Date
July 15, 2025, 2:09 p.m.
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 11.074848] ================================================================== [ 11.075351] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 11.075587] Write of size 2 at addr ffff888102f2ab77 by task kunit_try_catch/191 [ 11.076702] [ 11.077133] CPU: 1 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 11.077190] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.077201] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.077221] Call Trace: [ 11.077233] <TASK> [ 11.077247] dump_stack_lvl+0x73/0xb0 [ 11.077273] print_report+0xd1/0x610 [ 11.077295] ? __virt_addr_valid+0x1db/0x2d0 [ 11.077315] ? kmalloc_oob_memset_2+0x166/0x330 [ 11.077336] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.077357] ? kmalloc_oob_memset_2+0x166/0x330 [ 11.077379] kasan_report+0x141/0x180 [ 11.077400] ? kmalloc_oob_memset_2+0x166/0x330 [ 11.077426] kasan_check_range+0x10c/0x1c0 [ 11.077445] __asan_memset+0x27/0x50 [ 11.077464] kmalloc_oob_memset_2+0x166/0x330 [ 11.077487] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 11.077509] ? __schedule+0x10cc/0x2b60 [ 11.077532] ? __pfx_read_tsc+0x10/0x10 [ 11.077550] ? ktime_get_ts64+0x86/0x230 [ 11.077574] kunit_try_run_case+0x1a5/0x480 [ 11.077594] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.077611] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.077635] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.077657] ? __kthread_parkme+0x82/0x180 [ 11.077678] ? preempt_count_sub+0x50/0x80 [ 11.077702] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.077721] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.077743] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.077766] kthread+0x337/0x6f0 [ 11.077959] ? trace_preempt_on+0x20/0xc0 [ 11.077987] ? __pfx_kthread+0x10/0x10 [ 11.078005] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.078027] ? calculate_sigpending+0x7b/0xa0 [ 11.078048] ? __pfx_kthread+0x10/0x10 [ 11.078102] ret_from_fork+0x41/0x80 [ 11.078122] ? __pfx_kthread+0x10/0x10 [ 11.078139] ret_from_fork_asm+0x1a/0x30 [ 11.078169] </TASK> [ 11.078179] [ 11.092973] Allocated by task 191: [ 11.093398] kasan_save_stack+0x45/0x70 [ 11.093920] kasan_save_track+0x18/0x40 [ 11.094064] kasan_save_alloc_info+0x3b/0x50 [ 11.094209] __kasan_kmalloc+0xb7/0xc0 [ 11.094339] __kmalloc_cache_noprof+0x189/0x420 [ 11.094488] kmalloc_oob_memset_2+0xac/0x330 [ 11.094633] kunit_try_run_case+0x1a5/0x480 [ 11.094794] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.094977] kthread+0x337/0x6f0 [ 11.095216] ret_from_fork+0x41/0x80 [ 11.095345] ret_from_fork_asm+0x1a/0x30 [ 11.095480] [ 11.095657] The buggy address belongs to the object at ffff888102f2ab00 [ 11.095657] which belongs to the cache kmalloc-128 of size 128 [ 11.096857] The buggy address is located 119 bytes inside of [ 11.096857] allocated 120-byte region [ffff888102f2ab00, ffff888102f2ab78) [ 11.097641] [ 11.097828] The buggy address belongs to the physical page: [ 11.098565] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f2a [ 11.099183] flags: 0x200000000000000(node=0|zone=2) [ 11.099351] page_type: f5(slab) [ 11.099472] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.099704] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.099940] page dumped because: kasan: bad access detected [ 11.100279] [ 11.100376] Memory state around the buggy address: [ 11.100577] ffff888102f2aa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.100923] ffff888102f2aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.101242] >ffff888102f2ab00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.101563] ^ [ 11.102074] ffff888102f2ab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.102369] ffff888102f2ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.102654] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 11.047209] ================================================================== [ 11.047668] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 11.047928] Write of size 128 at addr ffff888102f2aa00 by task kunit_try_catch/189 [ 11.049394] [ 11.049636] CPU: 1 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 11.049684] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.049695] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.049715] Call Trace: [ 11.049726] <TASK> [ 11.049741] dump_stack_lvl+0x73/0xb0 [ 11.049767] print_report+0xd1/0x610 [ 11.049971] ? __virt_addr_valid+0x1db/0x2d0 [ 11.049999] ? kmalloc_oob_in_memset+0x15f/0x320 [ 11.050021] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.050042] ? kmalloc_oob_in_memset+0x15f/0x320 [ 11.050064] kasan_report+0x141/0x180 [ 11.050085] ? kmalloc_oob_in_memset+0x15f/0x320 [ 11.050112] kasan_check_range+0x10c/0x1c0 [ 11.050131] __asan_memset+0x27/0x50 [ 11.050150] kmalloc_oob_in_memset+0x15f/0x320 [ 11.050172] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 11.050194] ? __schedule+0x10cc/0x2b60 [ 11.050217] ? __pfx_read_tsc+0x10/0x10 [ 11.050236] ? ktime_get_ts64+0x86/0x230 [ 11.050260] kunit_try_run_case+0x1a5/0x480 [ 11.050281] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.050299] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.050322] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.050345] ? __kthread_parkme+0x82/0x180 [ 11.050367] ? preempt_count_sub+0x50/0x80 [ 11.050391] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.050410] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.050432] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.050454] kthread+0x337/0x6f0 [ 11.050469] ? trace_preempt_on+0x20/0xc0 [ 11.050492] ? __pfx_kthread+0x10/0x10 [ 11.050508] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.050529] ? calculate_sigpending+0x7b/0xa0 [ 11.050550] ? __pfx_kthread+0x10/0x10 [ 11.050567] ret_from_fork+0x41/0x80 [ 11.050586] ? __pfx_kthread+0x10/0x10 [ 11.050603] ret_from_fork_asm+0x1a/0x30 [ 11.050632] </TASK> [ 11.050643] [ 11.061430] Allocated by task 189: [ 11.061629] kasan_save_stack+0x45/0x70 [ 11.061778] kasan_save_track+0x18/0x40 [ 11.062153] kasan_save_alloc_info+0x3b/0x50 [ 11.062327] __kasan_kmalloc+0xb7/0xc0 [ 11.062459] __kmalloc_cache_noprof+0x189/0x420 [ 11.062654] kmalloc_oob_in_memset+0xac/0x320 [ 11.062920] kunit_try_run_case+0x1a5/0x480 [ 11.063769] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.064097] kthread+0x337/0x6f0 [ 11.064242] ret_from_fork+0x41/0x80 [ 11.064441] ret_from_fork_asm+0x1a/0x30 [ 11.064648] [ 11.064836] The buggy address belongs to the object at ffff888102f2aa00 [ 11.064836] which belongs to the cache kmalloc-128 of size 128 [ 11.065516] The buggy address is located 0 bytes inside of [ 11.065516] allocated 120-byte region [ffff888102f2aa00, ffff888102f2aa78) [ 11.066090] [ 11.066297] The buggy address belongs to the physical page: [ 11.066539] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f2a [ 11.066975] flags: 0x200000000000000(node=0|zone=2) [ 11.067177] page_type: f5(slab) [ 11.067345] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.067738] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.068210] page dumped because: kasan: bad access detected [ 11.068499] [ 11.068592] Memory state around the buggy address: [ 11.068909] ffff888102f2a900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.069145] ffff888102f2a980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.069549] >ffff888102f2aa00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.069978] ^ [ 11.070236] ffff888102f2aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.070550] ffff888102f2ab00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.070906] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 11.013409] ================================================================== [ 11.013929] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 11.014675] Read of size 16 at addr ffff8881027e7480 by task kunit_try_catch/187 [ 11.015465] [ 11.015568] CPU: 1 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 11.015643] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.015655] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.015674] Call Trace: [ 11.015685] <TASK> [ 11.015699] dump_stack_lvl+0x73/0xb0 [ 11.015725] print_report+0xd1/0x610 [ 11.015748] ? __virt_addr_valid+0x1db/0x2d0 [ 11.015769] ? kmalloc_uaf_16+0x47b/0x4c0 [ 11.015789] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.015810] ? kmalloc_uaf_16+0x47b/0x4c0 [ 11.015831] kasan_report+0x141/0x180 [ 11.015852] ? kmalloc_uaf_16+0x47b/0x4c0 [ 11.015889] __asan_report_load16_noabort+0x18/0x20 [ 11.015909] kmalloc_uaf_16+0x47b/0x4c0 [ 11.015930] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 11.015952] ? __schedule+0x10cc/0x2b60 [ 11.015974] ? __pfx_read_tsc+0x10/0x10 [ 11.015993] ? ktime_get_ts64+0x86/0x230 [ 11.016018] kunit_try_run_case+0x1a5/0x480 [ 11.016038] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.016056] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.016079] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.016102] ? __kthread_parkme+0x82/0x180 [ 11.016123] ? preempt_count_sub+0x50/0x80 [ 11.016147] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.016166] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.016188] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.016210] kthread+0x337/0x6f0 [ 11.016226] ? trace_preempt_on+0x20/0xc0 [ 11.016248] ? __pfx_kthread+0x10/0x10 [ 11.016265] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.016285] ? calculate_sigpending+0x7b/0xa0 [ 11.016306] ? __pfx_kthread+0x10/0x10 [ 11.016322] ret_from_fork+0x41/0x80 [ 11.016342] ? __pfx_kthread+0x10/0x10 [ 11.016358] ret_from_fork_asm+0x1a/0x30 [ 11.016388] </TASK> [ 11.016397] [ 11.029328] Allocated by task 187: [ 11.029470] kasan_save_stack+0x45/0x70 [ 11.029617] kasan_save_track+0x18/0x40 [ 11.030135] kasan_save_alloc_info+0x3b/0x50 [ 11.030650] __kasan_kmalloc+0xb7/0xc0 [ 11.031208] __kmalloc_cache_noprof+0x189/0x420 [ 11.031645] kmalloc_uaf_16+0x15b/0x4c0 [ 11.032120] kunit_try_run_case+0x1a5/0x480 [ 11.032529] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.033115] kthread+0x337/0x6f0 [ 11.033440] ret_from_fork+0x41/0x80 [ 11.033826] ret_from_fork_asm+0x1a/0x30 [ 11.034123] [ 11.034199] Freed by task 187: [ 11.034308] kasan_save_stack+0x45/0x70 [ 11.034443] kasan_save_track+0x18/0x40 [ 11.034575] kasan_save_free_info+0x3f/0x60 [ 11.034800] __kasan_slab_free+0x56/0x70 [ 11.035235] kfree+0x222/0x3f0 [ 11.035525] kmalloc_uaf_16+0x1d6/0x4c0 [ 11.035936] kunit_try_run_case+0x1a5/0x480 [ 11.036389] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.037031] kthread+0x337/0x6f0 [ 11.037410] ret_from_fork+0x41/0x80 [ 11.037744] ret_from_fork_asm+0x1a/0x30 [ 11.038286] [ 11.038450] The buggy address belongs to the object at ffff8881027e7480 [ 11.038450] which belongs to the cache kmalloc-16 of size 16 [ 11.039005] The buggy address is located 0 bytes inside of [ 11.039005] freed 16-byte region [ffff8881027e7480, ffff8881027e7490) [ 11.039348] [ 11.039420] The buggy address belongs to the physical page: [ 11.039591] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e7 [ 11.039833] flags: 0x200000000000000(node=0|zone=2) [ 11.040052] page_type: f5(slab) [ 11.040173] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.040727] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.041061] page dumped because: kasan: bad access detected [ 11.041237] [ 11.041333] Memory state around the buggy address: [ 11.041564] ffff8881027e7380: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 11.042060] ffff8881027e7400: 00 04 fc fc 00 04 fc fc fa fb fc fc 00 00 fc fc [ 11.042335] >ffff8881027e7480: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.042607] ^ [ 11.042749] ffff8881027e7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.043047] ffff8881027e7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.043328] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 10.992996] ================================================================== [ 10.993459] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 10.993746] Write of size 16 at addr ffff88810212e9e0 by task kunit_try_catch/185 [ 10.994277] [ 10.994398] CPU: 0 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 10.994442] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.994453] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.994472] Call Trace: [ 10.994485] <TASK> [ 10.994500] dump_stack_lvl+0x73/0xb0 [ 10.994525] print_report+0xd1/0x610 [ 10.994548] ? __virt_addr_valid+0x1db/0x2d0 [ 10.994568] ? kmalloc_oob_16+0x452/0x4a0 [ 10.994588] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.994610] ? kmalloc_oob_16+0x452/0x4a0 [ 10.994630] kasan_report+0x141/0x180 [ 10.994652] ? kmalloc_oob_16+0x452/0x4a0 [ 10.994677] __asan_report_store16_noabort+0x1b/0x30 [ 10.994697] kmalloc_oob_16+0x452/0x4a0 [ 10.994718] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 10.994741] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 10.994779] kunit_try_run_case+0x1a5/0x480 [ 10.994799] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.994817] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.994840] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.994863] ? __kthread_parkme+0x82/0x180 [ 10.994896] ? preempt_count_sub+0x50/0x80 [ 10.994921] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.994940] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.994962] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.994984] kthread+0x337/0x6f0 [ 10.994999] ? trace_preempt_on+0x20/0xc0 [ 10.995022] ? __pfx_kthread+0x10/0x10 [ 10.995038] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.995059] ? calculate_sigpending+0x7b/0xa0 [ 10.995080] ? __pfx_kthread+0x10/0x10 [ 10.995097] ret_from_fork+0x41/0x80 [ 10.995117] ? __pfx_kthread+0x10/0x10 [ 10.995134] ret_from_fork_asm+0x1a/0x30 [ 10.995165] </TASK> [ 10.995174] [ 11.001906] Allocated by task 185: [ 11.002089] kasan_save_stack+0x45/0x70 [ 11.002290] kasan_save_track+0x18/0x40 [ 11.002483] kasan_save_alloc_info+0x3b/0x50 [ 11.002696] __kasan_kmalloc+0xb7/0xc0 [ 11.002899] __kmalloc_cache_noprof+0x189/0x420 [ 11.003050] kmalloc_oob_16+0xa8/0x4a0 [ 11.003220] kunit_try_run_case+0x1a5/0x480 [ 11.003424] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.003672] kthread+0x337/0x6f0 [ 11.003811] ret_from_fork+0x41/0x80 [ 11.004009] ret_from_fork_asm+0x1a/0x30 [ 11.004152] [ 11.004247] The buggy address belongs to the object at ffff88810212e9e0 [ 11.004247] which belongs to the cache kmalloc-16 of size 16 [ 11.004814] The buggy address is located 0 bytes inside of [ 11.004814] allocated 13-byte region [ffff88810212e9e0, ffff88810212e9ed) [ 11.005365] [ 11.005461] The buggy address belongs to the physical page: [ 11.005677] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10212e [ 11.006054] flags: 0x200000000000000(node=0|zone=2) [ 11.006272] page_type: f5(slab) [ 11.006422] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.006787] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.007098] page dumped because: kasan: bad access detected [ 11.007304] [ 11.007371] Memory state around the buggy address: [ 11.007523] ffff88810212e880: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 11.007733] ffff88810212e900: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 11.008034] >ffff88810212e980: fa fb fc fc fa fb fc fc 00 05 fc fc 00 05 fc fc [ 11.008374] ^ [ 11.008605] ffff88810212ea00: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.009014] ffff88810212ea80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.009359] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 10.936087] ================================================================== [ 10.936564] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 10.936862] Read of size 1 at addr ffff888100353c00 by task kunit_try_catch/183 [ 10.937292] [ 10.937411] CPU: 0 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 10.937455] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.937466] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.937485] Call Trace: [ 10.937497] <TASK> [ 10.937513] dump_stack_lvl+0x73/0xb0 [ 10.937555] print_report+0xd1/0x610 [ 10.937577] ? __virt_addr_valid+0x1db/0x2d0 [ 10.937610] ? krealloc_uaf+0x1b8/0x5e0 [ 10.937635] ? kasan_complete_mode_report_info+0x64/0x200 [ 10.937657] ? krealloc_uaf+0x1b8/0x5e0 [ 10.937674] kasan_report+0x141/0x180 [ 10.937706] ? krealloc_uaf+0x1b8/0x5e0 [ 10.937726] ? krealloc_uaf+0x1b8/0x5e0 [ 10.937743] __kasan_check_byte+0x3d/0x50 [ 10.937818] krealloc_noprof+0x3f/0x340 [ 10.937844] krealloc_uaf+0x1b8/0x5e0 [ 10.937862] ? __pfx_krealloc_uaf+0x10/0x10 [ 10.937889] ? finish_task_switch.isra.0+0x153/0x700 [ 10.937913] ? __switch_to+0x5d9/0xf60 [ 10.937934] ? dequeue_task_fair+0x166/0x4e0 [ 10.937967] ? __schedule+0x10cc/0x2b60 [ 10.937992] ? __pfx_read_tsc+0x10/0x10 [ 10.938011] ? ktime_get_ts64+0x86/0x230 [ 10.938048] kunit_try_run_case+0x1a5/0x480 [ 10.938069] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.938086] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.938109] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.938132] ? __kthread_parkme+0x82/0x180 [ 10.938161] ? preempt_count_sub+0x50/0x80 [ 10.938184] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.938203] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.938225] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.938257] kthread+0x337/0x6f0 [ 10.938273] ? trace_preempt_on+0x20/0xc0 [ 10.938295] ? __pfx_kthread+0x10/0x10 [ 10.938312] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.938332] ? calculate_sigpending+0x7b/0xa0 [ 10.938353] ? __pfx_kthread+0x10/0x10 [ 10.938370] ret_from_fork+0x41/0x80 [ 10.938389] ? __pfx_kthread+0x10/0x10 [ 10.938405] ret_from_fork_asm+0x1a/0x30 [ 10.938435] </TASK> [ 10.938445] [ 10.948577] Allocated by task 183: [ 10.948825] kasan_save_stack+0x45/0x70 [ 10.949094] kasan_save_track+0x18/0x40 [ 10.949294] kasan_save_alloc_info+0x3b/0x50 [ 10.949446] __kasan_kmalloc+0xb7/0xc0 [ 10.949575] __kmalloc_cache_noprof+0x189/0x420 [ 10.949967] krealloc_uaf+0xbb/0x5e0 [ 10.950125] kunit_try_run_case+0x1a5/0x480 [ 10.950266] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.950519] kthread+0x337/0x6f0 [ 10.950745] ret_from_fork+0x41/0x80 [ 10.951053] ret_from_fork_asm+0x1a/0x30 [ 10.951266] [ 10.951370] Freed by task 183: [ 10.951574] kasan_save_stack+0x45/0x70 [ 10.951758] kasan_save_track+0x18/0x40 [ 10.952149] kasan_save_free_info+0x3f/0x60 [ 10.952378] __kasan_slab_free+0x56/0x70 [ 10.952514] kfree+0x222/0x3f0 [ 10.952638] krealloc_uaf+0x13d/0x5e0 [ 10.952811] kunit_try_run_case+0x1a5/0x480 [ 10.953125] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.953402] kthread+0x337/0x6f0 [ 10.953523] ret_from_fork+0x41/0x80 [ 10.953734] ret_from_fork_asm+0x1a/0x30 [ 10.954121] [ 10.954232] The buggy address belongs to the object at ffff888100353c00 [ 10.954232] which belongs to the cache kmalloc-256 of size 256 [ 10.954828] The buggy address is located 0 bytes inside of [ 10.954828] freed 256-byte region [ffff888100353c00, ffff888100353d00) [ 10.955319] [ 10.955433] The buggy address belongs to the physical page: [ 10.955682] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100352 [ 10.955998] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.956263] flags: 0x200000000000040(head|node=0|zone=2) [ 10.956543] page_type: f5(slab) [ 10.956847] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.957207] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.957553] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.957972] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.958310] head: 0200000000000001 ffffea000400d481 00000000ffffffff 00000000ffffffff [ 10.958636] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.959058] page dumped because: kasan: bad access detected [ 10.959284] [ 10.959387] Memory state around the buggy address: [ 10.959605] ffff888100353b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.960032] ffff888100353b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.960336] >ffff888100353c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.960639] ^ [ 10.960932] ffff888100353c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.961256] ffff888100353d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.961571] ================================================================== [ 10.962530] ================================================================== [ 10.962832] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 10.963305] Read of size 1 at addr ffff888100353c00 by task kunit_try_catch/183 [ 10.963674] [ 10.963835] CPU: 0 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 10.963895] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.963907] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.963925] Call Trace: [ 10.963936] <TASK> [ 10.963949] dump_stack_lvl+0x73/0xb0 [ 10.963973] print_report+0xd1/0x610 [ 10.963994] ? __virt_addr_valid+0x1db/0x2d0 [ 10.964014] ? krealloc_uaf+0x53c/0x5e0 [ 10.964030] ? kasan_complete_mode_report_info+0x64/0x200 [ 10.964062] ? krealloc_uaf+0x53c/0x5e0 [ 10.964079] kasan_report+0x141/0x180 [ 10.964101] ? krealloc_uaf+0x53c/0x5e0 [ 10.964133] __asan_report_load1_noabort+0x18/0x20 [ 10.964152] krealloc_uaf+0x53c/0x5e0 [ 10.964169] ? __pfx_krealloc_uaf+0x10/0x10 [ 10.964185] ? finish_task_switch.isra.0+0x153/0x700 [ 10.964206] ? __switch_to+0x5d9/0xf60 [ 10.964224] ? dequeue_task_fair+0x166/0x4e0 [ 10.964247] ? __schedule+0x10cc/0x2b60 [ 10.964269] ? __pfx_read_tsc+0x10/0x10 [ 10.964286] ? ktime_get_ts64+0x86/0x230 [ 10.964309] kunit_try_run_case+0x1a5/0x480 [ 10.964338] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.964355] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.964377] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.964410] ? __kthread_parkme+0x82/0x180 [ 10.964430] ? preempt_count_sub+0x50/0x80 [ 10.964453] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.964473] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.964494] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.964516] kthread+0x337/0x6f0 [ 10.964531] ? trace_preempt_on+0x20/0xc0 [ 10.964553] ? __pfx_kthread+0x10/0x10 [ 10.964569] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.964590] ? calculate_sigpending+0x7b/0xa0 [ 10.964610] ? __pfx_kthread+0x10/0x10 [ 10.964626] ret_from_fork+0x41/0x80 [ 10.964645] ? __pfx_kthread+0x10/0x10 [ 10.964662] ret_from_fork_asm+0x1a/0x30 [ 10.964741] </TASK> [ 10.964752] [ 10.972772] Allocated by task 183: [ 10.973003] kasan_save_stack+0x45/0x70 [ 10.973207] kasan_save_track+0x18/0x40 [ 10.973389] kasan_save_alloc_info+0x3b/0x50 [ 10.973598] __kasan_kmalloc+0xb7/0xc0 [ 10.973968] __kmalloc_cache_noprof+0x189/0x420 [ 10.974186] krealloc_uaf+0xbb/0x5e0 [ 10.974375] kunit_try_run_case+0x1a5/0x480 [ 10.974569] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.974951] kthread+0x337/0x6f0 [ 10.975123] ret_from_fork+0x41/0x80 [ 10.975290] ret_from_fork_asm+0x1a/0x30 [ 10.975427] [ 10.975495] Freed by task 183: [ 10.975601] kasan_save_stack+0x45/0x70 [ 10.975732] kasan_save_track+0x18/0x40 [ 10.975863] kasan_save_free_info+0x3f/0x60 [ 10.976196] __kasan_slab_free+0x56/0x70 [ 10.976454] kfree+0x222/0x3f0 [ 10.976620] krealloc_uaf+0x13d/0x5e0 [ 10.976981] kunit_try_run_case+0x1a5/0x480 [ 10.977196] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.977462] kthread+0x337/0x6f0 [ 10.977627] ret_from_fork+0x41/0x80 [ 10.977901] ret_from_fork_asm+0x1a/0x30 [ 10.978117] [ 10.978186] The buggy address belongs to the object at ffff888100353c00 [ 10.978186] which belongs to the cache kmalloc-256 of size 256 [ 10.978535] The buggy address is located 0 bytes inside of [ 10.978535] freed 256-byte region [ffff888100353c00, ffff888100353d00) [ 10.978993] [ 10.979091] The buggy address belongs to the physical page: [ 10.979373] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100352 [ 10.979775] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.980364] flags: 0x200000000000040(head|node=0|zone=2) [ 10.981093] page_type: f5(slab) [ 10.981623] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.982145] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.983028] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.983458] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.983962] head: 0200000000000001 ffffea000400d481 00000000ffffffff 00000000ffffffff [ 10.984368] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.985050] page dumped because: kasan: bad access detected [ 10.985409] [ 10.985488] Memory state around the buggy address: [ 10.985847] ffff888100353b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.986333] ffff888100353b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.986836] >ffff888100353c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.987153] ^ [ 10.987396] ffff888100353c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.987704] ffff888100353d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.988239] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 10.656240] ================================================================== [ 10.656818] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 10.657214] Write of size 1 at addr ffff888100353ac9 by task kunit_try_catch/177 [ 10.657538] [ 10.657658] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 10.657700] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.657711] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.657741] Call Trace: [ 10.657752] <TASK> [ 10.657767] dump_stack_lvl+0x73/0xb0 [ 10.657789] print_report+0xd1/0x610 [ 10.657824] ? __virt_addr_valid+0x1db/0x2d0 [ 10.657846] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 10.657873] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.657905] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 10.657925] kasan_report+0x141/0x180 [ 10.657960] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 10.657984] __asan_report_store1_noabort+0x1b/0x30 [ 10.658004] krealloc_less_oob_helper+0xd70/0x11d0 [ 10.658026] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.658044] ? irqentry_exit+0x2a/0x60 [ 10.658062] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 10.658096] ? __pfx_krealloc_less_oob+0x10/0x10 [ 10.658118] krealloc_less_oob+0x1c/0x30 [ 10.658135] kunit_try_run_case+0x1a5/0x480 [ 10.658155] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.658183] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.658207] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.658229] ? __kthread_parkme+0x82/0x180 [ 10.658255] ? preempt_count_sub+0x50/0x80 [ 10.658279] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.658298] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.658319] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.658341] kthread+0x337/0x6f0 [ 10.658357] ? trace_preempt_on+0x20/0xc0 [ 10.658378] ? __pfx_kthread+0x10/0x10 [ 10.658395] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.658426] ? calculate_sigpending+0x7b/0xa0 [ 10.658448] ? __pfx_kthread+0x10/0x10 [ 10.658465] ret_from_fork+0x41/0x80 [ 10.658504] ? __pfx_kthread+0x10/0x10 [ 10.658521] ret_from_fork_asm+0x1a/0x30 [ 10.658555] </TASK> [ 10.658565] [ 10.672030] Allocated by task 177: [ 10.672428] kasan_save_stack+0x45/0x70 [ 10.672832] kasan_save_track+0x18/0x40 [ 10.673221] kasan_save_alloc_info+0x3b/0x50 [ 10.673452] __kasan_krealloc+0x190/0x1f0 [ 10.673586] krealloc_noprof+0xf3/0x340 [ 10.673715] krealloc_less_oob_helper+0x1aa/0x11d0 [ 10.673975] krealloc_less_oob+0x1c/0x30 [ 10.674357] kunit_try_run_case+0x1a5/0x480 [ 10.674749] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.675270] kthread+0x337/0x6f0 [ 10.675586] ret_from_fork+0x41/0x80 [ 10.675946] ret_from_fork_asm+0x1a/0x30 [ 10.676331] [ 10.676486] The buggy address belongs to the object at ffff888100353a00 [ 10.676486] which belongs to the cache kmalloc-256 of size 256 [ 10.677170] The buggy address is located 0 bytes to the right of [ 10.677170] allocated 201-byte region [ffff888100353a00, ffff888100353ac9) [ 10.677523] [ 10.677592] The buggy address belongs to the physical page: [ 10.677757] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100352 [ 10.678012] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.678450] flags: 0x200000000000040(head|node=0|zone=2) [ 10.678710] page_type: f5(slab) [ 10.678842] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.679170] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.679421] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.679791] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.680161] head: 0200000000000001 ffffea000400d481 00000000ffffffff 00000000ffffffff [ 10.680442] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.680765] page dumped because: kasan: bad access detected [ 10.681019] [ 10.681087] Memory state around the buggy address: [ 10.681297] ffff888100353980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.681606] ffff888100353a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.681867] >ffff888100353a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 10.682175] ^ [ 10.682379] ffff888100353b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.682671] ffff888100353b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.682969] ================================================================== [ 10.869948] ================================================================== [ 10.870206] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 10.870607] Write of size 1 at addr ffff8881039560da by task kunit_try_catch/181 [ 10.870973] [ 10.871088] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 10.871127] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.871138] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.871156] Call Trace: [ 10.871167] <TASK> [ 10.871181] dump_stack_lvl+0x73/0xb0 [ 10.871214] print_report+0xd1/0x610 [ 10.871235] ? __virt_addr_valid+0x1db/0x2d0 [ 10.871254] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 10.871284] ? kasan_addr_to_slab+0x11/0xa0 [ 10.871304] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 10.871332] kasan_report+0x141/0x180 [ 10.871353] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 10.871377] __asan_report_store1_noabort+0x1b/0x30 [ 10.871407] krealloc_less_oob_helper+0xec6/0x11d0 [ 10.871428] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.871448] ? finish_task_switch.isra.0+0x153/0x700 [ 10.871469] ? __switch_to+0x5d9/0xf60 [ 10.871488] ? dequeue_task_fair+0x156/0x4e0 [ 10.871510] ? __schedule+0x10cc/0x2b60 [ 10.871532] ? __pfx_read_tsc+0x10/0x10 [ 10.871563] krealloc_large_less_oob+0x1c/0x30 [ 10.871581] kunit_try_run_case+0x1a5/0x480 [ 10.871601] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.871629] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.871652] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.871698] ? __kthread_parkme+0x82/0x180 [ 10.871719] ? preempt_count_sub+0x50/0x80 [ 10.871742] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.871761] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.871783] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.871819] kthread+0x337/0x6f0 [ 10.871835] ? trace_preempt_on+0x20/0xc0 [ 10.871856] ? __pfx_kthread+0x10/0x10 [ 10.871873] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.871902] ? calculate_sigpending+0x7b/0xa0 [ 10.871922] ? __pfx_kthread+0x10/0x10 [ 10.871939] ret_from_fork+0x41/0x80 [ 10.871958] ? __pfx_kthread+0x10/0x10 [ 10.871984] ret_from_fork_asm+0x1a/0x30 [ 10.872014] </TASK> [ 10.872023] [ 10.880135] The buggy address belongs to the physical page: [ 10.880394] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103954 [ 10.880648] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.881098] flags: 0x200000000000040(head|node=0|zone=2) [ 10.881414] page_type: f8(unknown) [ 10.881540] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.881775] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.882064] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.882673] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.883089] head: 0200000000000002 ffffea00040e5501 00000000ffffffff 00000000ffffffff [ 10.883415] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.883777] page dumped because: kasan: bad access detected [ 10.884092] [ 10.884175] Memory state around the buggy address: [ 10.884421] ffff888103955f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.884726] ffff888103956000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.885149] >ffff888103956080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 10.885443] ^ [ 10.885689] ffff888103956100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.885914] ffff888103956180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.886120] ================================================================== [ 10.821842] ================================================================== [ 10.822331] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 10.822649] Write of size 1 at addr ffff8881039560c9 by task kunit_try_catch/181 [ 10.823157] [ 10.823270] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 10.823311] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.823322] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.823341] Call Trace: [ 10.823354] <TASK> [ 10.823370] dump_stack_lvl+0x73/0xb0 [ 10.823396] print_report+0xd1/0x610 [ 10.823418] ? __virt_addr_valid+0x1db/0x2d0 [ 10.823439] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 10.823458] ? kasan_addr_to_slab+0x11/0xa0 [ 10.823477] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 10.823497] kasan_report+0x141/0x180 [ 10.823518] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 10.823542] __asan_report_store1_noabort+0x1b/0x30 [ 10.823562] krealloc_less_oob_helper+0xd70/0x11d0 [ 10.823584] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.823604] ? finish_task_switch.isra.0+0x153/0x700 [ 10.823626] ? __switch_to+0x5d9/0xf60 [ 10.823645] ? dequeue_task_fair+0x156/0x4e0 [ 10.823669] ? __schedule+0x10cc/0x2b60 [ 10.823691] ? __pfx_read_tsc+0x10/0x10 [ 10.823714] krealloc_large_less_oob+0x1c/0x30 [ 10.823732] kunit_try_run_case+0x1a5/0x480 [ 10.823751] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.823769] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.823792] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.823814] ? __kthread_parkme+0x82/0x180 [ 10.823834] ? preempt_count_sub+0x50/0x80 [ 10.823857] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.823875] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.823908] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.823930] kthread+0x337/0x6f0 [ 10.823945] ? trace_preempt_on+0x20/0xc0 [ 10.824185] ? __pfx_kthread+0x10/0x10 [ 10.824213] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.824235] ? calculate_sigpending+0x7b/0xa0 [ 10.824256] ? __pfx_kthread+0x10/0x10 [ 10.824273] ret_from_fork+0x41/0x80 [ 10.824294] ? __pfx_kthread+0x10/0x10 [ 10.824311] ret_from_fork_asm+0x1a/0x30 [ 10.824340] </TASK> [ 10.824351] [ 10.832266] The buggy address belongs to the physical page: [ 10.832539] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103954 [ 10.833221] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.833498] flags: 0x200000000000040(head|node=0|zone=2) [ 10.834616] page_type: f8(unknown) [ 10.835250] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.836219] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.837018] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.837272] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.837502] head: 0200000000000002 ffffea00040e5501 00000000ffffffff 00000000ffffffff [ 10.837738] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.837973] page dumped because: kasan: bad access detected [ 10.838144] [ 10.838214] Memory state around the buggy address: [ 10.838368] ffff888103955f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.838579] ffff888103956000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.838790] >ffff888103956080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 10.839240] ^ [ 10.839728] ffff888103956100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.840389] ffff888103956180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.841278] ================================================================== [ 10.735600] ================================================================== [ 10.736396] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 10.736905] Write of size 1 at addr ffff888100353aea by task kunit_try_catch/177 [ 10.737514] [ 10.737620] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 10.737662] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.737672] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.737691] Call Trace: [ 10.737702] <TASK> [ 10.737716] dump_stack_lvl+0x73/0xb0 [ 10.737739] print_report+0xd1/0x610 [ 10.737761] ? __virt_addr_valid+0x1db/0x2d0 [ 10.737781] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 10.737800] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.737822] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 10.737841] kasan_report+0x141/0x180 [ 10.737862] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 10.737897] __asan_report_store1_noabort+0x1b/0x30 [ 10.737917] krealloc_less_oob_helper+0xe90/0x11d0 [ 10.737940] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.737958] ? irqentry_exit+0x2a/0x60 [ 10.737977] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 10.738002] ? __pfx_krealloc_less_oob+0x10/0x10 [ 10.738024] krealloc_less_oob+0x1c/0x30 [ 10.738041] kunit_try_run_case+0x1a5/0x480 [ 10.738060] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.738078] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.738101] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.738126] ? __kthread_parkme+0x82/0x180 [ 10.738150] ? preempt_count_sub+0x50/0x80 [ 10.738174] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.738193] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.738214] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.738238] kthread+0x337/0x6f0 [ 10.738253] ? trace_preempt_on+0x20/0xc0 [ 10.738275] ? __pfx_kthread+0x10/0x10 [ 10.738292] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.738313] ? calculate_sigpending+0x7b/0xa0 [ 10.738335] ? __pfx_kthread+0x10/0x10 [ 10.738353] ret_from_fork+0x41/0x80 [ 10.738380] ? __pfx_kthread+0x10/0x10 [ 10.738397] ret_from_fork_asm+0x1a/0x30 [ 10.738431] </TASK> [ 10.738441] [ 10.745211] Allocated by task 177: [ 10.745381] kasan_save_stack+0x45/0x70 [ 10.745561] kasan_save_track+0x18/0x40 [ 10.745721] kasan_save_alloc_info+0x3b/0x50 [ 10.745859] __kasan_krealloc+0x190/0x1f0 [ 10.746007] krealloc_noprof+0xf3/0x340 [ 10.746136] krealloc_less_oob_helper+0x1aa/0x11d0 [ 10.746362] krealloc_less_oob+0x1c/0x30 [ 10.746550] kunit_try_run_case+0x1a5/0x480 [ 10.746860] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.747042] kthread+0x337/0x6f0 [ 10.747153] ret_from_fork+0x41/0x80 [ 10.747283] ret_from_fork_asm+0x1a/0x30 [ 10.747576] [ 10.747667] The buggy address belongs to the object at ffff888100353a00 [ 10.747667] which belongs to the cache kmalloc-256 of size 256 [ 10.748505] The buggy address is located 33 bytes to the right of [ 10.748505] allocated 201-byte region [ffff888100353a00, ffff888100353ac9) [ 10.748901] [ 10.748969] The buggy address belongs to the physical page: [ 10.749142] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100352 [ 10.749549] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.749953] flags: 0x200000000000040(head|node=0|zone=2) [ 10.750201] page_type: f5(slab) [ 10.750369] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.750680] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.751152] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.751483] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.751759] head: 0200000000000001 ffffea000400d481 00000000ffffffff 00000000ffffffff [ 10.752210] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.752440] page dumped because: kasan: bad access detected [ 10.752606] [ 10.752672] Memory state around the buggy address: [ 10.752926] ffff888100353980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.753252] ffff888100353a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.753569] >ffff888100353a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 10.753900] ^ [ 10.754096] ffff888100353b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.754351] ffff888100353b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.754662] ================================================================== [ 10.705994] ================================================================== [ 10.706227] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 10.706453] Write of size 1 at addr ffff888100353ada by task kunit_try_catch/177 [ 10.707491] [ 10.707581] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 10.707623] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.707634] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.707656] Call Trace: [ 10.707669] <TASK> [ 10.707682] dump_stack_lvl+0x73/0xb0 [ 10.707706] print_report+0xd1/0x610 [ 10.707727] ? __virt_addr_valid+0x1db/0x2d0 [ 10.707748] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 10.707767] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.707788] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 10.707808] kasan_report+0x141/0x180 [ 10.707830] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 10.707854] __asan_report_store1_noabort+0x1b/0x30 [ 10.707874] krealloc_less_oob_helper+0xec6/0x11d0 [ 10.707908] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.707926] ? irqentry_exit+0x2a/0x60 [ 10.707943] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 10.707968] ? __pfx_krealloc_less_oob+0x10/0x10 [ 10.707990] krealloc_less_oob+0x1c/0x30 [ 10.708007] kunit_try_run_case+0x1a5/0x480 [ 10.708027] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.708045] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.708068] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.708091] ? __kthread_parkme+0x82/0x180 [ 10.708115] ? preempt_count_sub+0x50/0x80 [ 10.708139] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.708158] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.708180] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.708201] kthread+0x337/0x6f0 [ 10.708217] ? trace_preempt_on+0x20/0xc0 [ 10.708239] ? __pfx_kthread+0x10/0x10 [ 10.708257] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.708278] ? calculate_sigpending+0x7b/0xa0 [ 10.708300] ? __pfx_kthread+0x10/0x10 [ 10.708318] ret_from_fork+0x41/0x80 [ 10.708345] ? __pfx_kthread+0x10/0x10 [ 10.708362] ret_from_fork_asm+0x1a/0x30 [ 10.708396] </TASK> [ 10.708405] [ 10.720186] Allocated by task 177: [ 10.720542] kasan_save_stack+0x45/0x70 [ 10.720875] kasan_save_track+0x18/0x40 [ 10.721165] kasan_save_alloc_info+0x3b/0x50 [ 10.721441] __kasan_krealloc+0x190/0x1f0 [ 10.721576] krealloc_noprof+0xf3/0x340 [ 10.721704] krealloc_less_oob_helper+0x1aa/0x11d0 [ 10.721877] krealloc_less_oob+0x1c/0x30 [ 10.722296] kunit_try_run_case+0x1a5/0x480 [ 10.722694] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.723273] kthread+0x337/0x6f0 [ 10.723599] ret_from_fork+0x41/0x80 [ 10.724016] ret_from_fork_asm+0x1a/0x30 [ 10.724401] [ 10.724584] The buggy address belongs to the object at ffff888100353a00 [ 10.724584] which belongs to the cache kmalloc-256 of size 256 [ 10.725285] The buggy address is located 17 bytes to the right of [ 10.725285] allocated 201-byte region [ffff888100353a00, ffff888100353ac9) [ 10.725643] [ 10.725711] The buggy address belongs to the physical page: [ 10.726051] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100352 [ 10.726806] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.727493] flags: 0x200000000000040(head|node=0|zone=2) [ 10.728071] page_type: f5(slab) [ 10.728405] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.729157] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.729827] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.730297] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.730532] head: 0200000000000001 ffffea000400d481 00000000ffffffff 00000000ffffffff [ 10.730756] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.731214] page dumped because: kasan: bad access detected [ 10.731459] [ 10.731526] Memory state around the buggy address: [ 10.732084] ffff888100353980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.732857] ffff888100353a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.733279] >ffff888100353a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 10.733496] ^ [ 10.733679] ffff888100353b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.733926] ffff888100353b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.734723] ================================================================== [ 10.910921] ================================================================== [ 10.911606] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 10.912335] Write of size 1 at addr ffff8881039560eb by task kunit_try_catch/181 [ 10.912953] [ 10.913292] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 10.913418] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.913429] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.913563] Call Trace: [ 10.913578] <TASK> [ 10.913593] dump_stack_lvl+0x73/0xb0 [ 10.913713] print_report+0xd1/0x610 [ 10.913741] ? __virt_addr_valid+0x1db/0x2d0 [ 10.913761] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 10.913791] ? kasan_addr_to_slab+0x11/0xa0 [ 10.913856] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 10.913876] kasan_report+0x141/0x180 [ 10.913908] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 10.913932] __asan_report_store1_noabort+0x1b/0x30 [ 10.913952] krealloc_less_oob_helper+0xd47/0x11d0 [ 10.913973] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.913993] ? finish_task_switch.isra.0+0x153/0x700 [ 10.914014] ? __switch_to+0x5d9/0xf60 [ 10.914034] ? dequeue_task_fair+0x156/0x4e0 [ 10.914056] ? __schedule+0x10cc/0x2b60 [ 10.914078] ? __pfx_read_tsc+0x10/0x10 [ 10.914099] krealloc_large_less_oob+0x1c/0x30 [ 10.914117] kunit_try_run_case+0x1a5/0x480 [ 10.914137] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.914154] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.914177] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.914199] ? __kthread_parkme+0x82/0x180 [ 10.914220] ? preempt_count_sub+0x50/0x80 [ 10.914242] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.914261] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.914282] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.914304] kthread+0x337/0x6f0 [ 10.914320] ? trace_preempt_on+0x20/0xc0 [ 10.914342] ? __pfx_kthread+0x10/0x10 [ 10.914358] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.914379] ? calculate_sigpending+0x7b/0xa0 [ 10.914398] ? __pfx_kthread+0x10/0x10 [ 10.914415] ret_from_fork+0x41/0x80 [ 10.914434] ? __pfx_kthread+0x10/0x10 [ 10.914451] ret_from_fork_asm+0x1a/0x30 [ 10.914480] </TASK> [ 10.914490] [ 10.926632] The buggy address belongs to the physical page: [ 10.927253] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103954 [ 10.927568] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.927889] flags: 0x200000000000040(head|node=0|zone=2) [ 10.928124] page_type: f8(unknown) [ 10.928305] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.928566] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.928971] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.929330] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.929664] head: 0200000000000002 ffffea00040e5501 00000000ffffffff 00000000ffffffff [ 10.930039] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.930402] page dumped because: kasan: bad access detected [ 10.930625] [ 10.930909] Memory state around the buggy address: [ 10.931122] ffff888103955f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.931449] ffff888103956000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.931851] >ffff888103956080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 10.932118] ^ [ 10.932412] ffff888103956100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.932781] ffff888103956180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.933040] ================================================================== [ 10.755494] ================================================================== [ 10.756061] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 10.756370] Write of size 1 at addr ffff888100353aeb by task kunit_try_catch/177 [ 10.756670] [ 10.756784] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 10.756824] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.756834] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.756852] Call Trace: [ 10.756863] <TASK> [ 10.756876] dump_stack_lvl+0x73/0xb0 [ 10.756908] print_report+0xd1/0x610 [ 10.756930] ? __virt_addr_valid+0x1db/0x2d0 [ 10.756951] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 10.756970] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.756991] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 10.757011] kasan_report+0x141/0x180 [ 10.757033] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 10.757057] __asan_report_store1_noabort+0x1b/0x30 [ 10.757077] krealloc_less_oob_helper+0xd47/0x11d0 [ 10.757098] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.757117] ? irqentry_exit+0x2a/0x60 [ 10.757139] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 10.757164] ? __pfx_krealloc_less_oob+0x10/0x10 [ 10.757186] krealloc_less_oob+0x1c/0x30 [ 10.757203] kunit_try_run_case+0x1a5/0x480 [ 10.757222] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.757239] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.757262] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.757284] ? __kthread_parkme+0x82/0x180 [ 10.757308] ? preempt_count_sub+0x50/0x80 [ 10.757331] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.757350] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.757371] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.757393] kthread+0x337/0x6f0 [ 10.757409] ? trace_preempt_on+0x20/0xc0 [ 10.757430] ? __pfx_kthread+0x10/0x10 [ 10.757447] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.757468] ? calculate_sigpending+0x7b/0xa0 [ 10.757490] ? __pfx_kthread+0x10/0x10 [ 10.757507] ret_from_fork+0x41/0x80 [ 10.757534] ? __pfx_kthread+0x10/0x10 [ 10.757551] ret_from_fork_asm+0x1a/0x30 [ 10.757585] </TASK> [ 10.757594] [ 10.764741] Allocated by task 177: [ 10.764918] kasan_save_stack+0x45/0x70 [ 10.765115] kasan_save_track+0x18/0x40 [ 10.765311] kasan_save_alloc_info+0x3b/0x50 [ 10.765493] __kasan_krealloc+0x190/0x1f0 [ 10.765674] krealloc_noprof+0xf3/0x340 [ 10.765821] krealloc_less_oob_helper+0x1aa/0x11d0 [ 10.766066] krealloc_less_oob+0x1c/0x30 [ 10.766198] kunit_try_run_case+0x1a5/0x480 [ 10.766337] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.766506] kthread+0x337/0x6f0 [ 10.766669] ret_from_fork+0x41/0x80 [ 10.766855] ret_from_fork_asm+0x1a/0x30 [ 10.767058] [ 10.767150] The buggy address belongs to the object at ffff888100353a00 [ 10.767150] which belongs to the cache kmalloc-256 of size 256 [ 10.767573] The buggy address is located 34 bytes to the right of [ 10.767573] allocated 201-byte region [ffff888100353a00, ffff888100353ac9) [ 10.768187] [ 10.768281] The buggy address belongs to the physical page: [ 10.768530] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100352 [ 10.768892] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.769242] flags: 0x200000000000040(head|node=0|zone=2) [ 10.769413] page_type: f5(slab) [ 10.769532] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.769757] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.770060] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.770399] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.770734] head: 0200000000000001 ffffea000400d481 00000000ffffffff 00000000ffffffff [ 10.771025] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.771252] page dumped because: kasan: bad access detected [ 10.771418] [ 10.771484] Memory state around the buggy address: [ 10.771633] ffff888100353980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.772035] ffff888100353a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.772353] >ffff888100353a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 10.772667] ^ [ 10.773110] ffff888100353b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.773432] ffff888100353b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.773744] ================================================================== [ 10.842168] ================================================================== [ 10.842919] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 10.843652] Write of size 1 at addr ffff8881039560d0 by task kunit_try_catch/181 [ 10.844354] [ 10.844579] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 10.844635] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.844645] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.844673] Call Trace: [ 10.844684] <TASK> [ 10.844697] dump_stack_lvl+0x73/0xb0 [ 10.844719] print_report+0xd1/0x610 [ 10.844752] ? __virt_addr_valid+0x1db/0x2d0 [ 10.844771] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 10.844789] ? kasan_addr_to_slab+0x11/0xa0 [ 10.844809] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 10.844828] kasan_report+0x141/0x180 [ 10.844857] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 10.844896] __asan_report_store1_noabort+0x1b/0x30 [ 10.844916] krealloc_less_oob_helper+0xe23/0x11d0 [ 10.844938] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.844957] ? finish_task_switch.isra.0+0x153/0x700 [ 10.844978] ? __switch_to+0x5d9/0xf60 [ 10.844996] ? dequeue_task_fair+0x156/0x4e0 [ 10.845018] ? __schedule+0x10cc/0x2b60 [ 10.845040] ? __pfx_read_tsc+0x10/0x10 [ 10.845061] krealloc_large_less_oob+0x1c/0x30 [ 10.845079] kunit_try_run_case+0x1a5/0x480 [ 10.845098] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.845115] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.845145] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.845167] ? __kthread_parkme+0x82/0x180 [ 10.845187] ? preempt_count_sub+0x50/0x80 [ 10.845210] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.845229] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.845250] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.845272] kthread+0x337/0x6f0 [ 10.845288] ? trace_preempt_on+0x20/0xc0 [ 10.845309] ? __pfx_kthread+0x10/0x10 [ 10.845326] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.845346] ? calculate_sigpending+0x7b/0xa0 [ 10.845366] ? __pfx_kthread+0x10/0x10 [ 10.845383] ret_from_fork+0x41/0x80 [ 10.845402] ? __pfx_kthread+0x10/0x10 [ 10.845419] ret_from_fork_asm+0x1a/0x30 [ 10.845448] </TASK> [ 10.845457] [ 10.861520] The buggy address belongs to the physical page: [ 10.861787] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103954 [ 10.862673] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.863345] flags: 0x200000000000040(head|node=0|zone=2) [ 10.863747] page_type: f8(unknown) [ 10.864150] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.864656] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.865306] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.866070] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.866540] head: 0200000000000002 ffffea00040e5501 00000000ffffffff 00000000ffffffff [ 10.867177] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.867400] page dumped because: kasan: bad access detected [ 10.867567] [ 10.867634] Memory state around the buggy address: [ 10.867794] ffff888103955f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.868030] ffff888103956000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.868288] >ffff888103956080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 10.868585] ^ [ 10.868777] ffff888103956100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.869098] ffff888103956180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.869446] ================================================================== [ 10.683780] ================================================================== [ 10.684234] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 10.684865] Write of size 1 at addr ffff888100353ad0 by task kunit_try_catch/177 [ 10.685176] [ 10.685256] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 10.685295] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.685305] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.685323] Call Trace: [ 10.685335] <TASK> [ 10.685347] dump_stack_lvl+0x73/0xb0 [ 10.685369] print_report+0xd1/0x610 [ 10.685391] ? __virt_addr_valid+0x1db/0x2d0 [ 10.685471] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 10.685491] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.685513] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 10.685539] kasan_report+0x141/0x180 [ 10.685561] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 10.685587] __asan_report_store1_noabort+0x1b/0x30 [ 10.685608] krealloc_less_oob_helper+0xe23/0x11d0 [ 10.685630] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.685648] ? irqentry_exit+0x2a/0x60 [ 10.685665] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 10.685691] ? __pfx_krealloc_less_oob+0x10/0x10 [ 10.685712] krealloc_less_oob+0x1c/0x30 [ 10.685729] kunit_try_run_case+0x1a5/0x480 [ 10.685750] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.685768] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.685790] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.685851] ? __kthread_parkme+0x82/0x180 [ 10.685875] ? preempt_count_sub+0x50/0x80 [ 10.685946] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.685988] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.686022] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.686044] kthread+0x337/0x6f0 [ 10.686060] ? trace_preempt_on+0x20/0xc0 [ 10.686082] ? __pfx_kthread+0x10/0x10 [ 10.686099] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.686120] ? calculate_sigpending+0x7b/0xa0 [ 10.686142] ? __pfx_kthread+0x10/0x10 [ 10.686160] ret_from_fork+0x41/0x80 [ 10.686187] ? __pfx_kthread+0x10/0x10 [ 10.686204] ret_from_fork_asm+0x1a/0x30 [ 10.686239] </TASK> [ 10.686249] [ 10.694811] Allocated by task 177: [ 10.694952] kasan_save_stack+0x45/0x70 [ 10.695105] kasan_save_track+0x18/0x40 [ 10.695419] kasan_save_alloc_info+0x3b/0x50 [ 10.695839] __kasan_krealloc+0x190/0x1f0 [ 10.696082] krealloc_noprof+0xf3/0x340 [ 10.696271] krealloc_less_oob_helper+0x1aa/0x11d0 [ 10.696455] krealloc_less_oob+0x1c/0x30 [ 10.696586] kunit_try_run_case+0x1a5/0x480 [ 10.696778] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.697254] kthread+0x337/0x6f0 [ 10.697490] ret_from_fork+0x41/0x80 [ 10.697640] ret_from_fork_asm+0x1a/0x30 [ 10.697777] [ 10.697932] The buggy address belongs to the object at ffff888100353a00 [ 10.697932] which belongs to the cache kmalloc-256 of size 256 [ 10.698597] The buggy address is located 7 bytes to the right of [ 10.698597] allocated 201-byte region [ffff888100353a00, ffff888100353ac9) [ 10.699196] [ 10.699293] The buggy address belongs to the physical page: [ 10.699540] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100352 [ 10.699858] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.700286] flags: 0x200000000000040(head|node=0|zone=2) [ 10.700555] page_type: f5(slab) [ 10.700705] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.701029] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.701595] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.701954] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.702346] head: 0200000000000001 ffffea000400d481 00000000ffffffff 00000000ffffffff [ 10.702622] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.703082] page dumped because: kasan: bad access detected [ 10.703307] [ 10.703385] Memory state around the buggy address: [ 10.703651] ffff888100353980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.703982] ffff888100353a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.704346] >ffff888100353a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 10.704649] ^ [ 10.705012] ffff888100353b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.705244] ffff888100353b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.705448] ================================================================== [ 10.886563] ================================================================== [ 10.887010] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 10.887596] Write of size 1 at addr ffff8881039560ea by task kunit_try_catch/181 [ 10.888696] [ 10.889045] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 10.889243] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.889258] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.889276] Call Trace: [ 10.889289] <TASK> [ 10.889303] dump_stack_lvl+0x73/0xb0 [ 10.889330] print_report+0xd1/0x610 [ 10.889353] ? __virt_addr_valid+0x1db/0x2d0 [ 10.889378] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 10.889397] ? kasan_addr_to_slab+0x11/0xa0 [ 10.889417] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 10.889436] kasan_report+0x141/0x180 [ 10.889458] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 10.889482] __asan_report_store1_noabort+0x1b/0x30 [ 10.889502] krealloc_less_oob_helper+0xe90/0x11d0 [ 10.889523] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.889542] ? finish_task_switch.isra.0+0x153/0x700 [ 10.889563] ? __switch_to+0x5d9/0xf60 [ 10.889581] ? dequeue_task_fair+0x156/0x4e0 [ 10.889603] ? __schedule+0x10cc/0x2b60 [ 10.889863] ? __pfx_read_tsc+0x10/0x10 [ 10.889924] krealloc_large_less_oob+0x1c/0x30 [ 10.889944] kunit_try_run_case+0x1a5/0x480 [ 10.889965] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.889984] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.890006] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.890029] ? __kthread_parkme+0x82/0x180 [ 10.890049] ? preempt_count_sub+0x50/0x80 [ 10.890072] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.890091] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.890112] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.890134] kthread+0x337/0x6f0 [ 10.890150] ? trace_preempt_on+0x20/0xc0 [ 10.890172] ? __pfx_kthread+0x10/0x10 [ 10.890188] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.890209] ? calculate_sigpending+0x7b/0xa0 [ 10.890229] ? __pfx_kthread+0x10/0x10 [ 10.890246] ret_from_fork+0x41/0x80 [ 10.890265] ? __pfx_kthread+0x10/0x10 [ 10.890281] ret_from_fork_asm+0x1a/0x30 [ 10.890310] </TASK> [ 10.890320] [ 10.900945] The buggy address belongs to the physical page: [ 10.901196] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103954 [ 10.901524] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.901824] flags: 0x200000000000040(head|node=0|zone=2) [ 10.902063] page_type: f8(unknown) [ 10.902222] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.902511] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.902816] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.903586] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.904276] head: 0200000000000002 ffffea00040e5501 00000000ffffffff 00000000ffffffff [ 10.904902] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.905558] page dumped because: kasan: bad access detected [ 10.906197] [ 10.906465] Memory state around the buggy address: [ 10.906745] ffff888103955f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.907452] ffff888103956000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.908069] >ffff888103956080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 10.908568] ^ [ 10.909080] ffff888103956100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.909727] ffff888103956180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.910186] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 10.627242] ================================================================== [ 10.627551] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 10.628044] Write of size 1 at addr ffff8881003538f0 by task kunit_try_catch/175 [ 10.628350] [ 10.628465] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 10.628505] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.628528] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.628545] Call Trace: [ 10.628559] <TASK> [ 10.628572] dump_stack_lvl+0x73/0xb0 [ 10.628595] print_report+0xd1/0x610 [ 10.628616] ? __virt_addr_valid+0x1db/0x2d0 [ 10.628637] ? krealloc_more_oob_helper+0x7eb/0x930 [ 10.628681] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.628702] ? krealloc_more_oob_helper+0x7eb/0x930 [ 10.628721] kasan_report+0x141/0x180 [ 10.628743] ? krealloc_more_oob_helper+0x7eb/0x930 [ 10.628767] __asan_report_store1_noabort+0x1b/0x30 [ 10.628786] krealloc_more_oob_helper+0x7eb/0x930 [ 10.628807] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 10.628825] ? irqentry_exit+0x2a/0x60 [ 10.628843] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 10.628867] ? __pfx_krealloc_more_oob+0x10/0x10 [ 10.628971] krealloc_more_oob+0x1c/0x30 [ 10.629009] kunit_try_run_case+0x1a5/0x480 [ 10.629030] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.629048] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.629070] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.629093] ? __kthread_parkme+0x82/0x180 [ 10.629117] ? preempt_count_sub+0x50/0x80 [ 10.629144] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.629162] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.629184] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.629206] kthread+0x337/0x6f0 [ 10.629221] ? trace_preempt_on+0x20/0xc0 [ 10.629252] ? __pfx_kthread+0x10/0x10 [ 10.629269] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.629290] ? calculate_sigpending+0x7b/0xa0 [ 10.629323] ? __pfx_kthread+0x10/0x10 [ 10.629341] ret_from_fork+0x41/0x80 [ 10.629368] ? __pfx_kthread+0x10/0x10 [ 10.629386] ret_from_fork_asm+0x1a/0x30 [ 10.629429] </TASK> [ 10.629439] [ 10.639447] Allocated by task 175: [ 10.639589] kasan_save_stack+0x45/0x70 [ 10.639912] kasan_save_track+0x18/0x40 [ 10.640126] kasan_save_alloc_info+0x3b/0x50 [ 10.640445] __kasan_krealloc+0x190/0x1f0 [ 10.640620] krealloc_noprof+0xf3/0x340 [ 10.640749] krealloc_more_oob_helper+0x1a9/0x930 [ 10.640910] krealloc_more_oob+0x1c/0x30 [ 10.641134] kunit_try_run_case+0x1a5/0x480 [ 10.641331] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.641572] kthread+0x337/0x6f0 [ 10.641701] ret_from_fork+0x41/0x80 [ 10.642026] ret_from_fork_asm+0x1a/0x30 [ 10.642247] [ 10.642342] The buggy address belongs to the object at ffff888100353800 [ 10.642342] which belongs to the cache kmalloc-256 of size 256 [ 10.642970] The buggy address is located 5 bytes to the right of [ 10.642970] allocated 235-byte region [ffff888100353800, ffff8881003538eb) [ 10.643486] [ 10.643583] The buggy address belongs to the physical page: [ 10.643914] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100352 [ 10.644263] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.644497] flags: 0x200000000000040(head|node=0|zone=2) [ 10.644676] page_type: f5(slab) [ 10.644981] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.645566] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.645787] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.646124] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.646582] head: 0200000000000001 ffffea000400d481 00000000ffffffff 00000000ffffffff [ 10.647166] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.647510] page dumped because: kasan: bad access detected [ 10.647727] [ 10.647829] Memory state around the buggy address: [ 10.648002] ffff888100353780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.648531] ffff888100353800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.648869] >ffff888100353880: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 10.649278] ^ [ 10.649556] ffff888100353900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.649994] ffff888100353980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.650206] ================================================================== [ 10.802004] ================================================================== [ 10.802286] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 10.802606] Write of size 1 at addr ffff888102aae0f0 by task kunit_try_catch/179 [ 10.802936] [ 10.803057] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 10.803097] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.803107] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.803124] Call Trace: [ 10.803136] <TASK> [ 10.803149] dump_stack_lvl+0x73/0xb0 [ 10.803171] print_report+0xd1/0x610 [ 10.803192] ? __virt_addr_valid+0x1db/0x2d0 [ 10.803212] ? krealloc_more_oob_helper+0x7eb/0x930 [ 10.803230] ? kasan_addr_to_slab+0x11/0xa0 [ 10.803250] ? krealloc_more_oob_helper+0x7eb/0x930 [ 10.803269] kasan_report+0x141/0x180 [ 10.803291] ? krealloc_more_oob_helper+0x7eb/0x930 [ 10.803315] __asan_report_store1_noabort+0x1b/0x30 [ 10.803335] krealloc_more_oob_helper+0x7eb/0x930 [ 10.803353] ? __schedule+0x10cc/0x2b60 [ 10.803374] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 10.803394] ? finish_task_switch.isra.0+0x153/0x700 [ 10.803415] ? __switch_to+0x5d9/0xf60 [ 10.803433] ? dequeue_task_fair+0x156/0x4e0 [ 10.803455] ? __schedule+0x10cc/0x2b60 [ 10.803476] ? __pfx_read_tsc+0x10/0x10 [ 10.803498] krealloc_large_more_oob+0x1c/0x30 [ 10.803516] kunit_try_run_case+0x1a5/0x480 [ 10.803535] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.803552] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.803575] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.803597] ? __kthread_parkme+0x82/0x180 [ 10.803617] ? preempt_count_sub+0x50/0x80 [ 10.803640] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.803659] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.803681] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.803702] kthread+0x337/0x6f0 [ 10.803718] ? trace_preempt_on+0x20/0xc0 [ 10.803740] ? __pfx_kthread+0x10/0x10 [ 10.803757] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.803777] ? calculate_sigpending+0x7b/0xa0 [ 10.803797] ? __pfx_kthread+0x10/0x10 [ 10.803815] ret_from_fork+0x41/0x80 [ 10.803834] ? __pfx_kthread+0x10/0x10 [ 10.803850] ret_from_fork_asm+0x1a/0x30 [ 10.803908] </TASK> [ 10.803918] [ 10.811577] The buggy address belongs to the physical page: [ 10.811785] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102aac [ 10.812160] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.812496] flags: 0x200000000000040(head|node=0|zone=2) [ 10.812752] page_type: f8(unknown) [ 10.813082] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.813383] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.813653] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.814049] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.814333] head: 0200000000000002 ffffea00040aab01 00000000ffffffff 00000000ffffffff [ 10.814564] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.814788] page dumped because: kasan: bad access detected [ 10.815043] [ 10.815134] Memory state around the buggy address: [ 10.815470] ffff888102aadf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.815778] ffff888102aae000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.816179] >ffff888102aae080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 10.816403] ^ [ 10.816604] ffff888102aae100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.816900] ffff888102aae180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.817225] ================================================================== [ 10.779852] ================================================================== [ 10.780294] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 10.780591] Write of size 1 at addr ffff888102aae0eb by task kunit_try_catch/179 [ 10.780954] [ 10.781068] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 10.781111] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.781122] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.781146] Call Trace: [ 10.781159] <TASK> [ 10.781173] dump_stack_lvl+0x73/0xb0 [ 10.781200] print_report+0xd1/0x610 [ 10.781221] ? __virt_addr_valid+0x1db/0x2d0 [ 10.781242] ? krealloc_more_oob_helper+0x821/0x930 [ 10.781261] ? kasan_addr_to_slab+0x11/0xa0 [ 10.781281] ? krealloc_more_oob_helper+0x821/0x930 [ 10.781301] kasan_report+0x141/0x180 [ 10.781322] ? krealloc_more_oob_helper+0x821/0x930 [ 10.781346] __asan_report_store1_noabort+0x1b/0x30 [ 10.781368] krealloc_more_oob_helper+0x821/0x930 [ 10.781386] ? __schedule+0x10cc/0x2b60 [ 10.781409] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 10.781429] ? finish_task_switch.isra.0+0x153/0x700 [ 10.781452] ? __switch_to+0x5d9/0xf60 [ 10.781472] ? dequeue_task_fair+0x156/0x4e0 [ 10.781495] ? __schedule+0x10cc/0x2b60 [ 10.781517] ? __pfx_read_tsc+0x10/0x10 [ 10.781539] krealloc_large_more_oob+0x1c/0x30 [ 10.781557] kunit_try_run_case+0x1a5/0x480 [ 10.781577] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.781595] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.781618] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.781641] ? __kthread_parkme+0x82/0x180 [ 10.781662] ? preempt_count_sub+0x50/0x80 [ 10.781685] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.781704] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.781726] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.781747] kthread+0x337/0x6f0 [ 10.781763] ? trace_preempt_on+0x20/0xc0 [ 10.781785] ? __pfx_kthread+0x10/0x10 [ 10.781802] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.781823] ? calculate_sigpending+0x7b/0xa0 [ 10.781843] ? __pfx_kthread+0x10/0x10 [ 10.781860] ret_from_fork+0x41/0x80 [ 10.781889] ? __pfx_kthread+0x10/0x10 [ 10.781906] ret_from_fork_asm+0x1a/0x30 [ 10.781936] </TASK> [ 10.781946] [ 10.794204] The buggy address belongs to the physical page: [ 10.794672] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102aac [ 10.795478] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.796231] flags: 0x200000000000040(head|node=0|zone=2) [ 10.796707] page_type: f8(unknown) [ 10.796856] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.797462] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.797692] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.797972] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.798398] head: 0200000000000002 ffffea00040aab01 00000000ffffffff 00000000ffffffff [ 10.798671] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.799052] page dumped because: kasan: bad access detected [ 10.799261] [ 10.799354] Memory state around the buggy address: [ 10.799561] ffff888102aadf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.799809] ffff888102aae000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.800146] >ffff888102aae080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 10.800388] ^ [ 10.800675] ffff888102aae100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.800902] ffff888102aae180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.801262] ================================================================== [ 10.598176] ================================================================== [ 10.598617] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 10.598952] Write of size 1 at addr ffff8881003538eb by task kunit_try_catch/175 [ 10.599697] [ 10.600087] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 10.600133] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.600144] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.600163] Call Trace: [ 10.600173] <TASK> [ 10.600186] dump_stack_lvl+0x73/0xb0 [ 10.600209] print_report+0xd1/0x610 [ 10.600231] ? __virt_addr_valid+0x1db/0x2d0 [ 10.600252] ? krealloc_more_oob_helper+0x821/0x930 [ 10.600270] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.600292] ? krealloc_more_oob_helper+0x821/0x930 [ 10.600311] kasan_report+0x141/0x180 [ 10.600332] ? krealloc_more_oob_helper+0x821/0x930 [ 10.600356] __asan_report_store1_noabort+0x1b/0x30 [ 10.600376] krealloc_more_oob_helper+0x821/0x930 [ 10.600397] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 10.600415] ? irqentry_exit+0x2a/0x60 [ 10.600433] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 10.600458] ? __pfx_krealloc_more_oob+0x10/0x10 [ 10.600479] krealloc_more_oob+0x1c/0x30 [ 10.600496] kunit_try_run_case+0x1a5/0x480 [ 10.600516] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.600533] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.600556] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.600578] ? __kthread_parkme+0x82/0x180 [ 10.600602] ? preempt_count_sub+0x50/0x80 [ 10.600625] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.600644] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.600666] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.600688] kthread+0x337/0x6f0 [ 10.600704] ? trace_preempt_on+0x20/0xc0 [ 10.600726] ? __pfx_kthread+0x10/0x10 [ 10.600743] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.600764] ? calculate_sigpending+0x7b/0xa0 [ 10.600786] ? __pfx_kthread+0x10/0x10 [ 10.600804] ret_from_fork+0x41/0x80 [ 10.600831] ? __pfx_kthread+0x10/0x10 [ 10.600848] ret_from_fork_asm+0x1a/0x30 [ 10.600895] </TASK> [ 10.600905] [ 10.615377] Allocated by task 175: [ 10.615877] kasan_save_stack+0x45/0x70 [ 10.616148] kasan_save_track+0x18/0x40 [ 10.616286] kasan_save_alloc_info+0x3b/0x50 [ 10.616430] __kasan_krealloc+0x190/0x1f0 [ 10.616568] krealloc_noprof+0xf3/0x340 [ 10.616704] krealloc_more_oob_helper+0x1a9/0x930 [ 10.616873] krealloc_more_oob+0x1c/0x30 [ 10.617057] kunit_try_run_case+0x1a5/0x480 [ 10.617266] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.617519] kthread+0x337/0x6f0 [ 10.617666] ret_from_fork+0x41/0x80 [ 10.618004] ret_from_fork_asm+0x1a/0x30 [ 10.618209] [ 10.618305] The buggy address belongs to the object at ffff888100353800 [ 10.618305] which belongs to the cache kmalloc-256 of size 256 [ 10.618912] The buggy address is located 0 bytes to the right of [ 10.618912] allocated 235-byte region [ffff888100353800, ffff8881003538eb) [ 10.619296] [ 10.619392] The buggy address belongs to the physical page: [ 10.619652] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100352 [ 10.620083] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.620514] flags: 0x200000000000040(head|node=0|zone=2) [ 10.620697] page_type: f5(slab) [ 10.621088] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.621504] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.622032] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.622336] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.622631] head: 0200000000000001 ffffea000400d481 00000000ffffffff 00000000ffffffff [ 10.623209] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.623571] page dumped because: kasan: bad access detected [ 10.623926] [ 10.624047] Memory state around the buggy address: [ 10.624267] ffff888100353780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.624545] ffff888100353800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.624899] >ffff888100353880: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 10.625361] ^ [ 10.625677] ffff888100353900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.626029] ffff888100353980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.626566] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 10.382404] ================================================================== [ 10.382836] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 10.383155] Read of size 1 at addr ffff8881027e743f by task kunit_try_catch/157 [ 10.383455] [ 10.383550] CPU: 1 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 10.383591] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.383602] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.383619] Call Trace: [ 10.383630] <TASK> [ 10.383642] dump_stack_lvl+0x73/0xb0 [ 10.383663] print_report+0xd1/0x610 [ 10.383684] ? __virt_addr_valid+0x1db/0x2d0 [ 10.383704] ? kmalloc_oob_left+0x361/0x3c0 [ 10.383725] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.383746] ? kmalloc_oob_left+0x361/0x3c0 [ 10.383768] kasan_report+0x141/0x180 [ 10.383790] ? kmalloc_oob_left+0x361/0x3c0 [ 10.383816] __asan_report_load1_noabort+0x18/0x20 [ 10.383836] kmalloc_oob_left+0x361/0x3c0 [ 10.383866] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 10.383899] ? __schedule+0x10cc/0x2b60 [ 10.383922] ? __pfx_read_tsc+0x10/0x10 [ 10.383940] ? ktime_get_ts64+0x86/0x230 [ 10.383966] kunit_try_run_case+0x1a5/0x480 [ 10.383986] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.384003] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.384025] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.384048] ? __kthread_parkme+0x82/0x180 [ 10.384068] ? preempt_count_sub+0x50/0x80 [ 10.384091] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.384110] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.384131] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.384153] kthread+0x337/0x6f0 [ 10.384169] ? trace_preempt_on+0x20/0xc0 [ 10.384190] ? __pfx_kthread+0x10/0x10 [ 10.384207] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.384228] ? calculate_sigpending+0x7b/0xa0 [ 10.384248] ? __pfx_kthread+0x10/0x10 [ 10.384265] ret_from_fork+0x41/0x80 [ 10.384284] ? __pfx_kthread+0x10/0x10 [ 10.384300] ret_from_fork_asm+0x1a/0x30 [ 10.384330] </TASK> [ 10.384339] [ 10.390701] Allocated by task 1: [ 10.391158] kasan_save_stack+0x45/0x70 [ 10.391357] kasan_save_track+0x18/0x40 [ 10.391547] kasan_save_alloc_info+0x3b/0x50 [ 10.391760] __kasan_kmalloc+0xb7/0xc0 [ 10.391991] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 10.392307] kstrdup+0x3e/0xa0 [ 10.392425] kstrdup_const+0x2c/0x40 [ 10.392617] __kernfs_new_node+0xa7/0x6d0 [ 10.392820] kernfs_new_node+0x140/0x1e0 [ 10.393006] kernfs_create_dir_ns+0x30/0x140 [ 10.393158] sysfs_create_dir_ns+0x130/0x290 [ 10.393300] kobject_add_internal+0x222/0x9b0 [ 10.393494] kobject_init_and_add+0xf1/0x160 [ 10.393700] sysfs_slab_add+0x19a/0x1f0 [ 10.393982] slab_sysfs_init+0x76/0x110 [ 10.394177] do_one_initcall+0xd8/0x370 [ 10.394328] kernel_init_freeable+0x420/0x6f0 [ 10.394535] kernel_init+0x23/0x1e0 [ 10.394708] ret_from_fork+0x41/0x80 [ 10.394916] ret_from_fork_asm+0x1a/0x30 [ 10.395085] [ 10.395162] The buggy address belongs to the object at ffff8881027e7420 [ 10.395162] which belongs to the cache kmalloc-16 of size 16 [ 10.395627] The buggy address is located 19 bytes to the right of [ 10.395627] allocated 12-byte region [ffff8881027e7420, ffff8881027e742c) [ 10.396167] [ 10.396259] The buggy address belongs to the physical page: [ 10.396428] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e7 [ 10.396663] flags: 0x200000000000000(node=0|zone=2) [ 10.396827] page_type: f5(slab) [ 10.397000] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 10.397352] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 10.397683] page dumped because: kasan: bad access detected [ 10.398074] [ 10.398251] Memory state around the buggy address: [ 10.398414] ffff8881027e7300: 00 02 fc fc 00 02 fc fc 00 06 fc fc 00 06 fc fc [ 10.398626] ffff8881027e7380: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 10.398980] >ffff8881027e7400: 00 04 fc fc 00 04 fc fc 00 07 fc fc fc fc fc fc [ 10.399299] ^ [ 10.399531] ffff8881027e7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.399831] ffff8881027e7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.400112] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 10.343077] ================================================================== [ 10.343347] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 10.343649] Write of size 1 at addr ffff888102f2a878 by task kunit_try_catch/155 [ 10.343961] [ 10.344194] CPU: 1 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 10.344237] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.344247] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.344266] Call Trace: [ 10.344278] <TASK> [ 10.344291] dump_stack_lvl+0x73/0xb0 [ 10.344315] print_report+0xd1/0x610 [ 10.344336] ? __virt_addr_valid+0x1db/0x2d0 [ 10.344356] ? kmalloc_oob_right+0x6bd/0x7f0 [ 10.344376] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.344397] ? kmalloc_oob_right+0x6bd/0x7f0 [ 10.344419] kasan_report+0x141/0x180 [ 10.344440] ? kmalloc_oob_right+0x6bd/0x7f0 [ 10.344466] __asan_report_store1_noabort+0x1b/0x30 [ 10.344486] kmalloc_oob_right+0x6bd/0x7f0 [ 10.344508] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.344532] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.344558] kunit_try_run_case+0x1a5/0x480 [ 10.344578] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.344595] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.344617] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.344640] ? __kthread_parkme+0x82/0x180 [ 10.344660] ? preempt_count_sub+0x50/0x80 [ 10.344735] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.344758] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.344780] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.344802] kthread+0x337/0x6f0 [ 10.344818] ? trace_preempt_on+0x20/0xc0 [ 10.344840] ? __pfx_kthread+0x10/0x10 [ 10.344857] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.344889] ? calculate_sigpending+0x7b/0xa0 [ 10.344910] ? __pfx_kthread+0x10/0x10 [ 10.344927] ret_from_fork+0x41/0x80 [ 10.344947] ? __pfx_kthread+0x10/0x10 [ 10.344964] ret_from_fork_asm+0x1a/0x30 [ 10.344993] </TASK> [ 10.345002] [ 10.351145] Allocated by task 155: [ 10.351318] kasan_save_stack+0x45/0x70 [ 10.351522] kasan_save_track+0x18/0x40 [ 10.351708] kasan_save_alloc_info+0x3b/0x50 [ 10.352144] __kasan_kmalloc+0xb7/0xc0 [ 10.352345] __kmalloc_cache_noprof+0x189/0x420 [ 10.352500] kmalloc_oob_right+0xa9/0x7f0 [ 10.352639] kunit_try_run_case+0x1a5/0x480 [ 10.352780] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.353324] kthread+0x337/0x6f0 [ 10.353499] ret_from_fork+0x41/0x80 [ 10.353683] ret_from_fork_asm+0x1a/0x30 [ 10.354001] [ 10.354081] The buggy address belongs to the object at ffff888102f2a800 [ 10.354081] which belongs to the cache kmalloc-128 of size 128 [ 10.354542] The buggy address is located 5 bytes to the right of [ 10.354542] allocated 115-byte region [ffff888102f2a800, ffff888102f2a873) [ 10.355118] [ 10.355213] The buggy address belongs to the physical page: [ 10.355423] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f2a [ 10.355775] flags: 0x200000000000000(node=0|zone=2) [ 10.356188] page_type: f5(slab) [ 10.356367] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.356656] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.356999] page dumped because: kasan: bad access detected [ 10.357177] [ 10.357245] Memory state around the buggy address: [ 10.357398] ffff888102f2a700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.357653] ffff888102f2a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.358074] >ffff888102f2a800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 10.358391] ^ [ 10.358696] ffff888102f2a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.359076] ffff888102f2a900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.359347] ================================================================== [ 10.315067] ================================================================== [ 10.315857] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 10.316573] Write of size 1 at addr ffff888102f2a873 by task kunit_try_catch/155 [ 10.317086] [ 10.318069] CPU: 1 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 10.318342] Tainted: [N]=TEST [ 10.318373] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.318602] Call Trace: [ 10.318670] <TASK> [ 10.318842] dump_stack_lvl+0x73/0xb0 [ 10.318937] print_report+0xd1/0x610 [ 10.318965] ? __virt_addr_valid+0x1db/0x2d0 [ 10.318988] ? kmalloc_oob_right+0x6f0/0x7f0 [ 10.319009] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.319031] ? kmalloc_oob_right+0x6f0/0x7f0 [ 10.319053] kasan_report+0x141/0x180 [ 10.319075] ? kmalloc_oob_right+0x6f0/0x7f0 [ 10.319101] __asan_report_store1_noabort+0x1b/0x30 [ 10.319122] kmalloc_oob_right+0x6f0/0x7f0 [ 10.319143] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.319167] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.319193] kunit_try_run_case+0x1a5/0x480 [ 10.319215] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.319232] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.319257] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.319280] ? __kthread_parkme+0x82/0x180 [ 10.319302] ? preempt_count_sub+0x50/0x80 [ 10.319328] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.319347] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.319369] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.319391] kthread+0x337/0x6f0 [ 10.319407] ? trace_preempt_on+0x20/0xc0 [ 10.319431] ? __pfx_kthread+0x10/0x10 [ 10.319448] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.319469] ? calculate_sigpending+0x7b/0xa0 [ 10.319491] ? __pfx_kthread+0x10/0x10 [ 10.319508] ret_from_fork+0x41/0x80 [ 10.319529] ? __pfx_kthread+0x10/0x10 [ 10.319546] ret_from_fork_asm+0x1a/0x30 [ 10.319595] </TASK> [ 10.319656] [ 10.328846] Allocated by task 155: [ 10.329632] kasan_save_stack+0x45/0x70 [ 10.330025] kasan_save_track+0x18/0x40 [ 10.330222] kasan_save_alloc_info+0x3b/0x50 [ 10.330590] __kasan_kmalloc+0xb7/0xc0 [ 10.330753] __kmalloc_cache_noprof+0x189/0x420 [ 10.331347] kmalloc_oob_right+0xa9/0x7f0 [ 10.331542] kunit_try_run_case+0x1a5/0x480 [ 10.331928] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.332185] kthread+0x337/0x6f0 [ 10.332558] ret_from_fork+0x41/0x80 [ 10.332748] ret_from_fork_asm+0x1a/0x30 [ 10.333242] [ 10.333393] The buggy address belongs to the object at ffff888102f2a800 [ 10.333393] which belongs to the cache kmalloc-128 of size 128 [ 10.334369] The buggy address is located 0 bytes to the right of [ 10.334369] allocated 115-byte region [ffff888102f2a800, ffff888102f2a873) [ 10.335273] [ 10.335448] The buggy address belongs to the physical page: [ 10.336171] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f2a [ 10.336773] flags: 0x200000000000000(node=0|zone=2) [ 10.337398] page_type: f5(slab) [ 10.337887] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.338198] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.338585] page dumped because: kasan: bad access detected [ 10.338807] [ 10.339059] Memory state around the buggy address: [ 10.339554] ffff888102f2a700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.340019] ffff888102f2a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.340390] >ffff888102f2a800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 10.340701] ^ [ 10.341074] ffff888102f2a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.341360] ffff888102f2a900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.341677] ================================================================== [ 10.360913] ================================================================== [ 10.361260] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 10.361587] Read of size 1 at addr ffff888102f2a880 by task kunit_try_catch/155 [ 10.362356] [ 10.362460] CPU: 1 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 10.362501] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.362512] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.362530] Call Trace: [ 10.362542] <TASK> [ 10.362555] dump_stack_lvl+0x73/0xb0 [ 10.362578] print_report+0xd1/0x610 [ 10.362600] ? __virt_addr_valid+0x1db/0x2d0 [ 10.362619] ? kmalloc_oob_right+0x68a/0x7f0 [ 10.362639] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.362661] ? kmalloc_oob_right+0x68a/0x7f0 [ 10.362682] kasan_report+0x141/0x180 [ 10.362818] ? kmalloc_oob_right+0x68a/0x7f0 [ 10.362845] __asan_report_load1_noabort+0x18/0x20 [ 10.362864] kmalloc_oob_right+0x68a/0x7f0 [ 10.362899] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.362923] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.362948] kunit_try_run_case+0x1a5/0x480 [ 10.362969] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.362987] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.363010] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.363032] ? __kthread_parkme+0x82/0x180 [ 10.363053] ? preempt_count_sub+0x50/0x80 [ 10.363077] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.363095] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.363117] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.363139] kthread+0x337/0x6f0 [ 10.363155] ? trace_preempt_on+0x20/0xc0 [ 10.363176] ? __pfx_kthread+0x10/0x10 [ 10.363193] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.363213] ? calculate_sigpending+0x7b/0xa0 [ 10.363233] ? __pfx_kthread+0x10/0x10 [ 10.363250] ret_from_fork+0x41/0x80 [ 10.363269] ? __pfx_kthread+0x10/0x10 [ 10.363286] ret_from_fork_asm+0x1a/0x30 [ 10.363315] </TASK> [ 10.363324] [ 10.370406] Allocated by task 155: [ 10.370582] kasan_save_stack+0x45/0x70 [ 10.370869] kasan_save_track+0x18/0x40 [ 10.371039] kasan_save_alloc_info+0x3b/0x50 [ 10.371224] __kasan_kmalloc+0xb7/0xc0 [ 10.371355] __kmalloc_cache_noprof+0x189/0x420 [ 10.371504] kmalloc_oob_right+0xa9/0x7f0 [ 10.371699] kunit_try_run_case+0x1a5/0x480 [ 10.371916] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.372232] kthread+0x337/0x6f0 [ 10.372399] ret_from_fork+0x41/0x80 [ 10.372555] ret_from_fork_asm+0x1a/0x30 [ 10.372743] [ 10.372811] The buggy address belongs to the object at ffff888102f2a800 [ 10.372811] which belongs to the cache kmalloc-128 of size 128 [ 10.373411] The buggy address is located 13 bytes to the right of [ 10.373411] allocated 115-byte region [ffff888102f2a800, ffff888102f2a873) [ 10.373848] [ 10.373931] The buggy address belongs to the physical page: [ 10.374099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f2a [ 10.374836] flags: 0x200000000000000(node=0|zone=2) [ 10.375236] page_type: f5(slab) [ 10.375375] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.375604] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.375827] page dumped because: kasan: bad access detected [ 10.376033] [ 10.376192] Memory state around the buggy address: [ 10.376577] ffff888102f2a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.376905] ffff888102f2a800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 10.377230] >ffff888102f2a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.377552] ^ [ 10.377806] ffff888102f2a900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.378166] ffff888102f2a980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.378377] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 139.926363] WARNING: CPU: 1 PID: 2739 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 139.926756] Modules linked in: [ 139.927360] CPU: 1 UID: 0 PID: 2739 Comm: kunit_try_catch Tainted: G B D W N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 139.927887] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 139.928125] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.928487] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 139.928870] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 139.929930] RSP: 0000:ffff888103e87c78 EFLAGS: 00010286 [ 139.930166] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 139.930437] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff99a2509c [ 139.930706] RBP: ffff888103e87ca0 R08: 0000000000000000 R09: ffffed102080c140 [ 139.930996] R10: ffff888104060a07 R11: 0000000000000000 R12: ffffffff99a25088 [ 139.931552] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888103e87d38 [ 139.931915] FS: 0000000000000000(0000) GS:ffff8881bf790000(0000) knlGS:0000000000000000 [ 139.932335] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.932862] CR2: 00007ffff7ffe000 CR3: 00000001348ba000 CR4: 00000000000006f0 [ 139.933177] DR0: ffffffff9ba33900 DR1: ffffffff9ba33901 DR2: ffffffff9ba33903 [ 139.933459] DR3: ffffffff9ba33905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 139.934034] Call Trace: [ 139.934164] <TASK> [ 139.934272] drm_test_rect_calc_vscale+0x108/0x270 [ 139.934760] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 139.935127] ? __schedule+0x10cc/0x2b60 [ 139.935397] ? __pfx_read_tsc+0x10/0x10 [ 139.935548] ? ktime_get_ts64+0x86/0x230 [ 139.935922] kunit_try_run_case+0x1a5/0x480 [ 139.936315] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.936543] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 139.936996] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 139.937398] ? __kthread_parkme+0x82/0x180 [ 139.937664] ? preempt_count_sub+0x50/0x80 [ 139.937982] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.938339] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 139.938580] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 139.938890] kthread+0x337/0x6f0 [ 139.939268] ? trace_preempt_on+0x20/0xc0 [ 139.939590] ? __pfx_kthread+0x10/0x10 [ 139.939763] ? _raw_spin_unlock_irq+0x47/0x80 [ 139.940142] ? calculate_sigpending+0x7b/0xa0 [ 139.940604] ? __pfx_kthread+0x10/0x10 [ 139.940930] ret_from_fork+0x41/0x80 [ 139.941112] ? __pfx_kthread+0x10/0x10 [ 139.941289] ret_from_fork_asm+0x1a/0x30 [ 139.941473] </TASK> [ 139.941583] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 139.944546] WARNING: CPU: 0 PID: 2741 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 139.944845] Modules linked in: [ 139.945229] CPU: 0 UID: 0 PID: 2741 Comm: kunit_try_catch Tainted: G B D W N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 139.946167] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 139.946832] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.947831] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 139.948307] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 139.949649] RSP: 0000:ffff88810614fc78 EFLAGS: 00010286 [ 139.950481] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 139.951107] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff99a250d4 [ 139.951322] RBP: ffff88810614fca0 R08: 0000000000000000 R09: ffffed102080c180 [ 139.951540] R10: ffff888104060c07 R11: 0000000000000000 R12: ffffffff99a250c0 [ 139.951748] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810614fd38 [ 139.952353] FS: 0000000000000000(0000) GS:ffff8881bf690000(0000) knlGS:0000000000000000 [ 139.953371] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.954106] CR2: 00007ffff7ffe000 CR3: 00000001348ba000 CR4: 00000000000006f0 [ 139.954923] DR0: ffffffff9ba33900 DR1: ffffffff9ba33901 DR2: ffffffff9ba33902 [ 139.955657] DR3: ffffffff9ba33903 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 139.956365] Call Trace: [ 139.956708] <TASK> [ 139.957063] drm_test_rect_calc_vscale+0x108/0x270 [ 139.957535] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 139.958278] ? __schedule+0x10cc/0x2b60 [ 139.958462] ? __pfx_read_tsc+0x10/0x10 [ 139.958604] ? ktime_get_ts64+0x86/0x230 [ 139.958842] kunit_try_run_case+0x1a5/0x480 [ 139.959281] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.959771] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 139.960290] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 139.960716] ? __kthread_parkme+0x82/0x180 [ 139.961199] ? preempt_count_sub+0x50/0x80 [ 139.961423] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.961582] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 139.962225] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 139.962824] kthread+0x337/0x6f0 [ 139.963231] ? trace_preempt_on+0x20/0xc0 [ 139.963596] ? __pfx_kthread+0x10/0x10 [ 139.964003] ? _raw_spin_unlock_irq+0x47/0x80 [ 139.964186] ? calculate_sigpending+0x7b/0xa0 [ 139.964338] ? __pfx_kthread+0x10/0x10 [ 139.964471] ret_from_fork+0x41/0x80 [ 139.964602] ? __pfx_kthread+0x10/0x10 [ 139.964908] ret_from_fork_asm+0x1a/0x30 [ 139.965285] </TASK> [ 139.965505] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 139.897326] WARNING: CPU: 0 PID: 2729 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 139.897948] Modules linked in: [ 139.898137] CPU: 0 UID: 0 PID: 2729 Comm: kunit_try_catch Tainted: G B D W N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 139.898534] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 139.898897] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.899278] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 139.899493] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 0b c6 1a 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 139.900391] RSP: 0000:ffff8881035f7c78 EFLAGS: 00010286 [ 139.900618] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 139.901138] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff99a250d8 [ 139.901414] RBP: ffff8881035f7ca0 R08: 0000000000000000 R09: ffffed102080c0a0 [ 139.901803] R10: ffff888104060507 R11: 0000000000000000 R12: ffffffff99a250c0 [ 139.902070] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881035f7d38 [ 139.902383] FS: 0000000000000000(0000) GS:ffff8881bf690000(0000) knlGS:0000000000000000 [ 139.902761] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.902981] CR2: 00007ffff7ffe000 CR3: 00000001348ba000 CR4: 00000000000006f0 [ 139.903295] DR0: ffffffff9ba33900 DR1: ffffffff9ba33901 DR2: ffffffff9ba33902 [ 139.903554] DR3: ffffffff9ba33903 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 139.903914] Call Trace: [ 139.904068] <TASK> [ 139.904174] drm_test_rect_calc_hscale+0x108/0x270 [ 139.904410] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 139.904645] ? __schedule+0x10cc/0x2b60 [ 139.905005] ? __pfx_read_tsc+0x10/0x10 [ 139.905200] ? ktime_get_ts64+0x86/0x230 [ 139.905377] kunit_try_run_case+0x1a5/0x480 [ 139.905581] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.905941] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 139.906137] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 139.906348] ? __kthread_parkme+0x82/0x180 [ 139.906556] ? preempt_count_sub+0x50/0x80 [ 139.906819] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.907014] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 139.907272] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 139.907504] kthread+0x337/0x6f0 [ 139.907670] ? trace_preempt_on+0x20/0xc0 [ 139.907936] ? __pfx_kthread+0x10/0x10 [ 139.908136] ? _raw_spin_unlock_irq+0x47/0x80 [ 139.908324] ? calculate_sigpending+0x7b/0xa0 [ 139.908531] ? __pfx_kthread+0x10/0x10 [ 139.908700] ret_from_fork+0x41/0x80 [ 139.908838] ? __pfx_kthread+0x10/0x10 [ 139.909085] ret_from_fork_asm+0x1a/0x30 [ 139.909312] </TASK> [ 139.909428] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 139.875510] WARNING: CPU: 1 PID: 2727 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 139.875892] Modules linked in: [ 139.876055] CPU: 1 UID: 0 PID: 2727 Comm: kunit_try_catch Tainted: G B D W N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 139.877375] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 139.878040] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.878922] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 139.879422] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 0b c6 1a 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 139.880541] RSP: 0000:ffff88810234fc78 EFLAGS: 00010286 [ 139.880742] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 139.881252] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff99a250a0 [ 139.881643] RBP: ffff88810234fca0 R08: 0000000000000000 R09: ffffed1020c2af20 [ 139.882138] R10: ffff888106157907 R11: 0000000000000000 R12: ffffffff99a25088 [ 139.882394] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810234fd38 [ 139.882870] FS: 0000000000000000(0000) GS:ffff8881bf790000(0000) knlGS:0000000000000000 [ 139.883120] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.883605] CR2: 00007ffff7ffe000 CR3: 00000001348ba000 CR4: 00000000000006f0 [ 139.884416] DR0: ffffffff9ba33900 DR1: ffffffff9ba33901 DR2: ffffffff9ba33903 [ 139.884937] DR3: ffffffff9ba33905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 139.885575] Call Trace: [ 139.886182] <TASK> [ 139.886579] drm_test_rect_calc_hscale+0x108/0x270 [ 139.887315] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 139.888034] ? __schedule+0x10cc/0x2b60 [ 139.888489] ? __pfx_read_tsc+0x10/0x10 [ 139.888641] ? ktime_get_ts64+0x86/0x230 [ 139.889198] kunit_try_run_case+0x1a5/0x480 [ 139.889650] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.890086] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 139.890260] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 139.890428] ? __kthread_parkme+0x82/0x180 [ 139.890576] ? preempt_count_sub+0x50/0x80 [ 139.890832] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.891084] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 139.891296] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 139.891558] kthread+0x337/0x6f0 [ 139.891716] ? trace_preempt_on+0x20/0xc0 [ 139.891867] ? __pfx_kthread+0x10/0x10 [ 139.892271] ? _raw_spin_unlock_irq+0x47/0x80 [ 139.892500] ? calculate_sigpending+0x7b/0xa0 [ 139.892834] ? __pfx_kthread+0x10/0x10 [ 139.893016] ret_from_fork+0x41/0x80 [ 139.893192] ? __pfx_kthread+0x10/0x10 [ 139.893364] ret_from_fork_asm+0x1a/0x30 [ 139.893545] </TASK> [ 139.893635] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 139.118966] WARNING: CPU: 1 PID: 2525 at drivers/gpu/drm/drm_framebuffer.c:869 drm_framebuffer_init+0x49/0x8d0 [ 139.119383] Modules linked in: [ 139.119571] CPU: 1 UID: 0 PID: 2525 Comm: kunit_try_catch Tainted: G B D W N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 139.120122] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 139.120452] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.120939] RIP: 0010:drm_framebuffer_init+0x49/0x8d0 [ 139.121181] Code: 89 e5 41 57 41 56 41 55 41 54 53 48 89 f3 48 83 ec 28 80 3c 11 00 48 89 7d c8 0f 85 1c 07 00 00 48 8b 75 c8 48 39 33 74 20 90 <0f> 0b 90 41 bf ea ff ff ff 48 83 c4 28 44 89 f8 5b 41 5c 41 5d 41 [ 139.121812] RSP: 0000:ffff888103be7b20 EFLAGS: 00010246 [ 139.122554] RAX: ffff888103be7ba8 RBX: ffff888103be7c28 RCX: 1ffff1102077cf8e [ 139.122818] RDX: dffffc0000000000 RSI: ffff888103d9c000 RDI: ffff888103d9c000 [ 139.123265] RBP: ffff888103be7b70 R08: ffff888103d9c000 R09: ffffffff999cbba0 [ 139.123519] R10: 0000000000000003 R11: 000000000c847f96 R12: 1ffff1102077cf71 [ 139.123973] R13: ffff888103be7c70 R14: ffff888103be7db8 R15: 0000000000000000 [ 139.124217] FS: 0000000000000000(0000) GS:ffff8881bf790000(0000) knlGS:0000000000000000 [ 139.124551] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.124798] CR2: 00007ffff7ffe000 CR3: 00000001348ba000 CR4: 00000000000006f0 [ 139.125165] DR0: ffffffff9ba33900 DR1: ffffffff9ba33901 DR2: ffffffff9ba33903 [ 139.125423] DR3: ffffffff9ba33905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 139.125712] Call Trace: [ 139.125892] <TASK> [ 139.125980] ? trace_preempt_on+0x20/0xc0 [ 139.126284] ? add_dr+0xc1/0x1d0 [ 139.126469] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 139.126673] ? add_dr+0x148/0x1d0 [ 139.127156] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 139.127413] ? __drmm_add_action+0x1a4/0x280 [ 139.127598] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 139.127828] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 139.128195] ? __drmm_add_action_or_reset+0x22/0x50 [ 139.128382] ? __schedule+0x10cc/0x2b60 [ 139.128588] ? __pfx_read_tsc+0x10/0x10 [ 139.128781] ? ktime_get_ts64+0x86/0x230 [ 139.129016] kunit_try_run_case+0x1a5/0x480 [ 139.129565] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.130096] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 139.130333] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 139.130551] ? __kthread_parkme+0x82/0x180 [ 139.130771] ? preempt_count_sub+0x50/0x80 [ 139.131377] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.131574] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 139.132080] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 139.132344] kthread+0x337/0x6f0 [ 139.132519] ? trace_preempt_on+0x20/0xc0 [ 139.132702] ? __pfx_kthread+0x10/0x10 [ 139.133227] ? _raw_spin_unlock_irq+0x47/0x80 [ 139.133421] ? calculate_sigpending+0x7b/0xa0 [ 139.133652] ? __pfx_kthread+0x10/0x10 [ 139.134152] ret_from_fork+0x41/0x80 [ 139.134303] ? __pfx_kthread+0x10/0x10 [ 139.134590] ret_from_fork_asm+0x1a/0x30 [ 139.134764] </TASK> [ 139.135030] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 139.083346] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 139.083479] WARNING: CPU: 1 PID: 2521 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 139.084533] Modules linked in: [ 139.084937] CPU: 1 UID: 0 PID: 2521 Comm: kunit_try_catch Tainted: G B D W N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 139.085385] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 139.085607] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.086011] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 139.086339] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 6b 8b 84 00 48 c7 c1 80 66 9c 99 4c 89 fa 48 c7 c7 e0 66 9c 99 48 89 c6 e8 b2 7a 81 fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 139.087146] RSP: 0000:ffff888106e9fb68 EFLAGS: 00010282 [ 139.087543] RAX: 0000000000000000 RBX: ffff888106e9fc40 RCX: 1ffffffff34e4be8 [ 139.087787] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 139.088228] RBP: ffff888106e9fb90 R08: 0000000000000000 R09: fffffbfff34e4be8 [ 139.088502] R10: 0000000000000003 R11: 0000000000037280 R12: ffff888106e9fc18 [ 139.088832] R13: ffff888103d92800 R14: ffff888103d9a000 R15: ffff888106f01180 [ 139.089167] FS: 0000000000000000(0000) GS:ffff8881bf790000(0000) knlGS:0000000000000000 [ 139.089437] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.089695] CR2: 00007ffff7ffe000 CR3: 00000001348ba000 CR4: 00000000000006f0 [ 139.090055] DR0: ffffffff9ba33900 DR1: ffffffff9ba33901 DR2: ffffffff9ba33903 [ 139.090272] DR3: ffffffff9ba33905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 139.090589] Call Trace: [ 139.090720] <TASK> [ 139.090853] drm_test_framebuffer_free+0x1ab/0x610 [ 139.091508] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 139.092781] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 139.093071] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 139.093305] ? __drmm_add_action_or_reset+0x22/0x50 [ 139.093547] ? __schedule+0x10cc/0x2b60 [ 139.093800] ? __pfx_read_tsc+0x10/0x10 [ 139.094363] ? ktime_get_ts64+0x86/0x230 [ 139.094567] kunit_try_run_case+0x1a5/0x480 [ 139.094920] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.095139] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 139.095559] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 139.095911] ? __kthread_parkme+0x82/0x180 [ 139.096161] ? preempt_count_sub+0x50/0x80 [ 139.096506] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.096886] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 139.097228] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 139.097507] kthread+0x337/0x6f0 [ 139.097992] ? trace_preempt_on+0x20/0xc0 [ 139.098191] ? __pfx_kthread+0x10/0x10 [ 139.098375] ? _raw_spin_unlock_irq+0x47/0x80 [ 139.098571] ? calculate_sigpending+0x7b/0xa0 [ 139.098822] ? __pfx_kthread+0x10/0x10 [ 139.099072] ret_from_fork+0x41/0x80 [ 139.099402] ? __pfx_kthread+0x10/0x10 [ 139.099669] ret_from_fork_asm+0x1a/0x30 [ 139.100141] </TASK> [ 139.100295] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 48.508559] ================================================================== [ 48.509114] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 48.509114] [ 48.509477] Use-after-free read at 0x(____ptrval____) (in kfence-#146): [ 48.509762] test_krealloc+0x6fc/0xbe0 [ 48.509948] kunit_try_run_case+0x1a5/0x480 [ 48.510100] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.510399] kthread+0x337/0x6f0 [ 48.510550] ret_from_fork+0x41/0x80 [ 48.510722] ret_from_fork_asm+0x1a/0x30 [ 48.510938] [ 48.511013] kfence-#146: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 48.511013] [ 48.511419] allocated by task 356 on cpu 0 at 48.507976s (0.003441s ago): [ 48.511710] test_alloc+0x364/0x10f0 [ 48.511913] test_krealloc+0xad/0xbe0 [ 48.512058] kunit_try_run_case+0x1a5/0x480 [ 48.512268] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.512513] kthread+0x337/0x6f0 [ 48.512651] ret_from_fork+0x41/0x80 [ 48.512800] ret_from_fork_asm+0x1a/0x30 [ 48.513011] [ 48.513094] freed by task 356 on cpu 0 at 48.508195s (0.004896s ago): [ 48.513338] krealloc_noprof+0x108/0x340 [ 48.513537] test_krealloc+0x226/0xbe0 [ 48.513729] kunit_try_run_case+0x1a5/0x480 [ 48.513936] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.514134] kthread+0x337/0x6f0 [ 48.514256] ret_from_fork+0x41/0x80 [ 48.514391] ret_from_fork_asm+0x1a/0x30 [ 48.514586] [ 48.514702] CPU: 0 UID: 0 PID: 356 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 48.515112] Tainted: [B]=BAD_PAGE, [N]=TEST [ 48.515251] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 48.515883] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 48.426552] ================================================================== [ 48.427021] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 48.427021] [ 48.427421] Use-after-free read at 0x(____ptrval____) (in kfence-#145): [ 48.427734] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 48.428064] kunit_try_run_case+0x1a5/0x480 [ 48.428210] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.428381] kthread+0x337/0x6f0 [ 48.428527] ret_from_fork+0x41/0x80 [ 48.428713] ret_from_fork_asm+0x1a/0x30 [ 48.429040] [ 48.429174] kfence-#145: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 48.429174] [ 48.429582] allocated by task 354 on cpu 0 at 48.403931s (0.025649s ago): [ 48.429987] test_alloc+0x2a6/0x10f0 [ 48.430175] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 48.430516] kunit_try_run_case+0x1a5/0x480 [ 48.430659] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.430846] kthread+0x337/0x6f0 [ 48.431046] ret_from_fork+0x41/0x80 [ 48.431232] ret_from_fork_asm+0x1a/0x30 [ 48.431707] [ 48.432192] freed by task 354 on cpu 0 at 48.404041s (0.028035s ago): [ 48.432467] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 48.432685] kunit_try_run_case+0x1a5/0x480 [ 48.433359] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.433578] kthread+0x337/0x6f0 [ 48.433953] ret_from_fork+0x41/0x80 [ 48.434154] ret_from_fork_asm+0x1a/0x30 [ 48.434487] [ 48.434679] CPU: 0 UID: 0 PID: 354 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 48.435288] Tainted: [B]=BAD_PAGE, [N]=TEST [ 48.435486] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 48.436070] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 23.665645] ================================================================== [ 23.666185] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 23.666185] [ 23.666615] Invalid read at 0x(____ptrval____): [ 23.666999] test_invalid_access+0xf0/0x210 [ 23.667192] kunit_try_run_case+0x1a5/0x480 [ 23.667341] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.667573] kthread+0x337/0x6f0 [ 23.667747] ret_from_fork+0x41/0x80 [ 23.668017] ret_from_fork_asm+0x1a/0x30 [ 23.668532] [ 23.669060] CPU: 1 UID: 0 PID: 350 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 23.669498] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.669668] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.670054] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 23.444279] ================================================================== [ 23.444656] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 23.444656] [ 23.445137] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#141): [ 23.445688] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 23.446002] kunit_try_run_case+0x1a5/0x480 [ 23.446167] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.446426] kthread+0x337/0x6f0 [ 23.446573] ret_from_fork+0x41/0x80 [ 23.446761] ret_from_fork_asm+0x1a/0x30 [ 23.447002] [ 23.447097] kfence-#141: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 23.447097] [ 23.447479] allocated by task 344 on cpu 1 at 23.444024s (0.003453s ago): [ 23.447763] test_alloc+0x364/0x10f0 [ 23.447946] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 23.448120] kunit_try_run_case+0x1a5/0x480 [ 23.448327] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.448581] kthread+0x337/0x6f0 [ 23.448742] ret_from_fork+0x41/0x80 [ 23.448979] ret_from_fork_asm+0x1a/0x30 [ 23.449115] [ 23.449220] freed by task 344 on cpu 1 at 23.444163s (0.005054s ago): [ 23.449525] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 23.449743] kunit_try_run_case+0x1a5/0x480 [ 23.449969] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.450150] kthread+0x337/0x6f0 [ 23.450274] ret_from_fork+0x41/0x80 [ 23.450463] ret_from_fork_asm+0x1a/0x30 [ 23.450664] [ 23.450785] CPU: 1 UID: 0 PID: 344 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 23.451232] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.451412] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.451688] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 137.805365] WARNING: CPU: 1 PID: 1959 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 137.805745] Modules linked in: [ 137.806168] CPU: 1 UID: 0 PID: 1959 Comm: kunit_try_catch Tainted: G B D W N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 137.806599] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 137.807346] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 137.807893] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 137.808174] Code: 49 8d 7c 24 58 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 58 00 75 1b 5b 41 5c 5d c3 cc cc cc cc 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d e9 50 0f 22 02 48 89 df e8 d8 [ 137.809094] RSP: 0000:ffff888102eafc90 EFLAGS: 00010246 [ 137.809399] RAX: dffffc0000000000 RBX: ffff8881045b2000 RCX: 0000000000000000 [ 137.809719] RDX: 1ffff110208b6432 RSI: ffffffff96bf7f18 RDI: ffff8881045b2190 [ 137.810290] RBP: ffff888102eafca0 R08: 1ffff11020063f69 R09: ffffed10205d5f65 [ 137.810764] R10: 0000000000000003 R11: ffffffff96182a08 R12: 0000000000000000 [ 137.811336] R13: ffff888102eafd38 R14: ffff88810031fc50 R15: ffff88810031fc58 [ 137.811667] FS: 0000000000000000(0000) GS:ffff8881bf790000(0000) knlGS:0000000000000000 [ 137.812356] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 137.812736] CR2: 00007ffff7ffe000 CR3: 00000001348ba000 CR4: 00000000000006f0 [ 137.813175] DR0: ffffffff9ba33900 DR1: ffffffff9ba33901 DR2: ffffffff9ba33903 [ 137.813493] DR3: ffffffff9ba33905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 137.813954] Call Trace: [ 137.814278] <TASK> [ 137.814507] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 137.815049] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 137.815454] ? __schedule+0x10cc/0x2b60 [ 137.815889] ? __pfx_read_tsc+0x10/0x10 [ 137.816092] ? ktime_get_ts64+0x86/0x230 [ 137.816335] kunit_try_run_case+0x1a5/0x480 [ 137.816527] ? __pfx_kunit_try_run_case+0x10/0x10 [ 137.816885] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 137.817200] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 137.817395] ? __kthread_parkme+0x82/0x180 [ 137.817637] ? preempt_count_sub+0x50/0x80 [ 137.818094] ? __pfx_kunit_try_run_case+0x10/0x10 [ 137.818358] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 137.818597] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 137.819020] kthread+0x337/0x6f0 [ 137.819224] ? trace_preempt_on+0x20/0xc0 [ 137.819430] ? __pfx_kthread+0x10/0x10 [ 137.819618] ? _raw_spin_unlock_irq+0x47/0x80 [ 137.819902] ? calculate_sigpending+0x7b/0xa0 [ 137.820230] ? __pfx_kthread+0x10/0x10 [ 137.820451] ret_from_fork+0x41/0x80 [ 137.820617] ? __pfx_kthread+0x10/0x10 [ 137.820938] ret_from_fork_asm+0x1a/0x30 [ 137.821159] </TASK> [ 137.821294] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 137.722546] WARNING: CPU: 1 PID: 1951 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 137.723092] Modules linked in: [ 137.723481] CPU: 1 UID: 0 PID: 1951 Comm: kunit_try_catch Tainted: G B D W N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 137.724337] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 137.725083] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 137.725886] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 137.726097] Code: 49 8d 7c 24 58 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 58 00 75 1b 5b 41 5c 5d c3 cc cc cc cc 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d e9 50 0f 22 02 48 89 df e8 d8 [ 137.726590] RSP: 0000:ffff888103007c90 EFLAGS: 00010246 [ 137.726787] RAX: dffffc0000000000 RBX: ffff8881031a0000 RCX: 0000000000000000 [ 137.727266] RDX: 1ffff11020634032 RSI: ffffffff96bf7f18 RDI: ffff8881031a0190 [ 137.727518] RBP: ffff888103007ca0 R08: 1ffff11020063f69 R09: ffffed1020600f65 [ 137.728091] R10: 0000000000000003 R11: ffffffff96182a08 R12: 0000000000000000 [ 137.728349] R13: ffff888103007d38 R14: ffff88810031fc50 R15: ffff88810031fc58 [ 137.728660] FS: 0000000000000000(0000) GS:ffff8881bf790000(0000) knlGS:0000000000000000 [ 137.729089] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 137.729315] CR2: 00007ffff7ffe000 CR3: 00000001348ba000 CR4: 00000000000006f0 [ 137.729564] DR0: ffffffff9ba33900 DR1: ffffffff9ba33901 DR2: ffffffff9ba33903 [ 137.729894] DR3: ffffffff9ba33905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 137.730337] Call Trace: [ 137.730487] <TASK> [ 137.730623] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 137.731352] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 137.731731] ? __schedule+0x10cc/0x2b60 [ 137.732094] ? __pfx_read_tsc+0x10/0x10 [ 137.732265] ? ktime_get_ts64+0x86/0x230 [ 137.732465] kunit_try_run_case+0x1a5/0x480 [ 137.732672] ? __pfx_kunit_try_run_case+0x10/0x10 [ 137.733187] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 137.733476] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 137.733743] ? __kthread_parkme+0x82/0x180 [ 137.734058] ? preempt_count_sub+0x50/0x80 [ 137.734249] ? __pfx_kunit_try_run_case+0x10/0x10 [ 137.734489] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 137.734915] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 137.735343] kthread+0x337/0x6f0 [ 137.735507] ? trace_preempt_on+0x20/0xc0 [ 137.735971] ? __pfx_kthread+0x10/0x10 [ 137.736181] ? _raw_spin_unlock_irq+0x47/0x80 [ 137.736508] ? calculate_sigpending+0x7b/0xa0 [ 137.736914] ? __pfx_kthread+0x10/0x10 [ 137.737135] ret_from_fork+0x41/0x80 [ 137.737467] ? __pfx_kthread+0x10/0x10 [ 137.737627] ret_from_fork_asm+0x1a/0x30 [ 137.737971] </TASK> [ 137.738074] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 23.340180] ================================================================== [ 23.340562] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 23.340562] [ 23.341060] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#140): [ 23.341387] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 23.341634] kunit_try_run_case+0x1a5/0x480 [ 23.341894] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.342084] kthread+0x337/0x6f0 [ 23.342209] ret_from_fork+0x41/0x80 [ 23.342343] ret_from_fork_asm+0x1a/0x30 [ 23.342568] [ 23.342666] kfence-#140: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 23.342666] [ 23.343172] allocated by task 342 on cpu 0 at 23.339970s (0.003200s ago): [ 23.343474] test_alloc+0x364/0x10f0 [ 23.343619] test_kmalloc_aligned_oob_read+0x105/0x560 [ 23.343788] kunit_try_run_case+0x1a5/0x480 [ 23.343994] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.344320] kthread+0x337/0x6f0 [ 23.344592] ret_from_fork+0x41/0x80 [ 23.344735] ret_from_fork_asm+0x1a/0x30 [ 23.345059] [ 23.345175] CPU: 0 UID: 0 PID: 342 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 23.345639] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.345777] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.346197] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 17.620134] ================================================================== [ 17.620513] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 17.620513] [ 17.620938] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#85): [ 17.621491] test_corruption+0x131/0x3e0 [ 17.621701] kunit_try_run_case+0x1a5/0x480 [ 17.621984] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.622192] kthread+0x337/0x6f0 [ 17.622356] ret_from_fork+0x41/0x80 [ 17.622493] ret_from_fork_asm+0x1a/0x30 [ 17.622697] [ 17.622781] kfence-#85: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.622781] [ 17.623095] allocated by task 332 on cpu 1 at 17.620024s (0.003069s ago): [ 17.623393] test_alloc+0x2a6/0x10f0 [ 17.623581] test_corruption+0xe6/0x3e0 [ 17.623728] kunit_try_run_case+0x1a5/0x480 [ 17.624049] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.624239] kthread+0x337/0x6f0 [ 17.624399] ret_from_fork+0x41/0x80 [ 17.624587] ret_from_fork_asm+0x1a/0x30 [ 17.624760] [ 17.624829] freed by task 332 on cpu 1 at 17.620065s (0.004762s ago): [ 17.625046] test_corruption+0x131/0x3e0 [ 17.625244] kunit_try_run_case+0x1a5/0x480 [ 17.625451] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.625703] kthread+0x337/0x6f0 [ 17.625916] ret_from_fork+0x41/0x80 [ 17.626046] ret_from_fork_asm+0x1a/0x30 [ 17.626218] [ 17.626337] CPU: 1 UID: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 17.626798] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.627004] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.627342] ================================================================== [ 18.140131] ================================================================== [ 18.140540] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 18.140540] [ 18.140968] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#90): [ 18.141349] test_corruption+0x216/0x3e0 [ 18.141495] kunit_try_run_case+0x1a5/0x480 [ 18.141716] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.141956] kthread+0x337/0x6f0 [ 18.142081] ret_from_fork+0x41/0x80 [ 18.142218] ret_from_fork_asm+0x1a/0x30 [ 18.142420] [ 18.142515] kfence-#90: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.142515] [ 18.143038] allocated by task 332 on cpu 1 at 18.139999s (0.003037s ago): [ 18.143330] test_alloc+0x2a6/0x10f0 [ 18.143507] test_corruption+0x1cb/0x3e0 [ 18.143658] kunit_try_run_case+0x1a5/0x480 [ 18.143860] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.144109] kthread+0x337/0x6f0 [ 18.144276] ret_from_fork+0x41/0x80 [ 18.144431] ret_from_fork_asm+0x1a/0x30 [ 18.144598] [ 18.144669] freed by task 332 on cpu 1 at 18.140054s (0.004613s ago): [ 18.144875] test_corruption+0x216/0x3e0 [ 18.145082] kunit_try_run_case+0x1a5/0x480 [ 18.145288] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.145718] kthread+0x337/0x6f0 [ 18.145896] ret_from_fork+0x41/0x80 [ 18.146026] ret_from_fork_asm+0x1a/0x30 [ 18.146164] [ 18.146254] CPU: 1 UID: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 18.146742] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.147090] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.147429] ================================================================== [ 17.516247] ================================================================== [ 17.516633] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 17.516633] [ 17.517064] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#84): [ 17.517900] test_corruption+0x2df/0x3e0 [ 17.518288] kunit_try_run_case+0x1a5/0x480 [ 17.518458] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.518706] kthread+0x337/0x6f0 [ 17.519089] ret_from_fork+0x41/0x80 [ 17.519332] ret_from_fork_asm+0x1a/0x30 [ 17.519501] [ 17.519604] kfence-#84: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.519604] [ 17.520190] allocated by task 330 on cpu 0 at 17.516006s (0.004182s ago): [ 17.520584] test_alloc+0x364/0x10f0 [ 17.520764] test_corruption+0x1cb/0x3e0 [ 17.521140] kunit_try_run_case+0x1a5/0x480 [ 17.521401] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.521709] kthread+0x337/0x6f0 [ 17.521903] ret_from_fork+0x41/0x80 [ 17.522205] ret_from_fork_asm+0x1a/0x30 [ 17.522455] [ 17.522538] freed by task 330 on cpu 0 at 17.516085s (0.006450s ago): [ 17.522825] test_corruption+0x2df/0x3e0 [ 17.523017] kunit_try_run_case+0x1a5/0x480 [ 17.523214] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.523442] kthread+0x337/0x6f0 [ 17.523594] ret_from_fork+0x41/0x80 [ 17.523756] ret_from_fork_asm+0x1a/0x30 [ 17.524308] [ 17.524428] CPU: 0 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 17.525041] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.525319] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.525745] ================================================================== [ 17.204201] ================================================================== [ 17.204598] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 17.204598] [ 17.204996] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#81): [ 17.206219] test_corruption+0x2d2/0x3e0 [ 17.206433] kunit_try_run_case+0x1a5/0x480 [ 17.206650] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.206909] kthread+0x337/0x6f0 [ 17.207358] ret_from_fork+0x41/0x80 [ 17.207651] ret_from_fork_asm+0x1a/0x30 [ 17.207980] [ 17.208104] kfence-#81: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.208104] [ 17.208637] allocated by task 330 on cpu 0 at 17.204026s (0.004609s ago): [ 17.209192] test_alloc+0x364/0x10f0 [ 17.209389] test_corruption+0xe6/0x3e0 [ 17.209762] kunit_try_run_case+0x1a5/0x480 [ 17.210017] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.210395] kthread+0x337/0x6f0 [ 17.210658] ret_from_fork+0x41/0x80 [ 17.210985] ret_from_fork_asm+0x1a/0x30 [ 17.211200] [ 17.211489] freed by task 330 on cpu 0 at 17.204124s (0.007361s ago): [ 17.211785] test_corruption+0x2d2/0x3e0 [ 17.212231] kunit_try_run_case+0x1a5/0x480 [ 17.212442] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.212776] kthread+0x337/0x6f0 [ 17.212989] ret_from_fork+0x41/0x80 [ 17.213290] ret_from_fork_asm+0x1a/0x30 [ 17.213498] [ 17.213759] CPU: 0 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 17.214253] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.214440] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.214919] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 16.580051] ================================================================== [ 16.580413] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 16.580413] [ 16.580721] Invalid free of 0x(____ptrval____) (in kfence-#75): [ 16.580965] test_invalid_addr_free+0x1e1/0x260 [ 16.581271] kunit_try_run_case+0x1a5/0x480 [ 16.581484] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.581696] kthread+0x337/0x6f0 [ 16.581862] ret_from_fork+0x41/0x80 [ 16.582030] ret_from_fork_asm+0x1a/0x30 [ 16.582173] [ 16.582275] kfence-#75: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.582275] [ 16.582680] allocated by task 326 on cpu 0 at 16.579937s (0.002741s ago): [ 16.582969] test_alloc+0x364/0x10f0 [ 16.583184] test_invalid_addr_free+0xdb/0x260 [ 16.583368] kunit_try_run_case+0x1a5/0x480 [ 16.583554] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.583778] kthread+0x337/0x6f0 [ 16.583905] ret_from_fork+0x41/0x80 [ 16.584086] ret_from_fork_asm+0x1a/0x30 [ 16.584299] [ 16.584393] CPU: 0 UID: 0 PID: 326 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 16.584763] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.585179] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.585477] ================================================================== [ 16.684132] ================================================================== [ 16.684512] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 16.684512] [ 16.684979] Invalid free of 0x(____ptrval____) (in kfence-#76): [ 16.685306] test_invalid_addr_free+0xfb/0x260 [ 16.685521] kunit_try_run_case+0x1a5/0x480 [ 16.685743] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.685971] kthread+0x337/0x6f0 [ 16.686090] ret_from_fork+0x41/0x80 [ 16.686251] ret_from_fork_asm+0x1a/0x30 [ 16.686471] [ 16.686565] kfence-#76: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.686565] [ 16.687088] allocated by task 328 on cpu 1 at 16.684036s (0.003050s ago): [ 16.687407] test_alloc+0x2a6/0x10f0 [ 16.687559] test_invalid_addr_free+0xdb/0x260 [ 16.687707] kunit_try_run_case+0x1a5/0x480 [ 16.688041] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.688312] kthread+0x337/0x6f0 [ 16.688428] ret_from_fork+0x41/0x80 [ 16.688554] ret_from_fork_asm+0x1a/0x30 [ 16.688748] [ 16.688910] CPU: 1 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 16.689326] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.689495] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.689933] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 16.476182] ================================================================== [ 16.476606] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 16.476606] [ 16.477087] Invalid free of 0x(____ptrval____) (in kfence-#74): [ 16.477329] test_double_free+0x112/0x260 [ 16.478040] kunit_try_run_case+0x1a5/0x480 [ 16.478243] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.478460] kthread+0x337/0x6f0 [ 16.478617] ret_from_fork+0x41/0x80 [ 16.478791] ret_from_fork_asm+0x1a/0x30 [ 16.478980] [ 16.479074] kfence-#74: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.479074] [ 16.479420] allocated by task 324 on cpu 0 at 16.476015s (0.003403s ago): [ 16.479693] test_alloc+0x2a6/0x10f0 [ 16.480414] test_double_free+0xdb/0x260 [ 16.480588] kunit_try_run_case+0x1a5/0x480 [ 16.480893] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.481274] kthread+0x337/0x6f0 [ 16.481430] ret_from_fork+0x41/0x80 [ 16.481708] ret_from_fork_asm+0x1a/0x30 [ 16.481921] [ 16.482183] freed by task 324 on cpu 0 at 16.476064s (0.006116s ago): [ 16.482536] test_double_free+0xfa/0x260 [ 16.482784] kunit_try_run_case+0x1a5/0x480 [ 16.483051] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.483373] kthread+0x337/0x6f0 [ 16.483526] ret_from_fork+0x41/0x80 [ 16.483818] ret_from_fork_asm+0x1a/0x30 [ 16.484006] [ 16.484201] CPU: 0 UID: 0 PID: 324 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 16.484805] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.484997] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.485378] ================================================================== [ 16.372258] ================================================================== [ 16.372672] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 16.372672] [ 16.373080] Invalid free of 0x(____ptrval____) (in kfence-#73): [ 16.373397] test_double_free+0x1d3/0x260 [ 16.373560] kunit_try_run_case+0x1a5/0x480 [ 16.373766] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.374061] kthread+0x337/0x6f0 [ 16.374230] ret_from_fork+0x41/0x80 [ 16.374381] ret_from_fork_asm+0x1a/0x30 [ 16.374521] [ 16.374603] kfence-#73: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.374603] [ 16.375120] allocated by task 322 on cpu 1 at 16.372042s (0.003075s ago): [ 16.375414] test_alloc+0x364/0x10f0 [ 16.375586] test_double_free+0xdb/0x260 [ 16.375757] kunit_try_run_case+0x1a5/0x480 [ 16.375910] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.376301] kthread+0x337/0x6f0 [ 16.376472] ret_from_fork+0x41/0x80 [ 16.376628] ret_from_fork_asm+0x1a/0x30 [ 16.376786] [ 16.376857] freed by task 322 on cpu 1 at 16.372122s (0.004733s ago): [ 16.377097] test_double_free+0x1e0/0x260 [ 16.377304] kunit_try_run_case+0x1a5/0x480 [ 16.377504] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.377757] kthread+0x337/0x6f0 [ 16.377926] ret_from_fork+0x41/0x80 [ 16.378081] ret_from_fork_asm+0x1a/0x30 [ 16.378267] [ 16.378383] CPU: 1 UID: 0 PID: 322 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 16.378766] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.379075] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.379419] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 16.060255] ================================================================== [ 16.060654] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 16.060654] [ 16.061117] Use-after-free read at 0x(____ptrval____) (in kfence-#70): [ 16.061398] test_use_after_free_read+0x129/0x270 [ 16.061578] kunit_try_run_case+0x1a5/0x480 [ 16.061799] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.062033] kthread+0x337/0x6f0 [ 16.062175] ret_from_fork+0x41/0x80 [ 16.062364] ret_from_fork_asm+0x1a/0x30 [ 16.062563] [ 16.062644] kfence-#70: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.062644] [ 16.063043] allocated by task 316 on cpu 1 at 16.060052s (0.002989s ago): [ 16.063354] test_alloc+0x2a6/0x10f0 [ 16.063484] test_use_after_free_read+0xdc/0x270 [ 16.063709] kunit_try_run_case+0x1a5/0x480 [ 16.063990] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.064241] kthread+0x337/0x6f0 [ 16.064362] ret_from_fork+0x41/0x80 [ 16.064579] ret_from_fork_asm+0x1a/0x30 [ 16.064789] [ 16.064898] freed by task 316 on cpu 1 at 16.060101s (0.004794s ago): [ 16.065239] test_use_after_free_read+0xfb/0x270 [ 16.065501] kunit_try_run_case+0x1a5/0x480 [ 16.065659] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.065915] kthread+0x337/0x6f0 [ 16.066046] ret_from_fork+0x41/0x80 [ 16.066224] ret_from_fork_asm+0x1a/0x30 [ 16.066412] [ 16.066542] CPU: 1 UID: 0 PID: 316 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 16.067044] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.067202] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.067561] ================================================================== [ 15.956259] ================================================================== [ 15.956742] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 15.956742] [ 15.957207] Use-after-free read at 0x(____ptrval____) (in kfence-#69): [ 15.957451] test_use_after_free_read+0x129/0x270 [ 15.957662] kunit_try_run_case+0x1a5/0x480 [ 15.957893] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.958106] kthread+0x337/0x6f0 [ 15.958262] ret_from_fork+0x41/0x80 [ 15.958427] ret_from_fork_asm+0x1a/0x30 [ 15.958626] [ 15.958717] kfence-#69: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 15.958717] [ 15.959110] allocated by task 314 on cpu 0 at 15.956044s (0.003063s ago): [ 15.959419] test_alloc+0x364/0x10f0 [ 15.959550] test_use_after_free_read+0xdc/0x270 [ 15.959733] kunit_try_run_case+0x1a5/0x480 [ 15.960067] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.960241] kthread+0x337/0x6f0 [ 15.960359] ret_from_fork+0x41/0x80 [ 15.960533] ret_from_fork_asm+0x1a/0x30 [ 15.960732] [ 15.960841] freed by task 314 on cpu 0 at 15.956109s (0.004729s ago): [ 15.961165] test_use_after_free_read+0x1e7/0x270 [ 15.961337] kunit_try_run_case+0x1a5/0x480 [ 15.961479] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.961730] kthread+0x337/0x6f0 [ 15.962007] ret_from_fork+0x41/0x80 [ 15.962159] ret_from_fork_asm+0x1a/0x30 [ 15.962352] [ 15.962445] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 15.962777] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.963080] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.963489] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 15.852087] ================================================================== [ 15.852477] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 15.852477] [ 15.853004] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#68): [ 15.853284] test_out_of_bounds_write+0x10d/0x260 [ 15.853533] kunit_try_run_case+0x1a5/0x480 [ 15.853738] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.853981] kthread+0x337/0x6f0 [ 15.854158] ret_from_fork+0x41/0x80 [ 15.854326] ret_from_fork_asm+0x1a/0x30 [ 15.854472] [ 15.854576] kfence-#68: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 15.854576] [ 15.854930] allocated by task 312 on cpu 0 at 15.852031s (0.002897s ago): [ 15.855370] test_alloc+0x2a6/0x10f0 [ 15.855530] test_out_of_bounds_write+0xd4/0x260 [ 15.855691] kunit_try_run_case+0x1a5/0x480 [ 15.855939] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.856208] kthread+0x337/0x6f0 [ 15.856383] ret_from_fork+0x41/0x80 [ 15.856564] ret_from_fork_asm+0x1a/0x30 [ 15.856735] [ 15.856833] CPU: 0 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 15.857277] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.857630] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.858021] ================================================================== [ 15.748079] ================================================================== [ 15.748444] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 15.748444] [ 15.748964] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#67): [ 15.749275] test_out_of_bounds_write+0x10d/0x260 [ 15.749518] kunit_try_run_case+0x1a5/0x480 [ 15.749704] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.750027] kthread+0x337/0x6f0 [ 15.750224] ret_from_fork+0x41/0x80 [ 15.750377] ret_from_fork_asm+0x1a/0x30 [ 15.750563] [ 15.750677] kfence-#67: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 15.750677] [ 15.751254] allocated by task 310 on cpu 1 at 15.747972s (0.003279s ago): [ 15.751566] test_alloc+0x364/0x10f0 [ 15.751739] test_out_of_bounds_write+0xd4/0x260 [ 15.752301] kunit_try_run_case+0x1a5/0x480 [ 15.752841] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.753165] kthread+0x337/0x6f0 [ 15.753306] ret_from_fork+0x41/0x80 [ 15.753474] ret_from_fork_asm+0x1a/0x30 [ 15.753666] [ 15.753782] CPU: 1 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 15.754261] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.754412] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.754771] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 15.436191] ================================================================== [ 15.436589] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 15.436589] [ 15.437179] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#64): [ 15.437522] test_out_of_bounds_read+0x216/0x4e0 [ 15.437684] kunit_try_run_case+0x1a5/0x480 [ 15.437936] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.438197] kthread+0x337/0x6f0 [ 15.438389] ret_from_fork+0x41/0x80 [ 15.438591] ret_from_fork_asm+0x1a/0x30 [ 15.438799] [ 15.438920] kfence-#64: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 15.438920] [ 15.439255] allocated by task 306 on cpu 0 at 15.436013s (0.003241s ago): [ 15.439585] test_alloc+0x364/0x10f0 [ 15.439773] test_out_of_bounds_read+0x1e2/0x4e0 [ 15.440032] kunit_try_run_case+0x1a5/0x480 [ 15.440252] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.440517] kthread+0x337/0x6f0 [ 15.440681] ret_from_fork+0x41/0x80 [ 15.440924] ret_from_fork_asm+0x1a/0x30 [ 15.441105] [ 15.441202] CPU: 0 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 15.441583] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.441807] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.442411] ================================================================== [ 15.228907] ================================================================== [ 15.229391] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 15.229391] [ 15.229895] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#62): [ 15.230311] test_out_of_bounds_read+0x126/0x4e0 [ 15.230713] kunit_try_run_case+0x1a5/0x480 [ 15.230935] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.231195] kthread+0x337/0x6f0 [ 15.231382] ret_from_fork+0x41/0x80 [ 15.231512] ret_from_fork_asm+0x1a/0x30 [ 15.231649] [ 15.231767] kfence-#62: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 15.231767] [ 15.232415] allocated by task 306 on cpu 0 at 15.227949s (0.004464s ago): [ 15.232766] test_alloc+0x364/0x10f0 [ 15.233012] test_out_of_bounds_read+0xed/0x4e0 [ 15.233219] kunit_try_run_case+0x1a5/0x480 [ 15.233425] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.233672] kthread+0x337/0x6f0 [ 15.233810] ret_from_fork+0x41/0x80 [ 15.233971] ret_from_fork_asm+0x1a/0x30 [ 15.234185] [ 15.234308] CPU: 0 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 15.234683] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.234955] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.235280] ================================================================== [ 15.540107] ================================================================== [ 15.540500] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 15.540500] [ 15.541053] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#65): [ 15.541368] test_out_of_bounds_read+0x126/0x4e0 [ 15.541580] kunit_try_run_case+0x1a5/0x480 [ 15.541726] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.542179] kthread+0x337/0x6f0 [ 15.542365] ret_from_fork+0x41/0x80 [ 15.542568] ret_from_fork_asm+0x1a/0x30 [ 15.542791] [ 15.542912] kfence-#65: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 15.542912] [ 15.543227] allocated by task 308 on cpu 1 at 15.540048s (0.003177s ago): [ 15.543571] test_alloc+0x2a6/0x10f0 [ 15.543787] test_out_of_bounds_read+0xed/0x4e0 [ 15.544129] kunit_try_run_case+0x1a5/0x480 [ 15.544294] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.544534] kthread+0x337/0x6f0 [ 15.544701] ret_from_fork+0x41/0x80 [ 15.544946] ret_from_fork_asm+0x1a/0x30 [ 15.545147] [ 15.545264] CPU: 1 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 15.545710] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.545928] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.546326] ================================================================== [ 15.644079] ================================================================== [ 15.644461] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 15.644461] [ 15.644957] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#66): [ 15.645240] test_out_of_bounds_read+0x216/0x4e0 [ 15.645424] kunit_try_run_case+0x1a5/0x480 [ 15.645649] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.645974] kthread+0x337/0x6f0 [ 15.646099] ret_from_fork+0x41/0x80 [ 15.646284] ret_from_fork_asm+0x1a/0x30 [ 15.646472] [ 15.646547] kfence-#66: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 15.646547] [ 15.647018] allocated by task 308 on cpu 1 at 15.644029s (0.002987s ago): [ 15.647326] test_alloc+0x2a6/0x10f0 [ 15.647493] test_out_of_bounds_read+0x1e2/0x4e0 [ 15.647649] kunit_try_run_case+0x1a5/0x480 [ 15.647848] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.648151] kthread+0x337/0x6f0 [ 15.648273] ret_from_fork+0x41/0x80 [ 15.648405] ret_from_fork_asm+0x1a/0x30 [ 15.648567] [ 15.648688] CPU: 1 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 15.649204] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.649344] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.649951] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-kmalloc_track_caller_oob_right
[ 10.459775] ================================================================== [ 10.460783] BUG: KFENCE: memory corruption in kmalloc_track_caller_oob_right+0x288/0x520 [ 10.460783] [ 10.461218] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . ] (in kfence-#32): [ 10.461898] kmalloc_track_caller_oob_right+0x288/0x520 [ 10.462225] kunit_try_run_case+0x1a5/0x480 [ 10.462544] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.462735] kthread+0x337/0x6f0 [ 10.463143] ret_from_fork+0x41/0x80 [ 10.463338] ret_from_fork_asm+0x1a/0x30 [ 10.463563] [ 10.463789] kfence-#32: 0x(____ptrval____)-0x(____ptrval____), size=120, cache=kmalloc-128 [ 10.463789] [ 10.464489] allocated by task 161 on cpu 0 at 10.457896s (0.006525s ago): [ 10.464975] kmalloc_track_caller_oob_right+0x19a/0x520 [ 10.465222] kunit_try_run_case+0x1a5/0x480 [ 10.465410] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.465616] kthread+0x337/0x6f0 [ 10.465895] ret_from_fork+0x41/0x80 [ 10.466066] ret_from_fork_asm+0x1a/0x30 [ 10.466270] [ 10.466479] freed by task 161 on cpu 0 at 10.459313s (0.007084s ago): [ 10.467037] kmalloc_track_caller_oob_right+0x288/0x520 [ 10.467251] kunit_try_run_case+0x1a5/0x480 [ 10.467430] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.467641] kthread+0x337/0x6f0 [ 10.467808] ret_from_fork+0x41/0x80 [ 10.468069] ret_from_fork_asm+0x1a/0x30 [ 10.468255] [ 10.468391] CPU: 0 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 10.468919] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.469094] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.469463] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 14.965193] ================================================================== [ 14.965527] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 14.965859] Write of size 121 at addr ffff888103a34500 by task kunit_try_catch/304 [ 14.966176] [ 14.966260] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.966302] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.966314] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.966336] Call Trace: [ 14.966349] <TASK> [ 14.966364] dump_stack_lvl+0x73/0xb0 [ 14.966388] print_report+0xd1/0x610 [ 14.966412] ? __virt_addr_valid+0x1db/0x2d0 [ 14.966434] ? strncpy_from_user+0x2e/0x1d0 [ 14.966456] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.966479] ? strncpy_from_user+0x2e/0x1d0 [ 14.966503] kasan_report+0x141/0x180 [ 14.966525] ? strncpy_from_user+0x2e/0x1d0 [ 14.966554] kasan_check_range+0x10c/0x1c0 [ 14.966575] __kasan_check_write+0x18/0x20 [ 14.966596] strncpy_from_user+0x2e/0x1d0 [ 14.966618] ? __kasan_check_read+0x15/0x20 [ 14.966641] copy_user_test_oob+0x760/0x10f0 [ 14.966664] ? __pfx_copy_user_test_oob+0x10/0x10 [ 14.966684] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.966711] ? __pfx_copy_user_test_oob+0x10/0x10 [ 14.966735] kunit_try_run_case+0x1a5/0x480 [ 14.966757] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.966776] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.966800] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.966824] ? __kthread_parkme+0x82/0x180 [ 14.966845] ? preempt_count_sub+0x50/0x80 [ 14.966869] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.966901] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.966925] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.966950] kthread+0x337/0x6f0 [ 14.966967] ? trace_preempt_on+0x20/0xc0 [ 14.967004] ? __pfx_kthread+0x10/0x10 [ 14.967023] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.967045] ? calculate_sigpending+0x7b/0xa0 [ 14.967066] ? __pfx_kthread+0x10/0x10 [ 14.967085] ret_from_fork+0x41/0x80 [ 14.967106] ? __pfx_kthread+0x10/0x10 [ 14.967125] ret_from_fork_asm+0x1a/0x30 [ 14.967155] </TASK> [ 14.967167] [ 14.974123] Allocated by task 304: [ 14.974309] kasan_save_stack+0x45/0x70 [ 14.974515] kasan_save_track+0x18/0x40 [ 14.974725] kasan_save_alloc_info+0x3b/0x50 [ 14.974974] __kasan_kmalloc+0xb7/0xc0 [ 14.975189] __kmalloc_noprof+0x1c9/0x500 [ 14.975406] kunit_kmalloc_array+0x25/0x60 [ 14.975594] copy_user_test_oob+0xab/0x10f0 [ 14.975742] kunit_try_run_case+0x1a5/0x480 [ 14.975921] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.976158] kthread+0x337/0x6f0 [ 14.976346] ret_from_fork+0x41/0x80 [ 14.976531] ret_from_fork_asm+0x1a/0x30 [ 14.976732] [ 14.976858] The buggy address belongs to the object at ffff888103a34500 [ 14.976858] which belongs to the cache kmalloc-128 of size 128 [ 14.977404] The buggy address is located 0 bytes inside of [ 14.977404] allocated 120-byte region [ffff888103a34500, ffff888103a34578) [ 14.977827] [ 14.977913] The buggy address belongs to the physical page: [ 14.978157] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a34 [ 14.978509] flags: 0x200000000000000(node=0|zone=2) [ 14.978764] page_type: f5(slab) [ 14.978931] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.979167] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.979475] page dumped because: kasan: bad access detected [ 14.979753] [ 14.979874] Memory state around the buggy address: [ 14.980108] ffff888103a34400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.980431] ffff888103a34480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.980688] >ffff888103a34500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 14.981040] ^ [ 14.981288] ffff888103a34580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.981586] ffff888103a34600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.981902] ================================================================== [ 14.982511] ================================================================== [ 14.982946] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 14.983293] Write of size 1 at addr ffff888103a34578 by task kunit_try_catch/304 [ 14.983598] [ 14.983683] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.983724] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.983735] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.983755] Call Trace: [ 14.983769] <TASK> [ 14.983782] dump_stack_lvl+0x73/0xb0 [ 14.983853] print_report+0xd1/0x610 [ 14.983888] ? __virt_addr_valid+0x1db/0x2d0 [ 14.983909] ? strncpy_from_user+0x1a5/0x1d0 [ 14.983932] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.983955] ? strncpy_from_user+0x1a5/0x1d0 [ 14.983978] kasan_report+0x141/0x180 [ 14.984002] ? strncpy_from_user+0x1a5/0x1d0 [ 14.984030] __asan_report_store1_noabort+0x1b/0x30 [ 14.984072] strncpy_from_user+0x1a5/0x1d0 [ 14.984098] copy_user_test_oob+0x760/0x10f0 [ 14.984121] ? __pfx_copy_user_test_oob+0x10/0x10 [ 14.984140] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.984167] ? __pfx_copy_user_test_oob+0x10/0x10 [ 14.984191] kunit_try_run_case+0x1a5/0x480 [ 14.984212] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.984250] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.984275] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.984298] ? __kthread_parkme+0x82/0x180 [ 14.984321] ? preempt_count_sub+0x50/0x80 [ 14.984346] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.984366] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.984389] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.984413] kthread+0x337/0x6f0 [ 14.984430] ? trace_preempt_on+0x20/0xc0 [ 14.984455] ? __pfx_kthread+0x10/0x10 [ 14.984473] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.984495] ? calculate_sigpending+0x7b/0xa0 [ 14.984516] ? __pfx_kthread+0x10/0x10 [ 14.984535] ret_from_fork+0x41/0x80 [ 14.984556] ? __pfx_kthread+0x10/0x10 [ 14.984574] ret_from_fork_asm+0x1a/0x30 [ 14.984604] </TASK> [ 14.984615] [ 14.991503] Allocated by task 304: [ 14.991685] kasan_save_stack+0x45/0x70 [ 14.991967] kasan_save_track+0x18/0x40 [ 14.992203] kasan_save_alloc_info+0x3b/0x50 [ 14.992409] __kasan_kmalloc+0xb7/0xc0 [ 14.992553] __kmalloc_noprof+0x1c9/0x500 [ 14.992752] kunit_kmalloc_array+0x25/0x60 [ 14.993012] copy_user_test_oob+0xab/0x10f0 [ 14.993182] kunit_try_run_case+0x1a5/0x480 [ 14.993325] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.993576] kthread+0x337/0x6f0 [ 14.993742] ret_from_fork+0x41/0x80 [ 14.993985] ret_from_fork_asm+0x1a/0x30 [ 14.994157] [ 14.994252] The buggy address belongs to the object at ffff888103a34500 [ 14.994252] which belongs to the cache kmalloc-128 of size 128 [ 14.994726] The buggy address is located 0 bytes to the right of [ 14.994726] allocated 120-byte region [ffff888103a34500, ffff888103a34578) [ 14.995127] [ 14.995226] The buggy address belongs to the physical page: [ 14.995504] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a34 [ 14.995936] flags: 0x200000000000000(node=0|zone=2) [ 14.996175] page_type: f5(slab) [ 14.996306] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.996663] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.996939] page dumped because: kasan: bad access detected [ 14.997138] [ 14.997230] Memory state around the buggy address: [ 14.997474] ffff888103a34400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.997788] ffff888103a34480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.998130] >ffff888103a34500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 14.998421] ^ [ 14.998715] ffff888103a34580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.998988] ffff888103a34600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.999281] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 14.902783] ================================================================== [ 14.903140] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 14.903422] Read of size 121 at addr ffff888103a34500 by task kunit_try_catch/304 [ 14.903644] [ 14.903772] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.903813] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.903825] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.903844] Call Trace: [ 14.903858] <TASK> [ 14.903872] dump_stack_lvl+0x73/0xb0 [ 14.903907] print_report+0xd1/0x610 [ 14.903929] ? __virt_addr_valid+0x1db/0x2d0 [ 14.903952] ? copy_user_test_oob+0x4aa/0x10f0 [ 14.903972] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.903995] ? copy_user_test_oob+0x4aa/0x10f0 [ 14.904017] kasan_report+0x141/0x180 [ 14.904039] ? copy_user_test_oob+0x4aa/0x10f0 [ 14.904064] kasan_check_range+0x10c/0x1c0 [ 14.904084] __kasan_check_read+0x15/0x20 [ 14.904104] copy_user_test_oob+0x4aa/0x10f0 [ 14.904127] ? __pfx_copy_user_test_oob+0x10/0x10 [ 14.904147] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.904172] ? __pfx_copy_user_test_oob+0x10/0x10 [ 14.904198] kunit_try_run_case+0x1a5/0x480 [ 14.904219] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.904237] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.904262] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.904286] ? __kthread_parkme+0x82/0x180 [ 14.904307] ? preempt_count_sub+0x50/0x80 [ 14.904332] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.904352] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.904376] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.904401] kthread+0x337/0x6f0 [ 14.904417] ? trace_preempt_on+0x20/0xc0 [ 14.904441] ? __pfx_kthread+0x10/0x10 [ 14.904459] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.904481] ? calculate_sigpending+0x7b/0xa0 [ 14.904502] ? __pfx_kthread+0x10/0x10 [ 14.904521] ret_from_fork+0x41/0x80 [ 14.904542] ? __pfx_kthread+0x10/0x10 [ 14.904560] ret_from_fork_asm+0x1a/0x30 [ 14.904591] </TASK> [ 14.904602] [ 14.911437] Allocated by task 304: [ 14.911632] kasan_save_stack+0x45/0x70 [ 14.911846] kasan_save_track+0x18/0x40 [ 14.912070] kasan_save_alloc_info+0x3b/0x50 [ 14.912304] __kasan_kmalloc+0xb7/0xc0 [ 14.912504] __kmalloc_noprof+0x1c9/0x500 [ 14.912706] kunit_kmalloc_array+0x25/0x60 [ 14.912937] copy_user_test_oob+0xab/0x10f0 [ 14.913156] kunit_try_run_case+0x1a5/0x480 [ 14.913372] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.913539] kthread+0x337/0x6f0 [ 14.913685] ret_from_fork+0x41/0x80 [ 14.913930] ret_from_fork_asm+0x1a/0x30 [ 14.914130] [ 14.914241] The buggy address belongs to the object at ffff888103a34500 [ 14.914241] which belongs to the cache kmalloc-128 of size 128 [ 14.914757] The buggy address is located 0 bytes inside of [ 14.914757] allocated 120-byte region [ffff888103a34500, ffff888103a34578) [ 14.915307] [ 14.915402] The buggy address belongs to the physical page: [ 14.915615] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a34 [ 14.915868] flags: 0x200000000000000(node=0|zone=2) [ 14.916128] page_type: f5(slab) [ 14.916293] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.916651] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.917065] page dumped because: kasan: bad access detected [ 14.917277] [ 14.917348] Memory state around the buggy address: [ 14.917563] ffff888103a34400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.917873] ffff888103a34480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.918202] >ffff888103a34500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 14.918506] ^ [ 14.918739] ffff888103a34580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.918955] ffff888103a34600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.919159] ================================================================== [ 14.886081] ================================================================== [ 14.886401] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 14.886712] Write of size 121 at addr ffff888103a34500 by task kunit_try_catch/304 [ 14.887077] [ 14.887186] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.887231] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.887244] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.887265] Call Trace: [ 14.887277] <TASK> [ 14.887292] dump_stack_lvl+0x73/0xb0 [ 14.887317] print_report+0xd1/0x610 [ 14.887341] ? __virt_addr_valid+0x1db/0x2d0 [ 14.887362] ? copy_user_test_oob+0x3fd/0x10f0 [ 14.887382] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.887405] ? copy_user_test_oob+0x3fd/0x10f0 [ 14.887426] kasan_report+0x141/0x180 [ 14.887449] ? copy_user_test_oob+0x3fd/0x10f0 [ 14.887475] kasan_check_range+0x10c/0x1c0 [ 14.887495] __kasan_check_write+0x18/0x20 [ 14.887515] copy_user_test_oob+0x3fd/0x10f0 [ 14.887537] ? __pfx_copy_user_test_oob+0x10/0x10 [ 14.887557] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.887584] ? __pfx_copy_user_test_oob+0x10/0x10 [ 14.887608] kunit_try_run_case+0x1a5/0x480 [ 14.887631] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.887650] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.887675] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.887699] ? __kthread_parkme+0x82/0x180 [ 14.887721] ? preempt_count_sub+0x50/0x80 [ 14.887746] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.887767] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.887791] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.887814] kthread+0x337/0x6f0 [ 14.887832] ? trace_preempt_on+0x20/0xc0 [ 14.887855] ? __pfx_kthread+0x10/0x10 [ 14.887873] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.887906] ? calculate_sigpending+0x7b/0xa0 [ 14.887927] ? __pfx_kthread+0x10/0x10 [ 14.887946] ret_from_fork+0x41/0x80 [ 14.887967] ? __pfx_kthread+0x10/0x10 [ 14.887985] ret_from_fork_asm+0x1a/0x30 [ 14.888016] </TASK> [ 14.888026] [ 14.894701] Allocated by task 304: [ 14.894828] kasan_save_stack+0x45/0x70 [ 14.894983] kasan_save_track+0x18/0x40 [ 14.895162] kasan_save_alloc_info+0x3b/0x50 [ 14.895368] __kasan_kmalloc+0xb7/0xc0 [ 14.895559] __kmalloc_noprof+0x1c9/0x500 [ 14.895734] kunit_kmalloc_array+0x25/0x60 [ 14.895889] copy_user_test_oob+0xab/0x10f0 [ 14.896031] kunit_try_run_case+0x1a5/0x480 [ 14.896171] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.896648] kthread+0x337/0x6f0 [ 14.896825] ret_from_fork+0x41/0x80 [ 14.897020] ret_from_fork_asm+0x1a/0x30 [ 14.897221] [ 14.897316] The buggy address belongs to the object at ffff888103a34500 [ 14.897316] which belongs to the cache kmalloc-128 of size 128 [ 14.897785] The buggy address is located 0 bytes inside of [ 14.897785] allocated 120-byte region [ffff888103a34500, ffff888103a34578) [ 14.898248] [ 14.898337] The buggy address belongs to the physical page: [ 14.898541] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a34 [ 14.898781] flags: 0x200000000000000(node=0|zone=2) [ 14.898952] page_type: f5(slab) [ 14.899081] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.899588] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.899936] page dumped because: kasan: bad access detected [ 14.900187] [ 14.900281] Memory state around the buggy address: [ 14.900434] ffff888103a34400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.900648] ffff888103a34480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.901098] >ffff888103a34500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 14.901420] ^ [ 14.901744] ffff888103a34580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.901979] ffff888103a34600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.902190] ================================================================== [ 14.919609] ================================================================== [ 14.920305] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 14.921504] Write of size 121 at addr ffff888103a34500 by task kunit_try_catch/304 [ 14.921747] [ 14.921836] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.921893] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.921905] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.921926] Call Trace: [ 14.921938] <TASK> [ 14.921952] dump_stack_lvl+0x73/0xb0 [ 14.921978] print_report+0xd1/0x610 [ 14.922001] ? __virt_addr_valid+0x1db/0x2d0 [ 14.922024] ? copy_user_test_oob+0x557/0x10f0 [ 14.922043] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.922066] ? copy_user_test_oob+0x557/0x10f0 [ 14.922087] kasan_report+0x141/0x180 [ 14.922110] ? copy_user_test_oob+0x557/0x10f0 [ 14.922136] kasan_check_range+0x10c/0x1c0 [ 14.922156] __kasan_check_write+0x18/0x20 [ 14.922176] copy_user_test_oob+0x557/0x10f0 [ 14.922198] ? __pfx_copy_user_test_oob+0x10/0x10 [ 14.922218] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.922247] ? __pfx_copy_user_test_oob+0x10/0x10 [ 14.922272] kunit_try_run_case+0x1a5/0x480 [ 14.922293] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.922311] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.922335] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.922360] ? __kthread_parkme+0x82/0x180 [ 14.922382] ? preempt_count_sub+0x50/0x80 [ 14.922407] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.922427] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.922451] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.922475] kthread+0x337/0x6f0 [ 14.922493] ? trace_preempt_on+0x20/0xc0 [ 14.922518] ? __pfx_kthread+0x10/0x10 [ 14.922537] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.922559] ? calculate_sigpending+0x7b/0xa0 [ 14.922580] ? __pfx_kthread+0x10/0x10 [ 14.922598] ret_from_fork+0x41/0x80 [ 14.922621] ? __pfx_kthread+0x10/0x10 [ 14.922639] ret_from_fork_asm+0x1a/0x30 [ 14.922670] </TASK> [ 14.922681] [ 14.930485] Allocated by task 304: [ 14.930836] kasan_save_stack+0x45/0x70 [ 14.931196] kasan_save_track+0x18/0x40 [ 14.931397] kasan_save_alloc_info+0x3b/0x50 [ 14.931605] __kasan_kmalloc+0xb7/0xc0 [ 14.931759] __kmalloc_noprof+0x1c9/0x500 [ 14.932004] kunit_kmalloc_array+0x25/0x60 [ 14.932198] copy_user_test_oob+0xab/0x10f0 [ 14.932374] kunit_try_run_case+0x1a5/0x480 [ 14.932563] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.932753] kthread+0x337/0x6f0 [ 14.932871] ret_from_fork+0x41/0x80 [ 14.933064] ret_from_fork_asm+0x1a/0x30 [ 14.933278] [ 14.933377] The buggy address belongs to the object at ffff888103a34500 [ 14.933377] which belongs to the cache kmalloc-128 of size 128 [ 14.933838] The buggy address is located 0 bytes inside of [ 14.933838] allocated 120-byte region [ffff888103a34500, ffff888103a34578) [ 14.934295] [ 14.934393] The buggy address belongs to the physical page: [ 14.934617] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a34 [ 14.934998] flags: 0x200000000000000(node=0|zone=2) [ 14.935212] page_type: f5(slab) [ 14.935332] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.935598] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.935945] page dumped because: kasan: bad access detected [ 14.936271] [ 14.936341] Memory state around the buggy address: [ 14.936495] ffff888103a34400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.936805] ffff888103a34480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.937152] >ffff888103a34500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 14.937467] ^ [ 14.937742] ffff888103a34580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.938013] ffff888103a34600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.938241] ================================================================== [ 14.938780] ================================================================== [ 14.939530] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 14.940254] Read of size 121 at addr ffff888103a34500 by task kunit_try_catch/304 [ 14.940549] [ 14.940656] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.940700] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.940713] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.940732] Call Trace: [ 14.940747] <TASK> [ 14.940762] dump_stack_lvl+0x73/0xb0 [ 14.940787] print_report+0xd1/0x610 [ 14.941063] ? __virt_addr_valid+0x1db/0x2d0 [ 14.941095] ? copy_user_test_oob+0x604/0x10f0 [ 14.941117] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.941148] ? copy_user_test_oob+0x604/0x10f0 [ 14.941168] kasan_report+0x141/0x180 [ 14.941192] ? copy_user_test_oob+0x604/0x10f0 [ 14.941257] kasan_check_range+0x10c/0x1c0 [ 14.941278] __kasan_check_read+0x15/0x20 [ 14.941298] copy_user_test_oob+0x604/0x10f0 [ 14.941320] ? __pfx_copy_user_test_oob+0x10/0x10 [ 14.941339] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.941367] ? __pfx_copy_user_test_oob+0x10/0x10 [ 14.941392] kunit_try_run_case+0x1a5/0x480 [ 14.941413] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.941432] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.941456] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.941480] ? __kthread_parkme+0x82/0x180 [ 14.941501] ? preempt_count_sub+0x50/0x80 [ 14.941527] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.941547] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.941571] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.941594] kthread+0x337/0x6f0 [ 14.941611] ? trace_preempt_on+0x20/0xc0 [ 14.941634] ? __pfx_kthread+0x10/0x10 [ 14.941652] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.941674] ? calculate_sigpending+0x7b/0xa0 [ 14.941696] ? __pfx_kthread+0x10/0x10 [ 14.941715] ret_from_fork+0x41/0x80 [ 14.941735] ? __pfx_kthread+0x10/0x10 [ 14.941754] ret_from_fork_asm+0x1a/0x30 [ 14.941785] </TASK> [ 14.941796] [ 14.952069] Allocated by task 304: [ 14.952365] kasan_save_stack+0x45/0x70 [ 14.952566] kasan_save_track+0x18/0x40 [ 14.952748] kasan_save_alloc_info+0x3b/0x50 [ 14.953189] __kasan_kmalloc+0xb7/0xc0 [ 14.953567] __kmalloc_noprof+0x1c9/0x500 [ 14.953963] kunit_kmalloc_array+0x25/0x60 [ 14.954176] copy_user_test_oob+0xab/0x10f0 [ 14.954368] kunit_try_run_case+0x1a5/0x480 [ 14.954552] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.954779] kthread+0x337/0x6f0 [ 14.955188] ret_from_fork+0x41/0x80 [ 14.955553] ret_from_fork_asm+0x1a/0x30 [ 14.955875] [ 14.956083] The buggy address belongs to the object at ffff888103a34500 [ 14.956083] which belongs to the cache kmalloc-128 of size 128 [ 14.956744] The buggy address is located 0 bytes inside of [ 14.956744] allocated 120-byte region [ffff888103a34500, ffff888103a34578) [ 14.957936] [ 14.958046] The buggy address belongs to the physical page: [ 14.958457] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a34 [ 14.959141] flags: 0x200000000000000(node=0|zone=2) [ 14.959542] page_type: f5(slab) [ 14.959830] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.960172] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.960481] page dumped because: kasan: bad access detected [ 14.960708] [ 14.960794] Memory state around the buggy address: [ 14.961261] ffff888103a34400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.961746] ffff888103a34480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.962232] >ffff888103a34500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 14.962840] ^ [ 14.963227] ffff888103a34580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.963525] ffff888103a34600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.964029] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 14.865350] ================================================================== [ 14.865668] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x4a/0x70 [ 14.866123] Read of size 121 at addr ffff888103a34500 by task kunit_try_catch/304 [ 14.866602] [ 14.866693] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.866806] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.866820] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.866839] Call Trace: [ 14.866853] <TASK> [ 14.866868] dump_stack_lvl+0x73/0xb0 [ 14.866909] print_report+0xd1/0x610 [ 14.866932] ? __virt_addr_valid+0x1db/0x2d0 [ 14.866953] ? _copy_to_user+0x4a/0x70 [ 14.866972] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.866995] ? _copy_to_user+0x4a/0x70 [ 14.867015] kasan_report+0x141/0x180 [ 14.867038] ? _copy_to_user+0x4a/0x70 [ 14.867062] kasan_check_range+0x10c/0x1c0 [ 14.867082] __kasan_check_read+0x15/0x20 [ 14.867102] _copy_to_user+0x4a/0x70 [ 14.867122] copy_user_test_oob+0x364/0x10f0 [ 14.867144] ? __pfx_copy_user_test_oob+0x10/0x10 [ 14.867164] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.867191] ? __pfx_copy_user_test_oob+0x10/0x10 [ 14.867215] kunit_try_run_case+0x1a5/0x480 [ 14.867235] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.867254] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.867277] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.867302] ? __kthread_parkme+0x82/0x180 [ 14.867324] ? preempt_count_sub+0x50/0x80 [ 14.867349] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.867369] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.867393] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.867416] kthread+0x337/0x6f0 [ 14.867433] ? trace_preempt_on+0x20/0xc0 [ 14.867456] ? __pfx_kthread+0x10/0x10 [ 14.867474] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.867497] ? calculate_sigpending+0x7b/0xa0 [ 14.867518] ? __pfx_kthread+0x10/0x10 [ 14.867537] ret_from_fork+0x41/0x80 [ 14.867557] ? __pfx_kthread+0x10/0x10 [ 14.867575] ret_from_fork_asm+0x1a/0x30 [ 14.867605] </TASK> [ 14.867616] [ 14.874426] Allocated by task 304: [ 14.874604] kasan_save_stack+0x45/0x70 [ 14.874803] kasan_save_track+0x18/0x40 [ 14.875118] kasan_save_alloc_info+0x3b/0x50 [ 14.875270] __kasan_kmalloc+0xb7/0xc0 [ 14.875462] __kmalloc_noprof+0x1c9/0x500 [ 14.875653] kunit_kmalloc_array+0x25/0x60 [ 14.875849] copy_user_test_oob+0xab/0x10f0 [ 14.876038] kunit_try_run_case+0x1a5/0x480 [ 14.876180] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.876354] kthread+0x337/0x6f0 [ 14.876520] ret_from_fork+0x41/0x80 [ 14.876702] ret_from_fork_asm+0x1a/0x30 [ 14.876903] [ 14.877051] The buggy address belongs to the object at ffff888103a34500 [ 14.877051] which belongs to the cache kmalloc-128 of size 128 [ 14.877571] The buggy address is located 0 bytes inside of [ 14.877571] allocated 120-byte region [ffff888103a34500, ffff888103a34578) [ 14.878154] [ 14.878224] The buggy address belongs to the physical page: [ 14.878479] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a34 [ 14.878804] flags: 0x200000000000000(node=0|zone=2) [ 14.879002] page_type: f5(slab) [ 14.879133] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.879485] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.879778] page dumped because: kasan: bad access detected [ 14.879989] [ 14.880074] Memory state around the buggy address: [ 14.880300] ffff888103a34400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.880587] ffff888103a34480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.880802] >ffff888103a34500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 14.881024] ^ [ 14.881319] ffff888103a34580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.881829] ffff888103a34600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.882071] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 14.835347] ================================================================== [ 14.836614] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 14.837554] Write of size 121 at addr ffff888103a34500 by task kunit_try_catch/304 [ 14.838180] [ 14.838574] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.838630] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.838643] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.838666] Call Trace: [ 14.838733] <TASK> [ 14.838752] dump_stack_lvl+0x73/0xb0 [ 14.838782] print_report+0xd1/0x610 [ 14.838825] ? __virt_addr_valid+0x1db/0x2d0 [ 14.838848] ? _copy_from_user+0x32/0x90 [ 14.838869] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.838905] ? _copy_from_user+0x32/0x90 [ 14.838925] kasan_report+0x141/0x180 [ 14.838948] ? _copy_from_user+0x32/0x90 [ 14.838973] kasan_check_range+0x10c/0x1c0 [ 14.838993] __kasan_check_write+0x18/0x20 [ 14.839013] _copy_from_user+0x32/0x90 [ 14.839035] copy_user_test_oob+0x2be/0x10f0 [ 14.839057] ? __pfx_copy_user_test_oob+0x10/0x10 [ 14.839076] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.839103] ? __pfx_copy_user_test_oob+0x10/0x10 [ 14.839128] kunit_try_run_case+0x1a5/0x480 [ 14.839148] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.839167] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.839192] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.839217] ? __kthread_parkme+0x82/0x180 [ 14.839239] ? preempt_count_sub+0x50/0x80 [ 14.839265] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.839286] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.839309] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.839333] kthread+0x337/0x6f0 [ 14.839350] ? trace_preempt_on+0x20/0xc0 [ 14.839375] ? __pfx_kthread+0x10/0x10 [ 14.839393] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.839416] ? calculate_sigpending+0x7b/0xa0 [ 14.839438] ? __pfx_kthread+0x10/0x10 [ 14.839456] ret_from_fork+0x41/0x80 [ 14.839478] ? __pfx_kthread+0x10/0x10 [ 14.839497] ret_from_fork_asm+0x1a/0x30 [ 14.839528] </TASK> [ 14.839541] [ 14.852204] Allocated by task 304: [ 14.852528] kasan_save_stack+0x45/0x70 [ 14.852699] kasan_save_track+0x18/0x40 [ 14.852837] kasan_save_alloc_info+0x3b/0x50 [ 14.853168] __kasan_kmalloc+0xb7/0xc0 [ 14.853564] __kmalloc_noprof+0x1c9/0x500 [ 14.854007] kunit_kmalloc_array+0x25/0x60 [ 14.854358] copy_user_test_oob+0xab/0x10f0 [ 14.854570] kunit_try_run_case+0x1a5/0x480 [ 14.854712] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.854950] kthread+0x337/0x6f0 [ 14.855081] ret_from_fork+0x41/0x80 [ 14.855211] ret_from_fork_asm+0x1a/0x30 [ 14.855346] [ 14.855419] The buggy address belongs to the object at ffff888103a34500 [ 14.855419] which belongs to the cache kmalloc-128 of size 128 [ 14.855857] The buggy address is located 0 bytes inside of [ 14.855857] allocated 120-byte region [ffff888103a34500, ffff888103a34578) [ 14.856309] [ 14.856456] The buggy address belongs to the physical page: [ 14.856703] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a34 [ 14.857037] flags: 0x200000000000000(node=0|zone=2) [ 14.857559] page_type: f5(slab) [ 14.857711] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.858281] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.858581] page dumped because: kasan: bad access detected [ 14.859147] [ 14.859246] Memory state around the buggy address: [ 14.859459] ffff888103a34400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.859949] ffff888103a34480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.860261] >ffff888103a34500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 14.860664] ^ [ 14.861148] ffff888103a34580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.861445] ffff888103a34600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.861739] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 14.798060] ================================================================== [ 14.798632] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 14.799220] Write of size 8 at addr ffff888103a34478 by task kunit_try_catch/300 [ 14.799583] [ 14.799778] CPU: 1 UID: 0 PID: 300 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.799826] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.799839] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.799859] Call Trace: [ 14.799874] <TASK> [ 14.799904] dump_stack_lvl+0x73/0xb0 [ 14.799929] print_report+0xd1/0x610 [ 14.799952] ? __virt_addr_valid+0x1db/0x2d0 [ 14.799974] ? copy_to_kernel_nofault+0x99/0x260 [ 14.799993] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.800016] ? copy_to_kernel_nofault+0x99/0x260 [ 14.800207] kasan_report+0x141/0x180 [ 14.800232] ? copy_to_kernel_nofault+0x99/0x260 [ 14.800258] kasan_check_range+0x10c/0x1c0 [ 14.800279] __kasan_check_write+0x18/0x20 [ 14.800299] copy_to_kernel_nofault+0x99/0x260 [ 14.800321] copy_to_kernel_nofault_oob+0x288/0x560 [ 14.800345] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 14.800369] ? finish_task_switch.isra.0+0x153/0x700 [ 14.800392] ? __schedule+0x10cc/0x2b60 [ 14.800415] ? trace_hardirqs_on+0x37/0xe0 [ 14.800446] ? __pfx_read_tsc+0x10/0x10 [ 14.800465] ? ktime_get_ts64+0x86/0x230 [ 14.800490] kunit_try_run_case+0x1a5/0x480 [ 14.800512] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.800532] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.800556] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.800581] ? __kthread_parkme+0x82/0x180 [ 14.800604] ? preempt_count_sub+0x50/0x80 [ 14.800627] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.800649] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.800672] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.800696] kthread+0x337/0x6f0 [ 14.800713] ? trace_preempt_on+0x20/0xc0 [ 14.800735] ? __pfx_kthread+0x10/0x10 [ 14.800754] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.800776] ? calculate_sigpending+0x7b/0xa0 [ 14.800797] ? __pfx_kthread+0x10/0x10 [ 14.800816] ret_from_fork+0x41/0x80 [ 14.800837] ? __pfx_kthread+0x10/0x10 [ 14.800855] ret_from_fork_asm+0x1a/0x30 [ 14.800898] </TASK> [ 14.800910] [ 14.812183] Allocated by task 300: [ 14.812545] kasan_save_stack+0x45/0x70 [ 14.812945] kasan_save_track+0x18/0x40 [ 14.813254] kasan_save_alloc_info+0x3b/0x50 [ 14.813458] __kasan_kmalloc+0xb7/0xc0 [ 14.813630] __kmalloc_cache_noprof+0x189/0x420 [ 14.814123] copy_to_kernel_nofault_oob+0x12f/0x560 [ 14.814485] kunit_try_run_case+0x1a5/0x480 [ 14.814704] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.815154] kthread+0x337/0x6f0 [ 14.815338] ret_from_fork+0x41/0x80 [ 14.815512] ret_from_fork_asm+0x1a/0x30 [ 14.815702] [ 14.815793] The buggy address belongs to the object at ffff888103a34400 [ 14.815793] which belongs to the cache kmalloc-128 of size 128 [ 14.816501] The buggy address is located 0 bytes to the right of [ 14.816501] allocated 120-byte region [ffff888103a34400, ffff888103a34478) [ 14.817181] [ 14.817400] The buggy address belongs to the physical page: [ 14.817740] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a34 [ 14.818238] flags: 0x200000000000000(node=0|zone=2) [ 14.818412] page_type: f5(slab) [ 14.818615] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.819253] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.819556] page dumped because: kasan: bad access detected [ 14.819837] [ 14.820128] Memory state around the buggy address: [ 14.820427] ffff888103a34300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.820823] ffff888103a34380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.821308] >ffff888103a34400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 14.821621] ^ [ 14.822063] ffff888103a34480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.822452] ffff888103a34500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.822875] ================================================================== [ 14.771137] ================================================================== [ 14.771897] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 14.772200] Read of size 8 at addr ffff888103a34478 by task kunit_try_catch/300 [ 14.772490] [ 14.772581] CPU: 1 UID: 0 PID: 300 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.772629] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.772641] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.772662] Call Trace: [ 14.772675] <TASK> [ 14.773005] dump_stack_lvl+0x73/0xb0 [ 14.773041] print_report+0xd1/0x610 [ 14.773082] ? __virt_addr_valid+0x1db/0x2d0 [ 14.773105] ? copy_to_kernel_nofault+0x225/0x260 [ 14.773284] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.773313] ? copy_to_kernel_nofault+0x225/0x260 [ 14.773335] kasan_report+0x141/0x180 [ 14.773358] ? copy_to_kernel_nofault+0x225/0x260 [ 14.773384] __asan_report_load8_noabort+0x18/0x20 [ 14.773406] copy_to_kernel_nofault+0x225/0x260 [ 14.773428] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 14.773453] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 14.773477] ? finish_task_switch.isra.0+0x153/0x700 [ 14.773503] ? __schedule+0x10cc/0x2b60 [ 14.773526] ? trace_hardirqs_on+0x37/0xe0 [ 14.773558] ? __pfx_read_tsc+0x10/0x10 [ 14.773579] ? ktime_get_ts64+0x86/0x230 [ 14.773605] kunit_try_run_case+0x1a5/0x480 [ 14.773626] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.773646] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.773671] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.773695] ? __kthread_parkme+0x82/0x180 [ 14.773718] ? preempt_count_sub+0x50/0x80 [ 14.773742] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.773764] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.773787] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.773811] kthread+0x337/0x6f0 [ 14.773828] ? trace_preempt_on+0x20/0xc0 [ 14.773851] ? __pfx_kthread+0x10/0x10 [ 14.773870] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.773902] ? calculate_sigpending+0x7b/0xa0 [ 14.773923] ? __pfx_kthread+0x10/0x10 [ 14.773942] ret_from_fork+0x41/0x80 [ 14.773963] ? __pfx_kthread+0x10/0x10 [ 14.773982] ret_from_fork_asm+0x1a/0x30 [ 14.774014] </TASK> [ 14.774027] [ 14.786073] Allocated by task 300: [ 14.786247] kasan_save_stack+0x45/0x70 [ 14.786461] kasan_save_track+0x18/0x40 [ 14.786648] kasan_save_alloc_info+0x3b/0x50 [ 14.787211] __kasan_kmalloc+0xb7/0xc0 [ 14.787395] __kmalloc_cache_noprof+0x189/0x420 [ 14.787765] copy_to_kernel_nofault_oob+0x12f/0x560 [ 14.787961] kunit_try_run_case+0x1a5/0x480 [ 14.788168] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.788455] kthread+0x337/0x6f0 [ 14.788929] ret_from_fork+0x41/0x80 [ 14.789102] ret_from_fork_asm+0x1a/0x30 [ 14.789444] [ 14.789543] The buggy address belongs to the object at ffff888103a34400 [ 14.789543] which belongs to the cache kmalloc-128 of size 128 [ 14.790385] The buggy address is located 0 bytes to the right of [ 14.790385] allocated 120-byte region [ffff888103a34400, ffff888103a34478) [ 14.790897] [ 14.790999] The buggy address belongs to the physical page: [ 14.791239] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a34 [ 14.791593] flags: 0x200000000000000(node=0|zone=2) [ 14.792227] page_type: f5(slab) [ 14.792409] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.792987] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.793620] page dumped because: kasan: bad access detected [ 14.794112] [ 14.794202] Memory state around the buggy address: [ 14.794656] ffff888103a34300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.795184] ffff888103a34380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.795635] >ffff888103a34400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 14.795985] ^ [ 14.796420] ffff888103a34480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.796698] ffff888103a34500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.797331] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 13.371990] ================================================================== [ 13.372444] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 13.372674] Read of size 4 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 13.373348] [ 13.373589] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 13.373636] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.373647] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.373669] Call Trace: [ 13.373682] <TASK> [ 13.373698] dump_stack_lvl+0x73/0xb0 [ 13.373723] print_report+0xd1/0x610 [ 13.373746] ? __virt_addr_valid+0x1db/0x2d0 [ 13.373766] ? kasan_atomics_helper+0x4bbc/0x5450 [ 13.373787] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.373810] ? kasan_atomics_helper+0x4bbc/0x5450 [ 13.373831] kasan_report+0x141/0x180 [ 13.373853] ? kasan_atomics_helper+0x4bbc/0x5450 [ 13.373891] __asan_report_load4_noabort+0x18/0x20 [ 13.373912] kasan_atomics_helper+0x4bbc/0x5450 [ 13.373934] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.373957] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.373977] ? ret_from_fork_asm+0x1a/0x30 [ 13.373998] ? kasan_atomics+0x152/0x310 [ 13.374021] kasan_atomics+0x1dc/0x310 [ 13.374040] ? __pfx_kasan_atomics+0x10/0x10 [ 13.374061] ? __pfx_read_tsc+0x10/0x10 [ 13.374080] ? ktime_get_ts64+0x86/0x230 [ 13.374129] kunit_try_run_case+0x1a5/0x480 [ 13.374151] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.374169] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.374193] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.374216] ? __kthread_parkme+0x82/0x180 [ 13.374239] ? preempt_count_sub+0x50/0x80 [ 13.374264] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.374284] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.374306] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.374329] kthread+0x337/0x6f0 [ 13.374345] ? trace_preempt_on+0x20/0xc0 [ 13.374368] ? __pfx_kthread+0x10/0x10 [ 13.374386] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.374407] ? calculate_sigpending+0x7b/0xa0 [ 13.374429] ? __pfx_kthread+0x10/0x10 [ 13.374446] ret_from_fork+0x41/0x80 [ 13.374466] ? __pfx_kthread+0x10/0x10 [ 13.374483] ret_from_fork_asm+0x1a/0x30 [ 13.374513] </TASK> [ 13.374524] [ 13.387219] Allocated by task 284: [ 13.387542] kasan_save_stack+0x45/0x70 [ 13.387906] kasan_save_track+0x18/0x40 [ 13.388198] kasan_save_alloc_info+0x3b/0x50 [ 13.388507] __kasan_kmalloc+0xb7/0xc0 [ 13.388986] __kmalloc_cache_noprof+0x189/0x420 [ 13.389206] kasan_atomics+0x95/0x310 [ 13.389467] kunit_try_run_case+0x1a5/0x480 [ 13.389651] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.390280] kthread+0x337/0x6f0 [ 13.390416] ret_from_fork+0x41/0x80 [ 13.390871] ret_from_fork_asm+0x1a/0x30 [ 13.391323] [ 13.391539] The buggy address belongs to the object at ffff888103a31d80 [ 13.391539] which belongs to the cache kmalloc-64 of size 64 [ 13.392326] The buggy address is located 0 bytes to the right of [ 13.392326] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 13.392898] [ 13.392976] The buggy address belongs to the physical page: [ 13.393234] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 13.393533] flags: 0x200000000000000(node=0|zone=2) [ 13.393744] page_type: f5(slab) [ 13.394130] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.394416] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.394648] page dumped because: kasan: bad access detected [ 13.395227] [ 13.395336] Memory state around the buggy address: [ 13.395556] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.396182] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.396519] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.396894] ^ [ 13.397069] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.397394] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.397908] ================================================================== [ 14.633985] ================================================================== [ 14.634278] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 14.634606] Write of size 8 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 14.635065] [ 14.635166] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.635210] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.635224] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.635244] Call Trace: [ 14.635259] <TASK> [ 14.635274] dump_stack_lvl+0x73/0xb0 [ 14.635299] print_report+0xd1/0x610 [ 14.635322] ? __virt_addr_valid+0x1db/0x2d0 [ 14.635343] ? kasan_atomics_helper+0x20c8/0x5450 [ 14.635366] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.635389] ? kasan_atomics_helper+0x20c8/0x5450 [ 14.635411] kasan_report+0x141/0x180 [ 14.635434] ? kasan_atomics_helper+0x20c8/0x5450 [ 14.635462] kasan_check_range+0x10c/0x1c0 [ 14.635482] __kasan_check_write+0x18/0x20 [ 14.635502] kasan_atomics_helper+0x20c8/0x5450 [ 14.635525] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.635548] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.635569] ? ret_from_fork_asm+0x1a/0x30 [ 14.635590] ? kasan_atomics+0x152/0x310 [ 14.635613] kasan_atomics+0x1dc/0x310 [ 14.635633] ? __pfx_kasan_atomics+0x10/0x10 [ 14.635654] ? __pfx_read_tsc+0x10/0x10 [ 14.635674] ? ktime_get_ts64+0x86/0x230 [ 14.635698] kunit_try_run_case+0x1a5/0x480 [ 14.635719] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.635738] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.635762] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.635785] ? __kthread_parkme+0x82/0x180 [ 14.635819] ? preempt_count_sub+0x50/0x80 [ 14.635844] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.635865] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.635900] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.635923] kthread+0x337/0x6f0 [ 14.635940] ? trace_preempt_on+0x20/0xc0 [ 14.635964] ? __pfx_kthread+0x10/0x10 [ 14.635982] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.636005] ? calculate_sigpending+0x7b/0xa0 [ 14.636026] ? __pfx_kthread+0x10/0x10 [ 14.636045] ret_from_fork+0x41/0x80 [ 14.636065] ? __pfx_kthread+0x10/0x10 [ 14.636084] ret_from_fork_asm+0x1a/0x30 [ 14.636113] </TASK> [ 14.636124] [ 14.643470] Allocated by task 284: [ 14.643651] kasan_save_stack+0x45/0x70 [ 14.643851] kasan_save_track+0x18/0x40 [ 14.645009] kasan_save_alloc_info+0x3b/0x50 [ 14.645219] __kasan_kmalloc+0xb7/0xc0 [ 14.645393] __kmalloc_cache_noprof+0x189/0x420 [ 14.645598] kasan_atomics+0x95/0x310 [ 14.645782] kunit_try_run_case+0x1a5/0x480 [ 14.646049] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.646284] kthread+0x337/0x6f0 [ 14.646433] ret_from_fork+0x41/0x80 [ 14.646615] ret_from_fork_asm+0x1a/0x30 [ 14.646806] [ 14.647498] The buggy address belongs to the object at ffff888103a31d80 [ 14.647498] which belongs to the cache kmalloc-64 of size 64 [ 14.648039] The buggy address is located 0 bytes to the right of [ 14.648039] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 14.648673] [ 14.648926] The buggy address belongs to the physical page: [ 14.649178] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 14.649631] flags: 0x200000000000000(node=0|zone=2) [ 14.649966] page_type: f5(slab) [ 14.650115] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.650580] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.650926] page dumped because: kasan: bad access detected [ 14.651230] [ 14.651332] Memory state around the buggy address: [ 14.651528] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.651829] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.652138] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.652438] ^ [ 14.652650] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.653361] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.653613] ================================================================== [ 14.090452] ================================================================== [ 14.091033] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 14.091342] Write of size 4 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 14.091565] [ 14.091646] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.091688] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.091700] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.091720] Call Trace: [ 14.091734] <TASK> [ 14.091749] dump_stack_lvl+0x73/0xb0 [ 14.091772] print_report+0xd1/0x610 [ 14.091796] ? __virt_addr_valid+0x1db/0x2d0 [ 14.091827] ? kasan_atomics_helper+0x12e6/0x5450 [ 14.091849] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.091872] ? kasan_atomics_helper+0x12e6/0x5450 [ 14.091906] kasan_report+0x141/0x180 [ 14.091929] ? kasan_atomics_helper+0x12e6/0x5450 [ 14.091957] kasan_check_range+0x10c/0x1c0 [ 14.091977] __kasan_check_write+0x18/0x20 [ 14.091997] kasan_atomics_helper+0x12e6/0x5450 [ 14.092020] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.092044] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.092065] ? ret_from_fork_asm+0x1a/0x30 [ 14.092086] ? kasan_atomics+0x152/0x310 [ 14.092110] kasan_atomics+0x1dc/0x310 [ 14.092129] ? __pfx_kasan_atomics+0x10/0x10 [ 14.092150] ? __pfx_read_tsc+0x10/0x10 [ 14.092170] ? ktime_get_ts64+0x86/0x230 [ 14.092195] kunit_try_run_case+0x1a5/0x480 [ 14.092216] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.092235] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.092260] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.092284] ? __kthread_parkme+0x82/0x180 [ 14.092305] ? preempt_count_sub+0x50/0x80 [ 14.092331] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.092352] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.092375] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.092399] kthread+0x337/0x6f0 [ 14.092416] ? trace_preempt_on+0x20/0xc0 [ 14.092439] ? __pfx_kthread+0x10/0x10 [ 14.092458] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.092482] ? calculate_sigpending+0x7b/0xa0 [ 14.092505] ? __pfx_kthread+0x10/0x10 [ 14.092524] ret_from_fork+0x41/0x80 [ 14.092547] ? __pfx_kthread+0x10/0x10 [ 14.092565] ret_from_fork_asm+0x1a/0x30 [ 14.092596] </TASK> [ 14.092607] [ 14.100091] Allocated by task 284: [ 14.100265] kasan_save_stack+0x45/0x70 [ 14.100460] kasan_save_track+0x18/0x40 [ 14.100653] kasan_save_alloc_info+0x3b/0x50 [ 14.100905] __kasan_kmalloc+0xb7/0xc0 [ 14.101077] __kmalloc_cache_noprof+0x189/0x420 [ 14.101231] kasan_atomics+0x95/0x310 [ 14.101358] kunit_try_run_case+0x1a5/0x480 [ 14.101500] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.101734] kthread+0x337/0x6f0 [ 14.101998] ret_from_fork+0x41/0x80 [ 14.102184] ret_from_fork_asm+0x1a/0x30 [ 14.102382] [ 14.102480] The buggy address belongs to the object at ffff888103a31d80 [ 14.102480] which belongs to the cache kmalloc-64 of size 64 [ 14.102989] The buggy address is located 0 bytes to the right of [ 14.102989] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 14.103482] [ 14.103569] The buggy address belongs to the physical page: [ 14.103785] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 14.104114] flags: 0x200000000000000(node=0|zone=2) [ 14.104318] page_type: f5(slab) [ 14.104475] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.104719] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.104951] page dumped because: kasan: bad access detected [ 14.105119] [ 14.105193] Memory state around the buggy address: [ 14.105344] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.105556] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.105799] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.106179] ^ [ 14.106400] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.106714] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.107335] ================================================================== [ 14.423264] ================================================================== [ 14.423523] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 14.423942] Write of size 8 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 14.424266] [ 14.424374] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.424428] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.424441] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.424463] Call Trace: [ 14.424489] <TASK> [ 14.424503] dump_stack_lvl+0x73/0xb0 [ 14.424529] print_report+0xd1/0x610 [ 14.424552] ? __virt_addr_valid+0x1db/0x2d0 [ 14.424582] ? kasan_atomics_helper+0x1c18/0x5450 [ 14.424604] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.424627] ? kasan_atomics_helper+0x1c18/0x5450 [ 14.424661] kasan_report+0x141/0x180 [ 14.424683] ? kasan_atomics_helper+0x1c18/0x5450 [ 14.424711] kasan_check_range+0x10c/0x1c0 [ 14.424742] __kasan_check_write+0x18/0x20 [ 14.424762] kasan_atomics_helper+0x1c18/0x5450 [ 14.424786] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.424829] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.424850] ? ret_from_fork_asm+0x1a/0x30 [ 14.424872] ? kasan_atomics+0x152/0x310 [ 14.424904] kasan_atomics+0x1dc/0x310 [ 14.424924] ? __pfx_kasan_atomics+0x10/0x10 [ 14.424946] ? __pfx_read_tsc+0x10/0x10 [ 14.424965] ? ktime_get_ts64+0x86/0x230 [ 14.424999] kunit_try_run_case+0x1a5/0x480 [ 14.425020] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.425039] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.425075] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.425099] ? __kthread_parkme+0x82/0x180 [ 14.425121] ? preempt_count_sub+0x50/0x80 [ 14.425150] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.425170] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.425193] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.425217] kthread+0x337/0x6f0 [ 14.425244] ? trace_preempt_on+0x20/0xc0 [ 14.425270] ? __pfx_kthread+0x10/0x10 [ 14.425288] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.425322] ? calculate_sigpending+0x7b/0xa0 [ 14.425344] ? __pfx_kthread+0x10/0x10 [ 14.425363] ret_from_fork+0x41/0x80 [ 14.425384] ? __pfx_kthread+0x10/0x10 [ 14.425402] ret_from_fork_asm+0x1a/0x30 [ 14.425432] </TASK> [ 14.425443] [ 14.435168] Allocated by task 284: [ 14.435498] kasan_save_stack+0x45/0x70 [ 14.435827] kasan_save_track+0x18/0x40 [ 14.436030] kasan_save_alloc_info+0x3b/0x50 [ 14.436321] __kasan_kmalloc+0xb7/0xc0 [ 14.436460] __kmalloc_cache_noprof+0x189/0x420 [ 14.436832] kasan_atomics+0x95/0x310 [ 14.437021] kunit_try_run_case+0x1a5/0x480 [ 14.437241] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.437487] kthread+0x337/0x6f0 [ 14.437650] ret_from_fork+0x41/0x80 [ 14.437815] ret_from_fork_asm+0x1a/0x30 [ 14.438300] [ 14.438395] The buggy address belongs to the object at ffff888103a31d80 [ 14.438395] which belongs to the cache kmalloc-64 of size 64 [ 14.439143] The buggy address is located 0 bytes to the right of [ 14.439143] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 14.439739] [ 14.439824] The buggy address belongs to the physical page: [ 14.440270] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 14.440558] flags: 0x200000000000000(node=0|zone=2) [ 14.440796] page_type: f5(slab) [ 14.440953] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.441275] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.441573] page dumped because: kasan: bad access detected [ 14.441790] [ 14.442332] Memory state around the buggy address: [ 14.442519] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.442993] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.443397] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.443868] ^ [ 14.444186] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.444540] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.444979] ================================================================== [ 14.505515] ================================================================== [ 14.505918] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 14.506167] Write of size 8 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 14.506698] [ 14.506778] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.506835] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.506848] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.506868] Call Trace: [ 14.506893] <TASK> [ 14.506906] dump_stack_lvl+0x73/0xb0 [ 14.506928] print_report+0xd1/0x610 [ 14.506951] ? __virt_addr_valid+0x1db/0x2d0 [ 14.506999] ? kasan_atomics_helper+0x1e12/0x5450 [ 14.507021] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.507043] ? kasan_atomics_helper+0x1e12/0x5450 [ 14.507065] kasan_report+0x141/0x180 [ 14.507088] ? kasan_atomics_helper+0x1e12/0x5450 [ 14.507115] kasan_check_range+0x10c/0x1c0 [ 14.507136] __kasan_check_write+0x18/0x20 [ 14.507156] kasan_atomics_helper+0x1e12/0x5450 [ 14.507179] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.507202] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.507223] ? ret_from_fork_asm+0x1a/0x30 [ 14.507244] ? kasan_atomics+0x152/0x310 [ 14.507267] kasan_atomics+0x1dc/0x310 [ 14.507286] ? __pfx_kasan_atomics+0x10/0x10 [ 14.507308] ? __pfx_read_tsc+0x10/0x10 [ 14.507327] ? ktime_get_ts64+0x86/0x230 [ 14.507352] kunit_try_run_case+0x1a5/0x480 [ 14.507373] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.507392] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.507434] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.507459] ? __kthread_parkme+0x82/0x180 [ 14.507481] ? preempt_count_sub+0x50/0x80 [ 14.507504] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.507526] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.507549] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.507572] kthread+0x337/0x6f0 [ 14.507589] ? trace_preempt_on+0x20/0xc0 [ 14.507612] ? __pfx_kthread+0x10/0x10 [ 14.507630] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.507652] ? calculate_sigpending+0x7b/0xa0 [ 14.507673] ? __pfx_kthread+0x10/0x10 [ 14.507692] ret_from_fork+0x41/0x80 [ 14.507732] ? __pfx_kthread+0x10/0x10 [ 14.507750] ret_from_fork_asm+0x1a/0x30 [ 14.507780] </TASK> [ 14.507792] [ 14.516841] Allocated by task 284: [ 14.516986] kasan_save_stack+0x45/0x70 [ 14.517194] kasan_save_track+0x18/0x40 [ 14.517432] kasan_save_alloc_info+0x3b/0x50 [ 14.517637] __kasan_kmalloc+0xb7/0xc0 [ 14.517796] __kmalloc_cache_noprof+0x189/0x420 [ 14.518001] kasan_atomics+0x95/0x310 [ 14.518186] kunit_try_run_case+0x1a5/0x480 [ 14.518359] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.518544] kthread+0x337/0x6f0 [ 14.518713] ret_from_fork+0x41/0x80 [ 14.518960] ret_from_fork_asm+0x1a/0x30 [ 14.519127] [ 14.519223] The buggy address belongs to the object at ffff888103a31d80 [ 14.519223] which belongs to the cache kmalloc-64 of size 64 [ 14.519658] The buggy address is located 0 bytes to the right of [ 14.519658] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 14.520028] [ 14.520125] The buggy address belongs to the physical page: [ 14.520375] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 14.520726] flags: 0x200000000000000(node=0|zone=2) [ 14.520960] page_type: f5(slab) [ 14.521082] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.521317] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.521652] page dumped because: kasan: bad access detected [ 14.522004] [ 14.522098] Memory state around the buggy address: [ 14.522325] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.522623] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.522968] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.523182] ^ [ 14.523412] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.523670] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.524047] ================================================================== [ 13.879363] ================================================================== [ 13.879663] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 13.880090] Write of size 4 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 13.880429] [ 13.880535] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 13.880576] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.880588] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.880609] Call Trace: [ 13.880622] <TASK> [ 13.880637] dump_stack_lvl+0x73/0xb0 [ 13.880661] print_report+0xd1/0x610 [ 13.880684] ? __virt_addr_valid+0x1db/0x2d0 [ 13.880705] ? kasan_atomics_helper+0xde0/0x5450 [ 13.880726] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.880749] ? kasan_atomics_helper+0xde0/0x5450 [ 13.880772] kasan_report+0x141/0x180 [ 13.880795] ? kasan_atomics_helper+0xde0/0x5450 [ 13.880822] kasan_check_range+0x10c/0x1c0 [ 13.880843] __kasan_check_write+0x18/0x20 [ 13.880864] kasan_atomics_helper+0xde0/0x5450 [ 13.880897] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.880920] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.880941] ? ret_from_fork_asm+0x1a/0x30 [ 13.880963] ? kasan_atomics+0x152/0x310 [ 13.880986] kasan_atomics+0x1dc/0x310 [ 13.881006] ? __pfx_kasan_atomics+0x10/0x10 [ 13.881026] ? __pfx_read_tsc+0x10/0x10 [ 13.881046] ? ktime_get_ts64+0x86/0x230 [ 13.881070] kunit_try_run_case+0x1a5/0x480 [ 13.881091] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.881111] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.881139] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.881162] ? __kthread_parkme+0x82/0x180 [ 13.881184] ? preempt_count_sub+0x50/0x80 [ 13.881209] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.881230] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.881253] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.881277] kthread+0x337/0x6f0 [ 13.881305] ? trace_preempt_on+0x20/0xc0 [ 13.881329] ? __pfx_kthread+0x10/0x10 [ 13.881347] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.881381] ? calculate_sigpending+0x7b/0xa0 [ 13.881403] ? __pfx_kthread+0x10/0x10 [ 13.881422] ret_from_fork+0x41/0x80 [ 13.881443] ? __pfx_kthread+0x10/0x10 [ 13.881460] ret_from_fork_asm+0x1a/0x30 [ 13.881490] </TASK> [ 13.881501] [ 13.889091] Allocated by task 284: [ 13.889227] kasan_save_stack+0x45/0x70 [ 13.889467] kasan_save_track+0x18/0x40 [ 13.889657] kasan_save_alloc_info+0x3b/0x50 [ 13.889863] __kasan_kmalloc+0xb7/0xc0 [ 13.890055] __kmalloc_cache_noprof+0x189/0x420 [ 13.890270] kasan_atomics+0x95/0x310 [ 13.890444] kunit_try_run_case+0x1a5/0x480 [ 13.890587] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.890761] kthread+0x337/0x6f0 [ 13.890980] ret_from_fork+0x41/0x80 [ 13.891164] ret_from_fork_asm+0x1a/0x30 [ 13.891376] [ 13.891487] The buggy address belongs to the object at ffff888103a31d80 [ 13.891487] which belongs to the cache kmalloc-64 of size 64 [ 13.892202] The buggy address is located 0 bytes to the right of [ 13.892202] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 13.892635] [ 13.892705] The buggy address belongs to the physical page: [ 13.893032] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 13.893415] flags: 0x200000000000000(node=0|zone=2) [ 13.893587] page_type: f5(slab) [ 13.893706] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.894020] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.894389] page dumped because: kasan: bad access detected [ 13.894668] [ 13.894775] Memory state around the buggy address: [ 13.895085] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.895350] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.895562] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.895770] ^ [ 13.896002] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.896315] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.896641] ================================================================== [ 14.717830] ================================================================== [ 14.718192] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 14.718517] Write of size 8 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 14.718916] [ 14.719051] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.719095] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.719108] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.719126] Call Trace: [ 14.719142] <TASK> [ 14.719156] dump_stack_lvl+0x73/0xb0 [ 14.719180] print_report+0xd1/0x610 [ 14.719223] ? __virt_addr_valid+0x1db/0x2d0 [ 14.719244] ? kasan_atomics_helper+0x224c/0x5450 [ 14.719266] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.719289] ? kasan_atomics_helper+0x224c/0x5450 [ 14.719312] kasan_report+0x141/0x180 [ 14.719335] ? kasan_atomics_helper+0x224c/0x5450 [ 14.719362] kasan_check_range+0x10c/0x1c0 [ 14.719402] __kasan_check_write+0x18/0x20 [ 14.719423] kasan_atomics_helper+0x224c/0x5450 [ 14.719447] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.719469] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.719490] ? ret_from_fork_asm+0x1a/0x30 [ 14.719512] ? kasan_atomics+0x152/0x310 [ 14.719535] kasan_atomics+0x1dc/0x310 [ 14.719555] ? __pfx_kasan_atomics+0x10/0x10 [ 14.719576] ? __pfx_read_tsc+0x10/0x10 [ 14.719595] ? ktime_get_ts64+0x86/0x230 [ 14.719619] kunit_try_run_case+0x1a5/0x480 [ 14.719641] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.719660] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.719684] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.719709] ? __kthread_parkme+0x82/0x180 [ 14.719731] ? preempt_count_sub+0x50/0x80 [ 14.719755] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.719776] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.719836] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.719860] kthread+0x337/0x6f0 [ 14.719877] ? trace_preempt_on+0x20/0xc0 [ 14.719909] ? __pfx_kthread+0x10/0x10 [ 14.719928] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.719970] ? calculate_sigpending+0x7b/0xa0 [ 14.719992] ? __pfx_kthread+0x10/0x10 [ 14.720011] ret_from_fork+0x41/0x80 [ 14.720032] ? __pfx_kthread+0x10/0x10 [ 14.720051] ret_from_fork_asm+0x1a/0x30 [ 14.720081] </TASK> [ 14.720091] [ 14.727365] Allocated by task 284: [ 14.727491] kasan_save_stack+0x45/0x70 [ 14.727631] kasan_save_track+0x18/0x40 [ 14.727778] kasan_save_alloc_info+0x3b/0x50 [ 14.728018] __kasan_kmalloc+0xb7/0xc0 [ 14.728233] __kmalloc_cache_noprof+0x189/0x420 [ 14.728490] kasan_atomics+0x95/0x310 [ 14.728677] kunit_try_run_case+0x1a5/0x480 [ 14.728919] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.729182] kthread+0x337/0x6f0 [ 14.729369] ret_from_fork+0x41/0x80 [ 14.729530] ret_from_fork_asm+0x1a/0x30 [ 14.729704] [ 14.729846] The buggy address belongs to the object at ffff888103a31d80 [ 14.729846] which belongs to the cache kmalloc-64 of size 64 [ 14.730232] The buggy address is located 0 bytes to the right of [ 14.730232] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 14.730583] [ 14.730651] The buggy address belongs to the physical page: [ 14.730944] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 14.731294] flags: 0x200000000000000(node=0|zone=2) [ 14.731523] page_type: f5(slab) [ 14.731685] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.732061] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.732394] page dumped because: kasan: bad access detected [ 14.732580] [ 14.732647] Memory state around the buggy address: [ 14.732814] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.733094] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.733437] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.733756] ^ [ 14.734029] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.734336] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.734634] ================================================================== [ 13.659352] ================================================================== [ 13.659610] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 13.660093] Write of size 4 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 13.660419] [ 13.660503] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 13.660544] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.660556] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.660575] Call Trace: [ 13.660587] <TASK> [ 13.660602] dump_stack_lvl+0x73/0xb0 [ 13.660624] print_report+0xd1/0x610 [ 13.660647] ? __virt_addr_valid+0x1db/0x2d0 [ 13.660667] ? kasan_atomics_helper+0x72f/0x5450 [ 13.660767] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.660796] ? kasan_atomics_helper+0x72f/0x5450 [ 13.660820] kasan_report+0x141/0x180 [ 13.660858] ? kasan_atomics_helper+0x72f/0x5450 [ 13.660892] kasan_check_range+0x10c/0x1c0 [ 13.660913] __kasan_check_write+0x18/0x20 [ 13.660942] kasan_atomics_helper+0x72f/0x5450 [ 13.660965] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.660988] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.661019] ? ret_from_fork_asm+0x1a/0x30 [ 13.661041] ? kasan_atomics+0x152/0x310 [ 13.661064] kasan_atomics+0x1dc/0x310 [ 13.661084] ? __pfx_kasan_atomics+0x10/0x10 [ 13.661105] ? __pfx_read_tsc+0x10/0x10 [ 13.661124] ? ktime_get_ts64+0x86/0x230 [ 13.661156] kunit_try_run_case+0x1a5/0x480 [ 13.661177] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.661195] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.661219] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.661243] ? __kthread_parkme+0x82/0x180 [ 13.661264] ? preempt_count_sub+0x50/0x80 [ 13.661303] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.661323] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.661347] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.661397] kthread+0x337/0x6f0 [ 13.661414] ? trace_preempt_on+0x20/0xc0 [ 13.661437] ? __pfx_kthread+0x10/0x10 [ 13.661456] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.661478] ? calculate_sigpending+0x7b/0xa0 [ 13.661499] ? __pfx_kthread+0x10/0x10 [ 13.661518] ret_from_fork+0x41/0x80 [ 13.661539] ? __pfx_kthread+0x10/0x10 [ 13.661558] ret_from_fork_asm+0x1a/0x30 [ 13.661588] </TASK> [ 13.661599] [ 13.670394] Allocated by task 284: [ 13.670580] kasan_save_stack+0x45/0x70 [ 13.670973] kasan_save_track+0x18/0x40 [ 13.671204] kasan_save_alloc_info+0x3b/0x50 [ 13.671415] __kasan_kmalloc+0xb7/0xc0 [ 13.671618] __kmalloc_cache_noprof+0x189/0x420 [ 13.671979] kasan_atomics+0x95/0x310 [ 13.672155] kunit_try_run_case+0x1a5/0x480 [ 13.672392] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.672628] kthread+0x337/0x6f0 [ 13.672861] ret_from_fork+0x41/0x80 [ 13.673007] ret_from_fork_asm+0x1a/0x30 [ 13.673155] [ 13.673227] The buggy address belongs to the object at ffff888103a31d80 [ 13.673227] which belongs to the cache kmalloc-64 of size 64 [ 13.673689] The buggy address is located 0 bytes to the right of [ 13.673689] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 13.674242] [ 13.674337] The buggy address belongs to the physical page: [ 13.674593] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 13.675181] flags: 0x200000000000000(node=0|zone=2) [ 13.675446] page_type: f5(slab) [ 13.675629] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.676232] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.676571] page dumped because: kasan: bad access detected [ 13.677041] [ 13.677162] Memory state around the buggy address: [ 13.677390] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.677629] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.678062] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.678387] ^ [ 13.678536] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.679025] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.679342] ================================================================== [ 13.584649] ================================================================== [ 13.585003] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 13.585447] Write of size 4 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 13.585764] [ 13.585945] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 13.585991] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.586004] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.586024] Call Trace: [ 13.586039] <TASK> [ 13.586055] dump_stack_lvl+0x73/0xb0 [ 13.586079] print_report+0xd1/0x610 [ 13.586102] ? __virt_addr_valid+0x1db/0x2d0 [ 13.586122] ? kasan_atomics_helper+0x565/0x5450 [ 13.586188] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.586223] ? kasan_atomics_helper+0x565/0x5450 [ 13.586254] kasan_report+0x141/0x180 [ 13.586278] ? kasan_atomics_helper+0x565/0x5450 [ 13.586306] kasan_check_range+0x10c/0x1c0 [ 13.586337] __kasan_check_write+0x18/0x20 [ 13.586358] kasan_atomics_helper+0x565/0x5450 [ 13.586382] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.586405] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.586425] ? ret_from_fork_asm+0x1a/0x30 [ 13.586447] ? kasan_atomics+0x152/0x310 [ 13.586470] kasan_atomics+0x1dc/0x310 [ 13.586489] ? __pfx_kasan_atomics+0x10/0x10 [ 13.586510] ? __pfx_read_tsc+0x10/0x10 [ 13.586530] ? ktime_get_ts64+0x86/0x230 [ 13.586563] kunit_try_run_case+0x1a5/0x480 [ 13.586585] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.586603] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.586638] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.586661] ? __kthread_parkme+0x82/0x180 [ 13.586684] ? preempt_count_sub+0x50/0x80 [ 13.586768] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.586800] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.586824] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.586848] kthread+0x337/0x6f0 [ 13.586876] ? trace_preempt_on+0x20/0xc0 [ 13.586908] ? __pfx_kthread+0x10/0x10 [ 13.586927] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.586950] ? calculate_sigpending+0x7b/0xa0 [ 13.586972] ? __pfx_kthread+0x10/0x10 [ 13.586990] ret_from_fork+0x41/0x80 [ 13.587012] ? __pfx_kthread+0x10/0x10 [ 13.587030] ret_from_fork_asm+0x1a/0x30 [ 13.587059] </TASK> [ 13.587070] [ 13.597548] Allocated by task 284: [ 13.597895] kasan_save_stack+0x45/0x70 [ 13.598086] kasan_save_track+0x18/0x40 [ 13.598449] kasan_save_alloc_info+0x3b/0x50 [ 13.599058] __kasan_kmalloc+0xb7/0xc0 [ 13.599198] __kmalloc_cache_noprof+0x189/0x420 [ 13.599346] kasan_atomics+0x95/0x310 [ 13.599471] kunit_try_run_case+0x1a5/0x480 [ 13.599609] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.599777] kthread+0x337/0x6f0 [ 13.600133] ret_from_fork+0x41/0x80 [ 13.600937] ret_from_fork_asm+0x1a/0x30 [ 13.601475] [ 13.601670] The buggy address belongs to the object at ffff888103a31d80 [ 13.601670] which belongs to the cache kmalloc-64 of size 64 [ 13.603142] The buggy address is located 0 bytes to the right of [ 13.603142] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 13.604515] [ 13.604687] The buggy address belongs to the physical page: [ 13.605088] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 13.605335] flags: 0x200000000000000(node=0|zone=2) [ 13.605494] page_type: f5(slab) [ 13.605610] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.605852] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.606826] page dumped because: kasan: bad access detected [ 13.607159] [ 13.607234] Memory state around the buggy address: [ 13.607602] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.608189] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.608696] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.609246] ^ [ 13.609420] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.609986] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.610534] ================================================================== [ 13.976091] ================================================================== [ 13.976833] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 13.977146] Write of size 4 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 13.977513] [ 13.977615] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 13.977657] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.977680] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.977700] Call Trace: [ 13.977715] <TASK> [ 13.977730] dump_stack_lvl+0x73/0xb0 [ 13.977765] print_report+0xd1/0x610 [ 13.977789] ? __virt_addr_valid+0x1db/0x2d0 [ 13.977820] ? kasan_atomics_helper+0x1079/0x5450 [ 13.977842] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.977865] ? kasan_atomics_helper+0x1079/0x5450 [ 13.977906] kasan_report+0x141/0x180 [ 13.977930] ? kasan_atomics_helper+0x1079/0x5450 [ 13.977958] kasan_check_range+0x10c/0x1c0 [ 13.977991] __kasan_check_write+0x18/0x20 [ 13.978012] kasan_atomics_helper+0x1079/0x5450 [ 13.978035] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.978058] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.978088] ? ret_from_fork_asm+0x1a/0x30 [ 13.978109] ? kasan_atomics+0x152/0x310 [ 13.978132] kasan_atomics+0x1dc/0x310 [ 13.978164] ? __pfx_kasan_atomics+0x10/0x10 [ 13.978186] ? __pfx_read_tsc+0x10/0x10 [ 13.978206] ? ktime_get_ts64+0x86/0x230 [ 13.978238] kunit_try_run_case+0x1a5/0x480 [ 13.978260] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.978279] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.978304] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.978339] ? __kthread_parkme+0x82/0x180 [ 13.978362] ? preempt_count_sub+0x50/0x80 [ 13.978387] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.978416] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.978439] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.978463] kthread+0x337/0x6f0 [ 13.978491] ? trace_preempt_on+0x20/0xc0 [ 13.978514] ? __pfx_kthread+0x10/0x10 [ 13.978533] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.978555] ? calculate_sigpending+0x7b/0xa0 [ 13.978576] ? __pfx_kthread+0x10/0x10 [ 13.978595] ret_from_fork+0x41/0x80 [ 13.978616] ? __pfx_kthread+0x10/0x10 [ 13.978634] ret_from_fork_asm+0x1a/0x30 [ 13.978664] </TASK> [ 13.978675] [ 13.986456] Allocated by task 284: [ 13.986630] kasan_save_stack+0x45/0x70 [ 13.986836] kasan_save_track+0x18/0x40 [ 13.987009] kasan_save_alloc_info+0x3b/0x50 [ 13.987157] __kasan_kmalloc+0xb7/0xc0 [ 13.987289] __kmalloc_cache_noprof+0x189/0x420 [ 13.987470] kasan_atomics+0x95/0x310 [ 13.987653] kunit_try_run_case+0x1a5/0x480 [ 13.987912] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.988168] kthread+0x337/0x6f0 [ 13.988309] ret_from_fork+0x41/0x80 [ 13.988499] ret_from_fork_asm+0x1a/0x30 [ 13.988681] [ 13.988789] The buggy address belongs to the object at ffff888103a31d80 [ 13.988789] which belongs to the cache kmalloc-64 of size 64 [ 13.989291] The buggy address is located 0 bytes to the right of [ 13.989291] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 13.989826] [ 13.989913] The buggy address belongs to the physical page: [ 13.990167] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 13.990405] flags: 0x200000000000000(node=0|zone=2) [ 13.990564] page_type: f5(slab) [ 13.990682] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.991209] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.991564] page dumped because: kasan: bad access detected [ 13.991812] [ 13.991911] Memory state around the buggy address: [ 13.992135] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.992432] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.992679] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.993088] ^ [ 13.993318] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.993595] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.993830] ================================================================== [ 13.551804] ================================================================== [ 13.552389] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 13.553232] Write of size 4 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 13.554030] [ 13.554287] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 13.554342] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.554354] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.554376] Call Trace: [ 13.554388] <TASK> [ 13.554403] dump_stack_lvl+0x73/0xb0 [ 13.554428] print_report+0xd1/0x610 [ 13.554451] ? __virt_addr_valid+0x1db/0x2d0 [ 13.554472] ? kasan_atomics_helper+0x4b3a/0x5450 [ 13.554494] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.554531] ? kasan_atomics_helper+0x4b3a/0x5450 [ 13.554553] kasan_report+0x141/0x180 [ 13.554583] ? kasan_atomics_helper+0x4b3a/0x5450 [ 13.554611] __asan_report_store4_noabort+0x1b/0x30 [ 13.554632] kasan_atomics_helper+0x4b3a/0x5450 [ 13.554655] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.554699] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.554720] ? ret_from_fork_asm+0x1a/0x30 [ 13.554741] ? kasan_atomics+0x152/0x310 [ 13.554765] kasan_atomics+0x1dc/0x310 [ 13.554784] ? __pfx_kasan_atomics+0x10/0x10 [ 13.554805] ? __pfx_read_tsc+0x10/0x10 [ 13.554825] ? ktime_get_ts64+0x86/0x230 [ 13.554866] kunit_try_run_case+0x1a5/0x480 [ 13.554904] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.554923] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.554947] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.554971] ? __kthread_parkme+0x82/0x180 [ 13.554994] ? preempt_count_sub+0x50/0x80 [ 13.555018] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.555039] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.555063] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.555087] kthread+0x337/0x6f0 [ 13.555104] ? trace_preempt_on+0x20/0xc0 [ 13.555128] ? __pfx_kthread+0x10/0x10 [ 13.555146] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.555168] ? calculate_sigpending+0x7b/0xa0 [ 13.555189] ? __pfx_kthread+0x10/0x10 [ 13.555208] ret_from_fork+0x41/0x80 [ 13.555228] ? __pfx_kthread+0x10/0x10 [ 13.555247] ret_from_fork_asm+0x1a/0x30 [ 13.555277] </TASK> [ 13.555287] [ 13.569953] Allocated by task 284: [ 13.570352] kasan_save_stack+0x45/0x70 [ 13.570817] kasan_save_track+0x18/0x40 [ 13.571019] kasan_save_alloc_info+0x3b/0x50 [ 13.571476] __kasan_kmalloc+0xb7/0xc0 [ 13.571948] __kmalloc_cache_noprof+0x189/0x420 [ 13.572343] kasan_atomics+0x95/0x310 [ 13.572554] kunit_try_run_case+0x1a5/0x480 [ 13.572749] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.573384] kthread+0x337/0x6f0 [ 13.573800] ret_from_fork+0x41/0x80 [ 13.574225] ret_from_fork_asm+0x1a/0x30 [ 13.574523] [ 13.574714] The buggy address belongs to the object at ffff888103a31d80 [ 13.574714] which belongs to the cache kmalloc-64 of size 64 [ 13.575632] The buggy address is located 0 bytes to the right of [ 13.575632] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 13.576517] [ 13.576743] The buggy address belongs to the physical page: [ 13.577312] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 13.577558] flags: 0x200000000000000(node=0|zone=2) [ 13.577777] page_type: f5(slab) [ 13.578235] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.579100] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.579799] page dumped because: kasan: bad access detected [ 13.580343] [ 13.580540] Memory state around the buggy address: [ 13.580767] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.581427] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.581648] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.582318] ^ [ 13.582857] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.583483] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.584210] ================================================================== [ 14.469662] ================================================================== [ 14.470179] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 14.470527] Write of size 8 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 14.470899] [ 14.470981] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.471023] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.471035] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.471055] Call Trace: [ 14.471070] <TASK> [ 14.471085] dump_stack_lvl+0x73/0xb0 [ 14.471109] print_report+0xd1/0x610 [ 14.471153] ? __virt_addr_valid+0x1db/0x2d0 [ 14.471174] ? kasan_atomics_helper+0x1ce1/0x5450 [ 14.471197] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.471219] ? kasan_atomics_helper+0x1ce1/0x5450 [ 14.471242] kasan_report+0x141/0x180 [ 14.471265] ? kasan_atomics_helper+0x1ce1/0x5450 [ 14.471292] kasan_check_range+0x10c/0x1c0 [ 14.471312] __kasan_check_write+0x18/0x20 [ 14.471332] kasan_atomics_helper+0x1ce1/0x5450 [ 14.471356] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.471379] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.471399] ? ret_from_fork_asm+0x1a/0x30 [ 14.471420] ? kasan_atomics+0x152/0x310 [ 14.471443] kasan_atomics+0x1dc/0x310 [ 14.471462] ? __pfx_kasan_atomics+0x10/0x10 [ 14.471483] ? __pfx_read_tsc+0x10/0x10 [ 14.471503] ? ktime_get_ts64+0x86/0x230 [ 14.471546] kunit_try_run_case+0x1a5/0x480 [ 14.471567] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.471587] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.471611] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.471635] ? __kthread_parkme+0x82/0x180 [ 14.471657] ? preempt_count_sub+0x50/0x80 [ 14.471682] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.471703] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.471726] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.471750] kthread+0x337/0x6f0 [ 14.471766] ? trace_preempt_on+0x20/0xc0 [ 14.471790] ? __pfx_kthread+0x10/0x10 [ 14.471818] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.471840] ? calculate_sigpending+0x7b/0xa0 [ 14.471862] ? __pfx_kthread+0x10/0x10 [ 14.471890] ret_from_fork+0x41/0x80 [ 14.471912] ? __pfx_kthread+0x10/0x10 [ 14.471930] ret_from_fork_asm+0x1a/0x30 [ 14.471960] </TASK> [ 14.471970] [ 14.479549] Allocated by task 284: [ 14.479721] kasan_save_stack+0x45/0x70 [ 14.479986] kasan_save_track+0x18/0x40 [ 14.480200] kasan_save_alloc_info+0x3b/0x50 [ 14.480388] __kasan_kmalloc+0xb7/0xc0 [ 14.480520] __kmalloc_cache_noprof+0x189/0x420 [ 14.480726] kasan_atomics+0x95/0x310 [ 14.480919] kunit_try_run_case+0x1a5/0x480 [ 14.481202] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.481376] kthread+0x337/0x6f0 [ 14.481494] ret_from_fork+0x41/0x80 [ 14.481624] ret_from_fork_asm+0x1a/0x30 [ 14.481794] [ 14.481897] The buggy address belongs to the object at ffff888103a31d80 [ 14.481897] which belongs to the cache kmalloc-64 of size 64 [ 14.482417] The buggy address is located 0 bytes to the right of [ 14.482417] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 14.482933] [ 14.483004] The buggy address belongs to the physical page: [ 14.483173] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 14.483407] flags: 0x200000000000000(node=0|zone=2) [ 14.483640] page_type: f5(slab) [ 14.483825] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.484188] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.484554] page dumped because: kasan: bad access detected [ 14.484814] [ 14.484932] Memory state around the buggy address: [ 14.485087] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.485310] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.485627] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.486104] ^ [ 14.486268] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.486589] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.486801] ================================================================== [ 13.473021] ================================================================== [ 13.473274] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 13.474303] Read of size 4 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 13.474895] [ 13.474991] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 13.475141] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.475157] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.475178] Call Trace: [ 13.475193] <TASK> [ 13.475209] dump_stack_lvl+0x73/0xb0 [ 13.475236] print_report+0xd1/0x610 [ 13.475258] ? __virt_addr_valid+0x1db/0x2d0 [ 13.475280] ? kasan_atomics_helper+0x3df/0x5450 [ 13.475302] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.475325] ? kasan_atomics_helper+0x3df/0x5450 [ 13.475348] kasan_report+0x141/0x180 [ 13.475371] ? kasan_atomics_helper+0x3df/0x5450 [ 13.475398] kasan_check_range+0x10c/0x1c0 [ 13.475419] __kasan_check_read+0x15/0x20 [ 13.475438] kasan_atomics_helper+0x3df/0x5450 [ 13.475463] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.475486] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.475507] ? ret_from_fork_asm+0x1a/0x30 [ 13.475528] ? kasan_atomics+0x152/0x310 [ 13.475552] kasan_atomics+0x1dc/0x310 [ 13.475571] ? __pfx_kasan_atomics+0x10/0x10 [ 13.475592] ? __pfx_read_tsc+0x10/0x10 [ 13.475612] ? ktime_get_ts64+0x86/0x230 [ 13.475636] kunit_try_run_case+0x1a5/0x480 [ 13.475657] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.475676] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.475701] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.475726] ? __kthread_parkme+0x82/0x180 [ 13.475771] ? preempt_count_sub+0x50/0x80 [ 13.475797] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.475818] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.475842] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.475866] kthread+0x337/0x6f0 [ 13.475895] ? trace_preempt_on+0x20/0xc0 [ 13.475919] ? __pfx_kthread+0x10/0x10 [ 13.475937] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.475959] ? calculate_sigpending+0x7b/0xa0 [ 13.475981] ? __pfx_kthread+0x10/0x10 [ 13.475999] ret_from_fork+0x41/0x80 [ 13.476020] ? __pfx_kthread+0x10/0x10 [ 13.476039] ret_from_fork_asm+0x1a/0x30 [ 13.476069] </TASK> [ 13.476080] [ 13.488093] Allocated by task 284: [ 13.488271] kasan_save_stack+0x45/0x70 [ 13.488426] kasan_save_track+0x18/0x40 [ 13.488850] kasan_save_alloc_info+0x3b/0x50 [ 13.489177] __kasan_kmalloc+0xb7/0xc0 [ 13.489457] __kmalloc_cache_noprof+0x189/0x420 [ 13.489738] kasan_atomics+0x95/0x310 [ 13.489895] kunit_try_run_case+0x1a5/0x480 [ 13.490149] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.490500] kthread+0x337/0x6f0 [ 13.490665] ret_from_fork+0x41/0x80 [ 13.490812] ret_from_fork_asm+0x1a/0x30 [ 13.491367] [ 13.491569] The buggy address belongs to the object at ffff888103a31d80 [ 13.491569] which belongs to the cache kmalloc-64 of size 64 [ 13.492452] The buggy address is located 0 bytes to the right of [ 13.492452] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 13.493374] [ 13.493457] The buggy address belongs to the physical page: [ 13.493728] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 13.494362] flags: 0x200000000000000(node=0|zone=2) [ 13.494686] page_type: f5(slab) [ 13.495048] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.495385] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.495949] page dumped because: kasan: bad access detected [ 13.496190] [ 13.496275] Memory state around the buggy address: [ 13.496631] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.497106] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.497536] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.498134] ^ [ 13.498314] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.498914] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.499252] ================================================================== [ 13.734626] ================================================================== [ 13.734923] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 13.735217] Write of size 4 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 13.735553] [ 13.735688] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 13.735733] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.735745] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.735766] Call Trace: [ 13.735779] <TASK> [ 13.735813] dump_stack_lvl+0x73/0xb0 [ 13.735838] print_report+0xd1/0x610 [ 13.735862] ? __virt_addr_valid+0x1db/0x2d0 [ 13.735892] ? kasan_atomics_helper+0x992/0x5450 [ 13.735915] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.735939] ? kasan_atomics_helper+0x992/0x5450 [ 13.735964] kasan_report+0x141/0x180 [ 13.735988] ? kasan_atomics_helper+0x992/0x5450 [ 13.736016] kasan_check_range+0x10c/0x1c0 [ 13.736048] __kasan_check_write+0x18/0x20 [ 13.736070] kasan_atomics_helper+0x992/0x5450 [ 13.736095] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.736130] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.736152] ? ret_from_fork_asm+0x1a/0x30 [ 13.736174] ? kasan_atomics+0x152/0x310 [ 13.736200] kasan_atomics+0x1dc/0x310 [ 13.736221] ? __pfx_kasan_atomics+0x10/0x10 [ 13.736244] ? __pfx_read_tsc+0x10/0x10 [ 13.736264] ? ktime_get_ts64+0x86/0x230 [ 13.736290] kunit_try_run_case+0x1a5/0x480 [ 13.736313] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.736333] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.736359] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.736385] ? __kthread_parkme+0x82/0x180 [ 13.736408] ? preempt_count_sub+0x50/0x80 [ 13.736434] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.736456] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.736481] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.736507] kthread+0x337/0x6f0 [ 13.736525] ? trace_preempt_on+0x20/0xc0 [ 13.736550] ? __pfx_kthread+0x10/0x10 [ 13.736569] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.736593] ? calculate_sigpending+0x7b/0xa0 [ 13.736616] ? __pfx_kthread+0x10/0x10 [ 13.736645] ret_from_fork+0x41/0x80 [ 13.736667] ? __pfx_kthread+0x10/0x10 [ 13.736686] ret_from_fork_asm+0x1a/0x30 [ 13.736728] </TASK> [ 13.736739] [ 13.745598] Allocated by task 284: [ 13.745772] kasan_save_stack+0x45/0x70 [ 13.745978] kasan_save_track+0x18/0x40 [ 13.746161] kasan_save_alloc_info+0x3b/0x50 [ 13.746352] __kasan_kmalloc+0xb7/0xc0 [ 13.746520] __kmalloc_cache_noprof+0x189/0x420 [ 13.746724] kasan_atomics+0x95/0x310 [ 13.747482] kunit_try_run_case+0x1a5/0x480 [ 13.747702] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.748217] kthread+0x337/0x6f0 [ 13.748659] ret_from_fork+0x41/0x80 [ 13.749060] ret_from_fork_asm+0x1a/0x30 [ 13.749397] [ 13.749619] The buggy address belongs to the object at ffff888103a31d80 [ 13.749619] which belongs to the cache kmalloc-64 of size 64 [ 13.750497] The buggy address is located 0 bytes to the right of [ 13.750497] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 13.751447] [ 13.751562] The buggy address belongs to the physical page: [ 13.751803] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 13.752139] flags: 0x200000000000000(node=0|zone=2) [ 13.752362] page_type: f5(slab) [ 13.752514] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.753153] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.753628] page dumped because: kasan: bad access detected [ 13.754267] [ 13.754512] Memory state around the buggy address: [ 13.754747] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.755402] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.755894] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.756400] ^ [ 13.756829] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.757301] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.757605] ================================================================== [ 13.861183] ================================================================== [ 13.861599] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 13.861951] Write of size 4 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 13.862172] [ 13.862250] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 13.862304] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.862316] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.862336] Call Trace: [ 13.862349] <TASK> [ 13.862363] dump_stack_lvl+0x73/0xb0 [ 13.862387] print_report+0xd1/0x610 [ 13.862409] ? __virt_addr_valid+0x1db/0x2d0 [ 13.862442] ? kasan_atomics_helper+0xd47/0x5450 [ 13.862464] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.862487] ? kasan_atomics_helper+0xd47/0x5450 [ 13.862521] kasan_report+0x141/0x180 [ 13.862544] ? kasan_atomics_helper+0xd47/0x5450 [ 13.862571] kasan_check_range+0x10c/0x1c0 [ 13.862592] __kasan_check_write+0x18/0x20 [ 13.862612] kasan_atomics_helper+0xd47/0x5450 [ 13.862636] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.862658] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.862679] ? ret_from_fork_asm+0x1a/0x30 [ 13.862700] ? kasan_atomics+0x152/0x310 [ 13.862723] kasan_atomics+0x1dc/0x310 [ 13.862743] ? __pfx_kasan_atomics+0x10/0x10 [ 13.862774] ? __pfx_read_tsc+0x10/0x10 [ 13.862794] ? ktime_get_ts64+0x86/0x230 [ 13.862818] kunit_try_run_case+0x1a5/0x480 [ 13.862850] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.862869] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.862902] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.862926] ? __kthread_parkme+0x82/0x180 [ 13.862948] ? preempt_count_sub+0x50/0x80 [ 13.862972] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.862993] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.863017] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.863041] kthread+0x337/0x6f0 [ 13.863058] ? trace_preempt_on+0x20/0xc0 [ 13.863081] ? __pfx_kthread+0x10/0x10 [ 13.863099] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.863121] ? calculate_sigpending+0x7b/0xa0 [ 13.863142] ? __pfx_kthread+0x10/0x10 [ 13.863161] ret_from_fork+0x41/0x80 [ 13.863181] ? __pfx_kthread+0x10/0x10 [ 13.863199] ret_from_fork_asm+0x1a/0x30 [ 13.863240] </TASK> [ 13.863250] [ 13.871293] Allocated by task 284: [ 13.871417] kasan_save_stack+0x45/0x70 [ 13.871613] kasan_save_track+0x18/0x40 [ 13.871840] kasan_save_alloc_info+0x3b/0x50 [ 13.872034] __kasan_kmalloc+0xb7/0xc0 [ 13.872166] __kmalloc_cache_noprof+0x189/0x420 [ 13.872317] kasan_atomics+0x95/0x310 [ 13.872525] kunit_try_run_case+0x1a5/0x480 [ 13.872731] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.873032] kthread+0x337/0x6f0 [ 13.873244] ret_from_fork+0x41/0x80 [ 13.873415] ret_from_fork_asm+0x1a/0x30 [ 13.873650] [ 13.873744] The buggy address belongs to the object at ffff888103a31d80 [ 13.873744] which belongs to the cache kmalloc-64 of size 64 [ 13.874230] The buggy address is located 0 bytes to the right of [ 13.874230] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 13.874593] [ 13.874665] The buggy address belongs to the physical page: [ 13.874869] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 13.875253] flags: 0x200000000000000(node=0|zone=2) [ 13.875485] page_type: f5(slab) [ 13.875651] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.876230] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.876465] page dumped because: kasan: bad access detected [ 13.876634] [ 13.876704] Memory state around the buggy address: [ 13.876976] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.877330] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.877673] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.878050] ^ [ 13.878272] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.878540] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.878892] ================================================================== [ 14.073082] ================================================================== [ 14.073392] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 14.073672] Read of size 4 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 14.074102] [ 14.074187] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.074229] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.074241] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.074262] Call Trace: [ 14.074274] <TASK> [ 14.074288] dump_stack_lvl+0x73/0xb0 [ 14.074312] print_report+0xd1/0x610 [ 14.074335] ? __virt_addr_valid+0x1db/0x2d0 [ 14.074356] ? kasan_atomics_helper+0x49e8/0x5450 [ 14.074378] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.074401] ? kasan_atomics_helper+0x49e8/0x5450 [ 14.074423] kasan_report+0x141/0x180 [ 14.074447] ? kasan_atomics_helper+0x49e8/0x5450 [ 14.074474] __asan_report_load4_noabort+0x18/0x20 [ 14.074495] kasan_atomics_helper+0x49e8/0x5450 [ 14.074518] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.074541] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.074562] ? ret_from_fork_asm+0x1a/0x30 [ 14.074583] ? kasan_atomics+0x152/0x310 [ 14.074606] kasan_atomics+0x1dc/0x310 [ 14.074626] ? __pfx_kasan_atomics+0x10/0x10 [ 14.074647] ? __pfx_read_tsc+0x10/0x10 [ 14.074667] ? ktime_get_ts64+0x86/0x230 [ 14.074691] kunit_try_run_case+0x1a5/0x480 [ 14.074712] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.074731] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.074755] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.074779] ? __kthread_parkme+0x82/0x180 [ 14.074801] ? preempt_count_sub+0x50/0x80 [ 14.074826] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.074847] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.074870] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.074906] kthread+0x337/0x6f0 [ 14.074924] ? trace_preempt_on+0x20/0xc0 [ 14.074947] ? __pfx_kthread+0x10/0x10 [ 14.074965] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.074987] ? calculate_sigpending+0x7b/0xa0 [ 14.075009] ? __pfx_kthread+0x10/0x10 [ 14.075028] ret_from_fork+0x41/0x80 [ 14.075049] ? __pfx_kthread+0x10/0x10 [ 14.075068] ret_from_fork_asm+0x1a/0x30 [ 14.075098] </TASK> [ 14.075108] [ 14.082524] Allocated by task 284: [ 14.082664] kasan_save_stack+0x45/0x70 [ 14.082912] kasan_save_track+0x18/0x40 [ 14.083067] kasan_save_alloc_info+0x3b/0x50 [ 14.083215] __kasan_kmalloc+0xb7/0xc0 [ 14.083350] __kmalloc_cache_noprof+0x189/0x420 [ 14.083560] kasan_atomics+0x95/0x310 [ 14.083749] kunit_try_run_case+0x1a5/0x480 [ 14.084121] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.084359] kthread+0x337/0x6f0 [ 14.084499] ret_from_fork+0x41/0x80 [ 14.084667] ret_from_fork_asm+0x1a/0x30 [ 14.084853] [ 14.084944] The buggy address belongs to the object at ffff888103a31d80 [ 14.084944] which belongs to the cache kmalloc-64 of size 64 [ 14.085418] The buggy address is located 0 bytes to the right of [ 14.085418] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 14.085938] [ 14.086033] The buggy address belongs to the physical page: [ 14.086249] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 14.086562] flags: 0x200000000000000(node=0|zone=2) [ 14.086778] page_type: f5(slab) [ 14.086941] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.087258] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.087550] page dumped because: kasan: bad access detected [ 14.087779] [ 14.087913] Memory state around the buggy address: [ 14.088078] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.088291] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.088502] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.088711] ^ [ 14.088902] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.089230] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.089815] ================================================================== [ 14.252870] ================================================================== [ 14.253225] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 14.253489] Write of size 8 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 14.253870] [ 14.253999] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.254041] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.254053] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.254073] Call Trace: [ 14.254088] <TASK> [ 14.254102] dump_stack_lvl+0x73/0xb0 [ 14.254126] print_report+0xd1/0x610 [ 14.254149] ? __virt_addr_valid+0x1db/0x2d0 [ 14.254170] ? kasan_atomics_helper+0x16e7/0x5450 [ 14.254192] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.254216] ? kasan_atomics_helper+0x16e7/0x5450 [ 14.254239] kasan_report+0x141/0x180 [ 14.254262] ? kasan_atomics_helper+0x16e7/0x5450 [ 14.254290] kasan_check_range+0x10c/0x1c0 [ 14.254311] __kasan_check_write+0x18/0x20 [ 14.254331] kasan_atomics_helper+0x16e7/0x5450 [ 14.254355] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.254377] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.254398] ? ret_from_fork_asm+0x1a/0x30 [ 14.254420] ? kasan_atomics+0x152/0x310 [ 14.254443] kasan_atomics+0x1dc/0x310 [ 14.254463] ? __pfx_kasan_atomics+0x10/0x10 [ 14.254485] ? __pfx_read_tsc+0x10/0x10 [ 14.254504] ? ktime_get_ts64+0x86/0x230 [ 14.254529] kunit_try_run_case+0x1a5/0x480 [ 14.254551] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.254570] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.254594] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.254619] ? __kthread_parkme+0x82/0x180 [ 14.254641] ? preempt_count_sub+0x50/0x80 [ 14.254666] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.254687] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.254710] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.254733] kthread+0x337/0x6f0 [ 14.254749] ? trace_preempt_on+0x20/0xc0 [ 14.254772] ? __pfx_kthread+0x10/0x10 [ 14.254791] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.254829] ? calculate_sigpending+0x7b/0xa0 [ 14.254851] ? __pfx_kthread+0x10/0x10 [ 14.254869] ret_from_fork+0x41/0x80 [ 14.254899] ? __pfx_kthread+0x10/0x10 [ 14.254918] ret_from_fork_asm+0x1a/0x30 [ 14.254948] </TASK> [ 14.254959] [ 14.262498] Allocated by task 284: [ 14.262679] kasan_save_stack+0x45/0x70 [ 14.262902] kasan_save_track+0x18/0x40 [ 14.263040] kasan_save_alloc_info+0x3b/0x50 [ 14.263243] __kasan_kmalloc+0xb7/0xc0 [ 14.263416] __kmalloc_cache_noprof+0x189/0x420 [ 14.263625] kasan_atomics+0x95/0x310 [ 14.263785] kunit_try_run_case+0x1a5/0x480 [ 14.264001] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.264201] kthread+0x337/0x6f0 [ 14.264370] ret_from_fork+0x41/0x80 [ 14.264520] ret_from_fork_asm+0x1a/0x30 [ 14.264718] [ 14.264798] The buggy address belongs to the object at ffff888103a31d80 [ 14.264798] which belongs to the cache kmalloc-64 of size 64 [ 14.265169] The buggy address is located 0 bytes to the right of [ 14.265169] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 14.265527] [ 14.265599] The buggy address belongs to the physical page: [ 14.265769] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 14.266199] flags: 0x200000000000000(node=0|zone=2) [ 14.266430] page_type: f5(slab) [ 14.266594] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.266963] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.267294] page dumped because: kasan: bad access detected [ 14.267540] [ 14.267619] Memory state around the buggy address: [ 14.267772] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.268016] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.268232] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.268533] ^ [ 14.268781] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.269130] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.269452] ================================================================== [ 14.309761] ================================================================== [ 14.310145] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 14.310578] Write of size 8 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 14.311118] [ 14.311226] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.311270] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.311283] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.311303] Call Trace: [ 14.311319] <TASK> [ 14.311334] dump_stack_lvl+0x73/0xb0 [ 14.311359] print_report+0xd1/0x610 [ 14.311381] ? __virt_addr_valid+0x1db/0x2d0 [ 14.311402] ? kasan_atomics_helper+0x18b1/0x5450 [ 14.311424] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.311447] ? kasan_atomics_helper+0x18b1/0x5450 [ 14.311470] kasan_report+0x141/0x180 [ 14.311492] ? kasan_atomics_helper+0x18b1/0x5450 [ 14.311520] kasan_check_range+0x10c/0x1c0 [ 14.311540] __kasan_check_write+0x18/0x20 [ 14.311560] kasan_atomics_helper+0x18b1/0x5450 [ 14.311584] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.311607] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.311628] ? ret_from_fork_asm+0x1a/0x30 [ 14.311650] ? kasan_atomics+0x152/0x310 [ 14.311673] kasan_atomics+0x1dc/0x310 [ 14.311692] ? __pfx_kasan_atomics+0x10/0x10 [ 14.311714] ? __pfx_read_tsc+0x10/0x10 [ 14.311733] ? ktime_get_ts64+0x86/0x230 [ 14.311757] kunit_try_run_case+0x1a5/0x480 [ 14.311778] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.311991] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.312026] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.312052] ? __kthread_parkme+0x82/0x180 [ 14.312074] ? preempt_count_sub+0x50/0x80 [ 14.312099] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.312120] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.312179] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.312203] kthread+0x337/0x6f0 [ 14.312221] ? trace_preempt_on+0x20/0xc0 [ 14.312245] ? __pfx_kthread+0x10/0x10 [ 14.312263] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.312286] ? calculate_sigpending+0x7b/0xa0 [ 14.312307] ? __pfx_kthread+0x10/0x10 [ 14.312327] ret_from_fork+0x41/0x80 [ 14.312347] ? __pfx_kthread+0x10/0x10 [ 14.312365] ret_from_fork_asm+0x1a/0x30 [ 14.312396] </TASK> [ 14.312406] [ 14.324065] Allocated by task 284: [ 14.324338] kasan_save_stack+0x45/0x70 [ 14.324539] kasan_save_track+0x18/0x40 [ 14.324714] kasan_save_alloc_info+0x3b/0x50 [ 14.325144] __kasan_kmalloc+0xb7/0xc0 [ 14.325514] __kmalloc_cache_noprof+0x189/0x420 [ 14.325859] kasan_atomics+0x95/0x310 [ 14.326048] kunit_try_run_case+0x1a5/0x480 [ 14.326239] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.326474] kthread+0x337/0x6f0 [ 14.326627] ret_from_fork+0x41/0x80 [ 14.327107] ret_from_fork_asm+0x1a/0x30 [ 14.327382] [ 14.327609] The buggy address belongs to the object at ffff888103a31d80 [ 14.327609] which belongs to the cache kmalloc-64 of size 64 [ 14.328383] The buggy address is located 0 bytes to the right of [ 14.328383] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 14.329088] [ 14.329191] The buggy address belongs to the physical page: [ 14.329427] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 14.329754] flags: 0x200000000000000(node=0|zone=2) [ 14.330335] page_type: f5(slab) [ 14.330634] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.331296] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.331719] page dumped because: kasan: bad access detected [ 14.332159] [ 14.332258] Memory state around the buggy address: [ 14.332702] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.333232] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.333658] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.334174] ^ [ 14.334515] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.334999] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.335434] ================================================================== [ 14.337001] ================================================================== [ 14.337271] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 14.337509] Write of size 8 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 14.337760] [ 14.337978] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.338047] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.338059] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.338079] Call Trace: [ 14.338094] <TASK> [ 14.338110] dump_stack_lvl+0x73/0xb0 [ 14.338135] print_report+0xd1/0x610 [ 14.338158] ? __virt_addr_valid+0x1db/0x2d0 [ 14.338179] ? kasan_atomics_helper+0x194a/0x5450 [ 14.338200] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.338223] ? kasan_atomics_helper+0x194a/0x5450 [ 14.338245] kasan_report+0x141/0x180 [ 14.338268] ? kasan_atomics_helper+0x194a/0x5450 [ 14.338295] kasan_check_range+0x10c/0x1c0 [ 14.338316] __kasan_check_write+0x18/0x20 [ 14.338335] kasan_atomics_helper+0x194a/0x5450 [ 14.338359] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.338381] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.338402] ? ret_from_fork_asm+0x1a/0x30 [ 14.338423] ? kasan_atomics+0x152/0x310 [ 14.338446] kasan_atomics+0x1dc/0x310 [ 14.338465] ? __pfx_kasan_atomics+0x10/0x10 [ 14.338486] ? __pfx_read_tsc+0x10/0x10 [ 14.338505] ? ktime_get_ts64+0x86/0x230 [ 14.338530] kunit_try_run_case+0x1a5/0x480 [ 14.338551] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.338569] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.338594] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.338618] ? __kthread_parkme+0x82/0x180 [ 14.338640] ? preempt_count_sub+0x50/0x80 [ 14.338665] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.338686] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.338710] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.338733] kthread+0x337/0x6f0 [ 14.338751] ? trace_preempt_on+0x20/0xc0 [ 14.338775] ? __pfx_kthread+0x10/0x10 [ 14.338794] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.338816] ? calculate_sigpending+0x7b/0xa0 [ 14.338838] ? __pfx_kthread+0x10/0x10 [ 14.338857] ret_from_fork+0x41/0x80 [ 14.338887] ? __pfx_kthread+0x10/0x10 [ 14.338905] ret_from_fork_asm+0x1a/0x30 [ 14.338935] </TASK> [ 14.338946] [ 14.350196] Allocated by task 284: [ 14.350467] kasan_save_stack+0x45/0x70 [ 14.350662] kasan_save_track+0x18/0x40 [ 14.350839] kasan_save_alloc_info+0x3b/0x50 [ 14.351011] __kasan_kmalloc+0xb7/0xc0 [ 14.351233] __kmalloc_cache_noprof+0x189/0x420 [ 14.351488] kasan_atomics+0x95/0x310 [ 14.351635] kunit_try_run_case+0x1a5/0x480 [ 14.351771] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.351946] kthread+0x337/0x6f0 [ 14.352295] ret_from_fork+0x41/0x80 [ 14.352472] ret_from_fork_asm+0x1a/0x30 [ 14.352644] [ 14.352712] The buggy address belongs to the object at ffff888103a31d80 [ 14.352712] which belongs to the cache kmalloc-64 of size 64 [ 14.353359] The buggy address is located 0 bytes to the right of [ 14.353359] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 14.353822] [ 14.353926] The buggy address belongs to the physical page: [ 14.354177] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 14.354469] flags: 0x200000000000000(node=0|zone=2) [ 14.354697] page_type: f5(slab) [ 14.354894] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.355189] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.355467] page dumped because: kasan: bad access detected [ 14.355679] [ 14.355757] Memory state around the buggy address: [ 14.355981] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.356258] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.356514] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.356790] ^ [ 14.356989] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.357231] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.357434] ================================================================== [ 13.758766] ================================================================== [ 13.759500] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 13.760209] Write of size 4 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 13.760602] [ 13.760826] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 13.760995] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.761014] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.761035] Call Trace: [ 13.761051] <TASK> [ 13.761081] dump_stack_lvl+0x73/0xb0 [ 13.761111] print_report+0xd1/0x610 [ 13.761147] ? __virt_addr_valid+0x1db/0x2d0 [ 13.761170] ? kasan_atomics_helper+0xa2b/0x5450 [ 13.761194] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.761219] ? kasan_atomics_helper+0xa2b/0x5450 [ 13.761243] kasan_report+0x141/0x180 [ 13.761267] ? kasan_atomics_helper+0xa2b/0x5450 [ 13.761295] kasan_check_range+0x10c/0x1c0 [ 13.761317] __kasan_check_write+0x18/0x20 [ 13.761339] kasan_atomics_helper+0xa2b/0x5450 [ 13.761363] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.761388] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.761410] ? ret_from_fork_asm+0x1a/0x30 [ 13.761433] ? kasan_atomics+0x152/0x310 [ 13.761458] kasan_atomics+0x1dc/0x310 [ 13.761479] ? __pfx_kasan_atomics+0x10/0x10 [ 13.761501] ? __pfx_read_tsc+0x10/0x10 [ 13.761522] ? ktime_get_ts64+0x86/0x230 [ 13.761548] kunit_try_run_case+0x1a5/0x480 [ 13.761570] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.761591] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.761618] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.761644] ? __kthread_parkme+0x82/0x180 [ 13.761668] ? preempt_count_sub+0x50/0x80 [ 13.761694] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.761716] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.761742] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.761767] kthread+0x337/0x6f0 [ 13.761786] ? trace_preempt_on+0x20/0xc0 [ 13.761837] ? __pfx_kthread+0x10/0x10 [ 13.761859] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.761892] ? calculate_sigpending+0x7b/0xa0 [ 13.761915] ? __pfx_kthread+0x10/0x10 [ 13.761935] ret_from_fork+0x41/0x80 [ 13.761957] ? __pfx_kthread+0x10/0x10 [ 13.761976] ret_from_fork_asm+0x1a/0x30 [ 13.762008] </TASK> [ 13.762020] [ 13.773855] Allocated by task 284: [ 13.774243] kasan_save_stack+0x45/0x70 [ 13.774569] kasan_save_track+0x18/0x40 [ 13.774983] kasan_save_alloc_info+0x3b/0x50 [ 13.775185] __kasan_kmalloc+0xb7/0xc0 [ 13.775359] __kmalloc_cache_noprof+0x189/0x420 [ 13.775560] kasan_atomics+0x95/0x310 [ 13.775730] kunit_try_run_case+0x1a5/0x480 [ 13.776203] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.776667] kthread+0x337/0x6f0 [ 13.777035] ret_from_fork+0x41/0x80 [ 13.777229] ret_from_fork_asm+0x1a/0x30 [ 13.777415] [ 13.777509] The buggy address belongs to the object at ffff888103a31d80 [ 13.777509] which belongs to the cache kmalloc-64 of size 64 [ 13.778286] The buggy address is located 0 bytes to the right of [ 13.778286] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 13.778788] [ 13.779268] The buggy address belongs to the physical page: [ 13.779711] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 13.780274] flags: 0x200000000000000(node=0|zone=2) [ 13.780705] page_type: f5(slab) [ 13.781032] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.781599] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.782055] page dumped because: kasan: bad access detected [ 13.782518] [ 13.782621] Memory state around the buggy address: [ 13.783055] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.783429] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.783728] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.784500] ^ [ 13.784788] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.785096] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.785391] ================================================================== [ 14.357840] ================================================================== [ 14.358187] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 14.358515] Write of size 8 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 14.359089] [ 14.359170] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.359212] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.359225] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.359244] Call Trace: [ 14.359258] <TASK> [ 14.359273] dump_stack_lvl+0x73/0xb0 [ 14.359297] print_report+0xd1/0x610 [ 14.359320] ? __virt_addr_valid+0x1db/0x2d0 [ 14.359342] ? kasan_atomics_helper+0x19e3/0x5450 [ 14.359363] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.359386] ? kasan_atomics_helper+0x19e3/0x5450 [ 14.359409] kasan_report+0x141/0x180 [ 14.359432] ? kasan_atomics_helper+0x19e3/0x5450 [ 14.359459] kasan_check_range+0x10c/0x1c0 [ 14.359479] __kasan_check_write+0x18/0x20 [ 14.359500] kasan_atomics_helper+0x19e3/0x5450 [ 14.359523] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.359546] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.359567] ? ret_from_fork_asm+0x1a/0x30 [ 14.359588] ? kasan_atomics+0x152/0x310 [ 14.359612] kasan_atomics+0x1dc/0x310 [ 14.359632] ? __pfx_kasan_atomics+0x10/0x10 [ 14.359654] ? __pfx_read_tsc+0x10/0x10 [ 14.359673] ? ktime_get_ts64+0x86/0x230 [ 14.359699] kunit_try_run_case+0x1a5/0x480 [ 14.359721] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.359740] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.359765] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.359789] ? __kthread_parkme+0x82/0x180 [ 14.359811] ? preempt_count_sub+0x50/0x80 [ 14.359836] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.359857] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.359894] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.359918] kthread+0x337/0x6f0 [ 14.359937] ? trace_preempt_on+0x20/0xc0 [ 14.359961] ? __pfx_kthread+0x10/0x10 [ 14.359980] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.360003] ? calculate_sigpending+0x7b/0xa0 [ 14.360024] ? __pfx_kthread+0x10/0x10 [ 14.360042] ret_from_fork+0x41/0x80 [ 14.360063] ? __pfx_kthread+0x10/0x10 [ 14.360081] ret_from_fork_asm+0x1a/0x30 [ 14.360111] </TASK> [ 14.360122] [ 14.368379] Allocated by task 284: [ 14.368540] kasan_save_stack+0x45/0x70 [ 14.368685] kasan_save_track+0x18/0x40 [ 14.368821] kasan_save_alloc_info+0x3b/0x50 [ 14.369046] __kasan_kmalloc+0xb7/0xc0 [ 14.369240] __kmalloc_cache_noprof+0x189/0x420 [ 14.369456] kasan_atomics+0x95/0x310 [ 14.369637] kunit_try_run_case+0x1a5/0x480 [ 14.369858] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.370052] kthread+0x337/0x6f0 [ 14.370170] ret_from_fork+0x41/0x80 [ 14.370299] ret_from_fork_asm+0x1a/0x30 [ 14.370483] [ 14.370579] The buggy address belongs to the object at ffff888103a31d80 [ 14.370579] which belongs to the cache kmalloc-64 of size 64 [ 14.371341] The buggy address is located 0 bytes to the right of [ 14.371341] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 14.371903] [ 14.371977] The buggy address belongs to the physical page: [ 14.372222] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 14.372530] flags: 0x200000000000000(node=0|zone=2) [ 14.372742] page_type: f5(slab) [ 14.372898] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.373217] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.373469] page dumped because: kasan: bad access detected [ 14.373716] [ 14.373810] Memory state around the buggy address: [ 14.373974] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.374189] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.374403] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.374713] ^ [ 14.374939] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.375244] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.375511] ================================================================== [ 14.445547] ================================================================== [ 14.446275] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 14.446729] Read of size 8 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 14.447331] [ 14.447443] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.447572] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.447589] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.447609] Call Trace: [ 14.447623] <TASK> [ 14.447638] dump_stack_lvl+0x73/0xb0 [ 14.447665] print_report+0xd1/0x610 [ 14.447689] ? __virt_addr_valid+0x1db/0x2d0 [ 14.447710] ? kasan_atomics_helper+0x4f30/0x5450 [ 14.447731] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.447754] ? kasan_atomics_helper+0x4f30/0x5450 [ 14.447777] kasan_report+0x141/0x180 [ 14.447799] ? kasan_atomics_helper+0x4f30/0x5450 [ 14.447827] __asan_report_load8_noabort+0x18/0x20 [ 14.447848] kasan_atomics_helper+0x4f30/0x5450 [ 14.447873] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.447909] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.447930] ? ret_from_fork_asm+0x1a/0x30 [ 14.447951] ? kasan_atomics+0x152/0x310 [ 14.447974] kasan_atomics+0x1dc/0x310 [ 14.447994] ? __pfx_kasan_atomics+0x10/0x10 [ 14.448015] ? __pfx_read_tsc+0x10/0x10 [ 14.448034] ? ktime_get_ts64+0x86/0x230 [ 14.448059] kunit_try_run_case+0x1a5/0x480 [ 14.448080] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.448099] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.448123] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.448146] ? __kthread_parkme+0x82/0x180 [ 14.448168] ? preempt_count_sub+0x50/0x80 [ 14.448193] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.448213] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.448236] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.448260] kthread+0x337/0x6f0 [ 14.448277] ? trace_preempt_on+0x20/0xc0 [ 14.448300] ? __pfx_kthread+0x10/0x10 [ 14.448317] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.448340] ? calculate_sigpending+0x7b/0xa0 [ 14.448361] ? __pfx_kthread+0x10/0x10 [ 14.448380] ret_from_fork+0x41/0x80 [ 14.448400] ? __pfx_kthread+0x10/0x10 [ 14.448418] ret_from_fork_asm+0x1a/0x30 [ 14.448448] </TASK> [ 14.448459] [ 14.458711] Allocated by task 284: [ 14.459111] kasan_save_stack+0x45/0x70 [ 14.459414] kasan_save_track+0x18/0x40 [ 14.459571] kasan_save_alloc_info+0x3b/0x50 [ 14.459927] __kasan_kmalloc+0xb7/0xc0 [ 14.460220] __kmalloc_cache_noprof+0x189/0x420 [ 14.460518] kasan_atomics+0x95/0x310 [ 14.460811] kunit_try_run_case+0x1a5/0x480 [ 14.461030] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.461365] kthread+0x337/0x6f0 [ 14.461538] ret_from_fork+0x41/0x80 [ 14.461708] ret_from_fork_asm+0x1a/0x30 [ 14.462113] [ 14.462363] The buggy address belongs to the object at ffff888103a31d80 [ 14.462363] which belongs to the cache kmalloc-64 of size 64 [ 14.462977] The buggy address is located 0 bytes to the right of [ 14.462977] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 14.463527] [ 14.463767] The buggy address belongs to the physical page: [ 14.464116] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 14.464503] flags: 0x200000000000000(node=0|zone=2) [ 14.464829] page_type: f5(slab) [ 14.464981] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.465315] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.465637] page dumped because: kasan: bad access detected [ 14.465891] [ 14.466258] Memory state around the buggy address: [ 14.466454] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.466875] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.467276] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.467657] ^ [ 14.468006] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.468261] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.468571] ================================================================== [ 14.654297] ================================================================== [ 14.654639] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 14.655049] Read of size 8 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 14.655725] [ 14.655837] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.655965] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.655977] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.655997] Call Trace: [ 14.656011] <TASK> [ 14.656126] dump_stack_lvl+0x73/0xb0 [ 14.656157] print_report+0xd1/0x610 [ 14.656180] ? __virt_addr_valid+0x1db/0x2d0 [ 14.656202] ? kasan_atomics_helper+0x4fb2/0x5450 [ 14.656223] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.656247] ? kasan_atomics_helper+0x4fb2/0x5450 [ 14.656270] kasan_report+0x141/0x180 [ 14.656293] ? kasan_atomics_helper+0x4fb2/0x5450 [ 14.656321] __asan_report_load8_noabort+0x18/0x20 [ 14.656343] kasan_atomics_helper+0x4fb2/0x5450 [ 14.656366] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.656389] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.656410] ? ret_from_fork_asm+0x1a/0x30 [ 14.656431] ? kasan_atomics+0x152/0x310 [ 14.656455] kasan_atomics+0x1dc/0x310 [ 14.656474] ? __pfx_kasan_atomics+0x10/0x10 [ 14.656495] ? __pfx_read_tsc+0x10/0x10 [ 14.656515] ? ktime_get_ts64+0x86/0x230 [ 14.656539] kunit_try_run_case+0x1a5/0x480 [ 14.656561] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.656579] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.656604] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.656628] ? __kthread_parkme+0x82/0x180 [ 14.656650] ? preempt_count_sub+0x50/0x80 [ 14.656675] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.656696] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.656719] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.656743] kthread+0x337/0x6f0 [ 14.656760] ? trace_preempt_on+0x20/0xc0 [ 14.656783] ? __pfx_kthread+0x10/0x10 [ 14.656801] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.656823] ? calculate_sigpending+0x7b/0xa0 [ 14.656845] ? __pfx_kthread+0x10/0x10 [ 14.656863] ret_from_fork+0x41/0x80 [ 14.656895] ? __pfx_kthread+0x10/0x10 [ 14.656914] ret_from_fork_asm+0x1a/0x30 [ 14.656944] </TASK> [ 14.656955] [ 14.666615] Allocated by task 284: [ 14.666966] kasan_save_stack+0x45/0x70 [ 14.667150] kasan_save_track+0x18/0x40 [ 14.667324] kasan_save_alloc_info+0x3b/0x50 [ 14.667500] __kasan_kmalloc+0xb7/0xc0 [ 14.667671] __kmalloc_cache_noprof+0x189/0x420 [ 14.667875] kasan_atomics+0x95/0x310 [ 14.668408] kunit_try_run_case+0x1a5/0x480 [ 14.668563] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.668904] kthread+0x337/0x6f0 [ 14.669058] ret_from_fork+0x41/0x80 [ 14.669308] ret_from_fork_asm+0x1a/0x30 [ 14.669612] [ 14.669706] The buggy address belongs to the object at ffff888103a31d80 [ 14.669706] which belongs to the cache kmalloc-64 of size 64 [ 14.670398] The buggy address is located 0 bytes to the right of [ 14.670398] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 14.670979] [ 14.671065] The buggy address belongs to the physical page: [ 14.671295] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 14.671614] flags: 0x200000000000000(node=0|zone=2) [ 14.671827] page_type: f5(slab) [ 14.672306] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.672587] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.673010] page dumped because: kasan: bad access detected [ 14.673324] [ 14.673398] Memory state around the buggy address: [ 14.673627] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.674223] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.674606] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.674857] ^ [ 14.675290] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.675662] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.676066] ================================================================== [ 13.994392] ================================================================== [ 13.994772] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 13.995093] Read of size 4 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 13.995349] [ 13.995431] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 13.995471] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.995483] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.995502] Call Trace: [ 13.995515] <TASK> [ 13.995529] dump_stack_lvl+0x73/0xb0 [ 13.995552] print_report+0xd1/0x610 [ 13.995574] ? __virt_addr_valid+0x1db/0x2d0 [ 13.995595] ? kasan_atomics_helper+0x4a1c/0x5450 [ 13.995617] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.995640] ? kasan_atomics_helper+0x4a1c/0x5450 [ 13.995662] kasan_report+0x141/0x180 [ 13.995686] ? kasan_atomics_helper+0x4a1c/0x5450 [ 13.995724] __asan_report_load4_noabort+0x18/0x20 [ 13.995746] kasan_atomics_helper+0x4a1c/0x5450 [ 13.995769] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.995803] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.995833] ? ret_from_fork_asm+0x1a/0x30 [ 13.995854] ? kasan_atomics+0x152/0x310 [ 13.995891] kasan_atomics+0x1dc/0x310 [ 13.995920] ? __pfx_kasan_atomics+0x10/0x10 [ 13.995942] ? __pfx_read_tsc+0x10/0x10 [ 13.995961] ? ktime_get_ts64+0x86/0x230 [ 13.995996] kunit_try_run_case+0x1a5/0x480 [ 13.996017] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.996036] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.996061] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.996085] ? __kthread_parkme+0x82/0x180 [ 13.996107] ? preempt_count_sub+0x50/0x80 [ 13.996131] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.996152] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.996175] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.996199] kthread+0x337/0x6f0 [ 13.996216] ? trace_preempt_on+0x20/0xc0 [ 13.996239] ? __pfx_kthread+0x10/0x10 [ 13.996258] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.996289] ? calculate_sigpending+0x7b/0xa0 [ 13.996310] ? __pfx_kthread+0x10/0x10 [ 13.996329] ret_from_fork+0x41/0x80 [ 13.996360] ? __pfx_kthread+0x10/0x10 [ 13.996379] ret_from_fork_asm+0x1a/0x30 [ 13.996409] </TASK> [ 13.996420] [ 14.004189] Allocated by task 284: [ 14.004373] kasan_save_stack+0x45/0x70 [ 14.004558] kasan_save_track+0x18/0x40 [ 14.004694] kasan_save_alloc_info+0x3b/0x50 [ 14.004838] __kasan_kmalloc+0xb7/0xc0 [ 14.004980] __kmalloc_cache_noprof+0x189/0x420 [ 14.005141] kasan_atomics+0x95/0x310 [ 14.005272] kunit_try_run_case+0x1a5/0x480 [ 14.005413] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.005666] kthread+0x337/0x6f0 [ 14.006024] ret_from_fork+0x41/0x80 [ 14.006229] ret_from_fork_asm+0x1a/0x30 [ 14.006424] [ 14.006518] The buggy address belongs to the object at ffff888103a31d80 [ 14.006518] which belongs to the cache kmalloc-64 of size 64 [ 14.006922] The buggy address is located 0 bytes to the right of [ 14.006922] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 14.007285] [ 14.007355] The buggy address belongs to the physical page: [ 14.007525] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 14.007953] flags: 0x200000000000000(node=0|zone=2) [ 14.008201] page_type: f5(slab) [ 14.008392] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.008779] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.009166] page dumped because: kasan: bad access detected [ 14.009430] [ 14.009547] Memory state around the buggy address: [ 14.009769] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.010348] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.010568] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.011014] ^ [ 14.011212] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.011425] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.011634] ================================================================== [ 13.898178] ================================================================== [ 13.898960] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 13.899321] Write of size 4 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 13.899655] [ 13.899933] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 13.899979] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.899991] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.900012] Call Trace: [ 13.900025] <TASK> [ 13.900050] dump_stack_lvl+0x73/0xb0 [ 13.900075] print_report+0xd1/0x610 [ 13.900099] ? __virt_addr_valid+0x1db/0x2d0 [ 13.900131] ? kasan_atomics_helper+0xe78/0x5450 [ 13.900154] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.900177] ? kasan_atomics_helper+0xe78/0x5450 [ 13.900200] kasan_report+0x141/0x180 [ 13.900223] ? kasan_atomics_helper+0xe78/0x5450 [ 13.900251] kasan_check_range+0x10c/0x1c0 [ 13.900271] __kasan_check_write+0x18/0x20 [ 13.900291] kasan_atomics_helper+0xe78/0x5450 [ 13.900315] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.900348] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.900369] ? ret_from_fork_asm+0x1a/0x30 [ 13.900390] ? kasan_atomics+0x152/0x310 [ 13.900423] kasan_atomics+0x1dc/0x310 [ 13.900444] ? __pfx_kasan_atomics+0x10/0x10 [ 13.900465] ? __pfx_read_tsc+0x10/0x10 [ 13.900484] ? ktime_get_ts64+0x86/0x230 [ 13.900509] kunit_try_run_case+0x1a5/0x480 [ 13.900530] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.900550] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.900574] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.900598] ? __kthread_parkme+0x82/0x180 [ 13.900620] ? preempt_count_sub+0x50/0x80 [ 13.900644] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.900675] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.900698] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.900721] kthread+0x337/0x6f0 [ 13.900748] ? trace_preempt_on+0x20/0xc0 [ 13.900773] ? __pfx_kthread+0x10/0x10 [ 13.900791] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.900826] ? calculate_sigpending+0x7b/0xa0 [ 13.900848] ? __pfx_kthread+0x10/0x10 [ 13.900873] ret_from_fork+0x41/0x80 [ 13.900903] ? __pfx_kthread+0x10/0x10 [ 13.900921] ret_from_fork_asm+0x1a/0x30 [ 13.900963] </TASK> [ 13.900974] [ 13.908777] Allocated by task 284: [ 13.908991] kasan_save_stack+0x45/0x70 [ 13.909183] kasan_save_track+0x18/0x40 [ 13.909462] kasan_save_alloc_info+0x3b/0x50 [ 13.909652] __kasan_kmalloc+0xb7/0xc0 [ 13.909863] __kmalloc_cache_noprof+0x189/0x420 [ 13.910076] kasan_atomics+0x95/0x310 [ 13.910229] kunit_try_run_case+0x1a5/0x480 [ 13.910382] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.910651] kthread+0x337/0x6f0 [ 13.910814] ret_from_fork+0x41/0x80 [ 13.910994] ret_from_fork_asm+0x1a/0x30 [ 13.911263] [ 13.911334] The buggy address belongs to the object at ffff888103a31d80 [ 13.911334] which belongs to the cache kmalloc-64 of size 64 [ 13.911897] The buggy address is located 0 bytes to the right of [ 13.911897] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 13.912278] [ 13.912348] The buggy address belongs to the physical page: [ 13.912519] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 13.912823] flags: 0x200000000000000(node=0|zone=2) [ 13.913142] page_type: f5(slab) [ 13.913333] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.913671] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.914119] page dumped because: kasan: bad access detected [ 13.914287] [ 13.914356] Memory state around the buggy address: [ 13.914507] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.914716] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.915320] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.915643] ^ [ 13.915906] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.916237] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.916446] ================================================================== [ 14.145551] ================================================================== [ 14.146017] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 14.146249] Read of size 8 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 14.146569] [ 14.146672] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.146713] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.146725] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.146745] Call Trace: [ 14.146759] <TASK> [ 14.146772] dump_stack_lvl+0x73/0xb0 [ 14.146795] print_report+0xd1/0x610 [ 14.146818] ? __virt_addr_valid+0x1db/0x2d0 [ 14.146839] ? kasan_atomics_helper+0x4eae/0x5450 [ 14.146860] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.146894] ? kasan_atomics_helper+0x4eae/0x5450 [ 14.146917] kasan_report+0x141/0x180 [ 14.146939] ? kasan_atomics_helper+0x4eae/0x5450 [ 14.146967] __asan_report_load8_noabort+0x18/0x20 [ 14.146988] kasan_atomics_helper+0x4eae/0x5450 [ 14.147012] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.147035] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.147056] ? ret_from_fork_asm+0x1a/0x30 [ 14.147077] ? kasan_atomics+0x152/0x310 [ 14.147101] kasan_atomics+0x1dc/0x310 [ 14.147121] ? __pfx_kasan_atomics+0x10/0x10 [ 14.147143] ? __pfx_read_tsc+0x10/0x10 [ 14.147162] ? ktime_get_ts64+0x86/0x230 [ 14.147186] kunit_try_run_case+0x1a5/0x480 [ 14.147207] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.147227] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.147251] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.147276] ? __kthread_parkme+0x82/0x180 [ 14.147298] ? preempt_count_sub+0x50/0x80 [ 14.147323] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.147343] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.147366] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.147389] kthread+0x337/0x6f0 [ 14.147406] ? trace_preempt_on+0x20/0xc0 [ 14.147429] ? __pfx_kthread+0x10/0x10 [ 14.147448] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.147469] ? calculate_sigpending+0x7b/0xa0 [ 14.147491] ? __pfx_kthread+0x10/0x10 [ 14.147510] ret_from_fork+0x41/0x80 [ 14.147531] ? __pfx_kthread+0x10/0x10 [ 14.147549] ret_from_fork_asm+0x1a/0x30 [ 14.147579] </TASK> [ 14.147589] [ 14.154709] Allocated by task 284: [ 14.154945] kasan_save_stack+0x45/0x70 [ 14.155147] kasan_save_track+0x18/0x40 [ 14.155343] kasan_save_alloc_info+0x3b/0x50 [ 14.155552] __kasan_kmalloc+0xb7/0xc0 [ 14.155751] __kmalloc_cache_noprof+0x189/0x420 [ 14.156142] kasan_atomics+0x95/0x310 [ 14.156368] kunit_try_run_case+0x1a5/0x480 [ 14.156574] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.156790] kthread+0x337/0x6f0 [ 14.156938] ret_from_fork+0x41/0x80 [ 14.157114] ret_from_fork_asm+0x1a/0x30 [ 14.157253] [ 14.157348] The buggy address belongs to the object at ffff888103a31d80 [ 14.157348] which belongs to the cache kmalloc-64 of size 64 [ 14.157840] The buggy address is located 0 bytes to the right of [ 14.157840] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 14.158378] [ 14.158448] The buggy address belongs to the physical page: [ 14.158617] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 14.158851] flags: 0x200000000000000(node=0|zone=2) [ 14.159252] page_type: f5(slab) [ 14.159422] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.159746] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.160152] page dumped because: kasan: bad access detected [ 14.160373] [ 14.160455] Memory state around the buggy address: [ 14.160661] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.160959] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.161225] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.161436] ^ [ 14.161587] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.161799] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.162083] ================================================================== [ 14.162787] ================================================================== [ 14.163184] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 14.163524] Write of size 8 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 14.164081] [ 14.164190] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.164232] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.164243] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.164263] Call Trace: [ 14.164277] <TASK> [ 14.164291] dump_stack_lvl+0x73/0xb0 [ 14.164313] print_report+0xd1/0x610 [ 14.164336] ? __virt_addr_valid+0x1db/0x2d0 [ 14.164357] ? kasan_atomics_helper+0x1467/0x5450 [ 14.164379] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.164405] ? kasan_atomics_helper+0x1467/0x5450 [ 14.164429] kasan_report+0x141/0x180 [ 14.164452] ? kasan_atomics_helper+0x1467/0x5450 [ 14.164480] kasan_check_range+0x10c/0x1c0 [ 14.164501] __kasan_check_write+0x18/0x20 [ 14.164521] kasan_atomics_helper+0x1467/0x5450 [ 14.164544] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.164567] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.164587] ? ret_from_fork_asm+0x1a/0x30 [ 14.164608] ? kasan_atomics+0x152/0x310 [ 14.164631] kasan_atomics+0x1dc/0x310 [ 14.164653] ? __pfx_kasan_atomics+0x10/0x10 [ 14.164674] ? __pfx_read_tsc+0x10/0x10 [ 14.164694] ? ktime_get_ts64+0x86/0x230 [ 14.164719] kunit_try_run_case+0x1a5/0x480 [ 14.164739] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.164758] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.164782] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.164806] ? __kthread_parkme+0x82/0x180 [ 14.164827] ? preempt_count_sub+0x50/0x80 [ 14.164852] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.164872] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.164906] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.164929] kthread+0x337/0x6f0 [ 14.164946] ? trace_preempt_on+0x20/0xc0 [ 14.164970] ? __pfx_kthread+0x10/0x10 [ 14.164987] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.165010] ? calculate_sigpending+0x7b/0xa0 [ 14.165030] ? __pfx_kthread+0x10/0x10 [ 14.165049] ret_from_fork+0x41/0x80 [ 14.165069] ? __pfx_kthread+0x10/0x10 [ 14.165088] ret_from_fork_asm+0x1a/0x30 [ 14.165118] </TASK> [ 14.165132] [ 14.172852] Allocated by task 284: [ 14.173016] kasan_save_stack+0x45/0x70 [ 14.173211] kasan_save_track+0x18/0x40 [ 14.173369] kasan_save_alloc_info+0x3b/0x50 [ 14.173566] __kasan_kmalloc+0xb7/0xc0 [ 14.173723] __kmalloc_cache_noprof+0x189/0x420 [ 14.173967] kasan_atomics+0x95/0x310 [ 14.174097] kunit_try_run_case+0x1a5/0x480 [ 14.174238] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.174437] kthread+0x337/0x6f0 [ 14.174609] ret_from_fork+0x41/0x80 [ 14.174790] ret_from_fork_asm+0x1a/0x30 [ 14.175017] [ 14.175088] The buggy address belongs to the object at ffff888103a31d80 [ 14.175088] which belongs to the cache kmalloc-64 of size 64 [ 14.175672] The buggy address is located 0 bytes to the right of [ 14.175672] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 14.176223] [ 14.176308] The buggy address belongs to the physical page: [ 14.176530] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 14.176949] flags: 0x200000000000000(node=0|zone=2) [ 14.177201] page_type: f5(slab) [ 14.177360] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.177655] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.177919] page dumped because: kasan: bad access detected [ 14.178093] [ 14.178166] Memory state around the buggy address: [ 14.178324] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.178538] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.178750] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.179074] ^ [ 14.179296] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.179612] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.179936] ================================================================== [ 13.447642] ================================================================== [ 13.448050] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 13.448314] Write of size 4 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 13.448700] [ 13.448784] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 13.448939] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.448952] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.448991] Call Trace: [ 13.449004] <TASK> [ 13.449019] dump_stack_lvl+0x73/0xb0 [ 13.449296] print_report+0xd1/0x610 [ 13.449319] ? __virt_addr_valid+0x1db/0x2d0 [ 13.449341] ? kasan_atomics_helper+0x4b6e/0x5450 [ 13.449363] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.449386] ? kasan_atomics_helper+0x4b6e/0x5450 [ 13.449409] kasan_report+0x141/0x180 [ 13.449432] ? kasan_atomics_helper+0x4b6e/0x5450 [ 13.449459] __asan_report_store4_noabort+0x1b/0x30 [ 13.449480] kasan_atomics_helper+0x4b6e/0x5450 [ 13.449504] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.449527] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.449548] ? ret_from_fork_asm+0x1a/0x30 [ 13.449570] ? kasan_atomics+0x152/0x310 [ 13.449593] kasan_atomics+0x1dc/0x310 [ 13.449613] ? __pfx_kasan_atomics+0x10/0x10 [ 13.449634] ? __pfx_read_tsc+0x10/0x10 [ 13.449654] ? ktime_get_ts64+0x86/0x230 [ 13.449679] kunit_try_run_case+0x1a5/0x480 [ 13.449701] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.449719] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.449744] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.449768] ? __kthread_parkme+0x82/0x180 [ 13.449790] ? preempt_count_sub+0x50/0x80 [ 13.449815] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.449836] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.449859] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.449893] kthread+0x337/0x6f0 [ 13.449911] ? trace_preempt_on+0x20/0xc0 [ 13.449934] ? __pfx_kthread+0x10/0x10 [ 13.449952] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.450463] ? calculate_sigpending+0x7b/0xa0 [ 13.450496] ? __pfx_kthread+0x10/0x10 [ 13.450517] ret_from_fork+0x41/0x80 [ 13.450539] ? __pfx_kthread+0x10/0x10 [ 13.450558] ret_from_fork_asm+0x1a/0x30 [ 13.450589] </TASK> [ 13.450601] [ 13.461484] Allocated by task 284: [ 13.461675] kasan_save_stack+0x45/0x70 [ 13.461858] kasan_save_track+0x18/0x40 [ 13.462032] kasan_save_alloc_info+0x3b/0x50 [ 13.462222] __kasan_kmalloc+0xb7/0xc0 [ 13.462389] __kmalloc_cache_noprof+0x189/0x420 [ 13.462582] kasan_atomics+0x95/0x310 [ 13.462738] kunit_try_run_case+0x1a5/0x480 [ 13.463634] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.463895] kthread+0x337/0x6f0 [ 13.464069] ret_from_fork+0x41/0x80 [ 13.464565] ret_from_fork_asm+0x1a/0x30 [ 13.464869] [ 13.464984] The buggy address belongs to the object at ffff888103a31d80 [ 13.464984] which belongs to the cache kmalloc-64 of size 64 [ 13.465909] The buggy address is located 0 bytes to the right of [ 13.465909] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 13.466633] [ 13.466890] The buggy address belongs to the physical page: [ 13.467249] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 13.467685] flags: 0x200000000000000(node=0|zone=2) [ 13.467936] page_type: f5(slab) [ 13.468104] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.468396] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.468731] page dumped because: kasan: bad access detected [ 13.469341] [ 13.469427] Memory state around the buggy address: [ 13.469585] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.470232] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.470753] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.471108] ^ [ 13.471481] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.472024] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.472441] ================================================================== [ 14.198759] ================================================================== [ 14.199255] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 14.199627] Write of size 8 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 14.199972] [ 14.200057] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.200099] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.200111] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.200130] Call Trace: [ 14.200143] <TASK> [ 14.200157] dump_stack_lvl+0x73/0xb0 [ 14.200179] print_report+0xd1/0x610 [ 14.200202] ? __virt_addr_valid+0x1db/0x2d0 [ 14.200222] ? kasan_atomics_helper+0x151d/0x5450 [ 14.200244] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.200267] ? kasan_atomics_helper+0x151d/0x5450 [ 14.200290] kasan_report+0x141/0x180 [ 14.200313] ? kasan_atomics_helper+0x151d/0x5450 [ 14.200340] kasan_check_range+0x10c/0x1c0 [ 14.200360] __kasan_check_write+0x18/0x20 [ 14.200380] kasan_atomics_helper+0x151d/0x5450 [ 14.200403] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.200426] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.200447] ? ret_from_fork_asm+0x1a/0x30 [ 14.200468] ? kasan_atomics+0x152/0x310 [ 14.200491] kasan_atomics+0x1dc/0x310 [ 14.200511] ? __pfx_kasan_atomics+0x10/0x10 [ 14.200531] ? __pfx_read_tsc+0x10/0x10 [ 14.200551] ? ktime_get_ts64+0x86/0x230 [ 14.200575] kunit_try_run_case+0x1a5/0x480 [ 14.200596] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.200614] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.200638] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.200662] ? __kthread_parkme+0x82/0x180 [ 14.200683] ? preempt_count_sub+0x50/0x80 [ 14.200707] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.200728] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.200751] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.200773] kthread+0x337/0x6f0 [ 14.200790] ? trace_preempt_on+0x20/0xc0 [ 14.200813] ? __pfx_kthread+0x10/0x10 [ 14.200831] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.200853] ? calculate_sigpending+0x7b/0xa0 [ 14.200874] ? __pfx_kthread+0x10/0x10 [ 14.200904] ret_from_fork+0x41/0x80 [ 14.200925] ? __pfx_kthread+0x10/0x10 [ 14.200942] ret_from_fork_asm+0x1a/0x30 [ 14.200972] </TASK> [ 14.200983] [ 14.208329] Allocated by task 284: [ 14.208452] kasan_save_stack+0x45/0x70 [ 14.208758] kasan_save_track+0x18/0x40 [ 14.209139] kasan_save_alloc_info+0x3b/0x50 [ 14.209348] __kasan_kmalloc+0xb7/0xc0 [ 14.209537] __kmalloc_cache_noprof+0x189/0x420 [ 14.209758] kasan_atomics+0x95/0x310 [ 14.210000] kunit_try_run_case+0x1a5/0x480 [ 14.210147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.210324] kthread+0x337/0x6f0 [ 14.210444] ret_from_fork+0x41/0x80 [ 14.210575] ret_from_fork_asm+0x1a/0x30 [ 14.210712] [ 14.210781] The buggy address belongs to the object at ffff888103a31d80 [ 14.210781] which belongs to the cache kmalloc-64 of size 64 [ 14.211146] The buggy address is located 0 bytes to the right of [ 14.211146] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 14.211702] [ 14.211798] The buggy address belongs to the physical page: [ 14.212063] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 14.212656] flags: 0x200000000000000(node=0|zone=2) [ 14.212827] page_type: f5(slab) [ 14.212955] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.213187] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.213412] page dumped because: kasan: bad access detected [ 14.213580] [ 14.213648] Memory state around the buggy address: [ 14.213799] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.214133] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.214448] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.214763] ^ [ 14.214991] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.215309] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.215642] ================================================================== [ 14.216462] ================================================================== [ 14.216791] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 14.217038] Write of size 8 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 14.217268] [ 14.217350] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.217391] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.217403] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.217462] Call Trace: [ 14.217478] <TASK> [ 14.217492] dump_stack_lvl+0x73/0xb0 [ 14.217516] print_report+0xd1/0x610 [ 14.217538] ? __virt_addr_valid+0x1db/0x2d0 [ 14.217559] ? kasan_atomics_helper+0x15b6/0x5450 [ 14.217581] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.217605] ? kasan_atomics_helper+0x15b6/0x5450 [ 14.217627] kasan_report+0x141/0x180 [ 14.217650] ? kasan_atomics_helper+0x15b6/0x5450 [ 14.217678] kasan_check_range+0x10c/0x1c0 [ 14.217698] __kasan_check_write+0x18/0x20 [ 14.217719] kasan_atomics_helper+0x15b6/0x5450 [ 14.217742] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.217764] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.217785] ? ret_from_fork_asm+0x1a/0x30 [ 14.217807] ? kasan_atomics+0x152/0x310 [ 14.217832] kasan_atomics+0x1dc/0x310 [ 14.217851] ? __pfx_kasan_atomics+0x10/0x10 [ 14.217872] ? __pfx_read_tsc+0x10/0x10 [ 14.217900] ? ktime_get_ts64+0x86/0x230 [ 14.217925] kunit_try_run_case+0x1a5/0x480 [ 14.217947] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.217966] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.217990] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.218014] ? __kthread_parkme+0x82/0x180 [ 14.218036] ? preempt_count_sub+0x50/0x80 [ 14.218061] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.218082] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.218106] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.218129] kthread+0x337/0x6f0 [ 14.218146] ? trace_preempt_on+0x20/0xc0 [ 14.218168] ? __pfx_kthread+0x10/0x10 [ 14.218186] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.218208] ? calculate_sigpending+0x7b/0xa0 [ 14.218230] ? __pfx_kthread+0x10/0x10 [ 14.218248] ret_from_fork+0x41/0x80 [ 14.218269] ? __pfx_kthread+0x10/0x10 [ 14.218287] ret_from_fork_asm+0x1a/0x30 [ 14.218317] </TASK> [ 14.218328] [ 14.226330] Allocated by task 284: [ 14.226561] kasan_save_stack+0x45/0x70 [ 14.226767] kasan_save_track+0x18/0x40 [ 14.226971] kasan_save_alloc_info+0x3b/0x50 [ 14.227179] __kasan_kmalloc+0xb7/0xc0 [ 14.227378] __kmalloc_cache_noprof+0x189/0x420 [ 14.227757] kasan_atomics+0x95/0x310 [ 14.228087] kunit_try_run_case+0x1a5/0x480 [ 14.228305] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.228479] kthread+0x337/0x6f0 [ 14.228596] ret_from_fork+0x41/0x80 [ 14.228724] ret_from_fork_asm+0x1a/0x30 [ 14.228906] [ 14.229004] The buggy address belongs to the object at ffff888103a31d80 [ 14.229004] which belongs to the cache kmalloc-64 of size 64 [ 14.229538] The buggy address is located 0 bytes to the right of [ 14.229538] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 14.230136] [ 14.230207] The buggy address belongs to the physical page: [ 14.230377] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 14.230614] flags: 0x200000000000000(node=0|zone=2) [ 14.230780] page_type: f5(slab) [ 14.231109] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.231459] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.231806] page dumped because: kasan: bad access detected [ 14.232268] [ 14.232372] Memory state around the buggy address: [ 14.232599] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.232930] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.233215] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.233461] ^ [ 14.233687] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.234004] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.234261] ================================================================== [ 13.698846] ================================================================== [ 13.699181] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 13.699526] Write of size 4 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 13.699869] [ 13.699999] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 13.700056] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.700069] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.700101] Call Trace: [ 13.700115] <TASK> [ 13.700130] dump_stack_lvl+0x73/0xb0 [ 13.700155] print_report+0xd1/0x610 [ 13.700179] ? __virt_addr_valid+0x1db/0x2d0 [ 13.700201] ? kasan_atomics_helper+0x860/0x5450 [ 13.700224] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.700249] ? kasan_atomics_helper+0x860/0x5450 [ 13.700273] kasan_report+0x141/0x180 [ 13.700297] ? kasan_atomics_helper+0x860/0x5450 [ 13.700325] kasan_check_range+0x10c/0x1c0 [ 13.700347] __kasan_check_write+0x18/0x20 [ 13.700369] kasan_atomics_helper+0x860/0x5450 [ 13.700394] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.700417] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.700441] ? ret_from_fork_asm+0x1a/0x30 [ 13.700473] ? kasan_atomics+0x152/0x310 [ 13.700498] kasan_atomics+0x1dc/0x310 [ 13.700520] ? __pfx_kasan_atomics+0x10/0x10 [ 13.700553] ? __pfx_read_tsc+0x10/0x10 [ 13.700574] ? ktime_get_ts64+0x86/0x230 [ 13.700599] kunit_try_run_case+0x1a5/0x480 [ 13.700622] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.700643] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.700667] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.700694] ? __kthread_parkme+0x82/0x180 [ 13.700716] ? preempt_count_sub+0x50/0x80 [ 13.700742] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.700765] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.700789] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.700834] kthread+0x337/0x6f0 [ 13.700852] ? trace_preempt_on+0x20/0xc0 [ 13.700876] ? __pfx_kthread+0x10/0x10 [ 13.700903] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.700927] ? calculate_sigpending+0x7b/0xa0 [ 13.700950] ? __pfx_kthread+0x10/0x10 [ 13.700969] ret_from_fork+0x41/0x80 [ 13.700991] ? __pfx_kthread+0x10/0x10 [ 13.701010] ret_from_fork_asm+0x1a/0x30 [ 13.701042] </TASK> [ 13.701052] [ 13.708544] Allocated by task 284: [ 13.708724] kasan_save_stack+0x45/0x70 [ 13.708954] kasan_save_track+0x18/0x40 [ 13.709166] kasan_save_alloc_info+0x3b/0x50 [ 13.709359] __kasan_kmalloc+0xb7/0xc0 [ 13.709558] __kmalloc_cache_noprof+0x189/0x420 [ 13.709772] kasan_atomics+0x95/0x310 [ 13.709995] kunit_try_run_case+0x1a5/0x480 [ 13.710191] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.710419] kthread+0x337/0x6f0 [ 13.710603] ret_from_fork+0x41/0x80 [ 13.710754] ret_from_fork_asm+0x1a/0x30 [ 13.710930] [ 13.711003] The buggy address belongs to the object at ffff888103a31d80 [ 13.711003] which belongs to the cache kmalloc-64 of size 64 [ 13.711358] The buggy address is located 0 bytes to the right of [ 13.711358] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 13.711961] [ 13.712063] The buggy address belongs to the physical page: [ 13.712322] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 13.712677] flags: 0x200000000000000(node=0|zone=2) [ 13.712964] page_type: f5(slab) [ 13.713140] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.713428] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.713655] page dumped because: kasan: bad access detected [ 13.713852] [ 13.713953] Memory state around the buggy address: [ 13.714206] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.714558] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.714935] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.715281] ^ [ 13.715506] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.715752] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.716127] ================================================================== [ 13.785955] ================================================================== [ 13.787026] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 13.787340] Write of size 4 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 13.787646] [ 13.787746] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 13.787792] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.787804] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.787825] Call Trace: [ 13.787838] <TASK> [ 13.787853] dump_stack_lvl+0x73/0xb0 [ 13.787888] print_report+0xd1/0x610 [ 13.787923] ? __virt_addr_valid+0x1db/0x2d0 [ 13.787946] ? kasan_atomics_helper+0xac7/0x5450 [ 13.787969] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.788005] ? kasan_atomics_helper+0xac7/0x5450 [ 13.788028] kasan_report+0x141/0x180 [ 13.788053] ? kasan_atomics_helper+0xac7/0x5450 [ 13.788082] kasan_check_range+0x10c/0x1c0 [ 13.788104] __kasan_check_write+0x18/0x20 [ 13.788126] kasan_atomics_helper+0xac7/0x5450 [ 13.788151] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.788175] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.788199] ? ret_from_fork_asm+0x1a/0x30 [ 13.788222] ? kasan_atomics+0x152/0x310 [ 13.788256] kasan_atomics+0x1dc/0x310 [ 13.788277] ? __pfx_kasan_atomics+0x10/0x10 [ 13.788299] ? __pfx_read_tsc+0x10/0x10 [ 13.788330] ? ktime_get_ts64+0x86/0x230 [ 13.788357] kunit_try_run_case+0x1a5/0x480 [ 13.788380] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.788400] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.788426] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.788452] ? __kthread_parkme+0x82/0x180 [ 13.788475] ? preempt_count_sub+0x50/0x80 [ 13.788502] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.788524] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.788550] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.788575] kthread+0x337/0x6f0 [ 13.788602] ? trace_preempt_on+0x20/0xc0 [ 13.788627] ? __pfx_kthread+0x10/0x10 [ 13.788647] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.788681] ? calculate_sigpending+0x7b/0xa0 [ 13.788703] ? __pfx_kthread+0x10/0x10 [ 13.788723] ret_from_fork+0x41/0x80 [ 13.788754] ? __pfx_kthread+0x10/0x10 [ 13.788774] ret_from_fork_asm+0x1a/0x30 [ 13.788805] </TASK> [ 13.788816] [ 13.796587] Allocated by task 284: [ 13.796722] kasan_save_stack+0x45/0x70 [ 13.797081] kasan_save_track+0x18/0x40 [ 13.797286] kasan_save_alloc_info+0x3b/0x50 [ 13.797525] __kasan_kmalloc+0xb7/0xc0 [ 13.797721] __kmalloc_cache_noprof+0x189/0x420 [ 13.797953] kasan_atomics+0x95/0x310 [ 13.798087] kunit_try_run_case+0x1a5/0x480 [ 13.798293] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.798578] kthread+0x337/0x6f0 [ 13.798749] ret_from_fork+0x41/0x80 [ 13.798995] ret_from_fork_asm+0x1a/0x30 [ 13.799164] [ 13.799280] The buggy address belongs to the object at ffff888103a31d80 [ 13.799280] which belongs to the cache kmalloc-64 of size 64 [ 13.799767] The buggy address is located 0 bytes to the right of [ 13.799767] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 13.800401] [ 13.800520] The buggy address belongs to the physical page: [ 13.800720] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 13.800972] flags: 0x200000000000000(node=0|zone=2) [ 13.801141] page_type: f5(slab) [ 13.801272] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.801641] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.801981] page dumped because: kasan: bad access detected [ 13.802489] [ 13.802583] Memory state around the buggy address: [ 13.802776] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.803161] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.803439] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.803654] ^ [ 13.803834] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.804194] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.804545] ================================================================== [ 14.566059] ================================================================== [ 14.566788] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 14.567131] Read of size 8 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 14.567466] [ 14.567679] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.567725] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.567736] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.567756] Call Trace: [ 14.567771] <TASK> [ 14.567902] dump_stack_lvl+0x73/0xb0 [ 14.567934] print_report+0xd1/0x610 [ 14.567957] ? __virt_addr_valid+0x1db/0x2d0 [ 14.567979] ? kasan_atomics_helper+0x4f71/0x5450 [ 14.568001] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.568023] ? kasan_atomics_helper+0x4f71/0x5450 [ 14.568045] kasan_report+0x141/0x180 [ 14.568068] ? kasan_atomics_helper+0x4f71/0x5450 [ 14.568190] __asan_report_load8_noabort+0x18/0x20 [ 14.568212] kasan_atomics_helper+0x4f71/0x5450 [ 14.568235] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.568258] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.568279] ? ret_from_fork_asm+0x1a/0x30 [ 14.568300] ? kasan_atomics+0x152/0x310 [ 14.568324] kasan_atomics+0x1dc/0x310 [ 14.568344] ? __pfx_kasan_atomics+0x10/0x10 [ 14.568365] ? __pfx_read_tsc+0x10/0x10 [ 14.568384] ? ktime_get_ts64+0x86/0x230 [ 14.568409] kunit_try_run_case+0x1a5/0x480 [ 14.568431] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.568451] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.568476] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.568500] ? __kthread_parkme+0x82/0x180 [ 14.568522] ? preempt_count_sub+0x50/0x80 [ 14.568546] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.568568] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.568592] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.568615] kthread+0x337/0x6f0 [ 14.568632] ? trace_preempt_on+0x20/0xc0 [ 14.568655] ? __pfx_kthread+0x10/0x10 [ 14.568674] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.568696] ? calculate_sigpending+0x7b/0xa0 [ 14.568718] ? __pfx_kthread+0x10/0x10 [ 14.568737] ret_from_fork+0x41/0x80 [ 14.568757] ? __pfx_kthread+0x10/0x10 [ 14.568775] ret_from_fork_asm+0x1a/0x30 [ 14.568815] </TASK> [ 14.568826] [ 14.578502] Allocated by task 284: [ 14.578787] kasan_save_stack+0x45/0x70 [ 14.579130] kasan_save_track+0x18/0x40 [ 14.579291] kasan_save_alloc_info+0x3b/0x50 [ 14.579602] __kasan_kmalloc+0xb7/0xc0 [ 14.579784] __kmalloc_cache_noprof+0x189/0x420 [ 14.580151] kasan_atomics+0x95/0x310 [ 14.580295] kunit_try_run_case+0x1a5/0x480 [ 14.580497] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.580727] kthread+0x337/0x6f0 [ 14.580927] ret_from_fork+0x41/0x80 [ 14.581365] ret_from_fork_asm+0x1a/0x30 [ 14.581561] [ 14.581650] The buggy address belongs to the object at ffff888103a31d80 [ 14.581650] which belongs to the cache kmalloc-64 of size 64 [ 14.582350] The buggy address is located 0 bytes to the right of [ 14.582350] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 14.582999] [ 14.583080] The buggy address belongs to the physical page: [ 14.583316] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 14.583781] flags: 0x200000000000000(node=0|zone=2) [ 14.584059] page_type: f5(slab) [ 14.584221] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.584535] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.584844] page dumped because: kasan: bad access detected [ 14.585081] [ 14.585168] Memory state around the buggy address: [ 14.585374] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.585675] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.586386] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.586643] ^ [ 14.587045] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.587419] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.587695] ================================================================== [ 13.716620] ================================================================== [ 13.717050] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 13.717371] Write of size 4 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 13.717654] [ 13.717770] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 13.717834] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.717847] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.717868] Call Trace: [ 13.717890] <TASK> [ 13.717905] dump_stack_lvl+0x73/0xb0 [ 13.717931] print_report+0xd1/0x610 [ 13.717954] ? __virt_addr_valid+0x1db/0x2d0 [ 13.717976] ? kasan_atomics_helper+0x8f9/0x5450 [ 13.717999] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.718024] ? kasan_atomics_helper+0x8f9/0x5450 [ 13.718047] kasan_report+0x141/0x180 [ 13.718071] ? kasan_atomics_helper+0x8f9/0x5450 [ 13.718099] kasan_check_range+0x10c/0x1c0 [ 13.718121] __kasan_check_write+0x18/0x20 [ 13.718142] kasan_atomics_helper+0x8f9/0x5450 [ 13.718166] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.718191] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.718212] ? ret_from_fork_asm+0x1a/0x30 [ 13.718235] ? kasan_atomics+0x152/0x310 [ 13.718259] kasan_atomics+0x1dc/0x310 [ 13.718280] ? __pfx_kasan_atomics+0x10/0x10 [ 13.718302] ? __pfx_read_tsc+0x10/0x10 [ 13.718323] ? ktime_get_ts64+0x86/0x230 [ 13.718348] kunit_try_run_case+0x1a5/0x480 [ 13.718372] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.718392] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.718428] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.718454] ? __kthread_parkme+0x82/0x180 [ 13.718478] ? preempt_count_sub+0x50/0x80 [ 13.718515] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.718537] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.718562] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.718588] kthread+0x337/0x6f0 [ 13.718605] ? trace_preempt_on+0x20/0xc0 [ 13.718629] ? __pfx_kthread+0x10/0x10 [ 13.718649] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.718672] ? calculate_sigpending+0x7b/0xa0 [ 13.718695] ? __pfx_kthread+0x10/0x10 [ 13.718714] ret_from_fork+0x41/0x80 [ 13.718736] ? __pfx_kthread+0x10/0x10 [ 13.718755] ret_from_fork_asm+0x1a/0x30 [ 13.718786] </TASK> [ 13.718815] [ 13.726641] Allocated by task 284: [ 13.726836] kasan_save_stack+0x45/0x70 [ 13.726988] kasan_save_track+0x18/0x40 [ 13.727124] kasan_save_alloc_info+0x3b/0x50 [ 13.727300] __kasan_kmalloc+0xb7/0xc0 [ 13.727503] __kmalloc_cache_noprof+0x189/0x420 [ 13.727722] kasan_atomics+0x95/0x310 [ 13.727941] kunit_try_run_case+0x1a5/0x480 [ 13.728147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.728383] kthread+0x337/0x6f0 [ 13.728500] ret_from_fork+0x41/0x80 [ 13.728682] ret_from_fork_asm+0x1a/0x30 [ 13.728933] [ 13.729028] The buggy address belongs to the object at ffff888103a31d80 [ 13.729028] which belongs to the cache kmalloc-64 of size 64 [ 13.729518] The buggy address is located 0 bytes to the right of [ 13.729518] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 13.730074] [ 13.730173] The buggy address belongs to the physical page: [ 13.730416] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 13.730658] flags: 0x200000000000000(node=0|zone=2) [ 13.730841] page_type: f5(slab) [ 13.730983] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.731250] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.731599] page dumped because: kasan: bad access detected [ 13.731885] [ 13.731980] Memory state around the buggy address: [ 13.732204] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.732539] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.732847] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.733183] ^ [ 13.733425] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.733708] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.734071] ================================================================== [ 14.180583] ================================================================== [ 14.181041] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 14.181282] Write of size 8 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 14.181517] [ 14.181625] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.181667] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.181679] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.181700] Call Trace: [ 14.181714] <TASK> [ 14.181729] dump_stack_lvl+0x73/0xb0 [ 14.181751] print_report+0xd1/0x610 [ 14.181775] ? __virt_addr_valid+0x1db/0x2d0 [ 14.181796] ? kasan_atomics_helper+0x50d4/0x5450 [ 14.181817] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.181840] ? kasan_atomics_helper+0x50d4/0x5450 [ 14.181862] kasan_report+0x141/0x180 [ 14.181897] ? kasan_atomics_helper+0x50d4/0x5450 [ 14.181925] __asan_report_store8_noabort+0x1b/0x30 [ 14.181947] kasan_atomics_helper+0x50d4/0x5450 [ 14.181970] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.181992] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.182013] ? ret_from_fork_asm+0x1a/0x30 [ 14.182035] ? kasan_atomics+0x152/0x310 [ 14.182059] kasan_atomics+0x1dc/0x310 [ 14.182079] ? __pfx_kasan_atomics+0x10/0x10 [ 14.182099] ? __pfx_read_tsc+0x10/0x10 [ 14.182118] ? ktime_get_ts64+0x86/0x230 [ 14.182143] kunit_try_run_case+0x1a5/0x480 [ 14.182163] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.182182] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.182206] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.182230] ? __kthread_parkme+0x82/0x180 [ 14.182251] ? preempt_count_sub+0x50/0x80 [ 14.182277] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.182297] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.182320] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.182343] kthread+0x337/0x6f0 [ 14.182360] ? trace_preempt_on+0x20/0xc0 [ 14.182383] ? __pfx_kthread+0x10/0x10 [ 14.182401] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.182424] ? calculate_sigpending+0x7b/0xa0 [ 14.182445] ? __pfx_kthread+0x10/0x10 [ 14.182464] ret_from_fork+0x41/0x80 [ 14.182485] ? __pfx_kthread+0x10/0x10 [ 14.182502] ret_from_fork_asm+0x1a/0x30 [ 14.182533] </TASK> [ 14.182543] [ 14.190827] Allocated by task 284: [ 14.191017] kasan_save_stack+0x45/0x70 [ 14.191229] kasan_save_track+0x18/0x40 [ 14.191397] kasan_save_alloc_info+0x3b/0x50 [ 14.191596] __kasan_kmalloc+0xb7/0xc0 [ 14.191762] __kmalloc_cache_noprof+0x189/0x420 [ 14.192044] kasan_atomics+0x95/0x310 [ 14.192234] kunit_try_run_case+0x1a5/0x480 [ 14.192392] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.192566] kthread+0x337/0x6f0 [ 14.192684] ret_from_fork+0x41/0x80 [ 14.192813] ret_from_fork_asm+0x1a/0x30 [ 14.193034] [ 14.193141] The buggy address belongs to the object at ffff888103a31d80 [ 14.193141] which belongs to the cache kmalloc-64 of size 64 [ 14.193616] The buggy address is located 0 bytes to the right of [ 14.193616] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 14.194357] [ 14.194456] The buggy address belongs to the physical page: [ 14.194710] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 14.195072] flags: 0x200000000000000(node=0|zone=2) [ 14.195274] page_type: f5(slab) [ 14.195425] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.195654] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.195927] page dumped because: kasan: bad access detected [ 14.196188] [ 14.196280] Memory state around the buggy address: [ 14.196441] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.196742] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.197120] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.197338] ^ [ 14.197492] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.197794] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.198131] ================================================================== [ 14.699599] ================================================================== [ 14.700057] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 14.700624] Read of size 8 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 14.701174] [ 14.701306] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.701351] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.701364] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.701383] Call Trace: [ 14.701398] <TASK> [ 14.701414] dump_stack_lvl+0x73/0xb0 [ 14.701440] print_report+0xd1/0x610 [ 14.701536] ? __virt_addr_valid+0x1db/0x2d0 [ 14.701560] ? kasan_atomics_helper+0x4fa5/0x5450 [ 14.701583] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.701607] ? kasan_atomics_helper+0x4fa5/0x5450 [ 14.701629] kasan_report+0x141/0x180 [ 14.701653] ? kasan_atomics_helper+0x4fa5/0x5450 [ 14.701679] __asan_report_load8_noabort+0x18/0x20 [ 14.701701] kasan_atomics_helper+0x4fa5/0x5450 [ 14.701725] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.701748] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.701768] ? ret_from_fork_asm+0x1a/0x30 [ 14.701790] ? kasan_atomics+0x152/0x310 [ 14.701815] kasan_atomics+0x1dc/0x310 [ 14.701835] ? __pfx_kasan_atomics+0x10/0x10 [ 14.701856] ? __pfx_read_tsc+0x10/0x10 [ 14.701875] ? ktime_get_ts64+0x86/0x230 [ 14.701914] kunit_try_run_case+0x1a5/0x480 [ 14.701937] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.701955] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.701980] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.702004] ? __kthread_parkme+0x82/0x180 [ 14.702025] ? preempt_count_sub+0x50/0x80 [ 14.702051] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.702071] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.702095] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.702119] kthread+0x337/0x6f0 [ 14.702136] ? trace_preempt_on+0x20/0xc0 [ 14.702158] ? __pfx_kthread+0x10/0x10 [ 14.702177] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.702199] ? calculate_sigpending+0x7b/0xa0 [ 14.702220] ? __pfx_kthread+0x10/0x10 [ 14.702239] ret_from_fork+0x41/0x80 [ 14.702261] ? __pfx_kthread+0x10/0x10 [ 14.702279] ret_from_fork_asm+0x1a/0x30 [ 14.702309] </TASK> [ 14.702320] [ 14.709650] Allocated by task 284: [ 14.709824] kasan_save_stack+0x45/0x70 [ 14.709977] kasan_save_track+0x18/0x40 [ 14.710112] kasan_save_alloc_info+0x3b/0x50 [ 14.710273] __kasan_kmalloc+0xb7/0xc0 [ 14.710464] __kmalloc_cache_noprof+0x189/0x420 [ 14.710670] kasan_atomics+0x95/0x310 [ 14.710904] kunit_try_run_case+0x1a5/0x480 [ 14.711164] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.711472] kthread+0x337/0x6f0 [ 14.711642] ret_from_fork+0x41/0x80 [ 14.711832] ret_from_fork_asm+0x1a/0x30 [ 14.712062] [ 14.712137] The buggy address belongs to the object at ffff888103a31d80 [ 14.712137] which belongs to the cache kmalloc-64 of size 64 [ 14.712787] The buggy address is located 0 bytes to the right of [ 14.712787] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 14.713255] [ 14.713329] The buggy address belongs to the physical page: [ 14.713499] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 14.713864] flags: 0x200000000000000(node=0|zone=2) [ 14.714131] page_type: f5(slab) [ 14.714295] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.714625] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.714933] page dumped because: kasan: bad access detected [ 14.715100] [ 14.715168] Memory state around the buggy address: [ 14.715372] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.715716] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.716075] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.716365] ^ [ 14.716591] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.716929] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.717228] ================================================================== [ 14.012584] ================================================================== [ 14.013492] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 14.013950] Write of size 4 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 14.014283] [ 14.014405] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.014447] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.014469] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.014489] Call Trace: [ 14.014504] <TASK> [ 14.014520] dump_stack_lvl+0x73/0xb0 [ 14.014556] print_report+0xd1/0x610 [ 14.014580] ? __virt_addr_valid+0x1db/0x2d0 [ 14.014601] ? kasan_atomics_helper+0x1148/0x5450 [ 14.014632] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.014656] ? kasan_atomics_helper+0x1148/0x5450 [ 14.014679] kasan_report+0x141/0x180 [ 14.014712] ? kasan_atomics_helper+0x1148/0x5450 [ 14.014739] kasan_check_range+0x10c/0x1c0 [ 14.014762] __kasan_check_write+0x18/0x20 [ 14.014791] kasan_atomics_helper+0x1148/0x5450 [ 14.014814] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.014837] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.014888] ? ret_from_fork_asm+0x1a/0x30 [ 14.014910] ? kasan_atomics+0x152/0x310 [ 14.014934] kasan_atomics+0x1dc/0x310 [ 14.014954] ? __pfx_kasan_atomics+0x10/0x10 [ 14.014975] ? __pfx_read_tsc+0x10/0x10 [ 14.015003] ? ktime_get_ts64+0x86/0x230 [ 14.015028] kunit_try_run_case+0x1a5/0x480 [ 14.015050] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.015079] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.015104] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.015128] ? __kthread_parkme+0x82/0x180 [ 14.015158] ? preempt_count_sub+0x50/0x80 [ 14.015184] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.015205] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.015238] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.015261] kthread+0x337/0x6f0 [ 14.015278] ? trace_preempt_on+0x20/0xc0 [ 14.015302] ? __pfx_kthread+0x10/0x10 [ 14.015320] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.015352] ? calculate_sigpending+0x7b/0xa0 [ 14.015374] ? __pfx_kthread+0x10/0x10 [ 14.015392] ret_from_fork+0x41/0x80 [ 14.015423] ? __pfx_kthread+0x10/0x10 [ 14.015442] ret_from_fork_asm+0x1a/0x30 [ 14.015472] </TASK> [ 14.015484] [ 14.023063] Allocated by task 284: [ 14.023190] kasan_save_stack+0x45/0x70 [ 14.023332] kasan_save_track+0x18/0x40 [ 14.023468] kasan_save_alloc_info+0x3b/0x50 [ 14.023678] __kasan_kmalloc+0xb7/0xc0 [ 14.023938] __kmalloc_cache_noprof+0x189/0x420 [ 14.024189] kasan_atomics+0x95/0x310 [ 14.024384] kunit_try_run_case+0x1a5/0x480 [ 14.024595] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.024958] kthread+0x337/0x6f0 [ 14.025156] ret_from_fork+0x41/0x80 [ 14.025369] ret_from_fork_asm+0x1a/0x30 [ 14.025577] [ 14.025698] The buggy address belongs to the object at ffff888103a31d80 [ 14.025698] which belongs to the cache kmalloc-64 of size 64 [ 14.026249] The buggy address is located 0 bytes to the right of [ 14.026249] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 14.026707] [ 14.026815] The buggy address belongs to the physical page: [ 14.027091] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 14.027443] flags: 0x200000000000000(node=0|zone=2) [ 14.027639] page_type: f5(slab) [ 14.027788] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.028145] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.028395] page dumped because: kasan: bad access detected [ 14.028648] [ 14.028740] Memory state around the buggy address: [ 14.028974] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.029289] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.029587] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.029898] ^ [ 14.030121] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.030419] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.030693] ================================================================== [ 14.542513] ================================================================== [ 14.543236] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 14.543561] Write of size 8 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 14.544333] [ 14.544448] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.544492] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.544503] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.544524] Call Trace: [ 14.544536] <TASK> [ 14.544550] dump_stack_lvl+0x73/0xb0 [ 14.544574] print_report+0xd1/0x610 [ 14.544596] ? __virt_addr_valid+0x1db/0x2d0 [ 14.544617] ? kasan_atomics_helper+0x1f43/0x5450 [ 14.544639] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.544661] ? kasan_atomics_helper+0x1f43/0x5450 [ 14.544684] kasan_report+0x141/0x180 [ 14.544707] ? kasan_atomics_helper+0x1f43/0x5450 [ 14.544735] kasan_check_range+0x10c/0x1c0 [ 14.544756] __kasan_check_write+0x18/0x20 [ 14.544776] kasan_atomics_helper+0x1f43/0x5450 [ 14.544799] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.544821] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.544842] ? ret_from_fork_asm+0x1a/0x30 [ 14.544863] ? kasan_atomics+0x152/0x310 [ 14.544899] kasan_atomics+0x1dc/0x310 [ 14.544919] ? __pfx_kasan_atomics+0x10/0x10 [ 14.544941] ? __pfx_read_tsc+0x10/0x10 [ 14.544962] ? ktime_get_ts64+0x86/0x230 [ 14.544986] kunit_try_run_case+0x1a5/0x480 [ 14.545007] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.545026] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.545051] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.545075] ? __kthread_parkme+0x82/0x180 [ 14.545097] ? preempt_count_sub+0x50/0x80 [ 14.545121] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.545147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.545171] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.545195] kthread+0x337/0x6f0 [ 14.545212] ? trace_preempt_on+0x20/0xc0 [ 14.545235] ? __pfx_kthread+0x10/0x10 [ 14.545253] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.545276] ? calculate_sigpending+0x7b/0xa0 [ 14.545297] ? __pfx_kthread+0x10/0x10 [ 14.545316] ret_from_fork+0x41/0x80 [ 14.545337] ? __pfx_kthread+0x10/0x10 [ 14.545354] ret_from_fork_asm+0x1a/0x30 [ 14.545384] </TASK> [ 14.545396] [ 14.555991] Allocated by task 284: [ 14.556311] kasan_save_stack+0x45/0x70 [ 14.556612] kasan_save_track+0x18/0x40 [ 14.556898] kasan_save_alloc_info+0x3b/0x50 [ 14.557054] __kasan_kmalloc+0xb7/0xc0 [ 14.557327] __kmalloc_cache_noprof+0x189/0x420 [ 14.557572] kasan_atomics+0x95/0x310 [ 14.557855] kunit_try_run_case+0x1a5/0x480 [ 14.558056] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.558361] kthread+0x337/0x6f0 [ 14.558523] ret_from_fork+0x41/0x80 [ 14.558684] ret_from_fork_asm+0x1a/0x30 [ 14.559083] [ 14.559161] The buggy address belongs to the object at ffff888103a31d80 [ 14.559161] which belongs to the cache kmalloc-64 of size 64 [ 14.559808] The buggy address is located 0 bytes to the right of [ 14.559808] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 14.560430] [ 14.560524] The buggy address belongs to the physical page: [ 14.560723] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 14.561255] flags: 0x200000000000000(node=0|zone=2) [ 14.561538] page_type: f5(slab) [ 14.561665] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.562021] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.562479] page dumped because: kasan: bad access detected [ 14.562780] [ 14.562861] Memory state around the buggy address: [ 14.563193] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.563469] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.563765] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.564342] ^ [ 14.564559] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.564984] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.565356] ================================================================== [ 13.823751] ================================================================== [ 13.824432] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 13.824680] Write of size 4 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 13.824920] [ 13.825055] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 13.825102] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.825113] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.825139] Call Trace: [ 13.825151] <TASK> [ 13.825165] dump_stack_lvl+0x73/0xb0 [ 13.825191] print_report+0xd1/0x610 [ 13.825216] ? __virt_addr_valid+0x1db/0x2d0 [ 13.825238] ? kasan_atomics_helper+0xc70/0x5450 [ 13.825261] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.825286] ? kasan_atomics_helper+0xc70/0x5450 [ 13.825310] kasan_report+0x141/0x180 [ 13.825334] ? kasan_atomics_helper+0xc70/0x5450 [ 13.825363] kasan_check_range+0x10c/0x1c0 [ 13.825384] __kasan_check_write+0x18/0x20 [ 13.825406] kasan_atomics_helper+0xc70/0x5450 [ 13.825431] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.825455] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.825477] ? ret_from_fork_asm+0x1a/0x30 [ 13.825499] ? kasan_atomics+0x152/0x310 [ 13.825524] kasan_atomics+0x1dc/0x310 [ 13.825544] ? __pfx_kasan_atomics+0x10/0x10 [ 13.825567] ? __pfx_read_tsc+0x10/0x10 [ 13.825587] ? ktime_get_ts64+0x86/0x230 [ 13.825613] kunit_try_run_case+0x1a5/0x480 [ 13.825636] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.825657] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.825682] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.825708] ? __kthread_parkme+0x82/0x180 [ 13.825731] ? preempt_count_sub+0x50/0x80 [ 13.825757] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.825779] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.825804] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.825838] kthread+0x337/0x6f0 [ 13.825856] ? trace_preempt_on+0x20/0xc0 [ 13.825897] ? __pfx_kthread+0x10/0x10 [ 13.825918] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.825942] ? calculate_sigpending+0x7b/0xa0 [ 13.825965] ? __pfx_kthread+0x10/0x10 [ 13.825985] ret_from_fork+0x41/0x80 [ 13.826006] ? __pfx_kthread+0x10/0x10 [ 13.826026] ret_from_fork_asm+0x1a/0x30 [ 13.826058] </TASK> [ 13.826070] [ 13.833915] Allocated by task 284: [ 13.834125] kasan_save_stack+0x45/0x70 [ 13.834333] kasan_save_track+0x18/0x40 [ 13.834556] kasan_save_alloc_info+0x3b/0x50 [ 13.834773] __kasan_kmalloc+0xb7/0xc0 [ 13.835169] __kmalloc_cache_noprof+0x189/0x420 [ 13.835344] kasan_atomics+0x95/0x310 [ 13.835474] kunit_try_run_case+0x1a5/0x480 [ 13.835665] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.836066] kthread+0x337/0x6f0 [ 13.836226] ret_from_fork+0x41/0x80 [ 13.836403] ret_from_fork_asm+0x1a/0x30 [ 13.836605] [ 13.836715] The buggy address belongs to the object at ffff888103a31d80 [ 13.836715] which belongs to the cache kmalloc-64 of size 64 [ 13.837265] The buggy address is located 0 bytes to the right of [ 13.837265] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 13.837780] [ 13.837941] The buggy address belongs to the physical page: [ 13.838200] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 13.838538] flags: 0x200000000000000(node=0|zone=2) [ 13.838761] page_type: f5(slab) [ 13.839026] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.839386] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.839719] page dumped because: kasan: bad access detected [ 13.839986] [ 13.840070] Memory state around the buggy address: [ 13.840262] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.840523] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.840868] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.841208] ^ [ 13.841431] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.841752] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.842010] ================================================================== [ 13.611239] ================================================================== [ 13.611928] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 13.612240] Write of size 4 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 13.612581] [ 13.612996] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 13.613044] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.613057] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.613077] Call Trace: [ 13.613092] <TASK> [ 13.613107] dump_stack_lvl+0x73/0xb0 [ 13.613139] print_report+0xd1/0x610 [ 13.613162] ? __virt_addr_valid+0x1db/0x2d0 [ 13.613305] ? kasan_atomics_helper+0x5fe/0x5450 [ 13.613329] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.613352] ? kasan_atomics_helper+0x5fe/0x5450 [ 13.613374] kasan_report+0x141/0x180 [ 13.613398] ? kasan_atomics_helper+0x5fe/0x5450 [ 13.613425] kasan_check_range+0x10c/0x1c0 [ 13.613445] __kasan_check_write+0x18/0x20 [ 13.613465] kasan_atomics_helper+0x5fe/0x5450 [ 13.613488] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.613511] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.613531] ? ret_from_fork_asm+0x1a/0x30 [ 13.613552] ? kasan_atomics+0x152/0x310 [ 13.613576] kasan_atomics+0x1dc/0x310 [ 13.613595] ? __pfx_kasan_atomics+0x10/0x10 [ 13.613617] ? __pfx_read_tsc+0x10/0x10 [ 13.613636] ? ktime_get_ts64+0x86/0x230 [ 13.613661] kunit_try_run_case+0x1a5/0x480 [ 13.613705] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.613724] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.613748] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.613773] ? __kthread_parkme+0x82/0x180 [ 13.613794] ? preempt_count_sub+0x50/0x80 [ 13.613818] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.613838] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.613861] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.613895] kthread+0x337/0x6f0 [ 13.613911] ? trace_preempt_on+0x20/0xc0 [ 13.613934] ? __pfx_kthread+0x10/0x10 [ 13.613953] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.613975] ? calculate_sigpending+0x7b/0xa0 [ 13.613996] ? __pfx_kthread+0x10/0x10 [ 13.614015] ret_from_fork+0x41/0x80 [ 13.614035] ? __pfx_kthread+0x10/0x10 [ 13.614055] ret_from_fork_asm+0x1a/0x30 [ 13.614086] </TASK> [ 13.614097] [ 13.626660] Allocated by task 284: [ 13.627082] kasan_save_stack+0x45/0x70 [ 13.627255] kasan_save_track+0x18/0x40 [ 13.627648] kasan_save_alloc_info+0x3b/0x50 [ 13.628019] __kasan_kmalloc+0xb7/0xc0 [ 13.628339] __kmalloc_cache_noprof+0x189/0x420 [ 13.628781] kasan_atomics+0x95/0x310 [ 13.629202] kunit_try_run_case+0x1a5/0x480 [ 13.629662] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.630201] kthread+0x337/0x6f0 [ 13.630340] ret_from_fork+0x41/0x80 [ 13.630827] ret_from_fork_asm+0x1a/0x30 [ 13.631245] [ 13.631393] The buggy address belongs to the object at ffff888103a31d80 [ 13.631393] which belongs to the cache kmalloc-64 of size 64 [ 13.632401] The buggy address is located 0 bytes to the right of [ 13.632401] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 13.633416] [ 13.633524] The buggy address belongs to the physical page: [ 13.633797] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 13.634383] flags: 0x200000000000000(node=0|zone=2) [ 13.634630] page_type: f5(slab) [ 13.634773] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.635252] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.635689] page dumped because: kasan: bad access detected [ 13.635959] [ 13.636030] Memory state around the buggy address: [ 13.636212] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.636721] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.637294] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.637592] ^ [ 13.637757] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.638289] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.638619] ================================================================== [ 13.499929] ================================================================== [ 13.500260] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 13.500582] Read of size 4 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 13.501286] [ 13.501390] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 13.501436] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.501519] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.501540] Call Trace: [ 13.501554] <TASK> [ 13.501626] dump_stack_lvl+0x73/0xb0 [ 13.501656] print_report+0xd1/0x610 [ 13.501681] ? __virt_addr_valid+0x1db/0x2d0 [ 13.501703] ? kasan_atomics_helper+0x4b54/0x5450 [ 13.501726] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.501750] ? kasan_atomics_helper+0x4b54/0x5450 [ 13.501773] kasan_report+0x141/0x180 [ 13.501798] ? kasan_atomics_helper+0x4b54/0x5450 [ 13.501826] __asan_report_load4_noabort+0x18/0x20 [ 13.501847] kasan_atomics_helper+0x4b54/0x5450 [ 13.501871] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.501907] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.501928] ? ret_from_fork_asm+0x1a/0x30 [ 13.501949] ? kasan_atomics+0x152/0x310 [ 13.501973] kasan_atomics+0x1dc/0x310 [ 13.501993] ? __pfx_kasan_atomics+0x10/0x10 [ 13.502014] ? __pfx_read_tsc+0x10/0x10 [ 13.502033] ? ktime_get_ts64+0x86/0x230 [ 13.502059] kunit_try_run_case+0x1a5/0x480 [ 13.502080] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.502098] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.502123] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.502147] ? __kthread_parkme+0x82/0x180 [ 13.502169] ? preempt_count_sub+0x50/0x80 [ 13.502194] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.502214] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.502237] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.502261] kthread+0x337/0x6f0 [ 13.502278] ? trace_preempt_on+0x20/0xc0 [ 13.502301] ? __pfx_kthread+0x10/0x10 [ 13.502320] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.502342] ? calculate_sigpending+0x7b/0xa0 [ 13.502363] ? __pfx_kthread+0x10/0x10 [ 13.502382] ret_from_fork+0x41/0x80 [ 13.502402] ? __pfx_kthread+0x10/0x10 [ 13.502421] ret_from_fork_asm+0x1a/0x30 [ 13.502452] </TASK> [ 13.502464] [ 13.513241] Allocated by task 284: [ 13.513433] kasan_save_stack+0x45/0x70 [ 13.513629] kasan_save_track+0x18/0x40 [ 13.513918] kasan_save_alloc_info+0x3b/0x50 [ 13.514128] __kasan_kmalloc+0xb7/0xc0 [ 13.514501] __kmalloc_cache_noprof+0x189/0x420 [ 13.514824] kasan_atomics+0x95/0x310 [ 13.515087] kunit_try_run_case+0x1a5/0x480 [ 13.515364] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.515550] kthread+0x337/0x6f0 [ 13.515841] ret_from_fork+0x41/0x80 [ 13.516152] ret_from_fork_asm+0x1a/0x30 [ 13.516381] [ 13.516488] The buggy address belongs to the object at ffff888103a31d80 [ 13.516488] which belongs to the cache kmalloc-64 of size 64 [ 13.517289] The buggy address is located 0 bytes to the right of [ 13.517289] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 13.517999] [ 13.518093] The buggy address belongs to the physical page: [ 13.518316] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 13.518734] flags: 0x200000000000000(node=0|zone=2) [ 13.519159] page_type: f5(slab) [ 13.519331] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.519785] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.520056] page dumped because: kasan: bad access detected [ 13.520443] [ 13.520536] Memory state around the buggy address: [ 13.520868] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.521197] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.521482] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.521772] ^ [ 13.522171] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.522716] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.523044] ================================================================== [ 14.588494] ================================================================== [ 14.589221] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 14.589680] Write of size 8 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 14.590112] [ 14.590212] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.590256] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.590269] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.590290] Call Trace: [ 14.590305] <TASK> [ 14.590319] dump_stack_lvl+0x73/0xb0 [ 14.590343] print_report+0xd1/0x610 [ 14.590367] ? __virt_addr_valid+0x1db/0x2d0 [ 14.590388] ? kasan_atomics_helper+0x2006/0x5450 [ 14.590485] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.590509] ? kasan_atomics_helper+0x2006/0x5450 [ 14.590531] kasan_report+0x141/0x180 [ 14.590554] ? kasan_atomics_helper+0x2006/0x5450 [ 14.590581] kasan_check_range+0x10c/0x1c0 [ 14.590602] __kasan_check_write+0x18/0x20 [ 14.590623] kasan_atomics_helper+0x2006/0x5450 [ 14.590791] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.590814] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.590835] ? ret_from_fork_asm+0x1a/0x30 [ 14.590856] ? kasan_atomics+0x152/0x310 [ 14.590893] kasan_atomics+0x1dc/0x310 [ 14.590912] ? __pfx_kasan_atomics+0x10/0x10 [ 14.590934] ? __pfx_read_tsc+0x10/0x10 [ 14.590953] ? ktime_get_ts64+0x86/0x230 [ 14.590978] kunit_try_run_case+0x1a5/0x480 [ 14.591000] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.591019] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.591043] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.591068] ? __kthread_parkme+0x82/0x180 [ 14.591090] ? preempt_count_sub+0x50/0x80 [ 14.591116] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.591136] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.591160] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.591183] kthread+0x337/0x6f0 [ 14.591200] ? trace_preempt_on+0x20/0xc0 [ 14.591223] ? __pfx_kthread+0x10/0x10 [ 14.591241] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.591264] ? calculate_sigpending+0x7b/0xa0 [ 14.591286] ? __pfx_kthread+0x10/0x10 [ 14.591304] ret_from_fork+0x41/0x80 [ 14.591325] ? __pfx_kthread+0x10/0x10 [ 14.591343] ret_from_fork_asm+0x1a/0x30 [ 14.591373] </TASK> [ 14.591383] [ 14.601408] Allocated by task 284: [ 14.601701] kasan_save_stack+0x45/0x70 [ 14.601931] kasan_save_track+0x18/0x40 [ 14.602103] kasan_save_alloc_info+0x3b/0x50 [ 14.602297] __kasan_kmalloc+0xb7/0xc0 [ 14.602473] __kmalloc_cache_noprof+0x189/0x420 [ 14.602676] kasan_atomics+0x95/0x310 [ 14.602842] kunit_try_run_case+0x1a5/0x480 [ 14.603464] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.603775] kthread+0x337/0x6f0 [ 14.603923] ret_from_fork+0x41/0x80 [ 14.604254] ret_from_fork_asm+0x1a/0x30 [ 14.604412] [ 14.604578] The buggy address belongs to the object at ffff888103a31d80 [ 14.604578] which belongs to the cache kmalloc-64 of size 64 [ 14.605391] The buggy address is located 0 bytes to the right of [ 14.605391] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 14.606035] [ 14.606141] The buggy address belongs to the physical page: [ 14.606479] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 14.606910] flags: 0x200000000000000(node=0|zone=2) [ 14.607146] page_type: f5(slab) [ 14.607426] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.607817] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.608113] page dumped because: kasan: bad access detected [ 14.608346] [ 14.608434] Memory state around the buggy address: [ 14.608625] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.609216] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.609577] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.609844] ^ [ 14.610207] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.610512] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.610912] ================================================================== [ 14.270103] ================================================================== [ 14.270444] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 14.270835] Write of size 8 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 14.271166] [ 14.271262] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.271304] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.271316] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.271336] Call Trace: [ 14.271349] <TASK> [ 14.271364] dump_stack_lvl+0x73/0xb0 [ 14.271387] print_report+0xd1/0x610 [ 14.271410] ? __virt_addr_valid+0x1db/0x2d0 [ 14.271431] ? kasan_atomics_helper+0x177f/0x5450 [ 14.271454] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.271478] ? kasan_atomics_helper+0x177f/0x5450 [ 14.271500] kasan_report+0x141/0x180 [ 14.271524] ? kasan_atomics_helper+0x177f/0x5450 [ 14.271551] kasan_check_range+0x10c/0x1c0 [ 14.271572] __kasan_check_write+0x18/0x20 [ 14.271592] kasan_atomics_helper+0x177f/0x5450 [ 14.271616] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.271639] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.271660] ? ret_from_fork_asm+0x1a/0x30 [ 14.271682] ? kasan_atomics+0x152/0x310 [ 14.271706] kasan_atomics+0x1dc/0x310 [ 14.271725] ? __pfx_kasan_atomics+0x10/0x10 [ 14.271747] ? __pfx_read_tsc+0x10/0x10 [ 14.271766] ? ktime_get_ts64+0x86/0x230 [ 14.271790] kunit_try_run_case+0x1a5/0x480 [ 14.271833] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.271852] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.271877] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.271909] ? __kthread_parkme+0x82/0x180 [ 14.271931] ? preempt_count_sub+0x50/0x80 [ 14.271957] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.271978] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.272001] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.272025] kthread+0x337/0x6f0 [ 14.272042] ? trace_preempt_on+0x20/0xc0 [ 14.272065] ? __pfx_kthread+0x10/0x10 [ 14.272084] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.272106] ? calculate_sigpending+0x7b/0xa0 [ 14.272127] ? __pfx_kthread+0x10/0x10 [ 14.272146] ret_from_fork+0x41/0x80 [ 14.272167] ? __pfx_kthread+0x10/0x10 [ 14.272184] ret_from_fork_asm+0x1a/0x30 [ 14.272215] </TASK> [ 14.272225] [ 14.279633] Allocated by task 284: [ 14.279790] kasan_save_stack+0x45/0x70 [ 14.280007] kasan_save_track+0x18/0x40 [ 14.280176] kasan_save_alloc_info+0x3b/0x50 [ 14.280319] __kasan_kmalloc+0xb7/0xc0 [ 14.280451] __kmalloc_cache_noprof+0x189/0x420 [ 14.280602] kasan_atomics+0x95/0x310 [ 14.280729] kunit_try_run_case+0x1a5/0x480 [ 14.280901] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.281075] kthread+0x337/0x6f0 [ 14.281198] ret_from_fork+0x41/0x80 [ 14.281326] ret_from_fork_asm+0x1a/0x30 [ 14.281518] [ 14.281613] The buggy address belongs to the object at ffff888103a31d80 [ 14.281613] which belongs to the cache kmalloc-64 of size 64 [ 14.282164] The buggy address is located 0 bytes to the right of [ 14.282164] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 14.282713] [ 14.282835] The buggy address belongs to the physical page: [ 14.283094] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 14.283382] flags: 0x200000000000000(node=0|zone=2) [ 14.283540] page_type: f5(slab) [ 14.283658] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.283917] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.284141] page dumped because: kasan: bad access detected [ 14.284325] [ 14.284417] Memory state around the buggy address: [ 14.284639] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.284992] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.285332] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.285653] ^ [ 14.285919] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.286247] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.286564] ================================================================== [ 13.842474] ================================================================== [ 13.843013] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 13.843393] Read of size 4 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 13.843780] [ 13.843956] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 13.844018] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.844033] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.844071] Call Trace: [ 13.844086] <TASK> [ 13.844103] dump_stack_lvl+0x73/0xb0 [ 13.844129] print_report+0xd1/0x610 [ 13.844156] ? __virt_addr_valid+0x1db/0x2d0 [ 13.844181] ? kasan_atomics_helper+0x4a84/0x5450 [ 13.844208] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.844236] ? kasan_atomics_helper+0x4a84/0x5450 [ 13.844263] kasan_report+0x141/0x180 [ 13.844289] ? kasan_atomics_helper+0x4a84/0x5450 [ 13.844321] __asan_report_load4_noabort+0x18/0x20 [ 13.844347] kasan_atomics_helper+0x4a84/0x5450 [ 13.844375] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.844402] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.844428] ? ret_from_fork_asm+0x1a/0x30 [ 13.844454] ? kasan_atomics+0x152/0x310 [ 13.844482] kasan_atomics+0x1dc/0x310 [ 13.844504] ? __pfx_kasan_atomics+0x10/0x10 [ 13.844529] ? __pfx_read_tsc+0x10/0x10 [ 13.844551] ? ktime_get_ts64+0x86/0x230 [ 13.844580] kunit_try_run_case+0x1a5/0x480 [ 13.844605] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.844628] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.844660] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.844699] ? __kthread_parkme+0x82/0x180 [ 13.844725] ? preempt_count_sub+0x50/0x80 [ 13.844765] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.844790] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.844819] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.844850] kthread+0x337/0x6f0 [ 13.844869] ? trace_preempt_on+0x20/0xc0 [ 13.844904] ? __pfx_kthread+0x10/0x10 [ 13.844925] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.844951] ? calculate_sigpending+0x7b/0xa0 [ 13.844977] ? __pfx_kthread+0x10/0x10 [ 13.844998] ret_from_fork+0x41/0x80 [ 13.845022] ? __pfx_kthread+0x10/0x10 [ 13.845044] ret_from_fork_asm+0x1a/0x30 [ 13.845077] </TASK> [ 13.845090] [ 13.853102] Allocated by task 284: [ 13.853283] kasan_save_stack+0x45/0x70 [ 13.853485] kasan_save_track+0x18/0x40 [ 13.853624] kasan_save_alloc_info+0x3b/0x50 [ 13.853772] __kasan_kmalloc+0xb7/0xc0 [ 13.853935] __kmalloc_cache_noprof+0x189/0x420 [ 13.854157] kasan_atomics+0x95/0x310 [ 13.854370] kunit_try_run_case+0x1a5/0x480 [ 13.854599] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.854858] kthread+0x337/0x6f0 [ 13.854993] ret_from_fork+0x41/0x80 [ 13.855123] ret_from_fork_asm+0x1a/0x30 [ 13.855314] [ 13.855409] The buggy address belongs to the object at ffff888103a31d80 [ 13.855409] which belongs to the cache kmalloc-64 of size 64 [ 13.855962] The buggy address is located 0 bytes to the right of [ 13.855962] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 13.856485] [ 13.856582] The buggy address belongs to the physical page: [ 13.856844] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 13.857102] flags: 0x200000000000000(node=0|zone=2) [ 13.857269] page_type: f5(slab) [ 13.857387] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.857621] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.858173] page dumped because: kasan: bad access detected [ 13.858423] [ 13.858515] Memory state around the buggy address: [ 13.858736] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.859264] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.859480] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.859691] ^ [ 13.859863] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.860195] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.860561] ================================================================== [ 13.680293] ================================================================== [ 13.680597] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 13.681171] Write of size 4 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 13.681598] [ 13.681736] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 13.681787] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.681822] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.681842] Call Trace: [ 13.681854] <TASK> [ 13.681868] dump_stack_lvl+0x73/0xb0 [ 13.681900] print_report+0xd1/0x610 [ 13.681924] ? __virt_addr_valid+0x1db/0x2d0 [ 13.681945] ? kasan_atomics_helper+0x7c7/0x5450 [ 13.681967] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.681990] ? kasan_atomics_helper+0x7c7/0x5450 [ 13.682012] kasan_report+0x141/0x180 [ 13.682036] ? kasan_atomics_helper+0x7c7/0x5450 [ 13.682072] kasan_check_range+0x10c/0x1c0 [ 13.682093] __kasan_check_write+0x18/0x20 [ 13.682113] kasan_atomics_helper+0x7c7/0x5450 [ 13.682146] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.682169] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.682190] ? ret_from_fork_asm+0x1a/0x30 [ 13.682212] ? kasan_atomics+0x152/0x310 [ 13.682235] kasan_atomics+0x1dc/0x310 [ 13.682254] ? __pfx_kasan_atomics+0x10/0x10 [ 13.682275] ? __pfx_read_tsc+0x10/0x10 [ 13.682295] ? ktime_get_ts64+0x86/0x230 [ 13.682319] kunit_try_run_case+0x1a5/0x480 [ 13.682349] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.682368] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.682392] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.682426] ? __kthread_parkme+0x82/0x180 [ 13.682448] ? preempt_count_sub+0x50/0x80 [ 13.682472] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.682493] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.682526] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.682549] kthread+0x337/0x6f0 [ 13.682566] ? trace_preempt_on+0x20/0xc0 [ 13.682599] ? __pfx_kthread+0x10/0x10 [ 13.682617] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.682639] ? calculate_sigpending+0x7b/0xa0 [ 13.682660] ? __pfx_kthread+0x10/0x10 [ 13.682679] ret_from_fork+0x41/0x80 [ 13.682699] ? __pfx_kthread+0x10/0x10 [ 13.682718] ret_from_fork_asm+0x1a/0x30 [ 13.682748] </TASK> [ 13.682759] [ 13.690619] Allocated by task 284: [ 13.690823] kasan_save_stack+0x45/0x70 [ 13.690977] kasan_save_track+0x18/0x40 [ 13.691147] kasan_save_alloc_info+0x3b/0x50 [ 13.691375] __kasan_kmalloc+0xb7/0xc0 [ 13.691571] __kmalloc_cache_noprof+0x189/0x420 [ 13.691725] kasan_atomics+0x95/0x310 [ 13.691917] kunit_try_run_case+0x1a5/0x480 [ 13.692127] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.692406] kthread+0x337/0x6f0 [ 13.692548] ret_from_fork+0x41/0x80 [ 13.692748] ret_from_fork_asm+0x1a/0x30 [ 13.692974] [ 13.693082] The buggy address belongs to the object at ffff888103a31d80 [ 13.693082] which belongs to the cache kmalloc-64 of size 64 [ 13.693603] The buggy address is located 0 bytes to the right of [ 13.693603] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 13.694036] [ 13.694109] The buggy address belongs to the physical page: [ 13.694279] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 13.694643] flags: 0x200000000000000(node=0|zone=2) [ 13.694916] page_type: f5(slab) [ 13.695086] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.695424] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.695647] page dumped because: kasan: bad access detected [ 13.695838] [ 13.695918] Memory state around the buggy address: [ 13.696143] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.696492] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.696866] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.697220] ^ [ 13.697457] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.697776] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.698082] ================================================================== [ 14.107901] ================================================================== [ 14.108252] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 14.108595] Read of size 4 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 14.108958] [ 14.109041] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.109082] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.109093] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.109113] Call Trace: [ 14.109134] <TASK> [ 14.109148] dump_stack_lvl+0x73/0xb0 [ 14.109171] print_report+0xd1/0x610 [ 14.109194] ? __virt_addr_valid+0x1db/0x2d0 [ 14.109215] ? kasan_atomics_helper+0x49ce/0x5450 [ 14.109237] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.109260] ? kasan_atomics_helper+0x49ce/0x5450 [ 14.109282] kasan_report+0x141/0x180 [ 14.109305] ? kasan_atomics_helper+0x49ce/0x5450 [ 14.109333] __asan_report_load4_noabort+0x18/0x20 [ 14.109354] kasan_atomics_helper+0x49ce/0x5450 [ 14.109377] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.109400] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.109421] ? ret_from_fork_asm+0x1a/0x30 [ 14.109443] ? kasan_atomics+0x152/0x310 [ 14.109466] kasan_atomics+0x1dc/0x310 [ 14.109486] ? __pfx_kasan_atomics+0x10/0x10 [ 14.109507] ? __pfx_read_tsc+0x10/0x10 [ 14.109526] ? ktime_get_ts64+0x86/0x230 [ 14.109551] kunit_try_run_case+0x1a5/0x480 [ 14.109572] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.109591] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.109614] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.109638] ? __kthread_parkme+0x82/0x180 [ 14.109660] ? preempt_count_sub+0x50/0x80 [ 14.109685] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.109705] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.109728] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.109752] kthread+0x337/0x6f0 [ 14.109769] ? trace_preempt_on+0x20/0xc0 [ 14.109792] ? __pfx_kthread+0x10/0x10 [ 14.109821] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.109843] ? calculate_sigpending+0x7b/0xa0 [ 14.109864] ? __pfx_kthread+0x10/0x10 [ 14.109892] ret_from_fork+0x41/0x80 [ 14.109913] ? __pfx_kthread+0x10/0x10 [ 14.109931] ret_from_fork_asm+0x1a/0x30 [ 14.109961] </TASK> [ 14.109972] [ 14.117588] Allocated by task 284: [ 14.117765] kasan_save_stack+0x45/0x70 [ 14.118099] kasan_save_track+0x18/0x40 [ 14.118264] kasan_save_alloc_info+0x3b/0x50 [ 14.118445] __kasan_kmalloc+0xb7/0xc0 [ 14.118629] __kmalloc_cache_noprof+0x189/0x420 [ 14.118859] kasan_atomics+0x95/0x310 [ 14.119036] kunit_try_run_case+0x1a5/0x480 [ 14.119178] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.119352] kthread+0x337/0x6f0 [ 14.119468] ret_from_fork+0x41/0x80 [ 14.119596] ret_from_fork_asm+0x1a/0x30 [ 14.119732] [ 14.119803] The buggy address belongs to the object at ffff888103a31d80 [ 14.119803] which belongs to the cache kmalloc-64 of size 64 [ 14.120156] The buggy address is located 0 bytes to the right of [ 14.120156] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 14.120604] [ 14.120699] The buggy address belongs to the physical page: [ 14.121264] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 14.121616] flags: 0x200000000000000(node=0|zone=2) [ 14.121848] page_type: f5(slab) [ 14.122023] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.122271] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.122495] page dumped because: kasan: bad access detected [ 14.122664] [ 14.122732] Memory state around the buggy address: [ 14.122892] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.123105] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.123316] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.123681] ^ [ 14.124017] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.124336] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.124654] ================================================================== [ 13.916989] ================================================================== [ 13.917532] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 13.917988] Write of size 4 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 13.918211] [ 13.918319] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 13.918371] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.918383] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.918403] Call Trace: [ 13.918417] <TASK> [ 13.918430] dump_stack_lvl+0x73/0xb0 [ 13.918465] print_report+0xd1/0x610 [ 13.918489] ? __virt_addr_valid+0x1db/0x2d0 [ 13.918509] ? kasan_atomics_helper+0xf10/0x5450 [ 13.918539] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.918563] ? kasan_atomics_helper+0xf10/0x5450 [ 13.918587] kasan_report+0x141/0x180 [ 13.918621] ? kasan_atomics_helper+0xf10/0x5450 [ 13.918648] kasan_check_range+0x10c/0x1c0 [ 13.918670] __kasan_check_write+0x18/0x20 [ 13.918698] kasan_atomics_helper+0xf10/0x5450 [ 13.918722] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.918744] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.918776] ? ret_from_fork_asm+0x1a/0x30 [ 13.918797] ? kasan_atomics+0x152/0x310 [ 13.918821] kasan_atomics+0x1dc/0x310 [ 13.918840] ? __pfx_kasan_atomics+0x10/0x10 [ 13.918861] ? __pfx_read_tsc+0x10/0x10 [ 13.918896] ? ktime_get_ts64+0x86/0x230 [ 13.918922] kunit_try_run_case+0x1a5/0x480 [ 13.918943] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.918972] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.918996] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.919020] ? __kthread_parkme+0x82/0x180 [ 13.919042] ? preempt_count_sub+0x50/0x80 [ 13.919075] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.919095] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.919119] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.919152] kthread+0x337/0x6f0 [ 13.919170] ? trace_preempt_on+0x20/0xc0 [ 13.919193] ? __pfx_kthread+0x10/0x10 [ 13.919211] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.919233] ? calculate_sigpending+0x7b/0xa0 [ 13.919255] ? __pfx_kthread+0x10/0x10 [ 13.919273] ret_from_fork+0x41/0x80 [ 13.919294] ? __pfx_kthread+0x10/0x10 [ 13.919312] ret_from_fork_asm+0x1a/0x30 [ 13.919351] </TASK> [ 13.919362] [ 13.927330] Allocated by task 284: [ 13.927551] kasan_save_stack+0x45/0x70 [ 13.927775] kasan_save_track+0x18/0x40 [ 13.928066] kasan_save_alloc_info+0x3b/0x50 [ 13.928242] __kasan_kmalloc+0xb7/0xc0 [ 13.928427] __kmalloc_cache_noprof+0x189/0x420 [ 13.928579] kasan_atomics+0x95/0x310 [ 13.928785] kunit_try_run_case+0x1a5/0x480 [ 13.928999] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.929232] kthread+0x337/0x6f0 [ 13.929350] ret_from_fork+0x41/0x80 [ 13.929479] ret_from_fork_asm+0x1a/0x30 [ 13.929688] [ 13.929782] The buggy address belongs to the object at ffff888103a31d80 [ 13.929782] which belongs to the cache kmalloc-64 of size 64 [ 13.930350] The buggy address is located 0 bytes to the right of [ 13.930350] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 13.930871] [ 13.930958] The buggy address belongs to the physical page: [ 13.931201] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 13.931457] flags: 0x200000000000000(node=0|zone=2) [ 13.931617] page_type: f5(slab) [ 13.931737] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.931973] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.932345] page dumped because: kasan: bad access detected [ 13.932595] [ 13.932686] Memory state around the buggy address: [ 13.932913] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.933197] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.933409] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.933617] ^ [ 13.933769] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.934377] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.934695] ================================================================== [ 13.425796] ================================================================== [ 13.426462] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 13.427091] Read of size 4 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 13.427313] [ 13.427396] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 13.427442] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.427453] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.427473] Call Trace: [ 13.427485] <TASK> [ 13.427499] dump_stack_lvl+0x73/0xb0 [ 13.427523] print_report+0xd1/0x610 [ 13.427545] ? __virt_addr_valid+0x1db/0x2d0 [ 13.427566] ? kasan_atomics_helper+0x4b88/0x5450 [ 13.427614] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.427733] ? kasan_atomics_helper+0x4b88/0x5450 [ 13.427758] kasan_report+0x141/0x180 [ 13.427781] ? kasan_atomics_helper+0x4b88/0x5450 [ 13.427911] __asan_report_load4_noabort+0x18/0x20 [ 13.427953] kasan_atomics_helper+0x4b88/0x5450 [ 13.427976] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.428146] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.428171] ? ret_from_fork_asm+0x1a/0x30 [ 13.428193] ? kasan_atomics+0x152/0x310 [ 13.428215] kasan_atomics+0x1dc/0x310 [ 13.428234] ? __pfx_kasan_atomics+0x10/0x10 [ 13.428255] ? __pfx_read_tsc+0x10/0x10 [ 13.428274] ? ktime_get_ts64+0x86/0x230 [ 13.428298] kunit_try_run_case+0x1a5/0x480 [ 13.428318] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.428336] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.428361] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.428385] ? __kthread_parkme+0x82/0x180 [ 13.428406] ? preempt_count_sub+0x50/0x80 [ 13.428430] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.428450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.428473] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.428496] kthread+0x337/0x6f0 [ 13.428512] ? trace_preempt_on+0x20/0xc0 [ 13.428535] ? __pfx_kthread+0x10/0x10 [ 13.428552] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.428573] ? calculate_sigpending+0x7b/0xa0 [ 13.428594] ? __pfx_kthread+0x10/0x10 [ 13.428611] ret_from_fork+0x41/0x80 [ 13.428630] ? __pfx_kthread+0x10/0x10 [ 13.428647] ret_from_fork_asm+0x1a/0x30 [ 13.428676] </TASK> [ 13.428686] [ 13.439019] Allocated by task 284: [ 13.439389] kasan_save_stack+0x45/0x70 [ 13.439601] kasan_save_track+0x18/0x40 [ 13.439974] kasan_save_alloc_info+0x3b/0x50 [ 13.440240] __kasan_kmalloc+0xb7/0xc0 [ 13.440464] __kmalloc_cache_noprof+0x189/0x420 [ 13.440680] kasan_atomics+0x95/0x310 [ 13.440930] kunit_try_run_case+0x1a5/0x480 [ 13.441093] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.441318] kthread+0x337/0x6f0 [ 13.441465] ret_from_fork+0x41/0x80 [ 13.441595] ret_from_fork_asm+0x1a/0x30 [ 13.441785] [ 13.441927] The buggy address belongs to the object at ffff888103a31d80 [ 13.441927] which belongs to the cache kmalloc-64 of size 64 [ 13.442423] The buggy address is located 0 bytes to the right of [ 13.442423] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 13.442875] [ 13.442953] The buggy address belongs to the physical page: [ 13.443193] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 13.443553] flags: 0x200000000000000(node=0|zone=2) [ 13.443716] page_type: f5(slab) [ 13.443831] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.444308] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.444855] page dumped because: kasan: bad access detected [ 13.445073] [ 13.445175] Memory state around the buggy address: [ 13.445343] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.445549] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.445855] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.446124] ^ [ 13.446270] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.446672] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.447116] ================================================================== [ 14.052369] ================================================================== [ 14.052851] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 14.053147] Write of size 4 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 14.053370] [ 14.053455] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.053497] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.053509] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.053530] Call Trace: [ 14.053544] <TASK> [ 14.053560] dump_stack_lvl+0x73/0xb0 [ 14.053583] print_report+0xd1/0x610 [ 14.053606] ? __virt_addr_valid+0x1db/0x2d0 [ 14.053627] ? kasan_atomics_helper+0x1217/0x5450 [ 14.053650] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.053674] ? kasan_atomics_helper+0x1217/0x5450 [ 14.053697] kasan_report+0x141/0x180 [ 14.053720] ? kasan_atomics_helper+0x1217/0x5450 [ 14.053748] kasan_check_range+0x10c/0x1c0 [ 14.053769] __kasan_check_write+0x18/0x20 [ 14.053789] kasan_atomics_helper+0x1217/0x5450 [ 14.053827] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.053850] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.053871] ? ret_from_fork_asm+0x1a/0x30 [ 14.053903] ? kasan_atomics+0x152/0x310 [ 14.053927] kasan_atomics+0x1dc/0x310 [ 14.053946] ? __pfx_kasan_atomics+0x10/0x10 [ 14.053968] ? __pfx_read_tsc+0x10/0x10 [ 14.053987] ? ktime_get_ts64+0x86/0x230 [ 14.054011] kunit_try_run_case+0x1a5/0x480 [ 14.054032] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.054051] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.054076] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.054100] ? __kthread_parkme+0x82/0x180 [ 14.054122] ? preempt_count_sub+0x50/0x80 [ 14.054147] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.054167] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.054191] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.054215] kthread+0x337/0x6f0 [ 14.054232] ? trace_preempt_on+0x20/0xc0 [ 14.054255] ? __pfx_kthread+0x10/0x10 [ 14.054273] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.054295] ? calculate_sigpending+0x7b/0xa0 [ 14.054317] ? __pfx_kthread+0x10/0x10 [ 14.054336] ret_from_fork+0x41/0x80 [ 14.054356] ? __pfx_kthread+0x10/0x10 [ 14.054374] ret_from_fork_asm+0x1a/0x30 [ 14.054404] </TASK> [ 14.054415] [ 14.065347] Allocated by task 284: [ 14.065495] kasan_save_stack+0x45/0x70 [ 14.065698] kasan_save_track+0x18/0x40 [ 14.065934] kasan_save_alloc_info+0x3b/0x50 [ 14.066112] __kasan_kmalloc+0xb7/0xc0 [ 14.066263] __kmalloc_cache_noprof+0x189/0x420 [ 14.066480] kasan_atomics+0x95/0x310 [ 14.066645] kunit_try_run_case+0x1a5/0x480 [ 14.066840] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.067087] kthread+0x337/0x6f0 [ 14.067237] ret_from_fork+0x41/0x80 [ 14.067390] ret_from_fork_asm+0x1a/0x30 [ 14.067562] [ 14.067632] The buggy address belongs to the object at ffff888103a31d80 [ 14.067632] which belongs to the cache kmalloc-64 of size 64 [ 14.067986] The buggy address is located 0 bytes to the right of [ 14.067986] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 14.068722] [ 14.068820] The buggy address belongs to the physical page: [ 14.069100] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 14.069344] flags: 0x200000000000000(node=0|zone=2) [ 14.069505] page_type: f5(slab) [ 14.069623] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.070010] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.070347] page dumped because: kasan: bad access detected [ 14.070601] [ 14.070696] Memory state around the buggy address: [ 14.070935] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.071263] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.071587] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.071942] ^ [ 14.072135] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.072348] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.072618] ================================================================== [ 14.235133] ================================================================== [ 14.235388] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 14.235621] Write of size 8 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 14.235842] [ 14.235935] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.235978] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.235990] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.236010] Call Trace: [ 14.236024] <TASK> [ 14.236037] dump_stack_lvl+0x73/0xb0 [ 14.236060] print_report+0xd1/0x610 [ 14.236083] ? __virt_addr_valid+0x1db/0x2d0 [ 14.236105] ? kasan_atomics_helper+0x164f/0x5450 [ 14.236127] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.236150] ? kasan_atomics_helper+0x164f/0x5450 [ 14.236173] kasan_report+0x141/0x180 [ 14.236195] ? kasan_atomics_helper+0x164f/0x5450 [ 14.236223] kasan_check_range+0x10c/0x1c0 [ 14.236243] __kasan_check_write+0x18/0x20 [ 14.236263] kasan_atomics_helper+0x164f/0x5450 [ 14.236287] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.236310] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.236331] ? ret_from_fork_asm+0x1a/0x30 [ 14.236352] ? kasan_atomics+0x152/0x310 [ 14.236375] kasan_atomics+0x1dc/0x310 [ 14.236394] ? __pfx_kasan_atomics+0x10/0x10 [ 14.236416] ? __pfx_read_tsc+0x10/0x10 [ 14.236436] ? ktime_get_ts64+0x86/0x230 [ 14.236460] kunit_try_run_case+0x1a5/0x480 [ 14.236480] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.236499] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.236523] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.236547] ? __kthread_parkme+0x82/0x180 [ 14.236569] ? preempt_count_sub+0x50/0x80 [ 14.236593] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.236613] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.236636] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.236660] kthread+0x337/0x6f0 [ 14.236676] ? trace_preempt_on+0x20/0xc0 [ 14.236700] ? __pfx_kthread+0x10/0x10 [ 14.236717] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.236740] ? calculate_sigpending+0x7b/0xa0 [ 14.236761] ? __pfx_kthread+0x10/0x10 [ 14.236780] ret_from_fork+0x41/0x80 [ 14.236800] ? __pfx_kthread+0x10/0x10 [ 14.236818] ret_from_fork_asm+0x1a/0x30 [ 14.236847] </TASK> [ 14.236858] [ 14.245076] Allocated by task 284: [ 14.245206] kasan_save_stack+0x45/0x70 [ 14.245348] kasan_save_track+0x18/0x40 [ 14.245483] kasan_save_alloc_info+0x3b/0x50 [ 14.245626] __kasan_kmalloc+0xb7/0xc0 [ 14.245757] __kmalloc_cache_noprof+0x189/0x420 [ 14.246180] kasan_atomics+0x95/0x310 [ 14.246367] kunit_try_run_case+0x1a5/0x480 [ 14.246573] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.246836] kthread+0x337/0x6f0 [ 14.247014] ret_from_fork+0x41/0x80 [ 14.247201] ret_from_fork_asm+0x1a/0x30 [ 14.247401] [ 14.247496] The buggy address belongs to the object at ffff888103a31d80 [ 14.247496] which belongs to the cache kmalloc-64 of size 64 [ 14.248028] The buggy address is located 0 bytes to the right of [ 14.248028] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 14.248514] [ 14.248587] The buggy address belongs to the physical page: [ 14.248757] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 14.249017] flags: 0x200000000000000(node=0|zone=2) [ 14.249257] page_type: f5(slab) [ 14.249425] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.249772] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.250116] page dumped because: kasan: bad access detected [ 14.250335] [ 14.250420] Memory state around the buggy address: [ 14.250607] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.250943] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.251200] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.251413] ^ [ 14.251580] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.252019] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.252339] ================================================================== [ 14.031362] ================================================================== [ 14.031766] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 14.032103] Read of size 4 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 14.032424] [ 14.032538] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.032589] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.032602] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.032621] Call Trace: [ 14.032645] <TASK> [ 14.032658] dump_stack_lvl+0x73/0xb0 [ 14.032682] print_report+0xd1/0x610 [ 14.032705] ? __virt_addr_valid+0x1db/0x2d0 [ 14.032726] ? kasan_atomics_helper+0x4a02/0x5450 [ 14.032747] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.032781] ? kasan_atomics_helper+0x4a02/0x5450 [ 14.032803] kasan_report+0x141/0x180 [ 14.032838] ? kasan_atomics_helper+0x4a02/0x5450 [ 14.032865] __asan_report_load4_noabort+0x18/0x20 [ 14.032894] kasan_atomics_helper+0x4a02/0x5450 [ 14.032918] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.032941] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.032962] ? ret_from_fork_asm+0x1a/0x30 [ 14.032983] ? kasan_atomics+0x152/0x310 [ 14.033007] kasan_atomics+0x1dc/0x310 [ 14.033027] ? __pfx_kasan_atomics+0x10/0x10 [ 14.033048] ? __pfx_read_tsc+0x10/0x10 [ 14.033067] ? ktime_get_ts64+0x86/0x230 [ 14.033092] kunit_try_run_case+0x1a5/0x480 [ 14.033113] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.033140] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.033164] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.033189] ? __kthread_parkme+0x82/0x180 [ 14.033210] ? preempt_count_sub+0x50/0x80 [ 14.033235] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.033255] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.033279] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.033303] kthread+0x337/0x6f0 [ 14.033320] ? trace_preempt_on+0x20/0xc0 [ 14.033344] ? __pfx_kthread+0x10/0x10 [ 14.033361] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.033393] ? calculate_sigpending+0x7b/0xa0 [ 14.033414] ? __pfx_kthread+0x10/0x10 [ 14.033433] ret_from_fork+0x41/0x80 [ 14.033465] ? __pfx_kthread+0x10/0x10 [ 14.033484] ret_from_fork_asm+0x1a/0x30 [ 14.033515] </TASK> [ 14.033525] [ 14.041246] Allocated by task 284: [ 14.041369] kasan_save_stack+0x45/0x70 [ 14.041511] kasan_save_track+0x18/0x40 [ 14.041669] kasan_save_alloc_info+0x3b/0x50 [ 14.041894] __kasan_kmalloc+0xb7/0xc0 [ 14.042083] __kmalloc_cache_noprof+0x189/0x420 [ 14.042302] kasan_atomics+0x95/0x310 [ 14.042492] kunit_try_run_case+0x1a5/0x480 [ 14.042725] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.042968] kthread+0x337/0x6f0 [ 14.043102] ret_from_fork+0x41/0x80 [ 14.043286] ret_from_fork_asm+0x1a/0x30 [ 14.043477] [ 14.043594] The buggy address belongs to the object at ffff888103a31d80 [ 14.043594] which belongs to the cache kmalloc-64 of size 64 [ 14.044231] The buggy address is located 0 bytes to the right of [ 14.044231] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 14.044762] [ 14.044915] The buggy address belongs to the physical page: [ 14.045140] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 14.045431] flags: 0x200000000000000(node=0|zone=2) [ 14.045591] page_type: f5(slab) [ 14.045709] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.046193] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.046528] page dumped because: kasan: bad access detected [ 14.046734] [ 14.046804] Memory state around the buggy address: [ 14.047438] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.048253] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.048481] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.048692] ^ [ 14.049939] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.050541] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.051346] ================================================================== [ 14.611444] ================================================================== [ 14.611742] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 14.612202] Read of size 8 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 14.612431] [ 14.612542] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.612586] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.612599] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.612619] Call Trace: [ 14.612633] <TASK> [ 14.612649] dump_stack_lvl+0x73/0xb0 [ 14.612674] print_report+0xd1/0x610 [ 14.612698] ? __virt_addr_valid+0x1db/0x2d0 [ 14.612720] ? kasan_atomics_helper+0x4f98/0x5450 [ 14.612741] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.612764] ? kasan_atomics_helper+0x4f98/0x5450 [ 14.612787] kasan_report+0x141/0x180 [ 14.613351] ? kasan_atomics_helper+0x4f98/0x5450 [ 14.613388] __asan_report_load8_noabort+0x18/0x20 [ 14.613411] kasan_atomics_helper+0x4f98/0x5450 [ 14.613435] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.613459] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.613480] ? ret_from_fork_asm+0x1a/0x30 [ 14.613501] ? kasan_atomics+0x152/0x310 [ 14.613525] kasan_atomics+0x1dc/0x310 [ 14.613545] ? __pfx_kasan_atomics+0x10/0x10 [ 14.613567] ? __pfx_read_tsc+0x10/0x10 [ 14.613586] ? ktime_get_ts64+0x86/0x230 [ 14.613611] kunit_try_run_case+0x1a5/0x480 [ 14.613632] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.613652] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.613676] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.613700] ? __kthread_parkme+0x82/0x180 [ 14.613722] ? preempt_count_sub+0x50/0x80 [ 14.613747] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.613768] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.613792] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.613816] kthread+0x337/0x6f0 [ 14.613832] ? trace_preempt_on+0x20/0xc0 [ 14.613856] ? __pfx_kthread+0x10/0x10 [ 14.613874] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.613908] ? calculate_sigpending+0x7b/0xa0 [ 14.613929] ? __pfx_kthread+0x10/0x10 [ 14.613948] ret_from_fork+0x41/0x80 [ 14.613969] ? __pfx_kthread+0x10/0x10 [ 14.613987] ret_from_fork_asm+0x1a/0x30 [ 14.614017] </TASK> [ 14.614028] [ 14.623657] Allocated by task 284: [ 14.623993] kasan_save_stack+0x45/0x70 [ 14.624184] kasan_save_track+0x18/0x40 [ 14.624491] kasan_save_alloc_info+0x3b/0x50 [ 14.624677] __kasan_kmalloc+0xb7/0xc0 [ 14.625007] __kmalloc_cache_noprof+0x189/0x420 [ 14.625229] kasan_atomics+0x95/0x310 [ 14.625499] kunit_try_run_case+0x1a5/0x480 [ 14.625669] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.626104] kthread+0x337/0x6f0 [ 14.626336] ret_from_fork+0x41/0x80 [ 14.626610] ret_from_fork_asm+0x1a/0x30 [ 14.626799] [ 14.626930] The buggy address belongs to the object at ffff888103a31d80 [ 14.626930] which belongs to the cache kmalloc-64 of size 64 [ 14.627659] The buggy address is located 0 bytes to the right of [ 14.627659] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 14.628296] [ 14.628379] The buggy address belongs to the physical page: [ 14.628611] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 14.629179] flags: 0x200000000000000(node=0|zone=2) [ 14.629403] page_type: f5(slab) [ 14.629717] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.630162] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.630568] page dumped because: kasan: bad access detected [ 14.630818] [ 14.630994] Memory state around the buggy address: [ 14.631263] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.631543] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.632002] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.632286] ^ [ 14.632602] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.633009] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.633266] ================================================================== [ 14.375905] ================================================================== [ 14.376241] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 14.376573] Write of size 8 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 14.376994] [ 14.377101] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.377150] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.377162] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.377182] Call Trace: [ 14.377194] <TASK> [ 14.377208] dump_stack_lvl+0x73/0xb0 [ 14.377231] print_report+0xd1/0x610 [ 14.377254] ? __virt_addr_valid+0x1db/0x2d0 [ 14.377275] ? kasan_atomics_helper+0x1a7f/0x5450 [ 14.377296] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.377319] ? kasan_atomics_helper+0x1a7f/0x5450 [ 14.377342] kasan_report+0x141/0x180 [ 14.377365] ? kasan_atomics_helper+0x1a7f/0x5450 [ 14.377392] kasan_check_range+0x10c/0x1c0 [ 14.377413] __kasan_check_write+0x18/0x20 [ 14.377433] kasan_atomics_helper+0x1a7f/0x5450 [ 14.377456] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.377479] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.377500] ? ret_from_fork_asm+0x1a/0x30 [ 14.377521] ? kasan_atomics+0x152/0x310 [ 14.377545] kasan_atomics+0x1dc/0x310 [ 14.377564] ? __pfx_kasan_atomics+0x10/0x10 [ 14.377585] ? __pfx_read_tsc+0x10/0x10 [ 14.377605] ? ktime_get_ts64+0x86/0x230 [ 14.377629] kunit_try_run_case+0x1a5/0x480 [ 14.377650] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.377669] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.377694] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.377718] ? __kthread_parkme+0x82/0x180 [ 14.377741] ? preempt_count_sub+0x50/0x80 [ 14.377766] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.377786] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.377818] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.377842] kthread+0x337/0x6f0 [ 14.377860] ? trace_preempt_on+0x20/0xc0 [ 14.377893] ? __pfx_kthread+0x10/0x10 [ 14.377912] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.377935] ? calculate_sigpending+0x7b/0xa0 [ 14.377958] ? __pfx_kthread+0x10/0x10 [ 14.377978] ret_from_fork+0x41/0x80 [ 14.377999] ? __pfx_kthread+0x10/0x10 [ 14.378017] ret_from_fork_asm+0x1a/0x30 [ 14.378048] </TASK> [ 14.378059] [ 14.385274] Allocated by task 284: [ 14.385532] kasan_save_stack+0x45/0x70 [ 14.385680] kasan_save_track+0x18/0x40 [ 14.385822] kasan_save_alloc_info+0x3b/0x50 [ 14.386038] __kasan_kmalloc+0xb7/0xc0 [ 14.386227] __kmalloc_cache_noprof+0x189/0x420 [ 14.386405] kasan_atomics+0x95/0x310 [ 14.386584] kunit_try_run_case+0x1a5/0x480 [ 14.386726] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.386997] kthread+0x337/0x6f0 [ 14.387219] ret_from_fork+0x41/0x80 [ 14.387382] ret_from_fork_asm+0x1a/0x30 [ 14.387561] [ 14.387629] The buggy address belongs to the object at ffff888103a31d80 [ 14.387629] which belongs to the cache kmalloc-64 of size 64 [ 14.388150] The buggy address is located 0 bytes to the right of [ 14.388150] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 14.388550] [ 14.388641] The buggy address belongs to the physical page: [ 14.388995] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 14.389345] flags: 0x200000000000000(node=0|zone=2) [ 14.389542] page_type: f5(slab) [ 14.389675] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.390054] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.390312] page dumped because: kasan: bad access detected [ 14.390477] [ 14.390543] Memory state around the buggy address: [ 14.390691] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.390959] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.391268] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.391570] ^ [ 14.391799] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.392129] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.392348] ================================================================== [ 14.524551] ================================================================== [ 14.525027] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 14.525264] Write of size 8 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 14.525591] [ 14.525696] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.525738] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.525749] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.525769] Call Trace: [ 14.525783] <TASK> [ 14.525797] dump_stack_lvl+0x73/0xb0 [ 14.525821] print_report+0xd1/0x610 [ 14.525843] ? __virt_addr_valid+0x1db/0x2d0 [ 14.525864] ? kasan_atomics_helper+0x1eaa/0x5450 [ 14.525897] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.525921] ? kasan_atomics_helper+0x1eaa/0x5450 [ 14.525943] kasan_report+0x141/0x180 [ 14.525966] ? kasan_atomics_helper+0x1eaa/0x5450 [ 14.525993] kasan_check_range+0x10c/0x1c0 [ 14.526014] __kasan_check_write+0x18/0x20 [ 14.526034] kasan_atomics_helper+0x1eaa/0x5450 [ 14.526057] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.526079] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.526101] ? ret_from_fork_asm+0x1a/0x30 [ 14.526122] ? kasan_atomics+0x152/0x310 [ 14.526146] kasan_atomics+0x1dc/0x310 [ 14.526166] ? __pfx_kasan_atomics+0x10/0x10 [ 14.526187] ? __pfx_read_tsc+0x10/0x10 [ 14.526206] ? ktime_get_ts64+0x86/0x230 [ 14.526230] kunit_try_run_case+0x1a5/0x480 [ 14.526250] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.526269] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.526293] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.526317] ? __kthread_parkme+0x82/0x180 [ 14.526339] ? preempt_count_sub+0x50/0x80 [ 14.526364] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.526384] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.526407] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.526431] kthread+0x337/0x6f0 [ 14.526448] ? trace_preempt_on+0x20/0xc0 [ 14.526471] ? __pfx_kthread+0x10/0x10 [ 14.526489] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.526511] ? calculate_sigpending+0x7b/0xa0 [ 14.526532] ? __pfx_kthread+0x10/0x10 [ 14.526551] ret_from_fork+0x41/0x80 [ 14.526571] ? __pfx_kthread+0x10/0x10 [ 14.526589] ret_from_fork_asm+0x1a/0x30 [ 14.526619] </TASK> [ 14.526630] [ 14.534356] Allocated by task 284: [ 14.534503] kasan_save_stack+0x45/0x70 [ 14.534664] kasan_save_track+0x18/0x40 [ 14.534852] kasan_save_alloc_info+0x3b/0x50 [ 14.535098] __kasan_kmalloc+0xb7/0xc0 [ 14.535247] __kmalloc_cache_noprof+0x189/0x420 [ 14.535454] kasan_atomics+0x95/0x310 [ 14.535582] kunit_try_run_case+0x1a5/0x480 [ 14.535731] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.536064] kthread+0x337/0x6f0 [ 14.536261] ret_from_fork+0x41/0x80 [ 14.536408] ret_from_fork_asm+0x1a/0x30 [ 14.536546] [ 14.536615] The buggy address belongs to the object at ffff888103a31d80 [ 14.536615] which belongs to the cache kmalloc-64 of size 64 [ 14.537404] The buggy address is located 0 bytes to the right of [ 14.537404] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 14.537786] [ 14.537856] The buggy address belongs to the physical page: [ 14.538247] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 14.538596] flags: 0x200000000000000(node=0|zone=2) [ 14.538844] page_type: f5(slab) [ 14.539003] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.539258] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.539480] page dumped because: kasan: bad access detected [ 14.539691] [ 14.539785] Memory state around the buggy address: [ 14.540264] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.540558] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.540770] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.541210] ^ [ 14.541428] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.541639] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.542031] ================================================================== [ 14.735132] ================================================================== [ 14.735474] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 14.735807] Read of size 8 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 14.736151] [ 14.736248] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.736291] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.736303] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.736324] Call Trace: [ 14.736338] <TASK> [ 14.736351] dump_stack_lvl+0x73/0xb0 [ 14.736374] print_report+0xd1/0x610 [ 14.736397] ? __virt_addr_valid+0x1db/0x2d0 [ 14.736418] ? kasan_atomics_helper+0x5115/0x5450 [ 14.736441] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.736463] ? kasan_atomics_helper+0x5115/0x5450 [ 14.736487] kasan_report+0x141/0x180 [ 14.736510] ? kasan_atomics_helper+0x5115/0x5450 [ 14.736537] __asan_report_load8_noabort+0x18/0x20 [ 14.736559] kasan_atomics_helper+0x5115/0x5450 [ 14.736583] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.736605] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.736627] ? ret_from_fork_asm+0x1a/0x30 [ 14.736648] ? kasan_atomics+0x152/0x310 [ 14.736672] kasan_atomics+0x1dc/0x310 [ 14.736691] ? __pfx_kasan_atomics+0x10/0x10 [ 14.736712] ? __pfx_read_tsc+0x10/0x10 [ 14.736756] ? ktime_get_ts64+0x86/0x230 [ 14.736781] kunit_try_run_case+0x1a5/0x480 [ 14.736825] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.736845] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.736869] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.736904] ? __kthread_parkme+0x82/0x180 [ 14.736927] ? preempt_count_sub+0x50/0x80 [ 14.736951] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.736972] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.736996] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.737019] kthread+0x337/0x6f0 [ 14.737036] ? trace_preempt_on+0x20/0xc0 [ 14.737059] ? __pfx_kthread+0x10/0x10 [ 14.737077] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.737099] ? calculate_sigpending+0x7b/0xa0 [ 14.737121] ? __pfx_kthread+0x10/0x10 [ 14.737144] ret_from_fork+0x41/0x80 [ 14.737164] ? __pfx_kthread+0x10/0x10 [ 14.737183] ret_from_fork_asm+0x1a/0x30 [ 14.737213] </TASK> [ 14.737223] [ 14.744632] Allocated by task 284: [ 14.744839] kasan_save_stack+0x45/0x70 [ 14.745072] kasan_save_track+0x18/0x40 [ 14.745275] kasan_save_alloc_info+0x3b/0x50 [ 14.745485] __kasan_kmalloc+0xb7/0xc0 [ 14.745676] __kmalloc_cache_noprof+0x189/0x420 [ 14.745933] kasan_atomics+0x95/0x310 [ 14.746136] kunit_try_run_case+0x1a5/0x480 [ 14.746324] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.746569] kthread+0x337/0x6f0 [ 14.746737] ret_from_fork+0x41/0x80 [ 14.746904] ret_from_fork_asm+0x1a/0x30 [ 14.747043] [ 14.747113] The buggy address belongs to the object at ffff888103a31d80 [ 14.747113] which belongs to the cache kmalloc-64 of size 64 [ 14.747564] The buggy address is located 0 bytes to the right of [ 14.747564] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 14.748145] [ 14.748239] The buggy address belongs to the physical page: [ 14.748487] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 14.748818] flags: 0x200000000000000(node=0|zone=2) [ 14.748991] page_type: f5(slab) [ 14.749111] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.749460] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.749843] page dumped because: kasan: bad access detected [ 14.750090] [ 14.750159] Memory state around the buggy address: [ 14.750310] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.750524] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.750852] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.751195] ^ [ 14.751393] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.751610] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.751853] ================================================================== [ 13.953668] ================================================================== [ 13.954077] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 13.954311] Read of size 4 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 13.954531] [ 13.954613] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 13.954653] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.954665] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.954685] Call Trace: [ 13.954698] <TASK> [ 13.954711] dump_stack_lvl+0x73/0xb0 [ 13.954733] print_report+0xd1/0x610 [ 13.954755] ? __virt_addr_valid+0x1db/0x2d0 [ 13.954775] ? kasan_atomics_helper+0x4a36/0x5450 [ 13.954797] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.954820] ? kasan_atomics_helper+0x4a36/0x5450 [ 13.954843] kasan_report+0x141/0x180 [ 13.954866] ? kasan_atomics_helper+0x4a36/0x5450 [ 13.954904] __asan_report_load4_noabort+0x18/0x20 [ 13.954940] kasan_atomics_helper+0x4a36/0x5450 [ 13.954964] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.954987] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.955020] ? ret_from_fork_asm+0x1a/0x30 [ 13.955042] ? kasan_atomics+0x152/0x310 [ 13.955066] kasan_atomics+0x1dc/0x310 [ 13.955085] ? __pfx_kasan_atomics+0x10/0x10 [ 13.955115] ? __pfx_read_tsc+0x10/0x10 [ 13.955135] ? ktime_get_ts64+0x86/0x230 [ 13.955159] kunit_try_run_case+0x1a5/0x480 [ 13.955192] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.955212] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.955236] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.955260] ? __kthread_parkme+0x82/0x180 [ 13.955282] ? preempt_count_sub+0x50/0x80 [ 13.955306] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.955327] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.955351] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.955374] kthread+0x337/0x6f0 [ 13.955391] ? trace_preempt_on+0x20/0xc0 [ 13.955414] ? __pfx_kthread+0x10/0x10 [ 13.955441] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.955464] ? calculate_sigpending+0x7b/0xa0 [ 13.955485] ? __pfx_kthread+0x10/0x10 [ 13.955514] ret_from_fork+0x41/0x80 [ 13.955535] ? __pfx_kthread+0x10/0x10 [ 13.955553] ret_from_fork_asm+0x1a/0x30 [ 13.955584] </TASK> [ 13.955594] [ 13.968063] Allocated by task 284: [ 13.968331] kasan_save_stack+0x45/0x70 [ 13.968538] kasan_save_track+0x18/0x40 [ 13.968747] kasan_save_alloc_info+0x3b/0x50 [ 13.968901] __kasan_kmalloc+0xb7/0xc0 [ 13.969040] __kmalloc_cache_noprof+0x189/0x420 [ 13.969289] kasan_atomics+0x95/0x310 [ 13.969472] kunit_try_run_case+0x1a5/0x480 [ 13.969636] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.969809] kthread+0x337/0x6f0 [ 13.969987] ret_from_fork+0x41/0x80 [ 13.970176] ret_from_fork_asm+0x1a/0x30 [ 13.970405] [ 13.970515] The buggy address belongs to the object at ffff888103a31d80 [ 13.970515] which belongs to the cache kmalloc-64 of size 64 [ 13.970933] The buggy address is located 0 bytes to the right of [ 13.970933] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 13.971517] [ 13.971626] The buggy address belongs to the physical page: [ 13.971876] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 13.972222] flags: 0x200000000000000(node=0|zone=2) [ 13.972458] page_type: f5(slab) [ 13.972612] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.972841] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.973214] page dumped because: kasan: bad access detected [ 13.973462] [ 13.973704] Memory state around the buggy address: [ 13.973947] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.974269] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.974583] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.974918] ^ [ 13.975116] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.975357] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.975568] ================================================================== [ 13.398389] ================================================================== [ 13.398790] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 13.399335] Write of size 4 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 13.399697] [ 13.399808] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 13.399851] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.399863] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.399930] Call Trace: [ 13.399945] <TASK> [ 13.399959] dump_stack_lvl+0x73/0xb0 [ 13.399983] print_report+0xd1/0x610 [ 13.400005] ? __virt_addr_valid+0x1db/0x2d0 [ 13.400025] ? kasan_atomics_helper+0x4ba2/0x5450 [ 13.400046] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.400068] ? kasan_atomics_helper+0x4ba2/0x5450 [ 13.400117] kasan_report+0x141/0x180 [ 13.400163] ? kasan_atomics_helper+0x4ba2/0x5450 [ 13.400189] __asan_report_store4_noabort+0x1b/0x30 [ 13.400209] kasan_atomics_helper+0x4ba2/0x5450 [ 13.400232] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.400254] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.400273] ? ret_from_fork_asm+0x1a/0x30 [ 13.400294] ? kasan_atomics+0x152/0x310 [ 13.400316] kasan_atomics+0x1dc/0x310 [ 13.400334] ? __pfx_kasan_atomics+0x10/0x10 [ 13.400354] ? __pfx_read_tsc+0x10/0x10 [ 13.400373] ? ktime_get_ts64+0x86/0x230 [ 13.400397] kunit_try_run_case+0x1a5/0x480 [ 13.400417] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.400435] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.400459] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.400483] ? __kthread_parkme+0x82/0x180 [ 13.400504] ? preempt_count_sub+0x50/0x80 [ 13.400528] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.400547] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.400570] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.400592] kthread+0x337/0x6f0 [ 13.400609] ? trace_preempt_on+0x20/0xc0 [ 13.400631] ? __pfx_kthread+0x10/0x10 [ 13.400649] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.400670] ? calculate_sigpending+0x7b/0xa0 [ 13.400691] ? __pfx_kthread+0x10/0x10 [ 13.400723] ret_from_fork+0x41/0x80 [ 13.400743] ? __pfx_kthread+0x10/0x10 [ 13.400760] ret_from_fork_asm+0x1a/0x30 [ 13.400790] </TASK> [ 13.400799] [ 13.412621] Allocated by task 284: [ 13.413048] kasan_save_stack+0x45/0x70 [ 13.413419] kasan_save_track+0x18/0x40 [ 13.413598] kasan_save_alloc_info+0x3b/0x50 [ 13.413964] __kasan_kmalloc+0xb7/0xc0 [ 13.414300] __kmalloc_cache_noprof+0x189/0x420 [ 13.414715] kasan_atomics+0x95/0x310 [ 13.414964] kunit_try_run_case+0x1a5/0x480 [ 13.415385] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.415601] kthread+0x337/0x6f0 [ 13.416083] ret_from_fork+0x41/0x80 [ 13.416259] ret_from_fork_asm+0x1a/0x30 [ 13.416555] [ 13.416741] The buggy address belongs to the object at ffff888103a31d80 [ 13.416741] which belongs to the cache kmalloc-64 of size 64 [ 13.417424] The buggy address is located 0 bytes to the right of [ 13.417424] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 13.418253] [ 13.418341] The buggy address belongs to the physical page: [ 13.418828] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 13.419385] flags: 0x200000000000000(node=0|zone=2) [ 13.419732] page_type: f5(slab) [ 13.420042] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.420615] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.421076] page dumped because: kasan: bad access detected [ 13.421574] [ 13.421735] Memory state around the buggy address: [ 13.421905] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.422657] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.423327] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.423709] ^ [ 13.424220] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.424527] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.424937] ================================================================== [ 14.676632] ================================================================== [ 14.677144] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 14.677677] Write of size 8 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 14.678128] [ 14.678336] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.678384] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.678396] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.678417] Call Trace: [ 14.678434] <TASK> [ 14.678449] dump_stack_lvl+0x73/0xb0 [ 14.678474] print_report+0xd1/0x610 [ 14.678497] ? __virt_addr_valid+0x1db/0x2d0 [ 14.678519] ? kasan_atomics_helper+0x218a/0x5450 [ 14.678541] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.678564] ? kasan_atomics_helper+0x218a/0x5450 [ 14.678587] kasan_report+0x141/0x180 [ 14.678610] ? kasan_atomics_helper+0x218a/0x5450 [ 14.678637] kasan_check_range+0x10c/0x1c0 [ 14.678658] __kasan_check_write+0x18/0x20 [ 14.678678] kasan_atomics_helper+0x218a/0x5450 [ 14.678702] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.678725] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.678745] ? ret_from_fork_asm+0x1a/0x30 [ 14.678767] ? kasan_atomics+0x152/0x310 [ 14.678790] kasan_atomics+0x1dc/0x310 [ 14.679006] ? __pfx_kasan_atomics+0x10/0x10 [ 14.679034] ? __pfx_read_tsc+0x10/0x10 [ 14.679054] ? ktime_get_ts64+0x86/0x230 [ 14.679080] kunit_try_run_case+0x1a5/0x480 [ 14.679103] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.679122] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.679147] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.679171] ? __kthread_parkme+0x82/0x180 [ 14.679193] ? preempt_count_sub+0x50/0x80 [ 14.679218] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.679238] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.679262] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.679286] kthread+0x337/0x6f0 [ 14.679303] ? trace_preempt_on+0x20/0xc0 [ 14.679326] ? __pfx_kthread+0x10/0x10 [ 14.679344] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.679367] ? calculate_sigpending+0x7b/0xa0 [ 14.679388] ? __pfx_kthread+0x10/0x10 [ 14.679407] ret_from_fork+0x41/0x80 [ 14.679428] ? __pfx_kthread+0x10/0x10 [ 14.679446] ret_from_fork_asm+0x1a/0x30 [ 14.679476] </TASK> [ 14.679487] [ 14.689556] Allocated by task 284: [ 14.689964] kasan_save_stack+0x45/0x70 [ 14.690160] kasan_save_track+0x18/0x40 [ 14.690444] kasan_save_alloc_info+0x3b/0x50 [ 14.690655] __kasan_kmalloc+0xb7/0xc0 [ 14.690831] __kmalloc_cache_noprof+0x189/0x420 [ 14.691198] kasan_atomics+0x95/0x310 [ 14.691378] kunit_try_run_case+0x1a5/0x480 [ 14.691680] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.691963] kthread+0x337/0x6f0 [ 14.692243] ret_from_fork+0x41/0x80 [ 14.692417] ret_from_fork_asm+0x1a/0x30 [ 14.692593] [ 14.692693] The buggy address belongs to the object at ffff888103a31d80 [ 14.692693] which belongs to the cache kmalloc-64 of size 64 [ 14.693400] The buggy address is located 0 bytes to the right of [ 14.693400] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 14.694033] [ 14.694278] The buggy address belongs to the physical page: [ 14.694510] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 14.695020] flags: 0x200000000000000(node=0|zone=2) [ 14.695251] page_type: f5(slab) [ 14.695472] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.695753] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.696250] page dumped because: kasan: bad access detected [ 14.696548] [ 14.696638] Memory state around the buggy address: [ 14.696815] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.697320] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.697625] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.698042] ^ [ 14.698201] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.698623] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.698996] ================================================================== [ 13.935339] ================================================================== [ 13.935689] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 13.935933] Write of size 4 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 13.936597] [ 13.936680] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 13.936721] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.936732] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.936752] Call Trace: [ 13.936765] <TASK> [ 13.936780] dump_stack_lvl+0x73/0xb0 [ 13.936803] print_report+0xd1/0x610 [ 13.936825] ? __virt_addr_valid+0x1db/0x2d0 [ 13.936847] ? kasan_atomics_helper+0xfa9/0x5450 [ 13.936868] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.936902] ? kasan_atomics_helper+0xfa9/0x5450 [ 13.936924] kasan_report+0x141/0x180 [ 13.936947] ? kasan_atomics_helper+0xfa9/0x5450 [ 13.936975] kasan_check_range+0x10c/0x1c0 [ 13.936996] __kasan_check_write+0x18/0x20 [ 13.937016] kasan_atomics_helper+0xfa9/0x5450 [ 13.937039] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.937062] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.937083] ? ret_from_fork_asm+0x1a/0x30 [ 13.937104] ? kasan_atomics+0x152/0x310 [ 13.937132] kasan_atomics+0x1dc/0x310 [ 13.937152] ? __pfx_kasan_atomics+0x10/0x10 [ 13.937173] ? __pfx_read_tsc+0x10/0x10 [ 13.937192] ? ktime_get_ts64+0x86/0x230 [ 13.937217] kunit_try_run_case+0x1a5/0x480 [ 13.937238] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.937257] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.937281] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.937306] ? __kthread_parkme+0x82/0x180 [ 13.937327] ? preempt_count_sub+0x50/0x80 [ 13.937353] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.937373] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.937396] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.937420] kthread+0x337/0x6f0 [ 13.937437] ? trace_preempt_on+0x20/0xc0 [ 13.937460] ? __pfx_kthread+0x10/0x10 [ 13.937478] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.937500] ? calculate_sigpending+0x7b/0xa0 [ 13.937521] ? __pfx_kthread+0x10/0x10 [ 13.937540] ret_from_fork+0x41/0x80 [ 13.937560] ? __pfx_kthread+0x10/0x10 [ 13.937578] ret_from_fork_asm+0x1a/0x30 [ 13.937608] </TASK> [ 13.937619] [ 13.945576] Allocated by task 284: [ 13.945716] kasan_save_stack+0x45/0x70 [ 13.945859] kasan_save_track+0x18/0x40 [ 13.946004] kasan_save_alloc_info+0x3b/0x50 [ 13.946148] __kasan_kmalloc+0xb7/0xc0 [ 13.946279] __kmalloc_cache_noprof+0x189/0x420 [ 13.946429] kasan_atomics+0x95/0x310 [ 13.946557] kunit_try_run_case+0x1a5/0x480 [ 13.946819] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.947098] kthread+0x337/0x6f0 [ 13.947265] ret_from_fork+0x41/0x80 [ 13.947443] ret_from_fork_asm+0x1a/0x30 [ 13.947636] [ 13.947730] The buggy address belongs to the object at ffff888103a31d80 [ 13.947730] which belongs to the cache kmalloc-64 of size 64 [ 13.948404] The buggy address is located 0 bytes to the right of [ 13.948404] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 13.948766] [ 13.948902] The buggy address belongs to the physical page: [ 13.949161] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 13.949543] flags: 0x200000000000000(node=0|zone=2) [ 13.949802] page_type: f5(slab) [ 13.949973] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.950305] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.950533] page dumped because: kasan: bad access detected [ 13.950718] [ 13.950810] Memory state around the buggy address: [ 13.951060] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.951395] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.951739] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.952155] ^ [ 13.952386] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.952687] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.953091] ================================================================== [ 13.639269] ================================================================== [ 13.639590] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 13.640107] Write of size 4 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 13.640608] [ 13.640782] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 13.640827] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.640840] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.640860] Call Trace: [ 13.640874] <TASK> [ 13.640899] dump_stack_lvl+0x73/0xb0 [ 13.640924] print_report+0xd1/0x610 [ 13.640946] ? __virt_addr_valid+0x1db/0x2d0 [ 13.640967] ? kasan_atomics_helper+0x697/0x5450 [ 13.640999] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.641041] ? kasan_atomics_helper+0x697/0x5450 [ 13.641064] kasan_report+0x141/0x180 [ 13.641087] ? kasan_atomics_helper+0x697/0x5450 [ 13.641114] kasan_check_range+0x10c/0x1c0 [ 13.641142] __kasan_check_write+0x18/0x20 [ 13.641161] kasan_atomics_helper+0x697/0x5450 [ 13.641186] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.641209] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.641229] ? ret_from_fork_asm+0x1a/0x30 [ 13.641318] ? kasan_atomics+0x152/0x310 [ 13.641353] kasan_atomics+0x1dc/0x310 [ 13.641373] ? __pfx_kasan_atomics+0x10/0x10 [ 13.641394] ? __pfx_read_tsc+0x10/0x10 [ 13.641413] ? ktime_get_ts64+0x86/0x230 [ 13.641437] kunit_try_run_case+0x1a5/0x480 [ 13.641459] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.641478] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.641502] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.641526] ? __kthread_parkme+0x82/0x180 [ 13.641548] ? preempt_count_sub+0x50/0x80 [ 13.641573] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.641592] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.641615] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.641639] kthread+0x337/0x6f0 [ 13.641655] ? trace_preempt_on+0x20/0xc0 [ 13.641679] ? __pfx_kthread+0x10/0x10 [ 13.641697] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.641720] ? calculate_sigpending+0x7b/0xa0 [ 13.641741] ? __pfx_kthread+0x10/0x10 [ 13.641760] ret_from_fork+0x41/0x80 [ 13.641780] ? __pfx_kthread+0x10/0x10 [ 13.641799] ret_from_fork_asm+0x1a/0x30 [ 13.641829] </TASK> [ 13.641840] [ 13.650241] Allocated by task 284: [ 13.650422] kasan_save_stack+0x45/0x70 [ 13.650674] kasan_save_track+0x18/0x40 [ 13.651053] kasan_save_alloc_info+0x3b/0x50 [ 13.651286] __kasan_kmalloc+0xb7/0xc0 [ 13.651476] __kmalloc_cache_noprof+0x189/0x420 [ 13.651689] kasan_atomics+0x95/0x310 [ 13.651981] kunit_try_run_case+0x1a5/0x480 [ 13.652258] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.652445] kthread+0x337/0x6f0 [ 13.652561] ret_from_fork+0x41/0x80 [ 13.652796] ret_from_fork_asm+0x1a/0x30 [ 13.652999] [ 13.653095] The buggy address belongs to the object at ffff888103a31d80 [ 13.653095] which belongs to the cache kmalloc-64 of size 64 [ 13.653571] The buggy address is located 0 bytes to the right of [ 13.653571] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 13.654139] [ 13.654317] The buggy address belongs to the physical page: [ 13.654572] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 13.655137] flags: 0x200000000000000(node=0|zone=2) [ 13.655363] page_type: f5(slab) [ 13.655556] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.656014] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.656343] page dumped because: kasan: bad access detected [ 13.656571] [ 13.656741] Memory state around the buggy address: [ 13.657015] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.657238] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.657450] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.657818] ^ [ 13.658061] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.658376] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.658847] ================================================================== [ 14.126995] ================================================================== [ 14.127498] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 14.127845] Read of size 8 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 14.128189] [ 14.128302] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.128343] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.128355] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.128615] Call Trace: [ 14.128636] <TASK> [ 14.128650] dump_stack_lvl+0x73/0xb0 [ 14.128676] print_report+0xd1/0x610 [ 14.128708] ? __virt_addr_valid+0x1db/0x2d0 [ 14.128730] ? kasan_atomics_helper+0x13b5/0x5450 [ 14.128752] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.128775] ? kasan_atomics_helper+0x13b5/0x5450 [ 14.128798] kasan_report+0x141/0x180 [ 14.128821] ? kasan_atomics_helper+0x13b5/0x5450 [ 14.128848] kasan_check_range+0x10c/0x1c0 [ 14.128869] __kasan_check_read+0x15/0x20 [ 14.128903] kasan_atomics_helper+0x13b5/0x5450 [ 14.128927] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.128950] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.128971] ? ret_from_fork_asm+0x1a/0x30 [ 14.128992] ? kasan_atomics+0x152/0x310 [ 14.129016] kasan_atomics+0x1dc/0x310 [ 14.129035] ? __pfx_kasan_atomics+0x10/0x10 [ 14.129057] ? __pfx_read_tsc+0x10/0x10 [ 14.129077] ? ktime_get_ts64+0x86/0x230 [ 14.129102] kunit_try_run_case+0x1a5/0x480 [ 14.129123] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.129151] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.129175] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.129200] ? __kthread_parkme+0x82/0x180 [ 14.129221] ? preempt_count_sub+0x50/0x80 [ 14.129246] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.129267] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.129291] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.129315] kthread+0x337/0x6f0 [ 14.129332] ? trace_preempt_on+0x20/0xc0 [ 14.129355] ? __pfx_kthread+0x10/0x10 [ 14.129374] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.129396] ? calculate_sigpending+0x7b/0xa0 [ 14.129418] ? __pfx_kthread+0x10/0x10 [ 14.129436] ret_from_fork+0x41/0x80 [ 14.129457] ? __pfx_kthread+0x10/0x10 [ 14.129475] ret_from_fork_asm+0x1a/0x30 [ 14.129505] </TASK> [ 14.129515] [ 14.137173] Allocated by task 284: [ 14.137351] kasan_save_stack+0x45/0x70 [ 14.137524] kasan_save_track+0x18/0x40 [ 14.137659] kasan_save_alloc_info+0x3b/0x50 [ 14.137803] __kasan_kmalloc+0xb7/0xc0 [ 14.138003] __kmalloc_cache_noprof+0x189/0x420 [ 14.138228] kasan_atomics+0x95/0x310 [ 14.138410] kunit_try_run_case+0x1a5/0x480 [ 14.138606] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.138779] kthread+0x337/0x6f0 [ 14.139134] ret_from_fork+0x41/0x80 [ 14.139318] ret_from_fork_asm+0x1a/0x30 [ 14.139486] [ 14.139578] The buggy address belongs to the object at ffff888103a31d80 [ 14.139578] which belongs to the cache kmalloc-64 of size 64 [ 14.140085] The buggy address is located 0 bytes to the right of [ 14.140085] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 14.140591] [ 14.140674] The buggy address belongs to the physical page: [ 14.140890] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 14.141132] flags: 0x200000000000000(node=0|zone=2) [ 14.141291] page_type: f5(slab) [ 14.141407] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.141634] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.142353] page dumped because: kasan: bad access detected [ 14.142608] [ 14.142699] Memory state around the buggy address: [ 14.143074] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.143396] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.143714] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.144086] ^ [ 14.144287] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.144564] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.144774] ================================================================== [ 14.287181] ================================================================== [ 14.287518] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 14.287888] Write of size 8 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 14.288111] [ 14.288193] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.288233] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.288245] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.288265] Call Trace: [ 14.288277] <TASK> [ 14.288291] dump_stack_lvl+0x73/0xb0 [ 14.288313] print_report+0xd1/0x610 [ 14.288336] ? __virt_addr_valid+0x1db/0x2d0 [ 14.288357] ? kasan_atomics_helper+0x1818/0x5450 [ 14.288379] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.288401] ? kasan_atomics_helper+0x1818/0x5450 [ 14.288424] kasan_report+0x141/0x180 [ 14.288447] ? kasan_atomics_helper+0x1818/0x5450 [ 14.288474] kasan_check_range+0x10c/0x1c0 [ 14.288495] __kasan_check_write+0x18/0x20 [ 14.288515] kasan_atomics_helper+0x1818/0x5450 [ 14.288539] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.288562] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.288583] ? ret_from_fork_asm+0x1a/0x30 [ 14.288604] ? kasan_atomics+0x152/0x310 [ 14.288627] kasan_atomics+0x1dc/0x310 [ 14.288647] ? __pfx_kasan_atomics+0x10/0x10 [ 14.288668] ? __pfx_read_tsc+0x10/0x10 [ 14.288688] ? ktime_get_ts64+0x86/0x230 [ 14.288712] kunit_try_run_case+0x1a5/0x480 [ 14.288734] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.288753] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.288777] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.288822] ? __kthread_parkme+0x82/0x180 [ 14.288844] ? preempt_count_sub+0x50/0x80 [ 14.288869] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.288897] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.288921] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.288944] kthread+0x337/0x6f0 [ 14.288962] ? trace_preempt_on+0x20/0xc0 [ 14.288985] ? __pfx_kthread+0x10/0x10 [ 14.289003] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.289025] ? calculate_sigpending+0x7b/0xa0 [ 14.289047] ? __pfx_kthread+0x10/0x10 [ 14.289065] ret_from_fork+0x41/0x80 [ 14.289086] ? __pfx_kthread+0x10/0x10 [ 14.289104] ret_from_fork_asm+0x1a/0x30 [ 14.289138] </TASK> [ 14.289149] [ 14.296447] Allocated by task 284: [ 14.296574] kasan_save_stack+0x45/0x70 [ 14.296767] kasan_save_track+0x18/0x40 [ 14.296969] kasan_save_alloc_info+0x3b/0x50 [ 14.297179] __kasan_kmalloc+0xb7/0xc0 [ 14.297364] __kmalloc_cache_noprof+0x189/0x420 [ 14.297579] kasan_atomics+0x95/0x310 [ 14.297759] kunit_try_run_case+0x1a5/0x480 [ 14.299443] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.299728] kthread+0x337/0x6f0 [ 14.299937] ret_from_fork+0x41/0x80 [ 14.300120] ret_from_fork_asm+0x1a/0x30 [ 14.300317] [ 14.300412] The buggy address belongs to the object at ffff888103a31d80 [ 14.300412] which belongs to the cache kmalloc-64 of size 64 [ 14.300769] The buggy address is located 0 bytes to the right of [ 14.300769] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 14.302125] [ 14.302242] The buggy address belongs to the physical page: [ 14.302695] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 14.303326] flags: 0x200000000000000(node=0|zone=2) [ 14.303678] page_type: f5(slab) [ 14.304073] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.304580] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.305225] page dumped because: kasan: bad access detected [ 14.305537] [ 14.305638] Memory state around the buggy address: [ 14.306060] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.306494] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.306996] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.307476] ^ [ 14.307701] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.308211] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.308517] ================================================================== [ 13.523723] ================================================================== [ 13.524240] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 13.524477] Write of size 4 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 13.525414] [ 13.525532] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 13.525576] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.525588] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.525608] Call Trace: [ 13.525621] <TASK> [ 13.525637] dump_stack_lvl+0x73/0xb0 [ 13.525662] print_report+0xd1/0x610 [ 13.525706] ? __virt_addr_valid+0x1db/0x2d0 [ 13.525727] ? kasan_atomics_helper+0x4a0/0x5450 [ 13.525749] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.525773] ? kasan_atomics_helper+0x4a0/0x5450 [ 13.525795] kasan_report+0x141/0x180 [ 13.525819] ? kasan_atomics_helper+0x4a0/0x5450 [ 13.525845] kasan_check_range+0x10c/0x1c0 [ 13.525866] __kasan_check_write+0x18/0x20 [ 13.525898] kasan_atomics_helper+0x4a0/0x5450 [ 13.525922] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.525944] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.525965] ? ret_from_fork_asm+0x1a/0x30 [ 13.525986] ? kasan_atomics+0x152/0x310 [ 13.526010] kasan_atomics+0x1dc/0x310 [ 13.526029] ? __pfx_kasan_atomics+0x10/0x10 [ 13.526050] ? __pfx_read_tsc+0x10/0x10 [ 13.526069] ? ktime_get_ts64+0x86/0x230 [ 13.526094] kunit_try_run_case+0x1a5/0x480 [ 13.526115] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.526134] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.526158] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.526182] ? __kthread_parkme+0x82/0x180 [ 13.526204] ? preempt_count_sub+0x50/0x80 [ 13.526228] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.526249] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.526272] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.526296] kthread+0x337/0x6f0 [ 13.526312] ? trace_preempt_on+0x20/0xc0 [ 13.526335] ? __pfx_kthread+0x10/0x10 [ 13.526354] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.526376] ? calculate_sigpending+0x7b/0xa0 [ 13.526397] ? __pfx_kthread+0x10/0x10 [ 13.526416] ret_from_fork+0x41/0x80 [ 13.526436] ? __pfx_kthread+0x10/0x10 [ 13.526454] ret_from_fork_asm+0x1a/0x30 [ 13.526484] </TASK> [ 13.526495] [ 13.535826] Allocated by task 284: [ 13.536537] kasan_save_stack+0x45/0x70 [ 13.537448] kasan_save_track+0x18/0x40 [ 13.537925] kasan_save_alloc_info+0x3b/0x50 [ 13.538385] __kasan_kmalloc+0xb7/0xc0 [ 13.538807] __kmalloc_cache_noprof+0x189/0x420 [ 13.539301] kasan_atomics+0x95/0x310 [ 13.539670] kunit_try_run_case+0x1a5/0x480 [ 13.540197] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.540796] kthread+0x337/0x6f0 [ 13.541194] ret_from_fork+0x41/0x80 [ 13.541676] ret_from_fork_asm+0x1a/0x30 [ 13.542178] [ 13.542257] The buggy address belongs to the object at ffff888103a31d80 [ 13.542257] which belongs to the cache kmalloc-64 of size 64 [ 13.542595] The buggy address is located 0 bytes to the right of [ 13.542595] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 13.543646] [ 13.543931] The buggy address belongs to the physical page: [ 13.544456] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 13.545184] flags: 0x200000000000000(node=0|zone=2) [ 13.545495] page_type: f5(slab) [ 13.545617] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.546186] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.546615] page dumped because: kasan: bad access detected [ 13.547185] [ 13.547368] Memory state around the buggy address: [ 13.547590] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.548312] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.549064] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.549646] ^ [ 13.550151] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.550704] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.551325] ================================================================== [ 14.487382] ================================================================== [ 14.487854] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 14.488110] Write of size 8 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 14.488379] [ 14.488509] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.488553] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.488565] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.488585] Call Trace: [ 14.488598] <TASK> [ 14.488612] dump_stack_lvl+0x73/0xb0 [ 14.488635] print_report+0xd1/0x610 [ 14.488657] ? __virt_addr_valid+0x1db/0x2d0 [ 14.488678] ? kasan_atomics_helper+0x1d7a/0x5450 [ 14.488700] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.488722] ? kasan_atomics_helper+0x1d7a/0x5450 [ 14.488745] kasan_report+0x141/0x180 [ 14.488768] ? kasan_atomics_helper+0x1d7a/0x5450 [ 14.488795] kasan_check_range+0x10c/0x1c0 [ 14.488816] __kasan_check_write+0x18/0x20 [ 14.488857] kasan_atomics_helper+0x1d7a/0x5450 [ 14.488890] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.488913] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.488933] ? ret_from_fork_asm+0x1a/0x30 [ 14.488955] ? kasan_atomics+0x152/0x310 [ 14.488978] kasan_atomics+0x1dc/0x310 [ 14.488997] ? __pfx_kasan_atomics+0x10/0x10 [ 14.489037] ? __pfx_read_tsc+0x10/0x10 [ 14.489057] ? ktime_get_ts64+0x86/0x230 [ 14.489081] kunit_try_run_case+0x1a5/0x480 [ 14.489102] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.489121] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.489149] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.489174] ? __kthread_parkme+0x82/0x180 [ 14.489196] ? preempt_count_sub+0x50/0x80 [ 14.489220] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.489241] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.489264] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.489288] kthread+0x337/0x6f0 [ 14.489304] ? trace_preempt_on+0x20/0xc0 [ 14.489328] ? __pfx_kthread+0x10/0x10 [ 14.489346] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.489368] ? calculate_sigpending+0x7b/0xa0 [ 14.489390] ? __pfx_kthread+0x10/0x10 [ 14.489409] ret_from_fork+0x41/0x80 [ 14.489429] ? __pfx_kthread+0x10/0x10 [ 14.489466] ret_from_fork_asm+0x1a/0x30 [ 14.489496] </TASK> [ 14.489506] [ 14.497328] Allocated by task 284: [ 14.497521] kasan_save_stack+0x45/0x70 [ 14.497931] kasan_save_track+0x18/0x40 [ 14.498165] kasan_save_alloc_info+0x3b/0x50 [ 14.498377] __kasan_kmalloc+0xb7/0xc0 [ 14.498511] __kmalloc_cache_noprof+0x189/0x420 [ 14.498662] kasan_atomics+0x95/0x310 [ 14.498841] kunit_try_run_case+0x1a5/0x480 [ 14.499058] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.499309] kthread+0x337/0x6f0 [ 14.499475] ret_from_fork+0x41/0x80 [ 14.499655] ret_from_fork_asm+0x1a/0x30 [ 14.499921] [ 14.500024] The buggy address belongs to the object at ffff888103a31d80 [ 14.500024] which belongs to the cache kmalloc-64 of size 64 [ 14.500456] The buggy address is located 0 bytes to the right of [ 14.500456] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 14.501026] [ 14.501096] The buggy address belongs to the physical page: [ 14.501275] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 14.501512] flags: 0x200000000000000(node=0|zone=2) [ 14.501672] page_type: f5(slab) [ 14.501847] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.502203] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.502547] page dumped because: kasan: bad access detected [ 14.502832] [ 14.502956] Memory state around the buggy address: [ 14.503201] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.503455] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.503699] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.504022] ^ [ 14.504222] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.504434] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.504710] ================================================================== [ 13.805198] ================================================================== [ 13.805564] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 13.805935] Write of size 4 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 13.806258] [ 13.806393] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 13.806438] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.806450] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.806470] Call Trace: [ 13.806485] <TASK> [ 13.806500] dump_stack_lvl+0x73/0xb0 [ 13.806524] print_report+0xd1/0x610 [ 13.806557] ? __virt_addr_valid+0x1db/0x2d0 [ 13.806580] ? kasan_atomics_helper+0xb6a/0x5450 [ 13.806613] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.806638] ? kasan_atomics_helper+0xb6a/0x5450 [ 13.806663] kasan_report+0x141/0x180 [ 13.806687] ? kasan_atomics_helper+0xb6a/0x5450 [ 13.806716] kasan_check_range+0x10c/0x1c0 [ 13.806739] __kasan_check_write+0x18/0x20 [ 13.806760] kasan_atomics_helper+0xb6a/0x5450 [ 13.806785] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.806818] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.806841] ? ret_from_fork_asm+0x1a/0x30 [ 13.806863] ? kasan_atomics+0x152/0x310 [ 13.806897] kasan_atomics+0x1dc/0x310 [ 13.806918] ? __pfx_kasan_atomics+0x10/0x10 [ 13.806941] ? __pfx_read_tsc+0x10/0x10 [ 13.806961] ? ktime_get_ts64+0x86/0x230 [ 13.806996] kunit_try_run_case+0x1a5/0x480 [ 13.807019] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.807039] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.807075] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.807102] ? __kthread_parkme+0x82/0x180 [ 13.807125] ? preempt_count_sub+0x50/0x80 [ 13.807160] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.807183] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.807208] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.807244] kthread+0x337/0x6f0 [ 13.807262] ? trace_preempt_on+0x20/0xc0 [ 13.807286] ? __pfx_kthread+0x10/0x10 [ 13.807314] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.807338] ? calculate_sigpending+0x7b/0xa0 [ 13.807361] ? __pfx_kthread+0x10/0x10 [ 13.807391] ret_from_fork+0x41/0x80 [ 13.807412] ? __pfx_kthread+0x10/0x10 [ 13.807432] ret_from_fork_asm+0x1a/0x30 [ 13.807463] </TASK> [ 13.807474] [ 13.815453] Allocated by task 284: [ 13.815580] kasan_save_stack+0x45/0x70 [ 13.815721] kasan_save_track+0x18/0x40 [ 13.815856] kasan_save_alloc_info+0x3b/0x50 [ 13.816010] __kasan_kmalloc+0xb7/0xc0 [ 13.816228] __kmalloc_cache_noprof+0x189/0x420 [ 13.816449] kasan_atomics+0x95/0x310 [ 13.816632] kunit_try_run_case+0x1a5/0x480 [ 13.816837] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.817245] kthread+0x337/0x6f0 [ 13.817412] ret_from_fork+0x41/0x80 [ 13.817577] ret_from_fork_asm+0x1a/0x30 [ 13.817715] [ 13.817785] The buggy address belongs to the object at ffff888103a31d80 [ 13.817785] which belongs to the cache kmalloc-64 of size 64 [ 13.818324] The buggy address is located 0 bytes to the right of [ 13.818324] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 13.818739] [ 13.818811] The buggy address belongs to the physical page: [ 13.819065] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 13.819456] flags: 0x200000000000000(node=0|zone=2) [ 13.819719] page_type: f5(slab) [ 13.819923] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.820251] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.820588] page dumped because: kasan: bad access detected [ 13.820820] [ 13.820946] Memory state around the buggy address: [ 13.821159] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.821460] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.821762] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.822072] ^ [ 13.822311] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.822611] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.823006] ================================================================== [ 14.392755] ================================================================== [ 14.393231] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 14.393572] Write of size 8 at addr ffff888103a31db0 by task kunit_try_catch/284 [ 14.393916] [ 14.394431] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 14.394477] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.394490] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.394509] Call Trace: [ 14.394524] <TASK> [ 14.394538] dump_stack_lvl+0x73/0xb0 [ 14.394563] print_report+0xd1/0x610 [ 14.394585] ? __virt_addr_valid+0x1db/0x2d0 [ 14.394606] ? kasan_atomics_helper+0x1b22/0x5450 [ 14.394628] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.394650] ? kasan_atomics_helper+0x1b22/0x5450 [ 14.394673] kasan_report+0x141/0x180 [ 14.394696] ? kasan_atomics_helper+0x1b22/0x5450 [ 14.394723] kasan_check_range+0x10c/0x1c0 [ 14.394744] __kasan_check_write+0x18/0x20 [ 14.394764] kasan_atomics_helper+0x1b22/0x5450 [ 14.394787] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.395061] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.395091] ? ret_from_fork_asm+0x1a/0x30 [ 14.395114] ? kasan_atomics+0x152/0x310 [ 14.395138] kasan_atomics+0x1dc/0x310 [ 14.395158] ? __pfx_kasan_atomics+0x10/0x10 [ 14.395180] ? __pfx_read_tsc+0x10/0x10 [ 14.395200] ? ktime_get_ts64+0x86/0x230 [ 14.395224] kunit_try_run_case+0x1a5/0x480 [ 14.395245] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.395264] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.395288] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.395312] ? __kthread_parkme+0x82/0x180 [ 14.395334] ? preempt_count_sub+0x50/0x80 [ 14.395358] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.395379] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.395402] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.395426] kthread+0x337/0x6f0 [ 14.395443] ? trace_preempt_on+0x20/0xc0 [ 14.395467] ? __pfx_kthread+0x10/0x10 [ 14.395485] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.395507] ? calculate_sigpending+0x7b/0xa0 [ 14.395528] ? __pfx_kthread+0x10/0x10 [ 14.395546] ret_from_fork+0x41/0x80 [ 14.395567] ? __pfx_kthread+0x10/0x10 [ 14.395585] ret_from_fork_asm+0x1a/0x30 [ 14.395616] </TASK> [ 14.395627] [ 14.413576] Allocated by task 284: [ 14.413711] kasan_save_stack+0x45/0x70 [ 14.414123] kasan_save_track+0x18/0x40 [ 14.414546] kasan_save_alloc_info+0x3b/0x50 [ 14.415127] __kasan_kmalloc+0xb7/0xc0 [ 14.415652] __kmalloc_cache_noprof+0x189/0x420 [ 14.416234] kasan_atomics+0x95/0x310 [ 14.416377] kunit_try_run_case+0x1a5/0x480 [ 14.416525] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.416704] kthread+0x337/0x6f0 [ 14.416828] ret_from_fork+0x41/0x80 [ 14.417030] ret_from_fork_asm+0x1a/0x30 [ 14.417242] [ 14.417315] The buggy address belongs to the object at ffff888103a31d80 [ 14.417315] which belongs to the cache kmalloc-64 of size 64 [ 14.417789] The buggy address is located 0 bytes to the right of [ 14.417789] allocated 48-byte region [ffff888103a31d80, ffff888103a31db0) [ 14.418280] [ 14.418379] The buggy address belongs to the physical page: [ 14.418638] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a31 [ 14.418900] flags: 0x200000000000000(node=0|zone=2) [ 14.419134] page_type: f5(slab) [ 14.419306] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.419545] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.420213] page dumped because: kasan: bad access detected [ 14.420450] [ 14.420567] Memory state around the buggy address: [ 14.420809] ffff888103a31c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.421065] ffff888103a31d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.421378] >ffff888103a31d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.421710] ^ [ 14.421939] ffff888103a31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.422270] ffff888103a31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.422565] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 13.317781] ================================================================== [ 13.318432] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.319248] Read of size 8 at addr ffff8881027e74e8 by task kunit_try_catch/280 [ 13.319478] [ 13.319564] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 13.319608] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.319619] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.319639] Call Trace: [ 13.319652] <TASK> [ 13.319666] dump_stack_lvl+0x73/0xb0 [ 13.319689] print_report+0xd1/0x610 [ 13.319712] ? __virt_addr_valid+0x1db/0x2d0 [ 13.319731] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.319753] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.319776] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.319863] kasan_report+0x141/0x180 [ 13.319958] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.320036] kasan_check_range+0x10c/0x1c0 [ 13.320055] __kasan_check_read+0x15/0x20 [ 13.320085] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.320109] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.320133] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.320153] ? trace_hardirqs_on+0x37/0xe0 [ 13.320174] ? kasan_bitops_generic+0x92/0x1c0 [ 13.320198] kasan_bitops_generic+0x121/0x1c0 [ 13.320218] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.320238] ? __pfx_read_tsc+0x10/0x10 [ 13.320257] ? ktime_get_ts64+0x86/0x230 [ 13.320280] kunit_try_run_case+0x1a5/0x480 [ 13.320301] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.320354] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.320378] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.320401] ? __kthread_parkme+0x82/0x180 [ 13.320432] ? preempt_count_sub+0x50/0x80 [ 13.320493] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.320512] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.320580] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.320604] kthread+0x337/0x6f0 [ 13.320620] ? trace_preempt_on+0x20/0xc0 [ 13.320651] ? __pfx_kthread+0x10/0x10 [ 13.320669] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.320690] ? calculate_sigpending+0x7b/0xa0 [ 13.320710] ? __pfx_kthread+0x10/0x10 [ 13.320728] ret_from_fork+0x41/0x80 [ 13.320748] ? __pfx_kthread+0x10/0x10 [ 13.320765] ret_from_fork_asm+0x1a/0x30 [ 13.320813] </TASK> [ 13.320824] [ 13.334911] Allocated by task 280: [ 13.335253] kasan_save_stack+0x45/0x70 [ 13.335556] kasan_save_track+0x18/0x40 [ 13.335921] kasan_save_alloc_info+0x3b/0x50 [ 13.336066] __kasan_kmalloc+0xb7/0xc0 [ 13.336198] __kmalloc_cache_noprof+0x189/0x420 [ 13.336348] kasan_bitops_generic+0x92/0x1c0 [ 13.336491] kunit_try_run_case+0x1a5/0x480 [ 13.336631] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.336825] kthread+0x337/0x6f0 [ 13.337144] ret_from_fork+0x41/0x80 [ 13.337471] ret_from_fork_asm+0x1a/0x30 [ 13.337860] [ 13.338027] The buggy address belongs to the object at ffff8881027e74e0 [ 13.338027] which belongs to the cache kmalloc-16 of size 16 [ 13.339104] The buggy address is located 8 bytes inside of [ 13.339104] allocated 9-byte region [ffff8881027e74e0, ffff8881027e74e9) [ 13.340155] [ 13.340320] The buggy address belongs to the physical page: [ 13.340819] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e7 [ 13.341505] flags: 0x200000000000000(node=0|zone=2) [ 13.341981] page_type: f5(slab) [ 13.342255] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.342653] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.343092] page dumped because: kasan: bad access detected [ 13.343582] [ 13.343743] Memory state around the buggy address: [ 13.344200] ffff8881027e7380: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 13.344667] ffff8881027e7400: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 13.345183] >ffff8881027e7480: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.345395] ^ [ 13.345591] ffff8881027e7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.345823] ffff8881027e7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.346436] ================================================================== [ 13.289283] ================================================================== [ 13.289566] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.290047] Write of size 8 at addr ffff8881027e74e8 by task kunit_try_catch/280 [ 13.290328] [ 13.290434] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 13.290473] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.290484] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.290503] Call Trace: [ 13.290515] <TASK> [ 13.290528] dump_stack_lvl+0x73/0xb0 [ 13.290550] print_report+0xd1/0x610 [ 13.290571] ? __virt_addr_valid+0x1db/0x2d0 [ 13.290591] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.290613] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.290635] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.290658] kasan_report+0x141/0x180 [ 13.290679] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.290707] kasan_check_range+0x10c/0x1c0 [ 13.290727] __kasan_check_write+0x18/0x20 [ 13.290746] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.290768] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.290792] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.290811] ? trace_hardirqs_on+0x37/0xe0 [ 13.290832] ? kasan_bitops_generic+0x92/0x1c0 [ 13.290857] kasan_bitops_generic+0x121/0x1c0 [ 13.290877] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.290910] ? __pfx_read_tsc+0x10/0x10 [ 13.290929] ? ktime_get_ts64+0x86/0x230 [ 13.290952] kunit_try_run_case+0x1a5/0x480 [ 13.290972] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.290990] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.291014] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.291037] ? __kthread_parkme+0x82/0x180 [ 13.291058] ? preempt_count_sub+0x50/0x80 [ 13.291082] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.291101] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.291123] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.291146] kthread+0x337/0x6f0 [ 13.291162] ? trace_preempt_on+0x20/0xc0 [ 13.291183] ? __pfx_kthread+0x10/0x10 [ 13.291200] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.291221] ? calculate_sigpending+0x7b/0xa0 [ 13.291241] ? __pfx_kthread+0x10/0x10 [ 13.291259] ret_from_fork+0x41/0x80 [ 13.291278] ? __pfx_kthread+0x10/0x10 [ 13.291295] ret_from_fork_asm+0x1a/0x30 [ 13.291324] </TASK> [ 13.291334] [ 13.299316] Allocated by task 280: [ 13.299447] kasan_save_stack+0x45/0x70 [ 13.299590] kasan_save_track+0x18/0x40 [ 13.299725] kasan_save_alloc_info+0x3b/0x50 [ 13.299868] __kasan_kmalloc+0xb7/0xc0 [ 13.300012] __kmalloc_cache_noprof+0x189/0x420 [ 13.300162] kasan_bitops_generic+0x92/0x1c0 [ 13.301393] kunit_try_run_case+0x1a5/0x480 [ 13.302168] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.303177] kthread+0x337/0x6f0 [ 13.303628] ret_from_fork+0x41/0x80 [ 13.304258] ret_from_fork_asm+0x1a/0x30 [ 13.304989] [ 13.305368] The buggy address belongs to the object at ffff8881027e74e0 [ 13.305368] which belongs to the cache kmalloc-16 of size 16 [ 13.306449] The buggy address is located 8 bytes inside of [ 13.306449] allocated 9-byte region [ffff8881027e74e0, ffff8881027e74e9) [ 13.307354] [ 13.307432] The buggy address belongs to the physical page: [ 13.307602] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e7 [ 13.308322] flags: 0x200000000000000(node=0|zone=2) [ 13.309082] page_type: f5(slab) [ 13.309591] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.310548] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.311165] page dumped because: kasan: bad access detected [ 13.311342] [ 13.311411] Memory state around the buggy address: [ 13.311565] ffff8881027e7380: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 13.311778] ffff8881027e7400: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 13.312984] >ffff8881027e7480: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.314062] ^ [ 13.315016] ffff8881027e7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.315768] ffff8881027e7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.316523] ================================================================== [ 13.193719] ================================================================== [ 13.194435] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.194810] Write of size 8 at addr ffff8881027e74e8 by task kunit_try_catch/280 [ 13.195130] [ 13.195226] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 13.195267] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.195279] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.195297] Call Trace: [ 13.195310] <TASK> [ 13.195323] dump_stack_lvl+0x73/0xb0 [ 13.195345] print_report+0xd1/0x610 [ 13.195367] ? __virt_addr_valid+0x1db/0x2d0 [ 13.195387] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.195410] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.195432] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.195455] kasan_report+0x141/0x180 [ 13.195477] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.195505] kasan_check_range+0x10c/0x1c0 [ 13.195525] __kasan_check_write+0x18/0x20 [ 13.195544] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.195567] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.195590] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.195610] ? trace_hardirqs_on+0x37/0xe0 [ 13.195631] ? kasan_bitops_generic+0x92/0x1c0 [ 13.195654] kasan_bitops_generic+0x121/0x1c0 [ 13.195674] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.195694] ? __pfx_read_tsc+0x10/0x10 [ 13.195713] ? ktime_get_ts64+0x86/0x230 [ 13.195737] kunit_try_run_case+0x1a5/0x480 [ 13.195757] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.195775] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.195797] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.195820] ? __kthread_parkme+0x82/0x180 [ 13.195841] ? preempt_count_sub+0x50/0x80 [ 13.195864] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.195894] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.195916] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.195938] kthread+0x337/0x6f0 [ 13.195954] ? trace_preempt_on+0x20/0xc0 [ 13.195975] ? __pfx_kthread+0x10/0x10 [ 13.195993] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.196014] ? calculate_sigpending+0x7b/0xa0 [ 13.196034] ? __pfx_kthread+0x10/0x10 [ 13.196052] ret_from_fork+0x41/0x80 [ 13.196071] ? __pfx_kthread+0x10/0x10 [ 13.196088] ret_from_fork_asm+0x1a/0x30 [ 13.196117] </TASK> [ 13.196128] [ 13.206320] Allocated by task 280: [ 13.206570] kasan_save_stack+0x45/0x70 [ 13.206960] kasan_save_track+0x18/0x40 [ 13.207134] kasan_save_alloc_info+0x3b/0x50 [ 13.207334] __kasan_kmalloc+0xb7/0xc0 [ 13.207506] __kmalloc_cache_noprof+0x189/0x420 [ 13.207698] kasan_bitops_generic+0x92/0x1c0 [ 13.207897] kunit_try_run_case+0x1a5/0x480 [ 13.208407] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.208617] kthread+0x337/0x6f0 [ 13.209056] ret_from_fork+0x41/0x80 [ 13.209316] ret_from_fork_asm+0x1a/0x30 [ 13.209546] [ 13.209645] The buggy address belongs to the object at ffff8881027e74e0 [ 13.209645] which belongs to the cache kmalloc-16 of size 16 [ 13.210343] The buggy address is located 8 bytes inside of [ 13.210343] allocated 9-byte region [ffff8881027e74e0, ffff8881027e74e9) [ 13.210960] [ 13.211144] The buggy address belongs to the physical page: [ 13.211488] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e7 [ 13.211949] flags: 0x200000000000000(node=0|zone=2) [ 13.212265] page_type: f5(slab) [ 13.212419] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.212730] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.213214] page dumped because: kasan: bad access detected [ 13.213535] [ 13.213683] Memory state around the buggy address: [ 13.213909] ffff8881027e7380: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 13.214352] ffff8881027e7400: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 13.214623] >ffff8881027e7480: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.215160] ^ [ 13.215499] ffff8881027e7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.215804] ffff8881027e7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.216247] ================================================================== [ 13.253266] ================================================================== [ 13.253519] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.254275] Write of size 8 at addr ffff8881027e74e8 by task kunit_try_catch/280 [ 13.254508] [ 13.254666] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 13.254710] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.254722] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.254742] Call Trace: [ 13.254755] <TASK> [ 13.254769] dump_stack_lvl+0x73/0xb0 [ 13.254792] print_report+0xd1/0x610 [ 13.254814] ? __virt_addr_valid+0x1db/0x2d0 [ 13.254837] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.254860] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.254894] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.254917] kasan_report+0x141/0x180 [ 13.254939] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.254968] kasan_check_range+0x10c/0x1c0 [ 13.254988] __kasan_check_write+0x18/0x20 [ 13.255007] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.255030] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.255054] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.255074] ? trace_hardirqs_on+0x37/0xe0 [ 13.255095] ? kasan_bitops_generic+0x92/0x1c0 [ 13.255118] kasan_bitops_generic+0x121/0x1c0 [ 13.255138] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.255159] ? __pfx_read_tsc+0x10/0x10 [ 13.255177] ? ktime_get_ts64+0x86/0x230 [ 13.255202] kunit_try_run_case+0x1a5/0x480 [ 13.255222] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.255240] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.255264] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.255287] ? __kthread_parkme+0x82/0x180 [ 13.255307] ? preempt_count_sub+0x50/0x80 [ 13.255331] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.255351] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.255373] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.255396] kthread+0x337/0x6f0 [ 13.255412] ? trace_preempt_on+0x20/0xc0 [ 13.255433] ? __pfx_kthread+0x10/0x10 [ 13.255451] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.255472] ? calculate_sigpending+0x7b/0xa0 [ 13.255492] ? __pfx_kthread+0x10/0x10 [ 13.255510] ret_from_fork+0x41/0x80 [ 13.255530] ? __pfx_kthread+0x10/0x10 [ 13.255547] ret_from_fork_asm+0x1a/0x30 [ 13.255576] </TASK> [ 13.255586] [ 13.263683] Allocated by task 280: [ 13.263805] kasan_save_stack+0x45/0x70 [ 13.264143] kasan_save_track+0x18/0x40 [ 13.264332] kasan_save_alloc_info+0x3b/0x50 [ 13.264475] __kasan_kmalloc+0xb7/0xc0 [ 13.264610] __kmalloc_cache_noprof+0x189/0x420 [ 13.264762] kasan_bitops_generic+0x92/0x1c0 [ 13.264954] kunit_try_run_case+0x1a5/0x480 [ 13.265172] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.265678] kthread+0x337/0x6f0 [ 13.265866] ret_from_fork+0x41/0x80 [ 13.266035] ret_from_fork_asm+0x1a/0x30 [ 13.266219] [ 13.266308] The buggy address belongs to the object at ffff8881027e74e0 [ 13.266308] which belongs to the cache kmalloc-16 of size 16 [ 13.266748] The buggy address is located 8 bytes inside of [ 13.266748] allocated 9-byte region [ffff8881027e74e0, ffff8881027e74e9) [ 13.267219] [ 13.267314] The buggy address belongs to the physical page: [ 13.267566] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e7 [ 13.267801] flags: 0x200000000000000(node=0|zone=2) [ 13.267971] page_type: f5(slab) [ 13.268090] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.268328] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.268655] page dumped because: kasan: bad access detected [ 13.268907] [ 13.269001] Memory state around the buggy address: [ 13.269227] ffff8881027e7380: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 13.269545] ffff8881027e7400: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 13.269897] >ffff8881027e7480: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.270176] ^ [ 13.270420] ffff8881027e7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.270696] ffff8881027e7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.270997] ================================================================== [ 13.216986] ================================================================== [ 13.217543] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.218190] Write of size 8 at addr ffff8881027e74e8 by task kunit_try_catch/280 [ 13.218507] [ 13.218607] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 13.218650] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.218661] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.218679] Call Trace: [ 13.218693] <TASK> [ 13.218707] dump_stack_lvl+0x73/0xb0 [ 13.218731] print_report+0xd1/0x610 [ 13.218752] ? __virt_addr_valid+0x1db/0x2d0 [ 13.218772] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.218794] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.218817] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.218840] kasan_report+0x141/0x180 [ 13.218862] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.218901] kasan_check_range+0x10c/0x1c0 [ 13.218920] __kasan_check_write+0x18/0x20 [ 13.218940] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.218962] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.218986] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.219006] ? trace_hardirqs_on+0x37/0xe0 [ 13.219027] ? kasan_bitops_generic+0x92/0x1c0 [ 13.219051] kasan_bitops_generic+0x121/0x1c0 [ 13.219071] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.219092] ? __pfx_read_tsc+0x10/0x10 [ 13.219110] ? ktime_get_ts64+0x86/0x230 [ 13.219134] kunit_try_run_case+0x1a5/0x480 [ 13.219153] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.219171] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.219195] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.219217] ? __kthread_parkme+0x82/0x180 [ 13.219238] ? preempt_count_sub+0x50/0x80 [ 13.219262] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.219282] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.219304] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.219326] kthread+0x337/0x6f0 [ 13.219342] ? trace_preempt_on+0x20/0xc0 [ 13.219364] ? __pfx_kthread+0x10/0x10 [ 13.219381] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.219402] ? calculate_sigpending+0x7b/0xa0 [ 13.219422] ? __pfx_kthread+0x10/0x10 [ 13.219440] ret_from_fork+0x41/0x80 [ 13.219460] ? __pfx_kthread+0x10/0x10 [ 13.219476] ret_from_fork_asm+0x1a/0x30 [ 13.219506] </TASK> [ 13.219516] [ 13.227147] Allocated by task 280: [ 13.227331] kasan_save_stack+0x45/0x70 [ 13.227523] kasan_save_track+0x18/0x40 [ 13.227713] kasan_save_alloc_info+0x3b/0x50 [ 13.228097] __kasan_kmalloc+0xb7/0xc0 [ 13.228241] __kmalloc_cache_noprof+0x189/0x420 [ 13.228390] kasan_bitops_generic+0x92/0x1c0 [ 13.228566] kunit_try_run_case+0x1a5/0x480 [ 13.228770] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.229197] kthread+0x337/0x6f0 [ 13.229339] ret_from_fork+0x41/0x80 [ 13.229485] ret_from_fork_asm+0x1a/0x30 [ 13.229621] [ 13.229689] The buggy address belongs to the object at ffff8881027e74e0 [ 13.229689] which belongs to the cache kmalloc-16 of size 16 [ 13.230079] The buggy address is located 8 bytes inside of [ 13.230079] allocated 9-byte region [ffff8881027e74e0, ffff8881027e74e9) [ 13.230595] [ 13.230689] The buggy address belongs to the physical page: [ 13.231085] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e7 [ 13.231416] flags: 0x200000000000000(node=0|zone=2) [ 13.231577] page_type: f5(slab) [ 13.231695] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.232225] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.232560] page dumped because: kasan: bad access detected [ 13.232818] [ 13.232920] Memory state around the buggy address: [ 13.233155] ffff8881027e7380: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 13.233440] ffff8881027e7400: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 13.233650] >ffff8881027e7480: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.234154] ^ [ 13.234408] ffff8881027e7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.234686] ffff8881027e7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.234923] ================================================================== [ 13.347389] ================================================================== [ 13.347714] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.348094] Read of size 8 at addr ffff8881027e74e8 by task kunit_try_catch/280 [ 13.348363] [ 13.348474] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 13.348519] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.348530] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.348550] Call Trace: [ 13.348562] <TASK> [ 13.348577] dump_stack_lvl+0x73/0xb0 [ 13.348599] print_report+0xd1/0x610 [ 13.348622] ? __virt_addr_valid+0x1db/0x2d0 [ 13.348642] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.348663] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.348686] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.348710] kasan_report+0x141/0x180 [ 13.348732] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.348759] __asan_report_load8_noabort+0x18/0x20 [ 13.348780] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.348802] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.348826] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.348846] ? trace_hardirqs_on+0x37/0xe0 [ 13.348867] ? kasan_bitops_generic+0x92/0x1c0 [ 13.348929] kasan_bitops_generic+0x121/0x1c0 [ 13.348950] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.348970] ? __pfx_read_tsc+0x10/0x10 [ 13.349001] ? ktime_get_ts64+0x86/0x230 [ 13.349025] kunit_try_run_case+0x1a5/0x480 [ 13.349045] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.349063] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.349097] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.349120] ? __kthread_parkme+0x82/0x180 [ 13.349148] ? preempt_count_sub+0x50/0x80 [ 13.349183] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.349203] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.349226] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.349250] kthread+0x337/0x6f0 [ 13.349265] ? trace_preempt_on+0x20/0xc0 [ 13.349288] ? __pfx_kthread+0x10/0x10 [ 13.349305] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.349326] ? calculate_sigpending+0x7b/0xa0 [ 13.349347] ? __pfx_kthread+0x10/0x10 [ 13.349365] ret_from_fork+0x41/0x80 [ 13.349384] ? __pfx_kthread+0x10/0x10 [ 13.349402] ret_from_fork_asm+0x1a/0x30 [ 13.349432] </TASK> [ 13.349443] [ 13.357257] Allocated by task 280: [ 13.357418] kasan_save_stack+0x45/0x70 [ 13.357638] kasan_save_track+0x18/0x40 [ 13.357874] kasan_save_alloc_info+0x3b/0x50 [ 13.358092] __kasan_kmalloc+0xb7/0xc0 [ 13.358278] __kmalloc_cache_noprof+0x189/0x420 [ 13.358429] kasan_bitops_generic+0x92/0x1c0 [ 13.358606] kunit_try_run_case+0x1a5/0x480 [ 13.358827] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.359100] kthread+0x337/0x6f0 [ 13.359260] ret_from_fork+0x41/0x80 [ 13.359433] ret_from_fork_asm+0x1a/0x30 [ 13.359640] [ 13.359727] The buggy address belongs to the object at ffff8881027e74e0 [ 13.359727] which belongs to the cache kmalloc-16 of size 16 [ 13.360265] The buggy address is located 8 bytes inside of [ 13.360265] allocated 9-byte region [ffff8881027e74e0, ffff8881027e74e9) [ 13.360635] [ 13.360705] The buggy address belongs to the physical page: [ 13.360905] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e7 [ 13.361281] flags: 0x200000000000000(node=0|zone=2) [ 13.361510] page_type: f5(slab) [ 13.361673] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.362057] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.362391] page dumped because: kasan: bad access detected [ 13.362633] [ 13.362735] Memory state around the buggy address: [ 13.362940] ffff8881027e7380: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 13.363153] ffff8881027e7400: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 13.363385] >ffff8881027e7480: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.363724] ^ [ 13.364087] ffff8881027e7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.364447] ffff8881027e7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.364745] ================================================================== [ 13.172089] ================================================================== [ 13.172415] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.172713] Write of size 8 at addr ffff8881027e74e8 by task kunit_try_catch/280 [ 13.173083] [ 13.173197] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 13.173239] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.173250] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.173269] Call Trace: [ 13.173283] <TASK> [ 13.173297] dump_stack_lvl+0x73/0xb0 [ 13.173320] print_report+0xd1/0x610 [ 13.173342] ? __virt_addr_valid+0x1db/0x2d0 [ 13.173362] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.173385] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.173408] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.173431] kasan_report+0x141/0x180 [ 13.173453] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.173480] kasan_check_range+0x10c/0x1c0 [ 13.173499] __kasan_check_write+0x18/0x20 [ 13.173519] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.173541] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.173566] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.173586] ? trace_hardirqs_on+0x37/0xe0 [ 13.173608] ? kasan_bitops_generic+0x92/0x1c0 [ 13.173632] kasan_bitops_generic+0x121/0x1c0 [ 13.173650] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.173672] ? __pfx_read_tsc+0x10/0x10 [ 13.173689] ? ktime_get_ts64+0x86/0x230 [ 13.173713] kunit_try_run_case+0x1a5/0x480 [ 13.173733] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.173751] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.173774] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.173797] ? __kthread_parkme+0x82/0x180 [ 13.173818] ? preempt_count_sub+0x50/0x80 [ 13.173842] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.173861] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.173894] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.173916] kthread+0x337/0x6f0 [ 13.173932] ? trace_preempt_on+0x20/0xc0 [ 13.173954] ? __pfx_kthread+0x10/0x10 [ 13.173983] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.174004] ? calculate_sigpending+0x7b/0xa0 [ 13.174025] ? __pfx_kthread+0x10/0x10 [ 13.174042] ret_from_fork+0x41/0x80 [ 13.174062] ? __pfx_kthread+0x10/0x10 [ 13.174079] ret_from_fork_asm+0x1a/0x30 [ 13.174110] </TASK> [ 13.174119] [ 13.183586] Allocated by task 280: [ 13.183903] kasan_save_stack+0x45/0x70 [ 13.184161] kasan_save_track+0x18/0x40 [ 13.184394] kasan_save_alloc_info+0x3b/0x50 [ 13.184591] __kasan_kmalloc+0xb7/0xc0 [ 13.184766] __kmalloc_cache_noprof+0x189/0x420 [ 13.185196] kasan_bitops_generic+0x92/0x1c0 [ 13.185410] kunit_try_run_case+0x1a5/0x480 [ 13.185697] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.186063] kthread+0x337/0x6f0 [ 13.186190] ret_from_fork+0x41/0x80 [ 13.186444] ret_from_fork_asm+0x1a/0x30 [ 13.186638] [ 13.186728] The buggy address belongs to the object at ffff8881027e74e0 [ 13.186728] which belongs to the cache kmalloc-16 of size 16 [ 13.187498] The buggy address is located 8 bytes inside of [ 13.187498] allocated 9-byte region [ffff8881027e74e0, ffff8881027e74e9) [ 13.188087] [ 13.188322] The buggy address belongs to the physical page: [ 13.188526] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e7 [ 13.189009] flags: 0x200000000000000(node=0|zone=2) [ 13.189306] page_type: f5(slab) [ 13.189433] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.189753] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.190240] page dumped because: kasan: bad access detected [ 13.190493] [ 13.190568] Memory state around the buggy address: [ 13.190792] ffff8881027e7380: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 13.191307] ffff8881027e7400: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 13.191692] >ffff8881027e7480: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.192037] ^ [ 13.192465] ffff8881027e7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.192825] ffff8881027e7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.193149] ================================================================== [ 13.235615] ================================================================== [ 13.235975] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.236242] Write of size 8 at addr ffff8881027e74e8 by task kunit_try_catch/280 [ 13.236527] [ 13.236632] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 13.236672] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.236682] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.236701] Call Trace: [ 13.236713] <TASK> [ 13.236725] dump_stack_lvl+0x73/0xb0 [ 13.236746] print_report+0xd1/0x610 [ 13.236768] ? __virt_addr_valid+0x1db/0x2d0 [ 13.236786] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.236808] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.236830] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.236853] kasan_report+0x141/0x180 [ 13.236875] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.236915] kasan_check_range+0x10c/0x1c0 [ 13.236934] __kasan_check_write+0x18/0x20 [ 13.236953] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.236976] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.237000] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.237019] ? trace_hardirqs_on+0x37/0xe0 [ 13.237040] ? kasan_bitops_generic+0x92/0x1c0 [ 13.237063] kasan_bitops_generic+0x121/0x1c0 [ 13.237083] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.237104] ? __pfx_read_tsc+0x10/0x10 [ 13.237121] ? ktime_get_ts64+0x86/0x230 [ 13.237151] kunit_try_run_case+0x1a5/0x480 [ 13.237182] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.237199] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.237222] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.237245] ? __kthread_parkme+0x82/0x180 [ 13.237265] ? preempt_count_sub+0x50/0x80 [ 13.237288] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.237307] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.237329] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.237352] kthread+0x337/0x6f0 [ 13.237369] ? trace_preempt_on+0x20/0xc0 [ 13.237390] ? __pfx_kthread+0x10/0x10 [ 13.237407] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.237428] ? calculate_sigpending+0x7b/0xa0 [ 13.237449] ? __pfx_kthread+0x10/0x10 [ 13.237466] ret_from_fork+0x41/0x80 [ 13.237485] ? __pfx_kthread+0x10/0x10 [ 13.237502] ret_from_fork_asm+0x1a/0x30 [ 13.237532] </TASK> [ 13.237541] [ 13.245319] Allocated by task 280: [ 13.245497] kasan_save_stack+0x45/0x70 [ 13.245696] kasan_save_track+0x18/0x40 [ 13.245962] kasan_save_alloc_info+0x3b/0x50 [ 13.246144] __kasan_kmalloc+0xb7/0xc0 [ 13.246291] __kmalloc_cache_noprof+0x189/0x420 [ 13.246488] kasan_bitops_generic+0x92/0x1c0 [ 13.246664] kunit_try_run_case+0x1a5/0x480 [ 13.246805] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.247068] kthread+0x337/0x6f0 [ 13.247220] ret_from_fork+0x41/0x80 [ 13.247348] ret_from_fork_asm+0x1a/0x30 [ 13.247485] [ 13.247555] The buggy address belongs to the object at ffff8881027e74e0 [ 13.247555] which belongs to the cache kmalloc-16 of size 16 [ 13.248163] The buggy address is located 8 bytes inside of [ 13.248163] allocated 9-byte region [ffff8881027e74e0, ffff8881027e74e9) [ 13.248599] [ 13.248682] The buggy address belongs to the physical page: [ 13.249093] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e7 [ 13.249451] flags: 0x200000000000000(node=0|zone=2) [ 13.249664] page_type: f5(slab) [ 13.249805] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.250096] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.250322] page dumped because: kasan: bad access detected [ 13.250527] [ 13.250617] Memory state around the buggy address: [ 13.250837] ffff8881027e7380: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 13.251162] ffff8881027e7400: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 13.251374] >ffff8881027e7480: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.251583] ^ [ 13.251873] ffff8881027e7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.252210] ffff8881027e7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.252646] ================================================================== [ 13.271565] ================================================================== [ 13.271943] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.272223] Write of size 8 at addr ffff8881027e74e8 by task kunit_try_catch/280 [ 13.272464] [ 13.272569] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 13.272607] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.272618] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.272636] Call Trace: [ 13.272649] <TASK> [ 13.272662] dump_stack_lvl+0x73/0xb0 [ 13.272684] print_report+0xd1/0x610 [ 13.272705] ? __virt_addr_valid+0x1db/0x2d0 [ 13.272725] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.272747] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.272769] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.272792] kasan_report+0x141/0x180 [ 13.272823] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.272851] kasan_check_range+0x10c/0x1c0 [ 13.272870] __kasan_check_write+0x18/0x20 [ 13.272902] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.272925] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.272948] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.272968] ? trace_hardirqs_on+0x37/0xe0 [ 13.272989] ? kasan_bitops_generic+0x92/0x1c0 [ 13.273013] kasan_bitops_generic+0x121/0x1c0 [ 13.273032] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.273052] ? __pfx_read_tsc+0x10/0x10 [ 13.273070] ? ktime_get_ts64+0x86/0x230 [ 13.273094] kunit_try_run_case+0x1a5/0x480 [ 13.273113] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.273136] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.273159] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.273182] ? __kthread_parkme+0x82/0x180 [ 13.273203] ? preempt_count_sub+0x50/0x80 [ 13.273226] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.273245] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.273268] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.273290] kthread+0x337/0x6f0 [ 13.273306] ? trace_preempt_on+0x20/0xc0 [ 13.273327] ? __pfx_kthread+0x10/0x10 [ 13.273344] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.273365] ? calculate_sigpending+0x7b/0xa0 [ 13.273385] ? __pfx_kthread+0x10/0x10 [ 13.273403] ret_from_fork+0x41/0x80 [ 13.273423] ? __pfx_kthread+0x10/0x10 [ 13.273440] ret_from_fork_asm+0x1a/0x30 [ 13.273470] </TASK> [ 13.273479] [ 13.281446] Allocated by task 280: [ 13.281581] kasan_save_stack+0x45/0x70 [ 13.281774] kasan_save_track+0x18/0x40 [ 13.281975] kasan_save_alloc_info+0x3b/0x50 [ 13.282167] __kasan_kmalloc+0xb7/0xc0 [ 13.282327] __kmalloc_cache_noprof+0x189/0x420 [ 13.282476] kasan_bitops_generic+0x92/0x1c0 [ 13.282618] kunit_try_run_case+0x1a5/0x480 [ 13.282757] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.283007] kthread+0x337/0x6f0 [ 13.283179] ret_from_fork+0x41/0x80 [ 13.283356] ret_from_fork_asm+0x1a/0x30 [ 13.283550] [ 13.283638] The buggy address belongs to the object at ffff8881027e74e0 [ 13.283638] which belongs to the cache kmalloc-16 of size 16 [ 13.284237] The buggy address is located 8 bytes inside of [ 13.284237] allocated 9-byte region [ffff8881027e74e0, ffff8881027e74e9) [ 13.284726] [ 13.284814] The buggy address belongs to the physical page: [ 13.285042] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e7 [ 13.285380] flags: 0x200000000000000(node=0|zone=2) [ 13.285570] page_type: f5(slab) [ 13.285734] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.286112] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.286390] page dumped because: kasan: bad access detected [ 13.286559] [ 13.286626] Memory state around the buggy address: [ 13.286778] ffff8881027e7380: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 13.287102] ffff8881027e7400: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 13.287416] >ffff8881027e7480: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.287729] ^ [ 13.287986] ffff8881027e7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.288197] ffff8881027e7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.288654] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 13.131897] ================================================================== [ 13.132282] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.132663] Write of size 8 at addr ffff8881027e74e8 by task kunit_try_catch/280 [ 13.133063] [ 13.133175] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 13.133246] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.133256] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.133276] Call Trace: [ 13.133288] <TASK> [ 13.133315] dump_stack_lvl+0x73/0xb0 [ 13.133352] print_report+0xd1/0x610 [ 13.133386] ? __virt_addr_valid+0x1db/0x2d0 [ 13.133406] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.133426] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.133447] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.133468] kasan_report+0x141/0x180 [ 13.133490] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.133516] kasan_check_range+0x10c/0x1c0 [ 13.133535] __kasan_check_write+0x18/0x20 [ 13.133554] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.133576] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.133598] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.133618] ? trace_hardirqs_on+0x37/0xe0 [ 13.133638] ? kasan_bitops_generic+0x92/0x1c0 [ 13.133662] kasan_bitops_generic+0x116/0x1c0 [ 13.133681] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.133702] ? __pfx_read_tsc+0x10/0x10 [ 13.133720] ? ktime_get_ts64+0x86/0x230 [ 13.133743] kunit_try_run_case+0x1a5/0x480 [ 13.133763] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.133781] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.133827] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.133850] ? __kthread_parkme+0x82/0x180 [ 13.133871] ? preempt_count_sub+0x50/0x80 [ 13.133903] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.133922] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.133944] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.133967] kthread+0x337/0x6f0 [ 13.133982] ? trace_preempt_on+0x20/0xc0 [ 13.134003] ? __pfx_kthread+0x10/0x10 [ 13.134021] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.134041] ? calculate_sigpending+0x7b/0xa0 [ 13.134060] ? __pfx_kthread+0x10/0x10 [ 13.134079] ret_from_fork+0x41/0x80 [ 13.134098] ? __pfx_kthread+0x10/0x10 [ 13.134115] ret_from_fork_asm+0x1a/0x30 [ 13.134145] </TASK> [ 13.134155] [ 13.142219] Allocated by task 280: [ 13.142412] kasan_save_stack+0x45/0x70 [ 13.142625] kasan_save_track+0x18/0x40 [ 13.142867] kasan_save_alloc_info+0x3b/0x50 [ 13.143084] __kasan_kmalloc+0xb7/0xc0 [ 13.143286] __kmalloc_cache_noprof+0x189/0x420 [ 13.143446] kasan_bitops_generic+0x92/0x1c0 [ 13.143636] kunit_try_run_case+0x1a5/0x480 [ 13.143897] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.144132] kthread+0x337/0x6f0 [ 13.144292] ret_from_fork+0x41/0x80 [ 13.144472] ret_from_fork_asm+0x1a/0x30 [ 13.144667] [ 13.144754] The buggy address belongs to the object at ffff8881027e74e0 [ 13.144754] which belongs to the cache kmalloc-16 of size 16 [ 13.145303] The buggy address is located 8 bytes inside of [ 13.145303] allocated 9-byte region [ffff8881027e74e0, ffff8881027e74e9) [ 13.145774] [ 13.145920] The buggy address belongs to the physical page: [ 13.146146] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e7 [ 13.146491] flags: 0x200000000000000(node=0|zone=2) [ 13.146688] page_type: f5(slab) [ 13.146894] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.147212] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.147525] page dumped because: kasan: bad access detected [ 13.147769] [ 13.147889] Memory state around the buggy address: [ 13.148149] ffff8881027e7380: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 13.148517] ffff8881027e7400: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 13.148910] >ffff8881027e7480: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.149238] ^ [ 13.149527] ffff8881027e7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.149856] ffff8881027e7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.150119] ================================================================== [ 13.094537] ================================================================== [ 13.094961] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.095280] Write of size 8 at addr ffff8881027e74e8 by task kunit_try_catch/280 [ 13.095567] [ 13.095691] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 13.095734] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.095745] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.095782] Call Trace: [ 13.095814] <TASK> [ 13.095845] dump_stack_lvl+0x73/0xb0 [ 13.095869] print_report+0xd1/0x610 [ 13.095901] ? __virt_addr_valid+0x1db/0x2d0 [ 13.095921] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.095942] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.095964] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.095985] kasan_report+0x141/0x180 [ 13.096007] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.096033] kasan_check_range+0x10c/0x1c0 [ 13.096053] __kasan_check_write+0x18/0x20 [ 13.096090] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.096112] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.096135] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.096155] ? trace_hardirqs_on+0x37/0xe0 [ 13.096193] ? kasan_bitops_generic+0x92/0x1c0 [ 13.096216] kasan_bitops_generic+0x116/0x1c0 [ 13.096235] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.096256] ? __pfx_read_tsc+0x10/0x10 [ 13.096274] ? ktime_get_ts64+0x86/0x230 [ 13.096298] kunit_try_run_case+0x1a5/0x480 [ 13.096318] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.096335] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.096359] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.096381] ? __kthread_parkme+0x82/0x180 [ 13.096420] ? preempt_count_sub+0x50/0x80 [ 13.096445] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.096464] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.096486] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.096509] kthread+0x337/0x6f0 [ 13.096524] ? trace_preempt_on+0x20/0xc0 [ 13.096546] ? __pfx_kthread+0x10/0x10 [ 13.096581] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.096602] ? calculate_sigpending+0x7b/0xa0 [ 13.096622] ? __pfx_kthread+0x10/0x10 [ 13.096639] ret_from_fork+0x41/0x80 [ 13.096675] ? __pfx_kthread+0x10/0x10 [ 13.096692] ret_from_fork_asm+0x1a/0x30 [ 13.096722] </TASK> [ 13.096731] [ 13.105047] Allocated by task 280: [ 13.105234] kasan_save_stack+0x45/0x70 [ 13.105389] kasan_save_track+0x18/0x40 [ 13.105567] kasan_save_alloc_info+0x3b/0x50 [ 13.105735] __kasan_kmalloc+0xb7/0xc0 [ 13.105961] __kmalloc_cache_noprof+0x189/0x420 [ 13.106160] kasan_bitops_generic+0x92/0x1c0 [ 13.106303] kunit_try_run_case+0x1a5/0x480 [ 13.106472] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.106749] kthread+0x337/0x6f0 [ 13.106948] ret_from_fork+0x41/0x80 [ 13.107158] ret_from_fork_asm+0x1a/0x30 [ 13.107370] [ 13.107454] The buggy address belongs to the object at ffff8881027e74e0 [ 13.107454] which belongs to the cache kmalloc-16 of size 16 [ 13.108066] The buggy address is located 8 bytes inside of [ 13.108066] allocated 9-byte region [ffff8881027e74e0, ffff8881027e74e9) [ 13.108575] [ 13.108664] The buggy address belongs to the physical page: [ 13.108873] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e7 [ 13.109119] flags: 0x200000000000000(node=0|zone=2) [ 13.109395] page_type: f5(slab) [ 13.109559] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.109958] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.110292] page dumped because: kasan: bad access detected [ 13.110559] [ 13.110635] Memory state around the buggy address: [ 13.110871] ffff8881027e7380: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 13.111179] ffff8881027e7400: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 13.111472] >ffff8881027e7480: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.111763] ^ [ 13.112072] ffff8881027e7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.112401] ffff8881027e7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.112708] ================================================================== [ 13.113367] ================================================================== [ 13.113739] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.114140] Write of size 8 at addr ffff8881027e74e8 by task kunit_try_catch/280 [ 13.114450] [ 13.114531] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 13.114591] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.114603] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.114622] Call Trace: [ 13.114635] <TASK> [ 13.114648] dump_stack_lvl+0x73/0xb0 [ 13.114671] print_report+0xd1/0x610 [ 13.114692] ? __virt_addr_valid+0x1db/0x2d0 [ 13.114712] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.114733] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.114772] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.114811] kasan_report+0x141/0x180 [ 13.114833] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.114859] kasan_check_range+0x10c/0x1c0 [ 13.114887] __kasan_check_write+0x18/0x20 [ 13.114906] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.114927] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.114966] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.114986] ? trace_hardirqs_on+0x37/0xe0 [ 13.115007] ? kasan_bitops_generic+0x92/0x1c0 [ 13.115030] kasan_bitops_generic+0x116/0x1c0 [ 13.115050] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.115070] ? __pfx_read_tsc+0x10/0x10 [ 13.115088] ? ktime_get_ts64+0x86/0x230 [ 13.115128] kunit_try_run_case+0x1a5/0x480 [ 13.115149] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.115169] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.115191] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.115214] ? __kthread_parkme+0x82/0x180 [ 13.115235] ? preempt_count_sub+0x50/0x80 [ 13.115258] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.115294] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.115317] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.115339] kthread+0x337/0x6f0 [ 13.115354] ? trace_preempt_on+0x20/0xc0 [ 13.115376] ? __pfx_kthread+0x10/0x10 [ 13.115408] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.115429] ? calculate_sigpending+0x7b/0xa0 [ 13.115449] ? __pfx_kthread+0x10/0x10 [ 13.115467] ret_from_fork+0x41/0x80 [ 13.115486] ? __pfx_kthread+0x10/0x10 [ 13.115503] ret_from_fork_asm+0x1a/0x30 [ 13.115629] </TASK> [ 13.115640] [ 13.123569] Allocated by task 280: [ 13.123750] kasan_save_stack+0x45/0x70 [ 13.124015] kasan_save_track+0x18/0x40 [ 13.124230] kasan_save_alloc_info+0x3b/0x50 [ 13.124434] __kasan_kmalloc+0xb7/0xc0 [ 13.124602] __kmalloc_cache_noprof+0x189/0x420 [ 13.124852] kasan_bitops_generic+0x92/0x1c0 [ 13.125012] kunit_try_run_case+0x1a5/0x480 [ 13.125159] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.125331] kthread+0x337/0x6f0 [ 13.125447] ret_from_fork+0x41/0x80 [ 13.125574] ret_from_fork_asm+0x1a/0x30 [ 13.125710] [ 13.125779] The buggy address belongs to the object at ffff8881027e74e0 [ 13.125779] which belongs to the cache kmalloc-16 of size 16 [ 13.126331] The buggy address is located 8 bytes inside of [ 13.126331] allocated 9-byte region [ffff8881027e74e0, ffff8881027e74e9) [ 13.126978] [ 13.127103] The buggy address belongs to the physical page: [ 13.127388] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e7 [ 13.127761] flags: 0x200000000000000(node=0|zone=2) [ 13.128131] page_type: f5(slab) [ 13.128322] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.128705] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.129061] page dumped because: kasan: bad access detected [ 13.129307] [ 13.129393] Memory state around the buggy address: [ 13.129596] ffff8881027e7380: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 13.129835] ffff8881027e7400: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 13.130158] >ffff8881027e7480: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.130528] ^ [ 13.130876] ffff8881027e7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.131189] ffff8881027e7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.131482] ================================================================== [ 13.056037] ================================================================== [ 13.056341] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.056627] Write of size 8 at addr ffff8881027e74e8 by task kunit_try_catch/280 [ 13.057227] [ 13.057435] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 13.057479] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.057490] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.057509] Call Trace: [ 13.057520] <TASK> [ 13.057532] dump_stack_lvl+0x73/0xb0 [ 13.057579] print_report+0xd1/0x610 [ 13.057602] ? __virt_addr_valid+0x1db/0x2d0 [ 13.057622] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.057642] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.057665] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.057697] kasan_report+0x141/0x180 [ 13.057719] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.057745] kasan_check_range+0x10c/0x1c0 [ 13.057765] __kasan_check_write+0x18/0x20 [ 13.057802] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.057823] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.057846] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.057867] ? trace_hardirqs_on+0x37/0xe0 [ 13.057902] ? kasan_bitops_generic+0x92/0x1c0 [ 13.057926] kasan_bitops_generic+0x116/0x1c0 [ 13.057946] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.057967] ? __pfx_read_tsc+0x10/0x10 [ 13.057986] ? ktime_get_ts64+0x86/0x230 [ 13.058010] kunit_try_run_case+0x1a5/0x480 [ 13.058032] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.058050] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.058074] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.058097] ? __kthread_parkme+0x82/0x180 [ 13.058120] ? preempt_count_sub+0x50/0x80 [ 13.058161] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.058180] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.058202] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.058225] kthread+0x337/0x6f0 [ 13.058242] ? trace_preempt_on+0x20/0xc0 [ 13.058262] ? __pfx_kthread+0x10/0x10 [ 13.058280] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.058300] ? calculate_sigpending+0x7b/0xa0 [ 13.058336] ? __pfx_kthread+0x10/0x10 [ 13.058354] ret_from_fork+0x41/0x80 [ 13.058373] ? __pfx_kthread+0x10/0x10 [ 13.058390] ret_from_fork_asm+0x1a/0x30 [ 13.058420] </TASK> [ 13.058429] [ 13.067030] Allocated by task 280: [ 13.067219] kasan_save_stack+0x45/0x70 [ 13.067423] kasan_save_track+0x18/0x40 [ 13.067629] kasan_save_alloc_info+0x3b/0x50 [ 13.067814] __kasan_kmalloc+0xb7/0xc0 [ 13.067989] __kmalloc_cache_noprof+0x189/0x420 [ 13.068168] kasan_bitops_generic+0x92/0x1c0 [ 13.068356] kunit_try_run_case+0x1a5/0x480 [ 13.068552] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.068771] kthread+0x337/0x6f0 [ 13.069009] ret_from_fork+0x41/0x80 [ 13.069146] ret_from_fork_asm+0x1a/0x30 [ 13.069317] [ 13.069432] The buggy address belongs to the object at ffff8881027e74e0 [ 13.069432] which belongs to the cache kmalloc-16 of size 16 [ 13.070025] The buggy address is located 8 bytes inside of [ 13.070025] allocated 9-byte region [ffff8881027e74e0, ffff8881027e74e9) [ 13.070493] [ 13.070579] The buggy address belongs to the physical page: [ 13.070830] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e7 [ 13.071182] flags: 0x200000000000000(node=0|zone=2) [ 13.071404] page_type: f5(slab) [ 13.071541] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.071939] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.072222] page dumped because: kasan: bad access detected [ 13.072482] [ 13.072578] Memory state around the buggy address: [ 13.072750] ffff8881027e7380: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 13.073173] ffff8881027e7400: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 13.073387] >ffff8881027e7480: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.073598] ^ [ 13.073797] ffff8881027e7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.074124] ffff8881027e7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.074455] ================================================================== [ 13.151046] ================================================================== [ 13.151396] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.151763] Write of size 8 at addr ffff8881027e74e8 by task kunit_try_catch/280 [ 13.152290] [ 13.152399] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 13.152441] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.152451] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.152469] Call Trace: [ 13.152481] <TASK> [ 13.152493] dump_stack_lvl+0x73/0xb0 [ 13.152541] print_report+0xd1/0x610 [ 13.152562] ? __virt_addr_valid+0x1db/0x2d0 [ 13.152582] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.152603] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.152624] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.152645] kasan_report+0x141/0x180 [ 13.152667] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.152710] kasan_check_range+0x10c/0x1c0 [ 13.152730] __kasan_check_write+0x18/0x20 [ 13.152749] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.152771] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.152792] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.152834] ? trace_hardirqs_on+0x37/0xe0 [ 13.152873] ? kasan_bitops_generic+0x92/0x1c0 [ 13.152905] kasan_bitops_generic+0x116/0x1c0 [ 13.152925] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.152946] ? __pfx_read_tsc+0x10/0x10 [ 13.152964] ? ktime_get_ts64+0x86/0x230 [ 13.152987] kunit_try_run_case+0x1a5/0x480 [ 13.153006] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.153025] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.153047] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.153089] ? __kthread_parkme+0x82/0x180 [ 13.153111] ? preempt_count_sub+0x50/0x80 [ 13.153139] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.153159] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.153181] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.153204] kthread+0x337/0x6f0 [ 13.153219] ? trace_preempt_on+0x20/0xc0 [ 13.153241] ? __pfx_kthread+0x10/0x10 [ 13.153276] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.153298] ? calculate_sigpending+0x7b/0xa0 [ 13.153319] ? __pfx_kthread+0x10/0x10 [ 13.153337] ret_from_fork+0x41/0x80 [ 13.153356] ? __pfx_kthread+0x10/0x10 [ 13.153373] ret_from_fork_asm+0x1a/0x30 [ 13.153403] </TASK> [ 13.153412] [ 13.161643] Allocated by task 280: [ 13.161871] kasan_save_stack+0x45/0x70 [ 13.162075] kasan_save_track+0x18/0x40 [ 13.162259] kasan_save_alloc_info+0x3b/0x50 [ 13.162480] __kasan_kmalloc+0xb7/0xc0 [ 13.162667] __kmalloc_cache_noprof+0x189/0x420 [ 13.162913] kasan_bitops_generic+0x92/0x1c0 [ 13.163144] kunit_try_run_case+0x1a5/0x480 [ 13.163348] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.163533] kthread+0x337/0x6f0 [ 13.163650] ret_from_fork+0x41/0x80 [ 13.163896] ret_from_fork_asm+0x1a/0x30 [ 13.164140] [ 13.164250] The buggy address belongs to the object at ffff8881027e74e0 [ 13.164250] which belongs to the cache kmalloc-16 of size 16 [ 13.164813] The buggy address is located 8 bytes inside of [ 13.164813] allocated 9-byte region [ffff8881027e74e0, ffff8881027e74e9) [ 13.165333] [ 13.165460] The buggy address belongs to the physical page: [ 13.165740] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e7 [ 13.166125] flags: 0x200000000000000(node=0|zone=2) [ 13.166375] page_type: f5(slab) [ 13.166542] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.166825] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.167060] page dumped because: kasan: bad access detected [ 13.167228] [ 13.167295] Memory state around the buggy address: [ 13.167546] ffff8881027e7380: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 13.167938] ffff8881027e7400: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 13.168254] >ffff8881027e7480: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.168587] ^ [ 13.168925] ffff8881027e7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.169241] ffff8881027e7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.169500] ================================================================== [ 13.074970] ================================================================== [ 13.075708] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.076050] Write of size 8 at addr ffff8881027e74e8 by task kunit_try_catch/280 [ 13.076278] [ 13.076361] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 13.076401] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.076412] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.076456] Call Trace: [ 13.076469] <TASK> [ 13.076482] dump_stack_lvl+0x73/0xb0 [ 13.076505] print_report+0xd1/0x610 [ 13.076526] ? __virt_addr_valid+0x1db/0x2d0 [ 13.076546] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.076566] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.076589] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.076610] kasan_report+0x141/0x180 [ 13.076633] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.076659] kasan_check_range+0x10c/0x1c0 [ 13.076678] __kasan_check_write+0x18/0x20 [ 13.076719] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.076743] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.076783] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.076804] ? trace_hardirqs_on+0x37/0xe0 [ 13.076825] ? kasan_bitops_generic+0x92/0x1c0 [ 13.076849] kasan_bitops_generic+0x116/0x1c0 [ 13.076896] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.076917] ? __pfx_read_tsc+0x10/0x10 [ 13.076936] ? ktime_get_ts64+0x86/0x230 [ 13.076959] kunit_try_run_case+0x1a5/0x480 [ 13.076979] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.076999] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.077041] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.077064] ? __kthread_parkme+0x82/0x180 [ 13.077084] ? preempt_count_sub+0x50/0x80 [ 13.077107] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.077132] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.077155] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.077176] kthread+0x337/0x6f0 [ 13.077210] ? trace_preempt_on+0x20/0xc0 [ 13.077231] ? __pfx_kthread+0x10/0x10 [ 13.077248] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.077270] ? calculate_sigpending+0x7b/0xa0 [ 13.077290] ? __pfx_kthread+0x10/0x10 [ 13.077307] ret_from_fork+0x41/0x80 [ 13.077327] ? __pfx_kthread+0x10/0x10 [ 13.077344] ret_from_fork_asm+0x1a/0x30 [ 13.077374] </TASK> [ 13.077383] [ 13.085928] Allocated by task 280: [ 13.086099] kasan_save_stack+0x45/0x70 [ 13.086271] kasan_save_track+0x18/0x40 [ 13.086402] kasan_save_alloc_info+0x3b/0x50 [ 13.086606] __kasan_kmalloc+0xb7/0xc0 [ 13.086806] __kmalloc_cache_noprof+0x189/0x420 [ 13.087009] kasan_bitops_generic+0x92/0x1c0 [ 13.087222] kunit_try_run_case+0x1a5/0x480 [ 13.087458] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.087778] kthread+0x337/0x6f0 [ 13.087965] ret_from_fork+0x41/0x80 [ 13.088142] ret_from_fork_asm+0x1a/0x30 [ 13.088347] [ 13.088438] The buggy address belongs to the object at ffff8881027e74e0 [ 13.088438] which belongs to the cache kmalloc-16 of size 16 [ 13.088977] The buggy address is located 8 bytes inside of [ 13.088977] allocated 9-byte region [ffff8881027e74e0, ffff8881027e74e9) [ 13.089470] [ 13.089540] The buggy address belongs to the physical page: [ 13.089708] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e7 [ 13.090736] flags: 0x200000000000000(node=0|zone=2) [ 13.090959] page_type: f5(slab) [ 13.091080] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.091303] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.091532] page dumped because: kasan: bad access detected [ 13.091748] [ 13.091903] Memory state around the buggy address: [ 13.092160] ffff8881027e7380: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 13.092464] ffff8881027e7400: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 13.092769] >ffff8881027e7480: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.093037] ^ [ 13.093308] ffff8881027e7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.093640] ffff8881027e7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.094020] ================================================================== [ 13.034089] ================================================================== [ 13.034458] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.035113] Write of size 8 at addr ffff8881027e74e8 by task kunit_try_catch/280 [ 13.035371] [ 13.035468] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 13.035510] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.035521] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.035540] Call Trace: [ 13.035551] <TASK> [ 13.035564] dump_stack_lvl+0x73/0xb0 [ 13.035588] print_report+0xd1/0x610 [ 13.035610] ? __virt_addr_valid+0x1db/0x2d0 [ 13.035631] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.035652] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.035675] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.035720] kasan_report+0x141/0x180 [ 13.035744] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.035771] kasan_check_range+0x10c/0x1c0 [ 13.035793] __kasan_check_write+0x18/0x20 [ 13.035814] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.035835] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.035857] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.035891] ? trace_hardirqs_on+0x37/0xe0 [ 13.035914] ? kasan_bitops_generic+0x92/0x1c0 [ 13.035938] kasan_bitops_generic+0x116/0x1c0 [ 13.035957] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.035978] ? __pfx_read_tsc+0x10/0x10 [ 13.035997] ? ktime_get_ts64+0x86/0x230 [ 13.036021] kunit_try_run_case+0x1a5/0x480 [ 13.036044] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.036061] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.036085] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.036125] ? __kthread_parkme+0x82/0x180 [ 13.036147] ? preempt_count_sub+0x50/0x80 [ 13.036185] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.036218] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.036255] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.036277] kthread+0x337/0x6f0 [ 13.036293] ? trace_preempt_on+0x20/0xc0 [ 13.036314] ? __pfx_kthread+0x10/0x10 [ 13.036332] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.036352] ? calculate_sigpending+0x7b/0xa0 [ 13.036382] ? __pfx_kthread+0x10/0x10 [ 13.036400] ret_from_fork+0x41/0x80 [ 13.036419] ? __pfx_kthread+0x10/0x10 [ 13.036436] ret_from_fork_asm+0x1a/0x30 [ 13.036466] </TASK> [ 13.036475] [ 13.046352] Allocated by task 280: [ 13.046536] kasan_save_stack+0x45/0x70 [ 13.046687] kasan_save_track+0x18/0x40 [ 13.046820] kasan_save_alloc_info+0x3b/0x50 [ 13.046975] __kasan_kmalloc+0xb7/0xc0 [ 13.047159] __kmalloc_cache_noprof+0x189/0x420 [ 13.047379] kasan_bitops_generic+0x92/0x1c0 [ 13.047767] kunit_try_run_case+0x1a5/0x480 [ 13.048017] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.048252] kthread+0x337/0x6f0 [ 13.048454] ret_from_fork+0x41/0x80 [ 13.048633] ret_from_fork_asm+0x1a/0x30 [ 13.049092] [ 13.049197] The buggy address belongs to the object at ffff8881027e74e0 [ 13.049197] which belongs to the cache kmalloc-16 of size 16 [ 13.049603] The buggy address is located 8 bytes inside of [ 13.049603] allocated 9-byte region [ffff8881027e74e0, ffff8881027e74e9) [ 13.050160] [ 13.050403] The buggy address belongs to the physical page: [ 13.050753] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e7 [ 13.051080] flags: 0x200000000000000(node=0|zone=2) [ 13.051242] page_type: f5(slab) [ 13.051397] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.051766] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.052312] page dumped because: kasan: bad access detected [ 13.052586] [ 13.052688] Memory state around the buggy address: [ 13.053084] ffff8881027e7380: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 13.053447] ffff8881027e7400: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 13.053755] >ffff8881027e7480: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.054115] ^ [ 13.054316] ffff8881027e7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.054611] ffff8881027e7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.055189] ================================================================== [ 13.002440] ================================================================== [ 13.003108] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.003373] Write of size 8 at addr ffff8881027e74e8 by task kunit_try_catch/280 [ 13.003598] [ 13.003691] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 13.003737] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.003749] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.003769] Call Trace: [ 13.003781] <TASK> [ 13.003797] dump_stack_lvl+0x73/0xb0 [ 13.003819] print_report+0xd1/0x610 [ 13.003842] ? __virt_addr_valid+0x1db/0x2d0 [ 13.003863] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.003893] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.003915] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.003936] kasan_report+0x141/0x180 [ 13.003958] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.003984] kasan_check_range+0x10c/0x1c0 [ 13.004004] __kasan_check_write+0x18/0x20 [ 13.004023] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.004044] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.004067] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.004087] ? trace_hardirqs_on+0x37/0xe0 [ 13.004108] ? kasan_bitops_generic+0x92/0x1c0 [ 13.004131] kasan_bitops_generic+0x116/0x1c0 [ 13.004411] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.004467] ? __pfx_read_tsc+0x10/0x10 [ 13.004500] ? ktime_get_ts64+0x86/0x230 [ 13.004525] kunit_try_run_case+0x1a5/0x480 [ 13.004547] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.004565] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.004589] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.004612] ? __kthread_parkme+0x82/0x180 [ 13.004633] ? preempt_count_sub+0x50/0x80 [ 13.004657] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.004678] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.004701] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.004724] kthread+0x337/0x6f0 [ 13.004740] ? trace_preempt_on+0x20/0xc0 [ 13.004761] ? __pfx_kthread+0x10/0x10 [ 13.004779] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.004800] ? calculate_sigpending+0x7b/0xa0 [ 13.004820] ? __pfx_kthread+0x10/0x10 [ 13.004837] ret_from_fork+0x41/0x80 [ 13.004857] ? __pfx_kthread+0x10/0x10 [ 13.004873] ret_from_fork_asm+0x1a/0x30 [ 13.004913] </TASK> [ 13.004924] [ 13.022245] Allocated by task 280: [ 13.022381] kasan_save_stack+0x45/0x70 [ 13.022530] kasan_save_track+0x18/0x40 [ 13.022664] kasan_save_alloc_info+0x3b/0x50 [ 13.022952] __kasan_kmalloc+0xb7/0xc0 [ 13.023231] __kmalloc_cache_noprof+0x189/0x420 [ 13.023439] kasan_bitops_generic+0x92/0x1c0 [ 13.023638] kunit_try_run_case+0x1a5/0x480 [ 13.024260] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.024552] kthread+0x337/0x6f0 [ 13.024787] ret_from_fork+0x41/0x80 [ 13.025143] ret_from_fork_asm+0x1a/0x30 [ 13.025430] [ 13.025526] The buggy address belongs to the object at ffff8881027e74e0 [ 13.025526] which belongs to the cache kmalloc-16 of size 16 [ 13.026309] The buggy address is located 8 bytes inside of [ 13.026309] allocated 9-byte region [ffff8881027e74e0, ffff8881027e74e9) [ 13.027140] [ 13.027265] The buggy address belongs to the physical page: [ 13.027619] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e7 [ 13.028074] flags: 0x200000000000000(node=0|zone=2) [ 13.028416] page_type: f5(slab) [ 13.028615] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.029175] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.029519] page dumped because: kasan: bad access detected [ 13.030041] [ 13.030142] Memory state around the buggy address: [ 13.030340] ffff8881027e7380: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 13.030948] ffff8881027e7400: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 13.031261] >ffff8881027e7480: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.031588] ^ [ 13.032136] ffff8881027e7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.032602] ffff8881027e7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.033124] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 12.973432] ================================================================== [ 12.973661] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 12.973959] Read of size 1 at addr ffff8881022482d0 by task kunit_try_catch/278 [ 12.974348] [ 12.974453] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 12.974493] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.974504] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.974523] Call Trace: [ 12.974536] <TASK> [ 12.974548] dump_stack_lvl+0x73/0xb0 [ 12.974570] print_report+0xd1/0x610 [ 12.974592] ? __virt_addr_valid+0x1db/0x2d0 [ 12.974612] ? strnlen+0x73/0x80 [ 12.974630] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.974652] ? strnlen+0x73/0x80 [ 12.974671] kasan_report+0x141/0x180 [ 12.974728] ? strnlen+0x73/0x80 [ 12.974753] __asan_report_load1_noabort+0x18/0x20 [ 12.974773] strnlen+0x73/0x80 [ 12.974792] kasan_strings+0x615/0xe80 [ 12.974813] ? trace_hardirqs_on+0x37/0xe0 [ 12.974835] ? __pfx_kasan_strings+0x10/0x10 [ 12.974855] ? finish_task_switch.isra.0+0x153/0x700 [ 12.974877] ? __switch_to+0x5d9/0xf60 [ 12.974905] ? dequeue_task_fair+0x166/0x4e0 [ 12.974929] ? __schedule+0x10cc/0x2b60 [ 12.974951] ? __pfx_read_tsc+0x10/0x10 [ 12.974970] ? ktime_get_ts64+0x86/0x230 [ 12.974993] kunit_try_run_case+0x1a5/0x480 [ 12.975013] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.975031] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.975053] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.975075] ? __kthread_parkme+0x82/0x180 [ 12.975096] ? preempt_count_sub+0x50/0x80 [ 12.975119] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.975140] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.975161] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.975185] kthread+0x337/0x6f0 [ 12.975200] ? trace_preempt_on+0x20/0xc0 [ 12.975222] ? __pfx_kthread+0x10/0x10 [ 12.975239] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.975260] ? calculate_sigpending+0x7b/0xa0 [ 12.975281] ? __pfx_kthread+0x10/0x10 [ 12.975298] ret_from_fork+0x41/0x80 [ 12.975317] ? __pfx_kthread+0x10/0x10 [ 12.975334] ret_from_fork_asm+0x1a/0x30 [ 12.975363] </TASK> [ 12.975372] [ 12.983494] Allocated by task 278: [ 12.983638] kasan_save_stack+0x45/0x70 [ 12.983779] kasan_save_track+0x18/0x40 [ 12.983922] kasan_save_alloc_info+0x3b/0x50 [ 12.984064] __kasan_kmalloc+0xb7/0xc0 [ 12.984193] __kmalloc_cache_noprof+0x189/0x420 [ 12.984342] kasan_strings+0xc0/0xe80 [ 12.984470] kunit_try_run_case+0x1a5/0x480 [ 12.984609] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.984949] kthread+0x337/0x6f0 [ 12.985115] ret_from_fork+0x41/0x80 [ 12.985300] ret_from_fork_asm+0x1a/0x30 [ 12.985491] [ 12.985581] Freed by task 278: [ 12.985752] kasan_save_stack+0x45/0x70 [ 12.986183] kasan_save_track+0x18/0x40 [ 12.986392] kasan_save_free_info+0x3f/0x60 [ 12.986592] __kasan_slab_free+0x56/0x70 [ 12.986987] kfree+0x222/0x3f0 [ 12.987128] kasan_strings+0x2aa/0xe80 [ 12.987259] kunit_try_run_case+0x1a5/0x480 [ 12.987398] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.987569] kthread+0x337/0x6f0 [ 12.987683] ret_from_fork+0x41/0x80 [ 12.988924] ret_from_fork_asm+0x1a/0x30 [ 12.989144] [ 12.989240] The buggy address belongs to the object at ffff8881022482c0 [ 12.989240] which belongs to the cache kmalloc-32 of size 32 [ 12.989759] The buggy address is located 16 bytes inside of [ 12.989759] freed 32-byte region [ffff8881022482c0, ffff8881022482e0) [ 12.990719] [ 12.990790] The buggy address belongs to the physical page: [ 12.991541] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102248 [ 12.992481] flags: 0x200000000000000(node=0|zone=2) [ 12.993149] page_type: f5(slab) [ 12.993645] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.994345] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 12.994899] page dumped because: kasan: bad access detected [ 12.995144] [ 12.995235] Memory state around the buggy address: [ 12.995448] ffff888102248180: fa fb fb fb fc fc fc fc 00 00 07 fc fc fc fc fc [ 12.996059] ffff888102248200: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 12.996581] >ffff888102248280: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 12.997518] ^ [ 12.998259] ffff888102248300: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.998586] ffff888102248380: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 12.999100] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 12.952760] ================================================================== [ 12.953057] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 12.953349] Read of size 1 at addr ffff8881022482d0 by task kunit_try_catch/278 [ 12.953636] [ 12.953810] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 12.953851] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.953863] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.953895] Call Trace: [ 12.953906] <TASK> [ 12.953919] dump_stack_lvl+0x73/0xb0 [ 12.953941] print_report+0xd1/0x610 [ 12.953962] ? __virt_addr_valid+0x1db/0x2d0 [ 12.953982] ? strlen+0x8f/0xb0 [ 12.953999] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.954021] ? strlen+0x8f/0xb0 [ 12.954039] kasan_report+0x141/0x180 [ 12.954061] ? strlen+0x8f/0xb0 [ 12.954084] __asan_report_load1_noabort+0x18/0x20 [ 12.954104] strlen+0x8f/0xb0 [ 12.954123] kasan_strings+0x57b/0xe80 [ 12.954142] ? trace_hardirqs_on+0x37/0xe0 [ 12.954164] ? __pfx_kasan_strings+0x10/0x10 [ 12.954184] ? finish_task_switch.isra.0+0x153/0x700 [ 12.954205] ? __switch_to+0x5d9/0xf60 [ 12.954224] ? dequeue_task_fair+0x166/0x4e0 [ 12.954247] ? __schedule+0x10cc/0x2b60 [ 12.954268] ? __pfx_read_tsc+0x10/0x10 [ 12.954287] ? ktime_get_ts64+0x86/0x230 [ 12.954310] kunit_try_run_case+0x1a5/0x480 [ 12.954329] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.954347] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.954369] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.954392] ? __kthread_parkme+0x82/0x180 [ 12.954412] ? preempt_count_sub+0x50/0x80 [ 12.954434] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.954456] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.954478] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.954500] kthread+0x337/0x6f0 [ 12.954516] ? trace_preempt_on+0x20/0xc0 [ 12.954537] ? __pfx_kthread+0x10/0x10 [ 12.954554] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.954575] ? calculate_sigpending+0x7b/0xa0 [ 12.954595] ? __pfx_kthread+0x10/0x10 [ 12.954613] ret_from_fork+0x41/0x80 [ 12.954632] ? __pfx_kthread+0x10/0x10 [ 12.954649] ret_from_fork_asm+0x1a/0x30 [ 12.954679] </TASK> [ 12.954688] [ 12.962804] Allocated by task 278: [ 12.962985] kasan_save_stack+0x45/0x70 [ 12.963162] kasan_save_track+0x18/0x40 [ 12.963322] kasan_save_alloc_info+0x3b/0x50 [ 12.963465] __kasan_kmalloc+0xb7/0xc0 [ 12.963595] __kmalloc_cache_noprof+0x189/0x420 [ 12.963744] kasan_strings+0xc0/0xe80 [ 12.963873] kunit_try_run_case+0x1a5/0x480 [ 12.964084] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.964393] kthread+0x337/0x6f0 [ 12.964559] ret_from_fork+0x41/0x80 [ 12.964736] ret_from_fork_asm+0x1a/0x30 [ 12.965209] [ 12.965315] Freed by task 278: [ 12.965477] kasan_save_stack+0x45/0x70 [ 12.965643] kasan_save_track+0x18/0x40 [ 12.965941] kasan_save_free_info+0x3f/0x60 [ 12.966138] __kasan_slab_free+0x56/0x70 [ 12.966328] kfree+0x222/0x3f0 [ 12.966468] kasan_strings+0x2aa/0xe80 [ 12.966648] kunit_try_run_case+0x1a5/0x480 [ 12.966923] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.967113] kthread+0x337/0x6f0 [ 12.967228] ret_from_fork+0x41/0x80 [ 12.967354] ret_from_fork_asm+0x1a/0x30 [ 12.967514] [ 12.967608] The buggy address belongs to the object at ffff8881022482c0 [ 12.967608] which belongs to the cache kmalloc-32 of size 32 [ 12.968201] The buggy address is located 16 bytes inside of [ 12.968201] freed 32-byte region [ffff8881022482c0, ffff8881022482e0) [ 12.968690] [ 12.968759] The buggy address belongs to the physical page: [ 12.968939] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102248 [ 12.969183] flags: 0x200000000000000(node=0|zone=2) [ 12.969342] page_type: f5(slab) [ 12.969460] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.970131] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 12.970467] page dumped because: kasan: bad access detected [ 12.970717] [ 12.970808] Memory state around the buggy address: [ 12.971043] ffff888102248180: fa fb fb fb fc fc fc fc 00 00 07 fc fc fc fc fc [ 12.971499] ffff888102248200: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 12.971786] >ffff888102248280: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 12.972116] ^ [ 12.972364] ffff888102248300: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.972624] ffff888102248380: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 12.973003] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 12.931084] ================================================================== [ 12.931401] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 12.931816] Read of size 1 at addr ffff8881022482d0 by task kunit_try_catch/278 [ 12.932364] [ 12.932497] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 12.932557] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.932568] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.932588] Call Trace: [ 12.932602] <TASK> [ 12.932617] dump_stack_lvl+0x73/0xb0 [ 12.932643] print_report+0xd1/0x610 [ 12.932664] ? __virt_addr_valid+0x1db/0x2d0 [ 12.932731] ? kasan_strings+0xcbc/0xe80 [ 12.932754] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.932778] ? kasan_strings+0xcbc/0xe80 [ 12.932799] kasan_report+0x141/0x180 [ 12.932822] ? kasan_strings+0xcbc/0xe80 [ 12.932847] __asan_report_load1_noabort+0x18/0x20 [ 12.932868] kasan_strings+0xcbc/0xe80 [ 12.932899] ? trace_hardirqs_on+0x37/0xe0 [ 12.932921] ? __pfx_kasan_strings+0x10/0x10 [ 12.932941] ? finish_task_switch.isra.0+0x153/0x700 [ 12.932963] ? __switch_to+0x5d9/0xf60 [ 12.932982] ? dequeue_task_fair+0x166/0x4e0 [ 12.933005] ? __schedule+0x10cc/0x2b60 [ 12.933027] ? __pfx_read_tsc+0x10/0x10 [ 12.933046] ? ktime_get_ts64+0x86/0x230 [ 12.933070] kunit_try_run_case+0x1a5/0x480 [ 12.933090] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.933108] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.933134] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.933158] ? __kthread_parkme+0x82/0x180 [ 12.933179] ? preempt_count_sub+0x50/0x80 [ 12.933203] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.933225] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.933248] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.933270] kthread+0x337/0x6f0 [ 12.933286] ? trace_preempt_on+0x20/0xc0 [ 12.933307] ? __pfx_kthread+0x10/0x10 [ 12.933325] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.933346] ? calculate_sigpending+0x7b/0xa0 [ 12.933367] ? __pfx_kthread+0x10/0x10 [ 12.933384] ret_from_fork+0x41/0x80 [ 12.933404] ? __pfx_kthread+0x10/0x10 [ 12.933420] ret_from_fork_asm+0x1a/0x30 [ 12.933450] </TASK> [ 12.933460] [ 12.941995] Allocated by task 278: [ 12.942120] kasan_save_stack+0x45/0x70 [ 12.942319] kasan_save_track+0x18/0x40 [ 12.942536] kasan_save_alloc_info+0x3b/0x50 [ 12.942776] __kasan_kmalloc+0xb7/0xc0 [ 12.943051] __kmalloc_cache_noprof+0x189/0x420 [ 12.943266] kasan_strings+0xc0/0xe80 [ 12.943393] kunit_try_run_case+0x1a5/0x480 [ 12.943612] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.944110] kthread+0x337/0x6f0 [ 12.944278] ret_from_fork+0x41/0x80 [ 12.944446] ret_from_fork_asm+0x1a/0x30 [ 12.944590] [ 12.944668] Freed by task 278: [ 12.944836] kasan_save_stack+0x45/0x70 [ 12.944980] kasan_save_track+0x18/0x40 [ 12.945108] kasan_save_free_info+0x3f/0x60 [ 12.945250] __kasan_slab_free+0x56/0x70 [ 12.945460] kfree+0x222/0x3f0 [ 12.945617] kasan_strings+0x2aa/0xe80 [ 12.945801] kunit_try_run_case+0x1a5/0x480 [ 12.946024] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.946273] kthread+0x337/0x6f0 [ 12.946431] ret_from_fork+0x41/0x80 [ 12.946557] ret_from_fork_asm+0x1a/0x30 [ 12.946692] [ 12.946761] The buggy address belongs to the object at ffff8881022482c0 [ 12.946761] which belongs to the cache kmalloc-32 of size 32 [ 12.947413] The buggy address is located 16 bytes inside of [ 12.947413] freed 32-byte region [ffff8881022482c0, ffff8881022482e0) [ 12.947784] [ 12.947854] The buggy address belongs to the physical page: [ 12.948070] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102248 [ 12.948468] flags: 0x200000000000000(node=0|zone=2) [ 12.948731] page_type: f5(slab) [ 12.948993] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.949302] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 12.949550] page dumped because: kasan: bad access detected [ 12.949811] [ 12.949986] Memory state around the buggy address: [ 12.950211] ffff888102248180: fa fb fb fb fc fc fc fc 00 00 07 fc fc fc fc fc [ 12.950542] ffff888102248200: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 12.950997] >ffff888102248280: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 12.951216] ^ [ 12.951397] ffff888102248300: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.951647] ffff888102248380: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 12.952319] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 12.901875] ================================================================== [ 12.902547] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 12.902904] Read of size 1 at addr ffff8881022482d0 by task kunit_try_catch/278 [ 12.904172] [ 12.904338] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 12.904384] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.904396] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.904415] Call Trace: [ 12.904426] <TASK> [ 12.904441] dump_stack_lvl+0x73/0xb0 [ 12.904466] print_report+0xd1/0x610 [ 12.904488] ? __virt_addr_valid+0x1db/0x2d0 [ 12.904510] ? strcmp+0xb0/0xc0 [ 12.904527] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.904549] ? strcmp+0xb0/0xc0 [ 12.904567] kasan_report+0x141/0x180 [ 12.904589] ? strcmp+0xb0/0xc0 [ 12.904612] __asan_report_load1_noabort+0x18/0x20 [ 12.904632] strcmp+0xb0/0xc0 [ 12.904652] kasan_strings+0x431/0xe80 [ 12.904671] ? trace_hardirqs_on+0x37/0xe0 [ 12.904694] ? __pfx_kasan_strings+0x10/0x10 [ 12.904714] ? finish_task_switch.isra.0+0x153/0x700 [ 12.904736] ? __switch_to+0x5d9/0xf60 [ 12.904755] ? dequeue_task_fair+0x166/0x4e0 [ 12.904778] ? __schedule+0x10cc/0x2b60 [ 12.904801] ? __pfx_read_tsc+0x10/0x10 [ 12.904819] ? ktime_get_ts64+0x86/0x230 [ 12.904844] kunit_try_run_case+0x1a5/0x480 [ 12.904864] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.904895] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.904920] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.904980] ? __kthread_parkme+0x82/0x180 [ 12.905005] ? preempt_count_sub+0x50/0x80 [ 12.905030] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.905049] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.905072] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.905094] kthread+0x337/0x6f0 [ 12.905110] ? trace_preempt_on+0x20/0xc0 [ 12.905136] ? __pfx_kthread+0x10/0x10 [ 12.905153] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.905174] ? calculate_sigpending+0x7b/0xa0 [ 12.905196] ? __pfx_kthread+0x10/0x10 [ 12.905213] ret_from_fork+0x41/0x80 [ 12.905233] ? __pfx_kthread+0x10/0x10 [ 12.905250] ret_from_fork_asm+0x1a/0x30 [ 12.905279] </TASK> [ 12.905289] [ 12.915597] Allocated by task 278: [ 12.916335] kasan_save_stack+0x45/0x70 [ 12.916528] kasan_save_track+0x18/0x40 [ 12.916683] kasan_save_alloc_info+0x3b/0x50 [ 12.916972] __kasan_kmalloc+0xb7/0xc0 [ 12.917392] __kmalloc_cache_noprof+0x189/0x420 [ 12.917633] kasan_strings+0xc0/0xe80 [ 12.918195] kunit_try_run_case+0x1a5/0x480 [ 12.918400] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.918615] kthread+0x337/0x6f0 [ 12.918812] ret_from_fork+0x41/0x80 [ 12.919099] ret_from_fork_asm+0x1a/0x30 [ 12.919247] [ 12.919368] Freed by task 278: [ 12.919531] kasan_save_stack+0x45/0x70 [ 12.919774] kasan_save_track+0x18/0x40 [ 12.920070] kasan_save_free_info+0x3f/0x60 [ 12.920320] __kasan_slab_free+0x56/0x70 [ 12.920456] kfree+0x222/0x3f0 [ 12.920626] kasan_strings+0x2aa/0xe80 [ 12.921001] kunit_try_run_case+0x1a5/0x480 [ 12.921223] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.921553] kthread+0x337/0x6f0 [ 12.921672] ret_from_fork+0x41/0x80 [ 12.921840] ret_from_fork_asm+0x1a/0x30 [ 12.922122] [ 12.922222] The buggy address belongs to the object at ffff8881022482c0 [ 12.922222] which belongs to the cache kmalloc-32 of size 32 [ 12.923180] The buggy address is located 16 bytes inside of [ 12.923180] freed 32-byte region [ffff8881022482c0, ffff8881022482e0) [ 12.923658] [ 12.924275] The buggy address belongs to the physical page: [ 12.924490] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102248 [ 12.925053] flags: 0x200000000000000(node=0|zone=2) [ 12.925279] page_type: f5(slab) [ 12.925558] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.926105] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 12.926427] page dumped because: kasan: bad access detected [ 12.926654] [ 12.927033] Memory state around the buggy address: [ 12.927251] ffff888102248180: fa fb fb fb fc fc fc fc 00 00 07 fc fc fc fc fc [ 12.927606] ffff888102248200: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 12.928078] >ffff888102248280: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 12.928326] ^ [ 12.928605] ffff888102248300: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.929049] ffff888102248380: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 12.929332] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 12.863053] ================================================================== [ 12.863919] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 12.864258] Read of size 1 at addr ffff888103a328d8 by task kunit_try_catch/276 [ 12.864556] [ 12.864663] CPU: 1 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 12.865295] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.865310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.865331] Call Trace: [ 12.865343] <TASK> [ 12.865358] dump_stack_lvl+0x73/0xb0 [ 12.865383] print_report+0xd1/0x610 [ 12.865611] ? __virt_addr_valid+0x1db/0x2d0 [ 12.865638] ? memcmp+0x1b4/0x1d0 [ 12.865659] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.865682] ? memcmp+0x1b4/0x1d0 [ 12.865759] kasan_report+0x141/0x180 [ 12.865782] ? memcmp+0x1b4/0x1d0 [ 12.865820] __asan_report_load1_noabort+0x18/0x20 [ 12.865841] memcmp+0x1b4/0x1d0 [ 12.865862] kasan_memcmp+0x18f/0x390 [ 12.865894] ? trace_hardirqs_on+0x37/0xe0 [ 12.865918] ? __pfx_kasan_memcmp+0x10/0x10 [ 12.865937] ? finish_task_switch.isra.0+0x153/0x700 [ 12.865961] ? __switch_to+0x5d9/0xf60 [ 12.865982] ? dequeue_task_fair+0x166/0x4e0 [ 12.866008] ? __pfx_read_tsc+0x10/0x10 [ 12.866027] ? ktime_get_ts64+0x86/0x230 [ 12.866052] kunit_try_run_case+0x1a5/0x480 [ 12.866073] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.866091] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.866115] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.866138] ? __kthread_parkme+0x82/0x180 [ 12.866159] ? preempt_count_sub+0x50/0x80 [ 12.866182] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.866202] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.866224] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.866247] kthread+0x337/0x6f0 [ 12.866262] ? trace_preempt_on+0x20/0xc0 [ 12.866283] ? __pfx_kthread+0x10/0x10 [ 12.866300] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.866321] ? calculate_sigpending+0x7b/0xa0 [ 12.866343] ? __pfx_kthread+0x10/0x10 [ 12.866360] ret_from_fork+0x41/0x80 [ 12.866380] ? __pfx_kthread+0x10/0x10 [ 12.866397] ret_from_fork_asm+0x1a/0x30 [ 12.866427] </TASK> [ 12.866437] [ 12.881829] Allocated by task 276: [ 12.882136] kasan_save_stack+0x45/0x70 [ 12.882477] kasan_save_track+0x18/0x40 [ 12.882651] kasan_save_alloc_info+0x3b/0x50 [ 12.883048] __kasan_kmalloc+0xb7/0xc0 [ 12.883459] __kmalloc_cache_noprof+0x189/0x420 [ 12.883798] kasan_memcmp+0xb7/0x390 [ 12.883981] kunit_try_run_case+0x1a5/0x480 [ 12.884375] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.884601] kthread+0x337/0x6f0 [ 12.885040] ret_from_fork+0x41/0x80 [ 12.885337] ret_from_fork_asm+0x1a/0x30 [ 12.885961] [ 12.886063] The buggy address belongs to the object at ffff888103a328c0 [ 12.886063] which belongs to the cache kmalloc-32 of size 32 [ 12.886838] The buggy address is located 0 bytes to the right of [ 12.886838] allocated 24-byte region [ffff888103a328c0, ffff888103a328d8) [ 12.887349] [ 12.887441] The buggy address belongs to the physical page: [ 12.887671] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a32 [ 12.888401] flags: 0x200000000000000(node=0|zone=2) [ 12.888719] page_type: f5(slab) [ 12.889081] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.889582] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 12.890118] page dumped because: kasan: bad access detected [ 12.890358] [ 12.890447] Memory state around the buggy address: [ 12.890652] ffff888103a32780: fa fb fb fb fc fc fc fc 00 00 07 fc fc fc fc fc [ 12.891258] ffff888103a32800: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 12.891755] >ffff888103a32880: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 12.892194] ^ [ 12.892447] ffff888103a32900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.893001] ffff888103a32980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.893435] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 12.833222] ================================================================== [ 12.833618] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 12.834570] Read of size 1 at addr ffff888103a1fc4a by task kunit_try_catch/272 [ 12.835539] [ 12.835776] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 12.835828] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.835840] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.835859] Call Trace: [ 12.835871] <TASK> [ 12.835903] dump_stack_lvl+0x73/0xb0 [ 12.835927] print_report+0xd1/0x610 [ 12.835949] ? __virt_addr_valid+0x1db/0x2d0 [ 12.835970] ? kasan_alloca_oob_right+0x329/0x390 [ 12.835992] ? kasan_addr_to_slab+0x11/0xa0 [ 12.836013] ? kasan_alloca_oob_right+0x329/0x390 [ 12.836036] kasan_report+0x141/0x180 [ 12.836057] ? kasan_alloca_oob_right+0x329/0x390 [ 12.836084] __asan_report_load1_noabort+0x18/0x20 [ 12.836105] kasan_alloca_oob_right+0x329/0x390 [ 12.836129] ? finish_task_switch.isra.0+0x153/0x700 [ 12.836151] ? ww_mutex_unlock+0xce/0x150 [ 12.836171] ? trace_hardirqs_on+0x37/0xe0 [ 12.836195] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 12.836220] ? __schedule+0x10cc/0x2b60 [ 12.836243] ? __pfx_read_tsc+0x10/0x10 [ 12.836261] ? ktime_get_ts64+0x86/0x230 [ 12.836286] kunit_try_run_case+0x1a5/0x480 [ 12.836306] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.836324] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.836347] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.836370] ? __kthread_parkme+0x82/0x180 [ 12.836391] ? preempt_count_sub+0x50/0x80 [ 12.836415] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.836435] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.836499] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.836524] kthread+0x337/0x6f0 [ 12.836541] ? trace_preempt_on+0x20/0xc0 [ 12.836576] ? __pfx_kthread+0x10/0x10 [ 12.836594] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.836615] ? calculate_sigpending+0x7b/0xa0 [ 12.836636] ? __pfx_kthread+0x10/0x10 [ 12.836653] ret_from_fork+0x41/0x80 [ 12.836673] ? __pfx_kthread+0x10/0x10 [ 12.836700] ret_from_fork_asm+0x1a/0x30 [ 12.836732] </TASK> [ 12.836742] [ 12.847276] The buggy address belongs to stack of task kunit_try_catch/272 [ 12.847569] [ 12.847659] The buggy address belongs to the physical page: [ 12.848358] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a1f [ 12.848686] flags: 0x200000000000000(node=0|zone=2) [ 12.849277] raw: 0200000000000000 ffffea00040e87c8 ffffea00040e87c8 0000000000000000 [ 12.849946] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 12.850444] page dumped because: kasan: bad access detected [ 12.851040] [ 12.851134] Memory state around the buggy address: [ 12.851352] ffff888103a1fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.851640] ffff888103a1fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.852190] >ffff888103a1fc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 12.852469] ^ [ 12.852701] ffff888103a1fc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 12.853554] ffff888103a1fd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 12.854218] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 12.807831] ================================================================== [ 12.808313] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 12.808629] Read of size 1 at addr ffff8881039e7c3f by task kunit_try_catch/270 [ 12.808948] [ 12.809030] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 12.809343] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.809356] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.809375] Call Trace: [ 12.809386] <TASK> [ 12.809399] dump_stack_lvl+0x73/0xb0 [ 12.809424] print_report+0xd1/0x610 [ 12.809447] ? __virt_addr_valid+0x1db/0x2d0 [ 12.809468] ? kasan_alloca_oob_left+0x320/0x380 [ 12.809490] ? kasan_addr_to_slab+0x11/0xa0 [ 12.809510] ? kasan_alloca_oob_left+0x320/0x380 [ 12.809532] kasan_report+0x141/0x180 [ 12.809554] ? kasan_alloca_oob_left+0x320/0x380 [ 12.809582] __asan_report_load1_noabort+0x18/0x20 [ 12.809603] kasan_alloca_oob_left+0x320/0x380 [ 12.809627] ? finish_task_switch.isra.0+0x153/0x700 [ 12.809651] ? ww_mutex_unlock+0xce/0x150 [ 12.809671] ? trace_hardirqs_on+0x37/0xe0 [ 12.809694] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 12.809720] ? __schedule+0x10cc/0x2b60 [ 12.809742] ? __pfx_read_tsc+0x10/0x10 [ 12.809761] ? ktime_get_ts64+0x86/0x230 [ 12.809785] kunit_try_run_case+0x1a5/0x480 [ 12.809806] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.809824] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.809936] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.809966] ? __kthread_parkme+0x82/0x180 [ 12.809988] ? preempt_count_sub+0x50/0x80 [ 12.810012] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.810032] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.810055] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.810078] kthread+0x337/0x6f0 [ 12.810095] ? trace_preempt_on+0x20/0xc0 [ 12.810117] ? __pfx_kthread+0x10/0x10 [ 12.810134] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.810155] ? calculate_sigpending+0x7b/0xa0 [ 12.810176] ? __pfx_kthread+0x10/0x10 [ 12.810194] ret_from_fork+0x41/0x80 [ 12.810213] ? __pfx_kthread+0x10/0x10 [ 12.810230] ret_from_fork_asm+0x1a/0x30 [ 12.810260] </TASK> [ 12.810270] [ 12.822801] The buggy address belongs to stack of task kunit_try_catch/270 [ 12.823490] [ 12.823647] The buggy address belongs to the physical page: [ 12.824187] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e7 [ 12.824940] flags: 0x200000000000000(node=0|zone=2) [ 12.825130] raw: 0200000000000000 ffffea00040e79c8 ffffea00040e79c8 0000000000000000 [ 12.825367] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 12.825591] page dumped because: kasan: bad access detected [ 12.825952] [ 12.826106] Memory state around the buggy address: [ 12.826504] ffff8881039e7b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.827214] ffff8881039e7b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.827892] >ffff8881039e7c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 12.828728] ^ [ 12.829383] ffff8881039e7c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 12.830079] ffff8881039e7d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 12.830780] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 12.787303] ================================================================== [ 12.787945] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 12.788261] Read of size 1 at addr ffff888103a0fd02 by task kunit_try_catch/268 [ 12.788543] [ 12.788649] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 12.788691] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.788702] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.788722] Call Trace: [ 12.788733] <TASK> [ 12.788747] dump_stack_lvl+0x73/0xb0 [ 12.788768] print_report+0xd1/0x610 [ 12.788790] ? __virt_addr_valid+0x1db/0x2d0 [ 12.788810] ? kasan_stack_oob+0x2b5/0x300 [ 12.788830] ? kasan_addr_to_slab+0x11/0xa0 [ 12.788849] ? kasan_stack_oob+0x2b5/0x300 [ 12.788868] kasan_report+0x141/0x180 [ 12.789040] ? kasan_stack_oob+0x2b5/0x300 [ 12.789070] __asan_report_load1_noabort+0x18/0x20 [ 12.789091] kasan_stack_oob+0x2b5/0x300 [ 12.789111] ? __pfx_kasan_stack_oob+0x10/0x10 [ 12.789138] ? finish_task_switch.isra.0+0x153/0x700 [ 12.789162] ? __switch_to+0x5d9/0xf60 [ 12.789186] ? dequeue_task_fair+0x156/0x4e0 [ 12.789212] ? __schedule+0x10cc/0x2b60 [ 12.789236] ? __pfx_read_tsc+0x10/0x10 [ 12.789255] ? ktime_get_ts64+0x86/0x230 [ 12.789278] kunit_try_run_case+0x1a5/0x480 [ 12.789299] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.789317] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.789341] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.789364] ? __kthread_parkme+0x82/0x180 [ 12.789385] ? preempt_count_sub+0x50/0x80 [ 12.789408] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.789427] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.789450] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.789473] kthread+0x337/0x6f0 [ 12.789489] ? trace_preempt_on+0x20/0xc0 [ 12.789511] ? __pfx_kthread+0x10/0x10 [ 12.789528] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.789549] ? calculate_sigpending+0x7b/0xa0 [ 12.789570] ? __pfx_kthread+0x10/0x10 [ 12.789587] ret_from_fork+0x41/0x80 [ 12.789606] ? __pfx_kthread+0x10/0x10 [ 12.789623] ret_from_fork_asm+0x1a/0x30 [ 12.789652] </TASK> [ 12.789662] [ 12.797491] The buggy address belongs to stack of task kunit_try_catch/268 [ 12.797966] and is located at offset 138 in frame: [ 12.798132] kasan_stack_oob+0x0/0x300 [ 12.798443] [ 12.798552] This frame has 4 objects: [ 12.799061] [48, 49) '__assertion' [ 12.799087] [64, 72) 'array' [ 12.799269] [96, 112) '__assertion' [ 12.799440] [128, 138) 'stack_array' [ 12.799586] [ 12.799944] The buggy address belongs to the physical page: [ 12.800208] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a0f [ 12.800481] flags: 0x200000000000000(node=0|zone=2) [ 12.800647] raw: 0200000000000000 ffffea00040e83c8 ffffea00040e83c8 0000000000000000 [ 12.801079] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 12.801426] page dumped because: kasan: bad access detected [ 12.801627] [ 12.801711] Memory state around the buggy address: [ 12.801864] ffff888103a0fc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 12.802195] ffff888103a0fc80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 12.802517] >ffff888103a0fd00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 12.802829] ^ [ 12.803081] ffff888103a0fd80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 12.803303] ffff888103a0fe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.803546] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 12.762246] ================================================================== [ 12.762806] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 12.763405] Read of size 1 at addr ffffffff9ba4532d by task kunit_try_catch/264 [ 12.763633] [ 12.763842] CPU: 0 UID: 0 PID: 264 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 12.763900] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.763911] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.763930] Call Trace: [ 12.763941] <TASK> [ 12.763993] dump_stack_lvl+0x73/0xb0 [ 12.764019] print_report+0xd1/0x610 [ 12.764041] ? __virt_addr_valid+0x1db/0x2d0 [ 12.764073] ? kasan_global_oob_right+0x286/0x2d0 [ 12.764122] ? kasan_addr_to_slab+0x11/0xa0 [ 12.764143] ? kasan_global_oob_right+0x286/0x2d0 [ 12.764164] kasan_report+0x141/0x180 [ 12.764196] ? kasan_global_oob_right+0x286/0x2d0 [ 12.764223] __asan_report_load1_noabort+0x18/0x20 [ 12.764243] kasan_global_oob_right+0x286/0x2d0 [ 12.764264] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 12.764288] ? __schedule+0x10cc/0x2b60 [ 12.764311] ? __pfx_read_tsc+0x10/0x10 [ 12.764330] ? ktime_get_ts64+0x86/0x230 [ 12.764354] kunit_try_run_case+0x1a5/0x480 [ 12.764375] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.764392] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.764415] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.764438] ? __kthread_parkme+0x82/0x180 [ 12.764459] ? preempt_count_sub+0x50/0x80 [ 12.764483] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.764502] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.764525] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.764547] kthread+0x337/0x6f0 [ 12.764563] ? trace_preempt_on+0x20/0xc0 [ 12.764585] ? __pfx_kthread+0x10/0x10 [ 12.764602] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.764623] ? calculate_sigpending+0x7b/0xa0 [ 12.764643] ? __pfx_kthread+0x10/0x10 [ 12.764661] ret_from_fork+0x41/0x80 [ 12.764680] ? __pfx_kthread+0x10/0x10 [ 12.764744] ret_from_fork_asm+0x1a/0x30 [ 12.764777] </TASK> [ 12.764787] [ 12.776556] The buggy address belongs to the variable: [ 12.776790] global_array+0xd/0x40 [ 12.777244] [ 12.777423] The buggy address belongs to the physical page: [ 12.778077] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x135c45 [ 12.778892] flags: 0x200000000002000(reserved|node=0|zone=2) [ 12.779217] raw: 0200000000002000 ffffea0004d71148 ffffea0004d71148 0000000000000000 [ 12.779448] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.779673] page dumped because: kasan: bad access detected [ 12.779998] [ 12.780436] Memory state around the buggy address: [ 12.780684] ffffffff9ba45200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.781147] ffffffff9ba45280: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.781580] >ffffffff9ba45300: 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 [ 12.781853] ^ [ 12.782214] ffffffff9ba45380: f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 [ 12.782460] ffffffff9ba45400: f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 [ 12.782859] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 12.702160] ================================================================== [ 12.702661] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.703210] Free of addr ffff888103a34201 by task kunit_try_catch/260 [ 12.703436] [ 12.703548] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 12.703591] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.703603] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.703623] Call Trace: [ 12.703635] <TASK> [ 12.703649] dump_stack_lvl+0x73/0xb0 [ 12.703675] print_report+0xd1/0x610 [ 12.703697] ? __virt_addr_valid+0x1db/0x2d0 [ 12.703719] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.703741] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.703767] kasan_report_invalid_free+0x10a/0x130 [ 12.703792] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.703819] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.703843] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.703867] check_slab_allocation+0x11f/0x130 [ 12.703903] __kasan_mempool_poison_object+0x91/0x1d0 [ 12.704118] mempool_free+0x2ec/0x380 [ 12.704147] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.704174] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 12.704198] ? dequeue_entities+0x852/0x1740 [ 12.704221] ? finish_task_switch.isra.0+0x153/0x700 [ 12.704247] mempool_kmalloc_invalid_free+0xed/0x140 [ 12.704271] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 12.704294] ? dequeue_task_fair+0x166/0x4e0 [ 12.704316] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.704334] ? __pfx_mempool_kfree+0x10/0x10 [ 12.704356] ? __pfx_read_tsc+0x10/0x10 [ 12.704376] ? ktime_get_ts64+0x86/0x230 [ 12.704399] kunit_try_run_case+0x1a5/0x480 [ 12.704421] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.704439] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.704463] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.704486] ? __kthread_parkme+0x82/0x180 [ 12.704508] ? preempt_count_sub+0x50/0x80 [ 12.704532] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.704552] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.704574] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.704597] kthread+0x337/0x6f0 [ 12.704613] ? trace_preempt_on+0x20/0xc0 [ 12.704635] ? __pfx_kthread+0x10/0x10 [ 12.704652] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.704673] ? calculate_sigpending+0x7b/0xa0 [ 12.704695] ? __pfx_kthread+0x10/0x10 [ 12.704712] ret_from_fork+0x41/0x80 [ 12.704733] ? __pfx_kthread+0x10/0x10 [ 12.704750] ret_from_fork_asm+0x1a/0x30 [ 12.704779] </TASK> [ 12.704790] [ 12.718627] Allocated by task 260: [ 12.719026] kasan_save_stack+0x45/0x70 [ 12.719378] kasan_save_track+0x18/0x40 [ 12.719558] kasan_save_alloc_info+0x3b/0x50 [ 12.720000] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 12.720243] remove_element+0x11e/0x190 [ 12.720419] mempool_alloc_preallocated+0x4d/0x90 [ 12.720623] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 12.721285] mempool_kmalloc_invalid_free+0xed/0x140 [ 12.721655] kunit_try_run_case+0x1a5/0x480 [ 12.722055] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.722300] kthread+0x337/0x6f0 [ 12.722461] ret_from_fork+0x41/0x80 [ 12.722637] ret_from_fork_asm+0x1a/0x30 [ 12.723348] [ 12.723538] The buggy address belongs to the object at ffff888103a34200 [ 12.723538] which belongs to the cache kmalloc-128 of size 128 [ 12.724617] The buggy address is located 1 bytes inside of [ 12.724617] 128-byte region [ffff888103a34200, ffff888103a34280) [ 12.725461] [ 12.725563] The buggy address belongs to the physical page: [ 12.725750] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a34 [ 12.726004] flags: 0x200000000000000(node=0|zone=2) [ 12.726167] page_type: f5(slab) [ 12.726286] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.726517] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.726740] page dumped because: kasan: bad access detected [ 12.727379] [ 12.727977] Memory state around the buggy address: [ 12.728426] ffff888103a34100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.728982] ffff888103a34180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.729631] >ffff888103a34200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.730144] ^ [ 12.730455] ffff888103a34280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.731063] ffff888103a34300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.731364] ================================================================== [ 12.735899] ================================================================== [ 12.736663] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.737386] Free of addr ffff888102acc001 by task kunit_try_catch/262 [ 12.737678] [ 12.737784] CPU: 0 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 12.737829] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.737840] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.737859] Call Trace: [ 12.737870] <TASK> [ 12.737894] dump_stack_lvl+0x73/0xb0 [ 12.737918] print_report+0xd1/0x610 [ 12.737939] ? __virt_addr_valid+0x1db/0x2d0 [ 12.737961] ? kasan_addr_to_slab+0x11/0xa0 [ 12.737980] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.738006] kasan_report_invalid_free+0x10a/0x130 [ 12.738030] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.738057] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.738081] __kasan_mempool_poison_object+0x102/0x1d0 [ 12.738105] mempool_free+0x2ec/0x380 [ 12.738127] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.738652] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 12.738705] ? dequeue_entities+0x852/0x1740 [ 12.738730] ? irqentry_exit+0x2a/0x60 [ 12.738751] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.738773] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 12.738798] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 12.738825] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.738844] ? __pfx_mempool_kfree+0x10/0x10 [ 12.738863] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 12.738904] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 12.738930] kunit_try_run_case+0x1a5/0x480 [ 12.738950] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.738967] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.738990] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.739012] ? __kthread_parkme+0x82/0x180 [ 12.739033] ? preempt_count_sub+0x50/0x80 [ 12.739056] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.739076] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.739098] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.739120] kthread+0x337/0x6f0 [ 12.739135] ? trace_preempt_on+0x20/0xc0 [ 12.739157] ? __pfx_kthread+0x10/0x10 [ 12.739174] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.739195] ? calculate_sigpending+0x7b/0xa0 [ 12.739216] ? __pfx_kthread+0x10/0x10 [ 12.739233] ret_from_fork+0x41/0x80 [ 12.739253] ? __pfx_kthread+0x10/0x10 [ 12.739270] ret_from_fork_asm+0x1a/0x30 [ 12.739299] </TASK> [ 12.739309] [ 12.751831] The buggy address belongs to the physical page: [ 12.752108] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102acc [ 12.752455] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.752691] flags: 0x200000000000040(head|node=0|zone=2) [ 12.753100] page_type: f8(unknown) [ 12.753360] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.753680] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.754119] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.754454] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.754747] head: 0200000000000002 ffffea00040ab301 00000000ffffffff 00000000ffffffff [ 12.755437] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.756048] page dumped because: kasan: bad access detected [ 12.756287] [ 12.756380] Memory state around the buggy address: [ 12.756815] ffff888102acbf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.757147] ffff888102acbf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.757599] >ffff888102acc000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.758160] ^ [ 12.758284] ffff888102acc080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.758735] ffff888102acc100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.759258] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 12.662567] ================================================================== [ 12.663158] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 12.663480] Free of addr ffff888102ac8000 by task kunit_try_catch/256 [ 12.663748] [ 12.663836] CPU: 0 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 12.663891] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.663903] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.663923] Call Trace: [ 12.663934] <TASK> [ 12.663949] dump_stack_lvl+0x73/0xb0 [ 12.663972] print_report+0xd1/0x610 [ 12.664028] ? __virt_addr_valid+0x1db/0x2d0 [ 12.664051] ? kasan_addr_to_slab+0x11/0xa0 [ 12.664071] ? mempool_double_free_helper+0x184/0x370 [ 12.664095] kasan_report_invalid_free+0x10a/0x130 [ 12.664119] ? mempool_double_free_helper+0x184/0x370 [ 12.664145] ? mempool_double_free_helper+0x184/0x370 [ 12.664167] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 12.664191] mempool_free+0x2ec/0x380 [ 12.664214] mempool_double_free_helper+0x184/0x370 [ 12.664237] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 12.664264] ? finish_task_switch.isra.0+0x153/0x700 [ 12.664290] mempool_kmalloc_large_double_free+0xed/0x140 [ 12.664314] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 12.664337] ? dequeue_task_fair+0x156/0x4e0 [ 12.664359] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.664378] ? __pfx_mempool_kfree+0x10/0x10 [ 12.664399] ? __pfx_read_tsc+0x10/0x10 [ 12.664417] ? ktime_get_ts64+0x86/0x230 [ 12.664441] kunit_try_run_case+0x1a5/0x480 [ 12.664461] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.664479] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.664502] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.664526] ? __kthread_parkme+0x82/0x180 [ 12.664547] ? preempt_count_sub+0x50/0x80 [ 12.664590] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.664611] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.664633] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.664655] kthread+0x337/0x6f0 [ 12.664671] ? trace_preempt_on+0x20/0xc0 [ 12.664694] ? __pfx_kthread+0x10/0x10 [ 12.664711] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.664732] ? calculate_sigpending+0x7b/0xa0 [ 12.664753] ? __pfx_kthread+0x10/0x10 [ 12.664770] ret_from_fork+0x41/0x80 [ 12.664790] ? __pfx_kthread+0x10/0x10 [ 12.664807] ret_from_fork_asm+0x1a/0x30 [ 12.664837] </TASK> [ 12.664847] [ 12.674161] The buggy address belongs to the physical page: [ 12.674389] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac8 [ 12.674836] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.675259] flags: 0x200000000000040(head|node=0|zone=2) [ 12.675441] page_type: f8(unknown) [ 12.675578] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.675918] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.676297] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.676530] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.676929] head: 0200000000000002 ffffea00040ab201 00000000ffffffff 00000000ffffffff [ 12.677312] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.677673] page dumped because: kasan: bad access detected [ 12.678077] [ 12.678176] Memory state around the buggy address: [ 12.678384] ffff888102ac7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.678670] ffff888102ac7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.679078] >ffff888102ac8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.679351] ^ [ 12.679513] ffff888102ac8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.679738] ffff888102ac8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.680037] ================================================================== [ 12.620068] ================================================================== [ 12.620560] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 12.621006] Free of addr ffff888102240600 by task kunit_try_catch/254 [ 12.621277] [ 12.621405] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 12.621454] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.621466] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.621488] Call Trace: [ 12.621500] <TASK> [ 12.621515] dump_stack_lvl+0x73/0xb0 [ 12.621543] print_report+0xd1/0x610 [ 12.621566] ? __virt_addr_valid+0x1db/0x2d0 [ 12.621611] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.621632] ? mempool_double_free_helper+0x184/0x370 [ 12.621656] kasan_report_invalid_free+0x10a/0x130 [ 12.621765] ? mempool_double_free_helper+0x184/0x370 [ 12.621822] ? mempool_double_free_helper+0x184/0x370 [ 12.621846] ? mempool_double_free_helper+0x184/0x370 [ 12.621867] check_slab_allocation+0x101/0x130 [ 12.621900] __kasan_mempool_poison_object+0x91/0x1d0 [ 12.621924] mempool_free+0x2ec/0x380 [ 12.621948] mempool_double_free_helper+0x184/0x370 [ 12.621972] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 12.621995] ? dequeue_entities+0x852/0x1740 [ 12.622019] ? finish_task_switch.isra.0+0x153/0x700 [ 12.622045] mempool_kmalloc_double_free+0xed/0x140 [ 12.622069] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 12.622091] ? dequeue_task_fair+0x166/0x4e0 [ 12.622113] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.622131] ? __pfx_mempool_kfree+0x10/0x10 [ 12.622152] ? __pfx_read_tsc+0x10/0x10 [ 12.622193] ? ktime_get_ts64+0x86/0x230 [ 12.622218] kunit_try_run_case+0x1a5/0x480 [ 12.622239] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.622257] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.622282] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.622305] ? __kthread_parkme+0x82/0x180 [ 12.622327] ? preempt_count_sub+0x50/0x80 [ 12.622366] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.622386] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.622408] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.622430] kthread+0x337/0x6f0 [ 12.622446] ? trace_preempt_on+0x20/0xc0 [ 12.622469] ? __pfx_kthread+0x10/0x10 [ 12.622487] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.622508] ? calculate_sigpending+0x7b/0xa0 [ 12.622530] ? __pfx_kthread+0x10/0x10 [ 12.622547] ret_from_fork+0x41/0x80 [ 12.622567] ? __pfx_kthread+0x10/0x10 [ 12.622584] ret_from_fork_asm+0x1a/0x30 [ 12.622615] </TASK> [ 12.622625] [ 12.636529] Allocated by task 254: [ 12.636663] kasan_save_stack+0x45/0x70 [ 12.637067] kasan_save_track+0x18/0x40 [ 12.637443] kasan_save_alloc_info+0x3b/0x50 [ 12.637935] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 12.638468] remove_element+0x11e/0x190 [ 12.638866] mempool_alloc_preallocated+0x4d/0x90 [ 12.639035] mempool_double_free_helper+0x8a/0x370 [ 12.639193] mempool_kmalloc_double_free+0xed/0x140 [ 12.639354] kunit_try_run_case+0x1a5/0x480 [ 12.639496] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.639667] kthread+0x337/0x6f0 [ 12.639782] ret_from_fork+0x41/0x80 [ 12.640310] ret_from_fork_asm+0x1a/0x30 [ 12.640747] [ 12.640947] Freed by task 254: [ 12.641259] kasan_save_stack+0x45/0x70 [ 12.641845] kasan_save_track+0x18/0x40 [ 12.642225] kasan_save_free_info+0x3f/0x60 [ 12.642614] __kasan_mempool_poison_object+0x131/0x1d0 [ 12.643162] mempool_free+0x2ec/0x380 [ 12.643624] mempool_double_free_helper+0x109/0x370 [ 12.644220] mempool_kmalloc_double_free+0xed/0x140 [ 12.644924] kunit_try_run_case+0x1a5/0x480 [ 12.645336] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.645675] kthread+0x337/0x6f0 [ 12.645809] ret_from_fork+0x41/0x80 [ 12.646047] ret_from_fork_asm+0x1a/0x30 [ 12.646420] [ 12.646577] The buggy address belongs to the object at ffff888102240600 [ 12.646577] which belongs to the cache kmalloc-128 of size 128 [ 12.647887] The buggy address is located 0 bytes inside of [ 12.647887] 128-byte region [ffff888102240600, ffff888102240680) [ 12.648508] [ 12.648700] The buggy address belongs to the physical page: [ 12.649285] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102240 [ 12.649908] flags: 0x200000000000000(node=0|zone=2) [ 12.650179] page_type: f5(slab) [ 12.650495] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.651255] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.651809] page dumped because: kasan: bad access detected [ 12.652237] [ 12.652305] Memory state around the buggy address: [ 12.652459] ffff888102240500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.652671] ffff888102240580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.653569] >ffff888102240600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.654411] ^ [ 12.654729] ffff888102240680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.655669] ffff888102240700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.656490] ================================================================== [ 12.683366] ================================================================== [ 12.683928] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 12.684343] Free of addr ffff888102acc000 by task kunit_try_catch/258 [ 12.684603] [ 12.684689] CPU: 0 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 12.684733] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.684744] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.684763] Call Trace: [ 12.684774] <TASK> [ 12.684788] dump_stack_lvl+0x73/0xb0 [ 12.684821] print_report+0xd1/0x610 [ 12.684844] ? __virt_addr_valid+0x1db/0x2d0 [ 12.684865] ? kasan_addr_to_slab+0x11/0xa0 [ 12.684895] ? mempool_double_free_helper+0x184/0x370 [ 12.684920] kasan_report_invalid_free+0x10a/0x130 [ 12.684944] ? mempool_double_free_helper+0x184/0x370 [ 12.684969] ? mempool_double_free_helper+0x184/0x370 [ 12.684992] __kasan_mempool_poison_pages+0x115/0x130 [ 12.685015] mempool_free+0x290/0x380 [ 12.685037] mempool_double_free_helper+0x184/0x370 [ 12.685060] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 12.685084] ? dequeue_entities+0x852/0x1740 [ 12.685107] ? finish_task_switch.isra.0+0x153/0x700 [ 12.685137] mempool_page_alloc_double_free+0xe8/0x140 [ 12.685158] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 12.685178] ? dequeue_task_fair+0x166/0x4e0 [ 12.685200] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 12.685219] ? __pfx_mempool_free_pages+0x10/0x10 [ 12.685240] ? __pfx_read_tsc+0x10/0x10 [ 12.685259] ? ktime_get_ts64+0x86/0x230 [ 12.685282] kunit_try_run_case+0x1a5/0x480 [ 12.685302] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.685319] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.685341] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.685364] ? __kthread_parkme+0x82/0x180 [ 12.685384] ? preempt_count_sub+0x50/0x80 [ 12.685407] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.685427] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.685449] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.685472] kthread+0x337/0x6f0 [ 12.685487] ? trace_preempt_on+0x20/0xc0 [ 12.685509] ? __pfx_kthread+0x10/0x10 [ 12.685526] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.685547] ? calculate_sigpending+0x7b/0xa0 [ 12.685567] ? __pfx_kthread+0x10/0x10 [ 12.685584] ret_from_fork+0x41/0x80 [ 12.685603] ? __pfx_kthread+0x10/0x10 [ 12.685620] ret_from_fork_asm+0x1a/0x30 [ 12.685651] </TASK> [ 12.685661] [ 12.694500] The buggy address belongs to the physical page: [ 12.694744] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102acc [ 12.695023] flags: 0x200000000000000(node=0|zone=2) [ 12.695193] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 12.695731] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.696283] page dumped because: kasan: bad access detected [ 12.696453] [ 12.696519] Memory state around the buggy address: [ 12.696670] ffff888102acbf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.696887] ffff888102acbf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.697370] >ffff888102acc000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.697696] ^ [ 12.697866] ffff888102acc080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.698171] ffff888102acc100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.698591] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 12.536928] ================================================================== [ 12.537407] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 12.537722] Read of size 1 at addr ffff888102ac8000 by task kunit_try_catch/248 [ 12.538302] [ 12.538415] CPU: 0 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 12.538515] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.538527] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.538547] Call Trace: [ 12.538560] <TASK> [ 12.538575] dump_stack_lvl+0x73/0xb0 [ 12.538599] print_report+0xd1/0x610 [ 12.538621] ? __virt_addr_valid+0x1db/0x2d0 [ 12.538642] ? mempool_uaf_helper+0x392/0x400 [ 12.538664] ? kasan_addr_to_slab+0x11/0xa0 [ 12.538684] ? mempool_uaf_helper+0x392/0x400 [ 12.538773] kasan_report+0x141/0x180 [ 12.538801] ? mempool_uaf_helper+0x392/0x400 [ 12.538866] __asan_report_load1_noabort+0x18/0x20 [ 12.538897] mempool_uaf_helper+0x392/0x400 [ 12.538920] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 12.538947] ? finish_task_switch.isra.0+0x153/0x700 [ 12.538973] mempool_kmalloc_large_uaf+0xef/0x140 [ 12.538996] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 12.539020] ? __kasan_check_write+0x18/0x20 [ 12.539040] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.539061] ? __pfx_mempool_kfree+0x10/0x10 [ 12.539081] ? __pfx_read_tsc+0x10/0x10 [ 12.539101] ? ktime_get_ts64+0x86/0x230 [ 12.539121] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.539145] kunit_try_run_case+0x1a5/0x480 [ 12.539166] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.539186] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.539210] ? __kthread_parkme+0x82/0x180 [ 12.539231] ? preempt_count_sub+0x50/0x80 [ 12.539255] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.539275] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.539298] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.539321] kthread+0x337/0x6f0 [ 12.539337] ? trace_preempt_on+0x20/0xc0 [ 12.539359] ? __pfx_kthread+0x10/0x10 [ 12.539376] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.539397] ? calculate_sigpending+0x7b/0xa0 [ 12.539418] ? __pfx_kthread+0x10/0x10 [ 12.539436] ret_from_fork+0x41/0x80 [ 12.539455] ? __pfx_kthread+0x10/0x10 [ 12.539472] ret_from_fork_asm+0x1a/0x30 [ 12.539503] </TASK> [ 12.539513] [ 12.548580] The buggy address belongs to the physical page: [ 12.549137] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac8 [ 12.549509] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.549941] flags: 0x200000000000040(head|node=0|zone=2) [ 12.550322] page_type: f8(unknown) [ 12.550502] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.550971] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.551415] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.551901] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.552372] head: 0200000000000002 ffffea00040ab201 00000000ffffffff 00000000ffffffff [ 12.552793] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.553155] page dumped because: kasan: bad access detected [ 12.553404] [ 12.553527] Memory state around the buggy address: [ 12.553808] ffff888102ac7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.554151] ffff888102ac7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.554435] >ffff888102ac8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.554934] ^ [ 12.555182] ffff888102ac8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.555490] ffff888102ac8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.555987] ================================================================== [ 12.599969] ================================================================== [ 12.600457] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 12.600918] Read of size 1 at addr ffff888103968000 by task kunit_try_catch/252 [ 12.601240] [ 12.601352] CPU: 1 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 12.601430] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.601442] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.601488] Call Trace: [ 12.601523] <TASK> [ 12.601561] dump_stack_lvl+0x73/0xb0 [ 12.601587] print_report+0xd1/0x610 [ 12.601610] ? __virt_addr_valid+0x1db/0x2d0 [ 12.601631] ? mempool_uaf_helper+0x392/0x400 [ 12.601653] ? kasan_addr_to_slab+0x11/0xa0 [ 12.601735] ? mempool_uaf_helper+0x392/0x400 [ 12.601762] kasan_report+0x141/0x180 [ 12.601784] ? mempool_uaf_helper+0x392/0x400 [ 12.601830] __asan_report_load1_noabort+0x18/0x20 [ 12.601851] mempool_uaf_helper+0x392/0x400 [ 12.601875] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 12.601908] ? dequeue_entities+0x852/0x1740 [ 12.601932] ? finish_task_switch.isra.0+0x153/0x700 [ 12.601958] mempool_page_alloc_uaf+0xed/0x140 [ 12.601979] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 12.601998] ? dequeue_task_fair+0x166/0x4e0 [ 12.602019] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 12.602039] ? __pfx_mempool_free_pages+0x10/0x10 [ 12.602061] ? __pfx_read_tsc+0x10/0x10 [ 12.602080] ? ktime_get_ts64+0x86/0x230 [ 12.602106] kunit_try_run_case+0x1a5/0x480 [ 12.602127] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.602145] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.602170] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.602193] ? __kthread_parkme+0x82/0x180 [ 12.602214] ? preempt_count_sub+0x50/0x80 [ 12.602237] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.602257] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.602280] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.602303] kthread+0x337/0x6f0 [ 12.602319] ? trace_preempt_on+0x20/0xc0 [ 12.602343] ? __pfx_kthread+0x10/0x10 [ 12.602360] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.602381] ? calculate_sigpending+0x7b/0xa0 [ 12.602402] ? __pfx_kthread+0x10/0x10 [ 12.602420] ret_from_fork+0x41/0x80 [ 12.602441] ? __pfx_kthread+0x10/0x10 [ 12.602458] ret_from_fork_asm+0x1a/0x30 [ 12.602488] </TASK> [ 12.602500] [ 12.611648] The buggy address belongs to the physical page: [ 12.611898] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103968 [ 12.612152] flags: 0x200000000000000(node=0|zone=2) [ 12.612397] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 12.612751] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.613107] page dumped because: kasan: bad access detected [ 12.613361] [ 12.613444] Memory state around the buggy address: [ 12.613635] ffff888103967f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.614024] ffff888103967f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.614322] >ffff888103968000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.614532] ^ [ 12.614645] ffff888103968080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.614994] ffff888103968100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.615354] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 12.562459] ================================================================== [ 12.563210] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 12.563557] Read of size 1 at addr ffff888102245240 by task kunit_try_catch/250 [ 12.564004] [ 12.564110] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 12.564196] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.564208] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.564228] Call Trace: [ 12.564241] <TASK> [ 12.564257] dump_stack_lvl+0x73/0xb0 [ 12.564281] print_report+0xd1/0x610 [ 12.564305] ? __virt_addr_valid+0x1db/0x2d0 [ 12.564359] ? mempool_uaf_helper+0x392/0x400 [ 12.564381] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.564403] ? mempool_uaf_helper+0x392/0x400 [ 12.564425] kasan_report+0x141/0x180 [ 12.564448] ? mempool_uaf_helper+0x392/0x400 [ 12.564475] __asan_report_load1_noabort+0x18/0x20 [ 12.564495] mempool_uaf_helper+0x392/0x400 [ 12.564548] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 12.564569] ? update_load_avg+0x1be/0x21b0 [ 12.564593] ? finish_task_switch.isra.0+0x153/0x700 [ 12.564620] mempool_slab_uaf+0xea/0x140 [ 12.564639] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 12.564686] ? dequeue_task_fair+0x156/0x4e0 [ 12.564708] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 12.564729] ? __pfx_mempool_free_slab+0x10/0x10 [ 12.564800] ? __pfx_read_tsc+0x10/0x10 [ 12.564823] ? ktime_get_ts64+0x86/0x230 [ 12.564849] kunit_try_run_case+0x1a5/0x480 [ 12.564871] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.564901] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.564926] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.564948] ? __kthread_parkme+0x82/0x180 [ 12.564970] ? preempt_count_sub+0x50/0x80 [ 12.564993] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.565013] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.565037] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.565059] kthread+0x337/0x6f0 [ 12.565075] ? trace_preempt_on+0x20/0xc0 [ 12.565098] ? __pfx_kthread+0x10/0x10 [ 12.565115] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.565140] ? calculate_sigpending+0x7b/0xa0 [ 12.565162] ? __pfx_kthread+0x10/0x10 [ 12.565179] ret_from_fork+0x41/0x80 [ 12.565199] ? __pfx_kthread+0x10/0x10 [ 12.565216] ret_from_fork_asm+0x1a/0x30 [ 12.565246] </TASK> [ 12.565256] [ 12.574874] Allocated by task 250: [ 12.575070] kasan_save_stack+0x45/0x70 [ 12.575256] kasan_save_track+0x18/0x40 [ 12.575392] kasan_save_alloc_info+0x3b/0x50 [ 12.575601] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 12.575896] remove_element+0x11e/0x190 [ 12.576040] mempool_alloc_preallocated+0x4d/0x90 [ 12.576599] mempool_uaf_helper+0x96/0x400 [ 12.576821] mempool_slab_uaf+0xea/0x140 [ 12.577263] kunit_try_run_case+0x1a5/0x480 [ 12.577469] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.577663] kthread+0x337/0x6f0 [ 12.578160] ret_from_fork+0x41/0x80 [ 12.578353] ret_from_fork_asm+0x1a/0x30 [ 12.578561] [ 12.578629] Freed by task 250: [ 12.578735] kasan_save_stack+0x45/0x70 [ 12.578868] kasan_save_track+0x18/0x40 [ 12.579149] kasan_save_free_info+0x3f/0x60 [ 12.579415] __kasan_mempool_poison_object+0x131/0x1d0 [ 12.579722] mempool_free+0x2ec/0x380 [ 12.580050] mempool_uaf_helper+0x11a/0x400 [ 12.580202] mempool_slab_uaf+0xea/0x140 [ 12.580357] kunit_try_run_case+0x1a5/0x480 [ 12.580560] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.580946] kthread+0x337/0x6f0 [ 12.581111] ret_from_fork+0x41/0x80 [ 12.581281] ret_from_fork_asm+0x1a/0x30 [ 12.581419] [ 12.581515] The buggy address belongs to the object at ffff888102245240 [ 12.581515] which belongs to the cache test_cache of size 123 [ 12.582397] The buggy address is located 0 bytes inside of [ 12.582397] freed 123-byte region [ffff888102245240, ffff8881022452bb) [ 12.582749] [ 12.582847] The buggy address belongs to the physical page: [ 12.583122] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102245 [ 12.583647] flags: 0x200000000000000(node=0|zone=2) [ 12.584047] page_type: f5(slab) [ 12.584218] raw: 0200000000000000 ffff888101949a00 dead000000000122 0000000000000000 [ 12.584590] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 12.585071] page dumped because: kasan: bad access detected [ 12.585362] [ 12.585452] Memory state around the buggy address: [ 12.585933] ffff888102245100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.586248] ffff888102245180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.586582] >ffff888102245200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 12.587051] ^ [ 12.587315] ffff888102245280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.587627] ffff888102245300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.588025] ================================================================== [ 12.506295] ================================================================== [ 12.507616] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 12.508442] Read of size 1 at addr ffff888102240200 by task kunit_try_catch/246 [ 12.509025] [ 12.509223] CPU: 0 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 12.509272] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.509284] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.509306] Call Trace: [ 12.509320] <TASK> [ 12.509339] dump_stack_lvl+0x73/0xb0 [ 12.509369] print_report+0xd1/0x610 [ 12.509392] ? __virt_addr_valid+0x1db/0x2d0 [ 12.509414] ? mempool_uaf_helper+0x392/0x400 [ 12.509435] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.509458] ? mempool_uaf_helper+0x392/0x400 [ 12.509480] kasan_report+0x141/0x180 [ 12.509502] ? mempool_uaf_helper+0x392/0x400 [ 12.509529] __asan_report_load1_noabort+0x18/0x20 [ 12.509549] mempool_uaf_helper+0x392/0x400 [ 12.509575] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 12.509597] ? dequeue_entities+0x852/0x1740 [ 12.509623] ? finish_task_switch.isra.0+0x153/0x700 [ 12.509650] mempool_kmalloc_uaf+0xef/0x140 [ 12.509672] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 12.509693] ? dequeue_task_fair+0x166/0x4e0 [ 12.509716] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.509737] ? __pfx_mempool_kfree+0x10/0x10 [ 12.509758] ? __pfx_read_tsc+0x10/0x10 [ 12.509778] ? ktime_get_ts64+0x86/0x230 [ 12.509972] kunit_try_run_case+0x1a5/0x480 [ 12.510003] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.510022] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.510048] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.510071] ? __kthread_parkme+0x82/0x180 [ 12.510093] ? preempt_count_sub+0x50/0x80 [ 12.510116] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.510135] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.510157] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.510180] kthread+0x337/0x6f0 [ 12.510197] ? trace_preempt_on+0x20/0xc0 [ 12.510220] ? __pfx_kthread+0x10/0x10 [ 12.510237] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.510258] ? calculate_sigpending+0x7b/0xa0 [ 12.510280] ? __pfx_kthread+0x10/0x10 [ 12.510297] ret_from_fork+0x41/0x80 [ 12.510317] ? __pfx_kthread+0x10/0x10 [ 12.510334] ret_from_fork_asm+0x1a/0x30 [ 12.510365] </TASK> [ 12.510376] [ 12.519177] Allocated by task 246: [ 12.519515] kasan_save_stack+0x45/0x70 [ 12.519778] kasan_save_track+0x18/0x40 [ 12.519943] kasan_save_alloc_info+0x3b/0x50 [ 12.520105] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 12.520385] remove_element+0x11e/0x190 [ 12.520554] mempool_alloc_preallocated+0x4d/0x90 [ 12.520855] mempool_uaf_helper+0x96/0x400 [ 12.521094] mempool_kmalloc_uaf+0xef/0x140 [ 12.521268] kunit_try_run_case+0x1a5/0x480 [ 12.521494] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.521871] kthread+0x337/0x6f0 [ 12.522112] ret_from_fork+0x41/0x80 [ 12.522278] ret_from_fork_asm+0x1a/0x30 [ 12.522511] [ 12.522622] Freed by task 246: [ 12.522804] kasan_save_stack+0x45/0x70 [ 12.523083] kasan_save_track+0x18/0x40 [ 12.523287] kasan_save_free_info+0x3f/0x60 [ 12.523522] __kasan_mempool_poison_object+0x131/0x1d0 [ 12.523830] mempool_free+0x2ec/0x380 [ 12.524159] mempool_uaf_helper+0x11a/0x400 [ 12.524393] mempool_kmalloc_uaf+0xef/0x140 [ 12.524610] kunit_try_run_case+0x1a5/0x480 [ 12.524927] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.525199] kthread+0x337/0x6f0 [ 12.525366] ret_from_fork+0x41/0x80 [ 12.525499] ret_from_fork_asm+0x1a/0x30 [ 12.525637] [ 12.525707] The buggy address belongs to the object at ffff888102240200 [ 12.525707] which belongs to the cache kmalloc-128 of size 128 [ 12.526804] The buggy address is located 0 bytes inside of [ 12.526804] freed 128-byte region [ffff888102240200, ffff888102240280) [ 12.527281] [ 12.527356] The buggy address belongs to the physical page: [ 12.527528] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102240 [ 12.527788] flags: 0x200000000000000(node=0|zone=2) [ 12.528035] page_type: f5(slab) [ 12.528206] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.528527] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.528755] page dumped because: kasan: bad access detected [ 12.529187] [ 12.529305] Memory state around the buggy address: [ 12.529531] ffff888102240100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.530110] ffff888102240180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.530423] >ffff888102240200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.530634] ^ [ 12.530748] ffff888102240280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.531071] ffff888102240300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.531450] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 12.410401] ================================================================== [ 12.410929] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 12.411264] Read of size 1 at addr ffff888102225e73 by task kunit_try_catch/240 [ 12.411579] [ 12.411679] CPU: 0 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 12.411728] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.411740] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.411761] Call Trace: [ 12.411774] <TASK> [ 12.411792] dump_stack_lvl+0x73/0xb0 [ 12.411843] print_report+0xd1/0x610 [ 12.411867] ? __virt_addr_valid+0x1db/0x2d0 [ 12.411903] ? mempool_oob_right_helper+0x318/0x380 [ 12.411925] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.411947] ? mempool_oob_right_helper+0x318/0x380 [ 12.411970] kasan_report+0x141/0x180 [ 12.411992] ? mempool_oob_right_helper+0x318/0x380 [ 12.412021] __asan_report_load1_noabort+0x18/0x20 [ 12.412042] mempool_oob_right_helper+0x318/0x380 [ 12.412067] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 12.412098] mempool_kmalloc_oob_right+0xf2/0x150 [ 12.412120] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 12.412143] ? dequeue_task_fair+0x166/0x4e0 [ 12.412168] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.412189] ? __pfx_mempool_kfree+0x10/0x10 [ 12.412210] ? __pfx_read_tsc+0x10/0x10 [ 12.412231] ? ktime_get_ts64+0x86/0x230 [ 12.412256] kunit_try_run_case+0x1a5/0x480 [ 12.412279] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.412296] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.412322] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.412345] ? __kthread_parkme+0x82/0x180 [ 12.412367] ? preempt_count_sub+0x50/0x80 [ 12.412392] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.412411] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.412435] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.412457] kthread+0x337/0x6f0 [ 12.412474] ? trace_preempt_on+0x20/0xc0 [ 12.412497] ? __pfx_kthread+0x10/0x10 [ 12.412514] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.412535] ? calculate_sigpending+0x7b/0xa0 [ 12.412557] ? __pfx_kthread+0x10/0x10 [ 12.412576] ret_from_fork+0x41/0x80 [ 12.412596] ? __pfx_kthread+0x10/0x10 [ 12.412613] ret_from_fork_asm+0x1a/0x30 [ 12.412643] </TASK> [ 12.412655] [ 12.424212] Allocated by task 240: [ 12.424349] kasan_save_stack+0x45/0x70 [ 12.424529] kasan_save_track+0x18/0x40 [ 12.424682] kasan_save_alloc_info+0x3b/0x50 [ 12.424850] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 12.425159] remove_element+0x11e/0x190 [ 12.425350] mempool_alloc_preallocated+0x4d/0x90 [ 12.426088] mempool_oob_right_helper+0x8a/0x380 [ 12.426282] mempool_kmalloc_oob_right+0xf2/0x150 [ 12.426515] kunit_try_run_case+0x1a5/0x480 [ 12.426949] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.427201] kthread+0x337/0x6f0 [ 12.427543] ret_from_fork+0x41/0x80 [ 12.427725] ret_from_fork_asm+0x1a/0x30 [ 12.428132] [ 12.428222] The buggy address belongs to the object at ffff888102225e00 [ 12.428222] which belongs to the cache kmalloc-128 of size 128 [ 12.428998] The buggy address is located 0 bytes to the right of [ 12.428998] allocated 115-byte region [ffff888102225e00, ffff888102225e73) [ 12.429673] [ 12.429973] The buggy address belongs to the physical page: [ 12.430332] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102225 [ 12.430824] flags: 0x200000000000000(node=0|zone=2) [ 12.431215] page_type: f5(slab) [ 12.431385] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.431793] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.432347] page dumped because: kasan: bad access detected [ 12.432764] [ 12.432871] Memory state around the buggy address: [ 12.433356] ffff888102225d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.433638] ffff888102225d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.434081] >ffff888102225e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.434470] ^ [ 12.434889] ffff888102225e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.435357] ffff888102225f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.435664] ================================================================== [ 12.438954] ================================================================== [ 12.439699] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 12.439974] Read of size 1 at addr ffff888103966001 by task kunit_try_catch/242 [ 12.440314] [ 12.440514] CPU: 1 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 12.440562] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.440573] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.440594] Call Trace: [ 12.440606] <TASK> [ 12.440623] dump_stack_lvl+0x73/0xb0 [ 12.440649] print_report+0xd1/0x610 [ 12.440671] ? __virt_addr_valid+0x1db/0x2d0 [ 12.440703] ? mempool_oob_right_helper+0x318/0x380 [ 12.440726] ? kasan_addr_to_slab+0x11/0xa0 [ 12.440746] ? mempool_oob_right_helper+0x318/0x380 [ 12.440780] kasan_report+0x141/0x180 [ 12.440819] ? mempool_oob_right_helper+0x318/0x380 [ 12.440847] __asan_report_load1_noabort+0x18/0x20 [ 12.440867] mempool_oob_right_helper+0x318/0x380 [ 12.440900] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 12.440923] ? dequeue_entities+0x852/0x1740 [ 12.440947] ? finish_task_switch.isra.0+0x153/0x700 [ 12.440973] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 12.440997] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 12.441030] ? dequeue_task_fair+0x166/0x4e0 [ 12.441052] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.441071] ? __pfx_mempool_kfree+0x10/0x10 [ 12.441093] ? __pfx_read_tsc+0x10/0x10 [ 12.441123] ? ktime_get_ts64+0x86/0x230 [ 12.441152] kunit_try_run_case+0x1a5/0x480 [ 12.441173] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.441191] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.441214] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.441237] ? __kthread_parkme+0x82/0x180 [ 12.441259] ? preempt_count_sub+0x50/0x80 [ 12.441282] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.441302] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.441325] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.441348] kthread+0x337/0x6f0 [ 12.441364] ? trace_preempt_on+0x20/0xc0 [ 12.441386] ? __pfx_kthread+0x10/0x10 [ 12.441403] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.441424] ? calculate_sigpending+0x7b/0xa0 [ 12.441445] ? __pfx_kthread+0x10/0x10 [ 12.441462] ret_from_fork+0x41/0x80 [ 12.441482] ? __pfx_kthread+0x10/0x10 [ 12.441499] ret_from_fork_asm+0x1a/0x30 [ 12.441529] </TASK> [ 12.441540] [ 12.451959] The buggy address belongs to the physical page: [ 12.452226] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103964 [ 12.452555] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.453256] flags: 0x200000000000040(head|node=0|zone=2) [ 12.453458] page_type: f8(unknown) [ 12.453650] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.454308] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.454613] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.455166] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.455582] head: 0200000000000002 ffffea00040e5901 00000000ffffffff 00000000ffffffff [ 12.456417] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.457331] page dumped because: kasan: bad access detected [ 12.457926] [ 12.458082] Memory state around the buggy address: [ 12.458502] ffff888103965f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.458970] ffff888103965f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.459423] >ffff888103966000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.459635] ^ [ 12.459855] ffff888103966080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.460519] ffff888103966100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.461261] ================================================================== [ 12.465388] ================================================================== [ 12.466060] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 12.466308] Read of size 1 at addr ffff8881022402bb by task kunit_try_catch/244 [ 12.466528] [ 12.466612] CPU: 0 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 12.466656] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.466667] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.466687] Call Trace: [ 12.466697] <TASK> [ 12.466711] dump_stack_lvl+0x73/0xb0 [ 12.466734] print_report+0xd1/0x610 [ 12.466755] ? __virt_addr_valid+0x1db/0x2d0 [ 12.466776] ? mempool_oob_right_helper+0x318/0x380 [ 12.466799] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.466828] ? mempool_oob_right_helper+0x318/0x380 [ 12.466850] kasan_report+0x141/0x180 [ 12.466872] ? mempool_oob_right_helper+0x318/0x380 [ 12.466909] __asan_report_load1_noabort+0x18/0x20 [ 12.466929] mempool_oob_right_helper+0x318/0x380 [ 12.466953] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 12.466980] ? finish_task_switch.isra.0+0x153/0x700 [ 12.467006] mempool_slab_oob_right+0xed/0x140 [ 12.467026] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 12.467045] ? dequeue_task_fair+0x166/0x4e0 [ 12.467067] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 12.467087] ? __pfx_mempool_free_slab+0x10/0x10 [ 12.467109] ? __pfx_read_tsc+0x10/0x10 [ 12.467128] ? ktime_get_ts64+0x86/0x230 [ 12.467151] kunit_try_run_case+0x1a5/0x480 [ 12.467172] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.467189] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.467212] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.467235] ? __kthread_parkme+0x82/0x180 [ 12.467256] ? preempt_count_sub+0x50/0x80 [ 12.467279] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.467298] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.467320] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.467343] kthread+0x337/0x6f0 [ 12.467358] ? trace_preempt_on+0x20/0xc0 [ 12.467380] ? __pfx_kthread+0x10/0x10 [ 12.467398] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.467418] ? calculate_sigpending+0x7b/0xa0 [ 12.467439] ? __pfx_kthread+0x10/0x10 [ 12.467457] ret_from_fork+0x41/0x80 [ 12.467475] ? __pfx_kthread+0x10/0x10 [ 12.467493] ret_from_fork_asm+0x1a/0x30 [ 12.467522] </TASK> [ 12.467532] [ 12.480298] Allocated by task 244: [ 12.480766] kasan_save_stack+0x45/0x70 [ 12.481177] kasan_save_track+0x18/0x40 [ 12.481612] kasan_save_alloc_info+0x3b/0x50 [ 12.482005] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 12.482696] remove_element+0x11e/0x190 [ 12.483027] mempool_alloc_preallocated+0x4d/0x90 [ 12.483598] mempool_oob_right_helper+0x8a/0x380 [ 12.483843] mempool_slab_oob_right+0xed/0x140 [ 12.484045] kunit_try_run_case+0x1a5/0x480 [ 12.484185] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.484351] kthread+0x337/0x6f0 [ 12.484463] ret_from_fork+0x41/0x80 [ 12.484586] ret_from_fork_asm+0x1a/0x30 [ 12.484957] [ 12.485244] The buggy address belongs to the object at ffff888102240240 [ 12.485244] which belongs to the cache test_cache of size 123 [ 12.486426] The buggy address is located 0 bytes to the right of [ 12.486426] allocated 123-byte region [ffff888102240240, ffff8881022402bb) [ 12.487643] [ 12.487863] The buggy address belongs to the physical page: [ 12.488449] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102240 [ 12.489012] flags: 0x200000000000000(node=0|zone=2) [ 12.489188] page_type: f5(slab) [ 12.489305] raw: 0200000000000000 ffff8881019498c0 dead000000000122 0000000000000000 [ 12.489524] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 12.489759] page dumped because: kasan: bad access detected [ 12.490326] [ 12.490510] Memory state around the buggy address: [ 12.491023] ffff888102240180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.491477] ffff888102240200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 12.491708] >ffff888102240280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 12.492520] ^ [ 12.492973] ffff888102240300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.493452] ffff888102240380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.493675] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 11.842434] ================================================================== [ 11.843120] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 11.843378] Read of size 1 at addr ffff8881011f73c0 by task kunit_try_catch/234 [ 11.843598] [ 11.843686] CPU: 1 UID: 0 PID: 234 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 11.843732] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.843744] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.843765] Call Trace: [ 11.843777] <TASK> [ 11.843794] dump_stack_lvl+0x73/0xb0 [ 11.843820] print_report+0xd1/0x610 [ 11.843843] ? __virt_addr_valid+0x1db/0x2d0 [ 11.843864] ? kmem_cache_double_destroy+0x1bf/0x380 [ 11.843896] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.843918] ? kmem_cache_double_destroy+0x1bf/0x380 [ 11.843950] kasan_report+0x141/0x180 [ 11.843972] ? kmem_cache_double_destroy+0x1bf/0x380 [ 11.843995] ? kmem_cache_double_destroy+0x1bf/0x380 [ 11.844015] __kasan_check_byte+0x3d/0x50 [ 11.844037] kmem_cache_destroy+0x25/0x1d0 [ 11.844060] kmem_cache_double_destroy+0x1bf/0x380 [ 11.844081] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 11.844100] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.844126] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 11.844151] kunit_try_run_case+0x1a5/0x480 [ 11.844171] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.844188] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.844213] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.844236] ? __kthread_parkme+0x82/0x180 [ 11.844257] ? preempt_count_sub+0x50/0x80 [ 11.844319] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.844340] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.844363] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.844385] kthread+0x337/0x6f0 [ 11.844401] ? trace_preempt_on+0x20/0xc0 [ 11.844425] ? __pfx_kthread+0x10/0x10 [ 11.844441] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.844463] ? calculate_sigpending+0x7b/0xa0 [ 11.844485] ? __pfx_kthread+0x10/0x10 [ 11.844502] ret_from_fork+0x41/0x80 [ 11.844523] ? __pfx_kthread+0x10/0x10 [ 11.844540] ret_from_fork_asm+0x1a/0x30 [ 11.844570] </TASK> [ 11.844581] [ 11.857398] Allocated by task 234: [ 11.857542] kasan_save_stack+0x45/0x70 [ 11.857781] kasan_save_track+0x18/0x40 [ 11.858348] kasan_save_alloc_info+0x3b/0x50 [ 11.858589] __kasan_slab_alloc+0x91/0xa0 [ 11.858742] kmem_cache_alloc_noprof+0x123/0x3f0 [ 11.859125] __kmem_cache_create_args+0x169/0x240 [ 11.859356] kmem_cache_double_destroy+0xd5/0x380 [ 11.859572] kunit_try_run_case+0x1a5/0x480 [ 11.859768] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.860114] kthread+0x337/0x6f0 [ 11.860273] ret_from_fork+0x41/0x80 [ 11.860457] ret_from_fork_asm+0x1a/0x30 [ 11.860666] [ 11.860759] Freed by task 234: [ 11.860931] kasan_save_stack+0x45/0x70 [ 11.861072] kasan_save_track+0x18/0x40 [ 11.861224] kasan_save_free_info+0x3f/0x60 [ 11.861422] __kasan_slab_free+0x56/0x70 [ 11.861607] kmem_cache_free+0x249/0x420 [ 11.861739] slab_kmem_cache_release+0x2e/0x40 [ 11.862210] kmem_cache_release+0x16/0x20 [ 11.862442] kobject_put+0x181/0x450 [ 11.862576] sysfs_slab_release+0x16/0x20 [ 11.862712] kmem_cache_destroy+0xf0/0x1d0 [ 11.862869] kmem_cache_double_destroy+0x14e/0x380 [ 11.863201] kunit_try_run_case+0x1a5/0x480 [ 11.863518] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.863866] kthread+0x337/0x6f0 [ 11.863998] ret_from_fork+0x41/0x80 [ 11.864127] ret_from_fork_asm+0x1a/0x30 [ 11.864347] [ 11.864442] The buggy address belongs to the object at ffff8881011f73c0 [ 11.864442] which belongs to the cache kmem_cache of size 208 [ 11.865013] The buggy address is located 0 bytes inside of [ 11.865013] freed 208-byte region [ffff8881011f73c0, ffff8881011f7490) [ 11.865626] [ 11.865724] The buggy address belongs to the physical page: [ 11.865982] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1011f7 [ 11.866486] flags: 0x200000000000000(node=0|zone=2) [ 11.866714] page_type: f5(slab) [ 11.867077] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 11.867440] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 11.867826] page dumped because: kasan: bad access detected [ 11.868031] [ 11.868124] Memory state around the buggy address: [ 11.868320] ffff8881011f7280: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.868570] ffff8881011f7300: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 11.869120] >ffff8881011f7380: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 11.869510] ^ [ 11.869896] ffff8881011f7400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.870201] ffff8881011f7480: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.870507] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 11.787872] ================================================================== [ 11.788327] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 11.788571] Read of size 1 at addr ffff888102f40000 by task kunit_try_catch/232 [ 11.788809] [ 11.788918] CPU: 1 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 11.788963] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.788974] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.788995] Call Trace: [ 11.789007] <TASK> [ 11.789024] dump_stack_lvl+0x73/0xb0 [ 11.789049] print_report+0xd1/0x610 [ 11.789071] ? __virt_addr_valid+0x1db/0x2d0 [ 11.789093] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 11.789133] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.789156] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 11.789318] kasan_report+0x141/0x180 [ 11.789343] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 11.789367] __asan_report_load1_noabort+0x18/0x20 [ 11.789393] kmem_cache_rcu_uaf+0x3e3/0x510 [ 11.789412] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 11.789430] ? finish_task_switch.isra.0+0x153/0x700 [ 11.789454] ? __switch_to+0x5d9/0xf60 [ 11.789474] ? dequeue_task_fair+0x166/0x4e0 [ 11.789499] ? __pfx_read_tsc+0x10/0x10 [ 11.789518] ? ktime_get_ts64+0x86/0x230 [ 11.789543] kunit_try_run_case+0x1a5/0x480 [ 11.789563] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.789581] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.789605] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.789628] ? __kthread_parkme+0x82/0x180 [ 11.789649] ? preempt_count_sub+0x50/0x80 [ 11.789672] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.789772] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.789816] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.789838] kthread+0x337/0x6f0 [ 11.789854] ? trace_preempt_on+0x20/0xc0 [ 11.789888] ? __pfx_kthread+0x10/0x10 [ 11.789905] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.789926] ? calculate_sigpending+0x7b/0xa0 [ 11.789947] ? __pfx_kthread+0x10/0x10 [ 11.789964] ret_from_fork+0x41/0x80 [ 11.789984] ? __pfx_kthread+0x10/0x10 [ 11.790000] ret_from_fork_asm+0x1a/0x30 [ 11.790051] </TASK> [ 11.790072] [ 11.798681] Allocated by task 232: [ 11.798847] kasan_save_stack+0x45/0x70 [ 11.799255] kasan_save_track+0x18/0x40 [ 11.799474] kasan_save_alloc_info+0x3b/0x50 [ 11.799785] __kasan_slab_alloc+0x91/0xa0 [ 11.800050] kmem_cache_alloc_noprof+0x123/0x3f0 [ 11.800283] kmem_cache_rcu_uaf+0x155/0x510 [ 11.800457] kunit_try_run_case+0x1a5/0x480 [ 11.800595] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.801044] kthread+0x337/0x6f0 [ 11.801259] ret_from_fork+0x41/0x80 [ 11.801408] ret_from_fork_asm+0x1a/0x30 [ 11.801636] [ 11.801730] Freed by task 0: [ 11.801958] kasan_save_stack+0x45/0x70 [ 11.802196] kasan_save_track+0x18/0x40 [ 11.802398] kasan_save_free_info+0x3f/0x60 [ 11.802637] __kasan_slab_free+0x56/0x70 [ 11.802854] slab_free_after_rcu_debug+0xe4/0x310 [ 11.803108] rcu_core+0x66c/0x1c30 [ 11.803374] rcu_core_si+0x12/0x20 [ 11.803697] handle_softirqs+0x209/0x730 [ 11.803900] __irq_exit_rcu+0xc9/0x110 [ 11.804124] irq_exit_rcu+0x12/0x20 [ 11.804334] sysvec_apic_timer_interrupt+0x81/0x90 [ 11.804487] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 11.804666] [ 11.804759] Last potentially related work creation: [ 11.805211] kasan_save_stack+0x45/0x70 [ 11.805405] kasan_record_aux_stack+0xb2/0xc0 [ 11.805620] kmem_cache_free+0x131/0x420 [ 11.806343] kmem_cache_rcu_uaf+0x194/0x510 [ 11.806493] kunit_try_run_case+0x1a5/0x480 [ 11.806631] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.806800] kthread+0x337/0x6f0 [ 11.807198] ret_from_fork+0x41/0x80 [ 11.807408] ret_from_fork_asm+0x1a/0x30 [ 11.807605] [ 11.807693] The buggy address belongs to the object at ffff888102f40000 [ 11.807693] which belongs to the cache test_cache of size 200 [ 11.808378] The buggy address is located 0 bytes inside of [ 11.808378] freed 200-byte region [ffff888102f40000, ffff888102f400c8) [ 11.809006] [ 11.809123] The buggy address belongs to the physical page: [ 11.809395] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f40 [ 11.809631] flags: 0x200000000000000(node=0|zone=2) [ 11.809792] page_type: f5(slab) [ 11.809924] raw: 0200000000000000 ffff8881011f7280 dead000000000122 0000000000000000 [ 11.810247] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 11.810941] page dumped because: kasan: bad access detected [ 11.811346] [ 11.811536] Memory state around the buggy address: [ 11.811871] ffff888102f3ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.812736] ffff888102f3ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.813120] >ffff888102f40000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.813541] ^ [ 11.813782] ffff888102f40080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 11.814191] ffff888102f40100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.814574] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 11.728574] ================================================================== [ 11.729372] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 11.729767] Free of addr ffff88810223c001 by task kunit_try_catch/230 [ 11.730032] [ 11.730237] CPU: 0 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 11.730281] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.730291] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.730311] Call Trace: [ 11.730322] <TASK> [ 11.730338] dump_stack_lvl+0x73/0xb0 [ 11.730362] print_report+0xd1/0x610 [ 11.730384] ? __virt_addr_valid+0x1db/0x2d0 [ 11.730405] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.730427] ? kmem_cache_invalid_free+0x1d8/0x460 [ 11.730447] kasan_report_invalid_free+0x10a/0x130 [ 11.730471] ? kmem_cache_invalid_free+0x1d8/0x460 [ 11.730492] ? kmem_cache_invalid_free+0x1d8/0x460 [ 11.730512] check_slab_allocation+0x11f/0x130 [ 11.730533] __kasan_slab_pre_free+0x28/0x40 [ 11.730553] kmem_cache_free+0xed/0x420 [ 11.730572] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 11.730592] ? kmem_cache_invalid_free+0x1d8/0x460 [ 11.730615] kmem_cache_invalid_free+0x1d8/0x460 [ 11.730635] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 11.730655] ? finish_task_switch.isra.0+0x153/0x700 [ 11.730677] ? __switch_to+0x5d9/0xf60 [ 11.730741] ? dequeue_task_fair+0x156/0x4e0 [ 11.730769] ? __pfx_read_tsc+0x10/0x10 [ 11.730787] ? ktime_get_ts64+0x86/0x230 [ 11.730811] kunit_try_run_case+0x1a5/0x480 [ 11.730831] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.730848] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.730871] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.730905] ? __kthread_parkme+0x82/0x180 [ 11.730926] ? preempt_count_sub+0x50/0x80 [ 11.730949] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.730968] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.730990] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.731011] kthread+0x337/0x6f0 [ 11.731027] ? trace_preempt_on+0x20/0xc0 [ 11.731050] ? __pfx_kthread+0x10/0x10 [ 11.731066] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.731087] ? calculate_sigpending+0x7b/0xa0 [ 11.731108] ? __pfx_kthread+0x10/0x10 [ 11.731125] ret_from_fork+0x41/0x80 [ 11.731144] ? __pfx_kthread+0x10/0x10 [ 11.731161] ret_from_fork_asm+0x1a/0x30 [ 11.731190] </TASK> [ 11.731200] [ 11.742347] Allocated by task 230: [ 11.742727] kasan_save_stack+0x45/0x70 [ 11.743088] kasan_save_track+0x18/0x40 [ 11.743242] kasan_save_alloc_info+0x3b/0x50 [ 11.743518] __kasan_slab_alloc+0x91/0xa0 [ 11.743926] kmem_cache_alloc_noprof+0x123/0x3f0 [ 11.744231] kmem_cache_invalid_free+0x157/0x460 [ 11.744499] kunit_try_run_case+0x1a5/0x480 [ 11.744790] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.745017] kthread+0x337/0x6f0 [ 11.745190] ret_from_fork+0x41/0x80 [ 11.745340] ret_from_fork_asm+0x1a/0x30 [ 11.745527] [ 11.745624] The buggy address belongs to the object at ffff88810223c000 [ 11.745624] which belongs to the cache test_cache of size 200 [ 11.746596] The buggy address is located 1 bytes inside of [ 11.746596] 200-byte region [ffff88810223c000, ffff88810223c0c8) [ 11.747366] [ 11.747466] The buggy address belongs to the physical page: [ 11.747966] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10223c [ 11.748416] flags: 0x200000000000000(node=0|zone=2) [ 11.748710] page_type: f5(slab) [ 11.749117] raw: 0200000000000000 ffff888101949640 dead000000000122 0000000000000000 [ 11.749443] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 11.749972] page dumped because: kasan: bad access detected [ 11.750178] [ 11.750273] Memory state around the buggy address: [ 11.750458] ffff88810223bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.751025] ffff88810223bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.751477] >ffff88810223c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.752040] ^ [ 11.752350] ffff88810223c080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 11.752648] ffff88810223c100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.753074] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 11.694500] ================================================================== [ 11.695404] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 11.695774] Free of addr ffff88810223a000 by task kunit_try_catch/228 [ 11.696332] [ 11.696444] CPU: 0 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 11.696487] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.696498] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.696516] Call Trace: [ 11.696528] <TASK> [ 11.696542] dump_stack_lvl+0x73/0xb0 [ 11.696570] print_report+0xd1/0x610 [ 11.696592] ? __virt_addr_valid+0x1db/0x2d0 [ 11.696613] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.696634] ? kmem_cache_double_free+0x1e5/0x480 [ 11.696654] kasan_report_invalid_free+0x10a/0x130 [ 11.696677] ? kmem_cache_double_free+0x1e5/0x480 [ 11.696699] ? kmem_cache_double_free+0x1e5/0x480 [ 11.696719] check_slab_allocation+0x101/0x130 [ 11.696740] __kasan_slab_pre_free+0x28/0x40 [ 11.696760] kmem_cache_free+0xed/0x420 [ 11.696780] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 11.696800] ? kmem_cache_double_free+0x1e5/0x480 [ 11.696822] kmem_cache_double_free+0x1e5/0x480 [ 11.696842] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 11.696861] ? finish_task_switch.isra.0+0x153/0x700 [ 11.696895] ? __switch_to+0x5d9/0xf60 [ 11.696915] ? dequeue_task_fair+0x166/0x4e0 [ 11.696940] ? __pfx_read_tsc+0x10/0x10 [ 11.696959] ? ktime_get_ts64+0x86/0x230 [ 11.696982] kunit_try_run_case+0x1a5/0x480 [ 11.697004] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.697021] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.697044] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.697066] ? __kthread_parkme+0x82/0x180 [ 11.697087] ? preempt_count_sub+0x50/0x80 [ 11.697109] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.697133] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.697155] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.697177] kthread+0x337/0x6f0 [ 11.697192] ? trace_preempt_on+0x20/0xc0 [ 11.697214] ? __pfx_kthread+0x10/0x10 [ 11.697231] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.697251] ? calculate_sigpending+0x7b/0xa0 [ 11.697271] ? __pfx_kthread+0x10/0x10 [ 11.697288] ret_from_fork+0x41/0x80 [ 11.697307] ? __pfx_kthread+0x10/0x10 [ 11.697324] ret_from_fork_asm+0x1a/0x30 [ 11.697353] </TASK> [ 11.697365] [ 11.708294] Allocated by task 228: [ 11.708460] kasan_save_stack+0x45/0x70 [ 11.708669] kasan_save_track+0x18/0x40 [ 11.709265] kasan_save_alloc_info+0x3b/0x50 [ 11.709453] __kasan_slab_alloc+0x91/0xa0 [ 11.709660] kmem_cache_alloc_noprof+0x123/0x3f0 [ 11.709934] kmem_cache_double_free+0x14f/0x480 [ 11.710154] kunit_try_run_case+0x1a5/0x480 [ 11.710335] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.710585] kthread+0x337/0x6f0 [ 11.711148] ret_from_fork+0x41/0x80 [ 11.711341] ret_from_fork_asm+0x1a/0x30 [ 11.711572] [ 11.711737] Freed by task 228: [ 11.712131] kasan_save_stack+0x45/0x70 [ 11.712329] kasan_save_track+0x18/0x40 [ 11.712632] kasan_save_free_info+0x3f/0x60 [ 11.712791] __kasan_slab_free+0x56/0x70 [ 11.713006] kmem_cache_free+0x249/0x420 [ 11.713196] kmem_cache_double_free+0x16a/0x480 [ 11.713392] kunit_try_run_case+0x1a5/0x480 [ 11.713563] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.713791] kthread+0x337/0x6f0 [ 11.714423] ret_from_fork+0x41/0x80 [ 11.714584] ret_from_fork_asm+0x1a/0x30 [ 11.714917] [ 11.715207] The buggy address belongs to the object at ffff88810223a000 [ 11.715207] which belongs to the cache test_cache of size 200 [ 11.715756] The buggy address is located 0 bytes inside of [ 11.715756] 200-byte region [ffff88810223a000, ffff88810223a0c8) [ 11.716406] [ 11.716577] The buggy address belongs to the physical page: [ 11.717014] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10223a [ 11.717440] flags: 0x200000000000000(node=0|zone=2) [ 11.717682] page_type: f5(slab) [ 11.718090] raw: 0200000000000000 ffff888101949500 dead000000000122 0000000000000000 [ 11.718424] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 11.718961] page dumped because: kasan: bad access detected [ 11.719198] [ 11.719268] Memory state around the buggy address: [ 11.719614] ffff888102239f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.719955] ffff888102239f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.720396] >ffff88810223a000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.720709] ^ [ 11.721095] ffff88810223a080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 11.721408] ffff88810223a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.721976] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 11.654339] ================================================================== [ 11.654842] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 11.655152] Read of size 1 at addr ffff8881022370c8 by task kunit_try_catch/226 [ 11.655436] [ 11.655545] CPU: 0 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 11.655588] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.655599] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.655617] Call Trace: [ 11.655629] <TASK> [ 11.655684] dump_stack_lvl+0x73/0xb0 [ 11.655710] print_report+0xd1/0x610 [ 11.655733] ? __virt_addr_valid+0x1db/0x2d0 [ 11.655753] ? kmem_cache_oob+0x402/0x530 [ 11.655770] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.655791] ? kmem_cache_oob+0x402/0x530 [ 11.655809] kasan_report+0x141/0x180 [ 11.655831] ? kmem_cache_oob+0x402/0x530 [ 11.655854] __asan_report_load1_noabort+0x18/0x20 [ 11.655873] kmem_cache_oob+0x402/0x530 [ 11.655900] ? trace_hardirqs_on+0x37/0xe0 [ 11.655923] ? __pfx_kmem_cache_oob+0x10/0x10 [ 11.655941] ? finish_task_switch.isra.0+0x153/0x700 [ 11.655993] ? __switch_to+0x5d9/0xf60 [ 11.656036] ? dequeue_task_fair+0x166/0x4e0 [ 11.656063] ? __pfx_read_tsc+0x10/0x10 [ 11.656082] ? ktime_get_ts64+0x86/0x230 [ 11.656107] kunit_try_run_case+0x1a5/0x480 [ 11.656127] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.656146] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.656171] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.656193] ? __kthread_parkme+0x82/0x180 [ 11.656214] ? preempt_count_sub+0x50/0x80 [ 11.656237] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.656256] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.656279] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.656301] kthread+0x337/0x6f0 [ 11.656317] ? trace_preempt_on+0x20/0xc0 [ 11.656338] ? __pfx_kthread+0x10/0x10 [ 11.656354] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.656375] ? calculate_sigpending+0x7b/0xa0 [ 11.656396] ? __pfx_kthread+0x10/0x10 [ 11.656413] ret_from_fork+0x41/0x80 [ 11.656433] ? __pfx_kthread+0x10/0x10 [ 11.656449] ret_from_fork_asm+0x1a/0x30 [ 11.656478] </TASK> [ 11.656488] [ 11.666681] Allocated by task 226: [ 11.666915] kasan_save_stack+0x45/0x70 [ 11.667391] kasan_save_track+0x18/0x40 [ 11.667574] kasan_save_alloc_info+0x3b/0x50 [ 11.667939] __kasan_slab_alloc+0x91/0xa0 [ 11.668122] kmem_cache_alloc_noprof+0x123/0x3f0 [ 11.668319] kmem_cache_oob+0x157/0x530 [ 11.668508] kunit_try_run_case+0x1a5/0x480 [ 11.668694] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.669387] kthread+0x337/0x6f0 [ 11.669522] ret_from_fork+0x41/0x80 [ 11.669696] ret_from_fork_asm+0x1a/0x30 [ 11.669952] [ 11.670066] The buggy address belongs to the object at ffff888102237000 [ 11.670066] which belongs to the cache test_cache of size 200 [ 11.670503] The buggy address is located 0 bytes to the right of [ 11.670503] allocated 200-byte region [ffff888102237000, ffff8881022370c8) [ 11.671537] [ 11.671645] The buggy address belongs to the physical page: [ 11.671938] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102237 [ 11.672545] flags: 0x200000000000000(node=0|zone=2) [ 11.672872] page_type: f5(slab) [ 11.673040] raw: 0200000000000000 ffff8881019493c0 dead000000000122 0000000000000000 [ 11.673353] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 11.673649] page dumped because: kasan: bad access detected [ 11.674205] [ 11.674298] Memory state around the buggy address: [ 11.674484] ffff888102236f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.674816] ffff888102237000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.675130] >ffff888102237080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 11.675413] ^ [ 11.675634] ffff888102237100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.676095] ffff888102237180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.676409] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 11.605895] ================================================================== [ 11.606270] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 11.606491] Read of size 8 at addr ffff888102f3b380 by task kunit_try_catch/219 [ 11.606713] [ 11.606801] CPU: 1 UID: 0 PID: 219 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 11.606846] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.606857] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.606888] Call Trace: [ 11.606900] <TASK> [ 11.606917] dump_stack_lvl+0x73/0xb0 [ 11.606940] print_report+0xd1/0x610 [ 11.606962] ? __virt_addr_valid+0x1db/0x2d0 [ 11.606983] ? workqueue_uaf+0x4d6/0x560 [ 11.607003] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.607024] ? workqueue_uaf+0x4d6/0x560 [ 11.607045] kasan_report+0x141/0x180 [ 11.607067] ? workqueue_uaf+0x4d6/0x560 [ 11.607092] __asan_report_load8_noabort+0x18/0x20 [ 11.607112] workqueue_uaf+0x4d6/0x560 [ 11.607133] ? __pfx_workqueue_uaf+0x10/0x10 [ 11.607155] ? __schedule+0x10cc/0x2b60 [ 11.607177] ? __pfx_read_tsc+0x10/0x10 [ 11.607195] ? ktime_get_ts64+0x86/0x230 [ 11.607219] kunit_try_run_case+0x1a5/0x480 [ 11.607239] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.607256] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.607280] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.607303] ? __kthread_parkme+0x82/0x180 [ 11.607324] ? preempt_count_sub+0x50/0x80 [ 11.607348] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.607367] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.607389] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.607410] kthread+0x337/0x6f0 [ 11.607426] ? trace_preempt_on+0x20/0xc0 [ 11.607448] ? __pfx_kthread+0x10/0x10 [ 11.607465] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.607486] ? calculate_sigpending+0x7b/0xa0 [ 11.607506] ? __pfx_kthread+0x10/0x10 [ 11.607523] ret_from_fork+0x41/0x80 [ 11.607543] ? __pfx_kthread+0x10/0x10 [ 11.607559] ret_from_fork_asm+0x1a/0x30 [ 11.607588] </TASK> [ 11.607599] [ 11.624681] Allocated by task 219: [ 11.625031] kasan_save_stack+0x45/0x70 [ 11.625390] kasan_save_track+0x18/0x40 [ 11.625673] kasan_save_alloc_info+0x3b/0x50 [ 11.626194] __kasan_kmalloc+0xb7/0xc0 [ 11.626364] __kmalloc_cache_noprof+0x189/0x420 [ 11.626897] workqueue_uaf+0x152/0x560 [ 11.627270] kunit_try_run_case+0x1a5/0x480 [ 11.627452] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.627859] kthread+0x337/0x6f0 [ 11.628403] ret_from_fork+0x41/0x80 [ 11.628761] ret_from_fork_asm+0x1a/0x30 [ 11.629208] [ 11.629286] Freed by task 48: [ 11.629394] kasan_save_stack+0x45/0x70 [ 11.629531] kasan_save_track+0x18/0x40 [ 11.629663] kasan_save_free_info+0x3f/0x60 [ 11.630073] __kasan_slab_free+0x56/0x70 [ 11.630533] kfree+0x222/0x3f0 [ 11.630912] workqueue_uaf_work+0x12/0x20 [ 11.631358] process_one_work+0x5ee/0xf60 [ 11.631741] worker_thread+0x758/0x1220 [ 11.632185] kthread+0x337/0x6f0 [ 11.632500] ret_from_fork+0x41/0x80 [ 11.632932] ret_from_fork_asm+0x1a/0x30 [ 11.633080] [ 11.633155] Last potentially related work creation: [ 11.633308] kasan_save_stack+0x45/0x70 [ 11.633443] kasan_record_aux_stack+0xb2/0xc0 [ 11.633587] __queue_work+0x626/0xeb0 [ 11.633733] queue_work_on+0xb6/0xc0 [ 11.633859] workqueue_uaf+0x26d/0x560 [ 11.634169] kunit_try_run_case+0x1a5/0x480 [ 11.634377] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.634630] kthread+0x337/0x6f0 [ 11.634905] ret_from_fork+0x41/0x80 [ 11.635097] ret_from_fork_asm+0x1a/0x30 [ 11.635455] [ 11.635522] The buggy address belongs to the object at ffff888102f3b380 [ 11.635522] which belongs to the cache kmalloc-32 of size 32 [ 11.636327] The buggy address is located 0 bytes inside of [ 11.636327] freed 32-byte region [ffff888102f3b380, ffff888102f3b3a0) [ 11.637345] [ 11.637423] The buggy address belongs to the physical page: [ 11.637596] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f3b [ 11.638346] flags: 0x200000000000000(node=0|zone=2) [ 11.638889] page_type: f5(slab) [ 11.639200] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 11.639924] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 11.640430] page dumped because: kasan: bad access detected [ 11.640602] [ 11.640671] Memory state around the buggy address: [ 11.641288] ffff888102f3b280: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 11.641991] ffff888102f3b300: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 11.642670] >ffff888102f3b380: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 11.643151] ^ [ 11.643425] ffff888102f3b400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.643635] ffff888102f3b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.644221] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 11.554833] ================================================================== [ 11.555272] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 11.555494] Read of size 4 at addr ffff88810222fb80 by task swapper/0/0 [ 11.555698] [ 11.556170] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 11.556218] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.556229] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.556250] Call Trace: [ 11.556278] <IRQ> [ 11.556296] dump_stack_lvl+0x73/0xb0 [ 11.556323] print_report+0xd1/0x610 [ 11.556345] ? __virt_addr_valid+0x1db/0x2d0 [ 11.556366] ? rcu_uaf_reclaim+0x50/0x60 [ 11.556386] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.556407] ? rcu_uaf_reclaim+0x50/0x60 [ 11.556427] kasan_report+0x141/0x180 [ 11.556449] ? rcu_uaf_reclaim+0x50/0x60 [ 11.556473] __asan_report_load4_noabort+0x18/0x20 [ 11.556493] rcu_uaf_reclaim+0x50/0x60 [ 11.556513] rcu_core+0x66c/0x1c30 [ 11.556536] ? enqueue_hrtimer+0xfe/0x210 [ 11.556559] ? __pfx_rcu_core+0x10/0x10 [ 11.556581] ? ktime_get+0x6b/0x150 [ 11.556601] ? handle_softirqs+0x18e/0x730 [ 11.556626] rcu_core_si+0x12/0x20 [ 11.556642] handle_softirqs+0x209/0x730 [ 11.556662] ? hrtimer_interrupt+0x2fe/0x780 [ 11.556683] ? __pfx_handle_softirqs+0x10/0x10 [ 11.556709] __irq_exit_rcu+0xc9/0x110 [ 11.556730] irq_exit_rcu+0x12/0x20 [ 11.556746] sysvec_apic_timer_interrupt+0x81/0x90 [ 11.556766] </IRQ> [ 11.556817] <TASK> [ 11.556828] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 11.556927] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 11.557168] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 03 87 27 00 fb f4 <c3> cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 11.557249] RSP: 0000:ffffffff9a607dd8 EFLAGS: 00010206 [ 11.557335] RAX: ffff8881bf690000 RBX: ffffffff9a61ca80 RCX: ffffffff99411fb5 [ 11.557379] RDX: ffffed102b606103 RSI: 0000000000000004 RDI: 0000000000010f54 [ 11.557421] RBP: ffffffff9a607de0 R08: 0000000000000001 R09: ffffed102b606102 [ 11.557475] R10: ffff88815b030813 R11: 000000000000e800 R12: 0000000000000000 [ 11.557516] R13: fffffbfff34c3950 R14: ffffffff9b19cc10 R15: 0000000000000000 [ 11.557571] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 11.557620] ? default_idle+0xd/0x20 [ 11.557639] arch_cpu_idle+0xd/0x20 [ 11.557657] default_idle_call+0x48/0x80 [ 11.557675] do_idle+0x379/0x4f0 [ 11.557699] ? __pfx_do_idle+0x10/0x10 [ 11.557719] ? rest_init+0x10b/0x140 [ 11.557740] cpu_startup_entry+0x5c/0x70 [ 11.557759] rest_init+0x11a/0x140 [ 11.557776] ? acpi_subsystem_init+0x5d/0x150 [ 11.557802] start_kernel+0x32b/0x410 [ 11.557824] x86_64_start_reservations+0x1c/0x30 [ 11.557845] x86_64_start_kernel+0xcf/0xe0 [ 11.557865] common_startup_64+0x13e/0x148 [ 11.557908] </TASK> [ 11.557919] [ 11.578876] Allocated by task 217: [ 11.579428] kasan_save_stack+0x45/0x70 [ 11.579585] kasan_save_track+0x18/0x40 [ 11.579719] kasan_save_alloc_info+0x3b/0x50 [ 11.580086] __kasan_kmalloc+0xb7/0xc0 [ 11.580713] __kmalloc_cache_noprof+0x189/0x420 [ 11.581204] rcu_uaf+0xb0/0x330 [ 11.581521] kunit_try_run_case+0x1a5/0x480 [ 11.582003] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.582532] kthread+0x337/0x6f0 [ 11.583075] ret_from_fork+0x41/0x80 [ 11.583462] ret_from_fork_asm+0x1a/0x30 [ 11.583649] [ 11.583806] Freed by task 0: [ 11.584135] kasan_save_stack+0x45/0x70 [ 11.584558] kasan_save_track+0x18/0x40 [ 11.584749] kasan_save_free_info+0x3f/0x60 [ 11.585215] __kasan_slab_free+0x56/0x70 [ 11.585650] kfree+0x222/0x3f0 [ 11.585808] rcu_uaf_reclaim+0x1f/0x60 [ 11.586293] rcu_core+0x66c/0x1c30 [ 11.586529] rcu_core_si+0x12/0x20 [ 11.586650] handle_softirqs+0x209/0x730 [ 11.587088] __irq_exit_rcu+0xc9/0x110 [ 11.587430] irq_exit_rcu+0x12/0x20 [ 11.587774] sysvec_apic_timer_interrupt+0x81/0x90 [ 11.588216] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 11.588549] [ 11.588643] Last potentially related work creation: [ 11.588805] kasan_save_stack+0x45/0x70 [ 11.589142] kasan_record_aux_stack+0xb2/0xc0 [ 11.589592] __call_rcu_common.constprop.0+0x7b/0x9e0 [ 11.590203] call_rcu+0x12/0x20 [ 11.590494] rcu_uaf+0x168/0x330 [ 11.590810] kunit_try_run_case+0x1a5/0x480 [ 11.591332] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.591512] kthread+0x337/0x6f0 [ 11.591627] ret_from_fork+0x41/0x80 [ 11.591841] ret_from_fork_asm+0x1a/0x30 [ 11.592231] [ 11.592472] The buggy address belongs to the object at ffff88810222fb80 [ 11.592472] which belongs to the cache kmalloc-32 of size 32 [ 11.593658] The buggy address is located 0 bytes inside of [ 11.593658] freed 32-byte region [ffff88810222fb80, ffff88810222fba0) [ 11.594654] [ 11.594756] The buggy address belongs to the physical page: [ 11.595258] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10222f [ 11.595973] flags: 0x200000000000000(node=0|zone=2) [ 11.596536] page_type: f5(slab) [ 11.596691] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 11.597349] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 11.597574] page dumped because: kasan: bad access detected [ 11.597901] [ 11.598055] Memory state around the buggy address: [ 11.598470] ffff88810222fa80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 11.599140] ffff88810222fb00: 00 00 05 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 11.599911] >ffff88810222fb80: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 11.600337] ^ [ 11.600455] ffff88810222fc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.600668] ffff88810222fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.600915] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 11.463390] ================================================================== [ 11.463943] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 11.464222] Read of size 1 at addr ffff888102f2af00 by task kunit_try_catch/215 [ 11.464502] [ 11.464617] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 11.464670] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.464681] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.464698] Call Trace: [ 11.464710] <TASK> [ 11.464724] dump_stack_lvl+0x73/0xb0 [ 11.464747] print_report+0xd1/0x610 [ 11.464769] ? __virt_addr_valid+0x1db/0x2d0 [ 11.464789] ? ksize_uaf+0x19d/0x6c0 [ 11.464809] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.464832] ? ksize_uaf+0x19d/0x6c0 [ 11.464852] kasan_report+0x141/0x180 [ 11.464874] ? ksize_uaf+0x19d/0x6c0 [ 11.464908] ? ksize_uaf+0x19d/0x6c0 [ 11.464929] __kasan_check_byte+0x3d/0x50 [ 11.464950] ksize+0x20/0x60 [ 11.464971] ksize_uaf+0x19d/0x6c0 [ 11.464991] ? __pfx_ksize_uaf+0x10/0x10 [ 11.465012] ? __schedule+0x10cc/0x2b60 [ 11.465035] ? __pfx_read_tsc+0x10/0x10 [ 11.465053] ? ktime_get_ts64+0x86/0x230 [ 11.465076] kunit_try_run_case+0x1a5/0x480 [ 11.465096] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.465113] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.465140] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.465162] ? __kthread_parkme+0x82/0x180 [ 11.465183] ? preempt_count_sub+0x50/0x80 [ 11.465207] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.465226] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.465247] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.465269] kthread+0x337/0x6f0 [ 11.465285] ? trace_preempt_on+0x20/0xc0 [ 11.465306] ? __pfx_kthread+0x10/0x10 [ 11.465323] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.465344] ? calculate_sigpending+0x7b/0xa0 [ 11.465364] ? __pfx_kthread+0x10/0x10 [ 11.465381] ret_from_fork+0x41/0x80 [ 11.465400] ? __pfx_kthread+0x10/0x10 [ 11.465417] ret_from_fork_asm+0x1a/0x30 [ 11.465446] </TASK> [ 11.465456] [ 11.472593] Allocated by task 215: [ 11.472790] kasan_save_stack+0x45/0x70 [ 11.473103] kasan_save_track+0x18/0x40 [ 11.473281] kasan_save_alloc_info+0x3b/0x50 [ 11.473429] __kasan_kmalloc+0xb7/0xc0 [ 11.473560] __kmalloc_cache_noprof+0x189/0x420 [ 11.473711] ksize_uaf+0xaa/0x6c0 [ 11.473860] kunit_try_run_case+0x1a5/0x480 [ 11.474302] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.474708] kthread+0x337/0x6f0 [ 11.474824] ret_from_fork+0x41/0x80 [ 11.475131] ret_from_fork_asm+0x1a/0x30 [ 11.475426] [ 11.475495] Freed by task 215: [ 11.475602] kasan_save_stack+0x45/0x70 [ 11.475788] kasan_save_track+0x18/0x40 [ 11.475989] kasan_save_free_info+0x3f/0x60 [ 11.476284] __kasan_slab_free+0x56/0x70 [ 11.476458] kfree+0x222/0x3f0 [ 11.476855] ksize_uaf+0x12c/0x6c0 [ 11.477777] kunit_try_run_case+0x1a5/0x480 [ 11.478870] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.479070] kthread+0x337/0x6f0 [ 11.479190] ret_from_fork+0x41/0x80 [ 11.479318] ret_from_fork_asm+0x1a/0x30 [ 11.479453] [ 11.479523] The buggy address belongs to the object at ffff888102f2af00 [ 11.479523] which belongs to the cache kmalloc-128 of size 128 [ 11.479897] The buggy address is located 0 bytes inside of [ 11.479897] freed 128-byte region [ffff888102f2af00, ffff888102f2af80) [ 11.480241] [ 11.480312] The buggy address belongs to the physical page: [ 11.480570] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f2a [ 11.481202] flags: 0x200000000000000(node=0|zone=2) [ 11.481662] page_type: f5(slab) [ 11.482085] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.482509] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.482969] page dumped because: kasan: bad access detected [ 11.483197] [ 11.483290] Memory state around the buggy address: [ 11.483496] ffff888102f2ae00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.483953] ffff888102f2ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.484249] >ffff888102f2af00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.484532] ^ [ 11.484973] ffff888102f2af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.485278] ffff888102f2b000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.485557] ================================================================== [ 11.486547] ================================================================== [ 11.486990] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 11.487278] Read of size 1 at addr ffff888102f2af00 by task kunit_try_catch/215 [ 11.487585] [ 11.487788] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 11.487833] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.487861] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.487889] Call Trace: [ 11.487902] <TASK> [ 11.487916] dump_stack_lvl+0x73/0xb0 [ 11.487941] print_report+0xd1/0x610 [ 11.487963] ? __virt_addr_valid+0x1db/0x2d0 [ 11.487983] ? ksize_uaf+0x5fe/0x6c0 [ 11.488003] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.488046] ? ksize_uaf+0x5fe/0x6c0 [ 11.488066] kasan_report+0x141/0x180 [ 11.488087] ? ksize_uaf+0x5fe/0x6c0 [ 11.488113] __asan_report_load1_noabort+0x18/0x20 [ 11.488132] ksize_uaf+0x5fe/0x6c0 [ 11.488152] ? __pfx_ksize_uaf+0x10/0x10 [ 11.488173] ? __schedule+0x10cc/0x2b60 [ 11.488195] ? __pfx_read_tsc+0x10/0x10 [ 11.488214] ? ktime_get_ts64+0x86/0x230 [ 11.488239] kunit_try_run_case+0x1a5/0x480 [ 11.488277] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.488296] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.488319] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.488343] ? __kthread_parkme+0x82/0x180 [ 11.488364] ? preempt_count_sub+0x50/0x80 [ 11.488390] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.488409] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.488446] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.488468] kthread+0x337/0x6f0 [ 11.488484] ? trace_preempt_on+0x20/0xc0 [ 11.488507] ? __pfx_kthread+0x10/0x10 [ 11.488524] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.488545] ? calculate_sigpending+0x7b/0xa0 [ 11.488565] ? __pfx_kthread+0x10/0x10 [ 11.488582] ret_from_fork+0x41/0x80 [ 11.488602] ? __pfx_kthread+0x10/0x10 [ 11.488619] ret_from_fork_asm+0x1a/0x30 [ 11.488650] </TASK> [ 11.488659] [ 11.498666] Allocated by task 215: [ 11.499119] kasan_save_stack+0x45/0x70 [ 11.499403] kasan_save_track+0x18/0x40 [ 11.499685] kasan_save_alloc_info+0x3b/0x50 [ 11.500023] __kasan_kmalloc+0xb7/0xc0 [ 11.500206] __kmalloc_cache_noprof+0x189/0x420 [ 11.500410] ksize_uaf+0xaa/0x6c0 [ 11.500571] kunit_try_run_case+0x1a5/0x480 [ 11.501073] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.501369] kthread+0x337/0x6f0 [ 11.501651] ret_from_fork+0x41/0x80 [ 11.501970] ret_from_fork_asm+0x1a/0x30 [ 11.502342] [ 11.502556] Freed by task 215: [ 11.502938] kasan_save_stack+0x45/0x70 [ 11.503136] kasan_save_track+0x18/0x40 [ 11.503314] kasan_save_free_info+0x3f/0x60 [ 11.503502] __kasan_slab_free+0x56/0x70 [ 11.503681] kfree+0x222/0x3f0 [ 11.504153] ksize_uaf+0x12c/0x6c0 [ 11.504360] kunit_try_run_case+0x1a5/0x480 [ 11.504706] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.505207] kthread+0x337/0x6f0 [ 11.505425] ret_from_fork+0x41/0x80 [ 11.505736] ret_from_fork_asm+0x1a/0x30 [ 11.505936] [ 11.506025] The buggy address belongs to the object at ffff888102f2af00 [ 11.506025] which belongs to the cache kmalloc-128 of size 128 [ 11.506515] The buggy address is located 0 bytes inside of [ 11.506515] freed 128-byte region [ffff888102f2af00, ffff888102f2af80) [ 11.507396] [ 11.507589] The buggy address belongs to the physical page: [ 11.508197] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f2a [ 11.508926] flags: 0x200000000000000(node=0|zone=2) [ 11.509176] page_type: f5(slab) [ 11.509335] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.509639] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.510503] page dumped because: kasan: bad access detected [ 11.511049] [ 11.511288] Memory state around the buggy address: [ 11.511617] ffff888102f2ae00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.512207] ffff888102f2ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.512507] >ffff888102f2af00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.513104] ^ [ 11.513413] ffff888102f2af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.513968] ffff888102f2b000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.514396] ================================================================== [ 11.515362] ================================================================== [ 11.515684] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 11.516162] Read of size 1 at addr ffff888102f2af78 by task kunit_try_catch/215 [ 11.516675] [ 11.516974] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 11.517020] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.517032] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.517050] Call Trace: [ 11.517062] <TASK> [ 11.517179] dump_stack_lvl+0x73/0xb0 [ 11.517213] print_report+0xd1/0x610 [ 11.517235] ? __virt_addr_valid+0x1db/0x2d0 [ 11.517255] ? ksize_uaf+0x5e4/0x6c0 [ 11.517275] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.517296] ? ksize_uaf+0x5e4/0x6c0 [ 11.517317] kasan_report+0x141/0x180 [ 11.517346] ? ksize_uaf+0x5e4/0x6c0 [ 11.517372] __asan_report_load1_noabort+0x18/0x20 [ 11.517392] ksize_uaf+0x5e4/0x6c0 [ 11.517411] ? __pfx_ksize_uaf+0x10/0x10 [ 11.517433] ? __schedule+0x10cc/0x2b60 [ 11.517454] ? __pfx_read_tsc+0x10/0x10 [ 11.517472] ? ktime_get_ts64+0x86/0x230 [ 11.517496] kunit_try_run_case+0x1a5/0x480 [ 11.517516] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.517533] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.517555] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.517578] ? __kthread_parkme+0x82/0x180 [ 11.517597] ? preempt_count_sub+0x50/0x80 [ 11.517621] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.517639] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.517661] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.517709] kthread+0x337/0x6f0 [ 11.517726] ? trace_preempt_on+0x20/0xc0 [ 11.517748] ? __pfx_kthread+0x10/0x10 [ 11.517765] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.517786] ? calculate_sigpending+0x7b/0xa0 [ 11.517805] ? __pfx_kthread+0x10/0x10 [ 11.517822] ret_from_fork+0x41/0x80 [ 11.517841] ? __pfx_kthread+0x10/0x10 [ 11.517858] ret_from_fork_asm+0x1a/0x30 [ 11.517897] </TASK> [ 11.517907] [ 11.528380] Allocated by task 215: [ 11.528554] kasan_save_stack+0x45/0x70 [ 11.528745] kasan_save_track+0x18/0x40 [ 11.529281] kasan_save_alloc_info+0x3b/0x50 [ 11.529526] __kasan_kmalloc+0xb7/0xc0 [ 11.529824] __kmalloc_cache_noprof+0x189/0x420 [ 11.530379] ksize_uaf+0xaa/0x6c0 [ 11.530615] kunit_try_run_case+0x1a5/0x480 [ 11.530939] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.531539] kthread+0x337/0x6f0 [ 11.531735] ret_from_fork+0x41/0x80 [ 11.532058] ret_from_fork_asm+0x1a/0x30 [ 11.532258] [ 11.532350] Freed by task 215: [ 11.532498] kasan_save_stack+0x45/0x70 [ 11.532677] kasan_save_track+0x18/0x40 [ 11.533181] kasan_save_free_info+0x3f/0x60 [ 11.533497] __kasan_slab_free+0x56/0x70 [ 11.533930] kfree+0x222/0x3f0 [ 11.534233] ksize_uaf+0x12c/0x6c0 [ 11.534549] kunit_try_run_case+0x1a5/0x480 [ 11.535084] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.535332] kthread+0x337/0x6f0 [ 11.535489] ret_from_fork+0x41/0x80 [ 11.535661] ret_from_fork_asm+0x1a/0x30 [ 11.536056] [ 11.536276] The buggy address belongs to the object at ffff888102f2af00 [ 11.536276] which belongs to the cache kmalloc-128 of size 128 [ 11.537374] The buggy address is located 120 bytes inside of [ 11.537374] freed 128-byte region [ffff888102f2af00, ffff888102f2af80) [ 11.538340] [ 11.538453] The buggy address belongs to the physical page: [ 11.538962] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f2a [ 11.539416] flags: 0x200000000000000(node=0|zone=2) [ 11.539639] page_type: f5(slab) [ 11.540141] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.540585] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.541324] page dumped because: kasan: bad access detected [ 11.541565] [ 11.541651] Memory state around the buggy address: [ 11.542163] ffff888102f2ae00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.542600] ffff888102f2ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.543300] >ffff888102f2af00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.543831] ^ [ 11.544337] ffff888102f2af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.544644] ffff888102f2b000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.545221] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 11.393109] ================================================================== [ 11.393566] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 11.393942] Read of size 1 at addr ffff888102f2ae73 by task kunit_try_catch/213 [ 11.394233] [ 11.394339] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 11.394382] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.394393] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.394411] Call Trace: [ 11.394422] <TASK> [ 11.394435] dump_stack_lvl+0x73/0xb0 [ 11.394458] print_report+0xd1/0x610 [ 11.394480] ? __virt_addr_valid+0x1db/0x2d0 [ 11.394500] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 11.394518] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.394539] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 11.394557] kasan_report+0x141/0x180 [ 11.394579] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 11.394603] __asan_report_load1_noabort+0x18/0x20 [ 11.394622] ksize_unpoisons_memory+0x81c/0x9b0 [ 11.394641] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 11.394659] ? finish_task_switch.isra.0+0x153/0x700 [ 11.394680] ? __switch_to+0x5d9/0xf60 [ 11.394700] ? dequeue_task_fair+0x166/0x4e0 [ 11.394723] ? __schedule+0x10cc/0x2b60 [ 11.394745] ? __pfx_read_tsc+0x10/0x10 [ 11.394763] ? ktime_get_ts64+0x86/0x230 [ 11.394785] kunit_try_run_case+0x1a5/0x480 [ 11.394805] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.394822] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.394845] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.394867] ? __kthread_parkme+0x82/0x180 [ 11.394900] ? preempt_count_sub+0x50/0x80 [ 11.394922] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.394941] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.394962] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.394984] kthread+0x337/0x6f0 [ 11.395000] ? trace_preempt_on+0x20/0xc0 [ 11.395022] ? __pfx_kthread+0x10/0x10 [ 11.395039] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.395059] ? calculate_sigpending+0x7b/0xa0 [ 11.395079] ? __pfx_kthread+0x10/0x10 [ 11.395096] ret_from_fork+0x41/0x80 [ 11.395117] ? __pfx_kthread+0x10/0x10 [ 11.395134] ret_from_fork_asm+0x1a/0x30 [ 11.395175] </TASK> [ 11.395185] [ 11.407318] Allocated by task 213: [ 11.407615] kasan_save_stack+0x45/0x70 [ 11.407973] kasan_save_track+0x18/0x40 [ 11.408318] kasan_save_alloc_info+0x3b/0x50 [ 11.408526] __kasan_kmalloc+0xb7/0xc0 [ 11.408869] __kmalloc_cache_noprof+0x189/0x420 [ 11.409138] ksize_unpoisons_memory+0xc7/0x9b0 [ 11.409446] kunit_try_run_case+0x1a5/0x480 [ 11.409651] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.410080] kthread+0x337/0x6f0 [ 11.410364] ret_from_fork+0x41/0x80 [ 11.410544] ret_from_fork_asm+0x1a/0x30 [ 11.410911] [ 11.411127] The buggy address belongs to the object at ffff888102f2ae00 [ 11.411127] which belongs to the cache kmalloc-128 of size 128 [ 11.411627] The buggy address is located 0 bytes to the right of [ 11.411627] allocated 115-byte region [ffff888102f2ae00, ffff888102f2ae73) [ 11.412616] [ 11.412722] The buggy address belongs to the physical page: [ 11.413116] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f2a [ 11.413455] flags: 0x200000000000000(node=0|zone=2) [ 11.413670] page_type: f5(slab) [ 11.414142] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.414618] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.415125] page dumped because: kasan: bad access detected [ 11.415525] [ 11.415619] Memory state around the buggy address: [ 11.416080] ffff888102f2ad00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.416539] ffff888102f2ad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.417138] >ffff888102f2ae00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.417619] ^ [ 11.418198] ffff888102f2ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.418495] ffff888102f2af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.419039] ================================================================== [ 11.438912] ================================================================== [ 11.439240] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.439569] Read of size 1 at addr ffff888102f2ae7f by task kunit_try_catch/213 [ 11.439873] [ 11.440011] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 11.440052] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.440063] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.440081] Call Trace: [ 11.440092] <TASK> [ 11.440105] dump_stack_lvl+0x73/0xb0 [ 11.440127] print_report+0xd1/0x610 [ 11.440147] ? __virt_addr_valid+0x1db/0x2d0 [ 11.440167] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.440184] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.440206] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.440225] kasan_report+0x141/0x180 [ 11.440246] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.440269] __asan_report_load1_noabort+0x18/0x20 [ 11.440289] ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.440308] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 11.440326] ? finish_task_switch.isra.0+0x153/0x700 [ 11.440346] ? __switch_to+0x5d9/0xf60 [ 11.440365] ? dequeue_task_fair+0x166/0x4e0 [ 11.440387] ? __schedule+0x10cc/0x2b60 [ 11.440408] ? __pfx_read_tsc+0x10/0x10 [ 11.440427] ? ktime_get_ts64+0x86/0x230 [ 11.440450] kunit_try_run_case+0x1a5/0x480 [ 11.440487] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.440505] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.440528] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.440554] ? __kthread_parkme+0x82/0x180 [ 11.440574] ? preempt_count_sub+0x50/0x80 [ 11.440596] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.440616] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.440637] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.440659] kthread+0x337/0x6f0 [ 11.440675] ? trace_preempt_on+0x20/0xc0 [ 11.440842] ? __pfx_kthread+0x10/0x10 [ 11.440869] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.440906] ? calculate_sigpending+0x7b/0xa0 [ 11.440926] ? __pfx_kthread+0x10/0x10 [ 11.440943] ret_from_fork+0x41/0x80 [ 11.440964] ? __pfx_kthread+0x10/0x10 [ 11.440981] ret_from_fork_asm+0x1a/0x30 [ 11.441011] </TASK> [ 11.441020] [ 11.448484] Allocated by task 213: [ 11.448668] kasan_save_stack+0x45/0x70 [ 11.448867] kasan_save_track+0x18/0x40 [ 11.449067] kasan_save_alloc_info+0x3b/0x50 [ 11.449281] __kasan_kmalloc+0xb7/0xc0 [ 11.449420] __kmalloc_cache_noprof+0x189/0x420 [ 11.449570] ksize_unpoisons_memory+0xc7/0x9b0 [ 11.449747] kunit_try_run_case+0x1a5/0x480 [ 11.449956] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.450203] kthread+0x337/0x6f0 [ 11.450366] ret_from_fork+0x41/0x80 [ 11.450791] ret_from_fork_asm+0x1a/0x30 [ 11.450980] [ 11.451075] The buggy address belongs to the object at ffff888102f2ae00 [ 11.451075] which belongs to the cache kmalloc-128 of size 128 [ 11.451443] The buggy address is located 12 bytes to the right of [ 11.451443] allocated 115-byte region [ffff888102f2ae00, ffff888102f2ae73) [ 11.452341] [ 11.452422] The buggy address belongs to the physical page: [ 11.452618] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f2a [ 11.453051] flags: 0x200000000000000(node=0|zone=2) [ 11.453216] page_type: f5(slab) [ 11.453332] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.453673] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.454192] page dumped because: kasan: bad access detected [ 11.454426] [ 11.454516] Memory state around the buggy address: [ 11.454684] ffff888102f2ad00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.455107] ffff888102f2ad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.455383] >ffff888102f2ae00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.455636] ^ [ 11.456194] ffff888102f2ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.456418] ffff888102f2af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.456626] ================================================================== [ 11.420410] ================================================================== [ 11.420796] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.421233] Read of size 1 at addr ffff888102f2ae78 by task kunit_try_catch/213 [ 11.421535] [ 11.421638] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 11.421679] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.421690] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.421708] Call Trace: [ 11.421719] <TASK> [ 11.421733] dump_stack_lvl+0x73/0xb0 [ 11.421755] print_report+0xd1/0x610 [ 11.421777] ? __virt_addr_valid+0x1db/0x2d0 [ 11.421796] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.421815] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.421837] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.421855] kasan_report+0x141/0x180 [ 11.421877] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.421912] __asan_report_load1_noabort+0x18/0x20 [ 11.421931] ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.421951] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 11.421969] ? finish_task_switch.isra.0+0x153/0x700 [ 11.421990] ? __switch_to+0x5d9/0xf60 [ 11.422009] ? dequeue_task_fair+0x166/0x4e0 [ 11.422031] ? __schedule+0x10cc/0x2b60 [ 11.422053] ? __pfx_read_tsc+0x10/0x10 [ 11.422071] ? ktime_get_ts64+0x86/0x230 [ 11.422095] kunit_try_run_case+0x1a5/0x480 [ 11.422115] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.422133] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.422157] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.422180] ? __kthread_parkme+0x82/0x180 [ 11.422200] ? preempt_count_sub+0x50/0x80 [ 11.422223] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.422242] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.422264] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.422286] kthread+0x337/0x6f0 [ 11.422301] ? trace_preempt_on+0x20/0xc0 [ 11.422322] ? __pfx_kthread+0x10/0x10 [ 11.422339] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.422360] ? calculate_sigpending+0x7b/0xa0 [ 11.422379] ? __pfx_kthread+0x10/0x10 [ 11.422396] ret_from_fork+0x41/0x80 [ 11.422415] ? __pfx_kthread+0x10/0x10 [ 11.422432] ret_from_fork_asm+0x1a/0x30 [ 11.422461] </TASK> [ 11.422471] [ 11.430426] Allocated by task 213: [ 11.430575] kasan_save_stack+0x45/0x70 [ 11.430781] kasan_save_track+0x18/0x40 [ 11.431050] kasan_save_alloc_info+0x3b/0x50 [ 11.431265] __kasan_kmalloc+0xb7/0xc0 [ 11.431437] __kmalloc_cache_noprof+0x189/0x420 [ 11.431619] ksize_unpoisons_memory+0xc7/0x9b0 [ 11.431876] kunit_try_run_case+0x1a5/0x480 [ 11.432058] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.432264] kthread+0x337/0x6f0 [ 11.432430] ret_from_fork+0x41/0x80 [ 11.432613] ret_from_fork_asm+0x1a/0x30 [ 11.432949] [ 11.433025] The buggy address belongs to the object at ffff888102f2ae00 [ 11.433025] which belongs to the cache kmalloc-128 of size 128 [ 11.433387] The buggy address is located 5 bytes to the right of [ 11.433387] allocated 115-byte region [ffff888102f2ae00, ffff888102f2ae73) [ 11.433931] [ 11.434071] The buggy address belongs to the physical page: [ 11.434315] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f2a [ 11.434590] flags: 0x200000000000000(node=0|zone=2) [ 11.434748] page_type: f5(slab) [ 11.435038] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.435642] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.436030] page dumped because: kasan: bad access detected [ 11.436223] [ 11.436315] Memory state around the buggy address: [ 11.436521] ffff888102f2ad00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.436966] ffff888102f2ad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.437194] >ffff888102f2ae00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.437482] ^ [ 11.437788] ffff888102f2ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.438270] ffff888102f2af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.438544] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 11.357825] ================================================================== [ 11.358486] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 11.359142] Free of addr ffff8881027e74c0 by task kunit_try_catch/211 [ 11.359619] [ 11.359710] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 11.359752] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.359762] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.359780] Call Trace: [ 11.359792] <TASK> [ 11.359805] dump_stack_lvl+0x73/0xb0 [ 11.359827] print_report+0xd1/0x610 [ 11.359849] ? __virt_addr_valid+0x1db/0x2d0 [ 11.359869] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.359951] ? kfree_sensitive+0x2e/0x90 [ 11.359976] kasan_report_invalid_free+0x10a/0x130 [ 11.360000] ? kfree_sensitive+0x2e/0x90 [ 11.360021] ? kfree_sensitive+0x2e/0x90 [ 11.360041] check_slab_allocation+0x101/0x130 [ 11.360062] __kasan_slab_pre_free+0x28/0x40 [ 11.360082] kfree+0xf0/0x3f0 [ 11.360100] ? kfree_sensitive+0x2e/0x90 [ 11.360123] kfree_sensitive+0x2e/0x90 [ 11.360143] kmalloc_double_kzfree+0x19c/0x350 [ 11.360161] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 11.360180] ? __schedule+0x207f/0x2b60 [ 11.360202] ? __pfx_read_tsc+0x10/0x10 [ 11.360220] ? ktime_get_ts64+0x86/0x230 [ 11.360243] kunit_try_run_case+0x1a5/0x480 [ 11.360264] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.360281] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.360303] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.360326] ? __kthread_parkme+0x82/0x180 [ 11.360346] ? preempt_count_sub+0x50/0x80 [ 11.360369] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.360388] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.360410] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.360432] kthread+0x337/0x6f0 [ 11.360447] ? trace_preempt_on+0x20/0xc0 [ 11.360469] ? __pfx_kthread+0x10/0x10 [ 11.360485] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.360506] ? calculate_sigpending+0x7b/0xa0 [ 11.360525] ? __pfx_kthread+0x10/0x10 [ 11.360542] ret_from_fork+0x41/0x80 [ 11.360561] ? __pfx_kthread+0x10/0x10 [ 11.360578] ret_from_fork_asm+0x1a/0x30 [ 11.360607] </TASK> [ 11.360616] [ 11.372609] Allocated by task 211: [ 11.372948] kasan_save_stack+0x45/0x70 [ 11.373539] kasan_save_track+0x18/0x40 [ 11.374006] kasan_save_alloc_info+0x3b/0x50 [ 11.374198] __kasan_kmalloc+0xb7/0xc0 [ 11.374373] __kmalloc_cache_noprof+0x189/0x420 [ 11.374576] kmalloc_double_kzfree+0xa9/0x350 [ 11.375133] kunit_try_run_case+0x1a5/0x480 [ 11.375398] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.375826] kthread+0x337/0x6f0 [ 11.376004] ret_from_fork+0x41/0x80 [ 11.376176] ret_from_fork_asm+0x1a/0x30 [ 11.376355] [ 11.376443] Freed by task 211: [ 11.376584] kasan_save_stack+0x45/0x70 [ 11.377254] kasan_save_track+0x18/0x40 [ 11.377465] kasan_save_free_info+0x3f/0x60 [ 11.377635] __kasan_slab_free+0x56/0x70 [ 11.378230] kfree+0x222/0x3f0 [ 11.378384] kfree_sensitive+0x67/0x90 [ 11.378552] kmalloc_double_kzfree+0x12b/0x350 [ 11.379141] kunit_try_run_case+0x1a5/0x480 [ 11.379436] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.379871] kthread+0x337/0x6f0 [ 11.380044] ret_from_fork+0x41/0x80 [ 11.380215] ret_from_fork_asm+0x1a/0x30 [ 11.380400] [ 11.380493] The buggy address belongs to the object at ffff8881027e74c0 [ 11.380493] which belongs to the cache kmalloc-16 of size 16 [ 11.381404] The buggy address is located 0 bytes inside of [ 11.381404] 16-byte region [ffff8881027e74c0, ffff8881027e74d0) [ 11.382434] [ 11.382544] The buggy address belongs to the physical page: [ 11.383260] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e7 [ 11.383592] flags: 0x200000000000000(node=0|zone=2) [ 11.384053] page_type: f5(slab) [ 11.384238] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.384555] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.385601] page dumped because: kasan: bad access detected [ 11.386216] [ 11.386475] Memory state around the buggy address: [ 11.386824] ffff8881027e7380: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 11.387142] ffff8881027e7400: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 11.387425] >ffff8881027e7480: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 11.387944] ^ [ 11.388307] ffff8881027e7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.388991] ffff8881027e7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.389571] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 11.324620] ================================================================== [ 11.326117] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 11.326364] Read of size 1 at addr ffff8881027e74c0 by task kunit_try_catch/211 [ 11.326585] [ 11.326684] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 11.326728] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.326739] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.326758] Call Trace: [ 11.326771] <TASK> [ 11.326787] dump_stack_lvl+0x73/0xb0 [ 11.326812] print_report+0xd1/0x610 [ 11.326834] ? __virt_addr_valid+0x1db/0x2d0 [ 11.326855] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.326873] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.326906] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.326924] kasan_report+0x141/0x180 [ 11.326947] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.326968] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.326987] __kasan_check_byte+0x3d/0x50 [ 11.327009] kfree_sensitive+0x22/0x90 [ 11.327032] kmalloc_double_kzfree+0x19c/0x350 [ 11.327050] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 11.327069] ? __schedule+0x207f/0x2b60 [ 11.327091] ? __pfx_read_tsc+0x10/0x10 [ 11.327110] ? ktime_get_ts64+0x86/0x230 [ 11.327137] kunit_try_run_case+0x1a5/0x480 [ 11.327157] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.327174] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.327197] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.327261] ? __kthread_parkme+0x82/0x180 [ 11.327284] ? preempt_count_sub+0x50/0x80 [ 11.327533] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.327561] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.327584] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.327606] kthread+0x337/0x6f0 [ 11.327621] ? trace_preempt_on+0x20/0xc0 [ 11.327644] ? __pfx_kthread+0x10/0x10 [ 11.327661] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.327682] ? calculate_sigpending+0x7b/0xa0 [ 11.327702] ? __pfx_kthread+0x10/0x10 [ 11.327719] ret_from_fork+0x41/0x80 [ 11.327739] ? __pfx_kthread+0x10/0x10 [ 11.327755] ret_from_fork_asm+0x1a/0x30 [ 11.327785] </TASK> [ 11.327795] [ 11.341316] Allocated by task 211: [ 11.341540] kasan_save_stack+0x45/0x70 [ 11.341735] kasan_save_track+0x18/0x40 [ 11.341992] kasan_save_alloc_info+0x3b/0x50 [ 11.342151] __kasan_kmalloc+0xb7/0xc0 [ 11.342282] __kmalloc_cache_noprof+0x189/0x420 [ 11.342501] kmalloc_double_kzfree+0xa9/0x350 [ 11.342710] kunit_try_run_case+0x1a5/0x480 [ 11.343037] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.343294] kthread+0x337/0x6f0 [ 11.343446] ret_from_fork+0x41/0x80 [ 11.343596] ret_from_fork_asm+0x1a/0x30 [ 11.343784] [ 11.344013] Freed by task 211: [ 11.344331] kasan_save_stack+0x45/0x70 [ 11.345236] kasan_save_track+0x18/0x40 [ 11.345399] kasan_save_free_info+0x3f/0x60 [ 11.345542] __kasan_slab_free+0x56/0x70 [ 11.345686] kfree+0x222/0x3f0 [ 11.345799] kfree_sensitive+0x67/0x90 [ 11.346123] kmalloc_double_kzfree+0x12b/0x350 [ 11.346570] kunit_try_run_case+0x1a5/0x480 [ 11.346991] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.347170] kthread+0x337/0x6f0 [ 11.347288] ret_from_fork+0x41/0x80 [ 11.347416] ret_from_fork_asm+0x1a/0x30 [ 11.347551] [ 11.347622] The buggy address belongs to the object at ffff8881027e74c0 [ 11.347622] which belongs to the cache kmalloc-16 of size 16 [ 11.348987] The buggy address is located 0 bytes inside of [ 11.348987] freed 16-byte region [ffff8881027e74c0, ffff8881027e74d0) [ 11.350067] [ 11.350233] The buggy address belongs to the physical page: [ 11.350765] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e7 [ 11.351448] flags: 0x200000000000000(node=0|zone=2) [ 11.351617] page_type: f5(slab) [ 11.351939] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.352566] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.353109] page dumped because: kasan: bad access detected [ 11.353290] [ 11.353359] Memory state around the buggy address: [ 11.353512] ffff8881027e7380: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 11.353911] ffff8881027e7400: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 11.354498] >ffff8881027e7480: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 11.355185] ^ [ 11.355632] ffff8881027e7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.356315] ffff8881027e7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.357090] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 11.298088] ================================================================== [ 11.298542] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 11.298841] Read of size 1 at addr ffff888102f39328 by task kunit_try_catch/207 [ 11.299203] [ 11.299298] CPU: 1 UID: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 11.299338] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.299349] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.299367] Call Trace: [ 11.299377] <TASK> [ 11.299390] dump_stack_lvl+0x73/0xb0 [ 11.299412] print_report+0xd1/0x610 [ 11.299435] ? __virt_addr_valid+0x1db/0x2d0 [ 11.299455] ? kmalloc_uaf2+0x4a8/0x520 [ 11.299475] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.299497] ? kmalloc_uaf2+0x4a8/0x520 [ 11.299518] kasan_report+0x141/0x180 [ 11.299539] ? kmalloc_uaf2+0x4a8/0x520 [ 11.299564] __asan_report_load1_noabort+0x18/0x20 [ 11.299584] kmalloc_uaf2+0x4a8/0x520 [ 11.299605] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 11.299624] ? __schedule+0x207f/0x2b60 [ 11.299644] ? schedule+0x7c/0x2e0 [ 11.299664] ? trace_hardirqs_on+0x37/0xe0 [ 11.299687] ? __schedule+0x207f/0x2b60 [ 11.299708] ? __pfx_read_tsc+0x10/0x10 [ 11.299727] ? ktime_get_ts64+0x86/0x230 [ 11.299750] kunit_try_run_case+0x1a5/0x480 [ 11.299769] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.299787] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.299809] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.299832] ? __kthread_parkme+0x82/0x180 [ 11.299853] ? preempt_count_sub+0x50/0x80 [ 11.299876] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.299908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.299930] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.299952] kthread+0x337/0x6f0 [ 11.299968] ? trace_preempt_on+0x20/0xc0 [ 11.299989] ? __pfx_kthread+0x10/0x10 [ 11.300007] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.300027] ? calculate_sigpending+0x7b/0xa0 [ 11.300048] ? __pfx_kthread+0x10/0x10 [ 11.300065] ret_from_fork+0x41/0x80 [ 11.300084] ? __pfx_kthread+0x10/0x10 [ 11.300101] ret_from_fork_asm+0x1a/0x30 [ 11.300131] </TASK> [ 11.300140] [ 11.307465] Allocated by task 207: [ 11.307646] kasan_save_stack+0x45/0x70 [ 11.307859] kasan_save_track+0x18/0x40 [ 11.308084] kasan_save_alloc_info+0x3b/0x50 [ 11.308294] __kasan_kmalloc+0xb7/0xc0 [ 11.308487] __kmalloc_cache_noprof+0x189/0x420 [ 11.308705] kmalloc_uaf2+0xc6/0x520 [ 11.308910] kunit_try_run_case+0x1a5/0x480 [ 11.309092] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.309272] kthread+0x337/0x6f0 [ 11.309389] ret_from_fork+0x41/0x80 [ 11.309548] ret_from_fork_asm+0x1a/0x30 [ 11.309747] [ 11.309899] Freed by task 207: [ 11.310069] kasan_save_stack+0x45/0x70 [ 11.310268] kasan_save_track+0x18/0x40 [ 11.310455] kasan_save_free_info+0x3f/0x60 [ 11.310633] __kasan_slab_free+0x56/0x70 [ 11.311073] kfree+0x222/0x3f0 [ 11.311209] kmalloc_uaf2+0x14c/0x520 [ 11.311435] kunit_try_run_case+0x1a5/0x480 [ 11.311587] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.311760] kthread+0x337/0x6f0 [ 11.311876] ret_from_fork+0x41/0x80 [ 11.312019] ret_from_fork_asm+0x1a/0x30 [ 11.312161] [ 11.312242] The buggy address belongs to the object at ffff888102f39300 [ 11.312242] which belongs to the cache kmalloc-64 of size 64 [ 11.312757] The buggy address is located 40 bytes inside of [ 11.312757] freed 64-byte region [ffff888102f39300, ffff888102f39340) [ 11.313480] [ 11.313552] The buggy address belongs to the physical page: [ 11.313720] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f39 [ 11.313969] flags: 0x200000000000000(node=0|zone=2) [ 11.314130] page_type: f5(slab) [ 11.314247] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.314988] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.315334] page dumped because: kasan: bad access detected [ 11.315587] [ 11.315680] Memory state around the buggy address: [ 11.315912] ffff888102f39200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.316308] ffff888102f39280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.316548] >ffff888102f39300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.316752] ^ [ 11.317327] ffff888102f39380: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 11.317659] ffff888102f39400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.318108] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 11.273510] ================================================================== [ 11.274193] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 11.274528] Write of size 33 at addr ffff888102f39280 by task kunit_try_catch/205 [ 11.274890] [ 11.274994] CPU: 1 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 11.275038] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.275050] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.275070] Call Trace: [ 11.275083] <TASK> [ 11.275100] dump_stack_lvl+0x73/0xb0 [ 11.275126] print_report+0xd1/0x610 [ 11.275148] ? __virt_addr_valid+0x1db/0x2d0 [ 11.275169] ? kmalloc_uaf_memset+0x1a3/0x360 [ 11.275189] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.275211] ? kmalloc_uaf_memset+0x1a3/0x360 [ 11.275232] kasan_report+0x141/0x180 [ 11.275253] ? kmalloc_uaf_memset+0x1a3/0x360 [ 11.275279] kasan_check_range+0x10c/0x1c0 [ 11.275298] __asan_memset+0x27/0x50 [ 11.275317] kmalloc_uaf_memset+0x1a3/0x360 [ 11.275337] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 11.275359] ? __schedule+0x10cc/0x2b60 [ 11.275381] ? __pfx_read_tsc+0x10/0x10 [ 11.275401] ? ktime_get_ts64+0x86/0x230 [ 11.275427] kunit_try_run_case+0x1a5/0x480 [ 11.275447] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.275465] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.275487] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.275510] ? __kthread_parkme+0x82/0x180 [ 11.275531] ? preempt_count_sub+0x50/0x80 [ 11.275555] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.275575] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.275596] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.275618] kthread+0x337/0x6f0 [ 11.275634] ? trace_preempt_on+0x20/0xc0 [ 11.275656] ? __pfx_kthread+0x10/0x10 [ 11.275673] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.275694] ? calculate_sigpending+0x7b/0xa0 [ 11.275714] ? __pfx_kthread+0x10/0x10 [ 11.275732] ret_from_fork+0x41/0x80 [ 11.275751] ? __pfx_kthread+0x10/0x10 [ 11.275768] ret_from_fork_asm+0x1a/0x30 [ 11.275798] </TASK> [ 11.275808] [ 11.283396] Allocated by task 205: [ 11.283528] kasan_save_stack+0x45/0x70 [ 11.283693] kasan_save_track+0x18/0x40 [ 11.283971] kasan_save_alloc_info+0x3b/0x50 [ 11.284333] __kasan_kmalloc+0xb7/0xc0 [ 11.284489] __kmalloc_cache_noprof+0x189/0x420 [ 11.284643] kmalloc_uaf_memset+0xa9/0x360 [ 11.284784] kunit_try_run_case+0x1a5/0x480 [ 11.285178] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.285437] kthread+0x337/0x6f0 [ 11.285608] ret_from_fork+0x41/0x80 [ 11.285788] ret_from_fork_asm+0x1a/0x30 [ 11.285994] [ 11.286265] Freed by task 205: [ 11.286430] kasan_save_stack+0x45/0x70 [ 11.286620] kasan_save_track+0x18/0x40 [ 11.286943] kasan_save_free_info+0x3f/0x60 [ 11.287088] __kasan_slab_free+0x56/0x70 [ 11.287224] kfree+0x222/0x3f0 [ 11.287364] kmalloc_uaf_memset+0x12b/0x360 [ 11.287567] kunit_try_run_case+0x1a5/0x480 [ 11.287771] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.288207] kthread+0x337/0x6f0 [ 11.288327] ret_from_fork+0x41/0x80 [ 11.288454] ret_from_fork_asm+0x1a/0x30 [ 11.288589] [ 11.288657] The buggy address belongs to the object at ffff888102f39280 [ 11.288657] which belongs to the cache kmalloc-64 of size 64 [ 11.289336] The buggy address is located 0 bytes inside of [ 11.289336] freed 64-byte region [ffff888102f39280, ffff888102f392c0) [ 11.290174] [ 11.290279] The buggy address belongs to the physical page: [ 11.290494] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f39 [ 11.290791] flags: 0x200000000000000(node=0|zone=2) [ 11.291122] page_type: f5(slab) [ 11.291405] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.291710] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.292085] page dumped because: kasan: bad access detected [ 11.292256] [ 11.292322] Memory state around the buggy address: [ 11.292534] ffff888102f39180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.292900] ffff888102f39200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.293275] >ffff888102f39280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.293531] ^ [ 11.293687] ffff888102f39300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.294011] ffff888102f39380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.294279] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 11.238918] ================================================================== [ 11.240064] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 11.241097] Read of size 1 at addr ffff8881027e74a8 by task kunit_try_catch/203 [ 11.242019] [ 11.242201] CPU: 1 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 11.242244] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.242254] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.242273] Call Trace: [ 11.242286] <TASK> [ 11.242300] dump_stack_lvl+0x73/0xb0 [ 11.242325] print_report+0xd1/0x610 [ 11.242348] ? __virt_addr_valid+0x1db/0x2d0 [ 11.242368] ? kmalloc_uaf+0x320/0x380 [ 11.242387] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.242409] ? kmalloc_uaf+0x320/0x380 [ 11.242429] kasan_report+0x141/0x180 [ 11.242450] ? kmalloc_uaf+0x320/0x380 [ 11.242475] __asan_report_load1_noabort+0x18/0x20 [ 11.242495] kmalloc_uaf+0x320/0x380 [ 11.242514] ? __pfx_kmalloc_uaf+0x10/0x10 [ 11.242538] ? __pfx_kmalloc_uaf+0x10/0x10 [ 11.242562] kunit_try_run_case+0x1a5/0x480 [ 11.242582] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.242600] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.242637] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.242660] ? __kthread_parkme+0x82/0x180 [ 11.242680] ? preempt_count_sub+0x50/0x80 [ 11.242705] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.242724] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.242746] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.242769] kthread+0x337/0x6f0 [ 11.242785] ? trace_preempt_on+0x20/0xc0 [ 11.242820] ? __pfx_kthread+0x10/0x10 [ 11.242837] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.242858] ? calculate_sigpending+0x7b/0xa0 [ 11.242888] ? __pfx_kthread+0x10/0x10 [ 11.242905] ret_from_fork+0x41/0x80 [ 11.242925] ? __pfx_kthread+0x10/0x10 [ 11.242942] ret_from_fork_asm+0x1a/0x30 [ 11.242972] </TASK> [ 11.242982] [ 11.252392] Allocated by task 203: [ 11.252582] kasan_save_stack+0x45/0x70 [ 11.252796] kasan_save_track+0x18/0x40 [ 11.252943] kasan_save_alloc_info+0x3b/0x50 [ 11.253206] __kasan_kmalloc+0xb7/0xc0 [ 11.253475] __kmalloc_cache_noprof+0x189/0x420 [ 11.254694] kmalloc_uaf+0xaa/0x380 [ 11.254971] kunit_try_run_case+0x1a5/0x480 [ 11.255149] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.255382] kthread+0x337/0x6f0 [ 11.255556] ret_from_fork+0x41/0x80 [ 11.255703] ret_from_fork_asm+0x1a/0x30 [ 11.255908] [ 11.256844] Freed by task 203: [ 11.256997] kasan_save_stack+0x45/0x70 [ 11.257153] kasan_save_track+0x18/0x40 [ 11.257329] kasan_save_free_info+0x3f/0x60 [ 11.257501] __kasan_slab_free+0x56/0x70 [ 11.257687] kfree+0x222/0x3f0 [ 11.258809] kmalloc_uaf+0x12c/0x380 [ 11.259007] kunit_try_run_case+0x1a5/0x480 [ 11.259150] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.259401] kthread+0x337/0x6f0 [ 11.259524] ret_from_fork+0x41/0x80 [ 11.259704] ret_from_fork_asm+0x1a/0x30 [ 11.259893] [ 11.260833] The buggy address belongs to the object at ffff8881027e74a0 [ 11.260833] which belongs to the cache kmalloc-16 of size 16 [ 11.262267] The buggy address is located 8 bytes inside of [ 11.262267] freed 16-byte region [ffff8881027e74a0, ffff8881027e74b0) [ 11.262686] [ 11.262786] The buggy address belongs to the physical page: [ 11.263026] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e7 [ 11.264082] flags: 0x200000000000000(node=0|zone=2) [ 11.264306] page_type: f5(slab) [ 11.264447] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.264741] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.265070] page dumped because: kasan: bad access detected [ 11.265313] [ 11.265381] Memory state around the buggy address: [ 11.265603] ffff8881027e7380: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 11.265888] ffff8881027e7400: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 11.267102] >ffff8881027e7480: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 11.267374] ^ [ 11.267579] ffff8881027e7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.269689] ffff8881027e7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.269993] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 11.210749] ================================================================== [ 11.211784] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.212630] Read of size 64 at addr ffff888102f39004 by task kunit_try_catch/201 [ 11.213457] [ 11.213916] CPU: 1 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 11.213965] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.213977] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.213995] Call Trace: [ 11.214007] <TASK> [ 11.214021] dump_stack_lvl+0x73/0xb0 [ 11.214047] print_report+0xd1/0x610 [ 11.214069] ? __virt_addr_valid+0x1db/0x2d0 [ 11.214089] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.214108] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.214130] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.214150] kasan_report+0x141/0x180 [ 11.214171] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.214196] kasan_check_range+0x10c/0x1c0 [ 11.214215] __asan_memmove+0x27/0x70 [ 11.214234] kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.214254] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 11.214275] ? __schedule+0x10cc/0x2b60 [ 11.214297] ? __pfx_read_tsc+0x10/0x10 [ 11.214316] ? ktime_get_ts64+0x86/0x230 [ 11.214339] kunit_try_run_case+0x1a5/0x480 [ 11.214359] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.214376] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.214399] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.214422] ? __kthread_parkme+0x82/0x180 [ 11.214443] ? preempt_count_sub+0x50/0x80 [ 11.214467] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.214487] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.214509] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.214531] kthread+0x337/0x6f0 [ 11.214546] ? trace_preempt_on+0x20/0xc0 [ 11.214568] ? __pfx_kthread+0x10/0x10 [ 11.214585] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.214606] ? calculate_sigpending+0x7b/0xa0 [ 11.214626] ? __pfx_kthread+0x10/0x10 [ 11.214643] ret_from_fork+0x41/0x80 [ 11.214662] ? __pfx_kthread+0x10/0x10 [ 11.214679] ret_from_fork_asm+0x1a/0x30 [ 11.214708] </TASK> [ 11.214718] [ 11.223266] Allocated by task 201: [ 11.223447] kasan_save_stack+0x45/0x70 [ 11.223623] kasan_save_track+0x18/0x40 [ 11.223788] kasan_save_alloc_info+0x3b/0x50 [ 11.224562] __kasan_kmalloc+0xb7/0xc0 [ 11.224829] __kmalloc_cache_noprof+0x189/0x420 [ 11.225067] kmalloc_memmove_invalid_size+0xac/0x330 [ 11.225433] kunit_try_run_case+0x1a5/0x480 [ 11.225641] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.226103] kthread+0x337/0x6f0 [ 11.226329] ret_from_fork+0x41/0x80 [ 11.226472] ret_from_fork_asm+0x1a/0x30 [ 11.226671] [ 11.226953] The buggy address belongs to the object at ffff888102f39000 [ 11.226953] which belongs to the cache kmalloc-64 of size 64 [ 11.227465] The buggy address is located 4 bytes inside of [ 11.227465] allocated 64-byte region [ffff888102f39000, ffff888102f39040) [ 11.228300] [ 11.228394] The buggy address belongs to the physical page: [ 11.228700] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f39 [ 11.229310] flags: 0x200000000000000(node=0|zone=2) [ 11.229621] page_type: f5(slab) [ 11.229944] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.230266] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.230589] page dumped because: kasan: bad access detected [ 11.231046] [ 11.231124] Memory state around the buggy address: [ 11.231433] ffff888102f38f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.231806] ffff888102f38f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.232204] >ffff888102f39000: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 11.232553] ^ [ 11.232962] ffff888102f39080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.233348] ffff888102f39100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.233651] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 11.188509] ================================================================== [ 11.189027] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 11.189364] Read of size 18446744073709551614 at addr ffff88810222ae84 by task kunit_try_catch/199 [ 11.189786] [ 11.190133] CPU: 0 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 11.190179] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.190191] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.190211] Call Trace: [ 11.190222] <TASK> [ 11.190239] dump_stack_lvl+0x73/0xb0 [ 11.190265] print_report+0xd1/0x610 [ 11.190290] ? __virt_addr_valid+0x1db/0x2d0 [ 11.190312] ? kmalloc_memmove_negative_size+0x171/0x330 [ 11.190332] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.190354] ? kmalloc_memmove_negative_size+0x171/0x330 [ 11.190397] kasan_report+0x141/0x180 [ 11.190421] ? kmalloc_memmove_negative_size+0x171/0x330 [ 11.190447] kasan_check_range+0x10c/0x1c0 [ 11.190467] __asan_memmove+0x27/0x70 [ 11.190487] kmalloc_memmove_negative_size+0x171/0x330 [ 11.190508] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 11.190529] ? __schedule+0x10cc/0x2b60 [ 11.190554] ? __pfx_read_tsc+0x10/0x10 [ 11.190573] ? ktime_get_ts64+0x86/0x230 [ 11.190597] kunit_try_run_case+0x1a5/0x480 [ 11.190619] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.190637] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.190661] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.190684] ? __kthread_parkme+0x82/0x180 [ 11.190705] ? preempt_count_sub+0x50/0x80 [ 11.190730] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.190802] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.190829] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.190852] kthread+0x337/0x6f0 [ 11.190869] ? trace_preempt_on+0x20/0xc0 [ 11.190904] ? __pfx_kthread+0x10/0x10 [ 11.190921] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.190943] ? calculate_sigpending+0x7b/0xa0 [ 11.190963] ? __pfx_kthread+0x10/0x10 [ 11.190981] ret_from_fork+0x41/0x80 [ 11.191001] ? __pfx_kthread+0x10/0x10 [ 11.191018] ret_from_fork_asm+0x1a/0x30 [ 11.191049] </TASK> [ 11.191060] [ 11.198341] Allocated by task 199: [ 11.198511] kasan_save_stack+0x45/0x70 [ 11.198656] kasan_save_track+0x18/0x40 [ 11.198944] kasan_save_alloc_info+0x3b/0x50 [ 11.199155] __kasan_kmalloc+0xb7/0xc0 [ 11.199340] __kmalloc_cache_noprof+0x189/0x420 [ 11.199505] kmalloc_memmove_negative_size+0xac/0x330 [ 11.199667] kunit_try_run_case+0x1a5/0x480 [ 11.199956] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.200210] kthread+0x337/0x6f0 [ 11.200376] ret_from_fork+0x41/0x80 [ 11.200563] ret_from_fork_asm+0x1a/0x30 [ 11.201018] [ 11.201122] The buggy address belongs to the object at ffff88810222ae80 [ 11.201122] which belongs to the cache kmalloc-64 of size 64 [ 11.201535] The buggy address is located 4 bytes inside of [ 11.201535] 64-byte region [ffff88810222ae80, ffff88810222aec0) [ 11.202154] [ 11.202248] The buggy address belongs to the physical page: [ 11.202472] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10222a [ 11.202900] flags: 0x200000000000000(node=0|zone=2) [ 11.203096] page_type: f5(slab) [ 11.203264] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.203509] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.203802] page dumped because: kasan: bad access detected [ 11.204071] [ 11.204163] Memory state around the buggy address: [ 11.204383] ffff88810222ad80: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 11.204739] ffff88810222ae00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.204990] >ffff88810222ae80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 11.205238] ^ [ 11.205401] ffff88810222af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.205912] ffff88810222af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.206262] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 11.162026] ================================================================== [ 11.163407] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 11.163759] Write of size 16 at addr ffff888102225b69 by task kunit_try_catch/197 [ 11.164241] [ 11.164357] CPU: 0 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 11.164400] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.164411] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.164431] Call Trace: [ 11.164442] <TASK> [ 11.164456] dump_stack_lvl+0x73/0xb0 [ 11.164480] print_report+0xd1/0x610 [ 11.164502] ? __virt_addr_valid+0x1db/0x2d0 [ 11.164523] ? kmalloc_oob_memset_16+0x166/0x330 [ 11.164544] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.164566] ? kmalloc_oob_memset_16+0x166/0x330 [ 11.164587] kasan_report+0x141/0x180 [ 11.164609] ? kmalloc_oob_memset_16+0x166/0x330 [ 11.164636] kasan_check_range+0x10c/0x1c0 [ 11.164655] __asan_memset+0x27/0x50 [ 11.164675] kmalloc_oob_memset_16+0x166/0x330 [ 11.164697] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 11.164720] ? __schedule+0x10cc/0x2b60 [ 11.164743] ? __pfx_read_tsc+0x10/0x10 [ 11.164761] ? ktime_get_ts64+0x86/0x230 [ 11.164787] kunit_try_run_case+0x1a5/0x480 [ 11.164807] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.164825] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.164848] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.164871] ? __kthread_parkme+0x82/0x180 [ 11.164903] ? preempt_count_sub+0x50/0x80 [ 11.164927] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.164947] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.165025] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.165048] kthread+0x337/0x6f0 [ 11.165065] ? trace_preempt_on+0x20/0xc0 [ 11.165088] ? __pfx_kthread+0x10/0x10 [ 11.165105] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.165130] ? calculate_sigpending+0x7b/0xa0 [ 11.165150] ? __pfx_kthread+0x10/0x10 [ 11.165168] ret_from_fork+0x41/0x80 [ 11.165187] ? __pfx_kthread+0x10/0x10 [ 11.165204] ret_from_fork_asm+0x1a/0x30 [ 11.165235] </TASK> [ 11.165246] [ 11.174685] Allocated by task 197: [ 11.175069] kasan_save_stack+0x45/0x70 [ 11.175432] kasan_save_track+0x18/0x40 [ 11.175613] kasan_save_alloc_info+0x3b/0x50 [ 11.175894] __kasan_kmalloc+0xb7/0xc0 [ 11.176055] __kmalloc_cache_noprof+0x189/0x420 [ 11.176256] kmalloc_oob_memset_16+0xac/0x330 [ 11.176460] kunit_try_run_case+0x1a5/0x480 [ 11.176645] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.177289] kthread+0x337/0x6f0 [ 11.177422] ret_from_fork+0x41/0x80 [ 11.177682] ret_from_fork_asm+0x1a/0x30 [ 11.178184] [ 11.178265] The buggy address belongs to the object at ffff888102225b00 [ 11.178265] which belongs to the cache kmalloc-128 of size 128 [ 11.178983] The buggy address is located 105 bytes inside of [ 11.178983] allocated 120-byte region [ffff888102225b00, ffff888102225b78) [ 11.179457] [ 11.179552] The buggy address belongs to the physical page: [ 11.179786] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102225 [ 11.180131] flags: 0x200000000000000(node=0|zone=2) [ 11.180351] page_type: f5(slab) [ 11.180515] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.181294] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.181585] page dumped because: kasan: bad access detected [ 11.182137] [ 11.182225] Memory state around the buggy address: [ 11.182556] ffff888102225a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.182985] ffff888102225a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.183409] >ffff888102225b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.183765] ^ [ 11.184344] ffff888102225b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.184822] ffff888102225c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.185256] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 11.135101] ================================================================== [ 11.135542] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 11.135851] Write of size 8 at addr ffff888102f2ad71 by task kunit_try_catch/195 [ 11.136298] [ 11.136628] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 11.136677] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.136688] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.136707] Call Trace: [ 11.136718] <TASK> [ 11.136732] dump_stack_lvl+0x73/0xb0 [ 11.136756] print_report+0xd1/0x610 [ 11.136778] ? __virt_addr_valid+0x1db/0x2d0 [ 11.136798] ? kmalloc_oob_memset_8+0x166/0x330 [ 11.136819] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.136840] ? kmalloc_oob_memset_8+0x166/0x330 [ 11.136862] kasan_report+0x141/0x180 [ 11.136897] ? kmalloc_oob_memset_8+0x166/0x330 [ 11.136924] kasan_check_range+0x10c/0x1c0 [ 11.136942] __asan_memset+0x27/0x50 [ 11.136962] kmalloc_oob_memset_8+0x166/0x330 [ 11.136984] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 11.137006] ? __schedule+0x10cc/0x2b60 [ 11.137029] ? __pfx_read_tsc+0x10/0x10 [ 11.137048] ? ktime_get_ts64+0x86/0x230 [ 11.137071] kunit_try_run_case+0x1a5/0x480 [ 11.137091] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.137108] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.137136] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.137158] ? __kthread_parkme+0x82/0x180 [ 11.137180] ? preempt_count_sub+0x50/0x80 [ 11.137204] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.137224] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.137246] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.137268] kthread+0x337/0x6f0 [ 11.137283] ? trace_preempt_on+0x20/0xc0 [ 11.137306] ? __pfx_kthread+0x10/0x10 [ 11.137323] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.137343] ? calculate_sigpending+0x7b/0xa0 [ 11.137364] ? __pfx_kthread+0x10/0x10 [ 11.137381] ret_from_fork+0x41/0x80 [ 11.137401] ? __pfx_kthread+0x10/0x10 [ 11.137418] ret_from_fork_asm+0x1a/0x30 [ 11.137448] </TASK> [ 11.137458] [ 11.147185] Allocated by task 195: [ 11.147494] kasan_save_stack+0x45/0x70 [ 11.147929] kasan_save_track+0x18/0x40 [ 11.148115] kasan_save_alloc_info+0x3b/0x50 [ 11.148309] __kasan_kmalloc+0xb7/0xc0 [ 11.148482] __kmalloc_cache_noprof+0x189/0x420 [ 11.148680] kmalloc_oob_memset_8+0xac/0x330 [ 11.149103] kunit_try_run_case+0x1a5/0x480 [ 11.149553] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.150028] kthread+0x337/0x6f0 [ 11.150509] ret_from_fork+0x41/0x80 [ 11.150790] ret_from_fork_asm+0x1a/0x30 [ 11.150989] [ 11.151082] The buggy address belongs to the object at ffff888102f2ad00 [ 11.151082] which belongs to the cache kmalloc-128 of size 128 [ 11.151574] The buggy address is located 113 bytes inside of [ 11.151574] allocated 120-byte region [ffff888102f2ad00, ffff888102f2ad78) [ 11.152390] [ 11.152572] The buggy address belongs to the physical page: [ 11.153045] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f2a [ 11.153682] flags: 0x200000000000000(node=0|zone=2) [ 11.154170] page_type: f5(slab) [ 11.154329] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.154642] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.155347] page dumped because: kasan: bad access detected [ 11.155759] [ 11.156081] Memory state around the buggy address: [ 11.156284] ffff888102f2ac00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.156578] ffff888102f2ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.157414] >ffff888102f2ad00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.158107] ^ [ 11.158406] ffff888102f2ad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.158857] ffff888102f2ae00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.159349] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 11.107347] ================================================================== [ 11.107996] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 11.108302] Write of size 4 at addr ffff888102f2ac75 by task kunit_try_catch/193 [ 11.108592] [ 11.108705] CPU: 1 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 11.108751] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.108763] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.108783] Call Trace: [ 11.108796] <TASK> [ 11.108814] dump_stack_lvl+0x73/0xb0 [ 11.108840] print_report+0xd1/0x610 [ 11.108862] ? __virt_addr_valid+0x1db/0x2d0 [ 11.108894] ? kmalloc_oob_memset_4+0x166/0x330 [ 11.108915] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.108937] ? kmalloc_oob_memset_4+0x166/0x330 [ 11.108958] kasan_report+0x141/0x180 [ 11.108980] ? kmalloc_oob_memset_4+0x166/0x330 [ 11.109005] kasan_check_range+0x10c/0x1c0 [ 11.109025] __asan_memset+0x27/0x50 [ 11.109044] kmalloc_oob_memset_4+0x166/0x330 [ 11.109066] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 11.109088] ? __schedule+0x10cc/0x2b60 [ 11.109110] ? __pfx_read_tsc+0x10/0x10 [ 11.109136] ? ktime_get_ts64+0x86/0x230 [ 11.109162] kunit_try_run_case+0x1a5/0x480 [ 11.109184] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.109201] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.109225] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.109248] ? __kthread_parkme+0x82/0x180 [ 11.109269] ? preempt_count_sub+0x50/0x80 [ 11.109294] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.109313] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.109335] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.109357] kthread+0x337/0x6f0 [ 11.109372] ? trace_preempt_on+0x20/0xc0 [ 11.109395] ? __pfx_kthread+0x10/0x10 [ 11.109412] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.109433] ? calculate_sigpending+0x7b/0xa0 [ 11.109454] ? __pfx_kthread+0x10/0x10 [ 11.109471] ret_from_fork+0x41/0x80 [ 11.109490] ? __pfx_kthread+0x10/0x10 [ 11.109507] ret_from_fork_asm+0x1a/0x30 [ 11.109540] </TASK> [ 11.109550] [ 11.120176] Allocated by task 193: [ 11.120355] kasan_save_stack+0x45/0x70 [ 11.120543] kasan_save_track+0x18/0x40 [ 11.120718] kasan_save_alloc_info+0x3b/0x50 [ 11.121238] __kasan_kmalloc+0xb7/0xc0 [ 11.121534] __kmalloc_cache_noprof+0x189/0x420 [ 11.121965] kmalloc_oob_memset_4+0xac/0x330 [ 11.122308] kunit_try_run_case+0x1a5/0x480 [ 11.122710] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.123243] kthread+0x337/0x6f0 [ 11.123544] ret_from_fork+0x41/0x80 [ 11.123921] ret_from_fork_asm+0x1a/0x30 [ 11.124125] [ 11.124218] The buggy address belongs to the object at ffff888102f2ac00 [ 11.124218] which belongs to the cache kmalloc-128 of size 128 [ 11.124713] The buggy address is located 117 bytes inside of [ 11.124713] allocated 120-byte region [ffff888102f2ac00, ffff888102f2ac78) [ 11.125641] [ 11.125866] The buggy address belongs to the physical page: [ 11.126334] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f2a [ 11.126993] flags: 0x200000000000000(node=0|zone=2) [ 11.127214] page_type: f5(slab) [ 11.127370] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.127677] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.128302] page dumped because: kasan: bad access detected [ 11.128672] [ 11.128911] Memory state around the buggy address: [ 11.129309] ffff888102f2ab00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.129847] ffff888102f2ab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.130161] >ffff888102f2ac00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.130443] ^ [ 11.130980] ffff888102f2ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.131481] ffff888102f2ad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.132013] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 10.576570] ================================================================== [ 10.577459] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 10.577673] Read of size 1 at addr ffff8881039c0000 by task kunit_try_catch/173 [ 10.578445] [ 10.578763] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 10.578826] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.578837] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.578855] Call Trace: [ 10.578866] <TASK> [ 10.578889] dump_stack_lvl+0x73/0xb0 [ 10.578913] print_report+0xd1/0x610 [ 10.578935] ? __virt_addr_valid+0x1db/0x2d0 [ 10.578956] ? page_alloc_uaf+0x356/0x3d0 [ 10.578973] ? kasan_addr_to_slab+0x11/0xa0 [ 10.579027] ? page_alloc_uaf+0x356/0x3d0 [ 10.579046] kasan_report+0x141/0x180 [ 10.579067] ? page_alloc_uaf+0x356/0x3d0 [ 10.579090] __asan_report_load1_noabort+0x18/0x20 [ 10.579138] page_alloc_uaf+0x356/0x3d0 [ 10.579156] ? __pfx_page_alloc_uaf+0x10/0x10 [ 10.579185] ? __schedule+0x10cc/0x2b60 [ 10.579208] ? __pfx_read_tsc+0x10/0x10 [ 10.579231] ? ktime_get_ts64+0x86/0x230 [ 10.579255] kunit_try_run_case+0x1a5/0x480 [ 10.579275] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.579292] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.579315] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.579337] ? __kthread_parkme+0x82/0x180 [ 10.579361] ? preempt_count_sub+0x50/0x80 [ 10.579384] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.579403] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.579425] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.579446] kthread+0x337/0x6f0 [ 10.579462] ? trace_preempt_on+0x20/0xc0 [ 10.579484] ? __pfx_kthread+0x10/0x10 [ 10.579502] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.579523] ? calculate_sigpending+0x7b/0xa0 [ 10.579547] ? __pfx_kthread+0x10/0x10 [ 10.579565] ret_from_fork+0x41/0x80 [ 10.579593] ? __pfx_kthread+0x10/0x10 [ 10.579610] ret_from_fork_asm+0x1a/0x30 [ 10.579645] </TASK> [ 10.579655] [ 10.588014] The buggy address belongs to the physical page: [ 10.588263] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c0 [ 10.588545] flags: 0x200000000000000(node=0|zone=2) [ 10.589029] page_type: f0(buddy) [ 10.589212] raw: 0200000000000000 ffff88817fffc470 ffff88817fffc470 0000000000000000 [ 10.589612] raw: 0000000000000000 0000000000000006 00000000f0000000 0000000000000000 [ 10.590065] page dumped because: kasan: bad access detected [ 10.590351] [ 10.590446] Memory state around the buggy address: [ 10.590773] ffff8881039bff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.591103] ffff8881039bff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.591463] >ffff8881039c0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.591893] ^ [ 10.592065] ffff8881039c0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.592451] ffff8881039c0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.592848] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 10.549760] ================================================================== [ 10.551082] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 10.551297] Free of addr ffff888102aa8001 by task kunit_try_catch/169 [ 10.551499] [ 10.551580] CPU: 0 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 10.551621] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.551632] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.551650] Call Trace: [ 10.551660] <TASK> [ 10.551673] dump_stack_lvl+0x73/0xb0 [ 10.551695] print_report+0xd1/0x610 [ 10.551717] ? __virt_addr_valid+0x1db/0x2d0 [ 10.551739] ? kasan_addr_to_slab+0x11/0xa0 [ 10.551759] ? kfree+0x274/0x3f0 [ 10.551776] kasan_report_invalid_free+0x10a/0x130 [ 10.551800] ? kfree+0x274/0x3f0 [ 10.551819] ? kfree+0x274/0x3f0 [ 10.551836] __kasan_kfree_large+0x86/0xd0 [ 10.551856] free_large_kmalloc+0x4b/0x110 [ 10.551876] kfree+0x274/0x3f0 [ 10.551919] kmalloc_large_invalid_free+0x120/0x2b0 [ 10.551941] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 10.551964] ? __schedule+0x10cc/0x2b60 [ 10.551986] ? __pfx_read_tsc+0x10/0x10 [ 10.552009] ? ktime_get_ts64+0x86/0x230 [ 10.552032] kunit_try_run_case+0x1a5/0x480 [ 10.552052] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.552070] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.552103] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.552127] ? __kthread_parkme+0x82/0x180 [ 10.552151] ? preempt_count_sub+0x50/0x80 [ 10.552186] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.552205] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.552227] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.552249] kthread+0x337/0x6f0 [ 10.552264] ? trace_preempt_on+0x20/0xc0 [ 10.552286] ? __pfx_kthread+0x10/0x10 [ 10.552303] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.552324] ? calculate_sigpending+0x7b/0xa0 [ 10.552355] ? __pfx_kthread+0x10/0x10 [ 10.552373] ret_from_fork+0x41/0x80 [ 10.552400] ? __pfx_kthread+0x10/0x10 [ 10.552427] ret_from_fork_asm+0x1a/0x30 [ 10.552461] </TASK> [ 10.552470] [ 10.564490] The buggy address belongs to the physical page: [ 10.564784] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102aa8 [ 10.565408] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.566005] flags: 0x200000000000040(head|node=0|zone=2) [ 10.566271] page_type: f8(unknown) [ 10.566568] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.567079] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.567365] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.567839] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.568305] head: 0200000000000002 ffffea00040aaa01 00000000ffffffff 00000000ffffffff [ 10.568645] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.569159] page dumped because: kasan: bad access detected [ 10.569479] [ 10.569558] Memory state around the buggy address: [ 10.569786] ffff888102aa7f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.570341] ffff888102aa7f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.570656] >ffff888102aa8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.571227] ^ [ 10.571377] ffff888102aa8080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.571753] ffff888102aa8100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.572128] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 10.523392] ================================================================== [ 10.523779] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 10.524290] Read of size 1 at addr ffff888103954000 by task kunit_try_catch/167 [ 10.524524] [ 10.524609] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 10.524650] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.524662] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.524689] Call Trace: [ 10.524701] <TASK> [ 10.524714] dump_stack_lvl+0x73/0xb0 [ 10.524739] print_report+0xd1/0x610 [ 10.524761] ? __virt_addr_valid+0x1db/0x2d0 [ 10.524782] ? kmalloc_large_uaf+0x2f1/0x340 [ 10.524802] ? kasan_addr_to_slab+0x11/0xa0 [ 10.524822] ? kmalloc_large_uaf+0x2f1/0x340 [ 10.524842] kasan_report+0x141/0x180 [ 10.524864] ? kmalloc_large_uaf+0x2f1/0x340 [ 10.525390] __asan_report_load1_noabort+0x18/0x20 [ 10.525422] kmalloc_large_uaf+0x2f1/0x340 [ 10.525443] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 10.525465] ? __schedule+0x10cc/0x2b60 [ 10.525488] ? __pfx_read_tsc+0x10/0x10 [ 10.525506] ? ktime_get_ts64+0x86/0x230 [ 10.525529] kunit_try_run_case+0x1a5/0x480 [ 10.525550] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.525567] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.525589] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.525611] ? __kthread_parkme+0x82/0x180 [ 10.525632] ? preempt_count_sub+0x50/0x80 [ 10.525655] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.525730] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.525755] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.525777] kthread+0x337/0x6f0 [ 10.525809] ? trace_preempt_on+0x20/0xc0 [ 10.525831] ? __pfx_kthread+0x10/0x10 [ 10.525848] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.525869] ? calculate_sigpending+0x7b/0xa0 [ 10.525898] ? __pfx_kthread+0x10/0x10 [ 10.525915] ret_from_fork+0x41/0x80 [ 10.525934] ? __pfx_kthread+0x10/0x10 [ 10.525952] ret_from_fork_asm+0x1a/0x30 [ 10.525981] </TASK> [ 10.525991] [ 10.535927] The buggy address belongs to the physical page: [ 10.536455] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103954 [ 10.537395] flags: 0x200000000000000(node=0|zone=2) [ 10.537816] raw: 0200000000000000 ffffea00040e5608 ffff88815b139a80 0000000000000000 [ 10.538590] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 10.539439] page dumped because: kasan: bad access detected [ 10.540132] [ 10.540289] Memory state around the buggy address: [ 10.540779] ffff888103953f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.541521] ffff888103953f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.542218] >ffff888103954000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.542904] ^ [ 10.543306] ffff888103954080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.544137] ffff888103954100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.544849] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 10.499807] ================================================================== [ 10.500375] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 10.500702] Write of size 1 at addr ffff888102aaa00a by task kunit_try_catch/165 [ 10.501889] [ 10.502077] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 10.502120] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.502131] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.502149] Call Trace: [ 10.502160] <TASK> [ 10.502174] dump_stack_lvl+0x73/0xb0 [ 10.502198] print_report+0xd1/0x610 [ 10.502220] ? __virt_addr_valid+0x1db/0x2d0 [ 10.502241] ? kmalloc_large_oob_right+0x2e9/0x330 [ 10.502262] ? kasan_addr_to_slab+0x11/0xa0 [ 10.502282] ? kmalloc_large_oob_right+0x2e9/0x330 [ 10.502303] kasan_report+0x141/0x180 [ 10.502325] ? kmalloc_large_oob_right+0x2e9/0x330 [ 10.502352] __asan_report_store1_noabort+0x1b/0x30 [ 10.502372] kmalloc_large_oob_right+0x2e9/0x330 [ 10.502393] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 10.502415] ? __schedule+0x10cc/0x2b60 [ 10.502438] ? __pfx_read_tsc+0x10/0x10 [ 10.502461] ? ktime_get_ts64+0x86/0x230 [ 10.502485] kunit_try_run_case+0x1a5/0x480 [ 10.502505] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.502523] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.502545] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.502567] ? __kthread_parkme+0x82/0x180 [ 10.502592] ? preempt_count_sub+0x50/0x80 [ 10.502617] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.502635] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.502657] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.502678] kthread+0x337/0x6f0 [ 10.502694] ? trace_preempt_on+0x20/0xc0 [ 10.502716] ? __pfx_kthread+0x10/0x10 [ 10.502733] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.502754] ? calculate_sigpending+0x7b/0xa0 [ 10.502776] ? __pfx_kthread+0x10/0x10 [ 10.502793] ret_from_fork+0x41/0x80 [ 10.502820] ? __pfx_kthread+0x10/0x10 [ 10.502837] ret_from_fork_asm+0x1a/0x30 [ 10.502872] </TASK> [ 10.502893] [ 10.512739] The buggy address belongs to the physical page: [ 10.513063] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102aa8 [ 10.513427] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.513787] flags: 0x200000000000040(head|node=0|zone=2) [ 10.514036] page_type: f8(unknown) [ 10.514184] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.514445] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.514791] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.515566] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.516203] head: 0200000000000002 ffffea00040aaa01 00000000ffffffff 00000000ffffffff [ 10.516530] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.517232] page dumped because: kasan: bad access detected [ 10.517538] [ 10.517625] Memory state around the buggy address: [ 10.517891] ffff888102aa9f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.518541] ffff888102aa9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.519086] >ffff888102aaa000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.519349] ^ [ 10.519532] ffff888102aaa080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.520187] ffff888102aaa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.520473] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 10.472586] ================================================================== [ 10.474022] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 10.474295] Write of size 1 at addr ffff888103931f00 by task kunit_try_catch/163 [ 10.474520] [ 10.474603] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 10.474646] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.474657] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.474683] Call Trace: [ 10.474696] <TASK> [ 10.474710] dump_stack_lvl+0x73/0xb0 [ 10.474734] print_report+0xd1/0x610 [ 10.474757] ? __virt_addr_valid+0x1db/0x2d0 [ 10.474779] ? kmalloc_big_oob_right+0x316/0x370 [ 10.474800] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.474821] ? kmalloc_big_oob_right+0x316/0x370 [ 10.474843] kasan_report+0x141/0x180 [ 10.474864] ? kmalloc_big_oob_right+0x316/0x370 [ 10.474900] __asan_report_store1_noabort+0x1b/0x30 [ 10.474920] kmalloc_big_oob_right+0x316/0x370 [ 10.474941] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 10.474963] ? __schedule+0x10cc/0x2b60 [ 10.474986] ? __pfx_read_tsc+0x10/0x10 [ 10.475009] ? ktime_get_ts64+0x86/0x230 [ 10.475034] kunit_try_run_case+0x1a5/0x480 [ 10.475054] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.475071] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.475094] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.475117] ? __kthread_parkme+0x82/0x180 [ 10.475141] ? preempt_count_sub+0x50/0x80 [ 10.475166] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.475186] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.475208] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.475230] kthread+0x337/0x6f0 [ 10.475246] ? trace_preempt_on+0x20/0xc0 [ 10.475269] ? __pfx_kthread+0x10/0x10 [ 10.475286] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.475306] ? calculate_sigpending+0x7b/0xa0 [ 10.475329] ? __pfx_kthread+0x10/0x10 [ 10.475347] ret_from_fork+0x41/0x80 [ 10.475374] ? __pfx_kthread+0x10/0x10 [ 10.475391] ret_from_fork_asm+0x1a/0x30 [ 10.475426] </TASK> [ 10.475435] [ 10.485082] Allocated by task 163: [ 10.485264] kasan_save_stack+0x45/0x70 [ 10.485472] kasan_save_track+0x18/0x40 [ 10.485676] kasan_save_alloc_info+0x3b/0x50 [ 10.485924] __kasan_kmalloc+0xb7/0xc0 [ 10.486105] __kmalloc_cache_noprof+0x189/0x420 [ 10.486378] kmalloc_big_oob_right+0xa9/0x370 [ 10.486589] kunit_try_run_case+0x1a5/0x480 [ 10.486740] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.486922] kthread+0x337/0x6f0 [ 10.487038] ret_from_fork+0x41/0x80 [ 10.487191] ret_from_fork_asm+0x1a/0x30 [ 10.487482] [ 10.487576] The buggy address belongs to the object at ffff888103930000 [ 10.487576] which belongs to the cache kmalloc-8k of size 8192 [ 10.488228] The buggy address is located 0 bytes to the right of [ 10.488228] allocated 7936-byte region [ffff888103930000, ffff888103931f00) [ 10.488647] [ 10.488819] The buggy address belongs to the physical page: [ 10.489110] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103930 [ 10.489482] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.489728] flags: 0x200000000000040(head|node=0|zone=2) [ 10.489946] page_type: f5(slab) [ 10.490112] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 10.490662] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 10.491010] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 10.491326] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 10.491606] head: 0200000000000003 ffffea00040e4c01 00000000ffffffff 00000000ffffffff [ 10.491917] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 10.492255] page dumped because: kasan: bad access detected [ 10.492517] [ 10.492606] Memory state around the buggy address: [ 10.493026] ffff888103931e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.493357] ffff888103931e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.493580] >ffff888103931f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.493782] ^ [ 10.493905] ffff888103931f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.494259] ffff888103932000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.494605] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 10.438116] ================================================================== [ 10.438589] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.438953] Write of size 1 at addr ffff888102f2a978 by task kunit_try_catch/161 [ 10.439223] [ 10.439332] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 10.439374] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.439384] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.439402] Call Trace: [ 10.439412] <TASK> [ 10.439426] dump_stack_lvl+0x73/0xb0 [ 10.439449] print_report+0xd1/0x610 [ 10.439470] ? __virt_addr_valid+0x1db/0x2d0 [ 10.439491] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.439511] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.439533] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.439553] kasan_report+0x141/0x180 [ 10.439575] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.439600] __asan_report_store1_noabort+0x1b/0x30 [ 10.439620] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.439640] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 10.439661] ? __schedule+0x10cc/0x2b60 [ 10.439683] ? __pfx_read_tsc+0x10/0x10 [ 10.439702] ? ktime_get_ts64+0x86/0x230 [ 10.439726] kunit_try_run_case+0x1a5/0x480 [ 10.439747] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.439764] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.439786] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.439809] ? __kthread_parkme+0x82/0x180 [ 10.439829] ? preempt_count_sub+0x50/0x80 [ 10.439853] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.439872] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.439907] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.439928] kthread+0x337/0x6f0 [ 10.439944] ? trace_preempt_on+0x20/0xc0 [ 10.439966] ? __pfx_kthread+0x10/0x10 [ 10.439983] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.440004] ? calculate_sigpending+0x7b/0xa0 [ 10.440023] ? __pfx_kthread+0x10/0x10 [ 10.440041] ret_from_fork+0x41/0x80 [ 10.440060] ? __pfx_kthread+0x10/0x10 [ 10.440077] ret_from_fork_asm+0x1a/0x30 [ 10.440106] </TASK> [ 10.440115] [ 10.448043] Allocated by task 161: [ 10.448202] kasan_save_stack+0x45/0x70 [ 10.448388] kasan_save_track+0x18/0x40 [ 10.448562] kasan_save_alloc_info+0x3b/0x50 [ 10.448813] __kasan_kmalloc+0xb7/0xc0 [ 10.448998] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 10.449193] kmalloc_track_caller_oob_right+0x99/0x520 [ 10.449443] kunit_try_run_case+0x1a5/0x480 [ 10.449625] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.449978] kthread+0x337/0x6f0 [ 10.450111] ret_from_fork+0x41/0x80 [ 10.450291] ret_from_fork_asm+0x1a/0x30 [ 10.450437] [ 10.450506] The buggy address belongs to the object at ffff888102f2a900 [ 10.450506] which belongs to the cache kmalloc-128 of size 128 [ 10.451227] The buggy address is located 0 bytes to the right of [ 10.451227] allocated 120-byte region [ffff888102f2a900, ffff888102f2a978) [ 10.451639] [ 10.451727] The buggy address belongs to the physical page: [ 10.451989] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f2a [ 10.452340] flags: 0x200000000000000(node=0|zone=2) [ 10.452738] page_type: f5(slab) [ 10.452860] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.453099] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.453566] page dumped because: kasan: bad access detected [ 10.454006] [ 10.454090] Memory state around the buggy address: [ 10.454281] ffff888102f2a800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.454491] ffff888102f2a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.454835] >ffff888102f2a900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 10.455163] ^ [ 10.455474] ffff888102f2a980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.455933] ffff888102f2aa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.456150] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 10.404295] ================================================================== [ 10.405228] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 10.405475] Read of size 1 at addr ffff8881028bd000 by task kunit_try_catch/159 [ 10.405695] [ 10.405791] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 10.405841] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.405852] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.405873] Call Trace: [ 10.405904] <TASK> [ 10.405921] dump_stack_lvl+0x73/0xb0 [ 10.405947] print_report+0xd1/0x610 [ 10.405969] ? __virt_addr_valid+0x1db/0x2d0 [ 10.405991] ? kmalloc_node_oob_right+0x369/0x3c0 [ 10.406009] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.406031] ? kmalloc_node_oob_right+0x369/0x3c0 [ 10.406050] kasan_report+0x141/0x180 [ 10.406072] ? kmalloc_node_oob_right+0x369/0x3c0 [ 10.406120] __asan_report_load1_noabort+0x18/0x20 [ 10.406141] kmalloc_node_oob_right+0x369/0x3c0 [ 10.406175] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 10.406209] ? __schedule+0x10cc/0x2b60 [ 10.406245] ? __pfx_read_tsc+0x10/0x10 [ 10.406279] ? ktime_get_ts64+0x86/0x230 [ 10.406305] kunit_try_run_case+0x1a5/0x480 [ 10.406340] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.406358] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.406381] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.406403] ? __kthread_parkme+0x82/0x180 [ 10.406439] ? preempt_count_sub+0x50/0x80 [ 10.406464] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.406483] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.406516] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.406538] kthread+0x337/0x6f0 [ 10.406553] ? trace_preempt_on+0x20/0xc0 [ 10.406587] ? __pfx_kthread+0x10/0x10 [ 10.406620] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.406641] ? calculate_sigpending+0x7b/0xa0 [ 10.406677] ? __pfx_kthread+0x10/0x10 [ 10.406711] ret_from_fork+0x41/0x80 [ 10.406739] ? __pfx_kthread+0x10/0x10 [ 10.406756] ret_from_fork_asm+0x1a/0x30 [ 10.406800] </TASK> [ 10.406810] [ 10.420244] Allocated by task 159: [ 10.420487] kasan_save_stack+0x45/0x70 [ 10.420944] kasan_save_track+0x18/0x40 [ 10.421162] kasan_save_alloc_info+0x3b/0x50 [ 10.421345] __kasan_kmalloc+0xb7/0xc0 [ 10.421515] __kmalloc_cache_node_noprof+0x188/0x420 [ 10.422018] kmalloc_node_oob_right+0xab/0x3c0 [ 10.422284] kunit_try_run_case+0x1a5/0x480 [ 10.422582] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.423198] kthread+0x337/0x6f0 [ 10.423425] ret_from_fork+0x41/0x80 [ 10.423798] ret_from_fork_asm+0x1a/0x30 [ 10.424012] [ 10.424105] The buggy address belongs to the object at ffff8881028bc000 [ 10.424105] which belongs to the cache kmalloc-4k of size 4096 [ 10.424593] The buggy address is located 0 bytes to the right of [ 10.424593] allocated 4096-byte region [ffff8881028bc000, ffff8881028bd000) [ 10.425543] [ 10.425642] The buggy address belongs to the physical page: [ 10.426528] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028b8 [ 10.427481] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.428138] flags: 0x200000000000040(head|node=0|zone=2) [ 10.428633] page_type: f5(slab) [ 10.428983] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 10.429316] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 10.429651] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 10.430126] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 10.430839] head: 0200000000000003 ffffea00040a2e01 00000000ffffffff 00000000ffffffff [ 10.431352] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 10.432175] page dumped because: kasan: bad access detected [ 10.432676] [ 10.432962] Memory state around the buggy address: [ 10.433318] ffff8881028bcf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.433854] ffff8881028bcf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.434368] >ffff8881028bd000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.434942] ^ [ 10.435109] ffff8881028bd080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.435403] ffff8881028bd100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.435688] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 107.258178] WARNING: CPU: 1 PID: 675 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 107.259365] Modules linked in: [ 107.259992] CPU: 1 UID: 0 PID: 675 Comm: kunit_try_catch Tainted: G B D W N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 107.261078] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 107.261397] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 107.261926] RIP: 0010:intlog10+0x2a/0x40 [ 107.262496] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 107.264316] RSP: 0000:ffff88810460fcb0 EFLAGS: 00010246 [ 107.264510] RAX: 0000000000000000 RBX: ffff88810031fae8 RCX: 1ffff110208c1fb4 [ 107.264731] RDX: 1ffffffff33126f8 RSI: 1ffff110208c1fb3 RDI: 0000000000000000 [ 107.265068] RBP: ffff88810460fd60 R08: 0000000000000000 R09: ffffed1020e3ef00 [ 107.265936] R10: ffff8881071f7807 R11: 0000000000000000 R12: 1ffff110208c1f97 [ 107.266541] R13: ffffffff998937c0 R14: 0000000000000000 R15: ffff88810460fd38 [ 107.267330] FS: 0000000000000000(0000) GS:ffff8881bf790000(0000) knlGS:0000000000000000 [ 107.268356] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 107.268862] CR2: ffff88815a80000a CR3: 00000001348ba000 CR4: 00000000000006f0 [ 107.269413] DR0: ffffffff9ba33900 DR1: ffffffff9ba33901 DR2: ffffffff9ba33903 [ 107.269624] DR3: ffffffff9ba33905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 107.270080] Call Trace: [ 107.270320] <TASK> [ 107.270526] ? intlog10_test+0xf2/0x220 [ 107.270990] ? __pfx_intlog10_test+0x10/0x10 [ 107.271498] ? __schedule+0x10cc/0x2b60 [ 107.271956] ? __pfx_read_tsc+0x10/0x10 [ 107.272318] ? ktime_get_ts64+0x86/0x230 [ 107.272595] kunit_try_run_case+0x1a5/0x480 [ 107.272989] ? __pfx_kunit_try_run_case+0x10/0x10 [ 107.273418] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 107.273645] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 107.274310] ? __kthread_parkme+0x82/0x180 [ 107.274561] ? preempt_count_sub+0x50/0x80 [ 107.274951] ? __pfx_kunit_try_run_case+0x10/0x10 [ 107.275372] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 107.275980] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 107.276178] kthread+0x337/0x6f0 [ 107.276301] ? trace_preempt_on+0x20/0xc0 [ 107.276447] ? __pfx_kthread+0x10/0x10 [ 107.276580] ? _raw_spin_unlock_irq+0x47/0x80 [ 107.276824] ? calculate_sigpending+0x7b/0xa0 [ 107.277087] ? __pfx_kthread+0x10/0x10 [ 107.277286] ret_from_fork+0x41/0x80 [ 107.277451] ? __pfx_kthread+0x10/0x10 [ 107.277639] ret_from_fork_asm+0x1a/0x30 [ 107.278024] </TASK> [ 107.278124] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 107.216406] WARNING: CPU: 0 PID: 657 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 107.217091] Modules linked in: [ 107.217492] CPU: 0 UID: 0 PID: 657 Comm: kunit_try_catch Tainted: G B D N 6.15.7-rc1 #1 PREEMPT(voluntary) [ 107.218278] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 107.218786] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 107.219356] RIP: 0010:intlog2+0xdf/0x110 [ 107.219509] Code: 89 99 c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d e9 d2 62 81 02 90 <0f> 0b 90 31 c0 e9 c7 62 81 02 89 45 e4 e8 9f 90 56 ff 8b 45 e4 eb [ 107.220784] RSP: 0000:ffff8881050ffcb0 EFLAGS: 00010246 [ 107.221305] RAX: 0000000000000000 RBX: ffff88810031fae8 RCX: 1ffff11020a1ffb4 [ 107.221951] RDX: 1ffffffff331274c RSI: 1ffff11020a1ffb3 RDI: 0000000000000000 [ 107.222437] RBP: ffff8881050ffd60 R08: 0000000000000000 R09: ffffed1020e01140 [ 107.222758] R10: ffff888107008a07 R11: 0000000000000000 R12: 1ffff11020a1ff97 [ 107.223389] R13: ffffffff99893a60 R14: 0000000000000000 R15: ffff8881050ffd38 [ 107.223974] FS: 0000000000000000(0000) GS:ffff8881bf690000(0000) knlGS:0000000000000000 [ 107.224321] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 107.224500] CR2: dffffc0000000000 CR3: 00000001348ba000 CR4: 00000000000006f0 [ 107.224889] DR0: ffffffff9ba33900 DR1: ffffffff9ba33901 DR2: ffffffff9ba33902 [ 107.225499] DR3: ffffffff9ba33903 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 107.226199] Call Trace: [ 107.226461] <TASK> [ 107.226736] ? intlog2_test+0xf2/0x220 [ 107.227156] ? __pfx_intlog2_test+0x10/0x10 [ 107.227557] ? __schedule+0x10cc/0x2b60 [ 107.228007] ? __pfx_read_tsc+0x10/0x10 [ 107.228311] ? ktime_get_ts64+0x86/0x230 [ 107.228462] kunit_try_run_case+0x1a5/0x480 [ 107.228610] ? __pfx_kunit_try_run_case+0x10/0x10 [ 107.229092] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 107.229533] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 107.230094] ? __kthread_parkme+0x82/0x180 [ 107.230489] ? preempt_count_sub+0x50/0x80 [ 107.230982] ? __pfx_kunit_try_run_case+0x10/0x10 [ 107.231335] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 107.231515] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 107.231883] kthread+0x337/0x6f0 [ 107.232204] ? trace_preempt_on+0x20/0xc0 [ 107.232582] ? __pfx_kthread+0x10/0x10 [ 107.233047] ? _raw_spin_unlock_irq+0x47/0x80 [ 107.233466] ? calculate_sigpending+0x7b/0xa0 [ 107.233968] ? __pfx_kthread+0x10/0x10 [ 107.234212] ret_from_fork+0x41/0x80 [ 107.234348] ? __pfx_kthread+0x10/0x10 [ 107.234482] ret_from_fork_asm+0x1a/0x30 [ 107.234632] </TASK> [ 107.234976] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
KNOWN ISSUE - qemu-x86_64: Oops: general protection fault, probably for non-canonical address - KASAN: null-ptr-deref - kunit_test_null_dereference
[ 106.577518] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI