Date
June 8, 2025, 11:09 p.m.
Failure - log-parser-boot - kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 20.660917] ================================================================== [ 20.662074] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 20.663111] Read of size 1 at addr ffff88810393fd02 by task kunit_try_catch/267 [ 20.663614] [ 20.663797] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 20.663863] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.664407] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.664487] Call Trace: [ 20.664528] <TASK> [ 20.664572] dump_stack_lvl+0x73/0xb0 [ 20.664661] print_report+0xd1/0x650 [ 20.664739] ? __virt_addr_valid+0x1db/0x2d0 [ 20.664820] ? kasan_stack_oob+0x2b5/0x300 [ 20.664914] ? kasan_addr_to_slab+0x11/0xa0 [ 20.664987] ? kasan_stack_oob+0x2b5/0x300 [ 20.665059] kasan_report+0x141/0x180 [ 20.665134] ? kasan_stack_oob+0x2b5/0x300 [ 20.665216] __asan_report_load1_noabort+0x18/0x20 [ 20.665296] kasan_stack_oob+0x2b5/0x300 [ 20.665367] ? __pfx_kasan_stack_oob+0x10/0x10 [ 20.665432] ? finish_task_switch.isra.0+0x153/0x700 [ 20.665502] ? __switch_to+0x47/0xf50 [ 20.665595] ? __schedule+0x10cc/0x2b60 [ 20.665677] ? __pfx_read_tsc+0x10/0x10 [ 20.665753] ? ktime_get_ts64+0x86/0x230 [ 20.665829] kunit_try_run_case+0x1a5/0x480 [ 20.665928] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.666007] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.666082] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.666173] ? __kthread_parkme+0x82/0x180 [ 20.666206] ? preempt_count_sub+0x50/0x80 [ 20.666237] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.666285] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.666321] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.666356] kthread+0x337/0x6f0 [ 20.666383] ? trace_preempt_on+0x20/0xc0 [ 20.666414] ? __pfx_kthread+0x10/0x10 [ 20.666443] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.666474] ? calculate_sigpending+0x7b/0xa0 [ 20.666511] ? __pfx_kthread+0x10/0x10 [ 20.666647] ret_from_fork+0x116/0x1d0 [ 20.666678] ? __pfx_kthread+0x10/0x10 [ 20.666707] ret_from_fork_asm+0x1a/0x30 [ 20.666749] </TASK> [ 20.666763] [ 20.689341] The buggy address belongs to stack of task kunit_try_catch/267 [ 20.691006] and is located at offset 138 in frame: [ 20.691633] kasan_stack_oob+0x0/0x300 [ 20.692174] [ 20.692410] This frame has 4 objects: [ 20.692948] [48, 49) '__assertion' [ 20.693028] [64, 72) 'array' [ 20.693485] [96, 112) '__assertion' [ 20.694685] [128, 138) 'stack_array' [ 20.695323] [ 20.696516] The buggy address belongs to the physical page: [ 20.697014] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10393f [ 20.698267] flags: 0x200000000000000(node=0|zone=2) [ 20.698937] raw: 0200000000000000 ffffea00040e4fc8 ffffea00040e4fc8 0000000000000000 [ 20.699944] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 20.700797] page dumped because: kasan: bad access detected [ 20.701228] [ 20.702022] Memory state around the buggy address: [ 20.702742] ffff88810393fc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 20.703288] ffff88810393fc80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 20.703810] >ffff88810393fd00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 20.705050] ^ [ 20.705565] ffff88810393fd80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 20.706534] ffff88810393fe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.707274] ==================================================================
Failure - log-parser-boot - oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
[ 149.587578] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 57.827940] ================================================================== [ 57.828568] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 57.828568] [ 57.829580] Use-after-free read at 0x(____ptrval____) (in kfence-#173): [ 57.830558] test_krealloc+0x6fc/0xbe0 [ 57.830932] kunit_try_run_case+0x1a5/0x480 [ 57.831728] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 57.832437] kthread+0x337/0x6f0 [ 57.832798] ret_from_fork+0x116/0x1d0 [ 57.833191] ret_from_fork_asm+0x1a/0x30 [ 57.833622] [ 57.833827] kfence-#173: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 57.833827] [ 57.834611] allocated by task 355 on cpu 0 at 57.826933s (0.007673s ago): [ 57.835739] test_alloc+0x364/0x10f0 [ 57.836369] test_krealloc+0xad/0xbe0 [ 57.836834] kunit_try_run_case+0x1a5/0x480 [ 57.837457] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 57.837922] kthread+0x337/0x6f0 [ 57.838323] ret_from_fork+0x116/0x1d0 [ 57.838636] ret_from_fork_asm+0x1a/0x30 [ 57.838971] [ 57.839718] freed by task 355 on cpu 0 at 57.827216s (0.012495s ago): [ 57.840363] krealloc_noprof+0x108/0x340 [ 57.840746] test_krealloc+0x226/0xbe0 [ 57.841612] kunit_try_run_case+0x1a5/0x480 [ 57.841972] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 57.842528] kthread+0x337/0x6f0 [ 57.842894] ret_from_fork+0x116/0x1d0 [ 57.843602] ret_from_fork_asm+0x1a/0x30 [ 57.843975] [ 57.844308] CPU: 0 UID: 0 PID: 355 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 57.845126] Tainted: [B]=BAD_PAGE, [N]=TEST [ 57.845547] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 57.846264] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 57.747134] ================================================================== [ 57.748379] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 57.748379] [ 57.749267] Use-after-free read at 0x(____ptrval____) (in kfence-#172): [ 57.749972] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 57.750543] kunit_try_run_case+0x1a5/0x480 [ 57.751050] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 57.751620] kthread+0x337/0x6f0 [ 57.752004] ret_from_fork+0x116/0x1d0 [ 57.752523] ret_from_fork_asm+0x1a/0x30 [ 57.753033] [ 57.753294] kfence-#172: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 57.753294] [ 57.754116] allocated by task 353 on cpu 0 at 57.722956s (0.031155s ago): [ 57.754566] test_alloc+0x2a6/0x10f0 [ 57.754852] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 57.756133] kunit_try_run_case+0x1a5/0x480 [ 57.756683] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 57.757359] kthread+0x337/0x6f0 [ 57.757813] ret_from_fork+0x116/0x1d0 [ 57.758466] ret_from_fork_asm+0x1a/0x30 [ 57.758910] [ 57.759311] freed by task 353 on cpu 0 at 57.723063s (0.036242s ago): [ 57.759755] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 57.760361] kunit_try_run_case+0x1a5/0x480 [ 57.760885] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 57.761618] kthread+0x337/0x6f0 [ 57.762023] ret_from_fork+0x116/0x1d0 [ 57.762582] ret_from_fork_asm+0x1a/0x30 [ 57.763037] [ 57.763438] CPU: 0 UID: 0 PID: 353 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 57.764314] Tainted: [B]=BAD_PAGE, [N]=TEST [ 57.764642] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 57.765501] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 33.612138] ================================================================== [ 33.612964] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 33.612964] [ 33.613617] Invalid read at 0x(____ptrval____): [ 33.614535] test_invalid_access+0xf0/0x210 [ 33.615403] kunit_try_run_case+0x1a5/0x480 [ 33.615834] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.616518] kthread+0x337/0x6f0 [ 33.617397] ret_from_fork+0x116/0x1d0 [ 33.617952] ret_from_fork_asm+0x1a/0x30 [ 33.618336] [ 33.618824] CPU: 0 UID: 0 PID: 349 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 33.620232] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.621054] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.621963] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 26.835015] ================================================================== [ 26.835700] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 26.835700] [ 26.836439] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#105): [ 26.837326] test_out_of_bounds_write+0x10d/0x260 [ 26.837794] kunit_try_run_case+0x1a5/0x480 [ 26.838357] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.838904] kthread+0x337/0x6f0 [ 26.839233] ret_from_fork+0x116/0x1d0 [ 26.839792] ret_from_fork_asm+0x1a/0x30 [ 26.840479] [ 26.840764] kfence-#105: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 26.840764] [ 26.841591] allocated by task 311 on cpu 0 at 26.834921s (0.006665s ago): [ 26.842387] test_alloc+0x2a6/0x10f0 [ 26.842832] test_out_of_bounds_write+0xd4/0x260 [ 26.843358] kunit_try_run_case+0x1a5/0x480 [ 26.843908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.844495] kthread+0x337/0x6f0 [ 26.844863] ret_from_fork+0x116/0x1d0 [ 26.845393] ret_from_fork_asm+0x1a/0x30 [ 26.845915] [ 26.846291] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 26.847206] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.847863] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.849019] ================================================================== [ 26.627253] ================================================================== [ 26.627902] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 26.627902] [ 26.629092] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#103): [ 26.630071] test_out_of_bounds_write+0x10d/0x260 [ 26.630755] kunit_try_run_case+0x1a5/0x480 [ 26.631701] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.632272] kthread+0x337/0x6f0 [ 26.632703] ret_from_fork+0x116/0x1d0 [ 26.633146] ret_from_fork_asm+0x1a/0x30 [ 26.633609] [ 26.633813] kfence-#103: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 26.633813] [ 26.634870] allocated by task 309 on cpu 1 at 26.627061s (0.007803s ago): [ 26.635730] test_alloc+0x364/0x10f0 [ 26.636157] test_out_of_bounds_write+0xd4/0x260 [ 26.636588] kunit_try_run_case+0x1a5/0x480 [ 26.637115] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.637472] kthread+0x337/0x6f0 [ 26.637767] ret_from_fork+0x116/0x1d0 [ 26.638309] ret_from_fork_asm+0x1a/0x30 [ 26.638603] [ 26.638823] CPU: 1 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 26.639451] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.639715] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.641399] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 33.387189] ================================================================== [ 33.387777] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 33.387777] [ 33.388562] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#168): [ 33.389887] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 33.390662] kunit_try_run_case+0x1a5/0x480 [ 33.391111] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.391572] kthread+0x337/0x6f0 [ 33.391997] ret_from_fork+0x116/0x1d0 [ 33.392429] ret_from_fork_asm+0x1a/0x30 [ 33.392865] [ 33.393125] kfence-#168: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 33.393125] [ 33.393749] allocated by task 343 on cpu 0 at 33.386828s (0.006915s ago): [ 33.394521] test_alloc+0x364/0x10f0 [ 33.394852] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 33.395568] kunit_try_run_case+0x1a5/0x480 [ 33.395993] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.396425] kthread+0x337/0x6f0 [ 33.396861] ret_from_fork+0x116/0x1d0 [ 33.397414] ret_from_fork_asm+0x1a/0x30 [ 33.397823] [ 33.398082] freed by task 343 on cpu 0 at 33.387034s (0.011042s ago): [ 33.398564] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 33.399038] kunit_try_run_case+0x1a5/0x480 [ 33.399529] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.400068] kthread+0x337/0x6f0 [ 33.400464] ret_from_fork+0x116/0x1d0 [ 33.400816] ret_from_fork_asm+0x1a/0x30 [ 33.401349] [ 33.401613] CPU: 0 UID: 0 PID: 343 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 33.402544] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.402944] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.403683] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 33.179221] ================================================================== [ 33.179715] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 33.179715] [ 33.180669] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#166): [ 33.181488] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 33.181985] kunit_try_run_case+0x1a5/0x480 [ 33.182518] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.183042] kthread+0x337/0x6f0 [ 33.183527] ret_from_fork+0x116/0x1d0 [ 33.184008] ret_from_fork_asm+0x1a/0x30 [ 33.184584] [ 33.184929] kfence-#166: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 33.184929] [ 33.185772] allocated by task 341 on cpu 0 at 33.178937s (0.006828s ago): [ 33.186540] test_alloc+0x364/0x10f0 [ 33.186933] test_kmalloc_aligned_oob_read+0x105/0x560 [ 33.187751] kunit_try_run_case+0x1a5/0x480 [ 33.188342] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.188960] kthread+0x337/0x6f0 [ 33.189333] ret_from_fork+0x116/0x1d0 [ 33.189813] ret_from_fork_asm+0x1a/0x30 [ 33.190342] [ 33.190675] CPU: 0 UID: 0 PID: 341 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 33.191654] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.192064] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.192929] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_corruption
[ 28.499200] ================================================================== [ 28.499869] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 28.499869] [ 28.500952] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#121): [ 28.503081] test_corruption+0x131/0x3e0 [ 28.503512] kunit_try_run_case+0x1a5/0x480 [ 28.503953] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.504447] kthread+0x337/0x6f0 [ 28.504808] ret_from_fork+0x116/0x1d0 [ 28.505321] ret_from_fork_asm+0x1a/0x30 [ 28.505661] [ 28.505900] kfence-#121: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 28.505900] [ 28.506784] allocated by task 331 on cpu 1 at 28.499007s (0.007772s ago): [ 28.507416] test_alloc+0x2a6/0x10f0 [ 28.507804] test_corruption+0xe6/0x3e0 [ 28.508359] kunit_try_run_case+0x1a5/0x480 [ 28.508850] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.509468] kthread+0x337/0x6f0 [ 28.509922] ret_from_fork+0x116/0x1d0 [ 28.510398] ret_from_fork_asm+0x1a/0x30 [ 28.510906] [ 28.511157] freed by task 331 on cpu 1 at 28.499068s (0.012084s ago): [ 28.511799] test_corruption+0x131/0x3e0 [ 28.512290] kunit_try_run_case+0x1a5/0x480 [ 28.512722] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.513313] kthread+0x337/0x6f0 [ 28.513716] ret_from_fork+0x116/0x1d0 [ 28.514244] ret_from_fork_asm+0x1a/0x30 [ 28.514707] [ 28.515013] CPU: 1 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 28.515970] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.516421] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.517195] ================================================================== [ 27.771216] ================================================================== [ 27.771852] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 27.771852] [ 27.773032] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#114): [ 27.775033] test_corruption+0x2d2/0x3e0 [ 27.775500] kunit_try_run_case+0x1a5/0x480 [ 27.775975] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.776507] kthread+0x337/0x6f0 [ 27.776905] ret_from_fork+0x116/0x1d0 [ 27.777368] ret_from_fork_asm+0x1a/0x30 [ 27.777782] [ 27.778084] kfence-#114: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 27.778084] [ 27.778953] allocated by task 329 on cpu 0 at 27.770902s (0.008045s ago): [ 27.779615] test_alloc+0x364/0x10f0 [ 27.779964] test_corruption+0xe6/0x3e0 [ 27.780450] kunit_try_run_case+0x1a5/0x480 [ 27.780889] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.781405] kthread+0x337/0x6f0 [ 27.781843] ret_from_fork+0x116/0x1d0 [ 27.782356] ret_from_fork_asm+0x1a/0x30 [ 27.782822] [ 27.783154] freed by task 329 on cpu 0 at 27.771027s (0.012121s ago): [ 27.783775] test_corruption+0x2d2/0x3e0 [ 27.784279] kunit_try_run_case+0x1a5/0x480 [ 27.784736] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.785367] kthread+0x337/0x6f0 [ 27.785687] ret_from_fork+0x116/0x1d0 [ 27.786179] ret_from_fork_asm+0x1a/0x30 [ 27.786631] [ 27.786977] CPU: 0 UID: 0 PID: 329 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 27.787944] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.788371] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.789279] ================================================================== [ 28.603242] ================================================================== [ 28.603844] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 28.603844] [ 28.604470] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#122): [ 28.605338] test_corruption+0x216/0x3e0 [ 28.605914] kunit_try_run_case+0x1a5/0x480 [ 28.606500] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.606983] kthread+0x337/0x6f0 [ 28.607382] ret_from_fork+0x116/0x1d0 [ 28.607886] ret_from_fork_asm+0x1a/0x30 [ 28.608320] [ 28.608575] kfence-#122: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 28.608575] [ 28.609371] allocated by task 331 on cpu 1 at 28.603039s (0.006327s ago): [ 28.610045] test_alloc+0x2a6/0x10f0 [ 28.610495] test_corruption+0x1cb/0x3e0 [ 28.611012] kunit_try_run_case+0x1a5/0x480 [ 28.611644] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.612066] kthread+0x337/0x6f0 [ 28.612513] ret_from_fork+0x116/0x1d0 [ 28.612959] ret_from_fork_asm+0x1a/0x30 [ 28.613556] [ 28.613758] freed by task 331 on cpu 1 at 28.603121s (0.010632s ago): [ 28.614283] test_corruption+0x216/0x3e0 [ 28.614762] kunit_try_run_case+0x1a5/0x480 [ 28.615500] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.615992] kthread+0x337/0x6f0 [ 28.616354] ret_from_fork+0x116/0x1d0 [ 28.617083] ret_from_fork_asm+0x1a/0x30 [ 28.617563] [ 28.617797] CPU: 1 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 28.618949] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.619270] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.620038] ================================================================== [ 28.187228] ================================================================== [ 28.187826] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 28.187826] [ 28.188545] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#118): [ 28.190075] test_corruption+0x2df/0x3e0 [ 28.190665] kunit_try_run_case+0x1a5/0x480 [ 28.191250] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.191732] kthread+0x337/0x6f0 [ 28.192114] ret_from_fork+0x116/0x1d0 [ 28.192824] ret_from_fork_asm+0x1a/0x30 [ 28.193403] [ 28.193608] kfence-#118: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 28.193608] [ 28.194652] allocated by task 329 on cpu 0 at 28.186904s (0.007743s ago): [ 28.195666] test_alloc+0x364/0x10f0 [ 28.196050] test_corruption+0x1cb/0x3e0 [ 28.196691] kunit_try_run_case+0x1a5/0x480 [ 28.197111] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.197842] kthread+0x337/0x6f0 [ 28.198352] ret_from_fork+0x116/0x1d0 [ 28.198737] ret_from_fork_asm+0x1a/0x30 [ 28.199147] [ 28.199718] freed by task 329 on cpu 0 at 28.187013s (0.012702s ago): [ 28.200515] test_corruption+0x2df/0x3e0 [ 28.200911] kunit_try_run_case+0x1a5/0x480 [ 28.201481] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.201974] kthread+0x337/0x6f0 [ 28.202548] ret_from_fork+0x116/0x1d0 [ 28.203230] ret_from_fork_asm+0x1a/0x30 [ 28.203600] [ 28.204046] CPU: 0 UID: 0 PID: 329 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 28.204890] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.205566] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.206486] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 27.667032] ================================================================== [ 27.667629] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 27.667629] [ 27.668228] Invalid free of 0x(____ptrval____) (in kfence-#113): [ 27.669264] test_invalid_addr_free+0xfb/0x260 [ 27.669699] kunit_try_run_case+0x1a5/0x480 [ 27.670141] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.670743] kthread+0x337/0x6f0 [ 27.671175] ret_from_fork+0x116/0x1d0 [ 27.671581] ret_from_fork_asm+0x1a/0x30 [ 27.672089] [ 27.672381] kfence-#113: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 27.672381] [ 27.673150] allocated by task 327 on cpu 0 at 27.666902s (0.006242s ago): [ 27.673765] test_alloc+0x2a6/0x10f0 [ 27.674191] test_invalid_addr_free+0xdb/0x260 [ 27.674677] kunit_try_run_case+0x1a5/0x480 [ 27.675158] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.675682] kthread+0x337/0x6f0 [ 27.676101] ret_from_fork+0x116/0x1d0 [ 27.676579] ret_from_fork_asm+0x1a/0x30 [ 27.677070] [ 27.677395] CPU: 0 UID: 0 PID: 327 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 27.678205] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.678719] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.679636] ================================================================== [ 27.563020] ================================================================== [ 27.563607] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 27.563607] [ 27.564521] Invalid free of 0x(____ptrval____) (in kfence-#112): [ 27.565190] test_invalid_addr_free+0x1e1/0x260 [ 27.566141] kunit_try_run_case+0x1a5/0x480 [ 27.566682] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.567354] kthread+0x337/0x6f0 [ 27.567716] ret_from_fork+0x116/0x1d0 [ 27.568114] ret_from_fork_asm+0x1a/0x30 [ 27.568817] [ 27.569067] kfence-#112: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 27.569067] [ 27.570109] allocated by task 325 on cpu 0 at 27.562850s (0.007254s ago): [ 27.570960] test_alloc+0x364/0x10f0 [ 27.571743] test_invalid_addr_free+0xdb/0x260 [ 27.572118] kunit_try_run_case+0x1a5/0x480 [ 27.572768] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.573468] kthread+0x337/0x6f0 [ 27.573827] ret_from_fork+0x116/0x1d0 [ 27.574582] ret_from_fork_asm+0x1a/0x30 [ 27.574951] [ 27.575227] CPU: 0 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 27.576344] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.576701] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.577667] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_double_free
[ 27.459149] ================================================================== [ 27.459741] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 27.459741] [ 27.460385] Invalid free of 0x(____ptrval____) (in kfence-#111): [ 27.461582] test_double_free+0x112/0x260 [ 27.462285] kunit_try_run_case+0x1a5/0x480 [ 27.462780] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.463528] kthread+0x337/0x6f0 [ 27.463817] ret_from_fork+0x116/0x1d0 [ 27.464607] ret_from_fork_asm+0x1a/0x30 [ 27.465017] [ 27.465240] kfence-#111: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 27.465240] [ 27.465940] allocated by task 323 on cpu 0 at 27.458913s (0.007022s ago): [ 27.466522] test_alloc+0x2a6/0x10f0 [ 27.467269] test_double_free+0xdb/0x260 [ 27.467752] kunit_try_run_case+0x1a5/0x480 [ 27.468188] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.468715] kthread+0x337/0x6f0 [ 27.469111] ret_from_fork+0x116/0x1d0 [ 27.469483] ret_from_fork_asm+0x1a/0x30 [ 27.469937] [ 27.470168] freed by task 323 on cpu 0 at 27.458979s (0.011183s ago): [ 27.470713] test_double_free+0xfa/0x260 [ 27.471155] kunit_try_run_case+0x1a5/0x480 [ 27.471610] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.472115] kthread+0x337/0x6f0 [ 27.472486] ret_from_fork+0x116/0x1d0 [ 27.472937] ret_from_fork_asm+0x1a/0x30 [ 27.473453] [ 27.473665] CPU: 0 UID: 0 PID: 323 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 27.475035] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.475685] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.476597] ================================================================== [ 27.355234] ================================================================== [ 27.355890] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 27.355890] [ 27.356527] Invalid free of 0x(____ptrval____) (in kfence-#110): [ 27.357472] test_double_free+0x1d3/0x260 [ 27.358375] kunit_try_run_case+0x1a5/0x480 [ 27.359290] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.360342] kthread+0x337/0x6f0 [ 27.360619] ret_from_fork+0x116/0x1d0 [ 27.361230] ret_from_fork_asm+0x1a/0x30 [ 27.361931] [ 27.362119] kfence-#110: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 27.362119] [ 27.363286] allocated by task 321 on cpu 1 at 27.354910s (0.008370s ago): [ 27.363839] test_alloc+0x364/0x10f0 [ 27.364224] test_double_free+0xdb/0x260 [ 27.364563] kunit_try_run_case+0x1a5/0x480 [ 27.365065] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.365632] kthread+0x337/0x6f0 [ 27.366052] ret_from_fork+0x116/0x1d0 [ 27.366506] ret_from_fork_asm+0x1a/0x30 [ 27.366929] [ 27.367182] freed by task 321 on cpu 1 at 27.354988s (0.012188s ago): [ 27.367785] test_double_free+0x1e0/0x260 [ 27.368253] kunit_try_run_case+0x1a5/0x480 [ 27.368687] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.369211] kthread+0x337/0x6f0 [ 27.369590] ret_from_fork+0x116/0x1d0 [ 27.370021] ret_from_fork_asm+0x1a/0x30 [ 27.370466] [ 27.370739] CPU: 1 UID: 0 PID: 321 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 27.371632] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.372008] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.372766] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 27.043033] ================================================================== [ 27.043646] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 27.043646] [ 27.044310] Use-after-free read at 0x(____ptrval____) (in kfence-#107): [ 27.044985] test_use_after_free_read+0x129/0x270 [ 27.045449] kunit_try_run_case+0x1a5/0x480 [ 27.045923] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.046528] kthread+0x337/0x6f0 [ 27.046866] ret_from_fork+0x116/0x1d0 [ 27.047323] ret_from_fork_asm+0x1a/0x30 [ 27.047720] [ 27.047991] kfence-#107: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 27.047991] [ 27.048709] allocated by task 315 on cpu 0 at 27.042862s (0.005843s ago): [ 27.049491] test_alloc+0x2a6/0x10f0 [ 27.049837] test_use_after_free_read+0xdc/0x270 [ 27.050534] kunit_try_run_case+0x1a5/0x480 [ 27.050900] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.051423] kthread+0x337/0x6f0 [ 27.051843] ret_from_fork+0x116/0x1d0 [ 27.052276] ret_from_fork_asm+0x1a/0x30 [ 27.052673] [ 27.052932] freed by task 315 on cpu 0 at 27.042936s (0.009991s ago): [ 27.053512] test_use_after_free_read+0xfb/0x270 [ 27.053979] kunit_try_run_case+0x1a5/0x480 [ 27.054483] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.055013] kthread+0x337/0x6f0 [ 27.055342] ret_from_fork+0x116/0x1d0 [ 27.055670] ret_from_fork_asm+0x1a/0x30 [ 27.056117] [ 27.056401] CPU: 0 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 27.057411] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.057734] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.058537] ================================================================== [ 26.939089] ================================================================== [ 26.939766] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 26.939766] [ 26.940531] Use-after-free read at 0x(____ptrval____) (in kfence-#106): [ 26.941508] test_use_after_free_read+0x129/0x270 [ 26.942512] kunit_try_run_case+0x1a5/0x480 [ 26.943415] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.943965] kthread+0x337/0x6f0 [ 26.944431] ret_from_fork+0x116/0x1d0 [ 26.944843] ret_from_fork_asm+0x1a/0x30 [ 26.945399] [ 26.945729] kfence-#106: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 26.945729] [ 26.946565] allocated by task 313 on cpu 0 at 26.938856s (0.007704s ago): [ 26.947301] test_alloc+0x364/0x10f0 [ 26.947765] test_use_after_free_read+0xdc/0x270 [ 26.948226] kunit_try_run_case+0x1a5/0x480 [ 26.948712] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.949307] kthread+0x337/0x6f0 [ 26.949703] ret_from_fork+0x116/0x1d0 [ 26.950083] ret_from_fork_asm+0x1a/0x30 [ 26.950663] [ 26.951314] freed by task 313 on cpu 0 at 26.938932s (0.012131s ago): [ 26.952086] test_use_after_free_read+0x1e7/0x270 [ 26.952652] kunit_try_run_case+0x1a5/0x480 [ 26.953088] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.953678] kthread+0x337/0x6f0 [ 26.954062] ret_from_fork+0x116/0x1d0 [ 26.954602] ret_from_fork_asm+0x1a/0x30 [ 26.955264] [ 26.955506] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 26.956399] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.956786] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.957440] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 26.315018] ================================================================== [ 26.315643] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 26.315643] [ 26.316782] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#100): [ 26.317972] test_out_of_bounds_read+0x126/0x4e0 [ 26.318419] kunit_try_run_case+0x1a5/0x480 [ 26.319597] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.320049] kthread+0x337/0x6f0 [ 26.320470] ret_from_fork+0x116/0x1d0 [ 26.321115] ret_from_fork_asm+0x1a/0x30 [ 26.321565] [ 26.322071] kfence-#100: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 26.322071] [ 26.322825] allocated by task 307 on cpu 0 at 26.314921s (0.007898s ago): [ 26.324005] test_alloc+0x2a6/0x10f0 [ 26.324458] test_out_of_bounds_read+0xed/0x4e0 [ 26.325119] kunit_try_run_case+0x1a5/0x480 [ 26.325559] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.326433] kthread+0x337/0x6f0 [ 26.326813] ret_from_fork+0x116/0x1d0 [ 26.327199] ret_from_fork_asm+0x1a/0x30 [ 26.327607] [ 26.327946] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 26.328717] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.329198] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.330016] ================================================================== [ 26.522987] ================================================================== [ 26.523620] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 26.523620] [ 26.524411] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#102): [ 26.525016] test_out_of_bounds_read+0x216/0x4e0 [ 26.525546] kunit_try_run_case+0x1a5/0x480 [ 26.525945] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.526520] kthread+0x337/0x6f0 [ 26.526900] ret_from_fork+0x116/0x1d0 [ 26.527295] ret_from_fork_asm+0x1a/0x30 [ 26.527916] [ 26.528120] kfence-#102: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 26.528120] [ 26.528969] allocated by task 307 on cpu 0 at 26.522897s (0.006067s ago): [ 26.529606] test_alloc+0x2a6/0x10f0 [ 26.529987] test_out_of_bounds_read+0x1e2/0x4e0 [ 26.530433] kunit_try_run_case+0x1a5/0x480 [ 26.531106] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.531584] kthread+0x337/0x6f0 [ 26.531897] ret_from_fork+0x116/0x1d0 [ 26.532476] ret_from_fork_asm+0x1a/0x30 [ 26.532950] [ 26.533239] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 26.534125] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.534502] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.535142] ================================================================== [ 25.691153] ================================================================== [ 25.691790] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 25.691790] [ 25.692687] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#94): [ 25.694041] test_out_of_bounds_read+0x216/0x4e0 [ 25.694499] kunit_try_run_case+0x1a5/0x480 [ 25.694941] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.695827] kthread+0x337/0x6f0 [ 25.696446] ret_from_fork+0x116/0x1d0 [ 25.697004] ret_from_fork_asm+0x1a/0x30 [ 25.697765] [ 25.698198] kfence-#94: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 25.698198] [ 25.699075] allocated by task 305 on cpu 0 at 25.690931s (0.008139s ago): [ 25.699871] test_alloc+0x364/0x10f0 [ 25.700461] test_out_of_bounds_read+0x1e2/0x4e0 [ 25.701165] kunit_try_run_case+0x1a5/0x480 [ 25.701539] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.702022] kthread+0x337/0x6f0 [ 25.702396] ret_from_fork+0x116/0x1d0 [ 25.702759] ret_from_fork_asm+0x1a/0x30 [ 25.703332] [ 25.703720] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 25.704728] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.705168] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.706104] ================================================================== [ 25.484390] ================================================================== [ 25.484718] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 25.484718] [ 25.485497] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#92): [ 25.486300] test_out_of_bounds_read+0x126/0x4e0 [ 25.486791] kunit_try_run_case+0x1a5/0x480 [ 25.487755] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.488741] kthread+0x337/0x6f0 [ 25.489031] ret_from_fork+0x116/0x1d0 [ 25.489430] ret_from_fork_asm+0x1a/0x30 [ 25.489857] [ 25.490540] kfence-#92: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 25.490540] [ 25.491781] allocated by task 305 on cpu 0 at 25.482918s (0.008740s ago): [ 25.492930] test_alloc+0x364/0x10f0 [ 25.493399] test_out_of_bounds_read+0xed/0x4e0 [ 25.493937] kunit_try_run_case+0x1a5/0x480 [ 25.494404] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.495005] kthread+0x337/0x6f0 [ 25.495534] ret_from_fork+0x116/0x1d0 [ 25.495905] ret_from_fork_asm+0x1a/0x30 [ 25.496891] [ 25.497405] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 25.498324] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.498670] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.499944] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 25.380216] ================================================================== [ 25.381431] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 25.382280] Write of size 1 at addr ffff8881038d5f78 by task kunit_try_catch/303 [ 25.382969] [ 25.383160] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 25.383225] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.383245] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.383276] Call Trace: [ 25.383294] <TASK> [ 25.383314] dump_stack_lvl+0x73/0xb0 [ 25.383357] print_report+0xd1/0x650 [ 25.383392] ? __virt_addr_valid+0x1db/0x2d0 [ 25.383425] ? strncpy_from_user+0x1a5/0x1d0 [ 25.383455] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.383488] ? strncpy_from_user+0x1a5/0x1d0 [ 25.383516] kasan_report+0x141/0x180 [ 25.383548] ? strncpy_from_user+0x1a5/0x1d0 [ 25.383582] __asan_report_store1_noabort+0x1b/0x30 [ 25.383619] strncpy_from_user+0x1a5/0x1d0 [ 25.383651] copy_user_test_oob+0x760/0x10f0 [ 25.383690] ? __pfx_copy_user_test_oob+0x10/0x10 [ 25.383723] ? finish_task_switch.isra.0+0x153/0x700 [ 25.383755] ? __switch_to+0x47/0xf50 [ 25.383791] ? __schedule+0x10cc/0x2b60 [ 25.383823] ? __pfx_read_tsc+0x10/0x10 [ 25.383852] ? ktime_get_ts64+0x86/0x230 [ 25.383951] kunit_try_run_case+0x1a5/0x480 [ 25.384042] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.384142] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.384221] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.384303] ? __kthread_parkme+0x82/0x180 [ 25.384375] ? preempt_count_sub+0x50/0x80 [ 25.384459] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.384545] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.384630] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.384742] kthread+0x337/0x6f0 [ 25.384836] ? trace_preempt_on+0x20/0xc0 [ 25.384939] ? __pfx_kthread+0x10/0x10 [ 25.385017] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.385111] ? calculate_sigpending+0x7b/0xa0 [ 25.385199] ? __pfx_kthread+0x10/0x10 [ 25.385279] ret_from_fork+0x116/0x1d0 [ 25.385352] ? __pfx_kthread+0x10/0x10 [ 25.385428] ret_from_fork_asm+0x1a/0x30 [ 25.385531] </TASK> [ 25.385572] [ 25.406318] Allocated by task 303: [ 25.406662] kasan_save_stack+0x45/0x70 [ 25.407106] kasan_save_track+0x18/0x40 [ 25.408015] kasan_save_alloc_info+0x3b/0x50 [ 25.408676] __kasan_kmalloc+0xb7/0xc0 [ 25.409007] __kmalloc_noprof+0x1c9/0x500 [ 25.409314] kunit_kmalloc_array+0x25/0x60 [ 25.410578] copy_user_test_oob+0xab/0x10f0 [ 25.410962] kunit_try_run_case+0x1a5/0x480 [ 25.411521] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.412068] kthread+0x337/0x6f0 [ 25.412755] ret_from_fork+0x116/0x1d0 [ 25.413694] ret_from_fork_asm+0x1a/0x30 [ 25.414061] [ 25.414395] The buggy address belongs to the object at ffff8881038d5f00 [ 25.414395] which belongs to the cache kmalloc-128 of size 128 [ 25.415763] The buggy address is located 0 bytes to the right of [ 25.415763] allocated 120-byte region [ffff8881038d5f00, ffff8881038d5f78) [ 25.417433] [ 25.417843] The buggy address belongs to the physical page: [ 25.418424] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038d5 [ 25.419305] flags: 0x200000000000000(node=0|zone=2) [ 25.419928] page_type: f5(slab) [ 25.420448] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.421043] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.421972] page dumped because: kasan: bad access detected [ 25.422629] [ 25.423026] Memory state around the buggy address: [ 25.423531] ffff8881038d5e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.424072] ffff8881038d5e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.425140] >ffff8881038d5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.425965] ^ [ 25.426663] ffff8881038d5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.427247] ffff8881038d6000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.428092] ================================================================== [ 25.322700] ================================================================== [ 25.326285] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 25.328026] Write of size 121 at addr ffff8881038d5f00 by task kunit_try_catch/303 [ 25.330157] [ 25.330699] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 25.330803] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.330835] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.330902] Call Trace: [ 25.330938] <TASK> [ 25.330978] dump_stack_lvl+0x73/0xb0 [ 25.331052] print_report+0xd1/0x650 [ 25.331540] ? __virt_addr_valid+0x1db/0x2d0 [ 25.331621] ? strncpy_from_user+0x2e/0x1d0 [ 25.331682] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.331751] ? strncpy_from_user+0x2e/0x1d0 [ 25.331806] kasan_report+0x141/0x180 [ 25.331861] ? strncpy_from_user+0x2e/0x1d0 [ 25.331953] kasan_check_range+0x10c/0x1c0 [ 25.332032] __kasan_check_write+0x18/0x20 [ 25.332090] strncpy_from_user+0x2e/0x1d0 [ 25.332194] ? __kasan_check_read+0x15/0x20 [ 25.332267] copy_user_test_oob+0x760/0x10f0 [ 25.332350] ? __pfx_copy_user_test_oob+0x10/0x10 [ 25.332409] ? finish_task_switch.isra.0+0x153/0x700 [ 25.332466] ? __switch_to+0x47/0xf50 [ 25.332526] ? __schedule+0x10cc/0x2b60 [ 25.332580] ? __pfx_read_tsc+0x10/0x10 [ 25.332633] ? ktime_get_ts64+0x86/0x230 [ 25.332695] kunit_try_run_case+0x1a5/0x480 [ 25.332756] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.332823] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.332898] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.332962] ? __kthread_parkme+0x82/0x180 [ 25.333016] ? preempt_count_sub+0x50/0x80 [ 25.333077] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.333193] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.333267] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.333340] kthread+0x337/0x6f0 [ 25.333406] ? trace_preempt_on+0x20/0xc0 [ 25.333477] ? __pfx_kthread+0x10/0x10 [ 25.333544] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.333618] ? calculate_sigpending+0x7b/0xa0 [ 25.333686] ? __pfx_kthread+0x10/0x10 [ 25.333737] ret_from_fork+0x116/0x1d0 [ 25.333785] ? __pfx_kthread+0x10/0x10 [ 25.333838] ret_from_fork_asm+0x1a/0x30 [ 25.333944] </TASK> [ 25.333981] [ 25.358466] Allocated by task 303: [ 25.358946] kasan_save_stack+0x45/0x70 [ 25.359418] kasan_save_track+0x18/0x40 [ 25.359895] kasan_save_alloc_info+0x3b/0x50 [ 25.360637] __kasan_kmalloc+0xb7/0xc0 [ 25.360975] __kmalloc_noprof+0x1c9/0x500 [ 25.362203] kunit_kmalloc_array+0x25/0x60 [ 25.362442] copy_user_test_oob+0xab/0x10f0 [ 25.362624] kunit_try_run_case+0x1a5/0x480 [ 25.362799] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.363156] kthread+0x337/0x6f0 [ 25.363871] ret_from_fork+0x116/0x1d0 [ 25.364686] ret_from_fork_asm+0x1a/0x30 [ 25.365033] [ 25.365590] The buggy address belongs to the object at ffff8881038d5f00 [ 25.365590] which belongs to the cache kmalloc-128 of size 128 [ 25.367037] The buggy address is located 0 bytes inside of [ 25.367037] allocated 120-byte region [ffff8881038d5f00, ffff8881038d5f78) [ 25.368132] [ 25.368489] The buggy address belongs to the physical page: [ 25.369521] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038d5 [ 25.370514] flags: 0x200000000000000(node=0|zone=2) [ 25.370950] page_type: f5(slab) [ 25.371359] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.372237] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.372837] page dumped because: kasan: bad access detected [ 25.373672] [ 25.373846] Memory state around the buggy address: [ 25.374386] ffff8881038d5e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.374922] ffff8881038d5e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.375978] >ffff8881038d5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.376860] ^ [ 25.377604] ffff8881038d5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.378332] ffff8881038d6000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.379088] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 25.180331] ================================================================== [ 25.181417] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 25.182071] Read of size 121 at addr ffff8881038d5f00 by task kunit_try_catch/303 [ 25.183435] [ 25.183894] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 25.184037] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.184058] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.184107] Call Trace: [ 25.184271] <TASK> [ 25.184294] dump_stack_lvl+0x73/0xb0 [ 25.184340] print_report+0xd1/0x650 [ 25.184376] ? __virt_addr_valid+0x1db/0x2d0 [ 25.184409] ? copy_user_test_oob+0x4aa/0x10f0 [ 25.184445] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.184479] ? copy_user_test_oob+0x4aa/0x10f0 [ 25.184514] kasan_report+0x141/0x180 [ 25.184547] ? copy_user_test_oob+0x4aa/0x10f0 [ 25.184587] kasan_check_range+0x10c/0x1c0 [ 25.184622] __kasan_check_read+0x15/0x20 [ 25.184650] copy_user_test_oob+0x4aa/0x10f0 [ 25.184688] ? __pfx_copy_user_test_oob+0x10/0x10 [ 25.184721] ? finish_task_switch.isra.0+0x153/0x700 [ 25.184754] ? __switch_to+0x47/0xf50 [ 25.184790] ? __schedule+0x10cc/0x2b60 [ 25.184822] ? __pfx_read_tsc+0x10/0x10 [ 25.184852] ? ktime_get_ts64+0x86/0x230 [ 25.184917] kunit_try_run_case+0x1a5/0x480 [ 25.184957] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.184996] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.185030] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.185065] ? __kthread_parkme+0x82/0x180 [ 25.185099] ? preempt_count_sub+0x50/0x80 [ 25.185172] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.185212] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.185247] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.185285] kthread+0x337/0x6f0 [ 25.185314] ? trace_preempt_on+0x20/0xc0 [ 25.185347] ? __pfx_kthread+0x10/0x10 [ 25.185378] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.185410] ? calculate_sigpending+0x7b/0xa0 [ 25.185445] ? __pfx_kthread+0x10/0x10 [ 25.185476] ret_from_fork+0x116/0x1d0 [ 25.185503] ? __pfx_kthread+0x10/0x10 [ 25.185533] ret_from_fork_asm+0x1a/0x30 [ 25.185575] </TASK> [ 25.185590] [ 25.205868] Allocated by task 303: [ 25.206946] kasan_save_stack+0x45/0x70 [ 25.207254] kasan_save_track+0x18/0x40 [ 25.208075] kasan_save_alloc_info+0x3b/0x50 [ 25.208507] __kasan_kmalloc+0xb7/0xc0 [ 25.209145] __kmalloc_noprof+0x1c9/0x500 [ 25.209710] kunit_kmalloc_array+0x25/0x60 [ 25.210368] copy_user_test_oob+0xab/0x10f0 [ 25.210792] kunit_try_run_case+0x1a5/0x480 [ 25.211467] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.211999] kthread+0x337/0x6f0 [ 25.212732] ret_from_fork+0x116/0x1d0 [ 25.213066] ret_from_fork_asm+0x1a/0x30 [ 25.213859] [ 25.214157] The buggy address belongs to the object at ffff8881038d5f00 [ 25.214157] which belongs to the cache kmalloc-128 of size 128 [ 25.215474] The buggy address is located 0 bytes inside of [ 25.215474] allocated 120-byte region [ffff8881038d5f00, ffff8881038d5f78) [ 25.216619] [ 25.217149] The buggy address belongs to the physical page: [ 25.217525] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038d5 [ 25.218465] flags: 0x200000000000000(node=0|zone=2) [ 25.218917] page_type: f5(slab) [ 25.219693] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.220296] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.221124] page dumped because: kasan: bad access detected [ 25.221811] [ 25.222277] Memory state around the buggy address: [ 25.222770] ffff8881038d5e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.223594] ffff8881038d5e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.224195] >ffff8881038d5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.224724] ^ [ 25.225671] ffff8881038d5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.226509] ffff8881038d6000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.227282] ================================================================== [ 25.276647] ================================================================== [ 25.277291] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 25.278895] Read of size 121 at addr ffff8881038d5f00 by task kunit_try_catch/303 [ 25.280257] [ 25.280472] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 25.280929] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.280955] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.280988] Call Trace: [ 25.281008] <TASK> [ 25.281027] dump_stack_lvl+0x73/0xb0 [ 25.281072] print_report+0xd1/0x650 [ 25.281125] ? __virt_addr_valid+0x1db/0x2d0 [ 25.281174] ? copy_user_test_oob+0x604/0x10f0 [ 25.281212] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.281245] ? copy_user_test_oob+0x604/0x10f0 [ 25.281281] kasan_report+0x141/0x180 [ 25.281313] ? copy_user_test_oob+0x604/0x10f0 [ 25.281355] kasan_check_range+0x10c/0x1c0 [ 25.281390] __kasan_check_read+0x15/0x20 [ 25.281418] copy_user_test_oob+0x604/0x10f0 [ 25.281457] ? __pfx_copy_user_test_oob+0x10/0x10 [ 25.281492] ? finish_task_switch.isra.0+0x153/0x700 [ 25.281523] ? __switch_to+0x47/0xf50 [ 25.281560] ? __schedule+0x10cc/0x2b60 [ 25.281593] ? __pfx_read_tsc+0x10/0x10 [ 25.281623] ? ktime_get_ts64+0x86/0x230 [ 25.281656] kunit_try_run_case+0x1a5/0x480 [ 25.281694] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.281730] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.281765] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.281800] ? __kthread_parkme+0x82/0x180 [ 25.281829] ? preempt_count_sub+0x50/0x80 [ 25.281862] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.281924] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.281961] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.281999] kthread+0x337/0x6f0 [ 25.282027] ? trace_preempt_on+0x20/0xc0 [ 25.282062] ? __pfx_kthread+0x10/0x10 [ 25.282098] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.282171] ? calculate_sigpending+0x7b/0xa0 [ 25.282209] ? __pfx_kthread+0x10/0x10 [ 25.282241] ret_from_fork+0x116/0x1d0 [ 25.282284] ? __pfx_kthread+0x10/0x10 [ 25.282316] ret_from_fork_asm+0x1a/0x30 [ 25.282358] </TASK> [ 25.282374] [ 25.302148] Allocated by task 303: [ 25.302553] kasan_save_stack+0x45/0x70 [ 25.303105] kasan_save_track+0x18/0x40 [ 25.303483] kasan_save_alloc_info+0x3b/0x50 [ 25.303994] __kasan_kmalloc+0xb7/0xc0 [ 25.304696] __kmalloc_noprof+0x1c9/0x500 [ 25.305182] kunit_kmalloc_array+0x25/0x60 [ 25.305712] copy_user_test_oob+0xab/0x10f0 [ 25.306143] kunit_try_run_case+0x1a5/0x480 [ 25.306699] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.307209] kthread+0x337/0x6f0 [ 25.307666] ret_from_fork+0x116/0x1d0 [ 25.308205] ret_from_fork_asm+0x1a/0x30 [ 25.308722] [ 25.308994] The buggy address belongs to the object at ffff8881038d5f00 [ 25.308994] which belongs to the cache kmalloc-128 of size 128 [ 25.309699] The buggy address is located 0 bytes inside of [ 25.309699] allocated 120-byte region [ffff8881038d5f00, ffff8881038d5f78) [ 25.310744] [ 25.311004] The buggy address belongs to the physical page: [ 25.311819] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038d5 [ 25.312658] flags: 0x200000000000000(node=0|zone=2) [ 25.313096] page_type: f5(slab) [ 25.313483] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.314415] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.315021] page dumped because: kasan: bad access detected [ 25.315395] [ 25.315683] Memory state around the buggy address: [ 25.316190] ffff8881038d5e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.316969] ffff8881038d5e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.317666] >ffff8881038d5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.318237] ^ [ 25.320907] ffff8881038d5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.321470] ffff8881038d6000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.321899] ================================================================== [ 25.134640] ================================================================== [ 25.135188] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 25.135819] Write of size 121 at addr ffff8881038d5f00 by task kunit_try_catch/303 [ 25.136505] [ 25.136771] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 25.136912] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.136958] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.137019] Call Trace: [ 25.137060] <TASK> [ 25.137102] dump_stack_lvl+0x73/0xb0 [ 25.137230] print_report+0xd1/0x650 [ 25.137319] ? __virt_addr_valid+0x1db/0x2d0 [ 25.137398] ? copy_user_test_oob+0x3fd/0x10f0 [ 25.137477] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.137600] ? copy_user_test_oob+0x3fd/0x10f0 [ 25.137690] kasan_report+0x141/0x180 [ 25.137806] ? copy_user_test_oob+0x3fd/0x10f0 [ 25.137926] kasan_check_range+0x10c/0x1c0 [ 25.138013] __kasan_check_write+0x18/0x20 [ 25.138089] copy_user_test_oob+0x3fd/0x10f0 [ 25.138194] ? __pfx_copy_user_test_oob+0x10/0x10 [ 25.138236] ? finish_task_switch.isra.0+0x153/0x700 [ 25.138283] ? __switch_to+0x47/0xf50 [ 25.138321] ? __schedule+0x10cc/0x2b60 [ 25.138355] ? __pfx_read_tsc+0x10/0x10 [ 25.138386] ? ktime_get_ts64+0x86/0x230 [ 25.138423] kunit_try_run_case+0x1a5/0x480 [ 25.138461] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.138497] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.138533] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.138568] ? __kthread_parkme+0x82/0x180 [ 25.138597] ? preempt_count_sub+0x50/0x80 [ 25.138630] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.138667] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.138703] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.138738] kthread+0x337/0x6f0 [ 25.138768] ? trace_preempt_on+0x20/0xc0 [ 25.138802] ? __pfx_kthread+0x10/0x10 [ 25.138833] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.138867] ? calculate_sigpending+0x7b/0xa0 [ 25.138933] ? __pfx_kthread+0x10/0x10 [ 25.138968] ret_from_fork+0x116/0x1d0 [ 25.138994] ? __pfx_kthread+0x10/0x10 [ 25.139025] ret_from_fork_asm+0x1a/0x30 [ 25.139068] </TASK> [ 25.139086] [ 25.157214] Allocated by task 303: [ 25.157851] kasan_save_stack+0x45/0x70 [ 25.158249] kasan_save_track+0x18/0x40 [ 25.158903] kasan_save_alloc_info+0x3b/0x50 [ 25.159554] __kasan_kmalloc+0xb7/0xc0 [ 25.160018] __kmalloc_noprof+0x1c9/0x500 [ 25.160672] kunit_kmalloc_array+0x25/0x60 [ 25.161147] copy_user_test_oob+0xab/0x10f0 [ 25.161813] kunit_try_run_case+0x1a5/0x480 [ 25.162418] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.162943] kthread+0x337/0x6f0 [ 25.163567] ret_from_fork+0x116/0x1d0 [ 25.163974] ret_from_fork_asm+0x1a/0x30 [ 25.164743] [ 25.165001] The buggy address belongs to the object at ffff8881038d5f00 [ 25.165001] which belongs to the cache kmalloc-128 of size 128 [ 25.166476] The buggy address is located 0 bytes inside of [ 25.166476] allocated 120-byte region [ffff8881038d5f00, ffff8881038d5f78) [ 25.167762] [ 25.168051] The buggy address belongs to the physical page: [ 25.168770] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038d5 [ 25.169748] flags: 0x200000000000000(node=0|zone=2) [ 25.170533] page_type: f5(slab) [ 25.170864] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.171666] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.172437] page dumped because: kasan: bad access detected [ 25.172981] [ 25.173509] Memory state around the buggy address: [ 25.174221] ffff8881038d5e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.174745] ffff8881038d5e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.175560] >ffff8881038d5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.176348] ^ [ 25.177176] ffff8881038d5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.177962] ffff8881038d6000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.178679] ================================================================== [ 25.228359] ================================================================== [ 25.229216] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 25.229924] Write of size 121 at addr ffff8881038d5f00 by task kunit_try_catch/303 [ 25.231586] [ 25.231754] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 25.231816] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.231838] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.231914] Call Trace: [ 25.231959] <TASK> [ 25.232000] dump_stack_lvl+0x73/0xb0 [ 25.232336] print_report+0xd1/0x650 [ 25.232373] ? __virt_addr_valid+0x1db/0x2d0 [ 25.232409] ? copy_user_test_oob+0x557/0x10f0 [ 25.232444] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.232476] ? copy_user_test_oob+0x557/0x10f0 [ 25.232511] kasan_report+0x141/0x180 [ 25.232543] ? copy_user_test_oob+0x557/0x10f0 [ 25.232586] kasan_check_range+0x10c/0x1c0 [ 25.232622] __kasan_check_write+0x18/0x20 [ 25.232650] copy_user_test_oob+0x557/0x10f0 [ 25.232689] ? __pfx_copy_user_test_oob+0x10/0x10 [ 25.232722] ? finish_task_switch.isra.0+0x153/0x700 [ 25.232755] ? __switch_to+0x47/0xf50 [ 25.232790] ? __schedule+0x10cc/0x2b60 [ 25.232823] ? __pfx_read_tsc+0x10/0x10 [ 25.232852] ? ktime_get_ts64+0x86/0x230 [ 25.232913] kunit_try_run_case+0x1a5/0x480 [ 25.232954] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.232991] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.233025] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.233061] ? __kthread_parkme+0x82/0x180 [ 25.233090] ? preempt_count_sub+0x50/0x80 [ 25.233153] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.233193] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.233229] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.233265] kthread+0x337/0x6f0 [ 25.233294] ? trace_preempt_on+0x20/0xc0 [ 25.233326] ? __pfx_kthread+0x10/0x10 [ 25.233357] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.233388] ? calculate_sigpending+0x7b/0xa0 [ 25.233423] ? __pfx_kthread+0x10/0x10 [ 25.233456] ret_from_fork+0x116/0x1d0 [ 25.233482] ? __pfx_kthread+0x10/0x10 [ 25.233513] ret_from_fork_asm+0x1a/0x30 [ 25.233556] </TASK> [ 25.233574] [ 25.254039] Allocated by task 303: [ 25.254925] kasan_save_stack+0x45/0x70 [ 25.255284] kasan_save_track+0x18/0x40 [ 25.255710] kasan_save_alloc_info+0x3b/0x50 [ 25.256558] __kasan_kmalloc+0xb7/0xc0 [ 25.256995] __kmalloc_noprof+0x1c9/0x500 [ 25.257768] kunit_kmalloc_array+0x25/0x60 [ 25.258397] copy_user_test_oob+0xab/0x10f0 [ 25.258847] kunit_try_run_case+0x1a5/0x480 [ 25.259589] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.260253] kthread+0x337/0x6f0 [ 25.260798] ret_from_fork+0x116/0x1d0 [ 25.261365] ret_from_fork_asm+0x1a/0x30 [ 25.261749] [ 25.261999] The buggy address belongs to the object at ffff8881038d5f00 [ 25.261999] which belongs to the cache kmalloc-128 of size 128 [ 25.263496] The buggy address is located 0 bytes inside of [ 25.263496] allocated 120-byte region [ffff8881038d5f00, ffff8881038d5f78) [ 25.264937] [ 25.265120] The buggy address belongs to the physical page: [ 25.265495] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038d5 [ 25.266134] flags: 0x200000000000000(node=0|zone=2) [ 25.266928] page_type: f5(slab) [ 25.267669] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.268283] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.268838] page dumped because: kasan: bad access detected [ 25.269763] [ 25.269943] Memory state around the buggy address: [ 25.270416] ffff8881038d5e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.271329] ffff8881038d5e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.272162] >ffff8881038d5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.272934] ^ [ 25.273783] ffff8881038d5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.274720] ffff8881038d6000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.275231] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 25.090125] ================================================================== [ 25.090672] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x3c/0x70 [ 25.091354] Read of size 121 at addr ffff8881038d5f00 by task kunit_try_catch/303 [ 25.091983] [ 25.092250] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 25.092377] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.092420] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.092482] Call Trace: [ 25.092532] <TASK> [ 25.092612] dump_stack_lvl+0x73/0xb0 [ 25.092707] print_report+0xd1/0x650 [ 25.092786] ? __virt_addr_valid+0x1db/0x2d0 [ 25.092868] ? _copy_to_user+0x3c/0x70 [ 25.092958] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.093035] ? _copy_to_user+0x3c/0x70 [ 25.093107] kasan_report+0x141/0x180 [ 25.093181] ? _copy_to_user+0x3c/0x70 [ 25.093221] kasan_check_range+0x10c/0x1c0 [ 25.093258] __kasan_check_read+0x15/0x20 [ 25.093288] _copy_to_user+0x3c/0x70 [ 25.093319] copy_user_test_oob+0x364/0x10f0 [ 25.093357] ? __pfx_copy_user_test_oob+0x10/0x10 [ 25.093392] ? finish_task_switch.isra.0+0x153/0x700 [ 25.093428] ? __switch_to+0x47/0xf50 [ 25.093463] ? __schedule+0x10cc/0x2b60 [ 25.093497] ? __pfx_read_tsc+0x10/0x10 [ 25.093528] ? ktime_get_ts64+0x86/0x230 [ 25.093562] kunit_try_run_case+0x1a5/0x480 [ 25.093599] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.093634] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.093669] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.093704] ? __kthread_parkme+0x82/0x180 [ 25.093732] ? preempt_count_sub+0x50/0x80 [ 25.093765] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.093801] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.093835] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.093890] kthread+0x337/0x6f0 [ 25.093928] ? trace_preempt_on+0x20/0xc0 [ 25.093966] ? __pfx_kthread+0x10/0x10 [ 25.093998] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.094030] ? calculate_sigpending+0x7b/0xa0 [ 25.094066] ? __pfx_kthread+0x10/0x10 [ 25.094105] ret_from_fork+0x116/0x1d0 [ 25.094168] ? __pfx_kthread+0x10/0x10 [ 25.094201] ret_from_fork_asm+0x1a/0x30 [ 25.094243] </TASK> [ 25.094273] [ 25.109318] Allocated by task 303: [ 25.109600] kasan_save_stack+0x45/0x70 [ 25.110072] kasan_save_track+0x18/0x40 [ 25.110573] kasan_save_alloc_info+0x3b/0x50 [ 25.111042] __kasan_kmalloc+0xb7/0xc0 [ 25.111477] __kmalloc_noprof+0x1c9/0x500 [ 25.111840] kunit_kmalloc_array+0x25/0x60 [ 25.112379] copy_user_test_oob+0xab/0x10f0 [ 25.112899] kunit_try_run_case+0x1a5/0x480 [ 25.113474] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.114059] kthread+0x337/0x6f0 [ 25.114469] ret_from_fork+0x116/0x1d0 [ 25.114827] ret_from_fork_asm+0x1a/0x30 [ 25.115187] [ 25.115382] The buggy address belongs to the object at ffff8881038d5f00 [ 25.115382] which belongs to the cache kmalloc-128 of size 128 [ 25.116099] The buggy address is located 0 bytes inside of [ 25.116099] allocated 120-byte region [ffff8881038d5f00, ffff8881038d5f78) [ 25.117328] [ 25.117601] The buggy address belongs to the physical page: [ 25.118146] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038d5 [ 25.119983] flags: 0x200000000000000(node=0|zone=2) [ 25.120824] page_type: f5(slab) [ 25.121138] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.121854] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.123188] page dumped because: kasan: bad access detected [ 25.123566] [ 25.123753] Memory state around the buggy address: [ 25.124230] ffff8881038d5e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.124929] ffff8881038d5e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.125625] >ffff8881038d5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.126247] ^ [ 25.126915] ffff8881038d5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.127516] ffff8881038d6000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.128104] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 25.034355] ================================================================== [ 25.035662] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 25.036377] Write of size 121 at addr ffff8881038d5f00 by task kunit_try_catch/303 [ 25.037117] [ 25.037403] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 25.037528] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.037569] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.037635] Call Trace: [ 25.037678] <TASK> [ 25.037727] dump_stack_lvl+0x73/0xb0 [ 25.037823] print_report+0xd1/0x650 [ 25.037866] ? __virt_addr_valid+0x1db/0x2d0 [ 25.037993] ? _copy_from_user+0x32/0x90 [ 25.038068] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.038306] ? _copy_from_user+0x32/0x90 [ 25.038346] kasan_report+0x141/0x180 [ 25.038383] ? _copy_from_user+0x32/0x90 [ 25.038419] kasan_check_range+0x10c/0x1c0 [ 25.038457] __kasan_check_write+0x18/0x20 [ 25.038486] _copy_from_user+0x32/0x90 [ 25.038517] copy_user_test_oob+0x2be/0x10f0 [ 25.038558] ? __pfx_copy_user_test_oob+0x10/0x10 [ 25.038593] ? finish_task_switch.isra.0+0x153/0x700 [ 25.038626] ? __switch_to+0x47/0xf50 [ 25.038663] ? __schedule+0x10cc/0x2b60 [ 25.038697] ? __pfx_read_tsc+0x10/0x10 [ 25.038728] ? ktime_get_ts64+0x86/0x230 [ 25.038763] kunit_try_run_case+0x1a5/0x480 [ 25.038801] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.038836] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.038892] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.038935] ? __kthread_parkme+0x82/0x180 [ 25.038967] ? preempt_count_sub+0x50/0x80 [ 25.038999] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.039036] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.039072] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.039145] kthread+0x337/0x6f0 [ 25.039186] ? trace_preempt_on+0x20/0xc0 [ 25.039221] ? __pfx_kthread+0x10/0x10 [ 25.039252] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.039286] ? calculate_sigpending+0x7b/0xa0 [ 25.039324] ? __pfx_kthread+0x10/0x10 [ 25.039354] ret_from_fork+0x116/0x1d0 [ 25.039382] ? __pfx_kthread+0x10/0x10 [ 25.039414] ret_from_fork_asm+0x1a/0x30 [ 25.039458] </TASK> [ 25.039476] [ 25.061928] Allocated by task 303: [ 25.063327] kasan_save_stack+0x45/0x70 [ 25.063925] kasan_save_track+0x18/0x40 [ 25.065009] kasan_save_alloc_info+0x3b/0x50 [ 25.065686] __kasan_kmalloc+0xb7/0xc0 [ 25.065983] __kmalloc_noprof+0x1c9/0x500 [ 25.066555] kunit_kmalloc_array+0x25/0x60 [ 25.067227] copy_user_test_oob+0xab/0x10f0 [ 25.068614] kunit_try_run_case+0x1a5/0x480 [ 25.069082] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.069553] kthread+0x337/0x6f0 [ 25.070443] ret_from_fork+0x116/0x1d0 [ 25.070778] ret_from_fork_asm+0x1a/0x30 [ 25.071398] [ 25.071665] The buggy address belongs to the object at ffff8881038d5f00 [ 25.071665] which belongs to the cache kmalloc-128 of size 128 [ 25.073084] The buggy address is located 0 bytes inside of [ 25.073084] allocated 120-byte region [ffff8881038d5f00, ffff8881038d5f78) [ 25.074146] [ 25.074421] The buggy address belongs to the physical page: [ 25.074912] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038d5 [ 25.076039] flags: 0x200000000000000(node=0|zone=2) [ 25.076890] page_type: f5(slab) [ 25.077476] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.078625] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.079462] page dumped because: kasan: bad access detected [ 25.079924] [ 25.080151] Memory state around the buggy address: [ 25.080549] ffff8881038d5e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.081535] ffff8881038d5e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.082244] >ffff8881038d5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.082839] ^ [ 25.083559] ffff8881038d5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.084221] ffff8881038d6000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.084773] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 24.928827] ================================================================== [ 24.929532] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 24.929812] Read of size 8 at addr ffff8881038d5e78 by task kunit_try_catch/299 [ 24.930392] [ 24.930680] CPU: 1 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 24.930810] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.930851] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.930997] Call Trace: [ 24.931069] <TASK> [ 24.931120] dump_stack_lvl+0x73/0xb0 [ 24.931216] print_report+0xd1/0x650 [ 24.931300] ? __virt_addr_valid+0x1db/0x2d0 [ 24.931380] ? copy_to_kernel_nofault+0x225/0x260 [ 24.931454] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.931530] ? copy_to_kernel_nofault+0x225/0x260 [ 24.931685] kasan_report+0x141/0x180 [ 24.931888] ? copy_to_kernel_nofault+0x225/0x260 [ 24.931984] __asan_report_load8_noabort+0x18/0x20 [ 24.932064] copy_to_kernel_nofault+0x225/0x260 [ 24.932123] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 24.932175] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 24.932212] ? finish_task_switch.isra.0+0x153/0x700 [ 24.932246] ? __schedule+0x10cc/0x2b60 [ 24.932280] ? trace_hardirqs_on+0x37/0xe0 [ 24.932326] ? __pfx_read_tsc+0x10/0x10 [ 24.932359] ? ktime_get_ts64+0x86/0x230 [ 24.932393] kunit_try_run_case+0x1a5/0x480 [ 24.932435] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.932474] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.932512] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.932548] ? __kthread_parkme+0x82/0x180 [ 24.932577] ? preempt_count_sub+0x50/0x80 [ 24.932609] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.932646] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.932682] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.932719] kthread+0x337/0x6f0 [ 24.932748] ? trace_preempt_on+0x20/0xc0 [ 24.932781] ? __pfx_kthread+0x10/0x10 [ 24.932810] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.932842] ? calculate_sigpending+0x7b/0xa0 [ 24.932904] ? __pfx_kthread+0x10/0x10 [ 24.932942] ret_from_fork+0x116/0x1d0 [ 24.932972] ? __pfx_kthread+0x10/0x10 [ 24.933003] ret_from_fork_asm+0x1a/0x30 [ 24.933046] </TASK> [ 24.933064] [ 24.950400] Allocated by task 299: [ 24.951029] kasan_save_stack+0x45/0x70 [ 24.951542] kasan_save_track+0x18/0x40 [ 24.951863] kasan_save_alloc_info+0x3b/0x50 [ 24.952280] __kasan_kmalloc+0xb7/0xc0 [ 24.952858] __kmalloc_cache_noprof+0x189/0x420 [ 24.953704] copy_to_kernel_nofault_oob+0x12f/0x560 [ 24.954369] kunit_try_run_case+0x1a5/0x480 [ 24.954808] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.955527] kthread+0x337/0x6f0 [ 24.955999] ret_from_fork+0x116/0x1d0 [ 24.956527] ret_from_fork_asm+0x1a/0x30 [ 24.956887] [ 24.957302] The buggy address belongs to the object at ffff8881038d5e00 [ 24.957302] which belongs to the cache kmalloc-128 of size 128 [ 24.958502] The buggy address is located 0 bytes to the right of [ 24.958502] allocated 120-byte region [ffff8881038d5e00, ffff8881038d5e78) [ 24.959593] [ 24.959990] The buggy address belongs to the physical page: [ 24.960655] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038d5 [ 24.961380] flags: 0x200000000000000(node=0|zone=2) [ 24.961899] page_type: f5(slab) [ 24.962273] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.962972] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.963810] page dumped because: kasan: bad access detected [ 24.964363] [ 24.964614] Memory state around the buggy address: [ 24.965168] ffff8881038d5d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.965970] ffff8881038d5d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.966983] >ffff8881038d5e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 24.967751] ^ [ 24.968623] ffff8881038d5e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.969592] ffff8881038d5f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.970118] ================================================================== [ 24.971514] ================================================================== [ 24.972103] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 24.973938] Write of size 8 at addr ffff8881038d5e78 by task kunit_try_catch/299 [ 24.974512] [ 24.974966] CPU: 1 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 24.975252] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.975292] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.975327] Call Trace: [ 24.975351] <TASK> [ 24.975371] dump_stack_lvl+0x73/0xb0 [ 24.975417] print_report+0xd1/0x650 [ 24.975451] ? __virt_addr_valid+0x1db/0x2d0 [ 24.975485] ? copy_to_kernel_nofault+0x99/0x260 [ 24.975522] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.975555] ? copy_to_kernel_nofault+0x99/0x260 [ 24.975590] kasan_report+0x141/0x180 [ 24.975623] ? copy_to_kernel_nofault+0x99/0x260 [ 24.975663] kasan_check_range+0x10c/0x1c0 [ 24.975698] __kasan_check_write+0x18/0x20 [ 24.975726] copy_to_kernel_nofault+0x99/0x260 [ 24.975762] copy_to_kernel_nofault_oob+0x288/0x560 [ 24.975797] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 24.975831] ? finish_task_switch.isra.0+0x153/0x700 [ 24.975864] ? __schedule+0x10cc/0x2b60 [ 24.975928] ? trace_hardirqs_on+0x37/0xe0 [ 24.975974] ? __pfx_read_tsc+0x10/0x10 [ 24.976006] ? ktime_get_ts64+0x86/0x230 [ 24.976042] kunit_try_run_case+0x1a5/0x480 [ 24.976080] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.976154] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.976196] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.976232] ? __kthread_parkme+0x82/0x180 [ 24.976261] ? preempt_count_sub+0x50/0x80 [ 24.976294] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.976331] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.976367] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.976403] kthread+0x337/0x6f0 [ 24.976432] ? trace_preempt_on+0x20/0xc0 [ 24.976464] ? __pfx_kthread+0x10/0x10 [ 24.976495] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.976526] ? calculate_sigpending+0x7b/0xa0 [ 24.976561] ? __pfx_kthread+0x10/0x10 [ 24.976593] ret_from_fork+0x116/0x1d0 [ 24.976619] ? __pfx_kthread+0x10/0x10 [ 24.976650] ret_from_fork_asm+0x1a/0x30 [ 24.976693] </TASK> [ 24.976710] [ 24.996115] Allocated by task 299: [ 24.996786] kasan_save_stack+0x45/0x70 [ 24.997323] kasan_save_track+0x18/0x40 [ 24.997724] kasan_save_alloc_info+0x3b/0x50 [ 24.998133] __kasan_kmalloc+0xb7/0xc0 [ 24.998642] __kmalloc_cache_noprof+0x189/0x420 [ 24.999134] copy_to_kernel_nofault_oob+0x12f/0x560 [ 24.999679] kunit_try_run_case+0x1a5/0x480 [ 25.000046] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.000510] kthread+0x337/0x6f0 [ 25.001000] ret_from_fork+0x116/0x1d0 [ 25.001406] ret_from_fork_asm+0x1a/0x30 [ 25.001960] [ 25.002202] The buggy address belongs to the object at ffff8881038d5e00 [ 25.002202] which belongs to the cache kmalloc-128 of size 128 [ 25.003433] The buggy address is located 0 bytes to the right of [ 25.003433] allocated 120-byte region [ffff8881038d5e00, ffff8881038d5e78) [ 25.004601] [ 25.004796] The buggy address belongs to the physical page: [ 25.005189] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038d5 [ 25.005948] flags: 0x200000000000000(node=0|zone=2) [ 25.006471] page_type: f5(slab) [ 25.006851] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.007581] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.008114] page dumped because: kasan: bad access detected [ 25.009059] [ 25.009395] Memory state around the buggy address: [ 25.009889] ffff8881038d5d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.010524] ffff8881038d5d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.011218] >ffff8881038d5e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.011666] ^ [ 25.012375] ffff8881038d5e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.013185] ffff8881038d5f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.013815] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 23.855379] ================================================================== [ 23.856218] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 23.856830] Write of size 8 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 23.857366] [ 23.857637] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 23.857735] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.857757] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.857788] Call Trace: [ 23.857808] <TASK> [ 23.857828] dump_stack_lvl+0x73/0xb0 [ 23.858312] print_report+0xd1/0x650 [ 23.858426] ? __virt_addr_valid+0x1db/0x2d0 [ 23.858504] ? kasan_atomics_helper+0x177f/0x5450 [ 23.858579] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.858657] ? kasan_atomics_helper+0x177f/0x5450 [ 23.858733] kasan_report+0x141/0x180 [ 23.858812] ? kasan_atomics_helper+0x177f/0x5450 [ 23.858913] kasan_check_range+0x10c/0x1c0 [ 23.858960] __kasan_check_write+0x18/0x20 [ 23.858993] kasan_atomics_helper+0x177f/0x5450 [ 23.859028] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.859063] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.859126] ? kasan_save_alloc_info+0x3b/0x50 [ 23.859180] ? kasan_atomics+0x152/0x310 [ 23.859223] kasan_atomics+0x1dc/0x310 [ 23.859258] ? __pfx_kasan_atomics+0x10/0x10 [ 23.859296] ? __pfx_read_tsc+0x10/0x10 [ 23.859328] ? ktime_get_ts64+0x86/0x230 [ 23.859362] kunit_try_run_case+0x1a5/0x480 [ 23.859400] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.859436] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.859473] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.859509] ? __kthread_parkme+0x82/0x180 [ 23.859540] ? preempt_count_sub+0x50/0x80 [ 23.859574] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.859612] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.859648] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.859685] kthread+0x337/0x6f0 [ 23.859716] ? trace_preempt_on+0x20/0xc0 [ 23.859750] ? __pfx_kthread+0x10/0x10 [ 23.859781] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.859816] ? calculate_sigpending+0x7b/0xa0 [ 23.859851] ? __pfx_kthread+0x10/0x10 [ 23.859911] ret_from_fork+0x116/0x1d0 [ 23.859945] ? __pfx_kthread+0x10/0x10 [ 23.859978] ret_from_fork_asm+0x1a/0x30 [ 23.860024] </TASK> [ 23.860040] [ 23.877518] Allocated by task 283: [ 23.877861] kasan_save_stack+0x45/0x70 [ 23.878504] kasan_save_track+0x18/0x40 [ 23.878942] kasan_save_alloc_info+0x3b/0x50 [ 23.879426] __kasan_kmalloc+0xb7/0xc0 [ 23.879748] __kmalloc_cache_noprof+0x189/0x420 [ 23.880161] kasan_atomics+0x95/0x310 [ 23.880603] kunit_try_run_case+0x1a5/0x480 [ 23.881065] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.881616] kthread+0x337/0x6f0 [ 23.882072] ret_from_fork+0x116/0x1d0 [ 23.882517] ret_from_fork_asm+0x1a/0x30 [ 23.882946] [ 23.883137] The buggy address belongs to the object at ffff8881038ee700 [ 23.883137] which belongs to the cache kmalloc-64 of size 64 [ 23.883912] The buggy address is located 0 bytes to the right of [ 23.883912] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 23.885247] [ 23.885480] The buggy address belongs to the physical page: [ 23.886109] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 23.886709] flags: 0x200000000000000(node=0|zone=2) [ 23.887222] page_type: f5(slab) [ 23.887584] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.888289] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.888980] page dumped because: kasan: bad access detected [ 23.889507] [ 23.889716] Memory state around the buggy address: [ 23.890206] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.890741] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.892110] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.892559] ^ [ 23.892923] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.893378] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.894125] ================================================================== [ 23.626913] ================================================================== [ 23.627375] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 23.628163] Write of size 8 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 23.628980] [ 23.629226] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 23.629350] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.629397] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.629464] Call Trace: [ 23.629514] <TASK> [ 23.629561] dump_stack_lvl+0x73/0xb0 [ 23.629648] print_report+0xd1/0x650 [ 23.629730] ? __virt_addr_valid+0x1db/0x2d0 [ 23.629813] ? kasan_atomics_helper+0x50d4/0x5450 [ 23.629908] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.629993] ? kasan_atomics_helper+0x50d4/0x5450 [ 23.630072] kasan_report+0x141/0x180 [ 23.630153] ? kasan_atomics_helper+0x50d4/0x5450 [ 23.630247] __asan_report_store8_noabort+0x1b/0x30 [ 23.630342] kasan_atomics_helper+0x50d4/0x5450 [ 23.630422] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.630505] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.630588] ? kasan_save_alloc_info+0x3b/0x50 [ 23.630667] ? kasan_atomics+0x152/0x310 [ 23.630752] kasan_atomics+0x1dc/0x310 [ 23.630832] ? __pfx_kasan_atomics+0x10/0x10 [ 23.630931] ? __pfx_read_tsc+0x10/0x10 [ 23.631005] ? ktime_get_ts64+0x86/0x230 [ 23.631085] kunit_try_run_case+0x1a5/0x480 [ 23.631170] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.631248] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.631326] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.631407] ? __kthread_parkme+0x82/0x180 [ 23.631480] ? preempt_count_sub+0x50/0x80 [ 23.631561] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.631640] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.631719] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.631799] kthread+0x337/0x6f0 [ 23.631869] ? trace_preempt_on+0x20/0xc0 [ 23.631965] ? __pfx_kthread+0x10/0x10 [ 23.632039] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.632104] ? calculate_sigpending+0x7b/0xa0 [ 23.632173] ? __pfx_kthread+0x10/0x10 [ 23.632250] ret_from_fork+0x116/0x1d0 [ 23.632322] ? __pfx_kthread+0x10/0x10 [ 23.632398] ret_from_fork_asm+0x1a/0x30 [ 23.632495] </TASK> [ 23.632539] [ 23.647209] Allocated by task 283: [ 23.647580] kasan_save_stack+0x45/0x70 [ 23.648023] kasan_save_track+0x18/0x40 [ 23.648462] kasan_save_alloc_info+0x3b/0x50 [ 23.648819] __kasan_kmalloc+0xb7/0xc0 [ 23.649309] __kmalloc_cache_noprof+0x189/0x420 [ 23.649732] kasan_atomics+0x95/0x310 [ 23.650116] kunit_try_run_case+0x1a5/0x480 [ 23.650554] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.651007] kthread+0x337/0x6f0 [ 23.651627] ret_from_fork+0x116/0x1d0 [ 23.652028] ret_from_fork_asm+0x1a/0x30 [ 23.652451] [ 23.652687] The buggy address belongs to the object at ffff8881038ee700 [ 23.652687] which belongs to the cache kmalloc-64 of size 64 [ 23.653788] The buggy address is located 0 bytes to the right of [ 23.653788] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 23.655070] [ 23.655301] The buggy address belongs to the physical page: [ 23.655828] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 23.656354] flags: 0x200000000000000(node=0|zone=2) [ 23.656718] page_type: f5(slab) [ 23.657065] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.658091] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.659139] page dumped because: kasan: bad access detected [ 23.659660] [ 23.659918] Memory state around the buggy address: [ 23.660404] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.662471] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.663179] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.663840] ^ [ 23.664262] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.664719] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.667186] ================================================================== [ 22.325387] ================================================================== [ 22.326148] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 22.326846] Write of size 4 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 22.328150] [ 22.328379] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 22.328488] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.328526] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.328585] Call Trace: [ 22.328636] <TASK> [ 22.328681] dump_stack_lvl+0x73/0xb0 [ 22.328770] print_report+0xd1/0x650 [ 22.328852] ? __virt_addr_valid+0x1db/0x2d0 [ 22.328957] ? kasan_atomics_helper+0x5fe/0x5450 [ 22.329033] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.329110] ? kasan_atomics_helper+0x5fe/0x5450 [ 22.329191] kasan_report+0x141/0x180 [ 22.329272] ? kasan_atomics_helper+0x5fe/0x5450 [ 22.329360] kasan_check_range+0x10c/0x1c0 [ 22.329446] __kasan_check_write+0x18/0x20 [ 22.329662] kasan_atomics_helper+0x5fe/0x5450 [ 22.329746] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.329825] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.329925] ? kasan_save_alloc_info+0x3b/0x50 [ 22.330005] ? kasan_atomics+0x152/0x310 [ 22.330090] kasan_atomics+0x1dc/0x310 [ 22.330173] ? __pfx_kasan_atomics+0x10/0x10 [ 22.330266] ? __pfx_read_tsc+0x10/0x10 [ 22.330340] ? ktime_get_ts64+0x86/0x230 [ 22.330421] kunit_try_run_case+0x1a5/0x480 [ 22.330506] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.330580] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.330619] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.330655] ? __kthread_parkme+0x82/0x180 [ 22.330687] ? preempt_count_sub+0x50/0x80 [ 22.330719] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.330758] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.330794] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.330830] kthread+0x337/0x6f0 [ 22.330858] ? trace_preempt_on+0x20/0xc0 [ 22.330921] ? __pfx_kthread+0x10/0x10 [ 22.330955] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.330988] ? calculate_sigpending+0x7b/0xa0 [ 22.331022] ? __pfx_kthread+0x10/0x10 [ 22.331053] ret_from_fork+0x116/0x1d0 [ 22.331079] ? __pfx_kthread+0x10/0x10 [ 22.331141] ret_from_fork_asm+0x1a/0x30 [ 22.331190] </TASK> [ 22.331208] [ 22.347330] Allocated by task 283: [ 22.347708] kasan_save_stack+0x45/0x70 [ 22.348394] kasan_save_track+0x18/0x40 [ 22.349437] kasan_save_alloc_info+0x3b/0x50 [ 22.349934] __kasan_kmalloc+0xb7/0xc0 [ 22.350405] __kmalloc_cache_noprof+0x189/0x420 [ 22.351113] kasan_atomics+0x95/0x310 [ 22.351494] kunit_try_run_case+0x1a5/0x480 [ 22.352079] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.352661] kthread+0x337/0x6f0 [ 22.352980] ret_from_fork+0x116/0x1d0 [ 22.353547] ret_from_fork_asm+0x1a/0x30 [ 22.354455] [ 22.354689] The buggy address belongs to the object at ffff8881038ee700 [ 22.354689] which belongs to the cache kmalloc-64 of size 64 [ 22.356183] The buggy address is located 0 bytes to the right of [ 22.356183] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 22.357193] [ 22.357440] The buggy address belongs to the physical page: [ 22.358226] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 22.358972] flags: 0x200000000000000(node=0|zone=2) [ 22.359651] page_type: f5(slab) [ 22.360047] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.360680] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.361167] page dumped because: kasan: bad access detected [ 22.361634] [ 22.362115] Memory state around the buggy address: [ 22.362774] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.363642] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.365147] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.365924] ^ [ 22.366734] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.367455] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.368279] ================================================================== [ 23.894891] ================================================================== [ 23.895534] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 23.897616] Write of size 8 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 23.898528] [ 23.898998] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 23.899214] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.899259] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.899319] Call Trace: [ 23.899367] <TASK> [ 23.899416] dump_stack_lvl+0x73/0xb0 [ 23.899506] print_report+0xd1/0x650 [ 23.899582] ? __virt_addr_valid+0x1db/0x2d0 [ 23.899662] ? kasan_atomics_helper+0x1818/0x5450 [ 23.899737] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.899816] ? kasan_atomics_helper+0x1818/0x5450 [ 23.899914] kasan_report+0x141/0x180 [ 23.899996] ? kasan_atomics_helper+0x1818/0x5450 [ 23.900054] kasan_check_range+0x10c/0x1c0 [ 23.900111] __kasan_check_write+0x18/0x20 [ 23.900176] kasan_atomics_helper+0x1818/0x5450 [ 23.900212] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.900247] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.900283] ? kasan_save_alloc_info+0x3b/0x50 [ 23.900320] ? kasan_atomics+0x152/0x310 [ 23.900358] kasan_atomics+0x1dc/0x310 [ 23.900392] ? __pfx_kasan_atomics+0x10/0x10 [ 23.900429] ? __pfx_read_tsc+0x10/0x10 [ 23.900460] ? ktime_get_ts64+0x86/0x230 [ 23.900494] kunit_try_run_case+0x1a5/0x480 [ 23.900531] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.900567] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.900601] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.900637] ? __kthread_parkme+0x82/0x180 [ 23.900667] ? preempt_count_sub+0x50/0x80 [ 23.900700] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.900737] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.900772] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.900809] kthread+0x337/0x6f0 [ 23.900838] ? trace_preempt_on+0x20/0xc0 [ 23.900871] ? __pfx_kthread+0x10/0x10 [ 23.900931] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.900965] ? calculate_sigpending+0x7b/0xa0 [ 23.901001] ? __pfx_kthread+0x10/0x10 [ 23.901032] ret_from_fork+0x116/0x1d0 [ 23.901059] ? __pfx_kthread+0x10/0x10 [ 23.901089] ret_from_fork_asm+0x1a/0x30 [ 23.901162] </TASK> [ 23.901181] [ 23.917191] Allocated by task 283: [ 23.917583] kasan_save_stack+0x45/0x70 [ 23.918040] kasan_save_track+0x18/0x40 [ 23.918465] kasan_save_alloc_info+0x3b/0x50 [ 23.918955] __kasan_kmalloc+0xb7/0xc0 [ 23.919374] __kmalloc_cache_noprof+0x189/0x420 [ 23.920112] kasan_atomics+0x95/0x310 [ 23.920538] kunit_try_run_case+0x1a5/0x480 [ 23.921936] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.923466] kthread+0x337/0x6f0 [ 23.924357] ret_from_fork+0x116/0x1d0 [ 23.924942] ret_from_fork_asm+0x1a/0x30 [ 23.926086] [ 23.926905] The buggy address belongs to the object at ffff8881038ee700 [ 23.926905] which belongs to the cache kmalloc-64 of size 64 [ 23.927825] The buggy address is located 0 bytes to the right of [ 23.927825] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 23.928981] [ 23.929298] The buggy address belongs to the physical page: [ 23.929900] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 23.930735] flags: 0x200000000000000(node=0|zone=2) [ 23.931232] page_type: f5(slab) [ 23.931605] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.932233] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.932727] page dumped because: kasan: bad access detected [ 23.933338] [ 23.933552] Memory state around the buggy address: [ 23.934002] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.934770] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.935472] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.936081] ^ [ 23.936695] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.937263] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.938025] ================================================================== [ 22.712054] ================================================================== [ 22.712634] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 22.713387] Write of size 4 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 22.714007] [ 22.714363] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 22.714486] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.714530] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.714624] Call Trace: [ 22.714670] <TASK> [ 22.714704] dump_stack_lvl+0x73/0xb0 [ 22.714774] print_report+0xd1/0x650 [ 22.714849] ? __virt_addr_valid+0x1db/0x2d0 [ 22.714954] ? kasan_atomics_helper+0xac7/0x5450 [ 22.715028] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.715111] ? kasan_atomics_helper+0xac7/0x5450 [ 22.715198] kasan_report+0x141/0x180 [ 22.715281] ? kasan_atomics_helper+0xac7/0x5450 [ 22.715368] kasan_check_range+0x10c/0x1c0 [ 22.715491] __kasan_check_write+0x18/0x20 [ 22.715564] kasan_atomics_helper+0xac7/0x5450 [ 22.715644] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.715694] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.715732] ? kasan_save_alloc_info+0x3b/0x50 [ 22.715768] ? kasan_atomics+0x152/0x310 [ 22.715807] kasan_atomics+0x1dc/0x310 [ 22.715841] ? __pfx_kasan_atomics+0x10/0x10 [ 22.715903] ? __pfx_read_tsc+0x10/0x10 [ 22.715938] ? ktime_get_ts64+0x86/0x230 [ 22.715973] kunit_try_run_case+0x1a5/0x480 [ 22.716010] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.716046] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.716080] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.716151] ? __kthread_parkme+0x82/0x180 [ 22.716188] ? preempt_count_sub+0x50/0x80 [ 22.716221] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.716258] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.716293] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.716329] kthread+0x337/0x6f0 [ 22.716358] ? trace_preempt_on+0x20/0xc0 [ 22.716390] ? __pfx_kthread+0x10/0x10 [ 22.716420] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.716452] ? calculate_sigpending+0x7b/0xa0 [ 22.716487] ? __pfx_kthread+0x10/0x10 [ 22.716518] ret_from_fork+0x116/0x1d0 [ 22.716545] ? __pfx_kthread+0x10/0x10 [ 22.716575] ret_from_fork_asm+0x1a/0x30 [ 22.716618] </TASK> [ 22.716634] [ 22.734940] Allocated by task 283: [ 22.735474] kasan_save_stack+0x45/0x70 [ 22.736006] kasan_save_track+0x18/0x40 [ 22.736493] kasan_save_alloc_info+0x3b/0x50 [ 22.736958] __kasan_kmalloc+0xb7/0xc0 [ 22.737357] __kmalloc_cache_noprof+0x189/0x420 [ 22.738067] kasan_atomics+0x95/0x310 [ 22.738602] kunit_try_run_case+0x1a5/0x480 [ 22.739050] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.739751] kthread+0x337/0x6f0 [ 22.740234] ret_from_fork+0x116/0x1d0 [ 22.740758] ret_from_fork_asm+0x1a/0x30 [ 22.741259] [ 22.741609] The buggy address belongs to the object at ffff8881038ee700 [ 22.741609] which belongs to the cache kmalloc-64 of size 64 [ 22.742755] The buggy