Date
July 8, 2025, 4:38 p.m.
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 11.334147] ================================================================== [ 11.334793] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 11.335240] Write of size 2 at addr ffff8881029ca977 by task kunit_try_catch/192 [ 11.335477] [ 11.335988] CPU: 1 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 11.336037] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.336050] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.336072] Call Trace: [ 11.336084] <TASK> [ 11.336099] dump_stack_lvl+0x73/0xb0 [ 11.336127] print_report+0xd1/0x650 [ 11.336151] ? __virt_addr_valid+0x1db/0x2d0 [ 11.336173] ? kmalloc_oob_memset_2+0x166/0x330 [ 11.336196] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.336218] ? kmalloc_oob_memset_2+0x166/0x330 [ 11.336241] kasan_report+0x141/0x180 [ 11.336263] ? kmalloc_oob_memset_2+0x166/0x330 [ 11.336291] kasan_check_range+0x10c/0x1c0 [ 11.336311] __asan_memset+0x27/0x50 [ 11.336331] kmalloc_oob_memset_2+0x166/0x330 [ 11.336354] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 11.336378] ? __schedule+0x10cc/0x2b60 [ 11.336401] ? __pfx_read_tsc+0x10/0x10 [ 11.336421] ? ktime_get_ts64+0x86/0x230 [ 11.336445] kunit_try_run_case+0x1a5/0x480 [ 11.336466] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.336485] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.336798] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.336836] ? __kthread_parkme+0x82/0x180 [ 11.336863] ? preempt_count_sub+0x50/0x80 [ 11.336902] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.336925] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.336998] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.337027] kthread+0x337/0x6f0 [ 11.337045] ? trace_preempt_on+0x20/0xc0 [ 11.337069] ? __pfx_kthread+0x10/0x10 [ 11.337087] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.337110] ? calculate_sigpending+0x7b/0xa0 [ 11.337131] ? __pfx_kthread+0x10/0x10 [ 11.337150] ret_from_fork+0x41/0x80 [ 11.337170] ? __pfx_kthread+0x10/0x10 [ 11.337188] ret_from_fork_asm+0x1a/0x30 [ 11.337218] </TASK> [ 11.337229] [ 11.351285] Allocated by task 192: [ 11.351642] kasan_save_stack+0x45/0x70 [ 11.352093] kasan_save_track+0x18/0x40 [ 11.352457] kasan_save_alloc_info+0x3b/0x50 [ 11.352927] __kasan_kmalloc+0xb7/0xc0 [ 11.353295] __kmalloc_cache_noprof+0x189/0x420 [ 11.353488] kmalloc_oob_memset_2+0xac/0x330 [ 11.353653] kunit_try_run_case+0x1a5/0x480 [ 11.353800] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.354309] kthread+0x337/0x6f0 [ 11.354658] ret_from_fork+0x41/0x80 [ 11.355085] ret_from_fork_asm+0x1a/0x30 [ 11.355459] [ 11.355630] The buggy address belongs to the object at ffff8881029ca900 [ 11.355630] which belongs to the cache kmalloc-128 of size 128 [ 11.356215] The buggy address is located 119 bytes inside of [ 11.356215] allocated 120-byte region [ffff8881029ca900, ffff8881029ca978) [ 11.357475] [ 11.357712] The buggy address belongs to the physical page: [ 11.358287] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ca [ 11.358819] flags: 0x200000000000000(node=0|zone=2) [ 11.359005] page_type: f5(slab) [ 11.359129] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.359362] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.359669] page dumped because: kasan: bad access detected [ 11.359840] [ 11.360048] Memory state around the buggy address: [ 11.360240] ffff8881029ca800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.360457] ffff8881029ca880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.360749] >ffff8881029ca900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.360972] ^ [ 11.361233] ffff8881029ca980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.361543] ffff8881029caa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.362311] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 11.308149] ================================================================== [ 11.308658] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 11.309190] Write of size 128 at addr ffff8881035ebd00 by task kunit_try_catch/190 [ 11.309712] [ 11.309830] CPU: 0 UID: 0 PID: 190 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 11.310009] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.310022] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.310045] Call Trace: [ 11.310059] <TASK> [ 11.310075] dump_stack_lvl+0x73/0xb0 [ 11.310103] print_report+0xd1/0x650 [ 11.310127] ? __virt_addr_valid+0x1db/0x2d0 [ 11.310164] ? kmalloc_oob_in_memset+0x15f/0x320 [ 11.310187] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.310210] ? kmalloc_oob_in_memset+0x15f/0x320 [ 11.310233] kasan_report+0x141/0x180 [ 11.310256] ? kmalloc_oob_in_memset+0x15f/0x320 [ 11.310283] kasan_check_range+0x10c/0x1c0 [ 11.310304] __asan_memset+0x27/0x50 [ 11.310324] kmalloc_oob_in_memset+0x15f/0x320 [ 11.310347] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 11.310371] ? __schedule+0x207f/0x2b60 [ 11.310395] ? __pfx_read_tsc+0x10/0x10 [ 11.310416] ? ktime_get_ts64+0x86/0x230 [ 11.310442] kunit_try_run_case+0x1a5/0x480 [ 11.310465] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.310483] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.310552] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.310580] ? __kthread_parkme+0x82/0x180 [ 11.310603] ? preempt_count_sub+0x50/0x80 [ 11.310629] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.310650] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.310675] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.310699] kthread+0x337/0x6f0 [ 11.310716] ? trace_preempt_on+0x20/0xc0 [ 11.310741] ? __pfx_kthread+0x10/0x10 [ 11.310759] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.310782] ? calculate_sigpending+0x7b/0xa0 [ 11.310804] ? __pfx_kthread+0x10/0x10 [ 11.310822] ret_from_fork+0x41/0x80 [ 11.310895] ? __pfx_kthread+0x10/0x10 [ 11.310916] ret_from_fork_asm+0x1a/0x30 [ 11.310947] </TASK> [ 11.310959] [ 11.321906] Allocated by task 190: [ 11.322054] kasan_save_stack+0x45/0x70 [ 11.322253] kasan_save_track+0x18/0x40 [ 11.322393] kasan_save_alloc_info+0x3b/0x50 [ 11.322601] __kasan_kmalloc+0xb7/0xc0 [ 11.322868] __kmalloc_cache_noprof+0x189/0x420 [ 11.323192] kmalloc_oob_in_memset+0xac/0x320 [ 11.323453] kunit_try_run_case+0x1a5/0x480 [ 11.323915] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.324396] kthread+0x337/0x6f0 [ 11.324586] ret_from_fork+0x41/0x80 [ 11.324751] ret_from_fork_asm+0x1a/0x30 [ 11.324934] [ 11.325184] The buggy address belongs to the object at ffff8881035ebd00 [ 11.325184] which belongs to the cache kmalloc-128 of size 128 [ 11.325826] The buggy address is located 0 bytes inside of [ 11.325826] allocated 120-byte region [ffff8881035ebd00, ffff8881035ebd78) [ 11.326524] [ 11.326613] The buggy address belongs to the physical page: [ 11.326829] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1035eb [ 11.327406] flags: 0x200000000000000(node=0|zone=2) [ 11.327762] page_type: f5(slab) [ 11.327964] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.328438] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.328916] page dumped because: kasan: bad access detected [ 11.329226] [ 11.329311] Memory state around the buggy address: [ 11.329509] ffff8881035ebc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.329888] ffff8881035ebc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.330371] >ffff8881035ebd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.330674] ^ [ 11.330980] ffff8881035ebd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.331280] ffff8881035ebe00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.331594] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 11.264582] ================================================================== [ 11.265541] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 11.266312] Read of size 16 at addr ffff8881021715e0 by task kunit_try_catch/188 [ 11.267082] [ 11.267184] CPU: 1 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 11.267232] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.267243] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.267265] Call Trace: [ 11.267277] <TASK> [ 11.267293] dump_stack_lvl+0x73/0xb0 [ 11.267322] print_report+0xd1/0x650 [ 11.267346] ? __virt_addr_valid+0x1db/0x2d0 [ 11.267369] ? kmalloc_uaf_16+0x47b/0x4c0 [ 11.267390] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.267414] ? kmalloc_uaf_16+0x47b/0x4c0 [ 11.267435] kasan_report+0x141/0x180 [ 11.267458] ? kmalloc_uaf_16+0x47b/0x4c0 [ 11.267485] __asan_report_load16_noabort+0x18/0x20 [ 11.267517] kmalloc_uaf_16+0x47b/0x4c0 [ 11.267539] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 11.267562] ? __schedule+0x10cc/0x2b60 [ 11.267654] ? __pfx_read_tsc+0x10/0x10 [ 11.267676] ? ktime_get_ts64+0x86/0x230 [ 11.267710] kunit_try_run_case+0x1a5/0x480 [ 11.267732] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.267751] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.267777] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.267801] ? __kthread_parkme+0x82/0x180 [ 11.267824] ? preempt_count_sub+0x50/0x80 [ 11.267901] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.267923] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.267946] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.267981] kthread+0x337/0x6f0 [ 11.267998] ? trace_preempt_on+0x20/0xc0 [ 11.268022] ? __pfx_kthread+0x10/0x10 [ 11.268041] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.268063] ? calculate_sigpending+0x7b/0xa0 [ 11.268085] ? __pfx_kthread+0x10/0x10 [ 11.268104] ret_from_fork+0x41/0x80 [ 11.268124] ? __pfx_kthread+0x10/0x10 [ 11.268143] ret_from_fork_asm+0x1a/0x30 [ 11.268174] </TASK> [ 11.268185] [ 11.281211] Allocated by task 188: [ 11.281528] kasan_save_stack+0x45/0x70 [ 11.282124] kasan_save_track+0x18/0x40 [ 11.282496] kasan_save_alloc_info+0x3b/0x50 [ 11.282886] __kasan_kmalloc+0xb7/0xc0 [ 11.283246] __kmalloc_cache_noprof+0x189/0x420 [ 11.283402] kmalloc_uaf_16+0x15b/0x4c0 [ 11.283588] kunit_try_run_case+0x1a5/0x480 [ 11.283971] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.284588] kthread+0x337/0x6f0 [ 11.284966] ret_from_fork+0x41/0x80 [ 11.285304] ret_from_fork_asm+0x1a/0x30 [ 11.285532] [ 11.285607] Freed by task 188: [ 11.285717] kasan_save_stack+0x45/0x70 [ 11.286034] kasan_save_track+0x18/0x40 [ 11.286404] kasan_save_free_info+0x3f/0x60 [ 11.286822] __kasan_slab_free+0x56/0x70 [ 11.287258] kfree+0x222/0x3f0 [ 11.287554] kmalloc_uaf_16+0x1d6/0x4c0 [ 11.287803] kunit_try_run_case+0x1a5/0x480 [ 11.288020] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.288201] kthread+0x337/0x6f0 [ 11.288322] ret_from_fork+0x41/0x80 [ 11.288452] ret_from_fork_asm+0x1a/0x30 [ 11.288735] [ 11.288908] The buggy address belongs to the object at ffff8881021715e0 [ 11.288908] which belongs to the cache kmalloc-16 of size 16 [ 11.290256] The buggy address is located 0 bytes inside of [ 11.290256] freed 16-byte region [ffff8881021715e0, ffff8881021715f0) [ 11.291346] [ 11.291508] The buggy address belongs to the physical page: [ 11.292107] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102171 [ 11.292463] flags: 0x200000000000000(node=0|zone=2) [ 11.292901] page_type: f5(slab) [ 11.293302] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.294013] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.294473] page dumped because: kasan: bad access detected [ 11.294733] [ 11.294903] Memory state around the buggy address: [ 11.295394] ffff888102171480: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 11.296150] ffff888102171500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 11.296652] >ffff888102171580: fa fb fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 11.297406] ^ [ 11.297800] ffff888102171600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.298278] ffff888102171680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.298500] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 11.229007] ================================================================== [ 11.229711] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 11.230220] Write of size 16 at addr ffff888102171580 by task kunit_try_catch/186 [ 11.230962] [ 11.231208] CPU: 1 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 11.231253] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.231265] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.231288] Call Trace: [ 11.231300] <TASK> [ 11.231316] dump_stack_lvl+0x73/0xb0 [ 11.231344] print_report+0xd1/0x650 [ 11.231367] ? __virt_addr_valid+0x1db/0x2d0 [ 11.231388] ? kmalloc_oob_16+0x452/0x4a0 [ 11.231409] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.231432] ? kmalloc_oob_16+0x452/0x4a0 [ 11.231454] kasan_report+0x141/0x180 [ 11.231476] ? kmalloc_oob_16+0x452/0x4a0 [ 11.231502] __asan_report_store16_noabort+0x1b/0x30 [ 11.231537] kmalloc_oob_16+0x452/0x4a0 [ 11.231559] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 11.231590] ? __schedule+0x10cc/0x2b60 [ 11.231613] ? __pfx_read_tsc+0x10/0x10 [ 11.231633] ? ktime_get_ts64+0x86/0x230 [ 11.231659] kunit_try_run_case+0x1a5/0x480 [ 11.231680] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.231699] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.231723] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.231746] ? __kthread_parkme+0x82/0x180 [ 11.231768] ? preempt_count_sub+0x50/0x80 [ 11.231794] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.231814] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.231837] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.231860] kthread+0x337/0x6f0 [ 11.231887] ? trace_preempt_on+0x20/0xc0 [ 11.231910] ? __pfx_kthread+0x10/0x10 [ 11.231928] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.231950] ? calculate_sigpending+0x7b/0xa0 [ 11.231971] ? __pfx_kthread+0x10/0x10 [ 11.231989] ret_from_fork+0x41/0x80 [ 11.232010] ? __pfx_kthread+0x10/0x10 [ 11.232028] ret_from_fork_asm+0x1a/0x30 [ 11.232071] </TASK> [ 11.232082] [ 11.245673] Allocated by task 186: [ 11.245812] kasan_save_stack+0x45/0x70 [ 11.246250] kasan_save_track+0x18/0x40 [ 11.246607] kasan_save_alloc_info+0x3b/0x50 [ 11.247198] __kasan_kmalloc+0xb7/0xc0 [ 11.247647] __kmalloc_cache_noprof+0x189/0x420 [ 11.248192] kmalloc_oob_16+0xa8/0x4a0 [ 11.248603] kunit_try_run_case+0x1a5/0x480 [ 11.248849] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.249042] kthread+0x337/0x6f0 [ 11.249164] ret_from_fork+0x41/0x80 [ 11.249296] ret_from_fork_asm+0x1a/0x30 [ 11.249440] [ 11.249658] The buggy address belongs to the object at ffff888102171580 [ 11.249658] which belongs to the cache kmalloc-16 of size 16 [ 11.250914] The buggy address is located 0 bytes inside of [ 11.250914] allocated 13-byte region [ffff888102171580, ffff88810217158d) [ 11.252179] [ 11.252446] The buggy address belongs to the physical page: [ 11.253059] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102171 [ 11.253778] flags: 0x200000000000000(node=0|zone=2) [ 11.254433] page_type: f5(slab) [ 11.254907] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.255157] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.255385] page dumped because: kasan: bad access detected [ 11.255608] [ 11.255680] Memory state around the buggy address: [ 11.256072] ffff888102171480: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 11.256734] ffff888102171500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 11.257418] >ffff888102171580: 00 05 fc fc 00 00 fc fc fc fc fc fc fc fc fc fc [ 11.258205] ^ [ 11.258525] ffff888102171600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.259155] ffff888102171680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.259650] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 11.187544] ================================================================== [ 11.188024] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 11.188337] Read of size 1 at addr ffff888100a9c800 by task kunit_try_catch/184 [ 11.189648] [ 11.189822] CPU: 1 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 11.189869] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.189891] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.189912] Call Trace: [ 11.189925] <TASK> [ 11.189942] dump_stack_lvl+0x73/0xb0 [ 11.189970] print_report+0xd1/0x650 [ 11.189993] ? __virt_addr_valid+0x1db/0x2d0 [ 11.190101] ? krealloc_uaf+0x53c/0x5e0 [ 11.190124] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.190148] ? krealloc_uaf+0x53c/0x5e0 [ 11.190166] kasan_report+0x141/0x180 [ 11.190190] ? krealloc_uaf+0x53c/0x5e0 [ 11.190213] __asan_report_load1_noabort+0x18/0x20 [ 11.190234] krealloc_uaf+0x53c/0x5e0 [ 11.190253] ? __pfx_krealloc_uaf+0x10/0x10 [ 11.190270] ? finish_task_switch.isra.0+0x153/0x700 [ 11.190295] ? __switch_to+0x5d9/0xf60 [ 11.190315] ? dequeue_task_fair+0x166/0x4e0 [ 11.190339] ? __schedule+0x10cc/0x2b60 [ 11.190363] ? __pfx_read_tsc+0x10/0x10 [ 11.190382] ? ktime_get_ts64+0x86/0x230 [ 11.190408] kunit_try_run_case+0x1a5/0x480 [ 11.190430] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.190448] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.190473] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.190497] ? __kthread_parkme+0x82/0x180 [ 11.190520] ? preempt_count_sub+0x50/0x80 [ 11.190543] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.190564] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.190587] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.190611] kthread+0x337/0x6f0 [ 11.190628] ? trace_preempt_on+0x20/0xc0 [ 11.190651] ? __pfx_kthread+0x10/0x10 [ 11.190669] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.190691] ? calculate_sigpending+0x7b/0xa0 [ 11.190713] ? __pfx_kthread+0x10/0x10 [ 11.190731] ret_from_fork+0x41/0x80 [ 11.190752] ? __pfx_kthread+0x10/0x10 [ 11.190770] ret_from_fork_asm+0x1a/0x30 [ 11.190799] </TASK> [ 11.190811] [ 11.204328] Allocated by task 184: [ 11.204836] kasan_save_stack+0x45/0x70 [ 11.205425] kasan_save_track+0x18/0x40 [ 11.205736] kasan_save_alloc_info+0x3b/0x50 [ 11.206398] __kasan_kmalloc+0xb7/0xc0 [ 11.206546] __kmalloc_cache_noprof+0x189/0x420 [ 11.206704] krealloc_uaf+0xbb/0x5e0 [ 11.206833] kunit_try_run_case+0x1a5/0x480 [ 11.207232] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.207821] kthread+0x337/0x6f0 [ 11.208151] ret_from_fork+0x41/0x80 [ 11.208539] ret_from_fork_asm+0x1a/0x30 [ 11.208973] [ 11.209156] Freed by task 184: [ 11.209443] kasan_save_stack+0x45/0x70 [ 11.209826] kasan_save_track+0x18/0x40 [ 11.210207] kasan_save_free_info+0x3f/0x60 [ 11.210521] __kasan_slab_free+0x56/0x70 [ 11.210871] kfree+0x222/0x3f0 [ 11.211237] krealloc_uaf+0x13d/0x5e0 [ 11.211671] kunit_try_run_case+0x1a5/0x480 [ 11.211852] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.212250] kthread+0x337/0x6f0 [ 11.212397] ret_from_fork+0x41/0x80 [ 11.212666] ret_from_fork_asm+0x1a/0x30 [ 11.213148] [ 11.213317] The buggy address belongs to the object at ffff888100a9c800 [ 11.213317] which belongs to the cache kmalloc-256 of size 256 [ 11.214372] The buggy address is located 0 bytes inside of [ 11.214372] freed 256-byte region [ffff888100a9c800, ffff888100a9c900) [ 11.214829] [ 11.215067] The buggy address belongs to the physical page: [ 11.215651] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a9c [ 11.216357] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.217106] flags: 0x200000000000040(head|node=0|zone=2) [ 11.217395] page_type: f5(slab) [ 11.217741] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.218511] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.218963] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.219656] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.220073] head: 0200000000000001 ffffea000402a701 00000000ffffffff 00000000ffffffff [ 11.220862] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.221494] page dumped because: kasan: bad access detected [ 11.222073] [ 11.222216] Memory state around the buggy address: [ 11.222616] ffff888100a9c700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.223088] ffff888100a9c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.223645] >ffff888100a9c800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.224075] ^ [ 11.224426] ffff888100a9c880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.225129] ffff888100a9c900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.225389] ================================================================== [ 11.154801] ================================================================== [ 11.155288] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 11.155536] Read of size 1 at addr ffff888100a9c800 by task kunit_try_catch/184 [ 11.156135] [ 11.156262] CPU: 1 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 11.156310] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.156322] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.156344] Call Trace: [ 11.156357] <TASK> [ 11.156373] dump_stack_lvl+0x73/0xb0 [ 11.156401] print_report+0xd1/0x650 [ 11.156424] ? __virt_addr_valid+0x1db/0x2d0 [ 11.156447] ? krealloc_uaf+0x1b8/0x5e0 [ 11.156465] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.156488] ? krealloc_uaf+0x1b8/0x5e0 [ 11.156565] kasan_report+0x141/0x180 [ 11.156593] ? krealloc_uaf+0x1b8/0x5e0 [ 11.156614] ? krealloc_uaf+0x1b8/0x5e0 [ 11.156661] __kasan_check_byte+0x3d/0x50 [ 11.156699] krealloc_noprof+0x3f/0x340 [ 11.156724] krealloc_uaf+0x1b8/0x5e0 [ 11.156743] ? __pfx_krealloc_uaf+0x10/0x10 [ 11.156760] ? finish_task_switch.isra.0+0x153/0x700 [ 11.156785] ? __switch_to+0x5d9/0xf60 [ 11.156805] ? dequeue_task_fair+0x166/0x4e0 [ 11.156828] ? __schedule+0x10cc/0x2b60 [ 11.156911] ? __pfx_read_tsc+0x10/0x10 [ 11.156932] ? ktime_get_ts64+0x86/0x230 [ 11.156958] kunit_try_run_case+0x1a5/0x480 [ 11.156980] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.156999] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.157024] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.157047] ? __kthread_parkme+0x82/0x180 [ 11.157070] ? preempt_count_sub+0x50/0x80 [ 11.157094] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.157114] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.157138] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.157161] kthread+0x337/0x6f0 [ 11.157179] ? trace_preempt_on+0x20/0xc0 [ 11.157203] ? __pfx_kthread+0x10/0x10 [ 11.157221] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.157243] ? calculate_sigpending+0x7b/0xa0 [ 11.157264] ? __pfx_kthread+0x10/0x10 [ 11.157283] ret_from_fork+0x41/0x80 [ 11.157303] ? __pfx_kthread+0x10/0x10 [ 11.157321] ret_from_fork_asm+0x1a/0x30 [ 11.157352] </TASK> [ 11.157363] [ 11.169321] Allocated by task 184: [ 11.169801] kasan_save_stack+0x45/0x70 [ 11.170080] kasan_save_track+0x18/0x40 [ 11.170341] kasan_save_alloc_info+0x3b/0x50 [ 11.170584] __kasan_kmalloc+0xb7/0xc0 [ 11.171043] __kmalloc_cache_noprof+0x189/0x420 [ 11.171256] krealloc_uaf+0xbb/0x5e0 [ 11.171410] kunit_try_run_case+0x1a5/0x480 [ 11.171591] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.172242] kthread+0x337/0x6f0 [ 11.172391] ret_from_fork+0x41/0x80 [ 11.172649] ret_from_fork_asm+0x1a/0x30 [ 11.173118] [ 11.173203] Freed by task 184: [ 11.173369] kasan_save_stack+0x45/0x70 [ 11.173830] kasan_save_track+0x18/0x40 [ 11.174072] kasan_save_free_info+0x3f/0x60 [ 11.174282] __kasan_slab_free+0x56/0x70 [ 11.174471] kfree+0x222/0x3f0 [ 11.174676] krealloc_uaf+0x13d/0x5e0 [ 11.174973] kunit_try_run_case+0x1a5/0x480 [ 11.175200] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.175437] kthread+0x337/0x6f0 [ 11.175709] ret_from_fork+0x41/0x80 [ 11.175891] ret_from_fork_asm+0x1a/0x30 [ 11.176034] [ 11.176109] The buggy address belongs to the object at ffff888100a9c800 [ 11.176109] which belongs to the cache kmalloc-256 of size 256 [ 11.176841] The buggy address is located 0 bytes inside of [ 11.176841] freed 256-byte region [ffff888100a9c800, ffff888100a9c900) [ 11.177433] [ 11.177936] The buggy address belongs to the physical page: [ 11.178181] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a9c [ 11.178946] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.179247] flags: 0x200000000000040(head|node=0|zone=2) [ 11.179685] page_type: f5(slab) [ 11.179922] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.180350] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.180843] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.181338] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.182084] head: 0200000000000001 ffffea000402a701 00000000ffffffff 00000000ffffffff [ 11.182432] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.183072] page dumped because: kasan: bad access detected [ 11.183304] [ 11.183401] Memory state around the buggy address: [ 11.183627] ffff888100a9c700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.184022] ffff888100a9c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.184327] >ffff888100a9c800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.184807] ^ [ 11.185126] ffff888100a9c880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.185392] ffff888100a9c900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.186091] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 10.923084] ================================================================== [ 10.924197] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 10.924456] Write of size 1 at addr ffff888100a9c6ea by task kunit_try_catch/178 [ 10.925679] [ 10.926260] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 10.926309] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.926332] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.926353] Call Trace: [ 10.926370] <TASK> [ 10.926385] dump_stack_lvl+0x73/0xb0 [ 10.926413] print_report+0xd1/0x650 [ 10.926436] ? __virt_addr_valid+0x1db/0x2d0 [ 10.926458] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 10.926478] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.926501] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 10.926522] kasan_report+0x141/0x180 [ 10.926544] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 10.926569] __asan_report_store1_noabort+0x1b/0x30 [ 10.926591] krealloc_less_oob_helper+0xe90/0x11d0 [ 10.926613] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.926634] ? finish_task_switch.isra.0+0x153/0x700 [ 10.926657] ? __switch_to+0x5d9/0xf60 [ 10.926677] ? dequeue_task_fair+0x166/0x4e0 [ 10.926702] ? __schedule+0x10cc/0x2b60 [ 10.926727] ? __pfx_read_tsc+0x10/0x10 [ 10.926751] krealloc_less_oob+0x1c/0x30 [ 10.926771] kunit_try_run_case+0x1a5/0x480 [ 10.926792] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.926810] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.926979] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.927014] ? __kthread_parkme+0x82/0x180 [ 10.927036] ? preempt_count_sub+0x50/0x80 [ 10.927060] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.927082] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.927140] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.927165] kthread+0x337/0x6f0 [ 10.927182] ? trace_preempt_on+0x20/0xc0 [ 10.927205] ? __pfx_kthread+0x10/0x10 [ 10.927223] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.927246] ? calculate_sigpending+0x7b/0xa0 [ 10.927267] ? __pfx_kthread+0x10/0x10 [ 10.927285] ret_from_fork+0x41/0x80 [ 10.927306] ? __pfx_kthread+0x10/0x10 [ 10.927323] ret_from_fork_asm+0x1a/0x30 [ 10.927353] </TASK> [ 10.927365] [ 10.942296] Allocated by task 178: [ 10.942484] kasan_save_stack+0x45/0x70 [ 10.943008] kasan_save_track+0x18/0x40 [ 10.943622] kasan_save_alloc_info+0x3b/0x50 [ 10.944164] __kasan_krealloc+0x190/0x1f0 [ 10.944370] krealloc_noprof+0xf3/0x340 [ 10.944678] krealloc_less_oob_helper+0x1aa/0x11d0 [ 10.945217] krealloc_less_oob+0x1c/0x30 [ 10.945413] kunit_try_run_case+0x1a5/0x480 [ 10.945868] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.946178] kthread+0x337/0x6f0 [ 10.946463] ret_from_fork+0x41/0x80 [ 10.947019] ret_from_fork_asm+0x1a/0x30 [ 10.947274] [ 10.947531] The buggy address belongs to the object at ffff888100a9c600 [ 10.947531] which belongs to the cache kmalloc-256 of size 256 [ 10.948592] The buggy address is located 33 bytes to the right of [ 10.948592] allocated 201-byte region [ffff888100a9c600, ffff888100a9c6c9) [ 10.949527] [ 10.949764] The buggy address belongs to the physical page: [ 10.950319] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a9c [ 10.950918] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.951257] flags: 0x200000000000040(head|node=0|zone=2) [ 10.951843] page_type: f5(slab) [ 10.952270] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.952813] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.953284] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.953914] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.954380] head: 0200000000000001 ffffea000402a701 00000000ffffffff 00000000ffffffff [ 10.955280] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.955929] page dumped because: kasan: bad access detected [ 10.956328] [ 10.956589] Memory state around the buggy address: [ 10.956807] ffff888100a9c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.957265] ffff888100a9c600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.957805] >ffff888100a9c680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 10.958701] ^ [ 10.959481] ffff888100a9c700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.960129] ffff888100a9c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.960448] ================================================================== [ 10.898587] ================================================================== [ 10.899028] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 10.899376] Write of size 1 at addr ffff888100a9c6da by task kunit_try_catch/178 [ 10.899745] [ 10.900021] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 10.900082] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.900094] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.900117] Call Trace: [ 10.900144] <TASK> [ 10.900161] dump_stack_lvl+0x73/0xb0 [ 10.900187] print_report+0xd1/0x650 [ 10.900211] ? __virt_addr_valid+0x1db/0x2d0 [ 10.900232] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 10.900252] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.900275] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 10.900297] kasan_report+0x141/0x180 [ 10.900322] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 10.900358] __asan_report_store1_noabort+0x1b/0x30 [ 10.900380] krealloc_less_oob_helper+0xec6/0x11d0 [ 10.900402] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.900434] ? finish_task_switch.isra.0+0x153/0x700 [ 10.900459] ? __switch_to+0x5d9/0xf60 [ 10.900479] ? dequeue_task_fair+0x166/0x4e0 [ 10.900513] ? __schedule+0x10cc/0x2b60 [ 10.900539] ? __pfx_read_tsc+0x10/0x10 [ 10.900562] krealloc_less_oob+0x1c/0x30 [ 10.900592] kunit_try_run_case+0x1a5/0x480 [ 10.900614] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.900633] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.900677] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.900702] ? __kthread_parkme+0x82/0x180 [ 10.900723] ? preempt_count_sub+0x50/0x80 [ 10.900748] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.900768] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.900792] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.900816] kthread+0x337/0x6f0 [ 10.900928] ? trace_preempt_on+0x20/0xc0 [ 10.900953] ? __pfx_kthread+0x10/0x10 [ 10.900983] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.901006] ? calculate_sigpending+0x7b/0xa0 [ 10.901028] ? __pfx_kthread+0x10/0x10 [ 10.901056] ret_from_fork+0x41/0x80 [ 10.901077] ? __pfx_kthread+0x10/0x10 [ 10.901096] ret_from_fork_asm+0x1a/0x30 [ 10.901136] </TASK> [ 10.901148] [ 10.909786] Allocated by task 178: [ 10.910091] kasan_save_stack+0x45/0x70 [ 10.910351] kasan_save_track+0x18/0x40 [ 10.910590] kasan_save_alloc_info+0x3b/0x50 [ 10.910800] __kasan_krealloc+0x190/0x1f0 [ 10.911125] krealloc_noprof+0xf3/0x340 [ 10.911347] krealloc_less_oob_helper+0x1aa/0x11d0 [ 10.911525] krealloc_less_oob+0x1c/0x30 [ 10.911724] kunit_try_run_case+0x1a5/0x480 [ 10.912010] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.912272] kthread+0x337/0x6f0 [ 10.912418] ret_from_fork+0x41/0x80 [ 10.912961] ret_from_fork_asm+0x1a/0x30 [ 10.913246] [ 10.913382] The buggy address belongs to the object at ffff888100a9c600 [ 10.913382] which belongs to the cache kmalloc-256 of size 256 [ 10.913991] The buggy address is located 17 bytes to the right of [ 10.913991] allocated 201-byte region [ffff888100a9c600, ffff888100a9c6c9) [ 10.914726] [ 10.914803] The buggy address belongs to the physical page: [ 10.915134] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a9c [ 10.915582] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.916078] flags: 0x200000000000040(head|node=0|zone=2) [ 10.916358] page_type: f5(slab) [ 10.916564] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.917091] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.917395] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.917793] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.918243] head: 0200000000000001 ffffea000402a701 00000000ffffffff 00000000ffffffff [ 10.918618] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.919044] page dumped because: kasan: bad access detected [ 10.919273] [ 10.919383] Memory state around the buggy address: [ 10.919657] ffff888100a9c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.919966] ffff888100a9c600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.920293] >ffff888100a9c680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 10.920594] ^ [ 10.920862] ffff888100a9c700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.921334] ffff888100a9c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.921734] ================================================================== [ 10.870985] ================================================================== [ 10.871651] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 10.872181] Write of size 1 at addr ffff888100a9c6d0 by task kunit_try_catch/178 [ 10.873296] [ 10.873415] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 10.873459] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.873471] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.873491] Call Trace: [ 10.873503] <TASK> [ 10.873724] dump_stack_lvl+0x73/0xb0 [ 10.873760] print_report+0xd1/0x650 [ 10.873799] ? __virt_addr_valid+0x1db/0x2d0 [ 10.873822] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 10.873930] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.873957] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 10.873978] kasan_report+0x141/0x180 [ 10.874002] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 10.874027] __asan_report_store1_noabort+0x1b/0x30 [ 10.874049] krealloc_less_oob_helper+0xe23/0x11d0 [ 10.874072] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.874095] ? finish_task_switch.isra.0+0x153/0x700 [ 10.874119] ? __switch_to+0x5d9/0xf60 [ 10.874140] ? dequeue_task_fair+0x166/0x4e0 [ 10.874165] ? __schedule+0x10cc/0x2b60 [ 10.874188] ? __pfx_read_tsc+0x10/0x10 [ 10.874211] krealloc_less_oob+0x1c/0x30 [ 10.874230] kunit_try_run_case+0x1a5/0x480 [ 10.874252] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.874271] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.874295] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.874319] ? __kthread_parkme+0x82/0x180 [ 10.874340] ? preempt_count_sub+0x50/0x80 [ 10.874364] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.874385] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.874408] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.874432] kthread+0x337/0x6f0 [ 10.874450] ? trace_preempt_on+0x20/0xc0 [ 10.874474] ? __pfx_kthread+0x10/0x10 [ 10.874492] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.874514] ? calculate_sigpending+0x7b/0xa0 [ 10.874536] ? __pfx_kthread+0x10/0x10 [ 10.874554] ret_from_fork+0x41/0x80 [ 10.874575] ? __pfx_kthread+0x10/0x10 [ 10.874594] ret_from_fork_asm+0x1a/0x30 [ 10.874623] </TASK> [ 10.874635] [ 10.886669] Allocated by task 178: [ 10.886889] kasan_save_stack+0x45/0x70 [ 10.887199] kasan_save_track+0x18/0x40 [ 10.887427] kasan_save_alloc_info+0x3b/0x50 [ 10.887621] __kasan_krealloc+0x190/0x1f0 [ 10.887967] krealloc_noprof+0xf3/0x340 [ 10.888336] krealloc_less_oob_helper+0x1aa/0x11d0 [ 10.888580] krealloc_less_oob+0x1c/0x30 [ 10.888766] kunit_try_run_case+0x1a5/0x480 [ 10.889040] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.889395] kthread+0x337/0x6f0 [ 10.889549] ret_from_fork+0x41/0x80 [ 10.889762] ret_from_fork_asm+0x1a/0x30 [ 10.890004] [ 10.890128] The buggy address belongs to the object at ffff888100a9c600 [ 10.890128] which belongs to the cache kmalloc-256 of size 256 [ 10.890569] The buggy address is located 7 bytes to the right of [ 10.890569] allocated 201-byte region [ffff888100a9c600, ffff888100a9c6c9) [ 10.891155] [ 10.891233] The buggy address belongs to the physical page: [ 10.891477] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a9c [ 10.891894] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.892427] flags: 0x200000000000040(head|node=0|zone=2) [ 10.892716] page_type: f5(slab) [ 10.892969] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.893231] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.893603] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.893978] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.894576] head: 0200000000000001 ffffea000402a701 00000000ffffffff 00000000ffffffff [ 10.895012] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.895364] page dumped because: kasan: bad access detected [ 10.895655] [ 10.895744] Memory state around the buggy address: [ 10.896206] ffff888100a9c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.896466] ffff888100a9c600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.896783] >ffff888100a9c680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 10.897067] ^ [ 10.897298] ffff888100a9c700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.897620] ffff888100a9c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.898006] ================================================================== [ 11.075949] ================================================================== [ 11.076298] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 11.076763] Write of size 1 at addr ffff8881026fe0d0 by task kunit_try_catch/182 [ 11.077072] [ 11.077155] CPU: 0 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 11.077197] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.077208] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.077229] Call Trace: [ 11.077244] <TASK> [ 11.077399] dump_stack_lvl+0x73/0xb0 [ 11.077429] print_report+0xd1/0x650 [ 11.077454] ? __virt_addr_valid+0x1db/0x2d0 [ 11.077476] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.077497] ? kasan_addr_to_slab+0x11/0xa0 [ 11.077520] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.077541] kasan_report+0x141/0x180 [ 11.077564] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.077589] __asan_report_store1_noabort+0x1b/0x30 [ 11.077611] krealloc_less_oob_helper+0xe23/0x11d0 [ 11.077634] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.077656] ? finish_task_switch.isra.0+0x153/0x700 [ 11.077680] ? __switch_to+0x5d9/0xf60 [ 11.077702] ? dequeue_task_fair+0x166/0x4e0 [ 11.077727] ? __schedule+0x10cc/0x2b60 [ 11.077751] ? __pfx_read_tsc+0x10/0x10 [ 11.077775] krealloc_large_less_oob+0x1c/0x30 [ 11.077795] kunit_try_run_case+0x1a5/0x480 [ 11.077817] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.078192] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.078232] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.078257] ? __kthread_parkme+0x82/0x180 [ 11.078280] ? preempt_count_sub+0x50/0x80 [ 11.078305] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.078326] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.078350] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.078374] kthread+0x337/0x6f0 [ 11.078392] ? trace_preempt_on+0x20/0xc0 [ 11.078416] ? __pfx_kthread+0x10/0x10 [ 11.078435] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.078457] ? calculate_sigpending+0x7b/0xa0 [ 11.078479] ? __pfx_kthread+0x10/0x10 [ 11.078498] ret_from_fork+0x41/0x80 [ 11.078528] ? __pfx_kthread+0x10/0x10 [ 11.078547] ret_from_fork_asm+0x1a/0x30 [ 11.078578] </TASK> [ 11.078590] [ 11.086577] The buggy address belongs to the physical page: [ 11.086827] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026fc [ 11.087153] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.087487] flags: 0x200000000000040(head|node=0|zone=2) [ 11.087825] page_type: f8(unknown) [ 11.088080] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.088385] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.088731] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.089083] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.089321] head: 0200000000000002 ffffea000409bf01 00000000ffffffff 00000000ffffffff [ 11.089654] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.090019] page dumped because: kasan: bad access detected [ 11.090353] [ 11.090503] Memory state around the buggy address: [ 11.090702] ffff8881026fdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.091014] ffff8881026fe000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.091349] >ffff8881026fe080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.091907] ^ [ 11.092160] ffff8881026fe100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.092454] ffff8881026fe180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.092756] ================================================================== [ 11.132416] ================================================================== [ 11.132718] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 11.133078] Write of size 1 at addr ffff8881026fe0eb by task kunit_try_catch/182 [ 11.133445] [ 11.133567] CPU: 0 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 11.133611] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.133623] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.133644] Call Trace: [ 11.133657] <TASK> [ 11.133672] dump_stack_lvl+0x73/0xb0 [ 11.133699] print_report+0xd1/0x650 [ 11.133742] ? __virt_addr_valid+0x1db/0x2d0 [ 11.133764] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.133785] ? kasan_addr_to_slab+0x11/0xa0 [ 11.133806] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.133827] kasan_report+0x141/0x180 [ 11.133850] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.133887] __asan_report_store1_noabort+0x1b/0x30 [ 11.133909] krealloc_less_oob_helper+0xd47/0x11d0 [ 11.133932] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.133953] ? finish_task_switch.isra.0+0x153/0x700 [ 11.134051] ? __switch_to+0x5d9/0xf60 [ 11.134074] ? dequeue_task_fair+0x166/0x4e0 [ 11.134099] ? __schedule+0x10cc/0x2b60 [ 11.134136] ? __pfx_read_tsc+0x10/0x10 [ 11.134173] krealloc_large_less_oob+0x1c/0x30 [ 11.134195] kunit_try_run_case+0x1a5/0x480 [ 11.134218] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.134250] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.134287] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.134325] ? __kthread_parkme+0x82/0x180 [ 11.134347] ? preempt_count_sub+0x50/0x80 [ 11.134371] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.134391] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.134415] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.134439] kthread+0x337/0x6f0 [ 11.134455] ? trace_preempt_on+0x20/0xc0 [ 11.134479] ? __pfx_kthread+0x10/0x10 [ 11.134497] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.134520] ? calculate_sigpending+0x7b/0xa0 [ 11.134541] ? __pfx_kthread+0x10/0x10 [ 11.134560] ret_from_fork+0x41/0x80 [ 11.134582] ? __pfx_kthread+0x10/0x10 [ 11.134600] ret_from_fork_asm+0x1a/0x30 [ 11.134631] </TASK> [ 11.134642] [ 11.143910] The buggy address belongs to the physical page: [ 11.144187] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026fc [ 11.144734] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.145156] flags: 0x200000000000040(head|node=0|zone=2) [ 11.145418] page_type: f8(unknown) [ 11.145631] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.145993] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.146513] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.146753] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.147225] head: 0200000000000002 ffffea000409bf01 00000000ffffffff 00000000ffffffff [ 11.147571] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.147978] page dumped because: kasan: bad access detected [ 11.148256] [ 11.148330] Memory state around the buggy address: [ 11.148491] ffff8881026fdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.149007] ffff8881026fe000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.149349] >ffff8881026fe080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.149726] ^ [ 11.149969] ffff8881026fe100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.150417] ffff8881026fe180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.150804] ================================================================== [ 10.839542] ================================================================== [ 10.840196] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 10.841340] Write of size 1 at addr ffff888100a9c6c9 by task kunit_try_catch/178 [ 10.842301] [ 10.842435] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 10.842484] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.842496] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.842628] Call Trace: [ 10.842646] <TASK> [ 10.842662] dump_stack_lvl+0x73/0xb0 [ 10.842691] print_report+0xd1/0x650 [ 10.842715] ? __virt_addr_valid+0x1db/0x2d0 [ 10.842737] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 10.842757] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.842780] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 10.842801] kasan_report+0x141/0x180 [ 10.842825] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 10.842958] __asan_report_store1_noabort+0x1b/0x30 [ 10.842984] krealloc_less_oob_helper+0xd70/0x11d0 [ 10.843007] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.843030] ? finish_task_switch.isra.0+0x153/0x700 [ 10.843053] ? __switch_to+0x5d9/0xf60 [ 10.843074] ? dequeue_task_fair+0x166/0x4e0 [ 10.843098] ? __schedule+0x10cc/0x2b60 [ 10.843121] ? __pfx_read_tsc+0x10/0x10 [ 10.843144] krealloc_less_oob+0x1c/0x30 [ 10.843162] kunit_try_run_case+0x1a5/0x480 [ 10.843184] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.843203] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.843228] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.843252] ? __kthread_parkme+0x82/0x180 [ 10.843273] ? preempt_count_sub+0x50/0x80 [ 10.843298] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.843319] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.843342] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.843366] kthread+0x337/0x6f0 [ 10.843382] ? trace_preempt_on+0x20/0xc0 [ 10.843406] ? __pfx_kthread+0x10/0x10 [ 10.843424] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.843445] ? calculate_sigpending+0x7b/0xa0 [ 10.843466] ? __pfx_kthread+0x10/0x10 [ 10.843485] ret_from_fork+0x41/0x80 [ 10.843505] ? __pfx_kthread+0x10/0x10 [ 10.843524] ret_from_fork_asm+0x1a/0x30 [ 10.843554] </TASK> [ 10.843565] [ 10.855326] Allocated by task 178: [ 10.855665] kasan_save_stack+0x45/0x70 [ 10.855928] kasan_save_track+0x18/0x40 [ 10.856103] kasan_save_alloc_info+0x3b/0x50 [ 10.856417] __kasan_krealloc+0x190/0x1f0 [ 10.856790] krealloc_noprof+0xf3/0x340 [ 10.857066] krealloc_less_oob_helper+0x1aa/0x11d0 [ 10.857440] krealloc_less_oob+0x1c/0x30 [ 10.857784] kunit_try_run_case+0x1a5/0x480 [ 10.858232] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.858616] kthread+0x337/0x6f0 [ 10.858957] ret_from_fork+0x41/0x80 [ 10.859104] ret_from_fork_asm+0x1a/0x30 [ 10.859299] [ 10.859385] The buggy address belongs to the object at ffff888100a9c600 [ 10.859385] which belongs to the cache kmalloc-256 of size 256 [ 10.860253] The buggy address is located 0 bytes to the right of [ 10.860253] allocated 201-byte region [ffff888100a9c600, ffff888100a9c6c9) [ 10.861151] [ 10.861258] The buggy address belongs to the physical page: [ 10.861598] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a9c [ 10.862124] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.862449] flags: 0x200000000000040(head|node=0|zone=2) [ 10.862925] page_type: f5(slab) [ 10.863112] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.863690] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.864229] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.864708] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.865278] head: 0200000000000001 ffffea000402a701 00000000ffffffff 00000000ffffffff [ 10.865812] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.866347] page dumped because: kasan: bad access detected [ 10.866591] [ 10.866963] Memory state around the buggy address: [ 10.867300] ffff888100a9c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.867761] ffff888100a9c600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.868414] >ffff888100a9c680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 10.868955] ^ [ 10.869195] ffff888100a9c700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.869507] ffff888100a9c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.870097] ================================================================== [ 11.093142] ================================================================== [ 11.093596] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 11.093848] Write of size 1 at addr ffff8881026fe0da by task kunit_try_catch/182 [ 11.094163] [ 11.094274] CPU: 0 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 11.094317] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.094328] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.094362] Call Trace: [ 11.094377] <TASK> [ 11.094392] dump_stack_lvl+0x73/0xb0 [ 11.094418] print_report+0xd1/0x650 [ 11.094443] ? __virt_addr_valid+0x1db/0x2d0 [ 11.094465] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.094487] ? kasan_addr_to_slab+0x11/0xa0 [ 11.094511] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.094533] kasan_report+0x141/0x180 [ 11.094557] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.094582] __asan_report_store1_noabort+0x1b/0x30 [ 11.094604] krealloc_less_oob_helper+0xec6/0x11d0 [ 11.094628] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.094649] ? finish_task_switch.isra.0+0x153/0x700 [ 11.094673] ? __switch_to+0x5d9/0xf60 [ 11.094694] ? dequeue_task_fair+0x166/0x4e0 [ 11.094718] ? __schedule+0x10cc/0x2b60 [ 11.094743] ? __pfx_read_tsc+0x10/0x10 [ 11.094767] krealloc_large_less_oob+0x1c/0x30 [ 11.094787] kunit_try_run_case+0x1a5/0x480 [ 11.094809] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.094828] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.094853] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.094888] ? __kthread_parkme+0x82/0x180 [ 11.094911] ? preempt_count_sub+0x50/0x80 [ 11.094935] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.094956] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.094980] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.095003] kthread+0x337/0x6f0 [ 11.095021] ? trace_preempt_on+0x20/0xc0 [ 11.095044] ? __pfx_kthread+0x10/0x10 [ 11.095063] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.095085] ? calculate_sigpending+0x7b/0xa0 [ 11.095107] ? __pfx_kthread+0x10/0x10 [ 11.095126] ret_from_fork+0x41/0x80 [ 11.095148] ? __pfx_kthread+0x10/0x10 [ 11.095166] ret_from_fork_asm+0x1a/0x30 [ 11.095197] </TASK> [ 11.095209] [ 11.105864] The buggy address belongs to the physical page: [ 11.106184] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026fc [ 11.106722] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.107257] flags: 0x200000000000040(head|node=0|zone=2) [ 11.107529] page_type: f8(unknown) [ 11.107685] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.108167] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.108515] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.108953] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.109300] head: 0200000000000002 ffffea000409bf01 00000000ffffffff 00000000ffffffff [ 11.109638] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.110050] page dumped because: kasan: bad access detected [ 11.110278] [ 11.110377] Memory state around the buggy address: [ 11.110585] ffff8881026fdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.110856] ffff8881026fe000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.111359] >ffff8881026fe080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.111718] ^ [ 11.112305] ffff8881026fe100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.112580] ffff8881026fe180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.113162] ================================================================== [ 10.961405] ================================================================== [ 10.962140] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 10.962479] Write of size 1 at addr ffff888100a9c6eb by task kunit_try_catch/178 [ 10.963258] [ 10.963398] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 10.963542] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.963567] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.963594] Call Trace: [ 10.963613] <TASK> [ 10.963632] dump_stack_lvl+0x73/0xb0 [ 10.963668] print_report+0xd1/0x650 [ 10.963693] ? __virt_addr_valid+0x1db/0x2d0 [ 10.963715] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 10.963736] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.963759] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 10.963780] kasan_report+0x141/0x180 [ 10.963803] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 10.963829] __asan_report_store1_noabort+0x1b/0x30 [ 10.963897] krealloc_less_oob_helper+0xd47/0x11d0 [ 10.963921] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.963942] ? finish_task_switch.isra.0+0x153/0x700 [ 10.963966] ? __switch_to+0x5d9/0xf60 [ 10.963988] ? dequeue_task_fair+0x166/0x4e0 [ 10.964012] ? __schedule+0x10cc/0x2b60 [ 10.964037] ? __pfx_read_tsc+0x10/0x10 [ 10.964060] krealloc_less_oob+0x1c/0x30 [ 10.964079] kunit_try_run_case+0x1a5/0x480 [ 10.964102] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.964120] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.964145] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.964170] ? __kthread_parkme+0x82/0x180 [ 10.964192] ? preempt_count_sub+0x50/0x80 [ 10.964216] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.964237] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.964260] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.964284] kthread+0x337/0x6f0 [ 10.964301] ? trace_preempt_on+0x20/0xc0 [ 10.964325] ? __pfx_kthread+0x10/0x10 [ 10.964343] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.964365] ? calculate_sigpending+0x7b/0xa0 [ 10.964387] ? __pfx_kthread+0x10/0x10 [ 10.964406] ret_from_fork+0x41/0x80 [ 10.964427] ? __pfx_kthread+0x10/0x10 [ 10.964445] ret_from_fork_asm+0x1a/0x30 [ 10.964476] </TASK> [ 10.964488] [ 10.977255] Allocated by task 178: [ 10.977440] kasan_save_stack+0x45/0x70 [ 10.977987] kasan_save_track+0x18/0x40 [ 10.978181] kasan_save_alloc_info+0x3b/0x50 [ 10.978375] __kasan_krealloc+0x190/0x1f0 [ 10.978797] krealloc_noprof+0xf3/0x340 [ 10.979413] krealloc_less_oob_helper+0x1aa/0x11d0 [ 10.979985] krealloc_less_oob+0x1c/0x30 [ 10.980225] kunit_try_run_case+0x1a5/0x480 [ 10.980431] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.981041] kthread+0x337/0x6f0 [ 10.981249] ret_from_fork+0x41/0x80 [ 10.981550] ret_from_fork_asm+0x1a/0x30 [ 10.981982] [ 10.982230] The buggy address belongs to the object at ffff888100a9c600 [ 10.982230] which belongs to the cache kmalloc-256 of size 256 [ 10.983035] The buggy address is located 34 bytes to the right of [ 10.983035] allocated 201-byte region [ffff888100a9c600, ffff888100a9c6c9) [ 10.983866] [ 10.984049] The buggy address belongs to the physical page: [ 10.984295] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a9c [ 10.985031] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.985652] flags: 0x200000000000040(head|node=0|zone=2) [ 10.986172] page_type: f5(slab) [ 10.986571] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.987012] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.987485] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.988299] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.988778] head: 0200000000000001 ffffea000402a701 00000000ffffffff 00000000ffffffff [ 10.989310] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.990018] page dumped because: kasan: bad access detected [ 10.990318] [ 10.990541] Memory state around the buggy address: [ 10.990781] ffff888100a9c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.991259] ffff888100a9c600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.991816] >ffff888100a9c680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 10.992427] ^ [ 10.993135] ffff888100a9c700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.993440] ffff888100a9c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.994189] ================================================================== [ 11.113578] ================================================================== [ 11.113973] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 11.114323] Write of size 1 at addr ffff8881026fe0ea by task kunit_try_catch/182 [ 11.114695] [ 11.114815] CPU: 0 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 11.114940] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.114954] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.114975] Call Trace: [ 11.114991] <TASK> [ 11.115006] dump_stack_lvl+0x73/0xb0 [ 11.115033] print_report+0xd1/0x650 [ 11.115058] ? __virt_addr_valid+0x1db/0x2d0 [ 11.115098] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.115120] ? kasan_addr_to_slab+0x11/0xa0 [ 11.115141] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.115162] kasan_report+0x141/0x180 [ 11.115185] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.115211] __asan_report_store1_noabort+0x1b/0x30 [ 11.115232] krealloc_less_oob_helper+0xe90/0x11d0 [ 11.115255] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.115276] ? finish_task_switch.isra.0+0x153/0x700 [ 11.115300] ? __switch_to+0x5d9/0xf60 [ 11.115321] ? dequeue_task_fair+0x166/0x4e0 [ 11.115345] ? __schedule+0x10cc/0x2b60 [ 11.115368] ? __pfx_read_tsc+0x10/0x10 [ 11.115392] krealloc_large_less_oob+0x1c/0x30 [ 11.115412] kunit_try_run_case+0x1a5/0x480 [ 11.115452] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.115471] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.115495] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.115526] ? __kthread_parkme+0x82/0x180 [ 11.115549] ? preempt_count_sub+0x50/0x80 [ 11.115580] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.115617] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.115653] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.115678] kthread+0x337/0x6f0 [ 11.115708] ? trace_preempt_on+0x20/0xc0 [ 11.115733] ? __pfx_kthread+0x10/0x10 [ 11.115751] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.115787] ? calculate_sigpending+0x7b/0xa0 [ 11.115822] ? __pfx_kthread+0x10/0x10 [ 11.115841] ret_from_fork+0x41/0x80 [ 11.115862] ? __pfx_kthread+0x10/0x10 [ 11.115891] ret_from_fork_asm+0x1a/0x30 [ 11.115923] </TASK> [ 11.115934] [ 11.125217] The buggy address belongs to the physical page: [ 11.125574] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026fc [ 11.125820] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.126186] flags: 0x200000000000040(head|node=0|zone=2) [ 11.126445] page_type: f8(unknown) [ 11.126699] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.127107] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.127452] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.127813] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.128257] head: 0200000000000002 ffffea000409bf01 00000000ffffffff 00000000ffffffff [ 11.128539] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.129095] page dumped because: kasan: bad access detected [ 11.129384] [ 11.129472] Memory state around the buggy address: [ 11.129724] ffff8881026fdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.130198] ffff8881026fe000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.130541] >ffff8881026fe080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.130947] ^ [ 11.131238] ffff8881026fe100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.131594] ffff8881026fe180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.132013] ================================================================== [ 11.054508] ================================================================== [ 11.055189] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 11.055546] Write of size 1 at addr ffff8881026fe0c9 by task kunit_try_catch/182 [ 11.055976] [ 11.056103] CPU: 0 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 11.056152] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.056164] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.056187] Call Trace: [ 11.056200] <TASK> [ 11.056217] dump_stack_lvl+0x73/0xb0 [ 11.056246] print_report+0xd1/0x650 [ 11.056270] ? __virt_addr_valid+0x1db/0x2d0 [ 11.056293] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.056314] ? kasan_addr_to_slab+0x11/0xa0 [ 11.056335] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.056356] kasan_report+0x141/0x180 [ 11.056379] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.056405] __asan_report_store1_noabort+0x1b/0x30 [ 11.056426] krealloc_less_oob_helper+0xd70/0x11d0 [ 11.056449] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.056470] ? finish_task_switch.isra.0+0x153/0x700 [ 11.056548] ? __switch_to+0x5d9/0xf60 [ 11.056589] ? dequeue_task_fair+0x166/0x4e0 [ 11.056614] ? __schedule+0x10cc/0x2b60 [ 11.056645] ? __pfx_read_tsc+0x10/0x10 [ 11.056669] krealloc_large_less_oob+0x1c/0x30 [ 11.056689] kunit_try_run_case+0x1a5/0x480 [ 11.056712] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.056732] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.056757] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.056781] ? __kthread_parkme+0x82/0x180 [ 11.056804] ? preempt_count_sub+0x50/0x80 [ 11.056828] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.057067] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.057093] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.057117] kthread+0x337/0x6f0 [ 11.057135] ? trace_preempt_on+0x20/0xc0 [ 11.057161] ? __pfx_kthread+0x10/0x10 [ 11.057179] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.057202] ? calculate_sigpending+0x7b/0xa0 [ 11.057224] ? __pfx_kthread+0x10/0x10 [ 11.057242] ret_from_fork+0x41/0x80 [ 11.057264] ? __pfx_kthread+0x10/0x10 [ 11.057282] ret_from_fork_asm+0x1a/0x30 [ 11.057314] </TASK> [ 11.057326] [ 11.068590] The buggy address belongs to the physical page: [ 11.068929] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026fc [ 11.069273] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.069632] flags: 0x200000000000040(head|node=0|zone=2) [ 11.069918] page_type: f8(unknown) [ 11.070375] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.070683] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.071043] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.071401] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.071721] head: 0200000000000002 ffffea000409bf01 00000000ffffffff 00000000ffffffff [ 11.072289] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.072605] page dumped because: kasan: bad access detected [ 11.072914] [ 11.073017] Memory state around the buggy address: [ 11.073237] ffff8881026fdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.073665] ffff8881026fe000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.074050] >ffff8881026fe080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.074375] ^ [ 11.074669] ffff8881026fe100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.075053] ffff8881026fe180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.075330] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 10.768682] ================================================================== [ 10.769203] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 10.769451] Write of size 1 at addr ffff888100355ceb by task kunit_try_catch/176 [ 10.770289] [ 10.770472] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 10.770551] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.770564] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.770584] Call Trace: [ 10.770597] <TASK> [ 10.770611] dump_stack_lvl+0x73/0xb0 [ 10.770638] print_report+0xd1/0x650 [ 10.770662] ? __virt_addr_valid+0x1db/0x2d0 [ 10.770685] ? krealloc_more_oob_helper+0x821/0x930 [ 10.770706] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.770729] ? krealloc_more_oob_helper+0x821/0x930 [ 10.770749] kasan_report+0x141/0x180 [ 10.770772] ? krealloc_more_oob_helper+0x821/0x930 [ 10.770797] __asan_report_store1_noabort+0x1b/0x30 [ 10.770819] krealloc_more_oob_helper+0x821/0x930 [ 10.770845] ? __schedule+0x10cc/0x2b60 [ 10.770869] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 10.770899] ? finish_task_switch.isra.0+0x153/0x700 [ 10.770922] ? __switch_to+0x5d9/0xf60 [ 10.770945] ? dequeue_task_fair+0x166/0x4e0 [ 10.770970] ? __schedule+0x10cc/0x2b60 [ 10.770992] ? __pfx_read_tsc+0x10/0x10 [ 10.771016] krealloc_more_oob+0x1c/0x30 [ 10.771035] kunit_try_run_case+0x1a5/0x480 [ 10.771057] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.771076] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.771100] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.771124] ? __kthread_parkme+0x82/0x180 [ 10.771146] ? preempt_count_sub+0x50/0x80 [ 10.771170] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.771190] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.771213] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.771236] kthread+0x337/0x6f0 [ 10.771253] ? trace_preempt_on+0x20/0xc0 [ 10.771276] ? __pfx_kthread+0x10/0x10 [ 10.771295] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.771317] ? calculate_sigpending+0x7b/0xa0 [ 10.771338] ? __pfx_kthread+0x10/0x10 [ 10.771357] ret_from_fork+0x41/0x80 [ 10.771378] ? __pfx_kthread+0x10/0x10 [ 10.771396] ret_from_fork_asm+0x1a/0x30 [ 10.771426] </TASK> [ 10.771437] [ 10.788317] Allocated by task 176: [ 10.788640] kasan_save_stack+0x45/0x70 [ 10.788918] kasan_save_track+0x18/0x40 [ 10.789414] kasan_save_alloc_info+0x3b/0x50 [ 10.789806] __kasan_krealloc+0x190/0x1f0 [ 10.790331] krealloc_noprof+0xf3/0x340 [ 10.790749] krealloc_more_oob_helper+0x1a9/0x930 [ 10.791261] krealloc_more_oob+0x1c/0x30 [ 10.791460] kunit_try_run_case+0x1a5/0x480 [ 10.791644] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.792194] kthread+0x337/0x6f0 [ 10.792515] ret_from_fork+0x41/0x80 [ 10.792860] ret_from_fork_asm+0x1a/0x30 [ 10.793275] [ 10.793440] The buggy address belongs to the object at ffff888100355c00 [ 10.793440] which belongs to the cache kmalloc-256 of size 256 [ 10.794441] The buggy address is located 0 bytes to the right of [ 10.794441] allocated 235-byte region [ffff888100355c00, ffff888100355ceb) [ 10.795104] [ 10.795183] The buggy address belongs to the physical page: [ 10.795580] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100354 [ 10.796142] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.796987] flags: 0x200000000000040(head|node=0|zone=2) [ 10.797552] page_type: f5(slab) [ 10.797693] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.797974] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.798209] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.798444] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.799040] head: 0200000000000001 ffffea000400d501 00000000ffffffff 00000000ffffffff [ 10.799771] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.800489] page dumped because: kasan: bad access detected [ 10.801037] [ 10.801216] Memory state around the buggy address: [ 10.801713] ffff888100355b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.802492] ffff888100355c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.803354] >ffff888100355c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 10.804044] ^ [ 10.804622] ffff888100355d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.805162] ffff888100355d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.805387] ================================================================== [ 11.025787] ================================================================== [ 11.026094] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 11.026335] Write of size 1 at addr ffff888102d6a0f0 by task kunit_try_catch/180 [ 11.026577] [ 11.026675] CPU: 1 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 11.027050] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.027063] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.027083] Call Trace: [ 11.027098] <TASK> [ 11.027112] dump_stack_lvl+0x73/0xb0 [ 11.027140] print_report+0xd1/0x650 [ 11.027163] ? __virt_addr_valid+0x1db/0x2d0 [ 11.027185] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.027206] ? kasan_addr_to_slab+0x11/0xa0 [ 11.027227] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.027248] kasan_report+0x141/0x180 [ 11.027271] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.027297] __asan_report_store1_noabort+0x1b/0x30 [ 11.027318] krealloc_more_oob_helper+0x7eb/0x930 [ 11.027338] ? __schedule+0x10cc/0x2b60 [ 11.027361] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.027382] ? finish_task_switch.isra.0+0x153/0x700 [ 11.027406] ? __switch_to+0x5d9/0xf60 [ 11.027426] ? dequeue_task_fair+0x166/0x4e0 [ 11.027450] ? __schedule+0x10cc/0x2b60 [ 11.027473] ? __pfx_read_tsc+0x10/0x10 [ 11.027497] krealloc_large_more_oob+0x1c/0x30 [ 11.027518] kunit_try_run_case+0x1a5/0x480 [ 11.027539] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.027558] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.027592] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.027616] ? __kthread_parkme+0x82/0x180 [ 11.027638] ? preempt_count_sub+0x50/0x80 [ 11.027662] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.027683] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.027706] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.027730] kthread+0x337/0x6f0 [ 11.027747] ? trace_preempt_on+0x20/0xc0 [ 11.027771] ? __pfx_kthread+0x10/0x10 [ 11.027789] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.027812] ? calculate_sigpending+0x7b/0xa0 [ 11.027833] ? __pfx_kthread+0x10/0x10 [ 11.027930] ret_from_fork+0x41/0x80 [ 11.027952] ? __pfx_kthread+0x10/0x10 [ 11.027971] ret_from_fork_asm+0x1a/0x30 [ 11.028002] </TASK> [ 11.028013] [ 11.039928] The buggy address belongs to the physical page: [ 11.040180] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d68 [ 11.041311] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.041562] flags: 0x200000000000040(head|node=0|zone=2) [ 11.041740] page_type: f8(unknown) [ 11.041868] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.043492] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.044754] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.046073] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.046779] head: 0200000000000002 ffffea00040b5a01 00000000ffffffff 00000000ffffffff [ 11.047718] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.048515] page dumped because: kasan: bad access detected [ 11.049157] [ 11.049269] Memory state around the buggy address: [ 11.049488] ffff888102d69f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.049787] ffff888102d6a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.050145] >ffff888102d6a080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 11.050436] ^ [ 11.050741] ffff888102d6a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.051142] ffff888102d6a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.051451] ================================================================== [ 10.806023] ================================================================== [ 10.806639] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 10.807326] Write of size 1 at addr ffff888100355cf0 by task kunit_try_catch/176 [ 10.807979] [ 10.808152] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 10.808195] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.808207] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.808228] Call Trace: [ 10.808240] <TASK> [ 10.808256] dump_stack_lvl+0x73/0xb0 [ 10.808281] print_report+0xd1/0x650 [ 10.808305] ? __virt_addr_valid+0x1db/0x2d0 [ 10.808340] ? krealloc_more_oob_helper+0x7eb/0x930 [ 10.808371] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.808394] ? krealloc_more_oob_helper+0x7eb/0x930 [ 10.808415] kasan_report+0x141/0x180 [ 10.808438] ? krealloc_more_oob_helper+0x7eb/0x930 [ 10.808464] __asan_report_store1_noabort+0x1b/0x30 [ 10.808485] krealloc_more_oob_helper+0x7eb/0x930 [ 10.808504] ? __schedule+0x10cc/0x2b60 [ 10.808535] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 10.808556] ? finish_task_switch.isra.0+0x153/0x700 [ 10.808579] ? __switch_to+0x5d9/0xf60 [ 10.808601] ? dequeue_task_fair+0x166/0x4e0 [ 10.808625] ? __schedule+0x10cc/0x2b60 [ 10.808647] ? __pfx_read_tsc+0x10/0x10 [ 10.808671] krealloc_more_oob+0x1c/0x30 [ 10.808690] kunit_try_run_case+0x1a5/0x480 [ 10.808711] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.808730] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.808754] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.808778] ? __kthread_parkme+0x82/0x180 [ 10.808800] ? preempt_count_sub+0x50/0x80 [ 10.808824] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.808854] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.808888] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.808912] kthread+0x337/0x6f0 [ 10.808929] ? trace_preempt_on+0x20/0xc0 [ 10.808952] ? __pfx_kthread+0x10/0x10 [ 10.808970] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.809003] ? calculate_sigpending+0x7b/0xa0 [ 10.809025] ? __pfx_kthread+0x10/0x10 [ 10.809043] ret_from_fork+0x41/0x80 [ 10.809065] ? __pfx_kthread+0x10/0x10 [ 10.809083] ret_from_fork_asm+0x1a/0x30 [ 10.809113] </TASK> [ 10.809124] [ 10.822403] Allocated by task 176: [ 10.822556] kasan_save_stack+0x45/0x70 [ 10.822708] kasan_save_track+0x18/0x40 [ 10.822858] kasan_save_alloc_info+0x3b/0x50 [ 10.823036] __kasan_krealloc+0x190/0x1f0 [ 10.823182] krealloc_noprof+0xf3/0x340 [ 10.823321] krealloc_more_oob_helper+0x1a9/0x930 [ 10.823478] krealloc_more_oob+0x1c/0x30 [ 10.823634] kunit_try_run_case+0x1a5/0x480 [ 10.823781] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.823968] kthread+0x337/0x6f0 [ 10.824090] ret_from_fork+0x41/0x80 [ 10.824401] ret_from_fork_asm+0x1a/0x30 [ 10.824720] [ 10.824803] The buggy address belongs to the object at ffff888100355c00 [ 10.824803] which belongs to the cache kmalloc-256 of size 256 [ 10.825244] The buggy address is located 5 bytes to the right of [ 10.825244] allocated 235-byte region [ffff888100355c00, ffff888100355ceb) [ 10.826143] [ 10.826309] The buggy address belongs to the physical page: [ 10.826813] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100354 [ 10.827601] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.828367] flags: 0x200000000000040(head|node=0|zone=2) [ 10.828850] page_type: f5(slab) [ 10.829236] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.830026] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.830263] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.830531] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.830997] head: 0200000000000001 ffffea000400d501 00000000ffffffff 00000000ffffffff [ 10.831702] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.832455] page dumped because: kasan: bad access detected [ 10.832790] [ 10.832882] Memory state around the buggy address: [ 10.833349] ffff888100355b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.834051] ffff888100355c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.834450] >ffff888100355c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 10.834676] ^ [ 10.834910] ffff888100355d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.835265] ffff888100355d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.835952] ================================================================== [ 10.998620] ================================================================== [ 10.999107] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 10.999418] Write of size 1 at addr ffff888102d6a0eb by task kunit_try_catch/180 [ 10.999896] [ 11.000054] CPU: 1 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 11.000104] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.000116] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.000139] Call Trace: [ 11.000151] <TASK> [ 11.000167] dump_stack_lvl+0x73/0xb0 [ 11.000196] print_report+0xd1/0x650 [ 11.000220] ? __virt_addr_valid+0x1db/0x2d0 [ 11.000242] ? krealloc_more_oob_helper+0x821/0x930 [ 11.000262] ? kasan_addr_to_slab+0x11/0xa0 [ 11.000284] ? krealloc_more_oob_helper+0x821/0x930 [ 11.000305] kasan_report+0x141/0x180 [ 11.000327] ? krealloc_more_oob_helper+0x821/0x930 [ 11.000353] __asan_report_store1_noabort+0x1b/0x30 [ 11.000374] krealloc_more_oob_helper+0x821/0x930 [ 11.000394] ? __schedule+0x10cc/0x2b60 [ 11.000418] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.000439] ? finish_task_switch.isra.0+0x153/0x700 [ 11.000464] ? __switch_to+0x5d9/0xf60 [ 11.000484] ? dequeue_task_fair+0x166/0x4e0 [ 11.000508] ? __schedule+0x10cc/0x2b60 [ 11.000532] ? __pfx_read_tsc+0x10/0x10 [ 11.000555] krealloc_large_more_oob+0x1c/0x30 [ 11.000575] kunit_try_run_case+0x1a5/0x480 [ 11.000597] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.000616] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.000641] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.000665] ? __kthread_parkme+0x82/0x180 [ 11.000687] ? preempt_count_sub+0x50/0x80 [ 11.000711] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.000732] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.000756] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.000779] kthread+0x337/0x6f0 [ 11.000797] ? trace_preempt_on+0x20/0xc0 [ 11.000821] ? __pfx_kthread+0x10/0x10 [ 11.000853] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.000888] ? calculate_sigpending+0x7b/0xa0 [ 11.000910] ? __pfx_kthread+0x10/0x10 [ 11.000929] ret_from_fork+0x41/0x80 [ 11.000949] ? __pfx_kthread+0x10/0x10 [ 11.000967] ret_from_fork_asm+0x1a/0x30 [ 11.000999] </TASK> [ 11.001010] [ 11.014428] The buggy address belongs to the physical page: [ 11.015141] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d68 [ 11.015870] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.016570] flags: 0x200000000000040(head|node=0|zone=2) [ 11.016957] page_type: f8(unknown) [ 11.017309] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.017559] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.018443] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.019306] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.019721] head: 0200000000000002 ffffea00040b5a01 00000000ffffffff 00000000ffffffff [ 11.020464] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.021136] page dumped because: kasan: bad access detected [ 11.021491] [ 11.021582] Memory state around the buggy address: [ 11.022060] ffff888102d69f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.022393] ffff888102d6a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.022791] >ffff888102d6a080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 11.023499] ^ [ 11.024186] ffff888102d6a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.024502] ffff888102d6a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.025200] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 13.274968] ================================================================== [ 13.275260] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 13.275458] Read of size 1 at addr ffff88810360c050 by task kunit_try_catch/279 [ 13.275692] [ 13.275913] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 13.275957] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.275969] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.275990] Call Trace: [ 13.276005] <TASK> [ 13.276021] dump_stack_lvl+0x73/0xb0 [ 13.276046] print_report+0xd1/0x650 [ 13.276070] ? __virt_addr_valid+0x1db/0x2d0 [ 13.276092] ? strlen+0x8f/0xb0 [ 13.276111] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.276134] ? strlen+0x8f/0xb0 [ 13.276153] kasan_report+0x141/0x180 [ 13.276177] ? strlen+0x8f/0xb0 [ 13.276200] __asan_report_load1_noabort+0x18/0x20 [ 13.276223] strlen+0x8f/0xb0 [ 13.276242] kasan_strings+0x57b/0xe80 [ 13.276263] ? trace_hardirqs_on+0x37/0xe0 [ 13.276286] ? __pfx_kasan_strings+0x10/0x10 [ 13.276308] ? finish_task_switch.isra.0+0x153/0x700 [ 13.276332] ? __switch_to+0x5d9/0xf60 [ 13.276353] ? dequeue_task_fair+0x166/0x4e0 [ 13.276378] ? __schedule+0x10cc/0x2b60 [ 13.276402] ? __pfx_read_tsc+0x10/0x10 [ 13.276422] ? ktime_get_ts64+0x86/0x230 [ 13.276448] kunit_try_run_case+0x1a5/0x480 [ 13.276470] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.276490] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.276515] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.276539] ? __kthread_parkme+0x82/0x180 [ 13.276561] ? preempt_count_sub+0x50/0x80 [ 13.276587] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.276609] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.276634] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.276658] kthread+0x337/0x6f0 [ 13.276675] ? trace_preempt_on+0x20/0xc0 [ 13.276699] ? __pfx_kthread+0x10/0x10 [ 13.276717] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.276740] ? calculate_sigpending+0x7b/0xa0 [ 13.276762] ? __pfx_kthread+0x10/0x10 [ 13.276781] ret_from_fork+0x41/0x80 [ 13.276802] ? __pfx_kthread+0x10/0x10 [ 13.276821] ret_from_fork_asm+0x1a/0x30 [ 13.276851] </TASK> [ 13.276862] [ 13.285592] Allocated by task 279: [ 13.285740] kasan_save_stack+0x45/0x70 [ 13.285984] kasan_save_track+0x18/0x40 [ 13.286205] kasan_save_alloc_info+0x3b/0x50 [ 13.286359] __kasan_kmalloc+0xb7/0xc0 [ 13.286495] __kmalloc_cache_noprof+0x189/0x420 [ 13.286705] kasan_strings+0xc0/0xe80 [ 13.286961] kunit_try_run_case+0x1a5/0x480 [ 13.287178] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.287433] kthread+0x337/0x6f0 [ 13.287641] ret_from_fork+0x41/0x80 [ 13.287775] ret_from_fork_asm+0x1a/0x30 [ 13.288033] [ 13.288135] Freed by task 279: [ 13.288300] kasan_save_stack+0x45/0x70 [ 13.288498] kasan_save_track+0x18/0x40 [ 13.288648] kasan_save_free_info+0x3f/0x60 [ 13.289019] __kasan_slab_free+0x56/0x70 [ 13.289238] kfree+0x222/0x3f0 [ 13.289403] kasan_strings+0x2aa/0xe80 [ 13.289579] kunit_try_run_case+0x1a5/0x480 [ 13.289747] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.290048] kthread+0x337/0x6f0 [ 13.290228] ret_from_fork+0x41/0x80 [ 13.290405] ret_from_fork_asm+0x1a/0x30 [ 13.290595] [ 13.290689] The buggy address belongs to the object at ffff88810360c040 [ 13.290689] which belongs to the cache kmalloc-32 of size 32 [ 13.291264] The buggy address is located 16 bytes inside of [ 13.291264] freed 32-byte region [ffff88810360c040, ffff88810360c060) [ 13.291616] [ 13.291689] The buggy address belongs to the physical page: [ 13.291861] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10360c [ 13.292335] flags: 0x200000000000000(node=0|zone=2) [ 13.292647] page_type: f5(slab) [ 13.292819] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.293208] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.293451] page dumped because: kasan: bad access detected [ 13.293935] [ 13.294027] Memory state around the buggy address: [ 13.294250] ffff88810360bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.294570] ffff88810360bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.295016] >ffff88810360c000: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.295315] ^ [ 13.295587] ffff88810360c080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.295908] ffff88810360c100: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 13.296188] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 13.253032] ================================================================== [ 13.253322] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 13.253618] Read of size 1 at addr ffff88810360c050 by task kunit_try_catch/279 [ 13.254202] [ 13.254303] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 13.254349] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.254361] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.254384] Call Trace: [ 13.254401] <TASK> [ 13.254417] dump_stack_lvl+0x73/0xb0 [ 13.254445] print_report+0xd1/0x650 [ 13.254467] ? __virt_addr_valid+0x1db/0x2d0 [ 13.254490] ? kasan_strings+0xcbc/0xe80 [ 13.254511] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.254548] ? kasan_strings+0xcbc/0xe80 [ 13.254571] kasan_report+0x141/0x180 [ 13.254594] ? kasan_strings+0xcbc/0xe80 [ 13.254620] __asan_report_load1_noabort+0x18/0x20 [ 13.254642] kasan_strings+0xcbc/0xe80 [ 13.254663] ? trace_hardirqs_on+0x37/0xe0 [ 13.254688] ? __pfx_kasan_strings+0x10/0x10 [ 13.254710] ? finish_task_switch.isra.0+0x153/0x700 [ 13.254736] ? __switch_to+0x5d9/0xf60 [ 13.254757] ? dequeue_task_fair+0x166/0x4e0 [ 13.254782] ? __schedule+0x10cc/0x2b60 [ 13.254806] ? __pfx_read_tsc+0x10/0x10 [ 13.254826] ? ktime_get_ts64+0x86/0x230 [ 13.255124] kunit_try_run_case+0x1a5/0x480 [ 13.255153] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.255173] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.255199] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.255224] ? __kthread_parkme+0x82/0x180 [ 13.255247] ? preempt_count_sub+0x50/0x80 [ 13.255273] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.255294] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.255318] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.255343] kthread+0x337/0x6f0 [ 13.255360] ? trace_preempt_on+0x20/0xc0 [ 13.255383] ? __pfx_kthread+0x10/0x10 [ 13.255402] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.255425] ? calculate_sigpending+0x7b/0xa0 [ 13.255447] ? __pfx_kthread+0x10/0x10 [ 13.255466] ret_from_fork+0x41/0x80 [ 13.255487] ? __pfx_kthread+0x10/0x10 [ 13.255506] ret_from_fork_asm+0x1a/0x30 [ 13.255537] </TASK> [ 13.255549] [ 13.263549] Allocated by task 279: [ 13.263754] kasan_save_stack+0x45/0x70 [ 13.264031] kasan_save_track+0x18/0x40 [ 13.264204] kasan_save_alloc_info+0x3b/0x50 [ 13.264354] __kasan_kmalloc+0xb7/0xc0 [ 13.264547] __kmalloc_cache_noprof+0x189/0x420 [ 13.265010] kasan_strings+0xc0/0xe80 [ 13.265174] kunit_try_run_case+0x1a5/0x480 [ 13.265431] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.265681] kthread+0x337/0x6f0 [ 13.265829] ret_from_fork+0x41/0x80 [ 13.266006] ret_from_fork_asm+0x1a/0x30 [ 13.266184] [ 13.266286] Freed by task 279: [ 13.266454] kasan_save_stack+0x45/0x70 [ 13.266610] kasan_save_track+0x18/0x40 [ 13.266747] kasan_save_free_info+0x3f/0x60 [ 13.266943] __kasan_slab_free+0x56/0x70 [ 13.267155] kfree+0x222/0x3f0 [ 13.267319] kasan_strings+0x2aa/0xe80 [ 13.267519] kunit_try_run_case+0x1a5/0x480 [ 13.267720] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.267914] kthread+0x337/0x6f0 [ 13.268134] ret_from_fork+0x41/0x80 [ 13.268325] ret_from_fork_asm+0x1a/0x30 [ 13.268524] [ 13.268627] The buggy address belongs to the object at ffff88810360c040 [ 13.268627] which belongs to the cache kmalloc-32 of size 32 [ 13.269154] The buggy address is located 16 bytes inside of [ 13.269154] freed 32-byte region [ffff88810360c040, ffff88810360c060) [ 13.269688] [ 13.269790] The buggy address belongs to the physical page: [ 13.270072] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10360c [ 13.270361] flags: 0x200000000000000(node=0|zone=2) [ 13.270526] page_type: f5(slab) [ 13.270648] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.270893] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.271408] page dumped because: kasan: bad access detected [ 13.271907] [ 13.272007] Memory state around the buggy address: [ 13.272238] ffff88810360bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.272586] ffff88810360bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.272887] >ffff88810360c000: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.273167] ^ [ 13.273369] ffff88810360c080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.273822] ffff88810360c100: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 13.274406] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 13.220144] ================================================================== [ 13.222631] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 13.223342] Read of size 1 at addr ffff88810360c050 by task kunit_try_catch/279 [ 13.223926] [ 13.224030] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 13.224081] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.224094] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.224117] Call Trace: [ 13.224131] <TASK> [ 13.224148] dump_stack_lvl+0x73/0xb0 [ 13.224177] print_report+0xd1/0x650 [ 13.224203] ? __virt_addr_valid+0x1db/0x2d0 [ 13.224228] ? strcmp+0xb0/0xc0 [ 13.224247] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.224271] ? strcmp+0xb0/0xc0 [ 13.224291] kasan_report+0x141/0x180 [ 13.224315] ? strcmp+0xb0/0xc0 [ 13.224338] __asan_report_load1_noabort+0x18/0x20 [ 13.224360] strcmp+0xb0/0xc0 [ 13.224382] kasan_strings+0x431/0xe80 [ 13.224403] ? trace_hardirqs_on+0x37/0xe0 [ 13.224428] ? __pfx_kasan_strings+0x10/0x10 [ 13.224450] ? finish_task_switch.isra.0+0x153/0x700 [ 13.224476] ? __switch_to+0x5d9/0xf60 [ 13.224497] ? dequeue_task_fair+0x166/0x4e0 [ 13.224522] ? __schedule+0x10cc/0x2b60 [ 13.224547] ? __pfx_read_tsc+0x10/0x10 [ 13.224567] ? ktime_get_ts64+0x86/0x230 [ 13.224594] kunit_try_run_case+0x1a5/0x480 [ 13.224616] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.224636] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.224661] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.224685] ? __kthread_parkme+0x82/0x180 [ 13.224721] ? preempt_count_sub+0x50/0x80 [ 13.224746] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.224767] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.224804] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.224828] kthread+0x337/0x6f0 [ 13.224846] ? trace_preempt_on+0x20/0xc0 [ 13.224868] ? __pfx_kthread+0x10/0x10 [ 13.224907] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.224930] ? calculate_sigpending+0x7b/0xa0 [ 13.224952] ? __pfx_kthread+0x10/0x10 [ 13.224971] ret_from_fork+0x41/0x80 [ 13.224993] ? __pfx_kthread+0x10/0x10 [ 13.225012] ret_from_fork_asm+0x1a/0x30 [ 13.225044] </TASK> [ 13.225056] [ 13.236049] Allocated by task 279: [ 13.236586] kasan_save_stack+0x45/0x70 [ 13.237144] kasan_save_track+0x18/0x40 [ 13.237302] kasan_save_alloc_info+0x3b/0x50 [ 13.237824] __kasan_kmalloc+0xb7/0xc0 [ 13.238051] __kmalloc_cache_noprof+0x189/0x420 [ 13.238635] kasan_strings+0xc0/0xe80 [ 13.238816] kunit_try_run_case+0x1a5/0x480 [ 13.239324] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.239730] kthread+0x337/0x6f0 [ 13.239908] ret_from_fork+0x41/0x80 [ 13.240274] ret_from_fork_asm+0x1a/0x30 [ 13.240635] [ 13.240716] Freed by task 279: [ 13.241176] kasan_save_stack+0x45/0x70 [ 13.241352] kasan_save_track+0x18/0x40 [ 13.241676] kasan_save_free_info+0x3f/0x60 [ 13.241883] __kasan_slab_free+0x56/0x70 [ 13.242341] kfree+0x222/0x3f0 [ 13.242641] kasan_strings+0x2aa/0xe80 [ 13.243104] kunit_try_run_case+0x1a5/0x480 [ 13.243276] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.243855] kthread+0x337/0x6f0 [ 13.244231] ret_from_fork+0x41/0x80 [ 13.244431] ret_from_fork_asm+0x1a/0x30 [ 13.244751] [ 13.244921] The buggy address belongs to the object at ffff88810360c040 [ 13.244921] which belongs to the cache kmalloc-32 of size 32 [ 13.245612] The buggy address is located 16 bytes inside of [ 13.245612] freed 32-byte region [ffff88810360c040, ffff88810360c060) [ 13.246499] [ 13.246596] The buggy address belongs to the physical page: [ 13.247067] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10360c [ 13.247504] flags: 0x200000000000000(node=0|zone=2) [ 13.247758] page_type: f5(slab) [ 13.248147] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.248446] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.248796] page dumped because: kasan: bad access detected [ 13.249243] [ 13.249349] Memory state around the buggy address: [ 13.249757] ffff88810360bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.250251] ffff88810360bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.250606] >ffff88810360c000: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.251061] ^ [ 13.251415] ffff88810360c080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.251865] ffff88810360c100: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 13.252337] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 13.192713] ================================================================== [ 13.193380] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 13.193885] Read of size 1 at addr ffff888103603fd8 by task kunit_try_catch/277 [ 13.194147] [ 13.194274] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 13.194325] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.194338] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.194361] Call Trace: [ 13.194374] <TASK> [ 13.194391] dump_stack_lvl+0x73/0xb0 [ 13.194419] print_report+0xd1/0x650 [ 13.194445] ? __virt_addr_valid+0x1db/0x2d0 [ 13.194469] ? memcmp+0x1b4/0x1d0 [ 13.194489] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.194520] ? memcmp+0x1b4/0x1d0 [ 13.194540] kasan_report+0x141/0x180 [ 13.194563] ? memcmp+0x1b4/0x1d0 [ 13.194588] __asan_report_load1_noabort+0x18/0x20 [ 13.194610] memcmp+0x1b4/0x1d0 [ 13.194631] kasan_memcmp+0x18f/0x390 [ 13.194652] ? trace_hardirqs_on+0x37/0xe0 [ 13.194678] ? __pfx_kasan_memcmp+0x10/0x10 [ 13.194699] ? finish_task_switch.isra.0+0x153/0x700 [ 13.194724] ? __switch_to+0x5d9/0xf60 [ 13.194746] ? dequeue_task_fair+0x166/0x4e0 [ 13.194774] ? __pfx_read_tsc+0x10/0x10 [ 13.194794] ? ktime_get_ts64+0x86/0x230 [ 13.194820] kunit_try_run_case+0x1a5/0x480 [ 13.194881] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.194902] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.194927] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.194952] ? __kthread_parkme+0x82/0x180 [ 13.194975] ? preempt_count_sub+0x50/0x80 [ 13.194999] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.195020] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.195045] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.195068] kthread+0x337/0x6f0 [ 13.195086] ? trace_preempt_on+0x20/0xc0 [ 13.195109] ? __pfx_kthread+0x10/0x10 [ 13.195128] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.195151] ? calculate_sigpending+0x7b/0xa0 [ 13.195173] ? __pfx_kthread+0x10/0x10 [ 13.195192] ret_from_fork+0x41/0x80 [ 13.195213] ? __pfx_kthread+0x10/0x10 [ 13.195232] ret_from_fork_asm+0x1a/0x30 [ 13.195263] </TASK> [ 13.195276] [ 13.203187] Allocated by task 277: [ 13.203327] kasan_save_stack+0x45/0x70 [ 13.203541] kasan_save_track+0x18/0x40 [ 13.203755] kasan_save_alloc_info+0x3b/0x50 [ 13.203984] __kasan_kmalloc+0xb7/0xc0 [ 13.204263] __kmalloc_cache_noprof+0x189/0x420 [ 13.204439] kasan_memcmp+0xb7/0x390 [ 13.204625] kunit_try_run_case+0x1a5/0x480 [ 13.204891] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.205129] kthread+0x337/0x6f0 [ 13.205274] ret_from_fork+0x41/0x80 [ 13.205455] ret_from_fork_asm+0x1a/0x30 [ 13.205702] [ 13.205778] The buggy address belongs to the object at ffff888103603fc0 [ 13.205778] which belongs to the cache kmalloc-32 of size 32 [ 13.206145] The buggy address is located 0 bytes to the right of [ 13.206145] allocated 24-byte region [ffff888103603fc0, ffff888103603fd8) [ 13.206641] [ 13.206806] The buggy address belongs to the physical page: [ 13.207078] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103603 [ 13.207438] flags: 0x200000000000000(node=0|zone=2) [ 13.207778] page_type: f5(slab) [ 13.208092] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.208401] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.208736] page dumped because: kasan: bad access detected [ 13.209006] [ 13.209108] Memory state around the buggy address: [ 13.209294] ffff888103603e80: fa fb fb fb fc fc fc fc 00 00 07 fc fc fc fc fc [ 13.209512] ffff888103603f00: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 13.209838] >ffff888103603f80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.210281] ^ [ 13.210471] ffff888103604000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.210687] ffff888103604080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 13.211102] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 11.803363] ================================================================== [ 11.803752] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 11.804103] Read of size 1 at addr ffff8881029cab00 by task kunit_try_catch/216 [ 11.804413] [ 11.804528] CPU: 1 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 11.804570] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.804581] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.804601] Call Trace: [ 11.804615] <TASK> [ 11.804627] dump_stack_lvl+0x73/0xb0 [ 11.804651] print_report+0xd1/0x650 [ 11.804675] ? __virt_addr_valid+0x1db/0x2d0 [ 11.804697] ? ksize_uaf+0x5fe/0x6c0 [ 11.804714] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.804737] ? ksize_uaf+0x5fe/0x6c0 [ 11.804755] kasan_report+0x141/0x180 [ 11.804778] ? ksize_uaf+0x5fe/0x6c0 [ 11.804800] __asan_report_load1_noabort+0x18/0x20 [ 11.804822] ksize_uaf+0x5fe/0x6c0 [ 11.804839] ? __pfx_ksize_uaf+0x10/0x10 [ 11.804858] ? __schedule+0x10cc/0x2b60 [ 11.804894] ? __pfx_read_tsc+0x10/0x10 [ 11.804913] ? ktime_get_ts64+0x86/0x230 [ 11.804996] kunit_try_run_case+0x1a5/0x480 [ 11.805022] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.805041] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.805065] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.805090] ? __kthread_parkme+0x82/0x180 [ 11.805111] ? preempt_count_sub+0x50/0x80 [ 11.805137] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.805157] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.805180] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.805204] kthread+0x337/0x6f0 [ 11.805221] ? trace_preempt_on+0x20/0xc0 [ 11.805245] ? __pfx_kthread+0x10/0x10 [ 11.805263] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.805286] ? calculate_sigpending+0x7b/0xa0 [ 11.805307] ? __pfx_kthread+0x10/0x10 [ 11.805326] ret_from_fork+0x41/0x80 [ 11.805347] ? __pfx_kthread+0x10/0x10 [ 11.805365] ret_from_fork_asm+0x1a/0x30 [ 11.805395] </TASK> [ 11.805406] [ 11.813262] Allocated by task 216: [ 11.813403] kasan_save_stack+0x45/0x70 [ 11.813553] kasan_save_track+0x18/0x40 [ 11.813691] kasan_save_alloc_info+0x3b/0x50 [ 11.813944] __kasan_kmalloc+0xb7/0xc0 [ 11.814328] __kmalloc_cache_noprof+0x189/0x420 [ 11.814571] ksize_uaf+0xaa/0x6c0 [ 11.814730] kunit_try_run_case+0x1a5/0x480 [ 11.815020] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.815280] kthread+0x337/0x6f0 [ 11.815447] ret_from_fork+0x41/0x80 [ 11.815608] ret_from_fork_asm+0x1a/0x30 [ 11.815811] [ 11.815919] Freed by task 216: [ 11.816046] kasan_save_stack+0x45/0x70 [ 11.816314] kasan_save_track+0x18/0x40 [ 11.816532] kasan_save_free_info+0x3f/0x60 [ 11.816728] __kasan_slab_free+0x56/0x70 [ 11.818143] kfree+0x222/0x3f0 [ 11.818290] ksize_uaf+0x12c/0x6c0 [ 11.818414] kunit_try_run_case+0x1a5/0x480 [ 11.818556] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.818750] kthread+0x337/0x6f0 [ 11.818933] ret_from_fork+0x41/0x80 [ 11.819121] ret_from_fork_asm+0x1a/0x30 [ 11.819358] [ 11.820846] The buggy address belongs to the object at ffff8881029cab00 [ 11.820846] which belongs to the cache kmalloc-128 of size 128 [ 11.821461] The buggy address is located 0 bytes inside of [ 11.821461] freed 128-byte region [ffff8881029cab00, ffff8881029cab80) [ 11.821805] [ 11.821890] The buggy address belongs to the physical page: [ 11.822259] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ca [ 11.822590] flags: 0x200000000000000(node=0|zone=2) [ 11.822831] page_type: f5(slab) [ 11.824750] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.825022] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.825253] page dumped because: kasan: bad access detected [ 11.825426] [ 11.825499] Memory state around the buggy address: [ 11.825656] ffff8881029caa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.825887] ffff8881029caa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.827513] >ffff8881029cab00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.828534] ^ [ 11.829778] ffff8881029cab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.830839] ffff8881029cac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.831370] ================================================================== [ 11.832350] ================================================================== [ 11.834371] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 11.835000] Read of size 1 at addr ffff8881029cab78 by task kunit_try_catch/216 [ 11.835986] [ 11.836096] CPU: 1 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 11.836142] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.836154] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.836175] Call Trace: [ 11.836192] <TASK> [ 11.836209] dump_stack_lvl+0x73/0xb0 [ 11.836236] print_report+0xd1/0x650 [ 11.836260] ? __virt_addr_valid+0x1db/0x2d0 [ 11.836282] ? ksize_uaf+0x5e4/0x6c0 [ 11.836299] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.836322] ? ksize_uaf+0x5e4/0x6c0 [ 11.836340] kasan_report+0x141/0x180 [ 11.836364] ? ksize_uaf+0x5e4/0x6c0 [ 11.836386] __asan_report_load1_noabort+0x18/0x20 [ 11.836407] ksize_uaf+0x5e4/0x6c0 [ 11.836425] ? __pfx_ksize_uaf+0x10/0x10 [ 11.836444] ? __schedule+0x10cc/0x2b60 [ 11.836467] ? __pfx_read_tsc+0x10/0x10 [ 11.836486] ? ktime_get_ts64+0x86/0x230 [ 11.836511] kunit_try_run_case+0x1a5/0x480 [ 11.836534] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.836556] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.836581] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.836607] ? __kthread_parkme+0x82/0x180 [ 11.836629] ? preempt_count_sub+0x50/0x80 [ 11.836734] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.836768] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.836792] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.836815] kthread+0x337/0x6f0 [ 11.836832] ? trace_preempt_on+0x20/0xc0 [ 11.836855] ? __pfx_kthread+0x10/0x10 [ 11.836883] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.836914] ? calculate_sigpending+0x7b/0xa0 [ 11.836936] ? __pfx_kthread+0x10/0x10 [ 11.836954] ret_from_fork+0x41/0x80 [ 11.836974] ? __pfx_kthread+0x10/0x10 [ 11.836993] ret_from_fork_asm+0x1a/0x30 [ 11.837023] </TASK> [ 11.837034] [ 11.850207] Allocated by task 216: [ 11.850531] kasan_save_stack+0x45/0x70 [ 11.850784] kasan_save_track+0x18/0x40 [ 11.851144] kasan_save_alloc_info+0x3b/0x50 [ 11.851554] __kasan_kmalloc+0xb7/0xc0 [ 11.851904] __kmalloc_cache_noprof+0x189/0x420 [ 11.852386] ksize_uaf+0xaa/0x6c0 [ 11.852677] kunit_try_run_case+0x1a5/0x480 [ 11.852824] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.853372] kthread+0x337/0x6f0 [ 11.853699] ret_from_fork+0x41/0x80 [ 11.854209] ret_from_fork_asm+0x1a/0x30 [ 11.854588] [ 11.854762] Freed by task 216: [ 11.855085] kasan_save_stack+0x45/0x70 [ 11.855363] kasan_save_track+0x18/0x40 [ 11.855790] kasan_save_free_info+0x3f/0x60 [ 11.856093] __kasan_slab_free+0x56/0x70 [ 11.856391] kfree+0x222/0x3f0 [ 11.856511] ksize_uaf+0x12c/0x6c0 [ 11.856816] kunit_try_run_case+0x1a5/0x480 [ 11.857289] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.858062] kthread+0x337/0x6f0 [ 11.858266] ret_from_fork+0x41/0x80 [ 11.858401] ret_from_fork_asm+0x1a/0x30 [ 11.858604] [ 11.858806] The buggy address belongs to the object at ffff8881029cab00 [ 11.858806] which belongs to the cache kmalloc-128 of size 128 [ 11.860127] The buggy address is located 120 bytes inside of [ 11.860127] freed 128-byte region [ffff8881029cab00, ffff8881029cab80) [ 11.860862] [ 11.861106] The buggy address belongs to the physical page: [ 11.861619] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ca [ 11.862321] flags: 0x200000000000000(node=0|zone=2) [ 11.862494] page_type: f5(slab) [ 11.862832] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.863619] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.864573] page dumped because: kasan: bad access detected [ 11.865068] [ 11.865150] Memory state around the buggy address: [ 11.865383] ffff8881029caa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.866249] ffff8881029caa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.866653] >ffff8881029cab00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.867152] ^ [ 11.867373] ffff8881029cab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.867618] ffff8881029cac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.868282] ================================================================== [ 11.782431] ================================================================== [ 11.783122] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 11.783396] Read of size 1 at addr ffff8881029cab00 by task kunit_try_catch/216 [ 11.783723] [ 11.783834] CPU: 1 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 11.783902] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.783914] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.783937] Call Trace: [ 11.783950] <TASK> [ 11.783965] dump_stack_lvl+0x73/0xb0 [ 11.783993] print_report+0xd1/0x650 [ 11.784017] ? __virt_addr_valid+0x1db/0x2d0 [ 11.784040] ? ksize_uaf+0x19d/0x6c0 [ 11.784058] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.784081] ? ksize_uaf+0x19d/0x6c0 [ 11.784100] kasan_report+0x141/0x180 [ 11.784123] ? ksize_uaf+0x19d/0x6c0 [ 11.784144] ? ksize_uaf+0x19d/0x6c0 [ 11.784162] __kasan_check_byte+0x3d/0x50 [ 11.784185] ksize+0x20/0x60 [ 11.784208] ksize_uaf+0x19d/0x6c0 [ 11.784226] ? __pfx_ksize_uaf+0x10/0x10 [ 11.784245] ? __schedule+0x10cc/0x2b60 [ 11.784269] ? __pfx_read_tsc+0x10/0x10 [ 11.784290] ? ktime_get_ts64+0x86/0x230 [ 11.784316] kunit_try_run_case+0x1a5/0x480 [ 11.784338] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.784357] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.784382] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.784407] ? __kthread_parkme+0x82/0x180 [ 11.784429] ? preempt_count_sub+0x50/0x80 [ 11.784454] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.784475] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.784499] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.784585] kthread+0x337/0x6f0 [ 11.784605] ? trace_preempt_on+0x20/0xc0 [ 11.784630] ? __pfx_kthread+0x10/0x10 [ 11.784648] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.784671] ? calculate_sigpending+0x7b/0xa0 [ 11.784693] ? __pfx_kthread+0x10/0x10 [ 11.784712] ret_from_fork+0x41/0x80 [ 11.784732] ? __pfx_kthread+0x10/0x10 [ 11.784751] ret_from_fork_asm+0x1a/0x30 [ 11.784781] </TASK> [ 11.784792] [ 11.792291] Allocated by task 216: [ 11.792483] kasan_save_stack+0x45/0x70 [ 11.792708] kasan_save_track+0x18/0x40 [ 11.792921] kasan_save_alloc_info+0x3b/0x50 [ 11.793160] __kasan_kmalloc+0xb7/0xc0 [ 11.793364] __kmalloc_cache_noprof+0x189/0x420 [ 11.793592] ksize_uaf+0xaa/0x6c0 [ 11.793719] kunit_try_run_case+0x1a5/0x480 [ 11.794150] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.794344] kthread+0x337/0x6f0 [ 11.794517] ret_from_fork+0x41/0x80 [ 11.794705] ret_from_fork_asm+0x1a/0x30 [ 11.794988] [ 11.795065] Freed by task 216: [ 11.795179] kasan_save_stack+0x45/0x70 [ 11.795322] kasan_save_track+0x18/0x40 [ 11.795459] kasan_save_free_info+0x3f/0x60 [ 11.795669] __kasan_slab_free+0x56/0x70 [ 11.795869] kfree+0x222/0x3f0 [ 11.796101] ksize_uaf+0x12c/0x6c0 [ 11.796277] kunit_try_run_case+0x1a5/0x480 [ 11.796485] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.796755] kthread+0x337/0x6f0 [ 11.797032] ret_from_fork+0x41/0x80 [ 11.797210] ret_from_fork_asm+0x1a/0x30 [ 11.797405] [ 11.797482] The buggy address belongs to the object at ffff8881029cab00 [ 11.797482] which belongs to the cache kmalloc-128 of size 128 [ 11.797917] The buggy address is located 0 bytes inside of [ 11.797917] freed 128-byte region [ffff8881029cab00, ffff8881029cab80) [ 11.798676] [ 11.798778] The buggy address belongs to the physical page: [ 11.798969] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ca [ 11.799212] flags: 0x200000000000000(node=0|zone=2) [ 11.799375] page_type: f5(slab) [ 11.799558] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.799920] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.800253] page dumped because: kasan: bad access detected [ 11.800426] [ 11.800496] Memory state around the buggy address: [ 11.800652] ffff8881029caa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.800896] ffff8881029caa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.801408] >ffff8881029cab00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.801729] ^ [ 11.802086] ffff8881029cab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.802422] ffff8881029cac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.802952] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 11.756513] ================================================================== [ 11.756951] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.757718] Read of size 1 at addr ffff8881035ebf7f by task kunit_try_catch/214 [ 11.758093] [ 11.758210] CPU: 0 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 11.758254] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.758266] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.758288] Call Trace: [ 11.758304] <TASK> [ 11.758319] dump_stack_lvl+0x73/0xb0 [ 11.758346] print_report+0xd1/0x650 [ 11.758370] ? __virt_addr_valid+0x1db/0x2d0 [ 11.758392] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.758412] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.758435] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.758455] kasan_report+0x141/0x180 [ 11.758478] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.758504] __asan_report_load1_noabort+0x18/0x20 [ 11.758535] ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.758556] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 11.758576] ? finish_task_switch.isra.0+0x153/0x700 [ 11.758600] ? __switch_to+0x5d9/0xf60 [ 11.758621] ? dequeue_task_fair+0x156/0x4e0 [ 11.758645] ? __schedule+0x10cc/0x2b60 [ 11.758669] ? __pfx_read_tsc+0x10/0x10 [ 11.758690] ? ktime_get_ts64+0x86/0x230 [ 11.758715] kunit_try_run_case+0x1a5/0x480 [ 11.758736] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.758755] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.758779] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.758804] ? __kthread_parkme+0x82/0x180 [ 11.758825] ? preempt_count_sub+0x50/0x80 [ 11.758935] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.758960] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.758983] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.759007] kthread+0x337/0x6f0 [ 11.759025] ? trace_preempt_on+0x20/0xc0 [ 11.759048] ? __pfx_kthread+0x10/0x10 [ 11.759067] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.759089] ? calculate_sigpending+0x7b/0xa0 [ 11.759111] ? __pfx_kthread+0x10/0x10 [ 11.759130] ret_from_fork+0x41/0x80 [ 11.759152] ? __pfx_kthread+0x10/0x10 [ 11.759170] ret_from_fork_asm+0x1a/0x30 [ 11.759200] </TASK> [ 11.759212] [ 11.767454] Allocated by task 214: [ 11.767646] kasan_save_stack+0x45/0x70 [ 11.767908] kasan_save_track+0x18/0x40 [ 11.768092] kasan_save_alloc_info+0x3b/0x50 [ 11.768241] __kasan_kmalloc+0xb7/0xc0 [ 11.768436] __kmalloc_cache_noprof+0x189/0x420 [ 11.768657] ksize_unpoisons_memory+0xc7/0x9b0 [ 11.768952] kunit_try_run_case+0x1a5/0x480 [ 11.769110] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.769367] kthread+0x337/0x6f0 [ 11.769499] ret_from_fork+0x41/0x80 [ 11.769632] ret_from_fork_asm+0x1a/0x30 [ 11.769772] [ 11.769846] The buggy address belongs to the object at ffff8881035ebf00 [ 11.769846] which belongs to the cache kmalloc-128 of size 128 [ 11.770401] The buggy address is located 12 bytes to the right of [ 11.770401] allocated 115-byte region [ffff8881035ebf00, ffff8881035ebf73) [ 11.771049] [ 11.771127] The buggy address belongs to the physical page: [ 11.771299] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1035eb [ 11.771791] flags: 0x200000000000000(node=0|zone=2) [ 11.772224] page_type: f5(slab) [ 11.772412] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.772812] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.773188] page dumped because: kasan: bad access detected [ 11.773364] [ 11.773435] Memory state around the buggy address: [ 11.773659] ffff8881035ebe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.773999] ffff8881035ebe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.774497] >ffff8881035ebf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.774768] ^ [ 11.774996] ffff8881035ebf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.775403] ffff8881035ec000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.775794] ================================================================== [ 11.731518] ================================================================== [ 11.731844] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.732360] Read of size 1 at addr ffff8881035ebf78 by task kunit_try_catch/214 [ 11.732825] [ 11.732929] CPU: 0 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 11.732974] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.732986] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.733021] Call Trace: [ 11.733038] <TASK> [ 11.733052] dump_stack_lvl+0x73/0xb0 [ 11.733077] print_report+0xd1/0x650 [ 11.733281] ? __virt_addr_valid+0x1db/0x2d0 [ 11.733359] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.733379] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.733402] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.733422] kasan_report+0x141/0x180 [ 11.733446] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.733471] __asan_report_load1_noabort+0x18/0x20 [ 11.733492] ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.733523] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 11.733543] ? finish_task_switch.isra.0+0x153/0x700 [ 11.733567] ? __switch_to+0x5d9/0xf60 [ 11.733589] ? dequeue_task_fair+0x156/0x4e0 [ 11.733613] ? __schedule+0x10cc/0x2b60 [ 11.733637] ? __pfx_read_tsc+0x10/0x10 [ 11.733657] ? ktime_get_ts64+0x86/0x230 [ 11.733682] kunit_try_run_case+0x1a5/0x480 [ 11.733704] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.733723] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.733748] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.733772] ? __kthread_parkme+0x82/0x180 [ 11.733794] ? preempt_count_sub+0x50/0x80 [ 11.733818] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.733854] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.733889] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.733913] kthread+0x337/0x6f0 [ 11.733930] ? trace_preempt_on+0x20/0xc0 [ 11.733954] ? __pfx_kthread+0x10/0x10 [ 11.733973] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.733995] ? calculate_sigpending+0x7b/0xa0 [ 11.734017] ? __pfx_kthread+0x10/0x10 [ 11.734036] ret_from_fork+0x41/0x80 [ 11.734057] ? __pfx_kthread+0x10/0x10 [ 11.734076] ret_from_fork_asm+0x1a/0x30 [ 11.734106] </TASK> [ 11.734117] [ 11.745005] Allocated by task 214: [ 11.745205] kasan_save_stack+0x45/0x70 [ 11.745386] kasan_save_track+0x18/0x40 [ 11.745925] kasan_save_alloc_info+0x3b/0x50 [ 11.746226] __kasan_kmalloc+0xb7/0xc0 [ 11.746398] __kmalloc_cache_noprof+0x189/0x420 [ 11.746740] ksize_unpoisons_memory+0xc7/0x9b0 [ 11.747041] kunit_try_run_case+0x1a5/0x480 [ 11.747210] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.747462] kthread+0x337/0x6f0 [ 11.747891] ret_from_fork+0x41/0x80 [ 11.748091] ret_from_fork_asm+0x1a/0x30 [ 11.748275] [ 11.748502] The buggy address belongs to the object at ffff8881035ebf00 [ 11.748502] which belongs to the cache kmalloc-128 of size 128 [ 11.749286] The buggy address is located 5 bytes to the right of [ 11.749286] allocated 115-byte region [ffff8881035ebf00, ffff8881035ebf73) [ 11.750197] [ 11.750308] The buggy address belongs to the physical page: [ 11.750697] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1035eb [ 11.751223] flags: 0x200000000000000(node=0|zone=2) [ 11.751447] page_type: f5(slab) [ 11.751751] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.752164] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.752475] page dumped because: kasan: bad access detected [ 11.752856] [ 11.752987] Memory state around the buggy address: [ 11.753381] ffff8881035ebe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.753750] ffff8881035ebe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.754351] >ffff8881035ebf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.754750] ^ [ 11.755175] ffff8881035ebf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.755432] ffff8881035ec000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.756034] ================================================================== [ 11.706484] ================================================================== [ 11.707118] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 11.707636] Read of size 1 at addr ffff8881035ebf73 by task kunit_try_catch/214 [ 11.708480] [ 11.708620] CPU: 0 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 11.708667] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.708679] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.708700] Call Trace: [ 11.708713] <TASK> [ 11.708729] dump_stack_lvl+0x73/0xb0 [ 11.708758] print_report+0xd1/0x650 [ 11.708783] ? __virt_addr_valid+0x1db/0x2d0 [ 11.708807] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 11.708828] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.709027] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 11.709054] kasan_report+0x141/0x180 [ 11.709078] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 11.709104] __asan_report_load1_noabort+0x18/0x20 [ 11.709125] ksize_unpoisons_memory+0x81c/0x9b0 [ 11.709146] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 11.709165] ? finish_task_switch.isra.0+0x153/0x700 [ 11.709190] ? __switch_to+0x5d9/0xf60 [ 11.709212] ? dequeue_task_fair+0x156/0x4e0 [ 11.709237] ? __schedule+0x10cc/0x2b60 [ 11.709261] ? __pfx_read_tsc+0x10/0x10 [ 11.709281] ? ktime_get_ts64+0x86/0x230 [ 11.709307] kunit_try_run_case+0x1a5/0x480 [ 11.709330] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.709349] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.709374] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.709398] ? __kthread_parkme+0x82/0x180 [ 11.709420] ? preempt_count_sub+0x50/0x80 [ 11.709445] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.709465] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.709489] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.709513] kthread+0x337/0x6f0 [ 11.709530] ? trace_preempt_on+0x20/0xc0 [ 11.709554] ? __pfx_kthread+0x10/0x10 [ 11.709573] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.709595] ? calculate_sigpending+0x7b/0xa0 [ 11.709616] ? __pfx_kthread+0x10/0x10 [ 11.709635] ret_from_fork+0x41/0x80 [ 11.709657] ? __pfx_kthread+0x10/0x10 [ 11.709675] ret_from_fork_asm+0x1a/0x30 [ 11.709705] </TASK> [ 11.709717] [ 11.720614] Allocated by task 214: [ 11.721030] kasan_save_stack+0x45/0x70 [ 11.721308] kasan_save_track+0x18/0x40 [ 11.721503] kasan_save_alloc_info+0x3b/0x50 [ 11.721694] __kasan_kmalloc+0xb7/0xc0 [ 11.722114] __kmalloc_cache_noprof+0x189/0x420 [ 11.722316] ksize_unpoisons_memory+0xc7/0x9b0 [ 11.722524] kunit_try_run_case+0x1a5/0x480 [ 11.722829] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.723239] kthread+0x337/0x6f0 [ 11.723374] ret_from_fork+0x41/0x80 [ 11.723613] ret_from_fork_asm+0x1a/0x30 [ 11.724045] [ 11.724155] The buggy address belongs to the object at ffff8881035ebf00 [ 11.724155] which belongs to the cache kmalloc-128 of size 128 [ 11.724633] The buggy address is located 0 bytes to the right of [ 11.724633] allocated 115-byte region [ffff8881035ebf00, ffff8881035ebf73) [ 11.725455] [ 11.725623] The buggy address belongs to the physical page: [ 11.725871] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1035eb [ 11.726238] flags: 0x200000000000000(node=0|zone=2) [ 11.726463] page_type: f5(slab) [ 11.726625] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.726960] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.727277] page dumped because: kasan: bad access detected [ 11.727515] [ 11.728226] Memory state around the buggy address: [ 11.728445] ffff8881035ebe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.729005] ffff8881035ebe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.729330] >ffff8881035ebf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.729697] ^ [ 11.730116] ffff8881035ebf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.730473] ffff8881035ec000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.730930] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 11.672599] ================================================================== [ 11.672855] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 11.673500] Free of addr ffff88810242c940 by task kunit_try_catch/212 [ 11.674163] [ 11.674337] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 11.674400] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.674412] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.674434] Call Trace: [ 11.674447] <TASK> [ 11.674463] dump_stack_lvl+0x73/0xb0 [ 11.674490] print_report+0xd1/0x650 [ 11.674563] ? __virt_addr_valid+0x1db/0x2d0 [ 11.674602] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.674625] ? kfree_sensitive+0x2e/0x90 [ 11.674647] kasan_report_invalid_free+0x10a/0x130 [ 11.674673] ? kfree_sensitive+0x2e/0x90 [ 11.674696] ? kfree_sensitive+0x2e/0x90 [ 11.674717] check_slab_allocation+0x101/0x130 [ 11.674739] __kasan_slab_pre_free+0x28/0x40 [ 11.674761] kfree+0xf0/0x3f0 [ 11.674779] ? kfree_sensitive+0x2e/0x90 [ 11.674802] kfree_sensitive+0x2e/0x90 [ 11.674823] kmalloc_double_kzfree+0x19c/0x350 [ 11.674896] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 11.674920] ? __schedule+0x10cc/0x2b60 [ 11.674944] ? __pfx_read_tsc+0x10/0x10 [ 11.674965] ? ktime_get_ts64+0x86/0x230 [ 11.674990] kunit_try_run_case+0x1a5/0x480 [ 11.675012] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.675032] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.675057] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.675081] ? __kthread_parkme+0x82/0x180 [ 11.675103] ? preempt_count_sub+0x50/0x80 [ 11.675128] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.675148] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.675172] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.675195] kthread+0x337/0x6f0 [ 11.675212] ? trace_preempt_on+0x20/0xc0 [ 11.675234] ? __pfx_kthread+0x10/0x10 [ 11.675253] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.675275] ? calculate_sigpending+0x7b/0xa0 [ 11.675296] ? __pfx_kthread+0x10/0x10 [ 11.675314] ret_from_fork+0x41/0x80 [ 11.675336] ? __pfx_kthread+0x10/0x10 [ 11.675354] ret_from_fork_asm+0x1a/0x30 [ 11.675384] </TASK> [ 11.675395] [ 11.686532] Allocated by task 212: [ 11.687124] kasan_save_stack+0x45/0x70 [ 11.687336] kasan_save_track+0x18/0x40 [ 11.687797] kasan_save_alloc_info+0x3b/0x50 [ 11.688160] __kasan_kmalloc+0xb7/0xc0 [ 11.688439] __kmalloc_cache_noprof+0x189/0x420 [ 11.688741] kmalloc_double_kzfree+0xa9/0x350 [ 11.689230] kunit_try_run_case+0x1a5/0x480 [ 11.689458] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.690022] kthread+0x337/0x6f0 [ 11.690167] ret_from_fork+0x41/0x80 [ 11.690383] ret_from_fork_asm+0x1a/0x30 [ 11.690718] [ 11.691064] Freed by task 212: [ 11.691227] kasan_save_stack+0x45/0x70 [ 11.691387] kasan_save_track+0x18/0x40 [ 11.691850] kasan_save_free_info+0x3f/0x60 [ 11.692082] __kasan_slab_free+0x56/0x70 [ 11.692305] kfree+0x222/0x3f0 [ 11.692476] kfree_sensitive+0x67/0x90 [ 11.692889] kmalloc_double_kzfree+0x12b/0x350 [ 11.693103] kunit_try_run_case+0x1a5/0x480 [ 11.693264] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.693761] kthread+0x337/0x6f0 [ 11.693917] ret_from_fork+0x41/0x80 [ 11.694269] ret_from_fork_asm+0x1a/0x30 [ 11.694483] [ 11.694558] The buggy address belongs to the object at ffff88810242c940 [ 11.694558] which belongs to the cache kmalloc-16 of size 16 [ 11.695210] The buggy address is located 0 bytes inside of [ 11.695210] 16-byte region [ffff88810242c940, ffff88810242c950) [ 11.696105] [ 11.696215] The buggy address belongs to the physical page: [ 11.696481] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10242c [ 11.697070] flags: 0x200000000000000(node=0|zone=2) [ 11.697490] page_type: f5(slab) [ 11.697956] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.698439] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.699054] page dumped because: kasan: bad access detected [ 11.699805] [ 11.700122] Memory state around the buggy address: [ 11.700770] ffff88810242c800: 00 04 fc fc 00 00 fc fc 00 04 fc fc 00 04 fc fc [ 11.701198] ffff88810242c880: 00 00 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 11.701412] >ffff88810242c900: 00 05 fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 11.701648] ^ [ 11.702170] ffff88810242c980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.702672] ffff88810242ca00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.703126] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 11.635386] ================================================================== [ 11.636852] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 11.637751] Read of size 1 at addr ffff88810242c940 by task kunit_try_catch/212 [ 11.638250] [ 11.638344] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 11.638390] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.638402] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.638424] Call Trace: [ 11.638437] <TASK> [ 11.638452] dump_stack_lvl+0x73/0xb0 [ 11.638479] print_report+0xd1/0x650 [ 11.638503] ? __virt_addr_valid+0x1db/0x2d0 [ 11.638851] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.638890] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.638914] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.638935] kasan_report+0x141/0x180 [ 11.638958] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.638982] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.639001] __kasan_check_byte+0x3d/0x50 [ 11.639024] kfree_sensitive+0x22/0x90 [ 11.639048] kmalloc_double_kzfree+0x19c/0x350 [ 11.639068] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 11.639089] ? __schedule+0x10cc/0x2b60 [ 11.639112] ? __pfx_read_tsc+0x10/0x10 [ 11.639133] ? ktime_get_ts64+0x86/0x230 [ 11.639159] kunit_try_run_case+0x1a5/0x480 [ 11.639181] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.639200] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.639224] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.639248] ? __kthread_parkme+0x82/0x180 [ 11.639271] ? preempt_count_sub+0x50/0x80 [ 11.639297] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.639317] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.639341] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.639364] kthread+0x337/0x6f0 [ 11.639381] ? trace_preempt_on+0x20/0xc0 [ 11.639405] ? __pfx_kthread+0x10/0x10 [ 11.639423] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.639447] ? calculate_sigpending+0x7b/0xa0 [ 11.639469] ? __pfx_kthread+0x10/0x10 [ 11.639488] ret_from_fork+0x41/0x80 [ 11.639519] ? __pfx_kthread+0x10/0x10 [ 11.639537] ret_from_fork_asm+0x1a/0x30 [ 11.639568] </TASK> [ 11.639586] [ 11.654137] Allocated by task 212: [ 11.654475] kasan_save_stack+0x45/0x70 [ 11.654757] kasan_save_track+0x18/0x40 [ 11.654978] kasan_save_alloc_info+0x3b/0x50 [ 11.655413] __kasan_kmalloc+0xb7/0xc0 [ 11.655776] __kmalloc_cache_noprof+0x189/0x420 [ 11.656183] kmalloc_double_kzfree+0xa9/0x350 [ 11.656338] kunit_try_run_case+0x1a5/0x480 [ 11.656484] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.656964] kthread+0x337/0x6f0 [ 11.657334] ret_from_fork+0x41/0x80 [ 11.657810] ret_from_fork_asm+0x1a/0x30 [ 11.658359] [ 11.658541] Freed by task 212: [ 11.658822] kasan_save_stack+0x45/0x70 [ 11.659193] kasan_save_track+0x18/0x40 [ 11.659338] kasan_save_free_info+0x3f/0x60 [ 11.659482] __kasan_slab_free+0x56/0x70 [ 11.659846] kfree+0x222/0x3f0 [ 11.660197] kfree_sensitive+0x67/0x90 [ 11.660559] kmalloc_double_kzfree+0x12b/0x350 [ 11.661047] kunit_try_run_case+0x1a5/0x480 [ 11.661433] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.661757] kthread+0x337/0x6f0 [ 11.661942] ret_from_fork+0x41/0x80 [ 11.662280] ret_from_fork_asm+0x1a/0x30 [ 11.662703] [ 11.662867] The buggy address belongs to the object at ffff88810242c940 [ 11.662867] which belongs to the cache kmalloc-16 of size 16 [ 11.663656] The buggy address is located 0 bytes inside of [ 11.663656] freed 16-byte region [ffff88810242c940, ffff88810242c950) [ 11.664153] [ 11.664317] The buggy address belongs to the physical page: [ 11.664806] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10242c [ 11.665629] flags: 0x200000000000000(node=0|zone=2) [ 11.666215] page_type: f5(slab) [ 11.666525] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.667087] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.667649] page dumped because: kasan: bad access detected [ 11.667824] [ 11.668157] Memory state around the buggy address: [ 11.668605] ffff88810242c800: 00 04 fc fc 00 00 fc fc 00 04 fc fc 00 04 fc fc [ 11.669332] ffff88810242c880: 00 00 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 11.669832] >ffff88810242c900: 00 05 fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 11.670361] ^ [ 11.670547] ffff88810242c980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.671240] ffff88810242ca00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.671935] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 11.600464] ================================================================== [ 11.601202] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 11.601431] Read of size 1 at addr ffff8881029d6228 by task kunit_try_catch/208 [ 11.601727] [ 11.601832] CPU: 1 UID: 0 PID: 208 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 11.601892] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.601904] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.601925] Call Trace: [ 11.601937] <TASK> [ 11.601956] dump_stack_lvl+0x73/0xb0 [ 11.601984] print_report+0xd1/0x650 [ 11.602008] ? __virt_addr_valid+0x1db/0x2d0 [ 11.602095] ? kmalloc_uaf2+0x4a8/0x520 [ 11.602116] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.602139] ? kmalloc_uaf2+0x4a8/0x520 [ 11.602160] kasan_report+0x141/0x180 [ 11.602183] ? kmalloc_uaf2+0x4a8/0x520 [ 11.602209] __asan_report_load1_noabort+0x18/0x20 [ 11.602230] kmalloc_uaf2+0x4a8/0x520 [ 11.602251] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 11.602271] ? finish_task_switch.isra.0+0x153/0x700 [ 11.602296] ? __switch_to+0x5d9/0xf60 [ 11.602317] ? dequeue_task_fair+0x156/0x4e0 [ 11.602341] ? __schedule+0x10cc/0x2b60 [ 11.602365] ? __pfx_read_tsc+0x10/0x10 [ 11.602386] ? ktime_get_ts64+0x86/0x230 [ 11.602411] kunit_try_run_case+0x1a5/0x480 [ 11.602433] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.602451] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.602476] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.602500] ? __kthread_parkme+0x82/0x180 [ 11.602538] ? preempt_count_sub+0x50/0x80 [ 11.602563] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.602583] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.602606] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.602629] kthread+0x337/0x6f0 [ 11.602646] ? trace_preempt_on+0x20/0xc0 [ 11.602670] ? __pfx_kthread+0x10/0x10 [ 11.602688] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.602710] ? calculate_sigpending+0x7b/0xa0 [ 11.602732] ? __pfx_kthread+0x10/0x10 [ 11.602750] ret_from_fork+0x41/0x80 [ 11.602771] ? __pfx_kthread+0x10/0x10 [ 11.602789] ret_from_fork_asm+0x1a/0x30 [ 11.602819] </TASK> [ 11.602830] [ 11.613182] Allocated by task 208: [ 11.613353] kasan_save_stack+0x45/0x70 [ 11.613757] kasan_save_track+0x18/0x40 [ 11.614224] kasan_save_alloc_info+0x3b/0x50 [ 11.614557] __kasan_kmalloc+0xb7/0xc0 [ 11.614769] __kmalloc_cache_noprof+0x189/0x420 [ 11.615133] kmalloc_uaf2+0xc6/0x520 [ 11.615428] kunit_try_run_case+0x1a5/0x480 [ 11.615739] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.616121] kthread+0x337/0x6f0 [ 11.616282] ret_from_fork+0x41/0x80 [ 11.616453] ret_from_fork_asm+0x1a/0x30 [ 11.616965] [ 11.617205] Freed by task 208: [ 11.617489] kasan_save_stack+0x45/0x70 [ 11.617809] kasan_save_track+0x18/0x40 [ 11.618116] kasan_save_free_info+0x3f/0x60 [ 11.618312] __kasan_slab_free+0x56/0x70 [ 11.618496] kfree+0x222/0x3f0 [ 11.618969] kmalloc_uaf2+0x14c/0x520 [ 11.619238] kunit_try_run_case+0x1a5/0x480 [ 11.619439] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.619962] kthread+0x337/0x6f0 [ 11.620366] ret_from_fork+0x41/0x80 [ 11.620651] ret_from_fork_asm+0x1a/0x30 [ 11.621016] [ 11.621118] The buggy address belongs to the object at ffff8881029d6200 [ 11.621118] which belongs to the cache kmalloc-64 of size 64 [ 11.621893] The buggy address is located 40 bytes inside of [ 11.621893] freed 64-byte region [ffff8881029d6200, ffff8881029d6240) [ 11.622795] [ 11.622909] The buggy address belongs to the physical page: [ 11.623506] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029d6 [ 11.624181] flags: 0x200000000000000(node=0|zone=2) [ 11.624667] page_type: f5(slab) [ 11.625037] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.625350] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.626032] page dumped because: kasan: bad access detected [ 11.626524] [ 11.626777] Memory state around the buggy address: [ 11.627425] ffff8881029d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.627980] ffff8881029d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.628535] >ffff8881029d6200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.629025] ^ [ 11.629297] ffff8881029d6280: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 11.629796] ffff8881029d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.630294] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 11.557127] ================================================================== [ 11.557482] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 11.558261] Write of size 33 at addr ffff8881029d6180 by task kunit_try_catch/206 [ 11.559030] [ 11.559264] CPU: 1 UID: 0 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 11.559313] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.559326] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.559348] Call Trace: [ 11.559360] <TASK> [ 11.559375] dump_stack_lvl+0x73/0xb0 [ 11.559402] print_report+0xd1/0x650 [ 11.559425] ? __virt_addr_valid+0x1db/0x2d0 [ 11.559446] ? kmalloc_uaf_memset+0x1a3/0x360 [ 11.559468] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.559491] ? kmalloc_uaf_memset+0x1a3/0x360 [ 11.559513] kasan_report+0x141/0x180 [ 11.559536] ? kmalloc_uaf_memset+0x1a3/0x360 [ 11.559563] kasan_check_range+0x10c/0x1c0 [ 11.559589] __asan_memset+0x27/0x50 [ 11.559609] kmalloc_uaf_memset+0x1a3/0x360 [ 11.559631] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 11.559653] ? __schedule+0x10cc/0x2b60 [ 11.559676] ? irqentry_exit+0x2a/0x60 [ 11.559694] ? __pfx_read_tsc+0x10/0x10 [ 11.559714] ? ktime_get_ts64+0x86/0x230 [ 11.559740] kunit_try_run_case+0x1a5/0x480 [ 11.559759] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.559780] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.559800] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.559825] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.559845] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.559868] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.560111] kthread+0x337/0x6f0 [ 11.560133] ? trace_preempt_on+0x20/0xc0 [ 11.560200] ? __pfx_kthread+0x10/0x10 [ 11.560219] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.560243] ? calculate_sigpending+0x7b/0xa0 [ 11.560264] ? __pfx_kthread+0x10/0x10 [ 11.560282] ret_from_fork+0x41/0x80 [ 11.560303] ? __pfx_kthread+0x10/0x10 [ 11.560321] ret_from_fork_asm+0x1a/0x30 [ 11.560352] </TASK> [ 11.560364] [ 11.577819] Allocated by task 206: [ 11.578233] kasan_save_stack+0x45/0x70 [ 11.578387] kasan_save_track+0x18/0x40 [ 11.578531] kasan_save_alloc_info+0x3b/0x50 [ 11.578961] __kasan_kmalloc+0xb7/0xc0 [ 11.579371] __kmalloc_cache_noprof+0x189/0x420 [ 11.579882] kmalloc_uaf_memset+0xa9/0x360 [ 11.580505] kunit_try_run_case+0x1a5/0x480 [ 11.580694] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.581018] kthread+0x337/0x6f0 [ 11.581322] ret_from_fork+0x41/0x80 [ 11.581716] ret_from_fork_asm+0x1a/0x30 [ 11.582207] [ 11.582393] Freed by task 206: [ 11.582548] kasan_save_stack+0x45/0x70 [ 11.583002] kasan_save_track+0x18/0x40 [ 11.583304] kasan_save_free_info+0x3f/0x60 [ 11.583449] __kasan_slab_free+0x56/0x70 [ 11.583620] kfree+0x222/0x3f0 [ 11.583946] kmalloc_uaf_memset+0x12b/0x360 [ 11.584499] kunit_try_run_case+0x1a5/0x480 [ 11.585044] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.585569] kthread+0x337/0x6f0 [ 11.585862] ret_from_fork+0x41/0x80 [ 11.586120] ret_from_fork_asm+0x1a/0x30 [ 11.586504] [ 11.586700] The buggy address belongs to the object at ffff8881029d6180 [ 11.586700] which belongs to the cache kmalloc-64 of size 64 [ 11.587537] The buggy address is located 0 bytes inside of [ 11.587537] freed 64-byte region [ffff8881029d6180, ffff8881029d61c0) [ 11.588252] [ 11.588335] The buggy address belongs to the physical page: [ 11.588520] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029d6 [ 11.589486] flags: 0x200000000000000(node=0|zone=2) [ 11.590049] page_type: f5(slab) [ 11.590461] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.591268] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.591692] page dumped because: kasan: bad access detected [ 11.592393] [ 11.592585] Memory state around the buggy address: [ 11.592792] ffff8881029d6080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.593168] ffff8881029d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.593792] >ffff8881029d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.594473] ^ [ 11.594754] ffff8881029d6200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.595076] ffff8881029d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.595699] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 11.521645] ================================================================== [ 11.522740] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 11.523168] Read of size 1 at addr ffff88810242c928 by task kunit_try_catch/204 [ 11.523403] [ 11.523497] CPU: 0 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 11.523553] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.523565] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.523594] Call Trace: [ 11.523608] <TASK> [ 11.523625] dump_stack_lvl+0x73/0xb0 [ 11.523653] print_report+0xd1/0x650 [ 11.523678] ? __virt_addr_valid+0x1db/0x2d0 [ 11.523702] ? kmalloc_uaf+0x320/0x380 [ 11.523723] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.523771] ? kmalloc_uaf+0x320/0x380 [ 11.523978] kasan_report+0x141/0x180 [ 11.524010] ? kmalloc_uaf+0x320/0x380 [ 11.524038] __asan_report_load1_noabort+0x18/0x20 [ 11.524060] kmalloc_uaf+0x320/0x380 [ 11.524100] ? __pfx_kmalloc_uaf+0x10/0x10 [ 11.524123] ? __schedule+0x10cc/0x2b60 [ 11.524148] ? __pfx_read_tsc+0x10/0x10 [ 11.524169] ? ktime_get_ts64+0x86/0x230 [ 11.524196] kunit_try_run_case+0x1a5/0x480 [ 11.524219] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.524239] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.524264] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.524310] ? __kthread_parkme+0x82/0x180 [ 11.524334] ? preempt_count_sub+0x50/0x80 [ 11.524372] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.524393] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.524416] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.524440] kthread+0x337/0x6f0 [ 11.524457] ? trace_preempt_on+0x20/0xc0 [ 11.524483] ? __pfx_kthread+0x10/0x10 [ 11.524501] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.524524] ? calculate_sigpending+0x7b/0xa0 [ 11.524546] ? __pfx_kthread+0x10/0x10 [ 11.524565] ret_from_fork+0x41/0x80 [ 11.524587] ? __pfx_kthread+0x10/0x10 [ 11.524605] ret_from_fork_asm+0x1a/0x30 [ 11.524636] </TASK> [ 11.524647] [ 11.538501] Allocated by task 204: [ 11.538925] kasan_save_stack+0x45/0x70 [ 11.539310] kasan_save_track+0x18/0x40 [ 11.539803] kasan_save_alloc_info+0x3b/0x50 [ 11.540162] __kasan_kmalloc+0xb7/0xc0 [ 11.540304] __kmalloc_cache_noprof+0x189/0x420 [ 11.540458] kmalloc_uaf+0xaa/0x380 [ 11.540739] kunit_try_run_case+0x1a5/0x480 [ 11.541462] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.542183] kthread+0x337/0x6f0 [ 11.542819] ret_from_fork+0x41/0x80 [ 11.543310] ret_from_fork_asm+0x1a/0x30 [ 11.543525] [ 11.543801] Freed by task 204: [ 11.544274] kasan_save_stack+0x45/0x70 [ 11.544505] kasan_save_track+0x18/0x40 [ 11.545085] kasan_save_free_info+0x3f/0x60 [ 11.545423] __kasan_slab_free+0x56/0x70 [ 11.545601] kfree+0x222/0x3f0 [ 11.546107] kmalloc_uaf+0x12c/0x380 [ 11.546541] kunit_try_run_case+0x1a5/0x480 [ 11.546989] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.547172] kthread+0x337/0x6f0 [ 11.547291] ret_from_fork+0x41/0x80 [ 11.547421] ret_from_fork_asm+0x1a/0x30 [ 11.547578] [ 11.547651] The buggy address belongs to the object at ffff88810242c920 [ 11.547651] which belongs to the cache kmalloc-16 of size 16 [ 11.548345] The buggy address is located 8 bytes inside of [ 11.548345] freed 16-byte region [ffff88810242c920, ffff88810242c930) [ 11.549227] [ 11.549311] The buggy address belongs to the physical page: [ 11.549686] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10242c [ 11.550283] flags: 0x200000000000000(node=0|zone=2) [ 11.550555] page_type: f5(slab) [ 11.550729] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.551184] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.551535] page dumped because: kasan: bad access detected [ 11.551847] [ 11.552047] Memory state around the buggy address: [ 11.552215] ffff88810242c800: 00 04 fc fc 00 00 fc fc 00 04 fc fc 00 04 fc fc [ 11.552487] ffff88810242c880: 00 00 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 11.553101] >ffff88810242c900: 00 05 fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 11.553383] ^ [ 11.553697] ffff88810242c980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.553993] ffff88810242ca00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.554421] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 11.489790] ================================================================== [ 11.490789] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.491406] Read of size 64 at addr ffff8881029d6004 by task kunit_try_catch/202 [ 11.492012] [ 11.492272] CPU: 1 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 11.492331] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.492343] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.492366] Call Trace: [ 11.492378] <TASK> [ 11.492393] dump_stack_lvl+0x73/0xb0 [ 11.492420] print_report+0xd1/0x650 [ 11.492444] ? __virt_addr_valid+0x1db/0x2d0 [ 11.492466] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.492487] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.492618] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.492647] kasan_report+0x141/0x180 [ 11.492672] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.492699] kasan_check_range+0x10c/0x1c0 [ 11.492720] __asan_memmove+0x27/0x70 [ 11.492741] kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.492762] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 11.492785] ? __schedule+0x10cc/0x2b60 [ 11.492808] ? __pfx_read_tsc+0x10/0x10 [ 11.492829] ? ktime_get_ts64+0x86/0x230 [ 11.492886] kunit_try_run_case+0x1a5/0x480 [ 11.492909] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.492928] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.492953] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.492977] ? __kthread_parkme+0x82/0x180 [ 11.493000] ? preempt_count_sub+0x50/0x80 [ 11.493059] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.493080] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.493104] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.493127] kthread+0x337/0x6f0 [ 11.493145] ? trace_preempt_on+0x20/0xc0 [ 11.493168] ? __pfx_kthread+0x10/0x10 [ 11.493186] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.493208] ? calculate_sigpending+0x7b/0xa0 [ 11.493230] ? __pfx_kthread+0x10/0x10 [ 11.493248] ret_from_fork+0x41/0x80 [ 11.493269] ? __pfx_kthread+0x10/0x10 [ 11.493287] ret_from_fork_asm+0x1a/0x30 [ 11.493318] </TASK> [ 11.493329] [ 11.505379] Allocated by task 202: [ 11.505833] kasan_save_stack+0x45/0x70 [ 11.506272] kasan_save_track+0x18/0x40 [ 11.506569] kasan_save_alloc_info+0x3b/0x50 [ 11.506917] __kasan_kmalloc+0xb7/0xc0 [ 11.507177] __kmalloc_cache_noprof+0x189/0x420 [ 11.507389] kmalloc_memmove_invalid_size+0xac/0x330 [ 11.508016] kunit_try_run_case+0x1a5/0x480 [ 11.508277] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.508679] kthread+0x337/0x6f0 [ 11.509009] ret_from_fork+0x41/0x80 [ 11.509204] ret_from_fork_asm+0x1a/0x30 [ 11.509391] [ 11.509482] The buggy address belongs to the object at ffff8881029d6000 [ 11.509482] which belongs to the cache kmalloc-64 of size 64 [ 11.510498] The buggy address is located 4 bytes inside of [ 11.510498] allocated 64-byte region [ffff8881029d6000, ffff8881029d6040) [ 11.511374] [ 11.511472] The buggy address belongs to the physical page: [ 11.512016] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029d6 [ 11.512475] flags: 0x200000000000000(node=0|zone=2) [ 11.512856] page_type: f5(slab) [ 11.513242] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.513927] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.514661] page dumped because: kasan: bad access detected [ 11.514972] [ 11.515211] Memory state around the buggy address: [ 11.515405] ffff8881029d5f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.515986] ffff8881029d5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.516411] >ffff8881029d6000: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 11.517182] ^ [ 11.517485] ffff8881029d6080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.518100] ffff8881029d6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.518637] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 47.885754] ================================================================== [ 47.886150] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 47.886150] [ 47.886586] Use-after-free read at 0x(____ptrval____) (in kfence-#132): [ 47.887302] test_krealloc+0x6fc/0xbe0 [ 47.887498] kunit_try_run_case+0x1a5/0x480 [ 47.887915] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 47.888204] kthread+0x337/0x6f0 [ 47.888524] ret_from_fork+0x41/0x80 [ 47.888863] ret_from_fork_asm+0x1a/0x30 [ 47.889101] [ 47.889185] kfence-#132: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 47.889185] [ 47.889816] allocated by task 357 on cpu 0 at 47.885118s (0.004695s ago): [ 47.890309] test_alloc+0x364/0x10f0 [ 47.890497] test_krealloc+0xad/0xbe0 [ 47.890828] kunit_try_run_case+0x1a5/0x480 [ 47.891143] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 47.891406] kthread+0x337/0x6f0 [ 47.891776] ret_from_fork+0x41/0x80 [ 47.892065] ret_from_fork_asm+0x1a/0x30 [ 47.892345] [ 47.892461] freed by task 357 on cpu 0 at 47.885388s (0.007070s ago): [ 47.892912] krealloc_noprof+0x108/0x340 [ 47.893120] test_krealloc+0x226/0xbe0 [ 47.893442] kunit_try_run_case+0x1a5/0x480 [ 47.893776] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 47.894051] kthread+0x337/0x6f0 [ 47.894217] ret_from_fork+0x41/0x80 [ 47.894392] ret_from_fork_asm+0x1a/0x30 [ 47.894609] [ 47.895013] CPU: 0 UID: 0 PID: 357 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 47.895540] Tainted: [B]=BAD_PAGE, [N]=TEST [ 47.895845] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 47.896326] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 47.807101] ================================================================== [ 47.807633] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 47.807633] [ 47.807984] Use-after-free read at 0x(____ptrval____) (in kfence-#131): [ 47.808200] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 47.808382] kunit_try_run_case+0x1a5/0x480 [ 47.808533] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 47.808713] kthread+0x337/0x6f0 [ 47.808841] ret_from_fork+0x41/0x80 [ 47.810961] ret_from_fork_asm+0x1a/0x30 [ 47.811740] [ 47.812241] kfence-#131: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 47.812241] [ 47.813616] allocated by task 355 on cpu 0 at 47.781789s (0.031823s ago): [ 47.814538] test_alloc+0x2a6/0x10f0 [ 47.814733] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 47.814932] kunit_try_run_case+0x1a5/0x480 [ 47.815155] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 47.815385] kthread+0x337/0x6f0 [ 47.815591] ret_from_fork+0x41/0x80 [ 47.815766] ret_from_fork_asm+0x1a/0x30 [ 47.815945] [ 47.816022] freed by task 355 on cpu 0 at 47.782001s (0.034018s ago): [ 47.816326] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 47.816538] kunit_try_run_case+0x1a5/0x480 [ 47.816745] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 47.816990] kthread+0x337/0x6f0 [ 47.817143] ret_from_fork+0x41/0x80 [ 47.817295] ret_from_fork_asm+0x1a/0x30 [ 47.817519] [ 47.817649] CPU: 0 UID: 0 PID: 355 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 47.818043] Tainted: [B]=BAD_PAGE, [N]=TEST [ 47.818250] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 47.818611] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 22.626581] ================================================================== [ 22.627169] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 22.627169] [ 22.628356] Invalid read at 0x(____ptrval____): [ 22.628941] test_invalid_access+0xf0/0x210 [ 22.629165] kunit_try_run_case+0x1a5/0x480 [ 22.629372] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.629601] kthread+0x337/0x6f0 [ 22.629811] ret_from_fork+0x41/0x80 [ 22.630013] ret_from_fork_asm+0x1a/0x30 [ 22.630250] [ 22.630377] CPU: 0 UID: 0 PID: 351 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 22.630848] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.631089] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.631529] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 22.405485] ================================================================== [ 22.405918] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 22.405918] [ 22.406307] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#127): [ 22.406934] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 22.407206] kunit_try_run_case+0x1a5/0x480 [ 22.407426] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.407703] kthread+0x337/0x6f0 [ 22.407905] ret_from_fork+0x41/0x80 [ 22.408049] ret_from_fork_asm+0x1a/0x30 [ 22.408238] [ 22.408342] kfence-#127: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 22.408342] [ 22.408806] allocated by task 345 on cpu 1 at 22.405209s (0.003595s ago): [ 22.409095] test_alloc+0x364/0x10f0 [ 22.409232] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 22.409481] kunit_try_run_case+0x1a5/0x480 [ 22.409692] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.409957] kthread+0x337/0x6f0 [ 22.410085] ret_from_fork+0x41/0x80 [ 22.410647] ret_from_fork_asm+0x1a/0x30 [ 22.410894] [ 22.410998] freed by task 345 on cpu 1 at 22.405352s (0.005643s ago): [ 22.411310] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 22.411621] kunit_try_run_case+0x1a5/0x480 [ 22.411807] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.412049] kthread+0x337/0x6f0 [ 22.412226] ret_from_fork+0x41/0x80 [ 22.412416] ret_from_fork_asm+0x1a/0x30 [ 22.412616] [ 22.412745] CPU: 1 UID: 0 PID: 345 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 22.413127] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.413313] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.413727] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 22.301362] ================================================================== [ 22.301804] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 22.301804] [ 22.302187] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#126): [ 22.302558] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 22.302764] kunit_try_run_case+0x1a5/0x480 [ 22.302987] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.303257] kthread+0x337/0x6f0 [ 22.303426] ret_from_fork+0x41/0x80 [ 22.303565] ret_from_fork_asm+0x1a/0x30 [ 22.303778] [ 22.303896] kfence-#126: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 22.303896] [ 22.304237] allocated by task 343 on cpu 1 at 22.301153s (0.003081s ago): [ 22.304682] test_alloc+0x364/0x10f0 [ 22.304893] test_kmalloc_aligned_oob_read+0x105/0x560 [ 22.305150] kunit_try_run_case+0x1a5/0x480 [ 22.305326] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.305517] kthread+0x337/0x6f0 [ 22.305702] ret_from_fork+0x41/0x80 [ 22.305905] ret_from_fork_asm+0x1a/0x30 [ 22.306115] [ 22.306229] CPU: 1 UID: 0 PID: 343 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 22.306717] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.306936] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.307309] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 17.517429] ================================================================== [ 17.517804] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 17.517804] [ 17.518202] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#80): [ 17.518630] test_corruption+0x2df/0x3e0 [ 17.518959] kunit_try_run_case+0x1a5/0x480 [ 17.519149] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.519425] kthread+0x337/0x6f0 [ 17.519596] ret_from_fork+0x41/0x80 [ 17.519795] ret_from_fork_asm+0x1a/0x30 [ 17.519949] [ 17.520052] kfence-#80: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.520052] [ 17.520528] allocated by task 331 on cpu 1 at 17.517170s (0.003355s ago): [ 17.520841] test_alloc+0x364/0x10f0 [ 17.521036] test_corruption+0x1cb/0x3e0 [ 17.521255] kunit_try_run_case+0x1a5/0x480 [ 17.521469] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.521733] kthread+0x337/0x6f0 [ 17.521952] ret_from_fork+0x41/0x80 [ 17.522087] ret_from_fork_asm+0x1a/0x30 [ 17.522247] [ 17.522347] freed by task 331 on cpu 1 at 17.517262s (0.005083s ago): [ 17.522843] test_corruption+0x2df/0x3e0 [ 17.523048] kunit_try_run_case+0x1a5/0x480 [ 17.523250] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.523505] kthread+0x337/0x6f0 [ 17.523680] ret_from_fork+0x41/0x80 [ 17.523896] ret_from_fork_asm+0x1a/0x30 [ 17.524115] [ 17.524237] CPU: 1 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 17.524675] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.524813] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.525252] ================================================================== [ 18.245260] ================================================================== [ 18.245699] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 18.245699] [ 18.246022] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#87): [ 18.246425] test_corruption+0x216/0x3e0 [ 18.246595] kunit_try_run_case+0x1a5/0x480 [ 18.246818] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.247051] kthread+0x337/0x6f0 [ 18.247240] ret_from_fork+0x41/0x80 [ 18.247441] ret_from_fork_asm+0x1a/0x30 [ 18.247646] [ 18.247748] kfence-#87: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.247748] [ 18.248114] allocated by task 333 on cpu 0 at 18.245123s (0.002988s ago): [ 18.248412] test_alloc+0x2a6/0x10f0 [ 18.248557] test_corruption+0x1cb/0x3e0 [ 18.248775] kunit_try_run_case+0x1a5/0x480 [ 18.248987] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.249189] kthread+0x337/0x6f0 [ 18.249315] ret_from_fork+0x41/0x80 [ 18.249466] ret_from_fork_asm+0x1a/0x30 [ 18.249671] [ 18.249776] freed by task 333 on cpu 0 at 18.245173s (0.004600s ago): [ 18.250103] test_corruption+0x216/0x3e0 [ 18.250291] kunit_try_run_case+0x1a5/0x480 [ 18.250442] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.250667] kthread+0x337/0x6f0 [ 18.250925] ret_from_fork+0x41/0x80 [ 18.251107] ret_from_fork_asm+0x1a/0x30 [ 18.251306] [ 18.251429] CPU: 0 UID: 0 PID: 333 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 18.251860] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.252082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.252417] ================================================================== [ 17.413413] ================================================================== [ 17.413767] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 17.413767] [ 17.414149] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#79): [ 17.414738] test_corruption+0x2d2/0x3e0 [ 17.414919] kunit_try_run_case+0x1a5/0x480 [ 17.415145] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.415405] kthread+0x337/0x6f0 [ 17.415585] ret_from_fork+0x41/0x80 [ 17.415763] ret_from_fork_asm+0x1a/0x30 [ 17.415936] [ 17.416014] kfence-#79: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.416014] [ 17.416297] allocated by task 331 on cpu 1 at 17.413260s (0.003034s ago): [ 17.416581] test_alloc+0x364/0x10f0 [ 17.416768] test_corruption+0xe6/0x3e0 [ 17.417024] kunit_try_run_case+0x1a5/0x480 [ 17.417400] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.417573] kthread+0x337/0x6f0 [ 17.417692] ret_from_fork+0x41/0x80 [ 17.418036] ret_from_fork_asm+0x1a/0x30 [ 17.418242] [ 17.418364] freed by task 331 on cpu 1 at 17.413339s (0.005023s ago): [ 17.418734] test_corruption+0x2d2/0x3e0 [ 17.418974] kunit_try_run_case+0x1a5/0x480 [ 17.419196] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.419443] kthread+0x337/0x6f0 [ 17.419708] ret_from_fork+0x41/0x80 [ 17.419909] ret_from_fork_asm+0x1a/0x30 [ 17.420124] [ 17.420225] CPU: 1 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 17.420542] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.420765] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.421230] ================================================================== [ 17.829314] ================================================================== [ 17.829789] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 17.829789] [ 17.830099] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#83): [ 17.830744] test_corruption+0x131/0x3e0 [ 17.830969] kunit_try_run_case+0x1a5/0x480 [ 17.831196] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.831411] kthread+0x337/0x6f0 [ 17.831648] ret_from_fork+0x41/0x80 [ 17.831812] ret_from_fork_asm+0x1a/0x30 [ 17.832032] [ 17.832138] kfence-#83: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.832138] [ 17.832501] allocated by task 333 on cpu 0 at 17.829175s (0.003323s ago): [ 17.832793] test_alloc+0x2a6/0x10f0 [ 17.832986] test_corruption+0xe6/0x3e0 [ 17.833137] kunit_try_run_case+0x1a5/0x480 [ 17.833290] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.833535] kthread+0x337/0x6f0 [ 17.833722] ret_from_fork+0x41/0x80 [ 17.833933] ret_from_fork_asm+0x1a/0x30 [ 17.834138] [ 17.834221] freed by task 333 on cpu 0 at 17.829237s (0.004981s ago): [ 17.834468] test_corruption+0x131/0x3e0 [ 17.834904] kunit_try_run_case+0x1a5/0x480 [ 17.835093] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.835318] kthread+0x337/0x6f0 [ 17.835489] ret_from_fork+0x41/0x80 [ 17.835703] ret_from_fork_asm+0x1a/0x30 [ 17.835853] [ 17.835962] CPU: 0 UID: 0 PID: 333 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 17.836451] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.836663] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.836998] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 16.997292] ================================================================== [ 16.997769] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 16.997769] [ 16.998229] Invalid free of 0x(____ptrval____) (in kfence-#75): [ 16.998499] test_invalid_addr_free+0xfb/0x260 [ 16.998661] kunit_try_run_case+0x1a5/0x480 [ 16.998885] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.999172] kthread+0x337/0x6f0 [ 16.999325] ret_from_fork+0x41/0x80 [ 16.999460] ret_from_fork_asm+0x1a/0x30 [ 16.999850] [ 16.999982] kfence-#75: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.999982] [ 17.000374] allocated by task 329 on cpu 1 at 16.997191s (0.003180s ago): [ 17.000744] test_alloc+0x2a6/0x10f0 [ 17.000986] test_invalid_addr_free+0xdb/0x260 [ 17.001208] kunit_try_run_case+0x1a5/0x480 [ 17.001425] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.001667] kthread+0x337/0x6f0 [ 17.001788] ret_from_fork+0x41/0x80 [ 17.001977] ret_from_fork_asm+0x1a/0x30 [ 17.002212] [ 17.002360] CPU: 1 UID: 0 PID: 329 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 17.002848] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.003082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.003504] ================================================================== [ 16.893306] ================================================================== [ 16.893751] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 16.893751] [ 16.894096] Invalid free of 0x(____ptrval____) (in kfence-#74): [ 16.894436] test_invalid_addr_free+0x1e1/0x260 [ 16.894680] kunit_try_run_case+0x1a5/0x480 [ 16.894868] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.895206] kthread+0x337/0x6f0 [ 16.895342] ret_from_fork+0x41/0x80 [ 16.895565] ret_from_fork_asm+0x1a/0x30 [ 16.895812] [ 16.895956] kfence-#74: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.895956] [ 16.896320] allocated by task 327 on cpu 0 at 16.893191s (0.003125s ago): [ 16.896660] test_alloc+0x364/0x10f0 [ 16.896798] test_invalid_addr_free+0xdb/0x260 [ 16.897033] kunit_try_run_case+0x1a5/0x480 [ 16.897239] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.897466] kthread+0x337/0x6f0 [ 16.897696] ret_from_fork+0x41/0x80 [ 16.897865] ret_from_fork_asm+0x1a/0x30 [ 16.898067] [ 16.898213] CPU: 0 UID: 0 PID: 327 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 16.898696] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.898911] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.899227] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 16.789458] ================================================================== [ 16.789838] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 16.789838] [ 16.790126] Invalid free of 0x(____ptrval____) (in kfence-#73): [ 16.790325] test_double_free+0x112/0x260 [ 16.790484] kunit_try_run_case+0x1a5/0x480 [ 16.790656] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.791022] kthread+0x337/0x6f0 [ 16.791299] ret_from_fork+0x41/0x80 [ 16.791437] ret_from_fork_asm+0x1a/0x30 [ 16.791691] [ 16.791770] kfence-#73: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.791770] [ 16.792068] allocated by task 325 on cpu 1 at 16.789234s (0.002832s ago): [ 16.792624] test_alloc+0x2a6/0x10f0 [ 16.792787] test_double_free+0xdb/0x260 [ 16.792946] kunit_try_run_case+0x1a5/0x480 [ 16.793153] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.793401] kthread+0x337/0x6f0 [ 16.793985] ret_from_fork+0x41/0x80 [ 16.794599] ret_from_fork_asm+0x1a/0x30 [ 16.794897] [ 16.794986] freed by task 325 on cpu 1 at 16.789286s (0.005697s ago): [ 16.795245] test_double_free+0xfa/0x260 [ 16.795446] kunit_try_run_case+0x1a5/0x480 [ 16.795671] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.796176] kthread+0x337/0x6f0 [ 16.796325] ret_from_fork+0x41/0x80 [ 16.796617] ret_from_fork_asm+0x1a/0x30 [ 16.796940] [ 16.797076] CPU: 1 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 16.797652] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.797838] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.798237] ================================================================== [ 16.685405] ================================================================== [ 16.685841] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 16.685841] [ 16.686293] Invalid free of 0x(____ptrval____) (in kfence-#72): [ 16.686871] test_double_free+0x1d3/0x260 [ 16.687122] kunit_try_run_case+0x1a5/0x480 [ 16.687697] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.687968] kthread+0x337/0x6f0 [ 16.688161] ret_from_fork+0x41/0x80 [ 16.688546] ret_from_fork_asm+0x1a/0x30 [ 16.688773] [ 16.688887] kfence-#72: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.688887] [ 16.689281] allocated by task 323 on cpu 0 at 16.685211s (0.004066s ago): [ 16.689919] test_alloc+0x364/0x10f0 [ 16.690113] test_double_free+0xdb/0x260 [ 16.690443] kunit_try_run_case+0x1a5/0x480 [ 16.690789] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.691166] kthread+0x337/0x6f0 [ 16.691351] ret_from_fork+0x41/0x80 [ 16.691757] ret_from_fork_asm+0x1a/0x30 [ 16.692072] [ 16.692197] freed by task 323 on cpu 0 at 16.685270s (0.006924s ago): [ 16.692711] test_double_free+0x1e0/0x260 [ 16.693021] kunit_try_run_case+0x1a5/0x480 [ 16.693313] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.693683] kthread+0x337/0x6f0 [ 16.693883] ret_from_fork+0x41/0x80 [ 16.694183] ret_from_fork_asm+0x1a/0x30 [ 16.694483] [ 16.694621] CPU: 0 UID: 0 PID: 323 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 16.695128] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.695520] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.696014] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 11.458916] ================================================================== [ 11.459710] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 11.460364] Read of size 18446744073709551614 at addr ffff8881029cff84 by task kunit_try_catch/200 [ 11.460912] [ 11.461017] CPU: 1 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 11.461062] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.461074] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.461096] Call Trace: [ 11.461108] <TASK> [ 11.461123] dump_stack_lvl+0x73/0xb0 [ 11.461149] print_report+0xd1/0x650 [ 11.461173] ? __virt_addr_valid+0x1db/0x2d0 [ 11.461195] ? kmalloc_memmove_negative_size+0x171/0x330 [ 11.461250] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.461274] ? kmalloc_memmove_negative_size+0x171/0x330 [ 11.461316] kasan_report+0x141/0x180 [ 11.461341] ? kmalloc_memmove_negative_size+0x171/0x330 [ 11.461368] kasan_check_range+0x10c/0x1c0 [ 11.461388] __asan_memmove+0x27/0x70 [ 11.461409] kmalloc_memmove_negative_size+0x171/0x330 [ 11.461431] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 11.461453] ? __schedule+0x10cc/0x2b60 [ 11.461476] ? __pfx_read_tsc+0x10/0x10 [ 11.461496] ? ktime_get_ts64+0x86/0x230 [ 11.461539] kunit_try_run_case+0x1a5/0x480 [ 11.461561] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.461580] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.461604] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.461628] ? __kthread_parkme+0x82/0x180 [ 11.461650] ? preempt_count_sub+0x50/0x80 [ 11.461674] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.461694] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.461717] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.461740] kthread+0x337/0x6f0 [ 11.461757] ? trace_preempt_on+0x20/0xc0 [ 11.461781] ? __pfx_kthread+0x10/0x10 [ 11.461799] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.461821] ? calculate_sigpending+0x7b/0xa0 [ 11.461857] ? __pfx_kthread+0x10/0x10 [ 11.461887] ret_from_fork+0x41/0x80 [ 11.461908] ? __pfx_kthread+0x10/0x10 [ 11.461926] ret_from_fork_asm+0x1a/0x30 [ 11.461957] </TASK> [ 11.461968] [ 11.474299] Allocated by task 200: [ 11.474486] kasan_save_stack+0x45/0x70 [ 11.474693] kasan_save_track+0x18/0x40 [ 11.475084] kasan_save_alloc_info+0x3b/0x50 [ 11.475401] __kasan_kmalloc+0xb7/0xc0 [ 11.475771] __kmalloc_cache_noprof+0x189/0x420 [ 11.476020] kmalloc_memmove_negative_size+0xac/0x330 [ 11.476250] kunit_try_run_case+0x1a5/0x480 [ 11.476443] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.477093] kthread+0x337/0x6f0 [ 11.477391] ret_from_fork+0x41/0x80 [ 11.477799] ret_from_fork_asm+0x1a/0x30 [ 11.478253] [ 11.478488] The buggy address belongs to the object at ffff8881029cff80 [ 11.478488] which belongs to the cache kmalloc-64 of size 64 [ 11.479702] The buggy address is located 4 bytes inside of [ 11.479702] 64-byte region [ffff8881029cff80, ffff8881029cffc0) [ 11.480635] [ 11.480894] The buggy address belongs to the physical page: [ 11.481187] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cf [ 11.481717] flags: 0x200000000000000(node=0|zone=2) [ 11.482187] page_type: f5(slab) [ 11.482435] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.482998] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.483322] page dumped because: kasan: bad access detected [ 11.483684] [ 11.483773] Memory state around the buggy address: [ 11.484200] ffff8881029cfe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.484641] ffff8881029cff00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.485068] >ffff8881029cff80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 11.485627] ^ [ 11.485794] ffff8881029d0000: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 11.486215] ffff8881029d0080: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 11.486662] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 11.421423] ================================================================== [ 11.422217] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 11.423378] Write of size 16 at addr ffff8881035ebe69 by task kunit_try_catch/198 [ 11.423929] [ 11.424039] CPU: 0 UID: 0 PID: 198 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 11.424091] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.424104] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.424127] Call Trace: [ 11.424140] <TASK> [ 11.424159] dump_stack_lvl+0x73/0xb0 [ 11.424189] print_report+0xd1/0x650 [ 11.424215] ? __virt_addr_valid+0x1db/0x2d0 [ 11.424239] ? kmalloc_oob_memset_16+0x166/0x330 [ 11.424263] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.424286] ? kmalloc_oob_memset_16+0x166/0x330 [ 11.424310] kasan_report+0x141/0x180 [ 11.424367] ? kmalloc_oob_memset_16+0x166/0x330 [ 11.424396] kasan_check_range+0x10c/0x1c0 [ 11.424417] __asan_memset+0x27/0x50 [ 11.424439] kmalloc_oob_memset_16+0x166/0x330 [ 11.424466] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 11.424547] ? __schedule+0x10cc/0x2b60 [ 11.424577] ? __pfx_read_tsc+0x10/0x10 [ 11.424599] ? ktime_get_ts64+0x86/0x230 [ 11.424768] kunit_try_run_case+0x1a5/0x480 [ 11.424793] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.424813] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.424865] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.424904] ? __kthread_parkme+0x82/0x180 [ 11.424928] ? preempt_count_sub+0x50/0x80 [ 11.424955] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.424977] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.425002] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.425027] kthread+0x337/0x6f0 [ 11.425045] ? trace_preempt_on+0x20/0xc0 [ 11.425069] ? __pfx_kthread+0x10/0x10 [ 11.425089] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.425112] ? calculate_sigpending+0x7b/0xa0 [ 11.425136] ? __pfx_kthread+0x10/0x10 [ 11.425156] ret_from_fork+0x41/0x80 [ 11.425178] ? __pfx_kthread+0x10/0x10 [ 11.425197] ret_from_fork_asm+0x1a/0x30 [ 11.425230] </TASK> [ 11.425243] [ 11.440647] Allocated by task 198: [ 11.441043] kasan_save_stack+0x45/0x70 [ 11.441440] kasan_save_track+0x18/0x40 [ 11.441972] kasan_save_alloc_info+0x3b/0x50 [ 11.442300] __kasan_kmalloc+0xb7/0xc0 [ 11.442462] __kmalloc_cache_noprof+0x189/0x420 [ 11.443141] kmalloc_oob_memset_16+0xac/0x330 [ 11.443420] kunit_try_run_case+0x1a5/0x480 [ 11.443604] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.444258] kthread+0x337/0x6f0 [ 11.444606] ret_from_fork+0x41/0x80 [ 11.445051] ret_from_fork_asm+0x1a/0x30 [ 11.445201] [ 11.445277] The buggy address belongs to the object at ffff8881035ebe00 [ 11.445277] which belongs to the cache kmalloc-128 of size 128 [ 11.445934] The buggy address is located 105 bytes inside of [ 11.445934] allocated 120-byte region [ffff8881035ebe00, ffff8881035ebe78) [ 11.447320] [ 11.447489] The buggy address belongs to the physical page: [ 11.448264] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1035eb [ 11.448679] flags: 0x200000000000000(node=0|zone=2) [ 11.448940] page_type: f5(slab) [ 11.449300] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.450249] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.450765] page dumped because: kasan: bad access detected [ 11.451235] [ 11.451397] Memory state around the buggy address: [ 11.451869] ffff8881035ebd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.452304] ffff8881035ebd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.452550] >ffff8881035ebe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.453361] ^ [ 11.454289] ffff8881035ebe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.454735] ffff8881035ebf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.455262] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 11.388483] ================================================================== [ 11.389771] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 11.390182] Write of size 8 at addr ffff8881029caa71 by task kunit_try_catch/196 [ 11.391170] [ 11.391476] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 11.391525] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.391537] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.391670] Call Trace: [ 11.391689] <TASK> [ 11.391708] dump_stack_lvl+0x73/0xb0 [ 11.391738] print_report+0xd1/0x650 [ 11.391762] ? __virt_addr_valid+0x1db/0x2d0 [ 11.391785] ? kmalloc_oob_memset_8+0x166/0x330 [ 11.391807] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.391830] ? kmalloc_oob_memset_8+0x166/0x330 [ 11.391959] kasan_report+0x141/0x180 [ 11.391984] ? kmalloc_oob_memset_8+0x166/0x330 [ 11.392011] kasan_check_range+0x10c/0x1c0 [ 11.392032] __asan_memset+0x27/0x50 [ 11.392053] kmalloc_oob_memset_8+0x166/0x330 [ 11.392076] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 11.392099] ? __schedule+0x10cc/0x2b60 [ 11.392124] ? __pfx_read_tsc+0x10/0x10 [ 11.392144] ? ktime_get_ts64+0x86/0x230 [ 11.392171] kunit_try_run_case+0x1a5/0x480 [ 11.392192] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.392211] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.392235] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.392259] ? __kthread_parkme+0x82/0x180 [ 11.392283] ? preempt_count_sub+0x50/0x80 [ 11.392309] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.392329] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.392352] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.392375] kthread+0x337/0x6f0 [ 11.392392] ? trace_preempt_on+0x20/0xc0 [ 11.392417] ? __pfx_kthread+0x10/0x10 [ 11.392436] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.392458] ? calculate_sigpending+0x7b/0xa0 [ 11.392480] ? __pfx_kthread+0x10/0x10 [ 11.392498] ret_from_fork+0x41/0x80 [ 11.392532] ? __pfx_kthread+0x10/0x10 [ 11.392550] ret_from_fork_asm+0x1a/0x30 [ 11.392580] </TASK> [ 11.392592] [ 11.404179] Allocated by task 196: [ 11.404317] kasan_save_stack+0x45/0x70 [ 11.404465] kasan_save_track+0x18/0x40 [ 11.404801] kasan_save_alloc_info+0x3b/0x50 [ 11.405455] __kasan_kmalloc+0xb7/0xc0 [ 11.405976] __kmalloc_cache_noprof+0x189/0x420 [ 11.406392] kmalloc_oob_memset_8+0xac/0x330 [ 11.406840] kunit_try_run_case+0x1a5/0x480 [ 11.407151] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.407322] kthread+0x337/0x6f0 [ 11.407439] ret_from_fork+0x41/0x80 [ 11.407653] ret_from_fork_asm+0x1a/0x30 [ 11.408016] [ 11.408262] The buggy address belongs to the object at ffff8881029caa00 [ 11.408262] which belongs to the cache kmalloc-128 of size 128 [ 11.409731] The buggy address is located 113 bytes inside of [ 11.409731] allocated 120-byte region [ffff8881029caa00, ffff8881029caa78) [ 11.410426] [ 11.410504] The buggy address belongs to the physical page: [ 11.411059] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ca [ 11.411787] flags: 0x200000000000000(node=0|zone=2) [ 11.412251] page_type: f5(slab) [ 11.412378] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.412788] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.413696] page dumped because: kasan: bad access detected [ 11.414253] [ 11.414415] Memory state around the buggy address: [ 11.414581] ffff8881029ca900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.414804] ffff8881029ca980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.415128] >ffff8881029caa00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.415790] ^ [ 11.416468] ffff8881029caa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.417379] ffff8881029cab00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.418018] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 16.269460] ================================================================== [ 16.269997] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 16.269997] [ 16.270437] Use-after-free read at 0x(____ptrval____) (in kfence-#68): [ 16.271062] test_use_after_free_read+0x129/0x270 [ 16.271457] kunit_try_run_case+0x1a5/0x480 [ 16.272021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.272283] kthread+0x337/0x6f0 [ 16.272471] ret_from_fork+0x41/0x80 [ 16.272753] ret_from_fork_asm+0x1a/0x30 [ 16.273123] [ 16.273319] kfence-#68: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.273319] [ 16.273792] allocated by task 315 on cpu 1 at 16.269232s (0.004557s ago): [ 16.274218] test_alloc+0x364/0x10f0 [ 16.274396] test_use_after_free_read+0xdc/0x270 [ 16.274795] kunit_try_run_case+0x1a5/0x480 [ 16.275114] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.275460] kthread+0x337/0x6f0 [ 16.275769] ret_from_fork+0x41/0x80 [ 16.276056] ret_from_fork_asm+0x1a/0x30 [ 16.276338] [ 16.276523] freed by task 315 on cpu 1 at 16.269295s (0.007225s ago): [ 16.276932] test_use_after_free_read+0x1e7/0x270 [ 16.277160] kunit_try_run_case+0x1a5/0x480 [ 16.277488] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.277847] kthread+0x337/0x6f0 [ 16.278121] ret_from_fork+0x41/0x80 [ 16.278312] ret_from_fork_asm+0x1a/0x30 [ 16.278667] [ 16.278907] CPU: 1 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 16.279467] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.279692] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.280087] ================================================================== [ 16.373424] ================================================================== [ 16.374048] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 16.374048] [ 16.374428] Use-after-free read at 0x(____ptrval____) (in kfence-#69): [ 16.374706] test_use_after_free_read+0x129/0x270 [ 16.374998] kunit_try_run_case+0x1a5/0x480 [ 16.375192] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.375450] kthread+0x337/0x6f0 [ 16.376197] ret_from_fork+0x41/0x80 [ 16.376362] ret_from_fork_asm+0x1a/0x30 [ 16.376720] [ 16.376920] kfence-#69: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.376920] [ 16.377414] allocated by task 317 on cpu 0 at 16.373204s (0.004206s ago): [ 16.377989] test_alloc+0x2a6/0x10f0 [ 16.378173] test_use_after_free_read+0xdc/0x270 [ 16.378381] kunit_try_run_case+0x1a5/0x480 [ 16.378579] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.379137] kthread+0x337/0x6f0 [ 16.379287] ret_from_fork+0x41/0x80 [ 16.379655] ret_from_fork_asm+0x1a/0x30 [ 16.379949] [ 16.380038] freed by task 317 on cpu 0 at 16.373249s (0.006786s ago): [ 16.380530] test_use_after_free_read+0xfb/0x270 [ 16.380763] kunit_try_run_case+0x1a5/0x480 [ 16.380976] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.381216] kthread+0x337/0x6f0 [ 16.381371] ret_from_fork+0x41/0x80 [ 16.381843] ret_from_fork_asm+0x1a/0x30 [ 16.382055] [ 16.382173] CPU: 0 UID: 0 PID: 317 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 16.382805] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.383086] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.383530] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 16.061488] ================================================================== [ 16.061926] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 16.061926] [ 16.063046] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#66): [ 16.063758] test_out_of_bounds_write+0x10d/0x260 [ 16.063957] kunit_try_run_case+0x1a5/0x480 [ 16.064111] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.064288] kthread+0x337/0x6f0 [ 16.064414] ret_from_fork+0x41/0x80 [ 16.064571] ret_from_fork_asm+0x1a/0x30 [ 16.064841] [ 16.064993] kfence-#66: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.064993] [ 16.065322] allocated by task 311 on cpu 1 at 16.061373s (0.003947s ago): [ 16.065645] test_alloc+0x364/0x10f0 [ 16.065895] test_out_of_bounds_write+0xd4/0x260 [ 16.066215] kunit_try_run_case+0x1a5/0x480 [ 16.066370] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.066702] kthread+0x337/0x6f0 [ 16.066890] ret_from_fork+0x41/0x80 [ 16.067079] ret_from_fork_asm+0x1a/0x30 [ 16.067219] [ 16.067345] CPU: 1 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 16.067920] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.068062] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.068404] ================================================================== [ 16.165253] ================================================================== [ 16.165724] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 16.165724] [ 16.166147] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#67): [ 16.166442] test_out_of_bounds_write+0x10d/0x260 [ 16.166649] kunit_try_run_case+0x1a5/0x480 [ 16.167002] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.167231] kthread+0x337/0x6f0 [ 16.167466] ret_from_fork+0x41/0x80 [ 16.167733] ret_from_fork_asm+0x1a/0x30 [ 16.167985] [ 16.168083] kfence-#67: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.168083] [ 16.168468] allocated by task 313 on cpu 0 at 16.165186s (0.003279s ago): [ 16.168788] test_alloc+0x2a6/0x10f0 [ 16.168936] test_out_of_bounds_write+0xd4/0x260 [ 16.169097] kunit_try_run_case+0x1a5/0x480 [ 16.169369] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.169640] kthread+0x337/0x6f0 [ 16.169810] ret_from_fork+0x41/0x80 [ 16.170116] ret_from_fork_asm+0x1a/0x30 [ 16.170380] [ 16.170502] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 16.170864] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.171116] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.171684] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 15.853280] ================================================================== [ 15.853764] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 15.853764] [ 15.854188] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#64): [ 15.854586] test_out_of_bounds_read+0x126/0x4e0 [ 15.854815] kunit_try_run_case+0x1a5/0x480 [ 15.855011] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.855266] kthread+0x337/0x6f0 [ 15.855444] ret_from_fork+0x41/0x80 [ 15.855642] ret_from_fork_asm+0x1a/0x30 [ 15.856001] [ 15.856113] kfence-#64: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 15.856113] [ 15.856445] allocated by task 309 on cpu 1 at 15.853217s (0.003225s ago): [ 15.857517] test_alloc+0x2a6/0x10f0 [ 15.857730] test_out_of_bounds_read+0xed/0x4e0 [ 15.858039] kunit_try_run_case+0x1a5/0x480 [ 15.858431] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.858730] kthread+0x337/0x6f0 [ 15.858865] ret_from_fork+0x41/0x80 [ 15.859071] ret_from_fork_asm+0x1a/0x30 [ 15.859261] [ 15.859389] CPU: 1 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 15.859831] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.860106] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.860444] ================================================================== [ 15.646272] ================================================================== [ 15.646738] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 15.646738] [ 15.647190] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#62): [ 15.647539] test_out_of_bounds_read+0x126/0x4e0 [ 15.647982] kunit_try_run_case+0x1a5/0x480 [ 15.648211] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.648441] kthread+0x337/0x6f0 [ 15.648640] ret_from_fork+0x41/0x80 [ 15.648900] ret_from_fork_asm+0x1a/0x30 [ 15.649426] [ 15.649508] kfence-#62: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 15.649508] [ 15.650038] allocated by task 307 on cpu 1 at 15.645165s (0.004869s ago): [ 15.650490] test_alloc+0x364/0x10f0 [ 15.650756] test_out_of_bounds_read+0xed/0x4e0 [ 15.651045] kunit_try_run_case+0x1a5/0x480 [ 15.651217] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.651619] kthread+0x337/0x6f0 [ 15.651797] ret_from_fork+0x41/0x80 [ 15.651973] ret_from_fork_asm+0x1a/0x30 [ 15.652182] [ 15.652300] CPU: 1 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 15.653015] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.653186] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.653762] ================================================================== [ 15.749334] ================================================================== [ 15.749914] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 15.749914] [ 15.750351] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#63): [ 15.750621] test_out_of_bounds_read+0x216/0x4e0 [ 15.750885] kunit_try_run_case+0x1a5/0x480 [ 15.751193] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.751430] kthread+0x337/0x6f0 [ 15.751690] ret_from_fork+0x41/0x80 [ 15.751838] ret_from_fork_asm+0x1a/0x30 [ 15.752045] [ 15.752122] kfence-#63: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 15.752122] [ 15.752494] allocated by task 307 on cpu 1 at 15.749170s (0.003322s ago): [ 15.752851] test_alloc+0x364/0x10f0 [ 15.753000] test_out_of_bounds_read+0x1e2/0x4e0 [ 15.753235] kunit_try_run_case+0x1a5/0x480 [ 15.753455] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.753840] kthread+0x337/0x6f0 [ 15.753995] ret_from_fork+0x41/0x80 [ 15.754172] ret_from_fork_asm+0x1a/0x30 [ 15.754375] [ 15.754496] CPU: 1 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 15.754888] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.755065] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.755444] ================================================================== [ 15.957261] ================================================================== [ 15.957769] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 15.957769] [ 15.958184] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#65): [ 15.958469] test_out_of_bounds_read+0x216/0x4e0 [ 15.958670] kunit_try_run_case+0x1a5/0x480 [ 15.958961] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.959199] kthread+0x337/0x6f0 [ 15.959337] ret_from_fork+0x41/0x80 [ 15.959534] ret_from_fork_asm+0x1a/0x30 [ 15.959747] [ 15.959856] kfence-#65: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 15.959856] [ 15.960168] allocated by task 309 on cpu 1 at 15.957205s (0.002960s ago): [ 15.960510] test_alloc+0x2a6/0x10f0 [ 15.960718] test_out_of_bounds_read+0x1e2/0x4e0 [ 15.960931] kunit_try_run_case+0x1a5/0x480 [ 15.961083] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.961330] kthread+0x337/0x6f0 [ 15.961507] ret_from_fork+0x41/0x80 [ 15.961721] ret_from_fork_asm+0x1a/0x30 [ 15.961916] [ 15.962015] CPU: 1 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 15.962487] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.962733] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.963099] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-kmalloc_oob_memset_4
