Hay
Date
July 15, 2025, 2:09 p.m.

Environment
qemu-arm64
qemu-x86_64

[   21.152197] ==================================================================
[   21.152663] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec8
[   21.152964] Write of size 121 at addr fff00000c59cb700 by task kunit_try_catch/287
[   21.153166] 
[   21.153250] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G    B            N  6.15.7-rc1 #1 PREEMPT 
[   21.153511] Tainted: [B]=BAD_PAGE, [N]=TEST
[   21.153758] Hardware name: linux,dummy-virt (DT)
[   21.153814] Call trace:
[   21.153994]  show_stack+0x20/0x38 (C)
[   21.154148]  dump_stack_lvl+0x8c/0xd0
[   21.154340]  print_report+0x118/0x5d0
[   21.154712]  kasan_report+0xdc/0x128
[   21.154876]  kasan_check_range+0x100/0x1a8
[   21.154944]  __kasan_check_write+0x20/0x30
[   21.154993]  copy_user_test_oob+0x434/0xec8
[   21.155051]  kunit_try_run_case+0x170/0x3f0
[   21.155101]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.155158]  kthread+0x328/0x630
[   21.155225]  ret_from_fork+0x10/0x20
[   21.155277] 
[   21.155298] Allocated by task 287:
[   21.155344]  kasan_save_stack+0x3c/0x68
[   21.155386]  kasan_save_track+0x20/0x40
[   21.155438]  kasan_save_alloc_info+0x40/0x58
[   21.155480]  __kasan_kmalloc+0xd4/0xd8
[   21.155528]  __kmalloc_noprof+0x198/0x4c8
[   21.155582]  kunit_kmalloc_array+0x34/0x88
[   21.155624]  copy_user_test_oob+0xac/0xec8
[   21.155661]  kunit_try_run_case+0x170/0x3f0
[   21.155710]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.155758]  kthread+0x328/0x630
[   21.155795]  ret_from_fork+0x10/0x20
[   21.155832] 
[   21.155864] The buggy address belongs to the object at fff00000c59cb700
[   21.155864]  which belongs to the cache kmalloc-128 of size 128
[   21.155927] The buggy address is located 0 bytes inside of
[   21.155927]  allocated 120-byte region [fff00000c59cb700, fff00000c59cb778)
[   21.156005] 
[   21.156048] The buggy address belongs to the physical page:
[   21.156090] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059cb
[   21.156156] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   21.156222] page_type: f5(slab)
[   21.156262] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   21.156316] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   21.156371] page dumped because: kasan: bad access detected
[   21.156416] 
[   21.156437] Memory state around the buggy address:
[   21.156471]  fff00000c59cb600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   21.156518]  fff00000c59cb680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.156565] >fff00000c59cb700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[   21.156607]                                                                 ^
[   21.156659]  fff00000c59cb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.156706]  fff00000c59cb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.156750] ==================================================================
[   21.157958] ==================================================================
[   21.158013] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec8
[   21.158241] Read of size 121 at addr fff00000c59cb700 by task kunit_try_catch/287
[   21.158318] 
[   21.158349] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G    B            N  6.15.7-rc1 #1 PREEMPT 
[   21.158435] Tainted: [B]=BAD_PAGE, [N]=TEST
[   21.158463] Hardware name: linux,dummy-virt (DT)
[   21.158494] Call trace:
[   21.158733]  show_stack+0x20/0x38 (C)
[   21.158802]  dump_stack_lvl+0x8c/0xd0
[   21.159270]  print_report+0x118/0x5d0
[   21.159323]  kasan_report+0xdc/0x128
[   21.159490]  kasan_check_range+0x100/0x1a8
[   21.159835]  __kasan_check_read+0x20/0x30
[   21.159918]  copy_user_test_oob+0x4a0/0xec8
[   21.160049]  kunit_try_run_case+0x170/0x3f0
[   21.160102]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.160166]  kthread+0x328/0x630
[   21.160230]  ret_from_fork+0x10/0x20
[   21.160283] 
[   21.160304] Allocated by task 287:
[   21.160332]  kasan_save_stack+0x3c/0x68
[   21.160376]  kasan_save_track+0x20/0x40
[   21.160413]  kasan_save_alloc_info+0x40/0x58
[   21.160456]  __kasan_kmalloc+0xd4/0xd8
[   21.160494]  __kmalloc_noprof+0x198/0x4c8
[   21.160530]  kunit_kmalloc_array+0x34/0x88
[   21.161241]  copy_user_test_oob+0xac/0xec8
[   21.161305]  kunit_try_run_case+0x170/0x3f0
[   21.161699]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.162029]  kthread+0x328/0x630
[   21.162181]  ret_from_fork+0x10/0x20
[   21.162280] 
[   21.162303] The buggy address belongs to the object at fff00000c59cb700
[   21.162303]  which belongs to the cache kmalloc-128 of size 128
[   21.162375] The buggy address is located 0 bytes inside of
[   21.162375]  allocated 120-byte region [fff00000c59cb700, fff00000c59cb778)
[   21.162794] 
[   21.162843] The buggy address belongs to the physical page:
[   21.163043] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059cb
[   21.163174] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   21.163362] page_type: f5(slab)
[   21.163451] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   21.163631] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   21.163681] page dumped because: kasan: bad access detected
[   21.163875] 
[   21.164121] Memory state around the buggy address:
[   21.164193]  fff00000c59cb600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   21.164522]  fff00000c59cb680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.164816] >fff00000c59cb700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[   21.165185]                                                                 ^
[   21.165519]  fff00000c59cb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.165754]  fff00000c59cb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.165984] ==================================================================
[   21.102335] ==================================================================
[   21.103029] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec8
[   21.103427] Write of size 121 at addr fff00000c59cb700 by task kunit_try_catch/287
[   21.103493] 
[   21.103836] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G    B            N  6.15.7-rc1 #1 PREEMPT 
[   21.104013] Tainted: [B]=BAD_PAGE, [N]=TEST
[   21.104058] Hardware name: linux,dummy-virt (DT)
[   21.104093] Call trace:
[   21.104458]  show_stack+0x20/0x38 (C)
[   21.104771]  dump_stack_lvl+0x8c/0xd0
[   21.104950]  print_report+0x118/0x5d0
[   21.105331]  kasan_report+0xdc/0x128
[   21.105413]  kasan_check_range+0x100/0x1a8
[   21.105543]  __kasan_check_write+0x20/0x30
[   21.105687]  copy_user_test_oob+0x234/0xec8
[   21.105764]  kunit_try_run_case+0x170/0x3f0
[   21.105831]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.105889]  kthread+0x328/0x630
[   21.106283]  ret_from_fork+0x10/0x20
[   21.106395] 
[   21.106719] Allocated by task 287:
[   21.106797]  kasan_save_stack+0x3c/0x68
[   21.107223]  kasan_save_track+0x20/0x40
[   21.107414]  kasan_save_alloc_info+0x40/0x58
[   21.107491]  __kasan_kmalloc+0xd4/0xd8
[   21.107531]  __kmalloc_noprof+0x198/0x4c8
[   21.107573]  kunit_kmalloc_array+0x34/0x88
[   21.107626]  copy_user_test_oob+0xac/0xec8
[   21.107670]  kunit_try_run_case+0x170/0x3f0
[   21.107713]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.107767]  kthread+0x328/0x630
[   21.107822]  ret_from_fork+0x10/0x20
[   21.107867] 
[   21.107890] The buggy address belongs to the object at fff00000c59cb700
[   21.107890]  which belongs to the cache kmalloc-128 of size 128
[   21.107964] The buggy address is located 0 bytes inside of
[   21.107964]  allocated 120-byte region [fff00000c59cb700, fff00000c59cb778)
[   21.108039] 
[   21.108073] The buggy address belongs to the physical page:
[   21.108131] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059cb
[   21.108229] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   21.108286] page_type: f5(slab)
[   21.108351] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   21.108411] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   21.108456] page dumped because: kasan: bad access detected
[   21.108490] 
[   21.108518] Memory state around the buggy address:
[   21.108569]  fff00000c59cb600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   21.108621]  fff00000c59cb680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.108668] >fff00000c59cb700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[   21.108710]                                                                 ^
[   21.108753]  fff00000c59cb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.108804]  fff00000c59cb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.108857] ==================================================================
[   21.134625] ==================================================================
[   21.134690] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec8
[   21.135015] Write of size 121 at addr fff00000c59cb700 by task kunit_try_catch/287
[   21.135403] 
[   21.135482] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G    B            N  6.15.7-rc1 #1 PREEMPT 
[   21.135670] Tainted: [B]=BAD_PAGE, [N]=TEST
[   21.135701] Hardware name: linux,dummy-virt (DT)
[   21.135736] Call trace:
[   21.135762]  show_stack+0x20/0x38 (C)
[   21.135886]  dump_stack_lvl+0x8c/0xd0
[   21.135937]  print_report+0x118/0x5d0
[   21.135983]  kasan_report+0xdc/0x128
[   21.136030]  kasan_check_range+0x100/0x1a8
[   21.136077]  __kasan_check_write+0x20/0x30
[   21.136137]  copy_user_test_oob+0x35c/0xec8
[   21.136186]  kunit_try_run_case+0x170/0x3f0
[   21.136261]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.136319]  kthread+0x328/0x630
[   21.136365]  ret_from_fork+0x10/0x20
[   21.136412] 
[   21.136442] Allocated by task 287:
[   21.136472]  kasan_save_stack+0x3c/0x68
[   21.136525]  kasan_save_track+0x20/0x40
[   21.136563]  kasan_save_alloc_info+0x40/0x58
[   21.136604]  __kasan_kmalloc+0xd4/0xd8
[   21.136640]  __kmalloc_noprof+0x198/0x4c8
[   21.136678]  kunit_kmalloc_array+0x34/0x88
[   21.136725]  copy_user_test_oob+0xac/0xec8
[   21.136764]  kunit_try_run_case+0x170/0x3f0
[   21.136805]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.136859]  kthread+0x328/0x630
[   21.136898]  ret_from_fork+0x10/0x20
[   21.136935] 
[   21.136957] The buggy address belongs to the object at fff00000c59cb700
[   21.136957]  which belongs to the cache kmalloc-128 of size 128
[   21.137024] The buggy address is located 0 bytes inside of
[   21.137024]  allocated 120-byte region [fff00000c59cb700, fff00000c59cb778)
[   21.137099] 
[   21.137130] The buggy address belongs to the physical page:
[   21.137167] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059cb
[   21.137240] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   21.137291] page_type: f5(slab)
[   21.137329] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   21.137921] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   21.138439] page dumped because: kasan: bad access detected
[   21.138737] 
[   21.139022] Memory state around the buggy address:
[   21.139509]  fff00000c59cb600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   21.139695]  fff00000c59cb680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.139779] >fff00000c59cb700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[   21.139989]                                                                 ^
[   21.140149]  fff00000c59cb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.140216]  fff00000c59cb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.140889] ==================================================================
[   21.115694] ==================================================================
[   21.115756] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec8
[   21.115835] Read of size 121 at addr fff00000c59cb700 by task kunit_try_catch/287
[   21.115898] 
[   21.115933] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G    B            N  6.15.7-rc1 #1 PREEMPT 
[   21.116369] Tainted: [B]=BAD_PAGE, [N]=TEST
[   21.116421] Hardware name: linux,dummy-virt (DT)
[   21.116459] Call trace:
[   21.116485]  show_stack+0x20/0x38 (C)
[   21.116596]  dump_stack_lvl+0x8c/0xd0
[   21.116651]  print_report+0x118/0x5d0
[   21.116697]  kasan_report+0xdc/0x128
[   21.116795]  kasan_check_range+0x100/0x1a8
[   21.116849]  __kasan_check_read+0x20/0x30
[   21.116906]  copy_user_test_oob+0x728/0xec8
[   21.116972]  kunit_try_run_case+0x170/0x3f0
[   21.117025]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.117082]  kthread+0x328/0x630
[   21.117127]  ret_from_fork+0x10/0x20
[   21.117542] 
[   21.117596] Allocated by task 287:
[   21.117703]  kasan_save_stack+0x3c/0x68
[   21.117793]  kasan_save_track+0x20/0x40
[   21.118154]  kasan_save_alloc_info+0x40/0x58
[   21.118314]  __kasan_kmalloc+0xd4/0xd8
[   21.118474]  __kmalloc_noprof+0x198/0x4c8
[   21.118561]  kunit_kmalloc_array+0x34/0x88
[   21.118602]  copy_user_test_oob+0xac/0xec8
[   21.118674]  kunit_try_run_case+0x170/0x3f0
[   21.118977]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.119176]  kthread+0x328/0x630
[   21.119343]  ret_from_fork+0x10/0x20
[   21.119432] 
[   21.119490] The buggy address belongs to the object at fff00000c59cb700
[   21.119490]  which belongs to the cache kmalloc-128 of size 128
[   21.119722] The buggy address is located 0 bytes inside of
[   21.119722]  allocated 120-byte region [fff00000c59cb700, fff00000c59cb778)
[   21.119993] 
[   21.120064] The buggy address belongs to the physical page:
[   21.120232] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059cb
[   21.120346] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   21.120403] page_type: f5(slab)
[   21.120952] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   21.121182] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   21.121288] page dumped because: kasan: bad access detected
[   21.121428] 
[   21.121480] Memory state around the buggy address:
[   21.121554]  fff00000c59cb600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   21.121604]  fff00000c59cb680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.121651] >fff00000c59cb700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[   21.121693]                                                                 ^
[   21.121739]  fff00000c59cb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.122413]  fff00000c59cb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.122519] ==================================================================
[   21.142005] ==================================================================
[   21.142421] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec8
[   21.142490] Read of size 121 at addr fff00000c59cb700 by task kunit_try_catch/287
[   21.142546] 
[   21.142579] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G    B            N  6.15.7-rc1 #1 PREEMPT 
[   21.143232] Tainted: [B]=BAD_PAGE, [N]=TEST
[   21.143287] Hardware name: linux,dummy-virt (DT)
[   21.143323] Call trace:
[   21.143347]  show_stack+0x20/0x38 (C)
[   21.143400]  dump_stack_lvl+0x8c/0xd0
[   21.143991]  print_report+0x118/0x5d0
[   21.144064]  kasan_report+0xdc/0x128
[   21.144286]  kasan_check_range+0x100/0x1a8
[   21.144350]  __kasan_check_read+0x20/0x30
[   21.144402]  copy_user_test_oob+0x3c8/0xec8
[   21.144674]  kunit_try_run_case+0x170/0x3f0
[   21.144904]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.145073]  kthread+0x328/0x630
[   21.145184]  ret_from_fork+0x10/0x20
[   21.145252] 
[   21.145273] Allocated by task 287:
[   21.145308]  kasan_save_stack+0x3c/0x68
[   21.145688]  kasan_save_track+0x20/0x40
[   21.145988]  kasan_save_alloc_info+0x40/0x58
[   21.146185]  __kasan_kmalloc+0xd4/0xd8
[   21.146374]  __kmalloc_noprof+0x198/0x4c8
[   21.146455]  kunit_kmalloc_array+0x34/0x88
[   21.146544]  copy_user_test_oob+0xac/0xec8
[   21.146586]  kunit_try_run_case+0x170/0x3f0
[   21.146991]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.147312]  kthread+0x328/0x630
[   21.147394]  ret_from_fork+0x10/0x20
[   21.147504] 
[   21.147674] The buggy address belongs to the object at fff00000c59cb700
[   21.147674]  which belongs to the cache kmalloc-128 of size 128
[   21.147897] The buggy address is located 0 bytes inside of
[   21.147897]  allocated 120-byte region [fff00000c59cb700, fff00000c59cb778)
[   21.148174] 
[   21.148225] The buggy address belongs to the physical page:
[   21.148318] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059cb
[   21.148497] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   21.148894] page_type: f5(slab)
[   21.148952] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   21.149050] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   21.149129] page dumped because: kasan: bad access detected
[   21.149165] 
[   21.149234] Memory state around the buggy address:
[   21.149809]  fff00000c59cb600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   21.149871]  fff00000c59cb680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.149917] >fff00000c59cb700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[   21.149960]                                                                 ^
[   21.150342]  fff00000c59cb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.150423]  fff00000c59cb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.150486] ==================================================================

[   14.902783] ==================================================================
[   14.903140] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0
[   14.903422] Read of size 121 at addr ffff888103a34500 by task kunit_try_catch/304
[   14.903644] 
[   14.903772] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G    B            N  6.15.7-rc1 #1 PREEMPT(voluntary) 
[   14.903813] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.903825] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.903844] Call Trace:
[   14.903858]  <TASK>
[   14.903872]  dump_stack_lvl+0x73/0xb0
[   14.903907]  print_report+0xd1/0x610
[   14.903929]  ? __virt_addr_valid+0x1db/0x2d0
[   14.903952]  ? copy_user_test_oob+0x4aa/0x10f0
[   14.903972]  ? kasan_complete_mode_report_info+0x2a/0x200
[   14.903995]  ? copy_user_test_oob+0x4aa/0x10f0
[   14.904017]  kasan_report+0x141/0x180
[   14.904039]  ? copy_user_test_oob+0x4aa/0x10f0
[   14.904064]  kasan_check_range+0x10c/0x1c0
[   14.904084]  __kasan_check_read+0x15/0x20
[   14.904104]  copy_user_test_oob+0x4aa/0x10f0
[   14.904127]  ? __pfx_copy_user_test_oob+0x10/0x10
[   14.904147]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   14.904172]  ? __pfx_copy_user_test_oob+0x10/0x10
[   14.904198]  kunit_try_run_case+0x1a5/0x480
[   14.904219]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.904237]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   14.904262]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   14.904286]  ? __kthread_parkme+0x82/0x180
[   14.904307]  ? preempt_count_sub+0x50/0x80
[   14.904332]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.904352]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.904376]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.904401]  kthread+0x337/0x6f0
[   14.904417]  ? trace_preempt_on+0x20/0xc0
[   14.904441]  ? __pfx_kthread+0x10/0x10
[   14.904459]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.904481]  ? calculate_sigpending+0x7b/0xa0
[   14.904502]  ? __pfx_kthread+0x10/0x10
[   14.904521]  ret_from_fork+0x41/0x80
[   14.904542]  ? __pfx_kthread+0x10/0x10
[   14.904560]  ret_from_fork_asm+0x1a/0x30
[   14.904591]  </TASK>
[   14.904602] 
[   14.911437] Allocated by task 304:
[   14.911632]  kasan_save_stack+0x45/0x70
[   14.911846]  kasan_save_track+0x18/0x40
[   14.912070]  kasan_save_alloc_info+0x3b/0x50
[   14.912304]  __kasan_kmalloc+0xb7/0xc0
[   14.912504]  __kmalloc_noprof+0x1c9/0x500
[   14.912706]  kunit_kmalloc_array+0x25/0x60
[   14.912937]  copy_user_test_oob+0xab/0x10f0
[   14.913156]  kunit_try_run_case+0x1a5/0x480
[   14.913372]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.913539]  kthread+0x337/0x6f0
[   14.913685]  ret_from_fork+0x41/0x80
[   14.913930]  ret_from_fork_asm+0x1a/0x30
[   14.914130] 
[   14.914241] The buggy address belongs to the object at ffff888103a34500
[   14.914241]  which belongs to the cache kmalloc-128 of size 128
[   14.914757] The buggy address is located 0 bytes inside of
[   14.914757]  allocated 120-byte region [ffff888103a34500, ffff888103a34578)
[   14.915307] 
[   14.915402] The buggy address belongs to the physical page:
[   14.915615] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a34
[   14.915868] flags: 0x200000000000000(node=0|zone=2)
[   14.916128] page_type: f5(slab)
[   14.916293] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   14.916651] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   14.917065] page dumped because: kasan: bad access detected
[   14.917277] 
[   14.917348] Memory state around the buggy address:
[   14.917563]  ffff888103a34400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   14.917873]  ffff888103a34480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.918202] >ffff888103a34500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[   14.918506]                                                                 ^
[   14.918739]  ffff888103a34580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.918955]  ffff888103a34600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.919159] ==================================================================
[   14.886081] ==================================================================
[   14.886401] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0
[   14.886712] Write of size 121 at addr ffff888103a34500 by task kunit_try_catch/304
[   14.887077] 
[   14.887186] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G    B            N  6.15.7-rc1 #1 PREEMPT(voluntary) 
[   14.887231] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.887244] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.887265] Call Trace:
[   14.887277]  <TASK>
[   14.887292]  dump_stack_lvl+0x73/0xb0
[   14.887317]  print_report+0xd1/0x610
[   14.887341]  ? __virt_addr_valid+0x1db/0x2d0
[   14.887362]  ? copy_user_test_oob+0x3fd/0x10f0
[   14.887382]  ? kasan_complete_mode_report_info+0x2a/0x200
[   14.887405]  ? copy_user_test_oob+0x3fd/0x10f0
[   14.887426]  kasan_report+0x141/0x180
[   14.887449]  ? copy_user_test_oob+0x3fd/0x10f0
[   14.887475]  kasan_check_range+0x10c/0x1c0
[   14.887495]  __kasan_check_write+0x18/0x20
[   14.887515]  copy_user_test_oob+0x3fd/0x10f0
[   14.887537]  ? __pfx_copy_user_test_oob+0x10/0x10
[   14.887557]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   14.887584]  ? __pfx_copy_user_test_oob+0x10/0x10
[   14.887608]  kunit_try_run_case+0x1a5/0x480
[   14.887631]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.887650]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   14.887675]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   14.887699]  ? __kthread_parkme+0x82/0x180
[   14.887721]  ? preempt_count_sub+0x50/0x80
[   14.887746]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.887767]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.887791]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.887814]  kthread+0x337/0x6f0
[   14.887832]  ? trace_preempt_on+0x20/0xc0
[   14.887855]  ? __pfx_kthread+0x10/0x10
[   14.887873]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.887906]  ? calculate_sigpending+0x7b/0xa0
[   14.887927]  ? __pfx_kthread+0x10/0x10
[   14.887946]  ret_from_fork+0x41/0x80
[   14.887967]  ? __pfx_kthread+0x10/0x10
[   14.887985]  ret_from_fork_asm+0x1a/0x30
[   14.888016]  </TASK>
[   14.888026] 
[   14.894701] Allocated by task 304:
[   14.894828]  kasan_save_stack+0x45/0x70
[   14.894983]  kasan_save_track+0x18/0x40
[   14.895162]  kasan_save_alloc_info+0x3b/0x50
[   14.895368]  __kasan_kmalloc+0xb7/0xc0
[   14.895559]  __kmalloc_noprof+0x1c9/0x500
[   14.895734]  kunit_kmalloc_array+0x25/0x60
[   14.895889]  copy_user_test_oob+0xab/0x10f0
[   14.896031]  kunit_try_run_case+0x1a5/0x480
[   14.896171]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.896648]  kthread+0x337/0x6f0
[   14.896825]  ret_from_fork+0x41/0x80
[   14.897020]  ret_from_fork_asm+0x1a/0x30
[   14.897221] 
[   14.897316] The buggy address belongs to the object at ffff888103a34500
[   14.897316]  which belongs to the cache kmalloc-128 of size 128
[   14.897785] The buggy address is located 0 bytes inside of
[   14.897785]  allocated 120-byte region [ffff888103a34500, ffff888103a34578)
[   14.898248] 
[   14.898337] The buggy address belongs to the physical page:
[   14.898541] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a34
[   14.898781] flags: 0x200000000000000(node=0|zone=2)
[   14.898952] page_type: f5(slab)
[   14.899081] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   14.899588] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   14.899936] page dumped because: kasan: bad access detected
[   14.900187] 
[   14.900281] Memory state around the buggy address:
[   14.900434]  ffff888103a34400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   14.900648]  ffff888103a34480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.901098] >ffff888103a34500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[   14.901420]                                                                 ^
[   14.901744]  ffff888103a34580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.901979]  ffff888103a34600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.902190] ==================================================================
[   14.919609] ==================================================================
[   14.920305] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0
[   14.921504] Write of size 121 at addr ffff888103a34500 by task kunit_try_catch/304
[   14.921747] 
[   14.921836] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G    B            N  6.15.7-rc1 #1 PREEMPT(voluntary) 
[   14.921893] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.921905] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.921926] Call Trace:
[   14.921938]  <TASK>
[   14.921952]  dump_stack_lvl+0x73/0xb0
[   14.921978]  print_report+0xd1/0x610
[   14.922001]  ? __virt_addr_valid+0x1db/0x2d0
[   14.922024]  ? copy_user_test_oob+0x557/0x10f0
[   14.922043]  ? kasan_complete_mode_report_info+0x2a/0x200
[   14.922066]  ? copy_user_test_oob+0x557/0x10f0
[   14.922087]  kasan_report+0x141/0x180
[   14.922110]  ? copy_user_test_oob+0x557/0x10f0
[   14.922136]  kasan_check_range+0x10c/0x1c0
[   14.922156]  __kasan_check_write+0x18/0x20
[   14.922176]  copy_user_test_oob+0x557/0x10f0
[   14.922198]  ? __pfx_copy_user_test_oob+0x10/0x10
[   14.922218]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   14.922247]  ? __pfx_copy_user_test_oob+0x10/0x10
[   14.922272]  kunit_try_run_case+0x1a5/0x480
[   14.922293]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.922311]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   14.922335]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   14.922360]  ? __kthread_parkme+0x82/0x180
[   14.922382]  ? preempt_count_sub+0x50/0x80
[   14.922407]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.922427]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.922451]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.922475]  kthread+0x337/0x6f0
[   14.922493]  ? trace_preempt_on+0x20/0xc0
[   14.922518]  ? __pfx_kthread+0x10/0x10
[   14.922537]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.922559]  ? calculate_sigpending+0x7b/0xa0
[   14.922580]  ? __pfx_kthread+0x10/0x10
[   14.922598]  ret_from_fork+0x41/0x80
[   14.922621]  ? __pfx_kthread+0x10/0x10
[   14.922639]  ret_from_fork_asm+0x1a/0x30
[   14.922670]  </TASK>
[   14.922681] 
[   14.930485] Allocated by task 304:
[   14.930836]  kasan_save_stack+0x45/0x70
[   14.931196]  kasan_save_track+0x18/0x40
[   14.931397]  kasan_save_alloc_info+0x3b/0x50
[   14.931605]  __kasan_kmalloc+0xb7/0xc0
[   14.931759]  __kmalloc_noprof+0x1c9/0x500
[   14.932004]  kunit_kmalloc_array+0x25/0x60
[   14.932198]  copy_user_test_oob+0xab/0x10f0
[   14.932374]  kunit_try_run_case+0x1a5/0x480
[   14.932563]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.932753]  kthread+0x337/0x6f0
[   14.932871]  ret_from_fork+0x41/0x80
[   14.933064]  ret_from_fork_asm+0x1a/0x30
[   14.933278] 
[   14.933377] The buggy address belongs to the object at ffff888103a34500
[   14.933377]  which belongs to the cache kmalloc-128 of size 128
[   14.933838] The buggy address is located 0 bytes inside of
[   14.933838]  allocated 120-byte region [ffff888103a34500, ffff888103a34578)
[   14.934295] 
[   14.934393] The buggy address belongs to the physical page:
[   14.934617] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a34
[   14.934998] flags: 0x200000000000000(node=0|zone=2)
[   14.935212] page_type: f5(slab)
[   14.935332] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   14.935598] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   14.935945] page dumped because: kasan: bad access detected
[   14.936271] 
[   14.936341] Memory state around the buggy address:
[   14.936495]  ffff888103a34400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   14.936805]  ffff888103a34480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.937152] >ffff888103a34500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[   14.937467]                                                                 ^
[   14.937742]  ffff888103a34580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.938013]  ffff888103a34600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.938241] ==================================================================
[   14.938780] ==================================================================
[   14.939530] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0
[   14.940254] Read of size 121 at addr ffff888103a34500 by task kunit_try_catch/304
[   14.940549] 
[   14.940656] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G    B            N  6.15.7-rc1 #1 PREEMPT(voluntary) 
[   14.940700] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.940713] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.940732] Call Trace:
[   14.940747]  <TASK>
[   14.940762]  dump_stack_lvl+0x73/0xb0
[   14.940787]  print_report+0xd1/0x610
[   14.941063]  ? __virt_addr_valid+0x1db/0x2d0
[   14.941095]  ? copy_user_test_oob+0x604/0x10f0
[   14.941117]  ? kasan_complete_mode_report_info+0x2a/0x200
[   14.941148]  ? copy_user_test_oob+0x604/0x10f0
[   14.941168]  kasan_report+0x141/0x180
[   14.941192]  ? copy_user_test_oob+0x604/0x10f0
[   14.941257]  kasan_check_range+0x10c/0x1c0
[   14.941278]  __kasan_check_read+0x15/0x20
[   14.941298]  copy_user_test_oob+0x604/0x10f0
[   14.941320]  ? __pfx_copy_user_test_oob+0x10/0x10
[   14.941339]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   14.941367]  ? __pfx_copy_user_test_oob+0x10/0x10
[   14.941392]  kunit_try_run_case+0x1a5/0x480
[   14.941413]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.941432]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   14.941456]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   14.941480]  ? __kthread_parkme+0x82/0x180
[   14.941501]  ? preempt_count_sub+0x50/0x80
[   14.941527]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.941547]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.941571]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.941594]  kthread+0x337/0x6f0
[   14.941611]  ? trace_preempt_on+0x20/0xc0
[   14.941634]  ? __pfx_kthread+0x10/0x10
[   14.941652]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.941674]  ? calculate_sigpending+0x7b/0xa0
[   14.941696]  ? __pfx_kthread+0x10/0x10
[   14.941715]  ret_from_fork+0x41/0x80
[   14.941735]  ? __pfx_kthread+0x10/0x10
[   14.941754]  ret_from_fork_asm+0x1a/0x30
[   14.941785]  </TASK>
[   14.941796] 
[   14.952069] Allocated by task 304:
[   14.952365]  kasan_save_stack+0x45/0x70
[   14.952566]  kasan_save_track+0x18/0x40
[   14.952748]  kasan_save_alloc_info+0x3b/0x50
[   14.953189]  __kasan_kmalloc+0xb7/0xc0
[   14.953567]  __kmalloc_noprof+0x1c9/0x500
[   14.953963]  kunit_kmalloc_array+0x25/0x60
[   14.954176]  copy_user_test_oob+0xab/0x10f0
[   14.954368]  kunit_try_run_case+0x1a5/0x480
[   14.954552]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.954779]  kthread+0x337/0x6f0
[   14.955188]  ret_from_fork+0x41/0x80
[   14.955553]  ret_from_fork_asm+0x1a/0x30
[   14.955875] 
[   14.956083] The buggy address belongs to the object at ffff888103a34500
[   14.956083]  which belongs to the cache kmalloc-128 of size 128
[   14.956744] The buggy address is located 0 bytes inside of
[   14.956744]  allocated 120-byte region [ffff888103a34500, ffff888103a34578)
[   14.957936] 
[   14.958046] The buggy address belongs to the physical page:
[   14.958457] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a34
[   14.959141] flags: 0x200000000000000(node=0|zone=2)
[   14.959542] page_type: f5(slab)
[   14.959830] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   14.960172] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   14.960481] page dumped because: kasan: bad access detected
[   14.960708] 
[   14.960794] Memory state around the buggy address:
[   14.961261]  ffff888103a34400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   14.961746]  ffff888103a34480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.962232] >ffff888103a34500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[   14.962840]                                                                 ^
[   14.963227]  ffff888103a34580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.963525]  ffff888103a34600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.964029] ==================================================================