address is located 0 bytes to the right of [ 22.742755] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 22.743932] [ 22.744244] The buggy address belongs to the physical page: [ 22.744623] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 22.745483] flags: 0x200000000000000(node=0|zone=2) [ 22.746067] page_type: f5(slab) [ 22.746453] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.747184] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.747971] page dumped because: kasan: bad access detected [ 22.748572] [ 22.748858] Memory state around the buggy address: [ 22.749449] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.750161] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.750958] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.751777] ^ [ 22.752147] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.752936] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.753683] ================================================================== [ 22.664528] ================================================================== [ 22.666924] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 22.668468] Write of size 4 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 22.669872] [ 22.670357] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 22.670571] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.670641] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.670687] Call Trace: [ 22.670712] <TASK> [ 22.670735] dump_stack_lvl+0x73/0xb0 [ 22.670782] print_report+0xd1/0x650 [ 22.670818] ? __virt_addr_valid+0x1db/0x2d0 [ 22.670853] ? kasan_atomics_helper+0xa2b/0x5450 [ 22.670924] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.670972] ? kasan_atomics_helper+0xa2b/0x5450 [ 22.671007] kasan_report+0x141/0x180 [ 22.671042] ? kasan_atomics_helper+0xa2b/0x5450 [ 22.671080] kasan_check_range+0x10c/0x1c0 [ 22.671165] __kasan_check_write+0x18/0x20 [ 22.671199] kasan_atomics_helper+0xa2b/0x5450 [ 22.671233] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.671266] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.671303] ? kasan_save_alloc_info+0x3b/0x50 [ 22.671338] ? kasan_atomics+0x152/0x310 [ 22.671376] kasan_atomics+0x1dc/0x310 [ 22.671412] ? __pfx_kasan_atomics+0x10/0x10 [ 22.671448] ? __pfx_read_tsc+0x10/0x10 [ 22.671481] ? ktime_get_ts64+0x86/0x230 [ 22.671515] kunit_try_run_case+0x1a5/0x480 [ 22.671553] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.671588] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.671623] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.671658] ? __kthread_parkme+0x82/0x180 [ 22.671688] ? preempt_count_sub+0x50/0x80 [ 22.671721] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.671758] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.671792] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.671829] kthread+0x337/0x6f0 [ 22.671858] ? trace_preempt_on+0x20/0xc0 [ 22.671923] ? __pfx_kthread+0x10/0x10 [ 22.671956] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.671991] ? calculate_sigpending+0x7b/0xa0 [ 22.672028] ? __pfx_kthread+0x10/0x10 [ 22.672060] ret_from_fork+0x116/0x1d0 [ 22.672087] ? __pfx_kthread+0x10/0x10 [ 22.672159] ret_from_fork_asm+0x1a/0x30 [ 22.672209] </TASK> [ 22.672225] [ 22.690866] Allocated by task 283: [ 22.691168] kasan_save_stack+0x45/0x70 [ 22.691600] kasan_save_track+0x18/0x40 [ 22.692047] kasan_save_alloc_info+0x3b/0x50 [ 22.692892] __kasan_kmalloc+0xb7/0xc0 [ 22.693713] __kmalloc_cache_noprof+0x189/0x420 [ 22.694325] kasan_atomics+0x95/0x310 [ 22.694643] kunit_try_run_case+0x1a5/0x480 [ 22.695527] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.696023] kthread+0x337/0x6f0 [ 22.696354] ret_from_fork+0x116/0x1d0 [ 22.696665] ret_from_fork_asm+0x1a/0x30 [ 22.697009] [ 22.697197] The buggy address belongs to the object at ffff8881038ee700 [ 22.697197] which belongs to the cache kmalloc-64 of size 64 [ 22.698414] The buggy address is located 0 bytes to the right of [ 22.698414] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 22.699843] [ 22.700061] The buggy address belongs to the physical page: [ 22.700910] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 22.701975] flags: 0x200000000000000(node=0|zone=2) [ 22.702998] page_type: f5(slab) [ 22.703602] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.704462] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.705096] page dumped because: kasan: bad access detected [ 22.705872] [ 22.706089] Memory state around the buggy address: [ 22.706509] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.707049] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.707986] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.708943] ^ [ 22.709807] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.710323] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.711009] ================================================================== [ 22.059850] ================================================================== [ 22.060358] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 22.062250] Write of size 4 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 22.062783] [ 22.063089] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 22.063948] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.063995] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.064056] Call Trace: [ 22.064080] <TASK> [ 22.064107] dump_stack_lvl+0x73/0xb0 [ 22.064186] print_report+0xd1/0x650 [ 22.064223] ? __virt_addr_valid+0x1db/0x2d0 [ 22.064256] ? kasan_atomics_helper+0x4b6e/0x5450 [ 22.064288] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.064321] ? kasan_atomics_helper+0x4b6e/0x5450 [ 22.064354] kasan_report+0x141/0x180 [ 22.064387] ? kasan_atomics_helper+0x4b6e/0x5450 [ 22.064426] __asan_report_store4_noabort+0x1b/0x30 [ 22.064455] kasan_atomics_helper+0x4b6e/0x5450 [ 22.064490] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.064523] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.064559] ? kasan_save_alloc_info+0x3b/0x50 [ 22.064594] ? kasan_atomics+0x152/0x310 [ 22.064632] kasan_atomics+0x1dc/0x310 [ 22.064665] ? __pfx_kasan_atomics+0x10/0x10 [ 22.064701] ? __pfx_read_tsc+0x10/0x10 [ 22.064731] ? ktime_get_ts64+0x86/0x230 [ 22.064767] kunit_try_run_case+0x1a5/0x480 [ 22.064803] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.064838] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.064892] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.064938] ? __kthread_parkme+0x82/0x180 [ 22.064971] ? preempt_count_sub+0x50/0x80 [ 22.065004] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.065041] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.065076] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.065149] kthread+0x337/0x6f0 [ 22.065184] ? trace_preempt_on+0x20/0xc0 [ 22.065219] ? __pfx_kthread+0x10/0x10 [ 22.065250] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.065283] ? calculate_sigpending+0x7b/0xa0 [ 22.065318] ? __pfx_kthread+0x10/0x10 [ 22.065349] ret_from_fork+0x116/0x1d0 [ 22.065376] ? __pfx_kthread+0x10/0x10 [ 22.065406] ret_from_fork_asm+0x1a/0x30 [ 22.065448] </TASK> [ 22.065467] [ 22.085179] Allocated by task 283: [ 22.085608] kasan_save_stack+0x45/0x70 [ 22.086069] kasan_save_track+0x18/0x40 [ 22.086536] kasan_save_alloc_info+0x3b/0x50 [ 22.087082] __kasan_kmalloc+0xb7/0xc0 [ 22.087539] __kmalloc_cache_noprof+0x189/0x420 [ 22.088011] kasan_atomics+0x95/0x310 [ 22.088390] kunit_try_run_case+0x1a5/0x480 [ 22.088775] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.089542] kthread+0x337/0x6f0 [ 22.089991] ret_from_fork+0x116/0x1d0 [ 22.090459] ret_from_fork_asm+0x1a/0x30 [ 22.091045] [ 22.091314] The buggy address belongs to the object at ffff8881038ee700 [ 22.091314] which belongs to the cache kmalloc-64 of size 64 [ 22.092536] The buggy address is located 0 bytes to the right of [ 22.092536] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 22.093490] [ 22.093686] The buggy address belongs to the physical page: [ 22.094086] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 22.095454] flags: 0x200000000000000(node=0|zone=2) [ 22.096391] page_type: f5(slab) [ 22.097021] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.098173] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.098771] page dumped because: kasan: bad access detected [ 22.099289] [ 22.099623] Memory state around the buggy address: [ 22.100123] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.100817] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.101439] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.102011] ^ [ 22.102440] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.102980] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.103639] ================================================================== [ 22.196323] ================================================================== [ 22.196975] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 22.197791] Write of size 4 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 22.198454] [ 22.198754] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 22.198892] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.198937] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.198997] Call Trace: [ 22.199042] <TASK> [ 22.199089] dump_stack_lvl+0x73/0xb0 [ 22.199220] print_report+0xd1/0x650 [ 22.199300] ? __virt_addr_valid+0x1db/0x2d0 [ 22.199383] ? kasan_atomics_helper+0x4a0/0x5450 [ 22.199457] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.199579] ? kasan_atomics_helper+0x4a0/0x5450 [ 22.199658] kasan_report+0x141/0x180 [ 22.199736] ? kasan_atomics_helper+0x4a0/0x5450 [ 22.199821] kasan_check_range+0x10c/0x1c0 [ 22.199926] __kasan_check_write+0x18/0x20 [ 22.200002] kasan_atomics_helper+0x4a0/0x5450 [ 22.200087] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.200214] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.200296] ? kasan_save_alloc_info+0x3b/0x50 [ 22.200377] ? kasan_atomics+0x152/0x310 [ 22.200468] kasan_atomics+0x1dc/0x310 [ 22.200551] ? __pfx_kasan_atomics+0x10/0x10 [ 22.200636] ? __pfx_read_tsc+0x10/0x10 [ 22.200711] ? ktime_get_ts64+0x86/0x230 [ 22.200794] kunit_try_run_case+0x1a5/0x480 [ 22.200897] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.200978] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.201054] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.201180] ? __kthread_parkme+0x82/0x180 [ 22.201257] ? preempt_count_sub+0x50/0x80 [ 22.201335] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.201419] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.201501] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.201552] kthread+0x337/0x6f0 [ 22.201583] ? trace_preempt_on+0x20/0xc0 [ 22.201619] ? __pfx_kthread+0x10/0x10 [ 22.201650] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.201683] ? calculate_sigpending+0x7b/0xa0 [ 22.201717] ? __pfx_kthread+0x10/0x10 [ 22.201748] ret_from_fork+0x116/0x1d0 [ 22.201774] ? __pfx_kthread+0x10/0x10 [ 22.201804] ret_from_fork_asm+0x1a/0x30 [ 22.201846] </TASK> [ 22.201864] [ 22.223230] Allocated by task 283: [ 22.224006] kasan_save_stack+0x45/0x70 [ 22.224481] kasan_save_track+0x18/0x40 [ 22.224800] kasan_save_alloc_info+0x3b/0x50 [ 22.225962] __kasan_kmalloc+0xb7/0xc0 [ 22.226317] __kmalloc_cache_noprof+0x189/0x420 [ 22.226925] kasan_atomics+0x95/0x310 [ 22.227528] kunit_try_run_case+0x1a5/0x480 [ 22.228032] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.228672] kthread+0x337/0x6f0 [ 22.229046] ret_from_fork+0x116/0x1d0 [ 22.229892] ret_from_fork_asm+0x1a/0x30 [ 22.230443] [ 22.230692] The buggy address belongs to the object at ffff8881038ee700 [ 22.230692] which belongs to the cache kmalloc-64 of size 64 [ 22.231642] The buggy address is located 0 bytes to the right of [ 22.231642] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 22.232701] [ 22.232989] The buggy address belongs to the physical page: [ 22.233409] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 22.234108] flags: 0x200000000000000(node=0|zone=2) [ 22.234739] page_type: f5(slab) [ 22.235102] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.235868] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.236627] page dumped because: kasan: bad access detected [ 22.237138] [ 22.237409] Memory state around the buggy address: [ 22.237781] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.239175] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.239942] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.240546] ^ [ 22.241007] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.241657] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.242304] ================================================================== [ 22.515682] ================================================================== [ 22.516551] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 22.517104] Write of size 4 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 22.517824] [ 22.518829] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 22.519236] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.519263] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.519301] Call Trace: [ 22.519324] <TASK> [ 22.519348] dump_stack_lvl+0x73/0xb0 [ 22.519397] print_report+0xd1/0x650 [ 22.519431] ? __virt_addr_valid+0x1db/0x2d0 [ 22.519466] ? kasan_atomics_helper+0x860/0x5450 [ 22.519498] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.519531] ? kasan_atomics_helper+0x860/0x5450 [ 22.519563] kasan_report+0x141/0x180 [ 22.519595] ? kasan_atomics_helper+0x860/0x5450 [ 22.519632] kasan_check_range+0x10c/0x1c0 [ 22.519667] __kasan_check_write+0x18/0x20 [ 22.519696] kasan_atomics_helper+0x860/0x5450 [ 22.519730] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.519761] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.519798] ? kasan_save_alloc_info+0x3b/0x50 [ 22.519832] ? kasan_atomics+0x152/0x310 [ 22.519870] kasan_atomics+0x1dc/0x310 [ 22.519935] ? __pfx_kasan_atomics+0x10/0x10 [ 22.519973] ? __pfx_read_tsc+0x10/0x10 [ 22.520006] ? ktime_get_ts64+0x86/0x230 [ 22.520039] kunit_try_run_case+0x1a5/0x480 [ 22.520077] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.520143] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.520185] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.520222] ? __kthread_parkme+0x82/0x180 [ 22.520254] ? preempt_count_sub+0x50/0x80 [ 22.520288] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.520325] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.520360] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.520398] kthread+0x337/0x6f0 [ 22.520427] ? trace_preempt_on+0x20/0xc0 [ 22.520459] ? __pfx_kthread+0x10/0x10 [ 22.520490] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.520521] ? calculate_sigpending+0x7b/0xa0 [ 22.520557] ? __pfx_kthread+0x10/0x10 [ 22.520587] ret_from_fork+0x116/0x1d0 [ 22.520614] ? __pfx_kthread+0x10/0x10 [ 22.520643] ret_from_fork_asm+0x1a/0x30 [ 22.520687] </TASK> [ 22.520703] [ 22.543219] Allocated by task 283: [ 22.544008] kasan_save_stack+0x45/0x70 [ 22.544455] kasan_save_track+0x18/0x40 [ 22.544817] kasan_save_alloc_info+0x3b/0x50 [ 22.545698] __kasan_kmalloc+0xb7/0xc0 [ 22.546061] __kmalloc_cache_noprof+0x189/0x420 [ 22.546698] kasan_atomics+0x95/0x310 [ 22.547290] kunit_try_run_case+0x1a5/0x480 [ 22.547701] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.548480] kthread+0x337/0x6f0 [ 22.549049] ret_from_fork+0x116/0x1d0 [ 22.549441] ret_from_fork_asm+0x1a/0x30 [ 22.550092] [ 22.550369] The buggy address belongs to the object at ffff8881038ee700 [ 22.550369] which belongs to the cache kmalloc-64 of size 64 [ 22.551578] The buggy address is located 0 bytes to the right of [ 22.551578] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 22.552926] [ 22.553431] The buggy address belongs to the physical page: [ 22.553836] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 22.554857] flags: 0x200000000000000(node=0|zone=2) [ 22.555231] page_type: f5(slab) [ 22.555994] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.556778] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.557616] page dumped because: kasan: bad access detected [ 22.558362] [ 22.558760] Memory state around the buggy address: [ 22.559206] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.560078] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.560699] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.561779] ^ [ 22.562744] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.563230] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.563782] ================================================================== [ 22.286015] ================================================================== [ 22.286581] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 22.287731] Write of size 4 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 22.288301] [ 22.288605] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 22.288726] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.288767] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.288828] Call Trace: [ 22.288872] <TASK> [ 22.288933] dump_stack_lvl+0x73/0xb0 [ 22.289022] print_report+0xd1/0x650 [ 22.289107] ? __virt_addr_valid+0x1db/0x2d0 [ 22.289204] ? kasan_atomics_helper+0x565/0x5450 [ 22.289284] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.289403] ? kasan_atomics_helper+0x565/0x5450 [ 22.289482] kasan_report+0x141/0x180 [ 22.289559] ? kasan_atomics_helper+0x565/0x5450 [ 22.289651] kasan_check_range+0x10c/0x1c0 [ 22.289768] __kasan_check_write+0x18/0x20 [ 22.289851] kasan_atomics_helper+0x565/0x5450 [ 22.289951] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.290031] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.290113] ? kasan_save_alloc_info+0x3b/0x50 [ 22.290197] ? kasan_atomics+0x152/0x310 [ 22.290290] kasan_atomics+0x1dc/0x310 [ 22.290330] ? __pfx_kasan_atomics+0x10/0x10 [ 22.290368] ? __pfx_read_tsc+0x10/0x10 [ 22.290399] ? ktime_get_ts64+0x86/0x230 [ 22.290436] kunit_try_run_case+0x1a5/0x480 [ 22.290472] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.290508] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.290542] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.290578] ? __kthread_parkme+0x82/0x180 [ 22.290607] ? preempt_count_sub+0x50/0x80 [ 22.290640] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.290675] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.290710] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.290747] kthread+0x337/0x6f0 [ 22.290775] ? trace_preempt_on+0x20/0xc0 [ 22.290808] ? __pfx_kthread+0x10/0x10 [ 22.290840] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.290892] ? calculate_sigpending+0x7b/0xa0 [ 22.290940] ? __pfx_kthread+0x10/0x10 [ 22.290974] ret_from_fork+0x116/0x1d0 [ 22.291000] ? __pfx_kthread+0x10/0x10 [ 22.291031] ret_from_fork_asm+0x1a/0x30 [ 22.291074] </TASK> [ 22.291091] [ 22.306497] Allocated by task 283: [ 22.306896] kasan_save_stack+0x45/0x70 [ 22.307411] kasan_save_track+0x18/0x40 [ 22.307845] kasan_save_alloc_info+0x3b/0x50 [ 22.308367] __kasan_kmalloc+0xb7/0xc0 [ 22.308800] __kmalloc_cache_noprof+0x189/0x420 [ 22.309213] kasan_atomics+0x95/0x310 [ 22.309533] kunit_try_run_case+0x1a5/0x480 [ 22.309893] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.310386] kthread+0x337/0x6f0 [ 22.310825] ret_from_fork+0x116/0x1d0 [ 22.311285] ret_from_fork_asm+0x1a/0x30 [ 22.311982] [ 22.312258] The buggy address belongs to the object at ffff8881038ee700 [ 22.312258] which belongs to the cache kmalloc-64 of size 64 [ 22.312998] The buggy address is located 0 bytes to the right of [ 22.312998] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 22.314086] [ 22.314368] The buggy address belongs to the physical page: [ 22.314772] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 22.315575] flags: 0x200000000000000(node=0|zone=2) [ 22.316102] page_type: f5(slab) [ 22.316519] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.317172] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.317793] page dumped because: kasan: bad access detected [ 22.318179] [ 22.318380] Memory state around the buggy address: [ 22.318719] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.319397] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.320263] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.321099] ^ [ 22.321520] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.322108] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.324535] ================================================================== [ 22.566077] ================================================================== [ 22.566682] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 22.567507] Write of size 4 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 22.568079] [ 22.568988] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 22.569058] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.569078] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.569126] Call Trace: [ 22.569166] <TASK> [ 22.569191] dump_stack_lvl+0x73/0xb0 [ 22.569238] print_report+0xd1/0x650 [ 22.569273] ? __virt_addr_valid+0x1db/0x2d0 [ 22.569326] ? kasan_atomics_helper+0x8f9/0x5450 [ 22.569366] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.569399] ? kasan_atomics_helper+0x8f9/0x5450 [ 22.569432] kasan_report+0x141/0x180 [ 22.569464] ? kasan_atomics_helper+0x8f9/0x5450 [ 22.569502] kasan_check_range+0x10c/0x1c0 [ 22.569537] __kasan_check_write+0x18/0x20 [ 22.569565] kasan_atomics_helper+0x8f9/0x5450 [ 22.569598] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.569631] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.569668] ? kasan_save_alloc_info+0x3b/0x50 [ 22.569704] ? kasan_atomics+0x152/0x310 [ 22.569741] kasan_atomics+0x1dc/0x310 [ 22.569773] ? __pfx_kasan_atomics+0x10/0x10 [ 22.569809] ? __pfx_read_tsc+0x10/0x10 [ 22.569839] ? ktime_get_ts64+0x86/0x230 [ 22.569892] kunit_try_run_case+0x1a5/0x480 [ 22.569941] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.569977] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.570015] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.570051] ? __kthread_parkme+0x82/0x180 [ 22.570081] ? preempt_count_sub+0x50/0x80 [ 22.570147] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.570191] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.570228] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.570277] kthread+0x337/0x6f0 [ 22.570308] ? trace_preempt_on+0x20/0xc0 [ 22.570344] ? __pfx_kthread+0x10/0x10 [ 22.570375] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.570407] ? calculate_sigpending+0x7b/0xa0 [ 22.570443] ? __pfx_kthread+0x10/0x10 [ 22.570473] ret_from_fork+0x116/0x1d0 [ 22.570499] ? __pfx_kthread+0x10/0x10 [ 22.570529] ret_from_fork_asm+0x1a/0x30 [ 22.570571] </TASK> [ 22.570588] [ 22.590620] Allocated by task 283: [ 22.590772] kasan_save_stack+0x45/0x70 [ 22.591058] kasan_save_track+0x18/0x40 [ 22.591396] kasan_save_alloc_info+0x3b/0x50 [ 22.591738] __kasan_kmalloc+0xb7/0xc0 [ 22.592051] __kmalloc_cache_noprof+0x189/0x420 [ 22.593792] kasan_atomics+0x95/0x310 [ 22.594140] kunit_try_run_case+0x1a5/0x480 [ 22.594555] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.595014] kthread+0x337/0x6f0 [ 22.595738] ret_from_fork+0x116/0x1d0 [ 22.596308] ret_from_fork_asm+0x1a/0x30 [ 22.597007] [ 22.597220] The buggy address belongs to the object at ffff8881038ee700 [ 22.597220] which belongs to the cache kmalloc-64 of size 64 [ 22.598780] The buggy address is located 0 bytes to the right of [ 22.598780] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 22.600046] [ 22.600826] The buggy address belongs to the physical page: [ 22.601279] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 22.602084] flags: 0x200000000000000(node=0|zone=2) [ 22.602743] page_type: f5(slab) [ 22.603272] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.604044] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.604706] page dumped because: kasan: bad access detected [ 22.605622] [ 22.605806] Memory state around the buggy address: [ 22.606719] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.607560] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.608220] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.608985] ^ [ 22.609658] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.610461] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.611338] ================================================================== [ 23.590391] ================================================================== [ 23.591729] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 23.592620] Write of size 8 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 23.593073] [ 23.593270] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 23.594161] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.594201] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.594238] Call Trace: [ 23.594268] <TASK> [ 23.594288] dump_stack_lvl+0x73/0xb0 [ 23.594368] print_report+0xd1/0x650 [ 23.594412] ? __virt_addr_valid+0x1db/0x2d0 [ 23.594447] ? kasan_atomics_helper+0x1467/0x5450 [ 23.594479] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.594512] ? kasan_atomics_helper+0x1467/0x5450 [ 23.594544] kasan_report+0x141/0x180 [ 23.594577] ? kasan_atomics_helper+0x1467/0x5450 [ 23.594614] kasan_check_range+0x10c/0x1c0 [ 23.594649] __kasan_check_write+0x18/0x20 [ 23.594678] kasan_atomics_helper+0x1467/0x5450 [ 23.594711] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.594744] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.594780] ? kasan_save_alloc_info+0x3b/0x50 [ 23.594815] ? kasan_atomics+0x152/0x310 [ 23.594852] kasan_atomics+0x1dc/0x310 [ 23.594924] ? __pfx_kasan_atomics+0x10/0x10 [ 23.595014] ? __pfx_read_tsc+0x10/0x10 [ 23.595090] ? ktime_get_ts64+0x86/0x230 [ 23.595193] kunit_try_run_case+0x1a5/0x480 [ 23.595237] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.595276] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.595313] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.595349] ? __kthread_parkme+0x82/0x180 [ 23.595379] ? preempt_count_sub+0x50/0x80 [ 23.595412] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.595447] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.595482] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.595522] kthread+0x337/0x6f0 [ 23.595552] ? trace_preempt_on+0x20/0xc0 [ 23.595584] ? __pfx_kthread+0x10/0x10 [ 23.595615] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.595646] ? calculate_sigpending+0x7b/0xa0 [ 23.595682] ? __pfx_kthread+0x10/0x10 [ 23.595767] ret_from_fork+0x116/0x1d0 [ 23.595840] ? __pfx_kthread+0x10/0x10 [ 23.595898] ret_from_fork_asm+0x1a/0x30 [ 23.595944] </TASK> [ 23.595963] [ 23.610816] Allocated by task 283: [ 23.611230] kasan_save_stack+0x45/0x70 [ 23.611675] kasan_save_track+0x18/0x40 [ 23.612141] kasan_save_alloc_info+0x3b/0x50 [ 23.612554] __kasan_kmalloc+0xb7/0xc0 [ 23.612949] __kmalloc_cache_noprof+0x189/0x420 [ 23.613674] kasan_atomics+0x95/0x310 [ 23.614042] kunit_try_run_case+0x1a5/0x480 [ 23.614532] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.614947] kthread+0x337/0x6f0 [ 23.615292] ret_from_fork+0x116/0x1d0 [ 23.615707] ret_from_fork_asm+0x1a/0x30 [ 23.616350] [ 23.616578] The buggy address belongs to the object at ffff8881038ee700 [ 23.616578] which belongs to the cache kmalloc-64 of size 64 [ 23.617538] The buggy address is located 0 bytes to the right of [ 23.617538] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 23.618506] [ 23.618745] The buggy address belongs to the physical page: [ 23.619322] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 23.619825] flags: 0x200000000000000(node=0|zone=2) [ 23.620313] page_type: f5(slab) [ 23.620685] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.621177] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.621548] page dumped because: kasan: bad access detected [ 23.621839] [ 23.621996] Memory state around the buggy address: [ 23.622385] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.623024] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.623698] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.624276] ^ [ 23.624919] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.625464] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.625922] ================================================================== [ 23.050610] ================================================================== [ 23.051312] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 23.051797] Write of size 4 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 23.052611] [ 23.053011] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 23.053123] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.053168] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.053228] Call Trace: [ 23.053269] <TASK> [ 23.053311] dump_stack_lvl+0x73/0xb0 [ 23.053399] print_report+0xd1/0x650 [ 23.053475] ? __virt_addr_valid+0x1db/0x2d0 [ 23.053555] ? kasan_atomics_helper+0xfa9/0x5450 [ 23.053630] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.053706] ? kasan_atomics_helper+0xfa9/0x5450 [ 23.053778] kasan_report+0x141/0x180 [ 23.053854] ? kasan_atomics_helper+0xfa9/0x5450 [ 23.053964] kasan_check_range+0x10c/0x1c0 [ 23.054042] __kasan_check_write+0x18/0x20 [ 23.054115] kasan_atomics_helper+0xfa9/0x5450 [ 23.054193] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.054286] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.054372] ? kasan_save_alloc_info+0x3b/0x50 [ 23.054445] ? kasan_atomics+0x152/0x310 [ 23.054525] kasan_atomics+0x1dc/0x310 [ 23.054608] ? __pfx_kasan_atomics+0x10/0x10 [ 23.054689] ? __pfx_read_tsc+0x10/0x10 [ 23.054756] ? ktime_get_ts64+0x86/0x230 [ 23.054856] kunit_try_run_case+0x1a5/0x480 [ 23.054966] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.055051] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.055136] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.055221] ? __kthread_parkme+0x82/0x180 [ 23.055299] ? preempt_count_sub+0x50/0x80 [ 23.055382] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.055469] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.055571] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.055651] kthread+0x337/0x6f0 [ 23.055711] ? trace_preempt_on+0x20/0xc0 [ 23.055789] ? __pfx_kthread+0x10/0x10 [ 23.055867] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.055964] ? calculate_sigpending+0x7b/0xa0 [ 23.056046] ? __pfx_kthread+0x10/0x10 [ 23.056121] ret_from_fork+0x116/0x1d0 [ 23.056192] ? __pfx_kthread+0x10/0x10 [ 23.056267] ret_from_fork_asm+0x1a/0x30 [ 23.056370] </TASK> [ 23.056414] [ 23.080033] Allocated by task 283: [ 23.080786] kasan_save_stack+0x45/0x70 [ 23.081332] kasan_save_track+0x18/0x40 [ 23.081649] kasan_save_alloc_info+0x3b/0x50 [ 23.082037] __kasan_kmalloc+0xb7/0xc0 [ 23.082541] __kmalloc_cache_noprof+0x189/0x420 [ 23.082975] kasan_atomics+0x95/0x310 [ 23.083391] kunit_try_run_case+0x1a5/0x480 [ 23.084029] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.084615] kthread+0x337/0x6f0 [ 23.085094] ret_from_fork+0x116/0x1d0 [ 23.085803] ret_from_fork_asm+0x1a/0x30 [ 23.086186] [ 23.086586] The buggy address belongs to the object at ffff8881038ee700 [ 23.086586] which belongs to the cache kmalloc-64 of size 64 [ 23.087631] The buggy address is located 0 bytes to the right of [ 23.087631] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 23.088993] [ 23.089238] The buggy address belongs to the physical page: [ 23.089685] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 23.090872] flags: 0x200000000000000(node=0|zone=2) [ 23.091222] page_type: f5(slab) [ 23.091926] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.092818] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.093692] page dumped because: kasan: bad access detected [ 23.094119] [ 23.094675] Memory state around the buggy address: [ 23.095071] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.096091] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.096956] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.097915] ^ [ 23.098344] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.098597] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.098835] ================================================================== [ 24.384823] ================================================================== [ 24.386350] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 24.386948] Write of size 8 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 24.387649] [ 24.387950] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 24.388066] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.388153] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.388217] Call Trace: [ 24.388259] <TASK> [ 24.388299] dump_stack_lvl+0x73/0xb0 [ 24.388387] print_report+0xd1/0x650 [ 24.388467] ? __virt_addr_valid+0x1db/0x2d0 [ 24.388551] ? kasan_atomics_helper+0x1eaa/0x5450 [ 24.388648] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.388759] ? kasan_atomics_helper+0x1eaa/0x5450 [ 24.388834] kasan_report+0x141/0x180 [ 24.388933] ? kasan_atomics_helper+0x1eaa/0x5450 [ 24.389021] kasan_check_range+0x10c/0x1c0 [ 24.389141] __kasan_check_write+0x18/0x20 [ 24.389221] kasan_atomics_helper+0x1eaa/0x5450 [ 24.389301] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.389379] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.389514] ? kasan_save_alloc_info+0x3b/0x50 [ 24.389601] ? kasan_atomics+0x152/0x310 [ 24.389691] kasan_atomics+0x1dc/0x310 [ 24.389822] ? __pfx_kasan_atomics+0x10/0x10 [ 24.389925] ? __pfx_read_tsc+0x10/0x10 [ 24.389990] ? ktime_get_ts64+0x86/0x230 [ 24.390031] kunit_try_run_case+0x1a5/0x480 [ 24.390070] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.390153] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.390197] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.390235] ? __kthread_parkme+0x82/0x180 [ 24.390277] ? preempt_count_sub+0x50/0x80 [ 24.390311] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.390349] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.390385] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.390421] kthread+0x337/0x6f0 [ 24.390450] ? trace_preempt_on+0x20/0xc0 [ 24.390484] ? __pfx_kthread+0x10/0x10 [ 24.390514] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.390546] ? calculate_sigpending+0x7b/0xa0 [ 24.390581] ? __pfx_kthread+0x10/0x10 [ 24.390613] ret_from_fork+0x116/0x1d0 [ 24.390639] ? __pfx_kthread+0x10/0x10 [ 24.390669] ret_from_fork_asm+0x1a/0x30 [ 24.390712] </TASK> [ 24.390727] [ 24.412368] Allocated by task 283: [ 24.412689] kasan_save_stack+0x45/0x70 [ 24.413827] kasan_save_track+0x18/0x40 [ 24.414567] kasan_save_alloc_info+0x3b/0x50 [ 24.415120] __kasan_kmalloc+0xb7/0xc0 [ 24.415563] __kmalloc_cache_noprof+0x189/0x420 [ 24.416053] kasan_atomics+0x95/0x310 [ 24.416444] kunit_try_run_case+0x1a5/0x480 [ 24.416946] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.417425] kthread+0x337/0x6f0 [ 24.417859] ret_from_fork+0x116/0x1d0 [ 24.418377] ret_from_fork_asm+0x1a/0x30 [ 24.418753] [ 24.418995] The buggy address belongs to the object at ffff8881038ee700 [ 24.418995] which belongs to the cache kmalloc-64 of size 64 [ 24.420692] The buggy address is located 0 bytes to the right of [ 24.420692] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 24.422027] [ 24.422414] The buggy address belongs to the physical page: [ 24.422865] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 24.423766] flags: 0x200000000000000(node=0|zone=2) [ 24.424171] page_type: f5(slab) [ 24.424548] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.425134] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.425705] page dumped because: kasan: bad access detected [ 24.426852] [ 24.427059] Memory state around the buggy address: [ 24.427845] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.428641] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.429408] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.430550] ^ [ 24.431096] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.431864] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.432800] ================================================================== [ 24.478474] ================================================================== [ 24.479067] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 24.479746] Read of size 8 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 24.480487] [ 24.480796] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 24.480938] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.480979] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.481043] Call Trace: [ 24.481084] <TASK> [ 24.481165] dump_stack_lvl+0x73/0xb0 [ 24.481258] print_report+0xd1/0x650 [ 24.481333] ? __virt_addr_valid+0x1db/0x2d0 [ 24.481411] ? kasan_atomics_helper+0x4f71/0x5450 [ 24.481487] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.481567] ? kasan_atomics_helper+0x4f71/0x5450 [ 24.481683] kasan_report+0x141/0x180 [ 24.481774] ? kasan_atomics_helper+0x4f71/0x5450 [ 24.481918] __asan_report_load8_noabort+0x18/0x20 [ 24.482008] kasan_atomics_helper+0x4f71/0x5450 [ 24.482089] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.482215] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.482309] ? kasan_save_alloc_info+0x3b/0x50 [ 24.482391] ? kasan_atomics+0x152/0x310 [ 24.482477] kasan_atomics+0x1dc/0x310 [ 24.482525] ? __pfx_kasan_atomics+0x10/0x10 [ 24.482564] ? __pfx_read_tsc+0x10/0x10 [ 24.482595] ? ktime_get_ts64+0x86/0x230 [ 24.482630] kunit_try_run_case+0x1a5/0x480 [ 24.482667] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.482704] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.482739] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.482774] ? __kthread_parkme+0x82/0x180 [ 24.482802] ? preempt_count_sub+0x50/0x80 [ 24.482835] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.482906] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.482999] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.483060] kthread+0x337/0x6f0 [ 24.483096] ? trace_preempt_on+0x20/0xc0 [ 24.483322] ? __pfx_kthread+0x10/0x10 [ 24.483360] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.483394] ? calculate_sigpending+0x7b/0xa0 [ 24.483430] ? __pfx_kthread+0x10/0x10 [ 24.483463] ret_from_fork+0x116/0x1d0 [ 24.483489] ? __pfx_kthread+0x10/0x10 [ 24.483524] ret_from_fork_asm+0x1a/0x30 [ 24.483568] </TASK> [ 24.483584] [ 24.501947] Allocated by task 283: [ 24.502589] kasan_save_stack+0x45/0x70 [ 24.502955] kasan_save_track+0x18/0x40 [ 24.503324] kasan_save_alloc_info+0x3b/0x50 [ 24.504161] __kasan_kmalloc+0xb7/0xc0 [ 24.504692] __kmalloc_cache_noprof+0x189/0x420 [ 24.505210] kasan_atomics+0x95/0x310 [ 24.505621] kunit_try_run_case+0x1a5/0x480 [ 24.506325] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.506896] kthread+0x337/0x6f0 [ 24.507397] ret_from_fork+0x116/0x1d0 [ 24.507939] ret_from_fork_asm+0x1a/0x30 [ 24.508474] [ 24.508709] The buggy address belongs to the object at ffff8881038ee700 [ 24.508709] which belongs to the cache kmalloc-64 of size 64 [ 24.509719] The buggy address is located 0 bytes to the right of [ 24.509719] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 24.510672] [ 24.510986] The buggy address belongs to the physical page: [ 24.511660] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 24.512357] flags: 0x200000000000000(node=0|zone=2) [ 24.512850] page_type: f5(slab) [ 24.513336] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.514060] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.514817] page dumped because: kasan: bad access detected [ 24.515434] [ 24.515649] Memory state around the buggy address: [ 24.516223] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.516921] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.517667] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.518308] ^ [ 24.518749] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.519499] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.520144] ================================================================== [ 23.497641] ================================================================== [ 23.498362] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 23.499035] Read of size 8 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 23.499547] [ 23.499768] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 23.499902] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.499948] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.500008] Call Trace: [ 23.500053] <TASK> [ 23.500137] dump_stack_lvl+0x73/0xb0 [ 23.500234] print_report+0xd1/0x650 [ 23.500315] ? __virt_addr_valid+0x1db/0x2d0 [ 23.500394] ? kasan_atomics_helper+0x13b5/0x5450 [ 23.500471] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.500551] ? kasan_atomics_helper+0x13b5/0x5450 [ 23.500635] kasan_report+0x141/0x180 [ 23.500711] ? kasan_atomics_helper+0x13b5/0x5450 [ 23.500796] kasan_check_range+0x10c/0x1c0 [ 23.500896] __kasan_check_read+0x15/0x20 [ 23.500972] kasan_atomics_helper+0x13b5/0x5450 [ 23.501050] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.501174] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.501259] ? kasan_save_alloc_info+0x3b/0x50 [ 23.501343] ? kasan_atomics+0x152/0x310 [ 23.501437] kasan_atomics+0x1dc/0x310 [ 23.501522] ? __pfx_kasan_atomics+0x10/0x10 [ 23.501609] ? __pfx_read_tsc+0x10/0x10 [ 23.501686] ? ktime_get_ts64+0x86/0x230 [ 23.501774] kunit_try_run_case+0x1a5/0x480 [ 23.501861] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.501959] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.502040] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.502155] ? __kthread_parkme+0x82/0x180 [ 23.502198] ? preempt_count_sub+0x50/0x80 [ 23.502233] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.502284] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.502322] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.502359] kthread+0x337/0x6f0 [ 23.502390] ? trace_preempt_on+0x20/0xc0 [ 23.502425] ? __pfx_kthread+0x10/0x10 [ 23.502455] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.502489] ? calculate_sigpending+0x7b/0xa0 [ 23.502524] ? __pfx_kthread+0x10/0x10 [ 23.502555] ret_from_fork+0x116/0x1d0 [ 23.502584] ? __pfx_kthread+0x10/0x10 [ 23.502615] ret_from_fork_asm+0x1a/0x30 [ 23.502657] </TASK> [ 23.502672] [ 23.521381] Allocated by task 283: [ 23.521839] kasan_save_stack+0x45/0x70 [ 23.522183] kasan_save_track+0x18/0x40 [ 23.523652] kasan_save_alloc_info+0x3b/0x50 [ 23.524162] __kasan_kmalloc+0xb7/0xc0 [ 23.524860] __kmalloc_cache_noprof+0x189/0x420 [ 23.525275] kasan_atomics+0x95/0x310 [ 23.525900] kunit_try_run_case+0x1a5/0x480 [ 23.526525] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.527433] kthread+0x337/0x6f0 [ 23.527822] ret_from_fork+0x116/0x1d0 [ 23.528215] ret_from_fork_asm+0x1a/0x30 [ 23.528593] [ 23.528831] The buggy address belongs to the object at ffff8881038ee700 [ 23.528831] which belongs to the cache kmalloc-64 of size 64 [ 23.529901] The buggy address is located 0 bytes to the right of [ 23.529901] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 23.530853] [ 23.531664] The buggy address belongs to the physical page: [ 23.532035] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 23.533052] flags: 0x200000000000000(node=0|zone=2) [ 23.533710] page_type: f5(slab) [ 23.534092] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.534965] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.535826] page dumped because: kasan: bad access detected [ 23.536594] [ 23.536793] Memory state around the buggy address: [ 23.537148] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.537811] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.538420] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.539492] ^ [ 23.539800] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.540861] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.541719] ================================================================== [ 23.762756] ================================================================== [ 23.763482] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 23.764291] Write of size 8 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 23.764887] [ 23.765227] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 23.765367] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.765437] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.765501] Call Trace: [ 23.765543] <TASK> [ 23.765587] dump_stack_lvl+0x73/0xb0 [ 23.765677] print_report+0xd1/0x650 [ 23.765761] ? __virt_addr_valid+0x1db/0x2d0 [ 23.765847] ? kasan_atomics_helper+0x164f/0x5450 [ 23.765949] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.766078] ? kasan_atomics_helper+0x164f/0x5450 [ 23.766200] kasan_report+0x141/0x180 [ 23.766291] ? kasan_atomics_helper+0x164f/0x5450 [ 23.766381] kasan_check_range+0x10c/0x1c0 [ 23.766467] __kasan_check_write+0x18/0x20 [ 23.766561] kasan_atomics_helper+0x164f/0x5450 [ 23.766678] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.766764] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.766856] ? kasan_save_alloc_info+0x3b/0x50 [ 23.766977] ? kasan_atomics+0x152/0x310 [ 23.767088] kasan_atomics+0x1dc/0x310 [ 23.767179] ? __pfx_kasan_atomics+0x10/0x10 [ 23.767222] ? __pfx_read_tsc+0x10/0x10 [ 23.767256] ? ktime_get_ts64+0x86/0x230 [ 23.767294] kunit_try_run_case+0x1a5/0x480 [ 23.767334] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.767371] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.767407] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.767442] ? __kthread_parkme+0x82/0x180 [ 23.767472] ? preempt_count_sub+0x50/0x80 [ 23.767504] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.767541] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.767576] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.767613] kthread+0x337/0x6f0 [ 23.767641] ? trace_preempt_on+0x20/0xc0 [ 23.767674] ? __pfx_kthread+0x10/0x10 [ 23.767703] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.767737] ? calculate_sigpending+0x7b/0xa0 [ 23.767773] ? __pfx_kthread+0x10/0x10 [ 23.767804] ret_from_fork+0x116/0x1d0 [ 23.767831] ? __pfx_kthread+0x10/0x10 [ 23.767863] ret_from_fork_asm+0x1a/0x30 [ 23.767933] </TASK> [ 23.767950] [ 23.790007] Allocated by task 283: [ 23.790788] kasan_save_stack+0x45/0x70 [ 23.791659] kasan_save_track+0x18/0x40 [ 23.792029] kasan_save_alloc_info+0x3b/0x50 [ 23.792976] __kasan_kmalloc+0xb7/0xc0 [ 23.793434] __kmalloc_cache_noprof+0x189/0x420 [ 23.793913] kasan_atomics+0x95/0x310 [ 23.794323] kunit_try_run_case+0x1a5/0x480 [ 23.794786] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.795307] kthread+0x337/0x6f0 [ 23.795687] ret_from_fork+0x116/0x1d0 [ 23.796098] ret_from_fork_asm+0x1a/0x30 [ 23.796531] [ 23.796722] The buggy address belongs to the object at ffff8881038ee700 [ 23.796722] which belongs to the cache kmalloc-64 of size 64 [ 23.797796] The buggy address is located 0 bytes to the right of [ 23.797796] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 23.798828] [ 23.799305] The buggy address belongs to the physical page: [ 23.799726] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 23.800507] flags: 0x200000000000000(node=0|zone=2) [ 23.801014] page_type: f5(slab) [ 23.801412] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.802067] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.802772] page dumped because: kasan: bad access detected [ 23.803186] [ 23.803490] Memory state around the buggy address: [ 23.803992] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.804690] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.805386] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.805912] ^ [ 23.806580] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.807266] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.807815] ================================================================== [ 24.618306] ================================================================== [ 24.619280] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 24.620453] Write of size 8 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 24.621585] [ 24.621870] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 24.622082] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.622126] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.622186] Call Trace: [ 24.622231] <TASK> [ 24.622328] dump_stack_lvl+0x73/0xb0 [ 24.622378] print_report+0xd1/0x650 [ 24.622415] ? __virt_addr_valid+0x1db/0x2d0 [ 24.622448] ? kasan_atomics_helper+0x20c8/0x5450 [ 24.622479] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.622513] ? kasan_atomics_helper+0x20c8/0x5450 [ 24.622548] kasan_report+0x141/0x180 [ 24.622582] ? kasan_atomics_helper+0x20c8/0x5450 [ 24.622622] kasan_check_range+0x10c/0x1c0 [ 24.622657] __kasan_check_write+0x18/0x20 [ 24.622686] kasan_atomics_helper+0x20c8/0x5450 [ 24.622719] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.622750] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.622786] ? kasan_save_alloc_info+0x3b/0x50 [ 24.622820] ? kasan_atomics+0x152/0x310 [ 24.622857] kasan_atomics+0x1dc/0x310 [ 24.622918] ? __pfx_kasan_atomics+0x10/0x10 [ 24.622958] ? __pfx_read_tsc+0x10/0x10 [ 24.622990] ? ktime_get_ts64+0x86/0x230 [ 24.623024] kunit_try_run_case+0x1a5/0x480 [ 24.623061] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.623094] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.623165] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.623207] ? __kthread_parkme+0x82/0x180 [ 24.623240] ? preempt_count_sub+0x50/0x80 [ 24.623274] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.623313] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.623348] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.623385] kthread+0x337/0x6f0 [ 24.623414] ? trace_preempt_on+0x20/0xc0 [ 24.623447] ? __pfx_kthread+0x10/0x10 [ 24.623478] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.623510] ? calculate_sigpending+0x7b/0xa0 [ 24.623544] ? __pfx_kthread+0x10/0x10 [ 24.623575] ret_from_fork+0x116/0x1d0 [ 24.623601] ? __pfx_kthread+0x10/0x10 [ 24.623632] ret_from_fork_asm+0x1a/0x30 [ 24.623674] </TASK> [ 24.623689] [ 24.641247] Allocated by task 283: [ 24.641608] kasan_save_stack+0x45/0x70 [ 24.641956] kasan_save_track+0x18/0x40 [ 24.642289] kasan_save_alloc_info+0x3b/0x50 [ 24.642772] __kasan_kmalloc+0xb7/0xc0 [ 24.643112] __kmalloc_cache_noprof+0x189/0x420 [ 24.643467] kasan_atomics+0x95/0x310 [ 24.643835] kunit_try_run_case+0x1a5/0x480 [ 24.644535] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.645144] kthread+0x337/0x6f0 [ 24.645560] ret_from_fork+0x116/0x1d0 [ 24.646019] ret_from_fork_asm+0x1a/0x30 [ 24.646564] [ 24.646853] The buggy address belongs to the object at ffff8881038ee700 [ 24.646853] which belongs to the cache kmalloc-64 of size 64 [ 24.648103] The buggy address is located 0 bytes to the right of [ 24.648103] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 24.649445] [ 24.649714] The buggy address belongs to the physical page: [ 24.650289] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 24.651029] flags: 0x200000000000000(node=0|zone=2) [ 24.651570] page_type: f5(slab) [ 24.652080] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.652796] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.653826] page dumped because: kasan: bad access detected [ 24.655616] [ 24.656048] Memory state around the buggy address: [ 24.656840] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.658015] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.658865] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.659557] ^ [ 24.660000] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.660665] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.661285] ================================================================== [ 22.973319] ================================================================== [ 22.974963] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 22.975896] Write of size 4 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 22.976917] [ 22.977552] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 22.977659] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.977695] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.977731] Call Trace: [ 22.977753] <TASK> [ 22.977773] dump_stack_lvl+0x73/0xb0 [ 22.977819] print_report+0xd1/0x650 [ 22.977853] ? __virt_addr_valid+0x1db/0x2d0 [ 22.977925] ? kasan_atomics_helper+0xe78/0x5450 [ 22.978004] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.978074] ? kasan_atomics_helper+0xe78/0x5450 [ 22.978151] kasan_report+0x141/0x180 [ 22.978192] ? kasan_atomics_helper+0xe78/0x5450 [ 22.978231] kasan_check_range+0x10c/0x1c0 [ 22.978277] __kasan_check_write+0x18/0x20 [ 22.978307] kasan_atomics_helper+0xe78/0x5450 [ 22.978341] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.978373] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.978411] ? kasan_save_alloc_info+0x3b/0x50 [ 22.978445] ? kasan_atomics+0x152/0x310 [ 22.978483] kasan_atomics+0x1dc/0x310 [ 22.978517] ? __pfx_kasan_atomics+0x10/0x10 [ 22.978553] ? __pfx_read_tsc+0x10/0x10 [ 22.978585] ? ktime_get_ts64+0x86/0x230 [ 22.978622] kunit_try_run_case+0x1a5/0x480 [ 22.978658] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.978693] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.978728] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.978763] ? __kthread_parkme+0x82/0x180 [ 22.978793] ? preempt_count_sub+0x50/0x80 [ 22.978826] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.978863] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.978925] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.978964] kthread+0x337/0x6f0 [ 22.978994] ? trace_preempt_on+0x20/0xc0 [ 22.979028] ? __pfx_kthread+0x10/0x10 [ 22.979058] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.979090] ? calculate_sigpending+0x7b/0xa0 [ 22.979164] ? __pfx_kthread+0x10/0x10 [ 22.979198] ret_from_fork+0x116/0x1d0 [ 22.979226] ? __pfx_kthread+0x10/0x10 [ 22.979257] ret_from_fork_asm+0x1a/0x30 [ 22.979301] </TASK> [ 22.979318] [ 22.994478] Allocated by task 283: [ 22.994769] kasan_save_stack+0x45/0x70 [ 22.995223] kasan_save_track+0x18/0x40 [ 22.995680] kasan_save_alloc_info+0x3b/0x50 [ 22.996182] __kasan_kmalloc+0xb7/0xc0 [ 22.996613] __kmalloc_cache_noprof+0x189/0x420 [ 22.997255] kasan_atomics+0x95/0x310 [ 22.997574] kunit_try_run_case+0x1a5/0x480 [ 22.997975] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.998892] kthread+0x337/0x6f0 [ 22.999385] ret_from_fork+0x116/0x1d0 [ 22.999828] ret_from_fork_asm+0x1a/0x30 [ 23.000184] [ 23.000418] The buggy address belongs to the object at ffff8881038ee700 [ 23.000418] which belongs to the cache kmalloc-64 of size 64 [ 23.001381] The buggy address is located 0 bytes to the right of [ 23.001381] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 23.002166] [ 23.002376] The buggy address belongs to the physical page: [ 23.002749] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 23.003494] flags: 0x200000000000000(node=0|zone=2) [ 23.004026] page_type: f5(slab) [ 23.004541] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.005434] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.005920] page dumped because: kasan: bad access detected [ 23.006680] [ 23.006931] Memory state around the buggy address: [ 23.007631] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.008243] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.008863] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.009573] ^ [ 23.009939] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.010470] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.011104] ================================================================== [ 22.612190] ================================================================== [ 22.612773] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 22.613566] Write of size 4 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 22.615092] [ 22.615521] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 22.615585] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.615606] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.615636] Call Trace: [ 22.615655] <TASK> [ 22.615673] dump_stack_lvl+0x73/0xb0 [ 22.615716] print_report+0xd1/0x650 [ 22.615750] ? __virt_addr_valid+0x1db/0x2d0 [ 22.615783] ? kasan_atomics_helper+0x992/0x5450 [ 22.615814] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.615848] ? kasan_atomics_helper+0x992/0x5450 [ 22.615911] kasan_report+0x141/0x180 [ 22.615999] ? kasan_atomics_helper+0x992/0x5450 [ 22.616319] kasan_check_range+0x10c/0x1c0 [ 22.616707] __kasan_check_write+0x18/0x20 [ 22.616744] kasan_atomics_helper+0x992/0x5450 [ 22.616780] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.616815] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.616852] ? kasan_save_alloc_info+0x3b/0x50 [ 22.616912] ? kasan_atomics+0x152/0x310 [ 22.616954] kasan_atomics+0x1dc/0x310 [ 22.616988] ? __pfx_kasan_atomics+0x10/0x10 [ 22.617025] ? __pfx_read_tsc+0x10/0x10 [ 22.617059] ? ktime_get_ts64+0x86/0x230 [ 22.617098] kunit_try_run_case+0x1a5/0x480 [ 22.617179] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.617218] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.617255] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.617291] ? __kthread_parkme+0x82/0x180 [ 22.617321] ? preempt_count_sub+0x50/0x80 [ 22.617355] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.617392] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.617428] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.617465] kthread+0x337/0x6f0 [ 22.617494] ? trace_preempt_on+0x20/0xc0 [ 22.617528] ? __pfx_kthread+0x10/0x10 [ 22.617558] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.617590] ? calculate_sigpending+0x7b/0xa0 [ 22.617625] ? __pfx_kthread+0x10/0x10 [ 22.617657] ret_from_fork+0x116/0x1d0 [ 22.617683] ? __pfx_kthread+0x10/0x10 [ 22.617713] ret_from_fork_asm+0x1a/0x30 [ 22.617756] </TASK> [ 22.617772] [ 22.638730] Allocated by task 283: [ 22.639676] kasan_save_stack+0x45/0x70 [ 22.640025] kasan_save_track+0x18/0x40 [ 22.640563] kasan_save_alloc_info+0x3b/0x50 [ 22.641160] __kasan_kmalloc+0xb7/0xc0 [ 22.641746] __kmalloc_cache_noprof+0x189/0x420 [ 22.642411] kasan_atomics+0x95/0x310 [ 22.642992] kunit_try_run_case+0x1a5/0x480 [ 22.644068] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.644510] kthread+0x337/0x6f0 [ 22.645021] ret_from_fork+0x116/0x1d0 [ 22.645698] ret_from_fork_asm+0x1a/0x30 [ 22.646172] [ 22.646338] The buggy address belongs to the object at ffff8881038ee700 [ 22.646338] which belongs to the cache kmalloc-64 of size 64 [ 22.647787] The buggy address is located 0 bytes to the right of [ 22.647787] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 22.648985] [ 22.649229] The buggy address belongs to the physical page: [ 22.649939] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 22.651043] flags: 0x200000000000000(node=0|zone=2) [ 22.651368] page_type: f5(slab) [ 22.651743] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.652451] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.653615] page dumped because: kasan: bad access detected [ 22.654212] [ 22.654394] Memory state around the buggy address: [ 22.654745] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.657292] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.657974] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.659861] ^ [ 22.660664] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.662339] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.663576] ================================================================== [ 23.312205] ================================================================== [ 23.315166] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 23.316133] Write of size 4 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 23.316788] [ 23.317373] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 23.317591] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.317638] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.317702] Call Trace: [ 23.317749] <TASK> [ 23.317794] dump_stack_lvl+0x73/0xb0 [ 23.317902] print_report+0xd1/0x650 [ 23.317982] ? __virt_addr_valid+0x1db/0x2d0 [ 23.318061] ? kasan_atomics_helper+0x1217/0x5450 [ 23.318154] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.318232] ? kasan_atomics_helper+0x1217/0x5450 [ 23.318315] kasan_report+0x141/0x180 [ 23.318403] ? kasan_atomics_helper+0x1217/0x5450 [ 23.318484] kasan_check_range+0x10c/0x1c0 [ 23.318527] __kasan_check_write+0x18/0x20 [ 23.318559] kasan_atomics_helper+0x1217/0x5450 [ 23.318594] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.318669] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.318711] ? kasan_save_alloc_info+0x3b/0x50 [ 23.318749] ? kasan_atomics+0x152/0x310 [ 23.318789] kasan_atomics+0x1dc/0x310 [ 23.318825] ? __pfx_kasan_atomics+0x10/0x10 [ 23.318862] ? __pfx_read_tsc+0x10/0x10 [ 23.319030] ? ktime_get_ts64+0x86/0x230 [ 23.319118] kunit_try_run_case+0x1a5/0x480 [ 23.319208] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.319288] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.319338] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.319377] ? __kthread_parkme+0x82/0x180 [ 23.319409] ? preempt_count_sub+0x50/0x80 [ 23.319445] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.319483] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.319520] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.319556] kthread+0x337/0x6f0 [ 23.319586] ? trace_preempt_on+0x20/0xc0 [ 23.319620] ? __pfx_kthread+0x10/0x10 [ 23.319650] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.319684] ? calculate_sigpending+0x7b/0xa0 [ 23.319719] ? __pfx_kthread+0x10/0x10 [ 23.319751] ret_from_fork+0x116/0x1d0 [ 23.319777] ? __pfx_kthread+0x10/0x10 [ 23.319807] ret_from_fork_asm+0x1a/0x30 [ 23.319850] </TASK> [ 23.319865] [ 23.339364] Allocated by task 283: [ 23.339858] kasan_save_stack+0x45/0x70 [ 23.340444] kasan_save_track+0x18/0x40 [ 23.340931] kasan_save_alloc_info+0x3b/0x50 [ 23.341508] __kasan_kmalloc+0xb7/0xc0 [ 23.342008] __kmalloc_cache_noprof+0x189/0x420 [ 23.342586] kasan_atomics+0x95/0x310 [ 23.343022] kunit_try_run_case+0x1a5/0x480 [ 23.343592] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.344291] kthread+0x337/0x6f0 [ 23.344697] ret_from_fork+0x116/0x1d0 [ 23.345271] ret_from_fork_asm+0x1a/0x30 [ 23.345610] [ 23.345945] The buggy address belongs to the object at ffff8881038ee700 [ 23.345945] which belongs to the cache kmalloc-64 of size 64 [ 23.347174] The buggy address is located 0 bytes to the right of [ 23.347174] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 23.348292] [ 23.348589] The buggy address belongs to the physical page: [ 23.349137] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 23.349991] flags: 0x200000000000000(node=0|zone=2) [ 23.350533] page_type: f5(slab) [ 23.351010] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.351788] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.352522] page dumped because: kasan: bad access detected [ 23.353016] [ 23.353270] Memory state around the buggy address: [ 23.353684] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.354345] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.355077] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.356179] ^ [ 23.356706] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.357407] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.357962] ================================================================== [ 23.358944] ================================================================== [ 23.359637] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 23.360320] Read of size 4 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 23.360945] [ 23.361260] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 23.361410] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.361455] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.361514] Call Trace: [ 23.361557] <TASK> [ 23.361601] dump_stack_lvl+0x73/0xb0 [ 23.361691] print_report+0xd1/0x650 [ 23.361769] ? __virt_addr_valid+0x1db/0x2d0 [ 23.361866] ? kasan_atomics_helper+0x49e8/0x5450 [ 23.361977] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.362056] ? kasan_atomics_helper+0x49e8/0x5450 [ 23.362178] kasan_report+0x141/0x180 [ 23.362267] ? kasan_atomics_helper+0x49e8/0x5450 [ 23.362313] __asan_report_load4_noabort+0x18/0x20 [ 23.362351] kasan_atomics_helper+0x49e8/0x5450 [ 23.362386] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.362422] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.362458] ? kasan_save_alloc_info+0x3b/0x50 [ 23.362495] ? kasan_atomics+0x152/0x310 [ 23.362534] kasan_atomics+0x1dc/0x310 [ 23.362568] ? __pfx_kasan_atomics+0x10/0x10 [ 23.362604] ? __pfx_read_tsc+0x10/0x10 [ 23.362634] ? ktime_get_ts64+0x86/0x230 [ 23.362670] kunit_try_run_case+0x1a5/0x480 [ 23.362706] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.362742] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.362777] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.362812] ? __kthread_parkme+0x82/0x180 [ 23.362842] ? preempt_count_sub+0x50/0x80 [ 23.362900] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.362947] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.362984] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.363022] kthread+0x337/0x6f0 [ 23.363050] ? trace_preempt_on+0x20/0xc0 [ 23.363085] ? __pfx_kthread+0x10/0x10 [ 23.363163] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.363199] ? calculate_sigpending+0x7b/0xa0 [ 23.363234] ? __pfx_kthread+0x10/0x10 [ 23.363267] ret_from_fork+0x116/0x1d0 [ 23.363294] ? __pfx_kthread+0x10/0x10 [ 23.363325] ret_from_fork_asm+0x1a/0x30 [ 23.363367] </TASK> [ 23.363387] [ 23.384177] Allocated by task 283: [ 23.384723] kasan_save_stack+0x45/0x70 [ 23.385308] kasan_save_track+0x18/0x40 [ 23.385645] kasan_save_alloc_info+0x3b/0x50 [ 23.386018] __kasan_kmalloc+0xb7/0xc0 [ 23.387520] __kmalloc_cache_noprof+0x189/0x420 [ 23.388111] kasan_atomics+0x95/0x310 [ 23.388706] kunit_try_run_case+0x1a5/0x480 [ 23.389156] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.389744] kthread+0x337/0x6f0 [ 23.390100] ret_from_fork+0x116/0x1d0 [ 23.390958] ret_from_fork_asm+0x1a/0x30 [ 23.391638] [ 23.392041] The buggy address belongs to the object at ffff8881038ee700 [ 23.392041] which belongs to the cache kmalloc-64 of size 64 [ 23.393422] The buggy address is located 0 bytes to the right of [ 23.393422] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 23.394615] [ 23.394866] The buggy address belongs to the physical page: [ 23.395705] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 23.396610] flags: 0x200000000000000(node=0|zone=2) [ 23.397003] page_type: f5(slab) [ 23.397928] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.398695] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.399475] page dumped because: kasan: bad access detected [ 23.399904] [ 23.400067] Memory state around the buggy address: [ 23.401151] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.401849] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.402564] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.403164] ^ [ 23.403944] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.404711] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.405518] ================================================================== [ 23.979916] ================================================================== [ 23.980351] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 23.981477] Write of size 8 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 23.982283] [ 23.982578] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 23.982723] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.982767] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.982828] Call Trace: [ 23.982871] <TASK> [ 23.982988] dump_stack_lvl+0x73/0xb0 [ 23.983104] print_report+0xd1/0x650 [ 23.983206] ? __virt_addr_valid+0x1db/0x2d0 [ 23.983346] ? kasan_atomics_helper+0x194a/0x5450 [ 23.983455] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.983540] ? kasan_atomics_helper+0x194a/0x5450 [ 23.983671] kasan_report+0x141/0x180 [ 23.983789] ? kasan_atomics_helper+0x194a/0x5450 [ 23.983900] kasan_check_range+0x10c/0x1c0 [ 23.984067] __kasan_check_write+0x18/0x20 [ 23.984146] kasan_atomics_helper+0x194a/0x5450 [ 23.984232] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.984395] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.984482] ? kasan_save_alloc_info+0x3b/0x50 [ 23.984615] ? kasan_atomics+0x152/0x310 [ 23.984740] kasan_atomics+0x1dc/0x310 [ 23.984848] ? __pfx_kasan_atomics+0x10/0x10 [ 23.985008] ? __pfx_read_tsc+0x10/0x10 [ 23.985121] ? ktime_get_ts64+0x86/0x230 [ 23.985227] kunit_try_run_case+0x1a5/0x480 [ 23.985373] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.985488] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.985549] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.985589] ? __kthread_parkme+0x82/0x180 [ 23.985621] ? preempt_count_sub+0x50/0x80 [ 23.985657] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.985695] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.985750] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.985806] kthread+0x337/0x6f0 [ 23.985847] ? trace_preempt_on+0x20/0xc0 [ 23.985925] ? __pfx_kthread+0x10/0x10 [ 23.985961] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.986016] ? calculate_sigpending+0x7b/0xa0 [ 23.986055] ? __pfx_kthread+0x10/0x10 [ 23.986121] ret_from_fork+0x116/0x1d0 [ 23.986175] ? __pfx_kthread+0x10/0x10 [ 23.986216] ret_from_fork_asm+0x1a/0x30 [ 23.986283] </TASK> [ 23.986304] [ 24.010941] Allocated by task 283: [ 24.011366] kasan_save_stack+0x45/0x70 [ 24.012230] kasan_save_track+0x18/0x40 [ 24.012761] kasan_save_alloc_info+0x3b/0x50 [ 24.013458] __kasan_kmalloc+0xb7/0xc0 [ 24.014059] __kmalloc_cache_noprof+0x189/0x420 [ 24.014648] kasan_atomics+0x95/0x310 [ 24.015238] kunit_try_run_case+0x1a5/0x480 [ 24.015673] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.016276] kthread+0x337/0x6f0 [ 24.016888] ret_from_fork+0x116/0x1d0 [ 24.017497] ret_from_fork_asm+0x1a/0x30 [ 24.017828] [ 24.018006] The buggy address belongs to the object at ffff8881038ee700 [ 24.018006] which belongs to the cache kmalloc-64 of size 64 [ 24.019768] The buggy address is located 0 bytes to the right of [ 24.019768] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 24.020919] [ 24.021797] The buggy address belongs to the physical page: [ 24.022331] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 24.023042] flags: 0x200000000000000(node=0|zone=2) [ 24.023728] page_type: f5(slab) [ 24.024094] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.025054] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.025800] page dumped because: kasan: bad access detected [ 24.026415] [ 24.026661] Memory state around the buggy address: [ 24.027431] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.028602] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.029137] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.029850] ^ [ 24.030732] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.031513] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.032163] ================================================================== [ 23.939040] ================================================================== [ 23.939696] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 23.940405] Write of size 8 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 23.941065] [ 23.941393] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 23.941511] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.941556] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.941616] Call Trace: [ 23.941662] <TASK> [ 23.941705] dump_stack_lvl+0x73/0xb0 [ 23.941795] print_report+0xd1/0x650 [ 23.941836] ? __virt_addr_valid+0x1db/0x2d0 [ 23.941892] ? kasan_atomics_helper+0x18b1/0x5450 [ 23.941961] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.941999] ? kasan_atomics_helper+0x18b1/0x5450 [ 23.942032] kasan_report+0x141/0x180 [ 23.942066] ? kasan_atomics_helper+0x18b1/0x5450 [ 23.942137] kasan_check_range+0x10c/0x1c0 [ 23.942273] __kasan_check_write+0x18/0x20 [ 23.942379] kasan_atomics_helper+0x18b1/0x5450 [ 23.942493] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.942574] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.942655] ? kasan_save_alloc_info+0x3b/0x50 [ 23.942726] ? kasan_atomics+0x152/0x310 [ 23.942771] kasan_atomics+0x1dc/0x310 [ 23.942808] ? __pfx_kasan_atomics+0x10/0x10 [ 23.942848] ? __pfx_read_tsc+0x10/0x10 [ 23.942902] ? ktime_get_ts64+0x86/0x230 [ 23.942943] kunit_try_run_case+0x1a5/0x480 [ 23.942981] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.943015] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.943052] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.943087] ? __kthread_parkme+0x82/0x180 [ 23.943158] ? preempt_count_sub+0x50/0x80 [ 23.943196] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.943233] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.943269] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.943306] kthread+0x337/0x6f0 [ 23.943336] ? trace_preempt_on+0x20/0xc0 [ 23.943369] ? __pfx_kthread+0x10/0x10 [ 23.943399] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.943433] ? calculate_sigpending+0x7b/0xa0 [ 23.943468] ? __pfx_kthread+0x10/0x10 [ 23.943499] ret_from_fork+0x116/0x1d0 [ 23.943526] ? __pfx_kthread+0x10/0x10 [ 23.943556] ret_from_fork_asm+0x1a/0x30 [ 23.943597] </TASK> [ 23.943614] [ 23.960122] Allocated by task 283: [ 23.960550] kasan_save_stack+0x45/0x70 [ 23.961301] kasan_save_track+0x18/0x40 [ 23.961903] kasan_save_alloc_info+0x3b/0x50 [ 23.962414] __kasan_kmalloc+0xb7/0xc0 [ 23.962897] __kmalloc_cache_noprof+0x189/0x420 [ 23.963534] kasan_atomics+0x95/0x310 [ 23.964032] kunit_try_run_case+0x1a5/0x480 [ 23.964655] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.965185] kthread+0x337/0x6f0 [ 23.965647] ret_from_fork+0x116/0x1d0 [ 23.966061] ret_from_fork_asm+0x1a/0x30 [ 23.966536] [ 23.966922] The buggy address belongs to the object at ffff8881038ee700 [ 23.966922] which belongs to the cache kmalloc-64 of size 64 [ 23.968137] The buggy address is located 0 bytes to the right of [ 23.968137] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 23.969034] [ 23.969413] The buggy address belongs to the physical page: [ 23.970066] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 23.970749] flags: 0x200000000000000(node=0|zone=2) [ 23.971310] page_type: f5(slab) [ 23.971741] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.972540] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.973320] page dumped because: kasan: bad access detected [ 23.973869] [ 23.974180] Memory state around the buggy address: [ 23.974692] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.975199] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.976041] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.976762] ^ [ 23.977146] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.977806] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.978663] ================================================================== [ 24.167681] ================================================================== [ 24.168837] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 24.169517] Write of size 8 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 24.170196] [ 24.170589] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 24.170709] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.170749] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.170808] Call Trace: [ 24.170853] <TASK> [ 24.170915] dump_stack_lvl+0x73/0xb0 [ 24.171009] print_report+0xd1/0x650 [ 24.171158] ? __virt_addr_valid+0x1db/0x2d0 [ 24.171250] ? kasan_atomics_helper+0x1c18/0x5450 [ 24.171331] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.171409] ? kasan_atomics_helper+0x1c18/0x5450 [ 24.171447] kasan_report+0x141/0x180 [ 24.171484] ? kasan_atomics_helper+0x1c18/0x5450 [ 24.171524] kasan_check_range+0x10c/0x1c0 [ 24.171560] __kasan_check_write+0x18/0x20 [ 24.171589] kasan_atomics_helper+0x1c18/0x5450 [ 24.171621] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.171654] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.171689] ? kasan_save_alloc_info+0x3b/0x50 [ 24.171723] ? kasan_atomics+0x152/0x310 [ 24.171761] kasan_atomics+0x1dc/0x310 [ 24.171794] ? __pfx_kasan_atomics+0x10/0x10 [ 24.171830] ? __pfx_read_tsc+0x10/0x10 [ 24.171859] ? ktime_get_ts64+0x86/0x230 [ 24.171923] kunit_try_run_case+0x1a5/0x480 [ 24.171963] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.172000] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.172034] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.172069] ? __kthread_parkme+0x82/0x180 [ 24.172121] ? preempt_count_sub+0x50/0x80 [ 24.172172] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.172210] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.172248] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.172284] kthread+0x337/0x6f0 [ 24.172312] ? trace_preempt_on+0x20/0xc0 [ 24.172346] ? __pfx_kthread+0x10/0x10 [ 24.172376] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.172407] ? calculate_sigpending+0x7b/0xa0 [ 24.172442] ? __pfx_kthread+0x10/0x10 [ 24.172473] ret_from_fork+0x116/0x1d0 [ 24.172499] ? __pfx_kthread+0x10/0x10 [ 24.172529] ret_from_fork_asm+0x1a/0x30 [ 24.172571] </TASK> [ 24.172587] [ 24.193831] Allocated by task 283: [ 24.194095] kasan_save_stack+0x45/0x70 [ 24.195250] kasan_save_track+0x18/0x40 [ 24.195791] kasan_save_alloc_info+0x3b/0x50 [ 24.196435] __kasan_kmalloc+0xb7/0xc0 [ 24.196615] __kmalloc_cache_noprof+0x189/0x420 [ 24.196805] kasan_atomics+0x95/0x310 [ 24.197275] kunit_try_run_case+0x1a5/0x480 [ 24.197737] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.198538] kthread+0x337/0x6f0 [ 24.198946] ret_from_fork+0x116/0x1d0 [ 24.199226] ret_from_fork_asm+0x1a/0x30 [ 24.200105] [ 24.200468] The buggy address belongs to the object at ffff8881038ee700 [ 24.200468] which belongs to the cache kmalloc-64 of size 64 [ 24.201360] The buggy address is located 0 bytes to the right of [ 24.201360] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 24.202826] [ 24.203614] The buggy address belongs to the physical page: [ 24.204044] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 24.204934] flags: 0x200000000000000(node=0|zone=2) [ 24.205551] page_type: f5(slab) [ 24.206050] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.206853] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.207456] page dumped because: kasan: bad access detected [ 24.208060] [ 24.208285] Memory state around the buggy address: [ 24.208791] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.209646] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.210280] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.211015] ^ [ 24.211534] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.212244] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.212972] ================================================================== [ 24.213798] ================================================================== [ 24.214405] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 24.215183] Read of size 8 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 24.215749] [ 24.216057] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 24.216218] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.216258] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.216317] Call Trace: [ 24.216359] <TASK> [ 24.216439] dump_stack_lvl+0x73/0xb0 [ 24.216533] print_report+0xd1/0x650 [ 24.216619] ? __virt_addr_valid+0x1db/0x2d0 [ 24.216702] ? kasan_atomics_helper+0x4f30/0x5450 [ 24.216782] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.216860] ? kasan_atomics_helper+0x4f30/0x5450 [ 24.216993] kasan_report+0x141/0x180 [ 24.217080] ? kasan_atomics_helper+0x4f30/0x5450 [ 24.217215] __asan_report_load8_noabort+0x18/0x20 [ 24.217298] kasan_atomics_helper+0x4f30/0x5450 [ 24.217377] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.217458] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.217581] ? kasan_save_alloc_info+0x3b/0x50 [ 24.217667] ? kasan_atomics+0x152/0x310 [ 24.217757] kasan_atomics+0x1dc/0x310 [ 24.217838] ? __pfx_kasan_atomics+0x10/0x10 [ 24.217934] ? __pfx_read_tsc+0x10/0x10 [ 24.217973] ? ktime_get_ts64+0x86/0x230 [ 24.218011] kunit_try_run_case+0x1a5/0x480 [ 24.218050] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.218087] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.218217] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.218320] ? __kthread_parkme+0x82/0x180 [ 24.218372] ? preempt_count_sub+0x50/0x80 [ 24.218409] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.218447] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.218483] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.218520] kthread+0x337/0x6f0 [ 24.218548] ? trace_preempt_on+0x20/0xc0 [ 24.218582] ? __pfx_kthread+0x10/0x10 [ 24.218612] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.218644] ? calculate_sigpending+0x7b/0xa0 [ 24.218680] ? __pfx_kthread+0x10/0x10 [ 24.218710] ret_from_fork+0x116/0x1d0 [ 24.218737] ? __pfx_kthread+0x10/0x10 [ 24.218768] ret_from_fork_asm+0x1a/0x30 [ 24.218810] </TASK> [ 24.218826] [ 24.234103] Allocated by task 283: [ 24.234537] kasan_save_stack+0x45/0x70 [ 24.235018] kasan_save_track+0x18/0x40 [ 24.235437] kasan_save_alloc_info+0x3b/0x50 [ 24.235933] __kasan_kmalloc+0xb7/0xc0 [ 24.236390] __kmalloc_cache_noprof+0x189/0x420 [ 24.236826] kasan_atomics+0x95/0x310 [ 24.237731] kunit_try_run_case+0x1a5/0x480 [ 24.238432] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.239460] kthread+0x337/0x6f0 [ 24.239813] ret_from_fork+0x116/0x1d0 [ 24.240158] ret_from_fork_asm+0x1a/0x30 [ 24.240495] [ 24.240727] The buggy address belongs to the object at ffff8881038ee700 [ 24.240727] which belongs to the cache kmalloc-64 of size 64 [ 24.242985] The buggy address is located 0 bytes to the right of [ 24.242985] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 24.244990] [ 24.245413] The buggy address belongs to the physical page: [ 24.246395] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 24.247914] flags: 0x200000000000000(node=0|zone=2) [ 24.248817] page_type: f5(slab) [ 24.249544] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.250541] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.250800] page dumped because: kasan: bad access detected [ 24.251161] [ 24.251432] Memory state around the buggy address: [ 24.251864] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.252567] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.253103] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.253736] ^ [ 24.254227] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.254934] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.255665] ================================================================== [ 22.796188] ================================================================== [ 22.796679] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 22.797460] Write of size 4 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 22.798399] [ 22.798749] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 22.798859] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.798921] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.798983] Call Trace: [ 22.799022] <TASK> [ 22.799060] dump_stack_lvl+0x73/0xb0 [ 22.799192] print_report+0xd1/0x650 [ 22.799270] ? __virt_addr_valid+0x1db/0x2d0 [ 22.799353] ? kasan_atomics_helper+0xc70/0x5450 [ 22.799427] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.799559] ? kasan_atomics_helper+0xc70/0x5450 [ 22.799644] kasan_report+0x141/0x180 [ 22.799724] ? kasan_atomics_helper+0xc70/0x5450 [ 22.799864] kasan_check_range+0x10c/0x1c0 [ 22.799965] __kasan_check_write+0x18/0x20 [ 22.800036] kasan_atomics_helper+0xc70/0x5450 [ 22.800157] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.800243] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.800347] ? kasan_save_alloc_info+0x3b/0x50 [ 22.800456] ? kasan_atomics+0x152/0x310 [ 22.800549] kasan_atomics+0x1dc/0x310 [ 22.800648] ? __pfx_kasan_atomics+0x10/0x10 [ 22.800764] ? __pfx_read_tsc+0x10/0x10 [ 22.800846] ? ktime_get_ts64+0x86/0x230 [ 22.800920] kunit_try_run_case+0x1a5/0x480 [ 22.800965] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.801004] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.801039] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.801075] ? __kthread_parkme+0x82/0x180 [ 22.801150] ? preempt_count_sub+0x50/0x80 [ 22.801191] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.801229] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.801265] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.801302] kthread+0x337/0x6f0 [ 22.801330] ? trace_preempt_on+0x20/0xc0 [ 22.801365] ? __pfx_kthread+0x10/0x10 [ 22.801396] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.801429] ? calculate_sigpending+0x7b/0xa0 [ 22.801464] ? __pfx_kthread+0x10/0x10 [ 22.801495] ret_from_fork+0x116/0x1d0 [ 22.801522] ? __pfx_kthread+0x10/0x10 [ 22.801552] ret_from_fork_asm+0x1a/0x30 [ 22.801594] </TASK> [ 22.801609] [ 22.820054] Allocated by task 283: [ 22.820357] kasan_save_stack+0x45/0x70 [ 22.821132] kasan_save_track+0x18/0x40 [ 22.821630] kasan_save_alloc_info+0x3b/0x50 [ 22.822053] __kasan_kmalloc+0xb7/0xc0 [ 22.822558] __kmalloc_cache_noprof+0x189/0x420 [ 22.823132] kasan_atomics+0x95/0x310 [ 22.823596] kunit_try_run_case+0x1a5/0x480 [ 22.823976] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.824649] kthread+0x337/0x6f0 [ 22.825075] ret_from_fork+0x116/0x1d0 [ 22.825544] ret_from_fork_asm+0x1a/0x30 [ 22.826051] [ 22.826316] The buggy address belongs to the object at ffff8881038ee700 [ 22.826316] which belongs to the cache kmalloc-64 of size 64 [ 22.827447] The buggy address is located 0 bytes to the right of [ 22.827447] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 22.828616] [ 22.828863] The buggy address belongs to the physical page: [ 22.829349] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 22.830138] flags: 0x200000000000000(node=0|zone=2) [ 22.830699] page_type: f5(slab) [ 22.831145] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.832005] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.832693] page dumped because: kasan: bad access detected [ 22.833140] [ 22.833305] Memory state around the buggy address: [ 22.833668] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.835821] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.836558] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.837361] ^ [ 22.837837] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.838842] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.839922] ================================================================== [ 22.920176] ================================================================== [ 22.920821] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 22.922810] Write of size 4 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 22.923356] [ 22.923573] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 22.923691] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.923734] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.923795] Call Trace: [ 22.923837] <TASK> [ 22.923901] dump_stack_lvl+0x73/0xb0 [ 22.923974] print_report+0xd1/0x650 [ 22.924031] ? __virt_addr_valid+0x1db/0x2d0 [ 22.924088] ? kasan_atomics_helper+0xde0/0x5450 [ 22.924146] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.924202] ? kasan_atomics_helper+0xde0/0x5450 [ 22.924260] kasan_report+0x141/0x180 [ 22.924316] ? kasan_atomics_helper+0xde0/0x5450 [ 22.924382] kasan_check_range+0x10c/0x1c0 [ 22.924440] __kasan_check_write+0x18/0x20 [ 22.924489] kasan_atomics_helper+0xde0/0x5450 [ 22.924592] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.924679] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.924763] ? kasan_save_alloc_info+0x3b/0x50 [ 22.924847] ? kasan_atomics+0x152/0x310 [ 22.925060] kasan_atomics+0x1dc/0x310 [ 22.925168] ? __pfx_kasan_atomics+0x10/0x10 [ 22.925254] ? __pfx_read_tsc+0x10/0x10 [ 22.926308] ? ktime_get_ts64+0x86/0x230 [ 22.926385] kunit_try_run_case+0x1a5/0x480 [ 22.926450] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.926509] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.926568] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.927934] ? __kthread_parkme+0x82/0x180 [ 22.928019] ? preempt_count_sub+0x50/0x80 [ 22.928098] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.928870] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.928973] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.929049] kthread+0x337/0x6f0 [ 22.929947] ? trace_preempt_on+0x20/0xc0 [ 22.930023] ? __pfx_kthread+0x10/0x10 [ 22.930089] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.930202] ? calculate_sigpending+0x7b/0xa0 [ 22.930283] ? __pfx_kthread+0x10/0x10 [ 22.930345] ret_from_fork+0x116/0x1d0 [ 22.930395] ? __pfx_kthread+0x10/0x10 [ 22.930451] ret_from_fork_asm+0x1a/0x30 [ 22.930536] </TASK> [ 22.930569] [ 22.952241] Allocated by task 283: [ 22.952904] kasan_save_stack+0x45/0x70 [ 22.953267] kasan_save_track+0x18/0x40 [ 22.953589] kasan_save_alloc_info+0x3b/0x50 [ 22.954280] __kasan_kmalloc+0xb7/0xc0 [ 22.954998] __kmalloc_cache_noprof+0x189/0x420 [ 22.955482] kasan_atomics+0x95/0x310 [ 22.956055] kunit_try_run_case+0x1a5/0x480 [ 22.956463] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.957181] kthread+0x337/0x6f0 [ 22.957578] ret_from_fork+0x116/0x1d0 [ 22.958097] ret_from_fork_asm+0x1a/0x30 [ 22.958665] [ 22.958855] The buggy address belongs to the object at ffff8881038ee700 [ 22.958855] which belongs to the cache kmalloc-64 of size 64 [ 22.960198] The buggy address is located 0 bytes to the right of [ 22.960198] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 22.961629] [ 22.962082] The buggy address belongs to the physical page: [ 22.962956] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 22.963675] flags: 0x200000000000000(node=0|zone=2) [ 22.964085] page_type: f5(slab) [ 22.964788] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.965576] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.966432] page dumped because: kasan: bad access detected [ 22.967020] [ 22.967333] Memory state around the buggy address: [ 22.967864] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.968748] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.969613] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.970216] ^ [ 22.970735] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.971412] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.972114] ================================================================== [ 23.717352] ================================================================== [ 23.717755] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 23.718548] Write of size 8 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 23.720195] [ 23.721118] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 23.721228] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.721267] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.721323] Call Trace: [ 23.721366] <TASK> [ 23.721406] dump_stack_lvl+0x73/0xb0 [ 23.721477] print_report+0xd1/0x650 [ 23.721546] ? __virt_addr_valid+0x1db/0x2d0 [ 23.721618] ? kasan_atomics_helper+0x15b6/0x5450 [ 23.721689] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.721762] ? kasan_atomics_helper+0x15b6/0x5450 [ 23.721836] kasan_report+0x141/0x180 [ 23.722318] ? kasan_atomics_helper+0x15b6/0x5450 [ 23.722407] kasan_check_range+0x10c/0x1c0 [ 23.722474] __kasan_check_write+0x18/0x20 [ 23.722531] kasan_atomics_helper+0x15b6/0x5450 [ 23.722598] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.722663] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.722726] ? kasan_save_alloc_info+0x3b/0x50 [ 23.722792] ? kasan_atomics+0x152/0x310 [ 23.722858] kasan_atomics+0x1dc/0x310 [ 23.722967] ? __pfx_kasan_atomics+0x10/0x10 [ 23.723043] ? __pfx_read_tsc+0x10/0x10 [ 23.723105] ? ktime_get_ts64+0x86/0x230 [ 23.723197] kunit_try_run_case+0x1a5/0x480 [ 23.723277] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.723347] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.723419] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.723494] ? __kthread_parkme+0x82/0x180 [ 23.723560] ? preempt_count_sub+0x50/0x80 [ 23.723621] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.723693] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.723768] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.723831] kthread+0x337/0x6f0 [ 23.723911] ? trace_preempt_on+0x20/0xc0 [ 23.723974] ? __pfx_kthread+0x10/0x10 [ 23.724027] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.724082] ? calculate_sigpending+0x7b/0xa0 [ 23.724166] ? __pfx_kthread+0x10/0x10 [ 23.724226] ret_from_fork+0x116/0x1d0 [ 23.724273] ? __pfx_kthread+0x10/0x10 [ 23.724329] ret_from_fork_asm+0x1a/0x30 [ 23.724402] </TASK> [ 23.724432] [ 23.744160] Allocated by task 283: [ 23.744864] kasan_save_stack+0x45/0x70 [ 23.745641] kasan_save_track+0x18/0x40 [ 23.745817] kasan_save_alloc_info+0x3b/0x50 [ 23.746271] __kasan_kmalloc+0xb7/0xc0 [ 23.746702] __kmalloc_cache_noprof+0x189/0x420 [ 23.747169] kasan_atomics+0x95/0x310 [ 23.747493] kunit_try_run_case+0x1a5/0x480 [ 23.748024] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.748595] kthread+0x337/0x6f0 [ 23.749091] ret_from_fork+0x116/0x1d0 [ 23.749499] ret_from_fork_asm+0x1a/0x30 [ 23.750041] [ 23.750312] The buggy address belongs to the object at ffff8881038ee700 [ 23.750312] which belongs to the cache kmalloc-64 of size 64 [ 23.751419] The buggy address is located 0 bytes to the right of [ 23.751419] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 23.752442] [ 23.752734] The buggy address belongs to the physical page: [ 23.753301] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 23.754031] flags: 0x200000000000000(node=0|zone=2) [ 23.754549] page_type: f5(slab) [ 23.754991] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.755608] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.756382] page dumped because: kasan: bad access detected [ 23.756918] [ 23.757198] Memory state around the buggy address: [ 23.757689] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.758327] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.759024] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.759595] ^ [ 23.760180] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.760801] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.761514] ================================================================== [ 24.522353] ================================================================== [ 24.523607] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 24.524056] Write of size 8 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 24.525715] [ 24.526322] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 24.526422] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.526455] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.526505] Call Trace: [ 24.526538] <TASK> [ 24.526570] dump_stack_lvl+0x73/0xb0 [ 24.526636] print_report+0xd1/0x650 [ 24.526693] ? __virt_addr_valid+0x1db/0x2d0 [ 24.526747] ? kasan_atomics_helper+0x2006/0x5450 [ 24.526801] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.526856] ? kasan_atomics_helper+0x2006/0x5450 [ 24.527018] kasan_report+0x141/0x180 [ 24.527928] ? kasan_atomics_helper+0x2006/0x5450 [ 24.528027] kasan_check_range+0x10c/0x1c0 [ 24.528111] __kasan_check_write+0x18/0x20 [ 24.528206] kasan_atomics_helper+0x2006/0x5450 [ 24.528289] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.528385] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.528498] ? kasan_save_alloc_info+0x3b/0x50 [ 24.528604] ? kasan_atomics+0x152/0x310 [ 24.528742] kasan_atomics+0x1dc/0x310 [ 24.528837] ? __pfx_kasan_atomics+0x10/0x10 [ 24.528951] ? __pfx_read_tsc+0x10/0x10 [ 24.529053] ? ktime_get_ts64+0x86/0x230 [ 24.529277] kunit_try_run_case+0x1a5/0x480 [ 24.529368] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.529445] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.529518] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.529598] ? __kthread_parkme+0x82/0x180 [ 24.529668] ? preempt_count_sub+0x50/0x80 [ 24.529740] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.529809] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.529920] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.529996] kthread+0x337/0x6f0 [ 24.530055] ? trace_preempt_on+0x20/0xc0 [ 24.530131] ? __pfx_kthread+0x10/0x10 [ 24.530200] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.530279] ? calculate_sigpending+0x7b/0xa0 [ 24.530355] ? __pfx_kthread+0x10/0x10 [ 24.530427] ret_from_fork+0x116/0x1d0 [ 24.530487] ? __pfx_kthread+0x10/0x10 [ 24.530556] ret_from_fork_asm+0x1a/0x30 [ 24.530640] </TASK> [ 24.530675] [ 24.551684] Allocated by task 283: [ 24.552448] kasan_save_stack+0x45/0x70 [ 24.553022] kasan_save_track+0x18/0x40 [ 24.553564] kasan_save_alloc_info+0x3b/0x50 [ 24.554016] __kasan_kmalloc+0xb7/0xc0 [ 24.554700] __kmalloc_cache_noprof+0x189/0x420 [ 24.555103] kasan_atomics+0x95/0x310 [ 24.555747] kunit_try_run_case+0x1a5/0x480 [ 24.556231] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.556950] kthread+0x337/0x6f0 [ 24.557330] ret_from_fork+0x116/0x1d0 [ 24.557747] ret_from_fork_asm+0x1a/0x30 [ 24.558166] [ 24.558383] The buggy address belongs to the object at ffff8881038ee700 [ 24.558383] which belongs to the cache kmalloc-64 of size 64 [ 24.559902] The buggy address is located 0 bytes to the right of [ 24.559902] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 24.561176] [ 24.561580] The buggy address belongs to the physical page: [ 24.562226] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 24.563102] flags: 0x200000000000000(node=0|zone=2) [ 24.564063] page_type: f5(slab) [ 24.564352] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.565372] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.565923] page dumped because: kasan: bad access detected [ 24.566896] [ 24.567067] Memory state around the buggy address: [ 24.567408] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.568282] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.569090] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.569745] ^ [ 24.570398] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.571072] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.571783] ================================================================== [ 22.755081] ================================================================== [ 22.756197] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 22.757513] Write of size 4 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 22.758051] [ 22.758397] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 22.758501] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.758541] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.758600] Call Trace: [ 22.758640] <TASK> [ 22.758683] dump_stack_lvl+0x73/0xb0 [ 22.758770] print_report+0xd1/0x650 [ 22.758852] ? __virt_addr_valid+0x1db/0x2d0 [ 22.758958] ? kasan_atomics_helper+0xb6a/0x5450 [ 22.759056] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.759162] ? kasan_atomics_helper+0xb6a/0x5450 [ 22.759242] kasan_report+0x141/0x180 [ 22.759322] ? kasan_atomics_helper+0xb6a/0x5450 [ 22.759407] kasan_check_range+0x10c/0x1c0 [ 22.759490] __kasan_check_write+0x18/0x20 [ 22.759561] kasan_atomics_helper+0xb6a/0x5450 [ 22.759642] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.759699] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.759737] ? kasan_save_alloc_info+0x3b/0x50 [ 22.759774] ? kasan_atomics+0x152/0x310 [ 22.759814] kasan_atomics+0x1dc/0x310 [ 22.759847] ? __pfx_kasan_atomics+0x10/0x10 [ 22.759909] ? __pfx_read_tsc+0x10/0x10 [ 22.759946] ? ktime_get_ts64+0x86/0x230 [ 22.759982] kunit_try_run_case+0x1a5/0x480 [ 22.760019] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.760056] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.760090] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.760167] ? __kthread_parkme+0x82/0x180 [ 22.760200] ? preempt_count_sub+0x50/0x80 [ 22.760233] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.760270] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.760306] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.760342] kthread+0x337/0x6f0 [ 22.760372] ? trace_preempt_on+0x20/0xc0 [ 22.760403] ? __pfx_kthread+0x10/0x10 [ 22.760433] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.760466] ? calculate_sigpending+0x7b/0xa0 [ 22.760500] ? __pfx_kthread+0x10/0x10 [ 22.760532] ret_from_fork+0x116/0x1d0 [ 22.760559] ? __pfx_kthread+0x10/0x10 [ 22.760589] ret_from_fork_asm+0x1a/0x30 [ 22.760631] </TASK> [ 22.760646] [ 22.776722] Allocated by task 283: [ 22.777116] kasan_save_stack+0x45/0x70 [ 22.777547] kasan_save_track+0x18/0x40 [ 22.777999] kasan_save_alloc_info+0x3b/0x50 [ 22.778479] __kasan_kmalloc+0xb7/0xc0 [ 22.778942] __kmalloc_cache_noprof+0x189/0x420 [ 22.779611] kasan_atomics+0x95/0x310 [ 22.780093] kunit_try_run_case+0x1a5/0x480 [ 22.780614] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.781145] kthread+0x337/0x6f0 [ 22.781509] ret_from_fork+0x116/0x1d0 [ 22.781956] ret_from_fork_asm+0x1a/0x30 [ 22.782531] [ 22.782729] The buggy address belongs to the object at ffff8881038ee700 [ 22.782729] which belongs to the cache kmalloc-64 of size 64 [ 22.783437] The buggy address is located 0 bytes to the right of [ 22.783437] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 22.784463] [ 22.784711] The buggy address belongs to the physical page: [ 22.785256] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 22.786032] flags: 0x200000000000000(node=0|zone=2) [ 22.786470] page_type: f5(slab) [ 22.786759] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.787249] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.787778] page dumped because: kasan: bad access detected [ 22.789743] [ 22.790003] Memory state around the buggy address: [ 22.790977] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.791667] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.792363] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.792948] ^ [ 22.793523] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.794182] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.794814] ================================================================== [ 24.703346] ================================================================== [ 24.704106] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 24.704653] Write of size 8 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 24.705380] [ 24.705648] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 24.705711] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.705730] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.705772] Call Trace: [ 24.705808] <TASK> [ 24.705842] dump_stack_lvl+0x73/0xb0 [ 24.705939] print_report+0xd1/0x650 [ 24.706020] ? __virt_addr_valid+0x1db/0x2d0 [ 24.706140] ? kasan_atomics_helper+0x218a/0x5450 [ 24.706220] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.706313] ? kasan_atomics_helper+0x218a/0x5450 [ 24.706389] kasan_report+0x141/0x180 [ 24.706518] ? kasan_atomics_helper+0x218a/0x5450 [ 24.706610] kasan_check_range+0x10c/0x1c0 [ 24.706697] __kasan_check_write+0x18/0x20 [ 24.706797] kasan_atomics_helper+0x218a/0x5450 [ 24.706921] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.707005] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.707087] ? kasan_save_alloc_info+0x3b/0x50 [ 24.707207] ? kasan_atomics+0x152/0x310 [ 24.707324] kasan_atomics+0x1dc/0x310 [ 24.707406] ? __pfx_kasan_atomics+0x10/0x10 [ 24.707542] ? __pfx_read_tsc+0x10/0x10 [ 24.707624] ? ktime_get_ts64+0x86/0x230 [ 24.707708] kunit_try_run_case+0x1a5/0x480 [ 24.707842] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.707947] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.708031] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.708117] ? __kthread_parkme+0x82/0x180 [ 24.708219] ? preempt_count_sub+0x50/0x80 [ 24.708327] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.708414] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.708523] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.708638] kthread+0x337/0x6f0 [ 24.708712] ? trace_preempt_on+0x20/0xc0 [ 24.708814] ? __pfx_kthread+0x10/0x10 [ 24.708937] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.709010] ? calculate_sigpending+0x7b/0xa0 [ 24.709052] ? __pfx_kthread+0x10/0x10 [ 24.709087] ret_from_fork+0x116/0x1d0 [ 24.709155] ? __pfx_kthread+0x10/0x10 [ 24.709192] ret_from_fork_asm+0x1a/0x30 [ 24.709236] </TASK> [ 24.709255] [ 24.727327] Allocated by task 283: [ 24.727815] kasan_save_stack+0x45/0x70 [ 24.728398] kasan_save_track+0x18/0x40 [ 24.728867] kasan_save_alloc_info+0x3b/0x50 [ 24.729239] __kasan_kmalloc+0xb7/0xc0 [ 24.729712] __kmalloc_cache_noprof+0x189/0x420 [ 24.730238] kasan_atomics+0x95/0x310 [ 24.730793] kunit_try_run_case+0x1a5/0x480 [ 24.731256] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.731732] kthread+0x337/0x6f0 [ 24.732109] ret_from_fork+0x116/0x1d0 [ 24.732577] ret_from_fork_asm+0x1a/0x30 [ 24.733134] [ 24.733376] The buggy address belongs to the object at ffff8881038ee700 [ 24.733376] which belongs to the cache kmalloc-64 of size 64 [ 24.734162] The buggy address is located 0 bytes to the right of [ 24.734162] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 24.735539] [ 24.735730] The buggy address belongs to the physical page: [ 24.736230] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 24.737022] flags: 0x200000000000000(node=0|zone=2) [ 24.737551] page_type: f5(slab) [ 24.737840] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.738354] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.738840] page dumped because: kasan: bad access detected [ 24.739434] [ 24.739710] Memory state around the buggy address: [ 24.740075] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.740984] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.741850] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.742658] ^ [ 24.743190] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.743784] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.744451] ================================================================== [ 24.745264] ================================================================== [ 24.747253] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 24.747694] Read of size 8 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 24.748234] [ 24.748804] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 24.748942] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.748987] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.749045] Call Trace: [ 24.749088] <TASK> [ 24.749148] dump_stack_lvl+0x73/0xb0 [ 24.749224] print_report+0xd1/0x650 [ 24.749261] ? __virt_addr_valid+0x1db/0x2d0 [ 24.749296] ? kasan_atomics_helper+0x4fa5/0x5450 [ 24.749328] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.749402] ? kasan_atomics_helper+0x4fa5/0x5450 [ 24.749440] kasan_report+0x141/0x180 [ 24.749474] ? kasan_atomics_helper+0x4fa5/0x5450 [ 24.749512] __asan_report_load8_noabort+0x18/0x20 [ 24.749552] kasan_atomics_helper+0x4fa5/0x5450 [ 24.749584] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.749617] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.749653] ? kasan_save_alloc_info+0x3b/0x50 [ 24.749687] ? kasan_atomics+0x152/0x310 [ 24.749725] kasan_atomics+0x1dc/0x310 [ 24.749759] ? __pfx_kasan_atomics+0x10/0x10 [ 24.749795] ? __pfx_read_tsc+0x10/0x10 [ 24.749826] ? ktime_get_ts64+0x86/0x230 [ 24.749859] kunit_try_run_case+0x1a5/0x480 [ 24.749950] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.750030] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.750106] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.750187] ? __kthread_parkme+0x82/0x180 [ 24.750276] ? preempt_count_sub+0x50/0x80 [ 24.750360] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.750442] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.750524] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.750606] kthread+0x337/0x6f0 [ 24.750680] ? trace_preempt_on+0x20/0xc0 [ 24.750739] ? __pfx_kthread+0x10/0x10 [ 24.750772] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.750804] ? calculate_sigpending+0x7b/0xa0 [ 24.750839] ? __pfx_kthread+0x10/0x10 [ 24.750888] ret_from_fork+0x116/0x1d0 [ 24.750924] ? __pfx_kthread+0x10/0x10 [ 24.750957] ret_from_fork_asm+0x1a/0x30 [ 24.751001] </TASK> [ 24.751018] [ 24.772161] Allocated by task 283: [ 24.772714] kasan_save_stack+0x45/0x70 [ 24.773586] kasan_save_track+0x18/0x40 [ 24.774132] kasan_save_alloc_info+0x3b/0x50 [ 24.775078] __kasan_kmalloc+0xb7/0xc0 [ 24.775444] __kmalloc_cache_noprof+0x189/0x420 [ 24.776046] kasan_atomics+0x95/0x310 [ 24.776630] kunit_try_run_case+0x1a5/0x480 [ 24.777246] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.777941] kthread+0x337/0x6f0 [ 24.778461] ret_from_fork+0x116/0x1d0 [ 24.778838] ret_from_fork_asm+0x1a/0x30 [ 24.779530] [ 24.779770] The buggy address belongs to the object at ffff8881038ee700 [ 24.779770] which belongs to the cache kmalloc-64 of size 64 [ 24.780994] The buggy address is located 0 bytes to the right of [ 24.780994] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 24.782559] [ 24.782748] The buggy address belongs to the physical page: [ 24.783597] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 24.784508] flags: 0x200000000000000(node=0|zone=2) [ 24.785065] page_type: f5(slab) [ 24.785621] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.786391] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.786828] page dumped because: kasan: bad access detected [ 24.787754] [ 24.788064] Memory state around the buggy address: [ 24.789614] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.790676] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.792035] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.793629] ^ [ 24.793986] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.795932] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.797621] ================================================================== [ 24.801060] ================================================================== [ 24.802082] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 24.802966] Write of size 8 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 24.803544] [ 24.803817] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 24.803960] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.803994] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.804029] Call Trace: [ 24.804051] <TASK> [ 24.804071] dump_stack_lvl+0x73/0xb0 [ 24.804581] print_report+0xd1/0x650 [ 24.804630] ? __virt_addr_valid+0x1db/0x2d0 [ 24.804669] ? kasan_atomics_helper+0x224c/0x5450 [ 24.804703] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.804737] ? kasan_atomics_helper+0x224c/0x5450 [ 24.804769] kasan_report+0x141/0x180 [ 24.804801] ? kasan_atomics_helper+0x224c/0x5450 [ 24.804838] kasan_check_range+0x10c/0x1c0 [ 24.804895] __kasan_check_write+0x18/0x20 [ 24.804942] kasan_atomics_helper+0x224c/0x5450 [ 24.804978] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.805011] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.805047] ? kasan_save_alloc_info+0x3b/0x50 [ 24.805083] ? kasan_atomics+0x152/0x310 [ 24.805162] kasan_atomics+0x1dc/0x310 [ 24.805202] ? __pfx_kasan_atomics+0x10/0x10 [ 24.805239] ? __pfx_read_tsc+0x10/0x10 [ 24.805272] ? ktime_get_ts64+0x86/0x230 [ 24.805307] kunit_try_run_case+0x1a5/0x480 [ 24.805344] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.805379] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.805414] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.805448] ? __kthread_parkme+0x82/0x180 [ 24.805478] ? preempt_count_sub+0x50/0x80 [ 24.805511] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.805547] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.805582] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.805618] kthread+0x337/0x6f0 [ 24.805648] ? trace_preempt_on+0x20/0xc0 [ 24.805682] ? __pfx_kthread+0x10/0x10 [ 24.805712] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.805744] ? calculate_sigpending+0x7b/0xa0 [ 24.805780] ? __pfx_kthread+0x10/0x10 [ 24.805812] ret_from_fork+0x116/0x1d0 [ 24.805839] ? __pfx_kthread+0x10/0x10 [ 24.805868] ret_from_fork_asm+0x1a/0x30 [ 24.805967] </TASK> [ 24.805986] [ 24.828758] Allocated by task 283: [ 24.829153] kasan_save_stack+0x45/0x70 [ 24.829580] kasan_save_track+0x18/0x40 [ 24.829946] kasan_save_alloc_info+0x3b/0x50 [ 24.830809] __kasan_kmalloc+0xb7/0xc0 [ 24.831374] __kmalloc_cache_noprof+0x189/0x420 [ 24.832061] kasan_atomics+0x95/0x310 [ 24.832462] kunit_try_run_case+0x1a5/0x480 [ 24.833123] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.833893] kthread+0x337/0x6f0 [ 24.834186] ret_from_fork+0x116/0x1d0 [ 24.835057] ret_from_fork_asm+0x1a/0x30 [ 24.835544] [ 24.835786] The buggy address belongs to the object at ffff8881038ee700 [ 24.835786] which belongs to the cache kmalloc-64 of size 64 [ 24.837054] The buggy address is located 0 bytes to the right of [ 24.837054] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 24.838331] [ 24.838704] The buggy address belongs to the physical page: [ 24.839128] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 24.839892] flags: 0x200000000000000(node=0|zone=2) [ 24.840390] page_type: f5(slab) [ 24.840688] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.841478] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.841939] page dumped because: kasan: bad access detected [ 24.842290] [ 24.842470] Memory state around the buggy address: [ 24.843825] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.844567] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.845021] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.845432] ^ [ 24.845773] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.847507] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.848476] ================================================================== [ 23.453128] ================================================================== [ 23.454980] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 23.455745] Read of size 4 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 23.456780] [ 23.457035] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 23.457136] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.457169] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.457218] Call Trace: [ 23.457248] <TASK> [ 23.457279] dump_stack_lvl+0x73/0xb0 [ 23.457347] print_report+0xd1/0x650 [ 23.457402] ? __virt_addr_valid+0x1db/0x2d0 [ 23.457458] ? kasan_atomics_helper+0x49ce/0x5450 [ 23.457512] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.457568] ? kasan_atomics_helper+0x49ce/0x5450 [ 23.457620] kasan_report+0x141/0x180 [ 23.457678] ? kasan_atomics_helper+0x49ce/0x5450 [ 23.457743] __asan_report_load4_noabort+0x18/0x20 [ 23.457802] kasan_atomics_helper+0x49ce/0x5450 [ 23.457860] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.457944] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.458762] ? kasan_save_alloc_info+0x3b/0x50 [ 23.458836] ? kasan_atomics+0x152/0x310 [ 23.458932] kasan_atomics+0x1dc/0x310 [ 23.459495] ? __pfx_kasan_atomics+0x10/0x10 [ 23.459592] ? __pfx_read_tsc+0x10/0x10 [ 23.459655] ? ktime_get_ts64+0x86/0x230 [ 23.459716] kunit_try_run_case+0x1a5/0x480 [ 23.459778] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.459836] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.459922] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.460010] ? __kthread_parkme+0x82/0x180 [ 23.460090] ? preempt_count_sub+0x50/0x80 [ 23.460568] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.460731] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.460810] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.460917] kthread+0x337/0x6f0 [ 23.460993] ? trace_preempt_on+0x20/0xc0 [ 23.461070] ? __pfx_kthread+0x10/0x10 [ 23.461146] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.461220] ? calculate_sigpending+0x7b/0xa0 [ 23.461298] ? __pfx_kthread+0x10/0x10 [ 23.461372] ret_from_fork+0x116/0x1d0 [ 23.461439] ? __pfx_kthread+0x10/0x10 [ 23.461508] ret_from_fork_asm+0x1a/0x30 [ 23.461598] </TASK> [ 23.461633] [ 23.479466] Allocated by task 283: [ 23.479849] kasan_save_stack+0x45/0x70 [ 23.480598] kasan_save_track+0x18/0x40 [ 23.480934] kasan_save_alloc_info+0x3b/0x50 [ 23.481773] __kasan_kmalloc+0xb7/0xc0 [ 23.482547] __kmalloc_cache_noprof+0x189/0x420 [ 23.483414] kasan_atomics+0x95/0x310 [ 23.483751] kunit_try_run_case+0x1a5/0x480 [ 23.484081] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.484661] kthread+0x337/0x6f0 [ 23.485061] ret_from_fork+0x116/0x1d0 [ 23.485525] ret_from_fork_asm+0x1a/0x30 [ 23.485933] [ 23.486217] The buggy address belongs to the object at ffff8881038ee700 [ 23.486217] which belongs to the cache kmalloc-64 of size 64 [ 23.487168] The buggy address is located 0 bytes to the right of [ 23.487168] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 23.488172] [ 23.488392] The buggy address belongs to the physical page: [ 23.488947] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 23.489560] flags: 0x200000000000000(node=0|zone=2) [ 23.490057] page_type: f5(slab) [ 23.490473] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.491071] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.491774] page dumped because: kasan: bad access detected [ 23.492341] [ 23.492529] Memory state around the buggy address: [ 23.492991] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.493603] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.494301] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.494870] ^ [ 23.495402] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.495946] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.496597] ================================================================== [ 22.153760] ================================================================== [ 22.154417] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 22.155009] Read of size 4 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 22.155765] [ 22.156052] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 22.156236] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.156271] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.156333] Call Trace: [ 22.156386] <TASK> [ 22.156434] dump_stack_lvl+0x73/0xb0 [ 22.156551] print_report+0xd1/0x650 [ 22.156676] ? __virt_addr_valid+0x1db/0x2d0 [ 22.156780] ? kasan_atomics_helper+0x4b54/0x5450 [ 22.156900] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.156984] ? kasan_atomics_helper+0x4b54/0x5450 [ 22.157060] kasan_report+0x141/0x180 [ 22.157186] ? kasan_atomics_helper+0x4b54/0x5450 [ 22.157278] __asan_report_load4_noabort+0x18/0x20 [ 22.157449] kasan_atomics_helper+0x4b54/0x5450 [ 22.157550] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.157618] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.157688] ? kasan_save_alloc_info+0x3b/0x50 [ 22.157764] ? kasan_atomics+0x152/0x310 [ 22.157855] kasan_atomics+0x1dc/0x310 [ 22.157988] ? __pfx_kasan_atomics+0x10/0x10 [ 22.158146] ? __pfx_read_tsc+0x10/0x10 [ 22.158224] ? ktime_get_ts64+0x86/0x230 [ 22.158322] kunit_try_run_case+0x1a5/0x480 [ 22.158431] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.158543] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.158613] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.158653] ? __kthread_parkme+0x82/0x180 [ 22.158688] ? preempt_count_sub+0x50/0x80 [ 22.158731] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.158803] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.158843] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.158907] kthread+0x337/0x6f0 [ 22.158940] ? trace_preempt_on+0x20/0xc0 [ 22.158976] ? __pfx_kthread+0x10/0x10 [ 22.159007] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.159039] ? calculate_sigpending+0x7b/0xa0 [ 22.159075] ? __pfx_kthread+0x10/0x10 [ 22.159157] ret_from_fork+0x116/0x1d0 [ 22.159191] ? __pfx_kthread+0x10/0x10 [ 22.159223] ret_from_fork_asm+0x1a/0x30 [ 22.159267] </TASK> [ 22.159285] [ 22.178747] Allocated by task 283: [ 22.179685] kasan_save_stack+0x45/0x70 [ 22.180035] kasan_save_track+0x18/0x40 [ 22.180489] kasan_save_alloc_info+0x3b/0x50 [ 22.180894] __kasan_kmalloc+0xb7/0xc0 [ 22.181309] __kmalloc_cache_noprof+0x189/0x420 [ 22.181716] kasan_atomics+0x95/0x310 [ 22.182621] kunit_try_run_case+0x1a5/0x480 [ 22.183291] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.183766] kthread+0x337/0x6f0 [ 22.184172] ret_from_fork+0x116/0x1d0 [ 22.184549] ret_from_fork_asm+0x1a/0x30 [ 22.184967] [ 22.185260] The buggy address belongs to the object at ffff8881038ee700 [ 22.185260] which belongs to the cache kmalloc-64 of size 64 [ 22.186169] The buggy address is located 0 bytes to the right of [ 22.186169] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 22.187147] [ 22.187402] The buggy address belongs to the physical page: [ 22.187789] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 22.188488] flags: 0x200000000000000(node=0|zone=2) [ 22.189002] page_type: f5(slab) [ 22.189424] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.189944] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.190617] page dumped because: kasan: bad access detected [ 22.191174] [ 22.191411] Memory state around the buggy address: [ 22.191787] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.192421] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.193055] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.193685] ^ [ 22.194056] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.194720] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.195357] ================================================================== [ 22.014917] ================================================================== [ 22.015551] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 22.016386] Read of size 4 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 22.017097] [ 22.017666] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 22.017791] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.017832] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.017869] Call Trace: [ 22.017920] <TASK> [ 22.017963] dump_stack_lvl+0x73/0xb0 [ 22.018009] print_report+0xd1/0x650 [ 22.018042] ? __virt_addr_valid+0x1db/0x2d0 [ 22.018076] ? kasan_atomics_helper+0x4b88/0x5450 [ 22.018125] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.018306] ? kasan_atomics_helper+0x4b88/0x5450 [ 22.018346] kasan_report+0x141/0x180 [ 22.018408] ? kasan_atomics_helper+0x4b88/0x5450 [ 22.018450] __asan_report_load4_noabort+0x18/0x20 [ 22.018488] kasan_atomics_helper+0x4b88/0x5450 [ 22.018522] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.018555] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.018591] ? kasan_save_alloc_info+0x3b/0x50 [ 22.018626] ? kasan_atomics+0x152/0x310 [ 22.018663] kasan_atomics+0x1dc/0x310 [ 22.018697] ? __pfx_kasan_atomics+0x10/0x10 [ 22.018733] ? __pfx_read_tsc+0x10/0x10 [ 22.018766] ? ktime_get_ts64+0x86/0x230 [ 22.018801] kunit_try_run_case+0x1a5/0x480 [ 22.018838] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.018892] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.018937] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.018974] ? __kthread_parkme+0x82/0x180 [ 22.019005] ? preempt_count_sub+0x50/0x80 [ 22.019038] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.019075] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.019169] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.019261] kthread+0x337/0x6f0 [ 22.019333] ? trace_preempt_on+0x20/0xc0 [ 22.019411] ? __pfx_kthread+0x10/0x10 [ 22.019448] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.019482] ? calculate_sigpending+0x7b/0xa0 [ 22.019519] ? __pfx_kthread+0x10/0x10 [ 22.019551] ret_from_fork+0x116/0x1d0 [ 22.019579] ? __pfx_kthread+0x10/0x10 [ 22.019610] ret_from_fork_asm+0x1a/0x30 [ 22.019651] </TASK> [ 22.019667] [ 22.039779] Allocated by task 283: [ 22.040023] kasan_save_stack+0x45/0x70 [ 22.040353] kasan_save_track+0x18/0x40 [ 22.041456] kasan_save_alloc_info+0x3b/0x50 [ 22.041918] __kasan_kmalloc+0xb7/0xc0 [ 22.042321] __kmalloc_cache_noprof+0x189/0x420 [ 22.042772] kasan_atomics+0x95/0x310 [ 22.043158] kunit_try_run_case+0x1a5/0x480 [ 22.043551] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.044598] kthread+0x337/0x6f0 [ 22.044870] ret_from_fork+0x116/0x1d0 [ 22.045581] ret_from_fork_asm+0x1a/0x30 [ 22.046159] [ 22.046555] The buggy address belongs to the object at ffff8881038ee700 [ 22.046555] which belongs to the cache kmalloc-64 of size 64 [ 22.047798] The buggy address is located 0 bytes to the right of [ 22.047798] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 22.049167] [ 22.049356] The buggy address belongs to the physical page: [ 22.049848] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 22.050758] flags: 0x200000000000000(node=0|zone=2) [ 22.051336] page_type: f5(slab) [ 22.051830] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.052647] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.053328] page dumped because: kasan: bad access detected [ 22.053825] [ 22.054061] Memory state around the buggy address: [ 22.054493] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.055365] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.055799] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.056661] ^ [ 22.057288] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.057980] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.058828] ================================================================== [ 24.345011] ================================================================== [ 24.345762] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 24.346514] Write of size 8 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 24.347397] [ 24.347615] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 24.347729] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.347773] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.347831] Call Trace: [ 24.347943] <TASK> [ 24.348019] dump_stack_lvl+0x73/0xb0 [ 24.348205] print_report+0xd1/0x650 [ 24.348288] ? __virt_addr_valid+0x1db/0x2d0 [ 24.348370] ? kasan_atomics_helper+0x1e12/0x5450 [ 24.348450] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.348615] ? kasan_atomics_helper+0x1e12/0x5450 [ 24.348700] kasan_report+0x141/0x180 [ 24.348777] ? kasan_atomics_helper+0x1e12/0x5450 [ 24.348864] kasan_check_range+0x10c/0x1c0 [ 24.348933] __kasan_check_write+0x18/0x20 [ 24.348967] kasan_atomics_helper+0x1e12/0x5450 [ 24.349005] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.349039] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.349075] ? kasan_save_alloc_info+0x3b/0x50 [ 24.349154] ? kasan_atomics+0x152/0x310 [ 24.349197] kasan_atomics+0x1dc/0x310 [ 24.349233] ? __pfx_kasan_atomics+0x10/0x10 [ 24.349268] ? __pfx_read_tsc+0x10/0x10 [ 24.349299] ? ktime_get_ts64+0x86/0x230 [ 24.349334] kunit_try_run_case+0x1a5/0x480 [ 24.349370] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.349405] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.349438] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.349473] ? __kthread_parkme+0x82/0x180 [ 24.349501] ? preempt_count_sub+0x50/0x80 [ 24.349535] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.349572] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.349607] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.349644] kthread+0x337/0x6f0 [ 24.349672] ? trace_preempt_on+0x20/0xc0 [ 24.349705] ? __pfx_kthread+0x10/0x10 [ 24.349736] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.349768] ? calculate_sigpending+0x7b/0xa0 [ 24.349802] ? __pfx_kthread+0x10/0x10 [ 24.349835] ret_from_fork+0x116/0x1d0 [ 24.349862] ? __pfx_kthread+0x10/0x10 [ 24.349920] ret_from_fork_asm+0x1a/0x30 [ 24.349965] </TASK> [ 24.349981] [ 24.366856] Allocated by task 283: [ 24.367318] kasan_save_stack+0x45/0x70 [ 24.367752] kasan_save_track+0x18/0x40 [ 24.368226] kasan_save_alloc_info+0x3b/0x50 [ 24.368680] __kasan_kmalloc+0xb7/0xc0 [ 24.369180] __kmalloc_cache_noprof+0x189/0x420 [ 24.369652] kasan_atomics+0x95/0x310 [ 24.370199] kunit_try_run_case+0x1a5/0x480 [ 24.370570] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.371207] kthread+0x337/0x6f0 [ 24.371576] ret_from_fork+0x116/0x1d0 [ 24.371916] ret_from_fork_asm+0x1a/0x30 [ 24.372305] [ 24.372518] The buggy address belongs to the object at ffff8881038ee700 [ 24.372518] which belongs to the cache kmalloc-64 of size 64 [ 24.373679] The buggy address is located 0 bytes to the right of [ 24.373679] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 24.374824] [ 24.375032] The buggy address belongs to the physical page: [ 24.375442] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 24.376261] flags: 0x200000000000000(node=0|zone=2) [ 24.376737] page_type: f5(slab) [ 24.377222] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.377958] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.378595] page dumped because: kasan: bad access detected [ 24.379201] [ 24.379440] Memory state around the buggy address: [ 24.379947] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.380622] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.381268] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.381846] ^ [ 24.382424] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.382905] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.383551] ================================================================== [ 22.469272] ================================================================== [ 22.470008] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 22.470692] Write of size 4 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 22.471412] [ 22.471686] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 22.471844] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.471908] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.471971] Call Trace: [ 22.472016] <TASK> [ 22.472062] dump_stack_lvl+0x73/0xb0 [ 22.472223] print_report+0xd1/0x650 [ 22.472309] ? __virt_addr_valid+0x1db/0x2d0 [ 22.472376] ? kasan_atomics_helper+0x7c7/0x5450 [ 22.472412] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.472447] ? kasan_atomics_helper+0x7c7/0x5450 [ 22.472480] kasan_report+0x141/0x180 [ 22.472546] ? kasan_atomics_helper+0x7c7/0x5450 [ 22.472613] kasan_check_range+0x10c/0x1c0 [ 22.472689] __kasan_check_write+0x18/0x20 [ 22.472798] kasan_atomics_helper+0x7c7/0x5450 [ 22.472899] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.472977] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.473062] ? kasan_save_alloc_info+0x3b/0x50 [ 22.473217] ? kasan_atomics+0x152/0x310 [ 22.473306] kasan_atomics+0x1dc/0x310 [ 22.473390] ? __pfx_kasan_atomics+0x10/0x10 [ 22.473515] ? __pfx_read_tsc+0x10/0x10 [ 22.473594] ? ktime_get_ts64+0x86/0x230 [ 22.473679] kunit_try_run_case+0x1a5/0x480 [ 22.473797] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.473894] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.473976] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.474060] ? __kthread_parkme+0x82/0x180 [ 22.474214] ? preempt_count_sub+0x50/0x80 [ 22.474312] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.474401] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.474521] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.474609] kthread+0x337/0x6f0 [ 22.474684] ? trace_preempt_on+0x20/0xc0 [ 22.474744] ? __pfx_kthread+0x10/0x10 [ 22.474780] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.474817] ? calculate_sigpending+0x7b/0xa0 [ 22.474853] ? __pfx_kthread+0x10/0x10 [ 22.474912] ret_from_fork+0x116/0x1d0 [ 22.474945] ? __pfx_kthread+0x10/0x10 [ 22.474976] ret_from_fork_asm+0x1a/0x30 [ 22.475019] </TASK> [ 22.475034] [ 22.492380] Allocated by task 283: [ 22.492844] kasan_save_stack+0x45/0x70 [ 22.493316] kasan_save_track+0x18/0x40 [ 22.493894] kasan_save_alloc_info+0x3b/0x50 [ 22.494384] __kasan_kmalloc+0xb7/0xc0 [ 22.494705] __kmalloc_cache_noprof+0x189/0x420 [ 22.496787] kasan_atomics+0x95/0x310 [ 22.497158] kunit_try_run_case+0x1a5/0x480 [ 22.497736] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.498740] kthread+0x337/0x6f0 [ 22.499060] ret_from_fork+0x116/0x1d0 [ 22.499493] ret_from_fork_asm+0x1a/0x30 [ 22.499894] [ 22.500502] The buggy address belongs to the object at ffff8881038ee700 [ 22.500502] which belongs to the cache kmalloc-64 of size 64 [ 22.501323] The buggy address is located 0 bytes to the right of [ 22.501323] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 22.503018] [ 22.503305] The buggy address belongs to the physical page: [ 22.503772] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 22.504728] flags: 0x200000000000000(node=0|zone=2) [ 22.505170] page_type: f5(slab) [ 22.505861] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.506733] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.507579] page dumped because: kasan: bad access detected [ 22.508340] [ 22.508609] Memory state around the buggy address: [ 22.508957] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.510222] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.510717] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.511587] ^ [ 22.512213] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.512813] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.513588] ================================================================== [ 21.964756] ================================================================== [ 21.966425] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 21.967245] Write of size 4 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 21.967893] [ 21.968165] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 21.968291] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.968333] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.968392] Call Trace: [ 21.968445] <TASK> [ 21.968492] dump_stack_lvl+0x73/0xb0 [ 21.968576] print_report+0xd1/0x650 [ 21.968649] ? __virt_addr_valid+0x1db/0x2d0 [ 21.968726] ? kasan_atomics_helper+0x4ba2/0x5450 [ 21.968794] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.968868] ? kasan_atomics_helper+0x4ba2/0x5450 [ 21.968963] kasan_report+0x141/0x180 [ 21.969036] ? kasan_atomics_helper+0x4ba2/0x5450 [ 21.969084] __asan_report_store4_noabort+0x1b/0x30 [ 21.969157] kasan_atomics_helper+0x4ba2/0x5450 [ 21.969198] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.969231] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.969267] ? kasan_save_alloc_info+0x3b/0x50 [ 21.969301] ? kasan_atomics+0x152/0x310 [ 21.969338] kasan_atomics+0x1dc/0x310 [ 21.969370] ? __pfx_kasan_atomics+0x10/0x10 [ 21.969405] ? __pfx_read_tsc+0x10/0x10 [ 21.969435] ? ktime_get_ts64+0x86/0x230 [ 21.969470] kunit_try_run_case+0x1a5/0x480 [ 21.969507] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.969541] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.969575] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.969608] ? __kthread_parkme+0x82/0x180 [ 21.969637] ? preempt_count_sub+0x50/0x80 [ 21.969669] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.969704] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.969738] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.969773] kthread+0x337/0x6f0 [ 21.969800] ? trace_preempt_on+0x20/0xc0 [ 21.969832] ? __pfx_kthread+0x10/0x10 [ 21.969860] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.969919] ? calculate_sigpending+0x7b/0xa0 [ 21.969957] ? __pfx_kthread+0x10/0x10 [ 21.969986] ret_from_fork+0x116/0x1d0 [ 21.970012] ? __pfx_kthread+0x10/0x10 [ 21.970041] ret_from_fork_asm+0x1a/0x30 [ 21.970082] </TASK> [ 21.970099] [ 21.991222] Allocated by task 283: [ 21.991692] kasan_save_stack+0x45/0x70 [ 21.992966] kasan_save_track+0x18/0x40 [ 21.993423] kasan_save_alloc_info+0x3b/0x50 [ 21.994137] __kasan_kmalloc+0xb7/0xc0 [ 21.994745] __kmalloc_cache_noprof+0x189/0x420 [ 21.995326] kasan_atomics+0x95/0x310 [ 21.995891] kunit_try_run_case+0x1a5/0x480 [ 21.996474] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.996915] kthread+0x337/0x6f0 [ 21.997929] ret_from_fork+0x116/0x1d0 [ 21.998318] ret_from_fork_asm+0x1a/0x30 [ 21.998765] [ 21.999283] The buggy address belongs to the object at ffff8881038ee700 [ 21.999283] which belongs to the cache kmalloc-64 of size 64 [ 22.000119] The buggy address is located 0 bytes to the right of [ 22.000119] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 22.001654] [ 22.001841] The buggy address belongs to the physical page: [ 22.002812] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 22.003664] flags: 0x200000000000000(node=0|zone=2) [ 22.004069] page_type: f5(slab) [ 22.004671] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.005497] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.006046] page dumped because: kasan: bad access detected [ 22.006753] [ 22.006996] Memory state around the buggy address: [ 22.007475] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.008534] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.009258] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.009760] ^ [ 22.010215] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.010722] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.011835] ================================================================== [ 22.105961] ================================================================== [ 22.106960] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 22.107586] Read of size 4 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 22.108539] [ 22.108732] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 22.108794] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.108815] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.108845] Call Trace: [ 22.108862] <TASK> [ 22.108909] dump_stack_lvl+0x73/0xb0 [ 22.108996] print_report+0xd1/0x650 [ 22.109074] ? __virt_addr_valid+0x1db/0x2d0 [ 22.109154] ? kasan_atomics_helper+0x3df/0x5450 [ 22.109228] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.109558] ? kasan_atomics_helper+0x3df/0x5450 [ 22.109644] kasan_report+0x141/0x180 [ 22.109789] ? kasan_atomics_helper+0x3df/0x5450 [ 22.109899] kasan_check_range+0x10c/0x1c0 [ 22.109946] __kasan_check_read+0x15/0x20 [ 22.109978] kasan_atomics_helper+0x3df/0x5450 [ 22.110014] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.110048] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.110086] ? kasan_save_alloc_info+0x3b/0x50 [ 22.110151] ? kasan_atomics+0x152/0x310 [ 22.110192] kasan_atomics+0x1dc/0x310 [ 22.110227] ? __pfx_kasan_atomics+0x10/0x10 [ 22.110274] ? __pfx_read_tsc+0x10/0x10 [ 22.110309] ? ktime_get_ts64+0x86/0x230 [ 22.110344] kunit_try_run_case+0x1a5/0x480 [ 22.110382] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.110417] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.110451] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.110486] ? __kthread_parkme+0x82/0x180 [ 22.110515] ? preempt_count_sub+0x50/0x80 [ 22.110549] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.110585] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.110620] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.110655] kthread+0x337/0x6f0 [ 22.110684] ? trace_preempt_on+0x20/0xc0 [ 22.110716] ? __pfx_kthread+0x10/0x10 [ 22.110747] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.110779] ? calculate_sigpending+0x7b/0xa0 [ 22.110813] ? __pfx_kthread+0x10/0x10 [ 22.110844] ret_from_fork+0x116/0x1d0 [ 22.110869] ? __pfx_kthread+0x10/0x10 [ 22.110929] ret_from_fork_asm+0x1a/0x30 [ 22.110973] </TASK> [ 22.110990] [ 22.129335] Allocated by task 283: [ 22.132970] kasan_save_stack+0x45/0x70 [ 22.133841] kasan_save_track+0x18/0x40 [ 22.135255] kasan_save_alloc_info+0x3b/0x50 [ 22.136950] __kasan_kmalloc+0xb7/0xc0 [ 22.137408] __kmalloc_cache_noprof+0x189/0x420 [ 22.137898] kasan_atomics+0x95/0x310 [ 22.138330] kunit_try_run_case+0x1a5/0x480 [ 22.138795] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.139507] kthread+0x337/0x6f0 [ 22.139989] ret_from_fork+0x116/0x1d0 [ 22.140451] ret_from_fork_asm+0x1a/0x30 [ 22.140960] [ 22.141249] The buggy address belongs to the object at ffff8881038ee700 [ 22.141249] which belongs to the cache kmalloc-64 of size 64 [ 22.142330] The buggy address is located 0 bytes to the right of [ 22.142330] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 22.143387] [ 22.143629] The buggy address belongs to the physical page: [ 22.144255] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 22.144933] flags: 0x200000000000000(node=0|zone=2) [ 22.145498] page_type: f5(slab) [ 22.145936] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.146562] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.147342] page dumped because: kasan: bad access detected [ 22.147731] [ 22.148016] Memory state around the buggy address: [ 22.148545] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.149270] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.149920] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.150558] ^ [ 22.151020] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.151697] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.152381] ================================================================== [ 24.300312] ================================================================== [ 24.301246] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 24.301926] Write of size 8 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 24.302628] [ 24.302919] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 24.303036] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.303076] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.303178] Call Trace: [ 24.303222] <TASK> [ 24.303261] dump_stack_lvl+0x73/0xb0 [ 24.303347] print_report+0xd1/0x650 [ 24.303424] ? __virt_addr_valid+0x1db/0x2d0 [ 24.303498] ? kasan_atomics_helper+0x1d7a/0x5450 [ 24.303573] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.303648] ? kasan_atomics_helper+0x1d7a/0x5450 [ 24.303722] kasan_report+0x141/0x180 [ 24.303804] ? kasan_atomics_helper+0x1d7a/0x5450 [ 24.303911] kasan_check_range+0x10c/0x1c0 [ 24.304000] __kasan_check_write+0x18/0x20 [ 24.304079] kasan_atomics_helper+0x1d7a/0x5450 [ 24.304208] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.304290] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.304373] ? kasan_save_alloc_info+0x3b/0x50 [ 24.304454] ? kasan_atomics+0x152/0x310 [ 24.304545] kasan_atomics+0x1dc/0x310 [ 24.304629] ? __pfx_kasan_atomics+0x10/0x10 [ 24.304701] ? __pfx_read_tsc+0x10/0x10 [ 24.304759] ? ktime_get_ts64+0x86/0x230 [ 24.304841] kunit_try_run_case+0x1a5/0x480 [ 24.304948] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.305033] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.305157] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.305245] ? __kthread_parkme+0x82/0x180 [ 24.305323] ? preempt_count_sub+0x50/0x80 [ 24.305409] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.305494] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.305578] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.305664] kthread+0x337/0x6f0 [ 24.305736] ? trace_preempt_on+0x20/0xc0 [ 24.305814] ? __pfx_kthread+0x10/0x10 [ 24.305905] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.305984] ? calculate_sigpending+0x7b/0xa0 [ 24.306062] ? __pfx_kthread+0x10/0x10 [ 24.306183] ret_from_fork+0x116/0x1d0 [ 24.306260] ? __pfx_kthread+0x10/0x10 [ 24.306334] ret_from_fork_asm+0x1a/0x30 [ 24.306428] </TASK> [ 24.306469] [ 24.326691] Allocated by task 283: [ 24.326997] kasan_save_stack+0x45/0x70 [ 24.328057] kasan_save_track+0x18/0x40 [ 24.328439] kasan_save_alloc_info+0x3b/0x50 [ 24.328661] __kasan_kmalloc+0xb7/0xc0 [ 24.328826] __kmalloc_cache_noprof+0x189/0x420 [ 24.329038] kasan_atomics+0x95/0x310 [ 24.330349] kunit_try_run_case+0x1a5/0x480 [ 24.330810] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.331322] kthread+0x337/0x6f0 [ 24.331683] ret_from_fork+0x116/0x1d0 [ 24.332040] ret_from_fork_asm+0x1a/0x30 [ 24.332404] [ 24.332644] The buggy address belongs to the object at ffff8881038ee700 [ 24.332644] which belongs to the cache kmalloc-64 of size 64 [ 24.333564] The buggy address is located 0 bytes to the right of [ 24.333564] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 24.334549] [ 24.334860] The buggy address belongs to the physical page: [ 24.335445] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 24.336313] flags: 0x200000000000000(node=0|zone=2) [ 24.336700] page_type: f5(slab) [ 24.337214] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.337987] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.338721] page dumped because: kasan: bad access detected [ 24.339151] [ 24.339386] Memory state around the buggy address: [ 24.339951] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.340698] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.341372] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.342031] ^ [ 24.342599] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.343329] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.343971] ================================================================== [ 24.033244] ================================================================== [ 24.034011] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 24.034960] Write of size 8 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 24.035462] [ 24.035694] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 24.035800] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.035897] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.035966] Call Trace: [ 24.036018] <TASK> [ 24.036108] dump_stack_lvl+0x73/0xb0 [ 24.036201] print_report+0xd1/0x650 [ 24.036281] ? __virt_addr_valid+0x1db/0x2d0 [ 24.036358] ? kasan_atomics_helper+0x19e3/0x5450 [ 24.036433] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.036511] ? kasan_atomics_helper+0x19e3/0x5450 [ 24.036588] kasan_report+0x141/0x180 [ 24.036664] ? kasan_atomics_helper+0x19e3/0x5450 [ 24.036754] kasan_check_range+0x10c/0x1c0 [ 24.036834] __kasan_check_write+0x18/0x20 [ 24.036967] kasan_atomics_helper+0x19e3/0x5450 [ 24.037058] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.037150] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.037235] ? kasan_save_alloc_info+0x3b/0x50 [ 24.037320] ? kasan_atomics+0x152/0x310 [ 24.037407] kasan_atomics+0x1dc/0x310 [ 24.037529] ? __pfx_kasan_atomics+0x10/0x10 [ 24.037618] ? __pfx_read_tsc+0x10/0x10 [ 24.037690] ? ktime_get_ts64+0x86/0x230 [ 24.037772] kunit_try_run_case+0x1a5/0x480 [ 24.037823] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.037861] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.037926] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.037962] ? __kthread_parkme+0x82/0x180 [ 24.037995] ? preempt_count_sub+0x50/0x80 [ 24.038031] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.038070] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.038124] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.038177] kthread+0x337/0x6f0 [ 24.038208] ? trace_preempt_on+0x20/0xc0 [ 24.038243] ? __pfx_kthread+0x10/0x10 [ 24.038284] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.038318] ? calculate_sigpending+0x7b/0xa0 [ 24.038354] ? __pfx_kthread+0x10/0x10 [ 24.038385] ret_from_fork+0x116/0x1d0 [ 24.038414] ? __pfx_kthread+0x10/0x10 [ 24.038445] ret_from_fork_asm+0x1a/0x30 [ 24.038489] </TASK> [ 24.038505] [ 24.057444] Allocated by task 283: [ 24.057829] kasan_save_stack+0x45/0x70 [ 24.058269] kasan_save_track+0x18/0x40 [ 24.058740] kasan_save_alloc_info+0x3b/0x50 [ 24.059225] __kasan_kmalloc+0xb7/0xc0 [ 24.059657] __kmalloc_cache_noprof+0x189/0x420 [ 24.060049] kasan_atomics+0x95/0x310 [ 24.060455] kunit_try_run_case+0x1a5/0x480 [ 24.060971] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.061510] kthread+0x337/0x6f0 [ 24.061809] ret_from_fork+0x116/0x1d0 [ 24.062327] ret_from_fork_asm+0x1a/0x30 [ 24.062817] [ 24.063106] The buggy address belongs to the object at ffff8881038ee700 [ 24.063106] which belongs to the cache kmalloc-64 of size 64 [ 24.064048] The buggy address is located 0 bytes to the right of [ 24.064048] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 24.066980] [ 24.067278] The buggy address belongs to the physical page: [ 24.067700] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 24.068227] flags: 0x200000000000000(node=0|zone=2) [ 24.068717] page_type: f5(slab) [ 24.069151] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.070065] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.070738] page dumped because: kasan: bad access detected [ 24.071144] [ 24.071384] Memory state around the buggy address: [ 24.071901] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.072539] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.073032] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.073956] ^ [ 24.074754] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.075418] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.075948] ================================================================== [ 24.122241] ================================================================== [ 24.123393] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 24.123930] Write of size 8 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 24.124554] [ 24.125027] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 24.125154] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.125195] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.125259] Call Trace: [ 24.125302] <TASK> [ 24.125345] dump_stack_lvl+0x73/0xb0 [ 24.125437] print_report+0xd1/0x650 [ 24.125508] ? __virt_addr_valid+0x1db/0x2d0 [ 24.125592] ? kasan_atomics_helper+0x1b22/0x5450 [ 24.125739] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.126078] ? kasan_atomics_helper+0x1b22/0x5450 [ 24.126186] kasan_report+0x141/0x180 [ 24.126280] ? kasan_atomics_helper+0x1b22/0x5450 [ 24.126371] kasan_check_range+0x10c/0x1c0 [ 24.126455] __kasan_check_write+0x18/0x20 [ 24.126528] kasan_atomics_helper+0x1b22/0x5450 [ 24.126608] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.126688] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.126770] ? kasan_save_alloc_info+0x3b/0x50 [ 24.127062] ? kasan_atomics+0x152/0x310 [ 24.127178] kasan_atomics+0x1dc/0x310 [ 24.127260] ? __pfx_kasan_atomics+0x10/0x10 [ 24.127311] ? __pfx_read_tsc+0x10/0x10 [ 24.127348] ? ktime_get_ts64+0x86/0x230 [ 24.127384] kunit_try_run_case+0x1a5/0x480 [ 24.127425] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.127462] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.127499] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.127536] ? __kthread_parkme+0x82/0x180 [ 24.127566] ? preempt_count_sub+0x50/0x80 [ 24.127599] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.127636] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.127673] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.127711] kthread+0x337/0x6f0 [ 24.127739] ? trace_preempt_on+0x20/0xc0 [ 24.127774] ? __pfx_kthread+0x10/0x10 [ 24.127804] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.127837] ? calculate_sigpending+0x7b/0xa0 [ 24.127871] ? __pfx_kthread+0x10/0x10 [ 24.127934] ret_from_fork+0x116/0x1d0 [ 24.127964] ? __pfx_kthread+0x10/0x10 [ 24.127996] ret_from_fork_asm+0x1a/0x30 [ 24.128039] </TASK> [ 24.128055] [ 24.146460] Allocated by task 283: [ 24.147049] kasan_save_stack+0x45/0x70 [ 24.147533] kasan_save_track+0x18/0x40 [ 24.147916] kasan_save_alloc_info+0x3b/0x50 [ 24.148546] __kasan_kmalloc+0xb7/0xc0 [ 24.149084] __kmalloc_cache_noprof+0x189/0x420 [ 24.149610] kasan_atomics+0x95/0x310 [ 24.150300] kunit_try_run_case+0x1a5/0x480 [ 24.150749] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.151511] kthread+0x337/0x6f0 [ 24.152151] ret_from_fork+0x116/0x1d0 [ 24.152511] ret_from_fork_asm+0x1a/0x30 [ 24.153082] [ 24.153372] The buggy address belongs to the object at ffff8881038ee700 [ 24.153372] which belongs to the cache kmalloc-64 of size 64 [ 24.154474] The buggy address is located 0 bytes to the right of [ 24.154474] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 24.155503] [ 24.155931] The buggy address belongs to the physical page: [ 24.156514] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 24.157388] flags: 0x200000000000000(node=0|zone=2) [ 24.158032] page_type: f5(slab) [ 24.158634] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.159426] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.160177] page dumped because: kasan: bad access detected [ 24.161034] [ 24.161277] Memory state around the buggy address: [ 24.161628] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.162426] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.163258] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.163999] ^ [ 24.164811] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.165525] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.166325] ================================================================== [ 22.422566] ================================================================== [ 22.423796] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 22.424331] Write of size 4 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 22.424951] [ 22.426189] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 22.426270] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.426292] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.426325] Call Trace: [ 22.426350] <TASK> [ 22.426372] dump_stack_lvl+0x73/0xb0 [ 22.426417] print_report+0xd1/0x650 [ 22.426450] ? __virt_addr_valid+0x1db/0x2d0 [ 22.426485] ? kasan_atomics_helper+0x72f/0x5450 [ 22.426518] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.426550] ? kasan_atomics_helper+0x72f/0x5450 [ 22.426583] kasan_report+0x141/0x180 [ 22.426614] ? kasan_atomics_helper+0x72f/0x5450 [ 22.426652] kasan_check_range+0x10c/0x1c0 [ 22.426687] __kasan_check_write+0x18/0x20 [ 22.426715] kasan_atomics_helper+0x72f/0x5450 [ 22.426749] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.426781] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.426817] ? kasan_save_alloc_info+0x3b/0x50 [ 22.426851] ? kasan_atomics+0x152/0x310 [ 22.426915] kasan_atomics+0x1dc/0x310 [ 22.426954] ? __pfx_kasan_atomics+0x10/0x10 [ 22.426990] ? __pfx_read_tsc+0x10/0x10 [ 22.427022] ? ktime_get_ts64+0x86/0x230 [ 22.427057] kunit_try_run_case+0x1a5/0x480 [ 22.427095] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.427174] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.427211] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.427249] ? __kthread_parkme+0x82/0x180 [ 22.427279] ? preempt_count_sub+0x50/0x80 [ 22.427312] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.427348] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.427383] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.427419] kthread+0x337/0x6f0 [ 22.427446] ? trace_preempt_on+0x20/0xc0 [ 22.427479] ? __pfx_kthread+0x10/0x10 [ 22.427509] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.427541] ? calculate_sigpending+0x7b/0xa0 [ 22.427577] ? __pfx_kthread+0x10/0x10 [ 22.427608] ret_from_fork+0x116/0x1d0 [ 22.427637] ? __pfx_kthread+0x10/0x10 [ 22.427667] ret_from_fork_asm+0x1a/0x30 [ 22.427710] </TASK> [ 22.427725] [ 22.448664] Allocated by task 283: [ 22.448988] kasan_save_stack+0x45/0x70 [ 22.449721] kasan_save_track+0x18/0x40 [ 22.450163] kasan_save_alloc_info+0x3b/0x50 [ 22.450852] __kasan_kmalloc+0xb7/0xc0 [ 22.451477] __kmalloc_cache_noprof+0x189/0x420 [ 22.451971] kasan_atomics+0x95/0x310 [ 22.452630] kunit_try_run_case+0x1a5/0x480 [ 22.453089] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.453938] kthread+0x337/0x6f0 [ 22.454571] ret_from_fork+0x116/0x1d0 [ 22.455034] ret_from_fork_asm+0x1a/0x30 [ 22.455764] [ 22.456012] The buggy address belongs to the object at ffff8881038ee700 [ 22.456012] which belongs to the cache kmalloc-64 of size 64 [ 22.456905] The buggy address is located 0 bytes to the right of [ 22.456905] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 22.458586] [ 22.459028] The buggy address belongs to the physical page: [ 22.459702] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 22.460638] flags: 0x200000000000000(node=0|zone=2) [ 22.461081] page_type: f5(slab) [ 22.461693] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.462498] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.463353] page dumped because: kasan: bad access detected [ 22.463759] [ 22.464261] Memory state around the buggy address: [ 22.464648] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.465201] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.465734] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.466374] ^ [ 22.466784] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.467538] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.468170] ================================================================== [ 23.182361] ================================================================== [ 23.182770] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 23.183158] Read of size 4 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 23.183506] [ 23.183670] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 23.183765] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.183794] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.183839] Call Trace: [ 23.184269] <TASK> [ 23.184321] dump_stack_lvl+0x73/0xb0 [ 23.184403] print_report+0xd1/0x650 [ 23.184473] ? __virt_addr_valid+0x1db/0x2d0 [ 23.184544] ? kasan_atomics_helper+0x4a1c/0x5450 [ 23.184608] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.188653] ? kasan_atomics_helper+0x4a1c/0x5450 [ 23.188718] kasan_report+0x141/0x180 [ 23.188772] ? kasan_atomics_helper+0x4a1c/0x5450 [ 23.188835] __asan_report_load4_noabort+0x18/0x20 [ 23.188924] kasan_atomics_helper+0x4a1c/0x5450 [ 23.188987] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.189039] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.189126] ? kasan_save_alloc_info+0x3b/0x50 [ 23.189189] ? kasan_atomics+0x152/0x310 [ 23.189250] kasan_atomics+0x1dc/0x310 [ 23.189303] ? __pfx_kasan_atomics+0x10/0x10 [ 23.189359] ? __pfx_read_tsc+0x10/0x10 [ 23.189408] ? ktime_get_ts64+0x86/0x230 [ 23.189462] kunit_try_run_case+0x1a5/0x480 [ 23.189519] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.189572] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.189625] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.189689] ? __kthread_parkme+0x82/0x180 [ 23.189763] ? preempt_count_sub+0x50/0x80 [ 23.189844] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.189999] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.190061] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.190698] kthread+0x337/0x6f0 [ 23.190770] ? trace_preempt_on+0x20/0xc0 [ 23.190853] ? __pfx_kthread+0x10/0x10 [ 23.190942] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.191010] ? calculate_sigpending+0x7b/0xa0 [ 23.191081] ? __pfx_kthread+0x10/0x10 [ 23.191276] ret_from_fork+0x116/0x1d0 [ 23.191349] ? __pfx_kthread+0x10/0x10 [ 23.191422] ret_from_fork_asm+0x1a/0x30 [ 23.191512] </TASK> [ 23.191552] [ 23.210741] Allocated by task 283: [ 23.211091] kasan_save_stack+0x45/0x70 [ 23.211509] kasan_save_track+0x18/0x40 [ 23.211959] kasan_save_alloc_info+0x3b/0x50 [ 23.212442] __kasan_kmalloc+0xb7/0xc0 [ 23.212858] __kmalloc_cache_noprof+0x189/0x420 [ 23.213244] kasan_atomics+0x95/0x310 [ 23.213495] kunit_try_run_case+0x1a5/0x480 [ 23.213760] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.214078] kthread+0x337/0x6f0 [ 23.214426] ret_from_fork+0x116/0x1d0 [ 23.214838] ret_from_fork_asm+0x1a/0x30 [ 23.215326] [ 23.215564] The buggy address belongs to the object at ffff8881038ee700 [ 23.215564] which belongs to the cache kmalloc-64 of size 64 [ 23.216396] The buggy address is located 0 bytes to the right of [ 23.216396] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 23.217226] [ 23.217372] The buggy address belongs to the physical page: [ 23.217650] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 23.218186] flags: 0x200000000000000(node=0|zone=2) [ 23.218477] page_type: f5(slab) [ 23.218695] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.219234] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.219712] page dumped because: kasan: bad access detected [ 23.222243] [ 23.222601] Memory state around the buggy address: [ 23.223650] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.224231] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.224734] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.225097] ^ [ 23.226135] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.226659] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.227824] ================================================================== [ 23.406802] ================================================================== [ 23.408194] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 23.408859] Write of size 4 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 23.410065] [ 23.410526] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 23.410591] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.410612] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.410642] Call Trace: [ 23.410661] <TASK> [ 23.410679] dump_stack_lvl+0x73/0xb0 [ 23.410723] print_report+0xd1/0x650 [ 23.410758] ? __virt_addr_valid+0x1db/0x2d0 [ 23.410796] ? kasan_atomics_helper+0x12e6/0x5450 [ 23.410831] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.410864] ? kasan_atomics_helper+0x12e6/0x5450 [ 23.410940] kasan_report+0x141/0x180 [ 23.410976] ? kasan_atomics_helper+0x12e6/0x5450 [ 23.411015] kasan_check_range+0x10c/0x1c0 [ 23.411051] __kasan_check_write+0x18/0x20 [ 23.411112] kasan_atomics_helper+0x12e6/0x5450 [ 23.411198] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.411466] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.411527] ? kasan_save_alloc_info+0x3b/0x50 [ 23.411567] ? kasan_atomics+0x152/0x310 [ 23.411607] kasan_atomics+0x1dc/0x310 [ 23.411643] ? __pfx_kasan_atomics+0x10/0x10 [ 23.411682] ? __pfx_read_tsc+0x10/0x10 [ 23.411714] ? ktime_get_ts64+0x86/0x230 [ 23.411752] kunit_try_run_case+0x1a5/0x480 [ 23.411790] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.411826] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.411861] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.411924] ? __kthread_parkme+0x82/0x180 [ 23.411959] ? preempt_count_sub+0x50/0x80 [ 23.411993] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.412031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.412068] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.412117] kthread+0x337/0x6f0 [ 23.412167] ? trace_preempt_on+0x20/0xc0 [ 23.412202] ? __pfx_kthread+0x10/0x10 [ 23.412232] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.412266] ? calculate_sigpending+0x7b/0xa0 [ 23.412301] ? __pfx_kthread+0x10/0x10 [ 23.412335] ret_from_fork+0x116/0x1d0 [ 23.412363] ? __pfx_kthread+0x10/0x10 [ 23.412394] ret_from_fork_asm+0x1a/0x30 [ 23.412436] </TASK> [ 23.412453] [ 23.433297] Allocated by task 283: [ 23.433549] kasan_save_stack+0x45/0x70 [ 23.434363] kasan_save_track+0x18/0x40 [ 23.434895] kasan_save_alloc_info+0x3b/0x50 [ 23.435537] __kasan_kmalloc+0xb7/0xc0 [ 23.435930] __kmalloc_cache_noprof+0x189/0x420 [ 23.436566] kasan_atomics+0x95/0x310 [ 23.436992] kunit_try_run_case+0x1a5/0x480 [ 23.437599] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.438208] kthread+0x337/0x6f0 [ 23.438567] ret_from_fork+0x116/0x1d0 [ 23.439004] ret_from_fork_asm+0x1a/0x30 [ 23.439702] [ 23.439965] The buggy address belongs to the object at ffff8881038ee700 [ 23.439965] which belongs to the cache kmalloc-64 of size 64 [ 23.441070] The buggy address is located 0 bytes to the right of [ 23.441070] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 23.442228] [ 23.442475] The buggy address belongs to the physical page: [ 23.442963] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 23.444151] flags: 0x200000000000000(node=0|zone=2) [ 23.444631] page_type: f5(slab) [ 23.445304] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.445993] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.446843] page dumped because: kasan: bad access detected [ 23.447456] [ 23.447666] Memory state around the buggy address: [ 23.448399] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.448857] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.449436] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.449964] ^ [ 23.451495] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.451963] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.452363] ================================================================== [ 24.662368] ================================================================== [ 24.663131] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 24.663555] Read of size 8 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 24.664358] [ 24.664625] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 24.664761] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.664831] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.664931] Call Trace: [ 24.664976] <TASK> [ 24.665015] dump_stack_lvl+0x73/0xb0 [ 24.665101] print_report+0xd1/0x650 [ 24.665187] ? __virt_addr_valid+0x1db/0x2d0 [ 24.665272] ? kasan_atomics_helper+0x4fb2/0x5450 [ 24.665352] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.665433] ? kasan_atomics_helper+0x4fb2/0x5450 [ 24.665537] kasan_report+0x141/0x180 [ 24.665646] ? kasan_atomics_helper+0x4fb2/0x5450 [ 24.665735] __asan_report_load8_noabort+0x18/0x20 [ 24.665812] kasan_atomics_helper+0x4fb2/0x5450 [ 24.665872] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.665966] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.666067] ? kasan_save_alloc_info+0x3b/0x50 [ 24.666176] ? kasan_atomics+0x152/0x310 [ 24.666296] kasan_atomics+0x1dc/0x310 [ 24.666386] ? __pfx_kasan_atomics+0x10/0x10 [ 24.666473] ? __pfx_read_tsc+0x10/0x10 [ 24.666549] ? ktime_get_ts64+0x86/0x230 [ 24.666632] kunit_try_run_case+0x1a5/0x480 [ 24.666720] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.666803] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.666928] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.667041] ? __kthread_parkme+0x82/0x180 [ 24.667119] ? preempt_count_sub+0x50/0x80 [ 24.667214] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.667299] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.667379] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.667461] kthread+0x337/0x6f0 [ 24.667529] ? trace_preempt_on+0x20/0xc0 [ 24.667606] ? __pfx_kthread+0x10/0x10 [ 24.667647] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.667683] ? calculate_sigpending+0x7b/0xa0 [ 24.667718] ? __pfx_kthread+0x10/0x10 [ 24.667751] ret_from_fork+0x116/0x1d0 [ 24.667780] ? __pfx_kthread+0x10/0x10 [ 24.667813] ret_from_fork_asm+0x1a/0x30 [ 24.667855] </TASK> [ 24.667870] [ 24.683367] Allocated by task 283: [ 24.683766] kasan_save_stack+0x45/0x70 [ 24.684680] kasan_save_track+0x18/0x40 [ 24.685099] kasan_save_alloc_info+0x3b/0x50 [ 24.686094] __kasan_kmalloc+0xb7/0xc0 [ 24.687620] __kmalloc_cache_noprof+0x189/0x420 [ 24.688758] kasan_atomics+0x95/0x310 [ 24.689147] kunit_try_run_case+0x1a5/0x480 [ 24.689490] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.689931] kthread+0x337/0x6f0 [ 24.690231] ret_from_fork+0x116/0x1d0 [ 24.690681] ret_from_fork_asm+0x1a/0x30 [ 24.691182] [ 24.691371] The buggy address belongs to the object at ffff8881038ee700 [ 24.691371] which belongs to the cache kmalloc-64 of size 64 [ 24.692401] The buggy address is located 0 bytes to the right of [ 24.692401] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 24.693525] [ 24.693749] The buggy address belongs to the physical page: [ 24.694341] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 24.695038] flags: 0x200000000000000(node=0|zone=2) [ 24.695517] page_type: f5(slab) [ 24.695812] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.696586] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.697393] page dumped because: kasan: bad access detected [ 24.697830] [ 24.698155] Memory state around the buggy address: [ 24.698692] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.699445] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.700032] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.700625] ^ [ 24.701187] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.701668] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.702394] ================================================================== [ 24.850707] ================================================================== [ 24.852144] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 24.852763] Read of size 8 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 24.853865] [ 24.854537] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 24.854603] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.854652] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.854714] Call Trace: [ 24.854757] <TASK> [ 24.854803] dump_stack_lvl+0x73/0xb0 [ 24.854945] print_report+0xd1/0x650 [ 24.855029] ? __virt_addr_valid+0x1db/0x2d0 [ 24.855107] ? kasan_atomics_helper+0x5115/0x5450 [ 24.855179] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.855216] ? kasan_atomics_helper+0x5115/0x5450 [ 24.855248] kasan_report+0x141/0x180 [ 24.855283] ? kasan_atomics_helper+0x5115/0x5450 [ 24.855322] __asan_report_load8_noabort+0x18/0x20 [ 24.855360] kasan_atomics_helper+0x5115/0x5450 [ 24.855393] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.855425] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.855460] ? kasan_save_alloc_info+0x3b/0x50 [ 24.855495] ? kasan_atomics+0x152/0x310 [ 24.855532] kasan_atomics+0x1dc/0x310 [ 24.855566] ? __pfx_kasan_atomics+0x10/0x10 [ 24.855602] ? __pfx_read_tsc+0x10/0x10 [ 24.855632] ? ktime_get_ts64+0x86/0x230 [ 24.855668] kunit_try_run_case+0x1a5/0x480 [ 24.855704] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.855739] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.855773] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.855808] ? __kthread_parkme+0x82/0x180 [ 24.855837] ? preempt_count_sub+0x50/0x80 [ 24.855870] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.855934] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.855972] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.856008] kthread+0x337/0x6f0 [ 24.856037] ? trace_preempt_on+0x20/0xc0 [ 24.856071] ? __pfx_kthread+0x10/0x10 [ 24.856112] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.856164] ? calculate_sigpending+0x7b/0xa0 [ 24.856202] ? __pfx_kthread+0x10/0x10 [ 24.856234] ret_from_fork+0x116/0x1d0 [ 24.856261] ? __pfx_kthread+0x10/0x10 [ 24.856290] ret_from_fork_asm+0x1a/0x30 [ 24.856334] </TASK> [ 24.856351] [ 24.875011] Allocated by task 283: [ 24.875541] kasan_save_stack+0x45/0x70 [ 24.876584] kasan_save_track+0x18/0x40 [ 24.877261] kasan_save_alloc_info+0x3b/0x50 [ 24.877723] __kasan_kmalloc+0xb7/0xc0 [ 24.878158] __kmalloc_cache_noprof+0x189/0x420 [ 24.878765] kasan_atomics+0x95/0x310 [ 24.879140] kunit_try_run_case+0x1a5/0x480 [ 24.879638] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.880190] kthread+0x337/0x6f0 [ 24.880551] ret_from_fork+0x116/0x1d0 [ 24.880986] ret_from_fork_asm+0x1a/0x30 [ 24.881427] [ 24.881699] The buggy address belongs to the object at ffff8881038ee700 [ 24.881699] which belongs to the cache kmalloc-64 of size 64 [ 24.882819] The buggy address is located 0 bytes to the right of [ 24.882819] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 24.883765] [ 24.884063] The buggy address belongs to the physical page: [ 24.884556] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 24.885165] flags: 0x200000000000000(node=0|zone=2) [ 24.885674] page_type: f5(slab) [ 24.886262] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.886855] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.887501] page dumped because: kasan: bad access detected [ 24.887891] [ 24.888157] Memory state around the buggy address: [ 24.888655] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.889422] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.890067] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.890692] ^ [ 24.891203] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.891802] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.892495] ================================================================== [ 21.920860] ================================================================== [ 21.922268] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 21.922955] Read of size 4 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 21.924161] [ 21.924646] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 21.924773] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.924800] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.924834] Call Trace: [ 21.924851] <TASK> [ 21.924891] dump_stack_lvl+0x73/0xb0 [ 21.924945] print_report+0xd1/0x650 [ 21.924978] ? __virt_addr_valid+0x1db/0x2d0 [ 21.925011] ? kasan_atomics_helper+0x4bbc/0x5450 [ 21.925042] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.925072] ? kasan_atomics_helper+0x4bbc/0x5450 [ 21.925115] kasan_report+0x141/0x180 [ 21.925167] ? kasan_atomics_helper+0x4bbc/0x5450 [ 21.925203] __asan_report_load4_noabort+0x18/0x20 [ 21.925239] kasan_atomics_helper+0x4bbc/0x5450 [ 21.925274] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.925305] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.925341] ? kasan_save_alloc_info+0x3b/0x50 [ 21.925374] ? kasan_atomics+0x152/0x310 [ 21.925410] kasan_atomics+0x1dc/0x310 [ 21.925442] ? __pfx_kasan_atomics+0x10/0x10 [ 21.925476] ? __pfx_read_tsc+0x10/0x10 [ 21.925505] ? ktime_get_ts64+0x86/0x230 [ 21.925538] kunit_try_run_case+0x1a5/0x480 [ 21.925574] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.925607] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.925640] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.925674] ? __kthread_parkme+0x82/0x180 [ 21.925701] ? preempt_count_sub+0x50/0x80 [ 21.925734] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.925769] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.925802] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.925836] kthread+0x337/0x6f0 [ 21.925863] ? trace_preempt_on+0x20/0xc0 [ 21.925920] ? __pfx_kthread+0x10/0x10 [ 21.925950] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.925982] ? calculate_sigpending+0x7b/0xa0 [ 21.926016] ? __pfx_kthread+0x10/0x10 [ 21.926046] ret_from_fork+0x116/0x1d0 [ 21.926071] ? __pfx_kthread+0x10/0x10 [ 21.926109] ret_from_fork_asm+0x1a/0x30 [ 21.926171] </TASK> [ 21.926188] [ 21.946787] Allocated by task 283: [ 21.947106] kasan_save_stack+0x45/0x70 [ 21.947312] kasan_save_track+0x18/0x40 [ 21.947475] kasan_save_alloc_info+0x3b/0x50 [ 21.947650] __kasan_kmalloc+0xb7/0xc0 [ 21.947808] __kmalloc_cache_noprof+0x189/0x420 [ 21.948139] kasan_atomics+0x95/0x310 [ 21.948522] kunit_try_run_case+0x1a5/0x480 [ 21.949059] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.949666] kthread+0x337/0x6f0 [ 21.950098] ret_from_fork+0x116/0x1d0 [ 21.950602] ret_from_fork_asm+0x1a/0x30 [ 21.951053] [ 21.951300] The buggy address belongs to the object at ffff8881038ee700 [ 21.951300] which belongs to the cache kmalloc-64 of size 64 [ 21.952164] The buggy address is located 0 bytes to the right of [ 21.952164] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 21.953283] [ 21.953581] The buggy address belongs to the physical page: [ 21.954338] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 21.955078] flags: 0x200000000000000(node=0|zone=2) [ 21.955707] page_type: f5(slab) [ 21.956065] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.956546] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.957259] page dumped because: kasan: bad access detected [ 21.958087] [ 21.958321] Memory state around the buggy address: [ 21.958898] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.959489] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.960162] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.960809] ^ [ 21.961385] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.962018] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.962686] ================================================================== [ 22.243250] ================================================================== [ 22.243741] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 22.244324] Write of size 4 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 22.245108] [ 22.245343] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 22.245459] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.245498] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.245555] Call Trace: [ 22.245593] <TASK> [ 22.245635] dump_stack_lvl+0x73/0xb0 [ 22.245730] print_report+0xd1/0x650 [ 22.245818] ? __virt_addr_valid+0x1db/0x2d0 [ 22.245920] ? kasan_atomics_helper+0x4b3a/0x5450 [ 22.246000] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.246120] ? kasan_atomics_helper+0x4b3a/0x5450 [ 22.246201] kasan_report+0x141/0x180 [ 22.246327] ? kasan_atomics_helper+0x4b3a/0x5450 [ 22.246421] __asan_report_store4_noabort+0x1b/0x30 [ 22.246499] kasan_atomics_helper+0x4b3a/0x5450 [ 22.246580] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.246660] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.246782] ? kasan_save_alloc_info+0x3b/0x50 [ 22.246869] ? kasan_atomics+0x152/0x310 [ 22.246978] kasan_atomics+0x1dc/0x310 [ 22.247099] ? __pfx_kasan_atomics+0x10/0x10 [ 22.247202] ? __pfx_read_tsc+0x10/0x10 [ 22.247276] ? ktime_get_ts64+0x86/0x230 [ 22.247335] kunit_try_run_case+0x1a5/0x480 [ 22.247377] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.247413] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.247459] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.247539] ? __kthread_parkme+0x82/0x180 [ 22.247651] ? preempt_count_sub+0x50/0x80 [ 22.247738] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.247826] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.247933] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.248061] kthread+0x337/0x6f0 [ 22.248137] ? trace_preempt_on+0x20/0xc0 [ 22.248218] ? __pfx_kthread+0x10/0x10 [ 22.248277] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.248312] ? calculate_sigpending+0x7b/0xa0 [ 22.248347] ? __pfx_kthread+0x10/0x10 [ 22.248382] ret_from_fork+0x116/0x1d0 [ 22.248412] ? __pfx_kthread+0x10/0x10 [ 22.248444] ret_from_fork_asm+0x1a/0x30 [ 22.248487] </TASK> [ 22.248505] [ 22.264919] Allocated by task 283: [ 22.265293] kasan_save_stack+0x45/0x70 [ 22.265783] kasan_save_track+0x18/0x40 [ 22.266215] kasan_save_alloc_info+0x3b/0x50 [ 22.266594] __kasan_kmalloc+0xb7/0xc0 [ 22.266974] __kmalloc_cache_noprof+0x189/0x420 [ 22.267726] kasan_atomics+0x95/0x310 [ 22.268200] kunit_try_run_case+0x1a5/0x480 [ 22.268558] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.269023] kthread+0x337/0x6f0 [ 22.270703] ret_from_fork+0x116/0x1d0 [ 22.271160] ret_from_fork_asm+0x1a/0x30 [ 22.271612] [ 22.271842] The buggy address belongs to the object at ffff8881038ee700 [ 22.271842] which belongs to the cache kmalloc-64 of size 64 [ 22.273705] The buggy address is located 0 bytes to the right of [ 22.273705] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 22.274457] [ 22.275690] The buggy address belongs to the physical page: [ 22.276470] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 22.277418] flags: 0x200000000000000(node=0|zone=2) [ 22.277932] page_type: f5(slab) [ 22.278336] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.279007] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.279713] page dumped because: kasan: bad access detected [ 22.280237] [ 22.280500] Memory state around the buggy address: [ 22.280996] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.281621] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.282331] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.283117] ^ [ 22.283608] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.284204] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.284920] ================================================================== [ 23.099897] ================================================================== [ 23.100781] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 23.101410] Read of size 4 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 23.102100] [ 23.102395] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 23.102517] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.102557] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.102618] Call Trace: [ 23.102660] <TASK> [ 23.102704] dump_stack_lvl+0x73/0xb0 [ 23.102788] print_report+0xd1/0x650 [ 23.102866] ? __virt_addr_valid+0x1db/0x2d0 [ 23.103006] ? kasan_atomics_helper+0x4a36/0x5450 [ 23.103095] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.103213] ? kasan_atomics_helper+0x4a36/0x5450 [ 23.103303] kasan_report+0x141/0x180 [ 23.103463] ? kasan_atomics_helper+0x4a36/0x5450 [ 23.103559] __asan_report_load4_noabort+0x18/0x20 [ 23.103643] kasan_atomics_helper+0x4a36/0x5450 [ 23.103724] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.103804] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.103906] ? kasan_save_alloc_info+0x3b/0x50 [ 23.104032] ? kasan_atomics+0x152/0x310 [ 23.104126] kasan_atomics+0x1dc/0x310 [ 23.104217] ? __pfx_kasan_atomics+0x10/0x10 [ 23.104340] ? __pfx_read_tsc+0x10/0x10 [ 23.104421] ? ktime_get_ts64+0x86/0x230 [ 23.104509] kunit_try_run_case+0x1a5/0x480 [ 23.104581] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.104622] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.104657] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.104695] ? __kthread_parkme+0x82/0x180 [ 23.104726] ? preempt_count_sub+0x50/0x80 [ 23.104759] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.104796] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.104831] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.104867] kthread+0x337/0x6f0 [ 23.104927] ? trace_preempt_on+0x20/0xc0 [ 23.104962] ? __pfx_kthread+0x10/0x10 [ 23.104993] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.105026] ? calculate_sigpending+0x7b/0xa0 [ 23.105063] ? __pfx_kthread+0x10/0x10 [ 23.105102] ret_from_fork+0x116/0x1d0 [ 23.105173] ? __pfx_kthread+0x10/0x10 [ 23.105207] ret_from_fork_asm+0x1a/0x30 [ 23.105252] </TASK> [ 23.105271] [ 23.117705] Allocated by task 283: [ 23.118230] kasan_save_stack+0x45/0x70 [ 23.118687] kasan_save_track+0x18/0x40 [ 23.119145] kasan_save_alloc_info+0x3b/0x50 [ 23.119901] __kasan_kmalloc+0xb7/0xc0 [ 23.120442] __kmalloc_cache_noprof+0x189/0x420 [ 23.120965] kasan_atomics+0x95/0x310 [ 23.121357] kunit_try_run_case+0x1a5/0x480 [ 23.121655] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.122189] kthread+0x337/0x6f0 [ 23.122661] ret_from_fork+0x116/0x1d0 [ 23.123162] ret_from_fork_asm+0x1a/0x30 [ 23.123601] [ 23.124181] The buggy address belongs to the object at ffff8881038ee700 [ 23.124181] which belongs to the cache kmalloc-64 of size 64 [ 23.125296] The buggy address is located 0 bytes to the right of [ 23.125296] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 23.126389] [ 23.126634] The buggy address belongs to the physical page: [ 23.128041] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 23.130310] flags: 0x200000000000000(node=0|zone=2) [ 23.130676] page_type: f5(slab) [ 23.133200] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.133859] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.135525] page dumped because: kasan: bad access detected [ 23.135820] [ 23.135980] Memory state around the buggy address: [ 23.136256] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.136613] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.137627] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.138134] ^ [ 23.139430] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.140631] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.141118] ================================================================== [ 24.434030] ================================================================== [ 24.435557] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 24.436175] Write of size 8 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 24.436788] [ 24.437869] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 24.437981] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.438002] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.438034] Call Trace: [ 24.438053] <TASK> [ 24.438070] dump_stack_lvl+0x73/0xb0 [ 24.438153] print_report+0xd1/0x650 [ 24.438193] ? __virt_addr_valid+0x1db/0x2d0 [ 24.438228] ? kasan_atomics_helper+0x1f43/0x5450 [ 24.438271] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.438306] ? kasan_atomics_helper+0x1f43/0x5450 [ 24.438339] kasan_report+0x141/0x180 [ 24.438373] ? kasan_atomics_helper+0x1f43/0x5450 [ 24.438414] kasan_check_range+0x10c/0x1c0 [ 24.438448] __kasan_check_write+0x18/0x20 [ 24.438477] kasan_atomics_helper+0x1f43/0x5450 [ 24.438509] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.438542] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.438578] ? kasan_save_alloc_info+0x3b/0x50 [ 24.438614] ? kasan_atomics+0x152/0x310 [ 24.438652] kasan_atomics+0x1dc/0x310 [ 24.438686] ? __pfx_kasan_atomics+0x10/0x10 [ 24.438723] ? __pfx_read_tsc+0x10/0x10 [ 24.438753] ? ktime_get_ts64+0x86/0x230 [ 24.438786] kunit_try_run_case+0x1a5/0x480 [ 24.438822] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.438857] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.438918] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.438957] ? __kthread_parkme+0x82/0x180 [ 24.438988] ? preempt_count_sub+0x50/0x80 [ 24.439022] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.439059] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.439100] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.439174] kthread+0x337/0x6f0 [ 24.439205] ? trace_preempt_on+0x20/0xc0 [ 24.439239] ? __pfx_kthread+0x10/0x10 [ 24.439270] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.439302] ? calculate_sigpending+0x7b/0xa0 [ 24.439337] ? __pfx_kthread+0x10/0x10 [ 24.439370] ret_from_fork+0x116/0x1d0 [ 24.439397] ? __pfx_kthread+0x10/0x10 [ 24.439428] ret_from_fork_asm+0x1a/0x30 [ 24.439470] </TASK> [ 24.439487] [ 24.459011] Allocated by task 283: [ 24.459486] kasan_save_stack+0x45/0x70 [ 24.460256] kasan_save_track+0x18/0x40 [ 24.460581] kasan_save_alloc_info+0x3b/0x50 [ 24.460947] __kasan_kmalloc+0xb7/0xc0 [ 24.461651] __kmalloc_cache_noprof+0x189/0x420 [ 24.462285] kasan_atomics+0x95/0x310 [ 24.462790] kunit_try_run_case+0x1a5/0x480 [ 24.463413] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.463936] kthread+0x337/0x6f0 [ 24.464360] ret_from_fork+0x116/0x1d0 [ 24.465010] ret_from_fork_asm+0x1a/0x30 [ 24.465540] [ 24.465896] The buggy address belongs to the object at ffff8881038ee700 [ 24.465896] which belongs to the cache kmalloc-64 of size 64 [ 24.467090] The buggy address is located 0 bytes to the right of [ 24.467090] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 24.468442] [ 24.468681] The buggy address belongs to the physical page: [ 24.469391] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 24.470212] flags: 0x200000000000000(node=0|zone=2) [ 24.470716] page_type: f5(slab) [ 24.471152] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.471765] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.472435] page dumped because: kasan: bad access detected [ 24.472931] [ 24.473229] Memory state around the buggy address: [ 24.473681] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.474380] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.475030] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.475650] ^ [ 24.476189] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.476718] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.477452] ================================================================== [ 24.572690] ================================================================== [ 24.573175] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 24.575051] Read of size 8 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 24.575632] [ 24.576225] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 24.576295] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.576315] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.576348] Call Trace: [ 24.576367] <TASK> [ 24.576386] dump_stack_lvl+0x73/0xb0 [ 24.576431] print_report+0xd1/0x650 [ 24.576467] ? __virt_addr_valid+0x1db/0x2d0 [ 24.576501] ? kasan_atomics_helper+0x4f98/0x5450 [ 24.576532] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.576567] ? kasan_atomics_helper+0x4f98/0x5450 [ 24.576600] kasan_report+0x141/0x180 [ 24.576632] ? kasan_atomics_helper+0x4f98/0x5450 [ 24.576670] __asan_report_load8_noabort+0x18/0x20 [ 24.576707] kasan_atomics_helper+0x4f98/0x5450 [ 24.576740] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.576772] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.576808] ? kasan_save_alloc_info+0x3b/0x50 [ 24.576842] ? kasan_atomics+0x152/0x310 [ 24.576902] kasan_atomics+0x1dc/0x310 [ 24.576941] ? __pfx_kasan_atomics+0x10/0x10 [ 24.576979] ? __pfx_read_tsc+0x10/0x10 [ 24.577009] ? ktime_get_ts64+0x86/0x230 [ 24.577044] kunit_try_run_case+0x1a5/0x480 [ 24.577079] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.577150] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.577191] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.577228] ? __kthread_parkme+0x82/0x180 [ 24.577259] ? preempt_count_sub+0x50/0x80 [ 24.577291] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.577328] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.577364] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.577403] kthread+0x337/0x6f0 [ 24.577432] ? trace_preempt_on+0x20/0xc0 [ 24.577466] ? __pfx_kthread+0x10/0x10 [ 24.577497] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.577530] ? calculate_sigpending+0x7b/0xa0 [ 24.577564] ? __pfx_kthread+0x10/0x10 [ 24.577595] ret_from_fork+0x116/0x1d0 [ 24.577622] ? __pfx_kthread+0x10/0x10 [ 24.577651] ret_from_fork_asm+0x1a/0x30 [ 24.577693] </TASK> [ 24.577711] [ 24.597380] Allocated by task 283: [ 24.597755] kasan_save_stack+0x45/0x70 [ 24.598188] kasan_save_track+0x18/0x40 [ 24.598588] kasan_save_alloc_info+0x3b/0x50 [ 24.599683] __kasan_kmalloc+0xb7/0xc0 [ 24.600017] __kmalloc_cache_noprof+0x189/0x420 [ 24.600745] kasan_atomics+0x95/0x310 [ 24.601370] kunit_try_run_case+0x1a5/0x480 [ 24.601939] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.602608] kthread+0x337/0x6f0 [ 24.603014] ret_from_fork+0x116/0x1d0 [ 24.603646] ret_from_fork_asm+0x1a/0x30 [ 24.604251] [ 24.604481] The buggy address belongs to the object at ffff8881038ee700 [ 24.604481] which belongs to the cache kmalloc-64 of size 64 [ 24.605920] The buggy address is located 0 bytes to the right of [ 24.605920] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 24.606942] [ 24.607595] The buggy address belongs to the physical page: [ 24.608023] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 24.608964] flags: 0x200000000000000(node=0|zone=2) [ 24.609427] page_type: f5(slab) [ 24.609800] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.610778] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.611569] page dumped because: kasan: bad access detected [ 24.612239] [ 24.612436] Memory state around the buggy address: [ 24.613076] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.614108] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.614504] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.614751] ^ [ 24.615078] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.616567] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.617387] ================================================================== [ 23.142682] ================================================================== [ 23.143275] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 23.144512] Write of size 4 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 23.145171] [ 23.145435] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 23.145555] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.145598] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.145657] Call Trace: [ 23.145682] <TASK> [ 23.145703] dump_stack_lvl+0x73/0xb0 [ 23.145747] print_report+0xd1/0x650 [ 23.145781] ? __virt_addr_valid+0x1db/0x2d0 [ 23.145850] ? kasan_atomics_helper+0x1079/0x5450 [ 23.145934] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.146014] ? kasan_atomics_helper+0x1079/0x5450 [ 23.146094] kasan_report+0x141/0x180 [ 23.146220] ? kasan_atomics_helper+0x1079/0x5450 [ 23.146321] kasan_check_range+0x10c/0x1c0 [ 23.146405] __kasan_check_write+0x18/0x20 [ 23.146480] kasan_atomics_helper+0x1079/0x5450 [ 23.146562] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.146639] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.146718] ? kasan_save_alloc_info+0x3b/0x50 [ 23.146799] ? kasan_atomics+0x152/0x310 [ 23.146870] kasan_atomics+0x1dc/0x310 [ 23.146932] ? __pfx_kasan_atomics+0x10/0x10 [ 23.146972] ? __pfx_read_tsc+0x10/0x10 [ 23.147005] ? ktime_get_ts64+0x86/0x230 [ 23.147041] kunit_try_run_case+0x1a5/0x480 [ 23.147078] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.147150] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.147190] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.147228] ? __kthread_parkme+0x82/0x180 [ 23.147271] ? preempt_count_sub+0x50/0x80 [ 23.147307] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.147344] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.147380] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.147416] kthread+0x337/0x6f0 [ 23.147444] ? trace_preempt_on+0x20/0xc0 [ 23.147478] ? __pfx_kthread+0x10/0x10 [ 23.147508] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.147568] ? calculate_sigpending+0x7b/0xa0 [ 23.147605] ? __pfx_kthread+0x10/0x10 [ 23.147637] ret_from_fork+0x116/0x1d0 [ 23.147664] ? __pfx_kthread+0x10/0x10 [ 23.147695] ret_from_fork_asm+0x1a/0x30 [ 23.147737] </TASK> [ 23.147754] [ 23.160194] Allocated by task 283: [ 23.160812] kasan_save_stack+0x45/0x70 [ 23.161279] kasan_save_track+0x18/0x40 [ 23.161727] kasan_save_alloc_info+0x3b/0x50 [ 23.162180] __kasan_kmalloc+0xb7/0xc0 [ 23.162506] __kmalloc_cache_noprof+0x189/0x420 [ 23.162857] kasan_atomics+0x95/0x310 [ 23.163288] kunit_try_run_case+0x1a5/0x480 [ 23.163826] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.164900] kthread+0x337/0x6f0 [ 23.166934] ret_from_fork+0x116/0x1d0 [ 23.167208] ret_from_fork_asm+0x1a/0x30 [ 23.167464] [ 23.167864] The buggy address belongs to the object at ffff8881038ee700 [ 23.167864] which belongs to the cache kmalloc-64 of size 64 [ 23.170545] The buggy address is located 0 bytes to the right of [ 23.170545] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 23.171171] [ 23.171311] The buggy address belongs to the physical page: [ 23.171585] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 23.172336] flags: 0x200000000000000(node=0|zone=2) [ 23.172626] page_type: f5(slab) [ 23.172840] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.173338] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.174588] page dumped because: kasan: bad access detected [ 23.175149] [ 23.175371] Memory state around the buggy address: [ 23.175828] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.176254] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.177726] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.178613] ^ [ 23.179127] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.179930] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.180630] ================================================================== [ 23.273156] ================================================================== [ 23.274002] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 23.274903] Read of size 4 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 23.275820] [ 23.276465] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 23.276589] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.276612] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.276659] Call Trace: [ 23.276684] <TASK> [ 23.276706] dump_stack_lvl+0x73/0xb0 [ 23.276777] print_report+0xd1/0x650 [ 23.276826] ? __virt_addr_valid+0x1db/0x2d0 [ 23.276862] ? kasan_atomics_helper+0x4a02/0x5450 [ 23.276944] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.277023] ? kasan_atomics_helper+0x4a02/0x5450 [ 23.277085] kasan_report+0x141/0x180 [ 23.277156] ? kasan_atomics_helper+0x4a02/0x5450 [ 23.277199] __asan_report_load4_noabort+0x18/0x20 [ 23.277237] kasan_atomics_helper+0x4a02/0x5450 [ 23.277271] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.277306] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.277343] ? kasan_save_alloc_info+0x3b/0x50 [ 23.277378] ? kasan_atomics+0x152/0x310 [ 23.277417] kasan_atomics+0x1dc/0x310 [ 23.277451] ? __pfx_kasan_atomics+0x10/0x10 [ 23.277487] ? __pfx_read_tsc+0x10/0x10 [ 23.277519] ? ktime_get_ts64+0x86/0x230 [ 23.277555] kunit_try_run_case+0x1a5/0x480 [ 23.277591] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.277628] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.277662] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.277698] ? __kthread_parkme+0x82/0x180 [ 23.277727] ? preempt_count_sub+0x50/0x80 [ 23.277761] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.277797] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.277832] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.277868] kthread+0x337/0x6f0 [ 23.277925] ? trace_preempt_on+0x20/0xc0 [ 23.277960] ? __pfx_kthread+0x10/0x10 [ 23.277991] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.278023] ? calculate_sigpending+0x7b/0xa0 [ 23.278058] ? __pfx_kthread+0x10/0x10 [ 23.278090] ret_from_fork+0x116/0x1d0 [ 23.278147] ? __pfx_kthread+0x10/0x10 [ 23.278181] ret_from_fork_asm+0x1a/0x30 [ 23.278225] </TASK> [ 23.278243] [ 23.295048] Allocated by task 283: [ 23.295344] kasan_save_stack+0x45/0x70 [ 23.295791] kasan_save_track+0x18/0x40 [ 23.296238] kasan_save_alloc_info+0x3b/0x50 [ 23.296710] __kasan_kmalloc+0xb7/0xc0 [ 23.297158] __kmalloc_cache_noprof+0x189/0x420 [ 23.297631] kasan_atomics+0x95/0x310 [ 23.298019] kunit_try_run_case+0x1a5/0x480 [ 23.298446] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.298865] kthread+0x337/0x6f0 [ 23.299187] ret_from_fork+0x116/0x1d0 [ 23.299853] ret_from_fork_asm+0x1a/0x30 [ 23.300292] [ 23.300537] The buggy address belongs to the object at ffff8881038ee700 [ 23.300537] which belongs to the cache kmalloc-64 of size 64 [ 23.301609] The buggy address is located 0 bytes to the right of [ 23.301609] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 23.302386] [ 23.302577] The buggy address belongs to the physical page: [ 23.303106] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 23.303991] flags: 0x200000000000000(node=0|zone=2) [ 23.304706] page_type: f5(slab) [ 23.305109] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.305639] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.306393] page dumped because: kasan: bad access detected [ 23.306870] [ 23.307079] Memory state around the buggy address: [ 23.307542] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.308173] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.308696] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.309165] ^ [ 23.309513] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.310183] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.311110] ================================================================== [ 24.256925] ================================================================== [ 24.258248] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 24.260359] Write of size 8 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 24.261869] [ 24.262085] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 24.262185] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.262217] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.262280] Call Trace: [ 24.262311] <TASK> [ 24.262340] dump_stack_lvl+0x73/0xb0 [ 24.262408] print_report+0xd1/0x650 [ 24.262464] ? __virt_addr_valid+0x1db/0x2d0 [ 24.262572] ? kasan_atomics_helper+0x1ce1/0x5450 [ 24.262653] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.262737] ? kasan_atomics_helper+0x1ce1/0x5450 [ 24.263013] kasan_report+0x141/0x180 [ 24.263143] ? kasan_atomics_helper+0x1ce1/0x5450 [ 24.263236] kasan_check_range+0x10c/0x1c0 [ 24.263305] __kasan_check_write+0x18/0x20 [ 24.263356] kasan_atomics_helper+0x1ce1/0x5450 [ 24.263410] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.263467] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.263531] ? kasan_save_alloc_info+0x3b/0x50 [ 24.263607] ? kasan_atomics+0x152/0x310 [ 24.263690] kasan_atomics+0x1dc/0x310 [ 24.263770] ? __pfx_kasan_atomics+0x10/0x10 [ 24.263849] ? __pfx_read_tsc+0x10/0x10 [ 24.264489] ? ktime_get_ts64+0x86/0x230 [ 24.264574] kunit_try_run_case+0x1a5/0x480 [ 24.264658] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.264734] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.264809] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.264921] ? __kthread_parkme+0x82/0x180 [ 24.264998] ? preempt_count_sub+0x50/0x80 [ 24.265073] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.265168] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.265238] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.265310] kthread+0x337/0x6f0 [ 24.265371] ? trace_preempt_on+0x20/0xc0 [ 24.265438] ? __pfx_kthread+0x10/0x10 [ 24.265497] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.265558] ? calculate_sigpending+0x7b/0xa0 [ 24.265626] ? __pfx_kthread+0x10/0x10 [ 24.265692] ret_from_fork+0x116/0x1d0 [ 24.265751] ? __pfx_kthread+0x10/0x10 [ 24.265821] ret_from_fork_asm+0x1a/0x30 [ 24.265927] </TASK> [ 24.265964] [ 24.283703] Allocated by task 283: [ 24.284127] kasan_save_stack+0x45/0x70 [ 24.284514] kasan_save_track+0x18/0x40 [ 24.284944] kasan_save_alloc_info+0x3b/0x50 [ 24.285448] __kasan_kmalloc+0xb7/0xc0 [ 24.285797] __kmalloc_cache_noprof+0x189/0x420 [ 24.286350] kasan_atomics+0x95/0x310 [ 24.286751] kunit_try_run_case+0x1a5/0x480 [ 24.287173] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.287699] kthread+0x337/0x6f0 [ 24.288065] ret_from_fork+0x116/0x1d0 [ 24.288520] ret_from_fork_asm+0x1a/0x30 [ 24.288957] [ 24.289233] The buggy address belongs to the object at ffff8881038ee700 [ 24.289233] which belongs to the cache kmalloc-64 of size 64 [ 24.290084] The buggy address is located 0 bytes to the right of [ 24.290084] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 24.291142] [ 24.291336] The buggy address belongs to the physical page: [ 24.291838] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 24.292557] flags: 0x200000000000000(node=0|zone=2) [ 24.292981] page_type: f5(slab) [ 24.293397] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.294016] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.294675] page dumped because: kasan: bad access detected [ 24.295070] [ 24.295316] Memory state around the buggy address: [ 24.295664] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.296299] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.296982] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.297680] ^ [ 24.298228] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.298920] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.299409] ================================================================== [ 23.809021] ================================================================== [ 23.809719] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 23.810427] Write of size 8 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 23.810859] [ 23.811098] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 23.811217] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.811259] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.811321] Call Trace: [ 23.811362] <TASK> [ 23.811407] dump_stack_lvl+0x73/0xb0 [ 23.811496] print_report+0xd1/0x650 [ 23.811616] ? __virt_addr_valid+0x1db/0x2d0 [ 23.811702] ? kasan_atomics_helper+0x16e7/0x5450 [ 23.811778] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.811856] ? kasan_atomics_helper+0x16e7/0x5450 [ 23.811953] kasan_report+0x141/0x180 [ 23.812031] ? kasan_atomics_helper+0x16e7/0x5450 [ 23.812121] kasan_check_range+0x10c/0x1c0 [ 23.812214] __kasan_check_write+0x18/0x20 [ 23.812326] kasan_atomics_helper+0x16e7/0x5450 [ 23.812417] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.812537] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.812624] ? kasan_save_alloc_info+0x3b/0x50 [ 23.812709] ? kasan_atomics+0x152/0x310 [ 23.812798] kasan_atomics+0x1dc/0x310 [ 23.812897] ? __pfx_kasan_atomics+0x10/0x10 [ 23.812986] ? __pfx_read_tsc+0x10/0x10 [ 23.813059] ? ktime_get_ts64+0x86/0x230 [ 23.813161] kunit_try_run_case+0x1a5/0x480 [ 23.813251] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.813308] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.813349] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.813389] ? __kthread_parkme+0x82/0x180 [ 23.813421] ? preempt_count_sub+0x50/0x80 [ 23.813454] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.813491] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.813528] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.813566] kthread+0x337/0x6f0 [ 23.813594] ? trace_preempt_on+0x20/0xc0 [ 23.813629] ? __pfx_kthread+0x10/0x10 [ 23.813659] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.813691] ? calculate_sigpending+0x7b/0xa0 [ 23.813727] ? __pfx_kthread+0x10/0x10 [ 23.813760] ret_from_fork+0x116/0x1d0 [ 23.813787] ? __pfx_kthread+0x10/0x10 [ 23.813818] ret_from_fork_asm+0x1a/0x30 [ 23.813860] </TASK> [ 23.813901] [ 23.835318] Allocated by task 283: [ 23.835693] kasan_save_stack+0x45/0x70 [ 23.836139] kasan_save_track+0x18/0x40 [ 23.836495] kasan_save_alloc_info+0x3b/0x50 [ 23.836962] __kasan_kmalloc+0xb7/0xc0 [ 23.837474] __kmalloc_cache_noprof+0x189/0x420 [ 23.837834] kasan_atomics+0x95/0x310 [ 23.838483] kunit_try_run_case+0x1a5/0x480 [ 23.838999] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.839700] kthread+0x337/0x6f0 [ 23.840228] ret_from_fork+0x116/0x1d0 [ 23.840672] ret_from_fork_asm+0x1a/0x30 [ 23.841230] [ 23.841499] The buggy address belongs to the object at ffff8881038ee700 [ 23.841499] which belongs to the cache kmalloc-64 of size 64 [ 23.842563] The buggy address is located 0 bytes to the right of [ 23.842563] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 23.843715] [ 23.844053] The buggy address belongs to the physical page: [ 23.844624] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 23.845524] flags: 0x200000000000000(node=0|zone=2) [ 23.846083] page_type: f5(slab) [ 23.846557] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.847271] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.847978] page dumped because: kasan: bad access detected [ 23.848562] [ 23.848924] Memory state around the buggy address: [ 23.849498] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.850192] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.850813] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.851526] ^ [ 23.851993] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.852746] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.853405] ================================================================== [ 23.012374] ================================================================== [ 23.013070] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 23.013680] Write of size 4 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 23.014322] [ 23.014555] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 23.014671] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.014712] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.014772] Call Trace: [ 23.014812] <TASK> [ 23.014854] dump_stack_lvl+0x73/0xb0 [ 23.014963] print_report+0xd1/0x650 [ 23.015046] ? __virt_addr_valid+0x1db/0x2d0 [ 23.015128] ? kasan_atomics_helper+0xf10/0x5450 [ 23.015211] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.015291] ? kasan_atomics_helper+0xf10/0x5450 [ 23.015373] kasan_report+0x141/0x180 [ 23.015455] ? kasan_atomics_helper+0xf10/0x5450 [ 23.015543] kasan_check_range+0x10c/0x1c0 [ 23.015628] __kasan_check_write+0x18/0x20 [ 23.015703] kasan_atomics_helper+0xf10/0x5450 [ 23.015788] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.015909] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.015997] ? kasan_save_alloc_info+0x3b/0x50 [ 23.016080] ? kasan_atomics+0x152/0x310 [ 23.016169] kasan_atomics+0x1dc/0x310 [ 23.016250] ? __pfx_kasan_atomics+0x10/0x10 [ 23.016333] ? __pfx_read_tsc+0x10/0x10 [ 23.016404] ? ktime_get_ts64+0x86/0x230 [ 23.016489] kunit_try_run_case+0x1a5/0x480 [ 23.016571] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.016648] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.016725] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.016808] ? __kthread_parkme+0x82/0x180 [ 23.016902] ? preempt_count_sub+0x50/0x80 [ 23.016984] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.017068] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.017139] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.017215] kthread+0x337/0x6f0 [ 23.017286] ? trace_preempt_on+0x20/0xc0 [ 23.017367] ? __pfx_kthread+0x10/0x10 [ 23.017445] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.017527] ? calculate_sigpending+0x7b/0xa0 [ 23.017608] ? __pfx_kthread+0x10/0x10 [ 23.017683] ret_from_fork+0x116/0x1d0 [ 23.017754] ? __pfx_kthread+0x10/0x10 [ 23.017831] ret_from_fork_asm+0x1a/0x30 [ 23.017946] </TASK> [ 23.017990] [ 23.032900] Allocated by task 283: [ 23.033388] kasan_save_stack+0x45/0x70 [ 23.033811] kasan_save_track+0x18/0x40 [ 23.034387] kasan_save_alloc_info+0x3b/0x50 [ 23.034837] __kasan_kmalloc+0xb7/0xc0 [ 23.035341] __kmalloc_cache_noprof+0x189/0x420 [ 23.035739] kasan_atomics+0x95/0x310 [ 23.036147] kunit_try_run_case+0x1a5/0x480 [ 23.036608] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.037122] kthread+0x337/0x6f0 [ 23.037498] ret_from_fork+0x116/0x1d0 [ 23.037816] ret_from_fork_asm+0x1a/0x30 [ 23.038248] [ 23.038499] The buggy address belongs to the object at ffff8881038ee700 [ 23.038499] which belongs to the cache kmalloc-64 of size 64 [ 23.039811] The buggy address is located 0 bytes to the right of [ 23.039811] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 23.040718] [ 23.040973] The buggy address belongs to the physical page: [ 23.041655] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 23.042472] flags: 0x200000000000000(node=0|zone=2) [ 23.042910] page_type: f5(slab) [ 23.043235] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.043722] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.044378] page dumped because: kasan: bad access detected [ 23.044941] [ 23.045200] Memory state around the buggy address: [ 23.045671] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.046296] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.046895] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.047460] ^ [ 23.047806] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.048532] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.049149] ================================================================== [ 22.370774] ================================================================== [ 22.371430] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 22.372239] Write of size 4 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 22.372909] [ 22.373187] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 22.373318] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.373363] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.373428] Call Trace: [ 22.373471] <TASK> [ 22.373497] dump_stack_lvl+0x73/0xb0 [ 22.373545] print_report+0xd1/0x650 [ 22.373583] ? __virt_addr_valid+0x1db/0x2d0 [ 22.373658] ? kasan_atomics_helper+0x697/0x5450 [ 22.373732] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.373816] ? kasan_atomics_helper+0x697/0x5450 [ 22.374296] kasan_report+0x141/0x180 [ 22.374387] ? kasan_atomics_helper+0x697/0x5450 [ 22.374478] kasan_check_range+0x10c/0x1c0 [ 22.374560] __kasan_check_write+0x18/0x20 [ 22.374630] kasan_atomics_helper+0x697/0x5450 [ 22.374708] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.374788] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.374868] ? kasan_save_alloc_info+0x3b/0x50 [ 22.374970] ? kasan_atomics+0x152/0x310 [ 22.375054] kasan_atomics+0x1dc/0x310 [ 22.375176] ? __pfx_kasan_atomics+0x10/0x10 [ 22.375221] ? __pfx_read_tsc+0x10/0x10 [ 22.375255] ? ktime_get_ts64+0x86/0x230 [ 22.375293] kunit_try_run_case+0x1a5/0x480 [ 22.375331] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.375367] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.375401] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.375436] ? __kthread_parkme+0x82/0x180 [ 22.375466] ? preempt_count_sub+0x50/0x80 [ 22.375499] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.375535] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.375570] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.375606] kthread+0x337/0x6f0 [ 22.375634] ? trace_preempt_on+0x20/0xc0 [ 22.375667] ? __pfx_kthread+0x10/0x10 [ 22.375697] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.375729] ? calculate_sigpending+0x7b/0xa0 [ 22.375763] ? __pfx_kthread+0x10/0x10 [ 22.375794] ret_from_fork+0x116/0x1d0 [ 22.375820] ? __pfx_kthread+0x10/0x10 [ 22.375850] ret_from_fork_asm+0x1a/0x30 [ 22.375915] </TASK> [ 22.375936] [ 22.397203] Allocated by task 283: [ 22.397496] kasan_save_stack+0x45/0x70 [ 22.397805] kasan_save_track+0x18/0x40 [ 22.398659] kasan_save_alloc_info+0x3b/0x50 [ 22.401413] __kasan_kmalloc+0xb7/0xc0 [ 22.401995] __kmalloc_cache_noprof+0x189/0x420 [ 22.402823] kasan_atomics+0x95/0x310 [ 22.404020] kunit_try_run_case+0x1a5/0x480 [ 22.404728] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.405232] kthread+0x337/0x6f0 [ 22.405582] ret_from_fork+0x116/0x1d0 [ 22.406065] ret_from_fork_asm+0x1a/0x30 [ 22.406470] [ 22.406711] The buggy address belongs to the object at ffff8881038ee700 [ 22.406711] which belongs to the cache kmalloc-64 of size 64 [ 22.408468] The buggy address is located 0 bytes to the right of [ 22.408468] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 22.409940] [ 22.410151] The buggy address belongs to the physical page: [ 22.410633] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 22.411826] flags: 0x200000000000000(node=0|zone=2) [ 22.412225] page_type: f5(slab) [ 22.412899] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.413785] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.414616] page dumped because: kasan: bad access detected [ 22.415486] [ 22.415728] Memory state around the buggy address: [ 22.416496] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.417362] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.418498] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.419008] ^ [ 22.419475] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.420649] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.421494] ================================================================== [ 22.878406] ================================================================== [ 22.879332] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 22.879922] Write of size 4 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 22.880565] [ 22.880774] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 22.880911] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.880956] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.881017] Call Trace: [ 22.881060] <TASK> [ 22.881103] dump_stack_lvl+0x73/0xb0 [ 22.881194] print_report+0xd1/0x650 [ 22.881278] ? __virt_addr_valid+0x1db/0x2d0 [ 22.881359] ? kasan_atomics_helper+0xd47/0x5450 [ 22.881433] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.881493] ? kasan_atomics_helper+0xd47/0x5450 [ 22.881570] kasan_report+0x141/0x180 [ 22.881651] ? kasan_atomics_helper+0xd47/0x5450 [ 22.881742] kasan_check_range+0x10c/0x1c0 [ 22.881823] __kasan_check_write+0x18/0x20 [ 22.882071] kasan_atomics_helper+0xd47/0x5450 [ 22.882164] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.882245] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.882341] ? kasan_save_alloc_info+0x3b/0x50 [ 22.882424] ? kasan_atomics+0x152/0x310 [ 22.882512] kasan_atomics+0x1dc/0x310 [ 22.882605] ? __pfx_kasan_atomics+0x10/0x10 [ 22.882685] ? __pfx_read_tsc+0x10/0x10 [ 22.882739] ? ktime_get_ts64+0x86/0x230 [ 22.882820] kunit_try_run_case+0x1a5/0x480 [ 22.882925] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.883007] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.883091] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.883202] ? __kthread_parkme+0x82/0x180 [ 22.883277] ? preempt_count_sub+0x50/0x80 [ 22.883356] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.883440] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.883518] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.883601] kthread+0x337/0x6f0 [ 22.883672] ? trace_preempt_on+0x20/0xc0 [ 22.883748] ? __pfx_kthread+0x10/0x10 [ 22.883819] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.883915] ? calculate_sigpending+0x7b/0xa0 [ 22.883996] ? __pfx_kthread+0x10/0x10 [ 22.884069] ret_from_fork+0x116/0x1d0 [ 22.884138] ? __pfx_kthread+0x10/0x10 [ 22.884212] ret_from_fork_asm+0x1a/0x30 [ 22.884306] </TASK> [ 22.884344] [ 22.899360] Allocated by task 283: [ 22.899640] kasan_save_stack+0x45/0x70 [ 22.900006] kasan_save_track+0x18/0x40 [ 22.900449] kasan_save_alloc_info+0x3b/0x50 [ 22.900913] __kasan_kmalloc+0xb7/0xc0 [ 22.901505] __kmalloc_cache_noprof+0x189/0x420 [ 22.902012] kasan_atomics+0x95/0x310 [ 22.902556] kunit_try_run_case+0x1a5/0x480 [ 22.902919] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.903723] kthread+0x337/0x6f0 [ 22.904113] ret_from_fork+0x116/0x1d0 [ 22.904488] ret_from_fork_asm+0x1a/0x30 [ 22.904848] [ 22.905055] The buggy address belongs to the object at ffff8881038ee700 [ 22.905055] which belongs to the cache kmalloc-64 of size 64 [ 22.905742] The buggy address is located 0 bytes to the right of [ 22.905742] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 22.906749] [ 22.907002] The buggy address belongs to the physical page: [ 22.907892] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 22.909024] flags: 0x200000000000000(node=0|zone=2) [ 22.909535] page_type: f5(slab) [ 22.909864] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.910561] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.911068] page dumped because: kasan: bad access detected [ 22.911574] [ 22.911806] Memory state around the buggy address: [ 22.912381] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.912946] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.913569] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.914152] ^ [ 22.914575] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.915086] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.915718] ================================================================== [ 24.077106] ================================================================== [ 24.077988] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 24.078480] Write of size 8 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 24.079241] [ 24.079549] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 24.079668] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.079710] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.079771] Call Trace: [ 24.079811] <TASK> [ 24.079854] dump_stack_lvl+0x73/0xb0 [ 24.080029] print_report+0xd1/0x650 [ 24.080156] ? __virt_addr_valid+0x1db/0x2d0 [ 24.080239] ? kasan_atomics_helper+0x1a7f/0x5450 [ 24.080320] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.080401] ? kasan_atomics_helper+0x1a7f/0x5450 [ 24.080481] kasan_report+0x141/0x180 [ 24.080606] ? kasan_atomics_helper+0x1a7f/0x5450 [ 24.080691] kasan_check_range+0x10c/0x1c0 [ 24.080774] __kasan_check_write+0x18/0x20 [ 24.080844] kasan_atomics_helper+0x1a7f/0x5450 [ 24.080940] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.081015] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.081098] ? kasan_save_alloc_info+0x3b/0x50 [ 24.081173] ? kasan_atomics+0x152/0x310 [ 24.081252] kasan_atomics+0x1dc/0x310 [ 24.081328] ? __pfx_kasan_atomics+0x10/0x10 [ 24.081870] ? __pfx_read_tsc+0x10/0x10 [ 24.081970] ? ktime_get_ts64+0x86/0x230 [ 24.082054] kunit_try_run_case+0x1a5/0x480 [ 24.082158] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.082242] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.082337] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.082379] ? __kthread_parkme+0x82/0x180 [ 24.082412] ? preempt_count_sub+0x50/0x80 [ 24.082447] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.082484] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.082521] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.082559] kthread+0x337/0x6f0 [ 24.082587] ? trace_preempt_on+0x20/0xc0 [ 24.082621] ? __pfx_kthread+0x10/0x10 [ 24.082652] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.082686] ? calculate_sigpending+0x7b/0xa0 [ 24.082722] ? __pfx_kthread+0x10/0x10 [ 24.082755] ret_from_fork+0x116/0x1d0 [ 24.082782] ? __pfx_kthread+0x10/0x10 [ 24.082813] ret_from_fork_asm+0x1a/0x30 [ 24.082859] </TASK> [ 24.082896] [ 24.102012] Allocated by task 283: [ 24.102558] kasan_save_stack+0x45/0x70 [ 24.103045] kasan_save_track+0x18/0x40 [ 24.103536] kasan_save_alloc_info+0x3b/0x50 [ 24.103959] __kasan_kmalloc+0xb7/0xc0 [ 24.104283] __kmalloc_cache_noprof+0x189/0x420 [ 24.104937] kasan_atomics+0x95/0x310 [ 24.105356] kunit_try_run_case+0x1a5/0x480 [ 24.105959] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.106888] kthread+0x337/0x6f0 [ 24.107212] ret_from_fork+0x116/0x1d0 [ 24.107525] ret_from_fork_asm+0x1a/0x30 [ 24.107964] [ 24.108315] The buggy address belongs to the object at ffff8881038ee700 [ 24.108315] which belongs to the cache kmalloc-64 of size 64 [ 24.109618] The buggy address is located 0 bytes to the right of [ 24.109618] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 24.111501] [ 24.111698] The buggy address belongs to the physical page: [ 24.112463] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 24.113117] flags: 0x200000000000000(node=0|zone=2) [ 24.113591] page_type: f5(slab) [ 24.113975] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.114896] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.115671] page dumped because: kasan: bad access detected [ 24.116237] [ 24.116608] Memory state around the buggy address: [ 24.117039] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.118038] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.118715] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.119331] ^ [ 24.119521] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.119765] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.120162] ================================================================== [ 23.543130] ================================================================== [ 23.544154] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 23.544798] Read of size 8 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 23.545989] [ 23.546293] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 23.546646] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.546672] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.546705] Call Trace: [ 23.546728] <TASK> [ 23.546749] dump_stack_lvl+0x73/0xb0 [ 23.546793] print_report+0xd1/0x650 [ 23.546827] ? __virt_addr_valid+0x1db/0x2d0 [ 23.546859] ? kasan_atomics_helper+0x4eae/0x5450 [ 23.546919] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.546955] ? kasan_atomics_helper+0x4eae/0x5450 [ 23.546988] kasan_report+0x141/0x180 [ 23.547022] ? kasan_atomics_helper+0x4eae/0x5450 [ 23.547060] __asan_report_load8_noabort+0x18/0x20 [ 23.547104] kasan_atomics_helper+0x4eae/0x5450 [ 23.547178] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.547213] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.547249] ? kasan_save_alloc_info+0x3b/0x50 [ 23.547284] ? kasan_atomics+0x152/0x310 [ 23.547322] kasan_atomics+0x1dc/0x310 [ 23.547355] ? __pfx_kasan_atomics+0x10/0x10 [ 23.547393] ? __pfx_read_tsc+0x10/0x10 [ 23.547424] ? ktime_get_ts64+0x86/0x230 [ 23.547459] kunit_try_run_case+0x1a5/0x480 [ 23.547495] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.547530] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.547565] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.547600] ? __kthread_parkme+0x82/0x180 [ 23.547630] ? preempt_count_sub+0x50/0x80 [ 23.547663] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.547700] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.547735] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.547771] kthread+0x337/0x6f0 [ 23.547801] ? trace_preempt_on+0x20/0xc0 [ 23.547835] ? __pfx_kthread+0x10/0x10 [ 23.547865] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.547928] ? calculate_sigpending+0x7b/0xa0 [ 23.547965] ? __pfx_kthread+0x10/0x10 [ 23.547998] ret_from_fork+0x116/0x1d0 [ 23.548026] ? __pfx_kthread+0x10/0x10 [ 23.548056] ret_from_fork_asm+0x1a/0x30 [ 23.548104] </TASK> [ 23.548139] [ 23.568721] Allocated by task 283: [ 23.569102] kasan_save_stack+0x45/0x70 [ 23.569992] kasan_save_track+0x18/0x40 [ 23.570556] kasan_save_alloc_info+0x3b/0x50 [ 23.571166] __kasan_kmalloc+0xb7/0xc0 [ 23.571725] __kmalloc_cache_noprof+0x189/0x420 [ 23.572398] kasan_atomics+0x95/0x310 [ 23.572976] kunit_try_run_case+0x1a5/0x480 [ 23.573538] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.574037] kthread+0x337/0x6f0 [ 23.574768] ret_from_fork+0x116/0x1d0 [ 23.575428] ret_from_fork_asm+0x1a/0x30 [ 23.576034] [ 23.576260] The buggy address belongs to the object at ffff8881038ee700 [ 23.576260] which belongs to the cache kmalloc-64 of size 64 [ 23.577113] The buggy address is located 0 bytes to the right of [ 23.577113] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 23.578534] [ 23.579062] The buggy address belongs to the physical page: [ 23.579530] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 23.580446] flags: 0x200000000000000(node=0|zone=2) [ 23.581065] page_type: f5(slab) [ 23.581557] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.582392] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.583174] page dumped because: kasan: bad access detected [ 23.583826] [ 23.584256] Memory state around the buggy address: [ 23.584891] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.585810] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.586357] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.587145] ^ [ 23.587689] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.588332] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.588849] ================================================================== [ 23.669306] ================================================================== [ 23.670722] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 23.671533] Write of size 8 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 23.673152] [ 23.673426] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 23.673493] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.673513] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.673545] Call Trace: [ 23.673566] <TASK> [ 23.673585] dump_stack_lvl+0x73/0xb0 [ 23.673631] print_report+0xd1/0x650 [ 23.673664] ? __virt_addr_valid+0x1db/0x2d0 [ 23.673695] ? kasan_atomics_helper+0x151d/0x5450 [ 23.673728] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.673760] ? kasan_atomics_helper+0x151d/0x5450 [ 23.673791] kasan_report+0x141/0x180 [ 23.673824] ? kasan_atomics_helper+0x151d/0x5450 [ 23.673861] kasan_check_range+0x10c/0x1c0 [ 23.673950] __kasan_check_write+0x18/0x20 [ 23.674024] kasan_atomics_helper+0x151d/0x5450 [ 23.674146] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.674256] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.674326] ? kasan_save_alloc_info+0x3b/0x50 [ 23.674367] ? kasan_atomics+0x152/0x310 [ 23.674406] kasan_atomics+0x1dc/0x310 [ 23.674440] ? __pfx_kasan_atomics+0x10/0x10 [ 23.674476] ? __pfx_read_tsc+0x10/0x10 [ 23.674506] ? ktime_get_ts64+0x86/0x230 [ 23.674543] kunit_try_run_case+0x1a5/0x480 [ 23.674579] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.674616] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.674651] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.674687] ? __kthread_parkme+0x82/0x180 [ 23.674716] ? preempt_count_sub+0x50/0x80 [ 23.674749] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.674786] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.674821] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.674855] kthread+0x337/0x6f0 [ 23.674917] ? trace_preempt_on+0x20/0xc0 [ 23.674960] ? __pfx_kthread+0x10/0x10 [ 23.675009] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.675048] ? calculate_sigpending+0x7b/0xa0 [ 23.675084] ? __pfx_kthread+0x10/0x10 [ 23.675181] ret_from_fork+0x116/0x1d0 [ 23.675215] ? __pfx_kthread+0x10/0x10 [ 23.675247] ret_from_fork_asm+0x1a/0x30 [ 23.675289] </TASK> [ 23.675306] [ 23.696933] Allocated by task 283: [ 23.697568] kasan_save_stack+0x45/0x70 [ 23.697976] kasan_save_track+0x18/0x40 [ 23.698500] kasan_save_alloc_info+0x3b/0x50 [ 23.699298] __kasan_kmalloc+0xb7/0xc0 [ 23.699855] __kmalloc_cache_noprof+0x189/0x420 [ 23.700079] kasan_atomics+0x95/0x310 [ 23.700841] kunit_try_run_case+0x1a5/0x480 [ 23.701235] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.701629] kthread+0x337/0x6f0 [ 23.701907] ret_from_fork+0x116/0x1d0 [ 23.702075] ret_from_fork_asm+0x1a/0x30 [ 23.702778] [ 23.703151] The buggy address belongs to the object at ffff8881038ee700 [ 23.703151] which belongs to the cache kmalloc-64 of size 64 [ 23.704631] The buggy address is located 0 bytes to the right of [ 23.704631] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 23.705654] [ 23.706491] The buggy address belongs to the physical page: [ 23.706916] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 23.707600] flags: 0x200000000000000(node=0|zone=2) [ 23.708021] page_type: f5(slab) [ 23.708741] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.709252] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.710086] page dumped because: kasan: bad access detected [ 23.710651] [ 23.710902] Memory state around the buggy address: [ 23.711789] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.712578] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.713352] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.714045] ^ [ 23.714587] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.715242] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.715809] ================================================================== [ 22.840935] ================================================================== [ 22.842376] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 22.843416] Read of size 4 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 22.844221] [ 22.844491] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 22.844654] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.844698] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.844757] Call Trace: [ 22.844803] <TASK> [ 22.844846] dump_stack_lvl+0x73/0xb0 [ 22.844996] print_report+0xd1/0x650 [ 22.845078] ? __virt_addr_valid+0x1db/0x2d0 [ 22.845223] ? kasan_atomics_helper+0x4a84/0x5450 [ 22.845323] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.845406] ? kasan_atomics_helper+0x4a84/0x5450 [ 22.845482] kasan_report+0x141/0x180 [ 22.845521] ? kasan_atomics_helper+0x4a84/0x5450 [ 22.845562] __asan_report_load4_noabort+0x18/0x20 [ 22.845599] kasan_atomics_helper+0x4a84/0x5450 [ 22.845633] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.845666] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.845702] ? kasan_save_alloc_info+0x3b/0x50 [ 22.845736] ? kasan_atomics+0x152/0x310 [ 22.845774] kasan_atomics+0x1dc/0x310 [ 22.845807] ? __pfx_kasan_atomics+0x10/0x10 [ 22.845843] ? __pfx_read_tsc+0x10/0x10 [ 22.845894] ? ktime_get_ts64+0x86/0x230 [ 22.845939] kunit_try_run_case+0x1a5/0x480 [ 22.845978] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.846015] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.846052] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.846087] ? __kthread_parkme+0x82/0x180 [ 22.846176] ? preempt_count_sub+0x50/0x80 [ 22.846212] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.846250] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.846301] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.846337] kthread+0x337/0x6f0 [ 22.846367] ? trace_preempt_on+0x20/0xc0 [ 22.846400] ? __pfx_kthread+0x10/0x10 [ 22.846430] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.846463] ? calculate_sigpending+0x7b/0xa0 [ 22.846498] ? __pfx_kthread+0x10/0x10 [ 22.846529] ret_from_fork+0x116/0x1d0 [ 22.846556] ? __pfx_kthread+0x10/0x10 [ 22.846586] ret_from_fork_asm+0x1a/0x30 [ 22.846628] </TASK> [ 22.846644] [ 22.861788] Allocated by task 283: [ 22.862105] kasan_save_stack+0x45/0x70 [ 22.862452] kasan_save_track+0x18/0x40 [ 22.862779] kasan_save_alloc_info+0x3b/0x50 [ 22.863272] __kasan_kmalloc+0xb7/0xc0 [ 22.863706] __kmalloc_cache_noprof+0x189/0x420 [ 22.864312] kasan_atomics+0x95/0x310 [ 22.864744] kunit_try_run_case+0x1a5/0x480 [ 22.865109] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.865640] kthread+0x337/0x6f0 [ 22.866040] ret_from_fork+0x116/0x1d0 [ 22.866481] ret_from_fork_asm+0x1a/0x30 [ 22.866870] [ 22.867157] The buggy address belongs to the object at ffff8881038ee700 [ 22.867157] which belongs to the cache kmalloc-64 of size 64 [ 22.868008] The buggy address is located 0 bytes to the right of [ 22.868008] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 22.868825] [ 22.869082] The buggy address belongs to the physical page: [ 22.869585] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 22.870434] flags: 0x200000000000000(node=0|zone=2) [ 22.870934] page_type: f5(slab) [ 22.871314] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.871811] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.872302] page dumped because: kasan: bad access detected [ 22.872674] [ 22.872860] Memory state around the buggy address: [ 22.873323] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.874002] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.874652] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.875769] ^ [ 22.876264] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.876718] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.877466] ================================================================== [ 23.228745] ================================================================== [ 23.229965] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 23.230486] Write of size 4 at addr ffff8881038ee730 by task kunit_try_catch/283 [ 23.231911] [ 23.232325] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 23.232390] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.232410] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.232440] Call Trace: [ 23.232460] <TASK> [ 23.232479] dump_stack_lvl+0x73/0xb0 [ 23.232522] print_report+0xd1/0x650 [ 23.232556] ? __virt_addr_valid+0x1db/0x2d0 [ 23.232590] ? kasan_atomics_helper+0x1148/0x5450 [ 23.232620] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.232654] ? kasan_atomics_helper+0x1148/0x5450 [ 23.232687] kasan_report+0x141/0x180 [ 23.232719] ? kasan_atomics_helper+0x1148/0x5450 [ 23.232757] kasan_check_range+0x10c/0x1c0 [ 23.232794] __kasan_check_write+0x18/0x20 [ 23.232824] kasan_atomics_helper+0x1148/0x5450 [ 23.232858] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.232943] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.233027] ? kasan_save_alloc_info+0x3b/0x50 [ 23.233090] ? kasan_atomics+0x152/0x310 [ 23.233330] kasan_atomics+0x1dc/0x310 [ 23.233479] ? __pfx_kasan_atomics+0x10/0x10 [ 23.233541] ? __pfx_read_tsc+0x10/0x10 [ 23.233577] ? ktime_get_ts64+0x86/0x230 [ 23.233615] kunit_try_run_case+0x1a5/0x480 [ 23.233652] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.233688] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.233723] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.233759] ? __kthread_parkme+0x82/0x180 [ 23.233789] ? preempt_count_sub+0x50/0x80 [ 23.233821] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.233858] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.233921] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.233960] kthread+0x337/0x6f0 [ 23.233990] ? trace_preempt_on+0x20/0xc0 [ 23.234024] ? __pfx_kthread+0x10/0x10 [ 23.234054] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.234087] ? calculate_sigpending+0x7b/0xa0 [ 23.234153] ? __pfx_kthread+0x10/0x10 [ 23.234188] ret_from_fork+0x116/0x1d0 [ 23.234216] ? __pfx_kthread+0x10/0x10 [ 23.234247] ret_from_fork_asm+0x1a/0x30 [ 23.234303] </TASK> [ 23.234320] [ 23.250155] Allocated by task 283: [ 23.250458] kasan_save_stack+0x45/0x70 [ 23.250789] kasan_save_track+0x18/0x40 [ 23.254595] kasan_save_alloc_info+0x3b/0x50 [ 23.254973] __kasan_kmalloc+0xb7/0xc0 [ 23.255417] __kmalloc_cache_noprof+0x189/0x420 [ 23.255867] kasan_atomics+0x95/0x310 [ 23.256279] kunit_try_run_case+0x1a5/0x480 [ 23.256717] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.257668] kthread+0x337/0x6f0 [ 23.257961] ret_from_fork+0x116/0x1d0 [ 23.258719] ret_from_fork_asm+0x1a/0x30 [ 23.259110] [ 23.259731] The buggy address belongs to the object at ffff8881038ee700 [ 23.259731] which belongs to the cache kmalloc-64 of size 64 [ 23.260572] The buggy address is located 0 bytes to the right of [ 23.260572] allocated 48-byte region [ffff8881038ee700, ffff8881038ee730) [ 23.262034] [ 23.262671] The buggy address belongs to the physical page: [ 23.263111] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ee [ 23.263827] flags: 0x200000000000000(node=0|zone=2) [ 23.264499] page_type: f5(slab) [ 23.264870] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.265802] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.266445] page dumped because: kasan: bad access detected [ 23.266854] [ 23.267418] Memory state around the buggy address: [ 23.267746] ffff8881038ee600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.268830] ffff8881038ee680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.269306] >ffff8881038ee700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.270091] ^ [ 23.270546] ffff8881038ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.271141] ffff8881038ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.272040] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 21.588029] ================================================================== [ 21.588505] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 21.589601] Write of size 8 at addr ffff888101e49ec8 by task kunit_try_catch/279 [ 21.590869] [ 21.591187] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 21.591310] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.591344] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.591375] Call Trace: [ 21.591395] <TASK> [ 21.591415] dump_stack_lvl+0x73/0xb0 [ 21.591474] print_report+0xd1/0x650 [ 21.591534] ? __virt_addr_valid+0x1db/0x2d0 [ 21.591569] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 21.591611] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.591643] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 21.591684] kasan_report+0x141/0x180 [ 21.591715] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 21.591759] kasan_check_range+0x10c/0x1c0 [ 21.591793] __kasan_check_write+0x18/0x20 [ 21.591819] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 21.591859] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 21.591950] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.592031] ? trace_hardirqs_on+0x37/0xe0 [ 21.592085] ? kasan_bitops_generic+0x92/0x1c0 [ 21.592204] kasan_bitops_generic+0x121/0x1c0 [ 21.592291] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.592353] ? __pfx_read_tsc+0x10/0x10 [ 21.592386] ? ktime_get_ts64+0x86/0x230 [ 21.592418] kunit_try_run_case+0x1a5/0x480 [ 21.592455] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.592488] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.592521] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.592556] ? __kthread_parkme+0x82/0x180 [ 21.592586] ? preempt_count_sub+0x50/0x80 [ 21.592618] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.592655] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.592689] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.592762] kthread+0x337/0x6f0 [ 21.592820] ? trace_preempt_on+0x20/0xc0 [ 21.592900] ? __pfx_kthread+0x10/0x10 [ 21.592964] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.593029] ? calculate_sigpending+0x7b/0xa0 [ 21.593100] ? __pfx_kthread+0x10/0x10 [ 21.593170] ret_from_fork+0x116/0x1d0 [ 21.593368] ? __pfx_kthread+0x10/0x10 [ 21.593444] ret_from_fork_asm+0x1a/0x30 [ 21.593528] </TASK> [ 21.593559] [ 21.616282] Allocated by task 279: [ 21.616570] kasan_save_stack+0x45/0x70 [ 21.616922] kasan_save_track+0x18/0x40 [ 21.618262] kasan_save_alloc_info+0x3b/0x50 [ 21.619042] __kasan_kmalloc+0xb7/0xc0 [ 21.619327] __kmalloc_cache_noprof+0x189/0x420 [ 21.619800] kasan_bitops_generic+0x92/0x1c0 [ 21.620738] kunit_try_run_case+0x1a5/0x480 [ 21.621288] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.621786] kthread+0x337/0x6f0 [ 21.622538] ret_from_fork+0x116/0x1d0 [ 21.622862] ret_from_fork_asm+0x1a/0x30 [ 21.623711] [ 21.623922] The buggy address belongs to the object at ffff888101e49ec0 [ 21.623922] which belongs to the cache kmalloc-16 of size 16 [ 21.625279] The buggy address is located 8 bytes inside of [ 21.625279] allocated 9-byte region [ffff888101e49ec0, ffff888101e49ec9) [ 21.626486] [ 21.626683] The buggy address belongs to the physical page: [ 21.627698] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e49 [ 21.628266] flags: 0x200000000000000(node=0|zone=2) [ 21.628902] page_type: f5(slab) [ 21.629388] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.630018] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.630979] page dumped because: kasan: bad access detected [ 21.631515] [ 21.632039] Memory state around the buggy address: [ 21.632701] ffff888101e49d80: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 21.633447] ffff888101e49e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.634206] >ffff888101e49e80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.634722] ^ [ 21.635460] ffff888101e49f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.636166] ffff888101e49f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.636848] ================================================================== [ 21.496668] ================================================================== [ 21.498015] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 21.498780] Write of size 8 at addr ffff888101e49ec8 by task kunit_try_catch/279 [ 21.499340] [ 21.499703] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 21.500033] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.500071] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.500126] Call Trace: [ 21.500168] <TASK> [ 21.500204] dump_stack_lvl+0x73/0xb0 [ 21.500284] print_report+0xd1/0x650 [ 21.500357] ? __virt_addr_valid+0x1db/0x2d0 [ 21.500432] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 21.500862] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.500961] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 21.501041] kasan_report+0x141/0x180 [ 21.501080] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 21.501167] kasan_check_range+0x10c/0x1c0 [ 21.501232] __kasan_check_write+0x18/0x20 [ 21.501266] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 21.501308] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 21.501351] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.501385] ? trace_hardirqs_on+0x37/0xe0 [ 21.501414] ? kasan_bitops_generic+0x92/0x1c0 [ 21.501453] kasan_bitops_generic+0x121/0x1c0 [ 21.501486] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.501561] ? __pfx_read_tsc+0x10/0x10 [ 21.501645] ? ktime_get_ts64+0x86/0x230 [ 21.501727] kunit_try_run_case+0x1a5/0x480 [ 21.501814] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.501873] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.501935] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.501970] ? __kthread_parkme+0x82/0x180 [ 21.502001] ? preempt_count_sub+0x50/0x80 [ 21.502033] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.502069] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.502144] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.502187] kthread+0x337/0x6f0 [ 21.502218] ? trace_preempt_on+0x20/0xc0 [ 21.502248] ? __pfx_kthread+0x10/0x10 [ 21.502290] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.502322] ? calculate_sigpending+0x7b/0xa0 [ 21.502357] ? __pfx_kthread+0x10/0x10 [ 21.502387] ret_from_fork+0x116/0x1d0 [ 21.502412] ? __pfx_kthread+0x10/0x10 [ 21.502440] ret_from_fork_asm+0x1a/0x30 [ 21.502482] </TASK> [ 21.502496] [ 21.519359] Allocated by task 279: [ 21.519730] kasan_save_stack+0x45/0x70 [ 21.520248] kasan_save_track+0x18/0x40 [ 21.520686] kasan_save_alloc_info+0x3b/0x50 [ 21.521262] __kasan_kmalloc+0xb7/0xc0 [ 21.521690] __kmalloc_cache_noprof+0x189/0x420 [ 21.522283] kasan_bitops_generic+0x92/0x1c0 [ 21.522747] kunit_try_run_case+0x1a5/0x480 [ 21.523290] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.523848] kthread+0x337/0x6f0 [ 21.524311] ret_from_fork+0x116/0x1d0 [ 21.524729] ret_from_fork_asm+0x1a/0x30 [ 21.525235] [ 21.525474] The buggy address belongs to the object at ffff888101e49ec0 [ 21.525474] which belongs to the cache kmalloc-16 of size 16 [ 21.526428] The buggy address is located 8 bytes inside of [ 21.526428] allocated 9-byte region [ffff888101e49ec0, ffff888101e49ec9) [ 21.527369] [ 21.527628] The buggy address belongs to the physical page: [ 21.528245] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e49 [ 21.529006] flags: 0x200000000000000(node=0|zone=2) [ 21.529564] page_type: f5(slab) [ 21.529981] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.530685] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.531434] page dumped because: kasan: bad access detected [ 21.531979] [ 21.532266] Memory state around the buggy address: [ 21.532739] ffff888101e49d80: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 21.533993] ffff888101e49e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.534687] >ffff888101e49e80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.535219] ^ [ 21.535588] ffff888101e49f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.537197] ffff888101e49f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.538075] ================================================================== [ 21.772722] ================================================================== [ 21.774243] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 21.775643] Write of size 8 at addr ffff888101e49ec8 by task kunit_try_catch/279 [ 21.776562] [ 21.777022] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 21.777255] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.777299] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.777358] Call Trace: [ 21.777380] <TASK> [ 21.777399] dump_stack_lvl+0x73/0xb0 [ 21.777443] print_report+0xd1/0x650 [ 21.777477] ? __virt_addr_valid+0x1db/0x2d0 [ 21.777509] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 21.777550] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.777581] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 21.777622] kasan_report+0x141/0x180 [ 21.777652] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 21.777700] kasan_check_range+0x10c/0x1c0 [ 21.777734] __kasan_check_write+0x18/0x20 [ 21.777761] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 21.777802] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 21.777844] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.777904] ? trace_hardirqs_on+0x37/0xe0 [ 21.777942] ? kasan_bitops_generic+0x92/0x1c0 [ 21.777982] kasan_bitops_generic+0x121/0x1c0 [ 21.778015] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.778051] ? __pfx_read_tsc+0x10/0x10 [ 21.778079] ? ktime_get_ts64+0x86/0x230 [ 21.778156] kunit_try_run_case+0x1a5/0x480 [ 21.778196] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.778232] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.778274] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.778310] ? __kthread_parkme+0x82/0x180 [ 21.778339] ? preempt_count_sub+0x50/0x80 [ 21.778369] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.778404] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.778438] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.778473] kthread+0x337/0x6f0 [ 21.778500] ? trace_preempt_on+0x20/0xc0 [ 21.778531] ? __pfx_kthread+0x10/0x10 [ 21.778558] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.778589] ? calculate_sigpending+0x7b/0xa0 [ 21.778623] ? __pfx_kthread+0x10/0x10 [ 21.778653] ret_from_fork+0x116/0x1d0 [ 21.778679] ? __pfx_kthread+0x10/0x10 [ 21.778707] ret_from_fork_asm+0x1a/0x30 [ 21.778747] </TASK> [ 21.778761] [ 21.797822] Allocated by task 279: [ 21.798327] kasan_save_stack+0x45/0x70 [ 21.798795] kasan_save_track+0x18/0x40 [ 21.799247] kasan_save_alloc_info+0x3b/0x50 [ 21.799749] __kasan_kmalloc+0xb7/0xc0 [ 21.800229] __kmalloc_cache_noprof+0x189/0x420 [ 21.800719] kasan_bitops_generic+0x92/0x1c0 [ 21.801197] kunit_try_run_case+0x1a5/0x480 [ 21.801678] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.802147] kthread+0x337/0x6f0 [ 21.802593] ret_from_fork+0x116/0x1d0 [ 21.803014] ret_from_fork_asm+0x1a/0x30 [ 21.803702] [ 21.803979] The buggy address belongs to the object at ffff888101e49ec0 [ 21.803979] which belongs to the cache kmalloc-16 of size 16 [ 21.804710] The buggy address is located 8 bytes inside of [ 21.804710] allocated 9-byte region [ffff888101e49ec0, ffff888101e49ec9) [ 21.805774] [ 21.806058] The buggy address belongs to the physical page: [ 21.806577] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e49 [ 21.807252] flags: 0x200000000000000(node=0|zone=2) [ 21.807780] page_type: f5(slab) [ 21.808257] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.808949] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.809693] page dumped because: kasan: bad access detected [ 21.810232] [ 21.810488] Memory state around the buggy address: [ 21.810981] ffff888101e49d80: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 21.811787] ffff888101e49e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.812602] >ffff888101e49e80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.813262] ^ [ 21.813761] ffff888101e49f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.814441] ffff888101e49f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.815055] ================================================================== [ 21.686268] ================================================================== [ 21.687248] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 21.688006] Write of size 8 at addr ffff888101e49ec8 by task kunit_try_catch/279 [ 21.688678] [ 21.688981] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 21.689099] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.689136] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.689201] Call Trace: [ 21.689240] <TASK> [ 21.689284] dump_stack_lvl+0x73/0xb0 [ 21.689392] print_report+0xd1/0x650 [ 21.689500] ? __virt_addr_valid+0x1db/0x2d0 [ 21.689577] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 21.689662] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.689764] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 21.689898] kasan_report+0x141/0x180 [ 21.689977] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 21.690096] kasan_check_range+0x10c/0x1c0 [ 21.690209] __kasan_check_write+0x18/0x20 [ 21.690305] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 21.690352] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 21.690394] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.690431] ? trace_hardirqs_on+0x37/0xe0 [ 21.690464] ? kasan_bitops_generic+0x92/0x1c0 [ 21.690504] kasan_bitops_generic+0x121/0x1c0 [ 21.690539] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.690577] ? __pfx_read_tsc+0x10/0x10 [ 21.690608] ? ktime_get_ts64+0x86/0x230 [ 21.690642] kunit_try_run_case+0x1a5/0x480 [ 21.690676] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.690712] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.690747] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.690781] ? __kthread_parkme+0x82/0x180 [ 21.690810] ? preempt_count_sub+0x50/0x80 [ 21.690841] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.690895] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.690941] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.690977] kthread+0x337/0x6f0 [ 21.691005] ? trace_preempt_on+0x20/0xc0 [ 21.691037] ? __pfx_kthread+0x10/0x10 [ 21.691066] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.691106] ? calculate_sigpending+0x7b/0xa0 [ 21.691165] ? __pfx_kthread+0x10/0x10 [ 21.691199] ret_from_fork+0x116/0x1d0 [ 21.691225] ? __pfx_kthread+0x10/0x10 [ 21.691255] ret_from_fork_asm+0x1a/0x30 [ 21.691296] </TASK> [ 21.691310] [ 21.708602] Allocated by task 279: [ 21.708990] kasan_save_stack+0x45/0x70 [ 21.709556] kasan_save_track+0x18/0x40 [ 21.710039] kasan_save_alloc_info+0x3b/0x50 [ 21.710504] __kasan_kmalloc+0xb7/0xc0 [ 21.710968] __kmalloc_cache_noprof+0x189/0x420 [ 21.711598] kasan_bitops_generic+0x92/0x1c0 [ 21.712102] kunit_try_run_case+0x1a5/0x480 [ 21.712503] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.712997] kthread+0x337/0x6f0 [ 21.713298] ret_from_fork+0x116/0x1d0 [ 21.713615] ret_from_fork_asm+0x1a/0x30 [ 21.713994] [ 21.714328] The buggy address belongs to the object at ffff888101e49ec0 [ 21.714328] which belongs to the cache kmalloc-16 of size 16 [ 21.715559] The buggy address is located 8 bytes inside of [ 21.715559] allocated 9-byte region [ffff888101e49ec0, ffff888101e49ec9) [ 21.717999] [ 21.718281] The buggy address belongs to the physical page: [ 21.718666] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e49 [ 21.719479] flags: 0x200000000000000(node=0|zone=2) [ 21.721019] page_type: f5(slab) [ 21.721587] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.722410] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.723591] page dumped because: kasan: bad access detected [ 21.724202] [ 21.724388] Memory state around the buggy address: [ 21.724834] ffff888101e49d80: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 21.725455] ffff888101e49e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.726425] >ffff888101e49e80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.727166] ^ [ 21.727688] ffff888101e49f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.728640] ffff888101e49f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.729438] ================================================================== [ 21.816167] ================================================================== [ 21.817324] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 21.818060] Read of size 8 at addr ffff888101e49ec8 by task kunit_try_catch/279 [ 21.818792] [ 21.819529] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 21.819652] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.819692] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.819750] Call Trace: [ 21.819791] <TASK> [ 21.819832] dump_stack_lvl+0x73/0xb0 [ 21.819935] print_report+0xd1/0x650 [ 21.820008] ? __virt_addr_valid+0x1db/0x2d0 [ 21.820082] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 21.820167] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.820241] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 21.820321] kasan_report+0x141/0x180 [ 21.820395] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 21.820489] kasan_check_range+0x10c/0x1c0 [ 21.820565] __kasan_check_read+0x15/0x20 [ 21.820632] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 21.820718] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 21.820808] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.820967] ? trace_hardirqs_on+0x37/0xe0 [ 21.821111] ? kasan_bitops_generic+0x92/0x1c0 [ 21.821202] kasan_bitops_generic+0x121/0x1c0 [ 21.821278] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.821359] ? __pfx_read_tsc+0x10/0x10 [ 21.821431] ? ktime_get_ts64+0x86/0x230 [ 21.821506] kunit_try_run_case+0x1a5/0x480 [ 21.821581] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.821641] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.821681] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.821716] ? __kthread_parkme+0x82/0x180 [ 21.821746] ? preempt_count_sub+0x50/0x80 [ 21.821777] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.821812] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.821846] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.821908] kthread+0x337/0x6f0 [ 21.821942] ? trace_preempt_on+0x20/0xc0 [ 21.821975] ? __pfx_kthread+0x10/0x10 [ 21.822004] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.822036] ? calculate_sigpending+0x7b/0xa0 [ 21.822072] ? __pfx_kthread+0x10/0x10 [ 21.822113] ret_from_fork+0x116/0x1d0 [ 21.822162] ? __pfx_kthread+0x10/0x10 [ 21.822191] ret_from_fork_asm+0x1a/0x30 [ 21.822234] </TASK> [ 21.822250] [ 21.840249] Allocated by task 279: [ 21.840687] kasan_save_stack+0x45/0x70 [ 21.841172] kasan_save_track+0x18/0x40 [ 21.841663] kasan_save_alloc_info+0x3b/0x50 [ 21.842187] __kasan_kmalloc+0xb7/0xc0 [ 21.842696] __kmalloc_cache_noprof+0x189/0x420 [ 21.843246] kasan_bitops_generic+0x92/0x1c0 [ 21.843772] kunit_try_run_case+0x1a5/0x480 [ 21.844134] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.844528] kthread+0x337/0x6f0 [ 21.844822] ret_from_fork+0x116/0x1d0 [ 21.845393] ret_from_fork_asm+0x1a/0x30 [ 21.845852] [ 21.846105] The buggy address belongs to the object at ffff888101e49ec0 [ 21.846105] which belongs to the cache kmalloc-16 of size 16 [ 21.847615] The buggy address is located 8 bytes inside of [ 21.847615] allocated 9-byte region [ffff888101e49ec0, ffff888101e49ec9) [ 21.848326] [ 21.848515] The buggy address belongs to the physical page: [ 21.849153] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e49 [ 21.849906] flags: 0x200000000000000(node=0|zone=2) [ 21.851776] page_type: f5(slab) [ 21.852164] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.852832] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.854306] page dumped because: kasan: bad access detected [ 21.855064] [ 21.855456] Memory state around the buggy address: [ 21.855791] ffff888101e49d80: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 21.856478] ffff888101e49e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.857017] >ffff888101e49e80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.857644] ^ [ 21.858528] ffff888101e49f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.859076] ffff888101e49f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.860934] ================================================================== [ 21.638723] ================================================================== [ 21.639285] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 21.640414] Write of size 8 at addr ffff888101e49ec8 by task kunit_try_catch/279 [ 21.641214] [ 21.641646] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 21.641940] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.642174] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.642239] Call Trace: [ 21.642300] <TASK> [ 21.642347] dump_stack_lvl+0x73/0xb0 [ 21.642643] print_report+0xd1/0x650 [ 21.642685] ? __virt_addr_valid+0x1db/0x2d0 [ 21.642721] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 21.642762] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.642792] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 21.642832] kasan_report+0x141/0x180 [ 21.642864] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 21.642941] kasan_check_range+0x10c/0x1c0 [ 21.642978] __kasan_check_write+0x18/0x20 [ 21.643007] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 21.643046] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 21.643087] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.643160] ? trace_hardirqs_on+0x37/0xe0 [ 21.643196] ? kasan_bitops_generic+0x92/0x1c0 [ 21.643237] kasan_bitops_generic+0x121/0x1c0 [ 21.643271] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.643308] ? __pfx_read_tsc+0x10/0x10 [ 21.643337] ? ktime_get_ts64+0x86/0x230 [ 21.643370] kunit_try_run_case+0x1a5/0x480 [ 21.643404] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.643438] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.643471] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.643504] ? __kthread_parkme+0x82/0x180 [ 21.643533] ? preempt_count_sub+0x50/0x80 [ 21.643565] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.643601] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.643636] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.643670] kthread+0x337/0x6f0 [ 21.643697] ? trace_preempt_on+0x20/0xc0 [ 21.643728] ? __pfx_kthread+0x10/0x10 [ 21.643756] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.643787] ? calculate_sigpending+0x7b/0xa0 [ 21.643820] ? __pfx_kthread+0x10/0x10 [ 21.643849] ret_from_fork+0x116/0x1d0 [ 21.643894] ? __pfx_kthread+0x10/0x10 [ 21.643931] ret_from_fork_asm+0x1a/0x30 [ 21.643973] </TASK> [ 21.643989] [ 21.665631] Allocated by task 279: [ 21.666007] kasan_save_stack+0x45/0x70 [ 21.667001] kasan_save_track+0x18/0x40 [ 21.667698] kasan_save_alloc_info+0x3b/0x50 [ 21.668069] __kasan_kmalloc+0xb7/0xc0 [ 21.668930] __kmalloc_cache_noprof+0x189/0x420 [ 21.669569] kasan_bitops_generic+0x92/0x1c0 [ 21.669986] kunit_try_run_case+0x1a5/0x480 [ 21.670925] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.671447] kthread+0x337/0x6f0 [ 21.671810] ret_from_fork+0x116/0x1d0 [ 21.672607] ret_from_fork_asm+0x1a/0x30 [ 21.672978] [ 21.673182] The buggy address belongs to the object at ffff888101e49ec0 [ 21.673182] which belongs to the cache kmalloc-16 of size 16 [ 21.674594] The buggy address is located 8 bytes inside of [ 21.674594] allocated 9-byte region [ffff888101e49ec0, ffff888101e49ec9) [ 21.675940] [ 21.676146] The buggy address belongs to the physical page: [ 21.676485] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e49 [ 21.677685] flags: 0x200000000000000(node=0|zone=2) [ 21.678122] page_type: f5(slab) [ 21.678502] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.679386] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.679645] page dumped because: kasan: bad access detected [ 21.679840] [ 21.679958] Memory state around the buggy address: [ 21.680211] ffff888101e49d80: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 21.681593] ffff888101e49e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.682236] >ffff888101e49e80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.682755] ^ [ 21.683177] ffff888101e49f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.683809] ffff888101e49f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.684623] ================================================================== [ 21.730614] ================================================================== [ 21.731282] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 21.732034] Write of size 8 at addr ffff888101e49ec8 by task kunit_try_catch/279 [ 21.732940] [ 21.733158] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 21.733257] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.733291] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.733341] Call Trace: [ 21.733375] <TASK> [ 21.733413] dump_stack_lvl+0x73/0xb0 [ 21.733530] print_report+0xd1/0x650 [ 21.733616] ? __virt_addr_valid+0x1db/0x2d0 [ 21.733692] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 21.733778] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.733859] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 21.733970] kasan_report+0x141/0x180 [ 21.734048] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 21.734149] kasan_check_range+0x10c/0x1c0 [ 21.734233] __kasan_check_write+0x18/0x20 [ 21.734312] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 21.734433] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 21.734529] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.734609] ? trace_hardirqs_on+0x37/0xe0 [ 21.734682] ? kasan_bitops_generic+0x92/0x1c0 [ 21.734770] kasan_bitops_generic+0x121/0x1c0 [ 21.734845] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.734944] ? __pfx_read_tsc+0x10/0x10 [ 21.735015] ? ktime_get_ts64+0x86/0x230 [ 21.735098] kunit_try_run_case+0x1a5/0x480 [ 21.735215] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.735327] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.735409] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.735490] ? __kthread_parkme+0x82/0x180 [ 21.735559] ? preempt_count_sub+0x50/0x80 [ 21.735633] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.735684] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.735720] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.735756] kthread+0x337/0x6f0 [ 21.735783] ? trace_preempt_on+0x20/0xc0 [ 21.735814] ? __pfx_kthread+0x10/0x10 [ 21.735842] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.735893] ? calculate_sigpending+0x7b/0xa0 [ 21.735940] ? __pfx_kthread+0x10/0x10 [ 21.735972] ret_from_fork+0x116/0x1d0 [ 21.735999] ? __pfx_kthread+0x10/0x10 [ 21.736028] ret_from_fork_asm+0x1a/0x30 [ 21.736069] </TASK> [ 21.736084] [ 21.753363] Allocated by task 279: [ 21.753727] kasan_save_stack+0x45/0x70 [ 21.754213] kasan_save_track+0x18/0x40 [ 21.754633] kasan_save_alloc_info+0x3b/0x50 [ 21.755072] __kasan_kmalloc+0xb7/0xc0 [ 21.755392] __kmalloc_cache_noprof+0x189/0x420 [ 21.755864] kasan_bitops_generic+0x92/0x1c0 [ 21.756465] kunit_try_run_case+0x1a5/0x480 [ 21.757055] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.757621] kthread+0x337/0x6f0 [ 21.757951] ret_from_fork+0x116/0x1d0 [ 21.758589] ret_from_fork_asm+0x1a/0x30 [ 21.759008] [ 21.759337] The buggy address belongs to the object at ffff888101e49ec0 [ 21.759337] which belongs to the cache kmalloc-16 of size 16 [ 21.760341] The buggy address is located 8 bytes inside of [ 21.760341] allocated 9-byte region [ffff888101e49ec0, ffff888101e49ec9) [ 21.761056] [ 21.761250] The buggy address belongs to the physical page: [ 21.761772] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e49 [ 21.762721] flags: 0x200000000000000(node=0|zone=2) [ 21.763379] page_type: f5(slab) [ 21.763663] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.764326] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.765029] page dumped because: kasan: bad access detected [ 21.765538] [ 21.765729] Memory state around the buggy address: [ 21.766137] ffff888101e49d80: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 21.766991] ffff888101e49e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.767962] >ffff888101e49e80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.768828] ^ [ 21.769452] ffff888101e49f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.769944] ffff888101e49f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.770628] ================================================================== [ 21.861818] ================================================================== [ 21.862518] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 21.864803] Read of size 8 at addr ffff888101e49ec8 by task kunit_try_catch/279 [ 21.865448] [ 21.865677] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 21.865774] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.865802] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.865849] Call Trace: [ 21.865895] <TASK> [ 21.865925] dump_stack_lvl+0x73/0xb0 [ 21.865989] print_report+0xd1/0x650 [ 21.866042] ? __virt_addr_valid+0x1db/0x2d0 [ 21.866107] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 21.866189] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.866272] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 21.866353] kasan_report+0x141/0x180 [ 21.866424] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 21.866517] __asan_report_load8_noabort+0x18/0x20 [ 21.866597] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 21.866679] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 21.866756] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.866815] ? trace_hardirqs_on+0x37/0xe0 [ 21.869217] ? kasan_bitops_generic+0x92/0x1c0 [ 21.869310] kasan_bitops_generic+0x121/0x1c0 [ 21.869387] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.869457] ? __pfx_read_tsc+0x10/0x10 [ 21.869511] ? ktime_get_ts64+0x86/0x230 [ 21.869568] kunit_try_run_case+0x1a5/0x480 [ 21.869627] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.869682] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.869737] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.869793] ? __kthread_parkme+0x82/0x180 [ 21.869843] ? preempt_count_sub+0x50/0x80 [ 21.869920] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.869982] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.870040] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.870097] kthread+0x337/0x6f0 [ 21.870149] ? trace_preempt_on+0x20/0xc0 [ 21.870203] ? __pfx_kthread+0x10/0x10 [ 21.870260] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.870315] ? calculate_sigpending+0x7b/0xa0 [ 21.870369] ? __pfx_kthread+0x10/0x10 [ 21.870420] ret_from_fork+0x116/0x1d0 [ 21.870462] ? __pfx_kthread+0x10/0x10 [ 21.870607] ret_from_fork_asm+0x1a/0x30 [ 21.870655] </TASK> [ 21.870673] [ 21.892536] Allocated by task 279: [ 21.892926] kasan_save_stack+0x45/0x70 [ 21.893381] kasan_save_track+0x18/0x40 [ 21.894350] kasan_save_alloc_info+0x3b/0x50 [ 21.894697] __kasan_kmalloc+0xb7/0xc0 [ 21.895075] __kmalloc_cache_noprof+0x189/0x420 [ 21.896095] kasan_bitops_generic+0x92/0x1c0 [ 21.896543] kunit_try_run_case+0x1a5/0x480 [ 21.896914] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.897355] kthread+0x337/0x6f0 [ 21.897769] ret_from_fork+0x116/0x1d0 [ 21.898193] ret_from_fork_asm+0x1a/0x30 [ 21.898676] [ 21.898917] The buggy address belongs to the object at ffff888101e49ec0 [ 21.898917] which belongs to the cache kmalloc-16 of size 16 [ 21.899971] The buggy address is located 8 bytes inside of [ 21.899971] allocated 9-byte region [ffff888101e49ec0, ffff888101e49ec9) [ 21.900934] [ 21.901210] The buggy address belongs to the physical page: [ 21.901724] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e49 [ 21.902317] flags: 0x200000000000000(node=0|zone=2) [ 21.903005] page_type: f5(slab) [ 21.903351] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.904154] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.905193] page dumped because: kasan: bad access detected [ 21.905576] [ 21.905788] Memory state around the buggy address: [ 21.906340] ffff888101e49d80: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 21.907092] ffff888101e49e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.907641] >ffff888101e49e80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.908777] ^ [ 21.909829] ffff888101e49f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.910362] ffff888101e49f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.911099] ================================================================== [ 21.538953] ================================================================== [ 21.540030] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 21.541150] Write of size 8 at addr ffff888101e49ec8 by task kunit_try_catch/279 [ 21.542065] [ 21.542481] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 21.542594] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.542634] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.542687] Call Trace: [ 21.542726] <TASK> [ 21.542764] dump_stack_lvl+0x73/0xb0 [ 21.542848] print_report+0xd1/0x650 [ 21.542984] ? __virt_addr_valid+0x1db/0x2d0 [ 21.543083] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 21.543259] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.543336] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 21.543418] kasan_report+0x141/0x180 [ 21.543489] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 21.543585] kasan_check_range+0x10c/0x1c0 [ 21.543658] __kasan_check_write+0x18/0x20 [ 21.543692] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 21.543735] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 21.543776] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.543812] ? trace_hardirqs_on+0x37/0xe0 [ 21.543842] ? kasan_bitops_generic+0x92/0x1c0 [ 21.543905] kasan_bitops_generic+0x121/0x1c0 [ 21.543948] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.543986] ? __pfx_read_tsc+0x10/0x10 [ 21.544016] ? ktime_get_ts64+0x86/0x230 [ 21.544050] kunit_try_run_case+0x1a5/0x480 [ 21.544085] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.544181] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.544220] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.544256] ? __kthread_parkme+0x82/0x180 [ 21.544285] ? preempt_count_sub+0x50/0x80 [ 21.544317] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.544352] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.544387] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.544423] kthread+0x337/0x6f0 [ 21.544450] ? trace_preempt_on+0x20/0xc0 [ 21.544481] ? __pfx_kthread+0x10/0x10 [ 21.544510] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.544541] ? calculate_sigpending+0x7b/0xa0 [ 21.544574] ? __pfx_kthread+0x10/0x10 [ 21.544603] ret_from_fork+0x116/0x1d0 [ 21.544628] ? __pfx_kthread+0x10/0x10 [ 21.544657] ret_from_fork_asm+0x1a/0x30 [ 21.544698] </TASK> [ 21.544711] [ 21.566390] Allocated by task 279: [ 21.566824] kasan_save_stack+0x45/0x70 [ 21.567931] kasan_save_track+0x18/0x40 [ 21.568337] kasan_save_alloc_info+0x3b/0x50 [ 21.569022] __kasan_kmalloc+0xb7/0xc0 [ 21.569488] __kmalloc_cache_noprof+0x189/0x420 [ 21.569718] kasan_bitops_generic+0x92/0x1c0 [ 21.569966] kunit_try_run_case+0x1a5/0x480 [ 21.570753] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.571294] kthread+0x337/0x6f0 [ 21.571666] ret_from_fork+0x116/0x1d0 [ 21.572069] ret_from_fork_asm+0x1a/0x30 [ 21.572483] [ 21.572670] The buggy address belongs to the object at ffff888101e49ec0 [ 21.572670] which belongs to the cache kmalloc-16 of size 16 [ 21.573649] The buggy address is located 8 bytes inside of [ 21.573649] allocated 9-byte region [ffff888101e49ec0, ffff888101e49ec9) [ 21.574865] [ 21.575491] The buggy address belongs to the physical page: [ 21.576394] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e49 [ 21.577063] flags: 0x200000000000000(node=0|zone=2) [ 21.577824] page_type: f5(slab) [ 21.578081] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.578840] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.579632] page dumped because: kasan: bad access detected [ 21.580053] [ 21.580707] Memory state around the buggy address: [ 21.581628] ffff888101e49d80: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 21.582122] ffff888101e49e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.582771] >ffff888101e49e80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.583535] ^ [ 21.584038] ffff888101e49f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.585101] ffff888101e49f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.585954] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 21.213381] ================================================================== [ 21.213845] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 21.215251] Write of size 8 at addr ffff888101e49ec8 by task kunit_try_catch/279 [ 21.215821] [ 21.216057] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 21.216173] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.216212] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.216271] Call Trace: [ 21.216307] <TASK> [ 21.216353] dump_stack_lvl+0x73/0xb0 [ 21.216441] print_report+0xd1/0x650 [ 21.216522] ? __virt_addr_valid+0x1db/0x2d0 [ 21.216602] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 21.216686] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.216764] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 21.216848] kasan_report+0x141/0x180 [ 21.216946] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 21.217039] kasan_check_range+0x10c/0x1c0 [ 21.217122] __kasan_check_write+0x18/0x20 [ 21.217197] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 21.217283] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 21.217368] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.217446] ? trace_hardirqs_on+0x37/0xe0 [ 21.217516] ? kasan_bitops_generic+0x92/0x1c0 [ 21.217558] kasan_bitops_generic+0x116/0x1c0 [ 21.217594] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.217632] ? __pfx_read_tsc+0x10/0x10 [ 21.217663] ? ktime_get_ts64+0x86/0x230 [ 21.217697] kunit_try_run_case+0x1a5/0x480 [ 21.217735] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.217768] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.217803] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.217837] ? __kthread_parkme+0x82/0x180 [ 21.217865] ? preempt_count_sub+0x50/0x80 [ 21.217964] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.218007] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.218045] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.218082] kthread+0x337/0x6f0 [ 21.218159] ? trace_preempt_on+0x20/0xc0 [ 21.218195] ? __pfx_kthread+0x10/0x10 [ 21.218226] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.218269] ? calculate_sigpending+0x7b/0xa0 [ 21.218308] ? __pfx_kthread+0x10/0x10 [ 21.218339] ret_from_fork+0x116/0x1d0 [ 21.218365] ? __pfx_kthread+0x10/0x10 [ 21.218394] ret_from_fork_asm+0x1a/0x30 [ 21.218435] </TASK> [ 21.218448] [ 21.240714] Allocated by task 279: [ 21.241076] kasan_save_stack+0x45/0x70 [ 21.241827] kasan_save_track+0x18/0x40 [ 21.242463] kasan_save_alloc_info+0x3b/0x50 [ 21.243028] __kasan_kmalloc+0xb7/0xc0 [ 21.243728] __kmalloc_cache_noprof+0x189/0x420 [ 21.244377] kasan_bitops_generic+0x92/0x1c0 [ 21.244793] kunit_try_run_case+0x1a5/0x480 [ 21.245180] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.245991] kthread+0x337/0x6f0 [ 21.246618] ret_from_fork+0x116/0x1d0 [ 21.247268] ret_from_fork_asm+0x1a/0x30 [ 21.247612] [ 21.247847] The buggy address belongs to the object at ffff888101e49ec0 [ 21.247847] which belongs to the cache kmalloc-16 of size 16 [ 21.249476] The buggy address is located 8 bytes inside of [ 21.249476] allocated 9-byte region [ffff888101e49ec0, ffff888101e49ec9) [ 21.250452] [ 21.250680] The buggy address belongs to the physical page: [ 21.251189] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e49 [ 21.252020] flags: 0x200000000000000(node=0|zone=2) [ 21.252642] page_type: f5(slab) [ 21.253089] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.253818] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.254617] page dumped because: kasan: bad access detected [ 21.255208] [ 21.255492] Memory state around the buggy address: [ 21.256011] ffff888101e49d80: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 21.256913] ffff888101e49e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.257627] >ffff888101e49e80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.258423] ^ [ 21.259018] ffff888101e49f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.259707] ffff888101e49f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.260397] ================================================================== [ 21.166180] ================================================================== [ 21.166463] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 21.167824] Write of size 8 at addr ffff888101e49ec8 by task kunit_try_catch/279 [ 21.169343] [ 21.169590] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 21.169708] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.169751] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.169810] Call Trace: [ 21.169849] <TASK> [ 21.169909] dump_stack_lvl+0x73/0xb0 [ 21.169967] print_report+0xd1/0x650 [ 21.170001] ? __virt_addr_valid+0x1db/0x2d0 [ 21.170033] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 21.170071] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.170113] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 21.170854] kasan_report+0x141/0x180 [ 21.170952] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 21.171030] kasan_check_range+0x10c/0x1c0 [ 21.171070] __kasan_check_write+0x18/0x20 [ 21.171115] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 21.171192] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 21.171234] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.171269] ? trace_hardirqs_on+0x37/0xe0 [ 21.171303] ? kasan_bitops_generic+0x92/0x1c0 [ 21.171344] kasan_bitops_generic+0x116/0x1c0 [ 21.171378] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.171414] ? __pfx_read_tsc+0x10/0x10 [ 21.171443] ? ktime_get_ts64+0x86/0x230 [ 21.171477] kunit_try_run_case+0x1a5/0x480 [ 21.171511] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.171545] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.171580] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.171614] ? __kthread_parkme+0x82/0x180 [ 21.171642] ? preempt_count_sub+0x50/0x80 [ 21.171674] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.171710] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.171743] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.171779] kthread+0x337/0x6f0 [ 21.171826] ? trace_preempt_on+0x20/0xc0 [ 21.171865] ? __pfx_kthread+0x10/0x10 [ 21.171925] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.171958] ? calculate_sigpending+0x7b/0xa0 [ 21.171994] ? __pfx_kthread+0x10/0x10 [ 21.172024] ret_from_fork+0x116/0x1d0 [ 21.172052] ? __pfx_kthread+0x10/0x10 [ 21.172082] ret_from_fork_asm+0x1a/0x30 [ 21.172145] </TASK> [ 21.172162] [ 21.191352] Allocated by task 279: [ 21.192298] kasan_save_stack+0x45/0x70 [ 21.192697] kasan_save_track+0x18/0x40 [ 21.193704] kasan_save_alloc_info+0x3b/0x50 [ 21.194289] __kasan_kmalloc+0xb7/0xc0 [ 21.194728] __kmalloc_cache_noprof+0x189/0x420 [ 21.195222] kasan_bitops_generic+0x92/0x1c0 [ 21.195660] kunit_try_run_case+0x1a5/0x480 [ 21.196044] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.196558] kthread+0x337/0x6f0 [ 21.196853] ret_from_fork+0x116/0x1d0 [ 21.197291] ret_from_fork_asm+0x1a/0x30 [ 21.198076] [ 21.198492] The buggy address belongs to the object at ffff888101e49ec0 [ 21.198492] which belongs to the cache kmalloc-16 of size 16 [ 21.199661] The buggy address is located 8 bytes inside of [ 21.199661] allocated 9-byte region [ffff888101e49ec0, ffff888101e49ec9) [ 21.200837] [ 21.201145] The buggy address belongs to the physical page: [ 21.202319] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e49 [ 21.202986] flags: 0x200000000000000(node=0|zone=2) [ 21.203780] page_type: f5(slab) [ 21.204351] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.205093] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.205919] page dumped because: kasan: bad access detected [ 21.206374] [ 21.206856] Memory state around the buggy address: [ 21.207302] ffff888101e49d80: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 21.208244] ffff888101e49e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.208768] >ffff888101e49e80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.210236] ^ [ 21.210661] ffff888101e49f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.211459] ffff888101e49f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.212071] ================================================================== [ 21.307857] ================================================================== [ 21.308796] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 21.309528] Write of size 8 at addr ffff888101e49ec8 by task kunit_try_catch/279 [ 21.310303] [ 21.310642] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 21.310757] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.310846] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.310937] Call Trace: [ 21.310998] <TASK> [ 21.311042] dump_stack_lvl+0x73/0xb0 [ 21.311128] print_report+0xd1/0x650 [ 21.311244] ? __virt_addr_valid+0x1db/0x2d0 [ 21.311373] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 21.311473] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.311548] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 21.311631] kasan_report+0x141/0x180 [ 21.311682] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 21.311727] kasan_check_range+0x10c/0x1c0 [ 21.311762] __kasan_check_write+0x18/0x20 [ 21.311789] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 21.311826] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 21.311864] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.311936] ? trace_hardirqs_on+0x37/0xe0 [ 21.311970] ? kasan_bitops_generic+0x92/0x1c0 [ 21.312010] kasan_bitops_generic+0x116/0x1c0 [ 21.312044] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.312080] ? __pfx_read_tsc+0x10/0x10 [ 21.312151] ? ktime_get_ts64+0x86/0x230 [ 21.312193] kunit_try_run_case+0x1a5/0x480 [ 21.312231] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.312265] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.312298] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.312331] ? __kthread_parkme+0x82/0x180 [ 21.312363] ? preempt_count_sub+0x50/0x80 [ 21.312395] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.312431] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.312466] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.312501] kthread+0x337/0x6f0 [ 21.312528] ? trace_preempt_on+0x20/0xc0 [ 21.312559] ? __pfx_kthread+0x10/0x10 [ 21.312588] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.312619] ? calculate_sigpending+0x7b/0xa0 [ 21.312653] ? __pfx_kthread+0x10/0x10 [ 21.312683] ret_from_fork+0x116/0x1d0 [ 21.312708] ? __pfx_kthread+0x10/0x10 [ 21.312738] ret_from_fork_asm+0x1a/0x30 [ 21.312779] </TASK> [ 21.312794] [ 21.333068] Allocated by task 279: [ 21.333674] kasan_save_stack+0x45/0x70 [ 21.334082] kasan_save_track+0x18/0x40 [ 21.336682] kasan_save_alloc_info+0x3b/0x50 [ 21.337030] __kasan_kmalloc+0xb7/0xc0 [ 21.337344] __kmalloc_cache_noprof+0x189/0x420 [ 21.337663] kasan_bitops_generic+0x92/0x1c0 [ 21.339641] kunit_try_run_case+0x1a5/0x480 [ 21.340991] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.342517] kthread+0x337/0x6f0 [ 21.342829] ret_from_fork+0x116/0x1d0 [ 21.343687] ret_from_fork_asm+0x1a/0x30 [ 21.344049] [ 21.344479] The buggy address belongs to the object at ffff888101e49ec0 [ 21.344479] which belongs to the cache kmalloc-16 of size 16 [ 21.345726] The buggy address is located 8 bytes inside of [ 21.345726] allocated 9-byte region [ffff888101e49ec0, ffff888101e49ec9) [ 21.346981] [ 21.347246] The buggy address belongs to the physical page: [ 21.347718] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e49 [ 21.348438] flags: 0x200000000000000(node=0|zone=2) [ 21.348803] page_type: f5(slab) [ 21.349207] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.349953] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.350786] page dumped because: kasan: bad access detected [ 21.351793] [ 21.352041] Memory state around the buggy address: [ 21.352530] ffff888101e49d80: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 21.353148] ffff888101e49e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.353729] >ffff888101e49e80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.354286] ^ [ 21.354687] ffff888101e49f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.355611] ffff888101e49f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.356326] ================================================================== [ 21.262905] ================================================================== [ 21.263792] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 21.264601] Write of size 8 at addr ffff888101e49ec8 by task kunit_try_catch/279 [ 21.265283] [ 21.265712] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 21.265832] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.265872] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.265984] Call Trace: [ 21.266044] <TASK> [ 21.266180] dump_stack_lvl+0x73/0xb0 [ 21.266304] print_report+0xd1/0x650 [ 21.266377] ? __virt_addr_valid+0x1db/0x2d0 [ 21.266455] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 21.266500] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.266686] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 21.266783] kasan_report+0x141/0x180 [ 21.266868] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 21.266968] kasan_check_range+0x10c/0x1c0 [ 21.267009] __kasan_check_write+0x18/0x20 [ 21.267038] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 21.267077] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 21.267166] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.267207] ? trace_hardirqs_on+0x37/0xe0 [ 21.267241] ? kasan_bitops_generic+0x92/0x1c0 [ 21.267280] kasan_bitops_generic+0x116/0x1c0 [ 21.267314] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.267350] ? __pfx_read_tsc+0x10/0x10 [ 21.267380] ? ktime_get_ts64+0x86/0x230 [ 21.267413] kunit_try_run_case+0x1a5/0x480 [ 21.267448] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.267482] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.267515] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.267549] ? __kthread_parkme+0x82/0x180 [ 21.267577] ? preempt_count_sub+0x50/0x80 [ 21.267609] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.267644] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.267678] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.267712] kthread+0x337/0x6f0 [ 21.267739] ? trace_preempt_on+0x20/0xc0 [ 21.267770] ? __pfx_kthread+0x10/0x10 [ 21.267799] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.267829] ? calculate_sigpending+0x7b/0xa0 [ 21.267863] ? __pfx_kthread+0x10/0x10 [ 21.267920] ret_from_fork+0x116/0x1d0 [ 21.267949] ? __pfx_kthread+0x10/0x10 [ 21.267978] ret_from_fork_asm+0x1a/0x30 [ 21.268019] </TASK> [ 21.268035] [ 21.285224] Allocated by task 279: [ 21.285638] kasan_save_stack+0x45/0x70 [ 21.286396] kasan_save_track+0x18/0x40 [ 21.287142] kasan_save_alloc_info+0x3b/0x50 [ 21.287894] __kasan_kmalloc+0xb7/0xc0 [ 21.288831] __kmalloc_cache_noprof+0x189/0x420 [ 21.289820] kasan_bitops_generic+0x92/0x1c0 [ 21.290401] kunit_try_run_case+0x1a5/0x480 [ 21.290947] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.291526] kthread+0x337/0x6f0 [ 21.292001] ret_from_fork+0x116/0x1d0 [ 21.292526] ret_from_fork_asm+0x1a/0x30 [ 21.293142] [ 21.293479] The buggy address belongs to the object at ffff888101e49ec0 [ 21.293479] which belongs to the cache kmalloc-16 of size 16 [ 21.294598] The buggy address is located 8 bytes inside of [ 21.294598] allocated 9-byte region [ffff888101e49ec0, ffff888101e49ec9) [ 21.295584] [ 21.295932] The buggy address belongs to the physical page: [ 21.296580] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e49 [ 21.297334] flags: 0x200000000000000(node=0|zone=2) [ 21.297799] page_type: f5(slab) [ 21.298325] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.298955] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.299854] page dumped because: kasan: bad access detected [ 21.300810] [ 21.300985] Memory state around the buggy address: [ 21.301495] ffff888101e49d80: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 21.302506] ffff888101e49e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.303038] >ffff888101e49e80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.304023] ^ [ 21.304380] ffff888101e49f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.305234] ffff888101e49f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.306131] ================================================================== [ 21.446015] ================================================================== [ 21.446731] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 21.447542] Write of size 8 at addr ffff888101e49ec8 by task kunit_try_catch/279 [ 21.448573] [ 21.448790] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 21.448924] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.448965] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.449020] Call Trace: [ 21.449055] <TASK> [ 21.449094] dump_stack_lvl+0x73/0xb0 [ 21.449237] print_report+0xd1/0x650 [ 21.449318] ? __virt_addr_valid+0x1db/0x2d0 [ 21.449391] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 21.449478] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.449619] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 21.449704] kasan_report+0x141/0x180 [ 21.449815] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 21.449959] kasan_check_range+0x10c/0x1c0 [ 21.450072] __kasan_check_write+0x18/0x20 [ 21.450192] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 21.450284] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 21.450369] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.450450] ? trace_hardirqs_on+0x37/0xe0 [ 21.450522] ? kasan_bitops_generic+0x92/0x1c0 [ 21.450607] kasan_bitops_generic+0x116/0x1c0 [ 21.450684] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.450761] ? __pfx_read_tsc+0x10/0x10 [ 21.450832] ? ktime_get_ts64+0x86/0x230 [ 21.450928] kunit_try_run_case+0x1a5/0x480 [ 21.451053] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.451197] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.451275] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.451355] ? __kthread_parkme+0x82/0x180 [ 21.451426] ? preempt_count_sub+0x50/0x80 [ 21.451486] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.451525] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.451560] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.451595] kthread+0x337/0x6f0 [ 21.451622] ? trace_preempt_on+0x20/0xc0 [ 21.451654] ? __pfx_kthread+0x10/0x10 [ 21.451684] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.451714] ? calculate_sigpending+0x7b/0xa0 [ 21.451747] ? __pfx_kthread+0x10/0x10 [ 21.451778] ret_from_fork+0x116/0x1d0 [ 21.451802] ? __pfx_kthread+0x10/0x10 [ 21.451830] ret_from_fork_asm+0x1a/0x30 [ 21.451871] </TASK> [ 21.451914] [ 21.473618] Allocated by task 279: [ 21.474411] kasan_save_stack+0x45/0x70 [ 21.474752] kasan_save_track+0x18/0x40 [ 21.475088] kasan_save_alloc_info+0x3b/0x50 [ 21.475461] __kasan_kmalloc+0xb7/0xc0 [ 21.475772] __kmalloc_cache_noprof+0x189/0x420 [ 21.477248] kasan_bitops_generic+0x92/0x1c0 [ 21.477606] kunit_try_run_case+0x1a5/0x480 [ 21.478162] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.478802] kthread+0x337/0x6f0 [ 21.479148] ret_from_fork+0x116/0x1d0 [ 21.479892] ret_from_fork_asm+0x1a/0x30 [ 21.480605] [ 21.480972] The buggy address belongs to the object at ffff888101e49ec0 [ 21.480972] which belongs to the cache kmalloc-16 of size 16 [ 21.482620] The buggy address is located 8 bytes inside of [ 21.482620] allocated 9-byte region [ffff888101e49ec0, ffff888101e49ec9) [ 21.483520] [ 21.483980] The buggy address belongs to the physical page: [ 21.484581] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e49 [ 21.485538] flags: 0x200000000000000(node=0|zone=2) [ 21.486122] page_type: f5(slab) [ 21.486818] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.487746] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.488932] page dumped because: kasan: bad access detected [ 21.489346] [ 21.489579] Memory state around the buggy address: [ 21.490496] ffff888101e49d80: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 21.491025] ffff888101e49e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.491839] >ffff888101e49e80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.492764] ^ [ 21.493846] ffff888101e49f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.494700] ffff888101e49f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.495488] ================================================================== [ 21.358334] ================================================================== [ 21.359206] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 21.360486] Write of size 8 at addr ffff888101e49ec8 by task kunit_try_catch/279 [ 21.361258] [ 21.361476] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 21.361593] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.361632] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.361682] Call Trace: [ 21.361699] <TASK> [ 21.361718] dump_stack_lvl+0x73/0xb0 [ 21.361761] print_report+0xd1/0x650 [ 21.361798] ? __virt_addr_valid+0x1db/0x2d0 [ 21.361867] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 21.361963] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.362041] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 21.362125] kasan_report+0x141/0x180 [ 21.362203] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 21.362305] kasan_check_range+0x10c/0x1c0 [ 21.362384] __kasan_check_write+0x18/0x20 [ 21.362452] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 21.362536] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 21.362619] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.362673] ? trace_hardirqs_on+0x37/0xe0 [ 21.362729] ? kasan_bitops_generic+0x92/0x1c0 [ 21.362772] kasan_bitops_generic+0x116/0x1c0 [ 21.362808] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.362845] ? __pfx_read_tsc+0x10/0x10 [ 21.362918] ? ktime_get_ts64+0x86/0x230 [ 21.362961] kunit_try_run_case+0x1a5/0x480 [ 21.362998] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.363033] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.363067] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.363126] ? __kthread_parkme+0x82/0x180 [ 21.363173] ? preempt_count_sub+0x50/0x80 [ 21.363205] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.363241] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.363276] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.363311] kthread+0x337/0x6f0 [ 21.363337] ? trace_preempt_on+0x20/0xc0 [ 21.363368] ? __pfx_kthread+0x10/0x10 [ 21.363395] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.363427] ? calculate_sigpending+0x7b/0xa0 [ 21.363460] ? __pfx_kthread+0x10/0x10 [ 21.363490] ret_from_fork+0x116/0x1d0 [ 21.363514] ? __pfx_kthread+0x10/0x10 [ 21.363543] ret_from_fork_asm+0x1a/0x30 [ 21.363583] </TASK> [ 21.363599] [ 21.384572] Allocated by task 279: [ 21.384720] kasan_save_stack+0x45/0x70 [ 21.384936] kasan_save_track+0x18/0x40 [ 21.385346] kasan_save_alloc_info+0x3b/0x50 [ 21.385821] __kasan_kmalloc+0xb7/0xc0 [ 21.386192] __kmalloc_cache_noprof+0x189/0x420 [ 21.386675] kasan_bitops_generic+0x92/0x1c0 [ 21.387197] kunit_try_run_case+0x1a5/0x480 [ 21.387564] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.388149] kthread+0x337/0x6f0 [ 21.388495] ret_from_fork+0x116/0x1d0 [ 21.388953] ret_from_fork_asm+0x1a/0x30 [ 21.389279] [ 21.389459] The buggy address belongs to the object at ffff888101e49ec0 [ 21.389459] which belongs to the cache kmalloc-16 of size 16 [ 21.390504] The buggy address is located 8 bytes inside of [ 21.390504] allocated 9-byte region [ffff888101e49ec0, ffff888101e49ec9) [ 21.391683] [ 21.391921] The buggy address belongs to the physical page: [ 21.392599] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e49 [ 21.393215] flags: 0x200000000000000(node=0|zone=2) [ 21.394000] page_type: f5(slab) [ 21.394323] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.395034] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.395593] page dumped because: kasan: bad access detected [ 21.396003] [ 21.396235] Memory state around the buggy address: [ 21.396811] ffff888101e49d80: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 21.397574] ffff888101e49e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.398370] >ffff888101e49e80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.398985] ^ [ 21.399452] ffff888101e49f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.399923] ffff888101e49f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.400693] ================================================================== [ 21.402033] ================================================================== [ 21.402615] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 21.403441] Write of size 8 at addr ffff888101e49ec8 by task kunit_try_catch/279 [ 21.403941] [ 21.404243] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 21.404362] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.404399] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.404456] Call Trace: [ 21.404498] <TASK> [ 21.404536] dump_stack_lvl+0x73/0xb0 [ 21.404619] print_report+0xd1/0x650 [ 21.404694] ? __virt_addr_valid+0x1db/0x2d0 [ 21.404769] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 21.404849] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.405016] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 21.405098] kasan_report+0x141/0x180 [ 21.405199] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 21.405284] kasan_check_range+0x10c/0x1c0 [ 21.405680] __kasan_check_write+0x18/0x20 [ 21.405759] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 21.405849] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 21.405960] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.406038] ? trace_hardirqs_on+0x37/0xe0 [ 21.406116] ? kasan_bitops_generic+0x92/0x1c0 [ 21.406204] kasan_bitops_generic+0x116/0x1c0 [ 21.406297] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.406377] ? __pfx_read_tsc+0x10/0x10 [ 21.406452] ? ktime_get_ts64+0x86/0x230 [ 21.406529] kunit_try_run_case+0x1a5/0x480 [ 21.406609] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.406684] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.406757] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.406834] ? __kthread_parkme+0x82/0x180 [ 21.406905] ? preempt_count_sub+0x50/0x80 [ 21.406943] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.406980] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.407015] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.407052] kthread+0x337/0x6f0 [ 21.407080] ? trace_preempt_on+0x20/0xc0 [ 21.407148] ? __pfx_kthread+0x10/0x10 [ 21.407183] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.407217] ? calculate_sigpending+0x7b/0xa0 [ 21.407252] ? __pfx_kthread+0x10/0x10 [ 21.407281] ret_from_fork+0x116/0x1d0 [ 21.407306] ? __pfx_kthread+0x10/0x10 [ 21.407335] ret_from_fork_asm+0x1a/0x30 [ 21.407376] </TASK> [ 21.407390] [ 21.428008] Allocated by task 279: [ 21.428439] kasan_save_stack+0x45/0x70 [ 21.428858] kasan_save_track+0x18/0x40 [ 21.429359] kasan_save_alloc_info+0x3b/0x50 [ 21.429867] __kasan_kmalloc+0xb7/0xc0 [ 21.430353] __kmalloc_cache_noprof+0x189/0x420 [ 21.430796] kasan_bitops_generic+0x92/0x1c0 [ 21.431336] kunit_try_run_case+0x1a5/0x480 [ 21.431800] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.432290] kthread+0x337/0x6f0 [ 21.432725] ret_from_fork+0x116/0x1d0 [ 21.433244] ret_from_fork_asm+0x1a/0x30 [ 21.433576] [ 21.433840] The buggy address belongs to the object at ffff888101e49ec0 [ 21.433840] which belongs to the cache kmalloc-16 of size 16 [ 21.434956] The buggy address is located 8 bytes inside of [ 21.434956] allocated 9-byte region [ffff888101e49ec0, ffff888101e49ec9) [ 21.435832] [ 21.436088] The buggy address belongs to the physical page: [ 21.436606] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e49 [ 21.437418] flags: 0x200000000000000(node=0|zone=2) [ 21.437916] page_type: f5(slab) [ 21.438341] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.439040] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.439585] page dumped because: kasan: bad access detected [ 21.439976] [ 21.440297] Memory state around the buggy address: [ 21.440824] ffff888101e49d80: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 21.441600] ffff888101e49e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.442351] >ffff888101e49e80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.442864] ^ [ 21.443456] ffff888101e49f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.444081] ffff888101e49f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.444726] ================================================================== [ 21.123152] ================================================================== [ 21.124128] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 21.124820] Write of size 8 at addr ffff888101e49ec8 by task kunit_try_catch/279 [ 21.125523] [ 21.125812] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 21.125955] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.126063] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.126147] Call Trace: [ 21.126191] <TASK> [ 21.126237] dump_stack_lvl+0x73/0xb0 [ 21.126344] print_report+0xd1/0x650 [ 21.126494] ? __virt_addr_valid+0x1db/0x2d0 [ 21.126579] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 21.126726] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.126809] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 21.126911] kasan_report+0x141/0x180 [ 21.126980] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 21.127029] kasan_check_range+0x10c/0x1c0 [ 21.127064] __kasan_check_write+0x18/0x20 [ 21.127092] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 21.127161] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 21.127206] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.127245] ? trace_hardirqs_on+0x37/0xe0 [ 21.127278] ? kasan_bitops_generic+0x92/0x1c0 [ 21.127318] kasan_bitops_generic+0x116/0x1c0 [ 21.127352] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.127389] ? __pfx_read_tsc+0x10/0x10 [ 21.127419] ? ktime_get_ts64+0x86/0x230 [ 21.127454] kunit_try_run_case+0x1a5/0x480 [ 21.127492] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.127526] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.127562] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.127596] ? __kthread_parkme+0x82/0x180 [ 21.127625] ? preempt_count_sub+0x50/0x80 [ 21.127657] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.127692] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.127725] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.127761] kthread+0x337/0x6f0 [ 21.127788] ? trace_preempt_on+0x20/0xc0 [ 21.127818] ? __pfx_kthread+0x10/0x10 [ 21.127846] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.127901] ? calculate_sigpending+0x7b/0xa0 [ 21.127940] ? __pfx_kthread+0x10/0x10 [ 21.127971] ret_from_fork+0x116/0x1d0 [ 21.127998] ? __pfx_kthread+0x10/0x10 [ 21.128026] ret_from_fork_asm+0x1a/0x30 [ 21.128068] </TASK> [ 21.128083] [ 21.145511] Allocated by task 279: [ 21.145935] kasan_save_stack+0x45/0x70 [ 21.146409] kasan_save_track+0x18/0x40 [ 21.146903] kasan_save_alloc_info+0x3b/0x50 [ 21.147440] __kasan_kmalloc+0xb7/0xc0 [ 21.147907] __kmalloc_cache_noprof+0x189/0x420 [ 21.148472] kasan_bitops_generic+0x92/0x1c0 [ 21.148895] kunit_try_run_case+0x1a5/0x480 [ 21.149238] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.149629] kthread+0x337/0x6f0 [ 21.150022] ret_from_fork+0x116/0x1d0 [ 21.150510] ret_from_fork_asm+0x1a/0x30 [ 21.150976] [ 21.151218] The buggy address belongs to the object at ffff888101e49ec0 [ 21.151218] which belongs to the cache kmalloc-16 of size 16 [ 21.152271] The buggy address is located 8 bytes inside of [ 21.152271] allocated 9-byte region [ffff888101e49ec0, ffff888101e49ec9) [ 21.153572] [ 21.153763] The buggy address belongs to the physical page: [ 21.154374] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e49 [ 21.155220] flags: 0x200000000000000(node=0|zone=2) [ 21.155647] page_type: f5(slab) [ 21.157260] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.157751] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.158233] page dumped because: kasan: bad access detected [ 21.158612] [ 21.158951] Memory state around the buggy address: [ 21.159756] ffff888101e49d80: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 21.161003] ffff888101e49e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.161811] >ffff888101e49e80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.162624] ^ [ 21.163058] ffff888101e49f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.163562] ffff888101e49f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.164610] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 21.053398] ================================================================== [ 21.053955] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 21.054437] Read of size 1 at addr ffff8881038ef290 by task kunit_try_catch/277 [ 21.055655] [ 21.056223] CPU: 1 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 21.056712] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.056753] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.056812] Call Trace: [ 21.056850] <TASK> [ 21.056906] dump_stack_lvl+0x73/0xb0 [ 21.056991] print_report+0xd1/0x650 [ 21.057067] ? __virt_addr_valid+0x1db/0x2d0 [ 21.057161] ? strnlen+0x73/0x80 [ 21.057225] ? kasan_complete_mode_report_info+0x64/0x200 [ 21.057296] ? strnlen+0x73/0x80 [ 21.057363] kasan_report+0x141/0x180 [ 21.057437] ? strnlen+0x73/0x80 [ 21.057523] __asan_report_load1_noabort+0x18/0x20 [ 21.057590] strnlen+0x73/0x80 [ 21.057620] kasan_strings+0x615/0xe80 [ 21.057650] ? trace_hardirqs_on+0x37/0xe0 [ 21.057684] ? __pfx_kasan_strings+0x10/0x10 [ 21.057715] ? finish_task_switch.isra.0+0x153/0x700 [ 21.057745] ? __switch_to+0x47/0xf50 [ 21.057781] ? __schedule+0x10cc/0x2b60 [ 21.057813] ? __pfx_read_tsc+0x10/0x10 [ 21.057842] ? ktime_get_ts64+0x86/0x230 [ 21.057892] kunit_try_run_case+0x1a5/0x480 [ 21.057974] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.058052] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.058136] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.058223] ? __kthread_parkme+0x82/0x180 [ 21.058294] ? preempt_count_sub+0x50/0x80 [ 21.058329] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.058366] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.058404] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.058439] kthread+0x337/0x6f0 [ 21.058467] ? trace_preempt_on+0x20/0xc0 [ 21.058497] ? __pfx_kthread+0x10/0x10 [ 21.058527] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.058558] ? calculate_sigpending+0x7b/0xa0 [ 21.058592] ? __pfx_kthread+0x10/0x10 [ 21.058622] ret_from_fork+0x116/0x1d0 [ 21.058646] ? __pfx_kthread+0x10/0x10 [ 21.058674] ret_from_fork_asm+0x1a/0x30 [ 21.058715] </TASK> [ 21.058730] [ 21.086469] Allocated by task 277: [ 21.087394] kasan_save_stack+0x45/0x70 [ 21.087926] kasan_save_track+0x18/0x40 [ 21.088688] kasan_save_alloc_info+0x3b/0x50 [ 21.089335] __kasan_kmalloc+0xb7/0xc0 [ 21.090083] __kmalloc_cache_noprof+0x189/0x420 [ 21.090959] kasan_strings+0xc0/0xe80 [ 21.091721] kunit_try_run_case+0x1a5/0x480 [ 21.092231] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.092985] kthread+0x337/0x6f0 [ 21.093511] ret_from_fork+0x116/0x1d0 [ 21.094169] ret_from_fork_asm+0x1a/0x30 [ 21.094725] [ 21.094922] Freed by task 277: [ 21.095965] kasan_save_stack+0x45/0x70 [ 21.096330] kasan_save_track+0x18/0x40 [ 21.096580] kasan_save_free_info+0x3f/0x60 [ 21.097481] __kasan_slab_free+0x56/0x70 [ 21.097828] kfree+0x222/0x3f0 [ 21.098304] kasan_strings+0x2aa/0xe80 [ 21.098925] kunit_try_run_case+0x1a5/0x480 [ 21.099579] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.100783] kthread+0x337/0x6f0 [ 21.101398] ret_from_fork+0x116/0x1d0 [ 21.102354] ret_from_fork_asm+0x1a/0x30 [ 21.102818] [ 21.102967] The buggy address belongs to the object at ffff8881038ef280 [ 21.102967] which belongs to the cache kmalloc-32 of size 32 [ 21.104411] The buggy address is located 16 bytes inside of [ 21.104411] freed 32-byte region [ffff8881038ef280, ffff8881038ef2a0) [ 21.106116] [ 21.106360] The buggy address belongs to the physical page: [ 21.107141] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ef [ 21.107964] flags: 0x200000000000000(node=0|zone=2) [ 21.108505] page_type: f5(slab) [ 21.109033] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 21.109697] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 21.110824] page dumped because: kasan: bad access detected [ 21.112004] [ 21.112209] Memory state around the buggy address: [ 21.112510] ffff8881038ef180: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 21.113473] ffff8881038ef200: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 21.114161] >ffff8881038ef280: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.115027] ^ [ 21.115306] ffff8881038ef300: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 21.116710] ffff8881038ef380: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.117215] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strlen
[ 20.996197] ================================================================== [ 20.997553] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 20.998158] Read of size 1 at addr ffff8881038ef290 by task kunit_try_catch/277 [ 20.999664] [ 20.999998] CPU: 1 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 21.000076] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.000115] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.000165] Call Trace: [ 21.000187] <TASK> [ 21.000204] dump_stack_lvl+0x73/0xb0 [ 21.000248] print_report+0xd1/0x650 [ 21.000282] ? __virt_addr_valid+0x1db/0x2d0 [ 21.000314] ? strlen+0x8f/0xb0 [ 21.000338] ? kasan_complete_mode_report_info+0x64/0x200 [ 21.000370] ? strlen+0x8f/0xb0 [ 21.000395] kasan_report+0x141/0x180 [ 21.000427] ? strlen+0x8f/0xb0 [ 21.000456] __asan_report_load1_noabort+0x18/0x20 [ 21.000492] strlen+0x8f/0xb0 [ 21.000536] kasan_strings+0x57b/0xe80 [ 21.000759] ? trace_hardirqs_on+0x37/0xe0 [ 21.000933] ? __pfx_kasan_strings+0x10/0x10 [ 21.000974] ? finish_task_switch.isra.0+0x153/0x700 [ 21.001009] ? __switch_to+0x47/0xf50 [ 21.001046] ? __schedule+0x10cc/0x2b60 [ 21.001078] ? __pfx_read_tsc+0x10/0x10 [ 21.001149] ? ktime_get_ts64+0x86/0x230 [ 21.001190] kunit_try_run_case+0x1a5/0x480 [ 21.001228] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.001265] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.001299] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.001334] ? __kthread_parkme+0x82/0x180 [ 21.001362] ? preempt_count_sub+0x50/0x80 [ 21.001393] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.001428] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.001462] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.001497] kthread+0x337/0x6f0 [ 21.001581] ? trace_preempt_on+0x20/0xc0 [ 21.001668] ? __pfx_kthread+0x10/0x10 [ 21.001748] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.001831] ? calculate_sigpending+0x7b/0xa0 [ 21.001904] ? __pfx_kthread+0x10/0x10 [ 21.001938] ret_from_fork+0x116/0x1d0 [ 21.001966] ? __pfx_kthread+0x10/0x10 [ 21.001997] ret_from_fork_asm+0x1a/0x30 [ 21.002038] </TASK> [ 21.002053] [ 21.025300] Allocated by task 277: [ 21.025492] kasan_save_stack+0x45/0x70 [ 21.026572] kasan_save_track+0x18/0x40 [ 21.027575] kasan_save_alloc_info+0x3b/0x50 [ 21.028117] __kasan_kmalloc+0xb7/0xc0 [ 21.028694] __kmalloc_cache_noprof+0x189/0x420 [ 21.029239] kasan_strings+0xc0/0xe80 [ 21.029976] kunit_try_run_case+0x1a5/0x480 [ 21.030507] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.031028] kthread+0x337/0x6f0 [ 21.031621] ret_from_fork+0x116/0x1d0 [ 21.032340] ret_from_fork_asm+0x1a/0x30 [ 21.033005] [ 21.033269] Freed by task 277: [ 21.033561] kasan_save_stack+0x45/0x70 [ 21.034294] kasan_save_track+0x18/0x40 [ 21.035088] kasan_save_free_info+0x3f/0x60 [ 21.035698] __kasan_slab_free+0x56/0x70 [ 21.036115] kfree+0x222/0x3f0 [ 21.036477] kasan_strings+0x2aa/0xe80 [ 21.036911] kunit_try_run_case+0x1a5/0x480 [ 21.037485] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.038091] kthread+0x337/0x6f0 [ 21.038499] ret_from_fork+0x116/0x1d0 [ 21.039123] ret_from_fork_asm+0x1a/0x30 [ 21.039687] [ 21.040276] The buggy address belongs to the object at ffff8881038ef280 [ 21.040276] which belongs to the cache kmalloc-32 of size 32 [ 21.041410] The buggy address is located 16 bytes inside of [ 21.041410] freed 32-byte region [ffff8881038ef280, ffff8881038ef2a0) [ 21.042397] [ 21.042760] The buggy address belongs to the physical page: [ 21.043381] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ef [ 21.044237] flags: 0x200000000000000(node=0|zone=2) [ 21.044683] page_type: f5(slab) [ 21.045007] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 21.046124] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 21.046640] page dumped because: kasan: bad access detected [ 21.047157] [ 21.047391] Memory state around the buggy address: [ 21.047858] ffff8881038ef180: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 21.048813] ffff8881038ef200: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 21.049447] >ffff8881038ef280: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.049909] ^ [ 21.050496] ffff8881038ef300: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 21.051525] ffff8881038ef380: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.052289] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 20.939417] ================================================================== [ 20.940049] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 20.940643] Read of size 1 at addr ffff8881038ef290 by task kunit_try_catch/277 [ 20.941398] [ 20.941819] CPU: 1 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 20.941957] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.941996] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.942055] Call Trace: [ 20.942100] <TASK> [ 20.942143] dump_stack_lvl+0x73/0xb0 [ 20.942233] print_report+0xd1/0x650 [ 20.942318] ? __virt_addr_valid+0x1db/0x2d0 [ 20.942414] ? kasan_strings+0xcbc/0xe80 [ 20.942515] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.942593] ? kasan_strings+0xcbc/0xe80 [ 20.942662] kasan_report+0x141/0x180 [ 20.942736] ? kasan_strings+0xcbc/0xe80 [ 20.942816] __asan_report_load1_noabort+0x18/0x20 [ 20.942916] kasan_strings+0xcbc/0xe80 [ 20.943076] ? trace_hardirqs_on+0x37/0xe0 [ 20.943194] ? __pfx_kasan_strings+0x10/0x10 [ 20.943295] ? finish_task_switch.isra.0+0x153/0x700 [ 20.943415] ? __switch_to+0x47/0xf50 [ 20.943501] ? __schedule+0x10cc/0x2b60 [ 20.943810] ? __pfx_read_tsc+0x10/0x10 [ 20.943847] ? ktime_get_ts64+0x86/0x230 [ 20.943909] kunit_try_run_case+0x1a5/0x480 [ 20.943952] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.943990] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.944025] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.944058] ? __kthread_parkme+0x82/0x180 [ 20.944087] ? preempt_count_sub+0x50/0x80 [ 20.944147] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.944187] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.944223] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.944261] kthread+0x337/0x6f0 [ 20.944289] ? trace_preempt_on+0x20/0xc0 [ 20.944320] ? __pfx_kthread+0x10/0x10 [ 20.944349] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.944379] ? calculate_sigpending+0x7b/0xa0 [ 20.944413] ? __pfx_kthread+0x10/0x10 [ 20.944443] ret_from_fork+0x116/0x1d0 [ 20.944467] ? __pfx_kthread+0x10/0x10 [ 20.944495] ret_from_fork_asm+0x1a/0x30 [ 20.944610] </TASK> [ 20.944644] [ 20.967078] Allocated by task 277: [ 20.967930] kasan_save_stack+0x45/0x70 [ 20.968359] kasan_save_track+0x18/0x40 [ 20.969067] kasan_save_alloc_info+0x3b/0x50 [ 20.969494] __kasan_kmalloc+0xb7/0xc0 [ 20.970436] __kmalloc_cache_noprof+0x189/0x420 [ 20.971438] kasan_strings+0xc0/0xe80 [ 20.972020] kunit_try_run_case+0x1a5/0x480 [ 20.972898] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.973979] kthread+0x337/0x6f0 [ 20.974353] ret_from_fork+0x116/0x1d0 [ 20.975015] ret_from_fork_asm+0x1a/0x30 [ 20.975948] [ 20.976122] Freed by task 277: [ 20.976395] kasan_save_stack+0x45/0x70 [ 20.976721] kasan_save_track+0x18/0x40 [ 20.977052] kasan_save_free_info+0x3f/0x60 [ 20.978284] __kasan_slab_free+0x56/0x70 [ 20.979056] kfree+0x222/0x3f0 [ 20.979903] kasan_strings+0x2aa/0xe80 [ 20.980712] kunit_try_run_case+0x1a5/0x480 [ 20.981101] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.982055] kthread+0x337/0x6f0 [ 20.982456] ret_from_fork+0x116/0x1d0 [ 20.982988] ret_from_fork_asm+0x1a/0x30 [ 20.983344] [ 20.983576] The buggy address belongs to the object at ffff8881038ef280 [ 20.983576] which belongs to the cache kmalloc-32 of size 32 [ 20.984526] The buggy address is located 16 bytes inside of [ 20.984526] freed 32-byte region [ffff8881038ef280, ffff8881038ef2a0) [ 20.985512] [ 20.985792] The buggy address belongs to the physical page: [ 20.986209] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ef [ 20.987028] flags: 0x200000000000000(node=0|zone=2) [ 20.987499] page_type: f5(slab) [ 20.987902] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 20.988524] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.989199] page dumped because: kasan: bad access detected [ 20.989691] [ 20.989947] Memory state around the buggy address: [ 20.990407] ffff8881038ef180: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.990941] ffff8881038ef200: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 20.991682] >ffff8881038ef280: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.992276] ^ [ 20.992811] ffff8881038ef300: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.993710] ffff8881038ef380: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.994719] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 20.881278] ================================================================== [ 20.883724] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 20.884930] Read of size 1 at addr ffff8881038ef290 by task kunit_try_catch/277 [ 20.886299] [ 20.886482] CPU: 1 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 20.886865] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.886920] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.886957] Call Trace: [ 20.886997] <TASK> [ 20.887021] dump_stack_lvl+0x73/0xb0 [ 20.887064] print_report+0xd1/0x650 [ 20.887104] ? __virt_addr_valid+0x1db/0x2d0 [ 20.887374] ? strcmp+0xb0/0xc0 [ 20.887405] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.887439] ? strcmp+0xb0/0xc0 [ 20.887464] kasan_report+0x141/0x180 [ 20.887497] ? strcmp+0xb0/0xc0 [ 20.887578] __asan_report_load1_noabort+0x18/0x20 [ 20.887658] strcmp+0xb0/0xc0 [ 20.887690] kasan_strings+0x431/0xe80 [ 20.887724] ? trace_hardirqs_on+0x37/0xe0 [ 20.887759] ? __pfx_kasan_strings+0x10/0x10 [ 20.887789] ? finish_task_switch.isra.0+0x153/0x700 [ 20.887820] ? __switch_to+0x47/0xf50 [ 20.887856] ? __schedule+0x10cc/0x2b60 [ 20.887920] ? __pfx_read_tsc+0x10/0x10 [ 20.887953] ? ktime_get_ts64+0x86/0x230 [ 20.887988] kunit_try_run_case+0x1a5/0x480 [ 20.888026] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.888060] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.888114] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.888171] ? __kthread_parkme+0x82/0x180 [ 20.888203] ? preempt_count_sub+0x50/0x80 [ 20.888236] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.888272] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.888305] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.888341] kthread+0x337/0x6f0 [ 20.888368] ? trace_preempt_on+0x20/0xc0 [ 20.888398] ? __pfx_kthread+0x10/0x10 [ 20.888427] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.888458] ? calculate_sigpending+0x7b/0xa0 [ 20.888492] ? __pfx_kthread+0x10/0x10 [ 20.888564] ret_from_fork+0x116/0x1d0 [ 20.888633] ? __pfx_kthread+0x10/0x10 [ 20.888667] ret_from_fork_asm+0x1a/0x30 [ 20.888709] </TASK> [ 20.888723] [ 20.911221] Allocated by task 277: [ 20.911545] kasan_save_stack+0x45/0x70 [ 20.912860] kasan_save_track+0x18/0x40 [ 20.913205] kasan_save_alloc_info+0x3b/0x50 [ 20.913777] __kasan_kmalloc+0xb7/0xc0 [ 20.914109] __kmalloc_cache_noprof+0x189/0x420 [ 20.914977] kasan_strings+0xc0/0xe80 [ 20.915469] kunit_try_run_case+0x1a5/0x480 [ 20.916158] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.917040] kthread+0x337/0x6f0 [ 20.917444] ret_from_fork+0x116/0x1d0 [ 20.918129] ret_from_fork_asm+0x1a/0x30 [ 20.918485] [ 20.918595] Freed by task 277: [ 20.918729] kasan_save_stack+0x45/0x70 [ 20.918914] kasan_save_track+0x18/0x40 [ 20.919077] kasan_save_free_info+0x3f/0x60 [ 20.920349] __kasan_slab_free+0x56/0x70 [ 20.920831] kfree+0x222/0x3f0 [ 20.921230] kasan_strings+0x2aa/0xe80 [ 20.921732] kunit_try_run_case+0x1a5/0x480 [ 20.922359] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.923215] kthread+0x337/0x6f0 [ 20.923535] ret_from_fork+0x116/0x1d0 [ 20.924385] ret_from_fork_asm+0x1a/0x30 [ 20.924787] [ 20.925044] The buggy address belongs to the object at ffff8881038ef280 [ 20.925044] which belongs to the cache kmalloc-32 of size 32 [ 20.926421] The buggy address is located 16 bytes inside of [ 20.926421] freed 32-byte region [ffff8881038ef280, ffff8881038ef2a0) [ 20.927871] [ 20.928222] The buggy address belongs to the physical page: [ 20.929154] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ef [ 20.930080] flags: 0x200000000000000(node=0|zone=2) [ 20.930590] page_type: f5(slab) [ 20.930905] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 20.931505] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.932567] page dumped because: kasan: bad access detected [ 20.933222] [ 20.933552] Memory state around the buggy address: [ 20.934393] ffff8881038ef180: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.935088] ffff8881038ef200: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 20.935611] >ffff8881038ef280: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.936246] ^ [ 20.936609] ffff8881038ef300: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.937628] ffff8881038ef380: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.938281] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 20.819046] ================================================================== [ 20.820372] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 20.821251] Read of size 1 at addr ffff888103312998 by task kunit_try_catch/275 [ 20.822444] [ 20.822728] CPU: 0 UID: 0 PID: 275 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 20.822832] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.822851] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.822916] Call Trace: [ 20.822954] <TASK> [ 20.822999] dump_stack_lvl+0x73/0xb0 [ 20.823062] print_report+0xd1/0x650 [ 20.823106] ? __virt_addr_valid+0x1db/0x2d0 [ 20.823426] ? memcmp+0x1b4/0x1d0 [ 20.823456] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.823490] ? memcmp+0x1b4/0x1d0 [ 20.823575] kasan_report+0x141/0x180 [ 20.823677] ? memcmp+0x1b4/0x1d0 [ 20.823762] __asan_report_load1_noabort+0x18/0x20 [ 20.823850] memcmp+0x1b4/0x1d0 [ 20.823910] kasan_memcmp+0x18f/0x390 [ 20.823946] ? trace_hardirqs_on+0x37/0xe0 [ 20.823982] ? __pfx_kasan_memcmp+0x10/0x10 [ 20.824012] ? finish_task_switch.isra.0+0x153/0x700 [ 20.824044] ? __switch_to+0x47/0xf50 [ 20.824084] ? __pfx_read_tsc+0x10/0x10 [ 20.824154] ? ktime_get_ts64+0x86/0x230 [ 20.824194] kunit_try_run_case+0x1a5/0x480 [ 20.824234] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.824269] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.824305] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.824339] ? __kthread_parkme+0x82/0x180 [ 20.824367] ? preempt_count_sub+0x50/0x80 [ 20.824399] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.824434] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.824468] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.824504] kthread+0x337/0x6f0 [ 20.824567] ? trace_preempt_on+0x20/0xc0 [ 20.824643] ? __pfx_kthread+0x10/0x10 [ 20.824676] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.824710] ? calculate_sigpending+0x7b/0xa0 [ 20.824746] ? __pfx_kthread+0x10/0x10 [ 20.824776] ret_from_fork+0x116/0x1d0 [ 20.824802] ? __pfx_kthread+0x10/0x10 [ 20.824832] ret_from_fork_asm+0x1a/0x30 [ 20.824896] </TASK> [ 20.824918] [ 20.845519] Allocated by task 275: [ 20.846841] kasan_save_stack+0x45/0x70 [ 20.847192] kasan_save_track+0x18/0x40 [ 20.847947] kasan_save_alloc_info+0x3b/0x50 [ 20.848365] __kasan_kmalloc+0xb7/0xc0 [ 20.848784] __kmalloc_cache_noprof+0x189/0x420 [ 20.849405] kasan_memcmp+0xb7/0x390 [ 20.850635] kunit_try_run_case+0x1a5/0x480 [ 20.851000] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.852014] kthread+0x337/0x6f0 [ 20.852250] ret_from_fork+0x116/0x1d0 [ 20.852455] ret_from_fork_asm+0x1a/0x30 [ 20.853202] [ 20.853448] The buggy address belongs to the object at ffff888103312980 [ 20.853448] which belongs to the cache kmalloc-32 of size 32 [ 20.855259] The buggy address is located 0 bytes to the right of [ 20.855259] allocated 24-byte region [ffff888103312980, ffff888103312998) [ 20.856339] [ 20.856522] The buggy address belongs to the physical page: [ 20.857706] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103312 [ 20.858409] flags: 0x200000000000000(node=0|zone=2) [ 20.858989] page_type: f5(slab) [ 20.859929] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 20.860867] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.861814] page dumped because: kasan: bad access detected [ 20.862396] [ 20.862981] Memory state around the buggy address: [ 20.864119] ffff888103312880: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.864684] ffff888103312900: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc [ 20.865578] >ffff888103312980: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.866488] ^ [ 20.866992] ffff888103312a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.868141] ffff888103312a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.868927] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 20.762983] ================================================================== [ 20.764348] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 20.764987] Read of size 1 at addr ffff888103977c4a by task kunit_try_catch/271 [ 20.765515] [ 20.766310] CPU: 1 UID: 0 PID: 271 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 20.766407] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.766448] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.766507] Call Trace: [ 20.766686] <TASK> [ 20.766716] dump_stack_lvl+0x73/0xb0 [ 20.766799] print_report+0xd1/0x650 [ 20.766836] ? __virt_addr_valid+0x1db/0x2d0 [ 20.766870] ? kasan_alloca_oob_right+0x329/0x390 [ 20.766926] ? kasan_addr_to_slab+0x11/0xa0 [ 20.766960] ? kasan_alloca_oob_right+0x329/0x390 [ 20.766995] kasan_report+0x141/0x180 [ 20.767026] ? kasan_alloca_oob_right+0x329/0x390 [ 20.767066] __asan_report_load1_noabort+0x18/0x20 [ 20.767112] kasan_alloca_oob_right+0x329/0x390 [ 20.767169] ? irqentry_exit+0x2a/0x60 [ 20.767206] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 20.767242] ? trace_hardirqs_on+0x37/0xe0 [ 20.767278] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 20.767316] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 20.767354] kunit_try_run_case+0x1a5/0x480 [ 20.767391] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.767424] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.767459] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.767493] ? __kthread_parkme+0x82/0x180 [ 20.767521] ? preempt_count_sub+0x50/0x80 [ 20.767552] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.767588] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.767622] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.767658] kthread+0x337/0x6f0 [ 20.767685] ? trace_preempt_on+0x20/0xc0 [ 20.767716] ? __pfx_kthread+0x10/0x10 [ 20.767745] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.767776] ? calculate_sigpending+0x7b/0xa0 [ 20.767812] ? __pfx_kthread+0x10/0x10 [ 20.767844] ret_from_fork+0x116/0x1d0 [ 20.767870] ? __pfx_kthread+0x10/0x10 [ 20.767924] ret_from_fork_asm+0x1a/0x30 [ 20.767967] </TASK> [ 20.767983] [ 20.787722] The buggy address belongs to stack of task kunit_try_catch/271 [ 20.788777] [ 20.788958] The buggy address belongs to the physical page: [ 20.789659] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103977 [ 20.790485] flags: 0x200000000000000(node=0|zone=2) [ 20.790839] raw: 0200000000000000 ffffea00040e5dc8 ffffea00040e5dc8 0000000000000000 [ 20.792046] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 20.792806] page dumped because: kasan: bad access detected [ 20.793507] [ 20.793701] Memory state around the buggy address: [ 20.794221] ffff888103977b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.794978] ffff888103977b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.795992] >ffff888103977c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 20.796689] ^ [ 20.797612] ffff888103977c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 20.798126] ffff888103977d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 20.798982] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 20.712277] ================================================================== [ 20.713606] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 20.715064] Read of size 1 at addr ffff8881038c7c3f by task kunit_try_catch/269 [ 20.716008] [ 20.716319] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 20.716418] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.716460] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.716521] Call Trace: [ 20.716558] <TASK> [ 20.716812] dump_stack_lvl+0x73/0xb0 [ 20.716871] print_report+0xd1/0x650 [ 20.716939] ? __virt_addr_valid+0x1db/0x2d0 [ 20.716974] ? kasan_alloca_oob_left+0x320/0x380 [ 20.717006] ? kasan_addr_to_slab+0x11/0xa0 [ 20.717037] ? kasan_alloca_oob_left+0x320/0x380 [ 20.717068] kasan_report+0x141/0x180 [ 20.717106] ? kasan_alloca_oob_left+0x320/0x380 [ 20.717277] __asan_report_load1_noabort+0x18/0x20 [ 20.717317] kasan_alloca_oob_left+0x320/0x380 [ 20.717352] ? __pfx_sched_clock_cpu+0x10/0x10 [ 20.717386] ? finish_task_switch.isra.0+0x153/0x700 [ 20.717418] ? __mutex_lock.constprop.0+0x93e/0x1280 [ 20.717456] ? trace_hardirqs_on+0x37/0xe0 [ 20.717490] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 20.717564] ? __schedule+0x10cc/0x2b60 [ 20.717646] ? __pfx_read_tsc+0x10/0x10 [ 20.717681] ? ktime_get_ts64+0x86/0x230 [ 20.717716] kunit_try_run_case+0x1a5/0x480 [ 20.717754] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.717789] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.717826] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.717860] ? __kthread_parkme+0x82/0x180 [ 20.717916] ? preempt_count_sub+0x50/0x80 [ 20.717950] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.717987] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.718022] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.718058] kthread+0x337/0x6f0 [ 20.718086] ? trace_preempt_on+0x20/0xc0 [ 20.718155] ? __pfx_kthread+0x10/0x10 [ 20.718188] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.718220] ? calculate_sigpending+0x7b/0xa0 [ 20.718265] ? __pfx_kthread+0x10/0x10 [ 20.718296] ret_from_fork+0x116/0x1d0 [ 20.718323] ? __pfx_kthread+0x10/0x10 [ 20.718352] ret_from_fork_asm+0x1a/0x30 [ 20.718394] </TASK> [ 20.718409] [ 20.743971] The buggy address belongs to stack of task kunit_try_catch/269 [ 20.744849] [ 20.745264] The buggy address belongs to the physical page: [ 20.746190] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038c7 [ 20.747039] flags: 0x200000000000000(node=0|zone=2) [ 20.747717] raw: 0200000000000000 ffffea00040e31c8 ffffea00040e31c8 0000000000000000 [ 20.748785] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 20.749821] page dumped because: kasan: bad access detected [ 20.750380] [ 20.750916] Memory state around the buggy address: [ 20.751391] ffff8881038c7b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.752578] ffff8881038c7b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.753305] >ffff8881038c7c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 20.754371] ^ [ 20.754967] ffff8881038c7c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 20.756066] ffff8881038c7d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 20.756967] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 20.612305] ================================================================== [ 20.613114] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 20.613412] Read of size 1 at addr ffffffffbf276e8d by task kunit_try_catch/263 [ 20.614250] [ 20.615385] CPU: 1 UID: 0 PID: 263 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 20.615459] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.615480] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.615522] Call Trace: [ 20.615581] <TASK> [ 20.615635] dump_stack_lvl+0x73/0xb0 [ 20.615690] print_report+0xd1/0x650 [ 20.615724] ? __virt_addr_valid+0x1db/0x2d0 [ 20.615758] ? kasan_global_oob_right+0x286/0x2d0 [ 20.615788] ? kasan_addr_to_slab+0x11/0xa0 [ 20.615817] ? kasan_global_oob_right+0x286/0x2d0 [ 20.615847] kasan_report+0x141/0x180 [ 20.615901] ? kasan_global_oob_right+0x286/0x2d0 [ 20.615943] __asan_report_load1_noabort+0x18/0x20 [ 20.615980] kasan_global_oob_right+0x286/0x2d0 [ 20.616011] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 20.616044] ? __schedule+0x10cc/0x2b60 [ 20.616076] ? __pfx_read_tsc+0x10/0x10 [ 20.616119] ? ktime_get_ts64+0x86/0x230 [ 20.616170] kunit_try_run_case+0x1a5/0x480 [ 20.616211] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.616245] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.616279] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.616313] ? __kthread_parkme+0x82/0x180 [ 20.616341] ? preempt_count_sub+0x50/0x80 [ 20.616374] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.616409] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.616443] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.616478] kthread+0x337/0x6f0 [ 20.616507] ? trace_preempt_on+0x20/0xc0 [ 20.616586] ? __pfx_kthread+0x10/0x10 [ 20.616667] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.616750] ? calculate_sigpending+0x7b/0xa0 [ 20.616830] ? __pfx_kthread+0x10/0x10 [ 20.616865] ret_from_fork+0x116/0x1d0 [ 20.616921] ? __pfx_kthread+0x10/0x10 [ 20.616953] ret_from_fork_asm+0x1a/0x30 [ 20.616997] </TASK> [ 20.617013] [ 20.638927] The buggy address belongs to the variable: [ 20.639425] global_array+0xd/0x40 [ 20.640166] [ 20.640689] The buggy address belongs to the physical page: [ 20.641413] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2b876 [ 20.642600] flags: 0x100000000002000(reserved|node=0|zone=1) [ 20.643073] raw: 0100000000002000 ffffea0000ae1d88 ffffea0000ae1d88 0000000000000000 [ 20.643911] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.644780] page dumped because: kasan: bad access detected [ 20.645729] [ 20.646310] Memory state around the buggy address: [ 20.647066] ffffffffbf276d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.648212] ffffffffbf276e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.648893] >ffffffffbf276e80: 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 20.649600] ^ [ 20.650001] ffffffffbf276f00: 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 [ 20.650779] ffffffffbf276f80: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 20.651681] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 20.561396] ================================================================== [ 20.562769] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 20.563563] Free of addr ffff888103990001 by task kunit_try_catch/261 [ 20.564748] [ 20.564945] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 20.565012] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.565030] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.565062] Call Trace: [ 20.565077] <TASK> [ 20.565098] dump_stack_lvl+0x73/0xb0 [ 20.565542] print_report+0xd1/0x650 [ 20.565803] ? __virt_addr_valid+0x1db/0x2d0 [ 20.565847] ? kasan_addr_to_slab+0x11/0xa0 [ 20.565906] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 20.565953] kasan_report_invalid_free+0x10a/0x130 [ 20.565992] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 20.566036] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 20.566075] __kasan_mempool_poison_object+0x102/0x1d0 [ 20.566151] mempool_free+0x2ec/0x380 [ 20.566192] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 20.566233] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 20.566286] ? __kasan_check_write+0x18/0x20 [ 20.566317] ? __pfx_sched_clock_cpu+0x10/0x10 [ 20.566351] ? finish_task_switch.isra.0+0x153/0x700 [ 20.566390] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 20.566430] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 20.566473] ? __pfx_mempool_kmalloc+0x10/0x10 [ 20.566509] ? __pfx_mempool_kfree+0x10/0x10 [ 20.566614] ? __pfx_read_tsc+0x10/0x10 [ 20.566669] ? ktime_get_ts64+0x86/0x230 [ 20.566707] kunit_try_run_case+0x1a5/0x480 [ 20.566750] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.566788] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.566826] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.566864] ? __kthread_parkme+0x82/0x180 [ 20.566924] ? preempt_count_sub+0x50/0x80 [ 20.566961] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.567000] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.567038] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.567078] kthread+0x337/0x6f0 [ 20.567142] ? trace_preempt_on+0x20/0xc0 [ 20.567185] ? __pfx_kthread+0x10/0x10 [ 20.567217] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.567251] ? calculate_sigpending+0x7b/0xa0 [ 20.567291] ? __pfx_kthread+0x10/0x10 [ 20.567323] ret_from_fork+0x116/0x1d0 [ 20.567350] ? __pfx_kthread+0x10/0x10 [ 20.567382] ret_from_fork_asm+0x1a/0x30 [ 20.567426] </TASK> [ 20.567441] [ 20.592448] The buggy address belongs to the physical page: [ 20.593086] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103990 [ 20.594033] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.594904] flags: 0x200000000000040(head|node=0|zone=2) [ 20.595461] page_type: f8(unknown) [ 20.595985] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.596836] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.597762] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.598392] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.599222] head: 0200000000000002 ffffea00040e6401 00000000ffffffff 00000000ffffffff [ 20.599936] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.600788] page dumped because: kasan: bad access detected [ 20.601325] [ 20.601715] Memory state around the buggy address: [ 20.602216] ffff88810398ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.603021] ffff88810398ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.603806] >ffff888103990000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.604489] ^ [ 20.605028] ffff888103990080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.605857] ffff888103990100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.606565] ================================================================== [ 20.496028] ================================================================== [ 20.497260] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 20.498176] Free of addr ffff888103314001 by task kunit_try_catch/259 [ 20.499175] [ 20.499646] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 20.499773] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.499815] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.499899] Call Trace: [ 20.500099] <TASK> [ 20.500169] dump_stack_lvl+0x73/0xb0 [ 20.500231] print_report+0xd1/0x650 [ 20.500267] ? __virt_addr_valid+0x1db/0x2d0 [ 20.500304] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.500337] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 20.500374] kasan_report_invalid_free+0x10a/0x130 [ 20.500409] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 20.500447] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 20.500482] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 20.500527] check_slab_allocation+0x11f/0x130 [ 20.500653] __kasan_mempool_poison_object+0x91/0x1d0 [ 20.500693] mempool_free+0x2ec/0x380 [ 20.500728] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 20.500766] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 20.500807] ? __kasan_check_write+0x18/0x20 [ 20.500835] ? __pfx_sched_clock_cpu+0x10/0x10 [ 20.500866] ? finish_task_switch.isra.0+0x153/0x700 [ 20.500934] mempool_kmalloc_invalid_free+0xed/0x140 [ 20.500970] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 20.501009] ? __pfx_mempool_kmalloc+0x10/0x10 [ 20.501044] ? __pfx_mempool_kfree+0x10/0x10 [ 20.501079] ? __pfx_read_tsc+0x10/0x10 [ 20.501117] ? ktime_get_ts64+0x86/0x230 [ 20.501175] kunit_try_run_case+0x1a5/0x480 [ 20.501216] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.501250] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.501285] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.501320] ? __kthread_parkme+0x82/0x180 [ 20.501348] ? preempt_count_sub+0x50/0x80 [ 20.501379] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.501414] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.501448] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.501483] kthread+0x337/0x6f0 [ 20.501519] ? trace_preempt_on+0x20/0xc0 [ 20.501602] ? __pfx_kthread+0x10/0x10 [ 20.501661] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.501694] ? calculate_sigpending+0x7b/0xa0 [ 20.501732] ? __pfx_kthread+0x10/0x10 [ 20.501762] ret_from_fork+0x116/0x1d0 [ 20.501790] ? __pfx_kthread+0x10/0x10 [ 20.501820] ret_from_fork_asm+0x1a/0x30 [ 20.501864] </TASK> [ 20.501900] [ 20.527250] Allocated by task 259: [ 20.527651] kasan_save_stack+0x45/0x70 [ 20.528109] kasan_save_track+0x18/0x40 [ 20.528550] kasan_save_alloc_info+0x3b/0x50 [ 20.530329] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 20.531325] remove_element+0x11e/0x190 [ 20.531634] mempool_alloc_preallocated+0x4d/0x90 [ 20.532014] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 20.532437] mempool_kmalloc_invalid_free+0xed/0x140 [ 20.532818] kunit_try_run_case+0x1a5/0x480 [ 20.533540] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.533905] kthread+0x337/0x6f0 [ 20.534188] ret_from_fork+0x116/0x1d0 [ 20.534511] ret_from_fork_asm+0x1a/0x30 [ 20.534804] [ 20.535111] The buggy address belongs to the object at ffff888103314000 [ 20.535111] which belongs to the cache kmalloc-128 of size 128 [ 20.536980] The buggy address is located 1 bytes inside of [ 20.536980] 128-byte region [ffff888103314000, ffff888103314080) [ 20.541130] [ 20.541469] The buggy address belongs to the physical page: [ 20.542007] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103314 [ 20.542529] flags: 0x200000000000000(node=0|zone=2) [ 20.545249] page_type: f5(slab) [ 20.545616] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 20.546305] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.547936] page dumped because: kasan: bad access detected [ 20.548292] [ 20.548441] Memory state around the buggy address: [ 20.550279] ffff888103313f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.551264] ffff888103313f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.552225] >ffff888103314000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.553460] ^ [ 20.553851] ffff888103314080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.554461] ffff888103314100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.555191] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 20.335164] ================================================================== [ 20.336191] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 20.337138] Free of addr ffff8881038d5a00 by task kunit_try_catch/253 [ 20.338164] [ 20.338675] CPU: 1 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 20.338794] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.338832] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.338910] Call Trace: [ 20.338947] <TASK> [ 20.338971] dump_stack_lvl+0x73/0xb0 [ 20.339017] print_report+0xd1/0x650 [ 20.339050] ? __virt_addr_valid+0x1db/0x2d0 [ 20.339084] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.339136] ? mempool_double_free_helper+0x184/0x370 [ 20.339185] kasan_report_invalid_free+0x10a/0x130 [ 20.339222] ? mempool_double_free_helper+0x184/0x370 [ 20.339259] ? mempool_double_free_helper+0x184/0x370 [ 20.339293] ? mempool_double_free_helper+0x184/0x370 [ 20.339326] check_slab_allocation+0x101/0x130 [ 20.339356] __kasan_mempool_poison_object+0x91/0x1d0 [ 20.339392] mempool_free+0x2ec/0x380 [ 20.339426] mempool_double_free_helper+0x184/0x370 [ 20.339461] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 20.339497] ? __kasan_check_write+0x18/0x20 [ 20.339726] ? __pfx_sched_clock_cpu+0x10/0x10 [ 20.339814] ? finish_task_switch.isra.0+0x153/0x700 [ 20.339978] mempool_kmalloc_double_free+0xed/0x140 [ 20.340021] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 20.340063] ? __pfx_mempool_kmalloc+0x10/0x10 [ 20.340104] ? __pfx_mempool_kfree+0x10/0x10 [ 20.340168] ? __pfx_read_tsc+0x10/0x10 [ 20.340201] ? ktime_get_ts64+0x86/0x230 [ 20.340234] kunit_try_run_case+0x1a5/0x480 [ 20.340270] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.340304] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.340341] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.340375] ? __kthread_parkme+0x82/0x180 [ 20.340401] ? preempt_count_sub+0x50/0x80 [ 20.340433] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.340470] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.340502] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.340575] kthread+0x337/0x6f0 [ 20.340654] ? trace_preempt_on+0x20/0xc0 [ 20.340709] ? __pfx_kthread+0x10/0x10 [ 20.340743] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.340775] ? calculate_sigpending+0x7b/0xa0 [ 20.340809] ? __pfx_kthread+0x10/0x10 [ 20.340840] ret_from_fork+0x116/0x1d0 [ 20.340865] ? __pfx_kthread+0x10/0x10 [ 20.340923] ret_from_fork_asm+0x1a/0x30 [ 20.340967] </TASK> [ 20.340982] [ 20.360153] Allocated by task 253: [ 20.360680] kasan_save_stack+0x45/0x70 [ 20.361174] kasan_save_track+0x18/0x40 [ 20.361821] kasan_save_alloc_info+0x3b/0x50 [ 20.362377] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 20.363175] remove_element+0x11e/0x190 [ 20.363737] mempool_alloc_preallocated+0x4d/0x90 [ 20.364302] mempool_double_free_helper+0x8a/0x370 [ 20.364927] mempool_kmalloc_double_free+0xed/0x140 [ 20.365500] kunit_try_run_case+0x1a5/0x480 [ 20.366180] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.366850] kthread+0x337/0x6f0 [ 20.367304] ret_from_fork+0x116/0x1d0 [ 20.367740] ret_from_fork_asm+0x1a/0x30 [ 20.368444] [ 20.368795] Freed by task 253: [ 20.369143] kasan_save_stack+0x45/0x70 [ 20.369720] kasan_save_track+0x18/0x40 [ 20.370217] kasan_save_free_info+0x3f/0x60 [ 20.370843] __kasan_mempool_poison_object+0x131/0x1d0 [ 20.371301] mempool_free+0x2ec/0x380 [ 20.371801] mempool_double_free_helper+0x109/0x370 [ 20.372455] mempool_kmalloc_double_free+0xed/0x140 [ 20.373188] kunit_try_run_case+0x1a5/0x480 [ 20.373871] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.374484] kthread+0x337/0x6f0 [ 20.375002] ret_from_fork+0x116/0x1d0 [ 20.375334] ret_from_fork_asm+0x1a/0x30 [ 20.375761] [ 20.376220] The buggy address belongs to the object at ffff8881038d5a00 [ 20.376220] which belongs to the cache kmalloc-128 of size 128 [ 20.377437] The buggy address is located 0 bytes inside of [ 20.377437] 128-byte region [ffff8881038d5a00, ffff8881038d5a80) [ 20.378743] [ 20.379014] The buggy address belongs to the physical page: [ 20.379527] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038d5 [ 20.380390] flags: 0x200000000000000(node=0|zone=2) [ 20.381034] page_type: f5(slab) [ 20.381461] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 20.382226] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.383124] page dumped because: kasan: bad access detected [ 20.384182] [ 20.384384] Memory state around the buggy address: [ 20.385035] ffff8881038d5900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.385847] ffff8881038d5980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.386673] >ffff8881038d5a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.387314] ^ [ 20.388024] ffff8881038d5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.388721] ffff8881038d5b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.389322] ================================================================== [ 20.447837] ================================================================== [ 20.449058] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 20.450775] Free of addr ffff888102a48000 by task kunit_try_catch/257 [ 20.452610] [ 20.452764] CPU: 1 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 20.452829] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.452847] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.452901] Call Trace: [ 20.452943] <TASK> [ 20.452985] dump_stack_lvl+0x73/0xb0 [ 20.453075] print_report+0xd1/0x650 [ 20.453215] ? __virt_addr_valid+0x1db/0x2d0 [ 20.453284] ? kasan_addr_to_slab+0x11/0xa0 [ 20.453322] ? mempool_double_free_helper+0x184/0x370 [ 20.453396] kasan_report_invalid_free+0x10a/0x130 [ 20.453437] ? mempool_double_free_helper+0x184/0x370 [ 20.453475] ? mempool_double_free_helper+0x184/0x370 [ 20.453510] __kasan_mempool_poison_pages+0x115/0x130 [ 20.453771] mempool_free+0x290/0x380 [ 20.453816] mempool_double_free_helper+0x184/0x370 [ 20.453855] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 20.453918] ? __kasan_check_write+0x18/0x20 [ 20.453949] ? __pfx_sched_clock_cpu+0x10/0x10 [ 20.453979] ? irqentry_exit+0x2a/0x60 [ 20.454013] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 20.454052] mempool_page_alloc_double_free+0xe8/0x140 [ 20.454089] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 20.454159] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 20.454189] ? __pfx_mempool_free_pages+0x10/0x10 [ 20.454219] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 20.454268] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 20.454308] kunit_try_run_case+0x1a5/0x480 [ 20.454348] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.454384] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.454419] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.454453] ? __kthread_parkme+0x82/0x180 [ 20.454483] ? preempt_count_sub+0x50/0x80 [ 20.454523] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.454602] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.454660] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.454696] kthread+0x337/0x6f0 [ 20.454725] ? trace_preempt_on+0x20/0xc0 [ 20.454757] ? __pfx_kthread+0x10/0x10 [ 20.454786] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.454816] ? calculate_sigpending+0x7b/0xa0 [ 20.454851] ? __pfx_kthread+0x10/0x10 [ 20.454904] ret_from_fork+0x116/0x1d0 [ 20.454937] ? __pfx_kthread+0x10/0x10 [ 20.454967] ret_from_fork_asm+0x1a/0x30 [ 20.455010] </TASK> [ 20.455024] [ 20.478702] The buggy address belongs to the physical page: [ 20.479373] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a48 [ 20.480301] flags: 0x200000000000000(node=0|zone=2) [ 20.480934] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.482313] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.482944] page dumped because: kasan: bad access detected [ 20.483714] [ 20.483954] Memory state around the buggy address: [ 20.484872] ffff888102a47f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.485575] ffff888102a47f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.486504] >ffff888102a48000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.487417] ^ [ 20.488076] ffff888102a48080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.489090] ffff888102a48100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.489909] ================================================================== [ 20.395377] ================================================================== [ 20.396703] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 20.397747] Free of addr ffff888103990000 by task kunit_try_catch/255 [ 20.398359] [ 20.398716] CPU: 0 UID: 0 PID: 255 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 20.398836] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.398891] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.398956] Call Trace: [ 20.398992] <TASK> [ 20.399155] dump_stack_lvl+0x73/0xb0 [ 20.399421] print_report+0xd1/0x650 [ 20.399487] ? __virt_addr_valid+0x1db/0x2d0 [ 20.400030] ? kasan_addr_to_slab+0x11/0xa0 [ 20.400074] ? mempool_double_free_helper+0x184/0x370 [ 20.400130] kasan_report_invalid_free+0x10a/0x130 [ 20.400181] ? mempool_double_free_helper+0x184/0x370 [ 20.400220] ? mempool_double_free_helper+0x184/0x370 [ 20.400254] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 20.400292] mempool_free+0x2ec/0x380 [ 20.400324] mempool_double_free_helper+0x184/0x370 [ 20.400359] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 20.400397] ? __kasan_check_write+0x18/0x20 [ 20.400424] ? __pfx_sched_clock_cpu+0x10/0x10 [ 20.400455] ? finish_task_switch.isra.0+0x153/0x700 [ 20.400491] mempool_kmalloc_large_double_free+0xed/0x140 [ 20.400587] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 20.400671] ? __pfx_mempool_kmalloc+0x10/0x10 [ 20.400709] ? __pfx_mempool_kfree+0x10/0x10 [ 20.400746] ? __pfx_read_tsc+0x10/0x10 [ 20.400777] ? ktime_get_ts64+0x86/0x230 [ 20.400810] kunit_try_run_case+0x1a5/0x480 [ 20.400848] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.400909] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.400951] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.400986] ? __kthread_parkme+0x82/0x180 [ 20.401014] ? preempt_count_sub+0x50/0x80 [ 20.401045] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.401080] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.401157] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.401199] kthread+0x337/0x6f0 [ 20.401228] ? trace_preempt_on+0x20/0xc0 [ 20.401262] ? __pfx_kthread+0x10/0x10 [ 20.401292] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.401323] ? calculate_sigpending+0x7b/0xa0 [ 20.401359] ? __pfx_kthread+0x10/0x10 [ 20.401389] ret_from_fork+0x116/0x1d0 [ 20.401414] ? __pfx_kthread+0x10/0x10 [ 20.401443] ret_from_fork_asm+0x1a/0x30 [ 20.401483] </TASK> [ 20.401497] [ 20.427678] The buggy address belongs to the physical page: [ 20.428255] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103990 [ 20.429004] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.429899] flags: 0x200000000000040(head|node=0|zone=2) [ 20.430535] page_type: f8(unknown) [ 20.431080] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.432187] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.432948] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.433734] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.434470] head: 0200000000000002 ffffea00040e6401 00000000ffffffff 00000000ffffffff [ 20.435261] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.436163] page dumped because: kasan: bad access detected [ 20.436673] [ 20.437075] Memory state around the buggy address: [ 20.437579] ffff88810398ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.438674] ffff88810398ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.439354] >ffff888103990000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.440297] ^ [ 20.440655] ffff888103990080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.441387] ffff888103990100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.441900] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 20.290341] ================================================================== [ 20.291762] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 20.292828] Read of size 1 at addr ffff888103990000 by task kunit_try_catch/251 [ 20.293506] [ 20.293797] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 20.293941] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.293981] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.294044] Call Trace: [ 20.294084] <TASK> [ 20.294127] dump_stack_lvl+0x73/0xb0 [ 20.294514] print_report+0xd1/0x650 [ 20.294696] ? __virt_addr_valid+0x1db/0x2d0 [ 20.294780] ? mempool_uaf_helper+0x392/0x400 [ 20.294854] ? kasan_addr_to_slab+0x11/0xa0 [ 20.294944] ? mempool_uaf_helper+0x392/0x400 [ 20.294988] kasan_report+0x141/0x180 [ 20.295022] ? mempool_uaf_helper+0x392/0x400 [ 20.295060] __asan_report_load1_noabort+0x18/0x20 [ 20.295101] mempool_uaf_helper+0x392/0x400 [ 20.295177] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 20.295212] ? update_load_avg+0x1be/0x21b0 [ 20.295248] ? dequeue_entities+0x27e/0x1740 [ 20.295283] ? finish_task_switch.isra.0+0x153/0x700 [ 20.295319] mempool_page_alloc_uaf+0xed/0x140 [ 20.295353] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 20.295391] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 20.295421] ? __pfx_mempool_free_pages+0x10/0x10 [ 20.295450] ? __pfx_read_tsc+0x10/0x10 [ 20.295480] ? ktime_get_ts64+0x86/0x230 [ 20.295515] kunit_try_run_case+0x1a5/0x480 [ 20.295644] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.295685] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.295721] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.295755] ? __kthread_parkme+0x82/0x180 [ 20.295783] ? preempt_count_sub+0x50/0x80 [ 20.295815] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.295850] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.295908] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.295949] kthread+0x337/0x6f0 [ 20.295978] ? trace_preempt_on+0x20/0xc0 [ 20.296010] ? __pfx_kthread+0x10/0x10 [ 20.296040] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.296070] ? calculate_sigpending+0x7b/0xa0 [ 20.296128] ? __pfx_kthread+0x10/0x10 [ 20.296176] ret_from_fork+0x116/0x1d0 [ 20.296203] ? __pfx_kthread+0x10/0x10 [ 20.296233] ret_from_fork_asm+0x1a/0x30 [ 20.296274] </TASK> [ 20.296288] [ 20.317729] The buggy address belongs to the physical page: [ 20.318206] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103990 [ 20.318997] flags: 0x200000000000000(node=0|zone=2) [ 20.320929] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.321632] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.322775] page dumped because: kasan: bad access detected [ 20.323343] [ 20.323524] Memory state around the buggy address: [ 20.324112] ffff88810398ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.324715] ffff88810398ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.325327] >ffff888103990000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.325919] ^ [ 20.326217] ffff888103990080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.326812] ffff888103990100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.328001] ================================================================== [ 20.172808] ================================================================== [ 20.173713] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 20.174643] Read of size 1 at addr ffff888102a48000 by task kunit_try_catch/247 [ 20.175320] [ 20.175635] CPU: 1 UID: 0 PID: 247 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 20.175763] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.175806] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.175869] Call Trace: [ 20.175984] <TASK> [ 20.176062] dump_stack_lvl+0x73/0xb0 [ 20.176158] print_report+0xd1/0x650 [ 20.176239] ? __virt_addr_valid+0x1db/0x2d0 [ 20.176379] ? mempool_uaf_helper+0x392/0x400 [ 20.176483] ? kasan_addr_to_slab+0x11/0xa0 [ 20.176713] ? mempool_uaf_helper+0x392/0x400 [ 20.176797] kasan_report+0x141/0x180 [ 20.176893] ? mempool_uaf_helper+0x392/0x400 [ 20.176985] __asan_report_load1_noabort+0x18/0x20 [ 20.177037] mempool_uaf_helper+0x392/0x400 [ 20.177074] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 20.177122] ? __kasan_check_write+0x18/0x20 [ 20.177172] ? __pfx_sched_clock_cpu+0x10/0x10 [ 20.177209] ? finish_task_switch.isra.0+0x153/0x700 [ 20.177247] mempool_kmalloc_large_uaf+0xef/0x140 [ 20.177282] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 20.177319] ? __pfx_mempool_kmalloc+0x10/0x10 [ 20.177355] ? __pfx_mempool_kfree+0x10/0x10 [ 20.177390] ? __pfx_read_tsc+0x10/0x10 [ 20.177420] ? ktime_get_ts64+0x86/0x230 [ 20.177454] kunit_try_run_case+0x1a5/0x480 [ 20.177491] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.177589] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.177684] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.177731] ? __kthread_parkme+0x82/0x180 [ 20.177798] ? preempt_count_sub+0x50/0x80 [ 20.177835] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.177873] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.177938] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.177974] kthread+0x337/0x6f0 [ 20.178004] ? trace_preempt_on+0x20/0xc0 [ 20.178039] ? __pfx_kthread+0x10/0x10 [ 20.178067] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.178111] ? calculate_sigpending+0x7b/0xa0 [ 20.178180] ? __pfx_kthread+0x10/0x10 [ 20.178213] ret_from_fork+0x116/0x1d0 [ 20.178240] ? __pfx_kthread+0x10/0x10 [ 20.178280] ret_from_fork_asm+0x1a/0x30 [ 20.178323] </TASK> [ 20.178337] [ 20.203387] The buggy address belongs to the physical page: [ 20.203973] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a48 [ 20.204890] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.205700] flags: 0x200000000000040(head|node=0|zone=2) [ 20.206192] page_type: f8(unknown) [ 20.207195] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.208126] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.208905] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.209787] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.210895] head: 0200000000000002 ffffea00040a9201 00000000ffffffff 00000000ffffffff [ 20.211706] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.212298] page dumped because: kasan: bad access detected [ 20.212761] [ 20.212994] Memory state around the buggy address: [ 20.214066] ffff888102a47f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.214947] ffff888102a47f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.215683] >ffff888102a48000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.216486] ^ [ 20.216840] ffff888102a48080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.217642] ffff888102a48100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.218207] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 20.101914] ================================================================== [ 20.103367] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 20.103966] Read of size 1 at addr ffff8881032f7c00 by task kunit_try_catch/245 [ 20.104573] [ 20.104846] CPU: 0 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 20.105167] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.105206] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.105271] Call Trace: [ 20.105306] <TASK> [ 20.105349] dump_stack_lvl+0x73/0xb0 [ 20.105435] print_report+0xd1/0x650 [ 20.105506] ? __virt_addr_valid+0x1db/0x2d0 [ 20.105751] ? mempool_uaf_helper+0x392/0x400 [ 20.105857] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.105954] ? mempool_uaf_helper+0x392/0x400 [ 20.106089] kasan_report+0x141/0x180 [ 20.106188] ? mempool_uaf_helper+0x392/0x400 [ 20.106298] __asan_report_load1_noabort+0x18/0x20 [ 20.106342] mempool_uaf_helper+0x392/0x400 [ 20.106378] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 20.106412] ? __kasan_check_write+0x18/0x20 [ 20.106441] ? __pfx_sched_clock_cpu+0x10/0x10 [ 20.106473] ? finish_task_switch.isra.0+0x153/0x700 [ 20.106511] mempool_kmalloc_uaf+0xef/0x140 [ 20.106629] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 20.106681] ? __pfx_mempool_kmalloc+0x10/0x10 [ 20.106717] ? __pfx_mempool_kfree+0x10/0x10 [ 20.106752] ? __pfx_read_tsc+0x10/0x10 [ 20.106782] ? ktime_get_ts64+0x86/0x230 [ 20.106815] kunit_try_run_case+0x1a5/0x480 [ 20.106852] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.106919] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.106958] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.106993] ? __kthread_parkme+0x82/0x180 [ 20.107020] ? preempt_count_sub+0x50/0x80 [ 20.107051] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.107086] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.107168] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.107209] kthread+0x337/0x6f0 [ 20.107238] ? trace_preempt_on+0x20/0xc0 [ 20.107269] ? __pfx_kthread+0x10/0x10 [ 20.107298] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.107329] ? calculate_sigpending+0x7b/0xa0 [ 20.107364] ? __pfx_kthread+0x10/0x10 [ 20.107393] ret_from_fork+0x116/0x1d0 [ 20.107418] ? __pfx_kthread+0x10/0x10 [ 20.107447] ret_from_fork_asm+0x1a/0x30 [ 20.107489] </TASK> [ 20.107503] [ 20.133166] Allocated by task 245: [ 20.133533] kasan_save_stack+0x45/0x70 [ 20.134468] kasan_save_track+0x18/0x40 [ 20.134893] kasan_save_alloc_info+0x3b/0x50 [ 20.135609] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 20.136426] remove_element+0x11e/0x190 [ 20.136910] mempool_alloc_preallocated+0x4d/0x90 [ 20.137762] mempool_uaf_helper+0x96/0x400 [ 20.138220] mempool_kmalloc_uaf+0xef/0x140 [ 20.138607] kunit_try_run_case+0x1a5/0x480 [ 20.139068] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.140141] kthread+0x337/0x6f0 [ 20.140835] ret_from_fork+0x116/0x1d0 [ 20.141168] ret_from_fork_asm+0x1a/0x30 [ 20.142179] [ 20.142287] Freed by task 245: [ 20.142424] kasan_save_stack+0x45/0x70 [ 20.142586] kasan_save_track+0x18/0x40 [ 20.142741] kasan_save_free_info+0x3f/0x60 [ 20.143192] __kasan_mempool_poison_object+0x131/0x1d0 [ 20.144239] mempool_free+0x2ec/0x380 [ 20.145263] mempool_uaf_helper+0x11a/0x400 [ 20.145871] mempool_kmalloc_uaf+0xef/0x140 [ 20.146588] kunit_try_run_case+0x1a5/0x480 [ 20.147279] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.148604] kthread+0x337/0x6f0 [ 20.149313] ret_from_fork+0x116/0x1d0 [ 20.149609] ret_from_fork_asm+0x1a/0x30 [ 20.150152] [ 20.150427] The buggy address belongs to the object at ffff8881032f7c00 [ 20.150427] which belongs to the cache kmalloc-128 of size 128 [ 20.151789] The buggy address is located 0 bytes inside of [ 20.151789] freed 128-byte region [ffff8881032f7c00, ffff8881032f7c80) [ 20.153462] [ 20.154060] The buggy address belongs to the physical page: [ 20.154808] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1032f7 [ 20.155510] flags: 0x200000000000000(node=0|zone=2) [ 20.155926] page_type: f5(slab) [ 20.156814] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 20.157895] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.158762] page dumped because: kasan: bad access detected [ 20.159353] [ 20.159449] Memory state around the buggy address: [ 20.160372] ffff8881032f7b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.161362] ffff8881032f7b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.162510] >ffff8881032f7c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.163500] ^ [ 20.163794] ffff8881032f7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.165035] ffff8881032f7d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.166113] ================================================================== [ 20.225329] ================================================================== [ 20.226294] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 20.226959] Read of size 1 at addr ffff8881038ed240 by task kunit_try_catch/249 [ 20.227996] [ 20.228453] CPU: 1 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 20.228576] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.228616] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.228700] Call Trace: [ 20.228764] <TASK> [ 20.228809] dump_stack_lvl+0x73/0xb0 [ 20.228911] print_report+0xd1/0x650 [ 20.228952] ? __virt_addr_valid+0x1db/0x2d0 [ 20.228986] ? mempool_uaf_helper+0x392/0x400 [ 20.229019] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.229052] ? mempool_uaf_helper+0x392/0x400 [ 20.229085] kasan_report+0x141/0x180 [ 20.229168] ? mempool_uaf_helper+0x392/0x400 [ 20.229210] __asan_report_load1_noabort+0x18/0x20 [ 20.229247] mempool_uaf_helper+0x392/0x400 [ 20.229280] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 20.229315] ? __pfx_sched_clock_cpu+0x10/0x10 [ 20.229348] ? finish_task_switch.isra.0+0x153/0x700 [ 20.229384] mempool_slab_uaf+0xea/0x140 [ 20.229417] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 20.229455] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 20.229483] ? __pfx_mempool_free_slab+0x10/0x10 [ 20.229514] ? __pfx_read_tsc+0x10/0x10 [ 20.229544] ? ktime_get_ts64+0x86/0x230 [ 20.229576] kunit_try_run_case+0x1a5/0x480 [ 20.229612] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.229647] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.229680] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.229714] ? __kthread_parkme+0x82/0x180 [ 20.229741] ? preempt_count_sub+0x50/0x80 [ 20.229773] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.229808] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.229842] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.229904] kthread+0x337/0x6f0 [ 20.229935] ? trace_preempt_on+0x20/0xc0 [ 20.229967] ? __pfx_kthread+0x10/0x10 [ 20.229996] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.230026] ? calculate_sigpending+0x7b/0xa0 [ 20.230061] ? __pfx_kthread+0x10/0x10 [ 20.230092] ret_from_fork+0x116/0x1d0 [ 20.230153] ? __pfx_kthread+0x10/0x10 [ 20.230186] ret_from_fork_asm+0x1a/0x30 [ 20.230230] </TASK> [ 20.230245] [ 20.247337] Allocated by task 249: [ 20.247625] kasan_save_stack+0x45/0x70 [ 20.248135] kasan_save_track+0x18/0x40 [ 20.248756] kasan_save_alloc_info+0x3b/0x50 [ 20.249533] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 20.250090] remove_element+0x11e/0x190 [ 20.250482] mempool_alloc_preallocated+0x4d/0x90 [ 20.250837] mempool_uaf_helper+0x96/0x400 [ 20.251378] mempool_slab_uaf+0xea/0x140 [ 20.251857] kunit_try_run_case+0x1a5/0x480 [ 20.252596] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.252972] kthread+0x337/0x6f0 [ 20.254962] ret_from_fork+0x116/0x1d0 [ 20.255659] ret_from_fork_asm+0x1a/0x30 [ 20.255999] [ 20.256581] Freed by task 249: [ 20.257333] kasan_save_stack+0x45/0x70 [ 20.257803] kasan_save_track+0x18/0x40 [ 20.258243] kasan_save_free_info+0x3f/0x60 [ 20.258670] __kasan_mempool_poison_object+0x131/0x1d0 [ 20.259123] mempool_free+0x2ec/0x380 [ 20.259628] mempool_uaf_helper+0x11a/0x400 [ 20.260086] mempool_slab_uaf+0xea/0x140 [ 20.260570] kunit_try_run_case+0x1a5/0x480 [ 20.261053] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.261622] kthread+0x337/0x6f0 [ 20.261996] ret_from_fork+0x116/0x1d0 [ 20.262488] ret_from_fork_asm+0x1a/0x30 [ 20.262966] [ 20.263174] The buggy address belongs to the object at ffff8881038ed240 [ 20.263174] which belongs to the cache test_cache of size 123 [ 20.264227] The buggy address is located 0 bytes inside of [ 20.264227] freed 123-byte region [ffff8881038ed240, ffff8881038ed2bb) [ 20.265276] [ 20.265463] The buggy address belongs to the physical page: [ 20.265948] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ed [ 20.266891] flags: 0x200000000000000(node=0|zone=2) [ 20.267303] page_type: f5(slab) [ 20.267719] raw: 0200000000000000 ffff88810111b640 dead000000000122 0000000000000000 [ 20.268463] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 20.269158] page dumped because: kasan: bad access detected [ 20.269606] [ 20.269815] Memory state around the buggy address: [ 20.270227] ffff8881038ed100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.270680] ffff8881038ed180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.271238] >ffff8881038ed200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 20.274203] ^ [ 20.274514] ffff8881038ed280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.274903] ffff8881038ed300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.275412] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 20.039856] ================================================================== [ 20.040837] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 20.041721] Read of size 1 at addr ffff8881038eb2bb by task kunit_try_catch/243 [ 20.042802] [ 20.043018] CPU: 1 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 20.043084] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.043109] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.043583] Call Trace: [ 20.043626] <TASK> [ 20.043670] dump_stack_lvl+0x73/0xb0 [ 20.043733] print_report+0xd1/0x650 [ 20.043770] ? __virt_addr_valid+0x1db/0x2d0 [ 20.043804] ? mempool_oob_right_helper+0x318/0x380 [ 20.043838] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.043870] ? mempool_oob_right_helper+0x318/0x380 [ 20.043963] kasan_report+0x141/0x180 [ 20.044268] ? mempool_oob_right_helper+0x318/0x380 [ 20.044316] __asan_report_load1_noabort+0x18/0x20 [ 20.044353] mempool_oob_right_helper+0x318/0x380 [ 20.044388] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 20.044426] ? __pfx_sched_clock_cpu+0x10/0x10 [ 20.044459] ? finish_task_switch.isra.0+0x153/0x700 [ 20.044497] mempool_slab_oob_right+0xed/0x140 [ 20.044592] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 20.044669] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 20.044704] ? __pfx_mempool_free_slab+0x10/0x10 [ 20.044735] ? __pfx_read_tsc+0x10/0x10 [ 20.044765] ? ktime_get_ts64+0x86/0x230 [ 20.044799] kunit_try_run_case+0x1a5/0x480 [ 20.044839] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.044874] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.044941] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.044977] ? __kthread_parkme+0x82/0x180 [ 20.045006] ? preempt_count_sub+0x50/0x80 [ 20.045037] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.045073] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.045130] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.045181] kthread+0x337/0x6f0 [ 20.045213] ? trace_preempt_on+0x20/0xc0 [ 20.045247] ? __pfx_kthread+0x10/0x10 [ 20.045277] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.045309] ? calculate_sigpending+0x7b/0xa0 [ 20.045343] ? __pfx_kthread+0x10/0x10 [ 20.045373] ret_from_fork+0x116/0x1d0 [ 20.045399] ? __pfx_kthread+0x10/0x10 [ 20.045428] ret_from_fork_asm+0x1a/0x30 [ 20.045470] </TASK> [ 20.045486] [ 20.068032] Allocated by task 243: [ 20.068467] kasan_save_stack+0x45/0x70 [ 20.069440] kasan_save_track+0x18/0x40 [ 20.070038] kasan_save_alloc_info+0x3b/0x50 [ 20.070768] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 20.071321] remove_element+0x11e/0x190 [ 20.072037] mempool_alloc_preallocated+0x4d/0x90 [ 20.072889] mempool_oob_right_helper+0x8a/0x380 [ 20.073486] mempool_slab_oob_right+0xed/0x140 [ 20.074084] kunit_try_run_case+0x1a5/0x480 [ 20.074864] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.075670] kthread+0x337/0x6f0 [ 20.076118] ret_from_fork+0x116/0x1d0 [ 20.076488] ret_from_fork_asm+0x1a/0x30 [ 20.076934] [ 20.077171] The buggy address belongs to the object at ffff8881038eb240 [ 20.077171] which belongs to the cache test_cache of size 123 [ 20.078456] The buggy address is located 0 bytes to the right of [ 20.078456] allocated 123-byte region [ffff8881038eb240, ffff8881038eb2bb) [ 20.079676] [ 20.080156] The buggy address belongs to the physical page: [ 20.080855] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038eb [ 20.081836] flags: 0x200000000000000(node=0|zone=2) [ 20.082451] page_type: f5(slab) [ 20.083050] raw: 0200000000000000 ffff88810111b500 dead000000000122 0000000000000000 [ 20.083969] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 20.084638] page dumped because: kasan: bad access detected [ 20.085377] [ 20.085855] Memory state around the buggy address: [ 20.086336] ffff8881038eb180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.087425] ffff8881038eb200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 20.088192] >ffff8881038eb280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 20.088794] ^ [ 20.089383] ffff8881038eb300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.090343] ffff8881038eb380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.091152] ================================================================== [ 19.930039] ================================================================== [ 19.931271] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 19.931931] Read of size 1 at addr ffff8881038d5673 by task kunit_try_catch/239 [ 19.932774] [ 19.933110] CPU: 1 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 19.933245] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.933282] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.933346] Call Trace: [ 19.933384] <TASK> [ 19.933437] dump_stack_lvl+0x73/0xb0 [ 19.933530] print_report+0xd1/0x650 [ 19.933686] ? __virt_addr_valid+0x1db/0x2d0 [ 19.933733] ? mempool_oob_right_helper+0x318/0x380 [ 19.933810] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.933933] ? mempool_oob_right_helper+0x318/0x380 [ 19.934012] kasan_report+0x141/0x180 [ 19.934082] ? mempool_oob_right_helper+0x318/0x380 [ 19.934173] __asan_report_load1_noabort+0x18/0x20 [ 19.934251] mempool_oob_right_helper+0x318/0x380 [ 19.934334] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 19.934376] ? __kasan_check_write+0x18/0x20 [ 19.934406] ? __pfx_sched_clock_cpu+0x10/0x10 [ 19.934439] ? finish_task_switch.isra.0+0x153/0x700 [ 19.934476] mempool_kmalloc_oob_right+0xf2/0x150 [ 19.934518] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 19.934643] ? __pfx_mempool_kmalloc+0x10/0x10 [ 19.934688] ? __pfx_mempool_kfree+0x10/0x10 [ 19.934724] ? __pfx_read_tsc+0x10/0x10 [ 19.934754] ? ktime_get_ts64+0x86/0x230 [ 19.934790] kunit_try_run_case+0x1a5/0x480 [ 19.934830] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.934865] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.934932] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.934969] ? __kthread_parkme+0x82/0x180 [ 19.935000] ? preempt_count_sub+0x50/0x80 [ 19.935034] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.935070] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.935123] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.935179] kthread+0x337/0x6f0 [ 19.935211] ? trace_preempt_on+0x20/0xc0 [ 19.935246] ? __pfx_kthread+0x10/0x10 [ 19.935276] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.935307] ? calculate_sigpending+0x7b/0xa0 [ 19.935343] ? __pfx_kthread+0x10/0x10 [ 19.935373] ret_from_fork+0x116/0x1d0 [ 19.935398] ? __pfx_kthread+0x10/0x10 [ 19.935427] ret_from_fork_asm+0x1a/0x30 [ 19.935470] </TASK> [ 19.935486] [ 19.957416] Allocated by task 239: [ 19.958052] kasan_save_stack+0x45/0x70 [ 19.958906] kasan_save_track+0x18/0x40 [ 19.959319] kasan_save_alloc_info+0x3b/0x50 [ 19.959814] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 19.960436] remove_element+0x11e/0x190 [ 19.961058] mempool_alloc_preallocated+0x4d/0x90 [ 19.961526] mempool_oob_right_helper+0x8a/0x380 [ 19.961998] mempool_kmalloc_oob_right+0xf2/0x150 [ 19.962750] kunit_try_run_case+0x1a5/0x480 [ 19.963183] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.963901] kthread+0x337/0x6f0 [ 19.964446] ret_from_fork+0x116/0x1d0 [ 19.965200] ret_from_fork_asm+0x1a/0x30 [ 19.966397] [ 19.966863] The buggy address belongs to the object at ffff8881038d5600 [ 19.966863] which belongs to the cache kmalloc-128 of size 128 [ 19.968297] The buggy address is located 0 bytes to the right of [ 19.968297] allocated 115-byte region [ffff8881038d5600, ffff8881038d5673) [ 19.969902] [ 19.970108] The buggy address belongs to the physical page: [ 19.970802] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038d5 [ 19.971916] flags: 0x200000000000000(node=0|zone=2) [ 19.972339] page_type: f5(slab) [ 19.972496] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 19.972752] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.973196] page dumped because: kasan: bad access detected [ 19.974335] [ 19.974973] Memory state around the buggy address: [ 19.975575] ffff8881038d5500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.976370] ffff8881038d5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.976942] >ffff8881038d5600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.977601] ^ [ 19.978496] ffff8881038d5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.979291] ffff8881038d5700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.979893] ================================================================== [ 19.986444] ================================================================== [ 19.988171] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 19.989437] Read of size 1 at addr ffff88810398e001 by task kunit_try_catch/241 [ 19.990226] [ 19.990559] CPU: 0 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 19.990834] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.990941] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.991035] Call Trace: [ 19.991075] <TASK> [ 19.991123] dump_stack_lvl+0x73/0xb0 [ 19.991189] print_report+0xd1/0x650 [ 19.991226] ? __virt_addr_valid+0x1db/0x2d0 [ 19.991260] ? mempool_oob_right_helper+0x318/0x380 [ 19.991293] ? kasan_addr_to_slab+0x11/0xa0 [ 19.991322] ? mempool_oob_right_helper+0x318/0x380 [ 19.991358] kasan_report+0x141/0x180 [ 19.991390] ? mempool_oob_right_helper+0x318/0x380 [ 19.991429] __asan_report_load1_noabort+0x18/0x20 [ 19.991464] mempool_oob_right_helper+0x318/0x380 [ 19.991499] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 19.991619] ? __pfx_sched_clock_cpu+0x10/0x10 [ 19.991680] ? finish_task_switch.isra.0+0x153/0x700 [ 19.991719] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 19.991756] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 19.991796] ? __pfx_mempool_kmalloc+0x10/0x10 [ 19.991830] ? __pfx_mempool_kfree+0x10/0x10 [ 19.991866] ? __pfx_read_tsc+0x10/0x10 [ 19.991925] ? ktime_get_ts64+0x86/0x230 [ 19.991961] kunit_try_run_case+0x1a5/0x480 [ 19.991998] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.992033] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.992069] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.992121] ? __kthread_parkme+0x82/0x180 [ 19.992172] ? preempt_count_sub+0x50/0x80 [ 19.992205] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.992241] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.992276] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.992311] kthread+0x337/0x6f0 [ 19.992339] ? trace_preempt_on+0x20/0xc0 [ 19.992372] ? __pfx_kthread+0x10/0x10 [ 19.992400] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.992431] ? calculate_sigpending+0x7b/0xa0 [ 19.992466] ? __pfx_kthread+0x10/0x10 [ 19.992496] ret_from_fork+0x116/0x1d0 [ 19.992571] ? __pfx_kthread+0x10/0x10 [ 19.992652] ret_from_fork_asm+0x1a/0x30 [ 19.992753] </TASK> [ 19.992792] [ 20.015533] The buggy address belongs to the physical page: [ 20.017564] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10398c [ 20.018297] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.018691] flags: 0x200000000000040(head|node=0|zone=2) [ 20.019038] page_type: f8(unknown) [ 20.019276] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.020452] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.022275] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.023150] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.023721] head: 0200000000000002 ffffea00040e6301 00000000ffffffff 00000000ffffffff [ 20.024668] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.025282] page dumped because: kasan: bad access detected [ 20.026031] [ 20.026328] Memory state around the buggy address: [ 20.027259] ffff88810398df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.028341] ffff88810398df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.029471] >ffff88810398e000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.030402] ^ [ 20.030811] ffff88810398e080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.031681] ffff88810398e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.032379] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 19.332802] ================================================================== [ 19.333745] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 19.334537] Read of size 1 at addr ffff888101affb40 by task kunit_try_catch/233 [ 19.335065] [ 19.335427] CPU: 0 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 19.335587] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.335632] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.335723] Call Trace: [ 19.335767] <TASK> [ 19.335814] dump_stack_lvl+0x73/0xb0 [ 19.335918] print_report+0xd1/0x650 [ 19.335996] ? __virt_addr_valid+0x1db/0x2d0 [ 19.336073] ? kmem_cache_double_destroy+0x1bf/0x380 [ 19.336151] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.336227] ? kmem_cache_double_destroy+0x1bf/0x380 [ 19.336308] kasan_report+0x141/0x180 [ 19.336379] ? kmem_cache_double_destroy+0x1bf/0x380 [ 19.336458] ? kmem_cache_double_destroy+0x1bf/0x380 [ 19.336501] __kasan_check_byte+0x3d/0x50 [ 19.336535] kmem_cache_destroy+0x25/0x1d0 [ 19.336568] kmem_cache_double_destroy+0x1bf/0x380 [ 19.336605] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 19.336641] ? finish_task_switch.isra.0+0x153/0x700 [ 19.336673] ? __switch_to+0x47/0xf50 [ 19.336713] ? __pfx_read_tsc+0x10/0x10 [ 19.336743] ? ktime_get_ts64+0x86/0x230 [ 19.336776] kunit_try_run_case+0x1a5/0x480 [ 19.336813] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.336847] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.336906] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.336946] ? __kthread_parkme+0x82/0x180 [ 19.336976] ? preempt_count_sub+0x50/0x80 [ 19.337007] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.337042] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.337076] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.337141] kthread+0x337/0x6f0 [ 19.337179] ? trace_preempt_on+0x20/0xc0 [ 19.337213] ? __pfx_kthread+0x10/0x10 [ 19.337243] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.337274] ? calculate_sigpending+0x7b/0xa0 [ 19.337309] ? __pfx_kthread+0x10/0x10 [ 19.337338] ret_from_fork+0x116/0x1d0 [ 19.337365] ? __pfx_kthread+0x10/0x10 [ 19.337393] ret_from_fork_asm+0x1a/0x30 [ 19.337435] </TASK> [ 19.337450] [ 19.354484] Allocated by task 233: [ 19.354862] kasan_save_stack+0x45/0x70 [ 19.355480] kasan_save_track+0x18/0x40 [ 19.355944] kasan_save_alloc_info+0x3b/0x50 [ 19.356497] __kasan_slab_alloc+0x91/0xa0 [ 19.356947] kmem_cache_alloc_noprof+0x123/0x3f0 [ 19.357415] __kmem_cache_create_args+0x169/0x240 [ 19.357827] kmem_cache_double_destroy+0xd5/0x380 [ 19.358442] kunit_try_run_case+0x1a5/0x480 [ 19.359276] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.360256] kthread+0x337/0x6f0 [ 19.360547] ret_from_fork+0x116/0x1d0 [ 19.360852] ret_from_fork_asm+0x1a/0x30 [ 19.361217] [ 19.361474] Freed by task 233: [ 19.361850] kasan_save_stack+0x45/0x70 [ 19.362300] kasan_save_track+0x18/0x40 [ 19.362726] kasan_save_free_info+0x3f/0x60 [ 19.363123] __kasan_slab_free+0x56/0x70 [ 19.363540] kmem_cache_free+0x249/0x420 [ 19.363872] slab_kmem_cache_release+0x2e/0x40 [ 19.364411] kmem_cache_release+0x16/0x20 [ 19.364915] kobject_put+0x181/0x450 [ 19.365299] sysfs_slab_release+0x16/0x20 [ 19.365818] kmem_cache_destroy+0xf0/0x1d0 [ 19.366373] kmem_cache_double_destroy+0x14e/0x380 [ 19.366846] kunit_try_run_case+0x1a5/0x480 [ 19.367972] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.368386] kthread+0x337/0x6f0 [ 19.368675] ret_from_fork+0x116/0x1d0 [ 19.369085] ret_from_fork_asm+0x1a/0x30 [ 19.369940] [ 19.370169] The buggy address belongs to the object at ffff888101affb40 [ 19.370169] which belongs to the cache kmem_cache of size 208 [ 19.371186] The buggy address is located 0 bytes inside of [ 19.371186] freed 208-byte region [ffff888101affb40, ffff888101affc10) [ 19.372222] [ 19.372431] The buggy address belongs to the physical page: [ 19.372926] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aff [ 19.373572] flags: 0x200000000000000(node=0|zone=2) [ 19.374046] page_type: f5(slab) [ 19.374484] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 19.375158] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 19.375802] page dumped because: kasan: bad access detected [ 19.376270] [ 19.376500] Memory state around the buggy address: [ 19.376961] ffff888101affa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.377571] ffff888101affa80: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 19.378075] >ffff888101affb00: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 19.378725] ^ [ 19.379216] ffff888101affb80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.379795] ffff888101affc00: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.380323] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 19.229080] ================================================================== [ 19.230076] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 19.231970] Read of size 1 at addr ffff8881038e4000 by task kunit_try_catch/231 [ 19.233419] [ 19.234024] CPU: 1 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 19.234167] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.234204] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.234274] Call Trace: [ 19.234315] <TASK> [ 19.234365] dump_stack_lvl+0x73/0xb0 [ 19.234460] print_report+0xd1/0x650 [ 19.234524] ? __virt_addr_valid+0x1db/0x2d0 [ 19.234584] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 19.234637] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.234772] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 19.234856] kasan_report+0x141/0x180 [ 19.234967] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 19.235174] __asan_report_load1_noabort+0x18/0x20 [ 19.235262] kmem_cache_rcu_uaf+0x3e3/0x510 [ 19.235344] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 19.235419] ? finish_task_switch.isra.0+0x153/0x700 [ 19.235488] ? __switch_to+0x47/0xf50 [ 19.235665] ? __pfx_read_tsc+0x10/0x10 [ 19.235744] ? ktime_get_ts64+0x86/0x230 [ 19.235869] kunit_try_run_case+0x1a5/0x480 [ 19.235946] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.236008] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.236045] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.236080] ? __kthread_parkme+0x82/0x180 [ 19.236153] ? preempt_count_sub+0x50/0x80 [ 19.236191] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.236228] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.236263] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.236299] kthread+0x337/0x6f0 [ 19.236327] ? trace_preempt_on+0x20/0xc0 [ 19.236362] ? __pfx_kthread+0x10/0x10 [ 19.236390] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.236421] ? calculate_sigpending+0x7b/0xa0 [ 19.236455] ? __pfx_kthread+0x10/0x10 [ 19.236485] ret_from_fork+0x116/0x1d0 [ 19.236518] ? __pfx_kthread+0x10/0x10 [ 19.236609] ret_from_fork_asm+0x1a/0x30 [ 19.236676] </TASK> [ 19.236693] [ 19.258980] Allocated by task 231: [ 19.259349] kasan_save_stack+0x45/0x70 [ 19.259783] kasan_save_track+0x18/0x40 [ 19.260298] kasan_save_alloc_info+0x3b/0x50 [ 19.260720] __kasan_slab_alloc+0x91/0xa0 [ 19.261252] kmem_cache_alloc_noprof+0x123/0x3f0 [ 19.261717] kmem_cache_rcu_uaf+0x155/0x510 [ 19.262082] kunit_try_run_case+0x1a5/0x480 [ 19.263022] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.263491] kthread+0x337/0x6f0 [ 19.264416] ret_from_fork+0x116/0x1d0 [ 19.265205] ret_from_fork_asm+0x1a/0x30 [ 19.265897] [ 19.266242] Freed by task 0: [ 19.266970] kasan_save_stack+0x45/0x70 [ 19.267918] kasan_save_track+0x18/0x40 [ 19.268448] kasan_save_free_info+0x3f/0x60 [ 19.269182] __kasan_slab_free+0x56/0x70 [ 19.269506] slab_free_after_rcu_debug+0xe4/0x310 [ 19.270428] rcu_core+0x66f/0x1c40 [ 19.271040] rcu_core_si+0x12/0x20 [ 19.272119] handle_softirqs+0x209/0x730 [ 19.272512] __irq_exit_rcu+0xc9/0x110 [ 19.273591] irq_exit_rcu+0x12/0x20 [ 19.274257] sysvec_apic_timer_interrupt+0x81/0x90 [ 19.274789] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 19.275250] [ 19.275487] Last potentially related work creation: [ 19.275870] kasan_save_stack+0x45/0x70 [ 19.276368] kasan_record_aux_stack+0xb2/0xc0 [ 19.276784] kmem_cache_free+0x131/0x420 [ 19.277160] kmem_cache_rcu_uaf+0x194/0x510 [ 19.277622] kunit_try_run_case+0x1a5/0x480 [ 19.278426] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.278862] kthread+0x337/0x6f0 [ 19.279573] ret_from_fork+0x116/0x1d0 [ 19.279932] ret_from_fork_asm+0x1a/0x30 [ 19.280632] [ 19.280867] The buggy address belongs to the object at ffff8881038e4000 [ 19.280867] which belongs to the cache test_cache of size 200 [ 19.282752] The buggy address is located 0 bytes inside of [ 19.282752] freed 200-byte region [ffff8881038e4000, ffff8881038e40c8) [ 19.284784] [ 19.285333] The buggy address belongs to the physical page: [ 19.286401] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e4 [ 19.287457] flags: 0x200000000000000(node=0|zone=2) [ 19.287945] page_type: f5(slab) [ 19.288943] raw: 0200000000000000 ffff88810111b280 dead000000000122 0000000000000000 [ 19.289715] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 19.290777] page dumped because: kasan: bad access detected [ 19.291392] [ 19.291574] Memory state around the buggy address: [ 19.291970] ffff8881038e3f00: 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc [ 19.292961] ffff8881038e3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.293998] >ffff8881038e4000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.294540] ^ [ 19.294816] ffff8881038e4080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 19.295331] ffff8881038e4100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.295836] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 19.138137] ================================================================== [ 19.139867] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 19.141374] Free of addr ffff88810330b001 by task kunit_try_catch/229 [ 19.142067] [ 19.142701] CPU: 0 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 19.142828] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.142865] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.142950] Call Trace: [ 19.142990] <TASK> [ 19.143038] dump_stack_lvl+0x73/0xb0 [ 19.143128] print_report+0xd1/0x650 [ 19.143209] ? __virt_addr_valid+0x1db/0x2d0 [ 19.143291] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.143363] ? kmem_cache_invalid_free+0x1d8/0x460 [ 19.143410] kasan_report_invalid_free+0x10a/0x130 [ 19.143447] ? kmem_cache_invalid_free+0x1d8/0x460 [ 19.143486] ? kmem_cache_invalid_free+0x1d8/0x460 [ 19.143543] check_slab_allocation+0x11f/0x130 [ 19.143621] __kasan_slab_pre_free+0x28/0x40 [ 19.143667] kmem_cache_free+0xed/0x420 [ 19.143698] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 19.143728] ? kmem_cache_invalid_free+0x1d8/0x460 [ 19.143766] kmem_cache_invalid_free+0x1d8/0x460 [ 19.143801] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 19.143835] ? finish_task_switch.isra.0+0x153/0x700 [ 19.143866] ? __switch_to+0x47/0xf50 [ 19.143935] ? __pfx_read_tsc+0x10/0x10 [ 19.143968] ? ktime_get_ts64+0x86/0x230 [ 19.144003] kunit_try_run_case+0x1a5/0x480 [ 19.144040] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.144073] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.144123] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.144172] ? __kthread_parkme+0x82/0x180 [ 19.144200] ? preempt_count_sub+0x50/0x80 [ 19.144231] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.144265] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.144298] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.144331] kthread+0x337/0x6f0 [ 19.144358] ? trace_preempt_on+0x20/0xc0 [ 19.144392] ? __pfx_kthread+0x10/0x10 [ 19.144421] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.144452] ? calculate_sigpending+0x7b/0xa0 [ 19.144488] ? __pfx_kthread+0x10/0x10 [ 19.144533] ret_from_fork+0x116/0x1d0 [ 19.144602] ? __pfx_kthread+0x10/0x10 [ 19.144674] ret_from_fork_asm+0x1a/0x30 [ 19.144722] </TASK> [ 19.144737] [ 19.166148] Allocated by task 229: [ 19.166551] kasan_save_stack+0x45/0x70 [ 19.167086] kasan_save_track+0x18/0x40 [ 19.167508] kasan_save_alloc_info+0x3b/0x50 [ 19.168017] __kasan_slab_alloc+0x91/0xa0 [ 19.168397] kmem_cache_alloc_noprof+0x123/0x3f0 [ 19.169030] kmem_cache_invalid_free+0x157/0x460 [ 19.169629] kunit_try_run_case+0x1a5/0x480 [ 19.170046] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.170490] kthread+0x337/0x6f0 [ 19.170962] ret_from_fork+0x116/0x1d0 [ 19.171471] ret_from_fork_asm+0x1a/0x30 [ 19.171972] [ 19.172265] The buggy address belongs to the object at ffff88810330b000 [ 19.172265] which belongs to the cache test_cache of size 200 [ 19.173324] The buggy address is located 1 bytes inside of [ 19.173324] 200-byte region [ffff88810330b000, ffff88810330b0c8) [ 19.174211] [ 19.174475] The buggy address belongs to the physical page: [ 19.175287] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10330b [ 19.176002] flags: 0x200000000000000(node=0|zone=2) [ 19.176629] page_type: f5(slab) [ 19.177142] raw: 0200000000000000 ffff888101affa00 dead000000000122 0000000000000000 [ 19.177702] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 19.178410] page dumped because: kasan: bad access detected [ 19.178991] [ 19.179284] Memory state around the buggy address: [ 19.179933] ffff88810330af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.180669] ffff88810330af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.181227] >ffff88810330b000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.181896] ^ [ 19.182222] ffff88810330b080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 19.183173] ffff88810330b100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.184050] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 19.074292] ================================================================== [ 19.075147] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 19.075725] Free of addr ffff888103309000 by task kunit_try_catch/227 [ 19.076273] [ 19.076587] CPU: 0 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 19.076711] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.076749] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.076809] Call Trace: [ 19.076846] <TASK> [ 19.076907] dump_stack_lvl+0x73/0xb0 [ 19.076999] print_report+0xd1/0x650 [ 19.077076] ? __virt_addr_valid+0x1db/0x2d0 [ 19.077158] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.077231] ? kmem_cache_double_free+0x1e5/0x480 [ 19.077312] kasan_report_invalid_free+0x10a/0x130 [ 19.077389] ? kmem_cache_double_free+0x1e5/0x480 [ 19.077473] ? kmem_cache_double_free+0x1e5/0x480 [ 19.077606] check_slab_allocation+0x101/0x130 [ 19.077692] __kasan_slab_pre_free+0x28/0x40 [ 19.077769] kmem_cache_free+0xed/0x420 [ 19.077839] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 19.077928] ? kmem_cache_double_free+0x1e5/0x480 [ 19.078011] kmem_cache_double_free+0x1e5/0x480 [ 19.078090] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 19.078169] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 19.078318] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 19.078409] kunit_try_run_case+0x1a5/0x480 [ 19.078493] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.078604] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.078686] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.078762] ? __kthread_parkme+0x82/0x180 [ 19.078833] ? preempt_count_sub+0x50/0x80 [ 19.078922] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.078965] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.079001] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.079037] kthread+0x337/0x6f0 [ 19.079065] ? trace_preempt_on+0x20/0xc0 [ 19.079104] ? __pfx_kthread+0x10/0x10 [ 19.079168] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.079202] ? calculate_sigpending+0x7b/0xa0 [ 19.079237] ? __pfx_kthread+0x10/0x10 [ 19.079266] ret_from_fork+0x116/0x1d0 [ 19.079292] ? __pfx_kthread+0x10/0x10 [ 19.079321] ret_from_fork_asm+0x1a/0x30 [ 19.079362] </TASK> [ 19.079376] [ 19.100328] Allocated by task 227: [ 19.100813] kasan_save_stack+0x45/0x70 [ 19.101167] kasan_save_track+0x18/0x40 [ 19.101483] kasan_save_alloc_info+0x3b/0x50 [ 19.102023] __kasan_slab_alloc+0x91/0xa0 [ 19.102482] kmem_cache_alloc_noprof+0x123/0x3f0 [ 19.103068] kmem_cache_double_free+0x14f/0x480 [ 19.103579] kunit_try_run_case+0x1a5/0x480 [ 19.104104] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.104569] kthread+0x337/0x6f0 [ 19.105088] ret_from_fork+0x116/0x1d0 [ 19.105499] ret_from_fork_asm+0x1a/0x30 [ 19.105963] [ 19.106197] Freed by task 227: [ 19.106499] kasan_save_stack+0x45/0x70 [ 19.107092] kasan_save_track+0x18/0x40 [ 19.107460] kasan_save_free_info+0x3f/0x60 [ 19.107941] __kasan_slab_free+0x56/0x70 [ 19.108266] kmem_cache_free+0x249/0x420 [ 19.108583] kmem_cache_double_free+0x16a/0x480 [ 19.109070] kunit_try_run_case+0x1a5/0x480 [ 19.109579] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.110122] kthread+0x337/0x6f0 [ 19.110765] ret_from_fork+0x116/0x1d0 [ 19.111183] ret_from_fork_asm+0x1a/0x30 [ 19.111728] [ 19.111996] The buggy address belongs to the object at ffff888103309000 [ 19.111996] which belongs to the cache test_cache of size 200 [ 19.113118] The buggy address is located 0 bytes inside of [ 19.113118] 200-byte region [ffff888103309000, ffff8881033090c8) [ 19.113769] [ 19.113993] The buggy address belongs to the physical page: [ 19.114503] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103309 [ 19.115458] flags: 0x200000000000000(node=0|zone=2) [ 19.115822] page_type: f5(slab) [ 19.116135] raw: 0200000000000000 ffff888101aff8c0 dead000000000122 0000000000000000 [ 19.116793] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 19.117870] page dumped because: kasan: bad access detected [ 19.118451] [ 19.118715] Memory state around the buggy address: [ 19.119078] ffff888103308f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.119526] ffff888103308f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.120017] >ffff888103309000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.120731] ^ [ 19.121336] ffff888103309080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 19.121993] ffff888103309100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.122577] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 19.010030] ================================================================== [ 19.011262] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 19.011809] Read of size 1 at addr ffff8881038e30c8 by task kunit_try_catch/225 [ 19.012337] [ 19.012979] CPU: 1 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 19.013106] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.013145] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.013386] Call Trace: [ 19.013428] <TASK> [ 19.013474] dump_stack_lvl+0x73/0xb0 [ 19.013562] print_report+0xd1/0x650 [ 19.013636] ? __virt_addr_valid+0x1db/0x2d0 [ 19.013713] ? kmem_cache_oob+0x402/0x530 [ 19.013863] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.013924] ? kmem_cache_oob+0x402/0x530 [ 19.013959] kasan_report+0x141/0x180 [ 19.013991] ? kmem_cache_oob+0x402/0x530 [ 19.014030] __asan_report_load1_noabort+0x18/0x20 [ 19.014064] kmem_cache_oob+0x402/0x530 [ 19.014094] ? trace_hardirqs_on+0x37/0xe0 [ 19.014157] ? __pfx_kmem_cache_oob+0x10/0x10 [ 19.014191] ? finish_task_switch.isra.0+0x153/0x700 [ 19.014224] ? __switch_to+0x47/0xf50 [ 19.014273] ? __pfx_read_tsc+0x10/0x10 [ 19.014304] ? ktime_get_ts64+0x86/0x230 [ 19.014337] kunit_try_run_case+0x1a5/0x480 [ 19.014374] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.014407] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.014441] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.014474] ? __kthread_parkme+0x82/0x180 [ 19.014500] ? preempt_count_sub+0x50/0x80 [ 19.014585] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.014658] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.014695] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.014729] kthread+0x337/0x6f0 [ 19.014757] ? trace_preempt_on+0x20/0xc0 [ 19.014787] ? __pfx_kthread+0x10/0x10 [ 19.014815] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.014845] ? calculate_sigpending+0x7b/0xa0 [ 19.014903] ? __pfx_kthread+0x10/0x10 [ 19.014936] ret_from_fork+0x116/0x1d0 [ 19.014962] ? __pfx_kthread+0x10/0x10 [ 19.014990] ret_from_fork_asm+0x1a/0x30 [ 19.015032] </TASK> [ 19.015047] [ 19.032828] Allocated by task 225: [ 19.033288] kasan_save_stack+0x45/0x70 [ 19.033973] kasan_save_track+0x18/0x40 [ 19.034308] kasan_save_alloc_info+0x3b/0x50 [ 19.034770] __kasan_slab_alloc+0x91/0xa0 [ 19.035749] kmem_cache_alloc_noprof+0x123/0x3f0 [ 19.036308] kmem_cache_oob+0x157/0x530 [ 19.036997] kunit_try_run_case+0x1a5/0x480 [ 19.037412] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.037832] kthread+0x337/0x6f0 [ 19.038390] ret_from_fork+0x116/0x1d0 [ 19.039143] ret_from_fork_asm+0x1a/0x30 [ 19.039526] [ 19.039793] The buggy address belongs to the object at ffff8881038e3000 [ 19.039793] which belongs to the cache test_cache of size 200 [ 19.042118] The buggy address is located 0 bytes to the right of [ 19.042118] allocated 200-byte region [ffff8881038e3000, ffff8881038e30c8) [ 19.044324] [ 19.044526] The buggy address belongs to the physical page: [ 19.045618] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 19.046655] flags: 0x200000000000000(node=0|zone=2) [ 19.046994] page_type: f5(slab) [ 19.047410] raw: 0200000000000000 ffff88810111b140 dead000000000122 0000000000000000 [ 19.048280] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 19.049245] page dumped because: kasan: bad access detected [ 19.049663] [ 19.050164] Memory state around the buggy address: [ 19.050712] ffff8881038e2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.051352] ffff8881038e3000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.051762] >ffff8881038e3080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 19.052182] ^ [ 19.052533] ffff8881038e3100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.052963] ffff8881038e3180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.054840] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 18.933810] ================================================================== [ 18.935465] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 18.936178] Read of size 8 at addr ffff888103305400 by task kunit_try_catch/218 [ 18.937073] [ 18.938078] CPU: 0 UID: 0 PID: 218 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 18.938188] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.938225] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.938297] Call Trace: [ 18.938337] <TASK> [ 18.938529] dump_stack_lvl+0x73/0xb0 [ 18.938778] print_report+0xd1/0x650 [ 18.938813] ? __virt_addr_valid+0x1db/0x2d0 [ 18.938847] ? workqueue_uaf+0x4d6/0x560 [ 18.938900] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.938940] ? workqueue_uaf+0x4d6/0x560 [ 18.938972] kasan_report+0x141/0x180 [ 18.939003] ? workqueue_uaf+0x4d6/0x560 [ 18.939039] __asan_report_load8_noabort+0x18/0x20 [ 18.939074] workqueue_uaf+0x4d6/0x560 [ 18.939119] ? __pfx_workqueue_uaf+0x10/0x10 [ 18.939168] ? __schedule+0x10cc/0x2b60 [ 18.939202] ? __pfx_read_tsc+0x10/0x10 [ 18.939232] ? ktime_get_ts64+0x86/0x230 [ 18.939265] kunit_try_run_case+0x1a5/0x480 [ 18.939300] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.939334] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.939367] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.939400] ? __kthread_parkme+0x82/0x180 [ 18.939428] ? preempt_count_sub+0x50/0x80 [ 18.939459] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.939493] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.939583] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.939660] kthread+0x337/0x6f0 [ 18.939691] ? trace_preempt_on+0x20/0xc0 [ 18.939725] ? __pfx_kthread+0x10/0x10 [ 18.939754] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.939785] ? calculate_sigpending+0x7b/0xa0 [ 18.939818] ? __pfx_kthread+0x10/0x10 [ 18.939847] ret_from_fork+0x116/0x1d0 [ 18.939872] ? __pfx_kthread+0x10/0x10 [ 18.939932] ret_from_fork_asm+0x1a/0x30 [ 18.939976] </TASK> [ 18.939991] [ 18.957987] Allocated by task 218: [ 18.958447] kasan_save_stack+0x45/0x70 [ 18.958824] kasan_save_track+0x18/0x40 [ 18.959208] kasan_save_alloc_info+0x3b/0x50 [ 18.959846] __kasan_kmalloc+0xb7/0xc0 [ 18.960237] __kmalloc_cache_noprof+0x189/0x420 [ 18.960706] workqueue_uaf+0x152/0x560 [ 18.961486] kunit_try_run_case+0x1a5/0x480 [ 18.961828] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.962371] kthread+0x337/0x6f0 [ 18.962634] ret_from_fork+0x116/0x1d0 [ 18.963089] ret_from_fork_asm+0x1a/0x30 [ 18.963818] [ 18.964181] Freed by task 9: [ 18.967126] kasan_save_stack+0x45/0x70 [ 18.968267] kasan_save_track+0x18/0x40 [ 18.968576] kasan_save_free_info+0x3f/0x60 [ 18.968846] __kasan_slab_free+0x56/0x70 [ 18.970325] kfree+0x222/0x3f0 [ 18.970671] workqueue_uaf_work+0x12/0x20 [ 18.972632] process_one_work+0x5ee/0xf60 [ 18.973643] worker_thread+0x758/0x1220 [ 18.974210] kthread+0x337/0x6f0 [ 18.974572] ret_from_fork+0x116/0x1d0 [ 18.975161] ret_from_fork_asm+0x1a/0x30 [ 18.975923] [ 18.976630] Last potentially related work creation: [ 18.977287] kasan_save_stack+0x45/0x70 [ 18.977802] kasan_record_aux_stack+0xb2/0xc0 [ 18.978277] __queue_work+0x626/0xeb0 [ 18.978781] queue_work_on+0xb6/0xc0 [ 18.979233] workqueue_uaf+0x26d/0x560 [ 18.979779] kunit_try_run_case+0x1a5/0x480 [ 18.980207] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.981086] kthread+0x337/0x6f0 [ 18.981490] ret_from_fork+0x116/0x1d0 [ 18.981867] ret_from_fork_asm+0x1a/0x30 [ 18.982301] [ 18.982509] The buggy address belongs to the object at ffff888103305400 [ 18.982509] which belongs to the cache kmalloc-32 of size 32 [ 18.983758] The buggy address is located 0 bytes inside of [ 18.983758] freed 32-byte region [ffff888103305400, ffff888103305420) [ 18.984767] [ 18.985020] The buggy address belongs to the physical page: [ 18.985645] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103305 [ 18.986340] flags: 0x200000000000000(node=0|zone=2) [ 18.987186] page_type: f5(slab) [ 18.987705] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 18.988328] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.989032] page dumped because: kasan: bad access detected [ 18.989732] [ 18.989975] Memory state around the buggy address: [ 18.990445] ffff888103305300: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.991168] ffff888103305380: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.992135] >ffff888103305400: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 18.992923] ^ [ 18.993267] ffff888103305480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.993973] ffff888103305500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.994548] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 18.862662] ================================================================== [ 18.863554] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 18.864097] Read of size 4 at addr ffff888103305340 by task swapper/0/0 [ 18.864616] [ 18.864874] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 18.865033] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.865068] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.865165] Call Trace: [ 18.865224] <IRQ> [ 18.865269] dump_stack_lvl+0x73/0xb0 [ 18.865352] print_report+0xd1/0x650 [ 18.865428] ? __virt_addr_valid+0x1db/0x2d0 [ 18.865504] ? rcu_uaf_reclaim+0x50/0x60 [ 18.865581] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.865657] ? rcu_uaf_reclaim+0x50/0x60 [ 18.865726] kasan_report+0x141/0x180 [ 18.865802] ? rcu_uaf_reclaim+0x50/0x60 [ 18.865904] __asan_report_load4_noabort+0x18/0x20 [ 18.865988] rcu_uaf_reclaim+0x50/0x60 [ 18.866064] rcu_core+0x66f/0x1c40 [ 18.866196] ? __pfx_rcu_core+0x10/0x10 [ 18.866284] ? ktime_get+0x6b/0x150 [ 18.866357] ? handle_softirqs+0x18e/0x730 [ 18.866434] rcu_core_si+0x12/0x20 [ 18.866470] handle_softirqs+0x209/0x730 [ 18.866500] ? hrtimer_interrupt+0x2fe/0x780 [ 18.866541] ? __pfx_handle_softirqs+0x10/0x10 [ 18.866577] __irq_exit_rcu+0xc9/0x110 [ 18.866605] irq_exit_rcu+0x12/0x20 [ 18.866633] sysvec_apic_timer_interrupt+0x81/0x90 [ 18.866669] </IRQ> [ 18.866707] <TASK> [ 18.866723] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 18.866842] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 18.867171] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d a3 c8 1d 00 fb f4 <c3> cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 18.867283] RSP: 0000:ffffffffbde07dd8 EFLAGS: 00010202 [ 18.867394] RAX: ffff88819be5f000 RBX: ffffffffbde1cac0 RCX: ffffffffbccaf1c5 [ 18.867457] RDX: ffffed102b60618b RSI: 0000000000000004 RDI: 0000000000017714 [ 18.867512] RBP: ffffffffbde07de0 R08: 0000000000000001 R09: ffffed102b60618a [ 18.867567] R10: ffff88815b030c53 R11: 0000000000013400 R12: 0000000000000000 [ 18.867622] R13: fffffbfff7bc3958 R14: ffffffffbe9c0490 R15: 0000000000000000 [ 18.867698] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 18.867776] ? default_idle+0xd/0x20 [ 18.867808] arch_cpu_idle+0xd/0x20 [ 18.867835] default_idle_call+0x48/0x80 [ 18.867862] do_idle+0x379/0x4f0 [ 18.867931] ? __pfx_do_idle+0x10/0x10 [ 18.867965] ? complete+0x15b/0x1d0 [ 18.867990] ? trace_preempt_on+0x20/0xc0 [ 18.868020] ? schedule+0x86/0x2e0 [ 18.868048] ? preempt_count_sub+0x50/0x80 [ 18.868079] cpu_startup_entry+0x5c/0x70 [ 18.868132] rest_init+0x11a/0x140 [ 18.868171] ? acpi_subsystem_init+0x5d/0x150 [ 18.868211] start_kernel+0x330/0x410 [ 18.868244] x86_64_start_reservations+0x1c/0x30 [ 18.868277] x86_64_start_kernel+0x10d/0x120 [ 18.868309] common_startup_64+0x13e/0x148 [ 18.868350] </TASK> [ 18.868364] [ 18.893793] Allocated by task 216: [ 18.894360] kasan_save_stack+0x45/0x70 [ 18.894852] kasan_save_track+0x18/0x40 [ 18.895405] kasan_save_alloc_info+0x3b/0x50 [ 18.895806] __kasan_kmalloc+0xb7/0xc0 [ 18.896517] __kmalloc_cache_noprof+0x189/0x420 [ 18.897028] rcu_uaf+0xb0/0x330 [ 18.897520] kunit_try_run_case+0x1a5/0x480 [ 18.897976] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.898599] kthread+0x337/0x6f0 [ 18.899056] ret_from_fork+0x116/0x1d0 [ 18.899507] ret_from_fork_asm+0x1a/0x30 [ 18.899994] [ 18.900235] Freed by task 0: [ 18.900613] kasan_save_stack+0x45/0x70 [ 18.901198] kasan_save_track+0x18/0x40 [ 18.901682] kasan_save_free_info+0x3f/0x60 [ 18.902242] __kasan_slab_free+0x56/0x70 [ 18.902734] kfree+0x222/0x3f0 [ 18.903063] rcu_uaf_reclaim+0x1f/0x60 [ 18.903660] rcu_core+0x66f/0x1c40 [ 18.904158] rcu_core_si+0x12/0x20 [ 18.904629] handle_softirqs+0x209/0x730 [ 18.905133] __irq_exit_rcu+0xc9/0x110 [ 18.905625] irq_exit_rcu+0x12/0x20 [ 18.906143] sysvec_apic_timer_interrupt+0x81/0x90 [ 18.906682] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 18.907370] [ 18.907698] Last potentially related work creation: [ 18.908308] kasan_save_stack+0x45/0x70 [ 18.908757] kasan_record_aux_stack+0xb2/0xc0 [ 18.909407] __call_rcu_common.constprop.0+0x72/0x9d0 [ 18.910009] call_rcu+0x12/0x20 [ 18.910450] rcu_uaf+0x168/0x330 [ 18.910896] kunit_try_run_case+0x1a5/0x480 [ 18.911486] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.912171] kthread+0x337/0x6f0 [ 18.912564] ret_from_fork+0x116/0x1d0 [ 18.913026] ret_from_fork_asm+0x1a/0x30 [ 18.913581] [ 18.913810] The buggy address belongs to the object at ffff888103305340 [ 18.913810] which belongs to the cache kmalloc-32 of size 32 [ 18.914731] The buggy address is located 0 bytes inside of [ 18.914731] freed 32-byte region [ffff888103305340, ffff888103305360) [ 18.915538] [ 18.915741] The buggy address belongs to the physical page: [ 18.916370] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103305 [ 18.917179] flags: 0x200000000000000(node=0|zone=2) [ 18.917673] page_type: f5(slab) [ 18.918191] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 18.918682] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.919313] page dumped because: kasan: bad access detected [ 18.919932] [ 18.920356] Memory state around the buggy address: [ 18.920926] ffff888103305200: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.921514] ffff888103305280: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.922299] >ffff888103305300: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.923005] ^ [ 18.923605] ffff888103305380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.924287] ffff888103305400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.924923] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 18.802680] ================================================================== [ 18.803323] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 18.804175] Read of size 1 at addr ffff8881032f7978 by task kunit_try_catch/214 [ 18.804962] [ 18.805336] CPU: 0 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 18.805447] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.805487] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.805541] Call Trace: [ 18.805632] <TASK> [ 18.805677] dump_stack_lvl+0x73/0xb0 [ 18.805856] print_report+0xd1/0x650 [ 18.805962] ? __virt_addr_valid+0x1db/0x2d0 [ 18.806037] ? ksize_uaf+0x5e4/0x6c0 [ 18.806126] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.806180] ? ksize_uaf+0x5e4/0x6c0 [ 18.806214] kasan_report+0x141/0x180 [ 18.806246] ? ksize_uaf+0x5e4/0x6c0 [ 18.806292] __asan_report_load1_noabort+0x18/0x20 [ 18.806329] ksize_uaf+0x5e4/0x6c0 [ 18.806358] ? __pfx_ksize_uaf+0x10/0x10 [ 18.806388] ? __schedule+0x10cc/0x2b60 [ 18.806418] ? __pfx_read_tsc+0x10/0x10 [ 18.806446] ? ktime_get_ts64+0x86/0x230 [ 18.806477] kunit_try_run_case+0x1a5/0x480 [ 18.806510] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.806543] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.806575] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.806607] ? __kthread_parkme+0x82/0x180 [ 18.806635] ? preempt_count_sub+0x50/0x80 [ 18.806664] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.806698] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.806730] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.806763] kthread+0x337/0x6f0 [ 18.806789] ? trace_preempt_on+0x20/0xc0 [ 18.806819] ? __pfx_kthread+0x10/0x10 [ 18.806846] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.806893] ? calculate_sigpending+0x7b/0xa0 [ 18.806937] ? __pfx_kthread+0x10/0x10 [ 18.806967] ret_from_fork+0x116/0x1d0 [ 18.806993] ? __pfx_kthread+0x10/0x10 [ 18.807021] ret_from_fork_asm+0x1a/0x30 [ 18.807060] </TASK> [ 18.807073] [ 18.825029] Allocated by task 214: [ 18.825859] kasan_save_stack+0x45/0x70 [ 18.826402] kasan_save_track+0x18/0x40 [ 18.826961] kasan_save_alloc_info+0x3b/0x50 [ 18.827695] __kasan_kmalloc+0xb7/0xc0 [ 18.828117] __kmalloc_cache_noprof+0x189/0x420 [ 18.828894] ksize_uaf+0xaa/0x6c0 [ 18.829366] kunit_try_run_case+0x1a5/0x480 [ 18.829780] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.830315] kthread+0x337/0x6f0 [ 18.830634] ret_from_fork+0x116/0x1d0 [ 18.831183] ret_from_fork_asm+0x1a/0x30 [ 18.831769] [ 18.832027] Freed by task 214: [ 18.832437] kasan_save_stack+0x45/0x70 [ 18.832803] kasan_save_track+0x18/0x40 [ 18.833383] kasan_save_free_info+0x3f/0x60 [ 18.833830] __kasan_slab_free+0x56/0x70 [ 18.834551] kfree+0x222/0x3f0 [ 18.834937] ksize_uaf+0x12c/0x6c0 [ 18.835713] kunit_try_run_case+0x1a5/0x480 [ 18.836203] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.836807] kthread+0x337/0x6f0 [ 18.837431] ret_from_fork+0x116/0x1d0 [ 18.837794] ret_from_fork_asm+0x1a/0x30 [ 18.838492] [ 18.838713] The buggy address belongs to the object at ffff8881032f7900 [ 18.838713] which belongs to the cache kmalloc-128 of size 128 [ 18.839868] The buggy address is located 120 bytes inside of [ 18.839868] freed 128-byte region [ffff8881032f7900, ffff8881032f7980) [ 18.840968] [ 18.841406] The buggy address belongs to the physical page: [ 18.841839] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1032f7 [ 18.842773] flags: 0x200000000000000(node=0|zone=2) [ 18.843321] page_type: f5(slab) [ 18.843488] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.843748] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.844596] page dumped because: kasan: bad access detected [ 18.844970] [ 18.845367] Memory state around the buggy address: [ 18.845798] ffff8881032f7800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.846605] ffff8881032f7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.847233] >ffff8881032f7900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.847821] ^ [ 18.848355] ffff8881032f7980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.849037] ffff8881032f7a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.849625] ================================================================== [ 18.756031] ================================================================== [ 18.756469] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 18.758307] Read of size 1 at addr ffff8881032f7900 by task kunit_try_catch/214 [ 18.758842] [ 18.759146] CPU: 0 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 18.759306] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.759339] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.759369] Call Trace: [ 18.759400] <TASK> [ 18.759439] dump_stack_lvl+0x73/0xb0 [ 18.759488] print_report+0xd1/0x650 [ 18.759520] ? __virt_addr_valid+0x1db/0x2d0 [ 18.759553] ? ksize_uaf+0x5fe/0x6c0 [ 18.759581] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.759611] ? ksize_uaf+0x5fe/0x6c0 [ 18.759639] kasan_report+0x141/0x180 [ 18.759669] ? ksize_uaf+0x5fe/0x6c0 [ 18.759703] __asan_report_load1_noabort+0x18/0x20 [ 18.759737] ksize_uaf+0x5fe/0x6c0 [ 18.759764] ? __pfx_ksize_uaf+0x10/0x10 [ 18.759794] ? __schedule+0x10cc/0x2b60 [ 18.759825] ? __pfx_read_tsc+0x10/0x10 [ 18.759853] ? ktime_get_ts64+0x86/0x230 [ 18.759906] kunit_try_run_case+0x1a5/0x480 [ 18.759945] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.759978] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.760011] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.760044] ? __kthread_parkme+0x82/0x180 [ 18.760070] ? preempt_count_sub+0x50/0x80 [ 18.760107] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.760186] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.760262] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.760340] kthread+0x337/0x6f0 [ 18.760408] ? trace_preempt_on+0x20/0xc0 [ 18.760472] ? __pfx_kthread+0x10/0x10 [ 18.760503] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.760534] ? calculate_sigpending+0x7b/0xa0 [ 18.760569] ? __pfx_kthread+0x10/0x10 [ 18.760598] ret_from_fork+0x116/0x1d0 [ 18.760622] ? __pfx_kthread+0x10/0x10 [ 18.760650] ret_from_fork_asm+0x1a/0x30 [ 18.760691] </TASK> [ 18.760705] [ 18.777225] Allocated by task 214: [ 18.777931] kasan_save_stack+0x45/0x70 [ 18.778469] kasan_save_track+0x18/0x40 [ 18.778641] kasan_save_alloc_info+0x3b/0x50 [ 18.778818] __kasan_kmalloc+0xb7/0xc0 [ 18.779091] __kmalloc_cache_noprof+0x189/0x420 [ 18.779801] ksize_uaf+0xaa/0x6c0 [ 18.780256] kunit_try_run_case+0x1a5/0x480 [ 18.780661] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.781263] kthread+0x337/0x6f0 [ 18.781558] ret_from_fork+0x116/0x1d0 [ 18.781961] ret_from_fork_asm+0x1a/0x30 [ 18.782385] [ 18.782615] Freed by task 214: [ 18.783137] kasan_save_stack+0x45/0x70 [ 18.783569] kasan_save_track+0x18/0x40 [ 18.784089] kasan_save_free_info+0x3f/0x60 [ 18.784489] __kasan_slab_free+0x56/0x70 [ 18.784845] kfree+0x222/0x3f0 [ 18.785434] ksize_uaf+0x12c/0x6c0 [ 18.785918] kunit_try_run_case+0x1a5/0x480 [ 18.786515] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.787071] kthread+0x337/0x6f0 [ 18.787500] ret_from_fork+0x116/0x1d0 [ 18.788013] ret_from_fork_asm+0x1a/0x30 [ 18.788493] [ 18.788787] The buggy address belongs to the object at ffff8881032f7900 [ 18.788787] which belongs to the cache kmalloc-128 of size 128 [ 18.789858] The buggy address is located 0 bytes inside of [ 18.789858] freed 128-byte region [ffff8881032f7900, ffff8881032f7980) [ 18.790998] [ 18.791271] The buggy address belongs to the physical page: [ 18.791983] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1032f7 [ 18.792734] flags: 0x200000000000000(node=0|zone=2) [ 18.793334] page_type: f5(slab) [ 18.793690] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.794441] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.795253] page dumped because: kasan: bad access detected [ 18.795817] [ 18.796143] Memory state around the buggy address: [ 18.796562] ffff8881032f7800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.797329] ffff8881032f7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.798031] >ffff8881032f7900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.798756] ^ [ 18.799055] ffff8881032f7980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.799820] ffff8881032f7a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.800507] ================================================================== [ 18.708473] ================================================================== [ 18.709631] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 18.710500] Read of size 1 at addr ffff8881032f7900 by task kunit_try_catch/214 [ 18.711079] [ 18.711336] CPU: 0 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 18.711459] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.711496] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.711555] Call Trace: [ 18.711591] <TASK> [ 18.711634] dump_stack_lvl+0x73/0xb0 [ 18.711722] print_report+0xd1/0x650 [ 18.711781] ? __virt_addr_valid+0x1db/0x2d0 [ 18.711816] ? ksize_uaf+0x19d/0x6c0 [ 18.711845] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.711937] ? ksize_uaf+0x19d/0x6c0 [ 18.712040] kasan_report+0x141/0x180 [ 18.712182] ? ksize_uaf+0x19d/0x6c0 [ 18.712265] ? ksize_uaf+0x19d/0x6c0 [ 18.712339] __kasan_check_byte+0x3d/0x50 [ 18.712437] ksize+0x20/0x60 [ 18.712537] ksize_uaf+0x19d/0x6c0 [ 18.712611] ? __pfx_ksize_uaf+0x10/0x10 [ 18.712648] ? __schedule+0x10cc/0x2b60 [ 18.712683] ? __pfx_read_tsc+0x10/0x10 [ 18.712713] ? ktime_get_ts64+0x86/0x230 [ 18.712747] kunit_try_run_case+0x1a5/0x480 [ 18.712783] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.712816] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.712848] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.712903] ? __kthread_parkme+0x82/0x180 [ 18.712935] ? preempt_count_sub+0x50/0x80 [ 18.712968] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.713002] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.713035] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.713068] kthread+0x337/0x6f0 [ 18.713094] ? trace_preempt_on+0x20/0xc0 [ 18.713177] ? __pfx_kthread+0x10/0x10 [ 18.713209] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.713239] ? calculate_sigpending+0x7b/0xa0 [ 18.713274] ? __pfx_kthread+0x10/0x10 [ 18.713302] ret_from_fork+0x116/0x1d0 [ 18.713328] ? __pfx_kthread+0x10/0x10 [ 18.713357] ret_from_fork_asm+0x1a/0x30 [ 18.713396] </TASK> [ 18.713410] [ 18.728534] Allocated by task 214: [ 18.728815] kasan_save_stack+0x45/0x70 [ 18.729308] kasan_save_track+0x18/0x40 [ 18.729741] kasan_save_alloc_info+0x3b/0x50 [ 18.730546] __kasan_kmalloc+0xb7/0xc0 [ 18.730860] __kmalloc_cache_noprof+0x189/0x420 [ 18.731453] ksize_uaf+0xaa/0x6c0 [ 18.731896] kunit_try_run_case+0x1a5/0x480 [ 18.732455] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.732993] kthread+0x337/0x6f0 [ 18.733395] ret_from_fork+0x116/0x1d0 [ 18.733861] ret_from_fork_asm+0x1a/0x30 [ 18.734393] [ 18.734595] Freed by task 214: [ 18.734924] kasan_save_stack+0x45/0x70 [ 18.735398] kasan_save_track+0x18/0x40 [ 18.735858] kasan_save_free_info+0x3f/0x60 [ 18.736222] __kasan_slab_free+0x56/0x70 [ 18.736544] kfree+0x222/0x3f0 [ 18.736831] ksize_uaf+0x12c/0x6c0 [ 18.737310] kunit_try_run_case+0x1a5/0x480 [ 18.737759] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.738453] kthread+0x337/0x6f0 [ 18.738841] ret_from_fork+0x116/0x1d0 [ 18.739333] ret_from_fork_asm+0x1a/0x30 [ 18.739796] [ 18.740045] The buggy address belongs to the object at ffff8881032f7900 [ 18.740045] which belongs to the cache kmalloc-128 of size 128 [ 18.742246] The buggy address is located 0 bytes inside of [ 18.742246] freed 128-byte region [ffff8881032f7900, ffff8881032f7980) [ 18.743074] [ 18.744649] The buggy address belongs to the physical page: [ 18.745213] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1032f7 [ 18.746011] flags: 0x200000000000000(node=0|zone=2) [ 18.746677] page_type: f5(slab) [ 18.747083] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.747945] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.748711] page dumped because: kasan: bad access detected [ 18.749444] [ 18.749626] Memory state around the buggy address: [ 18.750005] ffff8881032f7800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.751229] ffff8881032f7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.751985] >ffff8881032f7900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.752715] ^ [ 18.753401] ffff8881032f7980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.753981] ffff8881032f7a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.754789] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 18.615924] ================================================================== [ 18.616504] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 18.617226] Read of size 1 at addr ffff8881032f7878 by task kunit_try_catch/212 [ 18.617828] [ 18.618146] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 18.618286] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.618348] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.618409] Call Trace: [ 18.618442] <TASK> [ 18.618480] dump_stack_lvl+0x73/0xb0 [ 18.618586] print_report+0xd1/0x650 [ 18.618666] ? __virt_addr_valid+0x1db/0x2d0 [ 18.618761] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 18.618867] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.618981] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 18.619088] kasan_report+0x141/0x180 [ 18.619171] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 18.619257] __asan_report_load1_noabort+0x18/0x20 [ 18.619300] ksize_unpoisons_memory+0x7e9/0x9b0 [ 18.619335] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 18.619367] ? finish_task_switch.isra.0+0x153/0x700 [ 18.619399] ? __switch_to+0x47/0xf50 [ 18.619433] ? __schedule+0x10cc/0x2b60 [ 18.619464] ? __pfx_read_tsc+0x10/0x10 [ 18.619492] ? ktime_get_ts64+0x86/0x230 [ 18.619525] kunit_try_run_case+0x1a5/0x480 [ 18.619559] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.619591] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.619623] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.619655] ? __kthread_parkme+0x82/0x180 [ 18.619681] ? preempt_count_sub+0x50/0x80 [ 18.619711] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.619745] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.619777] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.619811] kthread+0x337/0x6f0 [ 18.619837] ? trace_preempt_on+0x20/0xc0 [ 18.619868] ? __pfx_kthread+0x10/0x10 [ 18.619924] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.619957] ? calculate_sigpending+0x7b/0xa0 [ 18.619992] ? __pfx_kthread+0x10/0x10 [ 18.620021] ret_from_fork+0x116/0x1d0 [ 18.620046] ? __pfx_kthread+0x10/0x10 [ 18.620074] ret_from_fork_asm+0x1a/0x30 [ 18.620132] </TASK> [ 18.620154] [ 18.635074] Allocated by task 212: [ 18.635358] kasan_save_stack+0x45/0x70 [ 18.635679] kasan_save_track+0x18/0x40 [ 18.636121] kasan_save_alloc_info+0x3b/0x50 [ 18.636652] __kasan_kmalloc+0xb7/0xc0 [ 18.637094] __kmalloc_cache_noprof+0x189/0x420 [ 18.637709] ksize_unpoisons_memory+0xc7/0x9b0 [ 18.638228] kunit_try_run_case+0x1a5/0x480 [ 18.638584] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.638992] kthread+0x337/0x6f0 [ 18.639288] ret_from_fork+0x116/0x1d0 [ 18.639600] ret_from_fork_asm+0x1a/0x30 [ 18.640051] [ 18.640285] The buggy address belongs to the object at ffff8881032f7800 [ 18.640285] which belongs to the cache kmalloc-128 of size 128 [ 18.641651] The buggy address is located 5 bytes to the right of [ 18.641651] allocated 115-byte region [ffff8881032f7800, ffff8881032f7873) [ 18.643060] [ 18.643313] The buggy address belongs to the physical page: [ 18.643782] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1032f7 [ 18.645753] flags: 0x200000000000000(node=0|zone=2) [ 18.646124] page_type: f5(slab) [ 18.646518] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.647263] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.647974] page dumped because: kasan: bad access detected [ 18.649649] [ 18.650039] Memory state around the buggy address: [ 18.650447] ffff8881032f7700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.651122] ffff8881032f7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.651746] >ffff8881032f7800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.652425] ^ [ 18.653055] ffff8881032f7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.653667] ffff8881032f7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.654377] ================================================================== [ 18.571437] ================================================================== [ 18.572388] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 18.572989] Read of size 1 at addr ffff8881032f7873 by task kunit_try_catch/212 [ 18.574463] [ 18.574728] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 18.574843] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.574900] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.574963] Call Trace: [ 18.574999] <TASK> [ 18.575041] dump_stack_lvl+0x73/0xb0 [ 18.575129] print_report+0xd1/0x650 [ 18.575211] ? __virt_addr_valid+0x1db/0x2d0 [ 18.575249] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 18.575282] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.575313] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 18.575345] kasan_report+0x141/0x180 [ 18.575376] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 18.575415] __asan_report_load1_noabort+0x18/0x20 [ 18.575451] ksize_unpoisons_memory+0x81c/0x9b0 [ 18.575484] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 18.575517] ? finish_task_switch.isra.0+0x153/0x700 [ 18.575547] ? __switch_to+0x47/0xf50 [ 18.575581] ? __schedule+0x10cc/0x2b60 [ 18.575612] ? __pfx_read_tsc+0x10/0x10 [ 18.575641] ? ktime_get_ts64+0x86/0x230 [ 18.575672] kunit_try_run_case+0x1a5/0x480 [ 18.575706] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.575738] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.575770] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.575802] ? __kthread_parkme+0x82/0x180 [ 18.575828] ? preempt_count_sub+0x50/0x80 [ 18.575857] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.575919] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.575955] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.575988] kthread+0x337/0x6f0 [ 18.576015] ? trace_preempt_on+0x20/0xc0 [ 18.576048] ? __pfx_kthread+0x10/0x10 [ 18.576076] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.576114] ? calculate_sigpending+0x7b/0xa0 [ 18.576171] ? __pfx_kthread+0x10/0x10 [ 18.576204] ret_from_fork+0x116/0x1d0 [ 18.576229] ? __pfx_kthread+0x10/0x10 [ 18.576258] ret_from_fork_asm+0x1a/0x30 [ 18.576298] </TASK> [ 18.576313] [ 18.595283] Allocated by task 212: [ 18.595569] kasan_save_stack+0x45/0x70 [ 18.595937] kasan_save_track+0x18/0x40 [ 18.596421] kasan_save_alloc_info+0x3b/0x50 [ 18.596767] __kasan_kmalloc+0xb7/0xc0 [ 18.597250] __kmalloc_cache_noprof+0x189/0x420 [ 18.597719] ksize_unpoisons_memory+0xc7/0x9b0 [ 18.598525] kunit_try_run_case+0x1a5/0x480 [ 18.599300] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.600289] kthread+0x337/0x6f0 [ 18.600908] ret_from_fork+0x116/0x1d0 [ 18.601545] ret_from_fork_asm+0x1a/0x30 [ 18.601870] [ 18.602060] The buggy address belongs to the object at ffff8881032f7800 [ 18.602060] which belongs to the cache kmalloc-128 of size 128 [ 18.602953] The buggy address is located 0 bytes to the right of [ 18.602953] allocated 115-byte region [ffff8881032f7800, ffff8881032f7873) [ 18.604497] [ 18.604596] The buggy address belongs to the physical page: [ 18.604794] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1032f7 [ 18.605244] flags: 0x200000000000000(node=0|zone=2) [ 18.606457] page_type: f5(slab) [ 18.606831] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.607485] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.608309] page dumped because: kasan: bad access detected [ 18.608975] [ 18.609449] Memory state around the buggy address: [ 18.609847] ffff8881032f7700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.610359] ffff8881032f7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.611055] >ffff8881032f7800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.611659] ^ [ 18.612309] ffff8881032f7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.612955] ffff8881032f7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.613586] ================================================================== [ 18.656460] ================================================================== [ 18.657514] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 18.658210] Read of size 1 at addr ffff8881032f787f by task kunit_try_catch/212 [ 18.658839] [ 18.659115] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 18.659225] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.659265] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.659319] Call Trace: [ 18.659341] <TASK> [ 18.659360] dump_stack_lvl+0x73/0xb0 [ 18.659402] print_report+0xd1/0x650 [ 18.659434] ? __virt_addr_valid+0x1db/0x2d0 [ 18.659480] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 18.659540] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.659573] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 18.659606] kasan_report+0x141/0x180 [ 18.659636] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 18.659674] __asan_report_load1_noabort+0x18/0x20 [ 18.659708] ksize_unpoisons_memory+0x7b6/0x9b0 [ 18.659741] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 18.659773] ? finish_task_switch.isra.0+0x153/0x700 [ 18.659803] ? __switch_to+0x47/0xf50 [ 18.659837] ? __schedule+0x10cc/0x2b60 [ 18.659868] ? __pfx_read_tsc+0x10/0x10 [ 18.660051] ? ktime_get_ts64+0x86/0x230 [ 18.660208] kunit_try_run_case+0x1a5/0x480 [ 18.660322] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.660447] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.660551] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.660654] ? __kthread_parkme+0x82/0x180 [ 18.660720] ? preempt_count_sub+0x50/0x80 [ 18.660757] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.660796] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.660830] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.660863] kthread+0x337/0x6f0 [ 18.660916] ? trace_preempt_on+0x20/0xc0 [ 18.660952] ? __pfx_kthread+0x10/0x10 [ 18.660982] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.661011] ? calculate_sigpending+0x7b/0xa0 [ 18.661043] ? __pfx_kthread+0x10/0x10 [ 18.661073] ret_from_fork+0x116/0x1d0 [ 18.661118] ? __pfx_kthread+0x10/0x10 [ 18.661167] ret_from_fork_asm+0x1a/0x30 [ 18.661227] </TASK> [ 18.661245] [ 18.678531] Allocated by task 212: [ 18.678850] kasan_save_stack+0x45/0x70 [ 18.679852] kasan_save_track+0x18/0x40 [ 18.680362] kasan_save_alloc_info+0x3b/0x50 [ 18.680790] __kasan_kmalloc+0xb7/0xc0 [ 18.681190] __kmalloc_cache_noprof+0x189/0x420 [ 18.681686] ksize_unpoisons_memory+0xc7/0x9b0 [ 18.682229] kunit_try_run_case+0x1a5/0x480 [ 18.682646] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.683110] kthread+0x337/0x6f0 [ 18.683515] ret_from_fork+0x116/0x1d0 [ 18.683965] ret_from_fork_asm+0x1a/0x30 [ 18.684491] [ 18.684769] The buggy address belongs to the object at ffff8881032f7800 [ 18.684769] which belongs to the cache kmalloc-128 of size 128 [ 18.685824] The buggy address is located 12 bytes to the right of [ 18.685824] allocated 115-byte region [ffff8881032f7800, ffff8881032f7873) [ 18.687089] [ 18.687335] The buggy address belongs to the physical page: [ 18.687845] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1032f7 [ 18.688476] flags: 0x200000000000000(node=0|zone=2) [ 18.689169] page_type: f5(slab) [ 18.689463] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.691773] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.693307] page dumped because: kasan: bad access detected [ 18.695305] [ 18.695920] Memory state around the buggy address: [ 18.696789] ffff8881032f7700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.697221] ffff8881032f7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.697589] >ffff8881032f7800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.699385] ^ [ 18.700683] ffff8881032f7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.701505] ffff8881032f7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.702153] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kfree_sensitive
[ 18.521235] ================================================================== [ 18.522605] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 18.523311] Free of addr ffff88810262e160 by task kunit_try_catch/210 [ 18.524340] [ 18.524707] CPU: 0 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 18.524824] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.524862] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.524941] Call Trace: [ 18.524978] <TASK> [ 18.525017] dump_stack_lvl+0x73/0xb0 [ 18.525141] print_report+0xd1/0x650 [ 18.525225] ? __virt_addr_valid+0x1db/0x2d0 [ 18.525301] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.525371] ? kfree_sensitive+0x2e/0x90 [ 18.525441] kasan_report_invalid_free+0x10a/0x130 [ 18.525518] ? kfree_sensitive+0x2e/0x90 [ 18.525590] ? kfree_sensitive+0x2e/0x90 [ 18.525657] check_slab_allocation+0x101/0x130 [ 18.525731] __kasan_slab_pre_free+0x28/0x40 [ 18.525769] kfree+0xf0/0x3f0 [ 18.525801] ? kfree_sensitive+0x2e/0x90 [ 18.525832] kfree_sensitive+0x2e/0x90 [ 18.525860] kmalloc_double_kzfree+0x19c/0x350 [ 18.525923] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 18.525962] ? __schedule+0x10cc/0x2b60 [ 18.525998] ? __pfx_read_tsc+0x10/0x10 [ 18.526028] ? ktime_get_ts64+0x86/0x230 [ 18.526060] kunit_try_run_case+0x1a5/0x480 [ 18.526112] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.526184] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.526220] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.526265] ? __kthread_parkme+0x82/0x180 [ 18.526298] ? preempt_count_sub+0x50/0x80 [ 18.526330] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.526364] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.526397] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.526431] kthread+0x337/0x6f0 [ 18.526457] ? trace_preempt_on+0x20/0xc0 [ 18.526489] ? __pfx_kthread+0x10/0x10 [ 18.526518] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.526548] ? calculate_sigpending+0x7b/0xa0 [ 18.526584] ? __pfx_kthread+0x10/0x10 [ 18.526613] ret_from_fork+0x116/0x1d0 [ 18.526638] ? __pfx_kthread+0x10/0x10 [ 18.526666] ret_from_fork_asm+0x1a/0x30 [ 18.526707] </TASK> [ 18.526722] [ 18.540769] Allocated by task 210: [ 18.541200] kasan_save_stack+0x45/0x70 [ 18.541636] kasan_save_track+0x18/0x40 [ 18.542080] kasan_save_alloc_info+0x3b/0x50 [ 18.542553] __kasan_kmalloc+0xb7/0xc0 [ 18.542999] __kmalloc_cache_noprof+0x189/0x420 [ 18.544279] kmalloc_double_kzfree+0xa9/0x350 [ 18.544797] kunit_try_run_case+0x1a5/0x480 [ 18.545250] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.545725] kthread+0x337/0x6f0 [ 18.546062] ret_from_fork+0x116/0x1d0 [ 18.546494] ret_from_fork_asm+0x1a/0x30 [ 18.546957] [ 18.547189] Freed by task 210: [ 18.547474] kasan_save_stack+0x45/0x70 [ 18.547918] kasan_save_track+0x18/0x40 [ 18.548412] kasan_save_free_info+0x3f/0x60 [ 18.548859] __kasan_slab_free+0x56/0x70 [ 18.549297] kfree+0x222/0x3f0 [ 18.549592] kfree_sensitive+0x67/0x90 [ 18.549922] kmalloc_double_kzfree+0x12b/0x350 [ 18.550493] kunit_try_run_case+0x1a5/0x480 [ 18.551333] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.551738] kthread+0x337/0x6f0 [ 18.552052] ret_from_fork+0x116/0x1d0 [ 18.553962] ret_from_fork_asm+0x1a/0x30 [ 18.554426] [ 18.554702] The buggy address belongs to the object at ffff88810262e160 [ 18.554702] which belongs to the cache kmalloc-16 of size 16 [ 18.555738] The buggy address is located 0 bytes inside of [ 18.555738] 16-byte region [ffff88810262e160, ffff88810262e170) [ 18.556687] [ 18.556938] The buggy address belongs to the physical page: [ 18.557455] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10262e [ 18.558153] flags: 0x200000000000000(node=0|zone=2) [ 18.558620] page_type: f5(slab) [ 18.559015] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 18.559755] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.560408] page dumped because: kasan: bad access detected [ 18.560861] [ 18.561173] Memory state around the buggy address: [ 18.561649] ffff88810262e000: fa fb fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 18.562425] ffff88810262e080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.562900] >ffff88810262e100: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.563337] ^ [ 18.563738] ffff88810262e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.564493] ffff88810262e200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.565727] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 18.479070] ================================================================== [ 18.480101] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 18.480939] Read of size 1 at addr ffff88810262e160 by task kunit_try_catch/210 [ 18.482342] [ 18.482582] CPU: 0 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 18.482702] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.482740] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.483050] Call Trace: [ 18.483077] <TASK> [ 18.483106] dump_stack_lvl+0x73/0xb0 [ 18.483186] print_report+0xd1/0x650 [ 18.483221] ? __virt_addr_valid+0x1db/0x2d0 [ 18.483254] ? kmalloc_double_kzfree+0x19c/0x350 [ 18.483288] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.483319] ? kmalloc_double_kzfree+0x19c/0x350 [ 18.483352] kasan_report+0x141/0x180 [ 18.483382] ? kmalloc_double_kzfree+0x19c/0x350 [ 18.483419] ? kmalloc_double_kzfree+0x19c/0x350 [ 18.483452] __kasan_check_byte+0x3d/0x50 [ 18.483482] kfree_sensitive+0x22/0x90 [ 18.483513] kmalloc_double_kzfree+0x19c/0x350 [ 18.483546] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 18.483580] ? __schedule+0x10cc/0x2b60 [ 18.483612] ? __pfx_read_tsc+0x10/0x10 [ 18.483642] ? ktime_get_ts64+0x86/0x230 [ 18.483675] kunit_try_run_case+0x1a5/0x480 [ 18.483711] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.483745] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.483777] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.483810] ? __kthread_parkme+0x82/0x180 [ 18.483837] ? preempt_count_sub+0x50/0x80 [ 18.483868] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.483932] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.483966] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.484000] kthread+0x337/0x6f0 [ 18.484029] ? trace_preempt_on+0x20/0xc0 [ 18.484062] ? __pfx_kthread+0x10/0x10 [ 18.484091] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.484161] ? calculate_sigpending+0x7b/0xa0 [ 18.484202] ? __pfx_kthread+0x10/0x10 [ 18.484233] ret_from_fork+0x116/0x1d0 [ 18.484258] ? __pfx_kthread+0x10/0x10 [ 18.484287] ret_from_fork_asm+0x1a/0x30 [ 18.484329] </TASK> [ 18.484346] [ 18.497268] Allocated by task 210: [ 18.497558] kasan_save_stack+0x45/0x70 [ 18.497905] kasan_save_track+0x18/0x40 [ 18.498317] kasan_save_alloc_info+0x3b/0x50 [ 18.498785] __kasan_kmalloc+0xb7/0xc0 [ 18.499262] __kmalloc_cache_noprof+0x189/0x420 [ 18.499731] kmalloc_double_kzfree+0xa9/0x350 [ 18.500267] kunit_try_run_case+0x1a5/0x480 [ 18.500715] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.501300] kthread+0x337/0x6f0 [ 18.501700] ret_from_fork+0x116/0x1d0 [ 18.502142] ret_from_fork_asm+0x1a/0x30 [ 18.502533] [ 18.502742] Freed by task 210: [ 18.503156] kasan_save_stack+0x45/0x70 [ 18.503549] kasan_save_track+0x18/0x40 [ 18.503861] kasan_save_free_info+0x3f/0x60 [ 18.504368] __kasan_slab_free+0x56/0x70 [ 18.504764] kfree+0x222/0x3f0 [ 18.505186] kfree_sensitive+0x67/0x90 [ 18.505596] kmalloc_double_kzfree+0x12b/0x350 [ 18.506045] kunit_try_run_case+0x1a5/0x480 [ 18.506487] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.506871] kthread+0x337/0x6f0 [ 18.507315] ret_from_fork+0x116/0x1d0 [ 18.507719] ret_from_fork_asm+0x1a/0x30 [ 18.508194] [ 18.508430] The buggy address belongs to the object at ffff88810262e160 [ 18.508430] which belongs to the cache kmalloc-16 of size 16 [ 18.509344] The buggy address is located 0 bytes inside of [ 18.509344] freed 16-byte region [ffff88810262e160, ffff88810262e170) [ 18.510227] [ 18.510428] The buggy address belongs to the physical page: [ 18.510795] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10262e [ 18.511546] flags: 0x200000000000000(node=0|zone=2) [ 18.512039] page_type: f5(slab) [ 18.512450] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 18.513162] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.513833] page dumped because: kasan: bad access detected [ 18.514359] [ 18.514587] Memory state around the buggy address: [ 18.514946] ffff88810262e000: fa fb fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 18.515648] ffff88810262e080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.516205] >ffff88810262e100: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.516643] ^ [ 18.517167] ffff88810262e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.517784] ffff88810262e200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.518458] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 18.408294] ================================================================== [ 18.409481] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 18.410453] Read of size 1 at addr ffff8881033027a8 by task kunit_try_catch/206 [ 18.411163] [ 18.411899] CPU: 0 UID: 0 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 18.412102] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.412143] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.412189] Call Trace: [ 18.412207] <TASK> [ 18.412224] dump_stack_lvl+0x73/0xb0 [ 18.412267] print_report+0xd1/0x650 [ 18.412299] ? __virt_addr_valid+0x1db/0x2d0 [ 18.412333] ? kmalloc_uaf2+0x4a8/0x520 [ 18.412362] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.412393] ? kmalloc_uaf2+0x4a8/0x520 [ 18.412421] kasan_report+0x141/0x180 [ 18.412451] ? kmalloc_uaf2+0x4a8/0x520 [ 18.412486] __asan_report_load1_noabort+0x18/0x20 [ 18.412744] kmalloc_uaf2+0x4a8/0x520 [ 18.412831] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 18.412907] ? finish_task_switch.isra.0+0x153/0x700 [ 18.412946] ? __switch_to+0x47/0xf50 [ 18.412984] ? __schedule+0x10cc/0x2b60 [ 18.413016] ? __pfx_read_tsc+0x10/0x10 [ 18.413045] ? ktime_get_ts64+0x86/0x230 [ 18.413076] kunit_try_run_case+0x1a5/0x480 [ 18.413154] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.413194] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.413229] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.413262] ? __kthread_parkme+0x82/0x180 [ 18.413289] ? preempt_count_sub+0x50/0x80 [ 18.413319] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.413354] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.413386] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.413420] kthread+0x337/0x6f0 [ 18.413446] ? trace_preempt_on+0x20/0xc0 [ 18.413479] ? __pfx_kthread+0x10/0x10 [ 18.413509] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.413581] ? calculate_sigpending+0x7b/0xa0 [ 18.413654] ? __pfx_kthread+0x10/0x10 [ 18.413687] ret_from_fork+0x116/0x1d0 [ 18.413713] ? __pfx_kthread+0x10/0x10 [ 18.413742] ret_from_fork_asm+0x1a/0x30 [ 18.413783] </TASK> [ 18.413798] [ 18.440779] Allocated by task 206: [ 18.441109] kasan_save_stack+0x45/0x70 [ 18.441566] kasan_save_track+0x18/0x40 [ 18.442107] kasan_save_alloc_info+0x3b/0x50 [ 18.442527] __kasan_kmalloc+0xb7/0xc0 [ 18.443281] __kmalloc_cache_noprof+0x189/0x420 [ 18.444326] kmalloc_uaf2+0xc6/0x520 [ 18.445171] kunit_try_run_case+0x1a5/0x480 [ 18.445530] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.445966] kthread+0x337/0x6f0 [ 18.446428] ret_from_fork+0x116/0x1d0 [ 18.447542] ret_from_fork_asm+0x1a/0x30 [ 18.448566] [ 18.449117] Freed by task 206: [ 18.449400] kasan_save_stack+0x45/0x70 [ 18.449841] kasan_save_track+0x18/0x40 [ 18.450277] kasan_save_free_info+0x3f/0x60 [ 18.450665] __kasan_slab_free+0x56/0x70 [ 18.451287] kfree+0x222/0x3f0 [ 18.452006] kmalloc_uaf2+0x14c/0x520 [ 18.452419] kunit_try_run_case+0x1a5/0x480 [ 18.452998] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.453504] kthread+0x337/0x6f0 [ 18.454021] ret_from_fork+0x116/0x1d0 [ 18.454441] ret_from_fork_asm+0x1a/0x30 [ 18.455190] [ 18.455423] The buggy address belongs to the object at ffff888103302780 [ 18.455423] which belongs to the cache kmalloc-64 of size 64 [ 18.456750] The buggy address is located 40 bytes inside of [ 18.456750] freed 64-byte region [ffff888103302780, ffff8881033027c0) [ 18.457794] [ 18.458050] The buggy address belongs to the physical page: [ 18.458869] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103302 [ 18.459773] flags: 0x200000000000000(node=0|zone=2) [ 18.460258] page_type: f5(slab) [ 18.460716] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.461403] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.462152] page dumped because: kasan: bad access detected [ 18.462969] [ 18.463255] Memory state around the buggy address: [ 18.463731] ffff888103302680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.464307] ffff888103302700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.464861] >ffff888103302780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.465430] ^ [ 18.465857] ffff888103302800: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 18.466956] ffff888103302880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.467716] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 18.352185] ================================================================== [ 18.352984] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 18.353499] Write of size 33 at addr ffff888103302680 by task kunit_try_catch/204 [ 18.354827] [ 18.355400] CPU: 0 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 18.355633] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.355670] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.355727] Call Trace: [ 18.355761] <TASK> [ 18.355803] dump_stack_lvl+0x73/0xb0 [ 18.355911] print_report+0xd1/0x650 [ 18.355989] ? __virt_addr_valid+0x1db/0x2d0 [ 18.356055] ? kmalloc_uaf_memset+0x1a3/0x360 [ 18.356297] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.356424] ? kmalloc_uaf_memset+0x1a3/0x360 [ 18.356502] kasan_report+0x141/0x180 [ 18.356639] ? kmalloc_uaf_memset+0x1a3/0x360 [ 18.356686] kasan_check_range+0x10c/0x1c0 [ 18.356723] __asan_memset+0x27/0x50 [ 18.356750] kmalloc_uaf_memset+0x1a3/0x360 [ 18.356780] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 18.356812] ? __schedule+0x10cc/0x2b60 [ 18.356846] ? __pfx_read_tsc+0x10/0x10 [ 18.356897] ? ktime_get_ts64+0x86/0x230 [ 18.356944] kunit_try_run_case+0x1a5/0x480 [ 18.356982] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.357015] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.357050] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.357083] ? __kthread_parkme+0x82/0x180 [ 18.357126] ? preempt_count_sub+0x50/0x80 [ 18.357171] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.357208] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.357242] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.357276] kthread+0x337/0x6f0 [ 18.357302] ? trace_preempt_on+0x20/0xc0 [ 18.357363] ? __pfx_kthread+0x10/0x10 [ 18.357395] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.357432] ? calculate_sigpending+0x7b/0xa0 [ 18.357480] ? __pfx_kthread+0x10/0x10 [ 18.357518] ret_from_fork+0x116/0x1d0 [ 18.357620] ? __pfx_kthread+0x10/0x10 [ 18.357683] ret_from_fork_asm+0x1a/0x30 [ 18.357743] </TASK> [ 18.357761] [ 18.375475] Allocated by task 204: [ 18.376054] kasan_save_stack+0x45/0x70 [ 18.376487] kasan_save_track+0x18/0x40 [ 18.377415] kasan_save_alloc_info+0x3b/0x50 [ 18.378017] __kasan_kmalloc+0xb7/0xc0 [ 18.378490] __kmalloc_cache_noprof+0x189/0x420 [ 18.379024] kmalloc_uaf_memset+0xa9/0x360 [ 18.379545] kunit_try_run_case+0x1a5/0x480 [ 18.380253] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.381197] kthread+0x337/0x6f0 [ 18.381715] ret_from_fork+0x116/0x1d0 [ 18.382134] ret_from_fork_asm+0x1a/0x30 [ 18.382500] [ 18.382938] Freed by task 204: [ 18.383361] kasan_save_stack+0x45/0x70 [ 18.383961] kasan_save_track+0x18/0x40 [ 18.384439] kasan_save_free_info+0x3f/0x60 [ 18.385291] __kasan_slab_free+0x56/0x70 [ 18.385793] kfree+0x222/0x3f0 [ 18.386306] kmalloc_uaf_memset+0x12b/0x360 [ 18.386915] kunit_try_run_case+0x1a5/0x480 [ 18.387388] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.388041] kthread+0x337/0x6f0 [ 18.388911] ret_from_fork+0x116/0x1d0 [ 18.389349] ret_from_fork_asm+0x1a/0x30 [ 18.389784] [ 18.390016] The buggy address belongs to the object at ffff888103302680 [ 18.390016] which belongs to the cache kmalloc-64 of size 64 [ 18.390953] The buggy address is located 0 bytes inside of [ 18.390953] freed 64-byte region [ffff888103302680, ffff8881033026c0) [ 18.391742] [ 18.392123] The buggy address belongs to the physical page: [ 18.392870] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103302 [ 18.393793] flags: 0x200000000000000(node=0|zone=2) [ 18.394346] page_type: f5(slab) [ 18.394892] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.395731] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.396453] page dumped because: kasan: bad access detected [ 18.397408] [ 18.397799] Memory state around the buggy address: [ 18.398266] ffff888103302580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.399102] ffff888103302600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.399909] >ffff888103302680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.400997] ^ [ 18.401408] ffff888103302700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.402164] ffff888103302780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.402924] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 18.297156] ================================================================== [ 18.298185] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 18.298787] Read of size 1 at addr ffff888101e49ea8 by task kunit_try_catch/202 [ 18.299534] [ 18.300223] CPU: 1 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 18.300717] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.300735] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.300765] Call Trace: [ 18.300780] <TASK> [ 18.300798] dump_stack_lvl+0x73/0xb0 [ 18.300842] print_report+0xd1/0x650 [ 18.300874] ? __virt_addr_valid+0x1db/0x2d0 [ 18.300934] ? kmalloc_uaf+0x320/0x380 [ 18.300964] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.300994] ? kmalloc_uaf+0x320/0x380 [ 18.301023] kasan_report+0x141/0x180 [ 18.301054] ? kmalloc_uaf+0x320/0x380 [ 18.301088] __asan_report_load1_noabort+0x18/0x20 [ 18.301151] kmalloc_uaf+0x320/0x380 [ 18.301184] ? __pfx_kmalloc_uaf+0x10/0x10 [ 18.301215] ? __schedule+0x10cc/0x2b60 [ 18.301247] ? __pfx_read_tsc+0x10/0x10 [ 18.301275] ? ktime_get_ts64+0x86/0x230 [ 18.301307] kunit_try_run_case+0x1a5/0x480 [ 18.301342] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.301375] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.301406] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.301439] ? __kthread_parkme+0x82/0x180 [ 18.301466] ? preempt_count_sub+0x50/0x80 [ 18.301496] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.301604] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.301657] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.301693] kthread+0x337/0x6f0 [ 18.301720] ? trace_preempt_on+0x20/0xc0 [ 18.301753] ? __pfx_kthread+0x10/0x10 [ 18.301781] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.301811] ? calculate_sigpending+0x7b/0xa0 [ 18.301845] ? __pfx_kthread+0x10/0x10 [ 18.301873] ret_from_fork+0x116/0x1d0 [ 18.301930] ? __pfx_kthread+0x10/0x10 [ 18.301960] ret_from_fork_asm+0x1a/0x30 [ 18.302002] </TASK> [ 18.302017] [ 18.322640] Allocated by task 202: [ 18.323033] kasan_save_stack+0x45/0x70 [ 18.324115] kasan_save_track+0x18/0x40 [ 18.324459] kasan_save_alloc_info+0x3b/0x50 [ 18.325021] __kasan_kmalloc+0xb7/0xc0 [ 18.325698] __kmalloc_cache_noprof+0x189/0x420 [ 18.326040] kmalloc_uaf+0xaa/0x380 [ 18.326960] kunit_try_run_case+0x1a5/0x480 [ 18.327500] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.328293] kthread+0x337/0x6f0 [ 18.328895] ret_from_fork+0x116/0x1d0 [ 18.329249] ret_from_fork_asm+0x1a/0x30 [ 18.329801] [ 18.330039] Freed by task 202: [ 18.330327] kasan_save_stack+0x45/0x70 [ 18.330805] kasan_save_track+0x18/0x40 [ 18.331204] kasan_save_free_info+0x3f/0x60 [ 18.332319] __kasan_slab_free+0x56/0x70 [ 18.332805] kfree+0x222/0x3f0 [ 18.333440] kmalloc_uaf+0x12c/0x380 [ 18.333786] kunit_try_run_case+0x1a5/0x480 [ 18.334292] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.334831] kthread+0x337/0x6f0 [ 18.335301] ret_from_fork+0x116/0x1d0 [ 18.335992] ret_from_fork_asm+0x1a/0x30 [ 18.336420] [ 18.336660] The buggy address belongs to the object at ffff888101e49ea0 [ 18.336660] which belongs to the cache kmalloc-16 of size 16 [ 18.337614] The buggy address is located 8 bytes inside of [ 18.337614] freed 16-byte region [ffff888101e49ea0, ffff888101e49eb0) [ 18.338899] [ 18.339142] The buggy address belongs to the physical page: [ 18.339703] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e49 [ 18.340299] flags: 0x200000000000000(node=0|zone=2) [ 18.340926] page_type: f5(slab) [ 18.341290] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 18.341786] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.342486] page dumped because: kasan: bad access detected [ 18.343010] [ 18.343198] Memory state around the buggy address: [ 18.344049] ffff888101e49d80: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 18.344982] ffff888101e49e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.345494] >ffff888101e49e80: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 18.346243] ^ [ 18.346657] ffff888101e49f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.347299] ffff888101e49f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.347829] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 18.243162] ================================================================== [ 18.244088] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 18.245524] Read of size 64 at addr ffff8881038d4c84 by task kunit_try_catch/200 [ 18.246629] [ 18.246750] CPU: 1 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 18.246809] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.246825] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.246854] Call Trace: [ 18.246869] <TASK> [ 18.246923] dump_stack_lvl+0x73/0xb0 [ 18.247014] print_report+0xd1/0x650 [ 18.247091] ? __virt_addr_valid+0x1db/0x2d0 [ 18.247167] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 18.247245] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.247688] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 18.247729] kasan_report+0x141/0x180 [ 18.247761] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 18.247802] kasan_check_range+0x10c/0x1c0 [ 18.247835] __asan_memmove+0x27/0x70 [ 18.247861] kmalloc_memmove_invalid_size+0x16f/0x330 [ 18.247924] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 18.247964] ? __schedule+0x10cc/0x2b60 [ 18.247997] ? __pfx_read_tsc+0x10/0x10 [ 18.248027] ? ktime_get_ts64+0x86/0x230 [ 18.248059] kunit_try_run_case+0x1a5/0x480 [ 18.248097] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.248158] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.248194] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.248227] ? __kthread_parkme+0x82/0x180 [ 18.248255] ? preempt_count_sub+0x50/0x80 [ 18.248285] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.248319] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.248352] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.248385] kthread+0x337/0x6f0 [ 18.248411] ? trace_preempt_on+0x20/0xc0 [ 18.248443] ? __pfx_kthread+0x10/0x10 [ 18.248471] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.248500] ? calculate_sigpending+0x7b/0xa0 [ 18.248597] ? __pfx_kthread+0x10/0x10 [ 18.248679] ret_from_fork+0x116/0x1d0 [ 18.248753] ? __pfx_kthread+0x10/0x10 [ 18.248830] ret_from_fork_asm+0x1a/0x30 [ 18.248915] </TASK> [ 18.248935] [ 18.271205] Allocated by task 200: [ 18.271858] kasan_save_stack+0x45/0x70 [ 18.272425] kasan_save_track+0x18/0x40 [ 18.272987] kasan_save_alloc_info+0x3b/0x50 [ 18.273422] __kasan_kmalloc+0xb7/0xc0 [ 18.273816] __kmalloc_cache_noprof+0x189/0x420 [ 18.274318] kmalloc_memmove_invalid_size+0xac/0x330 [ 18.275331] kunit_try_run_case+0x1a5/0x480 [ 18.276033] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.276656] kthread+0x337/0x6f0 [ 18.277034] ret_from_fork+0x116/0x1d0 [ 18.277431] ret_from_fork_asm+0x1a/0x30 [ 18.278103] [ 18.278378] The buggy address belongs to the object at ffff8881038d4c80 [ 18.278378] which belongs to the cache kmalloc-64 of size 64 [ 18.279559] The buggy address is located 4 bytes inside of [ 18.279559] allocated 64-byte region [ffff8881038d4c80, ffff8881038d4cc0) [ 18.280920] [ 18.281160] The buggy address belongs to the physical page: [ 18.281836] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038d4 [ 18.282542] flags: 0x200000000000000(node=0|zone=2) [ 18.283282] page_type: f5(slab) [ 18.283751] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.284524] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.285383] page dumped because: kasan: bad access detected [ 18.286321] [ 18.286677] Memory state around the buggy address: [ 18.287266] ffff8881038d4b80: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 18.287927] ffff8881038d4c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.288740] >ffff8881038d4c80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 18.289511] ^ [ 18.290421] ffff8881038d4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.291086] ffff8881038d4d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.291770] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 18.192303] ================================================================== [ 18.193522] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 18.194057] Read of size 18446744073709551614 at addr ffff888103302304 by task kunit_try_catch/198 [ 18.195669] [ 18.195969] CPU: 0 UID: 0 PID: 198 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 18.196079] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.196101] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.196152] Call Trace: [ 18.196169] <TASK> [ 18.196189] dump_stack_lvl+0x73/0xb0 [ 18.196232] print_report+0xd1/0x650 [ 18.196264] ? __virt_addr_valid+0x1db/0x2d0 [ 18.196295] ? kmalloc_memmove_negative_size+0x171/0x330 [ 18.196330] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.196361] ? kmalloc_memmove_negative_size+0x171/0x330 [ 18.196420] kasan_report+0x141/0x180 [ 18.196455] ? kmalloc_memmove_negative_size+0x171/0x330 [ 18.196497] kasan_check_range+0x10c/0x1c0 [ 18.196928] __asan_memmove+0x27/0x70 [ 18.197073] kmalloc_memmove_negative_size+0x171/0x330 [ 18.197222] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 18.197268] ? __schedule+0x10cc/0x2b60 [ 18.197304] ? __pfx_read_tsc+0x10/0x10 [ 18.197333] ? ktime_get_ts64+0x86/0x230 [ 18.197367] kunit_try_run_case+0x1a5/0x480 [ 18.197403] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.197436] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.197468] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.197501] ? __kthread_parkme+0x82/0x180 [ 18.197654] ? preempt_count_sub+0x50/0x80 [ 18.197695] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.197732] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.197766] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.197800] kthread+0x337/0x6f0 [ 18.197827] ? trace_preempt_on+0x20/0xc0 [ 18.197859] ? __pfx_kthread+0x10/0x10 [ 18.197915] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.197949] ? calculate_sigpending+0x7b/0xa0 [ 18.197984] ? __pfx_kthread+0x10/0x10 [ 18.198013] ret_from_fork+0x116/0x1d0 [ 18.198038] ? __pfx_kthread+0x10/0x10 [ 18.198066] ret_from_fork_asm+0x1a/0x30 [ 18.198116] </TASK> [ 18.198150] [ 18.217745] Allocated by task 198: [ 18.218496] kasan_save_stack+0x45/0x70 [ 18.219026] kasan_save_track+0x18/0x40 [ 18.219469] kasan_save_alloc_info+0x3b/0x50 [ 18.219957] __kasan_kmalloc+0xb7/0xc0 [ 18.220390] __kmalloc_cache_noprof+0x189/0x420 [ 18.220748] kmalloc_memmove_negative_size+0xac/0x330 [ 18.222016] kunit_try_run_case+0x1a5/0x480 [ 18.222562] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.223046] kthread+0x337/0x6f0 [ 18.223419] ret_from_fork+0x116/0x1d0 [ 18.224017] ret_from_fork_asm+0x1a/0x30 [ 18.224463] [ 18.224862] The buggy address belongs to the object at ffff888103302300 [ 18.224862] which belongs to the cache kmalloc-64 of size 64 [ 18.226338] The buggy address is located 4 bytes inside of [ 18.226338] 64-byte region [ffff888103302300, ffff888103302340) [ 18.227239] [ 18.227456] The buggy address belongs to the physical page: [ 18.228195] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103302 [ 18.228995] flags: 0x200000000000000(node=0|zone=2) [ 18.229355] page_type: f5(slab) [ 18.229841] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.230972] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.231918] page dumped because: kasan: bad access detected [ 18.232750] [ 18.233015] Memory state around the buggy address: [ 18.233787] ffff888103302200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.234304] ffff888103302280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.235264] >ffff888103302300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 18.235986] ^ [ 18.236845] ffff888103302380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.237451] ffff888103302400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.238141] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 18.142381] ================================================================== [ 18.143690] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 18.144571] Write of size 16 at addr ffff8881038d5369 by task kunit_try_catch/196 [ 18.145437] [ 18.145735] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 18.145951] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.145990] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.146047] Call Trace: [ 18.146080] <TASK> [ 18.146121] dump_stack_lvl+0x73/0xb0 [ 18.146205] print_report+0xd1/0x650 [ 18.146241] ? __virt_addr_valid+0x1db/0x2d0 [ 18.146294] ? kmalloc_oob_memset_16+0x166/0x330 [ 18.146366] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.146438] ? kmalloc_oob_memset_16+0x166/0x330 [ 18.146539] kasan_report+0x141/0x180 [ 18.146644] ? kmalloc_oob_memset_16+0x166/0x330 [ 18.146837] kasan_check_range+0x10c/0x1c0 [ 18.146940] __asan_memset+0x27/0x50 [ 18.147009] kmalloc_oob_memset_16+0x166/0x330 [ 18.147088] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 18.147170] ? __schedule+0x10cc/0x2b60 [ 18.147251] ? __pfx_read_tsc+0x10/0x10 [ 18.147319] ? ktime_get_ts64+0x86/0x230 [ 18.147357] kunit_try_run_case+0x1a5/0x480 [ 18.147396] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.147430] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.147463] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.147496] ? __kthread_parkme+0x82/0x180 [ 18.147575] ? preempt_count_sub+0x50/0x80 [ 18.147648] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.147689] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.147725] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.147759] kthread+0x337/0x6f0 [ 18.147786] ? trace_preempt_on+0x20/0xc0 [ 18.147819] ? __pfx_kthread+0x10/0x10 [ 18.147848] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.147904] ? calculate_sigpending+0x7b/0xa0 [ 18.147943] ? __pfx_kthread+0x10/0x10 [ 18.147973] ret_from_fork+0x116/0x1d0 [ 18.147998] ? __pfx_kthread+0x10/0x10 [ 18.148026] ret_from_fork_asm+0x1a/0x30 [ 18.148067] </TASK> [ 18.148081] [ 18.162866] Allocated by task 196: [ 18.163319] kasan_save_stack+0x45/0x70 [ 18.166232] kasan_save_track+0x18/0x40 [ 18.166734] kasan_save_alloc_info+0x3b/0x50 [ 18.167378] __kasan_kmalloc+0xb7/0xc0 [ 18.167988] __kmalloc_cache_noprof+0x189/0x420 [ 18.168622] kmalloc_oob_memset_16+0xac/0x330 [ 18.169148] kunit_try_run_case+0x1a5/0x480 [ 18.170074] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.170468] kthread+0x337/0x6f0 [ 18.170759] ret_from_fork+0x116/0x1d0 [ 18.171155] ret_from_fork_asm+0x1a/0x30 [ 18.171479] [ 18.171664] The buggy address belongs to the object at ffff8881038d5300 [ 18.171664] which belongs to the cache kmalloc-128 of size 128 [ 18.172311] The buggy address is located 105 bytes inside of [ 18.172311] allocated 120-byte region [ffff8881038d5300, ffff8881038d5378) [ 18.174815] [ 18.175623] The buggy address belongs to the physical page: [ 18.176391] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038d5 [ 18.176911] flags: 0x200000000000000(node=0|zone=2) [ 18.177149] page_type: f5(slab) [ 18.177296] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.177547] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.177790] page dumped because: kasan: bad access detected [ 18.178693] [ 18.179312] Memory state around the buggy address: [ 18.179860] ffff8881038d5200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.181636] ffff8881038d5280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.182616] >ffff8881038d5300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.183284] ^ [ 18.184443] ffff8881038d5380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.184990] ffff8881038d5400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.186294] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 18.089906] ================================================================== [ 18.090954] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 18.091970] Write of size 8 at addr ffff8881032f7771 by task kunit_try_catch/194 [ 18.093123] [ 18.093722] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 18.093786] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.093803] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.093834] Call Trace: [ 18.093851] <TASK> [ 18.093870] dump_stack_lvl+0x73/0xb0 [ 18.093979] print_report+0xd1/0x650 [ 18.094094] ? __virt_addr_valid+0x1db/0x2d0 [ 18.094169] ? kmalloc_oob_memset_8+0x166/0x330 [ 18.094213] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.094288] ? kmalloc_oob_memset_8+0x166/0x330 [ 18.094324] kasan_report+0x141/0x180 [ 18.094357] ? kmalloc_oob_memset_8+0x166/0x330 [ 18.094394] kasan_check_range+0x10c/0x1c0 [ 18.094427] __asan_memset+0x27/0x50 [ 18.094456] kmalloc_oob_memset_8+0x166/0x330 [ 18.094489] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 18.094712] ? __schedule+0x10cc/0x2b60 [ 18.094760] ? __pfx_read_tsc+0x10/0x10 [ 18.094793] ? ktime_get_ts64+0x86/0x230 [ 18.094827] kunit_try_run_case+0x1a5/0x480 [ 18.094865] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.094926] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.094963] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.094997] ? __kthread_parkme+0x82/0x180 [ 18.095025] ? preempt_count_sub+0x50/0x80 [ 18.095057] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.095093] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.095154] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.095192] kthread+0x337/0x6f0 [ 18.095221] ? trace_preempt_on+0x20/0xc0 [ 18.095255] ? __pfx_kthread+0x10/0x10 [ 18.095284] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.095315] ? calculate_sigpending+0x7b/0xa0 [ 18.095350] ? __pfx_kthread+0x10/0x10 [ 18.095379] ret_from_fork+0x116/0x1d0 [ 18.095405] ? __pfx_kthread+0x10/0x10 [ 18.095434] ret_from_fork_asm+0x1a/0x30 [ 18.095476] </TASK> [ 18.095493] [ 18.116446] Allocated by task 194: [ 18.117095] kasan_save_stack+0x45/0x70 [ 18.117931] kasan_save_track+0x18/0x40 [ 18.118552] kasan_save_alloc_info+0x3b/0x50 [ 18.119084] __kasan_kmalloc+0xb7/0xc0 [ 18.119502] __kmalloc_cache_noprof+0x189/0x420 [ 18.119910] kmalloc_oob_memset_8+0xac/0x330 [ 18.120866] kunit_try_run_case+0x1a5/0x480 [ 18.121364] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.121956] kthread+0x337/0x6f0 [ 18.122636] ret_from_fork+0x116/0x1d0 [ 18.123065] ret_from_fork_asm+0x1a/0x30 [ 18.123567] [ 18.123810] The buggy address belongs to the object at ffff8881032f7700 [ 18.123810] which belongs to the cache kmalloc-128 of size 128 [ 18.125006] The buggy address is located 113 bytes inside of [ 18.125006] allocated 120-byte region [ffff8881032f7700, ffff8881032f7778) [ 18.126458] [ 18.126702] The buggy address belongs to the physical page: [ 18.127169] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1032f7 [ 18.128035] flags: 0x200000000000000(node=0|zone=2) [ 18.128562] page_type: f5(slab) [ 18.129256] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.129982] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.130555] page dumped because: kasan: bad access detected [ 18.131332] [ 18.131692] Memory state around the buggy address: [ 18.132160] ffff8881032f7600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.132981] ffff8881032f7680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.133594] >ffff8881032f7700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.134378] ^ [ 18.135002] ffff8881032f7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.136046] ffff8881032f7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.136691] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 18.039461] ================================================================== [ 18.040478] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 18.041033] Write of size 4 at addr ffff8881032f7675 by task kunit_try_catch/192 [ 18.041559] [ 18.041744] CPU: 0 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 18.041806] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.041822] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.041852] Call Trace: [ 18.041868] <TASK> [ 18.042634] dump_stack_lvl+0x73/0xb0 [ 18.042769] print_report+0xd1/0x650 [ 18.042901] ? __virt_addr_valid+0x1db/0x2d0 [ 18.042987] ? kmalloc_oob_memset_4+0x166/0x330 [ 18.043058] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.043173] ? kmalloc_oob_memset_4+0x166/0x330 [ 18.043249] kasan_report+0x141/0x180 [ 18.043322] ? kmalloc_oob_memset_4+0x166/0x330 [ 18.043406] kasan_check_range+0x10c/0x1c0 [ 18.043483] __asan_memset+0x27/0x50 [ 18.043682] kmalloc_oob_memset_4+0x166/0x330 [ 18.043759] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 18.043796] ? __schedule+0x10cc/0x2b60 [ 18.043832] ? __pfx_read_tsc+0x10/0x10 [ 18.043862] ? ktime_get_ts64+0x86/0x230 [ 18.043928] kunit_try_run_case+0x1a5/0x480 [ 18.043969] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.044003] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.044037] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.044071] ? __kthread_parkme+0x82/0x180 [ 18.044123] ? preempt_count_sub+0x50/0x80 [ 18.044176] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.044213] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.044246] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.044280] kthread+0x337/0x6f0 [ 18.044309] ? trace_preempt_on+0x20/0xc0 [ 18.044343] ? __pfx_kthread+0x10/0x10 [ 18.044371] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.044401] ? calculate_sigpending+0x7b/0xa0 [ 18.044435] ? __pfx_kthread+0x10/0x10 [ 18.044464] ret_from_fork+0x116/0x1d0 [ 18.044490] ? __pfx_kthread+0x10/0x10 [ 18.044536] ret_from_fork_asm+0x1a/0x30 [ 18.044650] </TASK> [ 18.044669] [ 18.062522] Allocated by task 192: [ 18.062811] kasan_save_stack+0x45/0x70 [ 18.063257] kasan_save_track+0x18/0x40 [ 18.063684] kasan_save_alloc_info+0x3b/0x50 [ 18.064429] __kasan_kmalloc+0xb7/0xc0 [ 18.065156] __kmalloc_cache_noprof+0x189/0x420 [ 18.065572] kmalloc_oob_memset_4+0xac/0x330 [ 18.065932] kunit_try_run_case+0x1a5/0x480 [ 18.066378] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.067442] kthread+0x337/0x6f0 [ 18.067845] ret_from_fork+0x116/0x1d0 [ 18.068253] ret_from_fork_asm+0x1a/0x30 [ 18.069066] [ 18.069321] The buggy address belongs to the object at ffff8881032f7600 [ 18.069321] which belongs to the cache kmalloc-128 of size 128 [ 18.070448] The buggy address is located 117 bytes inside of [ 18.070448] allocated 120-byte region [ffff8881032f7600, ffff8881032f7678) [ 18.071180] [ 18.071420] The buggy address belongs to the physical page: [ 18.072015] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1032f7 [ 18.073212] flags: 0x200000000000000(node=0|zone=2) [ 18.073725] page_type: f5(slab) [ 18.074093] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.074604] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.075611] page dumped because: kasan: bad access detected [ 18.076527] [ 18.077025] Memory state around the buggy address: [ 18.078589] ffff8881032f7500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.079747] ffff8881032f7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.080546] >ffff8881032f7600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.081565] ^ [ 18.082404] ffff8881032f7680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.083127] ffff8881032f7700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.084032] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 17.982034] ================================================================== [ 17.983021] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 17.984024] Write of size 2 at addr ffff8881038d5277 by task kunit_try_catch/190 [ 17.985156] [ 17.985467] CPU: 1 UID: 0 PID: 190 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 17.985586] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.985623] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.985823] Call Trace: [ 17.985863] <TASK> [ 17.985926] dump_stack_lvl+0x73/0xb0 [ 17.986017] print_report+0xd1/0x650 [ 17.986091] ? __virt_addr_valid+0x1db/0x2d0 [ 17.986169] ? kmalloc_oob_memset_2+0x166/0x330 [ 17.986243] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.986321] ? kmalloc_oob_memset_2+0x166/0x330 [ 17.986390] kasan_report+0x141/0x180 [ 17.986425] ? kmalloc_oob_memset_2+0x166/0x330 [ 17.986462] kasan_check_range+0x10c/0x1c0 [ 17.986495] __asan_memset+0x27/0x50 [ 17.986656] kmalloc_oob_memset_2+0x166/0x330 [ 17.986700] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 17.986733] ? __schedule+0x10cc/0x2b60 [ 17.986766] ? __pfx_read_tsc+0x10/0x10 [ 17.986796] ? ktime_get_ts64+0x86/0x230 [ 17.986828] kunit_try_run_case+0x1a5/0x480 [ 17.986863] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.986926] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.986962] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.986995] ? __kthread_parkme+0x82/0x180 [ 17.987022] ? preempt_count_sub+0x50/0x80 [ 17.987052] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.987086] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.987144] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.987182] kthread+0x337/0x6f0 [ 17.987210] ? trace_preempt_on+0x20/0xc0 [ 17.987242] ? __pfx_kthread+0x10/0x10 [ 17.987270] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.987300] ? calculate_sigpending+0x7b/0xa0 [ 17.987333] ? __pfx_kthread+0x10/0x10 [ 17.987361] ret_from_fork+0x116/0x1d0 [ 17.987386] ? __pfx_kthread+0x10/0x10 [ 17.987413] ret_from_fork_asm+0x1a/0x30 [ 17.987456] </TASK> [ 17.987471] [ 18.010113] Allocated by task 190: [ 18.010893] kasan_save_stack+0x45/0x70 [ 18.011500] kasan_save_track+0x18/0x40 [ 18.012194] kasan_save_alloc_info+0x3b/0x50 [ 18.012775] __kasan_kmalloc+0xb7/0xc0 [ 18.013484] __kmalloc_cache_noprof+0x189/0x420 [ 18.013964] kmalloc_oob_memset_2+0xac/0x330 [ 18.014465] kunit_try_run_case+0x1a5/0x480 [ 18.015336] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.015980] kthread+0x337/0x6f0 [ 18.016681] ret_from_fork+0x116/0x1d0 [ 18.017080] ret_from_fork_asm+0x1a/0x30 [ 18.017946] [ 18.018332] The buggy address belongs to the object at ffff8881038d5200 [ 18.018332] which belongs to the cache kmalloc-128 of size 128 [ 18.019801] The buggy address is located 119 bytes inside of [ 18.019801] allocated 120-byte region [ffff8881038d5200, ffff8881038d5278) [ 18.021007] [ 18.021404] The buggy address belongs to the physical page: [ 18.021958] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038d5 [ 18.023295] flags: 0x200000000000000(node=0|zone=2) [ 18.023828] page_type: f5(slab) [ 18.024374] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.025189] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.026069] page dumped because: kasan: bad access detected [ 18.026984] [ 18.027251] Memory state around the buggy address: [ 18.028197] ffff8881038d5100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.028780] ffff8881038d5180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.029488] >ffff8881038d5200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.030419] ^ [ 18.031417] ffff8881038d5280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.032210] ffff8881038d5300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.033231] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 17.931767] ================================================================== [ 17.932559] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 17.933471] Write of size 128 at addr ffff8881032f7500 by task kunit_try_catch/188 [ 17.934009] [ 17.934391] CPU: 0 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 17.934512] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.934550] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.934744] Call Trace: [ 17.934784] <TASK> [ 17.934827] dump_stack_lvl+0x73/0xb0 [ 17.934929] print_report+0xd1/0x650 [ 17.935006] ? __virt_addr_valid+0x1db/0x2d0 [ 17.935079] ? kmalloc_oob_in_memset+0x15f/0x320 [ 17.935151] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.935224] ? kmalloc_oob_in_memset+0x15f/0x320 [ 17.935299] kasan_report+0x141/0x180 [ 17.935345] ? kmalloc_oob_in_memset+0x15f/0x320 [ 17.935387] kasan_check_range+0x10c/0x1c0 [ 17.935423] __asan_memset+0x27/0x50 [ 17.935449] kmalloc_oob_in_memset+0x15f/0x320 [ 17.935480] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 17.935520] ? __schedule+0x10cc/0x2b60 [ 17.935645] ? __pfx_read_tsc+0x10/0x10 [ 17.935679] ? ktime_get_ts64+0x86/0x230 [ 17.935712] kunit_try_run_case+0x1a5/0x480 [ 17.935748] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.935781] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.935813] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.935846] ? __kthread_parkme+0x82/0x180 [ 17.935873] ? preempt_count_sub+0x50/0x80 [ 17.935934] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.935970] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.936004] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.936037] kthread+0x337/0x6f0 [ 17.936063] ? trace_preempt_on+0x20/0xc0 [ 17.936095] ? __pfx_kthread+0x10/0x10 [ 17.936151] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.936187] ? calculate_sigpending+0x7b/0xa0 [ 17.936222] ? __pfx_kthread+0x10/0x10 [ 17.936252] ret_from_fork+0x116/0x1d0 [ 17.936277] ? __pfx_kthread+0x10/0x10 [ 17.936304] ret_from_fork_asm+0x1a/0x30 [ 17.936345] </TASK> [ 17.936361] [ 17.955386] Allocated by task 188: [ 17.956631] kasan_save_stack+0x45/0x70 [ 17.957302] kasan_save_track+0x18/0x40 [ 17.958018] kasan_save_alloc_info+0x3b/0x50 [ 17.958778] __kasan_kmalloc+0xb7/0xc0 [ 17.959319] __kmalloc_cache_noprof+0x189/0x420 [ 17.959756] kmalloc_oob_in_memset+0xac/0x320 [ 17.960124] kunit_try_run_case+0x1a5/0x480 [ 17.960610] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.961164] kthread+0x337/0x6f0 [ 17.961593] ret_from_fork+0x116/0x1d0 [ 17.962166] ret_from_fork_asm+0x1a/0x30 [ 17.962579] [ 17.962826] The buggy address belongs to the object at ffff8881032f7500 [ 17.962826] which belongs to the cache kmalloc-128 of size 128 [ 17.964630] The buggy address is located 0 bytes inside of [ 17.964630] allocated 120-byte region [ffff8881032f7500, ffff8881032f7578) [ 17.965537] [ 17.965711] The buggy address belongs to the physical page: [ 17.966276] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1032f7 [ 17.967583] flags: 0x200000000000000(node=0|zone=2) [ 17.968384] page_type: f5(slab) [ 17.968907] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.969589] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.970414] page dumped because: kasan: bad access detected [ 17.971197] [ 17.971423] Memory state around the buggy address: [ 17.971813] ffff8881032f7400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.972695] ffff8881032f7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.973806] >ffff8881032f7500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.974525] ^ [ 17.975197] ffff8881032f7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.976081] ffff8881032f7600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.976718] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 17.863163] ================================================================== [ 17.864255] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 17.864782] Read of size 16 at addr ffff888101e49e80 by task kunit_try_catch/186 [ 17.865831] [ 17.866055] CPU: 1 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 17.866122] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.866157] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.866189] Call Trace: [ 17.866205] <TASK> [ 17.866222] dump_stack_lvl+0x73/0xb0 [ 17.866274] print_report+0xd1/0x650 [ 17.866307] ? __virt_addr_valid+0x1db/0x2d0 [ 17.866339] ? kmalloc_uaf_16+0x47b/0x4c0 [ 17.866367] ? kasan_complete_mode_report_info+0x64/0x200 [ 17.866398] ? kmalloc_uaf_16+0x47b/0x4c0 [ 17.866426] kasan_report+0x141/0x180 [ 17.866456] ? kmalloc_uaf_16+0x47b/0x4c0 [ 17.866490] __asan_report_load16_noabort+0x18/0x20 [ 17.866931] kmalloc_uaf_16+0x47b/0x4c0 [ 17.867015] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 17.867120] ? __schedule+0x10cc/0x2b60 [ 17.867272] ? __pfx_read_tsc+0x10/0x10 [ 17.867346] ? ktime_get_ts64+0x86/0x230 [ 17.867424] kunit_try_run_case+0x1a5/0x480 [ 17.867519] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.867626] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.867710] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.867793] ? __kthread_parkme+0x82/0x180 [ 17.867859] ? preempt_count_sub+0x50/0x80 [ 17.867925] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.867965] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.868000] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.868034] kthread+0x337/0x6f0 [ 17.868061] ? trace_preempt_on+0x20/0xc0 [ 17.868092] ? __pfx_kthread+0x10/0x10 [ 17.868159] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.868192] ? calculate_sigpending+0x7b/0xa0 [ 17.868227] ? __pfx_kthread+0x10/0x10 [ 17.868257] ret_from_fork+0x116/0x1d0 [ 17.868281] ? __pfx_kthread+0x10/0x10 [ 17.868309] ret_from_fork_asm+0x1a/0x30 [ 17.868350] </TASK> [ 17.868364] [ 17.889256] Allocated by task 186: [ 17.890830] kasan_save_stack+0x45/0x70 [ 17.891401] kasan_save_track+0x18/0x40 [ 17.893327] kasan_save_alloc_info+0x3b/0x50 [ 17.893983] __kasan_kmalloc+0xb7/0xc0 [ 17.895471] __kmalloc_cache_noprof+0x189/0x420 [ 17.896640] kmalloc_uaf_16+0x15b/0x4c0 [ 17.896950] kunit_try_run_case+0x1a5/0x480 [ 17.897262] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.897572] kthread+0x337/0x6f0 [ 17.897811] ret_from_fork+0x116/0x1d0 [ 17.899489] ret_from_fork_asm+0x1a/0x30 [ 17.899953] [ 17.900194] Freed by task 186: [ 17.900520] kasan_save_stack+0x45/0x70 [ 17.901108] kasan_save_track+0x18/0x40 [ 17.901911] kasan_save_free_info+0x3f/0x60 [ 17.902678] __kasan_slab_free+0x56/0x70 [ 17.903230] kfree+0x222/0x3f0 [ 17.903837] kmalloc_uaf_16+0x1d6/0x4c0 [ 17.904947] kunit_try_run_case+0x1a5/0x480 [ 17.905857] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.906914] kthread+0x337/0x6f0 [ 17.907463] ret_from_fork+0x116/0x1d0 [ 17.908351] ret_from_fork_asm+0x1a/0x30 [ 17.908913] [ 17.909084] The buggy address belongs to the object at ffff888101e49e80 [ 17.909084] which belongs to the cache kmalloc-16 of size 16 [ 17.910914] The buggy address is located 0 bytes inside of [ 17.910914] freed 16-byte region [ffff888101e49e80, ffff888101e49e90) [ 17.912793] [ 17.913053] The buggy address belongs to the physical page: [ 17.913957] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e49 [ 17.915175] flags: 0x200000000000000(node=0|zone=2) [ 17.915939] page_type: f5(slab) [ 17.916253] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 17.917524] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.918220] page dumped because: kasan: bad access detected [ 17.919059] [ 17.919251] Memory state around the buggy address: [ 17.920342] ffff888101e49d80: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 17.920948] ffff888101e49e00: fa fb fc fc fa fb fc fc fa fb fc fc 00 00 fc fc [ 17.921632] >ffff888101e49e80: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.922937] ^ [ 17.923556] ffff888101e49f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.924183] ffff888101e49f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.924797] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 17.816871] ================================================================== [ 17.817828] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 17.818920] Write of size 16 at addr ffff88810262e120 by task kunit_try_catch/184 [ 17.820166] [ 17.820402] CPU: 0 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 17.820521] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.820562] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.820620] Call Trace: [ 17.820657] <TASK> [ 17.820700] dump_stack_lvl+0x73/0xb0 [ 17.820790] print_report+0xd1/0x650 [ 17.820869] ? __virt_addr_valid+0x1db/0x2d0 [ 17.820965] ? kmalloc_oob_16+0x452/0x4a0 [ 17.821006] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.821038] ? kmalloc_oob_16+0x452/0x4a0 [ 17.821067] kasan_report+0x141/0x180 [ 17.821102] ? kmalloc_oob_16+0x452/0x4a0 [ 17.821165] __asan_report_store16_noabort+0x1b/0x30 [ 17.821198] kmalloc_oob_16+0x452/0x4a0 [ 17.821228] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 17.821259] ? __schedule+0x10cc/0x2b60 [ 17.821294] ? __pfx_read_tsc+0x10/0x10 [ 17.821324] ? ktime_get_ts64+0x86/0x230 [ 17.821357] kunit_try_run_case+0x1a5/0x480 [ 17.821393] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.821426] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.821459] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.821491] ? __kthread_parkme+0x82/0x180 [ 17.821519] ? preempt_count_sub+0x50/0x80 [ 17.821550] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.821584] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.821617] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.821651] kthread+0x337/0x6f0 [ 17.821678] ? trace_preempt_on+0x20/0xc0 [ 17.821710] ? __pfx_kthread+0x10/0x10 [ 17.821738] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.821768] ? calculate_sigpending+0x7b/0xa0 [ 17.821801] ? __pfx_kthread+0x10/0x10 [ 17.821829] ret_from_fork+0x116/0x1d0 [ 17.821854] ? __pfx_kthread+0x10/0x10 [ 17.821942] ret_from_fork_asm+0x1a/0x30 [ 17.822086] </TASK> [ 17.822111] [ 17.836589] Allocated by task 184: [ 17.837060] kasan_save_stack+0x45/0x70 [ 17.837463] kasan_save_track+0x18/0x40 [ 17.837895] kasan_save_alloc_info+0x3b/0x50 [ 17.838341] __kasan_kmalloc+0xb7/0xc0 [ 17.838943] __kmalloc_cache_noprof+0x189/0x420 [ 17.839420] kmalloc_oob_16+0xa8/0x4a0 [ 17.839728] kunit_try_run_case+0x1a5/0x480 [ 17.840167] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.840806] kthread+0x337/0x6f0 [ 17.841244] ret_from_fork+0x116/0x1d0 [ 17.841741] ret_from_fork_asm+0x1a/0x30 [ 17.842164] [ 17.842402] The buggy address belongs to the object at ffff88810262e120 [ 17.842402] which belongs to the cache kmalloc-16 of size 16 [ 17.843525] The buggy address is located 0 bytes inside of [ 17.843525] allocated 13-byte region [ffff88810262e120, ffff88810262e12d) [ 17.844614] [ 17.844833] The buggy address belongs to the physical page: [ 17.845301] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10262e [ 17.845957] flags: 0x200000000000000(node=0|zone=2) [ 17.846432] page_type: f5(slab) [ 17.846969] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 17.847694] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.850107] page dumped because: kasan: bad access detected [ 17.850664] [ 17.850930] Memory state around the buggy address: [ 17.851506] ffff88810262e000: fa fb fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 17.852175] ffff88810262e080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.853753] >ffff88810262e100: 00 05 fc fc 00 05 fc fc 00 00 fc fc fc fc fc fc [ 17.854414] ^ [ 17.855868] ffff88810262e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.856902] ffff88810262e200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.857396] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 17.753047] ================================================================== [ 17.754485] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 17.756301] Read of size 1 at addr ffff888100aa7000 by task kunit_try_catch/182 [ 17.757923] [ 17.758227] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 17.758352] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.758392] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.758446] Call Trace: [ 17.758479] <TASK> [ 17.758537] dump_stack_lvl+0x73/0xb0 [ 17.758908] print_report+0xd1/0x650 [ 17.758948] ? __virt_addr_valid+0x1db/0x2d0 [ 17.758981] ? krealloc_uaf+0x53c/0x5e0 [ 17.759011] ? kasan_complete_mode_report_info+0x64/0x200 [ 17.759041] ? krealloc_uaf+0x53c/0x5e0 [ 17.759071] kasan_report+0x141/0x180 [ 17.759109] ? krealloc_uaf+0x53c/0x5e0 [ 17.759178] __asan_report_load1_noabort+0x18/0x20 [ 17.759217] krealloc_uaf+0x53c/0x5e0 [ 17.759248] ? __pfx_krealloc_uaf+0x10/0x10 [ 17.759277] ? finish_task_switch.isra.0+0x153/0x700 [ 17.759306] ? __switch_to+0x47/0xf50 [ 17.759340] ? __schedule+0x10cc/0x2b60 [ 17.759371] ? __pfx_read_tsc+0x10/0x10 [ 17.759399] ? ktime_get_ts64+0x86/0x230 [ 17.759430] kunit_try_run_case+0x1a5/0x480 [ 17.759463] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.759495] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.759579] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.759650] ? __kthread_parkme+0x82/0x180 [ 17.759681] ? preempt_count_sub+0x50/0x80 [ 17.759713] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.759748] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.759781] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.759815] kthread+0x337/0x6f0 [ 17.759842] ? trace_preempt_on+0x20/0xc0 [ 17.759873] ? __pfx_kthread+0x10/0x10 [ 17.759929] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.759963] ? calculate_sigpending+0x7b/0xa0 [ 17.759998] ? __pfx_kthread+0x10/0x10 [ 17.760027] ret_from_fork+0x116/0x1d0 [ 17.760052] ? __pfx_kthread+0x10/0x10 [ 17.760081] ret_from_fork_asm+0x1a/0x30 [ 17.760154] </TASK> [ 17.760172] [ 17.777855] Allocated by task 182: [ 17.778353] kasan_save_stack+0x45/0x70 [ 17.778776] kasan_save_track+0x18/0x40 [ 17.779350] kasan_save_alloc_info+0x3b/0x50 [ 17.780249] __kasan_kmalloc+0xb7/0xc0 [ 17.780867] __kmalloc_cache_noprof+0x189/0x420 [ 17.781462] krealloc_uaf+0xbb/0x5e0 [ 17.781931] kunit_try_run_case+0x1a5/0x480 [ 17.782443] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.783154] kthread+0x337/0x6f0 [ 17.783460] ret_from_fork+0x116/0x1d0 [ 17.784055] ret_from_fork_asm+0x1a/0x30 [ 17.784863] [ 17.785162] Freed by task 182: [ 17.785599] kasan_save_stack+0x45/0x70 [ 17.786016] kasan_save_track+0x18/0x40 [ 17.786418] kasan_save_free_info+0x3f/0x60 [ 17.787006] __kasan_slab_free+0x56/0x70 [ 17.787654] kfree+0x222/0x3f0 [ 17.787950] krealloc_uaf+0x13d/0x5e0 [ 17.788469] kunit_try_run_case+0x1a5/0x480 [ 17.789015] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.789727] kthread+0x337/0x6f0 [ 17.790145] ret_from_fork+0x116/0x1d0 [ 17.790949] ret_from_fork_asm+0x1a/0x30 [ 17.791449] [ 17.791845] The buggy address belongs to the object at ffff888100aa7000 [ 17.791845] which belongs to the cache kmalloc-256 of size 256 [ 17.793161] The buggy address is located 0 bytes inside of [ 17.793161] freed 256-byte region [ffff888100aa7000, ffff888100aa7100) [ 17.794652] [ 17.795099] The buggy address belongs to the physical page: [ 17.796198] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aa6 [ 17.797183] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.798387] flags: 0x200000000000040(head|node=0|zone=2) [ 17.799073] page_type: f5(slab) [ 17.799441] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.800582] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.801283] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.802296] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.802810] head: 0200000000000001 ffffea000402a981 00000000ffffffff 00000000ffffffff [ 17.803770] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.804503] page dumped because: kasan: bad access detected [ 17.805489] [ 17.805683] Memory state around the buggy address: [ 17.806154] ffff888100aa6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.806729] ffff888100aa6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.808046] >ffff888100aa7000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.809083] ^ [ 17.809536] ffff888100aa7080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.810743] ffff888100aa7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.811507] ================================================================== [ 17.694540] ================================================================== [ 17.695654] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 17.696336] Read of size 1 at addr ffff888100aa7000 by task kunit_try_catch/182 [ 17.697210] [ 17.697518] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 17.697704] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.697744] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.697805] Call Trace: [ 17.697842] <TASK> [ 17.697907] dump_stack_lvl+0x73/0xb0 [ 17.698313] print_report+0xd1/0x650 [ 17.698393] ? __virt_addr_valid+0x1db/0x2d0 [ 17.698732] ? krealloc_uaf+0x1b8/0x5e0 [ 17.698777] ? kasan_complete_mode_report_info+0x64/0x200 [ 17.698810] ? krealloc_uaf+0x1b8/0x5e0 [ 17.698841] kasan_report+0x141/0x180 [ 17.698872] ? krealloc_uaf+0x1b8/0x5e0 [ 17.698936] ? krealloc_uaf+0x1b8/0x5e0 [ 17.698969] __kasan_check_byte+0x3d/0x50 [ 17.699000] krealloc_noprof+0x3f/0x340 [ 17.699033] krealloc_uaf+0x1b8/0x5e0 [ 17.699064] ? __pfx_krealloc_uaf+0x10/0x10 [ 17.699093] ? finish_task_switch.isra.0+0x153/0x700 [ 17.699153] ? __switch_to+0x47/0xf50 [ 17.699193] ? __schedule+0x10cc/0x2b60 [ 17.699225] ? __pfx_read_tsc+0x10/0x10 [ 17.699254] ? ktime_get_ts64+0x86/0x230 [ 17.699287] kunit_try_run_case+0x1a5/0x480 [ 17.699324] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.699357] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.699390] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.699423] ? __kthread_parkme+0x82/0x180 [ 17.699450] ? preempt_count_sub+0x50/0x80 [ 17.699480] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.699526] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.699637] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.699706] kthread+0x337/0x6f0 [ 17.699739] ? trace_preempt_on+0x20/0xc0 [ 17.699775] ? __pfx_kthread+0x10/0x10 [ 17.699805] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.699836] ? calculate_sigpending+0x7b/0xa0 [ 17.699871] ? __pfx_kthread+0x10/0x10 [ 17.699931] ret_from_fork+0x116/0x1d0 [ 17.699960] ? __pfx_kthread+0x10/0x10 [ 17.699989] ret_from_fork_asm+0x1a/0x30 [ 17.700032] </TASK> [ 17.700047] [ 17.719366] Allocated by task 182: [ 17.719907] kasan_save_stack+0x45/0x70 [ 17.720380] kasan_save_track+0x18/0x40 [ 17.721006] kasan_save_alloc_info+0x3b/0x50 [ 17.721732] __kasan_kmalloc+0xb7/0xc0 [ 17.722276] __kmalloc_cache_noprof+0x189/0x420 [ 17.723012] krealloc_uaf+0xbb/0x5e0 [ 17.723677] kunit_try_run_case+0x1a5/0x480 [ 17.724209] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.724927] kthread+0x337/0x6f0 [ 17.725346] ret_from_fork+0x116/0x1d0 [ 17.726001] ret_from_fork_asm+0x1a/0x30 [ 17.726592] [ 17.727012] Freed by task 182: [ 17.727463] kasan_save_stack+0x45/0x70 [ 17.728055] kasan_save_track+0x18/0x40 [ 17.728452] kasan_save_free_info+0x3f/0x60 [ 17.728815] __kasan_slab_free+0x56/0x70 [ 17.729336] kfree+0x222/0x3f0 [ 17.729767] krealloc_uaf+0x13d/0x5e0 [ 17.730428] kunit_try_run_case+0x1a5/0x480 [ 17.731070] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.731868] kthread+0x337/0x6f0 [ 17.732378] ret_from_fork+0x116/0x1d0 [ 17.732783] ret_from_fork_asm+0x1a/0x30 [ 17.733302] [ 17.733533] The buggy address belongs to the object at ffff888100aa7000 [ 17.733533] which belongs to the cache kmalloc-256 of size 256 [ 17.734766] The buggy address is located 0 bytes inside of [ 17.734766] freed 256-byte region [ffff888100aa7000, ffff888100aa7100) [ 17.736090] [ 17.736425] The buggy address belongs to the physical page: [ 17.736991] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aa6 [ 17.738041] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.738902] flags: 0x200000000000040(head|node=0|zone=2) [ 17.739472] page_type: f5(slab) [ 17.740047] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.740843] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.741594] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.742226] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.742797] head: 0200000000000001 ffffea000402a981 00000000ffffffff 00000000ffffffff [ 17.744132] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.744750] page dumped because: kasan: bad access detected [ 17.745162] [ 17.745399] Memory state around the buggy address: [ 17.745778] ffff888100aa6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.747086] ffff888100aa6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.748080] >ffff888100aa7000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.748961] ^ [ 17.749323] ffff888100aa7080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.750095] ffff888100aa7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.750923] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 17.558525] ================================================================== [ 17.559118] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 17.559822] Write of size 1 at addr ffff88810397a0da by task kunit_try_catch/180 [ 17.560445] [ 17.561038] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 17.561187] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.561225] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.561278] Call Trace: [ 17.561314] <TASK> [ 17.561353] dump_stack_lvl+0x73/0xb0 [ 17.561438] print_report+0xd1/0x650 [ 17.561514] ? __virt_addr_valid+0x1db/0x2d0 [ 17.561702] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 17.561821] ? kasan_addr_to_slab+0x11/0xa0 [ 17.561915] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 17.561995] kasan_report+0x141/0x180 [ 17.562073] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 17.562208] __asan_report_store1_noabort+0x1b/0x30 [ 17.562303] krealloc_less_oob_helper+0xec6/0x11d0 [ 17.562390] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 17.562505] ? finish_task_switch.isra.0+0x153/0x700 [ 17.562696] ? __switch_to+0x47/0xf50 [ 17.562782] ? __schedule+0x10cc/0x2b60 [ 17.562860] ? __pfx_read_tsc+0x10/0x10 [ 17.562996] krealloc_large_less_oob+0x1c/0x30 [ 17.563078] kunit_try_run_case+0x1a5/0x480 [ 17.563160] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.563235] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.563285] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.563321] ? __kthread_parkme+0x82/0x180 [ 17.563349] ? preempt_count_sub+0x50/0x80 [ 17.563380] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.563414] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.563447] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.563482] kthread+0x337/0x6f0 [ 17.563514] ? trace_preempt_on+0x20/0xc0 [ 17.563634] ? __pfx_kthread+0x10/0x10 [ 17.563672] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.563704] ? calculate_sigpending+0x7b/0xa0 [ 17.563738] ? __pfx_kthread+0x10/0x10 [ 17.563767] ret_from_fork+0x116/0x1d0 [ 17.563792] ? __pfx_kthread+0x10/0x10 [ 17.563820] ret_from_fork_asm+0x1a/0x30 [ 17.563860] </TASK> [ 17.563874] [ 17.586075] The buggy address belongs to the physical page: [ 17.586663] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103978 [ 17.587314] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.587947] flags: 0x200000000000040(head|node=0|zone=2) [ 17.588375] page_type: f8(unknown) [ 17.588772] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.589427] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.590311] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.591240] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.592101] head: 0200000000000002 ffffea00040e5e01 00000000ffffffff 00000000ffffffff [ 17.592744] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.593532] page dumped because: kasan: bad access detected [ 17.594380] [ 17.594586] Memory state around the buggy address: [ 17.595040] ffff888103979f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.595704] ffff88810397a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.596347] >ffff88810397a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.597008] ^ [ 17.597460] ffff88810397a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.598418] ffff88810397a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.599155] ================================================================== [ 17.193561] ================================================================== [ 17.194674] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 17.195259] Write of size 1 at addr ffff8881003518da by task kunit_try_catch/176 [ 17.196322] [ 17.196558] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 17.196662] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.196681] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.196710] Call Trace: [ 17.196723] <TASK> [ 17.196738] dump_stack_lvl+0x73/0xb0 [ 17.196796] print_report+0xd1/0x650 [ 17.196856] ? __virt_addr_valid+0x1db/0x2d0 [ 17.196929] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 17.197011] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.197083] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 17.197159] kasan_report+0x141/0x180 [ 17.197230] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 17.197318] __asan_report_store1_noabort+0x1b/0x30 [ 17.197396] krealloc_less_oob_helper+0xec6/0x11d0 [ 17.197455] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 17.197492] ? finish_task_switch.isra.0+0x153/0x700 [ 17.197525] ? __switch_to+0x47/0xf50 [ 17.197559] ? __schedule+0x10cc/0x2b60 [ 17.197590] ? __pfx_read_tsc+0x10/0x10 [ 17.197623] krealloc_less_oob+0x1c/0x30 [ 17.197652] kunit_try_run_case+0x1a5/0x480 [ 17.197686] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.197718] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.197750] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.197782] ? __kthread_parkme+0x82/0x180 [ 17.197808] ? preempt_count_sub+0x50/0x80 [ 17.197837] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.197871] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.197958] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.198018] kthread+0x337/0x6f0 [ 17.198056] ? trace_preempt_on+0x20/0xc0 [ 17.198088] ? __pfx_kthread+0x10/0x10 [ 17.198154] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.198187] ? calculate_sigpending+0x7b/0xa0 [ 17.198221] ? __pfx_kthread+0x10/0x10 [ 17.198250] ret_from_fork+0x116/0x1d0 [ 17.198289] ? __pfx_kthread+0x10/0x10 [ 17.198318] ret_from_fork_asm+0x1a/0x30 [ 17.198358] </TASK> [ 17.198373] [ 17.216018] Allocated by task 176: [ 17.216350] kasan_save_stack+0x45/0x70 [ 17.216672] kasan_save_track+0x18/0x40 [ 17.217189] kasan_save_alloc_info+0x3b/0x50 [ 17.217673] __kasan_krealloc+0x190/0x1f0 [ 17.218127] krealloc_noprof+0xf3/0x340 [ 17.218545] krealloc_less_oob_helper+0x1aa/0x11d0 [ 17.219147] krealloc_less_oob+0x1c/0x30 [ 17.219553] kunit_try_run_case+0x1a5/0x480 [ 17.220008] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.220581] kthread+0x337/0x6f0 [ 17.220867] ret_from_fork+0x116/0x1d0 [ 17.221248] ret_from_fork_asm+0x1a/0x30 [ 17.221698] [ 17.221978] The buggy address belongs to the object at ffff888100351800 [ 17.221978] which belongs to the cache kmalloc-256 of size 256 [ 17.223146] The buggy address is located 17 bytes to the right of [ 17.223146] allocated 201-byte region [ffff888100351800, ffff8881003518c9) [ 17.224012] [ 17.224335] The buggy address belongs to the physical page: [ 17.224832] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100350 [ 17.225547] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.226154] flags: 0x200000000000040(head|node=0|zone=2) [ 17.226649] page_type: f5(slab) [ 17.227068] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.227804] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.228561] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.229202] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.229755] head: 0200000000000001 ffffea000400d401 00000000ffffffff 00000000ffffffff [ 17.230493] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.231191] page dumped because: kasan: bad access detected [ 17.231654] [ 17.231838] Memory state around the buggy address: [ 17.232232] ffff888100351780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.232873] ffff888100351800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.233549] >ffff888100351880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.234283] ^ [ 17.234844] ffff888100351900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.235517] ffff888100351980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.236020] ================================================================== [ 17.289302] ================================================================== [ 17.290010] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 17.291585] Write of size 1 at addr ffff8881003518eb by task kunit_try_catch/176 [ 17.292962] [ 17.293277] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 17.293376] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.293403] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.293449] Call Trace: [ 17.293481] <TASK> [ 17.293512] dump_stack_lvl+0x73/0xb0 [ 17.293576] print_report+0xd1/0x650 [ 17.293626] ? __virt_addr_valid+0x1db/0x2d0 [ 17.293681] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 17.293734] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.293789] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 17.293846] kasan_report+0x141/0x180 [ 17.293916] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 17.293986] __asan_report_store1_noabort+0x1b/0x30 [ 17.294041] krealloc_less_oob_helper+0xd47/0x11d0 [ 17.294100] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 17.294154] ? finish_task_switch.isra.0+0x153/0x700 [ 17.294203] ? __switch_to+0x47/0xf50 [ 17.294267] ? __schedule+0x10cc/0x2b60 [ 17.294323] ? __pfx_read_tsc+0x10/0x10 [ 17.294376] krealloc_less_oob+0x1c/0x30 [ 17.294425] kunit_try_run_case+0x1a5/0x480 [ 17.294483] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.294533] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.294587] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.294640] ? __kthread_parkme+0x82/0x180 [ 17.294684] ? preempt_count_sub+0x50/0x80 [ 17.294737] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.294790] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.294844] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.294919] kthread+0x337/0x6f0 [ 17.294990] ? trace_preempt_on+0x20/0xc0 [ 17.295067] ? __pfx_kthread+0x10/0x10 [ 17.295186] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.295284] ? calculate_sigpending+0x7b/0xa0 [ 17.295364] ? __pfx_kthread+0x10/0x10 [ 17.295485] ret_from_fork+0x116/0x1d0 [ 17.295541] ? __pfx_kthread+0x10/0x10 [ 17.295589] ret_from_fork_asm+0x1a/0x30 [ 17.295656] </TASK> [ 17.295681] [ 17.326452] Allocated by task 176: [ 17.326801] kasan_save_stack+0x45/0x70 [ 17.327331] kasan_save_track+0x18/0x40 [ 17.327908] kasan_save_alloc_info+0x3b/0x50 [ 17.329683] __kasan_krealloc+0x190/0x1f0 [ 17.330214] krealloc_noprof+0xf3/0x340 [ 17.331734] krealloc_less_oob_helper+0x1aa/0x11d0 [ 17.332139] krealloc_less_oob+0x1c/0x30 [ 17.332936] kunit_try_run_case+0x1a5/0x480 [ 17.334373] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.334926] kthread+0x337/0x6f0 [ 17.336410] ret_from_fork+0x116/0x1d0 [ 17.337648] ret_from_fork_asm+0x1a/0x30 [ 17.338246] [ 17.338524] The buggy address belongs to the object at ffff888100351800 [ 17.338524] which belongs to the cache kmalloc-256 of size 256 [ 17.340824] The buggy address is located 34 bytes to the right of [ 17.340824] allocated 201-byte region [ffff888100351800, ffff8881003518c9) [ 17.342810] [ 17.343066] The buggy address belongs to the physical page: [ 17.344654] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100350 [ 17.345341] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.346460] flags: 0x200000000000040(head|node=0|zone=2) [ 17.347314] page_type: f5(slab) [ 17.347674] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.349321] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.350432] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.351397] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.352203] head: 0200000000000001 ffffea000400d401 00000000ffffffff 00000000ffffffff [ 17.352835] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.354020] page dumped because: kasan: bad access detected [ 17.354539] [ 17.355375] Memory state around the buggy address: [ 17.356643] ffff888100351780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.357124] ffff888100351800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.357654] >ffff888100351880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.362747] ^ [ 17.365191] ffff888100351900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.369368] ffff888100351980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.370535] ================================================================== [ 17.600122] ================================================================== [ 17.600579] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 17.601217] Write of size 1 at addr ffff88810397a0ea by task kunit_try_catch/180 [ 17.602282] [ 17.602490] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 17.602602] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.602637] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.602689] Call Trace: [ 17.602727] <TASK> [ 17.602765] dump_stack_lvl+0x73/0xb0 [ 17.602851] print_report+0xd1/0x650 [ 17.602946] ? __virt_addr_valid+0x1db/0x2d0 [ 17.603021] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 17.603095] ? kasan_addr_to_slab+0x11/0xa0 [ 17.603169] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 17.603247] kasan_report+0x141/0x180 [ 17.603327] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 17.603416] __asan_report_store1_noabort+0x1b/0x30 [ 17.603499] krealloc_less_oob_helper+0xe90/0x11d0 [ 17.603589] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 17.603671] ? finish_task_switch.isra.0+0x153/0x700 [ 17.603746] ? __switch_to+0x47/0xf50 [ 17.603827] ? __schedule+0x10cc/0x2b60 [ 17.604014] ? __pfx_read_tsc+0x10/0x10 [ 17.604101] krealloc_large_less_oob+0x1c/0x30 [ 17.604181] kunit_try_run_case+0x1a5/0x480 [ 17.604259] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.604336] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.604412] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.604487] ? __kthread_parkme+0x82/0x180 [ 17.604660] ? preempt_count_sub+0x50/0x80 [ 17.604717] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.604756] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.604791] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.604825] kthread+0x337/0x6f0 [ 17.604852] ? trace_preempt_on+0x20/0xc0 [ 17.604910] ? __pfx_kthread+0x10/0x10 [ 17.604946] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.604979] ? calculate_sigpending+0x7b/0xa0 [ 17.605013] ? __pfx_kthread+0x10/0x10 [ 17.605042] ret_from_fork+0x116/0x1d0 [ 17.605068] ? __pfx_kthread+0x10/0x10 [ 17.605097] ret_from_fork_asm+0x1a/0x30 [ 17.605170] </TASK> [ 17.605185] [ 17.630076] The buggy address belongs to the physical page: [ 17.631896] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103978 [ 17.632366] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.632779] flags: 0x200000000000040(head|node=0|zone=2) [ 17.634482] page_type: f8(unknown) [ 17.635203] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.636225] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.637072] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.637821] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.638529] head: 0200000000000002 ffffea00040e5e01 00000000ffffffff 00000000ffffffff [ 17.639187] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.640480] page dumped because: kasan: bad access detected [ 17.640928] [ 17.641145] Memory state around the buggy address: [ 17.641516] ffff888103979f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.642203] ffff88810397a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.643135] >ffff88810397a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.643935] ^ [ 17.644665] ffff88810397a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.645311] ffff88810397a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.646080] ================================================================== [ 17.236907] ================================================================== [ 17.237381] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 17.238035] Write of size 1 at addr ffff8881003518ea by task kunit_try_catch/176 [ 17.238560] [ 17.238810] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 17.239560] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.239599] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.239989] Call Trace: [ 17.240035] <TASK> [ 17.240076] dump_stack_lvl+0x73/0xb0 [ 17.240203] print_report+0xd1/0x650 [ 17.240277] ? __virt_addr_valid+0x1db/0x2d0 [ 17.240349] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 17.240424] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.240497] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 17.240576] kasan_report+0x141/0x180 [ 17.240652] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 17.240737] __asan_report_store1_noabort+0x1b/0x30 [ 17.240782] krealloc_less_oob_helper+0xe90/0x11d0 [ 17.240821] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 17.240857] ? finish_task_switch.isra.0+0x153/0x700 [ 17.240919] ? __switch_to+0x47/0xf50 [ 17.240957] ? __schedule+0x10cc/0x2b60 [ 17.240988] ? __pfx_read_tsc+0x10/0x10 [ 17.241020] krealloc_less_oob+0x1c/0x30 [ 17.241050] kunit_try_run_case+0x1a5/0x480 [ 17.241085] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.241165] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.241202] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.241236] ? __kthread_parkme+0x82/0x180 [ 17.241262] ? preempt_count_sub+0x50/0x80 [ 17.241294] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.241328] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.241361] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.241394] kthread+0x337/0x6f0 [ 17.241420] ? trace_preempt_on+0x20/0xc0 [ 17.241450] ? __pfx_kthread+0x10/0x10 [ 17.241478] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.241508] ? calculate_sigpending+0x7b/0xa0 [ 17.241540] ? __pfx_kthread+0x10/0x10 [ 17.241569] ret_from_fork+0x116/0x1d0 [ 17.241593] ? __pfx_kthread+0x10/0x10 [ 17.241621] ret_from_fork_asm+0x1a/0x30 [ 17.241660] </TASK> [ 17.241673] [ 17.261455] Allocated by task 176: [ 17.261823] kasan_save_stack+0x45/0x70 [ 17.262695] kasan_save_track+0x18/0x40 [ 17.263035] kasan_save_alloc_info+0x3b/0x50 [ 17.263750] __kasan_krealloc+0x190/0x1f0 [ 17.264661] krealloc_noprof+0xf3/0x340 [ 17.265033] krealloc_less_oob_helper+0x1aa/0x11d0 [ 17.265572] krealloc_less_oob+0x1c/0x30 [ 17.265913] kunit_try_run_case+0x1a5/0x480 [ 17.266359] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.266765] kthread+0x337/0x6f0 [ 17.268140] ret_from_fork+0x116/0x1d0 [ 17.268503] ret_from_fork_asm+0x1a/0x30 [ 17.269122] [ 17.269661] The buggy address belongs to the object at ffff888100351800 [ 17.269661] which belongs to the cache kmalloc-256 of size 256 [ 17.271045] The buggy address is located 33 bytes to the right of [ 17.271045] allocated 201-byte region [ffff888100351800, ffff8881003518c9) [ 17.271942] [ 17.272364] The buggy address belongs to the physical page: [ 17.272813] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100350 [ 17.273799] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.274294] flags: 0x200000000000040(head|node=0|zone=2) [ 17.275125] page_type: f5(slab) [ 17.275487] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.276493] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.277047] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.278431] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.279176] head: 0200000000000001 ffffea000400d401 00000000ffffffff 00000000ffffffff [ 17.280017] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.280870] page dumped because: kasan: bad access detected [ 17.281497] [ 17.281723] Memory state around the buggy address: [ 17.282599] ffff888100351780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.283259] ffff888100351800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.283770] >ffff888100351880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.284317] ^ [ 17.285336] ffff888100351900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.285821] ffff888100351980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.286597] ================================================================== [ 17.144790] ================================================================== [ 17.145546] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 17.146201] Write of size 1 at addr ffff8881003518d0 by task kunit_try_catch/176 [ 17.146743] [ 17.146997] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 17.147379] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.147420] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.147480] Call Trace: [ 17.147514] <TASK> [ 17.147555] dump_stack_lvl+0x73/0xb0 [ 17.147641] print_report+0xd1/0x650 [ 17.147717] ? __virt_addr_valid+0x1db/0x2d0 [ 17.147792] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 17.147868] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.147964] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 17.148043] kasan_report+0x141/0x180 [ 17.148226] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 17.148315] __asan_report_store1_noabort+0x1b/0x30 [ 17.148392] krealloc_less_oob_helper+0xe23/0x11d0 [ 17.148472] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 17.148548] ? finish_task_switch.isra.0+0x153/0x700 [ 17.148600] ? __switch_to+0x47/0xf50 [ 17.148637] ? __schedule+0x10cc/0x2b60 [ 17.148669] ? __pfx_read_tsc+0x10/0x10 [ 17.148702] krealloc_less_oob+0x1c/0x30 [ 17.148733] kunit_try_run_case+0x1a5/0x480 [ 17.148769] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.148802] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.148833] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.148865] ? __kthread_parkme+0x82/0x180 [ 17.148920] ? preempt_count_sub+0x50/0x80 [ 17.148954] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.148989] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.149021] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.149054] kthread+0x337/0x6f0 [ 17.149081] ? trace_preempt_on+0x20/0xc0 [ 17.149160] ? __pfx_kthread+0x10/0x10 [ 17.149194] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.149226] ? calculate_sigpending+0x7b/0xa0 [ 17.149260] ? __pfx_kthread+0x10/0x10 [ 17.149289] ret_from_fork+0x116/0x1d0 [ 17.149313] ? __pfx_kthread+0x10/0x10 [ 17.149341] ret_from_fork_asm+0x1a/0x30 [ 17.149380] </TASK> [ 17.149393] [ 17.167964] Allocated by task 176: [ 17.168538] kasan_save_stack+0x45/0x70 [ 17.168856] kasan_save_track+0x18/0x40 [ 17.169490] kasan_save_alloc_info+0x3b/0x50 [ 17.169957] __kasan_krealloc+0x190/0x1f0 [ 17.170737] krealloc_noprof+0xf3/0x340 [ 17.171214] krealloc_less_oob_helper+0x1aa/0x11d0 [ 17.171642] krealloc_less_oob+0x1c/0x30 [ 17.172218] kunit_try_run_case+0x1a5/0x480 [ 17.172722] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.173491] kthread+0x337/0x6f0 [ 17.174100] ret_from_fork+0x116/0x1d0 [ 17.174570] ret_from_fork_asm+0x1a/0x30 [ 17.174948] [ 17.175192] The buggy address belongs to the object at ffff888100351800 [ 17.175192] which belongs to the cache kmalloc-256 of size 256 [ 17.176686] The buggy address is located 7 bytes to the right of [ 17.176686] allocated 201-byte region [ffff888100351800, ffff8881003518c9) [ 17.177810] [ 17.178353] The buggy address belongs to the physical page: [ 17.178837] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100350 [ 17.179949] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.180893] flags: 0x200000000000040(head|node=0|zone=2) [ 17.181381] page_type: f5(slab) [ 17.181915] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.182680] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.183318] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.184014] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.184614] head: 0200000000000001 ffffea000400d401 00000000ffffffff 00000000ffffffff [ 17.185204] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.185831] page dumped because: kasan: bad access detected [ 17.186588] [ 17.186803] Memory state around the buggy address: [ 17.187476] ffff888100351780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.187984] ffff888100351800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.188769] >ffff888100351880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.189606] ^ [ 17.190110] ffff888100351900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.191333] ffff888100351980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.191823] ================================================================== [ 17.088854] ================================================================== [ 17.090166] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 17.091293] Write of size 1 at addr ffff8881003518c9 by task kunit_try_catch/176 [ 17.092396] [ 17.093235] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 17.093469] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.093529] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.093591] Call Trace: [ 17.093626] <TASK> [ 17.093671] dump_stack_lvl+0x73/0xb0 [ 17.093755] print_report+0xd1/0x650 [ 17.093821] ? __virt_addr_valid+0x1db/0x2d0 [ 17.093900] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 17.093964] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.094023] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 17.094083] kasan_report+0x141/0x180 [ 17.094163] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 17.094239] __asan_report_store1_noabort+0x1b/0x30 [ 17.094312] krealloc_less_oob_helper+0xd70/0x11d0 [ 17.094375] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 17.094441] ? finish_task_switch.isra.0+0x153/0x700 [ 17.094498] ? __switch_to+0x47/0xf50 [ 17.094565] ? __schedule+0x10cc/0x2b60 [ 17.094633] ? __pfx_read_tsc+0x10/0x10 [ 17.094703] krealloc_less_oob+0x1c/0x30 [ 17.094767] kunit_try_run_case+0x1a5/0x480 [ 17.094844] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.094943] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.095010] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.095071] ? __kthread_parkme+0x82/0x180 [ 17.095135] ? preempt_count_sub+0x50/0x80 [ 17.095216] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.095276] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.095340] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.095397] kthread+0x337/0x6f0 [ 17.095446] ? trace_preempt_on+0x20/0xc0 [ 17.095502] ? __pfx_kthread+0x10/0x10 [ 17.095550] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.095600] ? calculate_sigpending+0x7b/0xa0 [ 17.095655] ? __pfx_kthread+0x10/0x10 [ 17.095704] ret_from_fork+0x116/0x1d0 [ 17.095748] ? __pfx_kthread+0x10/0x10 [ 17.095795] ret_from_fork_asm+0x1a/0x30 [ 17.095866] </TASK> [ 17.095911] [ 17.120475] Allocated by task 176: [ 17.120770] kasan_save_stack+0x45/0x70 [ 17.121120] kasan_save_track+0x18/0x40 [ 17.121437] kasan_save_alloc_info+0x3b/0x50 [ 17.122901] __kasan_krealloc+0x190/0x1f0 [ 17.123467] krealloc_noprof+0xf3/0x340 [ 17.123642] krealloc_less_oob_helper+0x1aa/0x11d0 [ 17.123828] krealloc_less_oob+0x1c/0x30 [ 17.124133] kunit_try_run_case+0x1a5/0x480 [ 17.125089] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.125739] kthread+0x337/0x6f0 [ 17.126249] ret_from_fork+0x116/0x1d0 [ 17.126763] ret_from_fork_asm+0x1a/0x30 [ 17.127485] [ 17.127653] The buggy address belongs to the object at ffff888100351800 [ 17.127653] which belongs to the cache kmalloc-256 of size 256 [ 17.129183] The buggy address is located 0 bytes to the right of [ 17.129183] allocated 201-byte region [ffff888100351800, ffff8881003518c9) [ 17.130113] [ 17.130359] The buggy address belongs to the physical page: [ 17.130737] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100350 [ 17.131570] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.132236] flags: 0x200000000000040(head|node=0|zone=2) [ 17.132726] page_type: f5(slab) [ 17.133204] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.133869] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.134600] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.135240] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.135921] head: 0200000000000001 ffffea000400d401 00000000ffffffff 00000000ffffffff [ 17.136636] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.137339] page dumped because: kasan: bad access detected [ 17.137814] [ 17.138074] Memory state around the buggy address: [ 17.138575] ffff888100351780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.139275] ffff888100351800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.139827] >ffff888100351880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.140504] ^ [ 17.141016] ffff888100351900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.141641] ffff888100351980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.142336] ================================================================== [ 17.466128] ================================================================== [ 17.467087] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 17.467711] Write of size 1 at addr ffff88810397a0c9 by task kunit_try_catch/180 [ 17.469084] [ 17.469385] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 17.469958] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.469995] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.470050] Call Trace: [ 17.470083] <TASK> [ 17.470170] dump_stack_lvl+0x73/0xb0 [ 17.470276] print_report+0xd1/0x650 [ 17.470368] ? __virt_addr_valid+0x1db/0x2d0 [ 17.470408] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 17.470444] ? kasan_addr_to_slab+0x11/0xa0 [ 17.470475] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 17.470524] kasan_report+0x141/0x180 [ 17.470604] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 17.470666] __asan_report_store1_noabort+0x1b/0x30 [ 17.470705] krealloc_less_oob_helper+0xd70/0x11d0 [ 17.470743] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 17.470778] ? finish_task_switch.isra.0+0x153/0x700 [ 17.470809] ? __switch_to+0x47/0xf50 [ 17.470845] ? __schedule+0x10cc/0x2b60 [ 17.470897] ? __pfx_read_tsc+0x10/0x10 [ 17.470936] krealloc_large_less_oob+0x1c/0x30 [ 17.470970] kunit_try_run_case+0x1a5/0x480 [ 17.471007] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.471041] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.471075] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.471124] ? __kthread_parkme+0x82/0x180 [ 17.471167] ? preempt_count_sub+0x50/0x80 [ 17.471200] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.471235] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.471268] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.471302] kthread+0x337/0x6f0 [ 17.471329] ? trace_preempt_on+0x20/0xc0 [ 17.471362] ? __pfx_kthread+0x10/0x10 [ 17.471390] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.471421] ? calculate_sigpending+0x7b/0xa0 [ 17.471456] ? __pfx_kthread+0x10/0x10 [ 17.471485] ret_from_fork+0x116/0x1d0 [ 17.471518] ? __pfx_kthread+0x10/0x10 [ 17.471608] ret_from_fork_asm+0x1a/0x30 [ 17.471672] </TASK> [ 17.471688] [ 17.494551] The buggy address belongs to the physical page: [ 17.495381] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103978 [ 17.496759] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.497622] flags: 0x200000000000040(head|node=0|zone=2) [ 17.498374] page_type: f8(unknown) [ 17.499051] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.500212] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.500982] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.501796] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.503025] head: 0200000000000002 ffffea00040e5e01 00000000ffffffff 00000000ffffffff [ 17.504010] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.504990] page dumped because: kasan: bad access detected [ 17.505452] [ 17.506141] Memory state around the buggy address: [ 17.506514] ffff888103979f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.507714] ffff88810397a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.508252] >ffff88810397a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.509101] ^ [ 17.509948] ffff88810397a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.510985] ffff88810397a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.512289] ================================================================== [ 17.647285] ================================================================== [ 17.648156] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 17.649012] Write of size 1 at addr ffff88810397a0eb by task kunit_try_catch/180 [ 17.649712] [ 17.649942] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 17.650061] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.650321] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.650381] Call Trace: [ 17.650421] <TASK> [ 17.650461] dump_stack_lvl+0x73/0xb0 [ 17.650872] print_report+0xd1/0x650 [ 17.650971] ? __virt_addr_valid+0x1db/0x2d0 [ 17.651083] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 17.651201] ? kasan_addr_to_slab+0x11/0xa0 [ 17.651275] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 17.651351] kasan_report+0x141/0x180 [ 17.651427] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 17.651671] __asan_report_store1_noabort+0x1b/0x30 [ 17.651759] krealloc_less_oob_helper+0xd47/0x11d0 [ 17.651807] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 17.651844] ? finish_task_switch.isra.0+0x153/0x700 [ 17.651898] ? __switch_to+0x47/0xf50 [ 17.651941] ? __schedule+0x10cc/0x2b60 [ 17.651974] ? __pfx_read_tsc+0x10/0x10 [ 17.652007] krealloc_large_less_oob+0x1c/0x30 [ 17.652040] kunit_try_run_case+0x1a5/0x480 [ 17.652075] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.652140] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.652181] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.652215] ? __kthread_parkme+0x82/0x180 [ 17.652243] ? preempt_count_sub+0x50/0x80 [ 17.652274] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.652310] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.652344] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.652379] kthread+0x337/0x6f0 [ 17.652405] ? trace_preempt_on+0x20/0xc0 [ 17.652436] ? __pfx_kthread+0x10/0x10 [ 17.652464] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.652494] ? calculate_sigpending+0x7b/0xa0 [ 17.652584] ? __pfx_kthread+0x10/0x10 [ 17.652657] ret_from_fork+0x116/0x1d0 [ 17.652686] ? __pfx_kthread+0x10/0x10 [ 17.652718] ret_from_fork_asm+0x1a/0x30 [ 17.652759] </TASK> [ 17.652772] [ 17.673008] The buggy address belongs to the physical page: [ 17.673981] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103978 [ 17.674970] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.675863] flags: 0x200000000000040(head|node=0|zone=2) [ 17.676472] page_type: f8(unknown) [ 17.676976] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.677932] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.678589] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.679202] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.679774] head: 0200000000000002 ffffea00040e5e01 00000000ffffffff 00000000ffffffff [ 17.680339] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.681212] page dumped because: kasan: bad access detected [ 17.682282] [ 17.682634] Memory state around the buggy address: [ 17.683169] ffff888103979f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.683927] ffff88810397a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.684732] >ffff88810397a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.685416] ^ [ 17.686286] ffff88810397a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.686998] ffff88810397a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.687781] ================================================================== [ 17.513187] ================================================================== [ 17.513662] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 17.515228] Write of size 1 at addr ffff88810397a0d0 by task kunit_try_catch/180 [ 17.516258] [ 17.516522] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 17.516860] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.516916] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.516963] Call Trace: [ 17.516998] <TASK> [ 17.517029] dump_stack_lvl+0x73/0xb0 [ 17.517105] print_report+0xd1/0x650 [ 17.517311] ? __virt_addr_valid+0x1db/0x2d0 [ 17.517350] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 17.517385] ? kasan_addr_to_slab+0x11/0xa0 [ 17.517413] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 17.517447] kasan_report+0x141/0x180 [ 17.517480] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 17.517534] __asan_report_store1_noabort+0x1b/0x30 [ 17.517631] krealloc_less_oob_helper+0xe23/0x11d0 [ 17.517679] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 17.517717] ? finish_task_switch.isra.0+0x153/0x700 [ 17.517749] ? __switch_to+0x47/0xf50 [ 17.517785] ? __schedule+0x10cc/0x2b60 [ 17.517816] ? __pfx_read_tsc+0x10/0x10 [ 17.517850] krealloc_large_less_oob+0x1c/0x30 [ 17.517908] kunit_try_run_case+0x1a5/0x480 [ 17.517948] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.517982] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.518016] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.518049] ? __kthread_parkme+0x82/0x180 [ 17.518076] ? preempt_count_sub+0x50/0x80 [ 17.518120] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.518172] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.518207] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.518241] kthread+0x337/0x6f0 [ 17.518283] ? trace_preempt_on+0x20/0xc0 [ 17.518317] ? __pfx_kthread+0x10/0x10 [ 17.518345] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.518376] ? calculate_sigpending+0x7b/0xa0 [ 17.518409] ? __pfx_kthread+0x10/0x10 [ 17.518439] ret_from_fork+0x116/0x1d0 [ 17.518464] ? __pfx_kthread+0x10/0x10 [ 17.518492] ret_from_fork_asm+0x1a/0x30 [ 17.518583] </TASK> [ 17.518624] [ 17.542674] The buggy address belongs to the physical page: [ 17.543366] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103978 [ 17.544168] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.545185] flags: 0x200000000000040(head|node=0|zone=2) [ 17.545978] page_type: f8(unknown) [ 17.546459] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.547460] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.548283] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.549116] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.549934] head: 0200000000000002 ffffea00040e5e01 00000000ffffffff 00000000ffffffff [ 17.550746] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.551464] page dumped because: kasan: bad access detected [ 17.552102] [ 17.552341] Memory state around the buggy address: [ 17.553107] ffff888103979f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.553721] ffff88810397a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.554652] >ffff88810397a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.555320] ^ [ 17.555792] ffff88810397a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.556846] ffff88810397a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.557358] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 17.419048] ================================================================== [ 17.419509] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 17.420868] Write of size 1 at addr ffff888102a2e0f0 by task kunit_try_catch/178 [ 17.422161] [ 17.422749] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 17.422860] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.422914] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.422970] Call Trace: [ 17.423009] <TASK> [ 17.423048] dump_stack_lvl+0x73/0xb0 [ 17.423132] print_report+0xd1/0x650 [ 17.423210] ? __virt_addr_valid+0x1db/0x2d0 [ 17.423317] ? krealloc_more_oob_helper+0x7eb/0x930 [ 17.423400] ? kasan_addr_to_slab+0x11/0xa0 [ 17.423471] ? krealloc_more_oob_helper+0x7eb/0x930 [ 17.423549] kasan_report+0x141/0x180 [ 17.423630] ? krealloc_more_oob_helper+0x7eb/0x930 [ 17.423719] __asan_report_store1_noabort+0x1b/0x30 [ 17.423779] krealloc_more_oob_helper+0x7eb/0x930 [ 17.423814] ? __schedule+0x10cc/0x2b60 [ 17.423849] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 17.423909] ? finish_task_switch.isra.0+0x153/0x700 [ 17.423944] ? __switch_to+0x47/0xf50 [ 17.423978] ? __schedule+0x10cc/0x2b60 [ 17.424009] ? __pfx_read_tsc+0x10/0x10 [ 17.424041] krealloc_large_more_oob+0x1c/0x30 [ 17.424074] kunit_try_run_case+0x1a5/0x480 [ 17.424129] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.424174] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.424209] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.424243] ? __kthread_parkme+0x82/0x180 [ 17.424271] ? preempt_count_sub+0x50/0x80 [ 17.424301] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.424335] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.424368] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.424401] kthread+0x337/0x6f0 [ 17.424427] ? trace_preempt_on+0x20/0xc0 [ 17.424457] ? __pfx_kthread+0x10/0x10 [ 17.424485] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.424514] ? calculate_sigpending+0x7b/0xa0 [ 17.424547] ? __pfx_kthread+0x10/0x10 [ 17.424576] ret_from_fork+0x116/0x1d0 [ 17.424600] ? __pfx_kthread+0x10/0x10 [ 17.424628] ret_from_fork_asm+0x1a/0x30 [ 17.424667] </TASK> [ 17.424680] [ 17.445942] The buggy address belongs to the physical page: [ 17.446765] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 17.447645] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.448491] flags: 0x200000000000040(head|node=0|zone=2) [ 17.448909] page_type: f8(unknown) [ 17.449202] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.450271] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.450901] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.451618] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.452192] head: 0200000000000002 ffffea00040a8b01 00000000ffffffff 00000000ffffffff [ 17.453134] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.454051] page dumped because: kasan: bad access detected [ 17.454850] [ 17.455058] Memory state around the buggy address: [ 17.455870] ffff888102a2df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.456764] ffff888102a2e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.457592] >ffff888102a2e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 17.458197] ^ [ 17.458912] ffff888102a2e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.459532] ffff888102a2e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.460124] ================================================================== [ 17.038400] ================================================================== [ 17.038946] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 17.039691] Write of size 1 at addr ffff888100aa6ef0 by task kunit_try_catch/174 [ 17.040433] [ 17.040806] CPU: 1 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 17.040934] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.040971] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.041017] Call Trace: [ 17.041046] <TASK> [ 17.041084] dump_stack_lvl+0x73/0xb0 [ 17.041160] print_report+0xd1/0x650 [ 17.041224] ? __virt_addr_valid+0x1db/0x2d0 [ 17.041291] ? krealloc_more_oob_helper+0x7eb/0x930 [ 17.041367] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.041443] ? krealloc_more_oob_helper+0x7eb/0x930 [ 17.041521] kasan_report+0x141/0x180 [ 17.041620] ? krealloc_more_oob_helper+0x7eb/0x930 [ 17.041716] __asan_report_store1_noabort+0x1b/0x30 [ 17.041794] krealloc_more_oob_helper+0x7eb/0x930 [ 17.041865] ? __schedule+0x10cc/0x2b60 [ 17.041966] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 17.042046] ? finish_task_switch.isra.0+0x153/0x700 [ 17.042119] ? __switch_to+0x47/0xf50 [ 17.042205] ? __schedule+0x10cc/0x2b60 [ 17.042289] ? __pfx_read_tsc+0x10/0x10 [ 17.042368] krealloc_more_oob+0x1c/0x30 [ 17.042443] kunit_try_run_case+0x1a5/0x480 [ 17.042523] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.042594] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.042665] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.042721] ? __kthread_parkme+0x82/0x180 [ 17.042781] ? preempt_count_sub+0x50/0x80 [ 17.042853] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.042953] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.043033] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.043113] kthread+0x337/0x6f0 [ 17.043184] ? trace_preempt_on+0x20/0xc0 [ 17.043263] ? __pfx_kthread+0x10/0x10 [ 17.043336] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.043410] ? calculate_sigpending+0x7b/0xa0 [ 17.043482] ? __pfx_kthread+0x10/0x10 [ 17.043556] ret_from_fork+0x116/0x1d0 [ 17.043621] ? __pfx_kthread+0x10/0x10 [ 17.043695] ret_from_fork_asm+0x1a/0x30 [ 17.043788] </TASK> [ 17.043825] [ 17.060647] Allocated by task 174: [ 17.061041] kasan_save_stack+0x45/0x70 [ 17.061508] kasan_save_track+0x18/0x40 [ 17.061873] kasan_save_alloc_info+0x3b/0x50 [ 17.062528] __kasan_krealloc+0x190/0x1f0 [ 17.062944] krealloc_noprof+0xf3/0x340 [ 17.063528] krealloc_more_oob_helper+0x1a9/0x930 [ 17.064076] krealloc_more_oob+0x1c/0x30 [ 17.064457] kunit_try_run_case+0x1a5/0x480 [ 17.064973] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.065516] kthread+0x337/0x6f0 [ 17.065929] ret_from_fork+0x116/0x1d0 [ 17.066449] ret_from_fork_asm+0x1a/0x30 [ 17.066872] [ 17.067157] The buggy address belongs to the object at ffff888100aa6e00 [ 17.067157] which belongs to the cache kmalloc-256 of size 256 [ 17.068037] The buggy address is located 5 bytes to the right of [ 17.068037] allocated 235-byte region [ffff888100aa6e00, ffff888100aa6eeb) [ 17.069004] [ 17.069297] The buggy address belongs to the physical page: [ 17.069820] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aa6 [ 17.070547] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.071238] flags: 0x200000000000040(head|node=0|zone=2) [ 17.071804] page_type: f5(slab) [ 17.072320] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.072977] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.073652] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.074478] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.075135] head: 0200000000000001 ffffea000402a981 00000000ffffffff 00000000ffffffff [ 17.075829] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.076473] page dumped because: kasan: bad access detected [ 17.076970] [ 17.077248] Memory state around the buggy address: [ 17.077734] ffff888100aa6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.078626] ffff888100aa6e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.079157] >ffff888100aa6e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 17.079775] ^ [ 17.080328] ffff888100aa6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.081034] ffff888100aa6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.081716] ================================================================== [ 16.992362] ================================================================== [ 16.993340] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 16.994091] Write of size 1 at addr ffff888100aa6eeb by task kunit_try_catch/174 [ 16.995039] [ 16.995642] CPU: 1 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 16.995722] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.995741] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.995770] Call Trace: [ 16.995785] <TASK> [ 16.995803] dump_stack_lvl+0x73/0xb0 [ 16.995844] print_report+0xd1/0x650 [ 16.995894] ? __virt_addr_valid+0x1db/0x2d0 [ 16.995970] ? krealloc_more_oob_helper+0x821/0x930 [ 16.996046] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.996226] ? krealloc_more_oob_helper+0x821/0x930 [ 16.996309] kasan_report+0x141/0x180 [ 16.996347] ? krealloc_more_oob_helper+0x821/0x930 [ 16.996433] __asan_report_store1_noabort+0x1b/0x30 [ 16.996475] krealloc_more_oob_helper+0x821/0x930 [ 16.996508] ? __schedule+0x10cc/0x2b60 [ 16.996542] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 16.996576] ? finish_task_switch.isra.0+0x153/0x700 [ 16.996605] ? __switch_to+0x47/0xf50 [ 16.996641] ? __schedule+0x10cc/0x2b60 [ 16.996670] ? __pfx_read_tsc+0x10/0x10 [ 16.996702] krealloc_more_oob+0x1c/0x30 [ 16.996732] kunit_try_run_case+0x1a5/0x480 [ 16.996766] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.996798] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.996830] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.996862] ? __kthread_parkme+0x82/0x180 [ 16.996914] ? preempt_count_sub+0x50/0x80 [ 16.996947] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.996981] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.997013] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.997046] kthread+0x337/0x6f0 [ 16.997072] ? trace_preempt_on+0x20/0xc0 [ 16.997114] ? __pfx_kthread+0x10/0x10 [ 16.997174] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.997207] ? calculate_sigpending+0x7b/0xa0 [ 16.997241] ? __pfx_kthread+0x10/0x10 [ 16.997271] ret_from_fork+0x116/0x1d0 [ 16.997295] ? __pfx_kthread+0x10/0x10 [ 16.997323] ret_from_fork_asm+0x1a/0x30 [ 16.997364] </TASK> [ 16.997378] [ 17.013974] Allocated by task 174: [ 17.014472] kasan_save_stack+0x45/0x70 [ 17.014926] kasan_save_track+0x18/0x40 [ 17.015244] kasan_save_alloc_info+0x3b/0x50 [ 17.015726] __kasan_krealloc+0x190/0x1f0 [ 17.016346] krealloc_noprof+0xf3/0x340 [ 17.016775] krealloc_more_oob_helper+0x1a9/0x930 [ 17.017417] krealloc_more_oob+0x1c/0x30 [ 17.017916] kunit_try_run_case+0x1a5/0x480 [ 17.018452] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.019114] kthread+0x337/0x6f0 [ 17.019480] ret_from_fork+0x116/0x1d0 [ 17.019953] ret_from_fork_asm+0x1a/0x30 [ 17.020555] [ 17.020822] The buggy address belongs to the object at ffff888100aa6e00 [ 17.020822] which belongs to the cache kmalloc-256 of size 256 [ 17.023331] The buggy address is located 0 bytes to the right of [ 17.023331] allocated 235-byte region [ffff888100aa6e00, ffff888100aa6eeb) [ 17.024631] [ 17.024917] The buggy address belongs to the physical page: [ 17.025989] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aa6 [ 17.026925] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.027545] flags: 0x200000000000040(head|node=0|zone=2) [ 17.028057] page_type: f5(slab) [ 17.028446] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.029049] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.029624] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.030298] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.030928] head: 0200000000000001 ffffea000402a981 00000000ffffffff 00000000ffffffff [ 17.031833] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.032423] page dumped because: kasan: bad access detected [ 17.032872] [ 17.033153] Memory state around the buggy address: [ 17.033557] ffff888100aa6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.034165] ffff888100aa6e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.034748] >ffff888100aa6e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 17.035273] ^ [ 17.035867] ffff888100aa6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.036440] ffff888100aa6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.037027] ================================================================== [ 17.379403] ================================================================== [ 17.380353] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 17.381031] Write of size 1 at addr ffff888102a2e0eb by task kunit_try_catch/178 [ 17.381632] [ 17.381900] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 17.382023] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.382063] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.382165] Call Trace: [ 17.382207] <TASK> [ 17.382267] dump_stack_lvl+0x73/0xb0 [ 17.382358] print_report+0xd1/0x650 [ 17.382437] ? __virt_addr_valid+0x1db/0x2d0 [ 17.382516] ? krealloc_more_oob_helper+0x821/0x930 [ 17.382595] ? kasan_addr_to_slab+0x11/0xa0 [ 17.382666] ? krealloc_more_oob_helper+0x821/0x930 [ 17.382746] kasan_report+0x141/0x180 [ 17.382823] ? krealloc_more_oob_helper+0x821/0x930 [ 17.382927] __asan_report_store1_noabort+0x1b/0x30 [ 17.383008] krealloc_more_oob_helper+0x821/0x930 [ 17.383079] ? __schedule+0x10cc/0x2b60 [ 17.383174] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 17.383214] ? finish_task_switch.isra.0+0x153/0x700 [ 17.383248] ? __switch_to+0x47/0xf50 [ 17.383284] ? __schedule+0x10cc/0x2b60 [ 17.383315] ? __pfx_read_tsc+0x10/0x10 [ 17.383350] krealloc_large_more_oob+0x1c/0x30 [ 17.383382] kunit_try_run_case+0x1a5/0x480 [ 17.383419] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.383452] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.383485] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.383517] ? __kthread_parkme+0x82/0x180 [ 17.383544] ? preempt_count_sub+0x50/0x80 [ 17.383573] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.383608] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.383640] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.383673] kthread+0x337/0x6f0 [ 17.383699] ? trace_preempt_on+0x20/0xc0 [ 17.383732] ? __pfx_kthread+0x10/0x10 [ 17.383759] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.383789] ? calculate_sigpending+0x7b/0xa0 [ 17.383823] ? __pfx_kthread+0x10/0x10 [ 17.383852] ret_from_fork+0x116/0x1d0 [ 17.383896] ? __pfx_kthread+0x10/0x10 [ 17.383933] ret_from_fork_asm+0x1a/0x30 [ 17.383977] </TASK> [ 17.383993] [ 17.404439] The buggy address belongs to the physical page: [ 17.404890] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 17.405900] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.406747] flags: 0x200000000000040(head|node=0|zone=2) [ 17.407589] page_type: f8(unknown) [ 17.408099] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.408930] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.409649] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.410515] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.411583] head: 0200000000000002 ffffea00040a8b01 00000000ffffffff 00000000ffffffff [ 17.412145] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.412983] page dumped because: kasan: bad access detected [ 17.413449] [ 17.413679] Memory state around the buggy address: [ 17.414127] ffff888102a2df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.415117] ffff888102a2e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.415932] >ffff888102a2e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 17.416708] ^ [ 17.417529] ffff888102a2e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.418236] ffff888102a2e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.418486] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 16.951320] ================================================================== [ 16.952951] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 16.953497] Read of size 1 at addr ffff888103950000 by task kunit_try_catch/172 [ 16.954930] [ 16.955376] CPU: 1 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 16.955495] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.955567] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.955625] Call Trace: [ 16.955663] <TASK> [ 16.955705] dump_stack_lvl+0x73/0xb0 [ 16.955816] print_report+0xd1/0x650 [ 16.955899] ? __virt_addr_valid+0x1db/0x2d0 [ 16.955981] ? page_alloc_uaf+0x356/0x3d0 [ 16.956061] ? kasan_addr_to_slab+0x11/0xa0 [ 16.956138] ? page_alloc_uaf+0x356/0x3d0 [ 16.956242] kasan_report+0x141/0x180 [ 16.956281] ? page_alloc_uaf+0x356/0x3d0 [ 16.956319] __asan_report_load1_noabort+0x18/0x20 [ 16.956354] page_alloc_uaf+0x356/0x3d0 [ 16.956384] ? __pfx_page_alloc_uaf+0x10/0x10 [ 16.956417] ? __schedule+0x10cc/0x2b60 [ 16.956450] ? __pfx_read_tsc+0x10/0x10 [ 16.956479] ? ktime_get_ts64+0x86/0x230 [ 16.956514] kunit_try_run_case+0x1a5/0x480 [ 16.956617] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.956667] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.956703] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.956737] ? __kthread_parkme+0x82/0x180 [ 16.956765] ? preempt_count_sub+0x50/0x80 [ 16.956795] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.956830] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.956862] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.956920] kthread+0x337/0x6f0 [ 16.956950] ? trace_preempt_on+0x20/0xc0 [ 16.956983] ? __pfx_kthread+0x10/0x10 [ 16.957011] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.957041] ? calculate_sigpending+0x7b/0xa0 [ 16.957074] ? __pfx_kthread+0x10/0x10 [ 16.957110] ret_from_fork+0x116/0x1d0 [ 16.957164] ? __pfx_kthread+0x10/0x10 [ 16.957194] ret_from_fork_asm+0x1a/0x30 [ 16.957237] </TASK> [ 16.957252] [ 16.973217] The buggy address belongs to the physical page: [ 16.974005] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103950 [ 16.975350] flags: 0x200000000000000(node=0|zone=2) [ 16.975997] page_type: f0(buddy) [ 16.976408] raw: 0200000000000000 ffff88817fffb460 ffff88817fffb460 0000000000000000 [ 16.977265] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 16.979782] page dumped because: kasan: bad access detected [ 16.980380] [ 16.980616] Memory state around the buggy address: [ 16.981137] ffff88810394ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.981895] ffff88810394ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.983071] >ffff888103950000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.983916] ^ [ 16.984308] ffff888103950080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.985184] ffff888103950100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.986164] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kfree
[ 16.896014] ================================================================== [ 16.897944] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 16.898608] Free of addr ffff888102a2c001 by task kunit_try_catch/168 [ 16.899284] [ 16.899600] CPU: 1 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 16.899715] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.899977] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.900065] Call Trace: [ 16.900102] <TASK> [ 16.900161] dump_stack_lvl+0x73/0xb0 [ 16.900249] print_report+0xd1/0x650 [ 16.900474] ? __virt_addr_valid+0x1db/0x2d0 [ 16.900629] ? kasan_addr_to_slab+0x11/0xa0 [ 16.900668] ? kfree+0x274/0x3f0 [ 16.900701] kasan_report_invalid_free+0x10a/0x130 [ 16.900737] ? kfree+0x274/0x3f0 [ 16.900769] ? kfree+0x274/0x3f0 [ 16.900798] __kasan_kfree_large+0x86/0xd0 [ 16.900829] free_large_kmalloc+0x4b/0x110 [ 16.900862] kfree+0x274/0x3f0 [ 16.900952] kmalloc_large_invalid_free+0x120/0x2b0 [ 16.901001] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 16.901036] ? __schedule+0x10cc/0x2b60 [ 16.901069] ? __pfx_read_tsc+0x10/0x10 [ 16.901097] ? ktime_get_ts64+0x86/0x230 [ 16.901157] kunit_try_run_case+0x1a5/0x480 [ 16.901195] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.901230] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.901263] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.901295] ? __kthread_parkme+0x82/0x180 [ 16.901322] ? preempt_count_sub+0x50/0x80 [ 16.901353] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.901387] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.901419] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.901452] kthread+0x337/0x6f0 [ 16.901478] ? trace_preempt_on+0x20/0xc0 [ 16.901516] ? __pfx_kthread+0x10/0x10 [ 16.901603] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.901663] ? calculate_sigpending+0x7b/0xa0 [ 16.901701] ? __pfx_kthread+0x10/0x10 [ 16.901731] ret_from_fork+0x116/0x1d0 [ 16.901756] ? __pfx_kthread+0x10/0x10 [ 16.901784] ret_from_fork_asm+0x1a/0x30 [ 16.901825] </TASK> [ 16.901841] [ 16.925249] The buggy address belongs to the physical page: [ 16.925803] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 16.926676] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.927362] flags: 0x200000000000040(head|node=0|zone=2) [ 16.928171] page_type: f8(unknown) [ 16.928987] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.929923] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.930831] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.931714] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.932674] head: 0200000000000002 ffffea00040a8b01 00000000ffffffff 00000000ffffffff [ 16.933558] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.934439] page dumped because: kasan: bad access detected [ 16.935130] [ 16.935495] Memory state around the buggy address: [ 16.936513] ffff888102a2bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.937486] ffff888102a2bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.938277] >ffff888102a2c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.939336] ^ [ 16.939916] ffff888102a2c080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.940984] ffff888102a2c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.941746] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 16.861077] ================================================================== [ 16.862102] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 16.862949] Read of size 1 at addr ffff888102324000 by task kunit_try_catch/166 [ 16.863700] [ 16.864510] CPU: 0 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 16.864574] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.864591] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.864620] Call Trace: [ 16.864636] <TASK> [ 16.864654] dump_stack_lvl+0x73/0xb0 [ 16.864695] print_report+0xd1/0x650 [ 16.864726] ? __virt_addr_valid+0x1db/0x2d0 [ 16.864757] ? kmalloc_large_uaf+0x2f1/0x340 [ 16.864785] ? kasan_addr_to_slab+0x11/0xa0 [ 16.864813] ? kmalloc_large_uaf+0x2f1/0x340 [ 16.864842] kasan_report+0x141/0x180 [ 16.864872] ? kmalloc_large_uaf+0x2f1/0x340 [ 16.864937] __asan_report_load1_noabort+0x18/0x20 [ 16.864974] kmalloc_large_uaf+0x2f1/0x340 [ 16.865003] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 16.865033] ? __schedule+0x10cc/0x2b60 [ 16.865064] ? __pfx_read_tsc+0x10/0x10 [ 16.865092] ? ktime_get_ts64+0x86/0x230 [ 16.865161] kunit_try_run_case+0x1a5/0x480 [ 16.865204] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.865239] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.865272] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.865305] ? __kthread_parkme+0x82/0x180 [ 16.865333] ? preempt_count_sub+0x50/0x80 [ 16.865364] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.865398] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.865431] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.865464] kthread+0x337/0x6f0 [ 16.865490] ? trace_preempt_on+0x20/0xc0 [ 16.865521] ? __pfx_kthread+0x10/0x10 [ 16.865550] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.865579] ? calculate_sigpending+0x7b/0xa0 [ 16.865612] ? __pfx_kthread+0x10/0x10 [ 16.865641] ret_from_fork+0x116/0x1d0 [ 16.865666] ? __pfx_kthread+0x10/0x10 [ 16.865693] ret_from_fork_asm+0x1a/0x30 [ 16.865733] </TASK> [ 16.865747] [ 16.880719] The buggy address belongs to the physical page: [ 16.881307] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102324 [ 16.882072] flags: 0x200000000000000(node=0|zone=2) [ 16.882724] raw: 0200000000000000 ffff88815b039f80 ffff88815b039f80 0000000000000000 [ 16.883486] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 16.884204] page dumped because: kasan: bad access detected [ 16.884637] [ 16.884930] Memory state around the buggy address: [ 16.885522] ffff888102323f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.886273] ffff888102323f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.886977] >ffff888102324000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.887647] ^ [ 16.887997] ffff888102324080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.888465] ffff888102324100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.889241] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 16.810092] ================================================================== [ 16.811069] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 16.811631] Write of size 1 at addr ffff88810232600a by task kunit_try_catch/164 [ 16.812727] [ 16.813157] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 16.813280] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.813353] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.813419] Call Trace: [ 16.813483] <TASK> [ 16.813671] dump_stack_lvl+0x73/0xb0 [ 16.813763] print_report+0xd1/0x650 [ 16.813839] ? __virt_addr_valid+0x1db/0x2d0 [ 16.813907] ? kmalloc_large_oob_right+0x2e9/0x330 [ 16.813943] ? kasan_addr_to_slab+0x11/0xa0 [ 16.813972] ? kmalloc_large_oob_right+0x2e9/0x330 [ 16.814004] kasan_report+0x141/0x180 [ 16.814035] ? kmalloc_large_oob_right+0x2e9/0x330 [ 16.814072] __asan_report_store1_noabort+0x1b/0x30 [ 16.814106] kmalloc_large_oob_right+0x2e9/0x330 [ 16.814138] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 16.814171] ? __schedule+0x10cc/0x2b60 [ 16.814240] ? __pfx_read_tsc+0x10/0x10 [ 16.814289] ? ktime_get_ts64+0x86/0x230 [ 16.814324] kunit_try_run_case+0x1a5/0x480 [ 16.814361] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.814394] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.814427] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.814459] ? __kthread_parkme+0x82/0x180 [ 16.814486] ? preempt_count_sub+0x50/0x80 [ 16.814531] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.814642] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.814683] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.814719] kthread+0x337/0x6f0 [ 16.814749] ? trace_preempt_on+0x20/0xc0 [ 16.814782] ? __pfx_kthread+0x10/0x10 [ 16.814811] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.814842] ? calculate_sigpending+0x7b/0xa0 [ 16.814895] ? __pfx_kthread+0x10/0x10 [ 16.814937] ret_from_fork+0x116/0x1d0 [ 16.814965] ? __pfx_kthread+0x10/0x10 [ 16.814993] ret_from_fork_asm+0x1a/0x30 [ 16.815034] </TASK> [ 16.815049] [ 16.841242] The buggy address belongs to the physical page: [ 16.841935] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102324 [ 16.842733] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.843388] flags: 0x200000000000040(head|node=0|zone=2) [ 16.844069] page_type: f8(unknown) [ 16.844572] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.845509] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.846302] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.847120] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.848093] head: 0200000000000002 ffffea000408c901 00000000ffffffff 00000000ffffffff [ 16.848737] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.849355] page dumped because: kasan: bad access detected [ 16.849802] [ 16.850291] Memory state around the buggy address: [ 16.850676] ffff888102325f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.851374] ffff888102325f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.852524] >ffff888102326000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.853238] ^ [ 16.853851] ffff888102326080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.854582] ffff888102326100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.855523] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 16.751319] ================================================================== [ 16.752678] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 16.753692] Write of size 1 at addr ffff888102a0df00 by task kunit_try_catch/162 [ 16.754349] [ 16.754695] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 16.754856] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.754913] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.754970] Call Trace: [ 16.755004] <TASK> [ 16.755096] dump_stack_lvl+0x73/0xb0 [ 16.755213] print_report+0xd1/0x650 [ 16.755331] ? __virt_addr_valid+0x1db/0x2d0 [ 16.755379] ? kmalloc_big_oob_right+0x316/0x370 [ 16.755413] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.755445] ? kmalloc_big_oob_right+0x316/0x370 [ 16.755477] kasan_report+0x141/0x180 [ 16.755510] ? kmalloc_big_oob_right+0x316/0x370 [ 16.755591] __asan_report_store1_noabort+0x1b/0x30 [ 16.755657] kmalloc_big_oob_right+0x316/0x370 [ 16.755692] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 16.755726] ? __schedule+0x10cc/0x2b60 [ 16.755759] ? __pfx_read_tsc+0x10/0x10 [ 16.755788] ? ktime_get_ts64+0x86/0x230 [ 16.755819] kunit_try_run_case+0x1a5/0x480 [ 16.755854] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.755913] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.755952] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.755986] ? __kthread_parkme+0x82/0x180 [ 16.756014] ? preempt_count_sub+0x50/0x80 [ 16.756044] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.756078] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.756129] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.756175] kthread+0x337/0x6f0 [ 16.756205] ? trace_preempt_on+0x20/0xc0 [ 16.756237] ? __pfx_kthread+0x10/0x10 [ 16.756265] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.756296] ? calculate_sigpending+0x7b/0xa0 [ 16.756331] ? __pfx_kthread+0x10/0x10 [ 16.756360] ret_from_fork+0x116/0x1d0 [ 16.756384] ? __pfx_kthread+0x10/0x10 [ 16.756411] ret_from_fork_asm+0x1a/0x30 [ 16.756451] </TASK> [ 16.756465] [ 16.776306] Allocated by task 162: [ 16.777104] kasan_save_stack+0x45/0x70 [ 16.778007] kasan_save_track+0x18/0x40 [ 16.778293] kasan_save_alloc_info+0x3b/0x50 [ 16.779327] __kasan_kmalloc+0xb7/0xc0 [ 16.779761] __kmalloc_cache_noprof+0x189/0x420 [ 16.780835] kmalloc_big_oob_right+0xa9/0x370 [ 16.781583] kunit_try_run_case+0x1a5/0x480 [ 16.782307] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.783190] kthread+0x337/0x6f0 [ 16.783614] ret_from_fork+0x116/0x1d0 [ 16.784421] ret_from_fork_asm+0x1a/0x30 [ 16.785021] [ 16.785212] The buggy address belongs to the object at ffff888102a0c000 [ 16.785212] which belongs to the cache kmalloc-8k of size 8192 [ 16.786979] The buggy address is located 0 bytes to the right of [ 16.786979] allocated 7936-byte region [ffff888102a0c000, ffff888102a0df00) [ 16.788597] [ 16.789057] The buggy address belongs to the physical page: [ 16.789692] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a08 [ 16.790800] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.791971] flags: 0x200000000000040(head|node=0|zone=2) [ 16.792394] page_type: f5(slab) [ 16.793245] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 16.794140] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 16.794698] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 16.795397] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 16.796692] head: 0200000000000003 ffffea00040a8201 00000000ffffffff 00000000ffffffff [ 16.797238] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 16.798059] page dumped because: kasan: bad access detected [ 16.798933] [ 16.799092] Memory state around the buggy address: [ 16.799477] ffff888102a0de00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.800694] ffff888102a0de80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.801400] >ffff888102a0df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.802221] ^ [ 16.802500] ffff888102a0df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.803439] ffff888102a0e000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.804304] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 16.642312] ================================================================== [ 16.643650] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 16.645091] Write of size 1 at addr ffff8881038d5078 by task kunit_try_catch/160 [ 16.645744] [ 16.645868] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 16.646006] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.646284] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.646354] Call Trace: [ 16.646385] <TASK> [ 16.646424] dump_stack_lvl+0x73/0xb0 [ 16.646472] print_report+0xd1/0x650 [ 16.646508] ? __virt_addr_valid+0x1db/0x2d0 [ 16.646724] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 16.646789] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.646824] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 16.646895] kasan_report+0x141/0x180 [ 16.646939] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 16.646996] __asan_report_store1_noabort+0x1b/0x30 [ 16.647039] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 16.647092] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 16.647133] ? __schedule+0x10cc/0x2b60 [ 16.647182] ? __pfx_read_tsc+0x10/0x10 [ 16.647256] ? ktime_get_ts64+0x86/0x230 [ 16.647296] kunit_try_run_case+0x1a5/0x480 [ 16.647381] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.647419] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.647454] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.647487] ? __kthread_parkme+0x82/0x180 [ 16.647524] ? preempt_count_sub+0x50/0x80 [ 16.647642] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.647679] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.647712] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.647745] kthread+0x337/0x6f0 [ 16.647773] ? trace_preempt_on+0x20/0xc0 [ 16.647806] ? __pfx_kthread+0x10/0x10 [ 16.647834] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.647863] ? calculate_sigpending+0x7b/0xa0 [ 16.647925] ? __pfx_kthread+0x10/0x10 [ 16.647956] ret_from_fork+0x116/0x1d0 [ 16.647982] ? __pfx_kthread+0x10/0x10 [ 16.648010] ret_from_fork_asm+0x1a/0x30 [ 16.648051] </TASK> [ 16.648066] [ 16.671191] Allocated by task 160: [ 16.671519] kasan_save_stack+0x45/0x70 [ 16.672013] kasan_save_track+0x18/0x40 [ 16.672682] kasan_save_alloc_info+0x3b/0x50 [ 16.673119] __kasan_kmalloc+0xb7/0xc0 [ 16.673449] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 16.673866] kmalloc_track_caller_oob_right+0x99/0x520 [ 16.674967] kunit_try_run_case+0x1a5/0x480 [ 16.675774] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.676445] kthread+0x337/0x6f0 [ 16.677335] ret_from_fork+0x116/0x1d0 [ 16.678315] ret_from_fork_asm+0x1a/0x30 [ 16.678676] [ 16.679035] The buggy address belongs to the object at ffff8881038d5000 [ 16.679035] which belongs to the cache kmalloc-128 of size 128 [ 16.680682] The buggy address is located 0 bytes to the right of [ 16.680682] allocated 120-byte region [ffff8881038d5000, ffff8881038d5078) [ 16.681913] [ 16.682183] The buggy address belongs to the physical page: [ 16.682874] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038d5 [ 16.683750] flags: 0x200000000000000(node=0|zone=2) [ 16.684523] page_type: f5(slab) [ 16.684977] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.686386] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.687012] page dumped because: kasan: bad access detected [ 16.687629] [ 16.687859] Memory state around the buggy address: [ 16.688378] ffff8881038d4f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.689335] ffff8881038d4f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.690121] >ffff8881038d5000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.691047] ^ [ 16.692081] ffff8881038d5080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.692851] ffff8881038d5100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.693722] ================================================================== [ 16.695906] ================================================================== [ 16.696528] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b1/0x520 [ 16.697437] Write of size 1 at addr ffff8881038d5178 by task kunit_try_catch/160 [ 16.698245] [ 16.698539] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 16.698660] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.698697] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.698756] Call Trace: [ 16.698791] <TASK> [ 16.698836] dump_stack_lvl+0x73/0xb0 [ 16.698942] print_report+0xd1/0x650 [ 16.699021] ? __virt_addr_valid+0x1db/0x2d0 [ 16.699080] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 16.699178] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.699256] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 16.699332] kasan_report+0x141/0x180 [ 16.699404] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 16.699491] __asan_report_store1_noabort+0x1b/0x30 [ 16.699572] kmalloc_track_caller_oob_right+0x4b1/0x520 [ 16.699657] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 16.699720] ? __schedule+0x10cc/0x2b60 [ 16.699755] ? __pfx_read_tsc+0x10/0x10 [ 16.699786] ? ktime_get_ts64+0x86/0x230 [ 16.699818] kunit_try_run_case+0x1a5/0x480 [ 16.699854] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.699914] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.699951] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.699985] ? __kthread_parkme+0x82/0x180 [ 16.700013] ? preempt_count_sub+0x50/0x80 [ 16.700044] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.700078] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.700110] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.700145] kthread+0x337/0x6f0 [ 16.700172] ? trace_preempt_on+0x20/0xc0 [ 16.700222] ? __pfx_kthread+0x10/0x10 [ 16.700264] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.700297] ? calculate_sigpending+0x7b/0xa0 [ 16.700332] ? __pfx_kthread+0x10/0x10 [ 16.700361] ret_from_fork+0x116/0x1d0 [ 16.700386] ? __pfx_kthread+0x10/0x10 [ 16.700414] ret_from_fork_asm+0x1a/0x30 [ 16.700453] </TASK> [ 16.700468] [ 16.722370] Allocated by task 160: [ 16.722994] kasan_save_stack+0x45/0x70 [ 16.723874] kasan_save_track+0x18/0x40 [ 16.724627] kasan_save_alloc_info+0x3b/0x50 [ 16.725251] __kasan_kmalloc+0xb7/0xc0 [ 16.725843] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 16.726459] kmalloc_track_caller_oob_right+0x19a/0x520 [ 16.726964] kunit_try_run_case+0x1a5/0x480 [ 16.727869] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.728478] kthread+0x337/0x6f0 [ 16.729313] ret_from_fork+0x116/0x1d0 [ 16.729857] ret_from_fork_asm+0x1a/0x30 [ 16.730705] [ 16.730873] The buggy address belongs to the object at ffff8881038d5100 [ 16.730873] which belongs to the cache kmalloc-128 of size 128 [ 16.731918] The buggy address is located 0 bytes to the right of [ 16.731918] allocated 120-byte region [ffff8881038d5100, ffff8881038d5178) [ 16.733735] [ 16.733912] The buggy address belongs to the physical page: [ 16.734966] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038d5 [ 16.735679] flags: 0x200000000000000(node=0|zone=2) [ 16.736095] page_type: f5(slab) [ 16.736586] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.737700] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.738466] page dumped because: kasan: bad access detected [ 16.739435] [ 16.739697] Memory state around the buggy address: [ 16.740539] ffff8881038d5000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.741075] ffff8881038d5080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.741611] >ffff8881038d5100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.742822] ^ [ 16.743979] ffff8881038d5180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.744791] ffff8881038d5200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.745413] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 16.580117] ================================================================== [ 16.580967] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 16.582113] Read of size 1 at addr ffff8881027e5000 by task kunit_try_catch/158 [ 16.582748] [ 16.583056] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 16.583178] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.583215] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.583279] Call Trace: [ 16.583316] <TASK> [ 16.583363] dump_stack_lvl+0x73/0xb0 [ 16.583456] print_report+0xd1/0x650 [ 16.583534] ? __virt_addr_valid+0x1db/0x2d0 [ 16.583612] ? kmalloc_node_oob_right+0x369/0x3c0 [ 16.583654] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.583687] ? kmalloc_node_oob_right+0x369/0x3c0 [ 16.583722] kasan_report+0x141/0x180 [ 16.583757] ? kmalloc_node_oob_right+0x369/0x3c0 [ 16.583845] __asan_report_load1_noabort+0x18/0x20 [ 16.584228] kmalloc_node_oob_right+0x369/0x3c0 [ 16.584305] ? irqentry_exit+0x2a/0x60 [ 16.584386] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 16.584466] ? trace_hardirqs_on+0x37/0xe0 [ 16.584686] ? irqentry_exit+0x2a/0x60 [ 16.584738] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 16.584773] ? __pfx_read_tsc+0x10/0x10 [ 16.584805] ? ktime_get_ts64+0x86/0x230 [ 16.584839] kunit_try_run_case+0x1a5/0x480 [ 16.584901] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.584943] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.584978] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.585011] ? __kthread_parkme+0x82/0x180 [ 16.585039] ? preempt_count_sub+0x50/0x80 [ 16.585070] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.585117] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.585173] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.585208] kthread+0x337/0x6f0 [ 16.585237] ? trace_preempt_on+0x20/0xc0 [ 16.585267] ? __pfx_kthread+0x10/0x10 [ 16.585296] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.585326] ? calculate_sigpending+0x7b/0xa0 [ 16.585360] ? __pfx_kthread+0x10/0x10 [ 16.585389] ret_from_fork+0x116/0x1d0 [ 16.585413] ? __pfx_kthread+0x10/0x10 [ 16.585441] ret_from_fork_asm+0x1a/0x30 [ 16.585483] </TASK> [ 16.585498] [ 16.608792] Allocated by task 158: [ 16.609101] kasan_save_stack+0x45/0x70 [ 16.609416] kasan_save_track+0x18/0x40 [ 16.609728] kasan_save_alloc_info+0x3b/0x50 [ 16.610090] __kasan_kmalloc+0xb7/0xc0 [ 16.610415] __kmalloc_cache_node_noprof+0x188/0x420 [ 16.610907] kmalloc_node_oob_right+0xab/0x3c0 [ 16.611397] kunit_try_run_case+0x1a5/0x480 [ 16.611834] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.612693] kthread+0x337/0x6f0 [ 16.613189] ret_from_fork+0x116/0x1d0 [ 16.614170] ret_from_fork_asm+0x1a/0x30 [ 16.615006] [ 16.615569] The buggy address belongs to the object at ffff8881027e4000 [ 16.615569] which belongs to the cache kmalloc-4k of size 4096 [ 16.617064] The buggy address is located 0 bytes to the right of [ 16.617064] allocated 4096-byte region [ffff8881027e4000, ffff8881027e5000) [ 16.618824] [ 16.619004] The buggy address belongs to the physical page: [ 16.619702] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e0 [ 16.621306] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.622034] flags: 0x200000000000040(head|node=0|zone=2) [ 16.622657] page_type: f5(slab) [ 16.623515] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 16.624990] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 16.625449] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 16.626468] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 16.627514] head: 0200000000000003 ffffea000409f801 00000000ffffffff 00000000ffffffff [ 16.628401] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 16.629672] page dumped because: kasan: bad access detected [ 16.630485] [ 16.630965] Memory state around the buggy address: [ 16.631765] ffff8881027e4f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.632407] ffff8881027e4f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.633207] >ffff8881027e5000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.634118] ^ [ 16.634491] ffff8881027e5080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.635239] ffff8881027e5100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.635779] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 16.500698] ================================================================== [ 16.501683] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 16.502273] Read of size 1 at addr ffff888101e49e3f by task kunit_try_catch/156 [ 16.502778] [ 16.504066] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 16.504176] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.504196] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.504230] Call Trace: [ 16.504246] <TASK> [ 16.504266] dump_stack_lvl+0x73/0xb0 [ 16.504310] print_report+0xd1/0x650 [ 16.504341] ? __virt_addr_valid+0x1db/0x2d0 [ 16.504374] ? kmalloc_oob_left+0x361/0x3c0 [ 16.504404] ? kasan_complete_mode_report_info+0x64/0x200 [ 16.504434] ? kmalloc_oob_left+0x361/0x3c0 [ 16.504464] kasan_report+0x141/0x180 [ 16.504494] ? kmalloc_oob_left+0x361/0x3c0 [ 16.504602] __asan_report_load1_noabort+0x18/0x20 [ 16.504666] kmalloc_oob_left+0x361/0x3c0 [ 16.504701] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 16.504733] ? __schedule+0x10cc/0x2b60 [ 16.504767] ? __pfx_read_tsc+0x10/0x10 [ 16.504797] ? ktime_get_ts64+0x86/0x230 [ 16.504831] kunit_try_run_case+0x1a5/0x480 [ 16.504867] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.504932] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.504969] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.505002] ? __kthread_parkme+0x82/0x180 [ 16.505030] ? preempt_count_sub+0x50/0x80 [ 16.505061] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.505096] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.505169] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.505207] kthread+0x337/0x6f0 [ 16.505235] ? trace_preempt_on+0x20/0xc0 [ 16.505269] ? __pfx_kthread+0x10/0x10 [ 16.505297] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.505329] ? calculate_sigpending+0x7b/0xa0 [ 16.505363] ? __pfx_kthread+0x10/0x10 [ 16.505392] ret_from_fork+0x116/0x1d0 [ 16.505417] ? __pfx_kthread+0x10/0x10 [ 16.505445] ret_from_fork_asm+0x1a/0x30 [ 16.505487] </TASK> [ 16.505500] [ 16.526945] Allocated by task 1: [ 16.527867] kasan_save_stack+0x45/0x70 [ 16.528357] kasan_save_track+0x18/0x40 [ 16.529051] kasan_save_alloc_info+0x3b/0x50 [ 16.529465] __kasan_kmalloc+0xb7/0xc0 [ 16.530250] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 16.530829] kvasprintf+0xc5/0x150 [ 16.531108] __kthread_create_on_node+0x18b/0x3a0 [ 16.531938] kthread_create_on_node+0xab/0xe0 [ 16.532425] cryptomgr_notify+0x704/0x9f0 [ 16.533088] notifier_call_chain+0xcb/0x250 [ 16.534077] blocking_notifier_call_chain+0x64/0x90 [ 16.534998] crypto_alg_mod_lookup+0x21f/0x440 [ 16.535642] crypto_alloc_tfm_node+0xc5/0x1f0 [ 16.536298] crypto_alloc_sig+0x23/0x30 [ 16.537097] public_key_verify_signature+0x208/0x9f0 [ 16.537526] x509_check_for_self_signed+0x2cb/0x480 [ 16.537934] x509_cert_parse+0x59c/0x830 [ 16.538936] x509_key_preparse+0x68/0x8a0 [ 16.539972] asymmetric_key_preparse+0xb1/0x160 [ 16.540334] __key_create_or_update+0x43d/0xcc0 [ 16.541172] key_create_or_update+0x17/0x20 [ 16.541652] x509_load_certificate_list+0x174/0x200 [ 16.542152] regulatory_init_db+0xee/0x3a0 [ 16.543039] do_one_initcall+0xd8/0x370 [ 16.543776] kernel_init_freeable+0x420/0x6f0 [ 16.544681] kernel_init+0x23/0x1e0 [ 16.545322] ret_from_fork+0x116/0x1d0 [ 16.545990] ret_from_fork_asm+0x1a/0x30 [ 16.546783] [ 16.547021] Freed by task 0: [ 16.547901] kasan_save_stack+0x45/0x70 [ 16.548467] kasan_save_track+0x18/0x40 [ 16.548914] kasan_save_free_info+0x3f/0x60 [ 16.549688] __kasan_slab_free+0x56/0x70 [ 16.550076] kfree+0x222/0x3f0 [ 16.551033] free_kthread_struct+0xeb/0x150 [ 16.551696] free_task+0xf3/0x130 [ 16.552091] __put_task_struct+0x1c8/0x480 [ 16.552535] delayed_put_task_struct+0x10a/0x150 [ 16.552965] rcu_core+0x66f/0x1c40 [ 16.553355] rcu_core_si+0x12/0x20 [ 16.553945] handle_softirqs+0x209/0x730 [ 16.554375] __irq_exit_rcu+0xc9/0x110 [ 16.554868] irq_exit_rcu+0x12/0x20 [ 16.555200] sysvec_apic_timer_interrupt+0x81/0x90 [ 16.555674] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 16.556348] [ 16.556593] The buggy address belongs to the object at ffff888101e49e20 [ 16.556593] which belongs to the cache kmalloc-16 of size 16 [ 16.557504] The buggy address is located 15 bytes to the right of [ 16.557504] allocated 16-byte region [ffff888101e49e20, ffff888101e49e30) [ 16.558523] [ 16.558716] The buggy address belongs to the physical page: [ 16.559449] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e49 [ 16.560159] flags: 0x200000000000000(node=0|zone=2) [ 16.560552] page_type: f5(slab) [ 16.560919] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.562207] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.562896] page dumped because: kasan: bad access detected [ 16.563341] [ 16.563635] Memory state around the buggy address: [ 16.564116] ffff888101e49d00: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 16.564569] ffff888101e49d80: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 16.567006] >ffff888101e49e00: fa fb fc fc fa fb fc fc 00 07 fc fc fc fc fc fc [ 16.569983] ^ [ 16.571291] ffff888101e49e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.571689] ffff888101e49f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.572111] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 16.364063] ================================================================== [ 16.365131] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 16.366351] Write of size 1 at addr ffff8881029def73 by task kunit_try_catch/154 [ 16.367207] [ 16.369173] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 16.369675] Tainted: [N]=TEST [ 16.369722] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.370034] Call Trace: [ 16.370177] <TASK> [ 16.370374] dump_stack_lvl+0x73/0xb0 [ 16.370488] print_report+0xd1/0x650 [ 16.370920] ? __virt_addr_valid+0x1db/0x2d0 [ 16.370970] ? kmalloc_oob_right+0x6f0/0x7f0 [ 16.371001] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.371032] ? kmalloc_oob_right+0x6f0/0x7f0 [ 16.371062] kasan_report+0x141/0x180 [ 16.371092] ? kmalloc_oob_right+0x6f0/0x7f0 [ 16.371167] __asan_report_store1_noabort+0x1b/0x30 [ 16.371206] kmalloc_oob_right+0x6f0/0x7f0 [ 16.371238] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 16.371269] ? __schedule+0x10cc/0x2b60 [ 16.371302] ? __pfx_read_tsc+0x10/0x10 [ 16.371331] ? ktime_get_ts64+0x86/0x230 [ 16.371364] kunit_try_run_case+0x1a5/0x480 [ 16.371400] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.371433] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.371466] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.371498] ? __kthread_parkme+0x82/0x180 [ 16.371567] ? preempt_count_sub+0x50/0x80 [ 16.371649] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.371688] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.371721] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.371754] kthread+0x337/0x6f0 [ 16.371781] ? trace_preempt_on+0x20/0xc0 [ 16.371814] ? __pfx_kthread+0x10/0x10 [ 16.371841] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.371871] ? calculate_sigpending+0x7b/0xa0 [ 16.371932] ? __pfx_kthread+0x10/0x10 [ 16.371962] ret_from_fork+0x116/0x1d0 [ 16.371987] ? __pfx_kthread+0x10/0x10 [ 16.372015] ret_from_fork_asm+0x1a/0x30 [ 16.372095] </TASK> [ 16.372227] [ 16.387791] Allocated by task 154: [ 16.388432] kasan_save_stack+0x45/0x70 [ 16.388987] kasan_save_track+0x18/0x40 [ 16.389470] kasan_save_alloc_info+0x3b/0x50 [ 16.390129] __kasan_kmalloc+0xb7/0xc0 [ 16.390717] __kmalloc_cache_noprof+0x189/0x420 [ 16.391264] kmalloc_oob_right+0xa9/0x7f0 [ 16.391833] kunit_try_run_case+0x1a5/0x480 [ 16.392350] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.392965] kthread+0x337/0x6f0 [ 16.393376] ret_from_fork+0x116/0x1d0 [ 16.393798] ret_from_fork_asm+0x1a/0x30 [ 16.394655] [ 16.395036] The buggy address belongs to the object at ffff8881029def00 [ 16.395036] which belongs to the cache kmalloc-128 of size 128 [ 16.396279] The buggy address is located 0 bytes to the right of [ 16.396279] allocated 115-byte region [ffff8881029def00, ffff8881029def73) [ 16.397195] [ 16.397535] The buggy address belongs to the physical page: [ 16.398625] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029de [ 16.400069] flags: 0x200000000000000(node=0|zone=2) [ 16.401641] page_type: f5(slab) [ 16.402748] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.403325] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.404218] page dumped because: kasan: bad access detected [ 16.404898] [ 16.405161] Memory state around the buggy address: [ 16.406340] ffff8881029dee00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.407082] ffff8881029dee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.407892] >ffff8881029def00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.408688] ^ [ 16.409301] ffff8881029def80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.409731] ffff8881029df000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.410736] ================================================================== [ 16.455216] ================================================================== [ 16.455917] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 16.456547] Read of size 1 at addr ffff8881029def80 by task kunit_try_catch/154 [ 16.457250] [ 16.457460] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 16.457570] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.457671] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.457753] Call Trace: [ 16.457793] <TASK> [ 16.457858] dump_stack_lvl+0x73/0xb0 [ 16.457988] print_report+0xd1/0x650 [ 16.458070] ? __virt_addr_valid+0x1db/0x2d0 [ 16.458187] ? kmalloc_oob_right+0x68a/0x7f0 [ 16.458265] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.458337] ? kmalloc_oob_right+0x68a/0x7f0 [ 16.458408] kasan_report+0x141/0x180 [ 16.458479] ? kmalloc_oob_right+0x68a/0x7f0 [ 16.458559] __asan_report_load1_noabort+0x18/0x20 [ 16.458638] kmalloc_oob_right+0x68a/0x7f0 [ 16.458757] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 16.458835] ? __schedule+0x10cc/0x2b60 [ 16.458957] ? __pfx_read_tsc+0x10/0x10 [ 16.459032] ? ktime_get_ts64+0x86/0x230 [ 16.459143] kunit_try_run_case+0x1a5/0x480 [ 16.459227] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.459291] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.459327] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.459362] ? __kthread_parkme+0x82/0x180 [ 16.459393] ? preempt_count_sub+0x50/0x80 [ 16.459424] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.459458] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.459491] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.459524] kthread+0x337/0x6f0 [ 16.459550] ? trace_preempt_on+0x20/0xc0 [ 16.459580] ? __pfx_kthread+0x10/0x10 [ 16.459608] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.459639] ? calculate_sigpending+0x7b/0xa0 [ 16.459672] ? __pfx_kthread+0x10/0x10 [ 16.459701] ret_from_fork+0x116/0x1d0 [ 16.459725] ? __pfx_kthread+0x10/0x10 [ 16.459755] ret_from_fork_asm+0x1a/0x30 [ 16.459795] </TASK> [ 16.459810] [ 16.473623] Allocated by task 154: [ 16.474062] kasan_save_stack+0x45/0x70 [ 16.474608] kasan_save_track+0x18/0x40 [ 16.475077] kasan_save_alloc_info+0x3b/0x50 [ 16.475640] __kasan_kmalloc+0xb7/0xc0 [ 16.476058] __kmalloc_cache_noprof+0x189/0x420 [ 16.476592] kmalloc_oob_right+0xa9/0x7f0 [ 16.477082] kunit_try_run_case+0x1a5/0x480 [ 16.477541] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.478061] kthread+0x337/0x6f0 [ 16.478547] ret_from_fork+0x116/0x1d0 [ 16.478982] ret_from_fork_asm+0x1a/0x30 [ 16.479443] [ 16.479680] The buggy address belongs to the object at ffff8881029def00 [ 16.479680] which belongs to the cache kmalloc-128 of size 128 [ 16.481024] The buggy address is located 13 bytes to the right of [ 16.481024] allocated 115-byte region [ffff8881029def00, ffff8881029def73) [ 16.483815] [ 16.484016] The buggy address belongs to the physical page: [ 16.485063] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029de [ 16.486299] flags: 0x200000000000000(node=0|zone=2) [ 16.486646] page_type: f5(slab) [ 16.487039] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.487784] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.488777] page dumped because: kasan: bad access detected [ 16.489212] [ 16.489467] Memory state around the buggy address: [ 16.490060] ffff8881029dee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.490919] ffff8881029def00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.491695] >ffff8881029def80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.492781] ^ [ 16.493086] ffff8881029df000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.493790] ffff8881029df080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.494612] ================================================================== [ 16.414701] ================================================================== [ 16.415299] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 16.415844] Write of size 1 at addr ffff8881029def78 by task kunit_try_catch/154 [ 16.416844] [ 16.417086] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 16.417238] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.417273] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.417535] Call Trace: [ 16.417584] <TASK> [ 16.417624] dump_stack_lvl+0x73/0xb0 [ 16.417710] print_report+0xd1/0x650 [ 16.417785] ? __virt_addr_valid+0x1db/0x2d0 [ 16.417833] ? kmalloc_oob_right+0x6bd/0x7f0 [ 16.417895] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.417959] ? kmalloc_oob_right+0x6bd/0x7f0 [ 16.417993] kasan_report+0x141/0x180 [ 16.418025] ? kmalloc_oob_right+0x6bd/0x7f0 [ 16.418062] __asan_report_store1_noabort+0x1b/0x30 [ 16.418113] kmalloc_oob_right+0x6bd/0x7f0 [ 16.418222] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 16.418311] ? __schedule+0x10cc/0x2b60 [ 16.418386] ? __pfx_read_tsc+0x10/0x10 [ 16.418453] ? ktime_get_ts64+0x86/0x230 [ 16.418518] kunit_try_run_case+0x1a5/0x480 [ 16.418556] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.418590] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.418622] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.418655] ? __kthread_parkme+0x82/0x180 [ 16.418682] ? preempt_count_sub+0x50/0x80 [ 16.418712] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.418746] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.418778] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.418811] kthread+0x337/0x6f0 [ 16.418837] ? trace_preempt_on+0x20/0xc0 [ 16.418867] ? __pfx_kthread+0x10/0x10 [ 16.418928] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.418959] ? calculate_sigpending+0x7b/0xa0 [ 16.418992] ? __pfx_kthread+0x10/0x10 [ 16.419020] ret_from_fork+0x116/0x1d0 [ 16.419045] ? __pfx_kthread+0x10/0x10 [ 16.419072] ret_from_fork_asm+0x1a/0x30 [ 16.419132] </TASK> [ 16.419163] [ 16.434544] Allocated by task 154: [ 16.435741] kasan_save_stack+0x45/0x70 [ 16.436801] kasan_save_track+0x18/0x40 [ 16.437802] kasan_save_alloc_info+0x3b/0x50 [ 16.438441] __kasan_kmalloc+0xb7/0xc0 [ 16.438828] __kmalloc_cache_noprof+0x189/0x420 [ 16.439273] kmalloc_oob_right+0xa9/0x7f0 [ 16.439654] kunit_try_run_case+0x1a5/0x480 [ 16.440174] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.440691] kthread+0x337/0x6f0 [ 16.441084] ret_from_fork+0x116/0x1d0 [ 16.441465] ret_from_fork_asm+0x1a/0x30 [ 16.441919] [ 16.442168] The buggy address belongs to the object at ffff8881029def00 [ 16.442168] which belongs to the cache kmalloc-128 of size 128 [ 16.443163] The buggy address is located 5 bytes to the right of [ 16.443163] allocated 115-byte region [ffff8881029def00, ffff8881029def73) [ 16.444062] [ 16.444331] The buggy address belongs to the physical page: [ 16.444767] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029de [ 16.445404] flags: 0x200000000000000(node=0|zone=2) [ 16.445890] page_type: f5(slab) [ 16.446352] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.447003] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.447647] page dumped because: kasan: bad access detected [ 16.448337] [ 16.448681] Memory state around the buggy address: [ 16.449147] ffff8881029dee00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.449617] ffff8881029dee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.450369] >ffff8881029def00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.451571] ^ [ 16.452423] ffff8881029def80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.453145] ffff8881029df000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.454019] ==================================================================
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 203.183144] WARNING: CPU: 0 PID: 2813 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 203.184471] Modules linked in: [ 203.184965] CPU: 0 UID: 0 PID: 2813 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 203.186010] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 203.186445] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 203.187752] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 203.188335] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 203.190163] RSP: 0000:ffff888108017c78 EFLAGS: 00010286 [ 203.190865] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 203.191504] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffbd23b5dc [ 203.192424] RBP: ffff888108017ca0 R08: 0000000000000000 R09: ffffed10208ef940 [ 203.194005] R10: ffff88810477ca07 R11: 0000000000000000 R12: ffffffffbd23b5c8 [ 203.194738] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888108017d38 [ 203.195557] FS: 0000000000000000(0000) GS:ffff88819be5f000(0000) knlGS:0000000000000000 [ 203.196392] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 203.197266] CR2: ffffffffffffffff CR3: 000000002a4bc000 CR4: 00000000000006f0 [ 203.198043] DR0: ffffffffbf265440 DR1: ffffffffbf265441 DR2: ffffffffbf265442 [ 203.198782] DR3: ffffffffbf265443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 203.199581] Call Trace: [ 203.200027] <TASK> [ 203.200341] drm_test_rect_calc_vscale+0x108/0x270 [ 203.200885] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 203.201847] ? __schedule+0x10cc/0x2b60 [ 203.202345] ? __pfx_read_tsc+0x10/0x10 [ 203.202951] ? ktime_get_ts64+0x86/0x230 [ 203.203432] kunit_try_run_case+0x1a5/0x480 [ 203.204089] ? __pfx_kunit_try_run_case+0x10/0x10 [ 203.204695] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 203.205224] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 203.205606] ? __kthread_parkme+0x82/0x180 [ 203.206058] ? preempt_count_sub+0x50/0x80 [ 203.206586] ? __pfx_kunit_try_run_case+0x10/0x10 [ 203.207371] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 203.208044] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 203.208585] kthread+0x337/0x6f0 [ 203.209489] ? trace_preempt_on+0x20/0xc0 [ 203.210104] ? __pfx_kthread+0x10/0x10 [ 203.210473] ? _raw_spin_unlock_irq+0x47/0x80 [ 203.211169] ? calculate_sigpending+0x7b/0xa0 [ 203.211759] ? __pfx_kthread+0x10/0x10 [ 203.212241] ret_from_fork+0x116/0x1d0 [ 203.212625] ? __pfx_kthread+0x10/0x10 [ 203.212970] ret_from_fork_asm+0x1a/0x30 [ 203.214141] </TASK> [ 203.214440] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 203.220743] WARNING: CPU: 0 PID: 2815 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 203.221415] Modules linked in: [ 203.222744] CPU: 0 UID: 0 PID: 2815 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 203.223568] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 203.224461] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 203.225849] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 203.226418] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 203.228277] RSP: 0000:ffff8881083b7c78 EFLAGS: 00010286 [ 203.228966] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 203.229870] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffbd23b614 [ 203.230915] RBP: ffff8881083b7ca0 R08: 0000000000000000 R09: ffffed10208ef960 [ 203.231829] R10: ffff88810477cb07 R11: 0000000000000000 R12: ffffffffbd23b600 [ 203.232531] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881083b7d38 [ 203.233329] FS: 0000000000000000(0000) GS:ffff88819be5f000(0000) knlGS:0000000000000000 [ 203.234821] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 203.235644] CR2: ffffffffffffffff CR3: 000000002a4bc000 CR4: 00000000000006f0 [ 203.236231] DR0: ffffffffbf265440 DR1: ffffffffbf265441 DR2: ffffffffbf265442 [ 203.237151] DR3: ffffffffbf265443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 203.238099] Call Trace: [ 203.238433] <TASK> [ 203.239022] drm_test_rect_calc_vscale+0x108/0x270 [ 203.239639] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 203.241046] ? __schedule+0x10cc/0x2b60 [ 203.241447] ? __pfx_read_tsc+0x10/0x10 [ 203.242241] ? ktime_get_ts64+0x86/0x230 [ 203.243183] kunit_try_run_case+0x1a5/0x480 [ 203.243821] ? __pfx_kunit_try_run_case+0x10/0x10 [ 203.244307] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 203.244736] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 203.245963] ? __kthread_parkme+0x82/0x180 [ 203.246840] ? preempt_count_sub+0x50/0x80 [ 203.247314] ? __pfx_kunit_try_run_case+0x10/0x10 [ 203.248147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 203.248880] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 203.249512] kthread+0x337/0x6f0 [ 203.250225] ? trace_preempt_on+0x20/0xc0 [ 203.251185] ? __pfx_kthread+0x10/0x10 [ 203.251673] ? _raw_spin_unlock_irq+0x47/0x80 [ 203.252363] ? calculate_sigpending+0x7b/0xa0 [ 203.253070] ? __pfx_kthread+0x10/0x10 [ 203.253521] ret_from_fork+0x116/0x1d0 [ 203.254215] ? __pfx_kthread+0x10/0x10 [ 203.255146] ret_from_fork_asm+0x1a/0x30 [ 203.255493] </TASK> [ 203.255920] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 203.085702] WARNING: CPU: 0 PID: 2801 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 203.087078] Modules linked in: [ 203.088079] CPU: 0 UID: 0 PID: 2801 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 203.089244] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 203.089997] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 203.090930] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 203.091503] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 9b c5 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 203.092957] RSP: 0000:ffff888107fdfc78 EFLAGS: 00010286 [ 203.093410] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 203.094340] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffbd23b5e0 [ 203.096162] RBP: ffff888107fdfca0 R08: 0000000000000000 R09: ffffed1020239140 [ 203.096751] R10: ffff8881011c8a07 R11: 0000000000000000 R12: ffffffffbd23b5c8 [ 203.097416] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888107fdfd38 [ 203.098210] FS: 0000000000000000(0000) GS:ffff88819be5f000(0000) knlGS:0000000000000000 [ 203.098871] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 203.099830] CR2: ffffffffffffffff CR3: 000000002a4bc000 CR4: 00000000000006f0 [ 203.100453] DR0: ffffffffbf265440 DR1: ffffffffbf265441 DR2: ffffffffbf265442 [ 203.101481] DR3: ffffffffbf265443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 203.102373] Call Trace: [ 203.102974] <TASK> [ 203.103429] drm_test_rect_calc_hscale+0x108/0x270 [ 203.104325] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 203.104837] ? __schedule+0x10cc/0x2b60 [ 203.105654] ? __pfx_read_tsc+0x10/0x10 [ 203.106203] ? ktime_get_ts64+0x86/0x230 [ 203.106754] kunit_try_run_case+0x1a5/0x480 [ 203.107913] ? __pfx_kunit_try_run_case+0x10/0x10 [ 203.108495] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 203.109131] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 203.109619] ? __kthread_parkme+0x82/0x180 [ 203.110040] ? preempt_count_sub+0x50/0x80 [ 203.110530] ? __pfx_kunit_try_run_case+0x10/0x10 [ 203.111097] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 203.111735] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 203.112280] kthread+0x337/0x6f0 [ 203.113640] ? trace_preempt_on+0x20/0xc0 [ 203.114150] ? __pfx_kthread+0x10/0x10 [ 203.114662] ? _raw_spin_unlock_irq+0x47/0x80 [ 203.115093] ? calculate_sigpending+0x7b/0xa0 [ 203.115536] ? __pfx_kthread+0x10/0x10 [ 203.116209] ret_from_fork+0x116/0x1d0 [ 203.116809] ? __pfx_kthread+0x10/0x10 [ 203.117449] ret_from_fork_asm+0x1a/0x30 [ 203.118069] </TASK> [ 203.118380] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 203.124519] WARNING: CPU: 1 PID: 2803 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 203.125683] Modules linked in: [ 203.126206] CPU: 1 UID: 0 PID: 2803 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 203.127878] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 203.128405] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 203.129384] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 203.129901] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 9b c5 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 203.132067] RSP: 0000:ffff888108287c78 EFLAGS: 00010286 [ 203.132729] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 203.133434] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffbd23b618 [ 203.134052] RBP: ffff888108287ca0 R08: 0000000000000000 R09: ffffed1020239180 [ 203.135102] R10: ffff8881011c8c07 R11: 0000000000000000 R12: ffffffffbd23b600 [ 203.135914] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888108287d38 [ 203.136569] FS: 0000000000000000(0000) GS:ffff88819bf5f000(0000) knlGS:0000000000000000 [ 203.137705] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 203.138459] CR2: 00007ffff7ffe000 CR3: 000000002a4bc000 CR4: 00000000000006f0 [ 203.139296] DR0: ffffffffbf265440 DR1: ffffffffbf265441 DR2: ffffffffbf265443 [ 203.139972] DR3: ffffffffbf265445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 203.141097] Call Trace: [ 203.141772] <TASK> [ 203.142349] drm_test_rect_calc_hscale+0x108/0x270 [ 203.142924] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 203.143413] ? __schedule+0x10cc/0x2b60 [ 203.144239] ? __pfx_read_tsc+0x10/0x10 [ 203.145009] ? ktime_get_ts64+0x86/0x230 [ 203.145605] kunit_try_run_case+0x1a5/0x480 [ 203.146473] ? __pfx_kunit_try_run_case+0x10/0x10 [ 203.147090] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 203.147688] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 203.148375] ? __kthread_parkme+0x82/0x180 [ 203.149116] ? preempt_count_sub+0x50/0x80 [ 203.150034] ? __pfx_kunit_try_run_case+0x10/0x10 [ 203.150531] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 203.151484] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 203.152343] kthread+0x337/0x6f0 [ 203.152619] ? trace_preempt_on+0x20/0xc0 [ 203.153245] ? __pfx_kthread+0x10/0x10 [ 203.154253] ? _raw_spin_unlock_irq+0x47/0x80 [ 203.155045] ? calculate_sigpending+0x7b/0xa0 [ 203.155479] ? __pfx_kthread+0x10/0x10 [ 203.155981] ret_from_fork+0x116/0x1d0 [ 203.156423] ? __pfx_kthread+0x10/0x10 [ 203.157396] ret_from_fork_asm+0x1a/0x30 [ 203.158158] </TASK> [ 203.158358] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-drm-kunit-mock-device-drm_gem_shmem_test_get_pages_sgtdrm-kunit-mock-device-drm-drm_warn_onrefcount_readshmem-pages_pin_count
------------[ cut here ]------------ [ 202.028994] drm-kunit-mock-device drm_gem_shmem_test_get_pages_sgt.drm-kunit-mock-device: [drm] drm_WARN_ON(refcount_read(&shmem->pages_pin_count)) [ 202.029208] WARNING: CPU: 1 PID: 2618 at drivers/gpu/drm/drm_gem_shmem_helper.c:180 drm_gem_shmem_free+0x3ed/0x6c0 [ 202.032363] Modules linked in: [ 202.032948] CPU: 1 UID: 0 PID: 2618 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 202.033837] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 202.034446] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 202.035919] RIP: 0010:drm_gem_shmem_free+0x3ed/0x6c0 [ 202.036373] Code: 85 f6 0f 84 ba 01 00 00 4c 89 e7 e8 5d 27 80 00 48 c7 c1 c0 04 1f bd 4c 89 f2 48 c7 c7 80 01 1f bd 48 89 c6 e8 34 f8 73 fe 90 <0f> 0b 90 90 e9 09 ff ff ff 90 48 b8 00 00 00 00 00 fc ff df 48 8d [ 202.038024] RSP: 0000:ffff888107d87d18 EFLAGS: 00010286 [ 202.038988] RAX: 0000000000000000 RBX: ffff88810a264400 RCX: 1ffffffff7be4c5c [ 202.040033] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 202.040951] RBP: ffff888107d87d48 R08: 0000000000000000 R09: fffffbfff7be4c5c [ 202.041524] R10: 0000000000000003 R11: 000000000003ae08 R12: ffff888107d9f800 [ 202.042277] R13: ffff88810a2644f8 R14: ffff888107b4cb80 R15: ffff8881003c7b40 [ 202.043405] FS: 0000000000000000(0000) GS:ffff88819bf5f000(0000) knlGS:0000000000000000 [ 202.044352] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 202.044827] CR2: 00007ffff7ffe000 CR3: 000000002a4bc000 CR4: 00000000000006f0 [ 202.045687] DR0: ffffffffbf265440 DR1: ffffffffbf265441 DR2: ffffffffbf265443 [ 202.046288] DR3: ffffffffbf265445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 202.047239] Call Trace: [ 202.047676] <TASK> [ 202.047995] ? trace_preempt_on+0x20/0xc0 [ 202.048531] ? __pfx_drm_gem_shmem_free_wrapper+0x10/0x10 [ 202.049260] drm_gem_shmem_free_wrapper+0x12/0x20 [ 202.049670] __kunit_action_free+0x57/0x70 [ 202.050176] kunit_remove_resource+0x133/0x200 [ 202.050577] ? preempt_count_sub+0x50/0x80 [ 202.051268] kunit_cleanup+0x7a/0x120 [ 202.051891] kunit_try_run_case_cleanup+0xbd/0xf0 [ 202.052467] ? __pfx_kunit_try_run_case_cleanup+0x10/0x10 [ 202.053295] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 202.053941] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 202.054688] kthread+0x337/0x6f0 [ 202.055094] ? trace_preempt_on+0x20/0xc0 [ 202.055755] ? __pfx_kthread+0x10/0x10 [ 202.056274] ? _raw_spin_unlock_irq+0x47/0x80 [ 202.056887] ? calculate_sigpending+0x7b/0xa0 [ 202.057387] ? __pfx_kthread+0x10/0x10 [ 202.057946] ret_from_fork+0x116/0x1d0 [ 202.058495] ? __pfx_kthread+0x10/0x10 [ 202.059125] ret_from_fork_asm+0x1a/0x30 [ 202.059813] </TASK> [ 202.060225] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 201.797054] WARNING: CPU: 1 PID: 2599 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 201.798011] Modules linked in: [ 201.798550] CPU: 1 UID: 0 PID: 2599 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 201.799971] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 201.800453] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 201.802513] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 201.803443] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 201.804921] RSP: 0000:ffff888103477b30 EFLAGS: 00010246 [ 201.805464] RAX: dffffc0000000000 RBX: ffff888103477c28 RCX: 0000000000000000 [ 201.806204] RDX: 1ffff1102068ef8e RSI: ffff888103477c28 RDI: ffff888103477c70 [ 201.807011] RBP: ffff888103477b70 R08: ffff8881026e7000 R09: ffffffffbd1e07e0 [ 201.807846] R10: 0000000000000003 R11: 00000000819d2578 R12: ffff8881026e7000 [ 201.809123] R13: ffff8881003c7ae8 R14: ffff888103477ba8 R15: 0000000000000000 [ 201.809655] FS: 0000000000000000(0000) GS:ffff88819bf5f000(0000) knlGS:0000000000000000 [ 201.810627] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 201.811197] CR2: 00007ffff7ffe000 CR3: 000000002a4bc000 CR4: 00000000000006f0 [ 201.811770] DR0: ffffffffbf265440 DR1: ffffffffbf265441 DR2: ffffffffbf265443 [ 201.812837] DR3: ffffffffbf265445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 201.813360] Call Trace: [ 201.813663] <TASK> [ 201.813968] ? add_dr+0xc1/0x1d0 [ 201.814378] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 201.815170] ? add_dr+0x148/0x1d0 [ 201.815673] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 201.816316] ? __drmm_add_action+0x1a4/0x280 [ 201.816921] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 201.817637] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 201.818244] ? __drmm_add_action_or_reset+0x22/0x50 [ 201.819113] ? __schedule+0x10cc/0x2b60 [ 201.819641] ? __pfx_read_tsc+0x10/0x10 [ 201.820058] ? ktime_get_ts64+0x86/0x230 [ 201.820438] kunit_try_run_case+0x1a5/0x480 [ 201.821101] ? __pfx_kunit_try_run_case+0x10/0x10 [ 201.821708] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 201.822330] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 201.822883] ? __kthread_parkme+0x82/0x180 [ 201.823439] ? preempt_count_sub+0x50/0x80 [ 201.824046] ? __pfx_kunit_try_run_case+0x10/0x10 [ 201.824660] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 201.825385] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 201.826744] kthread+0x337/0x6f0 [ 201.827211] ? trace_preempt_on+0x20/0xc0 [ 201.827773] ? __pfx_kthread+0x10/0x10 [ 201.828281] ? _raw_spin_unlock_irq+0x47/0x80 [ 201.828963] ? calculate_sigpending+0x7b/0xa0 [ 201.829455] ? __pfx_kthread+0x10/0x10 [ 201.830320] ret_from_fork+0x116/0x1d0 [ 201.830999] ? __pfx_kthread+0x10/0x10 [ 201.831396] ret_from_fork_asm+0x1a/0x30 [ 201.831981] </TASK> [ 201.832293] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 201.736694] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 201.736981] WARNING: CPU: 1 PID: 2595 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 201.739273] Modules linked in: [ 201.739938] CPU: 1 UID: 0 PID: 2595 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 201.741064] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 201.741676] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 201.742422] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 201.743403] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 8b 41 87 00 48 c7 c1 a0 b7 1d bd 4c 89 fa 48 c7 c7 00 b8 1d bd 48 89 c6 e8 62 12 7b fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 201.745043] RSP: 0000:ffff888107cb7b68 EFLAGS: 00010282 [ 201.746070] RAX: 0000000000000000 RBX: ffff888107cb7c40 RCX: 1ffffffff7be4c5c [ 201.746617] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 201.748006] RBP: ffff888107cb7b90 R08: 0000000000000000 R09: fffffbfff7be4c5c [ 201.748575] R10: 0000000000000003 R11: 00000000000394d8 R12: ffff888107cb7c18 [ 201.749456] R13: ffff888107d99800 R14: ffff8881026e3000 R15: ffff888105c32b80 [ 201.750301] FS: 0000000000000000(0000) GS:ffff88819bf5f000(0000) knlGS:0000000000000000 [ 201.751110] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 201.751772] CR2: 00007ffff7ffe000 CR3: 000000002a4bc000 CR4: 00000000000006f0 [ 201.752370] DR0: ffffffffbf265440 DR1: ffffffffbf265441 DR2: ffffffffbf265443 [ 201.753266] DR3: ffffffffbf265445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 201.754110] Call Trace: [ 201.754475] <TASK> [ 201.755049] drm_test_framebuffer_free+0x1ab/0x610 [ 201.755520] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 201.756519] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 201.757461] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 201.758074] ? __drmm_add_action_or_reset+0x22/0x50 [ 201.758563] ? __schedule+0x10cc/0x2b60 [ 201.759249] ? __pfx_read_tsc+0x10/0x10 [ 201.759962] ? ktime_get_ts64+0x86/0x230 [ 201.760444] kunit_try_run_case+0x1a5/0x480 [ 201.761105] ? __pfx_kunit_try_run_case+0x10/0x10 [ 201.761654] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 201.762419] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 201.762897] ? __kthread_parkme+0x82/0x180 [ 201.763651] ? preempt_count_sub+0x50/0x80 [ 201.764455] ? __pfx_kunit_try_run_case+0x10/0x10 [ 201.765667] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 201.766321] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 201.766884] kthread+0x337/0x6f0 [ 201.767221] ? trace_preempt_on+0x20/0xc0 [ 201.767669] ? __pfx_kthread+0x10/0x10 [ 201.768269] ? _raw_spin_unlock_irq+0x47/0x80 [ 201.768910] ? calculate_sigpending+0x7b/0xa0 [ 201.769399] ? __pfx_kthread+0x10/0x10 [ 201.770062] ret_from_fork+0x116/0x1d0 [ 201.770474] ? __pfx_kthread+0x10/0x10 [ 201.770954] ret_from_fork_asm+0x1a/0x30 [ 201.771713] </TASK> [ 201.772075] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 199.610905] WARNING: CPU: 1 PID: 2033 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 199.614825] Modules linked in: [ 199.616066] CPU: 1 UID: 0 PID: 2033 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 199.617338] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 199.618281] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 199.619133] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 199.619648] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d c3 cc cc cc cc 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d e9 90 0b 26 02 48 89 df e8 68 [ 199.621360] RSP: 0000:ffff888102c77c90 EFLAGS: 00010246 [ 199.622052] RAX: dffffc0000000000 RBX: ffff888102e88000 RCX: 0000000000000000 [ 199.622535] RDX: 1ffff110205d1032 RSI: ffffffffba442758 RDI: ffff888102e88190 [ 199.623569] RBP: ffff888102c77ca0 R08: 1ffff11020078f69 R09: ffffed102058ef65 [ 199.624151] R10: 0000000000000003 R11: ffffffffb99861a8 R12: 0000000000000000 [ 199.624698] R13: ffff888102c77d38 R14: ffff8881003c7c50 R15: ffff8881003c7c58 [ 199.625741] FS: 0000000000000000(0000) GS:ffff88819bf5f000(0000) knlGS:0000000000000000 [ 199.626678] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 199.627088] CR2: 00007ffff7ffe000 CR3: 000000002a4bc000 CR4: 00000000000006f0 [ 199.627858] DR0: ffffffffbf265440 DR1: ffffffffbf265441 DR2: ffffffffbf265443 [ 199.628929] DR3: ffffffffbf265445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 199.629540] Call Trace: [ 199.629855] <TASK> [ 199.630630] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 199.631405] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 199.632269] ? __schedule+0x10cc/0x2b60 [ 199.632639] ? __pfx_read_tsc+0x10/0x10 [ 199.633030] ? ktime_get_ts64+0x86/0x230 [ 199.633416] kunit_try_run_case+0x1a5/0x480 [ 199.634172] ? __pfx_kunit_try_run_case+0x10/0x10 [ 199.635366] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 199.636475] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 199.637287] ? __kthread_parkme+0x82/0x180 [ 199.638052] ? preempt_count_sub+0x50/0x80 [ 199.638688] ? __pfx_kunit_try_run_case+0x10/0x10 [ 199.639245] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 199.640273] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 199.640841] kthread+0x337/0x6f0 [ 199.641225] ? trace_preempt_on+0x20/0xc0 [ 199.641876] ? __pfx_kthread+0x10/0x10 [ 199.642260] ? _raw_spin_unlock_irq+0x47/0x80 [ 199.642691] ? calculate_sigpending+0x7b/0xa0 [ 199.643481] ? __pfx_kthread+0x10/0x10 [ 199.644888] ret_from_fork+0x116/0x1d0 [ 199.645357] ? __pfx_kthread+0x10/0x10 [ 199.645903] ret_from_fork_asm+0x1a/0x30 [ 199.646959] </TASK> [ 199.647413] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 199.482932] WARNING: CPU: 0 PID: 2025 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 199.484006] Modules linked in: [ 199.484401] CPU: 0 UID: 0 PID: 2025 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 199.485373] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 199.486055] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 199.486958] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 199.487717] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d c3 cc cc cc cc 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d e9 90 0b 26 02 48 89 df e8 68 [ 199.489155] RSP: 0000:ffff888102c17c90 EFLAGS: 00010246 [ 199.489760] RAX: dffffc0000000000 RBX: ffff888102c0a000 RCX: 0000000000000000 [ 199.490445] RDX: 1ffff11020581432 RSI: ffffffffba442758 RDI: ffff888102c0a190 [ 199.491299] RBP: ffff888102c17ca0 R08: 1ffff11020078f69 R09: ffffed1020582f65 [ 199.492353] R10: 0000000000000003 R11: ffffffffb99861a8 R12: 0000000000000000 [ 199.493199] R13: ffff888102c17d38 R14: ffff8881003c7c50 R15: ffff8881003c7c58 [ 199.493902] FS: 0000000000000000(0000) GS:ffff88819be5f000(0000) knlGS:0000000000000000 [ 199.494601] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 199.495287] CR2: ffffffffffffffff CR3: 000000002a4bc000 CR4: 00000000000006f0 [ 199.496106] DR0: ffffffffbf265440 DR1: ffffffffbf265441 DR2: ffffffffbf265442 [ 199.496731] DR3: ffffffffbf265443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 199.497333] Call Trace: [ 199.497816] <TASK> [ 199.498224] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 199.498991] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 199.499857] ? __schedule+0x10cc/0x2b60 [ 199.500354] ? __pfx_read_tsc+0x10/0x10 [ 199.500890] ? ktime_get_ts64+0x86/0x230 [ 199.501367] kunit_try_run_case+0x1a5/0x480 [ 199.501940] ? __pfx_kunit_try_run_case+0x10/0x10 [ 199.502478] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 199.503136] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 199.503718] ? __kthread_parkme+0x82/0x180 [ 199.504238] ? preempt_count_sub+0x50/0x80 [ 199.504782] ? __pfx_kunit_try_run_case+0x10/0x10 [ 199.505386] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 199.505990] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 199.506802] kthread+0x337/0x6f0 [ 199.507250] ? trace_preempt_on+0x20/0xc0 [ 199.507813] ? __pfx_kthread+0x10/0x10 [ 199.508341] ? _raw_spin_unlock_irq+0x47/0x80 [ 199.508942] ? calculate_sigpending+0x7b/0xa0 [ 199.509750] ? __pfx_kthread+0x10/0x10 [ 199.510377] ret_from_fork+0x116/0x1d0 [ 199.511077] ? __pfx_kthread+0x10/0x10 [ 199.511611] ret_from_fork_asm+0x1a/0x30 [ 199.512166] </TASK> [ 199.512410] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 150.546005] WARNING: CPU: 1 PID: 723 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 150.547292] Modules linked in: [ 150.548241] CPU: 1 UID: 0 PID: 723 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 150.549218] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 150.550290] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 150.551299] RIP: 0010:intlog10+0x2a/0x40 [ 150.551976] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 150.553649] RSP: 0000:ffff8881094c7cb0 EFLAGS: 00010246 [ 150.554365] RAX: 0000000000000000 RBX: ffff8881003c7ae8 RCX: 1ffff11021298fb4 [ 150.555273] RDX: 1ffffffff7a13dd4 RSI: 1ffff11021298fb3 RDI: 0000000000000000 [ 150.556154] RBP: ffff8881094c7d60 R08: 0000000000000000 R09: ffffed102122e420 [ 150.557390] R10: ffff888109172107 R11: 0000000000000000 R12: 1ffff11021298f97 [ 150.558226] R13: ffffffffbd09eea0 R14: 0000000000000000 R15: ffff8881094c7d38 [ 150.558744] FS: 0000000000000000(0000) GS:ffff88819bf5f000(0000) knlGS:0000000000000000 [ 150.559956] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 150.560710] CR2: dffffc0000000000 CR3: 000000002a4bc000 CR4: 00000000000006f0 [ 150.561432] DR0: ffffffffbf265440 DR1: ffffffffbf265441 DR2: ffffffffbf265443 [ 150.562208] DR3: ffffffffbf265445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 150.563321] Call Trace: [ 150.564006] <TASK> [ 150.564232] ? intlog10_test+0xf2/0x220 [ 150.564786] ? __pfx_intlog10_test+0x10/0x10 [ 150.565489] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 150.566099] ? trace_hardirqs_on+0x37/0xe0 [ 150.566785] ? __pfx_read_tsc+0x10/0x10 [ 150.567199] ? ktime_get_ts64+0x86/0x230 [ 150.567918] kunit_try_run_case+0x1a5/0x480 [ 150.568646] ? __pfx_kunit_try_run_case+0x10/0x10 [ 150.569368] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 150.570316] ? __kthread_parkme+0x82/0x180 [ 150.571132] ? preempt_count_sub+0x50/0x80 [ 150.571721] ? __pfx_kunit_try_run_case+0x10/0x10 [ 150.572382] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 150.573369] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 150.574354] kthread+0x337/0x6f0 [ 150.574848] ? trace_preempt_on+0x20/0xc0 [ 150.575750] ? __pfx_kthread+0x10/0x10 [ 150.576764] ? _raw_spin_unlock_irq+0x47/0x80 [ 150.577410] ? calculate_sigpending+0x7b/0xa0 [ 150.578226] ? __pfx_kthread+0x10/0x10 [ 150.578640] ret_from_fork+0x116/0x1d0 [ 150.579090] ? __pfx_kthread+0x10/0x10 [ 150.579732] ret_from_fork_asm+0x1a/0x30 [ 150.580638] </TASK> [ 150.580979] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 150.469711] WARNING: CPU: 0 PID: 705 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 150.470302] Modules linked in: [ 150.470906] CPU: 0 UID: 0 PID: 705 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 150.472850] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 150.473526] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 150.474772] RIP: 0010:intlog2+0xdf/0x110 [ 150.475383] Code: 09 bd c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d e9 d2 8b 86 02 90 <0f> 0b 90 31 c0 e9 c7 8b 86 02 89 45 e4 e8 ff 20 52 ff 8b 45 e4 eb [ 150.477029] RSP: 0000:ffff88810959fcb0 EFLAGS: 00010246 [ 150.477565] RAX: 0000000000000000 RBX: ffff8881003c7ae8 RCX: 1ffff110212b3fb4 [ 150.478402] RDX: 1ffffffff7a13e28 RSI: 1ffff110212b3fb3 RDI: 0000000000000000 [ 150.479073] RBP: ffff88810959fd60 R08: 0000000000000000 R09: ffffed1020f86260 [ 150.479734] R10: ffff888107c31307 R11: 0000000000000000 R12: 1ffff110212b3f97 [ 150.480306] R13: ffffffffbd09f140 R14: 0000000000000000 R15: ffff88810959fd38 [ 150.480946] FS: 0000000000000000(0000) GS:ffff88819be5f000(0000) knlGS:0000000000000000 [ 150.481807] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 150.482307] CR2: ffff88815a95c000 CR3: 000000002a4bc000 CR4: 00000000000006f0 [ 150.483215] DR0: ffffffffbf265440 DR1: ffffffffbf265441 DR2: ffffffffbf265442 [ 150.483872] DR3: ffffffffbf265443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 150.484509] Call Trace: [ 150.484863] <TASK> [ 150.485722] ? intlog2_test+0xf2/0x220 [ 150.486164] ? __pfx_intlog2_test+0x10/0x10 [ 150.487439] ? __schedule+0x10cc/0x2b60 [ 150.487971] ? __pfx_read_tsc+0x10/0x10 [ 150.488372] ? ktime_get_ts64+0x86/0x230 [ 150.488757] kunit_try_run_case+0x1a5/0x480 [ 150.489243] ? __pfx_kunit_try_run_case+0x10/0x10 [ 150.489716] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 150.490339] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 150.491004] ? __kthread_parkme+0x82/0x180 [ 150.491810] ? preempt_count_sub+0x50/0x80 [ 150.492262] ? __pfx_kunit_try_run_case+0x10/0x10 [ 150.492995] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 150.493462] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 150.494117] kthread+0x337/0x6f0 [ 150.494470] ? trace_preempt_on+0x20/0xc0 [ 150.495104] ? __pfx_kthread+0x10/0x10 [ 150.496036] ? _raw_spin_unlock_irq+0x47/0x80 [ 150.496466] ? calculate_sigpending+0x7b/0xa0 [ 150.497361] ? __pfx_kthread+0x10/0x10 [ 150.498011] ret_from_fork+0x116/0x1d0 [ 150.498449] ? __pfx_kthread+0x10/0x10 [ 150.499217] ret_from_fork_asm+0x1a/0x30 [ 150.499907] </TASK> [ 150.500183] ---[ end trace 0000000000000000 ]---