[ 11.367351] ================================================================== [ 11.368946] BUG: KFENCE: memory corruption in kmalloc_oob_memset_4+0x187/0x330 [ 11.368946] [ 11.369714] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#39): [ 11.371183] kmalloc_oob_memset_4+0x187/0x330 [ 11.371353] kunit_try_run_case+0x1a5/0x480 [ 11.371501] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.371688] kthread+0x337/0x6f0 [ 11.371811] ret_from_fork+0x41/0x80 [ 11.372291] ret_from_fork_asm+0x1a/0x30 [ 11.372691] [ 11.373034] kfence-#39: 0x(____ptrval____)-0x(____ptrval____), size=120, cache=kmalloc-128 [ 11.373034] [ 11.374916] allocated by task 194 on cpu 1 at 11.365244s (0.009599s ago): [ 11.376156] kmalloc_oob_memset_4+0xac/0x330 [ 11.376620] kunit_try_run_case+0x1a5/0x480 [ 11.377121] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.377699] kthread+0x337/0x6f0 [ 11.378028] ret_from_fork+0x41/0x80 [ 11.378175] ret_from_fork_asm+0x1a/0x30 [ 11.378402] [ 11.378603] freed by task 194 on cpu 1 at 11.366794s (0.011733s ago): [ 11.379175] kmalloc_oob_memset_4+0x187/0x330 [ 11.379857] kunit_try_run_case+0x1a5/0x480 [ 11.380334] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.381061] kthread+0x337/0x6f0 [ 11.381304] ret_from_fork+0x41/0x80 [ 11.381477] ret_from_fork_asm+0x1a/0x30 [ 11.382140] [ 11.382569] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 11.383671] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.384228] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.384632] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 15.561054] ================================================================== [ 15.561443] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 15.561783] Write of size 1 at addr ffff888103606978 by task kunit_try_catch/305 [ 15.562136] [ 15.562252] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 15.562299] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.562314] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.562336] Call Trace: [ 15.562352] <TASK> [ 15.562368] dump_stack_lvl+0x73/0xb0 [ 15.562393] print_report+0xd1/0x650 [ 15.562420] ? __virt_addr_valid+0x1db/0x2d0 [ 15.562443] ? strncpy_from_user+0x1a5/0x1d0 [ 15.562467] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.562492] ? strncpy_from_user+0x1a5/0x1d0 [ 15.562528] kasan_report+0x141/0x180 [ 15.562552] ? strncpy_from_user+0x1a5/0x1d0 [ 15.562582] __asan_report_store1_noabort+0x1b/0x30 [ 15.562605] strncpy_from_user+0x1a5/0x1d0 [ 15.562633] copy_user_test_oob+0x760/0x10f0 [ 15.562657] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.562679] ? finish_task_switch.isra.0+0x153/0x700 [ 15.562705] ? __switch_to+0x5d9/0xf60 [ 15.562726] ? dequeue_task_fair+0x156/0x4e0 [ 15.562752] ? __schedule+0x10cc/0x2b60 [ 15.562777] ? __pfx_read_tsc+0x10/0x10 [ 15.562798] ? ktime_get_ts64+0x86/0x230 [ 15.562827] kunit_try_run_case+0x1a5/0x480 [ 15.562853] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.562886] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.562912] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.562938] ? __kthread_parkme+0x82/0x180 [ 15.562962] ? preempt_count_sub+0x50/0x80 [ 15.562988] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.563011] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.563035] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.563061] kthread+0x337/0x6f0 [ 15.563079] ? trace_preempt_on+0x20/0xc0 [ 15.563105] ? __pfx_kthread+0x10/0x10 [ 15.563124] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.563148] ? calculate_sigpending+0x7b/0xa0 [ 15.563171] ? __pfx_kthread+0x10/0x10 [ 15.563192] ret_from_fork+0x41/0x80 [ 15.563213] ? __pfx_kthread+0x10/0x10 [ 15.563233] ret_from_fork_asm+0x1a/0x30 [ 15.563265] </TASK> [ 15.563276] [ 15.574172] Allocated by task 305: [ 15.574351] kasan_save_stack+0x45/0x70 [ 15.574516] kasan_save_track+0x18/0x40 [ 15.574661] kasan_save_alloc_info+0x3b/0x50 [ 15.574970] __kasan_kmalloc+0xb7/0xc0 [ 15.575166] __kmalloc_noprof+0x1c9/0x500 [ 15.575355] kunit_kmalloc_array+0x25/0x60 [ 15.575501] copy_user_test_oob+0xab/0x10f0 [ 15.575717] kunit_try_run_case+0x1a5/0x480 [ 15.576001] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.576194] kthread+0x337/0x6f0 [ 15.576345] ret_from_fork+0x41/0x80 [ 15.576551] ret_from_fork_asm+0x1a/0x30 [ 15.576757] [ 15.576858] The buggy address belongs to the object at ffff888103606900 [ 15.576858] which belongs to the cache kmalloc-128 of size 128 [ 15.577338] The buggy address is located 0 bytes to the right of [ 15.577338] allocated 120-byte region [ffff888103606900, ffff888103606978) [ 15.577919] [ 15.577996] The buggy address belongs to the physical page: [ 15.578213] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103606 [ 15.578586] flags: 0x200000000000000(node=0|zone=2) [ 15.578783] page_type: f5(slab) [ 15.578915] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.579238] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.579592] page dumped because: kasan: bad access detected [ 15.579863] [ 15.579951] Memory state around the buggy address: [ 15.580151] ffff888103606800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.580424] ffff888103606880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.580692] >ffff888103606900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.581029] ^ [ 15.581282] ffff888103606980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.581664] ffff888103606a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.582004] ================================================================== [ 15.539519] ================================================================== [ 15.539782] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 15.540109] Write of size 121 at addr ffff888103606900 by task kunit_try_catch/305 [ 15.540851] [ 15.540975] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 15.541024] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.541040] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.541063] Call Trace: [ 15.541079] <TASK> [ 15.541095] dump_stack_lvl+0x73/0xb0 [ 15.541123] print_report+0xd1/0x650 [ 15.541149] ? __virt_addr_valid+0x1db/0x2d0 [ 15.541172] ? strncpy_from_user+0x2e/0x1d0 [ 15.541196] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.541221] ? strncpy_from_user+0x2e/0x1d0 [ 15.541246] kasan_report+0x141/0x180 [ 15.541271] ? strncpy_from_user+0x2e/0x1d0 [ 15.541301] kasan_check_range+0x10c/0x1c0 [ 15.541323] __kasan_check_write+0x18/0x20 [ 15.541345] strncpy_from_user+0x2e/0x1d0 [ 15.541369] ? __kasan_check_read+0x15/0x20 [ 15.541393] copy_user_test_oob+0x760/0x10f0 [ 15.541417] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.541439] ? finish_task_switch.isra.0+0x153/0x700 [ 15.541465] ? __switch_to+0x5d9/0xf60 [ 15.541486] ? dequeue_task_fair+0x156/0x4e0 [ 15.541512] ? __schedule+0x10cc/0x2b60 [ 15.541550] ? __pfx_read_tsc+0x10/0x10 [ 15.541572] ? ktime_get_ts64+0x86/0x230 [ 15.541598] kunit_try_run_case+0x1a5/0x480 [ 15.541621] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.541642] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.541668] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.541694] ? __kthread_parkme+0x82/0x180 [ 15.541717] ? preempt_count_sub+0x50/0x80 [ 15.541744] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.541765] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.541790] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.541815] kthread+0x337/0x6f0 [ 15.541834] ? trace_preempt_on+0x20/0xc0 [ 15.541859] ? __pfx_kthread+0x10/0x10 [ 15.541889] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.541913] ? calculate_sigpending+0x7b/0xa0 [ 15.541935] ? __pfx_kthread+0x10/0x10 [ 15.541955] ret_from_fork+0x41/0x80 [ 15.541978] ? __pfx_kthread+0x10/0x10 [ 15.541998] ret_from_fork_asm+0x1a/0x30 [ 15.542029] </TASK> [ 15.542040] [ 15.552404] Allocated by task 305: [ 15.552595] kasan_save_stack+0x45/0x70 [ 15.552779] kasan_save_track+0x18/0x40 [ 15.552990] kasan_save_alloc_info+0x3b/0x50 [ 15.553165] __kasan_kmalloc+0xb7/0xc0 [ 15.553302] __kmalloc_noprof+0x1c9/0x500 [ 15.553446] kunit_kmalloc_array+0x25/0x60 [ 15.553632] copy_user_test_oob+0xab/0x10f0 [ 15.553855] kunit_try_run_case+0x1a5/0x480 [ 15.554077] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.554332] kthread+0x337/0x6f0 [ 15.554493] ret_from_fork+0x41/0x80 [ 15.554666] ret_from_fork_asm+0x1a/0x30 [ 15.554849] [ 15.554935] The buggy address belongs to the object at ffff888103606900 [ 15.554935] which belongs to the cache kmalloc-128 of size 128 [ 15.555430] The buggy address is located 0 bytes inside of [ 15.555430] allocated 120-byte region [ffff888103606900, ffff888103606978) [ 15.555998] [ 15.556106] The buggy address belongs to the physical page: [ 15.556307] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103606 [ 15.556734] flags: 0x200000000000000(node=0|zone=2) [ 15.557042] page_type: f5(slab) [ 15.557425] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.557806] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.558118] page dumped because: kasan: bad access detected [ 15.558296] [ 15.558399] Memory state around the buggy address: [ 15.558625] ffff888103606800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.558869] ffff888103606880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.559377] >ffff888103606900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.559743] ^ [ 15.559993] ffff888103606980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.560214] ffff888103606a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.560539] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 15.490365] ================================================================== [ 15.490782] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 15.491125] Write of size 121 at addr ffff888103606900 by task kunit_try_catch/305 [ 15.491449] [ 15.491546] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 15.491612] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.491626] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.491649] Call Trace: [ 15.491664] <TASK> [ 15.491681] dump_stack_lvl+0x73/0xb0 [ 15.491706] print_report+0xd1/0x650 [ 15.491730] ? __virt_addr_valid+0x1db/0x2d0 [ 15.491752] ? copy_user_test_oob+0x557/0x10f0 [ 15.491774] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.491800] ? copy_user_test_oob+0x557/0x10f0 [ 15.491822] kasan_report+0x141/0x180 [ 15.491846] ? copy_user_test_oob+0x557/0x10f0 [ 15.491885] kasan_check_range+0x10c/0x1c0 [ 15.491907] __kasan_check_write+0x18/0x20 [ 15.491929] copy_user_test_oob+0x557/0x10f0 [ 15.491953] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.491974] ? finish_task_switch.isra.0+0x153/0x700 [ 15.491999] ? __switch_to+0x5d9/0xf60 [ 15.492020] ? dequeue_task_fair+0x156/0x4e0 [ 15.492046] ? __schedule+0x10cc/0x2b60 [ 15.492070] ? __pfx_read_tsc+0x10/0x10 [ 15.492093] ? ktime_get_ts64+0x86/0x230 [ 15.492122] kunit_try_run_case+0x1a5/0x480 [ 15.492147] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.492169] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.492194] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.492220] ? __kthread_parkme+0x82/0x180 [ 15.492244] ? preempt_count_sub+0x50/0x80 [ 15.492269] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.492292] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.492317] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.492343] kthread+0x337/0x6f0 [ 15.492362] ? trace_preempt_on+0x20/0xc0 [ 15.492386] ? __pfx_kthread+0x10/0x10 [ 15.492406] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.492429] ? calculate_sigpending+0x7b/0xa0 [ 15.492451] ? __pfx_kthread+0x10/0x10 [ 15.492471] ret_from_fork+0x41/0x80 [ 15.492492] ? __pfx_kthread+0x10/0x10 [ 15.492512] ret_from_fork_asm+0x1a/0x30 [ 15.492555] </TASK> [ 15.492567] [ 15.499794] Allocated by task 305: [ 15.499960] kasan_save_stack+0x45/0x70 [ 15.500109] kasan_save_track+0x18/0x40 [ 15.500247] kasan_save_alloc_info+0x3b/0x50 [ 15.500395] __kasan_kmalloc+0xb7/0xc0 [ 15.500588] __kmalloc_noprof+0x1c9/0x500 [ 15.500899] kunit_kmalloc_array+0x25/0x60 [ 15.501349] copy_user_test_oob+0xab/0x10f0 [ 15.501529] kunit_try_run_case+0x1a5/0x480 [ 15.501677] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.501855] kthread+0x337/0x6f0 [ 15.502727] ret_from_fork+0x41/0x80 [ 15.502932] ret_from_fork_asm+0x1a/0x30 [ 15.503132] [ 15.503232] The buggy address belongs to the object at ffff888103606900 [ 15.503232] which belongs to the cache kmalloc-128 of size 128 [ 15.504271] The buggy address is located 0 bytes inside of [ 15.504271] allocated 120-byte region [ffff888103606900, ffff888103606978) [ 15.504996] [ 15.505096] The buggy address belongs to the physical page: [ 15.505329] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103606 [ 15.506053] flags: 0x200000000000000(node=0|zone=2) [ 15.506311] page_type: f5(slab) [ 15.506597] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.507201] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.507909] page dumped because: kasan: bad access detected [ 15.508150] [ 15.508243] Memory state around the buggy address: [ 15.508450] ffff888103606800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.509024] ffff888103606880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.509528] >ffff888103606900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.509963] ^ [ 15.510267] ffff888103606980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.510848] ffff888103606a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.511312] ================================================================== [ 15.512565] ================================================================== [ 15.512934] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 15.513360] Read of size 121 at addr ffff888103606900 by task kunit_try_catch/305 [ 15.514024] [ 15.514334] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 15.514394] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.514409] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.514433] Call Trace: [ 15.514450] <TASK> [ 15.514467] dump_stack_lvl+0x73/0xb0 [ 15.514531] print_report+0xd1/0x650 [ 15.514556] ? __virt_addr_valid+0x1db/0x2d0 [ 15.514580] ? copy_user_test_oob+0x604/0x10f0 [ 15.514602] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.514626] ? copy_user_test_oob+0x604/0x10f0 [ 15.514648] kasan_report+0x141/0x180 [ 15.514673] ? copy_user_test_oob+0x604/0x10f0 [ 15.514700] kasan_check_range+0x10c/0x1c0 [ 15.514723] __kasan_check_read+0x15/0x20 [ 15.514745] copy_user_test_oob+0x604/0x10f0 [ 15.514769] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.514790] ? finish_task_switch.isra.0+0x153/0x700 [ 15.514816] ? __switch_to+0x5d9/0xf60 [ 15.514838] ? dequeue_task_fair+0x156/0x4e0 [ 15.514864] ? __schedule+0x10cc/0x2b60 [ 15.514899] ? __pfx_read_tsc+0x10/0x10 [ 15.514921] ? ktime_get_ts64+0x86/0x230 [ 15.514947] kunit_try_run_case+0x1a5/0x480 [ 15.514970] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.514991] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.515017] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.515042] ? __kthread_parkme+0x82/0x180 [ 15.515065] ? preempt_count_sub+0x50/0x80 [ 15.515091] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.515114] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.515140] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.515167] kthread+0x337/0x6f0 [ 15.515185] ? trace_preempt_on+0x20/0xc0 [ 15.515209] ? __pfx_kthread+0x10/0x10 [ 15.515229] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.515252] ? calculate_sigpending+0x7b/0xa0 [ 15.515274] ? __pfx_kthread+0x10/0x10 [ 15.515295] ret_from_fork+0x41/0x80 [ 15.515317] ? __pfx_kthread+0x10/0x10 [ 15.515337] ret_from_fork_asm+0x1a/0x30 [ 15.515368] </TASK> [ 15.515381] [ 15.526683] Allocated by task 305: [ 15.526868] kasan_save_stack+0x45/0x70 [ 15.527071] kasan_save_track+0x18/0x40 [ 15.527257] kasan_save_alloc_info+0x3b/0x50 [ 15.527460] __kasan_kmalloc+0xb7/0xc0 [ 15.527945] __kmalloc_noprof+0x1c9/0x500 [ 15.528277] kunit_kmalloc_array+0x25/0x60 [ 15.528707] copy_user_test_oob+0xab/0x10f0 [ 15.529135] kunit_try_run_case+0x1a5/0x480 [ 15.529410] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.529840] kthread+0x337/0x6f0 [ 15.530029] ret_from_fork+0x41/0x80 [ 15.530205] ret_from_fork_asm+0x1a/0x30 [ 15.530396] [ 15.530495] The buggy address belongs to the object at ffff888103606900 [ 15.530495] which belongs to the cache kmalloc-128 of size 128 [ 15.531014] The buggy address is located 0 bytes inside of [ 15.531014] allocated 120-byte region [ffff888103606900, ffff888103606978) [ 15.531906] [ 15.532019] The buggy address belongs to the physical page: [ 15.532445] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103606 [ 15.533178] flags: 0x200000000000000(node=0|zone=2) [ 15.533738] page_type: f5(slab) [ 15.534043] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.534555] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.535175] page dumped because: kasan: bad access detected [ 15.535485] [ 15.535728] Memory state around the buggy address: [ 15.535973] ffff888103606800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.536269] ffff888103606880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.536847] >ffff888103606900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.537307] ^ [ 15.537863] ffff888103606980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.538489] ffff888103606a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.538833] ================================================================== [ 15.441449] ================================================================== [ 15.441798] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 15.442160] Write of size 121 at addr ffff888103606900 by task kunit_try_catch/305 [ 15.442502] [ 15.442630] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 15.442677] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.442713] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.442736] Call Trace: [ 15.442752] <TASK> [ 15.442769] dump_stack_lvl+0x73/0xb0 [ 15.442797] print_report+0xd1/0x650 [ 15.442823] ? __virt_addr_valid+0x1db/0x2d0 [ 15.442848] ? copy_user_test_oob+0x3fd/0x10f0 [ 15.442905] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.442932] ? copy_user_test_oob+0x3fd/0x10f0 [ 15.442954] kasan_report+0x141/0x180 [ 15.442979] ? copy_user_test_oob+0x3fd/0x10f0 [ 15.443006] kasan_check_range+0x10c/0x1c0 [ 15.443029] __kasan_check_write+0x18/0x20 [ 15.443051] copy_user_test_oob+0x3fd/0x10f0 [ 15.443075] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.443096] ? finish_task_switch.isra.0+0x153/0x700 [ 15.443123] ? __switch_to+0x5d9/0xf60 [ 15.443144] ? dequeue_task_fair+0x156/0x4e0 [ 15.443170] ? __schedule+0x10cc/0x2b60 [ 15.443196] ? __pfx_read_tsc+0x10/0x10 [ 15.443217] ? ktime_get_ts64+0x86/0x230 [ 15.443263] kunit_try_run_case+0x1a5/0x480 [ 15.443286] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.443307] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.443333] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.443361] ? __kthread_parkme+0x82/0x180 [ 15.443384] ? preempt_count_sub+0x50/0x80 [ 15.443410] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.443452] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.443478] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.443504] kthread+0x337/0x6f0 [ 15.443522] ? trace_preempt_on+0x20/0xc0 [ 15.443547] ? __pfx_kthread+0x10/0x10 [ 15.443567] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.443597] ? calculate_sigpending+0x7b/0xa0 [ 15.443621] ? __pfx_kthread+0x10/0x10 [ 15.443640] ret_from_fork+0x41/0x80 [ 15.443662] ? __pfx_kthread+0x10/0x10 [ 15.443682] ret_from_fork_asm+0x1a/0x30 [ 15.443716] </TASK> [ 15.443728] [ 15.451428] Allocated by task 305: [ 15.451613] kasan_save_stack+0x45/0x70 [ 15.451825] kasan_save_track+0x18/0x40 [ 15.451993] kasan_save_alloc_info+0x3b/0x50 [ 15.452226] __kasan_kmalloc+0xb7/0xc0 [ 15.452426] __kmalloc_noprof+0x1c9/0x500 [ 15.452654] kunit_kmalloc_array+0x25/0x60 [ 15.452857] copy_user_test_oob+0xab/0x10f0 [ 15.453015] kunit_try_run_case+0x1a5/0x480 [ 15.453162] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.453421] kthread+0x337/0x6f0 [ 15.453676] ret_from_fork+0x41/0x80 [ 15.453920] ret_from_fork_asm+0x1a/0x30 [ 15.454137] [ 15.454213] The buggy address belongs to the object at ffff888103606900 [ 15.454213] which belongs to the cache kmalloc-128 of size 128 [ 15.454856] The buggy address is located 0 bytes inside of [ 15.454856] allocated 120-byte region [ffff888103606900, ffff888103606978) [ 15.455398] [ 15.455530] The buggy address belongs to the physical page: [ 15.455752] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103606 [ 15.456101] flags: 0x200000000000000(node=0|zone=2) [ 15.456343] page_type: f5(slab) [ 15.456468] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.456704] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.456958] page dumped because: kasan: bad access detected [ 15.457134] [ 15.458008] Memory state around the buggy address: [ 15.458291] ffff888103606800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.458626] ffff888103606880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.459693] >ffff888103606900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.459939] ^ [ 15.461035] ffff888103606980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.461304] ffff888103606a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.461537] ================================================================== [ 15.462003] ================================================================== [ 15.463682] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 15.464240] Read of size 121 at addr ffff888103606900 by task kunit_try_catch/305 [ 15.464476] [ 15.465044] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 15.465097] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.465112] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.465145] Call Trace: [ 15.465162] <TASK> [ 15.465178] dump_stack_lvl+0x73/0xb0 [ 15.465206] print_report+0xd1/0x650 [ 15.465231] ? __virt_addr_valid+0x1db/0x2d0 [ 15.465255] ? copy_user_test_oob+0x4aa/0x10f0 [ 15.465277] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.465302] ? copy_user_test_oob+0x4aa/0x10f0 [ 15.465324] kasan_report+0x141/0x180 [ 15.465349] ? copy_user_test_oob+0x4aa/0x10f0 [ 15.465375] kasan_check_range+0x10c/0x1c0 [ 15.465399] __kasan_check_read+0x15/0x20 [ 15.465420] copy_user_test_oob+0x4aa/0x10f0 [ 15.465445] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.465466] ? finish_task_switch.isra.0+0x153/0x700 [ 15.465491] ? __switch_to+0x5d9/0xf60 [ 15.465662] ? dequeue_task_fair+0x156/0x4e0 [ 15.465691] ? __schedule+0x10cc/0x2b60 [ 15.465718] ? __pfx_read_tsc+0x10/0x10 [ 15.465740] ? ktime_get_ts64+0x86/0x230 [ 15.465801] kunit_try_run_case+0x1a5/0x480 [ 15.465828] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.465850] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.465890] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.465927] ? __kthread_parkme+0x82/0x180 [ 15.465951] ? preempt_count_sub+0x50/0x80 [ 15.465988] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.466011] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.466036] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.466062] kthread+0x337/0x6f0 [ 15.466081] ? trace_preempt_on+0x20/0xc0 [ 15.466106] ? __pfx_kthread+0x10/0x10 [ 15.466126] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.466150] ? calculate_sigpending+0x7b/0xa0 [ 15.466173] ? __pfx_kthread+0x10/0x10 [ 15.466193] ret_from_fork+0x41/0x80 [ 15.466214] ? __pfx_kthread+0x10/0x10 [ 15.466234] ret_from_fork_asm+0x1a/0x30 [ 15.466265] </TASK> [ 15.466278] [ 15.479022] Allocated by task 305: [ 15.479390] kasan_save_stack+0x45/0x70 [ 15.479735] kasan_save_track+0x18/0x40 [ 15.479950] kasan_save_alloc_info+0x3b/0x50 [ 15.480361] __kasan_kmalloc+0xb7/0xc0 [ 15.480543] __kmalloc_noprof+0x1c9/0x500 [ 15.480985] kunit_kmalloc_array+0x25/0x60 [ 15.481173] copy_user_test_oob+0xab/0x10f0 [ 15.481476] kunit_try_run_case+0x1a5/0x480 [ 15.481958] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.482389] kthread+0x337/0x6f0 [ 15.482591] ret_from_fork+0x41/0x80 [ 15.482961] ret_from_fork_asm+0x1a/0x30 [ 15.483102] [ 15.483176] The buggy address belongs to the object at ffff888103606900 [ 15.483176] which belongs to the cache kmalloc-128 of size 128 [ 15.483531] The buggy address is located 0 bytes inside of [ 15.483531] allocated 120-byte region [ffff888103606900, ffff888103606978) [ 15.484621] [ 15.484794] The buggy address belongs to the physical page: [ 15.485300] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103606 [ 15.486017] flags: 0x200000000000000(node=0|zone=2) [ 15.486476] page_type: f5(slab) [ 15.486844] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.487483] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.487727] page dumped because: kasan: bad access detected [ 15.487909] [ 15.487979] Memory state around the buggy address: [ 15.488130] ffff888103606800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.488340] ffff888103606880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.488563] >ffff888103606900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.488777] ^ [ 15.489103] ffff888103606980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.489369] ffff888103606a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.489844] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 15.418406] ================================================================== [ 15.418850] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x4a/0x70 [ 15.419270] Read of size 121 at addr ffff888103606900 by task kunit_try_catch/305 [ 15.419638] [ 15.419738] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 15.419803] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.419817] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.419854] Call Trace: [ 15.419869] <TASK> [ 15.419895] dump_stack_lvl+0x73/0xb0 [ 15.419922] print_report+0xd1/0x650 [ 15.419947] ? __virt_addr_valid+0x1db/0x2d0 [ 15.419970] ? _copy_to_user+0x4a/0x70 [ 15.419991] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.420017] ? _copy_to_user+0x4a/0x70 [ 15.420038] kasan_report+0x141/0x180 [ 15.420063] ? _copy_to_user+0x4a/0x70 [ 15.420090] kasan_check_range+0x10c/0x1c0 [ 15.420134] __kasan_check_read+0x15/0x20 [ 15.420157] _copy_to_user+0x4a/0x70 [ 15.420179] copy_user_test_oob+0x364/0x10f0 [ 15.420205] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.420225] ? finish_task_switch.isra.0+0x153/0x700 [ 15.420252] ? __switch_to+0x5d9/0xf60 [ 15.420292] ? dequeue_task_fair+0x156/0x4e0 [ 15.420317] ? __schedule+0x10cc/0x2b60 [ 15.420343] ? __pfx_read_tsc+0x10/0x10 [ 15.420365] ? ktime_get_ts64+0x86/0x230 [ 15.420392] kunit_try_run_case+0x1a5/0x480 [ 15.420415] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.420436] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.420461] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.420487] ? __kthread_parkme+0x82/0x180 [ 15.420522] ? preempt_count_sub+0x50/0x80 [ 15.420548] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.420571] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.420596] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.420622] kthread+0x337/0x6f0 [ 15.420641] ? trace_preempt_on+0x20/0xc0 [ 15.420665] ? __pfx_kthread+0x10/0x10 [ 15.420685] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.420709] ? calculate_sigpending+0x7b/0xa0 [ 15.420733] ? __pfx_kthread+0x10/0x10 [ 15.420753] ret_from_fork+0x41/0x80 [ 15.420776] ? __pfx_kthread+0x10/0x10 [ 15.420796] ret_from_fork_asm+0x1a/0x30 [ 15.420828] </TASK> [ 15.420841] [ 15.428985] Allocated by task 305: [ 15.429184] kasan_save_stack+0x45/0x70 [ 15.429371] kasan_save_track+0x18/0x40 [ 15.429509] kasan_save_alloc_info+0x3b/0x50 [ 15.429760] __kasan_kmalloc+0xb7/0xc0 [ 15.430002] __kmalloc_noprof+0x1c9/0x500 [ 15.430221] kunit_kmalloc_array+0x25/0x60 [ 15.430434] copy_user_test_oob+0xab/0x10f0 [ 15.430619] kunit_try_run_case+0x1a5/0x480 [ 15.430764] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.431214] kthread+0x337/0x6f0 [ 15.431423] ret_from_fork+0x41/0x80 [ 15.431740] ret_from_fork_asm+0x1a/0x30 [ 15.431963] [ 15.432039] The buggy address belongs to the object at ffff888103606900 [ 15.432039] which belongs to the cache kmalloc-128 of size 128 [ 15.432504] The buggy address is located 0 bytes inside of [ 15.432504] allocated 120-byte region [ffff888103606900, ffff888103606978) [ 15.433122] [ 15.433229] The buggy address belongs to the physical page: [ 15.433502] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103606 [ 15.433748] flags: 0x200000000000000(node=0|zone=2) [ 15.433922] page_type: f5(slab) [ 15.434043] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.434383] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.434755] page dumped because: kasan: bad access detected [ 15.435019] [ 15.435116] Memory state around the buggy address: [ 15.435278] ffff888103606800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.435491] ffff888103606880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.435832] >ffff888103606900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.436256] ^ [ 15.436625] ffff888103606980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.436959] ffff888103606a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.437251] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 15.389114] ================================================================== [ 15.390025] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 15.390456] Write of size 121 at addr ffff888103606900 by task kunit_try_catch/305 [ 15.391123] [ 15.391258] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 15.391311] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.391326] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.391353] Call Trace: [ 15.391368] <TASK> [ 15.391388] dump_stack_lvl+0x73/0xb0 [ 15.391420] print_report+0xd1/0x650 [ 15.391448] ? __virt_addr_valid+0x1db/0x2d0 [ 15.391473] ? _copy_from_user+0x32/0x90 [ 15.391495] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.391521] ? _copy_from_user+0x32/0x90 [ 15.391543] kasan_report+0x141/0x180 [ 15.391567] ? _copy_from_user+0x32/0x90 [ 15.391605] kasan_check_range+0x10c/0x1c0 [ 15.391628] __kasan_check_write+0x18/0x20 [ 15.391650] _copy_from_user+0x32/0x90 [ 15.391673] copy_user_test_oob+0x2be/0x10f0 [ 15.391698] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.391719] ? finish_task_switch.isra.0+0x153/0x700 [ 15.391745] ? __switch_to+0x5d9/0xf60 [ 15.391769] ? dequeue_task_fair+0x156/0x4e0 [ 15.391795] ? __schedule+0x10cc/0x2b60 [ 15.391821] ? __pfx_read_tsc+0x10/0x10 [ 15.391842] ? ktime_get_ts64+0x86/0x230 [ 15.391870] kunit_try_run_case+0x1a5/0x480 [ 15.391904] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.391925] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.391953] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.391982] ? __kthread_parkme+0x82/0x180 [ 15.392032] ? preempt_count_sub+0x50/0x80 [ 15.392059] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.392083] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.392110] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.392137] kthread+0x337/0x6f0 [ 15.392155] ? trace_preempt_on+0x20/0xc0 [ 15.392183] ? __pfx_kthread+0x10/0x10 [ 15.392203] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.392227] ? calculate_sigpending+0x7b/0xa0 [ 15.392252] ? __pfx_kthread+0x10/0x10 [ 15.392273] ret_from_fork+0x41/0x80 [ 15.392295] ? __pfx_kthread+0x10/0x10 [ 15.392315] ret_from_fork_asm+0x1a/0x30 [ 15.392349] </TASK> [ 15.392362] [ 15.403306] Allocated by task 305: [ 15.403492] kasan_save_stack+0x45/0x70 [ 15.403702] kasan_save_track+0x18/0x40 [ 15.403900] kasan_save_alloc_info+0x3b/0x50 [ 15.404101] __kasan_kmalloc+0xb7/0xc0 [ 15.404285] __kmalloc_noprof+0x1c9/0x500 [ 15.404480] kunit_kmalloc_array+0x25/0x60 [ 15.405092] copy_user_test_oob+0xab/0x10f0 [ 15.405303] kunit_try_run_case+0x1a5/0x480 [ 15.405726] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.406118] kthread+0x337/0x6f0 [ 15.406497] ret_from_fork+0x41/0x80 [ 15.406823] ret_from_fork_asm+0x1a/0x30 [ 15.407157] [ 15.407258] The buggy address belongs to the object at ffff888103606900 [ 15.407258] which belongs to the cache kmalloc-128 of size 128 [ 15.408070] The buggy address is located 0 bytes inside of [ 15.408070] allocated 120-byte region [ffff888103606900, ffff888103606978) [ 15.409004] [ 15.409239] The buggy address belongs to the physical page: [ 15.409487] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103606 [ 15.409818] flags: 0x200000000000000(node=0|zone=2) [ 15.410217] page_type: f5(slab) [ 15.410388] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.410989] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.411526] page dumped because: kasan: bad access detected [ 15.411790] [ 15.411898] Memory state around the buggy address: [ 15.412117] ffff888103606800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.412416] ffff888103606880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.413131] >ffff888103606900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.413671] ^ [ 15.414111] ffff888103606980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.414423] ffff888103606a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.414969] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 15.329687] ================================================================== [ 15.331379] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 15.332189] Read of size 8 at addr ffff8881029e8578 by task kunit_try_catch/301 [ 15.332776] [ 15.332984] CPU: 1 UID: 0 PID: 301 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 15.333040] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.333054] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.333081] Call Trace: [ 15.333097] <TASK> [ 15.333119] dump_stack_lvl+0x73/0xb0 [ 15.333150] print_report+0xd1/0x650 [ 15.333179] ? __virt_addr_valid+0x1db/0x2d0 [ 15.333206] ? copy_to_kernel_nofault+0x225/0x260 [ 15.333229] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.333255] ? copy_to_kernel_nofault+0x225/0x260 [ 15.333277] kasan_report+0x141/0x180 [ 15.333302] ? copy_to_kernel_nofault+0x225/0x260 [ 15.333329] __asan_report_load8_noabort+0x18/0x20 [ 15.333353] copy_to_kernel_nofault+0x225/0x260 [ 15.333377] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 15.333404] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 15.333430] ? finish_task_switch.isra.0+0x153/0x700 [ 15.333458] ? __schedule+0x10cc/0x2b60 [ 15.333483] ? trace_hardirqs_on+0x37/0xe0 [ 15.333541] ? __pfx_read_tsc+0x10/0x10 [ 15.333564] ? ktime_get_ts64+0x86/0x230 [ 15.333593] kunit_try_run_case+0x1a5/0x480 [ 15.333618] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.333639] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.333665] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.333692] ? __kthread_parkme+0x82/0x180 [ 15.333717] ? preempt_count_sub+0x50/0x80 [ 15.333743] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.333765] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.333791] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.333820] kthread+0x337/0x6f0 [ 15.333840] ? trace_preempt_on+0x20/0xc0 [ 15.333866] ? __pfx_kthread+0x10/0x10 [ 15.333919] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.333944] ? calculate_sigpending+0x7b/0xa0 [ 15.333969] ? __pfx_kthread+0x10/0x10 [ 15.333990] ret_from_fork+0x41/0x80 [ 15.334013] ? __pfx_kthread+0x10/0x10 [ 15.334033] ret_from_fork_asm+0x1a/0x30 [ 15.334066] </TASK> [ 15.334079] [ 15.344713] Allocated by task 301: [ 15.344986] kasan_save_stack+0x45/0x70 [ 15.345196] kasan_save_track+0x18/0x40 [ 15.345366] kasan_save_alloc_info+0x3b/0x50 [ 15.345536] __kasan_kmalloc+0xb7/0xc0 [ 15.345753] __kmalloc_cache_noprof+0x189/0x420 [ 15.346113] copy_to_kernel_nofault_oob+0x12f/0x560 [ 15.346343] kunit_try_run_case+0x1a5/0x480 [ 15.346574] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.346853] kthread+0x337/0x6f0 [ 15.347042] ret_from_fork+0x41/0x80 [ 15.347258] ret_from_fork_asm+0x1a/0x30 [ 15.347447] [ 15.347525] The buggy address belongs to the object at ffff8881029e8500 [ 15.347525] which belongs to the cache kmalloc-128 of size 128 [ 15.348094] The buggy address is located 0 bytes to the right of [ 15.348094] allocated 120-byte region [ffff8881029e8500, ffff8881029e8578) [ 15.348581] [ 15.348662] The buggy address belongs to the physical page: [ 15.348945] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e8 [ 15.349304] flags: 0x200000000000000(node=0|zone=2) [ 15.349631] page_type: f5(slab) [ 15.349818] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.350261] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.350597] page dumped because: kasan: bad access detected [ 15.350849] [ 15.351045] Memory state around the buggy address: [ 15.351302] ffff8881029e8400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.351598] ffff8881029e8480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.351902] >ffff8881029e8500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.352196] ^ [ 15.352436] ffff8881029e8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.352981] ffff8881029e8600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.353303] ================================================================== [ 15.354305] ================================================================== [ 15.354767] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 15.355162] Write of size 8 at addr ffff8881029e8578 by task kunit_try_catch/301 [ 15.355507] [ 15.355625] CPU: 1 UID: 0 PID: 301 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 15.355671] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.355685] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.355709] Call Trace: [ 15.355724] <TASK> [ 15.355740] dump_stack_lvl+0x73/0xb0 [ 15.355768] print_report+0xd1/0x650 [ 15.355794] ? __virt_addr_valid+0x1db/0x2d0 [ 15.355818] ? copy_to_kernel_nofault+0x99/0x260 [ 15.355862] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.355900] ? copy_to_kernel_nofault+0x99/0x260 [ 15.355922] kasan_report+0x141/0x180 [ 15.355966] ? copy_to_kernel_nofault+0x99/0x260 [ 15.355993] kasan_check_range+0x10c/0x1c0 [ 15.356029] __kasan_check_write+0x18/0x20 [ 15.356065] copy_to_kernel_nofault+0x99/0x260 [ 15.356089] copy_to_kernel_nofault_oob+0x288/0x560 [ 15.356116] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 15.356164] ? finish_task_switch.isra.0+0x153/0x700 [ 15.356191] ? __schedule+0x10cc/0x2b60 [ 15.356215] ? trace_hardirqs_on+0x37/0xe0 [ 15.356248] ? __pfx_read_tsc+0x10/0x10 [ 15.356270] ? ktime_get_ts64+0x86/0x230 [ 15.356297] kunit_try_run_case+0x1a5/0x480 [ 15.356320] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.356341] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.356367] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.356394] ? __kthread_parkme+0x82/0x180 [ 15.356418] ? preempt_count_sub+0x50/0x80 [ 15.356444] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.356466] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.356492] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.356528] kthread+0x337/0x6f0 [ 15.356565] ? trace_preempt_on+0x20/0xc0 [ 15.356590] ? __pfx_kthread+0x10/0x10 [ 15.356611] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.356652] ? calculate_sigpending+0x7b/0xa0 [ 15.356676] ? __pfx_kthread+0x10/0x10 [ 15.356696] ret_from_fork+0x41/0x80 [ 15.356719] ? __pfx_kthread+0x10/0x10 [ 15.356738] ret_from_fork_asm+0x1a/0x30 [ 15.356772] </TASK> [ 15.356785] [ 15.365286] Allocated by task 301: [ 15.365494] kasan_save_stack+0x45/0x70 [ 15.365714] kasan_save_track+0x18/0x40 [ 15.365915] kasan_save_alloc_info+0x3b/0x50 [ 15.366153] __kasan_kmalloc+0xb7/0xc0 [ 15.366345] __kmalloc_cache_noprof+0x189/0x420 [ 15.366662] copy_to_kernel_nofault_oob+0x12f/0x560 [ 15.367078] kunit_try_run_case+0x1a5/0x480 [ 15.367306] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.367500] kthread+0x337/0x6f0 [ 15.367682] ret_from_fork+0x41/0x80 [ 15.367820] ret_from_fork_asm+0x1a/0x30 [ 15.367971] [ 15.368066] The buggy address belongs to the object at ffff8881029e8500 [ 15.368066] which belongs to the cache kmalloc-128 of size 128 [ 15.368598] The buggy address is located 0 bytes to the right of [ 15.368598] allocated 120-byte region [ffff8881029e8500, ffff8881029e8578) [ 15.369201] [ 15.369302] The buggy address belongs to the physical page: [ 15.369772] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e8 [ 15.370083] flags: 0x200000000000000(node=0|zone=2) [ 15.370247] page_type: f5(slab) [ 15.370370] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.371319] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.371748] page dumped because: kasan: bad access detected [ 15.372258] [ 15.372462] Memory state around the buggy address: [ 15.373060] ffff8881029e8400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.374100] ffff8881029e8480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.374418] >ffff8881029e8500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.374757] ^ [ 15.375323] ffff8881029e8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.375764] ffff8881029e8600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.376245] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 14.365354] ================================================================== [ 14.365663] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 14.366340] Write of size 4 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 14.367178] [ 14.367409] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 14.367460] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.367475] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.367498] Call Trace: [ 14.367516] <TASK> [ 14.367532] dump_stack_lvl+0x73/0xb0 [ 14.367561] print_report+0xd1/0x650 [ 14.367597] ? __virt_addr_valid+0x1db/0x2d0 [ 14.367621] ? kasan_atomics_helper+0xf10/0x5450 [ 14.367646] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.367673] ? kasan_atomics_helper+0xf10/0x5450 [ 14.367698] kasan_report+0x141/0x180 [ 14.367724] ? kasan_atomics_helper+0xf10/0x5450 [ 14.367754] kasan_check_range+0x10c/0x1c0 [ 14.367777] __kasan_check_write+0x18/0x20 [ 14.367800] kasan_atomics_helper+0xf10/0x5450 [ 14.367827] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.367852] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.367904] ? kasan_atomics+0x152/0x310 [ 14.367931] kasan_atomics+0x1dc/0x310 [ 14.367953] ? __pfx_kasan_atomics+0x10/0x10 [ 14.367977] ? __pfx_read_tsc+0x10/0x10 [ 14.368000] ? ktime_get_ts64+0x86/0x230 [ 14.368028] kunit_try_run_case+0x1a5/0x480 [ 14.368053] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.368075] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.368102] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.368130] ? __kthread_parkme+0x82/0x180 [ 14.368154] ? preempt_count_sub+0x50/0x80 [ 14.368182] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.368206] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.368232] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.368259] kthread+0x337/0x6f0 [ 14.368279] ? trace_preempt_on+0x20/0xc0 [ 14.368304] ? __pfx_kthread+0x10/0x10 [ 14.368325] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.368351] ? calculate_sigpending+0x7b/0xa0 [ 14.368375] ? __pfx_kthread+0x10/0x10 [ 14.368395] ret_from_fork+0x41/0x80 [ 14.368419] ? __pfx_kthread+0x10/0x10 [ 14.368439] ret_from_fork_asm+0x1a/0x30 [ 14.368471] </TASK> [ 14.368484] [ 14.379140] Allocated by task 285: [ 14.379307] kasan_save_stack+0x45/0x70 [ 14.379523] kasan_save_track+0x18/0x40 [ 14.379704] kasan_save_alloc_info+0x3b/0x50 [ 14.379857] __kasan_kmalloc+0xb7/0xc0 [ 14.380007] __kmalloc_cache_noprof+0x189/0x420 [ 14.380217] kasan_atomics+0x95/0x310 [ 14.380409] kunit_try_run_case+0x1a5/0x480 [ 14.380661] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.381144] kthread+0x337/0x6f0 [ 14.381333] ret_from_fork+0x41/0x80 [ 14.381480] ret_from_fork_asm+0x1a/0x30 [ 14.381702] [ 14.381804] The buggy address belongs to the object at ffff8881029e6b00 [ 14.381804] which belongs to the cache kmalloc-64 of size 64 [ 14.382337] The buggy address is located 0 bytes to the right of [ 14.382337] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 14.383072] [ 14.383154] The buggy address belongs to the physical page: [ 14.383332] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 14.383693] flags: 0x200000000000000(node=0|zone=2) [ 14.383947] page_type: f5(slab) [ 14.384244] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.384729] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.385108] page dumped because: kasan: bad access detected [ 14.385364] [ 14.385441] Memory state around the buggy address: [ 14.385603] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.385945] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.386270] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.386745] ^ [ 14.387030] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.387335] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.387605] ================================================================== [ 15.091732] ================================================================== [ 15.092440] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 15.093027] Write of size 8 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 15.093742] [ 15.093865] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 15.093959] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.093974] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.093998] Call Trace: [ 15.094015] <TASK> [ 15.094033] dump_stack_lvl+0x73/0xb0 [ 15.094061] print_report+0xd1/0x650 [ 15.094087] ? __virt_addr_valid+0x1db/0x2d0 [ 15.094111] ? kasan_atomics_helper+0x1f43/0x5450 [ 15.094135] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.094160] ? kasan_atomics_helper+0x1f43/0x5450 [ 15.094185] kasan_report+0x141/0x180 [ 15.094210] ? kasan_atomics_helper+0x1f43/0x5450 [ 15.094240] kasan_check_range+0x10c/0x1c0 [ 15.094262] __kasan_check_write+0x18/0x20 [ 15.094285] kasan_atomics_helper+0x1f43/0x5450 [ 15.094310] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.094336] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.094360] ? kasan_atomics+0x152/0x310 [ 15.094385] kasan_atomics+0x1dc/0x310 [ 15.094407] ? __pfx_kasan_atomics+0x10/0x10 [ 15.094431] ? __pfx_read_tsc+0x10/0x10 [ 15.094453] ? ktime_get_ts64+0x86/0x230 [ 15.094480] kunit_try_run_case+0x1a5/0x480 [ 15.094525] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.094548] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.094574] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.094602] ? __kthread_parkme+0x82/0x180 [ 15.094627] ? preempt_count_sub+0x50/0x80 [ 15.094655] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.094678] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.094704] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.094730] kthread+0x337/0x6f0 [ 15.094749] ? trace_preempt_on+0x20/0xc0 [ 15.094775] ? __pfx_kthread+0x10/0x10 [ 15.094796] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.094822] ? calculate_sigpending+0x7b/0xa0 [ 15.094846] ? __pfx_kthread+0x10/0x10 [ 15.094867] ret_from_fork+0x41/0x80 [ 15.094903] ? __pfx_kthread+0x10/0x10 [ 15.094924] ret_from_fork_asm+0x1a/0x30 [ 15.094957] </TASK> [ 15.094969] [ 15.104028] Allocated by task 285: [ 15.104166] kasan_save_stack+0x45/0x70 [ 15.104404] kasan_save_track+0x18/0x40 [ 15.104713] kasan_save_alloc_info+0x3b/0x50 [ 15.104951] __kasan_kmalloc+0xb7/0xc0 [ 15.105136] __kmalloc_cache_noprof+0x189/0x420 [ 15.105333] kasan_atomics+0x95/0x310 [ 15.105545] kunit_try_run_case+0x1a5/0x480 [ 15.105757] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.106000] kthread+0x337/0x6f0 [ 15.106194] ret_from_fork+0x41/0x80 [ 15.106400] ret_from_fork_asm+0x1a/0x30 [ 15.106631] [ 15.106707] The buggy address belongs to the object at ffff8881029e6b00 [ 15.106707] which belongs to the cache kmalloc-64 of size 64 [ 15.107211] The buggy address is located 0 bytes to the right of [ 15.107211] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 15.107762] [ 15.107852] The buggy address belongs to the physical page: [ 15.108138] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 15.108552] flags: 0x200000000000000(node=0|zone=2) [ 15.108747] page_type: f5(slab) [ 15.108869] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.109223] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.109546] page dumped because: kasan: bad access detected [ 15.109881] [ 15.110000] Memory state around the buggy address: [ 15.110198] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.110495] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.110849] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.111206] ^ [ 15.111433] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.111854] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.112114] ================================================================== [ 15.112500] ================================================================== [ 15.112862] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 15.113463] Read of size 8 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 15.113857] [ 15.113985] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 15.114033] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.114047] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.114069] Call Trace: [ 15.114086] <TASK> [ 15.114102] dump_stack_lvl+0x73/0xb0 [ 15.114129] print_report+0xd1/0x650 [ 15.114155] ? __virt_addr_valid+0x1db/0x2d0 [ 15.114179] ? kasan_atomics_helper+0x4f71/0x5450 [ 15.114204] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.114230] ? kasan_atomics_helper+0x4f71/0x5450 [ 15.114255] kasan_report+0x141/0x180 [ 15.114279] ? kasan_atomics_helper+0x4f71/0x5450 [ 15.114331] __asan_report_load8_noabort+0x18/0x20 [ 15.114356] kasan_atomics_helper+0x4f71/0x5450 [ 15.114383] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.114424] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.114448] ? kasan_atomics+0x152/0x310 [ 15.114487] kasan_atomics+0x1dc/0x310 [ 15.114519] ? __pfx_kasan_atomics+0x10/0x10 [ 15.114542] ? __pfx_read_tsc+0x10/0x10 [ 15.114565] ? ktime_get_ts64+0x86/0x230 [ 15.114611] kunit_try_run_case+0x1a5/0x480 [ 15.114635] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.114673] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.114700] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.114744] ? __kthread_parkme+0x82/0x180 [ 15.114768] ? preempt_count_sub+0x50/0x80 [ 15.114796] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.114819] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.114846] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.114885] kthread+0x337/0x6f0 [ 15.114905] ? trace_preempt_on+0x20/0xc0 [ 15.114930] ? __pfx_kthread+0x10/0x10 [ 15.114950] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.114975] ? calculate_sigpending+0x7b/0xa0 [ 15.114999] ? __pfx_kthread+0x10/0x10 [ 15.115020] ret_from_fork+0x41/0x80 [ 15.115043] ? __pfx_kthread+0x10/0x10 [ 15.115064] ret_from_fork_asm+0x1a/0x30 [ 15.115096] </TASK> [ 15.115126] [ 15.123187] Allocated by task 285: [ 15.123323] kasan_save_stack+0x45/0x70 [ 15.123476] kasan_save_track+0x18/0x40 [ 15.123713] kasan_save_alloc_info+0x3b/0x50 [ 15.123966] __kasan_kmalloc+0xb7/0xc0 [ 15.124183] __kmalloc_cache_noprof+0x189/0x420 [ 15.124412] kasan_atomics+0x95/0x310 [ 15.124642] kunit_try_run_case+0x1a5/0x480 [ 15.124866] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.125142] kthread+0x337/0x6f0 [ 15.125317] ret_from_fork+0x41/0x80 [ 15.125505] ret_from_fork_asm+0x1a/0x30 [ 15.125717] [ 15.125816] The buggy address belongs to the object at ffff8881029e6b00 [ 15.125816] which belongs to the cache kmalloc-64 of size 64 [ 15.126338] The buggy address is located 0 bytes to the right of [ 15.126338] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 15.126970] [ 15.127072] The buggy address belongs to the physical page: [ 15.127349] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 15.127807] flags: 0x200000000000000(node=0|zone=2) [ 15.127991] page_type: f5(slab) [ 15.128118] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.128356] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.128813] page dumped because: kasan: bad access detected [ 15.129091] [ 15.129219] Memory state around the buggy address: [ 15.129480] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.129869] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.130373] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.130787] ^ [ 15.131017] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.131378] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.131738] ================================================================== [ 14.066063] ================================================================== [ 14.066350] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 14.066617] Write of size 4 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 14.067253] [ 14.067374] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 14.067425] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.067440] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.067464] Call Trace: [ 14.067483] <TASK> [ 14.067501] dump_stack_lvl+0x73/0xb0 [ 14.067531] print_report+0xd1/0x650 [ 14.067576] ? __virt_addr_valid+0x1db/0x2d0 [ 14.067601] ? kasan_atomics_helper+0x860/0x5450 [ 14.067626] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.067652] ? kasan_atomics_helper+0x860/0x5450 [ 14.067676] kasan_report+0x141/0x180 [ 14.067702] ? kasan_atomics_helper+0x860/0x5450 [ 14.067731] kasan_check_range+0x10c/0x1c0 [ 14.067754] __kasan_check_write+0x18/0x20 [ 14.067777] kasan_atomics_helper+0x860/0x5450 [ 14.067803] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.067828] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.067950] ? kasan_atomics+0x152/0x310 [ 14.067978] kasan_atomics+0x1dc/0x310 [ 14.068001] ? __pfx_kasan_atomics+0x10/0x10 [ 14.068025] ? __pfx_read_tsc+0x10/0x10 [ 14.068048] ? ktime_get_ts64+0x86/0x230 [ 14.068077] kunit_try_run_case+0x1a5/0x480 [ 14.068103] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.068125] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.068152] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.068179] ? __kthread_parkme+0x82/0x180 [ 14.068203] ? preempt_count_sub+0x50/0x80 [ 14.068231] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.068253] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.068280] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.068306] kthread+0x337/0x6f0 [ 14.068326] ? trace_preempt_on+0x20/0xc0 [ 14.068351] ? __pfx_kthread+0x10/0x10 [ 14.068374] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.068398] ? calculate_sigpending+0x7b/0xa0 [ 14.068422] ? __pfx_kthread+0x10/0x10 [ 14.068443] ret_from_fork+0x41/0x80 [ 14.068467] ? __pfx_kthread+0x10/0x10 [ 14.068487] ret_from_fork_asm+0x1a/0x30 [ 14.068531] </TASK> [ 14.068546] [ 14.076748] Allocated by task 285: [ 14.076954] kasan_save_stack+0x45/0x70 [ 14.077328] kasan_save_track+0x18/0x40 [ 14.077710] kasan_save_alloc_info+0x3b/0x50 [ 14.077977] __kasan_kmalloc+0xb7/0xc0 [ 14.078215] __kmalloc_cache_noprof+0x189/0x420 [ 14.078475] kasan_atomics+0x95/0x310 [ 14.078616] kunit_try_run_case+0x1a5/0x480 [ 14.078767] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.079000] kthread+0x337/0x6f0 [ 14.079176] ret_from_fork+0x41/0x80 [ 14.079417] ret_from_fork_asm+0x1a/0x30 [ 14.079710] [ 14.079790] The buggy address belongs to the object at ffff8881029e6b00 [ 14.079790] which belongs to the cache kmalloc-64 of size 64 [ 14.080300] The buggy address is located 0 bytes to the right of [ 14.080300] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 14.081346] [ 14.081466] The buggy address belongs to the physical page: [ 14.081800] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 14.082180] flags: 0x200000000000000(node=0|zone=2) [ 14.082439] page_type: f5(slab) [ 14.082627] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.083049] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.083341] page dumped because: kasan: bad access detected [ 14.083645] [ 14.083744] Memory state around the buggy address: [ 14.084044] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.084345] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.084649] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.085171] ^ [ 14.085347] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.085570] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.085870] ================================================================== [ 15.132229] ================================================================== [ 15.132472] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 15.132885] Write of size 8 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 15.133228] [ 15.133340] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 15.133414] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.133428] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.133450] Call Trace: [ 15.133482] <TASK> [ 15.133498] dump_stack_lvl+0x73/0xb0 [ 15.133524] print_report+0xd1/0x650 [ 15.133577] ? __virt_addr_valid+0x1db/0x2d0 [ 15.133615] ? kasan_atomics_helper+0x2006/0x5450 [ 15.133653] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.133692] ? kasan_atomics_helper+0x2006/0x5450 [ 15.133730] kasan_report+0x141/0x180 [ 15.133756] ? kasan_atomics_helper+0x2006/0x5450 [ 15.133785] kasan_check_range+0x10c/0x1c0 [ 15.133808] __kasan_check_write+0x18/0x20 [ 15.133831] kasan_atomics_helper+0x2006/0x5450 [ 15.133857] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.133892] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.133917] ? kasan_atomics+0x152/0x310 [ 15.133942] kasan_atomics+0x1dc/0x310 [ 15.133964] ? __pfx_kasan_atomics+0x10/0x10 [ 15.133988] ? __pfx_read_tsc+0x10/0x10 [ 15.134010] ? ktime_get_ts64+0x86/0x230 [ 15.134037] kunit_try_run_case+0x1a5/0x480 [ 15.134061] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.134083] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.134109] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.134136] ? __kthread_parkme+0x82/0x180 [ 15.134160] ? preempt_count_sub+0x50/0x80 [ 15.134187] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.134210] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.134236] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.134263] kthread+0x337/0x6f0 [ 15.134283] ? trace_preempt_on+0x20/0xc0 [ 15.134309] ? __pfx_kthread+0x10/0x10 [ 15.134329] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.134354] ? calculate_sigpending+0x7b/0xa0 [ 15.134378] ? __pfx_kthread+0x10/0x10 [ 15.134399] ret_from_fork+0x41/0x80 [ 15.134422] ? __pfx_kthread+0x10/0x10 [ 15.134443] ret_from_fork_asm+0x1a/0x30 [ 15.134475] </TASK> [ 15.134487] [ 15.142921] Allocated by task 285: [ 15.143142] kasan_save_stack+0x45/0x70 [ 15.143374] kasan_save_track+0x18/0x40 [ 15.143586] kasan_save_alloc_info+0x3b/0x50 [ 15.143763] __kasan_kmalloc+0xb7/0xc0 [ 15.143914] __kmalloc_cache_noprof+0x189/0x420 [ 15.144171] kasan_atomics+0x95/0x310 [ 15.144365] kunit_try_run_case+0x1a5/0x480 [ 15.144570] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.144890] kthread+0x337/0x6f0 [ 15.145105] ret_from_fork+0x41/0x80 [ 15.145305] ret_from_fork_asm+0x1a/0x30 [ 15.145504] [ 15.145603] The buggy address belongs to the object at ffff8881029e6b00 [ 15.145603] which belongs to the cache kmalloc-64 of size 64 [ 15.146369] The buggy address is located 0 bytes to the right of [ 15.146369] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 15.146737] [ 15.146813] The buggy address belongs to the physical page: [ 15.147227] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 15.147633] flags: 0x200000000000000(node=0|zone=2) [ 15.147972] page_type: f5(slab) [ 15.148366] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.148809] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.149169] page dumped because: kasan: bad access detected [ 15.149388] [ 15.149460] Memory state around the buggy address: [ 15.149855] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.150284] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.150647] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.150867] ^ [ 15.151032] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.151286] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.151808] ================================================================== [ 14.732677] ================================================================== [ 14.732966] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 14.733691] Write of size 8 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 14.734247] [ 14.734387] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 14.734503] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.734528] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.734551] Call Trace: [ 14.734569] <TASK> [ 14.734587] dump_stack_lvl+0x73/0xb0 [ 14.734617] print_report+0xd1/0x650 [ 14.734643] ? __virt_addr_valid+0x1db/0x2d0 [ 14.734667] ? kasan_atomics_helper+0x15b6/0x5450 [ 14.734691] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.734717] ? kasan_atomics_helper+0x15b6/0x5450 [ 14.734742] kasan_report+0x141/0x180 [ 14.734768] ? kasan_atomics_helper+0x15b6/0x5450 [ 14.734797] kasan_check_range+0x10c/0x1c0 [ 14.734821] __kasan_check_write+0x18/0x20 [ 14.734844] kasan_atomics_helper+0x15b6/0x5450 [ 14.734869] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.734908] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.734933] ? kasan_atomics+0x152/0x310 [ 14.734959] kasan_atomics+0x1dc/0x310 [ 14.734981] ? __pfx_kasan_atomics+0x10/0x10 [ 14.735180] ? __pfx_read_tsc+0x10/0x10 [ 14.735209] ? ktime_get_ts64+0x86/0x230 [ 14.735240] kunit_try_run_case+0x1a5/0x480 [ 14.735265] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.735288] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.735315] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.735342] ? __kthread_parkme+0x82/0x180 [ 14.735366] ? preempt_count_sub+0x50/0x80 [ 14.735395] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.735419] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.735446] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.735472] kthread+0x337/0x6f0 [ 14.735491] ? trace_preempt_on+0x20/0xc0 [ 14.735530] ? __pfx_kthread+0x10/0x10 [ 14.735551] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.735581] ? calculate_sigpending+0x7b/0xa0 [ 14.735607] ? __pfx_kthread+0x10/0x10 [ 14.735628] ret_from_fork+0x41/0x80 [ 14.735651] ? __pfx_kthread+0x10/0x10 [ 14.735672] ret_from_fork_asm+0x1a/0x30 [ 14.735705] </TASK> [ 14.735718] [ 14.746174] Allocated by task 285: [ 14.746556] kasan_save_stack+0x45/0x70 [ 14.746774] kasan_save_track+0x18/0x40 [ 14.747011] kasan_save_alloc_info+0x3b/0x50 [ 14.747384] __kasan_kmalloc+0xb7/0xc0 [ 14.747584] __kmalloc_cache_noprof+0x189/0x420 [ 14.747783] kasan_atomics+0x95/0x310 [ 14.748025] kunit_try_run_case+0x1a5/0x480 [ 14.748195] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.748438] kthread+0x337/0x6f0 [ 14.748677] ret_from_fork+0x41/0x80 [ 14.748816] ret_from_fork_asm+0x1a/0x30 [ 14.749043] [ 14.749149] The buggy address belongs to the object at ffff8881029e6b00 [ 14.749149] which belongs to the cache kmalloc-64 of size 64 [ 14.749584] The buggy address is located 0 bytes to the right of [ 14.749584] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 14.750250] [ 14.750327] The buggy address belongs to the physical page: [ 14.750558] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 14.750855] flags: 0x200000000000000(node=0|zone=2) [ 14.751174] page_type: f5(slab) [ 14.751345] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.751819] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.752125] page dumped because: kasan: bad access detected [ 14.752368] [ 14.752456] Memory state around the buggy address: [ 14.752753] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.752977] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.753281] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.753698] ^ [ 14.753850] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.754427] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.754696] ================================================================== [ 13.752608] ================================================================== [ 13.753421] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 13.753829] Read of size 4 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 13.754258] [ 13.754384] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 13.754457] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.754470] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.754494] Call Trace: [ 13.754509] <TASK> [ 13.754540] dump_stack_lvl+0x73/0xb0 [ 13.754571] print_report+0xd1/0x650 [ 13.754598] ? __virt_addr_valid+0x1db/0x2d0 [ 13.754623] ? kasan_atomics_helper+0x4bbc/0x5450 [ 13.754647] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.754672] ? kasan_atomics_helper+0x4bbc/0x5450 [ 13.754716] kasan_report+0x141/0x180 [ 13.754742] ? kasan_atomics_helper+0x4bbc/0x5450 [ 13.754771] __asan_report_load4_noabort+0x18/0x20 [ 13.754794] kasan_atomics_helper+0x4bbc/0x5450 [ 13.754820] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.754913] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.754943] ? kasan_atomics+0x152/0x310 [ 13.754992] kasan_atomics+0x1dc/0x310 [ 13.755014] ? __pfx_kasan_atomics+0x10/0x10 [ 13.755038] ? __pfx_read_tsc+0x10/0x10 [ 13.755060] ? ktime_get_ts64+0x86/0x230 [ 13.755089] kunit_try_run_case+0x1a5/0x480 [ 13.755113] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.755151] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.755179] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.755205] ? __kthread_parkme+0x82/0x180 [ 13.755230] ? preempt_count_sub+0x50/0x80 [ 13.755258] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.755280] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.755306] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.755331] kthread+0x337/0x6f0 [ 13.755349] ? trace_preempt_on+0x20/0xc0 [ 13.755375] ? __pfx_kthread+0x10/0x10 [ 13.755394] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.755418] ? calculate_sigpending+0x7b/0xa0 [ 13.755442] ? __pfx_kthread+0x10/0x10 [ 13.755463] ret_from_fork+0x41/0x80 [ 13.755485] ? __pfx_kthread+0x10/0x10 [ 13.755504] ret_from_fork_asm+0x1a/0x30 [ 13.755538] </TASK> [ 13.755552] [ 13.765461] Allocated by task 285: [ 13.765769] kasan_save_stack+0x45/0x70 [ 13.766044] kasan_save_track+0x18/0x40 [ 13.766195] kasan_save_alloc_info+0x3b/0x50 [ 13.766435] __kasan_kmalloc+0xb7/0xc0 [ 13.766733] __kmalloc_cache_noprof+0x189/0x420 [ 13.767069] kasan_atomics+0x95/0x310 [ 13.767291] kunit_try_run_case+0x1a5/0x480 [ 13.767440] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.767791] kthread+0x337/0x6f0 [ 13.767977] ret_from_fork+0x41/0x80 [ 13.768253] ret_from_fork_asm+0x1a/0x30 [ 13.768456] [ 13.768548] The buggy address belongs to the object at ffff8881029e6b00 [ 13.768548] which belongs to the cache kmalloc-64 of size 64 [ 13.769220] The buggy address is located 0 bytes to the right of [ 13.769220] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 13.769736] [ 13.769854] The buggy address belongs to the physical page: [ 13.770224] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 13.770615] flags: 0x200000000000000(node=0|zone=2) [ 13.770845] page_type: f5(slab) [ 13.771069] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.771407] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.771737] page dumped because: kasan: bad access detected [ 13.772133] [ 13.772239] Memory state around the buggy address: [ 13.772495] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.772916] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.773260] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.773482] ^ [ 13.774017] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.774351] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.774649] ================================================================== [ 15.193396] ================================================================== [ 15.193733] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 15.194138] Read of size 8 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 15.194475] [ 15.194693] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 15.194743] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.194771] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.194795] Call Trace: [ 15.194813] <TASK> [ 15.194832] dump_stack_lvl+0x73/0xb0 [ 15.194866] print_report+0xd1/0x650 [ 15.194905] ? __virt_addr_valid+0x1db/0x2d0 [ 15.194929] ? kasan_atomics_helper+0x4fb2/0x5450 [ 15.194955] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.194981] ? kasan_atomics_helper+0x4fb2/0x5450 [ 15.195006] kasan_report+0x141/0x180 [ 15.195031] ? kasan_atomics_helper+0x4fb2/0x5450 [ 15.195060] __asan_report_load8_noabort+0x18/0x20 [ 15.195084] kasan_atomics_helper+0x4fb2/0x5450 [ 15.195110] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.195136] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.195161] ? kasan_atomics+0x152/0x310 [ 15.195186] kasan_atomics+0x1dc/0x310 [ 15.195208] ? __pfx_kasan_atomics+0x10/0x10 [ 15.195232] ? __pfx_read_tsc+0x10/0x10 [ 15.195254] ? ktime_get_ts64+0x86/0x230 [ 15.195284] kunit_try_run_case+0x1a5/0x480 [ 15.195308] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.195330] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.195358] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.195384] ? __kthread_parkme+0x82/0x180 [ 15.195409] ? preempt_count_sub+0x50/0x80 [ 15.195438] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.195462] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.195488] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.195514] kthread+0x337/0x6f0 [ 15.195534] ? trace_preempt_on+0x20/0xc0 [ 15.195560] ? __pfx_kthread+0x10/0x10 [ 15.195587] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.195650] ? calculate_sigpending+0x7b/0xa0 [ 15.195677] ? __pfx_kthread+0x10/0x10 [ 15.195698] ret_from_fork+0x41/0x80 [ 15.195722] ? __pfx_kthread+0x10/0x10 [ 15.195743] ret_from_fork_asm+0x1a/0x30 [ 15.195776] </TASK> [ 15.195789] [ 15.211327] Allocated by task 285: [ 15.211640] kasan_save_stack+0x45/0x70 [ 15.211844] kasan_save_track+0x18/0x40 [ 15.212053] kasan_save_alloc_info+0x3b/0x50 [ 15.212246] __kasan_kmalloc+0xb7/0xc0 [ 15.212433] __kmalloc_cache_noprof+0x189/0x420 [ 15.212914] kasan_atomics+0x95/0x310 [ 15.213166] kunit_try_run_case+0x1a5/0x480 [ 15.213479] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.213847] kthread+0x337/0x6f0 [ 15.214110] ret_from_fork+0x41/0x80 [ 15.214303] ret_from_fork_asm+0x1a/0x30 [ 15.214617] [ 15.214721] The buggy address belongs to the object at ffff8881029e6b00 [ 15.214721] which belongs to the cache kmalloc-64 of size 64 [ 15.215282] The buggy address is located 0 bytes to the right of [ 15.215282] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 15.216046] [ 15.216219] The buggy address belongs to the physical page: [ 15.216526] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 15.216991] flags: 0x200000000000000(node=0|zone=2) [ 15.217280] page_type: f5(slab) [ 15.217474] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.218034] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.218472] page dumped because: kasan: bad access detected [ 15.218846] [ 15.218941] Memory state around the buggy address: [ 15.219163] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.219634] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.219927] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.220250] ^ [ 15.220474] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.221012] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.221393] ================================================================== [ 13.888785] ================================================================== [ 13.889167] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 13.889514] Write of size 4 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 13.889832] [ 13.890015] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 13.890064] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.890078] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.890102] Call Trace: [ 13.890119] <TASK> [ 13.890135] dump_stack_lvl+0x73/0xb0 [ 13.890164] print_report+0xd1/0x650 [ 13.890189] ? __virt_addr_valid+0x1db/0x2d0 [ 13.890212] ? kasan_atomics_helper+0x4a0/0x5450 [ 13.890238] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.890414] ? kasan_atomics_helper+0x4a0/0x5450 [ 13.890447] kasan_report+0x141/0x180 [ 13.890474] ? kasan_atomics_helper+0x4a0/0x5450 [ 13.890504] kasan_check_range+0x10c/0x1c0 [ 13.890543] __kasan_check_write+0x18/0x20 [ 13.890567] kasan_atomics_helper+0x4a0/0x5450 [ 13.890594] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.890620] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.890644] ? kasan_atomics+0x152/0x310 [ 13.890670] kasan_atomics+0x1dc/0x310 [ 13.890693] ? __pfx_kasan_atomics+0x10/0x10 [ 13.890717] ? __pfx_read_tsc+0x10/0x10 [ 13.890739] ? ktime_get_ts64+0x86/0x230 [ 13.890768] kunit_try_run_case+0x1a5/0x480 [ 13.890794] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.890816] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.890844] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.890870] ? __kthread_parkme+0x82/0x180 [ 13.890981] ? preempt_count_sub+0x50/0x80 [ 13.891009] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.891033] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.891060] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.891087] kthread+0x337/0x6f0 [ 13.891106] ? trace_preempt_on+0x20/0xc0 [ 13.891134] ? __pfx_kthread+0x10/0x10 [ 13.891156] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.891181] ? calculate_sigpending+0x7b/0xa0 [ 13.891206] ? __pfx_kthread+0x10/0x10 [ 13.891229] ret_from_fork+0x41/0x80 [ 13.891251] ? __pfx_kthread+0x10/0x10 [ 13.891273] ret_from_fork_asm+0x1a/0x30 [ 13.891306] </TASK> [ 13.891319] [ 13.904915] Allocated by task 285: [ 13.905262] kasan_save_stack+0x45/0x70 [ 13.905448] kasan_save_track+0x18/0x40 [ 13.905653] kasan_save_alloc_info+0x3b/0x50 [ 13.905997] __kasan_kmalloc+0xb7/0xc0 [ 13.906253] __kmalloc_cache_noprof+0x189/0x420 [ 13.906485] kasan_atomics+0x95/0x310 [ 13.906696] kunit_try_run_case+0x1a5/0x480 [ 13.907064] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.907299] kthread+0x337/0x6f0 [ 13.907475] ret_from_fork+0x41/0x80 [ 13.907643] ret_from_fork_asm+0x1a/0x30 [ 13.908165] [ 13.908346] The buggy address belongs to the object at ffff8881029e6b00 [ 13.908346] which belongs to the cache kmalloc-64 of size 64 [ 13.908888] The buggy address is located 0 bytes to the right of [ 13.908888] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 13.909642] [ 13.909813] The buggy address belongs to the physical page: [ 13.910174] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 13.910549] flags: 0x200000000000000(node=0|zone=2) [ 13.911037] page_type: f5(slab) [ 13.911220] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.911836] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.912138] page dumped because: kasan: bad access detected [ 13.912385] [ 13.912481] Memory state around the buggy address: [ 13.913199] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.913564] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.914328] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.914772] ^ [ 13.915372] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.916081] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.916397] ================================================================== [ 14.388132] ================================================================== [ 14.388679] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 14.389138] Write of size 4 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 14.389381] [ 14.389470] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 14.389532] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.389547] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.389570] Call Trace: [ 14.389587] <TASK> [ 14.389604] dump_stack_lvl+0x73/0xb0 [ 14.389633] print_report+0xd1/0x650 [ 14.389659] ? __virt_addr_valid+0x1db/0x2d0 [ 14.389683] ? kasan_atomics_helper+0xfa9/0x5450 [ 14.389707] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.389733] ? kasan_atomics_helper+0xfa9/0x5450 [ 14.389758] kasan_report+0x141/0x180 [ 14.389783] ? kasan_atomics_helper+0xfa9/0x5450 [ 14.389813] kasan_check_range+0x10c/0x1c0 [ 14.389836] __kasan_check_write+0x18/0x20 [ 14.389859] kasan_atomics_helper+0xfa9/0x5450 [ 14.389897] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.389923] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.389948] ? kasan_atomics+0x152/0x310 [ 14.389973] kasan_atomics+0x1dc/0x310 [ 14.389995] ? __pfx_kasan_atomics+0x10/0x10 [ 14.390019] ? __pfx_read_tsc+0x10/0x10 [ 14.390041] ? ktime_get_ts64+0x86/0x230 [ 14.390069] kunit_try_run_case+0x1a5/0x480 [ 14.390094] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.390117] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.390144] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.390171] ? __kthread_parkme+0x82/0x180 [ 14.390196] ? preempt_count_sub+0x50/0x80 [ 14.390224] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.390247] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.390273] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.390300] kthread+0x337/0x6f0 [ 14.390319] ? trace_preempt_on+0x20/0xc0 [ 14.390345] ? __pfx_kthread+0x10/0x10 [ 14.390366] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.390391] ? calculate_sigpending+0x7b/0xa0 [ 14.390415] ? __pfx_kthread+0x10/0x10 [ 14.390436] ret_from_fork+0x41/0x80 [ 14.390460] ? __pfx_kthread+0x10/0x10 [ 14.390482] ret_from_fork_asm+0x1a/0x30 [ 14.390668] </TASK> [ 14.390687] [ 14.399431] Allocated by task 285: [ 14.399682] kasan_save_stack+0x45/0x70 [ 14.400074] kasan_save_track+0x18/0x40 [ 14.400246] kasan_save_alloc_info+0x3b/0x50 [ 14.400399] __kasan_kmalloc+0xb7/0xc0 [ 14.400539] __kmalloc_cache_noprof+0x189/0x420 [ 14.400768] kasan_atomics+0x95/0x310 [ 14.401090] kunit_try_run_case+0x1a5/0x480 [ 14.401319] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.401503] kthread+0x337/0x6f0 [ 14.401631] ret_from_fork+0x41/0x80 [ 14.401812] ret_from_fork_asm+0x1a/0x30 [ 14.402182] [ 14.402292] The buggy address belongs to the object at ffff8881029e6b00 [ 14.402292] which belongs to the cache kmalloc-64 of size 64 [ 14.402951] The buggy address is located 0 bytes to the right of [ 14.402951] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 14.403370] [ 14.403447] The buggy address belongs to the physical page: [ 14.403803] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 14.404271] flags: 0x200000000000000(node=0|zone=2) [ 14.404526] page_type: f5(slab) [ 14.404705] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.405113] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.405570] page dumped because: kasan: bad access detected [ 14.405793] [ 14.405956] Memory state around the buggy address: [ 14.406164] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.406464] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.407063] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.407356] ^ [ 14.407524] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.407964] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.408185] ================================================================== [ 15.222168] ================================================================== [ 15.222818] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 15.223177] Write of size 8 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 15.223708] [ 15.223943] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 15.224250] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.224269] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.224296] Call Trace: [ 15.224317] <TASK> [ 15.224341] dump_stack_lvl+0x73/0xb0 [ 15.224375] print_report+0xd1/0x650 [ 15.224401] ? __virt_addr_valid+0x1db/0x2d0 [ 15.224427] ? kasan_atomics_helper+0x218a/0x5450 [ 15.224451] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.224477] ? kasan_atomics_helper+0x218a/0x5450 [ 15.224502] kasan_report+0x141/0x180 [ 15.224527] ? kasan_atomics_helper+0x218a/0x5450 [ 15.224556] kasan_check_range+0x10c/0x1c0 [ 15.224579] __kasan_check_write+0x18/0x20 [ 15.224602] kasan_atomics_helper+0x218a/0x5450 [ 15.224628] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.224653] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.224678] ? kasan_atomics+0x152/0x310 [ 15.224704] kasan_atomics+0x1dc/0x310 [ 15.224726] ? __pfx_kasan_atomics+0x10/0x10 [ 15.224750] ? __pfx_read_tsc+0x10/0x10 [ 15.224772] ? ktime_get_ts64+0x86/0x230 [ 15.224800] kunit_try_run_case+0x1a5/0x480 [ 15.224825] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.224848] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.224889] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.224916] ? __kthread_parkme+0x82/0x180 [ 15.224941] ? preempt_count_sub+0x50/0x80 [ 15.224970] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.224993] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.225019] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.225046] kthread+0x337/0x6f0 [ 15.225064] ? trace_preempt_on+0x20/0xc0 [ 15.225091] ? __pfx_kthread+0x10/0x10 [ 15.225111] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.225136] ? calculate_sigpending+0x7b/0xa0 [ 15.225161] ? __pfx_kthread+0x10/0x10 [ 15.225182] ret_from_fork+0x41/0x80 [ 15.225204] ? __pfx_kthread+0x10/0x10 [ 15.225225] ret_from_fork_asm+0x1a/0x30 [ 15.225257] </TASK> [ 15.225271] [ 15.235965] Allocated by task 285: [ 15.236240] kasan_save_stack+0x45/0x70 [ 15.236528] kasan_save_track+0x18/0x40 [ 15.236708] kasan_save_alloc_info+0x3b/0x50 [ 15.236930] __kasan_kmalloc+0xb7/0xc0 [ 15.237134] __kmalloc_cache_noprof+0x189/0x420 [ 15.237352] kasan_atomics+0x95/0x310 [ 15.237527] kunit_try_run_case+0x1a5/0x480 [ 15.238118] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.238453] kthread+0x337/0x6f0 [ 15.238635] ret_from_fork+0x41/0x80 [ 15.238978] ret_from_fork_asm+0x1a/0x30 [ 15.239285] [ 15.239372] The buggy address belongs to the object at ffff8881029e6b00 [ 15.239372] which belongs to the cache kmalloc-64 of size 64 [ 15.240235] The buggy address is located 0 bytes to the right of [ 15.240235] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 15.240987] [ 15.241157] The buggy address belongs to the physical page: [ 15.241416] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 15.241895] flags: 0x200000000000000(node=0|zone=2) [ 15.242114] page_type: f5(slab) [ 15.242293] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.242804] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.243199] page dumped because: kasan: bad access detected [ 15.243409] [ 15.243602] Memory state around the buggy address: [ 15.243893] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.244340] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.244755] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.245034] ^ [ 15.245393] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.245845] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.246158] ================================================================== [ 13.776003] ================================================================== [ 13.776533] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 13.777178] Write of size 4 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 13.777507] [ 13.777608] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 13.777678] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.777691] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.777715] Call Trace: [ 13.777728] <TASK> [ 13.777757] dump_stack_lvl+0x73/0xb0 [ 13.777788] print_report+0xd1/0x650 [ 13.777813] ? __virt_addr_valid+0x1db/0x2d0 [ 13.777920] ? kasan_atomics_helper+0x4ba2/0x5450 [ 13.777951] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.777998] ? kasan_atomics_helper+0x4ba2/0x5450 [ 13.778023] kasan_report+0x141/0x180 [ 13.778048] ? kasan_atomics_helper+0x4ba2/0x5450 [ 13.778077] __asan_report_store4_noabort+0x1b/0x30 [ 13.778100] kasan_atomics_helper+0x4ba2/0x5450 [ 13.778125] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.778150] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.778174] ? kasan_atomics+0x152/0x310 [ 13.778200] kasan_atomics+0x1dc/0x310 [ 13.778221] ? __pfx_kasan_atomics+0x10/0x10 [ 13.778245] ? __pfx_read_tsc+0x10/0x10 [ 13.778268] ? ktime_get_ts64+0x86/0x230 [ 13.778296] kunit_try_run_case+0x1a5/0x480 [ 13.778321] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.778361] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.778388] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.778414] ? __kthread_parkme+0x82/0x180 [ 13.778437] ? preempt_count_sub+0x50/0x80 [ 13.778465] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.778487] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.778529] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.778555] kthread+0x337/0x6f0 [ 13.778573] ? trace_preempt_on+0x20/0xc0 [ 13.778598] ? __pfx_kthread+0x10/0x10 [ 13.778618] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.778641] ? calculate_sigpending+0x7b/0xa0 [ 13.778665] ? __pfx_kthread+0x10/0x10 [ 13.778685] ret_from_fork+0x41/0x80 [ 13.778707] ? __pfx_kthread+0x10/0x10 [ 13.778727] ret_from_fork_asm+0x1a/0x30 [ 13.778759] </TASK> [ 13.778770] [ 13.787395] Allocated by task 285: [ 13.787529] kasan_save_stack+0x45/0x70 [ 13.788086] kasan_save_track+0x18/0x40 [ 13.788411] kasan_save_alloc_info+0x3b/0x50 [ 13.788628] __kasan_kmalloc+0xb7/0xc0 [ 13.788932] __kmalloc_cache_noprof+0x189/0x420 [ 13.789182] kasan_atomics+0x95/0x310 [ 13.789354] kunit_try_run_case+0x1a5/0x480 [ 13.789500] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.789792] kthread+0x337/0x6f0 [ 13.790170] ret_from_fork+0x41/0x80 [ 13.790354] ret_from_fork_asm+0x1a/0x30 [ 13.790563] [ 13.790693] The buggy address belongs to the object at ffff8881029e6b00 [ 13.790693] which belongs to the cache kmalloc-64 of size 64 [ 13.791409] The buggy address is located 0 bytes to the right of [ 13.791409] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 13.791835] [ 13.792084] The buggy address belongs to the physical page: [ 13.792361] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 13.792966] flags: 0x200000000000000(node=0|zone=2) [ 13.793238] page_type: f5(slab) [ 13.793385] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.793701] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.794130] page dumped because: kasan: bad access detected [ 13.794398] [ 13.794499] Memory state around the buggy address: [ 13.794675] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.794906] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.795244] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.795587] ^ [ 13.795856] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.796494] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.796759] ================================================================== [ 14.825007] ================================================================== [ 14.825321] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 14.825708] Write of size 8 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 14.826143] [ 14.826249] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 14.826298] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.826312] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.826334] Call Trace: [ 14.826348] <TASK> [ 14.826363] dump_stack_lvl+0x73/0xb0 [ 14.826388] print_report+0xd1/0x650 [ 14.826414] ? __virt_addr_valid+0x1db/0x2d0 [ 14.826437] ? kasan_atomics_helper+0x1818/0x5450 [ 14.826462] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.826487] ? kasan_atomics_helper+0x1818/0x5450 [ 14.826521] kasan_report+0x141/0x180 [ 14.826546] ? kasan_atomics_helper+0x1818/0x5450 [ 14.826575] kasan_check_range+0x10c/0x1c0 [ 14.826598] __kasan_check_write+0x18/0x20 [ 14.826621] kasan_atomics_helper+0x1818/0x5450 [ 14.826646] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.826671] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.826696] ? kasan_atomics+0x152/0x310 [ 14.826721] kasan_atomics+0x1dc/0x310 [ 14.826743] ? __pfx_kasan_atomics+0x10/0x10 [ 14.826767] ? __pfx_read_tsc+0x10/0x10 [ 14.826788] ? ktime_get_ts64+0x86/0x230 [ 14.826815] kunit_try_run_case+0x1a5/0x480 [ 14.826848] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.826870] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.826907] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.826935] ? __kthread_parkme+0x82/0x180 [ 14.826959] ? preempt_count_sub+0x50/0x80 [ 14.826987] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.827009] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.827036] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.827062] kthread+0x337/0x6f0 [ 14.827082] ? trace_preempt_on+0x20/0xc0 [ 14.827107] ? __pfx_kthread+0x10/0x10 [ 14.827127] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.827152] ? calculate_sigpending+0x7b/0xa0 [ 14.827175] ? __pfx_kthread+0x10/0x10 [ 14.827196] ret_from_fork+0x41/0x80 [ 14.827219] ? __pfx_kthread+0x10/0x10 [ 14.827239] ret_from_fork_asm+0x1a/0x30 [ 14.827272] </TASK> [ 14.827284] [ 14.835558] Allocated by task 285: [ 14.835799] kasan_save_stack+0x45/0x70 [ 14.836005] kasan_save_track+0x18/0x40 [ 14.836192] kasan_save_alloc_info+0x3b/0x50 [ 14.836393] __kasan_kmalloc+0xb7/0xc0 [ 14.836530] __kmalloc_cache_noprof+0x189/0x420 [ 14.836683] kasan_atomics+0x95/0x310 [ 14.836817] kunit_try_run_case+0x1a5/0x480 [ 14.836971] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.837148] kthread+0x337/0x6f0 [ 14.837270] ret_from_fork+0x41/0x80 [ 14.837401] ret_from_fork_asm+0x1a/0x30 [ 14.837739] [ 14.837945] The buggy address belongs to the object at ffff8881029e6b00 [ 14.837945] which belongs to the cache kmalloc-64 of size 64 [ 14.838526] The buggy address is located 0 bytes to the right of [ 14.838526] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 14.839083] [ 14.839182] The buggy address belongs to the physical page: [ 14.839434] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 14.839908] flags: 0x200000000000000(node=0|zone=2) [ 14.840072] page_type: f5(slab) [ 14.840195] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.840424] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.841068] page dumped because: kasan: bad access detected [ 14.841336] [ 14.841435] Memory state around the buggy address: [ 14.841764] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.842138] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.842354] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.842650] ^ [ 14.842892] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.843244] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.843682] ================================================================== [ 14.869589] ================================================================== [ 14.870023] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 14.870265] Write of size 8 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 14.870597] [ 14.870711] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 14.870762] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.870776] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.870799] Call Trace: [ 14.870814] <TASK> [ 14.870831] dump_stack_lvl+0x73/0xb0 [ 14.870856] print_report+0xd1/0x650 [ 14.870895] ? __virt_addr_valid+0x1db/0x2d0 [ 14.870919] ? kasan_atomics_helper+0x194a/0x5450 [ 14.870943] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.870968] ? kasan_atomics_helper+0x194a/0x5450 [ 14.870993] kasan_report+0x141/0x180 [ 14.871018] ? kasan_atomics_helper+0x194a/0x5450 [ 14.871047] kasan_check_range+0x10c/0x1c0 [ 14.871069] __kasan_check_write+0x18/0x20 [ 14.871092] kasan_atomics_helper+0x194a/0x5450 [ 14.871117] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.871143] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.871167] ? kasan_atomics+0x152/0x310 [ 14.871193] kasan_atomics+0x1dc/0x310 [ 14.871215] ? __pfx_kasan_atomics+0x10/0x10 [ 14.871238] ? __pfx_read_tsc+0x10/0x10 [ 14.871260] ? ktime_get_ts64+0x86/0x230 [ 14.871288] kunit_try_run_case+0x1a5/0x480 [ 14.871312] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.871333] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.871359] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.871386] ? __kthread_parkme+0x82/0x180 [ 14.871409] ? preempt_count_sub+0x50/0x80 [ 14.871436] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.871459] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.871484] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.871511] kthread+0x337/0x6f0 [ 14.871623] ? trace_preempt_on+0x20/0xc0 [ 14.871649] ? __pfx_kthread+0x10/0x10 [ 14.871670] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.871696] ? calculate_sigpending+0x7b/0xa0 [ 14.871719] ? __pfx_kthread+0x10/0x10 [ 14.871740] ret_from_fork+0x41/0x80 [ 14.871763] ? __pfx_kthread+0x10/0x10 [ 14.871783] ret_from_fork_asm+0x1a/0x30 [ 14.871816] </TASK> [ 14.871828] [ 14.880573] Allocated by task 285: [ 14.880737] kasan_save_stack+0x45/0x70 [ 14.881082] kasan_save_track+0x18/0x40 [ 14.881254] kasan_save_alloc_info+0x3b/0x50 [ 14.881441] __kasan_kmalloc+0xb7/0xc0 [ 14.881732] __kmalloc_cache_noprof+0x189/0x420 [ 14.882015] kasan_atomics+0x95/0x310 [ 14.882214] kunit_try_run_case+0x1a5/0x480 [ 14.882399] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.882633] kthread+0x337/0x6f0 [ 14.882914] ret_from_fork+0x41/0x80 [ 14.883091] ret_from_fork_asm+0x1a/0x30 [ 14.883280] [ 14.883366] The buggy address belongs to the object at ffff8881029e6b00 [ 14.883366] which belongs to the cache kmalloc-64 of size 64 [ 14.884030] The buggy address is located 0 bytes to the right of [ 14.884030] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 14.884485] [ 14.884562] The buggy address belongs to the physical page: [ 14.884738] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 14.885071] flags: 0x200000000000000(node=0|zone=2) [ 14.885528] page_type: f5(slab) [ 14.885741] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.886278] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.886675] page dumped because: kasan: bad access detected [ 14.886854] [ 14.886941] Memory state around the buggy address: [ 14.887101] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.887624] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.888007] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.888548] ^ [ 14.888968] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.889259] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.889480] ================================================================== [ 15.172558] ================================================================== [ 15.172919] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 15.173290] Write of size 8 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 15.173616] [ 15.173740] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 15.173822] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.173836] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.173860] Call Trace: [ 15.173887] <TASK> [ 15.173932] dump_stack_lvl+0x73/0xb0 [ 15.173962] print_report+0xd1/0x650 [ 15.173987] ? __virt_addr_valid+0x1db/0x2d0 [ 15.174010] ? kasan_atomics_helper+0x20c8/0x5450 [ 15.174034] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.174060] ? kasan_atomics_helper+0x20c8/0x5450 [ 15.174084] kasan_report+0x141/0x180 [ 15.174110] ? kasan_atomics_helper+0x20c8/0x5450 [ 15.174139] kasan_check_range+0x10c/0x1c0 [ 15.174162] __kasan_check_write+0x18/0x20 [ 15.174186] kasan_atomics_helper+0x20c8/0x5450 [ 15.174243] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.174269] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.174294] ? kasan_atomics+0x152/0x310 [ 15.174320] kasan_atomics+0x1dc/0x310 [ 15.174372] ? __pfx_kasan_atomics+0x10/0x10 [ 15.174397] ? __pfx_read_tsc+0x10/0x10 [ 15.174419] ? ktime_get_ts64+0x86/0x230 [ 15.174447] kunit_try_run_case+0x1a5/0x480 [ 15.174472] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.174536] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.174563] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.174590] ? __kthread_parkme+0x82/0x180 [ 15.174614] ? preempt_count_sub+0x50/0x80 [ 15.174669] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.174694] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.174720] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.174746] kthread+0x337/0x6f0 [ 15.174765] ? trace_preempt_on+0x20/0xc0 [ 15.174821] ? __pfx_kthread+0x10/0x10 [ 15.174900] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.174925] ? calculate_sigpending+0x7b/0xa0 [ 15.174949] ? __pfx_kthread+0x10/0x10 [ 15.174970] ret_from_fork+0x41/0x80 [ 15.174993] ? __pfx_kthread+0x10/0x10 [ 15.175014] ret_from_fork_asm+0x1a/0x30 [ 15.175047] </TASK> [ 15.175060] [ 15.183716] Allocated by task 285: [ 15.183926] kasan_save_stack+0x45/0x70 [ 15.184157] kasan_save_track+0x18/0x40 [ 15.184372] kasan_save_alloc_info+0x3b/0x50 [ 15.184640] __kasan_kmalloc+0xb7/0xc0 [ 15.184851] __kmalloc_cache_noprof+0x189/0x420 [ 15.185163] kasan_atomics+0x95/0x310 [ 15.185352] kunit_try_run_case+0x1a5/0x480 [ 15.185557] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.185813] kthread+0x337/0x6f0 [ 15.185989] ret_from_fork+0x41/0x80 [ 15.186262] ret_from_fork_asm+0x1a/0x30 [ 15.186407] [ 15.186518] The buggy address belongs to the object at ffff8881029e6b00 [ 15.186518] which belongs to the cache kmalloc-64 of size 64 [ 15.187363] The buggy address is located 0 bytes to the right of [ 15.187363] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 15.187940] [ 15.188042] The buggy address belongs to the physical page: [ 15.188297] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 15.188783] flags: 0x200000000000000(node=0|zone=2) [ 15.189145] page_type: f5(slab) [ 15.189330] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.189674] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.189917] page dumped because: kasan: bad access detected [ 15.190141] [ 15.190278] Memory state around the buggy address: [ 15.190602] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.190950] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.191317] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.191786] ^ [ 15.191992] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.192369] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.192717] ================================================================== [ 13.797695] ================================================================== [ 13.798008] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 13.798622] Read of size 4 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 13.799063] [ 13.799166] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 13.799251] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.799265] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.799288] Call Trace: [ 13.799316] <TASK> [ 13.799449] dump_stack_lvl+0x73/0xb0 [ 13.799482] print_report+0xd1/0x650 [ 13.799528] ? __virt_addr_valid+0x1db/0x2d0 [ 13.799553] ? kasan_atomics_helper+0x4b88/0x5450 [ 13.799586] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.799612] ? kasan_atomics_helper+0x4b88/0x5450 [ 13.799638] kasan_report+0x141/0x180 [ 13.799663] ? kasan_atomics_helper+0x4b88/0x5450 [ 13.799693] __asan_report_load4_noabort+0x18/0x20 [ 13.799717] kasan_atomics_helper+0x4b88/0x5450 [ 13.799768] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.799794] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.799818] ? kasan_atomics+0x152/0x310 [ 13.800024] kasan_atomics+0x1dc/0x310 [ 13.800061] ? __pfx_kasan_atomics+0x10/0x10 [ 13.800086] ? __pfx_read_tsc+0x10/0x10 [ 13.800109] ? ktime_get_ts64+0x86/0x230 [ 13.800138] kunit_try_run_case+0x1a5/0x480 [ 13.800163] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.800185] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.800213] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.800240] ? __kthread_parkme+0x82/0x180 [ 13.800264] ? preempt_count_sub+0x50/0x80 [ 13.800293] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.800318] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.800345] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.800371] kthread+0x337/0x6f0 [ 13.800390] ? trace_preempt_on+0x20/0xc0 [ 13.800416] ? __pfx_kthread+0x10/0x10 [ 13.800436] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.800461] ? calculate_sigpending+0x7b/0xa0 [ 13.800485] ? __pfx_kthread+0x10/0x10 [ 13.800506] ret_from_fork+0x41/0x80 [ 13.800529] ? __pfx_kthread+0x10/0x10 [ 13.800550] ret_from_fork_asm+0x1a/0x30 [ 13.800582] </TASK> [ 13.800595] [ 13.809800] Allocated by task 285: [ 13.810124] kasan_save_stack+0x45/0x70 [ 13.810311] kasan_save_track+0x18/0x40 [ 13.810462] kasan_save_alloc_info+0x3b/0x50 [ 13.810802] __kasan_kmalloc+0xb7/0xc0 [ 13.811083] __kmalloc_cache_noprof+0x189/0x420 [ 13.811409] kasan_atomics+0x95/0x310 [ 13.811727] kunit_try_run_case+0x1a5/0x480 [ 13.812214] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.812525] kthread+0x337/0x6f0 [ 13.812714] ret_from_fork+0x41/0x80 [ 13.812985] ret_from_fork_asm+0x1a/0x30 [ 13.813176] [ 13.813306] The buggy address belongs to the object at ffff8881029e6b00 [ 13.813306] which belongs to the cache kmalloc-64 of size 64 [ 13.813772] The buggy address is located 0 bytes to the right of [ 13.813772] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 13.814428] [ 13.814555] The buggy address belongs to the physical page: [ 13.814994] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 13.815369] flags: 0x200000000000000(node=0|zone=2) [ 13.815602] page_type: f5(slab) [ 13.815804] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.816204] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.816456] page dumped because: kasan: bad access detected [ 13.817044] [ 13.817179] Memory state around the buggy address: [ 13.817384] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.817727] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.818120] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.818444] ^ [ 13.818701] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.819110] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.819438] ================================================================== [ 14.543026] ================================================================== [ 14.543433] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 14.543848] Read of size 4 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 14.544258] [ 14.544378] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 14.544427] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.544441] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.544464] Call Trace: [ 14.544478] <TASK> [ 14.544493] dump_stack_lvl+0x73/0xb0 [ 14.544523] print_report+0xd1/0x650 [ 14.544547] ? __virt_addr_valid+0x1db/0x2d0 [ 14.544596] ? kasan_atomics_helper+0x49e8/0x5450 [ 14.544622] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.544647] ? kasan_atomics_helper+0x49e8/0x5450 [ 14.544673] kasan_report+0x141/0x180 [ 14.544698] ? kasan_atomics_helper+0x49e8/0x5450 [ 14.544745] __asan_report_load4_noabort+0x18/0x20 [ 14.544769] kasan_atomics_helper+0x49e8/0x5450 [ 14.544795] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.544821] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.544845] ? kasan_atomics+0x152/0x310 [ 14.544870] kasan_atomics+0x1dc/0x310 [ 14.545096] ? __pfx_kasan_atomics+0x10/0x10 [ 14.545157] ? __pfx_read_tsc+0x10/0x10 [ 14.545195] ? ktime_get_ts64+0x86/0x230 [ 14.545223] kunit_try_run_case+0x1a5/0x480 [ 14.545248] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.545269] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.545296] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.545324] ? __kthread_parkme+0x82/0x180 [ 14.545348] ? preempt_count_sub+0x50/0x80 [ 14.545376] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.545399] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.545426] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.545453] kthread+0x337/0x6f0 [ 14.545473] ? trace_preempt_on+0x20/0xc0 [ 14.545499] ? __pfx_kthread+0x10/0x10 [ 14.545521] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.545546] ? calculate_sigpending+0x7b/0xa0 [ 14.545570] ? __pfx_kthread+0x10/0x10 [ 14.545591] ret_from_fork+0x41/0x80 [ 14.545614] ? __pfx_kthread+0x10/0x10 [ 14.545635] ret_from_fork_asm+0x1a/0x30 [ 14.545667] </TASK> [ 14.545680] [ 14.555029] Allocated by task 285: [ 14.555350] kasan_save_stack+0x45/0x70 [ 14.555555] kasan_save_track+0x18/0x40 [ 14.555818] kasan_save_alloc_info+0x3b/0x50 [ 14.556070] __kasan_kmalloc+0xb7/0xc0 [ 14.556273] __kmalloc_cache_noprof+0x189/0x420 [ 14.556514] kasan_atomics+0x95/0x310 [ 14.556673] kunit_try_run_case+0x1a5/0x480 [ 14.556898] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.557109] kthread+0x337/0x6f0 [ 14.557236] ret_from_fork+0x41/0x80 [ 14.557373] ret_from_fork_asm+0x1a/0x30 [ 14.557925] [ 14.558039] The buggy address belongs to the object at ffff8881029e6b00 [ 14.558039] which belongs to the cache kmalloc-64 of size 64 [ 14.558567] The buggy address is located 0 bytes to the right of [ 14.558567] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 14.558950] [ 14.559028] The buggy address belongs to the physical page: [ 14.559266] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 14.559968] flags: 0x200000000000000(node=0|zone=2) [ 14.560222] page_type: f5(slab) [ 14.560397] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.560709] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.561240] page dumped because: kasan: bad access detected [ 14.561488] [ 14.561590] Memory state around the buggy address: [ 14.561818] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.562189] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.562415] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.562632] ^ [ 14.562824] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.563171] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.563496] ================================================================== [ 13.820117] ================================================================== [ 13.820421] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 13.821216] Write of size 4 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 13.821543] [ 13.821661] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 13.821709] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.821723] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.821747] Call Trace: [ 13.821762] <TASK> [ 13.821779] dump_stack_lvl+0x73/0xb0 [ 13.821809] print_report+0xd1/0x650 [ 13.821834] ? __virt_addr_valid+0x1db/0x2d0 [ 13.821983] ? kasan_atomics_helper+0x4b6e/0x5450 [ 13.822029] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.822056] ? kasan_atomics_helper+0x4b6e/0x5450 [ 13.822082] kasan_report+0x141/0x180 [ 13.822108] ? kasan_atomics_helper+0x4b6e/0x5450 [ 13.822138] __asan_report_store4_noabort+0x1b/0x30 [ 13.822162] kasan_atomics_helper+0x4b6e/0x5450 [ 13.822189] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.822216] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.822241] ? kasan_atomics+0x152/0x310 [ 13.822286] kasan_atomics+0x1dc/0x310 [ 13.822310] ? __pfx_kasan_atomics+0x10/0x10 [ 13.822334] ? __pfx_read_tsc+0x10/0x10 [ 13.822357] ? ktime_get_ts64+0x86/0x230 [ 13.822386] kunit_try_run_case+0x1a5/0x480 [ 13.822410] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.822448] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.822476] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.822504] ? __kthread_parkme+0x82/0x180 [ 13.822537] ? preempt_count_sub+0x50/0x80 [ 13.822566] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.822590] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.822616] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.822643] kthread+0x337/0x6f0 [ 13.822663] ? trace_preempt_on+0x20/0xc0 [ 13.822689] ? __pfx_kthread+0x10/0x10 [ 13.822710] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.822735] ? calculate_sigpending+0x7b/0xa0 [ 13.822760] ? __pfx_kthread+0x10/0x10 [ 13.822783] ret_from_fork+0x41/0x80 [ 13.822805] ? __pfx_kthread+0x10/0x10 [ 13.822825] ret_from_fork_asm+0x1a/0x30 [ 13.822917] </TASK> [ 13.822932] [ 13.832385] Allocated by task 285: [ 13.832610] kasan_save_stack+0x45/0x70 [ 13.832801] kasan_save_track+0x18/0x40 [ 13.832991] kasan_save_alloc_info+0x3b/0x50 [ 13.833452] __kasan_kmalloc+0xb7/0xc0 [ 13.833734] __kmalloc_cache_noprof+0x189/0x420 [ 13.834052] kasan_atomics+0x95/0x310 [ 13.834291] kunit_try_run_case+0x1a5/0x480 [ 13.834483] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.834665] kthread+0x337/0x6f0 [ 13.834844] ret_from_fork+0x41/0x80 [ 13.835153] ret_from_fork_asm+0x1a/0x30 [ 13.835371] [ 13.835473] The buggy address belongs to the object at ffff8881029e6b00 [ 13.835473] which belongs to the cache kmalloc-64 of size 64 [ 13.836012] The buggy address is located 0 bytes to the right of [ 13.836012] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 13.836662] [ 13.836773] The buggy address belongs to the physical page: [ 13.837129] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 13.837429] flags: 0x200000000000000(node=0|zone=2) [ 13.838082] page_type: f5(slab) [ 13.838255] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.838564] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.839051] page dumped because: kasan: bad access detected [ 13.839283] [ 13.839411] Memory state around the buggy address: [ 13.839773] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.840188] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.840488] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.840820] ^ [ 13.841159] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.841467] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.842045] ================================================================== [ 14.451663] ================================================================== [ 14.451935] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 14.452412] Read of size 4 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 14.452981] [ 14.453076] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 14.453125] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.453138] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.453160] Call Trace: [ 14.453176] <TASK> [ 14.453192] dump_stack_lvl+0x73/0xb0 [ 14.453221] print_report+0xd1/0x650 [ 14.453247] ? __virt_addr_valid+0x1db/0x2d0 [ 14.453272] ? kasan_atomics_helper+0x4a1c/0x5450 [ 14.453296] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.453323] ? kasan_atomics_helper+0x4a1c/0x5450 [ 14.453348] kasan_report+0x141/0x180 [ 14.453373] ? kasan_atomics_helper+0x4a1c/0x5450 [ 14.453404] __asan_report_load4_noabort+0x18/0x20 [ 14.453427] kasan_atomics_helper+0x4a1c/0x5450 [ 14.453454] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.453479] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.453504] ? kasan_atomics+0x152/0x310 [ 14.453530] kasan_atomics+0x1dc/0x310 [ 14.453551] ? __pfx_kasan_atomics+0x10/0x10 [ 14.453575] ? __pfx_read_tsc+0x10/0x10 [ 14.453597] ? ktime_get_ts64+0x86/0x230 [ 14.453625] kunit_try_run_case+0x1a5/0x480 [ 14.453649] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.453671] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.453698] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.453726] ? __kthread_parkme+0x82/0x180 [ 14.453750] ? preempt_count_sub+0x50/0x80 [ 14.453778] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.453801] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.453828] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.453867] kthread+0x337/0x6f0 [ 14.453898] ? trace_preempt_on+0x20/0xc0 [ 14.453924] ? __pfx_kthread+0x10/0x10 [ 14.453944] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.453969] ? calculate_sigpending+0x7b/0xa0 [ 14.453993] ? __pfx_kthread+0x10/0x10 [ 14.454014] ret_from_fork+0x41/0x80 [ 14.454037] ? __pfx_kthread+0x10/0x10 [ 14.454058] ret_from_fork_asm+0x1a/0x30 [ 14.454090] </TASK> [ 14.454102] [ 14.461991] Allocated by task 285: [ 14.462128] kasan_save_stack+0x45/0x70 [ 14.462282] kasan_save_track+0x18/0x40 [ 14.462473] kasan_save_alloc_info+0x3b/0x50 [ 14.462692] __kasan_kmalloc+0xb7/0xc0 [ 14.462906] __kmalloc_cache_noprof+0x189/0x420 [ 14.463239] kasan_atomics+0x95/0x310 [ 14.463438] kunit_try_run_case+0x1a5/0x480 [ 14.463787] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.464262] kthread+0x337/0x6f0 [ 14.464419] ret_from_fork+0x41/0x80 [ 14.464636] ret_from_fork_asm+0x1a/0x30 [ 14.464781] [ 14.464858] The buggy address belongs to the object at ffff8881029e6b00 [ 14.464858] which belongs to the cache kmalloc-64 of size 64 [ 14.465436] The buggy address is located 0 bytes to the right of [ 14.465436] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 14.466015] [ 14.466114] The buggy address belongs to the physical page: [ 14.466544] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 14.466970] flags: 0x200000000000000(node=0|zone=2) [ 14.467197] page_type: f5(slab) [ 14.467371] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.468733] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.469280] page dumped because: kasan: bad access detected [ 14.469620] [ 14.469707] Memory state around the buggy address: [ 14.470097] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.470397] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.471025] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.471334] ^ [ 14.471727] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.472235] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.472505] ================================================================== [ 14.928640] ================================================================== [ 14.929050] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 14.929436] Write of size 8 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 14.930054] [ 14.930175] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 14.930223] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.930236] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.930267] Call Trace: [ 14.930282] <TASK> [ 14.930299] dump_stack_lvl+0x73/0xb0 [ 14.930325] print_report+0xd1/0x650 [ 14.930350] ? __virt_addr_valid+0x1db/0x2d0 [ 14.930374] ? kasan_atomics_helper+0x1b22/0x5450 [ 14.930398] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.930424] ? kasan_atomics_helper+0x1b22/0x5450 [ 14.930448] kasan_report+0x141/0x180 [ 14.930473] ? kasan_atomics_helper+0x1b22/0x5450 [ 14.930503] kasan_check_range+0x10c/0x1c0 [ 14.930525] __kasan_check_write+0x18/0x20 [ 14.930549] kasan_atomics_helper+0x1b22/0x5450 [ 14.930574] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.930600] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.930623] ? kasan_atomics+0x152/0x310 [ 14.930649] kasan_atomics+0x1dc/0x310 [ 14.930671] ? __pfx_kasan_atomics+0x10/0x10 [ 14.930695] ? __pfx_read_tsc+0x10/0x10 [ 14.930717] ? ktime_get_ts64+0x86/0x230 [ 14.930744] kunit_try_run_case+0x1a5/0x480 [ 14.930769] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.930791] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.930817] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.930844] ? __kthread_parkme+0x82/0x180 [ 14.930868] ? preempt_count_sub+0x50/0x80 [ 14.930906] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.930928] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.930955] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.930981] kthread+0x337/0x6f0 [ 14.931000] ? trace_preempt_on+0x20/0xc0 [ 14.931025] ? __pfx_kthread+0x10/0x10 [ 14.931045] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.931070] ? calculate_sigpending+0x7b/0xa0 [ 14.931094] ? __pfx_kthread+0x10/0x10 [ 14.931115] ret_from_fork+0x41/0x80 [ 14.931137] ? __pfx_kthread+0x10/0x10 [ 14.931157] ret_from_fork_asm+0x1a/0x30 [ 14.931190] </TASK> [ 14.931204] [ 14.941092] Allocated by task 285: [ 14.941289] kasan_save_stack+0x45/0x70 [ 14.941506] kasan_save_track+0x18/0x40 [ 14.941714] kasan_save_alloc_info+0x3b/0x50 [ 14.943259] __kasan_kmalloc+0xb7/0xc0 [ 14.943486] __kmalloc_cache_noprof+0x189/0x420 [ 14.944558] kasan_atomics+0x95/0x310 [ 14.945347] kunit_try_run_case+0x1a5/0x480 [ 14.945947] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.946810] kthread+0x337/0x6f0 [ 14.947567] ret_from_fork+0x41/0x80 [ 14.947725] ret_from_fork_asm+0x1a/0x30 [ 14.948018] [ 14.948140] The buggy address belongs to the object at ffff8881029e6b00 [ 14.948140] which belongs to the cache kmalloc-64 of size 64 [ 14.948635] The buggy address is located 0 bytes to the right of [ 14.948635] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 14.949217] [ 14.949320] The buggy address belongs to the physical page: [ 14.949497] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 14.949866] flags: 0x200000000000000(node=0|zone=2) [ 14.950526] page_type: f5(slab) [ 14.950677] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.951309] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.951961] page dumped because: kasan: bad access detected [ 14.952342] [ 14.952439] Memory state around the buggy address: [ 14.952868] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.953332] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.953636] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.954337] ^ [ 14.954860] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.955595] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.956207] ================================================================== [ 14.631739] ================================================================== [ 14.632210] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 14.632588] Read of size 8 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 14.632993] [ 14.633087] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 14.633135] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.633149] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.633171] Call Trace: [ 14.633186] <TASK> [ 14.633202] dump_stack_lvl+0x73/0xb0 [ 14.633229] print_report+0xd1/0x650 [ 14.633255] ? __virt_addr_valid+0x1db/0x2d0 [ 14.633279] ? kasan_atomics_helper+0x4eae/0x5450 [ 14.633304] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.633330] ? kasan_atomics_helper+0x4eae/0x5450 [ 14.633355] kasan_report+0x141/0x180 [ 14.633380] ? kasan_atomics_helper+0x4eae/0x5450 [ 14.633410] __asan_report_load8_noabort+0x18/0x20 [ 14.633434] kasan_atomics_helper+0x4eae/0x5450 [ 14.633460] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.633486] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.633521] ? kasan_atomics+0x152/0x310 [ 14.633547] kasan_atomics+0x1dc/0x310 [ 14.633569] ? __pfx_kasan_atomics+0x10/0x10 [ 14.633592] ? __pfx_read_tsc+0x10/0x10 [ 14.633614] ? ktime_get_ts64+0x86/0x230 [ 14.633642] kunit_try_run_case+0x1a5/0x480 [ 14.633667] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.633689] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.633715] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.633743] ? __kthread_parkme+0x82/0x180 [ 14.633766] ? preempt_count_sub+0x50/0x80 [ 14.633794] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.633817] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.633909] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.633941] kthread+0x337/0x6f0 [ 14.633961] ? trace_preempt_on+0x20/0xc0 [ 14.633987] ? __pfx_kthread+0x10/0x10 [ 14.634008] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.634033] ? calculate_sigpending+0x7b/0xa0 [ 14.634056] ? __pfx_kthread+0x10/0x10 [ 14.634078] ret_from_fork+0x41/0x80 [ 14.634101] ? __pfx_kthread+0x10/0x10 [ 14.634122] ret_from_fork_asm+0x1a/0x30 [ 14.634154] </TASK> [ 14.634168] [ 14.642457] Allocated by task 285: [ 14.642687] kasan_save_stack+0x45/0x70 [ 14.643128] kasan_save_track+0x18/0x40 [ 14.643304] kasan_save_alloc_info+0x3b/0x50 [ 14.643531] __kasan_kmalloc+0xb7/0xc0 [ 14.643727] __kmalloc_cache_noprof+0x189/0x420 [ 14.643900] kasan_atomics+0x95/0x310 [ 14.644036] kunit_try_run_case+0x1a5/0x480 [ 14.644248] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.644716] kthread+0x337/0x6f0 [ 14.645070] ret_from_fork+0x41/0x80 [ 14.645226] ret_from_fork_asm+0x1a/0x30 [ 14.645430] [ 14.645507] The buggy address belongs to the object at ffff8881029e6b00 [ 14.645507] which belongs to the cache kmalloc-64 of size 64 [ 14.646161] The buggy address is located 0 bytes to the right of [ 14.646161] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 14.646648] [ 14.646761] The buggy address belongs to the physical page: [ 14.646956] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 14.647324] flags: 0x200000000000000(node=0|zone=2) [ 14.647695] page_type: f5(slab) [ 14.648066] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.648402] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.648636] page dumped because: kasan: bad access detected [ 14.648813] [ 14.649035] Memory state around the buggy address: [ 14.649279] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.649609] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.649926] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.650263] ^ [ 14.650492] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.650769] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.651003] ================================================================== [ 14.844211] ================================================================== [ 14.844513] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 14.844766] Write of size 8 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 14.845097] [ 14.845316] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 14.845365] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.845379] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.845403] Call Trace: [ 14.845418] <TASK> [ 14.845435] dump_stack_lvl+0x73/0xb0 [ 14.845461] print_report+0xd1/0x650 [ 14.845486] ? __virt_addr_valid+0x1db/0x2d0 [ 14.845510] ? kasan_atomics_helper+0x18b1/0x5450 [ 14.845534] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.845559] ? kasan_atomics_helper+0x18b1/0x5450 [ 14.845584] kasan_report+0x141/0x180 [ 14.845608] ? kasan_atomics_helper+0x18b1/0x5450 [ 14.845638] kasan_check_range+0x10c/0x1c0 [ 14.845661] __kasan_check_write+0x18/0x20 [ 14.845683] kasan_atomics_helper+0x18b1/0x5450 [ 14.845708] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.845733] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.845757] ? kasan_atomics+0x152/0x310 [ 14.845782] kasan_atomics+0x1dc/0x310 [ 14.845804] ? __pfx_kasan_atomics+0x10/0x10 [ 14.845827] ? __pfx_read_tsc+0x10/0x10 [ 14.845849] ? ktime_get_ts64+0x86/0x230 [ 14.845888] kunit_try_run_case+0x1a5/0x480 [ 14.845913] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.845934] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.846000] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.846028] ? __kthread_parkme+0x82/0x180 [ 14.846053] ? preempt_count_sub+0x50/0x80 [ 14.846081] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.846106] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.846134] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.846160] kthread+0x337/0x6f0 [ 14.846180] ? trace_preempt_on+0x20/0xc0 [ 14.846206] ? __pfx_kthread+0x10/0x10 [ 14.846226] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.846251] ? calculate_sigpending+0x7b/0xa0 [ 14.846274] ? __pfx_kthread+0x10/0x10 [ 14.846295] ret_from_fork+0x41/0x80 [ 14.846318] ? __pfx_kthread+0x10/0x10 [ 14.846338] ret_from_fork_asm+0x1a/0x30 [ 14.846371] </TASK> [ 14.846383] [ 14.858384] Allocated by task 285: [ 14.858736] kasan_save_stack+0x45/0x70 [ 14.859178] kasan_save_track+0x18/0x40 [ 14.859592] kasan_save_alloc_info+0x3b/0x50 [ 14.860028] __kasan_kmalloc+0xb7/0xc0 [ 14.860409] __kmalloc_cache_noprof+0x189/0x420 [ 14.860701] kasan_atomics+0x95/0x310 [ 14.861087] kunit_try_run_case+0x1a5/0x480 [ 14.861779] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.862196] kthread+0x337/0x6f0 [ 14.862333] ret_from_fork+0x41/0x80 [ 14.862472] ret_from_fork_asm+0x1a/0x30 [ 14.862664] [ 14.862742] The buggy address belongs to the object at ffff8881029e6b00 [ 14.862742] which belongs to the cache kmalloc-64 of size 64 [ 14.863455] The buggy address is located 0 bytes to the right of [ 14.863455] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 14.864227] [ 14.864339] The buggy address belongs to the physical page: [ 14.864744] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 14.865026] flags: 0x200000000000000(node=0|zone=2) [ 14.865269] page_type: f5(slab) [ 14.865672] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.866114] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.866440] page dumped because: kasan: bad access detected [ 14.866684] [ 14.866786] Memory state around the buggy address: [ 14.867088] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.867376] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.867774] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.868079] ^ [ 14.868302] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.868687] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.869059] ================================================================== [ 13.948113] ================================================================== [ 13.948375] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 13.948771] Write of size 4 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 13.949153] [ 13.949271] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 13.949323] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.949336] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.949361] Call Trace: [ 13.949383] <TASK> [ 13.949405] dump_stack_lvl+0x73/0xb0 [ 13.949435] print_report+0xd1/0x650 [ 13.949460] ? __virt_addr_valid+0x1db/0x2d0 [ 13.949486] ? kasan_atomics_helper+0x565/0x5450 [ 13.949510] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.949705] ? kasan_atomics_helper+0x565/0x5450 [ 13.949732] kasan_report+0x141/0x180 [ 13.949759] ? kasan_atomics_helper+0x565/0x5450 [ 13.949797] kasan_check_range+0x10c/0x1c0 [ 13.949821] __kasan_check_write+0x18/0x20 [ 13.949930] kasan_atomics_helper+0x565/0x5450 [ 13.949964] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.949990] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.950016] ? kasan_atomics+0x152/0x310 [ 13.950042] kasan_atomics+0x1dc/0x310 [ 13.950065] ? __pfx_kasan_atomics+0x10/0x10 [ 13.950088] ? __pfx_read_tsc+0x10/0x10 [ 13.950111] ? ktime_get_ts64+0x86/0x230 [ 13.950139] kunit_try_run_case+0x1a5/0x480 [ 13.950165] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.950187] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.950215] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.950242] ? __kthread_parkme+0x82/0x180 [ 13.950266] ? preempt_count_sub+0x50/0x80 [ 13.950295] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.950319] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.950346] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.950372] kthread+0x337/0x6f0 [ 13.950393] ? trace_preempt_on+0x20/0xc0 [ 13.950418] ? __pfx_kthread+0x10/0x10 [ 13.950439] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.950464] ? calculate_sigpending+0x7b/0xa0 [ 13.950489] ? __pfx_kthread+0x10/0x10 [ 13.950510] ret_from_fork+0x41/0x80 [ 13.950533] ? __pfx_kthread+0x10/0x10 [ 13.950553] ret_from_fork_asm+0x1a/0x30 [ 13.950587] </TASK> [ 13.950600] [ 13.959199] Allocated by task 285: [ 13.959342] kasan_save_stack+0x45/0x70 [ 13.959502] kasan_save_track+0x18/0x40 [ 13.959799] kasan_save_alloc_info+0x3b/0x50 [ 13.960108] __kasan_kmalloc+0xb7/0xc0 [ 13.960317] __kmalloc_cache_noprof+0x189/0x420 [ 13.960582] kasan_atomics+0x95/0x310 [ 13.960785] kunit_try_run_case+0x1a5/0x480 [ 13.961044] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.961225] kthread+0x337/0x6f0 [ 13.961351] ret_from_fork+0x41/0x80 [ 13.961605] ret_from_fork_asm+0x1a/0x30 [ 13.962164] [ 13.962280] The buggy address belongs to the object at ffff8881029e6b00 [ 13.962280] which belongs to the cache kmalloc-64 of size 64 [ 13.962960] The buggy address is located 0 bytes to the right of [ 13.962960] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 13.963342] [ 13.963442] The buggy address belongs to the physical page: [ 13.963712] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 13.964105] flags: 0x200000000000000(node=0|zone=2) [ 13.964443] page_type: f5(slab) [ 13.964698] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.964957] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.965365] page dumped because: kasan: bad access detected [ 13.965968] [ 13.966076] Memory state around the buggy address: [ 13.966263] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.966578] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.966951] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.967248] ^ [ 13.967411] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.967703] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.968044] ================================================================== [ 14.563978] ================================================================== [ 14.564279] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 14.564728] Write of size 4 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 14.565186] [ 14.565281] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 14.565330] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.565344] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.565367] Call Trace: [ 14.565383] <TASK> [ 14.565398] dump_stack_lvl+0x73/0xb0 [ 14.565427] print_report+0xd1/0x650 [ 14.565452] ? __virt_addr_valid+0x1db/0x2d0 [ 14.565476] ? kasan_atomics_helper+0x12e6/0x5450 [ 14.565500] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.565535] ? kasan_atomics_helper+0x12e6/0x5450 [ 14.565561] kasan_report+0x141/0x180 [ 14.565586] ? kasan_atomics_helper+0x12e6/0x5450 [ 14.565615] kasan_check_range+0x10c/0x1c0 [ 14.565638] __kasan_check_write+0x18/0x20 [ 14.565661] kasan_atomics_helper+0x12e6/0x5450 [ 14.565687] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.565713] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.565739] ? kasan_atomics+0x152/0x310 [ 14.565765] kasan_atomics+0x1dc/0x310 [ 14.565789] ? __pfx_kasan_atomics+0x10/0x10 [ 14.565812] ? __pfx_read_tsc+0x10/0x10 [ 14.565834] ? ktime_get_ts64+0x86/0x230 [ 14.565862] kunit_try_run_case+0x1a5/0x480 [ 14.565903] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.565925] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.565952] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.565979] ? __kthread_parkme+0x82/0x180 [ 14.566002] ? preempt_count_sub+0x50/0x80 [ 14.566030] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.566053] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.566079] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.566106] kthread+0x337/0x6f0 [ 14.566126] ? trace_preempt_on+0x20/0xc0 [ 14.566151] ? __pfx_kthread+0x10/0x10 [ 14.566172] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.566197] ? calculate_sigpending+0x7b/0xa0 [ 14.566220] ? __pfx_kthread+0x10/0x10 [ 14.566241] ret_from_fork+0x41/0x80 [ 14.566264] ? __pfx_kthread+0x10/0x10 [ 14.566286] ret_from_fork_asm+0x1a/0x30 [ 14.566319] </TASK> [ 14.566332] [ 14.574328] Allocated by task 285: [ 14.574531] kasan_save_stack+0x45/0x70 [ 14.574747] kasan_save_track+0x18/0x40 [ 14.575008] kasan_save_alloc_info+0x3b/0x50 [ 14.575185] __kasan_kmalloc+0xb7/0xc0 [ 14.575392] __kmalloc_cache_noprof+0x189/0x420 [ 14.575665] kasan_atomics+0x95/0x310 [ 14.575815] kunit_try_run_case+0x1a5/0x480 [ 14.576122] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.576362] kthread+0x337/0x6f0 [ 14.576524] ret_from_fork+0x41/0x80 [ 14.576703] ret_from_fork_asm+0x1a/0x30 [ 14.577042] [ 14.577124] The buggy address belongs to the object at ffff8881029e6b00 [ 14.577124] which belongs to the cache kmalloc-64 of size 64 [ 14.577484] The buggy address is located 0 bytes to the right of [ 14.577484] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 14.577858] [ 14.577947] The buggy address belongs to the physical page: [ 14.578141] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 14.578389] flags: 0x200000000000000(node=0|zone=2) [ 14.578555] page_type: f5(slab) [ 14.578680] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.579246] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.580172] page dumped because: kasan: bad access detected [ 14.580655] [ 14.580828] Memory state around the buggy address: [ 14.581344] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.582126] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.582769] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.583555] ^ [ 14.584074] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.584715] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.585540] ================================================================== [ 14.975648] ================================================================== [ 14.976494] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 14.976944] Read of size 8 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 14.977260] [ 14.977349] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 14.977397] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.977412] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.977434] Call Trace: [ 14.977450] <TASK> [ 14.977466] dump_stack_lvl+0x73/0xb0 [ 14.977493] print_report+0xd1/0x650 [ 14.977529] ? __virt_addr_valid+0x1db/0x2d0 [ 14.977553] ? kasan_atomics_helper+0x4f30/0x5450 [ 14.977578] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.977604] ? kasan_atomics_helper+0x4f30/0x5450 [ 14.977630] kasan_report+0x141/0x180 [ 14.977655] ? kasan_atomics_helper+0x4f30/0x5450 [ 14.977685] __asan_report_load8_noabort+0x18/0x20 [ 14.977708] kasan_atomics_helper+0x4f30/0x5450 [ 14.977734] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.977759] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.977783] ? kasan_atomics+0x152/0x310 [ 14.977809] kasan_atomics+0x1dc/0x310 [ 14.977831] ? __pfx_kasan_atomics+0x10/0x10 [ 14.977855] ? __pfx_read_tsc+0x10/0x10 [ 14.977889] ? ktime_get_ts64+0x86/0x230 [ 14.977917] kunit_try_run_case+0x1a5/0x480 [ 14.977941] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.977963] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.977989] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.978016] ? __kthread_parkme+0x82/0x180 [ 14.978040] ? preempt_count_sub+0x50/0x80 [ 14.978066] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.978089] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.978115] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.978141] kthread+0x337/0x6f0 [ 14.978160] ? trace_preempt_on+0x20/0xc0 [ 14.978186] ? __pfx_kthread+0x10/0x10 [ 14.978207] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.978231] ? calculate_sigpending+0x7b/0xa0 [ 14.978255] ? __pfx_kthread+0x10/0x10 [ 14.978277] ret_from_fork+0x41/0x80 [ 14.978299] ? __pfx_kthread+0x10/0x10 [ 14.978320] ret_from_fork_asm+0x1a/0x30 [ 14.978352] </TASK> [ 14.978364] [ 14.986038] Allocated by task 285: [ 14.986170] kasan_save_stack+0x45/0x70 [ 14.986361] kasan_save_track+0x18/0x40 [ 14.986607] kasan_save_alloc_info+0x3b/0x50 [ 14.986824] __kasan_kmalloc+0xb7/0xc0 [ 14.987040] __kmalloc_cache_noprof+0x189/0x420 [ 14.987280] kasan_atomics+0x95/0x310 [ 14.987486] kunit_try_run_case+0x1a5/0x480 [ 14.987711] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.987931] kthread+0x337/0x6f0 [ 14.988057] ret_from_fork+0x41/0x80 [ 14.988241] ret_from_fork_asm+0x1a/0x30 [ 14.988446] [ 14.988556] The buggy address belongs to the object at ffff8881029e6b00 [ 14.988556] which belongs to the cache kmalloc-64 of size 64 [ 14.989029] The buggy address is located 0 bytes to the right of [ 14.989029] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 14.989582] [ 14.989670] The buggy address belongs to the physical page: [ 14.989903] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 14.990198] flags: 0x200000000000000(node=0|zone=2) [ 14.990365] page_type: f5(slab) [ 14.990491] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.990729] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.991063] page dumped because: kasan: bad access detected [ 14.991580] [ 14.991678] Memory state around the buggy address: [ 14.991915] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.992236] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.992457] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.993096] ^ [ 14.993258] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.993482] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.993817] ================================================================== [ 13.917247] ================================================================== [ 13.918045] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 13.918389] Write of size 4 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 13.919345] [ 13.919628] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 13.919689] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.919822] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.919847] Call Trace: [ 13.919864] <TASK> [ 13.919971] dump_stack_lvl+0x73/0xb0 [ 13.920007] print_report+0xd1/0x650 [ 13.920034] ? __virt_addr_valid+0x1db/0x2d0 [ 13.920057] ? kasan_atomics_helper+0x4b3a/0x5450 [ 13.920085] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.920111] ? kasan_atomics_helper+0x4b3a/0x5450 [ 13.920175] kasan_report+0x141/0x180 [ 13.920202] ? kasan_atomics_helper+0x4b3a/0x5450 [ 13.920231] __asan_report_store4_noabort+0x1b/0x30 [ 13.920256] kasan_atomics_helper+0x4b3a/0x5450 [ 13.920282] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.920307] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.920332] ? kasan_atomics+0x152/0x310 [ 13.920358] kasan_atomics+0x1dc/0x310 [ 13.920381] ? __pfx_kasan_atomics+0x10/0x10 [ 13.920405] ? __pfx_read_tsc+0x10/0x10 [ 13.920426] ? ktime_get_ts64+0x86/0x230 [ 13.920456] kunit_try_run_case+0x1a5/0x480 [ 13.920483] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.920505] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.920532] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.920559] ? __kthread_parkme+0x82/0x180 [ 13.920584] ? preempt_count_sub+0x50/0x80 [ 13.920612] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.920635] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.920661] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.920688] kthread+0x337/0x6f0 [ 13.920707] ? trace_preempt_on+0x20/0xc0 [ 13.920733] ? __pfx_kthread+0x10/0x10 [ 13.920754] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.920780] ? calculate_sigpending+0x7b/0xa0 [ 13.920804] ? __pfx_kthread+0x10/0x10 [ 13.920825] ret_from_fork+0x41/0x80 [ 13.920947] ? __pfx_kthread+0x10/0x10 [ 13.920970] ret_from_fork_asm+0x1a/0x30 [ 13.921003] </TASK> [ 13.921017] [ 13.933383] Allocated by task 285: [ 13.933794] kasan_save_stack+0x45/0x70 [ 13.934234] kasan_save_track+0x18/0x40 [ 13.934437] kasan_save_alloc_info+0x3b/0x50 [ 13.935005] __kasan_kmalloc+0xb7/0xc0 [ 13.935495] __kmalloc_cache_noprof+0x189/0x420 [ 13.936059] kasan_atomics+0x95/0x310 [ 13.936268] kunit_try_run_case+0x1a5/0x480 [ 13.936467] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.937222] kthread+0x337/0x6f0 [ 13.937447] ret_from_fork+0x41/0x80 [ 13.937773] ret_from_fork_asm+0x1a/0x30 [ 13.938204] [ 13.938308] The buggy address belongs to the object at ffff8881029e6b00 [ 13.938308] which belongs to the cache kmalloc-64 of size 64 [ 13.939446] The buggy address is located 0 bytes to the right of [ 13.939446] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 13.940308] [ 13.940417] The buggy address belongs to the physical page: [ 13.940851] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 13.941457] flags: 0x200000000000000(node=0|zone=2) [ 13.941824] page_type: f5(slab) [ 13.942075] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.942400] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.943166] page dumped because: kasan: bad access detected [ 13.943860] [ 13.944092] Memory state around the buggy address: [ 13.944324] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.945092] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.945587] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.946004] ^ [ 13.946234] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.946770] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.947558] ================================================================== [ 15.152325] ================================================================== [ 15.152707] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 15.153128] Read of size 8 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 15.153461] [ 15.153649] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 15.153698] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.153712] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.153735] Call Trace: [ 15.153751] <TASK> [ 15.153799] dump_stack_lvl+0x73/0xb0 [ 15.153827] print_report+0xd1/0x650 [ 15.153852] ? __virt_addr_valid+0x1db/0x2d0 [ 15.153888] ? kasan_atomics_helper+0x4f98/0x5450 [ 15.153948] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.153975] ? kasan_atomics_helper+0x4f98/0x5450 [ 15.154000] kasan_report+0x141/0x180 [ 15.154025] ? kasan_atomics_helper+0x4f98/0x5450 [ 15.154055] __asan_report_load8_noabort+0x18/0x20 [ 15.154107] kasan_atomics_helper+0x4f98/0x5450 [ 15.154133] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.154159] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.154183] ? kasan_atomics+0x152/0x310 [ 15.154235] kasan_atomics+0x1dc/0x310 [ 15.154258] ? __pfx_kasan_atomics+0x10/0x10 [ 15.154281] ? __pfx_read_tsc+0x10/0x10 [ 15.154304] ? ktime_get_ts64+0x86/0x230 [ 15.154331] kunit_try_run_case+0x1a5/0x480 [ 15.154356] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.154378] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.154404] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.154431] ? __kthread_parkme+0x82/0x180 [ 15.154454] ? preempt_count_sub+0x50/0x80 [ 15.154482] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.154505] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.154560] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.154587] kthread+0x337/0x6f0 [ 15.154606] ? trace_preempt_on+0x20/0xc0 [ 15.154632] ? __pfx_kthread+0x10/0x10 [ 15.154652] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.154677] ? calculate_sigpending+0x7b/0xa0 [ 15.154700] ? __pfx_kthread+0x10/0x10 [ 15.154721] ret_from_fork+0x41/0x80 [ 15.154745] ? __pfx_kthread+0x10/0x10 [ 15.154765] ret_from_fork_asm+0x1a/0x30 [ 15.154798] </TASK> [ 15.154811] [ 15.163055] Allocated by task 285: [ 15.163251] kasan_save_stack+0x45/0x70 [ 15.163488] kasan_save_track+0x18/0x40 [ 15.163714] kasan_save_alloc_info+0x3b/0x50 [ 15.163957] __kasan_kmalloc+0xb7/0xc0 [ 15.164164] __kmalloc_cache_noprof+0x189/0x420 [ 15.164396] kasan_atomics+0x95/0x310 [ 15.164618] kunit_try_run_case+0x1a5/0x480 [ 15.164855] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.165139] kthread+0x337/0x6f0 [ 15.165270] ret_from_fork+0x41/0x80 [ 15.165448] ret_from_fork_asm+0x1a/0x30 [ 15.165769] [ 15.165867] The buggy address belongs to the object at ffff8881029e6b00 [ 15.165867] which belongs to the cache kmalloc-64 of size 64 [ 15.166726] The buggy address is located 0 bytes to the right of [ 15.166726] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 15.167288] [ 15.167387] The buggy address belongs to the physical page: [ 15.167630] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 15.167868] flags: 0x200000000000000(node=0|zone=2) [ 15.168041] page_type: f5(slab) [ 15.168164] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.168641] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.169046] page dumped because: kasan: bad access detected [ 15.169339] [ 15.169442] Memory state around the buggy address: [ 15.169914] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.170279] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.170617] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.170905] ^ [ 15.171060] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.171410] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.172030] ================================================================== [ 14.957615] ================================================================== [ 14.957883] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 14.958336] Write of size 8 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 14.958760] [ 14.959100] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 14.959154] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.959168] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.959192] Call Trace: [ 14.959206] <TASK> [ 14.959222] dump_stack_lvl+0x73/0xb0 [ 14.959252] print_report+0xd1/0x650 [ 14.959278] ? __virt_addr_valid+0x1db/0x2d0 [ 14.959304] ? kasan_atomics_helper+0x1c18/0x5450 [ 14.959330] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.959355] ? kasan_atomics_helper+0x1c18/0x5450 [ 14.959381] kasan_report+0x141/0x180 [ 14.959406] ? kasan_atomics_helper+0x1c18/0x5450 [ 14.959436] kasan_check_range+0x10c/0x1c0 [ 14.959459] __kasan_check_write+0x18/0x20 [ 14.959481] kasan_atomics_helper+0x1c18/0x5450 [ 14.959507] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.959532] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.959558] ? kasan_atomics+0x152/0x310 [ 14.959588] kasan_atomics+0x1dc/0x310 [ 14.959610] ? __pfx_kasan_atomics+0x10/0x10 [ 14.959633] ? __pfx_read_tsc+0x10/0x10 [ 14.959655] ? ktime_get_ts64+0x86/0x230 [ 14.959683] kunit_try_run_case+0x1a5/0x480 [ 14.959708] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.959730] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.959756] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.959783] ? __kthread_parkme+0x82/0x180 [ 14.959807] ? preempt_count_sub+0x50/0x80 [ 14.959835] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.959858] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.959895] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.959922] kthread+0x337/0x6f0 [ 14.959941] ? trace_preempt_on+0x20/0xc0 [ 14.959967] ? __pfx_kthread+0x10/0x10 [ 14.959987] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.960012] ? calculate_sigpending+0x7b/0xa0 [ 14.960036] ? __pfx_kthread+0x10/0x10 [ 14.960056] ret_from_fork+0x41/0x80 [ 14.960079] ? __pfx_kthread+0x10/0x10 [ 14.960100] ret_from_fork_asm+0x1a/0x30 [ 14.960132] </TASK> [ 14.960146] [ 14.967610] Allocated by task 285: [ 14.967796] kasan_save_stack+0x45/0x70 [ 14.968020] kasan_save_track+0x18/0x40 [ 14.968187] kasan_save_alloc_info+0x3b/0x50 [ 14.968400] __kasan_kmalloc+0xb7/0xc0 [ 14.968623] __kmalloc_cache_noprof+0x189/0x420 [ 14.968819] kasan_atomics+0x95/0x310 [ 14.969000] kunit_try_run_case+0x1a5/0x480 [ 14.969152] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.969373] kthread+0x337/0x6f0 [ 14.969578] ret_from_fork+0x41/0x80 [ 14.969778] ret_from_fork_asm+0x1a/0x30 [ 14.969999] [ 14.970102] The buggy address belongs to the object at ffff8881029e6b00 [ 14.970102] which belongs to the cache kmalloc-64 of size 64 [ 14.970613] The buggy address is located 0 bytes to the right of [ 14.970613] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 14.971105] [ 14.971208] The buggy address belongs to the physical page: [ 14.971424] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 14.971770] flags: 0x200000000000000(node=0|zone=2) [ 14.972030] page_type: f5(slab) [ 14.972208] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.972530] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.972854] page dumped because: kasan: bad access detected [ 14.973090] [ 14.973185] Memory state around the buggy address: [ 14.973381] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.973648] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.973869] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.974098] ^ [ 14.974285] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.974732] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.975064] ================================================================== [ 15.246733] ================================================================== [ 15.246999] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 15.247819] Read of size 8 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 15.248283] [ 15.248475] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 15.248589] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.248608] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.248633] Call Trace: [ 15.248654] <TASK> [ 15.248675] dump_stack_lvl+0x73/0xb0 [ 15.248707] print_report+0xd1/0x650 [ 15.248735] ? __virt_addr_valid+0x1db/0x2d0 [ 15.248759] ? kasan_atomics_helper+0x4fa5/0x5450 [ 15.248783] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.248809] ? kasan_atomics_helper+0x4fa5/0x5450 [ 15.248833] kasan_report+0x141/0x180 [ 15.248859] ? kasan_atomics_helper+0x4fa5/0x5450 [ 15.248901] __asan_report_load8_noabort+0x18/0x20 [ 15.248925] kasan_atomics_helper+0x4fa5/0x5450 [ 15.248951] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.248976] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.249001] ? kasan_atomics+0x152/0x310 [ 15.249027] kasan_atomics+0x1dc/0x310 [ 15.249049] ? __pfx_kasan_atomics+0x10/0x10 [ 15.249073] ? __pfx_read_tsc+0x10/0x10 [ 15.249094] ? ktime_get_ts64+0x86/0x230 [ 15.249123] kunit_try_run_case+0x1a5/0x480 [ 15.249149] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.249171] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.249198] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.249225] ? __kthread_parkme+0x82/0x180 [ 15.249250] ? preempt_count_sub+0x50/0x80 [ 15.249278] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.249302] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.249328] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.249355] kthread+0x337/0x6f0 [ 15.249373] ? trace_preempt_on+0x20/0xc0 [ 15.249400] ? __pfx_kthread+0x10/0x10 [ 15.249420] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.249446] ? calculate_sigpending+0x7b/0xa0 [ 15.249470] ? __pfx_kthread+0x10/0x10 [ 15.249492] ret_from_fork+0x41/0x80 [ 15.249514] ? __pfx_kthread+0x10/0x10 [ 15.249535] ret_from_fork_asm+0x1a/0x30 [ 15.249568] </TASK> [ 15.249582] [ 15.260461] Allocated by task 285: [ 15.260694] kasan_save_stack+0x45/0x70 [ 15.261037] kasan_save_track+0x18/0x40 [ 15.261334] kasan_save_alloc_info+0x3b/0x50 [ 15.261677] __kasan_kmalloc+0xb7/0xc0 [ 15.261979] __kmalloc_cache_noprof+0x189/0x420 [ 15.262295] kasan_atomics+0x95/0x310 [ 15.262582] kunit_try_run_case+0x1a5/0x480 [ 15.262902] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.263176] kthread+0x337/0x6f0 [ 15.263335] ret_from_fork+0x41/0x80 [ 15.263480] ret_from_fork_asm+0x1a/0x30 [ 15.263950] [ 15.264035] The buggy address belongs to the object at ffff8881029e6b00 [ 15.264035] which belongs to the cache kmalloc-64 of size 64 [ 15.264959] The buggy address is located 0 bytes to the right of [ 15.264959] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 15.265656] [ 15.265952] The buggy address belongs to the physical page: [ 15.266218] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 15.266667] flags: 0x200000000000000(node=0|zone=2) [ 15.267050] page_type: f5(slab) [ 15.267321] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.267863] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.268303] page dumped because: kasan: bad access detected [ 15.268704] [ 15.268919] Memory state around the buggy address: [ 15.269254] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.269560] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.269899] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.270163] ^ [ 15.270340] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.270700] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.271074] ================================================================== [ 14.519969] ================================================================== [ 14.520321] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 14.520834] Write of size 4 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 14.521266] [ 14.521362] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 14.521410] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.521425] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.521447] Call Trace: [ 14.521462] <TASK> [ 14.521479] dump_stack_lvl+0x73/0xb0 [ 14.521507] print_report+0xd1/0x650 [ 14.521533] ? __virt_addr_valid+0x1db/0x2d0 [ 14.521557] ? kasan_atomics_helper+0x1217/0x5450 [ 14.521582] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.521607] ? kasan_atomics_helper+0x1217/0x5450 [ 14.521633] kasan_report+0x141/0x180 [ 14.521658] ? kasan_atomics_helper+0x1217/0x5450 [ 14.521687] kasan_check_range+0x10c/0x1c0 [ 14.521710] __kasan_check_write+0x18/0x20 [ 14.521733] kasan_atomics_helper+0x1217/0x5450 [ 14.521759] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.521784] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.521809] ? kasan_atomics+0x152/0x310 [ 14.521907] kasan_atomics+0x1dc/0x310 [ 14.521936] ? __pfx_kasan_atomics+0x10/0x10 [ 14.521961] ? __pfx_read_tsc+0x10/0x10 [ 14.521984] ? ktime_get_ts64+0x86/0x230 [ 14.522012] kunit_try_run_case+0x1a5/0x480 [ 14.522036] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.522059] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.522085] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.522112] ? __kthread_parkme+0x82/0x180 [ 14.522136] ? preempt_count_sub+0x50/0x80 [ 14.522163] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.522187] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.522214] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.522241] kthread+0x337/0x6f0 [ 14.522260] ? trace_preempt_on+0x20/0xc0 [ 14.522285] ? __pfx_kthread+0x10/0x10 [ 14.522306] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.522331] ? calculate_sigpending+0x7b/0xa0 [ 14.522355] ? __pfx_kthread+0x10/0x10 [ 14.522377] ret_from_fork+0x41/0x80 [ 14.522399] ? __pfx_kthread+0x10/0x10 [ 14.522420] ret_from_fork_asm+0x1a/0x30 [ 14.522453] </TASK> [ 14.522465] [ 14.532024] Allocated by task 285: [ 14.532231] kasan_save_stack+0x45/0x70 [ 14.533035] kasan_save_track+0x18/0x40 [ 14.533313] kasan_save_alloc_info+0x3b/0x50 [ 14.533494] __kasan_kmalloc+0xb7/0xc0 [ 14.533737] __kmalloc_cache_noprof+0x189/0x420 [ 14.534165] kasan_atomics+0x95/0x310 [ 14.534370] kunit_try_run_case+0x1a5/0x480 [ 14.534992] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.535255] kthread+0x337/0x6f0 [ 14.535413] ret_from_fork+0x41/0x80 [ 14.535642] ret_from_fork_asm+0x1a/0x30 [ 14.535828] [ 14.536044] The buggy address belongs to the object at ffff8881029e6b00 [ 14.536044] which belongs to the cache kmalloc-64 of size 64 [ 14.536622] The buggy address is located 0 bytes to the right of [ 14.536622] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 14.537086] [ 14.537373] The buggy address belongs to the physical page: [ 14.537925] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 14.538266] flags: 0x200000000000000(node=0|zone=2) [ 14.538508] page_type: f5(slab) [ 14.538657] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.539151] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.539496] page dumped because: kasan: bad access detected [ 14.539773] [ 14.539848] Memory state around the buggy address: [ 14.540228] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.540540] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.540823] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.541341] ^ [ 14.541562] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.542078] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.542402] ================================================================== [ 14.299258] ================================================================== [ 14.299998] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 14.300489] Write of size 4 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 14.301173] [ 14.301274] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 14.301324] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.301339] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.301362] Call Trace: [ 14.301379] <TASK> [ 14.301396] dump_stack_lvl+0x73/0xb0 [ 14.301425] print_report+0xd1/0x650 [ 14.301452] ? __virt_addr_valid+0x1db/0x2d0 [ 14.301477] ? kasan_atomics_helper+0xde0/0x5450 [ 14.301501] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.301528] ? kasan_atomics_helper+0xde0/0x5450 [ 14.301553] kasan_report+0x141/0x180 [ 14.301580] ? kasan_atomics_helper+0xde0/0x5450 [ 14.301609] kasan_check_range+0x10c/0x1c0 [ 14.301633] __kasan_check_write+0x18/0x20 [ 14.301656] kasan_atomics_helper+0xde0/0x5450 [ 14.301681] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.301707] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.301731] ? kasan_atomics+0x152/0x310 [ 14.301757] kasan_atomics+0x1dc/0x310 [ 14.301779] ? __pfx_kasan_atomics+0x10/0x10 [ 14.301803] ? __pfx_read_tsc+0x10/0x10 [ 14.301825] ? ktime_get_ts64+0x86/0x230 [ 14.301864] kunit_try_run_case+0x1a5/0x480 [ 14.301904] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.301926] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.302007] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.302053] ? __kthread_parkme+0x82/0x180 [ 14.302080] ? preempt_count_sub+0x50/0x80 [ 14.302118] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.302142] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.302168] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.302195] kthread+0x337/0x6f0 [ 14.302214] ? trace_preempt_on+0x20/0xc0 [ 14.302240] ? __pfx_kthread+0x10/0x10 [ 14.302261] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.302285] ? calculate_sigpending+0x7b/0xa0 [ 14.302309] ? __pfx_kthread+0x10/0x10 [ 14.302330] ret_from_fork+0x41/0x80 [ 14.302353] ? __pfx_kthread+0x10/0x10 [ 14.302374] ret_from_fork_asm+0x1a/0x30 [ 14.302407] </TASK> [ 14.302419] [ 14.317349] Allocated by task 285: [ 14.317489] kasan_save_stack+0x45/0x70 [ 14.317643] kasan_save_track+0x18/0x40 [ 14.317786] kasan_save_alloc_info+0x3b/0x50 [ 14.318110] __kasan_kmalloc+0xb7/0xc0 [ 14.319208] __kmalloc_cache_noprof+0x189/0x420 [ 14.319382] kasan_atomics+0x95/0x310 [ 14.319530] kunit_try_run_case+0x1a5/0x480 [ 14.320092] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.320596] kthread+0x337/0x6f0 [ 14.320980] ret_from_fork+0x41/0x80 [ 14.321327] ret_from_fork_asm+0x1a/0x30 [ 14.321763] [ 14.322026] The buggy address belongs to the object at ffff8881029e6b00 [ 14.322026] which belongs to the cache kmalloc-64 of size 64 [ 14.322500] The buggy address is located 0 bytes to the right of [ 14.322500] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 14.322986] [ 14.323153] The buggy address belongs to the physical page: [ 14.323637] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 14.324578] flags: 0x200000000000000(node=0|zone=2) [ 14.325120] page_type: f5(slab) [ 14.325483] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.326315] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.327076] page dumped because: kasan: bad access detected [ 14.327376] [ 14.327454] Memory state around the buggy address: [ 14.327725] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.328600] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.329363] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.329842] ^ [ 14.330061] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.330749] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.331482] ================================================================== [ 14.755249] ================================================================== [ 14.755524] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 14.755764] Write of size 8 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 14.756290] [ 14.757061] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 14.757116] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.757131] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.757154] Call Trace: [ 14.757171] <TASK> [ 14.757189] dump_stack_lvl+0x73/0xb0 [ 14.757218] print_report+0xd1/0x650 [ 14.757243] ? __virt_addr_valid+0x1db/0x2d0 [ 14.757267] ? kasan_atomics_helper+0x164f/0x5450 [ 14.757293] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.757319] ? kasan_atomics_helper+0x164f/0x5450 [ 14.757344] kasan_report+0x141/0x180 [ 14.757369] ? kasan_atomics_helper+0x164f/0x5450 [ 14.757399] kasan_check_range+0x10c/0x1c0 [ 14.757422] __kasan_check_write+0x18/0x20 [ 14.757445] kasan_atomics_helper+0x164f/0x5450 [ 14.757471] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.757496] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.757535] ? kasan_atomics+0x152/0x310 [ 14.757561] kasan_atomics+0x1dc/0x310 [ 14.757583] ? __pfx_kasan_atomics+0x10/0x10 [ 14.757607] ? __pfx_read_tsc+0x10/0x10 [ 14.757629] ? ktime_get_ts64+0x86/0x230 [ 14.757657] kunit_try_run_case+0x1a5/0x480 [ 14.757681] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.757704] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.757730] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.757757] ? __kthread_parkme+0x82/0x180 [ 14.757781] ? preempt_count_sub+0x50/0x80 [ 14.757809] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.757832] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.758102] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.758130] kthread+0x337/0x6f0 [ 14.758151] ? trace_preempt_on+0x20/0xc0 [ 14.758178] ? __pfx_kthread+0x10/0x10 [ 14.758199] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.758224] ? calculate_sigpending+0x7b/0xa0 [ 14.758248] ? __pfx_kthread+0x10/0x10 [ 14.758523] ret_from_fork+0x41/0x80 [ 14.758549] ? __pfx_kthread+0x10/0x10 [ 14.758570] ret_from_fork_asm+0x1a/0x30 [ 14.758603] </TASK> [ 14.758616] [ 14.769299] Allocated by task 285: [ 14.769439] kasan_save_stack+0x45/0x70 [ 14.769724] kasan_save_track+0x18/0x40 [ 14.770169] kasan_save_alloc_info+0x3b/0x50 [ 14.770533] __kasan_kmalloc+0xb7/0xc0 [ 14.770816] __kmalloc_cache_noprof+0x189/0x420 [ 14.771076] kasan_atomics+0x95/0x310 [ 14.771245] kunit_try_run_case+0x1a5/0x480 [ 14.771462] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.771962] kthread+0x337/0x6f0 [ 14.772134] ret_from_fork+0x41/0x80 [ 14.772397] ret_from_fork_asm+0x1a/0x30 [ 14.772734] [ 14.772830] The buggy address belongs to the object at ffff8881029e6b00 [ 14.772830] which belongs to the cache kmalloc-64 of size 64 [ 14.773499] The buggy address is located 0 bytes to the right of [ 14.773499] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 14.774221] [ 14.774322] The buggy address belongs to the physical page: [ 14.774676] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 14.775173] flags: 0x200000000000000(node=0|zone=2) [ 14.775355] page_type: f5(slab) [ 14.775537] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.776116] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.776424] page dumped because: kasan: bad access detected [ 14.776891] [ 14.777064] Memory state around the buggy address: [ 14.777313] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.777693] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.778259] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.778666] ^ [ 14.778833] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.779317] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.779691] ================================================================== [ 14.408697] ================================================================== [ 14.409091] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 14.409370] Read of size 4 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 14.409829] [ 14.409953] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 14.410002] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.410015] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.410039] Call Trace: [ 14.410054] <TASK> [ 14.410069] dump_stack_lvl+0x73/0xb0 [ 14.410096] print_report+0xd1/0x650 [ 14.410121] ? __virt_addr_valid+0x1db/0x2d0 [ 14.410145] ? kasan_atomics_helper+0x4a36/0x5450 [ 14.410170] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.410195] ? kasan_atomics_helper+0x4a36/0x5450 [ 14.410221] kasan_report+0x141/0x180 [ 14.410246] ? kasan_atomics_helper+0x4a36/0x5450 [ 14.410276] __asan_report_load4_noabort+0x18/0x20 [ 14.410300] kasan_atomics_helper+0x4a36/0x5450 [ 14.410326] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.410351] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.410375] ? kasan_atomics+0x152/0x310 [ 14.410402] kasan_atomics+0x1dc/0x310 [ 14.410424] ? __pfx_kasan_atomics+0x10/0x10 [ 14.410447] ? __pfx_read_tsc+0x10/0x10 [ 14.410470] ? ktime_get_ts64+0x86/0x230 [ 14.410498] kunit_try_run_case+0x1a5/0x480 [ 14.410715] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.410746] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.410773] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.410800] ? __kthread_parkme+0x82/0x180 [ 14.410824] ? preempt_count_sub+0x50/0x80 [ 14.410852] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.410890] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.410916] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.410944] kthread+0x337/0x6f0 [ 14.410964] ? trace_preempt_on+0x20/0xc0 [ 14.410989] ? __pfx_kthread+0x10/0x10 [ 14.411010] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.411035] ? calculate_sigpending+0x7b/0xa0 [ 14.411062] ? __pfx_kthread+0x10/0x10 [ 14.411084] ret_from_fork+0x41/0x80 [ 14.411107] ? __pfx_kthread+0x10/0x10 [ 14.411128] ret_from_fork_asm+0x1a/0x30 [ 14.411214] </TASK> [ 14.411228] [ 14.421089] Allocated by task 285: [ 14.421243] kasan_save_stack+0x45/0x70 [ 14.421403] kasan_save_track+0x18/0x40 [ 14.421564] kasan_save_alloc_info+0x3b/0x50 [ 14.421720] __kasan_kmalloc+0xb7/0xc0 [ 14.421946] __kmalloc_cache_noprof+0x189/0x420 [ 14.422250] kasan_atomics+0x95/0x310 [ 14.422432] kunit_try_run_case+0x1a5/0x480 [ 14.422607] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.422791] kthread+0x337/0x6f0 [ 14.422981] ret_from_fork+0x41/0x80 [ 14.423173] ret_from_fork_asm+0x1a/0x30 [ 14.423377] [ 14.423479] The buggy address belongs to the object at ffff8881029e6b00 [ 14.423479] which belongs to the cache kmalloc-64 of size 64 [ 14.424062] The buggy address is located 0 bytes to the right of [ 14.424062] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 14.425376] [ 14.425477] The buggy address belongs to the physical page: [ 14.425685] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 14.426017] flags: 0x200000000000000(node=0|zone=2) [ 14.426264] page_type: f5(slab) [ 14.426441] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.427188] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.427429] page dumped because: kasan: bad access detected [ 14.427609] [ 14.427684] Memory state around the buggy address: [ 14.428355] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.429081] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.429314] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.429914] ^ [ 14.430123] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.430415] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.430820] ================================================================== [ 14.586422] ================================================================== [ 14.587157] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 14.588030] Read of size 4 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 14.588849] [ 14.589102] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 14.589153] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.589167] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.589190] Call Trace: [ 14.589206] <TASK> [ 14.589223] dump_stack_lvl+0x73/0xb0 [ 14.589251] print_report+0xd1/0x650 [ 14.589277] ? __virt_addr_valid+0x1db/0x2d0 [ 14.589300] ? kasan_atomics_helper+0x49ce/0x5450 [ 14.589325] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.589351] ? kasan_atomics_helper+0x49ce/0x5450 [ 14.589375] kasan_report+0x141/0x180 [ 14.589402] ? kasan_atomics_helper+0x49ce/0x5450 [ 14.589431] __asan_report_load4_noabort+0x18/0x20 [ 14.589455] kasan_atomics_helper+0x49ce/0x5450 [ 14.589481] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.589507] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.589531] ? kasan_atomics+0x152/0x310 [ 14.589559] kasan_atomics+0x1dc/0x310 [ 14.589582] ? __pfx_kasan_atomics+0x10/0x10 [ 14.589606] ? __pfx_read_tsc+0x10/0x10 [ 14.589628] ? ktime_get_ts64+0x86/0x230 [ 14.589656] kunit_try_run_case+0x1a5/0x480 [ 14.589680] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.589702] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.589728] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.589755] ? __kthread_parkme+0x82/0x180 [ 14.589779] ? preempt_count_sub+0x50/0x80 [ 14.589807] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.589830] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.589947] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.589975] kthread+0x337/0x6f0 [ 14.589995] ? trace_preempt_on+0x20/0xc0 [ 14.590022] ? __pfx_kthread+0x10/0x10 [ 14.590042] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.590067] ? calculate_sigpending+0x7b/0xa0 [ 14.590091] ? __pfx_kthread+0x10/0x10 [ 14.590113] ret_from_fork+0x41/0x80 [ 14.590136] ? __pfx_kthread+0x10/0x10 [ 14.590157] ret_from_fork_asm+0x1a/0x30 [ 14.590190] </TASK> [ 14.590202] [ 14.603153] Allocated by task 285: [ 14.603342] kasan_save_stack+0x45/0x70 [ 14.603497] kasan_save_track+0x18/0x40 [ 14.603699] kasan_save_alloc_info+0x3b/0x50 [ 14.604091] __kasan_kmalloc+0xb7/0xc0 [ 14.604293] __kmalloc_cache_noprof+0x189/0x420 [ 14.604491] kasan_atomics+0x95/0x310 [ 14.604690] kunit_try_run_case+0x1a5/0x480 [ 14.604986] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.605188] kthread+0x337/0x6f0 [ 14.605363] ret_from_fork+0x41/0x80 [ 14.605593] ret_from_fork_asm+0x1a/0x30 [ 14.605775] [ 14.605856] The buggy address belongs to the object at ffff8881029e6b00 [ 14.605856] which belongs to the cache kmalloc-64 of size 64 [ 14.606375] The buggy address is located 0 bytes to the right of [ 14.606375] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 14.606911] [ 14.607064] The buggy address belongs to the physical page: [ 14.607552] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 14.607946] flags: 0x200000000000000(node=0|zone=2) [ 14.608156] page_type: f5(slab) [ 14.608317] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.608661] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.608971] page dumped because: kasan: bad access detected [ 14.609192] [ 14.609291] Memory state around the buggy address: [ 14.609542] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.609826] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.610111] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.610410] ^ [ 14.610640] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.610861] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.611122] ================================================================== [ 14.224741] ================================================================== [ 14.226034] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 14.227357] Read of size 4 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 14.228472] [ 14.228977] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 14.229064] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.229082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.229107] Call Trace: [ 14.229123] <TASK> [ 14.229141] dump_stack_lvl+0x73/0xb0 [ 14.229172] print_report+0xd1/0x650 [ 14.229199] ? __virt_addr_valid+0x1db/0x2d0 [ 14.229231] ? kasan_atomics_helper+0x4a84/0x5450 [ 14.229255] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.229281] ? kasan_atomics_helper+0x4a84/0x5450 [ 14.229305] kasan_report+0x141/0x180 [ 14.229330] ? kasan_atomics_helper+0x4a84/0x5450 [ 14.229360] __asan_report_load4_noabort+0x18/0x20 [ 14.229383] kasan_atomics_helper+0x4a84/0x5450 [ 14.229409] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.229434] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.229458] ? kasan_atomics+0x152/0x310 [ 14.229483] kasan_atomics+0x1dc/0x310 [ 14.229505] ? __pfx_kasan_atomics+0x10/0x10 [ 14.229530] ? __pfx_read_tsc+0x10/0x10 [ 14.229552] ? ktime_get_ts64+0x86/0x230 [ 14.229581] kunit_try_run_case+0x1a5/0x480 [ 14.229607] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.229628] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.229655] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.229681] ? __kthread_parkme+0x82/0x180 [ 14.229704] ? preempt_count_sub+0x50/0x80 [ 14.229732] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.229754] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.229780] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.229807] kthread+0x337/0x6f0 [ 14.229826] ? trace_preempt_on+0x20/0xc0 [ 14.229894] ? __pfx_kthread+0x10/0x10 [ 14.229916] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.229941] ? calculate_sigpending+0x7b/0xa0 [ 14.229965] ? __pfx_kthread+0x10/0x10 [ 14.229986] ret_from_fork+0x41/0x80 [ 14.230009] ? __pfx_kthread+0x10/0x10 [ 14.230028] ret_from_fork_asm+0x1a/0x30 [ 14.230061] </TASK> [ 14.230075] [ 14.248137] Allocated by task 285: [ 14.248982] kasan_save_stack+0x45/0x70 [ 14.249599] kasan_save_track+0x18/0x40 [ 14.250331] kasan_save_alloc_info+0x3b/0x50 [ 14.251077] __kasan_kmalloc+0xb7/0xc0 [ 14.251626] __kmalloc_cache_noprof+0x189/0x420 [ 14.252331] kasan_atomics+0x95/0x310 [ 14.252482] kunit_try_run_case+0x1a5/0x480 [ 14.253317] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.254016] kthread+0x337/0x6f0 [ 14.254175] ret_from_fork+0x41/0x80 [ 14.254314] ret_from_fork_asm+0x1a/0x30 [ 14.254470] [ 14.254547] The buggy address belongs to the object at ffff8881029e6b00 [ 14.254547] which belongs to the cache kmalloc-64 of size 64 [ 14.255772] The buggy address is located 0 bytes to the right of [ 14.255772] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 14.257188] [ 14.257357] The buggy address belongs to the physical page: [ 14.257702] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 14.258368] flags: 0x200000000000000(node=0|zone=2) [ 14.258892] page_type: f5(slab) [ 14.259232] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.259660] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.260156] page dumped because: kasan: bad access detected [ 14.260584] [ 14.260761] Memory state around the buggy address: [ 14.261312] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.261850] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.262294] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.263025] ^ [ 14.263242] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.263800] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.264608] ================================================================== [ 14.611631] ================================================================== [ 14.612081] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 14.612399] Read of size 8 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 14.612749] [ 14.612857] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 14.612915] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.612929] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.612951] Call Trace: [ 14.612968] <TASK> [ 14.612984] dump_stack_lvl+0x73/0xb0 [ 14.613010] print_report+0xd1/0x650 [ 14.613037] ? __virt_addr_valid+0x1db/0x2d0 [ 14.613061] ? kasan_atomics_helper+0x13b5/0x5450 [ 14.613085] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.613111] ? kasan_atomics_helper+0x13b5/0x5450 [ 14.613136] kasan_report+0x141/0x180 [ 14.613162] ? kasan_atomics_helper+0x13b5/0x5450 [ 14.613191] kasan_check_range+0x10c/0x1c0 [ 14.613214] __kasan_check_read+0x15/0x20 [ 14.613237] kasan_atomics_helper+0x13b5/0x5450 [ 14.613262] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.613288] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.613312] ? kasan_atomics+0x152/0x310 [ 14.613338] kasan_atomics+0x1dc/0x310 [ 14.613360] ? __pfx_kasan_atomics+0x10/0x10 [ 14.613383] ? __pfx_read_tsc+0x10/0x10 [ 14.613406] ? ktime_get_ts64+0x86/0x230 [ 14.613434] kunit_try_run_case+0x1a5/0x480 [ 14.613458] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.613479] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.613521] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.613549] ? __kthread_parkme+0x82/0x180 [ 14.613572] ? preempt_count_sub+0x50/0x80 [ 14.613601] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.613628] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.613656] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.613682] kthread+0x337/0x6f0 [ 14.613702] ? trace_preempt_on+0x20/0xc0 [ 14.613728] ? __pfx_kthread+0x10/0x10 [ 14.613748] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.613773] ? calculate_sigpending+0x7b/0xa0 [ 14.613797] ? __pfx_kthread+0x10/0x10 [ 14.613818] ret_from_fork+0x41/0x80 [ 14.613841] ? __pfx_kthread+0x10/0x10 [ 14.613861] ret_from_fork_asm+0x1a/0x30 [ 14.613904] </TASK> [ 14.613916] [ 14.622130] Allocated by task 285: [ 14.622318] kasan_save_stack+0x45/0x70 [ 14.622568] kasan_save_track+0x18/0x40 [ 14.622775] kasan_save_alloc_info+0x3b/0x50 [ 14.623180] __kasan_kmalloc+0xb7/0xc0 [ 14.623350] __kmalloc_cache_noprof+0x189/0x420 [ 14.623509] kasan_atomics+0x95/0x310 [ 14.623652] kunit_try_run_case+0x1a5/0x480 [ 14.623801] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.624057] kthread+0x337/0x6f0 [ 14.624236] ret_from_fork+0x41/0x80 [ 14.624458] ret_from_fork_asm+0x1a/0x30 [ 14.624913] [ 14.625031] The buggy address belongs to the object at ffff8881029e6b00 [ 14.625031] which belongs to the cache kmalloc-64 of size 64 [ 14.625667] The buggy address is located 0 bytes to the right of [ 14.625667] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 14.626197] [ 14.626278] The buggy address belongs to the physical page: [ 14.626454] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 14.627166] flags: 0x200000000000000(node=0|zone=2) [ 14.627435] page_type: f5(slab) [ 14.627617] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.627902] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.628133] page dumped because: kasan: bad access detected [ 14.628728] [ 14.628835] Memory state around the buggy address: [ 14.629179] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.629494] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.629795] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.630165] ^ [ 14.630350] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.630572] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.630790] ================================================================== [ 14.909632] ================================================================== [ 14.909990] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 14.910298] Write of size 8 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 14.910738] [ 14.910921] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 14.910969] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.910982] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.911005] Call Trace: [ 14.911019] <TASK> [ 14.911034] dump_stack_lvl+0x73/0xb0 [ 14.911059] print_report+0xd1/0x650 [ 14.911085] ? __virt_addr_valid+0x1db/0x2d0 [ 14.911107] ? kasan_atomics_helper+0x1a7f/0x5450 [ 14.911132] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.911157] ? kasan_atomics_helper+0x1a7f/0x5450 [ 14.911182] kasan_report+0x141/0x180 [ 14.911207] ? kasan_atomics_helper+0x1a7f/0x5450 [ 14.911237] kasan_check_range+0x10c/0x1c0 [ 14.911260] __kasan_check_write+0x18/0x20 [ 14.911283] kasan_atomics_helper+0x1a7f/0x5450 [ 14.911309] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.911335] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.911360] ? kasan_atomics+0x152/0x310 [ 14.911386] kasan_atomics+0x1dc/0x310 [ 14.911409] ? __pfx_kasan_atomics+0x10/0x10 [ 14.911433] ? __pfx_read_tsc+0x10/0x10 [ 14.911454] ? ktime_get_ts64+0x86/0x230 [ 14.911482] kunit_try_run_case+0x1a5/0x480 [ 14.911507] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.911528] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.911554] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.911596] ? __kthread_parkme+0x82/0x180 [ 14.911619] ? preempt_count_sub+0x50/0x80 [ 14.911648] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.911670] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.911697] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.911723] kthread+0x337/0x6f0 [ 14.911742] ? trace_preempt_on+0x20/0xc0 [ 14.911768] ? __pfx_kthread+0x10/0x10 [ 14.911789] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.911813] ? calculate_sigpending+0x7b/0xa0 [ 14.911849] ? __pfx_kthread+0x10/0x10 [ 14.911871] ret_from_fork+0x41/0x80 [ 14.911903] ? __pfx_kthread+0x10/0x10 [ 14.911924] ret_from_fork_asm+0x1a/0x30 [ 14.911957] </TASK> [ 14.911969] [ 14.920060] Allocated by task 285: [ 14.920195] kasan_save_stack+0x45/0x70 [ 14.920407] kasan_save_track+0x18/0x40 [ 14.920714] kasan_save_alloc_info+0x3b/0x50 [ 14.921074] __kasan_kmalloc+0xb7/0xc0 [ 14.921294] __kmalloc_cache_noprof+0x189/0x420 [ 14.921547] kasan_atomics+0x95/0x310 [ 14.921716] kunit_try_run_case+0x1a5/0x480 [ 14.921865] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.922055] kthread+0x337/0x6f0 [ 14.922179] ret_from_fork+0x41/0x80 [ 14.922315] ret_from_fork_asm+0x1a/0x30 [ 14.922656] [ 14.922848] The buggy address belongs to the object at ffff8881029e6b00 [ 14.922848] which belongs to the cache kmalloc-64 of size 64 [ 14.923387] The buggy address is located 0 bytes to the right of [ 14.923387] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 14.923939] [ 14.924017] The buggy address belongs to the physical page: [ 14.924194] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 14.924440] flags: 0x200000000000000(node=0|zone=2) [ 14.924674] page_type: f5(slab) [ 14.924849] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.925274] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.925648] page dumped because: kasan: bad access detected [ 14.925871] [ 14.925954] Memory state around the buggy address: [ 14.926114] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.926335] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.926744] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.927176] ^ [ 14.927463] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.927843] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.928194] ================================================================== [ 14.199304] ================================================================== [ 14.199690] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 14.200030] Write of size 4 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 14.200363] [ 14.200474] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 14.200521] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.200533] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.200571] Call Trace: [ 14.200587] <TASK> [ 14.200604] dump_stack_lvl+0x73/0xb0 [ 14.200633] print_report+0xd1/0x650 [ 14.200774] ? __virt_addr_valid+0x1db/0x2d0 [ 14.200821] ? kasan_atomics_helper+0xc70/0x5450 [ 14.200933] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.200969] ? kasan_atomics_helper+0xc70/0x5450 [ 14.200994] kasan_report+0x141/0x180 [ 14.201020] ? kasan_atomics_helper+0xc70/0x5450 [ 14.201050] kasan_check_range+0x10c/0x1c0 [ 14.201074] __kasan_check_write+0x18/0x20 [ 14.201097] kasan_atomics_helper+0xc70/0x5450 [ 14.201123] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.201149] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.201173] ? kasan_atomics+0x152/0x310 [ 14.201199] kasan_atomics+0x1dc/0x310 [ 14.201221] ? __pfx_kasan_atomics+0x10/0x10 [ 14.201245] ? __pfx_read_tsc+0x10/0x10 [ 14.201268] ? ktime_get_ts64+0x86/0x230 [ 14.201296] kunit_try_run_case+0x1a5/0x480 [ 14.201320] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.201342] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.201370] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.201396] ? __kthread_parkme+0x82/0x180 [ 14.201422] ? preempt_count_sub+0x50/0x80 [ 14.201450] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.201474] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.201501] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.201528] kthread+0x337/0x6f0 [ 14.201548] ? trace_preempt_on+0x20/0xc0 [ 14.201573] ? __pfx_kthread+0x10/0x10 [ 14.201594] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.201619] ? calculate_sigpending+0x7b/0xa0 [ 14.201643] ? __pfx_kthread+0x10/0x10 [ 14.201665] ret_from_fork+0x41/0x80 [ 14.201688] ? __pfx_kthread+0x10/0x10 [ 14.201709] ret_from_fork_asm+0x1a/0x30 [ 14.201742] </TASK> [ 14.201755] [ 14.210405] Allocated by task 285: [ 14.210630] kasan_save_stack+0x45/0x70 [ 14.210820] kasan_save_track+0x18/0x40 [ 14.211058] kasan_save_alloc_info+0x3b/0x50 [ 14.211216] __kasan_kmalloc+0xb7/0xc0 [ 14.211398] __kmalloc_cache_noprof+0x189/0x420 [ 14.211628] kasan_atomics+0x95/0x310 [ 14.211830] kunit_try_run_case+0x1a5/0x480 [ 14.212062] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.212262] kthread+0x337/0x6f0 [ 14.212390] ret_from_fork+0x41/0x80 [ 14.212725] ret_from_fork_asm+0x1a/0x30 [ 14.213174] [ 14.213288] The buggy address belongs to the object at ffff8881029e6b00 [ 14.213288] which belongs to the cache kmalloc-64 of size 64 [ 14.213649] The buggy address is located 0 bytes to the right of [ 14.213649] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 14.215222] [ 14.215472] The buggy address belongs to the physical page: [ 14.216063] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 14.216320] flags: 0x200000000000000(node=0|zone=2) [ 14.216493] page_type: f5(slab) [ 14.216630] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.216870] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.217115] page dumped because: kasan: bad access detected [ 14.217292] [ 14.217367] Memory state around the buggy address: [ 14.217527] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.217749] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.218806] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.220111] ^ [ 14.221127] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.222271] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.223444] ================================================================== [ 15.066368] ================================================================== [ 15.066785] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 15.067360] Write of size 8 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 15.067990] [ 15.068223] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 15.068377] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.068394] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.068418] Call Trace: [ 15.068434] <TASK> [ 15.068451] dump_stack_lvl+0x73/0xb0 [ 15.068480] print_report+0xd1/0x650 [ 15.068516] ? __virt_addr_valid+0x1db/0x2d0 [ 15.068540] ? kasan_atomics_helper+0x1eaa/0x5450 [ 15.068565] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.068591] ? kasan_atomics_helper+0x1eaa/0x5450 [ 15.068616] kasan_report+0x141/0x180 [ 15.068641] ? kasan_atomics_helper+0x1eaa/0x5450 [ 15.068671] kasan_check_range+0x10c/0x1c0 [ 15.068694] __kasan_check_write+0x18/0x20 [ 15.068716] kasan_atomics_helper+0x1eaa/0x5450 [ 15.068742] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.068768] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.068792] ? kasan_atomics+0x152/0x310 [ 15.068818] kasan_atomics+0x1dc/0x310 [ 15.068840] ? __pfx_kasan_atomics+0x10/0x10 [ 15.068864] ? __pfx_read_tsc+0x10/0x10 [ 15.068899] ? ktime_get_ts64+0x86/0x230 [ 15.068927] kunit_try_run_case+0x1a5/0x480 [ 15.068951] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.068975] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.069001] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.069028] ? __kthread_parkme+0x82/0x180 [ 15.069052] ? preempt_count_sub+0x50/0x80 [ 15.069080] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.069104] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.069129] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.069156] kthread+0x337/0x6f0 [ 15.069174] ? trace_preempt_on+0x20/0xc0 [ 15.069199] ? __pfx_kthread+0x10/0x10 [ 15.069220] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.069246] ? calculate_sigpending+0x7b/0xa0 [ 15.069269] ? __pfx_kthread+0x10/0x10 [ 15.069291] ret_from_fork+0x41/0x80 [ 15.069313] ? __pfx_kthread+0x10/0x10 [ 15.069333] ret_from_fork_asm+0x1a/0x30 [ 15.069366] </TASK> [ 15.069378] [ 15.080108] Allocated by task 285: [ 15.080439] kasan_save_stack+0x45/0x70 [ 15.080840] kasan_save_track+0x18/0x40 [ 15.081163] kasan_save_alloc_info+0x3b/0x50 [ 15.081459] __kasan_kmalloc+0xb7/0xc0 [ 15.081772] __kmalloc_cache_noprof+0x189/0x420 [ 15.082102] kasan_atomics+0x95/0x310 [ 15.082381] kunit_try_run_case+0x1a5/0x480 [ 15.082693] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.082938] kthread+0x337/0x6f0 [ 15.083116] ret_from_fork+0x41/0x80 [ 15.083288] ret_from_fork_asm+0x1a/0x30 [ 15.083458] [ 15.083917] The buggy address belongs to the object at ffff8881029e6b00 [ 15.083917] which belongs to the cache kmalloc-64 of size 64 [ 15.084534] The buggy address is located 0 bytes to the right of [ 15.084534] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 15.085247] [ 15.085356] The buggy address belongs to the physical page: [ 15.085792] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 15.086246] flags: 0x200000000000000(node=0|zone=2) [ 15.086591] page_type: f5(slab) [ 15.086776] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.087090] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.087383] page dumped because: kasan: bad access detected [ 15.087900] [ 15.088005] Memory state around the buggy address: [ 15.088371] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.088947] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.089359] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.089785] ^ [ 15.090106] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.090491] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.090944] ================================================================== [ 13.868603] ================================================================== [ 13.868853] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 13.869428] Read of size 4 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 13.869730] [ 13.870037] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 13.870093] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.870108] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.870133] Call Trace: [ 13.870150] <TASK> [ 13.870168] dump_stack_lvl+0x73/0xb0 [ 13.870198] print_report+0xd1/0x650 [ 13.870224] ? __virt_addr_valid+0x1db/0x2d0 [ 13.870249] ? kasan_atomics_helper+0x4b54/0x5450 [ 13.870274] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.870301] ? kasan_atomics_helper+0x4b54/0x5450 [ 13.870326] kasan_report+0x141/0x180 [ 13.870352] ? kasan_atomics_helper+0x4b54/0x5450 [ 13.870383] __asan_report_load4_noabort+0x18/0x20 [ 13.870408] kasan_atomics_helper+0x4b54/0x5450 [ 13.870433] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.870460] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.870485] ? kasan_atomics+0x152/0x310 [ 13.870511] kasan_atomics+0x1dc/0x310 [ 13.870542] ? __pfx_kasan_atomics+0x10/0x10 [ 13.870566] ? __pfx_read_tsc+0x10/0x10 [ 13.870589] ? ktime_get_ts64+0x86/0x230 [ 13.870616] kunit_try_run_case+0x1a5/0x480 [ 13.870641] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.870664] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.870692] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.870719] ? __kthread_parkme+0x82/0x180 [ 13.870744] ? preempt_count_sub+0x50/0x80 [ 13.870773] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.870796] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.870824] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.870852] kthread+0x337/0x6f0 [ 13.870871] ? trace_preempt_on+0x20/0xc0 [ 13.870913] ? __pfx_kthread+0x10/0x10 [ 13.870935] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.870960] ? calculate_sigpending+0x7b/0xa0 [ 13.870986] ? __pfx_kthread+0x10/0x10 [ 13.871007] ret_from_fork+0x41/0x80 [ 13.871031] ? __pfx_kthread+0x10/0x10 [ 13.871051] ret_from_fork_asm+0x1a/0x30 [ 13.871086] </TASK> [ 13.871100] [ 13.879689] Allocated by task 285: [ 13.880127] kasan_save_stack+0x45/0x70 [ 13.880326] kasan_save_track+0x18/0x40 [ 13.880506] kasan_save_alloc_info+0x3b/0x50 [ 13.880701] __kasan_kmalloc+0xb7/0xc0 [ 13.880843] __kmalloc_cache_noprof+0x189/0x420 [ 13.881137] kasan_atomics+0x95/0x310 [ 13.881338] kunit_try_run_case+0x1a5/0x480 [ 13.881555] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.882078] kthread+0x337/0x6f0 [ 13.882260] ret_from_fork+0x41/0x80 [ 13.882447] ret_from_fork_asm+0x1a/0x30 [ 13.882632] [ 13.882796] The buggy address belongs to the object at ffff8881029e6b00 [ 13.882796] which belongs to the cache kmalloc-64 of size 64 [ 13.883297] The buggy address is located 0 bytes to the right of [ 13.883297] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 13.883785] [ 13.883929] The buggy address belongs to the physical page: [ 13.884189] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 13.884576] flags: 0x200000000000000(node=0|zone=2) [ 13.884799] page_type: f5(slab) [ 13.885121] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.885383] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.885615] page dumped because: kasan: bad access detected [ 13.885894] [ 13.886000] Memory state around the buggy address: [ 13.886234] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.886864] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.887293] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.887597] ^ [ 13.887768] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.888039] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.888385] ================================================================== [ 13.988791] ================================================================== [ 13.989390] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 13.989993] Write of size 4 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 13.990300] [ 13.990397] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 13.990448] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.990461] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.990486] Call Trace: [ 13.990504] <TASK> [ 13.990523] dump_stack_lvl+0x73/0xb0 [ 13.990566] print_report+0xd1/0x650 [ 13.990593] ? __virt_addr_valid+0x1db/0x2d0 [ 13.990617] ? kasan_atomics_helper+0x697/0x5450 [ 13.990642] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.990667] ? kasan_atomics_helper+0x697/0x5450 [ 13.990692] kasan_report+0x141/0x180 [ 13.990717] ? kasan_atomics_helper+0x697/0x5450 [ 13.990746] kasan_check_range+0x10c/0x1c0 [ 13.990770] __kasan_check_write+0x18/0x20 [ 13.990792] kasan_atomics_helper+0x697/0x5450 [ 13.990818] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.990861] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.990897] ? kasan_atomics+0x152/0x310 [ 13.990923] kasan_atomics+0x1dc/0x310 [ 13.990945] ? __pfx_kasan_atomics+0x10/0x10 [ 13.990970] ? __pfx_read_tsc+0x10/0x10 [ 13.990992] ? ktime_get_ts64+0x86/0x230 [ 13.991020] kunit_try_run_case+0x1a5/0x480 [ 13.991045] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.991067] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.991094] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.991122] ? __kthread_parkme+0x82/0x180 [ 13.991147] ? preempt_count_sub+0x50/0x80 [ 13.991176] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.991200] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.991227] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.991253] kthread+0x337/0x6f0 [ 13.991273] ? trace_preempt_on+0x20/0xc0 [ 13.991299] ? __pfx_kthread+0x10/0x10 [ 13.991319] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.991344] ? calculate_sigpending+0x7b/0xa0 [ 13.991369] ? __pfx_kthread+0x10/0x10 [ 13.991390] ret_from_fork+0x41/0x80 [ 13.991413] ? __pfx_kthread+0x10/0x10 [ 13.991434] ret_from_fork_asm+0x1a/0x30 [ 13.991467] </TASK> [ 13.991481] [ 14.003185] Allocated by task 285: [ 14.003395] kasan_save_stack+0x45/0x70 [ 14.003847] kasan_save_track+0x18/0x40 [ 14.004271] kasan_save_alloc_info+0x3b/0x50 [ 14.004484] __kasan_kmalloc+0xb7/0xc0 [ 14.005123] __kmalloc_cache_noprof+0x189/0x420 [ 14.005384] kasan_atomics+0x95/0x310 [ 14.005776] kunit_try_run_case+0x1a5/0x480 [ 14.006402] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.006765] kthread+0x337/0x6f0 [ 14.007267] ret_from_fork+0x41/0x80 [ 14.007469] ret_from_fork_asm+0x1a/0x30 [ 14.007957] [ 14.008204] The buggy address belongs to the object at ffff8881029e6b00 [ 14.008204] which belongs to the cache kmalloc-64 of size 64 [ 14.009236] The buggy address is located 0 bytes to the right of [ 14.009236] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 14.010095] [ 14.010345] The buggy address belongs to the physical page: [ 14.010790] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 14.011329] flags: 0x200000000000000(node=0|zone=2) [ 14.011998] page_type: f5(slab) [ 14.012323] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.012996] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.013431] page dumped because: kasan: bad access detected [ 14.013941] [ 14.014056] Memory state around the buggy address: [ 14.014283] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.014771] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.015518] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.016293] ^ [ 14.016777] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.017391] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.018023] ================================================================== [ 14.332314] ================================================================== [ 14.332744] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 14.333350] Write of size 4 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 14.334118] [ 14.334290] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 14.334342] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.334356] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.334380] Call Trace: [ 14.334396] <TASK> [ 14.334413] dump_stack_lvl+0x73/0xb0 [ 14.334442] print_report+0xd1/0x650 [ 14.334468] ? __virt_addr_valid+0x1db/0x2d0 [ 14.334491] ? kasan_atomics_helper+0xe78/0x5450 [ 14.334527] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.334554] ? kasan_atomics_helper+0xe78/0x5450 [ 14.334578] kasan_report+0x141/0x180 [ 14.334604] ? kasan_atomics_helper+0xe78/0x5450 [ 14.334635] kasan_check_range+0x10c/0x1c0 [ 14.334657] __kasan_check_write+0x18/0x20 [ 14.334681] kasan_atomics_helper+0xe78/0x5450 [ 14.334706] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.334732] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.334757] ? kasan_atomics+0x152/0x310 [ 14.334783] kasan_atomics+0x1dc/0x310 [ 14.334805] ? __pfx_kasan_atomics+0x10/0x10 [ 14.334829] ? __pfx_read_tsc+0x10/0x10 [ 14.334852] ? ktime_get_ts64+0x86/0x230 [ 14.334894] kunit_try_run_case+0x1a5/0x480 [ 14.334919] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.334941] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.334968] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.334995] ? __kthread_parkme+0x82/0x180 [ 14.335019] ? preempt_count_sub+0x50/0x80 [ 14.335047] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.335070] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.335096] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.335123] kthread+0x337/0x6f0 [ 14.335142] ? trace_preempt_on+0x20/0xc0 [ 14.335168] ? __pfx_kthread+0x10/0x10 [ 14.335188] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.335214] ? calculate_sigpending+0x7b/0xa0 [ 14.335237] ? __pfx_kthread+0x10/0x10 [ 14.335257] ret_from_fork+0x41/0x80 [ 14.335280] ? __pfx_kthread+0x10/0x10 [ 14.335300] ret_from_fork_asm+0x1a/0x30 [ 14.335332] </TASK> [ 14.335345] [ 14.350382] Allocated by task 285: [ 14.350526] kasan_save_stack+0x45/0x70 [ 14.350684] kasan_save_track+0x18/0x40 [ 14.350829] kasan_save_alloc_info+0x3b/0x50 [ 14.351303] __kasan_kmalloc+0xb7/0xc0 [ 14.351677] __kmalloc_cache_noprof+0x189/0x420 [ 14.352315] kasan_atomics+0x95/0x310 [ 14.352704] kunit_try_run_case+0x1a5/0x480 [ 14.353172] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.353675] kthread+0x337/0x6f0 [ 14.354103] ret_from_fork+0x41/0x80 [ 14.354454] ret_from_fork_asm+0x1a/0x30 [ 14.354830] [ 14.355068] The buggy address belongs to the object at ffff8881029e6b00 [ 14.355068] which belongs to the cache kmalloc-64 of size 64 [ 14.355460] The buggy address is located 0 bytes to the right of [ 14.355460] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 14.356725] [ 14.356909] The buggy address belongs to the physical page: [ 14.357460] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 14.358160] flags: 0x200000000000000(node=0|zone=2) [ 14.358337] page_type: f5(slab) [ 14.358464] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.359208] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.360162] page dumped because: kasan: bad access detected [ 14.360672] [ 14.360866] Memory state around the buggy address: [ 14.361345] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.361660] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.361980] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.362590] ^ [ 14.363085] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.364095] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.364526] ================================================================== [ 15.271793] ================================================================== [ 15.272115] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 15.272484] Write of size 8 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 15.272730] [ 15.272825] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 15.272889] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.272903] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.272928] Call Trace: [ 15.272950] <TASK> [ 15.272972] dump_stack_lvl+0x73/0xb0 [ 15.273003] print_report+0xd1/0x650 [ 15.273053] ? __virt_addr_valid+0x1db/0x2d0 [ 15.273077] ? kasan_atomics_helper+0x224c/0x5450 [ 15.273102] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.273128] ? kasan_atomics_helper+0x224c/0x5450 [ 15.273152] kasan_report+0x141/0x180 [ 15.273179] ? kasan_atomics_helper+0x224c/0x5450 [ 15.273227] kasan_check_range+0x10c/0x1c0 [ 15.273252] __kasan_check_write+0x18/0x20 [ 15.273276] kasan_atomics_helper+0x224c/0x5450 [ 15.273302] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.273327] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.273352] ? kasan_atomics+0x152/0x310 [ 15.273396] kasan_atomics+0x1dc/0x310 [ 15.273418] ? __pfx_kasan_atomics+0x10/0x10 [ 15.273442] ? __pfx_read_tsc+0x10/0x10 [ 15.273466] ? ktime_get_ts64+0x86/0x230 [ 15.273495] kunit_try_run_case+0x1a5/0x480 [ 15.273531] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.273554] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.273584] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.273611] ? __kthread_parkme+0x82/0x180 [ 15.273636] ? preempt_count_sub+0x50/0x80 [ 15.273664] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.273688] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.273714] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.273757] kthread+0x337/0x6f0 [ 15.273777] ? trace_preempt_on+0x20/0xc0 [ 15.273805] ? __pfx_kthread+0x10/0x10 [ 15.273826] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.273851] ? calculate_sigpending+0x7b/0xa0 [ 15.273886] ? __pfx_kthread+0x10/0x10 [ 15.273906] ret_from_fork+0x41/0x80 [ 15.273930] ? __pfx_kthread+0x10/0x10 [ 15.273950] ret_from_fork_asm+0x1a/0x30 [ 15.274003] </TASK> [ 15.274016] [ 15.281879] Allocated by task 285: [ 15.282077] kasan_save_stack+0x45/0x70 [ 15.282319] kasan_save_track+0x18/0x40 [ 15.282464] kasan_save_alloc_info+0x3b/0x50 [ 15.282907] __kasan_kmalloc+0xb7/0xc0 [ 15.283115] __kmalloc_cache_noprof+0x189/0x420 [ 15.283342] kasan_atomics+0x95/0x310 [ 15.283524] kunit_try_run_case+0x1a5/0x480 [ 15.283712] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.284012] kthread+0x337/0x6f0 [ 15.284188] ret_from_fork+0x41/0x80 [ 15.284376] ret_from_fork_asm+0x1a/0x30 [ 15.284615] [ 15.284704] The buggy address belongs to the object at ffff8881029e6b00 [ 15.284704] which belongs to the cache kmalloc-64 of size 64 [ 15.285199] The buggy address is located 0 bytes to the right of [ 15.285199] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 15.285787] [ 15.285868] The buggy address belongs to the physical page: [ 15.286064] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 15.286336] flags: 0x200000000000000(node=0|zone=2) [ 15.286625] page_type: f5(slab) [ 15.286805] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.287180] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.287533] page dumped because: kasan: bad access detected [ 15.287809] [ 15.287899] Memory state around the buggy address: [ 15.288137] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.288360] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.288579] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.288797] ^ [ 15.289051] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.289410] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.289763] ================================================================== [ 14.176291] ================================================================== [ 14.176633] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 14.177449] Write of size 4 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 14.178048] [ 14.178146] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 14.178196] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.178211] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.178236] Call Trace: [ 14.178250] <TASK> [ 14.178267] dump_stack_lvl+0x73/0xb0 [ 14.178298] print_report+0xd1/0x650 [ 14.178323] ? __virt_addr_valid+0x1db/0x2d0 [ 14.178347] ? kasan_atomics_helper+0xb6a/0x5450 [ 14.178373] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.178399] ? kasan_atomics_helper+0xb6a/0x5450 [ 14.178423] kasan_report+0x141/0x180 [ 14.178448] ? kasan_atomics_helper+0xb6a/0x5450 [ 14.178477] kasan_check_range+0x10c/0x1c0 [ 14.178501] __kasan_check_write+0x18/0x20 [ 14.178524] kasan_atomics_helper+0xb6a/0x5450 [ 14.178550] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.178576] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.178601] ? kasan_atomics+0x152/0x310 [ 14.178655] kasan_atomics+0x1dc/0x310 [ 14.178678] ? __pfx_kasan_atomics+0x10/0x10 [ 14.178718] ? __pfx_read_tsc+0x10/0x10 [ 14.178741] ? ktime_get_ts64+0x86/0x230 [ 14.178770] kunit_try_run_case+0x1a5/0x480 [ 14.178796] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.178817] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.178845] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.178886] ? __kthread_parkme+0x82/0x180 [ 14.178988] ? preempt_count_sub+0x50/0x80 [ 14.179023] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.179046] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.179074] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.179101] kthread+0x337/0x6f0 [ 14.179121] ? trace_preempt_on+0x20/0xc0 [ 14.179148] ? __pfx_kthread+0x10/0x10 [ 14.179169] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.179194] ? calculate_sigpending+0x7b/0xa0 [ 14.179219] ? __pfx_kthread+0x10/0x10 [ 14.179240] ret_from_fork+0x41/0x80 [ 14.179263] ? __pfx_kthread+0x10/0x10 [ 14.179283] ret_from_fork_asm+0x1a/0x30 [ 14.179317] </TASK> [ 14.179331] [ 14.189099] Allocated by task 285: [ 14.189324] kasan_save_stack+0x45/0x70 [ 14.189564] kasan_save_track+0x18/0x40 [ 14.189803] kasan_save_alloc_info+0x3b/0x50 [ 14.190049] __kasan_kmalloc+0xb7/0xc0 [ 14.190363] __kmalloc_cache_noprof+0x189/0x420 [ 14.190604] kasan_atomics+0x95/0x310 [ 14.190797] kunit_try_run_case+0x1a5/0x480 [ 14.191071] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.191352] kthread+0x337/0x6f0 [ 14.191522] ret_from_fork+0x41/0x80 [ 14.191719] ret_from_fork_asm+0x1a/0x30 [ 14.192078] [ 14.192193] The buggy address belongs to the object at ffff8881029e6b00 [ 14.192193] which belongs to the cache kmalloc-64 of size 64 [ 14.192721] The buggy address is located 0 bytes to the right of [ 14.192721] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 14.193310] [ 14.193605] The buggy address belongs to the physical page: [ 14.193783] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 14.194472] flags: 0x200000000000000(node=0|zone=2) [ 14.194769] page_type: f5(slab) [ 14.195038] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.195399] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.195756] page dumped because: kasan: bad access detected [ 14.195946] [ 14.196022] Memory state around the buggy address: [ 14.196471] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.196751] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.197318] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.197675] ^ [ 14.198011] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.198238] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.198603] ================================================================== [ 14.473154] ================================================================== [ 14.473500] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 14.473819] Write of size 4 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 14.474295] [ 14.474418] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 14.474467] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.474482] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.474505] Call Trace: [ 14.474521] <TASK> [ 14.474539] dump_stack_lvl+0x73/0xb0 [ 14.474567] print_report+0xd1/0x650 [ 14.474593] ? __virt_addr_valid+0x1db/0x2d0 [ 14.474616] ? kasan_atomics_helper+0x1148/0x5450 [ 14.474641] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.474667] ? kasan_atomics_helper+0x1148/0x5450 [ 14.474692] kasan_report+0x141/0x180 [ 14.474718] ? kasan_atomics_helper+0x1148/0x5450 [ 14.474747] kasan_check_range+0x10c/0x1c0 [ 14.474786] __kasan_check_write+0x18/0x20 [ 14.474809] kasan_atomics_helper+0x1148/0x5450 [ 14.474835] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.474871] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.474907] ? kasan_atomics+0x152/0x310 [ 14.474933] kasan_atomics+0x1dc/0x310 [ 14.474955] ? __pfx_kasan_atomics+0x10/0x10 [ 14.474979] ? __pfx_read_tsc+0x10/0x10 [ 14.475000] ? ktime_get_ts64+0x86/0x230 [ 14.475029] kunit_try_run_case+0x1a5/0x480 [ 14.475053] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.475076] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.475102] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.475129] ? __kthread_parkme+0x82/0x180 [ 14.475153] ? preempt_count_sub+0x50/0x80 [ 14.475180] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.475204] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.475230] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.475256] kthread+0x337/0x6f0 [ 14.475275] ? trace_preempt_on+0x20/0xc0 [ 14.475301] ? __pfx_kthread+0x10/0x10 [ 14.475322] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.475347] ? calculate_sigpending+0x7b/0xa0 [ 14.475372] ? __pfx_kthread+0x10/0x10 [ 14.475392] ret_from_fork+0x41/0x80 [ 14.475415] ? __pfx_kthread+0x10/0x10 [ 14.475436] ret_from_fork_asm+0x1a/0x30 [ 14.475469] </TASK> [ 14.475481] [ 14.487806] Allocated by task 285: [ 14.488322] kasan_save_stack+0x45/0x70 [ 14.488535] kasan_save_track+0x18/0x40 [ 14.488773] kasan_save_alloc_info+0x3b/0x50 [ 14.489423] __kasan_kmalloc+0xb7/0xc0 [ 14.489827] __kmalloc_cache_noprof+0x189/0x420 [ 14.490220] kasan_atomics+0x95/0x310 [ 14.490415] kunit_try_run_case+0x1a5/0x480 [ 14.490682] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.491277] kthread+0x337/0x6f0 [ 14.491420] ret_from_fork+0x41/0x80 [ 14.491917] ret_from_fork_asm+0x1a/0x30 [ 14.492235] [ 14.492423] The buggy address belongs to the object at ffff8881029e6b00 [ 14.492423] which belongs to the cache kmalloc-64 of size 64 [ 14.493337] The buggy address is located 0 bytes to the right of [ 14.493337] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 14.494187] [ 14.494293] The buggy address belongs to the physical page: [ 14.494700] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 14.495304] flags: 0x200000000000000(node=0|zone=2) [ 14.495733] page_type: f5(slab) [ 14.495985] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.496344] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.496829] page dumped because: kasan: bad access detected [ 14.497116] [ 14.497568] Memory state around the buggy address: [ 14.497808] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.498283] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.498669] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.499068] ^ [ 14.499298] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.499578] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.500027] ================================================================== [ 14.805480] ================================================================== [ 14.805895] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 14.806167] Write of size 8 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 14.806595] [ 14.806758] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 14.806807] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.806821] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.806844] Call Trace: [ 14.806860] <TASK> [ 14.806887] dump_stack_lvl+0x73/0xb0 [ 14.806926] print_report+0xd1/0x650 [ 14.806953] ? __virt_addr_valid+0x1db/0x2d0 [ 14.806976] ? kasan_atomics_helper+0x177f/0x5450 [ 14.807001] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.807027] ? kasan_atomics_helper+0x177f/0x5450 [ 14.807051] kasan_report+0x141/0x180 [ 14.807076] ? kasan_atomics_helper+0x177f/0x5450 [ 14.807105] kasan_check_range+0x10c/0x1c0 [ 14.807128] __kasan_check_write+0x18/0x20 [ 14.807150] kasan_atomics_helper+0x177f/0x5450 [ 14.807176] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.807202] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.807226] ? kasan_atomics+0x152/0x310 [ 14.807252] kasan_atomics+0x1dc/0x310 [ 14.807275] ? __pfx_kasan_atomics+0x10/0x10 [ 14.807299] ? __pfx_read_tsc+0x10/0x10 [ 14.807322] ? ktime_get_ts64+0x86/0x230 [ 14.807351] kunit_try_run_case+0x1a5/0x480 [ 14.807375] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.807397] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.807431] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.807458] ? __kthread_parkme+0x82/0x180 [ 14.807485] ? preempt_count_sub+0x50/0x80 [ 14.807523] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.807546] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.807579] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.807606] kthread+0x337/0x6f0 [ 14.807626] ? trace_preempt_on+0x20/0xc0 [ 14.807651] ? __pfx_kthread+0x10/0x10 [ 14.807672] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.807697] ? calculate_sigpending+0x7b/0xa0 [ 14.807720] ? __pfx_kthread+0x10/0x10 [ 14.807741] ret_from_fork+0x41/0x80 [ 14.807764] ? __pfx_kthread+0x10/0x10 [ 14.807785] ret_from_fork_asm+0x1a/0x30 [ 14.807817] </TASK> [ 14.807829] [ 14.815991] Allocated by task 285: [ 14.816169] kasan_save_stack+0x45/0x70 [ 14.816350] kasan_save_track+0x18/0x40 [ 14.816493] kasan_save_alloc_info+0x3b/0x50 [ 14.816720] __kasan_kmalloc+0xb7/0xc0 [ 14.817018] __kmalloc_cache_noprof+0x189/0x420 [ 14.817209] kasan_atomics+0x95/0x310 [ 14.817361] kunit_try_run_case+0x1a5/0x480 [ 14.817582] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.817817] kthread+0x337/0x6f0 [ 14.817992] ret_from_fork+0x41/0x80 [ 14.818129] ret_from_fork_asm+0x1a/0x30 [ 14.818272] [ 14.818347] The buggy address belongs to the object at ffff8881029e6b00 [ 14.818347] which belongs to the cache kmalloc-64 of size 64 [ 14.819284] The buggy address is located 0 bytes to the right of [ 14.819284] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 14.819825] [ 14.819910] The buggy address belongs to the physical page: [ 14.820083] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 14.820326] flags: 0x200000000000000(node=0|zone=2) [ 14.820689] page_type: f5(slab) [ 14.820911] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.821589] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.822004] page dumped because: kasan: bad access detected [ 14.822182] [ 14.822255] Memory state around the buggy address: [ 14.822414] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.822970] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.823308] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.823657] ^ [ 14.823917] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.824236] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.824563] ================================================================== [ 14.431420] ================================================================== [ 14.431767] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 14.432167] Write of size 4 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 14.432431] [ 14.432541] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 14.432590] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.432604] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.432627] Call Trace: [ 14.432641] <TASK> [ 14.432716] dump_stack_lvl+0x73/0xb0 [ 14.432748] print_report+0xd1/0x650 [ 14.432776] ? __virt_addr_valid+0x1db/0x2d0 [ 14.432801] ? kasan_atomics_helper+0x1079/0x5450 [ 14.432825] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.432851] ? kasan_atomics_helper+0x1079/0x5450 [ 14.433080] kasan_report+0x141/0x180 [ 14.433109] ? kasan_atomics_helper+0x1079/0x5450 [ 14.433139] kasan_check_range+0x10c/0x1c0 [ 14.433163] __kasan_check_write+0x18/0x20 [ 14.433186] kasan_atomics_helper+0x1079/0x5450 [ 14.433213] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.433238] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.433262] ? kasan_atomics+0x152/0x310 [ 14.433288] kasan_atomics+0x1dc/0x310 [ 14.433310] ? __pfx_kasan_atomics+0x10/0x10 [ 14.433334] ? __pfx_read_tsc+0x10/0x10 [ 14.433356] ? ktime_get_ts64+0x86/0x230 [ 14.433384] kunit_try_run_case+0x1a5/0x480 [ 14.433409] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.433431] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.433457] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.433484] ? __kthread_parkme+0x82/0x180 [ 14.433508] ? preempt_count_sub+0x50/0x80 [ 14.433536] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.433560] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.433586] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.433613] kthread+0x337/0x6f0 [ 14.433632] ? trace_preempt_on+0x20/0xc0 [ 14.433658] ? __pfx_kthread+0x10/0x10 [ 14.433679] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.433703] ? calculate_sigpending+0x7b/0xa0 [ 14.433727] ? __pfx_kthread+0x10/0x10 [ 14.433748] ret_from_fork+0x41/0x80 [ 14.433770] ? __pfx_kthread+0x10/0x10 [ 14.433791] ret_from_fork_asm+0x1a/0x30 [ 14.433824] </TASK> [ 14.433896] [ 14.441944] Allocated by task 285: [ 14.442138] kasan_save_stack+0x45/0x70 [ 14.442297] kasan_save_track+0x18/0x40 [ 14.442440] kasan_save_alloc_info+0x3b/0x50 [ 14.443034] __kasan_kmalloc+0xb7/0xc0 [ 14.443260] __kmalloc_cache_noprof+0x189/0x420 [ 14.443495] kasan_atomics+0x95/0x310 [ 14.443694] kunit_try_run_case+0x1a5/0x480 [ 14.444013] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.444245] kthread+0x337/0x6f0 [ 14.444398] ret_from_fork+0x41/0x80 [ 14.444604] ret_from_fork_asm+0x1a/0x30 [ 14.444750] [ 14.445070] The buggy address belongs to the object at ffff8881029e6b00 [ 14.445070] which belongs to the cache kmalloc-64 of size 64 [ 14.445544] The buggy address is located 0 bytes to the right of [ 14.445544] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 14.445979] [ 14.446082] The buggy address belongs to the physical page: [ 14.446342] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 14.447067] flags: 0x200000000000000(node=0|zone=2) [ 14.447245] page_type: f5(slab) [ 14.447373] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.448008] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.448359] page dumped because: kasan: bad access detected [ 14.448652] [ 14.448738] Memory state around the buggy address: [ 14.449067] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.449308] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.449531] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.449863] ^ [ 14.450119] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.450568] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.450790] ================================================================== [ 14.708806] ================================================================== [ 14.709161] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 14.709483] Write of size 8 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 14.709980] [ 14.710119] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 14.710181] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.710195] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.710220] Call Trace: [ 14.710249] <TASK> [ 14.710268] dump_stack_lvl+0x73/0xb0 [ 14.710299] print_report+0xd1/0x650 [ 14.710325] ? __virt_addr_valid+0x1db/0x2d0 [ 14.710350] ? kasan_atomics_helper+0x151d/0x5450 [ 14.710376] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.710401] ? kasan_atomics_helper+0x151d/0x5450 [ 14.710427] kasan_report+0x141/0x180 [ 14.710452] ? kasan_atomics_helper+0x151d/0x5450 [ 14.710492] kasan_check_range+0x10c/0x1c0 [ 14.710516] __kasan_check_write+0x18/0x20 [ 14.710550] kasan_atomics_helper+0x151d/0x5450 [ 14.710577] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.710603] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.710627] ? kasan_atomics+0x152/0x310 [ 14.710656] kasan_atomics+0x1dc/0x310 [ 14.710678] ? __pfx_kasan_atomics+0x10/0x10 [ 14.710710] ? __pfx_read_tsc+0x10/0x10 [ 14.710732] ? ktime_get_ts64+0x86/0x230 [ 14.710761] kunit_try_run_case+0x1a5/0x480 [ 14.710786] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.710815] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.710897] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.710926] ? __kthread_parkme+0x82/0x180 [ 14.710952] ? preempt_count_sub+0x50/0x80 [ 14.711075] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.711102] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.711130] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.711156] kthread+0x337/0x6f0 [ 14.711176] ? trace_preempt_on+0x20/0xc0 [ 14.711202] ? __pfx_kthread+0x10/0x10 [ 14.711223] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.711248] ? calculate_sigpending+0x7b/0xa0 [ 14.711272] ? __pfx_kthread+0x10/0x10 [ 14.711292] ret_from_fork+0x41/0x80 [ 14.711316] ? __pfx_kthread+0x10/0x10 [ 14.711337] ret_from_fork_asm+0x1a/0x30 [ 14.711371] </TASK> [ 14.711385] [ 14.720626] Allocated by task 285: [ 14.720913] kasan_save_stack+0x45/0x70 [ 14.721161] kasan_save_track+0x18/0x40 [ 14.721352] kasan_save_alloc_info+0x3b/0x50 [ 14.721594] __kasan_kmalloc+0xb7/0xc0 [ 14.721801] __kmalloc_cache_noprof+0x189/0x420 [ 14.722028] kasan_atomics+0x95/0x310 [ 14.722305] kunit_try_run_case+0x1a5/0x480 [ 14.722466] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.722650] kthread+0x337/0x6f0 [ 14.722920] ret_from_fork+0x41/0x80 [ 14.723115] ret_from_fork_asm+0x1a/0x30 [ 14.723317] [ 14.723424] The buggy address belongs to the object at ffff8881029e6b00 [ 14.723424] which belongs to the cache kmalloc-64 of size 64 [ 14.724314] The buggy address is located 0 bytes to the right of [ 14.724314] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 14.725373] [ 14.725487] The buggy address belongs to the physical page: [ 14.726358] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 14.726735] flags: 0x200000000000000(node=0|zone=2) [ 14.727100] page_type: f5(slab) [ 14.727320] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.727885] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.728288] page dumped because: kasan: bad access detected [ 14.728535] [ 14.728793] Memory state around the buggy address: [ 14.729279] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.729793] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.730325] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.730787] ^ [ 14.731146] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.731557] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.732102] ================================================================== [ 15.018535] ================================================================== [ 15.018945] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 15.019295] Write of size 8 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 15.019687] [ 15.019904] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 15.019956] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.019970] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.019994] Call Trace: [ 15.020009] <TASK> [ 15.020062] dump_stack_lvl+0x73/0xb0 [ 15.020091] print_report+0xd1/0x650 [ 15.020118] ? __virt_addr_valid+0x1db/0x2d0 [ 15.020142] ? kasan_atomics_helper+0x1d7a/0x5450 [ 15.020167] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.020223] ? kasan_atomics_helper+0x1d7a/0x5450 [ 15.020249] kasan_report+0x141/0x180 [ 15.020275] ? kasan_atomics_helper+0x1d7a/0x5450 [ 15.020305] kasan_check_range+0x10c/0x1c0 [ 15.020330] __kasan_check_write+0x18/0x20 [ 15.020353] kasan_atomics_helper+0x1d7a/0x5450 [ 15.020379] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.020406] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.020430] ? kasan_atomics+0x152/0x310 [ 15.020456] kasan_atomics+0x1dc/0x310 [ 15.020517] ? __pfx_kasan_atomics+0x10/0x10 [ 15.020541] ? __pfx_read_tsc+0x10/0x10 [ 15.020562] ? ktime_get_ts64+0x86/0x230 [ 15.020589] kunit_try_run_case+0x1a5/0x480 [ 15.020614] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.020635] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.020690] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.020763] ? __kthread_parkme+0x82/0x180 [ 15.020787] ? preempt_count_sub+0x50/0x80 [ 15.020839] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.020898] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.020925] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.020951] kthread+0x337/0x6f0 [ 15.020970] ? trace_preempt_on+0x20/0xc0 [ 15.020996] ? __pfx_kthread+0x10/0x10 [ 15.021016] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.021041] ? calculate_sigpending+0x7b/0xa0 [ 15.021065] ? __pfx_kthread+0x10/0x10 [ 15.021085] ret_from_fork+0x41/0x80 [ 15.021108] ? __pfx_kthread+0x10/0x10 [ 15.021128] ret_from_fork_asm+0x1a/0x30 [ 15.021162] </TASK> [ 15.021174] [ 15.032000] Allocated by task 285: [ 15.032142] kasan_save_stack+0x45/0x70 [ 15.032297] kasan_save_track+0x18/0x40 [ 15.032441] kasan_save_alloc_info+0x3b/0x50 [ 15.032600] __kasan_kmalloc+0xb7/0xc0 [ 15.032795] __kmalloc_cache_noprof+0x189/0x420 [ 15.033019] kasan_atomics+0x95/0x310 [ 15.033156] kunit_try_run_case+0x1a5/0x480 [ 15.033355] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.033765] kthread+0x337/0x6f0 [ 15.033956] ret_from_fork+0x41/0x80 [ 15.034134] ret_from_fork_asm+0x1a/0x30 [ 15.034298] [ 15.034400] The buggy address belongs to the object at ffff8881029e6b00 [ 15.034400] which belongs to the cache kmalloc-64 of size 64 [ 15.034869] The buggy address is located 0 bytes to the right of [ 15.034869] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 15.035375] [ 15.035470] The buggy address belongs to the physical page: [ 15.035800] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 15.036063] flags: 0x200000000000000(node=0|zone=2) [ 15.036297] page_type: f5(slab) [ 15.036474] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.036732] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.037226] page dumped because: kasan: bad access detected [ 15.037605] [ 15.037707] Memory state around the buggy address: [ 15.037929] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.038149] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.038475] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.038762] ^ [ 15.038933] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.039318] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.039654] ================================================================== [ 14.018656] ================================================================== [ 14.018932] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 14.019482] Write of size 4 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 14.019804] [ 14.020009] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 14.020063] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.020076] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.020100] Call Trace: [ 14.020119] <TASK> [ 14.020139] dump_stack_lvl+0x73/0xb0 [ 14.020170] print_report+0xd1/0x650 [ 14.020196] ? __virt_addr_valid+0x1db/0x2d0 [ 14.020221] ? kasan_atomics_helper+0x72f/0x5450 [ 14.020301] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.020330] ? kasan_atomics_helper+0x72f/0x5450 [ 14.020355] kasan_report+0x141/0x180 [ 14.020380] ? kasan_atomics_helper+0x72f/0x5450 [ 14.020410] kasan_check_range+0x10c/0x1c0 [ 14.020433] __kasan_check_write+0x18/0x20 [ 14.020455] kasan_atomics_helper+0x72f/0x5450 [ 14.020481] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.020506] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.020545] ? kasan_atomics+0x152/0x310 [ 14.020571] kasan_atomics+0x1dc/0x310 [ 14.020593] ? __pfx_kasan_atomics+0x10/0x10 [ 14.020616] ? __pfx_read_tsc+0x10/0x10 [ 14.020638] ? ktime_get_ts64+0x86/0x230 [ 14.020667] kunit_try_run_case+0x1a5/0x480 [ 14.020693] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.020715] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.020743] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.020770] ? __kthread_parkme+0x82/0x180 [ 14.020794] ? preempt_count_sub+0x50/0x80 [ 14.020823] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.020884] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.020982] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.021013] kthread+0x337/0x6f0 [ 14.021034] ? trace_preempt_on+0x20/0xc0 [ 14.021060] ? __pfx_kthread+0x10/0x10 [ 14.021082] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.021106] ? calculate_sigpending+0x7b/0xa0 [ 14.021131] ? __pfx_kthread+0x10/0x10 [ 14.021152] ret_from_fork+0x41/0x80 [ 14.021176] ? __pfx_kthread+0x10/0x10 [ 14.021196] ret_from_fork_asm+0x1a/0x30 [ 14.021230] </TASK> [ 14.021244] [ 14.030461] Allocated by task 285: [ 14.030736] kasan_save_stack+0x45/0x70 [ 14.030913] kasan_save_track+0x18/0x40 [ 14.031119] kasan_save_alloc_info+0x3b/0x50 [ 14.031502] __kasan_kmalloc+0xb7/0xc0 [ 14.031749] __kmalloc_cache_noprof+0x189/0x420 [ 14.032119] kasan_atomics+0x95/0x310 [ 14.032306] kunit_try_run_case+0x1a5/0x480 [ 14.032543] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.032739] kthread+0x337/0x6f0 [ 14.032943] ret_from_fork+0x41/0x80 [ 14.033263] ret_from_fork_asm+0x1a/0x30 [ 14.033437] [ 14.033568] The buggy address belongs to the object at ffff8881029e6b00 [ 14.033568] which belongs to the cache kmalloc-64 of size 64 [ 14.033982] The buggy address is located 0 bytes to the right of [ 14.033982] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 14.034841] [ 14.034964] The buggy address belongs to the physical page: [ 14.035452] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 14.035829] flags: 0x200000000000000(node=0|zone=2) [ 14.036058] page_type: f5(slab) [ 14.036188] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.036479] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.037353] page dumped because: kasan: bad access detected [ 14.037643] [ 14.037748] Memory state around the buggy address: [ 14.037927] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.038323] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.038733] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.039331] ^ [ 14.039594] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.039966] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.040267] ================================================================== [ 14.678558] ================================================================== [ 14.678823] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 14.679918] Write of size 8 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 14.681265] [ 14.681622] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 14.681679] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.681695] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.681718] Call Trace: [ 14.681735] <TASK> [ 14.681760] dump_stack_lvl+0x73/0xb0 [ 14.681791] print_report+0xd1/0x650 [ 14.681818] ? __virt_addr_valid+0x1db/0x2d0 [ 14.681848] ? kasan_atomics_helper+0x50d4/0x5450 [ 14.681884] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.681910] ? kasan_atomics_helper+0x50d4/0x5450 [ 14.681935] kasan_report+0x141/0x180 [ 14.681960] ? kasan_atomics_helper+0x50d4/0x5450 [ 14.681991] __asan_report_store8_noabort+0x1b/0x30 [ 14.682015] kasan_atomics_helper+0x50d4/0x5450 [ 14.682040] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.682066] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.682090] ? kasan_atomics+0x152/0x310 [ 14.682116] kasan_atomics+0x1dc/0x310 [ 14.682138] ? __pfx_kasan_atomics+0x10/0x10 [ 14.682163] ? __pfx_read_tsc+0x10/0x10 [ 14.682185] ? ktime_get_ts64+0x86/0x230 [ 14.682213] kunit_try_run_case+0x1a5/0x480 [ 14.682237] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.682260] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.682286] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.682314] ? __kthread_parkme+0x82/0x180 [ 14.682337] ? preempt_count_sub+0x50/0x80 [ 14.682365] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.682388] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.682414] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.682440] kthread+0x337/0x6f0 [ 14.682459] ? trace_preempt_on+0x20/0xc0 [ 14.682485] ? __pfx_kthread+0x10/0x10 [ 14.682506] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.682531] ? calculate_sigpending+0x7b/0xa0 [ 14.682554] ? __pfx_kthread+0x10/0x10 [ 14.682574] ret_from_fork+0x41/0x80 [ 14.682597] ? __pfx_kthread+0x10/0x10 [ 14.682617] ret_from_fork_asm+0x1a/0x30 [ 14.682649] </TASK> [ 14.682663] [ 14.697446] Allocated by task 285: [ 14.697827] kasan_save_stack+0x45/0x70 [ 14.698298] kasan_save_track+0x18/0x40 [ 14.698521] kasan_save_alloc_info+0x3b/0x50 [ 14.698910] __kasan_kmalloc+0xb7/0xc0 [ 14.699215] __kmalloc_cache_noprof+0x189/0x420 [ 14.699449] kasan_atomics+0x95/0x310 [ 14.699676] kunit_try_run_case+0x1a5/0x480 [ 14.700232] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.700566] kthread+0x337/0x6f0 [ 14.700756] ret_from_fork+0x41/0x80 [ 14.701098] ret_from_fork_asm+0x1a/0x30 [ 14.701330] [ 14.701465] The buggy address belongs to the object at ffff8881029e6b00 [ 14.701465] which belongs to the cache kmalloc-64 of size 64 [ 14.702109] The buggy address is located 0 bytes to the right of [ 14.702109] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 14.702721] [ 14.703097] The buggy address belongs to the physical page: [ 14.703376] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 14.703825] flags: 0x200000000000000(node=0|zone=2) [ 14.704106] page_type: f5(slab) [ 14.704342] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.704688] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.705166] page dumped because: kasan: bad access detected [ 14.705455] [ 14.705574] Memory state around the buggy address: [ 14.705808] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.706271] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.706649] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.707048] ^ [ 14.707265] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.707775] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.708298] ================================================================== [ 14.127165] ================================================================== [ 14.127506] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 14.127998] Write of size 4 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 14.128432] [ 14.128569] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 14.128620] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.128634] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.128660] Call Trace: [ 14.128680] <TASK> [ 14.128699] dump_stack_lvl+0x73/0xb0 [ 14.128729] print_report+0xd1/0x650 [ 14.128754] ? __virt_addr_valid+0x1db/0x2d0 [ 14.128780] ? kasan_atomics_helper+0xa2b/0x5450 [ 14.128805] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.128831] ? kasan_atomics_helper+0xa2b/0x5450 [ 14.128922] kasan_report+0x141/0x180 [ 14.128949] ? kasan_atomics_helper+0xa2b/0x5450 [ 14.128978] kasan_check_range+0x10c/0x1c0 [ 14.129002] __kasan_check_write+0x18/0x20 [ 14.129025] kasan_atomics_helper+0xa2b/0x5450 [ 14.129051] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.129077] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.129102] ? kasan_atomics+0x152/0x310 [ 14.129127] kasan_atomics+0x1dc/0x310 [ 14.129150] ? __pfx_kasan_atomics+0x10/0x10 [ 14.129174] ? __pfx_read_tsc+0x10/0x10 [ 14.129197] ? ktime_get_ts64+0x86/0x230 [ 14.129226] kunit_try_run_case+0x1a5/0x480 [ 14.129252] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.129275] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.129302] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.129330] ? __kthread_parkme+0x82/0x180 [ 14.129355] ? preempt_count_sub+0x50/0x80 [ 14.129385] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.129408] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.129435] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.129462] kthread+0x337/0x6f0 [ 14.129481] ? trace_preempt_on+0x20/0xc0 [ 14.129508] ? __pfx_kthread+0x10/0x10 [ 14.129528] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.129553] ? calculate_sigpending+0x7b/0xa0 [ 14.129579] ? __pfx_kthread+0x10/0x10 [ 14.129600] ret_from_fork+0x41/0x80 [ 14.129623] ? __pfx_kthread+0x10/0x10 [ 14.129644] ret_from_fork_asm+0x1a/0x30 [ 14.129678] </TASK> [ 14.129691] [ 14.138819] Allocated by task 285: [ 14.139093] kasan_save_stack+0x45/0x70 [ 14.139308] kasan_save_track+0x18/0x40 [ 14.139516] kasan_save_alloc_info+0x3b/0x50 [ 14.139740] __kasan_kmalloc+0xb7/0xc0 [ 14.139973] __kmalloc_cache_noprof+0x189/0x420 [ 14.140177] kasan_atomics+0x95/0x310 [ 14.140313] kunit_try_run_case+0x1a5/0x480 [ 14.140463] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.140837] kthread+0x337/0x6f0 [ 14.141149] ret_from_fork+0x41/0x80 [ 14.141359] ret_from_fork_asm+0x1a/0x30 [ 14.141622] [ 14.141724] The buggy address belongs to the object at ffff8881029e6b00 [ 14.141724] which belongs to the cache kmalloc-64 of size 64 [ 14.142096] The buggy address is located 0 bytes to the right of [ 14.142096] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 14.142635] [ 14.142739] The buggy address belongs to the physical page: [ 14.143072] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 14.143478] flags: 0x200000000000000(node=0|zone=2) [ 14.143826] page_type: f5(slab) [ 14.143985] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.144255] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.144719] page dumped because: kasan: bad access detected [ 14.145098] [ 14.145211] Memory state around the buggy address: [ 14.145450] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.145911] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.146134] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.146458] ^ [ 14.146650] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.147146] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.147456] ================================================================== [ 14.994664] ================================================================== [ 14.995007] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 14.995340] Write of size 8 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 14.995672] [ 14.995786] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 14.995833] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.995847] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.995871] Call Trace: [ 14.995898] <TASK> [ 14.995914] dump_stack_lvl+0x73/0xb0 [ 14.995941] print_report+0xd1/0x650 [ 14.995967] ? __virt_addr_valid+0x1db/0x2d0 [ 14.995991] ? kasan_atomics_helper+0x1ce1/0x5450 [ 14.996015] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.996042] ? kasan_atomics_helper+0x1ce1/0x5450 [ 14.996067] kasan_report+0x141/0x180 [ 14.996092] ? kasan_atomics_helper+0x1ce1/0x5450 [ 14.996122] kasan_check_range+0x10c/0x1c0 [ 14.996145] __kasan_check_write+0x18/0x20 [ 14.996168] kasan_atomics_helper+0x1ce1/0x5450 [ 14.996195] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.996220] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.996245] ? kasan_atomics+0x152/0x310 [ 14.996270] kasan_atomics+0x1dc/0x310 [ 14.996291] ? __pfx_kasan_atomics+0x10/0x10 [ 14.996315] ? __pfx_read_tsc+0x10/0x10 [ 14.996337] ? ktime_get_ts64+0x86/0x230 [ 14.996365] kunit_try_run_case+0x1a5/0x480 [ 14.996389] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.996411] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.996437] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.996464] ? __kthread_parkme+0x82/0x180 [ 14.996488] ? preempt_count_sub+0x50/0x80 [ 14.996515] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.996538] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.996565] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.996602] kthread+0x337/0x6f0 [ 14.996622] ? trace_preempt_on+0x20/0xc0 [ 14.996647] ? __pfx_kthread+0x10/0x10 [ 14.996667] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.996692] ? calculate_sigpending+0x7b/0xa0 [ 14.996716] ? __pfx_kthread+0x10/0x10 [ 14.996738] ret_from_fork+0x41/0x80 [ 14.996761] ? __pfx_kthread+0x10/0x10 [ 14.996781] ret_from_fork_asm+0x1a/0x30 [ 14.996814] </TASK> [ 14.996826] [ 15.007367] Allocated by task 285: [ 15.007728] kasan_save_stack+0x45/0x70 [ 15.008138] kasan_save_track+0x18/0x40 [ 15.008521] kasan_save_alloc_info+0x3b/0x50 [ 15.008961] __kasan_kmalloc+0xb7/0xc0 [ 15.009323] __kmalloc_cache_noprof+0x189/0x420 [ 15.009795] kasan_atomics+0x95/0x310 [ 15.009946] kunit_try_run_case+0x1a5/0x480 [ 15.010095] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.010278] kthread+0x337/0x6f0 [ 15.010402] ret_from_fork+0x41/0x80 [ 15.010553] ret_from_fork_asm+0x1a/0x30 [ 15.010758] [ 15.010936] The buggy address belongs to the object at ffff8881029e6b00 [ 15.010936] which belongs to the cache kmalloc-64 of size 64 [ 15.012129] The buggy address is located 0 bytes to the right of [ 15.012129] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 15.013375] [ 15.013540] The buggy address belongs to the physical page: [ 15.013832] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 15.014097] flags: 0x200000000000000(node=0|zone=2) [ 15.014266] page_type: f5(slab) [ 15.014392] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.014689] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.015330] page dumped because: kasan: bad access detected [ 15.015586] [ 15.015694] Memory state around the buggy address: [ 15.016065] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.016365] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.016739] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.017094] ^ [ 15.017278] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.017667] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.017941] ================================================================== [ 13.842484] ================================================================== [ 13.842929] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 13.843260] Read of size 4 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 13.843623] [ 13.843735] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 13.843803] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.843831] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.843855] Call Trace: [ 13.843882] <TASK> [ 13.843899] dump_stack_lvl+0x73/0xb0 [ 13.843927] print_report+0xd1/0x650 [ 13.844002] ? __virt_addr_valid+0x1db/0x2d0 [ 13.844032] ? kasan_atomics_helper+0x3df/0x5450 [ 13.844057] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.844082] ? kasan_atomics_helper+0x3df/0x5450 [ 13.844108] kasan_report+0x141/0x180 [ 13.844133] ? kasan_atomics_helper+0x3df/0x5450 [ 13.844164] kasan_check_range+0x10c/0x1c0 [ 13.844187] __kasan_check_read+0x15/0x20 [ 13.844233] kasan_atomics_helper+0x3df/0x5450 [ 13.844274] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.844313] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.844352] ? kasan_atomics+0x152/0x310 [ 13.844378] kasan_atomics+0x1dc/0x310 [ 13.844400] ? __pfx_kasan_atomics+0x10/0x10 [ 13.844438] ? __pfx_read_tsc+0x10/0x10 [ 13.844474] ? ktime_get_ts64+0x86/0x230 [ 13.844502] kunit_try_run_case+0x1a5/0x480 [ 13.844528] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.844549] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.844577] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.844604] ? __kthread_parkme+0x82/0x180 [ 13.844628] ? preempt_count_sub+0x50/0x80 [ 13.844656] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.844680] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.844707] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.844735] kthread+0x337/0x6f0 [ 13.844754] ? trace_preempt_on+0x20/0xc0 [ 13.844780] ? __pfx_kthread+0x10/0x10 [ 13.844801] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.844826] ? calculate_sigpending+0x7b/0xa0 [ 13.845043] ? __pfx_kthread+0x10/0x10 [ 13.845067] ret_from_fork+0x41/0x80 [ 13.845091] ? __pfx_kthread+0x10/0x10 [ 13.845112] ret_from_fork_asm+0x1a/0x30 [ 13.845146] </TASK> [ 13.845159] [ 13.855317] Allocated by task 285: [ 13.855503] kasan_save_stack+0x45/0x70 [ 13.855713] kasan_save_track+0x18/0x40 [ 13.855916] kasan_save_alloc_info+0x3b/0x50 [ 13.856120] __kasan_kmalloc+0xb7/0xc0 [ 13.856308] __kmalloc_cache_noprof+0x189/0x420 [ 13.857046] kasan_atomics+0x95/0x310 [ 13.857323] kunit_try_run_case+0x1a5/0x480 [ 13.858106] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.858558] kthread+0x337/0x6f0 [ 13.858748] ret_from_fork+0x41/0x80 [ 13.859039] ret_from_fork_asm+0x1a/0x30 [ 13.859240] [ 13.859339] The buggy address belongs to the object at ffff8881029e6b00 [ 13.859339] which belongs to the cache kmalloc-64 of size 64 [ 13.860152] The buggy address is located 0 bytes to the right of [ 13.860152] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 13.861084] [ 13.861209] The buggy address belongs to the physical page: [ 13.861766] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 13.862318] flags: 0x200000000000000(node=0|zone=2) [ 13.862576] page_type: f5(slab) [ 13.862746] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.863259] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.864039] page dumped because: kasan: bad access detected [ 13.864341] [ 13.864605] Memory state around the buggy address: [ 13.865078] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.865393] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.866024] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.866556] ^ [ 13.867069] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.867692] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.868168] ================================================================== [ 14.651781] ================================================================== [ 14.652165] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 14.652818] Write of size 8 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 14.653117] [ 14.653208] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 14.653259] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.653273] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.653298] Call Trace: [ 14.653313] <TASK> [ 14.653331] dump_stack_lvl+0x73/0xb0 [ 14.653359] print_report+0xd1/0x650 [ 14.653385] ? __virt_addr_valid+0x1db/0x2d0 [ 14.653408] ? kasan_atomics_helper+0x1467/0x5450 [ 14.653433] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.653459] ? kasan_atomics_helper+0x1467/0x5450 [ 14.653484] kasan_report+0x141/0x180 [ 14.653510] ? kasan_atomics_helper+0x1467/0x5450 [ 14.653541] kasan_check_range+0x10c/0x1c0 [ 14.653564] __kasan_check_write+0x18/0x20 [ 14.653587] kasan_atomics_helper+0x1467/0x5450 [ 14.653613] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.653639] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.653663] ? kasan_atomics+0x152/0x310 [ 14.653689] kasan_atomics+0x1dc/0x310 [ 14.653711] ? __pfx_kasan_atomics+0x10/0x10 [ 14.653735] ? __pfx_read_tsc+0x10/0x10 [ 14.653757] ? ktime_get_ts64+0x86/0x230 [ 14.653785] kunit_try_run_case+0x1a5/0x480 [ 14.653809] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.653831] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.653857] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.653895] ? __kthread_parkme+0x82/0x180 [ 14.653919] ? preempt_count_sub+0x50/0x80 [ 14.653946] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.653969] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.653996] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.654023] kthread+0x337/0x6f0 [ 14.654043] ? trace_preempt_on+0x20/0xc0 [ 14.654068] ? __pfx_kthread+0x10/0x10 [ 14.654090] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.654115] ? calculate_sigpending+0x7b/0xa0 [ 14.654140] ? __pfx_kthread+0x10/0x10 [ 14.654161] ret_from_fork+0x41/0x80 [ 14.654185] ? __pfx_kthread+0x10/0x10 [ 14.654205] ret_from_fork_asm+0x1a/0x30 [ 14.654238] </TASK> [ 14.654251] [ 14.664166] Allocated by task 285: [ 14.664535] kasan_save_stack+0x45/0x70 [ 14.664712] kasan_save_track+0x18/0x40 [ 14.665167] kasan_save_alloc_info+0x3b/0x50 [ 14.665440] __kasan_kmalloc+0xb7/0xc0 [ 14.665864] __kmalloc_cache_noprof+0x189/0x420 [ 14.666326] kasan_atomics+0x95/0x310 [ 14.666674] kunit_try_run_case+0x1a5/0x480 [ 14.666890] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.667304] kthread+0x337/0x6f0 [ 14.667668] ret_from_fork+0x41/0x80 [ 14.668024] ret_from_fork_asm+0x1a/0x30 [ 14.668285] [ 14.668524] The buggy address belongs to the object at ffff8881029e6b00 [ 14.668524] which belongs to the cache kmalloc-64 of size 64 [ 14.669271] The buggy address is located 0 bytes to the right of [ 14.669271] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 14.670388] [ 14.670498] The buggy address belongs to the physical page: [ 14.670966] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 14.671745] flags: 0x200000000000000(node=0|zone=2) [ 14.672116] page_type: f5(slab) [ 14.672497] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.673130] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.673658] page dumped because: kasan: bad access detected [ 14.674102] [ 14.674187] Memory state around the buggy address: [ 14.674534] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.675012] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.675451] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.675791] ^ [ 14.676200] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.676824] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.677368] ================================================================== [ 14.265427] ================================================================== [ 14.265747] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 14.266122] Write of size 4 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 14.266825] [ 14.267021] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 14.267074] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.267089] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.267113] Call Trace: [ 14.267132] <TASK> [ 14.267172] dump_stack_lvl+0x73/0xb0 [ 14.267202] print_report+0xd1/0x650 [ 14.267227] ? __virt_addr_valid+0x1db/0x2d0 [ 14.267251] ? kasan_atomics_helper+0xd47/0x5450 [ 14.267287] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.267313] ? kasan_atomics_helper+0xd47/0x5450 [ 14.267349] kasan_report+0x141/0x180 [ 14.267375] ? kasan_atomics_helper+0xd47/0x5450 [ 14.267404] kasan_check_range+0x10c/0x1c0 [ 14.267427] __kasan_check_write+0x18/0x20 [ 14.267449] kasan_atomics_helper+0xd47/0x5450 [ 14.267475] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.267500] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.267533] ? kasan_atomics+0x152/0x310 [ 14.267558] kasan_atomics+0x1dc/0x310 [ 14.267584] ? __pfx_kasan_atomics+0x10/0x10 [ 14.267607] ? __pfx_read_tsc+0x10/0x10 [ 14.267630] ? ktime_get_ts64+0x86/0x230 [ 14.267658] kunit_try_run_case+0x1a5/0x480 [ 14.267682] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.267704] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.267731] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.267758] ? __kthread_parkme+0x82/0x180 [ 14.267782] ? preempt_count_sub+0x50/0x80 [ 14.267810] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.267833] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.267867] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.267904] kthread+0x337/0x6f0 [ 14.267923] ? trace_preempt_on+0x20/0xc0 [ 14.267949] ? __pfx_kthread+0x10/0x10 [ 14.267969] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.267994] ? calculate_sigpending+0x7b/0xa0 [ 14.268018] ? __pfx_kthread+0x10/0x10 [ 14.268038] ret_from_fork+0x41/0x80 [ 14.268061] ? __pfx_kthread+0x10/0x10 [ 14.268081] ret_from_fork_asm+0x1a/0x30 [ 14.268114] </TASK> [ 14.268126] [ 14.284152] Allocated by task 285: [ 14.284297] kasan_save_stack+0x45/0x70 [ 14.284452] kasan_save_track+0x18/0x40 [ 14.284771] kasan_save_alloc_info+0x3b/0x50 [ 14.285332] __kasan_kmalloc+0xb7/0xc0 [ 14.285829] __kmalloc_cache_noprof+0x189/0x420 [ 14.286401] kasan_atomics+0x95/0x310 [ 14.286801] kunit_try_run_case+0x1a5/0x480 [ 14.287260] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.287456] kthread+0x337/0x6f0 [ 14.287724] ret_from_fork+0x41/0x80 [ 14.288133] ret_from_fork_asm+0x1a/0x30 [ 14.288655] [ 14.288819] The buggy address belongs to the object at ffff8881029e6b00 [ 14.288819] which belongs to the cache kmalloc-64 of size 64 [ 14.290065] The buggy address is located 0 bytes to the right of [ 14.290065] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 14.290446] [ 14.290532] The buggy address belongs to the physical page: [ 14.291026] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 14.292118] flags: 0x200000000000000(node=0|zone=2) [ 14.292611] page_type: f5(slab) [ 14.293054] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.293785] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.294378] page dumped because: kasan: bad access detected [ 14.294582] [ 14.294657] Memory state around the buggy address: [ 14.295320] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.295967] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.296357] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.296609] ^ [ 14.297171] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.297900] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.298527] ================================================================== [ 14.086539] ================================================================== [ 14.086944] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 14.087231] Write of size 4 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 14.087528] [ 14.087648] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 14.087699] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.087714] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.087739] Call Trace: [ 14.087759] <TASK> [ 14.087779] dump_stack_lvl+0x73/0xb0 [ 14.087808] print_report+0xd1/0x650 [ 14.087834] ? __virt_addr_valid+0x1db/0x2d0 [ 14.087859] ? kasan_atomics_helper+0x8f9/0x5450 [ 14.087898] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.087923] ? kasan_atomics_helper+0x8f9/0x5450 [ 14.087948] kasan_report+0x141/0x180 [ 14.087975] ? kasan_atomics_helper+0x8f9/0x5450 [ 14.088005] kasan_check_range+0x10c/0x1c0 [ 14.088028] __kasan_check_write+0x18/0x20 [ 14.088050] kasan_atomics_helper+0x8f9/0x5450 [ 14.088077] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.088102] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.088127] ? kasan_atomics+0x152/0x310 [ 14.088153] kasan_atomics+0x1dc/0x310 [ 14.088177] ? __pfx_kasan_atomics+0x10/0x10 [ 14.088200] ? __pfx_read_tsc+0x10/0x10 [ 14.088225] ? ktime_get_ts64+0x86/0x230 [ 14.088255] kunit_try_run_case+0x1a5/0x480 [ 14.088282] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.088304] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.088332] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.088358] ? __kthread_parkme+0x82/0x180 [ 14.088383] ? preempt_count_sub+0x50/0x80 [ 14.088411] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.088434] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.088461] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.088487] kthread+0x337/0x6f0 [ 14.088506] ? trace_preempt_on+0x20/0xc0 [ 14.088532] ? __pfx_kthread+0x10/0x10 [ 14.088552] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.088578] ? calculate_sigpending+0x7b/0xa0 [ 14.088602] ? __pfx_kthread+0x10/0x10 [ 14.088724] ret_from_fork+0x41/0x80 [ 14.088748] ? __pfx_kthread+0x10/0x10 [ 14.088769] ret_from_fork_asm+0x1a/0x30 [ 14.088802] </TASK> [ 14.088816] [ 14.097379] Allocated by task 285: [ 14.097572] kasan_save_stack+0x45/0x70 [ 14.097786] kasan_save_track+0x18/0x40 [ 14.098250] kasan_save_alloc_info+0x3b/0x50 [ 14.098412] __kasan_kmalloc+0xb7/0xc0 [ 14.098641] __kmalloc_cache_noprof+0x189/0x420 [ 14.098909] kasan_atomics+0x95/0x310 [ 14.099107] kunit_try_run_case+0x1a5/0x480 [ 14.099317] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.099500] kthread+0x337/0x6f0 [ 14.099862] ret_from_fork+0x41/0x80 [ 14.100099] ret_from_fork_asm+0x1a/0x30 [ 14.100314] [ 14.100566] The buggy address belongs to the object at ffff8881029e6b00 [ 14.100566] which belongs to the cache kmalloc-64 of size 64 [ 14.101230] The buggy address is located 0 bytes to the right of [ 14.101230] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 14.101628] [ 14.101739] The buggy address belongs to the physical page: [ 14.102043] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 14.102633] flags: 0x200000000000000(node=0|zone=2) [ 14.102820] page_type: f5(slab) [ 14.103012] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.103518] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.103767] page dumped because: kasan: bad access detected [ 14.103994] [ 14.104095] Memory state around the buggy address: [ 14.104409] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.104789] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.105304] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.105536] ^ [ 14.105769] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.106228] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.106619] ================================================================== [ 15.040202] ================================================================== [ 15.040522] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 15.040850] Write of size 8 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 15.041369] [ 15.041481] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 15.041526] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.041540] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.041561] Call Trace: [ 15.041577] <TASK> [ 15.041592] dump_stack_lvl+0x73/0xb0 [ 15.041618] print_report+0xd1/0x650 [ 15.041644] ? __virt_addr_valid+0x1db/0x2d0 [ 15.041668] ? kasan_atomics_helper+0x1e12/0x5450 [ 15.041692] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.041717] ? kasan_atomics_helper+0x1e12/0x5450 [ 15.043094] kasan_report+0x141/0x180 [ 15.043133] ? kasan_atomics_helper+0x1e12/0x5450 [ 15.043184] kasan_check_range+0x10c/0x1c0 [ 15.043210] __kasan_check_write+0x18/0x20 [ 15.043233] kasan_atomics_helper+0x1e12/0x5450 [ 15.043260] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.043285] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.043310] ? kasan_atomics+0x152/0x310 [ 15.043336] kasan_atomics+0x1dc/0x310 [ 15.043358] ? __pfx_kasan_atomics+0x10/0x10 [ 15.043381] ? __pfx_read_tsc+0x10/0x10 [ 15.043405] ? ktime_get_ts64+0x86/0x230 [ 15.043433] kunit_try_run_case+0x1a5/0x480 [ 15.043458] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.043480] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.043532] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.043559] ? __kthread_parkme+0x82/0x180 [ 15.043611] ? preempt_count_sub+0x50/0x80 [ 15.043638] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.043661] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.043687] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.043713] kthread+0x337/0x6f0 [ 15.043733] ? trace_preempt_on+0x20/0xc0 [ 15.043758] ? __pfx_kthread+0x10/0x10 [ 15.043779] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.043803] ? calculate_sigpending+0x7b/0xa0 [ 15.043827] ? __pfx_kthread+0x10/0x10 [ 15.043847] ret_from_fork+0x41/0x80 [ 15.043871] ? __pfx_kthread+0x10/0x10 [ 15.043900] ret_from_fork_asm+0x1a/0x30 [ 15.043933] </TASK> [ 15.043946] [ 15.055390] Allocated by task 285: [ 15.055602] kasan_save_stack+0x45/0x70 [ 15.055826] kasan_save_track+0x18/0x40 [ 15.056187] kasan_save_alloc_info+0x3b/0x50 [ 15.056485] __kasan_kmalloc+0xb7/0xc0 [ 15.056866] __kmalloc_cache_noprof+0x189/0x420 [ 15.057206] kasan_atomics+0x95/0x310 [ 15.057348] kunit_try_run_case+0x1a5/0x480 [ 15.057500] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.057688] kthread+0x337/0x6f0 [ 15.057921] ret_from_fork+0x41/0x80 [ 15.058151] ret_from_fork_asm+0x1a/0x30 [ 15.058633] [ 15.058745] The buggy address belongs to the object at ffff8881029e6b00 [ 15.058745] which belongs to the cache kmalloc-64 of size 64 [ 15.059253] The buggy address is located 0 bytes to the right of [ 15.059253] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 15.059705] [ 15.059903] The buggy address belongs to the physical page: [ 15.060185] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 15.060511] flags: 0x200000000000000(node=0|zone=2) [ 15.060681] page_type: f5(slab) [ 15.060924] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.061439] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.061958] page dumped because: kasan: bad access detected [ 15.062202] [ 15.062306] Memory state around the buggy address: [ 15.062740] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.063039] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.063474] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.064003] ^ [ 15.064347] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.064826] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.065123] ================================================================== [ 13.968468] ================================================================== [ 13.969225] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 13.969591] Write of size 4 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 13.970005] [ 13.970104] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 13.970156] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.970171] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.970195] Call Trace: [ 13.970216] <TASK> [ 13.970235] dump_stack_lvl+0x73/0xb0 [ 13.970265] print_report+0xd1/0x650 [ 13.970291] ? __virt_addr_valid+0x1db/0x2d0 [ 13.970315] ? kasan_atomics_helper+0x5fe/0x5450 [ 13.970340] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.970365] ? kasan_atomics_helper+0x5fe/0x5450 [ 13.970389] kasan_report+0x141/0x180 [ 13.970415] ? kasan_atomics_helper+0x5fe/0x5450 [ 13.970444] kasan_check_range+0x10c/0x1c0 [ 13.970467] __kasan_check_write+0x18/0x20 [ 13.970490] kasan_atomics_helper+0x5fe/0x5450 [ 13.970529] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.970556] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.970581] ? kasan_atomics+0x152/0x310 [ 13.970606] kasan_atomics+0x1dc/0x310 [ 13.970628] ? __pfx_kasan_atomics+0x10/0x10 [ 13.970651] ? __pfx_read_tsc+0x10/0x10 [ 13.970676] ? ktime_get_ts64+0x86/0x230 [ 13.970704] kunit_try_run_case+0x1a5/0x480 [ 13.970730] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.970752] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.970779] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.970806] ? __kthread_parkme+0x82/0x180 [ 13.970830] ? preempt_count_sub+0x50/0x80 [ 13.970870] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.970907] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.970935] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.970962] kthread+0x337/0x6f0 [ 13.970981] ? trace_preempt_on+0x20/0xc0 [ 13.971008] ? __pfx_kthread+0x10/0x10 [ 13.971029] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.971054] ? calculate_sigpending+0x7b/0xa0 [ 13.971079] ? __pfx_kthread+0x10/0x10 [ 13.971100] ret_from_fork+0x41/0x80 [ 13.971123] ? __pfx_kthread+0x10/0x10 [ 13.971143] ret_from_fork_asm+0x1a/0x30 [ 13.971176] </TASK> [ 13.971188] [ 13.980088] Allocated by task 285: [ 13.980286] kasan_save_stack+0x45/0x70 [ 13.980502] kasan_save_track+0x18/0x40 [ 13.980707] kasan_save_alloc_info+0x3b/0x50 [ 13.980964] __kasan_kmalloc+0xb7/0xc0 [ 13.981117] __kmalloc_cache_noprof+0x189/0x420 [ 13.981278] kasan_atomics+0x95/0x310 [ 13.981415] kunit_try_run_case+0x1a5/0x480 [ 13.981949] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.982236] kthread+0x337/0x6f0 [ 13.982423] ret_from_fork+0x41/0x80 [ 13.982733] ret_from_fork_asm+0x1a/0x30 [ 13.983037] [ 13.983126] The buggy address belongs to the object at ffff8881029e6b00 [ 13.983126] which belongs to the cache kmalloc-64 of size 64 [ 13.983637] The buggy address is located 0 bytes to the right of [ 13.983637] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 13.984195] [ 13.984305] The buggy address belongs to the physical page: [ 13.984506] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 13.985027] flags: 0x200000000000000(node=0|zone=2) [ 13.985268] page_type: f5(slab) [ 13.985428] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.985725] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.986075] page dumped because: kasan: bad access detected [ 13.986332] [ 13.986432] Memory state around the buggy address: [ 13.986691] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.987020] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.987309] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.987663] ^ [ 13.987896] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.988154] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.988372] ================================================================== [ 14.780375] ================================================================== [ 14.780743] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 14.781363] Write of size 8 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 14.781706] [ 14.781796] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 14.781928] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.781944] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.781968] Call Trace: [ 14.781996] <TASK> [ 14.782012] dump_stack_lvl+0x73/0xb0 [ 14.782041] print_report+0xd1/0x650 [ 14.782067] ? __virt_addr_valid+0x1db/0x2d0 [ 14.782092] ? kasan_atomics_helper+0x16e7/0x5450 [ 14.782117] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.782142] ? kasan_atomics_helper+0x16e7/0x5450 [ 14.782167] kasan_report+0x141/0x180 [ 14.782193] ? kasan_atomics_helper+0x16e7/0x5450 [ 14.782222] kasan_check_range+0x10c/0x1c0 [ 14.782246] __kasan_check_write+0x18/0x20 [ 14.782268] kasan_atomics_helper+0x16e7/0x5450 [ 14.782294] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.782319] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.782344] ? kasan_atomics+0x152/0x310 [ 14.782369] kasan_atomics+0x1dc/0x310 [ 14.782391] ? __pfx_kasan_atomics+0x10/0x10 [ 14.782415] ? __pfx_read_tsc+0x10/0x10 [ 14.782437] ? ktime_get_ts64+0x86/0x230 [ 14.782467] kunit_try_run_case+0x1a5/0x480 [ 14.782491] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.782712] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.782746] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.782773] ? __kthread_parkme+0x82/0x180 [ 14.782797] ? preempt_count_sub+0x50/0x80 [ 14.782826] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.782849] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.782891] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.782918] kthread+0x337/0x6f0 [ 14.782937] ? trace_preempt_on+0x20/0xc0 [ 14.782963] ? __pfx_kthread+0x10/0x10 [ 14.782984] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.783008] ? calculate_sigpending+0x7b/0xa0 [ 14.783032] ? __pfx_kthread+0x10/0x10 [ 14.783054] ret_from_fork+0x41/0x80 [ 14.783077] ? __pfx_kthread+0x10/0x10 [ 14.783097] ret_from_fork_asm+0x1a/0x30 [ 14.783130] </TASK> [ 14.783143] [ 14.793994] Allocated by task 285: [ 14.794141] kasan_save_stack+0x45/0x70 [ 14.794358] kasan_save_track+0x18/0x40 [ 14.794684] kasan_save_alloc_info+0x3b/0x50 [ 14.795045] __kasan_kmalloc+0xb7/0xc0 [ 14.795428] __kmalloc_cache_noprof+0x189/0x420 [ 14.795638] kasan_atomics+0x95/0x310 [ 14.795975] kunit_try_run_case+0x1a5/0x480 [ 14.796223] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.796555] kthread+0x337/0x6f0 [ 14.796865] ret_from_fork+0x41/0x80 [ 14.797096] ret_from_fork_asm+0x1a/0x30 [ 14.797415] [ 14.797529] The buggy address belongs to the object at ffff8881029e6b00 [ 14.797529] which belongs to the cache kmalloc-64 of size 64 [ 14.798131] The buggy address is located 0 bytes to the right of [ 14.798131] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 14.798800] [ 14.798953] The buggy address belongs to the physical page: [ 14.799352] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 14.799928] flags: 0x200000000000000(node=0|zone=2) [ 14.800183] page_type: f5(slab) [ 14.800344] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.800885] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.801315] page dumped because: kasan: bad access detected [ 14.801748] [ 14.801835] Memory state around the buggy address: [ 14.802199] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.802717] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.803059] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.803627] ^ [ 14.803984] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.804439] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.804809] ================================================================== [ 14.040767] ================================================================== [ 14.041357] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 14.041674] Write of size 4 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 14.042116] [ 14.042243] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 14.042293] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.042307] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.042331] Call Trace: [ 14.042350] <TASK> [ 14.042369] dump_stack_lvl+0x73/0xb0 [ 14.042423] print_report+0xd1/0x650 [ 14.042450] ? __virt_addr_valid+0x1db/0x2d0 [ 14.042473] ? kasan_atomics_helper+0x7c7/0x5450 [ 14.042498] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.042523] ? kasan_atomics_helper+0x7c7/0x5450 [ 14.042548] kasan_report+0x141/0x180 [ 14.042573] ? kasan_atomics_helper+0x7c7/0x5450 [ 14.042602] kasan_check_range+0x10c/0x1c0 [ 14.042625] __kasan_check_write+0x18/0x20 [ 14.042647] kasan_atomics_helper+0x7c7/0x5450 [ 14.042680] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.042727] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.042752] ? kasan_atomics+0x152/0x310 [ 14.042777] kasan_atomics+0x1dc/0x310 [ 14.042799] ? __pfx_kasan_atomics+0x10/0x10 [ 14.042823] ? __pfx_read_tsc+0x10/0x10 [ 14.042845] ? ktime_get_ts64+0x86/0x230 [ 14.042896] kunit_try_run_case+0x1a5/0x480 [ 14.043071] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.043096] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.043123] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.043149] ? __kthread_parkme+0x82/0x180 [ 14.043174] ? preempt_count_sub+0x50/0x80 [ 14.043291] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.043316] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.043343] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.043369] kthread+0x337/0x6f0 [ 14.043389] ? trace_preempt_on+0x20/0xc0 [ 14.043415] ? __pfx_kthread+0x10/0x10 [ 14.043435] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.043460] ? calculate_sigpending+0x7b/0xa0 [ 14.043484] ? __pfx_kthread+0x10/0x10 [ 14.043505] ret_from_fork+0x41/0x80 [ 14.043528] ? __pfx_kthread+0x10/0x10 [ 14.043549] ret_from_fork_asm+0x1a/0x30 [ 14.043589] </TASK> [ 14.043602] [ 14.052740] Allocated by task 285: [ 14.052954] kasan_save_stack+0x45/0x70 [ 14.053244] kasan_save_track+0x18/0x40 [ 14.053590] kasan_save_alloc_info+0x3b/0x50 [ 14.053818] __kasan_kmalloc+0xb7/0xc0 [ 14.054122] __kmalloc_cache_noprof+0x189/0x420 [ 14.054364] kasan_atomics+0x95/0x310 [ 14.054566] kunit_try_run_case+0x1a5/0x480 [ 14.054772] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.055061] kthread+0x337/0x6f0 [ 14.055366] ret_from_fork+0x41/0x80 [ 14.055668] ret_from_fork_asm+0x1a/0x30 [ 14.055822] [ 14.055914] The buggy address belongs to the object at ffff8881029e6b00 [ 14.055914] which belongs to the cache kmalloc-64 of size 64 [ 14.056540] The buggy address is located 0 bytes to the right of [ 14.056540] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 14.057149] [ 14.057252] The buggy address belongs to the physical page: [ 14.057495] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 14.057834] flags: 0x200000000000000(node=0|zone=2) [ 14.058074] page_type: f5(slab) [ 14.058242] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.059521] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.060661] page dumped because: kasan: bad access detected [ 14.061075] [ 14.061179] Memory state around the buggy address: [ 14.061399] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.062244] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.063046] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.063368] ^ [ 14.063741] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.064451] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.065087] ================================================================== [ 15.290442] ================================================================== [ 15.291109] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 15.291548] Read of size 8 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 15.291805] [ 15.291911] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 15.291961] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.291975] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.291999] Call Trace: [ 15.292019] <TASK> [ 15.292039] dump_stack_lvl+0x73/0xb0 [ 15.292070] print_report+0xd1/0x650 [ 15.292096] ? __virt_addr_valid+0x1db/0x2d0 [ 15.292120] ? kasan_atomics_helper+0x5115/0x5450 [ 15.292145] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.292171] ? kasan_atomics_helper+0x5115/0x5450 [ 15.292196] kasan_report+0x141/0x180 [ 15.292221] ? kasan_atomics_helper+0x5115/0x5450 [ 15.292252] __asan_report_load8_noabort+0x18/0x20 [ 15.292276] kasan_atomics_helper+0x5115/0x5450 [ 15.292327] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.292353] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.292378] ? kasan_atomics+0x152/0x310 [ 15.292403] kasan_atomics+0x1dc/0x310 [ 15.292425] ? __pfx_kasan_atomics+0x10/0x10 [ 15.292448] ? __pfx_read_tsc+0x10/0x10 [ 15.292471] ? ktime_get_ts64+0x86/0x230 [ 15.292500] kunit_try_run_case+0x1a5/0x480 [ 15.292524] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.292546] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.292574] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.292602] ? __kthread_parkme+0x82/0x180 [ 15.292646] ? preempt_count_sub+0x50/0x80 [ 15.292675] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.292698] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.292724] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.292750] kthread+0x337/0x6f0 [ 15.292770] ? trace_preempt_on+0x20/0xc0 [ 15.292796] ? __pfx_kthread+0x10/0x10 [ 15.292817] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.292841] ? calculate_sigpending+0x7b/0xa0 [ 15.292865] ? __pfx_kthread+0x10/0x10 [ 15.292895] ret_from_fork+0x41/0x80 [ 15.292918] ? __pfx_kthread+0x10/0x10 [ 15.292938] ret_from_fork_asm+0x1a/0x30 [ 15.292971] </TASK> [ 15.292985] [ 15.300801] Allocated by task 285: [ 15.301014] kasan_save_stack+0x45/0x70 [ 15.301253] kasan_save_track+0x18/0x40 [ 15.301458] kasan_save_alloc_info+0x3b/0x50 [ 15.301692] __kasan_kmalloc+0xb7/0xc0 [ 15.301983] __kmalloc_cache_noprof+0x189/0x420 [ 15.302243] kasan_atomics+0x95/0x310 [ 15.302407] kunit_try_run_case+0x1a5/0x480 [ 15.302559] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.302887] kthread+0x337/0x6f0 [ 15.303051] ret_from_fork+0x41/0x80 [ 15.303202] ret_from_fork_asm+0x1a/0x30 [ 15.303401] [ 15.303506] The buggy address belongs to the object at ffff8881029e6b00 [ 15.303506] which belongs to the cache kmalloc-64 of size 64 [ 15.303935] The buggy address is located 0 bytes to the right of [ 15.303935] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 15.304389] [ 15.304490] The buggy address belongs to the physical page: [ 15.304746] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 15.305107] flags: 0x200000000000000(node=0|zone=2) [ 15.305277] page_type: f5(slab) [ 15.305403] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.305634] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.305993] page dumped because: kasan: bad access detected [ 15.306276] [ 15.306377] Memory state around the buggy address: [ 15.306631] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.307187] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.307400] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.307744] ^ [ 15.307985] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.308327] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.308537] ================================================================== [ 14.107253] ================================================================== [ 14.107603] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 14.108025] Write of size 4 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 14.108354] [ 14.108472] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 14.108535] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.108550] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.108574] Call Trace: [ 14.108595] <TASK> [ 14.108612] dump_stack_lvl+0x73/0xb0 [ 14.108641] print_report+0xd1/0x650 [ 14.108667] ? __virt_addr_valid+0x1db/0x2d0 [ 14.108692] ? kasan_atomics_helper+0x992/0x5450 [ 14.108716] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.108742] ? kasan_atomics_helper+0x992/0x5450 [ 14.108769] kasan_report+0x141/0x180 [ 14.108794] ? kasan_atomics_helper+0x992/0x5450 [ 14.108824] kasan_check_range+0x10c/0x1c0 [ 14.108859] __kasan_check_write+0x18/0x20 [ 14.108894] kasan_atomics_helper+0x992/0x5450 [ 14.108922] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.108948] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.108973] ? kasan_atomics+0x152/0x310 [ 14.108998] kasan_atomics+0x1dc/0x310 [ 14.109021] ? __pfx_kasan_atomics+0x10/0x10 [ 14.109045] ? __pfx_read_tsc+0x10/0x10 [ 14.109069] ? ktime_get_ts64+0x86/0x230 [ 14.109099] kunit_try_run_case+0x1a5/0x480 [ 14.109123] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.109145] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.109173] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.109200] ? __kthread_parkme+0x82/0x180 [ 14.109225] ? preempt_count_sub+0x50/0x80 [ 14.109254] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.109277] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.109304] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.109330] kthread+0x337/0x6f0 [ 14.109350] ? trace_preempt_on+0x20/0xc0 [ 14.109376] ? __pfx_kthread+0x10/0x10 [ 14.109397] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.109422] ? calculate_sigpending+0x7b/0xa0 [ 14.109446] ? __pfx_kthread+0x10/0x10 [ 14.109467] ret_from_fork+0x41/0x80 [ 14.109490] ? __pfx_kthread+0x10/0x10 [ 14.109511] ret_from_fork_asm+0x1a/0x30 [ 14.109544] </TASK> [ 14.109557] [ 14.117398] Allocated by task 285: [ 14.117579] kasan_save_stack+0x45/0x70 [ 14.117987] kasan_save_track+0x18/0x40 [ 14.118214] kasan_save_alloc_info+0x3b/0x50 [ 14.118432] __kasan_kmalloc+0xb7/0xc0 [ 14.118770] __kmalloc_cache_noprof+0x189/0x420 [ 14.119055] kasan_atomics+0x95/0x310 [ 14.119209] kunit_try_run_case+0x1a5/0x480 [ 14.119359] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.119647] kthread+0x337/0x6f0 [ 14.119835] ret_from_fork+0x41/0x80 [ 14.120129] ret_from_fork_asm+0x1a/0x30 [ 14.120345] [ 14.120453] The buggy address belongs to the object at ffff8881029e6b00 [ 14.120453] which belongs to the cache kmalloc-64 of size 64 [ 14.121178] The buggy address is located 0 bytes to the right of [ 14.121178] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 14.121794] [ 14.122104] The buggy address belongs to the physical page: [ 14.122341] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 14.122719] flags: 0x200000000000000(node=0|zone=2) [ 14.122934] page_type: f5(slab) [ 14.123230] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.123531] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.123993] page dumped because: kasan: bad access detected [ 14.124258] [ 14.124341] Memory state around the buggy address: [ 14.124683] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.125059] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.125290] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.125612] ^ [ 14.125894] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.126396] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.126768] ================================================================== [ 14.147908] ================================================================== [ 14.148611] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 14.149133] Write of size 4 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 14.149390] [ 14.149512] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 14.149560] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.149574] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.149597] Call Trace: [ 14.149614] <TASK> [ 14.149631] dump_stack_lvl+0x73/0xb0 [ 14.149659] print_report+0xd1/0x650 [ 14.149685] ? __virt_addr_valid+0x1db/0x2d0 [ 14.149710] ? kasan_atomics_helper+0xac7/0x5450 [ 14.149734] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.149772] ? kasan_atomics_helper+0xac7/0x5450 [ 14.149798] kasan_report+0x141/0x180 [ 14.149824] ? kasan_atomics_helper+0xac7/0x5450 [ 14.149853] kasan_check_range+0x10c/0x1c0 [ 14.149898] __kasan_check_write+0x18/0x20 [ 14.149925] kasan_atomics_helper+0xac7/0x5450 [ 14.149951] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.149978] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.150003] ? kasan_atomics+0x152/0x310 [ 14.150029] kasan_atomics+0x1dc/0x310 [ 14.150051] ? __pfx_kasan_atomics+0x10/0x10 [ 14.150075] ? __pfx_read_tsc+0x10/0x10 [ 14.150097] ? ktime_get_ts64+0x86/0x230 [ 14.150126] kunit_try_run_case+0x1a5/0x480 [ 14.150152] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.150174] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.150201] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.150228] ? __kthread_parkme+0x82/0x180 [ 14.150252] ? preempt_count_sub+0x50/0x80 [ 14.150280] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.150304] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.150331] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.150357] kthread+0x337/0x6f0 [ 14.150377] ? trace_preempt_on+0x20/0xc0 [ 14.150403] ? __pfx_kthread+0x10/0x10 [ 14.150424] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.150449] ? calculate_sigpending+0x7b/0xa0 [ 14.150473] ? __pfx_kthread+0x10/0x10 [ 14.150494] ret_from_fork+0x41/0x80 [ 14.150569] ? __pfx_kthread+0x10/0x10 [ 14.150593] ret_from_fork_asm+0x1a/0x30 [ 14.150625] </TASK> [ 14.150638] [ 14.164469] Allocated by task 285: [ 14.164900] kasan_save_stack+0x45/0x70 [ 14.165265] kasan_save_track+0x18/0x40 [ 14.165441] kasan_save_alloc_info+0x3b/0x50 [ 14.165775] __kasan_kmalloc+0xb7/0xc0 [ 14.166378] __kmalloc_cache_noprof+0x189/0x420 [ 14.166717] kasan_atomics+0x95/0x310 [ 14.167118] kunit_try_run_case+0x1a5/0x480 [ 14.167425] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.167895] kthread+0x337/0x6f0 [ 14.168090] ret_from_fork+0x41/0x80 [ 14.168241] ret_from_fork_asm+0x1a/0x30 [ 14.168454] [ 14.168599] The buggy address belongs to the object at ffff8881029e6b00 [ 14.168599] which belongs to the cache kmalloc-64 of size 64 [ 14.169337] The buggy address is located 0 bytes to the right of [ 14.169337] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 14.170023] [ 14.170124] The buggy address belongs to the physical page: [ 14.170398] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 14.170783] flags: 0x200000000000000(node=0|zone=2) [ 14.171135] page_type: f5(slab) [ 14.171310] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.171654] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.172132] page dumped because: kasan: bad access detected [ 14.172377] [ 14.172482] Memory state around the buggy address: [ 14.172810] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.173198] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.173736] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.174145] ^ [ 14.174434] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.174902] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.175363] ================================================================== [ 14.500421] ================================================================== [ 14.500753] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 14.501087] Read of size 4 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 14.501363] [ 14.501476] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 14.501541] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.501555] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.501579] Call Trace: [ 14.501595] <TASK> [ 14.501611] dump_stack_lvl+0x73/0xb0 [ 14.501639] print_report+0xd1/0x650 [ 14.501664] ? __virt_addr_valid+0x1db/0x2d0 [ 14.501687] ? kasan_atomics_helper+0x4a02/0x5450 [ 14.501712] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.501738] ? kasan_atomics_helper+0x4a02/0x5450 [ 14.501762] kasan_report+0x141/0x180 [ 14.501787] ? kasan_atomics_helper+0x4a02/0x5450 [ 14.501817] __asan_report_load4_noabort+0x18/0x20 [ 14.501840] kasan_atomics_helper+0x4a02/0x5450 [ 14.501867] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.501905] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.501929] ? kasan_atomics+0x152/0x310 [ 14.501954] kasan_atomics+0x1dc/0x310 [ 14.501976] ? __pfx_kasan_atomics+0x10/0x10 [ 14.502000] ? __pfx_read_tsc+0x10/0x10 [ 14.502021] ? ktime_get_ts64+0x86/0x230 [ 14.502050] kunit_try_run_case+0x1a5/0x480 [ 14.502074] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.502096] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.502122] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.502149] ? __kthread_parkme+0x82/0x180 [ 14.502172] ? preempt_count_sub+0x50/0x80 [ 14.502200] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.502223] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.502249] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.502276] kthread+0x337/0x6f0 [ 14.502295] ? trace_preempt_on+0x20/0xc0 [ 14.502320] ? __pfx_kthread+0x10/0x10 [ 14.502341] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.502366] ? calculate_sigpending+0x7b/0xa0 [ 14.502390] ? __pfx_kthread+0x10/0x10 [ 14.502411] ret_from_fork+0x41/0x80 [ 14.502434] ? __pfx_kthread+0x10/0x10 [ 14.502455] ret_from_fork_asm+0x1a/0x30 [ 14.502488] </TASK> [ 14.502500] [ 14.510665] Allocated by task 285: [ 14.510854] kasan_save_stack+0x45/0x70 [ 14.511237] kasan_save_track+0x18/0x40 [ 14.511478] kasan_save_alloc_info+0x3b/0x50 [ 14.511783] __kasan_kmalloc+0xb7/0xc0 [ 14.512063] __kmalloc_cache_noprof+0x189/0x420 [ 14.512260] kasan_atomics+0x95/0x310 [ 14.512452] kunit_try_run_case+0x1a5/0x480 [ 14.512715] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.513018] kthread+0x337/0x6f0 [ 14.513206] ret_from_fork+0x41/0x80 [ 14.513377] ret_from_fork_asm+0x1a/0x30 [ 14.513599] [ 14.513693] The buggy address belongs to the object at ffff8881029e6b00 [ 14.513693] which belongs to the cache kmalloc-64 of size 64 [ 14.514086] The buggy address is located 0 bytes to the right of [ 14.514086] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 14.514610] [ 14.514687] The buggy address belongs to the physical page: [ 14.514914] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 14.515299] flags: 0x200000000000000(node=0|zone=2) [ 14.515501] page_type: f5(slab) [ 14.515927] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.516191] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.516495] page dumped because: kasan: bad access detected [ 14.517014] [ 14.517095] Memory state around the buggy address: [ 14.517302] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.517562] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.517785] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.518090] ^ [ 14.518329] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.519057] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.519356] ================================================================== [ 14.890106] ================================================================== [ 14.890446] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 14.890973] Write of size 8 at addr ffff8881029e6b30 by task kunit_try_catch/285 [ 14.891295] [ 14.891393] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 14.891441] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.891454] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.891477] Call Trace: [ 14.891494] <TASK> [ 14.891511] dump_stack_lvl+0x73/0xb0 [ 14.891538] print_report+0xd1/0x650 [ 14.891564] ? __virt_addr_valid+0x1db/0x2d0 [ 14.891595] ? kasan_atomics_helper+0x19e3/0x5450 [ 14.891619] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.891646] ? kasan_atomics_helper+0x19e3/0x5450 [ 14.891670] kasan_report+0x141/0x180 [ 14.891695] ? kasan_atomics_helper+0x19e3/0x5450 [ 14.891726] kasan_check_range+0x10c/0x1c0 [ 14.891751] __kasan_check_write+0x18/0x20 [ 14.891775] kasan_atomics_helper+0x19e3/0x5450 [ 14.891803] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.891828] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.891921] ? kasan_atomics+0x152/0x310 [ 14.891946] kasan_atomics+0x1dc/0x310 [ 14.891969] ? __pfx_kasan_atomics+0x10/0x10 [ 14.891992] ? __pfx_read_tsc+0x10/0x10 [ 14.892015] ? ktime_get_ts64+0x86/0x230 [ 14.892043] kunit_try_run_case+0x1a5/0x480 [ 14.892067] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.892089] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.892115] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.892141] ? __kthread_parkme+0x82/0x180 [ 14.892165] ? preempt_count_sub+0x50/0x80 [ 14.892192] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.892214] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.892241] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.892266] kthread+0x337/0x6f0 [ 14.892285] ? trace_preempt_on+0x20/0xc0 [ 14.892312] ? __pfx_kthread+0x10/0x10 [ 14.892332] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.892357] ? calculate_sigpending+0x7b/0xa0 [ 14.892382] ? __pfx_kthread+0x10/0x10 [ 14.892403] ret_from_fork+0x41/0x80 [ 14.892427] ? __pfx_kthread+0x10/0x10 [ 14.892448] ret_from_fork_asm+0x1a/0x30 [ 14.892481] </TASK> [ 14.892493] [ 14.900827] Allocated by task 285: [ 14.900973] kasan_save_stack+0x45/0x70 [ 14.901198] kasan_save_track+0x18/0x40 [ 14.901401] kasan_save_alloc_info+0x3b/0x50 [ 14.901801] __kasan_kmalloc+0xb7/0xc0 [ 14.902227] __kmalloc_cache_noprof+0x189/0x420 [ 14.902448] kasan_atomics+0x95/0x310 [ 14.902646] kunit_try_run_case+0x1a5/0x480 [ 14.902854] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.903096] kthread+0x337/0x6f0 [ 14.903258] ret_from_fork+0x41/0x80 [ 14.903410] ret_from_fork_asm+0x1a/0x30 [ 14.903643] [ 14.903737] The buggy address belongs to the object at ffff8881029e6b00 [ 14.903737] which belongs to the cache kmalloc-64 of size 64 [ 14.904235] The buggy address is located 0 bytes to the right of [ 14.904235] allocated 48-byte region [ffff8881029e6b00, ffff8881029e6b30) [ 14.904783] [ 14.904894] The buggy address belongs to the physical page: [ 14.905147] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 14.905393] flags: 0x200000000000000(node=0|zone=2) [ 14.905563] page_type: f5(slab) [ 14.905689] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.905979] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.906335] page dumped because: kasan: bad access detected [ 14.906657] [ 14.906755] Memory state around the buggy address: [ 14.907188] ffff8881029e6a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.907487] ffff8881029e6a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.907711] >ffff8881029e6b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.907939] ^ [ 14.908098] ffff8881029e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.908318] ffff8881029e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.908947] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 13.560702] ================================================================== [ 13.561261] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.561698] Write of size 8 at addr ffff888102171608 by task kunit_try_catch/281 [ 13.561940] [ 13.562084] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 13.562131] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.562155] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.562179] Call Trace: [ 13.562198] <TASK> [ 13.562229] dump_stack_lvl+0x73/0xb0 [ 13.562256] print_report+0xd1/0x650 [ 13.562280] ? __virt_addr_valid+0x1db/0x2d0 [ 13.562315] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.562340] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.562363] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.562400] kasan_report+0x141/0x180 [ 13.562423] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.562453] kasan_check_range+0x10c/0x1c0 [ 13.562485] __kasan_check_write+0x18/0x20 [ 13.562531] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.562556] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.562593] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.562615] ? trace_hardirqs_on+0x37/0xe0 [ 13.562648] ? kasan_bitops_generic+0x92/0x1c0 [ 13.562674] kasan_bitops_generic+0x121/0x1c0 [ 13.562708] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.562731] ? trace_hardirqs_on+0x37/0xe0 [ 13.562754] ? __pfx_read_tsc+0x10/0x10 [ 13.562775] ? ktime_get_ts64+0x86/0x230 [ 13.562798] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.562823] kunit_try_run_case+0x1a5/0x480 [ 13.562847] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.562868] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.562904] ? __kthread_parkme+0x82/0x180 [ 13.562927] ? preempt_count_sub+0x50/0x80 [ 13.562952] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.562983] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.563007] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.563032] kthread+0x337/0x6f0 [ 13.563060] ? trace_preempt_on+0x20/0xc0 [ 13.563083] ? __pfx_kthread+0x10/0x10 [ 13.563102] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.563126] ? calculate_sigpending+0x7b/0xa0 [ 13.563157] ? __pfx_kthread+0x10/0x10 [ 13.563176] ret_from_fork+0x41/0x80 [ 13.563198] ? __pfx_kthread+0x10/0x10 [ 13.563227] ret_from_fork_asm+0x1a/0x30 [ 13.563257] </TASK> [ 13.563269] [ 13.571836] Allocated by task 281: [ 13.572021] kasan_save_stack+0x45/0x70 [ 13.572253] kasan_save_track+0x18/0x40 [ 13.572460] kasan_save_alloc_info+0x3b/0x50 [ 13.572675] __kasan_kmalloc+0xb7/0xc0 [ 13.572836] __kmalloc_cache_noprof+0x189/0x420 [ 13.573083] kasan_bitops_generic+0x92/0x1c0 [ 13.573298] kunit_try_run_case+0x1a5/0x480 [ 13.573460] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.573667] kthread+0x337/0x6f0 [ 13.573791] ret_from_fork+0x41/0x80 [ 13.573958] ret_from_fork_asm+0x1a/0x30 [ 13.574174] [ 13.574288] The buggy address belongs to the object at ffff888102171600 [ 13.574288] which belongs to the cache kmalloc-16 of size 16 [ 13.574819] The buggy address is located 8 bytes inside of [ 13.574819] allocated 9-byte region [ffff888102171600, ffff888102171609) [ 13.575205] [ 13.575308] The buggy address belongs to the physical page: [ 13.575569] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102171 [ 13.575991] flags: 0x200000000000000(node=0|zone=2) [ 13.576227] page_type: f5(slab) [ 13.576415] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.576769] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.577067] page dumped because: kasan: bad access detected [ 13.577339] [ 13.577422] Memory state around the buggy address: [ 13.577672] ffff888102171500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.578016] ffff888102171580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.578287] >ffff888102171600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.578523] ^ [ 13.578666] ffff888102171680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.579022] ffff888102171700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.579341] ================================================================== [ 13.700390] ================================================================== [ 13.701205] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.701547] Read of size 8 at addr ffff888102171608 by task kunit_try_catch/281 [ 13.701926] [ 13.702036] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 13.702079] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.702092] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.702137] Call Trace: [ 13.702152] <TASK> [ 13.702167] dump_stack_lvl+0x73/0xb0 [ 13.702193] print_report+0xd1/0x650 [ 13.702216] ? __virt_addr_valid+0x1db/0x2d0 [ 13.702237] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.702261] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.702284] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.702309] kasan_report+0x141/0x180 [ 13.702354] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.702382] kasan_check_range+0x10c/0x1c0 [ 13.702404] __kasan_check_read+0x15/0x20 [ 13.702424] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.702449] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.702474] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.702513] ? trace_hardirqs_on+0x37/0xe0 [ 13.702536] ? kasan_bitops_generic+0x92/0x1c0 [ 13.702561] kasan_bitops_generic+0x121/0x1c0 [ 13.702581] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.702613] ? trace_hardirqs_on+0x37/0xe0 [ 13.702636] ? __pfx_read_tsc+0x10/0x10 [ 13.702656] ? ktime_get_ts64+0x86/0x230 [ 13.702677] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.702702] kunit_try_run_case+0x1a5/0x480 [ 13.702723] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.702744] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.702769] ? __kthread_parkme+0x82/0x180 [ 13.702791] ? preempt_count_sub+0x50/0x80 [ 13.702816] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.702837] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.702861] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.702917] kthread+0x337/0x6f0 [ 13.702934] ? trace_preempt_on+0x20/0xc0 [ 13.702957] ? __pfx_kthread+0x10/0x10 [ 13.702975] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.702998] ? calculate_sigpending+0x7b/0xa0 [ 13.703020] ? __pfx_kthread+0x10/0x10 [ 13.703039] ret_from_fork+0x41/0x80 [ 13.703059] ? __pfx_kthread+0x10/0x10 [ 13.703077] ret_from_fork_asm+0x1a/0x30 [ 13.703127] </TASK> [ 13.703138] [ 13.714506] Allocated by task 281: [ 13.714899] kasan_save_stack+0x45/0x70 [ 13.715059] kasan_save_track+0x18/0x40 [ 13.715200] kasan_save_alloc_info+0x3b/0x50 [ 13.715349] __kasan_kmalloc+0xb7/0xc0 [ 13.715490] __kmalloc_cache_noprof+0x189/0x420 [ 13.715684] kasan_bitops_generic+0x92/0x1c0 [ 13.716048] kunit_try_run_case+0x1a5/0x480 [ 13.716282] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.716921] kthread+0x337/0x6f0 [ 13.717105] ret_from_fork+0x41/0x80 [ 13.717245] ret_from_fork_asm+0x1a/0x30 [ 13.717606] [ 13.717711] The buggy address belongs to the object at ffff888102171600 [ 13.717711] which belongs to the cache kmalloc-16 of size 16 [ 13.718294] The buggy address is located 8 bytes inside of [ 13.718294] allocated 9-byte region [ffff888102171600, ffff888102171609) [ 13.719083] [ 13.719183] The buggy address belongs to the physical page: [ 13.719383] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102171 [ 13.719939] flags: 0x200000000000000(node=0|zone=2) [ 13.720241] page_type: f5(slab) [ 13.720444] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.720857] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.721162] page dumped because: kasan: bad access detected [ 13.721380] [ 13.721455] Memory state around the buggy address: [ 13.721684] ffff888102171500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.722228] ffff888102171580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.722582] >ffff888102171600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.722977] ^ [ 13.723114] ffff888102171680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.723593] ffff888102171700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.723976] ================================================================== [ 13.724587] ================================================================== [ 13.725270] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.725714] Read of size 8 at addr ffff888102171608 by task kunit_try_catch/281 [ 13.726024] [ 13.726133] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 13.726177] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.726190] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.726212] Call Trace: [ 13.726227] <TASK> [ 13.726241] dump_stack_lvl+0x73/0xb0 [ 13.726267] print_report+0xd1/0x650 [ 13.726292] ? __virt_addr_valid+0x1db/0x2d0 [ 13.726314] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.726340] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.726363] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.726388] kasan_report+0x141/0x180 [ 13.726412] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.726441] __asan_report_load8_noabort+0x18/0x20 [ 13.726464] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.726489] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.726515] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.726537] ? trace_hardirqs_on+0x37/0xe0 [ 13.726559] ? kasan_bitops_generic+0x92/0x1c0 [ 13.726584] kasan_bitops_generic+0x121/0x1c0 [ 13.726605] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.726626] ? trace_hardirqs_on+0x37/0xe0 [ 13.726649] ? __pfx_read_tsc+0x10/0x10 [ 13.726669] ? ktime_get_ts64+0x86/0x230 [ 13.726692] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.726715] kunit_try_run_case+0x1a5/0x480 [ 13.726739] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.726760] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.726786] ? __kthread_parkme+0x82/0x180 [ 13.726808] ? preempt_count_sub+0x50/0x80 [ 13.726833] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.726855] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.726892] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.726916] kthread+0x337/0x6f0 [ 13.726934] ? trace_preempt_on+0x20/0xc0 [ 13.726957] ? __pfx_kthread+0x10/0x10 [ 13.726976] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.726998] ? calculate_sigpending+0x7b/0xa0 [ 13.727020] ? __pfx_kthread+0x10/0x10 [ 13.727039] ret_from_fork+0x41/0x80 [ 13.727060] ? __pfx_kthread+0x10/0x10 [ 13.727078] ret_from_fork_asm+0x1a/0x30 [ 13.727108] </TASK> [ 13.727119] [ 13.735180] Allocated by task 281: [ 13.735352] kasan_save_stack+0x45/0x70 [ 13.735556] kasan_save_track+0x18/0x40 [ 13.735742] kasan_save_alloc_info+0x3b/0x50 [ 13.735937] __kasan_kmalloc+0xb7/0xc0 [ 13.736107] __kmalloc_cache_noprof+0x189/0x420 [ 13.736331] kasan_bitops_generic+0x92/0x1c0 [ 13.736520] kunit_try_run_case+0x1a5/0x480 [ 13.736693] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.736934] kthread+0x337/0x6f0 [ 13.737076] ret_from_fork+0x41/0x80 [ 13.737262] ret_from_fork_asm+0x1a/0x30 [ 13.737459] [ 13.737562] The buggy address belongs to the object at ffff888102171600 [ 13.737562] which belongs to the cache kmalloc-16 of size 16 [ 13.738031] The buggy address is located 8 bytes inside of [ 13.738031] allocated 9-byte region [ffff888102171600, ffff888102171609) [ 13.738524] [ 13.738617] The buggy address belongs to the physical page: [ 13.738791] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102171 [ 13.739131] flags: 0x200000000000000(node=0|zone=2) [ 13.739374] page_type: f5(slab) [ 13.739556] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.739813] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.740132] page dumped because: kasan: bad access detected [ 13.740390] [ 13.740486] Memory state around the buggy address: [ 13.740715] ffff888102171500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.740989] ffff888102171580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.741272] >ffff888102171600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.741611] ^ [ 13.741766] ffff888102171680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.742063] ffff888102171700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.742278] ================================================================== [ 13.540572] ================================================================== [ 13.541006] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.541340] Write of size 8 at addr ffff888102171608 by task kunit_try_catch/281 [ 13.542090] [ 13.542234] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 13.542283] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.542308] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.542332] Call Trace: [ 13.542351] <TASK> [ 13.542370] dump_stack_lvl+0x73/0xb0 [ 13.542407] print_report+0xd1/0x650 [ 13.542432] ? __virt_addr_valid+0x1db/0x2d0 [ 13.542456] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.542493] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.542538] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.542572] kasan_report+0x141/0x180 [ 13.542596] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.542626] kasan_check_range+0x10c/0x1c0 [ 13.542658] __kasan_check_write+0x18/0x20 [ 13.542679] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.542703] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.542730] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.542752] ? trace_hardirqs_on+0x37/0xe0 [ 13.542776] ? kasan_bitops_generic+0x92/0x1c0 [ 13.542801] kasan_bitops_generic+0x121/0x1c0 [ 13.542821] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.542843] ? trace_hardirqs_on+0x37/0xe0 [ 13.542865] ? __pfx_read_tsc+0x10/0x10 [ 13.542895] ? ktime_get_ts64+0x86/0x230 [ 13.542918] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.542952] kunit_try_run_case+0x1a5/0x480 [ 13.542975] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.542996] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.543032] ? __kthread_parkme+0x82/0x180 [ 13.543055] ? preempt_count_sub+0x50/0x80 [ 13.543081] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.543110] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.543135] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.543159] kthread+0x337/0x6f0 [ 13.543187] ? trace_preempt_on+0x20/0xc0 [ 13.543211] ? __pfx_kthread+0x10/0x10 [ 13.543229] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.543252] ? calculate_sigpending+0x7b/0xa0 [ 13.543275] ? __pfx_kthread+0x10/0x10 [ 13.543293] ret_from_fork+0x41/0x80 [ 13.543314] ? __pfx_kthread+0x10/0x10 [ 13.543333] ret_from_fork_asm+0x1a/0x30 [ 13.543364] </TASK> [ 13.543376] [ 13.551892] Allocated by task 281: [ 13.552031] kasan_save_stack+0x45/0x70 [ 13.552244] kasan_save_track+0x18/0x40 [ 13.552445] kasan_save_alloc_info+0x3b/0x50 [ 13.552706] __kasan_kmalloc+0xb7/0xc0 [ 13.552908] __kmalloc_cache_noprof+0x189/0x420 [ 13.553109] kasan_bitops_generic+0x92/0x1c0 [ 13.553325] kunit_try_run_case+0x1a5/0x480 [ 13.553566] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.553819] kthread+0x337/0x6f0 [ 13.553995] ret_from_fork+0x41/0x80 [ 13.554184] ret_from_fork_asm+0x1a/0x30 [ 13.554376] [ 13.554477] The buggy address belongs to the object at ffff888102171600 [ 13.554477] which belongs to the cache kmalloc-16 of size 16 [ 13.555001] The buggy address is located 8 bytes inside of [ 13.555001] allocated 9-byte region [ffff888102171600, ffff888102171609) [ 13.555356] [ 13.555433] The buggy address belongs to the physical page: [ 13.555720] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102171 [ 13.556091] flags: 0x200000000000000(node=0|zone=2) [ 13.556336] page_type: f5(slab) [ 13.556530] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.556922] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.557287] page dumped because: kasan: bad access detected [ 13.557463] [ 13.557561] Memory state around the buggy address: [ 13.557721] ffff888102171500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.558009] ffff888102171580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.558364] >ffff888102171600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.558757] ^ [ 13.558948] ffff888102171680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.559300] ffff888102171700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.559629] ================================================================== [ 13.677648] ================================================================== [ 13.678069] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.678438] Write of size 8 at addr ffff888102171608 by task kunit_try_catch/281 [ 13.678752] [ 13.678841] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 13.678897] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.678922] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.678945] Call Trace: [ 13.678960] <TASK> [ 13.678988] dump_stack_lvl+0x73/0xb0 [ 13.679015] print_report+0xd1/0x650 [ 13.679038] ? __virt_addr_valid+0x1db/0x2d0 [ 13.679060] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.679084] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.679108] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.679133] kasan_report+0x141/0x180 [ 13.679158] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.679186] kasan_check_range+0x10c/0x1c0 [ 13.679209] __kasan_check_write+0x18/0x20 [ 13.679229] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.679254] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.679279] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.679309] ? trace_hardirqs_on+0x37/0xe0 [ 13.679332] ? kasan_bitops_generic+0x92/0x1c0 [ 13.679356] kasan_bitops_generic+0x121/0x1c0 [ 13.679396] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.679416] ? trace_hardirqs_on+0x37/0xe0 [ 13.679438] ? __pfx_read_tsc+0x10/0x10 [ 13.679469] ? ktime_get_ts64+0x86/0x230 [ 13.679492] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.679526] kunit_try_run_case+0x1a5/0x480 [ 13.679548] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.679569] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.679602] ? __kthread_parkme+0x82/0x180 [ 13.679624] ? preempt_count_sub+0x50/0x80 [ 13.679650] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.679671] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.679695] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.679719] kthread+0x337/0x6f0 [ 13.679737] ? trace_preempt_on+0x20/0xc0 [ 13.679769] ? __pfx_kthread+0x10/0x10 [ 13.679788] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.679811] ? calculate_sigpending+0x7b/0xa0 [ 13.679844] ? __pfx_kthread+0x10/0x10 [ 13.679863] ret_from_fork+0x41/0x80 [ 13.679893] ? __pfx_kthread+0x10/0x10 [ 13.679911] ret_from_fork_asm+0x1a/0x30 [ 13.679942] </TASK> [ 13.679953] [ 13.689101] Allocated by task 281: [ 13.689728] kasan_save_stack+0x45/0x70 [ 13.690235] kasan_save_track+0x18/0x40 [ 13.690532] kasan_save_alloc_info+0x3b/0x50 [ 13.690739] __kasan_kmalloc+0xb7/0xc0 [ 13.691026] __kmalloc_cache_noprof+0x189/0x420 [ 13.691278] kasan_bitops_generic+0x92/0x1c0 [ 13.691554] kunit_try_run_case+0x1a5/0x480 [ 13.691860] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.692104] kthread+0x337/0x6f0 [ 13.692388] ret_from_fork+0x41/0x80 [ 13.692724] ret_from_fork_asm+0x1a/0x30 [ 13.692943] [ 13.693033] The buggy address belongs to the object at ffff888102171600 [ 13.693033] which belongs to the cache kmalloc-16 of size 16 [ 13.693729] The buggy address is located 8 bytes inside of [ 13.693729] allocated 9-byte region [ffff888102171600, ffff888102171609) [ 13.694362] [ 13.694473] The buggy address belongs to the physical page: [ 13.694864] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102171 [ 13.695339] flags: 0x200000000000000(node=0|zone=2) [ 13.695675] page_type: f5(slab) [ 13.695855] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.696369] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.696927] page dumped because: kasan: bad access detected [ 13.697264] [ 13.697367] Memory state around the buggy address: [ 13.697742] ffff888102171500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.698046] ffff888102171580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.698412] >ffff888102171600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.698831] ^ [ 13.699030] ffff888102171680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.699443] ffff888102171700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.699839] ================================================================== [ 13.604774] ================================================================== [ 13.605118] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.605695] Write of size 8 at addr ffff888102171608 by task kunit_try_catch/281 [ 13.606020] [ 13.606129] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 13.606175] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.606188] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.606210] Call Trace: [ 13.606226] <TASK> [ 13.606243] dump_stack_lvl+0x73/0xb0 [ 13.606271] print_report+0xd1/0x650 [ 13.606295] ? __virt_addr_valid+0x1db/0x2d0 [ 13.606318] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.606343] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.606366] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.606391] kasan_report+0x141/0x180 [ 13.606416] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.606449] kasan_check_range+0x10c/0x1c0 [ 13.606471] __kasan_check_write+0x18/0x20 [ 13.606491] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.606518] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.606543] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.606565] ? trace_hardirqs_on+0x37/0xe0 [ 13.606587] ? kasan_bitops_generic+0x92/0x1c0 [ 13.606612] kasan_bitops_generic+0x121/0x1c0 [ 13.606646] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.606667] ? trace_hardirqs_on+0x37/0xe0 [ 13.606689] ? __pfx_read_tsc+0x10/0x10 [ 13.606710] ? ktime_get_ts64+0x86/0x230 [ 13.606744] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.606769] kunit_try_run_case+0x1a5/0x480 [ 13.606792] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.606814] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.606846] ? __kthread_parkme+0x82/0x180 [ 13.606869] ? preempt_count_sub+0x50/0x80 [ 13.606911] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.606931] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.606955] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.606979] kthread+0x337/0x6f0 [ 13.606996] ? trace_preempt_on+0x20/0xc0 [ 13.607020] ? __pfx_kthread+0x10/0x10 [ 13.607038] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.607070] ? calculate_sigpending+0x7b/0xa0 [ 13.607092] ? __pfx_kthread+0x10/0x10 [ 13.607111] ret_from_fork+0x41/0x80 [ 13.607143] ? __pfx_kthread+0x10/0x10 [ 13.607162] ret_from_fork_asm+0x1a/0x30 [ 13.607192] </TASK> [ 13.607203] [ 13.615645] Allocated by task 281: [ 13.615830] kasan_save_stack+0x45/0x70 [ 13.616009] kasan_save_track+0x18/0x40 [ 13.616149] kasan_save_alloc_info+0x3b/0x50 [ 13.616374] __kasan_kmalloc+0xb7/0xc0 [ 13.616634] __kmalloc_cache_noprof+0x189/0x420 [ 13.616897] kasan_bitops_generic+0x92/0x1c0 [ 13.617133] kunit_try_run_case+0x1a5/0x480 [ 13.617279] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.617455] kthread+0x337/0x6f0 [ 13.617576] ret_from_fork+0x41/0x80 [ 13.617761] ret_from_fork_asm+0x1a/0x30 [ 13.617968] [ 13.618071] The buggy address belongs to the object at ffff888102171600 [ 13.618071] which belongs to the cache kmalloc-16 of size 16 [ 13.618484] The buggy address is located 8 bytes inside of [ 13.618484] allocated 9-byte region [ffff888102171600, ffff888102171609) [ 13.619055] [ 13.619167] The buggy address belongs to the physical page: [ 13.619395] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102171 [ 13.619641] flags: 0x200000000000000(node=0|zone=2) [ 13.620067] page_type: f5(slab) [ 13.620241] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.620612] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.620989] page dumped because: kasan: bad access detected [ 13.621262] [ 13.621334] Memory state around the buggy address: [ 13.621496] ffff888102171500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.621837] ffff888102171580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.622172] >ffff888102171600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.622465] ^ [ 13.622694] ffff888102171680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.623020] ffff888102171700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.623322] ================================================================== [ 13.580634] ================================================================== [ 13.581037] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.581346] Write of size 8 at addr ffff888102171608 by task kunit_try_catch/281 [ 13.581636] [ 13.581770] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 13.581829] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.581842] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.581885] Call Trace: [ 13.581903] <TASK> [ 13.581921] dump_stack_lvl+0x73/0xb0 [ 13.581960] print_report+0xd1/0x650 [ 13.581985] ? __virt_addr_valid+0x1db/0x2d0 [ 13.582008] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.582044] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.582067] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.582101] kasan_report+0x141/0x180 [ 13.582125] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.582164] kasan_check_range+0x10c/0x1c0 [ 13.582186] __kasan_check_write+0x18/0x20 [ 13.582207] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.582232] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.582267] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.582290] ? trace_hardirqs_on+0x37/0xe0 [ 13.582327] ? kasan_bitops_generic+0x92/0x1c0 [ 13.582352] kasan_bitops_generic+0x121/0x1c0 [ 13.582372] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.582402] ? trace_hardirqs_on+0x37/0xe0 [ 13.582425] ? __pfx_read_tsc+0x10/0x10 [ 13.582445] ? ktime_get_ts64+0x86/0x230 [ 13.582479] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.582522] kunit_try_run_case+0x1a5/0x480 [ 13.582545] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.582566] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.582593] ? __kthread_parkme+0x82/0x180 [ 13.582616] ? preempt_count_sub+0x50/0x80 [ 13.582642] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.582662] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.582687] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.582711] kthread+0x337/0x6f0 [ 13.582728] ? trace_preempt_on+0x20/0xc0 [ 13.582751] ? __pfx_kthread+0x10/0x10 [ 13.582770] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.582793] ? calculate_sigpending+0x7b/0xa0 [ 13.582814] ? __pfx_kthread+0x10/0x10 [ 13.582841] ret_from_fork+0x41/0x80 [ 13.582862] ? __pfx_kthread+0x10/0x10 [ 13.582896] ret_from_fork_asm+0x1a/0x30 [ 13.582926] </TASK> [ 13.582938] [ 13.591453] Allocated by task 281: [ 13.591687] kasan_save_stack+0x45/0x70 [ 13.591892] kasan_save_track+0x18/0x40 [ 13.592062] kasan_save_alloc_info+0x3b/0x50 [ 13.592264] __kasan_kmalloc+0xb7/0xc0 [ 13.592440] __kmalloc_cache_noprof+0x189/0x420 [ 13.593548] kasan_bitops_generic+0x92/0x1c0 [ 13.593968] kunit_try_run_case+0x1a5/0x480 [ 13.594178] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.594426] kthread+0x337/0x6f0 [ 13.594818] ret_from_fork+0x41/0x80 [ 13.595027] ret_from_fork_asm+0x1a/0x30 [ 13.595219] [ 13.595316] The buggy address belongs to the object at ffff888102171600 [ 13.595316] which belongs to the cache kmalloc-16 of size 16 [ 13.596305] The buggy address is located 8 bytes inside of [ 13.596305] allocated 9-byte region [ffff888102171600, ffff888102171609) [ 13.597353] [ 13.597618] The buggy address belongs to the physical page: [ 13.598075] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102171 [ 13.598611] flags: 0x200000000000000(node=0|zone=2) [ 13.598841] page_type: f5(slab) [ 13.599012] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.599327] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.600016] page dumped because: kasan: bad access detected [ 13.600478] [ 13.600766] Memory state around the buggy address: [ 13.601012] ffff888102171500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.601309] ffff888102171580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.601964] >ffff888102171600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.602410] ^ [ 13.602743] ffff888102171680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.603056] ffff888102171700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.603356] ================================================================== [ 13.624014] ================================================================== [ 13.624295] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.624776] Write of size 8 at addr ffff888102171608 by task kunit_try_catch/281 [ 13.625119] [ 13.625335] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 13.625379] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.625391] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.625413] Call Trace: [ 13.625427] <TASK> [ 13.625442] dump_stack_lvl+0x73/0xb0 [ 13.625469] print_report+0xd1/0x650 [ 13.625492] ? __virt_addr_valid+0x1db/0x2d0 [ 13.625522] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.625546] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.625570] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.625595] kasan_report+0x141/0x180 [ 13.625619] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.625661] kasan_check_range+0x10c/0x1c0 [ 13.625683] __kasan_check_write+0x18/0x20 [ 13.625704] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.625742] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.625767] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.625789] ? trace_hardirqs_on+0x37/0xe0 [ 13.625811] ? kasan_bitops_generic+0x92/0x1c0 [ 13.625835] kasan_bitops_generic+0x121/0x1c0 [ 13.625857] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.625886] ? trace_hardirqs_on+0x37/0xe0 [ 13.625908] ? __pfx_read_tsc+0x10/0x10 [ 13.625928] ? ktime_get_ts64+0x86/0x230 [ 13.625951] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.625975] kunit_try_run_case+0x1a5/0x480 [ 13.625997] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.626018] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.626043] ? __kthread_parkme+0x82/0x180 [ 13.626065] ? preempt_count_sub+0x50/0x80 [ 13.626102] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.626123] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.626146] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.626181] kthread+0x337/0x6f0 [ 13.626199] ? trace_preempt_on+0x20/0xc0 [ 13.626221] ? __pfx_kthread+0x10/0x10 [ 13.626240] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.626263] ? calculate_sigpending+0x7b/0xa0 [ 13.626284] ? __pfx_kthread+0x10/0x10 [ 13.626304] ret_from_fork+0x41/0x80 [ 13.626324] ? __pfx_kthread+0x10/0x10 [ 13.626343] ret_from_fork_asm+0x1a/0x30 [ 13.626373] </TASK> [ 13.626383] [ 13.638370] Allocated by task 281: [ 13.638730] kasan_save_stack+0x45/0x70 [ 13.639106] kasan_save_track+0x18/0x40 [ 13.639613] kasan_save_alloc_info+0x3b/0x50 [ 13.639802] __kasan_kmalloc+0xb7/0xc0 [ 13.639947] __kmalloc_cache_noprof+0x189/0x420 [ 13.640712] kasan_bitops_generic+0x92/0x1c0 [ 13.641103] kunit_try_run_case+0x1a5/0x480 [ 13.641351] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.641588] kthread+0x337/0x6f0 [ 13.642177] ret_from_fork+0x41/0x80 [ 13.642661] ret_from_fork_asm+0x1a/0x30 [ 13.643033] [ 13.643252] The buggy address belongs to the object at ffff888102171600 [ 13.643252] which belongs to the cache kmalloc-16 of size 16 [ 13.644028] The buggy address is located 8 bytes inside of [ 13.644028] allocated 9-byte region [ffff888102171600, ffff888102171609) [ 13.645107] [ 13.645188] The buggy address belongs to the physical page: [ 13.645361] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102171 [ 13.646056] flags: 0x200000000000000(node=0|zone=2) [ 13.646619] page_type: f5(slab) [ 13.647039] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.647811] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.648309] page dumped because: kasan: bad access detected [ 13.648489] [ 13.648813] Memory state around the buggy address: [ 13.649324] ffff888102171500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.650058] ffff888102171580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.650480] >ffff888102171600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.651220] ^ [ 13.651604] ffff888102171680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.652168] ffff888102171700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.652591] ================================================================== [ 13.653660] ================================================================== [ 13.654754] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.655798] Write of size 8 at addr ffff888102171608 by task kunit_try_catch/281 [ 13.656427] [ 13.656633] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 13.656680] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.656693] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.656716] Call Trace: [ 13.656729] <TASK> [ 13.656745] dump_stack_lvl+0x73/0xb0 [ 13.656770] print_report+0xd1/0x650 [ 13.656794] ? __virt_addr_valid+0x1db/0x2d0 [ 13.656816] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.656841] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.656864] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.656901] kasan_report+0x141/0x180 [ 13.656924] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.656954] kasan_check_range+0x10c/0x1c0 [ 13.656975] __kasan_check_write+0x18/0x20 [ 13.656995] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.657020] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.657046] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.657068] ? trace_hardirqs_on+0x37/0xe0 [ 13.657091] ? kasan_bitops_generic+0x92/0x1c0 [ 13.657116] kasan_bitops_generic+0x121/0x1c0 [ 13.657136] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.657156] ? trace_hardirqs_on+0x37/0xe0 [ 13.657179] ? __pfx_read_tsc+0x10/0x10 [ 13.657199] ? ktime_get_ts64+0x86/0x230 [ 13.657221] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.657245] kunit_try_run_case+0x1a5/0x480 [ 13.657267] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.657288] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.657314] ? __kthread_parkme+0x82/0x180 [ 13.657336] ? preempt_count_sub+0x50/0x80 [ 13.657362] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.657382] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.657406] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.657430] kthread+0x337/0x6f0 [ 13.657447] ? trace_preempt_on+0x20/0xc0 [ 13.657470] ? __pfx_kthread+0x10/0x10 [ 13.657488] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.657525] ? calculate_sigpending+0x7b/0xa0 [ 13.657548] ? __pfx_kthread+0x10/0x10 [ 13.657567] ret_from_fork+0x41/0x80 [ 13.657587] ? __pfx_kthread+0x10/0x10 [ 13.657606] ret_from_fork_asm+0x1a/0x30 [ 13.657636] </TASK> [ 13.657647] [ 13.667676] Allocated by task 281: [ 13.668029] kasan_save_stack+0x45/0x70 [ 13.668367] kasan_save_track+0x18/0x40 [ 13.668585] kasan_save_alloc_info+0x3b/0x50 [ 13.669010] __kasan_kmalloc+0xb7/0xc0 [ 13.669324] __kmalloc_cache_noprof+0x189/0x420 [ 13.669505] kasan_bitops_generic+0x92/0x1c0 [ 13.669721] kunit_try_run_case+0x1a5/0x480 [ 13.669948] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.670187] kthread+0x337/0x6f0 [ 13.670345] ret_from_fork+0x41/0x80 [ 13.670514] ret_from_fork_asm+0x1a/0x30 [ 13.670690] [ 13.670784] The buggy address belongs to the object at ffff888102171600 [ 13.670784] which belongs to the cache kmalloc-16 of size 16 [ 13.671890] The buggy address is located 8 bytes inside of [ 13.671890] allocated 9-byte region [ffff888102171600, ffff888102171609) [ 13.672263] [ 13.672340] The buggy address belongs to the physical page: [ 13.672838] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102171 [ 13.673369] flags: 0x200000000000000(node=0|zone=2) [ 13.673549] page_type: f5(slab) [ 13.673792] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.674124] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.674430] page dumped because: kasan: bad access detected [ 13.674740] [ 13.674892] Memory state around the buggy address: [ 13.675095] ffff888102171500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.675409] ffff888102171580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.675769] >ffff888102171600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.676079] ^ [ 13.676269] ffff888102171680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.676634] ffff888102171700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.676939] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 13.498697] ================================================================== [ 13.499259] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.499729] Write of size 8 at addr ffff888102171608 by task kunit_try_catch/281 [ 13.500165] [ 13.500288] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 13.500345] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.500358] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.500381] Call Trace: [ 13.500406] <TASK> [ 13.500422] dump_stack_lvl+0x73/0xb0 [ 13.500448] print_report+0xd1/0x650 [ 13.500472] ? __virt_addr_valid+0x1db/0x2d0 [ 13.500504] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.500534] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.500558] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.500592] kasan_report+0x141/0x180 [ 13.500615] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.500643] kasan_check_range+0x10c/0x1c0 [ 13.500665] __kasan_check_write+0x18/0x20 [ 13.500686] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.500709] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.500733] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.500765] ? trace_hardirqs_on+0x37/0xe0 [ 13.500788] ? kasan_bitops_generic+0x92/0x1c0 [ 13.500815] kasan_bitops_generic+0x116/0x1c0 [ 13.500930] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.500958] ? trace_hardirqs_on+0x37/0xe0 [ 13.500983] ? __pfx_read_tsc+0x10/0x10 [ 13.501005] ? ktime_get_ts64+0x86/0x230 [ 13.501029] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.501056] kunit_try_run_case+0x1a5/0x480 [ 13.501078] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.501111] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.501138] ? __kthread_parkme+0x82/0x180 [ 13.501161] ? preempt_count_sub+0x50/0x80 [ 13.501199] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.501220] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.501244] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.501268] kthread+0x337/0x6f0 [ 13.501286] ? trace_preempt_on+0x20/0xc0 [ 13.501309] ? __pfx_kthread+0x10/0x10 [ 13.501327] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.501350] ? calculate_sigpending+0x7b/0xa0 [ 13.501372] ? __pfx_kthread+0x10/0x10 [ 13.501391] ret_from_fork+0x41/0x80 [ 13.501412] ? __pfx_kthread+0x10/0x10 [ 13.501431] ret_from_fork_asm+0x1a/0x30 [ 13.501461] </TASK> [ 13.501473] [ 13.510542] Allocated by task 281: [ 13.510730] kasan_save_stack+0x45/0x70 [ 13.511163] kasan_save_track+0x18/0x40 [ 13.511385] kasan_save_alloc_info+0x3b/0x50 [ 13.511665] __kasan_kmalloc+0xb7/0xc0 [ 13.511904] __kmalloc_cache_noprof+0x189/0x420 [ 13.512142] kasan_bitops_generic+0x92/0x1c0 [ 13.512339] kunit_try_run_case+0x1a5/0x480 [ 13.512596] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.512832] kthread+0x337/0x6f0 [ 13.513183] ret_from_fork+0x41/0x80 [ 13.513374] ret_from_fork_asm+0x1a/0x30 [ 13.513601] [ 13.513695] The buggy address belongs to the object at ffff888102171600 [ 13.513695] which belongs to the cache kmalloc-16 of size 16 [ 13.514219] The buggy address is located 8 bytes inside of [ 13.514219] allocated 9-byte region [ffff888102171600, ffff888102171609) [ 13.514686] [ 13.514805] The buggy address belongs to the physical page: [ 13.515072] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102171 [ 13.515620] flags: 0x200000000000000(node=0|zone=2) [ 13.515787] page_type: f5(slab) [ 13.515970] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.516360] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.516803] page dumped because: kasan: bad access detected [ 13.517181] [ 13.517279] Memory state around the buggy address: [ 13.517502] ffff888102171500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.517776] ffff888102171580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.518231] >ffff888102171600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.518513] ^ [ 13.518645] ffff888102171680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.519034] ffff888102171700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.519427] ================================================================== [ 13.366031] ================================================================== [ 13.366392] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.366730] Write of size 8 at addr ffff888102171608 by task kunit_try_catch/281 [ 13.367060] [ 13.367171] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 13.367213] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.367225] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.367246] Call Trace: [ 13.367260] <TASK> [ 13.367274] dump_stack_lvl+0x73/0xb0 [ 13.367298] print_report+0xd1/0x650 [ 13.367321] ? __virt_addr_valid+0x1db/0x2d0 [ 13.367343] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.367364] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.367387] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.367411] kasan_report+0x141/0x180 [ 13.367433] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.367459] kasan_check_range+0x10c/0x1c0 [ 13.367480] __kasan_check_write+0x18/0x20 [ 13.367500] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.367522] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.367547] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.367568] ? trace_hardirqs_on+0x37/0xe0 [ 13.367599] ? kasan_bitops_generic+0x92/0x1c0 [ 13.367623] kasan_bitops_generic+0x116/0x1c0 [ 13.367646] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.367666] ? trace_hardirqs_on+0x37/0xe0 [ 13.367688] ? __pfx_read_tsc+0x10/0x10 [ 13.367708] ? ktime_get_ts64+0x86/0x230 [ 13.367730] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.367753] kunit_try_run_case+0x1a5/0x480 [ 13.367774] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.367795] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.367821] ? __kthread_parkme+0x82/0x180 [ 13.367843] ? preempt_count_sub+0x50/0x80 [ 13.367868] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.368186] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.368213] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.368239] kthread+0x337/0x6f0 [ 13.368258] ? trace_preempt_on+0x20/0xc0 [ 13.368281] ? __pfx_kthread+0x10/0x10 [ 13.368300] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.368324] ? calculate_sigpending+0x7b/0xa0 [ 13.368346] ? __pfx_kthread+0x10/0x10 [ 13.368366] ret_from_fork+0x41/0x80 [ 13.368387] ? __pfx_kthread+0x10/0x10 [ 13.368405] ret_from_fork_asm+0x1a/0x30 [ 13.368436] </TASK> [ 13.368447] [ 13.389420] Allocated by task 281: [ 13.389844] kasan_save_stack+0x45/0x70 [ 13.390474] kasan_save_track+0x18/0x40 [ 13.391151] kasan_save_alloc_info+0x3b/0x50 [ 13.391799] __kasan_kmalloc+0xb7/0xc0 [ 13.392176] __kmalloc_cache_noprof+0x189/0x420 [ 13.392344] kasan_bitops_generic+0x92/0x1c0 [ 13.392493] kunit_try_run_case+0x1a5/0x480 [ 13.393425] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.394079] kthread+0x337/0x6f0 [ 13.394561] ret_from_fork+0x41/0x80 [ 13.395161] ret_from_fork_asm+0x1a/0x30 [ 13.395869] [ 13.396121] The buggy address belongs to the object at ffff888102171600 [ 13.396121] which belongs to the cache kmalloc-16 of size 16 [ 13.397429] The buggy address is located 8 bytes inside of [ 13.397429] allocated 9-byte region [ffff888102171600, ffff888102171609) [ 13.398779] [ 13.399144] The buggy address belongs to the physical page: [ 13.399741] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102171 [ 13.400671] flags: 0x200000000000000(node=0|zone=2) [ 13.401118] page_type: f5(slab) [ 13.401250] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.401490] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.403017] page dumped because: kasan: bad access detected [ 13.403730] [ 13.404068] Memory state around the buggy address: [ 13.404677] ffff888102171500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.405479] ffff888102171580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.406404] >ffff888102171600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.407271] ^ [ 13.407917] ffff888102171680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.408753] ffff888102171700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.409296] ================================================================== [ 13.476695] ================================================================== [ 13.477036] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.477666] Write of size 8 at addr ffff888102171608 by task kunit_try_catch/281 [ 13.478051] [ 13.478171] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 13.478216] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.478229] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.478250] Call Trace: [ 13.478265] <TASK> [ 13.478282] dump_stack_lvl+0x73/0xb0 [ 13.478308] print_report+0xd1/0x650 [ 13.478332] ? __virt_addr_valid+0x1db/0x2d0 [ 13.478355] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.478377] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.478401] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.478424] kasan_report+0x141/0x180 [ 13.478447] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.478474] kasan_check_range+0x10c/0x1c0 [ 13.478495] __kasan_check_write+0x18/0x20 [ 13.478516] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.478539] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.478562] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.478598] ? trace_hardirqs_on+0x37/0xe0 [ 13.478621] ? kasan_bitops_generic+0x92/0x1c0 [ 13.478646] kasan_bitops_generic+0x116/0x1c0 [ 13.478679] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.478699] ? trace_hardirqs_on+0x37/0xe0 [ 13.478722] ? __pfx_read_tsc+0x10/0x10 [ 13.478742] ? ktime_get_ts64+0x86/0x230 [ 13.478766] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.478791] kunit_try_run_case+0x1a5/0x480 [ 13.478816] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.478838] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.478865] ? __kthread_parkme+0x82/0x180 [ 13.478897] ? preempt_count_sub+0x50/0x80 [ 13.478923] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.478945] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.478970] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.479043] kthread+0x337/0x6f0 [ 13.479063] ? trace_preempt_on+0x20/0xc0 [ 13.479086] ? __pfx_kthread+0x10/0x10 [ 13.479105] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.479128] ? calculate_sigpending+0x7b/0xa0 [ 13.479151] ? __pfx_kthread+0x10/0x10 [ 13.479170] ret_from_fork+0x41/0x80 [ 13.479191] ? __pfx_kthread+0x10/0x10 [ 13.479210] ret_from_fork_asm+0x1a/0x30 [ 13.479240] </TASK> [ 13.479250] [ 13.489418] Allocated by task 281: [ 13.489641] kasan_save_stack+0x45/0x70 [ 13.489914] kasan_save_track+0x18/0x40 [ 13.490111] kasan_save_alloc_info+0x3b/0x50 [ 13.490265] __kasan_kmalloc+0xb7/0xc0 [ 13.490459] __kmalloc_cache_noprof+0x189/0x420 [ 13.490703] kasan_bitops_generic+0x92/0x1c0 [ 13.490926] kunit_try_run_case+0x1a5/0x480 [ 13.491341] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.491657] kthread+0x337/0x6f0 [ 13.491799] ret_from_fork+0x41/0x80 [ 13.492245] ret_from_fork_asm+0x1a/0x30 [ 13.492435] [ 13.492564] The buggy address belongs to the object at ffff888102171600 [ 13.492564] which belongs to the cache kmalloc-16 of size 16 [ 13.493106] The buggy address is located 8 bytes inside of [ 13.493106] allocated 9-byte region [ffff888102171600, ffff888102171609) [ 13.493634] [ 13.493737] The buggy address belongs to the physical page: [ 13.494079] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102171 [ 13.494386] flags: 0x200000000000000(node=0|zone=2) [ 13.494811] page_type: f5(slab) [ 13.495125] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.495466] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.495809] page dumped because: kasan: bad access detected [ 13.496149] [ 13.496250] Memory state around the buggy address: [ 13.496473] ffff888102171500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.496772] ffff888102171580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.497114] >ffff888102171600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.497480] ^ [ 13.497680] ffff888102171680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.497901] ffff888102171700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.498227] ================================================================== [ 13.410439] ================================================================== [ 13.411705] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.412805] Write of size 8 at addr ffff888102171608 by task kunit_try_catch/281 [ 13.413541] [ 13.413931] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 13.414090] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.414104] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.414140] Call Trace: [ 13.414161] <TASK> [ 13.414213] dump_stack_lvl+0x73/0xb0 [ 13.414246] print_report+0xd1/0x650 [ 13.414270] ? __virt_addr_valid+0x1db/0x2d0 [ 13.414294] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.414317] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.414340] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.414364] kasan_report+0x141/0x180 [ 13.414388] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.414415] kasan_check_range+0x10c/0x1c0 [ 13.414436] __kasan_check_write+0x18/0x20 [ 13.414457] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.414481] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.414504] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.414527] ? trace_hardirqs_on+0x37/0xe0 [ 13.414550] ? kasan_bitops_generic+0x92/0x1c0 [ 13.414575] kasan_bitops_generic+0x116/0x1c0 [ 13.414596] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.414616] ? trace_hardirqs_on+0x37/0xe0 [ 13.414639] ? __pfx_read_tsc+0x10/0x10 [ 13.414660] ? ktime_get_ts64+0x86/0x230 [ 13.414684] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.414708] kunit_try_run_case+0x1a5/0x480 [ 13.414730] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.414751] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.414777] ? __kthread_parkme+0x82/0x180 [ 13.414800] ? preempt_count_sub+0x50/0x80 [ 13.414826] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.414847] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.414885] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.414911] kthread+0x337/0x6f0 [ 13.414928] ? trace_preempt_on+0x20/0xc0 [ 13.414951] ? __pfx_kthread+0x10/0x10 [ 13.414970] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.414993] ? calculate_sigpending+0x7b/0xa0 [ 13.415016] ? __pfx_kthread+0x10/0x10 [ 13.415035] ret_from_fork+0x41/0x80 [ 13.415056] ? __pfx_kthread+0x10/0x10 [ 13.415076] ret_from_fork_asm+0x1a/0x30 [ 13.415107] </TASK> [ 13.415119] [ 13.430321] Allocated by task 281: [ 13.430744] kasan_save_stack+0x45/0x70 [ 13.431254] kasan_save_track+0x18/0x40 [ 13.431667] kasan_save_alloc_info+0x3b/0x50 [ 13.432236] __kasan_kmalloc+0xb7/0xc0 [ 13.432638] __kmalloc_cache_noprof+0x189/0x420 [ 13.433200] kasan_bitops_generic+0x92/0x1c0 [ 13.433362] kunit_try_run_case+0x1a5/0x480 [ 13.433521] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.434049] kthread+0x337/0x6f0 [ 13.434428] ret_from_fork+0x41/0x80 [ 13.434849] ret_from_fork_asm+0x1a/0x30 [ 13.435291] [ 13.435454] The buggy address belongs to the object at ffff888102171600 [ 13.435454] which belongs to the cache kmalloc-16 of size 16 [ 13.436177] The buggy address is located 8 bytes inside of [ 13.436177] allocated 9-byte region [ffff888102171600, ffff888102171609) [ 13.436571] [ 13.436732] The buggy address belongs to the physical page: [ 13.437455] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102171 [ 13.438287] flags: 0x200000000000000(node=0|zone=2) [ 13.438832] page_type: f5(slab) [ 13.439236] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.440266] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.440611] page dumped because: kasan: bad access detected [ 13.441280] [ 13.441444] Memory state around the buggy address: [ 13.441940] ffff888102171500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.442267] ffff888102171580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.442486] >ffff888102171600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.442829] ^ [ 13.443242] ffff888102171680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.443767] ffff888102171700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.444376] ================================================================== [ 13.520285] ================================================================== [ 13.520650] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.521019] Write of size 8 at addr ffff888102171608 by task kunit_try_catch/281 [ 13.521535] [ 13.521672] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 13.521716] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.521729] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.521752] Call Trace: [ 13.521960] <TASK> [ 13.521987] dump_stack_lvl+0x73/0xb0 [ 13.522014] print_report+0xd1/0x650 [ 13.522038] ? __virt_addr_valid+0x1db/0x2d0 [ 13.522086] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.522109] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.522133] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.522166] kasan_report+0x141/0x180 [ 13.522190] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.522217] kasan_check_range+0x10c/0x1c0 [ 13.522249] __kasan_check_write+0x18/0x20 [ 13.522270] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.522294] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.522318] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.522340] ? trace_hardirqs_on+0x37/0xe0 [ 13.522362] ? kasan_bitops_generic+0x92/0x1c0 [ 13.522387] kasan_bitops_generic+0x116/0x1c0 [ 13.522407] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.522428] ? trace_hardirqs_on+0x37/0xe0 [ 13.522451] ? __pfx_read_tsc+0x10/0x10 [ 13.522471] ? ktime_get_ts64+0x86/0x230 [ 13.522494] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.522531] kunit_try_run_case+0x1a5/0x480 [ 13.522555] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.522575] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.522601] ? __kthread_parkme+0x82/0x180 [ 13.522623] ? preempt_count_sub+0x50/0x80 [ 13.522649] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.522670] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.522693] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.522718] kthread+0x337/0x6f0 [ 13.522735] ? trace_preempt_on+0x20/0xc0 [ 13.522758] ? __pfx_kthread+0x10/0x10 [ 13.522777] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.522800] ? calculate_sigpending+0x7b/0xa0 [ 13.522822] ? __pfx_kthread+0x10/0x10 [ 13.522849] ret_from_fork+0x41/0x80 [ 13.522871] ? __pfx_kthread+0x10/0x10 [ 13.522907] ret_from_fork_asm+0x1a/0x30 [ 13.522937] </TASK> [ 13.522948] [ 13.531595] Allocated by task 281: [ 13.531787] kasan_save_stack+0x45/0x70 [ 13.532001] kasan_save_track+0x18/0x40 [ 13.532185] kasan_save_alloc_info+0x3b/0x50 [ 13.532383] __kasan_kmalloc+0xb7/0xc0 [ 13.532562] __kmalloc_cache_noprof+0x189/0x420 [ 13.532766] kasan_bitops_generic+0x92/0x1c0 [ 13.533162] kunit_try_run_case+0x1a5/0x480 [ 13.533399] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.533617] kthread+0x337/0x6f0 [ 13.533743] ret_from_fork+0x41/0x80 [ 13.533888] ret_from_fork_asm+0x1a/0x30 [ 13.534040] [ 13.534166] The buggy address belongs to the object at ffff888102171600 [ 13.534166] which belongs to the cache kmalloc-16 of size 16 [ 13.534734] The buggy address is located 8 bytes inside of [ 13.534734] allocated 9-byte region [ffff888102171600, ffff888102171609) [ 13.535264] [ 13.535343] The buggy address belongs to the physical page: [ 13.535541] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102171 [ 13.535907] flags: 0x200000000000000(node=0|zone=2) [ 13.536178] page_type: f5(slab) [ 13.536358] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.536755] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.537099] page dumped because: kasan: bad access detected [ 13.537343] [ 13.537462] Memory state around the buggy address: [ 13.537719] ffff888102171500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.538044] ffff888102171580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.538366] >ffff888102171600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.538705] ^ [ 13.538894] ffff888102171680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.539167] ffff888102171700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.539464] ================================================================== [ 13.344030] ================================================================== [ 13.344403] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.344901] Write of size 8 at addr ffff888102171608 by task kunit_try_catch/281 [ 13.345161] [ 13.345250] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 13.345293] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.345305] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.345327] Call Trace: [ 13.345339] <TASK> [ 13.345355] dump_stack_lvl+0x73/0xb0 [ 13.345380] print_report+0xd1/0x650 [ 13.345402] ? __virt_addr_valid+0x1db/0x2d0 [ 13.345425] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.345447] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.345470] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.345494] kasan_report+0x141/0x180 [ 13.345518] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.345545] kasan_check_range+0x10c/0x1c0 [ 13.345589] __kasan_check_write+0x18/0x20 [ 13.345610] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.345634] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.345661] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.345684] ? trace_hardirqs_on+0x37/0xe0 [ 13.345707] ? kasan_bitops_generic+0x92/0x1c0 [ 13.345732] kasan_bitops_generic+0x116/0x1c0 [ 13.345753] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.345774] ? trace_hardirqs_on+0x37/0xe0 [ 13.345796] ? __pfx_read_tsc+0x10/0x10 [ 13.345817] ? ktime_get_ts64+0x86/0x230 [ 13.346008] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.346035] kunit_try_run_case+0x1a5/0x480 [ 13.346058] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.346080] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.346105] ? __kthread_parkme+0x82/0x180 [ 13.346127] ? preempt_count_sub+0x50/0x80 [ 13.346154] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.346175] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.346200] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.346224] kthread+0x337/0x6f0 [ 13.346241] ? trace_preempt_on+0x20/0xc0 [ 13.346264] ? __pfx_kthread+0x10/0x10 [ 13.346283] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.346306] ? calculate_sigpending+0x7b/0xa0 [ 13.346328] ? __pfx_kthread+0x10/0x10 [ 13.346347] ret_from_fork+0x41/0x80 [ 13.346368] ? __pfx_kthread+0x10/0x10 [ 13.346387] ret_from_fork_asm+0x1a/0x30 [ 13.346418] </TASK> [ 13.346428] [ 13.355114] Allocated by task 281: [ 13.355315] kasan_save_stack+0x45/0x70 [ 13.355512] kasan_save_track+0x18/0x40 [ 13.355702] kasan_save_alloc_info+0x3b/0x50 [ 13.356006] __kasan_kmalloc+0xb7/0xc0 [ 13.356175] __kmalloc_cache_noprof+0x189/0x420 [ 13.356357] kasan_bitops_generic+0x92/0x1c0 [ 13.356592] kunit_try_run_case+0x1a5/0x480 [ 13.356784] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.357128] kthread+0x337/0x6f0 [ 13.357276] ret_from_fork+0x41/0x80 [ 13.357441] ret_from_fork_asm+0x1a/0x30 [ 13.357668] [ 13.357747] The buggy address belongs to the object at ffff888102171600 [ 13.357747] which belongs to the cache kmalloc-16 of size 16 [ 13.358271] The buggy address is located 8 bytes inside of [ 13.358271] allocated 9-byte region [ffff888102171600, ffff888102171609) [ 13.358928] [ 13.359038] The buggy address belongs to the physical page: [ 13.359292] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102171 [ 13.359629] flags: 0x200000000000000(node=0|zone=2) [ 13.359800] page_type: f5(slab) [ 13.360064] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.360417] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.360792] page dumped because: kasan: bad access detected [ 13.361125] [ 13.361231] Memory state around the buggy address: [ 13.361416] ffff888102171500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.361740] ffff888102171580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.362126] >ffff888102171600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.362458] ^ [ 13.362669] ffff888102171680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.363109] ffff888102171700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.363425] ================================================================== [ 13.445279] ================================================================== [ 13.445777] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.446497] Write of size 8 at addr ffff888102171608 by task kunit_try_catch/281 [ 13.447232] [ 13.447415] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 13.447472] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.447493] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.447515] Call Trace: [ 13.447531] <TASK> [ 13.447548] dump_stack_lvl+0x73/0xb0 [ 13.447593] print_report+0xd1/0x650 [ 13.447617] ? __virt_addr_valid+0x1db/0x2d0 [ 13.447648] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.447671] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.447694] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.447717] kasan_report+0x141/0x180 [ 13.447740] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.447767] kasan_check_range+0x10c/0x1c0 [ 13.447789] __kasan_check_write+0x18/0x20 [ 13.447809] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.447833] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.447883] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.447905] ? trace_hardirqs_on+0x37/0xe0 [ 13.447928] ? kasan_bitops_generic+0x92/0x1c0 [ 13.447953] kasan_bitops_generic+0x116/0x1c0 [ 13.447976] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.447996] ? trace_hardirqs_on+0x37/0xe0 [ 13.448020] ? __pfx_read_tsc+0x10/0x10 [ 13.448041] ? ktime_get_ts64+0x86/0x230 [ 13.448064] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.448088] kunit_try_run_case+0x1a5/0x480 [ 13.448110] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.448132] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.448158] ? __kthread_parkme+0x82/0x180 [ 13.448181] ? preempt_count_sub+0x50/0x80 [ 13.448207] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.448228] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.448252] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.448276] kthread+0x337/0x6f0 [ 13.448293] ? trace_preempt_on+0x20/0xc0 [ 13.448316] ? __pfx_kthread+0x10/0x10 [ 13.448334] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.448357] ? calculate_sigpending+0x7b/0xa0 [ 13.448379] ? __pfx_kthread+0x10/0x10 [ 13.448398] ret_from_fork+0x41/0x80 [ 13.448419] ? __pfx_kthread+0x10/0x10 [ 13.448437] ret_from_fork_asm+0x1a/0x30 [ 13.448468] </TASK> [ 13.448479] [ 13.463373] Allocated by task 281: [ 13.463531] kasan_save_stack+0x45/0x70 [ 13.463928] kasan_save_track+0x18/0x40 [ 13.464306] kasan_save_alloc_info+0x3b/0x50 [ 13.464817] __kasan_kmalloc+0xb7/0xc0 [ 13.465398] __kmalloc_cache_noprof+0x189/0x420 [ 13.465906] kasan_bitops_generic+0x92/0x1c0 [ 13.466368] kunit_try_run_case+0x1a5/0x480 [ 13.466807] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.467296] kthread+0x337/0x6f0 [ 13.467425] ret_from_fork+0x41/0x80 [ 13.467658] ret_from_fork_asm+0x1a/0x30 [ 13.468112] [ 13.468287] The buggy address belongs to the object at ffff888102171600 [ 13.468287] which belongs to the cache kmalloc-16 of size 16 [ 13.469491] The buggy address is located 8 bytes inside of [ 13.469491] allocated 9-byte region [ffff888102171600, ffff888102171609) [ 13.470157] [ 13.470237] The buggy address belongs to the physical page: [ 13.470412] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102171 [ 13.470673] flags: 0x200000000000000(node=0|zone=2) [ 13.471183] page_type: f5(slab) [ 13.471565] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.472094] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.472507] page dumped because: kasan: bad access detected [ 13.473180] [ 13.473360] Memory state around the buggy address: [ 13.473812] ffff888102171500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.474195] ffff888102171580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.474939] >ffff888102171600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.475335] ^ [ 13.475743] ffff888102171680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.476068] ffff888102171700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.476285] ================================================================== [ 13.323714] ================================================================== [ 13.324294] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.324627] Write of size 8 at addr ffff888102171608 by task kunit_try_catch/281 [ 13.325001] [ 13.325106] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 13.325153] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.325166] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.325191] Call Trace: [ 13.325203] <TASK> [ 13.325219] dump_stack_lvl+0x73/0xb0 [ 13.325246] print_report+0xd1/0x650 [ 13.325270] ? __virt_addr_valid+0x1db/0x2d0 [ 13.325293] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.325317] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.325340] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.325363] kasan_report+0x141/0x180 [ 13.325387] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.325415] kasan_check_range+0x10c/0x1c0 [ 13.325436] __kasan_check_write+0x18/0x20 [ 13.325457] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.325480] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.325504] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.325528] ? trace_hardirqs_on+0x37/0xe0 [ 13.325553] ? kasan_bitops_generic+0x92/0x1c0 [ 13.325578] kasan_bitops_generic+0x116/0x1c0 [ 13.325600] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.325620] ? trace_hardirqs_on+0x37/0xe0 [ 13.325643] ? __pfx_read_tsc+0x10/0x10 [ 13.325663] ? ktime_get_ts64+0x86/0x230 [ 13.325686] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.325730] kunit_try_run_case+0x1a5/0x480 [ 13.325752] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.325773] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.325810] ? __kthread_parkme+0x82/0x180 [ 13.325833] ? preempt_count_sub+0x50/0x80 [ 13.325860] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.325958] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.325988] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.326014] kthread+0x337/0x6f0 [ 13.326034] ? trace_preempt_on+0x20/0xc0 [ 13.326060] ? __pfx_kthread+0x10/0x10 [ 13.326080] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.326104] ? calculate_sigpending+0x7b/0xa0 [ 13.326127] ? __pfx_kthread+0x10/0x10 [ 13.326147] ret_from_fork+0x41/0x80 [ 13.326168] ? __pfx_kthread+0x10/0x10 [ 13.326188] ret_from_fork_asm+0x1a/0x30 [ 13.326219] </TASK> [ 13.326230] [ 13.334854] Allocated by task 281: [ 13.335204] kasan_save_stack+0x45/0x70 [ 13.335429] kasan_save_track+0x18/0x40 [ 13.335633] kasan_save_alloc_info+0x3b/0x50 [ 13.335937] __kasan_kmalloc+0xb7/0xc0 [ 13.336294] __kmalloc_cache_noprof+0x189/0x420 [ 13.336456] kasan_bitops_generic+0x92/0x1c0 [ 13.336603] kunit_try_run_case+0x1a5/0x480 [ 13.336996] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.337275] kthread+0x337/0x6f0 [ 13.337447] ret_from_fork+0x41/0x80 [ 13.337770] ret_from_fork_asm+0x1a/0x30 [ 13.338017] [ 13.338125] The buggy address belongs to the object at ffff888102171600 [ 13.338125] which belongs to the cache kmalloc-16 of size 16 [ 13.338615] The buggy address is located 8 bytes inside of [ 13.338615] allocated 9-byte region [ffff888102171600, ffff888102171609) [ 13.339151] [ 13.339231] The buggy address belongs to the physical page: [ 13.339432] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102171 [ 13.339795] flags: 0x200000000000000(node=0|zone=2) [ 13.340069] page_type: f5(slab) [ 13.340244] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.340478] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.340706] page dumped because: kasan: bad access detected [ 13.340917] [ 13.341015] Memory state around the buggy address: [ 13.341246] ffff888102171500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.341576] ffff888102171580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.342089] >ffff888102171600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.342423] ^ [ 13.342626] ffff888102171680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.343020] ffff888102171700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.343326] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 13.296691] ================================================================== [ 13.297191] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 13.297500] Read of size 1 at addr ffff88810360c050 by task kunit_try_catch/279 [ 13.297900] [ 13.298002] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 13.298048] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.298061] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.298083] Call Trace: [ 13.298095] <TASK> [ 13.298109] dump_stack_lvl+0x73/0xb0 [ 13.298134] print_report+0xd1/0x650 [ 13.298159] ? __virt_addr_valid+0x1db/0x2d0 [ 13.298182] ? strnlen+0x73/0x80 [ 13.298202] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.298225] ? strnlen+0x73/0x80 [ 13.298245] kasan_report+0x141/0x180 [ 13.298268] ? strnlen+0x73/0x80 [ 13.298292] __asan_report_load1_noabort+0x18/0x20 [ 13.298314] strnlen+0x73/0x80 [ 13.298334] kasan_strings+0x615/0xe80 [ 13.298355] ? trace_hardirqs_on+0x37/0xe0 [ 13.298379] ? __pfx_kasan_strings+0x10/0x10 [ 13.298400] ? finish_task_switch.isra.0+0x153/0x700 [ 13.298425] ? __switch_to+0x5d9/0xf60 [ 13.298447] ? dequeue_task_fair+0x166/0x4e0 [ 13.298471] ? __schedule+0x10cc/0x2b60 [ 13.298496] ? __pfx_read_tsc+0x10/0x10 [ 13.298515] ? ktime_get_ts64+0x86/0x230 [ 13.298542] kunit_try_run_case+0x1a5/0x480 [ 13.298564] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.298585] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.298610] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.298635] ? __kthread_parkme+0x82/0x180 [ 13.298657] ? preempt_count_sub+0x50/0x80 [ 13.298682] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.298703] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.298726] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.298751] kthread+0x337/0x6f0 [ 13.298768] ? trace_preempt_on+0x20/0xc0 [ 13.298790] ? __pfx_kthread+0x10/0x10 [ 13.298809] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.298831] ? calculate_sigpending+0x7b/0xa0 [ 13.298854] ? __pfx_kthread+0x10/0x10 [ 13.298883] ret_from_fork+0x41/0x80 [ 13.298904] ? __pfx_kthread+0x10/0x10 [ 13.298923] ret_from_fork_asm+0x1a/0x30 [ 13.298953] </TASK> [ 13.299016] [ 13.307418] Allocated by task 279: [ 13.307668] kasan_save_stack+0x45/0x70 [ 13.307952] kasan_save_track+0x18/0x40 [ 13.308112] kasan_save_alloc_info+0x3b/0x50 [ 13.308261] __kasan_kmalloc+0xb7/0xc0 [ 13.308419] __kmalloc_cache_noprof+0x189/0x420 [ 13.308641] kasan_strings+0xc0/0xe80 [ 13.309004] kunit_try_run_case+0x1a5/0x480 [ 13.309294] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.309476] kthread+0x337/0x6f0 [ 13.309651] ret_from_fork+0x41/0x80 [ 13.309839] ret_from_fork_asm+0x1a/0x30 [ 13.310053] [ 13.310149] Freed by task 279: [ 13.310297] kasan_save_stack+0x45/0x70 [ 13.310437] kasan_save_track+0x18/0x40 [ 13.310574] kasan_save_free_info+0x3f/0x60 [ 13.310976] __kasan_slab_free+0x56/0x70 [ 13.311321] kfree+0x222/0x3f0 [ 13.311498] kasan_strings+0x2aa/0xe80 [ 13.311695] kunit_try_run_case+0x1a5/0x480 [ 13.311959] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.312147] kthread+0x337/0x6f0 [ 13.312269] ret_from_fork+0x41/0x80 [ 13.312404] ret_from_fork_asm+0x1a/0x30 [ 13.312562] [ 13.312659] The buggy address belongs to the object at ffff88810360c040 [ 13.312659] which belongs to the cache kmalloc-32 of size 32 [ 13.313201] The buggy address is located 16 bytes inside of [ 13.313201] freed 32-byte region [ffff88810360c040, ffff88810360c060) [ 13.314017] [ 13.314095] The buggy address belongs to the physical page: [ 13.314271] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10360c [ 13.314513] flags: 0x200000000000000(node=0|zone=2) [ 13.314685] page_type: f5(slab) [ 13.315010] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.315389] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.315738] page dumped because: kasan: bad access detected [ 13.316032] [ 13.316269] Memory state around the buggy address: [ 13.316491] ffff88810360bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.316763] ffff88810360bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.317001] >ffff88810360c000: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.317553] ^ [ 13.317815] ffff88810360c080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.318129] ffff88810360c100: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 13.318451] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 13.157229] ================================================================== [ 13.157722] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 13.157994] Read of size 1 at addr ffff888103c3fc4a by task kunit_try_catch/273 [ 13.158219] [ 13.158314] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 13.158366] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.158377] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.158400] Call Trace: [ 13.158413] <TASK> [ 13.158429] dump_stack_lvl+0x73/0xb0 [ 13.158457] print_report+0xd1/0x650 [ 13.158480] ? __virt_addr_valid+0x1db/0x2d0 [ 13.158504] ? kasan_alloca_oob_right+0x329/0x390 [ 13.158527] ? kasan_addr_to_slab+0x11/0xa0 [ 13.158548] ? kasan_alloca_oob_right+0x329/0x390 [ 13.158571] kasan_report+0x141/0x180 [ 13.158594] ? kasan_alloca_oob_right+0x329/0x390 [ 13.158621] __asan_report_load1_noabort+0x18/0x20 [ 13.158643] kasan_alloca_oob_right+0x329/0x390 [ 13.158667] ? finish_task_switch.isra.0+0x153/0x700 [ 13.158692] ? ww_mutex_unlock+0x10e/0x150 [ 13.158712] ? trace_hardirqs_on+0x37/0xe0 [ 13.158737] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 13.158763] ? __schedule+0x10cc/0x2b60 [ 13.158786] ? __pfx_read_tsc+0x10/0x10 [ 13.158807] ? ktime_get_ts64+0x86/0x230 [ 13.158832] kunit_try_run_case+0x1a5/0x480 [ 13.158855] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.158915] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.158944] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.158968] ? __kthread_parkme+0x82/0x180 [ 13.158991] ? preempt_count_sub+0x50/0x80 [ 13.159017] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.159039] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.159064] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.159091] kthread+0x337/0x6f0 [ 13.159108] ? trace_preempt_on+0x20/0xc0 [ 13.159131] ? __pfx_kthread+0x10/0x10 [ 13.159150] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.159173] ? calculate_sigpending+0x7b/0xa0 [ 13.159195] ? __pfx_kthread+0x10/0x10 [ 13.159215] ret_from_fork+0x41/0x80 [ 13.159237] ? __pfx_kthread+0x10/0x10 [ 13.159256] ret_from_fork_asm+0x1a/0x30 [ 13.159287] </TASK> [ 13.159299] [ 13.174700] The buggy address belongs to stack of task kunit_try_catch/273 [ 13.175434] [ 13.175655] The buggy address belongs to the physical page: [ 13.176248] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103c3f [ 13.177134] flags: 0x200000000000000(node=0|zone=2) [ 13.177661] raw: 0200000000000000 ffffea00040f0fc8 ffffea00040f0fc8 0000000000000000 [ 13.178566] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.179453] page dumped because: kasan: bad access detected [ 13.180134] [ 13.180305] Memory state around the buggy address: [ 13.180924] ffff888103c3fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.181705] ffff888103c3fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.182527] >ffff888103c3fc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 13.183303] ^ [ 13.183970] ffff888103c3fc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 13.184217] ffff888103c3fd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.184434] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 13.135592] ================================================================== [ 13.136175] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 13.136496] Read of size 1 at addr ffff888103c47c3f by task kunit_try_catch/271 [ 13.136814] [ 13.136974] CPU: 0 UID: 0 PID: 271 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 13.137029] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.137042] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.137067] Call Trace: [ 13.137080] <TASK> [ 13.137097] dump_stack_lvl+0x73/0xb0 [ 13.137128] print_report+0xd1/0x650 [ 13.137153] ? __virt_addr_valid+0x1db/0x2d0 [ 13.137179] ? kasan_alloca_oob_left+0x320/0x380 [ 13.137202] ? kasan_addr_to_slab+0x11/0xa0 [ 13.137225] ? kasan_alloca_oob_left+0x320/0x380 [ 13.137249] kasan_report+0x141/0x180 [ 13.137273] ? kasan_alloca_oob_left+0x320/0x380 [ 13.137302] __asan_report_load1_noabort+0x18/0x20 [ 13.137325] kasan_alloca_oob_left+0x320/0x380 [ 13.137352] ? finish_task_switch.isra.0+0x153/0x700 [ 13.137379] ? ww_mutex_unlock+0x10e/0x150 [ 13.137400] ? trace_hardirqs_on+0x37/0xe0 [ 13.137428] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 13.137455] ? __schedule+0x10cc/0x2b60 [ 13.137480] ? __pfx_read_tsc+0x10/0x10 [ 13.137502] ? ktime_get_ts64+0x86/0x230 [ 13.137604] kunit_try_run_case+0x1a5/0x480 [ 13.137631] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.137652] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.137679] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.137704] ? __kthread_parkme+0x82/0x180 [ 13.137729] ? preempt_count_sub+0x50/0x80 [ 13.137755] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.137776] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.137802] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.137828] kthread+0x337/0x6f0 [ 13.137895] ? trace_preempt_on+0x20/0xc0 [ 13.137921] ? __pfx_kthread+0x10/0x10 [ 13.137941] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.137965] ? calculate_sigpending+0x7b/0xa0 [ 13.137989] ? __pfx_kthread+0x10/0x10 [ 13.138009] ret_from_fork+0x41/0x80 [ 13.138032] ? __pfx_kthread+0x10/0x10 [ 13.138052] ret_from_fork_asm+0x1a/0x30 [ 13.138084] </TASK> [ 13.138096] [ 13.147367] The buggy address belongs to stack of task kunit_try_catch/271 [ 13.147857] [ 13.148001] The buggy address belongs to the physical page: [ 13.148412] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103c47 [ 13.148828] flags: 0x200000000000000(node=0|zone=2) [ 13.149188] raw: 0200000000000000 ffffea00040f11c8 ffffea00040f11c8 0000000000000000 [ 13.149443] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.149950] page dumped because: kasan: bad access detected [ 13.150347] [ 13.150423] Memory state around the buggy address: [ 13.150624] ffff888103c47b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.151138] ffff888103c47b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.151798] >ffff888103c47c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 13.152261] ^ [ 13.152591] ffff888103c47c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 13.153118] ffff888103c47d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.153501] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 13.102213] ================================================================== [ 13.103692] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 13.104783] Read of size 1 at addr ffff888103d27d02 by task kunit_try_catch/269 [ 13.105472] [ 13.105736] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 13.105943] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.105958] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.105983] Call Trace: [ 13.106004] <TASK> [ 13.106021] dump_stack_lvl+0x73/0xb0 [ 13.106051] print_report+0xd1/0x650 [ 13.106077] ? __virt_addr_valid+0x1db/0x2d0 [ 13.106100] ? kasan_stack_oob+0x2b5/0x300 [ 13.106121] ? kasan_addr_to_slab+0x11/0xa0 [ 13.106142] ? kasan_stack_oob+0x2b5/0x300 [ 13.106164] kasan_report+0x141/0x180 [ 13.106187] ? kasan_stack_oob+0x2b5/0x300 [ 13.106213] __asan_report_load1_noabort+0x18/0x20 [ 13.106236] kasan_stack_oob+0x2b5/0x300 [ 13.106258] ? __pfx_kasan_stack_oob+0x10/0x10 [ 13.106278] ? finish_task_switch.isra.0+0x153/0x700 [ 13.106304] ? __switch_to+0x5d9/0xf60 [ 13.106325] ? dequeue_task_fair+0x166/0x4e0 [ 13.106350] ? __schedule+0x10cc/0x2b60 [ 13.106374] ? __pfx_read_tsc+0x10/0x10 [ 13.106396] ? ktime_get_ts64+0x86/0x230 [ 13.106422] kunit_try_run_case+0x1a5/0x480 [ 13.106445] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.106464] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.106490] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.106544] ? __kthread_parkme+0x82/0x180 [ 13.106569] ? preempt_count_sub+0x50/0x80 [ 13.106593] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.106614] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.106639] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.106663] kthread+0x337/0x6f0 [ 13.106681] ? trace_preempt_on+0x20/0xc0 [ 13.106705] ? __pfx_kthread+0x10/0x10 [ 13.106723] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.106746] ? calculate_sigpending+0x7b/0xa0 [ 13.106769] ? __pfx_kthread+0x10/0x10 [ 13.106788] ret_from_fork+0x41/0x80 [ 13.106809] ? __pfx_kthread+0x10/0x10 [ 13.106828] ret_from_fork_asm+0x1a/0x30 [ 13.106945] </TASK> [ 13.106957] [ 13.123589] The buggy address belongs to stack of task kunit_try_catch/269 [ 13.123902] and is located at offset 138 in frame: [ 13.124204] kasan_stack_oob+0x0/0x300 [ 13.124541] [ 13.124631] This frame has 4 objects: [ 13.125322] [48, 49) '__assertion' [ 13.125348] [64, 72) 'array' [ 13.125503] [96, 112) '__assertion' [ 13.125780] [128, 138) 'stack_array' [ 13.126092] [ 13.126352] The buggy address belongs to the physical page: [ 13.126757] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d27 [ 13.127264] flags: 0x200000000000000(node=0|zone=2) [ 13.127618] raw: 0200000000000000 ffffea00040f49c8 ffffea00040f49c8 0000000000000000 [ 13.127930] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.128591] page dumped because: kasan: bad access detected [ 13.128842] [ 13.128975] Memory state around the buggy address: [ 13.129399] ffff888103d27c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.130123] ffff888103d27c80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 13.130438] >ffff888103d27d00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.130905] ^ [ 13.131096] ffff888103d27d80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 13.131657] ffff888103d27e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.132213] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 13.081508] ================================================================== [ 13.082400] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 13.082809] Read of size 1 at addr ffffffff9684532d by task kunit_try_catch/265 [ 13.083178] [ 13.083332] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 13.083381] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.083394] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.083418] Call Trace: [ 13.083432] <TASK> [ 13.083449] dump_stack_lvl+0x73/0xb0 [ 13.083478] print_report+0xd1/0x650 [ 13.083503] ? __virt_addr_valid+0x1db/0x2d0 [ 13.083526] ? kasan_global_oob_right+0x286/0x2d0 [ 13.083548] ? kasan_addr_to_slab+0x11/0xa0 [ 13.083578] ? kasan_global_oob_right+0x286/0x2d0 [ 13.083600] kasan_report+0x141/0x180 [ 13.083623] ? kasan_global_oob_right+0x286/0x2d0 [ 13.083652] __asan_report_load1_noabort+0x18/0x20 [ 13.083674] kasan_global_oob_right+0x286/0x2d0 [ 13.083697] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 13.083724] ? __schedule+0x10cc/0x2b60 [ 13.083749] ? __pfx_read_tsc+0x10/0x10 [ 13.083771] ? ktime_get_ts64+0x86/0x230 [ 13.083799] kunit_try_run_case+0x1a5/0x480 [ 13.083822] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.083841] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.083867] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.083904] ? __kthread_parkme+0x82/0x180 [ 13.083927] ? preempt_count_sub+0x50/0x80 [ 13.083954] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.083977] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.084002] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.084027] kthread+0x337/0x6f0 [ 13.084045] ? trace_preempt_on+0x20/0xc0 [ 13.084069] ? __pfx_kthread+0x10/0x10 [ 13.084088] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.084111] ? calculate_sigpending+0x7b/0xa0 [ 13.084134] ? __pfx_kthread+0x10/0x10 [ 13.084153] ret_from_fork+0x41/0x80 [ 13.084175] ? __pfx_kthread+0x10/0x10 [ 13.084203] ret_from_fork_asm+0x1a/0x30 [ 13.084234] </TASK> [ 13.084246] [ 13.091475] The buggy address belongs to the variable: [ 13.091738] global_array+0xd/0x40 [ 13.092114] [ 13.092238] The buggy address belongs to the physical page: [ 13.092424] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x73445 [ 13.092666] flags: 0x100000000002000(reserved|node=0|zone=1) [ 13.093132] raw: 0100000000002000 ffffea0001cd1148 ffffea0001cd1148 0000000000000000 [ 13.093491] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.093859] page dumped because: kasan: bad access detected [ 13.094105] [ 13.094206] Memory state around the buggy address: [ 13.094399] ffffffff96845200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.094693] ffffffff96845280: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.094929] >ffffffff96845300: 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 [ 13.095229] ^ [ 13.095446] ffffffff96845380: f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 [ 13.095775] ffffffff96845400: f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 [ 13.096121] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 13.034071] ================================================================== [ 13.034552] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.034920] Free of addr ffff888103606601 by task kunit_try_catch/261 [ 13.035260] [ 13.035382] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 13.035428] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.035441] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.035463] Call Trace: [ 13.035475] <TASK> [ 13.035491] dump_stack_lvl+0x73/0xb0 [ 13.035529] print_report+0xd1/0x650 [ 13.035554] ? __virt_addr_valid+0x1db/0x2d0 [ 13.035586] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.035611] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.035638] kasan_report_invalid_free+0x10a/0x130 [ 13.035665] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.035694] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.035719] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.035745] check_slab_allocation+0x11f/0x130 [ 13.035769] __kasan_mempool_poison_object+0x91/0x1d0 [ 13.035795] mempool_free+0x2ec/0x380 [ 13.035820] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.035847] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 13.035885] ? update_load_avg+0x1be/0x21b0 [ 13.035905] ? update_load_avg+0x1be/0x21b0 [ 13.035925] ? update_curr+0x80/0x810 [ 13.035946] ? finish_task_switch.isra.0+0x153/0x700 [ 13.035990] mempool_kmalloc_invalid_free+0xed/0x140 [ 13.036015] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 13.036040] ? dequeue_task_fair+0x156/0x4e0 [ 13.036063] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.036084] ? __pfx_mempool_kfree+0x10/0x10 [ 13.036107] ? __pfx_read_tsc+0x10/0x10 [ 13.036128] ? ktime_get_ts64+0x86/0x230 [ 13.036154] kunit_try_run_case+0x1a5/0x480 [ 13.036176] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.036196] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.036222] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.036247] ? __kthread_parkme+0x82/0x180 [ 13.036270] ? preempt_count_sub+0x50/0x80 [ 13.036295] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.036316] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.036341] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.036365] kthread+0x337/0x6f0 [ 13.036384] ? trace_preempt_on+0x20/0xc0 [ 13.036409] ? __pfx_kthread+0x10/0x10 [ 13.036427] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.036451] ? calculate_sigpending+0x7b/0xa0 [ 13.036473] ? __pfx_kthread+0x10/0x10 [ 13.036493] ret_from_fork+0x41/0x80 [ 13.036555] ? __pfx_kthread+0x10/0x10 [ 13.036578] ret_from_fork_asm+0x1a/0x30 [ 13.036609] </TASK> [ 13.036620] [ 13.046766] Allocated by task 261: [ 13.046921] kasan_save_stack+0x45/0x70 [ 13.047196] kasan_save_track+0x18/0x40 [ 13.047405] kasan_save_alloc_info+0x3b/0x50 [ 13.047699] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.047990] remove_element+0x11e/0x190 [ 13.048138] mempool_alloc_preallocated+0x4d/0x90 [ 13.048299] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 13.048611] mempool_kmalloc_invalid_free+0xed/0x140 [ 13.048857] kunit_try_run_case+0x1a5/0x480 [ 13.049158] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.049427] kthread+0x337/0x6f0 [ 13.049663] ret_from_fork+0x41/0x80 [ 13.049836] ret_from_fork_asm+0x1a/0x30 [ 13.050185] [ 13.050285] The buggy address belongs to the object at ffff888103606600 [ 13.050285] which belongs to the cache kmalloc-128 of size 128 [ 13.050733] The buggy address is located 1 bytes inside of [ 13.050733] 128-byte region [ffff888103606600, ffff888103606680) [ 13.051129] [ 13.051348] The buggy address belongs to the physical page: [ 13.051621] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103606 [ 13.052017] flags: 0x200000000000000(node=0|zone=2) [ 13.052198] page_type: f5(slab) [ 13.052334] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.052744] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.053120] page dumped because: kasan: bad access detected [ 13.053333] [ 13.053432] Memory state around the buggy address: [ 13.053667] ffff888103606500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.054083] ffff888103606580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.054382] >ffff888103606600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.054697] ^ [ 13.055035] ffff888103606680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.055323] ffff888103606700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.055607] ================================================================== [ 13.058824] ================================================================== [ 13.059360] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.059753] Free of addr ffff888103cec001 by task kunit_try_catch/263 [ 13.060195] [ 13.060315] CPU: 0 UID: 0 PID: 263 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 13.060360] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.060372] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.060394] Call Trace: [ 13.060405] <TASK> [ 13.060419] dump_stack_lvl+0x73/0xb0 [ 13.060446] print_report+0xd1/0x650 [ 13.060470] ? __virt_addr_valid+0x1db/0x2d0 [ 13.060495] ? kasan_addr_to_slab+0x11/0xa0 [ 13.060517] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.060559] kasan_report_invalid_free+0x10a/0x130 [ 13.060584] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.060615] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.060640] __kasan_mempool_poison_object+0x102/0x1d0 [ 13.060667] mempool_free+0x2ec/0x380 [ 13.060692] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.060719] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 13.060745] ? update_load_avg+0x1be/0x21b0 [ 13.060770] ? finish_task_switch.isra.0+0x153/0x700 [ 13.060798] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 13.060825] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 13.060851] ? dequeue_task_fair+0x166/0x4e0 [ 13.060887] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.060924] ? __pfx_mempool_kfree+0x10/0x10 [ 13.060947] ? __pfx_read_tsc+0x10/0x10 [ 13.060968] ? ktime_get_ts64+0x86/0x230 [ 13.060995] kunit_try_run_case+0x1a5/0x480 [ 13.061018] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.061038] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.061064] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.061089] ? __kthread_parkme+0x82/0x180 [ 13.061111] ? preempt_count_sub+0x50/0x80 [ 13.061137] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.061159] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.061185] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.061210] kthread+0x337/0x6f0 [ 13.061227] ? trace_preempt_on+0x20/0xc0 [ 13.061252] ? __pfx_kthread+0x10/0x10 [ 13.061271] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.061295] ? calculate_sigpending+0x7b/0xa0 [ 13.061317] ? __pfx_kthread+0x10/0x10 [ 13.061337] ret_from_fork+0x41/0x80 [ 13.061358] ? __pfx_kthread+0x10/0x10 [ 13.061378] ret_from_fork_asm+0x1a/0x30 [ 13.061410] </TASK> [ 13.061421] [ 13.070596] The buggy address belongs to the physical page: [ 13.070870] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103cec [ 13.071241] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.071472] flags: 0x200000000000040(head|node=0|zone=2) [ 13.071669] page_type: f8(unknown) [ 13.072086] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.072443] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.073102] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.073400] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.073635] head: 0200000000000002 ffffea00040f3b01 00000000ffffffff 00000000ffffffff [ 13.073996] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.074346] page dumped because: kasan: bad access detected [ 13.074645] [ 13.074723] Memory state around the buggy address: [ 13.074975] ffff888103cebf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.075313] ffff888103cebf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.075625] >ffff888103cec000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.076140] ^ [ 13.076320] ffff888103cec080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.076639] ffff888103cec100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.076982] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 12.989591] ================================================================== [ 12.990200] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 12.990509] Free of addr ffff888103cac000 by task kunit_try_catch/257 [ 12.990754] [ 12.990881] CPU: 1 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 12.990929] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.990942] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.990980] Call Trace: [ 12.990992] <TASK> [ 12.991007] dump_stack_lvl+0x73/0xb0 [ 12.991034] print_report+0xd1/0x650 [ 12.991058] ? __virt_addr_valid+0x1db/0x2d0 [ 12.991091] ? kasan_addr_to_slab+0x11/0xa0 [ 12.991113] ? mempool_double_free_helper+0x184/0x370 [ 12.991139] kasan_report_invalid_free+0x10a/0x130 [ 12.991166] ? mempool_double_free_helper+0x184/0x370 [ 12.991194] ? mempool_double_free_helper+0x184/0x370 [ 12.991219] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 12.991245] mempool_free+0x2ec/0x380 [ 12.991270] mempool_double_free_helper+0x184/0x370 [ 12.991297] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 12.991323] ? update_load_avg+0x1be/0x21b0 [ 12.991349] ? finish_task_switch.isra.0+0x153/0x700 [ 12.991376] mempool_kmalloc_large_double_free+0xed/0x140 [ 12.991404] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 12.991431] ? dequeue_task_fair+0x166/0x4e0 [ 12.991454] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.991476] ? __pfx_mempool_kfree+0x10/0x10 [ 12.991499] ? __pfx_read_tsc+0x10/0x10 [ 12.991522] ? ktime_get_ts64+0x86/0x230 [ 12.991549] kunit_try_run_case+0x1a5/0x480 [ 12.991772] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.991810] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.991846] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.991871] ? __kthread_parkme+0x82/0x180 [ 12.991904] ? preempt_count_sub+0x50/0x80 [ 12.991929] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.991951] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.991975] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.991999] kthread+0x337/0x6f0 [ 12.992017] ? trace_preempt_on+0x20/0xc0 [ 12.992041] ? __pfx_kthread+0x10/0x10 [ 12.992060] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.992083] ? calculate_sigpending+0x7b/0xa0 [ 12.992106] ? __pfx_kthread+0x10/0x10 [ 12.992125] ret_from_fork+0x41/0x80 [ 12.992146] ? __pfx_kthread+0x10/0x10 [ 12.992165] ret_from_fork_asm+0x1a/0x30 [ 12.992196] </TASK> [ 12.992208] [ 13.003306] The buggy address belongs to the physical page: [ 13.003607] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103cac [ 13.004111] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.004473] flags: 0x200000000000040(head|node=0|zone=2) [ 13.004831] page_type: f8(unknown) [ 13.004975] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.005583] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.005908] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.006373] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.006943] head: 0200000000000002 ffffea00040f2b01 00000000ffffffff 00000000ffffffff [ 13.007290] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.007707] page dumped because: kasan: bad access detected [ 13.008058] [ 13.008175] Memory state around the buggy address: [ 13.008371] ffff888103cabf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.008781] ffff888103cabf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.009267] >ffff888103cac000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.009573] ^ [ 13.009775] ffff888103cac080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.010199] ffff888103cac100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.010552] ================================================================== [ 12.960139] ================================================================== [ 12.960565] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 12.960888] Free of addr ffff8881029e8200 by task kunit_try_catch/255 [ 12.961140] [ 12.961263] CPU: 1 UID: 0 PID: 255 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 12.961310] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.961323] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.961347] Call Trace: [ 12.961360] <TASK> [ 12.961375] dump_stack_lvl+0x73/0xb0 [ 12.961402] print_report+0xd1/0x650 [ 12.961430] ? __virt_addr_valid+0x1db/0x2d0 [ 12.961454] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.961478] ? mempool_double_free_helper+0x184/0x370 [ 12.961505] kasan_report_invalid_free+0x10a/0x130 [ 12.961531] ? mempool_double_free_helper+0x184/0x370 [ 12.961560] ? mempool_double_free_helper+0x184/0x370 [ 12.961585] ? mempool_double_free_helper+0x184/0x370 [ 12.961609] check_slab_allocation+0x101/0x130 [ 12.961633] __kasan_mempool_poison_object+0x91/0x1d0 [ 12.961659] mempool_free+0x2ec/0x380 [ 12.961686] mempool_double_free_helper+0x184/0x370 [ 12.961712] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 12.961737] ? update_load_avg+0x1be/0x21b0 [ 12.961766] ? finish_task_switch.isra.0+0x153/0x700 [ 12.961797] mempool_kmalloc_double_free+0xed/0x140 [ 12.961823] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 12.961849] ? dequeue_task_fair+0x166/0x4e0 [ 12.961884] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.961905] ? __pfx_mempool_kfree+0x10/0x10 [ 12.961929] ? __pfx_read_tsc+0x10/0x10 [ 12.961950] ? ktime_get_ts64+0x86/0x230 [ 12.961977] kunit_try_run_case+0x1a5/0x480 [ 12.962000] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.962020] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.962046] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.962072] ? __kthread_parkme+0x82/0x180 [ 12.962096] ? preempt_count_sub+0x50/0x80 [ 12.962122] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.962144] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.962170] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.962195] kthread+0x337/0x6f0 [ 12.962213] ? trace_preempt_on+0x20/0xc0 [ 12.962238] ? __pfx_kthread+0x10/0x10 [ 12.962258] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.962281] ? calculate_sigpending+0x7b/0xa0 [ 12.962304] ? __pfx_kthread+0x10/0x10 [ 12.962326] ret_from_fork+0x41/0x80 [ 12.962348] ? __pfx_kthread+0x10/0x10 [ 12.962368] ret_from_fork_asm+0x1a/0x30 [ 12.962404] </TASK> [ 12.962417] [ 12.972009] Allocated by task 255: [ 12.972479] kasan_save_stack+0x45/0x70 [ 12.972662] kasan_save_track+0x18/0x40 [ 12.972803] kasan_save_alloc_info+0x3b/0x50 [ 12.972967] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 12.973160] remove_element+0x11e/0x190 [ 12.973356] mempool_alloc_preallocated+0x4d/0x90 [ 12.973811] mempool_double_free_helper+0x8a/0x370 [ 12.974127] mempool_kmalloc_double_free+0xed/0x140 [ 12.974303] kunit_try_run_case+0x1a5/0x480 [ 12.974451] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.974761] kthread+0x337/0x6f0 [ 12.975077] ret_from_fork+0x41/0x80 [ 12.975270] ret_from_fork_asm+0x1a/0x30 [ 12.975473] [ 12.975576] Freed by task 255: [ 12.975815] kasan_save_stack+0x45/0x70 [ 12.976127] kasan_save_track+0x18/0x40 [ 12.976267] kasan_save_free_info+0x3f/0x60 [ 12.976411] __kasan_mempool_poison_object+0x131/0x1d0 [ 12.977035] mempool_free+0x2ec/0x380 [ 12.977245] mempool_double_free_helper+0x109/0x370 [ 12.977490] mempool_kmalloc_double_free+0xed/0x140 [ 12.977718] kunit_try_run_case+0x1a5/0x480 [ 12.978011] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.978221] kthread+0x337/0x6f0 [ 12.978344] ret_from_fork+0x41/0x80 [ 12.978478] ret_from_fork_asm+0x1a/0x30 [ 12.978661] [ 12.978810] The buggy address belongs to the object at ffff8881029e8200 [ 12.978810] which belongs to the cache kmalloc-128 of size 128 [ 12.979373] The buggy address is located 0 bytes inside of [ 12.979373] 128-byte region [ffff8881029e8200, ffff8881029e8280) [ 12.979976] [ 12.980083] The buggy address belongs to the physical page: [ 12.980340] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e8 [ 12.980683] flags: 0x200000000000000(node=0|zone=2) [ 12.980945] page_type: f5(slab) [ 12.981070] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.981305] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.982019] page dumped because: kasan: bad access detected [ 12.982298] [ 12.982400] Memory state around the buggy address: [ 12.982640] ffff8881029e8100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.983034] ffff8881029e8180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.983261] >ffff8881029e8200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.983583] ^ [ 12.983782] ffff8881029e8280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.984136] ffff8881029e8300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.984357] ================================================================== [ 13.013534] ================================================================== [ 13.014170] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 13.014541] Free of addr ffff888103cec000 by task kunit_try_catch/259 [ 13.014789] [ 13.014919] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 13.014970] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.014984] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.015007] Call Trace: [ 13.015021] <TASK> [ 13.015037] dump_stack_lvl+0x73/0xb0 [ 13.015066] print_report+0xd1/0x650 [ 13.015091] ? __virt_addr_valid+0x1db/0x2d0 [ 13.015119] ? kasan_addr_to_slab+0x11/0xa0 [ 13.015142] ? mempool_double_free_helper+0x184/0x370 [ 13.015169] kasan_report_invalid_free+0x10a/0x130 [ 13.015197] ? mempool_double_free_helper+0x184/0x370 [ 13.015226] ? mempool_double_free_helper+0x184/0x370 [ 13.015252] __kasan_mempool_poison_pages+0x115/0x130 [ 13.015280] mempool_free+0x290/0x380 [ 13.015306] mempool_double_free_helper+0x184/0x370 [ 13.015333] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 13.015359] ? update_load_avg+0x1be/0x21b0 [ 13.015387] ? finish_task_switch.isra.0+0x153/0x700 [ 13.015416] mempool_page_alloc_double_free+0xe8/0x140 [ 13.015441] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 13.015465] ? dequeue_task_fair+0x166/0x4e0 [ 13.015490] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 13.015514] ? __pfx_mempool_free_pages+0x10/0x10 [ 13.015539] ? __pfx_read_tsc+0x10/0x10 [ 13.015562] ? ktime_get_ts64+0x86/0x230 [ 13.015595] kunit_try_run_case+0x1a5/0x480 [ 13.015620] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.015641] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.015668] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.015695] ? __kthread_parkme+0x82/0x180 [ 13.015719] ? preempt_count_sub+0x50/0x80 [ 13.016073] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.016108] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.016135] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.016163] kthread+0x337/0x6f0 [ 13.016182] ? trace_preempt_on+0x20/0xc0 [ 13.016209] ? __pfx_kthread+0x10/0x10 [ 13.016230] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.016254] ? calculate_sigpending+0x7b/0xa0 [ 13.016278] ? __pfx_kthread+0x10/0x10 [ 13.016299] ret_from_fork+0x41/0x80 [ 13.016322] ? __pfx_kthread+0x10/0x10 [ 13.016344] ret_from_fork_asm+0x1a/0x30 [ 13.016378] </TASK> [ 13.016391] [ 13.026129] The buggy address belongs to the physical page: [ 13.026398] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103cec [ 13.026723] flags: 0x200000000000000(node=0|zone=2) [ 13.027167] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 13.027466] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.027814] page dumped because: kasan: bad access detected [ 13.028101] [ 13.028182] Memory state around the buggy address: [ 13.028384] ffff888103cebf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.028714] ffff888103cebf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.028975] >ffff888103cec000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.029196] ^ [ 13.029331] ffff888103cec080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.029653] ffff888103cec100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.030490] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 12.939700] ================================================================== [ 12.940924] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 12.941232] Read of size 1 at addr ffff888103cac000 by task kunit_try_catch/253 [ 12.942079] [ 12.942203] CPU: 1 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 12.942254] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.942267] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.942292] Call Trace: [ 12.942306] <TASK> [ 12.942324] dump_stack_lvl+0x73/0xb0 [ 12.942354] print_report+0xd1/0x650 [ 12.942379] ? __virt_addr_valid+0x1db/0x2d0 [ 12.942404] ? mempool_uaf_helper+0x392/0x400 [ 12.942427] ? kasan_addr_to_slab+0x11/0xa0 [ 12.942449] ? mempool_uaf_helper+0x392/0x400 [ 12.942473] kasan_report+0x141/0x180 [ 12.942497] ? mempool_uaf_helper+0x392/0x400 [ 12.942525] __asan_report_load1_noabort+0x18/0x20 [ 12.942546] mempool_uaf_helper+0x392/0x400 [ 12.942570] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 12.942594] ? dequeue_entities+0x852/0x1740 [ 12.942621] ? finish_task_switch.isra.0+0x153/0x700 [ 12.942649] mempool_page_alloc_uaf+0xed/0x140 [ 12.942669] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 12.942691] ? dequeue_task_fair+0x166/0x4e0 [ 12.942714] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 12.942737] ? __pfx_mempool_free_pages+0x10/0x10 [ 12.942761] ? __pfx_read_tsc+0x10/0x10 [ 12.942782] ? ktime_get_ts64+0x86/0x230 [ 12.942809] kunit_try_run_case+0x1a5/0x480 [ 12.942832] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.942852] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.942946] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.942978] ? __kthread_parkme+0x82/0x180 [ 12.943002] ? preempt_count_sub+0x50/0x80 [ 12.943027] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.943050] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.943074] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.943099] kthread+0x337/0x6f0 [ 12.943117] ? trace_preempt_on+0x20/0xc0 [ 12.943142] ? __pfx_kthread+0x10/0x10 [ 12.943161] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.943185] ? calculate_sigpending+0x7b/0xa0 [ 12.943208] ? __pfx_kthread+0x10/0x10 [ 12.943228] ret_from_fork+0x41/0x80 [ 12.943248] ? __pfx_kthread+0x10/0x10 [ 12.943267] ret_from_fork_asm+0x1a/0x30 [ 12.943298] </TASK> [ 12.943310] [ 12.951660] The buggy address belongs to the physical page: [ 12.951924] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103cac [ 12.952173] flags: 0x200000000000000(node=0|zone=2) [ 12.952507] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 12.952819] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.953251] page dumped because: kasan: bad access detected [ 12.953524] [ 12.953624] Memory state around the buggy address: [ 12.953851] ffff888103cabf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.954209] ffff888103cabf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.954475] >ffff888103cac000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.954691] ^ [ 12.954810] ffff888103cac080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.955122] ffff888103cac100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.955438] ================================================================== [ 12.870110] ================================================================== [ 12.871187] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 12.871415] Read of size 1 at addr ffff888103ce8000 by task kunit_try_catch/249 [ 12.872012] [ 12.872304] CPU: 0 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 12.872357] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.872370] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.872394] Call Trace: [ 12.872407] <TASK> [ 12.872426] dump_stack_lvl+0x73/0xb0 [ 12.872492] print_report+0xd1/0x650 [ 12.872518] ? __virt_addr_valid+0x1db/0x2d0 [ 12.872554] ? mempool_uaf_helper+0x392/0x400 [ 12.872587] ? kasan_addr_to_slab+0x11/0xa0 [ 12.872609] ? mempool_uaf_helper+0x392/0x400 [ 12.872633] kasan_report+0x141/0x180 [ 12.872657] ? mempool_uaf_helper+0x392/0x400 [ 12.872685] __asan_report_load1_noabort+0x18/0x20 [ 12.872707] mempool_uaf_helper+0x392/0x400 [ 12.872732] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 12.872755] ? update_load_avg+0x1be/0x21b0 [ 12.872778] ? update_load_avg+0x1be/0x21b0 [ 12.872797] ? update_curr+0x80/0x810 [ 12.872818] ? finish_task_switch.isra.0+0x153/0x700 [ 12.872910] mempool_kmalloc_large_uaf+0xef/0x140 [ 12.872940] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 12.872964] ? dequeue_task_fair+0x156/0x4e0 [ 12.872988] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.873012] ? __pfx_mempool_kfree+0x10/0x10 [ 12.873037] ? __pfx_read_tsc+0x10/0x10 [ 12.873058] ? ktime_get_ts64+0x86/0x230 [ 12.873089] kunit_try_run_case+0x1a5/0x480 [ 12.873114] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.873134] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.873162] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.873187] ? __kthread_parkme+0x82/0x180 [ 12.873211] ? preempt_count_sub+0x50/0x80 [ 12.873236] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.873257] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.873282] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.873307] kthread+0x337/0x6f0 [ 12.873324] ? trace_preempt_on+0x20/0xc0 [ 12.873350] ? __pfx_kthread+0x10/0x10 [ 12.873369] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.873392] ? calculate_sigpending+0x7b/0xa0 [ 12.873416] ? __pfx_kthread+0x10/0x10 [ 12.873435] ret_from_fork+0x41/0x80 [ 12.873456] ? __pfx_kthread+0x10/0x10 [ 12.873475] ret_from_fork_asm+0x1a/0x30 [ 12.873517] </TASK> [ 12.873529] [ 12.890326] The buggy address belongs to the physical page: [ 12.891007] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ce8 [ 12.891491] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.891738] flags: 0x200000000000040(head|node=0|zone=2) [ 12.891975] page_type: f8(unknown) [ 12.892269] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.892677] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.893107] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.893452] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.894051] head: 0200000000000002 ffffea00040f3a01 00000000ffffffff 00000000ffffffff [ 12.894407] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.894828] page dumped because: kasan: bad access detected [ 12.895283] [ 12.895404] Memory state around the buggy address: [ 12.895795] ffff888103ce7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.896239] ffff888103ce7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.896463] >ffff888103ce8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.897169] ^ [ 12.897564] ffff888103ce8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.898439] ffff888103ce8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.898988] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 12.907003] ================================================================== [ 12.907515] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 12.907866] Read of size 1 at addr ffff8881029e6240 by task kunit_try_catch/251 [ 12.908250] [ 12.908385] CPU: 1 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 12.908448] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.908461] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.908486] Call Trace: [ 12.908500] <TASK> [ 12.908527] dump_stack_lvl+0x73/0xb0 [ 12.908569] print_report+0xd1/0x650 [ 12.908593] ? __virt_addr_valid+0x1db/0x2d0 [ 12.908630] ? mempool_uaf_helper+0x392/0x400 [ 12.908653] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.908676] ? mempool_uaf_helper+0x392/0x400 [ 12.908700] kasan_report+0x141/0x180 [ 12.908723] ? mempool_uaf_helper+0x392/0x400 [ 12.908750] __asan_report_load1_noabort+0x18/0x20 [ 12.908772] mempool_uaf_helper+0x392/0x400 [ 12.908797] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 12.908832] ? finish_task_switch.isra.0+0x153/0x700 [ 12.908863] mempool_slab_uaf+0xea/0x140 [ 12.908901] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 12.908974] ? __kasan_check_write+0x18/0x20 [ 12.909001] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 12.909026] ? __pfx_mempool_free_slab+0x10/0x10 [ 12.909049] ? __pfx_read_tsc+0x10/0x10 [ 12.909083] ? ktime_get_ts64+0x86/0x230 [ 12.909107] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.909133] kunit_try_run_case+0x1a5/0x480 [ 12.909168] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.909190] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.909217] ? __kthread_parkme+0x82/0x180 [ 12.909241] ? preempt_count_sub+0x50/0x80 [ 12.909266] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.909287] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.909312] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.909336] kthread+0x337/0x6f0 [ 12.909354] ? trace_preempt_on+0x20/0xc0 [ 12.909379] ? __pfx_kthread+0x10/0x10 [ 12.909398] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.909421] ? calculate_sigpending+0x7b/0xa0 [ 12.909444] ? __pfx_kthread+0x10/0x10 [ 12.909463] ret_from_fork+0x41/0x80 [ 12.909484] ? __pfx_kthread+0x10/0x10 [ 12.909503] ret_from_fork_asm+0x1a/0x30 [ 12.909535] </TASK> [ 12.909547] [ 12.918244] Allocated by task 251: [ 12.918520] kasan_save_stack+0x45/0x70 [ 12.918779] kasan_save_track+0x18/0x40 [ 12.919217] kasan_save_alloc_info+0x3b/0x50 [ 12.919446] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 12.919787] remove_element+0x11e/0x190 [ 12.920141] mempool_alloc_preallocated+0x4d/0x90 [ 12.920309] mempool_uaf_helper+0x96/0x400 [ 12.920505] mempool_slab_uaf+0xea/0x140 [ 12.920716] kunit_try_run_case+0x1a5/0x480 [ 12.920971] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.921244] kthread+0x337/0x6f0 [ 12.921371] ret_from_fork+0x41/0x80 [ 12.921530] ret_from_fork_asm+0x1a/0x30 [ 12.921736] [ 12.921897] Freed by task 251: [ 12.922163] kasan_save_stack+0x45/0x70 [ 12.922429] kasan_save_track+0x18/0x40 [ 12.922742] kasan_save_free_info+0x3f/0x60 [ 12.923056] __kasan_mempool_poison_object+0x131/0x1d0 [ 12.923317] mempool_free+0x2ec/0x380 [ 12.923538] mempool_uaf_helper+0x11a/0x400 [ 12.923724] mempool_slab_uaf+0xea/0x140 [ 12.923865] kunit_try_run_case+0x1a5/0x480 [ 12.924029] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.924289] kthread+0x337/0x6f0 [ 12.924484] ret_from_fork+0x41/0x80 [ 12.924617] ret_from_fork_asm+0x1a/0x30 [ 12.924758] [ 12.924962] The buggy address belongs to the object at ffff8881029e6240 [ 12.924962] which belongs to the cache test_cache of size 123 [ 12.925559] The buggy address is located 0 bytes inside of [ 12.925559] freed 123-byte region [ffff8881029e6240, ffff8881029e62bb) [ 12.926259] [ 12.926377] The buggy address belongs to the physical page: [ 12.926934] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e6 [ 12.927282] flags: 0x200000000000000(node=0|zone=2) [ 12.927527] page_type: f5(slab) [ 12.927800] raw: 0200000000000000 ffff8881010b3780 dead000000000122 0000000000000000 [ 12.928245] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 12.928632] page dumped because: kasan: bad access detected [ 12.928943] [ 12.929038] Memory state around the buggy address: [ 12.929201] ffff8881029e6100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.929419] ffff8881029e6180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.929762] >ffff8881029e6200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 12.930088] ^ [ 12.930257] ffff8881029e6280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.930984] ffff8881029e6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.931406] ================================================================== [ 12.829715] ================================================================== [ 12.830397] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 12.831653] Read of size 1 at addr ffff8881029cae00 by task kunit_try_catch/247 [ 12.832605] [ 12.832887] CPU: 1 UID: 0 PID: 247 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 12.832947] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.832960] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.832986] Call Trace: [ 12.833000] <TASK> [ 12.833019] dump_stack_lvl+0x73/0xb0 [ 12.833051] print_report+0xd1/0x650 [ 12.833077] ? __virt_addr_valid+0x1db/0x2d0 [ 12.833101] ? mempool_uaf_helper+0x392/0x400 [ 12.833125] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.833150] ? mempool_uaf_helper+0x392/0x400 [ 12.833174] kasan_report+0x141/0x180 [ 12.833198] ? mempool_uaf_helper+0x392/0x400 [ 12.833227] __asan_report_load1_noabort+0x18/0x20 [ 12.833249] mempool_uaf_helper+0x392/0x400 [ 12.833274] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 12.833298] ? dequeue_entities+0x852/0x1740 [ 12.833326] ? finish_task_switch.isra.0+0x153/0x700 [ 12.833355] mempool_kmalloc_uaf+0xef/0x140 [ 12.833379] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 12.833404] ? dequeue_task_fair+0x166/0x4e0 [ 12.833427] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.833449] ? __pfx_mempool_kfree+0x10/0x10 [ 12.833473] ? __pfx_read_tsc+0x10/0x10 [ 12.833502] ? ktime_get_ts64+0x86/0x230 [ 12.833530] kunit_try_run_case+0x1a5/0x480 [ 12.833554] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.833574] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.833601] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.833626] ? __kthread_parkme+0x82/0x180 [ 12.833651] ? preempt_count_sub+0x50/0x80 [ 12.833677] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.833698] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.833723] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.833748] kthread+0x337/0x6f0 [ 12.833766] ? trace_preempt_on+0x20/0xc0 [ 12.833791] ? __pfx_kthread+0x10/0x10 [ 12.833810] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.833834] ? calculate_sigpending+0x7b/0xa0 [ 12.833857] ? __pfx_kthread+0x10/0x10 [ 12.833886] ret_from_fork+0x41/0x80 [ 12.833908] ? __pfx_kthread+0x10/0x10 [ 12.833926] ret_from_fork_asm+0x1a/0x30 [ 12.833960] </TASK> [ 12.833972] [ 12.848259] Allocated by task 247: [ 12.848404] kasan_save_stack+0x45/0x70 [ 12.848588] kasan_save_track+0x18/0x40 [ 12.848982] kasan_save_alloc_info+0x3b/0x50 [ 12.849454] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 12.850131] remove_element+0x11e/0x190 [ 12.850633] mempool_alloc_preallocated+0x4d/0x90 [ 12.851165] mempool_uaf_helper+0x96/0x400 [ 12.851469] mempool_kmalloc_uaf+0xef/0x140 [ 12.851626] kunit_try_run_case+0x1a5/0x480 [ 12.851887] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.852073] kthread+0x337/0x6f0 [ 12.852197] ret_from_fork+0x41/0x80 [ 12.852332] ret_from_fork_asm+0x1a/0x30 [ 12.852476] [ 12.852705] Freed by task 247: [ 12.853027] kasan_save_stack+0x45/0x70 [ 12.853381] kasan_save_track+0x18/0x40 [ 12.853720] kasan_save_free_info+0x3f/0x60 [ 12.854184] __kasan_mempool_poison_object+0x131/0x1d0 [ 12.855655] mempool_free+0x2ec/0x380 [ 12.856812] mempool_uaf_helper+0x11a/0x400 [ 12.857713] mempool_kmalloc_uaf+0xef/0x140 [ 12.857915] kunit_try_run_case+0x1a5/0x480 [ 12.858068] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.858245] kthread+0x337/0x6f0 [ 12.858364] ret_from_fork+0x41/0x80 [ 12.858495] ret_from_fork_asm+0x1a/0x30 [ 12.858634] [ 12.858709] The buggy address belongs to the object at ffff8881029cae00 [ 12.858709] which belongs to the cache kmalloc-128 of size 128 [ 12.859074] The buggy address is located 0 bytes inside of [ 12.859074] freed 128-byte region [ffff8881029cae00, ffff8881029cae80) [ 12.859409] [ 12.859483] The buggy address belongs to the physical page: [ 12.859665] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ca [ 12.860725] flags: 0x200000000000000(node=0|zone=2) [ 12.861187] page_type: f5(slab) [ 12.861374] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.862124] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.862535] page dumped because: kasan: bad access detected [ 12.862802] [ 12.863141] Memory state around the buggy address: [ 12.863570] ffff8881029cad00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.864426] ffff8881029cad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.865090] >ffff8881029cae00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.865316] ^ [ 12.865437] ffff8881029cae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.866088] ffff8881029caf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.866864] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 12.733814] ================================================================== [ 12.734327] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 12.735014] Read of size 1 at addr ffff888103606273 by task kunit_try_catch/241 [ 12.735255] [ 12.735400] CPU: 0 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 12.735558] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.735580] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.735606] Call Trace: [ 12.735621] <TASK> [ 12.735641] dump_stack_lvl+0x73/0xb0 [ 12.735673] print_report+0xd1/0x650 [ 12.735700] ? __virt_addr_valid+0x1db/0x2d0 [ 12.735726] ? mempool_oob_right_helper+0x318/0x380 [ 12.735751] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.735775] ? mempool_oob_right_helper+0x318/0x380 [ 12.735800] kasan_report+0x141/0x180 [ 12.735824] ? mempool_oob_right_helper+0x318/0x380 [ 12.736101] __asan_report_load1_noabort+0x18/0x20 [ 12.736132] mempool_oob_right_helper+0x318/0x380 [ 12.736158] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 12.736188] ? finish_task_switch.isra.0+0x153/0x700 [ 12.736219] mempool_kmalloc_oob_right+0xf2/0x150 [ 12.736245] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 12.736269] ? dequeue_task_fair+0x156/0x4e0 [ 12.736293] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.736318] ? __pfx_mempool_kfree+0x10/0x10 [ 12.736341] ? __pfx_read_tsc+0x10/0x10 [ 12.736363] ? ktime_get_ts64+0x86/0x230 [ 12.736390] kunit_try_run_case+0x1a5/0x480 [ 12.736414] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.736434] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.736462] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.736487] ? __kthread_parkme+0x82/0x180 [ 12.736526] ? preempt_count_sub+0x50/0x80 [ 12.736552] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.736572] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.736596] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.736622] kthread+0x337/0x6f0 [ 12.736639] ? trace_preempt_on+0x20/0xc0 [ 12.736664] ? __pfx_kthread+0x10/0x10 [ 12.736684] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.736706] ? calculate_sigpending+0x7b/0xa0 [ 12.736730] ? __pfx_kthread+0x10/0x10 [ 12.736749] ret_from_fork+0x41/0x80 [ 12.736772] ? __pfx_kthread+0x10/0x10 [ 12.736791] ret_from_fork_asm+0x1a/0x30 [ 12.736823] </TASK> [ 12.736851] [ 12.748167] Allocated by task 241: [ 12.748351] kasan_save_stack+0x45/0x70 [ 12.748894] kasan_save_track+0x18/0x40 [ 12.749194] kasan_save_alloc_info+0x3b/0x50 [ 12.749358] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 12.749600] remove_element+0x11e/0x190 [ 12.750111] mempool_alloc_preallocated+0x4d/0x90 [ 12.750399] mempool_oob_right_helper+0x8a/0x380 [ 12.750687] mempool_kmalloc_oob_right+0xf2/0x150 [ 12.750944] kunit_try_run_case+0x1a5/0x480 [ 12.751098] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.751455] kthread+0x337/0x6f0 [ 12.751641] ret_from_fork+0x41/0x80 [ 12.751798] ret_from_fork_asm+0x1a/0x30 [ 12.752231] [ 12.752367] The buggy address belongs to the object at ffff888103606200 [ 12.752367] which belongs to the cache kmalloc-128 of size 128 [ 12.752818] The buggy address is located 0 bytes to the right of [ 12.752818] allocated 115-byte region [ffff888103606200, ffff888103606273) [ 12.753659] [ 12.754063] The buggy address belongs to the physical page: [ 12.754409] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103606 [ 12.754986] flags: 0x200000000000000(node=0|zone=2) [ 12.755345] page_type: f5(slab) [ 12.755660] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.756345] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.756823] page dumped because: kasan: bad access detected [ 12.757157] [ 12.757266] Memory state around the buggy address: [ 12.757483] ffff888103606100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.758135] ffff888103606180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.758556] >ffff888103606200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.759042] ^ [ 12.759416] ffff888103606280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.760084] ffff888103606300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.760397] ================================================================== [ 12.764145] ================================================================== [ 12.765049] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 12.765316] Read of size 1 at addr ffff888102d86001 by task kunit_try_catch/243 [ 12.765560] [ 12.765658] CPU: 1 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 12.765710] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.765722] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.765748] Call Trace: [ 12.766012] <TASK> [ 12.766040] dump_stack_lvl+0x73/0xb0 [ 12.766074] print_report+0xd1/0x650 [ 12.766098] ? __virt_addr_valid+0x1db/0x2d0 [ 12.766124] ? mempool_oob_right_helper+0x318/0x380 [ 12.766149] ? kasan_addr_to_slab+0x11/0xa0 [ 12.766171] ? mempool_oob_right_helper+0x318/0x380 [ 12.766196] kasan_report+0x141/0x180 [ 12.766220] ? mempool_oob_right_helper+0x318/0x380 [ 12.766249] __asan_report_load1_noabort+0x18/0x20 [ 12.766270] mempool_oob_right_helper+0x318/0x380 [ 12.766296] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 12.766320] ? dequeue_entities+0x852/0x1740 [ 12.766347] ? finish_task_switch.isra.0+0x153/0x700 [ 12.766375] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 12.766400] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 12.766425] ? dequeue_task_fair+0x166/0x4e0 [ 12.766448] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.766471] ? __pfx_mempool_kfree+0x10/0x10 [ 12.766493] ? __pfx_read_tsc+0x10/0x10 [ 12.766555] ? ktime_get_ts64+0x86/0x230 [ 12.766585] kunit_try_run_case+0x1a5/0x480 [ 12.766607] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.766627] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.766654] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.766679] ? __kthread_parkme+0x82/0x180 [ 12.766702] ? preempt_count_sub+0x50/0x80 [ 12.766726] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.766747] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.766770] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.766795] kthread+0x337/0x6f0 [ 12.766813] ? trace_preempt_on+0x20/0xc0 [ 12.766838] ? __pfx_kthread+0x10/0x10 [ 12.766919] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.766943] ? calculate_sigpending+0x7b/0xa0 [ 12.766967] ? __pfx_kthread+0x10/0x10 [ 12.766985] ret_from_fork+0x41/0x80 [ 12.767007] ? __pfx_kthread+0x10/0x10 [ 12.767026] ret_from_fork_asm+0x1a/0x30 [ 12.767058] </TASK> [ 12.767071] [ 12.779033] The buggy address belongs to the physical page: [ 12.779299] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d84 [ 12.779920] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.780401] flags: 0x200000000000040(head|node=0|zone=2) [ 12.780766] page_type: f8(unknown) [ 12.781009] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.781517] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.782233] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.782558] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.783049] head: 0200000000000002 ffffea00040b6101 00000000ffffffff 00000000ffffffff [ 12.783406] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.783797] page dumped because: kasan: bad access detected [ 12.784447] [ 12.784609] Memory state around the buggy address: [ 12.784836] ffff888102d85f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.785378] ffff888102d85f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.785788] >ffff888102d86000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.786374] ^ [ 12.786535] ffff888102d86080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.786977] ffff888102d86100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.787591] ================================================================== [ 12.793535] ================================================================== [ 12.793984] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 12.794266] Read of size 1 at addr ffff8881036092bb by task kunit_try_catch/245 [ 12.794684] [ 12.795078] CPU: 0 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 12.795132] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.795146] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.795171] Call Trace: [ 12.795184] <TASK> [ 12.795202] dump_stack_lvl+0x73/0xb0 [ 12.795231] print_report+0xd1/0x650 [ 12.795257] ? __virt_addr_valid+0x1db/0x2d0 [ 12.795283] ? mempool_oob_right_helper+0x318/0x380 [ 12.795309] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.795333] ? mempool_oob_right_helper+0x318/0x380 [ 12.795357] kasan_report+0x141/0x180 [ 12.795381] ? mempool_oob_right_helper+0x318/0x380 [ 12.795410] __asan_report_load1_noabort+0x18/0x20 [ 12.795432] mempool_oob_right_helper+0x318/0x380 [ 12.795472] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 12.795501] ? finish_task_switch.isra.0+0x153/0x700 [ 12.795538] mempool_slab_oob_right+0xed/0x140 [ 12.795561] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 12.795586] ? dequeue_task_fair+0x166/0x4e0 [ 12.795610] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 12.795634] ? __pfx_mempool_free_slab+0x10/0x10 [ 12.795656] ? __pfx_read_tsc+0x10/0x10 [ 12.795679] ? ktime_get_ts64+0x86/0x230 [ 12.795705] kunit_try_run_case+0x1a5/0x480 [ 12.795729] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.795749] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.795775] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.795800] ? __kthread_parkme+0x82/0x180 [ 12.795823] ? preempt_count_sub+0x50/0x80 [ 12.795908] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.795933] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.795958] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.795982] kthread+0x337/0x6f0 [ 12.796000] ? trace_preempt_on+0x20/0xc0 [ 12.796024] ? __pfx_kthread+0x10/0x10 [ 12.796044] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.796067] ? calculate_sigpending+0x7b/0xa0 [ 12.796089] ? __pfx_kthread+0x10/0x10 [ 12.796109] ret_from_fork+0x41/0x80 [ 12.796131] ? __pfx_kthread+0x10/0x10 [ 12.796150] ret_from_fork_asm+0x1a/0x30 [ 12.796182] </TASK> [ 12.796195] [ 12.810484] Allocated by task 245: [ 12.810726] kasan_save_stack+0x45/0x70 [ 12.811106] kasan_save_track+0x18/0x40 [ 12.811257] kasan_save_alloc_info+0x3b/0x50 [ 12.811406] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 12.811734] remove_element+0x11e/0x190 [ 12.812223] mempool_alloc_preallocated+0x4d/0x90 [ 12.812708] mempool_oob_right_helper+0x8a/0x380 [ 12.813191] mempool_slab_oob_right+0xed/0x140 [ 12.813814] kunit_try_run_case+0x1a5/0x480 [ 12.814290] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.814691] kthread+0x337/0x6f0 [ 12.814816] ret_from_fork+0x41/0x80 [ 12.815068] ret_from_fork_asm+0x1a/0x30 [ 12.815458] [ 12.815649] The buggy address belongs to the object at ffff888103609240 [ 12.815649] which belongs to the cache test_cache of size 123 [ 12.816573] The buggy address is located 0 bytes to the right of [ 12.816573] allocated 123-byte region [ffff888103609240, ffff8881036092bb) [ 12.816997] [ 12.817073] The buggy address belongs to the physical page: [ 12.817613] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103609 [ 12.818046] flags: 0x200000000000000(node=0|zone=2) [ 12.818323] page_type: f5(slab) [ 12.818517] raw: 0200000000000000 ffff888101744780 dead000000000122 0000000000000000 [ 12.818807] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 12.819167] page dumped because: kasan: bad access detected [ 12.819460] [ 12.819534] Memory state around the buggy address: [ 12.819920] ffff888103609180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.820294] ffff888103609200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 12.820636] >ffff888103609280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 12.820868] ^ [ 12.821259] ffff888103609300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.821549] ffff888103609380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.822158] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 12.156829] ================================================================== [ 12.157331] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 12.157620] Read of size 1 at addr ffff8881010b3500 by task kunit_try_catch/235 [ 12.158678] [ 12.158964] CPU: 1 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 12.159033] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.159045] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.159070] Call Trace: [ 12.159084] <TASK> [ 12.159102] dump_stack_lvl+0x73/0xb0 [ 12.159131] print_report+0xd1/0x650 [ 12.159155] ? __virt_addr_valid+0x1db/0x2d0 [ 12.159178] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.159200] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.159224] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.159246] kasan_report+0x141/0x180 [ 12.159270] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.159295] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.159317] __kasan_check_byte+0x3d/0x50 [ 12.159340] kmem_cache_destroy+0x25/0x1d0 [ 12.159366] kmem_cache_double_destroy+0x1bf/0x380 [ 12.159388] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 12.159421] ? finish_task_switch.isra.0+0x153/0x700 [ 12.159446] ? __switch_to+0x5d9/0xf60 [ 12.159468] ? dequeue_task_fair+0x166/0x4e0 [ 12.159507] ? __pfx_read_tsc+0x10/0x10 [ 12.159527] ? ktime_get_ts64+0x86/0x230 [ 12.159554] kunit_try_run_case+0x1a5/0x480 [ 12.159584] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.159603] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.159629] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.159654] ? __kthread_parkme+0x82/0x180 [ 12.159677] ? preempt_count_sub+0x50/0x80 [ 12.159702] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.159723] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.159746] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.159771] kthread+0x337/0x6f0 [ 12.159788] ? trace_preempt_on+0x20/0xc0 [ 12.159812] ? __pfx_kthread+0x10/0x10 [ 12.159831] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.159855] ? calculate_sigpending+0x7b/0xa0 [ 12.159886] ? __pfx_kthread+0x10/0x10 [ 12.159906] ret_from_fork+0x41/0x80 [ 12.159927] ? __pfx_kthread+0x10/0x10 [ 12.159946] ret_from_fork_asm+0x1a/0x30 [ 12.159978] </TASK> [ 12.159990] [ 12.173290] Allocated by task 235: [ 12.173639] kasan_save_stack+0x45/0x70 [ 12.174079] kasan_save_track+0x18/0x40 [ 12.174437] kasan_save_alloc_info+0x3b/0x50 [ 12.174765] __kasan_slab_alloc+0x91/0xa0 [ 12.175023] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.175427] __kmem_cache_create_args+0x169/0x240 [ 12.176031] kmem_cache_double_destroy+0xd5/0x380 [ 12.176259] kunit_try_run_case+0x1a5/0x480 [ 12.176409] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.176728] kthread+0x337/0x6f0 [ 12.177077] ret_from_fork+0x41/0x80 [ 12.177546] ret_from_fork_asm+0x1a/0x30 [ 12.178016] [ 12.178178] Freed by task 235: [ 12.178457] kasan_save_stack+0x45/0x70 [ 12.178899] kasan_save_track+0x18/0x40 [ 12.179151] kasan_save_free_info+0x3f/0x60 [ 12.179303] __kasan_slab_free+0x56/0x70 [ 12.179442] kmem_cache_free+0x249/0x420 [ 12.179721] slab_kmem_cache_release+0x2e/0x40 [ 12.180263] kmem_cache_release+0x16/0x20 [ 12.180701] kobject_put+0x181/0x450 [ 12.181159] sysfs_slab_release+0x16/0x20 [ 12.181561] kmem_cache_destroy+0xf0/0x1d0 [ 12.181957] kmem_cache_double_destroy+0x14e/0x380 [ 12.182451] kunit_try_run_case+0x1a5/0x480 [ 12.182891] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.183187] kthread+0x337/0x6f0 [ 12.183313] ret_from_fork+0x41/0x80 [ 12.183445] ret_from_fork_asm+0x1a/0x30 [ 12.183733] [ 12.183905] The buggy address belongs to the object at ffff8881010b3500 [ 12.183905] which belongs to the cache kmem_cache of size 208 [ 12.185334] The buggy address is located 0 bytes inside of [ 12.185334] freed 208-byte region [ffff8881010b3500, ffff8881010b35d0) [ 12.186450] [ 12.186591] The buggy address belongs to the physical page: [ 12.186990] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1010b3 [ 12.187562] flags: 0x200000000000000(node=0|zone=2) [ 12.188047] page_type: f5(slab) [ 12.188178] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 12.188411] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 12.188921] page dumped because: kasan: bad access detected [ 12.189555] [ 12.189740] Memory state around the buggy address: [ 12.190219] ffff8881010b3400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.190950] ffff8881010b3480: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.191538] >ffff8881010b3500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.191760] ^ [ 12.191951] ffff8881010b3580: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 12.192587] ffff8881010b3600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.193420] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 12.105143] ================================================================== [ 12.105613] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.105972] Read of size 1 at addr ffff888103603000 by task kunit_try_catch/233 [ 12.106332] [ 12.106442] CPU: 0 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 12.106538] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.106551] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.106575] Call Trace: [ 12.106601] <TASK> [ 12.106620] dump_stack_lvl+0x73/0xb0 [ 12.106650] print_report+0xd1/0x650 [ 12.106674] ? __virt_addr_valid+0x1db/0x2d0 [ 12.106699] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.106720] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.106743] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.106764] kasan_report+0x141/0x180 [ 12.106787] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.106812] __asan_report_load1_noabort+0x18/0x20 [ 12.106834] kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.106854] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 12.106886] ? finish_task_switch.isra.0+0x153/0x700 [ 12.106913] ? __switch_to+0x5d9/0xf60 [ 12.106936] ? dequeue_task_fair+0x166/0x4e0 [ 12.107229] ? __pfx_read_tsc+0x10/0x10 [ 12.107254] ? ktime_get_ts64+0x86/0x230 [ 12.107281] kunit_try_run_case+0x1a5/0x480 [ 12.107304] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.107325] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.107351] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.107376] ? __kthread_parkme+0x82/0x180 [ 12.107400] ? preempt_count_sub+0x50/0x80 [ 12.107425] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.107446] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.107470] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.107494] kthread+0x337/0x6f0 [ 12.107520] ? trace_preempt_on+0x20/0xc0 [ 12.107546] ? __pfx_kthread+0x10/0x10 [ 12.107565] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.107595] ? calculate_sigpending+0x7b/0xa0 [ 12.107618] ? __pfx_kthread+0x10/0x10 [ 12.107637] ret_from_fork+0x41/0x80 [ 12.107659] ? __pfx_kthread+0x10/0x10 [ 12.107678] ret_from_fork_asm+0x1a/0x30 [ 12.107709] </TASK> [ 12.107721] [ 12.118288] Allocated by task 233: [ 12.118564] kasan_save_stack+0x45/0x70 [ 12.118918] kasan_save_track+0x18/0x40 [ 12.119204] kasan_save_alloc_info+0x3b/0x50 [ 12.119414] __kasan_slab_alloc+0x91/0xa0 [ 12.119811] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.120233] kmem_cache_rcu_uaf+0x155/0x510 [ 12.120446] kunit_try_run_case+0x1a5/0x480 [ 12.121034] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.121257] kthread+0x337/0x6f0 [ 12.121589] ret_from_fork+0x41/0x80 [ 12.121975] ret_from_fork_asm+0x1a/0x30 [ 12.122154] [ 12.122254] Freed by task 0: [ 12.122651] kasan_save_stack+0x45/0x70 [ 12.122867] kasan_save_track+0x18/0x40 [ 12.123305] kasan_save_free_info+0x3f/0x60 [ 12.123596] __kasan_slab_free+0x56/0x70 [ 12.124006] slab_free_after_rcu_debug+0xe4/0x310 [ 12.124245] rcu_core+0x66c/0x1c30 [ 12.124423] rcu_core_si+0x12/0x20 [ 12.124698] handle_softirqs+0x209/0x730 [ 12.125137] __irq_exit_rcu+0xc9/0x110 [ 12.125315] irq_exit_rcu+0x12/0x20 [ 12.125452] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.125685] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 12.125983] [ 12.126084] Last potentially related work creation: [ 12.126281] kasan_save_stack+0x45/0x70 [ 12.126471] kasan_record_aux_stack+0xb2/0xc0 [ 12.126676] kmem_cache_free+0x131/0x420 [ 12.126919] kmem_cache_rcu_uaf+0x194/0x510 [ 12.127107] kunit_try_run_case+0x1a5/0x480 [ 12.127308] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.127534] kthread+0x337/0x6f0 [ 12.127685] ret_from_fork+0x41/0x80 [ 12.127821] ret_from_fork_asm+0x1a/0x30 [ 12.128024] [ 12.128122] The buggy address belongs to the object at ffff888103603000 [ 12.128122] which belongs to the cache test_cache of size 200 [ 12.128672] The buggy address is located 0 bytes inside of [ 12.128672] freed 200-byte region [ffff888103603000, ffff8881036030c8) [ 12.129388] [ 12.129474] The buggy address belongs to the physical page: [ 12.129686] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103603 [ 12.130064] flags: 0x200000000000000(node=0|zone=2) [ 12.130344] page_type: f5(slab) [ 12.130503] raw: 0200000000000000 ffff888101744500 dead000000000122 0000000000000000 [ 12.130848] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.131123] page dumped because: kasan: bad access detected [ 12.131365] [ 12.131465] Memory state around the buggy address: [ 12.131731] ffff888103602f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.131960] ffff888103602f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.132248] >ffff888103603000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.132774] ^ [ 12.133025] ffff888103603080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 12.133303] ffff888103603100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.133618] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 12.046727] ================================================================== [ 12.048296] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 12.048786] Free of addr ffff8881029de001 by task kunit_try_catch/231 [ 12.049680] [ 12.049811] CPU: 1 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 12.049917] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.049931] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.049954] Call Trace: [ 12.049969] <TASK> [ 12.049986] dump_stack_lvl+0x73/0xb0 [ 12.050016] print_report+0xd1/0x650 [ 12.050042] ? __virt_addr_valid+0x1db/0x2d0 [ 12.050067] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.050091] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.050114] kasan_report_invalid_free+0x10a/0x130 [ 12.050140] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.050164] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.050187] check_slab_allocation+0x11f/0x130 [ 12.050210] __kasan_slab_pre_free+0x28/0x40 [ 12.050233] kmem_cache_free+0xed/0x420 [ 12.050255] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.050277] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.050302] kmem_cache_invalid_free+0x1d8/0x460 [ 12.050325] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 12.050346] ? finish_task_switch.isra.0+0x153/0x700 [ 12.050372] ? __switch_to+0x5d9/0xf60 [ 12.050394] ? dequeue_task_fair+0x166/0x4e0 [ 12.050421] ? __pfx_read_tsc+0x10/0x10 [ 12.050442] ? ktime_get_ts64+0x86/0x230 [ 12.050470] kunit_try_run_case+0x1a5/0x480 [ 12.050492] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.050522] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.050549] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.050574] ? __kthread_parkme+0x82/0x180 [ 12.050597] ? preempt_count_sub+0x50/0x80 [ 12.050622] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.050644] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.050668] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.050693] kthread+0x337/0x6f0 [ 12.050711] ? trace_preempt_on+0x20/0xc0 [ 12.050736] ? __pfx_kthread+0x10/0x10 [ 12.050755] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.050778] ? calculate_sigpending+0x7b/0xa0 [ 12.050801] ? __pfx_kthread+0x10/0x10 [ 12.050821] ret_from_fork+0x41/0x80 [ 12.050843] ? __pfx_kthread+0x10/0x10 [ 12.050869] ret_from_fork_asm+0x1a/0x30 [ 12.050911] </TASK> [ 12.050922] [ 12.059661] Allocated by task 231: [ 12.059821] kasan_save_stack+0x45/0x70 [ 12.060086] kasan_save_track+0x18/0x40 [ 12.060259] kasan_save_alloc_info+0x3b/0x50 [ 12.060462] __kasan_slab_alloc+0x91/0xa0 [ 12.060679] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.060897] kmem_cache_invalid_free+0x157/0x460 [ 12.061164] kunit_try_run_case+0x1a5/0x480 [ 12.061316] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.061572] kthread+0x337/0x6f0 [ 12.061747] ret_from_fork+0x41/0x80 [ 12.062358] ret_from_fork_asm+0x1a/0x30 [ 12.062616] [ 12.062720] The buggy address belongs to the object at ffff8881029de000 [ 12.062720] which belongs to the cache test_cache of size 200 [ 12.063268] The buggy address is located 1 bytes inside of [ 12.063268] 200-byte region [ffff8881029de000, ffff8881029de0c8) [ 12.063784] [ 12.063939] The buggy address belongs to the physical page: [ 12.064181] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029de [ 12.064430] flags: 0x200000000000000(node=0|zone=2) [ 12.064597] page_type: f5(slab) [ 12.064722] raw: 0200000000000000 ffff8881010b33c0 dead000000000122 0000000000000000 [ 12.065041] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.065397] page dumped because: kasan: bad access detected [ 12.065896] [ 12.065983] Memory state around the buggy address: [ 12.066192] ffff8881029ddf00: 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc [ 12.066411] ffff8881029ddf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.066902] >ffff8881029de000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.067230] ^ [ 12.067379] ffff8881029de080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 12.067919] ffff8881029de100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.068222] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 12.007498] ================================================================== [ 12.008888] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 12.009409] Free of addr ffff888103600000 by task kunit_try_catch/229 [ 12.009630] [ 12.009727] CPU: 0 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 12.009776] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.009788] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.009811] Call Trace: [ 12.009824] <TASK> [ 12.009841] dump_stack_lvl+0x73/0xb0 [ 12.009869] print_report+0xd1/0x650 [ 12.009904] ? __virt_addr_valid+0x1db/0x2d0 [ 12.009928] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.009951] ? kmem_cache_double_free+0x1e5/0x480 [ 12.009973] kasan_report_invalid_free+0x10a/0x130 [ 12.009998] ? kmem_cache_double_free+0x1e5/0x480 [ 12.010021] ? kmem_cache_double_free+0x1e5/0x480 [ 12.010042] check_slab_allocation+0x101/0x130 [ 12.010065] __kasan_slab_pre_free+0x28/0x40 [ 12.010086] kmem_cache_free+0xed/0x420 [ 12.010107] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.010129] ? kmem_cache_double_free+0x1e5/0x480 [ 12.010152] kmem_cache_double_free+0x1e5/0x480 [ 12.010174] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 12.010194] ? finish_task_switch.isra.0+0x153/0x700 [ 12.010219] ? __switch_to+0x5d9/0xf60 [ 12.010271] ? dequeue_task_fair+0x166/0x4e0 [ 12.010300] ? __pfx_read_tsc+0x10/0x10 [ 12.010321] ? ktime_get_ts64+0x86/0x230 [ 12.010357] kunit_try_run_case+0x1a5/0x480 [ 12.010380] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.010399] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.010424] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.010448] ? __kthread_parkme+0x82/0x180 [ 12.010471] ? preempt_count_sub+0x50/0x80 [ 12.010495] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.010515] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.010539] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.010562] kthread+0x337/0x6f0 [ 12.010580] ? trace_preempt_on+0x20/0xc0 [ 12.010604] ? __pfx_kthread+0x10/0x10 [ 12.010622] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.010644] ? calculate_sigpending+0x7b/0xa0 [ 12.010666] ? __pfx_kthread+0x10/0x10 [ 12.010684] ret_from_fork+0x41/0x80 [ 12.010706] ? __pfx_kthread+0x10/0x10 [ 12.010725] ret_from_fork_asm+0x1a/0x30 [ 12.010756] </TASK> [ 12.010767] [ 12.022609] Allocated by task 229: [ 12.022759] kasan_save_stack+0x45/0x70 [ 12.022925] kasan_save_track+0x18/0x40 [ 12.023067] kasan_save_alloc_info+0x3b/0x50 [ 12.023341] __kasan_slab_alloc+0x91/0xa0 [ 12.023617] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.024520] kmem_cache_double_free+0x14f/0x480 [ 12.024804] kunit_try_run_case+0x1a5/0x480 [ 12.025190] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.025416] kthread+0x337/0x6f0 [ 12.025808] ret_from_fork+0x41/0x80 [ 12.026153] ret_from_fork_asm+0x1a/0x30 [ 12.026451] [ 12.026540] Freed by task 229: [ 12.026765] kasan_save_stack+0x45/0x70 [ 12.027235] kasan_save_track+0x18/0x40 [ 12.027426] kasan_save_free_info+0x3f/0x60 [ 12.027675] __kasan_slab_free+0x56/0x70 [ 12.027973] kmem_cache_free+0x249/0x420 [ 12.028251] kmem_cache_double_free+0x16a/0x480 [ 12.028480] kunit_try_run_case+0x1a5/0x480 [ 12.028698] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.029117] kthread+0x337/0x6f0 [ 12.029292] ret_from_fork+0x41/0x80 [ 12.029473] ret_from_fork_asm+0x1a/0x30 [ 12.029673] [ 12.029748] The buggy address belongs to the object at ffff888103600000 [ 12.029748] which belongs to the cache test_cache of size 200 [ 12.030429] The buggy address is located 0 bytes inside of [ 12.030429] 200-byte region [ffff888103600000, ffff8881036000c8) [ 12.031629] [ 12.031792] The buggy address belongs to the physical page: [ 12.032464] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103600 [ 12.033277] flags: 0x200000000000000(node=0|zone=2) [ 12.033788] page_type: f5(slab) [ 12.034208] raw: 0200000000000000 ffff8881017443c0 dead000000000122 0000000000000000 [ 12.034948] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.035505] page dumped because: kasan: bad access detected [ 12.035688] [ 12.035760] Memory state around the buggy address: [ 12.035973] ffff8881035fff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.036304] ffff8881035fff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.036732] >ffff888103600000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.037092] ^ [ 12.037265] ffff888103600080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 12.037555] ffff888103600100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.037975] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 11.963291] ================================================================== [ 11.963770] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 11.964500] Read of size 1 at addr ffff8881029dc0c8 by task kunit_try_catch/227 [ 11.964801] [ 11.965015] CPU: 1 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 11.965063] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.965077] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.965099] Call Trace: [ 11.965112] <TASK> [ 11.965128] dump_stack_lvl+0x73/0xb0 [ 11.965157] print_report+0xd1/0x650 [ 11.965182] ? __virt_addr_valid+0x1db/0x2d0 [ 11.965204] ? kmem_cache_oob+0x402/0x530 [ 11.965224] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.965247] ? kmem_cache_oob+0x402/0x530 [ 11.965268] kasan_report+0x141/0x180 [ 11.965290] ? kmem_cache_oob+0x402/0x530 [ 11.965315] __asan_report_load1_noabort+0x18/0x20 [ 11.965336] kmem_cache_oob+0x402/0x530 [ 11.965355] ? trace_hardirqs_on+0x37/0xe0 [ 11.965380] ? __pfx_kmem_cache_oob+0x10/0x10 [ 11.965399] ? finish_task_switch.isra.0+0x153/0x700 [ 11.965423] ? __switch_to+0x5d9/0xf60 [ 11.965445] ? dequeue_task_fair+0x166/0x4e0 [ 11.965472] ? __pfx_read_tsc+0x10/0x10 [ 11.965492] ? ktime_get_ts64+0x86/0x230 [ 11.965519] kunit_try_run_case+0x1a5/0x480 [ 11.965559] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.965578] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.965604] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.965629] ? __kthread_parkme+0x82/0x180 [ 11.965651] ? preempt_count_sub+0x50/0x80 [ 11.965675] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.965696] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.965719] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.965743] kthread+0x337/0x6f0 [ 11.965761] ? trace_preempt_on+0x20/0xc0 [ 11.965784] ? __pfx_kthread+0x10/0x10 [ 11.965802] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.965824] ? calculate_sigpending+0x7b/0xa0 [ 11.965932] ? __pfx_kthread+0x10/0x10 [ 11.965955] ret_from_fork+0x41/0x80 [ 11.965978] ? __pfx_kthread+0x10/0x10 [ 11.965997] ret_from_fork_asm+0x1a/0x30 [ 11.966027] </TASK> [ 11.966039] [ 11.976503] Allocated by task 227: [ 11.976679] kasan_save_stack+0x45/0x70 [ 11.977104] kasan_save_track+0x18/0x40 [ 11.977276] kasan_save_alloc_info+0x3b/0x50 [ 11.977462] __kasan_slab_alloc+0x91/0xa0 [ 11.978078] kmem_cache_alloc_noprof+0x123/0x3f0 [ 11.978394] kmem_cache_oob+0x157/0x530 [ 11.978717] kunit_try_run_case+0x1a5/0x480 [ 11.979091] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.979450] kthread+0x337/0x6f0 [ 11.979777] ret_from_fork+0x41/0x80 [ 11.980116] ret_from_fork_asm+0x1a/0x30 [ 11.980312] [ 11.980408] The buggy address belongs to the object at ffff8881029dc000 [ 11.980408] which belongs to the cache test_cache of size 200 [ 11.981196] The buggy address is located 0 bytes to the right of [ 11.981196] allocated 200-byte region [ffff8881029dc000, ffff8881029dc0c8) [ 11.982409] [ 11.982608] The buggy address belongs to the physical page: [ 11.983161] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029dc [ 11.983487] flags: 0x200000000000000(node=0|zone=2) [ 11.983705] page_type: f5(slab) [ 11.984224] raw: 0200000000000000 ffff8881010b3280 dead000000000122 0000000000000000 [ 11.985016] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 11.985421] page dumped because: kasan: bad access detected [ 11.986010] [ 11.986095] Memory state around the buggy address: [ 11.986450] ffff8881029dbf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.987259] ffff8881029dc000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.987792] >ffff8881029dc080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 11.988314] ^ [ 11.988719] ffff8881029dc100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.989195] ffff8881029dc180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.989500] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 11.919402] ================================================================== [ 11.920419] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 11.921395] Read of size 8 at addr ffff8881035f8a40 by task kunit_try_catch/220 [ 11.922051] [ 11.922171] CPU: 0 UID: 0 PID: 220 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 11.922380] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.922398] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.922421] Call Trace: [ 11.922435] <TASK> [ 11.922450] dump_stack_lvl+0x73/0xb0 [ 11.922478] print_report+0xd1/0x650 [ 11.922502] ? __virt_addr_valid+0x1db/0x2d0 [ 11.922576] ? workqueue_uaf+0x4d6/0x560 [ 11.922602] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.922625] ? workqueue_uaf+0x4d6/0x560 [ 11.922649] kasan_report+0x141/0x180 [ 11.922672] ? workqueue_uaf+0x4d6/0x560 [ 11.922699] __asan_report_load8_noabort+0x18/0x20 [ 11.922719] workqueue_uaf+0x4d6/0x560 [ 11.922742] ? __pfx_workqueue_uaf+0x10/0x10 [ 11.922765] ? __schedule+0x10cc/0x2b60 [ 11.922789] ? __pfx_read_tsc+0x10/0x10 [ 11.922810] ? ktime_get_ts64+0x86/0x230 [ 11.922844] kunit_try_run_case+0x1a5/0x480 [ 11.922866] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.922896] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.922922] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.922947] ? __kthread_parkme+0x82/0x180 [ 11.922970] ? preempt_count_sub+0x50/0x80 [ 11.922996] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.923017] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.923040] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.923064] kthread+0x337/0x6f0 [ 11.923081] ? trace_preempt_on+0x20/0xc0 [ 11.923104] ? __pfx_kthread+0x10/0x10 [ 11.923122] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.923145] ? calculate_sigpending+0x7b/0xa0 [ 11.923166] ? __pfx_kthread+0x10/0x10 [ 11.923185] ret_from_fork+0x41/0x80 [ 11.923206] ? __pfx_kthread+0x10/0x10 [ 11.923224] ret_from_fork_asm+0x1a/0x30 [ 11.923255] </TASK> [ 11.923267] [ 11.934481] Allocated by task 220: [ 11.934854] kasan_save_stack+0x45/0x70 [ 11.935204] kasan_save_track+0x18/0x40 [ 11.935447] kasan_save_alloc_info+0x3b/0x50 [ 11.935781] __kasan_kmalloc+0xb7/0xc0 [ 11.936340] __kmalloc_cache_noprof+0x189/0x420 [ 11.936598] workqueue_uaf+0x152/0x560 [ 11.936986] kunit_try_run_case+0x1a5/0x480 [ 11.937219] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.937466] kthread+0x337/0x6f0 [ 11.937767] ret_from_fork+0x41/0x80 [ 11.938173] ret_from_fork_asm+0x1a/0x30 [ 11.938391] [ 11.938486] Freed by task 86: [ 11.938780] kasan_save_stack+0x45/0x70 [ 11.939104] kasan_save_track+0x18/0x40 [ 11.939290] kasan_save_free_info+0x3f/0x60 [ 11.939486] __kasan_slab_free+0x56/0x70 [ 11.939945] kfree+0x222/0x3f0 [ 11.940239] workqueue_uaf_work+0x12/0x20 [ 11.940602] process_one_work+0x5ee/0xf60 [ 11.940803] worker_thread+0x758/0x1220 [ 11.941233] kthread+0x337/0x6f0 [ 11.941620] ret_from_fork+0x41/0x80 [ 11.941809] ret_from_fork_asm+0x1a/0x30 [ 11.942062] [ 11.942161] Last potentially related work creation: [ 11.942367] kasan_save_stack+0x45/0x70 [ 11.942833] kasan_record_aux_stack+0xb2/0xc0 [ 11.943308] __queue_work+0x626/0xeb0 [ 11.943637] queue_work_on+0xb6/0xc0 [ 11.944050] workqueue_uaf+0x26d/0x560 [ 11.944244] kunit_try_run_case+0x1a5/0x480 [ 11.944430] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.944851] kthread+0x337/0x6f0 [ 11.945242] ret_from_fork+0x41/0x80 [ 11.945586] ret_from_fork_asm+0x1a/0x30 [ 11.945783] [ 11.946109] The buggy address belongs to the object at ffff8881035f8a40 [ 11.946109] which belongs to the cache kmalloc-32 of size 32 [ 11.947055] The buggy address is located 0 bytes inside of [ 11.947055] freed 32-byte region [ffff8881035f8a40, ffff8881035f8a60) [ 11.947812] [ 11.947996] The buggy address belongs to the physical page: [ 11.948233] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1035f8 [ 11.948786] flags: 0x200000000000000(node=0|zone=2) [ 11.949260] page_type: f5(slab) [ 11.949575] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 11.950323] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 11.950793] page dumped because: kasan: bad access detected [ 11.951206] [ 11.951303] Memory state around the buggy address: [ 11.951719] ffff8881035f8900: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 11.952307] ffff8881035f8980: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 11.952759] >ffff8881035f8a00: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 11.953438] ^ [ 11.953883] ffff8881035f8a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.954272] ffff8881035f8b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.954768] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 11.882978] ================================================================== [ 11.883494] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 11.883733] Read of size 4 at addr ffff8881035f8980 by task swapper/0/0 [ 11.883976] [ 11.884068] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 11.884130] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.884142] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.884166] Call Trace: [ 11.884192] <IRQ> [ 11.884208] dump_stack_lvl+0x73/0xb0 [ 11.884237] print_report+0xd1/0x650 [ 11.884262] ? __virt_addr_valid+0x1db/0x2d0 [ 11.884285] ? rcu_uaf_reclaim+0x50/0x60 [ 11.884307] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.884330] ? rcu_uaf_reclaim+0x50/0x60 [ 11.884352] kasan_report+0x141/0x180 [ 11.884376] ? rcu_uaf_reclaim+0x50/0x60 [ 11.884402] __asan_report_load4_noabort+0x18/0x20 [ 11.884424] rcu_uaf_reclaim+0x50/0x60 [ 11.884446] rcu_core+0x66c/0x1c30 [ 11.884477] ? __pfx_rcu_core+0x10/0x10 [ 11.884500] ? ktime_get+0x6b/0x150 [ 11.884530] rcu_core_si+0x12/0x20 [ 11.884548] handle_softirqs+0x209/0x730 [ 11.884572] ? hrtimer_interrupt+0x2fe/0x780 [ 11.884597] ? __pfx_handle_softirqs+0x10/0x10 [ 11.884624] __irq_exit_rcu+0xc9/0x110 [ 11.884646] irq_exit_rcu+0x12/0x20 [ 11.884664] sysvec_apic_timer_interrupt+0x81/0x90 [ 11.884686] </IRQ> [ 11.884710] <TASK> [ 11.884721] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 11.884807] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 11.885025] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 63 86 27 00 fb f4 <c3> cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 11.885111] RSP: 0000:ffffffff95407dd8 EFLAGS: 00010212 [ 11.885206] RAX: ffff8881c4890000 RBX: ffffffff9541ca80 RCX: ffffffff94211f75 [ 11.885253] RDX: ffffed102b606103 RSI: 0000000000000004 RDI: 00000000000064bc [ 11.885304] RBP: ffffffff95407de0 R08: 0000000000000001 R09: ffffed102b606102 [ 11.885350] R10: ffff88815b030813 R11: ffffffff967a5300 R12: 0000000000000000 [ 11.885394] R13: fffffbfff2a83950 R14: ffffffff95f9ca10 R15: 0000000000000000 [ 11.885452] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 11.885505] ? default_idle+0xd/0x20 [ 11.885527] arch_cpu_idle+0xd/0x20 [ 11.885547] default_idle_call+0x48/0x80 [ 11.885568] do_idle+0x379/0x4f0 [ 11.885592] ? __pfx_do_idle+0x10/0x10 [ 11.885612] ? trace_preempt_on+0x20/0xc0 [ 11.885636] ? schedule+0x86/0x2e0 [ 11.885657] ? preempt_count_sub+0x50/0x80 [ 11.885681] cpu_startup_entry+0x5c/0x70 [ 11.885702] rest_init+0x11a/0x140 [ 11.885722] ? acpi_subsystem_init+0x5d/0x150 [ 11.885750] start_kernel+0x32b/0x410 [ 11.885774] x86_64_start_reservations+0x1c/0x30 [ 11.885798] x86_64_start_kernel+0xcf/0xe0 [ 11.885820] common_startup_64+0x13e/0x148 [ 11.885853] </TASK> [ 11.885865] [ 11.898228] Allocated by task 218: [ 11.898414] kasan_save_stack+0x45/0x70 [ 11.898610] kasan_save_track+0x18/0x40 [ 11.899174] kasan_save_alloc_info+0x3b/0x50 [ 11.899351] __kasan_kmalloc+0xb7/0xc0 [ 11.899704] __kmalloc_cache_noprof+0x189/0x420 [ 11.900010] rcu_uaf+0xb0/0x330 [ 11.900154] kunit_try_run_case+0x1a5/0x480 [ 11.900441] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.900816] kthread+0x337/0x6f0 [ 11.900999] ret_from_fork+0x41/0x80 [ 11.901288] ret_from_fork_asm+0x1a/0x30 [ 11.901491] [ 11.901577] Freed by task 0: [ 11.901720] kasan_save_stack+0x45/0x70 [ 11.901911] kasan_save_track+0x18/0x40 [ 11.902100] kasan_save_free_info+0x3f/0x60 [ 11.902287] __kasan_slab_free+0x56/0x70 [ 11.902470] kfree+0x222/0x3f0 [ 11.903032] rcu_uaf_reclaim+0x1f/0x60 [ 11.903220] rcu_core+0x66c/0x1c30 [ 11.903356] rcu_core_si+0x12/0x20 [ 11.903748] handle_softirqs+0x209/0x730 [ 11.903953] __irq_exit_rcu+0xc9/0x110 [ 11.904262] irq_exit_rcu+0x12/0x20 [ 11.904420] sysvec_apic_timer_interrupt+0x81/0x90 [ 11.904676] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 11.905032] [ 11.905160] Last potentially related work creation: [ 11.905363] kasan_save_stack+0x45/0x70 [ 11.905586] kasan_record_aux_stack+0xb2/0xc0 [ 11.906145] __call_rcu_common.constprop.0+0x7b/0x9e0 [ 11.906442] call_rcu+0x12/0x20 [ 11.906572] rcu_uaf+0x168/0x330 [ 11.907053] kunit_try_run_case+0x1a5/0x480 [ 11.907349] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.907629] kthread+0x337/0x6f0 [ 11.907890] ret_from_fork+0x41/0x80 [ 11.908039] ret_from_fork_asm+0x1a/0x30 [ 11.908252] [ 11.908354] The buggy address belongs to the object at ffff8881035f8980 [ 11.908354] which belongs to the cache kmalloc-32 of size 32 [ 11.909153] The buggy address is located 0 bytes inside of [ 11.909153] freed 32-byte region [ffff8881035f8980, ffff8881035f89a0) [ 11.909648] [ 11.909898] The buggy address belongs to the physical page: [ 11.910142] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1035f8 [ 11.910632] flags: 0x200000000000000(node=0|zone=2) [ 11.910955] page_type: f5(slab) [ 11.911140] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 11.911649] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 11.911978] page dumped because: kasan: bad access detected [ 11.912217] [ 11.912299] Memory state around the buggy address: [ 11.912519] ffff8881035f8880: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 11.913107] ffff8881035f8900: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 11.913486] >ffff8881035f8980: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 11.913809] ^ [ 11.913979] ffff8881035f8a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.914273] ffff8881035f8a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.914823] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 10.745622] ================================================================== [ 10.746326] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 10.746800] Read of size 1 at addr ffff888103c40000 by task kunit_try_catch/174 [ 10.747304] [ 10.747404] CPU: 1 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 10.747450] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.747462] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.747483] Call Trace: [ 10.747496] <TASK> [ 10.747539] dump_stack_lvl+0x73/0xb0 [ 10.747567] print_report+0xd1/0x650 [ 10.747600] ? __virt_addr_valid+0x1db/0x2d0 [ 10.747622] ? page_alloc_uaf+0x356/0x3d0 [ 10.747641] ? kasan_addr_to_slab+0x11/0xa0 [ 10.747662] ? page_alloc_uaf+0x356/0x3d0 [ 10.747681] kasan_report+0x141/0x180 [ 10.747704] ? page_alloc_uaf+0x356/0x3d0 [ 10.747727] __asan_report_load1_noabort+0x18/0x20 [ 10.747749] page_alloc_uaf+0x356/0x3d0 [ 10.747767] ? __pfx_page_alloc_uaf+0x10/0x10 [ 10.747787] ? __schedule+0x10cc/0x2b60 [ 10.747811] ? __pfx_read_tsc+0x10/0x10 [ 10.747831] ? ktime_get_ts64+0x86/0x230 [ 10.748115] kunit_try_run_case+0x1a5/0x480 [ 10.748141] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.748161] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.748186] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.748210] ? __kthread_parkme+0x82/0x180 [ 10.748234] ? preempt_count_sub+0x50/0x80 [ 10.748259] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.748280] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.748303] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.748327] kthread+0x337/0x6f0 [ 10.748345] ? trace_preempt_on+0x20/0xc0 [ 10.748368] ? __pfx_kthread+0x10/0x10 [ 10.748386] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.748409] ? calculate_sigpending+0x7b/0xa0 [ 10.748431] ? __pfx_kthread+0x10/0x10 [ 10.748450] ret_from_fork+0x41/0x80 [ 10.748471] ? __pfx_kthread+0x10/0x10 [ 10.748489] ret_from_fork_asm+0x1a/0x30 [ 10.748533] </TASK> [ 10.748545] [ 10.759273] The buggy address belongs to the physical page: [ 10.759555] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103c40 [ 10.759912] flags: 0x200000000000000(node=0|zone=2) [ 10.760124] page_type: f0(buddy) [ 10.760287] raw: 0200000000000000 ffff88817fffb470 ffff88817fffb470 0000000000000000 [ 10.760990] raw: 0000000000000000 0000000000000006 00000000f0000000 0000000000000000 [ 10.761289] page dumped because: kasan: bad access detected [ 10.761747] [ 10.761849] Memory state around the buggy address: [ 10.762330] ffff888103c3ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.762667] ffff888103c3ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.763229] >ffff888103c40000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.763523] ^ [ 10.764039] ffff888103c40080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.764531] ffff888103c40100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.764826] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 10.718680] ================================================================== [ 10.719302] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 10.719622] Free of addr ffff888102d68001 by task kunit_try_catch/170 [ 10.720448] [ 10.720639] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 10.720686] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.720697] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.720718] Call Trace: [ 10.720731] <TASK> [ 10.720744] dump_stack_lvl+0x73/0xb0 [ 10.720770] print_report+0xd1/0x650 [ 10.720793] ? __virt_addr_valid+0x1db/0x2d0 [ 10.720824] ? kasan_addr_to_slab+0x11/0xa0 [ 10.720845] ? kfree+0x274/0x3f0 [ 10.720864] kasan_report_invalid_free+0x10a/0x130 [ 10.720906] ? kfree+0x274/0x3f0 [ 10.720936] ? kfree+0x274/0x3f0 [ 10.720954] __kasan_kfree_large+0x86/0xd0 [ 10.720976] free_large_kmalloc+0x4b/0x110 [ 10.720997] kfree+0x274/0x3f0 [ 10.721019] kmalloc_large_invalid_free+0x120/0x2b0 [ 10.721142] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 10.721167] ? __schedule+0x10cc/0x2b60 [ 10.721191] ? __pfx_read_tsc+0x10/0x10 [ 10.721211] ? ktime_get_ts64+0x86/0x230 [ 10.721236] kunit_try_run_case+0x1a5/0x480 [ 10.721257] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.721276] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.721300] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.721324] ? __kthread_parkme+0x82/0x180 [ 10.721345] ? preempt_count_sub+0x50/0x80 [ 10.721370] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.721390] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.721413] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.721437] kthread+0x337/0x6f0 [ 10.721454] ? trace_preempt_on+0x20/0xc0 [ 10.721477] ? __pfx_kthread+0x10/0x10 [ 10.721495] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.721593] ? calculate_sigpending+0x7b/0xa0 [ 10.721618] ? __pfx_kthread+0x10/0x10 [ 10.721638] ret_from_fork+0x41/0x80 [ 10.721659] ? __pfx_kthread+0x10/0x10 [ 10.721677] ret_from_fork_asm+0x1a/0x30 [ 10.721708] </TASK> [ 10.721719] [ 10.731996] The buggy address belongs to the physical page: [ 10.732572] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d68 [ 10.733113] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.733433] flags: 0x200000000000040(head|node=0|zone=2) [ 10.733668] page_type: f8(unknown) [ 10.734102] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.734477] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.735047] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.735559] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.736085] head: 0200000000000002 ffffea00040b5a01 00000000ffffffff 00000000ffffffff [ 10.736608] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.737090] page dumped because: kasan: bad access detected [ 10.737350] [ 10.737561] Memory state around the buggy address: [ 10.737807] ffff888102d67f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.738346] ffff888102d67f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.738812] >ffff888102d68000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.739277] ^ [ 10.739419] ffff888102d68080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.739974] ffff888102d68100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.740308] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 10.699351] ================================================================== [ 10.700259] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 10.700622] Read of size 1 at addr ffff888102d64000 by task kunit_try_catch/168 [ 10.700983] [ 10.701121] CPU: 1 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 10.701167] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.701191] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.701221] Call Trace: [ 10.701234] <TASK> [ 10.701250] dump_stack_lvl+0x73/0xb0 [ 10.701277] print_report+0xd1/0x650 [ 10.701315] ? __virt_addr_valid+0x1db/0x2d0 [ 10.701337] ? kmalloc_large_uaf+0x2f1/0x340 [ 10.701359] ? kasan_addr_to_slab+0x11/0xa0 [ 10.701380] ? kmalloc_large_uaf+0x2f1/0x340 [ 10.701402] kasan_report+0x141/0x180 [ 10.701425] ? kmalloc_large_uaf+0x2f1/0x340 [ 10.701461] __asan_report_load1_noabort+0x18/0x20 [ 10.701482] kmalloc_large_uaf+0x2f1/0x340 [ 10.701504] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 10.701537] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 10.701559] ? trace_hardirqs_on+0x37/0xe0 [ 10.701583] ? __pfx_read_tsc+0x10/0x10 [ 10.701603] ? ktime_get_ts64+0x86/0x230 [ 10.701630] kunit_try_run_case+0x1a5/0x480 [ 10.701651] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.701680] ? queued_spin_lock_slowpath+0x116/0xb40 [ 10.701705] ? __kthread_parkme+0x82/0x180 [ 10.701728] ? preempt_count_sub+0x50/0x80 [ 10.701763] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.701784] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.701807] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.701830] kthread+0x337/0x6f0 [ 10.701863] ? trace_preempt_on+0x20/0xc0 [ 10.701895] ? __pfx_kthread+0x10/0x10 [ 10.701914] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.701936] ? calculate_sigpending+0x7b/0xa0 [ 10.701958] ? __pfx_kthread+0x10/0x10 [ 10.701977] ret_from_fork+0x41/0x80 [ 10.701997] ? __pfx_kthread+0x10/0x10 [ 10.702015] ret_from_fork_asm+0x1a/0x30 [ 10.702045] </TASK> [ 10.702056] [ 10.710127] The buggy address belongs to the physical page: [ 10.710368] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d64 [ 10.710792] flags: 0x200000000000000(node=0|zone=2) [ 10.710984] raw: 0200000000000000 ffffea00040b5a08 ffff88815b139a80 0000000000000000 [ 10.711389] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 10.711685] page dumped because: kasan: bad access detected [ 10.712093] [ 10.712218] Memory state around the buggy address: [ 10.712486] ffff888102d63f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.712827] ffff888102d63f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.713116] >ffff888102d64000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.713371] ^ [ 10.713587] ffff888102d64080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.714164] ffff888102d64100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.714385] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 10.674657] ================================================================== [ 10.675067] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 10.675657] Write of size 1 at addr ffff888102d6600a by task kunit_try_catch/166 [ 10.676283] [ 10.676413] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 10.676493] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.676521] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.676573] Call Trace: [ 10.676585] <TASK> [ 10.676601] dump_stack_lvl+0x73/0xb0 [ 10.676627] print_report+0xd1/0x650 [ 10.676665] ? __virt_addr_valid+0x1db/0x2d0 [ 10.676687] ? kmalloc_large_oob_right+0x2e9/0x330 [ 10.676709] ? kasan_addr_to_slab+0x11/0xa0 [ 10.676731] ? kmalloc_large_oob_right+0x2e9/0x330 [ 10.676754] kasan_report+0x141/0x180 [ 10.676805] ? kmalloc_large_oob_right+0x2e9/0x330 [ 10.676833] __asan_report_store1_noabort+0x1b/0x30 [ 10.676898] kmalloc_large_oob_right+0x2e9/0x330 [ 10.676921] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 10.676945] ? __schedule+0x10cc/0x2b60 [ 10.677072] ? __pfx_read_tsc+0x10/0x10 [ 10.677094] ? ktime_get_ts64+0x86/0x230 [ 10.677119] kunit_try_run_case+0x1a5/0x480 [ 10.677141] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.677160] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.677184] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.677208] ? __kthread_parkme+0x82/0x180 [ 10.677230] ? preempt_count_sub+0x50/0x80 [ 10.677255] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.677275] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.677299] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.677322] kthread+0x337/0x6f0 [ 10.677339] ? trace_preempt_on+0x20/0xc0 [ 10.677362] ? __pfx_kthread+0x10/0x10 [ 10.677380] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.677403] ? calculate_sigpending+0x7b/0xa0 [ 10.677424] ? __pfx_kthread+0x10/0x10 [ 10.677443] ret_from_fork+0x41/0x80 [ 10.677463] ? __pfx_kthread+0x10/0x10 [ 10.677481] ret_from_fork_asm+0x1a/0x30 [ 10.677522] </TASK> [ 10.677532] [ 10.686266] The buggy address belongs to the physical page: [ 10.686506] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d64 [ 10.687092] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.687626] flags: 0x200000000000040(head|node=0|zone=2) [ 10.687906] page_type: f8(unknown) [ 10.688040] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.688534] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.689167] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.689686] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.690019] head: 0200000000000002 ffffea00040b5901 00000000ffffffff 00000000ffffffff [ 10.690346] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.690822] page dumped because: kasan: bad access detected [ 10.691151] [ 10.691254] Memory state around the buggy address: [ 10.691498] ffff888102d65f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.691780] ffff888102d65f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.692209] >ffff888102d66000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.692535] ^ [ 10.692706] ffff888102d66080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.693139] ffff888102d66100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.693455] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 10.647412] ================================================================== [ 10.648291] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 10.648542] Write of size 1 at addr ffff888102de9f00 by task kunit_try_catch/164 [ 10.649246] [ 10.649451] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 10.649498] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.649528] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.649551] Call Trace: [ 10.649576] <TASK> [ 10.649591] dump_stack_lvl+0x73/0xb0 [ 10.649618] print_report+0xd1/0x650 [ 10.649641] ? __virt_addr_valid+0x1db/0x2d0 [ 10.649664] ? kmalloc_big_oob_right+0x316/0x370 [ 10.649687] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.649710] ? kmalloc_big_oob_right+0x316/0x370 [ 10.649734] kasan_report+0x141/0x180 [ 10.649756] ? kmalloc_big_oob_right+0x316/0x370 [ 10.649784] __asan_report_store1_noabort+0x1b/0x30 [ 10.649806] kmalloc_big_oob_right+0x316/0x370 [ 10.649831] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 10.649855] ? __schedule+0x10cc/0x2b60 [ 10.649891] ? __pfx_read_tsc+0x10/0x10 [ 10.649912] ? ktime_get_ts64+0x86/0x230 [ 10.649937] kunit_try_run_case+0x1a5/0x480 [ 10.649959] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.649978] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.650002] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.650026] ? __kthread_parkme+0x82/0x180 [ 10.650047] ? preempt_count_sub+0x50/0x80 [ 10.650073] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.650093] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.650117] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.650141] kthread+0x337/0x6f0 [ 10.650157] ? trace_preempt_on+0x20/0xc0 [ 10.650181] ? __pfx_kthread+0x10/0x10 [ 10.650199] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.650222] ? calculate_sigpending+0x7b/0xa0 [ 10.650243] ? __pfx_kthread+0x10/0x10 [ 10.650262] ret_from_fork+0x41/0x80 [ 10.650284] ? __pfx_kthread+0x10/0x10 [ 10.650302] ret_from_fork_asm+0x1a/0x30 [ 10.650332] </TASK> [ 10.650343] [ 10.659200] Allocated by task 164: [ 10.659431] kasan_save_stack+0x45/0x70 [ 10.659653] kasan_save_track+0x18/0x40 [ 10.659853] kasan_save_alloc_info+0x3b/0x50 [ 10.660015] __kasan_kmalloc+0xb7/0xc0 [ 10.660150] __kmalloc_cache_noprof+0x189/0x420 [ 10.660381] kmalloc_big_oob_right+0xa9/0x370 [ 10.660971] kunit_try_run_case+0x1a5/0x480 [ 10.661145] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.661327] kthread+0x337/0x6f0 [ 10.661475] ret_from_fork+0x41/0x80 [ 10.661859] ret_from_fork_asm+0x1a/0x30 [ 10.662055] [ 10.662151] The buggy address belongs to the object at ffff888102de8000 [ 10.662151] which belongs to the cache kmalloc-8k of size 8192 [ 10.662636] The buggy address is located 0 bytes to the right of [ 10.662636] allocated 7936-byte region [ffff888102de8000, ffff888102de9f00) [ 10.663106] [ 10.663246] The buggy address belongs to the physical page: [ 10.663491] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102de8 [ 10.663793] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.664141] flags: 0x200000000000040(head|node=0|zone=2) [ 10.664345] page_type: f5(slab) [ 10.664516] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 10.664842] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 10.665199] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 10.665556] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 10.665803] head: 0200000000000003 ffffea00040b7a01 00000000ffffffff 00000000ffffffff [ 10.666051] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 10.666410] page dumped because: kasan: bad access detected [ 10.666665] [ 10.666782] Memory state around the buggy address: [ 10.667065] ffff888102de9e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.667407] ffff888102de9e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.667923] >ffff888102de9f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.668272] ^ [ 10.668392] ffff888102de9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.669017] ffff888102dea000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.669375] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 10.611846] ================================================================== [ 10.612650] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.613510] Write of size 1 at addr ffff8881035ebc78 by task kunit_try_catch/162 [ 10.614117] [ 10.614215] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 10.614260] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.614272] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.614294] Call Trace: [ 10.614306] <TASK> [ 10.614321] dump_stack_lvl+0x73/0xb0 [ 10.614348] print_report+0xd1/0x650 [ 10.614372] ? __virt_addr_valid+0x1db/0x2d0 [ 10.614394] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.614416] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.614439] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.614461] kasan_report+0x141/0x180 [ 10.614483] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.614520] __asan_report_store1_noabort+0x1b/0x30 [ 10.614541] kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.614563] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 10.614587] ? __schedule+0x10cc/0x2b60 [ 10.614610] ? __pfx_read_tsc+0x10/0x10 [ 10.614631] ? ktime_get_ts64+0x86/0x230 [ 10.614683] kunit_try_run_case+0x1a5/0x480 [ 10.614705] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.614724] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.614749] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.614773] ? __kthread_parkme+0x82/0x180 [ 10.614795] ? preempt_count_sub+0x50/0x80 [ 10.614820] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.614840] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.614863] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.614914] kthread+0x337/0x6f0 [ 10.614932] ? trace_preempt_on+0x20/0xc0 [ 10.614957] ? __pfx_kthread+0x10/0x10 [ 10.614975] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.614997] ? calculate_sigpending+0x7b/0xa0 [ 10.615019] ? __pfx_kthread+0x10/0x10 [ 10.615037] ret_from_fork+0x41/0x80 [ 10.615059] ? __pfx_kthread+0x10/0x10 [ 10.615077] ret_from_fork_asm+0x1a/0x30 [ 10.615107] </TASK> [ 10.615118] [ 10.629105] Allocated by task 162: [ 10.629242] kasan_save_stack+0x45/0x70 [ 10.629393] kasan_save_track+0x18/0x40 [ 10.629656] kasan_save_alloc_info+0x3b/0x50 [ 10.630130] __kasan_kmalloc+0xb7/0xc0 [ 10.630648] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 10.631315] kmalloc_track_caller_oob_right+0x19a/0x520 [ 10.631965] kunit_try_run_case+0x1a5/0x480 [ 10.632363] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.632889] kthread+0x337/0x6f0 [ 10.633082] ret_from_fork+0x41/0x80 [ 10.633219] ret_from_fork_asm+0x1a/0x30 [ 10.633357] [ 10.633430] The buggy address belongs to the object at ffff8881035ebc00 [ 10.633430] which belongs to the cache kmalloc-128 of size 128 [ 10.634639] The buggy address is located 0 bytes to the right of [ 10.634639] allocated 120-byte region [ffff8881035ebc00, ffff8881035ebc78) [ 10.635645] [ 10.635727] The buggy address belongs to the physical page: [ 10.635980] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1035eb [ 10.636704] flags: 0x200000000000000(node=0|zone=2) [ 10.637243] page_type: f5(slab) [ 10.637538] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.638310] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.638582] page dumped because: kasan: bad access detected [ 10.639104] [ 10.639310] Memory state around the buggy address: [ 10.639949] ffff8881035ebb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.640542] ffff8881035ebb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.641116] >ffff8881035ebc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 10.641739] ^ [ 10.642090] ffff8881035ebc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.642704] ffff8881035ebd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.643357] ================================================================== [ 10.587689] ================================================================== [ 10.588338] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.588665] Write of size 1 at addr ffff8881035ebb78 by task kunit_try_catch/162 [ 10.589178] [ 10.589313] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 10.589369] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.589390] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.589410] Call Trace: [ 10.589421] <TASK> [ 10.589437] dump_stack_lvl+0x73/0xb0 [ 10.589474] print_report+0xd1/0x650 [ 10.589497] ? __virt_addr_valid+0x1db/0x2d0 [ 10.589529] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.589552] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.589575] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.589597] kasan_report+0x141/0x180 [ 10.589621] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.589657] __asan_report_store1_noabort+0x1b/0x30 [ 10.589678] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.589700] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 10.589734] ? __schedule+0x10cc/0x2b60 [ 10.589759] ? __pfx_read_tsc+0x10/0x10 [ 10.589780] ? ktime_get_ts64+0x86/0x230 [ 10.589812] kunit_try_run_case+0x1a5/0x480 [ 10.589834] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.589854] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.589895] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.589920] ? __kthread_parkme+0x82/0x180 [ 10.589942] ? preempt_count_sub+0x50/0x80 [ 10.589981] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.590002] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.590026] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.590050] kthread+0x337/0x6f0 [ 10.590067] ? trace_preempt_on+0x20/0xc0 [ 10.590090] ? __pfx_kthread+0x10/0x10 [ 10.590109] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.590131] ? calculate_sigpending+0x7b/0xa0 [ 10.590153] ? __pfx_kthread+0x10/0x10 [ 10.590172] ret_from_fork+0x41/0x80 [ 10.590193] ? __pfx_kthread+0x10/0x10 [ 10.590211] ret_from_fork_asm+0x1a/0x30 [ 10.590242] </TASK> [ 10.590253] [ 10.598413] Allocated by task 162: [ 10.598614] kasan_save_stack+0x45/0x70 [ 10.598894] kasan_save_track+0x18/0x40 [ 10.599106] kasan_save_alloc_info+0x3b/0x50 [ 10.599351] __kasan_kmalloc+0xb7/0xc0 [ 10.599580] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 10.599809] kmalloc_track_caller_oob_right+0x99/0x520 [ 10.599991] kunit_try_run_case+0x1a5/0x480 [ 10.600139] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.600449] kthread+0x337/0x6f0 [ 10.600648] ret_from_fork+0x41/0x80 [ 10.600840] ret_from_fork_asm+0x1a/0x30 [ 10.601065] [ 10.601172] The buggy address belongs to the object at ffff8881035ebb00 [ 10.601172] which belongs to the cache kmalloc-128 of size 128 [ 10.601659] The buggy address is located 0 bytes to the right of [ 10.601659] allocated 120-byte region [ffff8881035ebb00, ffff8881035ebb78) [ 10.602831] [ 10.603209] The buggy address belongs to the physical page: [ 10.604017] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1035eb [ 10.604376] flags: 0x200000000000000(node=0|zone=2) [ 10.604588] page_type: f5(slab) [ 10.604976] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.605715] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.606252] page dumped because: kasan: bad access detected [ 10.606430] [ 10.606503] Memory state around the buggy address: [ 10.607001] ffff8881035eba00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.607695] ffff8881035eba80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.608611] >ffff8881035ebb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 10.609338] ^ [ 10.609898] ffff8881035ebb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.610245] ffff8881035ebc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.610463] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 10.559916] ================================================================== [ 10.560749] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 10.561270] Read of size 1 at addr ffff8881028f5000 by task kunit_try_catch/160 [ 10.561506] [ 10.561676] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 10.561722] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.561734] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.561783] Call Trace: [ 10.561795] <TASK> [ 10.561809] dump_stack_lvl+0x73/0xb0 [ 10.561835] print_report+0xd1/0x650 [ 10.561859] ? __virt_addr_valid+0x1db/0x2d0 [ 10.561895] ? kmalloc_node_oob_right+0x369/0x3c0 [ 10.561916] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.561939] ? kmalloc_node_oob_right+0x369/0x3c0 [ 10.561960] kasan_report+0x141/0x180 [ 10.561983] ? kmalloc_node_oob_right+0x369/0x3c0 [ 10.562008] __asan_report_load1_noabort+0x18/0x20 [ 10.562030] kmalloc_node_oob_right+0x369/0x3c0 [ 10.562053] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 10.562127] ? __schedule+0x10cc/0x2b60 [ 10.562151] ? __pfx_read_tsc+0x10/0x10 [ 10.562172] ? ktime_get_ts64+0x86/0x230 [ 10.562199] kunit_try_run_case+0x1a5/0x480 [ 10.562221] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.562240] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.562264] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.562288] ? __kthread_parkme+0x82/0x180 [ 10.562309] ? preempt_count_sub+0x50/0x80 [ 10.562334] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.562354] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.562378] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.562401] kthread+0x337/0x6f0 [ 10.562418] ? trace_preempt_on+0x20/0xc0 [ 10.562442] ? __pfx_kthread+0x10/0x10 [ 10.562460] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.562482] ? calculate_sigpending+0x7b/0xa0 [ 10.562503] ? __pfx_kthread+0x10/0x10 [ 10.562522] ret_from_fork+0x41/0x80 [ 10.562542] ? __pfx_kthread+0x10/0x10 [ 10.562560] ret_from_fork_asm+0x1a/0x30 [ 10.562589] </TASK> [ 10.562600] [ 10.571909] Allocated by task 160: [ 10.572147] kasan_save_stack+0x45/0x70 [ 10.572388] kasan_save_track+0x18/0x40 [ 10.572593] kasan_save_alloc_info+0x3b/0x50 [ 10.572827] __kasan_kmalloc+0xb7/0xc0 [ 10.573133] __kmalloc_cache_node_noprof+0x188/0x420 [ 10.573313] kmalloc_node_oob_right+0xab/0x3c0 [ 10.573463] kunit_try_run_case+0x1a5/0x480 [ 10.573639] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.574235] kthread+0x337/0x6f0 [ 10.574434] ret_from_fork+0x41/0x80 [ 10.574635] ret_from_fork_asm+0x1a/0x30 [ 10.574924] [ 10.575077] The buggy address belongs to the object at ffff8881028f4000 [ 10.575077] which belongs to the cache kmalloc-4k of size 4096 [ 10.575564] The buggy address is located 0 bytes to the right of [ 10.575564] allocated 4096-byte region [ffff8881028f4000, ffff8881028f5000) [ 10.576180] [ 10.576284] The buggy address belongs to the physical page: [ 10.576597] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028f0 [ 10.577318] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.577741] flags: 0x200000000000040(head|node=0|zone=2) [ 10.578168] page_type: f5(slab) [ 10.578354] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 10.578760] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 10.579373] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 10.579731] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 10.580138] head: 0200000000000003 ffffea00040a3c01 00000000ffffffff 00000000ffffffff [ 10.580483] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 10.580956] page dumped because: kasan: bad access detected [ 10.581199] [ 10.581296] Memory state around the buggy address: [ 10.581608] ffff8881028f4f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.581961] ffff8881028f4f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.582242] >ffff8881028f5000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.582587] ^ [ 10.582744] ffff8881028f5080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.583051] ffff8881028f5100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.583436] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 10.513977] ================================================================== [ 10.515118] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 10.516187] Read of size 1 at addr ffff88810217155f by task kunit_try_catch/158 [ 10.516950] [ 10.517063] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 10.517112] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.517124] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.517146] Call Trace: [ 10.517160] <TASK> [ 10.517177] dump_stack_lvl+0x73/0xb0 [ 10.517207] print_report+0xd1/0x650 [ 10.517230] ? __virt_addr_valid+0x1db/0x2d0 [ 10.517253] ? kmalloc_oob_left+0x361/0x3c0 [ 10.517276] ? kasan_complete_mode_report_info+0x64/0x200 [ 10.517299] ? kmalloc_oob_left+0x361/0x3c0 [ 10.517321] kasan_report+0x141/0x180 [ 10.517344] ? kmalloc_oob_left+0x361/0x3c0 [ 10.517371] __asan_report_load1_noabort+0x18/0x20 [ 10.517392] kmalloc_oob_left+0x361/0x3c0 [ 10.517415] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 10.517438] ? __schedule+0x10cc/0x2b60 [ 10.517462] ? __pfx_read_tsc+0x10/0x10 [ 10.517482] ? ktime_get_ts64+0x86/0x230 [ 10.517516] kunit_try_run_case+0x1a5/0x480 [ 10.517538] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.517557] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.517582] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.517606] ? __kthread_parkme+0x82/0x180 [ 10.517629] ? preempt_count_sub+0x50/0x80 [ 10.517654] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.517674] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.517697] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.517720] kthread+0x337/0x6f0 [ 10.517737] ? trace_preempt_on+0x20/0xc0 [ 10.517761] ? __pfx_kthread+0x10/0x10 [ 10.517780] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.517802] ? calculate_sigpending+0x7b/0xa0 [ 10.517824] ? __pfx_kthread+0x10/0x10 [ 10.517843] ret_from_fork+0x41/0x80 [ 10.517863] ? __pfx_kthread+0x10/0x10 [ 10.517899] ret_from_fork_asm+0x1a/0x30 [ 10.517929] </TASK> [ 10.517941] [ 10.533975] Allocated by task 1: [ 10.534114] kasan_save_stack+0x45/0x70 [ 10.534493] kasan_save_track+0x18/0x40 [ 10.534897] kasan_save_alloc_info+0x3b/0x50 [ 10.535335] __kasan_kmalloc+0xb7/0xc0 [ 10.535710] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 10.536280] kvasprintf+0xc5/0x150 [ 10.536626] __kthread_create_on_node+0x18b/0x3a0 [ 10.537103] kthread_create_on_node+0xab/0xe0 [ 10.537587] cryptomgr_notify+0x704/0x9f0 [ 10.538015] notifier_call_chain+0xcb/0x250 [ 10.538425] blocking_notifier_call_chain+0x64/0x90 [ 10.538938] crypto_alg_mod_lookup+0x21f/0x440 [ 10.539344] crypto_alloc_tfm_node+0xc5/0x1f0 [ 10.539491] crypto_alloc_sig+0x23/0x30 [ 10.539641] public_key_verify_signature+0x208/0x9f0 [ 10.539827] x509_check_for_self_signed+0x2cb/0x480 [ 10.539998] x509_cert_parse+0x59c/0x830 [ 10.540346] x509_key_preparse+0x68/0x8a0 [ 10.540727] asymmetric_key_preparse+0xb1/0x160 [ 10.540903] __key_create_or_update+0x43d/0xcc0 [ 10.541055] key_create_or_update+0x17/0x20 [ 10.541485] x509_load_certificate_list+0x174/0x200 [ 10.542012] regulatory_init_db+0xee/0x3a0 [ 10.542428] do_one_initcall+0xd8/0x370 [ 10.542662] kernel_init_freeable+0x420/0x6f0 [ 10.543109] kernel_init+0x23/0x1e0 [ 10.543343] ret_from_fork+0x41/0x80 [ 10.543497] ret_from_fork_asm+0x1a/0x30 [ 10.543770] [ 10.543981] Freed by task 0: [ 10.544274] kasan_save_stack+0x45/0x70 [ 10.544661] kasan_save_track+0x18/0x40 [ 10.545101] kasan_save_free_info+0x3f/0x60 [ 10.545537] __kasan_slab_free+0x56/0x70 [ 10.545933] kfree+0x222/0x3f0 [ 10.546234] free_kthread_struct+0xeb/0x150 [ 10.546407] free_task+0xf3/0x130 [ 10.546537] __put_task_struct+0x1c8/0x480 [ 10.546905] delayed_put_task_struct+0x10a/0x150 [ 10.547432] rcu_core+0x66c/0x1c30 [ 10.547801] rcu_core_si+0x12/0x20 [ 10.548216] handle_softirqs+0x209/0x730 [ 10.548439] __irq_exit_rcu+0xc9/0x110 [ 10.548638] irq_exit_rcu+0x12/0x20 [ 10.548969] sysvec_apic_timer_interrupt+0x81/0x90 [ 10.549450] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 10.550018] [ 10.550122] The buggy address belongs to the object at ffff888102171540 [ 10.550122] which belongs to the cache kmalloc-16 of size 16 [ 10.550461] The buggy address is located 15 bytes to the right of [ 10.550461] allocated 16-byte region [ffff888102171540, ffff888102171550) [ 10.550825] [ 10.550912] The buggy address belongs to the physical page: [ 10.551132] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102171 [ 10.551366] flags: 0x200000000000000(node=0|zone=2) [ 10.551544] page_type: f5(slab) [ 10.551676] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 10.551910] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 10.552157] page dumped because: kasan: bad access detected [ 10.552470] [ 10.552592] Memory state around the buggy address: [ 10.553061] ffff888102171400: 00 03 fc fc fa fb fc fc 00 02 fc fc 00 05 fc fc [ 10.553777] ffff888102171480: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 10.554128] >ffff888102171500: fa fb fc fc fa fb fc fc fa fb fc fc 00 07 fc fc [ 10.554919] ^ [ 10.555437] ffff888102171580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.556146] ffff888102171600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.556637] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 10.465300] ================================================================== [ 10.466056] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 10.466617] Write of size 1 at addr ffff8881035eba78 by task kunit_try_catch/156 [ 10.467084] [ 10.467199] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 10.467243] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.467255] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.467276] Call Trace: [ 10.467289] <TASK> [ 10.467302] dump_stack_lvl+0x73/0xb0 [ 10.467327] print_report+0xd1/0x650 [ 10.467350] ? __virt_addr_valid+0x1db/0x2d0 [ 10.467372] ? kmalloc_oob_right+0x6bd/0x7f0 [ 10.467394] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.467417] ? kmalloc_oob_right+0x6bd/0x7f0 [ 10.467439] kasan_report+0x141/0x180 [ 10.467462] ? kmalloc_oob_right+0x6bd/0x7f0 [ 10.467489] __asan_report_store1_noabort+0x1b/0x30 [ 10.467728] kmalloc_oob_right+0x6bd/0x7f0 [ 10.467761] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.467799] ? __schedule+0x10cc/0x2b60 [ 10.467824] ? __pfx_read_tsc+0x10/0x10 [ 10.467843] ? ktime_get_ts64+0x86/0x230 [ 10.467911] kunit_try_run_case+0x1a5/0x480 [ 10.467935] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.467954] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.467978] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.468002] ? __kthread_parkme+0x82/0x180 [ 10.468023] ? preempt_count_sub+0x50/0x80 [ 10.468048] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.468068] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.468091] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.468115] kthread+0x337/0x6f0 [ 10.468132] ? trace_preempt_on+0x20/0xc0 [ 10.468155] ? __pfx_kthread+0x10/0x10 [ 10.468173] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.468195] ? calculate_sigpending+0x7b/0xa0 [ 10.468216] ? __pfx_kthread+0x10/0x10 [ 10.468235] ret_from_fork+0x41/0x80 [ 10.468255] ? __pfx_kthread+0x10/0x10 [ 10.468273] ret_from_fork_asm+0x1a/0x30 [ 10.468303] </TASK> [ 10.468314] [ 10.478505] Allocated by task 156: [ 10.478684] kasan_save_stack+0x45/0x70 [ 10.478894] kasan_save_track+0x18/0x40 [ 10.479036] kasan_save_alloc_info+0x3b/0x50 [ 10.479184] __kasan_kmalloc+0xb7/0xc0 [ 10.479351] __kmalloc_cache_noprof+0x189/0x420 [ 10.479635] kmalloc_oob_right+0xa9/0x7f0 [ 10.479843] kunit_try_run_case+0x1a5/0x480 [ 10.480049] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.480228] kthread+0x337/0x6f0 [ 10.480349] ret_from_fork+0x41/0x80 [ 10.480534] ret_from_fork_asm+0x1a/0x30 [ 10.480760] [ 10.480937] The buggy address belongs to the object at ffff8881035eba00 [ 10.480937] which belongs to the cache kmalloc-128 of size 128 [ 10.482208] The buggy address is located 5 bytes to the right of [ 10.482208] allocated 115-byte region [ffff8881035eba00, ffff8881035eba73) [ 10.483000] [ 10.483108] The buggy address belongs to the physical page: [ 10.483469] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1035eb [ 10.483935] flags: 0x200000000000000(node=0|zone=2) [ 10.484274] page_type: f5(slab) [ 10.484440] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.484935] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.485336] page dumped because: kasan: bad access detected [ 10.485663] [ 10.485756] Memory state around the buggy address: [ 10.486152] ffff8881035eb900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.486554] ffff8881035eb980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.486888] >ffff8881035eba00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 10.487314] ^ [ 10.487706] ffff8881035eba80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.488051] ffff8881035ebb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.488353] ================================================================== [ 10.489159] ================================================================== [ 10.489900] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 10.490329] Read of size 1 at addr ffff8881035eba80 by task kunit_try_catch/156 [ 10.490598] [ 10.490917] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 10.491034] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.491061] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.491083] Call Trace: [ 10.491097] <TASK> [ 10.491202] dump_stack_lvl+0x73/0xb0 [ 10.491232] print_report+0xd1/0x650 [ 10.491255] ? __virt_addr_valid+0x1db/0x2d0 [ 10.491278] ? kmalloc_oob_right+0x68a/0x7f0 [ 10.491300] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.491323] ? kmalloc_oob_right+0x68a/0x7f0 [ 10.491346] kasan_report+0x141/0x180 [ 10.491368] ? kmalloc_oob_right+0x68a/0x7f0 [ 10.491396] __asan_report_load1_noabort+0x18/0x20 [ 10.491419] kmalloc_oob_right+0x68a/0x7f0 [ 10.491444] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.491467] ? __schedule+0x10cc/0x2b60 [ 10.491491] ? __pfx_read_tsc+0x10/0x10 [ 10.491545] ? ktime_get_ts64+0x86/0x230 [ 10.491581] kunit_try_run_case+0x1a5/0x480 [ 10.491604] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.491623] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.491647] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.491671] ? __kthread_parkme+0x82/0x180 [ 10.491693] ? preempt_count_sub+0x50/0x80 [ 10.491718] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.491738] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.491761] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.491785] kthread+0x337/0x6f0 [ 10.491803] ? trace_preempt_on+0x20/0xc0 [ 10.491825] ? __pfx_kthread+0x10/0x10 [ 10.491843] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.491866] ? calculate_sigpending+0x7b/0xa0 [ 10.491897] ? __pfx_kthread+0x10/0x10 [ 10.491916] ret_from_fork+0x41/0x80 [ 10.491936] ? __pfx_kthread+0x10/0x10 [ 10.491954] ret_from_fork_asm+0x1a/0x30 [ 10.491985] </TASK> [ 10.491997] [ 10.501223] Allocated by task 156: [ 10.501487] kasan_save_stack+0x45/0x70 [ 10.501815] kasan_save_track+0x18/0x40 [ 10.502025] kasan_save_alloc_info+0x3b/0x50 [ 10.502210] __kasan_kmalloc+0xb7/0xc0 [ 10.502382] __kmalloc_cache_noprof+0x189/0x420 [ 10.502825] kmalloc_oob_right+0xa9/0x7f0 [ 10.503046] kunit_try_run_case+0x1a5/0x480 [ 10.503319] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.503626] kthread+0x337/0x6f0 [ 10.503787] ret_from_fork+0x41/0x80 [ 10.504098] ret_from_fork_asm+0x1a/0x30 [ 10.504363] [ 10.504458] The buggy address belongs to the object at ffff8881035eba00 [ 10.504458] which belongs to the cache kmalloc-128 of size 128 [ 10.505154] The buggy address is located 13 bytes to the right of [ 10.505154] allocated 115-byte region [ffff8881035eba00, ffff8881035eba73) [ 10.505815] [ 10.505906] The buggy address belongs to the physical page: [ 10.506140] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1035eb [ 10.506479] flags: 0x200000000000000(node=0|zone=2) [ 10.506906] page_type: f5(slab) [ 10.507078] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.507548] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.507975] page dumped because: kasan: bad access detected [ 10.508228] [ 10.508300] Memory state around the buggy address: [ 10.508701] ffff8881035eb980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.509015] ffff8881035eba00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 10.509366] >ffff8881035eba80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.509795] ^ [ 10.509968] ffff8881035ebb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.510250] ffff8881035ebb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.510532] ================================================================== [ 10.441254] ================================================================== [ 10.441957] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 10.442708] Write of size 1 at addr ffff8881035eba73 by task kunit_try_catch/156 [ 10.443089] [ 10.444050] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 10.444330] Tainted: [N]=TEST [ 10.444362] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.444597] Call Trace: [ 10.444665] <TASK> [ 10.444808] dump_stack_lvl+0x73/0xb0 [ 10.444903] print_report+0xd1/0x650 [ 10.444934] ? __virt_addr_valid+0x1db/0x2d0 [ 10.444959] ? kmalloc_oob_right+0x6f0/0x7f0 [ 10.444982] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.445004] ? kmalloc_oob_right+0x6f0/0x7f0 [ 10.445027] kasan_report+0x141/0x180 [ 10.445050] ? kmalloc_oob_right+0x6f0/0x7f0 [ 10.445078] __asan_report_store1_noabort+0x1b/0x30 [ 10.445100] kmalloc_oob_right+0x6f0/0x7f0 [ 10.445123] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.445148] ? __schedule+0x10cc/0x2b60 [ 10.445173] ? __pfx_read_tsc+0x10/0x10 [ 10.445196] ? ktime_get_ts64+0x86/0x230 [ 10.445224] kunit_try_run_case+0x1a5/0x480 [ 10.445248] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.445267] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.445292] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.445316] ? __kthread_parkme+0x82/0x180 [ 10.445340] ? preempt_count_sub+0x50/0x80 [ 10.445367] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.445387] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.445411] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.445435] kthread+0x337/0x6f0 [ 10.445452] ? trace_preempt_on+0x20/0xc0 [ 10.445477] ? __pfx_kthread+0x10/0x10 [ 10.445495] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.445518] ? calculate_sigpending+0x7b/0xa0 [ 10.445541] ? __pfx_kthread+0x10/0x10 [ 10.445559] ret_from_fork+0x41/0x80 [ 10.445580] ? __pfx_kthread+0x10/0x10 [ 10.445598] ret_from_fork_asm+0x1a/0x30 [ 10.445652] </TASK> [ 10.445717] [ 10.453764] Allocated by task 156: [ 10.454092] kasan_save_stack+0x45/0x70 [ 10.454280] kasan_save_track+0x18/0x40 [ 10.454515] kasan_save_alloc_info+0x3b/0x50 [ 10.454691] __kasan_kmalloc+0xb7/0xc0 [ 10.454848] __kmalloc_cache_noprof+0x189/0x420 [ 10.455111] kmalloc_oob_right+0xa9/0x7f0 [ 10.455307] kunit_try_run_case+0x1a5/0x480 [ 10.455466] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.455733] kthread+0x337/0x6f0 [ 10.455921] ret_from_fork+0x41/0x80 [ 10.456087] ret_from_fork_asm+0x1a/0x30 [ 10.456340] [ 10.456543] The buggy address belongs to the object at ffff8881035eba00 [ 10.456543] which belongs to the cache kmalloc-128 of size 128 [ 10.457159] The buggy address is located 0 bytes to the right of [ 10.457159] allocated 115-byte region [ffff8881035eba00, ffff8881035eba73) [ 10.457766] [ 10.457979] The buggy address belongs to the physical page: [ 10.458440] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1035eb [ 10.459023] flags: 0x200000000000000(node=0|zone=2) [ 10.459695] page_type: f5(slab) [ 10.460227] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.460585] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.460981] page dumped because: kasan: bad access detected [ 10.461246] [ 10.461352] Memory state around the buggy address: [ 10.461832] ffff8881035eb900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.462197] ffff8881035eb980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.462543] >ffff8881035eba00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 10.462887] ^ [ 10.463231] ffff8881035eba80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.463518] ffff8881035ebb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.463990] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 144.154962] WARNING: CPU: 1 PID: 2740 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 144.156135] Modules linked in: [ 144.156328] CPU: 1 UID: 0 PID: 2740 Comm: kunit_try_catch Tainted: G B D W N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 144.156751] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 144.157285] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 144.157633] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 144.157984] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 144.159060] RSP: 0000:ffff88810327fc78 EFLAGS: 00010286 [ 144.159257] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 144.159471] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff94824afc [ 144.159713] RBP: ffff88810327fca0 R08: 0000000000000000 R09: ffffed10205db7e0 [ 144.160495] R10: ffff888102edbf07 R11: 0000000000000000 R12: ffffffff94824ae8 [ 144.160988] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810327fd38 [ 144.161260] FS: 0000000000000000(0000) GS:ffff8881c4990000(0000) knlGS:0000000000000000 [ 144.161756] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.162266] CR2: 00007ffff7ffe000 CR3: 00000000720ba000 CR4: 00000000000006f0 [ 144.162570] DR0: ffffffff96833900 DR1: ffffffff96833901 DR2: ffffffff96833903 [ 144.163116] DR3: ffffffff96833905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 144.163420] Call Trace: [ 144.163545] <TASK> [ 144.164105] drm_test_rect_calc_vscale+0x108/0x270 [ 144.164312] ? __kasan_check_write+0x18/0x20 [ 144.164715] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 144.165108] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 144.165368] ? __pfx_read_tsc+0x10/0x10 [ 144.165550] ? ktime_get_ts64+0x86/0x230 [ 144.165841] kunit_try_run_case+0x1a5/0x480 [ 144.166381] ? __pfx_kunit_try_run_case+0x10/0x10 [ 144.166644] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 144.166853] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 144.167306] ? __kthread_parkme+0x82/0x180 [ 144.167511] ? preempt_count_sub+0x50/0x80 [ 144.168035] ? __pfx_kunit_try_run_case+0x10/0x10 [ 144.168282] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 144.168522] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 144.169096] kthread+0x337/0x6f0 [ 144.169256] ? trace_preempt_on+0x20/0xc0 [ 144.169602] ? __pfx_kthread+0x10/0x10 [ 144.169974] ? _raw_spin_unlock_irq+0x47/0x80 [ 144.170195] ? calculate_sigpending+0x7b/0xa0 [ 144.170394] ? __pfx_kthread+0x10/0x10 [ 144.170634] ret_from_fork+0x41/0x80 [ 144.170814] ? __pfx_kthread+0x10/0x10 [ 144.171142] ret_from_fork_asm+0x1a/0x30 [ 144.171371] </TASK> [ 144.171467] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 144.175311] WARNING: CPU: 1 PID: 2742 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 144.175629] Modules linked in: [ 144.175769] CPU: 1 UID: 0 PID: 2742 Comm: kunit_try_catch Tainted: G B D W N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 144.176749] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 144.177676] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 144.178726] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 144.179508] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 144.180386] RSP: 0000:ffff888105257c78 EFLAGS: 00010286 [ 144.181038] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 144.181823] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff94824b34 [ 144.182526] RBP: ffff888105257ca0 R08: 0000000000000000 R09: ffffed10205dbe20 [ 144.182747] R10: ffff888102edf107 R11: 0000000000000000 R12: ffffffff94824b20 [ 144.183427] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888105257d38 [ 144.184182] FS: 0000000000000000(0000) GS:ffff8881c4990000(0000) knlGS:0000000000000000 [ 144.184766] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.185257] CR2: 00007ffff7ffe000 CR3: 00000000720ba000 CR4: 00000000000006f0 [ 144.185675] DR0: ffffffff96833900 DR1: ffffffff96833901 DR2: ffffffff96833903 [ 144.186072] DR3: ffffffff96833905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 144.187085] Call Trace: [ 144.187215] <TASK> [ 144.187311] drm_test_rect_calc_vscale+0x108/0x270 [ 144.187481] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 144.187652] ? __schedule+0x10cc/0x2b60 [ 144.187790] ? __pfx_read_tsc+0x10/0x10 [ 144.187937] ? ktime_get_ts64+0x86/0x230 [ 144.188512] kunit_try_run_case+0x1a5/0x480 [ 144.188913] ? __pfx_kunit_try_run_case+0x10/0x10 [ 144.189129] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 144.189292] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 144.189461] ? __kthread_parkme+0x82/0x180 [ 144.190759] ? preempt_count_sub+0x50/0x80 [ 144.192405] ? __pfx_kunit_try_run_case+0x10/0x10 [ 144.192838] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 144.193359] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 144.194079] kthread+0x337/0x6f0 [ 144.194218] ? trace_preempt_on+0x20/0xc0 [ 144.194368] ? __pfx_kthread+0x10/0x10 [ 144.194503] ? _raw_spin_unlock_irq+0x47/0x80 [ 144.194654] ? calculate_sigpending+0x7b/0xa0 [ 144.194803] ? __pfx_kthread+0x10/0x10 [ 144.194980] ret_from_fork+0x41/0x80 [ 144.195118] ? __pfx_kthread+0x10/0x10 [ 144.195359] ret_from_fork_asm+0x1a/0x30 [ 144.195518] </TASK> [ 144.195616] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 144.095346] WARNING: CPU: 1 PID: 2728 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 144.096226] Modules linked in: [ 144.096581] CPU: 1 UID: 0 PID: 2728 Comm: kunit_try_catch Tainted: G B D W N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 144.096991] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 144.097172] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 144.097438] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 144.097620] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 cb c9 1a 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 144.098139] RSP: 0000:ffff8881038d7c78 EFLAGS: 00010286 [ 144.098508] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 144.098788] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff94824b00 [ 144.099257] RBP: ffff8881038d7ca0 R08: 0000000000000000 R09: ffffed10205db700 [ 144.099476] R10: ffff888102edb807 R11: 0000000000000000 R12: ffffffff94824ae8 [ 144.100178] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881038d7d38 [ 144.101134] FS: 0000000000000000(0000) GS:ffff8881c4990000(0000) knlGS:0000000000000000 [ 144.101577] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.101758] CR2: 00007ffff7ffe000 CR3: 00000000720ba000 CR4: 00000000000006f0 [ 144.102357] DR0: ffffffff96833900 DR1: ffffffff96833901 DR2: ffffffff96833903 [ 144.103071] DR3: ffffffff96833905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 144.103362] Call Trace: [ 144.103628] <TASK> [ 144.103915] drm_test_rect_calc_hscale+0x108/0x270 [ 144.104247] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 144.104434] ? __schedule+0x10cc/0x2b60 [ 144.104756] ? __pfx_read_tsc+0x10/0x10 [ 144.105248] ? ktime_get_ts64+0x86/0x230 [ 144.105657] kunit_try_run_case+0x1a5/0x480 [ 144.106167] ? __pfx_kunit_try_run_case+0x10/0x10 [ 144.106451] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 144.106655] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 144.107316] ? __kthread_parkme+0x82/0x180 [ 144.107753] ? preempt_count_sub+0x50/0x80 [ 144.108134] ? __pfx_kunit_try_run_case+0x10/0x10 [ 144.108305] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 144.108482] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 144.108675] kthread+0x337/0x6f0 [ 144.108798] ? trace_preempt_on+0x20/0xc0 [ 144.109437] ? __pfx_kthread+0x10/0x10 [ 144.109850] ? _raw_spin_unlock_irq+0x47/0x80 [ 144.110354] ? calculate_sigpending+0x7b/0xa0 [ 144.110810] ? __pfx_kthread+0x10/0x10 [ 144.111260] ret_from_fork+0x41/0x80 [ 144.111673] ? __pfx_kthread+0x10/0x10 [ 144.112116] ret_from_fork_asm+0x1a/0x30 [ 144.112526] </TASK> [ 144.112624] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 144.115907] WARNING: CPU: 0 PID: 2730 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 144.116653] Modules linked in: [ 144.117173] CPU: 0 UID: 0 PID: 2730 Comm: kunit_try_catch Tainted: G B D W N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 144.117801] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 144.118109] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 144.119177] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 144.119823] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 cb c9 1a 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 144.121378] RSP: 0000:ffff88810337fc78 EFLAGS: 00010286 [ 144.121642] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 144.122417] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff94824b38 [ 144.123038] RBP: ffff88810337fca0 R08: 0000000000000000 R09: ffffed1020635460 [ 144.123645] R10: ffff8881031aa307 R11: 0000000000000000 R12: ffffffff94824b20 [ 144.123979] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810337fd38 [ 144.124588] FS: 0000000000000000(0000) GS:ffff8881c4890000(0000) knlGS:0000000000000000 [ 144.125117] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.125303] CR2: ffffffffffffffff CR3: 00000000720ba000 CR4: 00000000000006f0 [ 144.125514] DR0: ffffffff96833900 DR1: ffffffff96833901 DR2: ffffffff96833902 [ 144.125744] DR3: ffffffff96833903 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 144.126039] Call Trace: [ 144.126249] <TASK> [ 144.126394] drm_test_rect_calc_hscale+0x108/0x270 [ 144.126650] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 144.126841] ? __schedule+0x10cc/0x2b60 [ 144.127127] ? __pfx_read_tsc+0x10/0x10 [ 144.127341] ? ktime_get_ts64+0x86/0x230 [ 144.127551] kunit_try_run_case+0x1a5/0x480 [ 144.127712] ? __pfx_kunit_try_run_case+0x10/0x10 [ 144.127974] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 144.128407] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 144.128698] ? __kthread_parkme+0x82/0x180 [ 144.128943] ? preempt_count_sub+0x50/0x80 [ 144.129170] ? __pfx_kunit_try_run_case+0x10/0x10 [ 144.129369] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 144.129661] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 144.130029] kthread+0x337/0x6f0 [ 144.130190] ? trace_preempt_on+0x20/0xc0 [ 144.130355] ? __pfx_kthread+0x10/0x10 [ 144.130544] ? _raw_spin_unlock_irq+0x47/0x80 [ 144.130932] ? calculate_sigpending+0x7b/0xa0 [ 144.131096] ? __pfx_kthread+0x10/0x10 [ 144.131292] ret_from_fork+0x41/0x80 [ 144.131470] ? __pfx_kthread+0x10/0x10 [ 144.131653] ret_from_fork_asm+0x1a/0x30 [ 144.131891] </TASK> [ 144.131985] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 143.308053] WARNING: CPU: 1 PID: 2526 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 143.308443] Modules linked in: [ 143.308728] CPU: 1 UID: 0 PID: 2526 Comm: kunit_try_catch Tainted: G B D W N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 143.309193] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 143.309475] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 143.310070] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 143.310346] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 143.311335] RSP: 0000:ffff888102637b30 EFLAGS: 00010246 [ 143.311662] RAX: dffffc0000000000 RBX: ffff888102637c28 RCX: 0000000000000000 [ 143.312149] RDX: 1ffff110204c6f8e RSI: ffff888102637c28 RDI: ffff888102637c70 [ 143.312495] RBP: ffff888102637b70 R08: ffff888101196000 R09: ffffffff947cb600 [ 143.312785] R10: 0000000000000003 R11: 00000000c692e9f4 R12: ffff888101196000 [ 143.313228] R13: ffff88810031fae8 R14: ffff888102637ba8 R15: 0000000000000000 [ 143.313674] FS: 0000000000000000(0000) GS:ffff8881c4990000(0000) knlGS:0000000000000000 [ 143.314246] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.314610] CR2: 00007ffff7ffe000 CR3: 00000000720ba000 CR4: 00000000000006f0 [ 143.315188] DR0: ffffffff96833900 DR1: ffffffff96833901 DR2: ffffffff96833903 [ 143.315572] DR3: ffffffff96833905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 143.315861] Call Trace: [ 143.316152] <TASK> [ 143.316288] ? add_dr+0xc1/0x1d0 [ 143.316596] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 143.316809] ? add_dr+0x148/0x1d0 [ 143.317138] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 143.317514] ? __drmm_add_action+0x1a4/0x280 [ 143.317929] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 143.318430] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 143.319026] ? __drmm_add_action_or_reset+0x22/0x50 [ 143.319498] ? __schedule+0x10cc/0x2b60 [ 143.319657] ? __pfx_read_tsc+0x10/0x10 [ 143.319801] ? ktime_get_ts64+0x86/0x230 [ 143.320450] kunit_try_run_case+0x1a5/0x480 [ 143.321061] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.321541] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 143.322079] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 143.322328] ? __kthread_parkme+0x82/0x180 [ 143.322712] ? preempt_count_sub+0x50/0x80 [ 143.322967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.323415] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 143.324008] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 143.324558] kthread+0x337/0x6f0 [ 143.324793] ? trace_preempt_on+0x20/0xc0 [ 143.325239] ? __pfx_kthread+0x10/0x10 [ 143.325655] ? _raw_spin_unlock_irq+0x47/0x80 [ 143.325817] ? calculate_sigpending+0x7b/0xa0 [ 143.326308] ? __pfx_kthread+0x10/0x10 [ 143.326667] ret_from_fork+0x41/0x80 [ 143.327056] ? __pfx_kthread+0x10/0x10 [ 143.327255] ret_from_fork_asm+0x1a/0x30 [ 143.327409] </TASK> [ 143.327504] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 143.274318] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 143.274445] WARNING: CPU: 1 PID: 2522 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 143.275942] Modules linked in: [ 143.276371] CPU: 1 UID: 0 PID: 2522 Comm: kunit_try_catch Tainted: G B D W N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 143.277642] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 143.278246] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 143.279149] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 143.279454] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 1b 7f 84 00 48 c7 c1 00 66 7c 94 4c 89 fa 48 c7 c7 60 66 7c 94 48 89 c6 e8 62 72 81 fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 143.281055] RSP: 0000:ffff888102697b68 EFLAGS: 00010282 [ 143.281288] RAX: 0000000000000000 RBX: ffff888102697c40 RCX: 1ffffffff2aa4bd0 [ 143.281504] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 143.281715] RBP: ffff888102697b90 R08: 0000000000000000 R09: fffffbfff2aa4bd0 [ 143.282282] R10: 0000000000000003 R11: 0000000000037870 R12: ffff888102697c18 [ 143.282750] R13: ffff8881025b7000 R14: ffff888101194000 R15: ffff888102d43580 [ 143.283111] FS: 0000000000000000(0000) GS:ffff8881c4990000(0000) knlGS:0000000000000000 [ 143.283462] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.283705] CR2: 00007ffff7ffe000 CR3: 00000000720ba000 CR4: 00000000000006f0 [ 143.284091] DR0: ffffffff96833900 DR1: ffffffff96833901 DR2: ffffffff96833903 [ 143.284365] DR3: ffffffff96833905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 143.284804] Call Trace: [ 143.285062] <TASK> [ 143.285210] drm_test_framebuffer_free+0x1ab/0x610 [ 143.285438] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 143.285672] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 143.285923] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 143.286453] ? __drmm_add_action_or_reset+0x22/0x50 [ 143.286759] ? __schedule+0x10cc/0x2b60 [ 143.286933] ? __pfx_read_tsc+0x10/0x10 [ 143.287210] ? ktime_get_ts64+0x86/0x230 [ 143.287501] kunit_try_run_case+0x1a5/0x480 [ 143.287681] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.288154] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 143.288396] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 143.288675] ? __kthread_parkme+0x82/0x180 [ 143.288844] ? preempt_count_sub+0x50/0x80 [ 143.289181] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.289484] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 143.290039] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 143.290261] kthread+0x337/0x6f0 [ 143.290442] ? trace_preempt_on+0x20/0xc0 [ 143.290706] ? __pfx_kthread+0x10/0x10 [ 143.291074] ? _raw_spin_unlock_irq+0x47/0x80 [ 143.291311] ? calculate_sigpending+0x7b/0xa0 [ 143.291506] ? __pfx_kthread+0x10/0x10 [ 143.291804] ret_from_fork+0x41/0x80 [ 143.292135] ? __pfx_kthread+0x10/0x10 [ 143.292301] ret_from_fork_asm+0x1a/0x30 [ 143.292590] </TASK> [ 143.292722] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 141.963278] WARNING: CPU: 0 PID: 1960 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 141.963766] Modules linked in: [ 141.964040] CPU: 0 UID: 0 PID: 1960 Comm: kunit_try_catch Tainted: G B D W N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 141.964480] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.964753] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.965200] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 141.965454] Code: 49 8d 7c 24 58 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 58 00 75 1b 5b 41 5c 5d e9 42 08 22 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 d8 [ 141.966237] RSP: 0000:ffff888100d77c90 EFLAGS: 00010246 [ 141.966556] RAX: dffffc0000000000 RBX: ffff8881059d0000 RCX: 0000000000000000 [ 141.966897] RDX: 1ffff11020b3a032 RSI: ffffffff919f8598 RDI: ffff8881059d0190 [ 141.967197] RBP: ffff888100d77ca0 R08: 1ffff11020063f69 R09: ffffed10201aef65 [ 141.967469] R10: 0000000000000003 R11: ffffffff90f82e58 R12: 0000000000000000 [ 141.967766] R13: ffff888100d77d38 R14: ffff88810031fc50 R15: ffff88810031fc58 [ 141.968154] FS: 0000000000000000(0000) GS:ffff8881c4890000(0000) knlGS:0000000000000000 [ 141.968556] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.968974] CR2: ffffffffffffffff CR3: 00000000720ba000 CR4: 00000000000006f0 [ 141.969247] DR0: ffffffff96833900 DR1: ffffffff96833901 DR2: ffffffff96833902 [ 141.969520] DR3: ffffffff96833903 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.969891] Call Trace: [ 141.970098] <TASK> [ 141.970201] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 141.970552] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 141.970905] ? __schedule+0x10cc/0x2b60 [ 141.971099] ? __pfx_read_tsc+0x10/0x10 [ 141.971345] ? ktime_get_ts64+0x86/0x230 [ 141.971592] kunit_try_run_case+0x1a5/0x480 [ 141.971776] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.972052] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.972305] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.972569] ? __kthread_parkme+0x82/0x180 [ 141.972817] ? preempt_count_sub+0x50/0x80 [ 141.973033] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.973268] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.973646] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.973983] kthread+0x337/0x6f0 [ 141.974170] ? trace_preempt_on+0x20/0xc0 [ 141.974341] ? __pfx_kthread+0x10/0x10 [ 141.974525] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.974693] ? calculate_sigpending+0x7b/0xa0 [ 141.974985] ? __pfx_kthread+0x10/0x10 [ 141.975371] ret_from_fork+0x41/0x80 [ 141.975588] ? __pfx_kthread+0x10/0x10 [ 141.975729] ret_from_fork_asm+0x1a/0x30 [ 141.976085] </TASK> [ 141.976223] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 141.883777] WARNING: CPU: 0 PID: 1952 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 141.884761] Modules linked in: [ 141.885195] CPU: 0 UID: 0 PID: 1952 Comm: kunit_try_catch Tainted: G B D W N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 141.886179] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.886362] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.886629] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 141.887174] Code: 49 8d 7c 24 58 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 58 00 75 1b 5b 41 5c 5d e9 42 08 22 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 d8 [ 141.888390] RSP: 0000:ffff88810551fc90 EFLAGS: 00010246 [ 141.889103] RAX: dffffc0000000000 RBX: ffff888106ac6000 RCX: 0000000000000000 [ 141.889503] RDX: 1ffff11020d58c32 RSI: ffffffff919f8598 RDI: ffff888106ac6190 [ 141.890129] RBP: ffff88810551fca0 R08: 1ffff11020063f69 R09: ffffed1020aa3f65 [ 141.890537] R10: 0000000000000003 R11: ffffffff904049aa R12: 0000000000000000 [ 141.890818] R13: ffff88810551fd38 R14: ffff88810031fc50 R15: ffff88810031fc58 [ 141.891334] FS: 0000000000000000(0000) GS:ffff8881c4890000(0000) knlGS:0000000000000000 [ 141.892079] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.892486] CR2: ffffffffffffffff CR3: 00000000720ba000 CR4: 00000000000006f0 [ 141.893214] DR0: ffffffff96833900 DR1: ffffffff96833901 DR2: ffffffff96833902 [ 141.893619] DR3: ffffffff96833903 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.894129] Call Trace: [ 141.894266] <TASK> [ 141.894394] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 141.895076] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 141.895696] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 141.896292] kunit_try_run_case+0x1a5/0x480 [ 141.896511] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.896714] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.897222] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.897465] ? __kthread_parkme+0x82/0x180 [ 141.898024] ? preempt_count_sub+0x50/0x80 [ 141.898438] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.898795] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.899233] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.899493] kthread+0x337/0x6f0 [ 141.899651] ? trace_preempt_on+0x20/0xc0 [ 141.899870] ? __pfx_kthread+0x10/0x10 [ 141.900044] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.900236] ? calculate_sigpending+0x7b/0xa0 [ 141.900426] ? __pfx_kthread+0x10/0x10 [ 141.900727] ret_from_fork+0x41/0x80 [ 141.901325] ? __pfx_kthread+0x10/0x10 [ 141.901543] ret_from_fork_asm+0x1a/0x30 [ 141.902103] </TASK> [ 141.902382] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 110.861882] WARNING: CPU: 1 PID: 676 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 110.862716] Modules linked in: [ 110.863157] CPU: 1 UID: 0 PID: 676 Comm: kunit_try_catch Tainted: G B D W N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 110.864301] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 110.864756] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 110.865650] RIP: 0010:intlog10+0x2a/0x40 [ 110.865945] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 110.867035] RSP: 0000:ffff8881077efcb0 EFLAGS: 00010246 [ 110.867591] RAX: 0000000000000000 RBX: ffff88810031fae8 RCX: 1ffff11020efdfb4 [ 110.868222] RDX: 1ffffffff28d26e8 RSI: 1ffff11020efdfb3 RDI: 0000000000000000 [ 110.868434] RBP: ffff8881077efd60 R08: 0000000000000000 R09: ffffed10201406a0 [ 110.868925] R10: ffff888100a03507 R11: 0000000000000000 R12: 1ffff11020efdf97 [ 110.869667] R13: ffffffff94693740 R14: 0000000000000000 R15: ffff8881077efd38 [ 110.870485] FS: 0000000000000000(0000) GS:ffff8881c4990000(0000) knlGS:0000000000000000 [ 110.871451] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.871732] CR2: ffff88815a8ff009 CR3: 00000000720ba000 CR4: 00000000000006f0 [ 110.872240] DR0: ffffffff96833900 DR1: ffffffff96833901 DR2: ffffffff96833903 [ 110.872456] DR3: ffffffff96833905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 110.873109] Call Trace: [ 110.873372] <TASK> [ 110.873644] ? intlog10_test+0xf2/0x220 [ 110.874120] ? __pfx_intlog10_test+0x10/0x10 [ 110.874511] ? __schedule+0x10cc/0x2b60 [ 110.874657] ? __pfx_read_tsc+0x10/0x10 [ 110.874797] ? ktime_get_ts64+0x86/0x230 [ 110.875077] kunit_try_run_case+0x1a5/0x480 [ 110.875513] ? __pfx_kunit_try_run_case+0x10/0x10 [ 110.876093] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 110.876537] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 110.877146] ? __kthread_parkme+0x82/0x180 [ 110.877576] ? preempt_count_sub+0x50/0x80 [ 110.877972] ? __pfx_kunit_try_run_case+0x10/0x10 [ 110.878258] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 110.878752] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 110.879448] kthread+0x337/0x6f0 [ 110.879786] ? trace_preempt_on+0x20/0xc0 [ 110.880197] ? __pfx_kthread+0x10/0x10 [ 110.880342] ? _raw_spin_unlock_irq+0x47/0x80 [ 110.880499] ? calculate_sigpending+0x7b/0xa0 [ 110.880653] ? __pfx_kthread+0x10/0x10 [ 110.880791] ret_from_fork+0x41/0x80 [ 110.881206] ? __pfx_kthread+0x10/0x10 [ 110.881587] ret_from_fork_asm+0x1a/0x30 [ 110.882085] </TASK> [ 110.882456] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 110.822854] WARNING: CPU: 1 PID: 658 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 110.823308] Modules linked in: [ 110.823579] CPU: 1 UID: 0 PID: 658 Comm: kunit_try_catch Tainted: G B D N 6.15.6-rc1 #1 PREEMPT(voluntary) [ 110.824402] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 110.824684] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 110.825129] RIP: 0010:intlog2+0xdf/0x110 [ 110.825335] Code: 69 94 c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d e9 12 5c 81 02 90 <0f> 0b 90 31 c0 e9 07 5c 81 02 89 45 e4 e8 af 8e 56 ff 8b 45 e4 eb [ 110.826085] RSP: 0000:ffff888103a0fcb0 EFLAGS: 00010246 [ 110.826340] RAX: 0000000000000000 RBX: ffff88810031fae8 RCX: 1ffff11020741fb4 [ 110.826616] RDX: 1ffffffff28d273c RSI: 1ffff11020741fb3 RDI: 0000000000000000 [ 110.826957] RBP: ffff888103a0fd60 R08: 0000000000000000 R09: ffffed102014ab60 [ 110.827331] R10: ffff888100a55b07 R11: 0000000000000000 R12: 1ffff11020741f97 [ 110.827685] R13: ffffffff946939e0 R14: 0000000000000000 R15: ffff888103a0fd38 [ 110.828053] FS: 0000000000000000(0000) GS:ffff8881c4990000(0000) knlGS:0000000000000000 [ 110.828368] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.828756] CR2: ffff88815a8ff009 CR3: 00000000720ba000 CR4: 00000000000006f0 [ 110.829123] DR0: ffffffff96833900 DR1: ffffffff96833901 DR2: ffffffff96833903 [ 110.829488] DR3: ffffffff96833905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 110.829800] Call Trace: [ 110.830129] <TASK> [ 110.830262] ? intlog2_test+0xf2/0x220 [ 110.830465] ? __pfx_intlog2_test+0x10/0x10 [ 110.830721] ? __schedule+0x10cc/0x2b60 [ 110.830970] ? __pfx_read_tsc+0x10/0x10 [ 110.831276] ? ktime_get_ts64+0x86/0x230 [ 110.831432] kunit_try_run_case+0x1a5/0x480 [ 110.831682] ? __pfx_kunit_try_run_case+0x10/0x10 [ 110.831971] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 110.832187] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 110.832420] ? __kthread_parkme+0x82/0x180 [ 110.832695] ? preempt_count_sub+0x50/0x80 [ 110.833006] ? __pfx_kunit_try_run_case+0x10/0x10 [ 110.833177] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 110.833467] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 110.833709] kthread+0x337/0x6f0 [ 110.833936] ? trace_preempt_on+0x20/0xc0 [ 110.834094] ? __pfx_kthread+0x10/0x10 [ 110.834231] ? _raw_spin_unlock_irq+0x47/0x80 [ 110.834385] ? calculate_sigpending+0x7b/0xa0 [ 110.834570] ? __pfx_kthread+0x10/0x10 [ 110.834710] ret_from_fork+0x41/0x80 [ 110.834956] ? __pfx_kthread+0x10/0x10 [ 110.835119] ret_from_fork_asm+0x1a/0x30 [ 110.835318] </TASK> [ 110.835458] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
KNOWN ISSUE - qemu-x86_64: Oops: general protection fault, probably for non-canonical address - KASAN: null-ptr-deref - kunit_test_null_dereference
[ 110.196380] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI