Date
July 22, 2025, 2:40 p.m.
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 11.175451] ================================================================== [ 11.175929] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 11.176303] Write of size 2 at addr ffff88810306a877 by task kunit_try_catch/192 [ 11.176707] [ 11.177044] CPU: 0 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 11.177093] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.177104] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.177126] Call Trace: [ 11.177139] <TASK> [ 11.177155] dump_stack_lvl+0x73/0xb0 [ 11.177184] print_report+0xd1/0x610 [ 11.177207] ? __virt_addr_valid+0x1db/0x2d0 [ 11.177242] ? kmalloc_oob_memset_2+0x166/0x330 [ 11.177264] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.177286] ? kmalloc_oob_memset_2+0x166/0x330 [ 11.177307] kasan_report+0x141/0x180 [ 11.177329] ? kmalloc_oob_memset_2+0x166/0x330 [ 11.177355] kasan_check_range+0x10c/0x1c0 [ 11.177375] __asan_memset+0x27/0x50 [ 11.177394] kmalloc_oob_memset_2+0x166/0x330 [ 11.177417] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 11.177439] ? __schedule+0x10c6/0x2b60 [ 11.177463] ? __pfx_read_tsc+0x10/0x10 [ 11.177483] ? ktime_get_ts64+0x86/0x230 [ 11.177509] kunit_try_run_case+0x1a5/0x480 [ 11.177530] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.177548] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.177569] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.177592] ? __kthread_parkme+0x82/0x180 [ 11.177614] ? preempt_count_sub+0x50/0x80 [ 11.177642] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.177810] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.177843] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.177866] kthread+0x337/0x6f0 [ 11.177884] ? trace_preempt_on+0x20/0xc0 [ 11.177909] ? __pfx_kthread+0x10/0x10 [ 11.177926] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.177948] ? calculate_sigpending+0x7b/0xa0 [ 11.177970] ? __pfx_kthread+0x10/0x10 [ 11.177987] ret_from_fork+0x41/0x80 [ 11.178008] ? __pfx_kthread+0x10/0x10 [ 11.178025] ret_from_fork_asm+0x1a/0x30 [ 11.178056] </TASK> [ 11.178067] [ 11.187396] Allocated by task 192: [ 11.187591] kasan_save_stack+0x45/0x70 [ 11.188120] kasan_save_track+0x18/0x40 [ 11.188285] kasan_save_alloc_info+0x3b/0x50 [ 11.188611] __kasan_kmalloc+0xb7/0xc0 [ 11.188798] __kmalloc_cache_noprof+0x189/0x420 [ 11.189024] kmalloc_oob_memset_2+0xac/0x330 [ 11.189221] kunit_try_run_case+0x1a5/0x480 [ 11.189462] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.189762] kthread+0x337/0x6f0 [ 11.189999] ret_from_fork+0x41/0x80 [ 11.190418] ret_from_fork_asm+0x1a/0x30 [ 11.190677] [ 11.190749] The buggy address belongs to the object at ffff88810306a800 [ 11.190749] which belongs to the cache kmalloc-128 of size 128 [ 11.191433] The buggy address is located 119 bytes inside of [ 11.191433] allocated 120-byte region [ffff88810306a800, ffff88810306a878) [ 11.192115] [ 11.192192] The buggy address belongs to the physical page: [ 11.192559] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10306a [ 11.192947] flags: 0x200000000000000(node=0|zone=2) [ 11.193451] page_type: f5(slab) [ 11.193625] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.194590] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.195207] page dumped because: kasan: bad access detected [ 11.195425] [ 11.195514] Memory state around the buggy address: [ 11.195869] ffff88810306a700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.196097] ffff88810306a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.196510] >ffff88810306a800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.196903] ^ [ 11.197263] ffff88810306a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.197577] ffff88810306a900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.197816] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 11.145730] ================================================================== [ 11.146140] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 11.146416] Write of size 128 at addr ffff8881028aff00 by task kunit_try_catch/190 [ 11.146712] [ 11.146934] CPU: 1 UID: 0 PID: 190 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 11.146984] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.146995] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.147016] Call Trace: [ 11.147028] <TASK> [ 11.147084] dump_stack_lvl+0x73/0xb0 [ 11.147111] print_report+0xd1/0x610 [ 11.147133] ? __virt_addr_valid+0x1db/0x2d0 [ 11.147155] ? kmalloc_oob_in_memset+0x15f/0x320 [ 11.147176] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.147198] ? kmalloc_oob_in_memset+0x15f/0x320 [ 11.147268] kasan_report+0x141/0x180 [ 11.147289] ? kmalloc_oob_in_memset+0x15f/0x320 [ 11.147316] kasan_check_range+0x10c/0x1c0 [ 11.147335] __asan_memset+0x27/0x50 [ 11.147354] kmalloc_oob_in_memset+0x15f/0x320 [ 11.147389] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 11.147411] ? __schedule+0x10c6/0x2b60 [ 11.147434] ? __pfx_read_tsc+0x10/0x10 [ 11.147453] ? ktime_get_ts64+0x86/0x230 [ 11.147502] kunit_try_run_case+0x1a5/0x480 [ 11.147523] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.147541] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.147561] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.147584] ? __kthread_parkme+0x82/0x180 [ 11.147605] ? preempt_count_sub+0x50/0x80 [ 11.147629] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.147648] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.147670] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.147726] kthread+0x337/0x6f0 [ 11.147743] ? trace_preempt_on+0x20/0xc0 [ 11.147766] ? __pfx_kthread+0x10/0x10 [ 11.147783] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.147804] ? calculate_sigpending+0x7b/0xa0 [ 11.147825] ? __pfx_kthread+0x10/0x10 [ 11.147843] ret_from_fork+0x41/0x80 [ 11.147862] ? __pfx_kthread+0x10/0x10 [ 11.147879] ret_from_fork_asm+0x1a/0x30 [ 11.147910] </TASK> [ 11.147920] [ 11.161278] Allocated by task 190: [ 11.161532] kasan_save_stack+0x45/0x70 [ 11.161885] kasan_save_track+0x18/0x40 [ 11.162284] kasan_save_alloc_info+0x3b/0x50 [ 11.162896] __kasan_kmalloc+0xb7/0xc0 [ 11.163308] __kmalloc_cache_noprof+0x189/0x420 [ 11.163745] kmalloc_oob_in_memset+0xac/0x320 [ 11.164186] kunit_try_run_case+0x1a5/0x480 [ 11.164578] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.164919] kthread+0x337/0x6f0 [ 11.165043] ret_from_fork+0x41/0x80 [ 11.165173] ret_from_fork_asm+0x1a/0x30 [ 11.165325] [ 11.165427] The buggy address belongs to the object at ffff8881028aff00 [ 11.165427] which belongs to the cache kmalloc-128 of size 128 [ 11.166109] The buggy address is located 0 bytes inside of [ 11.166109] allocated 120-byte region [ffff8881028aff00, ffff8881028aff78) [ 11.166602] [ 11.166756] The buggy address belongs to the physical page: [ 11.166970] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028af [ 11.167272] flags: 0x200000000000000(node=0|zone=2) [ 11.167512] page_type: f5(slab) [ 11.167847] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.168164] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.168516] page dumped because: kasan: bad access detected [ 11.168806] [ 11.168902] Memory state around the buggy address: [ 11.169099] ffff8881028afe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.169335] ffff8881028afe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.169649] >ffff8881028aff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.169958] ^ [ 11.170200] ffff8881028aff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.170721] ffff8881028b0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.170987] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 11.120759] ================================================================== [ 11.121589] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 11.122030] Read of size 16 at addr ffff888102219640 by task kunit_try_catch/188 [ 11.122352] [ 11.122462] CPU: 1 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 11.122508] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.122519] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.122539] Call Trace: [ 11.122551] <TASK> [ 11.122568] dump_stack_lvl+0x73/0xb0 [ 11.122595] print_report+0xd1/0x610 [ 11.122617] ? __virt_addr_valid+0x1db/0x2d0 [ 11.122638] ? kmalloc_uaf_16+0x47b/0x4c0 [ 11.122658] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.122679] ? kmalloc_uaf_16+0x47b/0x4c0 [ 11.122700] kasan_report+0x141/0x180 [ 11.122721] ? kmalloc_uaf_16+0x47b/0x4c0 [ 11.122747] __asan_report_load16_noabort+0x18/0x20 [ 11.122767] kmalloc_uaf_16+0x47b/0x4c0 [ 11.122788] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 11.122809] ? __schedule+0x10c6/0x2b60 [ 11.122832] ? __pfx_read_tsc+0x10/0x10 [ 11.122851] ? ktime_get_ts64+0x86/0x230 [ 11.122875] kunit_try_run_case+0x1a5/0x480 [ 11.122896] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.122913] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.122933] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.122956] ? __kthread_parkme+0x82/0x180 [ 11.122977] ? preempt_count_sub+0x50/0x80 [ 11.123002] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.123021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.123044] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.123066] kthread+0x337/0x6f0 [ 11.123082] ? trace_preempt_on+0x20/0xc0 [ 11.123106] ? __pfx_kthread+0x10/0x10 [ 11.123123] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.123144] ? calculate_sigpending+0x7b/0xa0 [ 11.123164] ? __pfx_kthread+0x10/0x10 [ 11.123182] ret_from_fork+0x41/0x80 [ 11.123201] ? __pfx_kthread+0x10/0x10 [ 11.123218] ret_from_fork_asm+0x1a/0x30 [ 11.123261] </TASK> [ 11.123271] [ 11.130522] Allocated by task 188: [ 11.130724] kasan_save_stack+0x45/0x70 [ 11.130946] kasan_save_track+0x18/0x40 [ 11.131130] kasan_save_alloc_info+0x3b/0x50 [ 11.131358] __kasan_kmalloc+0xb7/0xc0 [ 11.131535] __kmalloc_cache_noprof+0x189/0x420 [ 11.131765] kmalloc_uaf_16+0x15b/0x4c0 [ 11.131976] kunit_try_run_case+0x1a5/0x480 [ 11.132179] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.132356] kthread+0x337/0x6f0 [ 11.132471] ret_from_fork+0x41/0x80 [ 11.132719] ret_from_fork_asm+0x1a/0x30 [ 11.132934] [ 11.133029] Freed by task 188: [ 11.133181] kasan_save_stack+0x45/0x70 [ 11.133379] kasan_save_track+0x18/0x40 [ 11.133568] kasan_save_free_info+0x3f/0x60 [ 11.133775] __kasan_slab_free+0x56/0x70 [ 11.133965] kfree+0x222/0x3f0 [ 11.134074] kmalloc_uaf_16+0x1d6/0x4c0 [ 11.134204] kunit_try_run_case+0x1a5/0x480 [ 11.134461] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.134710] kthread+0x337/0x6f0 [ 11.134896] ret_from_fork+0x41/0x80 [ 11.135119] ret_from_fork_asm+0x1a/0x30 [ 11.135303] [ 11.135371] The buggy address belongs to the object at ffff888102219640 [ 11.135371] which belongs to the cache kmalloc-16 of size 16 [ 11.136074] The buggy address is located 0 bytes inside of [ 11.136074] freed 16-byte region [ffff888102219640, ffff888102219650) [ 11.136556] [ 11.136689] The buggy address belongs to the physical page: [ 11.136947] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102219 [ 11.137341] flags: 0x200000000000000(node=0|zone=2) [ 11.137615] page_type: f5(slab) [ 11.137795] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.138117] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.138488] page dumped because: kasan: bad access detected [ 11.138802] [ 11.138896] Memory state around the buggy address: [ 11.139131] ffff888102219500: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 11.139463] ffff888102219580: 00 05 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 11.139855] >ffff888102219600: fa fb fc fc 00 00 fc fc fa fb fc fc fc fc fc fc [ 11.140152] ^ [ 11.140476] ffff888102219680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.140763] ffff888102219700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.141085] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 11.088714] ================================================================== [ 11.089801] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 11.090193] Write of size 16 at addr ffff8881022195e0 by task kunit_try_catch/186 [ 11.090691] [ 11.091182] CPU: 1 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 11.091245] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.091256] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.091278] Call Trace: [ 11.091290] <TASK> [ 11.091327] dump_stack_lvl+0x73/0xb0 [ 11.091355] print_report+0xd1/0x610 [ 11.091378] ? __virt_addr_valid+0x1db/0x2d0 [ 11.091399] ? kmalloc_oob_16+0x452/0x4a0 [ 11.091419] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.091441] ? kmalloc_oob_16+0x452/0x4a0 [ 11.091462] kasan_report+0x141/0x180 [ 11.091483] ? kmalloc_oob_16+0x452/0x4a0 [ 11.091509] __asan_report_store16_noabort+0x1b/0x30 [ 11.091529] kmalloc_oob_16+0x452/0x4a0 [ 11.091550] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 11.091572] ? __schedule+0x10c6/0x2b60 [ 11.091594] ? __pfx_read_tsc+0x10/0x10 [ 11.091613] ? ktime_get_ts64+0x86/0x230 [ 11.091638] kunit_try_run_case+0x1a5/0x480 [ 11.091659] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.091676] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.091696] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.091720] ? __kthread_parkme+0x82/0x180 [ 11.091763] ? preempt_count_sub+0x50/0x80 [ 11.091788] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.091807] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.091829] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.091852] kthread+0x337/0x6f0 [ 11.091868] ? trace_preempt_on+0x20/0xc0 [ 11.091891] ? __pfx_kthread+0x10/0x10 [ 11.091908] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.091929] ? calculate_sigpending+0x7b/0xa0 [ 11.091950] ? __pfx_kthread+0x10/0x10 [ 11.091967] ret_from_fork+0x41/0x80 [ 11.091987] ? __pfx_kthread+0x10/0x10 [ 11.092004] ret_from_fork_asm+0x1a/0x30 [ 11.092034] </TASK> [ 11.092044] [ 11.106282] Allocated by task 186: [ 11.106459] kasan_save_stack+0x45/0x70 [ 11.106900] kasan_save_track+0x18/0x40 [ 11.107230] kasan_save_alloc_info+0x3b/0x50 [ 11.107431] __kasan_kmalloc+0xb7/0xc0 [ 11.107677] __kmalloc_cache_noprof+0x189/0x420 [ 11.108304] kmalloc_oob_16+0xa8/0x4a0 [ 11.108715] kunit_try_run_case+0x1a5/0x480 [ 11.108902] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.109076] kthread+0x337/0x6f0 [ 11.109193] ret_from_fork+0x41/0x80 [ 11.109329] ret_from_fork_asm+0x1a/0x30 [ 11.109465] [ 11.109533] The buggy address belongs to the object at ffff8881022195e0 [ 11.109533] which belongs to the cache kmalloc-16 of size 16 [ 11.110042] The buggy address is located 0 bytes inside of [ 11.110042] allocated 13-byte region [ffff8881022195e0, ffff8881022195ed) [ 11.110422] [ 11.110582] The buggy address belongs to the physical page: [ 11.110884] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102219 [ 11.111210] flags: 0x200000000000000(node=0|zone=2) [ 11.111479] page_type: f5(slab) [ 11.111654] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.112181] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.112877] page dumped because: kasan: bad access detected [ 11.113129] [ 11.113233] Memory state around the buggy address: [ 11.113449] ffff888102219480: 00 06 fc fc 00 06 fc fc 00 04 fc fc 00 04 fc fc [ 11.113931] ffff888102219500: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 11.114235] >ffff888102219580: 00 05 fc fc 00 04 fc fc fa fb fc fc 00 05 fc fc [ 11.115005] ^ [ 11.115295] ffff888102219600: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.116095] ffff888102219680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.116595] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 11.009912] ================================================================== [ 11.011560] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 11.012330] Read of size 1 at addr ffff888100a9cc00 by task kunit_try_catch/184 [ 11.013081] [ 11.013362] CPU: 1 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 11.013431] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.013442] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.013465] Call Trace: [ 11.013478] <TASK> [ 11.013494] dump_stack_lvl+0x73/0xb0 [ 11.013548] print_report+0xd1/0x610 [ 11.013570] ? __virt_addr_valid+0x1db/0x2d0 [ 11.013593] ? krealloc_uaf+0x1b8/0x5e0 [ 11.013635] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.013656] ? krealloc_uaf+0x1b8/0x5e0 [ 11.013674] kasan_report+0x141/0x180 [ 11.013706] ? krealloc_uaf+0x1b8/0x5e0 [ 11.013727] ? krealloc_uaf+0x1b8/0x5e0 [ 11.013744] __kasan_check_byte+0x3d/0x50 [ 11.013782] krealloc_noprof+0x3f/0x340 [ 11.013806] krealloc_uaf+0x1b8/0x5e0 [ 11.013823] ? __pfx_krealloc_uaf+0x10/0x10 [ 11.013840] ? finish_task_switch.isra.0+0x153/0x700 [ 11.013864] ? __switch_to+0x5d9/0xf60 [ 11.013885] ? dequeue_task_fair+0x166/0x4e0 [ 11.013908] ? __schedule+0x10c6/0x2b60 [ 11.013932] ? __pfx_read_tsc+0x10/0x10 [ 11.013952] ? ktime_get_ts64+0x86/0x230 [ 11.013978] kunit_try_run_case+0x1a5/0x480 [ 11.013999] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.014017] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.014037] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.014060] ? __kthread_parkme+0x82/0x180 [ 11.014082] ? preempt_count_sub+0x50/0x80 [ 11.014105] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.014124] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.014146] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.014168] kthread+0x337/0x6f0 [ 11.014184] ? trace_preempt_on+0x20/0xc0 [ 11.014208] ? __pfx_kthread+0x10/0x10 [ 11.014234] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.014255] ? calculate_sigpending+0x7b/0xa0 [ 11.014277] ? __pfx_kthread+0x10/0x10 [ 11.014294] ret_from_fork+0x41/0x80 [ 11.014314] ? __pfx_kthread+0x10/0x10 [ 11.014331] ret_from_fork_asm+0x1a/0x30 [ 11.014377] </TASK> [ 11.014387] [ 11.031553] Allocated by task 184: [ 11.032003] kasan_save_stack+0x45/0x70 [ 11.032534] kasan_save_track+0x18/0x40 [ 11.032875] kasan_save_alloc_info+0x3b/0x50 [ 11.033424] __kasan_kmalloc+0xb7/0xc0 [ 11.033634] __kmalloc_cache_noprof+0x189/0x420 [ 11.034138] krealloc_uaf+0xbb/0x5e0 [ 11.034566] kunit_try_run_case+0x1a5/0x480 [ 11.034782] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.034958] kthread+0x337/0x6f0 [ 11.035077] ret_from_fork+0x41/0x80 [ 11.035206] ret_from_fork_asm+0x1a/0x30 [ 11.035386] [ 11.035593] Freed by task 184: [ 11.036039] kasan_save_stack+0x45/0x70 [ 11.036476] kasan_save_track+0x18/0x40 [ 11.036953] kasan_save_free_info+0x3f/0x60 [ 11.037378] __kasan_slab_free+0x56/0x70 [ 11.037888] kfree+0x222/0x3f0 [ 11.038220] krealloc_uaf+0x13d/0x5e0 [ 11.038618] kunit_try_run_case+0x1a5/0x480 [ 11.039139] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.039755] kthread+0x337/0x6f0 [ 11.040091] ret_from_fork+0x41/0x80 [ 11.040233] ret_from_fork_asm+0x1a/0x30 [ 11.040415] [ 11.040625] The buggy address belongs to the object at ffff888100a9cc00 [ 11.040625] which belongs to the cache kmalloc-256 of size 256 [ 11.041966] The buggy address is located 0 bytes inside of [ 11.041966] freed 256-byte region [ffff888100a9cc00, ffff888100a9cd00) [ 11.042548] [ 11.042809] The buggy address belongs to the physical page: [ 11.043349] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a9c [ 11.044124] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.044838] flags: 0x200000000000040(head|node=0|zone=2) [ 11.045171] page_type: f5(slab) [ 11.045311] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.046136] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.046944] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.047454] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.047768] head: 0200000000000001 ffffea000402a701 00000000ffffffff 00000000ffffffff [ 11.048468] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.049206] page dumped because: kasan: bad access detected [ 11.049457] [ 11.049598] Memory state around the buggy address: [ 11.050078] ffff888100a9cb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.050679] ffff888100a9cb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.051342] >ffff888100a9cc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.051561] ^ [ 11.051728] ffff888100a9cc80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.052353] ffff888100a9cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.053075] ================================================================== [ 11.054112] ================================================================== [ 11.054673] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 11.055049] Read of size 1 at addr ffff888100a9cc00 by task kunit_try_catch/184 [ 11.055279] [ 11.055369] CPU: 1 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 11.055429] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.055440] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.055461] Call Trace: [ 11.055472] <TASK> [ 11.055500] dump_stack_lvl+0x73/0xb0 [ 11.055526] print_report+0xd1/0x610 [ 11.055549] ? __virt_addr_valid+0x1db/0x2d0 [ 11.055570] ? krealloc_uaf+0x53c/0x5e0 [ 11.055587] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.055608] ? krealloc_uaf+0x53c/0x5e0 [ 11.055625] kasan_report+0x141/0x180 [ 11.055647] ? krealloc_uaf+0x53c/0x5e0 [ 11.055669] __asan_report_load1_noabort+0x18/0x20 [ 11.055699] krealloc_uaf+0x53c/0x5e0 [ 11.055717] ? __pfx_krealloc_uaf+0x10/0x10 [ 11.055733] ? finish_task_switch.isra.0+0x153/0x700 [ 11.055756] ? __switch_to+0x5d9/0xf60 [ 11.055786] ? dequeue_task_fair+0x166/0x4e0 [ 11.055809] ? __schedule+0x10c6/0x2b60 [ 11.055832] ? __pfx_read_tsc+0x10/0x10 [ 11.055851] ? ktime_get_ts64+0x86/0x230 [ 11.055876] kunit_try_run_case+0x1a5/0x480 [ 11.055896] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.055914] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.055933] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.055956] ? __kthread_parkme+0x82/0x180 [ 11.055977] ? preempt_count_sub+0x50/0x80 [ 11.056000] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.056019] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.056041] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.056063] kthread+0x337/0x6f0 [ 11.056078] ? trace_preempt_on+0x20/0xc0 [ 11.056101] ? __pfx_kthread+0x10/0x10 [ 11.056118] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.056148] ? calculate_sigpending+0x7b/0xa0 [ 11.056169] ? __pfx_kthread+0x10/0x10 [ 11.056187] ret_from_fork+0x41/0x80 [ 11.056206] ? __pfx_kthread+0x10/0x10 [ 11.056242] ret_from_fork_asm+0x1a/0x30 [ 11.056273] </TASK> [ 11.056282] [ 11.069996] Allocated by task 184: [ 11.070283] kasan_save_stack+0x45/0x70 [ 11.070475] kasan_save_track+0x18/0x40 [ 11.070743] kasan_save_alloc_info+0x3b/0x50 [ 11.070946] __kasan_kmalloc+0xb7/0xc0 [ 11.071100] __kmalloc_cache_noprof+0x189/0x420 [ 11.071329] krealloc_uaf+0xbb/0x5e0 [ 11.071555] kunit_try_run_case+0x1a5/0x480 [ 11.071874] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.072088] kthread+0x337/0x6f0 [ 11.072240] ret_from_fork+0x41/0x80 [ 11.072441] ret_from_fork_asm+0x1a/0x30 [ 11.072599] [ 11.072708] Freed by task 184: [ 11.072880] kasan_save_stack+0x45/0x70 [ 11.073049] kasan_save_track+0x18/0x40 [ 11.073251] kasan_save_free_info+0x3f/0x60 [ 11.073490] __kasan_slab_free+0x56/0x70 [ 11.073682] kfree+0x222/0x3f0 [ 11.073823] krealloc_uaf+0x13d/0x5e0 [ 11.073947] kunit_try_run_case+0x1a5/0x480 [ 11.074082] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.074264] kthread+0x337/0x6f0 [ 11.074421] ret_from_fork+0x41/0x80 [ 11.074647] ret_from_fork_asm+0x1a/0x30 [ 11.074836] [ 11.074927] The buggy address belongs to the object at ffff888100a9cc00 [ 11.074927] which belongs to the cache kmalloc-256 of size 256 [ 11.075440] The buggy address is located 0 bytes inside of [ 11.075440] freed 256-byte region [ffff888100a9cc00, ffff888100a9cd00) [ 11.076190] [ 11.076269] The buggy address belongs to the physical page: [ 11.076628] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a9c [ 11.077034] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.077325] flags: 0x200000000000040(head|node=0|zone=2) [ 11.077609] page_type: f5(slab) [ 11.077774] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.078031] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.078479] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.078948] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.079277] head: 0200000000000001 ffffea000402a701 00000000ffffffff 00000000ffffffff [ 11.079603] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.079925] page dumped because: kasan: bad access detected [ 11.080165] [ 11.080239] Memory state around the buggy address: [ 11.080521] ffff888100a9cb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.080848] ffff888100a9cb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.081092] >ffff888100a9cc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.081318] ^ [ 11.081496] ffff888100a9cc80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.081832] ffff888100a9cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.082071] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 10.903475] ================================================================== [ 10.904466] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 10.904898] Write of size 1 at addr ffff888102d6a0c9 by task kunit_try_catch/182 [ 10.905209] [ 10.905341] CPU: 0 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 10.905485] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.905501] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.905522] Call Trace: [ 10.905535] <TASK> [ 10.905563] dump_stack_lvl+0x73/0xb0 [ 10.905592] print_report+0xd1/0x610 [ 10.905616] ? __virt_addr_valid+0x1db/0x2d0 [ 10.905639] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 10.905658] ? kasan_addr_to_slab+0x11/0xa0 [ 10.905679] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 10.905699] kasan_report+0x141/0x180 [ 10.905720] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 10.905773] __asan_report_store1_noabort+0x1b/0x30 [ 10.905795] krealloc_less_oob_helper+0xd70/0x11d0 [ 10.905816] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.905885] ? finish_task_switch.isra.0+0x153/0x700 [ 10.905915] ? __switch_to+0x5d9/0xf60 [ 10.905967] ? dequeue_task_fair+0x156/0x4e0 [ 10.905992] ? __schedule+0x10c6/0x2b60 [ 10.906016] ? __pfx_read_tsc+0x10/0x10 [ 10.906051] krealloc_large_less_oob+0x1c/0x30 [ 10.906071] kunit_try_run_case+0x1a5/0x480 [ 10.906092] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.906121] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.906142] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.906166] ? __kthread_parkme+0x82/0x180 [ 10.906187] ? preempt_count_sub+0x50/0x80 [ 10.906212] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.906240] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.906263] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.906285] kthread+0x337/0x6f0 [ 10.906301] ? trace_preempt_on+0x20/0xc0 [ 10.906325] ? __pfx_kthread+0x10/0x10 [ 10.906342] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.906363] ? calculate_sigpending+0x7b/0xa0 [ 10.906384] ? __pfx_kthread+0x10/0x10 [ 10.906402] ret_from_fork+0x41/0x80 [ 10.906423] ? __pfx_kthread+0x10/0x10 [ 10.906440] ret_from_fork_asm+0x1a/0x30 [ 10.906471] </TASK> [ 10.906483] [ 10.916187] The buggy address belongs to the physical page: [ 10.916510] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d68 [ 10.916980] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.917331] flags: 0x200000000000040(head|node=0|zone=2) [ 10.917679] page_type: f8(unknown) [ 10.917896] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.918575] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.919048] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.919458] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.919905] head: 0200000000000002 ffffea00040b5a01 00000000ffffffff 00000000ffffffff [ 10.920217] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.920807] page dumped because: kasan: bad access detected [ 10.921106] [ 10.921249] Memory state around the buggy address: [ 10.921566] ffff888102d69f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.921918] ffff888102d6a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.922329] >ffff888102d6a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 10.922538] ^ [ 10.923108] ffff888102d6a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.923540] ffff888102d6a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.924053] ================================================================== [ 10.795661] ================================================================== [ 10.796263] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 10.796834] Write of size 1 at addr ffff888100351aea by task kunit_try_catch/178 [ 10.797499] [ 10.797720] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 10.797767] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.797778] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.797798] Call Trace: [ 10.797816] <TASK> [ 10.797832] dump_stack_lvl+0x73/0xb0 [ 10.797858] print_report+0xd1/0x610 [ 10.797880] ? __virt_addr_valid+0x1db/0x2d0 [ 10.797901] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 10.797921] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.797943] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 10.797962] kasan_report+0x141/0x180 [ 10.797984] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 10.798009] __asan_report_store1_noabort+0x1b/0x30 [ 10.798029] krealloc_less_oob_helper+0xe90/0x11d0 [ 10.798050] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.798070] ? finish_task_switch.isra.0+0x153/0x700 [ 10.798094] ? __switch_to+0x5d9/0xf60 [ 10.798116] ? dequeue_task_fair+0x156/0x4e0 [ 10.798139] ? __schedule+0x10c6/0x2b60 [ 10.798162] ? __pfx_read_tsc+0x10/0x10 [ 10.798185] krealloc_less_oob+0x1c/0x30 [ 10.798202] kunit_try_run_case+0x1a5/0x480 [ 10.798236] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.798254] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.798274] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.798297] ? __kthread_parkme+0x82/0x180 [ 10.798318] ? preempt_count_sub+0x50/0x80 [ 10.798342] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.798368] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.798391] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.798413] kthread+0x337/0x6f0 [ 10.798429] ? trace_preempt_on+0x20/0xc0 [ 10.798452] ? __pfx_kthread+0x10/0x10 [ 10.798469] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.798491] ? calculate_sigpending+0x7b/0xa0 [ 10.798512] ? __pfx_kthread+0x10/0x10 [ 10.798529] ret_from_fork+0x41/0x80 [ 10.798549] ? __pfx_kthread+0x10/0x10 [ 10.798566] ret_from_fork_asm+0x1a/0x30 [ 10.798596] </TASK> [ 10.798606] [ 10.812432] Allocated by task 178: [ 10.812848] kasan_save_stack+0x45/0x70 [ 10.813277] kasan_save_track+0x18/0x40 [ 10.813684] kasan_save_alloc_info+0x3b/0x50 [ 10.814082] __kasan_krealloc+0x190/0x1f0 [ 10.814246] krealloc_noprof+0xf3/0x340 [ 10.814381] krealloc_less_oob_helper+0x1aa/0x11d0 [ 10.814538] krealloc_less_oob+0x1c/0x30 [ 10.814684] kunit_try_run_case+0x1a5/0x480 [ 10.814838] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.815056] kthread+0x337/0x6f0 [ 10.815232] ret_from_fork+0x41/0x80 [ 10.815416] ret_from_fork_asm+0x1a/0x30 [ 10.815582] [ 10.815680] The buggy address belongs to the object at ffff888100351a00 [ 10.815680] which belongs to the cache kmalloc-256 of size 256 [ 10.816174] The buggy address is located 33 bytes to the right of [ 10.816174] allocated 201-byte region [ffff888100351a00, ffff888100351ac9) [ 10.816688] [ 10.816786] The buggy address belongs to the physical page: [ 10.817214] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100350 [ 10.817743] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.818039] flags: 0x200000000000040(head|node=0|zone=2) [ 10.818281] page_type: f5(slab) [ 10.818404] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.818706] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.819014] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.819717] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.820631] head: 0200000000000001 ffffea000400d401 00000000ffffffff 00000000ffffffff [ 10.821246] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.822153] page dumped because: kasan: bad access detected [ 10.822679] [ 10.822761] Memory state around the buggy address: [ 10.822996] ffff888100351980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.823301] ffff888100351a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.824139] >ffff888100351a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 10.824598] ^ [ 10.825116] ffff888100351b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.825461] ffff888100351b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.825947] ================================================================== [ 10.826988] ================================================================== [ 10.827316] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 10.827574] Write of size 1 at addr ffff888100351aeb by task kunit_try_catch/178 [ 10.827800] [ 10.827907] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 10.827952] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.827963] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.827984] Call Trace: [ 10.828002] <TASK> [ 10.828019] dump_stack_lvl+0x73/0xb0 [ 10.828045] print_report+0xd1/0x610 [ 10.828067] ? __virt_addr_valid+0x1db/0x2d0 [ 10.828088] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 10.828107] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.828129] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 10.828148] kasan_report+0x141/0x180 [ 10.828170] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 10.828194] __asan_report_store1_noabort+0x1b/0x30 [ 10.828235] krealloc_less_oob_helper+0xd47/0x11d0 [ 10.828257] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.828277] ? finish_task_switch.isra.0+0x153/0x700 [ 10.828302] ? __switch_to+0x5d9/0xf60 [ 10.828323] ? dequeue_task_fair+0x156/0x4e0 [ 10.828347] ? __schedule+0x10c6/0x2b60 [ 10.828379] ? __pfx_read_tsc+0x10/0x10 [ 10.828402] krealloc_less_oob+0x1c/0x30 [ 10.828420] kunit_try_run_case+0x1a5/0x480 [ 10.828441] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.828459] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.828479] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.828503] ? __kthread_parkme+0x82/0x180 [ 10.828524] ? preempt_count_sub+0x50/0x80 [ 10.828547] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.828566] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.828589] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.828611] kthread+0x337/0x6f0 [ 10.828628] ? trace_preempt_on+0x20/0xc0 [ 10.828652] ? __pfx_kthread+0x10/0x10 [ 10.828689] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.828711] ? calculate_sigpending+0x7b/0xa0 [ 10.828731] ? __pfx_kthread+0x10/0x10 [ 10.828749] ret_from_fork+0x41/0x80 [ 10.828768] ? __pfx_kthread+0x10/0x10 [ 10.828785] ret_from_fork_asm+0x1a/0x30 [ 10.828816] </TASK> [ 10.828826] [ 10.836515] Allocated by task 178: [ 10.836726] kasan_save_stack+0x45/0x70 [ 10.836931] kasan_save_track+0x18/0x40 [ 10.837124] kasan_save_alloc_info+0x3b/0x50 [ 10.837340] __kasan_krealloc+0x190/0x1f0 [ 10.837648] krealloc_noprof+0xf3/0x340 [ 10.837784] krealloc_less_oob_helper+0x1aa/0x11d0 [ 10.837940] krealloc_less_oob+0x1c/0x30 [ 10.838074] kunit_try_run_case+0x1a5/0x480 [ 10.838475] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.839003] kthread+0x337/0x6f0 [ 10.839133] ret_from_fork+0x41/0x80 [ 10.839273] ret_from_fork_asm+0x1a/0x30 [ 10.839536] [ 10.839629] The buggy address belongs to the object at ffff888100351a00 [ 10.839629] which belongs to the cache kmalloc-256 of size 256 [ 10.840304] The buggy address is located 34 bytes to the right of [ 10.840304] allocated 201-byte region [ffff888100351a00, ffff888100351ac9) [ 10.840896] [ 10.841058] The buggy address belongs to the physical page: [ 10.841252] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100350 [ 10.841641] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.841917] flags: 0x200000000000040(head|node=0|zone=2) [ 10.842090] page_type: f5(slab) [ 10.842209] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.842446] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.842674] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.842939] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.843281] head: 0200000000000001 ffffea000400d401 00000000ffffffff 00000000ffffffff [ 10.843624] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.844097] page dumped because: kasan: bad access detected [ 10.844356] [ 10.844424] Memory state around the buggy address: [ 10.844578] ffff888100351980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.844791] ffff888100351a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.845010] >ffff888100351a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 10.845231] ^ [ 10.845553] ffff888100351b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.846251] ffff888100351b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.846926] ================================================================== [ 10.764946] ================================================================== [ 10.765245] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 10.765721] Write of size 1 at addr ffff888100351ada by task kunit_try_catch/178 [ 10.765988] [ 10.766076] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 10.766119] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.766130] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.766150] Call Trace: [ 10.766168] <TASK> [ 10.766183] dump_stack_lvl+0x73/0xb0 [ 10.766208] print_report+0xd1/0x610 [ 10.766242] ? __virt_addr_valid+0x1db/0x2d0 [ 10.766263] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 10.766282] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.766304] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 10.766324] kasan_report+0x141/0x180 [ 10.766345] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 10.766370] __asan_report_store1_noabort+0x1b/0x30 [ 10.766390] krealloc_less_oob_helper+0xec6/0x11d0 [ 10.766412] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.766432] ? finish_task_switch.isra.0+0x153/0x700 [ 10.766456] ? __switch_to+0x5d9/0xf60 [ 10.766477] ? dequeue_task_fair+0x156/0x4e0 [ 10.766501] ? __schedule+0x10c6/0x2b60 [ 10.766524] ? __pfx_read_tsc+0x10/0x10 [ 10.766547] krealloc_less_oob+0x1c/0x30 [ 10.766564] kunit_try_run_case+0x1a5/0x480 [ 10.766585] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.766603] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.766622] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.766646] ? __kthread_parkme+0x82/0x180 [ 10.766667] ? preempt_count_sub+0x50/0x80 [ 10.766691] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.766710] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.766733] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.766755] kthread+0x337/0x6f0 [ 10.766771] ? trace_preempt_on+0x20/0xc0 [ 10.766850] ? __pfx_kthread+0x10/0x10 [ 10.766873] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.766895] ? calculate_sigpending+0x7b/0xa0 [ 10.766917] ? __pfx_kthread+0x10/0x10 [ 10.766934] ret_from_fork+0x41/0x80 [ 10.766956] ? __pfx_kthread+0x10/0x10 [ 10.766973] ret_from_fork_asm+0x1a/0x30 [ 10.767003] </TASK> [ 10.767013] [ 10.775609] Allocated by task 178: [ 10.775737] kasan_save_stack+0x45/0x70 [ 10.775882] kasan_save_track+0x18/0x40 [ 10.776013] kasan_save_alloc_info+0x3b/0x50 [ 10.776154] __kasan_krealloc+0x190/0x1f0 [ 10.776471] krealloc_noprof+0xf3/0x340 [ 10.777199] krealloc_less_oob_helper+0x1aa/0x11d0 [ 10.777616] krealloc_less_oob+0x1c/0x30 [ 10.777952] kunit_try_run_case+0x1a5/0x480 [ 10.778527] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.779168] kthread+0x337/0x6f0 [ 10.779595] ret_from_fork+0x41/0x80 [ 10.780288] ret_from_fork_asm+0x1a/0x30 [ 10.780784] [ 10.780957] The buggy address belongs to the object at ffff888100351a00 [ 10.780957] which belongs to the cache kmalloc-256 of size 256 [ 10.782258] The buggy address is located 17 bytes to the right of [ 10.782258] allocated 201-byte region [ffff888100351a00, ffff888100351ac9) [ 10.783485] [ 10.783761] The buggy address belongs to the physical page: [ 10.784311] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100350 [ 10.785123] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.785833] flags: 0x200000000000040(head|node=0|zone=2) [ 10.786415] page_type: f5(slab) [ 10.786790] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.787744] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.788328] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.788834] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.789079] head: 0200000000000001 ffffea000400d401 00000000ffffffff 00000000ffffffff [ 10.789321] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.789977] page dumped because: kasan: bad access detected [ 10.790643] [ 10.790833] Memory state around the buggy address: [ 10.790993] ffff888100351980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.791209] ffff888100351a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.791570] >ffff888100351a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 10.792361] ^ [ 10.792957] ffff888100351b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.793661] ffff888100351b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.794466] ================================================================== [ 10.964630] ================================================================== [ 10.965217] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 10.965641] Write of size 1 at addr ffff888102d6a0ea by task kunit_try_catch/182 [ 10.966054] [ 10.966179] CPU: 0 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 10.966221] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.966244] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.966328] Call Trace: [ 10.966346] <TASK> [ 10.966385] dump_stack_lvl+0x73/0xb0 [ 10.966412] print_report+0xd1/0x610 [ 10.966445] ? __virt_addr_valid+0x1db/0x2d0 [ 10.966467] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 10.966486] ? kasan_addr_to_slab+0x11/0xa0 [ 10.966506] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 10.966526] kasan_report+0x141/0x180 [ 10.966567] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 10.966593] __asan_report_store1_noabort+0x1b/0x30 [ 10.966627] krealloc_less_oob_helper+0xe90/0x11d0 [ 10.966649] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.966712] ? finish_task_switch.isra.0+0x153/0x700 [ 10.966740] ? __switch_to+0x5d9/0xf60 [ 10.966773] ? dequeue_task_fair+0x156/0x4e0 [ 10.966797] ? __schedule+0x10c6/0x2b60 [ 10.966820] ? __pfx_read_tsc+0x10/0x10 [ 10.966872] krealloc_large_less_oob+0x1c/0x30 [ 10.966891] kunit_try_run_case+0x1a5/0x480 [ 10.966911] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.966964] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.966984] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.967007] ? __kthread_parkme+0x82/0x180 [ 10.967038] ? preempt_count_sub+0x50/0x80 [ 10.967062] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.967082] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.967104] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.967126] kthread+0x337/0x6f0 [ 10.967142] ? trace_preempt_on+0x20/0xc0 [ 10.967165] ? __pfx_kthread+0x10/0x10 [ 10.967208] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.967247] ? calculate_sigpending+0x7b/0xa0 [ 10.967285] ? __pfx_kthread+0x10/0x10 [ 10.967311] ret_from_fork+0x41/0x80 [ 10.967332] ? __pfx_kthread+0x10/0x10 [ 10.967349] ret_from_fork_asm+0x1a/0x30 [ 10.967391] </TASK> [ 10.967402] [ 10.977996] The buggy address belongs to the physical page: [ 10.978561] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d68 [ 10.979381] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.980135] flags: 0x200000000000040(head|node=0|zone=2) [ 10.980703] page_type: f8(unknown) [ 10.981090] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.981811] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.982669] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.983240] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.983699] head: 0200000000000002 ffffea00040b5a01 00000000ffffffff 00000000ffffffff [ 10.984457] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.985173] page dumped because: kasan: bad access detected [ 10.985369] [ 10.985533] Memory state around the buggy address: [ 10.986025] ffff888102d69f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.986697] ffff888102d6a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.987265] >ffff888102d6a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 10.987504] ^ [ 10.987804] ffff888102d6a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.988450] ffff888102d6a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.989145] ================================================================== [ 10.944618] ================================================================== [ 10.945035] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 10.945614] Write of size 1 at addr ffff888102d6a0da by task kunit_try_catch/182 [ 10.945863] [ 10.945974] CPU: 0 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 10.946091] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.946104] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.946137] Call Trace: [ 10.946152] <TASK> [ 10.946167] dump_stack_lvl+0x73/0xb0 [ 10.946194] print_report+0xd1/0x610 [ 10.946216] ? __virt_addr_valid+0x1db/0x2d0 [ 10.946246] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 10.946267] ? kasan_addr_to_slab+0x11/0xa0 [ 10.946287] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 10.946307] kasan_report+0x141/0x180 [ 10.946363] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 10.946396] __asan_report_store1_noabort+0x1b/0x30 [ 10.946417] krealloc_less_oob_helper+0xec6/0x11d0 [ 10.946450] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.946470] ? finish_task_switch.isra.0+0x153/0x700 [ 10.946495] ? __switch_to+0x5d9/0xf60 [ 10.946515] ? dequeue_task_fair+0x156/0x4e0 [ 10.946565] ? __schedule+0x10c6/0x2b60 [ 10.946589] ? __pfx_read_tsc+0x10/0x10 [ 10.946612] krealloc_large_less_oob+0x1c/0x30 [ 10.946641] kunit_try_run_case+0x1a5/0x480 [ 10.946709] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.946763] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.946784] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.946807] ? __kthread_parkme+0x82/0x180 [ 10.946839] ? preempt_count_sub+0x50/0x80 [ 10.946863] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.946908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.946931] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.946953] kthread+0x337/0x6f0 [ 10.946970] ? trace_preempt_on+0x20/0xc0 [ 10.947005] ? __pfx_kthread+0x10/0x10 [ 10.947023] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.947044] ? calculate_sigpending+0x7b/0xa0 [ 10.947090] ? __pfx_kthread+0x10/0x10 [ 10.947108] ret_from_fork+0x41/0x80 [ 10.947152] ? __pfx_kthread+0x10/0x10 [ 10.947182] ret_from_fork_asm+0x1a/0x30 [ 10.947248] </TASK> [ 10.947259] [ 10.957014] The buggy address belongs to the physical page: [ 10.957325] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d68 [ 10.957775] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.958116] flags: 0x200000000000040(head|node=0|zone=2) [ 10.958429] page_type: f8(unknown) [ 10.958617] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.958951] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.959350] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.959807] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.960429] head: 0200000000000002 ffffea00040b5a01 00000000ffffffff 00000000ffffffff [ 10.960811] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.961146] page dumped because: kasan: bad access detected [ 10.961354] [ 10.961420] Memory state around the buggy address: [ 10.961569] ffff888102d69f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.962010] ffff888102d6a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.962392] >ffff888102d6a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 10.962899] ^ [ 10.963219] ffff888102d6a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.963586] ffff888102d6a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.964143] ================================================================== [ 10.717551] ================================================================== [ 10.718415] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 10.718726] Write of size 1 at addr ffff888100351ac9 by task kunit_try_catch/178 [ 10.719129] [ 10.719258] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 10.719303] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.719313] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.719334] Call Trace: [ 10.719346] <TASK> [ 10.719362] dump_stack_lvl+0x73/0xb0 [ 10.719387] print_report+0xd1/0x610 [ 10.719409] ? __virt_addr_valid+0x1db/0x2d0 [ 10.719431] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 10.719467] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.719489] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 10.719509] kasan_report+0x141/0x180 [ 10.719531] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 10.719556] __asan_report_store1_noabort+0x1b/0x30 [ 10.719576] krealloc_less_oob_helper+0xd70/0x11d0 [ 10.719598] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.719618] ? finish_task_switch.isra.0+0x153/0x700 [ 10.719642] ? __switch_to+0x5d9/0xf60 [ 10.719707] ? dequeue_task_fair+0x156/0x4e0 [ 10.719736] ? __schedule+0x10c6/0x2b60 [ 10.719760] ? __pfx_read_tsc+0x10/0x10 [ 10.719784] krealloc_less_oob+0x1c/0x30 [ 10.719802] kunit_try_run_case+0x1a5/0x480 [ 10.719823] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.719841] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.719861] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.719885] ? __kthread_parkme+0x82/0x180 [ 10.719906] ? preempt_count_sub+0x50/0x80 [ 10.719930] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.719949] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.719971] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.719994] kthread+0x337/0x6f0 [ 10.720010] ? trace_preempt_on+0x20/0xc0 [ 10.720033] ? __pfx_kthread+0x10/0x10 [ 10.720050] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.720071] ? calculate_sigpending+0x7b/0xa0 [ 10.720092] ? __pfx_kthread+0x10/0x10 [ 10.720110] ret_from_fork+0x41/0x80 [ 10.720130] ? __pfx_kthread+0x10/0x10 [ 10.720147] ret_from_fork_asm+0x1a/0x30 [ 10.720177] </TASK> [ 10.720189] [ 10.727928] Allocated by task 178: [ 10.728060] kasan_save_stack+0x45/0x70 [ 10.728270] kasan_save_track+0x18/0x40 [ 10.728618] kasan_save_alloc_info+0x3b/0x50 [ 10.729095] __kasan_krealloc+0x190/0x1f0 [ 10.729337] krealloc_noprof+0xf3/0x340 [ 10.729532] krealloc_less_oob_helper+0x1aa/0x11d0 [ 10.729906] krealloc_less_oob+0x1c/0x30 [ 10.730081] kunit_try_run_case+0x1a5/0x480 [ 10.730239] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.730595] kthread+0x337/0x6f0 [ 10.730794] ret_from_fork+0x41/0x80 [ 10.730929] ret_from_fork_asm+0x1a/0x30 [ 10.731128] [ 10.731235] The buggy address belongs to the object at ffff888100351a00 [ 10.731235] which belongs to the cache kmalloc-256 of size 256 [ 10.731702] The buggy address is located 0 bytes to the right of [ 10.731702] allocated 201-byte region [ffff888100351a00, ffff888100351ac9) [ 10.732251] [ 10.732334] The buggy address belongs to the physical page: [ 10.732610] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100350 [ 10.732942] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.733281] flags: 0x200000000000040(head|node=0|zone=2) [ 10.733536] page_type: f5(slab) [ 10.733708] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.733939] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.734168] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.734497] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.734893] head: 0200000000000001 ffffea000400d401 00000000ffffffff 00000000ffffffff [ 10.735247] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.735612] page dumped because: kasan: bad access detected [ 10.735782] [ 10.735849] Memory state around the buggy address: [ 10.736241] ffff888100351980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.736973] ffff888100351a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.737285] >ffff888100351a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 10.737588] ^ [ 10.737941] ffff888100351b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.738323] ffff888100351b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.738545] ================================================================== [ 10.989799] ================================================================== [ 10.990018] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 10.990271] Write of size 1 at addr ffff888102d6a0eb by task kunit_try_catch/182 [ 10.990713] [ 10.990852] CPU: 0 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 10.990897] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.990908] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.990929] Call Trace: [ 10.990946] <TASK> [ 10.990962] dump_stack_lvl+0x73/0xb0 [ 10.990987] print_report+0xd1/0x610 [ 10.991009] ? __virt_addr_valid+0x1db/0x2d0 [ 10.991030] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 10.991049] ? kasan_addr_to_slab+0x11/0xa0 [ 10.991069] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 10.991089] kasan_report+0x141/0x180 [ 10.991111] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 10.991136] __asan_report_store1_noabort+0x1b/0x30 [ 10.991156] krealloc_less_oob_helper+0xd47/0x11d0 [ 10.991177] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.991197] ? finish_task_switch.isra.0+0x153/0x700 [ 10.991236] ? __switch_to+0x5d9/0xf60 [ 10.991257] ? dequeue_task_fair+0x156/0x4e0 [ 10.991281] ? __schedule+0x10c6/0x2b60 [ 10.991304] ? __pfx_read_tsc+0x10/0x10 [ 10.991327] krealloc_large_less_oob+0x1c/0x30 [ 10.991346] kunit_try_run_case+0x1a5/0x480 [ 10.991366] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.991384] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.991404] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.991428] ? __kthread_parkme+0x82/0x180 [ 10.991448] ? preempt_count_sub+0x50/0x80 [ 10.991472] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.991491] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.991514] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.991536] kthread+0x337/0x6f0 [ 10.991552] ? trace_preempt_on+0x20/0xc0 [ 10.991575] ? __pfx_kthread+0x10/0x10 [ 10.991592] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.991614] ? calculate_sigpending+0x7b/0xa0 [ 10.991635] ? __pfx_kthread+0x10/0x10 [ 10.991652] ret_from_fork+0x41/0x80 [ 10.991710] ? __pfx_kthread+0x10/0x10 [ 10.991729] ret_from_fork_asm+0x1a/0x30 [ 10.991760] </TASK> [ 10.991770] [ 10.999566] The buggy address belongs to the physical page: [ 10.999849] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d68 [ 11.000139] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.000541] flags: 0x200000000000040(head|node=0|zone=2) [ 11.000713] page_type: f8(unknown) [ 11.000835] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.001133] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.001482] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.001854] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.002099] head: 0200000000000002 ffffea00040b5a01 00000000ffffffff 00000000ffffffff [ 11.002566] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.002886] page dumped because: kasan: bad access detected [ 11.003048] [ 11.003113] Memory state around the buggy address: [ 11.003272] ffff888102d69f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.003694] ffff888102d6a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.004009] >ffff888102d6a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.004398] ^ [ 11.004726] ffff888102d6a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.005000] ffff888102d6a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.005236] ================================================================== [ 10.739049] ================================================================== [ 10.739430] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 10.739828] Write of size 1 at addr ffff888100351ad0 by task kunit_try_catch/178 [ 10.740112] [ 10.740199] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 10.740253] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.740264] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.740284] Call Trace: [ 10.740295] <TASK> [ 10.740311] dump_stack_lvl+0x73/0xb0 [ 10.740335] print_report+0xd1/0x610 [ 10.740357] ? __virt_addr_valid+0x1db/0x2d0 [ 10.740378] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 10.740397] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.740419] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 10.740439] kasan_report+0x141/0x180 [ 10.740460] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 10.740485] __asan_report_store1_noabort+0x1b/0x30 [ 10.740505] krealloc_less_oob_helper+0xe23/0x11d0 [ 10.740527] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.740547] ? finish_task_switch.isra.0+0x153/0x700 [ 10.740571] ? __switch_to+0x5d9/0xf60 [ 10.740591] ? dequeue_task_fair+0x156/0x4e0 [ 10.740616] ? __schedule+0x10c6/0x2b60 [ 10.740639] ? __pfx_read_tsc+0x10/0x10 [ 10.740662] krealloc_less_oob+0x1c/0x30 [ 10.740679] kunit_try_run_case+0x1a5/0x480 [ 10.740699] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.740717] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.740737] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.740761] ? __kthread_parkme+0x82/0x180 [ 10.740823] ? preempt_count_sub+0x50/0x80 [ 10.740848] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.740868] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.740890] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.740912] kthread+0x337/0x6f0 [ 10.740933] ? trace_preempt_on+0x20/0xc0 [ 10.740957] ? __pfx_kthread+0x10/0x10 [ 10.740974] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.740996] ? calculate_sigpending+0x7b/0xa0 [ 10.741019] ? __pfx_kthread+0x10/0x10 [ 10.741036] ret_from_fork+0x41/0x80 [ 10.741057] ? __pfx_kthread+0x10/0x10 [ 10.741075] ret_from_fork_asm+0x1a/0x30 [ 10.741106] </TASK> [ 10.741116] [ 10.749355] Allocated by task 178: [ 10.749602] kasan_save_stack+0x45/0x70 [ 10.751859] kasan_save_track+0x18/0x40 [ 10.752040] kasan_save_alloc_info+0x3b/0x50 [ 10.752260] __kasan_krealloc+0x190/0x1f0 [ 10.753160] krealloc_noprof+0xf3/0x340 [ 10.753329] krealloc_less_oob_helper+0x1aa/0x11d0 [ 10.753815] krealloc_less_oob+0x1c/0x30 [ 10.754089] kunit_try_run_case+0x1a5/0x480 [ 10.754358] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.754777] kthread+0x337/0x6f0 [ 10.754934] ret_from_fork+0x41/0x80 [ 10.755259] ret_from_fork_asm+0x1a/0x30 [ 10.755480] [ 10.755576] The buggy address belongs to the object at ffff888100351a00 [ 10.755576] which belongs to the cache kmalloc-256 of size 256 [ 10.756144] The buggy address is located 7 bytes to the right of [ 10.756144] allocated 201-byte region [ffff888100351a00, ffff888100351ac9) [ 10.757074] [ 10.757319] The buggy address belongs to the physical page: [ 10.757542] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100350 [ 10.758108] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.758614] flags: 0x200000000000040(head|node=0|zone=2) [ 10.758890] page_type: f5(slab) [ 10.759245] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.759598] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.759909] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.760294] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.760624] head: 0200000000000001 ffffea000400d401 00000000ffffffff 00000000ffffffff [ 10.761155] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.761511] page dumped because: kasan: bad access detected [ 10.761687] [ 10.761904] Memory state around the buggy address: [ 10.762136] ffff888100351980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.762390] ffff888100351a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.762682] >ffff888100351a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 10.763295] ^ [ 10.763524] ffff888100351b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.763837] ffff888100351b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.764169] ================================================================== [ 10.924445] ================================================================== [ 10.924940] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 10.925194] Write of size 1 at addr ffff888102d6a0d0 by task kunit_try_catch/182 [ 10.925583] [ 10.925736] CPU: 0 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 10.925815] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.925826] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.925858] Call Trace: [ 10.925875] <TASK> [ 10.925890] dump_stack_lvl+0x73/0xb0 [ 10.925944] print_report+0xd1/0x610 [ 10.925967] ? __virt_addr_valid+0x1db/0x2d0 [ 10.925987] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 10.926018] ? kasan_addr_to_slab+0x11/0xa0 [ 10.926038] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 10.926058] kasan_report+0x141/0x180 [ 10.926080] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 10.926121] __asan_report_store1_noabort+0x1b/0x30 [ 10.926150] krealloc_less_oob_helper+0xe23/0x11d0 [ 10.926172] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.926192] ? finish_task_switch.isra.0+0x153/0x700 [ 10.926236] ? __switch_to+0x5d9/0xf60 [ 10.926257] ? dequeue_task_fair+0x156/0x4e0 [ 10.926307] ? __schedule+0x10c6/0x2b60 [ 10.926331] ? __pfx_read_tsc+0x10/0x10 [ 10.926354] krealloc_large_less_oob+0x1c/0x30 [ 10.926395] kunit_try_run_case+0x1a5/0x480 [ 10.926417] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.926435] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.926465] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.926489] ? __kthread_parkme+0x82/0x180 [ 10.926510] ? preempt_count_sub+0x50/0x80 [ 10.926533] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.926553] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.926575] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.926616] kthread+0x337/0x6f0 [ 10.926632] ? trace_preempt_on+0x20/0xc0 [ 10.926714] ? __pfx_kthread+0x10/0x10 [ 10.926734] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.926756] ? calculate_sigpending+0x7b/0xa0 [ 10.926789] ? __pfx_kthread+0x10/0x10 [ 10.926806] ret_from_fork+0x41/0x80 [ 10.926827] ? __pfx_kthread+0x10/0x10 [ 10.926844] ret_from_fork_asm+0x1a/0x30 [ 10.926875] </TASK> [ 10.926886] [ 10.936033] The buggy address belongs to the physical page: [ 10.936372] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d68 [ 10.937098] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.937508] flags: 0x200000000000040(head|node=0|zone=2) [ 10.937880] page_type: f8(unknown) [ 10.938011] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.938377] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.938956] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.939534] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.940049] head: 0200000000000002 ffffea00040b5a01 00000000ffffffff 00000000ffffffff [ 10.940470] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.940876] page dumped because: kasan: bad access detected [ 10.941235] [ 10.941344] Memory state around the buggy address: [ 10.941513] ffff888102d69f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.941979] ffff888102d6a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.942325] >ffff888102d6a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 10.942780] ^ [ 10.943148] ffff888102d6a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.943448] ffff888102d6a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.943867] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 10.654623] ================================================================== [ 10.655433] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 10.655882] Write of size 1 at addr ffff888100a9caeb by task kunit_try_catch/176 [ 10.656180] [ 10.656297] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 10.656342] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.656570] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.656599] Call Trace: [ 10.656611] <TASK> [ 10.656626] dump_stack_lvl+0x73/0xb0 [ 10.656653] print_report+0xd1/0x610 [ 10.657239] ? __virt_addr_valid+0x1db/0x2d0 [ 10.657269] ? krealloc_more_oob_helper+0x821/0x930 [ 10.657290] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.657312] ? krealloc_more_oob_helper+0x821/0x930 [ 10.657332] kasan_report+0x141/0x180 [ 10.657355] ? krealloc_more_oob_helper+0x821/0x930 [ 10.657380] __asan_report_store1_noabort+0x1b/0x30 [ 10.657400] krealloc_more_oob_helper+0x821/0x930 [ 10.657418] ? __schedule+0x10c6/0x2b60 [ 10.657441] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 10.657461] ? finish_task_switch.isra.0+0x153/0x700 [ 10.657483] ? __switch_to+0x5d9/0xf60 [ 10.657505] ? dequeue_task_fair+0x166/0x4e0 [ 10.657528] ? __schedule+0x10c6/0x2b60 [ 10.657550] ? __pfx_read_tsc+0x10/0x10 [ 10.657573] krealloc_more_oob+0x1c/0x30 [ 10.657591] kunit_try_run_case+0x1a5/0x480 [ 10.657611] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.657630] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.657649] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.657673] ? __kthread_parkme+0x82/0x180 [ 10.657693] ? preempt_count_sub+0x50/0x80 [ 10.657716] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.657736] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.657758] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.657780] kthread+0x337/0x6f0 [ 10.657796] ? trace_preempt_on+0x20/0xc0 [ 10.657819] ? __pfx_kthread+0x10/0x10 [ 10.657836] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.657857] ? calculate_sigpending+0x7b/0xa0 [ 10.657878] ? __pfx_kthread+0x10/0x10 [ 10.657895] ret_from_fork+0x41/0x80 [ 10.657916] ? __pfx_kthread+0x10/0x10 [ 10.657933] ret_from_fork_asm+0x1a/0x30 [ 10.657963] </TASK> [ 10.657973] [ 10.671211] Allocated by task 176: [ 10.671605] kasan_save_stack+0x45/0x70 [ 10.671886] kasan_save_track+0x18/0x40 [ 10.672071] kasan_save_alloc_info+0x3b/0x50 [ 10.672275] __kasan_krealloc+0x190/0x1f0 [ 10.672868] krealloc_noprof+0xf3/0x340 [ 10.673386] krealloc_more_oob_helper+0x1a9/0x930 [ 10.673748] krealloc_more_oob+0x1c/0x30 [ 10.674086] kunit_try_run_case+0x1a5/0x480 [ 10.674303] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.674832] kthread+0x337/0x6f0 [ 10.675063] ret_from_fork+0x41/0x80 [ 10.675254] ret_from_fork_asm+0x1a/0x30 [ 10.675503] [ 10.675595] The buggy address belongs to the object at ffff888100a9ca00 [ 10.675595] which belongs to the cache kmalloc-256 of size 256 [ 10.676627] The buggy address is located 0 bytes to the right of [ 10.676627] allocated 235-byte region [ffff888100a9ca00, ffff888100a9caeb) [ 10.677331] [ 10.677497] The buggy address belongs to the physical page: [ 10.678204] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a9c [ 10.678949] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.679283] flags: 0x200000000000040(head|node=0|zone=2) [ 10.679685] page_type: f5(slab) [ 10.679845] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.680154] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.681094] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.681779] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.682308] head: 0200000000000001 ffffea000402a701 00000000ffffffff 00000000ffffffff [ 10.683149] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.683577] page dumped because: kasan: bad access detected [ 10.684076] [ 10.684175] Memory state around the buggy address: [ 10.684600] ffff888100a9c980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.685057] ffff888100a9ca00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.685354] >ffff888100a9ca80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 10.685647] ^ [ 10.686014] ffff888100a9cb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.686310] ffff888100a9cb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.687183] ================================================================== [ 10.876805] ================================================================== [ 10.877159] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 10.877576] Write of size 1 at addr ffff888103c860f0 by task kunit_try_catch/180 [ 10.878179] [ 10.878314] CPU: 1 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 10.878372] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.878468] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.878488] Call Trace: [ 10.878500] <TASK> [ 10.878516] dump_stack_lvl+0x73/0xb0 [ 10.878555] print_report+0xd1/0x610 [ 10.878578] ? __virt_addr_valid+0x1db/0x2d0 [ 10.878599] ? krealloc_more_oob_helper+0x7eb/0x930 [ 10.878646] ? kasan_addr_to_slab+0x11/0xa0 [ 10.878666] ? krealloc_more_oob_helper+0x7eb/0x930 [ 10.878685] kasan_report+0x141/0x180 [ 10.878718] ? krealloc_more_oob_helper+0x7eb/0x930 [ 10.878802] __asan_report_store1_noabort+0x1b/0x30 [ 10.878859] krealloc_more_oob_helper+0x7eb/0x930 [ 10.878878] ? __schedule+0x10c6/0x2b60 [ 10.878930] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 10.878951] ? finish_task_switch.isra.0+0x153/0x700 [ 10.878975] ? __switch_to+0x5d9/0xf60 [ 10.878995] ? dequeue_task_fair+0x166/0x4e0 [ 10.879019] ? __schedule+0x10c6/0x2b60 [ 10.879041] ? __pfx_read_tsc+0x10/0x10 [ 10.879064] krealloc_large_more_oob+0x1c/0x30 [ 10.879082] kunit_try_run_case+0x1a5/0x480 [ 10.879103] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.879121] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.879141] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.879189] ? __kthread_parkme+0x82/0x180 [ 10.879211] ? preempt_count_sub+0x50/0x80 [ 10.879251] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.879270] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.879293] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.879316] kthread+0x337/0x6f0 [ 10.879332] ? trace_preempt_on+0x20/0xc0 [ 10.879389] ? __pfx_kthread+0x10/0x10 [ 10.879407] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.879428] ? calculate_sigpending+0x7b/0xa0 [ 10.879460] ? __pfx_kthread+0x10/0x10 [ 10.879477] ret_from_fork+0x41/0x80 [ 10.879498] ? __pfx_kthread+0x10/0x10 [ 10.879515] ret_from_fork_asm+0x1a/0x30 [ 10.879545] </TASK> [ 10.879554] [ 10.890023] The buggy address belongs to the physical page: [ 10.890565] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103c84 [ 10.891041] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.891359] flags: 0x200000000000040(head|node=0|zone=2) [ 10.891651] page_type: f8(unknown) [ 10.892028] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.892360] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.892745] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.893108] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.893519] head: 0200000000000002 ffffea00040f2101 00000000ffffffff 00000000ffffffff [ 10.893925] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.894470] page dumped because: kasan: bad access detected [ 10.894822] [ 10.894916] Memory state around the buggy address: [ 10.895218] ffff888103c85f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.895574] ffff888103c86000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.895897] >ffff888103c86080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 10.896208] ^ [ 10.896453] ffff888103c86100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.897080] ffff888103c86180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.897328] ================================================================== [ 10.689534] ================================================================== [ 10.689963] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 10.690302] Write of size 1 at addr ffff888100a9caf0 by task kunit_try_catch/176 [ 10.690574] [ 10.690733] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 10.690778] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.690789] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.690809] Call Trace: [ 10.690826] <TASK> [ 10.690841] dump_stack_lvl+0x73/0xb0 [ 10.690866] print_report+0xd1/0x610 [ 10.690887] ? __virt_addr_valid+0x1db/0x2d0 [ 10.690908] ? krealloc_more_oob_helper+0x7eb/0x930 [ 10.690926] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.690948] ? krealloc_more_oob_helper+0x7eb/0x930 [ 10.690968] kasan_report+0x141/0x180 [ 10.690989] ? krealloc_more_oob_helper+0x7eb/0x930 [ 10.691014] __asan_report_store1_noabort+0x1b/0x30 [ 10.691034] krealloc_more_oob_helper+0x7eb/0x930 [ 10.691052] ? __schedule+0x10c6/0x2b60 [ 10.691075] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 10.691095] ? finish_task_switch.isra.0+0x153/0x700 [ 10.691117] ? __switch_to+0x5d9/0xf60 [ 10.691136] ? dequeue_task_fair+0x166/0x4e0 [ 10.691160] ? __schedule+0x10c6/0x2b60 [ 10.691181] ? __pfx_read_tsc+0x10/0x10 [ 10.691204] krealloc_more_oob+0x1c/0x30 [ 10.691221] kunit_try_run_case+0x1a5/0x480 [ 10.691254] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.691283] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.691303] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.691326] ? __kthread_parkme+0x82/0x180 [ 10.691347] ? preempt_count_sub+0x50/0x80 [ 10.691379] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.691399] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.691421] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.691443] kthread+0x337/0x6f0 [ 10.691459] ? trace_preempt_on+0x20/0xc0 [ 10.691481] ? __pfx_kthread+0x10/0x10 [ 10.691498] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.691520] ? calculate_sigpending+0x7b/0xa0 [ 10.691540] ? __pfx_kthread+0x10/0x10 [ 10.691558] ret_from_fork+0x41/0x80 [ 10.691577] ? __pfx_kthread+0x10/0x10 [ 10.691595] ret_from_fork_asm+0x1a/0x30 [ 10.691626] </TASK> [ 10.691635] [ 10.702461] Allocated by task 176: [ 10.702894] kasan_save_stack+0x45/0x70 [ 10.703190] kasan_save_track+0x18/0x40 [ 10.703490] kasan_save_alloc_info+0x3b/0x50 [ 10.703959] __kasan_krealloc+0x190/0x1f0 [ 10.704320] krealloc_noprof+0xf3/0x340 [ 10.704541] krealloc_more_oob_helper+0x1a9/0x930 [ 10.705031] krealloc_more_oob+0x1c/0x30 [ 10.705181] kunit_try_run_case+0x1a5/0x480 [ 10.705489] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.705970] kthread+0x337/0x6f0 [ 10.706152] ret_from_fork+0x41/0x80 [ 10.706428] ret_from_fork_asm+0x1a/0x30 [ 10.706579] [ 10.706672] The buggy address belongs to the object at ffff888100a9ca00 [ 10.706672] which belongs to the cache kmalloc-256 of size 256 [ 10.707760] The buggy address is located 5 bytes to the right of [ 10.707760] allocated 235-byte region [ffff888100a9ca00, ffff888100a9caeb) [ 10.708313] [ 10.708530] The buggy address belongs to the physical page: [ 10.708713] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a9c [ 10.709141] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.709646] flags: 0x200000000000040(head|node=0|zone=2) [ 10.709859] page_type: f5(slab) [ 10.710036] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.710338] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.710650] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.710973] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.711345] head: 0200000000000001 ffffea000402a701 00000000ffffffff 00000000ffffffff [ 10.711648] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.712092] page dumped because: kasan: bad access detected [ 10.712300] [ 10.712380] Memory state around the buggy address: [ 10.712604] ffff888100a9c980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.713036] ffff888100a9ca00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.713337] >ffff888100a9ca80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 10.713570] ^ [ 10.714001] ffff888100a9cb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.714289] ffff888100a9cb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.714687] ================================================================== [ 10.851843] ================================================================== [ 10.853069] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 10.853916] Write of size 1 at addr ffff888103c860eb by task kunit_try_catch/180 [ 10.854622] [ 10.854719] CPU: 1 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 10.854765] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.854776] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.854798] Call Trace: [ 10.854811] <TASK> [ 10.854828] dump_stack_lvl+0x73/0xb0 [ 10.854859] print_report+0xd1/0x610 [ 10.854910] ? __virt_addr_valid+0x1db/0x2d0 [ 10.854934] ? krealloc_more_oob_helper+0x821/0x930 [ 10.854953] ? kasan_addr_to_slab+0x11/0xa0 [ 10.855019] ? krealloc_more_oob_helper+0x821/0x930 [ 10.855067] kasan_report+0x141/0x180 [ 10.855102] ? krealloc_more_oob_helper+0x821/0x930 [ 10.855126] __asan_report_store1_noabort+0x1b/0x30 [ 10.855146] krealloc_more_oob_helper+0x821/0x930 [ 10.855165] ? __schedule+0x10c6/0x2b60 [ 10.855190] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 10.855211] ? finish_task_switch.isra.0+0x153/0x700 [ 10.855244] ? __switch_to+0x5d9/0xf60 [ 10.855265] ? dequeue_task_fair+0x166/0x4e0 [ 10.855289] ? __schedule+0x10c6/0x2b60 [ 10.855310] ? __pfx_read_tsc+0x10/0x10 [ 10.855334] krealloc_large_more_oob+0x1c/0x30 [ 10.855358] kunit_try_run_case+0x1a5/0x480 [ 10.855380] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.855398] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.855419] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.855442] ? __kthread_parkme+0x82/0x180 [ 10.855464] ? preempt_count_sub+0x50/0x80 [ 10.855487] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.855507] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.855529] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.855551] kthread+0x337/0x6f0 [ 10.855569] ? trace_preempt_on+0x20/0xc0 [ 10.855592] ? __pfx_kthread+0x10/0x10 [ 10.855610] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.855631] ? calculate_sigpending+0x7b/0xa0 [ 10.855654] ? __pfx_kthread+0x10/0x10 [ 10.855672] ret_from_fork+0x41/0x80 [ 10.855692] ? __pfx_kthread+0x10/0x10 [ 10.855709] ret_from_fork_asm+0x1a/0x30 [ 10.855740] </TASK> [ 10.855751] [ 10.868643] The buggy address belongs to the physical page: [ 10.868876] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103c84 [ 10.869304] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.869969] flags: 0x200000000000040(head|node=0|zone=2) [ 10.870155] page_type: f8(unknown) [ 10.870353] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.870858] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.871248] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.871521] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.872081] head: 0200000000000002 ffffea00040f2101 00000000ffffffff 00000000ffffffff [ 10.872482] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.872895] page dumped because: kasan: bad access detected [ 10.873205] [ 10.873343] Memory state around the buggy address: [ 10.873883] ffff888103c85f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.874272] ffff888103c86000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.874649] >ffff888103c86080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 10.874940] ^ [ 10.875244] ffff888103c86100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.875662] ffff888103c86180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.875949] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 13.055912] ================================================================== [ 13.056401] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 13.056976] Read of size 1 at addr ffff8881028ca6d8 by task kunit_try_catch/277 [ 13.057774] [ 13.057925] CPU: 1 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 13.058122] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.058137] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.058159] Call Trace: [ 13.058172] <TASK> [ 13.058188] dump_stack_lvl+0x73/0xb0 [ 13.058216] print_report+0xd1/0x610 [ 13.058251] ? __virt_addr_valid+0x1db/0x2d0 [ 13.058272] ? memcmp+0x1b4/0x1d0 [ 13.058292] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.058315] ? memcmp+0x1b4/0x1d0 [ 13.058334] kasan_report+0x141/0x180 [ 13.058367] ? memcmp+0x1b4/0x1d0 [ 13.058392] __asan_report_load1_noabort+0x18/0x20 [ 13.058414] memcmp+0x1b4/0x1d0 [ 13.058434] kasan_memcmp+0x18f/0x390 [ 13.058457] ? __pfx_kasan_memcmp+0x10/0x10 [ 13.058478] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.058505] ? __pfx_kasan_memcmp+0x10/0x10 [ 13.058530] kunit_try_run_case+0x1a5/0x480 [ 13.058552] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.058571] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.058592] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.058617] ? __kthread_parkme+0x82/0x180 [ 13.058638] ? preempt_count_sub+0x50/0x80 [ 13.058679] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.058701] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.058725] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.058749] kthread+0x337/0x6f0 [ 13.058767] ? trace_preempt_on+0x20/0xc0 [ 13.058794] ? __pfx_kthread+0x10/0x10 [ 13.058812] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.058836] ? calculate_sigpending+0x7b/0xa0 [ 13.058858] ? __pfx_kthread+0x10/0x10 [ 13.058876] ret_from_fork+0x41/0x80 [ 13.058898] ? __pfx_kthread+0x10/0x10 [ 13.058915] ret_from_fork_asm+0x1a/0x30 [ 13.058947] </TASK> [ 13.058958] [ 13.070064] Allocated by task 277: [ 13.070553] kasan_save_stack+0x45/0x70 [ 13.070896] kasan_save_track+0x18/0x40 [ 13.071164] kasan_save_alloc_info+0x3b/0x50 [ 13.071551] __kasan_kmalloc+0xb7/0xc0 [ 13.072063] __kmalloc_cache_noprof+0x189/0x420 [ 13.072298] kasan_memcmp+0xb7/0x390 [ 13.072493] kunit_try_run_case+0x1a5/0x480 [ 13.072735] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.073259] kthread+0x337/0x6f0 [ 13.073456] ret_from_fork+0x41/0x80 [ 13.073652] ret_from_fork_asm+0x1a/0x30 [ 13.074082] [ 13.074159] The buggy address belongs to the object at ffff8881028ca6c0 [ 13.074159] which belongs to the cache kmalloc-32 of size 32 [ 13.075057] The buggy address is located 0 bytes to the right of [ 13.075057] allocated 24-byte region [ffff8881028ca6c0, ffff8881028ca6d8) [ 13.075739] [ 13.075840] The buggy address belongs to the physical page: [ 13.076328] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028ca [ 13.076673] flags: 0x200000000000000(node=0|zone=2) [ 13.076903] page_type: f5(slab) [ 13.077073] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.077484] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.077983] page dumped because: kasan: bad access detected [ 13.078246] [ 13.078340] Memory state around the buggy address: [ 13.078676] ffff8881028ca580: fa fb fb fb fc fc fc fc 00 00 07 fc fc fc fc fc [ 13.079070] ffff8881028ca600: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 13.079371] >ffff8881028ca680: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.079729] ^ [ 13.080149] ffff8881028ca700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.080501] ffff8881028ca780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.080904] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 12.841380] ================================================================== [ 12.842236] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 12.843301] Free of addr ffff888103ca0000 by task kunit_try_catch/259 [ 12.843548] [ 12.843720] CPU: 1 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 12.843767] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.843778] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.843799] Call Trace: [ 12.843811] <TASK> [ 12.843945] dump_stack_lvl+0x73/0xb0 [ 12.843974] print_report+0xd1/0x610 [ 12.843998] ? __virt_addr_valid+0x1db/0x2d0 [ 12.844019] ? kasan_addr_to_slab+0x11/0xa0 [ 12.844039] ? mempool_double_free_helper+0x184/0x370 [ 12.844063] kasan_report_invalid_free+0x10a/0x130 [ 12.844088] ? mempool_double_free_helper+0x184/0x370 [ 12.844114] ? mempool_double_free_helper+0x184/0x370 [ 12.844137] __kasan_mempool_poison_pages+0x115/0x130 [ 12.844160] mempool_free+0x290/0x380 [ 12.844183] mempool_double_free_helper+0x184/0x370 [ 12.844207] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 12.844247] ? finish_task_switch.isra.0+0x153/0x700 [ 12.844274] mempool_page_alloc_double_free+0xe8/0x140 [ 12.844296] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 12.844315] ? dequeue_task_fair+0x156/0x4e0 [ 12.844338] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 12.844546] ? __pfx_mempool_free_pages+0x10/0x10 [ 12.844575] ? __pfx_read_tsc+0x10/0x10 [ 12.844598] ? ktime_get_ts64+0x86/0x230 [ 12.844624] kunit_try_run_case+0x1a5/0x480 [ 12.844646] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.844682] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.844703] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.844727] ? __kthread_parkme+0x82/0x180 [ 12.844748] ? preempt_count_sub+0x50/0x80 [ 12.844772] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.844792] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.844815] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.844838] kthread+0x337/0x6f0 [ 12.844854] ? trace_preempt_on+0x20/0xc0 [ 12.844877] ? __pfx_kthread+0x10/0x10 [ 12.844895] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.844921] ? calculate_sigpending+0x7b/0xa0 [ 12.844943] ? __pfx_kthread+0x10/0x10 [ 12.844961] ret_from_fork+0x41/0x80 [ 12.844981] ? __pfx_kthread+0x10/0x10 [ 12.845000] ret_from_fork_asm+0x1a/0x30 [ 12.845032] </TASK> [ 12.845045] [ 12.863097] The buggy address belongs to the physical page: [ 12.863304] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ca0 [ 12.864325] flags: 0x200000000000000(node=0|zone=2) [ 12.864959] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 12.865787] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.866698] page dumped because: kasan: bad access detected [ 12.867074] [ 12.867148] Memory state around the buggy address: [ 12.867321] ffff888103c9ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.868209] ffff888103c9ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.868995] >ffff888103ca0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.869767] ^ [ 12.870155] ffff888103ca0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.870731] ffff888103ca0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.871296] ================================================================== [ 12.809859] ================================================================== [ 12.810283] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 12.811306] Free of addr ffff888103c9c000 by task kunit_try_catch/257 [ 12.811838] [ 12.812020] CPU: 1 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 12.812211] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.812303] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.812328] Call Trace: [ 12.812341] <TASK> [ 12.812373] dump_stack_lvl+0x73/0xb0 [ 12.812401] print_report+0xd1/0x610 [ 12.812423] ? __virt_addr_valid+0x1db/0x2d0 [ 12.812445] ? kasan_addr_to_slab+0x11/0xa0 [ 12.812465] ? mempool_double_free_helper+0x184/0x370 [ 12.812489] kasan_report_invalid_free+0x10a/0x130 [ 12.812513] ? mempool_double_free_helper+0x184/0x370 [ 12.812540] ? mempool_double_free_helper+0x184/0x370 [ 12.812562] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 12.812587] mempool_free+0x2ec/0x380 [ 12.812610] mempool_double_free_helper+0x184/0x370 [ 12.812634] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 12.812658] ? dequeue_entities+0x852/0x1740 [ 12.812689] ? irqentry_exit+0x2a/0x60 [ 12.812707] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.812731] mempool_kmalloc_large_double_free+0xed/0x140 [ 12.812755] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 12.812782] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.812802] ? __pfx_mempool_kfree+0x10/0x10 [ 12.812823] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 12.812849] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 12.812876] kunit_try_run_case+0x1a5/0x480 [ 12.812896] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.812920] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.812941] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.812965] ? __kthread_parkme+0x82/0x180 [ 12.812986] ? preempt_count_sub+0x50/0x80 [ 12.813013] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.813035] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.813058] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.813082] kthread+0x337/0x6f0 [ 12.813099] ? trace_preempt_on+0x20/0xc0 [ 12.813122] ? __pfx_kthread+0x10/0x10 [ 12.813139] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.813161] ? calculate_sigpending+0x7b/0xa0 [ 12.813183] ? __pfx_kthread+0x10/0x10 [ 12.813201] ret_from_fork+0x41/0x80 [ 12.813234] ? __pfx_kthread+0x10/0x10 [ 12.813252] ret_from_fork_asm+0x1a/0x30 [ 12.813283] </TASK> [ 12.813294] [ 12.826829] The buggy address belongs to the physical page: [ 12.827320] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103c9c [ 12.827567] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.828127] flags: 0x200000000000040(head|node=0|zone=2) [ 12.828734] page_type: f8(unknown) [ 12.829089] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.829905] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.830297] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.830852] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.831793] head: 0200000000000002 ffffea00040f2701 00000000ffffffff 00000000ffffffff [ 12.832484] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.833010] page dumped because: kasan: bad access detected [ 12.833421] [ 12.833493] Memory state around the buggy address: [ 12.833645] ffff888103c9bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.834202] ffff888103c9bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.834909] >ffff888103c9c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.835629] ^ [ 12.836007] ffff888103c9c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.836546] ffff888103c9c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.836975] ================================================================== [ 12.771239] ================================================================== [ 12.772159] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 12.772968] Free of addr ffff888103cfc500 by task kunit_try_catch/255 [ 12.773438] [ 12.773644] CPU: 0 UID: 0 PID: 255 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 12.773767] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.773781] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.773804] Call Trace: [ 12.773816] <TASK> [ 12.773833] dump_stack_lvl+0x73/0xb0 [ 12.773864] print_report+0xd1/0x610 [ 12.773888] ? __virt_addr_valid+0x1db/0x2d0 [ 12.773913] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.773935] ? mempool_double_free_helper+0x184/0x370 [ 12.773960] kasan_report_invalid_free+0x10a/0x130 [ 12.773984] ? mempool_double_free_helper+0x184/0x370 [ 12.774011] ? mempool_double_free_helper+0x184/0x370 [ 12.774033] ? mempool_double_free_helper+0x184/0x370 [ 12.774056] check_slab_allocation+0x101/0x130 [ 12.774079] __kasan_mempool_poison_object+0x91/0x1d0 [ 12.774103] mempool_free+0x2ec/0x380 [ 12.774128] mempool_double_free_helper+0x184/0x370 [ 12.774152] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 12.774175] ? update_load_avg+0x1be/0x21b0 [ 12.774200] ? finish_task_switch.isra.0+0x153/0x700 [ 12.774240] mempool_kmalloc_double_free+0xed/0x140 [ 12.774264] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 12.774288] ? dequeue_task_fair+0x166/0x4e0 [ 12.774310] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.774328] ? __pfx_mempool_kfree+0x10/0x10 [ 12.774350] ? __pfx_read_tsc+0x10/0x10 [ 12.774370] ? ktime_get_ts64+0x86/0x230 [ 12.774395] kunit_try_run_case+0x1a5/0x480 [ 12.774418] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.774436] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.774459] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.774483] ? __kthread_parkme+0x82/0x180 [ 12.774505] ? preempt_count_sub+0x50/0x80 [ 12.774529] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.774549] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.774572] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.774595] kthread+0x337/0x6f0 [ 12.774611] ? trace_preempt_on+0x20/0xc0 [ 12.774636] ? __pfx_kthread+0x10/0x10 [ 12.774654] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.774686] ? calculate_sigpending+0x7b/0xa0 [ 12.774709] ? __pfx_kthread+0x10/0x10 [ 12.774727] ret_from_fork+0x41/0x80 [ 12.774747] ? __pfx_kthread+0x10/0x10 [ 12.774764] ret_from_fork_asm+0x1a/0x30 [ 12.774796] </TASK> [ 12.774807] [ 12.788038] Allocated by task 255: [ 12.788452] kasan_save_stack+0x45/0x70 [ 12.788651] kasan_save_track+0x18/0x40 [ 12.789058] kasan_save_alloc_info+0x3b/0x50 [ 12.789267] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 12.789901] remove_element+0x11e/0x190 [ 12.790131] mempool_alloc_preallocated+0x4d/0x90 [ 12.790486] mempool_double_free_helper+0x8a/0x370 [ 12.791054] mempool_kmalloc_double_free+0xed/0x140 [ 12.791421] kunit_try_run_case+0x1a5/0x480 [ 12.791614] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.791958] kthread+0x337/0x6f0 [ 12.792188] ret_from_fork+0x41/0x80 [ 12.792665] ret_from_fork_asm+0x1a/0x30 [ 12.792953] [ 12.793195] Freed by task 255: [ 12.793488] kasan_save_stack+0x45/0x70 [ 12.793818] kasan_save_track+0x18/0x40 [ 12.794208] kasan_save_free_info+0x3f/0x60 [ 12.794680] __kasan_mempool_poison_object+0x131/0x1d0 [ 12.794971] mempool_free+0x2ec/0x380 [ 12.795170] mempool_double_free_helper+0x109/0x370 [ 12.795422] mempool_kmalloc_double_free+0xed/0x140 [ 12.795642] kunit_try_run_case+0x1a5/0x480 [ 12.796191] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.796616] kthread+0x337/0x6f0 [ 12.796961] ret_from_fork+0x41/0x80 [ 12.797321] ret_from_fork_asm+0x1a/0x30 [ 12.797763] [ 12.797871] The buggy address belongs to the object at ffff888103cfc500 [ 12.797871] which belongs to the cache kmalloc-128 of size 128 [ 12.798625] The buggy address is located 0 bytes inside of [ 12.798625] 128-byte region [ffff888103cfc500, ffff888103cfc580) [ 12.799342] [ 12.799619] The buggy address belongs to the physical page: [ 12.799995] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103cfc [ 12.800703] flags: 0x200000000000000(node=0|zone=2) [ 12.800924] page_type: f5(slab) [ 12.801083] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.801419] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.801986] page dumped because: kasan: bad access detected [ 12.802469] [ 12.802721] Memory state around the buggy address: [ 12.803071] ffff888103cfc400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.803607] ffff888103cfc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.804107] >ffff888103cfc500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.804788] ^ [ 12.805025] ffff888103cfc580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.805340] ffff888103cfc600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.805635] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 12.684682] ================================================================== [ 12.685874] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 12.686489] Read of size 1 at addr ffff888103c9c000 by task kunit_try_catch/249 [ 12.686718] [ 12.686812] CPU: 1 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 12.686859] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.686871] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.686894] Call Trace: [ 12.686908] <TASK> [ 12.686928] dump_stack_lvl+0x73/0xb0 [ 12.686957] print_report+0xd1/0x610 [ 12.686980] ? __virt_addr_valid+0x1db/0x2d0 [ 12.687003] ? mempool_uaf_helper+0x392/0x400 [ 12.687025] ? kasan_addr_to_slab+0x11/0xa0 [ 12.687046] ? mempool_uaf_helper+0x392/0x400 [ 12.687068] kasan_report+0x141/0x180 [ 12.687090] ? mempool_uaf_helper+0x392/0x400 [ 12.687117] __asan_report_load1_noabort+0x18/0x20 [ 12.687137] mempool_uaf_helper+0x392/0x400 [ 12.687160] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 12.687182] ? dequeue_entities+0x852/0x1740 [ 12.687208] ? finish_task_switch.isra.0+0x153/0x700 [ 12.687248] mempool_kmalloc_large_uaf+0xef/0x140 [ 12.687271] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 12.687294] ? dequeue_task_fair+0x166/0x4e0 [ 12.687316] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.687337] ? __pfx_mempool_kfree+0x10/0x10 [ 12.687359] ? __pfx_read_tsc+0x10/0x10 [ 12.687379] ? ktime_get_ts64+0x86/0x230 [ 12.687405] kunit_try_run_case+0x1a5/0x480 [ 12.687441] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.687459] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.687480] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.687505] ? __kthread_parkme+0x82/0x180 [ 12.687527] ? preempt_count_sub+0x50/0x80 [ 12.687551] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.687571] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.687594] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.687616] kthread+0x337/0x6f0 [ 12.687633] ? trace_preempt_on+0x20/0xc0 [ 12.687657] ? __pfx_kthread+0x10/0x10 [ 12.687676] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.687699] ? calculate_sigpending+0x7b/0xa0 [ 12.687722] ? __pfx_kthread+0x10/0x10 [ 12.687740] ret_from_fork+0x41/0x80 [ 12.687760] ? __pfx_kthread+0x10/0x10 [ 12.687777] ret_from_fork_asm+0x1a/0x30 [ 12.687807] </TASK> [ 12.687818] [ 12.701570] The buggy address belongs to the physical page: [ 12.701876] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103c9c [ 12.702875] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.703606] flags: 0x200000000000040(head|node=0|zone=2) [ 12.704090] page_type: f8(unknown) [ 12.704220] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.704590] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.705451] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.706389] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.706963] head: 0200000000000002 ffffea00040f2701 00000000ffffffff 00000000ffffffff [ 12.707195] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.707571] page dumped because: kasan: bad access detected [ 12.708291] [ 12.708503] Memory state around the buggy address: [ 12.709100] ffff888103c9bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.709762] ffff888103c9bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.710125] >ffff888103c9c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.710345] ^ [ 12.710458] ffff888103c9c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.710865] ffff888103c9c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.711480] ================================================================== [ 12.749597] ================================================================== [ 12.750129] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 12.750540] Read of size 1 at addr ffff888103c9c000 by task kunit_try_catch/253 [ 12.750834] [ 12.751192] CPU: 1 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 12.751256] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.751268] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.751291] Call Trace: [ 12.751304] <TASK> [ 12.751320] dump_stack_lvl+0x73/0xb0 [ 12.751347] print_report+0xd1/0x610 [ 12.751370] ? __virt_addr_valid+0x1db/0x2d0 [ 12.751392] ? mempool_uaf_helper+0x392/0x400 [ 12.751415] ? kasan_addr_to_slab+0x11/0xa0 [ 12.751437] ? mempool_uaf_helper+0x392/0x400 [ 12.751459] kasan_report+0x141/0x180 [ 12.751482] ? mempool_uaf_helper+0x392/0x400 [ 12.751509] __asan_report_load1_noabort+0x18/0x20 [ 12.751530] mempool_uaf_helper+0x392/0x400 [ 12.751554] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 12.751576] ? dequeue_entities+0x852/0x1740 [ 12.751601] ? finish_task_switch.isra.0+0x153/0x700 [ 12.751628] mempool_page_alloc_uaf+0xed/0x140 [ 12.751648] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 12.751721] ? dequeue_task_fair+0x166/0x4e0 [ 12.751746] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 12.751769] ? __pfx_mempool_free_pages+0x10/0x10 [ 12.751792] ? __pfx_read_tsc+0x10/0x10 [ 12.751813] ? ktime_get_ts64+0x86/0x230 [ 12.751838] kunit_try_run_case+0x1a5/0x480 [ 12.751860] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.751878] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.751900] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.751924] ? __kthread_parkme+0x82/0x180 [ 12.751946] ? preempt_count_sub+0x50/0x80 [ 12.751971] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.751991] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.752014] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.752038] kthread+0x337/0x6f0 [ 12.752054] ? trace_preempt_on+0x20/0xc0 [ 12.752077] ? __pfx_kthread+0x10/0x10 [ 12.752095] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.752117] ? calculate_sigpending+0x7b/0xa0 [ 12.752139] ? __pfx_kthread+0x10/0x10 [ 12.752156] ret_from_fork+0x41/0x80 [ 12.752177] ? __pfx_kthread+0x10/0x10 [ 12.752194] ret_from_fork_asm+0x1a/0x30 [ 12.752238] </TASK> [ 12.752249] [ 12.760922] The buggy address belongs to the physical page: [ 12.761193] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103c9c [ 12.761678] flags: 0x200000000000000(node=0|zone=2) [ 12.762069] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 12.762911] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.763193] page dumped because: kasan: bad access detected [ 12.763879] [ 12.763976] Memory state around the buggy address: [ 12.764990] ffff888103c9bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.765430] ffff888103c9bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.765905] >ffff888103c9c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.766323] ^ [ 12.766613] ffff888103c9c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.767002] ffff888103c9c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.767385] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 12.714939] ================================================================== [ 12.716081] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 12.716730] Read of size 1 at addr ffff888103d00240 by task kunit_try_catch/251 [ 12.717443] [ 12.717627] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 12.717672] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.717684] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.717704] Call Trace: [ 12.717715] <TASK> [ 12.717730] dump_stack_lvl+0x73/0xb0 [ 12.717756] print_report+0xd1/0x610 [ 12.717778] ? __virt_addr_valid+0x1db/0x2d0 [ 12.717800] ? mempool_uaf_helper+0x392/0x400 [ 12.717822] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.717845] ? mempool_uaf_helper+0x392/0x400 [ 12.717867] kasan_report+0x141/0x180 [ 12.717889] ? mempool_uaf_helper+0x392/0x400 [ 12.717916] __asan_report_load1_noabort+0x18/0x20 [ 12.717937] mempool_uaf_helper+0x392/0x400 [ 12.717960] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 12.717982] ? update_load_avg+0x1be/0x21b0 [ 12.718007] ? finish_task_switch.isra.0+0x153/0x700 [ 12.718033] mempool_slab_uaf+0xea/0x140 [ 12.718052] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 12.718071] ? dequeue_task_fair+0x156/0x4e0 [ 12.718097] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 12.718119] ? __pfx_mempool_free_slab+0x10/0x10 [ 12.718142] ? __pfx_read_tsc+0x10/0x10 [ 12.718161] ? ktime_get_ts64+0x86/0x230 [ 12.718186] kunit_try_run_case+0x1a5/0x480 [ 12.718208] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.718238] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.718259] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.718283] ? __kthread_parkme+0x82/0x180 [ 12.718305] ? preempt_count_sub+0x50/0x80 [ 12.718329] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.718349] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.718383] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.718406] kthread+0x337/0x6f0 [ 12.718423] ? trace_preempt_on+0x20/0xc0 [ 12.718448] ? __pfx_kthread+0x10/0x10 [ 12.718465] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.718486] ? calculate_sigpending+0x7b/0xa0 [ 12.718508] ? __pfx_kthread+0x10/0x10 [ 12.718526] ret_from_fork+0x41/0x80 [ 12.718546] ? __pfx_kthread+0x10/0x10 [ 12.718564] ret_from_fork_asm+0x1a/0x30 [ 12.718594] </TASK> [ 12.718605] [ 12.729447] Allocated by task 251: [ 12.729707] kasan_save_stack+0x45/0x70 [ 12.729855] kasan_save_track+0x18/0x40 [ 12.729989] kasan_save_alloc_info+0x3b/0x50 [ 12.730135] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 12.730319] remove_element+0x11e/0x190 [ 12.730561] mempool_alloc_preallocated+0x4d/0x90 [ 12.730784] mempool_uaf_helper+0x96/0x400 [ 12.730982] mempool_slab_uaf+0xea/0x140 [ 12.731169] kunit_try_run_case+0x1a5/0x480 [ 12.731403] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.731631] kthread+0x337/0x6f0 [ 12.731791] ret_from_fork+0x41/0x80 [ 12.731928] ret_from_fork_asm+0x1a/0x30 [ 12.732064] [ 12.732132] Freed by task 251: [ 12.732447] kasan_save_stack+0x45/0x70 [ 12.732654] kasan_save_track+0x18/0x40 [ 12.732897] kasan_save_free_info+0x3f/0x60 [ 12.733110] __kasan_mempool_poison_object+0x131/0x1d0 [ 12.733372] mempool_free+0x2ec/0x380 [ 12.733559] mempool_uaf_helper+0x11a/0x400 [ 12.733934] mempool_slab_uaf+0xea/0x140 [ 12.734117] kunit_try_run_case+0x1a5/0x480 [ 12.734273] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.734750] kthread+0x337/0x6f0 [ 12.734899] ret_from_fork+0x41/0x80 [ 12.735059] ret_from_fork_asm+0x1a/0x30 [ 12.735259] [ 12.735336] The buggy address belongs to the object at ffff888103d00240 [ 12.735336] which belongs to the cache test_cache of size 123 [ 12.736049] The buggy address is located 0 bytes inside of [ 12.736049] freed 123-byte region [ffff888103d00240, ffff888103d002bb) [ 12.736564] [ 12.736646] The buggy address belongs to the physical page: [ 12.736835] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 12.737186] flags: 0x200000000000000(node=0|zone=2) [ 12.737523] page_type: f5(slab) [ 12.737678] raw: 0200000000000000 ffff8881014e3640 dead000000000122 0000000000000000 [ 12.737977] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 12.738201] page dumped because: kasan: bad access detected [ 12.738381] [ 12.738449] Memory state around the buggy address: [ 12.738601] ffff888103d00100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.738816] ffff888103d00180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.739131] >ffff888103d00200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 12.739769] ^ [ 12.740031] ffff888103d00280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.740360] ffff888103d00300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.740717] ================================================================== [ 12.644901] ================================================================== [ 12.645973] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 12.646219] Read of size 1 at addr ffff888103cfc100 by task kunit_try_catch/247 [ 12.646928] [ 12.647128] CPU: 0 UID: 0 PID: 247 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 12.647174] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.647186] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.647206] Call Trace: [ 12.647218] <TASK> [ 12.647244] dump_stack_lvl+0x73/0xb0 [ 12.647269] print_report+0xd1/0x610 [ 12.647292] ? __virt_addr_valid+0x1db/0x2d0 [ 12.647313] ? mempool_uaf_helper+0x392/0x400 [ 12.647334] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.647378] ? mempool_uaf_helper+0x392/0x400 [ 12.647400] kasan_report+0x141/0x180 [ 12.647444] ? mempool_uaf_helper+0x392/0x400 [ 12.647472] __asan_report_load1_noabort+0x18/0x20 [ 12.647492] mempool_uaf_helper+0x392/0x400 [ 12.647515] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 12.647539] ? kasan_save_track+0x18/0x40 [ 12.647558] ? kasan_save_alloc_info+0x3b/0x50 [ 12.647577] ? kasan_save_stack+0x45/0x70 [ 12.647602] mempool_kmalloc_uaf+0xef/0x140 [ 12.647624] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 12.647646] ? dequeue_task_fair+0x166/0x4e0 [ 12.647687] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.647708] ? __pfx_mempool_kfree+0x10/0x10 [ 12.647729] ? __pfx_read_tsc+0x10/0x10 [ 12.647749] ? ktime_get_ts64+0x86/0x230 [ 12.647774] kunit_try_run_case+0x1a5/0x480 [ 12.647795] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.647813] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.647833] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.647857] ? __kthread_parkme+0x82/0x180 [ 12.647878] ? preempt_count_sub+0x50/0x80 [ 12.647902] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.647922] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.647945] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.647968] kthread+0x337/0x6f0 [ 12.647984] ? trace_preempt_on+0x20/0xc0 [ 12.648007] ? __pfx_kthread+0x10/0x10 [ 12.648024] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.648046] ? calculate_sigpending+0x7b/0xa0 [ 12.648068] ? __pfx_kthread+0x10/0x10 [ 12.648086] ret_from_fork+0x41/0x80 [ 12.648106] ? __pfx_kthread+0x10/0x10 [ 12.648124] ret_from_fork_asm+0x1a/0x30 [ 12.648155] </TASK> [ 12.648165] [ 12.663524] Allocated by task 247: [ 12.663900] kasan_save_stack+0x45/0x70 [ 12.664323] kasan_save_track+0x18/0x40 [ 12.664686] kasan_save_alloc_info+0x3b/0x50 [ 12.664838] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 12.665022] remove_element+0x11e/0x190 [ 12.665160] mempool_alloc_preallocated+0x4d/0x90 [ 12.665342] mempool_uaf_helper+0x96/0x400 [ 12.665548] mempool_kmalloc_uaf+0xef/0x140 [ 12.665764] kunit_try_run_case+0x1a5/0x480 [ 12.666131] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.666390] kthread+0x337/0x6f0 [ 12.666508] ret_from_fork+0x41/0x80 [ 12.666655] ret_from_fork_asm+0x1a/0x30 [ 12.666808] [ 12.666876] Freed by task 247: [ 12.667213] kasan_save_stack+0x45/0x70 [ 12.667583] kasan_save_track+0x18/0x40 [ 12.668078] kasan_save_free_info+0x3f/0x60 [ 12.668513] __kasan_mempool_poison_object+0x131/0x1d0 [ 12.669077] mempool_free+0x2ec/0x380 [ 12.669514] mempool_uaf_helper+0x11a/0x400 [ 12.669748] mempool_kmalloc_uaf+0xef/0x140 [ 12.670125] kunit_try_run_case+0x1a5/0x480 [ 12.670544] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.670924] kthread+0x337/0x6f0 [ 12.671307] ret_from_fork+0x41/0x80 [ 12.671673] ret_from_fork_asm+0x1a/0x30 [ 12.671937] [ 12.672009] The buggy address belongs to the object at ffff888103cfc100 [ 12.672009] which belongs to the cache kmalloc-128 of size 128 [ 12.672380] The buggy address is located 0 bytes inside of [ 12.672380] freed 128-byte region [ffff888103cfc100, ffff888103cfc180) [ 12.673476] [ 12.673640] The buggy address belongs to the physical page: [ 12.674198] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103cfc [ 12.674996] flags: 0x200000000000000(node=0|zone=2) [ 12.675816] page_type: f5(slab) [ 12.676047] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.676294] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.676899] page dumped because: kasan: bad access detected [ 12.677413] [ 12.677569] Memory state around the buggy address: [ 12.678031] ffff888103cfc000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.678684] ffff888103cfc080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.679011] >ffff888103cfc100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.679980] ^ [ 12.680356] ffff888103cfc180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.681148] ffff888103cfc200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.681523] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 12.580543] ================================================================== [ 12.581124] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 12.581447] Read of size 1 at addr ffff888103c9a001 by task kunit_try_catch/243 [ 12.581785] [ 12.581898] CPU: 1 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 12.581991] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.582006] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.582028] Call Trace: [ 12.582042] <TASK> [ 12.582059] dump_stack_lvl+0x73/0xb0 [ 12.582086] print_report+0xd1/0x610 [ 12.582109] ? __virt_addr_valid+0x1db/0x2d0 [ 12.582131] ? mempool_oob_right_helper+0x318/0x380 [ 12.582154] ? kasan_addr_to_slab+0x11/0xa0 [ 12.582176] ? mempool_oob_right_helper+0x318/0x380 [ 12.582200] kasan_report+0x141/0x180 [ 12.582235] ? mempool_oob_right_helper+0x318/0x380 [ 12.582265] __asan_report_load1_noabort+0x18/0x20 [ 12.582286] mempool_oob_right_helper+0x318/0x380 [ 12.582312] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 12.582336] ? dequeue_entities+0x852/0x1740 [ 12.582375] ? irqentry_exit+0x2a/0x60 [ 12.582394] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.582417] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 12.582443] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 12.582471] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.582492] ? __pfx_mempool_kfree+0x10/0x10 [ 12.582512] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 12.582541] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 12.582569] kunit_try_run_case+0x1a5/0x480 [ 12.582590] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.582609] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.582630] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.582654] ? __kthread_parkme+0x82/0x180 [ 12.582716] ? preempt_count_sub+0x50/0x80 [ 12.582746] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.582766] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.582789] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.582812] kthread+0x337/0x6f0 [ 12.582828] ? trace_preempt_on+0x20/0xc0 [ 12.582853] ? __pfx_kthread+0x10/0x10 [ 12.582870] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.582892] ? calculate_sigpending+0x7b/0xa0 [ 12.582914] ? __pfx_kthread+0x10/0x10 [ 12.582932] ret_from_fork+0x41/0x80 [ 12.582953] ? __pfx_kthread+0x10/0x10 [ 12.582971] ret_from_fork_asm+0x1a/0x30 [ 12.583003] </TASK> [ 12.583013] [ 12.593806] The buggy address belongs to the physical page: [ 12.594046] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103c98 [ 12.594627] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.595079] flags: 0x200000000000040(head|node=0|zone=2) [ 12.595452] page_type: f8(unknown) [ 12.595589] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.596180] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.596801] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.597092] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.597634] head: 0200000000000002 ffffea00040f2601 00000000ffffffff 00000000ffffffff [ 12.598089] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.598432] page dumped because: kasan: bad access detected [ 12.598646] [ 12.598742] Memory state around the buggy address: [ 12.598930] ffff888103c99f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.599241] ffff888103c99f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.599943] >ffff888103c9a000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.600203] ^ [ 12.600391] ffff888103c9a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.601163] ffff888103c9a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.601521] ================================================================== [ 12.549576] ================================================================== [ 12.550187] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 12.550628] Read of size 1 at addr ffff88810306ad73 by task kunit_try_catch/241 [ 12.551062] [ 12.551196] CPU: 0 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 12.551256] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.551268] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.551290] Call Trace: [ 12.551303] <TASK> [ 12.551320] dump_stack_lvl+0x73/0xb0 [ 12.551347] print_report+0xd1/0x610 [ 12.551371] ? __virt_addr_valid+0x1db/0x2d0 [ 12.551473] ? mempool_oob_right_helper+0x318/0x380 [ 12.551508] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.551531] ? mempool_oob_right_helper+0x318/0x380 [ 12.551554] kasan_report+0x141/0x180 [ 12.551576] ? mempool_oob_right_helper+0x318/0x380 [ 12.551604] __asan_report_load1_noabort+0x18/0x20 [ 12.551625] mempool_oob_right_helper+0x318/0x380 [ 12.551649] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 12.551712] ? dequeue_entities+0x852/0x1740 [ 12.551747] ? finish_task_switch.isra.0+0x153/0x700 [ 12.551776] mempool_kmalloc_oob_right+0xf2/0x150 [ 12.551801] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 12.551824] ? dequeue_task_fair+0x166/0x4e0 [ 12.551846] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.551869] ? __pfx_mempool_kfree+0x10/0x10 [ 12.551890] ? __pfx_read_tsc+0x10/0x10 [ 12.551910] ? ktime_get_ts64+0x86/0x230 [ 12.551935] kunit_try_run_case+0x1a5/0x480 [ 12.551956] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.551974] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.551994] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.552018] ? __kthread_parkme+0x82/0x180 [ 12.552038] ? preempt_count_sub+0x50/0x80 [ 12.552062] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.552082] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.552105] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.552128] kthread+0x337/0x6f0 [ 12.552144] ? trace_preempt_on+0x20/0xc0 [ 12.552167] ? __pfx_kthread+0x10/0x10 [ 12.552184] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.552206] ? calculate_sigpending+0x7b/0xa0 [ 12.552240] ? __pfx_kthread+0x10/0x10 [ 12.552258] ret_from_fork+0x41/0x80 [ 12.552278] ? __pfx_kthread+0x10/0x10 [ 12.552295] ret_from_fork_asm+0x1a/0x30 [ 12.552326] </TASK> [ 12.552336] [ 12.563848] Allocated by task 241: [ 12.564003] kasan_save_stack+0x45/0x70 [ 12.564376] kasan_save_track+0x18/0x40 [ 12.564557] kasan_save_alloc_info+0x3b/0x50 [ 12.564967] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 12.565237] remove_element+0x11e/0x190 [ 12.565611] mempool_alloc_preallocated+0x4d/0x90 [ 12.565904] mempool_oob_right_helper+0x8a/0x380 [ 12.566112] mempool_kmalloc_oob_right+0xf2/0x150 [ 12.566488] kunit_try_run_case+0x1a5/0x480 [ 12.566684] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.566982] kthread+0x337/0x6f0 [ 12.567136] ret_from_fork+0x41/0x80 [ 12.567303] ret_from_fork_asm+0x1a/0x30 [ 12.567486] [ 12.567924] The buggy address belongs to the object at ffff88810306ad00 [ 12.567924] which belongs to the cache kmalloc-128 of size 128 [ 12.568493] The buggy address is located 0 bytes to the right of [ 12.568493] allocated 115-byte region [ffff88810306ad00, ffff88810306ad73) [ 12.569203] [ 12.569421] The buggy address belongs to the physical page: [ 12.569922] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10306a [ 12.570334] flags: 0x200000000000000(node=0|zone=2) [ 12.570580] page_type: f5(slab) [ 12.570949] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.571418] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.571804] page dumped because: kasan: bad access detected [ 12.571988] [ 12.572083] Memory state around the buggy address: [ 12.572325] ffff88810306ac00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.572964] ffff88810306ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.573370] >ffff88810306ad00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.574041] ^ [ 12.574333] ffff88810306ad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.574620] ffff88810306ae00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.575294] ================================================================== [ 12.605398] ================================================================== [ 12.606279] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 12.607004] Read of size 1 at addr ffff8881028c92bb by task kunit_try_catch/245 [ 12.607614] [ 12.607836] CPU: 1 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 12.607883] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.607895] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.607915] Call Trace: [ 12.607927] <TASK> [ 12.607941] dump_stack_lvl+0x73/0xb0 [ 12.607966] print_report+0xd1/0x610 [ 12.607988] ? __virt_addr_valid+0x1db/0x2d0 [ 12.608038] ? mempool_oob_right_helper+0x318/0x380 [ 12.608062] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.608084] ? mempool_oob_right_helper+0x318/0x380 [ 12.608108] kasan_report+0x141/0x180 [ 12.608130] ? mempool_oob_right_helper+0x318/0x380 [ 12.608195] __asan_report_load1_noabort+0x18/0x20 [ 12.608217] mempool_oob_right_helper+0x318/0x380 [ 12.608258] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 12.608286] ? finish_task_switch.isra.0+0x153/0x700 [ 12.608314] mempool_slab_oob_right+0xed/0x140 [ 12.608334] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 12.608371] ? dequeue_task_fair+0x166/0x4e0 [ 12.608395] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 12.608415] ? __pfx_mempool_free_slab+0x10/0x10 [ 12.608437] ? __pfx_read_tsc+0x10/0x10 [ 12.608457] ? ktime_get_ts64+0x86/0x230 [ 12.608483] kunit_try_run_case+0x1a5/0x480 [ 12.608504] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.608521] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.608542] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.608566] ? __kthread_parkme+0x82/0x180 [ 12.608588] ? preempt_count_sub+0x50/0x80 [ 12.608612] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.608632] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.608683] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.608706] kthread+0x337/0x6f0 [ 12.608725] ? trace_preempt_on+0x20/0xc0 [ 12.608748] ? __pfx_kthread+0x10/0x10 [ 12.608765] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.608787] ? calculate_sigpending+0x7b/0xa0 [ 12.608808] ? __pfx_kthread+0x10/0x10 [ 12.608826] ret_from_fork+0x41/0x80 [ 12.608846] ? __pfx_kthread+0x10/0x10 [ 12.608864] ret_from_fork_asm+0x1a/0x30 [ 12.608895] </TASK> [ 12.608905] [ 12.623567] Allocated by task 245: [ 12.623948] kasan_save_stack+0x45/0x70 [ 12.624348] kasan_save_track+0x18/0x40 [ 12.624662] kasan_save_alloc_info+0x3b/0x50 [ 12.624992] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 12.625165] remove_element+0x11e/0x190 [ 12.625306] mempool_alloc_preallocated+0x4d/0x90 [ 12.625790] mempool_oob_right_helper+0x8a/0x380 [ 12.626276] mempool_slab_oob_right+0xed/0x140 [ 12.626744] kunit_try_run_case+0x1a5/0x480 [ 12.627159] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.627688] kthread+0x337/0x6f0 [ 12.628004] ret_from_fork+0x41/0x80 [ 12.628298] ret_from_fork_asm+0x1a/0x30 [ 12.628440] [ 12.628510] The buggy address belongs to the object at ffff8881028c9240 [ 12.628510] which belongs to the cache test_cache of size 123 [ 12.629360] The buggy address is located 0 bytes to the right of [ 12.629360] allocated 123-byte region [ffff8881028c9240, ffff8881028c92bb) [ 12.630739] [ 12.630901] The buggy address belongs to the physical page: [ 12.631518] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c9 [ 12.632116] flags: 0x200000000000000(node=0|zone=2) [ 12.632290] page_type: f5(slab) [ 12.632421] raw: 0200000000000000 ffff888101db38c0 dead000000000122 0000000000000000 [ 12.632643] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 12.633350] page dumped because: kasan: bad access detected [ 12.633966] [ 12.634157] Memory state around the buggy address: [ 12.634556] ffff8881028c9180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.634940] ffff8881028c9200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 12.635746] >ffff8881028c9280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 12.635967] ^ [ 12.636128] ffff8881028c9300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.636371] ffff8881028c9380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.636693] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 11.984031] ================================================================== [ 11.984722] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 11.985528] Read of size 1 at addr ffff8881014e3500 by task kunit_try_catch/235 [ 11.985775] [ 11.985896] CPU: 0 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 11.985947] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.985958] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.985981] Call Trace: [ 11.985994] <TASK> [ 11.986012] dump_stack_lvl+0x73/0xb0 [ 11.986042] print_report+0xd1/0x610 [ 11.986066] ? __virt_addr_valid+0x1db/0x2d0 [ 11.986089] ? kmem_cache_double_destroy+0x1bf/0x380 [ 11.986109] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.986131] ? kmem_cache_double_destroy+0x1bf/0x380 [ 11.986152] kasan_report+0x141/0x180 [ 11.986174] ? kmem_cache_double_destroy+0x1bf/0x380 [ 11.986198] ? kmem_cache_double_destroy+0x1bf/0x380 [ 11.986220] __kasan_check_byte+0x3d/0x50 [ 11.986254] kmem_cache_destroy+0x25/0x1d0 [ 11.986278] kmem_cache_double_destroy+0x1bf/0x380 [ 11.986299] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 11.986319] ? finish_task_switch.isra.0+0x153/0x700 [ 11.986343] ? __switch_to+0x5d9/0xf60 [ 11.986364] ? dequeue_task_fair+0x166/0x4e0 [ 11.986390] ? __pfx_read_tsc+0x10/0x10 [ 11.986411] ? ktime_get_ts64+0x86/0x230 [ 11.986436] kunit_try_run_case+0x1a5/0x480 [ 11.986459] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.986477] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.986498] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.986522] ? __kthread_parkme+0x82/0x180 [ 11.986545] ? preempt_count_sub+0x50/0x80 [ 11.986569] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.986589] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.986670] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.986698] kthread+0x337/0x6f0 [ 11.986715] ? trace_preempt_on+0x20/0xc0 [ 11.986739] ? __pfx_kthread+0x10/0x10 [ 11.986756] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.986779] ? calculate_sigpending+0x7b/0xa0 [ 11.986801] ? __pfx_kthread+0x10/0x10 [ 11.986818] ret_from_fork+0x41/0x80 [ 11.986840] ? __pfx_kthread+0x10/0x10 [ 11.986857] ret_from_fork_asm+0x1a/0x30 [ 11.986888] </TASK> [ 11.986899] [ 11.998062] Allocated by task 235: [ 11.998244] kasan_save_stack+0x45/0x70 [ 11.998555] kasan_save_track+0x18/0x40 [ 11.998782] kasan_save_alloc_info+0x3b/0x50 [ 11.998925] __kasan_slab_alloc+0x91/0xa0 [ 11.999186] kmem_cache_alloc_noprof+0x123/0x3f0 [ 11.999413] __kmem_cache_create_args+0x169/0x240 [ 11.999616] kmem_cache_double_destroy+0xd5/0x380 [ 11.999956] kunit_try_run_case+0x1a5/0x480 [ 12.000169] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.000406] kthread+0x337/0x6f0 [ 12.000556] ret_from_fork+0x41/0x80 [ 12.000720] ret_from_fork_asm+0x1a/0x30 [ 12.000858] [ 12.000932] Freed by task 235: [ 12.001088] kasan_save_stack+0x45/0x70 [ 12.001354] kasan_save_track+0x18/0x40 [ 12.001501] kasan_save_free_info+0x3f/0x60 [ 12.001692] __kasan_slab_free+0x56/0x70 [ 12.001890] kmem_cache_free+0x249/0x420 [ 12.002080] slab_kmem_cache_release+0x2e/0x40 [ 12.002279] kmem_cache_release+0x16/0x20 [ 12.002571] kobject_put+0x181/0x450 [ 12.002786] sysfs_slab_release+0x16/0x20 [ 12.002972] kmem_cache_destroy+0xf0/0x1d0 [ 12.003144] kmem_cache_double_destroy+0x14e/0x380 [ 12.003375] kunit_try_run_case+0x1a5/0x480 [ 12.003549] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.003962] kthread+0x337/0x6f0 [ 12.004140] ret_from_fork+0x41/0x80 [ 12.004306] ret_from_fork_asm+0x1a/0x30 [ 12.004585] [ 12.004659] The buggy address belongs to the object at ffff8881014e3500 [ 12.004659] which belongs to the cache kmem_cache of size 208 [ 12.005111] The buggy address is located 0 bytes inside of [ 12.005111] freed 208-byte region [ffff8881014e3500, ffff8881014e35d0) [ 12.005468] [ 12.005541] The buggy address belongs to the physical page: [ 12.005756] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1014e3 [ 12.006406] flags: 0x200000000000000(node=0|zone=2) [ 12.006698] page_type: f5(slab) [ 12.006911] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 12.007263] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 12.008012] page dumped because: kasan: bad access detected [ 12.008265] [ 12.008352] Memory state around the buggy address: [ 12.008559] ffff8881014e3400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.008899] ffff8881014e3480: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.009191] >ffff8881014e3500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.009609] ^ [ 12.009785] ffff8881014e3580: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 12.010001] ffff8881014e3600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.010213] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 11.921098] ================================================================== [ 11.921878] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 11.922406] Read of size 1 at addr ffff8881028c4000 by task kunit_try_catch/233 [ 11.922695] [ 11.922792] CPU: 1 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 11.922839] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.922850] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.922873] Call Trace: [ 11.922888] <TASK> [ 11.922907] dump_stack_lvl+0x73/0xb0 [ 11.922936] print_report+0xd1/0x610 [ 11.922961] ? __virt_addr_valid+0x1db/0x2d0 [ 11.922984] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 11.923003] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.923026] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 11.923072] kasan_report+0x141/0x180 [ 11.923096] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 11.923121] __asan_report_load1_noabort+0x18/0x20 [ 11.923141] kmem_cache_rcu_uaf+0x3e3/0x510 [ 11.923161] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 11.923180] ? finish_task_switch.isra.0+0x153/0x700 [ 11.923205] ? __switch_to+0x5d9/0xf60 [ 11.923238] ? dequeue_task_fair+0x166/0x4e0 [ 11.923282] ? __pfx_read_tsc+0x10/0x10 [ 11.923324] ? ktime_get_ts64+0x86/0x230 [ 11.923350] kunit_try_run_case+0x1a5/0x480 [ 11.923383] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.923402] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.923424] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.923448] ? __kthread_parkme+0x82/0x180 [ 11.923471] ? preempt_count_sub+0x50/0x80 [ 11.923512] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.923532] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.923555] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.923578] kthread+0x337/0x6f0 [ 11.923595] ? trace_preempt_on+0x20/0xc0 [ 11.923619] ? __pfx_kthread+0x10/0x10 [ 11.923637] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.923659] ? calculate_sigpending+0x7b/0xa0 [ 11.923864] ? __pfx_kthread+0x10/0x10 [ 11.923886] ret_from_fork+0x41/0x80 [ 11.923908] ? __pfx_kthread+0x10/0x10 [ 11.923926] ret_from_fork_asm+0x1a/0x30 [ 11.923956] </TASK> [ 11.923968] [ 11.935119] Allocated by task 233: [ 11.935320] kasan_save_stack+0x45/0x70 [ 11.936175] kasan_save_track+0x18/0x40 [ 11.936380] kasan_save_alloc_info+0x3b/0x50 [ 11.936553] __kasan_slab_alloc+0x91/0xa0 [ 11.937020] kmem_cache_alloc_noprof+0x123/0x3f0 [ 11.937532] kmem_cache_rcu_uaf+0x155/0x510 [ 11.937811] kunit_try_run_case+0x1a5/0x480 [ 11.938033] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.938488] kthread+0x337/0x6f0 [ 11.938787] ret_from_fork+0x41/0x80 [ 11.939081] ret_from_fork_asm+0x1a/0x30 [ 11.939250] [ 11.939543] Freed by task 0: [ 11.939790] kasan_save_stack+0x45/0x70 [ 11.939948] kasan_save_track+0x18/0x40 [ 11.940380] kasan_save_free_info+0x3f/0x60 [ 11.940615] __kasan_slab_free+0x56/0x70 [ 11.940956] slab_free_after_rcu_debug+0xe4/0x310 [ 11.941199] rcu_core+0x66c/0x1c30 [ 11.941349] rcu_core_si+0x12/0x20 [ 11.941553] handle_softirqs+0x209/0x730 [ 11.941898] __irq_exit_rcu+0xc9/0x110 [ 11.942296] irq_exit_rcu+0x12/0x20 [ 11.942508] sysvec_apic_timer_interrupt+0x81/0x90 [ 11.942930] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 11.943198] [ 11.943298] Last potentially related work creation: [ 11.943654] kasan_save_stack+0x45/0x70 [ 11.944119] kasan_record_aux_stack+0xb2/0xc0 [ 11.944461] kmem_cache_free+0x131/0x420 [ 11.944641] kmem_cache_rcu_uaf+0x194/0x510 [ 11.945288] kunit_try_run_case+0x1a5/0x480 [ 11.945549] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.945880] kthread+0x337/0x6f0 [ 11.946009] ret_from_fork+0x41/0x80 [ 11.946193] ret_from_fork_asm+0x1a/0x30 [ 11.946373] [ 11.946444] The buggy address belongs to the object at ffff8881028c4000 [ 11.946444] which belongs to the cache test_cache of size 200 [ 11.946985] The buggy address is located 0 bytes inside of [ 11.946985] freed 200-byte region [ffff8881028c4000, ffff8881028c40c8) [ 11.947448] [ 11.947534] The buggy address belongs to the physical page: [ 11.947814] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c4 [ 11.948099] flags: 0x200000000000000(node=0|zone=2) [ 11.948336] page_type: f5(slab) [ 11.948636] raw: 0200000000000000 ffff888101db3500 dead000000000122 0000000000000000 [ 11.949093] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 11.949446] page dumped because: kasan: bad access detected [ 11.949699] [ 11.949776] Memory state around the buggy address: [ 11.949965] ffff8881028c3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.950293] ffff8881028c3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.950628] >ffff8881028c4000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.950863] ^ [ 11.950978] ffff8881028c4080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 11.951303] ffff8881028c4100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.951578] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 11.855750] ================================================================== [ 11.856698] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 11.857140] Free of addr ffff888103cf8001 by task kunit_try_catch/231 [ 11.857352] [ 11.857446] CPU: 0 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 11.857493] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.857503] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.857525] Call Trace: [ 11.857539] <TASK> [ 11.857555] dump_stack_lvl+0x73/0xb0 [ 11.857583] print_report+0xd1/0x610 [ 11.857606] ? __virt_addr_valid+0x1db/0x2d0 [ 11.857630] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.857651] ? kmem_cache_invalid_free+0x1d8/0x460 [ 11.857672] kasan_report_invalid_free+0x10a/0x130 [ 11.857696] ? kmem_cache_invalid_free+0x1d8/0x460 [ 11.857719] ? kmem_cache_invalid_free+0x1d8/0x460 [ 11.857739] check_slab_allocation+0x11f/0x130 [ 11.857760] __kasan_slab_pre_free+0x28/0x40 [ 11.857781] kmem_cache_free+0xed/0x420 [ 11.857801] ? kasan_save_track+0x18/0x40 [ 11.857821] ? kasan_save_stack+0x45/0x70 [ 11.857839] ? kmem_cache_invalid_free+0x1d8/0x460 [ 11.857859] ? kmem_cache_invalid_free+0x157/0x460 [ 11.857893] kmem_cache_invalid_free+0x1d8/0x460 [ 11.857913] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 11.857932] ? finish_task_switch.isra.0+0x153/0x700 [ 11.857968] ? __switch_to+0x5d9/0xf60 [ 11.857988] ? dequeue_task_fair+0x166/0x4e0 [ 11.858015] ? __pfx_read_tsc+0x10/0x10 [ 11.858035] ? ktime_get_ts64+0x86/0x230 [ 11.858061] kunit_try_run_case+0x1a5/0x480 [ 11.858082] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.858100] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.858121] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.858153] ? __kthread_parkme+0x82/0x180 [ 11.858175] ? preempt_count_sub+0x50/0x80 [ 11.858198] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.858238] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.858261] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.858283] kthread+0x337/0x6f0 [ 11.858300] ? trace_preempt_on+0x20/0xc0 [ 11.858323] ? __pfx_kthread+0x10/0x10 [ 11.858340] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.858362] ? calculate_sigpending+0x7b/0xa0 [ 11.858383] ? __pfx_kthread+0x10/0x10 [ 11.858401] ret_from_fork+0x41/0x80 [ 11.858421] ? __pfx_kthread+0x10/0x10 [ 11.858438] ret_from_fork_asm+0x1a/0x30 [ 11.858478] </TASK> [ 11.858489] [ 11.867843] Allocated by task 231: [ 11.868176] kasan_save_stack+0x45/0x70 [ 11.868338] kasan_save_track+0x18/0x40 [ 11.868530] kasan_save_alloc_info+0x3b/0x50 [ 11.868759] __kasan_slab_alloc+0x91/0xa0 [ 11.869088] kmem_cache_alloc_noprof+0x123/0x3f0 [ 11.869288] kmem_cache_invalid_free+0x157/0x460 [ 11.869766] kunit_try_run_case+0x1a5/0x480 [ 11.870066] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.870365] kthread+0x337/0x6f0 [ 11.870547] ret_from_fork+0x41/0x80 [ 11.870699] ret_from_fork_asm+0x1a/0x30 [ 11.870845] [ 11.871012] The buggy address belongs to the object at ffff888103cf8000 [ 11.871012] which belongs to the cache test_cache of size 200 [ 11.871615] The buggy address is located 1 bytes inside of [ 11.871615] 200-byte region [ffff888103cf8000, ffff888103cf80c8) [ 11.872418] [ 11.872515] The buggy address belongs to the physical page: [ 11.873209] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103cf8 [ 11.874240] flags: 0x200000000000000(node=0|zone=2) [ 11.874443] page_type: f5(slab) [ 11.874724] raw: 0200000000000000 ffff8881014e33c0 dead000000000122 0000000000000000 [ 11.875297] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 11.875778] page dumped because: kasan: bad access detected [ 11.876234] [ 11.876502] Memory state around the buggy address: [ 11.877134] ffff888103cf7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.878010] ffff888103cf7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.878770] >ffff888103cf8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.879543] ^ [ 11.879946] ffff888103cf8080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 11.880300] ffff888103cf8100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.881142] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 11.809200] ================================================================== [ 11.810168] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 11.810442] Free of addr ffff888103cf7000 by task kunit_try_catch/229 [ 11.811173] [ 11.811296] CPU: 0 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 11.811379] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.811390] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.811438] Call Trace: [ 11.811452] <TASK> [ 11.811473] dump_stack_lvl+0x73/0xb0 [ 11.811503] print_report+0xd1/0x610 [ 11.811526] ? __virt_addr_valid+0x1db/0x2d0 [ 11.811550] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.811572] ? kmem_cache_double_free+0x1e5/0x480 [ 11.811593] kasan_report_invalid_free+0x10a/0x130 [ 11.811617] ? kmem_cache_double_free+0x1e5/0x480 [ 11.811639] ? kmem_cache_double_free+0x1e5/0x480 [ 11.811660] check_slab_allocation+0x101/0x130 [ 11.811733] __kasan_slab_pre_free+0x28/0x40 [ 11.811758] kmem_cache_free+0xed/0x420 [ 11.811779] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 11.811799] ? kmem_cache_double_free+0x1e5/0x480 [ 11.811822] kmem_cache_double_free+0x1e5/0x480 [ 11.811843] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 11.811862] ? finish_task_switch.isra.0+0x153/0x700 [ 11.811886] ? __switch_to+0x5d9/0xf60 [ 11.811906] ? dequeue_task_fair+0x166/0x4e0 [ 11.811933] ? __pfx_read_tsc+0x10/0x10 [ 11.811953] ? ktime_get_ts64+0x86/0x230 [ 11.811978] kunit_try_run_case+0x1a5/0x480 [ 11.812000] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.812018] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.812039] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.812063] ? __kthread_parkme+0x82/0x180 [ 11.812085] ? preempt_count_sub+0x50/0x80 [ 11.812108] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.812127] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.812149] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.812171] kthread+0x337/0x6f0 [ 11.812188] ? trace_preempt_on+0x20/0xc0 [ 11.812211] ? __pfx_kthread+0x10/0x10 [ 11.812243] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.812265] ? calculate_sigpending+0x7b/0xa0 [ 11.812286] ? __pfx_kthread+0x10/0x10 [ 11.812304] ret_from_fork+0x41/0x80 [ 11.812325] ? __pfx_kthread+0x10/0x10 [ 11.812342] ret_from_fork_asm+0x1a/0x30 [ 11.812385] </TASK> [ 11.812396] [ 11.824375] Allocated by task 229: [ 11.824518] kasan_save_stack+0x45/0x70 [ 11.824666] kasan_save_track+0x18/0x40 [ 11.824798] kasan_save_alloc_info+0x3b/0x50 [ 11.824943] __kasan_slab_alloc+0x91/0xa0 [ 11.825078] kmem_cache_alloc_noprof+0x123/0x3f0 [ 11.825236] kmem_cache_double_free+0x14f/0x480 [ 11.825380] kunit_try_run_case+0x1a5/0x480 [ 11.825518] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.825684] kthread+0x337/0x6f0 [ 11.825796] ret_from_fork+0x41/0x80 [ 11.825920] ret_from_fork_asm+0x1a/0x30 [ 11.826052] [ 11.826120] Freed by task 229: [ 11.826936] kasan_save_stack+0x45/0x70 [ 11.827504] kasan_save_track+0x18/0x40 [ 11.828157] kasan_save_free_info+0x3f/0x60 [ 11.828847] __kasan_slab_free+0x56/0x70 [ 11.829486] kmem_cache_free+0x249/0x420 [ 11.830099] kmem_cache_double_free+0x16a/0x480 [ 11.830770] kunit_try_run_case+0x1a5/0x480 [ 11.831407] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.832269] kthread+0x337/0x6f0 [ 11.832802] ret_from_fork+0x41/0x80 [ 11.833314] ret_from_fork_asm+0x1a/0x30 [ 11.833942] [ 11.834279] The buggy address belongs to the object at ffff888103cf7000 [ 11.834279] which belongs to the cache test_cache of size 200 [ 11.835883] The buggy address is located 0 bytes inside of [ 11.835883] 200-byte region [ffff888103cf7000, ffff888103cf70c8) [ 11.837373] [ 11.837799] The buggy address belongs to the physical page: [ 11.838720] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103cf7 [ 11.839891] flags: 0x200000000000000(node=0|zone=2) [ 11.840797] page_type: f5(slab) [ 11.841094] raw: 0200000000000000 ffff8881014e3280 dead000000000122 0000000000000000 [ 11.841346] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 11.841572] page dumped because: kasan: bad access detected [ 11.842079] [ 11.842334] Memory state around the buggy address: [ 11.843061] ffff888103cf6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.843301] ffff888103cf6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.844349] >ffff888103cf7000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.845346] ^ [ 11.845473] ffff888103cf7080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 11.845694] ffff888103cf7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.846283] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 11.757855] ================================================================== [ 11.758391] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 11.758629] Read of size 1 at addr ffff8881028c20c8 by task kunit_try_catch/227 [ 11.759822] [ 11.760173] CPU: 1 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 11.760345] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.760373] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.760397] Call Trace: [ 11.760410] <TASK> [ 11.760427] dump_stack_lvl+0x73/0xb0 [ 11.760501] print_report+0xd1/0x610 [ 11.760525] ? __virt_addr_valid+0x1db/0x2d0 [ 11.760546] ? kmem_cache_oob+0x402/0x530 [ 11.760565] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.760587] ? kmem_cache_oob+0x402/0x530 [ 11.760605] kasan_report+0x141/0x180 [ 11.760627] ? kmem_cache_oob+0x402/0x530 [ 11.760651] __asan_report_load1_noabort+0x18/0x20 [ 11.760671] kmem_cache_oob+0x402/0x530 [ 11.760690] ? trace_hardirqs_on+0x37/0xe0 [ 11.760713] ? __pfx_kmem_cache_oob+0x10/0x10 [ 11.760731] ? finish_task_switch.isra.0+0x153/0x700 [ 11.760754] ? __switch_to+0x5d9/0xf60 [ 11.760774] ? dequeue_task_fair+0x166/0x4e0 [ 11.760801] ? __pfx_read_tsc+0x10/0x10 [ 11.760821] ? ktime_get_ts64+0x86/0x230 [ 11.760846] kunit_try_run_case+0x1a5/0x480 [ 11.760867] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.760885] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.760905] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.760936] ? __kthread_parkme+0x82/0x180 [ 11.760957] ? preempt_count_sub+0x50/0x80 [ 11.760980] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.761000] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.761022] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.761045] kthread+0x337/0x6f0 [ 11.761061] ? trace_preempt_on+0x20/0xc0 [ 11.761082] ? __pfx_kthread+0x10/0x10 [ 11.761100] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.761121] ? calculate_sigpending+0x7b/0xa0 [ 11.761142] ? __pfx_kthread+0x10/0x10 [ 11.761159] ret_from_fork+0x41/0x80 [ 11.761179] ? __pfx_kthread+0x10/0x10 [ 11.761196] ret_from_fork_asm+0x1a/0x30 [ 11.761237] </TASK> [ 11.761249] [ 11.776996] Allocated by task 227: [ 11.777248] kasan_save_stack+0x45/0x70 [ 11.777618] kasan_save_track+0x18/0x40 [ 11.777862] kasan_save_alloc_info+0x3b/0x50 [ 11.778275] __kasan_slab_alloc+0x91/0xa0 [ 11.778694] kmem_cache_alloc_noprof+0x123/0x3f0 [ 11.779015] kmem_cache_oob+0x157/0x530 [ 11.779150] kunit_try_run_case+0x1a5/0x480 [ 11.779304] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.779742] kthread+0x337/0x6f0 [ 11.780371] ret_from_fork+0x41/0x80 [ 11.780794] ret_from_fork_asm+0x1a/0x30 [ 11.781184] [ 11.781352] The buggy address belongs to the object at ffff8881028c2000 [ 11.781352] which belongs to the cache test_cache of size 200 [ 11.782322] The buggy address is located 0 bytes to the right of [ 11.782322] allocated 200-byte region [ffff8881028c2000, ffff8881028c20c8) [ 11.782801] [ 11.782973] The buggy address belongs to the physical page: [ 11.783557] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c2 [ 11.784350] flags: 0x200000000000000(node=0|zone=2) [ 11.784900] page_type: f5(slab) [ 11.785284] raw: 0200000000000000 ffff888101db33c0 dead000000000122 0000000000000000 [ 11.785878] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 11.786678] page dumped because: kasan: bad access detected [ 11.786971] [ 11.787126] Memory state around the buggy address: [ 11.787563] ffff8881028c1f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.787861] ffff8881028c2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.788519] >ffff8881028c2080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 11.789317] ^ [ 11.789709] ffff8881028c2100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.790155] ffff8881028c2180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.790390] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 11.709280] ================================================================== [ 11.710036] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 11.710349] Read of size 8 at addr ffff8881028bd3c0 by task kunit_try_catch/220 [ 11.710651] [ 11.711033] CPU: 1 UID: 0 PID: 220 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 11.711354] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.711369] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.711392] Call Trace: [ 11.711406] <TASK> [ 11.711423] dump_stack_lvl+0x73/0xb0 [ 11.711453] print_report+0xd1/0x610 [ 11.711484] ? __virt_addr_valid+0x1db/0x2d0 [ 11.711506] ? workqueue_uaf+0x4d6/0x560 [ 11.711527] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.711549] ? workqueue_uaf+0x4d6/0x560 [ 11.711570] kasan_report+0x141/0x180 [ 11.711592] ? workqueue_uaf+0x4d6/0x560 [ 11.711618] __asan_report_load8_noabort+0x18/0x20 [ 11.711638] workqueue_uaf+0x4d6/0x560 [ 11.711693] ? __pfx_workqueue_uaf+0x10/0x10 [ 11.711716] ? __schedule+0x10c6/0x2b60 [ 11.711740] ? __pfx_read_tsc+0x10/0x10 [ 11.711760] ? ktime_get_ts64+0x86/0x230 [ 11.711786] kunit_try_run_case+0x1a5/0x480 [ 11.711807] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.711825] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.711846] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.711870] ? __kthread_parkme+0x82/0x180 [ 11.711891] ? preempt_count_sub+0x50/0x80 [ 11.711917] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.711936] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.711958] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.711980] kthread+0x337/0x6f0 [ 11.711997] ? trace_preempt_on+0x20/0xc0 [ 11.712020] ? __pfx_kthread+0x10/0x10 [ 11.712037] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.712059] ? calculate_sigpending+0x7b/0xa0 [ 11.712082] ? __pfx_kthread+0x10/0x10 [ 11.712099] ret_from_fork+0x41/0x80 [ 11.712119] ? __pfx_kthread+0x10/0x10 [ 11.712136] ret_from_fork_asm+0x1a/0x30 [ 11.712167] </TASK> [ 11.712177] [ 11.724021] Allocated by task 220: [ 11.724190] kasan_save_stack+0x45/0x70 [ 11.724355] kasan_save_track+0x18/0x40 [ 11.724493] kasan_save_alloc_info+0x3b/0x50 [ 11.724786] __kasan_kmalloc+0xb7/0xc0 [ 11.724983] __kmalloc_cache_noprof+0x189/0x420 [ 11.725151] workqueue_uaf+0x152/0x560 [ 11.725293] kunit_try_run_case+0x1a5/0x480 [ 11.725622] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.725856] kthread+0x337/0x6f0 [ 11.726014] ret_from_fork+0x41/0x80 [ 11.726169] ret_from_fork_asm+0x1a/0x30 [ 11.726373] [ 11.726453] Freed by task 105: [ 11.726592] kasan_save_stack+0x45/0x70 [ 11.726724] kasan_save_track+0x18/0x40 [ 11.726902] kasan_save_free_info+0x3f/0x60 [ 11.727111] __kasan_slab_free+0x56/0x70 [ 11.727402] kfree+0x222/0x3f0 [ 11.727595] workqueue_uaf_work+0x12/0x20 [ 11.728019] process_one_work+0x5ee/0xf60 [ 11.728717] worker_thread+0x758/0x1220 [ 11.728907] kthread+0x337/0x6f0 [ 11.729033] ret_from_fork+0x41/0x80 [ 11.730116] ret_from_fork_asm+0x1a/0x30 [ 11.730483] [ 11.730564] Last potentially related work creation: [ 11.730719] kasan_save_stack+0x45/0x70 [ 11.730860] kasan_record_aux_stack+0xb2/0xc0 [ 11.731009] __queue_work+0x626/0xeb0 [ 11.731141] queue_work_on+0xb6/0xc0 [ 11.731281] workqueue_uaf+0x26d/0x560 [ 11.731421] kunit_try_run_case+0x1a5/0x480 [ 11.731564] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.731739] kthread+0x337/0x6f0 [ 11.731856] ret_from_fork+0x41/0x80 [ 11.731985] ret_from_fork_asm+0x1a/0x30 [ 11.732123] [ 11.732191] The buggy address belongs to the object at ffff8881028bd3c0 [ 11.732191] which belongs to the cache kmalloc-32 of size 32 [ 11.734493] The buggy address is located 0 bytes inside of [ 11.734493] freed 32-byte region [ffff8881028bd3c0, ffff8881028bd3e0) [ 11.736304] [ 11.736736] The buggy address belongs to the physical page: [ 11.737609] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028bd [ 11.738674] flags: 0x200000000000000(node=0|zone=2) [ 11.739306] page_type: f5(slab) [ 11.739838] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 11.740789] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 11.742032] page dumped because: kasan: bad access detected [ 11.742726] [ 11.743209] Memory state around the buggy address: [ 11.743878] ffff8881028bd280: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 11.744645] ffff8881028bd300: 00 00 00 fc fc fc fc fc 00 00 03 fc fc fc fc fc [ 11.745233] >ffff8881028bd380: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 11.745923] ^ [ 11.746649] ffff8881028bd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.747261] ffff8881028bd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.747593] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 11.671959] ================================================================== [ 11.672882] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 11.673304] Read of size 4 at addr ffff8881028bd240 by task swapper/1/0 [ 11.674000] [ 11.674120] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 11.674167] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.674178] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.674200] Call Trace: [ 11.674244] <IRQ> [ 11.674261] dump_stack_lvl+0x73/0xb0 [ 11.674289] print_report+0xd1/0x610 [ 11.674312] ? __virt_addr_valid+0x1db/0x2d0 [ 11.674332] ? rcu_uaf_reclaim+0x50/0x60 [ 11.674352] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.674374] ? rcu_uaf_reclaim+0x50/0x60 [ 11.674394] kasan_report+0x141/0x180 [ 11.674416] ? rcu_uaf_reclaim+0x50/0x60 [ 11.674441] __asan_report_load4_noabort+0x18/0x20 [ 11.674476] rcu_uaf_reclaim+0x50/0x60 [ 11.674507] rcu_core+0x66c/0x1c30 [ 11.674532] ? enqueue_hrtimer+0xfe/0x210 [ 11.674566] ? __pfx_rcu_core+0x10/0x10 [ 11.674588] ? ktime_get+0x6b/0x150 [ 11.674611] ? handle_softirqs+0x18e/0x730 [ 11.674636] rcu_core_si+0x12/0x20 [ 11.674653] handle_softirqs+0x209/0x730 [ 11.674673] ? hrtimer_interrupt+0x2fe/0x780 [ 11.674695] ? __pfx_handle_softirqs+0x10/0x10 [ 11.674721] __irq_exit_rcu+0xc9/0x110 [ 11.674742] irq_exit_rcu+0x12/0x20 [ 11.674759] sysvec_apic_timer_interrupt+0x81/0x90 [ 11.674780] </IRQ> [ 11.674807] <TASK> [ 11.674817] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 11.674904] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 11.675106] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 03 77 27 00 fb f4 <c3> cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 11.675184] RSP: 0000:ffff88810086fdc8 EFLAGS: 00010216 [ 11.675283] RAX: ffff8881a8b90000 RBX: ffff8881008353c0 RCX: ffffffffb0012fb5 [ 11.675328] RDX: ffffed102b626103 RSI: 0000000000000004 RDI: 000000000001c90c [ 11.675386] RBP: ffff88810086fdd0 R08: 0000000000000001 R09: ffffed102b626102 [ 11.675429] R10: ffff88815b130813 R11: 0000000000000000 R12: 0000000000000001 [ 11.675470] R13: ffffed1020106a78 R14: ffffffffb1d9d310 R15: 0000000000000000 [ 11.675525] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 11.675575] ? default_idle+0xd/0x20 [ 11.675595] arch_cpu_idle+0xd/0x20 [ 11.675613] default_idle_call+0x48/0x80 [ 11.675633] do_idle+0x379/0x4f0 [ 11.675652] ? complete+0x15b/0x1d0 [ 11.675672] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.675699] ? __pfx_do_idle+0x10/0x10 [ 11.675717] ? _raw_spin_unlock_irqrestore+0x49/0x90 [ 11.675741] ? complete+0x15b/0x1d0 [ 11.675763] cpu_startup_entry+0x5c/0x70 [ 11.675783] start_secondary+0x211/0x290 [ 11.675803] ? __pfx_start_secondary+0x10/0x10 [ 11.675827] common_startup_64+0x13e/0x148 [ 11.675858] </TASK> [ 11.675869] [ 11.687967] Allocated by task 218: [ 11.688104] kasan_save_stack+0x45/0x70 [ 11.688322] kasan_save_track+0x18/0x40 [ 11.688693] kasan_save_alloc_info+0x3b/0x50 [ 11.688864] __kasan_kmalloc+0xb7/0xc0 [ 11.689049] __kmalloc_cache_noprof+0x189/0x420 [ 11.689283] rcu_uaf+0xb0/0x330 [ 11.689854] kunit_try_run_case+0x1a5/0x480 [ 11.690055] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.690433] kthread+0x337/0x6f0 [ 11.690675] ret_from_fork+0x41/0x80 [ 11.690813] ret_from_fork_asm+0x1a/0x30 [ 11.691124] [ 11.691202] Freed by task 0: [ 11.691332] kasan_save_stack+0x45/0x70 [ 11.691531] kasan_save_track+0x18/0x40 [ 11.691720] kasan_save_free_info+0x3f/0x60 [ 11.691864] __kasan_slab_free+0x56/0x70 [ 11.692062] kfree+0x222/0x3f0 [ 11.692221] rcu_uaf_reclaim+0x1f/0x60 [ 11.692749] rcu_core+0x66c/0x1c30 [ 11.692881] rcu_core_si+0x12/0x20 [ 11.693128] handle_softirqs+0x209/0x730 [ 11.693420] __irq_exit_rcu+0xc9/0x110 [ 11.693650] irq_exit_rcu+0x12/0x20 [ 11.693958] sysvec_apic_timer_interrupt+0x81/0x90 [ 11.694240] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 11.694558] [ 11.694681] Last potentially related work creation: [ 11.694994] kasan_save_stack+0x45/0x70 [ 11.695195] kasan_record_aux_stack+0xb2/0xc0 [ 11.695381] __call_rcu_common.constprop.0+0x7b/0x9e0 [ 11.695583] call_rcu+0x12/0x20 [ 11.695748] rcu_uaf+0x168/0x330 [ 11.695901] kunit_try_run_case+0x1a5/0x480 [ 11.696084] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.696755] kthread+0x337/0x6f0 [ 11.696884] ret_from_fork+0x41/0x80 [ 11.697221] ret_from_fork_asm+0x1a/0x30 [ 11.697405] [ 11.697615] The buggy address belongs to the object at ffff8881028bd240 [ 11.697615] which belongs to the cache kmalloc-32 of size 32 [ 11.698257] The buggy address is located 0 bytes inside of [ 11.698257] freed 32-byte region [ffff8881028bd240, ffff8881028bd260) [ 11.698903] [ 11.699102] The buggy address belongs to the physical page: [ 11.699398] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028bd [ 11.699806] flags: 0x200000000000000(node=0|zone=2) [ 11.700014] page_type: f5(slab) [ 11.700266] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 11.700717] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 11.701109] page dumped because: kasan: bad access detected [ 11.701375] [ 11.701468] Memory state around the buggy address: [ 11.701795] ffff8881028bd100: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 11.702100] ffff8881028bd180: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 11.702579] >ffff8881028bd200: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 11.702887] ^ [ 11.703183] ffff8881028bd280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.703466] ffff8881028bd300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.703886] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 11.605515] ================================================================== [ 11.606245] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 11.606533] Read of size 1 at addr ffff8881028ba200 by task kunit_try_catch/216 [ 11.606830] [ 11.606922] CPU: 1 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 11.606967] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.606978] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.606999] Call Trace: [ 11.607011] <TASK> [ 11.607027] dump_stack_lvl+0x73/0xb0 [ 11.607055] print_report+0xd1/0x610 [ 11.607076] ? __virt_addr_valid+0x1db/0x2d0 [ 11.607099] ? ksize_uaf+0x5fe/0x6c0 [ 11.607119] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.607140] ? ksize_uaf+0x5fe/0x6c0 [ 11.607161] kasan_report+0x141/0x180 [ 11.607183] ? ksize_uaf+0x5fe/0x6c0 [ 11.607208] __asan_report_load1_noabort+0x18/0x20 [ 11.607239] ksize_uaf+0x5fe/0x6c0 [ 11.607259] ? __pfx_ksize_uaf+0x10/0x10 [ 11.607280] ? __schedule+0x10c6/0x2b60 [ 11.607304] ? __pfx_read_tsc+0x10/0x10 [ 11.607324] ? ktime_get_ts64+0x86/0x230 [ 11.607350] kunit_try_run_case+0x1a5/0x480 [ 11.607381] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.607399] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.607420] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.607444] ? __kthread_parkme+0x82/0x180 [ 11.607465] ? preempt_count_sub+0x50/0x80 [ 11.607491] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.607510] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.607532] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.607554] kthread+0x337/0x6f0 [ 11.607571] ? trace_preempt_on+0x20/0xc0 [ 11.607594] ? __pfx_kthread+0x10/0x10 [ 11.607611] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.607632] ? calculate_sigpending+0x7b/0xa0 [ 11.607654] ? __pfx_kthread+0x10/0x10 [ 11.607672] ret_from_fork+0x41/0x80 [ 11.607691] ? __pfx_kthread+0x10/0x10 [ 11.607708] ret_from_fork_asm+0x1a/0x30 [ 11.607738] </TASK> [ 11.607748] [ 11.614979] Allocated by task 216: [ 11.615113] kasan_save_stack+0x45/0x70 [ 11.615308] kasan_save_track+0x18/0x40 [ 11.615666] kasan_save_alloc_info+0x3b/0x50 [ 11.615873] __kasan_kmalloc+0xb7/0xc0 [ 11.616061] __kmalloc_cache_noprof+0x189/0x420 [ 11.616253] ksize_uaf+0xaa/0x6c0 [ 11.616436] kunit_try_run_case+0x1a5/0x480 [ 11.616610] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.616836] kthread+0x337/0x6f0 [ 11.616990] ret_from_fork+0x41/0x80 [ 11.617169] ret_from_fork_asm+0x1a/0x30 [ 11.617341] [ 11.617433] Freed by task 216: [ 11.617614] kasan_save_stack+0x45/0x70 [ 11.617748] kasan_save_track+0x18/0x40 [ 11.617882] kasan_save_free_info+0x3f/0x60 [ 11.618021] __kasan_slab_free+0x56/0x70 [ 11.618155] kfree+0x222/0x3f0 [ 11.618321] ksize_uaf+0x12c/0x6c0 [ 11.618491] kunit_try_run_case+0x1a5/0x480 [ 11.618690] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.619122] kthread+0x337/0x6f0 [ 11.619252] ret_from_fork+0x41/0x80 [ 11.619380] ret_from_fork_asm+0x1a/0x30 [ 11.619516] [ 11.619585] The buggy address belongs to the object at ffff8881028ba200 [ 11.619585] which belongs to the cache kmalloc-128 of size 128 [ 11.620107] The buggy address is located 0 bytes inside of [ 11.620107] freed 128-byte region [ffff8881028ba200, ffff8881028ba280) [ 11.620967] [ 11.621063] The buggy address belongs to the physical page: [ 11.621276] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028ba [ 11.621624] flags: 0x200000000000000(node=0|zone=2) [ 11.621858] page_type: f5(slab) [ 11.622020] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.622329] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.622696] page dumped because: kasan: bad access detected [ 11.622919] [ 11.623011] Memory state around the buggy address: [ 11.623206] ffff8881028ba100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.623559] ffff8881028ba180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.623829] >ffff8881028ba200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.624105] ^ [ 11.624270] ffff8881028ba280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.624561] ffff8881028ba300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.624838] ================================================================== [ 11.572734] ================================================================== [ 11.573860] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 11.574082] Read of size 1 at addr ffff8881028ba200 by task kunit_try_catch/216 [ 11.575025] [ 11.575279] CPU: 1 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 11.575329] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.575463] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.575488] Call Trace: [ 11.575501] <TASK> [ 11.575518] dump_stack_lvl+0x73/0xb0 [ 11.575558] print_report+0xd1/0x610 [ 11.575581] ? __virt_addr_valid+0x1db/0x2d0 [ 11.575607] ? ksize_uaf+0x19d/0x6c0 [ 11.575627] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.575649] ? ksize_uaf+0x19d/0x6c0 [ 11.575669] kasan_report+0x141/0x180 [ 11.575691] ? ksize_uaf+0x19d/0x6c0 [ 11.575715] ? ksize_uaf+0x19d/0x6c0 [ 11.575735] __kasan_check_byte+0x3d/0x50 [ 11.575756] ksize+0x20/0x60 [ 11.575779] ksize_uaf+0x19d/0x6c0 [ 11.575799] ? __pfx_ksize_uaf+0x10/0x10 [ 11.575820] ? __schedule+0x10c6/0x2b60 [ 11.575843] ? __pfx_read_tsc+0x10/0x10 [ 11.575862] ? ktime_get_ts64+0x86/0x230 [ 11.575886] kunit_try_run_case+0x1a5/0x480 [ 11.575906] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.575924] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.575944] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.575967] ? __kthread_parkme+0x82/0x180 [ 11.575988] ? preempt_count_sub+0x50/0x80 [ 11.576011] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.576031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.576053] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.576075] kthread+0x337/0x6f0 [ 11.576091] ? trace_preempt_on+0x20/0xc0 [ 11.576113] ? __pfx_kthread+0x10/0x10 [ 11.576130] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.576151] ? calculate_sigpending+0x7b/0xa0 [ 11.576172] ? __pfx_kthread+0x10/0x10 [ 11.576190] ret_from_fork+0x41/0x80 [ 11.576209] ? __pfx_kthread+0x10/0x10 [ 11.576275] ret_from_fork_asm+0x1a/0x30 [ 11.576318] </TASK> [ 11.576329] [ 11.589106] Allocated by task 216: [ 11.589340] kasan_save_stack+0x45/0x70 [ 11.589723] kasan_save_track+0x18/0x40 [ 11.590099] kasan_save_alloc_info+0x3b/0x50 [ 11.590520] __kasan_kmalloc+0xb7/0xc0 [ 11.590872] __kmalloc_cache_noprof+0x189/0x420 [ 11.591189] ksize_uaf+0xaa/0x6c0 [ 11.591504] kunit_try_run_case+0x1a5/0x480 [ 11.591771] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.592168] kthread+0x337/0x6f0 [ 11.592295] ret_from_fork+0x41/0x80 [ 11.592499] ret_from_fork_asm+0x1a/0x30 [ 11.592885] [ 11.593059] Freed by task 216: [ 11.593369] kasan_save_stack+0x45/0x70 [ 11.593754] kasan_save_track+0x18/0x40 [ 11.594122] kasan_save_free_info+0x3f/0x60 [ 11.594535] __kasan_slab_free+0x56/0x70 [ 11.594899] kfree+0x222/0x3f0 [ 11.595087] ksize_uaf+0x12c/0x6c0 [ 11.595433] kunit_try_run_case+0x1a5/0x480 [ 11.595794] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.596151] kthread+0x337/0x6f0 [ 11.596463] ret_from_fork+0x41/0x80 [ 11.596594] ret_from_fork_asm+0x1a/0x30 [ 11.596730] [ 11.596799] The buggy address belongs to the object at ffff8881028ba200 [ 11.596799] which belongs to the cache kmalloc-128 of size 128 [ 11.597163] The buggy address is located 0 bytes inside of [ 11.597163] freed 128-byte region [ffff8881028ba200, ffff8881028ba280) [ 11.598202] [ 11.598399] The buggy address belongs to the physical page: [ 11.598914] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028ba [ 11.599652] flags: 0x200000000000000(node=0|zone=2) [ 11.600090] page_type: f5(slab) [ 11.600310] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.601074] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.601564] page dumped because: kasan: bad access detected [ 11.602057] [ 11.602130] Memory state around the buggy address: [ 11.602596] ffff8881028ba100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.602813] ffff8881028ba180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.603028] >ffff8881028ba200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.603249] ^ [ 11.603380] ffff8881028ba280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.603792] ffff8881028ba300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.604509] ================================================================== [ 11.625848] ================================================================== [ 11.626428] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 11.627044] Read of size 1 at addr ffff8881028ba278 by task kunit_try_catch/216 [ 11.627316] [ 11.627463] CPU: 1 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 11.627504] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.627515] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.627534] Call Trace: [ 11.627550] <TASK> [ 11.627565] dump_stack_lvl+0x73/0xb0 [ 11.627590] print_report+0xd1/0x610 [ 11.627611] ? __virt_addr_valid+0x1db/0x2d0 [ 11.627631] ? ksize_uaf+0x5e4/0x6c0 [ 11.627651] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.627672] ? ksize_uaf+0x5e4/0x6c0 [ 11.627693] kasan_report+0x141/0x180 [ 11.627714] ? ksize_uaf+0x5e4/0x6c0 [ 11.627739] __asan_report_load1_noabort+0x18/0x20 [ 11.627759] ksize_uaf+0x5e4/0x6c0 [ 11.627779] ? __pfx_ksize_uaf+0x10/0x10 [ 11.627801] ? __schedule+0x10c6/0x2b60 [ 11.627824] ? __pfx_read_tsc+0x10/0x10 [ 11.627843] ? ktime_get_ts64+0x86/0x230 [ 11.627867] kunit_try_run_case+0x1a5/0x480 [ 11.627887] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.627905] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.627924] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.627947] ? __kthread_parkme+0x82/0x180 [ 11.627968] ? preempt_count_sub+0x50/0x80 [ 11.627992] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.628011] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.628033] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.628055] kthread+0x337/0x6f0 [ 11.628071] ? trace_preempt_on+0x20/0xc0 [ 11.628094] ? __pfx_kthread+0x10/0x10 [ 11.628111] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.628132] ? calculate_sigpending+0x7b/0xa0 [ 11.628153] ? __pfx_kthread+0x10/0x10 [ 11.628170] ret_from_fork+0x41/0x80 [ 11.628191] ? __pfx_kthread+0x10/0x10 [ 11.628208] ret_from_fork_asm+0x1a/0x30 [ 11.628248] </TASK> [ 11.628257] [ 11.635016] Allocated by task 216: [ 11.635147] kasan_save_stack+0x45/0x70 [ 11.635299] kasan_save_track+0x18/0x40 [ 11.636288] kasan_save_alloc_info+0x3b/0x50 [ 11.636818] __kasan_kmalloc+0xb7/0xc0 [ 11.637022] __kmalloc_cache_noprof+0x189/0x420 [ 11.637251] ksize_uaf+0xaa/0x6c0 [ 11.637449] kunit_try_run_case+0x1a5/0x480 [ 11.637618] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.637844] kthread+0x337/0x6f0 [ 11.638002] ret_from_fork+0x41/0x80 [ 11.638175] ret_from_fork_asm+0x1a/0x30 [ 11.639215] [ 11.639307] Freed by task 216: [ 11.639879] kasan_save_stack+0x45/0x70 [ 11.640509] kasan_save_track+0x18/0x40 [ 11.640948] kasan_save_free_info+0x3f/0x60 [ 11.641312] __kasan_slab_free+0x56/0x70 [ 11.641898] kfree+0x222/0x3f0 [ 11.642308] ksize_uaf+0x12c/0x6c0 [ 11.642643] kunit_try_run_case+0x1a5/0x480 [ 11.642801] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.642968] kthread+0x337/0x6f0 [ 11.643082] ret_from_fork+0x41/0x80 [ 11.643205] ret_from_fork_asm+0x1a/0x30 [ 11.643983] [ 11.644297] The buggy address belongs to the object at ffff8881028ba200 [ 11.644297] which belongs to the cache kmalloc-128 of size 128 [ 11.645752] The buggy address is located 120 bytes inside of [ 11.645752] freed 128-byte region [ffff8881028ba200, ffff8881028ba280) [ 11.646998] [ 11.647078] The buggy address belongs to the physical page: [ 11.647534] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028ba [ 11.648503] flags: 0x200000000000000(node=0|zone=2) [ 11.649094] page_type: f5(slab) [ 11.649275] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.649715] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.649935] page dumped because: kasan: bad access detected [ 11.650099] [ 11.650165] Memory state around the buggy address: [ 11.650326] ffff8881028ba100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.651005] ffff8881028ba180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.651647] >ffff8881028ba200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.652255] ^ [ 11.652866] ffff8881028ba280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.653506] ffff8881028ba300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.654019] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 11.547181] ================================================================== [ 11.547524] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.547912] Read of size 1 at addr ffff8881028ba17f by task kunit_try_catch/214 [ 11.548391] [ 11.548537] CPU: 1 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 11.548596] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.548606] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.548625] Call Trace: [ 11.548636] <TASK> [ 11.548650] dump_stack_lvl+0x73/0xb0 [ 11.548694] print_report+0xd1/0x610 [ 11.548762] ? __virt_addr_valid+0x1db/0x2d0 [ 11.548785] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.548805] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.548830] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.548851] kasan_report+0x141/0x180 [ 11.548874] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.548898] __asan_report_load1_noabort+0x18/0x20 [ 11.548923] ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.548943] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 11.548961] ? finish_task_switch.isra.0+0x153/0x700 [ 11.548983] ? __switch_to+0x5d9/0xf60 [ 11.549002] ? dequeue_task_fair+0x166/0x4e0 [ 11.549025] ? __schedule+0x10c6/0x2b60 [ 11.549049] ? __pfx_read_tsc+0x10/0x10 [ 11.549070] ? ktime_get_ts64+0x86/0x230 [ 11.549118] kunit_try_run_case+0x1a5/0x480 [ 11.549140] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.549158] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.549179] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.549233] ? __kthread_parkme+0x82/0x180 [ 11.549254] ? preempt_count_sub+0x50/0x80 [ 11.549278] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.549298] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.549320] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.549343] kthread+0x337/0x6f0 [ 11.549359] ? trace_preempt_on+0x20/0xc0 [ 11.549381] ? __pfx_kthread+0x10/0x10 [ 11.549398] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.549420] ? calculate_sigpending+0x7b/0xa0 [ 11.549441] ? __pfx_kthread+0x10/0x10 [ 11.549458] ret_from_fork+0x41/0x80 [ 11.549494] ? __pfx_kthread+0x10/0x10 [ 11.549512] ret_from_fork_asm+0x1a/0x30 [ 11.549556] </TASK> [ 11.549566] [ 11.558261] Allocated by task 214: [ 11.558462] kasan_save_stack+0x45/0x70 [ 11.558794] kasan_save_track+0x18/0x40 [ 11.558992] kasan_save_alloc_info+0x3b/0x50 [ 11.559201] __kasan_kmalloc+0xb7/0xc0 [ 11.559396] __kmalloc_cache_noprof+0x189/0x420 [ 11.559749] ksize_unpoisons_memory+0xc7/0x9b0 [ 11.559952] kunit_try_run_case+0x1a5/0x480 [ 11.560177] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.560415] kthread+0x337/0x6f0 [ 11.560545] ret_from_fork+0x41/0x80 [ 11.560753] ret_from_fork_asm+0x1a/0x30 [ 11.560977] [ 11.561089] The buggy address belongs to the object at ffff8881028ba100 [ 11.561089] which belongs to the cache kmalloc-128 of size 128 [ 11.561647] The buggy address is located 12 bytes to the right of [ 11.561647] allocated 115-byte region [ffff8881028ba100, ffff8881028ba173) [ 11.562326] [ 11.562397] The buggy address belongs to the physical page: [ 11.562569] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028ba [ 11.562813] flags: 0x200000000000000(node=0|zone=2) [ 11.563336] page_type: f5(slab) [ 11.563657] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.564238] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.564939] page dumped because: kasan: bad access detected [ 11.565209] [ 11.565305] Memory state around the buggy address: [ 11.565764] ffff8881028ba000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.566002] ffff8881028ba080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.566218] >ffff8881028ba100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.566438] ^ [ 11.567062] ffff8881028ba180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.567391] ffff8881028ba200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.567752] ================================================================== [ 11.503491] ================================================================== [ 11.503962] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 11.504204] Read of size 1 at addr ffff8881028ba173 by task kunit_try_catch/214 [ 11.504438] [ 11.504529] CPU: 1 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 11.504573] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.504584] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.504605] Call Trace: [ 11.504617] <TASK> [ 11.504634] dump_stack_lvl+0x73/0xb0 [ 11.504658] print_report+0xd1/0x610 [ 11.504679] ? __virt_addr_valid+0x1db/0x2d0 [ 11.504700] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 11.504718] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.504740] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 11.504758] kasan_report+0x141/0x180 [ 11.504780] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 11.504803] __asan_report_load1_noabort+0x18/0x20 [ 11.504822] ksize_unpoisons_memory+0x81c/0x9b0 [ 11.504841] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 11.504859] ? finish_task_switch.isra.0+0x153/0x700 [ 11.504882] ? __switch_to+0x5d9/0xf60 [ 11.504902] ? dequeue_task_fair+0x166/0x4e0 [ 11.504930] ? __schedule+0x10c6/0x2b60 [ 11.504952] ? __pfx_read_tsc+0x10/0x10 [ 11.504970] ? ktime_get_ts64+0x86/0x230 [ 11.504994] kunit_try_run_case+0x1a5/0x480 [ 11.505014] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.505032] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.505051] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.505074] ? __kthread_parkme+0x82/0x180 [ 11.505096] ? preempt_count_sub+0x50/0x80 [ 11.505119] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.505138] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.505160] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.505182] kthread+0x337/0x6f0 [ 11.505198] ? trace_preempt_on+0x20/0xc0 [ 11.505220] ? __pfx_kthread+0x10/0x10 [ 11.505814] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.505839] ? calculate_sigpending+0x7b/0xa0 [ 11.505861] ? __pfx_kthread+0x10/0x10 [ 11.505881] ret_from_fork+0x41/0x80 [ 11.505901] ? __pfx_kthread+0x10/0x10 [ 11.505918] ret_from_fork_asm+0x1a/0x30 [ 11.505949] </TASK> [ 11.505960] [ 11.514430] Allocated by task 214: [ 11.514618] kasan_save_stack+0x45/0x70 [ 11.514922] kasan_save_track+0x18/0x40 [ 11.515122] kasan_save_alloc_info+0x3b/0x50 [ 11.515348] __kasan_kmalloc+0xb7/0xc0 [ 11.515542] __kmalloc_cache_noprof+0x189/0x420 [ 11.515764] ksize_unpoisons_memory+0xc7/0x9b0 [ 11.515980] kunit_try_run_case+0x1a5/0x480 [ 11.516144] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.516327] kthread+0x337/0x6f0 [ 11.516691] ret_from_fork+0x41/0x80 [ 11.516909] ret_from_fork_asm+0x1a/0x30 [ 11.517113] [ 11.517183] The buggy address belongs to the object at ffff8881028ba100 [ 11.517183] which belongs to the cache kmalloc-128 of size 128 [ 11.519055] The buggy address is located 0 bytes to the right of [ 11.519055] allocated 115-byte region [ffff8881028ba100, ffff8881028ba173) [ 11.519821] [ 11.519921] The buggy address belongs to the physical page: [ 11.520124] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028ba [ 11.520427] flags: 0x200000000000000(node=0|zone=2) [ 11.520670] page_type: f5(slab) [ 11.520820] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.521130] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.521526] page dumped because: kasan: bad access detected [ 11.521839] [ 11.521914] Memory state around the buggy address: [ 11.522118] ffff8881028ba000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.522450] ffff8881028ba080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.522892] >ffff8881028ba100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.523153] ^ [ 11.523503] ffff8881028ba180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.523815] ffff8881028ba200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.524101] ================================================================== [ 11.524777] ================================================================== [ 11.525094] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.525797] Read of size 1 at addr ffff8881028ba178 by task kunit_try_catch/214 [ 11.526120] [ 11.526242] CPU: 1 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 11.526285] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.526296] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.526316] Call Trace: [ 11.526328] <TASK> [ 11.526342] dump_stack_lvl+0x73/0xb0 [ 11.526369] print_report+0xd1/0x610 [ 11.526390] ? __virt_addr_valid+0x1db/0x2d0 [ 11.526411] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.526429] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.526451] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.526469] kasan_report+0x141/0x180 [ 11.526491] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.526515] __asan_report_load1_noabort+0x18/0x20 [ 11.526535] ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.526555] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 11.526573] ? finish_task_switch.isra.0+0x153/0x700 [ 11.526595] ? __switch_to+0x5d9/0xf60 [ 11.526614] ? dequeue_task_fair+0x166/0x4e0 [ 11.526638] ? __schedule+0x10c6/0x2b60 [ 11.526987] ? __pfx_read_tsc+0x10/0x10 [ 11.527014] ? ktime_get_ts64+0x86/0x230 [ 11.527040] kunit_try_run_case+0x1a5/0x480 [ 11.527060] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.527078] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.527098] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.527122] ? __kthread_parkme+0x82/0x180 [ 11.527143] ? preempt_count_sub+0x50/0x80 [ 11.527167] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.527186] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.527208] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.527244] kthread+0x337/0x6f0 [ 11.527260] ? trace_preempt_on+0x20/0xc0 [ 11.527283] ? __pfx_kthread+0x10/0x10 [ 11.527300] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.527321] ? calculate_sigpending+0x7b/0xa0 [ 11.527342] ? __pfx_kthread+0x10/0x10 [ 11.527359] ret_from_fork+0x41/0x80 [ 11.527395] ? __pfx_kthread+0x10/0x10 [ 11.527412] ret_from_fork_asm+0x1a/0x30 [ 11.527443] </TASK> [ 11.527453] [ 11.535608] Allocated by task 214: [ 11.535740] kasan_save_stack+0x45/0x70 [ 11.535886] kasan_save_track+0x18/0x40 [ 11.536020] kasan_save_alloc_info+0x3b/0x50 [ 11.536455] __kasan_kmalloc+0xb7/0xc0 [ 11.536649] __kmalloc_cache_noprof+0x189/0x420 [ 11.536870] ksize_unpoisons_memory+0xc7/0x9b0 [ 11.537089] kunit_try_run_case+0x1a5/0x480 [ 11.537306] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.537652] kthread+0x337/0x6f0 [ 11.537850] ret_from_fork+0x41/0x80 [ 11.537993] ret_from_fork_asm+0x1a/0x30 [ 11.538188] [ 11.538268] The buggy address belongs to the object at ffff8881028ba100 [ 11.538268] which belongs to the cache kmalloc-128 of size 128 [ 11.539114] The buggy address is located 5 bytes to the right of [ 11.539114] allocated 115-byte region [ffff8881028ba100, ffff8881028ba173) [ 11.539818] [ 11.539911] The buggy address belongs to the physical page: [ 11.540094] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028ba [ 11.540347] flags: 0x200000000000000(node=0|zone=2) [ 11.540580] page_type: f5(slab) [ 11.541418] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.542499] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.543495] page dumped because: kasan: bad access detected [ 11.543681] [ 11.543775] Memory state around the buggy address: [ 11.544004] ffff8881028ba000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.544556] ffff8881028ba080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.544987] >ffff8881028ba100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.545197] ^ [ 11.545521] ffff8881028ba180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.546082] ffff8881028ba200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.546363] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 11.464119] ================================================================== [ 11.465298] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 11.466289] Free of addr ffff8881014ec8e0 by task kunit_try_catch/212 [ 11.467099] [ 11.467461] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 11.467632] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.467649] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.467670] Call Trace: [ 11.467697] <TASK> [ 11.467714] dump_stack_lvl+0x73/0xb0 [ 11.467787] print_report+0xd1/0x610 [ 11.467811] ? __virt_addr_valid+0x1db/0x2d0 [ 11.467845] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.467866] ? kfree_sensitive+0x2e/0x90 [ 11.467888] kasan_report_invalid_free+0x10a/0x130 [ 11.467912] ? kfree_sensitive+0x2e/0x90 [ 11.467933] ? kfree_sensitive+0x2e/0x90 [ 11.467954] check_slab_allocation+0x101/0x130 [ 11.467976] __kasan_slab_pre_free+0x28/0x40 [ 11.467997] kfree+0xf0/0x3f0 [ 11.468015] ? kfree_sensitive+0x2e/0x90 [ 11.468037] kfree_sensitive+0x2e/0x90 [ 11.468057] kmalloc_double_kzfree+0x19c/0x350 [ 11.468076] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 11.468095] ? __schedule+0x10c6/0x2b60 [ 11.468118] ? __pfx_read_tsc+0x10/0x10 [ 11.468139] ? ktime_get_ts64+0x86/0x230 [ 11.468163] kunit_try_run_case+0x1a5/0x480 [ 11.468183] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.468201] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.468221] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.468256] ? __kthread_parkme+0x82/0x180 [ 11.468276] ? preempt_count_sub+0x50/0x80 [ 11.468300] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.468320] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.468342] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.468364] kthread+0x337/0x6f0 [ 11.468380] ? trace_preempt_on+0x20/0xc0 [ 11.468403] ? __pfx_kthread+0x10/0x10 [ 11.468420] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.468441] ? calculate_sigpending+0x7b/0xa0 [ 11.468463] ? __pfx_kthread+0x10/0x10 [ 11.468481] ret_from_fork+0x41/0x80 [ 11.468501] ? __pfx_kthread+0x10/0x10 [ 11.468519] ret_from_fork_asm+0x1a/0x30 [ 11.468549] </TASK> [ 11.468559] [ 11.481784] Allocated by task 212: [ 11.482202] kasan_save_stack+0x45/0x70 [ 11.482416] kasan_save_track+0x18/0x40 [ 11.482757] kasan_save_alloc_info+0x3b/0x50 [ 11.483150] __kasan_kmalloc+0xb7/0xc0 [ 11.483296] __kmalloc_cache_noprof+0x189/0x420 [ 11.483475] kmalloc_double_kzfree+0xa9/0x350 [ 11.483926] kunit_try_run_case+0x1a5/0x480 [ 11.484377] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.484904] kthread+0x337/0x6f0 [ 11.485102] ret_from_fork+0x41/0x80 [ 11.485473] ret_from_fork_asm+0x1a/0x30 [ 11.485614] [ 11.485870] Freed by task 212: [ 11.486178] kasan_save_stack+0x45/0x70 [ 11.486462] kasan_save_track+0x18/0x40 [ 11.486742] kasan_save_free_info+0x3f/0x60 [ 11.487024] __kasan_slab_free+0x56/0x70 [ 11.487174] kfree+0x222/0x3f0 [ 11.487301] kfree_sensitive+0x67/0x90 [ 11.487585] kmalloc_double_kzfree+0x12b/0x350 [ 11.488183] kunit_try_run_case+0x1a5/0x480 [ 11.488721] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.489287] kthread+0x337/0x6f0 [ 11.489614] ret_from_fork+0x41/0x80 [ 11.490108] ret_from_fork_asm+0x1a/0x30 [ 11.490513] [ 11.490587] The buggy address belongs to the object at ffff8881014ec8e0 [ 11.490587] which belongs to the cache kmalloc-16 of size 16 [ 11.491483] The buggy address is located 0 bytes inside of [ 11.491483] 16-byte region [ffff8881014ec8e0, ffff8881014ec8f0) [ 11.492866] [ 11.492952] The buggy address belongs to the physical page: [ 11.493130] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1014ec [ 11.493425] flags: 0x200000000000000(node=0|zone=2) [ 11.493874] page_type: f5(slab) [ 11.494256] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.495267] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.496085] page dumped because: kasan: bad access detected [ 11.496717] [ 11.497038] Memory state around the buggy address: [ 11.497365] ffff8881014ec780: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 11.497946] ffff8881014ec800: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 11.498369] >ffff8881014ec880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 11.498909] ^ [ 11.499108] ffff8881014ec900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.499338] ffff8881014ec980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.499635] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 11.438607] ================================================================== [ 11.439249] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 11.439655] Read of size 1 at addr ffff8881014ec8e0 by task kunit_try_catch/212 [ 11.440163] [ 11.440343] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 11.440395] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.440407] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.440429] Call Trace: [ 11.440441] <TASK> [ 11.440489] dump_stack_lvl+0x73/0xb0 [ 11.440518] print_report+0xd1/0x610 [ 11.440542] ? __virt_addr_valid+0x1db/0x2d0 [ 11.440563] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.440582] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.440603] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.440622] kasan_report+0x141/0x180 [ 11.440644] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.440729] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.440754] __kasan_check_byte+0x3d/0x50 [ 11.440777] kfree_sensitive+0x22/0x90 [ 11.440800] kmalloc_double_kzfree+0x19c/0x350 [ 11.440819] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 11.440839] ? __schedule+0x10c6/0x2b60 [ 11.440864] ? __pfx_read_tsc+0x10/0x10 [ 11.440884] ? ktime_get_ts64+0x86/0x230 [ 11.440910] kunit_try_run_case+0x1a5/0x480 [ 11.440936] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.440955] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.440975] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.440999] ? __kthread_parkme+0x82/0x180 [ 11.441020] ? preempt_count_sub+0x50/0x80 [ 11.441045] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.441065] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.441087] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.441109] kthread+0x337/0x6f0 [ 11.441125] ? trace_preempt_on+0x20/0xc0 [ 11.441148] ? __pfx_kthread+0x10/0x10 [ 11.441165] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.441187] ? calculate_sigpending+0x7b/0xa0 [ 11.441208] ? __pfx_kthread+0x10/0x10 [ 11.441236] ret_from_fork+0x41/0x80 [ 11.441257] ? __pfx_kthread+0x10/0x10 [ 11.441274] ret_from_fork_asm+0x1a/0x30 [ 11.441305] </TASK> [ 11.441316] [ 11.450051] Allocated by task 212: [ 11.450279] kasan_save_stack+0x45/0x70 [ 11.450501] kasan_save_track+0x18/0x40 [ 11.450758] kasan_save_alloc_info+0x3b/0x50 [ 11.450971] __kasan_kmalloc+0xb7/0xc0 [ 11.451188] __kmalloc_cache_noprof+0x189/0x420 [ 11.451437] kmalloc_double_kzfree+0xa9/0x350 [ 11.451646] kunit_try_run_case+0x1a5/0x480 [ 11.451791] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.451993] kthread+0x337/0x6f0 [ 11.452305] ret_from_fork+0x41/0x80 [ 11.452493] ret_from_fork_asm+0x1a/0x30 [ 11.452691] [ 11.452790] Freed by task 212: [ 11.452950] kasan_save_stack+0x45/0x70 [ 11.453118] kasan_save_track+0x18/0x40 [ 11.453318] kasan_save_free_info+0x3f/0x60 [ 11.453838] __kasan_slab_free+0x56/0x70 [ 11.454007] kfree+0x222/0x3f0 [ 11.454119] kfree_sensitive+0x67/0x90 [ 11.454262] kmalloc_double_kzfree+0x12b/0x350 [ 11.454554] kunit_try_run_case+0x1a5/0x480 [ 11.454997] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.455278] kthread+0x337/0x6f0 [ 11.455495] ret_from_fork+0x41/0x80 [ 11.455654] ret_from_fork_asm+0x1a/0x30 [ 11.455914] [ 11.456075] The buggy address belongs to the object at ffff8881014ec8e0 [ 11.456075] which belongs to the cache kmalloc-16 of size 16 [ 11.456675] The buggy address is located 0 bytes inside of [ 11.456675] freed 16-byte region [ffff8881014ec8e0, ffff8881014ec8f0) [ 11.457360] [ 11.457472] The buggy address belongs to the physical page: [ 11.457701] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1014ec [ 11.457936] flags: 0x200000000000000(node=0|zone=2) [ 11.458095] page_type: f5(slab) [ 11.458215] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.458930] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.459319] page dumped because: kasan: bad access detected [ 11.459833] [ 11.459923] Memory state around the buggy address: [ 11.460185] ffff8881014ec780: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 11.460571] ffff8881014ec800: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 11.460853] >ffff8881014ec880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 11.461062] ^ [ 11.461275] ffff8881014ec900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.462088] ffff8881014ec980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.462750] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 11.408248] ================================================================== [ 11.408698] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 11.409406] Read of size 1 at addr ffff888103075ea8 by task kunit_try_catch/208 [ 11.410279] [ 11.410523] CPU: 0 UID: 0 PID: 208 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 11.410571] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.410582] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.410604] Call Trace: [ 11.410619] <TASK> [ 11.410638] dump_stack_lvl+0x73/0xb0 [ 11.410740] print_report+0xd1/0x610 [ 11.410769] ? __virt_addr_valid+0x1db/0x2d0 [ 11.410791] ? kmalloc_uaf2+0x4a8/0x520 [ 11.410811] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.410833] ? kmalloc_uaf2+0x4a8/0x520 [ 11.410888] kasan_report+0x141/0x180 [ 11.410910] ? kmalloc_uaf2+0x4a8/0x520 [ 11.410935] __asan_report_load1_noabort+0x18/0x20 [ 11.410955] kmalloc_uaf2+0x4a8/0x520 [ 11.410975] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 11.410994] ? finish_task_switch.isra.0+0x153/0x700 [ 11.411019] ? __switch_to+0x5d9/0xf60 [ 11.411066] ? dequeue_task_fair+0x166/0x4e0 [ 11.411092] ? __schedule+0x10c6/0x2b60 [ 11.411117] ? __pfx_read_tsc+0x10/0x10 [ 11.411137] ? ktime_get_ts64+0x86/0x230 [ 11.411162] kunit_try_run_case+0x1a5/0x480 [ 11.411183] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.411201] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.411232] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.411256] ? __kthread_parkme+0x82/0x180 [ 11.411278] ? preempt_count_sub+0x50/0x80 [ 11.411302] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.411321] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.411343] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.411365] kthread+0x337/0x6f0 [ 11.411382] ? trace_preempt_on+0x20/0xc0 [ 11.411405] ? __pfx_kthread+0x10/0x10 [ 11.411422] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.411444] ? calculate_sigpending+0x7b/0xa0 [ 11.411466] ? __pfx_kthread+0x10/0x10 [ 11.411483] ret_from_fork+0x41/0x80 [ 11.411503] ? __pfx_kthread+0x10/0x10 [ 11.411520] ret_from_fork_asm+0x1a/0x30 [ 11.411552] </TASK> [ 11.411563] [ 11.419472] Allocated by task 208: [ 11.419740] kasan_save_stack+0x45/0x70 [ 11.419974] kasan_save_track+0x18/0x40 [ 11.420173] kasan_save_alloc_info+0x3b/0x50 [ 11.420450] __kasan_kmalloc+0xb7/0xc0 [ 11.420590] __kmalloc_cache_noprof+0x189/0x420 [ 11.421027] kmalloc_uaf2+0xc6/0x520 [ 11.421259] kunit_try_run_case+0x1a5/0x480 [ 11.421477] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.421891] kthread+0x337/0x6f0 [ 11.422090] ret_from_fork+0x41/0x80 [ 11.422309] ret_from_fork_asm+0x1a/0x30 [ 11.422586] [ 11.422753] Freed by task 208: [ 11.422863] kasan_save_stack+0x45/0x70 [ 11.422998] kasan_save_track+0x18/0x40 [ 11.423129] kasan_save_free_info+0x3f/0x60 [ 11.423345] __kasan_slab_free+0x56/0x70 [ 11.423537] kfree+0x222/0x3f0 [ 11.423696] kmalloc_uaf2+0x14c/0x520 [ 11.423883] kunit_try_run_case+0x1a5/0x480 [ 11.424051] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.424219] kthread+0x337/0x6f0 [ 11.424341] ret_from_fork+0x41/0x80 [ 11.424525] ret_from_fork_asm+0x1a/0x30 [ 11.424720] [ 11.424812] The buggy address belongs to the object at ffff888103075e80 [ 11.424812] which belongs to the cache kmalloc-64 of size 64 [ 11.425517] The buggy address is located 40 bytes inside of [ 11.425517] freed 64-byte region [ffff888103075e80, ffff888103075ec0) [ 11.426177] [ 11.426297] The buggy address belongs to the physical page: [ 11.426574] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103075 [ 11.426810] flags: 0x200000000000000(node=0|zone=2) [ 11.426969] page_type: f5(slab) [ 11.427088] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.427321] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.427786] page dumped because: kasan: bad access detected [ 11.428103] [ 11.428233] Memory state around the buggy address: [ 11.428514] ffff888103075d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.429076] ffff888103075e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.429980] >ffff888103075e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.431101] ^ [ 11.431279] ffff888103075f00: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 11.432088] ffff888103075f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.432827] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 11.376024] ================================================================== [ 11.376557] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 11.376893] Write of size 33 at addr ffff8881028bc400 by task kunit_try_catch/206 [ 11.377212] [ 11.377315] CPU: 1 UID: 0 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 11.377635] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.377650] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.377673] Call Trace: [ 11.377686] <TASK> [ 11.377703] dump_stack_lvl+0x73/0xb0 [ 11.377730] print_report+0xd1/0x610 [ 11.377752] ? __virt_addr_valid+0x1db/0x2d0 [ 11.377774] ? kmalloc_uaf_memset+0x1a3/0x360 [ 11.377813] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.377836] ? kmalloc_uaf_memset+0x1a3/0x360 [ 11.377857] kasan_report+0x141/0x180 [ 11.377879] ? kmalloc_uaf_memset+0x1a3/0x360 [ 11.378008] kasan_check_range+0x10c/0x1c0 [ 11.378029] __asan_memset+0x27/0x50 [ 11.378048] kmalloc_uaf_memset+0x1a3/0x360 [ 11.378069] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 11.378092] ? __schedule+0x10c6/0x2b60 [ 11.378117] ? __pfx_read_tsc+0x10/0x10 [ 11.378137] ? ktime_get_ts64+0x86/0x230 [ 11.378162] kunit_try_run_case+0x1a5/0x480 [ 11.378183] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.378201] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.378221] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.378258] ? __kthread_parkme+0x82/0x180 [ 11.378280] ? preempt_count_sub+0x50/0x80 [ 11.378304] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.378324] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.378346] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.378382] kthread+0x337/0x6f0 [ 11.378398] ? trace_preempt_on+0x20/0xc0 [ 11.378421] ? __pfx_kthread+0x10/0x10 [ 11.378438] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.378461] ? calculate_sigpending+0x7b/0xa0 [ 11.378482] ? __pfx_kthread+0x10/0x10 [ 11.378501] ret_from_fork+0x41/0x80 [ 11.378521] ? __pfx_kthread+0x10/0x10 [ 11.378539] ret_from_fork_asm+0x1a/0x30 [ 11.378570] </TASK> [ 11.378581] [ 11.388624] Allocated by task 206: [ 11.389085] kasan_save_stack+0x45/0x70 [ 11.389304] kasan_save_track+0x18/0x40 [ 11.389507] kasan_save_alloc_info+0x3b/0x50 [ 11.389914] __kasan_kmalloc+0xb7/0xc0 [ 11.390091] __kmalloc_cache_noprof+0x189/0x420 [ 11.390303] kmalloc_uaf_memset+0xa9/0x360 [ 11.390850] kunit_try_run_case+0x1a5/0x480 [ 11.391146] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.391481] kthread+0x337/0x6f0 [ 11.391705] ret_from_fork+0x41/0x80 [ 11.391951] ret_from_fork_asm+0x1a/0x30 [ 11.392144] [ 11.392216] Freed by task 206: [ 11.392400] kasan_save_stack+0x45/0x70 [ 11.392576] kasan_save_track+0x18/0x40 [ 11.392724] kasan_save_free_info+0x3f/0x60 [ 11.392939] __kasan_slab_free+0x56/0x70 [ 11.393125] kfree+0x222/0x3f0 [ 11.393740] kmalloc_uaf_memset+0x12b/0x360 [ 11.393900] kunit_try_run_case+0x1a5/0x480 [ 11.394508] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.394831] kthread+0x337/0x6f0 [ 11.395146] ret_from_fork+0x41/0x80 [ 11.395335] ret_from_fork_asm+0x1a/0x30 [ 11.395722] [ 11.395815] The buggy address belongs to the object at ffff8881028bc400 [ 11.395815] which belongs to the cache kmalloc-64 of size 64 [ 11.396476] The buggy address is located 0 bytes inside of [ 11.396476] freed 64-byte region [ffff8881028bc400, ffff8881028bc440) [ 11.397184] [ 11.397300] The buggy address belongs to the physical page: [ 11.397988] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028bc [ 11.398325] flags: 0x200000000000000(node=0|zone=2) [ 11.398562] page_type: f5(slab) [ 11.398976] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.399392] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.399804] page dumped because: kasan: bad access detected [ 11.400112] [ 11.400191] Memory state around the buggy address: [ 11.400397] ffff8881028bc300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.400861] ffff8881028bc380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.401291] >ffff8881028bc400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.402060] ^ [ 11.402392] ffff8881028bc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.402975] ffff8881028bc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.403619] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 11.345114] ================================================================== [ 11.346416] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 11.347511] Read of size 1 at addr ffff8881014ec8c8 by task kunit_try_catch/204 [ 11.348059] [ 11.348171] CPU: 0 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 11.348423] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.348435] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.348456] Call Trace: [ 11.348469] <TASK> [ 11.348486] dump_stack_lvl+0x73/0xb0 [ 11.348514] print_report+0xd1/0x610 [ 11.348537] ? __virt_addr_valid+0x1db/0x2d0 [ 11.348560] ? kmalloc_uaf+0x320/0x380 [ 11.348580] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.348602] ? kmalloc_uaf+0x320/0x380 [ 11.348622] kasan_report+0x141/0x180 [ 11.348644] ? kmalloc_uaf+0x320/0x380 [ 11.348669] __asan_report_load1_noabort+0x18/0x20 [ 11.348691] kmalloc_uaf+0x320/0x380 [ 11.348710] ? __pfx_kmalloc_uaf+0x10/0x10 [ 11.348731] ? __schedule+0x10c6/0x2b60 [ 11.348754] ? __pfx_read_tsc+0x10/0x10 [ 11.348774] ? ktime_get_ts64+0x86/0x230 [ 11.348800] kunit_try_run_case+0x1a5/0x480 [ 11.348821] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.348839] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.348860] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.348883] ? __kthread_parkme+0x82/0x180 [ 11.348904] ? preempt_count_sub+0x50/0x80 [ 11.348935] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.348954] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.348976] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.348999] kthread+0x337/0x6f0 [ 11.349015] ? trace_preempt_on+0x20/0xc0 [ 11.349038] ? __pfx_kthread+0x10/0x10 [ 11.349056] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.349077] ? calculate_sigpending+0x7b/0xa0 [ 11.349098] ? __pfx_kthread+0x10/0x10 [ 11.349116] ret_from_fork+0x41/0x80 [ 11.349136] ? __pfx_kthread+0x10/0x10 [ 11.349154] ret_from_fork_asm+0x1a/0x30 [ 11.349185] </TASK> [ 11.349196] [ 11.358562] Allocated by task 204: [ 11.358811] kasan_save_stack+0x45/0x70 [ 11.359008] kasan_save_track+0x18/0x40 [ 11.359177] kasan_save_alloc_info+0x3b/0x50 [ 11.359884] __kasan_kmalloc+0xb7/0xc0 [ 11.360069] __kmalloc_cache_noprof+0x189/0x420 [ 11.360245] kmalloc_uaf+0xaa/0x380 [ 11.360451] kunit_try_run_case+0x1a5/0x480 [ 11.360944] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.361176] kthread+0x337/0x6f0 [ 11.361492] ret_from_fork+0x41/0x80 [ 11.361652] ret_from_fork_asm+0x1a/0x30 [ 11.362023] [ 11.362124] Freed by task 204: [ 11.362256] kasan_save_stack+0x45/0x70 [ 11.362588] kasan_save_track+0x18/0x40 [ 11.362948] kasan_save_free_info+0x3f/0x60 [ 11.363121] __kasan_slab_free+0x56/0x70 [ 11.363459] kfree+0x222/0x3f0 [ 11.363627] kmalloc_uaf+0x12c/0x380 [ 11.363778] kunit_try_run_case+0x1a5/0x480 [ 11.364145] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.364435] kthread+0x337/0x6f0 [ 11.364574] ret_from_fork+0x41/0x80 [ 11.364744] ret_from_fork_asm+0x1a/0x30 [ 11.364948] [ 11.365019] The buggy address belongs to the object at ffff8881014ec8c0 [ 11.365019] which belongs to the cache kmalloc-16 of size 16 [ 11.365971] The buggy address is located 8 bytes inside of [ 11.365971] freed 16-byte region [ffff8881014ec8c0, ffff8881014ec8d0) [ 11.366519] [ 11.366660] The buggy address belongs to the physical page: [ 11.367114] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1014ec [ 11.367654] flags: 0x200000000000000(node=0|zone=2) [ 11.368076] page_type: f5(slab) [ 11.368270] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.368708] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.369156] page dumped because: kasan: bad access detected [ 11.369348] [ 11.369450] Memory state around the buggy address: [ 11.369946] ffff8881014ec780: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 11.370272] ffff8881014ec800: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 11.370786] >ffff8881014ec880: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 11.371087] ^ [ 11.371466] ffff8881014ec900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.371871] ffff8881014ec980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.372275] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 47.344635] ================================================================== [ 47.345036] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 47.345036] [ 47.345386] Use-after-free read at 0x(____ptrval____) (in kfence-#131): [ 47.346097] test_krealloc+0x6fc/0xbe0 [ 47.346372] kunit_try_run_case+0x1a5/0x480 [ 47.346589] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 47.346839] kthread+0x337/0x6f0 [ 47.347008] ret_from_fork+0x41/0x80 [ 47.347167] ret_from_fork_asm+0x1a/0x30 [ 47.347828] [ 47.347918] kfence-#131: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 47.347918] [ 47.348443] allocated by task 357 on cpu 1 at 47.343971s (0.004470s ago): [ 47.348924] test_alloc+0x364/0x10f0 [ 47.349103] test_krealloc+0xad/0xbe0 [ 47.349283] kunit_try_run_case+0x1a5/0x480 [ 47.349472] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 47.349692] kthread+0x337/0x6f0 [ 47.349835] ret_from_fork+0x41/0x80 [ 47.350007] ret_from_fork_asm+0x1a/0x30 [ 47.350169] [ 47.350268] freed by task 357 on cpu 1 at 47.344262s (0.006003s ago): [ 47.351012] krealloc_noprof+0x108/0x340 [ 47.351168] test_krealloc+0x226/0xbe0 [ 47.351371] kunit_try_run_case+0x1a5/0x480 [ 47.351791] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 47.352108] kthread+0x337/0x6f0 [ 47.352340] ret_from_fork+0x41/0x80 [ 47.352495] ret_from_fork_asm+0x1a/0x30 [ 47.352701] [ 47.352992] CPU: 1 UID: 0 PID: 357 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 47.353537] Tainted: [B]=BAD_PAGE, [N]=TEST [ 47.353797] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 47.354253] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 11.313982] ================================================================== [ 11.315450] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.315777] Read of size 64 at addr ffff8881028bc104 by task kunit_try_catch/202 [ 11.316522] [ 11.316754] CPU: 1 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 11.316803] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.316814] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.316835] Call Trace: [ 11.316847] <TASK> [ 11.316863] dump_stack_lvl+0x73/0xb0 [ 11.316890] print_report+0xd1/0x610 [ 11.316920] ? __virt_addr_valid+0x1db/0x2d0 [ 11.316967] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.316988] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.317009] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.317029] kasan_report+0x141/0x180 [ 11.317062] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.317088] kasan_check_range+0x10c/0x1c0 [ 11.317107] __asan_memmove+0x27/0x70 [ 11.317128] kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.317148] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 11.317169] ? __schedule+0x10c6/0x2b60 [ 11.317193] ? __pfx_read_tsc+0x10/0x10 [ 11.317212] ? ktime_get_ts64+0x86/0x230 [ 11.317248] kunit_try_run_case+0x1a5/0x480 [ 11.317269] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.317286] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.317306] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.317329] ? __kthread_parkme+0x82/0x180 [ 11.317350] ? preempt_count_sub+0x50/0x80 [ 11.317375] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.317394] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.317416] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.317438] kthread+0x337/0x6f0 [ 11.317454] ? trace_preempt_on+0x20/0xc0 [ 11.317477] ? __pfx_kthread+0x10/0x10 [ 11.317494] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.317516] ? calculate_sigpending+0x7b/0xa0 [ 11.317536] ? __pfx_kthread+0x10/0x10 [ 11.317554] ret_from_fork+0x41/0x80 [ 11.317573] ? __pfx_kthread+0x10/0x10 [ 11.317590] ret_from_fork_asm+0x1a/0x30 [ 11.317620] </TASK> [ 11.317631] [ 11.327539] Allocated by task 202: [ 11.328022] kasan_save_stack+0x45/0x70 [ 11.328749] kasan_save_track+0x18/0x40 [ 11.329294] kasan_save_alloc_info+0x3b/0x50 [ 11.329950] __kasan_kmalloc+0xb7/0xc0 [ 11.330096] __kmalloc_cache_noprof+0x189/0x420 [ 11.330268] kmalloc_memmove_invalid_size+0xac/0x330 [ 11.330693] kunit_try_run_case+0x1a5/0x480 [ 11.331171] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.331607] kthread+0x337/0x6f0 [ 11.331987] ret_from_fork+0x41/0x80 [ 11.332292] ret_from_fork_asm+0x1a/0x30 [ 11.332508] [ 11.332604] The buggy address belongs to the object at ffff8881028bc100 [ 11.332604] which belongs to the cache kmalloc-64 of size 64 [ 11.333163] The buggy address is located 4 bytes inside of [ 11.333163] allocated 64-byte region [ffff8881028bc100, ffff8881028bc140) [ 11.333902] [ 11.334007] The buggy address belongs to the physical page: [ 11.334259] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028bc [ 11.334971] flags: 0x200000000000000(node=0|zone=2) [ 11.335287] page_type: f5(slab) [ 11.335602] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.335972] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.336429] page dumped because: kasan: bad access detected [ 11.337010] [ 11.337129] Memory state around the buggy address: [ 11.337521] ffff8881028bc000: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 11.338009] ffff8881028bc080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.338334] >ffff8881028bc100: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 11.338635] ^ [ 11.339262] ffff8881028bc180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.339758] ffff8881028bc200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.340119] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 11.281301] ================================================================== [ 11.282511] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 11.282989] Read of size 18446744073709551614 at addr ffff888103075d84 by task kunit_try_catch/200 [ 11.283319] [ 11.283552] CPU: 0 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 11.283616] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.283628] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.283657] Call Trace: [ 11.283670] <TASK> [ 11.283689] dump_stack_lvl+0x73/0xb0 [ 11.283741] print_report+0xd1/0x610 [ 11.283764] ? __virt_addr_valid+0x1db/0x2d0 [ 11.283799] ? kmalloc_memmove_negative_size+0x171/0x330 [ 11.283819] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.283841] ? kmalloc_memmove_negative_size+0x171/0x330 [ 11.283905] kasan_report+0x141/0x180 [ 11.283928] ? kmalloc_memmove_negative_size+0x171/0x330 [ 11.283953] kasan_check_range+0x10c/0x1c0 [ 11.283983] __asan_memmove+0x27/0x70 [ 11.284004] kmalloc_memmove_negative_size+0x171/0x330 [ 11.284026] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 11.284060] ? __schedule+0x10c6/0x2b60 [ 11.284084] ? __pfx_read_tsc+0x10/0x10 [ 11.284105] ? ktime_get_ts64+0x86/0x230 [ 11.284131] kunit_try_run_case+0x1a5/0x480 [ 11.284154] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.284172] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.284193] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.284216] ? __kthread_parkme+0x82/0x180 [ 11.284246] ? preempt_count_sub+0x50/0x80 [ 11.284272] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.284291] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.284313] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.284335] kthread+0x337/0x6f0 [ 11.284370] ? trace_preempt_on+0x20/0xc0 [ 11.284403] ? __pfx_kthread+0x10/0x10 [ 11.284420] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.284441] ? calculate_sigpending+0x7b/0xa0 [ 11.284473] ? __pfx_kthread+0x10/0x10 [ 11.284490] ret_from_fork+0x41/0x80 [ 11.284511] ? __pfx_kthread+0x10/0x10 [ 11.284528] ret_from_fork_asm+0x1a/0x30 [ 11.284559] </TASK> [ 11.284570] [ 11.296588] Allocated by task 200: [ 11.296827] kasan_save_stack+0x45/0x70 [ 11.297196] kasan_save_track+0x18/0x40 [ 11.297609] kasan_save_alloc_info+0x3b/0x50 [ 11.298169] __kasan_kmalloc+0xb7/0xc0 [ 11.298564] __kmalloc_cache_noprof+0x189/0x420 [ 11.299032] kmalloc_memmove_negative_size+0xac/0x330 [ 11.299249] kunit_try_run_case+0x1a5/0x480 [ 11.299433] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.299984] kthread+0x337/0x6f0 [ 11.300318] ret_from_fork+0x41/0x80 [ 11.300699] ret_from_fork_asm+0x1a/0x30 [ 11.301052] [ 11.301125] The buggy address belongs to the object at ffff888103075d80 [ 11.301125] which belongs to the cache kmalloc-64 of size 64 [ 11.301609] The buggy address is located 4 bytes inside of [ 11.301609] 64-byte region [ffff888103075d80, ffff888103075dc0) [ 11.302662] [ 11.302820] The buggy address belongs to the physical page: [ 11.303566] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103075 [ 11.304350] flags: 0x200000000000000(node=0|zone=2) [ 11.304615] page_type: f5(slab) [ 11.304740] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.304976] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.305200] page dumped because: kasan: bad access detected [ 11.305765] [ 11.305982] Memory state around the buggy address: [ 11.306427] ffff888103075c80: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 11.307260] ffff888103075d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.308043] >ffff888103075d80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 11.308805] ^ [ 11.309360] ffff888103075e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.309792] ffff888103075e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.310428] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 11.253541] ================================================================== [ 11.254205] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 11.254626] Write of size 16 at addr ffff8881028ba069 by task kunit_try_catch/198 [ 11.255402] [ 11.255619] CPU: 1 UID: 0 PID: 198 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 11.255670] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.255682] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.255706] Call Trace: [ 11.255719] <TASK> [ 11.255737] dump_stack_lvl+0x73/0xb0 [ 11.255769] print_report+0xd1/0x610 [ 11.255792] ? __virt_addr_valid+0x1db/0x2d0 [ 11.255910] ? kmalloc_oob_memset_16+0x166/0x330 [ 11.255937] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.255960] ? kmalloc_oob_memset_16+0x166/0x330 [ 11.255982] kasan_report+0x141/0x180 [ 11.256004] ? kmalloc_oob_memset_16+0x166/0x330 [ 11.256031] kasan_check_range+0x10c/0x1c0 [ 11.256051] __asan_memset+0x27/0x50 [ 11.256072] kmalloc_oob_memset_16+0x166/0x330 [ 11.256093] ? __kasan_check_write+0x18/0x20 [ 11.256112] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 11.256134] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.256156] ? trace_hardirqs_on+0x37/0xe0 [ 11.256181] ? __pfx_read_tsc+0x10/0x10 [ 11.256201] ? ktime_get_ts64+0x86/0x230 [ 11.256239] kunit_try_run_case+0x1a5/0x480 [ 11.256261] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.256281] ? queued_spin_lock_slowpath+0x116/0xb40 [ 11.256302] ? __kthread_parkme+0x82/0x180 [ 11.256325] ? preempt_count_sub+0x50/0x80 [ 11.256351] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.256381] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.256403] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.256426] kthread+0x337/0x6f0 [ 11.256442] ? trace_preempt_on+0x20/0xc0 [ 11.256464] ? __pfx_kthread+0x10/0x10 [ 11.256481] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.256503] ? calculate_sigpending+0x7b/0xa0 [ 11.256525] ? __pfx_kthread+0x10/0x10 [ 11.256543] ret_from_fork+0x41/0x80 [ 11.256562] ? __pfx_kthread+0x10/0x10 [ 11.256579] ret_from_fork_asm+0x1a/0x30 [ 11.256611] </TASK> [ 11.256621] [ 11.266806] Allocated by task 198: [ 11.267088] kasan_save_stack+0x45/0x70 [ 11.267358] kasan_save_track+0x18/0x40 [ 11.267620] kasan_save_alloc_info+0x3b/0x50 [ 11.267983] __kasan_kmalloc+0xb7/0xc0 [ 11.268136] __kmalloc_cache_noprof+0x189/0x420 [ 11.268549] kmalloc_oob_memset_16+0xac/0x330 [ 11.268931] kunit_try_run_case+0x1a5/0x480 [ 11.269259] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.269640] kthread+0x337/0x6f0 [ 11.269777] ret_from_fork+0x41/0x80 [ 11.270099] ret_from_fork_asm+0x1a/0x30 [ 11.270443] [ 11.270520] The buggy address belongs to the object at ffff8881028ba000 [ 11.270520] which belongs to the cache kmalloc-128 of size 128 [ 11.271020] The buggy address is located 105 bytes inside of [ 11.271020] allocated 120-byte region [ffff8881028ba000, ffff8881028ba078) [ 11.272095] [ 11.272195] The buggy address belongs to the physical page: [ 11.272611] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028ba [ 11.273025] flags: 0x200000000000000(node=0|zone=2) [ 11.273379] page_type: f5(slab) [ 11.273554] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.274186] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.274672] page dumped because: kasan: bad access detected [ 11.274918] [ 11.274996] Memory state around the buggy address: [ 11.275215] ffff8881028b9f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.275876] ffff8881028b9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.276257] >ffff8881028ba000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.276574] ^ [ 11.277045] ffff8881028ba080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.277354] ffff8881028ba100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.278116] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 11.225726] ================================================================== [ 11.226203] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 11.226539] Write of size 8 at addr ffff88810306aa71 by task kunit_try_catch/196 [ 11.227074] [ 11.227188] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 11.227245] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.227256] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.227277] Call Trace: [ 11.227290] <TASK> [ 11.227330] dump_stack_lvl+0x73/0xb0 [ 11.227356] print_report+0xd1/0x610 [ 11.227379] ? __virt_addr_valid+0x1db/0x2d0 [ 11.227400] ? kmalloc_oob_memset_8+0x166/0x330 [ 11.227421] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.227452] ? kmalloc_oob_memset_8+0x166/0x330 [ 11.227473] kasan_report+0x141/0x180 [ 11.227496] ? kmalloc_oob_memset_8+0x166/0x330 [ 11.227522] kasan_check_range+0x10c/0x1c0 [ 11.227542] __asan_memset+0x27/0x50 [ 11.227582] kmalloc_oob_memset_8+0x166/0x330 [ 11.227604] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 11.227627] ? __schedule+0x10c6/0x2b60 [ 11.227650] ? __pfx_read_tsc+0x10/0x10 [ 11.227670] ? ktime_get_ts64+0x86/0x230 [ 11.227695] kunit_try_run_case+0x1a5/0x480 [ 11.227715] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.227744] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.227766] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.227789] ? __kthread_parkme+0x82/0x180 [ 11.227810] ? preempt_count_sub+0x50/0x80 [ 11.227856] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.227876] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.227899] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.227922] kthread+0x337/0x6f0 [ 11.227938] ? trace_preempt_on+0x20/0xc0 [ 11.227961] ? __pfx_kthread+0x10/0x10 [ 11.227978] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.228000] ? calculate_sigpending+0x7b/0xa0 [ 11.228021] ? __pfx_kthread+0x10/0x10 [ 11.228057] ret_from_fork+0x41/0x80 [ 11.228077] ? __pfx_kthread+0x10/0x10 [ 11.228094] ret_from_fork_asm+0x1a/0x30 [ 11.228125] </TASK> [ 11.228135] [ 11.235914] Allocated by task 196: [ 11.236183] kasan_save_stack+0x45/0x70 [ 11.236385] kasan_save_track+0x18/0x40 [ 11.236570] kasan_save_alloc_info+0x3b/0x50 [ 11.236744] __kasan_kmalloc+0xb7/0xc0 [ 11.236875] __kmalloc_cache_noprof+0x189/0x420 [ 11.237032] kmalloc_oob_memset_8+0xac/0x330 [ 11.237337] kunit_try_run_case+0x1a5/0x480 [ 11.237615] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.237997] kthread+0x337/0x6f0 [ 11.238114] ret_from_fork+0x41/0x80 [ 11.238253] ret_from_fork_asm+0x1a/0x30 [ 11.238389] [ 11.238457] The buggy address belongs to the object at ffff88810306aa00 [ 11.238457] which belongs to the cache kmalloc-128 of size 128 [ 11.239468] The buggy address is located 113 bytes inside of [ 11.239468] allocated 120-byte region [ffff88810306aa00, ffff88810306aa78) [ 11.240046] [ 11.240117] The buggy address belongs to the physical page: [ 11.240399] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10306a [ 11.240811] flags: 0x200000000000000(node=0|zone=2) [ 11.241001] page_type: f5(slab) [ 11.241219] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.241782] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.242011] page dumped because: kasan: bad access detected [ 11.242181] [ 11.242266] Memory state around the buggy address: [ 11.242511] ffff88810306a900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.242824] ffff88810306a980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.243932] >ffff88810306aa00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.244809] ^ [ 11.245049] ffff88810306aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.245336] ffff88810306ab00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.246050] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 11.201614] ================================================================== [ 11.202121] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 11.202848] Write of size 4 at addr ffff88810306a975 by task kunit_try_catch/194 [ 11.203085] [ 11.203204] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 11.203265] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.203277] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.203322] Call Trace: [ 11.203335] <TASK> [ 11.203351] dump_stack_lvl+0x73/0xb0 [ 11.203377] print_report+0xd1/0x610 [ 11.203400] ? __virt_addr_valid+0x1db/0x2d0 [ 11.203421] ? kmalloc_oob_memset_4+0x166/0x330 [ 11.203442] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.203463] ? kmalloc_oob_memset_4+0x166/0x330 [ 11.203485] kasan_report+0x141/0x180 [ 11.203507] ? kmalloc_oob_memset_4+0x166/0x330 [ 11.203534] kasan_check_range+0x10c/0x1c0 [ 11.203553] __asan_memset+0x27/0x50 [ 11.203572] kmalloc_oob_memset_4+0x166/0x330 [ 11.203595] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 11.203630] ? __schedule+0x10c6/0x2b60 [ 11.203654] ? __pfx_read_tsc+0x10/0x10 [ 11.203674] ? ktime_get_ts64+0x86/0x230 [ 11.203700] kunit_try_run_case+0x1a5/0x480 [ 11.203720] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.203738] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.203757] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.203781] ? __kthread_parkme+0x82/0x180 [ 11.203801] ? preempt_count_sub+0x50/0x80 [ 11.203826] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.203846] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.203867] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.203890] kthread+0x337/0x6f0 [ 11.203905] ? trace_preempt_on+0x20/0xc0 [ 11.203929] ? __pfx_kthread+0x10/0x10 [ 11.203946] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.203967] ? calculate_sigpending+0x7b/0xa0 [ 11.203988] ? __pfx_kthread+0x10/0x10 [ 11.204006] ret_from_fork+0x41/0x80 [ 11.204027] ? __pfx_kthread+0x10/0x10 [ 11.204044] ret_from_fork_asm+0x1a/0x30 [ 11.204074] </TASK> [ 11.204085] [ 11.211823] Allocated by task 194: [ 11.212011] kasan_save_stack+0x45/0x70 [ 11.212218] kasan_save_track+0x18/0x40 [ 11.212625] kasan_save_alloc_info+0x3b/0x50 [ 11.212903] __kasan_kmalloc+0xb7/0xc0 [ 11.213111] __kmalloc_cache_noprof+0x189/0x420 [ 11.213294] kmalloc_oob_memset_4+0xac/0x330 [ 11.213658] kunit_try_run_case+0x1a5/0x480 [ 11.213838] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.214011] kthread+0x337/0x6f0 [ 11.214129] ret_from_fork+0x41/0x80 [ 11.214269] ret_from_fork_asm+0x1a/0x30 [ 11.214465] [ 11.214557] The buggy address belongs to the object at ffff88810306a900 [ 11.214557] which belongs to the cache kmalloc-128 of size 128 [ 11.215488] The buggy address is located 117 bytes inside of [ 11.215488] allocated 120-byte region [ffff88810306a900, ffff88810306a978) [ 11.216018] [ 11.216120] The buggy address belongs to the physical page: [ 11.216422] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10306a [ 11.216787] flags: 0x200000000000000(node=0|zone=2) [ 11.217036] page_type: f5(slab) [ 11.217205] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.217478] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.217992] page dumped because: kasan: bad access detected [ 11.218270] [ 11.218384] Memory state around the buggy address: [ 11.218583] ffff88810306a800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.219119] ffff88810306a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.219480] >ffff88810306a900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.219762] ^ [ 11.220145] ffff88810306a980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.220525] ffff88810306aa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.220895] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 47.247476] ================================================================== [ 47.248022] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 47.248022] [ 47.249020] Use-after-free read at 0x(____ptrval____) (in kfence-#130): [ 47.249252] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 47.249445] kunit_try_run_case+0x1a5/0x480 [ 47.249711] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 47.250827] kthread+0x337/0x6f0 [ 47.251311] ret_from_fork+0x41/0x80 [ 47.251754] ret_from_fork_asm+0x1a/0x30 [ 47.252214] [ 47.252519] kfence-#130: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 47.252519] [ 47.253443] allocated by task 355 on cpu 1 at 47.240632s (0.012809s ago): [ 47.253796] test_alloc+0x2a6/0x10f0 [ 47.253931] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 47.254100] kunit_try_run_case+0x1a5/0x480 [ 47.254263] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 47.254518] kthread+0x337/0x6f0 [ 47.254639] ret_from_fork+0x41/0x80 [ 47.254992] ret_from_fork_asm+0x1a/0x30 [ 47.255374] [ 47.255591] freed by task 355 on cpu 1 at 47.240745s (0.014844s ago): [ 47.255866] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 47.256034] kunit_try_run_case+0x1a5/0x480 [ 47.256172] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 47.256364] kthread+0x337/0x6f0 [ 47.256563] ret_from_fork+0x41/0x80 [ 47.256856] ret_from_fork_asm+0x1a/0x30 [ 47.257060] [ 47.257184] CPU: 1 UID: 0 PID: 355 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 47.257964] Tainted: [B]=BAD_PAGE, [N]=TEST [ 47.258263] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 47.258753] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 22.085165] ================================================================== [ 22.085700] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 22.085700] [ 22.086589] Invalid read at 0x(____ptrval____): [ 22.087161] test_invalid_access+0xf0/0x210 [ 22.087726] kunit_try_run_case+0x1a5/0x480 [ 22.087965] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.088202] kthread+0x337/0x6f0 [ 22.088565] ret_from_fork+0x41/0x80 [ 22.088742] ret_from_fork_asm+0x1a/0x30 [ 22.089012] [ 22.089154] CPU: 0 UID: 0 PID: 351 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 22.089672] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.089991] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.090383] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 21.864218] ================================================================== [ 21.864631] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 21.864631] [ 21.865045] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#126): [ 21.865811] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 21.866010] kunit_try_run_case+0x1a5/0x480 [ 21.866404] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.866620] kthread+0x337/0x6f0 [ 21.866802] ret_from_fork+0x41/0x80 [ 21.867001] ret_from_fork_asm+0x1a/0x30 [ 21.867203] [ 21.867309] kfence-#126: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 21.867309] [ 21.867746] allocated by task 345 on cpu 1 at 21.863977s (0.003766s ago): [ 21.867971] test_alloc+0x364/0x10f0 [ 21.868175] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 21.868513] kunit_try_run_case+0x1a5/0x480 [ 21.868718] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.868954] kthread+0x337/0x6f0 [ 21.869139] ret_from_fork+0x41/0x80 [ 21.869304] ret_from_fork_asm+0x1a/0x30 [ 21.869508] [ 21.869614] freed by task 345 on cpu 1 at 21.864102s (0.005510s ago): [ 21.869904] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 21.870147] kunit_try_run_case+0x1a5/0x480 [ 21.870365] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.870657] kthread+0x337/0x6f0 [ 21.870829] ret_from_fork+0x41/0x80 [ 21.870970] ret_from_fork_asm+0x1a/0x30 [ 21.871177] [ 21.871296] CPU: 1 UID: 0 PID: 345 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 21.871772] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.871951] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.872372] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 21.656216] ================================================================== [ 21.656831] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 21.656831] [ 21.657294] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#124): [ 21.657825] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 21.658009] kunit_try_run_case+0x1a5/0x480 [ 21.658157] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.658446] kthread+0x337/0x6f0 [ 21.658621] ret_from_fork+0x41/0x80 [ 21.658810] ret_from_fork_asm+0x1a/0x30 [ 21.659014] [ 21.659116] kfence-#124: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 21.659116] [ 21.659508] allocated by task 343 on cpu 1 at 21.655991s (0.003515s ago): [ 21.659795] test_alloc+0x364/0x10f0 [ 21.659988] test_kmalloc_aligned_oob_read+0x105/0x560 [ 21.660209] kunit_try_run_case+0x1a5/0x480 [ 21.660364] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.660539] kthread+0x337/0x6f0 [ 21.660708] ret_from_fork+0x41/0x80 [ 21.660988] ret_from_fork_asm+0x1a/0x30 [ 21.661196] [ 21.661348] CPU: 1 UID: 0 PID: 343 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 21.662524] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.662735] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.663146] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 17.288263] ================================================================== [ 17.288672] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 17.288672] [ 17.289164] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#82): [ 17.290087] test_corruption+0x2d2/0x3e0 [ 17.290280] kunit_try_run_case+0x1a5/0x480 [ 17.290550] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.290934] kthread+0x337/0x6f0 [ 17.291112] ret_from_fork+0x41/0x80 [ 17.291360] ret_from_fork_asm+0x1a/0x30 [ 17.291605] [ 17.291705] kfence-#82: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.291705] [ 17.292061] allocated by task 331 on cpu 1 at 17.287995s (0.004064s ago): [ 17.292372] test_alloc+0x364/0x10f0 [ 17.292546] test_corruption+0xe6/0x3e0 [ 17.292720] kunit_try_run_case+0x1a5/0x480 [ 17.292918] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.293153] kthread+0x337/0x6f0 [ 17.293392] ret_from_fork+0x41/0x80 [ 17.293569] ret_from_fork_asm+0x1a/0x30 [ 17.293779] [ 17.293849] freed by task 331 on cpu 1 at 17.288096s (0.005749s ago): [ 17.294051] test_corruption+0x2d2/0x3e0 [ 17.294186] kunit_try_run_case+0x1a5/0x480 [ 17.294437] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.294791] kthread+0x337/0x6f0 [ 17.295149] ret_from_fork+0x41/0x80 [ 17.295355] ret_from_fork_asm+0x1a/0x30 [ 17.295606] [ 17.295726] CPU: 1 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 17.296255] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.296457] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.296721] ================================================================== [ 17.392246] ================================================================== [ 17.392623] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 17.392623] [ 17.393059] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#83): [ 17.393719] test_corruption+0x2df/0x3e0 [ 17.393882] kunit_try_run_case+0x1a5/0x480 [ 17.394031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.394293] kthread+0x337/0x6f0 [ 17.394462] ret_from_fork+0x41/0x80 [ 17.394844] ret_from_fork_asm+0x1a/0x30 [ 17.395053] [ 17.395256] kfence-#83: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.395256] [ 17.395684] allocated by task 331 on cpu 1 at 17.392005s (0.003677s ago): [ 17.396030] test_alloc+0x364/0x10f0 [ 17.396216] test_corruption+0x1cb/0x3e0 [ 17.396510] kunit_try_run_case+0x1a5/0x480 [ 17.396650] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.396826] kthread+0x337/0x6f0 [ 17.397005] ret_from_fork+0x41/0x80 [ 17.397193] ret_from_fork_asm+0x1a/0x30 [ 17.397407] [ 17.397505] freed by task 331 on cpu 1 at 17.392081s (0.005420s ago): [ 17.397766] test_corruption+0x2df/0x3e0 [ 17.397957] kunit_try_run_case+0x1a5/0x480 [ 17.398153] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.398398] kthread+0x337/0x6f0 [ 17.398569] ret_from_fork+0x41/0x80 [ 17.398762] ret_from_fork_asm+0x1a/0x30 [ 17.398956] [ 17.399078] CPU: 1 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 17.399557] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.399692] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.399950] ================================================================== [ 17.704101] ================================================================== [ 17.704514] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 17.704514] [ 17.704791] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#86): [ 17.705273] test_corruption+0x216/0x3e0 [ 17.705595] kunit_try_run_case+0x1a5/0x480 [ 17.705769] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.705978] kthread+0x337/0x6f0 [ 17.706154] ret_from_fork+0x41/0x80 [ 17.706359] ret_from_fork_asm+0x1a/0x30 [ 17.706543] [ 17.706616] kfence-#86: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.706616] [ 17.707016] allocated by task 333 on cpu 0 at 17.703983s (0.003031s ago): [ 17.707330] test_alloc+0x2a6/0x10f0 [ 17.707566] test_corruption+0x1cb/0x3e0 [ 17.707742] kunit_try_run_case+0x1a5/0x480 [ 17.707926] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.708157] kthread+0x337/0x6f0 [ 17.708306] ret_from_fork+0x41/0x80 [ 17.708439] ret_from_fork_asm+0x1a/0x30 [ 17.708585] [ 17.708659] freed by task 333 on cpu 0 at 17.704022s (0.004634s ago): [ 17.708941] test_corruption+0x216/0x3e0 [ 17.709134] kunit_try_run_case+0x1a5/0x480 [ 17.709345] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.709601] kthread+0x337/0x6f0 [ 17.709758] ret_from_fork+0x41/0x80 [ 17.709888] ret_from_fork_asm+0x1a/0x30 [ 17.710049] [ 17.710169] CPU: 0 UID: 0 PID: 333 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 17.710825] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.711028] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.711419] ================================================================== [ 17.496146] ================================================================== [ 17.496571] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 17.496571] [ 17.497153] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#84): [ 17.497946] test_corruption+0x131/0x3e0 [ 17.498098] kunit_try_run_case+0x1a5/0x480 [ 17.498260] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.498455] kthread+0x337/0x6f0 [ 17.498580] ret_from_fork+0x41/0x80 [ 17.498782] ret_from_fork_asm+0x1a/0x30 [ 17.498980] [ 17.499080] kfence-#84: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.499080] [ 17.499495] allocated by task 333 on cpu 0 at 17.496007s (0.003486s ago): [ 17.499769] test_alloc+0x2a6/0x10f0 [ 17.499955] test_corruption+0xe6/0x3e0 [ 17.500123] kunit_try_run_case+0x1a5/0x480 [ 17.500328] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.500552] kthread+0x337/0x6f0 [ 17.500719] ret_from_fork+0x41/0x80 [ 17.500864] ret_from_fork_asm+0x1a/0x30 [ 17.501008] [ 17.501078] freed by task 333 on cpu 0 at 17.496070s (0.005005s ago): [ 17.501345] test_corruption+0x131/0x3e0 [ 17.501544] kunit_try_run_case+0x1a5/0x480 [ 17.501783] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.501956] kthread+0x337/0x6f0 [ 17.502073] ret_from_fork+0x41/0x80 [ 17.502271] ret_from_fork_asm+0x1a/0x30 [ 17.502465] [ 17.502591] CPU: 0 UID: 0 PID: 333 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 17.503064] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.503285] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.503658] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 17.184136] ================================================================== [ 17.184635] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 17.184635] [ 17.185061] Invalid free of 0x(____ptrval____) (in kfence-#81): [ 17.185438] test_invalid_addr_free+0xfb/0x260 [ 17.185603] kunit_try_run_case+0x1a5/0x480 [ 17.185816] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.186115] kthread+0x337/0x6f0 [ 17.186298] ret_from_fork+0x41/0x80 [ 17.186467] ret_from_fork_asm+0x1a/0x30 [ 17.186632] [ 17.186798] kfence-#81: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.186798] [ 17.187251] allocated by task 329 on cpu 1 at 17.184014s (0.003234s ago): [ 17.187583] test_alloc+0x2a6/0x10f0 [ 17.187710] test_invalid_addr_free+0xdb/0x260 [ 17.188133] kunit_try_run_case+0x1a5/0x480 [ 17.188358] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.188829] kthread+0x337/0x6f0 [ 17.189007] ret_from_fork+0x41/0x80 [ 17.189149] ret_from_fork_asm+0x1a/0x30 [ 17.189295] [ 17.189420] CPU: 1 UID: 0 PID: 329 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 17.190044] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.190311] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.190715] ================================================================== [ 17.080125] ================================================================== [ 17.080615] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 17.080615] [ 17.080907] Invalid free of 0x(____ptrval____) (in kfence-#80): [ 17.081195] test_invalid_addr_free+0x1e1/0x260 [ 17.081418] kunit_try_run_case+0x1a5/0x480 [ 17.081567] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.081818] kthread+0x337/0x6f0 [ 17.082048] ret_from_fork+0x41/0x80 [ 17.082296] ret_from_fork_asm+0x1a/0x30 [ 17.082950] [ 17.083040] kfence-#80: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.083040] [ 17.083966] allocated by task 327 on cpu 0 at 17.079990s (0.003972s ago): [ 17.084381] test_alloc+0x364/0x10f0 [ 17.084528] test_invalid_addr_free+0xdb/0x260 [ 17.084746] kunit_try_run_case+0x1a5/0x480 [ 17.084926] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.085174] kthread+0x337/0x6f0 [ 17.085336] ret_from_fork+0x41/0x80 [ 17.085491] ret_from_fork_asm+0x1a/0x30 [ 17.085696] [ 17.085817] CPU: 0 UID: 0 PID: 327 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 17.086265] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.086474] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.086810] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 16.872288] ================================================================== [ 16.872703] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 16.872703] [ 16.873132] Invalid free of 0x(____ptrval____) (in kfence-#78): [ 16.873450] test_double_free+0x1d3/0x260 [ 16.873621] kunit_try_run_case+0x1a5/0x480 [ 16.873767] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.874037] kthread+0x337/0x6f0 [ 16.874205] ret_from_fork+0x41/0x80 [ 16.874407] ret_from_fork_asm+0x1a/0x30 [ 16.874644] [ 16.874742] kfence-#78: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.874742] [ 16.875116] allocated by task 323 on cpu 0 at 16.872023s (0.003090s ago): [ 16.875499] test_alloc+0x364/0x10f0 [ 16.875666] test_double_free+0xdb/0x260 [ 16.875851] kunit_try_run_case+0x1a5/0x480 [ 16.876037] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.876274] kthread+0x337/0x6f0 [ 16.876449] ret_from_fork+0x41/0x80 [ 16.876625] ret_from_fork_asm+0x1a/0x30 [ 16.876821] [ 16.876902] freed by task 323 on cpu 0 at 16.872083s (0.004816s ago): [ 16.877200] test_double_free+0x1e0/0x260 [ 16.877414] kunit_try_run_case+0x1a5/0x480 [ 16.877619] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.877808] kthread+0x337/0x6f0 [ 16.877927] ret_from_fork+0x41/0x80 [ 16.878060] ret_from_fork_asm+0x1a/0x30 [ 16.878199] [ 16.878325] CPU: 0 UID: 0 PID: 323 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 16.878901] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.879097] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.879692] ================================================================== [ 16.976183] ================================================================== [ 16.976627] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 16.976627] [ 16.976909] Invalid free of 0x(____ptrval____) (in kfence-#79): [ 16.977250] test_double_free+0x112/0x260 [ 16.977450] kunit_try_run_case+0x1a5/0x480 [ 16.977610] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.977917] kthread+0x337/0x6f0 [ 16.978129] ret_from_fork+0x41/0x80 [ 16.978277] ret_from_fork_asm+0x1a/0x30 [ 16.978628] [ 16.978729] kfence-#79: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.978729] [ 16.979140] allocated by task 325 on cpu 1 at 16.976003s (0.003135s ago): [ 16.979485] test_alloc+0x2a6/0x10f0 [ 16.979627] test_double_free+0xdb/0x260 [ 16.979804] kunit_try_run_case+0x1a5/0x480 [ 16.980011] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.980218] kthread+0x337/0x6f0 [ 16.980348] ret_from_fork+0x41/0x80 [ 16.980480] ret_from_fork_asm+0x1a/0x30 [ 16.980827] [ 16.980927] freed by task 325 on cpu 1 at 16.976057s (0.004868s ago): [ 16.981244] test_double_free+0xfa/0x260 [ 16.981507] kunit_try_run_case+0x1a5/0x480 [ 16.981665] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.981839] kthread+0x337/0x6f0 [ 16.982011] ret_from_fork+0x41/0x80 [ 16.982200] ret_from_fork_asm+0x1a/0x30 [ 16.982499] [ 16.982621] CPU: 1 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 16.983087] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.983294] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.983673] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 16.456179] ================================================================== [ 16.456639] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 16.456639] [ 16.457059] Use-after-free read at 0x(____ptrval____) (in kfence-#74): [ 16.457349] test_use_after_free_read+0x129/0x270 [ 16.458012] kunit_try_run_case+0x1a5/0x480 [ 16.458256] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.458527] kthread+0x337/0x6f0 [ 16.458676] ret_from_fork+0x41/0x80 [ 16.458831] ret_from_fork_asm+0x1a/0x30 [ 16.459030] [ 16.459103] kfence-#74: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.459103] [ 16.459883] allocated by task 315 on cpu 1 at 16.455957s (0.003923s ago): [ 16.460277] test_alloc+0x364/0x10f0 [ 16.460595] test_use_after_free_read+0xdc/0x270 [ 16.460863] kunit_try_run_case+0x1a5/0x480 [ 16.461138] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.461347] kthread+0x337/0x6f0 [ 16.461628] ret_from_fork+0x41/0x80 [ 16.461902] ret_from_fork_asm+0x1a/0x30 [ 16.462101] [ 16.462498] freed by task 315 on cpu 1 at 16.456009s (0.006398s ago): [ 16.462827] test_use_after_free_read+0x1e7/0x270 [ 16.463003] kunit_try_run_case+0x1a5/0x480 [ 16.463177] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.463442] kthread+0x337/0x6f0 [ 16.463616] ret_from_fork+0x41/0x80 [ 16.463844] ret_from_fork_asm+0x1a/0x30 [ 16.464046] [ 16.464147] CPU: 1 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 16.464701] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.464927] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.465214] ================================================================== [ 16.560095] ================================================================== [ 16.560627] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 16.560627] [ 16.561150] Use-after-free read at 0x(____ptrval____) (in kfence-#75): [ 16.561384] test_use_after_free_read+0x129/0x270 [ 16.561616] kunit_try_run_case+0x1a5/0x480 [ 16.561784] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.562039] kthread+0x337/0x6f0 [ 16.562159] ret_from_fork+0x41/0x80 [ 16.562384] ret_from_fork_asm+0x1a/0x30 [ 16.562600] [ 16.562700] kfence-#75: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.562700] [ 16.563030] allocated by task 317 on cpu 0 at 16.559954s (0.003074s ago): [ 16.563260] test_alloc+0x2a6/0x10f0 [ 16.563551] test_use_after_free_read+0xdc/0x270 [ 16.563793] kunit_try_run_case+0x1a5/0x480 [ 16.564019] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.564303] kthread+0x337/0x6f0 [ 16.564691] ret_from_fork+0x41/0x80 [ 16.565001] ret_from_fork_asm+0x1a/0x30 [ 16.565832] [ 16.565939] freed by task 317 on cpu 0 at 16.560001s (0.005935s ago): [ 16.566264] test_use_after_free_read+0xfb/0x270 [ 16.566670] kunit_try_run_case+0x1a5/0x480 [ 16.566877] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.567259] kthread+0x337/0x6f0 [ 16.567560] ret_from_fork+0x41/0x80 [ 16.567765] ret_from_fork_asm+0x1a/0x30 [ 16.568070] [ 16.568218] CPU: 0 UID: 0 PID: 317 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 16.568838] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.569052] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.569645] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 16.040131] ================================================================== [ 16.040572] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 16.040572] [ 16.041081] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#70): [ 16.041554] test_out_of_bounds_write+0x10d/0x260 [ 16.041792] kunit_try_run_case+0x1a5/0x480 [ 16.041975] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.042239] kthread+0x337/0x6f0 [ 16.042442] ret_from_fork+0x41/0x80 [ 16.042638] ret_from_fork_asm+0x1a/0x30 [ 16.042855] [ 16.042952] kfence-#70: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.042952] [ 16.043286] allocated by task 311 on cpu 0 at 16.040036s (0.003248s ago): [ 16.043562] test_alloc+0x364/0x10f0 [ 16.043867] test_out_of_bounds_write+0xd4/0x260 [ 16.044214] kunit_try_run_case+0x1a5/0x480 [ 16.044507] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.044728] kthread+0x337/0x6f0 [ 16.044921] ret_from_fork+0x41/0x80 [ 16.045127] ret_from_fork_asm+0x1a/0x30 [ 16.045335] [ 16.045536] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 16.045997] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.046209] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.046699] ================================================================== [ 16.352044] ================================================================== [ 16.352507] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 16.352507] [ 16.352878] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#73): [ 16.353239] test_out_of_bounds_write+0x10d/0x260 [ 16.353412] kunit_try_run_case+0x1a5/0x480 [ 16.353715] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.354102] kthread+0x337/0x6f0 [ 16.354237] ret_from_fork+0x41/0x80 [ 16.354389] ret_from_fork_asm+0x1a/0x30 [ 16.354589] [ 16.354689] kfence-#73: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.354689] [ 16.355085] allocated by task 313 on cpu 1 at 16.351984s (0.003098s ago): [ 16.355366] test_alloc+0x2a6/0x10f0 [ 16.355561] test_out_of_bounds_write+0xd4/0x260 [ 16.355751] kunit_try_run_case+0x1a5/0x480 [ 16.355896] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.356099] kthread+0x337/0x6f0 [ 16.356285] ret_from_fork+0x41/0x80 [ 16.356576] ret_from_fork_asm+0x1a/0x30 [ 16.356778] [ 16.356898] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 16.357240] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.357450] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.357847] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 15.936063] ================================================================== [ 15.936481] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 15.936481] [ 15.936970] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#69): [ 15.937409] test_out_of_bounds_read+0x216/0x4e0 [ 15.937594] kunit_try_run_case+0x1a5/0x480 [ 15.937837] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.938079] kthread+0x337/0x6f0 [ 15.938278] ret_from_fork+0x41/0x80 [ 15.938482] ret_from_fork_asm+0x1a/0x30 [ 15.938697] [ 15.938793] kfence-#69: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 15.938793] [ 15.939175] allocated by task 309 on cpu 1 at 15.936010s (0.003162s ago): [ 15.939525] test_alloc+0x2a6/0x10f0 [ 15.939732] test_out_of_bounds_read+0x1e2/0x4e0 [ 15.939905] kunit_try_run_case+0x1a5/0x480 [ 15.940126] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.940368] kthread+0x337/0x6f0 [ 15.940542] ret_from_fork+0x41/0x80 [ 15.940706] ret_from_fork_asm+0x1a/0x30 [ 15.940891] [ 15.941015] CPU: 1 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 15.941505] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.941713] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.942090] ================================================================== [ 15.832057] ================================================================== [ 15.832526] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 15.832526] [ 15.832999] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#68): [ 15.833320] test_out_of_bounds_read+0x126/0x4e0 [ 15.833502] kunit_try_run_case+0x1a5/0x480 [ 15.833712] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.833969] kthread+0x337/0x6f0 [ 15.834100] ret_from_fork+0x41/0x80 [ 15.834289] ret_from_fork_asm+0x1a/0x30 [ 15.834547] [ 15.834663] kfence-#68: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 15.834663] [ 15.835056] allocated by task 309 on cpu 1 at 15.831992s (0.003061s ago): [ 15.835397] test_alloc+0x2a6/0x10f0 [ 15.835624] test_out_of_bounds_read+0xed/0x4e0 [ 15.835852] kunit_try_run_case+0x1a5/0x480 [ 15.836068] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.836313] kthread+0x337/0x6f0 [ 15.836527] ret_from_fork+0x41/0x80 [ 15.836699] ret_from_fork_asm+0x1a/0x30 [ 15.836898] [ 15.837038] CPU: 1 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 15.837413] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.837548] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.838058] ================================================================== [ 15.625043] ================================================================== [ 15.625532] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 15.625532] [ 15.626060] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#66): [ 15.626479] test_out_of_bounds_read+0x126/0x4e0 [ 15.626656] kunit_try_run_case+0x1a5/0x480 [ 15.626954] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.627217] kthread+0x337/0x6f0 [ 15.627403] ret_from_fork+0x41/0x80 [ 15.627568] ret_from_fork_asm+0x1a/0x30 [ 15.627720] [ 15.627963] kfence-#66: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 15.627963] [ 15.628570] allocated by task 307 on cpu 0 at 15.624007s (0.004508s ago): [ 15.629094] test_alloc+0x364/0x10f0 [ 15.629292] test_out_of_bounds_read+0xed/0x4e0 [ 15.629663] kunit_try_run_case+0x1a5/0x480 [ 15.629843] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.630064] kthread+0x337/0x6f0 [ 15.630237] ret_from_fork+0x41/0x80 [ 15.630371] ret_from_fork_asm+0x1a/0x30 [ 15.630640] [ 15.630795] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 15.631279] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.631420] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.631950] ================================================================== [ 15.728126] ================================================================== [ 15.728685] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 15.728685] [ 15.729097] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#67): [ 15.729488] test_out_of_bounds_read+0x216/0x4e0 [ 15.729705] kunit_try_run_case+0x1a5/0x480 [ 15.729971] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.730170] kthread+0x337/0x6f0 [ 15.730354] ret_from_fork+0x41/0x80 [ 15.730550] ret_from_fork_asm+0x1a/0x30 [ 15.730842] [ 15.730936] kfence-#67: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 15.730936] [ 15.731279] allocated by task 307 on cpu 0 at 15.727933s (0.003343s ago): [ 15.731763] test_alloc+0x364/0x10f0 [ 15.731941] test_out_of_bounds_read+0x1e2/0x4e0 [ 15.732164] kunit_try_run_case+0x1a5/0x480 [ 15.732384] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.732590] kthread+0x337/0x6f0 [ 15.732759] ret_from_fork+0x41/0x80 [ 15.732919] ret_from_fork_asm+0x1a/0x30 [ 15.733061] [ 15.733155] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 15.733604] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.733850] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.734120] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 15.168553] ================================================================== [ 15.168951] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 15.169286] Write of size 121 at addr ffff888103cfcc00 by task kunit_try_catch/305 [ 15.169678] [ 15.169801] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 15.169856] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.169869] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.169891] Call Trace: [ 15.169908] <TASK> [ 15.169935] dump_stack_lvl+0x73/0xb0 [ 15.169962] print_report+0xd1/0x610 [ 15.169985] ? __virt_addr_valid+0x1db/0x2d0 [ 15.170007] ? strncpy_from_user+0x2e/0x1d0 [ 15.170027] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.170051] ? strncpy_from_user+0x2e/0x1d0 [ 15.170080] kasan_report+0x141/0x180 [ 15.170103] ? strncpy_from_user+0x2e/0x1d0 [ 15.170128] kasan_check_range+0x10c/0x1c0 [ 15.170160] __kasan_check_write+0x18/0x20 [ 15.170180] strncpy_from_user+0x2e/0x1d0 [ 15.170199] ? __kasan_check_read+0x15/0x20 [ 15.170231] copy_user_test_oob+0x760/0x10f0 [ 15.170264] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.170284] ? finish_task_switch.isra.0+0x153/0x700 [ 15.170310] ? __switch_to+0x5d9/0xf60 [ 15.170362] ? dequeue_task_fair+0x166/0x4e0 [ 15.170387] ? __schedule+0x10c6/0x2b60 [ 15.170412] ? __pfx_read_tsc+0x10/0x10 [ 15.170442] ? ktime_get_ts64+0x86/0x230 [ 15.170469] kunit_try_run_case+0x1a5/0x480 [ 15.170491] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.170521] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.170543] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.170567] ? __kthread_parkme+0x82/0x180 [ 15.170598] ? preempt_count_sub+0x50/0x80 [ 15.170624] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.170645] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.170679] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.170703] kthread+0x337/0x6f0 [ 15.170720] ? trace_preempt_on+0x20/0xc0 [ 15.170744] ? __pfx_kthread+0x10/0x10 [ 15.170763] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.170787] ? calculate_sigpending+0x7b/0xa0 [ 15.170809] ? __pfx_kthread+0x10/0x10 [ 15.170828] ret_from_fork+0x41/0x80 [ 15.170850] ? __pfx_kthread+0x10/0x10 [ 15.170868] ret_from_fork_asm+0x1a/0x30 [ 15.170899] </TASK> [ 15.170910] [ 15.178578] Allocated by task 305: [ 15.178780] kasan_save_stack+0x45/0x70 [ 15.178982] kasan_save_track+0x18/0x40 [ 15.179165] kasan_save_alloc_info+0x3b/0x50 [ 15.179407] __kasan_kmalloc+0xb7/0xc0 [ 15.179587] __kmalloc_noprof+0x1c9/0x500 [ 15.179771] kunit_kmalloc_array+0x25/0x60 [ 15.179975] copy_user_test_oob+0xab/0x10f0 [ 15.180159] kunit_try_run_case+0x1a5/0x480 [ 15.180394] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.180641] kthread+0x337/0x6f0 [ 15.180794] ret_from_fork+0x41/0x80 [ 15.180997] ret_from_fork_asm+0x1a/0x30 [ 15.181166] [ 15.181282] The buggy address belongs to the object at ffff888103cfcc00 [ 15.181282] which belongs to the cache kmalloc-128 of size 128 [ 15.181698] The buggy address is located 0 bytes inside of [ 15.181698] allocated 120-byte region [ffff888103cfcc00, ffff888103cfcc78) [ 15.182055] [ 15.182126] The buggy address belongs to the physical page: [ 15.182364] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103cfc [ 15.182724] flags: 0x200000000000000(node=0|zone=2) [ 15.182958] page_type: f5(slab) [ 15.183124] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.183495] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.183831] page dumped because: kasan: bad access detected [ 15.184050] [ 15.184120] Memory state around the buggy address: [ 15.184285] ffff888103cfcb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.184572] ffff888103cfcb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.184912] >ffff888103cfcc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.185245] ^ [ 15.185591] ffff888103cfcc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.185885] ffff888103cfcd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.186170] ================================================================== [ 15.186823] ================================================================== [ 15.187162] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 15.187488] Write of size 1 at addr ffff888103cfcc78 by task kunit_try_catch/305 [ 15.187837] [ 15.187956] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 15.188012] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.188024] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.188046] Call Trace: [ 15.188062] <TASK> [ 15.188076] dump_stack_lvl+0x73/0xb0 [ 15.188112] print_report+0xd1/0x610 [ 15.188135] ? __virt_addr_valid+0x1db/0x2d0 [ 15.188166] ? strncpy_from_user+0x1a5/0x1d0 [ 15.188187] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.188211] ? strncpy_from_user+0x1a5/0x1d0 [ 15.188239] kasan_report+0x141/0x180 [ 15.188263] ? strncpy_from_user+0x1a5/0x1d0 [ 15.188295] __asan_report_store1_noabort+0x1b/0x30 [ 15.188316] strncpy_from_user+0x1a5/0x1d0 [ 15.188339] copy_user_test_oob+0x760/0x10f0 [ 15.188387] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.188408] ? finish_task_switch.isra.0+0x153/0x700 [ 15.188444] ? __switch_to+0x5d9/0xf60 [ 15.188465] ? dequeue_task_fair+0x166/0x4e0 [ 15.188490] ? __schedule+0x10c6/0x2b60 [ 15.188523] ? __pfx_read_tsc+0x10/0x10 [ 15.188543] ? ktime_get_ts64+0x86/0x230 [ 15.188568] kunit_try_run_case+0x1a5/0x480 [ 15.188601] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.188620] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.188643] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.188680] ? __kthread_parkme+0x82/0x180 [ 15.188702] ? preempt_count_sub+0x50/0x80 [ 15.188726] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.188758] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.188782] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.188816] kthread+0x337/0x6f0 [ 15.188833] ? trace_preempt_on+0x20/0xc0 [ 15.188857] ? __pfx_kthread+0x10/0x10 [ 15.188877] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.188900] ? calculate_sigpending+0x7b/0xa0 [ 15.188927] ? __pfx_kthread+0x10/0x10 [ 15.188946] ret_from_fork+0x41/0x80 [ 15.188967] ? __pfx_kthread+0x10/0x10 [ 15.188985] ret_from_fork_asm+0x1a/0x30 [ 15.189017] </TASK> [ 15.189027] [ 15.196610] Allocated by task 305: [ 15.196801] kasan_save_stack+0x45/0x70 [ 15.197008] kasan_save_track+0x18/0x40 [ 15.197193] kasan_save_alloc_info+0x3b/0x50 [ 15.197434] __kasan_kmalloc+0xb7/0xc0 [ 15.197635] __kmalloc_noprof+0x1c9/0x500 [ 15.197823] kunit_kmalloc_array+0x25/0x60 [ 15.198019] copy_user_test_oob+0xab/0x10f0 [ 15.198165] kunit_try_run_case+0x1a5/0x480 [ 15.198386] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.198677] kthread+0x337/0x6f0 [ 15.198798] ret_from_fork+0x41/0x80 [ 15.198955] ret_from_fork_asm+0x1a/0x30 [ 15.199178] [ 15.199281] The buggy address belongs to the object at ffff888103cfcc00 [ 15.199281] which belongs to the cache kmalloc-128 of size 128 [ 15.199818] The buggy address is located 0 bytes to the right of [ 15.199818] allocated 120-byte region [ffff888103cfcc00, ffff888103cfcc78) [ 15.200300] [ 15.200425] The buggy address belongs to the physical page: [ 15.200681] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103cfc [ 15.201005] flags: 0x200000000000000(node=0|zone=2) [ 15.201242] page_type: f5(slab) [ 15.201414] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.201748] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.202033] page dumped because: kasan: bad access detected [ 15.202206] [ 15.202283] Memory state around the buggy address: [ 15.202464] ffff888103cfcb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.202722] ffff888103cfcb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.203059] >ffff888103cfcc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.203408] ^ [ 15.203719] ffff888103cfcc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.203957] ffff888103cfcd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.204169] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 15.150617] ================================================================== [ 15.151000] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 15.151325] Read of size 121 at addr ffff888103cfcc00 by task kunit_try_catch/305 [ 15.151611] [ 15.151735] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 15.151780] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.151792] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.151813] Call Trace: [ 15.151829] <TASK> [ 15.151847] dump_stack_lvl+0x73/0xb0 [ 15.151884] print_report+0xd1/0x610 [ 15.151907] ? __virt_addr_valid+0x1db/0x2d0 [ 15.151930] ? copy_user_test_oob+0x604/0x10f0 [ 15.151961] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.151984] ? copy_user_test_oob+0x604/0x10f0 [ 15.152005] kasan_report+0x141/0x180 [ 15.152028] ? copy_user_test_oob+0x604/0x10f0 [ 15.152054] kasan_check_range+0x10c/0x1c0 [ 15.152075] __kasan_check_read+0x15/0x20 [ 15.152096] copy_user_test_oob+0x604/0x10f0 [ 15.152118] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.152138] ? finish_task_switch.isra.0+0x153/0x700 [ 15.152163] ? __switch_to+0x5d9/0xf60 [ 15.152183] ? dequeue_task_fair+0x166/0x4e0 [ 15.152208] ? __schedule+0x10c6/0x2b60 [ 15.152242] ? __pfx_read_tsc+0x10/0x10 [ 15.152272] ? ktime_get_ts64+0x86/0x230 [ 15.152298] kunit_try_run_case+0x1a5/0x480 [ 15.152320] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.152377] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.152398] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.152434] ? __kthread_parkme+0x82/0x180 [ 15.152456] ? preempt_count_sub+0x50/0x80 [ 15.152481] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.152502] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.152527] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.152551] kthread+0x337/0x6f0 [ 15.152568] ? trace_preempt_on+0x20/0xc0 [ 15.152600] ? __pfx_kthread+0x10/0x10 [ 15.152619] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.152641] ? calculate_sigpending+0x7b/0xa0 [ 15.152673] ? __pfx_kthread+0x10/0x10 [ 15.152692] ret_from_fork+0x41/0x80 [ 15.152713] ? __pfx_kthread+0x10/0x10 [ 15.152731] ret_from_fork_asm+0x1a/0x30 [ 15.152772] </TASK> [ 15.152783] [ 15.160290] Allocated by task 305: [ 15.160495] kasan_save_stack+0x45/0x70 [ 15.160699] kasan_save_track+0x18/0x40 [ 15.160880] kasan_save_alloc_info+0x3b/0x50 [ 15.161094] __kasan_kmalloc+0xb7/0xc0 [ 15.161247] __kmalloc_noprof+0x1c9/0x500 [ 15.161413] kunit_kmalloc_array+0x25/0x60 [ 15.161626] copy_user_test_oob+0xab/0x10f0 [ 15.161830] kunit_try_run_case+0x1a5/0x480 [ 15.162031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.162295] kthread+0x337/0x6f0 [ 15.162467] ret_from_fork+0x41/0x80 [ 15.162608] ret_from_fork_asm+0x1a/0x30 [ 15.162803] [ 15.162898] The buggy address belongs to the object at ffff888103cfcc00 [ 15.162898] which belongs to the cache kmalloc-128 of size 128 [ 15.163443] The buggy address is located 0 bytes inside of [ 15.163443] allocated 120-byte region [ffff888103cfcc00, ffff888103cfcc78) [ 15.163933] [ 15.164006] The buggy address belongs to the physical page: [ 15.164179] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103cfc [ 15.164455] flags: 0x200000000000000(node=0|zone=2) [ 15.164618] page_type: f5(slab) [ 15.164741] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.165112] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.165484] page dumped because: kasan: bad access detected [ 15.165736] [ 15.165830] Memory state around the buggy address: [ 15.166083] ffff888103cfcb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.166436] ffff888103cfcb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.166766] >ffff888103cfcc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.166995] ^ [ 15.167208] ffff888103cfcc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.167457] ffff888103cfcd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.167778] ================================================================== [ 15.113597] ================================================================== [ 15.113988] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 15.114297] Read of size 121 at addr ffff888103cfcc00 by task kunit_try_catch/305 [ 15.114611] [ 15.114698] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 15.114740] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.114752] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.114774] Call Trace: [ 15.114789] <TASK> [ 15.114803] dump_stack_lvl+0x73/0xb0 [ 15.114829] print_report+0xd1/0x610 [ 15.114852] ? __virt_addr_valid+0x1db/0x2d0 [ 15.114875] ? copy_user_test_oob+0x4aa/0x10f0 [ 15.114895] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.114919] ? copy_user_test_oob+0x4aa/0x10f0 [ 15.114951] kasan_report+0x141/0x180 [ 15.114975] ? copy_user_test_oob+0x4aa/0x10f0 [ 15.115011] kasan_check_range+0x10c/0x1c0 [ 15.115032] __kasan_check_read+0x15/0x20 [ 15.115053] copy_user_test_oob+0x4aa/0x10f0 [ 15.115076] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.115096] ? finish_task_switch.isra.0+0x153/0x700 [ 15.115120] ? __switch_to+0x5d9/0xf60 [ 15.115142] ? dequeue_task_fair+0x166/0x4e0 [ 15.115167] ? __schedule+0x10c6/0x2b60 [ 15.115192] ? __pfx_read_tsc+0x10/0x10 [ 15.115213] ? ktime_get_ts64+0x86/0x230 [ 15.115248] kunit_try_run_case+0x1a5/0x480 [ 15.115270] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.115290] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.115311] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.115336] ? __kthread_parkme+0x82/0x180 [ 15.115377] ? preempt_count_sub+0x50/0x80 [ 15.115402] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.115423] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.115447] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.115471] kthread+0x337/0x6f0 [ 15.115489] ? trace_preempt_on+0x20/0xc0 [ 15.115513] ? __pfx_kthread+0x10/0x10 [ 15.115531] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.115554] ? calculate_sigpending+0x7b/0xa0 [ 15.115575] ? __pfx_kthread+0x10/0x10 [ 15.115604] ret_from_fork+0x41/0x80 [ 15.115625] ? __pfx_kthread+0x10/0x10 [ 15.115643] ret_from_fork_asm+0x1a/0x30 [ 15.115692] </TASK> [ 15.115704] [ 15.123271] Allocated by task 305: [ 15.123424] kasan_save_stack+0x45/0x70 [ 15.123613] kasan_save_track+0x18/0x40 [ 15.123816] kasan_save_alloc_info+0x3b/0x50 [ 15.123990] __kasan_kmalloc+0xb7/0xc0 [ 15.124153] __kmalloc_noprof+0x1c9/0x500 [ 15.124406] kunit_kmalloc_array+0x25/0x60 [ 15.124578] copy_user_test_oob+0xab/0x10f0 [ 15.124780] kunit_try_run_case+0x1a5/0x480 [ 15.124958] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.125208] kthread+0x337/0x6f0 [ 15.125337] ret_from_fork+0x41/0x80 [ 15.125489] ret_from_fork_asm+0x1a/0x30 [ 15.125628] [ 15.125697] The buggy address belongs to the object at ffff888103cfcc00 [ 15.125697] which belongs to the cache kmalloc-128 of size 128 [ 15.126051] The buggy address is located 0 bytes inside of [ 15.126051] allocated 120-byte region [ffff888103cfcc00, ffff888103cfcc78) [ 15.126580] [ 15.126690] The buggy address belongs to the physical page: [ 15.126986] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103cfc [ 15.127424] flags: 0x200000000000000(node=0|zone=2) [ 15.127693] page_type: f5(slab) [ 15.127845] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.128078] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.128313] page dumped because: kasan: bad access detected [ 15.128508] [ 15.128603] Memory state around the buggy address: [ 15.128829] ffff888103cfcb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.129173] ffff888103cfcb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.129527] >ffff888103cfcc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.129861] ^ [ 15.130178] ffff888103cfcc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.130510] ffff888103cfcd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.130828] ================================================================== [ 15.131337] ================================================================== [ 15.131612] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 15.131942] Write of size 121 at addr ffff888103cfcc00 by task kunit_try_catch/305 [ 15.132181] [ 15.132307] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 15.132369] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.132382] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.132406] Call Trace: [ 15.132422] <TASK> [ 15.132437] dump_stack_lvl+0x73/0xb0 [ 15.132463] print_report+0xd1/0x610 [ 15.132486] ? __virt_addr_valid+0x1db/0x2d0 [ 15.132509] ? copy_user_test_oob+0x557/0x10f0 [ 15.132528] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.132552] ? copy_user_test_oob+0x557/0x10f0 [ 15.132573] kasan_report+0x141/0x180 [ 15.132596] ? copy_user_test_oob+0x557/0x10f0 [ 15.132622] kasan_check_range+0x10c/0x1c0 [ 15.132643] __kasan_check_write+0x18/0x20 [ 15.132663] copy_user_test_oob+0x557/0x10f0 [ 15.132686] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.132706] ? finish_task_switch.isra.0+0x153/0x700 [ 15.132731] ? __switch_to+0x5d9/0xf60 [ 15.132753] ? dequeue_task_fair+0x166/0x4e0 [ 15.132778] ? __schedule+0x10c6/0x2b60 [ 15.132802] ? __pfx_read_tsc+0x10/0x10 [ 15.132823] ? ktime_get_ts64+0x86/0x230 [ 15.132850] kunit_try_run_case+0x1a5/0x480 [ 15.132872] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.132903] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.132929] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.132954] ? __kthread_parkme+0x82/0x180 [ 15.132989] ? preempt_count_sub+0x50/0x80 [ 15.133014] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.133035] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.133060] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.133084] kthread+0x337/0x6f0 [ 15.133101] ? trace_preempt_on+0x20/0xc0 [ 15.133126] ? __pfx_kthread+0x10/0x10 [ 15.133144] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.133166] ? calculate_sigpending+0x7b/0xa0 [ 15.133188] ? __pfx_kthread+0x10/0x10 [ 15.133207] ret_from_fork+0x41/0x80 [ 15.133236] ? __pfx_kthread+0x10/0x10 [ 15.133255] ret_from_fork_asm+0x1a/0x30 [ 15.133286] </TASK> [ 15.133298] [ 15.140719] Allocated by task 305: [ 15.140845] kasan_save_stack+0x45/0x70 [ 15.140995] kasan_save_track+0x18/0x40 [ 15.141187] kasan_save_alloc_info+0x3b/0x50 [ 15.141448] __kasan_kmalloc+0xb7/0xc0 [ 15.141635] __kmalloc_noprof+0x1c9/0x500 [ 15.141832] kunit_kmalloc_array+0x25/0x60 [ 15.142029] copy_user_test_oob+0xab/0x10f0 [ 15.142253] kunit_try_run_case+0x1a5/0x480 [ 15.142481] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.142732] kthread+0x337/0x6f0 [ 15.142883] ret_from_fork+0x41/0x80 [ 15.143014] ret_from_fork_asm+0x1a/0x30 [ 15.143153] [ 15.143917] The buggy address belongs to the object at ffff888103cfcc00 [ 15.143917] which belongs to the cache kmalloc-128 of size 128 [ 15.144562] The buggy address is located 0 bytes inside of [ 15.144562] allocated 120-byte region [ffff888103cfcc00, ffff888103cfcc78) [ 15.145100] [ 15.145196] The buggy address belongs to the physical page: [ 15.146174] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103cfc [ 15.146532] flags: 0x200000000000000(node=0|zone=2) [ 15.146758] page_type: f5(slab) [ 15.146919] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.147249] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.147505] page dumped because: kasan: bad access detected [ 15.147740] [ 15.147858] Memory state around the buggy address: [ 15.148118] ffff888103cfcb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.148513] ffff888103cfcb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.148835] >ffff888103cfcc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.149132] ^ [ 15.149455] ffff888103cfcc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.149763] ffff888103cfcd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.150030] ================================================================== [ 15.094729] ================================================================== [ 15.095420] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 15.096080] Write of size 121 at addr ffff888103cfcc00 by task kunit_try_catch/305 [ 15.096765] [ 15.096962] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 15.097018] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.097030] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.097052] Call Trace: [ 15.097067] <TASK> [ 15.097095] dump_stack_lvl+0x73/0xb0 [ 15.097122] print_report+0xd1/0x610 [ 15.097146] ? __virt_addr_valid+0x1db/0x2d0 [ 15.097169] ? copy_user_test_oob+0x3fd/0x10f0 [ 15.097189] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.097213] ? copy_user_test_oob+0x3fd/0x10f0 [ 15.097242] kasan_report+0x141/0x180 [ 15.097266] ? copy_user_test_oob+0x3fd/0x10f0 [ 15.097300] kasan_check_range+0x10c/0x1c0 [ 15.097322] __kasan_check_write+0x18/0x20 [ 15.097368] copy_user_test_oob+0x3fd/0x10f0 [ 15.097391] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.097411] ? finish_task_switch.isra.0+0x153/0x700 [ 15.097437] ? __switch_to+0x5d9/0xf60 [ 15.097459] ? dequeue_task_fair+0x166/0x4e0 [ 15.097484] ? __schedule+0x10c6/0x2b60 [ 15.097509] ? __pfx_read_tsc+0x10/0x10 [ 15.097529] ? ktime_get_ts64+0x86/0x230 [ 15.097556] kunit_try_run_case+0x1a5/0x480 [ 15.097578] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.097597] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.097620] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.097645] ? __kthread_parkme+0x82/0x180 [ 15.097667] ? preempt_count_sub+0x50/0x80 [ 15.097692] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.097714] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.097739] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.097763] kthread+0x337/0x6f0 [ 15.097780] ? trace_preempt_on+0x20/0xc0 [ 15.097805] ? __pfx_kthread+0x10/0x10 [ 15.097825] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.097849] ? calculate_sigpending+0x7b/0xa0 [ 15.097872] ? __pfx_kthread+0x10/0x10 [ 15.097890] ret_from_fork+0x41/0x80 [ 15.097912] ? __pfx_kthread+0x10/0x10 [ 15.097930] ret_from_fork_asm+0x1a/0x30 [ 15.097962] </TASK> [ 15.097973] [ 15.105174] Allocated by task 305: [ 15.105388] kasan_save_stack+0x45/0x70 [ 15.105603] kasan_save_track+0x18/0x40 [ 15.105794] kasan_save_alloc_info+0x3b/0x50 [ 15.105999] __kasan_kmalloc+0xb7/0xc0 [ 15.106185] __kmalloc_noprof+0x1c9/0x500 [ 15.106417] kunit_kmalloc_array+0x25/0x60 [ 15.106644] copy_user_test_oob+0xab/0x10f0 [ 15.106827] kunit_try_run_case+0x1a5/0x480 [ 15.106971] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.107183] kthread+0x337/0x6f0 [ 15.107383] ret_from_fork+0x41/0x80 [ 15.107594] ret_from_fork_asm+0x1a/0x30 [ 15.107792] [ 15.107885] The buggy address belongs to the object at ffff888103cfcc00 [ 15.107885] which belongs to the cache kmalloc-128 of size 128 [ 15.108439] The buggy address is located 0 bytes inside of [ 15.108439] allocated 120-byte region [ffff888103cfcc00, ffff888103cfcc78) [ 15.108930] [ 15.109043] The buggy address belongs to the physical page: [ 15.109269] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103cfc [ 15.109641] flags: 0x200000000000000(node=0|zone=2) [ 15.109854] page_type: f5(slab) [ 15.110049] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.110399] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.110724] page dumped because: kasan: bad access detected [ 15.110946] [ 15.111063] Memory state around the buggy address: [ 15.111245] ffff888103cfcb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.111595] ffff888103cfcb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.111908] >ffff888103cfcc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.112125] ^ [ 15.112431] ffff888103cfcc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.112772] ffff888103cfcd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.113090] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 15.062170] ================================================================== [ 15.062895] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x4a/0x70 [ 15.063530] Read of size 121 at addr ffff888103cfcc00 by task kunit_try_catch/305 [ 15.064174] [ 15.064404] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 15.064450] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.064463] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.064486] Call Trace: [ 15.064505] <TASK> [ 15.064525] dump_stack_lvl+0x73/0xb0 [ 15.064552] print_report+0xd1/0x610 [ 15.064587] ? __virt_addr_valid+0x1db/0x2d0 [ 15.064610] ? _copy_to_user+0x4a/0x70 [ 15.064630] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.064665] ? _copy_to_user+0x4a/0x70 [ 15.064685] kasan_report+0x141/0x180 [ 15.064709] ? _copy_to_user+0x4a/0x70 [ 15.064734] kasan_check_range+0x10c/0x1c0 [ 15.064755] __kasan_check_read+0x15/0x20 [ 15.064775] _copy_to_user+0x4a/0x70 [ 15.064796] copy_user_test_oob+0x364/0x10f0 [ 15.064820] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.064841] ? finish_task_switch.isra.0+0x153/0x700 [ 15.064866] ? __switch_to+0x5d9/0xf60 [ 15.064889] ? dequeue_task_fair+0x166/0x4e0 [ 15.064913] ? __schedule+0x10c6/0x2b60 [ 15.064943] ? __pfx_read_tsc+0x10/0x10 [ 15.064964] ? ktime_get_ts64+0x86/0x230 [ 15.064989] kunit_try_run_case+0x1a5/0x480 [ 15.065010] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.065030] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.065052] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.065077] ? __kthread_parkme+0x82/0x180 [ 15.065100] ? preempt_count_sub+0x50/0x80 [ 15.065125] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.065147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.065171] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.065195] kthread+0x337/0x6f0 [ 15.065212] ? trace_preempt_on+0x20/0xc0 [ 15.065246] ? __pfx_kthread+0x10/0x10 [ 15.065265] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.065288] ? calculate_sigpending+0x7b/0xa0 [ 15.065310] ? __pfx_kthread+0x10/0x10 [ 15.065329] ret_from_fork+0x41/0x80 [ 15.065369] ? __pfx_kthread+0x10/0x10 [ 15.065388] ret_from_fork_asm+0x1a/0x30 [ 15.065419] </TASK> [ 15.065431] [ 15.078031] Allocated by task 305: [ 15.078166] kasan_save_stack+0x45/0x70 [ 15.078334] kasan_save_track+0x18/0x40 [ 15.078720] kasan_save_alloc_info+0x3b/0x50 [ 15.078954] __kasan_kmalloc+0xb7/0xc0 [ 15.079172] __kmalloc_noprof+0x1c9/0x500 [ 15.079595] kunit_kmalloc_array+0x25/0x60 [ 15.079978] copy_user_test_oob+0xab/0x10f0 [ 15.080218] kunit_try_run_case+0x1a5/0x480 [ 15.080581] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.080762] kthread+0x337/0x6f0 [ 15.080882] ret_from_fork+0x41/0x80 [ 15.081017] ret_from_fork_asm+0x1a/0x30 [ 15.081157] [ 15.081246] The buggy address belongs to the object at ffff888103cfcc00 [ 15.081246] which belongs to the cache kmalloc-128 of size 128 [ 15.082381] The buggy address is located 0 bytes inside of [ 15.082381] allocated 120-byte region [ffff888103cfcc00, ffff888103cfcc78) [ 15.083440] [ 15.083613] The buggy address belongs to the physical page: [ 15.084103] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103cfc [ 15.084796] flags: 0x200000000000000(node=0|zone=2) [ 15.085240] page_type: f5(slab) [ 15.085501] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.086042] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.086389] page dumped because: kasan: bad access detected [ 15.086870] [ 15.087022] Memory state around the buggy address: [ 15.087427] ffff888103cfcb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.087650] ffff888103cfcb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.087865] >ffff888103cfcc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.088078] ^ [ 15.088454] ffff888103cfcc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.089062] ffff888103cfcd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.089696] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 15.027440] ================================================================== [ 15.029412] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 15.030161] Write of size 121 at addr ffff888103cfcc00 by task kunit_try_catch/305 [ 15.030647] [ 15.030751] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 15.030801] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.030814] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.030839] Call Trace: [ 15.030853] <TASK> [ 15.030873] dump_stack_lvl+0x73/0xb0 [ 15.030904] print_report+0xd1/0x610 [ 15.030929] ? __virt_addr_valid+0x1db/0x2d0 [ 15.030953] ? _copy_from_user+0x32/0x90 [ 15.030973] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.030997] ? _copy_from_user+0x32/0x90 [ 15.031018] kasan_report+0x141/0x180 [ 15.031042] ? _copy_from_user+0x32/0x90 [ 15.031067] kasan_check_range+0x10c/0x1c0 [ 15.031088] __kasan_check_write+0x18/0x20 [ 15.031109] _copy_from_user+0x32/0x90 [ 15.031130] copy_user_test_oob+0x2be/0x10f0 [ 15.031154] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.031174] ? finish_task_switch.isra.0+0x153/0x700 [ 15.031200] ? __switch_to+0x5d9/0xf60 [ 15.031242] ? dequeue_task_fair+0x166/0x4e0 [ 15.031271] ? __schedule+0x10c6/0x2b60 [ 15.031296] ? __pfx_read_tsc+0x10/0x10 [ 15.031318] ? ktime_get_ts64+0x86/0x230 [ 15.031365] kunit_try_run_case+0x1a5/0x480 [ 15.031387] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.031406] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.031428] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.031453] ? __kthread_parkme+0x82/0x180 [ 15.031486] ? preempt_count_sub+0x50/0x80 [ 15.031512] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.031533] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.031569] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.031593] kthread+0x337/0x6f0 [ 15.031611] ? trace_preempt_on+0x20/0xc0 [ 15.031636] ? __pfx_kthread+0x10/0x10 [ 15.031655] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.031678] ? calculate_sigpending+0x7b/0xa0 [ 15.031701] ? __pfx_kthread+0x10/0x10 [ 15.031720] ret_from_fork+0x41/0x80 [ 15.031742] ? __pfx_kthread+0x10/0x10 [ 15.031760] ret_from_fork_asm+0x1a/0x30 [ 15.031793] </TASK> [ 15.031806] [ 15.045131] Allocated by task 305: [ 15.045492] kasan_save_stack+0x45/0x70 [ 15.045869] kasan_save_track+0x18/0x40 [ 15.046231] kasan_save_alloc_info+0x3b/0x50 [ 15.046641] __kasan_kmalloc+0xb7/0xc0 [ 15.046989] __kmalloc_noprof+0x1c9/0x500 [ 15.047400] kunit_kmalloc_array+0x25/0x60 [ 15.047782] copy_user_test_oob+0xab/0x10f0 [ 15.048108] kunit_try_run_case+0x1a5/0x480 [ 15.048369] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.048854] kthread+0x337/0x6f0 [ 15.048995] ret_from_fork+0x41/0x80 [ 15.049149] ret_from_fork_asm+0x1a/0x30 [ 15.049552] [ 15.049708] The buggy address belongs to the object at ffff888103cfcc00 [ 15.049708] which belongs to the cache kmalloc-128 of size 128 [ 15.050687] The buggy address is located 0 bytes inside of [ 15.050687] allocated 120-byte region [ffff888103cfcc00, ffff888103cfcc78) [ 15.051048] [ 15.051122] The buggy address belongs to the physical page: [ 15.051311] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103cfc [ 15.052019] flags: 0x200000000000000(node=0|zone=2) [ 15.052493] page_type: f5(slab) [ 15.052808] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.053501] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.054144] page dumped because: kasan: bad access detected [ 15.054648] [ 15.054802] Memory state around the buggy address: [ 15.055250] ffff888103cfcb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.055881] ffff888103cfcb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.056158] >ffff888103cfcc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.056794] ^ [ 15.057213] ffff888103cfcc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.057664] ffff888103cfcd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.058289] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 14.986576] ================================================================== [ 14.986906] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 14.987643] Write of size 8 at addr ffff8881028ba478 by task kunit_try_catch/301 [ 14.988166] [ 14.988379] CPU: 1 UID: 0 PID: 301 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.988441] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.988453] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.988475] Call Trace: [ 14.988488] <TASK> [ 14.988504] dump_stack_lvl+0x73/0xb0 [ 14.988532] print_report+0xd1/0x610 [ 14.988557] ? __virt_addr_valid+0x1db/0x2d0 [ 14.988580] ? copy_to_kernel_nofault+0x99/0x260 [ 14.988601] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.988626] ? copy_to_kernel_nofault+0x99/0x260 [ 14.988647] kasan_report+0x141/0x180 [ 14.988681] ? copy_to_kernel_nofault+0x99/0x260 [ 14.988707] kasan_check_range+0x10c/0x1c0 [ 14.988728] __kasan_check_write+0x18/0x20 [ 14.988749] copy_to_kernel_nofault+0x99/0x260 [ 14.988771] copy_to_kernel_nofault_oob+0x288/0x560 [ 14.988797] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 14.988821] ? finish_task_switch.isra.0+0x153/0x700 [ 14.988845] ? __schedule+0x10c6/0x2b60 [ 14.988868] ? trace_hardirqs_on+0x37/0xe0 [ 14.988901] ? __pfx_read_tsc+0x10/0x10 [ 14.988928] ? ktime_get_ts64+0x86/0x230 [ 14.988953] kunit_try_run_case+0x1a5/0x480 [ 14.988975] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.988994] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.989023] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.989048] ? __kthread_parkme+0x82/0x180 [ 14.989070] ? preempt_count_sub+0x50/0x80 [ 14.989095] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.989116] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.989141] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.989165] kthread+0x337/0x6f0 [ 14.989183] ? trace_preempt_on+0x20/0xc0 [ 14.989206] ? __pfx_kthread+0x10/0x10 [ 14.989235] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.989258] ? calculate_sigpending+0x7b/0xa0 [ 14.989280] ? __pfx_kthread+0x10/0x10 [ 14.989299] ret_from_fork+0x41/0x80 [ 14.989320] ? __pfx_kthread+0x10/0x10 [ 14.989339] ret_from_fork_asm+0x1a/0x30 [ 14.989371] </TASK> [ 14.989383] [ 15.003121] Allocated by task 301: [ 15.003377] kasan_save_stack+0x45/0x70 [ 15.003526] kasan_save_track+0x18/0x40 [ 15.003955] kasan_save_alloc_info+0x3b/0x50 [ 15.004435] __kasan_kmalloc+0xb7/0xc0 [ 15.004691] __kmalloc_cache_noprof+0x189/0x420 [ 15.005146] copy_to_kernel_nofault_oob+0x12f/0x560 [ 15.005366] kunit_try_run_case+0x1a5/0x480 [ 15.005796] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.006382] kthread+0x337/0x6f0 [ 15.006745] ret_from_fork+0x41/0x80 [ 15.006879] ret_from_fork_asm+0x1a/0x30 [ 15.007014] [ 15.007083] The buggy address belongs to the object at ffff8881028ba400 [ 15.007083] which belongs to the cache kmalloc-128 of size 128 [ 15.007579] The buggy address is located 0 bytes to the right of [ 15.007579] allocated 120-byte region [ffff8881028ba400, ffff8881028ba478) [ 15.008250] [ 15.008394] The buggy address belongs to the physical page: [ 15.008639] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028ba [ 15.008919] flags: 0x200000000000000(node=0|zone=2) [ 15.009217] page_type: f5(slab) [ 15.009533] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.009860] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.010446] page dumped because: kasan: bad access detected [ 15.011247] [ 15.011517] Memory state around the buggy address: [ 15.012088] ffff8881028ba300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.012400] ffff8881028ba380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.012878] >ffff8881028ba400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.013500] ^ [ 15.014127] ffff8881028ba480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.014567] ffff8881028ba500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.015087] ================================================================== [ 14.952395] ================================================================== [ 14.952891] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 14.953153] Read of size 8 at addr ffff8881028ba478 by task kunit_try_catch/301 [ 14.953395] [ 14.953492] CPU: 1 UID: 0 PID: 301 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.953541] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.953554] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.953578] Call Trace: [ 14.953592] <TASK> [ 14.953610] dump_stack_lvl+0x73/0xb0 [ 14.953639] print_report+0xd1/0x610 [ 14.953666] ? __virt_addr_valid+0x1db/0x2d0 [ 14.953690] ? copy_to_kernel_nofault+0x225/0x260 [ 14.953711] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.953734] ? copy_to_kernel_nofault+0x225/0x260 [ 14.953756] kasan_report+0x141/0x180 [ 14.953779] ? copy_to_kernel_nofault+0x225/0x260 [ 14.953805] __asan_report_load8_noabort+0x18/0x20 [ 14.953827] copy_to_kernel_nofault+0x225/0x260 [ 14.953850] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 14.953875] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 14.953899] ? finish_task_switch.isra.0+0x153/0x700 [ 14.953925] ? __schedule+0x10c6/0x2b60 [ 14.953949] ? trace_hardirqs_on+0x37/0xe0 [ 14.953982] ? __pfx_read_tsc+0x10/0x10 [ 14.954008] ? ktime_get_ts64+0x86/0x230 [ 14.954040] kunit_try_run_case+0x1a5/0x480 [ 14.954067] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.954086] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.954108] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.954133] ? __kthread_parkme+0x82/0x180 [ 14.954157] ? preempt_count_sub+0x50/0x80 [ 14.954181] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.954204] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.954255] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.954643] kthread+0x337/0x6f0 [ 14.954682] ? trace_preempt_on+0x20/0xc0 [ 14.954708] ? __pfx_kthread+0x10/0x10 [ 14.954727] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.954759] ? calculate_sigpending+0x7b/0xa0 [ 14.954783] ? __pfx_kthread+0x10/0x10 [ 14.954802] ret_from_fork+0x41/0x80 [ 14.954825] ? __pfx_kthread+0x10/0x10 [ 14.954843] ret_from_fork_asm+0x1a/0x30 [ 14.954876] </TASK> [ 14.954889] [ 14.970025] Allocated by task 301: [ 14.970162] kasan_save_stack+0x45/0x70 [ 14.970500] kasan_save_track+0x18/0x40 [ 14.970838] kasan_save_alloc_info+0x3b/0x50 [ 14.971203] __kasan_kmalloc+0xb7/0xc0 [ 14.971539] __kmalloc_cache_noprof+0x189/0x420 [ 14.972145] copy_to_kernel_nofault_oob+0x12f/0x560 [ 14.972637] kunit_try_run_case+0x1a5/0x480 [ 14.973055] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.973663] kthread+0x337/0x6f0 [ 14.974012] ret_from_fork+0x41/0x80 [ 14.974369] ret_from_fork_asm+0x1a/0x30 [ 14.974752] [ 14.974953] The buggy address belongs to the object at ffff8881028ba400 [ 14.974953] which belongs to the cache kmalloc-128 of size 128 [ 14.976188] The buggy address is located 0 bytes to the right of [ 14.976188] allocated 120-byte region [ffff8881028ba400, ffff8881028ba478) [ 14.977495] [ 14.977664] The buggy address belongs to the physical page: [ 14.978268] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028ba [ 14.979048] flags: 0x200000000000000(node=0|zone=2) [ 14.979595] page_type: f5(slab) [ 14.979984] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.980952] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.981261] page dumped because: kasan: bad access detected [ 14.981528] [ 14.981712] Memory state around the buggy address: [ 14.982272] ffff8881028ba300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.982971] ffff8881028ba380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.983635] >ffff8881028ba400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 14.983858] ^ [ 14.984072] ffff8881028ba480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.984589] ffff8881028ba500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.985377] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 14.218503] ================================================================== [ 14.218878] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 14.219258] Read of size 4 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.219645] [ 14.219771] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.219812] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.219824] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.219844] Call Trace: [ 14.219859] <TASK> [ 14.219873] dump_stack_lvl+0x73/0xb0 [ 14.219899] print_report+0xd1/0x610 [ 14.219922] ? __virt_addr_valid+0x1db/0x2d0 [ 14.219943] ? kasan_atomics_helper+0x4a02/0x5450 [ 14.219964] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.219988] ? kasan_atomics_helper+0x4a02/0x5450 [ 14.220010] kasan_report+0x141/0x180 [ 14.220034] ? kasan_atomics_helper+0x4a02/0x5450 [ 14.220063] __asan_report_load4_noabort+0x18/0x20 [ 14.220085] kasan_atomics_helper+0x4a02/0x5450 [ 14.220109] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.220132] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.220154] ? kasan_atomics+0x152/0x310 [ 14.220180] kasan_atomics+0x1dc/0x310 [ 14.220199] ? __pfx_kasan_atomics+0x10/0x10 [ 14.220221] ? __pfx_read_tsc+0x10/0x10 [ 14.220251] ? ktime_get_ts64+0x86/0x230 [ 14.220275] kunit_try_run_case+0x1a5/0x480 [ 14.220297] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.220316] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.220336] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.220382] ? __kthread_parkme+0x82/0x180 [ 14.220404] ? preempt_count_sub+0x50/0x80 [ 14.220429] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.220451] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.220475] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.220499] kthread+0x337/0x6f0 [ 14.220516] ? trace_preempt_on+0x20/0xc0 [ 14.220540] ? __pfx_kthread+0x10/0x10 [ 14.220559] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.220581] ? calculate_sigpending+0x7b/0xa0 [ 14.220603] ? __pfx_kthread+0x10/0x10 [ 14.220622] ret_from_fork+0x41/0x80 [ 14.220644] ? __pfx_kthread+0x10/0x10 [ 14.220662] ret_from_fork_asm+0x1a/0x30 [ 14.220694] </TASK> [ 14.220705] [ 14.227703] Allocated by task 285: [ 14.227883] kasan_save_stack+0x45/0x70 [ 14.228079] kasan_save_track+0x18/0x40 [ 14.228303] kasan_save_alloc_info+0x3b/0x50 [ 14.228535] __kasan_kmalloc+0xb7/0xc0 [ 14.228721] __kmalloc_cache_noprof+0x189/0x420 [ 14.228922] kasan_atomics+0x95/0x310 [ 14.229129] kunit_try_run_case+0x1a5/0x480 [ 14.229313] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.229509] kthread+0x337/0x6f0 [ 14.229629] ret_from_fork+0x41/0x80 [ 14.229760] ret_from_fork_asm+0x1a/0x30 [ 14.229898] [ 14.229968] The buggy address belongs to the object at ffff888103d00c80 [ 14.229968] which belongs to the cache kmalloc-64 of size 64 [ 14.230474] The buggy address is located 0 bytes to the right of [ 14.230474] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.231046] [ 14.231163] The buggy address belongs to the physical page: [ 14.231458] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.231851] flags: 0x200000000000000(node=0|zone=2) [ 14.232082] page_type: f5(slab) [ 14.232289] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.232648] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.232985] page dumped because: kasan: bad access detected [ 14.233208] [ 14.233314] Memory state around the buggy address: [ 14.233552] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.233855] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.234159] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.234498] ^ [ 14.234723] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.234939] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.235287] ================================================================== [ 14.146974] ================================================================== [ 14.147363] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 14.147912] Read of size 4 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.148192] [ 14.148286] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.148328] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.148340] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.148360] Call Trace: [ 14.148375] <TASK> [ 14.148405] dump_stack_lvl+0x73/0xb0 [ 14.148430] print_report+0xd1/0x610 [ 14.148452] ? __virt_addr_valid+0x1db/0x2d0 [ 14.148474] ? kasan_atomics_helper+0x4a36/0x5450 [ 14.148495] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.148528] ? kasan_atomics_helper+0x4a36/0x5450 [ 14.148551] kasan_report+0x141/0x180 [ 14.148585] ? kasan_atomics_helper+0x4a36/0x5450 [ 14.148612] __asan_report_load4_noabort+0x18/0x20 [ 14.148634] kasan_atomics_helper+0x4a36/0x5450 [ 14.148658] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.148681] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.148712] ? kasan_atomics+0x152/0x310 [ 14.148735] kasan_atomics+0x1dc/0x310 [ 14.148755] ? __pfx_kasan_atomics+0x10/0x10 [ 14.148787] ? __pfx_read_tsc+0x10/0x10 [ 14.148808] ? ktime_get_ts64+0x86/0x230 [ 14.148833] kunit_try_run_case+0x1a5/0x480 [ 14.148855] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.148883] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.148904] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.148935] ? __kthread_parkme+0x82/0x180 [ 14.148967] ? preempt_count_sub+0x50/0x80 [ 14.148994] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.149016] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.149048] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.149072] kthread+0x337/0x6f0 [ 14.149090] ? trace_preempt_on+0x20/0xc0 [ 14.149124] ? __pfx_kthread+0x10/0x10 [ 14.149143] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.149165] ? calculate_sigpending+0x7b/0xa0 [ 14.149187] ? __pfx_kthread+0x10/0x10 [ 14.149206] ret_from_fork+0x41/0x80 [ 14.149243] ? __pfx_kthread+0x10/0x10 [ 14.149262] ret_from_fork_asm+0x1a/0x30 [ 14.149305] </TASK> [ 14.149316] [ 14.156694] Allocated by task 285: [ 14.156848] kasan_save_stack+0x45/0x70 [ 14.157035] kasan_save_track+0x18/0x40 [ 14.157202] kasan_save_alloc_info+0x3b/0x50 [ 14.157457] __kasan_kmalloc+0xb7/0xc0 [ 14.157632] __kmalloc_cache_noprof+0x189/0x420 [ 14.157857] kasan_atomics+0x95/0x310 [ 14.158057] kunit_try_run_case+0x1a5/0x480 [ 14.158247] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.158447] kthread+0x337/0x6f0 [ 14.158569] ret_from_fork+0x41/0x80 [ 14.158700] ret_from_fork_asm+0x1a/0x30 [ 14.158839] [ 14.158908] The buggy address belongs to the object at ffff888103d00c80 [ 14.158908] which belongs to the cache kmalloc-64 of size 64 [ 14.159281] The buggy address is located 0 bytes to the right of [ 14.159281] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.159865] [ 14.159959] The buggy address belongs to the physical page: [ 14.160205] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.160585] flags: 0x200000000000000(node=0|zone=2) [ 14.160813] page_type: f5(slab) [ 14.160984] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.161250] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.161506] page dumped because: kasan: bad access detected [ 14.161761] [ 14.161868] Memory state around the buggy address: [ 14.162100] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.162471] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.162761] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.163058] ^ [ 14.163298] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.163634] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.163926] ================================================================== [ 14.623010] ================================================================== [ 14.623325] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 14.623644] Write of size 8 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.624320] [ 14.624435] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.624481] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.624495] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.624517] Call Trace: [ 14.624532] <TASK> [ 14.624545] dump_stack_lvl+0x73/0xb0 [ 14.624572] print_report+0xd1/0x610 [ 14.624595] ? __virt_addr_valid+0x1db/0x2d0 [ 14.624616] ? kasan_atomics_helper+0x1c18/0x5450 [ 14.624638] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.624661] ? kasan_atomics_helper+0x1c18/0x5450 [ 14.624684] kasan_report+0x141/0x180 [ 14.624708] ? kasan_atomics_helper+0x1c18/0x5450 [ 14.624736] kasan_check_range+0x10c/0x1c0 [ 14.624756] __kasan_check_write+0x18/0x20 [ 14.624776] kasan_atomics_helper+0x1c18/0x5450 [ 14.624800] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.624823] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.624845] ? kasan_atomics+0x152/0x310 [ 14.624869] kasan_atomics+0x1dc/0x310 [ 14.624889] ? __pfx_kasan_atomics+0x10/0x10 [ 14.624910] ? __pfx_read_tsc+0x10/0x10 [ 14.624935] ? ktime_get_ts64+0x86/0x230 [ 14.624961] kunit_try_run_case+0x1a5/0x480 [ 14.624982] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.625001] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.625023] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.625047] ? __kthread_parkme+0x82/0x180 [ 14.625069] ? preempt_count_sub+0x50/0x80 [ 14.625095] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.625116] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.625140] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.625163] kthread+0x337/0x6f0 [ 14.625181] ? trace_preempt_on+0x20/0xc0 [ 14.625204] ? __pfx_kthread+0x10/0x10 [ 14.625233] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.625256] ? calculate_sigpending+0x7b/0xa0 [ 14.625277] ? __pfx_kthread+0x10/0x10 [ 14.625296] ret_from_fork+0x41/0x80 [ 14.625317] ? __pfx_kthread+0x10/0x10 [ 14.625335] ret_from_fork_asm+0x1a/0x30 [ 14.625467] </TASK> [ 14.625482] [ 14.632701] Allocated by task 285: [ 14.632843] kasan_save_stack+0x45/0x70 [ 14.633031] kasan_save_track+0x18/0x40 [ 14.633201] kasan_save_alloc_info+0x3b/0x50 [ 14.633350] __kasan_kmalloc+0xb7/0xc0 [ 14.633478] __kmalloc_cache_noprof+0x189/0x420 [ 14.633626] kasan_atomics+0x95/0x310 [ 14.633749] kunit_try_run_case+0x1a5/0x480 [ 14.633886] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.634103] kthread+0x337/0x6f0 [ 14.634272] ret_from_fork+0x41/0x80 [ 14.634450] ret_from_fork_asm+0x1a/0x30 [ 14.634638] [ 14.634728] The buggy address belongs to the object at ffff888103d00c80 [ 14.634728] which belongs to the cache kmalloc-64 of size 64 [ 14.635375] The buggy address is located 0 bytes to the right of [ 14.635375] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.635744] [ 14.635814] The buggy address belongs to the physical page: [ 14.636023] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.636380] flags: 0x200000000000000(node=0|zone=2) [ 14.636614] page_type: f5(slab) [ 14.636776] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.637125] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.637368] page dumped because: kasan: bad access detected [ 14.637627] [ 14.637718] Memory state around the buggy address: [ 14.637923] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.638192] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.638508] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.638727] ^ [ 14.638906] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.639242] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.639816] ================================================================== [ 14.868753] ================================================================== [ 14.869113] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 14.869496] Read of size 8 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.869845] [ 14.869951] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.869991] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.870003] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.870023] Call Trace: [ 14.870036] <TASK> [ 14.870051] dump_stack_lvl+0x73/0xb0 [ 14.870075] print_report+0xd1/0x610 [ 14.870098] ? __virt_addr_valid+0x1db/0x2d0 [ 14.870122] ? kasan_atomics_helper+0x4fa5/0x5450 [ 14.870147] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.870174] ? kasan_atomics_helper+0x4fa5/0x5450 [ 14.870196] kasan_report+0x141/0x180 [ 14.870219] ? kasan_atomics_helper+0x4fa5/0x5450 [ 14.870258] __asan_report_load8_noabort+0x18/0x20 [ 14.870281] kasan_atomics_helper+0x4fa5/0x5450 [ 14.870304] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.870328] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.870370] ? kasan_atomics+0x152/0x310 [ 14.870394] kasan_atomics+0x1dc/0x310 [ 14.870413] ? __pfx_kasan_atomics+0x10/0x10 [ 14.870435] ? __pfx_read_tsc+0x10/0x10 [ 14.870456] ? ktime_get_ts64+0x86/0x230 [ 14.870481] kunit_try_run_case+0x1a5/0x480 [ 14.870503] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.870522] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.870544] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.870569] ? __kthread_parkme+0x82/0x180 [ 14.870591] ? preempt_count_sub+0x50/0x80 [ 14.870617] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.870638] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.870662] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.870685] kthread+0x337/0x6f0 [ 14.870703] ? trace_preempt_on+0x20/0xc0 [ 14.870726] ? __pfx_kthread+0x10/0x10 [ 14.870745] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.870768] ? calculate_sigpending+0x7b/0xa0 [ 14.870789] ? __pfx_kthread+0x10/0x10 [ 14.870808] ret_from_fork+0x41/0x80 [ 14.870829] ? __pfx_kthread+0x10/0x10 [ 14.870847] ret_from_fork_asm+0x1a/0x30 [ 14.870878] </TASK> [ 14.870888] [ 14.880536] Allocated by task 285: [ 14.880730] kasan_save_stack+0x45/0x70 [ 14.880940] kasan_save_track+0x18/0x40 [ 14.881132] kasan_save_alloc_info+0x3b/0x50 [ 14.881656] __kasan_kmalloc+0xb7/0xc0 [ 14.881927] __kmalloc_cache_noprof+0x189/0x420 [ 14.882380] kasan_atomics+0x95/0x310 [ 14.882623] kunit_try_run_case+0x1a5/0x480 [ 14.882933] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.883189] kthread+0x337/0x6f0 [ 14.883596] ret_from_fork+0x41/0x80 [ 14.883841] ret_from_fork_asm+0x1a/0x30 [ 14.884149] [ 14.884261] The buggy address belongs to the object at ffff888103d00c80 [ 14.884261] which belongs to the cache kmalloc-64 of size 64 [ 14.884943] The buggy address is located 0 bytes to the right of [ 14.884943] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.885738] [ 14.885976] The buggy address belongs to the physical page: [ 14.886494] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.886959] flags: 0x200000000000000(node=0|zone=2) [ 14.887459] page_type: f5(slab) [ 14.887704] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.888147] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.888614] page dumped because: kasan: bad access detected [ 14.889056] [ 14.889159] Memory state around the buggy address: [ 14.889584] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.890033] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.890482] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.890920] ^ [ 14.891140] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.891663] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.892334] ================================================================== [ 14.722247] ================================================================== [ 14.722634] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 14.722973] Write of size 8 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.723282] [ 14.723409] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.723454] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.723468] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.723490] Call Trace: [ 14.723506] <TASK> [ 14.723522] dump_stack_lvl+0x73/0xb0 [ 14.723548] print_report+0xd1/0x610 [ 14.723571] ? __virt_addr_valid+0x1db/0x2d0 [ 14.723593] ? kasan_atomics_helper+0x1eaa/0x5450 [ 14.723615] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.723639] ? kasan_atomics_helper+0x1eaa/0x5450 [ 14.723662] kasan_report+0x141/0x180 [ 14.723685] ? kasan_atomics_helper+0x1eaa/0x5450 [ 14.723713] kasan_check_range+0x10c/0x1c0 [ 14.723734] __kasan_check_write+0x18/0x20 [ 14.723755] kasan_atomics_helper+0x1eaa/0x5450 [ 14.723779] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.723802] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.723824] ? kasan_atomics+0x152/0x310 [ 14.723848] kasan_atomics+0x1dc/0x310 [ 14.723868] ? __pfx_kasan_atomics+0x10/0x10 [ 14.723890] ? __pfx_read_tsc+0x10/0x10 [ 14.723911] ? ktime_get_ts64+0x86/0x230 [ 14.723936] kunit_try_run_case+0x1a5/0x480 [ 14.723958] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.723978] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.724000] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.724025] ? __kthread_parkme+0x82/0x180 [ 14.724047] ? preempt_count_sub+0x50/0x80 [ 14.724073] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.724094] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.724118] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.724142] kthread+0x337/0x6f0 [ 14.724160] ? trace_preempt_on+0x20/0xc0 [ 14.724185] ? __pfx_kthread+0x10/0x10 [ 14.724204] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.724237] ? calculate_sigpending+0x7b/0xa0 [ 14.724259] ? __pfx_kthread+0x10/0x10 [ 14.724278] ret_from_fork+0x41/0x80 [ 14.724300] ? __pfx_kthread+0x10/0x10 [ 14.724320] ret_from_fork_asm+0x1a/0x30 [ 14.724372] </TASK> [ 14.724385] [ 14.731418] Allocated by task 285: [ 14.731551] kasan_save_stack+0x45/0x70 [ 14.731750] kasan_save_track+0x18/0x40 [ 14.731941] kasan_save_alloc_info+0x3b/0x50 [ 14.732146] __kasan_kmalloc+0xb7/0xc0 [ 14.732340] __kmalloc_cache_noprof+0x189/0x420 [ 14.732577] kasan_atomics+0x95/0x310 [ 14.732763] kunit_try_run_case+0x1a5/0x480 [ 14.732969] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.733216] kthread+0x337/0x6f0 [ 14.733396] ret_from_fork+0x41/0x80 [ 14.733558] ret_from_fork_asm+0x1a/0x30 [ 14.733696] [ 14.733766] The buggy address belongs to the object at ffff888103d00c80 [ 14.733766] which belongs to the cache kmalloc-64 of size 64 [ 14.734219] The buggy address is located 0 bytes to the right of [ 14.734219] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.734827] [ 14.734925] The buggy address belongs to the physical page: [ 14.735144] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.735497] flags: 0x200000000000000(node=0|zone=2) [ 14.735662] page_type: f5(slab) [ 14.735817] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.736167] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.736501] page dumped because: kasan: bad access detected [ 14.736723] [ 14.736819] Memory state around the buggy address: [ 14.737019] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.737285] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.737624] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.737911] ^ [ 14.738099] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.738324] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.738555] ================================================================== [ 14.757258] ================================================================== [ 14.757785] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 14.758154] Read of size 8 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.758519] [ 14.758632] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.758700] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.758713] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.758750] Call Trace: [ 14.758766] <TASK> [ 14.758794] dump_stack_lvl+0x73/0xb0 [ 14.758835] print_report+0xd1/0x610 [ 14.758872] ? __virt_addr_valid+0x1db/0x2d0 [ 14.758907] ? kasan_atomics_helper+0x4f71/0x5450 [ 14.758942] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.758979] ? kasan_atomics_helper+0x4f71/0x5450 [ 14.759003] kasan_report+0x141/0x180 [ 14.759027] ? kasan_atomics_helper+0x4f71/0x5450 [ 14.759056] __asan_report_load8_noabort+0x18/0x20 [ 14.759077] kasan_atomics_helper+0x4f71/0x5450 [ 14.759102] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.759125] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.759147] ? kasan_atomics+0x152/0x310 [ 14.759171] kasan_atomics+0x1dc/0x310 [ 14.759191] ? __pfx_kasan_atomics+0x10/0x10 [ 14.759213] ? __pfx_read_tsc+0x10/0x10 [ 14.759243] ? ktime_get_ts64+0x86/0x230 [ 14.759269] kunit_try_run_case+0x1a5/0x480 [ 14.759291] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.759311] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.759332] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.759391] ? __kthread_parkme+0x82/0x180 [ 14.759414] ? preempt_count_sub+0x50/0x80 [ 14.759439] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.759461] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.759485] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.759511] kthread+0x337/0x6f0 [ 14.759529] ? trace_preempt_on+0x20/0xc0 [ 14.759553] ? __pfx_kthread+0x10/0x10 [ 14.759572] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.759596] ? calculate_sigpending+0x7b/0xa0 [ 14.759618] ? __pfx_kthread+0x10/0x10 [ 14.759637] ret_from_fork+0x41/0x80 [ 14.759658] ? __pfx_kthread+0x10/0x10 [ 14.759677] ret_from_fork_asm+0x1a/0x30 [ 14.759709] </TASK> [ 14.759722] [ 14.767156] Allocated by task 285: [ 14.767321] kasan_save_stack+0x45/0x70 [ 14.767559] kasan_save_track+0x18/0x40 [ 14.767752] kasan_save_alloc_info+0x3b/0x50 [ 14.767936] __kasan_kmalloc+0xb7/0xc0 [ 14.768125] __kmalloc_cache_noprof+0x189/0x420 [ 14.768330] kasan_atomics+0x95/0x310 [ 14.768544] kunit_try_run_case+0x1a5/0x480 [ 14.768729] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.768927] kthread+0x337/0x6f0 [ 14.769046] ret_from_fork+0x41/0x80 [ 14.769177] ret_from_fork_asm+0x1a/0x30 [ 14.769414] [ 14.769528] The buggy address belongs to the object at ffff888103d00c80 [ 14.769528] which belongs to the cache kmalloc-64 of size 64 [ 14.770051] The buggy address is located 0 bytes to the right of [ 14.770051] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.770666] [ 14.770763] The buggy address belongs to the physical page: [ 14.771006] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.771401] flags: 0x200000000000000(node=0|zone=2) [ 14.771640] page_type: f5(slab) [ 14.771807] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.772077] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.772316] page dumped because: kasan: bad access detected [ 14.772515] [ 14.772591] Memory state around the buggy address: [ 14.772816] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.773164] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.773536] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.773888] ^ [ 14.774136] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.774541] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.774793] ================================================================== [ 13.674308] ================================================================== [ 13.674576] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 13.675036] Write of size 4 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 13.675314] [ 13.675460] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 13.675509] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.675522] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.675546] Call Trace: [ 13.675567] <TASK> [ 13.675587] dump_stack_lvl+0x73/0xb0 [ 13.675615] print_report+0xd1/0x610 [ 13.675639] ? __virt_addr_valid+0x1db/0x2d0 [ 13.675663] ? kasan_atomics_helper+0x4b6e/0x5450 [ 13.675686] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.675710] ? kasan_atomics_helper+0x4b6e/0x5450 [ 13.675733] kasan_report+0x141/0x180 [ 13.675756] ? kasan_atomics_helper+0x4b6e/0x5450 [ 13.675784] __asan_report_store4_noabort+0x1b/0x30 [ 13.675807] kasan_atomics_helper+0x4b6e/0x5450 [ 13.675830] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.675854] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.675876] ? kasan_atomics+0x152/0x310 [ 13.675901] kasan_atomics+0x1dc/0x310 [ 13.675921] ? __pfx_kasan_atomics+0x10/0x10 [ 13.675942] ? __pfx_read_tsc+0x10/0x10 [ 13.675964] ? ktime_get_ts64+0x86/0x230 [ 13.675990] kunit_try_run_case+0x1a5/0x480 [ 13.676013] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.676032] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.676054] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.676080] ? __kthread_parkme+0x82/0x180 [ 13.676102] ? preempt_count_sub+0x50/0x80 [ 13.676128] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.676150] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.676173] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.676198] kthread+0x337/0x6f0 [ 13.676216] ? trace_preempt_on+0x20/0xc0 [ 13.676253] ? __pfx_kthread+0x10/0x10 [ 13.676272] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.676295] ? calculate_sigpending+0x7b/0xa0 [ 13.676318] ? __pfx_kthread+0x10/0x10 [ 13.676336] ret_from_fork+0x41/0x80 [ 13.676381] ? __pfx_kthread+0x10/0x10 [ 13.676401] ret_from_fork_asm+0x1a/0x30 [ 13.676449] </TASK> [ 13.676461] [ 13.687532] Allocated by task 285: [ 13.688017] kasan_save_stack+0x45/0x70 [ 13.688720] kasan_save_track+0x18/0x40 [ 13.688908] kasan_save_alloc_info+0x3b/0x50 [ 13.689221] __kasan_kmalloc+0xb7/0xc0 [ 13.689395] __kmalloc_cache_noprof+0x189/0x420 [ 13.689851] kasan_atomics+0x95/0x310 [ 13.690200] kunit_try_run_case+0x1a5/0x480 [ 13.690469] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.690909] kthread+0x337/0x6f0 [ 13.691107] ret_from_fork+0x41/0x80 [ 13.691390] ret_from_fork_asm+0x1a/0x30 [ 13.691603] [ 13.691697] The buggy address belongs to the object at ffff888103d00c80 [ 13.691697] which belongs to the cache kmalloc-64 of size 64 [ 13.692594] The buggy address is located 0 bytes to the right of [ 13.692594] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 13.693315] [ 13.693559] The buggy address belongs to the physical page: [ 13.694055] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 13.694537] flags: 0x200000000000000(node=0|zone=2) [ 13.694832] page_type: f5(slab) [ 13.695006] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.695495] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.695928] page dumped because: kasan: bad access detected [ 13.696285] [ 13.696467] Memory state around the buggy address: [ 13.696861] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.697160] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.697476] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.697997] ^ [ 13.698178] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.698755] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.699058] ================================================================== [ 14.164547] ================================================================== [ 14.164923] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 14.165297] Write of size 4 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.165637] [ 14.165741] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.165784] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.165796] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.165816] Call Trace: [ 14.165831] <TASK> [ 14.165845] dump_stack_lvl+0x73/0xb0 [ 14.165869] print_report+0xd1/0x610 [ 14.165892] ? __virt_addr_valid+0x1db/0x2d0 [ 14.165913] ? kasan_atomics_helper+0x1079/0x5450 [ 14.165935] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.165957] ? kasan_atomics_helper+0x1079/0x5450 [ 14.165980] kasan_report+0x141/0x180 [ 14.166003] ? kasan_atomics_helper+0x1079/0x5450 [ 14.166030] kasan_check_range+0x10c/0x1c0 [ 14.166051] __kasan_check_write+0x18/0x20 [ 14.166071] kasan_atomics_helper+0x1079/0x5450 [ 14.166095] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.166117] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.166139] ? kasan_atomics+0x152/0x310 [ 14.166163] kasan_atomics+0x1dc/0x310 [ 14.166184] ? __pfx_kasan_atomics+0x10/0x10 [ 14.166205] ? __pfx_read_tsc+0x10/0x10 [ 14.166236] ? ktime_get_ts64+0x86/0x230 [ 14.166271] kunit_try_run_case+0x1a5/0x480 [ 14.166293] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.166312] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.166369] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.166394] ? __kthread_parkme+0x82/0x180 [ 14.166416] ? preempt_count_sub+0x50/0x80 [ 14.166453] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.166474] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.166498] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.166522] kthread+0x337/0x6f0 [ 14.166539] ? trace_preempt_on+0x20/0xc0 [ 14.166563] ? __pfx_kthread+0x10/0x10 [ 14.166582] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.166614] ? calculate_sigpending+0x7b/0xa0 [ 14.166636] ? __pfx_kthread+0x10/0x10 [ 14.166655] ret_from_fork+0x41/0x80 [ 14.166687] ? __pfx_kthread+0x10/0x10 [ 14.166706] ret_from_fork_asm+0x1a/0x30 [ 14.166738] </TASK> [ 14.166748] [ 14.174215] Allocated by task 285: [ 14.174412] kasan_save_stack+0x45/0x70 [ 14.174614] kasan_save_track+0x18/0x40 [ 14.174773] kasan_save_alloc_info+0x3b/0x50 [ 14.175000] __kasan_kmalloc+0xb7/0xc0 [ 14.175172] __kmalloc_cache_noprof+0x189/0x420 [ 14.175422] kasan_atomics+0x95/0x310 [ 14.175621] kunit_try_run_case+0x1a5/0x480 [ 14.175823] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.176000] kthread+0x337/0x6f0 [ 14.176117] ret_from_fork+0x41/0x80 [ 14.176264] ret_from_fork_asm+0x1a/0x30 [ 14.176496] [ 14.176590] The buggy address belongs to the object at ffff888103d00c80 [ 14.176590] which belongs to the cache kmalloc-64 of size 64 [ 14.177147] The buggy address is located 0 bytes to the right of [ 14.177147] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.177684] [ 14.177757] The buggy address belongs to the physical page: [ 14.177928] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.178259] flags: 0x200000000000000(node=0|zone=2) [ 14.178539] page_type: f5(slab) [ 14.178734] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.179081] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.179454] page dumped because: kasan: bad access detected [ 14.179685] [ 14.179780] Memory state around the buggy address: [ 14.179949] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.180291] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.180616] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.180901] ^ [ 14.181125] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.181459] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.181760] ================================================================== [ 14.007313] ================================================================== [ 14.007683] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 14.008011] Write of size 4 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.008318] [ 14.008446] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.008491] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.008503] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.008525] Call Trace: [ 14.008541] <TASK> [ 14.008556] dump_stack_lvl+0x73/0xb0 [ 14.008580] print_report+0xd1/0x610 [ 14.008603] ? __virt_addr_valid+0x1db/0x2d0 [ 14.008624] ? kasan_atomics_helper+0xc70/0x5450 [ 14.008646] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.008669] ? kasan_atomics_helper+0xc70/0x5450 [ 14.008692] kasan_report+0x141/0x180 [ 14.008715] ? kasan_atomics_helper+0xc70/0x5450 [ 14.008743] kasan_check_range+0x10c/0x1c0 [ 14.008764] __kasan_check_write+0x18/0x20 [ 14.008785] kasan_atomics_helper+0xc70/0x5450 [ 14.008808] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.008831] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.008853] ? kasan_atomics+0x152/0x310 [ 14.008876] kasan_atomics+0x1dc/0x310 [ 14.008897] ? __pfx_kasan_atomics+0x10/0x10 [ 14.008923] ? __pfx_read_tsc+0x10/0x10 [ 14.008943] ? ktime_get_ts64+0x86/0x230 [ 14.008969] kunit_try_run_case+0x1a5/0x480 [ 14.008990] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.009009] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.009030] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.009056] ? __kthread_parkme+0x82/0x180 [ 14.009077] ? preempt_count_sub+0x50/0x80 [ 14.009103] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.009125] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.009148] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.009172] kthread+0x337/0x6f0 [ 14.009189] ? trace_preempt_on+0x20/0xc0 [ 14.009215] ? __pfx_kthread+0x10/0x10 [ 14.009245] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.009268] ? calculate_sigpending+0x7b/0xa0 [ 14.009289] ? __pfx_kthread+0x10/0x10 [ 14.009309] ret_from_fork+0x41/0x80 [ 14.009330] ? __pfx_kthread+0x10/0x10 [ 14.009348] ret_from_fork_asm+0x1a/0x30 [ 14.009380] </TASK> [ 14.009391] [ 14.016546] Allocated by task 285: [ 14.016725] kasan_save_stack+0x45/0x70 [ 14.016967] kasan_save_track+0x18/0x40 [ 14.017160] kasan_save_alloc_info+0x3b/0x50 [ 14.017375] __kasan_kmalloc+0xb7/0xc0 [ 14.017645] __kmalloc_cache_noprof+0x189/0x420 [ 14.018091] kasan_atomics+0x95/0x310 [ 14.018235] kunit_try_run_case+0x1a5/0x480 [ 14.018426] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.018685] kthread+0x337/0x6f0 [ 14.018850] ret_from_fork+0x41/0x80 [ 14.019005] ret_from_fork_asm+0x1a/0x30 [ 14.019175] [ 14.019270] The buggy address belongs to the object at ffff888103d00c80 [ 14.019270] which belongs to the cache kmalloc-64 of size 64 [ 14.019723] The buggy address is located 0 bytes to the right of [ 14.019723] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.020205] [ 14.020314] The buggy address belongs to the physical page: [ 14.020739] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.021061] flags: 0x200000000000000(node=0|zone=2) [ 14.021273] page_type: f5(slab) [ 14.021513] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.021812] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.022112] page dumped because: kasan: bad access detected [ 14.022345] [ 14.022450] Memory state around the buggy address: [ 14.022654] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.022936] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.023213] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.023545] ^ [ 14.023743] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.024003] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.024296] ================================================================== [ 14.257601] ================================================================== [ 14.258300] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 14.258962] Read of size 4 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.259553] [ 14.259646] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.259692] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.259704] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.259727] Call Trace: [ 14.259746] <TASK> [ 14.259763] dump_stack_lvl+0x73/0xb0 [ 14.259790] print_report+0xd1/0x610 [ 14.259814] ? __virt_addr_valid+0x1db/0x2d0 [ 14.259836] ? kasan_atomics_helper+0x49e8/0x5450 [ 14.259858] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.259881] ? kasan_atomics_helper+0x49e8/0x5450 [ 14.259904] kasan_report+0x141/0x180 [ 14.259927] ? kasan_atomics_helper+0x49e8/0x5450 [ 14.259955] __asan_report_load4_noabort+0x18/0x20 [ 14.259976] kasan_atomics_helper+0x49e8/0x5450 [ 14.260000] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.260022] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.260044] ? kasan_atomics+0x152/0x310 [ 14.260068] kasan_atomics+0x1dc/0x310 [ 14.260088] ? __pfx_kasan_atomics+0x10/0x10 [ 14.260109] ? __pfx_read_tsc+0x10/0x10 [ 14.260129] ? ktime_get_ts64+0x86/0x230 [ 14.260155] kunit_try_run_case+0x1a5/0x480 [ 14.260177] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.260196] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.260217] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.260261] ? __kthread_parkme+0x82/0x180 [ 14.260283] ? preempt_count_sub+0x50/0x80 [ 14.260309] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.260330] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.260384] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.260408] kthread+0x337/0x6f0 [ 14.260426] ? trace_preempt_on+0x20/0xc0 [ 14.260470] ? __pfx_kthread+0x10/0x10 [ 14.260489] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.260512] ? calculate_sigpending+0x7b/0xa0 [ 14.260544] ? __pfx_kthread+0x10/0x10 [ 14.260564] ret_from_fork+0x41/0x80 [ 14.260584] ? __pfx_kthread+0x10/0x10 [ 14.260603] ret_from_fork_asm+0x1a/0x30 [ 14.260635] </TASK> [ 14.260646] [ 14.274193] Allocated by task 285: [ 14.274363] kasan_save_stack+0x45/0x70 [ 14.274752] kasan_save_track+0x18/0x40 [ 14.275128] kasan_save_alloc_info+0x3b/0x50 [ 14.275546] __kasan_kmalloc+0xb7/0xc0 [ 14.275903] __kmalloc_cache_noprof+0x189/0x420 [ 14.276321] kasan_atomics+0x95/0x310 [ 14.276659] kunit_try_run_case+0x1a5/0x480 [ 14.276984] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.277160] kthread+0x337/0x6f0 [ 14.277435] ret_from_fork+0x41/0x80 [ 14.277779] ret_from_fork_asm+0x1a/0x30 [ 14.278142] [ 14.278315] The buggy address belongs to the object at ffff888103d00c80 [ 14.278315] which belongs to the cache kmalloc-64 of size 64 [ 14.279267] The buggy address is located 0 bytes to the right of [ 14.279267] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.279880] [ 14.279954] The buggy address belongs to the physical page: [ 14.280127] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.280724] flags: 0x200000000000000(node=0|zone=2) [ 14.281188] page_type: f5(slab) [ 14.281535] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.282189] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.282864] page dumped because: kasan: bad access detected [ 14.283391] [ 14.283559] Memory state around the buggy address: [ 14.283992] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.284474] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.284693] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.284909] ^ [ 14.285077] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.285474] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.286081] ================================================================== [ 13.823664] ================================================================== [ 13.824365] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 13.825105] Write of size 4 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 13.825430] [ 13.825552] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 13.825600] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.825613] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.825637] Call Trace: [ 13.825658] <TASK> [ 13.825677] dump_stack_lvl+0x73/0xb0 [ 13.825705] print_report+0xd1/0x610 [ 13.825728] ? __virt_addr_valid+0x1db/0x2d0 [ 13.825751] ? kasan_atomics_helper+0x697/0x5450 [ 13.825772] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.825795] ? kasan_atomics_helper+0x697/0x5450 [ 13.825818] kasan_report+0x141/0x180 [ 13.825842] ? kasan_atomics_helper+0x697/0x5450 [ 13.825870] kasan_check_range+0x10c/0x1c0 [ 13.825891] __kasan_check_write+0x18/0x20 [ 13.825911] kasan_atomics_helper+0x697/0x5450 [ 13.825935] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.825957] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.825980] ? kasan_atomics+0x152/0x310 [ 13.826003] kasan_atomics+0x1dc/0x310 [ 13.826023] ? __pfx_kasan_atomics+0x10/0x10 [ 13.826045] ? __pfx_read_tsc+0x10/0x10 [ 13.826066] ? ktime_get_ts64+0x86/0x230 [ 13.826092] kunit_try_run_case+0x1a5/0x480 [ 13.826114] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.826133] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.826155] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.826179] ? __kthread_parkme+0x82/0x180 [ 13.826202] ? preempt_count_sub+0x50/0x80 [ 13.826239] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.826260] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.826284] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.826307] kthread+0x337/0x6f0 [ 13.826324] ? trace_preempt_on+0x20/0xc0 [ 13.826349] ? __pfx_kthread+0x10/0x10 [ 13.826379] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.826402] ? calculate_sigpending+0x7b/0xa0 [ 13.826424] ? __pfx_kthread+0x10/0x10 [ 13.826442] ret_from_fork+0x41/0x80 [ 13.826465] ? __pfx_kthread+0x10/0x10 [ 13.826483] ret_from_fork_asm+0x1a/0x30 [ 13.826514] </TASK> [ 13.826525] [ 13.835375] Allocated by task 285: [ 13.835539] kasan_save_stack+0x45/0x70 [ 13.835749] kasan_save_track+0x18/0x40 [ 13.835952] kasan_save_alloc_info+0x3b/0x50 [ 13.836127] __kasan_kmalloc+0xb7/0xc0 [ 13.836330] __kmalloc_cache_noprof+0x189/0x420 [ 13.836530] kasan_atomics+0x95/0x310 [ 13.836710] kunit_try_run_case+0x1a5/0x480 [ 13.836856] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.837039] kthread+0x337/0x6f0 [ 13.837185] ret_from_fork+0x41/0x80 [ 13.837375] ret_from_fork_asm+0x1a/0x30 [ 13.837601] [ 13.837694] The buggy address belongs to the object at ffff888103d00c80 [ 13.837694] which belongs to the cache kmalloc-64 of size 64 [ 13.838121] The buggy address is located 0 bytes to the right of [ 13.838121] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 13.838818] [ 13.838915] The buggy address belongs to the physical page: [ 13.839136] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 13.839503] flags: 0x200000000000000(node=0|zone=2) [ 13.839723] page_type: f5(slab) [ 13.839907] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.840208] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.840496] page dumped because: kasan: bad access detected [ 13.840752] [ 13.840866] Memory state around the buggy address: [ 13.841119] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.841406] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.841770] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.842068] ^ [ 13.842266] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.842605] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.842854] ================================================================== [ 14.129302] ================================================================== [ 14.129605] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 14.129908] Write of size 4 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.130199] [ 14.130529] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.130575] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.130588] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.130610] Call Trace: [ 14.130627] <TASK> [ 14.130643] dump_stack_lvl+0x73/0xb0 [ 14.130668] print_report+0xd1/0x610 [ 14.130690] ? __virt_addr_valid+0x1db/0x2d0 [ 14.130712] ? kasan_atomics_helper+0xfa9/0x5450 [ 14.130746] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.130770] ? kasan_atomics_helper+0xfa9/0x5450 [ 14.130793] kasan_report+0x141/0x180 [ 14.130827] ? kasan_atomics_helper+0xfa9/0x5450 [ 14.130855] kasan_check_range+0x10c/0x1c0 [ 14.130876] __kasan_check_write+0x18/0x20 [ 14.130897] kasan_atomics_helper+0xfa9/0x5450 [ 14.130929] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.130952] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.130974] ? kasan_atomics+0x152/0x310 [ 14.131008] kasan_atomics+0x1dc/0x310 [ 14.131028] ? __pfx_kasan_atomics+0x10/0x10 [ 14.131051] ? __pfx_read_tsc+0x10/0x10 [ 14.131072] ? ktime_get_ts64+0x86/0x230 [ 14.131106] kunit_try_run_case+0x1a5/0x480 [ 14.131127] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.131147] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.131178] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.131203] ? __kthread_parkme+0x82/0x180 [ 14.131235] ? preempt_count_sub+0x50/0x80 [ 14.131262] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.131283] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.131308] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.131331] kthread+0x337/0x6f0 [ 14.131370] ? trace_preempt_on+0x20/0xc0 [ 14.131394] ? __pfx_kthread+0x10/0x10 [ 14.131412] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.131436] ? calculate_sigpending+0x7b/0xa0 [ 14.131458] ? __pfx_kthread+0x10/0x10 [ 14.131478] ret_from_fork+0x41/0x80 [ 14.131509] ? __pfx_kthread+0x10/0x10 [ 14.131528] ret_from_fork_asm+0x1a/0x30 [ 14.131561] </TASK> [ 14.131583] [ 14.138975] Allocated by task 285: [ 14.139110] kasan_save_stack+0x45/0x70 [ 14.139269] kasan_save_track+0x18/0x40 [ 14.139474] kasan_save_alloc_info+0x3b/0x50 [ 14.139686] __kasan_kmalloc+0xb7/0xc0 [ 14.139894] __kmalloc_cache_noprof+0x189/0x420 [ 14.140113] kasan_atomics+0x95/0x310 [ 14.140318] kunit_try_run_case+0x1a5/0x480 [ 14.140548] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.140813] kthread+0x337/0x6f0 [ 14.140982] ret_from_fork+0x41/0x80 [ 14.141164] ret_from_fork_asm+0x1a/0x30 [ 14.141402] [ 14.141488] The buggy address belongs to the object at ffff888103d00c80 [ 14.141488] which belongs to the cache kmalloc-64 of size 64 [ 14.141974] The buggy address is located 0 bytes to the right of [ 14.141974] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.142495] [ 14.142614] The buggy address belongs to the physical page: [ 14.142842] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.143168] flags: 0x200000000000000(node=0|zone=2) [ 14.143456] page_type: f5(slab) [ 14.143615] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.143854] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.144080] page dumped because: kasan: bad access detected [ 14.144270] [ 14.144381] Memory state around the buggy address: [ 14.144677] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.145000] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.145324] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.145701] ^ [ 14.145857] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.146074] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.146349] ================================================================== [ 14.364399] ================================================================== [ 14.364845] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 14.365238] Write of size 8 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.365792] [ 14.365914] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.365970] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.365982] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.366003] Call Trace: [ 14.366017] <TASK> [ 14.366030] dump_stack_lvl+0x73/0xb0 [ 14.366055] print_report+0xd1/0x610 [ 14.366079] ? __virt_addr_valid+0x1db/0x2d0 [ 14.366101] ? kasan_atomics_helper+0x1467/0x5450 [ 14.366122] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.366146] ? kasan_atomics_helper+0x1467/0x5450 [ 14.366168] kasan_report+0x141/0x180 [ 14.366191] ? kasan_atomics_helper+0x1467/0x5450 [ 14.366219] kasan_check_range+0x10c/0x1c0 [ 14.366250] __kasan_check_write+0x18/0x20 [ 14.366270] kasan_atomics_helper+0x1467/0x5450 [ 14.366294] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.366317] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.366339] ? kasan_atomics+0x152/0x310 [ 14.366371] kasan_atomics+0x1dc/0x310 [ 14.366391] ? __pfx_kasan_atomics+0x10/0x10 [ 14.366413] ? __pfx_read_tsc+0x10/0x10 [ 14.366434] ? ktime_get_ts64+0x86/0x230 [ 14.366459] kunit_try_run_case+0x1a5/0x480 [ 14.366481] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.366501] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.366523] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.366548] ? __kthread_parkme+0x82/0x180 [ 14.366570] ? preempt_count_sub+0x50/0x80 [ 14.366597] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.366618] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.366642] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.366666] kthread+0x337/0x6f0 [ 14.366683] ? trace_preempt_on+0x20/0xc0 [ 14.366708] ? __pfx_kthread+0x10/0x10 [ 14.366727] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.366750] ? calculate_sigpending+0x7b/0xa0 [ 14.366772] ? __pfx_kthread+0x10/0x10 [ 14.366791] ret_from_fork+0x41/0x80 [ 14.366818] ? __pfx_kthread+0x10/0x10 [ 14.366840] ret_from_fork_asm+0x1a/0x30 [ 14.366872] </TASK> [ 14.366883] [ 14.374580] Allocated by task 285: [ 14.374739] kasan_save_stack+0x45/0x70 [ 14.374939] kasan_save_track+0x18/0x40 [ 14.375122] kasan_save_alloc_info+0x3b/0x50 [ 14.375278] __kasan_kmalloc+0xb7/0xc0 [ 14.375412] __kmalloc_cache_noprof+0x189/0x420 [ 14.375563] kasan_atomics+0x95/0x310 [ 14.375692] kunit_try_run_case+0x1a5/0x480 [ 14.375836] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.376012] kthread+0x337/0x6f0 [ 14.376132] ret_from_fork+0x41/0x80 [ 14.376288] ret_from_fork_asm+0x1a/0x30 [ 14.376483] [ 14.376574] The buggy address belongs to the object at ffff888103d00c80 [ 14.376574] which belongs to the cache kmalloc-64 of size 64 [ 14.377101] The buggy address is located 0 bytes to the right of [ 14.377101] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.378177] [ 14.378283] The buggy address belongs to the physical page: [ 14.378555] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.378872] flags: 0x200000000000000(node=0|zone=2) [ 14.379036] page_type: f5(slab) [ 14.379156] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.379803] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.380120] page dumped because: kasan: bad access detected [ 14.380335] [ 14.380502] Memory state around the buggy address: [ 14.380723] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.380944] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.381159] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.381413] ^ [ 14.381636] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.381957] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.382307] ================================================================== [ 13.759967] ================================================================== [ 13.760207] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 13.760714] Write of size 4 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 13.761342] [ 13.761551] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 13.761596] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.761609] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.761631] Call Trace: [ 13.761649] <TASK> [ 13.761666] dump_stack_lvl+0x73/0xb0 [ 13.761693] print_report+0xd1/0x610 [ 13.761716] ? __virt_addr_valid+0x1db/0x2d0 [ 13.761738] ? kasan_atomics_helper+0x4b3a/0x5450 [ 13.761761] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.761784] ? kasan_atomics_helper+0x4b3a/0x5450 [ 13.761807] kasan_report+0x141/0x180 [ 13.761830] ? kasan_atomics_helper+0x4b3a/0x5450 [ 13.761858] __asan_report_store4_noabort+0x1b/0x30 [ 13.761880] kasan_atomics_helper+0x4b3a/0x5450 [ 13.761904] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.761927] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.761950] ? kasan_atomics+0x152/0x310 [ 13.761974] kasan_atomics+0x1dc/0x310 [ 13.761994] ? __pfx_kasan_atomics+0x10/0x10 [ 13.762015] ? __pfx_read_tsc+0x10/0x10 [ 13.762064] ? ktime_get_ts64+0x86/0x230 [ 13.762090] kunit_try_run_case+0x1a5/0x480 [ 13.762112] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.762132] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.762153] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.762179] ? __kthread_parkme+0x82/0x180 [ 13.762200] ? preempt_count_sub+0x50/0x80 [ 13.762236] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.762278] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.762301] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.762326] kthread+0x337/0x6f0 [ 13.762344] ? trace_preempt_on+0x20/0xc0 [ 13.762376] ? __pfx_kthread+0x10/0x10 [ 13.762395] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.762418] ? calculate_sigpending+0x7b/0xa0 [ 13.762440] ? __pfx_kthread+0x10/0x10 [ 13.762460] ret_from_fork+0x41/0x80 [ 13.762481] ? __pfx_kthread+0x10/0x10 [ 13.762500] ret_from_fork_asm+0x1a/0x30 [ 13.762532] </TASK> [ 13.762544] [ 13.770909] Allocated by task 285: [ 13.771153] kasan_save_stack+0x45/0x70 [ 13.771389] kasan_save_track+0x18/0x40 [ 13.771586] kasan_save_alloc_info+0x3b/0x50 [ 13.771796] __kasan_kmalloc+0xb7/0xc0 [ 13.771956] __kmalloc_cache_noprof+0x189/0x420 [ 13.772105] kasan_atomics+0x95/0x310 [ 13.772242] kunit_try_run_case+0x1a5/0x480 [ 13.772427] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.772681] kthread+0x337/0x6f0 [ 13.772809] ret_from_fork+0x41/0x80 [ 13.772941] ret_from_fork_asm+0x1a/0x30 [ 13.773079] [ 13.773148] The buggy address belongs to the object at ffff888103d00c80 [ 13.773148] which belongs to the cache kmalloc-64 of size 64 [ 13.773717] The buggy address is located 0 bytes to the right of [ 13.773717] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 13.774258] [ 13.774394] The buggy address belongs to the physical page: [ 13.774644] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 13.774884] flags: 0x200000000000000(node=0|zone=2) [ 13.775043] page_type: f5(slab) [ 13.775162] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.775452] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.775783] page dumped because: kasan: bad access detected [ 13.776027] [ 13.776117] Memory state around the buggy address: [ 13.776366] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.776703] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.777031] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.777357] ^ [ 13.777554] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.777876] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.778206] ================================================================== [ 14.420187] ================================================================== [ 14.420490] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 14.420875] Write of size 8 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.421600] [ 14.421725] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.421794] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.421807] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.421840] Call Trace: [ 14.421855] <TASK> [ 14.421882] dump_stack_lvl+0x73/0xb0 [ 14.421920] print_report+0xd1/0x610 [ 14.421957] ? __virt_addr_valid+0x1db/0x2d0 [ 14.422003] ? kasan_atomics_helper+0x15b6/0x5450 [ 14.422026] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.422050] ? kasan_atomics_helper+0x15b6/0x5450 [ 14.422086] kasan_report+0x141/0x180 [ 14.422109] ? kasan_atomics_helper+0x15b6/0x5450 [ 14.422137] kasan_check_range+0x10c/0x1c0 [ 14.422159] __kasan_check_write+0x18/0x20 [ 14.422179] kasan_atomics_helper+0x15b6/0x5450 [ 14.422203] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.422236] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.422258] ? kasan_atomics+0x152/0x310 [ 14.422282] kasan_atomics+0x1dc/0x310 [ 14.422301] ? __pfx_kasan_atomics+0x10/0x10 [ 14.422323] ? __pfx_read_tsc+0x10/0x10 [ 14.422344] ? ktime_get_ts64+0x86/0x230 [ 14.422370] kunit_try_run_case+0x1a5/0x480 [ 14.422391] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.422410] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.422431] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.422457] ? __kthread_parkme+0x82/0x180 [ 14.422478] ? preempt_count_sub+0x50/0x80 [ 14.422505] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.422527] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.422553] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.422577] kthread+0x337/0x6f0 [ 14.422595] ? trace_preempt_on+0x20/0xc0 [ 14.422619] ? __pfx_kthread+0x10/0x10 [ 14.422638] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.422661] ? calculate_sigpending+0x7b/0xa0 [ 14.422683] ? __pfx_kthread+0x10/0x10 [ 14.422703] ret_from_fork+0x41/0x80 [ 14.422724] ? __pfx_kthread+0x10/0x10 [ 14.422743] ret_from_fork_asm+0x1a/0x30 [ 14.422774] </TASK> [ 14.422786] [ 14.431205] Allocated by task 285: [ 14.431484] kasan_save_stack+0x45/0x70 [ 14.431699] kasan_save_track+0x18/0x40 [ 14.431961] kasan_save_alloc_info+0x3b/0x50 [ 14.432196] __kasan_kmalloc+0xb7/0xc0 [ 14.432383] __kmalloc_cache_noprof+0x189/0x420 [ 14.432607] kasan_atomics+0x95/0x310 [ 14.432825] kunit_try_run_case+0x1a5/0x480 [ 14.433025] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.433258] kthread+0x337/0x6f0 [ 14.433394] ret_from_fork+0x41/0x80 [ 14.433609] ret_from_fork_asm+0x1a/0x30 [ 14.433860] [ 14.433962] The buggy address belongs to the object at ffff888103d00c80 [ 14.433962] which belongs to the cache kmalloc-64 of size 64 [ 14.434506] The buggy address is located 0 bytes to the right of [ 14.434506] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.435064] [ 14.435136] The buggy address belongs to the physical page: [ 14.435409] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.435775] flags: 0x200000000000000(node=0|zone=2) [ 14.436017] page_type: f5(slab) [ 14.436212] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.436577] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.436910] page dumped because: kasan: bad access detected [ 14.437179] [ 14.437290] Memory state around the buggy address: [ 14.437607] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.437949] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.438280] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.438674] ^ [ 14.438848] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.439219] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.439661] ================================================================== [ 13.989631] ================================================================== [ 13.990136] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 13.990642] Write of size 4 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 13.990900] [ 13.990988] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 13.991033] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.991046] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.991068] Call Trace: [ 13.991083] <TASK> [ 13.991098] dump_stack_lvl+0x73/0xb0 [ 13.991122] print_report+0xd1/0x610 [ 13.991146] ? __virt_addr_valid+0x1db/0x2d0 [ 13.991167] ? kasan_atomics_helper+0xb6a/0x5450 [ 13.991189] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.991212] ? kasan_atomics_helper+0xb6a/0x5450 [ 13.991248] kasan_report+0x141/0x180 [ 13.991272] ? kasan_atomics_helper+0xb6a/0x5450 [ 13.991299] kasan_check_range+0x10c/0x1c0 [ 13.991320] __kasan_check_write+0x18/0x20 [ 13.991340] kasan_atomics_helper+0xb6a/0x5450 [ 13.991377] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.991401] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.991423] ? kasan_atomics+0x152/0x310 [ 13.991447] kasan_atomics+0x1dc/0x310 [ 13.991466] ? __pfx_kasan_atomics+0x10/0x10 [ 13.991488] ? __pfx_read_tsc+0x10/0x10 [ 13.991508] ? ktime_get_ts64+0x86/0x230 [ 13.991534] kunit_try_run_case+0x1a5/0x480 [ 13.991556] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.991575] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.991597] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.991622] ? __kthread_parkme+0x82/0x180 [ 13.991644] ? preempt_count_sub+0x50/0x80 [ 13.991671] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.991693] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.991717] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.991741] kthread+0x337/0x6f0 [ 13.991759] ? trace_preempt_on+0x20/0xc0 [ 13.991784] ? __pfx_kthread+0x10/0x10 [ 13.991802] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.991825] ? calculate_sigpending+0x7b/0xa0 [ 13.991847] ? __pfx_kthread+0x10/0x10 [ 13.991866] ret_from_fork+0x41/0x80 [ 13.991887] ? __pfx_kthread+0x10/0x10 [ 13.991906] ret_from_fork_asm+0x1a/0x30 [ 13.991937] </TASK> [ 13.991948] [ 13.999177] Allocated by task 285: [ 13.999366] kasan_save_stack+0x45/0x70 [ 13.999561] kasan_save_track+0x18/0x40 [ 13.999751] kasan_save_alloc_info+0x3b/0x50 [ 13.999958] __kasan_kmalloc+0xb7/0xc0 [ 14.000143] __kmalloc_cache_noprof+0x189/0x420 [ 14.000374] kasan_atomics+0x95/0x310 [ 14.000512] kunit_try_run_case+0x1a5/0x480 [ 14.000699] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.000958] kthread+0x337/0x6f0 [ 14.001076] ret_from_fork+0x41/0x80 [ 14.001208] ret_from_fork_asm+0x1a/0x30 [ 14.001367] [ 14.001461] The buggy address belongs to the object at ffff888103d00c80 [ 14.001461] which belongs to the cache kmalloc-64 of size 64 [ 14.001997] The buggy address is located 0 bytes to the right of [ 14.001997] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.002548] [ 14.002645] The buggy address belongs to the physical page: [ 14.002889] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.003201] flags: 0x200000000000000(node=0|zone=2) [ 14.003440] page_type: f5(slab) [ 14.003570] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.003886] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.004116] page dumped because: kasan: bad access detected [ 14.004296] [ 14.004377] Memory state around the buggy address: [ 14.004600] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.004913] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.005241] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.005727] ^ [ 14.005915] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.006150] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.006571] ================================================================== [ 14.518497] ================================================================== [ 14.519160] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 14.519627] Write of size 8 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.520017] [ 14.520110] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.520154] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.520166] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.520214] Call Trace: [ 14.520247] <TASK> [ 14.520280] dump_stack_lvl+0x73/0xb0 [ 14.520314] print_report+0xd1/0x610 [ 14.520336] ? __virt_addr_valid+0x1db/0x2d0 [ 14.520370] ? kasan_atomics_helper+0x18b1/0x5450 [ 14.520394] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.520416] ? kasan_atomics_helper+0x18b1/0x5450 [ 14.520455] kasan_report+0x141/0x180 [ 14.520492] ? kasan_atomics_helper+0x18b1/0x5450 [ 14.520533] kasan_check_range+0x10c/0x1c0 [ 14.520567] __kasan_check_write+0x18/0x20 [ 14.520588] kasan_atomics_helper+0x18b1/0x5450 [ 14.520626] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.520662] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.520697] ? kasan_atomics+0x152/0x310 [ 14.520734] kasan_atomics+0x1dc/0x310 [ 14.520768] ? __pfx_kasan_atomics+0x10/0x10 [ 14.520802] ? __pfx_read_tsc+0x10/0x10 [ 14.520837] ? ktime_get_ts64+0x86/0x230 [ 14.520881] kunit_try_run_case+0x1a5/0x480 [ 14.520905] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.520929] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.520951] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.520976] ? __kthread_parkme+0x82/0x180 [ 14.520997] ? preempt_count_sub+0x50/0x80 [ 14.521023] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.521044] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.521067] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.521092] kthread+0x337/0x6f0 [ 14.521109] ? trace_preempt_on+0x20/0xc0 [ 14.521133] ? __pfx_kthread+0x10/0x10 [ 14.521152] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.521176] ? calculate_sigpending+0x7b/0xa0 [ 14.521197] ? __pfx_kthread+0x10/0x10 [ 14.521217] ret_from_fork+0x41/0x80 [ 14.521249] ? __pfx_kthread+0x10/0x10 [ 14.521268] ret_from_fork_asm+0x1a/0x30 [ 14.521300] </TASK> [ 14.521312] [ 14.529396] Allocated by task 285: [ 14.529551] kasan_save_stack+0x45/0x70 [ 14.529776] kasan_save_track+0x18/0x40 [ 14.529980] kasan_save_alloc_info+0x3b/0x50 [ 14.530210] __kasan_kmalloc+0xb7/0xc0 [ 14.530452] __kmalloc_cache_noprof+0x189/0x420 [ 14.530673] kasan_atomics+0x95/0x310 [ 14.530860] kunit_try_run_case+0x1a5/0x480 [ 14.531113] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.531349] kthread+0x337/0x6f0 [ 14.531553] ret_from_fork+0x41/0x80 [ 14.531737] ret_from_fork_asm+0x1a/0x30 [ 14.531962] [ 14.532092] The buggy address belongs to the object at ffff888103d00c80 [ 14.532092] which belongs to the cache kmalloc-64 of size 64 [ 14.532626] The buggy address is located 0 bytes to the right of [ 14.532626] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.533174] [ 14.533316] The buggy address belongs to the physical page: [ 14.533635] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.533887] flags: 0x200000000000000(node=0|zone=2) [ 14.534046] page_type: f5(slab) [ 14.534162] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.534420] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.534775] page dumped because: kasan: bad access detected [ 14.535047] [ 14.535138] Memory state around the buggy address: [ 14.535366] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.535674] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.535979] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.536278] ^ [ 14.536581] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.536854] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.537084] ================================================================== [ 14.834878] ================================================================== [ 14.835237] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 14.835605] Read of size 8 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.835953] [ 14.836064] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.836106] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.836118] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.836139] Call Trace: [ 14.836154] <TASK> [ 14.836168] dump_stack_lvl+0x73/0xb0 [ 14.836192] print_report+0xd1/0x610 [ 14.836215] ? __virt_addr_valid+0x1db/0x2d0 [ 14.836247] ? kasan_atomics_helper+0x4fb2/0x5450 [ 14.836269] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.836292] ? kasan_atomics_helper+0x4fb2/0x5450 [ 14.836315] kasan_report+0x141/0x180 [ 14.836338] ? kasan_atomics_helper+0x4fb2/0x5450 [ 14.836386] __asan_report_load8_noabort+0x18/0x20 [ 14.836407] kasan_atomics_helper+0x4fb2/0x5450 [ 14.836431] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.836453] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.836475] ? kasan_atomics+0x152/0x310 [ 14.836499] kasan_atomics+0x1dc/0x310 [ 14.836518] ? __pfx_kasan_atomics+0x10/0x10 [ 14.836540] ? __pfx_read_tsc+0x10/0x10 [ 14.836561] ? ktime_get_ts64+0x86/0x230 [ 14.836586] kunit_try_run_case+0x1a5/0x480 [ 14.836607] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.836627] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.836648] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.836673] ? __kthread_parkme+0x82/0x180 [ 14.836695] ? preempt_count_sub+0x50/0x80 [ 14.836720] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.836741] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.836765] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.836789] kthread+0x337/0x6f0 [ 14.836806] ? trace_preempt_on+0x20/0xc0 [ 14.836830] ? __pfx_kthread+0x10/0x10 [ 14.836848] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.836871] ? calculate_sigpending+0x7b/0xa0 [ 14.836893] ? __pfx_kthread+0x10/0x10 [ 14.836912] ret_from_fork+0x41/0x80 [ 14.836937] ? __pfx_kthread+0x10/0x10 [ 14.836956] ret_from_fork_asm+0x1a/0x30 [ 14.836987] </TASK> [ 14.836997] [ 14.844019] Allocated by task 285: [ 14.844202] kasan_save_stack+0x45/0x70 [ 14.844439] kasan_save_track+0x18/0x40 [ 14.844635] kasan_save_alloc_info+0x3b/0x50 [ 14.844839] __kasan_kmalloc+0xb7/0xc0 [ 14.845008] __kmalloc_cache_noprof+0x189/0x420 [ 14.845231] kasan_atomics+0x95/0x310 [ 14.845412] kunit_try_run_case+0x1a5/0x480 [ 14.845577] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.845797] kthread+0x337/0x6f0 [ 14.845945] ret_from_fork+0x41/0x80 [ 14.846103] ret_from_fork_asm+0x1a/0x30 [ 14.846279] [ 14.846398] The buggy address belongs to the object at ffff888103d00c80 [ 14.846398] which belongs to the cache kmalloc-64 of size 64 [ 14.846861] The buggy address is located 0 bytes to the right of [ 14.846861] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.847244] [ 14.847313] The buggy address belongs to the physical page: [ 14.847502] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.847740] flags: 0x200000000000000(node=0|zone=2) [ 14.847985] page_type: f5(slab) [ 14.848154] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.848527] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.848858] page dumped because: kasan: bad access detected [ 14.849108] [ 14.849199] Memory state around the buggy address: [ 14.849450] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.849762] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.849983] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.850211] ^ [ 14.850467] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.850784] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.851061] ================================================================== [ 14.346499] ================================================================== [ 14.346887] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 14.347194] Read of size 8 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.347693] [ 14.347799] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.347843] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.347854] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.347888] Call Trace: [ 14.347905] <TASK> [ 14.347920] dump_stack_lvl+0x73/0xb0 [ 14.347947] print_report+0xd1/0x610 [ 14.347971] ? __virt_addr_valid+0x1db/0x2d0 [ 14.348001] ? kasan_atomics_helper+0x4eae/0x5450 [ 14.348023] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.348057] ? kasan_atomics_helper+0x4eae/0x5450 [ 14.348079] kasan_report+0x141/0x180 [ 14.348104] ? kasan_atomics_helper+0x4eae/0x5450 [ 14.348134] __asan_report_load8_noabort+0x18/0x20 [ 14.348163] kasan_atomics_helper+0x4eae/0x5450 [ 14.348187] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.348211] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.348249] ? kasan_atomics+0x152/0x310 [ 14.348274] kasan_atomics+0x1dc/0x310 [ 14.348293] ? __pfx_kasan_atomics+0x10/0x10 [ 14.348315] ? __pfx_read_tsc+0x10/0x10 [ 14.348335] ? ktime_get_ts64+0x86/0x230 [ 14.348374] kunit_try_run_case+0x1a5/0x480 [ 14.348404] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.348424] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.348445] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.348481] ? __kthread_parkme+0x82/0x180 [ 14.348502] ? preempt_count_sub+0x50/0x80 [ 14.348529] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.348558] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.348582] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.348606] kthread+0x337/0x6f0 [ 14.348633] ? trace_preempt_on+0x20/0xc0 [ 14.348658] ? __pfx_kthread+0x10/0x10 [ 14.348677] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.348700] ? calculate_sigpending+0x7b/0xa0 [ 14.348723] ? __pfx_kthread+0x10/0x10 [ 14.348742] ret_from_fork+0x41/0x80 [ 14.348764] ? __pfx_kthread+0x10/0x10 [ 14.348782] ret_from_fork_asm+0x1a/0x30 [ 14.348815] </TASK> [ 14.348825] [ 14.356364] Allocated by task 285: [ 14.356550] kasan_save_stack+0x45/0x70 [ 14.356750] kasan_save_track+0x18/0x40 [ 14.356938] kasan_save_alloc_info+0x3b/0x50 [ 14.357086] __kasan_kmalloc+0xb7/0xc0 [ 14.357220] __kmalloc_cache_noprof+0x189/0x420 [ 14.357472] kasan_atomics+0x95/0x310 [ 14.357676] kunit_try_run_case+0x1a5/0x480 [ 14.357883] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.358134] kthread+0x337/0x6f0 [ 14.358306] ret_from_fork+0x41/0x80 [ 14.358646] ret_from_fork_asm+0x1a/0x30 [ 14.358812] [ 14.358884] The buggy address belongs to the object at ffff888103d00c80 [ 14.358884] which belongs to the cache kmalloc-64 of size 64 [ 14.359248] The buggy address is located 0 bytes to the right of [ 14.359248] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.359613] [ 14.359686] The buggy address belongs to the physical page: [ 14.359859] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.360097] flags: 0x200000000000000(node=0|zone=2) [ 14.360284] page_type: f5(slab) [ 14.360451] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.360785] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.361155] page dumped because: kasan: bad access detected [ 14.361520] [ 14.361613] Memory state around the buggy address: [ 14.361832] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.362145] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.362575] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.362795] ^ [ 14.362949] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.363168] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.363455] ================================================================== [ 14.575565] ================================================================== [ 14.576024] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 14.576363] Write of size 8 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.576667] [ 14.576778] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.576821] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.576834] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.576866] Call Trace: [ 14.576880] <TASK> [ 14.576894] dump_stack_lvl+0x73/0xb0 [ 14.576926] print_report+0xd1/0x610 [ 14.576962] ? __virt_addr_valid+0x1db/0x2d0 [ 14.576985] ? kasan_atomics_helper+0x1a7f/0x5450 [ 14.577007] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.577030] ? kasan_atomics_helper+0x1a7f/0x5450 [ 14.577052] kasan_report+0x141/0x180 [ 14.577075] ? kasan_atomics_helper+0x1a7f/0x5450 [ 14.577103] kasan_check_range+0x10c/0x1c0 [ 14.577125] __kasan_check_write+0x18/0x20 [ 14.577145] kasan_atomics_helper+0x1a7f/0x5450 [ 14.577169] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.577192] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.577214] ? kasan_atomics+0x152/0x310 [ 14.577248] kasan_atomics+0x1dc/0x310 [ 14.577268] ? __pfx_kasan_atomics+0x10/0x10 [ 14.577289] ? __pfx_read_tsc+0x10/0x10 [ 14.577310] ? ktime_get_ts64+0x86/0x230 [ 14.577336] kunit_try_run_case+0x1a5/0x480 [ 14.577357] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.577376] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.577398] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.577423] ? __kthread_parkme+0x82/0x180 [ 14.577445] ? preempt_count_sub+0x50/0x80 [ 14.577471] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.577491] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.577515] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.577539] kthread+0x337/0x6f0 [ 14.577557] ? trace_preempt_on+0x20/0xc0 [ 14.577580] ? __pfx_kthread+0x10/0x10 [ 14.577599] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.577621] ? calculate_sigpending+0x7b/0xa0 [ 14.577643] ? __pfx_kthread+0x10/0x10 [ 14.577662] ret_from_fork+0x41/0x80 [ 14.577683] ? __pfx_kthread+0x10/0x10 [ 14.577701] ret_from_fork_asm+0x1a/0x30 [ 14.577733] </TASK> [ 14.577744] [ 14.585665] Allocated by task 285: [ 14.585826] kasan_save_stack+0x45/0x70 [ 14.586030] kasan_save_track+0x18/0x40 [ 14.586243] kasan_save_alloc_info+0x3b/0x50 [ 14.586526] __kasan_kmalloc+0xb7/0xc0 [ 14.586671] __kmalloc_cache_noprof+0x189/0x420 [ 14.586876] kasan_atomics+0x95/0x310 [ 14.587084] kunit_try_run_case+0x1a5/0x480 [ 14.587257] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.587534] kthread+0x337/0x6f0 [ 14.587698] ret_from_fork+0x41/0x80 [ 14.587892] ret_from_fork_asm+0x1a/0x30 [ 14.588071] [ 14.588181] The buggy address belongs to the object at ffff888103d00c80 [ 14.588181] which belongs to the cache kmalloc-64 of size 64 [ 14.588772] The buggy address is located 0 bytes to the right of [ 14.588772] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.589173] [ 14.589272] The buggy address belongs to the physical page: [ 14.589534] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.590036] flags: 0x200000000000000(node=0|zone=2) [ 14.590198] page_type: f5(slab) [ 14.590347] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.590719] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.591016] page dumped because: kasan: bad access detected [ 14.591301] [ 14.591407] Memory state around the buggy address: [ 14.591610] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.591896] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.592180] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.593262] ^ [ 14.593628] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.594941] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.595524] ================================================================== [ 14.798119] ================================================================== [ 14.798641] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 14.798987] Read of size 8 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.799320] [ 14.799469] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.799528] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.799554] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.799576] Call Trace: [ 14.799606] <TASK> [ 14.799621] dump_stack_lvl+0x73/0xb0 [ 14.799647] print_report+0xd1/0x610 [ 14.799670] ? __virt_addr_valid+0x1db/0x2d0 [ 14.799706] ? kasan_atomics_helper+0x4f98/0x5450 [ 14.799741] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.799765] ? kasan_atomics_helper+0x4f98/0x5450 [ 14.799788] kasan_report+0x141/0x180 [ 14.799811] ? kasan_atomics_helper+0x4f98/0x5450 [ 14.799839] __asan_report_load8_noabort+0x18/0x20 [ 14.799861] kasan_atomics_helper+0x4f98/0x5450 [ 14.799885] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.799908] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.799930] ? kasan_atomics+0x152/0x310 [ 14.799954] kasan_atomics+0x1dc/0x310 [ 14.799974] ? __pfx_kasan_atomics+0x10/0x10 [ 14.799997] ? __pfx_read_tsc+0x10/0x10 [ 14.800018] ? ktime_get_ts64+0x86/0x230 [ 14.800045] kunit_try_run_case+0x1a5/0x480 [ 14.800066] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.800085] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.800107] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.800133] ? __kthread_parkme+0x82/0x180 [ 14.800173] ? preempt_count_sub+0x50/0x80 [ 14.800199] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.800220] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.800253] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.800277] kthread+0x337/0x6f0 [ 14.800294] ? trace_preempt_on+0x20/0xc0 [ 14.800318] ? __pfx_kthread+0x10/0x10 [ 14.800337] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.800379] ? calculate_sigpending+0x7b/0xa0 [ 14.800401] ? __pfx_kthread+0x10/0x10 [ 14.800438] ret_from_fork+0x41/0x80 [ 14.800461] ? __pfx_kthread+0x10/0x10 [ 14.800480] ret_from_fork_asm+0x1a/0x30 [ 14.800512] </TASK> [ 14.800524] [ 14.807954] Allocated by task 285: [ 14.808156] kasan_save_stack+0x45/0x70 [ 14.808391] kasan_save_track+0x18/0x40 [ 14.808580] kasan_save_alloc_info+0x3b/0x50 [ 14.808786] __kasan_kmalloc+0xb7/0xc0 [ 14.808968] __kmalloc_cache_noprof+0x189/0x420 [ 14.809173] kasan_atomics+0x95/0x310 [ 14.809389] kunit_try_run_case+0x1a5/0x480 [ 14.809586] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.809848] kthread+0x337/0x6f0 [ 14.810008] ret_from_fork+0x41/0x80 [ 14.810182] ret_from_fork_asm+0x1a/0x30 [ 14.810437] [ 14.810555] The buggy address belongs to the object at ffff888103d00c80 [ 14.810555] which belongs to the cache kmalloc-64 of size 64 [ 14.811086] The buggy address is located 0 bytes to the right of [ 14.811086] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.813363] [ 14.813476] The buggy address belongs to the physical page: [ 14.813681] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.814079] flags: 0x200000000000000(node=0|zone=2) [ 14.814298] page_type: f5(slab) [ 14.814510] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.814844] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.815145] page dumped because: kasan: bad access detected [ 14.815432] [ 14.815520] Memory state around the buggy address: [ 14.815683] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.816025] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.816307] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.816663] ^ [ 14.816854] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.817195] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.817492] ================================================================== [ 13.646506] ================================================================== [ 13.647138] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 13.647612] Read of size 4 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 13.647988] [ 13.648091] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 13.648137] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.648148] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.648169] Call Trace: [ 13.648182] <TASK> [ 13.648197] dump_stack_lvl+0x73/0xb0 [ 13.648235] print_report+0xd1/0x610 [ 13.648257] ? __virt_addr_valid+0x1db/0x2d0 [ 13.648279] ? kasan_atomics_helper+0x4b88/0x5450 [ 13.648300] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.648323] ? kasan_atomics_helper+0x4b88/0x5450 [ 13.648345] kasan_report+0x141/0x180 [ 13.648367] ? kasan_atomics_helper+0x4b88/0x5450 [ 13.648394] __asan_report_load4_noabort+0x18/0x20 [ 13.648414] kasan_atomics_helper+0x4b88/0x5450 [ 13.648437] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.648459] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.648480] ? kasan_atomics+0x152/0x310 [ 13.648503] kasan_atomics+0x1dc/0x310 [ 13.648522] ? __pfx_kasan_atomics+0x10/0x10 [ 13.648543] ? __pfx_read_tsc+0x10/0x10 [ 13.648677] ? ktime_get_ts64+0x86/0x230 [ 13.648704] kunit_try_run_case+0x1a5/0x480 [ 13.648744] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.648764] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.648786] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.648812] ? __kthread_parkme+0x82/0x180 [ 13.648834] ? preempt_count_sub+0x50/0x80 [ 13.648860] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.648881] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.648906] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.648936] kthread+0x337/0x6f0 [ 13.648954] ? trace_preempt_on+0x20/0xc0 [ 13.648979] ? __pfx_kthread+0x10/0x10 [ 13.648998] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.649021] ? calculate_sigpending+0x7b/0xa0 [ 13.649044] ? __pfx_kthread+0x10/0x10 [ 13.649063] ret_from_fork+0x41/0x80 [ 13.649085] ? __pfx_kthread+0x10/0x10 [ 13.649104] ret_from_fork_asm+0x1a/0x30 [ 13.649135] </TASK> [ 13.649147] [ 13.659996] Allocated by task 285: [ 13.660319] kasan_save_stack+0x45/0x70 [ 13.660783] kasan_save_track+0x18/0x40 [ 13.660988] kasan_save_alloc_info+0x3b/0x50 [ 13.661184] __kasan_kmalloc+0xb7/0xc0 [ 13.661366] __kmalloc_cache_noprof+0x189/0x420 [ 13.661571] kasan_atomics+0x95/0x310 [ 13.662250] kunit_try_run_case+0x1a5/0x480 [ 13.662981] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.663441] kthread+0x337/0x6f0 [ 13.663731] ret_from_fork+0x41/0x80 [ 13.664046] ret_from_fork_asm+0x1a/0x30 [ 13.664386] [ 13.664480] The buggy address belongs to the object at ffff888103d00c80 [ 13.664480] which belongs to the cache kmalloc-64 of size 64 [ 13.665209] The buggy address is located 0 bytes to the right of [ 13.665209] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 13.666195] [ 13.666298] The buggy address belongs to the physical page: [ 13.667157] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 13.668206] flags: 0x200000000000000(node=0|zone=2) [ 13.668825] page_type: f5(slab) [ 13.669152] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.669863] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.670318] page dumped because: kasan: bad access detected [ 13.670559] [ 13.670644] Memory state around the buggy address: [ 13.671191] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.671542] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.672085] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.672624] ^ [ 13.673058] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.673368] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.673658] ================================================================== [ 14.498892] ================================================================== [ 14.499275] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 14.499569] Write of size 8 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.500105] [ 14.500243] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.500286] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.500310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.500331] Call Trace: [ 14.500347] <TASK> [ 14.500372] dump_stack_lvl+0x73/0xb0 [ 14.500397] print_report+0xd1/0x610 [ 14.500449] ? __virt_addr_valid+0x1db/0x2d0 [ 14.500472] ? kasan_atomics_helper+0x1818/0x5450 [ 14.500493] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.500528] ? kasan_atomics_helper+0x1818/0x5450 [ 14.500551] kasan_report+0x141/0x180 [ 14.500601] ? kasan_atomics_helper+0x1818/0x5450 [ 14.500629] kasan_check_range+0x10c/0x1c0 [ 14.500650] __kasan_check_write+0x18/0x20 [ 14.500681] kasan_atomics_helper+0x1818/0x5450 [ 14.500705] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.500753] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.500776] ? kasan_atomics+0x152/0x310 [ 14.500802] kasan_atomics+0x1dc/0x310 [ 14.500832] ? __pfx_kasan_atomics+0x10/0x10 [ 14.500854] ? __pfx_read_tsc+0x10/0x10 [ 14.500899] ? ktime_get_ts64+0x86/0x230 [ 14.500930] kunit_try_run_case+0x1a5/0x480 [ 14.500978] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.501011] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.501033] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.501071] ? __kthread_parkme+0x82/0x180 [ 14.501107] ? preempt_count_sub+0x50/0x80 [ 14.501146] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.501179] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.501216] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.501263] kthread+0x337/0x6f0 [ 14.501294] ? trace_preempt_on+0x20/0xc0 [ 14.501332] ? __pfx_kthread+0x10/0x10 [ 14.501351] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.501387] ? calculate_sigpending+0x7b/0xa0 [ 14.501423] ? __pfx_kthread+0x10/0x10 [ 14.501455] ret_from_fork+0x41/0x80 [ 14.501489] ? __pfx_kthread+0x10/0x10 [ 14.501508] ret_from_fork_asm+0x1a/0x30 [ 14.501565] </TASK> [ 14.501576] [ 14.509492] Allocated by task 285: [ 14.509622] kasan_save_stack+0x45/0x70 [ 14.509765] kasan_save_track+0x18/0x40 [ 14.509897] kasan_save_alloc_info+0x3b/0x50 [ 14.510039] __kasan_kmalloc+0xb7/0xc0 [ 14.510284] __kmalloc_cache_noprof+0x189/0x420 [ 14.510523] kasan_atomics+0x95/0x310 [ 14.510741] kunit_try_run_case+0x1a5/0x480 [ 14.510954] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.511200] kthread+0x337/0x6f0 [ 14.511369] ret_from_fork+0x41/0x80 [ 14.511547] ret_from_fork_asm+0x1a/0x30 [ 14.511740] [ 14.511832] The buggy address belongs to the object at ffff888103d00c80 [ 14.511832] which belongs to the cache kmalloc-64 of size 64 [ 14.512351] The buggy address is located 0 bytes to the right of [ 14.512351] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.513291] [ 14.513362] The buggy address belongs to the physical page: [ 14.513527] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.513756] flags: 0x200000000000000(node=0|zone=2) [ 14.513983] page_type: f5(slab) [ 14.514149] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.514666] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.515090] page dumped because: kasan: bad access detected [ 14.515370] [ 14.515453] Memory state around the buggy address: [ 14.515632] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.515982] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.516296] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.516562] ^ [ 14.516801] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.517121] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.517523] ================================================================== [ 14.912436] ================================================================== [ 14.912805] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 14.913089] Read of size 8 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.913321] [ 14.913422] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.913466] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.913478] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.913499] Call Trace: [ 14.913513] <TASK> [ 14.913526] dump_stack_lvl+0x73/0xb0 [ 14.913551] print_report+0xd1/0x610 [ 14.913574] ? __virt_addr_valid+0x1db/0x2d0 [ 14.913595] ? kasan_atomics_helper+0x5115/0x5450 [ 14.913617] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.913640] ? kasan_atomics_helper+0x5115/0x5450 [ 14.913662] kasan_report+0x141/0x180 [ 14.913686] ? kasan_atomics_helper+0x5115/0x5450 [ 14.913714] __asan_report_load8_noabort+0x18/0x20 [ 14.913735] kasan_atomics_helper+0x5115/0x5450 [ 14.913759] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.913783] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.913805] ? kasan_atomics+0x152/0x310 [ 14.913829] kasan_atomics+0x1dc/0x310 [ 14.913849] ? __pfx_kasan_atomics+0x10/0x10 [ 14.913870] ? __pfx_read_tsc+0x10/0x10 [ 14.913891] ? ktime_get_ts64+0x86/0x230 [ 14.913917] kunit_try_run_case+0x1a5/0x480 [ 14.913938] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.913957] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.913979] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.914004] ? __kthread_parkme+0x82/0x180 [ 14.914026] ? preempt_count_sub+0x50/0x80 [ 14.914051] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.914072] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.914096] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.914120] kthread+0x337/0x6f0 [ 14.914137] ? trace_preempt_on+0x20/0xc0 [ 14.914161] ? __pfx_kthread+0x10/0x10 [ 14.914180] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.914203] ? calculate_sigpending+0x7b/0xa0 [ 14.914235] ? __pfx_kthread+0x10/0x10 [ 14.914254] ret_from_fork+0x41/0x80 [ 14.914275] ? __pfx_kthread+0x10/0x10 [ 14.914293] ret_from_fork_asm+0x1a/0x30 [ 14.914325] </TASK> [ 14.914336] [ 14.921526] Allocated by task 285: [ 14.921700] kasan_save_stack+0x45/0x70 [ 14.921895] kasan_save_track+0x18/0x40 [ 14.922086] kasan_save_alloc_info+0x3b/0x50 [ 14.922252] __kasan_kmalloc+0xb7/0xc0 [ 14.922412] __kmalloc_cache_noprof+0x189/0x420 [ 14.922567] kasan_atomics+0x95/0x310 [ 14.922754] kunit_try_run_case+0x1a5/0x480 [ 14.922957] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.923207] kthread+0x337/0x6f0 [ 14.923410] ret_from_fork+0x41/0x80 [ 14.923602] ret_from_fork_asm+0x1a/0x30 [ 14.923798] [ 14.923880] The buggy address belongs to the object at ffff888103d00c80 [ 14.923880] which belongs to the cache kmalloc-64 of size 64 [ 14.924362] The buggy address is located 0 bytes to the right of [ 14.924362] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.924835] [ 14.924934] The buggy address belongs to the physical page: [ 14.925147] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.925508] flags: 0x200000000000000(node=0|zone=2) [ 14.925700] page_type: f5(slab) [ 14.925820] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.926050] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.926424] page dumped because: kasan: bad access detected [ 14.926679] [ 14.926770] Memory state around the buggy address: [ 14.926992] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.927286] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.927601] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.927834] ^ [ 14.928057] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.928409] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.928674] ================================================================== [ 13.882024] ================================================================== [ 13.882396] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 13.882923] Write of size 4 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 13.883258] [ 13.883388] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 13.883431] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.883444] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.883467] Call Trace: [ 13.883484] <TASK> [ 13.883500] dump_stack_lvl+0x73/0xb0 [ 13.883526] print_report+0xd1/0x610 [ 13.883551] ? __virt_addr_valid+0x1db/0x2d0 [ 13.883574] ? kasan_atomics_helper+0x860/0x5450 [ 13.883597] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.883621] ? kasan_atomics_helper+0x860/0x5450 [ 13.883643] kasan_report+0x141/0x180 [ 13.883668] ? kasan_atomics_helper+0x860/0x5450 [ 13.883695] kasan_check_range+0x10c/0x1c0 [ 13.883718] __kasan_check_write+0x18/0x20 [ 13.883740] kasan_atomics_helper+0x860/0x5450 [ 13.883765] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.883791] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.883816] ? kasan_atomics+0x152/0x310 [ 13.883841] kasan_atomics+0x1dc/0x310 [ 13.883860] ? __pfx_kasan_atomics+0x10/0x10 [ 13.883883] ? __pfx_read_tsc+0x10/0x10 [ 13.883904] ? ktime_get_ts64+0x86/0x230 [ 13.884387] kunit_try_run_case+0x1a5/0x480 [ 13.884420] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.884441] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.884462] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.884488] ? __kthread_parkme+0x82/0x180 [ 13.884513] ? preempt_count_sub+0x50/0x80 [ 13.884542] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.884563] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.884587] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.884611] kthread+0x337/0x6f0 [ 13.884630] ? trace_preempt_on+0x20/0xc0 [ 13.884654] ? __pfx_kthread+0x10/0x10 [ 13.884673] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.884695] ? calculate_sigpending+0x7b/0xa0 [ 13.884718] ? __pfx_kthread+0x10/0x10 [ 13.884737] ret_from_fork+0x41/0x80 [ 13.884759] ? __pfx_kthread+0x10/0x10 [ 13.884778] ret_from_fork_asm+0x1a/0x30 [ 13.884811] </TASK> [ 13.884822] [ 13.895418] Allocated by task 285: [ 13.895736] kasan_save_stack+0x45/0x70 [ 13.896043] kasan_save_track+0x18/0x40 [ 13.896336] kasan_save_alloc_info+0x3b/0x50 [ 13.896684] __kasan_kmalloc+0xb7/0xc0 [ 13.896875] __kmalloc_cache_noprof+0x189/0x420 [ 13.897206] kasan_atomics+0x95/0x310 [ 13.897396] kunit_try_run_case+0x1a5/0x480 [ 13.897668] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.898082] kthread+0x337/0x6f0 [ 13.898349] ret_from_fork+0x41/0x80 [ 13.898515] ret_from_fork_asm+0x1a/0x30 [ 13.898803] [ 13.898883] The buggy address belongs to the object at ffff888103d00c80 [ 13.898883] which belongs to the cache kmalloc-64 of size 64 [ 13.899384] The buggy address is located 0 bytes to the right of [ 13.899384] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 13.900213] [ 13.900308] The buggy address belongs to the physical page: [ 13.900770] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 13.901174] flags: 0x200000000000000(node=0|zone=2) [ 13.901563] page_type: f5(slab) [ 13.901716] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.902203] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.902704] page dumped because: kasan: bad access detected [ 13.903023] [ 13.903097] Memory state around the buggy address: [ 13.903328] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.903843] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.904211] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.904650] ^ [ 13.904965] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.905364] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.905729] ================================================================== [ 14.383256] ================================================================== [ 14.383630] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 14.383979] Write of size 8 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.384203] [ 14.384300] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.384342] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.384355] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.384375] Call Trace: [ 14.384391] <TASK> [ 14.384405] dump_stack_lvl+0x73/0xb0 [ 14.384428] print_report+0xd1/0x610 [ 14.384451] ? __virt_addr_valid+0x1db/0x2d0 [ 14.384473] ? kasan_atomics_helper+0x50d4/0x5450 [ 14.384495] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.384519] ? kasan_atomics_helper+0x50d4/0x5450 [ 14.384541] kasan_report+0x141/0x180 [ 14.384565] ? kasan_atomics_helper+0x50d4/0x5450 [ 14.384592] __asan_report_store8_noabort+0x1b/0x30 [ 14.384614] kasan_atomics_helper+0x50d4/0x5450 [ 14.384638] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.384661] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.384683] ? kasan_atomics+0x152/0x310 [ 14.384707] kasan_atomics+0x1dc/0x310 [ 14.384727] ? __pfx_kasan_atomics+0x10/0x10 [ 14.384760] ? __pfx_read_tsc+0x10/0x10 [ 14.384782] ? ktime_get_ts64+0x86/0x230 [ 14.384808] kunit_try_run_case+0x1a5/0x480 [ 14.384840] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.384860] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.384881] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.384906] ? __kthread_parkme+0x82/0x180 [ 14.384933] ? preempt_count_sub+0x50/0x80 [ 14.384959] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.384980] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.385004] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.385028] kthread+0x337/0x6f0 [ 14.385045] ? trace_preempt_on+0x20/0xc0 [ 14.385069] ? __pfx_kthread+0x10/0x10 [ 14.385088] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.385111] ? calculate_sigpending+0x7b/0xa0 [ 14.385134] ? __pfx_kthread+0x10/0x10 [ 14.385154] ret_from_fork+0x41/0x80 [ 14.385175] ? __pfx_kthread+0x10/0x10 [ 14.385194] ret_from_fork_asm+0x1a/0x30 [ 14.385235] </TASK> [ 14.385246] [ 14.392757] Allocated by task 285: [ 14.392948] kasan_save_stack+0x45/0x70 [ 14.393150] kasan_save_track+0x18/0x40 [ 14.393377] kasan_save_alloc_info+0x3b/0x50 [ 14.393605] __kasan_kmalloc+0xb7/0xc0 [ 14.393793] __kmalloc_cache_noprof+0x189/0x420 [ 14.394009] kasan_atomics+0x95/0x310 [ 14.394191] kunit_try_run_case+0x1a5/0x480 [ 14.394399] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.394648] kthread+0x337/0x6f0 [ 14.394809] ret_from_fork+0x41/0x80 [ 14.394989] ret_from_fork_asm+0x1a/0x30 [ 14.395190] [ 14.395271] The buggy address belongs to the object at ffff888103d00c80 [ 14.395271] which belongs to the cache kmalloc-64 of size 64 [ 14.395617] The buggy address is located 0 bytes to the right of [ 14.395617] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.396328] [ 14.396494] The buggy address belongs to the physical page: [ 14.396747] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.397104] flags: 0x200000000000000(node=0|zone=2) [ 14.397366] page_type: f5(slab) [ 14.397599] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.397949] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.398181] page dumped because: kasan: bad access detected [ 14.398529] [ 14.398623] Memory state around the buggy address: [ 14.398850] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.399165] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.399512] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.399794] ^ [ 14.400017] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.400333] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.400620] ================================================================== [ 14.893505] ================================================================== [ 14.894019] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 14.894754] Write of size 8 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.895122] [ 14.895417] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.895469] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.895483] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.895504] Call Trace: [ 14.895522] <TASK> [ 14.895540] dump_stack_lvl+0x73/0xb0 [ 14.895574] print_report+0xd1/0x610 [ 14.895598] ? __virt_addr_valid+0x1db/0x2d0 [ 14.895619] ? kasan_atomics_helper+0x224c/0x5450 [ 14.895641] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.895664] ? kasan_atomics_helper+0x224c/0x5450 [ 14.895687] kasan_report+0x141/0x180 [ 14.895710] ? kasan_atomics_helper+0x224c/0x5450 [ 14.895739] kasan_check_range+0x10c/0x1c0 [ 14.895760] __kasan_check_write+0x18/0x20 [ 14.895781] kasan_atomics_helper+0x224c/0x5450 [ 14.895805] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.895828] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.895850] ? kasan_atomics+0x152/0x310 [ 14.895873] kasan_atomics+0x1dc/0x310 [ 14.895893] ? __pfx_kasan_atomics+0x10/0x10 [ 14.895915] ? __pfx_read_tsc+0x10/0x10 [ 14.895936] ? ktime_get_ts64+0x86/0x230 [ 14.895961] kunit_try_run_case+0x1a5/0x480 [ 14.895982] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.896002] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.896023] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.896047] ? __kthread_parkme+0x82/0x180 [ 14.896069] ? preempt_count_sub+0x50/0x80 [ 14.896095] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.896116] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.896140] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.896164] kthread+0x337/0x6f0 [ 14.896181] ? trace_preempt_on+0x20/0xc0 [ 14.896204] ? __pfx_kthread+0x10/0x10 [ 14.896233] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.896256] ? calculate_sigpending+0x7b/0xa0 [ 14.896277] ? __pfx_kthread+0x10/0x10 [ 14.896296] ret_from_fork+0x41/0x80 [ 14.896317] ? __pfx_kthread+0x10/0x10 [ 14.896335] ret_from_fork_asm+0x1a/0x30 [ 14.896426] </TASK> [ 14.896438] [ 14.904612] Allocated by task 285: [ 14.904798] kasan_save_stack+0x45/0x70 [ 14.905010] kasan_save_track+0x18/0x40 [ 14.905183] kasan_save_alloc_info+0x3b/0x50 [ 14.905420] __kasan_kmalloc+0xb7/0xc0 [ 14.905581] __kmalloc_cache_noprof+0x189/0x420 [ 14.905800] kasan_atomics+0x95/0x310 [ 14.905956] kunit_try_run_case+0x1a5/0x480 [ 14.906154] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.906428] kthread+0x337/0x6f0 [ 14.906587] ret_from_fork+0x41/0x80 [ 14.906720] ret_from_fork_asm+0x1a/0x30 [ 14.906860] [ 14.906930] The buggy address belongs to the object at ffff888103d00c80 [ 14.906930] which belongs to the cache kmalloc-64 of size 64 [ 14.907334] The buggy address is located 0 bytes to the right of [ 14.907334] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.907905] [ 14.908002] The buggy address belongs to the physical page: [ 14.908261] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.908637] flags: 0x200000000000000(node=0|zone=2) [ 14.908842] page_type: f5(slab) [ 14.908970] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.909201] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.909576] page dumped because: kasan: bad access detected [ 14.909832] [ 14.909927] Memory state around the buggy address: [ 14.910149] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.910472] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.910763] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.911062] ^ [ 14.911270] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.911569] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.911864] ================================================================== [ 13.864271] ================================================================== [ 13.864533] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 13.864762] Write of size 4 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 13.865330] [ 13.865526] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 13.865572] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.865585] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.865608] Call Trace: [ 13.865626] <TASK> [ 13.865641] dump_stack_lvl+0x73/0xb0 [ 13.865668] print_report+0xd1/0x610 [ 13.865692] ? __virt_addr_valid+0x1db/0x2d0 [ 13.865715] ? kasan_atomics_helper+0x7c7/0x5450 [ 13.865737] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.865760] ? kasan_atomics_helper+0x7c7/0x5450 [ 13.865783] kasan_report+0x141/0x180 [ 13.865807] ? kasan_atomics_helper+0x7c7/0x5450 [ 13.865834] kasan_check_range+0x10c/0x1c0 [ 13.865855] __kasan_check_write+0x18/0x20 [ 13.865875] kasan_atomics_helper+0x7c7/0x5450 [ 13.865898] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.865923] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.865945] ? kasan_atomics+0x152/0x310 [ 13.865969] kasan_atomics+0x1dc/0x310 [ 13.866010] ? __pfx_kasan_atomics+0x10/0x10 [ 13.866032] ? __pfx_read_tsc+0x10/0x10 [ 13.866053] ? ktime_get_ts64+0x86/0x230 [ 13.866079] kunit_try_run_case+0x1a5/0x480 [ 13.866102] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.866121] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.866143] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.866168] ? __kthread_parkme+0x82/0x180 [ 13.866190] ? preempt_count_sub+0x50/0x80 [ 13.866218] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.866254] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.866278] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.866302] kthread+0x337/0x6f0 [ 13.866320] ? trace_preempt_on+0x20/0xc0 [ 13.866344] ? __pfx_kthread+0x10/0x10 [ 13.866363] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.866386] ? calculate_sigpending+0x7b/0xa0 [ 13.866409] ? __pfx_kthread+0x10/0x10 [ 13.866428] ret_from_fork+0x41/0x80 [ 13.866459] ? __pfx_kthread+0x10/0x10 [ 13.866478] ret_from_fork_asm+0x1a/0x30 [ 13.866510] </TASK> [ 13.866522] [ 13.873738] Allocated by task 285: [ 13.873862] kasan_save_stack+0x45/0x70 [ 13.874005] kasan_save_track+0x18/0x40 [ 13.874194] kasan_save_alloc_info+0x3b/0x50 [ 13.874410] __kasan_kmalloc+0xb7/0xc0 [ 13.874595] __kmalloc_cache_noprof+0x189/0x420 [ 13.874900] kasan_atomics+0x95/0x310 [ 13.875081] kunit_try_run_case+0x1a5/0x480 [ 13.875288] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.875577] kthread+0x337/0x6f0 [ 13.875694] ret_from_fork+0x41/0x80 [ 13.875822] ret_from_fork_asm+0x1a/0x30 [ 13.875979] [ 13.876074] The buggy address belongs to the object at ffff888103d00c80 [ 13.876074] which belongs to the cache kmalloc-64 of size 64 [ 13.876618] The buggy address is located 0 bytes to the right of [ 13.876618] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 13.877096] [ 13.877167] The buggy address belongs to the physical page: [ 13.877609] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 13.877901] flags: 0x200000000000000(node=0|zone=2) [ 13.878061] page_type: f5(slab) [ 13.878181] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.878494] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.878819] page dumped because: kasan: bad access detected [ 13.879139] [ 13.879335] Memory state around the buggy address: [ 13.879504] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.879715] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.879926] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.880131] ^ [ 13.880319] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.880637] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.880957] ================================================================== [ 13.742137] ================================================================== [ 13.742444] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 13.742774] Write of size 4 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 13.743279] [ 13.743368] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 13.743429] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.743442] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.743463] Call Trace: [ 13.743481] <TASK> [ 13.743497] dump_stack_lvl+0x73/0xb0 [ 13.743522] print_report+0xd1/0x610 [ 13.743545] ? __virt_addr_valid+0x1db/0x2d0 [ 13.743568] ? kasan_atomics_helper+0x4a0/0x5450 [ 13.743589] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.743615] ? kasan_atomics_helper+0x4a0/0x5450 [ 13.743672] kasan_report+0x141/0x180 [ 13.743697] ? kasan_atomics_helper+0x4a0/0x5450 [ 13.743724] kasan_check_range+0x10c/0x1c0 [ 13.743745] __kasan_check_write+0x18/0x20 [ 13.743765] kasan_atomics_helper+0x4a0/0x5450 [ 13.743806] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.743830] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.743851] ? kasan_atomics+0x152/0x310 [ 13.743890] kasan_atomics+0x1dc/0x310 [ 13.743910] ? __pfx_kasan_atomics+0x10/0x10 [ 13.743931] ? __pfx_read_tsc+0x10/0x10 [ 13.743953] ? ktime_get_ts64+0x86/0x230 [ 13.743978] kunit_try_run_case+0x1a5/0x480 [ 13.744000] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.744020] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.744042] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.744067] ? __kthread_parkme+0x82/0x180 [ 13.744089] ? preempt_count_sub+0x50/0x80 [ 13.744115] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.744135] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.744178] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.744203] kthread+0x337/0x6f0 [ 13.744221] ? trace_preempt_on+0x20/0xc0 [ 13.744256] ? __pfx_kthread+0x10/0x10 [ 13.744274] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.744297] ? calculate_sigpending+0x7b/0xa0 [ 13.744320] ? __pfx_kthread+0x10/0x10 [ 13.744339] ret_from_fork+0x41/0x80 [ 13.744362] ? __pfx_kthread+0x10/0x10 [ 13.744381] ret_from_fork_asm+0x1a/0x30 [ 13.744432] </TASK> [ 13.744443] [ 13.752150] Allocated by task 285: [ 13.752351] kasan_save_stack+0x45/0x70 [ 13.752560] kasan_save_track+0x18/0x40 [ 13.752735] kasan_save_alloc_info+0x3b/0x50 [ 13.752947] __kasan_kmalloc+0xb7/0xc0 [ 13.753139] __kmalloc_cache_noprof+0x189/0x420 [ 13.753328] kasan_atomics+0x95/0x310 [ 13.753534] kunit_try_run_case+0x1a5/0x480 [ 13.753711] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.753962] kthread+0x337/0x6f0 [ 13.754104] ret_from_fork+0x41/0x80 [ 13.754321] ret_from_fork_asm+0x1a/0x30 [ 13.754540] [ 13.754636] The buggy address belongs to the object at ffff888103d00c80 [ 13.754636] which belongs to the cache kmalloc-64 of size 64 [ 13.755097] The buggy address is located 0 bytes to the right of [ 13.755097] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 13.755649] [ 13.755769] The buggy address belongs to the physical page: [ 13.755990] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 13.756243] flags: 0x200000000000000(node=0|zone=2) [ 13.756409] page_type: f5(slab) [ 13.756530] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.756761] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.756992] page dumped because: kasan: bad access detected [ 13.757163] [ 13.757256] Memory state around the buggy address: [ 13.757482] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.757798] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.758112] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.758431] ^ [ 13.758650] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.758960] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.759402] ================================================================== [ 14.658081] ================================================================== [ 14.658340] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 14.658699] Write of size 8 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.659026] [ 14.659132] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.659173] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.659185] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.659205] Call Trace: [ 14.659219] <TASK> [ 14.659245] dump_stack_lvl+0x73/0xb0 [ 14.659271] print_report+0xd1/0x610 [ 14.659295] ? __virt_addr_valid+0x1db/0x2d0 [ 14.659316] ? kasan_atomics_helper+0x1ce1/0x5450 [ 14.659339] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.659372] ? kasan_atomics_helper+0x1ce1/0x5450 [ 14.659396] kasan_report+0x141/0x180 [ 14.659419] ? kasan_atomics_helper+0x1ce1/0x5450 [ 14.659447] kasan_check_range+0x10c/0x1c0 [ 14.659468] __kasan_check_write+0x18/0x20 [ 14.659489] kasan_atomics_helper+0x1ce1/0x5450 [ 14.659513] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.659536] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.659558] ? kasan_atomics+0x152/0x310 [ 14.659582] kasan_atomics+0x1dc/0x310 [ 14.659602] ? __pfx_kasan_atomics+0x10/0x10 [ 14.659623] ? __pfx_read_tsc+0x10/0x10 [ 14.659644] ? ktime_get_ts64+0x86/0x230 [ 14.659669] kunit_try_run_case+0x1a5/0x480 [ 14.659690] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.659709] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.659730] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.659758] ? __kthread_parkme+0x82/0x180 [ 14.659780] ? preempt_count_sub+0x50/0x80 [ 14.659806] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.659827] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.659850] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.659874] kthread+0x337/0x6f0 [ 14.659891] ? trace_preempt_on+0x20/0xc0 [ 14.659915] ? __pfx_kthread+0x10/0x10 [ 14.659934] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.659956] ? calculate_sigpending+0x7b/0xa0 [ 14.659978] ? __pfx_kthread+0x10/0x10 [ 14.659998] ret_from_fork+0x41/0x80 [ 14.660018] ? __pfx_kthread+0x10/0x10 [ 14.660037] ret_from_fork_asm+0x1a/0x30 [ 14.660068] </TASK> [ 14.660079] [ 14.667877] Allocated by task 285: [ 14.668010] kasan_save_stack+0x45/0x70 [ 14.668202] kasan_save_track+0x18/0x40 [ 14.668419] kasan_save_alloc_info+0x3b/0x50 [ 14.668585] __kasan_kmalloc+0xb7/0xc0 [ 14.668765] __kmalloc_cache_noprof+0x189/0x420 [ 14.668958] kasan_atomics+0x95/0x310 [ 14.669146] kunit_try_run_case+0x1a5/0x480 [ 14.669351] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.669583] kthread+0x337/0x6f0 [ 14.669726] ret_from_fork+0x41/0x80 [ 14.669908] ret_from_fork_asm+0x1a/0x30 [ 14.670060] [ 14.670154] The buggy address belongs to the object at ffff888103d00c80 [ 14.670154] which belongs to the cache kmalloc-64 of size 64 [ 14.670620] The buggy address is located 0 bytes to the right of [ 14.670620] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.671103] [ 14.671198] The buggy address belongs to the physical page: [ 14.671512] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.671833] flags: 0x200000000000000(node=0|zone=2) [ 14.672059] page_type: f5(slab) [ 14.672200] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.672530] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.672767] page dumped because: kasan: bad access detected [ 14.672942] [ 14.673012] Memory state around the buggy address: [ 14.673166] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.673472] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.673802] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.674113] ^ [ 14.674344] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.674658] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.674924] ================================================================== [ 13.844602] ================================================================== [ 13.845040] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 13.845702] Write of size 4 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 13.845948] [ 13.846041] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 13.846087] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.846100] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.846123] Call Trace: [ 13.846142] <TASK> [ 13.846159] dump_stack_lvl+0x73/0xb0 [ 13.846186] print_report+0xd1/0x610 [ 13.846209] ? __virt_addr_valid+0x1db/0x2d0 [ 13.846571] ? kasan_atomics_helper+0x72f/0x5450 [ 13.846603] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.846627] ? kasan_atomics_helper+0x72f/0x5450 [ 13.846651] kasan_report+0x141/0x180 [ 13.846693] ? kasan_atomics_helper+0x72f/0x5450 [ 13.846721] kasan_check_range+0x10c/0x1c0 [ 13.846742] __kasan_check_write+0x18/0x20 [ 13.846762] kasan_atomics_helper+0x72f/0x5450 [ 13.846786] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.846809] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.846832] ? kasan_atomics+0x152/0x310 [ 13.846856] kasan_atomics+0x1dc/0x310 [ 13.846877] ? __pfx_kasan_atomics+0x10/0x10 [ 13.846898] ? __pfx_read_tsc+0x10/0x10 [ 13.846920] ? ktime_get_ts64+0x86/0x230 [ 13.846947] kunit_try_run_case+0x1a5/0x480 [ 13.846969] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.846989] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.847011] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.847036] ? __kthread_parkme+0x82/0x180 [ 13.847058] ? preempt_count_sub+0x50/0x80 [ 13.847084] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.847106] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.847145] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.847170] kthread+0x337/0x6f0 [ 13.847187] ? trace_preempt_on+0x20/0xc0 [ 13.847212] ? __pfx_kthread+0x10/0x10 [ 13.847241] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.847263] ? calculate_sigpending+0x7b/0xa0 [ 13.847286] ? __pfx_kthread+0x10/0x10 [ 13.847305] ret_from_fork+0x41/0x80 [ 13.847327] ? __pfx_kthread+0x10/0x10 [ 13.847345] ret_from_fork_asm+0x1a/0x30 [ 13.847389] </TASK> [ 13.847401] [ 13.854671] Allocated by task 285: [ 13.854848] kasan_save_stack+0x45/0x70 [ 13.855064] kasan_save_track+0x18/0x40 [ 13.855331] kasan_save_alloc_info+0x3b/0x50 [ 13.855537] __kasan_kmalloc+0xb7/0xc0 [ 13.855777] __kmalloc_cache_noprof+0x189/0x420 [ 13.855989] kasan_atomics+0x95/0x310 [ 13.856170] kunit_try_run_case+0x1a5/0x480 [ 13.856342] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.856589] kthread+0x337/0x6f0 [ 13.856768] ret_from_fork+0x41/0x80 [ 13.856898] ret_from_fork_asm+0x1a/0x30 [ 13.857038] [ 13.857106] The buggy address belongs to the object at ffff888103d00c80 [ 13.857106] which belongs to the cache kmalloc-64 of size 64 [ 13.857988] The buggy address is located 0 bytes to the right of [ 13.857988] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 13.858521] [ 13.858593] The buggy address belongs to the physical page: [ 13.858833] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 13.859174] flags: 0x200000000000000(node=0|zone=2) [ 13.859457] page_type: f5(slab) [ 13.859603] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.859900] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.860214] page dumped because: kasan: bad access detected [ 13.860447] [ 13.860567] Memory state around the buggy address: [ 13.860759] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.861064] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.861286] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.861787] ^ [ 13.861980] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.862203] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.862767] ================================================================== [ 14.328112] ================================================================== [ 14.328748] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 14.329293] Read of size 8 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.329658] [ 14.329747] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.329793] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.329805] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.329828] Call Trace: [ 14.329846] <TASK> [ 14.329863] dump_stack_lvl+0x73/0xb0 [ 14.329890] print_report+0xd1/0x610 [ 14.329913] ? __virt_addr_valid+0x1db/0x2d0 [ 14.329936] ? kasan_atomics_helper+0x13b5/0x5450 [ 14.329957] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.329981] ? kasan_atomics_helper+0x13b5/0x5450 [ 14.330005] kasan_report+0x141/0x180 [ 14.330040] ? kasan_atomics_helper+0x13b5/0x5450 [ 14.330068] kasan_check_range+0x10c/0x1c0 [ 14.330100] __kasan_check_read+0x15/0x20 [ 14.330129] kasan_atomics_helper+0x13b5/0x5450 [ 14.330152] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.330176] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.330209] ? kasan_atomics+0x152/0x310 [ 14.330241] kasan_atomics+0x1dc/0x310 [ 14.330262] ? __pfx_kasan_atomics+0x10/0x10 [ 14.330283] ? __pfx_read_tsc+0x10/0x10 [ 14.330304] ? ktime_get_ts64+0x86/0x230 [ 14.330330] kunit_try_run_case+0x1a5/0x480 [ 14.330353] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.330374] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.330395] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.330420] ? __kthread_parkme+0x82/0x180 [ 14.330443] ? preempt_count_sub+0x50/0x80 [ 14.330469] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.330490] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.330514] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.330539] kthread+0x337/0x6f0 [ 14.330557] ? trace_preempt_on+0x20/0xc0 [ 14.330590] ? __pfx_kthread+0x10/0x10 [ 14.330610] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.330633] ? calculate_sigpending+0x7b/0xa0 [ 14.330666] ? __pfx_kthread+0x10/0x10 [ 14.330685] ret_from_fork+0x41/0x80 [ 14.330706] ? __pfx_kthread+0x10/0x10 [ 14.330725] ret_from_fork_asm+0x1a/0x30 [ 14.330757] </TASK> [ 14.330768] [ 14.338514] Allocated by task 285: [ 14.338682] kasan_save_stack+0x45/0x70 [ 14.338887] kasan_save_track+0x18/0x40 [ 14.339078] kasan_save_alloc_info+0x3b/0x50 [ 14.339300] __kasan_kmalloc+0xb7/0xc0 [ 14.339542] __kmalloc_cache_noprof+0x189/0x420 [ 14.339756] kasan_atomics+0x95/0x310 [ 14.339927] kunit_try_run_case+0x1a5/0x480 [ 14.340138] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.340340] kthread+0x337/0x6f0 [ 14.340519] ret_from_fork+0x41/0x80 [ 14.340701] ret_from_fork_asm+0x1a/0x30 [ 14.340878] [ 14.340996] The buggy address belongs to the object at ffff888103d00c80 [ 14.340996] which belongs to the cache kmalloc-64 of size 64 [ 14.341360] The buggy address is located 0 bytes to the right of [ 14.341360] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.341910] [ 14.342003] The buggy address belongs to the physical page: [ 14.342236] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.342617] flags: 0x200000000000000(node=0|zone=2) [ 14.342828] page_type: f5(slab) [ 14.343014] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.343332] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.343649] page dumped because: kasan: bad access detected [ 14.343867] [ 14.343956] Memory state around the buggy address: [ 14.344156] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.344498] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.344730] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.344951] ^ [ 14.345104] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.345375] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.345748] ================================================================== [ 13.954784] ================================================================== [ 13.955069] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 13.955701] Write of size 4 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 13.956028] [ 13.956140] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 13.956185] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.956197] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.956219] Call Trace: [ 13.956243] <TASK> [ 13.956257] dump_stack_lvl+0x73/0xb0 [ 13.956284] print_report+0xd1/0x610 [ 13.956308] ? __virt_addr_valid+0x1db/0x2d0 [ 13.956329] ? kasan_atomics_helper+0xa2b/0x5450 [ 13.956351] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.956375] ? kasan_atomics_helper+0xa2b/0x5450 [ 13.956397] kasan_report+0x141/0x180 [ 13.956430] ? kasan_atomics_helper+0xa2b/0x5450 [ 13.956458] kasan_check_range+0x10c/0x1c0 [ 13.956479] __kasan_check_write+0x18/0x20 [ 13.956500] kasan_atomics_helper+0xa2b/0x5450 [ 13.956524] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.956547] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.956569] ? kasan_atomics+0x152/0x310 [ 13.956595] kasan_atomics+0x1dc/0x310 [ 13.956615] ? __pfx_kasan_atomics+0x10/0x10 [ 13.956637] ? __pfx_read_tsc+0x10/0x10 [ 13.956657] ? ktime_get_ts64+0x86/0x230 [ 13.956684] kunit_try_run_case+0x1a5/0x480 [ 13.956705] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.956725] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.956747] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.956772] ? __kthread_parkme+0x82/0x180 [ 13.956794] ? preempt_count_sub+0x50/0x80 [ 13.956822] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.956844] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.956867] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.956892] kthread+0x337/0x6f0 [ 13.956909] ? trace_preempt_on+0x20/0xc0 [ 13.956939] ? __pfx_kthread+0x10/0x10 [ 13.956958] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.956981] ? calculate_sigpending+0x7b/0xa0 [ 13.957003] ? __pfx_kthread+0x10/0x10 [ 13.957023] ret_from_fork+0x41/0x80 [ 13.957045] ? __pfx_kthread+0x10/0x10 [ 13.957065] ret_from_fork_asm+0x1a/0x30 [ 13.957097] </TASK> [ 13.957108] [ 13.964345] Allocated by task 285: [ 13.964502] kasan_save_stack+0x45/0x70 [ 13.964705] kasan_save_track+0x18/0x40 [ 13.964862] kasan_save_alloc_info+0x3b/0x50 [ 13.965063] __kasan_kmalloc+0xb7/0xc0 [ 13.965219] __kmalloc_cache_noprof+0x189/0x420 [ 13.965454] kasan_atomics+0x95/0x310 [ 13.965613] kunit_try_run_case+0x1a5/0x480 [ 13.965788] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.966010] kthread+0x337/0x6f0 [ 13.966165] ret_from_fork+0x41/0x80 [ 13.966333] ret_from_fork_asm+0x1a/0x30 [ 13.966512] [ 13.966606] The buggy address belongs to the object at ffff888103d00c80 [ 13.966606] which belongs to the cache kmalloc-64 of size 64 [ 13.967076] The buggy address is located 0 bytes to the right of [ 13.967076] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 13.967623] [ 13.967715] The buggy address belongs to the physical page: [ 13.967906] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 13.968263] flags: 0x200000000000000(node=0|zone=2) [ 13.968580] page_type: f5(slab) [ 13.968712] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.969039] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.969324] page dumped because: kasan: bad access detected [ 13.969693] [ 13.969796] Memory state around the buggy address: [ 13.970000] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.970261] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.970478] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.970693] ^ [ 13.970848] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.971064] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.971312] ================================================================== [ 13.723493] ================================================================== [ 13.723931] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 13.724195] Read of size 4 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 13.724531] [ 13.724714] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 13.724761] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.724774] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.724797] Call Trace: [ 13.724815] <TASK> [ 13.724833] dump_stack_lvl+0x73/0xb0 [ 13.724860] print_report+0xd1/0x610 [ 13.724883] ? __virt_addr_valid+0x1db/0x2d0 [ 13.724905] ? kasan_atomics_helper+0x4b54/0x5450 [ 13.724933] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.724955] ? kasan_atomics_helper+0x4b54/0x5450 [ 13.724978] kasan_report+0x141/0x180 [ 13.725001] ? kasan_atomics_helper+0x4b54/0x5450 [ 13.725029] __asan_report_load4_noabort+0x18/0x20 [ 13.725051] kasan_atomics_helper+0x4b54/0x5450 [ 13.725074] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.725097] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.725120] ? kasan_atomics+0x152/0x310 [ 13.725144] kasan_atomics+0x1dc/0x310 [ 13.725164] ? __pfx_kasan_atomics+0x10/0x10 [ 13.725185] ? __pfx_read_tsc+0x10/0x10 [ 13.725207] ? ktime_get_ts64+0x86/0x230 [ 13.725244] kunit_try_run_case+0x1a5/0x480 [ 13.725266] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.725286] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.725308] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.725333] ? __kthread_parkme+0x82/0x180 [ 13.725367] ? preempt_count_sub+0x50/0x80 [ 13.725393] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.725414] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.725438] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.725462] kthread+0x337/0x6f0 [ 13.725480] ? trace_preempt_on+0x20/0xc0 [ 13.725506] ? __pfx_kthread+0x10/0x10 [ 13.725525] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.725548] ? calculate_sigpending+0x7b/0xa0 [ 13.725571] ? __pfx_kthread+0x10/0x10 [ 13.725611] ret_from_fork+0x41/0x80 [ 13.725634] ? __pfx_kthread+0x10/0x10 [ 13.725653] ret_from_fork_asm+0x1a/0x30 [ 13.725685] </TASK> [ 13.725697] [ 13.733422] Allocated by task 285: [ 13.733595] kasan_save_stack+0x45/0x70 [ 13.733738] kasan_save_track+0x18/0x40 [ 13.733871] kasan_save_alloc_info+0x3b/0x50 [ 13.734044] __kasan_kmalloc+0xb7/0xc0 [ 13.734327] __kmalloc_cache_noprof+0x189/0x420 [ 13.734783] kasan_atomics+0x95/0x310 [ 13.734968] kunit_try_run_case+0x1a5/0x480 [ 13.735147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.735429] kthread+0x337/0x6f0 [ 13.735591] ret_from_fork+0x41/0x80 [ 13.735749] ret_from_fork_asm+0x1a/0x30 [ 13.735954] [ 13.736067] The buggy address belongs to the object at ffff888103d00c80 [ 13.736067] which belongs to the cache kmalloc-64 of size 64 [ 13.736614] The buggy address is located 0 bytes to the right of [ 13.736614] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 13.737177] [ 13.737280] The buggy address belongs to the physical page: [ 13.737524] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 13.737867] flags: 0x200000000000000(node=0|zone=2) [ 13.738096] page_type: f5(slab) [ 13.738269] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.738494] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.738711] page dumped because: kasan: bad access detected [ 13.739113] [ 13.739207] Memory state around the buggy address: [ 13.739534] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.739874] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.740207] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.740563] ^ [ 13.740718] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.740988] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.741306] ================================================================== [ 13.931794] ================================================================== [ 13.932358] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 13.933128] Write of size 4 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 13.933602] [ 13.933704] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 13.933755] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.933768] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.933790] Call Trace: [ 13.933810] <TASK> [ 13.933829] dump_stack_lvl+0x73/0xb0 [ 13.934066] print_report+0xd1/0x610 [ 13.934095] ? __virt_addr_valid+0x1db/0x2d0 [ 13.934118] ? kasan_atomics_helper+0x992/0x5450 [ 13.934140] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.934166] ? kasan_atomics_helper+0x992/0x5450 [ 13.934189] kasan_report+0x141/0x180 [ 13.934213] ? kasan_atomics_helper+0x992/0x5450 [ 13.934252] kasan_check_range+0x10c/0x1c0 [ 13.934273] __kasan_check_write+0x18/0x20 [ 13.934293] kasan_atomics_helper+0x992/0x5450 [ 13.934318] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.934341] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.934422] ? kasan_atomics+0x152/0x310 [ 13.934449] kasan_atomics+0x1dc/0x310 [ 13.934470] ? __pfx_kasan_atomics+0x10/0x10 [ 13.934492] ? __pfx_read_tsc+0x10/0x10 [ 13.934514] ? ktime_get_ts64+0x86/0x230 [ 13.934540] kunit_try_run_case+0x1a5/0x480 [ 13.934563] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.934582] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.934605] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.934631] ? __kthread_parkme+0x82/0x180 [ 13.934653] ? preempt_count_sub+0x50/0x80 [ 13.934682] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.934704] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.934729] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.934753] kthread+0x337/0x6f0 [ 13.934771] ? trace_preempt_on+0x20/0xc0 [ 13.934795] ? __pfx_kthread+0x10/0x10 [ 13.934814] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.934838] ? calculate_sigpending+0x7b/0xa0 [ 13.934860] ? __pfx_kthread+0x10/0x10 [ 13.934880] ret_from_fork+0x41/0x80 [ 13.934902] ? __pfx_kthread+0x10/0x10 [ 13.934920] ret_from_fork_asm+0x1a/0x30 [ 13.934952] </TASK> [ 13.934964] [ 13.944706] Allocated by task 285: [ 13.944881] kasan_save_stack+0x45/0x70 [ 13.945080] kasan_save_track+0x18/0x40 [ 13.945275] kasan_save_alloc_info+0x3b/0x50 [ 13.945446] __kasan_kmalloc+0xb7/0xc0 [ 13.945636] __kmalloc_cache_noprof+0x189/0x420 [ 13.945844] kasan_atomics+0x95/0x310 [ 13.946034] kunit_try_run_case+0x1a5/0x480 [ 13.946220] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.947049] kthread+0x337/0x6f0 [ 13.947185] ret_from_fork+0x41/0x80 [ 13.947501] ret_from_fork_asm+0x1a/0x30 [ 13.947769] [ 13.947932] The buggy address belongs to the object at ffff888103d00c80 [ 13.947932] which belongs to the cache kmalloc-64 of size 64 [ 13.948594] The buggy address is located 0 bytes to the right of [ 13.948594] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 13.949216] [ 13.949307] The buggy address belongs to the physical page: [ 13.949726] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 13.950021] flags: 0x200000000000000(node=0|zone=2) [ 13.950362] page_type: f5(slab) [ 13.950532] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.950978] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.951320] page dumped because: kasan: bad access detected [ 13.951557] [ 13.951656] Memory state around the buggy address: [ 13.952000] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.952422] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.952794] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.953088] ^ [ 13.953466] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.953768] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.954054] ================================================================== [ 14.479092] ================================================================== [ 14.479335] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 14.479817] Write of size 8 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.480277] [ 14.480466] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.480537] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.480550] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.480597] Call Trace: [ 14.480613] <TASK> [ 14.480645] dump_stack_lvl+0x73/0xb0 [ 14.480708] print_report+0xd1/0x610 [ 14.480747] ? __virt_addr_valid+0x1db/0x2d0 [ 14.480804] ? kasan_atomics_helper+0x177f/0x5450 [ 14.480826] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.480849] ? kasan_atomics_helper+0x177f/0x5450 [ 14.480883] kasan_report+0x141/0x180 [ 14.480906] ? kasan_atomics_helper+0x177f/0x5450 [ 14.480937] kasan_check_range+0x10c/0x1c0 [ 14.480958] __kasan_check_write+0x18/0x20 [ 14.480978] kasan_atomics_helper+0x177f/0x5450 [ 14.481002] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.481025] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.481047] ? kasan_atomics+0x152/0x310 [ 14.481072] kasan_atomics+0x1dc/0x310 [ 14.481092] ? __pfx_kasan_atomics+0x10/0x10 [ 14.481113] ? __pfx_read_tsc+0x10/0x10 [ 14.481134] ? ktime_get_ts64+0x86/0x230 [ 14.481160] kunit_try_run_case+0x1a5/0x480 [ 14.481181] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.481200] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.481232] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.481257] ? __kthread_parkme+0x82/0x180 [ 14.481279] ? preempt_count_sub+0x50/0x80 [ 14.481305] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.481326] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.481350] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.481374] kthread+0x337/0x6f0 [ 14.481391] ? trace_preempt_on+0x20/0xc0 [ 14.481415] ? __pfx_kthread+0x10/0x10 [ 14.481434] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.481457] ? calculate_sigpending+0x7b/0xa0 [ 14.481479] ? __pfx_kthread+0x10/0x10 [ 14.481497] ret_from_fork+0x41/0x80 [ 14.481518] ? __pfx_kthread+0x10/0x10 [ 14.481565] ret_from_fork_asm+0x1a/0x30 [ 14.481598] </TASK> [ 14.481608] [ 14.489351] Allocated by task 285: [ 14.489503] kasan_save_stack+0x45/0x70 [ 14.489645] kasan_save_track+0x18/0x40 [ 14.489815] kasan_save_alloc_info+0x3b/0x50 [ 14.490063] __kasan_kmalloc+0xb7/0xc0 [ 14.490264] __kmalloc_cache_noprof+0x189/0x420 [ 14.490614] kasan_atomics+0x95/0x310 [ 14.490790] kunit_try_run_case+0x1a5/0x480 [ 14.491022] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.491305] kthread+0x337/0x6f0 [ 14.491545] ret_from_fork+0x41/0x80 [ 14.491768] ret_from_fork_asm+0x1a/0x30 [ 14.491959] [ 14.492077] The buggy address belongs to the object at ffff888103d00c80 [ 14.492077] which belongs to the cache kmalloc-64 of size 64 [ 14.492686] The buggy address is located 0 bytes to the right of [ 14.492686] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.493266] [ 14.493381] The buggy address belongs to the physical page: [ 14.493658] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.494041] flags: 0x200000000000000(node=0|zone=2) [ 14.494301] page_type: f5(slab) [ 14.494593] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.494930] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.495203] page dumped because: kasan: bad access detected [ 14.495565] [ 14.495695] Memory state around the buggy address: [ 14.495900] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.496256] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.496581] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.497046] ^ [ 14.497195] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.497813] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.498102] ================================================================== [ 14.024912] ================================================================== [ 14.025257] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 14.025580] Read of size 4 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.025995] [ 14.026097] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.026140] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.026152] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.026173] Call Trace: [ 14.026187] <TASK> [ 14.026201] dump_stack_lvl+0x73/0xb0 [ 14.026236] print_report+0xd1/0x610 [ 14.026259] ? __virt_addr_valid+0x1db/0x2d0 [ 14.026280] ? kasan_atomics_helper+0x4a84/0x5450 [ 14.026302] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.026326] ? kasan_atomics_helper+0x4a84/0x5450 [ 14.026348] kasan_report+0x141/0x180 [ 14.026384] ? kasan_atomics_helper+0x4a84/0x5450 [ 14.026412] __asan_report_load4_noabort+0x18/0x20 [ 14.026433] kasan_atomics_helper+0x4a84/0x5450 [ 14.026458] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.026481] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.026502] ? kasan_atomics+0x152/0x310 [ 14.026526] kasan_atomics+0x1dc/0x310 [ 14.026546] ? __pfx_kasan_atomics+0x10/0x10 [ 14.026568] ? __pfx_read_tsc+0x10/0x10 [ 14.026588] ? ktime_get_ts64+0x86/0x230 [ 14.026613] kunit_try_run_case+0x1a5/0x480 [ 14.026634] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.026653] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.026675] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.026700] ? __kthread_parkme+0x82/0x180 [ 14.026720] ? preempt_count_sub+0x50/0x80 [ 14.026748] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.026769] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.026792] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.026817] kthread+0x337/0x6f0 [ 14.026834] ? trace_preempt_on+0x20/0xc0 [ 14.026858] ? __pfx_kthread+0x10/0x10 [ 14.026876] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.026899] ? calculate_sigpending+0x7b/0xa0 [ 14.026920] ? __pfx_kthread+0x10/0x10 [ 14.026939] ret_from_fork+0x41/0x80 [ 14.026960] ? __pfx_kthread+0x10/0x10 [ 14.026979] ret_from_fork_asm+0x1a/0x30 [ 14.027009] </TASK> [ 14.027021] [ 14.033838] Allocated by task 285: [ 14.034028] kasan_save_stack+0x45/0x70 [ 14.034233] kasan_save_track+0x18/0x40 [ 14.034495] kasan_save_alloc_info+0x3b/0x50 [ 14.034700] __kasan_kmalloc+0xb7/0xc0 [ 14.034884] __kmalloc_cache_noprof+0x189/0x420 [ 14.035098] kasan_atomics+0x95/0x310 [ 14.035291] kunit_try_run_case+0x1a5/0x480 [ 14.035668] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.035924] kthread+0x337/0x6f0 [ 14.036090] ret_from_fork+0x41/0x80 [ 14.036279] ret_from_fork_asm+0x1a/0x30 [ 14.036610] [ 14.036683] The buggy address belongs to the object at ffff888103d00c80 [ 14.036683] which belongs to the cache kmalloc-64 of size 64 [ 14.037038] The buggy address is located 0 bytes to the right of [ 14.037038] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.037705] [ 14.037802] The buggy address belongs to the physical page: [ 14.038054] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.038383] flags: 0x200000000000000(node=0|zone=2) [ 14.038578] page_type: f5(slab) [ 14.038738] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.039044] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.039342] page dumped because: kasan: bad access detected [ 14.039556] [ 14.039624] Memory state around the buggy address: [ 14.039779] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.040002] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.040332] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.040666] ^ [ 14.040893] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.041183] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.041531] ================================================================== [ 14.096972] ================================================================== [ 14.097847] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 14.098704] Write of size 4 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.099551] [ 14.099780] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.099964] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.099978] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.100120] Call Trace: [ 14.100151] <TASK> [ 14.100167] dump_stack_lvl+0x73/0xb0 [ 14.100407] print_report+0xd1/0x610 [ 14.100447] ? __virt_addr_valid+0x1db/0x2d0 [ 14.100469] ? kasan_atomics_helper+0xf10/0x5450 [ 14.100507] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.100531] ? kasan_atomics_helper+0xf10/0x5450 [ 14.100565] kasan_report+0x141/0x180 [ 14.100588] ? kasan_atomics_helper+0xf10/0x5450 [ 14.100692] kasan_check_range+0x10c/0x1c0 [ 14.100719] __kasan_check_write+0x18/0x20 [ 14.100740] kasan_atomics_helper+0xf10/0x5450 [ 14.100844] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.100948] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.100976] ? kasan_atomics+0x152/0x310 [ 14.101001] kasan_atomics+0x1dc/0x310 [ 14.101432] ? __pfx_kasan_atomics+0x10/0x10 [ 14.101462] ? __pfx_read_tsc+0x10/0x10 [ 14.101484] ? ktime_get_ts64+0x86/0x230 [ 14.101527] kunit_try_run_case+0x1a5/0x480 [ 14.101549] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.101581] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.101602] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.101627] ? __kthread_parkme+0x82/0x180 [ 14.101667] ? preempt_count_sub+0x50/0x80 [ 14.101695] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.101730] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.101755] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.101862] kthread+0x337/0x6f0 [ 14.101886] ? trace_preempt_on+0x20/0xc0 [ 14.101992] ? __pfx_kthread+0x10/0x10 [ 14.102014] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.102115] ? calculate_sigpending+0x7b/0xa0 [ 14.102142] ? __pfx_kthread+0x10/0x10 [ 14.102162] ret_from_fork+0x41/0x80 [ 14.102289] ? __pfx_kthread+0x10/0x10 [ 14.102309] ret_from_fork_asm+0x1a/0x30 [ 14.102342] </TASK> [ 14.102496] [ 14.117502] Allocated by task 285: [ 14.117866] kasan_save_stack+0x45/0x70 [ 14.118019] kasan_save_track+0x18/0x40 [ 14.118155] kasan_save_alloc_info+0x3b/0x50 [ 14.118313] __kasan_kmalloc+0xb7/0xc0 [ 14.118697] __kmalloc_cache_noprof+0x189/0x420 [ 14.119124] kasan_atomics+0x95/0x310 [ 14.119490] kunit_try_run_case+0x1a5/0x480 [ 14.119882] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.120399] kthread+0x337/0x6f0 [ 14.120712] ret_from_fork+0x41/0x80 [ 14.121044] ret_from_fork_asm+0x1a/0x30 [ 14.121441] [ 14.121580] The buggy address belongs to the object at ffff888103d00c80 [ 14.121580] which belongs to the cache kmalloc-64 of size 64 [ 14.122144] The buggy address is located 0 bytes to the right of [ 14.122144] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.122946] [ 14.123104] The buggy address belongs to the physical page: [ 14.123625] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.124292] flags: 0x200000000000000(node=0|zone=2) [ 14.124758] page_type: f5(slab) [ 14.125045] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.125291] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.125934] page dumped because: kasan: bad access detected [ 14.126448] [ 14.126601] Memory state around the buggy address: [ 14.127041] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.127514] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.127737] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.127950] ^ [ 14.128104] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.128335] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.128640] ================================================================== [ 14.537942] ================================================================== [ 14.538339] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 14.538714] Write of size 8 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.539060] [ 14.539182] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.539268] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.539281] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.539325] Call Trace: [ 14.539339] <TASK> [ 14.539353] dump_stack_lvl+0x73/0xb0 [ 14.539399] print_report+0xd1/0x610 [ 14.539423] ? __virt_addr_valid+0x1db/0x2d0 [ 14.539445] ? kasan_atomics_helper+0x194a/0x5450 [ 14.539467] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.539491] ? kasan_atomics_helper+0x194a/0x5450 [ 14.539514] kasan_report+0x141/0x180 [ 14.539564] ? kasan_atomics_helper+0x194a/0x5450 [ 14.539593] kasan_check_range+0x10c/0x1c0 [ 14.539614] __kasan_check_write+0x18/0x20 [ 14.539646] kasan_atomics_helper+0x194a/0x5450 [ 14.539670] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.539719] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.539741] ? kasan_atomics+0x152/0x310 [ 14.539764] kasan_atomics+0x1dc/0x310 [ 14.539796] ? __pfx_kasan_atomics+0x10/0x10 [ 14.539817] ? __pfx_read_tsc+0x10/0x10 [ 14.539851] ? ktime_get_ts64+0x86/0x230 [ 14.539902] kunit_try_run_case+0x1a5/0x480 [ 14.539948] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.539981] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.540027] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.540066] ? __kthread_parkme+0x82/0x180 [ 14.540126] ? preempt_count_sub+0x50/0x80 [ 14.540164] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.540209] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.540263] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.540287] kthread+0x337/0x6f0 [ 14.540304] ? trace_preempt_on+0x20/0xc0 [ 14.540339] ? __pfx_kthread+0x10/0x10 [ 14.540370] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.540393] ? calculate_sigpending+0x7b/0xa0 [ 14.540415] ? __pfx_kthread+0x10/0x10 [ 14.540434] ret_from_fork+0x41/0x80 [ 14.540456] ? __pfx_kthread+0x10/0x10 [ 14.540474] ret_from_fork_asm+0x1a/0x30 [ 14.540505] </TASK> [ 14.540517] [ 14.548719] Allocated by task 285: [ 14.548843] kasan_save_stack+0x45/0x70 [ 14.549026] kasan_save_track+0x18/0x40 [ 14.549159] kasan_save_alloc_info+0x3b/0x50 [ 14.549329] __kasan_kmalloc+0xb7/0xc0 [ 14.549703] __kmalloc_cache_noprof+0x189/0x420 [ 14.549923] kasan_atomics+0x95/0x310 [ 14.550094] kunit_try_run_case+0x1a5/0x480 [ 14.550245] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.550427] kthread+0x337/0x6f0 [ 14.550615] ret_from_fork+0x41/0x80 [ 14.550796] ret_from_fork_asm+0x1a/0x30 [ 14.550993] [ 14.551110] The buggy address belongs to the object at ffff888103d00c80 [ 14.551110] which belongs to the cache kmalloc-64 of size 64 [ 14.551537] The buggy address is located 0 bytes to the right of [ 14.551537] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.552499] [ 14.552579] The buggy address belongs to the physical page: [ 14.552806] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.553165] flags: 0x200000000000000(node=0|zone=2) [ 14.553426] page_type: f5(slab) [ 14.553553] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.553787] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.554015] page dumped because: kasan: bad access detected [ 14.554264] [ 14.554357] Memory state around the buggy address: [ 14.554579] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.554896] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.555216] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.555445] ^ [ 14.555603] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.556126] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.556564] ================================================================== [ 14.818109] ================================================================== [ 14.818603] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 14.818901] Write of size 8 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.819173] [ 14.819291] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.819336] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.819368] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.819390] Call Trace: [ 14.819408] <TASK> [ 14.819423] dump_stack_lvl+0x73/0xb0 [ 14.819450] print_report+0xd1/0x610 [ 14.819473] ? __virt_addr_valid+0x1db/0x2d0 [ 14.819495] ? kasan_atomics_helper+0x20c8/0x5450 [ 14.819517] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.819540] ? kasan_atomics_helper+0x20c8/0x5450 [ 14.819563] kasan_report+0x141/0x180 [ 14.819586] ? kasan_atomics_helper+0x20c8/0x5450 [ 14.819613] kasan_check_range+0x10c/0x1c0 [ 14.819634] __kasan_check_write+0x18/0x20 [ 14.819655] kasan_atomics_helper+0x20c8/0x5450 [ 14.819678] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.819701] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.819723] ? kasan_atomics+0x152/0x310 [ 14.819747] kasan_atomics+0x1dc/0x310 [ 14.819767] ? __pfx_kasan_atomics+0x10/0x10 [ 14.819789] ? __pfx_read_tsc+0x10/0x10 [ 14.819810] ? ktime_get_ts64+0x86/0x230 [ 14.819835] kunit_try_run_case+0x1a5/0x480 [ 14.819858] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.819877] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.819898] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.819923] ? __kthread_parkme+0x82/0x180 [ 14.819945] ? preempt_count_sub+0x50/0x80 [ 14.819973] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.819994] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.820017] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.820041] kthread+0x337/0x6f0 [ 14.820059] ? trace_preempt_on+0x20/0xc0 [ 14.820083] ? __pfx_kthread+0x10/0x10 [ 14.820102] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.820124] ? calculate_sigpending+0x7b/0xa0 [ 14.820146] ? __pfx_kthread+0x10/0x10 [ 14.820165] ret_from_fork+0x41/0x80 [ 14.820187] ? __pfx_kthread+0x10/0x10 [ 14.820205] ret_from_fork_asm+0x1a/0x30 [ 14.820246] </TASK> [ 14.820258] [ 14.827464] Allocated by task 285: [ 14.827623] kasan_save_stack+0x45/0x70 [ 14.827795] kasan_save_track+0x18/0x40 [ 14.827988] kasan_save_alloc_info+0x3b/0x50 [ 14.828162] __kasan_kmalloc+0xb7/0xc0 [ 14.828387] __kmalloc_cache_noprof+0x189/0x420 [ 14.828582] kasan_atomics+0x95/0x310 [ 14.828742] kunit_try_run_case+0x1a5/0x480 [ 14.828929] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.829153] kthread+0x337/0x6f0 [ 14.829303] ret_from_fork+0x41/0x80 [ 14.829501] ret_from_fork_asm+0x1a/0x30 [ 14.829642] [ 14.829712] The buggy address belongs to the object at ffff888103d00c80 [ 14.829712] which belongs to the cache kmalloc-64 of size 64 [ 14.830242] The buggy address is located 0 bytes to the right of [ 14.830242] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.830674] [ 14.830769] The buggy address belongs to the physical page: [ 14.831022] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.831357] flags: 0x200000000000000(node=0|zone=2) [ 14.831523] page_type: f5(slab) [ 14.831644] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.831875] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.832100] page dumped because: kasan: bad access detected [ 14.832391] [ 14.832486] Memory state around the buggy address: [ 14.832703] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.833021] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.833360] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.833673] ^ [ 14.833831] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.834047] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.834278] ================================================================== [ 13.622070] ================================================================== [ 13.622514] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 13.622859] Write of size 4 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 13.623433] [ 13.623525] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 13.623569] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.623580] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.623600] Call Trace: [ 13.623613] <TASK> [ 13.623626] dump_stack_lvl+0x73/0xb0 [ 13.623652] print_report+0xd1/0x610 [ 13.623790] ? __virt_addr_valid+0x1db/0x2d0 [ 13.623813] ? kasan_atomics_helper+0x4ba2/0x5450 [ 13.623863] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.623887] ? kasan_atomics_helper+0x4ba2/0x5450 [ 13.623909] kasan_report+0x141/0x180 [ 13.623933] ? kasan_atomics_helper+0x4ba2/0x5450 [ 13.623960] __asan_report_store4_noabort+0x1b/0x30 [ 13.623981] kasan_atomics_helper+0x4ba2/0x5450 [ 13.624020] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.624043] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.624077] ? kasan_atomics+0x152/0x310 [ 13.624100] kasan_atomics+0x1dc/0x310 [ 13.624133] ? __pfx_kasan_atomics+0x10/0x10 [ 13.624167] ? __pfx_read_tsc+0x10/0x10 [ 13.624200] ? ktime_get_ts64+0x86/0x230 [ 13.624248] kunit_try_run_case+0x1a5/0x480 [ 13.624270] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.624302] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.624336] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.624371] ? __kthread_parkme+0x82/0x180 [ 13.624392] ? preempt_count_sub+0x50/0x80 [ 13.624417] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.624438] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.624461] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.624484] kthread+0x337/0x6f0 [ 13.624501] ? trace_preempt_on+0x20/0xc0 [ 13.624525] ? __pfx_kthread+0x10/0x10 [ 13.624543] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.624564] ? calculate_sigpending+0x7b/0xa0 [ 13.624586] ? __pfx_kthread+0x10/0x10 [ 13.624621] ret_from_fork+0x41/0x80 [ 13.624641] ? __pfx_kthread+0x10/0x10 [ 13.624659] ret_from_fork_asm+0x1a/0x30 [ 13.624703] </TASK> [ 13.624713] [ 13.635926] Allocated by task 285: [ 13.636125] kasan_save_stack+0x45/0x70 [ 13.636332] kasan_save_track+0x18/0x40 [ 13.636505] kasan_save_alloc_info+0x3b/0x50 [ 13.637086] __kasan_kmalloc+0xb7/0xc0 [ 13.637468] __kmalloc_cache_noprof+0x189/0x420 [ 13.637764] kasan_atomics+0x95/0x310 [ 13.637934] kunit_try_run_case+0x1a5/0x480 [ 13.638117] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.638350] kthread+0x337/0x6f0 [ 13.638501] ret_from_fork+0x41/0x80 [ 13.639241] ret_from_fork_asm+0x1a/0x30 [ 13.639457] [ 13.639529] The buggy address belongs to the object at ffff888103d00c80 [ 13.639529] which belongs to the cache kmalloc-64 of size 64 [ 13.640187] The buggy address is located 0 bytes to the right of [ 13.640187] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 13.640718] [ 13.640821] The buggy address belongs to the physical page: [ 13.641055] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 13.641386] flags: 0x200000000000000(node=0|zone=2) [ 13.641742] page_type: f5(slab) [ 13.641889] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.642217] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.642577] page dumped because: kasan: bad access detected [ 13.642800] [ 13.642884] Memory state around the buggy address: [ 13.643278] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.643850] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.644147] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.644501] ^ [ 13.644744] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.645242] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.645579] ================================================================== [ 13.797676] ================================================================== [ 13.798155] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 13.798549] Write of size 4 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 13.798874] [ 13.799022] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 13.799068] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.799081] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.799131] Call Trace: [ 13.799152] <TASK> [ 13.799169] dump_stack_lvl+0x73/0xb0 [ 13.799196] print_report+0xd1/0x610 [ 13.799220] ? __virt_addr_valid+0x1db/0x2d0 [ 13.799254] ? kasan_atomics_helper+0x5fe/0x5450 [ 13.799276] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.799299] ? kasan_atomics_helper+0x5fe/0x5450 [ 13.799323] kasan_report+0x141/0x180 [ 13.799346] ? kasan_atomics_helper+0x5fe/0x5450 [ 13.799410] kasan_check_range+0x10c/0x1c0 [ 13.799432] __kasan_check_write+0x18/0x20 [ 13.799453] kasan_atomics_helper+0x5fe/0x5450 [ 13.799476] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.799500] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.799522] ? kasan_atomics+0x152/0x310 [ 13.799576] kasan_atomics+0x1dc/0x310 [ 13.799596] ? __pfx_kasan_atomics+0x10/0x10 [ 13.799618] ? __pfx_read_tsc+0x10/0x10 [ 13.799640] ? ktime_get_ts64+0x86/0x230 [ 13.799666] kunit_try_run_case+0x1a5/0x480 [ 13.799717] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.799738] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.799761] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.799786] ? __kthread_parkme+0x82/0x180 [ 13.799808] ? preempt_count_sub+0x50/0x80 [ 13.799838] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.799891] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.799917] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.799945] kthread+0x337/0x6f0 [ 13.799964] ? trace_preempt_on+0x20/0xc0 [ 13.799988] ? __pfx_kthread+0x10/0x10 [ 13.800037] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.800060] ? calculate_sigpending+0x7b/0xa0 [ 13.800082] ? __pfx_kthread+0x10/0x10 [ 13.800101] ret_from_fork+0x41/0x80 [ 13.800123] ? __pfx_kthread+0x10/0x10 [ 13.800168] ret_from_fork_asm+0x1a/0x30 [ 13.800202] </TASK> [ 13.800213] [ 13.813042] Allocated by task 285: [ 13.813389] kasan_save_stack+0x45/0x70 [ 13.813750] kasan_save_track+0x18/0x40 [ 13.814101] kasan_save_alloc_info+0x3b/0x50 [ 13.814545] __kasan_kmalloc+0xb7/0xc0 [ 13.814889] __kmalloc_cache_noprof+0x189/0x420 [ 13.815300] kasan_atomics+0x95/0x310 [ 13.815692] kunit_try_run_case+0x1a5/0x480 [ 13.816063] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.816609] kthread+0x337/0x6f0 [ 13.816911] ret_from_fork+0x41/0x80 [ 13.817267] ret_from_fork_asm+0x1a/0x30 [ 13.817669] [ 13.817826] The buggy address belongs to the object at ffff888103d00c80 [ 13.817826] which belongs to the cache kmalloc-64 of size 64 [ 13.818484] The buggy address is located 0 bytes to the right of [ 13.818484] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 13.818851] [ 13.818925] The buggy address belongs to the physical page: [ 13.819097] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 13.819350] flags: 0x200000000000000(node=0|zone=2) [ 13.819541] page_type: f5(slab) [ 13.819712] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.820002] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.820236] page dumped because: kasan: bad access detected [ 13.820511] [ 13.820606] Memory state around the buggy address: [ 13.820833] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.821151] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.821385] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.821706] ^ [ 13.822097] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.822559] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.822915] ================================================================== [ 14.310041] ================================================================== [ 14.310512] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 14.310849] Read of size 4 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.311186] [ 14.311368] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.311413] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.311425] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.311447] Call Trace: [ 14.311476] <TASK> [ 14.311494] dump_stack_lvl+0x73/0xb0 [ 14.311520] print_report+0xd1/0x610 [ 14.311555] ? __virt_addr_valid+0x1db/0x2d0 [ 14.311577] ? kasan_atomics_helper+0x49ce/0x5450 [ 14.311602] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.311626] ? kasan_atomics_helper+0x49ce/0x5450 [ 14.311658] kasan_report+0x141/0x180 [ 14.311681] ? kasan_atomics_helper+0x49ce/0x5450 [ 14.311709] __asan_report_load4_noabort+0x18/0x20 [ 14.311741] kasan_atomics_helper+0x49ce/0x5450 [ 14.311765] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.311788] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.311810] ? kasan_atomics+0x152/0x310 [ 14.311835] kasan_atomics+0x1dc/0x310 [ 14.311855] ? __pfx_kasan_atomics+0x10/0x10 [ 14.311876] ? __pfx_read_tsc+0x10/0x10 [ 14.311897] ? ktime_get_ts64+0x86/0x230 [ 14.311923] kunit_try_run_case+0x1a5/0x480 [ 14.311945] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.311965] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.311987] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.312012] ? __kthread_parkme+0x82/0x180 [ 14.312034] ? preempt_count_sub+0x50/0x80 [ 14.312060] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.312081] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.312105] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.312129] kthread+0x337/0x6f0 [ 14.312156] ? trace_preempt_on+0x20/0xc0 [ 14.312180] ? __pfx_kthread+0x10/0x10 [ 14.312199] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.312243] ? calculate_sigpending+0x7b/0xa0 [ 14.312265] ? __pfx_kthread+0x10/0x10 [ 14.312284] ret_from_fork+0x41/0x80 [ 14.312311] ? __pfx_kthread+0x10/0x10 [ 14.312330] ret_from_fork_asm+0x1a/0x30 [ 14.312362] </TASK> [ 14.312373] [ 14.320065] Allocated by task 285: [ 14.320263] kasan_save_stack+0x45/0x70 [ 14.320534] kasan_save_track+0x18/0x40 [ 14.320750] kasan_save_alloc_info+0x3b/0x50 [ 14.320897] __kasan_kmalloc+0xb7/0xc0 [ 14.321037] __kmalloc_cache_noprof+0x189/0x420 [ 14.321288] kasan_atomics+0x95/0x310 [ 14.321602] kunit_try_run_case+0x1a5/0x480 [ 14.321806] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.322034] kthread+0x337/0x6f0 [ 14.322154] ret_from_fork+0x41/0x80 [ 14.322326] ret_from_fork_asm+0x1a/0x30 [ 14.322533] [ 14.322629] The buggy address belongs to the object at ffff888103d00c80 [ 14.322629] which belongs to the cache kmalloc-64 of size 64 [ 14.323058] The buggy address is located 0 bytes to the right of [ 14.323058] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.323688] [ 14.323797] The buggy address belongs to the physical page: [ 14.324031] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.324383] flags: 0x200000000000000(node=0|zone=2) [ 14.324593] page_type: f5(slab) [ 14.324773] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.325101] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.325477] page dumped because: kasan: bad access detected [ 14.325650] [ 14.325720] Memory state around the buggy address: [ 14.325875] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.326092] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.326318] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.326581] ^ [ 14.326815] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.327127] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.327446] ================================================================== [ 14.640392] ================================================================== [ 14.640753] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 14.641016] Read of size 8 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.641253] [ 14.641337] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.641379] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.641391] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.641412] Call Trace: [ 14.641429] <TASK> [ 14.641446] dump_stack_lvl+0x73/0xb0 [ 14.641469] print_report+0xd1/0x610 [ 14.641492] ? __virt_addr_valid+0x1db/0x2d0 [ 14.641514] ? kasan_atomics_helper+0x4f30/0x5450 [ 14.641536] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.641559] ? kasan_atomics_helper+0x4f30/0x5450 [ 14.641582] kasan_report+0x141/0x180 [ 14.641605] ? kasan_atomics_helper+0x4f30/0x5450 [ 14.641633] __asan_report_load8_noabort+0x18/0x20 [ 14.641655] kasan_atomics_helper+0x4f30/0x5450 [ 14.641678] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.641702] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.641724] ? kasan_atomics+0x152/0x310 [ 14.641747] kasan_atomics+0x1dc/0x310 [ 14.641767] ? __pfx_kasan_atomics+0x10/0x10 [ 14.641788] ? __pfx_read_tsc+0x10/0x10 [ 14.641809] ? ktime_get_ts64+0x86/0x230 [ 14.641834] kunit_try_run_case+0x1a5/0x480 [ 14.641855] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.641874] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.641896] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.641920] ? __kthread_parkme+0x82/0x180 [ 14.641943] ? preempt_count_sub+0x50/0x80 [ 14.641968] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.641988] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.642012] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.642036] kthread+0x337/0x6f0 [ 14.642054] ? trace_preempt_on+0x20/0xc0 [ 14.642078] ? __pfx_kthread+0x10/0x10 [ 14.642096] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.642119] ? calculate_sigpending+0x7b/0xa0 [ 14.642141] ? __pfx_kthread+0x10/0x10 [ 14.642159] ret_from_fork+0x41/0x80 [ 14.642180] ? __pfx_kthread+0x10/0x10 [ 14.642199] ret_from_fork_asm+0x1a/0x30 [ 14.642241] </TASK> [ 14.642251] [ 14.650155] Allocated by task 285: [ 14.650464] kasan_save_stack+0x45/0x70 [ 14.650610] kasan_save_track+0x18/0x40 [ 14.650787] kasan_save_alloc_info+0x3b/0x50 [ 14.651007] __kasan_kmalloc+0xb7/0xc0 [ 14.651195] __kmalloc_cache_noprof+0x189/0x420 [ 14.651376] kasan_atomics+0x95/0x310 [ 14.651561] kunit_try_run_case+0x1a5/0x480 [ 14.651746] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.651929] kthread+0x337/0x6f0 [ 14.652048] ret_from_fork+0x41/0x80 [ 14.652244] ret_from_fork_asm+0x1a/0x30 [ 14.652539] [ 14.652637] The buggy address belongs to the object at ffff888103d00c80 [ 14.652637] which belongs to the cache kmalloc-64 of size 64 [ 14.653125] The buggy address is located 0 bytes to the right of [ 14.653125] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.653669] [ 14.653767] The buggy address belongs to the physical page: [ 14.653985] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.654306] flags: 0x200000000000000(node=0|zone=2) [ 14.654578] page_type: f5(slab) [ 14.654736] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.655022] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.655282] page dumped because: kasan: bad access detected [ 14.655454] [ 14.655522] Memory state around the buggy address: [ 14.655676] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.655891] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.656106] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.656381] ^ [ 14.656712] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.657032] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.657354] ================================================================== [ 13.601493] ================================================================== [ 13.602470] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 13.602826] Read of size 4 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 13.603155] [ 13.603351] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 13.603404] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.603416] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.603459] Call Trace: [ 13.603473] <TASK> [ 13.603507] dump_stack_lvl+0x73/0xb0 [ 13.603551] print_report+0xd1/0x610 [ 13.603576] ? __virt_addr_valid+0x1db/0x2d0 [ 13.603600] ? kasan_atomics_helper+0x4bbc/0x5450 [ 13.603622] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.603644] ? kasan_atomics_helper+0x4bbc/0x5450 [ 13.603666] kasan_report+0x141/0x180 [ 13.603689] ? kasan_atomics_helper+0x4bbc/0x5450 [ 13.603716] __asan_report_load4_noabort+0x18/0x20 [ 13.603736] kasan_atomics_helper+0x4bbc/0x5450 [ 13.603759] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.603829] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.603852] ? kasan_atomics+0x152/0x310 [ 13.603876] kasan_atomics+0x1dc/0x310 [ 13.603916] ? __pfx_kasan_atomics+0x10/0x10 [ 13.603937] ? __pfx_read_tsc+0x10/0x10 [ 13.603973] ? ktime_get_ts64+0x86/0x230 [ 13.604000] kunit_try_run_case+0x1a5/0x480 [ 13.604023] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.604042] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.604064] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.604089] ? __kthread_parkme+0x82/0x180 [ 13.604111] ? preempt_count_sub+0x50/0x80 [ 13.604137] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.604158] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.604181] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.604205] kthread+0x337/0x6f0 [ 13.604234] ? trace_preempt_on+0x20/0xc0 [ 13.604259] ? __pfx_kthread+0x10/0x10 [ 13.604277] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.604300] ? calculate_sigpending+0x7b/0xa0 [ 13.604322] ? __pfx_kthread+0x10/0x10 [ 13.604340] ret_from_fork+0x41/0x80 [ 13.604371] ? __pfx_kthread+0x10/0x10 [ 13.604389] ret_from_fork_asm+0x1a/0x30 [ 13.604420] </TASK> [ 13.604432] [ 13.612888] Allocated by task 285: [ 13.613081] kasan_save_stack+0x45/0x70 [ 13.613302] kasan_save_track+0x18/0x40 [ 13.613507] kasan_save_alloc_info+0x3b/0x50 [ 13.613827] __kasan_kmalloc+0xb7/0xc0 [ 13.614026] __kmalloc_cache_noprof+0x189/0x420 [ 13.614272] kasan_atomics+0x95/0x310 [ 13.614459] kunit_try_run_case+0x1a5/0x480 [ 13.614687] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.614937] kthread+0x337/0x6f0 [ 13.615102] ret_from_fork+0x41/0x80 [ 13.615342] ret_from_fork_asm+0x1a/0x30 [ 13.615549] [ 13.615719] The buggy address belongs to the object at ffff888103d00c80 [ 13.615719] which belongs to the cache kmalloc-64 of size 64 [ 13.616095] The buggy address is located 0 bytes to the right of [ 13.616095] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 13.617046] [ 13.617148] The buggy address belongs to the physical page: [ 13.617416] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 13.617912] flags: 0x200000000000000(node=0|zone=2) [ 13.618142] page_type: f5(slab) [ 13.618321] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.618698] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.618957] page dumped because: kasan: bad access detected [ 13.619131] [ 13.619198] Memory state around the buggy address: [ 13.619485] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.619806] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.620131] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.620528] ^ [ 13.620803] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.621028] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.621255] ================================================================== [ 14.440451] ================================================================== [ 14.440795] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 14.441377] Write of size 8 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.441648] [ 14.441781] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.441837] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.441849] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.441871] Call Trace: [ 14.441886] <TASK> [ 14.441929] dump_stack_lvl+0x73/0xb0 [ 14.441954] print_report+0xd1/0x610 [ 14.441977] ? __virt_addr_valid+0x1db/0x2d0 [ 14.442009] ? kasan_atomics_helper+0x164f/0x5450 [ 14.442031] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.442071] ? kasan_atomics_helper+0x164f/0x5450 [ 14.442107] kasan_report+0x141/0x180 [ 14.442131] ? kasan_atomics_helper+0x164f/0x5450 [ 14.442172] kasan_check_range+0x10c/0x1c0 [ 14.442207] __kasan_check_write+0x18/0x20 [ 14.442250] kasan_atomics_helper+0x164f/0x5450 [ 14.442275] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.442312] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.442347] ? kasan_atomics+0x152/0x310 [ 14.442383] kasan_atomics+0x1dc/0x310 [ 14.442403] ? __pfx_kasan_atomics+0x10/0x10 [ 14.442425] ? __pfx_read_tsc+0x10/0x10 [ 14.442445] ? ktime_get_ts64+0x86/0x230 [ 14.442481] kunit_try_run_case+0x1a5/0x480 [ 14.442502] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.442521] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.442554] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.442579] ? __kthread_parkme+0x82/0x180 [ 14.442602] ? preempt_count_sub+0x50/0x80 [ 14.442629] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.442650] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.442675] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.442699] kthread+0x337/0x6f0 [ 14.442716] ? trace_preempt_on+0x20/0xc0 [ 14.442740] ? __pfx_kthread+0x10/0x10 [ 14.442759] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.442782] ? calculate_sigpending+0x7b/0xa0 [ 14.442804] ? __pfx_kthread+0x10/0x10 [ 14.442824] ret_from_fork+0x41/0x80 [ 14.442846] ? __pfx_kthread+0x10/0x10 [ 14.442865] ret_from_fork_asm+0x1a/0x30 [ 14.442897] </TASK> [ 14.442909] [ 14.450804] Allocated by task 285: [ 14.451036] kasan_save_stack+0x45/0x70 [ 14.451249] kasan_save_track+0x18/0x40 [ 14.451469] kasan_save_alloc_info+0x3b/0x50 [ 14.451702] __kasan_kmalloc+0xb7/0xc0 [ 14.451833] __kmalloc_cache_noprof+0x189/0x420 [ 14.451981] kasan_atomics+0x95/0x310 [ 14.452106] kunit_try_run_case+0x1a5/0x480 [ 14.452313] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.452837] kthread+0x337/0x6f0 [ 14.453072] ret_from_fork+0x41/0x80 [ 14.453300] ret_from_fork_asm+0x1a/0x30 [ 14.453565] [ 14.453653] The buggy address belongs to the object at ffff888103d00c80 [ 14.453653] which belongs to the cache kmalloc-64 of size 64 [ 14.454123] The buggy address is located 0 bytes to the right of [ 14.454123] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.454744] [ 14.454870] The buggy address belongs to the physical page: [ 14.455122] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.455527] flags: 0x200000000000000(node=0|zone=2) [ 14.455844] page_type: f5(slab) [ 14.456050] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.456407] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.456731] page dumped because: kasan: bad access detected [ 14.457007] [ 14.457137] Memory state around the buggy address: [ 14.457333] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.457607] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.457888] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.458192] ^ [ 14.458427] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.458756] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.459060] ================================================================== [ 14.596007] ================================================================== [ 14.596262] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 14.597239] Write of size 8 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.598478] [ 14.598860] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.598906] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.598919] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.598940] Call Trace: [ 14.598958] <TASK> [ 14.598973] dump_stack_lvl+0x73/0xb0 [ 14.598999] print_report+0xd1/0x610 [ 14.599022] ? __virt_addr_valid+0x1db/0x2d0 [ 14.599044] ? kasan_atomics_helper+0x1b22/0x5450 [ 14.599066] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.599090] ? kasan_atomics_helper+0x1b22/0x5450 [ 14.599113] kasan_report+0x141/0x180 [ 14.599136] ? kasan_atomics_helper+0x1b22/0x5450 [ 14.599164] kasan_check_range+0x10c/0x1c0 [ 14.599184] __kasan_check_write+0x18/0x20 [ 14.599204] kasan_atomics_helper+0x1b22/0x5450 [ 14.599239] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.599262] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.599284] ? kasan_atomics+0x152/0x310 [ 14.599307] kasan_atomics+0x1dc/0x310 [ 14.599327] ? __pfx_kasan_atomics+0x10/0x10 [ 14.599369] ? __pfx_read_tsc+0x10/0x10 [ 14.599390] ? ktime_get_ts64+0x86/0x230 [ 14.599416] kunit_try_run_case+0x1a5/0x480 [ 14.599437] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.599456] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.599478] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.599503] ? __kthread_parkme+0x82/0x180 [ 14.599524] ? preempt_count_sub+0x50/0x80 [ 14.599550] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.599571] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.599594] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.599618] kthread+0x337/0x6f0 [ 14.599635] ? trace_preempt_on+0x20/0xc0 [ 14.599659] ? __pfx_kthread+0x10/0x10 [ 14.599678] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.599700] ? calculate_sigpending+0x7b/0xa0 [ 14.599722] ? __pfx_kthread+0x10/0x10 [ 14.599741] ret_from_fork+0x41/0x80 [ 14.599762] ? __pfx_kthread+0x10/0x10 [ 14.599783] ret_from_fork_asm+0x1a/0x30 [ 14.599815] </TASK> [ 14.599825] [ 14.612129] Allocated by task 285: [ 14.612272] kasan_save_stack+0x45/0x70 [ 14.612938] kasan_save_track+0x18/0x40 [ 14.613327] kasan_save_alloc_info+0x3b/0x50 [ 14.613739] __kasan_kmalloc+0xb7/0xc0 [ 14.614104] __kmalloc_cache_noprof+0x189/0x420 [ 14.614559] kasan_atomics+0x95/0x310 [ 14.614947] kunit_try_run_case+0x1a5/0x480 [ 14.615336] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.615816] kthread+0x337/0x6f0 [ 14.616119] ret_from_fork+0x41/0x80 [ 14.616534] ret_from_fork_asm+0x1a/0x30 [ 14.616908] [ 14.617043] The buggy address belongs to the object at ffff888103d00c80 [ 14.617043] which belongs to the cache kmalloc-64 of size 64 [ 14.617685] The buggy address is located 0 bytes to the right of [ 14.617685] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.618038] [ 14.618109] The buggy address belongs to the physical page: [ 14.618358] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.619059] flags: 0x200000000000000(node=0|zone=2) [ 14.619535] page_type: f5(slab) [ 14.619707] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.619933] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.620152] page dumped because: kasan: bad access detected [ 14.620369] [ 14.620437] Memory state around the buggy address: [ 14.620645] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.620918] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.621220] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.621513] ^ [ 14.621663] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.621967] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.622250] ================================================================== [ 13.699929] ================================================================== [ 13.700563] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 13.701049] Read of size 4 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 13.701489] [ 13.701803] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 13.701856] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.701870] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.701892] Call Trace: [ 13.701908] <TASK> [ 13.701926] dump_stack_lvl+0x73/0xb0 [ 13.701955] print_report+0xd1/0x610 [ 13.702174] ? __virt_addr_valid+0x1db/0x2d0 [ 13.702203] ? kasan_atomics_helper+0x3df/0x5450 [ 13.702238] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.702262] ? kasan_atomics_helper+0x3df/0x5450 [ 13.702285] kasan_report+0x141/0x180 [ 13.702310] ? kasan_atomics_helper+0x3df/0x5450 [ 13.702337] kasan_check_range+0x10c/0x1c0 [ 13.702370] __kasan_check_read+0x15/0x20 [ 13.702390] kasan_atomics_helper+0x3df/0x5450 [ 13.702414] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.702437] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.702461] ? kasan_atomics+0x152/0x310 [ 13.702485] kasan_atomics+0x1dc/0x310 [ 13.702505] ? __pfx_kasan_atomics+0x10/0x10 [ 13.702527] ? __pfx_read_tsc+0x10/0x10 [ 13.702549] ? ktime_get_ts64+0x86/0x230 [ 13.702575] kunit_try_run_case+0x1a5/0x480 [ 13.702598] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.702618] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.702640] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.702665] ? __kthread_parkme+0x82/0x180 [ 13.702687] ? preempt_count_sub+0x50/0x80 [ 13.702713] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.702734] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.702758] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.702782] kthread+0x337/0x6f0 [ 13.702800] ? trace_preempt_on+0x20/0xc0 [ 13.702824] ? __pfx_kthread+0x10/0x10 [ 13.702843] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.702868] ? calculate_sigpending+0x7b/0xa0 [ 13.702890] ? __pfx_kthread+0x10/0x10 [ 13.702910] ret_from_fork+0x41/0x80 [ 13.702932] ? __pfx_kthread+0x10/0x10 [ 13.702950] ret_from_fork_asm+0x1a/0x30 [ 13.702983] </TASK> [ 13.702995] [ 13.713584] Allocated by task 285: [ 13.713768] kasan_save_stack+0x45/0x70 [ 13.714088] kasan_save_track+0x18/0x40 [ 13.714444] kasan_save_alloc_info+0x3b/0x50 [ 13.714733] __kasan_kmalloc+0xb7/0xc0 [ 13.715007] __kmalloc_cache_noprof+0x189/0x420 [ 13.715258] kasan_atomics+0x95/0x310 [ 13.715625] kunit_try_run_case+0x1a5/0x480 [ 13.715931] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.716191] kthread+0x337/0x6f0 [ 13.716454] ret_from_fork+0x41/0x80 [ 13.716761] ret_from_fork_asm+0x1a/0x30 [ 13.716934] [ 13.717034] The buggy address belongs to the object at ffff888103d00c80 [ 13.717034] which belongs to the cache kmalloc-64 of size 64 [ 13.717786] The buggy address is located 0 bytes to the right of [ 13.717786] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 13.718550] [ 13.718751] The buggy address belongs to the physical page: [ 13.718984] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 13.719306] flags: 0x200000000000000(node=0|zone=2) [ 13.719565] page_type: f5(slab) [ 13.719686] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.719991] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.720324] page dumped because: kasan: bad access detected [ 13.720579] [ 13.720749] Memory state around the buggy address: [ 13.720958] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.721233] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.721482] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.721815] ^ [ 13.722029] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.722471] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.722703] ================================================================== [ 14.459763] ================================================================== [ 14.460114] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 14.460692] Write of size 8 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.460965] [ 14.461048] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.461089] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.461101] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.461121] Call Trace: [ 14.461163] <TASK> [ 14.461178] dump_stack_lvl+0x73/0xb0 [ 14.461203] print_report+0xd1/0x610 [ 14.461244] ? __virt_addr_valid+0x1db/0x2d0 [ 14.461266] ? kasan_atomics_helper+0x16e7/0x5450 [ 14.461289] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.461338] ? kasan_atomics_helper+0x16e7/0x5450 [ 14.461362] kasan_report+0x141/0x180 [ 14.461386] ? kasan_atomics_helper+0x16e7/0x5450 [ 14.461433] kasan_check_range+0x10c/0x1c0 [ 14.461455] __kasan_check_write+0x18/0x20 [ 14.461476] kasan_atomics_helper+0x16e7/0x5450 [ 14.461499] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.461548] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.461571] ? kasan_atomics+0x152/0x310 [ 14.461595] kasan_atomics+0x1dc/0x310 [ 14.461626] ? __pfx_kasan_atomics+0x10/0x10 [ 14.461647] ? __pfx_read_tsc+0x10/0x10 [ 14.461694] ? ktime_get_ts64+0x86/0x230 [ 14.461720] kunit_try_run_case+0x1a5/0x480 [ 14.461741] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.461771] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.461793] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.461844] ? __kthread_parkme+0x82/0x180 [ 14.461866] ? preempt_count_sub+0x50/0x80 [ 14.461893] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.461924] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.461949] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.461998] kthread+0x337/0x6f0 [ 14.462016] ? trace_preempt_on+0x20/0xc0 [ 14.462040] ? __pfx_kthread+0x10/0x10 [ 14.462069] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.462093] ? calculate_sigpending+0x7b/0xa0 [ 14.462140] ? __pfx_kthread+0x10/0x10 [ 14.462159] ret_from_fork+0x41/0x80 [ 14.462181] ? __pfx_kthread+0x10/0x10 [ 14.462200] ret_from_fork_asm+0x1a/0x30 [ 14.462250] </TASK> [ 14.462260] [ 14.470605] Allocated by task 285: [ 14.470778] kasan_save_stack+0x45/0x70 [ 14.470997] kasan_save_track+0x18/0x40 [ 14.471246] kasan_save_alloc_info+0x3b/0x50 [ 14.471559] __kasan_kmalloc+0xb7/0xc0 [ 14.471760] __kmalloc_cache_noprof+0x189/0x420 [ 14.471953] kasan_atomics+0x95/0x310 [ 14.472082] kunit_try_run_case+0x1a5/0x480 [ 14.472340] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.472653] kthread+0x337/0x6f0 [ 14.472844] ret_from_fork+0x41/0x80 [ 14.473058] ret_from_fork_asm+0x1a/0x30 [ 14.473263] [ 14.473366] The buggy address belongs to the object at ffff888103d00c80 [ 14.473366] which belongs to the cache kmalloc-64 of size 64 [ 14.473845] The buggy address is located 0 bytes to the right of [ 14.473845] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.474309] [ 14.474444] The buggy address belongs to the physical page: [ 14.474708] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.475066] flags: 0x200000000000000(node=0|zone=2) [ 14.475313] page_type: f5(slab) [ 14.475497] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.475849] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.476171] page dumped because: kasan: bad access detected [ 14.476436] [ 14.476539] Memory state around the buggy address: [ 14.476734] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.476951] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.477160] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.477572] ^ [ 14.477800] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.478123] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.478647] ================================================================== [ 14.699212] ================================================================== [ 14.700415] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 14.700852] Write of size 8 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.701086] [ 14.701174] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.701219] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.701250] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.701272] Call Trace: [ 14.701290] <TASK> [ 14.701306] dump_stack_lvl+0x73/0xb0 [ 14.701332] print_report+0xd1/0x610 [ 14.701355] ? __virt_addr_valid+0x1db/0x2d0 [ 14.701377] ? kasan_atomics_helper+0x1e12/0x5450 [ 14.701400] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.701423] ? kasan_atomics_helper+0x1e12/0x5450 [ 14.701446] kasan_report+0x141/0x180 [ 14.701470] ? kasan_atomics_helper+0x1e12/0x5450 [ 14.701498] kasan_check_range+0x10c/0x1c0 [ 14.701519] __kasan_check_write+0x18/0x20 [ 14.701540] kasan_atomics_helper+0x1e12/0x5450 [ 14.701564] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.701588] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.701610] ? kasan_atomics+0x152/0x310 [ 14.701635] kasan_atomics+0x1dc/0x310 [ 14.701655] ? __pfx_kasan_atomics+0x10/0x10 [ 14.701677] ? __pfx_read_tsc+0x10/0x10 [ 14.701698] ? ktime_get_ts64+0x86/0x230 [ 14.701724] kunit_try_run_case+0x1a5/0x480 [ 14.701746] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.701765] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.701804] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.701830] ? __kthread_parkme+0x82/0x180 [ 14.701852] ? preempt_count_sub+0x50/0x80 [ 14.701878] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.701899] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.701923] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.701946] kthread+0x337/0x6f0 [ 14.701964] ? trace_preempt_on+0x20/0xc0 [ 14.701988] ? __pfx_kthread+0x10/0x10 [ 14.702007] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.702030] ? calculate_sigpending+0x7b/0xa0 [ 14.702052] ? __pfx_kthread+0x10/0x10 [ 14.702072] ret_from_fork+0x41/0x80 [ 14.702093] ? __pfx_kthread+0x10/0x10 [ 14.702112] ret_from_fork_asm+0x1a/0x30 [ 14.702143] </TASK> [ 14.702154] [ 14.713718] Allocated by task 285: [ 14.713882] kasan_save_stack+0x45/0x70 [ 14.714088] kasan_save_track+0x18/0x40 [ 14.714254] kasan_save_alloc_info+0x3b/0x50 [ 14.714532] __kasan_kmalloc+0xb7/0xc0 [ 14.714708] __kmalloc_cache_noprof+0x189/0x420 [ 14.714889] kasan_atomics+0x95/0x310 [ 14.715064] kunit_try_run_case+0x1a5/0x480 [ 14.715249] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.715425] kthread+0x337/0x6f0 [ 14.715543] ret_from_fork+0x41/0x80 [ 14.715675] ret_from_fork_asm+0x1a/0x30 [ 14.715813] [ 14.715885] The buggy address belongs to the object at ffff888103d00c80 [ 14.715885] which belongs to the cache kmalloc-64 of size 64 [ 14.716630] The buggy address is located 0 bytes to the right of [ 14.716630] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.716999] [ 14.717070] The buggy address belongs to the physical page: [ 14.717485] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.717813] flags: 0x200000000000000(node=0|zone=2) [ 14.718027] page_type: f5(slab) [ 14.718185] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.719021] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.719363] page dumped because: kasan: bad access detected [ 14.719592] [ 14.719688] Memory state around the buggy address: [ 14.719918] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.720210] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.720536] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.720799] ^ [ 14.720962] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.721207] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.721558] ================================================================== [ 13.778883] ================================================================== [ 13.779248] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 13.779592] Write of size 4 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 13.779923] [ 13.780038] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 13.780083] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.780096] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.780118] Call Trace: [ 13.780138] <TASK> [ 13.780155] dump_stack_lvl+0x73/0xb0 [ 13.780179] print_report+0xd1/0x610 [ 13.780203] ? __virt_addr_valid+0x1db/0x2d0 [ 13.780235] ? kasan_atomics_helper+0x565/0x5450 [ 13.780258] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.780282] ? kasan_atomics_helper+0x565/0x5450 [ 13.780304] kasan_report+0x141/0x180 [ 13.780327] ? kasan_atomics_helper+0x565/0x5450 [ 13.780354] kasan_check_range+0x10c/0x1c0 [ 13.780375] __kasan_check_write+0x18/0x20 [ 13.780395] kasan_atomics_helper+0x565/0x5450 [ 13.780419] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.780441] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.780463] ? kasan_atomics+0x152/0x310 [ 13.780487] kasan_atomics+0x1dc/0x310 [ 13.780506] ? __pfx_kasan_atomics+0x10/0x10 [ 13.780528] ? __pfx_read_tsc+0x10/0x10 [ 13.780549] ? ktime_get_ts64+0x86/0x230 [ 13.780575] kunit_try_run_case+0x1a5/0x480 [ 13.780596] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.780615] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.780637] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.780661] ? __kthread_parkme+0x82/0x180 [ 13.780684] ? preempt_count_sub+0x50/0x80 [ 13.780711] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.780732] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.780756] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.780779] kthread+0x337/0x6f0 [ 13.780797] ? trace_preempt_on+0x20/0xc0 [ 13.780820] ? __pfx_kthread+0x10/0x10 [ 13.780839] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.780862] ? calculate_sigpending+0x7b/0xa0 [ 13.780884] ? __pfx_kthread+0x10/0x10 [ 13.780940] ret_from_fork+0x41/0x80 [ 13.780964] ? __pfx_kthread+0x10/0x10 [ 13.780983] ret_from_fork_asm+0x1a/0x30 [ 13.781017] </TASK> [ 13.781029] [ 13.788765] Allocated by task 285: [ 13.788954] kasan_save_stack+0x45/0x70 [ 13.789158] kasan_save_track+0x18/0x40 [ 13.789374] kasan_save_alloc_info+0x3b/0x50 [ 13.789609] __kasan_kmalloc+0xb7/0xc0 [ 13.789753] __kmalloc_cache_noprof+0x189/0x420 [ 13.789906] kasan_atomics+0x95/0x310 [ 13.790037] kunit_try_run_case+0x1a5/0x480 [ 13.790264] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.790729] kthread+0x337/0x6f0 [ 13.790897] ret_from_fork+0x41/0x80 [ 13.791114] ret_from_fork_asm+0x1a/0x30 [ 13.791332] [ 13.791486] The buggy address belongs to the object at ffff888103d00c80 [ 13.791486] which belongs to the cache kmalloc-64 of size 64 [ 13.792005] The buggy address is located 0 bytes to the right of [ 13.792005] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 13.792593] [ 13.792691] The buggy address belongs to the physical page: [ 13.792952] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 13.793312] flags: 0x200000000000000(node=0|zone=2) [ 13.793628] page_type: f5(slab) [ 13.793793] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.794162] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.794546] page dumped because: kasan: bad access detected [ 13.794790] [ 13.794883] Memory state around the buggy address: [ 13.795107] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.795453] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.795786] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.796093] ^ [ 13.796352] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.796662] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.796971] ================================================================== [ 14.200422] ================================================================== [ 14.200687] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 14.201056] Write of size 4 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.201480] [ 14.201612] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.201656] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.201680] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.201703] Call Trace: [ 14.201717] <TASK> [ 14.201730] dump_stack_lvl+0x73/0xb0 [ 14.201767] print_report+0xd1/0x610 [ 14.201790] ? __virt_addr_valid+0x1db/0x2d0 [ 14.201811] ? kasan_atomics_helper+0x1148/0x5450 [ 14.201844] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.201868] ? kasan_atomics_helper+0x1148/0x5450 [ 14.201891] kasan_report+0x141/0x180 [ 14.201924] ? kasan_atomics_helper+0x1148/0x5450 [ 14.201952] kasan_check_range+0x10c/0x1c0 [ 14.201985] __kasan_check_write+0x18/0x20 [ 14.202005] kasan_atomics_helper+0x1148/0x5450 [ 14.202029] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.202062] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.202084] ? kasan_atomics+0x152/0x310 [ 14.202108] kasan_atomics+0x1dc/0x310 [ 14.202139] ? __pfx_kasan_atomics+0x10/0x10 [ 14.202161] ? __pfx_read_tsc+0x10/0x10 [ 14.202181] ? ktime_get_ts64+0x86/0x230 [ 14.202216] kunit_try_run_case+0x1a5/0x480 [ 14.202246] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.202265] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.202296] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.202321] ? __kthread_parkme+0x82/0x180 [ 14.202366] ? preempt_count_sub+0x50/0x80 [ 14.202393] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.202415] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.202450] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.202474] kthread+0x337/0x6f0 [ 14.202491] ? trace_preempt_on+0x20/0xc0 [ 14.202526] ? __pfx_kthread+0x10/0x10 [ 14.202544] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.202567] ? calculate_sigpending+0x7b/0xa0 [ 14.202601] ? __pfx_kthread+0x10/0x10 [ 14.202620] ret_from_fork+0x41/0x80 [ 14.202641] ? __pfx_kthread+0x10/0x10 [ 14.202671] ret_from_fork_asm+0x1a/0x30 [ 14.202702] </TASK> [ 14.202713] [ 14.210768] Allocated by task 285: [ 14.210942] kasan_save_stack+0x45/0x70 [ 14.211147] kasan_save_track+0x18/0x40 [ 14.211371] kasan_save_alloc_info+0x3b/0x50 [ 14.211597] __kasan_kmalloc+0xb7/0xc0 [ 14.211742] __kmalloc_cache_noprof+0x189/0x420 [ 14.211895] kasan_atomics+0x95/0x310 [ 14.212083] kunit_try_run_case+0x1a5/0x480 [ 14.212306] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.212584] kthread+0x337/0x6f0 [ 14.212747] ret_from_fork+0x41/0x80 [ 14.212905] ret_from_fork_asm+0x1a/0x30 [ 14.213050] [ 14.213143] The buggy address belongs to the object at ffff888103d00c80 [ 14.213143] which belongs to the cache kmalloc-64 of size 64 [ 14.213660] The buggy address is located 0 bytes to the right of [ 14.213660] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.214027] [ 14.214098] The buggy address belongs to the physical page: [ 14.214279] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.214546] flags: 0x200000000000000(node=0|zone=2) [ 14.214709] page_type: f5(slab) [ 14.214831] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.215062] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.215409] page dumped because: kasan: bad access detected [ 14.215658] [ 14.215748] Memory state around the buggy address: [ 14.215968] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.216290] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.216632] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.216947] ^ [ 14.217190] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.217544] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.217879] ================================================================== [ 14.078141] ================================================================== [ 14.078600] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 14.079324] Write of size 4 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.079665] [ 14.079769] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.079811] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.079823] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.079845] Call Trace: [ 14.079859] <TASK> [ 14.079875] dump_stack_lvl+0x73/0xb0 [ 14.079898] print_report+0xd1/0x610 [ 14.079921] ? __virt_addr_valid+0x1db/0x2d0 [ 14.079943] ? kasan_atomics_helper+0xe78/0x5450 [ 14.079965] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.079988] ? kasan_atomics_helper+0xe78/0x5450 [ 14.080011] kasan_report+0x141/0x180 [ 14.080034] ? kasan_atomics_helper+0xe78/0x5450 [ 14.080061] kasan_check_range+0x10c/0x1c0 [ 14.080083] __kasan_check_write+0x18/0x20 [ 14.080103] kasan_atomics_helper+0xe78/0x5450 [ 14.080127] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.080150] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.080172] ? kasan_atomics+0x152/0x310 [ 14.080196] kasan_atomics+0x1dc/0x310 [ 14.080216] ? __pfx_kasan_atomics+0x10/0x10 [ 14.080250] ? __pfx_read_tsc+0x10/0x10 [ 14.080270] ? ktime_get_ts64+0x86/0x230 [ 14.080296] kunit_try_run_case+0x1a5/0x480 [ 14.080318] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.080337] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.080359] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.080395] ? __kthread_parkme+0x82/0x180 [ 14.080417] ? preempt_count_sub+0x50/0x80 [ 14.080443] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.080464] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.080488] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.080512] kthread+0x337/0x6f0 [ 14.080529] ? trace_preempt_on+0x20/0xc0 [ 14.080553] ? __pfx_kthread+0x10/0x10 [ 14.080572] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.080595] ? calculate_sigpending+0x7b/0xa0 [ 14.080617] ? __pfx_kthread+0x10/0x10 [ 14.080636] ret_from_fork+0x41/0x80 [ 14.080657] ? __pfx_kthread+0x10/0x10 [ 14.080676] ret_from_fork_asm+0x1a/0x30 [ 14.080707] </TASK> [ 14.080718] [ 14.087917] Allocated by task 285: [ 14.088112] kasan_save_stack+0x45/0x70 [ 14.088264] kasan_save_track+0x18/0x40 [ 14.088482] kasan_save_alloc_info+0x3b/0x50 [ 14.088685] __kasan_kmalloc+0xb7/0xc0 [ 14.088884] __kmalloc_cache_noprof+0x189/0x420 [ 14.089039] kasan_atomics+0x95/0x310 [ 14.089166] kunit_try_run_case+0x1a5/0x480 [ 14.089316] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.089822] kthread+0x337/0x6f0 [ 14.089988] ret_from_fork+0x41/0x80 [ 14.090164] ret_from_fork_asm+0x1a/0x30 [ 14.090771] [ 14.091039] The buggy address belongs to the object at ffff888103d00c80 [ 14.091039] which belongs to the cache kmalloc-64 of size 64 [ 14.092034] The buggy address is located 0 bytes to the right of [ 14.092034] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.092534] [ 14.092634] The buggy address belongs to the physical page: [ 14.092878] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.093169] flags: 0x200000000000000(node=0|zone=2) [ 14.093481] page_type: f5(slab) [ 14.093665] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.093897] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.094117] page dumped because: kasan: bad access detected [ 14.094292] [ 14.094359] Memory state around the buggy address: [ 14.094509] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.094716] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.095005] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.095319] ^ [ 14.095538] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.095846] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.096142] ================================================================== [ 14.236045] ================================================================== [ 14.236473] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 14.236797] Write of size 4 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.237029] [ 14.237114] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.237157] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.237170] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.237191] Call Trace: [ 14.237206] <TASK> [ 14.237233] dump_stack_lvl+0x73/0xb0 [ 14.237257] print_report+0xd1/0x610 [ 14.237281] ? __virt_addr_valid+0x1db/0x2d0 [ 14.237302] ? kasan_atomics_helper+0x1217/0x5450 [ 14.237324] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.237369] ? kasan_atomics_helper+0x1217/0x5450 [ 14.237393] kasan_report+0x141/0x180 [ 14.237417] ? kasan_atomics_helper+0x1217/0x5450 [ 14.237444] kasan_check_range+0x10c/0x1c0 [ 14.237464] __kasan_check_write+0x18/0x20 [ 14.237485] kasan_atomics_helper+0x1217/0x5450 [ 14.237508] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.237531] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.237553] ? kasan_atomics+0x152/0x310 [ 14.237577] kasan_atomics+0x1dc/0x310 [ 14.237596] ? __pfx_kasan_atomics+0x10/0x10 [ 14.237618] ? __pfx_read_tsc+0x10/0x10 [ 14.237640] ? ktime_get_ts64+0x86/0x230 [ 14.237675] kunit_try_run_case+0x1a5/0x480 [ 14.237696] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.237716] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.237749] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.237774] ? __kthread_parkme+0x82/0x180 [ 14.237796] ? preempt_count_sub+0x50/0x80 [ 14.237834] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.237856] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.237879] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.237915] kthread+0x337/0x6f0 [ 14.237933] ? trace_preempt_on+0x20/0xc0 [ 14.237957] ? __pfx_kthread+0x10/0x10 [ 14.237986] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.238009] ? calculate_sigpending+0x7b/0xa0 [ 14.238031] ? __pfx_kthread+0x10/0x10 [ 14.238061] ret_from_fork+0x41/0x80 [ 14.238083] ? __pfx_kthread+0x10/0x10 [ 14.238101] ret_from_fork_asm+0x1a/0x30 [ 14.238144] </TASK> [ 14.238155] [ 14.245726] Allocated by task 285: [ 14.245928] kasan_save_stack+0x45/0x70 [ 14.246161] kasan_save_track+0x18/0x40 [ 14.246413] kasan_save_alloc_info+0x3b/0x50 [ 14.246620] __kasan_kmalloc+0xb7/0xc0 [ 14.246807] __kmalloc_cache_noprof+0x189/0x420 [ 14.247035] kasan_atomics+0x95/0x310 [ 14.247248] kunit_try_run_case+0x1a5/0x480 [ 14.247478] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.247655] kthread+0x337/0x6f0 [ 14.247774] ret_from_fork+0x41/0x80 [ 14.247959] ret_from_fork_asm+0x1a/0x30 [ 14.248183] [ 14.248365] The buggy address belongs to the object at ffff888103d00c80 [ 14.248365] which belongs to the cache kmalloc-64 of size 64 [ 14.249374] The buggy address is located 0 bytes to the right of [ 14.249374] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.250005] [ 14.250162] The buggy address belongs to the physical page: [ 14.250653] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.251292] flags: 0x200000000000000(node=0|zone=2) [ 14.251536] page_type: f5(slab) [ 14.251658] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.251892] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.252118] page dumped because: kasan: bad access detected [ 14.252299] [ 14.252426] Memory state around the buggy address: [ 14.252876] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.253535] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.254155] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.254793] ^ [ 14.255232] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.255881] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.256524] ================================================================== [ 14.675497] ================================================================== [ 14.675975] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 14.676303] Write of size 8 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.676621] [ 14.676731] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.676773] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.676785] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.676806] Call Trace: [ 14.676820] <TASK> [ 14.676835] dump_stack_lvl+0x73/0xb0 [ 14.676860] print_report+0xd1/0x610 [ 14.676883] ? __virt_addr_valid+0x1db/0x2d0 [ 14.676905] ? kasan_atomics_helper+0x1d7a/0x5450 [ 14.676933] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.676956] ? kasan_atomics_helper+0x1d7a/0x5450 [ 14.676980] kasan_report+0x141/0x180 [ 14.677004] ? kasan_atomics_helper+0x1d7a/0x5450 [ 14.677032] kasan_check_range+0x10c/0x1c0 [ 14.677053] __kasan_check_write+0x18/0x20 [ 14.677074] kasan_atomics_helper+0x1d7a/0x5450 [ 14.677098] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.677122] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.677144] ? kasan_atomics+0x152/0x310 [ 14.677168] kasan_atomics+0x1dc/0x310 [ 14.677188] ? __pfx_kasan_atomics+0x10/0x10 [ 14.677210] ? __pfx_read_tsc+0x10/0x10 [ 14.677242] ? ktime_get_ts64+0x86/0x230 [ 14.677267] kunit_try_run_case+0x1a5/0x480 [ 14.677289] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.677308] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.677329] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.677365] ? __kthread_parkme+0x82/0x180 [ 14.677386] ? preempt_count_sub+0x50/0x80 [ 14.677412] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.677433] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.677456] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.677480] kthread+0x337/0x6f0 [ 14.677498] ? trace_preempt_on+0x20/0xc0 [ 14.677522] ? __pfx_kthread+0x10/0x10 [ 14.677541] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.677564] ? calculate_sigpending+0x7b/0xa0 [ 14.677585] ? __pfx_kthread+0x10/0x10 [ 14.677605] ret_from_fork+0x41/0x80 [ 14.677626] ? __pfx_kthread+0x10/0x10 [ 14.677645] ret_from_fork_asm+0x1a/0x30 [ 14.677677] </TASK> [ 14.677688] [ 14.685176] Allocated by task 285: [ 14.685349] kasan_save_stack+0x45/0x70 [ 14.685540] kasan_save_track+0x18/0x40 [ 14.685708] kasan_save_alloc_info+0x3b/0x50 [ 14.685892] __kasan_kmalloc+0xb7/0xc0 [ 14.686043] __kmalloc_cache_noprof+0x189/0x420 [ 14.686196] kasan_atomics+0x95/0x310 [ 14.686937] kunit_try_run_case+0x1a5/0x480 [ 14.688052] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.688461] kthread+0x337/0x6f0 [ 14.688586] ret_from_fork+0x41/0x80 [ 14.688726] ret_from_fork_asm+0x1a/0x30 [ 14.688867] [ 14.688944] The buggy address belongs to the object at ffff888103d00c80 [ 14.688944] which belongs to the cache kmalloc-64 of size 64 [ 14.689934] The buggy address is located 0 bytes to the right of [ 14.689934] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.691077] [ 14.691245] The buggy address belongs to the physical page: [ 14.691853] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.692547] flags: 0x200000000000000(node=0|zone=2) [ 14.692943] page_type: f5(slab) [ 14.693066] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.693310] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.693538] page dumped because: kasan: bad access detected [ 14.693826] [ 14.693980] Memory state around the buggy address: [ 14.694410] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.694990] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.695698] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.696309] ^ [ 14.696824] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.697469] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.698163] ================================================================== [ 13.971981] ================================================================== [ 13.972344] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 13.972687] Write of size 4 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 13.973023] [ 13.973129] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 13.973171] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.973182] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.973203] Call Trace: [ 13.973220] <TASK> [ 13.973249] dump_stack_lvl+0x73/0xb0 [ 13.973273] print_report+0xd1/0x610 [ 13.973296] ? __virt_addr_valid+0x1db/0x2d0 [ 13.973318] ? kasan_atomics_helper+0xac7/0x5450 [ 13.973340] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.973365] ? kasan_atomics_helper+0xac7/0x5450 [ 13.973387] kasan_report+0x141/0x180 [ 13.973411] ? kasan_atomics_helper+0xac7/0x5450 [ 13.973438] kasan_check_range+0x10c/0x1c0 [ 13.973459] __kasan_check_write+0x18/0x20 [ 13.973479] kasan_atomics_helper+0xac7/0x5450 [ 13.973502] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.973527] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.973549] ? kasan_atomics+0x152/0x310 [ 13.973573] kasan_atomics+0x1dc/0x310 [ 13.973592] ? __pfx_kasan_atomics+0x10/0x10 [ 13.973614] ? __pfx_read_tsc+0x10/0x10 [ 13.973634] ? ktime_get_ts64+0x86/0x230 [ 13.973659] kunit_try_run_case+0x1a5/0x480 [ 13.973681] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.973700] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.973721] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.973746] ? __kthread_parkme+0x82/0x180 [ 13.973768] ? preempt_count_sub+0x50/0x80 [ 13.973794] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.973815] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.973839] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.973864] kthread+0x337/0x6f0 [ 13.973882] ? trace_preempt_on+0x20/0xc0 [ 13.973906] ? __pfx_kthread+0x10/0x10 [ 13.973925] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.973950] ? calculate_sigpending+0x7b/0xa0 [ 13.973975] ? __pfx_kthread+0x10/0x10 [ 13.973995] ret_from_fork+0x41/0x80 [ 13.974017] ? __pfx_kthread+0x10/0x10 [ 13.974036] ret_from_fork_asm+0x1a/0x30 [ 13.974067] </TASK> [ 13.974078] [ 13.981374] Allocated by task 285: [ 13.981538] kasan_save_stack+0x45/0x70 [ 13.981752] kasan_save_track+0x18/0x40 [ 13.981946] kasan_save_alloc_info+0x3b/0x50 [ 13.982160] __kasan_kmalloc+0xb7/0xc0 [ 13.982360] __kmalloc_cache_noprof+0x189/0x420 [ 13.982580] kasan_atomics+0x95/0x310 [ 13.982766] kunit_try_run_case+0x1a5/0x480 [ 13.982979] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.983238] kthread+0x337/0x6f0 [ 13.983448] ret_from_fork+0x41/0x80 [ 13.983642] ret_from_fork_asm+0x1a/0x30 [ 13.983817] [ 13.983902] The buggy address belongs to the object at ffff888103d00c80 [ 13.983902] which belongs to the cache kmalloc-64 of size 64 [ 13.984328] The buggy address is located 0 bytes to the right of [ 13.984328] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 13.984865] [ 13.984953] The buggy address belongs to the physical page: [ 13.985171] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 13.985639] flags: 0x200000000000000(node=0|zone=2) [ 13.985853] page_type: f5(slab) [ 13.985983] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.986312] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.986758] page dumped because: kasan: bad access detected [ 13.986966] [ 13.987052] Memory state around the buggy address: [ 13.987255] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.987471] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.987686] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.987899] ^ [ 13.988053] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.988296] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.988939] ================================================================== [ 14.775495] ================================================================== [ 14.775869] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 14.776207] Write of size 8 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.776475] [ 14.776561] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.776603] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.776616] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.776637] Call Trace: [ 14.776654] <TASK> [ 14.776669] dump_stack_lvl+0x73/0xb0 [ 14.776693] print_report+0xd1/0x610 [ 14.776715] ? __virt_addr_valid+0x1db/0x2d0 [ 14.776736] ? kasan_atomics_helper+0x2006/0x5450 [ 14.776758] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.776781] ? kasan_atomics_helper+0x2006/0x5450 [ 14.776804] kasan_report+0x141/0x180 [ 14.776827] ? kasan_atomics_helper+0x2006/0x5450 [ 14.776854] kasan_check_range+0x10c/0x1c0 [ 14.776875] __kasan_check_write+0x18/0x20 [ 14.776896] kasan_atomics_helper+0x2006/0x5450 [ 14.776924] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.776947] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.776969] ? kasan_atomics+0x152/0x310 [ 14.776992] kasan_atomics+0x1dc/0x310 [ 14.777012] ? __pfx_kasan_atomics+0x10/0x10 [ 14.777034] ? __pfx_read_tsc+0x10/0x10 [ 14.777054] ? ktime_get_ts64+0x86/0x230 [ 14.777079] kunit_try_run_case+0x1a5/0x480 [ 14.777100] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.777120] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.777140] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.777165] ? __kthread_parkme+0x82/0x180 [ 14.777187] ? preempt_count_sub+0x50/0x80 [ 14.777212] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.777294] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.777320] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.777362] kthread+0x337/0x6f0 [ 14.777380] ? trace_preempt_on+0x20/0xc0 [ 14.777405] ? __pfx_kthread+0x10/0x10 [ 14.777424] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.777447] ? calculate_sigpending+0x7b/0xa0 [ 14.777470] ? __pfx_kthread+0x10/0x10 [ 14.777489] ret_from_fork+0x41/0x80 [ 14.777511] ? __pfx_kthread+0x10/0x10 [ 14.777529] ret_from_fork_asm+0x1a/0x30 [ 14.777561] </TASK> [ 14.777572] [ 14.788744] Allocated by task 285: [ 14.788930] kasan_save_stack+0x45/0x70 [ 14.789135] kasan_save_track+0x18/0x40 [ 14.789546] kasan_save_alloc_info+0x3b/0x50 [ 14.789846] __kasan_kmalloc+0xb7/0xc0 [ 14.790130] __kmalloc_cache_noprof+0x189/0x420 [ 14.790524] kasan_atomics+0x95/0x310 [ 14.790727] kunit_try_run_case+0x1a5/0x480 [ 14.791046] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.791329] kthread+0x337/0x6f0 [ 14.791665] ret_from_fork+0x41/0x80 [ 14.791942] ret_from_fork_asm+0x1a/0x30 [ 14.792112] [ 14.792212] The buggy address belongs to the object at ffff888103d00c80 [ 14.792212] which belongs to the cache kmalloc-64 of size 64 [ 14.792888] The buggy address is located 0 bytes to the right of [ 14.792888] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.793441] [ 14.793543] The buggy address belongs to the physical page: [ 14.793765] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.794130] flags: 0x200000000000000(node=0|zone=2) [ 14.794387] page_type: f5(slab) [ 14.794555] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.794885] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.795219] page dumped because: kasan: bad access detected [ 14.795455] [ 14.795550] Memory state around the buggy address: [ 14.795784] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.796096] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.796461] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.796742] ^ [ 14.796957] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.797281] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.797595] ================================================================== [ 14.852130] ================================================================== [ 14.852494] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 14.852830] Write of size 8 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.853131] [ 14.853217] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.853269] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.853280] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.853301] Call Trace: [ 14.853406] <TASK> [ 14.853421] dump_stack_lvl+0x73/0xb0 [ 14.853448] print_report+0xd1/0x610 [ 14.853471] ? __virt_addr_valid+0x1db/0x2d0 [ 14.853493] ? kasan_atomics_helper+0x218a/0x5450 [ 14.853514] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.853537] ? kasan_atomics_helper+0x218a/0x5450 [ 14.853560] kasan_report+0x141/0x180 [ 14.853583] ? kasan_atomics_helper+0x218a/0x5450 [ 14.853610] kasan_check_range+0x10c/0x1c0 [ 14.853632] __kasan_check_write+0x18/0x20 [ 14.853652] kasan_atomics_helper+0x218a/0x5450 [ 14.853676] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.853699] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.853721] ? kasan_atomics+0x152/0x310 [ 14.853745] kasan_atomics+0x1dc/0x310 [ 14.853764] ? __pfx_kasan_atomics+0x10/0x10 [ 14.853786] ? __pfx_read_tsc+0x10/0x10 [ 14.853806] ? ktime_get_ts64+0x86/0x230 [ 14.853831] kunit_try_run_case+0x1a5/0x480 [ 14.853852] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.853872] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.853892] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.853917] ? __kthread_parkme+0x82/0x180 [ 14.853939] ? preempt_count_sub+0x50/0x80 [ 14.853964] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.853985] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.854009] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.854032] kthread+0x337/0x6f0 [ 14.854050] ? trace_preempt_on+0x20/0xc0 [ 14.854073] ? __pfx_kthread+0x10/0x10 [ 14.854092] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.854115] ? calculate_sigpending+0x7b/0xa0 [ 14.854137] ? __pfx_kthread+0x10/0x10 [ 14.854155] ret_from_fork+0x41/0x80 [ 14.854177] ? __pfx_kthread+0x10/0x10 [ 14.854195] ret_from_fork_asm+0x1a/0x30 [ 14.854238] </TASK> [ 14.854250] [ 14.861436] Allocated by task 285: [ 14.861592] kasan_save_stack+0x45/0x70 [ 14.861763] kasan_save_track+0x18/0x40 [ 14.861936] kasan_save_alloc_info+0x3b/0x50 [ 14.862120] __kasan_kmalloc+0xb7/0xc0 [ 14.862297] __kmalloc_cache_noprof+0x189/0x420 [ 14.862519] kasan_atomics+0x95/0x310 [ 14.862667] kunit_try_run_case+0x1a5/0x480 [ 14.862866] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.863080] kthread+0x337/0x6f0 [ 14.863242] ret_from_fork+0x41/0x80 [ 14.863426] ret_from_fork_asm+0x1a/0x30 [ 14.863598] [ 14.863691] The buggy address belongs to the object at ffff888103d00c80 [ 14.863691] which belongs to the cache kmalloc-64 of size 64 [ 14.864150] The buggy address is located 0 bytes to the right of [ 14.864150] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.864550] [ 14.864622] The buggy address belongs to the physical page: [ 14.864794] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.865038] flags: 0x200000000000000(node=0|zone=2) [ 14.865199] page_type: f5(slab) [ 14.865400] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.865739] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.866072] page dumped because: kasan: bad access detected [ 14.866334] [ 14.866445] Memory state around the buggy address: [ 14.866664] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.866979] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.867285] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.867575] ^ [ 14.867777] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.867993] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.868206] ================================================================== [ 14.557039] ================================================================== [ 14.557419] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 14.558154] Write of size 8 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.558532] [ 14.558637] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.558680] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.558694] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.558716] Call Trace: [ 14.558734] <TASK> [ 14.558750] dump_stack_lvl+0x73/0xb0 [ 14.558774] print_report+0xd1/0x610 [ 14.558808] ? __virt_addr_valid+0x1db/0x2d0 [ 14.558830] ? kasan_atomics_helper+0x19e3/0x5450 [ 14.558852] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.558887] ? kasan_atomics_helper+0x19e3/0x5450 [ 14.558911] kasan_report+0x141/0x180 [ 14.558934] ? kasan_atomics_helper+0x19e3/0x5450 [ 14.558962] kasan_check_range+0x10c/0x1c0 [ 14.558983] __kasan_check_write+0x18/0x20 [ 14.559012] kasan_atomics_helper+0x19e3/0x5450 [ 14.559035] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.559059] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.559092] ? kasan_atomics+0x152/0x310 [ 14.559117] kasan_atomics+0x1dc/0x310 [ 14.559138] ? __pfx_kasan_atomics+0x10/0x10 [ 14.559160] ? __pfx_read_tsc+0x10/0x10 [ 14.559187] ? ktime_get_ts64+0x86/0x230 [ 14.559212] kunit_try_run_case+0x1a5/0x480 [ 14.559249] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.559269] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.559290] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.559315] ? __kthread_parkme+0x82/0x180 [ 14.559337] ? preempt_count_sub+0x50/0x80 [ 14.559376] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.559406] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.559430] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.559454] kthread+0x337/0x6f0 [ 14.559481] ? trace_preempt_on+0x20/0xc0 [ 14.559505] ? __pfx_kthread+0x10/0x10 [ 14.559523] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.559546] ? calculate_sigpending+0x7b/0xa0 [ 14.559576] ? __pfx_kthread+0x10/0x10 [ 14.559596] ret_from_fork+0x41/0x80 [ 14.559617] ? __pfx_kthread+0x10/0x10 [ 14.559636] ret_from_fork_asm+0x1a/0x30 [ 14.559678] </TASK> [ 14.559688] [ 14.567306] Allocated by task 285: [ 14.567536] kasan_save_stack+0x45/0x70 [ 14.567723] kasan_save_track+0x18/0x40 [ 14.567863] kasan_save_alloc_info+0x3b/0x50 [ 14.568095] __kasan_kmalloc+0xb7/0xc0 [ 14.568277] __kmalloc_cache_noprof+0x189/0x420 [ 14.568581] kasan_atomics+0x95/0x310 [ 14.568794] kunit_try_run_case+0x1a5/0x480 [ 14.568962] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.569140] kthread+0x337/0x6f0 [ 14.569270] ret_from_fork+0x41/0x80 [ 14.569495] ret_from_fork_asm+0x1a/0x30 [ 14.569716] [ 14.569809] The buggy address belongs to the object at ffff888103d00c80 [ 14.569809] which belongs to the cache kmalloc-64 of size 64 [ 14.570339] The buggy address is located 0 bytes to the right of [ 14.570339] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.570735] [ 14.570829] The buggy address belongs to the physical page: [ 14.571100] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.571459] flags: 0x200000000000000(node=0|zone=2) [ 14.571695] page_type: f5(slab) [ 14.571854] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.572151] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.572441] page dumped because: kasan: bad access detected [ 14.572712] [ 14.572804] Memory state around the buggy address: [ 14.573030] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.573274] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.573745] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.574009] ^ [ 14.574166] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.574504] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.574891] ================================================================== [ 14.042121] ================================================================== [ 14.042532] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 14.042907] Write of size 4 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.043385] [ 14.043522] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.043566] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.043578] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.043599] Call Trace: [ 14.043613] <TASK> [ 14.043627] dump_stack_lvl+0x73/0xb0 [ 14.043652] print_report+0xd1/0x610 [ 14.043675] ? __virt_addr_valid+0x1db/0x2d0 [ 14.043697] ? kasan_atomics_helper+0xd47/0x5450 [ 14.043719] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.043743] ? kasan_atomics_helper+0xd47/0x5450 [ 14.043766] kasan_report+0x141/0x180 [ 14.043789] ? kasan_atomics_helper+0xd47/0x5450 [ 14.043817] kasan_check_range+0x10c/0x1c0 [ 14.043838] __kasan_check_write+0x18/0x20 [ 14.043858] kasan_atomics_helper+0xd47/0x5450 [ 14.043882] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.043905] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.043927] ? kasan_atomics+0x152/0x310 [ 14.043951] kasan_atomics+0x1dc/0x310 [ 14.043971] ? __pfx_kasan_atomics+0x10/0x10 [ 14.043993] ? __pfx_read_tsc+0x10/0x10 [ 14.044013] ? ktime_get_ts64+0x86/0x230 [ 14.044039] kunit_try_run_case+0x1a5/0x480 [ 14.044060] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.044080] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.044101] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.044126] ? __kthread_parkme+0x82/0x180 [ 14.044148] ? preempt_count_sub+0x50/0x80 [ 14.044174] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.044196] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.044220] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.044255] kthread+0x337/0x6f0 [ 14.044273] ? trace_preempt_on+0x20/0xc0 [ 14.044296] ? __pfx_kthread+0x10/0x10 [ 14.044314] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.044338] ? calculate_sigpending+0x7b/0xa0 [ 14.044370] ? __pfx_kthread+0x10/0x10 [ 14.044389] ret_from_fork+0x41/0x80 [ 14.044410] ? __pfx_kthread+0x10/0x10 [ 14.044428] ret_from_fork_asm+0x1a/0x30 [ 14.044460] </TASK> [ 14.044471] [ 14.051853] Allocated by task 285: [ 14.052025] kasan_save_stack+0x45/0x70 [ 14.052201] kasan_save_track+0x18/0x40 [ 14.052373] kasan_save_alloc_info+0x3b/0x50 [ 14.052521] __kasan_kmalloc+0xb7/0xc0 [ 14.052654] __kmalloc_cache_noprof+0x189/0x420 [ 14.052882] kasan_atomics+0x95/0x310 [ 14.053068] kunit_try_run_case+0x1a5/0x480 [ 14.053283] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.053634] kthread+0x337/0x6f0 [ 14.053783] ret_from_fork+0x41/0x80 [ 14.053939] ret_from_fork_asm+0x1a/0x30 [ 14.054102] [ 14.054196] The buggy address belongs to the object at ffff888103d00c80 [ 14.054196] which belongs to the cache kmalloc-64 of size 64 [ 14.054665] The buggy address is located 0 bytes to the right of [ 14.054665] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.055106] [ 14.055178] The buggy address belongs to the physical page: [ 14.055363] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.055626] flags: 0x200000000000000(node=0|zone=2) [ 14.055864] page_type: f5(slab) [ 14.056029] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.056534] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.056761] page dumped because: kasan: bad access detected [ 14.056937] [ 14.057006] Memory state around the buggy address: [ 14.057232] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.057780] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.058112] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.058418] ^ [ 14.058642] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.058905] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.059175] ================================================================== [ 13.907536] ================================================================== [ 13.907947] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 13.908433] Write of size 4 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 13.908825] [ 13.908930] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 13.909219] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.909246] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.909269] Call Trace: [ 13.909291] <TASK> [ 13.909311] dump_stack_lvl+0x73/0xb0 [ 13.909339] print_report+0xd1/0x610 [ 13.909375] ? __virt_addr_valid+0x1db/0x2d0 [ 13.909399] ? kasan_atomics_helper+0x8f9/0x5450 [ 13.909421] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.909445] ? kasan_atomics_helper+0x8f9/0x5450 [ 13.909468] kasan_report+0x141/0x180 [ 13.909493] ? kasan_atomics_helper+0x8f9/0x5450 [ 13.909523] kasan_check_range+0x10c/0x1c0 [ 13.909546] __kasan_check_write+0x18/0x20 [ 13.909566] kasan_atomics_helper+0x8f9/0x5450 [ 13.909590] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.909614] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.909637] ? kasan_atomics+0x152/0x310 [ 13.909661] kasan_atomics+0x1dc/0x310 [ 13.909681] ? __pfx_kasan_atomics+0x10/0x10 [ 13.909703] ? __pfx_read_tsc+0x10/0x10 [ 13.909725] ? ktime_get_ts64+0x86/0x230 [ 13.909753] kunit_try_run_case+0x1a5/0x480 [ 13.909775] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.909794] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.909816] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.909841] ? __kthread_parkme+0x82/0x180 [ 13.909864] ? preempt_count_sub+0x50/0x80 [ 13.909890] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.909911] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.909935] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.909960] kthread+0x337/0x6f0 [ 13.909977] ? trace_preempt_on+0x20/0xc0 [ 13.910001] ? __pfx_kthread+0x10/0x10 [ 13.910020] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.910042] ? calculate_sigpending+0x7b/0xa0 [ 13.910064] ? __pfx_kthread+0x10/0x10 [ 13.910084] ret_from_fork+0x41/0x80 [ 13.910105] ? __pfx_kthread+0x10/0x10 [ 13.910123] ret_from_fork_asm+0x1a/0x30 [ 13.910155] </TASK> [ 13.910167] [ 13.920727] Allocated by task 285: [ 13.920927] kasan_save_stack+0x45/0x70 [ 13.921128] kasan_save_track+0x18/0x40 [ 13.921323] kasan_save_alloc_info+0x3b/0x50 [ 13.921832] __kasan_kmalloc+0xb7/0xc0 [ 13.922136] __kmalloc_cache_noprof+0x189/0x420 [ 13.922367] kasan_atomics+0x95/0x310 [ 13.922613] kunit_try_run_case+0x1a5/0x480 [ 13.922968] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.923289] kthread+0x337/0x6f0 [ 13.923469] ret_from_fork+0x41/0x80 [ 13.923792] ret_from_fork_asm+0x1a/0x30 [ 13.924087] [ 13.924189] The buggy address belongs to the object at ffff888103d00c80 [ 13.924189] which belongs to the cache kmalloc-64 of size 64 [ 13.924893] The buggy address is located 0 bytes to the right of [ 13.924893] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 13.925598] [ 13.925698] The buggy address belongs to the physical page: [ 13.925887] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 13.926259] flags: 0x200000000000000(node=0|zone=2) [ 13.926578] page_type: f5(slab) [ 13.926724] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.927053] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.927740] page dumped because: kasan: bad access detected [ 13.927926] [ 13.928192] Memory state around the buggy address: [ 13.928467] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.928834] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.929215] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.929684] ^ [ 13.929933] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.930239] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.930700] ================================================================== [ 14.182670] ================================================================== [ 14.183007] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 14.183327] Read of size 4 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.184063] [ 14.184178] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.184249] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.184262] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.184284] Call Trace: [ 14.184302] <TASK> [ 14.184317] dump_stack_lvl+0x73/0xb0 [ 14.184363] print_report+0xd1/0x610 [ 14.184386] ? __virt_addr_valid+0x1db/0x2d0 [ 14.184417] ? kasan_atomics_helper+0x4a1c/0x5450 [ 14.184439] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.184462] ? kasan_atomics_helper+0x4a1c/0x5450 [ 14.184496] kasan_report+0x141/0x180 [ 14.184519] ? kasan_atomics_helper+0x4a1c/0x5450 [ 14.184546] __asan_report_load4_noabort+0x18/0x20 [ 14.184568] kasan_atomics_helper+0x4a1c/0x5450 [ 14.184592] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.184615] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.184636] ? kasan_atomics+0x152/0x310 [ 14.184660] kasan_atomics+0x1dc/0x310 [ 14.184680] ? __pfx_kasan_atomics+0x10/0x10 [ 14.184701] ? __pfx_read_tsc+0x10/0x10 [ 14.184722] ? ktime_get_ts64+0x86/0x230 [ 14.184747] kunit_try_run_case+0x1a5/0x480 [ 14.184769] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.184788] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.184809] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.184834] ? __kthread_parkme+0x82/0x180 [ 14.184856] ? preempt_count_sub+0x50/0x80 [ 14.184884] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.184906] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.184934] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.184958] kthread+0x337/0x6f0 [ 14.184975] ? trace_preempt_on+0x20/0xc0 [ 14.185000] ? __pfx_kthread+0x10/0x10 [ 14.185087] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.185111] ? calculate_sigpending+0x7b/0xa0 [ 14.185133] ? __pfx_kthread+0x10/0x10 [ 14.185153] ret_from_fork+0x41/0x80 [ 14.185175] ? __pfx_kthread+0x10/0x10 [ 14.185193] ret_from_fork_asm+0x1a/0x30 [ 14.185235] </TASK> [ 14.185247] [ 14.192658] Allocated by task 285: [ 14.192791] kasan_save_stack+0x45/0x70 [ 14.192938] kasan_save_track+0x18/0x40 [ 14.193074] kasan_save_alloc_info+0x3b/0x50 [ 14.193220] __kasan_kmalloc+0xb7/0xc0 [ 14.193460] __kmalloc_cache_noprof+0x189/0x420 [ 14.193679] kasan_atomics+0x95/0x310 [ 14.193860] kunit_try_run_case+0x1a5/0x480 [ 14.194064] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.194319] kthread+0x337/0x6f0 [ 14.194498] ret_from_fork+0x41/0x80 [ 14.194679] ret_from_fork_asm+0x1a/0x30 [ 14.194874] [ 14.194966] The buggy address belongs to the object at ffff888103d00c80 [ 14.194966] which belongs to the cache kmalloc-64 of size 64 [ 14.195503] The buggy address is located 0 bytes to the right of [ 14.195503] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.195870] [ 14.195942] The buggy address belongs to the physical page: [ 14.196117] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.196537] flags: 0x200000000000000(node=0|zone=2) [ 14.196773] page_type: f5(slab) [ 14.196949] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.197315] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.197691] page dumped because: kasan: bad access detected [ 14.197904] [ 14.198016] Memory state around the buggy address: [ 14.198196] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.198468] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.198792] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.199117] ^ [ 14.199319] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.199602] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.199815] ================================================================== [ 14.287250] ================================================================== [ 14.288411] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 14.289115] Write of size 4 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.289918] [ 14.290112] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.290171] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.290185] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.290219] Call Trace: [ 14.290248] <TASK> [ 14.290265] dump_stack_lvl+0x73/0xb0 [ 14.290304] print_report+0xd1/0x610 [ 14.290327] ? __virt_addr_valid+0x1db/0x2d0 [ 14.290369] ? kasan_atomics_helper+0x12e6/0x5450 [ 14.290392] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.290416] ? kasan_atomics_helper+0x12e6/0x5450 [ 14.290439] kasan_report+0x141/0x180 [ 14.290462] ? kasan_atomics_helper+0x12e6/0x5450 [ 14.290499] kasan_check_range+0x10c/0x1c0 [ 14.290520] __kasan_check_write+0x18/0x20 [ 14.290541] kasan_atomics_helper+0x12e6/0x5450 [ 14.290577] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.290600] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.290623] ? kasan_atomics+0x152/0x310 [ 14.290657] kasan_atomics+0x1dc/0x310 [ 14.290677] ? __pfx_kasan_atomics+0x10/0x10 [ 14.290698] ? __pfx_read_tsc+0x10/0x10 [ 14.290719] ? ktime_get_ts64+0x86/0x230 [ 14.290745] kunit_try_run_case+0x1a5/0x480 [ 14.290768] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.290787] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.290809] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.290834] ? __kthread_parkme+0x82/0x180 [ 14.290856] ? preempt_count_sub+0x50/0x80 [ 14.290883] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.290904] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.290928] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.290951] kthread+0x337/0x6f0 [ 14.290968] ? trace_preempt_on+0x20/0xc0 [ 14.290993] ? __pfx_kthread+0x10/0x10 [ 14.291012] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.291034] ? calculate_sigpending+0x7b/0xa0 [ 14.291057] ? __pfx_kthread+0x10/0x10 [ 14.291076] ret_from_fork+0x41/0x80 [ 14.291097] ? __pfx_kthread+0x10/0x10 [ 14.291116] ret_from_fork_asm+0x1a/0x30 [ 14.291148] </TASK> [ 14.291159] [ 14.301810] Allocated by task 285: [ 14.302006] kasan_save_stack+0x45/0x70 [ 14.302198] kasan_save_track+0x18/0x40 [ 14.302432] kasan_save_alloc_info+0x3b/0x50 [ 14.302581] __kasan_kmalloc+0xb7/0xc0 [ 14.302715] __kmalloc_cache_noprof+0x189/0x420 [ 14.302928] kasan_atomics+0x95/0x310 [ 14.303114] kunit_try_run_case+0x1a5/0x480 [ 14.303367] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.303573] kthread+0x337/0x6f0 [ 14.303692] ret_from_fork+0x41/0x80 [ 14.303832] ret_from_fork_asm+0x1a/0x30 [ 14.304029] [ 14.304133] The buggy address belongs to the object at ffff888103d00c80 [ 14.304133] which belongs to the cache kmalloc-64 of size 64 [ 14.304814] The buggy address is located 0 bytes to the right of [ 14.304814] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.305343] [ 14.305445] The buggy address belongs to the physical page: [ 14.305691] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.306023] flags: 0x200000000000000(node=0|zone=2) [ 14.306282] page_type: f5(slab) [ 14.306441] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.306796] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.307022] page dumped because: kasan: bad access detected [ 14.307199] [ 14.307379] Memory state around the buggy address: [ 14.307626] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.307941] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.308266] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.308586] ^ [ 14.308741] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.309007] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.309351] ================================================================== [ 14.739173] ================================================================== [ 14.739895] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 14.740256] Write of size 8 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.740616] [ 14.740726] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.740769] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.740781] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.740802] Call Trace: [ 14.740817] <TASK> [ 14.740832] dump_stack_lvl+0x73/0xb0 [ 14.740857] print_report+0xd1/0x610 [ 14.740879] ? __virt_addr_valid+0x1db/0x2d0 [ 14.740901] ? kasan_atomics_helper+0x1f43/0x5450 [ 14.740928] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.740951] ? kasan_atomics_helper+0x1f43/0x5450 [ 14.740974] kasan_report+0x141/0x180 [ 14.740997] ? kasan_atomics_helper+0x1f43/0x5450 [ 14.741025] kasan_check_range+0x10c/0x1c0 [ 14.741046] __kasan_check_write+0x18/0x20 [ 14.741067] kasan_atomics_helper+0x1f43/0x5450 [ 14.741090] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.741114] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.741136] ? kasan_atomics+0x152/0x310 [ 14.741160] kasan_atomics+0x1dc/0x310 [ 14.741180] ? __pfx_kasan_atomics+0x10/0x10 [ 14.741202] ? __pfx_read_tsc+0x10/0x10 [ 14.741233] ? ktime_get_ts64+0x86/0x230 [ 14.741259] kunit_try_run_case+0x1a5/0x480 [ 14.741281] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.741301] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.741323] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.741368] ? __kthread_parkme+0x82/0x180 [ 14.741390] ? preempt_count_sub+0x50/0x80 [ 14.741416] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.741437] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.741461] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.741485] kthread+0x337/0x6f0 [ 14.741503] ? trace_preempt_on+0x20/0xc0 [ 14.741527] ? __pfx_kthread+0x10/0x10 [ 14.741546] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.741569] ? calculate_sigpending+0x7b/0xa0 [ 14.741591] ? __pfx_kthread+0x10/0x10 [ 14.741609] ret_from_fork+0x41/0x80 [ 14.741631] ? __pfx_kthread+0x10/0x10 [ 14.741649] ret_from_fork_asm+0x1a/0x30 [ 14.741680] </TASK> [ 14.741690] [ 14.748802] Allocated by task 285: [ 14.748985] kasan_save_stack+0x45/0x70 [ 14.749200] kasan_save_track+0x18/0x40 [ 14.749503] kasan_save_alloc_info+0x3b/0x50 [ 14.749681] __kasan_kmalloc+0xb7/0xc0 [ 14.749846] __kmalloc_cache_noprof+0x189/0x420 [ 14.750087] kasan_atomics+0x95/0x310 [ 14.750326] kunit_try_run_case+0x1a5/0x480 [ 14.750590] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.750877] kthread+0x337/0x6f0 [ 14.751051] ret_from_fork+0x41/0x80 [ 14.751241] ret_from_fork_asm+0x1a/0x30 [ 14.751465] [ 14.751558] The buggy address belongs to the object at ffff888103d00c80 [ 14.751558] which belongs to the cache kmalloc-64 of size 64 [ 14.752075] The buggy address is located 0 bytes to the right of [ 14.752075] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.752651] [ 14.752747] The buggy address belongs to the physical page: [ 14.752999] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.753371] flags: 0x200000000000000(node=0|zone=2) [ 14.753600] page_type: f5(slab) [ 14.753767] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.754020] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.754382] page dumped because: kasan: bad access detected [ 14.754652] [ 14.754733] Memory state around the buggy address: [ 14.754961] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.755263] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.755583] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.755890] ^ [ 14.756125] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.756444] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.756744] ================================================================== [ 14.401191] ================================================================== [ 14.402068] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 14.402410] Write of size 8 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.402714] [ 14.402835] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.402886] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.402899] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.402920] Call Trace: [ 14.402935] <TASK> [ 14.402961] dump_stack_lvl+0x73/0xb0 [ 14.402986] print_report+0xd1/0x610 [ 14.403009] ? __virt_addr_valid+0x1db/0x2d0 [ 14.403042] ? kasan_atomics_helper+0x151d/0x5450 [ 14.403065] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.403088] ? kasan_atomics_helper+0x151d/0x5450 [ 14.403123] kasan_report+0x141/0x180 [ 14.403146] ? kasan_atomics_helper+0x151d/0x5450 [ 14.403174] kasan_check_range+0x10c/0x1c0 [ 14.403205] __kasan_check_write+0x18/0x20 [ 14.403241] kasan_atomics_helper+0x151d/0x5450 [ 14.403264] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.403287] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.403321] ? kasan_atomics+0x152/0x310 [ 14.403345] kasan_atomics+0x1dc/0x310 [ 14.403374] ? __pfx_kasan_atomics+0x10/0x10 [ 14.403415] ? __pfx_read_tsc+0x10/0x10 [ 14.403436] ? ktime_get_ts64+0x86/0x230 [ 14.403462] kunit_try_run_case+0x1a5/0x480 [ 14.403494] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.403514] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.403535] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.403561] ? __kthread_parkme+0x82/0x180 [ 14.403583] ? preempt_count_sub+0x50/0x80 [ 14.403610] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.403630] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.403711] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.403739] kthread+0x337/0x6f0 [ 14.403758] ? trace_preempt_on+0x20/0xc0 [ 14.403782] ? __pfx_kthread+0x10/0x10 [ 14.403801] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.403825] ? calculate_sigpending+0x7b/0xa0 [ 14.403847] ? __pfx_kthread+0x10/0x10 [ 14.403866] ret_from_fork+0x41/0x80 [ 14.403887] ? __pfx_kthread+0x10/0x10 [ 14.403917] ret_from_fork_asm+0x1a/0x30 [ 14.403948] </TASK> [ 14.403958] [ 14.411903] Allocated by task 285: [ 14.412118] kasan_save_stack+0x45/0x70 [ 14.412357] kasan_save_track+0x18/0x40 [ 14.412587] kasan_save_alloc_info+0x3b/0x50 [ 14.412788] __kasan_kmalloc+0xb7/0xc0 [ 14.413027] __kmalloc_cache_noprof+0x189/0x420 [ 14.413283] kasan_atomics+0x95/0x310 [ 14.413543] kunit_try_run_case+0x1a5/0x480 [ 14.413733] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.413904] kthread+0x337/0x6f0 [ 14.414018] ret_from_fork+0x41/0x80 [ 14.414196] ret_from_fork_asm+0x1a/0x30 [ 14.414430] [ 14.414525] The buggy address belongs to the object at ffff888103d00c80 [ 14.414525] which belongs to the cache kmalloc-64 of size 64 [ 14.415078] The buggy address is located 0 bytes to the right of [ 14.415078] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.415671] [ 14.415794] The buggy address belongs to the physical page: [ 14.416011] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.416429] flags: 0x200000000000000(node=0|zone=2) [ 14.416589] page_type: f5(slab) [ 14.416704] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.416931] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.417150] page dumped because: kasan: bad access detected [ 14.417373] [ 14.417466] Memory state around the buggy address: [ 14.417689] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.418010] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.418384] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.418758] ^ [ 14.419013] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.419365] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.419694] ================================================================== [ 14.060546] ================================================================== [ 14.060798] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 14.061043] Write of size 4 at addr ffff888103d00cb0 by task kunit_try_catch/285 [ 14.061714] [ 14.061959] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 14.062004] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.062018] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.062038] Call Trace: [ 14.062055] <TASK> [ 14.062070] dump_stack_lvl+0x73/0xb0 [ 14.062096] print_report+0xd1/0x610 [ 14.062119] ? __virt_addr_valid+0x1db/0x2d0 [ 14.062140] ? kasan_atomics_helper+0xde0/0x5450 [ 14.062162] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.062186] ? kasan_atomics_helper+0xde0/0x5450 [ 14.062208] kasan_report+0x141/0x180 [ 14.062244] ? kasan_atomics_helper+0xde0/0x5450 [ 14.062273] kasan_check_range+0x10c/0x1c0 [ 14.062294] __kasan_check_write+0x18/0x20 [ 14.062314] kasan_atomics_helper+0xde0/0x5450 [ 14.062338] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.062371] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.062393] ? kasan_atomics+0x152/0x310 [ 14.062418] kasan_atomics+0x1dc/0x310 [ 14.062438] ? __pfx_kasan_atomics+0x10/0x10 [ 14.062460] ? __pfx_read_tsc+0x10/0x10 [ 14.062481] ? ktime_get_ts64+0x86/0x230 [ 14.062506] kunit_try_run_case+0x1a5/0x480 [ 14.062528] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.062547] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.062569] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.062594] ? __kthread_parkme+0x82/0x180 [ 14.062616] ? preempt_count_sub+0x50/0x80 [ 14.062642] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.062663] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.062687] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.062712] kthread+0x337/0x6f0 [ 14.062730] ? trace_preempt_on+0x20/0xc0 [ 14.062754] ? __pfx_kthread+0x10/0x10 [ 14.062773] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.062796] ? calculate_sigpending+0x7b/0xa0 [ 14.062817] ? __pfx_kthread+0x10/0x10 [ 14.062837] ret_from_fork+0x41/0x80 [ 14.062858] ? __pfx_kthread+0x10/0x10 [ 14.062876] ret_from_fork_asm+0x1a/0x30 [ 14.062908] </TASK> [ 14.062920] [ 14.070164] Allocated by task 285: [ 14.070306] kasan_save_stack+0x45/0x70 [ 14.070679] kasan_save_track+0x18/0x40 [ 14.070870] kasan_save_alloc_info+0x3b/0x50 [ 14.071076] __kasan_kmalloc+0xb7/0xc0 [ 14.071274] __kmalloc_cache_noprof+0x189/0x420 [ 14.071573] kasan_atomics+0x95/0x310 [ 14.071840] kunit_try_run_case+0x1a5/0x480 [ 14.072032] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.072205] kthread+0x337/0x6f0 [ 14.072331] ret_from_fork+0x41/0x80 [ 14.072462] ret_from_fork_asm+0x1a/0x30 [ 14.072671] [ 14.072765] The buggy address belongs to the object at ffff888103d00c80 [ 14.072765] which belongs to the cache kmalloc-64 of size 64 [ 14.073308] The buggy address is located 0 bytes to the right of [ 14.073308] allocated 48-byte region [ffff888103d00c80, ffff888103d00cb0) [ 14.073904] [ 14.074008] The buggy address belongs to the physical page: [ 14.074268] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d00 [ 14.074527] flags: 0x200000000000000(node=0|zone=2) [ 14.074691] page_type: f5(slab) [ 14.074812] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.075042] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.075356] page dumped because: kasan: bad access detected [ 14.075604] [ 14.075696] Memory state around the buggy address: [ 14.075914] ffff888103d00b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.076237] ffff888103d00c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.076805] >ffff888103d00c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.077031] ^ [ 14.077185] ffff888103d00d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.077415] ffff888103d00d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.077629] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 13.371553] ================================================================== [ 13.372241] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.372740] Write of size 8 at addr ffff888102219668 by task kunit_try_catch/281 [ 13.373194] [ 13.373303] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 13.373348] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.373359] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.373380] Call Trace: [ 13.373405] <TASK> [ 13.373422] dump_stack_lvl+0x73/0xb0 [ 13.373447] print_report+0xd1/0x610 [ 13.373469] ? __virt_addr_valid+0x1db/0x2d0 [ 13.373490] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.373512] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.373534] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.373557] kasan_report+0x141/0x180 [ 13.373579] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.373608] kasan_check_range+0x10c/0x1c0 [ 13.373628] __kasan_check_write+0x18/0x20 [ 13.373647] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.373682] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.373706] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.373727] ? trace_hardirqs_on+0x37/0xe0 [ 13.373749] ? kasan_bitops_generic+0x92/0x1c0 [ 13.373773] kasan_bitops_generic+0x121/0x1c0 [ 13.373792] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.373813] ? __pfx_read_tsc+0x10/0x10 [ 13.373833] ? ktime_get_ts64+0x86/0x230 [ 13.373859] kunit_try_run_case+0x1a5/0x480 [ 13.373879] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.373897] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 13.373920] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.373944] ? __kthread_parkme+0x82/0x180 [ 13.373966] ? preempt_count_sub+0x50/0x80 [ 13.373993] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.374014] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.374039] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.374062] kthread+0x337/0x6f0 [ 13.374079] ? trace_preempt_on+0x20/0xc0 [ 13.374101] ? __pfx_kthread+0x10/0x10 [ 13.374118] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.374140] ? calculate_sigpending+0x7b/0xa0 [ 13.374161] ? __pfx_kthread+0x10/0x10 [ 13.374179] ret_from_fork+0x41/0x80 [ 13.374199] ? __pfx_kthread+0x10/0x10 [ 13.374217] ret_from_fork_asm+0x1a/0x30 [ 13.374259] </TASK> [ 13.374270] [ 13.382908] Allocated by task 281: [ 13.383044] kasan_save_stack+0x45/0x70 [ 13.383192] kasan_save_track+0x18/0x40 [ 13.383337] kasan_save_alloc_info+0x3b/0x50 [ 13.383523] __kasan_kmalloc+0xb7/0xc0 [ 13.383706] __kmalloc_cache_noprof+0x189/0x420 [ 13.383918] kasan_bitops_generic+0x92/0x1c0 [ 13.384405] kunit_try_run_case+0x1a5/0x480 [ 13.384870] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.385139] kthread+0x337/0x6f0 [ 13.385277] ret_from_fork+0x41/0x80 [ 13.385529] ret_from_fork_asm+0x1a/0x30 [ 13.385829] [ 13.385931] The buggy address belongs to the object at ffff888102219660 [ 13.385931] which belongs to the cache kmalloc-16 of size 16 [ 13.386428] The buggy address is located 8 bytes inside of [ 13.386428] allocated 9-byte region [ffff888102219660, ffff888102219669) [ 13.386925] [ 13.387025] The buggy address belongs to the physical page: [ 13.387275] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102219 [ 13.387558] flags: 0x200000000000000(node=0|zone=2) [ 13.387862] page_type: f5(slab) [ 13.388026] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.388308] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.388793] page dumped because: kasan: bad access detected [ 13.389034] [ 13.389126] Memory state around the buggy address: [ 13.389314] ffff888102219500: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 13.389689] ffff888102219580: 00 05 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 13.389907] >ffff888102219600: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.390118] ^ [ 13.391318] ffff888102219680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.392824] ffff888102219700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.393858] ================================================================== [ 13.481474] ================================================================== [ 13.482027] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.482446] Write of size 8 at addr ffff888102219668 by task kunit_try_catch/281 [ 13.482809] [ 13.482906] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 13.482967] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.482978] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.482998] Call Trace: [ 13.483016] <TASK> [ 13.483031] dump_stack_lvl+0x73/0xb0 [ 13.483056] print_report+0xd1/0x610 [ 13.483079] ? __virt_addr_valid+0x1db/0x2d0 [ 13.483301] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.483333] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.483368] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.483690] kasan_report+0x141/0x180 [ 13.483715] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.483744] kasan_check_range+0x10c/0x1c0 [ 13.483764] __kasan_check_write+0x18/0x20 [ 13.483784] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.483807] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.483832] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.483852] ? trace_hardirqs_on+0x37/0xe0 [ 13.483875] ? kasan_bitops_generic+0x92/0x1c0 [ 13.483899] kasan_bitops_generic+0x121/0x1c0 [ 13.483919] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.483940] ? __pfx_read_tsc+0x10/0x10 [ 13.483960] ? ktime_get_ts64+0x86/0x230 [ 13.483985] kunit_try_run_case+0x1a5/0x480 [ 13.484007] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.484025] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 13.484046] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.484070] ? __kthread_parkme+0x82/0x180 [ 13.484425] ? preempt_count_sub+0x50/0x80 [ 13.484453] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.484475] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.484517] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.484541] kthread+0x337/0x6f0 [ 13.484558] ? trace_preempt_on+0x20/0xc0 [ 13.484581] ? __pfx_kthread+0x10/0x10 [ 13.484710] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.484739] ? calculate_sigpending+0x7b/0xa0 [ 13.484761] ? __pfx_kthread+0x10/0x10 [ 13.484780] ret_from_fork+0x41/0x80 [ 13.484801] ? __pfx_kthread+0x10/0x10 [ 13.484819] ret_from_fork_asm+0x1a/0x30 [ 13.484851] </TASK> [ 13.484862] [ 13.497273] Allocated by task 281: [ 13.497670] kasan_save_stack+0x45/0x70 [ 13.497870] kasan_save_track+0x18/0x40 [ 13.498055] kasan_save_alloc_info+0x3b/0x50 [ 13.498265] __kasan_kmalloc+0xb7/0xc0 [ 13.498814] __kmalloc_cache_noprof+0x189/0x420 [ 13.499016] kasan_bitops_generic+0x92/0x1c0 [ 13.499235] kunit_try_run_case+0x1a5/0x480 [ 13.499430] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.499638] kthread+0x337/0x6f0 [ 13.499858] ret_from_fork+0x41/0x80 [ 13.500029] ret_from_fork_asm+0x1a/0x30 [ 13.500233] [ 13.500321] The buggy address belongs to the object at ffff888102219660 [ 13.500321] which belongs to the cache kmalloc-16 of size 16 [ 13.500860] The buggy address is located 8 bytes inside of [ 13.500860] allocated 9-byte region [ffff888102219660, ffff888102219669) [ 13.501351] [ 13.501465] The buggy address belongs to the physical page: [ 13.501745] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102219 [ 13.501992] flags: 0x200000000000000(node=0|zone=2) [ 13.502198] page_type: f5(slab) [ 13.502373] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.502723] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.502947] page dumped because: kasan: bad access detected [ 13.503417] [ 13.503610] Memory state around the buggy address: [ 13.504069] ffff888102219500: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 13.504316] ffff888102219580: 00 05 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 13.504628] >ffff888102219600: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.504997] ^ [ 13.505277] ffff888102219680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.505537] ffff888102219700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.505785] ================================================================== [ 13.506264] ================================================================== [ 13.506818] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.507181] Write of size 8 at addr ffff888102219668 by task kunit_try_catch/281 [ 13.507492] [ 13.507605] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 13.507650] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.507661] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.507683] Call Trace: [ 13.507700] <TASK> [ 13.507715] dump_stack_lvl+0x73/0xb0 [ 13.507740] print_report+0xd1/0x610 [ 13.507762] ? __virt_addr_valid+0x1db/0x2d0 [ 13.507783] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.507806] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.507828] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.507851] kasan_report+0x141/0x180 [ 13.507874] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.507902] kasan_check_range+0x10c/0x1c0 [ 13.507921] __kasan_check_write+0x18/0x20 [ 13.507941] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.507964] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.507988] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.508007] ? trace_hardirqs_on+0x37/0xe0 [ 13.508029] ? kasan_bitops_generic+0x92/0x1c0 [ 13.508053] kasan_bitops_generic+0x121/0x1c0 [ 13.508072] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.508094] ? __pfx_read_tsc+0x10/0x10 [ 13.508114] ? ktime_get_ts64+0x86/0x230 [ 13.508139] kunit_try_run_case+0x1a5/0x480 [ 13.508159] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.508178] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 13.508198] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.508232] ? __kthread_parkme+0x82/0x180 [ 13.508254] ? preempt_count_sub+0x50/0x80 [ 13.508281] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.508302] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.508325] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.508349] kthread+0x337/0x6f0 [ 13.508366] ? trace_preempt_on+0x20/0xc0 [ 13.508388] ? __pfx_kthread+0x10/0x10 [ 13.508406] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.508428] ? calculate_sigpending+0x7b/0xa0 [ 13.508449] ? __pfx_kthread+0x10/0x10 [ 13.508467] ret_from_fork+0x41/0x80 [ 13.508488] ? __pfx_kthread+0x10/0x10 [ 13.508505] ret_from_fork_asm+0x1a/0x30 [ 13.508537] </TASK> [ 13.508547] [ 13.517114] Allocated by task 281: [ 13.517296] kasan_save_stack+0x45/0x70 [ 13.517507] kasan_save_track+0x18/0x40 [ 13.517644] kasan_save_alloc_info+0x3b/0x50 [ 13.517791] __kasan_kmalloc+0xb7/0xc0 [ 13.517969] __kmalloc_cache_noprof+0x189/0x420 [ 13.518187] kasan_bitops_generic+0x92/0x1c0 [ 13.518405] kunit_try_run_case+0x1a5/0x480 [ 13.518654] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.519053] kthread+0x337/0x6f0 [ 13.519220] ret_from_fork+0x41/0x80 [ 13.519432] ret_from_fork_asm+0x1a/0x30 [ 13.519574] [ 13.519709] The buggy address belongs to the object at ffff888102219660 [ 13.519709] which belongs to the cache kmalloc-16 of size 16 [ 13.520216] The buggy address is located 8 bytes inside of [ 13.520216] allocated 9-byte region [ffff888102219660, ffff888102219669) [ 13.520779] [ 13.520862] The buggy address belongs to the physical page: [ 13.521083] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102219 [ 13.521417] flags: 0x200000000000000(node=0|zone=2) [ 13.521589] page_type: f5(slab) [ 13.521800] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.522126] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.522551] page dumped because: kasan: bad access detected [ 13.522809] [ 13.522903] Memory state around the buggy address: [ 13.523106] ffff888102219500: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 13.523433] ffff888102219580: 00 05 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 13.523890] >ffff888102219600: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.524177] ^ [ 13.524487] ffff888102219680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.524846] ffff888102219700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.525140] ================================================================== [ 13.574140] ================================================================== [ 13.574659] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.575050] Read of size 8 at addr ffff888102219668 by task kunit_try_catch/281 [ 13.575313] [ 13.575420] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 13.575468] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.575479] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.575503] Call Trace: [ 13.575514] <TASK> [ 13.575544] dump_stack_lvl+0x73/0xb0 [ 13.575570] print_report+0xd1/0x610 [ 13.575593] ? __virt_addr_valid+0x1db/0x2d0 [ 13.575614] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.575639] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.575662] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.575687] kasan_report+0x141/0x180 [ 13.575710] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.575740] __asan_report_load8_noabort+0x18/0x20 [ 13.575761] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.575796] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.575822] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.575845] ? trace_hardirqs_on+0x37/0xe0 [ 13.575871] ? kasan_bitops_generic+0x92/0x1c0 [ 13.575897] kasan_bitops_generic+0x121/0x1c0 [ 13.575918] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.575941] ? __pfx_read_tsc+0x10/0x10 [ 13.575961] ? ktime_get_ts64+0x86/0x230 [ 13.575987] kunit_try_run_case+0x1a5/0x480 [ 13.576008] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.576027] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 13.576049] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.576074] ? __kthread_parkme+0x82/0x180 [ 13.576095] ? preempt_count_sub+0x50/0x80 [ 13.576122] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.576143] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.576167] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.576192] kthread+0x337/0x6f0 [ 13.576209] ? trace_preempt_on+0x20/0xc0 [ 13.576242] ? __pfx_kthread+0x10/0x10 [ 13.576260] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.576283] ? calculate_sigpending+0x7b/0xa0 [ 13.576305] ? __pfx_kthread+0x10/0x10 [ 13.576324] ret_from_fork+0x41/0x80 [ 13.576345] ? __pfx_kthread+0x10/0x10 [ 13.576363] ret_from_fork_asm+0x1a/0x30 [ 13.576395] </TASK> [ 13.576405] [ 13.585160] Allocated by task 281: [ 13.585340] kasan_save_stack+0x45/0x70 [ 13.585543] kasan_save_track+0x18/0x40 [ 13.585787] kasan_save_alloc_info+0x3b/0x50 [ 13.585964] __kasan_kmalloc+0xb7/0xc0 [ 13.586143] __kmalloc_cache_noprof+0x189/0x420 [ 13.586367] kasan_bitops_generic+0x92/0x1c0 [ 13.586560] kunit_try_run_case+0x1a5/0x480 [ 13.586791] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.586966] kthread+0x337/0x6f0 [ 13.587085] ret_from_fork+0x41/0x80 [ 13.587214] ret_from_fork_asm+0x1a/0x30 [ 13.587431] [ 13.587530] The buggy address belongs to the object at ffff888102219660 [ 13.587530] which belongs to the cache kmalloc-16 of size 16 [ 13.588230] The buggy address is located 8 bytes inside of [ 13.588230] allocated 9-byte region [ffff888102219660, ffff888102219669) [ 13.588596] [ 13.588774] The buggy address belongs to the physical page: [ 13.589327] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102219 [ 13.589627] flags: 0x200000000000000(node=0|zone=2) [ 13.590014] page_type: f5(slab) [ 13.590139] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.590452] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.590834] page dumped because: kasan: bad access detected [ 13.591164] [ 13.591241] Memory state around the buggy address: [ 13.591556] ffff888102219500: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 13.591860] ffff888102219580: 00 05 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 13.592147] >ffff888102219600: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.592482] ^ [ 13.592680] ffff888102219680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.592894] ffff888102219700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.593110] ================================================================== [ 13.395027] ================================================================== [ 13.395578] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.395859] Write of size 8 at addr ffff888102219668 by task kunit_try_catch/281 [ 13.396082] [ 13.396170] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 13.396213] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.396235] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.396257] Call Trace: [ 13.396274] <TASK> [ 13.396289] dump_stack_lvl+0x73/0xb0 [ 13.396314] print_report+0xd1/0x610 [ 13.396336] ? __virt_addr_valid+0x1db/0x2d0 [ 13.396356] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.396379] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.396401] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.396425] kasan_report+0x141/0x180 [ 13.396447] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.396474] kasan_check_range+0x10c/0x1c0 [ 13.396493] __kasan_check_write+0x18/0x20 [ 13.396513] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.396536] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.396562] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.396583] ? trace_hardirqs_on+0x37/0xe0 [ 13.396605] ? kasan_bitops_generic+0x92/0x1c0 [ 13.396628] kasan_bitops_generic+0x121/0x1c0 [ 13.396647] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.396668] ? __pfx_read_tsc+0x10/0x10 [ 13.396688] ? ktime_get_ts64+0x86/0x230 [ 13.396713] kunit_try_run_case+0x1a5/0x480 [ 13.396733] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.396750] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 13.396771] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.396794] ? __kthread_parkme+0x82/0x180 [ 13.396816] ? preempt_count_sub+0x50/0x80 [ 13.396843] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.396863] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.396886] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.396909] kthread+0x337/0x6f0 [ 13.396931] ? trace_preempt_on+0x20/0xc0 [ 13.396952] ? __pfx_kthread+0x10/0x10 [ 13.396970] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.396991] ? calculate_sigpending+0x7b/0xa0 [ 13.397012] ? __pfx_kthread+0x10/0x10 [ 13.397030] ret_from_fork+0x41/0x80 [ 13.397050] ? __pfx_kthread+0x10/0x10 [ 13.397067] ret_from_fork_asm+0x1a/0x30 [ 13.397097] </TASK> [ 13.397107] [ 13.414134] Allocated by task 281: [ 13.414510] kasan_save_stack+0x45/0x70 [ 13.414917] kasan_save_track+0x18/0x40 [ 13.415306] kasan_save_alloc_info+0x3b/0x50 [ 13.415621] __kasan_kmalloc+0xb7/0xc0 [ 13.416036] __kmalloc_cache_noprof+0x189/0x420 [ 13.416380] kasan_bitops_generic+0x92/0x1c0 [ 13.416660] kunit_try_run_case+0x1a5/0x480 [ 13.417115] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.417307] kthread+0x337/0x6f0 [ 13.417454] ret_from_fork+0x41/0x80 [ 13.417823] ret_from_fork_asm+0x1a/0x30 [ 13.418439] [ 13.418617] The buggy address belongs to the object at ffff888102219660 [ 13.418617] which belongs to the cache kmalloc-16 of size 16 [ 13.419876] The buggy address is located 8 bytes inside of [ 13.419876] allocated 9-byte region [ffff888102219660, ffff888102219669) [ 13.420373] [ 13.420544] The buggy address belongs to the physical page: [ 13.421106] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102219 [ 13.421965] flags: 0x200000000000000(node=0|zone=2) [ 13.422445] page_type: f5(slab) [ 13.422732] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.423431] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.423663] page dumped because: kasan: bad access detected [ 13.423881] [ 13.423950] Memory state around the buggy address: [ 13.424104] ffff888102219500: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 13.424491] ffff888102219580: 00 05 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 13.425162] >ffff888102219600: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.425544] ^ [ 13.425960] ffff888102219680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.426608] ffff888102219700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.427268] ================================================================== [ 13.545522] ================================================================== [ 13.546179] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.546553] Read of size 8 at addr ffff888102219668 by task kunit_try_catch/281 [ 13.547077] [ 13.547171] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 13.547214] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.547236] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.547257] Call Trace: [ 13.547273] <TASK> [ 13.547287] dump_stack_lvl+0x73/0xb0 [ 13.547314] print_report+0xd1/0x610 [ 13.547336] ? __virt_addr_valid+0x1db/0x2d0 [ 13.547368] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.547391] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.547413] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.547437] kasan_report+0x141/0x180 [ 13.547459] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.547488] kasan_check_range+0x10c/0x1c0 [ 13.547508] __kasan_check_read+0x15/0x20 [ 13.547528] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.547553] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.547578] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.547598] ? trace_hardirqs_on+0x37/0xe0 [ 13.547620] ? kasan_bitops_generic+0x92/0x1c0 [ 13.547644] kasan_bitops_generic+0x121/0x1c0 [ 13.547703] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.547726] ? __pfx_read_tsc+0x10/0x10 [ 13.547746] ? ktime_get_ts64+0x86/0x230 [ 13.547772] kunit_try_run_case+0x1a5/0x480 [ 13.547793] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.547812] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 13.547832] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.547857] ? __kthread_parkme+0x82/0x180 [ 13.547878] ? preempt_count_sub+0x50/0x80 [ 13.547904] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.547924] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.547947] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.547970] kthread+0x337/0x6f0 [ 13.547987] ? trace_preempt_on+0x20/0xc0 [ 13.548009] ? __pfx_kthread+0x10/0x10 [ 13.548027] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.548050] ? calculate_sigpending+0x7b/0xa0 [ 13.548071] ? __pfx_kthread+0x10/0x10 [ 13.548089] ret_from_fork+0x41/0x80 [ 13.548110] ? __pfx_kthread+0x10/0x10 [ 13.548128] ret_from_fork_asm+0x1a/0x30 [ 13.548159] </TASK> [ 13.548171] [ 13.564245] Allocated by task 281: [ 13.564647] kasan_save_stack+0x45/0x70 [ 13.565107] kasan_save_track+0x18/0x40 [ 13.565457] kasan_save_alloc_info+0x3b/0x50 [ 13.565967] __kasan_kmalloc+0xb7/0xc0 [ 13.566140] __kmalloc_cache_noprof+0x189/0x420 [ 13.566506] kasan_bitops_generic+0x92/0x1c0 [ 13.566949] kunit_try_run_case+0x1a5/0x480 [ 13.567427] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.567764] kthread+0x337/0x6f0 [ 13.567881] ret_from_fork+0x41/0x80 [ 13.568010] ret_from_fork_asm+0x1a/0x30 [ 13.568145] [ 13.568213] The buggy address belongs to the object at ffff888102219660 [ 13.568213] which belongs to the cache kmalloc-16 of size 16 [ 13.568679] The buggy address is located 8 bytes inside of [ 13.568679] allocated 9-byte region [ffff888102219660, ffff888102219669) [ 13.569154] [ 13.569258] The buggy address belongs to the physical page: [ 13.569562] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102219 [ 13.569800] flags: 0x200000000000000(node=0|zone=2) [ 13.569957] page_type: f5(slab) [ 13.570095] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.570668] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.570946] page dumped because: kasan: bad access detected [ 13.571108] [ 13.571172] Memory state around the buggy address: [ 13.571598] ffff888102219500: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 13.571912] ffff888102219580: 00 05 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 13.572157] >ffff888102219600: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.572373] ^ [ 13.572819] ffff888102219680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.573247] ffff888102219700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.573509] ================================================================== [ 13.456868] ================================================================== [ 13.457824] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.458698] Write of size 8 at addr ffff888102219668 by task kunit_try_catch/281 [ 13.459478] [ 13.459575] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 13.459621] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.459632] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.459653] Call Trace: [ 13.459666] <TASK> [ 13.459682] dump_stack_lvl+0x73/0xb0 [ 13.459708] print_report+0xd1/0x610 [ 13.459730] ? __virt_addr_valid+0x1db/0x2d0 [ 13.459751] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.459774] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.459796] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.459819] kasan_report+0x141/0x180 [ 13.459841] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.459870] kasan_check_range+0x10c/0x1c0 [ 13.459889] __kasan_check_write+0x18/0x20 [ 13.459908] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.459931] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.459956] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.459977] ? trace_hardirqs_on+0x37/0xe0 [ 13.459999] ? kasan_bitops_generic+0x92/0x1c0 [ 13.460024] kasan_bitops_generic+0x121/0x1c0 [ 13.460044] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.460066] ? __pfx_read_tsc+0x10/0x10 [ 13.460085] ? ktime_get_ts64+0x86/0x230 [ 13.460111] kunit_try_run_case+0x1a5/0x480 [ 13.460131] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.460149] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 13.460170] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.460194] ? __kthread_parkme+0x82/0x180 [ 13.460216] ? preempt_count_sub+0x50/0x80 [ 13.460260] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.460283] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.460306] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.460329] kthread+0x337/0x6f0 [ 13.460346] ? trace_preempt_on+0x20/0xc0 [ 13.460368] ? __pfx_kthread+0x10/0x10 [ 13.460386] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.460410] ? calculate_sigpending+0x7b/0xa0 [ 13.460431] ? __pfx_kthread+0x10/0x10 [ 13.460449] ret_from_fork+0x41/0x80 [ 13.460470] ? __pfx_kthread+0x10/0x10 [ 13.460488] ret_from_fork_asm+0x1a/0x30 [ 13.460519] </TASK> [ 13.460529] [ 13.473174] Allocated by task 281: [ 13.473410] kasan_save_stack+0x45/0x70 [ 13.473594] kasan_save_track+0x18/0x40 [ 13.473731] kasan_save_alloc_info+0x3b/0x50 [ 13.473876] __kasan_kmalloc+0xb7/0xc0 [ 13.474009] __kmalloc_cache_noprof+0x189/0x420 [ 13.474160] kasan_bitops_generic+0x92/0x1c0 [ 13.474422] kunit_try_run_case+0x1a5/0x480 [ 13.474630] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.475038] kthread+0x337/0x6f0 [ 13.475213] ret_from_fork+0x41/0x80 [ 13.475462] ret_from_fork_asm+0x1a/0x30 [ 13.475606] [ 13.475728] The buggy address belongs to the object at ffff888102219660 [ 13.475728] which belongs to the cache kmalloc-16 of size 16 [ 13.476261] The buggy address is located 8 bytes inside of [ 13.476261] allocated 9-byte region [ffff888102219660, ffff888102219669) [ 13.476734] [ 13.476843] The buggy address belongs to the physical page: [ 13.477099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102219 [ 13.477472] flags: 0x200000000000000(node=0|zone=2) [ 13.477703] page_type: f5(slab) [ 13.477873] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.478158] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.478524] page dumped because: kasan: bad access detected [ 13.478752] [ 13.478845] Memory state around the buggy address: [ 13.479032] ffff888102219500: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 13.479255] ffff888102219580: 00 05 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 13.479787] >ffff888102219600: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.480084] ^ [ 13.480377] ffff888102219680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.480744] ffff888102219700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.480972] ================================================================== [ 13.427946] ================================================================== [ 13.428905] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.429515] Write of size 8 at addr ffff888102219668 by task kunit_try_catch/281 [ 13.430196] [ 13.430400] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 13.430448] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.430459] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.430479] Call Trace: [ 13.430491] <TASK> [ 13.430506] dump_stack_lvl+0x73/0xb0 [ 13.430532] print_report+0xd1/0x610 [ 13.430555] ? __virt_addr_valid+0x1db/0x2d0 [ 13.430575] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.430597] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.430620] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.430644] kasan_report+0x141/0x180 [ 13.430716] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.430748] kasan_check_range+0x10c/0x1c0 [ 13.430768] __kasan_check_write+0x18/0x20 [ 13.430788] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.430811] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.430836] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.430856] ? trace_hardirqs_on+0x37/0xe0 [ 13.430878] ? kasan_bitops_generic+0x92/0x1c0 [ 13.430902] kasan_bitops_generic+0x121/0x1c0 [ 13.430922] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.430943] ? __pfx_read_tsc+0x10/0x10 [ 13.430962] ? ktime_get_ts64+0x86/0x230 [ 13.430987] kunit_try_run_case+0x1a5/0x480 [ 13.431008] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.431026] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 13.431046] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.431070] ? __kthread_parkme+0x82/0x180 [ 13.431092] ? preempt_count_sub+0x50/0x80 [ 13.431117] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.431137] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.431159] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.431182] kthread+0x337/0x6f0 [ 13.431198] ? trace_preempt_on+0x20/0xc0 [ 13.431220] ? __pfx_kthread+0x10/0x10 [ 13.431249] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.431270] ? calculate_sigpending+0x7b/0xa0 [ 13.431292] ? __pfx_kthread+0x10/0x10 [ 13.431309] ret_from_fork+0x41/0x80 [ 13.431330] ? __pfx_kthread+0x10/0x10 [ 13.431347] ret_from_fork_asm+0x1a/0x30 [ 13.431378] </TASK> [ 13.431388] [ 13.446017] Allocated by task 281: [ 13.446425] kasan_save_stack+0x45/0x70 [ 13.446815] kasan_save_track+0x18/0x40 [ 13.446964] kasan_save_alloc_info+0x3b/0x50 [ 13.447110] __kasan_kmalloc+0xb7/0xc0 [ 13.447254] __kmalloc_cache_noprof+0x189/0x420 [ 13.447411] kasan_bitops_generic+0x92/0x1c0 [ 13.447554] kunit_try_run_case+0x1a5/0x480 [ 13.447872] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.448085] kthread+0x337/0x6f0 [ 13.448236] ret_from_fork+0x41/0x80 [ 13.448475] ret_from_fork_asm+0x1a/0x30 [ 13.448677] [ 13.448745] The buggy address belongs to the object at ffff888102219660 [ 13.448745] which belongs to the cache kmalloc-16 of size 16 [ 13.449139] The buggy address is located 8 bytes inside of [ 13.449139] allocated 9-byte region [ffff888102219660, ffff888102219669) [ 13.449873] [ 13.449952] The buggy address belongs to the physical page: [ 13.450423] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102219 [ 13.450839] flags: 0x200000000000000(node=0|zone=2) [ 13.451122] page_type: f5(slab) [ 13.451280] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.451556] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.452573] page dumped because: kasan: bad access detected [ 13.452932] [ 13.453032] Memory state around the buggy address: [ 13.453246] ffff888102219500: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 13.454050] ffff888102219580: 00 05 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 13.454364] >ffff888102219600: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.454839] ^ [ 13.455067] ffff888102219680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.455408] ffff888102219700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.455754] ================================================================== [ 13.525560] ================================================================== [ 13.525969] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.526357] Write of size 8 at addr ffff888102219668 by task kunit_try_catch/281 [ 13.526694] [ 13.526803] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 13.526845] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.526855] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.526876] Call Trace: [ 13.526889] <TASK> [ 13.526905] dump_stack_lvl+0x73/0xb0 [ 13.526942] print_report+0xd1/0x610 [ 13.526966] ? __virt_addr_valid+0x1db/0x2d0 [ 13.526987] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.527010] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.527033] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.527057] kasan_report+0x141/0x180 [ 13.527079] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.527107] kasan_check_range+0x10c/0x1c0 [ 13.527127] __kasan_check_write+0x18/0x20 [ 13.527147] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.527170] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.527195] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.527215] ? trace_hardirqs_on+0x37/0xe0 [ 13.527248] ? kasan_bitops_generic+0x92/0x1c0 [ 13.527272] kasan_bitops_generic+0x121/0x1c0 [ 13.527291] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.527313] ? __pfx_read_tsc+0x10/0x10 [ 13.527333] ? ktime_get_ts64+0x86/0x230 [ 13.527397] kunit_try_run_case+0x1a5/0x480 [ 13.527422] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.527441] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 13.527462] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.527486] ? __kthread_parkme+0x82/0x180 [ 13.527507] ? preempt_count_sub+0x50/0x80 [ 13.527534] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.527555] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.527579] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.527602] kthread+0x337/0x6f0 [ 13.527619] ? trace_preempt_on+0x20/0xc0 [ 13.527642] ? __pfx_kthread+0x10/0x10 [ 13.527690] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.527715] ? calculate_sigpending+0x7b/0xa0 [ 13.527736] ? __pfx_kthread+0x10/0x10 [ 13.527754] ret_from_fork+0x41/0x80 [ 13.527775] ? __pfx_kthread+0x10/0x10 [ 13.527792] ret_from_fork_asm+0x1a/0x30 [ 13.527823] </TASK> [ 13.527834] [ 13.536022] Allocated by task 281: [ 13.536209] kasan_save_stack+0x45/0x70 [ 13.536462] kasan_save_track+0x18/0x40 [ 13.536760] kasan_save_alloc_info+0x3b/0x50 [ 13.537016] __kasan_kmalloc+0xb7/0xc0 [ 13.537209] __kmalloc_cache_noprof+0x189/0x420 [ 13.537460] kasan_bitops_generic+0x92/0x1c0 [ 13.537865] kunit_try_run_case+0x1a5/0x480 [ 13.538049] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.538238] kthread+0x337/0x6f0 [ 13.538359] ret_from_fork+0x41/0x80 [ 13.538489] ret_from_fork_asm+0x1a/0x30 [ 13.538627] [ 13.538696] The buggy address belongs to the object at ffff888102219660 [ 13.538696] which belongs to the cache kmalloc-16 of size 16 [ 13.539049] The buggy address is located 8 bytes inside of [ 13.539049] allocated 9-byte region [ffff888102219660, ffff888102219669) [ 13.539501] [ 13.539595] The buggy address belongs to the physical page: [ 13.539844] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102219 [ 13.540475] flags: 0x200000000000000(node=0|zone=2) [ 13.540964] page_type: f5(slab) [ 13.541087] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.541331] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.541557] page dumped because: kasan: bad access detected [ 13.541727] [ 13.541795] Memory state around the buggy address: [ 13.541950] ffff888102219500: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 13.542165] ffff888102219580: 00 05 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 13.542792] >ffff888102219600: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.543114] ^ [ 13.543463] ffff888102219680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.543786] ffff888102219700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.544108] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 13.204368] ================================================================== [ 13.204716] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.204969] Write of size 8 at addr ffff888102219668 by task kunit_try_catch/281 [ 13.205287] [ 13.205494] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 13.205540] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.205573] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.205594] Call Trace: [ 13.205605] <TASK> [ 13.205620] dump_stack_lvl+0x73/0xb0 [ 13.205645] print_report+0xd1/0x610 [ 13.205700] ? __virt_addr_valid+0x1db/0x2d0 [ 13.205724] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.205767] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.205789] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.205811] kasan_report+0x141/0x180 [ 13.205834] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.205860] kasan_check_range+0x10c/0x1c0 [ 13.205880] __kasan_check_write+0x18/0x20 [ 13.205900] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.205939] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.205961] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.205980] ? trace_hardirqs_on+0x37/0xe0 [ 13.206003] ? kasan_bitops_generic+0x92/0x1c0 [ 13.206026] kasan_bitops_generic+0x116/0x1c0 [ 13.206046] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.206067] ? __pfx_read_tsc+0x10/0x10 [ 13.206087] ? ktime_get_ts64+0x86/0x230 [ 13.206112] kunit_try_run_case+0x1a5/0x480 [ 13.206132] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.206152] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 13.206172] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.206197] ? __kthread_parkme+0x82/0x180 [ 13.206218] ? preempt_count_sub+0x50/0x80 [ 13.206276] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.206299] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.206324] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.206347] kthread+0x337/0x6f0 [ 13.206373] ? trace_preempt_on+0x20/0xc0 [ 13.206395] ? __pfx_kthread+0x10/0x10 [ 13.206412] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.206434] ? calculate_sigpending+0x7b/0xa0 [ 13.206454] ? __pfx_kthread+0x10/0x10 [ 13.206491] ret_from_fork+0x41/0x80 [ 13.206511] ? __pfx_kthread+0x10/0x10 [ 13.206529] ret_from_fork_asm+0x1a/0x30 [ 13.206559] </TASK> [ 13.206570] [ 13.215493] Allocated by task 281: [ 13.215695] kasan_save_stack+0x45/0x70 [ 13.215871] kasan_save_track+0x18/0x40 [ 13.216023] kasan_save_alloc_info+0x3b/0x50 [ 13.216163] __kasan_kmalloc+0xb7/0xc0 [ 13.216301] __kmalloc_cache_noprof+0x189/0x420 [ 13.216868] kasan_bitops_generic+0x92/0x1c0 [ 13.217124] kunit_try_run_case+0x1a5/0x480 [ 13.217337] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.217610] kthread+0x337/0x6f0 [ 13.217820] ret_from_fork+0x41/0x80 [ 13.218031] ret_from_fork_asm+0x1a/0x30 [ 13.218246] [ 13.218339] The buggy address belongs to the object at ffff888102219660 [ 13.218339] which belongs to the cache kmalloc-16 of size 16 [ 13.218847] The buggy address is located 8 bytes inside of [ 13.218847] allocated 9-byte region [ffff888102219660, ffff888102219669) [ 13.219352] [ 13.219424] The buggy address belongs to the physical page: [ 13.219587] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102219 [ 13.219814] flags: 0x200000000000000(node=0|zone=2) [ 13.220230] page_type: f5(slab) [ 13.220484] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.221145] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.221609] page dumped because: kasan: bad access detected [ 13.221894] [ 13.221990] Memory state around the buggy address: [ 13.222221] ffff888102219500: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 13.222604] ffff888102219580: 00 05 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 13.223082] >ffff888102219600: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.223394] ^ [ 13.223677] ffff888102219680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.223930] ffff888102219700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.224136] ================================================================== [ 13.266465] ================================================================== [ 13.267172] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.267610] Write of size 8 at addr ffff888102219668 by task kunit_try_catch/281 [ 13.268036] [ 13.268143] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 13.268186] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.268197] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.268218] Call Trace: [ 13.268247] <TASK> [ 13.268263] dump_stack_lvl+0x73/0xb0 [ 13.268309] print_report+0xd1/0x610 [ 13.268331] ? __virt_addr_valid+0x1db/0x2d0 [ 13.268375] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.268396] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.268419] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.268456] kasan_report+0x141/0x180 [ 13.268479] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.268520] kasan_check_range+0x10c/0x1c0 [ 13.268540] __kasan_check_write+0x18/0x20 [ 13.268572] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.268607] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.268643] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.268678] ? trace_hardirqs_on+0x37/0xe0 [ 13.268700] ? kasan_bitops_generic+0x92/0x1c0 [ 13.268723] kasan_bitops_generic+0x116/0x1c0 [ 13.268744] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.268765] ? __pfx_read_tsc+0x10/0x10 [ 13.268783] ? ktime_get_ts64+0x86/0x230 [ 13.268807] kunit_try_run_case+0x1a5/0x480 [ 13.268884] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.268904] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 13.268930] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.268955] ? __kthread_parkme+0x82/0x180 [ 13.268976] ? preempt_count_sub+0x50/0x80 [ 13.269022] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.269044] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.269067] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.269090] kthread+0x337/0x6f0 [ 13.269107] ? trace_preempt_on+0x20/0xc0 [ 13.269129] ? __pfx_kthread+0x10/0x10 [ 13.269146] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.269168] ? calculate_sigpending+0x7b/0xa0 [ 13.269206] ? __pfx_kthread+0x10/0x10 [ 13.269238] ret_from_fork+0x41/0x80 [ 13.269259] ? __pfx_kthread+0x10/0x10 [ 13.269277] ret_from_fork_asm+0x1a/0x30 [ 13.269308] </TASK> [ 13.269318] [ 13.278125] Allocated by task 281: [ 13.278268] kasan_save_stack+0x45/0x70 [ 13.278411] kasan_save_track+0x18/0x40 [ 13.278548] kasan_save_alloc_info+0x3b/0x50 [ 13.278693] __kasan_kmalloc+0xb7/0xc0 [ 13.278825] __kmalloc_cache_noprof+0x189/0x420 [ 13.278975] kasan_bitops_generic+0x92/0x1c0 [ 13.279522] kunit_try_run_case+0x1a5/0x480 [ 13.279762] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.280032] kthread+0x337/0x6f0 [ 13.280218] ret_from_fork+0x41/0x80 [ 13.280501] ret_from_fork_asm+0x1a/0x30 [ 13.280733] [ 13.280858] The buggy address belongs to the object at ffff888102219660 [ 13.280858] which belongs to the cache kmalloc-16 of size 16 [ 13.281451] The buggy address is located 8 bytes inside of [ 13.281451] allocated 9-byte region [ffff888102219660, ffff888102219669) [ 13.282217] [ 13.282349] The buggy address belongs to the physical page: [ 13.282597] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102219 [ 13.283061] flags: 0x200000000000000(node=0|zone=2) [ 13.283220] page_type: f5(slab) [ 13.283350] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.283685] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.284044] page dumped because: kasan: bad access detected [ 13.284469] [ 13.284593] Memory state around the buggy address: [ 13.284931] ffff888102219500: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 13.285578] ffff888102219580: 00 05 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 13.285988] >ffff888102219600: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.286243] ^ [ 13.286447] ffff888102219680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.286817] ffff888102219700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.287163] ================================================================== [ 13.287806] ================================================================== [ 13.288181] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.288638] Write of size 8 at addr ffff888102219668 by task kunit_try_catch/281 [ 13.288928] [ 13.289013] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 13.289056] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.289067] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.289087] Call Trace: [ 13.289100] <TASK> [ 13.289114] dump_stack_lvl+0x73/0xb0 [ 13.289138] print_report+0xd1/0x610 [ 13.289160] ? __virt_addr_valid+0x1db/0x2d0 [ 13.289205] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.289237] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.289259] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.289282] kasan_report+0x141/0x180 [ 13.289305] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.289331] kasan_check_range+0x10c/0x1c0 [ 13.289351] __kasan_check_write+0x18/0x20 [ 13.289370] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.289392] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.289414] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.289434] ? trace_hardirqs_on+0x37/0xe0 [ 13.289456] ? kasan_bitops_generic+0x92/0x1c0 [ 13.289480] kasan_bitops_generic+0x116/0x1c0 [ 13.289500] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.289520] ? __pfx_read_tsc+0x10/0x10 [ 13.289540] ? ktime_get_ts64+0x86/0x230 [ 13.289564] kunit_try_run_case+0x1a5/0x480 [ 13.289585] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.289603] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 13.289623] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.289647] ? __kthread_parkme+0x82/0x180 [ 13.289668] ? preempt_count_sub+0x50/0x80 [ 13.289693] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.289714] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.289738] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.289761] kthread+0x337/0x6f0 [ 13.289777] ? trace_preempt_on+0x20/0xc0 [ 13.289800] ? __pfx_kthread+0x10/0x10 [ 13.289818] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.289840] ? calculate_sigpending+0x7b/0xa0 [ 13.289861] ? __pfx_kthread+0x10/0x10 [ 13.289879] ret_from_fork+0x41/0x80 [ 13.289899] ? __pfx_kthread+0x10/0x10 [ 13.289982] ret_from_fork_asm+0x1a/0x30 [ 13.290014] </TASK> [ 13.290025] [ 13.299250] Allocated by task 281: [ 13.299408] kasan_save_stack+0x45/0x70 [ 13.299618] kasan_save_track+0x18/0x40 [ 13.299751] kasan_save_alloc_info+0x3b/0x50 [ 13.299890] __kasan_kmalloc+0xb7/0xc0 [ 13.300017] __kmalloc_cache_noprof+0x189/0x420 [ 13.300162] kasan_bitops_generic+0x92/0x1c0 [ 13.301498] kunit_try_run_case+0x1a5/0x480 [ 13.301941] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.302130] kthread+0x337/0x6f0 [ 13.302262] ret_from_fork+0x41/0x80 [ 13.302815] ret_from_fork_asm+0x1a/0x30 [ 13.303529] [ 13.303838] The buggy address belongs to the object at ffff888102219660 [ 13.303838] which belongs to the cache kmalloc-16 of size 16 [ 13.305878] The buggy address is located 8 bytes inside of [ 13.305878] allocated 9-byte region [ffff888102219660, ffff888102219669) [ 13.306267] [ 13.306351] The buggy address belongs to the physical page: [ 13.306525] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102219 [ 13.307122] flags: 0x200000000000000(node=0|zone=2) [ 13.307395] page_type: f5(slab) [ 13.307664] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.308122] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.308437] page dumped because: kasan: bad access detected [ 13.308989] [ 13.309095] Memory state around the buggy address: [ 13.309333] ffff888102219500: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 13.309706] ffff888102219580: 00 05 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 13.310036] >ffff888102219600: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.310377] ^ [ 13.310682] ffff888102219680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.311250] ffff888102219700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.311592] ================================================================== [ 13.245111] ================================================================== [ 13.245551] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.245909] Write of size 8 at addr ffff888102219668 by task kunit_try_catch/281 [ 13.246235] [ 13.246337] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 13.246378] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.246389] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.246409] Call Trace: [ 13.246422] <TASK> [ 13.246435] dump_stack_lvl+0x73/0xb0 [ 13.246459] print_report+0xd1/0x610 [ 13.246480] ? __virt_addr_valid+0x1db/0x2d0 [ 13.246501] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.246522] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.246544] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.246565] kasan_report+0x141/0x180 [ 13.246587] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.246613] kasan_check_range+0x10c/0x1c0 [ 13.246633] __kasan_check_write+0x18/0x20 [ 13.246652] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.246674] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.246696] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.246716] ? trace_hardirqs_on+0x37/0xe0 [ 13.246738] ? kasan_bitops_generic+0x92/0x1c0 [ 13.246761] kasan_bitops_generic+0x116/0x1c0 [ 13.246781] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.246801] ? __pfx_read_tsc+0x10/0x10 [ 13.246820] ? ktime_get_ts64+0x86/0x230 [ 13.246844] kunit_try_run_case+0x1a5/0x480 [ 13.246864] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.246882] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 13.246902] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.246925] ? __kthread_parkme+0x82/0x180 [ 13.246945] ? preempt_count_sub+0x50/0x80 [ 13.246971] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.246991] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.247014] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.247036] kthread+0x337/0x6f0 [ 13.247052] ? trace_preempt_on+0x20/0xc0 [ 13.247074] ? __pfx_kthread+0x10/0x10 [ 13.247091] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.247112] ? calculate_sigpending+0x7b/0xa0 [ 13.247132] ? __pfx_kthread+0x10/0x10 [ 13.247151] ret_from_fork+0x41/0x80 [ 13.247170] ? __pfx_kthread+0x10/0x10 [ 13.247187] ret_from_fork_asm+0x1a/0x30 [ 13.247217] </TASK> [ 13.247235] [ 13.256568] Allocated by task 281: [ 13.256811] kasan_save_stack+0x45/0x70 [ 13.256963] kasan_save_track+0x18/0x40 [ 13.257148] kasan_save_alloc_info+0x3b/0x50 [ 13.257399] __kasan_kmalloc+0xb7/0xc0 [ 13.257589] __kmalloc_cache_noprof+0x189/0x420 [ 13.257977] kasan_bitops_generic+0x92/0x1c0 [ 13.258215] kunit_try_run_case+0x1a5/0x480 [ 13.258382] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.258647] kthread+0x337/0x6f0 [ 13.258804] ret_from_fork+0x41/0x80 [ 13.258981] ret_from_fork_asm+0x1a/0x30 [ 13.259208] [ 13.259306] The buggy address belongs to the object at ffff888102219660 [ 13.259306] which belongs to the cache kmalloc-16 of size 16 [ 13.260250] The buggy address is located 8 bytes inside of [ 13.260250] allocated 9-byte region [ffff888102219660, ffff888102219669) [ 13.260887] [ 13.260964] The buggy address belongs to the physical page: [ 13.261134] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102219 [ 13.261642] flags: 0x200000000000000(node=0|zone=2) [ 13.261927] page_type: f5(slab) [ 13.262105] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.262460] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.262832] page dumped because: kasan: bad access detected [ 13.263044] [ 13.263110] Memory state around the buggy address: [ 13.263281] ffff888102219500: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 13.263964] ffff888102219580: 00 05 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 13.264313] >ffff888102219600: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.264624] ^ [ 13.264911] ffff888102219680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.265493] ffff888102219700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.265966] ================================================================== [ 13.345399] ================================================================== [ 13.345970] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.346742] Write of size 8 at addr ffff888102219668 by task kunit_try_catch/281 [ 13.347288] [ 13.347410] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 13.347470] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.347481] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.347502] Call Trace: [ 13.347521] <TASK> [ 13.347538] dump_stack_lvl+0x73/0xb0 [ 13.347564] print_report+0xd1/0x610 [ 13.347586] ? __virt_addr_valid+0x1db/0x2d0 [ 13.347617] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.347638] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.347659] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.347681] kasan_report+0x141/0x180 [ 13.347714] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.347740] kasan_check_range+0x10c/0x1c0 [ 13.347760] __kasan_check_write+0x18/0x20 [ 13.347780] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.347801] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.347824] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.347844] ? trace_hardirqs_on+0x37/0xe0 [ 13.347866] ? kasan_bitops_generic+0x92/0x1c0 [ 13.347890] kasan_bitops_generic+0x116/0x1c0 [ 13.347909] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.347930] ? __pfx_read_tsc+0x10/0x10 [ 13.347950] ? ktime_get_ts64+0x86/0x230 [ 13.347975] kunit_try_run_case+0x1a5/0x480 [ 13.347996] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.348014] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 13.348035] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.348058] ? __kthread_parkme+0x82/0x180 [ 13.348080] ? preempt_count_sub+0x50/0x80 [ 13.348107] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.348128] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.348150] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.348173] kthread+0x337/0x6f0 [ 13.348190] ? trace_preempt_on+0x20/0xc0 [ 13.348211] ? __pfx_kthread+0x10/0x10 [ 13.348240] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.348262] ? calculate_sigpending+0x7b/0xa0 [ 13.348284] ? __pfx_kthread+0x10/0x10 [ 13.348302] ret_from_fork+0x41/0x80 [ 13.348322] ? __pfx_kthread+0x10/0x10 [ 13.348340] ret_from_fork_asm+0x1a/0x30 [ 13.348375] </TASK> [ 13.348386] [ 13.362940] Allocated by task 281: [ 13.363086] kasan_save_stack+0x45/0x70 [ 13.363252] kasan_save_track+0x18/0x40 [ 13.363418] kasan_save_alloc_info+0x3b/0x50 [ 13.363573] __kasan_kmalloc+0xb7/0xc0 [ 13.363705] __kmalloc_cache_noprof+0x189/0x420 [ 13.364055] kasan_bitops_generic+0x92/0x1c0 [ 13.364273] kunit_try_run_case+0x1a5/0x480 [ 13.364430] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.364674] kthread+0x337/0x6f0 [ 13.364843] ret_from_fork+0x41/0x80 [ 13.365029] ret_from_fork_asm+0x1a/0x30 [ 13.365168] [ 13.365249] The buggy address belongs to the object at ffff888102219660 [ 13.365249] which belongs to the cache kmalloc-16 of size 16 [ 13.365768] The buggy address is located 8 bytes inside of [ 13.365768] allocated 9-byte region [ffff888102219660, ffff888102219669) [ 13.366333] [ 13.366446] The buggy address belongs to the physical page: [ 13.366905] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102219 [ 13.367258] flags: 0x200000000000000(node=0|zone=2) [ 13.367516] page_type: f5(slab) [ 13.367737] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.368028] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.368331] page dumped because: kasan: bad access detected [ 13.368500] [ 13.368568] Memory state around the buggy address: [ 13.368759] ffff888102219500: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 13.369205] ffff888102219580: 00 05 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 13.369502] >ffff888102219600: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.369713] ^ [ 13.370402] ffff888102219680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.370691] ffff888102219700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.371018] ================================================================== [ 13.224803] ================================================================== [ 13.225424] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.225948] Write of size 8 at addr ffff888102219668 by task kunit_try_catch/281 [ 13.226213] [ 13.226304] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 13.226344] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.226355] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.226375] Call Trace: [ 13.226391] <TASK> [ 13.226404] dump_stack_lvl+0x73/0xb0 [ 13.226428] print_report+0xd1/0x610 [ 13.226451] ? __virt_addr_valid+0x1db/0x2d0 [ 13.226471] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.226492] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.226515] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.226538] kasan_report+0x141/0x180 [ 13.226564] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.226593] kasan_check_range+0x10c/0x1c0 [ 13.226613] __kasan_check_write+0x18/0x20 [ 13.226633] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.226655] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.226678] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.226698] ? trace_hardirqs_on+0x37/0xe0 [ 13.226720] ? kasan_bitops_generic+0x92/0x1c0 [ 13.226743] kasan_bitops_generic+0x116/0x1c0 [ 13.226763] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.226785] ? __pfx_read_tsc+0x10/0x10 [ 13.226806] ? ktime_get_ts64+0x86/0x230 [ 13.226829] kunit_try_run_case+0x1a5/0x480 [ 13.226850] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.226868] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 13.226888] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.226913] ? __kthread_parkme+0x82/0x180 [ 13.226935] ? preempt_count_sub+0x50/0x80 [ 13.226961] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.226982] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.227006] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.227028] kthread+0x337/0x6f0 [ 13.227045] ? trace_preempt_on+0x20/0xc0 [ 13.227067] ? __pfx_kthread+0x10/0x10 [ 13.227084] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.227106] ? calculate_sigpending+0x7b/0xa0 [ 13.227127] ? __pfx_kthread+0x10/0x10 [ 13.227145] ret_from_fork+0x41/0x80 [ 13.227165] ? __pfx_kthread+0x10/0x10 [ 13.227183] ret_from_fork_asm+0x1a/0x30 [ 13.227213] </TASK> [ 13.227233] [ 13.235859] Allocated by task 281: [ 13.236119] kasan_save_stack+0x45/0x70 [ 13.236360] kasan_save_track+0x18/0x40 [ 13.236558] kasan_save_alloc_info+0x3b/0x50 [ 13.236759] __kasan_kmalloc+0xb7/0xc0 [ 13.236956] __kmalloc_cache_noprof+0x189/0x420 [ 13.237127] kasan_bitops_generic+0x92/0x1c0 [ 13.237368] kunit_try_run_case+0x1a5/0x480 [ 13.237701] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.238165] kthread+0x337/0x6f0 [ 13.238431] ret_from_fork+0x41/0x80 [ 13.238627] ret_from_fork_asm+0x1a/0x30 [ 13.238859] [ 13.238978] The buggy address belongs to the object at ffff888102219660 [ 13.238978] which belongs to the cache kmalloc-16 of size 16 [ 13.239474] The buggy address is located 8 bytes inside of [ 13.239474] allocated 9-byte region [ffff888102219660, ffff888102219669) [ 13.240025] [ 13.240132] The buggy address belongs to the physical page: [ 13.240376] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102219 [ 13.240809] flags: 0x200000000000000(node=0|zone=2) [ 13.240990] page_type: f5(slab) [ 13.241157] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.241531] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.241895] page dumped because: kasan: bad access detected [ 13.242100] [ 13.242192] Memory state around the buggy address: [ 13.242454] ffff888102219500: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 13.242906] ffff888102219580: 00 05 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 13.243183] >ffff888102219600: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.243596] ^ [ 13.243873] ffff888102219680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.244215] ffff888102219700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.244584] ================================================================== [ 13.182604] ================================================================== [ 13.183195] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.183618] Write of size 8 at addr ffff888102219668 by task kunit_try_catch/281 [ 13.183999] [ 13.184120] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 13.184193] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.184205] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.184254] Call Trace: [ 13.184266] <TASK> [ 13.184281] dump_stack_lvl+0x73/0xb0 [ 13.184306] print_report+0xd1/0x610 [ 13.184328] ? __virt_addr_valid+0x1db/0x2d0 [ 13.184349] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.184383] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.184406] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.184429] kasan_report+0x141/0x180 [ 13.184451] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.184477] kasan_check_range+0x10c/0x1c0 [ 13.184497] __kasan_check_write+0x18/0x20 [ 13.184516] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.184539] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.184561] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.184582] ? trace_hardirqs_on+0x37/0xe0 [ 13.184603] ? kasan_bitops_generic+0x92/0x1c0 [ 13.184628] kasan_bitops_generic+0x116/0x1c0 [ 13.184648] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.184669] ? __pfx_read_tsc+0x10/0x10 [ 13.184689] ? ktime_get_ts64+0x86/0x230 [ 13.184714] kunit_try_run_case+0x1a5/0x480 [ 13.184734] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.184753] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 13.184773] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.184797] ? __kthread_parkme+0x82/0x180 [ 13.184818] ? preempt_count_sub+0x50/0x80 [ 13.184842] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.184862] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.184885] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.184908] kthread+0x337/0x6f0 [ 13.184988] ? trace_preempt_on+0x20/0xc0 [ 13.185016] ? __pfx_kthread+0x10/0x10 [ 13.185034] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.185056] ? calculate_sigpending+0x7b/0xa0 [ 13.185078] ? __pfx_kthread+0x10/0x10 [ 13.185096] ret_from_fork+0x41/0x80 [ 13.185117] ? __pfx_kthread+0x10/0x10 [ 13.185154] ret_from_fork_asm+0x1a/0x30 [ 13.185186] </TASK> [ 13.185196] [ 13.194932] Allocated by task 281: [ 13.195137] kasan_save_stack+0x45/0x70 [ 13.195372] kasan_save_track+0x18/0x40 [ 13.195614] kasan_save_alloc_info+0x3b/0x50 [ 13.195887] __kasan_kmalloc+0xb7/0xc0 [ 13.196098] __kmalloc_cache_noprof+0x189/0x420 [ 13.196268] kasan_bitops_generic+0x92/0x1c0 [ 13.196565] kunit_try_run_case+0x1a5/0x480 [ 13.196830] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.197095] kthread+0x337/0x6f0 [ 13.197273] ret_from_fork+0x41/0x80 [ 13.197502] ret_from_fork_asm+0x1a/0x30 [ 13.197641] [ 13.197742] The buggy address belongs to the object at ffff888102219660 [ 13.197742] which belongs to the cache kmalloc-16 of size 16 [ 13.198257] The buggy address is located 8 bytes inside of [ 13.198257] allocated 9-byte region [ffff888102219660, ffff888102219669) [ 13.198802] [ 13.198894] The buggy address belongs to the physical page: [ 13.199140] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102219 [ 13.199600] flags: 0x200000000000000(node=0|zone=2) [ 13.200120] page_type: f5(slab) [ 13.200293] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.200601] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.200819] page dumped because: kasan: bad access detected [ 13.200987] [ 13.201053] Memory state around the buggy address: [ 13.201202] ffff888102219500: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 13.201739] ffff888102219580: 00 05 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 13.202090] >ffff888102219600: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.202476] ^ [ 13.202932] ffff888102219680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.203406] ffff888102219700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.203651] ================================================================== [ 13.312197] ================================================================== [ 13.312599] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.313143] Write of size 8 at addr ffff888102219668 by task kunit_try_catch/281 [ 13.313436] [ 13.313553] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 13.313595] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.313607] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.313626] Call Trace: [ 13.313643] <TASK> [ 13.313657] dump_stack_lvl+0x73/0xb0 [ 13.313682] print_report+0xd1/0x610 [ 13.313704] ? __virt_addr_valid+0x1db/0x2d0 [ 13.313724] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.313745] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.313767] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.313789] kasan_report+0x141/0x180 [ 13.313810] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.313839] kasan_check_range+0x10c/0x1c0 [ 13.313900] __kasan_check_write+0x18/0x20 [ 13.313920] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.313953] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.313977] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.313996] ? trace_hardirqs_on+0x37/0xe0 [ 13.314018] ? kasan_bitops_generic+0x92/0x1c0 [ 13.314041] kasan_bitops_generic+0x116/0x1c0 [ 13.314061] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.314082] ? __pfx_read_tsc+0x10/0x10 [ 13.314102] ? ktime_get_ts64+0x86/0x230 [ 13.314127] kunit_try_run_case+0x1a5/0x480 [ 13.314147] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.314166] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 13.314188] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.314211] ? __kthread_parkme+0x82/0x180 [ 13.314241] ? preempt_count_sub+0x50/0x80 [ 13.314267] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.314289] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.314312] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.314335] kthread+0x337/0x6f0 [ 13.314352] ? trace_preempt_on+0x20/0xc0 [ 13.314374] ? __pfx_kthread+0x10/0x10 [ 13.314395] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.314447] ? calculate_sigpending+0x7b/0xa0 [ 13.314468] ? __pfx_kthread+0x10/0x10 [ 13.314497] ret_from_fork+0x41/0x80 [ 13.314518] ? __pfx_kthread+0x10/0x10 [ 13.314536] ret_from_fork_asm+0x1a/0x30 [ 13.314567] </TASK> [ 13.314577] [ 13.330610] Allocated by task 281: [ 13.331017] kasan_save_stack+0x45/0x70 [ 13.331354] kasan_save_track+0x18/0x40 [ 13.331504] kasan_save_alloc_info+0x3b/0x50 [ 13.331816] __kasan_kmalloc+0xb7/0xc0 [ 13.332274] __kmalloc_cache_noprof+0x189/0x420 [ 13.332800] kasan_bitops_generic+0x92/0x1c0 [ 13.333354] kunit_try_run_case+0x1a5/0x480 [ 13.333512] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.333791] kthread+0x337/0x6f0 [ 13.334114] ret_from_fork+0x41/0x80 [ 13.334538] ret_from_fork_asm+0x1a/0x30 [ 13.334965] [ 13.335136] The buggy address belongs to the object at ffff888102219660 [ 13.335136] which belongs to the cache kmalloc-16 of size 16 [ 13.336298] The buggy address is located 8 bytes inside of [ 13.336298] allocated 9-byte region [ffff888102219660, ffff888102219669) [ 13.337015] [ 13.337182] The buggy address belongs to the physical page: [ 13.337891] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102219 [ 13.338215] flags: 0x200000000000000(node=0|zone=2) [ 13.338449] page_type: f5(slab) [ 13.338836] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.339530] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.340234] page dumped because: kasan: bad access detected [ 13.340808] [ 13.340898] Memory state around the buggy address: [ 13.341097] ffff888102219500: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 13.341821] ffff888102219580: 00 05 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 13.342332] >ffff888102219600: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.342672] ^ [ 13.343360] ffff888102219680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.344117] ffff888102219700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.344653] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 13.156384] ================================================================== [ 13.156956] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 13.157254] Read of size 1 at addr ffff8881028ca790 by task kunit_try_catch/279 [ 13.157577] [ 13.157684] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 13.157728] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.157741] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.157761] Call Trace: [ 13.157776] <TASK> [ 13.157810] dump_stack_lvl+0x73/0xb0 [ 13.157834] print_report+0xd1/0x610 [ 13.157857] ? __virt_addr_valid+0x1db/0x2d0 [ 13.157878] ? strnlen+0x73/0x80 [ 13.157896] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.157919] ? strnlen+0x73/0x80 [ 13.157938] kasan_report+0x141/0x180 [ 13.157960] ? strnlen+0x73/0x80 [ 13.157983] __asan_report_load1_noabort+0x18/0x20 [ 13.158004] strnlen+0x73/0x80 [ 13.158023] kasan_strings+0x615/0xe80 [ 13.158043] ? trace_hardirqs_on+0x37/0xe0 [ 13.158065] ? __pfx_kasan_strings+0x10/0x10 [ 13.158106] ? __kasan_check_write+0x18/0x20 [ 13.158126] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.158148] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 13.158169] ? __pfx_read_tsc+0x10/0x10 [ 13.158188] ? ktime_get_ts64+0x86/0x230 [ 13.158213] kunit_try_run_case+0x1a5/0x480 [ 13.158244] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.158263] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 13.158298] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.158321] ? __kthread_parkme+0x82/0x180 [ 13.158366] ? preempt_count_sub+0x50/0x80 [ 13.158390] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.158411] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.158434] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.158457] kthread+0x337/0x6f0 [ 13.158473] ? trace_preempt_on+0x20/0xc0 [ 13.158495] ? __pfx_kthread+0x10/0x10 [ 13.158513] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.158535] ? calculate_sigpending+0x7b/0xa0 [ 13.158556] ? __pfx_kthread+0x10/0x10 [ 13.158590] ret_from_fork+0x41/0x80 [ 13.158610] ? __pfx_kthread+0x10/0x10 [ 13.158641] ret_from_fork_asm+0x1a/0x30 [ 13.158685] </TASK> [ 13.158696] [ 13.166043] Allocated by task 279: [ 13.166249] kasan_save_stack+0x45/0x70 [ 13.166476] kasan_save_track+0x18/0x40 [ 13.166668] kasan_save_alloc_info+0x3b/0x50 [ 13.166859] __kasan_kmalloc+0xb7/0xc0 [ 13.167053] __kmalloc_cache_noprof+0x189/0x420 [ 13.167245] kasan_strings+0xc0/0xe80 [ 13.167451] kunit_try_run_case+0x1a5/0x480 [ 13.167627] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.167876] kthread+0x337/0x6f0 [ 13.168023] ret_from_fork+0x41/0x80 [ 13.168187] ret_from_fork_asm+0x1a/0x30 [ 13.168440] [ 13.168531] Freed by task 279: [ 13.168694] kasan_save_stack+0x45/0x70 [ 13.168909] kasan_save_track+0x18/0x40 [ 13.169073] kasan_save_free_info+0x3f/0x60 [ 13.169212] __kasan_slab_free+0x56/0x70 [ 13.169453] kfree+0x222/0x3f0 [ 13.169610] kasan_strings+0x2aa/0xe80 [ 13.169790] kunit_try_run_case+0x1a5/0x480 [ 13.169983] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.170220] kthread+0x337/0x6f0 [ 13.170407] ret_from_fork+0x41/0x80 [ 13.170591] ret_from_fork_asm+0x1a/0x30 [ 13.170780] [ 13.170871] The buggy address belongs to the object at ffff8881028ca780 [ 13.170871] which belongs to the cache kmalloc-32 of size 32 [ 13.171341] The buggy address is located 16 bytes inside of [ 13.171341] freed 32-byte region [ffff8881028ca780, ffff8881028ca7a0) [ 13.171748] [ 13.171816] The buggy address belongs to the physical page: [ 13.172060] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028ca [ 13.172463] flags: 0x200000000000000(node=0|zone=2) [ 13.172697] page_type: f5(slab) [ 13.172875] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.173182] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.173541] page dumped because: kasan: bad access detected [ 13.173798] [ 13.173869] Memory state around the buggy address: [ 13.174086] ffff8881028ca680: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.174375] ffff8881028ca700: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.174670] >ffff8881028ca780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.174963] ^ [ 13.175098] ffff8881028ca800: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.175448] ffff8881028ca880: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.175728] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 13.134675] ================================================================== [ 13.135095] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 13.135659] Read of size 1 at addr ffff8881028ca790 by task kunit_try_catch/279 [ 13.136129] [ 13.136252] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 13.136297] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.136308] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.136468] Call Trace: [ 13.136503] <TASK> [ 13.136533] dump_stack_lvl+0x73/0xb0 [ 13.136573] print_report+0xd1/0x610 [ 13.136609] ? __virt_addr_valid+0x1db/0x2d0 [ 13.136644] ? strlen+0x8f/0xb0 [ 13.136662] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.136698] ? strlen+0x8f/0xb0 [ 13.136730] kasan_report+0x141/0x180 [ 13.136765] ? strlen+0x8f/0xb0 [ 13.136802] __asan_report_load1_noabort+0x18/0x20 [ 13.136837] strlen+0x8f/0xb0 [ 13.136856] kasan_strings+0x57b/0xe80 [ 13.136890] ? trace_hardirqs_on+0x37/0xe0 [ 13.136931] ? __pfx_kasan_strings+0x10/0x10 [ 13.136967] ? __kasan_check_write+0x18/0x20 [ 13.136999] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.137022] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 13.137094] ? __pfx_read_tsc+0x10/0x10 [ 13.137117] ? ktime_get_ts64+0x86/0x230 [ 13.137142] kunit_try_run_case+0x1a5/0x480 [ 13.137163] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.137181] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 13.137200] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.137238] ? __kthread_parkme+0x82/0x180 [ 13.137259] ? preempt_count_sub+0x50/0x80 [ 13.137284] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.137304] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.137326] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.137349] kthread+0x337/0x6f0 [ 13.137365] ? trace_preempt_on+0x20/0xc0 [ 13.137387] ? __pfx_kthread+0x10/0x10 [ 13.137405] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.137427] ? calculate_sigpending+0x7b/0xa0 [ 13.137448] ? __pfx_kthread+0x10/0x10 [ 13.137466] ret_from_fork+0x41/0x80 [ 13.137486] ? __pfx_kthread+0x10/0x10 [ 13.137503] ret_from_fork_asm+0x1a/0x30 [ 13.137534] </TASK> [ 13.137544] [ 13.146164] Allocated by task 279: [ 13.146368] kasan_save_stack+0x45/0x70 [ 13.146590] kasan_save_track+0x18/0x40 [ 13.146743] kasan_save_alloc_info+0x3b/0x50 [ 13.146945] __kasan_kmalloc+0xb7/0xc0 [ 13.147111] __kmalloc_cache_noprof+0x189/0x420 [ 13.147348] kasan_strings+0xc0/0xe80 [ 13.147492] kunit_try_run_case+0x1a5/0x480 [ 13.147690] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.147954] kthread+0x337/0x6f0 [ 13.148069] ret_from_fork+0x41/0x80 [ 13.148197] ret_from_fork_asm+0x1a/0x30 [ 13.148398] [ 13.148490] Freed by task 279: [ 13.148649] kasan_save_stack+0x45/0x70 [ 13.148839] kasan_save_track+0x18/0x40 [ 13.149033] kasan_save_free_info+0x3f/0x60 [ 13.149258] __kasan_slab_free+0x56/0x70 [ 13.149452] kfree+0x222/0x3f0 [ 13.149602] kasan_strings+0x2aa/0xe80 [ 13.149730] kunit_try_run_case+0x1a5/0x480 [ 13.149867] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.150047] kthread+0x337/0x6f0 [ 13.150250] ret_from_fork+0x41/0x80 [ 13.150519] ret_from_fork_asm+0x1a/0x30 [ 13.150736] [ 13.150828] The buggy address belongs to the object at ffff8881028ca780 [ 13.150828] which belongs to the cache kmalloc-32 of size 32 [ 13.151354] The buggy address is located 16 bytes inside of [ 13.151354] freed 32-byte region [ffff8881028ca780, ffff8881028ca7a0) [ 13.151838] [ 13.151945] The buggy address belongs to the physical page: [ 13.152153] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028ca [ 13.152553] flags: 0x200000000000000(node=0|zone=2) [ 13.152739] page_type: f5(slab) [ 13.152929] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.153249] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.153583] page dumped because: kasan: bad access detected [ 13.153816] [ 13.153905] Memory state around the buggy address: [ 13.154126] ffff8881028ca680: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.154437] ffff8881028ca700: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.154743] >ffff8881028ca780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.155040] ^ [ 13.155221] ffff8881028ca800: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.155514] ffff8881028ca880: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.155818] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 13.113274] ================================================================== [ 13.113721] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 13.113968] Read of size 1 at addr ffff8881028ca790 by task kunit_try_catch/279 [ 13.114315] [ 13.114461] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 13.114528] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.114540] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.114560] Call Trace: [ 13.114574] <TASK> [ 13.114588] dump_stack_lvl+0x73/0xb0 [ 13.114614] print_report+0xd1/0x610 [ 13.114637] ? __virt_addr_valid+0x1db/0x2d0 [ 13.114657] ? kasan_strings+0xcbc/0xe80 [ 13.114677] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.114717] ? kasan_strings+0xcbc/0xe80 [ 13.114738] kasan_report+0x141/0x180 [ 13.114774] ? kasan_strings+0xcbc/0xe80 [ 13.114813] __asan_report_load1_noabort+0x18/0x20 [ 13.114834] kasan_strings+0xcbc/0xe80 [ 13.114854] ? trace_hardirqs_on+0x37/0xe0 [ 13.114877] ? __pfx_kasan_strings+0x10/0x10 [ 13.114899] ? __kasan_check_write+0x18/0x20 [ 13.114919] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.114942] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 13.114963] ? __pfx_read_tsc+0x10/0x10 [ 13.114983] ? ktime_get_ts64+0x86/0x230 [ 13.115007] kunit_try_run_case+0x1a5/0x480 [ 13.115028] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.115047] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 13.115066] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.115090] ? __kthread_parkme+0x82/0x180 [ 13.115111] ? preempt_count_sub+0x50/0x80 [ 13.115137] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.115156] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.115179] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.115203] kthread+0x337/0x6f0 [ 13.115219] ? trace_preempt_on+0x20/0xc0 [ 13.115251] ? __pfx_kthread+0x10/0x10 [ 13.115269] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.115309] ? calculate_sigpending+0x7b/0xa0 [ 13.115331] ? __pfx_kthread+0x10/0x10 [ 13.115349] ret_from_fork+0x41/0x80 [ 13.115382] ? __pfx_kthread+0x10/0x10 [ 13.115399] ret_from_fork_asm+0x1a/0x30 [ 13.115430] </TASK> [ 13.115440] [ 13.123195] Allocated by task 279: [ 13.123334] kasan_save_stack+0x45/0x70 [ 13.123478] kasan_save_track+0x18/0x40 [ 13.123613] kasan_save_alloc_info+0x3b/0x50 [ 13.123818] __kasan_kmalloc+0xb7/0xc0 [ 13.124068] __kmalloc_cache_noprof+0x189/0x420 [ 13.124318] kasan_strings+0xc0/0xe80 [ 13.124689] kunit_try_run_case+0x1a5/0x480 [ 13.124888] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.125138] kthread+0x337/0x6f0 [ 13.125311] ret_from_fork+0x41/0x80 [ 13.125527] ret_from_fork_asm+0x1a/0x30 [ 13.125689] [ 13.125790] Freed by task 279: [ 13.125956] kasan_save_stack+0x45/0x70 [ 13.126172] kasan_save_track+0x18/0x40 [ 13.126375] kasan_save_free_info+0x3f/0x60 [ 13.126613] __kasan_slab_free+0x56/0x70 [ 13.126806] kfree+0x222/0x3f0 [ 13.126963] kasan_strings+0x2aa/0xe80 [ 13.127151] kunit_try_run_case+0x1a5/0x480 [ 13.127366] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.127623] kthread+0x337/0x6f0 [ 13.127784] ret_from_fork+0x41/0x80 [ 13.128081] ret_from_fork_asm+0x1a/0x30 [ 13.128220] [ 13.128299] The buggy address belongs to the object at ffff8881028ca780 [ 13.128299] which belongs to the cache kmalloc-32 of size 32 [ 13.129114] The buggy address is located 16 bytes inside of [ 13.129114] freed 32-byte region [ffff8881028ca780, ffff8881028ca7a0) [ 13.129777] [ 13.129875] The buggy address belongs to the physical page: [ 13.130156] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028ca [ 13.130597] flags: 0x200000000000000(node=0|zone=2) [ 13.130846] page_type: f5(slab) [ 13.131012] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.131253] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.131570] page dumped because: kasan: bad access detected [ 13.131839] [ 13.131931] Memory state around the buggy address: [ 13.132165] ffff8881028ca680: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.132528] ffff8881028ca700: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.132870] >ffff8881028ca780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.133186] ^ [ 13.133336] ffff8881028ca800: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.133595] ffff8881028ca880: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.133939] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 13.090069] ================================================================== [ 13.091257] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 13.091531] Read of size 1 at addr ffff8881028ca790 by task kunit_try_catch/279 [ 13.091864] [ 13.091999] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 13.092068] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.092080] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.092104] Call Trace: [ 13.092117] <TASK> [ 13.092135] dump_stack_lvl+0x73/0xb0 [ 13.092161] print_report+0xd1/0x610 [ 13.092189] ? __virt_addr_valid+0x1db/0x2d0 [ 13.092210] ? strcmp+0xb0/0xc0 [ 13.092238] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.092279] ? strcmp+0xb0/0xc0 [ 13.092298] kasan_report+0x141/0x180 [ 13.092321] ? strcmp+0xb0/0xc0 [ 13.092343] __asan_report_load1_noabort+0x18/0x20 [ 13.092364] strcmp+0xb0/0xc0 [ 13.092383] kasan_strings+0x431/0xe80 [ 13.092415] ? trace_hardirqs_on+0x37/0xe0 [ 13.092439] ? __pfx_kasan_strings+0x10/0x10 [ 13.092461] ? __kasan_check_write+0x18/0x20 [ 13.092480] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.092503] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 13.092524] ? __pfx_read_tsc+0x10/0x10 [ 13.092545] ? ktime_get_ts64+0x86/0x230 [ 13.092570] kunit_try_run_case+0x1a5/0x480 [ 13.092611] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.092630] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 13.092648] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.092673] ? __kthread_parkme+0x82/0x180 [ 13.092711] ? preempt_count_sub+0x50/0x80 [ 13.092738] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.092759] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.092782] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.092805] kthread+0x337/0x6f0 [ 13.092822] ? trace_preempt_on+0x20/0xc0 [ 13.092843] ? __pfx_kthread+0x10/0x10 [ 13.092861] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.092883] ? calculate_sigpending+0x7b/0xa0 [ 13.092905] ? __pfx_kthread+0x10/0x10 [ 13.092928] ret_from_fork+0x41/0x80 [ 13.092948] ? __pfx_kthread+0x10/0x10 [ 13.092966] ret_from_fork_asm+0x1a/0x30 [ 13.092997] </TASK> [ 13.093008] [ 13.100694] Allocated by task 279: [ 13.100902] kasan_save_stack+0x45/0x70 [ 13.101106] kasan_save_track+0x18/0x40 [ 13.101301] kasan_save_alloc_info+0x3b/0x50 [ 13.101501] __kasan_kmalloc+0xb7/0xc0 [ 13.101681] __kmalloc_cache_noprof+0x189/0x420 [ 13.101908] kasan_strings+0xc0/0xe80 [ 13.102046] kunit_try_run_case+0x1a5/0x480 [ 13.102184] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.102373] kthread+0x337/0x6f0 [ 13.102541] ret_from_fork+0x41/0x80 [ 13.102729] ret_from_fork_asm+0x1a/0x30 [ 13.102945] [ 13.103037] Freed by task 279: [ 13.103215] kasan_save_stack+0x45/0x70 [ 13.103471] kasan_save_track+0x18/0x40 [ 13.103639] kasan_save_free_info+0x3f/0x60 [ 13.103860] __kasan_slab_free+0x56/0x70 [ 13.104048] kfree+0x222/0x3f0 [ 13.104160] kasan_strings+0x2aa/0xe80 [ 13.104344] kunit_try_run_case+0x1a5/0x480 [ 13.104544] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.104795] kthread+0x337/0x6f0 [ 13.105036] ret_from_fork+0x41/0x80 [ 13.105235] ret_from_fork_asm+0x1a/0x30 [ 13.106139] [ 13.106265] The buggy address belongs to the object at ffff8881028ca780 [ 13.106265] which belongs to the cache kmalloc-32 of size 32 [ 13.107106] The buggy address is located 16 bytes inside of [ 13.107106] freed 32-byte region [ffff8881028ca780, ffff8881028ca7a0) [ 13.107806] [ 13.107879] The buggy address belongs to the physical page: [ 13.108047] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028ca [ 13.108438] flags: 0x200000000000000(node=0|zone=2) [ 13.108822] page_type: f5(slab) [ 13.109013] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.109453] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.109783] page dumped because: kasan: bad access detected [ 13.110009] [ 13.110076] Memory state around the buggy address: [ 13.110237] ffff8881028ca680: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.110804] ffff8881028ca700: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.111135] >ffff8881028ca780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.111500] ^ [ 13.111685] ffff8881028ca800: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.111922] ffff8881028ca880: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.112202] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 13.017646] ================================================================== [ 13.018438] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 13.018697] Read of size 1 at addr ffff888103d97c4a by task kunit_try_catch/273 [ 13.018921] [ 13.019009] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 13.019055] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.019066] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.019089] Call Trace: [ 13.019101] <TASK> [ 13.019117] dump_stack_lvl+0x73/0xb0 [ 13.019141] print_report+0xd1/0x610 [ 13.019164] ? __virt_addr_valid+0x1db/0x2d0 [ 13.019185] ? kasan_alloca_oob_right+0x329/0x390 [ 13.019207] ? kasan_addr_to_slab+0x11/0xa0 [ 13.019250] ? kasan_alloca_oob_right+0x329/0x390 [ 13.019273] kasan_report+0x141/0x180 [ 13.019296] ? kasan_alloca_oob_right+0x329/0x390 [ 13.019324] __asan_report_load1_noabort+0x18/0x20 [ 13.019345] kasan_alloca_oob_right+0x329/0x390 [ 13.019370] ? finish_task_switch.isra.0+0x153/0x700 [ 13.019395] ? out_of_line_wait_on_bit_timeout+0xde/0x190 [ 13.019417] ? trace_hardirqs_on+0x37/0xe0 [ 13.019443] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 13.019469] ? __schedule+0x10c6/0x2b60 [ 13.019493] ? __pfx_read_tsc+0x10/0x10 [ 13.019513] ? ktime_get_ts64+0x86/0x230 [ 13.019539] kunit_try_run_case+0x1a5/0x480 [ 13.019560] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.019578] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.019599] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.019949] ? __kthread_parkme+0x82/0x180 [ 13.019987] ? preempt_count_sub+0x50/0x80 [ 13.020013] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.020035] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.020059] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.020082] kthread+0x337/0x6f0 [ 13.020099] ? trace_preempt_on+0x20/0xc0 [ 13.020122] ? __pfx_kthread+0x10/0x10 [ 13.020140] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.020163] ? calculate_sigpending+0x7b/0xa0 [ 13.020184] ? __pfx_kthread+0x10/0x10 [ 13.020203] ret_from_fork+0x41/0x80 [ 13.020236] ? __pfx_kthread+0x10/0x10 [ 13.020254] ret_from_fork_asm+0x1a/0x30 [ 13.020286] </TASK> [ 13.020297] [ 13.038106] The buggy address belongs to stack of task kunit_try_catch/273 [ 13.038859] [ 13.039036] The buggy address belongs to the physical page: [ 13.039349] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d97 [ 13.039597] flags: 0x200000000000000(node=0|zone=2) [ 13.039801] raw: 0200000000000000 ffffea00040f65c8 ffffea00040f65c8 0000000000000000 [ 13.040380] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.041187] page dumped because: kasan: bad access detected [ 13.041544] [ 13.041613] Memory state around the buggy address: [ 13.041986] ffff888103d97b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.042484] ffff888103d97b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.043186] >ffff888103d97c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 13.043784] ^ [ 13.044116] ffff888103d97c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 13.044380] ffff888103d97d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.045123] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 12.989049] ================================================================== [ 12.990355] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 12.990856] Read of size 1 at addr ffff888103db7c3f by task kunit_try_catch/271 [ 12.991835] [ 12.991932] CPU: 1 UID: 0 PID: 271 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 12.991981] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.991993] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.992015] Call Trace: [ 12.992028] <TASK> [ 12.992044] dump_stack_lvl+0x73/0xb0 [ 12.992072] print_report+0xd1/0x610 [ 12.992095] ? __virt_addr_valid+0x1db/0x2d0 [ 12.992116] ? kasan_alloca_oob_left+0x320/0x380 [ 12.992138] ? kasan_addr_to_slab+0x11/0xa0 [ 12.992159] ? kasan_alloca_oob_left+0x320/0x380 [ 12.992181] kasan_report+0x141/0x180 [ 12.992203] ? kasan_alloca_oob_left+0x320/0x380 [ 12.992244] __asan_report_load1_noabort+0x18/0x20 [ 12.992264] kasan_alloca_oob_left+0x320/0x380 [ 12.992288] ? finish_task_switch.isra.0+0x153/0x700 [ 12.992313] ? out_of_line_wait_on_bit_timeout+0xde/0x190 [ 12.992336] ? trace_hardirqs_on+0x37/0xe0 [ 12.992373] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 12.992398] ? __schedule+0x10c6/0x2b60 [ 12.992422] ? __pfx_read_tsc+0x10/0x10 [ 12.992443] ? ktime_get_ts64+0x86/0x230 [ 12.992692] kunit_try_run_case+0x1a5/0x480 [ 12.992722] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.992742] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.992763] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.992787] ? __kthread_parkme+0x82/0x180 [ 12.992809] ? preempt_count_sub+0x50/0x80 [ 12.992833] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.992853] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.992877] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.992900] kthread+0x337/0x6f0 [ 12.992921] ? trace_preempt_on+0x20/0xc0 [ 12.992944] ? __pfx_kthread+0x10/0x10 [ 12.992962] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.992983] ? calculate_sigpending+0x7b/0xa0 [ 12.993005] ? __pfx_kthread+0x10/0x10 [ 12.993023] ret_from_fork+0x41/0x80 [ 12.993044] ? __pfx_kthread+0x10/0x10 [ 12.993062] ret_from_fork_asm+0x1a/0x30 [ 12.993093] </TASK> [ 12.993105] [ 13.008283] The buggy address belongs to stack of task kunit_try_catch/271 [ 13.008660] [ 13.008938] The buggy address belongs to the physical page: [ 13.009530] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103db7 [ 13.010265] flags: 0x200000000000000(node=0|zone=2) [ 13.010634] raw: 0200000000000000 ffffea00040f6dc8 ffffea00040f6dc8 0000000000000000 [ 13.011255] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.011519] page dumped because: kasan: bad access detected [ 13.011719] [ 13.011792] Memory state around the buggy address: [ 13.012244] ffff888103db7b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.012586] ffff888103db7b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.012868] >ffff888103db7c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 13.013353] ^ [ 13.013612] ffff888103db7c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 13.014037] ffff888103db7d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.014381] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 12.963893] ================================================================== [ 12.964437] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 12.965574] Read of size 1 at addr ffff888103d9fd02 by task kunit_try_catch/269 [ 12.966407] [ 12.966620] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 12.966691] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.966703] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.966726] Call Trace: [ 12.966740] <TASK> [ 12.966758] dump_stack_lvl+0x73/0xb0 [ 12.966787] print_report+0xd1/0x610 [ 12.966810] ? __virt_addr_valid+0x1db/0x2d0 [ 12.966866] ? kasan_stack_oob+0x2b5/0x300 [ 12.966888] ? kasan_addr_to_slab+0x11/0xa0 [ 12.966909] ? kasan_stack_oob+0x2b5/0x300 [ 12.966931] kasan_report+0x141/0x180 [ 12.966953] ? kasan_stack_oob+0x2b5/0x300 [ 12.966979] __asan_report_load1_noabort+0x18/0x20 [ 12.966999] kasan_stack_oob+0x2b5/0x300 [ 12.967021] ? __pfx_kasan_stack_oob+0x10/0x10 [ 12.967041] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.967069] ? __pfx_kasan_stack_oob+0x10/0x10 [ 12.967095] kunit_try_run_case+0x1a5/0x480 [ 12.967118] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.967137] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.967158] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.967182] ? __kthread_parkme+0x82/0x180 [ 12.967203] ? preempt_count_sub+0x50/0x80 [ 12.967242] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.967263] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.967286] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.967310] kthread+0x337/0x6f0 [ 12.967329] ? trace_preempt_on+0x20/0xc0 [ 12.967373] ? __pfx_kthread+0x10/0x10 [ 12.967391] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.967414] ? calculate_sigpending+0x7b/0xa0 [ 12.967435] ? __pfx_kthread+0x10/0x10 [ 12.967454] ret_from_fork+0x41/0x80 [ 12.967475] ? __pfx_kthread+0x10/0x10 [ 12.967493] ret_from_fork_asm+0x1a/0x30 [ 12.967524] </TASK> [ 12.967535] [ 12.979352] The buggy address belongs to stack of task kunit_try_catch/269 [ 12.979746] and is located at offset 138 in frame: [ 12.979978] kasan_stack_oob+0x0/0x300 [ 12.980322] [ 12.980459] This frame has 4 objects: [ 12.980742] [48, 49) '__assertion' [ 12.980765] [64, 72) 'array' [ 12.980991] [96, 112) '__assertion' [ 12.981171] [128, 138) 'stack_array' [ 12.981421] [ 12.981734] The buggy address belongs to the physical page: [ 12.981991] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d9f [ 12.982294] flags: 0x200000000000000(node=0|zone=2) [ 12.982566] raw: 0200000000000000 ffffea00040f67c8 ffffea00040f67c8 0000000000000000 [ 12.982854] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 12.983072] page dumped because: kasan: bad access detected [ 12.983244] [ 12.983310] Memory state around the buggy address: [ 12.983553] ffff888103d9fc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 12.983924] ffff888103d9fc80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 12.984248] >ffff888103d9fd00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 12.984584] ^ [ 12.984817] ffff888103d9fd80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 12.985076] ffff888103d9fe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.985313] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 12.931787] ================================================================== [ 12.933400] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 12.934559] Read of size 1 at addr ffffffffb264532d by task kunit_try_catch/265 [ 12.935124] [ 12.935270] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 12.935320] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.935334] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.935383] Call Trace: [ 12.935396] <TASK> [ 12.935413] dump_stack_lvl+0x73/0xb0 [ 12.935441] print_report+0xd1/0x610 [ 12.935665] ? __virt_addr_valid+0x1db/0x2d0 [ 12.935717] ? kasan_global_oob_right+0x286/0x2d0 [ 12.935737] ? kasan_addr_to_slab+0x11/0xa0 [ 12.935758] ? kasan_global_oob_right+0x286/0x2d0 [ 12.935780] kasan_report+0x141/0x180 [ 12.935803] ? kasan_global_oob_right+0x286/0x2d0 [ 12.935830] __asan_report_load1_noabort+0x18/0x20 [ 12.935850] kasan_global_oob_right+0x286/0x2d0 [ 12.935872] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 12.935897] ? __schedule+0x10c6/0x2b60 [ 12.935921] ? __pfx_read_tsc+0x10/0x10 [ 12.935940] ? ktime_get_ts64+0x86/0x230 [ 12.935965] kunit_try_run_case+0x1a5/0x480 [ 12.935987] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.936005] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.936025] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.936048] ? __kthread_parkme+0x82/0x180 [ 12.936069] ? preempt_count_sub+0x50/0x80 [ 12.936094] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.936114] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.936136] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.936159] kthread+0x337/0x6f0 [ 12.936175] ? trace_preempt_on+0x20/0xc0 [ 12.936198] ? __pfx_kthread+0x10/0x10 [ 12.936215] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.936247] ? calculate_sigpending+0x7b/0xa0 [ 12.936268] ? __pfx_kthread+0x10/0x10 [ 12.936286] ret_from_fork+0x41/0x80 [ 12.936306] ? __pfx_kthread+0x10/0x10 [ 12.936323] ret_from_fork_asm+0x1a/0x30 [ 12.936370] </TASK> [ 12.936381] [ 12.951170] The buggy address belongs to the variable: [ 12.951804] global_array+0xd/0x40 [ 12.952112] [ 12.952208] The buggy address belongs to the physical page: [ 12.952512] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2ba45 [ 12.953320] flags: 0x100000000002000(reserved|node=0|zone=1) [ 12.953941] raw: 0100000000002000 ffffea0000ae9148 ffffea0000ae9148 0000000000000000 [ 12.954609] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.954848] page dumped because: kasan: bad access detected [ 12.955021] [ 12.955089] Memory state around the buggy address: [ 12.955261] ffffffffb2645200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.955920] ffffffffb2645280: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.956461] >ffffffffb2645300: 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 [ 12.957111] ^ [ 12.957279] ffffffffb2645380: f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 [ 12.957972] ffffffffb2645400: f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 [ 12.958615] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 12.875341] ================================================================== [ 12.876088] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.876448] Free of addr ffff888103cfc901 by task kunit_try_catch/261 [ 12.877029] [ 12.877462] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 12.877515] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.877527] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.877550] Call Trace: [ 12.877563] <TASK> [ 12.877581] dump_stack_lvl+0x73/0xb0 [ 12.877612] print_report+0xd1/0x610 [ 12.877635] ? __virt_addr_valid+0x1db/0x2d0 [ 12.877660] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.877682] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.877708] kasan_report_invalid_free+0x10a/0x130 [ 12.877732] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.877760] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.877784] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.877821] check_slab_allocation+0x11f/0x130 [ 12.877844] __kasan_mempool_poison_object+0x91/0x1d0 [ 12.877871] mempool_free+0x2ec/0x380 [ 12.877898] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.877923] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 12.877948] ? dequeue_entities+0x852/0x1740 [ 12.877973] ? finish_task_switch.isra.0+0x153/0x700 [ 12.878001] mempool_kmalloc_invalid_free+0xed/0x140 [ 12.878024] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 12.878047] ? dequeue_task_fair+0x166/0x4e0 [ 12.878069] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.878087] ? __pfx_mempool_kfree+0x10/0x10 [ 12.878108] ? __pfx_read_tsc+0x10/0x10 [ 12.878129] ? ktime_get_ts64+0x86/0x230 [ 12.878154] kunit_try_run_case+0x1a5/0x480 [ 12.878177] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.878194] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.878216] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.878250] ? __kthread_parkme+0x82/0x180 [ 12.878273] ? preempt_count_sub+0x50/0x80 [ 12.878297] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.878316] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.878338] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.878362] kthread+0x337/0x6f0 [ 12.878379] ? trace_preempt_on+0x20/0xc0 [ 12.878403] ? __pfx_kthread+0x10/0x10 [ 12.878421] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.878443] ? calculate_sigpending+0x7b/0xa0 [ 12.878479] ? __pfx_kthread+0x10/0x10 [ 12.878496] ret_from_fork+0x41/0x80 [ 12.878516] ? __pfx_kthread+0x10/0x10 [ 12.878533] ret_from_fork_asm+0x1a/0x30 [ 12.878565] </TASK> [ 12.878575] [ 12.892241] Allocated by task 261: [ 12.892615] kasan_save_stack+0x45/0x70 [ 12.893053] kasan_save_track+0x18/0x40 [ 12.893266] kasan_save_alloc_info+0x3b/0x50 [ 12.893485] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 12.893924] remove_element+0x11e/0x190 [ 12.894211] mempool_alloc_preallocated+0x4d/0x90 [ 12.894485] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 12.894937] mempool_kmalloc_invalid_free+0xed/0x140 [ 12.895166] kunit_try_run_case+0x1a5/0x480 [ 12.895520] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.896007] kthread+0x337/0x6f0 [ 12.896318] ret_from_fork+0x41/0x80 [ 12.896462] ret_from_fork_asm+0x1a/0x30 [ 12.896669] [ 12.896766] The buggy address belongs to the object at ffff888103cfc900 [ 12.896766] which belongs to the cache kmalloc-128 of size 128 [ 12.897261] The buggy address is located 1 bytes inside of [ 12.897261] 128-byte region [ffff888103cfc900, ffff888103cfc980) [ 12.897733] [ 12.897811] The buggy address belongs to the physical page: [ 12.898170] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103cfc [ 12.899119] flags: 0x200000000000000(node=0|zone=2) [ 12.899374] page_type: f5(slab) [ 12.899547] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.900217] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.900746] page dumped because: kasan: bad access detected [ 12.901192] [ 12.901286] Memory state around the buggy address: [ 12.901554] ffff888103cfc800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.902133] ffff888103cfc880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.902563] >ffff888103cfc900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.903091] ^ [ 12.903390] ffff888103cfc980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.903664] ffff888103cfca00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.904237] ================================================================== [ 12.908287] ================================================================== [ 12.908791] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.909062] Free of addr ffff888103ca0001 by task kunit_try_catch/263 [ 12.909303] [ 12.909419] CPU: 1 UID: 0 PID: 263 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 12.909468] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.909480] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.909515] Call Trace: [ 12.909528] <TASK> [ 12.909544] dump_stack_lvl+0x73/0xb0 [ 12.909571] print_report+0xd1/0x610 [ 12.909594] ? __virt_addr_valid+0x1db/0x2d0 [ 12.909617] ? kasan_addr_to_slab+0x11/0xa0 [ 12.909637] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.909678] kasan_report_invalid_free+0x10a/0x130 [ 12.909702] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.909730] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.909754] __kasan_mempool_poison_object+0x102/0x1d0 [ 12.909778] mempool_free+0x2ec/0x380 [ 12.909802] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.909826] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 12.909852] ? dequeue_entities+0x852/0x1740 [ 12.909877] ? finish_task_switch.isra.0+0x153/0x700 [ 12.909903] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 12.909928] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 12.909952] ? dequeue_task_fair+0x166/0x4e0 [ 12.909974] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.909993] ? __pfx_mempool_kfree+0x10/0x10 [ 12.910014] ? __pfx_read_tsc+0x10/0x10 [ 12.910035] ? ktime_get_ts64+0x86/0x230 [ 12.910060] kunit_try_run_case+0x1a5/0x480 [ 12.910082] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.910101] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.910123] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.910147] ? __kthread_parkme+0x82/0x180 [ 12.910168] ? preempt_count_sub+0x50/0x80 [ 12.910192] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.910212] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.910246] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.910269] kthread+0x337/0x6f0 [ 12.910285] ? trace_preempt_on+0x20/0xc0 [ 12.910308] ? __pfx_kthread+0x10/0x10 [ 12.910325] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.910347] ? calculate_sigpending+0x7b/0xa0 [ 12.910380] ? __pfx_kthread+0x10/0x10 [ 12.910398] ret_from_fork+0x41/0x80 [ 12.910418] ? __pfx_kthread+0x10/0x10 [ 12.910447] ret_from_fork_asm+0x1a/0x30 [ 12.910479] </TASK> [ 12.910490] [ 12.921606] The buggy address belongs to the physical page: [ 12.921797] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ca0 [ 12.922259] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.922826] flags: 0x200000000000040(head|node=0|zone=2) [ 12.923088] page_type: f8(unknown) [ 12.923282] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.923626] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.924178] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.924627] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.925062] head: 0200000000000002 ffffea00040f2801 00000000ffffffff 00000000ffffffff [ 12.925391] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.925788] page dumped because: kasan: bad access detected [ 12.926011] [ 12.926079] Memory state around the buggy address: [ 12.926293] ffff888103c9ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.926648] ffff888103c9ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.926941] >ffff888103ca0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.927596] ^ [ 12.927888] ffff888103ca0080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.928166] ffff888103ca0100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.928488] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 10.631186] ================================================================== [ 10.632037] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 10.632330] Read of size 1 at addr ffff888103d30000 by task kunit_try_catch/174 [ 10.632832] [ 10.633242] CPU: 1 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 10.633294] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.633306] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.633327] Call Trace: [ 10.633339] <TASK> [ 10.633400] dump_stack_lvl+0x73/0xb0 [ 10.633430] print_report+0xd1/0x610 [ 10.633453] ? __virt_addr_valid+0x1db/0x2d0 [ 10.633475] ? page_alloc_uaf+0x356/0x3d0 [ 10.633492] ? kasan_addr_to_slab+0x11/0xa0 [ 10.633512] ? page_alloc_uaf+0x356/0x3d0 [ 10.633530] kasan_report+0x141/0x180 [ 10.633551] ? page_alloc_uaf+0x356/0x3d0 [ 10.633574] __asan_report_load1_noabort+0x18/0x20 [ 10.633594] page_alloc_uaf+0x356/0x3d0 [ 10.633612] ? __pfx_page_alloc_uaf+0x10/0x10 [ 10.633631] ? __schedule+0x10c6/0x2b60 [ 10.633655] ? __pfx_read_tsc+0x10/0x10 [ 10.633674] ? ktime_get_ts64+0x86/0x230 [ 10.633700] kunit_try_run_case+0x1a5/0x480 [ 10.633721] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.633739] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.633760] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.633784] ? __kthread_parkme+0x82/0x180 [ 10.633804] ? preempt_count_sub+0x50/0x80 [ 10.633829] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.633848] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.633870] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.633892] kthread+0x337/0x6f0 [ 10.633908] ? trace_preempt_on+0x20/0xc0 [ 10.633931] ? __pfx_kthread+0x10/0x10 [ 10.633948] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.633969] ? calculate_sigpending+0x7b/0xa0 [ 10.633990] ? __pfx_kthread+0x10/0x10 [ 10.634007] ret_from_fork+0x41/0x80 [ 10.634026] ? __pfx_kthread+0x10/0x10 [ 10.634043] ret_from_fork_asm+0x1a/0x30 [ 10.634074] </TASK> [ 10.634085] [ 10.644983] The buggy address belongs to the physical page: [ 10.645448] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d30 [ 10.645913] flags: 0x200000000000000(node=0|zone=2) [ 10.646277] page_type: f0(buddy) [ 10.646525] raw: 0200000000000000 ffff88817fffb3e0 ffff88817fffb3e0 0000000000000000 [ 10.647160] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 10.647626] page dumped because: kasan: bad access detected [ 10.648100] [ 10.648367] Memory state around the buggy address: [ 10.648582] ffff888103d2ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.649202] ffff888103d2ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.649807] >ffff888103d30000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.650211] ^ [ 10.650380] ffff888103d30080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.650893] ffff888103d30100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.651387] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 10.596304] ================================================================== [ 10.597378] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 10.597874] Free of addr ffff888102d68001 by task kunit_try_catch/170 [ 10.598612] [ 10.598744] CPU: 0 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 10.598813] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.598826] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.598847] Call Trace: [ 10.598859] <TASK> [ 10.598882] dump_stack_lvl+0x73/0xb0 [ 10.598911] print_report+0xd1/0x610 [ 10.598934] ? __virt_addr_valid+0x1db/0x2d0 [ 10.598969] ? kasan_addr_to_slab+0x11/0xa0 [ 10.598988] ? kfree+0x274/0x3f0 [ 10.599007] kasan_report_invalid_free+0x10a/0x130 [ 10.599030] ? kfree+0x274/0x3f0 [ 10.599050] ? kfree+0x274/0x3f0 [ 10.599067] __kasan_kfree_large+0x86/0xd0 [ 10.599088] free_large_kmalloc+0x4b/0x110 [ 10.599107] kfree+0x274/0x3f0 [ 10.599128] kmalloc_large_invalid_free+0x120/0x2b0 [ 10.599151] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 10.599175] ? __schedule+0x10c6/0x2b60 [ 10.599199] ? __pfx_read_tsc+0x10/0x10 [ 10.599219] ? ktime_get_ts64+0x86/0x230 [ 10.599257] kunit_try_run_case+0x1a5/0x480 [ 10.599278] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.599296] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.599316] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.599340] ? __kthread_parkme+0x82/0x180 [ 10.599379] ? preempt_count_sub+0x50/0x80 [ 10.599407] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.599427] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.599449] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.599472] kthread+0x337/0x6f0 [ 10.599488] ? trace_preempt_on+0x20/0xc0 [ 10.599512] ? __pfx_kthread+0x10/0x10 [ 10.599529] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.599550] ? calculate_sigpending+0x7b/0xa0 [ 10.599571] ? __pfx_kthread+0x10/0x10 [ 10.599589] ret_from_fork+0x41/0x80 [ 10.599609] ? __pfx_kthread+0x10/0x10 [ 10.599626] ret_from_fork_asm+0x1a/0x30 [ 10.599685] </TASK> [ 10.599696] [ 10.612470] The buggy address belongs to the physical page: [ 10.613138] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d68 [ 10.614140] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.615178] flags: 0x200000000000040(head|node=0|zone=2) [ 10.615940] page_type: f8(unknown) [ 10.616442] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.617439] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.618579] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.619431] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.620557] head: 0200000000000002 ffffea00040b5a01 00000000ffffffff 00000000ffffffff [ 10.621089] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.621331] page dumped because: kasan: bad access detected [ 10.621797] [ 10.621888] Memory state around the buggy address: [ 10.622094] ffff888102d67f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.622400] ffff888102d67f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.622976] >ffff888102d68000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.623495] ^ [ 10.623917] ffff888102d68080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.624485] ffff888102d68100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.625035] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 10.571479] ================================================================== [ 10.572341] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 10.573493] Read of size 1 at addr ffff888103c80000 by task kunit_try_catch/168 [ 10.574026] [ 10.574122] CPU: 1 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 10.574168] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.574178] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.574199] Call Trace: [ 10.574211] <TASK> [ 10.574236] dump_stack_lvl+0x73/0xb0 [ 10.574263] print_report+0xd1/0x610 [ 10.574285] ? __virt_addr_valid+0x1db/0x2d0 [ 10.574306] ? kmalloc_large_uaf+0x2f1/0x340 [ 10.574326] ? kasan_addr_to_slab+0x11/0xa0 [ 10.574369] ? kmalloc_large_uaf+0x2f1/0x340 [ 10.574391] kasan_report+0x141/0x180 [ 10.574412] ? kmalloc_large_uaf+0x2f1/0x340 [ 10.574438] __asan_report_load1_noabort+0x18/0x20 [ 10.574458] kmalloc_large_uaf+0x2f1/0x340 [ 10.574478] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 10.574500] ? __schedule+0x10c6/0x2b60 [ 10.574523] ? __pfx_read_tsc+0x10/0x10 [ 10.574541] ? ktime_get_ts64+0x86/0x230 [ 10.574567] kunit_try_run_case+0x1a5/0x480 [ 10.574587] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.574604] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.574624] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.574664] ? __kthread_parkme+0x82/0x180 [ 10.574685] ? preempt_count_sub+0x50/0x80 [ 10.574719] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.574739] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.574761] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.574783] kthread+0x337/0x6f0 [ 10.574799] ? trace_preempt_on+0x20/0xc0 [ 10.574821] ? __pfx_kthread+0x10/0x10 [ 10.574838] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.574860] ? calculate_sigpending+0x7b/0xa0 [ 10.574881] ? __pfx_kthread+0x10/0x10 [ 10.574898] ret_from_fork+0x41/0x80 [ 10.574917] ? __pfx_kthread+0x10/0x10 [ 10.574934] ret_from_fork_asm+0x1a/0x30 [ 10.574965] </TASK> [ 10.574976] [ 10.588264] The buggy address belongs to the physical page: [ 10.588463] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103c80 [ 10.588705] flags: 0x200000000000000(node=0|zone=2) [ 10.588880] raw: 0200000000000000 ffffea00040f2108 ffff88815b139a80 0000000000000000 [ 10.589116] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 10.589358] page dumped because: kasan: bad access detected [ 10.589598] [ 10.589665] Memory state around the buggy address: [ 10.589820] ffff888103c7ff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.590119] ffff888103c7ff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.590532] >ffff888103c80000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.591199] ^ [ 10.591573] ffff888103c80080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.592165] ffff888103c80100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.592905] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 10.544779] ================================================================== [ 10.545376] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 10.545827] Write of size 1 at addr ffff888102d6600a by task kunit_try_catch/166 [ 10.546219] [ 10.546412] CPU: 0 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 10.546457] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.546467] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.546487] Call Trace: [ 10.546499] <TASK> [ 10.546529] dump_stack_lvl+0x73/0xb0 [ 10.546554] print_report+0xd1/0x610 [ 10.546575] ? __virt_addr_valid+0x1db/0x2d0 [ 10.546596] ? kmalloc_large_oob_right+0x2e9/0x330 [ 10.546647] ? kasan_addr_to_slab+0x11/0xa0 [ 10.546668] ? kmalloc_large_oob_right+0x2e9/0x330 [ 10.546690] kasan_report+0x141/0x180 [ 10.546750] ? kmalloc_large_oob_right+0x2e9/0x330 [ 10.546778] __asan_report_store1_noabort+0x1b/0x30 [ 10.546798] kmalloc_large_oob_right+0x2e9/0x330 [ 10.546820] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 10.546843] ? __schedule+0x10c6/0x2b60 [ 10.546866] ? __pfx_read_tsc+0x10/0x10 [ 10.546885] ? ktime_get_ts64+0x86/0x230 [ 10.546910] kunit_try_run_case+0x1a5/0x480 [ 10.546931] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.546948] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.546968] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.546991] ? __kthread_parkme+0x82/0x180 [ 10.547012] ? preempt_count_sub+0x50/0x80 [ 10.547064] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.547083] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.547105] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.547138] kthread+0x337/0x6f0 [ 10.547154] ? trace_preempt_on+0x20/0xc0 [ 10.547177] ? __pfx_kthread+0x10/0x10 [ 10.547195] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.547216] ? calculate_sigpending+0x7b/0xa0 [ 10.547246] ? __pfx_kthread+0x10/0x10 [ 10.547264] ret_from_fork+0x41/0x80 [ 10.547284] ? __pfx_kthread+0x10/0x10 [ 10.547301] ret_from_fork_asm+0x1a/0x30 [ 10.547332] </TASK> [ 10.547342] [ 10.557539] The buggy address belongs to the physical page: [ 10.557898] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d64 [ 10.558340] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.558889] flags: 0x200000000000040(head|node=0|zone=2) [ 10.559283] page_type: f8(unknown) [ 10.559758] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.561027] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.561955] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.562636] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.562984] head: 0200000000000002 ffffea00040b5901 00000000ffffffff 00000000ffffffff [ 10.564172] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.564798] page dumped because: kasan: bad access detected [ 10.565274] [ 10.565349] Memory state around the buggy address: [ 10.565507] ffff888102d65f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.565742] ffff888102d65f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.566234] >ffff888102d66000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.566855] ^ [ 10.567034] ffff888102d66080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.567584] ffff888102d66100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.568080] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 10.515222] ================================================================== [ 10.515942] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 10.516257] Write of size 1 at addr ffff888103c41f00 by task kunit_try_catch/164 [ 10.516520] [ 10.516634] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 10.516678] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.516689] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.516709] Call Trace: [ 10.516720] <TASK> [ 10.516734] dump_stack_lvl+0x73/0xb0 [ 10.516758] print_report+0xd1/0x610 [ 10.516780] ? __virt_addr_valid+0x1db/0x2d0 [ 10.516800] ? kmalloc_big_oob_right+0x316/0x370 [ 10.516821] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.516843] ? kmalloc_big_oob_right+0x316/0x370 [ 10.516865] kasan_report+0x141/0x180 [ 10.516886] ? kmalloc_big_oob_right+0x316/0x370 [ 10.516913] __asan_report_store1_noabort+0x1b/0x30 [ 10.516938] kmalloc_big_oob_right+0x316/0x370 [ 10.516960] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 10.516982] ? __schedule+0x10c6/0x2b60 [ 10.517005] ? __pfx_read_tsc+0x10/0x10 [ 10.517023] ? ktime_get_ts64+0x86/0x230 [ 10.517048] kunit_try_run_case+0x1a5/0x480 [ 10.517068] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.517085] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.517104] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.517128] ? __kthread_parkme+0x82/0x180 [ 10.517193] ? preempt_count_sub+0x50/0x80 [ 10.517220] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.517250] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.517272] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.517295] kthread+0x337/0x6f0 [ 10.517312] ? trace_preempt_on+0x20/0xc0 [ 10.517335] ? __pfx_kthread+0x10/0x10 [ 10.517352] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.517373] ? calculate_sigpending+0x7b/0xa0 [ 10.517393] ? __pfx_kthread+0x10/0x10 [ 10.517411] ret_from_fork+0x41/0x80 [ 10.517431] ? __pfx_kthread+0x10/0x10 [ 10.517447] ret_from_fork_asm+0x1a/0x30 [ 10.517477] </TASK> [ 10.517487] [ 10.526472] Allocated by task 164: [ 10.526653] kasan_save_stack+0x45/0x70 [ 10.527130] kasan_save_track+0x18/0x40 [ 10.527353] kasan_save_alloc_info+0x3b/0x50 [ 10.527561] __kasan_kmalloc+0xb7/0xc0 [ 10.527847] __kmalloc_cache_noprof+0x189/0x420 [ 10.528075] kmalloc_big_oob_right+0xa9/0x370 [ 10.528242] kunit_try_run_case+0x1a5/0x480 [ 10.528495] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.528930] kthread+0x337/0x6f0 [ 10.529059] ret_from_fork+0x41/0x80 [ 10.529433] ret_from_fork_asm+0x1a/0x30 [ 10.529723] [ 10.529989] The buggy address belongs to the object at ffff888103c40000 [ 10.529989] which belongs to the cache kmalloc-8k of size 8192 [ 10.530691] The buggy address is located 0 bytes to the right of [ 10.530691] allocated 7936-byte region [ffff888103c40000, ffff888103c41f00) [ 10.531377] [ 10.531495] The buggy address belongs to the physical page: [ 10.531848] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103c40 [ 10.532212] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.532626] flags: 0x200000000000040(head|node=0|zone=2) [ 10.532971] page_type: f5(slab) [ 10.533193] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 10.533582] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 10.534146] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 10.534590] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 10.534827] head: 0200000000000003 ffffea00040f1001 00000000ffffffff 00000000ffffffff [ 10.535570] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 10.536126] page dumped because: kasan: bad access detected [ 10.536344] [ 10.536435] Memory state around the buggy address: [ 10.536661] ffff888103c41e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.537123] ffff888103c41e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.537454] >ffff888103c41f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.537940] ^ [ 10.538127] ffff888103c41f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.538544] ffff888103c42000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.538968] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 10.482507] ================================================================== [ 10.483024] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.483295] Write of size 1 at addr ffff88810306a778 by task kunit_try_catch/162 [ 10.484524] [ 10.484899] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 10.484951] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.484962] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.484982] Call Trace: [ 10.484994] <TASK> [ 10.485009] dump_stack_lvl+0x73/0xb0 [ 10.485033] print_report+0xd1/0x610 [ 10.485055] ? __virt_addr_valid+0x1db/0x2d0 [ 10.485074] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.485094] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.485115] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.485136] kasan_report+0x141/0x180 [ 10.485158] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.485183] __asan_report_store1_noabort+0x1b/0x30 [ 10.485203] kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.485234] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 10.485255] ? __schedule+0x10c6/0x2b60 [ 10.485278] ? __pfx_read_tsc+0x10/0x10 [ 10.485296] ? ktime_get_ts64+0x86/0x230 [ 10.485320] kunit_try_run_case+0x1a5/0x480 [ 10.485340] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.485408] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.485428] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.485451] ? __kthread_parkme+0x82/0x180 [ 10.485482] ? preempt_count_sub+0x50/0x80 [ 10.485506] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.485525] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.485547] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.485569] kthread+0x337/0x6f0 [ 10.485586] ? trace_preempt_on+0x20/0xc0 [ 10.485608] ? __pfx_kthread+0x10/0x10 [ 10.485625] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.485674] ? calculate_sigpending+0x7b/0xa0 [ 10.485703] ? __pfx_kthread+0x10/0x10 [ 10.485721] ret_from_fork+0x41/0x80 [ 10.485740] ? __pfx_kthread+0x10/0x10 [ 10.485757] ret_from_fork_asm+0x1a/0x30 [ 10.485788] </TASK> [ 10.485797] [ 10.498119] Allocated by task 162: [ 10.498317] kasan_save_stack+0x45/0x70 [ 10.498613] kasan_save_track+0x18/0x40 [ 10.498983] kasan_save_alloc_info+0x3b/0x50 [ 10.499265] __kasan_kmalloc+0xb7/0xc0 [ 10.499607] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 10.499955] kmalloc_track_caller_oob_right+0x19a/0x520 [ 10.500546] kunit_try_run_case+0x1a5/0x480 [ 10.501016] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.501338] kthread+0x337/0x6f0 [ 10.501707] ret_from_fork+0x41/0x80 [ 10.502036] ret_from_fork_asm+0x1a/0x30 [ 10.502350] [ 10.502439] The buggy address belongs to the object at ffff88810306a700 [ 10.502439] which belongs to the cache kmalloc-128 of size 128 [ 10.503546] The buggy address is located 0 bytes to the right of [ 10.503546] allocated 120-byte region [ffff88810306a700, ffff88810306a778) [ 10.504631] [ 10.504768] The buggy address belongs to the physical page: [ 10.505313] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10306a [ 10.505722] flags: 0x200000000000000(node=0|zone=2) [ 10.506249] page_type: f5(slab) [ 10.506599] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.507000] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.507539] page dumped because: kasan: bad access detected [ 10.508069] [ 10.508215] Memory state around the buggy address: [ 10.508604] ffff88810306a600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.508993] ffff88810306a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.509763] >ffff88810306a700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 10.510315] ^ [ 10.510976] ffff88810306a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.511627] ffff88810306a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.511832] ================================================================== [ 10.458052] ================================================================== [ 10.458769] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.459260] Write of size 1 at addr ffff88810306a678 by task kunit_try_catch/162 [ 10.460056] [ 10.460171] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 10.460216] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.460239] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.460259] Call Trace: [ 10.460270] <TASK> [ 10.460286] dump_stack_lvl+0x73/0xb0 [ 10.460311] print_report+0xd1/0x610 [ 10.460333] ? __virt_addr_valid+0x1db/0x2d0 [ 10.460353] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.460408] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.460431] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.460452] kasan_report+0x141/0x180 [ 10.460474] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.460500] __asan_report_store1_noabort+0x1b/0x30 [ 10.460520] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.460540] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 10.460562] ? __schedule+0x10c6/0x2b60 [ 10.460585] ? __pfx_read_tsc+0x10/0x10 [ 10.460604] ? ktime_get_ts64+0x86/0x230 [ 10.460629] kunit_try_run_case+0x1a5/0x480 [ 10.460649] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.460667] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.460686] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.460709] ? __kthread_parkme+0x82/0x180 [ 10.460730] ? preempt_count_sub+0x50/0x80 [ 10.460767] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.460786] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.460808] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.460830] kthread+0x337/0x6f0 [ 10.460846] ? trace_preempt_on+0x20/0xc0 [ 10.460869] ? __pfx_kthread+0x10/0x10 [ 10.460886] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.460907] ? calculate_sigpending+0x7b/0xa0 [ 10.460932] ? __pfx_kthread+0x10/0x10 [ 10.460950] ret_from_fork+0x41/0x80 [ 10.460969] ? __pfx_kthread+0x10/0x10 [ 10.460986] ret_from_fork_asm+0x1a/0x30 [ 10.461016] </TASK> [ 10.461026] [ 10.469109] Allocated by task 162: [ 10.469247] kasan_save_stack+0x45/0x70 [ 10.469394] kasan_save_track+0x18/0x40 [ 10.469530] kasan_save_alloc_info+0x3b/0x50 [ 10.469685] __kasan_kmalloc+0xb7/0xc0 [ 10.470153] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 10.470665] kmalloc_track_caller_oob_right+0x99/0x520 [ 10.471054] kunit_try_run_case+0x1a5/0x480 [ 10.471281] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.471808] kthread+0x337/0x6f0 [ 10.471950] ret_from_fork+0x41/0x80 [ 10.472102] ret_from_fork_asm+0x1a/0x30 [ 10.472254] [ 10.472391] The buggy address belongs to the object at ffff88810306a600 [ 10.472391] which belongs to the cache kmalloc-128 of size 128 [ 10.473218] The buggy address is located 0 bytes to the right of [ 10.473218] allocated 120-byte region [ffff88810306a600, ffff88810306a678) [ 10.474428] [ 10.474531] The buggy address belongs to the physical page: [ 10.474949] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10306a [ 10.475370] flags: 0x200000000000000(node=0|zone=2) [ 10.475764] page_type: f5(slab) [ 10.475950] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.476326] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.476991] page dumped because: kasan: bad access detected [ 10.477324] [ 10.477428] Memory state around the buggy address: [ 10.478003] ffff88810306a500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.478465] ffff88810306a580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.479020] >ffff88810306a600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 10.479403] ^ [ 10.479869] ffff88810306a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.480554] ffff88810306a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.480983] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 10.430198] ================================================================== [ 10.431446] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 10.432007] Read of size 1 at addr ffff888102dcb000 by task kunit_try_catch/160 [ 10.432249] [ 10.432353] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 10.432409] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.432420] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.432441] Call Trace: [ 10.432454] <TASK> [ 10.432470] dump_stack_lvl+0x73/0xb0 [ 10.432497] print_report+0xd1/0x610 [ 10.432519] ? __virt_addr_valid+0x1db/0x2d0 [ 10.432542] ? kmalloc_node_oob_right+0x369/0x3c0 [ 10.432560] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.432582] ? kmalloc_node_oob_right+0x369/0x3c0 [ 10.432601] kasan_report+0x141/0x180 [ 10.432623] ? kmalloc_node_oob_right+0x369/0x3c0 [ 10.432647] __asan_report_load1_noabort+0x18/0x20 [ 10.432667] kmalloc_node_oob_right+0x369/0x3c0 [ 10.432687] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 10.432707] ? __schedule+0x10c6/0x2b60 [ 10.432730] ? __pfx_read_tsc+0x10/0x10 [ 10.432750] ? ktime_get_ts64+0x86/0x230 [ 10.432776] kunit_try_run_case+0x1a5/0x480 [ 10.432797] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.432868] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.432892] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.432920] ? __kthread_parkme+0x82/0x180 [ 10.432942] ? preempt_count_sub+0x50/0x80 [ 10.432967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.432987] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.433009] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.433032] kthread+0x337/0x6f0 [ 10.433048] ? trace_preempt_on+0x20/0xc0 [ 10.433071] ? __pfx_kthread+0x10/0x10 [ 10.433088] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.433109] ? calculate_sigpending+0x7b/0xa0 [ 10.433130] ? __pfx_kthread+0x10/0x10 [ 10.433148] ret_from_fork+0x41/0x80 [ 10.433167] ? __pfx_kthread+0x10/0x10 [ 10.433184] ret_from_fork_asm+0x1a/0x30 [ 10.433214] </TASK> [ 10.433237] [ 10.443427] Allocated by task 160: [ 10.443779] kasan_save_stack+0x45/0x70 [ 10.444128] kasan_save_track+0x18/0x40 [ 10.444310] kasan_save_alloc_info+0x3b/0x50 [ 10.444506] __kasan_kmalloc+0xb7/0xc0 [ 10.444696] __kmalloc_cache_node_noprof+0x188/0x420 [ 10.444950] kmalloc_node_oob_right+0xab/0x3c0 [ 10.445099] kunit_try_run_case+0x1a5/0x480 [ 10.445315] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.445581] kthread+0x337/0x6f0 [ 10.445780] ret_from_fork+0x41/0x80 [ 10.445926] ret_from_fork_asm+0x1a/0x30 [ 10.446110] [ 10.446206] The buggy address belongs to the object at ffff888102dca000 [ 10.446206] which belongs to the cache kmalloc-4k of size 4096 [ 10.446841] The buggy address is located 0 bytes to the right of [ 10.446841] allocated 4096-byte region [ffff888102dca000, ffff888102dcb000) [ 10.447346] [ 10.447444] The buggy address belongs to the physical page: [ 10.447704] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102dc8 [ 10.448260] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.449118] flags: 0x200000000000040(head|node=0|zone=2) [ 10.449472] page_type: f5(slab) [ 10.449666] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 10.450002] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 10.450369] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 10.450750] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 10.451198] head: 0200000000000003 ffffea00040b7201 00000000ffffffff 00000000ffffffff [ 10.451615] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 10.451975] page dumped because: kasan: bad access detected [ 10.452336] [ 10.452439] Memory state around the buggy address: [ 10.452672] ffff888102dcaf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.452998] ffff888102dcaf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.453351] >ffff888102dcb000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.453614] ^ [ 10.453843] ffff888102dcb080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.454397] ffff888102dcb100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.454887] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 10.396585] ================================================================== [ 10.397189] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 10.397528] Read of size 1 at addr ffff8881022195bf by task kunit_try_catch/158 [ 10.397927] [ 10.398173] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 10.398395] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.398414] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.398439] Call Trace: [ 10.398453] <TASK> [ 10.398604] dump_stack_lvl+0x73/0xb0 [ 10.398639] print_report+0xd1/0x610 [ 10.398694] ? __virt_addr_valid+0x1db/0x2d0 [ 10.398717] ? kmalloc_oob_left+0x361/0x3c0 [ 10.398738] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.398759] ? kmalloc_oob_left+0x361/0x3c0 [ 10.398781] kasan_report+0x141/0x180 [ 10.398805] ? kmalloc_oob_left+0x361/0x3c0 [ 10.398836] __asan_report_load1_noabort+0x18/0x20 [ 10.398856] kmalloc_oob_left+0x361/0x3c0 [ 10.398878] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 10.398899] ? __schedule+0x10c6/0x2b60 [ 10.398923] ? __pfx_read_tsc+0x10/0x10 [ 10.398963] ? ktime_get_ts64+0x86/0x230 [ 10.398990] kunit_try_run_case+0x1a5/0x480 [ 10.399025] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.399043] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.399073] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.399096] ? __kthread_parkme+0x82/0x180 [ 10.399118] ? preempt_count_sub+0x50/0x80 [ 10.399156] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.399175] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.399197] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.399238] kthread+0x337/0x6f0 [ 10.399255] ? trace_preempt_on+0x20/0xc0 [ 10.399279] ? __pfx_kthread+0x10/0x10 [ 10.399296] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.399317] ? calculate_sigpending+0x7b/0xa0 [ 10.399339] ? __pfx_kthread+0x10/0x10 [ 10.399367] ret_from_fork+0x41/0x80 [ 10.399387] ? __pfx_kthread+0x10/0x10 [ 10.399404] ret_from_fork_asm+0x1a/0x30 [ 10.399435] </TASK> [ 10.399446] [ 10.412808] Allocated by task 24: [ 10.413176] kasan_save_stack+0x45/0x70 [ 10.413508] kasan_save_track+0x18/0x40 [ 10.413827] kasan_save_alloc_info+0x3b/0x50 [ 10.414214] __kasan_kmalloc+0xb7/0xc0 [ 10.414370] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 10.414939] kvasprintf+0xc5/0x150 [ 10.415370] __kthread_create_on_node+0x18b/0x3a0 [ 10.415833] kthread_create_on_node+0xab/0xe0 [ 10.416032] create_worker+0x3e5/0x7b0 [ 10.416418] worker_thread+0x992/0x1220 [ 10.416688] kthread+0x337/0x6f0 [ 10.416801] ret_from_fork+0x41/0x80 [ 10.417151] ret_from_fork_asm+0x1a/0x30 [ 10.417598] [ 10.417756] The buggy address belongs to the object at ffff8881022195a0 [ 10.417756] which belongs to the cache kmalloc-16 of size 16 [ 10.418295] The buggy address is located 19 bytes to the right of [ 10.418295] allocated 12-byte region [ffff8881022195a0, ffff8881022195ac) [ 10.419060] [ 10.419134] The buggy address belongs to the physical page: [ 10.419315] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102219 [ 10.420016] flags: 0x200000000000000(node=0|zone=2) [ 10.420556] page_type: f5(slab) [ 10.420932] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 10.421647] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 10.422407] page dumped because: kasan: bad access detected [ 10.422998] [ 10.423161] Memory state around the buggy address: [ 10.423325] ffff888102219480: 00 06 fc fc 00 06 fc fc 00 04 fc fc 00 04 fc fc [ 10.423948] ffff888102219500: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 10.424623] >ffff888102219580: 00 05 fc fc 00 04 fc fc 00 07 fc fc fc fc fc fc [ 10.425167] ^ [ 10.425630] ffff888102219600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.426010] ffff888102219680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.426719] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 10.347960] ================================================================== [ 10.348415] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 10.349025] Write of size 1 at addr ffff88810306a578 by task kunit_try_catch/156 [ 10.349589] [ 10.349795] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 10.349841] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.349852] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.349873] Call Trace: [ 10.349890] <TASK> [ 10.349907] dump_stack_lvl+0x73/0xb0 [ 10.349933] print_report+0xd1/0x610 [ 10.349955] ? __virt_addr_valid+0x1db/0x2d0 [ 10.349977] ? kmalloc_oob_right+0x6bd/0x7f0 [ 10.349998] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.350019] ? kmalloc_oob_right+0x6bd/0x7f0 [ 10.350041] kasan_report+0x141/0x180 [ 10.350062] ? kmalloc_oob_right+0x6bd/0x7f0 [ 10.350089] __asan_report_store1_noabort+0x1b/0x30 [ 10.350109] kmalloc_oob_right+0x6bd/0x7f0 [ 10.350131] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.350154] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.350180] kunit_try_run_case+0x1a5/0x480 [ 10.350235] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.350254] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.350274] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.350309] ? __kthread_parkme+0x82/0x180 [ 10.350331] ? preempt_count_sub+0x50/0x80 [ 10.350356] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.350376] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.350399] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.350421] kthread+0x337/0x6f0 [ 10.350437] ? trace_preempt_on+0x20/0xc0 [ 10.350460] ? __pfx_kthread+0x10/0x10 [ 10.350477] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.350499] ? calculate_sigpending+0x7b/0xa0 [ 10.350520] ? __pfx_kthread+0x10/0x10 [ 10.350538] ret_from_fork+0x41/0x80 [ 10.350559] ? __pfx_kthread+0x10/0x10 [ 10.350576] ret_from_fork_asm+0x1a/0x30 [ 10.350607] </TASK> [ 10.350617] [ 10.362569] Allocated by task 156: [ 10.363021] kasan_save_stack+0x45/0x70 [ 10.363453] kasan_save_track+0x18/0x40 [ 10.363862] kasan_save_alloc_info+0x3b/0x50 [ 10.364290] __kasan_kmalloc+0xb7/0xc0 [ 10.364458] __kmalloc_cache_noprof+0x189/0x420 [ 10.364617] kmalloc_oob_right+0xa9/0x7f0 [ 10.364757] kunit_try_run_case+0x1a5/0x480 [ 10.364900] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.365181] kthread+0x337/0x6f0 [ 10.365364] ret_from_fork+0x41/0x80 [ 10.365549] ret_from_fork_asm+0x1a/0x30 [ 10.365832] [ 10.365930] The buggy address belongs to the object at ffff88810306a500 [ 10.365930] which belongs to the cache kmalloc-128 of size 128 [ 10.366401] The buggy address is located 5 bytes to the right of [ 10.366401] allocated 115-byte region [ffff88810306a500, ffff88810306a573) [ 10.366988] [ 10.367118] The buggy address belongs to the physical page: [ 10.367395] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10306a [ 10.367642] flags: 0x200000000000000(node=0|zone=2) [ 10.367929] page_type: f5(slab) [ 10.368098] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.368602] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.369047] page dumped because: kasan: bad access detected [ 10.369328] [ 10.369454] Memory state around the buggy address: [ 10.369613] ffff88810306a400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.370249] ffff88810306a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.370647] >ffff88810306a500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 10.370858] ^ [ 10.371068] ffff88810306a580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.371686] ffff88810306a600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.371998] ================================================================== [ 10.372627] ================================================================== [ 10.373100] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 10.373532] Read of size 1 at addr ffff88810306a580 by task kunit_try_catch/156 [ 10.373900] [ 10.373994] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 10.374037] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.374048] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.374068] Call Trace: [ 10.374086] <TASK> [ 10.374103] dump_stack_lvl+0x73/0xb0 [ 10.374128] print_report+0xd1/0x610 [ 10.374151] ? __virt_addr_valid+0x1db/0x2d0 [ 10.374172] ? kmalloc_oob_right+0x68a/0x7f0 [ 10.374192] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.374215] ? kmalloc_oob_right+0x68a/0x7f0 [ 10.374246] kasan_report+0x141/0x180 [ 10.374269] ? kmalloc_oob_right+0x68a/0x7f0 [ 10.374296] __asan_report_load1_noabort+0x18/0x20 [ 10.374316] kmalloc_oob_right+0x68a/0x7f0 [ 10.374338] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.374374] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.374401] kunit_try_run_case+0x1a5/0x480 [ 10.374456] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.374476] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.374496] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.374548] ? __kthread_parkme+0x82/0x180 [ 10.374570] ? preempt_count_sub+0x50/0x80 [ 10.374623] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.374642] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.374665] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.374687] kthread+0x337/0x6f0 [ 10.374703] ? trace_preempt_on+0x20/0xc0 [ 10.374726] ? __pfx_kthread+0x10/0x10 [ 10.374743] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.374764] ? calculate_sigpending+0x7b/0xa0 [ 10.374785] ? __pfx_kthread+0x10/0x10 [ 10.374803] ret_from_fork+0x41/0x80 [ 10.374825] ? __pfx_kthread+0x10/0x10 [ 10.374842] ret_from_fork_asm+0x1a/0x30 [ 10.374873] </TASK> [ 10.374883] [ 10.382043] Allocated by task 156: [ 10.382346] kasan_save_stack+0x45/0x70 [ 10.382524] kasan_save_track+0x18/0x40 [ 10.382686] kasan_save_alloc_info+0x3b/0x50 [ 10.382827] __kasan_kmalloc+0xb7/0xc0 [ 10.382953] __kmalloc_cache_noprof+0x189/0x420 [ 10.383099] kmalloc_oob_right+0xa9/0x7f0 [ 10.383242] kunit_try_run_case+0x1a5/0x480 [ 10.383378] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.383646] kthread+0x337/0x6f0 [ 10.383812] ret_from_fork+0x41/0x80 [ 10.383996] ret_from_fork_asm+0x1a/0x30 [ 10.384183] [ 10.384284] The buggy address belongs to the object at ffff88810306a500 [ 10.384284] which belongs to the cache kmalloc-128 of size 128 [ 10.384793] The buggy address is located 13 bytes to the right of [ 10.384793] allocated 115-byte region [ffff88810306a500, ffff88810306a573) [ 10.385667] [ 10.385735] The buggy address belongs to the physical page: [ 10.385898] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10306a [ 10.386129] flags: 0x200000000000000(node=0|zone=2) [ 10.386306] page_type: f5(slab) [ 10.386496] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.386837] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.387554] page dumped because: kasan: bad access detected [ 10.387970] [ 10.388038] Memory state around the buggy address: [ 10.388291] ffff88810306a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.388650] ffff88810306a500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 10.389065] >ffff88810306a580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.389468] ^ [ 10.389691] ffff88810306a600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.390113] ffff88810306a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.390497] ================================================================== [ 10.308995] ================================================================== [ 10.309955] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 10.310610] Write of size 1 at addr ffff88810306a573 by task kunit_try_catch/156 [ 10.310910] [ 10.311846] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 10.313103] Tainted: [N]=TEST [ 10.313145] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.313462] Call Trace: [ 10.313553] <TASK> [ 10.313794] dump_stack_lvl+0x73/0xb0 [ 10.313898] print_report+0xd1/0x610 [ 10.313927] ? __virt_addr_valid+0x1db/0x2d0 [ 10.313951] ? kmalloc_oob_right+0x6f0/0x7f0 [ 10.313972] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.313993] ? kmalloc_oob_right+0x6f0/0x7f0 [ 10.314015] kasan_report+0x141/0x180 [ 10.314037] ? kmalloc_oob_right+0x6f0/0x7f0 [ 10.314064] __asan_report_store1_noabort+0x1b/0x30 [ 10.314084] kmalloc_oob_right+0x6f0/0x7f0 [ 10.314106] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.314130] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.314161] kunit_try_run_case+0x1a5/0x480 [ 10.314183] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.314201] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.314232] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.314256] ? __kthread_parkme+0x82/0x180 [ 10.314278] ? preempt_count_sub+0x50/0x80 [ 10.314306] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.314325] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.314354] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.314376] kthread+0x337/0x6f0 [ 10.314392] ? trace_preempt_on+0x20/0xc0 [ 10.314417] ? __pfx_kthread+0x10/0x10 [ 10.314434] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.314455] ? calculate_sigpending+0x7b/0xa0 [ 10.314477] ? __pfx_kthread+0x10/0x10 [ 10.314495] ret_from_fork+0x41/0x80 [ 10.314516] ? __pfx_kthread+0x10/0x10 [ 10.314533] ret_from_fork_asm+0x1a/0x30 [ 10.314591] </TASK> [ 10.314657] [ 10.328525] Allocated by task 156: [ 10.329014] kasan_save_stack+0x45/0x70 [ 10.329336] kasan_save_track+0x18/0x40 [ 10.329682] kasan_save_alloc_info+0x3b/0x50 [ 10.329855] __kasan_kmalloc+0xb7/0xc0 [ 10.330172] __kmalloc_cache_noprof+0x189/0x420 [ 10.330673] kmalloc_oob_right+0xa9/0x7f0 [ 10.330968] kunit_try_run_case+0x1a5/0x480 [ 10.331131] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.331646] kthread+0x337/0x6f0 [ 10.331828] ret_from_fork+0x41/0x80 [ 10.332263] ret_from_fork_asm+0x1a/0x30 [ 10.332586] [ 10.332825] The buggy address belongs to the object at ffff88810306a500 [ 10.332825] which belongs to the cache kmalloc-128 of size 128 [ 10.333947] The buggy address is located 0 bytes to the right of [ 10.333947] allocated 115-byte region [ffff88810306a500, ffff88810306a573) [ 10.335300] [ 10.335499] The buggy address belongs to the physical page: [ 10.336453] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10306a [ 10.337561] flags: 0x200000000000000(node=0|zone=2) [ 10.338567] page_type: f5(slab) [ 10.339017] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.339269] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.340198] page dumped because: kasan: bad access detected [ 10.340818] [ 10.341079] Memory state around the buggy address: [ 10.341841] ffff88810306a400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.342709] ffff88810306a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.343499] >ffff88810306a500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 10.344281] ^ [ 10.345037] ffff88810306a580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.345708] ffff88810306a600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.346131] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 139.754400] WARNING: CPU: 1 PID: 2742 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 139.754883] Modules linked in: [ 139.755444] CPU: 1 UID: 0 PID: 2742 Comm: kunit_try_catch Tainted: G B D W N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 139.756071] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 139.756468] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.757048] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 139.757400] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 139.758207] RSP: 0000:ffff888103f5fc78 EFLAGS: 00010286 [ 139.758673] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 139.759209] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffb0625254 [ 139.759619] RBP: ffff888103f5fca0 R08: 0000000000000000 R09: ffffed1020798b00 [ 139.759962] R10: ffff888103cc5807 R11: 0000000000000000 R12: ffffffffb0625240 [ 139.760402] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888103f5fd38 [ 139.760718] FS: 0000000000000000(0000) GS:ffff8881a8b90000(0000) knlGS:0000000000000000 [ 139.761057] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.761323] CR2: 00007ffff7ffe000 CR3: 000000002a6ba000 CR4: 00000000000006f0 [ 139.761661] DR0: ffffffffb2633900 DR1: ffffffffb2633901 DR2: ffffffffb2633903 [ 139.762037] DR3: ffffffffb2633905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 139.762314] Call Trace: [ 139.762560] <TASK> [ 139.762735] drm_test_rect_calc_vscale+0x108/0x270 [ 139.762974] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 139.763176] ? __schedule+0x10c6/0x2b60 [ 139.763414] ? __pfx_read_tsc+0x10/0x10 [ 139.763639] ? ktime_get_ts64+0x86/0x230 [ 139.763910] kunit_try_run_case+0x1a5/0x480 [ 139.764090] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.764297] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 139.764881] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 139.765155] ? __kthread_parkme+0x82/0x180 [ 139.765327] ? preempt_count_sub+0x50/0x80 [ 139.765544] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.765786] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 139.766174] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 139.766489] kthread+0x337/0x6f0 [ 139.766630] ? trace_preempt_on+0x20/0xc0 [ 139.766937] ? __pfx_kthread+0x10/0x10 [ 139.767115] ? _raw_spin_unlock_irq+0x47/0x80 [ 139.767375] ? calculate_sigpending+0x7b/0xa0 [ 139.767593] ? __pfx_kthread+0x10/0x10 [ 139.767726] ret_from_fork+0x41/0x80 [ 139.767854] ? __pfx_kthread+0x10/0x10 [ 139.768141] ret_from_fork_asm+0x1a/0x30 [ 139.768374] </TASK> [ 139.768497] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 139.729584] WARNING: CPU: 0 PID: 2740 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 139.730777] Modules linked in: [ 139.731101] CPU: 0 UID: 0 PID: 2740 Comm: kunit_try_catch Tainted: G B D W N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 139.732046] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 139.732805] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.733440] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 139.734062] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 139.735575] RSP: 0000:ffff888102947c78 EFLAGS: 00010286 [ 139.736209] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 139.736466] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffb062521c [ 139.736785] RBP: ffff888102947ca0 R08: 0000000000000000 R09: ffffed10207cb600 [ 139.737331] R10: ffff888103e5b007 R11: 0000000000000000 R12: ffffffffb0625208 [ 139.737913] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888102947d38 [ 139.738344] FS: 0000000000000000(0000) GS:ffff8881a8a90000(0000) knlGS:0000000000000000 [ 139.738970] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.739401] CR2: 00007ffff7ffe000 CR3: 000000002a6ba000 CR4: 00000000000006f0 [ 139.739838] DR0: ffffffffb2633900 DR1: ffffffffb2633901 DR2: ffffffffb2633902 [ 139.740268] DR3: ffffffffb2633903 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 139.740596] Call Trace: [ 139.740715] <TASK> [ 139.741294] drm_test_rect_calc_vscale+0x108/0x270 [ 139.741562] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 139.742087] ? __schedule+0x10c6/0x2b60 [ 139.742295] ? __pfx_read_tsc+0x10/0x10 [ 139.742745] ? ktime_get_ts64+0x86/0x230 [ 139.743111] kunit_try_run_case+0x1a5/0x480 [ 139.743454] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.743838] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 139.744024] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 139.744283] ? __kthread_parkme+0x82/0x180 [ 139.744455] ? preempt_count_sub+0x50/0x80 [ 139.745055] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.745295] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 139.745946] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 139.746221] kthread+0x337/0x6f0 [ 139.746511] ? trace_preempt_on+0x20/0xc0 [ 139.746923] ? __pfx_kthread+0x10/0x10 [ 139.747120] ? _raw_spin_unlock_irq+0x47/0x80 [ 139.747395] ? calculate_sigpending+0x7b/0xa0 [ 139.747586] ? __pfx_kthread+0x10/0x10 [ 139.747776] ret_from_fork+0x41/0x80 [ 139.748277] ? __pfx_kthread+0x10/0x10 [ 139.748460] ret_from_fork_asm+0x1a/0x30 [ 139.749006] </TASK> [ 139.749289] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 139.675139] WARNING: CPU: 1 PID: 2728 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 139.675563] Modules linked in: [ 139.675782] CPU: 1 UID: 0 PID: 2728 Comm: kunit_try_catch Tainted: G B D W N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 139.676854] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 139.677068] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.677350] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 139.677555] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 8b c8 1a 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 139.678265] RSP: 0000:ffff888103f57c78 EFLAGS: 00010286 [ 139.678604] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 139.679496] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffb0625220 [ 139.680079] RBP: ffff888103f57ca0 R08: 0000000000000000 R09: ffffed1020798a40 [ 139.680522] R10: ffff888103cc5207 R11: 0000000000000000 R12: ffffffffb0625208 [ 139.681022] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888103f57d38 [ 139.681558] FS: 0000000000000000(0000) GS:ffff8881a8b90000(0000) knlGS:0000000000000000 [ 139.682226] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.682586] CR2: 00007ffff7ffe000 CR3: 000000002a6ba000 CR4: 00000000000006f0 [ 139.683033] DR0: ffffffffb2633900 DR1: ffffffffb2633901 DR2: ffffffffb2633903 [ 139.683348] DR3: ffffffffb2633905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 139.683636] Call Trace: [ 139.683796] <TASK> [ 139.683925] drm_test_rect_calc_hscale+0x108/0x270 [ 139.684147] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 139.684789] ? __schedule+0x10c6/0x2b60 [ 139.685463] ? __pfx_read_tsc+0x10/0x10 [ 139.685952] ? ktime_get_ts64+0x86/0x230 [ 139.686353] kunit_try_run_case+0x1a5/0x480 [ 139.686893] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.687322] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 139.687570] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 139.688198] ? __kthread_parkme+0x82/0x180 [ 139.688560] ? preempt_count_sub+0x50/0x80 [ 139.689123] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.689365] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 139.689607] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 139.690170] kthread+0x337/0x6f0 [ 139.690350] ? trace_preempt_on+0x20/0xc0 [ 139.690543] ? __pfx_kthread+0x10/0x10 [ 139.691059] ? _raw_spin_unlock_irq+0x47/0x80 [ 139.691293] ? calculate_sigpending+0x7b/0xa0 [ 139.691629] ? __pfx_kthread+0x10/0x10 [ 139.692246] ret_from_fork+0x41/0x80 [ 139.692627] ? __pfx_kthread+0x10/0x10 [ 139.693200] ret_from_fork_asm+0x1a/0x30 [ 139.693616] </TASK> [ 139.694002] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 139.699189] WARNING: CPU: 0 PID: 2730 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 139.699647] Modules linked in: [ 139.700013] CPU: 0 UID: 0 PID: 2730 Comm: kunit_try_catch Tainted: G B D W N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 139.700475] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 139.700711] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.701383] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 139.701619] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 8b c8 1a 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 139.702336] RSP: 0000:ffff888102a07c78 EFLAGS: 00010286 [ 139.702549] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 139.702887] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffb0625258 [ 139.703149] RBP: ffff888102a07ca0 R08: 0000000000000000 R09: ffffed10207cab20 [ 139.703464] R10: ffff888103e55907 R11: 0000000000000000 R12: ffffffffb0625240 [ 139.703715] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888102a07d38 [ 139.704001] FS: 0000000000000000(0000) GS:ffff8881a8a90000(0000) knlGS:0000000000000000 [ 139.704376] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.704632] CR2: 00007ffff7ffe000 CR3: 000000002a6ba000 CR4: 00000000000006f0 [ 139.705286] DR0: ffffffffb2633900 DR1: ffffffffb2633901 DR2: ffffffffb2633902 [ 139.705713] DR3: ffffffffb2633903 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 139.706182] Call Trace: [ 139.706332] <TASK> [ 139.706581] drm_test_rect_calc_hscale+0x108/0x270 [ 139.706958] ? __kasan_check_write+0x18/0x20 [ 139.707198] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 139.707443] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 139.707819] ? __pfx_read_tsc+0x10/0x10 [ 139.708026] ? ktime_get_ts64+0x86/0x230 [ 139.708193] kunit_try_run_case+0x1a5/0x480 [ 139.708445] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.708810] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 139.709002] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 139.709200] ? __kthread_parkme+0x82/0x180 [ 139.709568] ? preempt_count_sub+0x50/0x80 [ 139.709778] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.710104] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 139.710382] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 139.710646] kthread+0x337/0x6f0 [ 139.710815] ? trace_preempt_on+0x20/0xc0 [ 139.711136] ? __pfx_kthread+0x10/0x10 [ 139.711328] ? _raw_spin_unlock_irq+0x47/0x80 [ 139.711651] ? calculate_sigpending+0x7b/0xa0 [ 139.711915] ? __pfx_kthread+0x10/0x10 [ 139.712114] ret_from_fork+0x41/0x80 [ 139.712307] ? __pfx_kthread+0x10/0x10 [ 139.712562] ret_from_fork_asm+0x1a/0x30 [ 139.712711] </TASK> [ 139.712798] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 138.872158] WARNING: CPU: 1 PID: 2526 at drivers/gpu/drm/drm_framebuffer.c:869 drm_framebuffer_init+0x49/0x8d0 [ 138.872800] Modules linked in: [ 138.872983] CPU: 1 UID: 0 PID: 2526 Comm: kunit_try_catch Tainted: G B D W N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 138.873513] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 138.873858] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 138.874305] RIP: 0010:drm_framebuffer_init+0x49/0x8d0 [ 138.874584] Code: 89 e5 41 57 41 56 41 55 41 54 53 48 89 f3 48 83 ec 28 80 3c 11 00 48 89 7d c8 0f 85 1c 07 00 00 48 8b 75 c8 48 39 33 74 20 90 <0f> 0b 90 41 bf ea ff ff ff 48 83 c4 28 44 89 f8 5b 41 5c 41 5d 41 [ 138.875513] RSP: 0000:ffff888103817b20 EFLAGS: 00010246 [ 138.875916] RAX: ffff888103817ba8 RBX: ffff888103817c28 RCX: 1ffff11020702f8e [ 138.876274] RDX: dffffc0000000000 RSI: ffff88810111e000 RDI: ffff88810111e000 [ 138.876719] RBP: ffff888103817b70 R08: ffff88810111e000 R09: ffffffffb05cbd20 [ 138.877114] R10: 0000000000000003 R11: 0000000035182197 R12: 1ffff11020702f71 [ 138.877573] R13: ffff888103817c70 R14: ffff888103817db8 R15: 0000000000000000 [ 138.878077] FS: 0000000000000000(0000) GS:ffff8881a8b90000(0000) knlGS:0000000000000000 [ 138.878491] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.878805] CR2: 00007ffff7ffe000 CR3: 000000002a6ba000 CR4: 00000000000006f0 [ 138.879160] DR0: ffffffffb2633900 DR1: ffffffffb2633901 DR2: ffffffffb2633903 [ 138.879543] DR3: ffffffffb2633905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 138.880033] Call Trace: [ 138.880162] <TASK> [ 138.880264] ? trace_preempt_on+0x20/0xc0 [ 138.880490] ? add_dr+0xc1/0x1d0 [ 138.880673] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 138.880928] ? add_dr+0x148/0x1d0 [ 138.881103] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 138.881519] ? __drmm_add_action+0x1a4/0x280 [ 138.881793] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 138.882077] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 138.882438] ? __drmm_add_action_or_reset+0x22/0x50 [ 138.882883] ? __schedule+0x10c6/0x2b60 [ 138.883119] ? __pfx_read_tsc+0x10/0x10 [ 138.883300] ? ktime_get_ts64+0x86/0x230 [ 138.883595] kunit_try_run_case+0x1a5/0x480 [ 138.883962] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.884199] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 138.884470] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 138.884842] ? __kthread_parkme+0x82/0x180 [ 138.885105] ? preempt_count_sub+0x50/0x80 [ 138.885346] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.885572] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 138.886001] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 138.886311] kthread+0x337/0x6f0 [ 138.886544] ? trace_preempt_on+0x20/0xc0 [ 138.886971] ? __pfx_kthread+0x10/0x10 [ 138.887190] ? _raw_spin_unlock_irq+0x47/0x80 [ 138.887480] ? calculate_sigpending+0x7b/0xa0 [ 138.887822] ? __pfx_kthread+0x10/0x10 [ 138.888009] ret_from_fork+0x41/0x80 [ 138.888217] ? __pfx_kthread+0x10/0x10 [ 138.888447] ret_from_fork_asm+0x1a/0x30 [ 138.888792] </TASK> [ 138.888948] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 138.830197] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 138.830347] WARNING: CPU: 1 PID: 2522 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 138.832339] Modules linked in: [ 138.833090] CPU: 1 UID: 0 PID: 2522 Comm: kunit_try_catch Tainted: G B D W N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 138.834528] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 138.835148] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 138.835992] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 138.836525] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 6b 8b 84 00 48 c7 c1 00 68 5c b0 4c 89 fa 48 c7 c7 60 68 5c b0 48 89 c6 e8 32 6d 81 fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 138.838124] RSP: 0000:ffff88810345fb68 EFLAGS: 00010282 [ 138.838863] RAX: 0000000000000000 RBX: ffff88810345fc40 RCX: 1ffffffff6264be8 [ 138.839580] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 138.840336] RBP: ffff88810345fb90 R08: 0000000000000000 R09: fffffbfff6264be8 [ 138.841142] R10: 0000000000000003 R11: 00000000000379c8 R12: ffff88810345fc18 [ 138.841587] R13: ffff8881078f9000 R14: ffff88810111a000 R15: ffff888103afb400 [ 138.842729] FS: 0000000000000000(0000) GS:ffff8881a8b90000(0000) knlGS:0000000000000000 [ 138.843471] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.843910] CR2: 00007ffff7ffe000 CR3: 000000002a6ba000 CR4: 00000000000006f0 [ 138.844948] DR0: ffffffffb2633900 DR1: ffffffffb2633901 DR2: ffffffffb2633903 [ 138.845453] DR3: ffffffffb2633905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 138.845672] Call Trace: [ 138.845775] <TASK> [ 138.845880] drm_test_framebuffer_free+0x1ab/0x610 [ 138.846059] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 138.846257] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 138.846733] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 138.847281] ? __drmm_add_action_or_reset+0x22/0x50 [ 138.847833] ? __schedule+0x10c6/0x2b60 [ 138.848275] ? __pfx_read_tsc+0x10/0x10 [ 138.848654] ? ktime_get_ts64+0x86/0x230 [ 138.849122] kunit_try_run_case+0x1a5/0x480 [ 138.849535] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.850037] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 138.850567] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 138.850784] ? __kthread_parkme+0x82/0x180 [ 138.851201] ? preempt_count_sub+0x50/0x80 [ 138.851529] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.851695] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 138.852225] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 138.852929] kthread+0x337/0x6f0 [ 138.853217] ? trace_preempt_on+0x20/0xc0 [ 138.853397] ? __pfx_kthread+0x10/0x10 [ 138.853801] ? _raw_spin_unlock_irq+0x47/0x80 [ 138.854226] ? calculate_sigpending+0x7b/0xa0 [ 138.854464] ? __pfx_kthread+0x10/0x10 [ 138.854869] ret_from_fork+0x41/0x80 [ 138.855126] ? __pfx_kthread+0x10/0x10 [ 138.855275] ret_from_fork_asm+0x1a/0x30 [ 138.855449] </TASK> [ 138.855541] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 137.421358] WARNING: CPU: 1 PID: 1952 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 137.421795] Modules linked in: [ 137.422241] CPU: 1 UID: 0 PID: 1952 Comm: kunit_try_catch Tainted: G B D W N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 137.422820] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 137.423097] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 137.423408] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 137.423743] Code: 49 8d 7c 24 58 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 58 00 75 1b 5b 41 5c 5d c3 cc cc cc cc 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d e9 d0 11 22 02 48 89 df e8 d8 [ 137.424618] RSP: 0000:ffff8881030afc90 EFLAGS: 00010246 [ 137.425021] RAX: dffffc0000000000 RBX: ffff888101630000 RCX: 0000000000000000 [ 137.425347] RDX: 1ffff110202c6032 RSI: ffffffffad7f8c98 RDI: ffff888101630190 [ 137.425753] RBP: ffff8881030afca0 R08: 1ffff11020063f69 R09: ffffed1020615f65 [ 137.426051] R10: 0000000000000003 R11: ffffffffacd829b8 R12: 0000000000000000 [ 137.426366] R13: ffff8881030afd38 R14: ffff88810031fc50 R15: ffff88810031fc58 [ 137.426643] FS: 0000000000000000(0000) GS:ffff8881a8b90000(0000) knlGS:0000000000000000 [ 137.427051] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 137.427292] CR2: 00007ffff7ffe000 CR3: 000000002a6ba000 CR4: 00000000000006f0 [ 137.427626] DR0: ffffffffb2633900 DR1: ffffffffb2633901 DR2: ffffffffb2633903 [ 137.427944] DR3: ffffffffb2633905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 137.428404] Call Trace: [ 137.428603] <TASK> [ 137.428738] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 137.429241] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 137.429929] ? __schedule+0x10c6/0x2b60 [ 137.430168] ? __pfx_read_tsc+0x10/0x10 [ 137.430366] ? ktime_get_ts64+0x86/0x230 [ 137.430581] kunit_try_run_case+0x1a5/0x480 [ 137.430805] ? __pfx_kunit_try_run_case+0x10/0x10 [ 137.431159] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 137.431404] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 137.431692] ? __kthread_parkme+0x82/0x180 [ 137.432067] ? preempt_count_sub+0x50/0x80 [ 137.432345] ? __pfx_kunit_try_run_case+0x10/0x10 [ 137.432597] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 137.432791] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 137.433411] kthread+0x337/0x6f0 [ 137.433787] ? trace_preempt_on+0x20/0xc0 [ 137.434016] ? __pfx_kthread+0x10/0x10 [ 137.434214] ? _raw_spin_unlock_irq+0x47/0x80 [ 137.434490] ? calculate_sigpending+0x7b/0xa0 [ 137.434841] ? __pfx_kthread+0x10/0x10 [ 137.435021] ret_from_fork+0x41/0x80 [ 137.435254] ? __pfx_kthread+0x10/0x10 [ 137.435496] ret_from_fork_asm+0x1a/0x30 [ 137.435730] </TASK> [ 137.435862] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 137.503387] WARNING: CPU: 1 PID: 1960 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 137.504070] Modules linked in: [ 137.504250] CPU: 1 UID: 0 PID: 1960 Comm: kunit_try_catch Tainted: G B D W N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 137.505374] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 137.506030] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 137.507044] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 137.507492] Code: 49 8d 7c 24 58 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 58 00 75 1b 5b 41 5c 5d c3 cc cc cc cc 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d e9 d0 11 22 02 48 89 df e8 d8 [ 137.508844] RSP: 0000:ffff8881056c7c90 EFLAGS: 00010246 [ 137.509155] RAX: dffffc0000000000 RBX: ffff888107404000 RCX: 0000000000000000 [ 137.509521] RDX: 1ffff11020e80832 RSI: ffffffffad7f8c98 RDI: ffff888107404190 [ 137.510060] RBP: ffff8881056c7ca0 R08: 1ffff11020063f69 R09: ffffed1020ad8f65 [ 137.510777] R10: 0000000000000003 R11: ffffffffac2049aa R12: 0000000000000000 [ 137.511154] R13: ffff8881056c7d38 R14: ffff88810031fc50 R15: ffff88810031fc58 [ 137.511407] FS: 0000000000000000(0000) GS:ffff8881a8b90000(0000) knlGS:0000000000000000 [ 137.512324] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 137.513002] CR2: 00007ffff7ffe000 CR3: 000000002a6ba000 CR4: 00000000000006f0 [ 137.513388] DR0: ffffffffb2633900 DR1: ffffffffb2633901 DR2: ffffffffb2633903 [ 137.513595] DR3: ffffffffb2633905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 137.513797] Call Trace: [ 137.513893] <TASK> [ 137.513990] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 137.514206] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 137.514495] ? __schedule+0x10c6/0x2b60 [ 137.514656] ? __pfx_read_tsc+0x10/0x10 [ 137.514791] ? ktime_get_ts64+0x86/0x230 [ 137.514952] kunit_try_run_case+0x1a5/0x480 [ 137.515153] ? __pfx_kunit_try_run_case+0x10/0x10 [ 137.515676] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 137.516141] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 137.516636] ? __kthread_parkme+0x82/0x180 [ 137.517108] ? preempt_count_sub+0x50/0x80 [ 137.517537] ? __pfx_kunit_try_run_case+0x10/0x10 [ 137.518189] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 137.518770] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 137.519035] kthread+0x337/0x6f0 [ 137.519399] ? trace_preempt_on+0x20/0xc0 [ 137.519885] ? __pfx_kthread+0x10/0x10 [ 137.520306] ? _raw_spin_unlock_irq+0x47/0x80 [ 137.520591] ? calculate_sigpending+0x7b/0xa0 [ 137.520982] ? __pfx_kthread+0x10/0x10 [ 137.521461] ret_from_fork+0x41/0x80 [ 137.521839] ? __pfx_kthread+0x10/0x10 [ 137.522194] ret_from_fork_asm+0x1a/0x30 [ 137.522376] </TASK> [ 137.522610] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 107.197800] WARNING: CPU: 0 PID: 676 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 107.198644] Modules linked in: [ 107.198918] CPU: 0 UID: 0 PID: 676 Comm: kunit_try_catch Tainted: G B D W N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 107.199255] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 107.199588] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 107.200492] RIP: 0010:intlog10+0x2a/0x40 [ 107.200696] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 107.202492] RSP: 0000:ffff88810366fcb0 EFLAGS: 00010246 [ 107.202772] RAX: 0000000000000000 RBX: ffff88810031fae8 RCX: 1ffff110206cdfb4 [ 107.203334] RDX: 1ffffffff6092728 RSI: 1ffff110206cdfb3 RDI: 0000000000000000 [ 107.203545] RBP: ffff88810366fd60 R08: 0000000000000000 R09: ffffed10209df500 [ 107.203776] R10: ffff888104efa807 R11: 0000000000000000 R12: 1ffff110206cdf97 [ 107.204139] R13: ffffffffb0493940 R14: 0000000000000000 R15: ffff88810366fd38 [ 107.204419] FS: 0000000000000000(0000) GS:ffff8881a8a90000(0000) knlGS:0000000000000000 [ 107.204809] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 107.205258] CR2: dffffc0000000000 CR3: 000000002a6ba000 CR4: 00000000000006f0 [ 107.205494] DR0: ffffffffb2633900 DR1: ffffffffb2633901 DR2: ffffffffb2633902 [ 107.205913] DR3: ffffffffb2633903 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 107.206596] Call Trace: [ 107.206921] <TASK> [ 107.207048] ? intlog10_test+0xf2/0x220 [ 107.207809] ? __pfx_intlog10_test+0x10/0x10 [ 107.208027] ? __schedule+0x10c6/0x2b60 [ 107.208244] ? __pfx_read_tsc+0x10/0x10 [ 107.208425] ? ktime_get_ts64+0x86/0x230 [ 107.208689] kunit_try_run_case+0x1a5/0x480 [ 107.209007] ? __pfx_kunit_try_run_case+0x10/0x10 [ 107.209236] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 107.209537] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 107.209781] ? __kthread_parkme+0x82/0x180 [ 107.210074] ? preempt_count_sub+0x50/0x80 [ 107.210474] ? __pfx_kunit_try_run_case+0x10/0x10 [ 107.210966] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 107.211207] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 107.212085] kthread+0x337/0x6f0 [ 107.212252] ? trace_preempt_on+0x20/0xc0 [ 107.212976] ? __pfx_kthread+0x10/0x10 [ 107.213176] ? _raw_spin_unlock_irq+0x47/0x80 [ 107.213599] ? calculate_sigpending+0x7b/0xa0 [ 107.214101] ? __pfx_kthread+0x10/0x10 [ 107.214318] ret_from_fork+0x41/0x80 [ 107.214604] ? __pfx_kthread+0x10/0x10 [ 107.214960] ret_from_fork_asm+0x1a/0x30 [ 107.215286] </TASK> [ 107.215558] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 107.161754] WARNING: CPU: 1 PID: 658 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 107.162163] Modules linked in: [ 107.162484] CPU: 1 UID: 0 PID: 658 Comm: kunit_try_catch Tainted: G B D N 6.15.8-rc1 #1 PREEMPT(voluntary) [ 107.163158] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 107.163506] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 107.164074] RIP: 0010:intlog2+0xdf/0x110 [ 107.164316] Code: 49 b0 c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d e9 52 65 81 02 90 <0f> 0b 90 31 c0 e9 47 65 81 02 89 45 e4 e8 cf 82 56 ff 8b 45 e4 eb [ 107.165258] RSP: 0000:ffff888102f3fcb0 EFLAGS: 00010246 [ 107.165639] RAX: 0000000000000000 RBX: ffff88810031fae8 RCX: 1ffff110205e7fb4 [ 107.166160] RDX: 1ffffffff609277c RSI: 1ffff110205e7fb3 RDI: 0000000000000000 [ 107.166836] RBP: ffff888102f3fd60 R08: 0000000000000000 R09: ffffed10209df400 [ 107.167120] R10: ffff888104efa007 R11: 0000000000000000 R12: 1ffff110205e7f97 [ 107.167430] R13: ffffffffb0493be0 R14: 0000000000000000 R15: ffff888102f3fd38 [ 107.167765] FS: 0000000000000000(0000) GS:ffff8881a8b90000(0000) knlGS:0000000000000000 [ 107.168216] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 107.168439] CR2: ffff88815a908000 CR3: 000000002a6ba000 CR4: 00000000000006f0 [ 107.168766] DR0: ffffffffb2633900 DR1: ffffffffb2633901 DR2: ffffffffb2633903 [ 107.169274] DR3: ffffffffb2633905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 107.169532] Call Trace: [ 107.169865] <TASK> [ 107.170014] ? intlog2_test+0xf2/0x220 [ 107.170193] ? __pfx_intlog2_test+0x10/0x10 [ 107.170478] ? __schedule+0x10c6/0x2b60 [ 107.170644] ? __pfx_read_tsc+0x10/0x10 [ 107.170917] ? ktime_get_ts64+0x86/0x230 [ 107.171097] kunit_try_run_case+0x1a5/0x480 [ 107.171286] ? __pfx_kunit_try_run_case+0x10/0x10 [ 107.171611] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 107.171811] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 107.172123] ? __kthread_parkme+0x82/0x180 [ 107.172341] ? preempt_count_sub+0x50/0x80 [ 107.172525] ? __pfx_kunit_try_run_case+0x10/0x10 [ 107.172745] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 107.173041] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 107.173307] kthread+0x337/0x6f0 [ 107.173503] ? trace_preempt_on+0x20/0xc0 [ 107.173708] ? __pfx_kthread+0x10/0x10 [ 107.174285] ? _raw_spin_unlock_irq+0x47/0x80 [ 107.174883] ? calculate_sigpending+0x7b/0xa0 [ 107.175115] ? __pfx_kthread+0x10/0x10 [ 107.175369] ret_from_fork+0x41/0x80 [ 107.175617] ? __pfx_kthread+0x10/0x10 [ 107.175892] ret_from_fork_asm+0x1a/0x30 [ 107.176099] </TASK> [ 107.176237] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
KNOWN ISSUE - qemu-x86_64: Oops: general protection fault, probably for non-canonical address - KASAN: null-ptr-deref - kunit_test_null_dereference
[ 106.541461] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI