310 [ 19.100420] ? __pfx_kasan_atomics+0x10/0x10 [ 19.100464] ? __pfx_read_tsc+0x10/0x10 [ 19.100508] ? ktime_get_ts64+0x86/0x230 [ 19.100565] kunit_try_run_case+0x1a5/0x480 [ 19.100627] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.100683] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.100742] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.100793] ? __kthread_parkme+0x82/0x180 [ 19.100870] ? preempt_count_sub+0x50/0x80 [ 19.100936] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.100983] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.101035] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.101093] kthread+0x337/0x6f0 [ 19.101119] ? trace_preempt_on+0x20/0xc0 [ 19.101150] ? __pfx_kthread+0x10/0x10 [ 19.101172] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.101201] ? calculate_sigpending+0x7b/0xa0 [ 19.101228] ? __pfx_kthread+0x10/0x10 [ 19.101251] ret_from_fork+0x41/0x80 [ 19.101313] ? __pfx_kthread+0x10/0x10 [ 19.101358] ret_from_fork_asm+0x1a/0x30 [ 19.101398] </TASK> [ 19.101414] [ 19.112934] Allocated by task 286: [ 19.113256] kasan_save_stack+0x45/0x70 [ 19.113518] kasan_save_track+0x18/0x40 [ 19.113715] kasan_save_alloc_info+0x3b/0x50 [ 19.114059] __kasan_kmalloc+0xb7/0xc0 [ 19.114456] __kmalloc_cache_noprof+0x189/0x420 [ 19.114849] kasan_atomics+0x95/0x310 [ 19.115204] kunit_try_run_case+0x1a5/0x480 [ 19.115455] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.115778] kthread+0x337/0x6f0 [ 19.116094] ret_from_fork+0x41/0x80 [ 19.116381] ret_from_fork_asm+0x1a/0x30 [ 19.116681] [ 19.116824] The buggy address belongs to the object at ffff888102b21f80 [ 19.116824] which belongs to the cache kmalloc-64 of size 64 [ 19.117442] The buggy address is located 0 bytes to the right of [ 19.117442] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 19.118145] [ 19.118345] The buggy address belongs to the physical page: [ 19.118773] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 19.119398] flags: 0x200000000000000(node=0|zone=2) [ 19.119799] page_type: f5(slab) [ 19.120049] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 19.120481] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.120926] page dumped because: kasan: bad access detected [ 19.121192] [ 19.121302] Memory state around the buggy address: [ 19.121705] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.122289] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.122812] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.123131] ^ [ 19.123436] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.123948] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.124512] ================================================================== [ 19.256193] ================================================================== [ 19.256878] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 19.257535] Write of size 8 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 19.258130] [ 19.258356] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 19.258455] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.258481] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.258522] Call Trace: [ 19.258564] <TASK> [ 19.260308] dump_stack_lvl+0x73/0xb0 [ 19.260424] print_report+0xd1/0x650 [ 19.260481] ? __virt_addr_valid+0x1db/0x2d0 [ 19.260539] ? kasan_atomics_helper+0x1f43/0x5450 [ 19.260594] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.260653] ? kasan_atomics_helper+0x1f43/0x5450 [ 19.260711] kasan_report+0x141/0x180 [ 19.260766] ? kasan_atomics_helper+0x1f43/0x5450 [ 19.260830] kasan_check_range+0x10c/0x1c0 [ 19.260884] __kasan_check_write+0x18/0x20 [ 19.260936] kasan_atomics_helper+0x1f43/0x5450 [ 19.260996] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 19.261068] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.261128] ? kasan_atomics+0x152/0x310 [ 19.261191] kasan_atomics+0x1dc/0x310 [ 19.261243] ? __pfx_kasan_atomics+0x10/0x10 [ 19.261295] ? __pfx_read_tsc+0x10/0x10 [ 19.261360] ? ktime_get_ts64+0x86/0x230 [ 19.261427] kunit_try_run_case+0x1a5/0x480 [ 19.261492] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.261540] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.261592] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.261646] ? __kthread_parkme+0x82/0x180 [ 19.261697] ? preempt_count_sub+0x50/0x80 [ 19.261760] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.261813] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.261862] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.261950] kthread+0x337/0x6f0 [ 19.262020] ? trace_preempt_on+0x20/0xc0 [ 19.262093] ? __pfx_kthread+0x10/0x10 [ 19.262147] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.262207] ? calculate_sigpending+0x7b/0xa0 [ 19.262274] ? __pfx_kthread+0x10/0x10 [ 19.262301] ret_from_fork+0x41/0x80 [ 19.262328] ? __pfx_kthread+0x10/0x10 [ 19.262375] ret_from_fork_asm+0x1a/0x30 [ 19.262416] </TASK> [ 19.262431] [ 19.273306] Allocated by task 286: [ 19.273726] kasan_save_stack+0x45/0x70 [ 19.274184] kasan_save_track+0x18/0x40 [ 19.274575] kasan_save_alloc_info+0x3b/0x50 [ 19.275007] __kasan_kmalloc+0xb7/0xc0 [ 19.275519] __kmalloc_cache_noprof+0x189/0x420 [ 19.275993] kasan_atomics+0x95/0x310 [ 19.276307] kunit_try_run_case+0x1a5/0x480 [ 19.276886] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.277435] kthread+0x337/0x6f0 [ 19.277666] ret_from_fork+0x41/0x80 [ 19.277837] ret_from_fork_asm+0x1a/0x30 [ 19.278428] [ 19.278577] The buggy address belongs to the object at ffff888102b21f80 [ 19.278577] which belongs to the cache kmalloc-64 of size 64 [ 19.279643] The buggy address is located 0 bytes to the right of [ 19.279643] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 19.280577] [ 19.280967] The buggy address belongs to the physical page: [ 19.281208] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 19.282112] flags: 0x200000000000000(node=0|zone=2) [ 19.282615] page_type: f5(slab) [ 19.282834] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 19.283615] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.284000] page dumped because: kasan: bad access detected [ 19.284563] [ 19.284756] Memory state around the buggy address: [ 19.285510] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.285868] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.286374] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.287098] ^ [ 19.287677] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.288217] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.288550] ================================================================== [ 19.409819] ================================================================== [ 19.410552] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 19.411439] Read of size 8 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 19.411831] [ 19.412002] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 19.412107] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.412136] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.412179] Call Trace: [ 19.412227] <TASK> [ 19.412298] dump_stack_lvl+0x73/0xb0 [ 19.412400] print_report+0xd1/0x650 [ 19.412470] ? __virt_addr_valid+0x1db/0x2d0 [ 19.412541] ? kasan_atomics_helper+0x4fb2/0x5450 [ 19.412607] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.412678] ? kasan_atomics_helper+0x4fb2/0x5450 [ 19.412746] kasan_report+0x141/0x180 [ 19.412812] ? kasan_atomics_helper+0x4fb2/0x5450 [ 19.412889] __asan_report_load8_noabort+0x18/0x20 [ 19.412946] kasan_atomics_helper+0x4fb2/0x5450 [ 19.413019] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 19.413074] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.413124] ? kasan_atomics+0x152/0x310 [ 19.413173] kasan_atomics+0x1dc/0x310 [ 19.413214] ? __pfx_kasan_atomics+0x10/0x10 [ 19.413264] ? __pfx_read_tsc+0x10/0x10 [ 19.413313] ? ktime_get_ts64+0x86/0x230 [ 19.413412] kunit_try_run_case+0x1a5/0x480 [ 19.413470] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.413523] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.413583] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.413642] ? __kthread_parkme+0x82/0x180 [ 19.413701] ? preempt_count_sub+0x50/0x80 [ 19.413767] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.413828] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.413892] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.413955] kthread+0x337/0x6f0 [ 19.414000] ? trace_preempt_on+0x20/0xc0 [ 19.414060] ? __pfx_kthread+0x10/0x10 [ 19.414099] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.414168] ? calculate_sigpending+0x7b/0xa0 [ 19.414220] ? __pfx_kthread+0x10/0x10 [ 19.414279] ret_from_fork+0x41/0x80 [ 19.414329] ? __pfx_kthread+0x10/0x10 [ 19.414404] ret_from_fork_asm+0x1a/0x30 [ 19.414478] </TASK> [ 19.414519] [ 19.423203] Allocated by task 286: [ 19.423449] kasan_save_stack+0x45/0x70 [ 19.423835] kasan_save_track+0x18/0x40 [ 19.424118] kasan_save_alloc_info+0x3b/0x50 [ 19.424409] __kasan_kmalloc+0xb7/0xc0 [ 19.424639] __kmalloc_cache_noprof+0x189/0x420 [ 19.424895] kasan_atomics+0x95/0x310 [ 19.425098] kunit_try_run_case+0x1a5/0x480 [ 19.425608] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.426058] kthread+0x337/0x6f0 [ 19.426387] ret_from_fork+0x41/0x80 [ 19.426731] ret_from_fork_asm+0x1a/0x30 [ 19.427099] [ 19.427269] The buggy address belongs to the object at ffff888102b21f80 [ 19.427269] which belongs to the cache kmalloc-64 of size 64 [ 19.427825] The buggy address is located 0 bytes to the right of [ 19.427825] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 19.428621] [ 19.428855] The buggy address belongs to the physical page: [ 19.429418] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 19.429797] flags: 0x200000000000000(node=0|zone=2) [ 19.430040] page_type: f5(slab) [ 19.430485] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 19.431009] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.431575] page dumped because: kasan: bad access detected [ 19.431839] [ 19.431977] Memory state around the buggy address: [ 19.432217] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.432545] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.432864] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.434430] ^ [ 19.434834] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.435483] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.436033] ================================================================== [ 19.472858] ================================================================== [ 19.473709] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 19.474259] Read of size 8 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 19.474676] [ 19.474879] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 19.475173] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.475204] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.475243] Call Trace: [ 19.475284] <TASK> [ 19.475324] dump_stack_lvl+0x73/0xb0 [ 19.475400] print_report+0xd1/0x650 [ 19.475443] ? __virt_addr_valid+0x1db/0x2d0 [ 19.475481] ? kasan_atomics_helper+0x4fa5/0x5450 [ 19.475519] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.475562] ? kasan_atomics_helper+0x4fa5/0x5450 [ 19.475603] kasan_report+0x141/0x180 [ 19.475649] ? kasan_atomics_helper+0x4fa5/0x5450 [ 19.475917] __asan_report_load8_noabort+0x18/0x20 [ 19.476017] kasan_atomics_helper+0x4fa5/0x5450 [ 19.476110] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 19.476145] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.476188] ? kasan_atomics+0x152/0x310 [ 19.476219] kasan_atomics+0x1dc/0x310 [ 19.476244] ? __pfx_kasan_atomics+0x10/0x10 [ 19.476277] ? __pfx_read_tsc+0x10/0x10 [ 19.476300] ? ktime_get_ts64+0x86/0x230 [ 19.476360] kunit_try_run_case+0x1a5/0x480 [ 19.476415] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.476467] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.476509] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.476538] ? __kthread_parkme+0x82/0x180 [ 19.476565] ? preempt_count_sub+0x50/0x80 [ 19.476594] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.476622] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.476650] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.476679] kthread+0x337/0x6f0 [ 19.476699] ? trace_preempt_on+0x20/0xc0 [ 19.476726] ? __pfx_kthread+0x10/0x10 [ 19.476749] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.476776] ? calculate_sigpending+0x7b/0xa0 [ 19.476803] ? __pfx_kthread+0x10/0x10 [ 19.476825] ret_from_fork+0x41/0x80 [ 19.476849] ? __pfx_kthread+0x10/0x10 [ 19.476872] ret_from_fork_asm+0x1a/0x30 [ 19.476908] </TASK> [ 19.476923] [ 19.491147] Allocated by task 286: [ 19.491692] kasan_save_stack+0x45/0x70 [ 19.492118] kasan_save_track+0x18/0x40 [ 19.492489] kasan_save_alloc_info+0x3b/0x50 [ 19.492763] __kasan_kmalloc+0xb7/0xc0 [ 19.493085] __kmalloc_cache_noprof+0x189/0x420 [ 19.493882] kasan_atomics+0x95/0x310 [ 19.494065] kunit_try_run_case+0x1a5/0x480 [ 19.494439] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.495147] kthread+0x337/0x6f0 [ 19.495474] ret_from_fork+0x41/0x80 [ 19.495611] ret_from_fork_asm+0x1a/0x30 [ 19.495718] [ 19.495781] The buggy address belongs to the object at ffff888102b21f80 [ 19.495781] which belongs to the cache kmalloc-64 of size 64 [ 19.496001] The buggy address is located 0 bytes to the right of [ 19.496001] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 19.496559] [ 19.496754] The buggy address belongs to the physical page: [ 19.497050] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 19.497732] flags: 0x200000000000000(node=0|zone=2) [ 19.497977] page_type: f5(slab) [ 19.498281] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 19.498962] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.499560] page dumped because: kasan: bad access detected [ 19.499785] [ 19.499930] Memory state around the buggy address: [ 19.500349] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.500920] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.501498] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.502065] ^ [ 19.502520] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.503047] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.503492] ================================================================== [ 18.326624] ================================================================== [ 18.327019] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 18.327919] Read of size 4 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 18.328204] [ 18.328380] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 18.328509] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.328540] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.328586] Call Trace: [ 18.328633] <TASK> [ 18.328684] dump_stack_lvl+0x73/0xb0 [ 18.328754] print_report+0xd1/0x650 [ 18.328811] ? __virt_addr_valid+0x1db/0x2d0 [ 18.328860] ? kasan_atomics_helper+0x4a36/0x5450 [ 18.328911] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.328982] ? kasan_atomics_helper+0x4a36/0x5450 [ 18.329045] kasan_report+0x141/0x180 [ 18.329147] ? kasan_atomics_helper+0x4a36/0x5450 [ 18.329207] __asan_report_load4_noabort+0x18/0x20 [ 18.329258] kasan_atomics_helper+0x4a36/0x5450 [ 18.329316] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.329392] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.329433] ? kasan_atomics+0x152/0x310 [ 18.329463] kasan_atomics+0x1dc/0x310 [ 18.329489] ? __pfx_kasan_atomics+0x10/0x10 [ 18.329514] ? __pfx_read_tsc+0x10/0x10 [ 18.329539] ? ktime_get_ts64+0x86/0x230 [ 18.329572] kunit_try_run_case+0x1a5/0x480 [ 18.329604] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.329631] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.329662] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.329691] ? __kthread_parkme+0x82/0x180 [ 18.329718] ? preempt_count_sub+0x50/0x80 [ 18.329749] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.329778] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.329807] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.329836] kthread+0x337/0x6f0 [ 18.329859] ? trace_preempt_on+0x20/0xc0 [ 18.329887] ? __pfx_kthread+0x10/0x10 [ 18.329910] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.329937] ? calculate_sigpending+0x7b/0xa0 [ 18.329964] ? __pfx_kthread+0x10/0x10 [ 18.329986] ret_from_fork+0x41/0x80 [ 18.330011] ? __pfx_kthread+0x10/0x10 [ 18.330033] ret_from_fork_asm+0x1a/0x30 [ 18.330101] </TASK> [ 18.330120] [ 18.340150] Allocated by task 286: [ 18.340372] kasan_save_stack+0x45/0x70 [ 18.340593] kasan_save_track+0x18/0x40 [ 18.340787] kasan_save_alloc_info+0x3b/0x50 [ 18.341222] __kasan_kmalloc+0xb7/0xc0 [ 18.341594] __kmalloc_cache_noprof+0x189/0x420 [ 18.342003] kasan_atomics+0x95/0x310 [ 18.342453] kunit_try_run_case+0x1a5/0x480 [ 18.342835] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.343325] kthread+0x337/0x6f0 [ 18.343532] ret_from_fork+0x41/0x80 [ 18.343730] ret_from_fork_asm+0x1a/0x30 [ 18.343929] [ 18.344131] The buggy address belongs to the object at ffff888102b21f80 [ 18.344131] which belongs to the cache kmalloc-64 of size 64 [ 18.345066] The buggy address is located 0 bytes to the right of [ 18.345066] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 18.345605] [ 18.345736] The buggy address belongs to the physical page: [ 18.345967] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 18.346578] flags: 0x200000000000000(node=0|zone=2) [ 18.347041] page_type: f5(slab) [ 18.347479] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.348081] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.348666] page dumped because: kasan: bad access detected [ 18.349009] [ 18.349261] Memory state around the buggy address: [ 18.349640] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.349922] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.350198] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.350484] ^ [ 18.350885] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.351493] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.352064] ================================================================== [ 17.846650] ================================================================== [ 17.847083] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 17.847942] Write of size 4 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 17.848361] [ 17.848599] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 17.848703] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.848736] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.848786] Call Trace: [ 17.848834] <TASK> [ 17.848899] dump_stack_lvl+0x73/0xb0 [ 17.848955] print_report+0xd1/0x650 [ 17.848997] ? __virt_addr_valid+0x1db/0x2d0 [ 17.849040] ? kasan_atomics_helper+0x697/0x5450 [ 17.849074] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.849112] ? kasan_atomics_helper+0x697/0x5450 [ 17.849139] kasan_report+0x141/0x180 [ 17.849167] ? kasan_atomics_helper+0x697/0x5450 [ 17.849199] kasan_check_range+0x10c/0x1c0 [ 17.849224] __kasan_check_write+0x18/0x20 [ 17.849249] kasan_atomics_helper+0x697/0x5450 [ 17.849277] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.849305] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.849348] ? kasan_atomics+0x152/0x310 [ 17.849397] kasan_atomics+0x1dc/0x310 [ 17.849441] ? __pfx_kasan_atomics+0x10/0x10 [ 17.849490] ? __pfx_read_tsc+0x10/0x10 [ 17.849540] ? ktime_get_ts64+0x86/0x230 [ 17.849604] kunit_try_run_case+0x1a5/0x480 [ 17.849664] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.849721] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.849783] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.849828] ? __kthread_parkme+0x82/0x180 [ 17.849857] ? preempt_count_sub+0x50/0x80 [ 17.849888] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.849918] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.849947] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.849977] kthread+0x337/0x6f0 [ 17.849997] ? trace_preempt_on+0x20/0xc0 [ 17.850026] ? __pfx_kthread+0x10/0x10 [ 17.850050] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.850088] ? calculate_sigpending+0x7b/0xa0 [ 17.850117] ? __pfx_kthread+0x10/0x10 [ 17.850142] ret_from_fork+0x41/0x80 [ 17.850166] ? __pfx_kthread+0x10/0x10 [ 17.850189] ret_from_fork_asm+0x1a/0x30 [ 17.850226] </TASK> [ 17.850241] [ 17.863525] Allocated by task 286: [ 17.863859] kasan_save_stack+0x45/0x70 [ 17.864352] kasan_save_track+0x18/0x40 [ 17.864602] kasan_save_alloc_info+0x3b/0x50 [ 17.864839] __kasan_kmalloc+0xb7/0xc0 [ 17.865056] __kmalloc_cache_noprof+0x189/0x420 [ 17.865320] kasan_atomics+0x95/0x310 [ 17.865570] kunit_try_run_case+0x1a5/0x480 [ 17.865810] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.866419] kthread+0x337/0x6f0 [ 17.866607] ret_from_fork+0x41/0x80 [ 17.866781] ret_from_fork_asm+0x1a/0x30 [ 17.866972] [ 17.867104] The buggy address belongs to the object at ffff888102b21f80 [ 17.867104] which belongs to the cache kmalloc-64 of size 64 [ 17.867973] The buggy address is located 0 bytes to the right of [ 17.867973] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 17.868950] [ 17.869192] The buggy address belongs to the physical page: [ 17.869511] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 17.870107] flags: 0x200000000000000(node=0|zone=2) [ 17.870509] page_type: f5(slab) [ 17.870711] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.871165] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.871836] page dumped because: kasan: bad access detected [ 17.872332] [ 17.872499] Memory state around the buggy address: [ 17.872723] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.873362] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.873843] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.874158] ^ [ 17.874606] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.875199] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.875560] ================================================================== [ 18.967098] ================================================================== [ 18.968574] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 18.969128] Write of size 8 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 18.969645] [ 18.969911] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 18.970029] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.970097] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.970165] Call Trace: [ 18.970216] <TASK> [ 18.970270] dump_stack_lvl+0x73/0xb0 [ 18.970354] print_report+0xd1/0x650 [ 18.970417] ? __virt_addr_valid+0x1db/0x2d0 [ 18.970470] ? kasan_atomics_helper+0x19e3/0x5450 [ 18.970527] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.970578] ? kasan_atomics_helper+0x19e3/0x5450 [ 18.970636] kasan_report+0x141/0x180 [ 18.970705] ? kasan_atomics_helper+0x19e3/0x5450 [ 18.970775] kasan_check_range+0x10c/0x1c0 [ 18.970832] __kasan_check_write+0x18/0x20 [ 18.970875] kasan_atomics_helper+0x19e3/0x5450 [ 18.970903] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.970932] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.970958] ? kasan_atomics+0x152/0x310 [ 18.970987] kasan_atomics+0x1dc/0x310 [ 18.971011] ? __pfx_kasan_atomics+0x10/0x10 [ 18.971036] ? __pfx_read_tsc+0x10/0x10 [ 18.971073] ? ktime_get_ts64+0x86/0x230 [ 18.971116] kunit_try_run_case+0x1a5/0x480 [ 18.971148] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.971174] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.971203] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.971231] ? __kthread_parkme+0x82/0x180 [ 18.971259] ? preempt_count_sub+0x50/0x80 [ 18.971328] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.971380] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.971410] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.971439] kthread+0x337/0x6f0 [ 18.971460] ? trace_preempt_on+0x20/0xc0 [ 18.971489] ? __pfx_kthread+0x10/0x10 [ 18.971511] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.971538] ? calculate_sigpending+0x7b/0xa0 [ 18.971565] ? __pfx_kthread+0x10/0x10 [ 18.971587] ret_from_fork+0x41/0x80 [ 18.971611] ? __pfx_kthread+0x10/0x10 [ 18.971633] ret_from_fork_asm+0x1a/0x30 [ 18.971669] </TASK> [ 18.971684] [ 18.982753] Allocated by task 286: [ 18.982959] kasan_save_stack+0x45/0x70 [ 18.985045] kasan_save_track+0x18/0x40 [ 18.985456] kasan_save_alloc_info+0x3b/0x50 [ 18.985769] __kasan_kmalloc+0xb7/0xc0 [ 18.985966] __kmalloc_cache_noprof+0x189/0x420 [ 18.986188] kasan_atomics+0x95/0x310 [ 18.986391] kunit_try_run_case+0x1a5/0x480 [ 18.986587] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.986807] kthread+0x337/0x6f0 [ 18.986963] ret_from_fork+0x41/0x80 [ 18.987118] ret_from_fork_asm+0x1a/0x30 [ 18.987467] [ 18.987632] The buggy address belongs to the object at ffff888102b21f80 [ 18.987632] which belongs to the cache kmalloc-64 of size 64 [ 18.988059] The buggy address is located 0 bytes to the right of [ 18.988059] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 18.988501] [ 18.988666] The buggy address belongs to the physical page: [ 18.989108] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 18.990772] flags: 0x200000000000000(node=0|zone=2) [ 18.991013] page_type: f5(slab) [ 18.991768] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.992585] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.993620] page dumped because: kasan: bad access detected [ 18.994452] [ 18.994687] Memory state around the buggy address: [ 18.994979] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.995657] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.996321] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.996868] ^ [ 18.997461] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.998063] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.998703] ================================================================== [ 18.906022] ================================================================== [ 18.906836] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 18.907553] Write of size 8 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 18.908017] [ 18.908291] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 18.908410] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.908441] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.908488] Call Trace: [ 18.908536] <TASK> [ 18.908585] dump_stack_lvl+0x73/0xb0 [ 18.908659] print_report+0xd1/0x650 [ 18.908716] ? __virt_addr_valid+0x1db/0x2d0 [ 18.908775] ? kasan_atomics_helper+0x18b1/0x5450 [ 18.908831] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.908892] ? kasan_atomics_helper+0x18b1/0x5450 [ 18.908947] kasan_report+0x141/0x180 [ 18.909006] ? kasan_atomics_helper+0x18b1/0x5450 [ 18.909087] kasan_check_range+0x10c/0x1c0 [ 18.909143] __kasan_check_write+0x18/0x20 [ 18.909200] kasan_atomics_helper+0x18b1/0x5450 [ 18.909260] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.909320] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.909388] ? kasan_atomics+0x152/0x310 [ 18.909433] kasan_atomics+0x1dc/0x310 [ 18.909478] ? __pfx_kasan_atomics+0x10/0x10 [ 18.909526] ? __pfx_read_tsc+0x10/0x10 [ 18.909570] ? ktime_get_ts64+0x86/0x230 [ 18.909620] kunit_try_run_case+0x1a5/0x480 [ 18.909675] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.909727] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.909780] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.909829] ? __kthread_parkme+0x82/0x180 [ 18.909877] ? preempt_count_sub+0x50/0x80 [ 18.909934] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.909990] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.910053] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.910105] kthread+0x337/0x6f0 [ 18.910147] ? trace_preempt_on+0x20/0xc0 [ 18.910202] ? __pfx_kthread+0x10/0x10 [ 18.910245] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.910298] ? calculate_sigpending+0x7b/0xa0 [ 18.910382] ? __pfx_kthread+0x10/0x10 [ 18.910450] ret_from_fork+0x41/0x80 [ 18.910508] ? __pfx_kthread+0x10/0x10 [ 18.910556] ret_from_fork_asm+0x1a/0x30 [ 18.910635] </TASK> [ 18.910662] [ 18.921236] Allocated by task 286: [ 18.921711] kasan_save_stack+0x45/0x70 [ 18.921971] kasan_save_track+0x18/0x40 [ 18.922324] kasan_save_alloc_info+0x3b/0x50 [ 18.922729] __kasan_kmalloc+0xb7/0xc0 [ 18.923166] __kmalloc_cache_noprof+0x189/0x420 [ 18.923488] kasan_atomics+0x95/0x310 [ 18.923787] kunit_try_run_case+0x1a5/0x480 [ 18.924058] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.924562] kthread+0x337/0x6f0 [ 18.924893] ret_from_fork+0x41/0x80 [ 18.925117] ret_from_fork_asm+0x1a/0x30 [ 18.925485] [ 18.925663] The buggy address belongs to the object at ffff888102b21f80 [ 18.925663] which belongs to the cache kmalloc-64 of size 64 [ 18.926376] The buggy address is located 0 bytes to the right of [ 18.926376] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 18.926920] [ 18.927054] The buggy address belongs to the physical page: [ 18.927280] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 18.927602] flags: 0x200000000000000(node=0|zone=2) [ 18.927831] page_type: f5(slab) [ 18.928024] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.928315] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.928964] page dumped because: kasan: bad access detected [ 18.929568] [ 18.929763] Memory state around the buggy address: [ 18.930173] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.930803] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.931503] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.931961] ^ [ 18.932409] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.932814] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.933118] ================================================================== [ 18.080436] ================================================================== [ 18.081054] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 18.081480] Write of size 4 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 18.082044] [ 18.082305] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 18.082426] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.082458] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.082508] Call Trace: [ 18.082555] <TASK> [ 18.082600] dump_stack_lvl+0x73/0xb0 [ 18.082663] print_report+0xd1/0x650 [ 18.082715] ? __virt_addr_valid+0x1db/0x2d0 [ 18.082771] ? kasan_atomics_helper+0xb6a/0x5450 [ 18.082823] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.082878] ? kasan_atomics_helper+0xb6a/0x5450 [ 18.082923] kasan_report+0x141/0x180 [ 18.082974] ? kasan_atomics_helper+0xb6a/0x5450 [ 18.083030] kasan_check_range+0x10c/0x1c0 [ 18.083122] __kasan_check_write+0x18/0x20 [ 18.083174] kasan_atomics_helper+0xb6a/0x5450 [ 18.083227] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.083284] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.083356] ? kasan_atomics+0x152/0x310 [ 18.083417] kasan_atomics+0x1dc/0x310 [ 18.083467] ? __pfx_kasan_atomics+0x10/0x10 [ 18.083523] ? __pfx_read_tsc+0x10/0x10 [ 18.083573] ? ktime_get_ts64+0x86/0x230 [ 18.083637] kunit_try_run_case+0x1a5/0x480 [ 18.083700] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.083755] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.083815] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.083875] ? __kthread_parkme+0x82/0x180 [ 18.083929] ? preempt_count_sub+0x50/0x80 [ 18.083991] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.084051] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.084144] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.084206] kthread+0x337/0x6f0 [ 18.084245] ? trace_preempt_on+0x20/0xc0 [ 18.084278] ? __pfx_kthread+0x10/0x10 [ 18.084301] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.084328] ? calculate_sigpending+0x7b/0xa0 [ 18.084374] ? __pfx_kthread+0x10/0x10 [ 18.084398] ret_from_fork+0x41/0x80 [ 18.084422] ? __pfx_kthread+0x10/0x10 [ 18.084444] ret_from_fork_asm+0x1a/0x30 [ 18.084480] </TASK> [ 18.084495] [ 18.095788] Allocated by task 286: [ 18.096124] kasan_save_stack+0x45/0x70 [ 18.096437] kasan_save_track+0x18/0x40 [ 18.096690] kasan_save_alloc_info+0x3b/0x50 [ 18.096922] __kasan_kmalloc+0xb7/0xc0 [ 18.097200] __kmalloc_cache_noprof+0x189/0x420 [ 18.097610] kasan_atomics+0x95/0x310 [ 18.097943] kunit_try_run_case+0x1a5/0x480 [ 18.098282] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.098585] kthread+0x337/0x6f0 [ 18.098771] ret_from_fork+0x41/0x80 [ 18.099108] ret_from_fork_asm+0x1a/0x30 [ 18.099466] [ 18.099634] The buggy address belongs to the object at ffff888102b21f80 [ 18.099634] which belongs to the cache kmalloc-64 of size 64 [ 18.100497] The buggy address is located 0 bytes to the right of [ 18.100497] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 18.100942] [ 18.101079] The buggy address belongs to the physical page: [ 18.101463] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 18.102271] flags: 0x200000000000000(node=0|zone=2) [ 18.102620] page_type: f5(slab) [ 18.102805] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.103108] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.103672] page dumped because: kasan: bad access detected [ 18.104099] [ 18.104267] Memory state around the buggy address: [ 18.104647] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.104982] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.105419] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.105888] ^ [ 18.106248] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.106533] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.106802] ================================================================== [ 18.480160] ================================================================== [ 18.480594] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 18.480879] Write of size 4 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 18.481150] [ 18.481367] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 18.481474] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.481495] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.481522] Call Trace: [ 18.481550] <TASK> [ 18.481581] dump_stack_lvl+0x73/0xb0 [ 18.481626] print_report+0xd1/0x650 [ 18.481676] ? __virt_addr_valid+0x1db/0x2d0 [ 18.481733] ? kasan_atomics_helper+0x1217/0x5450 [ 18.481786] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.481844] ? kasan_atomics_helper+0x1217/0x5450 [ 18.481888] kasan_report+0x141/0x180 [ 18.481917] ? kasan_atomics_helper+0x1217/0x5450 [ 18.481952] kasan_check_range+0x10c/0x1c0 [ 18.481978] __kasan_check_write+0x18/0x20 [ 18.482003] kasan_atomics_helper+0x1217/0x5450 [ 18.482031] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.482060] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.482088] ? kasan_atomics+0x152/0x310 [ 18.482117] kasan_atomics+0x1dc/0x310 [ 18.482140] ? __pfx_kasan_atomics+0x10/0x10 [ 18.482165] ? __pfx_read_tsc+0x10/0x10 [ 18.482191] ? ktime_get_ts64+0x86/0x230 [ 18.482222] kunit_try_run_case+0x1a5/0x480 [ 18.482252] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.482278] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.482309] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.482381] ? __kthread_parkme+0x82/0x180 [ 18.482448] ? preempt_count_sub+0x50/0x80 [ 18.482521] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.482574] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.482635] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.482696] kthread+0x337/0x6f0 [ 18.482740] ? trace_preempt_on+0x20/0xc0 [ 18.482790] ? __pfx_kthread+0x10/0x10 [ 18.482837] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.482891] ? calculate_sigpending+0x7b/0xa0 [ 18.482947] ? __pfx_kthread+0x10/0x10 [ 18.482996] ret_from_fork+0x41/0x80 [ 18.483045] ? __pfx_kthread+0x10/0x10 [ 18.483103] ret_from_fork_asm+0x1a/0x30 [ 18.483157] </TASK> [ 18.483175] [ 18.493824] Allocated by task 286: [ 18.494239] kasan_save_stack+0x45/0x70 [ 18.494519] kasan_save_track+0x18/0x40 [ 18.494871] kasan_save_alloc_info+0x3b/0x50 [ 18.495353] __kasan_kmalloc+0xb7/0xc0 [ 18.495569] __kmalloc_cache_noprof+0x189/0x420 [ 18.495787] kasan_atomics+0x95/0x310 [ 18.495975] kunit_try_run_case+0x1a5/0x480 [ 18.496408] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.497034] kthread+0x337/0x6f0 [ 18.497378] ret_from_fork+0x41/0x80 [ 18.497702] ret_from_fork_asm+0x1a/0x30 [ 18.497926] [ 18.498050] The buggy address belongs to the object at ffff888102b21f80 [ 18.498050] which belongs to the cache kmalloc-64 of size 64 [ 18.498939] The buggy address is located 0 bytes to the right of [ 18.498939] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 18.499545] [ 18.499763] The buggy address belongs to the physical page: [ 18.500255] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 18.500801] flags: 0x200000000000000(node=0|zone=2) [ 18.501313] page_type: f5(slab) [ 18.501528] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.502082] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.502389] page dumped because: kasan: bad access detected [ 18.502614] [ 18.502722] Memory state around the buggy address: [ 18.502938] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.503210] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.503653] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.504262] ^ [ 18.504687] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.505299] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.505863] ================================================================== [ 17.584315] ================================================================== [ 17.584853] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 17.585183] Read of size 4 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 17.585856] [ 17.586122] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 17.586351] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.586381] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.586426] Call Trace: [ 17.586471] <TASK> [ 17.586514] dump_stack_lvl+0x73/0xb0 [ 17.586578] print_report+0xd1/0x650 [ 17.586630] ? __virt_addr_valid+0x1db/0x2d0 [ 17.586674] ? kasan_atomics_helper+0x4b88/0x5450 [ 17.586723] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.586774] ? kasan_atomics_helper+0x4b88/0x5450 [ 17.586821] kasan_report+0x141/0x180 [ 17.586871] ? kasan_atomics_helper+0x4b88/0x5450 [ 17.586930] __asan_report_load4_noabort+0x18/0x20 [ 17.586978] kasan_atomics_helper+0x4b88/0x5450 [ 17.587032] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.587119] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.587171] ? kasan_atomics+0x152/0x310 [ 17.587363] kasan_atomics+0x1dc/0x310 [ 17.587408] ? __pfx_kasan_atomics+0x10/0x10 [ 17.587439] ? __pfx_read_tsc+0x10/0x10 [ 17.587478] ? ktime_get_ts64+0x86/0x230 [ 17.587527] kunit_try_run_case+0x1a5/0x480 [ 17.587581] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.587623] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.587668] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.587716] ? __kthread_parkme+0x82/0x180 [ 17.587762] ? preempt_count_sub+0x50/0x80 [ 17.587816] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.587864] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.587914] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.587969] kthread+0x337/0x6f0 [ 17.588002] ? trace_preempt_on+0x20/0xc0 [ 17.588053] ? __pfx_kthread+0x10/0x10 [ 17.588131] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.588162] ? calculate_sigpending+0x7b/0xa0 [ 17.588190] ? __pfx_kthread+0x10/0x10 [ 17.588263] ret_from_fork+0x41/0x80 [ 17.588314] ? __pfx_kthread+0x10/0x10 [ 17.588364] ret_from_fork_asm+0x1a/0x30 [ 17.588403] </TASK> [ 17.588417] [ 17.602493] Allocated by task 286: [ 17.602776] kasan_save_stack+0x45/0x70 [ 17.603068] kasan_save_track+0x18/0x40 [ 17.603764] kasan_save_alloc_info+0x3b/0x50 [ 17.604266] __kasan_kmalloc+0xb7/0xc0 [ 17.604491] __kmalloc_cache_noprof+0x189/0x420 [ 17.604887] kasan_atomics+0x95/0x310 [ 17.605411] kunit_try_run_case+0x1a5/0x480 [ 17.605964] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.606300] kthread+0x337/0x6f0 [ 17.606585] ret_from_fork+0x41/0x80 [ 17.606843] ret_from_fork_asm+0x1a/0x30 [ 17.607294] [ 17.607687] The buggy address belongs to the object at ffff888102b21f80 [ 17.607687] which belongs to the cache kmalloc-64 of size 64 [ 17.608845] The buggy address is located 0 bytes to the right of [ 17.608845] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 17.609765] [ 17.610354] The buggy address belongs to the physical page: [ 17.610828] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 17.611328] flags: 0x200000000000000(node=0|zone=2) [ 17.611905] page_type: f5(slab) [ 17.612433] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.612756] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.613179] page dumped because: kasan: bad access detected [ 17.613882] [ 17.614101] Memory state around the buggy address: [ 17.614635] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.615007] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.615731] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.616472] ^ [ 17.616831] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.617484] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.617643] ================================================================== [ 17.719686] ================================================================== [ 17.720457] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 17.721135] Write of size 4 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 17.721777] [ 17.722007] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 17.722151] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.722185] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.722271] Call Trace: [ 17.722322] <TASK> [ 17.722383] dump_stack_lvl+0x73/0xb0 [ 17.722456] print_report+0xd1/0x650 [ 17.722549] ? __virt_addr_valid+0x1db/0x2d0 [ 17.722605] ? kasan_atomics_helper+0x4a0/0x5450 [ 17.722657] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.722714] ? kasan_atomics_helper+0x4a0/0x5450 [ 17.722802] kasan_report+0x141/0x180 [ 17.722860] ? kasan_atomics_helper+0x4a0/0x5450 [ 17.722925] kasan_check_range+0x10c/0x1c0 [ 17.723011] __kasan_check_write+0x18/0x20 [ 17.723096] kasan_atomics_helper+0x4a0/0x5450 [ 17.723151] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.723208] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.723299] ? kasan_atomics+0x152/0x310 [ 17.723374] kasan_atomics+0x1dc/0x310 [ 17.723422] ? __pfx_kasan_atomics+0x10/0x10 [ 17.723499] ? __pfx_read_tsc+0x10/0x10 [ 17.723546] ? ktime_get_ts64+0x86/0x230 [ 17.723630] kunit_try_run_case+0x1a5/0x480 [ 17.723689] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.723736] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.723790] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.723849] ? __kthread_parkme+0x82/0x180 [ 17.723904] ? preempt_count_sub+0x50/0x80 [ 17.723955] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.723988] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.724020] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.724050] kthread+0x337/0x6f0 [ 17.724108] ? trace_preempt_on+0x20/0xc0 [ 17.724142] ? __pfx_kthread+0x10/0x10 [ 17.724164] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.724190] ? calculate_sigpending+0x7b/0xa0 [ 17.724217] ? __pfx_kthread+0x10/0x10 [ 17.724241] ret_from_fork+0x41/0x80 [ 17.724267] ? __pfx_kthread+0x10/0x10 [ 17.724290] ret_from_fork_asm+0x1a/0x30 [ 17.724327] </TASK> [ 17.724362] [ 17.739158] Allocated by task 286: [ 17.739414] kasan_save_stack+0x45/0x70 [ 17.739654] kasan_save_track+0x18/0x40 [ 17.740138] kasan_save_alloc_info+0x3b/0x50 [ 17.740512] __kasan_kmalloc+0xb7/0xc0 [ 17.740783] __kmalloc_cache_noprof+0x189/0x420 [ 17.741505] kasan_atomics+0x95/0x310 [ 17.741734] kunit_try_run_case+0x1a5/0x480 [ 17.742402] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.742700] kthread+0x337/0x6f0 [ 17.743247] ret_from_fork+0x41/0x80 [ 17.743446] ret_from_fork_asm+0x1a/0x30 [ 17.744087] [ 17.744377] The buggy address belongs to the object at ffff888102b21f80 [ 17.744377] which belongs to the cache kmalloc-64 of size 64 [ 17.745393] The buggy address is located 0 bytes to the right of [ 17.745393] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 17.746434] [ 17.746669] The buggy address belongs to the physical page: [ 17.747180] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 17.747585] flags: 0x200000000000000(node=0|zone=2) [ 17.747719] page_type: f5(slab) [ 17.747820] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.747971] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.748189] page dumped because: kasan: bad access detected [ 17.748619] [ 17.748831] Memory state around the buggy address: [ 17.749278] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.749802] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.750441] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.750736] ^ [ 17.751035] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.751500] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.752039] ================================================================== [ 19.063677] ================================================================== [ 19.063942] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 19.064205] Write of size 8 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 19.065872] [ 19.066478] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 19.066606] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.066639] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.066692] Call Trace: [ 19.066737] <TASK> [ 19.066786] dump_stack_lvl+0x73/0xb0 [ 19.066859] print_report+0xd1/0x650 [ 19.066919] ? __virt_addr_valid+0x1db/0x2d0 [ 19.066979] ? kasan_atomics_helper+0x1c18/0x5450 [ 19.067035] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.067096] ? kasan_atomics_helper+0x1c18/0x5450 [ 19.067153] kasan_report+0x141/0x180 [ 19.067209] ? kasan_atomics_helper+0x1c18/0x5450 [ 19.067280] kasan_check_range+0x10c/0x1c0 [ 19.067353] __kasan_check_write+0x18/0x20 [ 19.067408] kasan_atomics_helper+0x1c18/0x5450 [ 19.067469] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 19.067530] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.067578] ? kasan_atomics+0x152/0x310 [ 19.067624] kasan_atomics+0x1dc/0x310 [ 19.067699] ? __pfx_kasan_atomics+0x10/0x10 [ 19.067754] ? __pfx_read_tsc+0x10/0x10 [ 19.067803] ? ktime_get_ts64+0x86/0x230 [ 19.067867] kunit_try_run_case+0x1a5/0x480 [ 19.067931] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.067986] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.068046] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.068107] ? __kthread_parkme+0x82/0x180 [ 19.068138] ? preempt_count_sub+0x50/0x80 [ 19.068167] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.068195] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.068225] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.068253] kthread+0x337/0x6f0 [ 19.068274] ? trace_preempt_on+0x20/0xc0 [ 19.068301] ? __pfx_kthread+0x10/0x10 [ 19.068323] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.068370] ? calculate_sigpending+0x7b/0xa0 [ 19.068397] ? __pfx_kthread+0x10/0x10 [ 19.068419] ret_from_fork+0x41/0x80 [ 19.068443] ? __pfx_kthread+0x10/0x10 [ 19.068465] ret_from_fork_asm+0x1a/0x30 [ 19.068500] </TASK> [ 19.068515] [ 19.082508] Allocated by task 286: [ 19.082756] kasan_save_stack+0x45/0x70 [ 19.083009] kasan_save_track+0x18/0x40 [ 19.083772] kasan_save_alloc_info+0x3b/0x50 [ 19.084217] __kasan_kmalloc+0xb7/0xc0 [ 19.084486] __kmalloc_cache_noprof+0x189/0x420 [ 19.084847] kasan_atomics+0x95/0x310 [ 19.085434] kunit_try_run_case+0x1a5/0x480 [ 19.085740] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.086328] kthread+0x337/0x6f0 [ 19.086705] ret_from_fork+0x41/0x80 [ 19.086922] ret_from_fork_asm+0x1a/0x30 [ 19.087349] [ 19.087749] The buggy address belongs to the object at ffff888102b21f80 [ 19.087749] which belongs to the cache kmalloc-64 of size 64 [ 19.088817] The buggy address is located 0 bytes to the right of [ 19.088817] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 19.090010] [ 19.090390] The buggy address belongs to the physical page: [ 19.090793] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 19.091360] flags: 0x200000000000000(node=0|zone=2) [ 19.091822] page_type: f5(slab) [ 19.092039] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 19.092422] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.092768] page dumped because: kasan: bad access detected [ 19.093051] [ 19.093179] Memory state around the buggy address: [ 19.093447] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.093723] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.094178] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.094777] ^ [ 19.095274] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.095819] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.096407] ================================================================== [ 18.816702] ================================================================== [ 18.817122] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 18.817477] Write of size 8 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 18.818029] [ 18.818315] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 18.818438] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.818469] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.818521] Call Trace: [ 18.818571] <TASK> [ 18.818619] dump_stack_lvl+0x73/0xb0 [ 18.818686] print_report+0xd1/0x650 [ 18.818745] ? __virt_addr_valid+0x1db/0x2d0 [ 18.818803] ? kasan_atomics_helper+0x16e7/0x5450 [ 18.818860] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.818917] ? kasan_atomics_helper+0x16e7/0x5450 [ 18.818975] kasan_report+0x141/0x180 [ 18.819032] ? kasan_atomics_helper+0x16e7/0x5450 [ 18.819102] kasan_check_range+0x10c/0x1c0 [ 18.819150] __kasan_check_write+0x18/0x20 [ 18.819189] kasan_atomics_helper+0x16e7/0x5450 [ 18.819233] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.819282] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.819351] ? kasan_atomics+0x152/0x310 [ 18.819405] kasan_atomics+0x1dc/0x310 [ 18.819454] ? __pfx_kasan_atomics+0x10/0x10 [ 18.819506] ? __pfx_read_tsc+0x10/0x10 [ 18.819559] ? ktime_get_ts64+0x86/0x230 [ 18.819621] kunit_try_run_case+0x1a5/0x480 [ 18.819685] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.819738] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.819822] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.819876] ? __kthread_parkme+0x82/0x180 [ 18.819926] ? preempt_count_sub+0x50/0x80 [ 18.819976] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.820027] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.820096] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.820171] kthread+0x337/0x6f0 [ 18.820216] ? trace_preempt_on+0x20/0xc0 [ 18.820265] ? __pfx_kthread+0x10/0x10 [ 18.820309] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.820378] ? calculate_sigpending+0x7b/0xa0 [ 18.820432] ? __pfx_kthread+0x10/0x10 [ 18.820480] ret_from_fork+0x41/0x80 [ 18.820533] ? __pfx_kthread+0x10/0x10 [ 18.820581] ret_from_fork_asm+0x1a/0x30 [ 18.820660] </TASK> [ 18.820691] [ 18.831650] Allocated by task 286: [ 18.832663] kasan_save_stack+0x45/0x70 [ 18.832943] kasan_save_track+0x18/0x40 [ 18.833554] kasan_save_alloc_info+0x3b/0x50 [ 18.834329] __kasan_kmalloc+0xb7/0xc0 [ 18.834784] __kmalloc_cache_noprof+0x189/0x420 [ 18.835165] kasan_atomics+0x95/0x310 [ 18.835414] kunit_try_run_case+0x1a5/0x480 [ 18.835763] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.836105] kthread+0x337/0x6f0 [ 18.836471] ret_from_fork+0x41/0x80 [ 18.836728] ret_from_fork_asm+0x1a/0x30 [ 18.837127] [ 18.837390] The buggy address belongs to the object at ffff888102b21f80 [ 18.837390] which belongs to the cache kmalloc-64 of size 64 [ 18.838140] The buggy address is located 0 bytes to the right of [ 18.838140] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 18.839092] [ 18.839250] The buggy address belongs to the physical page: [ 18.839720] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 18.840358] flags: 0x200000000000000(node=0|zone=2) [ 18.840735] page_type: f5(slab) [ 18.841137] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.841756] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.842259] page dumped because: kasan: bad access detected [ 18.842600] [ 18.842811] Memory state around the buggy address: [ 18.843218] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.843722] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.844272] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.844648] ^ [ 18.844847] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.845541] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.845831] ================================================================== [ 19.125666] ================================================================== [ 19.126743] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 19.127394] Write of size 8 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 19.127861] [ 19.128116] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 19.128222] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.128254] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.128297] Call Trace: [ 19.128354] <TASK> [ 19.128402] dump_stack_lvl+0x73/0xb0 [ 19.128465] print_report+0xd1/0x650 [ 19.128519] ? __virt_addr_valid+0x1db/0x2d0 [ 19.128574] ? kasan_atomics_helper+0x1ce1/0x5450 [ 19.128622] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.128676] ? kasan_atomics_helper+0x1ce1/0x5450 [ 19.128726] kasan_report+0x141/0x180 [ 19.128776] ? kasan_atomics_helper+0x1ce1/0x5450 [ 19.128840] kasan_check_range+0x10c/0x1c0 [ 19.128889] __kasan_check_write+0x18/0x20 [ 19.128940] kasan_atomics_helper+0x1ce1/0x5450 [ 19.128993] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 19.129099] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.129155] ? kasan_atomics+0x152/0x310 [ 19.129189] kasan_atomics+0x1dc/0x310 [ 19.129215] ? __pfx_kasan_atomics+0x10/0x10 [ 19.129242] ? __pfx_read_tsc+0x10/0x10 [ 19.129268] ? ktime_get_ts64+0x86/0x230 [ 19.129306] kunit_try_run_case+0x1a5/0x480 [ 19.129373] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.129419] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.129469] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.129525] ? __kthread_parkme+0x82/0x180 [ 19.129573] ? preempt_count_sub+0x50/0x80 [ 19.129625] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.129673] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.129729] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.129786] kthread+0x337/0x6f0 [ 19.129829] ? trace_preempt_on+0x20/0xc0 [ 19.129884] ? __pfx_kthread+0x10/0x10 [ 19.129926] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.129978] ? calculate_sigpending+0x7b/0xa0 [ 19.130030] ? __pfx_kthread+0x10/0x10 [ 19.130110] ret_from_fork+0x41/0x80 [ 19.130163] ? __pfx_kthread+0x10/0x10 [ 19.130206] ret_from_fork_asm+0x1a/0x30 [ 19.130277] </TASK> [ 19.130305] [ 19.141319] Allocated by task 286: [ 19.141748] kasan_save_stack+0x45/0x70 [ 19.142225] kasan_save_track+0x18/0x40 [ 19.142461] kasan_save_alloc_info+0x3b/0x50 [ 19.142676] __kasan_kmalloc+0xb7/0xc0 [ 19.142864] __kmalloc_cache_noprof+0x189/0x420 [ 19.143203] kasan_atomics+0x95/0x310 [ 19.143395] kunit_try_run_case+0x1a5/0x480 [ 19.143693] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.144005] kthread+0x337/0x6f0 [ 19.144241] ret_from_fork+0x41/0x80 [ 19.144510] ret_from_fork_asm+0x1a/0x30 [ 19.144872] [ 19.145077] The buggy address belongs to the object at ffff888102b21f80 [ 19.145077] which belongs to the cache kmalloc-64 of size 64 [ 19.146347] The buggy address is located 0 bytes to the right of [ 19.146347] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 19.148258] [ 19.148502] The buggy address belongs to the physical page: [ 19.148955] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 19.150238] flags: 0x200000000000000(node=0|zone=2) [ 19.150729] page_type: f5(slab) [ 19.151073] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 19.151440] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.151851] page dumped because: kasan: bad access detected [ 19.152272] [ 19.152462] Memory state around the buggy address: [ 19.152770] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.153513] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.154030] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.154717] ^ [ 19.155082] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.155487] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.155861] ================================================================== [ 17.754183] ================================================================== [ 17.755009] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 17.755413] Write of size 4 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 17.755632] [ 17.755749] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 17.755823] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.755842] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.755875] Call Trace: [ 17.755910] <TASK> [ 17.755942] dump_stack_lvl+0x73/0xb0 [ 17.755978] print_report+0xd1/0x650 [ 17.756006] ? __virt_addr_valid+0x1db/0x2d0 [ 17.756035] ? kasan_atomics_helper+0x4b3a/0x5450 [ 17.756061] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.756104] ? kasan_atomics_helper+0x4b3a/0x5450 [ 17.756147] kasan_report+0x141/0x180 [ 17.756195] ? kasan_atomics_helper+0x4b3a/0x5450 [ 17.756255] __asan_report_store4_noabort+0x1b/0x30 [ 17.756307] kasan_atomics_helper+0x4b3a/0x5450 [ 17.756381] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.756437] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.756485] ? kasan_atomics+0x152/0x310 [ 17.756527] kasan_atomics+0x1dc/0x310 [ 17.756567] ? __pfx_kasan_atomics+0x10/0x10 [ 17.756615] ? __pfx_read_tsc+0x10/0x10 [ 17.756660] ? ktime_get_ts64+0x86/0x230 [ 17.756721] kunit_try_run_case+0x1a5/0x480 [ 17.756782] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.756837] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.756896] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.756958] ? __kthread_parkme+0x82/0x180 [ 17.757003] ? preempt_count_sub+0x50/0x80 [ 17.757069] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.757124] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.757175] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.757232] kthread+0x337/0x6f0 [ 17.757275] ? trace_preempt_on+0x20/0xc0 [ 17.757324] ? __pfx_kthread+0x10/0x10 [ 17.757384] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.757430] ? calculate_sigpending+0x7b/0xa0 [ 17.757481] ? __pfx_kthread+0x10/0x10 [ 17.757531] ret_from_fork+0x41/0x80 [ 17.757581] ? __pfx_kthread+0x10/0x10 [ 17.757628] ret_from_fork_asm+0x1a/0x30 [ 17.757668] </TASK> [ 17.757683] [ 17.769125] Allocated by task 286: [ 17.769538] kasan_save_stack+0x45/0x70 [ 17.769888] kasan_save_track+0x18/0x40 [ 17.770365] kasan_save_alloc_info+0x3b/0x50 [ 17.770680] __kasan_kmalloc+0xb7/0xc0 [ 17.771051] __kmalloc_cache_noprof+0x189/0x420 [ 17.771364] kasan_atomics+0x95/0x310 [ 17.771564] kunit_try_run_case+0x1a5/0x480 [ 17.771773] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.772295] kthread+0x337/0x6f0 [ 17.772629] ret_from_fork+0x41/0x80 [ 17.772974] ret_from_fork_asm+0x1a/0x30 [ 17.773373] [ 17.773565] The buggy address belongs to the object at ffff888102b21f80 [ 17.773565] which belongs to the cache kmalloc-64 of size 64 [ 17.774418] The buggy address is located 0 bytes to the right of [ 17.774418] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 17.775181] [ 17.775452] The buggy address belongs to the physical page: [ 17.775863] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 17.776436] flags: 0x200000000000000(node=0|zone=2) [ 17.776813] page_type: f5(slab) [ 17.777200] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.777522] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.777820] page dumped because: kasan: bad access detected [ 17.778357] [ 17.778554] Memory state around the buggy address: [ 17.778971] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.779591] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.780172] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.780649] ^ [ 17.780985] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.781517] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.782023] ================================================================== [ 18.108180] ================================================================== [ 18.109660] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 18.110548] Write of size 4 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 18.111133] [ 18.111400] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 18.111505] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.111537] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.111587] Call Trace: [ 18.111636] <TASK> [ 18.111681] dump_stack_lvl+0x73/0xb0 [ 18.111750] print_report+0xd1/0x650 [ 18.111808] ? __virt_addr_valid+0x1db/0x2d0 [ 18.111869] ? kasan_atomics_helper+0xc70/0x5450 [ 18.111925] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.111982] ? kasan_atomics_helper+0xc70/0x5450 [ 18.112028] kasan_report+0x141/0x180 [ 18.112075] ? kasan_atomics_helper+0xc70/0x5450 [ 18.112129] kasan_check_range+0x10c/0x1c0 [ 18.112174] __kasan_check_write+0x18/0x20 [ 18.112224] kasan_atomics_helper+0xc70/0x5450 [ 18.112286] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.112359] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.112415] ? kasan_atomics+0x152/0x310 [ 18.112475] kasan_atomics+0x1dc/0x310 [ 18.112526] ? __pfx_kasan_atomics+0x10/0x10 [ 18.112580] ? __pfx_read_tsc+0x10/0x10 [ 18.112633] ? ktime_get_ts64+0x86/0x230 [ 18.112695] kunit_try_run_case+0x1a5/0x480 [ 18.112757] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.112812] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.112873] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.112934] ? __kthread_parkme+0x82/0x180 [ 18.112988] ? preempt_count_sub+0x50/0x80 [ 18.113065] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.113115] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.113168] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.113227] kthread+0x337/0x6f0 [ 18.113269] ? trace_preempt_on+0x20/0xc0 [ 18.113325] ? __pfx_kthread+0x10/0x10 [ 18.113385] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.113432] ? calculate_sigpending+0x7b/0xa0 [ 18.113477] ? __pfx_kthread+0x10/0x10 [ 18.113519] ret_from_fork+0x41/0x80 [ 18.113569] ? __pfx_kthread+0x10/0x10 [ 18.113616] ret_from_fork_asm+0x1a/0x30 [ 18.113696] </TASK> [ 18.113725] [ 18.123753] Allocated by task 286: [ 18.124066] kasan_save_stack+0x45/0x70 [ 18.124432] kasan_save_track+0x18/0x40 [ 18.124702] kasan_save_alloc_info+0x3b/0x50 [ 18.124916] __kasan_kmalloc+0xb7/0xc0 [ 18.125315] __kmalloc_cache_noprof+0x189/0x420 [ 18.125695] kasan_atomics+0x95/0x310 [ 18.125937] kunit_try_run_case+0x1a5/0x480 [ 18.126268] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.126611] kthread+0x337/0x6f0 [ 18.126822] ret_from_fork+0x41/0x80 [ 18.127109] ret_from_fork_asm+0x1a/0x30 [ 18.127377] [ 18.127523] The buggy address belongs to the object at ffff888102b21f80 [ 18.127523] which belongs to the cache kmalloc-64 of size 64 [ 18.128102] The buggy address is located 0 bytes to the right of [ 18.128102] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 18.129062] [ 18.129191] The buggy address belongs to the physical page: [ 18.129443] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 18.129759] flags: 0x200000000000000(node=0|zone=2) [ 18.129995] page_type: f5(slab) [ 18.130191] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.130667] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.131569] page dumped because: kasan: bad access detected [ 18.132018] [ 18.132212] Memory state around the buggy address: [ 18.132632] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.133219] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.133780] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.134316] ^ [ 18.134560] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.134837] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.135396] ================================================================== [ 18.789362] ================================================================== [ 18.789746] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 18.790287] Write of size 8 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 18.790799] [ 18.790983] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 18.791076] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.791104] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.791150] Call Trace: [ 18.791195] <TASK> [ 18.791244] dump_stack_lvl+0x73/0xb0 [ 18.791306] print_report+0xd1/0x650 [ 18.791374] ? __virt_addr_valid+0x1db/0x2d0 [ 18.791429] ? kasan_atomics_helper+0x164f/0x5450 [ 18.791837] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.791877] ? kasan_atomics_helper+0x164f/0x5450 [ 18.791906] kasan_report+0x141/0x180 [ 18.791934] ? kasan_atomics_helper+0x164f/0x5450 [ 18.791966] kasan_check_range+0x10c/0x1c0 [ 18.791991] __kasan_check_write+0x18/0x20 [ 18.792014] kasan_atomics_helper+0x164f/0x5450 [ 18.792043] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.792107] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.792141] ? kasan_atomics+0x152/0x310 [ 18.792170] kasan_atomics+0x1dc/0x310 [ 18.792193] ? __pfx_kasan_atomics+0x10/0x10 [ 18.792219] ? __pfx_read_tsc+0x10/0x10 [ 18.792244] ? ktime_get_ts64+0x86/0x230 [ 18.792275] kunit_try_run_case+0x1a5/0x480 [ 18.792305] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.792351] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.792384] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.792412] ? __kthread_parkme+0x82/0x180 [ 18.792440] ? preempt_count_sub+0x50/0x80 [ 18.792470] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.792498] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.792528] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.792557] kthread+0x337/0x6f0 [ 18.792578] ? trace_preempt_on+0x20/0xc0 [ 18.792607] ? __pfx_kthread+0x10/0x10 [ 18.792629] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.792655] ? calculate_sigpending+0x7b/0xa0 [ 18.792682] ? __pfx_kthread+0x10/0x10 [ 18.792705] ret_from_fork+0x41/0x80 [ 18.792729] ? __pfx_kthread+0x10/0x10 [ 18.792752] ret_from_fork_asm+0x1a/0x30 [ 18.792789] </TASK> [ 18.792804] [ 18.803470] Allocated by task 286: [ 18.803697] kasan_save_stack+0x45/0x70 [ 18.803929] kasan_save_track+0x18/0x40 [ 18.804119] kasan_save_alloc_info+0x3b/0x50 [ 18.804501] __kasan_kmalloc+0xb7/0xc0 [ 18.804848] __kmalloc_cache_noprof+0x189/0x420 [ 18.805263] kasan_atomics+0x95/0x310 [ 18.805628] kunit_try_run_case+0x1a5/0x480 [ 18.806144] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.806608] kthread+0x337/0x6f0 [ 18.806925] ret_from_fork+0x41/0x80 [ 18.807254] ret_from_fork_asm+0x1a/0x30 [ 18.807518] [ 18.807702] The buggy address belongs to the object at ffff888102b21f80 [ 18.807702] which belongs to the cache kmalloc-64 of size 64 [ 18.808350] The buggy address is located 0 bytes to the right of [ 18.808350] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 18.809043] [ 18.809245] The buggy address belongs to the physical page: [ 18.809894] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 18.810285] flags: 0x200000000000000(node=0|zone=2) [ 18.810541] page_type: f5(slab) [ 18.810854] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.811596] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.812007] page dumped because: kasan: bad access detected [ 18.812513] [ 18.812632] Memory state around the buggy address: [ 18.812845] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.813138] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.813749] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.814420] ^ [ 18.814712] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.815192] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.815508] ================================================================== [ 18.626475] ================================================================== [ 18.627203] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 18.627735] Read of size 8 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 18.628428] [ 18.628712] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 18.628825] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.628857] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.628941] Call Trace: [ 18.628990] <TASK> [ 18.629066] dump_stack_lvl+0x73/0xb0 [ 18.629150] print_report+0xd1/0x650 [ 18.629182] ? __virt_addr_valid+0x1db/0x2d0 [ 18.629212] ? kasan_atomics_helper+0x4eae/0x5450 [ 18.629238] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.629266] ? kasan_atomics_helper+0x4eae/0x5450 [ 18.629293] kasan_report+0x141/0x180 [ 18.629320] ? kasan_atomics_helper+0x4eae/0x5450 [ 18.629373] __asan_report_load8_noabort+0x18/0x20 [ 18.629401] kasan_atomics_helper+0x4eae/0x5450 [ 18.629430] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.629458] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.629486] ? kasan_atomics+0x152/0x310 [ 18.629515] kasan_atomics+0x1dc/0x310 [ 18.629538] ? __pfx_kasan_atomics+0x10/0x10 [ 18.629565] ? __pfx_read_tsc+0x10/0x10 [ 18.629590] ? ktime_get_ts64+0x86/0x230 [ 18.629621] kunit_try_run_case+0x1a5/0x480 [ 18.629653] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.629678] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.629707] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.629735] ? __kthread_parkme+0x82/0x180 [ 18.629762] ? preempt_count_sub+0x50/0x80 [ 18.629791] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.629819] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.629847] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.629875] kthread+0x337/0x6f0 [ 18.629895] ? trace_preempt_on+0x20/0xc0 [ 18.629922] ? __pfx_kthread+0x10/0x10 [ 18.629943] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.629969] ? calculate_sigpending+0x7b/0xa0 [ 18.629995] ? __pfx_kthread+0x10/0x10 [ 18.630018] ret_from_fork+0x41/0x80 [ 18.630043] ? __pfx_kthread+0x10/0x10 [ 18.630073] ret_from_fork_asm+0x1a/0x30 [ 18.630115] </TASK> [ 18.630130] [ 18.642886] Allocated by task 286: [ 18.643776] kasan_save_stack+0x45/0x70 [ 18.644358] kasan_save_track+0x18/0x40 [ 18.644559] kasan_save_alloc_info+0x3b/0x50 [ 18.644832] __kasan_kmalloc+0xb7/0xc0 [ 18.645247] __kmalloc_cache_noprof+0x189/0x420 [ 18.645488] kasan_atomics+0x95/0x310 [ 18.645815] kunit_try_run_case+0x1a5/0x480 [ 18.646582] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.646862] kthread+0x337/0x6f0 [ 18.647155] ret_from_fork+0x41/0x80 [ 18.647399] ret_from_fork_asm+0x1a/0x30 [ 18.648061] [ 18.648181] The buggy address belongs to the object at ffff888102b21f80 [ 18.648181] which belongs to the cache kmalloc-64 of size 64 [ 18.649518] The buggy address is located 0 bytes to the right of [ 18.649518] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 18.650267] [ 18.650491] The buggy address belongs to the physical page: [ 18.650941] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 18.651394] flags: 0x200000000000000(node=0|zone=2) [ 18.651938] page_type: f5(slab) [ 18.652267] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.653009] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.653467] page dumped because: kasan: bad access detected [ 18.653759] [ 18.653948] Memory state around the buggy address: [ 18.654309] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.654641] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.654975] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.655932] ^ [ 18.656294] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.656793] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.657298] ================================================================== [ 18.562577] ================================================================== [ 18.563437] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 18.564229] Read of size 4 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 18.565243] [ 18.565529] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 18.565645] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.565679] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.565732] Call Trace: [ 18.565783] <TASK> [ 18.565833] dump_stack_lvl+0x73/0xb0 [ 18.565906] print_report+0xd1/0x650 [ 18.565967] ? __virt_addr_valid+0x1db/0x2d0 [ 18.566026] ? kasan_atomics_helper+0x49ce/0x5450 [ 18.566102] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.566151] ? kasan_atomics_helper+0x49ce/0x5450 [ 18.566204] kasan_report+0x141/0x180 [ 18.566266] ? kasan_atomics_helper+0x49ce/0x5450 [ 18.566366] __asan_report_load4_noabort+0x18/0x20 [ 18.566428] kasan_atomics_helper+0x49ce/0x5450 [ 18.566491] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.566545] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.566601] ? kasan_atomics+0x152/0x310 [ 18.566662] kasan_atomics+0x1dc/0x310 [ 18.566712] ? __pfx_kasan_atomics+0x10/0x10 [ 18.566768] ? __pfx_read_tsc+0x10/0x10 [ 18.566820] ? ktime_get_ts64+0x86/0x230 [ 18.566882] kunit_try_run_case+0x1a5/0x480 [ 18.566940] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.566996] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.567052] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.567100] ? __kthread_parkme+0x82/0x180 [ 18.567144] ? preempt_count_sub+0x50/0x80 [ 18.567197] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.567251] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.567311] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.567386] kthread+0x337/0x6f0 [ 18.567431] ? trace_preempt_on+0x20/0xc0 [ 18.567489] ? __pfx_kthread+0x10/0x10 [ 18.567536] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.567590] ? calculate_sigpending+0x7b/0xa0 [ 18.567643] ? __pfx_kthread+0x10/0x10 [ 18.567692] ret_from_fork+0x41/0x80 [ 18.567744] ? __pfx_kthread+0x10/0x10 [ 18.567791] ret_from_fork_asm+0x1a/0x30 [ 18.567868] </TASK> [ 18.567897] [ 18.578274] Allocated by task 286: [ 18.578669] kasan_save_stack+0x45/0x70 [ 18.579051] kasan_save_track+0x18/0x40 [ 18.579422] kasan_save_alloc_info+0x3b/0x50 [ 18.579802] __kasan_kmalloc+0xb7/0xc0 [ 18.582452] __kmalloc_cache_noprof+0x189/0x420 [ 18.582823] kasan_atomics+0x95/0x310 [ 18.583141] kunit_try_run_case+0x1a5/0x480 [ 18.583428] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.584560] kthread+0x337/0x6f0 [ 18.584779] ret_from_fork+0x41/0x80 [ 18.584973] ret_from_fork_asm+0x1a/0x30 [ 18.585196] [ 18.585328] The buggy address belongs to the object at ffff888102b21f80 [ 18.585328] which belongs to the cache kmalloc-64 of size 64 [ 18.585886] The buggy address is located 0 bytes to the right of [ 18.585886] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 18.586901] [ 18.587191] The buggy address belongs to the physical page: [ 18.587764] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 18.588456] flags: 0x200000000000000(node=0|zone=2) [ 18.588754] page_type: f5(slab) [ 18.589146] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.589558] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.590092] page dumped because: kasan: bad access detected [ 18.590544] [ 18.590733] Memory state around the buggy address: [ 18.590991] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.591455] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.592018] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.592525] ^ [ 18.592877] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.593392] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.593863] ================================================================== [ 19.031607] ================================================================== [ 19.032328] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 19.032821] Write of size 8 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 19.033285] [ 19.033548] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 19.033691] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.033734] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.033784] Call Trace: [ 19.033850] <TASK> [ 19.033896] dump_stack_lvl+0x73/0xb0 [ 19.033971] print_report+0xd1/0x650 [ 19.034032] ? __virt_addr_valid+0x1db/0x2d0 [ 19.034125] ? kasan_atomics_helper+0x1b22/0x5450 [ 19.034172] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.034220] ? kasan_atomics_helper+0x1b22/0x5450 [ 19.034272] kasan_report+0x141/0x180 [ 19.034325] ? kasan_atomics_helper+0x1b22/0x5450 [ 19.034416] kasan_check_range+0x10c/0x1c0 [ 19.034487] __kasan_check_write+0x18/0x20 [ 19.034533] kasan_atomics_helper+0x1b22/0x5450 [ 19.034591] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 19.034657] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.034731] ? kasan_atomics+0x152/0x310 [ 19.034786] kasan_atomics+0x1dc/0x310 [ 19.034834] ? __pfx_kasan_atomics+0x10/0x10 [ 19.034895] ? __pfx_read_tsc+0x10/0x10 [ 19.034964] ? ktime_get_ts64+0x86/0x230 [ 19.035025] kunit_try_run_case+0x1a5/0x480 [ 19.035111] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.035166] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.035226] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.035283] ? __kthread_parkme+0x82/0x180 [ 19.035331] ? preempt_count_sub+0x50/0x80 [ 19.035424] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.035496] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.035559] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.035620] kthread+0x337/0x6f0 [ 19.035665] ? trace_preempt_on+0x20/0xc0 [ 19.035711] ? __pfx_kthread+0x10/0x10 [ 19.035734] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.035761] ? calculate_sigpending+0x7b/0xa0 [ 19.035789] ? __pfx_kthread+0x10/0x10 [ 19.035811] ret_from_fork+0x41/0x80 [ 19.035837] ? __pfx_kthread+0x10/0x10 [ 19.035858] ret_from_fork_asm+0x1a/0x30 [ 19.035896] </TASK> [ 19.035912] [ 19.049154] Allocated by task 286: [ 19.049356] kasan_save_stack+0x45/0x70 [ 19.049644] kasan_save_track+0x18/0x40 [ 19.049915] kasan_save_alloc_info+0x3b/0x50 [ 19.050231] __kasan_kmalloc+0xb7/0xc0 [ 19.050681] __kmalloc_cache_noprof+0x189/0x420 [ 19.050920] kasan_atomics+0x95/0x310 [ 19.051223] kunit_try_run_case+0x1a5/0x480 [ 19.051662] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.052145] kthread+0x337/0x6f0 [ 19.052406] ret_from_fork+0x41/0x80 [ 19.052615] ret_from_fork_asm+0x1a/0x30 [ 19.052835] [ 19.052959] The buggy address belongs to the object at ffff888102b21f80 [ 19.052959] which belongs to the cache kmalloc-64 of size 64 [ 19.054564] The buggy address is located 0 bytes to the right of [ 19.054564] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 19.055113] [ 19.055231] The buggy address belongs to the physical page: [ 19.055443] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 19.055701] flags: 0x200000000000000(node=0|zone=2) [ 19.057191] page_type: f5(slab) [ 19.057561] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 19.058502] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.058978] page dumped because: kasan: bad access detected [ 19.059193] [ 19.059703] Memory state around the buggy address: [ 19.060158] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.060822] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.061599] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.061887] ^ [ 19.062110] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.062492] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.062716] ================================================================== [ 19.226267] ================================================================== [ 19.226717] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 19.227019] Write of size 8 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 19.227792] [ 19.228056] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 19.228386] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.228429] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.228483] Call Trace: [ 19.228533] <TASK> [ 19.228581] dump_stack_lvl+0x73/0xb0 [ 19.228658] print_report+0xd1/0x650 [ 19.228717] ? __virt_addr_valid+0x1db/0x2d0 [ 19.228766] ? kasan_atomics_helper+0x1eaa/0x5450 [ 19.228813] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.228868] ? kasan_atomics_helper+0x1eaa/0x5450 [ 19.228918] kasan_report+0x141/0x180 [ 19.228962] ? kasan_atomics_helper+0x1eaa/0x5450 [ 19.229053] kasan_check_range+0x10c/0x1c0 [ 19.229143] __kasan_check_write+0x18/0x20 [ 19.229185] kasan_atomics_helper+0x1eaa/0x5450 [ 19.229231] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 19.229273] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.229315] ? kasan_atomics+0x152/0x310 [ 19.229377] kasan_atomics+0x1dc/0x310 [ 19.229416] ? __pfx_kasan_atomics+0x10/0x10 [ 19.229457] ? __pfx_read_tsc+0x10/0x10 [ 19.229494] ? ktime_get_ts64+0x86/0x230 [ 19.229544] kunit_try_run_case+0x1a5/0x480 [ 19.229595] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.229638] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.229687] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.229733] ? __kthread_parkme+0x82/0x180 [ 19.229778] ? preempt_count_sub+0x50/0x80 [ 19.229835] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.229895] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.229936] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.229976] kthread+0x337/0x6f0 [ 19.230004] ? trace_preempt_on+0x20/0xc0 [ 19.230042] ? __pfx_kthread+0x10/0x10 [ 19.230105] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.230136] ? calculate_sigpending+0x7b/0xa0 [ 19.230164] ? __pfx_kthread+0x10/0x10 [ 19.230186] ret_from_fork+0x41/0x80 [ 19.230212] ? __pfx_kthread+0x10/0x10 [ 19.230235] ret_from_fork_asm+0x1a/0x30 [ 19.230272] </TASK> [ 19.230287] [ 19.242055] Allocated by task 286: [ 19.242312] kasan_save_stack+0x45/0x70 [ 19.242545] kasan_save_track+0x18/0x40 [ 19.242944] kasan_save_alloc_info+0x3b/0x50 [ 19.243222] __kasan_kmalloc+0xb7/0xc0 [ 19.243454] __kmalloc_cache_noprof+0x189/0x420 [ 19.243804] kasan_atomics+0x95/0x310 [ 19.244168] kunit_try_run_case+0x1a5/0x480 [ 19.244521] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.244929] kthread+0x337/0x6f0 [ 19.245317] ret_from_fork+0x41/0x80 [ 19.245520] ret_from_fork_asm+0x1a/0x30 [ 19.245700] [ 19.245806] The buggy address belongs to the object at ffff888102b21f80 [ 19.245806] which belongs to the cache kmalloc-64 of size 64 [ 19.246212] The buggy address is located 0 bytes to the right of [ 19.246212] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 19.246698] [ 19.246829] The buggy address belongs to the physical page: [ 19.247096] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 19.247513] flags: 0x200000000000000(node=0|zone=2) [ 19.247696] page_type: f5(slab) [ 19.247941] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 19.249685] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.251639] page dumped because: kasan: bad access detected [ 19.252066] [ 19.252178] Memory state around the buggy address: [ 19.252376] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.252624] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.252863] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.253114] ^ [ 19.253304] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.253992] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.254598] ================================================================== [ 18.507064] ================================================================== [ 18.507463] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 18.507789] Read of size 4 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 18.508389] [ 18.508630] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 18.508742] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.508773] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.508825] Call Trace: [ 18.508875] <TASK> [ 18.508923] dump_stack_lvl+0x73/0xb0 [ 18.508994] print_report+0xd1/0x650 [ 18.509094] ? __virt_addr_valid+0x1db/0x2d0 [ 18.509139] ? kasan_atomics_helper+0x49e8/0x5450 [ 18.509179] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.509218] ? kasan_atomics_helper+0x49e8/0x5450 [ 18.509256] kasan_report+0x141/0x180 [ 18.509293] ? kasan_atomics_helper+0x49e8/0x5450 [ 18.509353] __asan_report_load4_noabort+0x18/0x20 [ 18.509395] kasan_atomics_helper+0x49e8/0x5450 [ 18.509434] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.509472] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.509510] ? kasan_atomics+0x152/0x310 [ 18.509557] kasan_atomics+0x1dc/0x310 [ 18.509599] ? __pfx_kasan_atomics+0x10/0x10 [ 18.509637] ? __pfx_read_tsc+0x10/0x10 [ 18.509676] ? ktime_get_ts64+0x86/0x230 [ 18.509732] kunit_try_run_case+0x1a5/0x480 [ 18.509789] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.509847] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.509916] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.509970] ? __kthread_parkme+0x82/0x180 [ 18.510023] ? preempt_count_sub+0x50/0x80 [ 18.510076] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.510126] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.510184] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.510249] kthread+0x337/0x6f0 [ 18.510309] ? trace_preempt_on+0x20/0xc0 [ 18.510379] ? __pfx_kthread+0x10/0x10 [ 18.510424] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.510475] ? calculate_sigpending+0x7b/0xa0 [ 18.510530] ? __pfx_kthread+0x10/0x10 [ 18.510576] ret_from_fork+0x41/0x80 [ 18.510630] ? __pfx_kthread+0x10/0x10 [ 18.510677] ret_from_fork_asm+0x1a/0x30 [ 18.510754] </TASK> [ 18.510783] [ 18.521277] Allocated by task 286: [ 18.521671] kasan_save_stack+0x45/0x70 [ 18.522071] kasan_save_track+0x18/0x40 [ 18.522382] kasan_save_alloc_info+0x3b/0x50 [ 18.522566] __kasan_kmalloc+0xb7/0xc0 [ 18.522929] __kmalloc_cache_noprof+0x189/0x420 [ 18.523398] kasan_atomics+0x95/0x310 [ 18.523658] kunit_try_run_case+0x1a5/0x480 [ 18.523973] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.524537] kthread+0x337/0x6f0 [ 18.524712] ret_from_fork+0x41/0x80 [ 18.524894] ret_from_fork_asm+0x1a/0x30 [ 18.525104] [ 18.525228] The buggy address belongs to the object at ffff888102b21f80 [ 18.525228] which belongs to the cache kmalloc-64 of size 64 [ 18.526238] The buggy address is located 0 bytes to the right of [ 18.526238] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 18.527533] [ 18.527657] The buggy address belongs to the physical page: [ 18.528011] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 18.528492] flags: 0x200000000000000(node=0|zone=2) [ 18.528905] page_type: f5(slab) [ 18.529112] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.529426] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.529717] page dumped because: kasan: bad access detected [ 18.529946] [ 18.530068] Memory state around the buggy address: [ 18.530281] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.530860] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.531530] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.532093] ^ [ 18.532523] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.533290] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.533884] ================================================================== [ 17.659528] ================================================================== [ 17.659945] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 17.660665] Read of size 4 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 17.661605] [ 17.661858] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 17.661988] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.662018] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.662064] Call Trace: [ 17.662111] <TASK> [ 17.662182] dump_stack_lvl+0x73/0xb0 [ 17.662274] print_report+0xd1/0x650 [ 17.662318] ? __virt_addr_valid+0x1db/0x2d0 [ 17.662372] ? kasan_atomics_helper+0x3df/0x5450 [ 17.662400] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.662429] ? kasan_atomics_helper+0x3df/0x5450 [ 17.662467] kasan_report+0x141/0x180 [ 17.662502] ? kasan_atomics_helper+0x3df/0x5450 [ 17.662535] kasan_check_range+0x10c/0x1c0 [ 17.662560] __kasan_check_read+0x15/0x20 [ 17.662583] kasan_atomics_helper+0x3df/0x5450 [ 17.662611] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.662638] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.662666] ? kasan_atomics+0x152/0x310 [ 17.662694] kasan_atomics+0x1dc/0x310 [ 17.662717] ? __pfx_kasan_atomics+0x10/0x10 [ 17.662742] ? __pfx_read_tsc+0x10/0x10 [ 17.662767] ? ktime_get_ts64+0x86/0x230 [ 17.662797] kunit_try_run_case+0x1a5/0x480 [ 17.662827] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.662852] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.662881] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.662909] ? __kthread_parkme+0x82/0x180 [ 17.662936] ? preempt_count_sub+0x50/0x80 [ 17.662965] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.662994] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.663022] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.663052] kthread+0x337/0x6f0 [ 17.663095] ? trace_preempt_on+0x20/0xc0 [ 17.663123] ? __pfx_kthread+0x10/0x10 [ 17.663145] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.663171] ? calculate_sigpending+0x7b/0xa0 [ 17.663197] ? __pfx_kthread+0x10/0x10 [ 17.663220] ret_from_fork+0x41/0x80 [ 17.663244] ? __pfx_kthread+0x10/0x10 [ 17.663265] ret_from_fork_asm+0x1a/0x30 [ 17.663300] </TASK> [ 17.663315] [ 17.674862] Allocated by task 286: [ 17.675264] kasan_save_stack+0x45/0x70 [ 17.675693] kasan_save_track+0x18/0x40 [ 17.676092] kasan_save_alloc_info+0x3b/0x50 [ 17.676509] __kasan_kmalloc+0xb7/0xc0 [ 17.676866] __kmalloc_cache_noprof+0x189/0x420 [ 17.677421] kasan_atomics+0x95/0x310 [ 17.677828] kunit_try_run_case+0x1a5/0x480 [ 17.678282] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.678792] kthread+0x337/0x6f0 [ 17.679164] ret_from_fork+0x41/0x80 [ 17.679547] ret_from_fork_asm+0x1a/0x30 [ 17.679937] [ 17.680190] The buggy address belongs to the object at ffff888102b21f80 [ 17.680190] which belongs to the cache kmalloc-64 of size 64 [ 17.681101] The buggy address is located 0 bytes to the right of [ 17.681101] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 17.681807] [ 17.682050] The buggy address belongs to the physical page: [ 17.682623] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 17.683179] flags: 0x200000000000000(node=0|zone=2) [ 17.683506] page_type: f5(slab) [ 17.683884] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.684685] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.685100] page dumped because: kasan: bad access detected [ 17.685537] [ 17.685730] Memory state around the buggy address: [ 17.686106] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.686617] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.686935] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.687199] ^ [ 17.687592] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.688204] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.688925] ================================================================== [ 17.937733] ================================================================== [ 17.938494] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 17.938822] Write of size 4 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 17.939458] [ 17.939628] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 17.939738] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.939770] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.939822] Call Trace: [ 17.939873] <TASK> [ 17.939924] dump_stack_lvl+0x73/0xb0 [ 17.939992] print_report+0xd1/0x650 [ 17.940052] ? __virt_addr_valid+0x1db/0x2d0 [ 17.940103] ? kasan_atomics_helper+0x860/0x5450 [ 17.940155] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.940209] ? kasan_atomics_helper+0x860/0x5450 [ 17.940269] kasan_report+0x141/0x180 [ 17.940324] ? kasan_atomics_helper+0x860/0x5450 [ 17.940411] kasan_check_range+0x10c/0x1c0 [ 17.940463] __kasan_check_write+0x18/0x20 [ 17.940505] kasan_atomics_helper+0x860/0x5450 [ 17.940554] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.940609] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.940666] ? kasan_atomics+0x152/0x310 [ 17.940724] kasan_atomics+0x1dc/0x310 [ 17.940775] ? __pfx_kasan_atomics+0x10/0x10 [ 17.940831] ? __pfx_read_tsc+0x10/0x10 [ 17.940883] ? ktime_get_ts64+0x86/0x230 [ 17.940945] kunit_try_run_case+0x1a5/0x480 [ 17.941009] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.941091] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.941147] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.941200] ? __kthread_parkme+0x82/0x180 [ 17.941250] ? preempt_count_sub+0x50/0x80 [ 17.941365] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.941423] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.941487] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.941545] kthread+0x337/0x6f0 [ 17.941584] ? trace_preempt_on+0x20/0xc0 [ 17.941630] ? __pfx_kthread+0x10/0x10 [ 17.941670] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.941722] ? calculate_sigpending+0x7b/0xa0 [ 17.941773] ? __pfx_kthread+0x10/0x10 [ 17.941823] ret_from_fork+0x41/0x80 [ 17.941874] ? __pfx_kthread+0x10/0x10 [ 17.941922] ret_from_fork_asm+0x1a/0x30 [ 17.941999] </TASK> [ 17.942031] [ 17.952330] Allocated by task 286: [ 17.952564] kasan_save_stack+0x45/0x70 [ 17.952797] kasan_save_track+0x18/0x40 [ 17.952995] kasan_save_alloc_info+0x3b/0x50 [ 17.953373] __kasan_kmalloc+0xb7/0xc0 [ 17.953693] __kmalloc_cache_noprof+0x189/0x420 [ 17.954027] kasan_atomics+0x95/0x310 [ 17.954331] kunit_try_run_case+0x1a5/0x480 [ 17.954683] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.955105] kthread+0x337/0x6f0 [ 17.955418] ret_from_fork+0x41/0x80 [ 17.955743] ret_from_fork_asm+0x1a/0x30 [ 17.955961] [ 17.956129] The buggy address belongs to the object at ffff888102b21f80 [ 17.956129] which belongs to the cache kmalloc-64 of size 64 [ 17.956734] The buggy address is located 0 bytes to the right of [ 17.956734] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 17.957421] [ 17.957623] The buggy address belongs to the physical page: [ 17.958094] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 17.958505] flags: 0x200000000000000(node=0|zone=2) [ 17.958740] page_type: f5(slab) [ 17.958935] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.959221] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.959514] page dumped because: kasan: bad access detected [ 17.959738] [ 17.959849] Memory state around the buggy address: [ 17.960062] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.960367] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.960890] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.961486] ^ [ 17.961908] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.962486] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.963227] ================================================================== [ 18.020881] ================================================================== [ 18.021959] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 18.022621] Write of size 4 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 18.023088] [ 18.023316] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 18.023453] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.023483] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.023535] Call Trace: [ 18.023582] <TASK> [ 18.023629] dump_stack_lvl+0x73/0xb0 [ 18.023696] print_report+0xd1/0x650 [ 18.023735] ? __virt_addr_valid+0x1db/0x2d0 [ 18.023773] ? kasan_atomics_helper+0xa2b/0x5450 [ 18.023817] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.023870] ? kasan_atomics_helper+0xa2b/0x5450 [ 18.023925] kasan_report+0x141/0x180 [ 18.023980] ? kasan_atomics_helper+0xa2b/0x5450 [ 18.024047] kasan_check_range+0x10c/0x1c0 [ 18.024108] __kasan_check_write+0x18/0x20 [ 18.024155] kasan_atomics_helper+0xa2b/0x5450 [ 18.024198] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.024248] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.024302] ? kasan_atomics+0x152/0x310 [ 18.024369] kasan_atomics+0x1dc/0x310 [ 18.024417] ? __pfx_kasan_atomics+0x10/0x10 [ 18.024464] ? __pfx_read_tsc+0x10/0x10 [ 18.024512] ? ktime_get_ts64+0x86/0x230 [ 18.024573] kunit_try_run_case+0x1a5/0x480 [ 18.024634] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.024692] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.024754] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.024814] ? __kthread_parkme+0x82/0x180 [ 18.024872] ? preempt_count_sub+0x50/0x80 [ 18.024936] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.024999] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.025077] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.025130] kthread+0x337/0x6f0 [ 18.025172] ? trace_preempt_on+0x20/0xc0 [ 18.025226] ? __pfx_kthread+0x10/0x10 [ 18.025274] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.025331] ? calculate_sigpending+0x7b/0xa0 [ 18.025407] ? __pfx_kthread+0x10/0x10 [ 18.025459] ret_from_fork+0x41/0x80 [ 18.025513] ? __pfx_kthread+0x10/0x10 [ 18.025564] ret_from_fork_asm+0x1a/0x30 [ 18.025643] </TASK> [ 18.025674] [ 18.035607] Allocated by task 286: [ 18.035807] kasan_save_stack+0x45/0x70 [ 18.036030] kasan_save_track+0x18/0x40 [ 18.036360] kasan_save_alloc_info+0x3b/0x50 [ 18.036731] __kasan_kmalloc+0xb7/0xc0 [ 18.037054] __kmalloc_cache_noprof+0x189/0x420 [ 18.037451] kasan_atomics+0x95/0x310 [ 18.037786] kunit_try_run_case+0x1a5/0x480 [ 18.038174] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.038628] kthread+0x337/0x6f0 [ 18.038918] ret_from_fork+0x41/0x80 [ 18.039190] ret_from_fork_asm+0x1a/0x30 [ 18.039443] [ 18.039570] The buggy address belongs to the object at ffff888102b21f80 [ 18.039570] which belongs to the cache kmalloc-64 of size 64 [ 18.039994] The buggy address is located 0 bytes to the right of [ 18.039994] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 18.040942] [ 18.041148] The buggy address belongs to the physical page: [ 18.041657] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 18.042145] flags: 0x200000000000000(node=0|zone=2) [ 18.042384] page_type: f5(slab) [ 18.042658] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.042949] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.043230] page dumped because: kasan: bad access detected [ 18.043605] [ 18.043784] Memory state around the buggy address: [ 18.044328] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.044883] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.045561] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.045902] ^ [ 18.046314] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.046664] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.047048] ================================================================== [ 19.504784] ================================================================== [ 19.505720] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 19.506331] Write of size 8 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 19.506900] [ 19.507148] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 19.507275] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.507310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.507370] Call Trace: [ 19.507418] <TASK> [ 19.507465] dump_stack_lvl+0x73/0xb0 [ 19.507560] print_report+0xd1/0x650 [ 19.507616] ? __virt_addr_valid+0x1db/0x2d0 [ 19.507668] ? kasan_atomics_helper+0x224c/0x5450 [ 19.507720] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.507785] ? kasan_atomics_helper+0x224c/0x5450 [ 19.507856] kasan_report+0x141/0x180 [ 19.507904] ? kasan_atomics_helper+0x224c/0x5450 [ 19.507971] kasan_check_range+0x10c/0x1c0 [ 19.508030] __kasan_check_write+0x18/0x20 [ 19.508105] kasan_atomics_helper+0x224c/0x5450 [ 19.508164] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 19.508215] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.508268] ? kasan_atomics+0x152/0x310 [ 19.508325] kasan_atomics+0x1dc/0x310 [ 19.508399] ? __pfx_kasan_atomics+0x10/0x10 [ 19.508453] ? __pfx_read_tsc+0x10/0x10 [ 19.508497] ? ktime_get_ts64+0x86/0x230 [ 19.508536] kunit_try_run_case+0x1a5/0x480 [ 19.508567] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.508593] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.508624] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.508652] ? __kthread_parkme+0x82/0x180 [ 19.508680] ? preempt_count_sub+0x50/0x80 [ 19.508709] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.508738] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.508766] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.508795] kthread+0x337/0x6f0 [ 19.508816] ? trace_preempt_on+0x20/0xc0 [ 19.508845] ? __pfx_kthread+0x10/0x10 [ 19.508868] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.508895] ? calculate_sigpending+0x7b/0xa0 [ 19.508922] ? __pfx_kthread+0x10/0x10 [ 19.508945] ret_from_fork+0x41/0x80 [ 19.508970] ? __pfx_kthread+0x10/0x10 [ 19.508992] ret_from_fork_asm+0x1a/0x30 [ 19.509043] </TASK> [ 19.509067] [ 19.522651] Allocated by task 286: [ 19.522847] kasan_save_stack+0x45/0x70 [ 19.523042] kasan_save_track+0x18/0x40 [ 19.523457] kasan_save_alloc_info+0x3b/0x50 [ 19.523845] __kasan_kmalloc+0xb7/0xc0 [ 19.524237] __kmalloc_cache_noprof+0x189/0x420 [ 19.524795] kasan_atomics+0x95/0x310 [ 19.525201] kunit_try_run_case+0x1a5/0x480 [ 19.525618] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.526153] kthread+0x337/0x6f0 [ 19.526622] ret_from_fork+0x41/0x80 [ 19.527214] ret_from_fork_asm+0x1a/0x30 [ 19.527459] [ 19.527582] The buggy address belongs to the object at ffff888102b21f80 [ 19.527582] which belongs to the cache kmalloc-64 of size 64 [ 19.528420] The buggy address is located 0 bytes to the right of [ 19.528420] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 19.529510] [ 19.529757] The buggy address belongs to the physical page: [ 19.530295] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 19.530984] flags: 0x200000000000000(node=0|zone=2) [ 19.531492] page_type: f5(slab) [ 19.531826] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 19.532300] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.532889] page dumped because: kasan: bad access detected [ 19.533426] [ 19.533609] Memory state around the buggy address: [ 19.533928] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.534651] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.535019] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.535610] ^ [ 19.535990] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.536548] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.536781] ================================================================== [ 18.724318] ================================================================== [ 18.724833] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 18.725803] Write of size 8 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 18.726360] [ 18.726545] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 18.726657] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.726688] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.726739] Call Trace: [ 18.726789] <TASK> [ 18.726841] dump_stack_lvl+0x73/0xb0 [ 18.726914] print_report+0xd1/0x650 [ 18.726973] ? __virt_addr_valid+0x1db/0x2d0 [ 18.727034] ? kasan_atomics_helper+0x151d/0x5450 [ 18.727123] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.727186] ? kasan_atomics_helper+0x151d/0x5450 [ 18.727244] kasan_report+0x141/0x180 [ 18.727294] ? kasan_atomics_helper+0x151d/0x5450 [ 18.727371] kasan_check_range+0x10c/0x1c0 [ 18.727464] __kasan_check_write+0x18/0x20 [ 18.727529] kasan_atomics_helper+0x151d/0x5450 [ 18.727587] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.727644] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.727700] ? kasan_atomics+0x152/0x310 [ 18.727786] kasan_atomics+0x1dc/0x310 [ 18.727854] ? __pfx_kasan_atomics+0x10/0x10 [ 18.727901] ? __pfx_read_tsc+0x10/0x10 [ 18.727951] ? ktime_get_ts64+0x86/0x230 [ 18.728014] kunit_try_run_case+0x1a5/0x480 [ 18.728106] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.728163] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.728214] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.728245] ? __kthread_parkme+0x82/0x180 [ 18.728275] ? preempt_count_sub+0x50/0x80 [ 18.728305] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.728353] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.728395] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.728425] kthread+0x337/0x6f0 [ 18.728447] ? trace_preempt_on+0x20/0xc0 [ 18.728476] ? __pfx_kthread+0x10/0x10 [ 18.728499] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.728527] ? calculate_sigpending+0x7b/0xa0 [ 18.728554] ? __pfx_kthread+0x10/0x10 [ 18.728577] ret_from_fork+0x41/0x80 [ 18.728603] ? __pfx_kthread+0x10/0x10 [ 18.728626] ret_from_fork_asm+0x1a/0x30 [ 18.728663] </TASK> [ 18.728678] [ 18.739997] Allocated by task 286: [ 18.740255] kasan_save_stack+0x45/0x70 [ 18.740650] kasan_save_track+0x18/0x40 [ 18.741112] kasan_save_alloc_info+0x3b/0x50 [ 18.741446] __kasan_kmalloc+0xb7/0xc0 [ 18.741845] __kmalloc_cache_noprof+0x189/0x420 [ 18.742347] kasan_atomics+0x95/0x310 [ 18.742747] kunit_try_run_case+0x1a5/0x480 [ 18.743239] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.743762] kthread+0x337/0x6f0 [ 18.744183] ret_from_fork+0x41/0x80 [ 18.744519] ret_from_fork_asm+0x1a/0x30 [ 18.744846] [ 18.745113] The buggy address belongs to the object at ffff888102b21f80 [ 18.745113] which belongs to the cache kmalloc-64 of size 64 [ 18.745792] The buggy address is located 0 bytes to the right of [ 18.745792] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 18.746522] [ 18.746660] The buggy address belongs to the physical page: [ 18.746893] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 18.747576] flags: 0x200000000000000(node=0|zone=2) [ 18.747994] page_type: f5(slab) [ 18.748449] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.748990] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.749594] page dumped because: kasan: bad access detected [ 18.749880] [ 18.750119] Memory state around the buggy address: [ 18.750553] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.750840] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.751196] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.751599] ^ [ 18.752046] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.752659] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.753321] ================================================================== [ 17.992801] ================================================================== [ 17.993170] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 17.994664] Write of size 4 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 17.995276] [ 17.995555] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 17.995668] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.995704] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.995758] Call Trace: [ 17.995812] <TASK> [ 17.995860] dump_stack_lvl+0x73/0xb0 [ 17.995936] print_report+0xd1/0x650 [ 17.995997] ? __virt_addr_valid+0x1db/0x2d0 [ 17.996057] ? kasan_atomics_helper+0x992/0x5450 [ 17.996104] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.996155] ? kasan_atomics_helper+0x992/0x5450 [ 17.996204] kasan_report+0x141/0x180 [ 17.996250] ? kasan_atomics_helper+0x992/0x5450 [ 17.996306] kasan_check_range+0x10c/0x1c0 [ 17.996371] __kasan_check_write+0x18/0x20 [ 17.996417] kasan_atomics_helper+0x992/0x5450 [ 17.996467] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.996517] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.996572] ? kasan_atomics+0x152/0x310 [ 17.996620] kasan_atomics+0x1dc/0x310 [ 17.996663] ? __pfx_kasan_atomics+0x10/0x10 [ 17.996714] ? __pfx_read_tsc+0x10/0x10 [ 17.996760] ? ktime_get_ts64+0x86/0x230 [ 17.996820] kunit_try_run_case+0x1a5/0x480 [ 17.996872] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.996923] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.996976] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.997041] ? __kthread_parkme+0x82/0x180 [ 17.997107] ? preempt_count_sub+0x50/0x80 [ 17.997171] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.997233] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.997297] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.997379] kthread+0x337/0x6f0 [ 17.997427] ? trace_preempt_on+0x20/0xc0 [ 17.997489] ? __pfx_kthread+0x10/0x10 [ 17.997540] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.997600] ? calculate_sigpending+0x7b/0xa0 [ 17.997659] ? __pfx_kthread+0x10/0x10 [ 17.997709] ret_from_fork+0x41/0x80 [ 17.997764] ? __pfx_kthread+0x10/0x10 [ 17.997816] ret_from_fork_asm+0x1a/0x30 [ 17.997898] </TASK> [ 17.997928] [ 18.008715] Allocated by task 286: [ 18.009061] kasan_save_stack+0x45/0x70 [ 18.009454] kasan_save_track+0x18/0x40 [ 18.009666] kasan_save_alloc_info+0x3b/0x50 [ 18.009885] __kasan_kmalloc+0xb7/0xc0 [ 18.010096] __kmalloc_cache_noprof+0x189/0x420 [ 18.010511] kasan_atomics+0x95/0x310 [ 18.010816] kunit_try_run_case+0x1a5/0x480 [ 18.011214] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.011700] kthread+0x337/0x6f0 [ 18.011872] ret_from_fork+0x41/0x80 [ 18.012219] ret_from_fork_asm+0x1a/0x30 [ 18.012559] [ 18.012684] The buggy address belongs to the object at ffff888102b21f80 [ 18.012684] which belongs to the cache kmalloc-64 of size 64 [ 18.013113] The buggy address is located 0 bytes to the right of [ 18.013113] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 18.014026] [ 18.014239] The buggy address belongs to the physical page: [ 18.014569] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 18.014968] flags: 0x200000000000000(node=0|zone=2) [ 18.015400] page_type: f5(slab) [ 18.015598] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.015906] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.016433] page dumped because: kasan: bad access detected [ 18.016874] [ 18.017065] Memory state around the buggy address: [ 18.017450] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.017916] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.018440] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.018787] ^ [ 18.019048] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.019498] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.019772] ================================================================== [ 18.685511] ================================================================== [ 18.685837] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 18.686194] Write of size 8 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 18.686495] [ 18.686723] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 18.686834] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.686867] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.686916] Call Trace: [ 18.686964] <TASK> [ 18.687013] dump_stack_lvl+0x73/0xb0 [ 18.687113] print_report+0xd1/0x650 [ 18.687171] ? __virt_addr_valid+0x1db/0x2d0 [ 18.687230] ? kasan_atomics_helper+0x50d4/0x5450 [ 18.687284] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.687357] ? kasan_atomics_helper+0x50d4/0x5450 [ 18.687415] kasan_report+0x141/0x180 [ 18.687471] ? kasan_atomics_helper+0x50d4/0x5450 [ 18.687539] __asan_report_store8_noabort+0x1b/0x30 [ 18.687599] kasan_atomics_helper+0x50d4/0x5450 [ 18.687660] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.687721] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.687779] ? kasan_atomics+0x152/0x310 [ 18.687837] kasan_atomics+0x1dc/0x310 [ 18.687888] ? __pfx_kasan_atomics+0x10/0x10 [ 18.687941] ? __pfx_read_tsc+0x10/0x10 [ 18.687982] ? ktime_get_ts64+0x86/0x230 [ 18.688034] kunit_try_run_case+0x1a5/0x480 [ 18.688099] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.688147] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.688200] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.688251] ? __kthread_parkme+0x82/0x180 [ 18.688388] ? preempt_count_sub+0x50/0x80 [ 18.688441] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.688486] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.688534] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.688578] kthread+0x337/0x6f0 [ 18.688961] ? trace_preempt_on+0x20/0xc0 [ 18.689110] ? __pfx_kthread+0x10/0x10 [ 18.689167] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.689216] ? calculate_sigpending+0x7b/0xa0 [ 18.689269] ? __pfx_kthread+0x10/0x10 [ 18.689319] ret_from_fork+0x41/0x80 [ 18.689392] ? __pfx_kthread+0x10/0x10 [ 18.689442] ret_from_fork_asm+0x1a/0x30 [ 18.689523] </TASK> [ 18.689552] [ 18.705831] Allocated by task 286: [ 18.706277] kasan_save_stack+0x45/0x70 [ 18.706690] kasan_save_track+0x18/0x40 [ 18.707029] kasan_save_alloc_info+0x3b/0x50 [ 18.707477] __kasan_kmalloc+0xb7/0xc0 [ 18.707805] __kmalloc_cache_noprof+0x189/0x420 [ 18.708004] kasan_atomics+0x95/0x310 [ 18.708206] kunit_try_run_case+0x1a5/0x480 [ 18.708436] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.708787] kthread+0x337/0x6f0 [ 18.709008] ret_from_fork+0x41/0x80 [ 18.709246] ret_from_fork_asm+0x1a/0x30 [ 18.709465] [ 18.709588] The buggy address belongs to the object at ffff888102b21f80 [ 18.709588] which belongs to the cache kmalloc-64 of size 64 [ 18.710011] The buggy address is located 0 bytes to the right of [ 18.710011] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 18.710830] [ 18.711031] The buggy address belongs to the physical page: [ 18.711395] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 18.711987] flags: 0x200000000000000(node=0|zone=2) [ 18.712447] page_type: f5(slab) [ 18.712758] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.713448] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.714109] page dumped because: kasan: bad access detected [ 18.714332] [ 18.714555] Memory state around the buggy address: [ 18.714853] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.715276] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.715783] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.716145] ^ [ 18.718598] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.718887] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.719166] ================================================================== [ 18.292454] ================================================================== [ 18.293137] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 18.294387] Write of size 4 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 18.294943] [ 18.295114] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 18.295222] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.295255] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.295306] Call Trace: [ 18.295864] <TASK> [ 18.295917] dump_stack_lvl+0x73/0xb0 [ 18.295966] print_report+0xd1/0x650 [ 18.295996] ? __virt_addr_valid+0x1db/0x2d0 [ 18.296025] ? kasan_atomics_helper+0xfa9/0x5450 [ 18.296050] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.296100] ? kasan_atomics_helper+0xfa9/0x5450 [ 18.296128] kasan_report+0x141/0x180 [ 18.296155] ? kasan_atomics_helper+0xfa9/0x5450 [ 18.296186] kasan_check_range+0x10c/0x1c0 [ 18.296211] __kasan_check_write+0x18/0x20 [ 18.296235] kasan_atomics_helper+0xfa9/0x5450 [ 18.296261] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.296288] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.296318] ? kasan_atomics+0x152/0x310 [ 18.296363] kasan_atomics+0x1dc/0x310 [ 18.296389] ? __pfx_kasan_atomics+0x10/0x10 [ 18.296414] ? __pfx_read_tsc+0x10/0x10 [ 18.296438] ? ktime_get_ts64+0x86/0x230 [ 18.296468] kunit_try_run_case+0x1a5/0x480 [ 18.296498] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.296523] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.296553] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.296581] ? __kthread_parkme+0x82/0x180 [ 18.296607] ? preempt_count_sub+0x50/0x80 [ 18.296637] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.296665] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.296693] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.296721] kthread+0x337/0x6f0 [ 18.296741] ? trace_preempt_on+0x20/0xc0 [ 18.296769] ? __pfx_kthread+0x10/0x10 [ 18.296791] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.296817] ? calculate_sigpending+0x7b/0xa0 [ 18.296843] ? __pfx_kthread+0x10/0x10 [ 18.296865] ret_from_fork+0x41/0x80 [ 18.296889] ? __pfx_kthread+0x10/0x10 [ 18.296910] ret_from_fork_asm+0x1a/0x30 [ 18.296945] </TASK> [ 18.296960] [ 18.311643] Allocated by task 286: [ 18.311795] kasan_save_stack+0x45/0x70 [ 18.311927] kasan_save_track+0x18/0x40 [ 18.312022] kasan_save_alloc_info+0x3b/0x50 [ 18.312384] __kasan_kmalloc+0xb7/0xc0 [ 18.312726] __kmalloc_cache_noprof+0x189/0x420 [ 18.313383] kasan_atomics+0x95/0x310 [ 18.313642] kunit_try_run_case+0x1a5/0x480 [ 18.313906] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.314202] kthread+0x337/0x6f0 [ 18.315150] ret_from_fork+0x41/0x80 [ 18.315373] ret_from_fork_asm+0x1a/0x30 [ 18.315910] [ 18.316411] The buggy address belongs to the object at ffff888102b21f80 [ 18.316411] which belongs to the cache kmalloc-64 of size 64 [ 18.317045] The buggy address is located 0 bytes to the right of [ 18.317045] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 18.318010] [ 18.318422] The buggy address belongs to the physical page: [ 18.318720] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 18.319672] flags: 0x200000000000000(node=0|zone=2) [ 18.319899] page_type: f5(slab) [ 18.320203] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.320891] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.321722] page dumped because: kasan: bad access detected [ 18.322291] [ 18.322454] Memory state around the buggy address: [ 18.322769] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.323218] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.323777] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.324015] ^ [ 18.324466] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.324913] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.325356] ================================================================== [ 18.755154] ================================================================== [ 18.755649] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 18.756531] Write of size 8 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 18.757059] [ 18.757321] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 18.757444] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.757476] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.757547] Call Trace: [ 18.757599] <TASK> [ 18.757646] dump_stack_lvl+0x73/0xb0 [ 18.757732] print_report+0xd1/0x650 [ 18.757788] ? __virt_addr_valid+0x1db/0x2d0 [ 18.757842] ? kasan_atomics_helper+0x15b6/0x5450 [ 18.757907] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.757959] ? kasan_atomics_helper+0x15b6/0x5450 [ 18.758010] kasan_report+0x141/0x180 [ 18.758062] ? kasan_atomics_helper+0x15b6/0x5450 [ 18.758127] kasan_check_range+0x10c/0x1c0 [ 18.758181] __kasan_check_write+0x18/0x20 [ 18.758228] kasan_atomics_helper+0x15b6/0x5450 [ 18.758280] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.758350] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.758426] ? kasan_atomics+0x152/0x310 [ 18.758484] kasan_atomics+0x1dc/0x310 [ 18.758536] ? __pfx_kasan_atomics+0x10/0x10 [ 18.758586] ? __pfx_read_tsc+0x10/0x10 [ 18.758632] ? ktime_get_ts64+0x86/0x230 [ 18.758711] kunit_try_run_case+0x1a5/0x480 [ 18.758771] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.758820] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.758877] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.758933] ? __kthread_parkme+0x82/0x180 [ 18.758987] ? preempt_count_sub+0x50/0x80 [ 18.759041] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.759116] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.759172] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.759232] kthread+0x337/0x6f0 [ 18.759276] ? trace_preempt_on+0x20/0xc0 [ 18.759321] ? __pfx_kthread+0x10/0x10 [ 18.759366] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.759397] ? calculate_sigpending+0x7b/0xa0 [ 18.759425] ? __pfx_kthread+0x10/0x10 [ 18.759449] ret_from_fork+0x41/0x80 [ 18.759475] ? __pfx_kthread+0x10/0x10 [ 18.759497] ret_from_fork_asm+0x1a/0x30 [ 18.759536] </TASK> [ 18.759551] [ 18.773537] Allocated by task 286: [ 18.773761] kasan_save_stack+0x45/0x70 [ 18.774196] kasan_save_track+0x18/0x40 [ 18.774594] kasan_save_alloc_info+0x3b/0x50 [ 18.775032] __kasan_kmalloc+0xb7/0xc0 [ 18.775467] __kmalloc_cache_noprof+0x189/0x420 [ 18.775893] kasan_atomics+0x95/0x310 [ 18.776308] kunit_try_run_case+0x1a5/0x480 [ 18.776587] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.776818] kthread+0x337/0x6f0 [ 18.777588] ret_from_fork+0x41/0x80 [ 18.777798] ret_from_fork_asm+0x1a/0x30 [ 18.777969] [ 18.778081] The buggy address belongs to the object at ffff888102b21f80 [ 18.778081] which belongs to the cache kmalloc-64 of size 64 [ 18.779519] The buggy address is located 0 bytes to the right of [ 18.779519] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 18.780715] [ 18.780845] The buggy address belongs to the physical page: [ 18.781081] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 18.781834] flags: 0x200000000000000(node=0|zone=2) [ 18.782381] page_type: f5(slab) [ 18.782685] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.783382] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.783840] page dumped because: kasan: bad access detected [ 18.784292] [ 18.784499] Memory state around the buggy address: [ 18.784767] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.785424] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.786070] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.786439] ^ [ 18.786702] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.787075] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.787821] ================================================================== [ 19.192506] ================================================================== [ 19.192841] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 19.193346] Write of size 8 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 19.193662] [ 19.193874] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 19.193984] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.194017] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.194068] Call Trace: [ 19.194541] <TASK> [ 19.194581] dump_stack_lvl+0x73/0xb0 [ 19.194626] print_report+0xd1/0x650 [ 19.194655] ? __virt_addr_valid+0x1db/0x2d0 [ 19.194683] ? kasan_atomics_helper+0x1e12/0x5450 [ 19.194710] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.194738] ? kasan_atomics_helper+0x1e12/0x5450 [ 19.194765] kasan_report+0x141/0x180 [ 19.194790] ? kasan_atomics_helper+0x1e12/0x5450 [ 19.194822] kasan_check_range+0x10c/0x1c0 [ 19.194846] __kasan_check_write+0x18/0x20 [ 19.194870] kasan_atomics_helper+0x1e12/0x5450 [ 19.194899] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 19.194926] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.194953] ? kasan_atomics+0x152/0x310 [ 19.194980] kasan_atomics+0x1dc/0x310 [ 19.195004] ? __pfx_kasan_atomics+0x10/0x10 [ 19.195029] ? __pfx_read_tsc+0x10/0x10 [ 19.195053] ? ktime_get_ts64+0x86/0x230 [ 19.195096] kunit_try_run_case+0x1a5/0x480 [ 19.195127] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.195153] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.195183] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.195210] ? __kthread_parkme+0x82/0x180 [ 19.195237] ? preempt_count_sub+0x50/0x80 [ 19.195267] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.195295] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.195324] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.195373] kthread+0x337/0x6f0 [ 19.195395] ? trace_preempt_on+0x20/0xc0 [ 19.195422] ? __pfx_kthread+0x10/0x10 [ 19.195444] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.195470] ? calculate_sigpending+0x7b/0xa0 [ 19.195495] ? __pfx_kthread+0x10/0x10 [ 19.195517] ret_from_fork+0x41/0x80 [ 19.195541] ? __pfx_kthread+0x10/0x10 [ 19.195562] ret_from_fork_asm+0x1a/0x30 [ 19.195598] </TASK> [ 19.195612] [ 19.209950] Allocated by task 286: [ 19.210772] kasan_save_stack+0x45/0x70 [ 19.211028] kasan_save_track+0x18/0x40 [ 19.211212] kasan_save_alloc_info+0x3b/0x50 [ 19.211755] __kasan_kmalloc+0xb7/0xc0 [ 19.212367] __kmalloc_cache_noprof+0x189/0x420 [ 19.212664] kasan_atomics+0x95/0x310 [ 19.212998] kunit_try_run_case+0x1a5/0x480 [ 19.213525] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.213758] kthread+0x337/0x6f0 [ 19.214100] ret_from_fork+0x41/0x80 [ 19.214392] ret_from_fork_asm+0x1a/0x30 [ 19.214734] [ 19.214860] The buggy address belongs to the object at ffff888102b21f80 [ 19.214860] which belongs to the cache kmalloc-64 of size 64 [ 19.215673] The buggy address is located 0 bytes to the right of [ 19.215673] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 19.216704] [ 19.217309] The buggy address belongs to the physical page: [ 19.217602] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 19.217970] flags: 0x200000000000000(node=0|zone=2) [ 19.218704] page_type: f5(slab) [ 19.219130] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 19.219570] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.220002] page dumped because: kasan: bad access detected [ 19.220551] [ 19.220698] Memory state around the buggy address: [ 19.220967] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.221418] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.221962] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.222276] ^ [ 19.222681] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.223121] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.223533] ================================================================== [ 18.136936] ================================================================== [ 18.137797] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 18.138370] Read of size 4 at addr ffff888102b21fb0 by task kunit_try_catch/286 [ 18.138757] [ 18.138978] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 18.139079] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.139109] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.139166] Call Trace: [ 18.139212] <TASK> [ 18.139260] dump_stack_lvl+0x73/0xb0 [ 18.139324] print_report+0xd1/0x650 [ 18.139396] ? __virt_addr_valid+0x1db/0x2d0 [ 18.139451] ? kasan_atomics_helper+0x4a84/0x5450 [ 18.139507] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.139566] ? kasan_atomics_helper+0x4a84/0x5450 [ 18.139623] kasan_report+0x141/0x180 [ 18.139680] ? kasan_atomics_helper+0x4a84/0x5450 [ 18.139743] __asan_report_load4_noabort+0x18/0x20 [ 18.139792] kasan_atomics_helper+0x4a84/0x5450 [ 18.139843] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.139896] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.139953] ? kasan_atomics+0x152/0x310 [ 18.140013] kasan_atomics+0x1dc/0x310 [ 18.140065] ? __pfx_kasan_atomics+0x10/0x10 [ 18.140118] ? __pfx_read_tsc+0x10/0x10 [ 18.140166] ? ktime_get_ts64+0x86/0x230 [ 18.140230] kunit_try_run_case+0x1a5/0x480 [ 18.140291] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.140359] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.140415] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.140468] ? __kthread_parkme+0x82/0x180 [ 18.140510] ? preempt_count_sub+0x50/0x80 [ 18.140564] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.140619] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.140679] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.140738] kthread+0x337/0x6f0 [ 18.140782] ? trace_preempt_on+0x20/0xc0 [ 18.140840] ? __pfx_kthread+0x10/0x10 [ 18.140889] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.140944] ? calculate_sigpending+0x7b/0xa0 [ 18.141000] ? __pfx_kthread+0x10/0x10 [ 18.141059] ret_from_fork+0x41/0x80 [ 18.141109] ? __pfx_kthread+0x10/0x10 [ 18.141157] ret_from_fork_asm+0x1a/0x30 [ 18.141239] </TASK> [ 18.141304] [ 18.151043] Allocated by task 286: [ 18.151455] kasan_save_stack+0x45/0x70 [ 18.151794] kasan_save_track+0x18/0x40 [ 18.151979] kasan_save_alloc_info+0x3b/0x50 [ 18.152399] __kasan_kmalloc+0xb7/0xc0 [ 18.152730] __kmalloc_cache_noprof+0x189/0x420 [ 18.152947] kasan_atomics+0x95/0x310 [ 18.154835] kunit_try_run_case+0x1a5/0x480 [ 18.155213] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.155592] kthread+0x337/0x6f0 [ 18.155824] ret_from_fork+0x41/0x80 [ 18.156055] ret_from_fork_asm+0x1a/0x30 [ 18.156315] [ 18.156511] The buggy address belongs to the object at ffff888102b21f80 [ 18.156511] which belongs to the cache kmalloc-64 of size 64 [ 18.157188] The buggy address is located 0 bytes to the right of [ 18.157188] allocated 48-byte region [ffff888102b21f80, ffff888102b21fb0) [ 18.158505] [ 18.158651] The buggy address belongs to the physical page: [ 18.158887] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b21 [ 18.159189] flags: 0x200000000000000(node=0|zone=2) [ 18.159312] page_type: f5(slab) [ 18.159629] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.160479] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.161206] page dumped because: kasan: bad access detected [ 18.161605] [ 18.161726] Memory state around the buggy address: [ 18.162459] ffff888102b21e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.162852] ffff888102b21f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.163190] >ffff888102b21f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.163614] ^ [ 18.163866] ffff888102b22000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.164497] ffff888102b22080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.164774] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 17.469564] ================================================================== [ 17.469963] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 17.470748] Read of size 8 at addr ffff8881024d2608 by task kunit_try_catch/282 [ 17.471121] [ 17.471352] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 17.471453] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.471481] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.471524] Call Trace: [ 17.471566] <TASK> [ 17.471607] dump_stack_lvl+0x73/0xb0 [ 17.471673] print_report+0xd1/0x650 [ 17.471720] ? __virt_addr_valid+0x1db/0x2d0 [ 17.471755] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 17.471782] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.471813] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 17.471841] kasan_report+0x141/0x180 [ 17.471883] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 17.471914] __asan_report_load8_noabort+0x18/0x20 [ 17.471939] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 17.471965] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 17.471994] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.472017] ? trace_hardirqs_on+0x37/0xe0 [ 17.472044] ? kasan_bitops_generic+0x92/0x1c0 [ 17.472375] kasan_bitops_generic+0x121/0x1c0 [ 17.472445] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 17.472478] ? __pfx_read_tsc+0x10/0x10 [ 17.472504] ? ktime_get_ts64+0x86/0x230 [ 17.472534] kunit_try_run_case+0x1a5/0x480 [ 17.472564] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.472589] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.472617] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.472643] ? __kthread_parkme+0x82/0x180 [ 17.472668] ? preempt_count_sub+0x50/0x80 [ 17.472697] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.472723] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.472750] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.472775] kthread+0x337/0x6f0 [ 17.472794] ? trace_preempt_on+0x20/0xc0 [ 17.472819] ? __pfx_kthread+0x10/0x10 [ 17.472840] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.472864] ? calculate_sigpending+0x7b/0xa0 [ 17.472888] ? __pfx_kthread+0x10/0x10 [ 17.472908] ret_from_fork+0x41/0x80 [ 17.472931] ? __pfx_kthread+0x10/0x10 [ 17.472951] ret_from_fork_asm+0x1a/0x30 [ 17.472986] </TASK> [ 17.472999] [ 17.487051] Allocated by task 282: [ 17.487541] kasan_save_stack+0x45/0x70 [ 17.487910] kasan_save_track+0x18/0x40 [ 17.488099] kasan_save_alloc_info+0x3b/0x50 [ 17.488298] __kasan_kmalloc+0xb7/0xc0 [ 17.488500] __kmalloc_cache_noprof+0x189/0x420 [ 17.489043] kasan_bitops_generic+0x92/0x1c0 [ 17.489897] kunit_try_run_case+0x1a5/0x480 [ 17.490606] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.490998] kthread+0x337/0x6f0 [ 17.491568] ret_from_fork+0x41/0x80 [ 17.491824] ret_from_fork_asm+0x1a/0x30 [ 17.492002] [ 17.492428] The buggy address belongs to the object at ffff8881024d2600 [ 17.492428] which belongs to the cache kmalloc-16 of size 16 [ 17.493119] The buggy address is located 8 bytes inside of [ 17.493119] allocated 9-byte region [ffff8881024d2600, ffff8881024d2609) [ 17.493909] [ 17.494304] The buggy address belongs to the physical page: [ 17.495004] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024d2 [ 17.495581] flags: 0x200000000000000(node=0|zone=2) [ 17.495989] page_type: f5(slab) [ 17.496509] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 17.496991] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.497731] page dumped because: kasan: bad access detected [ 17.498324] [ 17.498476] Memory state around the buggy address: [ 17.498676] ffff8881024d2500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.499595] ffff8881024d2580: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 17.500069] >ffff8881024d2600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.500573] ^ [ 17.500779] ffff8881024d2680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.501863] ffff8881024d2700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.502211] ================================================================== [ 17.230843] ================================================================== [ 17.232001] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 17.232923] Write of size 8 at addr ffff8881024d2608 by task kunit_try_catch/282 [ 17.234084] [ 17.234564] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 17.234684] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.234711] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.234750] Call Trace: [ 17.234781] <TASK> [ 17.234819] dump_stack_lvl+0x73/0xb0 [ 17.234881] print_report+0xd1/0x650 [ 17.234924] ? __virt_addr_valid+0x1db/0x2d0 [ 17.234970] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 17.235020] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.235066] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 17.235107] kasan_report+0x141/0x180 [ 17.235133] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 17.235165] kasan_check_range+0x10c/0x1c0 [ 17.235188] __kasan_check_write+0x18/0x20 [ 17.235272] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 17.235316] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 17.235374] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.235400] ? trace_hardirqs_on+0x37/0xe0 [ 17.235427] ? kasan_bitops_generic+0x92/0x1c0 [ 17.235453] kasan_bitops_generic+0x121/0x1c0 [ 17.235477] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 17.235502] ? __pfx_read_tsc+0x10/0x10 [ 17.235525] ? ktime_get_ts64+0x86/0x230 [ 17.235555] kunit_try_run_case+0x1a5/0x480 [ 17.235583] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.235607] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.235636] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.235662] ? __kthread_parkme+0x82/0x180 [ 17.235688] ? preempt_count_sub+0x50/0x80 [ 17.235717] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.235743] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.235769] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.235794] kthread+0x337/0x6f0 [ 17.235813] ? trace_preempt_on+0x20/0xc0 [ 17.235837] ? __pfx_kthread+0x10/0x10 [ 17.235857] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.235881] ? calculate_sigpending+0x7b/0xa0 [ 17.235905] ? __pfx_kthread+0x10/0x10 [ 17.235925] ret_from_fork+0x41/0x80 [ 17.235947] ? __pfx_kthread+0x10/0x10 [ 17.235967] ret_from_fork_asm+0x1a/0x30 [ 17.236001] </TASK> [ 17.236015] [ 17.247459] Allocated by task 282: [ 17.247829] kasan_save_stack+0x45/0x70 [ 17.248194] kasan_save_track+0x18/0x40 [ 17.248576] kasan_save_alloc_info+0x3b/0x50 [ 17.248892] __kasan_kmalloc+0xb7/0xc0 [ 17.249272] __kmalloc_cache_noprof+0x189/0x420 [ 17.249596] kasan_bitops_generic+0x92/0x1c0 [ 17.250010] kunit_try_run_case+0x1a5/0x480 [ 17.250235] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.250701] kthread+0x337/0x6f0 [ 17.251008] ret_from_fork+0x41/0x80 [ 17.251326] ret_from_fork_asm+0x1a/0x30 [ 17.251628] [ 17.251755] The buggy address belongs to the object at ffff8881024d2600 [ 17.251755] which belongs to the cache kmalloc-16 of size 16 [ 17.252147] The buggy address is located 8 bytes inside of [ 17.252147] allocated 9-byte region [ffff8881024d2600, ffff8881024d2609) [ 17.253056] [ 17.253300] The buggy address belongs to the physical page: [ 17.253577] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024d2 [ 17.254106] flags: 0x200000000000000(node=0|zone=2) [ 17.254366] page_type: f5(slab) [ 17.254563] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 17.254851] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.255161] page dumped because: kasan: bad access detected [ 17.255399] [ 17.255561] Memory state around the buggy address: [ 17.255925] ffff8881024d2500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.256549] ffff8881024d2580: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 17.257620] >ffff8881024d2600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.258180] ^ [ 17.258582] ffff8881024d2680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.259130] ffff8881024d2700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.260555] ================================================================== [ 17.433873] ================================================================== [ 17.434348] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 17.434895] Read of size 8 at addr ffff8881024d2608 by task kunit_try_catch/282 [ 17.435459] [ 17.435711] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 17.435821] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.435850] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.435899] Call Trace: [ 17.435945] <TASK> [ 17.435989] dump_stack_lvl+0x73/0xb0 [ 17.436057] print_report+0xd1/0x650 [ 17.436103] ? __virt_addr_valid+0x1db/0x2d0 [ 17.436149] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 17.436197] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.436245] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 17.436299] kasan_report+0x141/0x180 [ 17.436379] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 17.436443] kasan_check_range+0x10c/0x1c0 [ 17.436492] __kasan_check_read+0x15/0x20 [ 17.436538] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 17.436590] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 17.436645] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.436689] ? trace_hardirqs_on+0x37/0xe0 [ 17.436723] ? kasan_bitops_generic+0x92/0x1c0 [ 17.436752] kasan_bitops_generic+0x121/0x1c0 [ 17.436775] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 17.436800] ? __pfx_read_tsc+0x10/0x10 [ 17.436828] ? ktime_get_ts64+0x86/0x230 [ 17.436877] kunit_try_run_case+0x1a5/0x480 [ 17.436925] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.436964] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.437024] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.437075] ? __kthread_parkme+0x82/0x180 [ 17.437129] ? preempt_count_sub+0x50/0x80 [ 17.437186] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.437240] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.437294] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.438147] kthread+0x337/0x6f0 [ 17.438253] ? trace_preempt_on+0x20/0xc0 [ 17.438309] ? __pfx_kthread+0x10/0x10 [ 17.438369] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.438421] ? calculate_sigpending+0x7b/0xa0 [ 17.438470] ? __pfx_kthread+0x10/0x10 [ 17.438513] ret_from_fork+0x41/0x80 [ 17.438559] ? __pfx_kthread+0x10/0x10 [ 17.438602] ret_from_fork_asm+0x1a/0x30 [ 17.438673] </TASK> [ 17.438695] [ 17.452706] Allocated by task 282: [ 17.453318] kasan_save_stack+0x45/0x70 [ 17.453689] kasan_save_track+0x18/0x40 [ 17.454075] kasan_save_alloc_info+0x3b/0x50 [ 17.454311] __kasan_kmalloc+0xb7/0xc0 [ 17.454597] __kmalloc_cache_noprof+0x189/0x420 [ 17.454951] kasan_bitops_generic+0x92/0x1c0 [ 17.455206] kunit_try_run_case+0x1a5/0x480 [ 17.455516] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.456232] kthread+0x337/0x6f0 [ 17.456856] ret_from_fork+0x41/0x80 [ 17.457027] ret_from_fork_asm+0x1a/0x30 [ 17.457562] [ 17.457686] The buggy address belongs to the object at ffff8881024d2600 [ 17.457686] which belongs to the cache kmalloc-16 of size 16 [ 17.458874] The buggy address is located 8 bytes inside of [ 17.458874] allocated 9-byte region [ffff8881024d2600, ffff8881024d2609) [ 17.459706] [ 17.459916] The buggy address belongs to the physical page: [ 17.460515] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024d2 [ 17.460928] flags: 0x200000000000000(node=0|zone=2) [ 17.461262] page_type: f5(slab) [ 17.461696] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 17.462429] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.462951] page dumped because: kasan: bad access detected [ 17.463520] [ 17.463663] Memory state around the buggy address: [ 17.464048] ffff8881024d2500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.464570] ffff8881024d2580: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 17.465497] >ffff8881024d2600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.465952] ^ [ 17.466494] ffff8881024d2680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.467091] ffff8881024d2700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.467637] ================================================================== [ 17.261698] ================================================================== [ 17.263924] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 17.265052] Write of size 8 at addr ffff8881024d2608 by task kunit_try_catch/282 [ 17.266470] [ 17.267493] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 17.267636] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.267680] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.267731] Call Trace: [ 17.267774] <TASK> [ 17.267804] dump_stack_lvl+0x73/0xb0 [ 17.267850] print_report+0xd1/0x650 [ 17.267879] ? __virt_addr_valid+0x1db/0x2d0 [ 17.267905] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 17.267931] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.267957] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 17.267983] kasan_report+0x141/0x180 [ 17.268009] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 17.268040] kasan_check_range+0x10c/0x1c0 [ 17.268072] __kasan_check_write+0x18/0x20 [ 17.268106] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 17.268134] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 17.268161] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.268185] ? trace_hardirqs_on+0x37/0xe0 [ 17.268235] ? kasan_bitops_generic+0x92/0x1c0 [ 17.268276] kasan_bitops_generic+0x121/0x1c0 [ 17.268310] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 17.268360] ? __pfx_read_tsc+0x10/0x10 [ 17.268397] ? ktime_get_ts64+0x86/0x230 [ 17.268443] kunit_try_run_case+0x1a5/0x480 [ 17.268484] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.268518] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.268559] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.268596] ? __kthread_parkme+0x82/0x180 [ 17.268635] ? preempt_count_sub+0x50/0x80 [ 17.268682] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.268719] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.268747] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.268773] kthread+0x337/0x6f0 [ 17.268793] ? trace_preempt_on+0x20/0xc0 [ 17.268819] ? __pfx_kthread+0x10/0x10 [ 17.268839] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.268863] ? calculate_sigpending+0x7b/0xa0 [ 17.268889] ? __pfx_kthread+0x10/0x10 [ 17.268909] ret_from_fork+0x41/0x80 [ 17.268932] ? __pfx_kthread+0x10/0x10 [ 17.268952] ret_from_fork_asm+0x1a/0x30 [ 17.268987] </TASK> [ 17.268999] [ 17.285562] Allocated by task 282: [ 17.285933] kasan_save_stack+0x45/0x70 [ 17.286768] kasan_save_track+0x18/0x40 [ 17.287046] kasan_save_alloc_info+0x3b/0x50 [ 17.287824] __kasan_kmalloc+0xb7/0xc0 [ 17.288274] __kmalloc_cache_noprof+0x189/0x420 [ 17.288850] kasan_bitops_generic+0x92/0x1c0 [ 17.289410] kunit_try_run_case+0x1a5/0x480 [ 17.289745] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.290039] kthread+0x337/0x6f0 [ 17.290361] ret_from_fork+0x41/0x80 [ 17.290547] ret_from_fork_asm+0x1a/0x30 [ 17.290999] [ 17.291167] The buggy address belongs to the object at ffff8881024d2600 [ 17.291167] which belongs to the cache kmalloc-16 of size 16 [ 17.292266] The buggy address is located 8 bytes inside of [ 17.292266] allocated 9-byte region [ffff8881024d2600, ffff8881024d2609) [ 17.292885] [ 17.293452] The buggy address belongs to the physical page: [ 17.294551] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024d2 [ 17.295004] flags: 0x200000000000000(node=0|zone=2) [ 17.295406] page_type: f5(slab) [ 17.295870] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 17.296492] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.297277] page dumped because: kasan: bad access detected [ 17.297497] [ 17.297595] Memory state around the buggy address: [ 17.297940] ffff8881024d2500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.298618] ffff8881024d2580: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 17.299287] >ffff8881024d2600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.299884] ^ [ 17.300539] ffff8881024d2680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.301119] ffff8881024d2700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.301574] ================================================================== [ 17.191855] ================================================================== [ 17.192951] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 17.193632] Write of size 8 at addr ffff8881024d2608 by task kunit_try_catch/282 [ 17.194602] [ 17.195367] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 17.195699] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.195726] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.195756] Call Trace: [ 17.195774] <TASK> [ 17.195800] dump_stack_lvl+0x73/0xb0 [ 17.195843] print_report+0xd1/0x650 [ 17.195871] ? __virt_addr_valid+0x1db/0x2d0 [ 17.195899] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 17.195926] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.195951] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 17.195978] kasan_report+0x141/0x180 [ 17.196003] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 17.196035] kasan_check_range+0x10c/0x1c0 [ 17.196058] __kasan_check_write+0x18/0x20 [ 17.196102] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 17.196130] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 17.196158] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.196183] ? trace_hardirqs_on+0x37/0xe0 [ 17.196212] ? kasan_bitops_generic+0x92/0x1c0 [ 17.196287] kasan_bitops_generic+0x121/0x1c0 [ 17.196330] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 17.196387] ? __pfx_read_tsc+0x10/0x10 [ 17.196424] ? ktime_get_ts64+0x86/0x230 [ 17.196471] kunit_try_run_case+0x1a5/0x480 [ 17.196517] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.196577] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.196625] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.196667] ? __kthread_parkme+0x82/0x180 [ 17.196704] ? preempt_count_sub+0x50/0x80 [ 17.196735] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.196762] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.196790] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.196816] kthread+0x337/0x6f0 [ 17.196834] ? trace_preempt_on+0x20/0xc0 [ 17.196861] ? __pfx_kthread+0x10/0x10 [ 17.196881] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.196906] ? calculate_sigpending+0x7b/0xa0 [ 17.196931] ? __pfx_kthread+0x10/0x10 [ 17.196951] ret_from_fork+0x41/0x80 [ 17.196976] ? __pfx_kthread+0x10/0x10 [ 17.196997] ret_from_fork_asm+0x1a/0x30 [ 17.197045] </TASK> [ 17.197060] [ 17.213849] Allocated by task 282: [ 17.214240] kasan_save_stack+0x45/0x70 [ 17.214609] kasan_save_track+0x18/0x40 [ 17.214889] kasan_save_alloc_info+0x3b/0x50 [ 17.215779] __kasan_kmalloc+0xb7/0xc0 [ 17.215972] __kmalloc_cache_noprof+0x189/0x420 [ 17.216213] kasan_bitops_generic+0x92/0x1c0 [ 17.217174] kunit_try_run_case+0x1a5/0x480 [ 17.218066] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.218581] kthread+0x337/0x6f0 [ 17.218963] ret_from_fork+0x41/0x80 [ 17.219267] ret_from_fork_asm+0x1a/0x30 [ 17.219471] [ 17.219638] The buggy address belongs to the object at ffff8881024d2600 [ 17.219638] which belongs to the cache kmalloc-16 of size 16 [ 17.220786] The buggy address is located 8 bytes inside of [ 17.220786] allocated 9-byte region [ffff8881024d2600, ffff8881024d2609) [ 17.221885] [ 17.222086] The buggy address belongs to the physical page: [ 17.222675] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024d2 [ 17.223076] flags: 0x200000000000000(node=0|zone=2) [ 17.223503] page_type: f5(slab) [ 17.223852] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 17.224905] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.226198] page dumped because: kasan: bad access detected [ 17.226447] [ 17.226519] Memory state around the buggy address: [ 17.226631] ffff8881024d2500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.226770] ffff8881024d2580: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 17.226904] >ffff8881024d2600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.227034] ^ [ 17.227315] ffff8881024d2680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.227869] ffff8881024d2700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.228879] ================================================================== [ 17.367999] ================================================================== [ 17.368570] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 17.368944] Write of size 8 at addr ffff8881024d2608 by task kunit_try_catch/282 [ 17.369505] [ 17.369742] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 17.369825] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.369847] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.369884] Call Trace: [ 17.369925] <TASK> [ 17.369965] dump_stack_lvl+0x73/0xb0 [ 17.370020] print_report+0xd1/0x650 [ 17.370094] ? __virt_addr_valid+0x1db/0x2d0 [ 17.370148] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 17.370226] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.370275] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 17.370358] kasan_report+0x141/0x180 [ 17.370424] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 17.370502] kasan_check_range+0x10c/0x1c0 [ 17.370561] __kasan_check_write+0x18/0x20 [ 17.370600] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 17.370643] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 17.370690] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.370731] ? trace_hardirqs_on+0x37/0xe0 [ 17.370779] ? kasan_bitops_generic+0x92/0x1c0 [ 17.371446] kasan_bitops_generic+0x121/0x1c0 [ 17.371512] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 17.371593] ? __pfx_read_tsc+0x10/0x10 [ 17.371630] ? ktime_get_ts64+0x86/0x230 [ 17.371680] kunit_try_run_case+0x1a5/0x480 [ 17.371726] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.371767] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.371817] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.372151] ? __kthread_parkme+0x82/0x180 [ 17.372219] ? preempt_count_sub+0x50/0x80 [ 17.372285] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.372329] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.372562] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.372614] kthread+0x337/0x6f0 [ 17.372653] ? trace_preempt_on+0x20/0xc0 [ 17.372706] ? __pfx_kthread+0x10/0x10 [ 17.372749] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.372800] ? calculate_sigpending+0x7b/0xa0 [ 17.372847] ? __pfx_kthread+0x10/0x10 [ 17.372891] ret_from_fork+0x41/0x80 [ 17.372937] ? __pfx_kthread+0x10/0x10 [ 17.372980] ret_from_fork_asm+0x1a/0x30 [ 17.373051] </TASK> [ 17.373106] [ 17.387135] Allocated by task 282: [ 17.388253] kasan_save_stack+0x45/0x70 [ 17.389103] kasan_save_track+0x18/0x40 [ 17.390003] kasan_save_alloc_info+0x3b/0x50 [ 17.390443] __kasan_kmalloc+0xb7/0xc0 [ 17.390735] __kmalloc_cache_noprof+0x189/0x420 [ 17.390961] kasan_bitops_generic+0x92/0x1c0 [ 17.391737] kunit_try_run_case+0x1a5/0x480 [ 17.392000] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.392741] kthread+0x337/0x6f0 [ 17.393102] ret_from_fork+0x41/0x80 [ 17.393370] ret_from_fork_asm+0x1a/0x30 [ 17.393637] [ 17.393758] The buggy address belongs to the object at ffff8881024d2600 [ 17.393758] which belongs to the cache kmalloc-16 of size 16 [ 17.394679] The buggy address is located 8 bytes inside of [ 17.394679] allocated 9-byte region [ffff8881024d2600, ffff8881024d2609) [ 17.396075] [ 17.396260] The buggy address belongs to the physical page: [ 17.396646] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024d2 [ 17.397234] flags: 0x200000000000000(node=0|zone=2) [ 17.397511] page_type: f5(slab) [ 17.397878] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 17.398622] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.399199] page dumped because: kasan: bad access detected [ 17.399577] [ 17.399701] Memory state around the buggy address: [ 17.399906] ffff8881024d2500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.400483] ffff8881024d2580: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 17.400859] >ffff8881024d2600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.401329] ^ [ 17.401610] ffff8881024d2680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.402232] ffff8881024d2700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.402925] ================================================================== [ 17.339525] ================================================================== [ 17.340147] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 17.340895] Write of size 8 at addr ffff8881024d2608 by task kunit_try_catch/282 [ 17.341793] [ 17.341994] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 17.342292] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.342328] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.342394] Call Trace: [ 17.342426] <TASK> [ 17.342527] dump_stack_lvl+0x73/0xb0 [ 17.342594] print_report+0xd1/0x650 [ 17.342625] ? __virt_addr_valid+0x1db/0x2d0 [ 17.342651] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 17.342677] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.342702] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 17.342729] kasan_report+0x141/0x180 [ 17.342754] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 17.342787] kasan_check_range+0x10c/0x1c0 [ 17.342809] __kasan_check_write+0x18/0x20 [ 17.342831] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 17.342857] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 17.342884] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.342908] ? trace_hardirqs_on+0x37/0xe0 [ 17.342933] ? kasan_bitops_generic+0x92/0x1c0 [ 17.342959] kasan_bitops_generic+0x121/0x1c0 [ 17.342982] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 17.343005] ? __pfx_read_tsc+0x10/0x10 [ 17.343027] ? ktime_get_ts64+0x86/0x230 [ 17.343056] kunit_try_run_case+0x1a5/0x480 [ 17.343095] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.343121] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.343150] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.343177] ? __kthread_parkme+0x82/0x180 [ 17.343201] ? preempt_count_sub+0x50/0x80 [ 17.343231] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.343257] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.343283] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.343309] kthread+0x337/0x6f0 [ 17.343329] ? trace_preempt_on+0x20/0xc0 [ 17.343373] ? __pfx_kthread+0x10/0x10 [ 17.343395] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.343419] ? calculate_sigpending+0x7b/0xa0 [ 17.343443] ? __pfx_kthread+0x10/0x10 [ 17.343464] ret_from_fork+0x41/0x80 [ 17.343488] ? __pfx_kthread+0x10/0x10 [ 17.343508] ret_from_fork_asm+0x1a/0x30 [ 17.343543] </TASK> [ 17.343555] [ 17.354974] Allocated by task 282: [ 17.355322] kasan_save_stack+0x45/0x70 [ 17.355641] kasan_save_track+0x18/0x40 [ 17.355843] kasan_save_alloc_info+0x3b/0x50 [ 17.356230] __kasan_kmalloc+0xb7/0xc0 [ 17.356581] __kmalloc_cache_noprof+0x189/0x420 [ 17.356966] kasan_bitops_generic+0x92/0x1c0 [ 17.357349] kunit_try_run_case+0x1a5/0x480 [ 17.357642] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.357918] kthread+0x337/0x6f0 [ 17.358283] ret_from_fork+0x41/0x80 [ 17.358636] ret_from_fork_asm+0x1a/0x30 [ 17.358988] [ 17.359193] The buggy address belongs to the object at ffff8881024d2600 [ 17.359193] which belongs to the cache kmalloc-16 of size 16 [ 17.359804] The buggy address is located 8 bytes inside of [ 17.359804] allocated 9-byte region [ffff8881024d2600, ffff8881024d2609) [ 17.360316] [ 17.360530] The buggy address belongs to the physical page: [ 17.360983] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024d2 [ 17.361538] flags: 0x200000000000000(node=0|zone=2) [ 17.361971] page_type: f5(slab) [ 17.362314] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 17.362627] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.362904] page dumped because: kasan: bad access detected [ 17.363302] [ 17.363516] Memory state around the buggy address: [ 17.363915] ffff8881024d2500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.364499] ffff8881024d2580: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 17.365053] >ffff8881024d2600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.365660] ^ [ 17.365919] ffff8881024d2680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.366240] ffff8881024d2700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.366815] ================================================================== [ 17.302970] ================================================================== [ 17.303517] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 17.304280] Write of size 8 at addr ffff8881024d2608 by task kunit_try_catch/282 [ 17.304840] [ 17.305392] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 17.305544] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.305570] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.305612] Call Trace: [ 17.305655] <TASK> [ 17.305694] dump_stack_lvl+0x73/0xb0 [ 17.305802] print_report+0xd1/0x650 [ 17.305857] ? __virt_addr_valid+0x1db/0x2d0 [ 17.305950] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 17.306018] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.306071] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 17.306124] kasan_report+0x141/0x180 [ 17.306173] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 17.306230] kasan_check_range+0x10c/0x1c0 [ 17.306276] __kasan_check_write+0x18/0x20 [ 17.306300] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 17.306328] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 17.306387] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.306425] ? trace_hardirqs_on+0x37/0xe0 [ 17.306462] ? kasan_bitops_generic+0x92/0x1c0 [ 17.306503] kasan_bitops_generic+0x121/0x1c0 [ 17.306537] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 17.306574] ? __pfx_read_tsc+0x10/0x10 [ 17.306610] ? ktime_get_ts64+0x86/0x230 [ 17.306655] kunit_try_run_case+0x1a5/0x480 [ 17.306708] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.306743] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.306787] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.306837] ? __kthread_parkme+0x82/0x180 [ 17.306877] ? preempt_count_sub+0x50/0x80 [ 17.306912] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.306939] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.306966] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.306991] kthread+0x337/0x6f0 [ 17.307011] ? trace_preempt_on+0x20/0xc0 [ 17.307035] ? __pfx_kthread+0x10/0x10 [ 17.307055] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.307088] ? calculate_sigpending+0x7b/0xa0 [ 17.307112] ? __pfx_kthread+0x10/0x10 [ 17.307133] ret_from_fork+0x41/0x80 [ 17.307155] ? __pfx_kthread+0x10/0x10 [ 17.307177] ret_from_fork_asm+0x1a/0x30 [ 17.307239] </TASK> [ 17.307270] [ 17.321549] Allocated by task 282: [ 17.321988] kasan_save_stack+0x45/0x70 [ 17.322705] kasan_save_track+0x18/0x40 [ 17.323013] kasan_save_alloc_info+0x3b/0x50 [ 17.323404] __kasan_kmalloc+0xb7/0xc0 [ 17.323736] __kmalloc_cache_noprof+0x189/0x420 [ 17.324176] kasan_bitops_generic+0x92/0x1c0 [ 17.325351] kunit_try_run_case+0x1a5/0x480 [ 17.325886] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.326473] kthread+0x337/0x6f0 [ 17.326670] ret_from_fork+0x41/0x80 [ 17.327280] ret_from_fork_asm+0x1a/0x30 [ 17.327868] [ 17.327948] The buggy address belongs to the object at ffff8881024d2600 [ 17.327948] which belongs to the cache kmalloc-16 of size 16 [ 17.328699] The buggy address is located 8 bytes inside of [ 17.328699] allocated 9-byte region [ffff8881024d2600, ffff8881024d2609) [ 17.329515] [ 17.329709] The buggy address belongs to the physical page: [ 17.330554] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024d2 [ 17.331141] flags: 0x200000000000000(node=0|zone=2) [ 17.331358] page_type: f5(slab) [ 17.331555] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 17.332240] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.332815] page dumped because: kasan: bad access detected [ 17.333025] [ 17.333695] Memory state around the buggy address: [ 17.334481] ffff8881024d2500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.334889] ffff8881024d2580: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 17.335497] >ffff8881024d2600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.336232] ^ [ 17.336564] ffff8881024d2680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.336836] ffff8881024d2700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.337607] ================================================================== [ 17.405191] ================================================================== [ 17.405832] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 17.406368] Write of size 8 at addr ffff8881024d2608 by task kunit_try_catch/282 [ 17.406905] [ 17.407149] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 17.407251] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.407278] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.407323] Call Trace: [ 17.407391] <TASK> [ 17.407450] dump_stack_lvl+0x73/0xb0 [ 17.407513] print_report+0xd1/0x650 [ 17.407561] ? __virt_addr_valid+0x1db/0x2d0 [ 17.407611] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 17.407672] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.407734] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 17.407781] kasan_report+0x141/0x180 [ 17.407834] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 17.407892] kasan_check_range+0x10c/0x1c0 [ 17.407936] __kasan_check_write+0x18/0x20 [ 17.407975] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 17.408040] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 17.408109] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.408174] ? trace_hardirqs_on+0x37/0xe0 [ 17.408218] ? kasan_bitops_generic+0x92/0x1c0 [ 17.408247] kasan_bitops_generic+0x121/0x1c0 [ 17.408271] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 17.408295] ? __pfx_read_tsc+0x10/0x10 [ 17.408320] ? ktime_get_ts64+0x86/0x230 [ 17.408374] kunit_try_run_case+0x1a5/0x480 [ 17.408406] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.408431] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.408459] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.408487] ? __kthread_parkme+0x82/0x180 [ 17.408512] ? preempt_count_sub+0x50/0x80 [ 17.408542] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.408571] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.408598] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.408623] kthread+0x337/0x6f0 [ 17.408642] ? trace_preempt_on+0x20/0xc0 [ 17.408667] ? __pfx_kthread+0x10/0x10 [ 17.408687] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.408711] ? calculate_sigpending+0x7b/0xa0 [ 17.408736] ? __pfx_kthread+0x10/0x10 [ 17.408756] ret_from_fork+0x41/0x80 [ 17.408780] ? __pfx_kthread+0x10/0x10 [ 17.408801] ret_from_fork_asm+0x1a/0x30 [ 17.408836] </TASK> [ 17.408849] [ 17.420091] Allocated by task 282: [ 17.420297] kasan_save_stack+0x45/0x70 [ 17.420690] kasan_save_track+0x18/0x40 [ 17.421080] kasan_save_alloc_info+0x3b/0x50 [ 17.421641] __kasan_kmalloc+0xb7/0xc0 [ 17.422005] __kmalloc_cache_noprof+0x189/0x420 [ 17.422436] kasan_bitops_generic+0x92/0x1c0 [ 17.422646] kunit_try_run_case+0x1a5/0x480 [ 17.422850] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.423361] kthread+0x337/0x6f0 [ 17.423668] ret_from_fork+0x41/0x80 [ 17.424013] ret_from_fork_asm+0x1a/0x30 [ 17.424397] [ 17.424596] The buggy address belongs to the object at ffff8881024d2600 [ 17.424596] which belongs to the cache kmalloc-16 of size 16 [ 17.425303] The buggy address is located 8 bytes inside of [ 17.425303] allocated 9-byte region [ffff8881024d2600, ffff8881024d2609) [ 17.426009] [ 17.426273] The buggy address belongs to the physical page: [ 17.426552] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024d2 [ 17.427103] flags: 0x200000000000000(node=0|zone=2) [ 17.427394] page_type: f5(slab) [ 17.427738] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 17.428255] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.428679] page dumped because: kasan: bad access detected [ 17.429052] [ 17.429187] Memory state around the buggy address: [ 17.429436] ffff8881024d2500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.429991] ffff8881024d2580: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 17.430432] >ffff8881024d2600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.430702] ^ [ 17.430876] ffff8881024d2680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.431312] ffff8881024d2700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.431964] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 16.955051] ================================================================== [ 16.955595] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 16.956005] Write of size 8 at addr ffff8881024d2608 by task kunit_try_catch/282 [ 16.957024] [ 16.957737] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 16.957854] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.957882] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.957934] Call Trace: [ 16.957977] <TASK> [ 16.958019] dump_stack_lvl+0x73/0xb0 [ 16.958127] print_report+0xd1/0x650 [ 16.958184] ? __virt_addr_valid+0x1db/0x2d0 [ 16.958423] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 16.958462] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.958490] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 16.958515] kasan_report+0x141/0x180 [ 16.958543] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 16.958573] kasan_check_range+0x10c/0x1c0 [ 16.958596] __kasan_check_write+0x18/0x20 [ 16.958618] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 16.958643] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 16.958668] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.958692] ? trace_hardirqs_on+0x37/0xe0 [ 16.958719] ? kasan_bitops_generic+0x92/0x1c0 [ 16.958746] kasan_bitops_generic+0x116/0x1c0 [ 16.958769] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 16.958794] ? __pfx_read_tsc+0x10/0x10 [ 16.958817] ? ktime_get_ts64+0x86/0x230 [ 16.958846] kunit_try_run_case+0x1a5/0x480 [ 16.958875] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.958900] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.958928] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.958955] ? __kthread_parkme+0x82/0x180 [ 16.958980] ? preempt_count_sub+0x50/0x80 [ 16.959009] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.959035] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.959061] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.959087] kthread+0x337/0x6f0 [ 16.959106] ? trace_preempt_on+0x20/0xc0 [ 16.959131] ? __pfx_kthread+0x10/0x10 [ 16.959151] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.959175] ? calculate_sigpending+0x7b/0xa0 [ 16.959199] ? __pfx_kthread+0x10/0x10 [ 16.959219] ret_from_fork+0x41/0x80 [ 16.959243] ? __pfx_kthread+0x10/0x10 [ 16.959263] ret_from_fork_asm+0x1a/0x30 [ 16.959348] </TASK> [ 16.959370] [ 16.975226] Allocated by task 282: [ 16.975492] kasan_save_stack+0x45/0x70 [ 16.975911] kasan_save_track+0x18/0x40 [ 16.976445] kasan_save_alloc_info+0x3b/0x50 [ 16.977037] __kasan_kmalloc+0xb7/0xc0 [ 16.977914] __kmalloc_cache_noprof+0x189/0x420 [ 16.978357] kasan_bitops_generic+0x92/0x1c0 [ 16.978678] kunit_try_run_case+0x1a5/0x480 [ 16.979100] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.979707] kthread+0x337/0x6f0 [ 16.979962] ret_from_fork+0x41/0x80 [ 16.980268] ret_from_fork_asm+0x1a/0x30 [ 16.980545] [ 16.980923] The buggy address belongs to the object at ffff8881024d2600 [ 16.980923] which belongs to the cache kmalloc-16 of size 16 [ 16.981925] The buggy address is located 8 bytes inside of [ 16.981925] allocated 9-byte region [ffff8881024d2600, ffff8881024d2609) [ 16.982774] [ 16.982911] The buggy address belongs to the physical page: [ 16.983175] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024d2 [ 16.984167] flags: 0x200000000000000(node=0|zone=2) [ 16.985178] page_type: f5(slab) [ 16.985734] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.986575] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.986938] page dumped because: kasan: bad access detected [ 16.987485] [ 16.987926] Memory state around the buggy address: [ 16.988303] ffff8881024d2500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.988899] ffff8881024d2580: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 16.989411] >ffff8881024d2600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.990400] ^ [ 16.990640] ffff8881024d2680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.991115] ffff8881024d2700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.991868] ================================================================== [ 16.879845] ================================================================== [ 16.880325] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 16.881008] Write of size 8 at addr ffff8881024d2608 by task kunit_try_catch/282 [ 16.882046] [ 16.882296] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 16.882781] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.882812] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.882862] Call Trace: [ 16.882891] <TASK> [ 16.882934] dump_stack_lvl+0x73/0xb0 [ 16.882996] print_report+0xd1/0x650 [ 16.883026] ? __virt_addr_valid+0x1db/0x2d0 [ 16.883055] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 16.883123] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.883169] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 16.883230] kasan_report+0x141/0x180 [ 16.883271] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 16.883329] kasan_check_range+0x10c/0x1c0 [ 16.883393] __kasan_check_write+0x18/0x20 [ 16.883439] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 16.883481] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 16.883519] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.883547] ? trace_hardirqs_on+0x37/0xe0 [ 16.883575] ? kasan_bitops_generic+0x92/0x1c0 [ 16.883604] kasan_bitops_generic+0x116/0x1c0 [ 16.883627] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 16.883651] ? __pfx_read_tsc+0x10/0x10 [ 16.883675] ? ktime_get_ts64+0x86/0x230 [ 16.883706] kunit_try_run_case+0x1a5/0x480 [ 16.883735] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.883760] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.883788] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.883814] ? __kthread_parkme+0x82/0x180 [ 16.883840] ? preempt_count_sub+0x50/0x80 [ 16.883868] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.883895] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.883921] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.883946] kthread+0x337/0x6f0 [ 16.883965] ? trace_preempt_on+0x20/0xc0 [ 16.883990] ? __pfx_kthread+0x10/0x10 [ 16.884009] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.884034] ? calculate_sigpending+0x7b/0xa0 [ 16.884059] ? __pfx_kthread+0x10/0x10 [ 16.884093] ret_from_fork+0x41/0x80 [ 16.884127] ? __pfx_kthread+0x10/0x10 [ 16.884156] ret_from_fork_asm+0x1a/0x30 [ 16.884252] </TASK> [ 16.884282] [ 16.899519] Allocated by task 282: [ 16.899880] kasan_save_stack+0x45/0x70 [ 16.900889] kasan_save_track+0x18/0x40 [ 16.901116] kasan_save_alloc_info+0x3b/0x50 [ 16.901761] __kasan_kmalloc+0xb7/0xc0 [ 16.901975] __kmalloc_cache_noprof+0x189/0x420 [ 16.902783] kasan_bitops_generic+0x92/0x1c0 [ 16.903297] kunit_try_run_case+0x1a5/0x480 [ 16.903866] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.904272] kthread+0x337/0x6f0 [ 16.904599] ret_from_fork+0x41/0x80 [ 16.905031] ret_from_fork_asm+0x1a/0x30 [ 16.905690] [ 16.905861] The buggy address belongs to the object at ffff8881024d2600 [ 16.905861] which belongs to the cache kmalloc-16 of size 16 [ 16.907130] The buggy address is located 8 bytes inside of [ 16.907130] allocated 9-byte region [ffff8881024d2600, ffff8881024d2609) [ 16.907720] [ 16.907837] The buggy address belongs to the physical page: [ 16.908106] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024d2 [ 16.908509] flags: 0x200000000000000(node=0|zone=2) [ 16.908771] page_type: f5(slab) [ 16.908967] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.910075] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.910569] page dumped because: kasan: bad access detected [ 16.911199] [ 16.911367] Memory state around the buggy address: [ 16.911619] ffff8881024d2500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.911950] ffff8881024d2580: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 16.912787] >ffff8881024d2600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.913360] ^ [ 16.913828] ffff8881024d2680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.914686] ffff8881024d2700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.915488] ================================================================== [ 17.110540] ================================================================== [ 17.113560] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 17.113927] Write of size 8 at addr ffff8881024d2608 by task kunit_try_catch/282 [ 17.115512] [ 17.115809] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 17.115915] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.115941] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.115986] Call Trace: [ 17.116028] <TASK> [ 17.116542] dump_stack_lvl+0x73/0xb0 [ 17.116647] print_report+0xd1/0x650 [ 17.116696] ? __virt_addr_valid+0x1db/0x2d0 [ 17.116738] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 17.116780] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.116829] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 17.116869] kasan_report+0x141/0x180 [ 17.116913] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 17.116969] kasan_check_range+0x10c/0x1c0 [ 17.117027] __kasan_check_write+0x18/0x20 [ 17.117088] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 17.117135] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 17.117184] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.117229] ? trace_hardirqs_on+0x37/0xe0 [ 17.117272] ? kasan_bitops_generic+0x92/0x1c0 [ 17.117322] kasan_bitops_generic+0x116/0x1c0 [ 17.117385] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 17.117428] ? __pfx_read_tsc+0x10/0x10 [ 17.117469] ? ktime_get_ts64+0x86/0x230 [ 17.117524] kunit_try_run_case+0x1a5/0x480 [ 17.117575] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.117621] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.117668] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.117715] ? __kthread_parkme+0x82/0x180 [ 17.117758] ? preempt_count_sub+0x50/0x80 [ 17.117812] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.117859] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.117903] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.117947] kthread+0x337/0x6f0 [ 17.117982] ? trace_preempt_on+0x20/0xc0 [ 17.118024] ? __pfx_kthread+0x10/0x10 [ 17.118062] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.118102] ? calculate_sigpending+0x7b/0xa0 [ 17.118143] ? __pfx_kthread+0x10/0x10 [ 17.118177] ret_from_fork+0x41/0x80 [ 17.118216] ? __pfx_kthread+0x10/0x10 [ 17.118250] ret_from_fork_asm+0x1a/0x30 [ 17.118310] </TASK> [ 17.119692] [ 17.137878] Allocated by task 282: [ 17.138599] kasan_save_stack+0x45/0x70 [ 17.138870] kasan_save_track+0x18/0x40 [ 17.139837] kasan_save_alloc_info+0x3b/0x50 [ 17.140160] __kasan_kmalloc+0xb7/0xc0 [ 17.140388] __kmalloc_cache_noprof+0x189/0x420 [ 17.141065] kasan_bitops_generic+0x92/0x1c0 [ 17.141917] kunit_try_run_case+0x1a5/0x480 [ 17.142632] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.142869] kthread+0x337/0x6f0 [ 17.143541] ret_from_fork+0x41/0x80 [ 17.143795] ret_from_fork_asm+0x1a/0x30 [ 17.144013] [ 17.144146] The buggy address belongs to the object at ffff8881024d2600 [ 17.144146] which belongs to the cache kmalloc-16 of size 16 [ 17.146157] The buggy address is located 8 bytes inside of [ 17.146157] allocated 9-byte region [ffff8881024d2600, ffff8881024d2609) [ 17.146902] [ 17.147426] The buggy address belongs to the physical page: [ 17.148084] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024d2 [ 17.148576] flags: 0x200000000000000(node=0|zone=2) [ 17.149486] page_type: f5(slab) [ 17.149823] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 17.150528] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.151067] page dumped because: kasan: bad access detected [ 17.151289] [ 17.151399] Memory state around the buggy address: [ 17.151788] ffff8881024d2500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.152284] ffff8881024d2580: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 17.152566] >ffff8881024d2600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.153719] ^ [ 17.153923] ffff8881024d2680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.154628] ffff8881024d2700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.155050] ================================================================== [ 17.072627] ================================================================== [ 17.072977] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 17.073947] Write of size 8 at addr ffff8881024d2608 by task kunit_try_catch/282 [ 17.074511] [ 17.074691] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 17.074786] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.074815] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.074852] Call Trace: [ 17.074880] <TASK> [ 17.074908] dump_stack_lvl+0x73/0xb0 [ 17.074948] print_report+0xd1/0x650 [ 17.074984] ? __virt_addr_valid+0x1db/0x2d0 [ 17.075019] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 17.075044] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.075069] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 17.075094] kasan_report+0x141/0x180 [ 17.075119] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 17.075149] kasan_check_range+0x10c/0x1c0 [ 17.075172] __kasan_check_write+0x18/0x20 [ 17.075195] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 17.075220] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 17.075246] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.075270] ? trace_hardirqs_on+0x37/0xe0 [ 17.075295] ? kasan_bitops_generic+0x92/0x1c0 [ 17.075322] kasan_bitops_generic+0x116/0x1c0 [ 17.075386] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 17.075431] ? __pfx_read_tsc+0x10/0x10 [ 17.075679] ? ktime_get_ts64+0x86/0x230 [ 17.075759] kunit_try_run_case+0x1a5/0x480 [ 17.075818] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.075866] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.075922] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.075958] ? __kthread_parkme+0x82/0x180 [ 17.075985] ? preempt_count_sub+0x50/0x80 [ 17.076016] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.076045] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.076075] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.076108] kthread+0x337/0x6f0 [ 17.076126] ? trace_preempt_on+0x20/0xc0 [ 17.076153] ? __pfx_kthread+0x10/0x10 [ 17.076172] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.076197] ? calculate_sigpending+0x7b/0xa0 [ 17.076236] ? __pfx_kthread+0x10/0x10 [ 17.076268] ret_from_fork+0x41/0x80 [ 17.076305] ? __pfx_kthread+0x10/0x10 [ 17.076352] ret_from_fork_asm+0x1a/0x30 [ 17.076411] </TASK> [ 17.076432] [ 17.090330] Allocated by task 282: [ 17.091237] kasan_save_stack+0x45/0x70 [ 17.091661] kasan_save_track+0x18/0x40 [ 17.092432] kasan_save_alloc_info+0x3b/0x50 [ 17.092837] __kasan_kmalloc+0xb7/0xc0 [ 17.093207] __kmalloc_cache_noprof+0x189/0x420 [ 17.093442] kasan_bitops_generic+0x92/0x1c0 [ 17.093955] kunit_try_run_case+0x1a5/0x480 [ 17.094868] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.095384] kthread+0x337/0x6f0 [ 17.095922] ret_from_fork+0x41/0x80 [ 17.096240] ret_from_fork_asm+0x1a/0x30 [ 17.096609] [ 17.097055] The buggy address belongs to the object at ffff8881024d2600 [ 17.097055] which belongs to the cache kmalloc-16 of size 16 [ 17.098110] The buggy address is located 8 bytes inside of [ 17.098110] allocated 9-byte region [ffff8881024d2600, ffff8881024d2609) [ 17.099098] [ 17.099314] The buggy address belongs to the physical page: [ 17.099950] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024d2 [ 17.100979] flags: 0x200000000000000(node=0|zone=2) [ 17.101317] page_type: f5(slab) [ 17.101539] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 17.102281] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.103135] page dumped because: kasan: bad access detected [ 17.103737] [ 17.103927] Memory state around the buggy address: [ 17.104292] ffff8881024d2500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.104890] ffff8881024d2580: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 17.105725] >ffff8881024d2600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.106363] ^ [ 17.106862] ffff8881024d2680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.107528] ffff8881024d2700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.109305] ================================================================== [ 17.034009] ================================================================== [ 17.035198] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 17.035958] Write of size 8 at addr ffff8881024d2608 by task kunit_try_catch/282 [ 17.036548] [ 17.036721] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 17.036820] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.036848] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.036894] Call Trace: [ 17.036938] <TASK> [ 17.036981] dump_stack_lvl+0x73/0xb0 [ 17.037056] print_report+0xd1/0x650 [ 17.037101] ? __virt_addr_valid+0x1db/0x2d0 [ 17.037130] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 17.037157] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.037184] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 17.037225] kasan_report+0x141/0x180 [ 17.037260] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 17.037290] kasan_check_range+0x10c/0x1c0 [ 17.037314] __kasan_check_write+0x18/0x20 [ 17.037356] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 17.037395] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 17.037429] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.037454] ? trace_hardirqs_on+0x37/0xe0 [ 17.037482] ? kasan_bitops_generic+0x92/0x1c0 [ 17.037510] kasan_bitops_generic+0x116/0x1c0 [ 17.037533] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 17.037558] ? __pfx_read_tsc+0x10/0x10 [ 17.037582] ? ktime_get_ts64+0x86/0x230 [ 17.037613] kunit_try_run_case+0x1a5/0x480 [ 17.037643] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.037668] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.037699] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.037727] ? __kthread_parkme+0x82/0x180 [ 17.037753] ? preempt_count_sub+0x50/0x80 [ 17.037782] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.037808] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.037835] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.037861] kthread+0x337/0x6f0 [ 17.037881] ? trace_preempt_on+0x20/0xc0 [ 17.037906] ? __pfx_kthread+0x10/0x10 [ 17.037927] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.037952] ? calculate_sigpending+0x7b/0xa0 [ 17.037977] ? __pfx_kthread+0x10/0x10 [ 17.037998] ret_from_fork+0x41/0x80 [ 17.038021] ? __pfx_kthread+0x10/0x10 [ 17.038042] ret_from_fork_asm+0x1a/0x30 [ 17.038647] </TASK> [ 17.038697] [ 17.054044] Allocated by task 282: [ 17.054399] kasan_save_stack+0x45/0x70 [ 17.054759] kasan_save_track+0x18/0x40 [ 17.055026] kasan_save_alloc_info+0x3b/0x50 [ 17.056196] __kasan_kmalloc+0xb7/0xc0 [ 17.056496] __kmalloc_cache_noprof+0x189/0x420 [ 17.056785] kasan_bitops_generic+0x92/0x1c0 [ 17.057224] kunit_try_run_case+0x1a5/0x480 [ 17.057867] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.058142] kthread+0x337/0x6f0 [ 17.058524] ret_from_fork+0x41/0x80 [ 17.059058] ret_from_fork_asm+0x1a/0x30 [ 17.059529] [ 17.059723] The buggy address belongs to the object at ffff8881024d2600 [ 17.059723] which belongs to the cache kmalloc-16 of size 16 [ 17.060720] The buggy address is located 8 bytes inside of [ 17.060720] allocated 9-byte region [ffff8881024d2600, ffff8881024d2609) [ 17.061497] [ 17.061631] The buggy address belongs to the physical page: [ 17.062023] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024d2 [ 17.062846] flags: 0x200000000000000(node=0|zone=2) [ 17.063605] page_type: f5(slab) [ 17.063853] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 17.064575] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.065408] page dumped because: kasan: bad access detected [ 17.065785] [ 17.066263] Memory state around the buggy address: [ 17.067070] ffff8881024d2500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.067657] ffff8881024d2580: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 17.068012] >ffff8881024d2600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.068651] ^ [ 17.069674] ffff8881024d2680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.070029] ffff8881024d2700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.070845] ================================================================== [ 17.156129] ================================================================== [ 17.156700] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 17.157405] Write of size 8 at addr ffff8881024d2608 by task kunit_try_catch/282 [ 17.157702] [ 17.158514] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 17.158635] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.158668] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.158715] Call Trace: [ 17.158759] <TASK> [ 17.158979] dump_stack_lvl+0x73/0xb0 [ 17.159059] print_report+0xd1/0x650 [ 17.159108] ? __virt_addr_valid+0x1db/0x2d0 [ 17.159155] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 17.159200] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.159242] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 17.159284] kasan_report+0x141/0x180 [ 17.159329] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 17.159401] kasan_check_range+0x10c/0x1c0 [ 17.159449] __kasan_check_write+0x18/0x20 [ 17.159492] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 17.159533] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 17.159826] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.159856] ? trace_hardirqs_on+0x37/0xe0 [ 17.159884] ? kasan_bitops_generic+0x92/0x1c0 [ 17.159913] kasan_bitops_generic+0x116/0x1c0 [ 17.159937] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 17.159960] ? __pfx_read_tsc+0x10/0x10 [ 17.159984] ? ktime_get_ts64+0x86/0x230 [ 17.160013] kunit_try_run_case+0x1a5/0x480 [ 17.160042] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.160069] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.160105] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.160131] ? __kthread_parkme+0x82/0x180 [ 17.160158] ? preempt_count_sub+0x50/0x80 [ 17.160187] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.160251] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.160305] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.160359] kthread+0x337/0x6f0 [ 17.160384] ? trace_preempt_on+0x20/0xc0 [ 17.160409] ? __pfx_kthread+0x10/0x10 [ 17.160429] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.160454] ? calculate_sigpending+0x7b/0xa0 [ 17.160480] ? __pfx_kthread+0x10/0x10 [ 17.160501] ret_from_fork+0x41/0x80 [ 17.160524] ? __pfx_kthread+0x10/0x10 [ 17.160548] ret_from_fork_asm+0x1a/0x30 [ 17.160584] </TASK> [ 17.160597] [ 17.174644] Allocated by task 282: [ 17.174970] kasan_save_stack+0x45/0x70 [ 17.175478] kasan_save_track+0x18/0x40 [ 17.175835] kasan_save_alloc_info+0x3b/0x50 [ 17.176232] __kasan_kmalloc+0xb7/0xc0 [ 17.176700] __kmalloc_cache_noprof+0x189/0x420 [ 17.176924] kasan_bitops_generic+0x92/0x1c0 [ 17.177285] kunit_try_run_case+0x1a5/0x480 [ 17.177713] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.178286] kthread+0x337/0x6f0 [ 17.178731] ret_from_fork+0x41/0x80 [ 17.179212] ret_from_fork_asm+0x1a/0x30 [ 17.179662] [ 17.179869] The buggy address belongs to the object at ffff8881024d2600 [ 17.179869] which belongs to the cache kmalloc-16 of size 16 [ 17.180910] The buggy address is located 8 bytes inside of [ 17.180910] allocated 9-byte region [ffff8881024d2600, ffff8881024d2609) [ 17.181729] [ 17.181954] The buggy address belongs to the physical page: [ 17.182545] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024d2 [ 17.183098] flags: 0x200000000000000(node=0|zone=2) [ 17.183639] page_type: f5(slab) [ 17.184003] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 17.184834] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.185140] page dumped because: kasan: bad access detected [ 17.185736] [ 17.185925] Memory state around the buggy address: [ 17.186450] ffff8881024d2500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.187063] ffff8881024d2580: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 17.187840] >ffff8881024d2600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.188463] ^ [ 17.188694] ffff8881024d2680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.189728] ffff8881024d2700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.190471] ================================================================== [ 16.992873] ================================================================== [ 16.993465] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 16.994256] Write of size 8 at addr ffff8881024d2608 by task kunit_try_catch/282 [ 16.994851] [ 16.996008] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 16.996138] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.996186] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.996230] Call Trace: [ 16.996272] <TASK> [ 16.996318] dump_stack_lvl+0x73/0xb0 [ 16.996411] print_report+0xd1/0x650 [ 16.996460] ? __virt_addr_valid+0x1db/0x2d0 [ 16.996503] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 16.996548] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.996597] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 16.996799] kasan_report+0x141/0x180 [ 16.996849] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 16.996889] kasan_check_range+0x10c/0x1c0 [ 16.996920] __kasan_check_write+0x18/0x20 [ 16.996949] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 16.996981] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 16.997027] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.997064] ? trace_hardirqs_on+0x37/0xe0 [ 16.997101] ? kasan_bitops_generic+0x92/0x1c0 [ 16.997129] kasan_bitops_generic+0x116/0x1c0 [ 16.997152] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 16.997177] ? __pfx_read_tsc+0x10/0x10 [ 16.997201] ? ktime_get_ts64+0x86/0x230 [ 16.997287] kunit_try_run_case+0x1a5/0x480 [ 16.997359] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.997400] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.997433] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.997461] ? __kthread_parkme+0x82/0x180 [ 16.997488] ? preempt_count_sub+0x50/0x80 [ 16.997518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.997546] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.997574] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.997601] kthread+0x337/0x6f0 [ 16.997621] ? trace_preempt_on+0x20/0xc0 [ 16.997648] ? __pfx_kthread+0x10/0x10 [ 16.997669] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.997696] ? calculate_sigpending+0x7b/0xa0 [ 16.997721] ? __pfx_kthread+0x10/0x10 [ 16.997742] ret_from_fork+0x41/0x80 [ 16.997766] ? __pfx_kthread+0x10/0x10 [ 16.997786] ret_from_fork_asm+0x1a/0x30 [ 16.997823] </TASK> [ 16.997836] [ 17.015247] Allocated by task 282: [ 17.015531] kasan_save_stack+0x45/0x70 [ 17.015792] kasan_save_track+0x18/0x40 [ 17.016146] kasan_save_alloc_info+0x3b/0x50 [ 17.017164] __kasan_kmalloc+0xb7/0xc0 [ 17.017472] __kmalloc_cache_noprof+0x189/0x420 [ 17.018033] kasan_bitops_generic+0x92/0x1c0 [ 17.018826] kunit_try_run_case+0x1a5/0x480 [ 17.019037] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.019838] kthread+0x337/0x6f0 [ 17.020088] ret_from_fork+0x41/0x80 [ 17.020999] ret_from_fork_asm+0x1a/0x30 [ 17.021431] [ 17.021607] The buggy address belongs to the object at ffff8881024d2600 [ 17.021607] which belongs to the cache kmalloc-16 of size 16 [ 17.023045] The buggy address is located 8 bytes inside of [ 17.023045] allocated 9-byte region [ffff8881024d2600, ffff8881024d2609) [ 17.023810] [ 17.023934] The buggy address belongs to the physical page: [ 17.025117] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024d2 [ 17.025708] flags: 0x200000000000000(node=0|zone=2) [ 17.026104] page_type: f5(slab) [ 17.026628] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 17.027706] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.028421] page dumped because: kasan: bad access detected [ 17.028647] [ 17.028822] Memory state around the buggy address: [ 17.029785] ffff8881024d2500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.030045] ffff8881024d2580: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 17.030812] >ffff8881024d2600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.031221] ^ [ 17.031391] ffff8881024d2680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.031905] ffff8881024d2700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.033202] ================================================================== [ 16.917324] ================================================================== [ 16.918403] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 16.919063] Write of size 8 at addr ffff8881024d2608 by task kunit_try_catch/282 [ 16.919570] [ 16.920043] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 16.920164] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.920195] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.920254] Call Trace: [ 16.920361] <TASK> [ 16.920411] dump_stack_lvl+0x73/0xb0 [ 16.920464] print_report+0xd1/0x650 [ 16.920519] ? __virt_addr_valid+0x1db/0x2d0 [ 16.920564] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 16.920611] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.920807] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 16.920862] kasan_report+0x141/0x180 [ 16.920912] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 16.920971] kasan_check_range+0x10c/0x1c0 [ 16.921028] __kasan_check_write+0x18/0x20 [ 16.921100] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 16.921132] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 16.921160] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.921187] ? trace_hardirqs_on+0x37/0xe0 [ 16.921230] ? kasan_bitops_generic+0x92/0x1c0 [ 16.921318] kasan_bitops_generic+0x116/0x1c0 [ 16.921375] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 16.921416] ? __pfx_read_tsc+0x10/0x10 [ 16.921453] ? ktime_get_ts64+0x86/0x230 [ 16.921503] kunit_try_run_case+0x1a5/0x480 [ 16.921550] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.921587] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.921617] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.921645] ? __kthread_parkme+0x82/0x180 [ 16.921672] ? preempt_count_sub+0x50/0x80 [ 16.921703] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.921730] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.921759] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.921785] kthread+0x337/0x6f0 [ 16.921804] ? trace_preempt_on+0x20/0xc0 [ 16.921830] ? __pfx_kthread+0x10/0x10 [ 16.921850] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.921875] ? calculate_sigpending+0x7b/0xa0 [ 16.921900] ? __pfx_kthread+0x10/0x10 [ 16.921920] ret_from_fork+0x41/0x80 [ 16.921944] ? __pfx_kthread+0x10/0x10 [ 16.921964] ret_from_fork_asm+0x1a/0x30 [ 16.922000] </TASK> [ 16.922012] [ 16.938747] Allocated by task 282: [ 16.939118] kasan_save_stack+0x45/0x70 [ 16.939914] kasan_save_track+0x18/0x40 [ 16.940163] kasan_save_alloc_info+0x3b/0x50 [ 16.940688] __kasan_kmalloc+0xb7/0xc0 [ 16.941010] __kmalloc_cache_noprof+0x189/0x420 [ 16.941693] kasan_bitops_generic+0x92/0x1c0 [ 16.942071] kunit_try_run_case+0x1a5/0x480 [ 16.942570] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.942944] kthread+0x337/0x6f0 [ 16.943166] ret_from_fork+0x41/0x80 [ 16.943859] ret_from_fork_asm+0x1a/0x30 [ 16.944081] [ 16.944200] The buggy address belongs to the object at ffff8881024d2600 [ 16.944200] which belongs to the cache kmalloc-16 of size 16 [ 16.944941] The buggy address is located 8 bytes inside of [ 16.944941] allocated 9-byte region [ffff8881024d2600, ffff8881024d2609) [ 16.945752] [ 16.945886] The buggy address belongs to the physical page: [ 16.946304] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024d2 [ 16.947176] flags: 0x200000000000000(node=0|zone=2) [ 16.947907] page_type: f5(slab) [ 16.948156] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.948878] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.949550] page dumped because: kasan: bad access detected [ 16.949955] [ 16.950105] Memory state around the buggy address: [ 16.950742] ffff8881024d2500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.951111] ffff8881024d2580: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 16.951911] >ffff8881024d2600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.952306] ^ [ 16.952772] ffff8881024d2680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.953048] ffff8881024d2700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.953723] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 16.832133] ================================================================== [ 16.834010] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 16.834459] Read of size 1 at addr ffff8881029f4750 by task kunit_try_catch/280 [ 16.834747] [ 16.834901] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 16.835007] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.835036] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.835082] Call Trace: [ 16.835128] <TASK> [ 16.835176] dump_stack_lvl+0x73/0xb0 [ 16.835232] print_report+0xd1/0x650 [ 16.835277] ? __virt_addr_valid+0x1db/0x2d0 [ 16.835319] ? strnlen+0x73/0x80 [ 16.835374] ? kasan_complete_mode_report_info+0x64/0x200 [ 16.835447] ? strnlen+0x73/0x80 [ 16.835490] kasan_report+0x141/0x180 [ 16.835552] ? strnlen+0x73/0x80 [ 16.835610] __asan_report_load1_noabort+0x18/0x20 [ 16.835666] strnlen+0x73/0x80 [ 16.835702] kasan_strings+0x615/0xe80 [ 16.835745] ? __pfx_kasan_strings+0x10/0x10 [ 16.835785] ? __schedule+0x207f/0x2b60 [ 16.835830] ? schedule+0x7c/0x2e0 [ 16.835874] ? trace_hardirqs_on+0x37/0xe0 [ 16.835928] ? __schedule+0x207f/0x2b60 [ 16.835978] ? __pfx_read_tsc+0x10/0x10 [ 16.836017] ? ktime_get_ts64+0x86/0x230 [ 16.836064] kunit_try_run_case+0x1a5/0x480 [ 16.836111] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.836154] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.836228] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.836279] ? __kthread_parkme+0x82/0x180 [ 16.836323] ? preempt_count_sub+0x50/0x80 [ 16.836394] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.836441] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.836509] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.836556] kthread+0x337/0x6f0 [ 16.836594] ? trace_preempt_on+0x20/0xc0 [ 16.836640] ? __pfx_kthread+0x10/0x10 [ 16.836677] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.836708] ? calculate_sigpending+0x7b/0xa0 [ 16.836733] ? __pfx_kthread+0x10/0x10 [ 16.836753] ret_from_fork+0x41/0x80 [ 16.836775] ? __pfx_kthread+0x10/0x10 [ 16.836795] ret_from_fork_asm+0x1a/0x30 [ 16.836829] </TASK> [ 16.836844] [ 16.852077] Allocated by task 280: [ 16.853239] kasan_save_stack+0x45/0x70 [ 16.854524] kasan_save_track+0x18/0x40 [ 16.855367] kasan_save_alloc_info+0x3b/0x50 [ 16.855586] __kasan_kmalloc+0xb7/0xc0 [ 16.855750] __kmalloc_cache_noprof+0x189/0x420 [ 16.855939] kasan_strings+0xc0/0xe80 [ 16.856845] kunit_try_run_case+0x1a5/0x480 [ 16.858037] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.858590] kthread+0x337/0x6f0 [ 16.858954] ret_from_fork+0x41/0x80 [ 16.859431] ret_from_fork_asm+0x1a/0x30 [ 16.859774] [ 16.859890] Freed by task 280: [ 16.860482] kasan_save_stack+0x45/0x70 [ 16.860662] kasan_save_track+0x18/0x40 [ 16.861135] kasan_save_free_info+0x3f/0x60 [ 16.861643] __kasan_slab_free+0x56/0x70 [ 16.861983] kfree+0x222/0x3f0 [ 16.862448] kasan_strings+0x2aa/0xe80 [ 16.862903] kunit_try_run_case+0x1a5/0x480 [ 16.863089] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.863701] kthread+0x337/0x6f0 [ 16.864097] ret_from_fork+0x41/0x80 [ 16.864317] ret_from_fork_asm+0x1a/0x30 [ 16.864764] [ 16.864968] The buggy address belongs to the object at ffff8881029f4740 [ 16.864968] which belongs to the cache kmalloc-32 of size 32 [ 16.865928] The buggy address is located 16 bytes inside of [ 16.865928] freed 32-byte region [ffff8881029f4740, ffff8881029f4760) [ 16.866796] [ 16.866941] The buggy address belongs to the physical page: [ 16.867190] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f4 [ 16.867837] flags: 0x200000000000000(node=0|zone=2) [ 16.868101] page_type: f5(slab) [ 16.868497] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 16.868864] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 16.869496] page dumped because: kasan: bad access detected [ 16.869888] [ 16.870138] Memory state around the buggy address: [ 16.870470] ffff8881029f4600: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 16.870978] ffff8881029f4680: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 16.871535] >ffff8881029f4700: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 16.872012] ^ [ 16.872329] ffff8881029f4780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 16.872861] ffff8881029f4800: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 16.873397] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 16.796553] ================================================================== [ 16.797039] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 16.797862] Read of size 1 at addr ffff8881029f4750 by task kunit_try_catch/280 [ 16.798169] [ 16.798397] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 16.798507] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.798536] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.798610] Call Trace: [ 16.798653] <TASK> [ 16.798696] dump_stack_lvl+0x73/0xb0 [ 16.798803] print_report+0xd1/0x650 [ 16.798874] ? __virt_addr_valid+0x1db/0x2d0 [ 16.798944] ? strlen+0x8f/0xb0 [ 16.798984] ? kasan_complete_mode_report_info+0x64/0x200 [ 16.799031] ? strlen+0x8f/0xb0 [ 16.799072] kasan_report+0x141/0x180 [ 16.799123] ? strlen+0x8f/0xb0 [ 16.799200] __asan_report_load1_noabort+0x18/0x20 [ 16.799244] strlen+0x8f/0xb0 [ 16.799274] kasan_strings+0x57b/0xe80 [ 16.799303] ? __pfx_kasan_strings+0x10/0x10 [ 16.799325] ? __schedule+0x207f/0x2b60 [ 16.799371] ? schedule+0x7c/0x2e0 [ 16.799393] ? trace_hardirqs_on+0x37/0xe0 [ 16.799421] ? __schedule+0x207f/0x2b60 [ 16.799444] ? __pfx_read_tsc+0x10/0x10 [ 16.799465] ? ktime_get_ts64+0x86/0x230 [ 16.799493] kunit_try_run_case+0x1a5/0x480 [ 16.799520] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.799542] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.799568] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.799593] ? __kthread_parkme+0x82/0x180 [ 16.799617] ? preempt_count_sub+0x50/0x80 [ 16.799644] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.799668] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.799691] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.799715] kthread+0x337/0x6f0 [ 16.799733] ? trace_preempt_on+0x20/0xc0 [ 16.799756] ? __pfx_kthread+0x10/0x10 [ 16.799775] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.799797] ? calculate_sigpending+0x7b/0xa0 [ 16.799821] ? __pfx_kthread+0x10/0x10 [ 16.799841] ret_from_fork+0x41/0x80 [ 16.799862] ? __pfx_kthread+0x10/0x10 [ 16.799881] ret_from_fork_asm+0x1a/0x30 [ 16.799915] </TASK> [ 16.799928] [ 16.814525] Allocated by task 280: [ 16.814812] kasan_save_stack+0x45/0x70 [ 16.815588] kasan_save_track+0x18/0x40 [ 16.815814] kasan_save_alloc_info+0x3b/0x50 [ 16.815990] __kasan_kmalloc+0xb7/0xc0 [ 16.816462] __kmalloc_cache_noprof+0x189/0x420 [ 16.816825] kasan_strings+0xc0/0xe80 [ 16.817166] kunit_try_run_case+0x1a5/0x480 [ 16.817455] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.817867] kthread+0x337/0x6f0 [ 16.818124] ret_from_fork+0x41/0x80 [ 16.818447] ret_from_fork_asm+0x1a/0x30 [ 16.818879] [ 16.819058] Freed by task 280: [ 16.819255] kasan_save_stack+0x45/0x70 [ 16.819522] kasan_save_track+0x18/0x40 [ 16.819717] kasan_save_free_info+0x3f/0x60 [ 16.820090] __kasan_slab_free+0x56/0x70 [ 16.820480] kfree+0x222/0x3f0 [ 16.820854] kasan_strings+0x2aa/0xe80 [ 16.821110] kunit_try_run_case+0x1a5/0x480 [ 16.821402] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.821722] kthread+0x337/0x6f0 [ 16.821902] ret_from_fork+0x41/0x80 [ 16.822260] ret_from_fork_asm+0x1a/0x30 [ 16.822613] [ 16.822830] The buggy address belongs to the object at ffff8881029f4740 [ 16.822830] which belongs to the cache kmalloc-32 of size 32 [ 16.823297] The buggy address is located 16 bytes inside of [ 16.823297] freed 32-byte region [ffff8881029f4740, ffff8881029f4760) [ 16.824222] [ 16.824453] The buggy address belongs to the physical page: [ 16.825085] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f4 [ 16.825536] flags: 0x200000000000000(node=0|zone=2) [ 16.825827] page_type: f5(slab) [ 16.826165] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 16.826537] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 16.826861] page dumped because: kasan: bad access detected [ 16.827292] [ 16.827483] Memory state around the buggy address: [ 16.827978] ffff8881029f4600: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 16.828562] ffff8881029f4680: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 16.828916] >ffff8881029f4700: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 16.829193] ^ [ 16.829653] ffff8881029f4780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 16.830265] ffff8881029f4800: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 16.830821] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 16.759001] ================================================================== [ 16.760280] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 16.760872] Read of size 1 at addr ffff8881029f4750 by task kunit_try_catch/280 [ 16.761418] [ 16.761672] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 16.761804] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.761835] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.761886] Call Trace: [ 16.761937] <TASK> [ 16.761984] dump_stack_lvl+0x73/0xb0 [ 16.762054] print_report+0xd1/0x650 [ 16.762114] ? __virt_addr_valid+0x1db/0x2d0 [ 16.762165] ? kasan_strings+0xcbc/0xe80 [ 16.762210] ? kasan_complete_mode_report_info+0x64/0x200 [ 16.762254] ? kasan_strings+0xcbc/0xe80 [ 16.762312] kasan_report+0x141/0x180 [ 16.762384] ? kasan_strings+0xcbc/0xe80 [ 16.762441] __asan_report_load1_noabort+0x18/0x20 [ 16.762486] kasan_strings+0xcbc/0xe80 [ 16.762541] ? __pfx_kasan_strings+0x10/0x10 [ 16.762601] ? __schedule+0x207f/0x2b60 [ 16.762650] ? schedule+0x7c/0x2e0 [ 16.762695] ? trace_hardirqs_on+0x37/0xe0 [ 16.762741] ? __schedule+0x207f/0x2b60 [ 16.762790] ? __pfx_read_tsc+0x10/0x10 [ 16.762834] ? ktime_get_ts64+0x86/0x230 [ 16.762884] kunit_try_run_case+0x1a5/0x480 [ 16.762936] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.762978] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.763036] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.763110] ? __kthread_parkme+0x82/0x180 [ 16.763157] ? preempt_count_sub+0x50/0x80 [ 16.763216] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.763257] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.763288] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.763313] kthread+0x337/0x6f0 [ 16.763349] ? trace_preempt_on+0x20/0xc0 [ 16.763381] ? __pfx_kthread+0x10/0x10 [ 16.763402] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.763426] ? calculate_sigpending+0x7b/0xa0 [ 16.763450] ? __pfx_kthread+0x10/0x10 [ 16.763472] ret_from_fork+0x41/0x80 [ 16.763494] ? __pfx_kthread+0x10/0x10 [ 16.763516] ret_from_fork_asm+0x1a/0x30 [ 16.763550] </TASK> [ 16.763564] [ 16.776497] Allocated by task 280: [ 16.776943] kasan_save_stack+0x45/0x70 [ 16.777293] kasan_save_track+0x18/0x40 [ 16.777644] kasan_save_alloc_info+0x3b/0x50 [ 16.777907] __kasan_kmalloc+0xb7/0xc0 [ 16.778271] __kmalloc_cache_noprof+0x189/0x420 [ 16.778576] kasan_strings+0xc0/0xe80 [ 16.779031] kunit_try_run_case+0x1a5/0x480 [ 16.779721] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.779975] kthread+0x337/0x6f0 [ 16.780296] ret_from_fork+0x41/0x80 [ 16.780663] ret_from_fork_asm+0x1a/0x30 [ 16.780901] [ 16.781024] Freed by task 280: [ 16.781679] kasan_save_stack+0x45/0x70 [ 16.781912] kasan_save_track+0x18/0x40 [ 16.782509] kasan_save_free_info+0x3f/0x60 [ 16.782796] __kasan_slab_free+0x56/0x70 [ 16.783025] kfree+0x222/0x3f0 [ 16.783649] kasan_strings+0x2aa/0xe80 [ 16.783884] kunit_try_run_case+0x1a5/0x480 [ 16.784236] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.784607] kthread+0x337/0x6f0 [ 16.784921] ret_from_fork+0x41/0x80 [ 16.785291] ret_from_fork_asm+0x1a/0x30 [ 16.785525] [ 16.785717] The buggy address belongs to the object at ffff8881029f4740 [ 16.785717] which belongs to the cache kmalloc-32 of size 32 [ 16.786284] The buggy address is located 16 bytes inside of [ 16.786284] freed 32-byte region [ffff8881029f4740, ffff8881029f4760) [ 16.787226] [ 16.787368] The buggy address belongs to the physical page: [ 16.787824] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f4 [ 16.788715] flags: 0x200000000000000(node=0|zone=2) [ 16.788889] page_type: f5(slab) [ 16.788995] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 16.789267] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 16.789869] page dumped because: kasan: bad access detected [ 16.790092] [ 16.790322] Memory state around the buggy address: [ 16.790848] ffff8881029f4600: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 16.791529] ffff8881029f4680: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 16.792142] >ffff8881029f4700: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 16.792630] ^ [ 16.793117] ffff8881029f4780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 16.793788] ffff8881029f4800: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 16.794230] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 16.723630] ================================================================== [ 16.724819] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 16.725575] Read of size 1 at addr ffff8881029f4750 by task kunit_try_catch/280 [ 16.726528] [ 16.726732] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 16.726852] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.726882] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.726929] Call Trace: [ 16.726959] <TASK> [ 16.727003] dump_stack_lvl+0x73/0xb0 [ 16.727071] print_report+0xd1/0x650 [ 16.727119] ? __virt_addr_valid+0x1db/0x2d0 [ 16.727156] ? strcmp+0xb0/0xc0 [ 16.727177] ? kasan_complete_mode_report_info+0x64/0x200 [ 16.727203] ? strcmp+0xb0/0xc0 [ 16.727224] kasan_report+0x141/0x180 [ 16.727249] ? strcmp+0xb0/0xc0 [ 16.727274] __asan_report_load1_noabort+0x18/0x20 [ 16.727296] strcmp+0xb0/0xc0 [ 16.727318] kasan_strings+0x431/0xe80 [ 16.727362] ? __pfx_kasan_strings+0x10/0x10 [ 16.727386] ? __schedule+0x207f/0x2b60 [ 16.727410] ? schedule+0x7c/0x2e0 [ 16.727432] ? trace_hardirqs_on+0x37/0xe0 [ 16.727458] ? __schedule+0x207f/0x2b60 [ 16.727482] ? __pfx_read_tsc+0x10/0x10 [ 16.727504] ? ktime_get_ts64+0x86/0x230 [ 16.727531] kunit_try_run_case+0x1a5/0x480 [ 16.727558] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.727580] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.727606] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.727629] ? __kthread_parkme+0x82/0x180 [ 16.727653] ? preempt_count_sub+0x50/0x80 [ 16.727681] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.727705] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.727728] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.727752] kthread+0x337/0x6f0 [ 16.727770] ? trace_preempt_on+0x20/0xc0 [ 16.727793] ? __pfx_kthread+0x10/0x10 [ 16.727813] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.727834] ? calculate_sigpending+0x7b/0xa0 [ 16.727858] ? __pfx_kthread+0x10/0x10 [ 16.727895] ret_from_fork+0x41/0x80 [ 16.727918] ? __pfx_kthread+0x10/0x10 [ 16.727937] ret_from_fork_asm+0x1a/0x30 [ 16.727972] </TASK> [ 16.727984] [ 16.740679] Allocated by task 280: [ 16.741041] kasan_save_stack+0x45/0x70 [ 16.741488] kasan_save_track+0x18/0x40 [ 16.741843] kasan_save_alloc_info+0x3b/0x50 [ 16.742240] __kasan_kmalloc+0xb7/0xc0 [ 16.742487] __kmalloc_cache_noprof+0x189/0x420 [ 16.742707] kasan_strings+0xc0/0xe80 [ 16.742896] kunit_try_run_case+0x1a5/0x480 [ 16.743100] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.743330] kthread+0x337/0x6f0 [ 16.743721] ret_from_fork+0x41/0x80 [ 16.744163] ret_from_fork_asm+0x1a/0x30 [ 16.744538] [ 16.744724] Freed by task 280: [ 16.745035] kasan_save_stack+0x45/0x70 [ 16.745449] kasan_save_track+0x18/0x40 [ 16.745916] kasan_save_free_info+0x3f/0x60 [ 16.746372] __kasan_slab_free+0x56/0x70 [ 16.746754] kfree+0x222/0x3f0 [ 16.747059] kasan_strings+0x2aa/0xe80 [ 16.747318] kunit_try_run_case+0x1a5/0x480 [ 16.747716] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.747956] kthread+0x337/0x6f0 [ 16.748225] ret_from_fork+0x41/0x80 [ 16.748567] ret_from_fork_asm+0x1a/0x30 [ 16.748946] [ 16.749209] The buggy address belongs to the object at ffff8881029f4740 [ 16.749209] which belongs to the cache kmalloc-32 of size 32 [ 16.749845] The buggy address is located 16 bytes inside of [ 16.749845] freed 32-byte region [ffff8881029f4740, ffff8881029f4760) [ 16.750255] [ 16.750391] The buggy address belongs to the physical page: [ 16.750821] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f4 [ 16.751679] flags: 0x200000000000000(node=0|zone=2) [ 16.752110] page_type: f5(slab) [ 16.752406] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 16.752870] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 16.753501] page dumped because: kasan: bad access detected [ 16.753737] [ 16.753853] Memory state around the buggy address: [ 16.754075] ffff8881029f4600: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 16.754629] ffff8881029f4680: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 16.755360] >ffff8881029f4700: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 16.755909] ^ [ 16.756405] ffff8881029f4780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 16.756871] ffff8881029f4800: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 16.757215] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 16.677117] ================================================================== [ 16.677899] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 16.678318] Read of size 1 at addr ffff8881029f4698 by task kunit_try_catch/278 [ 16.678658] [ 16.678888] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 16.678966] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.678982] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.679007] Call Trace: [ 16.679024] <TASK> [ 16.679053] dump_stack_lvl+0x73/0xb0 [ 16.679101] print_report+0xd1/0x650 [ 16.679144] ? __virt_addr_valid+0x1db/0x2d0 [ 16.679193] ? memcmp+0x1b4/0x1d0 [ 16.679230] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.679276] ? memcmp+0x1b4/0x1d0 [ 16.679318] kasan_report+0x141/0x180 [ 16.679379] ? memcmp+0x1b4/0x1d0 [ 16.679709] __asan_report_load1_noabort+0x18/0x20 [ 16.679814] memcmp+0x1b4/0x1d0 [ 16.679867] kasan_memcmp+0x18f/0x390 [ 16.679917] ? trace_hardirqs_on+0x37/0xe0 [ 16.679974] ? __pfx_kasan_memcmp+0x10/0x10 [ 16.680017] ? finish_task_switch.isra.0+0x153/0x700 [ 16.680068] ? __switch_to+0x5d9/0xf60 [ 16.680116] ? dequeue_task_fair+0x166/0x4e0 [ 16.680158] ? __pfx_read_tsc+0x10/0x10 [ 16.680193] ? ktime_get_ts64+0x86/0x230 [ 16.680238] kunit_try_run_case+0x1a5/0x480 [ 16.680280] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.680315] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.680374] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.680412] ? __kthread_parkme+0x82/0x180 [ 16.680439] ? preempt_count_sub+0x50/0x80 [ 16.680465] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.680490] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.680515] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.680542] kthread+0x337/0x6f0 [ 16.680561] ? trace_preempt_on+0x20/0xc0 [ 16.680585] ? __pfx_kthread+0x10/0x10 [ 16.680604] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.680627] ? calculate_sigpending+0x7b/0xa0 [ 16.680651] ? __pfx_kthread+0x10/0x10 [ 16.680671] ret_from_fork+0x41/0x80 [ 16.680693] ? __pfx_kthread+0x10/0x10 [ 16.680713] ret_from_fork_asm+0x1a/0x30 [ 16.680747] </TASK> [ 16.680759] [ 16.695940] Allocated by task 278: [ 16.696550] kasan_save_stack+0x45/0x70 [ 16.696873] kasan_save_track+0x18/0x40 [ 16.697371] kasan_save_alloc_info+0x3b/0x50 [ 16.697618] __kasan_kmalloc+0xb7/0xc0 [ 16.698527] __kmalloc_cache_noprof+0x189/0x420 [ 16.698865] kasan_memcmp+0xb7/0x390 [ 16.699053] kunit_try_run_case+0x1a5/0x480 [ 16.699454] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.699689] kthread+0x337/0x6f0 [ 16.700132] ret_from_fork+0x41/0x80 [ 16.700502] ret_from_fork_asm+0x1a/0x30 [ 16.701075] [ 16.701370] The buggy address belongs to the object at ffff8881029f4680 [ 16.701370] which belongs to the cache kmalloc-32 of size 32 [ 16.702607] The buggy address is located 0 bytes to the right of [ 16.702607] allocated 24-byte region [ffff8881029f4680, ffff8881029f4698) [ 16.703794] [ 16.704017] The buggy address belongs to the physical page: [ 16.704395] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f4 [ 16.705105] flags: 0x200000000000000(node=0|zone=2) [ 16.705566] page_type: f5(slab) [ 16.705818] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 16.706947] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 16.707431] page dumped because: kasan: bad access detected [ 16.707793] [ 16.707967] Memory state around the buggy address: [ 16.708309] ffff8881029f4580: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 16.708859] ffff8881029f4600: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 16.709534] >ffff8881029f4680: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.709980] ^ [ 16.710425] ffff8881029f4700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.711057] ffff8881029f4780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.711653] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 16.635779] ================================================================== [ 16.636782] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 16.637612] Read of size 1 at addr ffff888102a37c4a by task kunit_try_catch/274 [ 16.638681] [ 16.638921] CPU: 0 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 16.639029] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.639046] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.639230] Call Trace: [ 16.639264] <TASK> [ 16.639305] dump_stack_lvl+0x73/0xb0 [ 16.639461] print_report+0xd1/0x650 [ 16.639507] ? __virt_addr_valid+0x1db/0x2d0 [ 16.639549] ? kasan_alloca_oob_right+0x329/0x390 [ 16.639586] ? kasan_addr_to_slab+0x11/0xa0 [ 16.639611] ? kasan_alloca_oob_right+0x329/0x390 [ 16.639637] kasan_report+0x141/0x180 [ 16.639663] ? kasan_alloca_oob_right+0x329/0x390 [ 16.639695] __asan_report_load1_noabort+0x18/0x20 [ 16.639718] kasan_alloca_oob_right+0x329/0x390 [ 16.639745] ? finish_task_switch.isra.0+0x153/0x700 [ 16.639774] ? __mutex_lock.constprop.0+0xace/0x1280 [ 16.639800] ? trace_hardirqs_on+0x37/0xe0 [ 16.639829] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 16.639858] ? __schedule+0x10cc/0x2b60 [ 16.639885] ? __pfx_read_tsc+0x10/0x10 [ 16.639907] ? ktime_get_ts64+0x86/0x230 [ 16.639937] kunit_try_run_case+0x1a5/0x480 [ 16.639966] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.639992] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.640021] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.640047] ? __kthread_parkme+0x82/0x180 [ 16.640088] ? preempt_count_sub+0x50/0x80 [ 16.640116] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.640143] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.640169] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.640194] kthread+0x337/0x6f0 [ 16.640225] ? trace_preempt_on+0x20/0xc0 [ 16.640265] ? __pfx_kthread+0x10/0x10 [ 16.640293] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.640319] ? calculate_sigpending+0x7b/0xa0 [ 16.640362] ? __pfx_kthread+0x10/0x10 [ 16.640386] ret_from_fork+0x41/0x80 [ 16.640410] ? __pfx_kthread+0x10/0x10 [ 16.640431] ret_from_fork_asm+0x1a/0x30 [ 16.640467] </TASK> [ 16.640480] [ 16.655224] The buggy address belongs to stack of task kunit_try_catch/274 [ 16.656157] [ 16.656499] The buggy address belongs to the physical page: [ 16.657514] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a37 [ 16.658114] flags: 0x200000000000000(node=0|zone=2) [ 16.658999] raw: 0200000000000000 dead000000000100 dead000000000122 0000000000000000 [ 16.659617] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 16.660498] page dumped because: kasan: bad access detected [ 16.660784] [ 16.660904] Memory state around the buggy address: [ 16.661673] ffff888102a37b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.662154] ffff888102a37b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.662922] >ffff888102a37c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 16.663574] ^ [ 16.663987] ffff888102a37c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 16.664852] ffff888102a37d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 16.665241] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 16.601501] ================================================================== [ 16.602096] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 16.603021] Read of size 1 at addr ffff888102a2fc3f by task kunit_try_catch/272 [ 16.603761] [ 16.604441] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 16.604555] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.604582] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.604630] Call Trace: [ 16.605041] <TASK> [ 16.605109] dump_stack_lvl+0x73/0xb0 [ 16.605189] print_report+0xd1/0x650 [ 16.605241] ? __virt_addr_valid+0x1db/0x2d0 [ 16.605292] ? kasan_alloca_oob_left+0x320/0x380 [ 16.605358] ? kasan_addr_to_slab+0x11/0xa0 [ 16.605408] ? kasan_alloca_oob_left+0x320/0x380 [ 16.605449] kasan_report+0x141/0x180 [ 16.605487] ? kasan_alloca_oob_left+0x320/0x380 [ 16.605519] __asan_report_load1_noabort+0x18/0x20 [ 16.605542] kasan_alloca_oob_left+0x320/0x380 [ 16.605568] ? finish_task_switch.isra.0+0x153/0x700 [ 16.605597] ? __mutex_lock.constprop.0+0xace/0x1280 [ 16.605622] ? trace_hardirqs_on+0x37/0xe0 [ 16.605651] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 16.605679] ? __schedule+0x10cc/0x2b60 [ 16.605704] ? __pfx_read_tsc+0x10/0x10 [ 16.605727] ? ktime_get_ts64+0x86/0x230 [ 16.605756] kunit_try_run_case+0x1a5/0x480 [ 16.605783] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.605805] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.605831] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.605855] ? __kthread_parkme+0x82/0x180 [ 16.605880] ? preempt_count_sub+0x50/0x80 [ 16.605905] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.605930] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.605954] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.605978] kthread+0x337/0x6f0 [ 16.605997] ? trace_preempt_on+0x20/0xc0 [ 16.606021] ? __pfx_kthread+0x10/0x10 [ 16.606039] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.606064] ? calculate_sigpending+0x7b/0xa0 [ 16.606106] ? __pfx_kthread+0x10/0x10 [ 16.606137] ret_from_fork+0x41/0x80 [ 16.606169] ? __pfx_kthread+0x10/0x10 [ 16.606199] ret_from_fork_asm+0x1a/0x30 [ 16.606255] </TASK> [ 16.606277] [ 16.619746] The buggy address belongs to stack of task kunit_try_catch/272 [ 16.620633] [ 16.620846] The buggy address belongs to the physical page: [ 16.621425] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2f [ 16.622054] flags: 0x200000000000000(node=0|zone=2) [ 16.622460] raw: 0200000000000000 dead000000000100 dead000000000122 0000000000000000 [ 16.623328] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 16.623711] page dumped because: kasan: bad access detected [ 16.623970] [ 16.624433] Memory state around the buggy address: [ 16.624853] ffff888102a2fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.625665] ffff888102a2fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.626250] >ffff888102a2fc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 16.627139] ^ [ 16.627836] ffff888102a2fc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 16.628575] ffff888102a2fd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 16.628975] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 16.561698] ================================================================== [ 16.563020] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 16.563699] Read of size 1 at addr ffff888102a07d02 by task kunit_try_catch/270 [ 16.564863] [ 16.565067] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 16.565172] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.565189] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.565476] Call Trace: [ 16.565504] <TASK> [ 16.565534] dump_stack_lvl+0x73/0xb0 [ 16.565577] print_report+0xd1/0x650 [ 16.565608] ? __virt_addr_valid+0x1db/0x2d0 [ 16.565636] ? kasan_stack_oob+0x2b5/0x300 [ 16.565659] ? kasan_addr_to_slab+0x11/0xa0 [ 16.565685] ? kasan_stack_oob+0x2b5/0x300 [ 16.565709] kasan_report+0x141/0x180 [ 16.565735] ? kasan_stack_oob+0x2b5/0x300 [ 16.565765] __asan_report_load1_noabort+0x18/0x20 [ 16.565789] kasan_stack_oob+0x2b5/0x300 [ 16.565813] ? __pfx_kasan_stack_oob+0x10/0x10 [ 16.565836] ? __schedule+0x207f/0x2b60 [ 16.565862] ? schedule+0x7c/0x2e0 [ 16.565887] ? trace_hardirqs_on+0x37/0xe0 [ 16.565917] ? __schedule+0x207f/0x2b60 [ 16.565942] ? __pfx_read_tsc+0x10/0x10 [ 16.565964] ? ktime_get_ts64+0x86/0x230 [ 16.565995] kunit_try_run_case+0x1a5/0x480 [ 16.566025] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.566050] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.566096] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.566124] ? __kthread_parkme+0x82/0x180 [ 16.566151] ? preempt_count_sub+0x50/0x80 [ 16.566181] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.566234] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.566291] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.566331] kthread+0x337/0x6f0 [ 16.566376] ? trace_preempt_on+0x20/0xc0 [ 16.566404] ? __pfx_kthread+0x10/0x10 [ 16.566426] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.566453] ? calculate_sigpending+0x7b/0xa0 [ 16.566480] ? __pfx_kthread+0x10/0x10 [ 16.566502] ret_from_fork+0x41/0x80 [ 16.566526] ? __pfx_kthread+0x10/0x10 [ 16.566547] ret_from_fork_asm+0x1a/0x30 [ 16.566584] </TASK> [ 16.566598] [ 16.578807] The buggy address belongs to stack of task kunit_try_catch/270 [ 16.579783] and is located at offset 138 in frame: [ 16.580437] kasan_stack_oob+0x0/0x300 [ 16.581129] [ 16.581567] This frame has 4 objects: [ 16.582105] [48, 49) '__assertion' [ 16.582188] [64, 72) 'array' [ 16.582670] [96, 112) '__assertion' [ 16.582993] [128, 138) 'stack_array' [ 16.583466] [ 16.584755] The buggy address belongs to the physical page: [ 16.585495] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a07 [ 16.586199] flags: 0x200000000000000(node=0|zone=2) [ 16.586836] raw: 0200000000000000 dead000000000100 dead000000000122 0000000000000000 [ 16.587431] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 16.587890] page dumped because: kasan: bad access detected [ 16.588119] [ 16.588912] Memory state around the buggy address: [ 16.589528] ffff888102a07c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 16.590162] ffff888102a07c80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 16.590871] >ffff888102a07d00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 16.591719] ^ [ 16.592034] ffff888102a07d80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 16.592788] ffff888102a07e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.593643] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 16.525913] ================================================================== [ 16.526644] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 16.527441] Read of size 1 at addr ffffffffba84332d by task kunit_try_catch/266 [ 16.528835] [ 16.529330] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 16.529730] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.529756] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.529787] Call Trace: [ 16.529806] <TASK> [ 16.529833] dump_stack_lvl+0x73/0xb0 [ 16.529875] print_report+0xd1/0x650 [ 16.529904] ? __virt_addr_valid+0x1db/0x2d0 [ 16.529933] ? kasan_global_oob_right+0x286/0x2d0 [ 16.529958] ? kasan_addr_to_slab+0x11/0xa0 [ 16.529983] ? kasan_global_oob_right+0x286/0x2d0 [ 16.530009] kasan_report+0x141/0x180 [ 16.530034] ? kasan_global_oob_right+0x286/0x2d0 [ 16.530070] __asan_report_load1_noabort+0x18/0x20 [ 16.530103] kasan_global_oob_right+0x286/0x2d0 [ 16.530129] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 16.530158] ? __schedule+0x10cc/0x2b60 [ 16.530186] ? __pfx_read_tsc+0x10/0x10 [ 16.530241] ? ktime_get_ts64+0x86/0x230 [ 16.530306] kunit_try_run_case+0x1a5/0x480 [ 16.530362] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.530391] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.530420] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.530447] ? __kthread_parkme+0x82/0x180 [ 16.530474] ? preempt_count_sub+0x50/0x80 [ 16.530505] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.530531] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.530557] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.530583] kthread+0x337/0x6f0 [ 16.530602] ? trace_preempt_on+0x20/0xc0 [ 16.530629] ? __pfx_kthread+0x10/0x10 [ 16.530649] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.530674] ? calculate_sigpending+0x7b/0xa0 [ 16.530699] ? __pfx_kthread+0x10/0x10 [ 16.530720] ret_from_fork+0x41/0x80 [ 16.530743] ? __pfx_kthread+0x10/0x10 [ 16.530762] ret_from_fork_asm+0x1a/0x30 [ 16.530797] </TASK> [ 16.530810] [ 16.543041] The buggy address belongs to the variable: [ 16.543930] global_array+0xd/0x40 [ 16.544535] [ 16.544786] The buggy address belongs to the physical page: [ 16.545350] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x14e43 [ 16.545680] flags: 0x100000000002000(reserved|node=0|zone=1) [ 16.546771] raw: 0100000000002000 ffffea00005390c8 ffffea00005390c8 0000000000000000 [ 16.547403] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 16.547864] page dumped because: kasan: bad access detected [ 16.548500] [ 16.548635] Memory state around the buggy address: [ 16.549036] ffffffffba843200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.549933] ffffffffba843280: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.550374] >ffffffffba843300: 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 [ 16.551141] ^ [ 16.551413] ffffffffba843380: f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 [ 16.551748] ffffffffba843400: f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 [ 16.552073] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 16.487884] ================================================================== [ 16.488731] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 16.490234] Free of addr ffff888103ab4001 by task kunit_try_catch/264 [ 16.490625] [ 16.490972] CPU: 1 UID: 0 PID: 264 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 16.491091] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.491163] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.491194] Call Trace: [ 16.491227] <TASK> [ 16.491301] dump_stack_lvl+0x73/0xb0 [ 16.491381] print_report+0xd1/0x650 [ 16.491423] ? __virt_addr_valid+0x1db/0x2d0 [ 16.491453] ? kasan_addr_to_slab+0x11/0xa0 [ 16.491475] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 16.491503] kasan_report_invalid_free+0x10a/0x130 [ 16.491530] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 16.491561] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 16.491587] __kasan_mempool_poison_object+0x102/0x1d0 [ 16.491612] mempool_free+0x2ec/0x380 [ 16.491641] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 16.491668] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 16.491694] ? dequeue_entities+0x852/0x1740 [ 16.491722] ? finish_task_switch.isra.0+0x153/0x700 [ 16.491750] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 16.491777] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 16.491803] ? dequeue_task_fair+0x166/0x4e0 [ 16.491826] ? __pfx_mempool_kmalloc+0x10/0x10 [ 16.491847] ? __pfx_mempool_kfree+0x10/0x10 [ 16.491871] ? __pfx_read_tsc+0x10/0x10 [ 16.491892] ? ktime_get_ts64+0x86/0x230 [ 16.491920] kunit_try_run_case+0x1a5/0x480 [ 16.491948] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.491971] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.491997] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.492022] ? __kthread_parkme+0x82/0x180 [ 16.492046] ? preempt_count_sub+0x50/0x80 [ 16.492090] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.492116] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.492141] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.492166] kthread+0x337/0x6f0 [ 16.492185] ? trace_preempt_on+0x20/0xc0 [ 16.492240] ? __pfx_kthread+0x10/0x10 [ 16.492291] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.492324] ? calculate_sigpending+0x7b/0xa0 [ 16.492370] ? __pfx_kthread+0x10/0x10 [ 16.492393] ret_from_fork+0x41/0x80 [ 16.492416] ? __pfx_kthread+0x10/0x10 [ 16.492437] ret_from_fork_asm+0x1a/0x30 [ 16.492472] </TASK> [ 16.492486] [ 16.508790] The buggy address belongs to the physical page: [ 16.509086] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ab4 [ 16.509757] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.510426] flags: 0x200000000000040(head|node=0|zone=2) [ 16.510867] page_type: f8(unknown) [ 16.511122] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.511855] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.512362] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.512782] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.513609] head: 0200000000000002 ffffea00040ead01 00000000ffffffff 00000000ffffffff [ 16.514367] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.515026] page dumped because: kasan: bad access detected [ 16.515493] [ 16.515671] Memory state around the buggy address: [ 16.515947] ffff888103ab3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.516266] ffff888103ab3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.517153] >ffff888103ab4000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.517947] ^ [ 16.518582] ffff888103ab4080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.519137] ffff888103ab4100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.519592] ================================================================== [ 16.445568] ================================================================== [ 16.446114] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 16.446830] Free of addr ffff8881025fa801 by task kunit_try_catch/262 [ 16.447305] [ 16.447563] CPU: 0 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 16.447671] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.447697] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.447739] Call Trace: [ 16.447769] <TASK> [ 16.447812] dump_stack_lvl+0x73/0xb0 [ 16.447879] print_report+0xd1/0x650 [ 16.447926] ? __virt_addr_valid+0x1db/0x2d0 [ 16.447978] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.448024] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 16.448224] kasan_report_invalid_free+0x10a/0x130 [ 16.448300] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 16.448381] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 16.448434] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 16.448476] check_slab_allocation+0x11f/0x130 [ 16.448547] __kasan_mempool_poison_object+0x91/0x1d0 [ 16.448597] mempool_free+0x2ec/0x380 [ 16.448646] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 16.448698] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 16.448751] ? dequeue_entities+0x852/0x1740 [ 16.448787] ? finish_task_switch.isra.0+0x153/0x700 [ 16.448820] mempool_kmalloc_invalid_free+0xed/0x140 [ 16.448848] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 16.448876] ? dequeue_task_fair+0x166/0x4e0 [ 16.448900] ? __pfx_mempool_kmalloc+0x10/0x10 [ 16.448922] ? __pfx_mempool_kfree+0x10/0x10 [ 16.448945] ? __pfx_read_tsc+0x10/0x10 [ 16.448969] ? ktime_get_ts64+0x86/0x230 [ 16.448999] kunit_try_run_case+0x1a5/0x480 [ 16.449046] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.449107] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.449186] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.449249] ? __kthread_parkme+0x82/0x180 [ 16.449285] ? preempt_count_sub+0x50/0x80 [ 16.449315] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.449363] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.449393] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.449419] kthread+0x337/0x6f0 [ 16.449440] ? trace_preempt_on+0x20/0xc0 [ 16.449468] ? __pfx_kthread+0x10/0x10 [ 16.449489] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.449514] ? calculate_sigpending+0x7b/0xa0 [ 16.449540] ? __pfx_kthread+0x10/0x10 [ 16.449562] ret_from_fork+0x41/0x80 [ 16.449586] ? __pfx_kthread+0x10/0x10 [ 16.449606] ret_from_fork_asm+0x1a/0x30 [ 16.449645] </TASK> [ 16.449659] [ 16.465475] Allocated by task 262: [ 16.465679] kasan_save_stack+0x45/0x70 [ 16.465914] kasan_save_track+0x18/0x40 [ 16.466389] kasan_save_alloc_info+0x3b/0x50 [ 16.466882] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 16.467478] remove_element+0x11e/0x190 [ 16.467749] mempool_alloc_preallocated+0x4d/0x90 [ 16.468222] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 16.468597] mempool_kmalloc_invalid_free+0xed/0x140 [ 16.469138] kunit_try_run_case+0x1a5/0x480 [ 16.469652] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.469951] kthread+0x337/0x6f0 [ 16.470629] ret_from_fork+0x41/0x80 [ 16.471006] ret_from_fork_asm+0x1a/0x30 [ 16.471413] [ 16.471604] The buggy address belongs to the object at ffff8881025fa800 [ 16.471604] which belongs to the cache kmalloc-128 of size 128 [ 16.472777] The buggy address is located 1 bytes inside of [ 16.472777] 128-byte region [ffff8881025fa800, ffff8881025fa880) [ 16.473826] [ 16.474251] The buggy address belongs to the physical page: [ 16.474771] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025fa [ 16.475317] flags: 0x200000000000000(node=0|zone=2) [ 16.476124] page_type: f5(slab) [ 16.476690] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.477423] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.477660] page dumped because: kasan: bad access detected [ 16.477827] [ 16.477905] Memory state around the buggy address: [ 16.478059] ffff8881025fa700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.478442] ffff8881025fa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.478950] >ffff8881025fa800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.479279] ^ [ 16.480196] ffff8881025fa880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.480851] ffff8881025fa900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.481759] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 16.375187] ================================================================== [ 16.376140] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 16.376964] Free of addr ffff8881039d8000 by task kunit_try_catch/258 [ 16.377729] [ 16.378031] CPU: 0 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 16.378175] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.378314] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.378385] Call Trace: [ 16.378421] <TASK> [ 16.378528] dump_stack_lvl+0x73/0xb0 [ 16.378611] print_report+0xd1/0x650 [ 16.378667] ? __virt_addr_valid+0x1db/0x2d0 [ 16.378726] ? kasan_addr_to_slab+0x11/0xa0 [ 16.378771] ? mempool_double_free_helper+0x184/0x370 [ 16.378827] kasan_report_invalid_free+0x10a/0x130 [ 16.378879] ? mempool_double_free_helper+0x184/0x370 [ 16.378932] ? mempool_double_free_helper+0x184/0x370 [ 16.378979] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 16.379023] mempool_free+0x2ec/0x380 [ 16.379055] mempool_double_free_helper+0x184/0x370 [ 16.379108] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 16.379136] ? dequeue_entities+0x852/0x1740 [ 16.379168] ? finish_task_switch.isra.0+0x153/0x700 [ 16.379201] mempool_kmalloc_large_double_free+0xed/0x140 [ 16.379273] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 16.379321] ? dequeue_task_fair+0x166/0x4e0 [ 16.379376] ? __pfx_mempool_kmalloc+0x10/0x10 [ 16.379403] ? __pfx_mempool_kfree+0x10/0x10 [ 16.379428] ? __pfx_read_tsc+0x10/0x10 [ 16.379452] ? ktime_get_ts64+0x86/0x230 [ 16.379484] kunit_try_run_case+0x1a5/0x480 [ 16.379516] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.379541] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.379573] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.379601] ? __kthread_parkme+0x82/0x180 [ 16.379629] ? preempt_count_sub+0x50/0x80 [ 16.379658] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.379685] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.379712] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.379738] kthread+0x337/0x6f0 [ 16.379759] ? trace_preempt_on+0x20/0xc0 [ 16.379788] ? __pfx_kthread+0x10/0x10 [ 16.379810] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.379835] ? calculate_sigpending+0x7b/0xa0 [ 16.379862] ? __pfx_kthread+0x10/0x10 [ 16.379884] ret_from_fork+0x41/0x80 [ 16.379908] ? __pfx_kthread+0x10/0x10 [ 16.379928] ret_from_fork_asm+0x1a/0x30 [ 16.379966] </TASK> [ 16.379979] [ 16.394493] The buggy address belongs to the physical page: [ 16.395017] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d8 [ 16.395634] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.396412] flags: 0x200000000000040(head|node=0|zone=2) [ 16.396655] page_type: f8(unknown) [ 16.396827] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.397117] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.397637] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.398141] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.398739] head: 0200000000000002 ffffea00040e7601 00000000ffffffff 00000000ffffffff [ 16.399251] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.399962] page dumped because: kasan: bad access detected [ 16.400566] [ 16.400794] Memory state around the buggy address: [ 16.401664] ffff8881039d7f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.402107] ffff8881039d7f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.402853] >ffff8881039d8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.403354] ^ [ 16.403931] ffff8881039d8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.404556] ffff8881039d8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.405347] ================================================================== [ 16.411705] ================================================================== [ 16.412280] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 16.412923] Free of addr ffff888103ab4000 by task kunit_try_catch/260 [ 16.413715] [ 16.413936] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 16.414036] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.414062] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.414144] Call Trace: [ 16.414600] <TASK> [ 16.414656] dump_stack_lvl+0x73/0xb0 [ 16.414709] print_report+0xd1/0x650 [ 16.414751] ? __virt_addr_valid+0x1db/0x2d0 [ 16.414781] ? kasan_addr_to_slab+0x11/0xa0 [ 16.414803] ? mempool_double_free_helper+0x184/0x370 [ 16.414829] kasan_report_invalid_free+0x10a/0x130 [ 16.414855] ? mempool_double_free_helper+0x184/0x370 [ 16.414882] ? mempool_double_free_helper+0x184/0x370 [ 16.414907] __kasan_mempool_poison_pages+0x115/0x130 [ 16.414932] mempool_free+0x290/0x380 [ 16.414960] mempool_double_free_helper+0x184/0x370 [ 16.414984] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 16.415009] ? dequeue_entities+0x852/0x1740 [ 16.415037] ? finish_task_switch.isra.0+0x153/0x700 [ 16.415108] mempool_page_alloc_double_free+0xe8/0x140 [ 16.415166] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 16.415223] ? dequeue_task_fair+0x166/0x4e0 [ 16.415266] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 16.415302] ? __pfx_mempool_free_pages+0x10/0x10 [ 16.415356] ? __pfx_read_tsc+0x10/0x10 [ 16.415392] ? ktime_get_ts64+0x86/0x230 [ 16.415438] kunit_try_run_case+0x1a5/0x480 [ 16.415484] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.415519] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.415564] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.415606] ? __kthread_parkme+0x82/0x180 [ 16.415647] ? preempt_count_sub+0x50/0x80 [ 16.415677] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.415701] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.415726] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.415750] kthread+0x337/0x6f0 [ 16.415770] ? trace_preempt_on+0x20/0xc0 [ 16.415796] ? __pfx_kthread+0x10/0x10 [ 16.415815] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.415838] ? calculate_sigpending+0x7b/0xa0 [ 16.415862] ? __pfx_kthread+0x10/0x10 [ 16.415883] ret_from_fork+0x41/0x80 [ 16.415905] ? __pfx_kthread+0x10/0x10 [ 16.415925] ret_from_fork_asm+0x1a/0x30 [ 16.415959] </TASK> [ 16.415973] [ 16.433105] The buggy address belongs to the physical page: [ 16.433578] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ab4 [ 16.433763] flags: 0x200000000000000(node=0|zone=2) [ 16.433903] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 16.434051] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 16.434917] page dumped because: kasan: bad access detected [ 16.435194] [ 16.435305] Memory state around the buggy address: [ 16.435572] ffff888103ab3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.435903] ffff888103ab3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.436227] >ffff888103ab4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.437791] ^ [ 16.438498] ffff888103ab4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.439123] ffff888103ab4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.439460] ================================================================== [ 16.330812] ================================================================== [ 16.331378] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 16.331955] Free of addr ffff8881025fa400 by task kunit_try_catch/256 [ 16.332618] [ 16.332846] CPU: 0 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 16.332953] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.332980] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.333034] Call Trace: [ 16.333068] <TASK> [ 16.333520] dump_stack_lvl+0x73/0xb0 [ 16.333598] print_report+0xd1/0x650 [ 16.333633] ? __virt_addr_valid+0x1db/0x2d0 [ 16.333664] ? kasan_complete_mode_report_info+0x64/0x200 [ 16.333693] ? mempool_double_free_helper+0x184/0x370 [ 16.333722] kasan_report_invalid_free+0x10a/0x130 [ 16.333751] ? mempool_double_free_helper+0x184/0x370 [ 16.333782] ? mempool_double_free_helper+0x184/0x370 [ 16.333809] ? mempool_double_free_helper+0x184/0x370 [ 16.333836] check_slab_allocation+0x101/0x130 [ 16.333863] __kasan_mempool_poison_object+0x91/0x1d0 [ 16.333891] mempool_free+0x2ec/0x380 [ 16.333921] mempool_double_free_helper+0x184/0x370 [ 16.333950] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 16.333978] ? dequeue_entities+0x852/0x1740 [ 16.334009] ? finish_task_switch.isra.0+0x153/0x700 [ 16.334043] mempool_kmalloc_double_free+0xed/0x140 [ 16.334101] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 16.334130] ? dequeue_task_fair+0x166/0x4e0 [ 16.334156] ? __pfx_mempool_kmalloc+0x10/0x10 [ 16.334180] ? __pfx_mempool_kfree+0x10/0x10 [ 16.334205] ? __pfx_read_tsc+0x10/0x10 [ 16.334229] ? ktime_get_ts64+0x86/0x230 [ 16.334259] kunit_try_run_case+0x1a5/0x480 [ 16.334291] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.334317] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.334372] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.334403] ? __kthread_parkme+0x82/0x180 [ 16.334434] ? preempt_count_sub+0x50/0x80 [ 16.334463] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.334490] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.334518] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.334545] kthread+0x337/0x6f0 [ 16.334567] ? trace_preempt_on+0x20/0xc0 [ 16.334596] ? __pfx_kthread+0x10/0x10 [ 16.334619] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.334645] ? calculate_sigpending+0x7b/0xa0 [ 16.334673] ? __pfx_kthread+0x10/0x10 [ 16.334696] ret_from_fork+0x41/0x80 [ 16.334720] ? __pfx_kthread+0x10/0x10 [ 16.334742] ret_from_fork_asm+0x1a/0x30 [ 16.334779] </TASK> [ 16.334792] [ 16.348839] Allocated by task 256: [ 16.349109] kasan_save_stack+0x45/0x70 [ 16.349533] kasan_save_track+0x18/0x40 [ 16.349894] kasan_save_alloc_info+0x3b/0x50 [ 16.350286] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 16.350746] remove_element+0x11e/0x190 [ 16.351099] mempool_alloc_preallocated+0x4d/0x90 [ 16.351514] mempool_double_free_helper+0x8a/0x370 [ 16.351932] mempool_kmalloc_double_free+0xed/0x140 [ 16.352366] kunit_try_run_case+0x1a5/0x480 [ 16.352581] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.352814] kthread+0x337/0x6f0 [ 16.353001] ret_from_fork+0x41/0x80 [ 16.353238] ret_from_fork_asm+0x1a/0x30 [ 16.353558] [ 16.353744] Freed by task 256: [ 16.354034] kasan_save_stack+0x45/0x70 [ 16.354419] kasan_save_track+0x18/0x40 [ 16.354846] kasan_save_free_info+0x3f/0x60 [ 16.355356] __kasan_mempool_poison_object+0x131/0x1d0 [ 16.355790] mempool_free+0x2ec/0x380 [ 16.356212] mempool_double_free_helper+0x109/0x370 [ 16.356681] mempool_kmalloc_double_free+0xed/0x140 [ 16.357176] kunit_try_run_case+0x1a5/0x480 [ 16.357492] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.357923] kthread+0x337/0x6f0 [ 16.358160] ret_from_fork+0x41/0x80 [ 16.358373] ret_from_fork_asm+0x1a/0x30 [ 16.358577] [ 16.358691] The buggy address belongs to the object at ffff8881025fa400 [ 16.358691] which belongs to the cache kmalloc-128 of size 128 [ 16.359487] The buggy address is located 0 bytes inside of [ 16.359487] 128-byte region [ffff8881025fa400, ffff8881025fa480) [ 16.360463] [ 16.360657] The buggy address belongs to the physical page: [ 16.361217] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025fa [ 16.361846] flags: 0x200000000000000(node=0|zone=2) [ 16.362382] page_type: f5(slab) [ 16.362774] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.363285] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.363713] page dumped because: kasan: bad access detected [ 16.364131] [ 16.364249] Memory state around the buggy address: [ 16.364607] ffff8881025fa300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.365307] ffff8881025fa380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.365754] >ffff8881025fa400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.366037] ^ [ 16.366236] ffff8881025fa480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.366717] ffff8881025fa500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.367468] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 16.291009] ================================================================== [ 16.291906] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 16.292605] Read of size 1 at addr ffff8881039d8000 by task kunit_try_catch/254 [ 16.293449] [ 16.293698] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 16.293809] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.293841] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.293891] Call Trace: [ 16.293923] <TASK> [ 16.293966] dump_stack_lvl+0x73/0xb0 [ 16.294037] print_report+0xd1/0x650 [ 16.294103] ? __virt_addr_valid+0x1db/0x2d0 [ 16.294151] ? mempool_uaf_helper+0x392/0x400 [ 16.294196] ? kasan_addr_to_slab+0x11/0xa0 [ 16.294239] ? mempool_uaf_helper+0x392/0x400 [ 16.294295] kasan_report+0x141/0x180 [ 16.294365] ? mempool_uaf_helper+0x392/0x400 [ 16.294427] __asan_report_load1_noabort+0x18/0x20 [ 16.294476] mempool_uaf_helper+0x392/0x400 [ 16.294529] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 16.294576] ? dequeue_entities+0x852/0x1740 [ 16.294638] ? finish_task_switch.isra.0+0x153/0x700 [ 16.294702] mempool_page_alloc_uaf+0xed/0x140 [ 16.294760] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 16.294797] ? dequeue_task_fair+0x166/0x4e0 [ 16.294837] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 16.294878] ? __pfx_mempool_free_pages+0x10/0x10 [ 16.294917] ? __pfx_read_tsc+0x10/0x10 [ 16.294956] ? ktime_get_ts64+0x86/0x230 [ 16.295003] kunit_try_run_case+0x1a5/0x480 [ 16.295052] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.295090] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.295136] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.295164] ? __kthread_parkme+0x82/0x180 [ 16.295192] ? preempt_count_sub+0x50/0x80 [ 16.295236] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.295275] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.295311] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.295357] kthread+0x337/0x6f0 [ 16.295380] ? trace_preempt_on+0x20/0xc0 [ 16.295410] ? __pfx_kthread+0x10/0x10 [ 16.295431] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.295459] ? calculate_sigpending+0x7b/0xa0 [ 16.295485] ? __pfx_kthread+0x10/0x10 [ 16.295506] ret_from_fork+0x41/0x80 [ 16.295531] ? __pfx_kthread+0x10/0x10 [ 16.295551] ret_from_fork_asm+0x1a/0x30 [ 16.295588] </TASK> [ 16.295601] [ 16.307687] The buggy address belongs to the physical page: [ 16.308650] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d8 [ 16.309492] flags: 0x200000000000000(node=0|zone=2) [ 16.309976] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 16.310834] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 16.311270] page dumped because: kasan: bad access detected [ 16.311518] [ 16.311680] Memory state around the buggy address: [ 16.312010] ffff8881039d7f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.312507] ffff8881039d7f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.312900] >ffff8881039d8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.314001] ^ [ 16.314258] ffff8881039d8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.314622] ffff8881039d8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.315074] ================================================================== [ 16.202820] ================================================================== [ 16.203711] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 16.203993] Read of size 1 at addr ffff888103ab4000 by task kunit_try_catch/250 [ 16.204393] [ 16.204539] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 16.204643] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.204672] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.204757] Call Trace: [ 16.204786] <TASK> [ 16.204838] dump_stack_lvl+0x73/0xb0 [ 16.204899] print_report+0xd1/0x650 [ 16.204943] ? __virt_addr_valid+0x1db/0x2d0 [ 16.204982] ? mempool_uaf_helper+0x392/0x400 [ 16.205026] ? kasan_addr_to_slab+0x11/0xa0 [ 16.205093] ? mempool_uaf_helper+0x392/0x400 [ 16.205133] kasan_report+0x141/0x180 [ 16.205176] ? mempool_uaf_helper+0x392/0x400 [ 16.205234] __asan_report_load1_noabort+0x18/0x20 [ 16.205283] mempool_uaf_helper+0x392/0x400 [ 16.205352] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 16.205407] ? dequeue_entities+0x852/0x1740 [ 16.205466] ? finish_task_switch.isra.0+0x153/0x700 [ 16.205527] mempool_kmalloc_large_uaf+0xef/0x140 [ 16.205579] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 16.205622] ? dequeue_task_fair+0x166/0x4e0 [ 16.205664] ? __pfx_mempool_kmalloc+0x10/0x10 [ 16.205708] ? __pfx_mempool_kfree+0x10/0x10 [ 16.205751] ? __pfx_read_tsc+0x10/0x10 [ 16.205826] ? ktime_get_ts64+0x86/0x230 [ 16.205898] kunit_try_run_case+0x1a5/0x480 [ 16.205954] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.206025] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.206104] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.206160] ? __kthread_parkme+0x82/0x180 [ 16.206233] ? preempt_count_sub+0x50/0x80 [ 16.206265] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.206290] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.206318] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.206364] kthread+0x337/0x6f0 [ 16.206385] ? trace_preempt_on+0x20/0xc0 [ 16.206411] ? __pfx_kthread+0x10/0x10 [ 16.206431] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.206455] ? calculate_sigpending+0x7b/0xa0 [ 16.206480] ? __pfx_kthread+0x10/0x10 [ 16.206502] ret_from_fork+0x41/0x80 [ 16.206524] ? __pfx_kthread+0x10/0x10 [ 16.206544] ret_from_fork_asm+0x1a/0x30 [ 16.206577] </TASK> [ 16.206590] [ 16.218210] The buggy address belongs to the physical page: [ 16.218533] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ab4 [ 16.219112] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.219650] flags: 0x200000000000040(head|node=0|zone=2) [ 16.220099] page_type: f8(unknown) [ 16.220423] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.220934] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.221523] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.221849] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.222141] head: 0200000000000002 ffffea00040ead01 00000000ffffffff 00000000ffffffff [ 16.222904] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.223475] page dumped because: kasan: bad access detected [ 16.223830] [ 16.223950] Memory state around the buggy address: [ 16.224159] ffff888103ab3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.224446] ffff888103ab3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.224716] >ffff888103ab4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.225295] ^ [ 16.225619] ffff888103ab4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.226283] ffff888103ab4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.226954] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 16.235575] ================================================================== [ 16.236104] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 16.237024] Read of size 1 at addr ffff888102613240 by task kunit_try_catch/252 [ 16.237356] [ 16.237730] CPU: 0 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 16.237824] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.237845] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.237873] Call Trace: [ 16.237891] <TASK> [ 16.237921] dump_stack_lvl+0x73/0xb0 [ 16.237992] print_report+0xd1/0x650 [ 16.238047] ? __virt_addr_valid+0x1db/0x2d0 [ 16.238100] ? mempool_uaf_helper+0x392/0x400 [ 16.238150] ? kasan_complete_mode_report_info+0x64/0x200 [ 16.238202] ? mempool_uaf_helper+0x392/0x400 [ 16.238249] kasan_report+0x141/0x180 [ 16.238295] ? mempool_uaf_helper+0x392/0x400 [ 16.238371] __asan_report_load1_noabort+0x18/0x20 [ 16.238421] mempool_uaf_helper+0x392/0x400 [ 16.238479] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 16.238539] ? finish_task_switch.isra.0+0x153/0x700 [ 16.238600] mempool_slab_uaf+0xea/0x140 [ 16.238635] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 16.238657] ? dequeue_task_fair+0x166/0x4e0 [ 16.238685] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 16.238713] ? __pfx_mempool_free_slab+0x10/0x10 [ 16.238740] ? __pfx_read_tsc+0x10/0x10 [ 16.238766] ? ktime_get_ts64+0x86/0x230 [ 16.238797] kunit_try_run_case+0x1a5/0x480 [ 16.238827] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.238853] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.238882] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.238910] ? __kthread_parkme+0x82/0x180 [ 16.238939] ? preempt_count_sub+0x50/0x80 [ 16.238966] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.238992] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.239018] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.239044] kthread+0x337/0x6f0 [ 16.239067] ? trace_preempt_on+0x20/0xc0 [ 16.239578] ? __pfx_kthread+0x10/0x10 [ 16.239648] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.239703] ? calculate_sigpending+0x7b/0xa0 [ 16.239760] ? __pfx_kthread+0x10/0x10 [ 16.239808] ret_from_fork+0x41/0x80 [ 16.239857] ? __pfx_kthread+0x10/0x10 [ 16.239999] ret_from_fork_asm+0x1a/0x30 [ 16.240049] </TASK> [ 16.240064] [ 16.257023] Allocated by task 252: [ 16.257980] kasan_save_stack+0x45/0x70 [ 16.258422] kasan_save_track+0x18/0x40 [ 16.258680] kasan_save_alloc_info+0x3b/0x50 [ 16.258955] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 16.259905] remove_element+0x11e/0x190 [ 16.260249] mempool_alloc_preallocated+0x4d/0x90 [ 16.260487] mempool_uaf_helper+0x96/0x400 [ 16.260814] mempool_slab_uaf+0xea/0x140 [ 16.261687] kunit_try_run_case+0x1a5/0x480 [ 16.261939] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.262142] kthread+0x337/0x6f0 [ 16.262662] ret_from_fork+0x41/0x80 [ 16.262837] ret_from_fork_asm+0x1a/0x30 [ 16.263700] [ 16.263896] Freed by task 252: [ 16.264152] kasan_save_stack+0x45/0x70 [ 16.264366] kasan_save_track+0x18/0x40 [ 16.264691] kasan_save_free_info+0x3f/0x60 [ 16.265005] __kasan_mempool_poison_object+0x131/0x1d0 [ 16.265989] mempool_free+0x2ec/0x380 [ 16.266609] mempool_uaf_helper+0x11a/0x400 [ 16.266871] mempool_slab_uaf+0xea/0x140 [ 16.267041] kunit_try_run_case+0x1a5/0x480 [ 16.267639] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.268011] kthread+0x337/0x6f0 [ 16.268397] ret_from_fork+0x41/0x80 [ 16.268568] ret_from_fork_asm+0x1a/0x30 [ 16.268727] [ 16.268825] The buggy address belongs to the object at ffff888102613240 [ 16.268825] which belongs to the cache test_cache of size 123 [ 16.269914] The buggy address is located 0 bytes inside of [ 16.269914] freed 123-byte region [ffff888102613240, ffff8881026132bb) [ 16.271410] [ 16.271535] The buggy address belongs to the physical page: [ 16.271737] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102613 [ 16.272310] flags: 0x200000000000000(node=0|zone=2) [ 16.273111] page_type: f5(slab) [ 16.273462] raw: 0200000000000000 ffff888102610000 dead000000000122 0000000000000000 [ 16.273758] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 16.274308] page dumped because: kasan: bad access detected [ 16.274647] [ 16.274827] Memory state around the buggy address: [ 16.276003] ffff888102613100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.276453] ffff888102613180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.276818] >ffff888102613200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 16.277041] ^ [ 16.277535] ffff888102613280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.278205] ffff888102613300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.278903] ================================================================== [ 16.152887] ================================================================== [ 16.154283] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 16.154968] Read of size 1 at addr ffff888102b20100 by task kunit_try_catch/248 [ 16.155648] [ 16.156460] CPU: 1 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 16.156578] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.156605] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.156647] Call Trace: [ 16.156672] <TASK> [ 16.156710] dump_stack_lvl+0x73/0xb0 [ 16.156772] print_report+0xd1/0x650 [ 16.156812] ? __virt_addr_valid+0x1db/0x2d0 [ 16.156852] ? mempool_uaf_helper+0x392/0x400 [ 16.156890] ? kasan_complete_mode_report_info+0x64/0x200 [ 16.156935] ? mempool_uaf_helper+0x392/0x400 [ 16.156979] kasan_report+0x141/0x180 [ 16.157232] ? mempool_uaf_helper+0x392/0x400 [ 16.157304] __asan_report_load1_noabort+0x18/0x20 [ 16.157361] mempool_uaf_helper+0x392/0x400 [ 16.157405] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 16.157442] ? dequeue_entities+0x852/0x1740 [ 16.157489] ? finish_task_switch.isra.0+0x153/0x700 [ 16.157536] mempool_kmalloc_uaf+0xef/0x140 [ 16.157574] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 16.157610] ? dequeue_task_fair+0x166/0x4e0 [ 16.157649] ? __pfx_mempool_kmalloc+0x10/0x10 [ 16.157684] ? __pfx_mempool_kfree+0x10/0x10 [ 16.157707] ? __pfx_read_tsc+0x10/0x10 [ 16.157730] ? ktime_get_ts64+0x86/0x230 [ 16.157760] kunit_try_run_case+0x1a5/0x480 [ 16.157789] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.157811] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.157838] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.157862] ? __kthread_parkme+0x82/0x180 [ 16.157887] ? preempt_count_sub+0x50/0x80 [ 16.157912] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.157937] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.157961] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.157985] kthread+0x337/0x6f0 [ 16.158003] ? trace_preempt_on+0x20/0xc0 [ 16.158029] ? __pfx_kthread+0x10/0x10 [ 16.158049] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.158078] ? calculate_sigpending+0x7b/0xa0 [ 16.158110] ? __pfx_kthread+0x10/0x10 [ 16.158130] ret_from_fork+0x41/0x80 [ 16.158152] ? __pfx_kthread+0x10/0x10 [ 16.158171] ret_from_fork_asm+0x1a/0x30 [ 16.158235] </TASK> [ 16.158258] [ 16.172974] Allocated by task 248: [ 16.173406] kasan_save_stack+0x45/0x70 [ 16.173830] kasan_save_track+0x18/0x40 [ 16.174224] kasan_save_alloc_info+0x3b/0x50 [ 16.174450] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 16.174973] remove_element+0x11e/0x190 [ 16.175587] mempool_alloc_preallocated+0x4d/0x90 [ 16.175943] mempool_uaf_helper+0x96/0x400 [ 16.176662] mempool_kmalloc_uaf+0xef/0x140 [ 16.177020] kunit_try_run_case+0x1a5/0x480 [ 16.177838] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.178321] kthread+0x337/0x6f0 [ 16.178540] ret_from_fork+0x41/0x80 [ 16.178729] ret_from_fork_asm+0x1a/0x30 [ 16.178925] [ 16.179105] Freed by task 248: [ 16.179667] kasan_save_stack+0x45/0x70 [ 16.180035] kasan_save_track+0x18/0x40 [ 16.180957] kasan_save_free_info+0x3f/0x60 [ 16.181622] __kasan_mempool_poison_object+0x131/0x1d0 [ 16.182103] mempool_free+0x2ec/0x380 [ 16.182502] mempool_uaf_helper+0x11a/0x400 [ 16.182944] mempool_kmalloc_uaf+0xef/0x140 [ 16.183597] kunit_try_run_case+0x1a5/0x480 [ 16.183914] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.184602] kthread+0x337/0x6f0 [ 16.184780] ret_from_fork+0x41/0x80 [ 16.185543] ret_from_fork_asm+0x1a/0x30 [ 16.185725] [ 16.185883] The buggy address belongs to the object at ffff888102b20100 [ 16.185883] which belongs to the cache kmalloc-128 of size 128 [ 16.186847] The buggy address is located 0 bytes inside of [ 16.186847] freed 128-byte region [ffff888102b20100, ffff888102b20180) [ 16.187750] [ 16.187948] The buggy address belongs to the physical page: [ 16.188734] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b20 [ 16.189626] flags: 0x200000000000000(node=0|zone=2) [ 16.189960] page_type: f5(slab) [ 16.190428] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.190852] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.191583] page dumped because: kasan: bad access detected [ 16.192011] [ 16.192136] Memory state around the buggy address: [ 16.192770] ffff888102b20000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.193113] ffff888102b20080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.194128] >ffff888102b20100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.194630] ^ [ 16.194933] ffff888102b20180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.195678] ffff888102b20200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.196033] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 16.029084] ================================================================== [ 16.029659] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 16.029998] Read of size 1 at addr ffff8881029e5d73 by task kunit_try_catch/242 [ 16.030973] [ 16.031242] CPU: 1 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 16.031373] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.031404] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.031457] Call Trace: [ 16.031489] <TASK> [ 16.031675] dump_stack_lvl+0x73/0xb0 [ 16.031763] print_report+0xd1/0x650 [ 16.031815] ? __virt_addr_valid+0x1db/0x2d0 [ 16.031865] ? mempool_oob_right_helper+0x318/0x380 [ 16.031911] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.031960] ? mempool_oob_right_helper+0x318/0x380 [ 16.032002] kasan_report+0x141/0x180 [ 16.032080] ? mempool_oob_right_helper+0x318/0x380 [ 16.032150] __asan_report_load1_noabort+0x18/0x20 [ 16.032197] mempool_oob_right_helper+0x318/0x380 [ 16.032250] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 16.032303] ? dequeue_entities+0x852/0x1740 [ 16.032379] ? finish_task_switch.isra.0+0x153/0x700 [ 16.032493] mempool_kmalloc_oob_right+0xf2/0x150 [ 16.032540] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 16.032573] ? dequeue_task_fair+0x166/0x4e0 [ 16.032598] ? __pfx_mempool_kmalloc+0x10/0x10 [ 16.032622] ? __pfx_mempool_kfree+0x10/0x10 [ 16.032646] ? __pfx_read_tsc+0x10/0x10 [ 16.032668] ? ktime_get_ts64+0x86/0x230 [ 16.032696] kunit_try_run_case+0x1a5/0x480 [ 16.032725] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.032747] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.032773] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.032799] ? __kthread_parkme+0x82/0x180 [ 16.032824] ? preempt_count_sub+0x50/0x80 [ 16.032850] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.032874] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.032898] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.032922] kthread+0x337/0x6f0 [ 16.032941] ? trace_preempt_on+0x20/0xc0 [ 16.032966] ? __pfx_kthread+0x10/0x10 [ 16.032986] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.033009] ? calculate_sigpending+0x7b/0xa0 [ 16.033048] ? __pfx_kthread+0x10/0x10 [ 16.033073] ret_from_fork+0x41/0x80 [ 16.033104] ? __pfx_kthread+0x10/0x10 [ 16.033125] ret_from_fork_asm+0x1a/0x30 [ 16.033160] </TASK> [ 16.033175] [ 16.046798] Allocated by task 242: [ 16.047009] kasan_save_stack+0x45/0x70 [ 16.047219] kasan_save_track+0x18/0x40 [ 16.047402] kasan_save_alloc_info+0x3b/0x50 [ 16.047575] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 16.047761] remove_element+0x11e/0x190 [ 16.047911] mempool_alloc_preallocated+0x4d/0x90 [ 16.048093] mempool_oob_right_helper+0x8a/0x380 [ 16.048462] mempool_kmalloc_oob_right+0xf2/0x150 [ 16.048678] kunit_try_run_case+0x1a5/0x480 [ 16.048867] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.049093] kthread+0x337/0x6f0 [ 16.049249] ret_from_fork+0x41/0x80 [ 16.049440] ret_from_fork_asm+0x1a/0x30 [ 16.049621] [ 16.051294] The buggy address belongs to the object at ffff8881029e5d00 [ 16.051294] which belongs to the cache kmalloc-128 of size 128 [ 16.051759] The buggy address is located 0 bytes to the right of [ 16.051759] allocated 115-byte region [ffff8881029e5d00, ffff8881029e5d73) [ 16.052283] [ 16.052880] The buggy address belongs to the physical page: [ 16.055485] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e5 [ 16.055817] flags: 0x200000000000000(node=0|zone=2) [ 16.056056] page_type: f5(slab) [ 16.057757] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.058849] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.059892] page dumped because: kasan: bad access detected [ 16.060119] [ 16.060231] Memory state around the buggy address: [ 16.060477] ffff8881029e5c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.060735] ffff8881029e5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.061705] >ffff8881029e5d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.061998] ^ [ 16.062438] ffff8881029e5d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.062907] ffff8881029e5e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.063287] ================================================================== [ 16.111085] ================================================================== [ 16.111630] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 16.112453] Read of size 1 at addr ffff8881026102bb by task kunit_try_catch/246 [ 16.113175] [ 16.113482] CPU: 0 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 16.113765] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.113785] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.113815] Call Trace: [ 16.113833] <TASK> [ 16.113862] dump_stack_lvl+0x73/0xb0 [ 16.113906] print_report+0xd1/0x650 [ 16.113938] ? __virt_addr_valid+0x1db/0x2d0 [ 16.113968] ? mempool_oob_right_helper+0x318/0x380 [ 16.113996] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.114023] ? mempool_oob_right_helper+0x318/0x380 [ 16.114050] kasan_report+0x141/0x180 [ 16.114104] ? mempool_oob_right_helper+0x318/0x380 [ 16.114138] __asan_report_load1_noabort+0x18/0x20 [ 16.114163] mempool_oob_right_helper+0x318/0x380 [ 16.114192] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 16.114228] mempool_slab_oob_right+0xed/0x140 [ 16.114253] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 16.114276] ? dequeue_task_fair+0x166/0x4e0 [ 16.114306] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 16.114349] ? __pfx_mempool_free_slab+0x10/0x10 [ 16.114382] ? __pfx_read_tsc+0x10/0x10 [ 16.114406] ? ktime_get_ts64+0x86/0x230 [ 16.114437] kunit_try_run_case+0x1a5/0x480 [ 16.114468] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.114494] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.114524] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.114552] ? __kthread_parkme+0x82/0x180 [ 16.114581] ? preempt_count_sub+0x50/0x80 [ 16.114612] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.114638] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.114665] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.114691] kthread+0x337/0x6f0 [ 16.114714] ? trace_preempt_on+0x20/0xc0 [ 16.114742] ? __pfx_kthread+0x10/0x10 [ 16.114765] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.114791] ? calculate_sigpending+0x7b/0xa0 [ 16.114818] ? __pfx_kthread+0x10/0x10 [ 16.114841] ret_from_fork+0x41/0x80 [ 16.114865] ? __pfx_kthread+0x10/0x10 [ 16.114886] ret_from_fork_asm+0x1a/0x30 [ 16.114923] </TASK> [ 16.114936] [ 16.126266] Allocated by task 246: [ 16.126531] kasan_save_stack+0x45/0x70 [ 16.126869] kasan_save_track+0x18/0x40 [ 16.127126] kasan_save_alloc_info+0x3b/0x50 [ 16.127328] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 16.127850] remove_element+0x11e/0x190 [ 16.128247] mempool_alloc_preallocated+0x4d/0x90 [ 16.128551] mempool_oob_right_helper+0x8a/0x380 [ 16.128827] mempool_slab_oob_right+0xed/0x140 [ 16.129033] kunit_try_run_case+0x1a5/0x480 [ 16.129419] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.129869] kthread+0x337/0x6f0 [ 16.130186] ret_from_fork+0x41/0x80 [ 16.130418] ret_from_fork_asm+0x1a/0x30 [ 16.130700] [ 16.130868] The buggy address belongs to the object at ffff888102610240 [ 16.130868] which belongs to the cache test_cache of size 123 [ 16.131442] The buggy address is located 0 bytes to the right of [ 16.131442] allocated 123-byte region [ffff888102610240, ffff8881026102bb) [ 16.131881] [ 16.132015] The buggy address belongs to the physical page: [ 16.132468] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102610 [ 16.133251] flags: 0x200000000000000(node=0|zone=2) [ 16.133689] page_type: f5(slab) [ 16.134033] raw: 0200000000000000 ffff8881016a0dc0 dead000000000122 0000000000000000 [ 16.134538] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 16.134819] page dumped because: kasan: bad access detected [ 16.135038] [ 16.135252] Memory state around the buggy address: [ 16.135663] ffff888102610180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.136467] ffff888102610200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 16.136917] >ffff888102610280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 16.137451] ^ [ 16.137854] ffff888102610300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.138154] ffff888102610380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.138938] ================================================================== [ 16.071032] ================================================================== [ 16.072259] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 16.072959] Read of size 1 at addr ffff888102b1e001 by task kunit_try_catch/244 [ 16.073602] [ 16.074025] CPU: 0 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 16.074487] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.074521] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.074569] Call Trace: [ 16.074596] <TASK> [ 16.074634] dump_stack_lvl+0x73/0xb0 [ 16.074685] print_report+0xd1/0x650 [ 16.074716] ? __virt_addr_valid+0x1db/0x2d0 [ 16.074745] ? mempool_oob_right_helper+0x318/0x380 [ 16.074773] ? kasan_addr_to_slab+0x11/0xa0 [ 16.074798] ? mempool_oob_right_helper+0x318/0x380 [ 16.074825] kasan_report+0x141/0x180 [ 16.074851] ? mempool_oob_right_helper+0x318/0x380 [ 16.074884] __asan_report_load1_noabort+0x18/0x20 [ 16.074908] mempool_oob_right_helper+0x318/0x380 [ 16.074935] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 16.074961] ? update_load_avg+0x1be/0x21b0 [ 16.074986] ? dequeue_entities+0x27e/0x1740 [ 16.075013] ? finish_task_switch.isra.0+0x153/0x700 [ 16.075044] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 16.075080] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 16.075121] ? dequeue_task_fair+0x166/0x4e0 [ 16.075151] ? __pfx_mempool_kmalloc+0x10/0x10 [ 16.075177] ? __pfx_mempool_kfree+0x10/0x10 [ 16.075205] ? __pfx_read_tsc+0x10/0x10 [ 16.075243] ? ktime_get_ts64+0x86/0x230 [ 16.075289] kunit_try_run_case+0x1a5/0x480 [ 16.075349] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.075390] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.075437] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.075466] ? __kthread_parkme+0x82/0x180 [ 16.075494] ? preempt_count_sub+0x50/0x80 [ 16.075523] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.075550] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.075576] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.075602] kthread+0x337/0x6f0 [ 16.075623] ? trace_preempt_on+0x20/0xc0 [ 16.075652] ? __pfx_kthread+0x10/0x10 [ 16.075673] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.075699] ? calculate_sigpending+0x7b/0xa0 [ 16.075726] ? __pfx_kthread+0x10/0x10 [ 16.075748] ret_from_fork+0x41/0x80 [ 16.075772] ? __pfx_kthread+0x10/0x10 [ 16.075792] ret_from_fork_asm+0x1a/0x30 [ 16.075831] </TASK> [ 16.075844] [ 16.092156] The buggy address belongs to the physical page: [ 16.092789] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b1c [ 16.093351] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.093966] flags: 0x200000000000040(head|node=0|zone=2) [ 16.094241] page_type: f8(unknown) [ 16.095372] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.095790] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.096447] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.096848] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.097632] head: 0200000000000002 ffffea00040ac701 00000000ffffffff 00000000ffffffff [ 16.098008] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.098930] page dumped because: kasan: bad access detected [ 16.099415] [ 16.099761] Memory state around the buggy address: [ 16.100093] ffff888102b1df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.100817] ffff888102b1df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.101530] >ffff888102b1e000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.101855] ^ [ 16.102172] ffff888102b1e080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.102489] ffff888102b1e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.102801] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 15.436863] ================================================================== [ 15.437760] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 15.438151] Read of size 1 at addr ffff888101c20dc0 by task kunit_try_catch/236 [ 15.438758] [ 15.438991] CPU: 1 UID: 0 PID: 236 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 15.439099] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.439127] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.439176] Call Trace: [ 15.439206] <TASK> [ 15.439245] dump_stack_lvl+0x73/0xb0 [ 15.439305] print_report+0xd1/0x650 [ 15.439366] ? __virt_addr_valid+0x1db/0x2d0 [ 15.439414] ? kmem_cache_double_destroy+0x1bf/0x380 [ 15.439463] ? kasan_complete_mode_report_info+0x64/0x200 [ 15.439511] ? kmem_cache_double_destroy+0x1bf/0x380 [ 15.439561] kasan_report+0x141/0x180 [ 15.439611] ? kmem_cache_double_destroy+0x1bf/0x380 [ 15.439663] ? kmem_cache_double_destroy+0x1bf/0x380 [ 15.439700] __kasan_check_byte+0x3d/0x50 [ 15.439745] kmem_cache_destroy+0x25/0x1d0 [ 15.439793] kmem_cache_double_destroy+0x1bf/0x380 [ 15.439833] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 15.439871] ? finish_task_switch.isra.0+0x153/0x700 [ 15.439916] ? __switch_to+0x5d9/0xf60 [ 15.439959] ? dequeue_task_fair+0x166/0x4e0 [ 15.440010] ? __pfx_read_tsc+0x10/0x10 [ 15.440046] ? ktime_get_ts64+0x86/0x230 [ 15.440132] kunit_try_run_case+0x1a5/0x480 [ 15.440187] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.440234] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.440286] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.440325] ? __kthread_parkme+0x82/0x180 [ 15.440374] ? preempt_count_sub+0x50/0x80 [ 15.440401] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.440426] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.440451] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.440476] kthread+0x337/0x6f0 [ 15.440495] ? trace_preempt_on+0x20/0xc0 [ 15.440521] ? __pfx_kthread+0x10/0x10 [ 15.440541] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.440564] ? calculate_sigpending+0x7b/0xa0 [ 15.440589] ? __pfx_kthread+0x10/0x10 [ 15.440609] ret_from_fork+0x41/0x80 [ 15.440630] ? __pfx_kthread+0x10/0x10 [ 15.440650] ret_from_fork_asm+0x1a/0x30 [ 15.440684] </TASK> [ 15.440698] [ 15.450996] Allocated by task 236: [ 15.451406] kasan_save_stack+0x45/0x70 [ 15.451822] kasan_save_track+0x18/0x40 [ 15.452254] kasan_save_alloc_info+0x3b/0x50 [ 15.452515] __kasan_slab_alloc+0x91/0xa0 [ 15.452717] kmem_cache_alloc_noprof+0x123/0x3f0 [ 15.453218] __kmem_cache_create_args+0x169/0x240 [ 15.453698] kmem_cache_double_destroy+0xd5/0x380 [ 15.454382] kunit_try_run_case+0x1a5/0x480 [ 15.454664] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.455028] kthread+0x337/0x6f0 [ 15.455513] ret_from_fork+0x41/0x80 [ 15.455953] ret_from_fork_asm+0x1a/0x30 [ 15.456562] [ 15.456706] Freed by task 236: [ 15.456860] kasan_save_stack+0x45/0x70 [ 15.457164] kasan_save_track+0x18/0x40 [ 15.457370] kasan_save_free_info+0x3f/0x60 [ 15.457718] __kasan_slab_free+0x56/0x70 [ 15.458033] kmem_cache_free+0x249/0x420 [ 15.458248] slab_kmem_cache_release+0x2e/0x40 [ 15.458459] kmem_cache_release+0x16/0x20 [ 15.458654] kobject_put+0x181/0x450 [ 15.458847] sysfs_slab_release+0x16/0x20 [ 15.459193] kmem_cache_destroy+0xf0/0x1d0 [ 15.459424] kmem_cache_double_destroy+0x14e/0x380 [ 15.459730] kunit_try_run_case+0x1a5/0x480 [ 15.460099] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.460447] kthread+0x337/0x6f0 [ 15.460647] ret_from_fork+0x41/0x80 [ 15.460832] ret_from_fork_asm+0x1a/0x30 [ 15.461219] [ 15.461403] The buggy address belongs to the object at ffff888101c20dc0 [ 15.461403] which belongs to the cache kmem_cache of size 208 [ 15.462053] The buggy address is located 0 bytes inside of [ 15.462053] freed 208-byte region [ffff888101c20dc0, ffff888101c20e90) [ 15.462732] [ 15.462899] The buggy address belongs to the physical page: [ 15.463353] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c20 [ 15.463809] flags: 0x200000000000000(node=0|zone=2) [ 15.464124] page_type: f5(slab) [ 15.464316] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 15.464789] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 15.465402] page dumped because: kasan: bad access detected [ 15.465633] [ 15.465809] Memory state around the buggy address: [ 15.466183] ffff888101c20c80: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.466553] ffff888101c20d00: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 15.467098] >ffff888101c20d80: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 15.467577] ^ [ 15.467942] ffff888101c20e00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.468295] ffff888101c20e80: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.468721] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 15.359677] ================================================================== [ 15.360266] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 15.360785] Read of size 1 at addr ffff888100aba000 by task kunit_try_catch/234 [ 15.362005] [ 15.362807] CPU: 1 UID: 0 PID: 234 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 15.362917] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.362942] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.362988] Call Trace: [ 15.363015] <TASK> [ 15.363054] dump_stack_lvl+0x73/0xb0 [ 15.363124] print_report+0xd1/0x650 [ 15.363170] ? __virt_addr_valid+0x1db/0x2d0 [ 15.363198] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 15.363250] ? kasan_complete_mode_report_info+0x64/0x200 [ 15.363297] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 15.363332] kasan_report+0x141/0x180 [ 15.363388] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 15.363431] __asan_report_load1_noabort+0x18/0x20 [ 15.363466] kmem_cache_rcu_uaf+0x3e3/0x510 [ 15.363500] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 15.363531] ? finish_task_switch.isra.0+0x153/0x700 [ 15.363572] ? __switch_to+0x5d9/0xf60 [ 15.363601] ? dequeue_task_fair+0x166/0x4e0 [ 15.363630] ? __pfx_read_tsc+0x10/0x10 [ 15.363650] ? ktime_get_ts64+0x86/0x230 [ 15.363679] kunit_try_run_case+0x1a5/0x480 [ 15.363707] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.363728] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.363756] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.363779] ? __kthread_parkme+0x82/0x180 [ 15.363802] ? preempt_count_sub+0x50/0x80 [ 15.363826] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.363850] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.363873] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.363896] kthread+0x337/0x6f0 [ 15.363914] ? trace_preempt_on+0x20/0xc0 [ 15.363939] ? __pfx_kthread+0x10/0x10 [ 15.363957] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.363979] ? calculate_sigpending+0x7b/0xa0 [ 15.364002] ? __pfx_kthread+0x10/0x10 [ 15.364021] ret_from_fork+0x41/0x80 [ 15.364042] ? __pfx_kthread+0x10/0x10 [ 15.364070] ret_from_fork_asm+0x1a/0x30 [ 15.364116] </TASK> [ 15.364130] [ 15.376461] Allocated by task 234: [ 15.377374] kasan_save_stack+0x45/0x70 [ 15.378037] kasan_save_track+0x18/0x40 [ 15.378376] kasan_save_alloc_info+0x3b/0x50 [ 15.378819] __kasan_slab_alloc+0x91/0xa0 [ 15.379140] kmem_cache_alloc_noprof+0x123/0x3f0 [ 15.379719] kmem_cache_rcu_uaf+0x155/0x510 [ 15.379951] kunit_try_run_case+0x1a5/0x480 [ 15.380789] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.381432] kthread+0x337/0x6f0 [ 15.381887] ret_from_fork+0x41/0x80 [ 15.382109] ret_from_fork_asm+0x1a/0x30 [ 15.382567] [ 15.382797] Freed by task 0: [ 15.383277] kasan_save_stack+0x45/0x70 [ 15.383714] kasan_save_track+0x18/0x40 [ 15.384073] kasan_save_free_info+0x3f/0x60 [ 15.384486] __kasan_slab_free+0x56/0x70 [ 15.385005] slab_free_after_rcu_debug+0xe4/0x310 [ 15.385465] rcu_core+0x66c/0x1c30 [ 15.385697] rcu_core_si+0x12/0x20 [ 15.386000] handle_softirqs+0x209/0x730 [ 15.386380] __irq_exit_rcu+0xc9/0x110 [ 15.387302] irq_exit_rcu+0x12/0x20 [ 15.387811] sysvec_apic_timer_interrupt+0x81/0x90 [ 15.388211] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 15.388842] [ 15.389065] Last potentially related work creation: [ 15.389321] kasan_save_stack+0x45/0x70 [ 15.389870] kasan_record_aux_stack+0xb2/0xc0 [ 15.390239] kmem_cache_free+0x131/0x420 [ 15.391592] kmem_cache_rcu_uaf+0x194/0x510 [ 15.391909] kunit_try_run_case+0x1a5/0x480 [ 15.392303] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.392774] kthread+0x337/0x6f0 [ 15.393109] ret_from_fork+0x41/0x80 [ 15.393455] ret_from_fork_asm+0x1a/0x30 [ 15.394063] [ 15.394225] The buggy address belongs to the object at ffff888100aba000 [ 15.394225] which belongs to the cache test_cache of size 200 [ 15.395456] The buggy address is located 0 bytes inside of [ 15.395456] freed 200-byte region [ffff888100aba000, ffff888100aba0c8) [ 15.396721] [ 15.396915] The buggy address belongs to the physical page: [ 15.397203] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aba [ 15.398035] flags: 0x200000000000000(node=0|zone=2) [ 15.398367] page_type: f5(slab) [ 15.398818] raw: 0200000000000000 ffff888101c20c80 dead000000000122 0000000000000000 [ 15.399630] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 15.400187] page dumped because: kasan: bad access detected [ 15.400614] [ 15.401112] Memory state around the buggy address: [ 15.401740] ffff888100ab9f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.402221] ffff888100ab9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.403109] >ffff888100aba000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.403742] ^ [ 15.404218] ffff888100aba080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 15.404800] ffff888100aba100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.405218] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 15.280701] ================================================================== [ 15.281378] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 15.281941] Free of addr ffff888102609001 by task kunit_try_catch/232 [ 15.282817] [ 15.282991] CPU: 0 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 15.283074] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.283095] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.283121] Call Trace: [ 15.283138] <TASK> [ 15.283166] dump_stack_lvl+0x73/0xb0 [ 15.283369] print_report+0xd1/0x650 [ 15.283747] ? __virt_addr_valid+0x1db/0x2d0 [ 15.283877] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.283935] ? kmem_cache_invalid_free+0x1d8/0x460 [ 15.283990] kasan_report_invalid_free+0x10a/0x130 [ 15.284049] ? kmem_cache_invalid_free+0x1d8/0x460 [ 15.284113] ? kmem_cache_invalid_free+0x1d8/0x460 [ 15.284156] check_slab_allocation+0x11f/0x130 [ 15.284196] __kasan_slab_pre_free+0x28/0x40 [ 15.284235] kmem_cache_free+0xed/0x420 [ 15.284273] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 15.284310] ? kmem_cache_invalid_free+0x1d8/0x460 [ 15.284366] kmem_cache_invalid_free+0x1d8/0x460 [ 15.284393] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 15.284418] ? finish_task_switch.isra.0+0x153/0x700 [ 15.284448] ? __switch_to+0x5d9/0xf60 [ 15.284474] ? dequeue_task_fair+0x166/0x4e0 [ 15.284505] ? __pfx_read_tsc+0x10/0x10 [ 15.284528] ? ktime_get_ts64+0x86/0x230 [ 15.284559] kunit_try_run_case+0x1a5/0x480 [ 15.284589] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.284614] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.284645] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.284674] ? __kthread_parkme+0x82/0x180 [ 15.284701] ? preempt_count_sub+0x50/0x80 [ 15.284729] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.284756] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.284784] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.284812] kthread+0x337/0x6f0 [ 15.284831] ? trace_preempt_on+0x20/0xc0 [ 15.284859] ? __pfx_kthread+0x10/0x10 [ 15.284880] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.284906] ? calculate_sigpending+0x7b/0xa0 [ 15.284931] ? __pfx_kthread+0x10/0x10 [ 15.284953] ret_from_fork+0x41/0x80 [ 15.284976] ? __pfx_kthread+0x10/0x10 [ 15.284997] ret_from_fork_asm+0x1a/0x30 [ 15.285046] </TASK> [ 15.285060] [ 15.298461] Allocated by task 232: [ 15.298857] kasan_save_stack+0x45/0x70 [ 15.299510] kasan_save_track+0x18/0x40 [ 15.299730] kasan_save_alloc_info+0x3b/0x50 [ 15.299930] __kasan_slab_alloc+0x91/0xa0 [ 15.300137] kmem_cache_alloc_noprof+0x123/0x3f0 [ 15.300512] kmem_cache_invalid_free+0x157/0x460 [ 15.300886] kunit_try_run_case+0x1a5/0x480 [ 15.301462] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.302037] kthread+0x337/0x6f0 [ 15.302525] ret_from_fork+0x41/0x80 [ 15.302852] ret_from_fork_asm+0x1a/0x30 [ 15.303906] [ 15.304057] The buggy address belongs to the object at ffff888102609000 [ 15.304057] which belongs to the cache test_cache of size 200 [ 15.304786] The buggy address is located 1 bytes inside of [ 15.304786] 200-byte region [ffff888102609000, ffff8881026090c8) [ 15.305598] [ 15.305798] The buggy address belongs to the physical page: [ 15.306406] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102609 [ 15.306821] flags: 0x200000000000000(node=0|zone=2) [ 15.307061] page_type: f5(slab) [ 15.307368] raw: 0200000000000000 ffff8881016a0a00 dead000000000122 0000000000000000 [ 15.308061] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 15.309209] page dumped because: kasan: bad access detected [ 15.309665] [ 15.309896] Memory state around the buggy address: [ 15.310553] ffff888102608f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.310950] ffff888102608f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.311547] >ffff888102609000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.312139] ^ [ 15.312640] ffff888102609080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 15.313170] ffff888102609100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.313451] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 15.218020] ================================================================== [ 15.218835] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 15.219690] Free of addr ffff888100ab8000 by task kunit_try_catch/230 [ 15.220079] [ 15.220229] CPU: 1 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 15.220500] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.220526] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.220570] Call Trace: [ 15.220601] <TASK> [ 15.220642] dump_stack_lvl+0x73/0xb0 [ 15.220707] print_report+0xd1/0x650 [ 15.220759] ? __virt_addr_valid+0x1db/0x2d0 [ 15.220806] ? kasan_complete_mode_report_info+0x64/0x200 [ 15.220883] ? kmem_cache_double_free+0x1e5/0x480 [ 15.220926] kasan_report_invalid_free+0x10a/0x130 [ 15.220975] ? kmem_cache_double_free+0x1e5/0x480 [ 15.221037] ? kmem_cache_double_free+0x1e5/0x480 [ 15.221085] check_slab_allocation+0x101/0x130 [ 15.221134] __kasan_slab_pre_free+0x28/0x40 [ 15.221183] kmem_cache_free+0xed/0x420 [ 15.221229] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 15.221267] ? kmem_cache_double_free+0x1e5/0x480 [ 15.221320] kmem_cache_double_free+0x1e5/0x480 [ 15.221386] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 15.221432] ? finish_task_switch.isra.0+0x153/0x700 [ 15.221567] ? __switch_to+0x5d9/0xf60 [ 15.221614] ? dequeue_task_fair+0x166/0x4e0 [ 15.221660] ? __pfx_read_tsc+0x10/0x10 [ 15.221683] ? ktime_get_ts64+0x86/0x230 [ 15.221713] kunit_try_run_case+0x1a5/0x480 [ 15.221742] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.221765] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.221792] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.221817] ? __kthread_parkme+0x82/0x180 [ 15.221841] ? preempt_count_sub+0x50/0x80 [ 15.221867] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.221898] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.221927] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.221951] kthread+0x337/0x6f0 [ 15.221970] ? trace_preempt_on+0x20/0xc0 [ 15.221995] ? __pfx_kthread+0x10/0x10 [ 15.222015] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.222037] ? calculate_sigpending+0x7b/0xa0 [ 15.222060] ? __pfx_kthread+0x10/0x10 [ 15.222108] ret_from_fork+0x41/0x80 [ 15.222132] ? __pfx_kthread+0x10/0x10 [ 15.222152] ret_from_fork_asm+0x1a/0x30 [ 15.222185] </TASK> [ 15.222199] [ 15.238775] Allocated by task 230: [ 15.238996] kasan_save_stack+0x45/0x70 [ 15.239663] kasan_save_track+0x18/0x40 [ 15.240063] kasan_save_alloc_info+0x3b/0x50 [ 15.240508] __kasan_slab_alloc+0x91/0xa0 [ 15.240952] kmem_cache_alloc_noprof+0x123/0x3f0 [ 15.241569] kmem_cache_double_free+0x14f/0x480 [ 15.242018] kunit_try_run_case+0x1a5/0x480 [ 15.242568] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.243008] kthread+0x337/0x6f0 [ 15.243173] ret_from_fork+0x41/0x80 [ 15.243521] ret_from_fork_asm+0x1a/0x30 [ 15.243812] [ 15.243930] Freed by task 230: [ 15.244706] kasan_save_stack+0x45/0x70 [ 15.245061] kasan_save_track+0x18/0x40 [ 15.245896] kasan_save_free_info+0x3f/0x60 [ 15.246506] __kasan_slab_free+0x56/0x70 [ 15.246786] kmem_cache_free+0x249/0x420 [ 15.246947] kmem_cache_double_free+0x16a/0x480 [ 15.247331] kunit_try_run_case+0x1a5/0x480 [ 15.247681] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.248395] kthread+0x337/0x6f0 [ 15.248724] ret_from_fork+0x41/0x80 [ 15.248918] ret_from_fork_asm+0x1a/0x30 [ 15.249514] [ 15.249672] The buggy address belongs to the object at ffff888100ab8000 [ 15.249672] which belongs to the cache test_cache of size 200 [ 15.251000] The buggy address is located 0 bytes inside of [ 15.251000] 200-byte region [ffff888100ab8000, ffff888100ab80c8) [ 15.251744] [ 15.251944] The buggy address belongs to the physical page: [ 15.252597] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100ab8 [ 15.253170] flags: 0x200000000000000(node=0|zone=2) [ 15.253772] page_type: f5(slab) [ 15.253940] raw: 0200000000000000 ffff888101c20b40 dead000000000122 0000000000000000 [ 15.254736] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 15.255353] page dumped because: kasan: bad access detected [ 15.255764] [ 15.255884] Memory state around the buggy address: [ 15.256426] ffff888100ab7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.256795] ffff888100ab7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.257139] >ffff888100ab8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.257897] ^ [ 15.258077] ffff888100ab8080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 15.258665] ffff888100ab8100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.259050] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 15.161114] ================================================================== [ 15.161718] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 15.162482] Read of size 1 at addr ffff888102b4e0c8 by task kunit_try_catch/228 [ 15.163252] [ 15.163537] CPU: 1 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 15.163644] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.163670] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.163718] Call Trace: [ 15.163750] <TASK> [ 15.163793] dump_stack_lvl+0x73/0xb0 [ 15.163857] print_report+0xd1/0x650 [ 15.164069] ? __virt_addr_valid+0x1db/0x2d0 [ 15.164123] ? kmem_cache_oob+0x402/0x530 [ 15.164168] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.164218] ? kmem_cache_oob+0x402/0x530 [ 15.164256] kasan_report+0x141/0x180 [ 15.164295] ? kmem_cache_oob+0x402/0x530 [ 15.164444] __asan_report_load1_noabort+0x18/0x20 [ 15.164492] kmem_cache_oob+0x402/0x530 [ 15.164523] ? trace_hardirqs_on+0x37/0xe0 [ 15.164565] ? __pfx_kmem_cache_oob+0x10/0x10 [ 15.164596] ? finish_task_switch.isra.0+0x153/0x700 [ 15.164635] ? __switch_to+0x5d9/0xf60 [ 15.164670] ? dequeue_task_fair+0x166/0x4e0 [ 15.164715] ? __pfx_read_tsc+0x10/0x10 [ 15.164736] ? ktime_get_ts64+0x86/0x230 [ 15.164764] kunit_try_run_case+0x1a5/0x480 [ 15.164791] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.164813] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.164839] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.164863] ? __kthread_parkme+0x82/0x180 [ 15.164886] ? preempt_count_sub+0x50/0x80 [ 15.164911] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.164934] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.164958] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.164981] kthread+0x337/0x6f0 [ 15.164999] ? trace_preempt_on+0x20/0xc0 [ 15.165037] ? __pfx_kthread+0x10/0x10 [ 15.165059] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.165104] ? calculate_sigpending+0x7b/0xa0 [ 15.165130] ? __pfx_kthread+0x10/0x10 [ 15.165151] ret_from_fork+0x41/0x80 [ 15.165173] ? __pfx_kthread+0x10/0x10 [ 15.165192] ret_from_fork_asm+0x1a/0x30 [ 15.165248] </TASK> [ 15.165269] [ 15.181028] Allocated by task 228: [ 15.181530] kasan_save_stack+0x45/0x70 [ 15.181812] kasan_save_track+0x18/0x40 [ 15.182141] kasan_save_alloc_info+0x3b/0x50 [ 15.183110] __kasan_slab_alloc+0x91/0xa0 [ 15.183358] kmem_cache_alloc_noprof+0x123/0x3f0 [ 15.183555] kmem_cache_oob+0x157/0x530 [ 15.184671] kunit_try_run_case+0x1a5/0x480 [ 15.184990] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.185363] kthread+0x337/0x6f0 [ 15.185596] ret_from_fork+0x41/0x80 [ 15.185836] ret_from_fork_asm+0x1a/0x30 [ 15.186073] [ 15.186234] The buggy address belongs to the object at ffff888102b4e000 [ 15.186234] which belongs to the cache test_cache of size 200 [ 15.187406] The buggy address is located 0 bytes to the right of [ 15.187406] allocated 200-byte region [ffff888102b4e000, ffff888102b4e0c8) [ 15.188627] [ 15.188841] The buggy address belongs to the physical page: [ 15.189207] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4e [ 15.189792] flags: 0x200000000000000(node=0|zone=2) [ 15.190728] page_type: f5(slab) [ 15.190937] raw: 0200000000000000 ffff888101c20a00 dead000000000122 0000000000000000 [ 15.191608] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 15.192015] page dumped because: kasan: bad access detected [ 15.192648] [ 15.192930] Memory state around the buggy address: [ 15.193411] ffff888102b4df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.193817] ffff888102b4e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.194564] >ffff888102b4e080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 15.195211] ^ [ 15.195683] ffff888102b4e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.196149] ffff888102b4e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.196639] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 15.100832] ================================================================== [ 15.101731] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 15.102050] Read of size 8 at addr ffff8881026070c0 by task kunit_try_catch/221 [ 15.102590] [ 15.102776] CPU: 0 UID: 0 PID: 221 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 15.102876] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.102901] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.102941] Call Trace: [ 15.102971] <TASK> [ 15.103009] dump_stack_lvl+0x73/0xb0 [ 15.103070] print_report+0xd1/0x650 [ 15.103118] ? __virt_addr_valid+0x1db/0x2d0 [ 15.103167] ? workqueue_uaf+0x4d6/0x560 [ 15.103207] ? kasan_complete_mode_report_info+0x64/0x200 [ 15.103252] ? workqueue_uaf+0x4d6/0x560 [ 15.103298] kasan_report+0x141/0x180 [ 15.103366] ? workqueue_uaf+0x4d6/0x560 [ 15.103420] __asan_report_load8_noabort+0x18/0x20 [ 15.103770] workqueue_uaf+0x4d6/0x560 [ 15.103846] ? __pfx_workqueue_uaf+0x10/0x10 [ 15.103886] ? __schedule+0x10cc/0x2b60 [ 15.103926] ? __pfx_read_tsc+0x10/0x10 [ 15.103962] ? ktime_get_ts64+0x86/0x230 [ 15.104006] kunit_try_run_case+0x1a5/0x480 [ 15.104049] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.104084] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.104125] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.104164] ? __kthread_parkme+0x82/0x180 [ 15.104201] ? preempt_count_sub+0x50/0x80 [ 15.104252] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.104295] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.104355] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.104395] kthread+0x337/0x6f0 [ 15.104426] ? trace_preempt_on+0x20/0xc0 [ 15.104477] ? __pfx_kthread+0x10/0x10 [ 15.104507] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.104551] ? calculate_sigpending+0x7b/0xa0 [ 15.104586] ? __pfx_kthread+0x10/0x10 [ 15.104621] ret_from_fork+0x41/0x80 [ 15.104663] ? __pfx_kthread+0x10/0x10 [ 15.104702] ret_from_fork_asm+0x1a/0x30 [ 15.104757] </TASK> [ 15.104776] [ 15.117758] Allocated by task 221: [ 15.118168] kasan_save_stack+0x45/0x70 [ 15.118700] kasan_save_track+0x18/0x40 [ 15.118962] kasan_save_alloc_info+0x3b/0x50 [ 15.119813] __kasan_kmalloc+0xb7/0xc0 [ 15.120179] __kmalloc_cache_noprof+0x189/0x420 [ 15.120736] workqueue_uaf+0x152/0x560 [ 15.121126] kunit_try_run_case+0x1a5/0x480 [ 15.121762] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.122059] kthread+0x337/0x6f0 [ 15.122649] ret_from_fork+0x41/0x80 [ 15.122964] ret_from_fork_asm+0x1a/0x30 [ 15.123667] [ 15.123942] Freed by task 72: [ 15.124043] kasan_save_stack+0x45/0x70 [ 15.124795] kasan_save_track+0x18/0x40 [ 15.125208] kasan_save_free_info+0x3f/0x60 [ 15.125577] __kasan_slab_free+0x56/0x70 [ 15.125946] kfree+0x222/0x3f0 [ 15.126212] workqueue_uaf_work+0x12/0x20 [ 15.126795] process_one_work+0x5ee/0xf60 [ 15.127610] worker_thread+0x758/0x1220 [ 15.127960] kthread+0x337/0x6f0 [ 15.128396] ret_from_fork+0x41/0x80 [ 15.128758] ret_from_fork_asm+0x1a/0x30 [ 15.129056] [ 15.129306] Last potentially related work creation: [ 15.129674] kasan_save_stack+0x45/0x70 [ 15.130052] kasan_record_aux_stack+0xb2/0xc0 [ 15.130665] __queue_work+0x626/0xeb0 [ 15.130941] queue_work_on+0xb6/0xc0 [ 15.131597] workqueue_uaf+0x26d/0x560 [ 15.131956] kunit_try_run_case+0x1a5/0x480 [ 15.132174] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.132568] kthread+0x337/0x6f0 [ 15.132874] ret_from_fork+0x41/0x80 [ 15.133108] ret_from_fork_asm+0x1a/0x30 [ 15.134135] [ 15.134505] The buggy address belongs to the object at ffff8881026070c0 [ 15.134505] which belongs to the cache kmalloc-32 of size 32 [ 15.135770] The buggy address is located 0 bytes inside of [ 15.135770] freed 32-byte region [ffff8881026070c0, ffff8881026070e0) [ 15.136654] [ 15.136858] The buggy address belongs to the physical page: [ 15.137390] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102607 [ 15.137913] flags: 0x200000000000000(node=0|zone=2) [ 15.138587] page_type: f5(slab) [ 15.138772] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 15.139350] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 15.140360] page dumped because: kasan: bad access detected [ 15.140767] [ 15.140944] Memory state around the buggy address: [ 15.141216] ffff888102606f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.141855] ffff888102607000: 00 00 03 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 15.142565] >ffff888102607080: 00 00 00 07 fc fc fc fc fa fb fb fb fc fc fc fc [ 15.143129] ^ [ 15.143986] ffff888102607100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.144477] ffff888102607180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.144927] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 15.044427] ================================================================== [ 15.044853] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 15.045052] Read of size 4 at addr ffff8881029eef00 by task swapper/1/0 [ 15.045386] [ 15.045533] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 15.045630] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.045653] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.045698] Call Trace: [ 15.045763] <IRQ> [ 15.045809] dump_stack_lvl+0x73/0xb0 [ 15.045870] print_report+0xd1/0x650 [ 15.045915] ? __virt_addr_valid+0x1db/0x2d0 [ 15.045969] ? rcu_uaf_reclaim+0x50/0x60 [ 15.046012] ? kasan_complete_mode_report_info+0x64/0x200 [ 15.046062] ? rcu_uaf_reclaim+0x50/0x60 [ 15.046105] kasan_report+0x141/0x180 [ 15.046147] ? rcu_uaf_reclaim+0x50/0x60 [ 15.046213] __asan_report_load4_noabort+0x18/0x20 [ 15.046266] rcu_uaf_reclaim+0x50/0x60 [ 15.046304] rcu_core+0x66c/0x1c30 [ 15.046364] ? enqueue_hrtimer+0xfe/0x210 [ 15.046410] ? __pfx_rcu_core+0x10/0x10 [ 15.046451] ? ktime_get+0x6b/0x150 [ 15.046489] ? handle_softirqs+0x18e/0x730 [ 15.046546] rcu_core_si+0x12/0x20 [ 15.046586] handle_softirqs+0x209/0x730 [ 15.046632] ? hrtimer_interrupt+0x2fe/0x780 [ 15.046688] ? __pfx_handle_softirqs+0x10/0x10 [ 15.046748] __irq_exit_rcu+0xc9/0x110 [ 15.046792] irq_exit_rcu+0x12/0x20 [ 15.046831] sysvec_apic_timer_interrupt+0x81/0x90 [ 15.046885] </IRQ> [ 15.046949] <TASK> [ 15.046971] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 15.047278] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 15.047761] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 43 ae 27 00 fb f4 <e9> fc 1f 02 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 15.047907] RSP: 0000:ffff88810086fdc8 EFLAGS: 00010216 [ 15.048038] RAX: ffff8881a0992000 RBX: ffff8881008353c0 RCX: ffffffffb820ef55 [ 15.048128] RDX: ffffed102b626103 RSI: 0000000000000004 RDI: 0000000000018dac [ 15.048198] RBP: ffff88810086fdd0 R08: 0000000000000001 R09: ffffed102b626102 [ 15.048272] R10: ffff88815b130813 R11: 0000000000026800 R12: 0000000000000001 [ 15.048349] R13: ffffed1020106a78 R14: ffffffffb9f9c210 R15: 0000000000000000 [ 15.048430] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 15.048475] ? default_idle+0xd/0x20 [ 15.048498] arch_cpu_idle+0xd/0x20 [ 15.048519] default_idle_call+0x48/0x80 [ 15.048539] do_idle+0x379/0x4f0 [ 15.048565] ? __pfx_do_idle+0x10/0x10 [ 15.048584] ? _raw_spin_unlock_irqrestore+0x49/0x90 [ 15.048612] ? complete+0x15b/0x1d0 [ 15.048637] cpu_startup_entry+0x5c/0x70 [ 15.048659] start_secondary+0x211/0x290 [ 15.048683] ? __pfx_start_secondary+0x10/0x10 [ 15.048709] common_startup_64+0x13e/0x148 [ 15.048744] </TASK> [ 15.048758] [ 15.065796] Allocated by task 219: [ 15.066377] kasan_save_stack+0x45/0x70 [ 15.066800] kasan_save_track+0x18/0x40 [ 15.067168] kasan_save_alloc_info+0x3b/0x50 [ 15.067698] __kasan_kmalloc+0xb7/0xc0 [ 15.068009] __kmalloc_cache_noprof+0x189/0x420 [ 15.068520] rcu_uaf+0xb0/0x330 [ 15.068835] kunit_try_run_case+0x1a5/0x480 [ 15.069705] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.070387] kthread+0x337/0x6f0 [ 15.070761] ret_from_fork+0x41/0x80 [ 15.070975] ret_from_fork_asm+0x1a/0x30 [ 15.071503] [ 15.071708] Freed by task 0: [ 15.071880] kasan_save_stack+0x45/0x70 [ 15.072436] kasan_save_track+0x18/0x40 [ 15.072768] kasan_save_free_info+0x3f/0x60 [ 15.073115] __kasan_slab_free+0x56/0x70 [ 15.073620] kfree+0x222/0x3f0 [ 15.073945] rcu_uaf_reclaim+0x1f/0x60 [ 15.074355] rcu_core+0x66c/0x1c30 [ 15.074666] rcu_core_si+0x12/0x20 [ 15.074964] handle_softirqs+0x209/0x730 [ 15.075801] __irq_exit_rcu+0xc9/0x110 [ 15.076152] irq_exit_rcu+0x12/0x20 [ 15.076635] sysvec_apic_timer_interrupt+0x81/0x90 [ 15.076953] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 15.077484] [ 15.077765] Last potentially related work creation: [ 15.078101] kasan_save_stack+0x45/0x70 [ 15.078654] kasan_record_aux_stack+0xb2/0xc0 [ 15.078933] __call_rcu_common.constprop.0+0x72/0x9c0 [ 15.079550] call_rcu+0x12/0x20 [ 15.079789] rcu_uaf+0x168/0x330 [ 15.080036] kunit_try_run_case+0x1a5/0x480 [ 15.080807] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.081129] kthread+0x337/0x6f0 [ 15.081373] ret_from_fork+0x41/0x80 [ 15.081678] ret_from_fork_asm+0x1a/0x30 [ 15.082081] [ 15.082305] The buggy address belongs to the object at ffff8881029eef00 [ 15.082305] which belongs to the cache kmalloc-32 of size 32 [ 15.083022] The buggy address is located 0 bytes inside of [ 15.083022] freed 32-byte region [ffff8881029eef00, ffff8881029eef20) [ 15.083738] [ 15.084088] The buggy address belongs to the physical page: [ 15.084569] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ee [ 15.085387] flags: 0x200000000000000(node=0|zone=2) [ 15.086552] page_type: f5(slab) [ 15.086896] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 15.087390] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 15.087914] page dumped because: kasan: bad access detected [ 15.088541] [ 15.088755] Memory state around the buggy address: [ 15.089168] ffff8881029eee00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.089918] ffff8881029eee80: 00 00 05 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 15.090506] >ffff8881029eef00: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 15.090736] ^ [ 15.090885] ffff8881029eef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.091786] ffff8881029ef000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.092515] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 14.902716] ================================================================== [ 14.903209] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 14.903902] Read of size 1 at addr ffff8881025fa100 by task kunit_try_catch/217 [ 14.905011] [ 14.905510] CPU: 0 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 14.905646] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.905678] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.905723] Call Trace: [ 14.905754] <TASK> [ 14.905794] dump_stack_lvl+0x73/0xb0 [ 14.905874] print_report+0xd1/0x650 [ 14.905944] ? __virt_addr_valid+0x1db/0x2d0 [ 14.905995] ? ksize_uaf+0x19d/0x6c0 [ 14.906025] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.906051] ? ksize_uaf+0x19d/0x6c0 [ 14.906102] kasan_report+0x141/0x180 [ 14.906130] ? ksize_uaf+0x19d/0x6c0 [ 14.906170] ? ksize_uaf+0x19d/0x6c0 [ 14.906201] __kasan_check_byte+0x3d/0x50 [ 14.906353] ksize+0x20/0x60 [ 14.906387] ksize_uaf+0x19d/0x6c0 [ 14.906412] ? __pfx_ksize_uaf+0x10/0x10 [ 14.906438] ? __schedule+0x10cc/0x2b60 [ 14.906466] ? __pfx_read_tsc+0x10/0x10 [ 14.906490] ? ktime_get_ts64+0x86/0x230 [ 14.906519] kunit_try_run_case+0x1a5/0x480 [ 14.906547] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.906571] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.906598] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.906623] ? __kthread_parkme+0x82/0x180 [ 14.906650] ? preempt_count_sub+0x50/0x80 [ 14.906678] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.906703] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.906728] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.906752] kthread+0x337/0x6f0 [ 14.906771] ? trace_preempt_on+0x20/0xc0 [ 14.906797] ? __pfx_kthread+0x10/0x10 [ 14.906817] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.906840] ? calculate_sigpending+0x7b/0xa0 [ 14.906864] ? __pfx_kthread+0x10/0x10 [ 14.906884] ret_from_fork+0x41/0x80 [ 14.906907] ? __pfx_kthread+0x10/0x10 [ 14.906926] ret_from_fork_asm+0x1a/0x30 [ 14.906961] </TASK> [ 14.906974] [ 14.922660] Allocated by task 217: [ 14.923062] kasan_save_stack+0x45/0x70 [ 14.923566] kasan_save_track+0x18/0x40 [ 14.924312] kasan_save_alloc_info+0x3b/0x50 [ 14.924604] __kasan_kmalloc+0xb7/0xc0 [ 14.924936] __kmalloc_cache_noprof+0x189/0x420 [ 14.925220] ksize_uaf+0xaa/0x6c0 [ 14.925554] kunit_try_run_case+0x1a5/0x480 [ 14.925847] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.926079] kthread+0x337/0x6f0 [ 14.926691] ret_from_fork+0x41/0x80 [ 14.927318] ret_from_fork_asm+0x1a/0x30 [ 14.927933] [ 14.928270] Freed by task 217: [ 14.928741] kasan_save_stack+0x45/0x70 [ 14.928911] kasan_save_track+0x18/0x40 [ 14.929010] kasan_save_free_info+0x3f/0x60 [ 14.929444] __kasan_slab_free+0x56/0x70 [ 14.929678] kfree+0x222/0x3f0 [ 14.929969] ksize_uaf+0x12c/0x6c0 [ 14.930271] kunit_try_run_case+0x1a5/0x480 [ 14.930558] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.930828] kthread+0x337/0x6f0 [ 14.931000] ret_from_fork+0x41/0x80 [ 14.931918] ret_from_fork_asm+0x1a/0x30 [ 14.932831] [ 14.933285] The buggy address belongs to the object at ffff8881025fa100 [ 14.933285] which belongs to the cache kmalloc-128 of size 128 [ 14.934347] The buggy address is located 0 bytes inside of [ 14.934347] freed 128-byte region [ffff8881025fa100, ffff8881025fa180) [ 14.934986] [ 14.935281] The buggy address belongs to the physical page: [ 14.935741] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025fa [ 14.936620] flags: 0x200000000000000(node=0|zone=2) [ 14.936886] page_type: f5(slab) [ 14.937399] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.937963] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.938582] page dumped because: kasan: bad access detected [ 14.938710] [ 14.938765] Memory state around the buggy address: [ 14.938874] ffff8881025fa000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.939008] ffff8881025fa080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.939226] >ffff8881025fa100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.939494] ^ [ 14.939855] ffff8881025fa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.941022] ffff8881025fa200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.941698] ================================================================== [ 14.942946] ================================================================== [ 14.943247] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 14.943543] Read of size 1 at addr ffff8881025fa100 by task kunit_try_catch/217 [ 14.943843] [ 14.944099] CPU: 0 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 14.944187] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.944443] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.944509] Call Trace: [ 14.944545] <TASK> [ 14.944588] dump_stack_lvl+0x73/0xb0 [ 14.944657] print_report+0xd1/0x650 [ 14.944708] ? __virt_addr_valid+0x1db/0x2d0 [ 14.944757] ? ksize_uaf+0x5fe/0x6c0 [ 14.944796] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.944840] ? ksize_uaf+0x5fe/0x6c0 [ 14.944882] kasan_report+0x141/0x180 [ 14.944923] ? ksize_uaf+0x5fe/0x6c0 [ 14.944974] __asan_report_load1_noabort+0x18/0x20 [ 14.945031] ksize_uaf+0x5fe/0x6c0 [ 14.945090] ? __pfx_ksize_uaf+0x10/0x10 [ 14.945139] ? __schedule+0x10cc/0x2b60 [ 14.945187] ? __pfx_read_tsc+0x10/0x10 [ 14.945229] ? ktime_get_ts64+0x86/0x230 [ 14.945280] kunit_try_run_case+0x1a5/0x480 [ 14.945331] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.945393] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.945443] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.945489] ? __kthread_parkme+0x82/0x180 [ 14.945537] ? preempt_count_sub+0x50/0x80 [ 14.945589] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.945630] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.945668] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.945710] kthread+0x337/0x6f0 [ 14.945745] ? trace_preempt_on+0x20/0xc0 [ 14.945790] ? __pfx_kthread+0x10/0x10 [ 14.945819] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.945853] ? calculate_sigpending+0x7b/0xa0 [ 14.945893] ? __pfx_kthread+0x10/0x10 [ 14.945931] ret_from_fork+0x41/0x80 [ 14.945973] ? __pfx_kthread+0x10/0x10 [ 14.946013] ret_from_fork_asm+0x1a/0x30 [ 14.946069] </TASK> [ 14.946088] [ 14.959559] Allocated by task 217: [ 14.959994] kasan_save_stack+0x45/0x70 [ 14.960572] kasan_save_track+0x18/0x40 [ 14.960945] kasan_save_alloc_info+0x3b/0x50 [ 14.961580] __kasan_kmalloc+0xb7/0xc0 [ 14.961957] __kmalloc_cache_noprof+0x189/0x420 [ 14.962534] ksize_uaf+0xaa/0x6c0 [ 14.962714] kunit_try_run_case+0x1a5/0x480 [ 14.963599] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.964024] kthread+0x337/0x6f0 [ 14.964292] ret_from_fork+0x41/0x80 [ 14.964639] ret_from_fork_asm+0x1a/0x30 [ 14.964944] [ 14.965078] Freed by task 217: [ 14.965244] kasan_save_stack+0x45/0x70 [ 14.965967] kasan_save_track+0x18/0x40 [ 14.966690] kasan_save_free_info+0x3f/0x60 [ 14.967179] __kasan_slab_free+0x56/0x70 [ 14.967720] kfree+0x222/0x3f0 [ 14.968024] ksize_uaf+0x12c/0x6c0 [ 14.968408] kunit_try_run_case+0x1a5/0x480 [ 14.968968] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.969561] kthread+0x337/0x6f0 [ 14.969683] ret_from_fork+0x41/0x80 [ 14.970103] ret_from_fork_asm+0x1a/0x30 [ 14.971080] [ 14.971626] The buggy address belongs to the object at ffff8881025fa100 [ 14.971626] which belongs to the cache kmalloc-128 of size 128 [ 14.972924] The buggy address is located 0 bytes inside of [ 14.972924] freed 128-byte region [ffff8881025fa100, ffff8881025fa180) [ 14.973958] [ 14.974095] The buggy address belongs to the physical page: [ 14.974300] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025fa [ 14.975438] flags: 0x200000000000000(node=0|zone=2) [ 14.975892] page_type: f5(slab) [ 14.976632] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.977033] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.977732] page dumped because: kasan: bad access detected [ 14.978560] [ 14.978987] Memory state around the buggy address: [ 14.979363] ffff8881025fa000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.979904] ffff8881025fa080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.980516] >ffff8881025fa100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.980873] ^ [ 14.981168] ffff8881025fa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.981947] ffff8881025fa200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.982512] ================================================================== [ 14.984107] ================================================================== [ 14.984787] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 14.985423] Read of size 1 at addr ffff8881025fa178 by task kunit_try_catch/217 [ 14.985848] [ 14.986029] CPU: 0 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 14.986153] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.986182] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.986227] Call Trace: [ 14.986477] <TASK> [ 14.986548] dump_stack_lvl+0x73/0xb0 [ 14.986618] print_report+0xd1/0x650 [ 14.986668] ? __virt_addr_valid+0x1db/0x2d0 [ 14.986999] ? ksize_uaf+0x5e4/0x6c0 [ 14.987059] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.987106] ? ksize_uaf+0x5e4/0x6c0 [ 14.987131] kasan_report+0x141/0x180 [ 14.987159] ? ksize_uaf+0x5e4/0x6c0 [ 14.987187] __asan_report_load1_noabort+0x18/0x20 [ 14.987210] ksize_uaf+0x5e4/0x6c0 [ 14.987253] ? __pfx_ksize_uaf+0x10/0x10 [ 14.987278] ? __schedule+0x10cc/0x2b60 [ 14.987304] ? __pfx_read_tsc+0x10/0x10 [ 14.987327] ? ktime_get_ts64+0x86/0x230 [ 14.987387] kunit_try_run_case+0x1a5/0x480 [ 14.987426] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.987461] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.987490] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.987515] ? __kthread_parkme+0x82/0x180 [ 14.987541] ? preempt_count_sub+0x50/0x80 [ 14.987569] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.987594] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.987620] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.987644] kthread+0x337/0x6f0 [ 14.987663] ? trace_preempt_on+0x20/0xc0 [ 14.987690] ? __pfx_kthread+0x10/0x10 [ 14.987710] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.987733] ? calculate_sigpending+0x7b/0xa0 [ 14.987757] ? __pfx_kthread+0x10/0x10 [ 14.987777] ret_from_fork+0x41/0x80 [ 14.987799] ? __pfx_kthread+0x10/0x10 [ 14.987818] ret_from_fork_asm+0x1a/0x30 [ 14.987852] </TASK> [ 14.987865] [ 14.999127] Allocated by task 217: [ 14.999645] kasan_save_stack+0x45/0x70 [ 15.000040] kasan_save_track+0x18/0x40 [ 15.000487] kasan_save_alloc_info+0x3b/0x50 [ 15.001053] __kasan_kmalloc+0xb7/0xc0 [ 15.003511] __kmalloc_cache_noprof+0x189/0x420 [ 15.005184] ksize_uaf+0xaa/0x6c0 [ 15.005618] kunit_try_run_case+0x1a5/0x480 [ 15.005904] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.006115] kthread+0x337/0x6f0 [ 15.006284] ret_from_fork+0x41/0x80 [ 15.006891] ret_from_fork_asm+0x1a/0x30 [ 15.007099] [ 15.007276] Freed by task 217: [ 15.007564] kasan_save_stack+0x45/0x70 [ 15.007896] kasan_save_track+0x18/0x40 [ 15.008227] kasan_save_free_info+0x3f/0x60 [ 15.011183] __kasan_slab_free+0x56/0x70 [ 15.011640] kfree+0x222/0x3f0 [ 15.011911] ksize_uaf+0x12c/0x6c0 [ 15.012190] kunit_try_run_case+0x1a5/0x480 [ 15.012584] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.013250] kthread+0x337/0x6f0 [ 15.013622] ret_from_fork+0x41/0x80 [ 15.013943] ret_from_fork_asm+0x1a/0x30 [ 15.014284] [ 15.015936] The buggy address belongs to the object at ffff8881025fa100 [ 15.015936] which belongs to the cache kmalloc-128 of size 128 [ 15.016559] The buggy address is located 120 bytes inside of [ 15.016559] freed 128-byte region [ffff8881025fa100, ffff8881025fa180) [ 15.017858] [ 15.018376] The buggy address belongs to the physical page: [ 15.019451] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025fa [ 15.020112] flags: 0x200000000000000(node=0|zone=2) [ 15.020460] page_type: f5(slab) [ 15.020795] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.021165] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.021953] page dumped because: kasan: bad access detected [ 15.022135] [ 15.022241] Memory state around the buggy address: [ 15.022892] ffff8881025fa000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.023756] ffff8881025fa080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.024384] >ffff8881025fa100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.024665] ^ [ 15.025160] ffff8881025fa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.025764] ffff8881025fa200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.026394] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 14.826978] ================================================================== [ 14.827280] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 14.827606] Read of size 1 at addr ffff8881029e5a78 by task kunit_try_catch/215 [ 14.828231] [ 14.828585] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 14.828683] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.828709] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.828775] Call Trace: [ 14.828822] <TASK> [ 14.828865] dump_stack_lvl+0x73/0xb0 [ 14.828925] print_report+0xd1/0x650 [ 14.828974] ? __virt_addr_valid+0x1db/0x2d0 [ 14.829055] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 14.829105] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.829154] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 14.829198] kasan_report+0x141/0x180 [ 14.829405] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 14.829468] __asan_report_load1_noabort+0x18/0x20 [ 14.829507] ksize_unpoisons_memory+0x7e9/0x9b0 [ 14.829552] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 14.829591] ? finish_task_switch.isra.0+0x153/0x700 [ 14.829640] ? __switch_to+0x5d9/0xf60 [ 14.829682] ? dequeue_task_fair+0x166/0x4e0 [ 14.829751] ? __schedule+0x10cc/0x2b60 [ 14.829800] ? __pfx_read_tsc+0x10/0x10 [ 14.829843] ? ktime_get_ts64+0x86/0x230 [ 14.829885] kunit_try_run_case+0x1a5/0x480 [ 14.829914] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.829937] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.829965] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.829990] ? __kthread_parkme+0x82/0x180 [ 14.830018] ? preempt_count_sub+0x50/0x80 [ 14.830061] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.830100] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.830144] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.830190] kthread+0x337/0x6f0 [ 14.830377] ? trace_preempt_on+0x20/0xc0 [ 14.830435] ? __pfx_kthread+0x10/0x10 [ 14.830476] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.830522] ? calculate_sigpending+0x7b/0xa0 [ 14.830595] ? __pfx_kthread+0x10/0x10 [ 14.830635] ret_from_fork+0x41/0x80 [ 14.830679] ? __pfx_kthread+0x10/0x10 [ 14.830713] ret_from_fork_asm+0x1a/0x30 [ 14.830765] </TASK> [ 14.830780] [ 14.843385] Allocated by task 215: [ 14.843744] kasan_save_stack+0x45/0x70 [ 14.844024] kasan_save_track+0x18/0x40 [ 14.844214] kasan_save_alloc_info+0x3b/0x50 [ 14.844428] __kasan_kmalloc+0xb7/0xc0 [ 14.844981] __kmalloc_cache_noprof+0x189/0x420 [ 14.845469] ksize_unpoisons_memory+0xc7/0x9b0 [ 14.845864] kunit_try_run_case+0x1a5/0x480 [ 14.846412] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.847466] kthread+0x337/0x6f0 [ 14.847671] ret_from_fork+0x41/0x80 [ 14.847860] ret_from_fork_asm+0x1a/0x30 [ 14.848300] [ 14.848652] The buggy address belongs to the object at ffff8881029e5a00 [ 14.848652] which belongs to the cache kmalloc-128 of size 128 [ 14.849573] The buggy address is located 5 bytes to the right of [ 14.849573] allocated 115-byte region [ffff8881029e5a00, ffff8881029e5a73) [ 14.851039] [ 14.851180] The buggy address belongs to the physical page: [ 14.851462] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e5 [ 14.852304] flags: 0x200000000000000(node=0|zone=2) [ 14.853281] page_type: f5(slab) [ 14.853485] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.854400] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.854782] page dumped because: kasan: bad access detected [ 14.855657] [ 14.855814] Memory state around the buggy address: [ 14.856046] ffff8881029e5900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.856933] ffff8881029e5980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.858073] >ffff8881029e5a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.858671] ^ [ 14.859149] ffff8881029e5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.859648] ffff8881029e5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.860060] ================================================================== [ 14.792974] ================================================================== [ 14.793926] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 14.794956] Read of size 1 at addr ffff8881029e5a73 by task kunit_try_catch/215 [ 14.795703] [ 14.796164] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 14.796269] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.796292] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.796330] Call Trace: [ 14.796370] <TASK> [ 14.796399] dump_stack_lvl+0x73/0xb0 [ 14.796439] print_report+0xd1/0x650 [ 14.796466] ? __virt_addr_valid+0x1db/0x2d0 [ 14.796493] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 14.796514] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.796537] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 14.796558] kasan_report+0x141/0x180 [ 14.796582] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 14.796608] __asan_report_load1_noabort+0x18/0x20 [ 14.796630] ksize_unpoisons_memory+0x81c/0x9b0 [ 14.796651] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 14.796671] ? finish_task_switch.isra.0+0x153/0x700 [ 14.796697] ? __switch_to+0x5d9/0xf60 [ 14.796720] ? dequeue_task_fair+0x166/0x4e0 [ 14.796745] ? __schedule+0x10cc/0x2b60 [ 14.796769] ? __pfx_read_tsc+0x10/0x10 [ 14.796790] ? ktime_get_ts64+0x86/0x230 [ 14.796818] kunit_try_run_case+0x1a5/0x480 [ 14.796846] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.796868] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.796893] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.796917] ? __kthread_parkme+0x82/0x180 [ 14.796941] ? preempt_count_sub+0x50/0x80 [ 14.796966] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.796989] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.797023] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.797052] kthread+0x337/0x6f0 [ 14.797088] ? trace_preempt_on+0x20/0xc0 [ 14.797116] ? __pfx_kthread+0x10/0x10 [ 14.797136] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.797159] ? calculate_sigpending+0x7b/0xa0 [ 14.797183] ? __pfx_kthread+0x10/0x10 [ 14.797207] ret_from_fork+0x41/0x80 [ 14.797244] ? __pfx_kthread+0x10/0x10 [ 14.797278] ret_from_fork_asm+0x1a/0x30 [ 14.797314] </TASK> [ 14.797328] [ 14.810638] Allocated by task 215: [ 14.810869] kasan_save_stack+0x45/0x70 [ 14.811814] kasan_save_track+0x18/0x40 [ 14.812152] kasan_save_alloc_info+0x3b/0x50 [ 14.812392] __kasan_kmalloc+0xb7/0xc0 [ 14.812712] __kmalloc_cache_noprof+0x189/0x420 [ 14.813324] ksize_unpoisons_memory+0xc7/0x9b0 [ 14.813578] kunit_try_run_case+0x1a5/0x480 [ 14.813789] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.814084] kthread+0x337/0x6f0 [ 14.814575] ret_from_fork+0x41/0x80 [ 14.814916] ret_from_fork_asm+0x1a/0x30 [ 14.815411] [ 14.815721] The buggy address belongs to the object at ffff8881029e5a00 [ 14.815721] which belongs to the cache kmalloc-128 of size 128 [ 14.817043] The buggy address is located 0 bytes to the right of [ 14.817043] allocated 115-byte region [ffff8881029e5a00, ffff8881029e5a73) [ 14.818069] [ 14.818227] The buggy address belongs to the physical page: [ 14.818636] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e5 [ 14.818941] flags: 0x200000000000000(node=0|zone=2) [ 14.819469] page_type: f5(slab) [ 14.819780] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.820379] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.820826] page dumped because: kasan: bad access detected [ 14.821068] [ 14.821181] Memory state around the buggy address: [ 14.821616] ffff8881029e5900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.822482] ffff8881029e5980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.823035] >ffff8881029e5a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.823774] ^ [ 14.824136] ffff8881029e5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.824515] ffff8881029e5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.825681] ================================================================== [ 14.861416] ================================================================== [ 14.862390] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 14.862868] Read of size 1 at addr ffff8881029e5a7f by task kunit_try_catch/215 [ 14.863771] [ 14.864374] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 14.864445] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.864460] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.864484] Call Trace: [ 14.864511] <TASK> [ 14.864540] dump_stack_lvl+0x73/0xb0 [ 14.864579] print_report+0xd1/0x650 [ 14.864605] ? __virt_addr_valid+0x1db/0x2d0 [ 14.864629] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 14.864650] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.864673] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 14.864694] kasan_report+0x141/0x180 [ 14.864717] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 14.864743] __asan_report_load1_noabort+0x18/0x20 [ 14.864764] ksize_unpoisons_memory+0x7b6/0x9b0 [ 14.864786] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 14.864805] ? finish_task_switch.isra.0+0x153/0x700 [ 14.864829] ? __switch_to+0x5d9/0xf60 [ 14.864851] ? dequeue_task_fair+0x166/0x4e0 [ 14.864876] ? __schedule+0x10cc/0x2b60 [ 14.864899] ? __pfx_read_tsc+0x10/0x10 [ 14.864919] ? ktime_get_ts64+0x86/0x230 [ 14.864945] kunit_try_run_case+0x1a5/0x480 [ 14.864971] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.864993] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.865033] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.865061] ? __kthread_parkme+0x82/0x180 [ 14.865096] ? preempt_count_sub+0x50/0x80 [ 14.865122] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.865147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.865172] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.865196] kthread+0x337/0x6f0 [ 14.865227] ? trace_preempt_on+0x20/0xc0 [ 14.865266] ? __pfx_kthread+0x10/0x10 [ 14.865297] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.865327] ? calculate_sigpending+0x7b/0xa0 [ 14.865369] ? __pfx_kthread+0x10/0x10 [ 14.865390] ret_from_fork+0x41/0x80 [ 14.865412] ? __pfx_kthread+0x10/0x10 [ 14.865431] ret_from_fork_asm+0x1a/0x30 [ 14.865464] </TASK> [ 14.865477] [ 14.879723] Allocated by task 215: [ 14.880223] kasan_save_stack+0x45/0x70 [ 14.880482] kasan_save_track+0x18/0x40 [ 14.881598] kasan_save_alloc_info+0x3b/0x50 [ 14.881869] __kasan_kmalloc+0xb7/0xc0 [ 14.882044] __kmalloc_cache_noprof+0x189/0x420 [ 14.882577] ksize_unpoisons_memory+0xc7/0x9b0 [ 14.883234] kunit_try_run_case+0x1a5/0x480 [ 14.883494] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.883784] kthread+0x337/0x6f0 [ 14.883972] ret_from_fork+0x41/0x80 [ 14.884806] ret_from_fork_asm+0x1a/0x30 [ 14.885020] [ 14.885377] The buggy address belongs to the object at ffff8881029e5a00 [ 14.885377] which belongs to the cache kmalloc-128 of size 128 [ 14.886536] The buggy address is located 12 bytes to the right of [ 14.886536] allocated 115-byte region [ffff8881029e5a00, ffff8881029e5a73) [ 14.887866] [ 14.888169] The buggy address belongs to the physical page: [ 14.888416] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e5 [ 14.889305] flags: 0x200000000000000(node=0|zone=2) [ 14.889713] page_type: f5(slab) [ 14.889937] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.890904] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.891806] page dumped because: kasan: bad access detected [ 14.892009] [ 14.892110] Memory state around the buggy address: [ 14.893048] ffff8881029e5900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.893592] ffff8881029e5980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.893963] >ffff8881029e5a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.894580] ^ [ 14.895089] ffff8881029e5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.895629] ffff8881029e5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.896378] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 14.742543] ================================================================== [ 14.744462] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 14.745468] Free of addr ffff8881024d25e0 by task kunit_try_catch/213 [ 14.746677] [ 14.748087] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 14.748223] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.748247] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.748286] Call Trace: [ 14.748326] <TASK> [ 14.748400] dump_stack_lvl+0x73/0xb0 [ 14.748462] print_report+0xd1/0x650 [ 14.748503] ? __virt_addr_valid+0x1db/0x2d0 [ 14.748542] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.748580] ? kfree_sensitive+0x2e/0x90 [ 14.748618] kasan_report_invalid_free+0x10a/0x130 [ 14.748667] ? kfree_sensitive+0x2e/0x90 [ 14.748713] ? kfree_sensitive+0x2e/0x90 [ 14.748753] check_slab_allocation+0x101/0x130 [ 14.748791] __kasan_slab_pre_free+0x28/0x40 [ 14.748824] kfree+0xf0/0x3f0 [ 14.748858] ? kfree_sensitive+0x2e/0x90 [ 14.748902] kfree_sensitive+0x2e/0x90 [ 14.748934] kmalloc_double_kzfree+0x19c/0x350 [ 14.748969] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 14.749006] ? __schedule+0x10cc/0x2b60 [ 14.749066] ? __pfx_read_tsc+0x10/0x10 [ 14.749106] ? ktime_get_ts64+0x86/0x230 [ 14.749156] kunit_try_run_case+0x1a5/0x480 [ 14.749203] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.749242] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.749286] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.749327] ? __kthread_parkme+0x82/0x180 [ 14.749398] ? preempt_count_sub+0x50/0x80 [ 14.749588] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.749649] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.749697] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.749742] kthread+0x337/0x6f0 [ 14.749777] ? trace_preempt_on+0x20/0xc0 [ 14.749822] ? __pfx_kthread+0x10/0x10 [ 14.749856] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.749897] ? calculate_sigpending+0x7b/0xa0 [ 14.749939] ? __pfx_kthread+0x10/0x10 [ 14.749977] ret_from_fork+0x41/0x80 [ 14.750017] ? __pfx_kthread+0x10/0x10 [ 14.750054] ret_from_fork_asm+0x1a/0x30 [ 14.750134] </TASK> [ 14.750157] [ 14.764988] Allocated by task 213: [ 14.765262] kasan_save_stack+0x45/0x70 [ 14.765609] kasan_save_track+0x18/0x40 [ 14.765889] kasan_save_alloc_info+0x3b/0x50 [ 14.766088] __kasan_kmalloc+0xb7/0xc0 [ 14.766654] __kmalloc_cache_noprof+0x189/0x420 [ 14.767047] kmalloc_double_kzfree+0xa9/0x350 [ 14.767725] kunit_try_run_case+0x1a5/0x480 [ 14.767943] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.768173] kthread+0x337/0x6f0 [ 14.768498] ret_from_fork+0x41/0x80 [ 14.768854] ret_from_fork_asm+0x1a/0x30 [ 14.769373] [ 14.769570] Freed by task 213: [ 14.769931] kasan_save_stack+0x45/0x70 [ 14.770829] kasan_save_track+0x18/0x40 [ 14.771211] kasan_save_free_info+0x3f/0x60 [ 14.771834] __kasan_slab_free+0x56/0x70 [ 14.772196] kfree+0x222/0x3f0 [ 14.772366] kfree_sensitive+0x67/0x90 [ 14.772550] kmalloc_double_kzfree+0x12b/0x350 [ 14.772928] kunit_try_run_case+0x1a5/0x480 [ 14.773500] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.773938] kthread+0x337/0x6f0 [ 14.774157] ret_from_fork+0x41/0x80 [ 14.774722] ret_from_fork_asm+0x1a/0x30 [ 14.775420] [ 14.775551] The buggy address belongs to the object at ffff8881024d25e0 [ 14.775551] which belongs to the cache kmalloc-16 of size 16 [ 14.776641] The buggy address is located 0 bytes inside of [ 14.776641] 16-byte region [ffff8881024d25e0, ffff8881024d25f0) [ 14.777503] [ 14.777729] The buggy address belongs to the physical page: [ 14.778757] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024d2 [ 14.779231] flags: 0x200000000000000(node=0|zone=2) [ 14.779740] page_type: f5(slab) [ 14.780031] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.780638] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.781451] page dumped because: kasan: bad access detected [ 14.781807] [ 14.782029] Memory state around the buggy address: [ 14.782304] ffff8881024d2480: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.783245] ffff8881024d2500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.783811] >ffff8881024d2580: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 14.784440] ^ [ 14.784986] ffff8881024d2600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.785510] ffff8881024d2680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.786077] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 14.698798] ================================================================== [ 14.699495] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 14.699999] Read of size 1 at addr ffff8881024d25e0 by task kunit_try_catch/213 [ 14.700417] [ 14.700579] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 14.700682] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.700709] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.700753] Call Trace: [ 14.700776] <TASK> [ 14.700844] dump_stack_lvl+0x73/0xb0 [ 14.700927] print_report+0xd1/0x650 [ 14.700975] ? __virt_addr_valid+0x1db/0x2d0 [ 14.701038] ? kmalloc_double_kzfree+0x19c/0x350 [ 14.701080] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.701130] ? kmalloc_double_kzfree+0x19c/0x350 [ 14.701170] kasan_report+0x141/0x180 [ 14.701256] ? kmalloc_double_kzfree+0x19c/0x350 [ 14.701310] ? kmalloc_double_kzfree+0x19c/0x350 [ 14.701366] __kasan_check_byte+0x3d/0x50 [ 14.701417] kfree_sensitive+0x22/0x90 [ 14.701467] kmalloc_double_kzfree+0x19c/0x350 [ 14.701569] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 14.701617] ? __schedule+0x10cc/0x2b60 [ 14.701672] ? __pfx_read_tsc+0x10/0x10 [ 14.701718] ? ktime_get_ts64+0x86/0x230 [ 14.701778] kunit_try_run_case+0x1a5/0x480 [ 14.701832] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.701872] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.701918] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.701965] ? __kthread_parkme+0x82/0x180 [ 14.702046] ? preempt_count_sub+0x50/0x80 [ 14.702123] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.702176] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.702253] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.702296] kthread+0x337/0x6f0 [ 14.702360] ? trace_preempt_on+0x20/0xc0 [ 14.702407] ? __pfx_kthread+0x10/0x10 [ 14.702439] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.702476] ? calculate_sigpending+0x7b/0xa0 [ 14.702514] ? __pfx_kthread+0x10/0x10 [ 14.702545] ret_from_fork+0x41/0x80 [ 14.702581] ? __pfx_kthread+0x10/0x10 [ 14.702613] ret_from_fork_asm+0x1a/0x30 [ 14.702673] </TASK> [ 14.702694] [ 14.717409] Allocated by task 213: [ 14.718088] kasan_save_stack+0x45/0x70 [ 14.719045] kasan_save_track+0x18/0x40 [ 14.719624] kasan_save_alloc_info+0x3b/0x50 [ 14.719908] __kasan_kmalloc+0xb7/0xc0 [ 14.720440] __kmalloc_cache_noprof+0x189/0x420 [ 14.720906] kmalloc_double_kzfree+0xa9/0x350 [ 14.721283] kunit_try_run_case+0x1a5/0x480 [ 14.721886] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.722789] kthread+0x337/0x6f0 [ 14.723141] ret_from_fork+0x41/0x80 [ 14.723351] ret_from_fork_asm+0x1a/0x30 [ 14.723747] [ 14.723931] Freed by task 213: [ 14.724414] kasan_save_stack+0x45/0x70 [ 14.724697] kasan_save_track+0x18/0x40 [ 14.725050] kasan_save_free_info+0x3f/0x60 [ 14.725446] __kasan_slab_free+0x56/0x70 [ 14.726017] kfree+0x222/0x3f0 [ 14.726218] kfree_sensitive+0x67/0x90 [ 14.726643] kmalloc_double_kzfree+0x12b/0x350 [ 14.726936] kunit_try_run_case+0x1a5/0x480 [ 14.727939] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.728519] kthread+0x337/0x6f0 [ 14.728790] ret_from_fork+0x41/0x80 [ 14.729079] ret_from_fork_asm+0x1a/0x30 [ 14.729377] [ 14.729555] The buggy address belongs to the object at ffff8881024d25e0 [ 14.729555] which belongs to the cache kmalloc-16 of size 16 [ 14.730401] The buggy address is located 0 bytes inside of [ 14.730401] freed 16-byte region [ffff8881024d25e0, ffff8881024d25f0) [ 14.731210] [ 14.731551] The buggy address belongs to the physical page: [ 14.731790] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024d2 [ 14.732308] flags: 0x200000000000000(node=0|zone=2) [ 14.733621] page_type: f5(slab) [ 14.733826] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.734501] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.735032] page dumped because: kasan: bad access detected [ 14.735505] [ 14.735740] Memory state around the buggy address: [ 14.736241] ffff8881024d2480: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.736663] ffff8881024d2500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.738537] >ffff8881024d2580: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 14.738825] ^ [ 14.739052] ffff8881024d2600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.739284] ffff8881024d2680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.739983] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 14.651452] ================================================================== [ 14.652107] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 14.652681] Read of size 1 at addr ffff8881029f1328 by task kunit_try_catch/209 [ 14.653057] [ 14.653272] CPU: 1 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 14.653610] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.653646] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.653694] Call Trace: [ 14.653726] <TASK> [ 14.653769] dump_stack_lvl+0x73/0xb0 [ 14.653841] print_report+0xd1/0x650 [ 14.653888] ? __virt_addr_valid+0x1db/0x2d0 [ 14.653961] ? kmalloc_uaf2+0x4a8/0x520 [ 14.654006] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.654049] ? kmalloc_uaf2+0x4a8/0x520 [ 14.654123] kasan_report+0x141/0x180 [ 14.654191] ? kmalloc_uaf2+0x4a8/0x520 [ 14.654410] __asan_report_load1_noabort+0x18/0x20 [ 14.654448] kmalloc_uaf2+0x4a8/0x520 [ 14.654479] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 14.654506] ? finish_task_switch.isra.0+0x153/0x700 [ 14.654539] ? __switch_to+0x5d9/0xf60 [ 14.654575] ? dequeue_task_fair+0x166/0x4e0 [ 14.654612] ? __schedule+0x10cc/0x2b60 [ 14.654638] ? __pfx_read_tsc+0x10/0x10 [ 14.654660] ? ktime_get_ts64+0x86/0x230 [ 14.654686] kunit_try_run_case+0x1a5/0x480 [ 14.654713] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.654735] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.654761] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.654784] ? __kthread_parkme+0x82/0x180 [ 14.654807] ? preempt_count_sub+0x50/0x80 [ 14.654830] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.654854] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.654877] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.654900] kthread+0x337/0x6f0 [ 14.654918] ? trace_preempt_on+0x20/0xc0 [ 14.654942] ? __pfx_kthread+0x10/0x10 [ 14.654961] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.654983] ? calculate_sigpending+0x7b/0xa0 [ 14.655005] ? __pfx_kthread+0x10/0x10 [ 14.655024] ret_from_fork+0x41/0x80 [ 14.655045] ? __pfx_kthread+0x10/0x10 [ 14.655075] ret_from_fork_asm+0x1a/0x30 [ 14.655119] </TASK> [ 14.655132] [ 14.668882] Allocated by task 209: [ 14.669513] kasan_save_stack+0x45/0x70 [ 14.669953] kasan_save_track+0x18/0x40 [ 14.670549] kasan_save_alloc_info+0x3b/0x50 [ 14.670961] __kasan_kmalloc+0xb7/0xc0 [ 14.671354] __kmalloc_cache_noprof+0x189/0x420 [ 14.671772] kmalloc_uaf2+0xc6/0x520 [ 14.672032] kunit_try_run_case+0x1a5/0x480 [ 14.673034] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.673599] kthread+0x337/0x6f0 [ 14.673789] ret_from_fork+0x41/0x80 [ 14.674326] ret_from_fork_asm+0x1a/0x30 [ 14.674759] [ 14.674954] Freed by task 209: [ 14.675174] kasan_save_stack+0x45/0x70 [ 14.675727] kasan_save_track+0x18/0x40 [ 14.675953] kasan_save_free_info+0x3f/0x60 [ 14.676781] __kasan_slab_free+0x56/0x70 [ 14.676991] kfree+0x222/0x3f0 [ 14.677205] kmalloc_uaf2+0x14c/0x520 [ 14.677738] kunit_try_run_case+0x1a5/0x480 [ 14.678226] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.678757] kthread+0x337/0x6f0 [ 14.679002] ret_from_fork+0x41/0x80 [ 14.679393] ret_from_fork_asm+0x1a/0x30 [ 14.679678] [ 14.679864] The buggy address belongs to the object at ffff8881029f1300 [ 14.679864] which belongs to the cache kmalloc-64 of size 64 [ 14.680553] The buggy address is located 40 bytes inside of [ 14.680553] freed 64-byte region [ffff8881029f1300, ffff8881029f1340) [ 14.681160] [ 14.681280] The buggy address belongs to the physical page: [ 14.682097] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f1 [ 14.682593] flags: 0x200000000000000(node=0|zone=2) [ 14.683020] page_type: f5(slab) [ 14.683560] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.684363] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.684961] page dumped because: kasan: bad access detected [ 14.685510] [ 14.685628] Memory state around the buggy address: [ 14.686024] ffff8881029f1200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.687149] ffff8881029f1280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.687671] >ffff8881029f1300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.687826] ^ [ 14.687927] ffff8881029f1380: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 14.688059] ffff8881029f1400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.688347] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 14.607484] ================================================================== [ 14.608021] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 14.608468] Write of size 33 at addr ffff8881029f1280 by task kunit_try_catch/207 [ 14.608962] [ 14.609113] CPU: 1 UID: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 14.609176] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.609190] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.609214] Call Trace: [ 14.609231] <TASK> [ 14.609257] dump_stack_lvl+0x73/0xb0 [ 14.609294] print_report+0xd1/0x650 [ 14.609320] ? __virt_addr_valid+0x1db/0x2d0 [ 14.609379] ? kmalloc_uaf_memset+0x1a3/0x360 [ 14.609430] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.609488] ? kmalloc_uaf_memset+0x1a3/0x360 [ 14.609533] kasan_report+0x141/0x180 [ 14.609581] ? kmalloc_uaf_memset+0x1a3/0x360 [ 14.609649] kasan_check_range+0x10c/0x1c0 [ 14.609787] __asan_memset+0x27/0x50 [ 14.609833] kmalloc_uaf_memset+0x1a3/0x360 [ 14.609882] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 14.609932] ? __schedule+0x10cc/0x2b60 [ 14.609981] ? __pfx_read_tsc+0x10/0x10 [ 14.610027] ? ktime_get_ts64+0x86/0x230 [ 14.610080] kunit_try_run_case+0x1a5/0x480 [ 14.610124] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.610160] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.610210] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.610259] ? __kthread_parkme+0x82/0x180 [ 14.610302] ? preempt_count_sub+0x50/0x80 [ 14.610331] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.610376] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.610401] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.610424] kthread+0x337/0x6f0 [ 14.610442] ? trace_preempt_on+0x20/0xc0 [ 14.610467] ? __pfx_kthread+0x10/0x10 [ 14.610486] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.610508] ? calculate_sigpending+0x7b/0xa0 [ 14.610530] ? __pfx_kthread+0x10/0x10 [ 14.610549] ret_from_fork+0x41/0x80 [ 14.610570] ? __pfx_kthread+0x10/0x10 [ 14.610589] ret_from_fork_asm+0x1a/0x30 [ 14.610623] </TASK> [ 14.610636] [ 14.624985] Allocated by task 207: [ 14.625886] kasan_save_stack+0x45/0x70 [ 14.626511] kasan_save_track+0x18/0x40 [ 14.626826] kasan_save_alloc_info+0x3b/0x50 [ 14.626948] __kasan_kmalloc+0xb7/0xc0 [ 14.627043] __kmalloc_cache_noprof+0x189/0x420 [ 14.627220] kmalloc_uaf_memset+0xa9/0x360 [ 14.627740] kunit_try_run_case+0x1a5/0x480 [ 14.627991] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.628654] kthread+0x337/0x6f0 [ 14.628897] ret_from_fork+0x41/0x80 [ 14.629140] ret_from_fork_asm+0x1a/0x30 [ 14.629907] [ 14.630148] Freed by task 207: [ 14.630678] kasan_save_stack+0x45/0x70 [ 14.631002] kasan_save_track+0x18/0x40 [ 14.631521] kasan_save_free_info+0x3f/0x60 [ 14.631798] __kasan_slab_free+0x56/0x70 [ 14.632019] kfree+0x222/0x3f0 [ 14.632461] kmalloc_uaf_memset+0x12b/0x360 [ 14.632809] kunit_try_run_case+0x1a5/0x480 [ 14.633145] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.634002] kthread+0x337/0x6f0 [ 14.634280] ret_from_fork+0x41/0x80 [ 14.634492] ret_from_fork_asm+0x1a/0x30 [ 14.634814] [ 14.634995] The buggy address belongs to the object at ffff8881029f1280 [ 14.634995] which belongs to the cache kmalloc-64 of size 64 [ 14.635667] The buggy address is located 0 bytes inside of [ 14.635667] freed 64-byte region [ffff8881029f1280, ffff8881029f12c0) [ 14.636315] [ 14.636809] The buggy address belongs to the physical page: [ 14.637149] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f1 [ 14.638102] flags: 0x200000000000000(node=0|zone=2) [ 14.638653] page_type: f5(slab) [ 14.638899] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.639473] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.639894] page dumped because: kasan: bad access detected [ 14.640139] [ 14.640673] Memory state around the buggy address: [ 14.641145] ffff8881029f1180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.641659] ffff8881029f1200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.641978] >ffff8881029f1280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.642505] ^ [ 14.642676] ffff8881029f1300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.643158] ffff8881029f1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.644005] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 14.564951] ================================================================== [ 14.566127] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 14.566578] Read of size 1 at addr ffff8881024d25c8 by task kunit_try_catch/205 [ 14.566909] [ 14.567061] CPU: 0 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 14.567158] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.567387] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.567508] Call Trace: [ 14.567544] <TASK> [ 14.567584] dump_stack_lvl+0x73/0xb0 [ 14.567654] print_report+0xd1/0x650 [ 14.567706] ? __virt_addr_valid+0x1db/0x2d0 [ 14.567758] ? kmalloc_uaf+0x320/0x380 [ 14.567802] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.567847] ? kmalloc_uaf+0x320/0x380 [ 14.567892] kasan_report+0x141/0x180 [ 14.567941] ? kmalloc_uaf+0x320/0x380 [ 14.567996] __asan_report_load1_noabort+0x18/0x20 [ 14.568043] kmalloc_uaf+0x320/0x380 [ 14.568114] ? __pfx_kmalloc_uaf+0x10/0x10 [ 14.568143] ? __schedule+0x10cc/0x2b60 [ 14.568171] ? __pfx_read_tsc+0x10/0x10 [ 14.568195] ? ktime_get_ts64+0x86/0x230 [ 14.568332] kunit_try_run_case+0x1a5/0x480 [ 14.568386] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.568411] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.568440] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.568466] ? __kthread_parkme+0x82/0x180 [ 14.568492] ? preempt_count_sub+0x50/0x80 [ 14.568521] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.568546] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.568572] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.568599] kthread+0x337/0x6f0 [ 14.568618] ? trace_preempt_on+0x20/0xc0 [ 14.568645] ? __pfx_kthread+0x10/0x10 [ 14.568665] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.568689] ? calculate_sigpending+0x7b/0xa0 [ 14.568714] ? __pfx_kthread+0x10/0x10 [ 14.568734] ret_from_fork+0x41/0x80 [ 14.568756] ? __pfx_kthread+0x10/0x10 [ 14.568776] ret_from_fork_asm+0x1a/0x30 [ 14.568811] </TASK> [ 14.568823] [ 14.580758] Allocated by task 205: [ 14.580982] kasan_save_stack+0x45/0x70 [ 14.581244] kasan_save_track+0x18/0x40 [ 14.581450] kasan_save_alloc_info+0x3b/0x50 [ 14.582230] __kasan_kmalloc+0xb7/0xc0 [ 14.582713] __kmalloc_cache_noprof+0x189/0x420 [ 14.583397] kmalloc_uaf+0xaa/0x380 [ 14.583730] kunit_try_run_case+0x1a5/0x480 [ 14.584185] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.584772] kthread+0x337/0x6f0 [ 14.585432] ret_from_fork+0x41/0x80 [ 14.585802] ret_from_fork_asm+0x1a/0x30 [ 14.586333] [ 14.586465] Freed by task 205: [ 14.586744] kasan_save_stack+0x45/0x70 [ 14.586996] kasan_save_track+0x18/0x40 [ 14.587226] kasan_save_free_info+0x3f/0x60 [ 14.587479] __kasan_slab_free+0x56/0x70 [ 14.587795] kfree+0x222/0x3f0 [ 14.588028] kmalloc_uaf+0x12c/0x380 [ 14.588242] kunit_try_run_case+0x1a5/0x480 [ 14.588664] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.589110] kthread+0x337/0x6f0 [ 14.589520] ret_from_fork+0x41/0x80 [ 14.589725] ret_from_fork_asm+0x1a/0x30 [ 14.589924] [ 14.590128] The buggy address belongs to the object at ffff8881024d25c0 [ 14.590128] which belongs to the cache kmalloc-16 of size 16 [ 14.591456] The buggy address is located 8 bytes inside of [ 14.591456] freed 16-byte region [ffff8881024d25c0, ffff8881024d25d0) [ 14.592618] [ 14.592864] The buggy address belongs to the physical page: [ 14.593576] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024d2 [ 14.593949] flags: 0x200000000000000(node=0|zone=2) [ 14.594642] page_type: f5(slab) [ 14.594998] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.595561] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.596418] page dumped because: kasan: bad access detected [ 14.596615] [ 14.596756] Memory state around the buggy address: [ 14.597522] ffff8881024d2480: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.598187] ffff8881024d2500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.598700] >ffff8881024d2580: fa fb fc fc 00 05 fc fc fa fb fc fc fc fc fc fc [ 14.599330] ^ [ 14.599714] ffff8881024d2600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.600027] ffff8881024d2680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.600787] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 14.523745] ================================================================== [ 14.524239] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 14.525006] Read of size 64 at addr ffff8881025fcc04 by task kunit_try_catch/203 [ 14.526564] [ 14.526877] CPU: 0 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 14.527019] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.527050] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.527109] Call Trace: [ 14.527142] <TASK> [ 14.527247] dump_stack_lvl+0x73/0xb0 [ 14.527315] print_report+0xd1/0x650 [ 14.527373] ? __virt_addr_valid+0x1db/0x2d0 [ 14.527413] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 14.527448] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.527484] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 14.527517] kasan_report+0x141/0x180 [ 14.527554] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 14.527598] kasan_check_range+0x10c/0x1c0 [ 14.527632] __asan_memmove+0x27/0x70 [ 14.527661] kmalloc_memmove_invalid_size+0x16f/0x330 [ 14.527684] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 14.527708] ? __schedule+0x10cc/0x2b60 [ 14.527734] ? __pfx_read_tsc+0x10/0x10 [ 14.527756] ? ktime_get_ts64+0x86/0x230 [ 14.527786] kunit_try_run_case+0x1a5/0x480 [ 14.527816] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.527839] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.527866] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.527891] ? __kthread_parkme+0x82/0x180 [ 14.527916] ? preempt_count_sub+0x50/0x80 [ 14.527944] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.527969] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.527994] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.528019] kthread+0x337/0x6f0 [ 14.528038] ? trace_preempt_on+0x20/0xc0 [ 14.528066] ? __pfx_kthread+0x10/0x10 [ 14.528095] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.528120] ? calculate_sigpending+0x7b/0xa0 [ 14.528144] ? __pfx_kthread+0x10/0x10 [ 14.528164] ret_from_fork+0x41/0x80 [ 14.528186] ? __pfx_kthread+0x10/0x10 [ 14.528210] ret_from_fork_asm+0x1a/0x30 [ 14.528263] </TASK> [ 14.528283] [ 14.542438] Allocated by task 203: [ 14.542686] kasan_save_stack+0x45/0x70 [ 14.543182] kasan_save_track+0x18/0x40 [ 14.543607] kasan_save_alloc_info+0x3b/0x50 [ 14.544015] __kasan_kmalloc+0xb7/0xc0 [ 14.544676] __kmalloc_cache_noprof+0x189/0x420 [ 14.545120] kmalloc_memmove_invalid_size+0xac/0x330 [ 14.545752] kunit_try_run_case+0x1a5/0x480 [ 14.546107] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.546815] kthread+0x337/0x6f0 [ 14.547104] ret_from_fork+0x41/0x80 [ 14.547740] ret_from_fork_asm+0x1a/0x30 [ 14.547940] [ 14.548439] The buggy address belongs to the object at ffff8881025fcc00 [ 14.548439] which belongs to the cache kmalloc-64 of size 64 [ 14.549702] The buggy address is located 4 bytes inside of [ 14.549702] allocated 64-byte region [ffff8881025fcc00, ffff8881025fcc40) [ 14.550010] [ 14.550514] The buggy address belongs to the physical page: [ 14.551041] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025fc [ 14.552024] flags: 0x200000000000000(node=0|zone=2) [ 14.552679] page_type: f5(slab) [ 14.552885] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.553630] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.554281] page dumped because: kasan: bad access detected [ 14.554809] [ 14.554933] Memory state around the buggy address: [ 14.555449] ffff8881025fcb00: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 14.555722] ffff8881025fcb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.556763] >ffff8881025fcc00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 14.557024] ^ [ 14.557714] ffff8881025fcc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.558616] ffff8881025fcd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.559415] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 14.488550] ================================================================== [ 14.489181] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 14.490683] Read of size 18446744073709551614 at addr ffff8881029f1004 by task kunit_try_catch/201 [ 14.491122] [ 14.491422] CPU: 1 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 14.491526] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.491553] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.491600] Call Trace: [ 14.491622] <TASK> [ 14.491649] dump_stack_lvl+0x73/0xb0 [ 14.491694] print_report+0xd1/0x650 [ 14.491720] ? __virt_addr_valid+0x1db/0x2d0 [ 14.491747] ? kmalloc_memmove_negative_size+0x171/0x330 [ 14.491781] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.491817] ? kmalloc_memmove_negative_size+0x171/0x330 [ 14.491852] kasan_report+0x141/0x180 [ 14.491893] ? kmalloc_memmove_negative_size+0x171/0x330 [ 14.491946] kasan_check_range+0x10c/0x1c0 [ 14.491991] __asan_memmove+0x27/0x70 [ 14.492037] kmalloc_memmove_negative_size+0x171/0x330 [ 14.492081] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 14.492125] ? __schedule+0x10cc/0x2b60 [ 14.492174] ? __pfx_read_tsc+0x10/0x10 [ 14.492218] ? ktime_get_ts64+0x86/0x230 [ 14.492276] kunit_try_run_case+0x1a5/0x480 [ 14.492331] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.492392] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.492446] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.492497] ? __kthread_parkme+0x82/0x180 [ 14.492531] ? preempt_count_sub+0x50/0x80 [ 14.492559] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.492584] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.492608] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.492633] kthread+0x337/0x6f0 [ 14.492651] ? trace_preempt_on+0x20/0xc0 [ 14.492677] ? __pfx_kthread+0x10/0x10 [ 14.492696] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.492717] ? calculate_sigpending+0x7b/0xa0 [ 14.492741] ? __pfx_kthread+0x10/0x10 [ 14.492761] ret_from_fork+0x41/0x80 [ 14.492782] ? __pfx_kthread+0x10/0x10 [ 14.492801] ret_from_fork_asm+0x1a/0x30 [ 14.492835] </TASK> [ 14.492847] [ 14.505184] Allocated by task 201: [ 14.505677] kasan_save_stack+0x45/0x70 [ 14.506056] kasan_save_track+0x18/0x40 [ 14.506413] kasan_save_alloc_info+0x3b/0x50 [ 14.506707] __kasan_kmalloc+0xb7/0xc0 [ 14.507037] __kmalloc_cache_noprof+0x189/0x420 [ 14.507489] kmalloc_memmove_negative_size+0xac/0x330 [ 14.507693] kunit_try_run_case+0x1a5/0x480 [ 14.508116] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.508497] kthread+0x337/0x6f0 [ 14.508828] ret_from_fork+0x41/0x80 [ 14.509042] ret_from_fork_asm+0x1a/0x30 [ 14.509371] [ 14.509563] The buggy address belongs to the object at ffff8881029f1000 [ 14.509563] which belongs to the cache kmalloc-64 of size 64 [ 14.510226] The buggy address is located 4 bytes inside of [ 14.510226] 64-byte region [ffff8881029f1000, ffff8881029f1040) [ 14.510832] [ 14.511050] The buggy address belongs to the physical page: [ 14.511542] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f1 [ 14.512051] flags: 0x200000000000000(node=0|zone=2) [ 14.512461] page_type: f5(slab) [ 14.512737] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.513298] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.513904] page dumped because: kasan: bad access detected [ 14.514200] [ 14.514401] Memory state around the buggy address: [ 14.514818] ffff8881029f0f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.515318] ffff8881029f0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.515695] >ffff8881029f1000: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 14.516193] ^ [ 14.516521] ffff8881029f1080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.516963] ffff8881029f1100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.517438] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 14.443482] ================================================================== [ 14.443985] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 14.444748] Write of size 16 at addr ffff8881029e5969 by task kunit_try_catch/199 [ 14.445406] [ 14.445568] CPU: 1 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 14.445628] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.445641] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.445666] Call Trace: [ 14.445684] <TASK> [ 14.445710] dump_stack_lvl+0x73/0xb0 [ 14.445747] print_report+0xd1/0x650 [ 14.445773] ? __virt_addr_valid+0x1db/0x2d0 [ 14.445799] ? kmalloc_oob_memset_16+0x166/0x330 [ 14.445823] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.445847] ? kmalloc_oob_memset_16+0x166/0x330 [ 14.445870] kasan_report+0x141/0x180 [ 14.445894] ? kmalloc_oob_memset_16+0x166/0x330 [ 14.445922] kasan_check_range+0x10c/0x1c0 [ 14.445944] __asan_memset+0x27/0x50 [ 14.445965] kmalloc_oob_memset_16+0x166/0x330 [ 14.445989] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 14.446014] ? __schedule+0x10cc/0x2b60 [ 14.446039] ? __pfx_read_tsc+0x10/0x10 [ 14.446060] ? ktime_get_ts64+0x86/0x230 [ 14.446106] kunit_try_run_case+0x1a5/0x480 [ 14.446149] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.446190] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.446237] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.446308] ? __kthread_parkme+0x82/0x180 [ 14.446376] ? preempt_count_sub+0x50/0x80 [ 14.446476] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.446550] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.446614] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.446665] kthread+0x337/0x6f0 [ 14.446698] ? trace_preempt_on+0x20/0xc0 [ 14.446745] ? __pfx_kthread+0x10/0x10 [ 14.446785] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.446827] ? calculate_sigpending+0x7b/0xa0 [ 14.446869] ? __pfx_kthread+0x10/0x10 [ 14.446908] ret_from_fork+0x41/0x80 [ 14.446949] ? __pfx_kthread+0x10/0x10 [ 14.446984] ret_from_fork_asm+0x1a/0x30 [ 14.447050] </TASK> [ 14.447114] [ 14.461078] Allocated by task 199: [ 14.461321] kasan_save_stack+0x45/0x70 [ 14.461692] kasan_save_track+0x18/0x40 [ 14.462010] kasan_save_alloc_info+0x3b/0x50 [ 14.462438] __kasan_kmalloc+0xb7/0xc0 [ 14.462627] __kmalloc_cache_noprof+0x189/0x420 [ 14.462979] kmalloc_oob_memset_16+0xac/0x330 [ 14.463297] kunit_try_run_case+0x1a5/0x480 [ 14.463998] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.464270] kthread+0x337/0x6f0 [ 14.464455] ret_from_fork+0x41/0x80 [ 14.464686] ret_from_fork_asm+0x1a/0x30 [ 14.465003] [ 14.465136] The buggy address belongs to the object at ffff8881029e5900 [ 14.465136] which belongs to the cache kmalloc-128 of size 128 [ 14.465704] The buggy address is located 105 bytes inside of [ 14.465704] allocated 120-byte region [ffff8881029e5900, ffff8881029e5978) [ 14.466989] [ 14.467216] The buggy address belongs to the physical page: [ 14.467481] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e5 [ 14.467858] flags: 0x200000000000000(node=0|zone=2) [ 14.468580] page_type: f5(slab) [ 14.468919] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.469194] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.469793] page dumped because: kasan: bad access detected [ 14.470409] [ 14.470527] Memory state around the buggy address: [ 14.470674] ffff8881029e5800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.470833] ffff8881029e5880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.470965] >ffff8881029e5900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 14.471663] ^ [ 14.472300] ffff8881029e5980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.472969] ffff8881029e5a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.473570] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 14.408422] ================================================================== [ 14.409087] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 14.409787] Write of size 8 at addr ffff8881029e5871 by task kunit_try_catch/197 [ 14.410300] [ 14.410747] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 14.410813] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.410828] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.410852] Call Trace: [ 14.410869] <TASK> [ 14.410896] dump_stack_lvl+0x73/0xb0 [ 14.410932] print_report+0xd1/0x650 [ 14.410958] ? __virt_addr_valid+0x1db/0x2d0 [ 14.410984] ? kmalloc_oob_memset_8+0x166/0x330 [ 14.411006] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.411029] ? kmalloc_oob_memset_8+0x166/0x330 [ 14.411052] kasan_report+0x141/0x180 [ 14.411114] ? kmalloc_oob_memset_8+0x166/0x330 [ 14.411177] kasan_check_range+0x10c/0x1c0 [ 14.411219] __asan_memset+0x27/0x50 [ 14.411254] kmalloc_oob_memset_8+0x166/0x330 [ 14.411360] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 14.411413] ? __schedule+0x10cc/0x2b60 [ 14.411460] ? __pfx_read_tsc+0x10/0x10 [ 14.411501] ? ktime_get_ts64+0x86/0x230 [ 14.411556] kunit_try_run_case+0x1a5/0x480 [ 14.411607] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.411643] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.411687] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.411733] ? __kthread_parkme+0x82/0x180 [ 14.411777] ? preempt_count_sub+0x50/0x80 [ 14.411822] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.411861] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.411901] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.411945] kthread+0x337/0x6f0 [ 14.411980] ? trace_preempt_on+0x20/0xc0 [ 14.412030] ? __pfx_kthread+0x10/0x10 [ 14.412082] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.412146] ? calculate_sigpending+0x7b/0xa0 [ 14.412171] ? __pfx_kthread+0x10/0x10 [ 14.412192] ret_from_fork+0x41/0x80 [ 14.412213] ? __pfx_kthread+0x10/0x10 [ 14.412232] ret_from_fork_asm+0x1a/0x30 [ 14.412267] </TASK> [ 14.412280] [ 14.423565] Allocated by task 197: [ 14.423920] kasan_save_stack+0x45/0x70 [ 14.424424] kasan_save_track+0x18/0x40 [ 14.424675] kasan_save_alloc_info+0x3b/0x50 [ 14.425117] __kasan_kmalloc+0xb7/0xc0 [ 14.425383] __kmalloc_cache_noprof+0x189/0x420 [ 14.425747] kmalloc_oob_memset_8+0xac/0x330 [ 14.425952] kunit_try_run_case+0x1a5/0x480 [ 14.426167] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.426681] kthread+0x337/0x6f0 [ 14.427015] ret_from_fork+0x41/0x80 [ 14.427445] ret_from_fork_asm+0x1a/0x30 [ 14.427812] [ 14.428034] The buggy address belongs to the object at ffff8881029e5800 [ 14.428034] which belongs to the cache kmalloc-128 of size 128 [ 14.428956] The buggy address is located 113 bytes inside of [ 14.428956] allocated 120-byte region [ffff8881029e5800, ffff8881029e5878) [ 14.429559] [ 14.429749] The buggy address belongs to the physical page: [ 14.430318] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e5 [ 14.430981] flags: 0x200000000000000(node=0|zone=2) [ 14.431520] page_type: f5(slab) [ 14.431754] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.432048] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.432398] page dumped because: kasan: bad access detected [ 14.432846] [ 14.433033] Memory state around the buggy address: [ 14.433558] ffff8881029e5700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.434154] ffff8881029e5780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.434785] >ffff8881029e5800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 14.435262] ^ [ 14.435686] ffff8881029e5880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.435958] ffff8881029e5900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.436370] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 14.375586] ================================================================== [ 14.376122] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 14.376862] Write of size 4 at addr ffff8881029e5775 by task kunit_try_catch/195 [ 14.377541] [ 14.377996] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 14.378175] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.378209] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.378274] Call Trace: [ 14.378306] <TASK> [ 14.378360] dump_stack_lvl+0x73/0xb0 [ 14.378403] print_report+0xd1/0x650 [ 14.378431] ? __virt_addr_valid+0x1db/0x2d0 [ 14.378457] ? kmalloc_oob_memset_4+0x166/0x330 [ 14.378481] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.378506] ? kmalloc_oob_memset_4+0x166/0x330 [ 14.378530] kasan_report+0x141/0x180 [ 14.378553] ? kmalloc_oob_memset_4+0x166/0x330 [ 14.378581] kasan_check_range+0x10c/0x1c0 [ 14.378602] __asan_memset+0x27/0x50 [ 14.378623] kmalloc_oob_memset_4+0x166/0x330 [ 14.378647] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 14.378673] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 14.378700] kunit_try_run_case+0x1a5/0x480 [ 14.378727] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.378749] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.378774] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.378798] ? __kthread_parkme+0x82/0x180 [ 14.378822] ? preempt_count_sub+0x50/0x80 [ 14.378849] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.378873] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.378897] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.378920] kthread+0x337/0x6f0 [ 14.378938] ? trace_preempt_on+0x20/0xc0 [ 14.378963] ? __pfx_kthread+0x10/0x10 [ 14.378982] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.379004] ? calculate_sigpending+0x7b/0xa0 [ 14.379028] ? __pfx_kthread+0x10/0x10 [ 14.379048] ret_from_fork+0x41/0x80 [ 14.379104] ? __pfx_kthread+0x10/0x10 [ 14.379126] ret_from_fork_asm+0x1a/0x30 [ 14.379159] </TASK> [ 14.379172] [ 14.389268] Allocated by task 195: [ 14.389491] kasan_save_stack+0x45/0x70 [ 14.389876] kasan_save_track+0x18/0x40 [ 14.390296] kasan_save_alloc_info+0x3b/0x50 [ 14.390724] __kasan_kmalloc+0xb7/0xc0 [ 14.391083] __kmalloc_cache_noprof+0x189/0x420 [ 14.391501] kmalloc_oob_memset_4+0xac/0x330 [ 14.391909] kunit_try_run_case+0x1a5/0x480 [ 14.392364] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.392602] kthread+0x337/0x6f0 [ 14.392820] ret_from_fork+0x41/0x80 [ 14.392995] ret_from_fork_asm+0x1a/0x30 [ 14.393493] [ 14.393731] The buggy address belongs to the object at ffff8881029e5700 [ 14.393731] which belongs to the cache kmalloc-128 of size 128 [ 14.394251] The buggy address is located 117 bytes inside of [ 14.394251] allocated 120-byte region [ffff8881029e5700, ffff8881029e5778) [ 14.394762] [ 14.394894] The buggy address belongs to the physical page: [ 14.395134] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e5 [ 14.395461] flags: 0x200000000000000(node=0|zone=2) [ 14.395706] page_type: f5(slab) [ 14.395926] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.396251] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.396630] page dumped because: kasan: bad access detected [ 14.396883] [ 14.397022] Memory state around the buggy address: [ 14.397545] ffff8881029e5600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.397810] ffff8881029e5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.398086] >ffff8881029e5700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 14.398428] ^ [ 14.398820] ffff8881029e5780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.399103] ffff8881029e5800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.399581] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 13.562845] ================================================================== [ 13.563829] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 13.564762] Read of size 1 at addr ffff888103a40000 by task kunit_try_catch/175 [ 13.565747] [ 13.565918] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 13.565985] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.566009] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.566052] Call Trace: [ 13.566082] <TASK> [ 13.566123] dump_stack_lvl+0x73/0xb0 [ 13.566188] print_report+0xd1/0x650 [ 13.566231] ? __virt_addr_valid+0x1db/0x2d0 [ 13.566259] ? page_alloc_uaf+0x356/0x3d0 [ 13.566292] ? kasan_addr_to_slab+0x11/0xa0 [ 13.566324] ? page_alloc_uaf+0x356/0x3d0 [ 13.566371] kasan_report+0x141/0x180 [ 13.566413] ? page_alloc_uaf+0x356/0x3d0 [ 13.566461] __asan_report_load1_noabort+0x18/0x20 [ 13.566505] page_alloc_uaf+0x356/0x3d0 [ 13.566544] ? __pfx_page_alloc_uaf+0x10/0x10 [ 13.566605] kunit_try_run_case+0x1a5/0x480 [ 13.566655] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.566682] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.566711] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.566737] ? __kthread_parkme+0x82/0x180 [ 13.566762] ? preempt_count_sub+0x50/0x80 [ 13.566792] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.566818] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.566843] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.566868] kthread+0x337/0x6f0 [ 13.566887] ? trace_preempt_on+0x20/0xc0 [ 13.566914] ? __pfx_kthread+0x10/0x10 [ 13.566934] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.566958] ? calculate_sigpending+0x7b/0xa0 [ 13.566983] ? __pfx_kthread+0x10/0x10 [ 13.567003] ret_from_fork+0x41/0x80 [ 13.567027] ? __pfx_kthread+0x10/0x10 [ 13.567047] ret_from_fork_asm+0x1a/0x30 [ 13.567129] </TASK> [ 13.567160] [ 13.581063] The buggy address belongs to the physical page: [ 13.581984] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a40 [ 13.582764] flags: 0x200000000000000(node=0|zone=2) [ 13.583372] page_type: f0(buddy) [ 13.583835] raw: 0200000000000000 ffff88817fffb470 ffff88817fffb470 0000000000000000 [ 13.584793] raw: 0000000000000000 0000000000000006 00000000f0000000 0000000000000000 [ 13.585324] page dumped because: kasan: bad access detected [ 13.585619] [ 13.585802] Memory state around the buggy address: [ 13.586107] ffff888103a3ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.586958] ffff888103a3ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.587501] >ffff888103a40000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.587749] ^ [ 13.588015] ffff888103a40080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.589168] ffff888103a40100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.589607] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 13.523754] ================================================================== [ 13.524354] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 13.525099] Free of addr ffff888102b44001 by task kunit_try_catch/171 [ 13.525561] [ 13.525739] CPU: 1 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 13.525980] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.526010] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.526056] Call Trace: [ 13.526086] <TASK> [ 13.526325] dump_stack_lvl+0x73/0xb0 [ 13.526430] print_report+0xd1/0x650 [ 13.526476] ? __virt_addr_valid+0x1db/0x2d0 [ 13.526505] ? kasan_addr_to_slab+0x11/0xa0 [ 13.526527] ? kfree+0x274/0x3f0 [ 13.526548] kasan_report_invalid_free+0x10a/0x130 [ 13.526573] ? kfree+0x274/0x3f0 [ 13.526595] ? kfree+0x274/0x3f0 [ 13.526613] __kasan_kfree_large+0x86/0xd0 [ 13.526636] free_large_kmalloc+0x4b/0x110 [ 13.526657] kfree+0x274/0x3f0 [ 13.526680] kmalloc_large_invalid_free+0x120/0x2b0 [ 13.526704] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 13.526727] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.526753] ? trace_hardirqs_on+0x37/0xe0 [ 13.526778] ? __pfx_read_tsc+0x10/0x10 [ 13.526799] ? ktime_get_ts64+0x86/0x230 [ 13.526826] kunit_try_run_case+0x1a5/0x480 [ 13.526852] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.526876] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.526902] ? __kthread_parkme+0x82/0x180 [ 13.526926] ? preempt_count_sub+0x50/0x80 [ 13.526952] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.526975] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.526999] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.527022] kthread+0x337/0x6f0 [ 13.527039] ? trace_preempt_on+0x20/0xc0 [ 13.527062] ? __pfx_kthread+0x10/0x10 [ 13.527208] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.527305] ? calculate_sigpending+0x7b/0xa0 [ 13.527369] ? __pfx_kthread+0x10/0x10 [ 13.527410] ret_from_fork+0x41/0x80 [ 13.527452] ? __pfx_kthread+0x10/0x10 [ 13.527491] ret_from_fork_asm+0x1a/0x30 [ 13.527546] </TASK> [ 13.527560] [ 13.539640] The buggy address belongs to the physical page: [ 13.540155] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b44 [ 13.541135] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.541723] flags: 0x200000000000040(head|node=0|zone=2) [ 13.542368] page_type: f8(unknown) [ 13.542645] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.543371] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.543786] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.544105] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.544828] head: 0200000000000002 ffffea00040ad101 00000000ffffffff 00000000ffffffff [ 13.545919] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.546381] page dumped because: kasan: bad access detected [ 13.546858] [ 13.547039] Memory state around the buggy address: [ 13.548124] ffff888102b43f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.548791] ffff888102b43f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.549064] >ffff888102b44000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.549395] ^ [ 13.549590] ffff888102b44080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.549832] ffff888102b44100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.550156] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 13.489769] ================================================================== [ 13.490731] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 13.491079] Read of size 1 at addr ffff8881022a4000 by task kunit_try_catch/169 [ 13.492431] [ 13.492602] CPU: 0 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 13.492698] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.492721] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.492760] Call Trace: [ 13.492785] <TASK> [ 13.492819] dump_stack_lvl+0x73/0xb0 [ 13.492874] print_report+0xd1/0x650 [ 13.492914] ? __virt_addr_valid+0x1db/0x2d0 [ 13.492951] ? kmalloc_large_uaf+0x2f1/0x340 [ 13.493329] ? kasan_addr_to_slab+0x11/0xa0 [ 13.493400] ? kmalloc_large_uaf+0x2f1/0x340 [ 13.493440] kasan_report+0x141/0x180 [ 13.493478] ? kmalloc_large_uaf+0x2f1/0x340 [ 13.493508] __asan_report_load1_noabort+0x18/0x20 [ 13.493532] kmalloc_large_uaf+0x2f1/0x340 [ 13.493555] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 13.493580] ? __schedule+0x10cc/0x2b60 [ 13.493607] ? __pfx_read_tsc+0x10/0x10 [ 13.493629] ? ktime_get_ts64+0x86/0x230 [ 13.493658] kunit_try_run_case+0x1a5/0x480 [ 13.493686] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.493710] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.493737] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.493763] ? __kthread_parkme+0x82/0x180 [ 13.493787] ? preempt_count_sub+0x50/0x80 [ 13.493815] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.493841] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.493866] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.493892] kthread+0x337/0x6f0 [ 13.493910] ? trace_preempt_on+0x20/0xc0 [ 13.493937] ? __pfx_kthread+0x10/0x10 [ 13.493956] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.493980] ? calculate_sigpending+0x7b/0xa0 [ 13.494004] ? __pfx_kthread+0x10/0x10 [ 13.494024] ret_from_fork+0x41/0x80 [ 13.494046] ? __pfx_kthread+0x10/0x10 [ 13.494068] ret_from_fork_asm+0x1a/0x30 [ 13.494121] </TASK> [ 13.494142] [ 13.508792] The buggy address belongs to the physical page: [ 13.509037] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022a4 [ 13.510278] flags: 0x200000000000000(node=0|zone=2) [ 13.510744] raw: 0200000000000000 ffffea000408aa08 ffff88815b039a80 0000000000000000 [ 13.511553] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.511914] page dumped because: kasan: bad access detected [ 13.512305] [ 13.512872] Memory state around the buggy address: [ 13.513094] ffff8881022a3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.514069] ffff8881022a3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.514823] >ffff8881022a4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.515491] ^ [ 13.516090] ffff8881022a4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.516551] ffff8881022a4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.516905] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 13.456751] ================================================================== [ 13.457425] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 13.457848] Write of size 1 at addr ffff8881022a600a by task kunit_try_catch/167 [ 13.458177] [ 13.458331] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 13.459242] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.459267] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.459304] Call Trace: [ 13.459330] <TASK> [ 13.459378] dump_stack_lvl+0x73/0xb0 [ 13.459418] print_report+0xd1/0x650 [ 13.459445] ? __virt_addr_valid+0x1db/0x2d0 [ 13.459470] ? kmalloc_large_oob_right+0x2e9/0x330 [ 13.459495] ? kasan_addr_to_slab+0x11/0xa0 [ 13.459518] ? kmalloc_large_oob_right+0x2e9/0x330 [ 13.459543] kasan_report+0x141/0x180 [ 13.459567] ? kmalloc_large_oob_right+0x2e9/0x330 [ 13.459596] __asan_report_store1_noabort+0x1b/0x30 [ 13.459619] kmalloc_large_oob_right+0x2e9/0x330 [ 13.459644] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 13.459669] ? __schedule+0x10cc/0x2b60 [ 13.459695] ? __pfx_read_tsc+0x10/0x10 [ 13.459716] ? ktime_get_ts64+0x86/0x230 [ 13.459745] kunit_try_run_case+0x1a5/0x480 [ 13.459773] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.459796] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.459822] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.459847] ? __kthread_parkme+0x82/0x180 [ 13.459871] ? preempt_count_sub+0x50/0x80 [ 13.459899] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.459924] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.459949] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.459973] kthread+0x337/0x6f0 [ 13.459991] ? trace_preempt_on+0x20/0xc0 [ 13.460016] ? __pfx_kthread+0x10/0x10 [ 13.460036] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.460059] ? calculate_sigpending+0x7b/0xa0 [ 13.460092] ? __pfx_kthread+0x10/0x10 [ 13.460111] ret_from_fork+0x41/0x80 [ 13.460133] ? __pfx_kthread+0x10/0x10 [ 13.460153] ret_from_fork_asm+0x1a/0x30 [ 13.460186] </TASK> [ 13.460199] [ 13.473177] The buggy address belongs to the physical page: [ 13.473656] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022a4 [ 13.474064] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.474410] flags: 0x200000000000040(head|node=0|zone=2) [ 13.474715] page_type: f8(unknown) [ 13.475215] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.475955] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.477066] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.477797] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.478525] head: 0200000000000002 ffffea000408a901 00000000ffffffff 00000000ffffffff [ 13.478927] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.479786] page dumped because: kasan: bad access detected [ 13.480189] [ 13.480384] Memory state around the buggy address: [ 13.481061] ffff8881022a5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.481729] ffff8881022a5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.482397] >ffff8881022a6000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.482694] ^ [ 13.483004] ffff8881022a6080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.483389] ffff8881022a6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.484014] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 13.415938] ================================================================== [ 13.416466] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 13.416810] Write of size 1 at addr ffff8881039f9f00 by task kunit_try_catch/165 [ 13.417134] [ 13.417392] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 13.417514] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.417542] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.417589] Call Trace: [ 13.417620] <TASK> [ 13.417672] dump_stack_lvl+0x73/0xb0 [ 13.417754] print_report+0xd1/0x650 [ 13.417805] ? __virt_addr_valid+0x1db/0x2d0 [ 13.417858] ? kmalloc_big_oob_right+0x316/0x370 [ 13.417908] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.417959] ? kmalloc_big_oob_right+0x316/0x370 [ 13.418008] kasan_report+0x141/0x180 [ 13.418050] ? kmalloc_big_oob_right+0x316/0x370 [ 13.418102] __asan_report_store1_noabort+0x1b/0x30 [ 13.418146] kmalloc_big_oob_right+0x316/0x370 [ 13.418270] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 13.418328] ? __schedule+0x10cc/0x2b60 [ 13.418397] ? __pfx_read_tsc+0x10/0x10 [ 13.418440] ? ktime_get_ts64+0x86/0x230 [ 13.418506] kunit_try_run_case+0x1a5/0x480 [ 13.418578] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.418618] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.418663] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.418688] ? __kthread_parkme+0x82/0x180 [ 13.418713] ? preempt_count_sub+0x50/0x80 [ 13.418741] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.418766] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.418790] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.418813] kthread+0x337/0x6f0 [ 13.418831] ? trace_preempt_on+0x20/0xc0 [ 13.418857] ? __pfx_kthread+0x10/0x10 [ 13.418876] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.418898] ? calculate_sigpending+0x7b/0xa0 [ 13.418922] ? __pfx_kthread+0x10/0x10 [ 13.418941] ret_from_fork+0x41/0x80 [ 13.418962] ? __pfx_kthread+0x10/0x10 [ 13.418981] ret_from_fork_asm+0x1a/0x30 [ 13.419015] </TASK> [ 13.419028] [ 13.432214] Allocated by task 165: [ 13.433410] kasan_save_stack+0x45/0x70 [ 13.434661] kasan_save_track+0x18/0x40 [ 13.436058] kasan_save_alloc_info+0x3b/0x50 [ 13.436691] __kasan_kmalloc+0xb7/0xc0 [ 13.436872] __kmalloc_cache_noprof+0x189/0x420 [ 13.437563] kmalloc_big_oob_right+0xa9/0x370 [ 13.437818] kunit_try_run_case+0x1a5/0x480 [ 13.438390] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.438682] kthread+0x337/0x6f0 [ 13.438863] ret_from_fork+0x41/0x80 [ 13.439185] ret_from_fork_asm+0x1a/0x30 [ 13.439618] [ 13.439772] The buggy address belongs to the object at ffff8881039f8000 [ 13.439772] which belongs to the cache kmalloc-8k of size 8192 [ 13.440480] The buggy address is located 0 bytes to the right of [ 13.440480] allocated 7936-byte region [ffff8881039f8000, ffff8881039f9f00) [ 13.441556] [ 13.441716] The buggy address belongs to the physical page: [ 13.442015] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f8 [ 13.442561] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.443563] flags: 0x200000000000040(head|node=0|zone=2) [ 13.444000] page_type: f5(slab) [ 13.444491] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 13.444839] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 13.445351] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 13.445809] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 13.446166] head: 0200000000000003 ffffea00040e7e01 00000000ffffffff 00000000ffffffff [ 13.446745] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 13.447192] page dumped because: kasan: bad access detected [ 13.447521] [ 13.447630] Memory state around the buggy address: [ 13.447849] ffff8881039f9e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.448427] ffff8881039f9e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.448705] >ffff8881039f9f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.449239] ^ [ 13.449522] ffff8881039f9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.449918] ffff8881039fa000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.450369] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 13.355630] ================================================================== [ 13.356137] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 13.357043] Write of size 1 at addr ffff8881029e5378 by task kunit_try_catch/163 [ 13.357780] [ 13.358032] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 13.358132] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.358511] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.358548] Call Trace: [ 13.358576] <TASK> [ 13.358608] dump_stack_lvl+0x73/0xb0 [ 13.358648] print_report+0xd1/0x650 [ 13.358674] ? __virt_addr_valid+0x1db/0x2d0 [ 13.358699] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 13.358720] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.358743] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 13.358765] kasan_report+0x141/0x180 [ 13.358788] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 13.358815] __asan_report_store1_noabort+0x1b/0x30 [ 13.358836] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 13.358858] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 13.358881] ? __schedule+0x10cc/0x2b60 [ 13.358905] ? __pfx_read_tsc+0x10/0x10 [ 13.358926] ? ktime_get_ts64+0x86/0x230 [ 13.358954] kunit_try_run_case+0x1a5/0x480 [ 13.358980] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.359002] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.359027] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.359051] ? __kthread_parkme+0x82/0x180 [ 13.359094] ? preempt_count_sub+0x50/0x80 [ 13.359122] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.359145] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.359169] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.359192] kthread+0x337/0x6f0 [ 13.359235] ? trace_preempt_on+0x20/0xc0 [ 13.359287] ? __pfx_kthread+0x10/0x10 [ 13.359320] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.359368] ? calculate_sigpending+0x7b/0xa0 [ 13.359393] ? __pfx_kthread+0x10/0x10 [ 13.359413] ret_from_fork+0x41/0x80 [ 13.359436] ? __pfx_kthread+0x10/0x10 [ 13.359456] ret_from_fork_asm+0x1a/0x30 [ 13.359490] </TASK> [ 13.359503] [ 13.370625] Allocated by task 163: [ 13.370821] kasan_save_stack+0x45/0x70 [ 13.371548] kasan_save_track+0x18/0x40 [ 13.371908] kasan_save_alloc_info+0x3b/0x50 [ 13.372488] __kasan_kmalloc+0xb7/0xc0 [ 13.372839] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 13.373556] kmalloc_track_caller_oob_right+0x99/0x520 [ 13.373963] kunit_try_run_case+0x1a5/0x480 [ 13.374575] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.374909] kthread+0x337/0x6f0 [ 13.375460] ret_from_fork+0x41/0x80 [ 13.375738] ret_from_fork_asm+0x1a/0x30 [ 13.375993] [ 13.376170] The buggy address belongs to the object at ffff8881029e5300 [ 13.376170] which belongs to the cache kmalloc-128 of size 128 [ 13.377103] The buggy address is located 0 bytes to the right of [ 13.377103] allocated 120-byte region [ffff8881029e5300, ffff8881029e5378) [ 13.378480] [ 13.378683] The buggy address belongs to the physical page: [ 13.378997] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e5 [ 13.379694] flags: 0x200000000000000(node=0|zone=2) [ 13.380169] page_type: f5(slab) [ 13.380679] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.381100] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.381834] page dumped because: kasan: bad access detected [ 13.382108] [ 13.382555] Memory state around the buggy address: [ 13.382979] ffff8881029e5200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.383579] ffff8881029e5280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.384040] >ffff8881029e5300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 13.384694] ^ [ 13.385049] ffff8881029e5380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.385475] ffff8881029e5400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.386058] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 13.311431] ================================================================== [ 13.311930] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 13.312674] Read of size 1 at addr ffff888102667000 by task kunit_try_catch/161 [ 13.313460] [ 13.313763] CPU: 0 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 13.313911] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.313941] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.313987] Call Trace: [ 13.314018] <TASK> [ 13.314060] dump_stack_lvl+0x73/0xb0 [ 13.314166] print_report+0xd1/0x650 [ 13.314275] ? __virt_addr_valid+0x1db/0x2d0 [ 13.314329] ? kmalloc_node_oob_right+0x369/0x3c0 [ 13.314390] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.314439] ? kmalloc_node_oob_right+0x369/0x3c0 [ 13.314478] kasan_report+0x141/0x180 [ 13.314532] ? kmalloc_node_oob_right+0x369/0x3c0 [ 13.314582] __asan_report_load1_noabort+0x18/0x20 [ 13.314615] kmalloc_node_oob_right+0x369/0x3c0 [ 13.314639] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 13.314662] ? __schedule+0x10cc/0x2b60 [ 13.314688] ? __pfx_read_tsc+0x10/0x10 [ 13.314712] ? ktime_get_ts64+0x86/0x230 [ 13.314740] kunit_try_run_case+0x1a5/0x480 [ 13.314769] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.314792] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.314819] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.314844] ? __kthread_parkme+0x82/0x180 [ 13.314868] ? preempt_count_sub+0x50/0x80 [ 13.314897] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.314922] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.314947] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.314971] kthread+0x337/0x6f0 [ 13.314989] ? trace_preempt_on+0x20/0xc0 [ 13.315015] ? __pfx_kthread+0x10/0x10 [ 13.315034] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.315057] ? calculate_sigpending+0x7b/0xa0 [ 13.315101] ? __pfx_kthread+0x10/0x10 [ 13.315122] ret_from_fork+0x41/0x80 [ 13.315145] ? __pfx_kthread+0x10/0x10 [ 13.315164] ret_from_fork_asm+0x1a/0x30 [ 13.315199] </TASK> [ 13.315221] [ 13.329115] Allocated by task 161: [ 13.329662] kasan_save_stack+0x45/0x70 [ 13.329973] kasan_save_track+0x18/0x40 [ 13.330884] kasan_save_alloc_info+0x3b/0x50 [ 13.331175] __kasan_kmalloc+0xb7/0xc0 [ 13.331419] __kmalloc_cache_node_noprof+0x188/0x420 [ 13.332079] kmalloc_node_oob_right+0xab/0x3c0 [ 13.332288] kunit_try_run_case+0x1a5/0x480 [ 13.332695] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.332992] kthread+0x337/0x6f0 [ 13.333746] ret_from_fork+0x41/0x80 [ 13.334067] ret_from_fork_asm+0x1a/0x30 [ 13.334600] [ 13.334881] The buggy address belongs to the object at ffff888102666000 [ 13.334881] which belongs to the cache kmalloc-4k of size 4096 [ 13.335705] The buggy address is located 0 bytes to the right of [ 13.335705] allocated 4096-byte region [ffff888102666000, ffff888102667000) [ 13.337114] [ 13.337264] The buggy address belongs to the physical page: [ 13.337651] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102660 [ 13.338892] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.339243] flags: 0x200000000000040(head|node=0|zone=2) [ 13.340031] page_type: f5(slab) [ 13.340715] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 13.341428] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 13.341917] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 13.342672] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 13.343015] head: 0200000000000003 ffffea0004099801 00000000ffffffff 00000000ffffffff [ 13.344009] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 13.344614] page dumped because: kasan: bad access detected [ 13.344950] [ 13.345464] Memory state around the buggy address: [ 13.345907] ffff888102666f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.346439] ffff888102666f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.346972] >ffff888102667000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.347513] ^ [ 13.347817] ffff888102667080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.348122] ffff888102667100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.348632] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 13.270855] ================================================================== [ 13.271473] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 13.272330] Read of size 1 at addr ffff88810231789f by task kunit_try_catch/159 [ 13.272937] [ 13.273111] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 13.273219] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.273242] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.273282] Call Trace: [ 13.273306] <TASK> [ 13.273359] dump_stack_lvl+0x73/0xb0 [ 13.273425] print_report+0xd1/0x650 [ 13.273472] ? __virt_addr_valid+0x1db/0x2d0 [ 13.273523] ? kmalloc_oob_left+0x361/0x3c0 [ 13.273566] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.273603] ? kmalloc_oob_left+0x361/0x3c0 [ 13.273638] kasan_report+0x141/0x180 [ 13.273675] ? kmalloc_oob_left+0x361/0x3c0 [ 13.273720] __asan_report_load1_noabort+0x18/0x20 [ 13.273754] kmalloc_oob_left+0x361/0x3c0 [ 13.273789] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 13.273824] ? __schedule+0x10cc/0x2b60 [ 13.273865] ? __pfx_read_tsc+0x10/0x10 [ 13.273900] ? ktime_get_ts64+0x86/0x230 [ 13.273944] kunit_try_run_case+0x1a5/0x480 [ 13.273982] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.274013] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.274047] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.274640] ? __kthread_parkme+0x82/0x180 [ 13.274732] ? preempt_count_sub+0x50/0x80 [ 13.274845] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.274889] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.274929] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.274967] kthread+0x337/0x6f0 [ 13.274996] ? trace_preempt_on+0x20/0xc0 [ 13.275038] ? __pfx_kthread+0x10/0x10 [ 13.275070] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.275111] ? calculate_sigpending+0x7b/0xa0 [ 13.275154] ? __pfx_kthread+0x10/0x10 [ 13.275194] ret_from_fork+0x41/0x80 [ 13.275239] ? __pfx_kthread+0x10/0x10 [ 13.275280] ret_from_fork_asm+0x1a/0x30 [ 13.275368] </TASK> [ 13.275493] [ 13.288112] Allocated by task 24: [ 13.288360] kasan_save_stack+0x45/0x70 [ 13.288556] kasan_save_track+0x18/0x40 [ 13.288707] kasan_save_alloc_info+0x3b/0x50 [ 13.289109] __kasan_kmalloc+0xb7/0xc0 [ 13.289686] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 13.290581] kvasprintf+0xc5/0x150 [ 13.290932] __kthread_create_on_node+0x18b/0x3a0 [ 13.291482] kthread_create_on_node+0xab/0xe0 [ 13.292095] create_worker+0x3e5/0x7b0 [ 13.292309] worker_thread+0x992/0x1220 [ 13.292503] kthread+0x337/0x6f0 [ 13.293177] ret_from_fork+0x41/0x80 [ 13.293819] ret_from_fork_asm+0x1a/0x30 [ 13.294101] [ 13.294701] The buggy address belongs to the object at ffff888102317880 [ 13.294701] which belongs to the cache kmalloc-16 of size 16 [ 13.295682] The buggy address is located 19 bytes to the right of [ 13.295682] allocated 12-byte region [ffff888102317880, ffff88810231788c) [ 13.297162] [ 13.297420] The buggy address belongs to the physical page: [ 13.297652] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102317 [ 13.298568] flags: 0x200000000000000(node=0|zone=2) [ 13.298825] page_type: f5(slab) [ 13.299120] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.299461] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.299793] page dumped because: kasan: bad access detected [ 13.300070] [ 13.300238] Memory state around the buggy address: [ 13.301487] ffff888102317780: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 13.301903] ffff888102317800: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.303145] >ffff888102317880: 00 04 fc fc 00 07 fc fc fc fc fc fc fc fc fc fc [ 13.303541] ^ [ 13.303859] ffff888102317900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.304914] ffff888102317980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.305494] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 13.208939] ================================================================== [ 13.209568] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 13.209988] Write of size 1 at addr ffff8881025fa078 by task kunit_try_catch/157 [ 13.210901] [ 13.211560] CPU: 0 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 13.211671] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.211697] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.211736] Call Trace: [ 13.211766] <TASK> [ 13.211804] dump_stack_lvl+0x73/0xb0 [ 13.211865] print_report+0xd1/0x650 [ 13.211914] ? __virt_addr_valid+0x1db/0x2d0 [ 13.211944] ? kmalloc_oob_right+0x6bd/0x7f0 [ 13.211968] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.211993] ? kmalloc_oob_right+0x6bd/0x7f0 [ 13.212017] kasan_report+0x141/0x180 [ 13.212042] ? kmalloc_oob_right+0x6bd/0x7f0 [ 13.212102] __asan_report_store1_noabort+0x1b/0x30 [ 13.212125] kmalloc_oob_right+0x6bd/0x7f0 [ 13.212150] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 13.212175] ? __schedule+0x10cc/0x2b60 [ 13.212201] ? __pfx_read_tsc+0x10/0x10 [ 13.212222] ? ktime_get_ts64+0x86/0x230 [ 13.212251] kunit_try_run_case+0x1a5/0x480 [ 13.212278] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.212302] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.212328] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.212375] ? __kthread_parkme+0x82/0x180 [ 13.212400] ? preempt_count_sub+0x50/0x80 [ 13.212428] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.212454] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.212480] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.212504] kthread+0x337/0x6f0 [ 13.212523] ? trace_preempt_on+0x20/0xc0 [ 13.212549] ? __pfx_kthread+0x10/0x10 [ 13.212569] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.212592] ? calculate_sigpending+0x7b/0xa0 [ 13.212616] ? __pfx_kthread+0x10/0x10 [ 13.212635] ret_from_fork+0x41/0x80 [ 13.212658] ? __pfx_kthread+0x10/0x10 [ 13.212677] ret_from_fork_asm+0x1a/0x30 [ 13.212711] </TASK> [ 13.212724] [ 13.224740] Allocated by task 157: [ 13.224954] kasan_save_stack+0x45/0x70 [ 13.225449] kasan_save_track+0x18/0x40 [ 13.225753] kasan_save_alloc_info+0x3b/0x50 [ 13.225960] __kasan_kmalloc+0xb7/0xc0 [ 13.226377] __kmalloc_cache_noprof+0x189/0x420 [ 13.226839] kmalloc_oob_right+0xa9/0x7f0 [ 13.227226] kunit_try_run_case+0x1a5/0x480 [ 13.227450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.227773] kthread+0x337/0x6f0 [ 13.228140] ret_from_fork+0x41/0x80 [ 13.228488] ret_from_fork_asm+0x1a/0x30 [ 13.228783] [ 13.228903] The buggy address belongs to the object at ffff8881025fa000 [ 13.228903] which belongs to the cache kmalloc-128 of size 128 [ 13.229632] The buggy address is located 5 bytes to the right of [ 13.229632] allocated 115-byte region [ffff8881025fa000, ffff8881025fa073) [ 13.230684] [ 13.230871] The buggy address belongs to the physical page: [ 13.231130] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025fa [ 13.231425] flags: 0x200000000000000(node=0|zone=2) [ 13.231834] page_type: f5(slab) [ 13.232254] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.232805] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.233130] page dumped because: kasan: bad access detected [ 13.233580] [ 13.233837] Memory state around the buggy address: [ 13.234636] ffff8881025f9f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.235195] ffff8881025f9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.235571] >ffff8881025fa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.236328] ^ [ 13.236726] ffff8881025fa080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.237408] ffff8881025fa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.238006] ================================================================== [ 13.163387] ================================================================== [ 13.165980] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 13.167753] Write of size 1 at addr ffff8881025fa073 by task kunit_try_catch/157 [ 13.168921] [ 13.171481] CPU: 0 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 13.172116] Tainted: [N]=TEST [ 13.172183] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.172853] Call Trace: [ 13.173024] <TASK> [ 13.173553] dump_stack_lvl+0x73/0xb0 [ 13.173761] print_report+0xd1/0x650 [ 13.173827] ? __virt_addr_valid+0x1db/0x2d0 [ 13.173880] ? kmalloc_oob_right+0x6f0/0x7f0 [ 13.173926] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.173974] ? kmalloc_oob_right+0x6f0/0x7f0 [ 13.174018] kasan_report+0x141/0x180 [ 13.174060] ? kmalloc_oob_right+0x6f0/0x7f0 [ 13.174149] __asan_report_store1_noabort+0x1b/0x30 [ 13.174189] kmalloc_oob_right+0x6f0/0x7f0 [ 13.174246] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 13.174285] ? __schedule+0x10cc/0x2b60 [ 13.174326] ? __pfx_read_tsc+0x10/0x10 [ 13.174380] ? ktime_get_ts64+0x86/0x230 [ 13.174415] kunit_try_run_case+0x1a5/0x480 [ 13.174448] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.174471] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.174499] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.174524] ? __kthread_parkme+0x82/0x180 [ 13.174549] ? preempt_count_sub+0x50/0x80 [ 13.174577] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.174602] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.174626] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.174651] kthread+0x337/0x6f0 [ 13.174669] ? trace_preempt_on+0x20/0xc0 [ 13.174695] ? __pfx_kthread+0x10/0x10 [ 13.174715] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.174738] ? calculate_sigpending+0x7b/0xa0 [ 13.174762] ? __pfx_kthread+0x10/0x10 [ 13.174782] ret_from_fork+0x41/0x80 [ 13.174804] ? __pfx_kthread+0x10/0x10 [ 13.174824] ret_from_fork_asm+0x1a/0x30 [ 13.174900] </TASK> [ 13.174987] [ 13.188384] Allocated by task 157: [ 13.188979] kasan_save_stack+0x45/0x70 [ 13.189529] kasan_save_track+0x18/0x40 [ 13.189830] kasan_save_alloc_info+0x3b/0x50 [ 13.190037] __kasan_kmalloc+0xb7/0xc0 [ 13.190634] __kmalloc_cache_noprof+0x189/0x420 [ 13.191004] kmalloc_oob_right+0xa9/0x7f0 [ 13.191757] kunit_try_run_case+0x1a5/0x480 [ 13.192247] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.192507] kthread+0x337/0x6f0 [ 13.192822] ret_from_fork+0x41/0x80 [ 13.193150] ret_from_fork_asm+0x1a/0x30 [ 13.193677] [ 13.193827] The buggy address belongs to the object at ffff8881025fa000 [ 13.193827] which belongs to the cache kmalloc-128 of size 128 [ 13.194161] The buggy address is located 0 bytes to the right of [ 13.194161] allocated 115-byte region [ffff8881025fa000, ffff8881025fa073) [ 13.194512] [ 13.194958] The buggy address belongs to the physical page: [ 13.196370] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025fa [ 13.197470] flags: 0x200000000000000(node=0|zone=2) [ 13.198585] page_type: f5(slab) [ 13.199263] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.199645] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.200229] page dumped because: kasan: bad access detected [ 13.200745] [ 13.201301] Memory state around the buggy address: [ 13.202149] ffff8881025f9f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.202980] ffff8881025f9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.203612] >ffff8881025fa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.203995] ^ [ 13.204880] ffff8881025fa080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.205552] ffff8881025fa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.206109] ================================================================== [ 13.240157] ================================================================== [ 13.240603] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 13.241075] Read of size 1 at addr ffff8881025fa080 by task kunit_try_catch/157 [ 13.241563] [ 13.241666] CPU: 0 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 13.241728] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.241742] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.241767] Call Trace: [ 13.241792] <TASK> [ 13.241819] dump_stack_lvl+0x73/0xb0 [ 13.241855] print_report+0xd1/0x650 [ 13.241881] ? __virt_addr_valid+0x1db/0x2d0 [ 13.241908] ? kmalloc_oob_right+0x68a/0x7f0 [ 13.241932] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.241957] ? kmalloc_oob_right+0x68a/0x7f0 [ 13.241982] kasan_report+0x141/0x180 [ 13.242008] ? kmalloc_oob_right+0x68a/0x7f0 [ 13.242037] __asan_report_load1_noabort+0x18/0x20 [ 13.242061] kmalloc_oob_right+0x68a/0x7f0 [ 13.242113] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 13.242152] ? __schedule+0x10cc/0x2b60 [ 13.242195] ? __pfx_read_tsc+0x10/0x10 [ 13.242234] ? ktime_get_ts64+0x86/0x230 [ 13.242284] kunit_try_run_case+0x1a5/0x480 [ 13.242333] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.242396] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.242443] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.242489] ? __kthread_parkme+0x82/0x180 [ 13.242536] ? preempt_count_sub+0x50/0x80 [ 13.242593] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.242643] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.242686] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.242723] kthread+0x337/0x6f0 [ 13.242752] ? trace_preempt_on+0x20/0xc0 [ 13.242797] ? __pfx_kthread+0x10/0x10 [ 13.242830] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.242874] ? calculate_sigpending+0x7b/0xa0 [ 13.242919] ? __pfx_kthread+0x10/0x10 [ 13.242959] ret_from_fork+0x41/0x80 [ 13.242999] ? __pfx_kthread+0x10/0x10 [ 13.243036] ret_from_fork_asm+0x1a/0x30 [ 13.243098] </TASK> [ 13.243123] [ 13.252172] Allocated by task 157: [ 13.252513] kasan_save_stack+0x45/0x70 [ 13.252733] kasan_save_track+0x18/0x40 [ 13.253104] kasan_save_alloc_info+0x3b/0x50 [ 13.253329] __kasan_kmalloc+0xb7/0xc0 [ 13.253668] __kmalloc_cache_noprof+0x189/0x420 [ 13.253876] kmalloc_oob_right+0xa9/0x7f0 [ 13.254245] kunit_try_run_case+0x1a5/0x480 [ 13.254472] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.254842] kthread+0x337/0x6f0 [ 13.255157] ret_from_fork+0x41/0x80 [ 13.255369] ret_from_fork_asm+0x1a/0x30 [ 13.255567] [ 13.255685] The buggy address belongs to the object at ffff8881025fa000 [ 13.255685] which belongs to the cache kmalloc-128 of size 128 [ 13.256215] The buggy address is located 13 bytes to the right of [ 13.256215] allocated 115-byte region [ffff8881025fa000, ffff8881025fa073) [ 13.257148] [ 13.257350] The buggy address belongs to the physical page: [ 13.257622] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025fa [ 13.258152] flags: 0x200000000000000(node=0|zone=2) [ 13.258560] page_type: f5(slab) [ 13.258828] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.259235] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.259528] page dumped because: kasan: bad access detected [ 13.259748] [ 13.259861] Memory state around the buggy address: [ 13.260094] ffff8881025f9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.260376] ffff8881025fa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.260890] >ffff8881025fa080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.261529] ^ [ 13.261840] ffff8881025fa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.262387] ffff8881025fa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.262904] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 165.337187] WARNING: CPU: 1 PID: 2743 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 165.337628] Modules linked in: [ 165.337911] CPU: 1 UID: 0 PID: 2743 Comm: kunit_try_catch Tainted: G B D W N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 165.339560] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 165.339846] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 165.341042] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 165.341782] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 40 c3 1a 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 165.342964] RSP: 0000:ffff8881042e7c78 EFLAGS: 00010286 [ 165.343338] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 165.344035] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffb8824094 [ 165.344599] RBP: ffff8881042e7ca0 R08: 0000000000000000 R09: ffffed1020dd0c80 [ 165.345053] R10: ffff888106e86407 R11: 0000000000000000 R12: ffffffffb8824080 [ 165.346108] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881042e7d38 [ 165.346603] FS: 0000000000000000(0000) GS:ffff8881a0992000(0000) knlGS:0000000000000000 [ 165.347091] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 165.347373] CR2: 00007ffff7ffe000 CR3: 0000000013aba000 CR4: 00000000000006f0 [ 165.347978] DR0: ffffffffba831900 DR1: ffffffffba831901 DR2: ffffffffba831903 [ 165.348529] DR3: ffffffffba831905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 165.349154] Call Trace: [ 165.349431] <TASK> [ 165.350187] drm_test_rect_calc_vscale+0x108/0x270 [ 165.350465] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 165.350966] ? __schedule+0x10cc/0x2b60 [ 165.351506] ? __pfx_read_tsc+0x10/0x10 [ 165.351817] ? ktime_get_ts64+0x86/0x230 [ 165.352185] kunit_try_run_case+0x1a5/0x480 [ 165.352459] ? __pfx_kunit_try_run_case+0x10/0x10 [ 165.353074] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 165.353938] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 165.354537] ? __kthread_parkme+0x82/0x180 [ 165.354799] ? preempt_count_sub+0x50/0x80 [ 165.355113] ? __pfx_kunit_try_run_case+0x10/0x10 [ 165.355726] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 165.355994] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 165.356504] kthread+0x337/0x6f0 [ 165.356688] ? trace_preempt_on+0x20/0xc0 [ 165.357163] ? __pfx_kthread+0x10/0x10 [ 165.357705] ? _raw_spin_unlock_irq+0x47/0x80 [ 165.358006] ? calculate_sigpending+0x7b/0xa0 [ 165.358852] ? __pfx_kthread+0x10/0x10 [ 165.359197] ret_from_fork+0x41/0x80 [ 165.359704] ? __pfx_kthread+0x10/0x10 [ 165.359913] ret_from_fork_asm+0x1a/0x30 [ 165.360508] </TASK> [ 165.360714] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 165.306082] WARNING: CPU: 1 PID: 2741 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 165.307155] Modules linked in: [ 165.307926] CPU: 1 UID: 0 PID: 2741 Comm: kunit_try_catch Tainted: G B D W N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 165.308567] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 165.308869] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 165.311241] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 165.311976] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 40 c3 1a 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 165.313160] RSP: 0000:ffff888102f77c78 EFLAGS: 00010286 [ 165.313618] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 165.314131] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffb882405c [ 165.314546] RBP: ffff888102f77ca0 R08: 0000000000000000 R09: ffffed1020dd0c40 [ 165.315079] R10: ffff888106e86207 R11: 0000000000000000 R12: ffffffffb8824048 [ 165.315777] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888102f77d38 [ 165.316206] FS: 0000000000000000(0000) GS:ffff8881a0992000(0000) knlGS:0000000000000000 [ 165.316692] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 165.317192] CR2: 00007ffff7ffe000 CR3: 0000000013aba000 CR4: 00000000000006f0 [ 165.317691] DR0: ffffffffba831900 DR1: ffffffffba831901 DR2: ffffffffba831903 [ 165.318228] DR3: ffffffffba831905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 165.318672] Call Trace: [ 165.319660] <TASK> [ 165.320191] drm_test_rect_calc_vscale+0x108/0x270 [ 165.320771] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 165.321481] ? __schedule+0x10cc/0x2b60 [ 165.321718] ? __pfx_read_tsc+0x10/0x10 [ 165.322090] ? ktime_get_ts64+0x86/0x230 [ 165.322751] kunit_try_run_case+0x1a5/0x480 [ 165.323845] ? __pfx_kunit_try_run_case+0x10/0x10 [ 165.324146] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 165.324485] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 165.324782] ? __kthread_parkme+0x82/0x180 [ 165.325038] ? preempt_count_sub+0x50/0x80 [ 165.326179] ? __pfx_kunit_try_run_case+0x10/0x10 [ 165.326486] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 165.326951] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 165.327684] kthread+0x337/0x6f0 [ 165.327967] ? trace_preempt_on+0x20/0xc0 [ 165.328224] ? __pfx_kthread+0x10/0x10 [ 165.328790] ? _raw_spin_unlock_irq+0x47/0x80 [ 165.329054] ? calculate_sigpending+0x7b/0xa0 [ 165.329253] ? __pfx_kthread+0x10/0x10 [ 165.329622] ret_from_fork+0x41/0x80 [ 165.329975] ? __pfx_kthread+0x10/0x10 [ 165.330493] ret_from_fork_asm+0x1a/0x30 [ 165.330753] </TASK> [ 165.330991] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 165.257637] WARNING: CPU: 1 PID: 2731 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 165.258171] Modules linked in: [ 165.258459] CPU: 1 UID: 0 PID: 2731 Comm: kunit_try_catch Tainted: G B D W N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 165.259180] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 165.259731] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 165.260204] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 165.260983] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 165.262082] RSP: 0000:ffff888104297c78 EFLAGS: 00010286 [ 165.262750] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 165.263147] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffb8824098 [ 165.264200] RBP: ffff888104297ca0 R08: 0000000000000000 R09: ffffed10206531a0 [ 165.264922] R10: ffff888103298d07 R11: 0000000000000000 R12: ffffffffb8824080 [ 165.266183] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888104297d38 [ 165.267031] FS: 0000000000000000(0000) GS:ffff8881a0992000(0000) knlGS:0000000000000000 [ 165.267897] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 165.268460] CR2: 00007ffff7ffe000 CR3: 0000000013aba000 CR4: 00000000000006f0 [ 165.268911] DR0: ffffffffba831900 DR1: ffffffffba831901 DR2: ffffffffba831903 [ 165.270131] DR3: ffffffffba831905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 165.270545] Call Trace: [ 165.270683] <TASK> [ 165.270858] drm_test_rect_calc_hscale+0x108/0x270 [ 165.271713] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 165.272035] ? __schedule+0x10cc/0x2b60 [ 165.272806] ? __pfx_read_tsc+0x10/0x10 [ 165.273076] ? ktime_get_ts64+0x86/0x230 [ 165.273646] kunit_try_run_case+0x1a5/0x480 [ 165.274093] ? __pfx_kunit_try_run_case+0x10/0x10 [ 165.274489] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 165.275389] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 165.275678] ? __kthread_parkme+0x82/0x180 [ 165.276347] ? preempt_count_sub+0x50/0x80 [ 165.276603] ? __pfx_kunit_try_run_case+0x10/0x10 [ 165.276804] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 165.278036] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 165.278762] kthread+0x337/0x6f0 [ 165.279010] ? trace_preempt_on+0x20/0xc0 [ 165.279857] ? __pfx_kthread+0x10/0x10 [ 165.280120] ? _raw_spin_unlock_irq+0x47/0x80 [ 165.280327] ? calculate_sigpending+0x7b/0xa0 [ 165.281017] ? __pfx_kthread+0x10/0x10 [ 165.281469] ret_from_fork+0x41/0x80 [ 165.281809] ? __pfx_kthread+0x10/0x10 [ 165.282026] ret_from_fork_asm+0x1a/0x30 [ 165.282610] </TASK> [ 165.282766] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 165.227179] WARNING: CPU: 1 PID: 2729 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 165.228399] Modules linked in: [ 165.229976] CPU: 1 UID: 0 PID: 2729 Comm: kunit_try_catch Tainted: G B D W N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 165.231024] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 165.231549] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 165.232038] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 165.232370] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 165.233641] RSP: 0000:ffff888106f47c78 EFLAGS: 00010286 [ 165.234163] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 165.235038] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffb8824060 [ 165.235752] RBP: ffff888106f47ca0 R08: 0000000000000000 R09: ffffed1020653160 [ 165.236132] R10: ffff888103298b07 R11: 0000000000000000 R12: ffffffffb8824048 [ 165.236746] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888106f47d38 [ 165.237142] FS: 0000000000000000(0000) GS:ffff8881a0992000(0000) knlGS:0000000000000000 [ 165.238105] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 165.238426] CR2: 00007ffff7ffe000 CR3: 0000000013aba000 CR4: 00000000000006f0 [ 165.239115] DR0: ffffffffba831900 DR1: ffffffffba831901 DR2: ffffffffba831903 [ 165.239972] DR3: ffffffffba831905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 165.240702] Call Trace: [ 165.240875] <TASK> [ 165.241046] drm_test_rect_calc_hscale+0x108/0x270 [ 165.241953] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 165.242465] ? __schedule+0x10cc/0x2b60 [ 165.242686] ? __pfx_read_tsc+0x10/0x10 [ 165.243625] ? ktime_get_ts64+0x86/0x230 [ 165.243912] kunit_try_run_case+0x1a5/0x480 [ 165.244184] ? __pfx_kunit_try_run_case+0x10/0x10 [ 165.244851] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 165.245460] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 165.245716] ? __kthread_parkme+0x82/0x180 [ 165.246077] ? preempt_count_sub+0x50/0x80 [ 165.247081] ? __pfx_kunit_try_run_case+0x10/0x10 [ 165.247474] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 165.247615] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 165.247745] kthread+0x337/0x6f0 [ 165.247835] ? trace_preempt_on+0x20/0xc0 [ 165.247952] ? __pfx_kthread+0x10/0x10 [ 165.248145] ? _raw_spin_unlock_irq+0x47/0x80 [ 165.248403] ? calculate_sigpending+0x7b/0xa0 [ 165.249520] ? __pfx_kthread+0x10/0x10 [ 165.249758] ret_from_fork+0x41/0x80 [ 165.249972] ? __pfx_kthread+0x10/0x10 [ 165.250962] ret_from_fork_asm+0x1a/0x30 [ 165.251396] </TASK> [ 165.251561] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 163.923247] WARNING: CPU: 1 PID: 2527 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 163.924537] Modules linked in: [ 163.924833] CPU: 1 UID: 0 PID: 2527 Comm: kunit_try_catch Tainted: G B D W N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 163.926056] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 163.926676] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 163.927450] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 163.928009] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 163.929367] RSP: 0000:ffff888102fcfb30 EFLAGS: 00010246 [ 163.929820] RAX: dffffc0000000000 RBX: ffff888102fcfc28 RCX: 0000000000000000 [ 163.930695] RDX: 1ffff110205f9f8e RSI: ffff888102fcfc28 RDI: ffff888102fcfc70 [ 163.931016] RBP: ffff888102fcfb70 R08: ffff88810268e000 R09: ffffffffb87cab60 [ 163.931535] R10: 0000000000000003 R11: 00000000c288f2f2 R12: ffff88810268e000 [ 163.931861] R13: ffff88810031fae8 R14: ffff888102fcfba8 R15: 0000000000000000 [ 163.932448] FS: 0000000000000000(0000) GS:ffff8881a0992000(0000) knlGS:0000000000000000 [ 163.932985] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 163.933315] CR2: 00007ffff7ffe000 CR3: 0000000013aba000 CR4: 00000000000006f0 [ 163.933782] DR0: ffffffffba831900 DR1: ffffffffba831901 DR2: ffffffffba831903 [ 163.934378] DR3: ffffffffba831905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 163.935388] Call Trace: [ 163.935662] <TASK> [ 163.935830] ? add_dr+0xc1/0x1d0 [ 163.936057] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 163.936356] ? add_dr+0x148/0x1d0 [ 163.936586] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 163.936959] ? __drmm_add_action+0x1a4/0x280 [ 163.937213] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 163.938455] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 163.938717] ? __drmm_add_action_or_reset+0x22/0x50 [ 163.939117] ? __schedule+0x10cc/0x2b60 [ 163.939678] ? __pfx_read_tsc+0x10/0x10 [ 163.939886] ? ktime_get_ts64+0x86/0x230 [ 163.940089] kunit_try_run_case+0x1a5/0x480 [ 163.940220] ? __pfx_kunit_try_run_case+0x10/0x10 [ 163.941302] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 163.942422] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 163.942728] ? __kthread_parkme+0x82/0x180 [ 163.942956] ? preempt_count_sub+0x50/0x80 [ 163.943965] ? __pfx_kunit_try_run_case+0x10/0x10 [ 163.944380] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 163.944866] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 163.945090] kthread+0x337/0x6f0 [ 163.945249] ? trace_preempt_on+0x20/0xc0 [ 163.945689] ? __pfx_kthread+0x10/0x10 [ 163.946875] ? _raw_spin_unlock_irq+0x47/0x80 [ 163.947194] ? calculate_sigpending+0x7b/0xa0 [ 163.947464] ? __pfx_kthread+0x10/0x10 [ 163.948134] ret_from_fork+0x41/0x80 [ 163.948337] ? __pfx_kthread+0x10/0x10 [ 163.948881] ret_from_fork_asm+0x1a/0x30 [ 163.949307] </TASK> [ 163.949791] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 163.870338] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 163.870784] WARNING: CPU: 0 PID: 2523 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 163.872178] Modules linked in: [ 163.873119] CPU: 0 UID: 0 PID: 2523 Comm: kunit_try_catch Tainted: G B D W N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 163.873960] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 163.874233] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 163.874765] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 163.875132] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 0b 86 84 00 48 c7 c1 60 5b 7c b8 4c 89 fa 48 c7 c7 c0 5b 7c b8 48 89 c6 e8 02 a1 81 fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 163.876398] RSP: 0000:ffff88810727fb68 EFLAGS: 00010282 [ 163.876841] RAX: 0000000000000000 RBX: ffff88810727fc40 RCX: 1ffffffff72a4b60 [ 163.877617] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 163.878088] RBP: ffff88810727fb90 R08: 0000000000000000 R09: fffffbfff72a4b60 [ 163.878817] R10: 0000000000000003 R11: 0000000000036990 R12: ffff88810727fc18 [ 163.879204] R13: ffff8881026c5000 R14: ffff88810251c000 R15: ffff888102799400 [ 163.879797] FS: 0000000000000000(0000) GS:ffff8881a0892000(0000) knlGS:0000000000000000 [ 163.880498] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 163.880926] CR2: 00007ffff7ffe000 CR3: 0000000013aba000 CR4: 00000000000006f0 [ 163.881552] DR0: ffffffffba831900 DR1: ffffffffba831901 DR2: ffffffffba831902 [ 163.882122] DR3: ffffffffba831903 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 163.882795] Call Trace: [ 163.883114] <TASK> [ 163.883549] drm_test_framebuffer_free+0x1ab/0x610 [ 163.883896] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 163.884441] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 163.884878] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 163.885310] ? __drmm_add_action_or_reset+0x22/0x50 [ 163.885850] ? __schedule+0x10cc/0x2b60 [ 163.886380] ? __pfx_read_tsc+0x10/0x10 [ 163.886599] ? ktime_get_ts64+0x86/0x230 [ 163.886949] kunit_try_run_case+0x1a5/0x480 [ 163.887408] ? __pfx_kunit_try_run_case+0x10/0x10 [ 163.887841] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 163.888418] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 163.888741] ? __kthread_parkme+0x82/0x180 [ 163.889163] ? preempt_count_sub+0x50/0x80 [ 163.889748] ? __pfx_kunit_try_run_case+0x10/0x10 [ 163.890133] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 163.890668] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 163.891145] kthread+0x337/0x6f0 [ 163.891495] ? trace_preempt_on+0x20/0xc0 [ 163.891890] ? __pfx_kthread+0x10/0x10 [ 163.892197] ? _raw_spin_unlock_irq+0x47/0x80 [ 163.892767] ? calculate_sigpending+0x7b/0xa0 [ 163.893116] ? __pfx_kthread+0x10/0x10 [ 163.893646] ret_from_fork+0x41/0x80 [ 163.894078] ? __pfx_kthread+0x10/0x10 [ 163.894537] ret_from_fork_asm+0x1a/0x30 [ 163.894942] </TASK> [ 163.895438] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 161.696789] WARNING: CPU: 1 PID: 1961 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 161.697678] Modules linked in: [ 161.698004] CPU: 1 UID: 0 PID: 1961 Comm: kunit_try_catch Tainted: G B D W N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 161.700131] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 161.700755] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 161.701810] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 161.702376] Code: 49 8d 7c 24 58 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 58 00 75 1b 5b 41 5c 5d c3 cc cc cc cc 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d e9 90 06 22 02 48 89 df e8 d8 [ 161.703380] RSP: 0000:ffff888107597c90 EFLAGS: 00010246 [ 161.704028] RAX: dffffc0000000000 RBX: ffff8881011e2000 RCX: 0000000000000000 [ 161.704896] RDX: 1ffff1102023c432 RSI: ffffffffb59f59b8 RDI: ffff8881011e2190 [ 161.705741] RBP: ffff888107597ca0 R08: 1ffff11020063f69 R09: ffffed1020eb2f65 [ 161.706143] R10: 0000000000000003 R11: ffffffffb4f82d58 R12: 0000000000000000 [ 161.706399] R13: ffff888107597d38 R14: ffff88810031fc50 R15: ffff88810031fc58 [ 161.706906] FS: 0000000000000000(0000) GS:ffff8881a0992000(0000) knlGS:0000000000000000 [ 161.707396] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 161.708010] CR2: 00007ffff7ffe000 CR3: 0000000013aba000 CR4: 00000000000006f0 [ 161.708753] DR0: ffffffffba831900 DR1: ffffffffba831901 DR2: ffffffffba831903 [ 161.709907] DR3: ffffffffba831905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 161.710405] Call Trace: [ 161.710655] <TASK> [ 161.710893] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 161.711178] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 161.711855] ? __schedule+0x10cc/0x2b60 [ 161.712150] ? __pfx_read_tsc+0x10/0x10 [ 161.712895] ? ktime_get_ts64+0x86/0x230 [ 161.713923] kunit_try_run_case+0x1a5/0x480 [ 161.714851] ? __pfx_kunit_try_run_case+0x10/0x10 [ 161.715415] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 161.715863] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 161.716341] ? __kthread_parkme+0x82/0x180 [ 161.716788] ? preempt_count_sub+0x50/0x80 [ 161.717797] ? __pfx_kunit_try_run_case+0x10/0x10 [ 161.718157] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 161.718756] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 161.719051] kthread+0x337/0x6f0 [ 161.719915] ? trace_preempt_on+0x20/0xc0 [ 161.720225] ? __pfx_kthread+0x10/0x10 [ 161.720598] ? _raw_spin_unlock_irq+0x47/0x80 [ 161.721193] ? calculate_sigpending+0x7b/0xa0 [ 161.722082] ? __pfx_kthread+0x10/0x10 [ 161.722624] ret_from_fork+0x41/0x80 [ 161.722869] ? __pfx_kthread+0x10/0x10 [ 161.723443] ret_from_fork_asm+0x1a/0x30 [ 161.723983] </TASK> [ 161.724348] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 161.571216] WARNING: CPU: 0 PID: 1953 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 161.572365] Modules linked in: [ 161.572790] CPU: 0 UID: 0 PID: 1953 Comm: kunit_try_catch Tainted: G B D W N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 161.573617] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 161.573760] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 161.573929] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 161.574175] Code: 49 8d 7c 24 58 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 58 00 75 1b 5b 41 5c 5d c3 cc cc cc cc 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d e9 90 06 22 02 48 89 df e8 d8 [ 161.575585] RSP: 0000:ffff888107d6fc90 EFLAGS: 00010246 [ 161.575992] RAX: dffffc0000000000 RBX: ffff888100dea000 RCX: 0000000000000000 [ 161.576725] RDX: 1ffff110201bd432 RSI: ffffffffb59f59b8 RDI: ffff888100dea190 [ 161.577185] RBP: ffff888107d6fca0 R08: 1ffff11020063f69 R09: ffffed1020fadf65 [ 161.577662] R10: 0000000000000003 R11: ffffffffb44049aa R12: 0000000000000000 [ 161.578076] R13: ffff888107d6fd38 R14: ffff88810031fc50 R15: ffff88810031fc58 [ 161.578434] FS: 0000000000000000(0000) GS:ffff8881a0892000(0000) knlGS:0000000000000000 [ 161.579432] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 161.579742] CR2: 00007ffff7ffe000 CR3: 0000000013aba000 CR4: 00000000000006f0 [ 161.580182] DR0: ffffffffba831900 DR1: ffffffffba831901 DR2: ffffffffba831902 [ 161.580869] DR3: ffffffffba831903 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 161.581248] Call Trace: [ 161.581425] <TASK> [ 161.581902] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 161.582579] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 161.583387] ? __schedule+0x10cc/0x2b60 [ 161.583705] ? __pfx_read_tsc+0x10/0x10 [ 161.584059] ? ktime_get_ts64+0x86/0x230 [ 161.584638] kunit_try_run_case+0x1a5/0x480 [ 161.585040] ? __pfx_kunit_try_run_case+0x10/0x10 [ 161.585640] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 161.586028] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 161.586589] ? __kthread_parkme+0x82/0x180 [ 161.586964] ? preempt_count_sub+0x50/0x80 [ 161.587433] ? __pfx_kunit_try_run_case+0x10/0x10 [ 161.587879] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 161.588207] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 161.588881] kthread+0x337/0x6f0 [ 161.589405] ? trace_preempt_on+0x20/0xc0 [ 161.589859] ? __pfx_kthread+0x10/0x10 [ 161.590179] ? _raw_spin_unlock_irq+0x47/0x80 [ 161.590700] ? calculate_sigpending+0x7b/0xa0 [ 161.591091] ? __pfx_kthread+0x10/0x10 [ 161.591509] ret_from_fork+0x41/0x80 [ 161.591913] ? __pfx_kthread+0x10/0x10 [ 161.592458] ret_from_fork_asm+0x1a/0x30 [ 161.592838] </TASK> [ 161.593128] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 127.740115] WARNING: CPU: 0 PID: 677 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 127.741582] Modules linked in: [ 127.741890] CPU: 0 UID: 0 PID: 677 Comm: kunit_try_catch Tainted: G B D W N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 127.742886] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 127.743168] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 127.744173] RIP: 0010:intlog10+0x2a/0x40 [ 127.744632] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f e9 47 57 81 02 90 <0f> 0b 90 31 c0 e9 3c 57 81 02 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 127.745749] RSP: 0000:ffff8881048afcb0 EFLAGS: 00010246 [ 127.746212] RAX: 0000000000000000 RBX: ffff88810031fae8 RCX: 1ffff11020915fb4 [ 127.746880] RDX: 1ffffffff70d25a0 RSI: 1ffff11020915fb3 RDI: 0000000000000000 [ 127.748068] RBP: ffff8881048afd60 R08: 0000000000000000 R09: ffffed1020897520 [ 127.748487] R10: ffff8881044ba907 R11: 0000000000000000 R12: 1ffff11020915f97 [ 127.748831] R13: ffffffffb8692d00 R14: 0000000000000000 R15: ffff8881048afd38 [ 127.749179] FS: 0000000000000000(0000) GS:ffff8881a0892000(0000) knlGS:0000000000000000 [ 127.750004] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.750586] CR2: dffffc0000000000 CR3: 0000000013aba000 CR4: 00000000000006f0 [ 127.750924] DR0: ffffffffba831900 DR1: ffffffffba831901 DR2: ffffffffba831902 [ 127.752259] DR3: ffffffffba831903 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 127.753284] Call Trace: [ 127.753504] <TASK> [ 127.753719] ? intlog10_test+0xf2/0x220 [ 127.754034] ? __pfx_intlog10_test+0x10/0x10 [ 127.754944] ? __schedule+0x10cc/0x2b60 [ 127.755416] ? __pfx_read_tsc+0x10/0x10 [ 127.755878] ? ktime_get_ts64+0x86/0x230 [ 127.756175] kunit_try_run_case+0x1a5/0x480 [ 127.756907] ? __pfx_kunit_try_run_case+0x10/0x10 [ 127.757420] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 127.758193] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 127.758719] ? __kthread_parkme+0x82/0x180 [ 127.759001] ? preempt_count_sub+0x50/0x80 [ 127.759983] ? __pfx_kunit_try_run_case+0x10/0x10 [ 127.760648] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 127.761212] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 127.761646] kthread+0x337/0x6f0 [ 127.761885] ? trace_preempt_on+0x20/0xc0 [ 127.762159] ? __pfx_kthread+0x10/0x10 [ 127.762760] ? _raw_spin_unlock_irq+0x47/0x80 [ 127.763076] ? calculate_sigpending+0x7b/0xa0 [ 127.763356] ? __pfx_kthread+0x10/0x10 [ 127.764373] ret_from_fork+0x41/0x80 [ 127.764780] ? __pfx_kthread+0x10/0x10 [ 127.765157] ret_from_fork_asm+0x1a/0x30 [ 127.765749] </TASK> [ 127.765993] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 127.676061] WARNING: CPU: 1 PID: 659 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 127.677643] Modules linked in: [ 127.677942] CPU: 1 UID: 0 PID: 659 Comm: kunit_try_catch Tainted: G B D N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 127.679198] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 127.679777] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 127.680644] RIP: 0010:intlog2+0xdf/0x110 [ 127.680948] Code: 69 b8 c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 89 45 e4 e8 8f b9 56 ff 8b 45 e4 eb [ 127.682803] RSP: 0000:ffff8881048d7cb0 EFLAGS: 00010246 [ 127.683203] RAX: 0000000000000000 RBX: ffff88810031fae8 RCX: 1ffff1102091afb4 [ 127.684155] RDX: 1ffffffff70d25f4 RSI: 1ffff1102091afb3 RDI: 0000000000000000 [ 127.684988] RBP: ffff8881048d7d60 R08: 0000000000000000 R09: ffffed1020896be0 [ 127.685618] R10: ffff8881044b5f07 R11: 0000000000000000 R12: 1ffff1102091af97 [ 127.686259] R13: ffffffffb8692fa0 R14: 0000000000000000 R15: ffff8881048d7d38 [ 127.687019] FS: 0000000000000000(0000) GS:ffff8881a0992000(0000) knlGS:0000000000000000 [ 127.687571] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.687713] CR2: ffff88815a974000 CR3: 0000000013aba000 CR4: 00000000000006f0 [ 127.687848] DR0: ffffffffba831900 DR1: ffffffffba831901 DR2: ffffffffba831903 [ 127.687977] DR3: ffffffffba831905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 127.689113] Call Trace: [ 127.689277] <TASK> [ 127.689724] ? intlog2_test+0xf2/0x220 [ 127.690188] ? __pfx_intlog2_test+0x10/0x10 [ 127.690938] ? __schedule+0x10cc/0x2b60 [ 127.691702] ? __pfx_read_tsc+0x10/0x10 [ 127.692538] ? ktime_get_ts64+0x86/0x230 [ 127.692776] kunit_try_run_case+0x1a5/0x480 [ 127.693173] ? __pfx_kunit_try_run_case+0x10/0x10 [ 127.694054] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 127.694804] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 127.695125] ? __kthread_parkme+0x82/0x180 [ 127.695654] ? preempt_count_sub+0x50/0x80 [ 127.695984] ? __pfx_kunit_try_run_case+0x10/0x10 [ 127.696989] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 127.697570] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 127.697927] kthread+0x337/0x6f0 [ 127.698821] ? trace_preempt_on+0x20/0xc0 [ 127.699155] ? __pfx_kthread+0x10/0x10 [ 127.699352] ? _raw_spin_unlock_irq+0x47/0x80 [ 127.699992] ? calculate_sigpending+0x7b/0xa0 [ 127.700203] ? __pfx_kthread+0x10/0x10 [ 127.701020] ret_from_fork+0x41/0x80 [ 127.701222] ? __pfx_kthread+0x10/0x10 [ 127.702200] ret_from_fork_asm+0x1a/0x30 [ 127.702677] </TASK> [ 127.702903] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
KNOWN ISSUE - qemu-x86_64: Oops: general protection fault, probably for non-canonical address - KASAN: null-ptr-deref - kunit_test_null_dereference
[ 126.849449] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI