Date
June 8, 2025, 11:09 p.m.
Failure - log-parser-boot - oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
[ 158.747329] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 17.328805] ================================================================== [ 17.329752] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 17.330416] Read of size 1 at addr ffff888101a90b1f by task kunit_try_catch/156 [ 17.331130] [ 17.332427] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 17.332753] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.332791] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.332846] Call Trace: [ 17.332883] <TASK> [ 17.332929] dump_stack_lvl+0x73/0xb0 [ 17.333052] print_report+0xd1/0x650 [ 17.333578] ? __virt_addr_valid+0x1db/0x2d0 [ 17.333672] ? kmalloc_oob_left+0x361/0x3c0 [ 17.333739] ? kasan_complete_mode_report_info+0x64/0x200 [ 17.333788] ? kmalloc_oob_left+0x361/0x3c0 [ 17.333821] kasan_report+0x141/0x180 [ 17.333855] ? kmalloc_oob_left+0x361/0x3c0 [ 17.333892] __asan_report_load1_noabort+0x18/0x20 [ 17.333928] kmalloc_oob_left+0x361/0x3c0 [ 17.333960] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 17.333993] ? __schedule+0x10cc/0x2b60 [ 17.334028] ? __pfx_read_tsc+0x10/0x10 [ 17.334061] ? ktime_get_ts64+0x86/0x230 [ 17.334096] kunit_try_run_case+0x1a5/0x480 [ 17.334136] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.334170] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.334204] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.334255] ? __kthread_parkme+0x82/0x180 [ 17.334300] ? preempt_count_sub+0x50/0x80 [ 17.334334] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.334370] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.334404] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.334438] kthread+0x337/0x6f0 [ 17.334466] ? trace_preempt_on+0x20/0xc0 [ 17.334522] ? __pfx_kthread+0x10/0x10 [ 17.334610] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.334671] ? calculate_sigpending+0x7b/0xa0 [ 17.334734] ? __pfx_kthread+0x10/0x10 [ 17.334791] ret_from_fork+0x116/0x1d0 [ 17.334850] ? __pfx_kthread+0x10/0x10 [ 17.334903] ret_from_fork_asm+0x1a/0x30 [ 17.334976] </TASK> [ 17.335006] [ 17.362738] Allocated by task 1: [ 17.363995] kasan_save_stack+0x45/0x70 [ 17.364806] kasan_save_track+0x18/0x40 [ 17.365462] kasan_save_alloc_info+0x3b/0x50 [ 17.366217] __kasan_kmalloc+0xb7/0xc0 [ 17.368417] __kmalloc_noprof+0x1c9/0x500 [ 17.369597] kobject_get_path+0xa7/0x1f0 [ 17.371364] kobject_uevent_env+0x1f9/0xff0 [ 17.372165] kobject_uevent+0xf/0x20 [ 17.372793] param_sysfs_builtin_init+0x28b/0x3a0 [ 17.373463] do_one_initcall+0xd8/0x370 [ 17.374224] kernel_init_freeable+0x420/0x6f0 [ 17.375801] kernel_init+0x23/0x1e0 [ 17.377110] ret_from_fork+0x116/0x1d0 [ 17.378070] ret_from_fork_asm+0x1a/0x30 [ 17.378972] [ 17.379363] Freed by task 1: [ 17.380216] kasan_save_stack+0x45/0x70 [ 17.380546] kasan_save_track+0x18/0x40 [ 17.381844] kasan_save_free_info+0x3f/0x60 [ 17.382532] __kasan_slab_free+0x56/0x70 [ 17.383042] kfree+0x222/0x3f0 [ 17.383419] kobject_uevent_env+0x233/0xff0 [ 17.384166] kobject_uevent+0xf/0x20 [ 17.384941] param_sysfs_builtin_init+0x28b/0x3a0 [ 17.385582] do_one_initcall+0xd8/0x370 [ 17.386450] kernel_init_freeable+0x420/0x6f0 [ 17.387309] kernel_init+0x23/0x1e0 [ 17.387872] ret_from_fork+0x116/0x1d0 [ 17.388627] ret_from_fork_asm+0x1a/0x30 [ 17.389235] [ 17.389416] The buggy address belongs to the object at ffff888101a90b00 [ 17.389416] which belongs to the cache kmalloc-16 of size 16 [ 17.391064] The buggy address is located 15 bytes to the right of [ 17.391064] allocated 16-byte region [ffff888101a90b00, ffff888101a90b10) [ 17.392447] [ 17.393063] The buggy address belongs to the physical page: [ 17.393986] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a90 [ 17.395356] flags: 0x200000000000000(node=0|zone=2) [ 17.395908] page_type: f5(slab) [ 17.396310] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 17.396990] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.397547] page dumped because: kasan: bad access detected [ 17.397943] [ 17.398108] Memory state around the buggy address: [ 17.398481] ffff888101a90a00: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 17.399973] ffff888101a90a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.401079] >ffff888101a90b00: fa fb fc fc 00 07 fc fc fc fc fc fc fc fc fc fc [ 17.401894] ^ [ 17.402677] ffff888101a90b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.403781] ffff888101a90c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.404784] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 17.278125] ================================================================== [ 17.278804] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 17.279352] Read of size 1 at addr ffff888101b20780 by task kunit_try_catch/154 [ 17.280270] [ 17.280551] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 17.280661] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.280697] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.280755] Call Trace: [ 17.280805] <TASK> [ 17.280856] dump_stack_lvl+0x73/0xb0 [ 17.280955] print_report+0xd1/0x650 [ 17.281031] ? __virt_addr_valid+0x1db/0x2d0 [ 17.281101] ? kmalloc_oob_right+0x68a/0x7f0 [ 17.281174] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.281306] ? kmalloc_oob_right+0x68a/0x7f0 [ 17.281386] kasan_report+0x141/0x180 [ 17.281463] ? kmalloc_oob_right+0x68a/0x7f0 [ 17.281566] __asan_report_load1_noabort+0x18/0x20 [ 17.281648] kmalloc_oob_right+0x68a/0x7f0 [ 17.281712] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 17.281822] ? __schedule+0x10cc/0x2b60 [ 17.281885] ? __pfx_read_tsc+0x10/0x10 [ 17.281940] ? ktime_get_ts64+0x86/0x230 [ 17.282000] kunit_try_run_case+0x1a5/0x480 [ 17.282068] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.282137] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.282213] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.282473] ? __kthread_parkme+0x82/0x180 [ 17.282567] ? preempt_count_sub+0x50/0x80 [ 17.282629] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.282696] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.282765] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.282841] kthread+0x337/0x6f0 [ 17.282904] ? trace_preempt_on+0x20/0xc0 [ 17.282982] ? __pfx_kthread+0x10/0x10 [ 17.283048] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.283119] ? calculate_sigpending+0x7b/0xa0 [ 17.283195] ? __pfx_kthread+0x10/0x10 [ 17.283363] ret_from_fork+0x116/0x1d0 [ 17.283433] ? __pfx_kthread+0x10/0x10 [ 17.283519] ret_from_fork_asm+0x1a/0x30 [ 17.283612] </TASK> [ 17.283649] [ 17.302365] Allocated by task 154: [ 17.303028] kasan_save_stack+0x45/0x70 [ 17.303587] kasan_save_track+0x18/0x40 [ 17.303993] kasan_save_alloc_info+0x3b/0x50 [ 17.304465] __kasan_kmalloc+0xb7/0xc0 [ 17.304911] __kmalloc_cache_noprof+0x189/0x420 [ 17.305460] kmalloc_oob_right+0xa9/0x7f0 [ 17.305978] kunit_try_run_case+0x1a5/0x480 [ 17.306552] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.307025] kthread+0x337/0x6f0 [ 17.307479] ret_from_fork+0x116/0x1d0 [ 17.307880] ret_from_fork_asm+0x1a/0x30 [ 17.308246] [ 17.308491] The buggy address belongs to the object at ffff888101b20700 [ 17.308491] which belongs to the cache kmalloc-128 of size 128 [ 17.309281] The buggy address is located 13 bytes to the right of [ 17.309281] allocated 115-byte region [ffff888101b20700, ffff888101b20773) [ 17.310534] [ 17.310792] The buggy address belongs to the physical page: [ 17.311313] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b20 [ 17.311946] flags: 0x200000000000000(node=0|zone=2) [ 17.312835] page_type: f5(slab) [ 17.313149] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.313908] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.314374] page dumped because: kasan: bad access detected [ 17.314936] [ 17.315357] Memory state around the buggy address: [ 17.315901] ffff888101b20680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.316901] ffff888101b20700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.317466] >ffff888101b20780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.318317] ^ [ 17.318723] ffff888101b20800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.319303] ffff888101b20880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.320567] ================================================================== [ 17.239767] ================================================================== [ 17.240487] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 17.241132] Write of size 1 at addr ffff888101b20778 by task kunit_try_catch/154 [ 17.241777] [ 17.242059] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 17.242187] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.242270] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.242340] Call Trace: [ 17.242394] <TASK> [ 17.242446] dump_stack_lvl+0x73/0xb0 [ 17.242559] print_report+0xd1/0x650 [ 17.242641] ? __virt_addr_valid+0x1db/0x2d0 [ 17.242720] ? kmalloc_oob_right+0x6bd/0x7f0 [ 17.242791] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.242869] ? kmalloc_oob_right+0x6bd/0x7f0 [ 17.242946] kasan_report+0x141/0x180 [ 17.243020] ? kmalloc_oob_right+0x6bd/0x7f0 [ 17.243104] __asan_report_store1_noabort+0x1b/0x30 [ 17.243193] kmalloc_oob_right+0x6bd/0x7f0 [ 17.243324] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 17.243407] ? __schedule+0x10cc/0x2b60 [ 17.243488] ? __pfx_read_tsc+0x10/0x10 [ 17.243586] ? ktime_get_ts64+0x86/0x230 [ 17.243670] kunit_try_run_case+0x1a5/0x480 [ 17.243753] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.243821] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.243864] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.243902] ? __kthread_parkme+0x82/0x180 [ 17.243935] ? preempt_count_sub+0x50/0x80 [ 17.243969] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.244008] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.244044] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.244081] kthread+0x337/0x6f0 [ 17.244109] ? trace_preempt_on+0x20/0xc0 [ 17.244143] ? __pfx_kthread+0x10/0x10 [ 17.244174] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.244206] ? calculate_sigpending+0x7b/0xa0 [ 17.244302] ? __pfx_kthread+0x10/0x10 [ 17.244339] ret_from_fork+0x116/0x1d0 [ 17.244367] ? __pfx_kthread+0x10/0x10 [ 17.244397] ret_from_fork_asm+0x1a/0x30 [ 17.244444] </TASK> [ 17.244459] [ 17.257540] Allocated by task 154: [ 17.257992] kasan_save_stack+0x45/0x70 [ 17.258638] kasan_save_track+0x18/0x40 [ 17.259037] kasan_save_alloc_info+0x3b/0x50 [ 17.261797] __kasan_kmalloc+0xb7/0xc0 [ 17.262253] __kmalloc_cache_noprof+0x189/0x420 [ 17.262735] kmalloc_oob_right+0xa9/0x7f0 [ 17.263113] kunit_try_run_case+0x1a5/0x480 [ 17.263675] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.264122] kthread+0x337/0x6f0 [ 17.265351] ret_from_fork+0x116/0x1d0 [ 17.265727] ret_from_fork_asm+0x1a/0x30 [ 17.266067] [ 17.266216] The buggy address belongs to the object at ffff888101b20700 [ 17.266216] which belongs to the cache kmalloc-128 of size 128 [ 17.267020] The buggy address is located 5 bytes to the right of [ 17.267020] allocated 115-byte region [ffff888101b20700, ffff888101b20773) [ 17.267925] [ 17.268172] The buggy address belongs to the physical page: [ 17.268688] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b20 [ 17.269297] flags: 0x200000000000000(node=0|zone=2) [ 17.269815] page_type: f5(slab) [ 17.270181] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.270869] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.271489] page dumped because: kasan: bad access detected [ 17.272007] [ 17.272203] Memory state around the buggy address: [ 17.272631] ffff888101b20600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.273323] ffff888101b20680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.273947] >ffff888101b20700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.274602] ^ [ 17.275119] ffff888101b20780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.275778] ffff888101b20800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.276340] ================================================================== [ 17.186917] ================================================================== [ 17.188264] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 17.189391] Write of size 1 at addr ffff888101b20773 by task kunit_try_catch/154 [ 17.190120] [ 17.192177] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 17.192691] Tainted: [N]=TEST [ 17.192747] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.193022] Call Trace: [ 17.193117] <TASK> [ 17.193337] dump_stack_lvl+0x73/0xb0 [ 17.193483] print_report+0xd1/0x650 [ 17.193563] ? __virt_addr_valid+0x1db/0x2d0 [ 17.193606] ? kmalloc_oob_right+0x6f0/0x7f0 [ 17.193659] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.193695] ? kmalloc_oob_right+0x6f0/0x7f0 [ 17.193728] kasan_report+0x141/0x180 [ 17.193760] ? kmalloc_oob_right+0x6f0/0x7f0 [ 17.193799] __asan_report_store1_noabort+0x1b/0x30 [ 17.193839] kmalloc_oob_right+0x6f0/0x7f0 [ 17.193873] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 17.193908] ? __schedule+0x10cc/0x2b60 [ 17.193943] ? __pfx_read_tsc+0x10/0x10 [ 17.193976] ? ktime_get_ts64+0x86/0x230 [ 17.194012] kunit_try_run_case+0x1a5/0x480 [ 17.194054] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.194091] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.194130] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.194165] ? __kthread_parkme+0x82/0x180 [ 17.194196] ? preempt_count_sub+0x50/0x80 [ 17.194241] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.194300] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.194339] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.194377] kthread+0x337/0x6f0 [ 17.194408] ? trace_preempt_on+0x20/0xc0 [ 17.194444] ? __pfx_kthread+0x10/0x10 [ 17.194475] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.194529] ? calculate_sigpending+0x7b/0xa0 [ 17.194572] ? __pfx_kthread+0x10/0x10 [ 17.194603] ret_from_fork+0x116/0x1d0 [ 17.194631] ? __pfx_kthread+0x10/0x10 [ 17.194661] ret_from_fork_asm+0x1a/0x30 [ 17.194745] </TASK> [ 17.194834] [ 17.212946] Allocated by task 154: [ 17.213828] kasan_save_stack+0x45/0x70 [ 17.214761] kasan_save_track+0x18/0x40 [ 17.215592] kasan_save_alloc_info+0x3b/0x50 [ 17.215963] __kasan_kmalloc+0xb7/0xc0 [ 17.216476] __kmalloc_cache_noprof+0x189/0x420 [ 17.216981] kmalloc_oob_right+0xa9/0x7f0 [ 17.217373] kunit_try_run_case+0x1a5/0x480 [ 17.218029] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.218702] kthread+0x337/0x6f0 [ 17.219119] ret_from_fork+0x116/0x1d0 [ 17.219662] ret_from_fork_asm+0x1a/0x30 [ 17.220813] [ 17.221173] The buggy address belongs to the object at ffff888101b20700 [ 17.221173] which belongs to the cache kmalloc-128 of size 128 [ 17.222586] The buggy address is located 0 bytes to the right of [ 17.222586] allocated 115-byte region [ffff888101b20700, ffff888101b20773) [ 17.223754] [ 17.224329] The buggy address belongs to the physical page: [ 17.225475] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b20 [ 17.226465] flags: 0x200000000000000(node=0|zone=2) [ 17.227735] page_type: f5(slab) [ 17.228972] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.229688] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.230817] page dumped because: kasan: bad access detected [ 17.231756] [ 17.232003] Memory state around the buggy address: [ 17.232984] ffff888101b20600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.233719] ffff888101b20680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.234302] >ffff888101b20700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.235085] ^ [ 17.235761] ffff888101b20780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.236362] ffff888101b20800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.236991] ==================================================================
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 216.890747] WARNING: CPU: 1 PID: 2815 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 216.892878] Modules linked in: [ 216.894034] CPU: 1 UID: 0 PID: 2815 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 216.895926] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 216.897077] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 216.897866] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 216.898671] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 216.900967] RSP: 0000:ffff88810318fc78 EFLAGS: 00010286 [ 216.902203] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 216.902780] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffb323b614 [ 216.903690] RBP: ffff88810318fca0 R08: 0000000000000000 R09: ffffed10204d1f40 [ 216.905025] R10: ffff88810268fa07 R11: 0000000000000000 R12: ffffffffb323b600 [ 216.905992] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810318fd38 [ 216.906916] FS: 0000000000000000(0000) GS:ffff8881a5f5f000(0000) knlGS:0000000000000000 [ 216.907767] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 216.908771] CR2: 00007ffff7ffe000 CR3: 000000003f4bc000 CR4: 00000000000006f0 [ 216.909020] DR0: ffffffffb5265440 DR1: ffffffffb5265441 DR2: ffffffffb5265443 [ 216.910883] DR3: ffffffffb5265445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 216.912133] Call Trace: [ 216.912764] <TASK> [ 216.913279] drm_test_rect_calc_vscale+0x108/0x270 [ 216.914111] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 216.914945] ? __schedule+0x10cc/0x2b60 [ 216.915399] ? __pfx_read_tsc+0x10/0x10 [ 216.916602] ? ktime_get_ts64+0x86/0x230 [ 216.917379] kunit_try_run_case+0x1a5/0x480 [ 216.917887] ? __pfx_kunit_try_run_case+0x10/0x10 [ 216.918952] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 216.919431] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 216.920128] ? __kthread_parkme+0x82/0x180 [ 216.920548] ? preempt_count_sub+0x50/0x80 [ 216.921823] ? __pfx_kunit_try_run_case+0x10/0x10 [ 216.922040] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 216.922426] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 216.923116] kthread+0x337/0x6f0 [ 216.924721] ? trace_preempt_on+0x20/0xc0 [ 216.926048] ? __pfx_kthread+0x10/0x10 [ 216.926523] ? _raw_spin_unlock_irq+0x47/0x80 [ 216.927316] ? calculate_sigpending+0x7b/0xa0 [ 216.928232] ? __pfx_kthread+0x10/0x10 [ 216.928592] ret_from_fork+0x116/0x1d0 [ 216.929266] ? __pfx_kthread+0x10/0x10 [ 216.930734] ret_from_fork_asm+0x1a/0x30 [ 216.931183] </TASK> [ 216.931428] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 216.844608] WARNING: CPU: 0 PID: 2813 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 216.847006] Modules linked in: [ 216.848072] CPU: 0 UID: 0 PID: 2813 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 216.849274] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 216.850142] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 216.851375] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 216.852242] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 216.853637] RSP: 0000:ffff888103177c78 EFLAGS: 00010286 [ 216.854297] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 216.855134] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffb323b5dc [ 216.855976] RBP: ffff888103177ca0 R08: 0000000000000000 R09: ffffed1020829460 [ 216.856752] R10: ffff88810414a307 R11: 0000000000000000 R12: ffffffffb323b5c8 [ 216.857178] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888103177d38 [ 216.858188] FS: 0000000000000000(0000) GS:ffff8881a5e5f000(0000) knlGS:0000000000000000 [ 216.859242] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 216.859845] CR2: 00007ffff7ffe000 CR3: 000000003f4bc000 CR4: 00000000000006f0 [ 216.861089] DR0: ffffffffb5265440 DR1: ffffffffb5265441 DR2: ffffffffb5265442 [ 216.861501] DR3: ffffffffb5265443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 216.863299] Call Trace: [ 216.863953] <TASK> [ 216.864274] drm_test_rect_calc_vscale+0x108/0x270 [ 216.864907] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 216.866753] ? __schedule+0x10cc/0x2b60 [ 216.867762] ? __pfx_read_tsc+0x10/0x10 [ 216.868084] ? ktime_get_ts64+0x86/0x230 [ 216.869497] kunit_try_run_case+0x1a5/0x480 [ 216.871068] ? __pfx_kunit_try_run_case+0x10/0x10 [ 216.871555] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 216.872238] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 216.872748] ? __kthread_parkme+0x82/0x180 [ 216.873507] ? preempt_count_sub+0x50/0x80 [ 216.874179] ? __pfx_kunit_try_run_case+0x10/0x10 [ 216.875103] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 216.875636] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 216.876883] kthread+0x337/0x6f0 [ 216.877325] ? trace_preempt_on+0x20/0xc0 [ 216.877804] ? __pfx_kthread+0x10/0x10 [ 216.879314] ? _raw_spin_unlock_irq+0x47/0x80 [ 216.879774] ? calculate_sigpending+0x7b/0xa0 [ 216.880851] ? __pfx_kthread+0x10/0x10 [ 216.881224] ret_from_fork+0x116/0x1d0 [ 216.881945] ? __pfx_kthread+0x10/0x10 [ 216.882410] ret_from_fork_asm+0x1a/0x30 [ 216.883716] </TASK> [ 216.883990] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 216.770093] WARNING: CPU: 0 PID: 2803 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 216.771025] Modules linked in: [ 216.771707] CPU: 0 UID: 0 PID: 2803 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 216.774189] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 216.775462] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 216.776915] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 216.777489] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 9b c5 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 216.779272] RSP: 0000:ffff88810254fc78 EFLAGS: 00010286 [ 216.780491] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 216.781624] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffb323b618 [ 216.783069] RBP: ffff88810254fca0 R08: 0000000000000000 R09: ffffed1020829420 [ 216.783869] R10: ffff88810414a107 R11: 0000000000000000 R12: ffffffffb323b600 [ 216.784690] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810254fd38 [ 216.785678] FS: 0000000000000000(0000) GS:ffff8881a5e5f000(0000) knlGS:0000000000000000 [ 216.787191] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 216.787992] CR2: 00007ffff7ffe000 CR3: 000000003f4bc000 CR4: 00000000000006f0 [ 216.788879] DR0: ffffffffb5265440 DR1: ffffffffb5265441 DR2: ffffffffb5265442 [ 216.789176] DR3: ffffffffb5265443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 216.789740] Call Trace: [ 216.790568] <TASK> [ 216.790949] drm_test_rect_calc_hscale+0x108/0x270 [ 216.791457] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 216.793470] ? __schedule+0x10cc/0x2b60 [ 216.794296] ? __pfx_read_tsc+0x10/0x10 [ 216.794994] ? ktime_get_ts64+0x86/0x230 [ 216.795294] kunit_try_run_case+0x1a5/0x480 [ 216.795654] ? __pfx_kunit_try_run_case+0x10/0x10 [ 216.796710] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 216.797770] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 216.798999] ? __kthread_parkme+0x82/0x180 [ 216.799434] ? preempt_count_sub+0x50/0x80 [ 216.800227] ? __pfx_kunit_try_run_case+0x10/0x10 [ 216.801015] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 216.802288] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 216.802991] kthread+0x337/0x6f0 [ 216.803403] ? trace_preempt_on+0x20/0xc0 [ 216.803845] ? __pfx_kthread+0x10/0x10 [ 216.805112] ? _raw_spin_unlock_irq+0x47/0x80 [ 216.805890] ? calculate_sigpending+0x7b/0xa0 [ 216.806718] ? __pfx_kthread+0x10/0x10 [ 216.807688] ret_from_fork+0x116/0x1d0 [ 216.808301] ? __pfx_kthread+0x10/0x10 [ 216.809415] ret_from_fork_asm+0x1a/0x30 [ 216.810573] </TASK> [ 216.810965] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 216.720249] WARNING: CPU: 1 PID: 2801 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 216.724615] Modules linked in: [ 216.725875] CPU: 1 UID: 0 PID: 2801 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 216.728102] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 216.729098] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 216.730094] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 216.731160] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 9b c5 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 216.733258] RSP: 0000:ffff888103127c78 EFLAGS: 00010286 [ 216.733761] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 216.735408] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffb323b5e0 [ 216.736121] RBP: ffff888103127ca0 R08: 0000000000000000 R09: ffffed10204d1e00 [ 216.736696] R10: ffff88810268f007 R11: 0000000000000000 R12: ffffffffb323b5c8 [ 216.737783] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888103127d38 [ 216.738494] FS: 0000000000000000(0000) GS:ffff8881a5f5f000(0000) knlGS:0000000000000000 [ 216.739281] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 216.740305] CR2: 00007ffff7ffe000 CR3: 000000003f4bc000 CR4: 00000000000006f0 [ 216.740958] DR0: ffffffffb5265440 DR1: ffffffffb5265441 DR2: ffffffffb5265443 [ 216.742173] DR3: ffffffffb5265445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 216.743015] Call Trace: [ 216.743499] <TASK> [ 216.744445] drm_test_rect_calc_hscale+0x108/0x270 [ 216.745232] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 216.745603] ? __schedule+0x10cc/0x2b60 [ 216.746991] ? __pfx_read_tsc+0x10/0x10 [ 216.747461] ? ktime_get_ts64+0x86/0x230 [ 216.748296] kunit_try_run_case+0x1a5/0x480 [ 216.749864] ? __pfx_kunit_try_run_case+0x10/0x10 [ 216.750379] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 216.751168] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 216.752150] ? __kthread_parkme+0x82/0x180 [ 216.752584] ? preempt_count_sub+0x50/0x80 [ 216.753697] ? __pfx_kunit_try_run_case+0x10/0x10 [ 216.753933] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 216.754311] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 216.754969] kthread+0x337/0x6f0 [ 216.755378] ? trace_preempt_on+0x20/0xc0 [ 216.755841] ? __pfx_kthread+0x10/0x10 [ 216.756261] ? _raw_spin_unlock_irq+0x47/0x80 [ 216.757259] ? calculate_sigpending+0x7b/0xa0 [ 216.758906] ? __pfx_kthread+0x10/0x10 [ 216.759324] ret_from_fork+0x116/0x1d0 [ 216.760108] ? __pfx_kthread+0x10/0x10 [ 216.760479] ret_from_fork_asm+0x1a/0x30 [ 216.761163] </TASK> [ 216.761509] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 58.404305] ================================================================== [ 58.404938] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 58.404938] [ 58.405761] Use-after-free read at 0x(____ptrval____) (in kfence-#179): [ 58.406266] test_krealloc+0x6fc/0xbe0 [ 58.406750] kunit_try_run_case+0x1a5/0x480 [ 58.407203] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 58.407684] kthread+0x337/0x6f0 [ 58.408125] ret_from_fork+0x116/0x1d0 [ 58.408626] ret_from_fork_asm+0x1a/0x30 [ 58.409095] [ 58.409303] kfence-#179: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 58.409303] [ 58.410254] allocated by task 355 on cpu 1 at 58.403259s (0.006989s ago): [ 58.411016] test_alloc+0x364/0x10f0 [ 58.411335] test_krealloc+0xad/0xbe0 [ 58.411919] kunit_try_run_case+0x1a5/0x480 [ 58.412631] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 58.413201] kthread+0x337/0x6f0 [ 58.413556] ret_from_fork+0x116/0x1d0 [ 58.414177] ret_from_fork_asm+0x1a/0x30 [ 58.414663] [ 58.414951] freed by task 355 on cpu 1 at 58.403787s (0.011157s ago): [ 58.415678] krealloc_noprof+0x108/0x340 [ 58.416130] test_krealloc+0x226/0xbe0 [ 58.416617] kunit_try_run_case+0x1a5/0x480 [ 58.417360] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 58.417882] kthread+0x337/0x6f0 [ 58.418258] ret_from_fork+0x116/0x1d0 [ 58.418683] ret_from_fork_asm+0x1a/0x30 [ 58.419016] [ 58.419277] CPU: 1 UID: 0 PID: 355 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 58.420612] Tainted: [B]=BAD_PAGE, [N]=TEST [ 58.421073] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 58.421749] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 58.318005] ================================================================== [ 58.318763] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 58.318763] [ 58.319537] Use-after-free read at 0x(____ptrval____) (in kfence-#178): [ 58.320113] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 58.320676] kunit_try_run_case+0x1a5/0x480 [ 58.321133] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 58.321700] kthread+0x337/0x6f0 [ 58.322086] ret_from_fork+0x116/0x1d0 [ 58.322583] ret_from_fork_asm+0x1a/0x30 [ 58.323026] [ 58.323278] kfence-#178: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 58.323278] [ 58.324043] allocated by task 353 on cpu 1 at 58.305071s (0.018967s ago): [ 58.324709] test_alloc+0x2a6/0x10f0 [ 58.325134] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 58.325707] kunit_try_run_case+0x1a5/0x480 [ 58.326149] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 58.326623] kthread+0x337/0x6f0 [ 58.326978] ret_from_fork+0x116/0x1d0 [ 58.327462] ret_from_fork_asm+0x1a/0x30 [ 58.327918] [ 58.328145] freed by task 353 on cpu 1 at 58.305414s (0.022725s ago): [ 58.328772] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 58.329285] kunit_try_run_case+0x1a5/0x480 [ 58.329709] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 58.330178] kthread+0x337/0x6f0 [ 58.330648] ret_from_fork+0x116/0x1d0 [ 58.331070] ret_from_fork_asm+0x1a/0x30 [ 58.331578] [ 58.331864] CPU: 1 UID: 0 PID: 353 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 58.332834] Tainted: [B]=BAD_PAGE, [N]=TEST [ 58.333290] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 58.333866] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 34.496073] ================================================================== [ 34.496952] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 34.496952] [ 34.497667] Invalid read at 0x(____ptrval____): [ 34.498035] test_invalid_access+0xf0/0x210 [ 34.498489] kunit_try_run_case+0x1a5/0x480 [ 34.499366] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.500217] kthread+0x337/0x6f0 [ 34.500669] ret_from_fork+0x116/0x1d0 [ 34.501002] ret_from_fork_asm+0x1a/0x30 [ 34.501405] [ 34.501708] CPU: 1 UID: 0 PID: 349 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 34.502654] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.503075] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.503909] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 34.267615] ================================================================== [ 34.268084] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 34.268084] [ 34.269453] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#174): [ 34.271011] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 34.271474] kunit_try_run_case+0x1a5/0x480 [ 34.272269] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.272809] kthread+0x337/0x6f0 [ 34.273188] ret_from_fork+0x116/0x1d0 [ 34.273711] ret_from_fork_asm+0x1a/0x30 [ 34.274145] [ 34.274438] kfence-#174: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 34.274438] [ 34.275391] allocated by task 343 on cpu 0 at 34.267168s (0.008217s ago): [ 34.275966] test_alloc+0x364/0x10f0 [ 34.276461] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 34.277018] kunit_try_run_case+0x1a5/0x480 [ 34.277559] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.278118] kthread+0x337/0x6f0 [ 34.278544] ret_from_fork+0x116/0x1d0 [ 34.278938] ret_from_fork_asm+0x1a/0x30 [ 34.279409] [ 34.279678] freed by task 343 on cpu 0 at 34.267418s (0.012254s ago): [ 34.280252] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 34.280802] kunit_try_run_case+0x1a5/0x480 [ 34.281154] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.281666] kthread+0x337/0x6f0 [ 34.282100] ret_from_fork+0x116/0x1d0 [ 34.282602] ret_from_fork_asm+0x1a/0x30 [ 34.283064] [ 34.283449] CPU: 0 UID: 0 PID: 343 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 34.284415] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.284881] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.285513] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 34.059588] ================================================================== [ 34.060205] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 34.060205] [ 34.061251] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#172): [ 34.061909] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 34.062452] kunit_try_run_case+0x1a5/0x480 [ 34.062838] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.063285] kthread+0x337/0x6f0 [ 34.063667] ret_from_fork+0x116/0x1d0 [ 34.064095] ret_from_fork_asm+0x1a/0x30 [ 34.064541] [ 34.064744] kfence-#172: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 34.064744] [ 34.065749] allocated by task 341 on cpu 1 at 34.059194s (0.006548s ago): [ 34.066487] test_alloc+0x364/0x10f0 [ 34.066848] test_kmalloc_aligned_oob_read+0x105/0x560 [ 34.067253] kunit_try_run_case+0x1a5/0x480 [ 34.067747] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.068271] kthread+0x337/0x6f0 [ 34.068682] ret_from_fork+0x116/0x1d0 [ 34.069124] ret_from_fork_asm+0x1a/0x30 [ 34.069463] [ 34.069820] CPU: 1 UID: 0 PID: 341 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 34.070706] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.071083] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.071976] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_corruption
[ 28.859519] ================================================================== [ 28.860128] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 28.860128] [ 28.860833] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#122): [ 28.862183] test_corruption+0x2d2/0x3e0 [ 28.862663] kunit_try_run_case+0x1a5/0x480 [ 28.863125] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.863608] kthread+0x337/0x6f0 [ 28.863957] ret_from_fork+0x116/0x1d0 [ 28.864472] ret_from_fork_asm+0x1a/0x30 [ 28.864844] [ 28.865046] kfence-#122: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 28.865046] [ 28.866153] allocated by task 329 on cpu 1 at 28.859221s (0.006926s ago): [ 28.866664] test_alloc+0x364/0x10f0 [ 28.867158] test_corruption+0xe6/0x3e0 [ 28.867616] kunit_try_run_case+0x1a5/0x480 [ 28.868064] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.868634] kthread+0x337/0x6f0 [ 28.868955] ret_from_fork+0x116/0x1d0 [ 28.869442] ret_from_fork_asm+0x1a/0x30 [ 28.869929] [ 28.870180] freed by task 329 on cpu 1 at 28.859375s (0.010800s ago): [ 28.870778] test_corruption+0x2d2/0x3e0 [ 28.871166] kunit_try_run_case+0x1a5/0x480 [ 28.871700] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.872148] kthread+0x337/0x6f0 [ 28.872554] ret_from_fork+0x116/0x1d0 [ 28.872972] ret_from_fork_asm+0x1a/0x30 [ 28.873397] [ 28.873762] CPU: 1 UID: 0 PID: 329 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 28.874451] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.874914] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.876017] ================================================================== [ 29.483445] ================================================================== [ 29.484056] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 29.484056] [ 29.484821] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#128): [ 29.486197] test_corruption+0x131/0x3e0 [ 29.486558] kunit_try_run_case+0x1a5/0x480 [ 29.487084] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.487837] kthread+0x337/0x6f0 [ 29.488233] ret_from_fork+0x116/0x1d0 [ 29.488609] ret_from_fork_asm+0x1a/0x30 [ 29.489059] [ 29.489297] kfence-#128: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 29.489297] [ 29.490079] allocated by task 331 on cpu 1 at 29.483209s (0.006864s ago): [ 29.490778] test_alloc+0x2a6/0x10f0 [ 29.491097] test_corruption+0xe6/0x3e0 [ 29.491475] kunit_try_run_case+0x1a5/0x480 [ 29.491949] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.492672] kthread+0x337/0x6f0 [ 29.493062] ret_from_fork+0x116/0x1d0 [ 29.493483] ret_from_fork_asm+0x1a/0x30 [ 29.493846] [ 29.494038] freed by task 331 on cpu 1 at 29.483301s (0.010732s ago): [ 29.494767] test_corruption+0x131/0x3e0 [ 29.495201] kunit_try_run_case+0x1a5/0x480 [ 29.495701] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.496356] kthread+0x337/0x6f0 [ 29.496855] ret_from_fork+0x116/0x1d0 [ 29.497312] ret_from_fork_asm+0x1a/0x30 [ 29.497721] [ 29.498006] CPU: 1 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 29.498798] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.499546] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.500252] ================================================================== [ 29.171600] ================================================================== [ 29.172178] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 29.172178] [ 29.172866] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#125): [ 29.173656] test_corruption+0x2df/0x3e0 [ 29.174044] kunit_try_run_case+0x1a5/0x480 [ 29.174762] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.175302] kthread+0x337/0x6f0 [ 29.175721] ret_from_fork+0x116/0x1d0 [ 29.176102] ret_from_fork_asm+0x1a/0x30 [ 29.176783] [ 29.177013] kfence-#125: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 29.177013] [ 29.177917] allocated by task 329 on cpu 1 at 29.171186s (0.006725s ago): [ 29.178614] test_alloc+0x364/0x10f0 [ 29.179051] test_corruption+0x1cb/0x3e0 [ 29.179520] kunit_try_run_case+0x1a5/0x480 [ 29.179868] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.180252] kthread+0x337/0x6f0 [ 29.180663] ret_from_fork+0x116/0x1d0 [ 29.181077] ret_from_fork_asm+0x1a/0x30 [ 29.181717] [ 29.181949] freed by task 329 on cpu 1 at 29.171316s (0.010628s ago): [ 29.182564] test_corruption+0x2df/0x3e0 [ 29.182962] kunit_try_run_case+0x1a5/0x480 [ 29.183464] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.183896] kthread+0x337/0x6f0 [ 29.184215] ret_from_fork+0x116/0x1d0 [ 29.184721] ret_from_fork_asm+0x1a/0x30 [ 29.185180] [ 29.185518] CPU: 1 UID: 0 PID: 329 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 29.186532] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.186878] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.187588] ================================================================== [ 29.587394] ================================================================== [ 29.587999] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 29.587999] [ 29.588815] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#129): [ 29.589414] test_corruption+0x216/0x3e0 [ 29.590087] kunit_try_run_case+0x1a5/0x480 [ 29.590627] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.591151] kthread+0x337/0x6f0 [ 29.591549] ret_from_fork+0x116/0x1d0 [ 29.591973] ret_from_fork_asm+0x1a/0x30 [ 29.592570] [ 29.592819] kfence-#129: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 29.592819] [ 29.593425] allocated by task 331 on cpu 1 at 29.587170s (0.006249s ago): [ 29.594379] test_alloc+0x2a6/0x10f0 [ 29.594747] test_corruption+0x1cb/0x3e0 [ 29.595079] kunit_try_run_case+0x1a5/0x480 [ 29.595557] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.596223] kthread+0x337/0x6f0 [ 29.596644] ret_from_fork+0x116/0x1d0 [ 29.597063] ret_from_fork_asm+0x1a/0x30 [ 29.597532] [ 29.597908] freed by task 331 on cpu 1 at 29.587258s (0.010645s ago): [ 29.598522] test_corruption+0x216/0x3e0 [ 29.598909] kunit_try_run_case+0x1a5/0x480 [ 29.599328] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.599752] kthread+0x337/0x6f0 [ 29.600153] ret_from_fork+0x116/0x1d0 [ 29.600749] ret_from_fork_asm+0x1a/0x30 [ 29.601279] [ 29.601595] CPU: 1 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 29.602551] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.602873] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.603447] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 28.651394] ================================================================== [ 28.652011] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 28.652011] [ 28.652867] Invalid free of 0x(____ptrval____) (in kfence-#120): [ 28.653356] test_invalid_addr_free+0xfb/0x260 [ 28.654003] kunit_try_run_case+0x1a5/0x480 [ 28.654478] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.655065] kthread+0x337/0x6f0 [ 28.655518] ret_from_fork+0x116/0x1d0 [ 28.655972] ret_from_fork_asm+0x1a/0x30 [ 28.656439] [ 28.656729] kfence-#120: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 28.656729] [ 28.657318] allocated by task 327 on cpu 1 at 28.651198s (0.006114s ago): [ 28.658316] test_alloc+0x2a6/0x10f0 [ 28.658751] test_invalid_addr_free+0xdb/0x260 [ 28.659282] kunit_try_run_case+0x1a5/0x480 [ 28.659975] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.660457] kthread+0x337/0x6f0 [ 28.660910] ret_from_fork+0x116/0x1d0 [ 28.661307] ret_from_fork_asm+0x1a/0x30 [ 28.662016] [ 28.662331] CPU: 1 UID: 0 PID: 327 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 28.663365] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.663787] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.664456] ================================================================== [ 28.547399] ================================================================== [ 28.548051] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 28.548051] [ 28.548725] Invalid free of 0x(____ptrval____) (in kfence-#119): [ 28.549205] test_invalid_addr_free+0x1e1/0x260 [ 28.549697] kunit_try_run_case+0x1a5/0x480 [ 28.550184] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.550691] kthread+0x337/0x6f0 [ 28.551049] ret_from_fork+0x116/0x1d0 [ 28.551483] ret_from_fork_asm+0x1a/0x30 [ 28.551840] [ 28.552066] kfence-#119: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 28.552066] [ 28.552805] allocated by task 325 on cpu 1 at 28.547178s (0.005621s ago): [ 28.553670] test_alloc+0x364/0x10f0 [ 28.554017] test_invalid_addr_free+0xdb/0x260 [ 28.554370] kunit_try_run_case+0x1a5/0x480 [ 28.554949] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.555610] kthread+0x337/0x6f0 [ 28.555986] ret_from_fork+0x116/0x1d0 [ 28.556328] ret_from_fork_asm+0x1a/0x30 [ 28.556735] [ 28.557031] CPU: 1 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 28.558039] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.558940] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.560584] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_double_free
[ 28.443523] ================================================================== [ 28.444132] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 28.444132] [ 28.444851] Invalid free of 0x(____ptrval____) (in kfence-#118): [ 28.446083] test_double_free+0x112/0x260 [ 28.446714] kunit_try_run_case+0x1a5/0x480 [ 28.446960] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.447171] kthread+0x337/0x6f0 [ 28.447524] ret_from_fork+0x116/0x1d0 [ 28.448002] ret_from_fork_asm+0x1a/0x30 [ 28.448693] [ 28.448941] kfence-#118: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 28.448941] [ 28.449838] allocated by task 323 on cpu 0 at 28.443191s (0.006640s ago): [ 28.450309] test_alloc+0x2a6/0x10f0 [ 28.451115] test_double_free+0xdb/0x260 [ 28.451948] kunit_try_run_case+0x1a5/0x480 [ 28.452642] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.453157] kthread+0x337/0x6f0 [ 28.453607] ret_from_fork+0x116/0x1d0 [ 28.454174] ret_from_fork_asm+0x1a/0x30 [ 28.454704] [ 28.455001] freed by task 323 on cpu 0 at 28.443287s (0.011707s ago): [ 28.455628] test_double_free+0xfa/0x260 [ 28.456053] kunit_try_run_case+0x1a5/0x480 [ 28.456537] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.457138] kthread+0x337/0x6f0 [ 28.457546] ret_from_fork+0x116/0x1d0 [ 28.457959] ret_from_fork_asm+0x1a/0x30 [ 28.458399] [ 28.459000] CPU: 0 UID: 0 PID: 323 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 28.459985] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.460466] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.461809] ================================================================== [ 28.339589] ================================================================== [ 28.340240] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 28.340240] [ 28.341033] Invalid free of 0x(____ptrval____) (in kfence-#117): [ 28.341663] test_double_free+0x1d3/0x260 [ 28.342123] kunit_try_run_case+0x1a5/0x480 [ 28.342767] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.343236] kthread+0x337/0x6f0 [ 28.343687] ret_from_fork+0x116/0x1d0 [ 28.344147] ret_from_fork_asm+0x1a/0x30 [ 28.344574] [ 28.344770] kfence-#117: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 28.344770] [ 28.345657] allocated by task 321 on cpu 1 at 28.339207s (0.006445s ago): [ 28.346251] test_alloc+0x364/0x10f0 [ 28.346720] test_double_free+0xdb/0x260 [ 28.347243] kunit_try_run_case+0x1a5/0x480 [ 28.347677] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.348078] kthread+0x337/0x6f0 [ 28.348722] ret_from_fork+0x116/0x1d0 [ 28.349196] ret_from_fork_asm+0x1a/0x30 [ 28.349726] [ 28.349920] freed by task 321 on cpu 1 at 28.339314s (0.010601s ago): [ 28.350835] test_double_free+0x1e0/0x260 [ 28.351284] kunit_try_run_case+0x1a5/0x480 [ 28.351792] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.352279] kthread+0x337/0x6f0 [ 28.352681] ret_from_fork+0x116/0x1d0 [ 28.353129] ret_from_fork_asm+0x1a/0x30 [ 28.353551] [ 28.353939] CPU: 1 UID: 0 PID: 321 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 28.354935] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.355395] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.356202] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 27.923597] ================================================================== [ 27.924254] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 27.924254] [ 27.925098] Use-after-free read at 0x(____ptrval____) (in kfence-#113): [ 27.925827] test_use_after_free_read+0x129/0x270 [ 27.926399] kunit_try_run_case+0x1a5/0x480 [ 27.926944] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.927367] kthread+0x337/0x6f0 [ 27.927949] ret_from_fork+0x116/0x1d0 [ 27.928525] ret_from_fork_asm+0x1a/0x30 [ 27.928970] [ 27.929280] kfence-#113: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 27.929280] [ 27.929994] allocated by task 313 on cpu 0 at 27.923201s (0.006788s ago): [ 27.930964] test_alloc+0x364/0x10f0 [ 27.931546] test_use_after_free_read+0xdc/0x270 [ 27.932091] kunit_try_run_case+0x1a5/0x480 [ 27.932604] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.933157] kthread+0x337/0x6f0 [ 27.933573] ret_from_fork+0x116/0x1d0 [ 27.934276] ret_from_fork_asm+0x1a/0x30 [ 27.934695] [ 27.934940] freed by task 313 on cpu 0 at 27.923315s (0.011618s ago): [ 27.935684] test_use_after_free_read+0x1e7/0x270 [ 27.936150] kunit_try_run_case+0x1a5/0x480 [ 27.936680] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.937371] kthread+0x337/0x6f0 [ 27.937755] ret_from_fork+0x116/0x1d0 [ 27.938195] ret_from_fork_asm+0x1a/0x30 [ 27.938692] [ 27.939038] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 27.940239] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.940733] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.941329] ================================================================== [ 28.027401] ================================================================== [ 28.027938] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 28.027938] [ 28.028593] Use-after-free read at 0x(____ptrval____) (in kfence-#114): [ 28.029729] test_use_after_free_read+0x129/0x270 [ 28.030667] kunit_try_run_case+0x1a5/0x480 [ 28.031200] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.032086] kthread+0x337/0x6f0 [ 28.032629] ret_from_fork+0x116/0x1d0 [ 28.033023] ret_from_fork_asm+0x1a/0x30 [ 28.033489] [ 28.033746] kfence-#114: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 28.033746] [ 28.034622] allocated by task 315 on cpu 0 at 28.027202s (0.007414s ago): [ 28.035270] test_alloc+0x2a6/0x10f0 [ 28.035769] test_use_after_free_read+0xdc/0x270 [ 28.036343] kunit_try_run_case+0x1a5/0x480 [ 28.036998] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.037391] kthread+0x337/0x6f0 [ 28.038620] ret_from_fork+0x116/0x1d0 [ 28.039030] ret_from_fork_asm+0x1a/0x30 [ 28.039345] [ 28.039535] freed by task 315 on cpu 0 at 28.027271s (0.012258s ago): [ 28.040020] test_use_after_free_read+0xfb/0x270 [ 28.040346] kunit_try_run_case+0x1a5/0x480 [ 28.040942] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.041950] kthread+0x337/0x6f0 [ 28.042333] ret_from_fork+0x116/0x1d0 [ 28.043527] ret_from_fork_asm+0x1a/0x30 [ 28.044112] [ 28.045471] CPU: 0 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 28.046171] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.046445] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.046976] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 27.819296] ================================================================== [ 27.819809] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 27.819809] [ 27.821366] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#112): [ 27.822118] test_out_of_bounds_write+0x10d/0x260 [ 27.822715] kunit_try_run_case+0x1a5/0x480 [ 27.823172] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.823687] kthread+0x337/0x6f0 [ 27.824184] ret_from_fork+0x116/0x1d0 [ 27.824990] ret_from_fork_asm+0x1a/0x30 [ 27.825658] [ 27.825940] kfence-#112: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 27.825940] [ 27.826891] allocated by task 311 on cpu 0 at 27.819185s (0.007699s ago): [ 27.827988] test_alloc+0x2a6/0x10f0 [ 27.828488] test_out_of_bounds_write+0xd4/0x260 [ 27.828960] kunit_try_run_case+0x1a5/0x480 [ 27.829459] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.830082] kthread+0x337/0x6f0 [ 27.830609] ret_from_fork+0x116/0x1d0 [ 27.831093] ret_from_fork_asm+0x1a/0x30 [ 27.831759] [ 27.832068] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 27.833104] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.833600] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.834460] ================================================================== [ 27.611391] ================================================================== [ 27.612037] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 27.612037] [ 27.612923] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#110): [ 27.613689] test_out_of_bounds_write+0x10d/0x260 [ 27.614284] kunit_try_run_case+0x1a5/0x480 [ 27.614800] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.615365] kthread+0x337/0x6f0 [ 27.615859] ret_from_fork+0x116/0x1d0 [ 27.616318] ret_from_fork_asm+0x1a/0x30 [ 27.616935] [ 27.617224] kfence-#110: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 27.617224] [ 27.618445] allocated by task 309 on cpu 1 at 27.611206s (0.007233s ago): [ 27.619147] test_alloc+0x364/0x10f0 [ 27.619660] test_out_of_bounds_write+0xd4/0x260 [ 27.620280] kunit_try_run_case+0x1a5/0x480 [ 27.620775] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.621397] kthread+0x337/0x6f0 [ 27.621856] ret_from_fork+0x116/0x1d0 [ 27.622235] ret_from_fork_asm+0x1a/0x30 [ 27.622661] [ 27.622917] CPU: 1 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 27.623854] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.624291] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.624976] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 27.403328] ================================================================== [ 27.404091] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 27.404091] [ 27.405568] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#108): [ 27.406592] test_out_of_bounds_read+0x126/0x4e0 [ 27.407062] kunit_try_run_case+0x1a5/0x480 [ 27.407531] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.408029] kthread+0x337/0x6f0 [ 27.408398] ret_from_fork+0x116/0x1d0 [ 27.408950] ret_from_fork_asm+0x1a/0x30 [ 27.409331] [ 27.409604] kfence-#108: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 27.409604] [ 27.410482] allocated by task 307 on cpu 1 at 27.403229s (0.007247s ago): [ 27.411207] test_alloc+0x2a6/0x10f0 [ 27.411976] test_out_of_bounds_read+0xed/0x4e0 [ 27.412618] kunit_try_run_case+0x1a5/0x480 [ 27.413269] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.413850] kthread+0x337/0x6f0 [ 27.414286] ret_from_fork+0x116/0x1d0 [ 27.414694] ret_from_fork_asm+0x1a/0x30 [ 27.415086] [ 27.415564] CPU: 1 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 27.416691] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.417109] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.417973] ================================================================== [ 27.092829] ================================================================== [ 27.093647] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 27.093647] [ 27.094443] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#105): [ 27.095075] test_out_of_bounds_read+0x126/0x4e0 [ 27.095606] kunit_try_run_case+0x1a5/0x480 [ 27.096175] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.096634] kthread+0x337/0x6f0 [ 27.097021] ret_from_fork+0x116/0x1d0 [ 27.097449] ret_from_fork_asm+0x1a/0x30 [ 27.097975] [ 27.098196] kfence-#105: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 27.098196] [ 27.098849] allocated by task 305 on cpu 1 at 27.091234s (0.007609s ago): [ 27.099640] test_alloc+0x364/0x10f0 [ 27.100040] test_out_of_bounds_read+0xed/0x4e0 [ 27.100552] kunit_try_run_case+0x1a5/0x480 [ 27.100949] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.101386] kthread+0x337/0x6f0 [ 27.101727] ret_from_fork+0x116/0x1d0 [ 27.102179] ret_from_fork_asm+0x1a/0x30 [ 27.102971] [ 27.103280] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 27.104148] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.104468] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.105197] ================================================================== [ 27.510159] ================================================================== [ 27.510739] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 27.510739] [ 27.511452] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#109): [ 27.511939] test_out_of_bounds_read+0x216/0x4e0 [ 27.512267] kunit_try_run_case+0x1a5/0x480 [ 27.512677] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.513048] kthread+0x337/0x6f0 [ 27.513320] ret_from_fork+0x116/0x1d0 [ 27.513724] ret_from_fork_asm+0x1a/0x30 [ 27.514175] [ 27.514334] kfence-#109: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 27.514334] [ 27.514813] allocated by task 307 on cpu 1 at 27.510063s (0.004745s ago): [ 27.515485] test_alloc+0x2a6/0x10f0 [ 27.516343] test_out_of_bounds_read+0x1e2/0x4e0 [ 27.517079] kunit_try_run_case+0x1a5/0x480 [ 27.517667] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.518018] kthread+0x337/0x6f0 [ 27.518257] ret_from_fork+0x116/0x1d0 [ 27.518527] ret_from_fork_asm+0x1a/0x30 [ 27.519162] [ 27.519642] CPU: 1 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 27.521753] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.522671] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.524602] ================================================================== [ 27.195620] ================================================================== [ 27.196254] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 27.196254] [ 27.197037] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#106): [ 27.197589] test_out_of_bounds_read+0x216/0x4e0 [ 27.198119] kunit_try_run_case+0x1a5/0x480 [ 27.198565] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.199100] kthread+0x337/0x6f0 [ 27.199566] ret_from_fork+0x116/0x1d0 [ 27.199933] ret_from_fork_asm+0x1a/0x30 [ 27.200419] [ 27.200653] kfence-#106: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 27.200653] [ 27.201484] allocated by task 305 on cpu 1 at 27.195204s (0.006274s ago): [ 27.202152] test_alloc+0x364/0x10f0 [ 27.202637] test_out_of_bounds_read+0x1e2/0x4e0 [ 27.203055] kunit_try_run_case+0x1a5/0x480 [ 27.203602] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.204038] kthread+0x337/0x6f0 [ 27.204431] ret_from_fork+0x116/0x1d0 [ 27.204781] ret_from_fork_asm+0x1a/0x30 [ 27.205209] [ 27.205558] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 27.206398] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.206858] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.207701] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-kmalloc_track_caller_oob_right
[ 17.529303] ================================================================== [ 17.531311] BUG: KFENCE: memory corruption in kmalloc_track_caller_oob_right+0x288/0x520 [ 17.531311] [ 17.532045] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . ] (in kfence-#60): [ 17.534167] kmalloc_track_caller_oob_right+0x288/0x520 [ 17.534755] kunit_try_run_case+0x1a5/0x480 [ 17.535179] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.536118] kthread+0x337/0x6f0 [ 17.536950] ret_from_fork+0x116/0x1d0 [ 17.537462] ret_from_fork_asm+0x1a/0x30 [ 17.537920] [ 17.538400] kfence-#60: 0x(____ptrval____)-0x(____ptrval____), size=120, cache=kmalloc-128 [ 17.538400] [ 17.539595] allocated by task 160 on cpu 0 at 17.526482s (0.012975s ago): [ 17.540827] kmalloc_track_caller_oob_right+0x19a/0x520 [ 17.541322] kunit_try_run_case+0x1a5/0x480 [ 17.541963] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.542728] kthread+0x337/0x6f0 [ 17.543261] ret_from_fork+0x116/0x1d0 [ 17.543791] ret_from_fork_asm+0x1a/0x30 [ 17.544245] [ 17.544609] freed by task 160 on cpu 0 at 17.528716s (0.015762s ago): [ 17.545095] kmalloc_track_caller_oob_right+0x288/0x520 [ 17.545685] kunit_try_run_case+0x1a5/0x480 [ 17.546144] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.546680] kthread+0x337/0x6f0 [ 17.547000] ret_from_fork+0x116/0x1d0 [ 17.548669] ret_from_fork_asm+0x1a/0x30 [ 17.549230] [ 17.549723] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 17.550552] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.550992] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.551868] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 26.932329] ================================================================== [ 26.933322] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 26.933915] Write of size 121 at addr ffff8881039c8700 by task kunit_try_catch/303 [ 26.935371] [ 26.935928] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 26.936067] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.936111] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.936179] Call Trace: [ 26.936232] <TASK> [ 26.936315] dump_stack_lvl+0x73/0xb0 [ 26.936420] print_report+0xd1/0x650 [ 26.936465] ? __virt_addr_valid+0x1db/0x2d0 [ 26.936530] ? strncpy_from_user+0x2e/0x1d0 [ 26.936569] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.936605] ? strncpy_from_user+0x2e/0x1d0 [ 26.936635] kasan_report+0x141/0x180 [ 26.936668] ? strncpy_from_user+0x2e/0x1d0 [ 26.936703] kasan_check_range+0x10c/0x1c0 [ 26.936739] __kasan_check_write+0x18/0x20 [ 26.936769] strncpy_from_user+0x2e/0x1d0 [ 26.936797] ? __kasan_check_read+0x15/0x20 [ 26.936829] copy_user_test_oob+0x760/0x10f0 [ 26.936866] ? __pfx_copy_user_test_oob+0x10/0x10 [ 26.936904] ? finish_task_switch.isra.0+0x153/0x700 [ 26.936939] ? __switch_to+0x47/0xf50 [ 26.936978] ? __schedule+0x10cc/0x2b60 [ 26.937013] ? __pfx_read_tsc+0x10/0x10 [ 26.937046] ? ktime_get_ts64+0x86/0x230 [ 26.937083] kunit_try_run_case+0x1a5/0x480 [ 26.937124] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.937161] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.937199] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.937255] ? __kthread_parkme+0x82/0x180 [ 26.937302] ? preempt_count_sub+0x50/0x80 [ 26.937340] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.937385] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.937424] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.937463] kthread+0x337/0x6f0 [ 26.937511] ? trace_preempt_on+0x20/0xc0 [ 26.937560] ? __pfx_kthread+0x10/0x10 [ 26.937593] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.937644] ? calculate_sigpending+0x7b/0xa0 [ 26.937683] ? __pfx_kthread+0x10/0x10 [ 26.937717] ret_from_fork+0x116/0x1d0 [ 26.937747] ? __pfx_kthread+0x10/0x10 [ 26.937780] ret_from_fork_asm+0x1a/0x30 [ 26.937826] </TASK> [ 26.937844] [ 26.956703] Allocated by task 303: [ 26.957177] kasan_save_stack+0x45/0x70 [ 26.957715] kasan_save_track+0x18/0x40 [ 26.958155] kasan_save_alloc_info+0x3b/0x50 [ 26.958706] __kasan_kmalloc+0xb7/0xc0 [ 26.959125] __kmalloc_noprof+0x1c9/0x500 [ 26.959626] kunit_kmalloc_array+0x25/0x60 [ 26.960125] copy_user_test_oob+0xab/0x10f0 [ 26.960605] kunit_try_run_case+0x1a5/0x480 [ 26.960975] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.961637] kthread+0x337/0x6f0 [ 26.962066] ret_from_fork+0x116/0x1d0 [ 26.962597] ret_from_fork_asm+0x1a/0x30 [ 26.963064] [ 26.963283] The buggy address belongs to the object at ffff8881039c8700 [ 26.963283] which belongs to the cache kmalloc-128 of size 128 [ 26.964340] The buggy address is located 0 bytes inside of [ 26.964340] allocated 120-byte region [ffff8881039c8700, ffff8881039c8778) [ 26.965376] [ 26.965595] The buggy address belongs to the physical page: [ 26.966211] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c8 [ 26.967029] flags: 0x200000000000000(node=0|zone=2) [ 26.967664] page_type: f5(slab) [ 26.968056] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.968835] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.969413] page dumped because: kasan: bad access detected [ 26.969985] [ 26.970317] Memory state around the buggy address: [ 26.970843] ffff8881039c8600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.971340] ffff8881039c8680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.974679] >ffff8881039c8700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 26.975765] ^ [ 26.976178] ffff8881039c8780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.978834] ffff8881039c8800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.980379] ================================================================== [ 26.983258] ================================================================== [ 26.984979] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 26.986858] Write of size 1 at addr ffff8881039c8778 by task kunit_try_catch/303 [ 26.988679] [ 26.989714] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 26.989861] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.989889] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.989941] Call Trace: [ 26.989968] <TASK> [ 26.989995] dump_stack_lvl+0x73/0xb0 [ 26.990057] print_report+0xd1/0x650 [ 26.990099] ? __virt_addr_valid+0x1db/0x2d0 [ 26.990138] ? strncpy_from_user+0x1a5/0x1d0 [ 26.990175] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.990216] ? strncpy_from_user+0x1a5/0x1d0 [ 26.990286] kasan_report+0x141/0x180 [ 26.990326] ? strncpy_from_user+0x1a5/0x1d0 [ 26.990368] __asan_report_store1_noabort+0x1b/0x30 [ 26.990411] strncpy_from_user+0x1a5/0x1d0 [ 26.990447] copy_user_test_oob+0x760/0x10f0 [ 26.990489] ? __pfx_copy_user_test_oob+0x10/0x10 [ 26.990567] ? finish_task_switch.isra.0+0x153/0x700 [ 26.990609] ? __switch_to+0x47/0xf50 [ 26.990651] ? __schedule+0x10cc/0x2b60 [ 26.990688] ? __pfx_read_tsc+0x10/0x10 [ 26.990724] ? ktime_get_ts64+0x86/0x230 [ 26.990763] kunit_try_run_case+0x1a5/0x480 [ 26.990808] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.990849] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.990889] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.990932] ? __kthread_parkme+0x82/0x180 [ 26.990965] ? preempt_count_sub+0x50/0x80 [ 26.991002] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.991044] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.991086] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.991130] kthread+0x337/0x6f0 [ 26.991161] ? trace_preempt_on+0x20/0xc0 [ 26.991200] ? __pfx_kthread+0x10/0x10 [ 26.991269] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.991312] ? calculate_sigpending+0x7b/0xa0 [ 26.991353] ? __pfx_kthread+0x10/0x10 [ 26.991389] ret_from_fork+0x116/0x1d0 [ 26.991419] ? __pfx_kthread+0x10/0x10 [ 26.991451] ret_from_fork_asm+0x1a/0x30 [ 26.991519] </TASK> [ 26.991558] [ 27.011515] Allocated by task 303: [ 27.012003] kasan_save_stack+0x45/0x70 [ 27.012643] kasan_save_track+0x18/0x40 [ 27.013146] kasan_save_alloc_info+0x3b/0x50 [ 27.013648] __kasan_kmalloc+0xb7/0xc0 [ 27.014074] __kmalloc_noprof+0x1c9/0x500 [ 27.014520] kunit_kmalloc_array+0x25/0x60 [ 27.014882] copy_user_test_oob+0xab/0x10f0 [ 27.015334] kunit_try_run_case+0x1a5/0x480 [ 27.015803] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.016362] kthread+0x337/0x6f0 [ 27.016698] ret_from_fork+0x116/0x1d0 [ 27.017108] ret_from_fork_asm+0x1a/0x30 [ 27.017599] [ 27.017837] The buggy address belongs to the object at ffff8881039c8700 [ 27.017837] which belongs to the cache kmalloc-128 of size 128 [ 27.018869] The buggy address is located 0 bytes to the right of [ 27.018869] allocated 120-byte region [ffff8881039c8700, ffff8881039c8778) [ 27.019816] [ 27.020064] The buggy address belongs to the physical page: [ 27.020619] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c8 [ 27.021306] flags: 0x200000000000000(node=0|zone=2) [ 27.021853] page_type: f5(slab) [ 27.023172] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 27.023842] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.024362] page dumped because: kasan: bad access detected [ 27.024751] [ 27.024989] Memory state around the buggy address: [ 27.025457] ffff8881039c8600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.026899] ffff8881039c8680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.027407] >ffff8881039c8700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 27.027935] ^ [ 27.028459] ffff8881039c8780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.029071] ffff8881039c8800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.029828] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 26.886032] ================================================================== [ 26.886789] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 26.887411] Read of size 121 at addr ffff8881039c8700 by task kunit_try_catch/303 [ 26.888079] [ 26.888398] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 26.888551] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.888596] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.888664] Call Trace: [ 26.888721] <TASK> [ 26.888777] dump_stack_lvl+0x73/0xb0 [ 26.888878] print_report+0xd1/0x650 [ 26.888963] ? __virt_addr_valid+0x1db/0x2d0 [ 26.889043] ? copy_user_test_oob+0x604/0x10f0 [ 26.889118] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.889199] ? copy_user_test_oob+0x604/0x10f0 [ 26.889330] kasan_report+0x141/0x180 [ 26.889407] ? copy_user_test_oob+0x604/0x10f0 [ 26.889519] kasan_check_range+0x10c/0x1c0 [ 26.889609] __kasan_check_read+0x15/0x20 [ 26.889698] copy_user_test_oob+0x604/0x10f0 [ 26.889786] ? __pfx_copy_user_test_oob+0x10/0x10 [ 26.889866] ? finish_task_switch.isra.0+0x153/0x700 [ 26.889947] ? __switch_to+0x47/0xf50 [ 26.890035] ? __schedule+0x10cc/0x2b60 [ 26.890113] ? __pfx_read_tsc+0x10/0x10 [ 26.890192] ? ktime_get_ts64+0x86/0x230 [ 26.890327] kunit_try_run_case+0x1a5/0x480 [ 26.890413] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.890464] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.890528] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.890570] ? __kthread_parkme+0x82/0x180 [ 26.890601] ? preempt_count_sub+0x50/0x80 [ 26.890634] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.890673] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.890708] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.890745] kthread+0x337/0x6f0 [ 26.890774] ? trace_preempt_on+0x20/0xc0 [ 26.890810] ? __pfx_kthread+0x10/0x10 [ 26.890842] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.890874] ? calculate_sigpending+0x7b/0xa0 [ 26.890910] ? __pfx_kthread+0x10/0x10 [ 26.890942] ret_from_fork+0x116/0x1d0 [ 26.890970] ? __pfx_kthread+0x10/0x10 [ 26.891001] ret_from_fork_asm+0x1a/0x30 [ 26.891044] </TASK> [ 26.891062] [ 26.909880] Allocated by task 303: [ 26.910359] kasan_save_stack+0x45/0x70 [ 26.910900] kasan_save_track+0x18/0x40 [ 26.911421] kasan_save_alloc_info+0x3b/0x50 [ 26.911980] __kasan_kmalloc+0xb7/0xc0 [ 26.912511] __kmalloc_noprof+0x1c9/0x500 [ 26.913013] kunit_kmalloc_array+0x25/0x60 [ 26.913413] copy_user_test_oob+0xab/0x10f0 [ 26.913945] kunit_try_run_case+0x1a5/0x480 [ 26.914618] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.915194] kthread+0x337/0x6f0 [ 26.915718] ret_from_fork+0x116/0x1d0 [ 26.916141] ret_from_fork_asm+0x1a/0x30 [ 26.916642] [ 26.916843] The buggy address belongs to the object at ffff8881039c8700 [ 26.916843] which belongs to the cache kmalloc-128 of size 128 [ 26.918529] The buggy address is located 0 bytes inside of [ 26.918529] allocated 120-byte region [ffff8881039c8700, ffff8881039c8778) [ 26.919947] [ 26.920182] The buggy address belongs to the physical page: [ 26.920637] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c8 [ 26.921226] flags: 0x200000000000000(node=0|zone=2) [ 26.922367] page_type: f5(slab) [ 26.922649] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.923676] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.924225] page dumped because: kasan: bad access detected [ 26.924679] [ 26.924851] Memory state around the buggy address: [ 26.925247] ffff8881039c8600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.926887] ffff8881039c8680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.927759] >ffff8881039c8700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 26.928629] ^ [ 26.929745] ffff8881039c8780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.930311] ffff8881039c8800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.930922] ================================================================== [ 26.793377] ================================================================== [ 26.794050] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 26.794871] Read of size 121 at addr ffff8881039c8700 by task kunit_try_catch/303 [ 26.795565] [ 26.795862] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 26.796041] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.796086] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.796158] Call Trace: [ 26.796262] <TASK> [ 26.796350] dump_stack_lvl+0x73/0xb0 [ 26.796452] print_report+0xd1/0x650 [ 26.796555] ? __virt_addr_valid+0x1db/0x2d0 [ 26.796641] ? copy_user_test_oob+0x4aa/0x10f0 [ 26.796722] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.796806] ? copy_user_test_oob+0x4aa/0x10f0 [ 26.796940] kasan_report+0x141/0x180 [ 26.797024] ? copy_user_test_oob+0x4aa/0x10f0 [ 26.797109] kasan_check_range+0x10c/0x1c0 [ 26.797151] __kasan_check_read+0x15/0x20 [ 26.797182] copy_user_test_oob+0x4aa/0x10f0 [ 26.797243] ? __pfx_copy_user_test_oob+0x10/0x10 [ 26.797316] ? finish_task_switch.isra.0+0x153/0x700 [ 26.797355] ? __switch_to+0x47/0xf50 [ 26.797394] ? __schedule+0x10cc/0x2b60 [ 26.797428] ? __pfx_read_tsc+0x10/0x10 [ 26.797458] ? ktime_get_ts64+0x86/0x230 [ 26.797511] kunit_try_run_case+0x1a5/0x480 [ 26.797561] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.797600] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.797655] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.797692] ? __kthread_parkme+0x82/0x180 [ 26.797721] ? preempt_count_sub+0x50/0x80 [ 26.797754] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.797791] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.797827] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.797863] kthread+0x337/0x6f0 [ 26.797892] ? trace_preempt_on+0x20/0xc0 [ 26.797927] ? __pfx_kthread+0x10/0x10 [ 26.797957] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.797989] ? calculate_sigpending+0x7b/0xa0 [ 26.798024] ? __pfx_kthread+0x10/0x10 [ 26.798056] ret_from_fork+0x116/0x1d0 [ 26.798083] ? __pfx_kthread+0x10/0x10 [ 26.798113] ret_from_fork_asm+0x1a/0x30 [ 26.798156] </TASK> [ 26.798172] [ 26.819014] Allocated by task 303: [ 26.819436] kasan_save_stack+0x45/0x70 [ 26.820082] kasan_save_track+0x18/0x40 [ 26.820803] kasan_save_alloc_info+0x3b/0x50 [ 26.821382] __kasan_kmalloc+0xb7/0xc0 [ 26.821875] __kmalloc_noprof+0x1c9/0x500 [ 26.822116] kunit_kmalloc_array+0x25/0x60 [ 26.822469] copy_user_test_oob+0xab/0x10f0 [ 26.823287] kunit_try_run_case+0x1a5/0x480 [ 26.824178] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.824690] kthread+0x337/0x6f0 [ 26.825102] ret_from_fork+0x116/0x1d0 [ 26.825566] ret_from_fork_asm+0x1a/0x30 [ 26.826089] [ 26.826674] The buggy address belongs to the object at ffff8881039c8700 [ 26.826674] which belongs to the cache kmalloc-128 of size 128 [ 26.827988] The buggy address is located 0 bytes inside of [ 26.827988] allocated 120-byte region [ffff8881039c8700, ffff8881039c8778) [ 26.829271] [ 26.829546] The buggy address belongs to the physical page: [ 26.830040] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c8 [ 26.830766] flags: 0x200000000000000(node=0|zone=2) [ 26.831309] page_type: f5(slab) [ 26.831716] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.832463] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.833100] page dumped because: kasan: bad access detected [ 26.833688] [ 26.834002] Memory state around the buggy address: [ 26.834487] ffff8881039c8600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.835112] ffff8881039c8680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.835784] >ffff8881039c8700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 26.836472] ^ [ 26.837101] ffff8881039c8780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.837788] ffff8881039c8800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.838478] ================================================================== [ 26.839840] ================================================================== [ 26.841304] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 26.841787] Write of size 121 at addr ffff8881039c8700 by task kunit_try_catch/303 [ 26.842053] [ 26.842171] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 26.842264] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.842307] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.842374] Call Trace: [ 26.842487] <TASK> [ 26.842569] dump_stack_lvl+0x73/0xb0 [ 26.842662] print_report+0xd1/0x650 [ 26.842746] ? __virt_addr_valid+0x1db/0x2d0 [ 26.842831] ? copy_user_test_oob+0x557/0x10f0 [ 26.842963] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.843288] ? copy_user_test_oob+0x557/0x10f0 [ 26.843375] kasan_report+0x141/0x180 [ 26.843493] ? copy_user_test_oob+0x557/0x10f0 [ 26.843610] kasan_check_range+0x10c/0x1c0 [ 26.843691] __kasan_check_write+0x18/0x20 [ 26.843761] copy_user_test_oob+0x557/0x10f0 [ 26.843807] ? __pfx_copy_user_test_oob+0x10/0x10 [ 26.843846] ? finish_task_switch.isra.0+0x153/0x700 [ 26.843884] ? __switch_to+0x47/0xf50 [ 26.843925] ? __schedule+0x10cc/0x2b60 [ 26.843960] ? __pfx_read_tsc+0x10/0x10 [ 26.843994] ? ktime_get_ts64+0x86/0x230 [ 26.844030] kunit_try_run_case+0x1a5/0x480 [ 26.844073] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.844111] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.844147] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.844184] ? __kthread_parkme+0x82/0x180 [ 26.844216] ? preempt_count_sub+0x50/0x80 [ 26.844300] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.844344] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.844384] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.844422] kthread+0x337/0x6f0 [ 26.844452] ? trace_preempt_on+0x20/0xc0 [ 26.844489] ? __pfx_kthread+0x10/0x10 [ 26.844551] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.844587] ? calculate_sigpending+0x7b/0xa0 [ 26.844626] ? __pfx_kthread+0x10/0x10 [ 26.844659] ret_from_fork+0x116/0x1d0 [ 26.844689] ? __pfx_kthread+0x10/0x10 [ 26.844720] ret_from_fork_asm+0x1a/0x30 [ 26.844765] </TASK> [ 26.844783] [ 26.865209] Allocated by task 303: [ 26.866023] kasan_save_stack+0x45/0x70 [ 26.866620] kasan_save_track+0x18/0x40 [ 26.867478] kasan_save_alloc_info+0x3b/0x50 [ 26.867783] __kasan_kmalloc+0xb7/0xc0 [ 26.868043] __kmalloc_noprof+0x1c9/0x500 [ 26.868514] kunit_kmalloc_array+0x25/0x60 [ 26.868870] copy_user_test_oob+0xab/0x10f0 [ 26.870175] kunit_try_run_case+0x1a5/0x480 [ 26.870990] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.871649] kthread+0x337/0x6f0 [ 26.872102] ret_from_fork+0x116/0x1d0 [ 26.872614] ret_from_fork_asm+0x1a/0x30 [ 26.873442] [ 26.873692] The buggy address belongs to the object at ffff8881039c8700 [ 26.873692] which belongs to the cache kmalloc-128 of size 128 [ 26.874546] The buggy address is located 0 bytes inside of [ 26.874546] allocated 120-byte region [ffff8881039c8700, ffff8881039c8778) [ 26.875700] [ 26.875897] The buggy address belongs to the physical page: [ 26.876628] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c8 [ 26.877321] flags: 0x200000000000000(node=0|zone=2) [ 26.877887] page_type: f5(slab) [ 26.878183] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.878908] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.879684] page dumped because: kasan: bad access detected [ 26.880196] [ 26.880525] Memory state around the buggy address: [ 26.881082] ffff8881039c8600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.881753] ffff8881039c8680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.882205] >ffff8881039c8700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 26.882912] ^ [ 26.883576] ffff8881039c8780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.884164] ffff8881039c8800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.884703] ================================================================== [ 26.747308] ================================================================== [ 26.747947] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 26.748614] Write of size 121 at addr ffff8881039c8700 by task kunit_try_catch/303 [ 26.749973] [ 26.750273] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 26.750420] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.750464] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.750554] Call Trace: [ 26.750611] <TASK> [ 26.750672] dump_stack_lvl+0x73/0xb0 [ 26.750775] print_report+0xd1/0x650 [ 26.750827] ? __virt_addr_valid+0x1db/0x2d0 [ 26.750864] ? copy_user_test_oob+0x3fd/0x10f0 [ 26.750900] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.750933] ? copy_user_test_oob+0x3fd/0x10f0 [ 26.750968] kasan_report+0x141/0x180 [ 26.751001] ? copy_user_test_oob+0x3fd/0x10f0 [ 26.751042] kasan_check_range+0x10c/0x1c0 [ 26.751079] __kasan_check_write+0x18/0x20 [ 26.751109] copy_user_test_oob+0x3fd/0x10f0 [ 26.751146] ? __pfx_copy_user_test_oob+0x10/0x10 [ 26.751183] ? finish_task_switch.isra.0+0x153/0x700 [ 26.751220] ? __switch_to+0x47/0xf50 [ 26.751309] ? __schedule+0x10cc/0x2b60 [ 26.751345] ? __pfx_read_tsc+0x10/0x10 [ 26.751377] ? ktime_get_ts64+0x86/0x230 [ 26.751412] kunit_try_run_case+0x1a5/0x480 [ 26.751452] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.751488] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.751555] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.751591] ? __kthread_parkme+0x82/0x180 [ 26.751621] ? preempt_count_sub+0x50/0x80 [ 26.751654] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.751691] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.751728] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.751764] kthread+0x337/0x6f0 [ 26.751793] ? trace_preempt_on+0x20/0xc0 [ 26.751830] ? __pfx_kthread+0x10/0x10 [ 26.751860] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.751892] ? calculate_sigpending+0x7b/0xa0 [ 26.751928] ? __pfx_kthread+0x10/0x10 [ 26.751961] ret_from_fork+0x116/0x1d0 [ 26.751988] ? __pfx_kthread+0x10/0x10 [ 26.752019] ret_from_fork_asm+0x1a/0x30 [ 26.752062] </TASK> [ 26.752080] [ 26.770027] Allocated by task 303: [ 26.770704] kasan_save_stack+0x45/0x70 [ 26.772306] kasan_save_track+0x18/0x40 [ 26.773399] kasan_save_alloc_info+0x3b/0x50 [ 26.774439] __kasan_kmalloc+0xb7/0xc0 [ 26.775109] __kmalloc_noprof+0x1c9/0x500 [ 26.775404] kunit_kmalloc_array+0x25/0x60 [ 26.775758] copy_user_test_oob+0xab/0x10f0 [ 26.776424] kunit_try_run_case+0x1a5/0x480 [ 26.777660] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.778448] kthread+0x337/0x6f0 [ 26.778996] ret_from_fork+0x116/0x1d0 [ 26.779378] ret_from_fork_asm+0x1a/0x30 [ 26.780153] [ 26.780456] The buggy address belongs to the object at ffff8881039c8700 [ 26.780456] which belongs to the cache kmalloc-128 of size 128 [ 26.781369] The buggy address is located 0 bytes inside of [ 26.781369] allocated 120-byte region [ffff8881039c8700, ffff8881039c8778) [ 26.782331] [ 26.782644] The buggy address belongs to the physical page: [ 26.783532] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c8 [ 26.784044] flags: 0x200000000000000(node=0|zone=2) [ 26.784572] page_type: f5(slab) [ 26.784937] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.785707] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.786305] page dumped because: kasan: bad access detected [ 26.786744] [ 26.787000] Memory state around the buggy address: [ 26.787599] ffff8881039c8600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.788297] ffff8881039c8680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.788945] >ffff8881039c8700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 26.789690] ^ [ 26.790375] ffff8881039c8780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.790966] ffff8881039c8800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.791660] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 26.688726] ================================================================== [ 26.689438] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x3c/0x70 [ 26.690044] Read of size 121 at addr ffff8881039c8700 by task kunit_try_catch/303 [ 26.690780] [ 26.691004] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 26.691130] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.691172] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.691286] Call Trace: [ 26.691347] <TASK> [ 26.691403] dump_stack_lvl+0x73/0xb0 [ 26.691662] print_report+0xd1/0x650 [ 26.691757] ? __virt_addr_valid+0x1db/0x2d0 [ 26.691841] ? _copy_to_user+0x3c/0x70 [ 26.691917] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.691989] ? _copy_to_user+0x3c/0x70 [ 26.692064] kasan_report+0x141/0x180 [ 26.692112] ? _copy_to_user+0x3c/0x70 [ 26.692154] kasan_check_range+0x10c/0x1c0 [ 26.692195] __kasan_check_read+0x15/0x20 [ 26.692257] _copy_to_user+0x3c/0x70 [ 26.692309] copy_user_test_oob+0x364/0x10f0 [ 26.692354] ? __pfx_copy_user_test_oob+0x10/0x10 [ 26.692391] ? finish_task_switch.isra.0+0x153/0x700 [ 26.692428] ? __switch_to+0x47/0xf50 [ 26.692466] ? __schedule+0x10cc/0x2b60 [ 26.692526] ? __pfx_read_tsc+0x10/0x10 [ 26.692565] ? ktime_get_ts64+0x86/0x230 [ 26.692603] kunit_try_run_case+0x1a5/0x480 [ 26.692644] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.692684] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.692724] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.692762] ? __kthread_parkme+0x82/0x180 [ 26.692793] ? preempt_count_sub+0x50/0x80 [ 26.692827] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.692866] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.692904] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.692943] kthread+0x337/0x6f0 [ 26.692973] ? trace_preempt_on+0x20/0xc0 [ 26.693010] ? __pfx_kthread+0x10/0x10 [ 26.693043] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.693077] ? calculate_sigpending+0x7b/0xa0 [ 26.693113] ? __pfx_kthread+0x10/0x10 [ 26.693146] ret_from_fork+0x116/0x1d0 [ 26.693174] ? __pfx_kthread+0x10/0x10 [ 26.693204] ret_from_fork_asm+0x1a/0x30 [ 26.693286] </TASK> [ 26.693309] [ 26.719436] Allocated by task 303: [ 26.720982] kasan_save_stack+0x45/0x70 [ 26.721788] kasan_save_track+0x18/0x40 [ 26.722467] kasan_save_alloc_info+0x3b/0x50 [ 26.722824] __kasan_kmalloc+0xb7/0xc0 [ 26.723227] __kmalloc_noprof+0x1c9/0x500 [ 26.724067] kunit_kmalloc_array+0x25/0x60 [ 26.724760] copy_user_test_oob+0xab/0x10f0 [ 26.725141] kunit_try_run_case+0x1a5/0x480 [ 26.725991] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.726800] kthread+0x337/0x6f0 [ 26.727189] ret_from_fork+0x116/0x1d0 [ 26.727652] ret_from_fork_asm+0x1a/0x30 [ 26.728073] [ 26.728326] The buggy address belongs to the object at ffff8881039c8700 [ 26.728326] which belongs to the cache kmalloc-128 of size 128 [ 26.729551] The buggy address is located 0 bytes inside of [ 26.729551] allocated 120-byte region [ffff8881039c8700, ffff8881039c8778) [ 26.730596] [ 26.730881] The buggy address belongs to the physical page: [ 26.731523] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c8 [ 26.732112] flags: 0x200000000000000(node=0|zone=2) [ 26.732685] page_type: f5(slab) [ 26.733129] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.733801] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.734539] page dumped because: kasan: bad access detected [ 26.734942] [ 26.735214] Memory state around the buggy address: [ 26.735791] ffff8881039c8600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.736513] ffff8881039c8680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.737166] >ffff8881039c8700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 26.737842] ^ [ 26.738554] ffff8881039c8780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.739206] ffff8881039c8800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.739865] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 26.640420] ================================================================== [ 26.641655] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 26.642878] Write of size 121 at addr ffff8881039c8700 by task kunit_try_catch/303 [ 26.643521] [ 26.643777] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 26.643944] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.644016] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.644090] Call Trace: [ 26.644141] <TASK> [ 26.644204] dump_stack_lvl+0x73/0xb0 [ 26.644382] print_report+0xd1/0x650 [ 26.644518] ? __virt_addr_valid+0x1db/0x2d0 [ 26.644611] ? _copy_from_user+0x32/0x90 [ 26.644702] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.644818] ? _copy_from_user+0x32/0x90 [ 26.644901] kasan_report+0x141/0x180 [ 26.644950] ? _copy_from_user+0x32/0x90 [ 26.644988] kasan_check_range+0x10c/0x1c0 [ 26.645025] __kasan_check_write+0x18/0x20 [ 26.645094] _copy_from_user+0x32/0x90 [ 26.645144] copy_user_test_oob+0x2be/0x10f0 [ 26.645189] ? __pfx_copy_user_test_oob+0x10/0x10 [ 26.645282] ? finish_task_switch.isra.0+0x153/0x700 [ 26.645326] ? __switch_to+0x47/0xf50 [ 26.645366] ? __schedule+0x10cc/0x2b60 [ 26.645401] ? __pfx_read_tsc+0x10/0x10 [ 26.645434] ? ktime_get_ts64+0x86/0x230 [ 26.645470] kunit_try_run_case+0x1a5/0x480 [ 26.645538] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.645577] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.645633] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.645672] ? __kthread_parkme+0x82/0x180 [ 26.645703] ? preempt_count_sub+0x50/0x80 [ 26.645735] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.645772] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.645807] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.645845] kthread+0x337/0x6f0 [ 26.645874] ? trace_preempt_on+0x20/0xc0 [ 26.645910] ? __pfx_kthread+0x10/0x10 [ 26.645941] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.645973] ? calculate_sigpending+0x7b/0xa0 [ 26.646009] ? __pfx_kthread+0x10/0x10 [ 26.646040] ret_from_fork+0x116/0x1d0 [ 26.646068] ? __pfx_kthread+0x10/0x10 [ 26.646097] ret_from_fork_asm+0x1a/0x30 [ 26.646142] </TASK> [ 26.646162] [ 26.663533] Allocated by task 303: [ 26.663904] kasan_save_stack+0x45/0x70 [ 26.664464] kasan_save_track+0x18/0x40 [ 26.664965] kasan_save_alloc_info+0x3b/0x50 [ 26.665519] __kasan_kmalloc+0xb7/0xc0 [ 26.665938] __kmalloc_noprof+0x1c9/0x500 [ 26.666464] kunit_kmalloc_array+0x25/0x60 [ 26.666832] copy_user_test_oob+0xab/0x10f0 [ 26.667171] kunit_try_run_case+0x1a5/0x480 [ 26.667687] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.668306] kthread+0x337/0x6f0 [ 26.668724] ret_from_fork+0x116/0x1d0 [ 26.669166] ret_from_fork_asm+0x1a/0x30 [ 26.669662] [ 26.669915] The buggy address belongs to the object at ffff8881039c8700 [ 26.669915] which belongs to the cache kmalloc-128 of size 128 [ 26.670965] The buggy address is located 0 bytes inside of [ 26.670965] allocated 120-byte region [ffff8881039c8700, ffff8881039c8778) [ 26.671871] [ 26.672164] The buggy address belongs to the physical page: [ 26.672772] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c8 [ 26.673608] flags: 0x200000000000000(node=0|zone=2) [ 26.674163] page_type: f5(slab) [ 26.674649] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.675307] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.675999] page dumped because: kasan: bad access detected [ 26.676468] [ 26.676923] Memory state around the buggy address: [ 26.677908] ffff8881039c8600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.679030] ffff8881039c8680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.680600] >ffff8881039c8700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 26.681253] ^ [ 26.681902] ffff8881039c8780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.682554] ffff8881039c8800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.683118] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 26.564458] ================================================================== [ 26.565280] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 26.566927] Write of size 8 at addr ffff888101b3ea78 by task kunit_try_catch/299 [ 26.568401] [ 26.568780] CPU: 1 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 26.568920] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.568967] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.569037] Call Trace: [ 26.569089] <TASK> [ 26.569146] dump_stack_lvl+0x73/0xb0 [ 26.569261] print_report+0xd1/0x650 [ 26.569346] ? __virt_addr_valid+0x1db/0x2d0 [ 26.569453] ? copy_to_kernel_nofault+0x99/0x260 [ 26.569530] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.569607] ? copy_to_kernel_nofault+0x99/0x260 [ 26.569711] kasan_report+0x141/0x180 [ 26.569786] ? copy_to_kernel_nofault+0x99/0x260 [ 26.569861] kasan_check_range+0x10c/0x1c0 [ 26.569924] __kasan_check_write+0x18/0x20 [ 26.569979] copy_to_kernel_nofault+0x99/0x260 [ 26.570043] copy_to_kernel_nofault_oob+0x288/0x560 [ 26.570107] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 26.570168] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 26.570240] ? trace_hardirqs_on+0x37/0xe0 [ 26.570319] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 26.570392] kunit_try_run_case+0x1a5/0x480 [ 26.570463] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.570572] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.570655] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.570696] ? __kthread_parkme+0x82/0x180 [ 26.570729] ? preempt_count_sub+0x50/0x80 [ 26.570764] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.570803] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.570841] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.570878] kthread+0x337/0x6f0 [ 26.570906] ? trace_preempt_on+0x20/0xc0 [ 26.570939] ? __pfx_kthread+0x10/0x10 [ 26.570970] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.571003] ? calculate_sigpending+0x7b/0xa0 [ 26.571039] ? __pfx_kthread+0x10/0x10 [ 26.571070] ret_from_fork+0x116/0x1d0 [ 26.571098] ? __pfx_kthread+0x10/0x10 [ 26.571128] ret_from_fork_asm+0x1a/0x30 [ 26.571171] </TASK> [ 26.571187] [ 26.593037] Allocated by task 299: [ 26.594182] kasan_save_stack+0x45/0x70 [ 26.595073] kasan_save_track+0x18/0x40 [ 26.595625] kasan_save_alloc_info+0x3b/0x50 [ 26.596264] __kasan_kmalloc+0xb7/0xc0 [ 26.597033] __kmalloc_cache_noprof+0x189/0x420 [ 26.597726] copy_to_kernel_nofault_oob+0x12f/0x560 [ 26.598036] kunit_try_run_case+0x1a5/0x480 [ 26.598440] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.599458] kthread+0x337/0x6f0 [ 26.600251] ret_from_fork+0x116/0x1d0 [ 26.601063] ret_from_fork_asm+0x1a/0x30 [ 26.601418] [ 26.602213] The buggy address belongs to the object at ffff888101b3ea00 [ 26.602213] which belongs to the cache kmalloc-128 of size 128 [ 26.603799] The buggy address is located 0 bytes to the right of [ 26.603799] allocated 120-byte region [ffff888101b3ea00, ffff888101b3ea78) [ 26.605824] [ 26.606026] The buggy address belongs to the physical page: [ 26.606699] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 26.608134] flags: 0x200000000000000(node=0|zone=2) [ 26.608684] page_type: f5(slab) [ 26.609314] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.609945] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.610743] page dumped because: kasan: bad access detected [ 26.611303] [ 26.611779] Memory state around the buggy address: [ 26.612531] ffff888101b3e900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.613709] ffff888101b3e980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.614310] >ffff888101b3ea00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 26.615186] ^ [ 26.615871] ffff888101b3ea80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.616685] ffff888101b3eb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.617057] ================================================================== [ 26.509027] ================================================================== [ 26.510907] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 26.511619] Read of size 8 at addr ffff888101b3ea78 by task kunit_try_catch/299 [ 26.513164] [ 26.513865] CPU: 1 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 26.514014] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.514059] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.514133] Call Trace: [ 26.514307] <TASK> [ 26.514376] dump_stack_lvl+0x73/0xb0 [ 26.514547] print_report+0xd1/0x650 [ 26.514641] ? __virt_addr_valid+0x1db/0x2d0 [ 26.514717] ? copy_to_kernel_nofault+0x225/0x260 [ 26.514785] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.514846] ? copy_to_kernel_nofault+0x225/0x260 [ 26.514908] kasan_report+0x141/0x180 [ 26.514971] ? copy_to_kernel_nofault+0x225/0x260 [ 26.515045] __asan_report_load8_noabort+0x18/0x20 [ 26.515110] copy_to_kernel_nofault+0x225/0x260 [ 26.515175] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 26.515245] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 26.515317] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 26.515391] ? trace_hardirqs_on+0x37/0xe0 [ 26.515582] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 26.515679] kunit_try_run_case+0x1a5/0x480 [ 26.515729] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.515767] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.515805] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.515840] ? __kthread_parkme+0x82/0x180 [ 26.515873] ? preempt_count_sub+0x50/0x80 [ 26.515907] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.515944] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.515980] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.516016] kthread+0x337/0x6f0 [ 26.516046] ? trace_preempt_on+0x20/0xc0 [ 26.516079] ? __pfx_kthread+0x10/0x10 [ 26.516109] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.516142] ? calculate_sigpending+0x7b/0xa0 [ 26.516180] ? __pfx_kthread+0x10/0x10 [ 26.516212] ret_from_fork+0x116/0x1d0 [ 26.516287] ? __pfx_kthread+0x10/0x10 [ 26.516323] ret_from_fork_asm+0x1a/0x30 [ 26.516370] </TASK> [ 26.516388] [ 26.538997] Allocated by task 299: [ 26.540041] kasan_save_stack+0x45/0x70 [ 26.540377] kasan_save_track+0x18/0x40 [ 26.541025] kasan_save_alloc_info+0x3b/0x50 [ 26.541758] __kasan_kmalloc+0xb7/0xc0 [ 26.542168] __kmalloc_cache_noprof+0x189/0x420 [ 26.543073] copy_to_kernel_nofault_oob+0x12f/0x560 [ 26.543792] kunit_try_run_case+0x1a5/0x480 [ 26.544079] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.544907] kthread+0x337/0x6f0 [ 26.545960] ret_from_fork+0x116/0x1d0 [ 26.547012] ret_from_fork_asm+0x1a/0x30 [ 26.547701] [ 26.548081] The buggy address belongs to the object at ffff888101b3ea00 [ 26.548081] which belongs to the cache kmalloc-128 of size 128 [ 26.549122] The buggy address is located 0 bytes to the right of [ 26.549122] allocated 120-byte region [ffff888101b3ea00, ffff888101b3ea78) [ 26.550600] [ 26.550883] The buggy address belongs to the physical page: [ 26.551376] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 26.552105] flags: 0x200000000000000(node=0|zone=2) [ 26.552841] page_type: f5(slab) [ 26.553267] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.554673] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.555302] page dumped because: kasan: bad access detected [ 26.555989] [ 26.556206] Memory state around the buggy address: [ 26.556724] ffff888101b3e900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.557895] ffff888101b3e980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.558475] >ffff888101b3ea00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 26.559036] ^ [ 26.559701] ffff888101b3ea80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.560702] ffff888101b3eb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.561319] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 23.577970] ================================================================== [ 23.578412] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 23.579026] Write of size 4 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 23.579785] [ 23.580069] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 23.580208] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.580302] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.580390] Call Trace: [ 23.580465] <TASK> [ 23.580598] dump_stack_lvl+0x73/0xb0 [ 23.580699] print_report+0xd1/0x650 [ 23.580779] ? __virt_addr_valid+0x1db/0x2d0 [ 23.580857] ? kasan_atomics_helper+0x4a0/0x5450 [ 23.580934] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.581012] ? kasan_atomics_helper+0x4a0/0x5450 [ 23.581087] kasan_report+0x141/0x180 [ 23.581164] ? kasan_atomics_helper+0x4a0/0x5450 [ 23.581287] kasan_check_range+0x10c/0x1c0 [ 23.581374] __kasan_check_write+0x18/0x20 [ 23.581477] kasan_atomics_helper+0x4a0/0x5450 [ 23.581608] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.581708] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.581832] ? kasan_atomics+0x152/0x310 [ 23.581957] kasan_atomics+0x1dc/0x310 [ 23.582046] ? __pfx_kasan_atomics+0x10/0x10 [ 23.582124] ? __pfx_read_tsc+0x10/0x10 [ 23.582190] ? ktime_get_ts64+0x86/0x230 [ 23.582301] kunit_try_run_case+0x1a5/0x480 [ 23.582378] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.582448] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.582571] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.582704] ? __kthread_parkme+0x82/0x180 [ 23.582787] ? preempt_count_sub+0x50/0x80 [ 23.582866] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.582947] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.583032] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.583111] kthread+0x337/0x6f0 [ 23.583145] ? trace_preempt_on+0x20/0xc0 [ 23.583182] ? __pfx_kthread+0x10/0x10 [ 23.583214] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.583298] ? calculate_sigpending+0x7b/0xa0 [ 23.583339] ? __pfx_kthread+0x10/0x10 [ 23.583371] ret_from_fork+0x116/0x1d0 [ 23.583398] ? __pfx_kthread+0x10/0x10 [ 23.583433] ret_from_fork_asm+0x1a/0x30 [ 23.583476] </TASK> [ 23.583493] [ 23.603261] Allocated by task 283: [ 23.603634] kasan_save_stack+0x45/0x70 [ 23.604009] kasan_save_track+0x18/0x40 [ 23.604380] kasan_save_alloc_info+0x3b/0x50 [ 23.604881] __kasan_kmalloc+0xb7/0xc0 [ 23.605460] __kmalloc_cache_noprof+0x189/0x420 [ 23.606128] kasan_atomics+0x95/0x310 [ 23.606656] kunit_try_run_case+0x1a5/0x480 [ 23.608256] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.609398] kthread+0x337/0x6f0 [ 23.610040] ret_from_fork+0x116/0x1d0 [ 23.610482] ret_from_fork_asm+0x1a/0x30 [ 23.610836] [ 23.611032] The buggy address belongs to the object at ffff8881039d9c80 [ 23.611032] which belongs to the cache kmalloc-64 of size 64 [ 23.613640] The buggy address is located 0 bytes to the right of [ 23.613640] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 23.615263] [ 23.615542] The buggy address belongs to the physical page: [ 23.616762] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 23.617847] flags: 0x200000000000000(node=0|zone=2) [ 23.618388] page_type: f5(slab) [ 23.618867] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.619643] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.620491] page dumped because: kasan: bad access detected [ 23.620995] [ 23.621333] Memory state around the buggy address: [ 23.621804] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.622747] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.624056] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.625108] ^ [ 23.625764] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.627017] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.627795] ================================================================== [ 26.063087] ================================================================== [ 26.065854] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 26.067244] Read of size 8 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 26.067898] [ 26.068149] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 26.068312] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.068361] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.068563] Call Trace: [ 26.068625] <TASK> [ 26.068679] dump_stack_lvl+0x73/0xb0 [ 26.068740] print_report+0xd1/0x650 [ 26.068779] ? __virt_addr_valid+0x1db/0x2d0 [ 26.068816] ? kasan_atomics_helper+0x4f71/0x5450 [ 26.068851] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.068886] ? kasan_atomics_helper+0x4f71/0x5450 [ 26.068920] kasan_report+0x141/0x180 [ 26.068952] ? kasan_atomics_helper+0x4f71/0x5450 [ 26.068991] __asan_report_load8_noabort+0x18/0x20 [ 26.069030] kasan_atomics_helper+0x4f71/0x5450 [ 26.069065] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.069099] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.069143] ? kasan_atomics+0x152/0x310 [ 26.069183] kasan_atomics+0x1dc/0x310 [ 26.069240] ? __pfx_kasan_atomics+0x10/0x10 [ 26.069304] ? __pfx_read_tsc+0x10/0x10 [ 26.069341] ? ktime_get_ts64+0x86/0x230 [ 26.069381] kunit_try_run_case+0x1a5/0x480 [ 26.069425] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.069468] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.069532] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.069575] ? __kthread_parkme+0x82/0x180 [ 26.069608] ? preempt_count_sub+0x50/0x80 [ 26.069659] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.069698] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.069736] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.069775] kthread+0x337/0x6f0 [ 26.069806] ? trace_preempt_on+0x20/0xc0 [ 26.069842] ? __pfx_kthread+0x10/0x10 [ 26.069873] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.069906] ? calculate_sigpending+0x7b/0xa0 [ 26.069942] ? __pfx_kthread+0x10/0x10 [ 26.069974] ret_from_fork+0x116/0x1d0 [ 26.070001] ? __pfx_kthread+0x10/0x10 [ 26.070031] ret_from_fork_asm+0x1a/0x30 [ 26.070074] </TASK> [ 26.070092] [ 26.088541] Allocated by task 283: [ 26.088960] kasan_save_stack+0x45/0x70 [ 26.089517] kasan_save_track+0x18/0x40 [ 26.089967] kasan_save_alloc_info+0x3b/0x50 [ 26.090557] __kasan_kmalloc+0xb7/0xc0 [ 26.091054] __kmalloc_cache_noprof+0x189/0x420 [ 26.091675] kasan_atomics+0x95/0x310 [ 26.092068] kunit_try_run_case+0x1a5/0x480 [ 26.092723] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.093377] kthread+0x337/0x6f0 [ 26.093931] ret_from_fork+0x116/0x1d0 [ 26.094313] ret_from_fork_asm+0x1a/0x30 [ 26.094693] [ 26.094938] The buggy address belongs to the object at ffff8881039d9c80 [ 26.094938] which belongs to the cache kmalloc-64 of size 64 [ 26.096032] The buggy address is located 0 bytes to the right of [ 26.096032] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 26.097170] [ 26.097461] The buggy address belongs to the physical page: [ 26.097956] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 26.098744] flags: 0x200000000000000(node=0|zone=2) [ 26.099112] page_type: f5(slab) [ 26.099613] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.100438] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.101156] page dumped because: kasan: bad access detected [ 26.101772] [ 26.102016] Memory state around the buggy address: [ 26.102540] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.103132] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.103841] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.104422] ^ [ 26.104992] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.105764] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.106445] ================================================================== [ 24.420628] ================================================================== [ 24.421130] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 24.422725] Write of size 4 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 24.423255] [ 24.423787] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 24.423924] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.423992] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.424062] Call Trace: [ 24.424456] <TASK> [ 24.424528] dump_stack_lvl+0x73/0xb0 [ 24.424649] print_report+0xd1/0x650 [ 24.424736] ? __virt_addr_valid+0x1db/0x2d0 [ 24.424803] ? kasan_atomics_helper+0xd47/0x5450 [ 24.424840] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.424876] ? kasan_atomics_helper+0xd47/0x5450 [ 24.424909] kasan_report+0x141/0x180 [ 24.424942] ? kasan_atomics_helper+0xd47/0x5450 [ 24.424982] kasan_check_range+0x10c/0x1c0 [ 24.425019] __kasan_check_write+0x18/0x20 [ 24.425049] kasan_atomics_helper+0xd47/0x5450 [ 24.425083] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.425117] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.425162] ? kasan_atomics+0x152/0x310 [ 24.425202] kasan_atomics+0x1dc/0x310 [ 24.425305] ? __pfx_kasan_atomics+0x10/0x10 [ 24.425390] ? __pfx_read_tsc+0x10/0x10 [ 24.425428] ? ktime_get_ts64+0x86/0x230 [ 24.425466] kunit_try_run_case+0x1a5/0x480 [ 24.425544] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.425649] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.425721] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.425788] ? __kthread_parkme+0x82/0x180 [ 24.425863] ? preempt_count_sub+0x50/0x80 [ 24.425932] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.425999] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.426071] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.426148] kthread+0x337/0x6f0 [ 24.426207] ? trace_preempt_on+0x20/0xc0 [ 24.426281] ? __pfx_kthread+0x10/0x10 [ 24.426315] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.426349] ? calculate_sigpending+0x7b/0xa0 [ 24.426385] ? __pfx_kthread+0x10/0x10 [ 24.426417] ret_from_fork+0x116/0x1d0 [ 24.426446] ? __pfx_kthread+0x10/0x10 [ 24.426478] ret_from_fork_asm+0x1a/0x30 [ 24.426561] </TASK> [ 24.426603] [ 24.450239] Allocated by task 283: [ 24.450653] kasan_save_stack+0x45/0x70 [ 24.452102] kasan_save_track+0x18/0x40 [ 24.452732] kasan_save_alloc_info+0x3b/0x50 [ 24.453105] __kasan_kmalloc+0xb7/0xc0 [ 24.453926] __kmalloc_cache_noprof+0x189/0x420 [ 24.454992] kasan_atomics+0x95/0x310 [ 24.456079] kunit_try_run_case+0x1a5/0x480 [ 24.456784] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.458006] kthread+0x337/0x6f0 [ 24.458185] ret_from_fork+0x116/0x1d0 [ 24.458918] ret_from_fork_asm+0x1a/0x30 [ 24.459582] [ 24.459831] The buggy address belongs to the object at ffff8881039d9c80 [ 24.459831] which belongs to the cache kmalloc-64 of size 64 [ 24.461247] The buggy address is located 0 bytes to the right of [ 24.461247] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 24.463586] [ 24.463975] The buggy address belongs to the physical page: [ 24.464849] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 24.465810] flags: 0x200000000000000(node=0|zone=2) [ 24.466983] page_type: f5(slab) [ 24.467594] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.468407] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.469170] page dumped because: kasan: bad access detected [ 24.469954] [ 24.470178] Memory state around the buggy address: [ 24.470595] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.471055] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.472282] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.473657] ^ [ 24.474710] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.475667] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.476235] ================================================================== [ 25.483383] ================================================================== [ 25.485020] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 25.485746] Write of size 8 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 25.486449] [ 25.486783] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 25.486922] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.486966] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.487058] Call Trace: [ 25.487140] <TASK> [ 25.487198] dump_stack_lvl+0x73/0xb0 [ 25.487283] print_report+0xd1/0x650 [ 25.487324] ? __virt_addr_valid+0x1db/0x2d0 [ 25.487397] ? kasan_atomics_helper+0x1818/0x5450 [ 25.487476] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.487579] ? kasan_atomics_helper+0x1818/0x5450 [ 25.487660] kasan_report+0x141/0x180 [ 25.487763] ? kasan_atomics_helper+0x1818/0x5450 [ 25.487885] kasan_check_range+0x10c/0x1c0 [ 25.487967] __kasan_check_write+0x18/0x20 [ 25.488026] kasan_atomics_helper+0x1818/0x5450 [ 25.488066] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.488100] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.488146] ? kasan_atomics+0x152/0x310 [ 25.488187] kasan_atomics+0x1dc/0x310 [ 25.488232] ? __pfx_kasan_atomics+0x10/0x10 [ 25.488312] ? __pfx_read_tsc+0x10/0x10 [ 25.488351] ? ktime_get_ts64+0x86/0x230 [ 25.488389] kunit_try_run_case+0x1a5/0x480 [ 25.488432] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.488469] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.488532] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.488573] ? __kthread_parkme+0x82/0x180 [ 25.488606] ? preempt_count_sub+0x50/0x80 [ 25.488640] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.488678] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.488715] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.488753] kthread+0x337/0x6f0 [ 25.488782] ? trace_preempt_on+0x20/0xc0 [ 25.488817] ? __pfx_kthread+0x10/0x10 [ 25.488847] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.488880] ? calculate_sigpending+0x7b/0xa0 [ 25.488917] ? __pfx_kthread+0x10/0x10 [ 25.488950] ret_from_fork+0x116/0x1d0 [ 25.488980] ? __pfx_kthread+0x10/0x10 [ 25.489010] ret_from_fork_asm+0x1a/0x30 [ 25.489053] </TASK> [ 25.489069] [ 25.506405] Allocated by task 283: [ 25.506885] kasan_save_stack+0x45/0x70 [ 25.507580] kasan_save_track+0x18/0x40 [ 25.508008] kasan_save_alloc_info+0x3b/0x50 [ 25.508603] __kasan_kmalloc+0xb7/0xc0 [ 25.509073] __kmalloc_cache_noprof+0x189/0x420 [ 25.509732] kasan_atomics+0x95/0x310 [ 25.510283] kunit_try_run_case+0x1a5/0x480 [ 25.510763] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.511752] kthread+0x337/0x6f0 [ 25.512621] ret_from_fork+0x116/0x1d0 [ 25.513032] ret_from_fork_asm+0x1a/0x30 [ 25.513558] [ 25.513825] The buggy address belongs to the object at ffff8881039d9c80 [ 25.513825] which belongs to the cache kmalloc-64 of size 64 [ 25.514914] The buggy address is located 0 bytes to the right of [ 25.514914] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 25.515745] [ 25.515997] The buggy address belongs to the physical page: [ 25.516699] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 25.517586] flags: 0x200000000000000(node=0|zone=2) [ 25.518353] page_type: f5(slab) [ 25.518752] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.519636] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.520100] page dumped because: kasan: bad access detected [ 25.520616] [ 25.520939] Memory state around the buggy address: [ 25.521450] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.522082] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.523602] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.524244] ^ [ 25.524923] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.525828] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.526721] ================================================================== [ 26.417456] ================================================================== [ 26.418516] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 26.419177] Read of size 8 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 26.419823] [ 26.420107] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 26.420249] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.420291] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.420359] Call Trace: [ 26.420418] <TASK> [ 26.420482] dump_stack_lvl+0x73/0xb0 [ 26.420613] print_report+0xd1/0x650 [ 26.420701] ? __virt_addr_valid+0x1db/0x2d0 [ 26.420792] ? kasan_atomics_helper+0x5115/0x5450 [ 26.420868] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.420926] ? kasan_atomics_helper+0x5115/0x5450 [ 26.420999] kasan_report+0x141/0x180 [ 26.421081] ? kasan_atomics_helper+0x5115/0x5450 [ 26.421171] __asan_report_load8_noabort+0x18/0x20 [ 26.421259] kasan_atomics_helper+0x5115/0x5450 [ 26.421346] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.421424] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.421974] ? kasan_atomics+0x152/0x310 [ 26.422067] kasan_atomics+0x1dc/0x310 [ 26.422148] ? __pfx_kasan_atomics+0x10/0x10 [ 26.422231] ? __pfx_read_tsc+0x10/0x10 [ 26.422307] ? ktime_get_ts64+0x86/0x230 [ 26.422424] kunit_try_run_case+0x1a5/0x480 [ 26.422534] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.422618] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.422698] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.422777] ? __kthread_parkme+0x82/0x180 [ 26.422853] ? preempt_count_sub+0x50/0x80 [ 26.422932] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.423016] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.423078] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.423118] kthread+0x337/0x6f0 [ 26.423148] ? trace_preempt_on+0x20/0xc0 [ 26.423185] ? __pfx_kthread+0x10/0x10 [ 26.423218] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.423286] ? calculate_sigpending+0x7b/0xa0 [ 26.423326] ? __pfx_kthread+0x10/0x10 [ 26.423361] ret_from_fork+0x116/0x1d0 [ 26.423389] ? __pfx_kthread+0x10/0x10 [ 26.423419] ret_from_fork_asm+0x1a/0x30 [ 26.423463] </TASK> [ 26.423481] [ 26.444948] Allocated by task 283: [ 26.445300] kasan_save_stack+0x45/0x70 [ 26.445844] kasan_save_track+0x18/0x40 [ 26.446155] kasan_save_alloc_info+0x3b/0x50 [ 26.446454] __kasan_kmalloc+0xb7/0xc0 [ 26.446873] __kmalloc_cache_noprof+0x189/0x420 [ 26.447351] kasan_atomics+0x95/0x310 [ 26.447768] kunit_try_run_case+0x1a5/0x480 [ 26.448200] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.448604] kthread+0x337/0x6f0 [ 26.449770] ret_from_fork+0x116/0x1d0 [ 26.450218] ret_from_fork_asm+0x1a/0x30 [ 26.451145] [ 26.451342] The buggy address belongs to the object at ffff8881039d9c80 [ 26.451342] which belongs to the cache kmalloc-64 of size 64 [ 26.452857] The buggy address is located 0 bytes to the right of [ 26.452857] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 26.453469] [ 26.454543] The buggy address belongs to the physical page: [ 26.455059] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 26.455829] flags: 0x200000000000000(node=0|zone=2) [ 26.456308] page_type: f5(slab) [ 26.456675] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.457214] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.457823] page dumped because: kasan: bad access detected [ 26.458398] [ 26.458690] Memory state around the buggy address: [ 26.459192] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.459794] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.460416] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.460939] ^ [ 26.461292] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.462013] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.462731] ================================================================== [ 26.325078] ================================================================== [ 26.325566] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 26.326121] Read of size 8 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 26.327171] [ 26.327447] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 26.327597] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.327642] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.327707] Call Trace: [ 26.327763] <TASK> [ 26.327826] dump_stack_lvl+0x73/0xb0 [ 26.327927] print_report+0xd1/0x650 [ 26.328014] ? __virt_addr_valid+0x1db/0x2d0 [ 26.328096] ? kasan_atomics_helper+0x4fa5/0x5450 [ 26.328174] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.328264] ? kasan_atomics_helper+0x4fa5/0x5450 [ 26.328346] kasan_report+0x141/0x180 [ 26.328433] ? kasan_atomics_helper+0x4fa5/0x5450 [ 26.328880] __asan_report_load8_noabort+0x18/0x20 [ 26.328974] kasan_atomics_helper+0x4fa5/0x5450 [ 26.329055] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.329134] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.329232] ? kasan_atomics+0x152/0x310 [ 26.329322] kasan_atomics+0x1dc/0x310 [ 26.329400] ? __pfx_kasan_atomics+0x10/0x10 [ 26.329473] ? __pfx_read_tsc+0x10/0x10 [ 26.329571] ? ktime_get_ts64+0x86/0x230 [ 26.329669] kunit_try_run_case+0x1a5/0x480 [ 26.329759] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.329841] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.329922] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.330007] ? __kthread_parkme+0x82/0x180 [ 26.330079] ? preempt_count_sub+0x50/0x80 [ 26.330162] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.330251] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.330333] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.330415] kthread+0x337/0x6f0 [ 26.330487] ? trace_preempt_on+0x20/0xc0 [ 26.330627] ? __pfx_kthread+0x10/0x10 [ 26.330688] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.330753] ? calculate_sigpending+0x7b/0xa0 [ 26.330830] ? __pfx_kthread+0x10/0x10 [ 26.330901] ret_from_fork+0x116/0x1d0 [ 26.330971] ? __pfx_kthread+0x10/0x10 [ 26.331048] ret_from_fork_asm+0x1a/0x30 [ 26.331147] </TASK> [ 26.331188] [ 26.355141] Allocated by task 283: [ 26.355782] kasan_save_stack+0x45/0x70 [ 26.356544] kasan_save_track+0x18/0x40 [ 26.357137] kasan_save_alloc_info+0x3b/0x50 [ 26.357561] __kasan_kmalloc+0xb7/0xc0 [ 26.357992] __kmalloc_cache_noprof+0x189/0x420 [ 26.358455] kasan_atomics+0x95/0x310 [ 26.358908] kunit_try_run_case+0x1a5/0x480 [ 26.359383] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.359923] kthread+0x337/0x6f0 [ 26.360363] ret_from_fork+0x116/0x1d0 [ 26.360789] ret_from_fork_asm+0x1a/0x30 [ 26.361273] [ 26.361520] The buggy address belongs to the object at ffff8881039d9c80 [ 26.361520] which belongs to the cache kmalloc-64 of size 64 [ 26.362435] The buggy address is located 0 bytes to the right of [ 26.362435] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 26.363444] [ 26.363709] The buggy address belongs to the physical page: [ 26.364189] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 26.364868] flags: 0x200000000000000(node=0|zone=2) [ 26.365376] page_type: f5(slab) [ 26.365715] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.366457] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.367032] page dumped because: kasan: bad access detected [ 26.368135] [ 26.368680] Memory state around the buggy address: [ 26.369396] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.369908] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.370426] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.371186] ^ [ 26.371592] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.372184] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.372917] ================================================================== [ 24.243397] ================================================================== [ 24.244047] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 24.244836] Write of size 4 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 24.245657] [ 24.245916] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 24.246704] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.246748] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.246814] Call Trace: [ 24.246866] <TASK> [ 24.246922] dump_stack_lvl+0x73/0xb0 [ 24.247026] print_report+0xd1/0x650 [ 24.247107] ? __virt_addr_valid+0x1db/0x2d0 [ 24.247191] ? kasan_atomics_helper+0xb6a/0x5450 [ 24.247675] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.248133] ? kasan_atomics_helper+0xb6a/0x5450 [ 24.248259] kasan_report+0x141/0x180 [ 24.248348] ? kasan_atomics_helper+0xb6a/0x5450 [ 24.248441] kasan_check_range+0x10c/0x1c0 [ 24.248581] __kasan_check_write+0x18/0x20 [ 24.248662] kasan_atomics_helper+0xb6a/0x5450 [ 24.248743] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.248794] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.248844] ? kasan_atomics+0x152/0x310 [ 24.248884] kasan_atomics+0x1dc/0x310 [ 24.248919] ? __pfx_kasan_atomics+0x10/0x10 [ 24.248956] ? __pfx_read_tsc+0x10/0x10 [ 24.248988] ? ktime_get_ts64+0x86/0x230 [ 24.249024] kunit_try_run_case+0x1a5/0x480 [ 24.249065] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.249101] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.249136] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.249169] ? __kthread_parkme+0x82/0x180 [ 24.249200] ? preempt_count_sub+0x50/0x80 [ 24.249290] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.249335] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.249372] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.249409] kthread+0x337/0x6f0 [ 24.249439] ? trace_preempt_on+0x20/0xc0 [ 24.249475] ? __pfx_kthread+0x10/0x10 [ 24.249534] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.249609] ? calculate_sigpending+0x7b/0xa0 [ 24.249702] ? __pfx_kthread+0x10/0x10 [ 24.249762] ret_from_fork+0x116/0x1d0 [ 24.249818] ? __pfx_kthread+0x10/0x10 [ 24.249877] ret_from_fork_asm+0x1a/0x30 [ 24.249956] </TASK> [ 24.249988] [ 24.271981] Allocated by task 283: [ 24.272587] kasan_save_stack+0x45/0x70 [ 24.273736] kasan_save_track+0x18/0x40 [ 24.274588] kasan_save_alloc_info+0x3b/0x50 [ 24.275859] __kasan_kmalloc+0xb7/0xc0 [ 24.276201] __kmalloc_cache_noprof+0x189/0x420 [ 24.276992] kasan_atomics+0x95/0x310 [ 24.277592] kunit_try_run_case+0x1a5/0x480 [ 24.278283] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.278783] kthread+0x337/0x6f0 [ 24.279879] ret_from_fork+0x116/0x1d0 [ 24.280489] ret_from_fork_asm+0x1a/0x30 [ 24.281354] [ 24.281572] The buggy address belongs to the object at ffff8881039d9c80 [ 24.281572] which belongs to the cache kmalloc-64 of size 64 [ 24.283138] The buggy address is located 0 bytes to the right of [ 24.283138] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 24.284029] [ 24.284194] The buggy address belongs to the physical page: [ 24.284570] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 24.285023] flags: 0x200000000000000(node=0|zone=2) [ 24.285365] page_type: f5(slab) [ 24.285771] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.286460] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.288055] page dumped because: kasan: bad access detected [ 24.289454] [ 24.289702] Memory state around the buggy address: [ 24.290712] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.291328] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.292174] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.293447] ^ [ 24.295853] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.298062] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.299669] ================================================================== [ 23.251296] ================================================================== [ 23.252403] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 23.253046] Read of size 4 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 23.253653] [ 23.253924] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 23.254059] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.254096] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.254163] Call Trace: [ 23.254202] <TASK> [ 23.254255] dump_stack_lvl+0x73/0xb0 [ 23.254358] print_report+0xd1/0x650 [ 23.254437] ? __virt_addr_valid+0x1db/0x2d0 [ 23.254541] ? kasan_atomics_helper+0x4bbc/0x5450 [ 23.255040] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.255118] ? kasan_atomics_helper+0x4bbc/0x5450 [ 23.255192] kasan_report+0x141/0x180 [ 23.255467] ? kasan_atomics_helper+0x4bbc/0x5450 [ 23.255638] __asan_report_load4_noabort+0x18/0x20 [ 23.255724] kasan_atomics_helper+0x4bbc/0x5450 [ 23.255800] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.255896] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.255978] ? kasan_atomics+0x152/0x310 [ 23.256019] kasan_atomics+0x1dc/0x310 [ 23.256053] ? __pfx_kasan_atomics+0x10/0x10 [ 23.256089] ? __pfx_read_tsc+0x10/0x10 [ 23.256123] ? ktime_get_ts64+0x86/0x230 [ 23.256157] kunit_try_run_case+0x1a5/0x480 [ 23.256195] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.256276] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.256321] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.256357] ? __kthread_parkme+0x82/0x180 [ 23.256389] ? preempt_count_sub+0x50/0x80 [ 23.256420] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.256456] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.256490] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.256603] kthread+0x337/0x6f0 [ 23.256688] ? trace_preempt_on+0x20/0xc0 [ 23.256731] ? __pfx_kthread+0x10/0x10 [ 23.256760] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.256794] ? calculate_sigpending+0x7b/0xa0 [ 23.256830] ? __pfx_kthread+0x10/0x10 [ 23.256859] ret_from_fork+0x116/0x1d0 [ 23.256886] ? __pfx_kthread+0x10/0x10 [ 23.256915] ret_from_fork_asm+0x1a/0x30 [ 23.256956] </TASK> [ 23.256973] [ 23.273867] Allocated by task 283: [ 23.274347] kasan_save_stack+0x45/0x70 [ 23.274859] kasan_save_track+0x18/0x40 [ 23.275308] kasan_save_alloc_info+0x3b/0x50 [ 23.275731] __kasan_kmalloc+0xb7/0xc0 [ 23.276049] __kmalloc_cache_noprof+0x189/0x420 [ 23.276470] kasan_atomics+0x95/0x310 [ 23.276906] kunit_try_run_case+0x1a5/0x480 [ 23.277476] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.278055] kthread+0x337/0x6f0 [ 23.278759] ret_from_fork+0x116/0x1d0 [ 23.279145] ret_from_fork_asm+0x1a/0x30 [ 23.279691] [ 23.279936] The buggy address belongs to the object at ffff8881039d9c80 [ 23.279936] which belongs to the cache kmalloc-64 of size 64 [ 23.280876] The buggy address is located 0 bytes to the right of [ 23.280876] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 23.281832] [ 23.282025] The buggy address belongs to the physical page: [ 23.282453] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 23.283159] flags: 0x200000000000000(node=0|zone=2) [ 23.283928] page_type: f5(slab) [ 23.284204] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.284788] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.285464] page dumped because: kasan: bad access detected [ 23.286096] [ 23.286399] Memory state around the buggy address: [ 23.286982] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.287436] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.288733] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.289392] ^ [ 23.290033] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.290858] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.291402] ================================================================== [ 25.222432] ================================================================== [ 25.222988] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 25.223704] Write of size 8 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 25.224339] [ 25.224640] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 25.224772] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.224820] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.224889] Call Trace: [ 25.224944] <TASK> [ 25.224999] dump_stack_lvl+0x73/0xb0 [ 25.225095] print_report+0xd1/0x650 [ 25.225184] ? __virt_addr_valid+0x1db/0x2d0 [ 25.225309] ? kasan_atomics_helper+0x50d4/0x5450 [ 25.225389] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.225472] ? kasan_atomics_helper+0x50d4/0x5450 [ 25.225575] kasan_report+0x141/0x180 [ 25.225674] ? kasan_atomics_helper+0x50d4/0x5450 [ 25.225766] __asan_report_store8_noabort+0x1b/0x30 [ 25.225846] kasan_atomics_helper+0x50d4/0x5450 [ 25.225929] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.226017] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.226121] ? kasan_atomics+0x152/0x310 [ 25.226215] kasan_atomics+0x1dc/0x310 [ 25.226345] ? __pfx_kasan_atomics+0x10/0x10 [ 25.226429] ? __pfx_read_tsc+0x10/0x10 [ 25.226525] ? ktime_get_ts64+0x86/0x230 [ 25.226573] kunit_try_run_case+0x1a5/0x480 [ 25.226618] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.226694] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.226781] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.226866] ? __kthread_parkme+0x82/0x180 [ 25.226951] ? preempt_count_sub+0x50/0x80 [ 25.227038] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.227121] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.227209] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.227338] kthread+0x337/0x6f0 [ 25.227411] ? trace_preempt_on+0x20/0xc0 [ 25.227466] ? __pfx_kthread+0x10/0x10 [ 25.227525] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.227562] ? calculate_sigpending+0x7b/0xa0 [ 25.227598] ? __pfx_kthread+0x10/0x10 [ 25.227632] ret_from_fork+0x116/0x1d0 [ 25.227660] ? __pfx_kthread+0x10/0x10 [ 25.227690] ret_from_fork_asm+0x1a/0x30 [ 25.227735] </TASK> [ 25.227752] [ 25.242110] Allocated by task 283: [ 25.242628] kasan_save_stack+0x45/0x70 [ 25.243097] kasan_save_track+0x18/0x40 [ 25.243561] kasan_save_alloc_info+0x3b/0x50 [ 25.243967] __kasan_kmalloc+0xb7/0xc0 [ 25.244441] __kmalloc_cache_noprof+0x189/0x420 [ 25.244921] kasan_atomics+0x95/0x310 [ 25.245302] kunit_try_run_case+0x1a5/0x480 [ 25.245779] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.246269] kthread+0x337/0x6f0 [ 25.246686] ret_from_fork+0x116/0x1d0 [ 25.247080] ret_from_fork_asm+0x1a/0x30 [ 25.247538] [ 25.247782] The buggy address belongs to the object at ffff8881039d9c80 [ 25.247782] which belongs to the cache kmalloc-64 of size 64 [ 25.248664] The buggy address is located 0 bytes to the right of [ 25.248664] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 25.249429] [ 25.249712] The buggy address belongs to the physical page: [ 25.250309] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 25.251120] flags: 0x200000000000000(node=0|zone=2) [ 25.251966] page_type: f5(slab) [ 25.252380] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.253028] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.254076] page dumped because: kasan: bad access detected [ 25.255090] [ 25.255480] Memory state around the buggy address: [ 25.256134] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.257403] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.258081] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.259060] ^ [ 25.259553] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.260486] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.261111] ================================================================== [ 24.300611] ================================================================== [ 24.301040] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 24.305437] Write of size 4 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 24.308162] [ 24.309144] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 24.309326] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.309351] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.309390] Call Trace: [ 24.309416] <TASK> [ 24.309441] dump_stack_lvl+0x73/0xb0 [ 24.309545] print_report+0xd1/0x650 [ 24.309692] ? __virt_addr_valid+0x1db/0x2d0 [ 24.309761] ? kasan_atomics_helper+0xc70/0x5450 [ 24.309803] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.309837] ? kasan_atomics_helper+0xc70/0x5450 [ 24.309870] kasan_report+0x141/0x180 [ 24.309905] ? kasan_atomics_helper+0xc70/0x5450 [ 24.309943] kasan_check_range+0x10c/0x1c0 [ 24.309978] __kasan_check_write+0x18/0x20 [ 24.310006] kasan_atomics_helper+0xc70/0x5450 [ 24.310040] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.310073] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.310118] ? kasan_atomics+0x152/0x310 [ 24.310157] kasan_atomics+0x1dc/0x310 [ 24.310192] ? __pfx_kasan_atomics+0x10/0x10 [ 24.310273] ? __pfx_read_tsc+0x10/0x10 [ 24.310314] ? ktime_get_ts64+0x86/0x230 [ 24.310351] kunit_try_run_case+0x1a5/0x480 [ 24.310392] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.310428] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.310464] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.310524] ? __kthread_parkme+0x82/0x180 [ 24.310599] ? preempt_count_sub+0x50/0x80 [ 24.310681] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.310752] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.310826] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.310903] kthread+0x337/0x6f0 [ 24.310960] ? trace_preempt_on+0x20/0xc0 [ 24.311025] ? __pfx_kthread+0x10/0x10 [ 24.311087] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.311158] ? calculate_sigpending+0x7b/0xa0 [ 24.311230] ? __pfx_kthread+0x10/0x10 [ 24.311300] ret_from_fork+0x116/0x1d0 [ 24.311332] ? __pfx_kthread+0x10/0x10 [ 24.311362] ret_from_fork_asm+0x1a/0x30 [ 24.311406] </TASK> [ 24.311422] [ 24.336397] Allocated by task 283: [ 24.337571] kasan_save_stack+0x45/0x70 [ 24.338335] kasan_save_track+0x18/0x40 [ 24.339076] kasan_save_alloc_info+0x3b/0x50 [ 24.339903] __kasan_kmalloc+0xb7/0xc0 [ 24.340272] __kmalloc_cache_noprof+0x189/0x420 [ 24.340698] kasan_atomics+0x95/0x310 [ 24.341051] kunit_try_run_case+0x1a5/0x480 [ 24.341441] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.343553] kthread+0x337/0x6f0 [ 24.344015] ret_from_fork+0x116/0x1d0 [ 24.344999] ret_from_fork_asm+0x1a/0x30 [ 24.345659] [ 24.346037] The buggy address belongs to the object at ffff8881039d9c80 [ 24.346037] which belongs to the cache kmalloc-64 of size 64 [ 24.346926] The buggy address is located 0 bytes to the right of [ 24.346926] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 24.348179] [ 24.348487] The buggy address belongs to the physical page: [ 24.349734] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 24.350432] flags: 0x200000000000000(node=0|zone=2) [ 24.350977] page_type: f5(slab) [ 24.351738] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.352985] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.354126] page dumped because: kasan: bad access detected [ 24.354448] [ 24.354638] Memory state around the buggy address: [ 24.356059] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.356758] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.357457] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.358455] ^ [ 24.358965] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.360053] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.360855] ================================================================== [ 25.884447] ================================================================== [ 25.885321] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 25.885843] Write of size 8 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 25.886437] [ 25.886736] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 25.886878] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.886921] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.886987] Call Trace: [ 25.887038] <TASK> [ 25.887087] dump_stack_lvl+0x73/0xb0 [ 25.887179] print_report+0xd1/0x650 [ 25.887315] ? __virt_addr_valid+0x1db/0x2d0 [ 25.887396] ? kasan_atomics_helper+0x1d7a/0x5450 [ 25.887472] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.887572] ? kasan_atomics_helper+0x1d7a/0x5450 [ 25.887649] kasan_report+0x141/0x180 [ 25.887726] ? kasan_atomics_helper+0x1d7a/0x5450 [ 25.887811] kasan_check_range+0x10c/0x1c0 [ 25.887896] __kasan_check_write+0x18/0x20 [ 25.887973] kasan_atomics_helper+0x1d7a/0x5450 [ 25.888057] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.888141] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.888288] ? kasan_atomics+0x152/0x310 [ 25.888384] kasan_atomics+0x1dc/0x310 [ 25.888465] ? __pfx_kasan_atomics+0x10/0x10 [ 25.888564] ? __pfx_read_tsc+0x10/0x10 [ 25.888643] ? ktime_get_ts64+0x86/0x230 [ 25.888732] kunit_try_run_case+0x1a5/0x480 [ 25.888821] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.888896] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.888942] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.888979] ? __kthread_parkme+0x82/0x180 [ 25.889012] ? preempt_count_sub+0x50/0x80 [ 25.889046] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.889084] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.889121] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.889157] kthread+0x337/0x6f0 [ 25.889186] ? trace_preempt_on+0x20/0xc0 [ 25.889249] ? __pfx_kthread+0x10/0x10 [ 25.889304] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.889339] ? calculate_sigpending+0x7b/0xa0 [ 25.889374] ? __pfx_kthread+0x10/0x10 [ 25.889406] ret_from_fork+0x116/0x1d0 [ 25.889434] ? __pfx_kthread+0x10/0x10 [ 25.889466] ret_from_fork_asm+0x1a/0x30 [ 25.889536] </TASK> [ 25.889555] [ 25.906022] Allocated by task 283: [ 25.906489] kasan_save_stack+0x45/0x70 [ 25.907841] kasan_save_track+0x18/0x40 [ 25.909205] kasan_save_alloc_info+0x3b/0x50 [ 25.911565] __kasan_kmalloc+0xb7/0xc0 [ 25.912544] __kmalloc_cache_noprof+0x189/0x420 [ 25.914109] kasan_atomics+0x95/0x310 [ 25.915176] kunit_try_run_case+0x1a5/0x480 [ 25.916684] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.917020] kthread+0x337/0x6f0 [ 25.918275] ret_from_fork+0x116/0x1d0 [ 25.919319] ret_from_fork_asm+0x1a/0x30 [ 25.920111] [ 25.921089] The buggy address belongs to the object at ffff8881039d9c80 [ 25.921089] which belongs to the cache kmalloc-64 of size 64 [ 25.922151] The buggy address is located 0 bytes to the right of [ 25.922151] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 25.923179] [ 25.923397] The buggy address belongs to the physical page: [ 25.924240] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 25.925422] flags: 0x200000000000000(node=0|zone=2) [ 25.925876] page_type: f5(slab) [ 25.926300] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.927417] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.928075] page dumped because: kasan: bad access detected [ 25.928709] [ 25.928921] Memory state around the buggy address: [ 25.929298] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.929836] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.930357] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.931561] ^ [ 25.932297] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.933004] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.933748] ================================================================== [ 26.153380] ================================================================== [ 26.154385] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 26.155296] Read of size 8 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 26.155990] [ 26.156239] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 26.156370] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.156414] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.156481] Call Trace: [ 26.156552] <TASK> [ 26.156607] dump_stack_lvl+0x73/0xb0 [ 26.156703] print_report+0xd1/0x650 [ 26.156790] ? __virt_addr_valid+0x1db/0x2d0 [ 26.156832] ? kasan_atomics_helper+0x4f98/0x5450 [ 26.156866] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.156901] ? kasan_atomics_helper+0x4f98/0x5450 [ 26.156961] kasan_report+0x141/0x180 [ 26.157021] ? kasan_atomics_helper+0x4f98/0x5450 [ 26.157097] __asan_report_load8_noabort+0x18/0x20 [ 26.157181] kasan_atomics_helper+0x4f98/0x5450 [ 26.157323] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.157472] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.157699] ? kasan_atomics+0x152/0x310 [ 26.157793] kasan_atomics+0x1dc/0x310 [ 26.157874] ? __pfx_kasan_atomics+0x10/0x10 [ 26.157953] ? __pfx_read_tsc+0x10/0x10 [ 26.158027] ? ktime_get_ts64+0x86/0x230 [ 26.158108] kunit_try_run_case+0x1a5/0x480 [ 26.158197] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.158292] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.158429] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.158618] ? __kthread_parkme+0x82/0x180 [ 26.158780] ? preempt_count_sub+0x50/0x80 [ 26.158897] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.158984] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.159066] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.159147] kthread+0x337/0x6f0 [ 26.159193] ? trace_preempt_on+0x20/0xc0 [ 26.159247] ? __pfx_kthread+0x10/0x10 [ 26.159299] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.159334] ? calculate_sigpending+0x7b/0xa0 [ 26.159370] ? __pfx_kthread+0x10/0x10 [ 26.159400] ret_from_fork+0x116/0x1d0 [ 26.159428] ? __pfx_kthread+0x10/0x10 [ 26.159458] ret_from_fork_asm+0x1a/0x30 [ 26.159526] </TASK> [ 26.159546] [ 26.185477] Allocated by task 283: [ 26.186173] kasan_save_stack+0x45/0x70 [ 26.186994] kasan_save_track+0x18/0x40 [ 26.187797] kasan_save_alloc_info+0x3b/0x50 [ 26.188198] __kasan_kmalloc+0xb7/0xc0 [ 26.188727] __kmalloc_cache_noprof+0x189/0x420 [ 26.189307] kasan_atomics+0x95/0x310 [ 26.189861] kunit_try_run_case+0x1a5/0x480 [ 26.190396] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.190924] kthread+0x337/0x6f0 [ 26.191444] ret_from_fork+0x116/0x1d0 [ 26.191880] ret_from_fork_asm+0x1a/0x30 [ 26.192360] [ 26.192730] The buggy address belongs to the object at ffff8881039d9c80 [ 26.192730] which belongs to the cache kmalloc-64 of size 64 [ 26.193732] The buggy address is located 0 bytes to the right of [ 26.193732] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 26.194893] [ 26.195157] The buggy address belongs to the physical page: [ 26.195806] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 26.196693] flags: 0x200000000000000(node=0|zone=2) [ 26.197293] page_type: f5(slab) [ 26.197757] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.198530] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.199204] page dumped because: kasan: bad access detected [ 26.199640] [ 26.199851] Memory state around the buggy address: [ 26.200204] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.200884] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.201589] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.202287] ^ [ 26.202684] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.203457] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.204083] ================================================================== [ 25.757029] ================================================================== [ 25.757694] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 25.758578] Write of size 8 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 25.759368] [ 25.759741] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 25.759904] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.759950] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.760068] Call Trace: [ 25.760155] <TASK> [ 25.760213] dump_stack_lvl+0x73/0xb0 [ 25.760410] print_report+0xd1/0x650 [ 25.760545] ? __virt_addr_valid+0x1db/0x2d0 [ 25.760631] ? kasan_atomics_helper+0x1c18/0x5450 [ 25.760794] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.760879] ? kasan_atomics_helper+0x1c18/0x5450 [ 25.760948] kasan_report+0x141/0x180 [ 25.760988] ? kasan_atomics_helper+0x1c18/0x5450 [ 25.761028] kasan_check_range+0x10c/0x1c0 [ 25.761065] __kasan_check_write+0x18/0x20 [ 25.761095] kasan_atomics_helper+0x1c18/0x5450 [ 25.761129] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.761162] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.761209] ? kasan_atomics+0x152/0x310 [ 25.761312] kasan_atomics+0x1dc/0x310 [ 25.761350] ? __pfx_kasan_atomics+0x10/0x10 [ 25.761387] ? __pfx_read_tsc+0x10/0x10 [ 25.761419] ? ktime_get_ts64+0x86/0x230 [ 25.761455] kunit_try_run_case+0x1a5/0x480 [ 25.761516] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.761562] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.761599] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.761650] ? __kthread_parkme+0x82/0x180 [ 25.761683] ? preempt_count_sub+0x50/0x80 [ 25.761716] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.761755] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.761791] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.761828] kthread+0x337/0x6f0 [ 25.761856] ? trace_preempt_on+0x20/0xc0 [ 25.761891] ? __pfx_kthread+0x10/0x10 [ 25.761922] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.761954] ? calculate_sigpending+0x7b/0xa0 [ 25.761991] ? __pfx_kthread+0x10/0x10 [ 25.762023] ret_from_fork+0x116/0x1d0 [ 25.762049] ? __pfx_kthread+0x10/0x10 [ 25.762079] ret_from_fork_asm+0x1a/0x30 [ 25.762123] </TASK> [ 25.762140] [ 25.778934] Allocated by task 283: [ 25.779382] kasan_save_stack+0x45/0x70 [ 25.779871] kasan_save_track+0x18/0x40 [ 25.780375] kasan_save_alloc_info+0x3b/0x50 [ 25.780962] __kasan_kmalloc+0xb7/0xc0 [ 25.781459] __kmalloc_cache_noprof+0x189/0x420 [ 25.782093] kasan_atomics+0x95/0x310 [ 25.782616] kunit_try_run_case+0x1a5/0x480 [ 25.783069] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.783546] kthread+0x337/0x6f0 [ 25.784016] ret_from_fork+0x116/0x1d0 [ 25.784655] ret_from_fork_asm+0x1a/0x30 [ 25.785100] [ 25.785383] The buggy address belongs to the object at ffff8881039d9c80 [ 25.785383] which belongs to the cache kmalloc-64 of size 64 [ 25.786579] The buggy address is located 0 bytes to the right of [ 25.786579] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 25.787781] [ 25.788035] The buggy address belongs to the physical page: [ 25.788639] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 25.789141] flags: 0x200000000000000(node=0|zone=2) [ 25.789571] page_type: f5(slab) [ 25.790082] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.790919] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.791643] page dumped because: kasan: bad access detected [ 25.792668] [ 25.792861] Memory state around the buggy address: [ 25.793214] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.794408] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.795339] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.795903] ^ [ 25.796842] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.797523] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.798314] ================================================================== [ 24.651925] ================================================================== [ 24.652672] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 24.653863] Write of size 4 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 24.654932] [ 24.655140] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 24.655255] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.655296] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.655361] Call Trace: [ 24.655407] <TASK> [ 24.655460] dump_stack_lvl+0x73/0xb0 [ 24.655591] print_report+0xd1/0x650 [ 24.655679] ? __virt_addr_valid+0x1db/0x2d0 [ 24.655762] ? kasan_atomics_helper+0xfa9/0x5450 [ 24.655842] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.655925] ? kasan_atomics_helper+0xfa9/0x5450 [ 24.656003] kasan_report+0x141/0x180 [ 24.656083] ? kasan_atomics_helper+0xfa9/0x5450 [ 24.656173] kasan_check_range+0x10c/0x1c0 [ 24.656259] __kasan_check_write+0x18/0x20 [ 24.656331] kasan_atomics_helper+0xfa9/0x5450 [ 24.656406] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.656483] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.656605] ? kasan_atomics+0x152/0x310 [ 24.656713] kasan_atomics+0x1dc/0x310 [ 24.656755] ? __pfx_kasan_atomics+0x10/0x10 [ 24.656794] ? __pfx_read_tsc+0x10/0x10 [ 24.656828] ? ktime_get_ts64+0x86/0x230 [ 24.656866] kunit_try_run_case+0x1a5/0x480 [ 24.656906] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.656941] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.656977] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.657012] ? __kthread_parkme+0x82/0x180 [ 24.657042] ? preempt_count_sub+0x50/0x80 [ 24.657076] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.657112] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.657147] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.657184] kthread+0x337/0x6f0 [ 24.657212] ? trace_preempt_on+0x20/0xc0 [ 24.657279] ? __pfx_kthread+0x10/0x10 [ 24.657314] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.657348] ? calculate_sigpending+0x7b/0xa0 [ 24.657383] ? __pfx_kthread+0x10/0x10 [ 24.657416] ret_from_fork+0x116/0x1d0 [ 24.657444] ? __pfx_kthread+0x10/0x10 [ 24.657475] ret_from_fork_asm+0x1a/0x30 [ 24.657550] </TASK> [ 24.657568] [ 24.675016] Allocated by task 283: [ 24.675614] kasan_save_stack+0x45/0x70 [ 24.676199] kasan_save_track+0x18/0x40 [ 24.676681] kasan_save_alloc_info+0x3b/0x50 [ 24.677397] __kasan_kmalloc+0xb7/0xc0 [ 24.677828] __kmalloc_cache_noprof+0x189/0x420 [ 24.678596] kasan_atomics+0x95/0x310 [ 24.679017] kunit_try_run_case+0x1a5/0x480 [ 24.679413] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.679990] kthread+0x337/0x6f0 [ 24.680391] ret_from_fork+0x116/0x1d0 [ 24.680850] ret_from_fork_asm+0x1a/0x30 [ 24.681197] [ 24.681444] The buggy address belongs to the object at ffff8881039d9c80 [ 24.681444] which belongs to the cache kmalloc-64 of size 64 [ 24.683876] The buggy address is located 0 bytes to the right of [ 24.683876] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 24.685027] [ 24.685701] The buggy address belongs to the physical page: [ 24.686135] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 24.687015] flags: 0x200000000000000(node=0|zone=2) [ 24.687992] page_type: f5(slab) [ 24.688172] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.688969] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.689291] page dumped because: kasan: bad access detected [ 24.690247] [ 24.690488] Memory state around the buggy address: [ 24.691049] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.692075] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.692895] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.694051] ^ [ 24.694632] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.695152] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.696408] ================================================================== [ 24.960045] ================================================================== [ 24.960694] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 24.961283] Read of size 4 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 24.961922] [ 24.962160] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 24.962305] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.962348] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.962414] Call Trace: [ 24.962471] <TASK> [ 24.962548] dump_stack_lvl+0x73/0xb0 [ 24.962645] print_report+0xd1/0x650 [ 24.962732] ? __virt_addr_valid+0x1db/0x2d0 [ 24.962818] ? kasan_atomics_helper+0x49e8/0x5450 [ 24.962903] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.962985] ? kasan_atomics_helper+0x49e8/0x5450 [ 24.963065] kasan_report+0x141/0x180 [ 24.963150] ? kasan_atomics_helper+0x49e8/0x5450 [ 24.963240] __asan_report_load4_noabort+0x18/0x20 [ 24.963330] kasan_atomics_helper+0x49e8/0x5450 [ 24.963411] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.963488] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.963574] ? kasan_atomics+0x152/0x310 [ 24.963616] kasan_atomics+0x1dc/0x310 [ 24.963650] ? __pfx_kasan_atomics+0x10/0x10 [ 24.963687] ? __pfx_read_tsc+0x10/0x10 [ 24.963721] ? ktime_get_ts64+0x86/0x230 [ 24.963756] kunit_try_run_case+0x1a5/0x480 [ 24.963796] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.963831] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.963866] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.963900] ? __kthread_parkme+0x82/0x180 [ 24.963931] ? preempt_count_sub+0x50/0x80 [ 24.963963] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.964000] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.964035] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.964071] kthread+0x337/0x6f0 [ 24.964099] ? trace_preempt_on+0x20/0xc0 [ 24.964133] ? __pfx_kthread+0x10/0x10 [ 24.964163] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.964196] ? calculate_sigpending+0x7b/0xa0 [ 24.964250] ? __pfx_kthread+0x10/0x10 [ 24.964301] ret_from_fork+0x116/0x1d0 [ 24.964330] ? __pfx_kthread+0x10/0x10 [ 24.964360] ret_from_fork_asm+0x1a/0x30 [ 24.964402] </TASK> [ 24.964419] [ 24.978918] Allocated by task 283: [ 24.979260] kasan_save_stack+0x45/0x70 [ 24.979758] kasan_save_track+0x18/0x40 [ 24.980173] kasan_save_alloc_info+0x3b/0x50 [ 24.980611] __kasan_kmalloc+0xb7/0xc0 [ 24.980930] __kmalloc_cache_noprof+0x189/0x420 [ 24.981441] kasan_atomics+0x95/0x310 [ 24.982203] kunit_try_run_case+0x1a5/0x480 [ 24.982692] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.984766] kthread+0x337/0x6f0 [ 24.985185] ret_from_fork+0x116/0x1d0 [ 24.985687] ret_from_fork_asm+0x1a/0x30 [ 24.986117] [ 24.986788] The buggy address belongs to the object at ffff8881039d9c80 [ 24.986788] which belongs to the cache kmalloc-64 of size 64 [ 24.987736] The buggy address is located 0 bytes to the right of [ 24.987736] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 24.989549] [ 24.989951] The buggy address belongs to the physical page: [ 24.990762] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 24.991689] flags: 0x200000000000000(node=0|zone=2) [ 24.992143] page_type: f5(slab) [ 24.992547] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.993149] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.993850] page dumped because: kasan: bad access detected [ 24.994380] [ 24.994608] Memory state around the buggy address: [ 24.995065] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.995811] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.996469] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.997069] ^ [ 24.997597] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.998314] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.998921] ================================================================== [ 25.575894] ================================================================== [ 25.576648] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 25.577454] Write of size 8 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 25.577965] [ 25.578275] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 25.578398] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.578437] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.578524] Call Trace: [ 25.578610] <TASK> [ 25.578667] dump_stack_lvl+0x73/0xb0 [ 25.578902] print_report+0xd1/0x650 [ 25.579026] ? __virt_addr_valid+0x1db/0x2d0 [ 25.579111] ? kasan_atomics_helper+0x194a/0x5450 [ 25.579191] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.579283] ? kasan_atomics_helper+0x194a/0x5450 [ 25.579343] kasan_report+0x141/0x180 [ 25.579411] ? kasan_atomics_helper+0x194a/0x5450 [ 25.579568] kasan_check_range+0x10c/0x1c0 [ 25.579689] __kasan_check_write+0x18/0x20 [ 25.579768] kasan_atomics_helper+0x194a/0x5450 [ 25.579904] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.580015] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.580104] ? kasan_atomics+0x152/0x310 [ 25.580149] kasan_atomics+0x1dc/0x310 [ 25.580185] ? __pfx_kasan_atomics+0x10/0x10 [ 25.580225] ? __pfx_read_tsc+0x10/0x10 [ 25.580306] ? ktime_get_ts64+0x86/0x230 [ 25.580346] kunit_try_run_case+0x1a5/0x480 [ 25.580389] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.580426] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.580462] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.580523] ? __kthread_parkme+0x82/0x180 [ 25.580560] ? preempt_count_sub+0x50/0x80 [ 25.580595] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.580633] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.580669] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.580705] kthread+0x337/0x6f0 [ 25.580734] ? trace_preempt_on+0x20/0xc0 [ 25.580770] ? __pfx_kthread+0x10/0x10 [ 25.580801] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.580834] ? calculate_sigpending+0x7b/0xa0 [ 25.580870] ? __pfx_kthread+0x10/0x10 [ 25.580902] ret_from_fork+0x116/0x1d0 [ 25.580930] ? __pfx_kthread+0x10/0x10 [ 25.580959] ret_from_fork_asm+0x1a/0x30 [ 25.581002] </TASK> [ 25.581018] [ 25.598819] Allocated by task 283: [ 25.599267] kasan_save_stack+0x45/0x70 [ 25.599831] kasan_save_track+0x18/0x40 [ 25.600337] kasan_save_alloc_info+0x3b/0x50 [ 25.600758] __kasan_kmalloc+0xb7/0xc0 [ 25.601145] __kmalloc_cache_noprof+0x189/0x420 [ 25.601762] kasan_atomics+0x95/0x310 [ 25.602259] kunit_try_run_case+0x1a5/0x480 [ 25.602757] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.603317] kthread+0x337/0x6f0 [ 25.603754] ret_from_fork+0x116/0x1d0 [ 25.604137] ret_from_fork_asm+0x1a/0x30 [ 25.604529] [ 25.604773] The buggy address belongs to the object at ffff8881039d9c80 [ 25.604773] which belongs to the cache kmalloc-64 of size 64 [ 25.605863] The buggy address is located 0 bytes to the right of [ 25.605863] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 25.606831] [ 25.607031] The buggy address belongs to the physical page: [ 25.607455] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 25.608212] flags: 0x200000000000000(node=0|zone=2) [ 25.608800] page_type: f5(slab) [ 25.609294] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.610046] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.610768] page dumped because: kasan: bad access detected [ 25.611421] [ 25.611631] Memory state around the buggy address: [ 25.611979] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.612688] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.613466] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.614128] ^ [ 25.614673] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.615394] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.615957] ================================================================== [ 25.351015] ================================================================== [ 25.351786] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 25.352563] Write of size 8 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 25.353347] [ 25.353670] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 25.353799] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.353843] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.353909] Call Trace: [ 25.353966] <TASK> [ 25.354019] dump_stack_lvl+0x73/0xb0 [ 25.354182] print_report+0xd1/0x650 [ 25.354425] ? __virt_addr_valid+0x1db/0x2d0 [ 25.354601] ? kasan_atomics_helper+0x164f/0x5450 [ 25.354713] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.354796] ? kasan_atomics_helper+0x164f/0x5450 [ 25.354875] kasan_report+0x141/0x180 [ 25.354951] ? kasan_atomics_helper+0x164f/0x5450 [ 25.355037] kasan_check_range+0x10c/0x1c0 [ 25.355121] __kasan_check_write+0x18/0x20 [ 25.355197] kasan_atomics_helper+0x164f/0x5450 [ 25.355442] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.355564] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.355663] ? kasan_atomics+0x152/0x310 [ 25.355747] kasan_atomics+0x1dc/0x310 [ 25.355793] ? __pfx_kasan_atomics+0x10/0x10 [ 25.355833] ? __pfx_read_tsc+0x10/0x10 [ 25.355868] ? ktime_get_ts64+0x86/0x230 [ 25.355903] kunit_try_run_case+0x1a5/0x480 [ 25.355943] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.355977] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.356013] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.356050] ? __kthread_parkme+0x82/0x180 [ 25.356080] ? preempt_count_sub+0x50/0x80 [ 25.356113] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.356150] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.356185] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.356245] kthread+0x337/0x6f0 [ 25.356296] ? trace_preempt_on+0x20/0xc0 [ 25.356333] ? __pfx_kthread+0x10/0x10 [ 25.356363] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.356395] ? calculate_sigpending+0x7b/0xa0 [ 25.356431] ? __pfx_kthread+0x10/0x10 [ 25.356460] ret_from_fork+0x116/0x1d0 [ 25.356487] ? __pfx_kthread+0x10/0x10 [ 25.356548] ret_from_fork_asm+0x1a/0x30 [ 25.356594] </TASK> [ 25.356610] [ 25.370616] Allocated by task 283: [ 25.371289] kasan_save_stack+0x45/0x70 [ 25.371749] kasan_save_track+0x18/0x40 [ 25.372157] kasan_save_alloc_info+0x3b/0x50 [ 25.372603] __kasan_kmalloc+0xb7/0xc0 [ 25.372890] __kmalloc_cache_noprof+0x189/0x420 [ 25.373192] kasan_atomics+0x95/0x310 [ 25.373708] kunit_try_run_case+0x1a5/0x480 [ 25.374156] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.374629] kthread+0x337/0x6f0 [ 25.374874] ret_from_fork+0x116/0x1d0 [ 25.375217] ret_from_fork_asm+0x1a/0x30 [ 25.375678] [ 25.375832] The buggy address belongs to the object at ffff8881039d9c80 [ 25.375832] which belongs to the cache kmalloc-64 of size 64 [ 25.376598] The buggy address is located 0 bytes to the right of [ 25.376598] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 25.377436] [ 25.380548] The buggy address belongs to the physical page: [ 25.380947] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 25.381454] flags: 0x200000000000000(node=0|zone=2) [ 25.381820] page_type: f5(slab) [ 25.382061] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.382452] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.382993] page dumped because: kasan: bad access detected [ 25.383851] [ 25.384074] Memory state around the buggy address: [ 25.384527] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.385552] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.386240] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.388277] ^ [ 25.388622] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.390079] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.390833] ================================================================== [ 24.477127] ================================================================== [ 24.478461] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 24.479421] Write of size 4 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 24.479877] [ 24.480070] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 24.480181] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.480219] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.480283] Call Trace: [ 24.480795] <TASK> [ 24.480887] dump_stack_lvl+0x73/0xb0 [ 24.480995] print_report+0xd1/0x650 [ 24.481079] ? __virt_addr_valid+0x1db/0x2d0 [ 24.481321] ? kasan_atomics_helper+0xde0/0x5450 [ 24.481401] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.481481] ? kasan_atomics_helper+0xde0/0x5450 [ 24.481642] kasan_report+0x141/0x180 [ 24.481729] ? kasan_atomics_helper+0xde0/0x5450 [ 24.481819] kasan_check_range+0x10c/0x1c0 [ 24.481902] __kasan_check_write+0x18/0x20 [ 24.481975] kasan_atomics_helper+0xde0/0x5450 [ 24.482085] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.482173] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.482268] ? kasan_atomics+0x152/0x310 [ 24.482323] kasan_atomics+0x1dc/0x310 [ 24.482360] ? __pfx_kasan_atomics+0x10/0x10 [ 24.482398] ? __pfx_read_tsc+0x10/0x10 [ 24.482433] ? ktime_get_ts64+0x86/0x230 [ 24.482471] kunit_try_run_case+0x1a5/0x480 [ 24.482559] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.482641] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.482715] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.482787] ? __kthread_parkme+0x82/0x180 [ 24.482856] ? preempt_count_sub+0x50/0x80 [ 24.482927] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.483002] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.483082] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.483127] kthread+0x337/0x6f0 [ 24.483156] ? trace_preempt_on+0x20/0xc0 [ 24.483191] ? __pfx_kthread+0x10/0x10 [ 24.483230] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.483303] ? calculate_sigpending+0x7b/0xa0 [ 24.483342] ? __pfx_kthread+0x10/0x10 [ 24.483374] ret_from_fork+0x116/0x1d0 [ 24.483401] ? __pfx_kthread+0x10/0x10 [ 24.483432] ret_from_fork_asm+0x1a/0x30 [ 24.483476] </TASK> [ 24.483492] [ 24.507300] Allocated by task 283: [ 24.507979] kasan_save_stack+0x45/0x70 [ 24.508578] kasan_save_track+0x18/0x40 [ 24.508998] kasan_save_alloc_info+0x3b/0x50 [ 24.509959] __kasan_kmalloc+0xb7/0xc0 [ 24.510439] __kmalloc_cache_noprof+0x189/0x420 [ 24.511490] kasan_atomics+0x95/0x310 [ 24.512139] kunit_try_run_case+0x1a5/0x480 [ 24.512620] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.513058] kthread+0x337/0x6f0 [ 24.513386] ret_from_fork+0x116/0x1d0 [ 24.514099] ret_from_fork_asm+0x1a/0x30 [ 24.515321] [ 24.515725] The buggy address belongs to the object at ffff8881039d9c80 [ 24.515725] which belongs to the cache kmalloc-64 of size 64 [ 24.516769] The buggy address is located 0 bytes to the right of [ 24.516769] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 24.519049] [ 24.519248] The buggy address belongs to the physical page: [ 24.519776] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 24.520836] flags: 0x200000000000000(node=0|zone=2) [ 24.522347] page_type: f5(slab) [ 24.522969] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.524198] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.525239] page dumped because: kasan: bad access detected [ 24.526154] [ 24.526423] Memory state around the buggy address: [ 24.527517] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.528387] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.529291] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.530064] ^ [ 24.530804] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.531197] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.532715] ================================================================== [ 25.000301] ================================================================== [ 25.000841] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 25.001492] Write of size 4 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 25.002165] [ 25.002561] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 25.002692] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.002737] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.002805] Call Trace: [ 25.002861] <TASK> [ 25.002937] dump_stack_lvl+0x73/0xb0 [ 25.003067] print_report+0xd1/0x650 [ 25.003156] ? __virt_addr_valid+0x1db/0x2d0 [ 25.003307] ? kasan_atomics_helper+0x12e6/0x5450 [ 25.003421] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.003516] ? kasan_atomics_helper+0x12e6/0x5450 [ 25.003597] kasan_report+0x141/0x180 [ 25.003678] ? kasan_atomics_helper+0x12e6/0x5450 [ 25.003769] kasan_check_range+0x10c/0x1c0 [ 25.003875] __kasan_check_write+0x18/0x20 [ 25.003981] kasan_atomics_helper+0x12e6/0x5450 [ 25.004069] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.004149] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.004326] ? kasan_atomics+0x152/0x310 [ 25.004416] kasan_atomics+0x1dc/0x310 [ 25.004476] ? __pfx_kasan_atomics+0x10/0x10 [ 25.004543] ? __pfx_read_tsc+0x10/0x10 [ 25.004582] ? ktime_get_ts64+0x86/0x230 [ 25.004620] kunit_try_run_case+0x1a5/0x480 [ 25.004660] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.004697] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.004733] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.004768] ? __kthread_parkme+0x82/0x180 [ 25.004800] ? preempt_count_sub+0x50/0x80 [ 25.004833] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.004870] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.004906] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.004942] kthread+0x337/0x6f0 [ 25.004971] ? trace_preempt_on+0x20/0xc0 [ 25.005005] ? __pfx_kthread+0x10/0x10 [ 25.005036] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.005069] ? calculate_sigpending+0x7b/0xa0 [ 25.005104] ? __pfx_kthread+0x10/0x10 [ 25.005134] ret_from_fork+0x116/0x1d0 [ 25.005162] ? __pfx_kthread+0x10/0x10 [ 25.005191] ret_from_fork_asm+0x1a/0x30 [ 25.005269] </TASK> [ 25.005291] [ 25.023064] Allocated by task 283: [ 25.023631] kasan_save_stack+0x45/0x70 [ 25.024302] kasan_save_track+0x18/0x40 [ 25.024837] kasan_save_alloc_info+0x3b/0x50 [ 25.025460] __kasan_kmalloc+0xb7/0xc0 [ 25.025962] __kmalloc_cache_noprof+0x189/0x420 [ 25.026635] kasan_atomics+0x95/0x310 [ 25.027110] kunit_try_run_case+0x1a5/0x480 [ 25.027693] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.028348] kthread+0x337/0x6f0 [ 25.028854] ret_from_fork+0x116/0x1d0 [ 25.029404] ret_from_fork_asm+0x1a/0x30 [ 25.029928] [ 25.030265] The buggy address belongs to the object at ffff8881039d9c80 [ 25.030265] which belongs to the cache kmalloc-64 of size 64 [ 25.031179] The buggy address is located 0 bytes to the right of [ 25.031179] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 25.032545] [ 25.032816] The buggy address belongs to the physical page: [ 25.033454] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 25.034106] flags: 0x200000000000000(node=0|zone=2) [ 25.034798] page_type: f5(slab) [ 25.035160] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.035947] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.036796] page dumped because: kasan: bad access detected [ 25.037392] [ 25.037663] Memory state around the buggy address: [ 25.038277] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.039023] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.039830] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.040541] ^ [ 25.040914] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.041585] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.042163] ================================================================== [ 23.628934] ================================================================== [ 23.629476] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 23.631985] Write of size 4 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 23.632986] [ 23.633238] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 23.633441] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.633488] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.633595] Call Trace: [ 23.633673] <TASK> [ 23.633731] dump_stack_lvl+0x73/0xb0 [ 23.633841] print_report+0xd1/0x650 [ 23.633927] ? __virt_addr_valid+0x1db/0x2d0 [ 23.634008] ? kasan_atomics_helper+0x4b3a/0x5450 [ 23.634087] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.634170] ? kasan_atomics_helper+0x4b3a/0x5450 [ 23.634248] kasan_report+0x141/0x180 [ 23.634566] ? kasan_atomics_helper+0x4b3a/0x5450 [ 23.634660] __asan_report_store4_noabort+0x1b/0x30 [ 23.634739] kasan_atomics_helper+0x4b3a/0x5450 [ 23.634820] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.634938] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.634992] ? kasan_atomics+0x152/0x310 [ 23.635033] kasan_atomics+0x1dc/0x310 [ 23.635070] ? __pfx_kasan_atomics+0x10/0x10 [ 23.635112] ? __pfx_read_tsc+0x10/0x10 [ 23.635147] ? ktime_get_ts64+0x86/0x230 [ 23.635185] kunit_try_run_case+0x1a5/0x480 [ 23.635254] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.635304] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.635343] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.635380] ? __kthread_parkme+0x82/0x180 [ 23.635413] ? preempt_count_sub+0x50/0x80 [ 23.635447] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.635484] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.635564] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.635654] kthread+0x337/0x6f0 [ 23.635728] ? trace_preempt_on+0x20/0xc0 [ 23.635809] ? __pfx_kthread+0x10/0x10 [ 23.635878] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.635952] ? calculate_sigpending+0x7b/0xa0 [ 23.636025] ? __pfx_kthread+0x10/0x10 [ 23.636061] ret_from_fork+0x116/0x1d0 [ 23.636092] ? __pfx_kthread+0x10/0x10 [ 23.636123] ret_from_fork_asm+0x1a/0x30 [ 23.636166] </TASK> [ 23.636181] [ 23.660368] Allocated by task 283: [ 23.662117] kasan_save_stack+0x45/0x70 [ 23.662871] kasan_save_track+0x18/0x40 [ 23.663327] kasan_save_alloc_info+0x3b/0x50 [ 23.664362] __kasan_kmalloc+0xb7/0xc0 [ 23.664739] __kmalloc_cache_noprof+0x189/0x420 [ 23.665077] kasan_atomics+0x95/0x310 [ 23.665592] kunit_try_run_case+0x1a5/0x480 [ 23.666864] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.667975] kthread+0x337/0x6f0 [ 23.668441] ret_from_fork+0x116/0x1d0 [ 23.668914] ret_from_fork_asm+0x1a/0x30 [ 23.670069] [ 23.670620] The buggy address belongs to the object at ffff8881039d9c80 [ 23.670620] which belongs to the cache kmalloc-64 of size 64 [ 23.671990] The buggy address is located 0 bytes to the right of [ 23.671990] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 23.673761] [ 23.674446] The buggy address belongs to the physical page: [ 23.674849] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 23.675725] flags: 0x200000000000000(node=0|zone=2) [ 23.676178] page_type: f5(slab) [ 23.676572] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.677169] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.678069] page dumped because: kasan: bad access detected [ 23.678442] [ 23.678716] Memory state around the buggy address: [ 23.680132] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.681189] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.681996] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.683096] ^ [ 23.683563] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.684094] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.684855] ================================================================== [ 24.598485] ================================================================== [ 24.599321] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 24.601395] Write of size 4 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 24.602148] [ 24.602699] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 24.602836] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.602877] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.602963] Call Trace: [ 24.603016] <TASK> [ 24.603071] dump_stack_lvl+0x73/0xb0 [ 24.603184] print_report+0xd1/0x650 [ 24.603561] ? __virt_addr_valid+0x1db/0x2d0 [ 24.603652] ? kasan_atomics_helper+0xf10/0x5450 [ 24.603735] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.603814] ? kasan_atomics_helper+0xf10/0x5450 [ 24.603892] kasan_report+0x141/0x180 [ 24.603930] ? kasan_atomics_helper+0xf10/0x5450 [ 24.603971] kasan_check_range+0x10c/0x1c0 [ 24.604006] __kasan_check_write+0x18/0x20 [ 24.604037] kasan_atomics_helper+0xf10/0x5450 [ 24.604073] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.604107] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.604152] ? kasan_atomics+0x152/0x310 [ 24.604193] kasan_atomics+0x1dc/0x310 [ 24.604237] ? __pfx_kasan_atomics+0x10/0x10 [ 24.604309] ? __pfx_read_tsc+0x10/0x10 [ 24.604345] ? ktime_get_ts64+0x86/0x230 [ 24.604382] kunit_try_run_case+0x1a5/0x480 [ 24.604424] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.604461] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.604523] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.604952] ? __kthread_parkme+0x82/0x180 [ 24.604998] ? preempt_count_sub+0x50/0x80 [ 24.605036] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.605076] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.605115] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.605153] kthread+0x337/0x6f0 [ 24.605186] ? trace_preempt_on+0x20/0xc0 [ 24.605225] ? __pfx_kthread+0x10/0x10 [ 24.605304] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.605343] ? calculate_sigpending+0x7b/0xa0 [ 24.605382] ? __pfx_kthread+0x10/0x10 [ 24.605415] ret_from_fork+0x116/0x1d0 [ 24.605445] ? __pfx_kthread+0x10/0x10 [ 24.605475] ret_from_fork_asm+0x1a/0x30 [ 24.605552] </TASK> [ 24.605606] [ 24.626230] Allocated by task 283: [ 24.627320] kasan_save_stack+0x45/0x70 [ 24.628210] kasan_save_track+0x18/0x40 [ 24.629116] kasan_save_alloc_info+0x3b/0x50 [ 24.630376] __kasan_kmalloc+0xb7/0xc0 [ 24.630712] __kmalloc_cache_noprof+0x189/0x420 [ 24.631182] kasan_atomics+0x95/0x310 [ 24.632412] kunit_try_run_case+0x1a5/0x480 [ 24.632862] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.633349] kthread+0x337/0x6f0 [ 24.633713] ret_from_fork+0x116/0x1d0 [ 24.634131] ret_from_fork_asm+0x1a/0x30 [ 24.635132] [ 24.635377] The buggy address belongs to the object at ffff8881039d9c80 [ 24.635377] which belongs to the cache kmalloc-64 of size 64 [ 24.636812] The buggy address is located 0 bytes to the right of [ 24.636812] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 24.638268] [ 24.638947] The buggy address belongs to the physical page: [ 24.639636] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 24.640887] flags: 0x200000000000000(node=0|zone=2) [ 24.641314] page_type: f5(slab) [ 24.642193] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.642890] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.644129] page dumped because: kasan: bad access detected [ 24.644599] [ 24.644938] Memory state around the buggy address: [ 24.645877] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.647027] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.648169] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.648589] ^ [ 24.648905] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.649165] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.650155] ================================================================== [ 26.022326] ================================================================== [ 26.022961] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 26.023636] Write of size 8 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 26.024331] [ 26.024638] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 26.024770] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.024813] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.024877] Call Trace: [ 26.024933] <TASK> [ 26.024989] dump_stack_lvl+0x73/0xb0 [ 26.025083] print_report+0xd1/0x650 [ 26.025166] ? __virt_addr_valid+0x1db/0x2d0 [ 26.025301] ? kasan_atomics_helper+0x1f43/0x5450 [ 26.025385] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.025470] ? kasan_atomics_helper+0x1f43/0x5450 [ 26.025570] kasan_report+0x141/0x180 [ 26.025662] ? kasan_atomics_helper+0x1f43/0x5450 [ 26.025752] kasan_check_range+0x10c/0x1c0 [ 26.025841] __kasan_check_write+0x18/0x20 [ 26.025921] kasan_atomics_helper+0x1f43/0x5450 [ 26.026008] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.026091] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.026194] ? kasan_atomics+0x152/0x310 [ 26.026333] kasan_atomics+0x1dc/0x310 [ 26.026414] ? __pfx_kasan_atomics+0x10/0x10 [ 26.026519] ? __pfx_read_tsc+0x10/0x10 [ 26.026596] ? ktime_get_ts64+0x86/0x230 [ 26.026688] kunit_try_run_case+0x1a5/0x480 [ 26.026781] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.026865] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.026949] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.027034] ? __kthread_parkme+0x82/0x180 [ 26.027112] ? preempt_count_sub+0x50/0x80 [ 26.027194] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.027288] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.027331] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.027370] kthread+0x337/0x6f0 [ 26.027402] ? trace_preempt_on+0x20/0xc0 [ 26.027441] ? __pfx_kthread+0x10/0x10 [ 26.027472] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.027528] ? calculate_sigpending+0x7b/0xa0 [ 26.027571] ? __pfx_kthread+0x10/0x10 [ 26.027603] ret_from_fork+0x116/0x1d0 [ 26.027630] ? __pfx_kthread+0x10/0x10 [ 26.027661] ret_from_fork_asm+0x1a/0x30 [ 26.027704] </TASK> [ 26.027720] [ 26.044663] Allocated by task 283: [ 26.045176] kasan_save_stack+0x45/0x70 [ 26.045716] kasan_save_track+0x18/0x40 [ 26.046204] kasan_save_alloc_info+0x3b/0x50 [ 26.046712] __kasan_kmalloc+0xb7/0xc0 [ 26.047130] __kmalloc_cache_noprof+0x189/0x420 [ 26.047646] kasan_atomics+0x95/0x310 [ 26.048077] kunit_try_run_case+0x1a5/0x480 [ 26.048429] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.049085] kthread+0x337/0x6f0 [ 26.049703] ret_from_fork+0x116/0x1d0 [ 26.050064] ret_from_fork_asm+0x1a/0x30 [ 26.050401] [ 26.050625] The buggy address belongs to the object at ffff8881039d9c80 [ 26.050625] which belongs to the cache kmalloc-64 of size 64 [ 26.051670] The buggy address is located 0 bytes to the right of [ 26.051670] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 26.052887] [ 26.053085] The buggy address belongs to the physical page: [ 26.053462] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 26.054207] flags: 0x200000000000000(node=0|zone=2) [ 26.054852] page_type: f5(slab) [ 26.055295] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.056023] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.056653] page dumped because: kasan: bad access detected [ 26.057140] [ 26.057493] Memory state around the buggy address: [ 26.057978] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.058701] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.059157] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.059862] ^ [ 26.060372] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.061038] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.061954] ================================================================== [ 23.525037] ================================================================== [ 23.525521] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 23.526130] Read of size 4 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 23.527521] [ 23.527851] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 23.527984] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.528029] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.528096] Call Trace: [ 23.528151] <TASK> [ 23.528203] dump_stack_lvl+0x73/0xb0 [ 23.528780] print_report+0xd1/0x650 [ 23.528903] ? __virt_addr_valid+0x1db/0x2d0 [ 23.528985] ? kasan_atomics_helper+0x4b54/0x5450 [ 23.529053] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.529092] ? kasan_atomics_helper+0x4b54/0x5450 [ 23.529128] kasan_report+0x141/0x180 [ 23.529162] ? kasan_atomics_helper+0x4b54/0x5450 [ 23.529203] __asan_report_load4_noabort+0x18/0x20 [ 23.529295] kasan_atomics_helper+0x4b54/0x5450 [ 23.529336] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.529371] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.529417] ? kasan_atomics+0x152/0x310 [ 23.529459] kasan_atomics+0x1dc/0x310 [ 23.529515] ? __pfx_kasan_atomics+0x10/0x10 [ 23.529633] ? __pfx_read_tsc+0x10/0x10 [ 23.529713] ? ktime_get_ts64+0x86/0x230 [ 23.529755] kunit_try_run_case+0x1a5/0x480 [ 23.529798] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.529835] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.529871] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.529905] ? __kthread_parkme+0x82/0x180 [ 23.529936] ? preempt_count_sub+0x50/0x80 [ 23.529970] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.530007] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.530042] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.530078] kthread+0x337/0x6f0 [ 23.530107] ? trace_preempt_on+0x20/0xc0 [ 23.530140] ? __pfx_kthread+0x10/0x10 [ 23.530170] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.530203] ? calculate_sigpending+0x7b/0xa0 [ 23.530277] ? __pfx_kthread+0x10/0x10 [ 23.530313] ret_from_fork+0x116/0x1d0 [ 23.530340] ? __pfx_kthread+0x10/0x10 [ 23.530370] ret_from_fork_asm+0x1a/0x30 [ 23.530412] </TASK> [ 23.530428] [ 23.551370] Allocated by task 283: [ 23.552201] kasan_save_stack+0x45/0x70 [ 23.552911] kasan_save_track+0x18/0x40 [ 23.553532] kasan_save_alloc_info+0x3b/0x50 [ 23.554359] __kasan_kmalloc+0xb7/0xc0 [ 23.554667] __kmalloc_cache_noprof+0x189/0x420 [ 23.555365] kasan_atomics+0x95/0x310 [ 23.555992] kunit_try_run_case+0x1a5/0x480 [ 23.556842] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.557473] kthread+0x337/0x6f0 [ 23.558004] ret_from_fork+0x116/0x1d0 [ 23.558464] ret_from_fork_asm+0x1a/0x30 [ 23.559198] [ 23.559756] The buggy address belongs to the object at ffff8881039d9c80 [ 23.559756] which belongs to the cache kmalloc-64 of size 64 [ 23.562042] The buggy address is located 0 bytes to the right of [ 23.562042] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 23.563584] [ 23.564071] The buggy address belongs to the physical page: [ 23.564851] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 23.566350] flags: 0x200000000000000(node=0|zone=2) [ 23.566921] page_type: f5(slab) [ 23.567226] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.568338] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.568804] page dumped because: kasan: bad access detected [ 23.570096] [ 23.570682] Memory state around the buggy address: [ 23.571212] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.572136] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.572654] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.573194] ^ [ 23.574374] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.575423] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.576533] ================================================================== [ 23.857955] ================================================================== [ 23.858695] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 23.859770] Write of size 4 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 23.860296] [ 23.861319] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 23.861454] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.861515] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.861782] Call Trace: [ 23.861844] <TASK> [ 23.861899] dump_stack_lvl+0x73/0xb0 [ 23.862007] print_report+0xd1/0x650 [ 23.862094] ? __virt_addr_valid+0x1db/0x2d0 [ 23.862174] ? kasan_atomics_helper+0x72f/0x5450 [ 23.862272] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.862353] ? kasan_atomics_helper+0x72f/0x5450 [ 23.862429] kasan_report+0x141/0x180 [ 23.862532] ? kasan_atomics_helper+0x72f/0x5450 [ 23.862627] kasan_check_range+0x10c/0x1c0 [ 23.862841] __kasan_check_write+0x18/0x20 [ 23.862923] kasan_atomics_helper+0x72f/0x5450 [ 23.863001] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.863042] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.863092] ? kasan_atomics+0x152/0x310 [ 23.863134] kasan_atomics+0x1dc/0x310 [ 23.863169] ? __pfx_kasan_atomics+0x10/0x10 [ 23.863207] ? __pfx_read_tsc+0x10/0x10 [ 23.863278] ? ktime_get_ts64+0x86/0x230 [ 23.863321] kunit_try_run_case+0x1a5/0x480 [ 23.863363] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.863402] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.863439] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.863474] ? __kthread_parkme+0x82/0x180 [ 23.863542] ? preempt_count_sub+0x50/0x80 [ 23.863732] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.863776] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.863817] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.863855] kthread+0x337/0x6f0 [ 23.863887] ? trace_preempt_on+0x20/0xc0 [ 23.863923] ? __pfx_kthread+0x10/0x10 [ 23.863955] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.863989] ? calculate_sigpending+0x7b/0xa0 [ 23.864026] ? __pfx_kthread+0x10/0x10 [ 23.864059] ret_from_fork+0x116/0x1d0 [ 23.864086] ? __pfx_kthread+0x10/0x10 [ 23.864117] ret_from_fork_asm+0x1a/0x30 [ 23.864162] </TASK> [ 23.864179] [ 23.880185] Allocated by task 283: [ 23.880620] kasan_save_stack+0x45/0x70 [ 23.881272] kasan_save_track+0x18/0x40 [ 23.881707] kasan_save_alloc_info+0x3b/0x50 [ 23.882139] __kasan_kmalloc+0xb7/0xc0 [ 23.882527] __kmalloc_cache_noprof+0x189/0x420 [ 23.883072] kasan_atomics+0x95/0x310 [ 23.883652] kunit_try_run_case+0x1a5/0x480 [ 23.884120] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.884528] kthread+0x337/0x6f0 [ 23.884944] ret_from_fork+0x116/0x1d0 [ 23.885393] ret_from_fork_asm+0x1a/0x30 [ 23.885775] [ 23.886023] The buggy address belongs to the object at ffff8881039d9c80 [ 23.886023] which belongs to the cache kmalloc-64 of size 64 [ 23.886943] The buggy address is located 0 bytes to the right of [ 23.886943] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 23.887868] [ 23.888127] The buggy address belongs to the physical page: [ 23.888711] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 23.889683] flags: 0x200000000000000(node=0|zone=2) [ 23.890052] page_type: f5(slab) [ 23.890403] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.891460] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.892141] page dumped because: kasan: bad access detected [ 23.892647] [ 23.892855] Memory state around the buggy address: [ 23.893254] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.893796] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.894478] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.894947] ^ [ 23.895629] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.896254] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.896941] ================================================================== [ 26.247940] ================================================================== [ 26.249374] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 26.249854] Read of size 8 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 26.250938] [ 26.251372] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 26.251522] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.251564] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.251628] Call Trace: [ 26.251683] <TASK> [ 26.251741] dump_stack_lvl+0x73/0xb0 [ 26.251846] print_report+0xd1/0x650 [ 26.251927] ? __virt_addr_valid+0x1db/0x2d0 [ 26.252019] ? kasan_atomics_helper+0x4fb2/0x5450 [ 26.252095] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.252173] ? kasan_atomics_helper+0x4fb2/0x5450 [ 26.252277] kasan_report+0x141/0x180 [ 26.252364] ? kasan_atomics_helper+0x4fb2/0x5450 [ 26.252455] __asan_report_load8_noabort+0x18/0x20 [ 26.252561] kasan_atomics_helper+0x4fb2/0x5450 [ 26.252638] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.252717] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.252835] ? kasan_atomics+0x152/0x310 [ 26.252889] kasan_atomics+0x1dc/0x310 [ 26.252929] ? __pfx_kasan_atomics+0x10/0x10 [ 26.252968] ? __pfx_read_tsc+0x10/0x10 [ 26.253005] ? ktime_get_ts64+0x86/0x230 [ 26.253047] kunit_try_run_case+0x1a5/0x480 [ 26.253091] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.253129] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.253168] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.253204] ? __kthread_parkme+0x82/0x180 [ 26.253279] ? preempt_count_sub+0x50/0x80 [ 26.253324] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.253364] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.253401] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.253438] kthread+0x337/0x6f0 [ 26.253469] ? trace_preempt_on+0x20/0xc0 [ 26.253557] ? __pfx_kthread+0x10/0x10 [ 26.253625] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.253686] ? calculate_sigpending+0x7b/0xa0 [ 26.253749] ? __pfx_kthread+0x10/0x10 [ 26.253812] ret_from_fork+0x116/0x1d0 [ 26.253847] ? __pfx_kthread+0x10/0x10 [ 26.253881] ret_from_fork_asm+0x1a/0x30 [ 26.253926] </TASK> [ 26.253943] [ 26.268087] Allocated by task 283: [ 26.268775] kasan_save_stack+0x45/0x70 [ 26.269227] kasan_save_track+0x18/0x40 [ 26.269717] kasan_save_alloc_info+0x3b/0x50 [ 26.270178] __kasan_kmalloc+0xb7/0xc0 [ 26.270642] __kmalloc_cache_noprof+0x189/0x420 [ 26.271148] kasan_atomics+0x95/0x310 [ 26.271575] kunit_try_run_case+0x1a5/0x480 [ 26.271967] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.272483] kthread+0x337/0x6f0 [ 26.272896] ret_from_fork+0x116/0x1d0 [ 26.273315] ret_from_fork_asm+0x1a/0x30 [ 26.273702] [ 26.273898] The buggy address belongs to the object at ffff8881039d9c80 [ 26.273898] which belongs to the cache kmalloc-64 of size 64 [ 26.274763] The buggy address is located 0 bytes to the right of [ 26.274763] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 26.276202] [ 26.276474] The buggy address belongs to the physical page: [ 26.276879] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 26.277435] flags: 0x200000000000000(node=0|zone=2) [ 26.277978] page_type: f5(slab) [ 26.278540] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.279150] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.279640] page dumped because: kasan: bad access detected [ 26.280007] [ 26.280190] Memory state around the buggy address: [ 26.280695] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.281314] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.281979] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.282955] ^ [ 26.283409] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.283923] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.284466] ================================================================== [ 23.465120] ================================================================== [ 23.465883] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 23.466670] Read of size 4 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 23.467277] [ 23.467531] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 23.467695] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.467742] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.467808] Call Trace: [ 23.467908] <TASK> [ 23.467970] dump_stack_lvl+0x73/0xb0 [ 23.468058] print_report+0xd1/0x650 [ 23.468137] ? __virt_addr_valid+0x1db/0x2d0 [ 23.468208] ? kasan_atomics_helper+0x3df/0x5450 [ 23.468324] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.468413] ? kasan_atomics_helper+0x3df/0x5450 [ 23.468489] kasan_report+0x141/0x180 [ 23.468631] ? kasan_atomics_helper+0x3df/0x5450 [ 23.468718] kasan_check_range+0x10c/0x1c0 [ 23.468800] __kasan_check_read+0x15/0x20 [ 23.468872] kasan_atomics_helper+0x3df/0x5450 [ 23.468950] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.469031] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.469128] ? kasan_atomics+0x152/0x310 [ 23.469258] kasan_atomics+0x1dc/0x310 [ 23.469346] ? __pfx_kasan_atomics+0x10/0x10 [ 23.469473] ? __pfx_read_tsc+0x10/0x10 [ 23.469613] ? ktime_get_ts64+0x86/0x230 [ 23.469721] kunit_try_run_case+0x1a5/0x480 [ 23.469815] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.469892] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.469971] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.470052] ? __kthread_parkme+0x82/0x180 [ 23.470129] ? preempt_count_sub+0x50/0x80 [ 23.470210] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.470320] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.470407] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.470494] kthread+0x337/0x6f0 [ 23.470583] ? trace_preempt_on+0x20/0xc0 [ 23.470665] ? __pfx_kthread+0x10/0x10 [ 23.470740] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.470817] ? calculate_sigpending+0x7b/0xa0 [ 23.470963] ? __pfx_kthread+0x10/0x10 [ 23.471022] ret_from_fork+0x116/0x1d0 [ 23.471058] ? __pfx_kthread+0x10/0x10 [ 23.471089] ret_from_fork_asm+0x1a/0x30 [ 23.471133] </TASK> [ 23.471150] [ 23.491294] Allocated by task 283: [ 23.492162] kasan_save_stack+0x45/0x70 [ 23.493483] kasan_save_track+0x18/0x40 [ 23.495325] kasan_save_alloc_info+0x3b/0x50 [ 23.496749] __kasan_kmalloc+0xb7/0xc0 [ 23.497948] __kmalloc_cache_noprof+0x189/0x420 [ 23.499290] kasan_atomics+0x95/0x310 [ 23.499909] kunit_try_run_case+0x1a5/0x480 [ 23.500205] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.502936] kthread+0x337/0x6f0 [ 23.504131] ret_from_fork+0x116/0x1d0 [ 23.504819] ret_from_fork_asm+0x1a/0x30 [ 23.505092] [ 23.505246] The buggy address belongs to the object at ffff8881039d9c80 [ 23.505246] which belongs to the cache kmalloc-64 of size 64 [ 23.509071] The buggy address is located 0 bytes to the right of [ 23.509071] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 23.510913] [ 23.511168] The buggy address belongs to the physical page: [ 23.511645] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 23.512477] flags: 0x200000000000000(node=0|zone=2) [ 23.513553] page_type: f5(slab) [ 23.513878] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.514868] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.516764] page dumped because: kasan: bad access detected [ 23.517749] [ 23.517984] Memory state around the buggy address: [ 23.518384] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.519200] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.520588] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.521207] ^ [ 23.522014] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.523032] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.523455] ================================================================== [ 25.086829] ================================================================== [ 25.087465] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 25.088174] Read of size 8 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 25.088802] [ 25.089129] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 25.089267] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.089314] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.089404] Call Trace: [ 25.089487] <TASK> [ 25.089561] dump_stack_lvl+0x73/0xb0 [ 25.089647] print_report+0xd1/0x650 [ 25.089690] ? __virt_addr_valid+0x1db/0x2d0 [ 25.089729] ? kasan_atomics_helper+0x13b5/0x5450 [ 25.089808] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.089893] ? kasan_atomics_helper+0x13b5/0x5450 [ 25.090024] kasan_report+0x141/0x180 [ 25.090114] ? kasan_atomics_helper+0x13b5/0x5450 [ 25.090210] kasan_check_range+0x10c/0x1c0 [ 25.090312] __kasan_check_read+0x15/0x20 [ 25.090420] kasan_atomics_helper+0x13b5/0x5450 [ 25.090518] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.090566] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.090618] ? kasan_atomics+0x152/0x310 [ 25.090659] kasan_atomics+0x1dc/0x310 [ 25.090704] ? __pfx_kasan_atomics+0x10/0x10 [ 25.090775] ? __pfx_read_tsc+0x10/0x10 [ 25.090828] ? ktime_get_ts64+0x86/0x230 [ 25.090869] kunit_try_run_case+0x1a5/0x480 [ 25.090912] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.090950] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.090986] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.091021] ? __kthread_parkme+0x82/0x180 [ 25.091053] ? preempt_count_sub+0x50/0x80 [ 25.091086] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.091125] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.091161] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.091197] kthread+0x337/0x6f0 [ 25.091240] ? trace_preempt_on+0x20/0xc0 [ 25.091299] ? __pfx_kthread+0x10/0x10 [ 25.091333] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.091366] ? calculate_sigpending+0x7b/0xa0 [ 25.091404] ? __pfx_kthread+0x10/0x10 [ 25.091434] ret_from_fork+0x116/0x1d0 [ 25.091464] ? __pfx_kthread+0x10/0x10 [ 25.091493] ret_from_fork_asm+0x1a/0x30 [ 25.091564] </TASK> [ 25.091581] [ 25.112372] Allocated by task 283: [ 25.113906] kasan_save_stack+0x45/0x70 [ 25.115025] kasan_save_track+0x18/0x40 [ 25.115769] kasan_save_alloc_info+0x3b/0x50 [ 25.116707] __kasan_kmalloc+0xb7/0xc0 [ 25.117048] __kmalloc_cache_noprof+0x189/0x420 [ 25.117965] kasan_atomics+0x95/0x310 [ 25.118569] kunit_try_run_case+0x1a5/0x480 [ 25.119042] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.119774] kthread+0x337/0x6f0 [ 25.120371] ret_from_fork+0x116/0x1d0 [ 25.120769] ret_from_fork_asm+0x1a/0x30 [ 25.121560] [ 25.121835] The buggy address belongs to the object at ffff8881039d9c80 [ 25.121835] which belongs to the cache kmalloc-64 of size 64 [ 25.122921] The buggy address is located 0 bytes to the right of [ 25.122921] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 25.123949] [ 25.124247] The buggy address belongs to the physical page: [ 25.124843] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 25.125643] flags: 0x200000000000000(node=0|zone=2) [ 25.126232] page_type: f5(slab) [ 25.126811] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.127421] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.128173] page dumped because: kasan: bad access detected [ 25.128871] [ 25.129088] Memory state around the buggy address: [ 25.129791] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.130393] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.130978] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.131674] ^ [ 25.132027] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.132995] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.133731] ================================================================== [ 25.711484] ================================================================== [ 25.712210] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 25.713032] Write of size 8 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 25.713696] [ 25.713895] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 25.714005] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.714043] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.714102] Call Trace: [ 25.714146] <TASK> [ 25.714192] dump_stack_lvl+0x73/0xb0 [ 25.714334] print_report+0xd1/0x650 [ 25.714481] ? __virt_addr_valid+0x1db/0x2d0 [ 25.714628] ? kasan_atomics_helper+0x1b22/0x5450 [ 25.714718] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.714799] ? kasan_atomics_helper+0x1b22/0x5450 [ 25.714879] kasan_report+0x141/0x180 [ 25.714959] ? kasan_atomics_helper+0x1b22/0x5450 [ 25.715046] kasan_check_range+0x10c/0x1c0 [ 25.715131] __kasan_check_write+0x18/0x20 [ 25.715201] kasan_atomics_helper+0x1b22/0x5450 [ 25.715389] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.715469] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.715587] ? kasan_atomics+0x152/0x310 [ 25.715669] kasan_atomics+0x1dc/0x310 [ 25.715749] ? __pfx_kasan_atomics+0x10/0x10 [ 25.715834] ? __pfx_read_tsc+0x10/0x10 [ 25.715913] ? ktime_get_ts64+0x86/0x230 [ 25.716070] kunit_try_run_case+0x1a5/0x480 [ 25.716251] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.716338] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.716418] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.716514] ? __kthread_parkme+0x82/0x180 [ 25.716560] ? preempt_count_sub+0x50/0x80 [ 25.716597] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.716636] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.716672] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.716708] kthread+0x337/0x6f0 [ 25.716738] ? trace_preempt_on+0x20/0xc0 [ 25.716773] ? __pfx_kthread+0x10/0x10 [ 25.716805] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.716837] ? calculate_sigpending+0x7b/0xa0 [ 25.716872] ? __pfx_kthread+0x10/0x10 [ 25.716903] ret_from_fork+0x116/0x1d0 [ 25.716931] ? __pfx_kthread+0x10/0x10 [ 25.716961] ret_from_fork_asm+0x1a/0x30 [ 25.717005] </TASK> [ 25.717022] [ 25.735465] Allocated by task 283: [ 25.736078] kasan_save_stack+0x45/0x70 [ 25.736730] kasan_save_track+0x18/0x40 [ 25.738181] kasan_save_alloc_info+0x3b/0x50 [ 25.739147] __kasan_kmalloc+0xb7/0xc0 [ 25.739589] __kmalloc_cache_noprof+0x189/0x420 [ 25.740321] kasan_atomics+0x95/0x310 [ 25.740780] kunit_try_run_case+0x1a5/0x480 [ 25.741212] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.742066] kthread+0x337/0x6f0 [ 25.742529] ret_from_fork+0x116/0x1d0 [ 25.742975] ret_from_fork_asm+0x1a/0x30 [ 25.743519] [ 25.743723] The buggy address belongs to the object at ffff8881039d9c80 [ 25.743723] which belongs to the cache kmalloc-64 of size 64 [ 25.744673] The buggy address is located 0 bytes to the right of [ 25.744673] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 25.745645] [ 25.745964] The buggy address belongs to the physical page: [ 25.746397] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 25.747072] flags: 0x200000000000000(node=0|zone=2) [ 25.747741] page_type: f5(slab) [ 25.748207] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.748874] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.749657] page dumped because: kasan: bad access detected [ 25.750307] [ 25.750565] Memory state around the buggy address: [ 25.751026] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.751802] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.752570] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.753307] ^ [ 25.753903] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.754629] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.755375] ================================================================== [ 24.824104] ================================================================== [ 24.826781] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 24.827480] Write of size 4 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 24.829124] [ 24.829378] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 24.829489] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.829545] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.829601] Call Trace: [ 24.829662] <TASK> [ 24.829706] dump_stack_lvl+0x73/0xb0 [ 24.829788] print_report+0xd1/0x650 [ 24.829848] ? __virt_addr_valid+0x1db/0x2d0 [ 24.829907] ? kasan_atomics_helper+0x1148/0x5450 [ 24.829964] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.830021] ? kasan_atomics_helper+0x1148/0x5450 [ 24.830079] kasan_report+0x141/0x180 [ 24.830133] ? kasan_atomics_helper+0x1148/0x5450 [ 24.830283] kasan_check_range+0x10c/0x1c0 [ 24.830366] __kasan_check_write+0x18/0x20 [ 24.830435] kasan_atomics_helper+0x1148/0x5450 [ 24.830561] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.830679] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.830830] ? kasan_atomics+0x152/0x310 [ 24.830948] kasan_atomics+0x1dc/0x310 [ 24.831025] ? __pfx_kasan_atomics+0x10/0x10 [ 24.831105] ? __pfx_read_tsc+0x10/0x10 [ 24.831179] ? ktime_get_ts64+0x86/0x230 [ 24.831315] kunit_try_run_case+0x1a5/0x480 [ 24.831404] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.831485] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.831591] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.832704] ? __kthread_parkme+0x82/0x180 [ 24.832778] ? preempt_count_sub+0x50/0x80 [ 24.832856] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.832932] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.833009] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.833094] kthread+0x337/0x6f0 [ 24.833171] ? trace_preempt_on+0x20/0xc0 [ 24.833267] ? __pfx_kthread+0x10/0x10 [ 24.833340] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.833404] ? calculate_sigpending+0x7b/0xa0 [ 24.833471] ? __pfx_kthread+0x10/0x10 [ 24.833557] ret_from_fork+0x116/0x1d0 [ 24.833639] ? __pfx_kthread+0x10/0x10 [ 24.833702] ret_from_fork_asm+0x1a/0x30 [ 24.833780] </TASK> [ 24.833815] [ 24.852129] Allocated by task 283: [ 24.852732] kasan_save_stack+0x45/0x70 [ 24.853214] kasan_save_track+0x18/0x40 [ 24.853824] kasan_save_alloc_info+0x3b/0x50 [ 24.854276] __kasan_kmalloc+0xb7/0xc0 [ 24.854692] __kmalloc_cache_noprof+0x189/0x420 [ 24.855298] kasan_atomics+0x95/0x310 [ 24.855744] kunit_try_run_case+0x1a5/0x480 [ 24.856128] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.856773] kthread+0x337/0x6f0 [ 24.857162] ret_from_fork+0x116/0x1d0 [ 24.857679] ret_from_fork_asm+0x1a/0x30 [ 24.858140] [ 24.858468] The buggy address belongs to the object at ffff8881039d9c80 [ 24.858468] which belongs to the cache kmalloc-64 of size 64 [ 24.859665] The buggy address is located 0 bytes to the right of [ 24.859665] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 24.860772] [ 24.860976] The buggy address belongs to the physical page: [ 24.861405] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 24.862192] flags: 0x200000000000000(node=0|zone=2) [ 24.862819] page_type: f5(slab) [ 24.863274] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.864022] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.864705] page dumped because: kasan: bad access detected [ 24.865302] [ 24.865527] Memory state around the buggy address: [ 24.866017] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.866714] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.867268] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.868110] ^ [ 24.868661] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.869116] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.869826] ================================================================== [ 23.797044] ================================================================== [ 23.798024] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 23.799217] Write of size 4 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 23.801212] [ 23.801434] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 23.801575] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.801631] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.802135] Call Trace: [ 23.802167] <TASK> [ 23.802195] dump_stack_lvl+0x73/0xb0 [ 23.802286] print_report+0xd1/0x650 [ 23.802326] ? __virt_addr_valid+0x1db/0x2d0 [ 23.802362] ? kasan_atomics_helper+0x697/0x5450 [ 23.802421] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.802458] ? kasan_atomics_helper+0x697/0x5450 [ 23.802536] kasan_report+0x141/0x180 [ 23.802673] ? kasan_atomics_helper+0x697/0x5450 [ 23.802765] kasan_check_range+0x10c/0x1c0 [ 23.802807] __kasan_check_write+0x18/0x20 [ 23.802863] kasan_atomics_helper+0x697/0x5450 [ 23.802899] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.802952] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.803033] ? kasan_atomics+0x152/0x310 [ 23.803104] kasan_atomics+0x1dc/0x310 [ 23.803149] ? __pfx_kasan_atomics+0x10/0x10 [ 23.803188] ? __pfx_read_tsc+0x10/0x10 [ 23.803226] ? ktime_get_ts64+0x86/0x230 [ 23.803300] kunit_try_run_case+0x1a5/0x480 [ 23.803344] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.803382] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.803418] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.803453] ? __kthread_parkme+0x82/0x180 [ 23.803483] ? preempt_count_sub+0x50/0x80 [ 23.803552] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.803643] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.803703] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.803743] kthread+0x337/0x6f0 [ 23.803773] ? trace_preempt_on+0x20/0xc0 [ 23.803810] ? __pfx_kthread+0x10/0x10 [ 23.803841] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.803874] ? calculate_sigpending+0x7b/0xa0 [ 23.803910] ? __pfx_kthread+0x10/0x10 [ 23.803942] ret_from_fork+0x116/0x1d0 [ 23.803970] ? __pfx_kthread+0x10/0x10 [ 23.804000] ret_from_fork_asm+0x1a/0x30 [ 23.804047] </TASK> [ 23.804063] [ 23.831384] Allocated by task 283: [ 23.832099] kasan_save_stack+0x45/0x70 [ 23.832714] kasan_save_track+0x18/0x40 [ 23.833040] kasan_save_alloc_info+0x3b/0x50 [ 23.833798] __kasan_kmalloc+0xb7/0xc0 [ 23.834641] __kmalloc_cache_noprof+0x189/0x420 [ 23.835411] kasan_atomics+0x95/0x310 [ 23.836124] kunit_try_run_case+0x1a5/0x480 [ 23.836972] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.838062] kthread+0x337/0x6f0 [ 23.839597] ret_from_fork+0x116/0x1d0 [ 23.840053] ret_from_fork_asm+0x1a/0x30 [ 23.840519] [ 23.840972] The buggy address belongs to the object at ffff8881039d9c80 [ 23.840972] which belongs to the cache kmalloc-64 of size 64 [ 23.842018] The buggy address is located 0 bytes to the right of [ 23.842018] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 23.844231] [ 23.844523] The buggy address belongs to the physical page: [ 23.845562] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 23.846604] flags: 0x200000000000000(node=0|zone=2) [ 23.847733] page_type: f5(slab) [ 23.848152] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.848907] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.849949] page dumped because: kasan: bad access detected [ 23.851547] [ 23.851759] Memory state around the buggy address: [ 23.852107] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.852938] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.853720] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.854291] ^ [ 23.855408] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.856174] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.856926] ================================================================== [ 25.935754] ================================================================== [ 25.936321] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 25.937392] Write of size 8 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 25.938199] [ 25.938587] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 25.938724] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.938765] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.938830] Call Trace: [ 25.938951] <TASK> [ 25.939080] dump_stack_lvl+0x73/0xb0 [ 25.939205] print_report+0xd1/0x650 [ 25.939364] ? __virt_addr_valid+0x1db/0x2d0 [ 25.939443] ? kasan_atomics_helper+0x1e12/0x5450 [ 25.939481] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.939549] ? kasan_atomics_helper+0x1e12/0x5450 [ 25.939584] kasan_report+0x141/0x180 [ 25.939619] ? kasan_atomics_helper+0x1e12/0x5450 [ 25.939658] kasan_check_range+0x10c/0x1c0 [ 25.939693] __kasan_check_write+0x18/0x20 [ 25.939722] kasan_atomics_helper+0x1e12/0x5450 [ 25.939754] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.939787] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.939832] ? kasan_atomics+0x152/0x310 [ 25.939871] kasan_atomics+0x1dc/0x310 [ 25.939904] ? __pfx_kasan_atomics+0x10/0x10 [ 25.939940] ? __pfx_read_tsc+0x10/0x10 [ 25.939972] ? ktime_get_ts64+0x86/0x230 [ 25.940008] kunit_try_run_case+0x1a5/0x480 [ 25.940048] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.940084] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.940119] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.940154] ? __kthread_parkme+0x82/0x180 [ 25.940186] ? preempt_count_sub+0x50/0x80 [ 25.940240] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.940310] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.940348] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.940386] kthread+0x337/0x6f0 [ 25.940414] ? trace_preempt_on+0x20/0xc0 [ 25.940450] ? __pfx_kthread+0x10/0x10 [ 25.940480] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.940546] ? calculate_sigpending+0x7b/0xa0 [ 25.940586] ? __pfx_kthread+0x10/0x10 [ 25.940618] ret_from_fork+0x116/0x1d0 [ 25.940646] ? __pfx_kthread+0x10/0x10 [ 25.940678] ret_from_fork_asm+0x1a/0x30 [ 25.940723] </TASK> [ 25.940740] [ 25.958033] Allocated by task 283: [ 25.958591] kasan_save_stack+0x45/0x70 [ 25.959138] kasan_save_track+0x18/0x40 [ 25.959626] kasan_save_alloc_info+0x3b/0x50 [ 25.960114] __kasan_kmalloc+0xb7/0xc0 [ 25.960569] __kmalloc_cache_noprof+0x189/0x420 [ 25.961089] kasan_atomics+0x95/0x310 [ 25.961595] kunit_try_run_case+0x1a5/0x480 [ 25.962024] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.962697] kthread+0x337/0x6f0 [ 25.963094] ret_from_fork+0x116/0x1d0 [ 25.963566] ret_from_fork_asm+0x1a/0x30 [ 25.964019] [ 25.964331] The buggy address belongs to the object at ffff8881039d9c80 [ 25.964331] which belongs to the cache kmalloc-64 of size 64 [ 25.965431] The buggy address is located 0 bytes to the right of [ 25.965431] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 25.966362] [ 25.966665] The buggy address belongs to the physical page: [ 25.967270] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 25.967991] flags: 0x200000000000000(node=0|zone=2) [ 25.968581] page_type: f5(slab) [ 25.968988] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.969641] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.970351] page dumped because: kasan: bad access detected [ 25.970847] [ 25.971090] Memory state around the buggy address: [ 25.971650] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.972320] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.972952] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.973649] ^ [ 25.974138] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.974795] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.975432] ================================================================== [ 25.977021] ================================================================== [ 25.977851] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 25.978606] Write of size 8 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 25.979459] [ 25.979752] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 25.979868] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.979903] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.979954] Call Trace: [ 25.979997] <TASK> [ 25.980042] dump_stack_lvl+0x73/0xb0 [ 25.980124] print_report+0xd1/0x650 [ 25.980197] ? __virt_addr_valid+0x1db/0x2d0 [ 25.980312] ? kasan_atomics_helper+0x1eaa/0x5450 [ 25.980374] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.980443] ? kasan_atomics_helper+0x1eaa/0x5450 [ 25.980571] kasan_report+0x141/0x180 [ 25.980658] ? kasan_atomics_helper+0x1eaa/0x5450 [ 25.980748] kasan_check_range+0x10c/0x1c0 [ 25.980831] __kasan_check_write+0x18/0x20 [ 25.980910] kasan_atomics_helper+0x1eaa/0x5450 [ 25.980993] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.981074] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.981176] ? kasan_atomics+0x152/0x310 [ 25.981346] kasan_atomics+0x1dc/0x310 [ 25.981424] ? __pfx_kasan_atomics+0x10/0x10 [ 25.981488] ? __pfx_read_tsc+0x10/0x10 [ 25.981582] ? ktime_get_ts64+0x86/0x230 [ 25.981717] kunit_try_run_case+0x1a5/0x480 [ 25.981823] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.981908] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.982034] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.982184] ? __kthread_parkme+0x82/0x180 [ 25.982293] ? preempt_count_sub+0x50/0x80 [ 25.982380] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.982466] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.982570] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.982653] kthread+0x337/0x6f0 [ 25.982726] ? trace_preempt_on+0x20/0xc0 [ 25.982810] ? __pfx_kthread+0x10/0x10 [ 25.982884] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.982959] ? calculate_sigpending+0x7b/0xa0 [ 25.983039] ? __pfx_kthread+0x10/0x10 [ 25.983114] ret_from_fork+0x116/0x1d0 [ 25.983182] ? __pfx_kthread+0x10/0x10 [ 25.983257] ret_from_fork_asm+0x1a/0x30 [ 25.983348] </TASK> [ 25.983392] [ 26.002691] Allocated by task 283: [ 26.003360] kasan_save_stack+0x45/0x70 [ 26.003842] kasan_save_track+0x18/0x40 [ 26.004243] kasan_save_alloc_info+0x3b/0x50 [ 26.004716] __kasan_kmalloc+0xb7/0xc0 [ 26.005470] __kmalloc_cache_noprof+0x189/0x420 [ 26.006156] kasan_atomics+0x95/0x310 [ 26.006622] kunit_try_run_case+0x1a5/0x480 [ 26.007030] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.007789] kthread+0x337/0x6f0 [ 26.008457] ret_from_fork+0x116/0x1d0 [ 26.008821] ret_from_fork_asm+0x1a/0x30 [ 26.009449] [ 26.009746] The buggy address belongs to the object at ffff8881039d9c80 [ 26.009746] which belongs to the cache kmalloc-64 of size 64 [ 26.011139] The buggy address is located 0 bytes to the right of [ 26.011139] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 26.012309] [ 26.012697] The buggy address belongs to the physical page: [ 26.013230] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 26.014043] flags: 0x200000000000000(node=0|zone=2) [ 26.014636] page_type: f5(slab) [ 26.014925] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.015658] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.016270] page dumped because: kasan: bad access detected [ 26.016784] [ 26.017000] Memory state around the buggy address: [ 26.017451] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.018001] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.018675] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.019271] ^ [ 26.019723] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.020349] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.020973] ================================================================== [ 23.410454] ================================================================== [ 23.411898] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 23.413059] Write of size 4 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 23.413842] [ 23.414307] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 23.414434] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.414471] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.414693] Call Trace: [ 23.414755] <TASK> [ 23.414811] dump_stack_lvl+0x73/0xb0 [ 23.414964] print_report+0xd1/0x650 [ 23.415049] ? __virt_addr_valid+0x1db/0x2d0 [ 23.415130] ? kasan_atomics_helper+0x4b6e/0x5450 [ 23.415200] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.415275] ? kasan_atomics_helper+0x4b6e/0x5450 [ 23.415312] kasan_report+0x141/0x180 [ 23.415346] ? kasan_atomics_helper+0x4b6e/0x5450 [ 23.415383] __asan_report_store4_noabort+0x1b/0x30 [ 23.415413] kasan_atomics_helper+0x4b6e/0x5450 [ 23.415444] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.415475] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.415564] ? kasan_atomics+0x152/0x310 [ 23.415653] kasan_atomics+0x1dc/0x310 [ 23.415709] ? __pfx_kasan_atomics+0x10/0x10 [ 23.415745] ? __pfx_read_tsc+0x10/0x10 [ 23.415778] ? ktime_get_ts64+0x86/0x230 [ 23.415813] kunit_try_run_case+0x1a5/0x480 [ 23.415851] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.415885] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.415919] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.415952] ? __kthread_parkme+0x82/0x180 [ 23.415983] ? preempt_count_sub+0x50/0x80 [ 23.416170] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.416212] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.416308] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.416351] kthread+0x337/0x6f0 [ 23.416382] ? trace_preempt_on+0x20/0xc0 [ 23.416417] ? __pfx_kthread+0x10/0x10 [ 23.416449] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.416483] ? calculate_sigpending+0x7b/0xa0 [ 23.416561] ? __pfx_kthread+0x10/0x10 [ 23.416644] ret_from_fork+0x116/0x1d0 [ 23.416710] ? __pfx_kthread+0x10/0x10 [ 23.416777] ret_from_fork_asm+0x1a/0x30 [ 23.416860] </TASK> [ 23.416895] [ 23.440634] Allocated by task 283: [ 23.440994] kasan_save_stack+0x45/0x70 [ 23.441871] kasan_save_track+0x18/0x40 [ 23.442280] kasan_save_alloc_info+0x3b/0x50 [ 23.443123] __kasan_kmalloc+0xb7/0xc0 [ 23.443793] __kmalloc_cache_noprof+0x189/0x420 [ 23.444651] kasan_atomics+0x95/0x310 [ 23.445247] kunit_try_run_case+0x1a5/0x480 [ 23.446183] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.447322] kthread+0x337/0x6f0 [ 23.447880] ret_from_fork+0x116/0x1d0 [ 23.448236] ret_from_fork_asm+0x1a/0x30 [ 23.449130] [ 23.449344] The buggy address belongs to the object at ffff8881039d9c80 [ 23.449344] which belongs to the cache kmalloc-64 of size 64 [ 23.451158] The buggy address is located 0 bytes to the right of [ 23.451158] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 23.452264] [ 23.452541] The buggy address belongs to the physical page: [ 23.453034] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 23.453962] flags: 0x200000000000000(node=0|zone=2) [ 23.454452] page_type: f5(slab) [ 23.454784] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.456065] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.456873] page dumped because: kasan: bad access detected [ 23.457356] [ 23.457985] Memory state around the buggy address: [ 23.458408] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.459169] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.460140] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.461303] ^ [ 23.461926] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.463006] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.464280] ================================================================== [ 24.361889] ================================================================== [ 24.362336] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 24.363933] Read of size 4 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 24.365006] [ 24.365390] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 24.365752] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.365855] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.365954] Call Trace: [ 24.366016] <TASK> [ 24.366075] dump_stack_lvl+0x73/0xb0 [ 24.366267] print_report+0xd1/0x650 [ 24.366359] ? __virt_addr_valid+0x1db/0x2d0 [ 24.366439] ? kasan_atomics_helper+0x4a84/0x5450 [ 24.366489] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.366634] ? kasan_atomics_helper+0x4a84/0x5450 [ 24.366710] kasan_report+0x141/0x180 [ 24.366776] ? kasan_atomics_helper+0x4a84/0x5450 [ 24.366848] __asan_report_load4_noabort+0x18/0x20 [ 24.366924] kasan_atomics_helper+0x4a84/0x5450 [ 24.366991] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.367054] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.367138] ? kasan_atomics+0x152/0x310 [ 24.367218] kasan_atomics+0x1dc/0x310 [ 24.367292] ? __pfx_kasan_atomics+0x10/0x10 [ 24.367332] ? __pfx_read_tsc+0x10/0x10 [ 24.367366] ? ktime_get_ts64+0x86/0x230 [ 24.367402] kunit_try_run_case+0x1a5/0x480 [ 24.367442] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.367477] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.367554] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.367640] ? __kthread_parkme+0x82/0x180 [ 24.367701] ? preempt_count_sub+0x50/0x80 [ 24.367737] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.367777] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.367816] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.367854] kthread+0x337/0x6f0 [ 24.367882] ? trace_preempt_on+0x20/0xc0 [ 24.367919] ? __pfx_kthread+0x10/0x10 [ 24.367950] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.367983] ? calculate_sigpending+0x7b/0xa0 [ 24.368019] ? __pfx_kthread+0x10/0x10 [ 24.368050] ret_from_fork+0x116/0x1d0 [ 24.368078] ? __pfx_kthread+0x10/0x10 [ 24.368108] ret_from_fork_asm+0x1a/0x30 [ 24.368151] </TASK> [ 24.368168] [ 24.392272] Allocated by task 283: [ 24.392854] kasan_save_stack+0x45/0x70 [ 24.393688] kasan_save_track+0x18/0x40 [ 24.394617] kasan_save_alloc_info+0x3b/0x50 [ 24.395059] __kasan_kmalloc+0xb7/0xc0 [ 24.395529] __kmalloc_cache_noprof+0x189/0x420 [ 24.396424] kasan_atomics+0x95/0x310 [ 24.397390] kunit_try_run_case+0x1a5/0x480 [ 24.398011] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.399058] kthread+0x337/0x6f0 [ 24.399474] ret_from_fork+0x116/0x1d0 [ 24.399852] ret_from_fork_asm+0x1a/0x30 [ 24.400281] [ 24.400543] The buggy address belongs to the object at ffff8881039d9c80 [ 24.400543] which belongs to the cache kmalloc-64 of size 64 [ 24.402693] The buggy address is located 0 bytes to the right of [ 24.402693] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 24.404863] [ 24.405058] The buggy address belongs to the physical page: [ 24.405399] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 24.407024] flags: 0x200000000000000(node=0|zone=2) [ 24.408483] page_type: f5(slab) [ 24.409855] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.410492] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.411083] page dumped because: kasan: bad access detected [ 24.412300] [ 24.412478] Memory state around the buggy address: [ 24.412915] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.413918] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.414946] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.415569] ^ [ 24.416551] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.417137] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.418591] ================================================================== [ 23.963046] ================================================================== [ 23.963878] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 23.965160] Write of size 4 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 23.966193] [ 23.966865] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 23.967658] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.967712] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.967808] Call Trace: [ 23.967860] <TASK> [ 23.967891] dump_stack_lvl+0x73/0xb0 [ 23.967956] print_report+0xd1/0x650 [ 23.967999] ? __virt_addr_valid+0x1db/0x2d0 [ 23.968043] ? kasan_atomics_helper+0x860/0x5450 [ 23.968082] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.968122] ? kasan_atomics_helper+0x860/0x5450 [ 23.968161] kasan_report+0x141/0x180 [ 23.968198] ? kasan_atomics_helper+0x860/0x5450 [ 23.968268] kasan_check_range+0x10c/0x1c0 [ 23.968447] __kasan_check_write+0x18/0x20 [ 23.968550] kasan_atomics_helper+0x860/0x5450 [ 23.968637] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.968727] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.968790] ? kasan_atomics+0x152/0x310 [ 23.968836] kasan_atomics+0x1dc/0x310 [ 23.968875] ? __pfx_kasan_atomics+0x10/0x10 [ 23.968919] ? __pfx_read_tsc+0x10/0x10 [ 23.968956] ? ktime_get_ts64+0x86/0x230 [ 23.968997] kunit_try_run_case+0x1a5/0x480 [ 23.969045] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.969087] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.969130] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.969170] ? __kthread_parkme+0x82/0x180 [ 23.969206] ? preempt_count_sub+0x50/0x80 [ 23.969276] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.969326] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.969372] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.969418] kthread+0x337/0x6f0 [ 23.969453] ? trace_preempt_on+0x20/0xc0 [ 23.969493] ? __pfx_kthread+0x10/0x10 [ 23.969586] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.969693] ? calculate_sigpending+0x7b/0xa0 [ 23.969744] ? __pfx_kthread+0x10/0x10 [ 23.969785] ret_from_fork+0x116/0x1d0 [ 23.969818] ? __pfx_kthread+0x10/0x10 [ 23.969854] ret_from_fork_asm+0x1a/0x30 [ 23.969902] </TASK> [ 23.969919] [ 23.993939] Allocated by task 283: [ 23.995303] kasan_save_stack+0x45/0x70 [ 23.995852] kasan_save_track+0x18/0x40 [ 23.996408] kasan_save_alloc_info+0x3b/0x50 [ 23.996906] __kasan_kmalloc+0xb7/0xc0 [ 23.997303] __kmalloc_cache_noprof+0x189/0x420 [ 23.997742] kasan_atomics+0x95/0x310 [ 23.998330] kunit_try_run_case+0x1a5/0x480 [ 23.999538] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.000437] kthread+0x337/0x6f0 [ 24.001115] ret_from_fork+0x116/0x1d0 [ 24.001569] ret_from_fork_asm+0x1a/0x30 [ 24.001952] [ 24.002209] The buggy address belongs to the object at ffff8881039d9c80 [ 24.002209] which belongs to the cache kmalloc-64 of size 64 [ 24.004256] The buggy address is located 0 bytes to the right of [ 24.004256] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 24.006102] [ 24.006445] The buggy address belongs to the physical page: [ 24.007173] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 24.007767] flags: 0x200000000000000(node=0|zone=2) [ 24.008654] page_type: f5(slab) [ 24.008999] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.010178] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.011488] page dumped because: kasan: bad access detected [ 24.012156] [ 24.012657] Memory state around the buggy address: [ 24.013557] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.014811] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.016121] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.017118] ^ [ 24.017917] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.018922] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.020201] ================================================================== [ 24.737776] ================================================================== [ 24.738473] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 24.739224] Write of size 4 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 24.739910] [ 24.740231] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 24.740377] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.740417] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.740748] Call Trace: [ 24.740803] <TASK> [ 24.740860] dump_stack_lvl+0x73/0xb0 [ 24.741829] print_report+0xd1/0x650 [ 24.741903] ? __virt_addr_valid+0x1db/0x2d0 [ 24.741968] ? kasan_atomics_helper+0x1079/0x5450 [ 24.742041] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.742119] ? kasan_atomics_helper+0x1079/0x5450 [ 24.742206] kasan_report+0x141/0x180 [ 24.742290] ? kasan_atomics_helper+0x1079/0x5450 [ 24.742385] kasan_check_range+0x10c/0x1c0 [ 24.742473] __kasan_check_write+0x18/0x20 [ 24.742571] kasan_atomics_helper+0x1079/0x5450 [ 24.742658] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.742741] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.742842] ? kasan_atomics+0x152/0x310 [ 24.742937] kasan_atomics+0x1dc/0x310 [ 24.743022] ? __pfx_kasan_atomics+0x10/0x10 [ 24.743110] ? __pfx_read_tsc+0x10/0x10 [ 24.743191] ? ktime_get_ts64+0x86/0x230 [ 24.744491] kunit_try_run_case+0x1a5/0x480 [ 24.744605] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.744683] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.744766] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.744845] ? __kthread_parkme+0x82/0x180 [ 24.744922] ? preempt_count_sub+0x50/0x80 [ 24.745001] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.745085] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.745167] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.745255] kthread+0x337/0x6f0 [ 24.745328] ? trace_preempt_on+0x20/0xc0 [ 24.745407] ? __pfx_kthread+0x10/0x10 [ 24.745480] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.745593] ? calculate_sigpending+0x7b/0xa0 [ 24.745656] ? __pfx_kthread+0x10/0x10 [ 24.745694] ret_from_fork+0x116/0x1d0 [ 24.745723] ? __pfx_kthread+0x10/0x10 [ 24.745755] ret_from_fork_asm+0x1a/0x30 [ 24.745799] </TASK> [ 24.745817] [ 24.764039] Allocated by task 283: [ 24.764532] kasan_save_stack+0x45/0x70 [ 24.765002] kasan_save_track+0x18/0x40 [ 24.765341] kasan_save_alloc_info+0x3b/0x50 [ 24.765961] __kasan_kmalloc+0xb7/0xc0 [ 24.766276] __kmalloc_cache_noprof+0x189/0x420 [ 24.766677] kasan_atomics+0x95/0x310 [ 24.767084] kunit_try_run_case+0x1a5/0x480 [ 24.767866] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.768526] kthread+0x337/0x6f0 [ 24.768934] ret_from_fork+0x116/0x1d0 [ 24.769359] ret_from_fork_asm+0x1a/0x30 [ 24.769789] [ 24.769988] The buggy address belongs to the object at ffff8881039d9c80 [ 24.769988] which belongs to the cache kmalloc-64 of size 64 [ 24.770948] The buggy address is located 0 bytes to the right of [ 24.770948] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 24.772132] [ 24.772398] The buggy address belongs to the physical page: [ 24.772827] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 24.773352] flags: 0x200000000000000(node=0|zone=2) [ 24.774189] page_type: f5(slab) [ 24.774623] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.775315] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.775910] page dumped because: kasan: bad access detected [ 24.776411] [ 24.776626] Memory state around the buggy address: [ 24.776978] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.778210] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.780045] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.780576] ^ [ 24.781122] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.781794] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.782488] ================================================================== [ 25.179085] ================================================================== [ 25.180203] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 25.180881] Write of size 8 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 25.181177] [ 25.181611] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 25.181768] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.181812] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.181878] Call Trace: [ 25.181934] <TASK> [ 25.182007] dump_stack_lvl+0x73/0xb0 [ 25.182132] print_report+0xd1/0x650 [ 25.182217] ? __virt_addr_valid+0x1db/0x2d0 [ 25.182426] ? kasan_atomics_helper+0x1467/0x5450 [ 25.182780] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.182845] ? kasan_atomics_helper+0x1467/0x5450 [ 25.182906] kasan_report+0x141/0x180 [ 25.182945] ? kasan_atomics_helper+0x1467/0x5450 [ 25.182986] kasan_check_range+0x10c/0x1c0 [ 25.183021] __kasan_check_write+0x18/0x20 [ 25.183050] kasan_atomics_helper+0x1467/0x5450 [ 25.183084] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.183117] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.183164] ? kasan_atomics+0x152/0x310 [ 25.183204] kasan_atomics+0x1dc/0x310 [ 25.183295] ? __pfx_kasan_atomics+0x10/0x10 [ 25.183338] ? __pfx_read_tsc+0x10/0x10 [ 25.183373] ? ktime_get_ts64+0x86/0x230 [ 25.183409] kunit_try_run_case+0x1a5/0x480 [ 25.183448] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.183484] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.183551] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.183589] ? __kthread_parkme+0x82/0x180 [ 25.183620] ? preempt_count_sub+0x50/0x80 [ 25.183655] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.183693] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.183730] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.183767] kthread+0x337/0x6f0 [ 25.183796] ? trace_preempt_on+0x20/0xc0 [ 25.183831] ? __pfx_kthread+0x10/0x10 [ 25.183864] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.183897] ? calculate_sigpending+0x7b/0xa0 [ 25.183933] ? __pfx_kthread+0x10/0x10 [ 25.183963] ret_from_fork+0x116/0x1d0 [ 25.183992] ? __pfx_kthread+0x10/0x10 [ 25.184022] ret_from_fork_asm+0x1a/0x30 [ 25.184065] </TASK> [ 25.184081] [ 25.199025] Allocated by task 283: [ 25.199579] kasan_save_stack+0x45/0x70 [ 25.199992] kasan_save_track+0x18/0x40 [ 25.200456] kasan_save_alloc_info+0x3b/0x50 [ 25.200930] __kasan_kmalloc+0xb7/0xc0 [ 25.201349] __kmalloc_cache_noprof+0x189/0x420 [ 25.201912] kasan_atomics+0x95/0x310 [ 25.202377] kunit_try_run_case+0x1a5/0x480 [ 25.202833] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.203293] kthread+0x337/0x6f0 [ 25.203783] ret_from_fork+0x116/0x1d0 [ 25.204196] ret_from_fork_asm+0x1a/0x30 [ 25.205025] [ 25.206314] The buggy address belongs to the object at ffff8881039d9c80 [ 25.206314] which belongs to the cache kmalloc-64 of size 64 [ 25.208373] The buggy address is located 0 bytes to the right of [ 25.208373] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 25.210212] [ 25.210720] The buggy address belongs to the physical page: [ 25.211203] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 25.212489] flags: 0x200000000000000(node=0|zone=2) [ 25.213005] page_type: f5(slab) [ 25.213461] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.214227] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.215184] page dumped because: kasan: bad access detected [ 25.215718] [ 25.215923] Memory state around the buggy address: [ 25.216410] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.217122] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.217819] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.218786] ^ [ 25.219550] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.220105] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.221090] ================================================================== [ 25.392524] ================================================================== [ 25.393612] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 25.394366] Write of size 8 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 25.395277] [ 25.395634] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 25.395773] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.395809] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.395876] Call Trace: [ 25.395932] <TASK> [ 25.395986] dump_stack_lvl+0x73/0xb0 [ 25.396084] print_report+0xd1/0x650 [ 25.396168] ? __virt_addr_valid+0x1db/0x2d0 [ 25.396251] ? kasan_atomics_helper+0x16e7/0x5450 [ 25.396333] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.396479] ? kasan_atomics_helper+0x16e7/0x5450 [ 25.396714] kasan_report+0x141/0x180 [ 25.396831] ? kasan_atomics_helper+0x16e7/0x5450 [ 25.396926] kasan_check_range+0x10c/0x1c0 [ 25.397010] __kasan_check_write+0x18/0x20 [ 25.397087] kasan_atomics_helper+0x16e7/0x5450 [ 25.397170] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.397255] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.397383] ? kasan_atomics+0x152/0x310 [ 25.397568] kasan_atomics+0x1dc/0x310 [ 25.397775] ? __pfx_kasan_atomics+0x10/0x10 [ 25.397906] ? __pfx_read_tsc+0x10/0x10 [ 25.398050] ? ktime_get_ts64+0x86/0x230 [ 25.398138] kunit_try_run_case+0x1a5/0x480 [ 25.398235] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.398318] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.398404] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.398484] ? __kthread_parkme+0x82/0x180 [ 25.398588] ? preempt_count_sub+0x50/0x80 [ 25.398664] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.398744] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.398843] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.398940] kthread+0x337/0x6f0 [ 25.399012] ? trace_preempt_on+0x20/0xc0 [ 25.399159] ? __pfx_kthread+0x10/0x10 [ 25.399357] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.399536] ? calculate_sigpending+0x7b/0xa0 [ 25.399626] ? __pfx_kthread+0x10/0x10 [ 25.399703] ret_from_fork+0x116/0x1d0 [ 25.399774] ? __pfx_kthread+0x10/0x10 [ 25.399850] ret_from_fork_asm+0x1a/0x30 [ 25.400007] </TASK> [ 25.400080] [ 25.419471] Allocated by task 283: [ 25.419941] kasan_save_stack+0x45/0x70 [ 25.420428] kasan_save_track+0x18/0x40 [ 25.420901] kasan_save_alloc_info+0x3b/0x50 [ 25.421364] __kasan_kmalloc+0xb7/0xc0 [ 25.421925] __kmalloc_cache_noprof+0x189/0x420 [ 25.422530] kasan_atomics+0x95/0x310 [ 25.422914] kunit_try_run_case+0x1a5/0x480 [ 25.423312] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.423916] kthread+0x337/0x6f0 [ 25.424402] ret_from_fork+0x116/0x1d0 [ 25.424886] ret_from_fork_asm+0x1a/0x30 [ 25.425403] [ 25.425693] The buggy address belongs to the object at ffff8881039d9c80 [ 25.425693] which belongs to the cache kmalloc-64 of size 64 [ 25.426731] The buggy address is located 0 bytes to the right of [ 25.426731] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 25.427737] [ 25.428043] The buggy address belongs to the physical page: [ 25.428604] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 25.429311] flags: 0x200000000000000(node=0|zone=2) [ 25.429883] page_type: f5(slab) [ 25.430378] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.431064] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.431793] page dumped because: kasan: bad access detected [ 25.432273] [ 25.432542] Memory state around the buggy address: [ 25.432979] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.433705] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.434349] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.435056] ^ [ 25.435581] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.436171] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.436927] ================================================================== [ 25.528766] ================================================================== [ 25.529324] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 25.530568] Write of size 8 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 25.531712] [ 25.532112] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 25.532269] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.532319] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.532387] Call Trace: [ 25.532443] <TASK> [ 25.532554] dump_stack_lvl+0x73/0xb0 [ 25.532664] print_report+0xd1/0x650 [ 25.532703] ? __virt_addr_valid+0x1db/0x2d0 [ 25.532740] ? kasan_atomics_helper+0x18b1/0x5450 [ 25.532792] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.532860] ? kasan_atomics_helper+0x18b1/0x5450 [ 25.532897] kasan_report+0x141/0x180 [ 25.532932] ? kasan_atomics_helper+0x18b1/0x5450 [ 25.532974] kasan_check_range+0x10c/0x1c0 [ 25.533010] __kasan_check_write+0x18/0x20 [ 25.533037] kasan_atomics_helper+0x18b1/0x5450 [ 25.533070] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.533102] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.533148] ? kasan_atomics+0x152/0x310 [ 25.533187] kasan_atomics+0x1dc/0x310 [ 25.533246] ? __pfx_kasan_atomics+0x10/0x10 [ 25.533302] ? __pfx_read_tsc+0x10/0x10 [ 25.533337] ? ktime_get_ts64+0x86/0x230 [ 25.533374] kunit_try_run_case+0x1a5/0x480 [ 25.533415] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.533450] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.533487] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.533553] ? __kthread_parkme+0x82/0x180 [ 25.533587] ? preempt_count_sub+0x50/0x80 [ 25.533641] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.533681] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.533717] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.533754] kthread+0x337/0x6f0 [ 25.533782] ? trace_preempt_on+0x20/0xc0 [ 25.533817] ? __pfx_kthread+0x10/0x10 [ 25.533848] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.533882] ? calculate_sigpending+0x7b/0xa0 [ 25.533916] ? __pfx_kthread+0x10/0x10 [ 25.533947] ret_from_fork+0x116/0x1d0 [ 25.533974] ? __pfx_kthread+0x10/0x10 [ 25.534004] ret_from_fork_asm+0x1a/0x30 [ 25.534047] </TASK> [ 25.534063] [ 25.554233] Allocated by task 283: [ 25.555391] kasan_save_stack+0x45/0x70 [ 25.556018] kasan_save_track+0x18/0x40 [ 25.556365] kasan_save_alloc_info+0x3b/0x50 [ 25.556851] __kasan_kmalloc+0xb7/0xc0 [ 25.557194] __kmalloc_cache_noprof+0x189/0x420 [ 25.558193] kasan_atomics+0x95/0x310 [ 25.558830] kunit_try_run_case+0x1a5/0x480 [ 25.559216] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.559916] kthread+0x337/0x6f0 [ 25.560207] ret_from_fork+0x116/0x1d0 [ 25.561003] ret_from_fork_asm+0x1a/0x30 [ 25.561487] [ 25.561767] The buggy address belongs to the object at ffff8881039d9c80 [ 25.561767] which belongs to the cache kmalloc-64 of size 64 [ 25.562812] The buggy address is located 0 bytes to the right of [ 25.562812] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 25.564205] [ 25.564544] The buggy address belongs to the physical page: [ 25.565089] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 25.565783] flags: 0x200000000000000(node=0|zone=2) [ 25.566317] page_type: f5(slab) [ 25.566790] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.567467] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.568230] page dumped because: kasan: bad access detected [ 25.568971] [ 25.569337] Memory state around the buggy address: [ 25.569915] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.570679] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.571360] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.572083] ^ [ 25.572635] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.573372] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.574087] ================================================================== [ 25.438421] ================================================================== [ 25.439051] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 25.439745] Write of size 8 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 25.440275] [ 25.440641] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 25.440756] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.440790] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.440847] Call Trace: [ 25.440899] <TASK> [ 25.440947] dump_stack_lvl+0x73/0xb0 [ 25.441032] print_report+0xd1/0x650 [ 25.441100] ? __virt_addr_valid+0x1db/0x2d0 [ 25.441168] ? kasan_atomics_helper+0x177f/0x5450 [ 25.441309] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.441395] ? kasan_atomics_helper+0x177f/0x5450 [ 25.441474] kasan_report+0x141/0x180 [ 25.441578] ? kasan_atomics_helper+0x177f/0x5450 [ 25.441684] kasan_check_range+0x10c/0x1c0 [ 25.441772] __kasan_check_write+0x18/0x20 [ 25.441851] kasan_atomics_helper+0x177f/0x5450 [ 25.442006] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.442097] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.442211] ? kasan_atomics+0x152/0x310 [ 25.442415] kasan_atomics+0x1dc/0x310 [ 25.442525] ? __pfx_kasan_atomics+0x10/0x10 [ 25.442689] ? __pfx_read_tsc+0x10/0x10 [ 25.442775] ? ktime_get_ts64+0x86/0x230 [ 25.442870] kunit_try_run_case+0x1a5/0x480 [ 25.443019] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.443159] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.443285] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.443368] ? __kthread_parkme+0x82/0x180 [ 25.443441] ? preempt_count_sub+0x50/0x80 [ 25.443482] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.443555] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.443597] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.443635] kthread+0x337/0x6f0 [ 25.443664] ? trace_preempt_on+0x20/0xc0 [ 25.443701] ? __pfx_kthread+0x10/0x10 [ 25.443732] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.443765] ? calculate_sigpending+0x7b/0xa0 [ 25.443801] ? __pfx_kthread+0x10/0x10 [ 25.443833] ret_from_fork+0x116/0x1d0 [ 25.443860] ? __pfx_kthread+0x10/0x10 [ 25.443891] ret_from_fork_asm+0x1a/0x30 [ 25.443934] </TASK> [ 25.443952] [ 25.463162] Allocated by task 283: [ 25.463813] kasan_save_stack+0x45/0x70 [ 25.464439] kasan_save_track+0x18/0x40 [ 25.464957] kasan_save_alloc_info+0x3b/0x50 [ 25.465571] __kasan_kmalloc+0xb7/0xc0 [ 25.466025] __kmalloc_cache_noprof+0x189/0x420 [ 25.466714] kasan_atomics+0x95/0x310 [ 25.467135] kunit_try_run_case+0x1a5/0x480 [ 25.467730] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.468469] kthread+0x337/0x6f0 [ 25.468908] ret_from_fork+0x116/0x1d0 [ 25.469481] ret_from_fork_asm+0x1a/0x30 [ 25.469875] [ 25.470343] The buggy address belongs to the object at ffff8881039d9c80 [ 25.470343] which belongs to the cache kmalloc-64 of size 64 [ 25.471532] The buggy address is located 0 bytes to the right of [ 25.471532] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 25.472731] [ 25.472968] The buggy address belongs to the physical page: [ 25.473528] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 25.474190] flags: 0x200000000000000(node=0|zone=2) [ 25.474922] page_type: f5(slab) [ 25.475422] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.476135] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.476769] page dumped because: kasan: bad access detected [ 25.477238] [ 25.477489] Memory state around the buggy address: [ 25.477989] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.478598] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.479132] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.479859] ^ [ 25.480423] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.480931] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.481654] ================================================================== [ 24.784161] ================================================================== [ 24.784801] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 24.785491] Read of size 4 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 24.786261] [ 24.786700] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 24.786829] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.786865] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.786920] Call Trace: [ 24.786957] <TASK> [ 24.787002] dump_stack_lvl+0x73/0xb0 [ 24.787087] print_report+0xd1/0x650 [ 24.787159] ? __virt_addr_valid+0x1db/0x2d0 [ 24.787261] ? kasan_atomics_helper+0x4a1c/0x5450 [ 24.787339] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.787412] ? kasan_atomics_helper+0x4a1c/0x5450 [ 24.787486] kasan_report+0x141/0x180 [ 24.787687] ? kasan_atomics_helper+0x4a1c/0x5450 [ 24.787815] __asan_report_load4_noabort+0x18/0x20 [ 24.787942] kasan_atomics_helper+0x4a1c/0x5450 [ 24.788027] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.788106] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.788284] ? kasan_atomics+0x152/0x310 [ 24.788380] kasan_atomics+0x1dc/0x310 [ 24.788459] ? __pfx_kasan_atomics+0x10/0x10 [ 24.788562] ? __pfx_read_tsc+0x10/0x10 [ 24.788641] ? ktime_get_ts64+0x86/0x230 [ 24.788724] kunit_try_run_case+0x1a5/0x480 [ 24.788840] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.788925] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.789008] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.789088] ? __kthread_parkme+0x82/0x180 [ 24.789166] ? preempt_count_sub+0x50/0x80 [ 24.789295] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.789377] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.789426] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.789466] kthread+0x337/0x6f0 [ 24.789519] ? trace_preempt_on+0x20/0xc0 [ 24.789568] ? __pfx_kthread+0x10/0x10 [ 24.789601] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.789652] ? calculate_sigpending+0x7b/0xa0 [ 24.789691] ? __pfx_kthread+0x10/0x10 [ 24.789722] ret_from_fork+0x116/0x1d0 [ 24.789750] ? __pfx_kthread+0x10/0x10 [ 24.789779] ret_from_fork_asm+0x1a/0x30 [ 24.789823] </TASK> [ 24.789839] [ 24.804790] Allocated by task 283: [ 24.805152] kasan_save_stack+0x45/0x70 [ 24.805575] kasan_save_track+0x18/0x40 [ 24.806007] kasan_save_alloc_info+0x3b/0x50 [ 24.806567] __kasan_kmalloc+0xb7/0xc0 [ 24.807013] __kmalloc_cache_noprof+0x189/0x420 [ 24.807611] kasan_atomics+0x95/0x310 [ 24.808050] kunit_try_run_case+0x1a5/0x480 [ 24.808593] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.809473] kthread+0x337/0x6f0 [ 24.809905] ret_from_fork+0x116/0x1d0 [ 24.810322] ret_from_fork_asm+0x1a/0x30 [ 24.810772] [ 24.811018] The buggy address belongs to the object at ffff8881039d9c80 [ 24.811018] which belongs to the cache kmalloc-64 of size 64 [ 24.812834] The buggy address is located 0 bytes to the right of [ 24.812834] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 24.813656] [ 24.813857] The buggy address belongs to the physical page: [ 24.814269] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 24.815006] flags: 0x200000000000000(node=0|zone=2) [ 24.815605] page_type: f5(slab) [ 24.816078] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.816868] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.817592] page dumped because: kasan: bad access detected [ 24.818137] [ 24.818456] Memory state around the buggy address: [ 24.818925] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.819692] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.820366] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.820919] ^ [ 24.821447] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.822044] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.822679] ================================================================== [ 25.668710] ================================================================== [ 25.669319] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 25.670122] Write of size 8 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 25.670779] [ 25.671071] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 25.671209] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.671317] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.671414] Call Trace: [ 25.671523] <TASK> [ 25.671610] dump_stack_lvl+0x73/0xb0 [ 25.671743] print_report+0xd1/0x650 [ 25.671884] ? __virt_addr_valid+0x1db/0x2d0 [ 25.671961] ? kasan_atomics_helper+0x1a7f/0x5450 [ 25.672015] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.672052] ? kasan_atomics_helper+0x1a7f/0x5450 [ 25.672086] kasan_report+0x141/0x180 [ 25.672120] ? kasan_atomics_helper+0x1a7f/0x5450 [ 25.672162] kasan_check_range+0x10c/0x1c0 [ 25.672201] __kasan_check_write+0x18/0x20 [ 25.672276] kasan_atomics_helper+0x1a7f/0x5450 [ 25.672322] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.672360] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.672405] ? kasan_atomics+0x152/0x310 [ 25.672446] kasan_atomics+0x1dc/0x310 [ 25.672481] ? __pfx_kasan_atomics+0x10/0x10 [ 25.672548] ? __pfx_read_tsc+0x10/0x10 [ 25.672585] ? ktime_get_ts64+0x86/0x230 [ 25.672621] kunit_try_run_case+0x1a5/0x480 [ 25.672663] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.672701] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.672738] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.672774] ? __kthread_parkme+0x82/0x180 [ 25.672808] ? preempt_count_sub+0x50/0x80 [ 25.672842] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.672880] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.672919] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.672957] kthread+0x337/0x6f0 [ 25.672988] ? trace_preempt_on+0x20/0xc0 [ 25.673023] ? __pfx_kthread+0x10/0x10 [ 25.673053] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.673086] ? calculate_sigpending+0x7b/0xa0 [ 25.673125] ? __pfx_kthread+0x10/0x10 [ 25.673158] ret_from_fork+0x116/0x1d0 [ 25.673186] ? __pfx_kthread+0x10/0x10 [ 25.673218] ret_from_fork_asm+0x1a/0x30 [ 25.673299] </TASK> [ 25.673318] [ 25.689000] Allocated by task 283: [ 25.689992] kasan_save_stack+0x45/0x70 [ 25.691538] kasan_save_track+0x18/0x40 [ 25.691885] kasan_save_alloc_info+0x3b/0x50 [ 25.692234] __kasan_kmalloc+0xb7/0xc0 [ 25.692751] __kmalloc_cache_noprof+0x189/0x420 [ 25.693737] kasan_atomics+0x95/0x310 [ 25.694378] kunit_try_run_case+0x1a5/0x480 [ 25.695099] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.696546] kthread+0x337/0x6f0 [ 25.696976] ret_from_fork+0x116/0x1d0 [ 25.697254] ret_from_fork_asm+0x1a/0x30 [ 25.698065] [ 25.698492] The buggy address belongs to the object at ffff8881039d9c80 [ 25.698492] which belongs to the cache kmalloc-64 of size 64 [ 25.699579] The buggy address is located 0 bytes to the right of [ 25.699579] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 25.700870] [ 25.701425] The buggy address belongs to the physical page: [ 25.701921] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 25.702615] flags: 0x200000000000000(node=0|zone=2) [ 25.703029] page_type: f5(slab) [ 25.703376] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.704137] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.704812] page dumped because: kasan: bad access detected [ 25.705332] [ 25.705571] Memory state around the buggy address: [ 25.706085] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.706800] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.707531] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.708157] ^ [ 25.708665] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.709344] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.709982] ================================================================== [ 26.205901] ================================================================== [ 26.206623] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 26.207449] Write of size 8 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 26.208112] [ 26.208529] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 26.208664] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.208709] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.208775] Call Trace: [ 26.208918] <TASK> [ 26.208978] dump_stack_lvl+0x73/0xb0 [ 26.209107] print_report+0xd1/0x650 [ 26.209273] ? __virt_addr_valid+0x1db/0x2d0 [ 26.209362] ? kasan_atomics_helper+0x20c8/0x5450 [ 26.209491] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.209603] ? kasan_atomics_helper+0x20c8/0x5450 [ 26.209700] kasan_report+0x141/0x180 [ 26.209838] ? kasan_atomics_helper+0x20c8/0x5450 [ 26.209961] kasan_check_range+0x10c/0x1c0 [ 26.210048] __kasan_check_write+0x18/0x20 [ 26.210094] kasan_atomics_helper+0x20c8/0x5450 [ 26.210128] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.210163] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.210211] ? kasan_atomics+0x152/0x310 [ 26.210316] kasan_atomics+0x1dc/0x310 [ 26.210354] ? __pfx_kasan_atomics+0x10/0x10 [ 26.210393] ? __pfx_read_tsc+0x10/0x10 [ 26.210428] ? ktime_get_ts64+0x86/0x230 [ 26.210465] kunit_try_run_case+0x1a5/0x480 [ 26.210532] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.210571] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.210608] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.210643] ? __kthread_parkme+0x82/0x180 [ 26.210677] ? preempt_count_sub+0x50/0x80 [ 26.210713] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.210750] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.210785] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.210822] kthread+0x337/0x6f0 [ 26.210850] ? trace_preempt_on+0x20/0xc0 [ 26.210885] ? __pfx_kthread+0x10/0x10 [ 26.210915] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.210947] ? calculate_sigpending+0x7b/0xa0 [ 26.210981] ? __pfx_kthread+0x10/0x10 [ 26.211013] ret_from_fork+0x116/0x1d0 [ 26.211039] ? __pfx_kthread+0x10/0x10 [ 26.211070] ret_from_fork_asm+0x1a/0x30 [ 26.211113] </TASK> [ 26.211130] [ 26.228308] Allocated by task 283: [ 26.228787] kasan_save_stack+0x45/0x70 [ 26.229302] kasan_save_track+0x18/0x40 [ 26.229664] kasan_save_alloc_info+0x3b/0x50 [ 26.230151] __kasan_kmalloc+0xb7/0xc0 [ 26.230678] __kmalloc_cache_noprof+0x189/0x420 [ 26.231199] kasan_atomics+0x95/0x310 [ 26.231637] kunit_try_run_case+0x1a5/0x480 [ 26.231991] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.232541] kthread+0x337/0x6f0 [ 26.232997] ret_from_fork+0x116/0x1d0 [ 26.233520] ret_from_fork_asm+0x1a/0x30 [ 26.233992] [ 26.234314] The buggy address belongs to the object at ffff8881039d9c80 [ 26.234314] which belongs to the cache kmalloc-64 of size 64 [ 26.235449] The buggy address is located 0 bytes to the right of [ 26.235449] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 26.236339] [ 26.236609] The buggy address belongs to the physical page: [ 26.237175] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 26.237887] flags: 0x200000000000000(node=0|zone=2) [ 26.238322] page_type: f5(slab) [ 26.238711] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.239432] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.240086] page dumped because: kasan: bad access detected [ 26.240528] [ 26.240777] Memory state around the buggy address: [ 26.241351] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.242658] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.243599] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.244311] ^ [ 26.244971] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.245521] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.246081] ================================================================== [ 23.352963] ================================================================== [ 23.354002] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 23.354856] Read of size 4 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 23.355382] [ 23.355680] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 23.355812] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.355855] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.355907] Call Trace: [ 23.355929] <TASK> [ 23.355952] dump_stack_lvl+0x73/0xb0 [ 23.356005] print_report+0xd1/0x650 [ 23.356070] ? __virt_addr_valid+0x1db/0x2d0 [ 23.356124] ? kasan_atomics_helper+0x4b88/0x5450 [ 23.356160] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.356192] ? kasan_atomics_helper+0x4b88/0x5450 [ 23.356224] kasan_report+0x141/0x180 [ 23.356255] ? kasan_atomics_helper+0x4b88/0x5450 [ 23.356295] __asan_report_load4_noabort+0x18/0x20 [ 23.356333] kasan_atomics_helper+0x4b88/0x5450 [ 23.356367] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.356398] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.356442] ? kasan_atomics+0x152/0x310 [ 23.356481] kasan_atomics+0x1dc/0x310 [ 23.356594] ? __pfx_kasan_atomics+0x10/0x10 [ 23.356705] ? __pfx_read_tsc+0x10/0x10 [ 23.356780] ? ktime_get_ts64+0x86/0x230 [ 23.356859] kunit_try_run_case+0x1a5/0x480 [ 23.356945] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.357019] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.357093] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.357173] ? __kthread_parkme+0x82/0x180 [ 23.357299] ? preempt_count_sub+0x50/0x80 [ 23.357365] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.357454] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.357538] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.357607] kthread+0x337/0x6f0 [ 23.357722] ? trace_preempt_on+0x20/0xc0 [ 23.357802] ? __pfx_kthread+0x10/0x10 [ 23.357860] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.357922] ? calculate_sigpending+0x7b/0xa0 [ 23.357991] ? __pfx_kthread+0x10/0x10 [ 23.358053] ret_from_fork+0x116/0x1d0 [ 23.358115] ? __pfx_kthread+0x10/0x10 [ 23.358183] ret_from_fork_asm+0x1a/0x30 [ 23.358269] </TASK> [ 23.358289] [ 23.384355] Allocated by task 283: [ 23.384829] kasan_save_stack+0x45/0x70 [ 23.385880] kasan_save_track+0x18/0x40 [ 23.386535] kasan_save_alloc_info+0x3b/0x50 [ 23.387256] __kasan_kmalloc+0xb7/0xc0 [ 23.388002] __kmalloc_cache_noprof+0x189/0x420 [ 23.388740] kasan_atomics+0x95/0x310 [ 23.389786] kunit_try_run_case+0x1a5/0x480 [ 23.390251] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.390824] kthread+0x337/0x6f0 [ 23.391768] ret_from_fork+0x116/0x1d0 [ 23.392214] ret_from_fork_asm+0x1a/0x30 [ 23.393054] [ 23.393432] The buggy address belongs to the object at ffff8881039d9c80 [ 23.393432] which belongs to the cache kmalloc-64 of size 64 [ 23.394857] The buggy address is located 0 bytes to the right of [ 23.394857] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 23.396034] [ 23.396218] The buggy address belongs to the physical page: [ 23.397741] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 23.398364] flags: 0x200000000000000(node=0|zone=2) [ 23.398902] page_type: f5(slab) [ 23.399287] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.400813] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.401683] page dumped because: kasan: bad access detected [ 23.402649] [ 23.402836] Memory state around the buggy address: [ 23.403186] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.404810] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.405522] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.406372] ^ [ 23.407259] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.408073] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.408867] ================================================================== [ 24.918806] ================================================================== [ 24.919460] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 24.920197] Write of size 4 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 24.921532] [ 24.921814] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 24.921908] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.921929] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.921965] Call Trace: [ 24.921995] <TASK> [ 24.922049] dump_stack_lvl+0x73/0xb0 [ 24.922151] print_report+0xd1/0x650 [ 24.922255] ? __virt_addr_valid+0x1db/0x2d0 [ 24.922338] ? kasan_atomics_helper+0x1217/0x5450 [ 24.922413] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.922469] ? kasan_atomics_helper+0x1217/0x5450 [ 24.922544] kasan_report+0x141/0x180 [ 24.922580] ? kasan_atomics_helper+0x1217/0x5450 [ 24.922619] kasan_check_range+0x10c/0x1c0 [ 24.922654] __kasan_check_write+0x18/0x20 [ 24.922682] kasan_atomics_helper+0x1217/0x5450 [ 24.922716] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.922748] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.922795] ? kasan_atomics+0x152/0x310 [ 24.922835] kasan_atomics+0x1dc/0x310 [ 24.922869] ? __pfx_kasan_atomics+0x10/0x10 [ 24.922905] ? __pfx_read_tsc+0x10/0x10 [ 24.922938] ? ktime_get_ts64+0x86/0x230 [ 24.922973] kunit_try_run_case+0x1a5/0x480 [ 24.923012] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.923048] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.923083] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.923118] ? __kthread_parkme+0x82/0x180 [ 24.923149] ? preempt_count_sub+0x50/0x80 [ 24.923182] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.923224] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.923293] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.923332] kthread+0x337/0x6f0 [ 24.923362] ? trace_preempt_on+0x20/0xc0 [ 24.923397] ? __pfx_kthread+0x10/0x10 [ 24.923427] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.923459] ? calculate_sigpending+0x7b/0xa0 [ 24.923515] ? __pfx_kthread+0x10/0x10 [ 24.923556] ret_from_fork+0x116/0x1d0 [ 24.923585] ? __pfx_kthread+0x10/0x10 [ 24.923614] ret_from_fork_asm+0x1a/0x30 [ 24.923658] </TASK> [ 24.923675] [ 24.938045] Allocated by task 283: [ 24.938465] kasan_save_stack+0x45/0x70 [ 24.938961] kasan_save_track+0x18/0x40 [ 24.939287] kasan_save_alloc_info+0x3b/0x50 [ 24.939762] __kasan_kmalloc+0xb7/0xc0 [ 24.940107] __kmalloc_cache_noprof+0x189/0x420 [ 24.940605] kasan_atomics+0x95/0x310 [ 24.940921] kunit_try_run_case+0x1a5/0x480 [ 24.941257] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.941823] kthread+0x337/0x6f0 [ 24.942208] ret_from_fork+0x116/0x1d0 [ 24.942630] ret_from_fork_asm+0x1a/0x30 [ 24.943066] [ 24.943314] The buggy address belongs to the object at ffff8881039d9c80 [ 24.943314] which belongs to the cache kmalloc-64 of size 64 [ 24.944212] The buggy address is located 0 bytes to the right of [ 24.944212] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 24.945170] [ 24.945567] The buggy address belongs to the physical page: [ 24.946106] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 24.946648] flags: 0x200000000000000(node=0|zone=2) [ 24.947017] page_type: f5(slab) [ 24.947308] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.947961] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.948909] page dumped because: kasan: bad access detected [ 24.949722] [ 24.949908] Memory state around the buggy address: [ 24.950441] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.951132] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.953744] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.954214] ^ [ 24.954739] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.956117] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.957148] ================================================================== [ 24.534903] ================================================================== [ 24.535648] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 24.536345] Write of size 4 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 24.537795] [ 24.538129] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 24.538265] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.538310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.538375] Call Trace: [ 24.538433] <TASK> [ 24.538488] dump_stack_lvl+0x73/0xb0 [ 24.539285] print_report+0xd1/0x650 [ 24.539372] ? __virt_addr_valid+0x1db/0x2d0 [ 24.539477] ? kasan_atomics_helper+0xe78/0x5450 [ 24.539558] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.539639] ? kasan_atomics_helper+0xe78/0x5450 [ 24.539720] kasan_report+0x141/0x180 [ 24.539805] ? kasan_atomics_helper+0xe78/0x5450 [ 24.539851] kasan_check_range+0x10c/0x1c0 [ 24.539888] __kasan_check_write+0x18/0x20 [ 24.539917] kasan_atomics_helper+0xe78/0x5450 [ 24.539952] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.539988] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.540033] ? kasan_atomics+0x152/0x310 [ 24.540074] kasan_atomics+0x1dc/0x310 [ 24.540108] ? __pfx_kasan_atomics+0x10/0x10 [ 24.540147] ? __pfx_read_tsc+0x10/0x10 [ 24.540182] ? ktime_get_ts64+0x86/0x230 [ 24.540221] kunit_try_run_case+0x1a5/0x480 [ 24.540302] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.540343] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.540379] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.540415] ? __kthread_parkme+0x82/0x180 [ 24.540445] ? preempt_count_sub+0x50/0x80 [ 24.540479] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.540551] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.540638] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.540722] kthread+0x337/0x6f0 [ 24.540795] ? trace_preempt_on+0x20/0xc0 [ 24.540866] ? __pfx_kthread+0x10/0x10 [ 24.540943] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.541003] ? calculate_sigpending+0x7b/0xa0 [ 24.541043] ? __pfx_kthread+0x10/0x10 [ 24.541075] ret_from_fork+0x116/0x1d0 [ 24.541103] ? __pfx_kthread+0x10/0x10 [ 24.541138] ret_from_fork_asm+0x1a/0x30 [ 24.541183] </TASK> [ 24.541199] [ 24.572163] Allocated by task 283: [ 24.573791] kasan_save_stack+0x45/0x70 [ 24.574052] kasan_save_track+0x18/0x40 [ 24.574241] kasan_save_alloc_info+0x3b/0x50 [ 24.574774] __kasan_kmalloc+0xb7/0xc0 [ 24.575198] __kmalloc_cache_noprof+0x189/0x420 [ 24.575718] kasan_atomics+0x95/0x310 [ 24.576160] kunit_try_run_case+0x1a5/0x480 [ 24.577799] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.578953] kthread+0x337/0x6f0 [ 24.579445] ret_from_fork+0x116/0x1d0 [ 24.580078] ret_from_fork_asm+0x1a/0x30 [ 24.581275] [ 24.581690] The buggy address belongs to the object at ffff8881039d9c80 [ 24.581690] which belongs to the cache kmalloc-64 of size 64 [ 24.582949] The buggy address is located 0 bytes to the right of [ 24.582949] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 24.584192] [ 24.584481] The buggy address belongs to the physical page: [ 24.585793] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 24.586806] flags: 0x200000000000000(node=0|zone=2) [ 24.587193] page_type: f5(slab) [ 24.588142] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.589701] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.590260] page dumped because: kasan: bad access detected [ 24.590698] [ 24.590874] Memory state around the buggy address: [ 24.591258] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.593428] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.594375] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.594940] ^ [ 24.595416] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.596212] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.597424] ================================================================== [ 25.134984] ================================================================== [ 25.135985] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 25.137002] Read of size 8 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 25.137571] [ 25.137950] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 25.138137] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.138213] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.138286] Call Trace: [ 25.138342] <TASK> [ 25.138390] dump_stack_lvl+0x73/0xb0 [ 25.138484] print_report+0xd1/0x650 [ 25.138590] ? __virt_addr_valid+0x1db/0x2d0 [ 25.138673] ? kasan_atomics_helper+0x4eae/0x5450 [ 25.138753] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.138924] ? kasan_atomics_helper+0x4eae/0x5450 [ 25.139059] kasan_report+0x141/0x180 [ 25.139174] ? kasan_atomics_helper+0x4eae/0x5450 [ 25.139278] __asan_report_load8_noabort+0x18/0x20 [ 25.139349] kasan_atomics_helper+0x4eae/0x5450 [ 25.139390] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.139427] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.139474] ? kasan_atomics+0x152/0x310 [ 25.139545] kasan_atomics+0x1dc/0x310 [ 25.139585] ? __pfx_kasan_atomics+0x10/0x10 [ 25.139624] ? __pfx_read_tsc+0x10/0x10 [ 25.139658] ? ktime_get_ts64+0x86/0x230 [ 25.139696] kunit_try_run_case+0x1a5/0x480 [ 25.139737] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.139776] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.139812] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.139847] ? __kthread_parkme+0x82/0x180 [ 25.139879] ? preempt_count_sub+0x50/0x80 [ 25.139912] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.139951] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.139988] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.140026] kthread+0x337/0x6f0 [ 25.140056] ? trace_preempt_on+0x20/0xc0 [ 25.140091] ? __pfx_kthread+0x10/0x10 [ 25.140122] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.140155] ? calculate_sigpending+0x7b/0xa0 [ 25.140192] ? __pfx_kthread+0x10/0x10 [ 25.140235] ret_from_fork+0x116/0x1d0 [ 25.140287] ? __pfx_kthread+0x10/0x10 [ 25.140320] ret_from_fork_asm+0x1a/0x30 [ 25.140364] </TASK> [ 25.140380] [ 25.156075] Allocated by task 283: [ 25.156588] kasan_save_stack+0x45/0x70 [ 25.157086] kasan_save_track+0x18/0x40 [ 25.157790] kasan_save_alloc_info+0x3b/0x50 [ 25.158650] __kasan_kmalloc+0xb7/0xc0 [ 25.158974] __kmalloc_cache_noprof+0x189/0x420 [ 25.159341] kasan_atomics+0x95/0x310 [ 25.159762] kunit_try_run_case+0x1a5/0x480 [ 25.160214] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.161017] kthread+0x337/0x6f0 [ 25.161777] ret_from_fork+0x116/0x1d0 [ 25.162702] ret_from_fork_asm+0x1a/0x30 [ 25.163154] [ 25.163424] The buggy address belongs to the object at ffff8881039d9c80 [ 25.163424] which belongs to the cache kmalloc-64 of size 64 [ 25.165182] The buggy address is located 0 bytes to the right of [ 25.165182] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 25.166042] [ 25.166322] The buggy address belongs to the physical page: [ 25.166881] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 25.167993] flags: 0x200000000000000(node=0|zone=2) [ 25.168442] page_type: f5(slab) [ 25.168881] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.169574] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.170261] page dumped because: kasan: bad access detected [ 25.170984] [ 25.171444] Memory state around the buggy address: [ 25.172086] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.172862] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.173591] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.174360] ^ [ 25.175027] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.175985] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.176751] ================================================================== [ 25.617360] ================================================================== [ 25.618008] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 25.618702] Write of size 8 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 25.619401] [ 25.620148] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 25.620643] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.620690] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.620758] Call Trace: [ 25.620817] <TASK> [ 25.620874] dump_stack_lvl+0x73/0xb0 [ 25.620980] print_report+0xd1/0x650 [ 25.621064] ? __virt_addr_valid+0x1db/0x2d0 [ 25.621148] ? kasan_atomics_helper+0x19e3/0x5450 [ 25.621227] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.621334] ? kasan_atomics_helper+0x19e3/0x5450 [ 25.621414] kasan_report+0x141/0x180 [ 25.621511] ? kasan_atomics_helper+0x19e3/0x5450 [ 25.621604] kasan_check_range+0x10c/0x1c0 [ 25.621699] __kasan_check_write+0x18/0x20 [ 25.621770] kasan_atomics_helper+0x19e3/0x5450 [ 25.621852] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.621928] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.621989] ? kasan_atomics+0x152/0x310 [ 25.622032] kasan_atomics+0x1dc/0x310 [ 25.622068] ? __pfx_kasan_atomics+0x10/0x10 [ 25.622109] ? __pfx_read_tsc+0x10/0x10 [ 25.622143] ? ktime_get_ts64+0x86/0x230 [ 25.622179] kunit_try_run_case+0x1a5/0x480 [ 25.622226] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.622304] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.622344] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.622381] ? __kthread_parkme+0x82/0x180 [ 25.622413] ? preempt_count_sub+0x50/0x80 [ 25.622447] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.622486] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.622553] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.622592] kthread+0x337/0x6f0 [ 25.622621] ? trace_preempt_on+0x20/0xc0 [ 25.622657] ? __pfx_kthread+0x10/0x10 [ 25.622686] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.622720] ? calculate_sigpending+0x7b/0xa0 [ 25.622757] ? __pfx_kthread+0x10/0x10 [ 25.622788] ret_from_fork+0x116/0x1d0 [ 25.622816] ? __pfx_kthread+0x10/0x10 [ 25.622846] ret_from_fork_asm+0x1a/0x30 [ 25.622892] </TASK> [ 25.622910] [ 25.638141] Allocated by task 283: [ 25.638632] kasan_save_stack+0x45/0x70 [ 25.639152] kasan_save_track+0x18/0x40 [ 25.639595] kasan_save_alloc_info+0x3b/0x50 [ 25.640034] __kasan_kmalloc+0xb7/0xc0 [ 25.640459] __kmalloc_cache_noprof+0x189/0x420 [ 25.640935] kasan_atomics+0x95/0x310 [ 25.642615] kunit_try_run_case+0x1a5/0x480 [ 25.642999] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.643546] kthread+0x337/0x6f0 [ 25.648903] ret_from_fork+0x116/0x1d0 [ 25.649833] ret_from_fork_asm+0x1a/0x30 [ 25.650175] [ 25.651656] The buggy address belongs to the object at ffff8881039d9c80 [ 25.651656] which belongs to the cache kmalloc-64 of size 64 [ 25.654119] The buggy address is located 0 bytes to the right of [ 25.654119] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 25.656987] [ 25.657180] The buggy address belongs to the physical page: [ 25.658043] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 25.658926] flags: 0x200000000000000(node=0|zone=2) [ 25.659343] page_type: f5(slab) [ 25.659711] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.660297] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.660931] page dumped because: kasan: bad access detected [ 25.661392] [ 25.661769] Memory state around the buggy address: [ 25.662387] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.663023] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.663831] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.664411] ^ [ 25.665056] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.665809] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.666529] ================================================================== [ 23.900099] ================================================================== [ 23.904305] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 23.906596] Write of size 4 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 23.908210] [ 23.908855] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 23.908933] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.908954] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.908988] Call Trace: [ 23.909014] <TASK> [ 23.909040] dump_stack_lvl+0x73/0xb0 [ 23.909100] print_report+0xd1/0x650 [ 23.909136] ? __virt_addr_valid+0x1db/0x2d0 [ 23.909171] ? kasan_atomics_helper+0x7c7/0x5450 [ 23.909203] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.909294] ? kasan_atomics_helper+0x7c7/0x5450 [ 23.909381] kasan_report+0x141/0x180 [ 23.909462] ? kasan_atomics_helper+0x7c7/0x5450 [ 23.909588] kasan_check_range+0x10c/0x1c0 [ 23.909691] __kasan_check_write+0x18/0x20 [ 23.909767] kasan_atomics_helper+0x7c7/0x5450 [ 23.909871] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.909942] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.910021] ? kasan_atomics+0x152/0x310 [ 23.910099] kasan_atomics+0x1dc/0x310 [ 23.910167] ? __pfx_kasan_atomics+0x10/0x10 [ 23.910240] ? __pfx_read_tsc+0x10/0x10 [ 23.910304] ? ktime_get_ts64+0x86/0x230 [ 23.910374] kunit_try_run_case+0x1a5/0x480 [ 23.910455] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.910553] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.910641] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.910702] ? __kthread_parkme+0x82/0x180 [ 23.910737] ? preempt_count_sub+0x50/0x80 [ 23.910774] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.910814] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.910852] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.910891] kthread+0x337/0x6f0 [ 23.910921] ? trace_preempt_on+0x20/0xc0 [ 23.910957] ? __pfx_kthread+0x10/0x10 [ 23.910987] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.911020] ? calculate_sigpending+0x7b/0xa0 [ 23.911056] ? __pfx_kthread+0x10/0x10 [ 23.911087] ret_from_fork+0x116/0x1d0 [ 23.911114] ? __pfx_kthread+0x10/0x10 [ 23.911144] ret_from_fork_asm+0x1a/0x30 [ 23.911189] </TASK> [ 23.911205] [ 23.936487] Allocated by task 283: [ 23.937109] kasan_save_stack+0x45/0x70 [ 23.937904] kasan_save_track+0x18/0x40 [ 23.938423] kasan_save_alloc_info+0x3b/0x50 [ 23.939023] __kasan_kmalloc+0xb7/0xc0 [ 23.939515] __kmalloc_cache_noprof+0x189/0x420 [ 23.940974] kasan_atomics+0x95/0x310 [ 23.941353] kunit_try_run_case+0x1a5/0x480 [ 23.942156] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.943079] kthread+0x337/0x6f0 [ 23.943656] ret_from_fork+0x116/0x1d0 [ 23.944750] ret_from_fork_asm+0x1a/0x30 [ 23.946007] [ 23.946412] The buggy address belongs to the object at ffff8881039d9c80 [ 23.946412] which belongs to the cache kmalloc-64 of size 64 [ 23.947941] The buggy address is located 0 bytes to the right of [ 23.947941] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 23.948758] [ 23.949120] The buggy address belongs to the physical page: [ 23.949755] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 23.951156] flags: 0x200000000000000(node=0|zone=2) [ 23.951657] page_type: f5(slab) [ 23.952016] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.953443] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.954415] page dumped because: kasan: bad access detected [ 23.955148] [ 23.955373] Memory state around the buggy address: [ 23.956376] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.957613] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.958294] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.959192] ^ [ 23.959836] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.960527] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.961117] ================================================================== [ 26.107988] ================================================================== [ 26.108413] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 26.110115] Write of size 8 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 26.111289] [ 26.111658] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 26.111842] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.111885] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.111951] Call Trace: [ 26.112005] <TASK> [ 26.112059] dump_stack_lvl+0x73/0xb0 [ 26.112160] print_report+0xd1/0x650 [ 26.112264] ? __virt_addr_valid+0x1db/0x2d0 [ 26.112346] ? kasan_atomics_helper+0x2006/0x5450 [ 26.112419] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.112536] ? kasan_atomics_helper+0x2006/0x5450 [ 26.112607] kasan_report+0x141/0x180 [ 26.112685] ? kasan_atomics_helper+0x2006/0x5450 [ 26.112778] kasan_check_range+0x10c/0x1c0 [ 26.112860] __kasan_check_write+0x18/0x20 [ 26.112895] kasan_atomics_helper+0x2006/0x5450 [ 26.112930] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.112964] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.113009] ? kasan_atomics+0x152/0x310 [ 26.113048] kasan_atomics+0x1dc/0x310 [ 26.113082] ? __pfx_kasan_atomics+0x10/0x10 [ 26.113118] ? __pfx_read_tsc+0x10/0x10 [ 26.113149] ? ktime_get_ts64+0x86/0x230 [ 26.113186] kunit_try_run_case+0x1a5/0x480 [ 26.113256] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.113309] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.113347] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.113383] ? __kthread_parkme+0x82/0x180 [ 26.113415] ? preempt_count_sub+0x50/0x80 [ 26.113452] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.113489] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.113559] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.113598] kthread+0x337/0x6f0 [ 26.113643] ? trace_preempt_on+0x20/0xc0 [ 26.113681] ? __pfx_kthread+0x10/0x10 [ 26.113712] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.113745] ? calculate_sigpending+0x7b/0xa0 [ 26.113780] ? __pfx_kthread+0x10/0x10 [ 26.113812] ret_from_fork+0x116/0x1d0 [ 26.113840] ? __pfx_kthread+0x10/0x10 [ 26.113871] ret_from_fork_asm+0x1a/0x30 [ 26.113914] </TASK> [ 26.113931] [ 26.132997] Allocated by task 283: [ 26.133711] kasan_save_stack+0x45/0x70 [ 26.134205] kasan_save_track+0x18/0x40 [ 26.134803] kasan_save_alloc_info+0x3b/0x50 [ 26.135336] __kasan_kmalloc+0xb7/0xc0 [ 26.135809] __kmalloc_cache_noprof+0x189/0x420 [ 26.136372] kasan_atomics+0x95/0x310 [ 26.136819] kunit_try_run_case+0x1a5/0x480 [ 26.137300] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.137947] kthread+0x337/0x6f0 [ 26.138367] ret_from_fork+0x116/0x1d0 [ 26.138902] ret_from_fork_asm+0x1a/0x30 [ 26.139299] [ 26.139593] The buggy address belongs to the object at ffff8881039d9c80 [ 26.139593] which belongs to the cache kmalloc-64 of size 64 [ 26.140817] The buggy address is located 0 bytes to the right of [ 26.140817] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 26.141915] [ 26.142112] The buggy address belongs to the physical page: [ 26.142645] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 26.143627] flags: 0x200000000000000(node=0|zone=2) [ 26.144239] page_type: f5(slab) [ 26.144716] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.145468] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.146021] page dumped because: kasan: bad access detected [ 26.146491] [ 26.146865] Memory state around the buggy address: [ 26.147723] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.148474] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.148976] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.150077] ^ [ 26.150679] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.151310] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.152225] ================================================================== [ 25.044551] ================================================================== [ 25.045341] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 25.046197] Read of size 4 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 25.046803] [ 25.047089] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 25.047233] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.047823] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.047868] Call Trace: [ 25.047894] <TASK> [ 25.047922] dump_stack_lvl+0x73/0xb0 [ 25.047980] print_report+0xd1/0x650 [ 25.048018] ? __virt_addr_valid+0x1db/0x2d0 [ 25.048054] ? kasan_atomics_helper+0x49ce/0x5450 [ 25.048088] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.048121] ? kasan_atomics_helper+0x49ce/0x5450 [ 25.048154] kasan_report+0x141/0x180 [ 25.048187] ? kasan_atomics_helper+0x49ce/0x5450 [ 25.048232] __asan_report_load4_noabort+0x18/0x20 [ 25.048314] kasan_atomics_helper+0x49ce/0x5450 [ 25.048356] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.048392] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.048439] ? kasan_atomics+0x152/0x310 [ 25.048480] kasan_atomics+0x1dc/0x310 [ 25.048543] ? __pfx_kasan_atomics+0x10/0x10 [ 25.048586] ? __pfx_read_tsc+0x10/0x10 [ 25.048621] ? ktime_get_ts64+0x86/0x230 [ 25.048659] kunit_try_run_case+0x1a5/0x480 [ 25.048700] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.048738] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.048775] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.048812] ? __kthread_parkme+0x82/0x180 [ 25.048845] ? preempt_count_sub+0x50/0x80 [ 25.048880] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.048919] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.048955] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.048992] kthread+0x337/0x6f0 [ 25.049022] ? trace_preempt_on+0x20/0xc0 [ 25.049059] ? __pfx_kthread+0x10/0x10 [ 25.049090] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.049125] ? calculate_sigpending+0x7b/0xa0 [ 25.049163] ? __pfx_kthread+0x10/0x10 [ 25.049195] ret_from_fork+0x116/0x1d0 [ 25.049233] ? __pfx_kthread+0x10/0x10 [ 25.049286] ret_from_fork_asm+0x1a/0x30 [ 25.049333] </TASK> [ 25.049352] [ 25.066182] Allocated by task 283: [ 25.066608] kasan_save_stack+0x45/0x70 [ 25.067082] kasan_save_track+0x18/0x40 [ 25.067645] kasan_save_alloc_info+0x3b/0x50 [ 25.068114] __kasan_kmalloc+0xb7/0xc0 [ 25.068659] __kmalloc_cache_noprof+0x189/0x420 [ 25.069201] kasan_atomics+0x95/0x310 [ 25.069696] kunit_try_run_case+0x1a5/0x480 [ 25.070201] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.070719] kthread+0x337/0x6f0 [ 25.071206] ret_from_fork+0x116/0x1d0 [ 25.071823] ret_from_fork_asm+0x1a/0x30 [ 25.072389] [ 25.072698] The buggy address belongs to the object at ffff8881039d9c80 [ 25.072698] which belongs to the cache kmalloc-64 of size 64 [ 25.073781] The buggy address is located 0 bytes to the right of [ 25.073781] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 25.074654] [ 25.074996] The buggy address belongs to the physical page: [ 25.075581] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 25.076547] flags: 0x200000000000000(node=0|zone=2) [ 25.076917] page_type: f5(slab) [ 25.077204] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.077899] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.078708] page dumped because: kasan: bad access detected [ 25.079239] [ 25.079454] Memory state around the buggy address: [ 25.080755] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.081653] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.082271] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.083021] ^ [ 25.083708] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.084229] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.085034] ================================================================== [ 24.698247] ================================================================== [ 24.699766] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 24.700461] Read of size 4 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 24.701021] [ 24.701352] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 24.701490] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.701553] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.701679] Call Trace: [ 24.701737] <TASK> [ 24.701797] dump_stack_lvl+0x73/0xb0 [ 24.701897] print_report+0xd1/0x650 [ 24.702181] ? __virt_addr_valid+0x1db/0x2d0 [ 24.702324] ? kasan_atomics_helper+0x4a36/0x5450 [ 24.702406] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.702489] ? kasan_atomics_helper+0x4a36/0x5450 [ 24.702590] kasan_report+0x141/0x180 [ 24.702671] ? kasan_atomics_helper+0x4a36/0x5450 [ 24.702758] __asan_report_load4_noabort+0x18/0x20 [ 24.702833] kasan_atomics_helper+0x4a36/0x5450 [ 24.702900] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.702961] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.703040] ? kasan_atomics+0x152/0x310 [ 24.703107] kasan_atomics+0x1dc/0x310 [ 24.703171] ? __pfx_kasan_atomics+0x10/0x10 [ 24.703241] ? __pfx_read_tsc+0x10/0x10 [ 24.703304] ? ktime_get_ts64+0x86/0x230 [ 24.703370] kunit_try_run_case+0x1a5/0x480 [ 24.703438] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.703522] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.703592] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.703664] ? __kthread_parkme+0x82/0x180 [ 24.703735] ? preempt_count_sub+0x50/0x80 [ 24.703807] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.703881] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.703945] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.703987] kthread+0x337/0x6f0 [ 24.704017] ? trace_preempt_on+0x20/0xc0 [ 24.704053] ? __pfx_kthread+0x10/0x10 [ 24.704082] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.704116] ? calculate_sigpending+0x7b/0xa0 [ 24.704153] ? __pfx_kthread+0x10/0x10 [ 24.704184] ret_from_fork+0x116/0x1d0 [ 24.704211] ? __pfx_kthread+0x10/0x10 [ 24.704291] ret_from_fork_asm+0x1a/0x30 [ 24.704345] </TASK> [ 24.704365] [ 24.719462] Allocated by task 283: [ 24.719958] kasan_save_stack+0x45/0x70 [ 24.720552] kasan_save_track+0x18/0x40 [ 24.720966] kasan_save_alloc_info+0x3b/0x50 [ 24.721399] __kasan_kmalloc+0xb7/0xc0 [ 24.721756] __kmalloc_cache_noprof+0x189/0x420 [ 24.722251] kasan_atomics+0x95/0x310 [ 24.722871] kunit_try_run_case+0x1a5/0x480 [ 24.723438] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.724013] kthread+0x337/0x6f0 [ 24.724490] ret_from_fork+0x116/0x1d0 [ 24.724846] ret_from_fork_asm+0x1a/0x30 [ 24.725252] [ 24.725527] The buggy address belongs to the object at ffff8881039d9c80 [ 24.725527] which belongs to the cache kmalloc-64 of size 64 [ 24.726560] The buggy address is located 0 bytes to the right of [ 24.726560] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 24.727455] [ 24.727750] The buggy address belongs to the physical page: [ 24.728288] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 24.728934] flags: 0x200000000000000(node=0|zone=2) [ 24.729433] page_type: f5(slab) [ 24.729870] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.730536] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.731232] page dumped because: kasan: bad access detected [ 24.731820] [ 24.732033] Memory state around the buggy address: [ 24.732384] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.732867] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.733329] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.734043] ^ [ 24.734679] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.735353] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.736361] ================================================================== [ 23.738797] ================================================================== [ 23.739453] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 23.740262] Write of size 4 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 23.741421] [ 23.742053] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 23.742222] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.742266] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.742388] Call Trace: [ 23.742473] <TASK> [ 23.742780] dump_stack_lvl+0x73/0xb0 [ 23.742920] print_report+0xd1/0x650 [ 23.743007] ? __virt_addr_valid+0x1db/0x2d0 [ 23.743176] ? kasan_atomics_helper+0x5fe/0x5450 [ 23.743305] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.743398] ? kasan_atomics_helper+0x5fe/0x5450 [ 23.743478] kasan_report+0x141/0x180 [ 23.743815] ? kasan_atomics_helper+0x5fe/0x5450 [ 23.744374] kasan_check_range+0x10c/0x1c0 [ 23.744510] __kasan_check_write+0x18/0x20 [ 23.744591] kasan_atomics_helper+0x5fe/0x5450 [ 23.744674] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.744751] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.744990] ? kasan_atomics+0x152/0x310 [ 23.745086] kasan_atomics+0x1dc/0x310 [ 23.745175] ? __pfx_kasan_atomics+0x10/0x10 [ 23.745418] ? __pfx_read_tsc+0x10/0x10 [ 23.745545] ? ktime_get_ts64+0x86/0x230 [ 23.745711] kunit_try_run_case+0x1a5/0x480 [ 23.745757] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.745795] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.745832] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.745871] ? __kthread_parkme+0x82/0x180 [ 23.745903] ? preempt_count_sub+0x50/0x80 [ 23.745939] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.745976] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.746012] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.746049] kthread+0x337/0x6f0 [ 23.746079] ? trace_preempt_on+0x20/0xc0 [ 23.746114] ? __pfx_kthread+0x10/0x10 [ 23.746145] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.746178] ? calculate_sigpending+0x7b/0xa0 [ 23.746214] ? __pfx_kthread+0x10/0x10 [ 23.746280] ret_from_fork+0x116/0x1d0 [ 23.746313] ? __pfx_kthread+0x10/0x10 [ 23.746344] ret_from_fork_asm+0x1a/0x30 [ 23.746389] </TASK> [ 23.746406] [ 23.769254] Allocated by task 283: [ 23.769583] kasan_save_stack+0x45/0x70 [ 23.770020] kasan_save_track+0x18/0x40 [ 23.770325] kasan_save_alloc_info+0x3b/0x50 [ 23.774742] __kasan_kmalloc+0xb7/0xc0 [ 23.775758] __kmalloc_cache_noprof+0x189/0x420 [ 23.776279] kasan_atomics+0x95/0x310 [ 23.776717] kunit_try_run_case+0x1a5/0x480 [ 23.777003] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.777334] kthread+0x337/0x6f0 [ 23.779470] ret_from_fork+0x116/0x1d0 [ 23.780445] ret_from_fork_asm+0x1a/0x30 [ 23.781413] [ 23.782186] The buggy address belongs to the object at ffff8881039d9c80 [ 23.782186] which belongs to the cache kmalloc-64 of size 64 [ 23.783393] The buggy address is located 0 bytes to the right of [ 23.783393] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 23.784480] [ 23.784822] The buggy address belongs to the physical page: [ 23.785437] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 23.786102] flags: 0x200000000000000(node=0|zone=2) [ 23.786693] page_type: f5(slab) [ 23.787186] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.787972] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.788606] page dumped because: kasan: bad access detected [ 23.789209] [ 23.789560] Memory state around the buggy address: [ 23.789980] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.790934] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.791482] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.793183] ^ [ 23.793940] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.794531] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.795322] ================================================================== [ 25.799618] ================================================================== [ 25.800680] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 25.801302] Read of size 8 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 25.801918] [ 25.802199] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 25.802340] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.802388] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.802462] Call Trace: [ 25.803310] <TASK> [ 25.803376] dump_stack_lvl+0x73/0xb0 [ 25.803477] print_report+0xd1/0x650 [ 25.803550] ? __virt_addr_valid+0x1db/0x2d0 [ 25.803591] ? kasan_atomics_helper+0x4f30/0x5450 [ 25.803627] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.803662] ? kasan_atomics_helper+0x4f30/0x5450 [ 25.803696] kasan_report+0x141/0x180 [ 25.803729] ? kasan_atomics_helper+0x4f30/0x5450 [ 25.803769] __asan_report_load8_noabort+0x18/0x20 [ 25.803808] kasan_atomics_helper+0x4f30/0x5450 [ 25.803842] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.803875] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.803922] ? kasan_atomics+0x152/0x310 [ 25.803961] kasan_atomics+0x1dc/0x310 [ 25.803997] ? __pfx_kasan_atomics+0x10/0x10 [ 25.804035] ? __pfx_read_tsc+0x10/0x10 [ 25.804068] ? ktime_get_ts64+0x86/0x230 [ 25.804106] kunit_try_run_case+0x1a5/0x480 [ 25.804147] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.804189] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.804271] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.804317] ? __kthread_parkme+0x82/0x180 [ 25.804352] ? preempt_count_sub+0x50/0x80 [ 25.804387] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.804427] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.804464] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.804524] kthread+0x337/0x6f0 [ 25.804560] ? trace_preempt_on+0x20/0xc0 [ 25.804597] ? __pfx_kthread+0x10/0x10 [ 25.804628] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.804663] ? calculate_sigpending+0x7b/0xa0 [ 25.804701] ? __pfx_kthread+0x10/0x10 [ 25.804733] ret_from_fork+0x116/0x1d0 [ 25.804761] ? __pfx_kthread+0x10/0x10 [ 25.804793] ret_from_fork_asm+0x1a/0x30 [ 25.804838] </TASK> [ 25.804856] [ 25.822069] Allocated by task 283: [ 25.822555] kasan_save_stack+0x45/0x70 [ 25.822929] kasan_save_track+0x18/0x40 [ 25.823383] kasan_save_alloc_info+0x3b/0x50 [ 25.823924] __kasan_kmalloc+0xb7/0xc0 [ 25.824400] __kmalloc_cache_noprof+0x189/0x420 [ 25.824931] kasan_atomics+0x95/0x310 [ 25.825299] kunit_try_run_case+0x1a5/0x480 [ 25.825718] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.826392] kthread+0x337/0x6f0 [ 25.826860] ret_from_fork+0x116/0x1d0 [ 25.827342] ret_from_fork_asm+0x1a/0x30 [ 25.827868] [ 25.828118] The buggy address belongs to the object at ffff8881039d9c80 [ 25.828118] which belongs to the cache kmalloc-64 of size 64 [ 25.829147] The buggy address is located 0 bytes to the right of [ 25.829147] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 25.830267] [ 25.830559] The buggy address belongs to the physical page: [ 25.831056] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 25.831811] flags: 0x200000000000000(node=0|zone=2) [ 25.832413] page_type: f5(slab) [ 25.832794] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.833545] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.834030] page dumped because: kasan: bad access detected [ 25.834587] [ 25.834839] Memory state around the buggy address: [ 25.835396] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.836071] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.836601] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.837177] ^ [ 25.837777] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.838646] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.839634] ================================================================== [ 25.842186] ================================================================== [ 25.842937] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 25.843698] Write of size 8 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 25.844343] [ 25.844705] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 25.844823] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.844863] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.844931] Call Trace: [ 25.844992] <TASK> [ 25.845052] dump_stack_lvl+0x73/0xb0 [ 25.845155] print_report+0xd1/0x650 [ 25.845292] ? __virt_addr_valid+0x1db/0x2d0 [ 25.845383] ? kasan_atomics_helper+0x1ce1/0x5450 [ 25.845464] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.845572] ? kasan_atomics_helper+0x1ce1/0x5450 [ 25.845670] kasan_report+0x141/0x180 [ 25.845756] ? kasan_atomics_helper+0x1ce1/0x5450 [ 25.845835] kasan_check_range+0x10c/0x1c0 [ 25.845919] __kasan_check_write+0x18/0x20 [ 25.845996] kasan_atomics_helper+0x1ce1/0x5450 [ 25.846075] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.846153] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.846300] ? kasan_atomics+0x152/0x310 [ 25.846398] kasan_atomics+0x1dc/0x310 [ 25.846478] ? __pfx_kasan_atomics+0x10/0x10 [ 25.846564] ? __pfx_read_tsc+0x10/0x10 [ 25.846603] ? ktime_get_ts64+0x86/0x230 [ 25.846640] kunit_try_run_case+0x1a5/0x480 [ 25.846681] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.846719] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.846756] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.846791] ? __kthread_parkme+0x82/0x180 [ 25.846823] ? preempt_count_sub+0x50/0x80 [ 25.846858] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.846895] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.846930] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.846966] kthread+0x337/0x6f0 [ 25.846995] ? trace_preempt_on+0x20/0xc0 [ 25.847030] ? __pfx_kthread+0x10/0x10 [ 25.847061] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.847093] ? calculate_sigpending+0x7b/0xa0 [ 25.847130] ? __pfx_kthread+0x10/0x10 [ 25.847160] ret_from_fork+0x116/0x1d0 [ 25.847188] ? __pfx_kthread+0x10/0x10 [ 25.847239] ret_from_fork_asm+0x1a/0x30 [ 25.847317] </TASK> [ 25.847337] [ 25.863936] Allocated by task 283: [ 25.864441] kasan_save_stack+0x45/0x70 [ 25.864923] kasan_save_track+0x18/0x40 [ 25.865383] kasan_save_alloc_info+0x3b/0x50 [ 25.865770] __kasan_kmalloc+0xb7/0xc0 [ 25.866106] __kmalloc_cache_noprof+0x189/0x420 [ 25.866593] kasan_atomics+0x95/0x310 [ 25.867031] kunit_try_run_case+0x1a5/0x480 [ 25.867655] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.868273] kthread+0x337/0x6f0 [ 25.868781] ret_from_fork+0x116/0x1d0 [ 25.869103] ret_from_fork_asm+0x1a/0x30 [ 25.869810] [ 25.870069] The buggy address belongs to the object at ffff8881039d9c80 [ 25.870069] which belongs to the cache kmalloc-64 of size 64 [ 25.872049] The buggy address is located 0 bytes to the right of [ 25.872049] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 25.874109] [ 25.875036] The buggy address belongs to the physical page: [ 25.875490] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 25.876267] flags: 0x200000000000000(node=0|zone=2) [ 25.876737] page_type: f5(slab) [ 25.877096] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.877802] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.878434] page dumped because: kasan: bad access detected [ 25.878934] [ 25.879170] Memory state around the buggy address: [ 25.879661] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.880314] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.880874] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.881419] ^ [ 25.881912] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.882559] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.883114] ================================================================== [ 23.686032] ================================================================== [ 23.686743] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 23.687371] Write of size 4 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 23.688050] [ 23.688347] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 23.688491] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.688550] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.688613] Call Trace: [ 23.688665] <TASK> [ 23.688723] dump_stack_lvl+0x73/0xb0 [ 23.688838] print_report+0xd1/0x650 [ 23.688924] ? __virt_addr_valid+0x1db/0x2d0 [ 23.689007] ? kasan_atomics_helper+0x565/0x5450 [ 23.689090] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.689169] ? kasan_atomics_helper+0x565/0x5450 [ 23.689249] kasan_report+0x141/0x180 [ 23.689345] ? kasan_atomics_helper+0x565/0x5450 [ 23.689440] kasan_check_range+0x10c/0x1c0 [ 23.689544] __kasan_check_write+0x18/0x20 [ 23.689631] kasan_atomics_helper+0x565/0x5450 [ 23.689717] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.689801] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.689883] ? kasan_atomics+0x152/0x310 [ 23.689956] kasan_atomics+0x1dc/0x310 [ 23.690036] ? __pfx_kasan_atomics+0x10/0x10 [ 23.690126] ? __pfx_read_tsc+0x10/0x10 [ 23.690215] ? ktime_get_ts64+0x86/0x230 [ 23.690316] kunit_try_run_case+0x1a5/0x480 [ 23.690411] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.690494] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.690595] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.690680] ? __kthread_parkme+0x82/0x180 [ 23.690755] ? preempt_count_sub+0x50/0x80 [ 23.690839] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.690927] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.690978] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.691018] kthread+0x337/0x6f0 [ 23.691049] ? trace_preempt_on+0x20/0xc0 [ 23.691086] ? __pfx_kthread+0x10/0x10 [ 23.691118] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.691150] ? calculate_sigpending+0x7b/0xa0 [ 23.691186] ? __pfx_kthread+0x10/0x10 [ 23.691219] ret_from_fork+0x116/0x1d0 [ 23.691279] ? __pfx_kthread+0x10/0x10 [ 23.691313] ret_from_fork_asm+0x1a/0x30 [ 23.691357] </TASK> [ 23.691375] [ 23.716062] Allocated by task 283: [ 23.716885] kasan_save_stack+0x45/0x70 [ 23.717256] kasan_save_track+0x18/0x40 [ 23.717733] kasan_save_alloc_info+0x3b/0x50 [ 23.718602] __kasan_kmalloc+0xb7/0xc0 [ 23.719336] __kmalloc_cache_noprof+0x189/0x420 [ 23.720004] kasan_atomics+0x95/0x310 [ 23.720587] kunit_try_run_case+0x1a5/0x480 [ 23.721217] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.721855] kthread+0x337/0x6f0 [ 23.722176] ret_from_fork+0x116/0x1d0 [ 23.723041] ret_from_fork_asm+0x1a/0x30 [ 23.723857] [ 23.724082] The buggy address belongs to the object at ffff8881039d9c80 [ 23.724082] which belongs to the cache kmalloc-64 of size 64 [ 23.724934] The buggy address is located 0 bytes to the right of [ 23.724934] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 23.727097] [ 23.727743] The buggy address belongs to the physical page: [ 23.728343] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 23.729460] flags: 0x200000000000000(node=0|zone=2) [ 23.729906] page_type: f5(slab) [ 23.730332] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.730970] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.731728] page dumped because: kasan: bad access detected [ 23.732546] [ 23.732880] Memory state around the buggy address: [ 23.733349] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.734162] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.734842] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.735323] ^ [ 23.735931] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.736698] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.737575] ================================================================== [ 24.872931] ================================================================== [ 24.873995] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 24.874871] Read of size 4 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 24.875935] [ 24.876142] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 24.876212] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.876582] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.876677] Call Trace: [ 24.876732] <TASK> [ 24.876787] dump_stack_lvl+0x73/0xb0 [ 24.876888] print_report+0xd1/0x650 [ 24.876971] ? __virt_addr_valid+0x1db/0x2d0 [ 24.877052] ? kasan_atomics_helper+0x4a02/0x5450 [ 24.877132] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.877215] ? kasan_atomics_helper+0x4a02/0x5450 [ 24.877318] kasan_report+0x141/0x180 [ 24.877355] ? kasan_atomics_helper+0x4a02/0x5450 [ 24.877396] __asan_report_load4_noabort+0x18/0x20 [ 24.877434] kasan_atomics_helper+0x4a02/0x5450 [ 24.877467] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.877524] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.877574] ? kasan_atomics+0x152/0x310 [ 24.877629] kasan_atomics+0x1dc/0x310 [ 24.877667] ? __pfx_kasan_atomics+0x10/0x10 [ 24.877704] ? __pfx_read_tsc+0x10/0x10 [ 24.877737] ? ktime_get_ts64+0x86/0x230 [ 24.877776] kunit_try_run_case+0x1a5/0x480 [ 24.877816] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.877852] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.877888] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.877923] ? __kthread_parkme+0x82/0x180 [ 24.877954] ? preempt_count_sub+0x50/0x80 [ 24.877988] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.878026] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.878060] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.878096] kthread+0x337/0x6f0 [ 24.878125] ? trace_preempt_on+0x20/0xc0 [ 24.878159] ? __pfx_kthread+0x10/0x10 [ 24.878189] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.878229] ? calculate_sigpending+0x7b/0xa0 [ 24.878294] ? __pfx_kthread+0x10/0x10 [ 24.878327] ret_from_fork+0x116/0x1d0 [ 24.878356] ? __pfx_kthread+0x10/0x10 [ 24.878385] ret_from_fork_asm+0x1a/0x30 [ 24.878429] </TASK> [ 24.878445] [ 24.898064] Allocated by task 283: [ 24.898359] kasan_save_stack+0x45/0x70 [ 24.899307] kasan_save_track+0x18/0x40 [ 24.899870] kasan_save_alloc_info+0x3b/0x50 [ 24.900547] __kasan_kmalloc+0xb7/0xc0 [ 24.900921] __kmalloc_cache_noprof+0x189/0x420 [ 24.901570] kasan_atomics+0x95/0x310 [ 24.902017] kunit_try_run_case+0x1a5/0x480 [ 24.902454] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.903182] kthread+0x337/0x6f0 [ 24.903589] ret_from_fork+0x116/0x1d0 [ 24.904012] ret_from_fork_asm+0x1a/0x30 [ 24.904412] [ 24.904762] The buggy address belongs to the object at ffff8881039d9c80 [ 24.904762] which belongs to the cache kmalloc-64 of size 64 [ 24.905778] The buggy address is located 0 bytes to the right of [ 24.905778] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 24.906825] [ 24.907089] The buggy address belongs to the physical page: [ 24.907711] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 24.908521] flags: 0x200000000000000(node=0|zone=2) [ 24.908965] page_type: f5(slab) [ 24.909520] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.910165] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.910912] page dumped because: kasan: bad access detected [ 24.911510] [ 24.911742] Memory state around the buggy address: [ 24.912410] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.912954] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.913790] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.914349] ^ [ 24.914896] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.915611] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.916281] ================================================================== [ 24.021383] ================================================================== [ 24.021879] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 24.023494] Write of size 4 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 24.024249] [ 24.025216] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 24.025368] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.025412] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.025482] Call Trace: [ 24.025564] <TASK> [ 24.025639] dump_stack_lvl+0x73/0xb0 [ 24.025765] print_report+0xd1/0x650 [ 24.025852] ? __virt_addr_valid+0x1db/0x2d0 [ 24.025932] ? kasan_atomics_helper+0x8f9/0x5450 [ 24.026007] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.026084] ? kasan_atomics_helper+0x8f9/0x5450 [ 24.026121] kasan_report+0x141/0x180 [ 24.026158] ? kasan_atomics_helper+0x8f9/0x5450 [ 24.026197] kasan_check_range+0x10c/0x1c0 [ 24.026251] __kasan_check_write+0x18/0x20 [ 24.026298] kasan_atomics_helper+0x8f9/0x5450 [ 24.026333] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.026365] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.026412] ? kasan_atomics+0x152/0x310 [ 24.026451] kasan_atomics+0x1dc/0x310 [ 24.026484] ? __pfx_kasan_atomics+0x10/0x10 [ 24.026568] ? __pfx_read_tsc+0x10/0x10 [ 24.026651] ? ktime_get_ts64+0x86/0x230 [ 24.026721] kunit_try_run_case+0x1a5/0x480 [ 24.026792] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.026857] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.026923] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.026988] ? __kthread_parkme+0x82/0x180 [ 24.027049] ? preempt_count_sub+0x50/0x80 [ 24.027112] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.027186] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.027262] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.027321] kthread+0x337/0x6f0 [ 24.027353] ? trace_preempt_on+0x20/0xc0 [ 24.027389] ? __pfx_kthread+0x10/0x10 [ 24.027420] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.027454] ? calculate_sigpending+0x7b/0xa0 [ 24.027489] ? __pfx_kthread+0x10/0x10 [ 24.027600] ret_from_fork+0x116/0x1d0 [ 24.027677] ? __pfx_kthread+0x10/0x10 [ 24.027723] ret_from_fork_asm+0x1a/0x30 [ 24.027769] </TASK> [ 24.027787] [ 24.059304] Allocated by task 283: [ 24.059685] kasan_save_stack+0x45/0x70 [ 24.060120] kasan_save_track+0x18/0x40 [ 24.060705] kasan_save_alloc_info+0x3b/0x50 [ 24.061285] __kasan_kmalloc+0xb7/0xc0 [ 24.061726] __kmalloc_cache_noprof+0x189/0x420 [ 24.062331] kasan_atomics+0x95/0x310 [ 24.063556] kunit_try_run_case+0x1a5/0x480 [ 24.063985] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.064479] kthread+0x337/0x6f0 [ 24.064861] ret_from_fork+0x116/0x1d0 [ 24.065456] ret_from_fork_asm+0x1a/0x30 [ 24.065985] [ 24.066231] The buggy address belongs to the object at ffff8881039d9c80 [ 24.066231] which belongs to the cache kmalloc-64 of size 64 [ 24.067142] The buggy address is located 0 bytes to the right of [ 24.067142] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 24.068528] [ 24.068794] The buggy address belongs to the physical page: [ 24.069288] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 24.069948] flags: 0x200000000000000(node=0|zone=2) [ 24.070474] page_type: f5(slab) [ 24.070833] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.071452] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.073285] page dumped because: kasan: bad access detected [ 24.074006] [ 24.074221] Memory state around the buggy address: [ 24.074855] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.075404] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.076908] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.077587] ^ [ 24.078014] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.078629] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.079229] ================================================================== [ 24.081120] ================================================================== [ 24.081917] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 24.083286] Write of size 4 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 24.084876] [ 24.085364] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 24.085529] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.085572] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.085659] Call Trace: [ 24.085716] <TASK> [ 24.085772] dump_stack_lvl+0x73/0xb0 [ 24.085939] print_report+0xd1/0x650 [ 24.085999] ? __virt_addr_valid+0x1db/0x2d0 [ 24.086036] ? kasan_atomics_helper+0x992/0x5450 [ 24.086070] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.086104] ? kasan_atomics_helper+0x992/0x5450 [ 24.086135] kasan_report+0x141/0x180 [ 24.086168] ? kasan_atomics_helper+0x992/0x5450 [ 24.086206] kasan_check_range+0x10c/0x1c0 [ 24.086284] __kasan_check_write+0x18/0x20 [ 24.086316] kasan_atomics_helper+0x992/0x5450 [ 24.086350] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.086383] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.086428] ? kasan_atomics+0x152/0x310 [ 24.086467] kasan_atomics+0x1dc/0x310 [ 24.086526] ? __pfx_kasan_atomics+0x10/0x10 [ 24.086643] ? __pfx_read_tsc+0x10/0x10 [ 24.086701] ? ktime_get_ts64+0x86/0x230 [ 24.086740] kunit_try_run_case+0x1a5/0x480 [ 24.086782] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.086818] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.086854] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.086889] ? __kthread_parkme+0x82/0x180 [ 24.086921] ? preempt_count_sub+0x50/0x80 [ 24.086954] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.086990] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.087025] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.087062] kthread+0x337/0x6f0 [ 24.087090] ? trace_preempt_on+0x20/0xc0 [ 24.087125] ? __pfx_kthread+0x10/0x10 [ 24.087156] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.087187] ? calculate_sigpending+0x7b/0xa0 [ 24.087222] ? __pfx_kthread+0x10/0x10 [ 24.087285] ret_from_fork+0x116/0x1d0 [ 24.087315] ? __pfx_kthread+0x10/0x10 [ 24.087347] ret_from_fork_asm+0x1a/0x30 [ 24.087390] </TASK> [ 24.087407] [ 24.109177] Allocated by task 283: [ 24.109754] kasan_save_stack+0x45/0x70 [ 24.110289] kasan_save_track+0x18/0x40 [ 24.110869] kasan_save_alloc_info+0x3b/0x50 [ 24.111171] __kasan_kmalloc+0xb7/0xc0 [ 24.111490] __kmalloc_cache_noprof+0x189/0x420 [ 24.112054] kasan_atomics+0x95/0x310 [ 24.112533] kunit_try_run_case+0x1a5/0x480 [ 24.112990] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.113588] kthread+0x337/0x6f0 [ 24.113983] ret_from_fork+0x116/0x1d0 [ 24.114582] ret_from_fork_asm+0x1a/0x30 [ 24.115031] [ 24.115415] The buggy address belongs to the object at ffff8881039d9c80 [ 24.115415] which belongs to the cache kmalloc-64 of size 64 [ 24.116274] The buggy address is located 0 bytes to the right of [ 24.116274] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 24.117235] [ 24.117492] The buggy address belongs to the physical page: [ 24.118404] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 24.120074] flags: 0x200000000000000(node=0|zone=2) [ 24.120830] page_type: f5(slab) [ 24.121269] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.122413] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.123959] page dumped because: kasan: bad access detected [ 24.124949] [ 24.125382] Memory state around the buggy address: [ 24.126478] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.128385] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.128888] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.129439] ^ [ 24.130689] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.131107] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.132162] ================================================================== [ 24.133314] ================================================================== [ 24.133925] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 24.135183] Write of size 4 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 24.136641] [ 24.137021] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 24.137149] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.137186] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.137255] Call Trace: [ 24.137313] <TASK> [ 24.137980] dump_stack_lvl+0x73/0xb0 [ 24.138109] print_report+0xd1/0x650 [ 24.138194] ? __virt_addr_valid+0x1db/0x2d0 [ 24.138282] ? kasan_atomics_helper+0xa2b/0x5450 [ 24.138360] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.138441] ? kasan_atomics_helper+0xa2b/0x5450 [ 24.138546] kasan_report+0x141/0x180 [ 24.138691] ? kasan_atomics_helper+0xa2b/0x5450 [ 24.138749] kasan_check_range+0x10c/0x1c0 [ 24.138786] __kasan_check_write+0x18/0x20 [ 24.138818] kasan_atomics_helper+0xa2b/0x5450 [ 24.138852] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.138885] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.138930] ? kasan_atomics+0x152/0x310 [ 24.138969] kasan_atomics+0x1dc/0x310 [ 24.139003] ? __pfx_kasan_atomics+0x10/0x10 [ 24.139039] ? __pfx_read_tsc+0x10/0x10 [ 24.139071] ? ktime_get_ts64+0x86/0x230 [ 24.139107] kunit_try_run_case+0x1a5/0x480 [ 24.139146] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.139182] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.139220] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.139289] ? __kthread_parkme+0x82/0x180 [ 24.139323] ? preempt_count_sub+0x50/0x80 [ 24.139358] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.139396] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.139431] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.139468] kthread+0x337/0x6f0 [ 24.139521] ? trace_preempt_on+0x20/0xc0 [ 24.139604] ? __pfx_kthread+0x10/0x10 [ 24.139683] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.139755] ? calculate_sigpending+0x7b/0xa0 [ 24.139794] ? __pfx_kthread+0x10/0x10 [ 24.139827] ret_from_fork+0x116/0x1d0 [ 24.139856] ? __pfx_kthread+0x10/0x10 [ 24.139887] ret_from_fork_asm+0x1a/0x30 [ 24.139930] </TASK> [ 24.139946] [ 24.162462] Allocated by task 283: [ 24.163073] kasan_save_stack+0x45/0x70 [ 24.163634] kasan_save_track+0x18/0x40 [ 24.164270] kasan_save_alloc_info+0x3b/0x50 [ 24.164776] __kasan_kmalloc+0xb7/0xc0 [ 24.165775] __kmalloc_cache_noprof+0x189/0x420 [ 24.166279] kasan_atomics+0x95/0x310 [ 24.167082] kunit_try_run_case+0x1a5/0x480 [ 24.167883] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.168357] kthread+0x337/0x6f0 [ 24.169097] ret_from_fork+0x116/0x1d0 [ 24.170320] ret_from_fork_asm+0x1a/0x30 [ 24.170731] [ 24.170990] The buggy address belongs to the object at ffff8881039d9c80 [ 24.170990] which belongs to the cache kmalloc-64 of size 64 [ 24.172646] The buggy address is located 0 bytes to the right of [ 24.172646] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 24.173775] [ 24.174023] The buggy address belongs to the physical page: [ 24.175065] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 24.175756] flags: 0x200000000000000(node=0|zone=2) [ 24.176094] page_type: f5(slab) [ 24.177276] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.178697] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.179991] page dumped because: kasan: bad access detected [ 24.180584] [ 24.181067] Memory state around the buggy address: [ 24.181716] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.182342] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.182887] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.183408] ^ [ 24.184691] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.186167] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.187472] ================================================================== [ 26.374675] ================================================================== [ 26.375302] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 26.375957] Write of size 8 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 26.376622] [ 26.376906] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 26.377038] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.377082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.377148] Call Trace: [ 26.377207] <TASK> [ 26.378195] dump_stack_lvl+0x73/0xb0 [ 26.378313] print_report+0xd1/0x650 [ 26.378398] ? __virt_addr_valid+0x1db/0x2d0 [ 26.378531] ? kasan_atomics_helper+0x224c/0x5450 [ 26.378599] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.378673] ? kasan_atomics_helper+0x224c/0x5450 [ 26.378738] kasan_report+0x141/0x180 [ 26.378801] ? kasan_atomics_helper+0x224c/0x5450 [ 26.378875] kasan_check_range+0x10c/0x1c0 [ 26.378917] __kasan_check_write+0x18/0x20 [ 26.378948] kasan_atomics_helper+0x224c/0x5450 [ 26.378984] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.379018] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.379064] ? kasan_atomics+0x152/0x310 [ 26.379103] kasan_atomics+0x1dc/0x310 [ 26.379138] ? __pfx_kasan_atomics+0x10/0x10 [ 26.379176] ? __pfx_read_tsc+0x10/0x10 [ 26.379209] ? ktime_get_ts64+0x86/0x230 [ 26.379293] kunit_try_run_case+0x1a5/0x480 [ 26.379339] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.379377] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.379415] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.379450] ? __kthread_parkme+0x82/0x180 [ 26.379481] ? preempt_count_sub+0x50/0x80 [ 26.379544] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.379586] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.379622] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.379659] kthread+0x337/0x6f0 [ 26.379689] ? trace_preempt_on+0x20/0xc0 [ 26.379725] ? __pfx_kthread+0x10/0x10 [ 26.379756] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.379791] ? calculate_sigpending+0x7b/0xa0 [ 26.379828] ? __pfx_kthread+0x10/0x10 [ 26.379860] ret_from_fork+0x116/0x1d0 [ 26.379888] ? __pfx_kthread+0x10/0x10 [ 26.379918] ret_from_fork_asm+0x1a/0x30 [ 26.379964] </TASK> [ 26.379981] [ 26.394862] Allocated by task 283: [ 26.395218] kasan_save_stack+0x45/0x70 [ 26.395685] kasan_save_track+0x18/0x40 [ 26.396169] kasan_save_alloc_info+0x3b/0x50 [ 26.396710] __kasan_kmalloc+0xb7/0xc0 [ 26.397180] __kmalloc_cache_noprof+0x189/0x420 [ 26.397749] kasan_atomics+0x95/0x310 [ 26.399065] kunit_try_run_case+0x1a5/0x480 [ 26.400839] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.401698] kthread+0x337/0x6f0 [ 26.402007] ret_from_fork+0x116/0x1d0 [ 26.403051] ret_from_fork_asm+0x1a/0x30 [ 26.403877] [ 26.404293] The buggy address belongs to the object at ffff8881039d9c80 [ 26.404293] which belongs to the cache kmalloc-64 of size 64 [ 26.406483] The buggy address is located 0 bytes to the right of [ 26.406483] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 26.407960] [ 26.408388] The buggy address belongs to the physical page: [ 26.408846] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 26.409449] flags: 0x200000000000000(node=0|zone=2) [ 26.410216] page_type: f5(slab) [ 26.410568] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.411058] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.411774] page dumped because: kasan: bad access detected [ 26.412428] [ 26.412653] Memory state around the buggy address: [ 26.413114] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.413743] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.414297] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.414872] ^ [ 26.415257] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.415896] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.416460] ================================================================== [ 23.294465] ================================================================== [ 23.296009] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 23.296916] Write of size 4 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 23.297873] [ 23.298184] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 23.298350] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.298392] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.298451] Call Trace: [ 23.298494] <TASK> [ 23.299094] dump_stack_lvl+0x73/0xb0 [ 23.299197] print_report+0xd1/0x650 [ 23.299322] ? __virt_addr_valid+0x1db/0x2d0 [ 23.299399] ? kasan_atomics_helper+0x4ba2/0x5450 [ 23.299471] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.299757] ? kasan_atomics_helper+0x4ba2/0x5450 [ 23.299832] kasan_report+0x141/0x180 [ 23.299910] ? kasan_atomics_helper+0x4ba2/0x5450 [ 23.299997] __asan_report_store4_noabort+0x1b/0x30 [ 23.300072] kasan_atomics_helper+0x4ba2/0x5450 [ 23.300153] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.300272] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.300374] ? kasan_atomics+0x152/0x310 [ 23.300460] kasan_atomics+0x1dc/0x310 [ 23.300674] ? __pfx_kasan_atomics+0x10/0x10 [ 23.300763] ? __pfx_read_tsc+0x10/0x10 [ 23.300835] ? ktime_get_ts64+0x86/0x230 [ 23.300913] kunit_try_run_case+0x1a5/0x480 [ 23.300998] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.301071] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.301149] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.301265] ? __kthread_parkme+0x82/0x180 [ 23.301342] ? preempt_count_sub+0x50/0x80 [ 23.301421] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.301520] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.301837] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.301887] kthread+0x337/0x6f0 [ 23.301916] ? trace_preempt_on+0x20/0xc0 [ 23.301950] ? __pfx_kthread+0x10/0x10 [ 23.301981] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.302011] ? calculate_sigpending+0x7b/0xa0 [ 23.302046] ? __pfx_kthread+0x10/0x10 [ 23.302076] ret_from_fork+0x116/0x1d0 [ 23.302102] ? __pfx_kthread+0x10/0x10 [ 23.302130] ret_from_fork_asm+0x1a/0x30 [ 23.302170] </TASK> [ 23.302186] [ 23.326947] Allocated by task 283: [ 23.327267] kasan_save_stack+0x45/0x70 [ 23.327611] kasan_save_track+0x18/0x40 [ 23.328279] kasan_save_alloc_info+0x3b/0x50 [ 23.329018] __kasan_kmalloc+0xb7/0xc0 [ 23.330010] __kmalloc_cache_noprof+0x189/0x420 [ 23.330929] kasan_atomics+0x95/0x310 [ 23.331555] kunit_try_run_case+0x1a5/0x480 [ 23.332223] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.333123] kthread+0x337/0x6f0 [ 23.333854] ret_from_fork+0x116/0x1d0 [ 23.334127] ret_from_fork_asm+0x1a/0x30 [ 23.334671] [ 23.335333] The buggy address belongs to the object at ffff8881039d9c80 [ 23.335333] which belongs to the cache kmalloc-64 of size 64 [ 23.336344] The buggy address is located 0 bytes to the right of [ 23.336344] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 23.337998] [ 23.338167] The buggy address belongs to the physical page: [ 23.339524] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 23.340569] flags: 0x200000000000000(node=0|zone=2) [ 23.341043] page_type: f5(slab) [ 23.341372] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.342523] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.343428] page dumped because: kasan: bad access detected [ 23.344158] [ 23.344652] Memory state around the buggy address: [ 23.345135] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.346107] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.347150] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.348160] ^ [ 23.348755] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.349411] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.350438] ================================================================== [ 25.262341] ================================================================== [ 25.263701] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 25.264409] Write of size 8 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 25.265417] [ 25.265918] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 25.266056] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.266098] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.266167] Call Trace: [ 25.266267] <TASK> [ 25.266311] dump_stack_lvl+0x73/0xb0 [ 25.266363] print_report+0xd1/0x650 [ 25.266398] ? __virt_addr_valid+0x1db/0x2d0 [ 25.266434] ? kasan_atomics_helper+0x151d/0x5450 [ 25.266467] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.266530] ? kasan_atomics_helper+0x151d/0x5450 [ 25.266568] kasan_report+0x141/0x180 [ 25.266603] ? kasan_atomics_helper+0x151d/0x5450 [ 25.266640] kasan_check_range+0x10c/0x1c0 [ 25.266675] __kasan_check_write+0x18/0x20 [ 25.266704] kasan_atomics_helper+0x151d/0x5450 [ 25.266737] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.266771] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.266815] ? kasan_atomics+0x152/0x310 [ 25.266854] kasan_atomics+0x1dc/0x310 [ 25.266887] ? __pfx_kasan_atomics+0x10/0x10 [ 25.266924] ? __pfx_read_tsc+0x10/0x10 [ 25.266957] ? ktime_get_ts64+0x86/0x230 [ 25.266992] kunit_try_run_case+0x1a5/0x480 [ 25.267032] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.267067] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.267102] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.267138] ? __kthread_parkme+0x82/0x180 [ 25.267169] ? preempt_count_sub+0x50/0x80 [ 25.267201] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.267288] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.267330] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.267368] kthread+0x337/0x6f0 [ 25.267398] ? trace_preempt_on+0x20/0xc0 [ 25.267434] ? __pfx_kthread+0x10/0x10 [ 25.267465] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.267523] ? calculate_sigpending+0x7b/0xa0 [ 25.267565] ? __pfx_kthread+0x10/0x10 [ 25.267598] ret_from_fork+0x116/0x1d0 [ 25.267626] ? __pfx_kthread+0x10/0x10 [ 25.267657] ret_from_fork_asm+0x1a/0x30 [ 25.267701] </TASK> [ 25.267717] [ 25.284948] Allocated by task 283: [ 25.285457] kasan_save_stack+0x45/0x70 [ 25.286017] kasan_save_track+0x18/0x40 [ 25.286527] kasan_save_alloc_info+0x3b/0x50 [ 25.286873] __kasan_kmalloc+0xb7/0xc0 [ 25.287279] __kmalloc_cache_noprof+0x189/0x420 [ 25.287958] kasan_atomics+0x95/0x310 [ 25.288560] kunit_try_run_case+0x1a5/0x480 [ 25.289068] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.289753] kthread+0x337/0x6f0 [ 25.290201] ret_from_fork+0x116/0x1d0 [ 25.290746] ret_from_fork_asm+0x1a/0x30 [ 25.291278] [ 25.291601] The buggy address belongs to the object at ffff8881039d9c80 [ 25.291601] which belongs to the cache kmalloc-64 of size 64 [ 25.292535] The buggy address is located 0 bytes to the right of [ 25.292535] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 25.293877] [ 25.294093] The buggy address belongs to the physical page: [ 25.294751] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 25.295602] flags: 0x200000000000000(node=0|zone=2) [ 25.296112] page_type: f5(slab) [ 25.296683] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.297441] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.298155] page dumped because: kasan: bad access detected [ 25.299741] [ 25.300136] Memory state around the buggy address: [ 25.300711] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.301366] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.301918] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.302799] ^ [ 25.303518] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.304043] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.304827] ================================================================== [ 24.189383] ================================================================== [ 24.190731] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 24.191786] Write of size 4 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 24.192692] [ 24.193155] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 24.193322] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.193367] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.193437] Call Trace: [ 24.193509] <TASK> [ 24.193567] dump_stack_lvl+0x73/0xb0 [ 24.193726] print_report+0xd1/0x650 [ 24.193807] ? __virt_addr_valid+0x1db/0x2d0 [ 24.193887] ? kasan_atomics_helper+0xac7/0x5450 [ 24.193961] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.194540] ? kasan_atomics_helper+0xac7/0x5450 [ 24.194632] kasan_report+0x141/0x180 [ 24.194685] ? kasan_atomics_helper+0xac7/0x5450 [ 24.194728] kasan_check_range+0x10c/0x1c0 [ 24.194766] __kasan_check_write+0x18/0x20 [ 24.194796] kasan_atomics_helper+0xac7/0x5450 [ 24.194829] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.194864] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.194911] ? kasan_atomics+0x152/0x310 [ 24.194950] kasan_atomics+0x1dc/0x310 [ 24.194983] ? __pfx_kasan_atomics+0x10/0x10 [ 24.195019] ? __pfx_read_tsc+0x10/0x10 [ 24.195052] ? ktime_get_ts64+0x86/0x230 [ 24.195088] kunit_try_run_case+0x1a5/0x480 [ 24.195128] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.195165] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.195201] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.195252] ? __kthread_parkme+0x82/0x180 [ 24.195319] ? preempt_count_sub+0x50/0x80 [ 24.195385] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.195457] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.195553] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.195634] kthread+0x337/0x6f0 [ 24.195703] ? trace_preempt_on+0x20/0xc0 [ 24.195759] ? __pfx_kthread+0x10/0x10 [ 24.195791] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.195825] ? calculate_sigpending+0x7b/0xa0 [ 24.195860] ? __pfx_kthread+0x10/0x10 [ 24.195891] ret_from_fork+0x116/0x1d0 [ 24.195917] ? __pfx_kthread+0x10/0x10 [ 24.195947] ret_from_fork_asm+0x1a/0x30 [ 24.195991] </TASK> [ 24.196008] [ 24.219290] Allocated by task 283: [ 24.220425] kasan_save_stack+0x45/0x70 [ 24.221172] kasan_save_track+0x18/0x40 [ 24.221813] kasan_save_alloc_info+0x3b/0x50 [ 24.222266] __kasan_kmalloc+0xb7/0xc0 [ 24.222929] __kmalloc_cache_noprof+0x189/0x420 [ 24.223405] kasan_atomics+0x95/0x310 [ 24.223812] kunit_try_run_case+0x1a5/0x480 [ 24.224187] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.224741] kthread+0x337/0x6f0 [ 24.225138] ret_from_fork+0x116/0x1d0 [ 24.227095] ret_from_fork_asm+0x1a/0x30 [ 24.227680] [ 24.227935] The buggy address belongs to the object at ffff8881039d9c80 [ 24.227935] which belongs to the cache kmalloc-64 of size 64 [ 24.229456] The buggy address is located 0 bytes to the right of [ 24.229456] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 24.230883] [ 24.231147] The buggy address belongs to the physical page: [ 24.231852] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 24.232530] flags: 0x200000000000000(node=0|zone=2) [ 24.233688] page_type: f5(slab) [ 24.234126] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.234716] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.235768] page dumped because: kasan: bad access detected [ 24.236255] [ 24.236478] Memory state around the buggy address: [ 24.237736] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.238379] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.239189] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.239955] ^ [ 24.240450] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.241742] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.242309] ================================================================== [ 26.286216] ================================================================== [ 26.286926] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 26.287439] Write of size 8 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 26.288445] [ 26.288748] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 26.288880] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.288923] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.288992] Call Trace: [ 26.289049] <TASK> [ 26.289105] dump_stack_lvl+0x73/0xb0 [ 26.289202] print_report+0xd1/0x650 [ 26.289283] ? __virt_addr_valid+0x1db/0x2d0 [ 26.289371] ? kasan_atomics_helper+0x218a/0x5450 [ 26.289448] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.289551] ? kasan_atomics_helper+0x218a/0x5450 [ 26.289655] kasan_report+0x141/0x180 [ 26.289735] ? kasan_atomics_helper+0x218a/0x5450 [ 26.289825] kasan_check_range+0x10c/0x1c0 [ 26.289911] __kasan_check_write+0x18/0x20 [ 26.289983] kasan_atomics_helper+0x218a/0x5450 [ 26.290063] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.290140] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.290240] ? kasan_atomics+0x152/0x310 [ 26.290330] kasan_atomics+0x1dc/0x310 [ 26.290407] ? __pfx_kasan_atomics+0x10/0x10 [ 26.290491] ? __pfx_read_tsc+0x10/0x10 [ 26.290596] ? ktime_get_ts64+0x86/0x230 [ 26.290678] kunit_try_run_case+0x1a5/0x480 [ 26.290768] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.290850] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.290930] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.291012] ? __kthread_parkme+0x82/0x180 [ 26.291090] ? preempt_count_sub+0x50/0x80 [ 26.291174] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.291260] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.291342] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.291443] kthread+0x337/0x6f0 [ 26.291517] ? trace_preempt_on+0x20/0xc0 [ 26.291597] ? __pfx_kthread+0x10/0x10 [ 26.291674] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.291754] ? calculate_sigpending+0x7b/0xa0 [ 26.291843] ? __pfx_kthread+0x10/0x10 [ 26.291924] ret_from_fork+0x116/0x1d0 [ 26.291995] ? __pfx_kthread+0x10/0x10 [ 26.292072] ret_from_fork_asm+0x1a/0x30 [ 26.292170] </TASK> [ 26.292214] [ 26.307464] Allocated by task 283: [ 26.307835] kasan_save_stack+0x45/0x70 [ 26.308200] kasan_save_track+0x18/0x40 [ 26.308578] kasan_save_alloc_info+0x3b/0x50 [ 26.309003] __kasan_kmalloc+0xb7/0xc0 [ 26.309470] __kmalloc_cache_noprof+0x189/0x420 [ 26.309995] kasan_atomics+0x95/0x310 [ 26.310549] kunit_try_run_case+0x1a5/0x480 [ 26.310934] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.311454] kthread+0x337/0x6f0 [ 26.311818] ret_from_fork+0x116/0x1d0 [ 26.312133] ret_from_fork_asm+0x1a/0x30 [ 26.312713] [ 26.312964] The buggy address belongs to the object at ffff8881039d9c80 [ 26.312964] which belongs to the cache kmalloc-64 of size 64 [ 26.314075] The buggy address is located 0 bytes to the right of [ 26.314075] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 26.315313] [ 26.315532] The buggy address belongs to the physical page: [ 26.315906] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 26.316413] flags: 0x200000000000000(node=0|zone=2) [ 26.316898] page_type: f5(slab) [ 26.317267] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.318197] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.319140] page dumped because: kasan: bad access detected [ 26.319975] [ 26.320182] Memory state around the buggy address: [ 26.320588] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.321034] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.321481] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.322119] ^ [ 26.322595] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.323242] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.323902] ================================================================== [ 25.306490] ================================================================== [ 25.308305] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 25.308958] Write of size 8 at addr ffff8881039d9cb0 by task kunit_try_catch/283 [ 25.309959] [ 25.310202] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 25.310336] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.310405] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.310472] Call Trace: [ 25.310549] <TASK> [ 25.310606] dump_stack_lvl+0x73/0xb0 [ 25.310737] print_report+0xd1/0x650 [ 25.310829] ? __virt_addr_valid+0x1db/0x2d0 [ 25.310914] ? kasan_atomics_helper+0x15b6/0x5450 [ 25.310986] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.311025] ? kasan_atomics_helper+0x15b6/0x5450 [ 25.311057] kasan_report+0x141/0x180 [ 25.311091] ? kasan_atomics_helper+0x15b6/0x5450 [ 25.311129] kasan_check_range+0x10c/0x1c0 [ 25.311164] __kasan_check_write+0x18/0x20 [ 25.311193] kasan_atomics_helper+0x15b6/0x5450 [ 25.311236] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.311315] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.311364] ? kasan_atomics+0x152/0x310 [ 25.311404] kasan_atomics+0x1dc/0x310 [ 25.311439] ? __pfx_kasan_atomics+0x10/0x10 [ 25.311477] ? __pfx_read_tsc+0x10/0x10 [ 25.311537] ? ktime_get_ts64+0x86/0x230 [ 25.311576] kunit_try_run_case+0x1a5/0x480 [ 25.311618] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.311655] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.311690] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.311724] ? __kthread_parkme+0x82/0x180 [ 25.311755] ? preempt_count_sub+0x50/0x80 [ 25.311789] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.311828] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.311862] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.311898] kthread+0x337/0x6f0 [ 25.311927] ? trace_preempt_on+0x20/0xc0 [ 25.311963] ? __pfx_kthread+0x10/0x10 [ 25.311994] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.312027] ? calculate_sigpending+0x7b/0xa0 [ 25.312066] ? __pfx_kthread+0x10/0x10 [ 25.312097] ret_from_fork+0x116/0x1d0 [ 25.312124] ? __pfx_kthread+0x10/0x10 [ 25.312154] ret_from_fork_asm+0x1a/0x30 [ 25.312199] </TASK> [ 25.312214] [ 25.331127] Allocated by task 283: [ 25.331662] kasan_save_stack+0x45/0x70 [ 25.332293] kasan_save_track+0x18/0x40 [ 25.332776] kasan_save_alloc_info+0x3b/0x50 [ 25.333343] __kasan_kmalloc+0xb7/0xc0 [ 25.333840] __kmalloc_cache_noprof+0x189/0x420 [ 25.334432] kasan_atomics+0x95/0x310 [ 25.334924] kunit_try_run_case+0x1a5/0x480 [ 25.335614] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.336204] kthread+0x337/0x6f0 [ 25.336776] ret_from_fork+0x116/0x1d0 [ 25.337203] ret_from_fork_asm+0x1a/0x30 [ 25.337767] [ 25.338084] The buggy address belongs to the object at ffff8881039d9c80 [ 25.338084] which belongs to the cache kmalloc-64 of size 64 [ 25.339025] The buggy address is located 0 bytes to the right of [ 25.339025] allocated 48-byte region [ffff8881039d9c80, ffff8881039d9cb0) [ 25.340202] [ 25.340481] The buggy address belongs to the physical page: [ 25.341030] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d9 [ 25.341771] flags: 0x200000000000000(node=0|zone=2) [ 25.342139] page_type: f5(slab) [ 25.342463] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.343287] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.344148] page dumped because: kasan: bad access detected [ 25.344814] [ 25.345036] Memory state around the buggy address: [ 25.345538] ffff8881039d9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.346301] ffff8881039d9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.347097] >ffff8881039d9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.347778] ^ [ 25.348335] ffff8881039d9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.349061] ffff8881039d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.349861] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 23.073944] ================================================================== [ 23.074791] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 23.075585] Write of size 8 at addr ffff8881023e2408 by task kunit_try_catch/279 [ 23.076840] [ 23.077342] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 23.077454] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.077488] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.077562] Call Trace: [ 23.077608] <TASK> [ 23.077668] dump_stack_lvl+0x73/0xb0 [ 23.077762] print_report+0xd1/0x650 [ 23.077830] ? __virt_addr_valid+0x1db/0x2d0 [ 23.077911] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 23.077996] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.078134] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 23.078254] kasan_report+0x141/0x180 [ 23.078329] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 23.078425] kasan_check_range+0x10c/0x1c0 [ 23.078553] __kasan_check_write+0x18/0x20 [ 23.078640] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 23.078703] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 23.078759] kasan_bitops_generic+0x121/0x1c0 [ 23.078795] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 23.078836] ? __pfx_read_tsc+0x10/0x10 [ 23.078869] ? ktime_get_ts64+0x86/0x230 [ 23.078904] kunit_try_run_case+0x1a5/0x480 [ 23.078944] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.078980] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.079015] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.079048] ? __kthread_parkme+0x82/0x180 [ 23.079077] ? preempt_count_sub+0x50/0x80 [ 23.079109] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.079146] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.079180] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.079216] kthread+0x337/0x6f0 [ 23.079283] ? trace_preempt_on+0x20/0xc0 [ 23.079322] ? __pfx_kthread+0x10/0x10 [ 23.079353] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.079384] ? calculate_sigpending+0x7b/0xa0 [ 23.079419] ? __pfx_kthread+0x10/0x10 [ 23.079449] ret_from_fork+0x116/0x1d0 [ 23.079475] ? __pfx_kthread+0x10/0x10 [ 23.079528] ret_from_fork_asm+0x1a/0x30 [ 23.079616] </TASK> [ 23.079663] [ 23.104877] Allocated by task 279: [ 23.105776] kasan_save_stack+0x45/0x70 [ 23.106164] kasan_save_track+0x18/0x40 [ 23.106913] kasan_save_alloc_info+0x3b/0x50 [ 23.107960] __kasan_kmalloc+0xb7/0xc0 [ 23.108477] __kmalloc_cache_noprof+0x189/0x420 [ 23.109346] kasan_bitops_generic+0x92/0x1c0 [ 23.109628] kunit_try_run_case+0x1a5/0x480 [ 23.110494] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.111249] kthread+0x337/0x6f0 [ 23.111567] ret_from_fork+0x116/0x1d0 [ 23.111840] ret_from_fork_asm+0x1a/0x30 [ 23.112120] [ 23.112287] The buggy address belongs to the object at ffff8881023e2400 [ 23.112287] which belongs to the cache kmalloc-16 of size 16 [ 23.114970] The buggy address is located 8 bytes inside of [ 23.114970] allocated 9-byte region [ffff8881023e2400, ffff8881023e2409) [ 23.116066] [ 23.116251] The buggy address belongs to the physical page: [ 23.116726] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023e2 [ 23.118395] flags: 0x200000000000000(node=0|zone=2) [ 23.119132] page_type: f5(slab) [ 23.119697] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 23.120407] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 23.121871] page dumped because: kasan: bad access detected [ 23.122255] [ 23.122981] Memory state around the buggy address: [ 23.123463] ffff8881023e2300: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 23.124204] ffff8881023e2380: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 23.124941] >ffff8881023e2400: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.125977] ^ [ 23.126849] ffff8881023e2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.127420] ffff8881023e2500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.128586] ================================================================== [ 22.810899] ================================================================== [ 22.812342] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 22.814032] Write of size 8 at addr ffff8881023e2408 by task kunit_try_catch/279 [ 22.814983] [ 22.815282] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 22.815386] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.815404] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.815436] Call Trace: [ 22.815460] <TASK> [ 22.815490] dump_stack_lvl+0x73/0xb0 [ 22.815609] print_report+0xd1/0x650 [ 22.815688] ? __virt_addr_valid+0x1db/0x2d0 [ 22.815771] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 22.815855] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.815928] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 22.816030] kasan_report+0x141/0x180 [ 22.816067] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 22.816112] kasan_check_range+0x10c/0x1c0 [ 22.816147] __kasan_check_write+0x18/0x20 [ 22.816174] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 22.816216] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 22.816304] kasan_bitops_generic+0x121/0x1c0 [ 22.816343] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 22.816380] ? __pfx_read_tsc+0x10/0x10 [ 22.816413] ? ktime_get_ts64+0x86/0x230 [ 22.816446] kunit_try_run_case+0x1a5/0x480 [ 22.816556] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.816635] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.816704] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.816774] ? __kthread_parkme+0x82/0x180 [ 22.816838] ? preempt_count_sub+0x50/0x80 [ 22.816903] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.816980] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.817031] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.817068] kthread+0x337/0x6f0 [ 22.817096] ? trace_preempt_on+0x20/0xc0 [ 22.817130] ? __pfx_kthread+0x10/0x10 [ 22.817159] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.817189] ? calculate_sigpending+0x7b/0xa0 [ 22.817234] ? __pfx_kthread+0x10/0x10 [ 22.817297] ret_from_fork+0x116/0x1d0 [ 22.817325] ? __pfx_kthread+0x10/0x10 [ 22.817355] ret_from_fork_asm+0x1a/0x30 [ 22.817397] </TASK> [ 22.817411] [ 22.831983] Allocated by task 279: [ 22.832386] kasan_save_stack+0x45/0x70 [ 22.832777] kasan_save_track+0x18/0x40 [ 22.833096] kasan_save_alloc_info+0x3b/0x50 [ 22.833442] __kasan_kmalloc+0xb7/0xc0 [ 22.833878] __kmalloc_cache_noprof+0x189/0x420 [ 22.835103] kasan_bitops_generic+0x92/0x1c0 [ 22.836074] kunit_try_run_case+0x1a5/0x480 [ 22.836898] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.837420] kthread+0x337/0x6f0 [ 22.838465] ret_from_fork+0x116/0x1d0 [ 22.838984] ret_from_fork_asm+0x1a/0x30 [ 22.839314] [ 22.839570] The buggy address belongs to the object at ffff8881023e2400 [ 22.839570] which belongs to the cache kmalloc-16 of size 16 [ 22.841016] The buggy address is located 8 bytes inside of [ 22.841016] allocated 9-byte region [ffff8881023e2400, ffff8881023e2409) [ 22.841770] [ 22.841967] The buggy address belongs to the physical page: [ 22.842341] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023e2 [ 22.843047] flags: 0x200000000000000(node=0|zone=2) [ 22.844263] page_type: f5(slab) [ 22.844946] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 22.845961] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.846781] page dumped because: kasan: bad access detected [ 22.847379] [ 22.848016] Memory state around the buggy address: [ 22.848481] ffff8881023e2300: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 22.849077] ffff8881023e2380: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 22.849990] >ffff8881023e2400: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.850576] ^ [ 22.850956] ffff8881023e2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.853427] ffff8881023e2500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.853905] ================================================================== [ 22.903831] ================================================================== [ 22.904645] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 22.905460] Write of size 8 at addr ffff8881023e2408 by task kunit_try_catch/279 [ 22.906090] [ 22.906378] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 22.906726] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.906773] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.906836] Call Trace: [ 22.906891] <TASK> [ 22.906944] dump_stack_lvl+0x73/0xb0 [ 22.907104] print_report+0xd1/0x650 [ 22.907190] ? __virt_addr_valid+0x1db/0x2d0 [ 22.907315] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 22.907400] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.907472] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 22.908057] kasan_report+0x141/0x180 [ 22.908185] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 22.908361] kasan_check_range+0x10c/0x1c0 [ 22.908451] __kasan_check_write+0x18/0x20 [ 22.908693] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 22.908768] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 22.908826] kasan_bitops_generic+0x121/0x1c0 [ 22.908862] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 22.908899] ? __pfx_read_tsc+0x10/0x10 [ 22.908931] ? ktime_get_ts64+0x86/0x230 [ 22.908965] kunit_try_run_case+0x1a5/0x480 [ 22.909003] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.909037] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.909071] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.909105] ? __kthread_parkme+0x82/0x180 [ 22.909134] ? preempt_count_sub+0x50/0x80 [ 22.909166] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.909201] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.909237] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.909272] kthread+0x337/0x6f0 [ 22.909301] ? trace_preempt_on+0x20/0xc0 [ 22.909386] ? __pfx_kthread+0x10/0x10 [ 22.909422] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.909453] ? calculate_sigpending+0x7b/0xa0 [ 22.909488] ? __pfx_kthread+0x10/0x10 [ 22.909558] ret_from_fork+0x116/0x1d0 [ 22.909686] ? __pfx_kthread+0x10/0x10 [ 22.909729] ret_from_fork_asm+0x1a/0x30 [ 22.909773] </TASK> [ 22.909789] [ 22.934118] Allocated by task 279: [ 22.935076] kasan_save_stack+0x45/0x70 [ 22.935686] kasan_save_track+0x18/0x40 [ 22.936424] kasan_save_alloc_info+0x3b/0x50 [ 22.937469] __kasan_kmalloc+0xb7/0xc0 [ 22.937964] __kmalloc_cache_noprof+0x189/0x420 [ 22.938452] kasan_bitops_generic+0x92/0x1c0 [ 22.939323] kunit_try_run_case+0x1a5/0x480 [ 22.940002] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.941068] kthread+0x337/0x6f0 [ 22.941388] ret_from_fork+0x116/0x1d0 [ 22.942191] ret_from_fork_asm+0x1a/0x30 [ 22.942855] [ 22.943298] The buggy address belongs to the object at ffff8881023e2400 [ 22.943298] which belongs to the cache kmalloc-16 of size 16 [ 22.945065] The buggy address is located 8 bytes inside of [ 22.945065] allocated 9-byte region [ffff8881023e2400, ffff8881023e2409) [ 22.946682] [ 22.946944] The buggy address belongs to the physical page: [ 22.947396] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023e2 [ 22.948299] flags: 0x200000000000000(node=0|zone=2) [ 22.949002] page_type: f5(slab) [ 22.949291] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 22.950937] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.951801] page dumped because: kasan: bad access detected [ 22.952300] [ 22.952474] Memory state around the buggy address: [ 22.952815] ffff8881023e2300: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 22.953281] ffff8881023e2380: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 22.954483] >ffff8881023e2400: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.955733] ^ [ 22.956074] ffff8881023e2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.956647] ffff8881023e2500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.958063] ================================================================== [ 22.959398] ================================================================== [ 22.959891] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 22.960974] Write of size 8 at addr ffff8881023e2408 by task kunit_try_catch/279 [ 22.961940] [ 22.962200] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 22.962336] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.962377] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.962438] Call Trace: [ 22.962493] <TASK> [ 22.962568] dump_stack_lvl+0x73/0xb0 [ 22.962664] print_report+0xd1/0x650 [ 22.962748] ? __virt_addr_valid+0x1db/0x2d0 [ 22.962827] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 22.962918] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.963000] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 22.963092] kasan_report+0x141/0x180 [ 22.963181] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 22.964452] kasan_check_range+0x10c/0x1c0 [ 22.965892] __kasan_check_write+0x18/0x20 [ 22.965986] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 22.966067] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 22.966155] kasan_bitops_generic+0x121/0x1c0 [ 22.966234] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 22.966303] ? __pfx_read_tsc+0x10/0x10 [ 22.966362] ? ktime_get_ts64+0x86/0x230 [ 22.966432] kunit_try_run_case+0x1a5/0x480 [ 22.966520] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.966590] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.966657] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.966727] ? __kthread_parkme+0x82/0x180 [ 22.966796] ? preempt_count_sub+0x50/0x80 [ 22.966866] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.966941] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.967013] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.967082] kthread+0x337/0x6f0 [ 22.967136] ? trace_preempt_on+0x20/0xc0 [ 22.967204] ? __pfx_kthread+0x10/0x10 [ 22.967258] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.967313] ? calculate_sigpending+0x7b/0xa0 [ 22.967373] ? __pfx_kthread+0x10/0x10 [ 22.967424] ret_from_fork+0x116/0x1d0 [ 22.967470] ? __pfx_kthread+0x10/0x10 [ 22.968160] ret_from_fork_asm+0x1a/0x30 [ 22.968284] </TASK> [ 22.968317] [ 22.994150] Allocated by task 279: [ 22.995200] kasan_save_stack+0x45/0x70 [ 22.995829] kasan_save_track+0x18/0x40 [ 22.996290] kasan_save_alloc_info+0x3b/0x50 [ 22.996898] __kasan_kmalloc+0xb7/0xc0 [ 22.997270] __kmalloc_cache_noprof+0x189/0x420 [ 22.998000] kasan_bitops_generic+0x92/0x1c0 [ 22.998468] kunit_try_run_case+0x1a5/0x480 [ 22.999455] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.000094] kthread+0x337/0x6f0 [ 23.000515] ret_from_fork+0x116/0x1d0 [ 23.001021] ret_from_fork_asm+0x1a/0x30 [ 23.001433] [ 23.001856] The buggy address belongs to the object at ffff8881023e2400 [ 23.001856] which belongs to the cache kmalloc-16 of size 16 [ 23.002761] The buggy address is located 8 bytes inside of [ 23.002761] allocated 9-byte region [ffff8881023e2400, ffff8881023e2409) [ 23.003610] [ 23.003846] The buggy address belongs to the physical page: [ 23.005320] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023e2 [ 23.006183] flags: 0x200000000000000(node=0|zone=2) [ 23.006812] page_type: f5(slab) [ 23.007176] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 23.008482] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 23.009336] page dumped because: kasan: bad access detected [ 23.009962] [ 23.010626] Memory state around the buggy address: [ 23.011550] ffff8881023e2300: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 23.012217] ffff8881023e2380: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 23.013764] >ffff8881023e2400: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.014367] ^ [ 23.014967] ffff8881023e2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.016032] ffff8881023e2500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.017253] ================================================================== [ 23.129758] ================================================================== [ 23.130983] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 23.131722] Read of size 8 at addr ffff8881023e2408 by task kunit_try_catch/279 [ 23.132229] [ 23.133154] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 23.133335] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.133375] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.133437] Call Trace: [ 23.133489] <TASK> [ 23.133559] dump_stack_lvl+0x73/0xb0 [ 23.133676] print_report+0xd1/0x650 [ 23.133759] ? __virt_addr_valid+0x1db/0x2d0 [ 23.133834] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 23.133917] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.133988] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 23.134070] kasan_report+0x141/0x180 [ 23.134142] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 23.134202] kasan_check_range+0x10c/0x1c0 [ 23.134279] __kasan_check_read+0x15/0x20 [ 23.134313] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 23.134356] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 23.134409] kasan_bitops_generic+0x121/0x1c0 [ 23.134444] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 23.134484] ? __pfx_read_tsc+0x10/0x10 [ 23.134556] ? ktime_get_ts64+0x86/0x230 [ 23.134635] kunit_try_run_case+0x1a5/0x480 [ 23.134723] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.134778] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.134815] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.134851] ? __kthread_parkme+0x82/0x180 [ 23.134880] ? preempt_count_sub+0x50/0x80 [ 23.134911] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.134947] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.134981] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.135017] kthread+0x337/0x6f0 [ 23.135045] ? trace_preempt_on+0x20/0xc0 [ 23.135081] ? __pfx_kthread+0x10/0x10 [ 23.135109] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.135140] ? calculate_sigpending+0x7b/0xa0 [ 23.135173] ? __pfx_kthread+0x10/0x10 [ 23.135202] ret_from_fork+0x116/0x1d0 [ 23.135229] ? __pfx_kthread+0x10/0x10 [ 23.135257] ret_from_fork_asm+0x1a/0x30 [ 23.135299] </TASK> [ 23.135313] [ 23.159513] Allocated by task 279: [ 23.160294] kasan_save_stack+0x45/0x70 [ 23.161145] kasan_save_track+0x18/0x40 [ 23.162009] kasan_save_alloc_info+0x3b/0x50 [ 23.162389] __kasan_kmalloc+0xb7/0xc0 [ 23.162735] __kmalloc_cache_noprof+0x189/0x420 [ 23.163237] kasan_bitops_generic+0x92/0x1c0 [ 23.163781] kunit_try_run_case+0x1a5/0x480 [ 23.164142] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.164738] kthread+0x337/0x6f0 [ 23.165585] ret_from_fork+0x116/0x1d0 [ 23.165983] ret_from_fork_asm+0x1a/0x30 [ 23.167119] [ 23.167390] The buggy address belongs to the object at ffff8881023e2400 [ 23.167390] which belongs to the cache kmalloc-16 of size 16 [ 23.168302] The buggy address is located 8 bytes inside of [ 23.168302] allocated 9-byte region [ffff8881023e2400, ffff8881023e2409) [ 23.170384] [ 23.171009] The buggy address belongs to the physical page: [ 23.171430] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023e2 [ 23.172583] flags: 0x200000000000000(node=0|zone=2) [ 23.173906] page_type: f5(slab) [ 23.174200] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 23.174713] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 23.175287] page dumped because: kasan: bad access detected [ 23.175896] [ 23.176792] Memory state around the buggy address: [ 23.177221] ffff8881023e2300: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 23.178433] ffff8881023e2380: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 23.178984] >ffff8881023e2400: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.180157] ^ [ 23.181018] ffff8881023e2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.182152] ffff8881023e2500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.182924] ================================================================== [ 23.018491] ================================================================== [ 23.019187] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 23.021271] Write of size 8 at addr ffff8881023e2408 by task kunit_try_catch/279 [ 23.022908] [ 23.023407] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 23.023518] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.023560] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.023670] Call Trace: [ 23.023726] <TASK> [ 23.023804] dump_stack_lvl+0x73/0xb0 [ 23.023880] print_report+0xd1/0x650 [ 23.023919] ? __virt_addr_valid+0x1db/0x2d0 [ 23.023955] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 23.023999] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.024032] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 23.024075] kasan_report+0x141/0x180 [ 23.024106] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 23.024151] kasan_check_range+0x10c/0x1c0 [ 23.024186] __kasan_check_write+0x18/0x20 [ 23.024212] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 23.024323] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 23.024421] kasan_bitops_generic+0x121/0x1c0 [ 23.024459] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 23.024516] ? __pfx_read_tsc+0x10/0x10 [ 23.024596] ? ktime_get_ts64+0x86/0x230 [ 23.024670] kunit_try_run_case+0x1a5/0x480 [ 23.024744] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.024783] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.024819] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.024854] ? __kthread_parkme+0x82/0x180 [ 23.024883] ? preempt_count_sub+0x50/0x80 [ 23.024915] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.024951] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.024983] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.025017] kthread+0x337/0x6f0 [ 23.025044] ? trace_preempt_on+0x20/0xc0 [ 23.025077] ? __pfx_kthread+0x10/0x10 [ 23.025105] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.025135] ? calculate_sigpending+0x7b/0xa0 [ 23.025168] ? __pfx_kthread+0x10/0x10 [ 23.025197] ret_from_fork+0x116/0x1d0 [ 23.025229] ? __pfx_kthread+0x10/0x10 [ 23.025300] ret_from_fork_asm+0x1a/0x30 [ 23.025345] </TASK> [ 23.025359] [ 23.048024] Allocated by task 279: [ 23.048616] kasan_save_stack+0x45/0x70 [ 23.049018] kasan_save_track+0x18/0x40 [ 23.049462] kasan_save_alloc_info+0x3b/0x50 [ 23.049957] __kasan_kmalloc+0xb7/0xc0 [ 23.050518] __kmalloc_cache_noprof+0x189/0x420 [ 23.050888] kasan_bitops_generic+0x92/0x1c0 [ 23.051257] kunit_try_run_case+0x1a5/0x480 [ 23.051813] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.052440] kthread+0x337/0x6f0 [ 23.052844] ret_from_fork+0x116/0x1d0 [ 23.053117] ret_from_fork_asm+0x1a/0x30 [ 23.053459] [ 23.053669] The buggy address belongs to the object at ffff8881023e2400 [ 23.053669] which belongs to the cache kmalloc-16 of size 16 [ 23.054339] The buggy address is located 8 bytes inside of [ 23.054339] allocated 9-byte region [ffff8881023e2400, ffff8881023e2409) [ 23.056298] [ 23.056569] The buggy address belongs to the physical page: [ 23.057074] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023e2 [ 23.060940] flags: 0x200000000000000(node=0|zone=2) [ 23.061953] page_type: f5(slab) [ 23.062932] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 23.064124] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 23.065562] page dumped because: kasan: bad access detected [ 23.066092] [ 23.066385] Memory state around the buggy address: [ 23.066824] ffff8881023e2300: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 23.067832] ffff8881023e2380: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 23.068285] >ffff8881023e2400: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.069491] ^ [ 23.069810] ffff8881023e2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.070921] ffff8881023e2500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.071954] ================================================================== [ 22.758820] ================================================================== [ 22.759588] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 22.760608] Write of size 8 at addr ffff8881023e2408 by task kunit_try_catch/279 [ 22.761241] [ 22.761989] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 22.762551] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.762573] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.762638] Call Trace: [ 22.762683] <TASK> [ 22.762733] dump_stack_lvl+0x73/0xb0 [ 22.762786] print_report+0xd1/0x650 [ 22.762820] ? __virt_addr_valid+0x1db/0x2d0 [ 22.762852] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 22.762890] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.762921] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 22.762961] kasan_report+0x141/0x180 [ 22.762991] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 22.763035] kasan_check_range+0x10c/0x1c0 [ 22.763069] __kasan_check_write+0x18/0x20 [ 22.763094] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 22.763133] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 22.763182] kasan_bitops_generic+0x121/0x1c0 [ 22.763216] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 22.763279] ? __pfx_read_tsc+0x10/0x10 [ 22.763313] ? ktime_get_ts64+0x86/0x230 [ 22.763348] kunit_try_run_case+0x1a5/0x480 [ 22.763386] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.763419] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.763453] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.763488] ? __kthread_parkme+0x82/0x180 [ 22.763557] ? preempt_count_sub+0x50/0x80 [ 22.763642] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.763693] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.763729] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.763764] kthread+0x337/0x6f0 [ 22.763792] ? trace_preempt_on+0x20/0xc0 [ 22.763828] ? __pfx_kthread+0x10/0x10 [ 22.763855] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.763887] ? calculate_sigpending+0x7b/0xa0 [ 22.763920] ? __pfx_kthread+0x10/0x10 [ 22.763950] ret_from_fork+0x116/0x1d0 [ 22.763976] ? __pfx_kthread+0x10/0x10 [ 22.764005] ret_from_fork_asm+0x1a/0x30 [ 22.764048] </TASK> [ 22.764063] [ 22.787353] Allocated by task 279: [ 22.788055] kasan_save_stack+0x45/0x70 [ 22.788827] kasan_save_track+0x18/0x40 [ 22.789121] kasan_save_alloc_info+0x3b/0x50 [ 22.790067] __kasan_kmalloc+0xb7/0xc0 [ 22.790991] __kmalloc_cache_noprof+0x189/0x420 [ 22.791891] kasan_bitops_generic+0x92/0x1c0 [ 22.792139] kunit_try_run_case+0x1a5/0x480 [ 22.792323] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.792603] kthread+0x337/0x6f0 [ 22.792900] ret_from_fork+0x116/0x1d0 [ 22.793319] ret_from_fork_asm+0x1a/0x30 [ 22.794384] [ 22.794700] The buggy address belongs to the object at ffff8881023e2400 [ 22.794700] which belongs to the cache kmalloc-16 of size 16 [ 22.795991] The buggy address is located 8 bytes inside of [ 22.795991] allocated 9-byte region [ffff8881023e2400, ffff8881023e2409) [ 22.797396] [ 22.798030] The buggy address belongs to the physical page: [ 22.798811] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023e2 [ 22.799754] flags: 0x200000000000000(node=0|zone=2) [ 22.800383] page_type: f5(slab) [ 22.801209] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 22.802147] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.802906] page dumped because: kasan: bad access detected [ 22.803392] [ 22.803810] Memory state around the buggy address: [ 22.804180] ffff8881023e2300: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 22.805051] ffff8881023e2380: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 22.805571] >ffff8881023e2400: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.806746] ^ [ 22.807314] ffff8881023e2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.808314] ffff8881023e2500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.809515] ================================================================== [ 22.855319] ================================================================== [ 22.856530] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 22.857533] Write of size 8 at addr ffff8881023e2408 by task kunit_try_catch/279 [ 22.858450] [ 22.858760] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 22.858884] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.858922] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.858983] Call Trace: [ 22.859032] <TASK> [ 22.859084] dump_stack_lvl+0x73/0xb0 [ 22.859173] print_report+0xd1/0x650 [ 22.859337] ? __virt_addr_valid+0x1db/0x2d0 [ 22.859415] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 22.859513] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.859595] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 22.859685] kasan_report+0x141/0x180 [ 22.859762] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 22.859859] kasan_check_range+0x10c/0x1c0 [ 22.859942] __kasan_check_write+0x18/0x20 [ 22.860013] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 22.860096] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 22.860202] kasan_bitops_generic+0x121/0x1c0 [ 22.861146] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 22.861232] ? __pfx_read_tsc+0x10/0x10 [ 22.861324] ? ktime_get_ts64+0x86/0x230 [ 22.861403] kunit_try_run_case+0x1a5/0x480 [ 22.861488] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.861748] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.861798] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.861838] ? __kthread_parkme+0x82/0x180 [ 22.861871] ? preempt_count_sub+0x50/0x80 [ 22.861904] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.861942] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.861979] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.862015] kthread+0x337/0x6f0 [ 22.862042] ? trace_preempt_on+0x20/0xc0 [ 22.862079] ? __pfx_kthread+0x10/0x10 [ 22.862110] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.862142] ? calculate_sigpending+0x7b/0xa0 [ 22.862178] ? __pfx_kthread+0x10/0x10 [ 22.862209] ret_from_fork+0x116/0x1d0 [ 22.862289] ? __pfx_kthread+0x10/0x10 [ 22.862325] ret_from_fork_asm+0x1a/0x30 [ 22.862370] </TASK> [ 22.862386] [ 22.882468] Allocated by task 279: [ 22.883176] kasan_save_stack+0x45/0x70 [ 22.883685] kasan_save_track+0x18/0x40 [ 22.884040] kasan_save_alloc_info+0x3b/0x50 [ 22.884534] __kasan_kmalloc+0xb7/0xc0 [ 22.884883] __kmalloc_cache_noprof+0x189/0x420 [ 22.885304] kasan_bitops_generic+0x92/0x1c0 [ 22.886429] kunit_try_run_case+0x1a5/0x480 [ 22.887198] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.887902] kthread+0x337/0x6f0 [ 22.888276] ret_from_fork+0x116/0x1d0 [ 22.888806] ret_from_fork_asm+0x1a/0x30 [ 22.889283] [ 22.889526] The buggy address belongs to the object at ffff8881023e2400 [ 22.889526] which belongs to the cache kmalloc-16 of size 16 [ 22.891253] The buggy address is located 8 bytes inside of [ 22.891253] allocated 9-byte region [ffff8881023e2400, ffff8881023e2409) [ 22.892359] [ 22.892772] The buggy address belongs to the physical page: [ 22.893238] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023e2 [ 22.894433] flags: 0x200000000000000(node=0|zone=2) [ 22.895118] page_type: f5(slab) [ 22.895580] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 22.896234] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.897008] page dumped because: kasan: bad access detected [ 22.898171] [ 22.898455] Memory state around the buggy address: [ 22.899117] ffff8881023e2300: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 22.899901] ffff8881023e2380: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 22.900885] >ffff8881023e2400: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.901453] ^ [ 22.901835] ffff8881023e2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.902354] ffff8881023e2500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.902878] ================================================================== [ 23.184174] ================================================================== [ 23.184796] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 23.186126] Read of size 8 at addr ffff8881023e2408 by task kunit_try_catch/279 [ 23.187975] [ 23.188197] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 23.188320] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.188360] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.188620] Call Trace: [ 23.188682] <TASK> [ 23.188737] dump_stack_lvl+0x73/0xb0 [ 23.188807] print_report+0xd1/0x650 [ 23.188845] ? __virt_addr_valid+0x1db/0x2d0 [ 23.188879] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 23.188917] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.188950] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 23.188989] kasan_report+0x141/0x180 [ 23.189020] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 23.189065] __asan_report_load8_noabort+0x18/0x20 [ 23.189101] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 23.189141] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 23.189190] kasan_bitops_generic+0x121/0x1c0 [ 23.189233] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 23.189299] ? __pfx_read_tsc+0x10/0x10 [ 23.189334] ? ktime_get_ts64+0x86/0x230 [ 23.189368] kunit_try_run_case+0x1a5/0x480 [ 23.189406] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.189440] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.189473] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.189529] ? __kthread_parkme+0x82/0x180 [ 23.189598] ? preempt_count_sub+0x50/0x80 [ 23.189697] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.189770] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.189841] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.189906] kthread+0x337/0x6f0 [ 23.189968] ? trace_preempt_on+0x20/0xc0 [ 23.190045] ? __pfx_kthread+0x10/0x10 [ 23.190082] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.190116] ? calculate_sigpending+0x7b/0xa0 [ 23.190150] ? __pfx_kthread+0x10/0x10 [ 23.190179] ret_from_fork+0x116/0x1d0 [ 23.190206] ? __pfx_kthread+0x10/0x10 [ 23.190285] ret_from_fork_asm+0x1a/0x30 [ 23.190335] </TASK> [ 23.190352] [ 23.211358] Allocated by task 279: [ 23.211754] kasan_save_stack+0x45/0x70 [ 23.212293] kasan_save_track+0x18/0x40 [ 23.212707] kasan_save_alloc_info+0x3b/0x50 [ 23.213124] __kasan_kmalloc+0xb7/0xc0 [ 23.213609] __kmalloc_cache_noprof+0x189/0x420 [ 23.214010] kasan_bitops_generic+0x92/0x1c0 [ 23.214390] kunit_try_run_case+0x1a5/0x480 [ 23.214805] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.215339] kthread+0x337/0x6f0 [ 23.215800] ret_from_fork+0x116/0x1d0 [ 23.216216] ret_from_fork_asm+0x1a/0x30 [ 23.216905] [ 23.217142] The buggy address belongs to the object at ffff8881023e2400 [ 23.217142] which belongs to the cache kmalloc-16 of size 16 [ 23.218414] The buggy address is located 8 bytes inside of [ 23.218414] allocated 9-byte region [ffff8881023e2400, ffff8881023e2409) [ 23.219361] [ 23.219725] The buggy address belongs to the physical page: [ 23.220354] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023e2 [ 23.221030] flags: 0x200000000000000(node=0|zone=2) [ 23.221477] page_type: f5(slab) [ 23.221935] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 23.222717] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 23.223347] page dumped because: kasan: bad access detected [ 23.223889] [ 23.224160] Memory state around the buggy address: [ 23.224698] ffff8881023e2300: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 23.225399] ffff8881023e2380: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 23.226097] >ffff8881023e2400: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.226844] ^ [ 23.227287] ffff8881023e2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.228842] ffff8881023e2500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.235467] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 22.439411] ================================================================== [ 22.441822] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 22.443829] Write of size 8 at addr ffff8881023e2408 by task kunit_try_catch/279 [ 22.445432] [ 22.445730] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 22.445859] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.445882] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.445915] Call Trace: [ 22.445940] <TASK> [ 22.445965] dump_stack_lvl+0x73/0xb0 [ 22.446056] print_report+0xd1/0x650 [ 22.446131] ? __virt_addr_valid+0x1db/0x2d0 [ 22.446205] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 22.446287] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.446365] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 22.446450] kasan_report+0x141/0x180 [ 22.446561] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 22.446661] kasan_check_range+0x10c/0x1c0 [ 22.446743] __kasan_check_write+0x18/0x20 [ 22.446813] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 22.446872] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 22.446913] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.446958] ? finish_task_switch.isra.0+0x156/0x700 [ 22.446993] ? kasan_bitops_generic+0x92/0x1c0 [ 22.447032] kasan_bitops_generic+0x116/0x1c0 [ 22.447067] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 22.447103] ? __pfx_read_tsc+0x10/0x10 [ 22.447134] ? ktime_get_ts64+0x86/0x230 [ 22.447168] kunit_try_run_case+0x1a5/0x480 [ 22.447205] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.447278] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.447323] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.447359] ? __kthread_parkme+0x82/0x180 [ 22.447389] ? preempt_count_sub+0x50/0x80 [ 22.447421] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.447457] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.447491] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.447643] kthread+0x337/0x6f0 [ 22.447706] ? trace_preempt_on+0x20/0xc0 [ 22.447747] ? __pfx_kthread+0x10/0x10 [ 22.447777] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.447808] ? calculate_sigpending+0x7b/0xa0 [ 22.447843] ? __pfx_kthread+0x10/0x10 [ 22.447872] ret_from_fork+0x116/0x1d0 [ 22.447897] ? __pfx_kthread+0x10/0x10 [ 22.447925] ret_from_fork_asm+0x1a/0x30 [ 22.447966] </TASK> [ 22.447982] [ 22.467553] Allocated by task 279: [ 22.468899] kasan_save_stack+0x45/0x70 [ 22.469323] kasan_save_track+0x18/0x40 [ 22.469936] kasan_save_alloc_info+0x3b/0x50 [ 22.470406] __kasan_kmalloc+0xb7/0xc0 [ 22.470750] __kmalloc_cache_noprof+0x189/0x420 [ 22.471121] kasan_bitops_generic+0x92/0x1c0 [ 22.472109] kunit_try_run_case+0x1a5/0x480 [ 22.472615] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.473144] kthread+0x337/0x6f0 [ 22.473674] ret_from_fork+0x116/0x1d0 [ 22.474303] ret_from_fork_asm+0x1a/0x30 [ 22.474704] [ 22.474896] The buggy address belongs to the object at ffff8881023e2400 [ 22.474896] which belongs to the cache kmalloc-16 of size 16 [ 22.475597] The buggy address is located 8 bytes inside of [ 22.475597] allocated 9-byte region [ffff8881023e2400, ffff8881023e2409) [ 22.476654] [ 22.477608] The buggy address belongs to the physical page: [ 22.478123] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023e2 [ 22.479581] flags: 0x200000000000000(node=0|zone=2) [ 22.480098] page_type: f5(slab) [ 22.480456] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 22.481935] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.482641] page dumped because: kasan: bad access detected [ 22.483081] [ 22.483269] Memory state around the buggy address: [ 22.483666] ffff8881023e2300: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 22.484558] ffff8881023e2380: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 22.485749] >ffff8881023e2400: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.486847] ^ [ 22.487242] ffff8881023e2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.488096] ffff8881023e2500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.488773] ================================================================== [ 22.376162] ================================================================== [ 22.376790] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 22.378131] Write of size 8 at addr ffff8881023e2408 by task kunit_try_catch/279 [ 22.379518] [ 22.379992] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 22.380162] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.380204] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.380288] Call Trace: [ 22.380337] <TASK> [ 22.380367] dump_stack_lvl+0x73/0xb0 [ 22.380419] print_report+0xd1/0x650 [ 22.380454] ? __virt_addr_valid+0x1db/0x2d0 [ 22.380487] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 22.380563] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.380598] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 22.380655] kasan_report+0x141/0x180 [ 22.380689] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 22.380732] kasan_check_range+0x10c/0x1c0 [ 22.380767] __kasan_check_write+0x18/0x20 [ 22.380794] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 22.380831] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 22.380869] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.380911] ? finish_task_switch.isra.0+0x156/0x700 [ 22.380944] ? kasan_bitops_generic+0x92/0x1c0 [ 22.380982] kasan_bitops_generic+0x116/0x1c0 [ 22.381016] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 22.381052] ? __pfx_read_tsc+0x10/0x10 [ 22.381082] ? ktime_get_ts64+0x86/0x230 [ 22.381115] kunit_try_run_case+0x1a5/0x480 [ 22.381151] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.381185] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.381220] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.381253] ? __kthread_parkme+0x82/0x180 [ 22.381280] ? preempt_count_sub+0x50/0x80 [ 22.381310] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.381346] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.381379] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.381414] kthread+0x337/0x6f0 [ 22.381439] ? trace_preempt_on+0x20/0xc0 [ 22.381472] ? __pfx_kthread+0x10/0x10 [ 22.381541] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.381629] ? calculate_sigpending+0x7b/0xa0 [ 22.381707] ? __pfx_kthread+0x10/0x10 [ 22.381776] ret_from_fork+0x116/0x1d0 [ 22.381807] ? __pfx_kthread+0x10/0x10 [ 22.381839] ret_from_fork_asm+0x1a/0x30 [ 22.381880] </TASK> [ 22.381895] [ 22.410579] Allocated by task 279: [ 22.411153] kasan_save_stack+0x45/0x70 [ 22.411802] kasan_save_track+0x18/0x40 [ 22.412342] kasan_save_alloc_info+0x3b/0x50 [ 22.413188] __kasan_kmalloc+0xb7/0xc0 [ 22.413989] __kmalloc_cache_noprof+0x189/0x420 [ 22.414892] kasan_bitops_generic+0x92/0x1c0 [ 22.415196] kunit_try_run_case+0x1a5/0x480 [ 22.416247] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.417083] kthread+0x337/0x6f0 [ 22.417453] ret_from_fork+0x116/0x1d0 [ 22.417892] ret_from_fork_asm+0x1a/0x30 [ 22.418667] [ 22.418937] The buggy address belongs to the object at ffff8881023e2400 [ 22.418937] which belongs to the cache kmalloc-16 of size 16 [ 22.420568] The buggy address is located 8 bytes inside of [ 22.420568] allocated 9-byte region [ffff8881023e2400, ffff8881023e2409) [ 22.421819] [ 22.422175] The buggy address belongs to the physical page: [ 22.423072] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023e2 [ 22.423807] flags: 0x200000000000000(node=0|zone=2) [ 22.424231] page_type: f5(slab) [ 22.424627] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 22.425400] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.425974] page dumped because: kasan: bad access detected [ 22.426608] [ 22.426834] Memory state around the buggy address: [ 22.428224] ffff8881023e2300: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 22.430747] ffff8881023e2380: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 22.431654] >ffff8881023e2400: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.432027] ^ [ 22.433057] ffff8881023e2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.434893] ffff8881023e2500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.436962] ================================================================== [ 22.591201] ================================================================== [ 22.591822] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 22.593426] Write of size 8 at addr ffff8881023e2408 by task kunit_try_catch/279 [ 22.594372] [ 22.595069] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 22.595297] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.595340] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.595399] Call Trace: [ 22.595447] <TASK> [ 22.595517] dump_stack_lvl+0x73/0xb0 [ 22.595619] print_report+0xd1/0x650 [ 22.595892] ? __virt_addr_valid+0x1db/0x2d0 [ 22.595975] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 22.596050] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.596086] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 22.596124] kasan_report+0x141/0x180 [ 22.596157] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 22.596200] kasan_check_range+0x10c/0x1c0 [ 22.596254] __kasan_check_write+0x18/0x20 [ 22.596299] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 22.596341] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 22.596380] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.596424] ? finish_task_switch.isra.0+0x156/0x700 [ 22.596459] ? kasan_bitops_generic+0x92/0x1c0 [ 22.596520] kasan_bitops_generic+0x116/0x1c0 [ 22.596611] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 22.596691] ? __pfx_read_tsc+0x10/0x10 [ 22.596748] ? ktime_get_ts64+0x86/0x230 [ 22.596815] kunit_try_run_case+0x1a5/0x480 [ 22.596895] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.596964] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.597032] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.597089] ? __kthread_parkme+0x82/0x180 [ 22.597119] ? preempt_count_sub+0x50/0x80 [ 22.597150] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.597186] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.597221] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.597295] kthread+0x337/0x6f0 [ 22.597326] ? trace_preempt_on+0x20/0xc0 [ 22.597360] ? __pfx_kthread+0x10/0x10 [ 22.597388] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.597419] ? calculate_sigpending+0x7b/0xa0 [ 22.597452] ? __pfx_kthread+0x10/0x10 [ 22.597541] ret_from_fork+0x116/0x1d0 [ 22.597606] ? __pfx_kthread+0x10/0x10 [ 22.597694] ret_from_fork_asm+0x1a/0x30 [ 22.597759] </TASK> [ 22.597775] [ 22.621272] Allocated by task 279: [ 22.621932] kasan_save_stack+0x45/0x70 [ 22.623156] kasan_save_track+0x18/0x40 [ 22.623723] kasan_save_alloc_info+0x3b/0x50 [ 22.624209] __kasan_kmalloc+0xb7/0xc0 [ 22.624893] __kmalloc_cache_noprof+0x189/0x420 [ 22.625466] kasan_bitops_generic+0x92/0x1c0 [ 22.626075] kunit_try_run_case+0x1a5/0x480 [ 22.627132] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.627729] kthread+0x337/0x6f0 [ 22.628082] ret_from_fork+0x116/0x1d0 [ 22.628920] ret_from_fork_asm+0x1a/0x30 [ 22.629101] [ 22.629198] The buggy address belongs to the object at ffff8881023e2400 [ 22.629198] which belongs to the cache kmalloc-16 of size 16 [ 22.630766] The buggy address is located 8 bytes inside of [ 22.630766] allocated 9-byte region [ffff8881023e2400, ffff8881023e2409) [ 22.631802] [ 22.631965] The buggy address belongs to the physical page: [ 22.633194] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023e2 [ 22.634247] flags: 0x200000000000000(node=0|zone=2) [ 22.634837] page_type: f5(slab) [ 22.635200] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 22.635818] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.636745] page dumped because: kasan: bad access detected [ 22.637795] [ 22.638023] Memory state around the buggy address: [ 22.638930] ffff8881023e2300: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 22.639806] ffff8881023e2380: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 22.640634] >ffff8881023e2400: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.641970] ^ [ 22.642731] ffff8881023e2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.643034] ffff8881023e2500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.643344] ================================================================== [ 22.700786] ================================================================== [ 22.701190] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 22.702660] Write of size 8 at addr ffff8881023e2408 by task kunit_try_catch/279 [ 22.704098] [ 22.704469] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 22.705200] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.705269] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.705326] Call Trace: [ 22.705373] <TASK> [ 22.705413] dump_stack_lvl+0x73/0xb0 [ 22.705701] print_report+0xd1/0x650 [ 22.705791] ? __virt_addr_valid+0x1db/0x2d0 [ 22.705911] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 22.706031] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.706108] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 22.706186] kasan_report+0x141/0x180 [ 22.706294] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 22.706382] kasan_check_range+0x10c/0x1c0 [ 22.706454] __kasan_check_write+0x18/0x20 [ 22.707012] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 22.707106] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 22.707190] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.707282] ? finish_task_switch.isra.0+0x156/0x700 [ 22.707345] ? kasan_bitops_generic+0x92/0x1c0 [ 22.707419] kasan_bitops_generic+0x116/0x1c0 [ 22.707477] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 22.707583] ? __pfx_read_tsc+0x10/0x10 [ 22.707638] ? ktime_get_ts64+0x86/0x230 [ 22.707694] kunit_try_run_case+0x1a5/0x480 [ 22.707755] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.707807] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.707863] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.707918] ? __kthread_parkme+0x82/0x180 [ 22.707964] ? preempt_count_sub+0x50/0x80 [ 22.708019] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.708074] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.708130] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.708186] kthread+0x337/0x6f0 [ 22.708232] ? trace_preempt_on+0x20/0xc0 [ 22.708288] ? __pfx_kthread+0x10/0x10 [ 22.708339] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.708390] ? calculate_sigpending+0x7b/0xa0 [ 22.708446] ? __pfx_kthread+0x10/0x10 [ 22.708517] ret_from_fork+0x116/0x1d0 [ 22.709335] ? __pfx_kthread+0x10/0x10 [ 22.709404] ret_from_fork_asm+0x1a/0x30 [ 22.709478] </TASK> [ 22.709556] [ 22.734382] Allocated by task 279: [ 22.734788] kasan_save_stack+0x45/0x70 [ 22.735183] kasan_save_track+0x18/0x40 [ 22.735567] kasan_save_alloc_info+0x3b/0x50 [ 22.735963] __kasan_kmalloc+0xb7/0xc0 [ 22.736327] __kmalloc_cache_noprof+0x189/0x420 [ 22.737463] kasan_bitops_generic+0x92/0x1c0 [ 22.738076] kunit_try_run_case+0x1a5/0x480 [ 22.738787] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.739371] kthread+0x337/0x6f0 [ 22.739974] ret_from_fork+0x116/0x1d0 [ 22.740442] ret_from_fork_asm+0x1a/0x30 [ 22.741336] [ 22.741788] The buggy address belongs to the object at ffff8881023e2400 [ 22.741788] which belongs to the cache kmalloc-16 of size 16 [ 22.742996] The buggy address is located 8 bytes inside of [ 22.742996] allocated 9-byte region [ffff8881023e2400, ffff8881023e2409) [ 22.744241] [ 22.745179] The buggy address belongs to the physical page: [ 22.745931] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023e2 [ 22.746770] flags: 0x200000000000000(node=0|zone=2) [ 22.747304] page_type: f5(slab) [ 22.747897] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 22.749157] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.749837] page dumped because: kasan: bad access detected [ 22.750437] [ 22.750866] Memory state around the buggy address: [ 22.751409] ffff8881023e2300: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 22.752144] ffff8881023e2380: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 22.753311] >ffff8881023e2400: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.753873] ^ [ 22.754265] ffff8881023e2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.754941] ffff8881023e2500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.755577] ================================================================== [ 22.319941] ================================================================== [ 22.320653] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 22.321963] Write of size 8 at addr ffff8881023e2408 by task kunit_try_catch/279 [ 22.323375] [ 22.323906] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 22.324039] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.324081] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.324147] Call Trace: [ 22.324194] <TASK> [ 22.324262] dump_stack_lvl+0x73/0xb0 [ 22.324326] print_report+0xd1/0x650 [ 22.324363] ? __virt_addr_valid+0x1db/0x2d0 [ 22.324401] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 22.324438] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.324471] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 22.324536] kasan_report+0x141/0x180 [ 22.324619] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 22.324705] kasan_check_range+0x10c/0x1c0 [ 22.324745] __kasan_check_write+0x18/0x20 [ 22.324775] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 22.324816] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 22.324858] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.324903] ? finish_task_switch.isra.0+0x156/0x700 [ 22.324938] ? kasan_bitops_generic+0x92/0x1c0 [ 22.324978] kasan_bitops_generic+0x116/0x1c0 [ 22.325014] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 22.325051] ? __pfx_read_tsc+0x10/0x10 [ 22.325082] ? ktime_get_ts64+0x86/0x230 [ 22.325118] kunit_try_run_case+0x1a5/0x480 [ 22.325158] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.325193] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.325247] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.325297] ? __kthread_parkme+0x82/0x180 [ 22.325328] ? preempt_count_sub+0x50/0x80 [ 22.325360] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.325396] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.325431] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.325466] kthread+0x337/0x6f0 [ 22.325513] ? trace_preempt_on+0x20/0xc0 [ 22.325602] ? __pfx_kthread+0x10/0x10 [ 22.325695] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.325761] ? calculate_sigpending+0x7b/0xa0 [ 22.325836] ? __pfx_kthread+0x10/0x10 [ 22.325907] ret_from_fork+0x116/0x1d0 [ 22.325974] ? __pfx_kthread+0x10/0x10 [ 22.326025] ret_from_fork_asm+0x1a/0x30 [ 22.326072] </TASK> [ 22.326087] [ 22.349215] Allocated by task 279: [ 22.349605] kasan_save_stack+0x45/0x70 [ 22.349985] kasan_save_track+0x18/0x40 [ 22.351485] kasan_save_alloc_info+0x3b/0x50 [ 22.352761] __kasan_kmalloc+0xb7/0xc0 [ 22.353272] __kmalloc_cache_noprof+0x189/0x420 [ 22.354233] kasan_bitops_generic+0x92/0x1c0 [ 22.354442] kunit_try_run_case+0x1a5/0x480 [ 22.354841] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.356019] kthread+0x337/0x6f0 [ 22.356428] ret_from_fork+0x116/0x1d0 [ 22.356847] ret_from_fork_asm+0x1a/0x30 [ 22.357444] [ 22.357692] The buggy address belongs to the object at ffff8881023e2400 [ 22.357692] which belongs to the cache kmalloc-16 of size 16 [ 22.358936] The buggy address is located 8 bytes inside of [ 22.358936] allocated 9-byte region [ffff8881023e2400, ffff8881023e2409) [ 22.360385] [ 22.360778] The buggy address belongs to the physical page: [ 22.362153] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023e2 [ 22.362793] flags: 0x200000000000000(node=0|zone=2) [ 22.363585] page_type: f5(slab) [ 22.363956] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 22.364943] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.365595] page dumped because: kasan: bad access detected [ 22.366530] [ 22.367227] Memory state around the buggy address: [ 22.368153] ffff8881023e2300: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 22.369074] ffff8881023e2380: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 22.370198] >ffff8881023e2400: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.372275] ^ [ 22.372772] ffff8881023e2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.373596] ffff8881023e2500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.374883] ================================================================== [ 22.537467] ================================================================== [ 22.538171] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 22.539094] Write of size 8 at addr ffff8881023e2408 by task kunit_try_catch/279 [ 22.540244] [ 22.540542] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 22.540673] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.540887] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.540961] Call Trace: [ 22.541014] <TASK> [ 22.541069] dump_stack_lvl+0x73/0xb0 [ 22.541180] print_report+0xd1/0x650 [ 22.541262] ? __virt_addr_valid+0x1db/0x2d0 [ 22.541381] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 22.541468] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.541707] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 22.541761] kasan_report+0x141/0x180 [ 22.541797] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 22.541843] kasan_check_range+0x10c/0x1c0 [ 22.541878] __kasan_check_write+0x18/0x20 [ 22.541907] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 22.541947] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 22.541986] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.542031] ? finish_task_switch.isra.0+0x156/0x700 [ 22.542064] ? kasan_bitops_generic+0x92/0x1c0 [ 22.542104] kasan_bitops_generic+0x116/0x1c0 [ 22.542139] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 22.542177] ? __pfx_read_tsc+0x10/0x10 [ 22.542209] ? ktime_get_ts64+0x86/0x230 [ 22.542242] kunit_try_run_case+0x1a5/0x480 [ 22.542282] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.542315] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.542398] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.542440] ? __kthread_parkme+0x82/0x180 [ 22.542467] ? preempt_count_sub+0x50/0x80 [ 22.542524] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.542622] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.542700] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.542740] kthread+0x337/0x6f0 [ 22.542769] ? trace_preempt_on+0x20/0xc0 [ 22.542803] ? __pfx_kthread+0x10/0x10 [ 22.542832] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.542864] ? calculate_sigpending+0x7b/0xa0 [ 22.542897] ? __pfx_kthread+0x10/0x10 [ 22.542927] ret_from_fork+0x116/0x1d0 [ 22.542952] ? __pfx_kthread+0x10/0x10 [ 22.542981] ret_from_fork_asm+0x1a/0x30 [ 22.543022] </TASK> [ 22.543036] [ 22.565875] Allocated by task 279: [ 22.566393] kasan_save_stack+0x45/0x70 [ 22.566977] kasan_save_track+0x18/0x40 [ 22.567516] kasan_save_alloc_info+0x3b/0x50 [ 22.568732] __kasan_kmalloc+0xb7/0xc0 [ 22.569006] __kmalloc_cache_noprof+0x189/0x420 [ 22.569793] kasan_bitops_generic+0x92/0x1c0 [ 22.570292] kunit_try_run_case+0x1a5/0x480 [ 22.570918] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.571520] kthread+0x337/0x6f0 [ 22.572469] ret_from_fork+0x116/0x1d0 [ 22.572844] ret_from_fork_asm+0x1a/0x30 [ 22.573877] [ 22.573984] The buggy address belongs to the object at ffff8881023e2400 [ 22.573984] which belongs to the cache kmalloc-16 of size 16 [ 22.575211] The buggy address is located 8 bytes inside of [ 22.575211] allocated 9-byte region [ffff8881023e2400, ffff8881023e2409) [ 22.577374] [ 22.577845] The buggy address belongs to the physical page: [ 22.578936] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023e2 [ 22.579746] flags: 0x200000000000000(node=0|zone=2) [ 22.580288] page_type: f5(slab) [ 22.580592] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 22.581258] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.581895] page dumped because: kasan: bad access detected [ 22.583247] [ 22.583637] Memory state around the buggy address: [ 22.584485] ffff8881023e2300: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 22.585599] ffff8881023e2380: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 22.586346] >ffff8881023e2400: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.587493] ^ [ 22.587960] ffff8881023e2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.589667] ffff8881023e2500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.590181] ================================================================== [ 22.644593] ================================================================== [ 22.647009] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 22.647898] Write of size 8 at addr ffff8881023e2408 by task kunit_try_catch/279 [ 22.648416] [ 22.648655] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 22.648786] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.648826] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.648889] Call Trace: [ 22.648941] <TASK> [ 22.648994] dump_stack_lvl+0x73/0xb0 [ 22.649151] print_report+0xd1/0x650 [ 22.649241] ? __virt_addr_valid+0x1db/0x2d0 [ 22.649322] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 22.649437] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.649535] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 22.649663] kasan_report+0x141/0x180 [ 22.649730] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 22.649820] kasan_check_range+0x10c/0x1c0 [ 22.649901] __kasan_check_write+0x18/0x20 [ 22.649968] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 22.650045] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 22.650125] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.650217] ? finish_task_switch.isra.0+0x156/0x700 [ 22.650294] ? kasan_bitops_generic+0x92/0x1c0 [ 22.650382] kasan_bitops_generic+0x116/0x1c0 [ 22.650457] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 22.650529] ? __pfx_read_tsc+0x10/0x10 [ 22.650869] ? ktime_get_ts64+0x86/0x230 [ 22.650911] kunit_try_run_case+0x1a5/0x480 [ 22.650952] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.650987] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.651020] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.651054] ? __kthread_parkme+0x82/0x180 [ 22.651080] ? preempt_count_sub+0x50/0x80 [ 22.651110] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.651145] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.651178] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.651214] kthread+0x337/0x6f0 [ 22.651284] ? trace_preempt_on+0x20/0xc0 [ 22.651324] ? __pfx_kthread+0x10/0x10 [ 22.651353] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.651384] ? calculate_sigpending+0x7b/0xa0 [ 22.651417] ? __pfx_kthread+0x10/0x10 [ 22.651446] ret_from_fork+0x116/0x1d0 [ 22.651471] ? __pfx_kthread+0x10/0x10 [ 22.651523] ret_from_fork_asm+0x1a/0x30 [ 22.651643] </TASK> [ 22.651688] [ 22.675477] Allocated by task 279: [ 22.676180] kasan_save_stack+0x45/0x70 [ 22.676661] kasan_save_track+0x18/0x40 [ 22.677406] kasan_save_alloc_info+0x3b/0x50 [ 22.678064] __kasan_kmalloc+0xb7/0xc0 [ 22.679015] __kmalloc_cache_noprof+0x189/0x420 [ 22.679599] kasan_bitops_generic+0x92/0x1c0 [ 22.680076] kunit_try_run_case+0x1a5/0x480 [ 22.680530] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.681159] kthread+0x337/0x6f0 [ 22.681688] ret_from_fork+0x116/0x1d0 [ 22.682032] ret_from_fork_asm+0x1a/0x30 [ 22.682576] [ 22.682807] The buggy address belongs to the object at ffff8881023e2400 [ 22.682807] which belongs to the cache kmalloc-16 of size 16 [ 22.683881] The buggy address is located 8 bytes inside of [ 22.683881] allocated 9-byte region [ffff8881023e2400, ffff8881023e2409) [ 22.685517] [ 22.685831] The buggy address belongs to the physical page: [ 22.686380] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023e2 [ 22.687077] flags: 0x200000000000000(node=0|zone=2) [ 22.687715] page_type: f5(slab) [ 22.688097] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 22.688729] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.689652] page dumped because: kasan: bad access detected [ 22.690103] [ 22.690408] Memory state around the buggy address: [ 22.691096] ffff8881023e2300: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 22.691859] ffff8881023e2380: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 22.692917] >ffff8881023e2400: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.694403] ^ [ 22.695928] ffff8881023e2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.697783] ffff8881023e2500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.698962] ================================================================== [ 22.489783] ================================================================== [ 22.490363] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 22.490976] Write of size 8 at addr ffff8881023e2408 by task kunit_try_catch/279 [ 22.491471] [ 22.491764] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 22.491894] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.491936] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.492000] Call Trace: [ 22.492050] <TASK> [ 22.492103] dump_stack_lvl+0x73/0xb0 [ 22.492197] print_report+0xd1/0x650 [ 22.492269] ? __virt_addr_valid+0x1db/0x2d0 [ 22.492349] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 22.492432] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.493302] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 22.493398] kasan_report+0x141/0x180 [ 22.493480] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 22.493737] kasan_check_range+0x10c/0x1c0 [ 22.493819] __kasan_check_write+0x18/0x20 [ 22.493887] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 22.493971] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 22.494058] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.494155] ? finish_task_switch.isra.0+0x156/0x700 [ 22.494232] ? kasan_bitops_generic+0x92/0x1c0 [ 22.494320] kasan_bitops_generic+0x116/0x1c0 [ 22.494366] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 22.494403] ? __pfx_read_tsc+0x10/0x10 [ 22.494436] ? ktime_get_ts64+0x86/0x230 [ 22.494471] kunit_try_run_case+0x1a5/0x480 [ 22.494543] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.494669] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.494713] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.494752] ? __kthread_parkme+0x82/0x180 [ 22.494783] ? preempt_count_sub+0x50/0x80 [ 22.494815] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.494851] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.494886] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.494920] kthread+0x337/0x6f0 [ 22.494949] ? trace_preempt_on+0x20/0xc0 [ 22.494986] ? __pfx_kthread+0x10/0x10 [ 22.495015] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.495046] ? calculate_sigpending+0x7b/0xa0 [ 22.495081] ? __pfx_kthread+0x10/0x10 [ 22.495110] ret_from_fork+0x116/0x1d0 [ 22.495138] ? __pfx_kthread+0x10/0x10 [ 22.495166] ret_from_fork_asm+0x1a/0x30 [ 22.495208] </TASK> [ 22.495241] [ 22.515925] Allocated by task 279: [ 22.516401] kasan_save_stack+0x45/0x70 [ 22.517044] kasan_save_track+0x18/0x40 [ 22.517521] kasan_save_alloc_info+0x3b/0x50 [ 22.518699] __kasan_kmalloc+0xb7/0xc0 [ 22.519113] __kmalloc_cache_noprof+0x189/0x420 [ 22.519743] kasan_bitops_generic+0x92/0x1c0 [ 22.520121] kunit_try_run_case+0x1a5/0x480 [ 22.520651] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.521191] kthread+0x337/0x6f0 [ 22.522084] ret_from_fork+0x116/0x1d0 [ 22.522725] ret_from_fork_asm+0x1a/0x30 [ 22.523184] [ 22.523447] The buggy address belongs to the object at ffff8881023e2400 [ 22.523447] which belongs to the cache kmalloc-16 of size 16 [ 22.524719] The buggy address is located 8 bytes inside of [ 22.524719] allocated 9-byte region [ffff8881023e2400, ffff8881023e2409) [ 22.526245] [ 22.526451] The buggy address belongs to the physical page: [ 22.526951] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023e2 [ 22.527671] flags: 0x200000000000000(node=0|zone=2) [ 22.528086] page_type: f5(slab) [ 22.528466] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 22.529404] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.530926] page dumped because: kasan: bad access detected [ 22.531476] [ 22.531849] Memory state around the buggy address: [ 22.532269] ffff8881023e2300: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 22.533032] ffff8881023e2380: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 22.533695] >ffff8881023e2400: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.534224] ^ [ 22.534614] ffff8881023e2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.535179] ffff8881023e2500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.536344] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 22.263867] ================================================================== [ 22.264661] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 22.265380] Read of size 1 at addr ffff8881039d7c90 by task kunit_try_catch/277 [ 22.265927] [ 22.266202] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 22.266519] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.266562] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.266626] Call Trace: [ 22.266678] <TASK> [ 22.266728] dump_stack_lvl+0x73/0xb0 [ 22.266821] print_report+0xd1/0x650 [ 22.266905] ? __virt_addr_valid+0x1db/0x2d0 [ 22.266983] ? strnlen+0x73/0x80 [ 22.267033] ? kasan_complete_mode_report_info+0x64/0x200 [ 22.267068] ? strnlen+0x73/0x80 [ 22.267095] kasan_report+0x141/0x180 [ 22.267129] ? strnlen+0x73/0x80 [ 22.267186] __asan_report_load1_noabort+0x18/0x20 [ 22.267286] strnlen+0x73/0x80 [ 22.267319] kasan_strings+0x615/0xe80 [ 22.267352] ? __pfx_kasan_strings+0x10/0x10 [ 22.267384] ? __schedule+0x207f/0x2b60 [ 22.267413] ? schedule+0x7c/0x2e0 [ 22.267442] ? trace_hardirqs_on+0x37/0xe0 [ 22.267476] ? __schedule+0x207f/0x2b60 [ 22.267534] ? __pfx_read_tsc+0x10/0x10 [ 22.267570] ? ktime_get_ts64+0x86/0x230 [ 22.267605] kunit_try_run_case+0x1a5/0x480 [ 22.267644] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.267680] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.267714] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.267748] ? __kthread_parkme+0x82/0x180 [ 22.267777] ? preempt_count_sub+0x50/0x80 [ 22.267808] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.267845] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.267880] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.267915] kthread+0x337/0x6f0 [ 22.267942] ? trace_preempt_on+0x20/0xc0 [ 22.267974] ? __pfx_kthread+0x10/0x10 [ 22.268004] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.268034] ? calculate_sigpending+0x7b/0xa0 [ 22.268070] ? __pfx_kthread+0x10/0x10 [ 22.268099] ret_from_fork+0x116/0x1d0 [ 22.268125] ? __pfx_kthread+0x10/0x10 [ 22.268153] ret_from_fork_asm+0x1a/0x30 [ 22.268196] </TASK> [ 22.268210] [ 22.286571] Allocated by task 277: [ 22.287313] kasan_save_stack+0x45/0x70 [ 22.287829] kasan_save_track+0x18/0x40 [ 22.288142] kasan_save_alloc_info+0x3b/0x50 [ 22.288611] __kasan_kmalloc+0xb7/0xc0 [ 22.289102] __kmalloc_cache_noprof+0x189/0x420 [ 22.289679] kasan_strings+0xc0/0xe80 [ 22.290061] kunit_try_run_case+0x1a5/0x480 [ 22.290427] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.291236] kthread+0x337/0x6f0 [ 22.291676] ret_from_fork+0x116/0x1d0 [ 22.291992] ret_from_fork_asm+0x1a/0x30 [ 22.292327] [ 22.292595] Freed by task 277: [ 22.293001] kasan_save_stack+0x45/0x70 [ 22.293730] kasan_save_track+0x18/0x40 [ 22.294166] kasan_save_free_info+0x3f/0x60 [ 22.294595] __kasan_slab_free+0x56/0x70 [ 22.295059] kfree+0x222/0x3f0 [ 22.295595] kasan_strings+0x2aa/0xe80 [ 22.296070] kunit_try_run_case+0x1a5/0x480 [ 22.296760] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.297314] kthread+0x337/0x6f0 [ 22.297905] ret_from_fork+0x116/0x1d0 [ 22.298461] ret_from_fork_asm+0x1a/0x30 [ 22.298825] [ 22.299020] The buggy address belongs to the object at ffff8881039d7c80 [ 22.299020] which belongs to the cache kmalloc-32 of size 32 [ 22.300458] The buggy address is located 16 bytes inside of [ 22.300458] freed 32-byte region [ffff8881039d7c80, ffff8881039d7ca0) [ 22.301841] [ 22.302089] The buggy address belongs to the physical page: [ 22.302801] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d7 [ 22.303676] flags: 0x200000000000000(node=0|zone=2) [ 22.304269] page_type: f5(slab) [ 22.304699] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 22.305256] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 22.306079] page dumped because: kasan: bad access detected [ 22.306451] [ 22.306826] Memory state around the buggy address: [ 22.307655] ffff8881039d7b80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 22.308322] ffff8881039d7c00: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 22.308933] >ffff8881039d7c80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 22.309379] ^ [ 22.309863] ffff8881039d7d00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 22.310806] ffff8881039d7d80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 22.311449] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strlen
[ 22.214175] ================================================================== [ 22.215692] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 22.216205] Read of size 1 at addr ffff8881039d7c90 by task kunit_try_catch/277 [ 22.216767] [ 22.216993] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 22.217162] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.217205] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.217284] Call Trace: [ 22.217338] <TASK> [ 22.217390] dump_stack_lvl+0x73/0xb0 [ 22.217480] print_report+0xd1/0x650 [ 22.217603] ? __virt_addr_valid+0x1db/0x2d0 [ 22.217741] ? strlen+0x8f/0xb0 [ 22.217811] ? kasan_complete_mode_report_info+0x64/0x200 [ 22.217927] ? strlen+0x8f/0xb0 [ 22.218028] kasan_report+0x141/0x180 [ 22.218109] ? strlen+0x8f/0xb0 [ 22.218187] __asan_report_load1_noabort+0x18/0x20 [ 22.218305] strlen+0x8f/0xb0 [ 22.218381] kasan_strings+0x57b/0xe80 [ 22.218457] ? __pfx_kasan_strings+0x10/0x10 [ 22.218547] ? __schedule+0x207f/0x2b60 [ 22.218619] ? schedule+0x7c/0x2e0 [ 22.218672] ? trace_hardirqs_on+0x37/0xe0 [ 22.218711] ? __schedule+0x207f/0x2b60 [ 22.218742] ? __pfx_read_tsc+0x10/0x10 [ 22.218775] ? ktime_get_ts64+0x86/0x230 [ 22.218808] kunit_try_run_case+0x1a5/0x480 [ 22.218849] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.218889] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.218924] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.218960] ? __kthread_parkme+0x82/0x180 [ 22.218990] ? preempt_count_sub+0x50/0x80 [ 22.219022] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.219059] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.219097] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.219132] kthread+0x337/0x6f0 [ 22.219160] ? trace_preempt_on+0x20/0xc0 [ 22.219194] ? __pfx_kthread+0x10/0x10 [ 22.219224] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.219301] ? calculate_sigpending+0x7b/0xa0 [ 22.219342] ? __pfx_kthread+0x10/0x10 [ 22.219373] ret_from_fork+0x116/0x1d0 [ 22.219400] ? __pfx_kthread+0x10/0x10 [ 22.219431] ret_from_fork_asm+0x1a/0x30 [ 22.219473] </TASK> [ 22.219488] [ 22.236862] Allocated by task 277: [ 22.237589] kasan_save_stack+0x45/0x70 [ 22.238237] kasan_save_track+0x18/0x40 [ 22.238803] kasan_save_alloc_info+0x3b/0x50 [ 22.239165] __kasan_kmalloc+0xb7/0xc0 [ 22.239691] __kmalloc_cache_noprof+0x189/0x420 [ 22.240189] kasan_strings+0xc0/0xe80 [ 22.240724] kunit_try_run_case+0x1a5/0x480 [ 22.241225] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.241875] kthread+0x337/0x6f0 [ 22.242394] ret_from_fork+0x116/0x1d0 [ 22.242750] ret_from_fork_asm+0x1a/0x30 [ 22.243074] [ 22.243264] Freed by task 277: [ 22.243791] kasan_save_stack+0x45/0x70 [ 22.244602] kasan_save_track+0x18/0x40 [ 22.245107] kasan_save_free_info+0x3f/0x60 [ 22.245664] __kasan_slab_free+0x56/0x70 [ 22.246179] kfree+0x222/0x3f0 [ 22.246666] kasan_strings+0x2aa/0xe80 [ 22.247100] kunit_try_run_case+0x1a5/0x480 [ 22.247543] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.247928] kthread+0x337/0x6f0 [ 22.248219] ret_from_fork+0x116/0x1d0 [ 22.248730] ret_from_fork_asm+0x1a/0x30 [ 22.249163] [ 22.249517] The buggy address belongs to the object at ffff8881039d7c80 [ 22.249517] which belongs to the cache kmalloc-32 of size 32 [ 22.250952] The buggy address is located 16 bytes inside of [ 22.250952] freed 32-byte region [ffff8881039d7c80, ffff8881039d7ca0) [ 22.251962] [ 22.252279] The buggy address belongs to the physical page: [ 22.253013] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d7 [ 22.253713] flags: 0x200000000000000(node=0|zone=2) [ 22.254117] page_type: f5(slab) [ 22.254403] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 22.255086] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 22.256004] page dumped because: kasan: bad access detected [ 22.256593] [ 22.256898] Memory state around the buggy address: [ 22.257559] ffff8881039d7b80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 22.258325] ffff8881039d7c00: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 22.259387] >ffff8881039d7c80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 22.259850] ^ [ 22.260064] ffff8881039d7d00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 22.260524] ffff8881039d7d80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 22.261692] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 22.158986] ================================================================== [ 22.160142] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 22.160813] Read of size 1 at addr ffff8881039d7c90 by task kunit_try_catch/277 [ 22.161244] [ 22.161464] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 22.161601] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.161655] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.161715] Call Trace: [ 22.161752] <TASK> [ 22.161795] dump_stack_lvl+0x73/0xb0 [ 22.161882] print_report+0xd1/0x650 [ 22.161958] ? __virt_addr_valid+0x1db/0x2d0 [ 22.162029] ? kasan_strings+0xcbc/0xe80 [ 22.162093] ? kasan_complete_mode_report_info+0x64/0x200 [ 22.162161] ? kasan_strings+0xcbc/0xe80 [ 22.162228] kasan_report+0x141/0x180 [ 22.162292] ? kasan_strings+0xcbc/0xe80 [ 22.162356] __asan_report_load1_noabort+0x18/0x20 [ 22.162420] kasan_strings+0xcbc/0xe80 [ 22.162478] ? __pfx_kasan_strings+0x10/0x10 [ 22.162991] ? __schedule+0x207f/0x2b60 [ 22.163428] ? schedule+0x7c/0x2e0 [ 22.163526] ? trace_hardirqs_on+0x37/0xe0 [ 22.163652] ? __schedule+0x207f/0x2b60 [ 22.163728] ? __pfx_read_tsc+0x10/0x10 [ 22.163799] ? ktime_get_ts64+0x86/0x230 [ 22.163877] kunit_try_run_case+0x1a5/0x480 [ 22.163960] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.164036] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.164110] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.164186] ? __kthread_parkme+0x82/0x180 [ 22.164299] ? preempt_count_sub+0x50/0x80 [ 22.164372] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.164440] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.164517] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.164586] kthread+0x337/0x6f0 [ 22.164635] ? trace_preempt_on+0x20/0xc0 [ 22.164692] ? __pfx_kthread+0x10/0x10 [ 22.164742] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.164794] ? calculate_sigpending+0x7b/0xa0 [ 22.164848] ? __pfx_kthread+0x10/0x10 [ 22.164900] ret_from_fork+0x116/0x1d0 [ 22.164944] ? __pfx_kthread+0x10/0x10 [ 22.164993] ret_from_fork_asm+0x1a/0x30 [ 22.165062] </TASK> [ 22.165090] [ 22.189451] Allocated by task 277: [ 22.189885] kasan_save_stack+0x45/0x70 [ 22.190456] kasan_save_track+0x18/0x40 [ 22.190907] kasan_save_alloc_info+0x3b/0x50 [ 22.191430] __kasan_kmalloc+0xb7/0xc0 [ 22.191861] __kmalloc_cache_noprof+0x189/0x420 [ 22.192427] kasan_strings+0xc0/0xe80 [ 22.192853] kunit_try_run_case+0x1a5/0x480 [ 22.193378] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.194006] kthread+0x337/0x6f0 [ 22.194433] ret_from_fork+0x116/0x1d0 [ 22.194870] ret_from_fork_asm+0x1a/0x30 [ 22.195427] [ 22.195672] Freed by task 277: [ 22.195950] kasan_save_stack+0x45/0x70 [ 22.196380] kasan_save_track+0x18/0x40 [ 22.196867] kasan_save_free_info+0x3f/0x60 [ 22.197206] __kasan_slab_free+0x56/0x70 [ 22.197663] kfree+0x222/0x3f0 [ 22.198122] kasan_strings+0x2aa/0xe80 [ 22.198679] kunit_try_run_case+0x1a5/0x480 [ 22.199189] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.199756] kthread+0x337/0x6f0 [ 22.200188] ret_from_fork+0x116/0x1d0 [ 22.200738] ret_from_fork_asm+0x1a/0x30 [ 22.201165] [ 22.201443] The buggy address belongs to the object at ffff8881039d7c80 [ 22.201443] which belongs to the cache kmalloc-32 of size 32 [ 22.202311] The buggy address is located 16 bytes inside of [ 22.202311] freed 32-byte region [ffff8881039d7c80, ffff8881039d7ca0) [ 22.203203] [ 22.203541] The buggy address belongs to the physical page: [ 22.204121] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d7 [ 22.204896] flags: 0x200000000000000(node=0|zone=2) [ 22.205529] page_type: f5(slab) [ 22.205845] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 22.206393] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 22.207158] page dumped because: kasan: bad access detected [ 22.207748] [ 22.208015] Memory state around the buggy address: [ 22.208469] ffff8881039d7b80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 22.209153] ffff8881039d7c00: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 22.209789] >ffff8881039d7c80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 22.210308] ^ [ 22.210835] ffff8881039d7d00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 22.211452] ffff8881039d7d80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 22.212118] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 22.099975] ================================================================== [ 22.102048] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 22.102647] Read of size 1 at addr ffff8881039d7c90 by task kunit_try_catch/277 [ 22.103260] [ 22.104331] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 22.104475] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.104824] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.104889] Call Trace: [ 22.104916] <TASK> [ 22.104943] dump_stack_lvl+0x73/0xb0 [ 22.104998] print_report+0xd1/0x650 [ 22.105037] ? __virt_addr_valid+0x1db/0x2d0 [ 22.105072] ? strcmp+0xb0/0xc0 [ 22.105098] ? kasan_complete_mode_report_info+0x64/0x200 [ 22.105130] ? strcmp+0xb0/0xc0 [ 22.105155] kasan_report+0x141/0x180 [ 22.105186] ? strcmp+0xb0/0xc0 [ 22.105216] __asan_report_load1_noabort+0x18/0x20 [ 22.105300] strcmp+0xb0/0xc0 [ 22.105330] kasan_strings+0x431/0xe80 [ 22.105364] ? __pfx_kasan_strings+0x10/0x10 [ 22.105393] ? __schedule+0x207f/0x2b60 [ 22.105424] ? schedule+0x7c/0x2e0 [ 22.105453] ? trace_hardirqs_on+0x37/0xe0 [ 22.105488] ? __schedule+0x207f/0x2b60 [ 22.105562] ? __pfx_read_tsc+0x10/0x10 [ 22.105699] ? ktime_get_ts64+0x86/0x230 [ 22.105754] kunit_try_run_case+0x1a5/0x480 [ 22.105798] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.105834] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.105872] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.105906] ? __kthread_parkme+0x82/0x180 [ 22.105935] ? preempt_count_sub+0x50/0x80 [ 22.105966] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.106003] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.106036] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.106073] kthread+0x337/0x6f0 [ 22.106100] ? trace_preempt_on+0x20/0xc0 [ 22.106134] ? __pfx_kthread+0x10/0x10 [ 22.106163] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.106196] ? calculate_sigpending+0x7b/0xa0 [ 22.106282] ? __pfx_kthread+0x10/0x10 [ 22.106321] ret_from_fork+0x116/0x1d0 [ 22.106351] ? __pfx_kthread+0x10/0x10 [ 22.106381] ret_from_fork_asm+0x1a/0x30 [ 22.106424] </TASK> [ 22.106440] [ 22.128964] Allocated by task 277: [ 22.129416] kasan_save_stack+0x45/0x70 [ 22.129950] kasan_save_track+0x18/0x40 [ 22.130268] kasan_save_alloc_info+0x3b/0x50 [ 22.130739] __kasan_kmalloc+0xb7/0xc0 [ 22.131162] __kmalloc_cache_noprof+0x189/0x420 [ 22.132045] kasan_strings+0xc0/0xe80 [ 22.132514] kunit_try_run_case+0x1a5/0x480 [ 22.132859] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.134276] kthread+0x337/0x6f0 [ 22.134880] ret_from_fork+0x116/0x1d0 [ 22.135288] ret_from_fork_asm+0x1a/0x30 [ 22.135958] [ 22.136144] Freed by task 277: [ 22.136421] kasan_save_stack+0x45/0x70 [ 22.136870] kasan_save_track+0x18/0x40 [ 22.137399] kasan_save_free_info+0x3f/0x60 [ 22.137859] __kasan_slab_free+0x56/0x70 [ 22.138241] kfree+0x222/0x3f0 [ 22.138558] kasan_strings+0x2aa/0xe80 [ 22.139866] kunit_try_run_case+0x1a5/0x480 [ 22.140343] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.141202] kthread+0x337/0x6f0 [ 22.141731] ret_from_fork+0x116/0x1d0 [ 22.142107] ret_from_fork_asm+0x1a/0x30 [ 22.143110] [ 22.143420] The buggy address belongs to the object at ffff8881039d7c80 [ 22.143420] which belongs to the cache kmalloc-32 of size 32 [ 22.144366] The buggy address is located 16 bytes inside of [ 22.144366] freed 32-byte region [ffff8881039d7c80, ffff8881039d7ca0) [ 22.145542] [ 22.145835] The buggy address belongs to the physical page: [ 22.146445] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d7 [ 22.147474] flags: 0x200000000000000(node=0|zone=2) [ 22.148037] page_type: f5(slab) [ 22.148408] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 22.149706] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 22.150294] page dumped because: kasan: bad access detected [ 22.151314] [ 22.151530] Memory state around the buggy address: [ 22.152089] ffff8881039d7b80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 22.152662] ffff8881039d7c00: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 22.153189] >ffff8881039d7c80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 22.153966] ^ [ 22.154333] ffff8881039d7d00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 22.155760] ffff8881039d7d80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 22.156257] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 22.041476] ================================================================== [ 22.042474] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 22.042953] Read of size 1 at addr ffff888101b3bed8 by task kunit_try_catch/275 [ 22.043604] [ 22.043843] CPU: 1 UID: 0 PID: 275 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 22.043970] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.044010] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.044072] Call Trace: [ 22.044108] <TASK> [ 22.044161] dump_stack_lvl+0x73/0xb0 [ 22.044253] print_report+0xd1/0x650 [ 22.044342] ? __virt_addr_valid+0x1db/0x2d0 [ 22.044430] ? memcmp+0x1b4/0x1d0 [ 22.044550] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.044637] ? memcmp+0x1b4/0x1d0 [ 22.044705] kasan_report+0x141/0x180 [ 22.044777] ? memcmp+0x1b4/0x1d0 [ 22.044856] __asan_report_load1_noabort+0x18/0x20 [ 22.044935] memcmp+0x1b4/0x1d0 [ 22.045007] kasan_memcmp+0x18f/0x390 [ 22.045084] ? trace_hardirqs_on+0x37/0xe0 [ 22.045162] ? __pfx_kasan_memcmp+0x10/0x10 [ 22.045271] ? finish_task_switch.isra.0+0x153/0x700 [ 22.045356] ? __switch_to+0x47/0xf50 [ 22.045449] ? __pfx_read_tsc+0x10/0x10 [ 22.045539] ? ktime_get_ts64+0x86/0x230 [ 22.045607] kunit_try_run_case+0x1a5/0x480 [ 22.045667] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.045705] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.045743] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.045778] ? __kthread_parkme+0x82/0x180 [ 22.045808] ? preempt_count_sub+0x50/0x80 [ 22.045841] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.045877] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.045912] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.045949] kthread+0x337/0x6f0 [ 22.045978] ? trace_preempt_on+0x20/0xc0 [ 22.046013] ? __pfx_kthread+0x10/0x10 [ 22.046044] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.046075] ? calculate_sigpending+0x7b/0xa0 [ 22.046112] ? __pfx_kthread+0x10/0x10 [ 22.046144] ret_from_fork+0x116/0x1d0 [ 22.046170] ? __pfx_kthread+0x10/0x10 [ 22.046199] ret_from_fork_asm+0x1a/0x30 [ 22.046299] </TASK> [ 22.046319] [ 22.065819] Allocated by task 275: [ 22.066389] kasan_save_stack+0x45/0x70 [ 22.067251] kasan_save_track+0x18/0x40 [ 22.068325] kasan_save_alloc_info+0x3b/0x50 [ 22.068748] __kasan_kmalloc+0xb7/0xc0 [ 22.069158] __kmalloc_cache_noprof+0x189/0x420 [ 22.069878] kasan_memcmp+0xb7/0x390 [ 22.070214] kunit_try_run_case+0x1a5/0x480 [ 22.070734] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.071265] kthread+0x337/0x6f0 [ 22.071718] ret_from_fork+0x116/0x1d0 [ 22.072110] ret_from_fork_asm+0x1a/0x30 [ 22.072592] [ 22.072875] The buggy address belongs to the object at ffff888101b3bec0 [ 22.072875] which belongs to the cache kmalloc-32 of size 32 [ 22.073814] The buggy address is located 0 bytes to the right of [ 22.073814] allocated 24-byte region [ffff888101b3bec0, ffff888101b3bed8) [ 22.074951] [ 22.075202] The buggy address belongs to the physical page: [ 22.075842] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3b [ 22.076684] flags: 0x200000000000000(node=0|zone=2) [ 22.077052] page_type: f5(slab) [ 22.077340] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 22.078159] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 22.079213] page dumped because: kasan: bad access detected [ 22.079964] [ 22.080145] Memory state around the buggy address: [ 22.080669] ffff888101b3bd80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 22.081590] ffff888101b3be00: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 22.082186] >ffff888101b3be80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 22.082945] ^ [ 22.083407] ffff888101b3bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.084272] ffff888101b3bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.084936] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 21.982410] ================================================================== [ 21.983369] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 21.984344] Read of size 1 at addr ffff888103b0fc4a by task kunit_try_catch/271 [ 21.985829] [ 21.986280] CPU: 0 UID: 0 PID: 271 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 21.986402] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.986439] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.986595] Call Trace: [ 21.986666] <TASK> [ 21.986716] dump_stack_lvl+0x73/0xb0 [ 21.986811] print_report+0xd1/0x650 [ 21.986884] ? __virt_addr_valid+0x1db/0x2d0 [ 21.986962] ? kasan_alloca_oob_right+0x329/0x390 [ 21.987037] ? kasan_addr_to_slab+0x11/0xa0 [ 21.987111] ? kasan_alloca_oob_right+0x329/0x390 [ 21.987200] kasan_report+0x141/0x180 [ 21.987405] ? kasan_alloca_oob_right+0x329/0x390 [ 21.987515] __asan_report_load1_noabort+0x18/0x20 [ 21.987692] kasan_alloca_oob_right+0x329/0x390 [ 21.987729] ? __kasan_check_write+0x18/0x20 [ 21.987762] ? __pfx_sched_clock_cpu+0x10/0x10 [ 21.987796] ? finish_task_switch.isra.0+0x153/0x700 [ 21.987829] ? __mutex_lock.constprop.0+0x93e/0x1280 [ 21.987867] ? trace_hardirqs_on+0x37/0xe0 [ 21.987902] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 21.987938] ? __schedule+0x10cc/0x2b60 [ 21.987969] ? __pfx_read_tsc+0x10/0x10 [ 21.987998] ? ktime_get_ts64+0x86/0x230 [ 21.988031] kunit_try_run_case+0x1a5/0x480 [ 21.988068] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.988102] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.988135] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.988169] ? __kthread_parkme+0x82/0x180 [ 21.988197] ? preempt_count_sub+0x50/0x80 [ 21.988236] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.988312] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.988350] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.988386] kthread+0x337/0x6f0 [ 21.988413] ? trace_preempt_on+0x20/0xc0 [ 21.988446] ? __pfx_kthread+0x10/0x10 [ 21.988475] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.988531] ? calculate_sigpending+0x7b/0xa0 [ 21.988616] ? __pfx_kthread+0x10/0x10 [ 21.988650] ret_from_fork+0x116/0x1d0 [ 21.988677] ? __pfx_kthread+0x10/0x10 [ 21.988708] ret_from_fork_asm+0x1a/0x30 [ 21.988751] </TASK> [ 21.988768] [ 22.013161] The buggy address belongs to stack of task kunit_try_catch/271 [ 22.014383] [ 22.015103] The buggy address belongs to the physical page: [ 22.015905] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b0f [ 22.016569] flags: 0x200000000000000(node=0|zone=2) [ 22.017008] raw: 0200000000000000 ffffea00040ec3c8 ffffea00040ec3c8 0000000000000000 [ 22.017840] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 22.018489] page dumped because: kasan: bad access detected [ 22.019519] [ 22.019702] Memory state around the buggy address: [ 22.020191] ffff888103b0fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.021096] ffff888103b0fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.022065] >ffff888103b0fc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 22.022607] ^ [ 22.023240] ffff888103b0fc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 22.023904] ffff888103b0fd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 22.024437] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 21.932366] ================================================================== [ 21.933253] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 21.934063] Read of size 1 at addr ffff888103b17c3f by task kunit_try_catch/269 [ 21.935086] [ 21.935403] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 21.935556] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.935595] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.935765] Call Trace: [ 21.935809] <TASK> [ 21.935864] dump_stack_lvl+0x73/0xb0 [ 21.935958] print_report+0xd1/0x650 [ 21.936040] ? __virt_addr_valid+0x1db/0x2d0 [ 21.936123] ? kasan_alloca_oob_left+0x320/0x380 [ 21.936195] ? kasan_addr_to_slab+0x11/0xa0 [ 21.936271] ? kasan_alloca_oob_left+0x320/0x380 [ 21.936347] kasan_report+0x141/0x180 [ 21.936430] ? kasan_alloca_oob_left+0x320/0x380 [ 21.936535] __asan_report_load1_noabort+0x18/0x20 [ 21.936643] kasan_alloca_oob_left+0x320/0x380 [ 21.936714] ? __kasan_check_write+0x18/0x20 [ 21.936786] ? __pfx_sched_clock_cpu+0x10/0x10 [ 21.936862] ? finish_task_switch.isra.0+0x153/0x700 [ 21.936936] ? __mutex_lock.constprop.0+0x93e/0x1280 [ 21.937024] ? trace_hardirqs_on+0x37/0xe0 [ 21.937111] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 21.937195] ? __schedule+0x10cc/0x2b60 [ 21.937365] ? __pfx_read_tsc+0x10/0x10 [ 21.937426] ? ktime_get_ts64+0x86/0x230 [ 21.937464] kunit_try_run_case+0x1a5/0x480 [ 21.937530] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.937666] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.937741] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.937810] ? __kthread_parkme+0x82/0x180 [ 21.937870] ? preempt_count_sub+0x50/0x80 [ 21.937938] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.938008] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.938075] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.938146] kthread+0x337/0x6f0 [ 21.938180] ? trace_preempt_on+0x20/0xc0 [ 21.938215] ? __pfx_kthread+0x10/0x10 [ 21.938296] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.938332] ? calculate_sigpending+0x7b/0xa0 [ 21.938370] ? __pfx_kthread+0x10/0x10 [ 21.938400] ret_from_fork+0x116/0x1d0 [ 21.938427] ? __pfx_kthread+0x10/0x10 [ 21.938455] ret_from_fork_asm+0x1a/0x30 [ 21.938523] </TASK> [ 21.938555] [ 21.962430] The buggy address belongs to stack of task kunit_try_catch/269 [ 21.963189] [ 21.963906] The buggy address belongs to the physical page: [ 21.964415] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b17 [ 21.965083] flags: 0x200000000000000(node=0|zone=2) [ 21.966076] raw: 0200000000000000 ffffea00040ec5c8 ffffea00040ec5c8 0000000000000000 [ 21.967052] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 21.968075] page dumped because: kasan: bad access detected [ 21.969198] [ 21.969563] Memory state around the buggy address: [ 21.970439] ffff888103b17b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.971313] ffff888103b17b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.972220] >ffff888103b17c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 21.972991] ^ [ 21.974245] ffff888103b17c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 21.974931] ffff888103b17d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 21.975196] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 21.870801] ================================================================== [ 21.872294] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 21.873964] Read of size 1 at addr ffff888103b07d02 by task kunit_try_catch/267 [ 21.874535] [ 21.874869] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 21.875003] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.875043] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.875108] Call Trace: [ 21.875151] <TASK> [ 21.875201] dump_stack_lvl+0x73/0xb0 [ 21.875296] print_report+0xd1/0x650 [ 21.875362] ? __virt_addr_valid+0x1db/0x2d0 [ 21.875432] ? kasan_stack_oob+0x2b5/0x300 [ 21.875492] ? kasan_addr_to_slab+0x11/0xa0 [ 21.875573] ? kasan_stack_oob+0x2b5/0x300 [ 21.875633] kasan_report+0x141/0x180 [ 21.875695] ? kasan_stack_oob+0x2b5/0x300 [ 21.875771] __asan_report_load1_noabort+0x18/0x20 [ 21.875854] kasan_stack_oob+0x2b5/0x300 [ 21.875929] ? __pfx_kasan_stack_oob+0x10/0x10 [ 21.875997] ? finish_task_switch.isra.0+0x153/0x700 [ 21.876073] ? __switch_to+0x47/0xf50 [ 21.876318] ? __schedule+0x10cc/0x2b60 [ 21.876389] ? __pfx_read_tsc+0x10/0x10 [ 21.876423] ? ktime_get_ts64+0x86/0x230 [ 21.876460] kunit_try_run_case+0x1a5/0x480 [ 21.876530] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.876656] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.876709] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.876745] ? __kthread_parkme+0x82/0x180 [ 21.876775] ? preempt_count_sub+0x50/0x80 [ 21.876806] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.876845] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.876881] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.876917] kthread+0x337/0x6f0 [ 21.876947] ? trace_preempt_on+0x20/0xc0 [ 21.876985] ? __pfx_kthread+0x10/0x10 [ 21.877014] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.877047] ? calculate_sigpending+0x7b/0xa0 [ 21.877083] ? __pfx_kthread+0x10/0x10 [ 21.877113] ret_from_fork+0x116/0x1d0 [ 21.877139] ? __pfx_kthread+0x10/0x10 [ 21.877168] ret_from_fork_asm+0x1a/0x30 [ 21.877210] </TASK> [ 21.877245] [ 21.905190] The buggy address belongs to stack of task kunit_try_catch/267 [ 21.907746] and is located at offset 138 in frame: [ 21.909111] kasan_stack_oob+0x0/0x300 [ 21.911125] [ 21.911367] This frame has 4 objects: [ 21.911928] [48, 49) '__assertion' [ 21.911997] [64, 72) 'array' [ 21.912387] [96, 112) '__assertion' [ 21.912772] [128, 138) 'stack_array' [ 21.913543] [ 21.914925] The buggy address belongs to the physical page: [ 21.915745] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b07 [ 21.916476] flags: 0x200000000000000(node=0|zone=2) [ 21.917182] raw: 0200000000000000 ffffea00040ec1c8 ffffea00040ec1c8 0000000000000000 [ 21.918698] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 21.920110] page dumped because: kasan: bad access detected [ 21.920623] [ 21.920837] Memory state around the buggy address: [ 21.921271] ffff888103b07c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 21.922059] ffff888103b07c80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 21.922687] >ffff888103b07d00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 21.924010] ^ [ 21.924380] ffff888103b07d80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 21.924834] ffff888103b07e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.926157] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 21.819388] ================================================================== [ 21.820385] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 21.822074] Read of size 1 at addr ffffffffb5276e8d by task kunit_try_catch/263 [ 21.823292] [ 21.824043] CPU: 1 UID: 0 PID: 263 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 21.824194] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.824236] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.824326] Call Trace: [ 21.824354] <TASK> [ 21.824380] dump_stack_lvl+0x73/0xb0 [ 21.824434] print_report+0xd1/0x650 [ 21.824467] ? __virt_addr_valid+0x1db/0x2d0 [ 21.824525] ? kasan_global_oob_right+0x286/0x2d0 [ 21.824610] ? kasan_addr_to_slab+0x11/0xa0 [ 21.824678] ? kasan_global_oob_right+0x286/0x2d0 [ 21.824742] kasan_report+0x141/0x180 [ 21.824805] ? kasan_global_oob_right+0x286/0x2d0 [ 21.824872] __asan_report_load1_noabort+0x18/0x20 [ 21.824937] kasan_global_oob_right+0x286/0x2d0 [ 21.825001] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 21.825065] ? __schedule+0x10cc/0x2b60 [ 21.825132] ? __pfx_read_tsc+0x10/0x10 [ 21.825200] ? ktime_get_ts64+0x86/0x230 [ 21.825258] kunit_try_run_case+0x1a5/0x480 [ 21.825308] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.825343] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.825380] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.825415] ? __kthread_parkme+0x82/0x180 [ 21.825445] ? preempt_count_sub+0x50/0x80 [ 21.825477] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.825549] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.825652] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.825704] kthread+0x337/0x6f0 [ 21.825734] ? trace_preempt_on+0x20/0xc0 [ 21.825770] ? __pfx_kthread+0x10/0x10 [ 21.825800] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.825831] ? calculate_sigpending+0x7b/0xa0 [ 21.825866] ? __pfx_kthread+0x10/0x10 [ 21.825896] ret_from_fork+0x116/0x1d0 [ 21.825922] ? __pfx_kthread+0x10/0x10 [ 21.825950] ret_from_fork_asm+0x1a/0x30 [ 21.825993] </TASK> [ 21.826008] [ 21.847230] The buggy address belongs to the variable: [ 21.848313] global_array+0xd/0x40 [ 21.848752] [ 21.849036] The buggy address belongs to the physical page: [ 21.849542] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x40876 [ 21.850140] flags: 0x100000000002000(reserved|node=0|zone=1) [ 21.851219] raw: 0100000000002000 ffffea0001021d88 ffffea0001021d88 0000000000000000 [ 21.851836] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.852750] page dumped because: kasan: bad access detected [ 21.853427] [ 21.853803] Memory state around the buggy address: [ 21.854632] ffffffffb5276d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.856074] ffffffffb5276e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.856896] >ffffffffb5276e80: 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 21.857901] ^ [ 21.858275] ffffffffb5276f00: 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 [ 21.859173] ffffffffb5276f80: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 21.859975] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 21.702120] ================================================================== [ 21.703752] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 21.704522] Free of addr ffff888101b3e701 by task kunit_try_catch/259 [ 21.705796] [ 21.706271] CPU: 1 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 21.706521] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.706609] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.706672] Call Trace: [ 21.706711] <TASK> [ 21.706755] dump_stack_lvl+0x73/0xb0 [ 21.706824] print_report+0xd1/0x650 [ 21.706861] ? __virt_addr_valid+0x1db/0x2d0 [ 21.706898] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.706929] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 21.706965] kasan_report_invalid_free+0x10a/0x130 [ 21.707000] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 21.707039] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 21.707075] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 21.707110] check_slab_allocation+0x11f/0x130 [ 21.707139] __kasan_mempool_poison_object+0x91/0x1d0 [ 21.707173] mempool_free+0x2ec/0x380 [ 21.707203] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 21.707284] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 21.707332] ? kasan_save_track+0x18/0x40 [ 21.707359] ? kasan_save_alloc_info+0x3b/0x50 [ 21.707393] ? kasan_save_stack+0x45/0x70 [ 21.707422] ? mempool_alloc_preallocated+0x5b/0x90 [ 21.707454] mempool_kmalloc_invalid_free+0xed/0x140 [ 21.707488] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 21.707595] ? __pfx_mempool_kmalloc+0x10/0x10 [ 21.707670] ? __pfx_mempool_kfree+0x10/0x10 [ 21.707710] ? __pfx_read_tsc+0x10/0x10 [ 21.707742] ? ktime_get_ts64+0x86/0x230 [ 21.707777] kunit_try_run_case+0x1a5/0x480 [ 21.707818] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.707853] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.707890] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.707923] ? __kthread_parkme+0x82/0x180 [ 21.707954] ? preempt_count_sub+0x50/0x80 [ 21.707988] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.708023] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.708058] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.708093] kthread+0x337/0x6f0 [ 21.708119] ? trace_preempt_on+0x20/0xc0 [ 21.708153] ? __pfx_kthread+0x10/0x10 [ 21.708183] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.708215] ? calculate_sigpending+0x7b/0xa0 [ 21.708278] ? __pfx_kthread+0x10/0x10 [ 21.708310] ret_from_fork+0x116/0x1d0 [ 21.708337] ? __pfx_kthread+0x10/0x10 [ 21.708366] ret_from_fork_asm+0x1a/0x30 [ 21.708411] </TASK> [ 21.708428] [ 21.732691] Allocated by task 259: [ 21.733133] kasan_save_stack+0x45/0x70 [ 21.734642] kasan_save_track+0x18/0x40 [ 21.735351] kasan_save_alloc_info+0x3b/0x50 [ 21.736550] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 21.737486] remove_element+0x11e/0x190 [ 21.738216] mempool_alloc_preallocated+0x4d/0x90 [ 21.739117] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 21.739967] mempool_kmalloc_invalid_free+0xed/0x140 [ 21.740966] kunit_try_run_case+0x1a5/0x480 [ 21.741577] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.742232] kthread+0x337/0x6f0 [ 21.742725] ret_from_fork+0x116/0x1d0 [ 21.743455] ret_from_fork_asm+0x1a/0x30 [ 21.744080] [ 21.744817] The buggy address belongs to the object at ffff888101b3e700 [ 21.744817] which belongs to the cache kmalloc-128 of size 128 [ 21.745821] The buggy address is located 1 bytes inside of [ 21.745821] 128-byte region [ffff888101b3e700, ffff888101b3e780) [ 21.747295] [ 21.747826] The buggy address belongs to the physical page: [ 21.748291] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 21.748913] flags: 0x200000000000000(node=0|zone=2) [ 21.750157] page_type: f5(slab) [ 21.750824] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 21.751667] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.752190] page dumped because: kasan: bad access detected [ 21.752883] [ 21.753541] Memory state around the buggy address: [ 21.754171] ffff888101b3e600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.755583] ffff888101b3e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.756293] >ffff888101b3e700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.756894] ^ [ 21.757239] ffff888101b3e780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.757981] ffff888101b3e800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.758752] ================================================================== [ 21.766007] ================================================================== [ 21.767529] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 21.768270] Free of addr ffff888103ab8001 by task kunit_try_catch/261 [ 21.769529] [ 21.770464] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 21.770702] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.770749] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.770789] Call Trace: [ 21.770827] <TASK> [ 21.770881] dump_stack_lvl+0x73/0xb0 [ 21.770951] print_report+0xd1/0x650 [ 21.770992] ? __virt_addr_valid+0x1db/0x2d0 [ 21.771030] ? kasan_addr_to_slab+0x11/0xa0 [ 21.771060] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 21.771101] kasan_report_invalid_free+0x10a/0x130 [ 21.771137] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 21.771179] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 21.771216] __kasan_mempool_poison_object+0x102/0x1d0 [ 21.771294] mempool_free+0x2ec/0x380 [ 21.771330] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 21.771369] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 21.771408] ? __kasan_check_write+0x18/0x20 [ 21.771438] ? __pfx_sched_clock_cpu+0x10/0x10 [ 21.771470] ? finish_task_switch.isra.0+0x153/0x700 [ 21.771542] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 21.771652] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 21.771716] ? __pfx_mempool_kmalloc+0x10/0x10 [ 21.771755] ? __pfx_mempool_kfree+0x10/0x10 [ 21.771794] ? __pfx_read_tsc+0x10/0x10 [ 21.771826] ? ktime_get_ts64+0x86/0x230 [ 21.771860] kunit_try_run_case+0x1a5/0x480 [ 21.771901] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.771935] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.771971] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.772005] ? __kthread_parkme+0x82/0x180 [ 21.772033] ? preempt_count_sub+0x50/0x80 [ 21.772063] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.772099] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.772133] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.772167] kthread+0x337/0x6f0 [ 21.772195] ? trace_preempt_on+0x20/0xc0 [ 21.772242] ? __pfx_kthread+0x10/0x10 [ 21.772292] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.772327] ? calculate_sigpending+0x7b/0xa0 [ 21.772364] ? __pfx_kthread+0x10/0x10 [ 21.772395] ret_from_fork+0x116/0x1d0 [ 21.772421] ? __pfx_kthread+0x10/0x10 [ 21.772451] ret_from_fork_asm+0x1a/0x30 [ 21.772514] </TASK> [ 21.772539] [ 21.796244] The buggy address belongs to the physical page: [ 21.797139] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ab8 [ 21.798705] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.800126] flags: 0x200000000000040(head|node=0|zone=2) [ 21.800763] page_type: f8(unknown) [ 21.801239] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.802114] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.803689] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.804302] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.805199] head: 0200000000000002 ffffea00040eae01 00000000ffffffff 00000000ffffffff [ 21.806201] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 21.807246] page dumped because: kasan: bad access detected [ 21.807827] [ 21.808016] Memory state around the buggy address: [ 21.808424] ffff888103ab7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.809148] ffff888103ab7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.809655] >ffff888103ab8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.810896] ^ [ 21.811189] ffff888103ab8080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.812128] ffff888103ab8100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.812618] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 21.592916] ================================================================== [ 21.594267] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 21.594959] Free of addr ffff888103a78000 by task kunit_try_catch/255 [ 21.595651] [ 21.596813] CPU: 1 UID: 0 PID: 255 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 21.596960] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.597004] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.597072] Call Trace: [ 21.597119] <TASK> [ 21.597171] dump_stack_lvl+0x73/0xb0 [ 21.597250] print_report+0xd1/0x650 [ 21.597310] ? __virt_addr_valid+0x1db/0x2d0 [ 21.597353] ? kasan_addr_to_slab+0x11/0xa0 [ 21.597384] ? mempool_double_free_helper+0x184/0x370 [ 21.597422] kasan_report_invalid_free+0x10a/0x130 [ 21.597458] ? mempool_double_free_helper+0x184/0x370 [ 21.597518] ? mempool_double_free_helper+0x184/0x370 [ 21.597668] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 21.597746] mempool_free+0x2ec/0x380 [ 21.597820] mempool_double_free_helper+0x184/0x370 [ 21.597858] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 21.597898] ? __pfx_sched_clock_cpu+0x10/0x10 [ 21.597934] ? finish_task_switch.isra.0+0x153/0x700 [ 21.597973] mempool_kmalloc_large_double_free+0xed/0x140 [ 21.598010] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 21.598051] ? __pfx_mempool_kmalloc+0x10/0x10 [ 21.598086] ? __pfx_mempool_kfree+0x10/0x10 [ 21.598126] ? __pfx_read_tsc+0x10/0x10 [ 21.598161] ? ktime_get_ts64+0x86/0x230 [ 21.598197] kunit_try_run_case+0x1a5/0x480 [ 21.598284] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.598328] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.598369] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.598405] ? __kthread_parkme+0x82/0x180 [ 21.598435] ? preempt_count_sub+0x50/0x80 [ 21.598469] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.598534] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.598622] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.598694] kthread+0x337/0x6f0 [ 21.598727] ? trace_preempt_on+0x20/0xc0 [ 21.598766] ? __pfx_kthread+0x10/0x10 [ 21.598797] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.598830] ? calculate_sigpending+0x7b/0xa0 [ 21.598868] ? __pfx_kthread+0x10/0x10 [ 21.598899] ret_from_fork+0x116/0x1d0 [ 21.598926] ? __pfx_kthread+0x10/0x10 [ 21.598957] ret_from_fork_asm+0x1a/0x30 [ 21.599003] </TASK> [ 21.599019] [ 21.620459] The buggy address belongs to the physical page: [ 21.621194] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a78 [ 21.622135] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.623078] flags: 0x200000000000040(head|node=0|zone=2) [ 21.623819] page_type: f8(unknown) [ 21.624283] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.625060] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.625951] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.627605] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.628479] head: 0200000000000002 ffffea00040e9e01 00000000ffffffff 00000000ffffffff [ 21.629609] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 21.631091] page dumped because: kasan: bad access detected [ 21.631437] [ 21.632278] Memory state around the buggy address: [ 21.634279] ffff888103a77f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.636379] ffff888103a77f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.637939] >ffff888103a78000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.638334] ^ [ 21.639840] ffff888103a78080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.642432] ffff888103a78100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.644406] ================================================================== [ 21.529234] ================================================================== [ 21.530055] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 21.530472] Free of addr ffff8881039c8400 by task kunit_try_catch/253 [ 21.531300] [ 21.532226] CPU: 0 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 21.532362] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.532529] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.532601] Call Trace: [ 21.532693] <TASK> [ 21.532763] dump_stack_lvl+0x73/0xb0 [ 21.532883] print_report+0xd1/0x650 [ 21.532971] ? __virt_addr_valid+0x1db/0x2d0 [ 21.533027] ? kasan_complete_mode_report_info+0x64/0x200 [ 21.533062] ? mempool_double_free_helper+0x184/0x370 [ 21.533099] kasan_report_invalid_free+0x10a/0x130 [ 21.533133] ? mempool_double_free_helper+0x184/0x370 [ 21.533170] ? mempool_double_free_helper+0x184/0x370 [ 21.533204] ? mempool_double_free_helper+0x184/0x370 [ 21.533257] check_slab_allocation+0x101/0x130 [ 21.533305] __kasan_mempool_poison_object+0x91/0x1d0 [ 21.533341] mempool_free+0x2ec/0x380 [ 21.533376] mempool_double_free_helper+0x184/0x370 [ 21.533412] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 21.533449] ? __kasan_check_write+0x18/0x20 [ 21.533479] ? __pfx_sched_clock_cpu+0x10/0x10 [ 21.533547] ? finish_task_switch.isra.0+0x153/0x700 [ 21.533649] mempool_kmalloc_double_free+0xed/0x140 [ 21.533703] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 21.533745] ? __pfx_mempool_kmalloc+0x10/0x10 [ 21.533782] ? __pfx_mempool_kfree+0x10/0x10 [ 21.533822] ? __pfx_read_tsc+0x10/0x10 [ 21.533852] ? ktime_get_ts64+0x86/0x230 [ 21.533889] kunit_try_run_case+0x1a5/0x480 [ 21.533930] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.533965] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.534002] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.534036] ? __kthread_parkme+0x82/0x180 [ 21.534064] ? preempt_count_sub+0x50/0x80 [ 21.534095] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.534131] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.534165] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.534199] kthread+0x337/0x6f0 [ 21.534244] ? trace_preempt_on+0x20/0xc0 [ 21.534293] ? __pfx_kthread+0x10/0x10 [ 21.534328] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.534361] ? calculate_sigpending+0x7b/0xa0 [ 21.534400] ? __pfx_kthread+0x10/0x10 [ 21.534430] ret_from_fork+0x116/0x1d0 [ 21.534456] ? __pfx_kthread+0x10/0x10 [ 21.534485] ret_from_fork_asm+0x1a/0x30 [ 21.534561] </TASK> [ 21.534595] [ 21.557767] Allocated by task 253: [ 21.558191] kasan_save_stack+0x45/0x70 [ 21.558845] kasan_save_track+0x18/0x40 [ 21.559264] kasan_save_alloc_info+0x3b/0x50 [ 21.559773] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 21.560298] remove_element+0x11e/0x190 [ 21.561241] mempool_alloc_preallocated+0x4d/0x90 [ 21.561823] mempool_double_free_helper+0x8a/0x370 [ 21.562350] mempool_kmalloc_double_free+0xed/0x140 [ 21.562899] kunit_try_run_case+0x1a5/0x480 [ 21.563341] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.563940] kthread+0x337/0x6f0 [ 21.564296] ret_from_fork+0x116/0x1d0 [ 21.564742] ret_from_fork_asm+0x1a/0x30 [ 21.565095] [ 21.565322] Freed by task 253: [ 21.565710] kasan_save_stack+0x45/0x70 [ 21.566097] kasan_save_track+0x18/0x40 [ 21.566648] kasan_save_free_info+0x3f/0x60 [ 21.567104] __kasan_mempool_poison_object+0x131/0x1d0 [ 21.567592] mempool_free+0x2ec/0x380 [ 21.568880] mempool_double_free_helper+0x109/0x370 [ 21.569260] mempool_kmalloc_double_free+0xed/0x140 [ 21.569777] kunit_try_run_case+0x1a5/0x480 [ 21.570289] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.570870] kthread+0x337/0x6f0 [ 21.571247] ret_from_fork+0x116/0x1d0 [ 21.571599] ret_from_fork_asm+0x1a/0x30 [ 21.572028] [ 21.572270] The buggy address belongs to the object at ffff8881039c8400 [ 21.572270] which belongs to the cache kmalloc-128 of size 128 [ 21.573205] The buggy address is located 0 bytes inside of [ 21.573205] 128-byte region [ffff8881039c8400, ffff8881039c8480) [ 21.574397] [ 21.574879] The buggy address belongs to the physical page: [ 21.575297] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c8 [ 21.576395] flags: 0x200000000000000(node=0|zone=2) [ 21.576968] page_type: f5(slab) [ 21.577308] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 21.577932] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.578724] page dumped because: kasan: bad access detected [ 21.579088] [ 21.579271] Memory state around the buggy address: [ 21.580641] ffff8881039c8300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.581692] ffff8881039c8380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.582154] >ffff8881039c8400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.583093] ^ [ 21.583533] ffff8881039c8480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.584178] ffff8881039c8500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.584789] ================================================================== [ 21.651811] ================================================================== [ 21.652700] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 21.654122] Free of addr ffff888103ab8000 by task kunit_try_catch/257 [ 21.655193] [ 21.655645] CPU: 0 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 21.655834] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.655895] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.655961] Call Trace: [ 21.656005] <TASK> [ 21.656058] dump_stack_lvl+0x73/0xb0 [ 21.656160] print_report+0xd1/0x650 [ 21.656229] ? __virt_addr_valid+0x1db/0x2d0 [ 21.656294] ? kasan_addr_to_slab+0x11/0xa0 [ 21.656325] ? mempool_double_free_helper+0x184/0x370 [ 21.656360] kasan_report_invalid_free+0x10a/0x130 [ 21.656396] ? mempool_double_free_helper+0x184/0x370 [ 21.656434] ? mempool_double_free_helper+0x184/0x370 [ 21.656468] __kasan_mempool_poison_pages+0x115/0x130 [ 21.656533] mempool_free+0x290/0x380 [ 21.656637] mempool_double_free_helper+0x184/0x370 [ 21.656712] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 21.656786] ? __kasan_check_write+0x18/0x20 [ 21.656845] ? __pfx_sched_clock_cpu+0x10/0x10 [ 21.656912] ? finish_task_switch.isra.0+0x153/0x700 [ 21.656984] mempool_page_alloc_double_free+0xe8/0x140 [ 21.657026] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 21.657067] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 21.657094] ? __pfx_mempool_free_pages+0x10/0x10 [ 21.657126] ? __pfx_read_tsc+0x10/0x10 [ 21.657157] ? ktime_get_ts64+0x86/0x230 [ 21.657192] kunit_try_run_case+0x1a5/0x480 [ 21.657245] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.657299] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.657337] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.657371] ? __kthread_parkme+0x82/0x180 [ 21.657400] ? preempt_count_sub+0x50/0x80 [ 21.657431] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.657465] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.657523] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.657597] kthread+0x337/0x6f0 [ 21.657692] ? trace_preempt_on+0x20/0xc0 [ 21.657732] ? __pfx_kthread+0x10/0x10 [ 21.657762] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.657794] ? calculate_sigpending+0x7b/0xa0 [ 21.657830] ? __pfx_kthread+0x10/0x10 [ 21.657859] ret_from_fork+0x116/0x1d0 [ 21.657886] ? __pfx_kthread+0x10/0x10 [ 21.657914] ret_from_fork_asm+0x1a/0x30 [ 21.657958] </TASK> [ 21.657974] [ 21.683755] The buggy address belongs to the physical page: [ 21.684492] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ab8 [ 21.685859] flags: 0x200000000000000(node=0|zone=2) [ 21.686564] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 21.687443] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.688189] page dumped because: kasan: bad access detected [ 21.689054] [ 21.689219] Memory state around the buggy address: [ 21.689986] ffff888103ab7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.690929] ffff888103ab7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.691790] >ffff888103ab8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.693094] ^ [ 21.693886] ffff888103ab8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.694466] ffff888103ab8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.695357] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 21.346357] ================================================================== [ 21.347448] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 21.348339] Read of size 1 at addr ffff888103ab4000 by task kunit_try_catch/247 [ 21.348902] [ 21.349157] CPU: 0 UID: 0 PID: 247 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 21.349287] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.349327] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.349394] Call Trace: [ 21.349441] <TASK> [ 21.349516] dump_stack_lvl+0x73/0xb0 [ 21.349637] print_report+0xd1/0x650 [ 21.349716] ? __virt_addr_valid+0x1db/0x2d0 [ 21.349796] ? mempool_uaf_helper+0x392/0x400 [ 21.349870] ? kasan_addr_to_slab+0x11/0xa0 [ 21.349940] ? mempool_uaf_helper+0x392/0x400 [ 21.350013] kasan_report+0x141/0x180 [ 21.350146] ? mempool_uaf_helper+0x392/0x400 [ 21.350239] __asan_report_load1_noabort+0x18/0x20 [ 21.350323] mempool_uaf_helper+0x392/0x400 [ 21.350401] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 21.350468] ? update_load_avg+0x1be/0x21b0 [ 21.350574] ? dequeue_entities+0x27e/0x1740 [ 21.350650] ? finish_task_switch.isra.0+0x153/0x700 [ 21.350719] mempool_kmalloc_large_uaf+0xef/0x140 [ 21.350782] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 21.350850] ? __pfx_mempool_kmalloc+0x10/0x10 [ 21.350915] ? __pfx_mempool_kfree+0x10/0x10 [ 21.350979] ? __pfx_read_tsc+0x10/0x10 [ 21.351036] ? ktime_get_ts64+0x86/0x230 [ 21.351098] kunit_try_run_case+0x1a5/0x480 [ 21.351170] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.351237] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.351306] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.351341] ? __kthread_parkme+0x82/0x180 [ 21.351372] ? preempt_count_sub+0x50/0x80 [ 21.351403] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.351439] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.351474] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.351541] kthread+0x337/0x6f0 [ 21.351644] ? trace_preempt_on+0x20/0xc0 [ 21.351698] ? __pfx_kthread+0x10/0x10 [ 21.351729] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.351759] ? calculate_sigpending+0x7b/0xa0 [ 21.351794] ? __pfx_kthread+0x10/0x10 [ 21.351824] ret_from_fork+0x116/0x1d0 [ 21.351850] ? __pfx_kthread+0x10/0x10 [ 21.351879] ret_from_fork_asm+0x1a/0x30 [ 21.351922] </TASK> [ 21.351937] [ 21.378596] The buggy address belongs to the physical page: [ 21.379162] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ab4 [ 21.380800] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.381690] flags: 0x200000000000040(head|node=0|zone=2) [ 21.382236] page_type: f8(unknown) [ 21.382731] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.383338] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.384630] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.385536] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.386178] head: 0200000000000002 ffffea00040ead01 00000000ffffffff 00000000ffffffff [ 21.387398] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 21.388636] page dumped because: kasan: bad access detected [ 21.389324] [ 21.389556] Memory state around the buggy address: [ 21.390142] ffff888103ab3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.391183] ffff888103ab3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.391608] >ffff888103ab4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.392396] ^ [ 21.392821] ffff888103ab4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.393658] ffff888103ab4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.394310] ================================================================== [ 21.477296] ================================================================== [ 21.478394] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 21.480182] Read of size 1 at addr ffff888103a04000 by task kunit_try_catch/251 [ 21.481288] [ 21.481550] CPU: 1 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 21.481699] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.481741] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.481889] Call Trace: [ 21.482024] <TASK> [ 21.482240] dump_stack_lvl+0x73/0xb0 [ 21.482365] print_report+0xd1/0x650 [ 21.482445] ? __virt_addr_valid+0x1db/0x2d0 [ 21.482544] ? mempool_uaf_helper+0x392/0x400 [ 21.482622] ? kasan_addr_to_slab+0x11/0xa0 [ 21.482687] ? mempool_uaf_helper+0x392/0x400 [ 21.482761] kasan_report+0x141/0x180 [ 21.482837] ? mempool_uaf_helper+0x392/0x400 [ 21.483001] __asan_report_load1_noabort+0x18/0x20 [ 21.483039] mempool_uaf_helper+0x392/0x400 [ 21.483074] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 21.483106] ? update_load_avg+0x1be/0x21b0 [ 21.483142] ? update_load_avg+0x1be/0x21b0 [ 21.483174] ? update_curr+0x80/0x810 [ 21.483202] ? __kasan_check_write+0x18/0x20 [ 21.483235] ? irqentry_exit+0x2a/0x60 [ 21.483305] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 21.483345] mempool_page_alloc_uaf+0xed/0x140 [ 21.483380] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 21.483418] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 21.483447] ? __pfx_mempool_free_pages+0x10/0x10 [ 21.483476] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 21.483547] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 21.483630] kunit_try_run_case+0x1a5/0x480 [ 21.483693] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.483729] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.483765] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.483799] ? __kthread_parkme+0x82/0x180 [ 21.483829] ? preempt_count_sub+0x50/0x80 [ 21.483862] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.483897] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.483931] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.483964] kthread+0x337/0x6f0 [ 21.483992] ? trace_preempt_on+0x20/0xc0 [ 21.484026] ? __pfx_kthread+0x10/0x10 [ 21.484054] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.484083] ? calculate_sigpending+0x7b/0xa0 [ 21.484119] ? __pfx_kthread+0x10/0x10 [ 21.484149] ret_from_fork+0x116/0x1d0 [ 21.484176] ? __pfx_kthread+0x10/0x10 [ 21.484204] ret_from_fork_asm+0x1a/0x30 [ 21.484281] </TASK> [ 21.484301] [ 21.511404] The buggy address belongs to the physical page: [ 21.512194] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a04 [ 21.513099] flags: 0x200000000000000(node=0|zone=2) [ 21.513792] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 21.514752] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.515851] page dumped because: kasan: bad access detected [ 21.516485] [ 21.516937] Memory state around the buggy address: [ 21.517492] ffff888103a03f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.518417] ffff888103a03f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.519399] >ffff888103a04000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.520276] ^ [ 21.521030] ffff888103a04080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.521785] ffff888103a04100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.522331] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 21.402787] ================================================================== [ 21.404046] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 21.405988] Read of size 1 at addr ffff888101b43240 by task kunit_try_catch/249 [ 21.407944] [ 21.408460] CPU: 1 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 21.408730] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.408771] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.408837] Call Trace: [ 21.408891] <TASK> [ 21.408949] dump_stack_lvl+0x73/0xb0 [ 21.409009] print_report+0xd1/0x650 [ 21.409047] ? __virt_addr_valid+0x1db/0x2d0 [ 21.409082] ? mempool_uaf_helper+0x392/0x400 [ 21.409115] ? kasan_complete_mode_report_info+0x64/0x200 [ 21.409146] ? mempool_uaf_helper+0x392/0x400 [ 21.409178] kasan_report+0x141/0x180 [ 21.409209] ? mempool_uaf_helper+0x392/0x400 [ 21.409301] __asan_report_load1_noabort+0x18/0x20 [ 21.409342] mempool_uaf_helper+0x392/0x400 [ 21.409376] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 21.409409] ? update_load_avg+0x1be/0x21b0 [ 21.409450] ? finish_task_switch.isra.0+0x153/0x700 [ 21.409489] mempool_slab_uaf+0xea/0x140 [ 21.409611] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 21.409711] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 21.409779] ? __pfx_mempool_free_slab+0x10/0x10 [ 21.409847] ? __pfx_read_tsc+0x10/0x10 [ 21.409917] ? ktime_get_ts64+0x86/0x230 [ 21.409976] kunit_try_run_case+0x1a5/0x480 [ 21.410017] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.410052] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.410089] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.410123] ? __kthread_parkme+0x82/0x180 [ 21.410152] ? preempt_count_sub+0x50/0x80 [ 21.410183] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.410218] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.410290] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.410331] kthread+0x337/0x6f0 [ 21.410359] ? trace_preempt_on+0x20/0xc0 [ 21.410395] ? __pfx_kthread+0x10/0x10 [ 21.410425] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.410455] ? calculate_sigpending+0x7b/0xa0 [ 21.410490] ? __pfx_kthread+0x10/0x10 [ 21.410557] ret_from_fork+0x116/0x1d0 [ 21.410633] ? __pfx_kthread+0x10/0x10 [ 21.410694] ret_from_fork_asm+0x1a/0x30 [ 21.410740] </TASK> [ 21.410757] [ 21.433018] Allocated by task 249: [ 21.434026] kasan_save_stack+0x45/0x70 [ 21.434713] kasan_save_track+0x18/0x40 [ 21.434988] kasan_save_alloc_info+0x3b/0x50 [ 21.435807] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 21.436466] remove_element+0x11e/0x190 [ 21.437326] mempool_alloc_preallocated+0x4d/0x90 [ 21.438199] mempool_uaf_helper+0x96/0x400 [ 21.439060] mempool_slab_uaf+0xea/0x140 [ 21.439747] kunit_try_run_case+0x1a5/0x480 [ 21.440100] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.440801] kthread+0x337/0x6f0 [ 21.441133] ret_from_fork+0x116/0x1d0 [ 21.441446] ret_from_fork_asm+0x1a/0x30 [ 21.442132] [ 21.442480] Freed by task 249: [ 21.443002] kasan_save_stack+0x45/0x70 [ 21.443522] kasan_save_track+0x18/0x40 [ 21.444119] kasan_save_free_info+0x3f/0x60 [ 21.445066] __kasan_mempool_poison_object+0x131/0x1d0 [ 21.445736] mempool_free+0x2ec/0x380 [ 21.446081] mempool_uaf_helper+0x11a/0x400 [ 21.446897] mempool_slab_uaf+0xea/0x140 [ 21.447329] kunit_try_run_case+0x1a5/0x480 [ 21.447960] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.448922] kthread+0x337/0x6f0 [ 21.449209] ret_from_fork+0x116/0x1d0 [ 21.449671] ret_from_fork_asm+0x1a/0x30 [ 21.450091] [ 21.450323] The buggy address belongs to the object at ffff888101b43240 [ 21.450323] which belongs to the cache test_cache of size 123 [ 21.451182] The buggy address is located 0 bytes inside of [ 21.451182] freed 123-byte region [ffff888101b43240, ffff888101b432bb) [ 21.451900] [ 21.452147] The buggy address belongs to the physical page: [ 21.453196] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b43 [ 21.454196] flags: 0x200000000000000(node=0|zone=2) [ 21.454609] page_type: f5(slab) [ 21.454981] raw: 0200000000000000 ffff8881010fd8c0 dead000000000122 0000000000000000 [ 21.455989] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 21.457444] page dumped because: kasan: bad access detected [ 21.457999] [ 21.458437] Memory state around the buggy address: [ 21.459018] ffff888101b43100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.459723] ffff888101b43180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.460243] >ffff888101b43200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 21.461924] ^ [ 21.462296] ffff888101b43280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.462821] ffff888101b43300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.463423] ================================================================== [ 21.279204] ================================================================== [ 21.280068] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 21.281452] Read of size 1 at addr ffff888101b3e300 by task kunit_try_catch/245 [ 21.282609] [ 21.283087] CPU: 1 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 21.283206] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.283242] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.283301] Call Trace: [ 21.283342] <TASK> [ 21.283384] dump_stack_lvl+0x73/0xb0 [ 21.283477] print_report+0xd1/0x650 [ 21.283786] ? __virt_addr_valid+0x1db/0x2d0 [ 21.283868] ? mempool_uaf_helper+0x392/0x400 [ 21.284008] ? kasan_complete_mode_report_info+0x64/0x200 [ 21.284076] ? mempool_uaf_helper+0x392/0x400 [ 21.284139] kasan_report+0x141/0x180 [ 21.284207] ? mempool_uaf_helper+0x392/0x400 [ 21.284287] __asan_report_load1_noabort+0x18/0x20 [ 21.284366] mempool_uaf_helper+0x392/0x400 [ 21.284436] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 21.284521] ? trace_hardirqs_on+0x37/0xe0 [ 21.284605] ? irqentry_exit+0x2a/0x60 [ 21.284682] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 21.284770] mempool_kmalloc_uaf+0xef/0x140 [ 21.284840] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 21.284912] ? __pfx_mempool_kmalloc+0x10/0x10 [ 21.284980] ? __pfx_mempool_kfree+0x10/0x10 [ 21.285052] ? __pfx_read_tsc+0x10/0x10 [ 21.285114] ? ktime_get_ts64+0x86/0x230 [ 21.285183] kunit_try_run_case+0x1a5/0x480 [ 21.285288] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.285361] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.285430] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.285517] ? __kthread_parkme+0x82/0x180 [ 21.285868] ? preempt_count_sub+0x50/0x80 [ 21.285910] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.285951] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.285986] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.286021] kthread+0x337/0x6f0 [ 21.286050] ? trace_preempt_on+0x20/0xc0 [ 21.286082] ? __pfx_kthread+0x10/0x10 [ 21.286112] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.286145] ? calculate_sigpending+0x7b/0xa0 [ 21.286180] ? __pfx_kthread+0x10/0x10 [ 21.286211] ret_from_fork+0x116/0x1d0 [ 21.286284] ? __pfx_kthread+0x10/0x10 [ 21.286323] ret_from_fork_asm+0x1a/0x30 [ 21.286369] </TASK> [ 21.286387] [ 21.308476] Allocated by task 245: [ 21.309141] kasan_save_stack+0x45/0x70 [ 21.309901] kasan_save_track+0x18/0x40 [ 21.310308] kasan_save_alloc_info+0x3b/0x50 [ 21.310933] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 21.311477] remove_element+0x11e/0x190 [ 21.311913] mempool_alloc_preallocated+0x4d/0x90 [ 21.312329] mempool_uaf_helper+0x96/0x400 [ 21.313384] mempool_kmalloc_uaf+0xef/0x140 [ 21.314107] kunit_try_run_case+0x1a5/0x480 [ 21.314759] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.315211] kthread+0x337/0x6f0 [ 21.315789] ret_from_fork+0x116/0x1d0 [ 21.316156] ret_from_fork_asm+0x1a/0x30 [ 21.317371] [ 21.317831] Freed by task 245: [ 21.318185] kasan_save_stack+0x45/0x70 [ 21.318842] kasan_save_track+0x18/0x40 [ 21.319255] kasan_save_free_info+0x3f/0x60 [ 21.319873] __kasan_mempool_poison_object+0x131/0x1d0 [ 21.320385] mempool_free+0x2ec/0x380 [ 21.321409] mempool_uaf_helper+0x11a/0x400 [ 21.321911] mempool_kmalloc_uaf+0xef/0x140 [ 21.322749] kunit_try_run_case+0x1a5/0x480 [ 21.323186] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.323821] kthread+0x337/0x6f0 [ 21.324204] ret_from_fork+0x116/0x1d0 [ 21.324710] ret_from_fork_asm+0x1a/0x30 [ 21.325112] [ 21.326141] The buggy address belongs to the object at ffff888101b3e300 [ 21.326141] which belongs to the cache kmalloc-128 of size 128 [ 21.327212] The buggy address is located 0 bytes inside of [ 21.327212] freed 128-byte region [ffff888101b3e300, ffff888101b3e380) [ 21.328339] [ 21.329144] The buggy address belongs to the physical page: [ 21.329720] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 21.330715] flags: 0x200000000000000(node=0|zone=2) [ 21.331096] page_type: f5(slab) [ 21.331987] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 21.332495] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.333183] page dumped because: kasan: bad access detected [ 21.334005] [ 21.334244] Memory state around the buggy address: [ 21.334757] ffff888101b3e200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.335323] ffff888101b3e280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.335953] >ffff888101b3e300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.337060] ^ [ 21.337575] ffff888101b3e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.338481] ffff888101b3e400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.339045] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 21.154065] ================================================================== [ 21.155316] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 21.156568] Read of size 1 at addr ffff888103a06001 by task kunit_try_catch/241 [ 21.157346] [ 21.157921] CPU: 1 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 21.158061] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.158103] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.158168] Call Trace: [ 21.158216] <TASK> [ 21.158312] dump_stack_lvl+0x73/0xb0 [ 21.158421] print_report+0xd1/0x650 [ 21.158517] ? __virt_addr_valid+0x1db/0x2d0 [ 21.158855] ? mempool_oob_right_helper+0x318/0x380 [ 21.158934] ? kasan_addr_to_slab+0x11/0xa0 [ 21.159004] ? mempool_oob_right_helper+0x318/0x380 [ 21.159084] kasan_report+0x141/0x180 [ 21.159162] ? mempool_oob_right_helper+0x318/0x380 [ 21.159295] __asan_report_load1_noabort+0x18/0x20 [ 21.159381] mempool_oob_right_helper+0x318/0x380 [ 21.159458] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 21.159573] ? __kasan_check_write+0x18/0x20 [ 21.159643] ? __pfx_sched_clock_cpu+0x10/0x10 [ 21.159723] ? finish_task_switch.isra.0+0x153/0x700 [ 21.159768] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 21.159808] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 21.159850] ? __pfx_mempool_kmalloc+0x10/0x10 [ 21.159887] ? __pfx_mempool_kfree+0x10/0x10 [ 21.159924] ? __pfx_read_tsc+0x10/0x10 [ 21.159957] ? ktime_get_ts64+0x86/0x230 [ 21.159991] kunit_try_run_case+0x1a5/0x480 [ 21.160030] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.160066] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.160102] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.160136] ? __kthread_parkme+0x82/0x180 [ 21.160164] ? preempt_count_sub+0x50/0x80 [ 21.160196] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.160247] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.160299] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.160335] kthread+0x337/0x6f0 [ 21.160363] ? trace_preempt_on+0x20/0xc0 [ 21.160397] ? __pfx_kthread+0x10/0x10 [ 21.160427] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.160458] ? calculate_sigpending+0x7b/0xa0 [ 21.160493] ? __pfx_kthread+0x10/0x10 [ 21.160591] ret_from_fork+0x116/0x1d0 [ 21.160671] ? __pfx_kthread+0x10/0x10 [ 21.160705] ret_from_fork_asm+0x1a/0x30 [ 21.160750] </TASK> [ 21.160766] [ 21.184123] The buggy address belongs to the physical page: [ 21.184647] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a04 [ 21.185172] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.186092] flags: 0x200000000000040(head|node=0|zone=2) [ 21.187450] page_type: f8(unknown) [ 21.187909] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.188718] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.189210] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.190141] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.190871] head: 0200000000000002 ffffea00040e8101 00000000ffffffff 00000000ffffffff [ 21.191867] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 21.192549] page dumped because: kasan: bad access detected [ 21.193055] [ 21.193514] Memory state around the buggy address: [ 21.194187] ffff888103a05f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.194776] ffff888103a05f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.195451] >ffff888103a06000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.195907] ^ [ 21.196466] ffff888103a06080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.197713] ffff888103a06100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.198192] ================================================================== [ 21.208017] ================================================================== [ 21.209934] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 21.211397] Read of size 1 at addr ffff8881039d72bb by task kunit_try_catch/243 [ 21.212391] [ 21.212673] CPU: 0 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 21.212813] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.212858] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.212918] Call Trace: [ 21.212962] <TASK> [ 21.213014] dump_stack_lvl+0x73/0xb0 [ 21.213109] print_report+0xd1/0x650 [ 21.213173] ? __virt_addr_valid+0x1db/0x2d0 [ 21.213236] ? mempool_oob_right_helper+0x318/0x380 [ 21.213313] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.213376] ? mempool_oob_right_helper+0x318/0x380 [ 21.213439] kasan_report+0x141/0x180 [ 21.213518] ? mempool_oob_right_helper+0x318/0x380 [ 21.213597] __asan_report_load1_noabort+0x18/0x20 [ 21.213680] mempool_oob_right_helper+0x318/0x380 [ 21.213761] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 21.213887] ? __pfx_sched_clock_cpu+0x10/0x10 [ 21.213972] ? irqentry_exit+0x2a/0x60 [ 21.214048] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 21.214133] mempool_slab_oob_right+0xed/0x140 [ 21.214210] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 21.214324] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 21.214361] ? __pfx_mempool_free_slab+0x10/0x10 [ 21.214392] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 21.214433] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 21.214471] kunit_try_run_case+0x1a5/0x480 [ 21.214547] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.214666] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.214711] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.214746] ? __kthread_parkme+0x82/0x180 [ 21.214777] ? preempt_count_sub+0x50/0x80 [ 21.214810] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.214846] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.214881] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.214916] kthread+0x337/0x6f0 [ 21.214944] ? trace_preempt_on+0x20/0xc0 [ 21.214978] ? __pfx_kthread+0x10/0x10 [ 21.215006] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.215037] ? calculate_sigpending+0x7b/0xa0 [ 21.215073] ? __pfx_kthread+0x10/0x10 [ 21.215103] ret_from_fork+0x116/0x1d0 [ 21.215129] ? __pfx_kthread+0x10/0x10 [ 21.215157] ret_from_fork_asm+0x1a/0x30 [ 21.215199] </TASK> [ 21.215214] [ 21.242527] Allocated by task 243: [ 21.242908] kasan_save_stack+0x45/0x70 [ 21.243907] kasan_save_track+0x18/0x40 [ 21.244195] kasan_save_alloc_info+0x3b/0x50 [ 21.245145] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 21.245816] remove_element+0x11e/0x190 [ 21.246407] mempool_alloc_preallocated+0x4d/0x90 [ 21.247417] mempool_oob_right_helper+0x8a/0x380 [ 21.248295] mempool_slab_oob_right+0xed/0x140 [ 21.248849] kunit_try_run_case+0x1a5/0x480 [ 21.249355] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.250593] kthread+0x337/0x6f0 [ 21.250974] ret_from_fork+0x116/0x1d0 [ 21.251384] ret_from_fork_asm+0x1a/0x30 [ 21.251750] [ 21.251985] The buggy address belongs to the object at ffff8881039d7240 [ 21.251985] which belongs to the cache test_cache of size 123 [ 21.253102] The buggy address is located 0 bytes to the right of [ 21.253102] allocated 123-byte region [ffff8881039d7240, ffff8881039d72bb) [ 21.254304] [ 21.254713] The buggy address belongs to the physical page: [ 21.255190] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d7 [ 21.256027] flags: 0x200000000000000(node=0|zone=2) [ 21.257352] page_type: f5(slab) [ 21.257732] raw: 0200000000000000 ffff888101678a00 dead000000000122 0000000000000000 [ 21.258523] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 21.259189] page dumped because: kasan: bad access detected [ 21.259883] [ 21.260087] Memory state around the buggy address: [ 21.260735] ffff8881039d7180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.261290] ffff8881039d7200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 21.262662] >ffff8881039d7280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 21.263289] ^ [ 21.263788] ffff8881039d7300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.264719] ffff8881039d7380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.265358] ================================================================== [ 21.078523] ================================================================== [ 21.079447] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 21.080089] Read of size 1 at addr ffff888101b20f73 by task kunit_try_catch/239 [ 21.081444] [ 21.082156] CPU: 1 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 21.082476] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.082533] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.082923] Call Trace: [ 21.082972] <TASK> [ 21.083031] dump_stack_lvl+0x73/0xb0 [ 21.083096] print_report+0xd1/0x650 [ 21.083131] ? __virt_addr_valid+0x1db/0x2d0 [ 21.083167] ? mempool_oob_right_helper+0x318/0x380 [ 21.083202] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.083248] ? mempool_oob_right_helper+0x318/0x380 [ 21.083303] kasan_report+0x141/0x180 [ 21.083340] ? mempool_oob_right_helper+0x318/0x380 [ 21.083381] __asan_report_load1_noabort+0x18/0x20 [ 21.083416] mempool_oob_right_helper+0x318/0x380 [ 21.083452] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 21.083486] ? update_load_avg+0x1be/0x21b0 [ 21.083601] ? pick_eevdf+0x3c9/0x590 [ 21.083683] ? irqentry_exit+0x2a/0x60 [ 21.083727] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 21.083768] mempool_kmalloc_oob_right+0xf2/0x150 [ 21.083804] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 21.083843] ? __pfx_mempool_kmalloc+0x10/0x10 [ 21.083881] ? __pfx_mempool_kfree+0x10/0x10 [ 21.083916] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 21.083954] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 21.083990] kunit_try_run_case+0x1a5/0x480 [ 21.084029] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.084064] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.084099] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.084133] ? __kthread_parkme+0x82/0x180 [ 21.084162] ? preempt_count_sub+0x50/0x80 [ 21.084194] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.084238] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.084303] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.084341] kthread+0x337/0x6f0 [ 21.084370] ? trace_preempt_on+0x20/0xc0 [ 21.084405] ? __pfx_kthread+0x10/0x10 [ 21.084435] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.084468] ? calculate_sigpending+0x7b/0xa0 [ 21.084527] ? __pfx_kthread+0x10/0x10 [ 21.084610] ret_from_fork+0x116/0x1d0 [ 21.084679] ? __pfx_kthread+0x10/0x10 [ 21.084714] ret_from_fork_asm+0x1a/0x30 [ 21.084759] </TASK> [ 21.084776] [ 21.120379] Allocated by task 239: [ 21.120830] kasan_save_stack+0x45/0x70 [ 21.121529] kasan_save_track+0x18/0x40 [ 21.122819] kasan_save_alloc_info+0x3b/0x50 [ 21.123158] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 21.124018] remove_element+0x11e/0x190 [ 21.125019] mempool_alloc_preallocated+0x4d/0x90 [ 21.126044] mempool_oob_right_helper+0x8a/0x380 [ 21.127099] mempool_kmalloc_oob_right+0xf2/0x150 [ 21.128092] kunit_try_run_case+0x1a5/0x480 [ 21.128895] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.129864] kthread+0x337/0x6f0 [ 21.130037] ret_from_fork+0x116/0x1d0 [ 21.130196] ret_from_fork_asm+0x1a/0x30 [ 21.131686] [ 21.132054] The buggy address belongs to the object at ffff888101b20f00 [ 21.132054] which belongs to the cache kmalloc-128 of size 128 [ 21.133643] The buggy address is located 0 bytes to the right of [ 21.133643] allocated 115-byte region [ffff888101b20f00, ffff888101b20f73) [ 21.134533] [ 21.135474] The buggy address belongs to the physical page: [ 21.136060] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b20 [ 21.136928] flags: 0x200000000000000(node=0|zone=2) [ 21.137422] page_type: f5(slab) [ 21.137939] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 21.138555] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 21.139331] page dumped because: kasan: bad access detected [ 21.140132] [ 21.140349] Memory state around the buggy address: [ 21.140928] ffff888101b20e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.142612] ffff888101b20e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.143316] >ffff888101b20f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 21.143903] ^ [ 21.144785] ffff888101b20f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.145359] ffff888101b21000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.146748] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 20.457924] ================================================================== [ 20.459159] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 20.460995] Read of size 1 at addr ffff888101678780 by task kunit_try_catch/233 [ 20.462325] [ 20.462581] CPU: 0 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 20.462718] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.462754] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.462817] Call Trace: [ 20.462952] <TASK> [ 20.463087] dump_stack_lvl+0x73/0xb0 [ 20.463336] print_report+0xd1/0x650 [ 20.463388] ? __virt_addr_valid+0x1db/0x2d0 [ 20.463428] ? kmem_cache_double_destroy+0x1bf/0x380 [ 20.463466] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.463521] ? kmem_cache_double_destroy+0x1bf/0x380 [ 20.463645] kasan_report+0x141/0x180 [ 20.463716] ? kmem_cache_double_destroy+0x1bf/0x380 [ 20.463760] ? kmem_cache_double_destroy+0x1bf/0x380 [ 20.463798] __kasan_check_byte+0x3d/0x50 [ 20.463830] kmem_cache_destroy+0x25/0x1d0 [ 20.463865] kmem_cache_double_destroy+0x1bf/0x380 [ 20.463902] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 20.463939] ? finish_task_switch.isra.0+0x153/0x700 [ 20.463971] ? __switch_to+0x47/0xf50 [ 20.464012] ? __pfx_read_tsc+0x10/0x10 [ 20.464042] ? ktime_get_ts64+0x86/0x230 [ 20.464076] kunit_try_run_case+0x1a5/0x480 [ 20.464118] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.464152] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.464190] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.464250] ? __kthread_parkme+0x82/0x180 [ 20.464298] ? preempt_count_sub+0x50/0x80 [ 20.464333] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.464371] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.464405] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.464439] kthread+0x337/0x6f0 [ 20.464470] ? trace_preempt_on+0x20/0xc0 [ 20.464528] ? __pfx_kthread+0x10/0x10 [ 20.464599] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.464672] ? calculate_sigpending+0x7b/0xa0 [ 20.464716] ? __pfx_kthread+0x10/0x10 [ 20.464746] ret_from_fork+0x116/0x1d0 [ 20.464774] ? __pfx_kthread+0x10/0x10 [ 20.464805] ret_from_fork_asm+0x1a/0x30 [ 20.464849] </TASK> [ 20.464865] [ 20.487685] Allocated by task 233: [ 20.488145] kasan_save_stack+0x45/0x70 [ 20.489466] kasan_save_track+0x18/0x40 [ 20.490057] kasan_save_alloc_info+0x3b/0x50 [ 20.490724] __kasan_slab_alloc+0x91/0xa0 [ 20.491119] kmem_cache_alloc_noprof+0x123/0x3f0 [ 20.491835] __kmem_cache_create_args+0x169/0x240 [ 20.492334] kmem_cache_double_destroy+0xd5/0x380 [ 20.493535] kunit_try_run_case+0x1a5/0x480 [ 20.494195] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.494928] kthread+0x337/0x6f0 [ 20.495367] ret_from_fork+0x116/0x1d0 [ 20.495756] ret_from_fork_asm+0x1a/0x30 [ 20.496143] [ 20.496385] Freed by task 233: [ 20.497495] kasan_save_stack+0x45/0x70 [ 20.498129] kasan_save_track+0x18/0x40 [ 20.498738] kasan_save_free_info+0x3f/0x60 [ 20.499120] __kasan_slab_free+0x56/0x70 [ 20.499779] kmem_cache_free+0x249/0x420 [ 20.500212] slab_kmem_cache_release+0x2e/0x40 [ 20.501320] kmem_cache_release+0x16/0x20 [ 20.501647] kobject_put+0x181/0x450 [ 20.502128] sysfs_slab_release+0x16/0x20 [ 20.502876] kmem_cache_destroy+0xf0/0x1d0 [ 20.503338] kmem_cache_double_destroy+0x14e/0x380 [ 20.503953] kunit_try_run_case+0x1a5/0x480 [ 20.504343] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.505597] kthread+0x337/0x6f0 [ 20.506010] ret_from_fork+0x116/0x1d0 [ 20.506410] ret_from_fork_asm+0x1a/0x30 [ 20.507021] [ 20.507272] The buggy address belongs to the object at ffff888101678780 [ 20.507272] which belongs to the cache kmem_cache of size 208 [ 20.508379] The buggy address is located 0 bytes inside of [ 20.508379] freed 208-byte region [ffff888101678780, ffff888101678850) [ 20.510079] [ 20.510391] The buggy address belongs to the physical page: [ 20.511070] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101678 [ 20.511920] flags: 0x200000000000000(node=0|zone=2) [ 20.512377] page_type: f5(slab) [ 20.513415] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 20.514037] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 20.514976] page dumped because: kasan: bad access detected [ 20.515531] [ 20.515871] Memory state around the buggy address: [ 20.516278] ffff888101678680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.517640] ffff888101678700: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.518233] >ffff888101678780: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.518842] ^ [ 20.519158] ffff888101678800: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 20.520144] ffff888101678880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.521310] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 20.357110] ================================================================== [ 20.358785] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 20.359898] Read of size 1 at addr ffff888101b3b000 by task kunit_try_catch/231 [ 20.360833] [ 20.361534] CPU: 1 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 20.361691] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.361729] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.361793] Call Trace: [ 20.361848] <TASK> [ 20.361903] dump_stack_lvl+0x73/0xb0 [ 20.361986] print_report+0xd1/0x650 [ 20.362024] ? __virt_addr_valid+0x1db/0x2d0 [ 20.362060] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 20.362098] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.362129] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 20.362163] kasan_report+0x141/0x180 [ 20.362193] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 20.362245] __asan_report_load1_noabort+0x18/0x20 [ 20.362302] kmem_cache_rcu_uaf+0x3e3/0x510 [ 20.362338] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 20.362370] ? finish_task_switch.isra.0+0x153/0x700 [ 20.362403] ? __switch_to+0x47/0xf50 [ 20.362442] ? __pfx_read_tsc+0x10/0x10 [ 20.362471] ? ktime_get_ts64+0x86/0x230 [ 20.362534] kunit_try_run_case+0x1a5/0x480 [ 20.362749] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.362787] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.362824] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.362859] ? __kthread_parkme+0x82/0x180 [ 20.362888] ? preempt_count_sub+0x50/0x80 [ 20.362918] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.362955] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.362988] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.363022] kthread+0x337/0x6f0 [ 20.363049] ? trace_preempt_on+0x20/0xc0 [ 20.363082] ? __pfx_kthread+0x10/0x10 [ 20.363110] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.363140] ? calculate_sigpending+0x7b/0xa0 [ 20.363175] ? __pfx_kthread+0x10/0x10 [ 20.363204] ret_from_fork+0x116/0x1d0 [ 20.363238] ? __pfx_kthread+0x10/0x10 [ 20.363306] ret_from_fork_asm+0x1a/0x30 [ 20.363353] </TASK> [ 20.363369] [ 20.384338] Allocated by task 231: [ 20.385051] kasan_save_stack+0x45/0x70 [ 20.385451] kasan_save_track+0x18/0x40 [ 20.385811] kasan_save_alloc_info+0x3b/0x50 [ 20.386148] __kasan_slab_alloc+0x91/0xa0 [ 20.386578] kmem_cache_alloc_noprof+0x123/0x3f0 [ 20.387094] kmem_cache_rcu_uaf+0x155/0x510 [ 20.387780] kunit_try_run_case+0x1a5/0x480 [ 20.388706] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.389043] kthread+0x337/0x6f0 [ 20.389287] ret_from_fork+0x116/0x1d0 [ 20.390336] ret_from_fork_asm+0x1a/0x30 [ 20.391348] [ 20.391862] Freed by task 0: [ 20.392634] kasan_save_stack+0x45/0x70 [ 20.393643] kasan_save_track+0x18/0x40 [ 20.394676] kasan_save_free_info+0x3f/0x60 [ 20.395062] __kasan_slab_free+0x56/0x70 [ 20.395808] slab_free_after_rcu_debug+0xe4/0x310 [ 20.396374] rcu_core+0x66f/0x1c40 [ 20.397074] rcu_core_si+0x12/0x20 [ 20.397471] handle_softirqs+0x209/0x730 [ 20.398156] __irq_exit_rcu+0xc9/0x110 [ 20.399117] irq_exit_rcu+0x12/0x20 [ 20.400027] sysvec_apic_timer_interrupt+0x81/0x90 [ 20.400528] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 20.400945] [ 20.401182] Last potentially related work creation: [ 20.401644] kasan_save_stack+0x45/0x70 [ 20.402416] kasan_record_aux_stack+0xb2/0xc0 [ 20.402989] kmem_cache_free+0x131/0x420 [ 20.403463] kmem_cache_rcu_uaf+0x194/0x510 [ 20.404717] kunit_try_run_case+0x1a5/0x480 [ 20.405107] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.405948] kthread+0x337/0x6f0 [ 20.406345] ret_from_fork+0x116/0x1d0 [ 20.406904] ret_from_fork_asm+0x1a/0x30 [ 20.407329] [ 20.408089] The buggy address belongs to the object at ffff888101b3b000 [ 20.408089] which belongs to the cache test_cache of size 200 [ 20.409458] The buggy address is located 0 bytes inside of [ 20.409458] freed 200-byte region [ffff888101b3b000, ffff888101b3b0c8) [ 20.411022] [ 20.411415] The buggy address belongs to the physical page: [ 20.413284] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3b [ 20.413896] flags: 0x200000000000000(node=0|zone=2) [ 20.414406] page_type: f5(slab) [ 20.414771] raw: 0200000000000000 ffff8881010fd640 dead000000000122 0000000000000000 [ 20.415436] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 20.417093] page dumped because: kasan: bad access detected [ 20.417752] [ 20.417962] Memory state around the buggy address: [ 20.418435] ffff888101b3af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.418984] ffff888101b3af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.420022] >ffff888101b3b000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.420686] ^ [ 20.421146] ffff888101b3b080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 20.422588] ffff888101b3b100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.423344] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 20.258439] ================================================================== [ 20.259310] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 20.260617] Free of addr ffff8881039d2001 by task kunit_try_catch/229 [ 20.262595] [ 20.263156] CPU: 0 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 20.263392] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.263436] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.263518] Call Trace: [ 20.263569] <TASK> [ 20.263620] dump_stack_lvl+0x73/0xb0 [ 20.263820] print_report+0xd1/0x650 [ 20.263908] ? __virt_addr_valid+0x1db/0x2d0 [ 20.263950] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.263982] ? kmem_cache_invalid_free+0x1d8/0x460 [ 20.264018] kasan_report_invalid_free+0x10a/0x130 [ 20.264052] ? kmem_cache_invalid_free+0x1d8/0x460 [ 20.264090] ? kmem_cache_invalid_free+0x1d8/0x460 [ 20.264125] check_slab_allocation+0x11f/0x130 [ 20.264155] __kasan_slab_pre_free+0x28/0x40 [ 20.264184] kmem_cache_free+0xed/0x420 [ 20.264218] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 20.264284] ? kmem_cache_invalid_free+0x1d8/0x460 [ 20.264326] kmem_cache_invalid_free+0x1d8/0x460 [ 20.264362] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 20.264396] ? finish_task_switch.isra.0+0x153/0x700 [ 20.264428] ? __switch_to+0x47/0xf50 [ 20.264469] ? __pfx_read_tsc+0x10/0x10 [ 20.264523] ? ktime_get_ts64+0x86/0x230 [ 20.264607] kunit_try_run_case+0x1a5/0x480 [ 20.264691] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.264759] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.264801] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.264834] ? __kthread_parkme+0x82/0x180 [ 20.264862] ? preempt_count_sub+0x50/0x80 [ 20.264894] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.264928] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.264961] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.264994] kthread+0x337/0x6f0 [ 20.265021] ? trace_preempt_on+0x20/0xc0 [ 20.265055] ? __pfx_kthread+0x10/0x10 [ 20.265083] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.265113] ? calculate_sigpending+0x7b/0xa0 [ 20.265147] ? __pfx_kthread+0x10/0x10 [ 20.265175] ret_from_fork+0x116/0x1d0 [ 20.265201] ? __pfx_kthread+0x10/0x10 [ 20.265242] ret_from_fork_asm+0x1a/0x30 [ 20.265306] </TASK> [ 20.265322] [ 20.287982] Allocated by task 229: [ 20.288387] kasan_save_stack+0x45/0x70 [ 20.289024] kasan_save_track+0x18/0x40 [ 20.289482] kasan_save_alloc_info+0x3b/0x50 [ 20.290249] __kasan_slab_alloc+0x91/0xa0 [ 20.291275] kmem_cache_alloc_noprof+0x123/0x3f0 [ 20.291675] kmem_cache_invalid_free+0x157/0x460 [ 20.292145] kunit_try_run_case+0x1a5/0x480 [ 20.292609] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.293067] kthread+0x337/0x6f0 [ 20.293437] ret_from_fork+0x116/0x1d0 [ 20.294305] ret_from_fork_asm+0x1a/0x30 [ 20.295396] [ 20.295832] The buggy address belongs to the object at ffff8881039d2000 [ 20.295832] which belongs to the cache test_cache of size 200 [ 20.296969] The buggy address is located 1 bytes inside of [ 20.296969] 200-byte region [ffff8881039d2000, ffff8881039d20c8) [ 20.298251] [ 20.298524] The buggy address belongs to the physical page: [ 20.299556] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d2 [ 20.300437] flags: 0x200000000000000(node=0|zone=2) [ 20.300909] page_type: f5(slab) [ 20.301229] raw: 0200000000000000 ffff888101678640 dead000000000122 0000000000000000 [ 20.301889] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 20.302456] page dumped because: kasan: bad access detected [ 20.303864] [ 20.304058] Memory state around the buggy address: [ 20.304707] ffff8881039d1f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.305353] ffff8881039d1f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.306075] >ffff8881039d2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.307284] ^ [ 20.307567] ffff8881039d2080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 20.308422] ffff8881039d2100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.309140] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 20.177413] ================================================================== [ 20.178465] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 20.178951] Free of addr ffff888101b39000 by task kunit_try_catch/227 [ 20.180320] [ 20.180620] CPU: 1 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 20.180741] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.180778] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.180839] Call Trace: [ 20.180884] <TASK> [ 20.180937] dump_stack_lvl+0x73/0xb0 [ 20.181045] print_report+0xd1/0x650 [ 20.181124] ? __virt_addr_valid+0x1db/0x2d0 [ 20.181211] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.181359] ? kmem_cache_double_free+0x1e5/0x480 [ 20.181469] kasan_report_invalid_free+0x10a/0x130 [ 20.181568] ? kmem_cache_double_free+0x1e5/0x480 [ 20.181672] ? kmem_cache_double_free+0x1e5/0x480 [ 20.181750] check_slab_allocation+0x101/0x130 [ 20.181821] __kasan_slab_pre_free+0x28/0x40 [ 20.181891] kmem_cache_free+0xed/0x420 [ 20.181971] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 20.182041] ? kmem_cache_double_free+0x1e5/0x480 [ 20.182111] kmem_cache_double_free+0x1e5/0x480 [ 20.182175] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 20.182238] ? finish_task_switch.isra.0+0x153/0x700 [ 20.182295] ? __switch_to+0x47/0xf50 [ 20.182366] ? __pfx_read_tsc+0x10/0x10 [ 20.182419] ? ktime_get_ts64+0x86/0x230 [ 20.182478] kunit_try_run_case+0x1a5/0x480 [ 20.182565] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.182626] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.182728] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.182807] ? __kthread_parkme+0x82/0x180 [ 20.182855] ? preempt_count_sub+0x50/0x80 [ 20.182890] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.182927] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.182961] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.182996] kthread+0x337/0x6f0 [ 20.183024] ? trace_preempt_on+0x20/0xc0 [ 20.183060] ? __pfx_kthread+0x10/0x10 [ 20.183089] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.183120] ? calculate_sigpending+0x7b/0xa0 [ 20.183155] ? __pfx_kthread+0x10/0x10 [ 20.183184] ret_from_fork+0x116/0x1d0 [ 20.183210] ? __pfx_kthread+0x10/0x10 [ 20.183258] ret_from_fork_asm+0x1a/0x30 [ 20.183316] </TASK> [ 20.183332] [ 20.206361] Allocated by task 227: [ 20.207446] kasan_save_stack+0x45/0x70 [ 20.208078] kasan_save_track+0x18/0x40 [ 20.208587] kasan_save_alloc_info+0x3b/0x50 [ 20.209010] __kasan_slab_alloc+0x91/0xa0 [ 20.209827] kmem_cache_alloc_noprof+0x123/0x3f0 [ 20.210377] kmem_cache_double_free+0x14f/0x480 [ 20.211516] kunit_try_run_case+0x1a5/0x480 [ 20.212000] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.212946] kthread+0x337/0x6f0 [ 20.213333] ret_from_fork+0x116/0x1d0 [ 20.213876] ret_from_fork_asm+0x1a/0x30 [ 20.214306] [ 20.214985] Freed by task 227: [ 20.215556] kasan_save_stack+0x45/0x70 [ 20.216136] kasan_save_track+0x18/0x40 [ 20.216564] kasan_save_free_info+0x3f/0x60 [ 20.216936] __kasan_slab_free+0x56/0x70 [ 20.217363] kmem_cache_free+0x249/0x420 [ 20.218064] kmem_cache_double_free+0x16a/0x480 [ 20.218451] kunit_try_run_case+0x1a5/0x480 [ 20.219526] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.220217] kthread+0x337/0x6f0 [ 20.220814] ret_from_fork+0x116/0x1d0 [ 20.221197] ret_from_fork_asm+0x1a/0x30 [ 20.221939] [ 20.222167] The buggy address belongs to the object at ffff888101b39000 [ 20.222167] which belongs to the cache test_cache of size 200 [ 20.223696] The buggy address is located 0 bytes inside of [ 20.223696] 200-byte region [ffff888101b39000, ffff888101b390c8) [ 20.224950] [ 20.225197] The buggy address belongs to the physical page: [ 20.225954] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b39 [ 20.226728] flags: 0x200000000000000(node=0|zone=2) [ 20.227162] page_type: f5(slab) [ 20.228321] raw: 0200000000000000 ffff8881010fd500 dead000000000122 0000000000000000 [ 20.229083] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 20.229874] page dumped because: kasan: bad access detected [ 20.230586] [ 20.230768] Memory state around the buggy address: [ 20.231759] ffff888101b38f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.232490] ffff888101b38f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.233185] >ffff888101b39000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.234049] ^ [ 20.234438] ffff888101b39080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 20.235524] ffff888101b39100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.236082] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 20.100020] ================================================================== [ 20.101064] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 20.101956] Read of size 1 at addr ffff888101b360c8 by task kunit_try_catch/225 [ 20.102723] [ 20.103032] CPU: 1 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 20.103150] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.103184] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.103246] Call Trace: [ 20.103297] <TASK> [ 20.103351] dump_stack_lvl+0x73/0xb0 [ 20.103457] print_report+0xd1/0x650 [ 20.103556] ? __virt_addr_valid+0x1db/0x2d0 [ 20.103726] ? kmem_cache_oob+0x402/0x530 [ 20.103804] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.103876] ? kmem_cache_oob+0x402/0x530 [ 20.103948] kasan_report+0x141/0x180 [ 20.104020] ? kmem_cache_oob+0x402/0x530 [ 20.104168] __asan_report_load1_noabort+0x18/0x20 [ 20.104302] kmem_cache_oob+0x402/0x530 [ 20.104378] ? trace_hardirqs_on+0x37/0xe0 [ 20.104526] ? __pfx_kmem_cache_oob+0x10/0x10 [ 20.104634] ? finish_task_switch.isra.0+0x153/0x700 [ 20.104738] ? __switch_to+0x47/0xf50 [ 20.104821] ? __pfx_read_tsc+0x10/0x10 [ 20.104854] ? ktime_get_ts64+0x86/0x230 [ 20.104891] kunit_try_run_case+0x1a5/0x480 [ 20.104930] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.104964] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.105001] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.105034] ? __kthread_parkme+0x82/0x180 [ 20.105062] ? preempt_count_sub+0x50/0x80 [ 20.105092] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.105126] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.105158] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.105191] kthread+0x337/0x6f0 [ 20.105218] ? trace_preempt_on+0x20/0xc0 [ 20.105299] ? __pfx_kthread+0x10/0x10 [ 20.105332] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.105363] ? calculate_sigpending+0x7b/0xa0 [ 20.105399] ? __pfx_kthread+0x10/0x10 [ 20.105428] ret_from_fork+0x116/0x1d0 [ 20.105454] ? __pfx_kthread+0x10/0x10 [ 20.105482] ret_from_fork_asm+0x1a/0x30 [ 20.105553] </TASK> [ 20.105571] [ 20.123417] Allocated by task 225: [ 20.123874] kasan_save_stack+0x45/0x70 [ 20.124764] kasan_save_track+0x18/0x40 [ 20.125192] kasan_save_alloc_info+0x3b/0x50 [ 20.125616] __kasan_slab_alloc+0x91/0xa0 [ 20.126193] kmem_cache_alloc_noprof+0x123/0x3f0 [ 20.126862] kmem_cache_oob+0x157/0x530 [ 20.127542] kunit_try_run_case+0x1a5/0x480 [ 20.127996] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.128438] kthread+0x337/0x6f0 [ 20.128754] ret_from_fork+0x116/0x1d0 [ 20.129602] ret_from_fork_asm+0x1a/0x30 [ 20.130043] [ 20.130465] The buggy address belongs to the object at ffff888101b36000 [ 20.130465] which belongs to the cache test_cache of size 200 [ 20.131619] The buggy address is located 0 bytes to the right of [ 20.131619] allocated 200-byte region [ffff888101b36000, ffff888101b360c8) [ 20.133002] [ 20.133301] The buggy address belongs to the physical page: [ 20.134039] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b36 [ 20.134759] flags: 0x200000000000000(node=0|zone=2) [ 20.135544] page_type: f5(slab) [ 20.136054] raw: 0200000000000000 ffff8881010fd3c0 dead000000000122 0000000000000000 [ 20.136651] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 20.137553] page dumped because: kasan: bad access detected [ 20.138021] [ 20.138538] Memory state around the buggy address: [ 20.139035] ffff888101b35f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.139898] ffff888101b36000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.140602] >ffff888101b36080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 20.141158] ^ [ 20.141775] ffff888101b36100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.142493] ffff888101b36180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.143078] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 20.008803] ================================================================== [ 20.010340] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 20.011198] Read of size 8 at addr ffff8881039cd580 by task kunit_try_catch/218 [ 20.012084] [ 20.012585] CPU: 0 UID: 0 PID: 218 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 20.012716] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.012754] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.012818] Call Trace: [ 20.012867] <TASK> [ 20.012920] dump_stack_lvl+0x73/0xb0 [ 20.013269] print_report+0xd1/0x650 [ 20.013355] ? __virt_addr_valid+0x1db/0x2d0 [ 20.013424] ? workqueue_uaf+0x4d6/0x560 [ 20.013480] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.013605] ? workqueue_uaf+0x4d6/0x560 [ 20.013725] kasan_report+0x141/0x180 [ 20.013802] ? workqueue_uaf+0x4d6/0x560 [ 20.013851] __asan_report_load8_noabort+0x18/0x20 [ 20.013893] workqueue_uaf+0x4d6/0x560 [ 20.013925] ? __pfx_workqueue_uaf+0x10/0x10 [ 20.013959] ? __schedule+0x10cc/0x2b60 [ 20.013997] ? __pfx_read_tsc+0x10/0x10 [ 20.014028] ? ktime_get_ts64+0x86/0x230 [ 20.014064] kunit_try_run_case+0x1a5/0x480 [ 20.014104] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.014139] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.014173] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.014205] ? __kthread_parkme+0x82/0x180 [ 20.014236] ? preempt_count_sub+0x50/0x80 [ 20.014299] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.014338] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.014374] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.014408] kthread+0x337/0x6f0 [ 20.014437] ? trace_preempt_on+0x20/0xc0 [ 20.014472] ? __pfx_kthread+0x10/0x10 [ 20.014526] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.014599] ? calculate_sigpending+0x7b/0xa0 [ 20.014680] ? __pfx_kthread+0x10/0x10 [ 20.014715] ret_from_fork+0x116/0x1d0 [ 20.014743] ? __pfx_kthread+0x10/0x10 [ 20.014772] ret_from_fork_asm+0x1a/0x30 [ 20.014816] </TASK> [ 20.014831] [ 20.034912] Allocated by task 218: [ 20.035732] kasan_save_stack+0x45/0x70 [ 20.036785] kasan_save_track+0x18/0x40 [ 20.037133] kasan_save_alloc_info+0x3b/0x50 [ 20.037939] __kasan_kmalloc+0xb7/0xc0 [ 20.038800] __kmalloc_cache_noprof+0x189/0x420 [ 20.039798] workqueue_uaf+0x152/0x560 [ 20.040083] kunit_try_run_case+0x1a5/0x480 [ 20.040749] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.042932] kthread+0x337/0x6f0 [ 20.043275] ret_from_fork+0x116/0x1d0 [ 20.043629] ret_from_fork_asm+0x1a/0x30 [ 20.043904] [ 20.044060] Freed by task 9: [ 20.044326] kasan_save_stack+0x45/0x70 [ 20.044652] kasan_save_track+0x18/0x40 [ 20.044958] kasan_save_free_info+0x3f/0x60 [ 20.045398] __kasan_slab_free+0x56/0x70 [ 20.045934] kfree+0x222/0x3f0 [ 20.046389] workqueue_uaf_work+0x12/0x20 [ 20.047087] process_one_work+0x5ee/0xf60 [ 20.047694] worker_thread+0x758/0x1220 [ 20.047965] kthread+0x337/0x6f0 [ 20.048192] ret_from_fork+0x116/0x1d0 [ 20.048801] ret_from_fork_asm+0x1a/0x30 [ 20.049436] [ 20.049821] Last potentially related work creation: [ 20.050643] kasan_save_stack+0x45/0x70 [ 20.051198] kasan_record_aux_stack+0xb2/0xc0 [ 20.051945] __queue_work+0x626/0xeb0 [ 20.052256] queue_work_on+0xb6/0xc0 [ 20.053285] workqueue_uaf+0x26d/0x560 [ 20.055469] kunit_try_run_case+0x1a5/0x480 [ 20.055852] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.057352] kthread+0x337/0x6f0 [ 20.058138] ret_from_fork+0x116/0x1d0 [ 20.058993] ret_from_fork_asm+0x1a/0x30 [ 20.061216] [ 20.061593] The buggy address belongs to the object at ffff8881039cd580 [ 20.061593] which belongs to the cache kmalloc-32 of size 32 [ 20.063798] The buggy address is located 0 bytes inside of [ 20.063798] freed 32-byte region [ffff8881039cd580, ffff8881039cd5a0) [ 20.065441] [ 20.066115] The buggy address belongs to the physical page: [ 20.066782] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039cd [ 20.067372] flags: 0x200000000000000(node=0|zone=2) [ 20.068493] page_type: f5(slab) [ 20.068882] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 20.069399] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.070079] page dumped because: kasan: bad access detected [ 20.071072] [ 20.071418] Memory state around the buggy address: [ 20.071844] ffff8881039cd480: 00 00 00 fc fc fc fc fc 00 00 03 fc fc fc fc fc [ 20.073088] ffff8881039cd500: 00 00 07 fc fc fc fc fc 00 00 00 07 fc fc fc fc [ 20.074834] >ffff8881039cd580: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 20.076228] ^ [ 20.076572] ffff8881039cd600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.078061] ffff8881039cd680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.079376] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 19.922858] ================================================================== [ 19.924012] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 19.924824] Read of size 4 at addr ffff8881039cd400 by task swapper/0/0 [ 19.925333] [ 19.925656] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 19.925780] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.925819] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.925879] Call Trace: [ 19.925956] <IRQ> [ 19.926012] dump_stack_lvl+0x73/0xb0 [ 19.926109] print_report+0xd1/0x650 [ 19.926188] ? __virt_addr_valid+0x1db/0x2d0 [ 19.926267] ? rcu_uaf_reclaim+0x50/0x60 [ 19.926336] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.926407] ? rcu_uaf_reclaim+0x50/0x60 [ 19.926475] kasan_report+0x141/0x180 [ 19.926826] ? rcu_uaf_reclaim+0x50/0x60 [ 19.926872] __asan_report_load4_noabort+0x18/0x20 [ 19.926912] rcu_uaf_reclaim+0x50/0x60 [ 19.926944] rcu_core+0x66f/0x1c40 [ 19.926985] ? __pfx_rcu_core+0x10/0x10 [ 19.927016] ? ktime_get+0x6b/0x150 [ 19.927047] ? handle_softirqs+0x18e/0x730 [ 19.927087] rcu_core_si+0x12/0x20 [ 19.927117] handle_softirqs+0x209/0x730 [ 19.927147] ? hrtimer_interrupt+0x2fe/0x780 [ 19.927187] ? __pfx_handle_softirqs+0x10/0x10 [ 19.927226] __irq_exit_rcu+0xc9/0x110 [ 19.927289] irq_exit_rcu+0x12/0x20 [ 19.927320] sysvec_apic_timer_interrupt+0x81/0x90 [ 19.927360] </IRQ> [ 19.927407] <TASK> [ 19.927426] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 19.927631] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 19.927946] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d a3 c8 1d 00 fb f4 <c3> cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 19.928060] RSP: 0000:ffffffffb3e07dd8 EFLAGS: 00010202 [ 19.928179] RAX: ffff8881a5e5f000 RBX: ffffffffb3e1cac0 RCX: ffffffffb2caf1c5 [ 19.928264] RDX: ffffed102b60618b RSI: 0000000000000004 RDI: 0000000000006e74 [ 19.928356] RBP: ffffffffb3e07de0 R08: 0000000000000001 R09: ffffed102b60618a [ 19.928417] R10: ffff88815b030c53 R11: 0000000000028400 R12: 0000000000000000 [ 19.928477] R13: fffffbfff67c3958 R14: ffffffffb49c0490 R15: 0000000000000000 [ 19.928697] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 19.928785] ? default_idle+0xd/0x20 [ 19.928818] arch_cpu_idle+0xd/0x20 [ 19.928848] default_idle_call+0x48/0x80 [ 19.928877] do_idle+0x379/0x4f0 [ 19.928913] ? __pfx_do_idle+0x10/0x10 [ 19.928945] ? trace_preempt_on+0x20/0xc0 [ 19.928978] ? schedule+0x86/0x2e0 [ 19.929008] ? preempt_count_sub+0x50/0x80 [ 19.929041] cpu_startup_entry+0x5c/0x70 [ 19.929077] rest_init+0x11a/0x140 [ 19.929103] ? acpi_subsystem_init+0x5d/0x150 [ 19.929143] start_kernel+0x330/0x410 [ 19.929178] x86_64_start_reservations+0x1c/0x30 [ 19.929213] x86_64_start_kernel+0x10d/0x120 [ 19.929278] common_startup_64+0x13e/0x148 [ 19.929329] </TASK> [ 19.929345] [ 19.959161] Allocated by task 216: [ 19.959834] kasan_save_stack+0x45/0x70 [ 19.961060] kasan_save_track+0x18/0x40 [ 19.961904] kasan_save_alloc_info+0x3b/0x50 [ 19.962324] __kasan_kmalloc+0xb7/0xc0 [ 19.962743] __kmalloc_cache_noprof+0x189/0x420 [ 19.963224] rcu_uaf+0xb0/0x330 [ 19.963654] kunit_try_run_case+0x1a5/0x480 [ 19.964159] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.965043] kthread+0x337/0x6f0 [ 19.965802] ret_from_fork+0x116/0x1d0 [ 19.967200] ret_from_fork_asm+0x1a/0x30 [ 19.968054] [ 19.968276] Freed by task 0: [ 19.968536] kasan_save_stack+0x45/0x70 [ 19.969112] kasan_save_track+0x18/0x40 [ 19.969479] kasan_save_free_info+0x3f/0x60 [ 19.970049] __kasan_slab_free+0x56/0x70 [ 19.971598] kfree+0x222/0x3f0 [ 19.972029] rcu_uaf_reclaim+0x1f/0x60 [ 19.972749] rcu_core+0x66f/0x1c40 [ 19.973120] rcu_core_si+0x12/0x20 [ 19.974043] handle_softirqs+0x209/0x730 [ 19.974626] __irq_exit_rcu+0xc9/0x110 [ 19.975211] irq_exit_rcu+0x12/0x20 [ 19.976011] sysvec_apic_timer_interrupt+0x81/0x90 [ 19.976867] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 19.977241] [ 19.977786] Last potentially related work creation: [ 19.978214] kasan_save_stack+0x45/0x70 [ 19.978593] kasan_record_aux_stack+0xb2/0xc0 [ 19.979011] __call_rcu_common.constprop.0+0x72/0x9d0 [ 19.980168] call_rcu+0x12/0x20 [ 19.981021] rcu_uaf+0x168/0x330 [ 19.981606] kunit_try_run_case+0x1a5/0x480 [ 19.982244] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.983069] kthread+0x337/0x6f0 [ 19.983889] ret_from_fork+0x116/0x1d0 [ 19.984616] ret_from_fork_asm+0x1a/0x30 [ 19.985044] [ 19.985664] The buggy address belongs to the object at ffff8881039cd400 [ 19.985664] which belongs to the cache kmalloc-32 of size 32 [ 19.986894] The buggy address is located 0 bytes inside of [ 19.986894] freed 32-byte region [ffff8881039cd400, ffff8881039cd420) [ 19.988059] [ 19.988804] The buggy address belongs to the physical page: [ 19.989362] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039cd [ 19.990373] flags: 0x200000000000000(node=0|zone=2) [ 19.991062] page_type: f5(slab) [ 19.991438] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 19.992265] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.993214] page dumped because: kasan: bad access detected [ 19.994039] [ 19.994258] Memory state around the buggy address: [ 19.994963] ffff8881039cd300: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.996014] ffff8881039cd380: 00 00 05 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 19.996654] >ffff8881039cd400: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 19.997192] ^ [ 19.997572] ffff8881039cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.998182] ffff8881039cd500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.998769] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 19.795061] ================================================================== [ 19.797160] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 19.797464] Read of size 1 at addr ffff8881039c8100 by task kunit_try_catch/214 [ 19.798341] [ 19.799080] CPU: 0 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 19.799221] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.799262] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.799369] Call Trace: [ 19.799425] <TASK> [ 19.799645] dump_stack_lvl+0x73/0xb0 [ 19.800118] print_report+0xd1/0x650 [ 19.800297] ? __virt_addr_valid+0x1db/0x2d0 [ 19.800364] ? ksize_uaf+0x5fe/0x6c0 [ 19.800399] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.800437] ? ksize_uaf+0x5fe/0x6c0 [ 19.800470] kasan_report+0x141/0x180 [ 19.800531] ? ksize_uaf+0x5fe/0x6c0 [ 19.800670] __asan_report_load1_noabort+0x18/0x20 [ 19.800728] ksize_uaf+0x5fe/0x6c0 [ 19.800763] ? __pfx_ksize_uaf+0x10/0x10 [ 19.800799] ? __schedule+0x10cc/0x2b60 [ 19.800835] ? __pfx_read_tsc+0x10/0x10 [ 19.800869] ? ktime_get_ts64+0x86/0x230 [ 19.800907] kunit_try_run_case+0x1a5/0x480 [ 19.800950] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.800989] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.801026] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.801064] ? __kthread_parkme+0x82/0x180 [ 19.801096] ? preempt_count_sub+0x50/0x80 [ 19.801131] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.801171] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.801210] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.801293] kthread+0x337/0x6f0 [ 19.801328] ? trace_preempt_on+0x20/0xc0 [ 19.801365] ? __pfx_kthread+0x10/0x10 [ 19.801397] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.801432] ? calculate_sigpending+0x7b/0xa0 [ 19.801472] ? __pfx_kthread+0x10/0x10 [ 19.801529] ret_from_fork+0x116/0x1d0 [ 19.801599] ? __pfx_kthread+0x10/0x10 [ 19.801693] ret_from_fork_asm+0x1a/0x30 [ 19.801743] </TASK> [ 19.801759] [ 19.822173] Allocated by task 214: [ 19.822669] kasan_save_stack+0x45/0x70 [ 19.823385] kasan_save_track+0x18/0x40 [ 19.824339] kasan_save_alloc_info+0x3b/0x50 [ 19.825009] __kasan_kmalloc+0xb7/0xc0 [ 19.825493] __kmalloc_cache_noprof+0x189/0x420 [ 19.826256] ksize_uaf+0xaa/0x6c0 [ 19.826884] kunit_try_run_case+0x1a5/0x480 [ 19.827351] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.828525] kthread+0x337/0x6f0 [ 19.829216] ret_from_fork+0x116/0x1d0 [ 19.829911] ret_from_fork_asm+0x1a/0x30 [ 19.830567] [ 19.830984] Freed by task 214: [ 19.831375] kasan_save_stack+0x45/0x70 [ 19.832076] kasan_save_track+0x18/0x40 [ 19.832579] kasan_save_free_info+0x3f/0x60 [ 19.833667] __kasan_slab_free+0x56/0x70 [ 19.834243] kfree+0x222/0x3f0 [ 19.834881] ksize_uaf+0x12c/0x6c0 [ 19.835262] kunit_try_run_case+0x1a5/0x480 [ 19.836024] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.836731] kthread+0x337/0x6f0 [ 19.837488] ret_from_fork+0x116/0x1d0 [ 19.838388] ret_from_fork_asm+0x1a/0x30 [ 19.839201] [ 19.839668] The buggy address belongs to the object at ffff8881039c8100 [ 19.839668] which belongs to the cache kmalloc-128 of size 128 [ 19.840800] The buggy address is located 0 bytes inside of [ 19.840800] freed 128-byte region [ffff8881039c8100, ffff8881039c8180) [ 19.841198] [ 19.841291] The buggy address belongs to the physical page: [ 19.841489] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c8 [ 19.843059] flags: 0x200000000000000(node=0|zone=2) [ 19.844354] page_type: f5(slab) [ 19.845426] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 19.846200] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.847531] page dumped because: kasan: bad access detected [ 19.848164] [ 19.848398] Memory state around the buggy address: [ 19.848945] ffff8881039c8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.849657] ffff8881039c8080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.850190] >ffff8881039c8100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.851483] ^ [ 19.851979] ffff8881039c8180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.853339] ffff8881039c8200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.854048] ================================================================== [ 19.723474] ================================================================== [ 19.724345] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 19.725934] Read of size 1 at addr ffff8881039c8100 by task kunit_try_catch/214 [ 19.726946] [ 19.727442] CPU: 0 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 19.727798] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.727832] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.727886] Call Trace: [ 19.727926] <TASK> [ 19.727972] dump_stack_lvl+0x73/0xb0 [ 19.728072] print_report+0xd1/0x650 [ 19.728143] ? __virt_addr_valid+0x1db/0x2d0 [ 19.728185] ? ksize_uaf+0x19d/0x6c0 [ 19.728216] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.728285] ? ksize_uaf+0x19d/0x6c0 [ 19.728320] kasan_report+0x141/0x180 [ 19.728350] ? ksize_uaf+0x19d/0x6c0 [ 19.728383] ? ksize_uaf+0x19d/0x6c0 [ 19.728411] __kasan_check_byte+0x3d/0x50 [ 19.728441] ksize+0x20/0x60 [ 19.728469] ksize_uaf+0x19d/0x6c0 [ 19.728520] ? __pfx_ksize_uaf+0x10/0x10 [ 19.728618] ? __schedule+0x10cc/0x2b60 [ 19.728698] ? __pfx_read_tsc+0x10/0x10 [ 19.728733] ? ktime_get_ts64+0x86/0x230 [ 19.728768] kunit_try_run_case+0x1a5/0x480 [ 19.728807] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.728841] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.728874] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.728906] ? __kthread_parkme+0x82/0x180 [ 19.728934] ? preempt_count_sub+0x50/0x80 [ 19.728965] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.729000] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.729032] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.729065] kthread+0x337/0x6f0 [ 19.729092] ? trace_preempt_on+0x20/0xc0 [ 19.729124] ? __pfx_kthread+0x10/0x10 [ 19.729152] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.729181] ? calculate_sigpending+0x7b/0xa0 [ 19.729215] ? __pfx_kthread+0x10/0x10 [ 19.729261] ret_from_fork+0x116/0x1d0 [ 19.729300] ? __pfx_kthread+0x10/0x10 [ 19.729329] ret_from_fork_asm+0x1a/0x30 [ 19.729372] </TASK> [ 19.729387] [ 19.752047] Allocated by task 214: [ 19.752892] kasan_save_stack+0x45/0x70 [ 19.753494] kasan_save_track+0x18/0x40 [ 19.754750] kasan_save_alloc_info+0x3b/0x50 [ 19.755287] __kasan_kmalloc+0xb7/0xc0 [ 19.755962] __kmalloc_cache_noprof+0x189/0x420 [ 19.756803] ksize_uaf+0xaa/0x6c0 [ 19.757212] kunit_try_run_case+0x1a5/0x480 [ 19.758132] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.759028] kthread+0x337/0x6f0 [ 19.759459] ret_from_fork+0x116/0x1d0 [ 19.759908] ret_from_fork_asm+0x1a/0x30 [ 19.760442] [ 19.761231] Freed by task 214: [ 19.761785] kasan_save_stack+0x45/0x70 [ 19.762620] kasan_save_track+0x18/0x40 [ 19.763205] kasan_save_free_info+0x3f/0x60 [ 19.763955] __kasan_slab_free+0x56/0x70 [ 19.764472] kfree+0x222/0x3f0 [ 19.765145] ksize_uaf+0x12c/0x6c0 [ 19.765550] kunit_try_run_case+0x1a5/0x480 [ 19.766659] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.767206] kthread+0x337/0x6f0 [ 19.767878] ret_from_fork+0x116/0x1d0 [ 19.768279] ret_from_fork_asm+0x1a/0x30 [ 19.769030] [ 19.769663] The buggy address belongs to the object at ffff8881039c8100 [ 19.769663] which belongs to the cache kmalloc-128 of size 128 [ 19.771198] The buggy address is located 0 bytes inside of [ 19.771198] freed 128-byte region [ffff8881039c8100, ffff8881039c8180) [ 19.772070] [ 19.772316] The buggy address belongs to the physical page: [ 19.773000] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c8 [ 19.774313] flags: 0x200000000000000(node=0|zone=2) [ 19.774664] page_type: f5(slab) [ 19.774923] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 19.777701] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.778130] page dumped because: kasan: bad access detected [ 19.778514] [ 19.779457] Memory state around the buggy address: [ 19.783049] ffff8881039c8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.785679] ffff8881039c8080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.788614] >ffff8881039c8100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.790569] ^ [ 19.791377] ffff8881039c8180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.792144] ffff8881039c8200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.793209] ================================================================== [ 19.855977] ================================================================== [ 19.857843] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 19.858401] Read of size 1 at addr ffff8881039c8178 by task kunit_try_catch/214 [ 19.860063] [ 19.860327] CPU: 0 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 19.860457] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.860495] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.860579] Call Trace: [ 19.860621] <TASK> [ 19.860667] dump_stack_lvl+0x73/0xb0 [ 19.860781] print_report+0xd1/0x650 [ 19.860865] ? __virt_addr_valid+0x1db/0x2d0 [ 19.860942] ? ksize_uaf+0x5e4/0x6c0 [ 19.861015] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.861087] ? ksize_uaf+0x5e4/0x6c0 [ 19.861159] kasan_report+0x141/0x180 [ 19.861201] ? ksize_uaf+0x5e4/0x6c0 [ 19.861242] __asan_report_load1_noabort+0x18/0x20 [ 19.861307] ksize_uaf+0x5e4/0x6c0 [ 19.861340] ? __pfx_ksize_uaf+0x10/0x10 [ 19.861372] ? __schedule+0x10cc/0x2b60 [ 19.861406] ? __pfx_read_tsc+0x10/0x10 [ 19.861437] ? ktime_get_ts64+0x86/0x230 [ 19.861469] kunit_try_run_case+0x1a5/0x480 [ 19.861540] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.861613] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.861694] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.861756] ? __kthread_parkme+0x82/0x180 [ 19.861789] ? preempt_count_sub+0x50/0x80 [ 19.861821] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.861857] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.861892] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.861926] kthread+0x337/0x6f0 [ 19.861952] ? trace_preempt_on+0x20/0xc0 [ 19.861985] ? __pfx_kthread+0x10/0x10 [ 19.862012] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.862044] ? calculate_sigpending+0x7b/0xa0 [ 19.862078] ? __pfx_kthread+0x10/0x10 [ 19.862107] ret_from_fork+0x116/0x1d0 [ 19.862132] ? __pfx_kthread+0x10/0x10 [ 19.862162] ret_from_fork_asm+0x1a/0x30 [ 19.862203] </TASK> [ 19.862216] [ 19.878908] Allocated by task 214: [ 19.879327] kasan_save_stack+0x45/0x70 [ 19.880414] kasan_save_track+0x18/0x40 [ 19.880892] kasan_save_alloc_info+0x3b/0x50 [ 19.881529] __kasan_kmalloc+0xb7/0xc0 [ 19.881862] __kmalloc_cache_noprof+0x189/0x420 [ 19.882566] ksize_uaf+0xaa/0x6c0 [ 19.883047] kunit_try_run_case+0x1a5/0x480 [ 19.884285] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.884863] kthread+0x337/0x6f0 [ 19.885185] ret_from_fork+0x116/0x1d0 [ 19.885645] ret_from_fork_asm+0x1a/0x30 [ 19.886040] [ 19.886257] Freed by task 214: [ 19.888350] kasan_save_stack+0x45/0x70 [ 19.889442] kasan_save_track+0x18/0x40 [ 19.889875] kasan_save_free_info+0x3f/0x60 [ 19.890289] __kasan_slab_free+0x56/0x70 [ 19.890743] kfree+0x222/0x3f0 [ 19.891146] ksize_uaf+0x12c/0x6c0 [ 19.891596] kunit_try_run_case+0x1a5/0x480 [ 19.892031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.892434] kthread+0x337/0x6f0 [ 19.893950] ret_from_fork+0x116/0x1d0 [ 19.894336] ret_from_fork_asm+0x1a/0x30 [ 19.894921] [ 19.895169] The buggy address belongs to the object at ffff8881039c8100 [ 19.895169] which belongs to the cache kmalloc-128 of size 128 [ 19.896200] The buggy address is located 120 bytes inside of [ 19.896200] freed 128-byte region [ffff8881039c8100, ffff8881039c8180) [ 19.897267] [ 19.897534] The buggy address belongs to the physical page: [ 19.898178] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c8 [ 19.899731] flags: 0x200000000000000(node=0|zone=2) [ 19.900316] page_type: f5(slab) [ 19.900698] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 19.901224] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.902107] page dumped because: kasan: bad access detected [ 19.902603] [ 19.903533] Memory state around the buggy address: [ 19.904133] ffff8881039c8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.904903] ffff8881039c8080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.905876] >ffff8881039c8100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.906395] ^ [ 19.906985] ffff8881039c8180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.907555] ffff8881039c8200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.908899] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 19.629377] ================================================================== [ 19.630309] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 19.631219] Read of size 1 at addr ffff888101b20c78 by task kunit_try_catch/212 [ 19.631807] [ 19.632090] CPU: 1 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 19.632215] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.632810] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.632851] Call Trace: [ 19.632872] <TASK> [ 19.632896] dump_stack_lvl+0x73/0xb0 [ 19.632947] print_report+0xd1/0x650 [ 19.632983] ? __virt_addr_valid+0x1db/0x2d0 [ 19.633017] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 19.633050] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.633081] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 19.633114] kasan_report+0x141/0x180 [ 19.633146] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 19.633185] __asan_report_load1_noabort+0x18/0x20 [ 19.633225] ksize_unpoisons_memory+0x7e9/0x9b0 [ 19.633290] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 19.633327] ? finish_task_switch.isra.0+0x153/0x700 [ 19.633359] ? __switch_to+0x47/0xf50 [ 19.633394] ? __schedule+0x10cc/0x2b60 [ 19.633427] ? __pfx_read_tsc+0x10/0x10 [ 19.633456] ? ktime_get_ts64+0x86/0x230 [ 19.633490] kunit_try_run_case+0x1a5/0x480 [ 19.633553] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.633588] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.633639] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.633674] ? __kthread_parkme+0x82/0x180 [ 19.633702] ? preempt_count_sub+0x50/0x80 [ 19.633732] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.633768] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.633801] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.633834] kthread+0x337/0x6f0 [ 19.633862] ? trace_preempt_on+0x20/0xc0 [ 19.633897] ? __pfx_kthread+0x10/0x10 [ 19.633927] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.633959] ? calculate_sigpending+0x7b/0xa0 [ 19.633994] ? __pfx_kthread+0x10/0x10 [ 19.634024] ret_from_fork+0x116/0x1d0 [ 19.634049] ? __pfx_kthread+0x10/0x10 [ 19.634076] ret_from_fork_asm+0x1a/0x30 [ 19.634117] </TASK> [ 19.634132] [ 19.650909] Allocated by task 212: [ 19.651472] kasan_save_stack+0x45/0x70 [ 19.652059] kasan_save_track+0x18/0x40 [ 19.652629] kasan_save_alloc_info+0x3b/0x50 [ 19.653195] __kasan_kmalloc+0xb7/0xc0 [ 19.653728] __kmalloc_cache_noprof+0x189/0x420 [ 19.654363] ksize_unpoisons_memory+0xc7/0x9b0 [ 19.654911] kunit_try_run_case+0x1a5/0x480 [ 19.655456] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.656136] kthread+0x337/0x6f0 [ 19.656535] ret_from_fork+0x116/0x1d0 [ 19.656916] ret_from_fork_asm+0x1a/0x30 [ 19.657546] [ 19.657903] The buggy address belongs to the object at ffff888101b20c00 [ 19.657903] which belongs to the cache kmalloc-128 of size 128 [ 19.658954] The buggy address is located 5 bytes to the right of [ 19.658954] allocated 115-byte region [ffff888101b20c00, ffff888101b20c73) [ 19.660133] [ 19.660477] The buggy address belongs to the physical page: [ 19.661134] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b20 [ 19.661972] flags: 0x200000000000000(node=0|zone=2) [ 19.662495] page_type: f5(slab) [ 19.662902] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 19.663678] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.664180] page dumped because: kasan: bad access detected [ 19.664879] [ 19.665164] Memory state around the buggy address: [ 19.665804] ffff888101b20b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.666533] ffff888101b20b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.667186] >ffff888101b20c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.667897] ^ [ 19.668671] ffff888101b20c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.669344] ffff888101b20d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.670082] ================================================================== [ 19.673386] ================================================================== [ 19.674150] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 19.674944] Read of size 1 at addr ffff888101b20c7f by task kunit_try_catch/212 [ 19.675736] [ 19.676079] CPU: 1 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 19.676318] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.676359] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.676457] Call Trace: [ 19.676555] <TASK> [ 19.676608] dump_stack_lvl+0x73/0xb0 [ 19.676729] print_report+0xd1/0x650 [ 19.676836] ? __virt_addr_valid+0x1db/0x2d0 [ 19.676910] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 19.676983] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.677041] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 19.677077] kasan_report+0x141/0x180 [ 19.677108] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 19.677148] __asan_report_load1_noabort+0x18/0x20 [ 19.677183] ksize_unpoisons_memory+0x7b6/0x9b0 [ 19.677216] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 19.677295] ? finish_task_switch.isra.0+0x153/0x700 [ 19.677329] ? __switch_to+0x47/0xf50 [ 19.677365] ? __schedule+0x10cc/0x2b60 [ 19.677396] ? __pfx_read_tsc+0x10/0x10 [ 19.677424] ? ktime_get_ts64+0x86/0x230 [ 19.677458] kunit_try_run_case+0x1a5/0x480 [ 19.677494] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.677555] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.677590] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.677636] ? __kthread_parkme+0x82/0x180 [ 19.677665] ? preempt_count_sub+0x50/0x80 [ 19.677695] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.677729] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.677761] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.677794] kthread+0x337/0x6f0 [ 19.677820] ? trace_preempt_on+0x20/0xc0 [ 19.677853] ? __pfx_kthread+0x10/0x10 [ 19.677881] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.677910] ? calculate_sigpending+0x7b/0xa0 [ 19.677943] ? __pfx_kthread+0x10/0x10 [ 19.677971] ret_from_fork+0x116/0x1d0 [ 19.677995] ? __pfx_kthread+0x10/0x10 [ 19.678022] ret_from_fork_asm+0x1a/0x30 [ 19.678063] </TASK> [ 19.678078] [ 19.697200] Allocated by task 212: [ 19.697815] kasan_save_stack+0x45/0x70 [ 19.698350] kasan_save_track+0x18/0x40 [ 19.698800] kasan_save_alloc_info+0x3b/0x50 [ 19.699337] __kasan_kmalloc+0xb7/0xc0 [ 19.699792] __kmalloc_cache_noprof+0x189/0x420 [ 19.700424] ksize_unpoisons_memory+0xc7/0x9b0 [ 19.700962] kunit_try_run_case+0x1a5/0x480 [ 19.701559] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.702108] kthread+0x337/0x6f0 [ 19.702595] ret_from_fork+0x116/0x1d0 [ 19.703029] ret_from_fork_asm+0x1a/0x30 [ 19.703399] [ 19.703647] The buggy address belongs to the object at ffff888101b20c00 [ 19.703647] which belongs to the cache kmalloc-128 of size 128 [ 19.704882] The buggy address is located 12 bytes to the right of [ 19.704882] allocated 115-byte region [ffff888101b20c00, ffff888101b20c73) [ 19.705962] [ 19.706261] The buggy address belongs to the physical page: [ 19.706878] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b20 [ 19.707725] flags: 0x200000000000000(node=0|zone=2) [ 19.708259] page_type: f5(slab) [ 19.708618] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 19.709400] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.710275] page dumped because: kasan: bad access detected [ 19.710828] [ 19.711062] Memory state around the buggy address: [ 19.711610] ffff888101b20b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.712263] ffff888101b20b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.712932] >ffff888101b20c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.713591] ^ [ 19.714170] ffff888101b20c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.714845] ffff888101b20d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.715550] ================================================================== [ 19.578280] ================================================================== [ 19.579240] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 19.579931] Read of size 1 at addr ffff888101b20c73 by task kunit_try_catch/212 [ 19.580409] [ 19.581451] CPU: 1 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 19.581595] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.581649] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.581711] Call Trace: [ 19.581760] <TASK> [ 19.581813] dump_stack_lvl+0x73/0xb0 [ 19.581913] print_report+0xd1/0x650 [ 19.581992] ? __virt_addr_valid+0x1db/0x2d0 [ 19.582071] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 19.582151] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.582227] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 19.582303] kasan_report+0x141/0x180 [ 19.582375] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 19.582462] __asan_report_load1_noabort+0x18/0x20 [ 19.582564] ksize_unpoisons_memory+0x81c/0x9b0 [ 19.582643] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 19.582717] ? finish_task_switch.isra.0+0x153/0x700 [ 19.582789] ? __switch_to+0x47/0xf50 [ 19.582873] ? __schedule+0x10cc/0x2b60 [ 19.582934] ? __pfx_read_tsc+0x10/0x10 [ 19.582987] ? ktime_get_ts64+0x86/0x230 [ 19.583050] kunit_try_run_case+0x1a5/0x480 [ 19.583125] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.583188] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.583281] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.583354] ? __kthread_parkme+0x82/0x180 [ 19.583411] ? preempt_count_sub+0x50/0x80 [ 19.583481] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.583573] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.583655] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.583728] kthread+0x337/0x6f0 [ 19.583762] ? trace_preempt_on+0x20/0xc0 [ 19.583798] ? __pfx_kthread+0x10/0x10 [ 19.583826] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.583857] ? calculate_sigpending+0x7b/0xa0 [ 19.583892] ? __pfx_kthread+0x10/0x10 [ 19.583922] ret_from_fork+0x116/0x1d0 [ 19.583947] ? __pfx_kthread+0x10/0x10 [ 19.583974] ret_from_fork_asm+0x1a/0x30 [ 19.584015] </TASK> [ 19.584031] [ 19.603305] Allocated by task 212: [ 19.603731] kasan_save_stack+0x45/0x70 [ 19.604190] kasan_save_track+0x18/0x40 [ 19.605464] kasan_save_alloc_info+0x3b/0x50 [ 19.605839] __kasan_kmalloc+0xb7/0xc0 [ 19.606152] __kmalloc_cache_noprof+0x189/0x420 [ 19.607053] ksize_unpoisons_memory+0xc7/0x9b0 [ 19.608199] kunit_try_run_case+0x1a5/0x480 [ 19.608678] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.609162] kthread+0x337/0x6f0 [ 19.609466] ret_from_fork+0x116/0x1d0 [ 19.609932] ret_from_fork_asm+0x1a/0x30 [ 19.610724] [ 19.610949] The buggy address belongs to the object at ffff888101b20c00 [ 19.610949] which belongs to the cache kmalloc-128 of size 128 [ 19.612028] The buggy address is located 0 bytes to the right of [ 19.612028] allocated 115-byte region [ffff888101b20c00, ffff888101b20c73) [ 19.614364] [ 19.614710] The buggy address belongs to the physical page: [ 19.615430] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b20 [ 19.616719] flags: 0x200000000000000(node=0|zone=2) [ 19.617533] page_type: f5(slab) [ 19.618071] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 19.619302] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.620515] page dumped because: kasan: bad access detected [ 19.620976] [ 19.621205] Memory state around the buggy address: [ 19.622045] ffff888101b20b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.622986] ffff888101b20b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.623744] >ffff888101b20c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.624840] ^ [ 19.625237] ffff888101b20c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.626261] ffff888101b20d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.627103] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kfree_sensitive
[ 19.515774] ================================================================== [ 19.519024] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 19.520059] Free of addr ffff8881023e23e0 by task kunit_try_catch/210 [ 19.521208] [ 19.522644] CPU: 0 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 19.522757] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.522785] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.522835] Call Trace: [ 19.522877] <TASK> [ 19.522923] dump_stack_lvl+0x73/0xb0 [ 19.523025] print_report+0xd1/0x650 [ 19.523461] ? __virt_addr_valid+0x1db/0x2d0 [ 19.523558] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.523619] ? kfree_sensitive+0x2e/0x90 [ 19.523671] kasan_report_invalid_free+0x10a/0x130 [ 19.523727] ? kfree_sensitive+0x2e/0x90 [ 19.523779] ? kfree_sensitive+0x2e/0x90 [ 19.523826] check_slab_allocation+0x101/0x130 [ 19.523875] __kasan_slab_pre_free+0x28/0x40 [ 19.523922] kfree+0xf0/0x3f0 [ 19.523995] ? kfree_sensitive+0x2e/0x90 [ 19.524058] kfree_sensitive+0x2e/0x90 [ 19.524113] kmalloc_double_kzfree+0x19c/0x350 [ 19.524178] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 19.524355] ? __schedule+0x10cc/0x2b60 [ 19.524440] ? __pfx_read_tsc+0x10/0x10 [ 19.524610] ? ktime_get_ts64+0x86/0x230 [ 19.524695] kunit_try_run_case+0x1a5/0x480 [ 19.524775] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.524847] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.524888] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.524924] ? __kthread_parkme+0x82/0x180 [ 19.524956] ? preempt_count_sub+0x50/0x80 [ 19.524990] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.525027] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.525060] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.525094] kthread+0x337/0x6f0 [ 19.525122] ? trace_preempt_on+0x20/0xc0 [ 19.525157] ? __pfx_kthread+0x10/0x10 [ 19.525185] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.525216] ? calculate_sigpending+0x7b/0xa0 [ 19.525316] ? __pfx_kthread+0x10/0x10 [ 19.525350] ret_from_fork+0x116/0x1d0 [ 19.525377] ? __pfx_kthread+0x10/0x10 [ 19.525406] ret_from_fork_asm+0x1a/0x30 [ 19.525449] </TASK> [ 19.525464] [ 19.546053] Allocated by task 210: [ 19.546923] kasan_save_stack+0x45/0x70 [ 19.547365] kasan_save_track+0x18/0x40 [ 19.547940] kasan_save_alloc_info+0x3b/0x50 [ 19.548135] __kasan_kmalloc+0xb7/0xc0 [ 19.548601] __kmalloc_cache_noprof+0x189/0x420 [ 19.549483] kmalloc_double_kzfree+0xa9/0x350 [ 19.549962] kunit_try_run_case+0x1a5/0x480 [ 19.550417] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.550954] kthread+0x337/0x6f0 [ 19.551402] ret_from_fork+0x116/0x1d0 [ 19.551830] ret_from_fork_asm+0x1a/0x30 [ 19.552300] [ 19.552534] Freed by task 210: [ 19.552931] kasan_save_stack+0x45/0x70 [ 19.553442] kasan_save_track+0x18/0x40 [ 19.553864] kasan_save_free_info+0x3f/0x60 [ 19.554405] __kasan_slab_free+0x56/0x70 [ 19.554811] kfree+0x222/0x3f0 [ 19.555186] kfree_sensitive+0x67/0x90 [ 19.555678] kmalloc_double_kzfree+0x12b/0x350 [ 19.556184] kunit_try_run_case+0x1a5/0x480 [ 19.556769] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.557397] kthread+0x337/0x6f0 [ 19.557824] ret_from_fork+0x116/0x1d0 [ 19.558282] ret_from_fork_asm+0x1a/0x30 [ 19.558687] [ 19.559006] The buggy address belongs to the object at ffff8881023e23e0 [ 19.559006] which belongs to the cache kmalloc-16 of size 16 [ 19.559969] The buggy address is located 0 bytes inside of [ 19.559969] 16-byte region [ffff8881023e23e0, ffff8881023e23f0) [ 19.560782] [ 19.560991] The buggy address belongs to the physical page: [ 19.561664] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023e2 [ 19.562344] flags: 0x200000000000000(node=0|zone=2) [ 19.562820] page_type: f5(slab) [ 19.563257] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.563860] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.564430] page dumped because: kasan: bad access detected [ 19.565096] [ 19.565362] Memory state around the buggy address: [ 19.565837] ffff8881023e2280: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 19.566422] ffff8881023e2300: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 19.567118] >ffff8881023e2380: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 19.567748] ^ [ 19.568337] ffff8881023e2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.568994] ffff8881023e2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.569723] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 19.457448] ================================================================== [ 19.458412] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 19.460043] Read of size 1 at addr ffff8881023e23e0 by task kunit_try_catch/210 [ 19.461025] [ 19.461326] CPU: 0 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 19.461567] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.461606] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.461682] Call Trace: [ 19.461719] <TASK> [ 19.461767] dump_stack_lvl+0x73/0xb0 [ 19.461871] print_report+0xd1/0x650 [ 19.461950] ? __virt_addr_valid+0x1db/0x2d0 [ 19.462078] ? kmalloc_double_kzfree+0x19c/0x350 [ 19.462169] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.462285] ? kmalloc_double_kzfree+0x19c/0x350 [ 19.462344] kasan_report+0x141/0x180 [ 19.462378] ? kmalloc_double_kzfree+0x19c/0x350 [ 19.462414] ? kmalloc_double_kzfree+0x19c/0x350 [ 19.462447] __kasan_check_byte+0x3d/0x50 [ 19.462477] kfree_sensitive+0x22/0x90 [ 19.462542] kmalloc_double_kzfree+0x19c/0x350 [ 19.462578] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 19.462612] ? __schedule+0x10cc/0x2b60 [ 19.462644] ? __pfx_read_tsc+0x10/0x10 [ 19.462675] ? ktime_get_ts64+0x86/0x230 [ 19.462708] kunit_try_run_case+0x1a5/0x480 [ 19.462746] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.462778] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.462813] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.462846] ? __kthread_parkme+0x82/0x180 [ 19.462876] ? preempt_count_sub+0x50/0x80 [ 19.462908] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.462942] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.462975] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.463008] kthread+0x337/0x6f0 [ 19.463034] ? trace_preempt_on+0x20/0xc0 [ 19.463067] ? __pfx_kthread+0x10/0x10 [ 19.463095] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.463124] ? calculate_sigpending+0x7b/0xa0 [ 19.463158] ? __pfx_kthread+0x10/0x10 [ 19.463187] ret_from_fork+0x116/0x1d0 [ 19.463212] ? __pfx_kthread+0x10/0x10 [ 19.463291] ret_from_fork_asm+0x1a/0x30 [ 19.463337] </TASK> [ 19.463353] [ 19.483168] Allocated by task 210: [ 19.483826] kasan_save_stack+0x45/0x70 [ 19.484579] kasan_save_track+0x18/0x40 [ 19.484996] kasan_save_alloc_info+0x3b/0x50 [ 19.485631] __kasan_kmalloc+0xb7/0xc0 [ 19.486069] __kmalloc_cache_noprof+0x189/0x420 [ 19.486763] kmalloc_double_kzfree+0xa9/0x350 [ 19.487184] kunit_try_run_case+0x1a5/0x480 [ 19.487806] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.488466] kthread+0x337/0x6f0 [ 19.488944] ret_from_fork+0x116/0x1d0 [ 19.489313] ret_from_fork_asm+0x1a/0x30 [ 19.489766] [ 19.490008] Freed by task 210: [ 19.490361] kasan_save_stack+0x45/0x70 [ 19.490781] kasan_save_track+0x18/0x40 [ 19.491097] kasan_save_free_info+0x3f/0x60 [ 19.491679] __kasan_slab_free+0x56/0x70 [ 19.492458] kfree+0x222/0x3f0 [ 19.493053] kfree_sensitive+0x67/0x90 [ 19.493725] kmalloc_double_kzfree+0x12b/0x350 [ 19.494359] kunit_try_run_case+0x1a5/0x480 [ 19.494835] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.495735] kthread+0x337/0x6f0 [ 19.496056] ret_from_fork+0x116/0x1d0 [ 19.496571] ret_from_fork_asm+0x1a/0x30 [ 19.497219] [ 19.497694] The buggy address belongs to the object at ffff8881023e23e0 [ 19.497694] which belongs to the cache kmalloc-16 of size 16 [ 19.499213] The buggy address is located 0 bytes inside of [ 19.499213] freed 16-byte region [ffff8881023e23e0, ffff8881023e23f0) [ 19.500100] [ 19.500347] The buggy address belongs to the physical page: [ 19.500796] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023e2 [ 19.502109] flags: 0x200000000000000(node=0|zone=2) [ 19.502544] page_type: f5(slab) [ 19.503325] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.503895] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.504767] page dumped because: kasan: bad access detected [ 19.505424] [ 19.505932] Memory state around the buggy address: [ 19.506434] ffff8881023e2280: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 19.507683] ffff8881023e2300: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 19.509588] >ffff8881023e2380: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 19.510939] ^ [ 19.511410] ffff8881023e2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.512932] ffff8881023e2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.513945] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 19.386289] ================================================================== [ 19.387639] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 19.388353] Read of size 1 at addr ffff8881039cc128 by task kunit_try_catch/206 [ 19.388937] [ 19.389525] CPU: 0 UID: 0 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 19.390215] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.390255] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.390312] Call Trace: [ 19.390343] <TASK> [ 19.390368] dump_stack_lvl+0x73/0xb0 [ 19.390422] print_report+0xd1/0x650 [ 19.390456] ? __virt_addr_valid+0x1db/0x2d0 [ 19.390488] ? kmalloc_uaf2+0x4a8/0x520 [ 19.390554] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.390648] ? kmalloc_uaf2+0x4a8/0x520 [ 19.390714] kasan_report+0x141/0x180 [ 19.390748] ? kmalloc_uaf2+0x4a8/0x520 [ 19.390782] __asan_report_load1_noabort+0x18/0x20 [ 19.390816] kmalloc_uaf2+0x4a8/0x520 [ 19.390844] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 19.390870] ? finish_task_switch.isra.0+0x153/0x700 [ 19.390902] ? __switch_to+0x47/0xf50 [ 19.390939] ? __schedule+0x10cc/0x2b60 [ 19.390970] ? __pfx_read_tsc+0x10/0x10 [ 19.390999] ? ktime_get_ts64+0x86/0x230 [ 19.391030] kunit_try_run_case+0x1a5/0x480 [ 19.391067] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.391099] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.391132] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.391165] ? __kthread_parkme+0x82/0x180 [ 19.391192] ? preempt_count_sub+0x50/0x80 [ 19.391224] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.391286] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.391321] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.391355] kthread+0x337/0x6f0 [ 19.391383] ? trace_preempt_on+0x20/0xc0 [ 19.391416] ? __pfx_kthread+0x10/0x10 [ 19.391445] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.391475] ? calculate_sigpending+0x7b/0xa0 [ 19.391536] ? __pfx_kthread+0x10/0x10 [ 19.391639] ret_from_fork+0x116/0x1d0 [ 19.391690] ? __pfx_kthread+0x10/0x10 [ 19.391720] ret_from_fork_asm+0x1a/0x30 [ 19.391763] </TASK> [ 19.391778] [ 19.413984] Allocated by task 206: [ 19.414491] kasan_save_stack+0x45/0x70 [ 19.415197] kasan_save_track+0x18/0x40 [ 19.415859] kasan_save_alloc_info+0x3b/0x50 [ 19.416401] __kasan_kmalloc+0xb7/0xc0 [ 19.416831] __kmalloc_cache_noprof+0x189/0x420 [ 19.418024] kmalloc_uaf2+0xc6/0x520 [ 19.418766] kunit_try_run_case+0x1a5/0x480 [ 19.419214] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.419882] kthread+0x337/0x6f0 [ 19.420445] ret_from_fork+0x116/0x1d0 [ 19.420815] ret_from_fork_asm+0x1a/0x30 [ 19.422171] [ 19.422554] Freed by task 206: [ 19.423065] kasan_save_stack+0x45/0x70 [ 19.423759] kasan_save_track+0x18/0x40 [ 19.424198] kasan_save_free_info+0x3f/0x60 [ 19.424695] __kasan_slab_free+0x56/0x70 [ 19.425115] kfree+0x222/0x3f0 [ 19.425480] kmalloc_uaf2+0x14c/0x520 [ 19.426542] kunit_try_run_case+0x1a5/0x480 [ 19.427115] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.427966] kthread+0x337/0x6f0 [ 19.428386] ret_from_fork+0x116/0x1d0 [ 19.429242] ret_from_fork_asm+0x1a/0x30 [ 19.430357] [ 19.430547] The buggy address belongs to the object at ffff8881039cc100 [ 19.430547] which belongs to the cache kmalloc-64 of size 64 [ 19.432284] The buggy address is located 40 bytes inside of [ 19.432284] freed 64-byte region [ffff8881039cc100, ffff8881039cc140) [ 19.433314] [ 19.434194] The buggy address belongs to the physical page: [ 19.434794] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039cc [ 19.435515] flags: 0x200000000000000(node=0|zone=2) [ 19.436286] page_type: f5(slab) [ 19.436902] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 19.437942] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.438594] page dumped because: kasan: bad access detected [ 19.438914] [ 19.439251] Memory state around the buggy address: [ 19.440598] ffff8881039cc000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.441160] ffff8881039cc080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.441730] >ffff8881039cc100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.442238] ^ [ 19.443832] ffff8881039cc180: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 19.444838] ffff8881039cc200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.445093] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 19.323068] ================================================================== [ 19.323777] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 19.324669] Write of size 33 at addr ffff8881039cc000 by task kunit_try_catch/204 [ 19.325293] [ 19.326718] CPU: 0 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 19.326929] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.326969] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.327029] Call Trace: [ 19.327072] <TASK> [ 19.327119] dump_stack_lvl+0x73/0xb0 [ 19.327219] print_report+0xd1/0x650 [ 19.327298] ? __virt_addr_valid+0x1db/0x2d0 [ 19.327369] ? kmalloc_uaf_memset+0x1a3/0x360 [ 19.327401] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.327431] ? kmalloc_uaf_memset+0x1a3/0x360 [ 19.327461] kasan_report+0x141/0x180 [ 19.327491] ? kmalloc_uaf_memset+0x1a3/0x360 [ 19.327629] kasan_check_range+0x10c/0x1c0 [ 19.327711] __asan_memset+0x27/0x50 [ 19.327742] kmalloc_uaf_memset+0x1a3/0x360 [ 19.327773] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 19.327804] ? __schedule+0x10cc/0x2b60 [ 19.327838] ? __pfx_read_tsc+0x10/0x10 [ 19.327868] ? ktime_get_ts64+0x86/0x230 [ 19.327901] kunit_try_run_case+0x1a5/0x480 [ 19.327939] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.327972] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.328006] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.328038] ? __kthread_parkme+0x82/0x180 [ 19.328066] ? preempt_count_sub+0x50/0x80 [ 19.328097] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.328132] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.328164] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.328197] kthread+0x337/0x6f0 [ 19.328224] ? trace_preempt_on+0x20/0xc0 [ 19.328286] ? __pfx_kthread+0x10/0x10 [ 19.328317] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.328348] ? calculate_sigpending+0x7b/0xa0 [ 19.328384] ? __pfx_kthread+0x10/0x10 [ 19.328412] ret_from_fork+0x116/0x1d0 [ 19.328438] ? __pfx_kthread+0x10/0x10 [ 19.328466] ret_from_fork_asm+0x1a/0x30 [ 19.328531] </TASK> [ 19.328590] [ 19.348048] Allocated by task 204: [ 19.349187] kasan_save_stack+0x45/0x70 [ 19.350320] kasan_save_track+0x18/0x40 [ 19.350787] kasan_save_alloc_info+0x3b/0x50 [ 19.351308] __kasan_kmalloc+0xb7/0xc0 [ 19.351859] __kmalloc_cache_noprof+0x189/0x420 [ 19.352731] kmalloc_uaf_memset+0xa9/0x360 [ 19.353992] kunit_try_run_case+0x1a5/0x480 [ 19.354340] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.354989] kthread+0x337/0x6f0 [ 19.355426] ret_from_fork+0x116/0x1d0 [ 19.355853] ret_from_fork_asm+0x1a/0x30 [ 19.356272] [ 19.356967] Freed by task 204: [ 19.357329] kasan_save_stack+0x45/0x70 [ 19.358011] kasan_save_track+0x18/0x40 [ 19.358328] kasan_save_free_info+0x3f/0x60 [ 19.358892] __kasan_slab_free+0x56/0x70 [ 19.359315] kfree+0x222/0x3f0 [ 19.359759] kmalloc_uaf_memset+0x12b/0x360 [ 19.360157] kunit_try_run_case+0x1a5/0x480 [ 19.361165] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.362034] kthread+0x337/0x6f0 [ 19.362343] ret_from_fork+0x116/0x1d0 [ 19.362927] ret_from_fork_asm+0x1a/0x30 [ 19.363344] [ 19.363618] The buggy address belongs to the object at ffff8881039cc000 [ 19.363618] which belongs to the cache kmalloc-64 of size 64 [ 19.365121] The buggy address is located 0 bytes inside of [ 19.365121] freed 64-byte region [ffff8881039cc000, ffff8881039cc040) [ 19.366560] [ 19.366785] The buggy address belongs to the physical page: [ 19.367777] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039cc [ 19.368953] flags: 0x200000000000000(node=0|zone=2) [ 19.369291] page_type: f5(slab) [ 19.369612] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 19.371014] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.372333] page dumped because: kasan: bad access detected [ 19.372679] [ 19.373444] Memory state around the buggy address: [ 19.374134] ffff8881039cbf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.375073] ffff8881039cbf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.376064] >ffff8881039cc000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.376893] ^ [ 19.377158] ffff8881039cc080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.378407] ffff8881039cc100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.379123] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 19.262224] ================================================================== [ 19.263376] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 19.264141] Read of size 1 at addr ffff888101a90bc8 by task kunit_try_catch/202 [ 19.264681] [ 19.264892] CPU: 1 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 19.265005] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.265038] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.265090] Call Trace: [ 19.265125] <TASK> [ 19.265170] dump_stack_lvl+0x73/0xb0 [ 19.265252] print_report+0xd1/0x650 [ 19.265317] ? __virt_addr_valid+0x1db/0x2d0 [ 19.265385] ? kmalloc_uaf+0x320/0x380 [ 19.265446] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.265535] ? kmalloc_uaf+0x320/0x380 [ 19.265599] kasan_report+0x141/0x180 [ 19.265679] ? kmalloc_uaf+0x320/0x380 [ 19.265753] __asan_report_load1_noabort+0x18/0x20 [ 19.265825] kmalloc_uaf+0x320/0x380 [ 19.265887] ? __pfx_kmalloc_uaf+0x10/0x10 [ 19.265950] ? __schedule+0x10cc/0x2b60 [ 19.266021] ? __pfx_read_tsc+0x10/0x10 [ 19.266088] ? ktime_get_ts64+0x86/0x230 [ 19.266157] kunit_try_run_case+0x1a5/0x480 [ 19.266231] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.266301] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.266362] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.266426] ? __kthread_parkme+0x82/0x180 [ 19.266486] ? preempt_count_sub+0x50/0x80 [ 19.266581] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.266647] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.266715] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.266786] kthread+0x337/0x6f0 [ 19.266852] ? trace_preempt_on+0x20/0xc0 [ 19.266928] ? __pfx_kthread+0x10/0x10 [ 19.267325] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.267412] ? calculate_sigpending+0x7b/0xa0 [ 19.267494] ? __pfx_kthread+0x10/0x10 [ 19.267703] ret_from_fork+0x116/0x1d0 [ 19.267772] ? __pfx_kthread+0x10/0x10 [ 19.267842] ret_from_fork_asm+0x1a/0x30 [ 19.268028] </TASK> [ 19.268069] [ 19.289579] Allocated by task 202: [ 19.290021] kasan_save_stack+0x45/0x70 [ 19.291024] kasan_save_track+0x18/0x40 [ 19.291823] kasan_save_alloc_info+0x3b/0x50 [ 19.292520] __kasan_kmalloc+0xb7/0xc0 [ 19.292999] __kmalloc_cache_noprof+0x189/0x420 [ 19.293806] kmalloc_uaf+0xaa/0x380 [ 19.294150] kunit_try_run_case+0x1a5/0x480 [ 19.294989] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.295472] kthread+0x337/0x6f0 [ 19.295996] ret_from_fork+0x116/0x1d0 [ 19.296422] ret_from_fork_asm+0x1a/0x30 [ 19.297004] [ 19.297272] Freed by task 202: [ 19.297897] kasan_save_stack+0x45/0x70 [ 19.298326] kasan_save_track+0x18/0x40 [ 19.298750] kasan_save_free_info+0x3f/0x60 [ 19.299123] __kasan_slab_free+0x56/0x70 [ 19.299588] kfree+0x222/0x3f0 [ 19.299956] kmalloc_uaf+0x12c/0x380 [ 19.300684] kunit_try_run_case+0x1a5/0x480 [ 19.301083] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.301722] kthread+0x337/0x6f0 [ 19.302097] ret_from_fork+0x116/0x1d0 [ 19.302671] ret_from_fork_asm+0x1a/0x30 [ 19.303102] [ 19.303377] The buggy address belongs to the object at ffff888101a90bc0 [ 19.303377] which belongs to the cache kmalloc-16 of size 16 [ 19.304731] The buggy address is located 8 bytes inside of [ 19.304731] freed 16-byte region [ffff888101a90bc0, ffff888101a90bd0) [ 19.305693] [ 19.305896] The buggy address belongs to the physical page: [ 19.306426] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a90 [ 19.307030] flags: 0x200000000000000(node=0|zone=2) [ 19.307441] page_type: f5(slab) [ 19.308018] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.308888] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.309475] page dumped because: kasan: bad access detected [ 19.310164] [ 19.310452] Memory state around the buggy address: [ 19.311206] ffff888101a90a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.312004] ffff888101a90b00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.312802] >ffff888101a90b80: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 19.313363] ^ [ 19.313987] ffff888101a90c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.314810] ffff888101a90c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.315397] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 19.194310] ================================================================== [ 19.195449] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 19.196334] Read of size 64 at addr ffff888101b2f204 by task kunit_try_catch/200 [ 19.198107] [ 19.198560] CPU: 1 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 19.198732] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.198775] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.198885] Call Trace: [ 19.198934] <TASK> [ 19.198986] dump_stack_lvl+0x73/0xb0 [ 19.199073] print_report+0xd1/0x650 [ 19.199109] ? __virt_addr_valid+0x1db/0x2d0 [ 19.199144] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 19.199180] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.199210] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 19.199292] kasan_report+0x141/0x180 [ 19.199327] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 19.199368] kasan_check_range+0x10c/0x1c0 [ 19.199401] __asan_memmove+0x27/0x70 [ 19.199429] kmalloc_memmove_invalid_size+0x16f/0x330 [ 19.199464] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 19.199527] ? __schedule+0x10cc/0x2b60 [ 19.199603] ? __pfx_read_tsc+0x10/0x10 [ 19.199667] ? ktime_get_ts64+0x86/0x230 [ 19.199732] kunit_try_run_case+0x1a5/0x480 [ 19.199801] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.199860] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.199923] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.199984] ? __kthread_parkme+0x82/0x180 [ 19.200039] ? preempt_count_sub+0x50/0x80 [ 19.200097] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.200159] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.200226] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.200320] kthread+0x337/0x6f0 [ 19.200357] ? trace_preempt_on+0x20/0xc0 [ 19.200394] ? __pfx_kthread+0x10/0x10 [ 19.200424] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.200458] ? calculate_sigpending+0x7b/0xa0 [ 19.200495] ? __pfx_kthread+0x10/0x10 [ 19.200572] ret_from_fork+0x116/0x1d0 [ 19.200642] ? __pfx_kthread+0x10/0x10 [ 19.200690] ret_from_fork_asm+0x1a/0x30 [ 19.200735] </TASK> [ 19.200751] [ 19.222390] Allocated by task 200: [ 19.223528] kasan_save_stack+0x45/0x70 [ 19.224242] kasan_save_track+0x18/0x40 [ 19.225453] kasan_save_alloc_info+0x3b/0x50 [ 19.225878] __kasan_kmalloc+0xb7/0xc0 [ 19.226193] __kmalloc_cache_noprof+0x189/0x420 [ 19.227145] kmalloc_memmove_invalid_size+0xac/0x330 [ 19.227919] kunit_try_run_case+0x1a5/0x480 [ 19.228587] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.229032] kthread+0x337/0x6f0 [ 19.229364] ret_from_fork+0x116/0x1d0 [ 19.230454] ret_from_fork_asm+0x1a/0x30 [ 19.231138] [ 19.231614] The buggy address belongs to the object at ffff888101b2f200 [ 19.231614] which belongs to the cache kmalloc-64 of size 64 [ 19.233595] The buggy address is located 4 bytes inside of [ 19.233595] allocated 64-byte region [ffff888101b2f200, ffff888101b2f240) [ 19.235034] [ 19.235285] The buggy address belongs to the physical page: [ 19.236614] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b2f [ 19.237253] flags: 0x200000000000000(node=0|zone=2) [ 19.237690] page_type: f5(slab) [ 19.238044] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 19.239020] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.241319] page dumped because: kasan: bad access detected [ 19.242250] [ 19.243645] Memory state around the buggy address: [ 19.244098] ffff888101b2f100: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 19.244709] ffff888101b2f180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.245270] >ffff888101b2f200: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.248290] ^ [ 19.249193] ffff888101b2f280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.250204] ffff888101b2f300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.252325] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 19.138865] ================================================================== [ 19.139905] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 19.141536] Read of size 18446744073709551614 at addr ffff888102b89e04 by task kunit_try_catch/198 [ 19.142722] [ 19.143008] CPU: 0 UID: 0 PID: 198 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 19.143133] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.143169] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.143222] Call Trace: [ 19.143426] <TASK> [ 19.143483] dump_stack_lvl+0x73/0xb0 [ 19.143717] print_report+0xd1/0x650 [ 19.143757] ? __virt_addr_valid+0x1db/0x2d0 [ 19.143793] ? kmalloc_memmove_negative_size+0x171/0x330 [ 19.143829] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.143860] ? kmalloc_memmove_negative_size+0x171/0x330 [ 19.143928] kasan_report+0x141/0x180 [ 19.143968] ? kmalloc_memmove_negative_size+0x171/0x330 [ 19.144012] kasan_check_range+0x10c/0x1c0 [ 19.144047] __asan_memmove+0x27/0x70 [ 19.144075] kmalloc_memmove_negative_size+0x171/0x330 [ 19.144111] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 19.144151] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 19.144193] kunit_try_run_case+0x1a5/0x480 [ 19.144253] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.144303] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.144341] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.144377] ? __kthread_parkme+0x82/0x180 [ 19.144406] ? preempt_count_sub+0x50/0x80 [ 19.144437] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.144474] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.144541] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.144867] kthread+0x337/0x6f0 [ 19.144902] ? trace_preempt_on+0x20/0xc0 [ 19.144939] ? __pfx_kthread+0x10/0x10 [ 19.144969] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.145000] ? calculate_sigpending+0x7b/0xa0 [ 19.145035] ? __pfx_kthread+0x10/0x10 [ 19.145065] ret_from_fork+0x116/0x1d0 [ 19.145091] ? __pfx_kthread+0x10/0x10 [ 19.145119] ret_from_fork_asm+0x1a/0x30 [ 19.145161] </TASK> [ 19.145178] [ 19.166371] Allocated by task 198: [ 19.167195] kasan_save_stack+0x45/0x70 [ 19.167997] kasan_save_track+0x18/0x40 [ 19.168782] kasan_save_alloc_info+0x3b/0x50 [ 19.168990] __kasan_kmalloc+0xb7/0xc0 [ 19.169154] __kmalloc_cache_noprof+0x189/0x420 [ 19.169567] kmalloc_memmove_negative_size+0xac/0x330 [ 19.169967] kunit_try_run_case+0x1a5/0x480 [ 19.170323] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.172375] kthread+0x337/0x6f0 [ 19.173050] ret_from_fork+0x116/0x1d0 [ 19.173782] ret_from_fork_asm+0x1a/0x30 [ 19.174209] [ 19.174471] The buggy address belongs to the object at ffff888102b89e00 [ 19.174471] which belongs to the cache kmalloc-64 of size 64 [ 19.175678] The buggy address is located 4 bytes inside of [ 19.175678] 64-byte region [ffff888102b89e00, ffff888102b89e40) [ 19.176459] [ 19.176907] The buggy address belongs to the physical page: [ 19.177701] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b89 [ 19.178773] flags: 0x200000000000000(node=0|zone=2) [ 19.179706] page_type: f5(slab) [ 19.180513] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 19.181457] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.182148] page dumped because: kasan: bad access detected [ 19.182671] [ 19.182889] Memory state around the buggy address: [ 19.183318] ffff888102b89d00: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 19.184867] ffff888102b89d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.185124] >ffff888102b89e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.185559] ^ [ 19.185857] ffff888102b89e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.186310] ffff888102b89f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.186843] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 19.091218] ================================================================== [ 19.092115] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 19.092810] Write of size 16 at addr ffff888101b20b69 by task kunit_try_catch/196 [ 19.093264] [ 19.093745] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 19.093867] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.093902] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.093960] Call Trace: [ 19.093998] <TASK> [ 19.094048] dump_stack_lvl+0x73/0xb0 [ 19.094141] print_report+0xd1/0x650 [ 19.094219] ? __virt_addr_valid+0x1db/0x2d0 [ 19.094324] ? kmalloc_oob_memset_16+0x166/0x330 [ 19.094397] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.094469] ? kmalloc_oob_memset_16+0x166/0x330 [ 19.094567] kasan_report+0x141/0x180 [ 19.094643] ? kmalloc_oob_memset_16+0x166/0x330 [ 19.094724] kasan_check_range+0x10c/0x1c0 [ 19.094805] __asan_memset+0x27/0x50 [ 19.094869] kmalloc_oob_memset_16+0x166/0x330 [ 19.094942] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 19.095016] ? __schedule+0x10cc/0x2b60 [ 19.095096] ? __pfx_read_tsc+0x10/0x10 [ 19.095165] ? ktime_get_ts64+0x86/0x230 [ 19.095243] kunit_try_run_case+0x1a5/0x480 [ 19.095350] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.095426] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.095494] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.095590] ? __kthread_parkme+0x82/0x180 [ 19.095659] ? preempt_count_sub+0x50/0x80 [ 19.095718] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.095756] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.095791] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.095825] kthread+0x337/0x6f0 [ 19.095853] ? trace_preempt_on+0x20/0xc0 [ 19.095886] ? __pfx_kthread+0x10/0x10 [ 19.095914] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.095944] ? calculate_sigpending+0x7b/0xa0 [ 19.095979] ? __pfx_kthread+0x10/0x10 [ 19.096007] ret_from_fork+0x116/0x1d0 [ 19.096031] ? __pfx_kthread+0x10/0x10 [ 19.096059] ret_from_fork_asm+0x1a/0x30 [ 19.096100] </TASK> [ 19.096116] [ 19.111136] Allocated by task 196: [ 19.111672] kasan_save_stack+0x45/0x70 [ 19.112151] kasan_save_track+0x18/0x40 [ 19.113576] kasan_save_alloc_info+0x3b/0x50 [ 19.114056] __kasan_kmalloc+0xb7/0xc0 [ 19.114421] __kmalloc_cache_noprof+0x189/0x420 [ 19.114831] kmalloc_oob_memset_16+0xac/0x330 [ 19.115367] kunit_try_run_case+0x1a5/0x480 [ 19.115870] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.116278] kthread+0x337/0x6f0 [ 19.116849] ret_from_fork+0x116/0x1d0 [ 19.117354] ret_from_fork_asm+0x1a/0x30 [ 19.117853] [ 19.118107] The buggy address belongs to the object at ffff888101b20b00 [ 19.118107] which belongs to the cache kmalloc-128 of size 128 [ 19.118974] The buggy address is located 105 bytes inside of [ 19.118974] allocated 120-byte region [ffff888101b20b00, ffff888101b20b78) [ 19.120223] [ 19.120676] The buggy address belongs to the physical page: [ 19.121489] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b20 [ 19.122231] flags: 0x200000000000000(node=0|zone=2) [ 19.123665] page_type: f5(slab) [ 19.124107] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 19.124823] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.125515] page dumped because: kasan: bad access detected [ 19.125979] [ 19.126530] Memory state around the buggy address: [ 19.126919] ffff888101b20a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.127470] ffff888101b20a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.128134] >ffff888101b20b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.128764] ^ [ 19.129390] ffff888101b20b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.129968] ffff888101b20c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.130640] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 19.038060] ================================================================== [ 19.038849] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 19.039902] Write of size 8 at addr ffff888101b20a71 by task kunit_try_catch/194 [ 19.041050] [ 19.041328] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 19.041459] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.041518] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.041653] Call Trace: [ 19.041694] <TASK> [ 19.041741] dump_stack_lvl+0x73/0xb0 [ 19.041840] print_report+0xd1/0x650 [ 19.041914] ? __virt_addr_valid+0x1db/0x2d0 [ 19.041989] ? kmalloc_oob_memset_8+0x166/0x330 [ 19.042056] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.042126] ? kmalloc_oob_memset_8+0x166/0x330 [ 19.042196] kasan_report+0x141/0x180 [ 19.042320] ? kmalloc_oob_memset_8+0x166/0x330 [ 19.042368] kasan_check_range+0x10c/0x1c0 [ 19.042405] __asan_memset+0x27/0x50 [ 19.042434] kmalloc_oob_memset_8+0x166/0x330 [ 19.042468] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 19.042524] ? __schedule+0x10cc/0x2b60 [ 19.042633] ? __pfx_read_tsc+0x10/0x10 [ 19.042704] ? ktime_get_ts64+0x86/0x230 [ 19.042766] kunit_try_run_case+0x1a5/0x480 [ 19.042836] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.042871] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.042906] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.042938] ? __kthread_parkme+0x82/0x180 [ 19.042966] ? preempt_count_sub+0x50/0x80 [ 19.042997] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.043032] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.043064] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.043097] kthread+0x337/0x6f0 [ 19.043123] ? trace_preempt_on+0x20/0xc0 [ 19.043156] ? __pfx_kthread+0x10/0x10 [ 19.043184] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.043213] ? calculate_sigpending+0x7b/0xa0 [ 19.043283] ? __pfx_kthread+0x10/0x10 [ 19.043316] ret_from_fork+0x116/0x1d0 [ 19.043342] ? __pfx_kthread+0x10/0x10 [ 19.043371] ret_from_fork_asm+0x1a/0x30 [ 19.043414] </TASK> [ 19.043429] [ 19.063030] Allocated by task 194: [ 19.063826] kasan_save_stack+0x45/0x70 [ 19.064331] kasan_save_track+0x18/0x40 [ 19.064736] kasan_save_alloc_info+0x3b/0x50 [ 19.065021] __kasan_kmalloc+0xb7/0xc0 [ 19.065384] __kmalloc_cache_noprof+0x189/0x420 [ 19.065901] kmalloc_oob_memset_8+0xac/0x330 [ 19.066254] kunit_try_run_case+0x1a5/0x480 [ 19.066935] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.067517] kthread+0x337/0x6f0 [ 19.068021] ret_from_fork+0x116/0x1d0 [ 19.068518] ret_from_fork_asm+0x1a/0x30 [ 19.069105] [ 19.069428] The buggy address belongs to the object at ffff888101b20a00 [ 19.069428] which belongs to the cache kmalloc-128 of size 128 [ 19.070581] The buggy address is located 113 bytes inside of [ 19.070581] allocated 120-byte region [ffff888101b20a00, ffff888101b20a78) [ 19.072700] [ 19.073129] The buggy address belongs to the physical page: [ 19.073894] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b20 [ 19.074779] flags: 0x200000000000000(node=0|zone=2) [ 19.075325] page_type: f5(slab) [ 19.075939] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 19.076859] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.077817] page dumped because: kasan: bad access detected [ 19.078391] [ 19.078829] Memory state around the buggy address: [ 19.079172] ffff888101b20900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.080077] ffff888101b20980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.081005] >ffff888101b20a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.082150] ^ [ 19.082883] ffff888101b20a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.083556] ffff888101b20b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.084435] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 18.969030] ================================================================== [ 18.969970] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 18.970668] Write of size 4 at addr ffff8881039c8075 by task kunit_try_catch/192 [ 18.973096] [ 18.973880] CPU: 0 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 18.974008] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.974046] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.974104] Call Trace: [ 18.974152] <TASK> [ 18.974199] dump_stack_lvl+0x73/0xb0 [ 18.974299] print_report+0xd1/0x650 [ 18.974362] ? __virt_addr_valid+0x1db/0x2d0 [ 18.974423] ? kmalloc_oob_memset_4+0x166/0x330 [ 18.974481] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.975110] ? kmalloc_oob_memset_4+0x166/0x330 [ 18.975209] kasan_report+0x141/0x180 [ 18.975281] ? kmalloc_oob_memset_4+0x166/0x330 [ 18.975362] kasan_check_range+0x10c/0x1c0 [ 18.975439] __asan_memset+0x27/0x50 [ 18.975521] kmalloc_oob_memset_4+0x166/0x330 [ 18.975595] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 18.975661] ? __schedule+0x10cc/0x2b60 [ 18.975733] ? __pfx_read_tsc+0x10/0x10 [ 18.975795] ? ktime_get_ts64+0x86/0x230 [ 18.975861] kunit_try_run_case+0x1a5/0x480 [ 18.975931] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.975993] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.976567] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.976635] ? __kthread_parkme+0x82/0x180 [ 18.976694] ? preempt_count_sub+0x50/0x80 [ 18.976761] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.976847] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.976923] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.976983] kthread+0x337/0x6f0 [ 18.977031] ? trace_preempt_on+0x20/0xc0 [ 18.977089] ? __pfx_kthread+0x10/0x10 [ 18.977137] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.977186] ? calculate_sigpending+0x7b/0xa0 [ 18.977246] ? __pfx_kthread+0x10/0x10 [ 18.977299] ret_from_fork+0x116/0x1d0 [ 18.977344] ? __pfx_kthread+0x10/0x10 [ 18.977392] ret_from_fork_asm+0x1a/0x30 [ 18.977464] </TASK> [ 18.977491] [ 19.005338] Allocated by task 192: [ 19.006558] kasan_save_stack+0x45/0x70 [ 19.007673] kasan_save_track+0x18/0x40 [ 19.008320] kasan_save_alloc_info+0x3b/0x50 [ 19.009064] __kasan_kmalloc+0xb7/0xc0 [ 19.009775] __kmalloc_cache_noprof+0x189/0x420 [ 19.010146] kmalloc_oob_memset_4+0xac/0x330 [ 19.010845] kunit_try_run_case+0x1a5/0x480 [ 19.011251] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.012361] kthread+0x337/0x6f0 [ 19.012840] ret_from_fork+0x116/0x1d0 [ 19.013904] ret_from_fork_asm+0x1a/0x30 [ 19.014748] [ 19.014989] The buggy address belongs to the object at ffff8881039c8000 [ 19.014989] which belongs to the cache kmalloc-128 of size 128 [ 19.016366] The buggy address is located 117 bytes inside of [ 19.016366] allocated 120-byte region [ffff8881039c8000, ffff8881039c8078) [ 19.017352] [ 19.017742] The buggy address belongs to the physical page: [ 19.018942] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c8 [ 19.019809] flags: 0x200000000000000(node=0|zone=2) [ 19.020695] page_type: f5(slab) [ 19.021080] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 19.021858] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.023213] page dumped because: kasan: bad access detected [ 19.023857] [ 19.024012] Memory state around the buggy address: [ 19.024340] ffff8881039c7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.025816] ffff8881039c7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.026943] >ffff8881039c8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.028232] ^ [ 19.029477] ffff8881039c8080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.030229] ffff8881039c8100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.031070] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 18.919533] ================================================================== [ 18.920558] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 18.921569] Write of size 2 at addr ffff888101b20977 by task kunit_try_catch/190 [ 18.922198] [ 18.922405] CPU: 1 UID: 0 PID: 190 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 18.922546] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.922583] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.922645] Call Trace: [ 18.922681] <TASK> [ 18.922729] dump_stack_lvl+0x73/0xb0 [ 18.922824] print_report+0xd1/0x650 [ 18.922900] ? __virt_addr_valid+0x1db/0x2d0 [ 18.922980] ? kmalloc_oob_memset_2+0x166/0x330 [ 18.923051] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.923120] ? kmalloc_oob_memset_2+0x166/0x330 [ 18.923192] kasan_report+0x141/0x180 [ 18.923295] ? kmalloc_oob_memset_2+0x166/0x330 [ 18.923383] kasan_check_range+0x10c/0x1c0 [ 18.923467] __asan_memset+0x27/0x50 [ 18.923557] kmalloc_oob_memset_2+0x166/0x330 [ 18.923637] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 18.923709] ? __schedule+0x10cc/0x2b60 [ 18.923785] ? __pfx_read_tsc+0x10/0x10 [ 18.923852] ? ktime_get_ts64+0x86/0x230 [ 18.923931] kunit_try_run_case+0x1a5/0x480 [ 18.924014] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.924087] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.924164] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.924242] ? __kthread_parkme+0x82/0x180 [ 18.924601] ? preempt_count_sub+0x50/0x80 [ 18.924681] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.924743] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.924782] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.924818] kthread+0x337/0x6f0 [ 18.924847] ? trace_preempt_on+0x20/0xc0 [ 18.924883] ? __pfx_kthread+0x10/0x10 [ 18.924912] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.924942] ? calculate_sigpending+0x7b/0xa0 [ 18.924978] ? __pfx_kthread+0x10/0x10 [ 18.925007] ret_from_fork+0x116/0x1d0 [ 18.925032] ? __pfx_kthread+0x10/0x10 [ 18.925061] ret_from_fork_asm+0x1a/0x30 [ 18.925103] </TASK> [ 18.925117] [ 18.942581] Allocated by task 190: [ 18.943033] kasan_save_stack+0x45/0x70 [ 18.943669] kasan_save_track+0x18/0x40 [ 18.944184] kasan_save_alloc_info+0x3b/0x50 [ 18.944761] __kasan_kmalloc+0xb7/0xc0 [ 18.945168] __kmalloc_cache_noprof+0x189/0x420 [ 18.945893] kmalloc_oob_memset_2+0xac/0x330 [ 18.946423] kunit_try_run_case+0x1a5/0x480 [ 18.946954] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.947685] kthread+0x337/0x6f0 [ 18.948087] ret_from_fork+0x116/0x1d0 [ 18.948454] ret_from_fork_asm+0x1a/0x30 [ 18.948972] [ 18.949356] The buggy address belongs to the object at ffff888101b20900 [ 18.949356] which belongs to the cache kmalloc-128 of size 128 [ 18.950428] The buggy address is located 119 bytes inside of [ 18.950428] allocated 120-byte region [ffff888101b20900, ffff888101b20978) [ 18.951091] [ 18.951284] The buggy address belongs to the physical page: [ 18.951914] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b20 [ 18.952717] flags: 0x200000000000000(node=0|zone=2) [ 18.953481] page_type: f5(slab) [ 18.953953] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.954814] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.955624] page dumped because: kasan: bad access detected [ 18.956183] [ 18.956489] Memory state around the buggy address: [ 18.957004] ffff888101b20800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.957702] ffff888101b20880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.958142] >ffff888101b20900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.958708] ^ [ 18.959565] ffff888101b20980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.960366] ffff888101b20a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.961014] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 18.862799] ================================================================== [ 18.864143] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 18.865347] Write of size 128 at addr ffff888101b20800 by task kunit_try_catch/188 [ 18.866372] [ 18.867051] CPU: 1 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 18.867263] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.867303] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.867351] Call Trace: [ 18.867375] <TASK> [ 18.867399] dump_stack_lvl+0x73/0xb0 [ 18.867455] print_report+0xd1/0x650 [ 18.867490] ? __virt_addr_valid+0x1db/0x2d0 [ 18.867653] ? kmalloc_oob_in_memset+0x15f/0x320 [ 18.867696] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.867729] ? kmalloc_oob_in_memset+0x15f/0x320 [ 18.867763] kasan_report+0x141/0x180 [ 18.867796] ? kmalloc_oob_in_memset+0x15f/0x320 [ 18.867836] kasan_check_range+0x10c/0x1c0 [ 18.867869] __asan_memset+0x27/0x50 [ 18.867896] kmalloc_oob_in_memset+0x15f/0x320 [ 18.867928] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 18.867961] ? __schedule+0x10cc/0x2b60 [ 18.867997] ? __pfx_read_tsc+0x10/0x10 [ 18.868027] ? ktime_get_ts64+0x86/0x230 [ 18.868060] kunit_try_run_case+0x1a5/0x480 [ 18.868099] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.868134] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.868167] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.868199] ? __kthread_parkme+0x82/0x180 [ 18.868238] ? preempt_count_sub+0x50/0x80 [ 18.868294] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.868332] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.868366] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.868401] kthread+0x337/0x6f0 [ 18.868428] ? trace_preempt_on+0x20/0xc0 [ 18.868463] ? __pfx_kthread+0x10/0x10 [ 18.868492] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.868599] ? calculate_sigpending+0x7b/0xa0 [ 18.868678] ? __pfx_kthread+0x10/0x10 [ 18.868735] ret_from_fork+0x116/0x1d0 [ 18.868783] ? __pfx_kthread+0x10/0x10 [ 18.868837] ret_from_fork_asm+0x1a/0x30 [ 18.868909] </TASK> [ 18.868937] [ 18.887961] Allocated by task 188: [ 18.888515] kasan_save_stack+0x45/0x70 [ 18.889867] kasan_save_track+0x18/0x40 [ 18.890257] kasan_save_alloc_info+0x3b/0x50 [ 18.890910] __kasan_kmalloc+0xb7/0xc0 [ 18.891664] __kmalloc_cache_noprof+0x189/0x420 [ 18.892376] kmalloc_oob_in_memset+0xac/0x320 [ 18.892761] kunit_try_run_case+0x1a5/0x480 [ 18.893496] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.895065] kthread+0x337/0x6f0 [ 18.895335] ret_from_fork+0x116/0x1d0 [ 18.895748] ret_from_fork_asm+0x1a/0x30 [ 18.896551] [ 18.897083] The buggy address belongs to the object at ffff888101b20800 [ 18.897083] which belongs to the cache kmalloc-128 of size 128 [ 18.899353] The buggy address is located 0 bytes inside of [ 18.899353] allocated 120-byte region [ffff888101b20800, ffff888101b20878) [ 18.900604] [ 18.901157] The buggy address belongs to the physical page: [ 18.902703] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b20 [ 18.903267] flags: 0x200000000000000(node=0|zone=2) [ 18.903730] page_type: f5(slab) [ 18.904106] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.905478] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.906155] page dumped because: kasan: bad access detected [ 18.906600] [ 18.906836] Memory state around the buggy address: [ 18.907233] ffff888101b20700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.908534] ffff888101b20780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.909302] >ffff888101b20800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.910201] ^ [ 18.910602] ffff888101b20880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.911834] ffff888101b20900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.912370] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 18.811446] ================================================================== [ 18.812175] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 18.812978] Read of size 16 at addr ffff888101a90ba0 by task kunit_try_catch/186 [ 18.813610] [ 18.813859] CPU: 1 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 18.813990] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.814028] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.814136] Call Trace: [ 18.814181] <TASK> [ 18.814229] dump_stack_lvl+0x73/0xb0 [ 18.814319] print_report+0xd1/0x650 [ 18.814392] ? __virt_addr_valid+0x1db/0x2d0 [ 18.814465] ? kmalloc_uaf_16+0x47b/0x4c0 [ 18.814553] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.814624] ? kmalloc_uaf_16+0x47b/0x4c0 [ 18.814691] kasan_report+0x141/0x180 [ 18.814762] ? kmalloc_uaf_16+0x47b/0x4c0 [ 18.814839] __asan_report_load16_noabort+0x18/0x20 [ 18.814918] kmalloc_uaf_16+0x47b/0x4c0 [ 18.815036] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 18.815138] ? __schedule+0x10cc/0x2b60 [ 18.815239] ? __pfx_read_tsc+0x10/0x10 [ 18.815314] ? ktime_get_ts64+0x86/0x230 [ 18.815393] kunit_try_run_case+0x1a5/0x480 [ 18.815479] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.815573] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.815616] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.815652] ? __kthread_parkme+0x82/0x180 [ 18.815684] ? preempt_count_sub+0x50/0x80 [ 18.815716] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.815754] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.815788] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.815822] kthread+0x337/0x6f0 [ 18.815852] ? __pfx_kthread+0x10/0x10 [ 18.815880] ? __pfx_kthread+0x10/0x10 [ 18.815909] ? recalc_sigpending+0x168/0x1f0 [ 18.815944] ? __pfx_kthread+0x10/0x10 [ 18.815974] ret_from_fork+0x116/0x1d0 [ 18.816000] ? __pfx_kthread+0x10/0x10 [ 18.816027] ret_from_fork_asm+0x1a/0x30 [ 18.816069] </TASK> [ 18.816084] [ 18.831616] Allocated by task 186: [ 18.832078] kasan_save_stack+0x45/0x70 [ 18.832676] kasan_save_track+0x18/0x40 [ 18.833098] kasan_save_alloc_info+0x3b/0x50 [ 18.833693] __kasan_kmalloc+0xb7/0xc0 [ 18.834072] __kmalloc_cache_noprof+0x189/0x420 [ 18.834637] kmalloc_uaf_16+0x15b/0x4c0 [ 18.834959] kunit_try_run_case+0x1a5/0x480 [ 18.835416] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.835982] kthread+0x337/0x6f0 [ 18.836460] ret_from_fork+0x116/0x1d0 [ 18.836890] ret_from_fork_asm+0x1a/0x30 [ 18.837426] [ 18.837738] Freed by task 186: [ 18.838066] kasan_save_stack+0x45/0x70 [ 18.838449] kasan_save_track+0x18/0x40 [ 18.838908] kasan_save_free_info+0x3f/0x60 [ 18.839454] __kasan_slab_free+0x56/0x70 [ 18.839914] kfree+0x222/0x3f0 [ 18.840339] kmalloc_uaf_16+0x1d6/0x4c0 [ 18.840763] kunit_try_run_case+0x1a5/0x480 [ 18.841104] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.841601] kthread+0x337/0x6f0 [ 18.842023] ret_from_fork+0x116/0x1d0 [ 18.842540] ret_from_fork_asm+0x1a/0x30 [ 18.843035] [ 18.843331] The buggy address belongs to the object at ffff888101a90ba0 [ 18.843331] which belongs to the cache kmalloc-16 of size 16 [ 18.844472] The buggy address is located 0 bytes inside of [ 18.844472] freed 16-byte region [ffff888101a90ba0, ffff888101a90bb0) [ 18.845516] [ 18.845782] The buggy address belongs to the physical page: [ 18.846388] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a90 [ 18.847105] flags: 0x200000000000000(node=0|zone=2) [ 18.847644] page_type: f5(slab) [ 18.848034] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 18.848727] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.849486] page dumped because: kasan: bad access detected [ 18.850053] [ 18.850297] Memory state around the buggy address: [ 18.850661] ffff888101a90a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.851140] ffff888101a90b00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.851895] >ffff888101a90b80: 00 00 fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 18.852616] ^ [ 18.853073] ffff888101a90c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.853753] ffff888101a90c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.854429] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 18.761188] ================================================================== [ 18.762079] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 18.762731] Write of size 16 at addr ffff888101a90b40 by task kunit_try_catch/184 [ 18.763778] [ 18.764189] CPU: 1 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 18.764310] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.764343] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.764397] Call Trace: [ 18.764432] <TASK> [ 18.764478] dump_stack_lvl+0x73/0xb0 [ 18.764599] print_report+0xd1/0x650 [ 18.764677] ? __virt_addr_valid+0x1db/0x2d0 [ 18.764765] ? kmalloc_oob_16+0x452/0x4a0 [ 18.764833] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.764899] ? kmalloc_oob_16+0x452/0x4a0 [ 18.764964] kasan_report+0x141/0x180 [ 18.765034] ? kmalloc_oob_16+0x452/0x4a0 [ 18.765118] __asan_report_store16_noabort+0x1b/0x30 [ 18.765191] kmalloc_oob_16+0x452/0x4a0 [ 18.765264] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 18.765581] ? __schedule+0x10cc/0x2b60 [ 18.765693] ? __pfx_read_tsc+0x10/0x10 [ 18.765764] ? ktime_get_ts64+0x86/0x230 [ 18.765840] kunit_try_run_case+0x1a5/0x480 [ 18.765923] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.766000] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.766073] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.766155] ? __kthread_parkme+0x82/0x180 [ 18.766233] ? preempt_count_sub+0x50/0x80 [ 18.766312] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.766392] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.766470] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.766570] kthread+0x337/0x6f0 [ 18.766637] ? trace_preempt_on+0x20/0xc0 [ 18.766714] ? __pfx_kthread+0x10/0x10 [ 18.766777] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.766819] ? calculate_sigpending+0x7b/0xa0 [ 18.766855] ? __pfx_kthread+0x10/0x10 [ 18.766886] ret_from_fork+0x116/0x1d0 [ 18.766912] ? __pfx_kthread+0x10/0x10 [ 18.766940] ret_from_fork_asm+0x1a/0x30 [ 18.766982] </TASK> [ 18.766998] [ 18.786114] Allocated by task 184: [ 18.786653] kasan_save_stack+0x45/0x70 [ 18.787136] kasan_save_track+0x18/0x40 [ 18.787594] kasan_save_alloc_info+0x3b/0x50 [ 18.788067] __kasan_kmalloc+0xb7/0xc0 [ 18.788536] __kmalloc_cache_noprof+0x189/0x420 [ 18.789078] kmalloc_oob_16+0xa8/0x4a0 [ 18.789607] kunit_try_run_case+0x1a5/0x480 [ 18.789993] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.790663] kthread+0x337/0x6f0 [ 18.790996] ret_from_fork+0x116/0x1d0 [ 18.791572] ret_from_fork_asm+0x1a/0x30 [ 18.792037] [ 18.792329] The buggy address belongs to the object at ffff888101a90b40 [ 18.792329] which belongs to the cache kmalloc-16 of size 16 [ 18.793372] The buggy address is located 0 bytes inside of [ 18.793372] allocated 13-byte region [ffff888101a90b40, ffff888101a90b4d) [ 18.794415] [ 18.794701] The buggy address belongs to the physical page: [ 18.795206] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a90 [ 18.796072] flags: 0x200000000000000(node=0|zone=2) [ 18.796562] page_type: f5(slab) [ 18.796973] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 18.797806] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.798356] page dumped because: kasan: bad access detected [ 18.798918] [ 18.799191] Memory state around the buggy address: [ 18.799764] ffff888101a90a00: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 18.800358] ffff888101a90a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.801024] >ffff888101a90b00: fa fb fc fc fa fb fc fc 00 05 fc fc 00 00 fc fc [ 18.801700] ^ [ 18.802068] ffff888101a90b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.802659] ffff888101a90c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.803402] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 18.679050] ================================================================== [ 18.680190] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 18.680798] Read of size 1 at addr ffff888100aad200 by task kunit_try_catch/182 [ 18.681763] [ 18.682007] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 18.682130] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.682168] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.682226] Call Trace: [ 18.682281] <TASK> [ 18.682325] dump_stack_lvl+0x73/0xb0 [ 18.682410] print_report+0xd1/0x650 [ 18.682475] ? __virt_addr_valid+0x1db/0x2d0 [ 18.682563] ? krealloc_uaf+0x53c/0x5e0 [ 18.682627] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.682692] ? krealloc_uaf+0x53c/0x5e0 [ 18.682749] kasan_report+0x141/0x180 [ 18.682808] ? krealloc_uaf+0x53c/0x5e0 [ 18.682875] __asan_report_load1_noabort+0x18/0x20 [ 18.682948] krealloc_uaf+0x53c/0x5e0 [ 18.683011] ? __pfx_krealloc_uaf+0x10/0x10 [ 18.683607] ? finish_task_switch.isra.0+0x153/0x700 [ 18.683691] ? __switch_to+0x47/0xf50 [ 18.683778] ? __schedule+0x10cc/0x2b60 [ 18.683857] ? __pfx_read_tsc+0x10/0x10 [ 18.683982] ? ktime_get_ts64+0x86/0x230 [ 18.684158] kunit_try_run_case+0x1a5/0x480 [ 18.684239] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.684302] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.684343] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.684379] ? __kthread_parkme+0x82/0x180 [ 18.684409] ? preempt_count_sub+0x50/0x80 [ 18.684442] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.684481] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.684556] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.684641] kthread+0x337/0x6f0 [ 18.684706] ? trace_preempt_on+0x20/0xc0 [ 18.684744] ? __pfx_kthread+0x10/0x10 [ 18.684777] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.684811] ? calculate_sigpending+0x7b/0xa0 [ 18.684848] ? __pfx_kthread+0x10/0x10 [ 18.684878] ret_from_fork+0x116/0x1d0 [ 18.684905] ? __pfx_kthread+0x10/0x10 [ 18.684934] ret_from_fork_asm+0x1a/0x30 [ 18.684981] </TASK> [ 18.684997] [ 18.711028] Allocated by task 182: [ 18.712113] kasan_save_stack+0x45/0x70 [ 18.713763] kasan_save_track+0x18/0x40 [ 18.714305] kasan_save_alloc_info+0x3b/0x50 [ 18.714969] __kasan_kmalloc+0xb7/0xc0 [ 18.715285] __kmalloc_cache_noprof+0x189/0x420 [ 18.716465] krealloc_uaf+0xbb/0x5e0 [ 18.717820] kunit_try_run_case+0x1a5/0x480 [ 18.718772] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.719521] kthread+0x337/0x6f0 [ 18.720077] ret_from_fork+0x116/0x1d0 [ 18.721701] ret_from_fork_asm+0x1a/0x30 [ 18.722380] [ 18.723079] Freed by task 182: [ 18.723964] kasan_save_stack+0x45/0x70 [ 18.725703] kasan_save_track+0x18/0x40 [ 18.726273] kasan_save_free_info+0x3f/0x60 [ 18.726972] __kasan_slab_free+0x56/0x70 [ 18.727723] kfree+0x222/0x3f0 [ 18.728134] krealloc_uaf+0x13d/0x5e0 [ 18.728494] kunit_try_run_case+0x1a5/0x480 [ 18.729731] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.730399] kthread+0x337/0x6f0 [ 18.730785] ret_from_fork+0x116/0x1d0 [ 18.731481] ret_from_fork_asm+0x1a/0x30 [ 18.732209] [ 18.732483] The buggy address belongs to the object at ffff888100aad200 [ 18.732483] which belongs to the cache kmalloc-256 of size 256 [ 18.734139] The buggy address is located 0 bytes inside of [ 18.734139] freed 256-byte region [ffff888100aad200, ffff888100aad300) [ 18.736100] [ 18.736387] The buggy address belongs to the physical page: [ 18.737560] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aac [ 18.738551] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.740184] flags: 0x200000000000040(head|node=0|zone=2) [ 18.740828] page_type: f5(slab) [ 18.741139] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 18.742541] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.743375] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 18.743971] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.744685] head: 0200000000000001 ffffea000402ab01 00000000ffffffff 00000000ffffffff [ 18.745310] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.746426] page dumped because: kasan: bad access detected [ 18.746758] [ 18.746903] Memory state around the buggy address: [ 18.747183] ffff888100aad100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.747622] ffff888100aad180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.749602] >ffff888100aad200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.750667] ^ [ 18.751021] ffff888100aad280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.751869] ffff888100aad300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.752886] ================================================================== [ 18.617404] ================================================================== [ 18.618392] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 18.619110] Read of size 1 at addr ffff888100aad200 by task kunit_try_catch/182 [ 18.619547] [ 18.619738] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 18.619856] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.619895] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.619957] Call Trace: [ 18.619998] <TASK> [ 18.620049] dump_stack_lvl+0x73/0xb0 [ 18.620137] print_report+0xd1/0x650 [ 18.620201] ? __virt_addr_valid+0x1db/0x2d0 [ 18.620277] ? krealloc_uaf+0x1b8/0x5e0 [ 18.621073] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.621161] ? krealloc_uaf+0x1b8/0x5e0 [ 18.621250] kasan_report+0x141/0x180 [ 18.621328] ? krealloc_uaf+0x1b8/0x5e0 [ 18.621673] ? krealloc_uaf+0x1b8/0x5e0 [ 18.621894] __kasan_check_byte+0x3d/0x50 [ 18.621948] krealloc_noprof+0x3f/0x340 [ 18.621990] krealloc_uaf+0x1b8/0x5e0 [ 18.622022] ? __pfx_krealloc_uaf+0x10/0x10 [ 18.622052] ? finish_task_switch.isra.0+0x153/0x700 [ 18.622088] ? __switch_to+0x47/0xf50 [ 18.622126] ? __schedule+0x10cc/0x2b60 [ 18.622160] ? __pfx_read_tsc+0x10/0x10 [ 18.622212] ? ktime_get_ts64+0x86/0x230 [ 18.622279] kunit_try_run_case+0x1a5/0x480 [ 18.622338] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.622389] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.622444] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.622513] ? __kthread_parkme+0x82/0x180 [ 18.622564] ? preempt_count_sub+0x50/0x80 [ 18.622614] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.622667] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.622723] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.622780] kthread+0x337/0x6f0 [ 18.622827] ? trace_preempt_on+0x20/0xc0 [ 18.622880] ? __pfx_kthread+0x10/0x10 [ 18.622931] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.622980] ? calculate_sigpending+0x7b/0xa0 [ 18.623034] ? __pfx_kthread+0x10/0x10 [ 18.623080] ret_from_fork+0x116/0x1d0 [ 18.623121] ? __pfx_kthread+0x10/0x10 [ 18.623165] ret_from_fork_asm+0x1a/0x30 [ 18.623231] </TASK> [ 18.623255] [ 18.642059] Allocated by task 182: [ 18.642390] kasan_save_stack+0x45/0x70 [ 18.642834] kasan_save_track+0x18/0x40 [ 18.643081] kasan_save_alloc_info+0x3b/0x50 [ 18.643380] __kasan_kmalloc+0xb7/0xc0 [ 18.643766] __kmalloc_cache_noprof+0x189/0x420 [ 18.644058] krealloc_uaf+0xbb/0x5e0 [ 18.644356] kunit_try_run_case+0x1a5/0x480 [ 18.644857] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.645245] kthread+0x337/0x6f0 [ 18.645639] ret_from_fork+0x116/0x1d0 [ 18.646218] ret_from_fork_asm+0x1a/0x30 [ 18.646956] [ 18.647283] Freed by task 182: [ 18.648032] kasan_save_stack+0x45/0x70 [ 18.648442] kasan_save_track+0x18/0x40 [ 18.648908] kasan_save_free_info+0x3f/0x60 [ 18.649595] __kasan_slab_free+0x56/0x70 [ 18.652517] kfree+0x222/0x3f0 [ 18.653900] krealloc_uaf+0x13d/0x5e0 [ 18.654341] kunit_try_run_case+0x1a5/0x480 [ 18.654827] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.655606] kthread+0x337/0x6f0 [ 18.655841] ret_from_fork+0x116/0x1d0 [ 18.656075] ret_from_fork_asm+0x1a/0x30 [ 18.656326] [ 18.656469] The buggy address belongs to the object at ffff888100aad200 [ 18.656469] which belongs to the cache kmalloc-256 of size 256 [ 18.658100] The buggy address is located 0 bytes inside of [ 18.658100] freed 256-byte region [ffff888100aad200, ffff888100aad300) [ 18.659003] [ 18.659204] The buggy address belongs to the physical page: [ 18.659591] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aac [ 18.662292] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.663573] flags: 0x200000000000040(head|node=0|zone=2) [ 18.664340] page_type: f5(slab) [ 18.664774] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 18.665338] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.666585] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 18.667721] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.668272] head: 0200000000000001 ffffea000402ab01 00000000ffffffff 00000000ffffffff [ 18.669314] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.669707] page dumped because: kasan: bad access detected [ 18.670134] [ 18.670412] Memory state around the buggy address: [ 18.671490] ffff888100aad100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.672431] ffff888100aad180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.673140] >ffff888100aad200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.673732] ^ [ 18.674083] ffff888100aad280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.675673] ffff888100aad300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.676578] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 18.516404] ================================================================== [ 18.517112] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 18.518065] Write of size 1 at addr ffff888102a0a0ea by task kunit_try_catch/180 [ 18.518830] [ 18.519118] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 18.519282] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.519324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.519382] Call Trace: [ 18.519430] <TASK> [ 18.519482] dump_stack_lvl+0x73/0xb0 [ 18.519747] print_report+0xd1/0x650 [ 18.519829] ? __virt_addr_valid+0x1db/0x2d0 [ 18.519904] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 18.519980] ? kasan_addr_to_slab+0x11/0xa0 [ 18.520051] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 18.520126] kasan_report+0x141/0x180 [ 18.520201] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 18.520287] __asan_report_store1_noabort+0x1b/0x30 [ 18.520419] krealloc_less_oob_helper+0xe90/0x11d0 [ 18.520522] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 18.520736] ? finish_task_switch.isra.0+0x153/0x700 [ 18.520785] ? __switch_to+0x47/0xf50 [ 18.520824] ? __schedule+0x10cc/0x2b60 [ 18.520858] ? __pfx_read_tsc+0x10/0x10 [ 18.520892] krealloc_large_less_oob+0x1c/0x30 [ 18.520927] kunit_try_run_case+0x1a5/0x480 [ 18.520964] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.520997] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.521030] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.521062] ? __kthread_parkme+0x82/0x180 [ 18.521088] ? preempt_count_sub+0x50/0x80 [ 18.521119] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.521152] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.521184] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.521218] kthread+0x337/0x6f0 [ 18.521244] ? trace_preempt_on+0x20/0xc0 [ 18.521277] ? __pfx_kthread+0x10/0x10 [ 18.521328] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.521395] ? calculate_sigpending+0x7b/0xa0 [ 18.521430] ? __pfx_kthread+0x10/0x10 [ 18.521460] ret_from_fork+0x116/0x1d0 [ 18.521485] ? __pfx_kthread+0x10/0x10 [ 18.521553] ret_from_fork_asm+0x1a/0x30 [ 18.521689] </TASK> [ 18.521720] [ 18.542728] The buggy address belongs to the physical page: [ 18.544393] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a08 [ 18.545808] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.546913] flags: 0x200000000000040(head|node=0|zone=2) [ 18.547330] page_type: f8(unknown) [ 18.547722] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.549190] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.549887] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.550544] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.551074] head: 0200000000000002 ffffea00040a8201 00000000ffffffff 00000000ffffffff [ 18.552661] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.553438] page dumped because: kasan: bad access detected [ 18.555046] [ 18.555216] Memory state around the buggy address: [ 18.555599] ffff888102a09f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.556106] ffff888102a0a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.556910] >ffff888102a0a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 18.557385] ^ [ 18.558254] ffff888102a0a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.559351] ffff888102a0a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.559758] ================================================================== [ 18.023309] ================================================================== [ 18.024468] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 18.025935] Write of size 1 at addr ffff8881003494d0 by task kunit_try_catch/176 [ 18.027260] [ 18.027834] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 18.027967] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.028006] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.028066] Call Trace: [ 18.028571] <TASK> [ 18.028633] dump_stack_lvl+0x73/0xb0 [ 18.028751] print_report+0xd1/0x650 [ 18.028805] ? __virt_addr_valid+0x1db/0x2d0 [ 18.028846] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 18.028887] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.028922] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 18.028961] kasan_report+0x141/0x180 [ 18.028995] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 18.029040] __asan_report_store1_noabort+0x1b/0x30 [ 18.029080] krealloc_less_oob_helper+0xe23/0x11d0 [ 18.029120] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 18.029157] ? irqentry_exit+0x2a/0x60 [ 18.029192] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 18.029249] ? __pfx_krealloc_less_oob+0x10/0x10 [ 18.029327] krealloc_less_oob+0x1c/0x30 [ 18.029427] kunit_try_run_case+0x1a5/0x480 [ 18.029520] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.029582] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.029662] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.029722] ? __kthread_parkme+0x82/0x180 [ 18.029774] ? preempt_count_sub+0x50/0x80 [ 18.029831] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.029891] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.029952] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.030011] kthread+0x337/0x6f0 [ 18.030059] ? trace_preempt_on+0x20/0xc0 [ 18.030118] ? __pfx_kthread+0x10/0x10 [ 18.030168] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.030224] ? calculate_sigpending+0x7b/0xa0 [ 18.030284] ? __pfx_kthread+0x10/0x10 [ 18.030337] ret_from_fork+0x116/0x1d0 [ 18.030385] ? __pfx_kthread+0x10/0x10 [ 18.030438] ret_from_fork_asm+0x1a/0x30 [ 18.030529] </TASK> [ 18.030559] [ 18.056135] Allocated by task 176: [ 18.056749] kasan_save_stack+0x45/0x70 [ 18.057174] kasan_save_track+0x18/0x40 [ 18.057614] kasan_save_alloc_info+0x3b/0x50 [ 18.058049] __kasan_krealloc+0x190/0x1f0 [ 18.058370] krealloc_noprof+0xf3/0x340 [ 18.058791] krealloc_less_oob_helper+0x1aa/0x11d0 [ 18.059397] krealloc_less_oob+0x1c/0x30 [ 18.060620] kunit_try_run_case+0x1a5/0x480 [ 18.060970] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.062093] kthread+0x337/0x6f0 [ 18.063104] ret_from_fork+0x116/0x1d0 [ 18.063671] ret_from_fork_asm+0x1a/0x30 [ 18.064525] [ 18.064789] The buggy address belongs to the object at ffff888100349400 [ 18.064789] which belongs to the cache kmalloc-256 of size 256 [ 18.066410] The buggy address is located 7 bytes to the right of [ 18.066410] allocated 201-byte region [ffff888100349400, ffff8881003494c9) [ 18.070201] [ 18.070779] The buggy address belongs to the physical page: [ 18.072266] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100348 [ 18.073475] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.074064] flags: 0x200000000000040(head|node=0|zone=2) [ 18.074656] page_type: f5(slab) [ 18.075210] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 18.075856] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.076790] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 18.078929] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.079823] head: 0200000000000001 ffffea000400d201 00000000ffffffff 00000000ffffffff [ 18.081614] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.082368] page dumped because: kasan: bad access detected [ 18.083664] [ 18.084684] Memory state around the buggy address: [ 18.085489] ffff888100349380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.087217] ffff888100349400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.088374] >ffff888100349480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 18.089485] ^ [ 18.091266] ffff888100349500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.092825] ffff888100349580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.094282] ================================================================== [ 18.471494] ================================================================== [ 18.472310] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 18.474696] Write of size 1 at addr ffff888102a0a0da by task kunit_try_catch/180 [ 18.475558] [ 18.475922] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 18.476048] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.476087] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.476145] Call Trace: [ 18.476194] <TASK> [ 18.476305] dump_stack_lvl+0x73/0xb0 [ 18.476450] print_report+0xd1/0x650 [ 18.476592] ? __virt_addr_valid+0x1db/0x2d0 [ 18.476678] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 18.476720] ? kasan_addr_to_slab+0x11/0xa0 [ 18.476750] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 18.476784] kasan_report+0x141/0x180 [ 18.476816] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 18.476856] __asan_report_store1_noabort+0x1b/0x30 [ 18.476891] krealloc_less_oob_helper+0xec6/0x11d0 [ 18.476927] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 18.476961] ? finish_task_switch.isra.0+0x153/0x700 [ 18.476992] ? __switch_to+0x47/0xf50 [ 18.477027] ? __schedule+0x10cc/0x2b60 [ 18.477059] ? __pfx_read_tsc+0x10/0x10 [ 18.477092] krealloc_large_less_oob+0x1c/0x30 [ 18.477123] kunit_try_run_case+0x1a5/0x480 [ 18.477160] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.477193] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.477250] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.477301] ? __kthread_parkme+0x82/0x180 [ 18.477330] ? preempt_count_sub+0x50/0x80 [ 18.477368] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.477419] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.477454] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.477488] kthread+0x337/0x6f0 [ 18.477555] ? trace_preempt_on+0x20/0xc0 [ 18.477641] ? __pfx_kthread+0x10/0x10 [ 18.477702] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.477758] ? calculate_sigpending+0x7b/0xa0 [ 18.477814] ? __pfx_kthread+0x10/0x10 [ 18.477866] ret_from_fork+0x116/0x1d0 [ 18.477916] ? __pfx_kthread+0x10/0x10 [ 18.478006] ret_from_fork_asm+0x1a/0x30 [ 18.478106] </TASK> [ 18.478160] [ 18.497139] The buggy address belongs to the physical page: [ 18.497640] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a08 [ 18.499557] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.500280] flags: 0x200000000000040(head|node=0|zone=2) [ 18.501123] page_type: f8(unknown) [ 18.501435] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.502081] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.502953] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.504409] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.505474] head: 0200000000000002 ffffea00040a8201 00000000ffffffff 00000000ffffffff [ 18.506401] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.507280] page dumped because: kasan: bad access detected [ 18.508124] [ 18.508416] Memory state around the buggy address: [ 18.508872] ffff888102a09f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.510151] ffff888102a0a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.512031] >ffff888102a0a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 18.512781] ^ [ 18.513304] ffff888102a0a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.513879] ffff888102a0a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.514492] ================================================================== [ 17.965183] ================================================================== [ 17.966019] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 17.967520] Write of size 1 at addr ffff8881003494c9 by task kunit_try_catch/176 [ 17.968231] [ 17.969154] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 17.969284] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.969580] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.969740] Call Trace: [ 17.969798] <TASK> [ 17.969854] dump_stack_lvl+0x73/0xb0 [ 17.969969] print_report+0xd1/0x650 [ 17.970011] ? __virt_addr_valid+0x1db/0x2d0 [ 17.970049] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 17.970087] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.970122] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 17.970160] kasan_report+0x141/0x180 [ 17.970193] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 17.970247] __asan_report_store1_noabort+0x1b/0x30 [ 17.970311] krealloc_less_oob_helper+0xd70/0x11d0 [ 17.970355] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 17.970392] ? irqentry_exit+0x2a/0x60 [ 17.970431] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 17.970474] ? __pfx_krealloc_less_oob+0x10/0x10 [ 17.970546] krealloc_less_oob+0x1c/0x30 [ 17.970651] kunit_try_run_case+0x1a5/0x480 [ 17.970722] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.970763] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.970802] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.970839] ? __kthread_parkme+0x82/0x180 [ 17.970871] ? preempt_count_sub+0x50/0x80 [ 17.970906] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.970943] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.970980] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.971018] kthread+0x337/0x6f0 [ 17.971048] ? trace_preempt_on+0x20/0xc0 [ 17.971086] ? __pfx_kthread+0x10/0x10 [ 17.971117] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.971151] ? calculate_sigpending+0x7b/0xa0 [ 17.971189] ? __pfx_kthread+0x10/0x10 [ 17.971221] ret_from_fork+0x116/0x1d0 [ 17.971277] ? __pfx_kthread+0x10/0x10 [ 17.971312] ret_from_fork_asm+0x1a/0x30 [ 17.971359] </TASK> [ 17.971377] [ 17.989230] Allocated by task 176: [ 17.989959] kasan_save_stack+0x45/0x70 [ 17.990463] kasan_save_track+0x18/0x40 [ 17.991043] kasan_save_alloc_info+0x3b/0x50 [ 17.991679] __kasan_krealloc+0x190/0x1f0 [ 17.992115] krealloc_noprof+0xf3/0x340 [ 17.992771] krealloc_less_oob_helper+0x1aa/0x11d0 [ 17.995598] krealloc_less_oob+0x1c/0x30 [ 17.996117] kunit_try_run_case+0x1a5/0x480 [ 17.996678] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.997702] kthread+0x337/0x6f0 [ 17.998165] ret_from_fork+0x116/0x1d0 [ 17.998819] ret_from_fork_asm+0x1a/0x30 [ 17.999348] [ 17.999780] The buggy address belongs to the object at ffff888100349400 [ 17.999780] which belongs to the cache kmalloc-256 of size 256 [ 18.001739] The buggy address is located 0 bytes to the right of [ 18.001739] allocated 201-byte region [ffff888100349400, ffff8881003494c9) [ 18.002703] [ 18.002965] The buggy address belongs to the physical page: [ 18.004044] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100348 [ 18.004929] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.005523] flags: 0x200000000000040(head|node=0|zone=2) [ 18.006207] page_type: f5(slab) [ 18.006898] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 18.008456] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.009145] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 18.010059] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.010937] head: 0200000000000001 ffffea000400d201 00000000ffffffff 00000000ffffffff [ 18.011687] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.012521] page dumped because: kasan: bad access detected [ 18.013483] [ 18.014060] Memory state around the buggy address: [ 18.015316] ffff888100349380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.015790] ffff888100349400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.017203] >ffff888100349480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 18.018579] ^ [ 18.019728] ffff888100349500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.021165] ffff888100349580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.022201] ================================================================== [ 18.416455] ================================================================== [ 18.417862] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 18.418746] Write of size 1 at addr ffff888102a0a0d0 by task kunit_try_catch/180 [ 18.419815] [ 18.420811] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 18.420935] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.420967] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.421021] Call Trace: [ 18.421065] <TASK> [ 18.421106] dump_stack_lvl+0x73/0xb0 [ 18.421202] print_report+0xd1/0x650 [ 18.421274] ? __virt_addr_valid+0x1db/0x2d0 [ 18.421329] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 18.421366] ? kasan_addr_to_slab+0x11/0xa0 [ 18.421395] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 18.421431] kasan_report+0x141/0x180 [ 18.421463] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 18.421529] __asan_report_store1_noabort+0x1b/0x30 [ 18.421609] krealloc_less_oob_helper+0xe23/0x11d0 [ 18.421711] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 18.421787] ? finish_task_switch.isra.0+0x153/0x700 [ 18.421856] ? __switch_to+0x47/0xf50 [ 18.421943] ? __schedule+0x10cc/0x2b60 [ 18.422015] ? __pfx_read_tsc+0x10/0x10 [ 18.422090] krealloc_large_less_oob+0x1c/0x30 [ 18.422133] kunit_try_run_case+0x1a5/0x480 [ 18.422174] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.422211] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.422285] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.422323] ? __kthread_parkme+0x82/0x180 [ 18.422352] ? preempt_count_sub+0x50/0x80 [ 18.422383] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.422419] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.422452] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.422487] kthread+0x337/0x6f0 [ 18.422556] ? trace_preempt_on+0x20/0xc0 [ 18.422635] ? __pfx_kthread+0x10/0x10 [ 18.422693] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.422727] ? calculate_sigpending+0x7b/0xa0 [ 18.422761] ? __pfx_kthread+0x10/0x10 [ 18.422790] ret_from_fork+0x116/0x1d0 [ 18.422817] ? __pfx_kthread+0x10/0x10 [ 18.422846] ret_from_fork_asm+0x1a/0x30 [ 18.422886] </TASK> [ 18.422902] [ 18.452033] The buggy address belongs to the physical page: [ 18.453047] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a08 [ 18.454735] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.455637] flags: 0x200000000000040(head|node=0|zone=2) [ 18.456201] page_type: f8(unknown) [ 18.456782] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.457273] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.458135] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.458999] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.460210] head: 0200000000000002 ffffea00040a8201 00000000ffffffff 00000000ffffffff [ 18.461369] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.462362] page dumped because: kasan: bad access detected [ 18.462987] [ 18.463688] Memory state around the buggy address: [ 18.464746] ffff888102a09f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.466175] ffff888102a0a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.467050] >ffff888102a0a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 18.467731] ^ [ 18.468250] ffff888102a0a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.468904] ffff888102a0a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.469399] ================================================================== [ 18.096316] ================================================================== [ 18.098319] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 18.099826] Write of size 1 at addr ffff8881003494da by task kunit_try_catch/176 [ 18.100495] [ 18.101030] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 18.101165] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.101205] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.101263] Call Trace: [ 18.101313] <TASK> [ 18.101378] dump_stack_lvl+0x73/0xb0 [ 18.101460] print_report+0xd1/0x650 [ 18.101525] ? __virt_addr_valid+0x1db/0x2d0 [ 18.101615] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 18.101702] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.101767] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 18.101828] kasan_report+0x141/0x180 [ 18.101885] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 18.101957] __asan_report_store1_noabort+0x1b/0x30 [ 18.102022] krealloc_less_oob_helper+0xec6/0x11d0 [ 18.102090] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 18.102152] ? irqentry_exit+0x2a/0x60 [ 18.102215] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 18.102294] ? __pfx_krealloc_less_oob+0x10/0x10 [ 18.102366] krealloc_less_oob+0x1c/0x30 [ 18.102431] kunit_try_run_case+0x1a5/0x480 [ 18.102522] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.102600] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.102674] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.102716] ? __kthread_parkme+0x82/0x180 [ 18.102750] ? preempt_count_sub+0x50/0x80 [ 18.102784] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.102823] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.102861] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.102900] kthread+0x337/0x6f0 [ 18.102928] ? trace_preempt_on+0x20/0xc0 [ 18.102964] ? __pfx_kthread+0x10/0x10 [ 18.102994] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.103027] ? calculate_sigpending+0x7b/0xa0 [ 18.103063] ? __pfx_kthread+0x10/0x10 [ 18.103094] ret_from_fork+0x116/0x1d0 [ 18.103122] ? __pfx_kthread+0x10/0x10 [ 18.103157] ret_from_fork_asm+0x1a/0x30 [ 18.103206] </TASK> [ 18.103225] [ 18.121703] Allocated by task 176: [ 18.122447] kasan_save_stack+0x45/0x70 [ 18.123989] kasan_save_track+0x18/0x40 [ 18.124899] kasan_save_alloc_info+0x3b/0x50 [ 18.125248] __kasan_krealloc+0x190/0x1f0 [ 18.125677] krealloc_noprof+0xf3/0x340 [ 18.126371] krealloc_less_oob_helper+0x1aa/0x11d0 [ 18.127169] krealloc_less_oob+0x1c/0x30 [ 18.127657] kunit_try_run_case+0x1a5/0x480 [ 18.128768] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.129217] kthread+0x337/0x6f0 [ 18.129910] ret_from_fork+0x116/0x1d0 [ 18.130830] ret_from_fork_asm+0x1a/0x30 [ 18.131229] [ 18.132110] The buggy address belongs to the object at ffff888100349400 [ 18.132110] which belongs to the cache kmalloc-256 of size 256 [ 18.134372] The buggy address is located 17 bytes to the right of [ 18.134372] allocated 201-byte region [ffff888100349400, ffff8881003494c9) [ 18.135777] [ 18.136043] The buggy address belongs to the physical page: [ 18.136564] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100348 [ 18.137442] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.138359] flags: 0x200000000000040(head|node=0|zone=2) [ 18.138937] page_type: f5(slab) [ 18.139349] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 18.139987] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.141604] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 18.142650] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.143760] head: 0200000000000001 ffffea000400d201 00000000ffffffff 00000000ffffffff [ 18.144390] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.145658] page dumped because: kasan: bad access detected [ 18.146260] [ 18.146488] Memory state around the buggy address: [ 18.146974] ffff888100349380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.147776] ffff888100349400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.148276] >ffff888100349480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 18.149242] ^ [ 18.150020] ffff888100349500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.150903] ffff888100349580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.152113] ================================================================== [ 18.154156] ================================================================== [ 18.155972] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 18.156918] Write of size 1 at addr ffff8881003494ea by task kunit_try_catch/176 [ 18.157559] [ 18.157858] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 18.158030] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.158072] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.158132] Call Trace: [ 18.158183] <TASK> [ 18.158281] dump_stack_lvl+0x73/0xb0 [ 18.158401] print_report+0xd1/0x650 [ 18.158484] ? __virt_addr_valid+0x1db/0x2d0 [ 18.158666] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 18.158744] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.158827] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 18.158905] kasan_report+0x141/0x180 [ 18.158983] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 18.159145] __asan_report_store1_noabort+0x1b/0x30 [ 18.159261] krealloc_less_oob_helper+0xe90/0x11d0 [ 18.159394] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 18.159464] ? irqentry_exit+0x2a/0x60 [ 18.159545] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 18.159616] ? __pfx_krealloc_less_oob+0x10/0x10 [ 18.159682] krealloc_less_oob+0x1c/0x30 [ 18.159742] kunit_try_run_case+0x1a5/0x480 [ 18.159807] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.159891] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.159957] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.160021] ? __kthread_parkme+0x82/0x180 [ 18.160079] ? preempt_count_sub+0x50/0x80 [ 18.160143] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.160210] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.160324] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.160395] kthread+0x337/0x6f0 [ 18.160450] ? trace_preempt_on+0x20/0xc0 [ 18.160570] ? __pfx_kthread+0x10/0x10 [ 18.160638] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.160702] ? calculate_sigpending+0x7b/0xa0 [ 18.160773] ? __pfx_kthread+0x10/0x10 [ 18.160836] ret_from_fork+0x116/0x1d0 [ 18.160896] ? __pfx_kthread+0x10/0x10 [ 18.160954] ret_from_fork_asm+0x1a/0x30 [ 18.161036] </TASK> [ 18.161067] [ 18.184117] Allocated by task 176: [ 18.184567] kasan_save_stack+0x45/0x70 [ 18.184988] kasan_save_track+0x18/0x40 [ 18.185413] kasan_save_alloc_info+0x3b/0x50 [ 18.185913] __kasan_krealloc+0x190/0x1f0 [ 18.186237] krealloc_noprof+0xf3/0x340 [ 18.186665] krealloc_less_oob_helper+0x1aa/0x11d0 [ 18.187405] krealloc_less_oob+0x1c/0x30 [ 18.187947] kunit_try_run_case+0x1a5/0x480 [ 18.188531] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.189268] kthread+0x337/0x6f0 [ 18.189753] ret_from_fork+0x116/0x1d0 [ 18.190177] ret_from_fork_asm+0x1a/0x30 [ 18.190699] [ 18.190945] The buggy address belongs to the object at ffff888100349400 [ 18.190945] which belongs to the cache kmalloc-256 of size 256 [ 18.192137] The buggy address is located 33 bytes to the right of [ 18.192137] allocated 201-byte region [ffff888100349400, ffff8881003494c9) [ 18.193052] [ 18.193296] The buggy address belongs to the physical page: [ 18.194076] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100348 [ 18.195048] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.195890] flags: 0x200000000000040(head|node=0|zone=2) [ 18.196450] page_type: f5(slab) [ 18.197644] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 18.198298] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.198893] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 18.199467] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.200118] head: 0200000000000001 ffffea000400d201 00000000ffffffff 00000000ffffffff [ 18.200880] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.201697] page dumped because: kasan: bad access detected [ 18.202179] [ 18.202464] Memory state around the buggy address: [ 18.203119] ffff888100349380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.203903] ffff888100349400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.204547] >ffff888100349480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 18.205206] ^ [ 18.205831] ffff888100349500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.206651] ffff888100349580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.207374] ================================================================== [ 18.209110] ================================================================== [ 18.210855] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 18.211684] Write of size 1 at addr ffff8881003494eb by task kunit_try_catch/176 [ 18.212213] [ 18.212568] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 18.212971] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.213012] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.213069] Call Trace: [ 18.213114] <TASK> [ 18.213165] dump_stack_lvl+0x73/0xb0 [ 18.213266] print_report+0xd1/0x650 [ 18.213347] ? __virt_addr_valid+0x1db/0x2d0 [ 18.213477] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 18.213578] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.213689] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 18.213760] kasan_report+0x141/0x180 [ 18.213821] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 18.213895] __asan_report_store1_noabort+0x1b/0x30 [ 18.213964] krealloc_less_oob_helper+0xd47/0x11d0 [ 18.214035] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 18.214100] ? irqentry_exit+0x2a/0x60 [ 18.214163] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 18.214244] ? __pfx_krealloc_less_oob+0x10/0x10 [ 18.214319] krealloc_less_oob+0x1c/0x30 [ 18.214387] kunit_try_run_case+0x1a5/0x480 [ 18.214466] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.214552] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.214594] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.214631] ? __kthread_parkme+0x82/0x180 [ 18.214663] ? preempt_count_sub+0x50/0x80 [ 18.214696] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.214734] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.214771] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.214809] kthread+0x337/0x6f0 [ 18.214837] ? trace_preempt_on+0x20/0xc0 [ 18.214872] ? __pfx_kthread+0x10/0x10 [ 18.214903] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.214937] ? calculate_sigpending+0x7b/0xa0 [ 18.214973] ? __pfx_kthread+0x10/0x10 [ 18.215004] ret_from_fork+0x116/0x1d0 [ 18.215032] ? __pfx_kthread+0x10/0x10 [ 18.215062] ret_from_fork_asm+0x1a/0x30 [ 18.215107] </TASK> [ 18.215123] [ 18.231350] Allocated by task 176: [ 18.231768] kasan_save_stack+0x45/0x70 [ 18.232141] kasan_save_track+0x18/0x40 [ 18.232715] kasan_save_alloc_info+0x3b/0x50 [ 18.233382] __kasan_krealloc+0x190/0x1f0 [ 18.233849] krealloc_noprof+0xf3/0x340 [ 18.234236] krealloc_less_oob_helper+0x1aa/0x11d0 [ 18.234782] krealloc_less_oob+0x1c/0x30 [ 18.235106] kunit_try_run_case+0x1a5/0x480 [ 18.235445] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.236206] kthread+0x337/0x6f0 [ 18.236676] ret_from_fork+0x116/0x1d0 [ 18.237386] ret_from_fork_asm+0x1a/0x30 [ 18.237900] [ 18.238108] The buggy address belongs to the object at ffff888100349400 [ 18.238108] which belongs to the cache kmalloc-256 of size 256 [ 18.238948] The buggy address is located 34 bytes to the right of [ 18.238948] allocated 201-byte region [ffff888100349400, ffff8881003494c9) [ 18.240131] [ 18.240518] The buggy address belongs to the physical page: [ 18.240918] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100348 [ 18.241480] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.242341] flags: 0x200000000000040(head|node=0|zone=2) [ 18.243434] page_type: f5(slab) [ 18.244661] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 18.246584] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.247922] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 18.248193] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.248714] head: 0200000000000001 ffffea000400d201 00000000ffffffff 00000000ffffffff [ 18.250034] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.250889] page dumped because: kasan: bad access detected [ 18.251620] [ 18.251856] Memory state around the buggy address: [ 18.252828] ffff888100349380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.253591] ffff888100349400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.254353] >ffff888100349480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 18.255066] ^ [ 18.255724] ffff888100349500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.255980] ffff888100349580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.256217] ================================================================== [ 18.366218] ================================================================== [ 18.367290] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 18.368339] Write of size 1 at addr ffff888102a0a0c9 by task kunit_try_catch/180 [ 18.369059] [ 18.369434] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 18.369580] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.369642] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.369705] Call Trace: [ 18.369755] <TASK> [ 18.369807] dump_stack_lvl+0x73/0xb0 [ 18.370210] print_report+0xd1/0x650 [ 18.370462] ? __virt_addr_valid+0x1db/0x2d0 [ 18.370578] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 18.371039] ? kasan_addr_to_slab+0x11/0xa0 [ 18.371105] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 18.371166] kasan_report+0x141/0x180 [ 18.371226] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 18.371298] __asan_report_store1_noabort+0x1b/0x30 [ 18.371363] krealloc_less_oob_helper+0xd70/0x11d0 [ 18.371429] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 18.371493] ? finish_task_switch.isra.0+0x153/0x700 [ 18.371579] ? __switch_to+0x47/0xf50 [ 18.371837] ? __schedule+0x10cc/0x2b60 [ 18.371874] ? __pfx_read_tsc+0x10/0x10 [ 18.371911] krealloc_large_less_oob+0x1c/0x30 [ 18.371944] kunit_try_run_case+0x1a5/0x480 [ 18.371983] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.372016] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.372050] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.372083] ? __kthread_parkme+0x82/0x180 [ 18.372111] ? preempt_count_sub+0x50/0x80 [ 18.372142] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.372176] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.372209] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.372301] kthread+0x337/0x6f0 [ 18.372333] ? trace_preempt_on+0x20/0xc0 [ 18.372367] ? __pfx_kthread+0x10/0x10 [ 18.372396] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.372427] ? calculate_sigpending+0x7b/0xa0 [ 18.372461] ? __pfx_kthread+0x10/0x10 [ 18.372490] ret_from_fork+0x116/0x1d0 [ 18.372556] ? __pfx_kthread+0x10/0x10 [ 18.372625] ret_from_fork_asm+0x1a/0x30 [ 18.372704] </TASK> [ 18.372722] [ 18.395786] The buggy address belongs to the physical page: [ 18.396656] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a08 [ 18.398226] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.399458] flags: 0x200000000000040(head|node=0|zone=2) [ 18.400182] page_type: f8(unknown) [ 18.401191] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.401805] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.402608] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.403006] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.404866] head: 0200000000000002 ffffea00040a8201 00000000ffffffff 00000000ffffffff [ 18.406295] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.407247] page dumped because: kasan: bad access detected [ 18.408185] [ 18.408443] Memory state around the buggy address: [ 18.409213] ffff888102a09f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.410552] ffff888102a0a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.411585] >ffff888102a0a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 18.412345] ^ [ 18.413261] ffff888102a0a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.413853] ffff888102a0a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.414380] ================================================================== [ 18.560450] ================================================================== [ 18.560829] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 18.561236] Write of size 1 at addr ffff888102a0a0eb by task kunit_try_catch/180 [ 18.563754] [ 18.563969] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 18.564091] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.564130] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.564188] Call Trace: [ 18.564360] <TASK> [ 18.564422] dump_stack_lvl+0x73/0xb0 [ 18.564677] print_report+0xd1/0x650 [ 18.564765] ? __virt_addr_valid+0x1db/0x2d0 [ 18.564862] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 18.564941] ? kasan_addr_to_slab+0x11/0xa0 [ 18.565014] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 18.565091] kasan_report+0x141/0x180 [ 18.565167] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 18.565252] __asan_report_store1_noabort+0x1b/0x30 [ 18.565332] krealloc_less_oob_helper+0xd47/0x11d0 [ 18.565413] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 18.565487] ? finish_task_switch.isra.0+0x153/0x700 [ 18.565723] ? __switch_to+0x47/0xf50 [ 18.565812] ? __schedule+0x10cc/0x2b60 [ 18.565887] ? __pfx_read_tsc+0x10/0x10 [ 18.565964] krealloc_large_less_oob+0x1c/0x30 [ 18.566037] kunit_try_run_case+0x1a5/0x480 [ 18.566116] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.566188] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.566296] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.566339] ? __kthread_parkme+0x82/0x180 [ 18.566370] ? preempt_count_sub+0x50/0x80 [ 18.566401] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.566437] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.566472] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.566534] kthread+0x337/0x6f0 [ 18.566630] ? trace_preempt_on+0x20/0xc0 [ 18.566703] ? __pfx_kthread+0x10/0x10 [ 18.566766] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.566826] ? calculate_sigpending+0x7b/0xa0 [ 18.566883] ? __pfx_kthread+0x10/0x10 [ 18.566938] ret_from_fork+0x116/0x1d0 [ 18.566995] ? __pfx_kthread+0x10/0x10 [ 18.567051] ret_from_fork_asm+0x1a/0x30 [ 18.567121] </TASK> [ 18.567150] [ 18.590584] The buggy address belongs to the physical page: [ 18.591159] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a08 [ 18.594311] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.595039] flags: 0x200000000000040(head|node=0|zone=2) [ 18.595805] page_type: f8(unknown) [ 18.596178] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.596786] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.597165] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.597596] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.597981] head: 0200000000000002 ffffea00040a8201 00000000ffffffff 00000000ffffffff [ 18.598456] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.599070] page dumped because: kasan: bad access detected [ 18.599722] [ 18.600098] Memory state around the buggy address: [ 18.601542] ffff888102a09f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.602731] ffff888102a0a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.603650] >ffff888102a0a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 18.604273] ^ [ 18.605518] ffff888102a0a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.606415] ffff888102a0a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.607112] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 18.264034] ================================================================== [ 18.264988] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 18.265939] Write of size 1 at addr ffff88810261e0eb by task kunit_try_catch/178 [ 18.266462] [ 18.266857] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 18.266966] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.266997] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.267048] Call Trace: [ 18.267089] <TASK> [ 18.267132] dump_stack_lvl+0x73/0xb0 [ 18.267374] print_report+0xd1/0x650 [ 18.267457] ? __virt_addr_valid+0x1db/0x2d0 [ 18.267598] ? krealloc_more_oob_helper+0x821/0x930 [ 18.267681] ? kasan_addr_to_slab+0x11/0xa0 [ 18.267751] ? krealloc_more_oob_helper+0x821/0x930 [ 18.267828] kasan_report+0x141/0x180 [ 18.267900] ? krealloc_more_oob_helper+0x821/0x930 [ 18.267983] __asan_report_store1_noabort+0x1b/0x30 [ 18.268061] krealloc_more_oob_helper+0x821/0x930 [ 18.268128] ? __schedule+0x10cc/0x2b60 [ 18.268200] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 18.268404] ? finish_task_switch.isra.0+0x153/0x700 [ 18.268482] ? __switch_to+0x47/0xf50 [ 18.268627] ? __schedule+0x10cc/0x2b60 [ 18.268701] ? __pfx_read_tsc+0x10/0x10 [ 18.268778] krealloc_large_more_oob+0x1c/0x30 [ 18.268853] kunit_try_run_case+0x1a5/0x480 [ 18.268939] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.269009] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.269047] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.269081] ? __kthread_parkme+0x82/0x180 [ 18.269111] ? preempt_count_sub+0x50/0x80 [ 18.269144] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.269179] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.269212] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.269292] kthread+0x337/0x6f0 [ 18.269324] ? trace_preempt_on+0x20/0xc0 [ 18.269360] ? __pfx_kthread+0x10/0x10 [ 18.269388] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.269420] ? calculate_sigpending+0x7b/0xa0 [ 18.269456] ? __pfx_kthread+0x10/0x10 [ 18.269485] ret_from_fork+0x116/0x1d0 [ 18.269548] ? __pfx_kthread+0x10/0x10 [ 18.269680] ret_from_fork_asm+0x1a/0x30 [ 18.269762] </TASK> [ 18.269782] [ 18.292209] The buggy address belongs to the physical page: [ 18.293160] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261c [ 18.294130] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.295079] flags: 0x200000000000040(head|node=0|zone=2) [ 18.295854] page_type: f8(unknown) [ 18.296341] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.297170] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.298123] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.299146] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.300495] head: 0200000000000002 ffffea0004098701 00000000ffffffff 00000000ffffffff [ 18.301349] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.302173] page dumped because: kasan: bad access detected [ 18.303000] [ 18.303197] Memory state around the buggy address: [ 18.303994] ffff88810261df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.304742] ffff88810261e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.305449] >ffff88810261e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 18.306184] ^ [ 18.306944] ffff88810261e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.307833] ffff88810261e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.308487] ================================================================== [ 17.886165] ================================================================== [ 17.887007] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 17.887738] Write of size 1 at addr ffff8881003492f0 by task kunit_try_catch/174 [ 17.888437] [ 17.889019] CPU: 0 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 17.889151] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.889192] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.889378] Call Trace: [ 17.889460] <TASK> [ 17.889534] dump_stack_lvl+0x73/0xb0 [ 17.889660] print_report+0xd1/0x650 [ 17.889735] ? __virt_addr_valid+0x1db/0x2d0 [ 17.889798] ? krealloc_more_oob_helper+0x7eb/0x930 [ 17.889858] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.889919] ? krealloc_more_oob_helper+0x7eb/0x930 [ 17.889981] kasan_report+0x141/0x180 [ 17.890040] ? krealloc_more_oob_helper+0x7eb/0x930 [ 17.890110] __asan_report_store1_noabort+0x1b/0x30 [ 17.890188] krealloc_more_oob_helper+0x7eb/0x930 [ 17.890257] ? __schedule+0x10cc/0x2b60 [ 17.890328] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 17.890397] ? finish_task_switch.isra.0+0x153/0x700 [ 17.890466] ? __switch_to+0x47/0xf50 [ 17.890571] ? __schedule+0x10cc/0x2b60 [ 17.890643] ? __pfx_read_tsc+0x10/0x10 [ 17.890715] krealloc_more_oob+0x1c/0x30 [ 17.890806] kunit_try_run_case+0x1a5/0x480 [ 17.890911] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.890983] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.891054] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.891126] ? __kthread_parkme+0x82/0x180 [ 17.891191] ? preempt_count_sub+0x50/0x80 [ 17.891285] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.891362] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.891434] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.891476] kthread+0x337/0x6f0 [ 17.891541] ? trace_preempt_on+0x20/0xc0 [ 17.891627] ? __pfx_kthread+0x10/0x10 [ 17.891683] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.891745] ? calculate_sigpending+0x7b/0xa0 [ 17.891810] ? __pfx_kthread+0x10/0x10 [ 17.891869] ret_from_fork+0x116/0x1d0 [ 17.891926] ? __pfx_kthread+0x10/0x10 [ 17.891983] ret_from_fork_asm+0x1a/0x30 [ 17.892061] </TASK> [ 17.892092] [ 17.924274] Allocated by task 174: [ 17.924940] kasan_save_stack+0x45/0x70 [ 17.925923] kasan_save_track+0x18/0x40 [ 17.926761] kasan_save_alloc_info+0x3b/0x50 [ 17.927598] __kasan_krealloc+0x190/0x1f0 [ 17.928447] krealloc_noprof+0xf3/0x340 [ 17.928803] krealloc_more_oob_helper+0x1a9/0x930 [ 17.929755] krealloc_more_oob+0x1c/0x30 [ 17.930031] kunit_try_run_case+0x1a5/0x480 [ 17.930321] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.931922] kthread+0x337/0x6f0 [ 17.932459] ret_from_fork+0x116/0x1d0 [ 17.933341] ret_from_fork_asm+0x1a/0x30 [ 17.933763] [ 17.934606] The buggy address belongs to the object at ffff888100349200 [ 17.934606] which belongs to the cache kmalloc-256 of size 256 [ 17.936046] The buggy address is located 5 bytes to the right of [ 17.936046] allocated 235-byte region [ffff888100349200, ffff8881003492eb) [ 17.938203] [ 17.938445] The buggy address belongs to the physical page: [ 17.938989] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100348 [ 17.939823] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.940394] flags: 0x200000000000040(head|node=0|zone=2) [ 17.941888] page_type: f5(slab) [ 17.942250] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.942912] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.943785] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.944514] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.946099] head: 0200000000000001 ffffea000400d201 00000000ffffffff 00000000ffffffff [ 17.947366] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.948196] page dumped because: kasan: bad access detected [ 17.948981] [ 17.949138] Memory state around the buggy address: [ 17.949653] ffff888100349180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.951015] ffff888100349200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.952318] >ffff888100349280: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 17.953271] ^ [ 17.954637] ffff888100349300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.955429] ffff888100349380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.956190] ================================================================== [ 17.828348] ================================================================== [ 17.829351] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 17.830866] Write of size 1 at addr ffff8881003492eb by task kunit_try_catch/174 [ 17.832093] [ 17.832814] CPU: 0 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 17.832960] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.832998] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.833044] Call Trace: [ 17.833068] <TASK> [ 17.833092] dump_stack_lvl+0x73/0xb0 [ 17.833147] print_report+0xd1/0x650 [ 17.833180] ? __virt_addr_valid+0x1db/0x2d0 [ 17.833213] ? krealloc_more_oob_helper+0x821/0x930 [ 17.833288] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.833321] ? krealloc_more_oob_helper+0x821/0x930 [ 17.833355] kasan_report+0x141/0x180 [ 17.833385] ? krealloc_more_oob_helper+0x821/0x930 [ 17.833424] __asan_report_store1_noabort+0x1b/0x30 [ 17.833460] krealloc_more_oob_helper+0x821/0x930 [ 17.833491] ? __schedule+0x10cc/0x2b60 [ 17.833612] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 17.833709] ? finish_task_switch.isra.0+0x153/0x700 [ 17.833745] ? __switch_to+0x47/0xf50 [ 17.833783] ? __schedule+0x10cc/0x2b60 [ 17.833813] ? __pfx_read_tsc+0x10/0x10 [ 17.833847] krealloc_more_oob+0x1c/0x30 [ 17.833879] kunit_try_run_case+0x1a5/0x480 [ 17.833918] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.833953] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.833986] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.834018] ? __kthread_parkme+0x82/0x180 [ 17.834044] ? preempt_count_sub+0x50/0x80 [ 17.834074] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.834107] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.834140] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.834173] kthread+0x337/0x6f0 [ 17.834199] ? trace_preempt_on+0x20/0xc0 [ 17.834243] ? __pfx_kthread+0x10/0x10 [ 17.834293] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.834325] ? calculate_sigpending+0x7b/0xa0 [ 17.834359] ? __pfx_kthread+0x10/0x10 [ 17.834389] ret_from_fork+0x116/0x1d0 [ 17.834415] ? __pfx_kthread+0x10/0x10 [ 17.834443] ret_from_fork_asm+0x1a/0x30 [ 17.834484] </TASK> [ 17.834524] [ 17.854157] Allocated by task 174: [ 17.854942] kasan_save_stack+0x45/0x70 [ 17.855705] kasan_save_track+0x18/0x40 [ 17.856041] kasan_save_alloc_info+0x3b/0x50 [ 17.856481] __kasan_krealloc+0x190/0x1f0 [ 17.857044] krealloc_noprof+0xf3/0x340 [ 17.858077] krealloc_more_oob_helper+0x1a9/0x930 [ 17.858915] krealloc_more_oob+0x1c/0x30 [ 17.859477] kunit_try_run_case+0x1a5/0x480 [ 17.860169] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.861011] kthread+0x337/0x6f0 [ 17.861454] ret_from_fork+0x116/0x1d0 [ 17.862201] ret_from_fork_asm+0x1a/0x30 [ 17.862869] [ 17.863552] The buggy address belongs to the object at ffff888100349200 [ 17.863552] which belongs to the cache kmalloc-256 of size 256 [ 17.865236] The buggy address is located 0 bytes to the right of [ 17.865236] allocated 235-byte region [ffff888100349200, ffff8881003492eb) [ 17.866240] [ 17.866573] The buggy address belongs to the physical page: [ 17.867063] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100348 [ 17.867695] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.869321] flags: 0x200000000000040(head|node=0|zone=2) [ 17.869999] page_type: f5(slab) [ 17.870869] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.871430] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.872293] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.873033] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.874370] head: 0200000000000001 ffffea000400d201 00000000ffffffff 00000000ffffffff [ 17.875722] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.876295] page dumped because: kasan: bad access detected [ 17.876968] [ 17.877185] Memory state around the buggy address: [ 17.877786] ffff888100349180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.878773] ffff888100349200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.879225] >ffff888100349280: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 17.880161] ^ [ 17.880650] ffff888100349300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.881919] ffff888100349380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.882841] ================================================================== [ 18.309924] ================================================================== [ 18.311387] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 18.312367] Write of size 1 at addr ffff88810261e0f0 by task kunit_try_catch/178 [ 18.314131] [ 18.314682] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 18.314802] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.314836] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.314894] Call Trace: [ 18.314938] <TASK> [ 18.314989] dump_stack_lvl+0x73/0xb0 [ 18.315059] print_report+0xd1/0x650 [ 18.315095] ? __virt_addr_valid+0x1db/0x2d0 [ 18.315129] ? krealloc_more_oob_helper+0x7eb/0x930 [ 18.315164] ? kasan_addr_to_slab+0x11/0xa0 [ 18.315193] ? krealloc_more_oob_helper+0x7eb/0x930 [ 18.315237] kasan_report+0x141/0x180 [ 18.315309] ? krealloc_more_oob_helper+0x7eb/0x930 [ 18.315353] __asan_report_store1_noabort+0x1b/0x30 [ 18.315390] krealloc_more_oob_helper+0x7eb/0x930 [ 18.315422] ? __schedule+0x10cc/0x2b60 [ 18.315457] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 18.315493] ? finish_task_switch.isra.0+0x153/0x700 [ 18.315591] ? __switch_to+0x47/0xf50 [ 18.315675] ? __schedule+0x10cc/0x2b60 [ 18.315735] ? __pfx_read_tsc+0x10/0x10 [ 18.315796] krealloc_large_more_oob+0x1c/0x30 [ 18.315832] kunit_try_run_case+0x1a5/0x480 [ 18.315873] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.315908] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.315941] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.315974] ? __kthread_parkme+0x82/0x180 [ 18.316001] ? preempt_count_sub+0x50/0x80 [ 18.316031] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.316067] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.316099] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.316133] kthread+0x337/0x6f0 [ 18.316159] ? trace_preempt_on+0x20/0xc0 [ 18.316191] ? __pfx_kthread+0x10/0x10 [ 18.316219] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.316278] ? calculate_sigpending+0x7b/0xa0 [ 18.316315] ? __pfx_kthread+0x10/0x10 [ 18.316345] ret_from_fork+0x116/0x1d0 [ 18.316370] ? __pfx_kthread+0x10/0x10 [ 18.316399] ret_from_fork_asm+0x1a/0x30 [ 18.316441] </TASK> [ 18.316455] [ 18.339336] The buggy address belongs to the physical page: [ 18.339889] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261c [ 18.340905] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.342031] flags: 0x200000000000040(head|node=0|zone=2) [ 18.343427] page_type: f8(unknown) [ 18.344147] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.345542] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.346484] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.347627] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.348734] head: 0200000000000002 ffffea0004098701 00000000ffffffff 00000000ffffffff [ 18.349702] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.351215] page dumped because: kasan: bad access detected [ 18.352014] [ 18.352384] Memory state around the buggy address: [ 18.352910] ffff88810261df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.354521] ffff88810261e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.355535] >ffff88810261e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 18.356438] ^ [ 18.357050] ffff88810261e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.357987] ffff88810261e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.358378] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 17.781869] ================================================================== [ 17.782725] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 17.783657] Read of size 1 at addr ffff888103a10000 by task kunit_try_catch/172 [ 17.784481] [ 17.784726] CPU: 0 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 17.784850] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.784885] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.785647] Call Trace: [ 17.785718] <TASK> [ 17.785772] dump_stack_lvl+0x73/0xb0 [ 17.785887] print_report+0xd1/0x650 [ 17.785966] ? __virt_addr_valid+0x1db/0x2d0 [ 17.786042] ? page_alloc_uaf+0x356/0x3d0 [ 17.786115] ? kasan_addr_to_slab+0x11/0xa0 [ 17.786181] ? page_alloc_uaf+0x356/0x3d0 [ 17.786621] kasan_report+0x141/0x180 [ 17.786867] ? page_alloc_uaf+0x356/0x3d0 [ 17.786960] __asan_report_load1_noabort+0x18/0x20 [ 17.787037] page_alloc_uaf+0x356/0x3d0 [ 17.787080] ? __pfx_page_alloc_uaf+0x10/0x10 [ 17.787119] ? __schedule+0x10cc/0x2b60 [ 17.787154] ? __pfx_read_tsc+0x10/0x10 [ 17.787187] ? ktime_get_ts64+0x86/0x230 [ 17.787223] kunit_try_run_case+0x1a5/0x480 [ 17.787291] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.787329] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.787364] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.787396] ? __kthread_parkme+0x82/0x180 [ 17.787425] ? preempt_count_sub+0x50/0x80 [ 17.787455] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.787490] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.787581] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.787656] kthread+0x337/0x6f0 [ 17.787716] ? trace_preempt_on+0x20/0xc0 [ 17.787754] ? __pfx_kthread+0x10/0x10 [ 17.787783] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.787815] ? calculate_sigpending+0x7b/0xa0 [ 17.787850] ? __pfx_kthread+0x10/0x10 [ 17.787878] ret_from_fork+0x116/0x1d0 [ 17.787904] ? __pfx_kthread+0x10/0x10 [ 17.787932] ret_from_fork_asm+0x1a/0x30 [ 17.787974] </TASK> [ 17.787990] [ 17.807819] The buggy address belongs to the physical page: [ 17.808517] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a10 [ 17.809553] flags: 0x200000000000000(node=0|zone=2) [ 17.810040] page_type: f0(buddy) [ 17.810421] raw: 0200000000000000 ffff88817fffb460 ffff88817fffb460 0000000000000000 [ 17.812293] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 17.813688] page dumped because: kasan: bad access detected [ 17.814363] [ 17.814611] Memory state around the buggy address: [ 17.815354] ffff888103a0ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.816495] ffff888103a0ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.817739] >ffff888103a10000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.818126] ^ [ 17.818720] ffff888103a10080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.819808] ffff888103a10100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.820849] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kfree
[ 17.721014] ================================================================== [ 17.721874] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 17.723599] Free of addr ffff888102a08001 by task kunit_try_catch/168 [ 17.724483] [ 17.724953] CPU: 0 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 17.725080] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.725119] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.725182] Call Trace: [ 17.725272] <TASK> [ 17.725333] dump_stack_lvl+0x73/0xb0 [ 17.725441] print_report+0xd1/0x650 [ 17.725549] ? __virt_addr_valid+0x1db/0x2d0 [ 17.725692] ? kasan_addr_to_slab+0x11/0xa0 [ 17.725755] ? kfree+0x274/0x3f0 [ 17.725795] kasan_report_invalid_free+0x10a/0x130 [ 17.725833] ? kfree+0x274/0x3f0 [ 17.725872] ? kfree+0x274/0x3f0 [ 17.725907] __kasan_kfree_large+0x86/0xd0 [ 17.725937] free_large_kmalloc+0x4b/0x110 [ 17.725975] kfree+0x274/0x3f0 [ 17.726015] kmalloc_large_invalid_free+0x120/0x2b0 [ 17.726048] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 17.726085] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 17.726121] kunit_try_run_case+0x1a5/0x480 [ 17.726162] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.726196] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.726240] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.726305] ? __kthread_parkme+0x82/0x180 [ 17.726335] ? preempt_count_sub+0x50/0x80 [ 17.726366] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.726402] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.726436] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.726469] kthread+0x337/0x6f0 [ 17.726495] ? trace_preempt_on+0x20/0xc0 [ 17.726617] ? __pfx_kthread+0x10/0x10 [ 17.726681] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.726743] ? calculate_sigpending+0x7b/0xa0 [ 17.726801] ? __pfx_kthread+0x10/0x10 [ 17.726852] ret_from_fork+0x116/0x1d0 [ 17.726902] ? __pfx_kthread+0x10/0x10 [ 17.726954] ret_from_fork_asm+0x1a/0x30 [ 17.727026] </TASK> [ 17.727056] [ 17.748888] The buggy address belongs to the physical page: [ 17.749431] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a08 [ 17.750314] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.751152] flags: 0x200000000000040(head|node=0|zone=2) [ 17.752221] page_type: f8(unknown) [ 17.752914] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.753738] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.754470] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.755214] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.756000] head: 0200000000000002 ffffea00040a8201 00000000ffffffff 00000000ffffffff [ 17.756867] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.758255] page dumped because: kasan: bad access detected [ 17.759165] [ 17.759678] Memory state around the buggy address: [ 17.760642] ffff888102a07f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.761133] ffff888102a07f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.762021] >ffff888102a08000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.763419] ^ [ 17.763919] ffff888102a08080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.764985] ffff888102a08100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.766141] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 17.674049] ================================================================== [ 17.674871] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 17.675881] Read of size 1 at addr ffff888102618000 by task kunit_try_catch/166 [ 17.677652] [ 17.678299] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 17.678437] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.678476] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.678560] Call Trace: [ 17.678678] <TASK> [ 17.678854] dump_stack_lvl+0x73/0xb0 [ 17.678961] print_report+0xd1/0x650 [ 17.679023] ? __virt_addr_valid+0x1db/0x2d0 [ 17.679084] ? kmalloc_large_uaf+0x2f1/0x340 [ 17.679140] ? kasan_addr_to_slab+0x11/0xa0 [ 17.679191] ? kmalloc_large_uaf+0x2f1/0x340 [ 17.679251] kasan_report+0x141/0x180 [ 17.679308] ? kmalloc_large_uaf+0x2f1/0x340 [ 17.679370] __asan_report_load1_noabort+0x18/0x20 [ 17.679431] kmalloc_large_uaf+0x2f1/0x340 [ 17.679487] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 17.679574] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 17.679674] kunit_try_run_case+0x1a5/0x480 [ 17.679751] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.679790] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.679828] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.679862] ? __kthread_parkme+0x82/0x180 [ 17.679891] ? preempt_count_sub+0x50/0x80 [ 17.679924] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.679959] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.679995] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.680029] kthread+0x337/0x6f0 [ 17.680058] ? trace_preempt_on+0x20/0xc0 [ 17.680093] ? __pfx_kthread+0x10/0x10 [ 17.680122] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.680152] ? calculate_sigpending+0x7b/0xa0 [ 17.680187] ? __pfx_kthread+0x10/0x10 [ 17.680216] ret_from_fork+0x116/0x1d0 [ 17.680282] ? __pfx_kthread+0x10/0x10 [ 17.680316] ret_from_fork_asm+0x1a/0x30 [ 17.680362] </TASK> [ 17.680377] [ 17.701841] The buggy address belongs to the physical page: [ 17.702341] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102618 [ 17.703562] flags: 0x200000000000000(node=0|zone=2) [ 17.704300] raw: 0200000000000000 ffffea0004098708 ffff88815b139f80 0000000000000000 [ 17.704943] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 17.706033] page dumped because: kasan: bad access detected [ 17.706467] [ 17.707188] Memory state around the buggy address: [ 17.707917] ffff888102617f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.708770] ffff888102617f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.709488] >ffff888102618000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.710872] ^ [ 17.711451] ffff888102618080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.712207] ffff888102618100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.712821] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 17.622809] ================================================================== [ 17.623594] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 17.625186] Write of size 1 at addr ffff888102a0a00a by task kunit_try_catch/164 [ 17.625907] [ 17.626203] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 17.626331] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.626367] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.626419] Call Trace: [ 17.626468] <TASK> [ 17.626538] dump_stack_lvl+0x73/0xb0 [ 17.626641] print_report+0xd1/0x650 [ 17.626720] ? __virt_addr_valid+0x1db/0x2d0 [ 17.626793] ? kmalloc_large_oob_right+0x2e9/0x330 [ 17.626869] ? kasan_addr_to_slab+0x11/0xa0 [ 17.626939] ? kmalloc_large_oob_right+0x2e9/0x330 [ 17.627011] kasan_report+0x141/0x180 [ 17.627084] ? kmalloc_large_oob_right+0x2e9/0x330 [ 17.627167] __asan_report_store1_noabort+0x1b/0x30 [ 17.627246] kmalloc_large_oob_right+0x2e9/0x330 [ 17.627305] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 17.627346] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 17.627383] kunit_try_run_case+0x1a5/0x480 [ 17.627423] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.627455] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.627488] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.627569] ? __kthread_parkme+0x82/0x180 [ 17.627626] ? preempt_count_sub+0x50/0x80 [ 17.627688] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.627754] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.627815] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.627881] kthread+0x337/0x6f0 [ 17.627941] ? trace_preempt_on+0x20/0xc0 [ 17.628007] ? __pfx_kthread+0x10/0x10 [ 17.628062] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.628156] ? calculate_sigpending+0x7b/0xa0 [ 17.628242] ? __pfx_kthread+0x10/0x10 [ 17.628305] ret_from_fork+0x116/0x1d0 [ 17.628364] ? __pfx_kthread+0x10/0x10 [ 17.628425] ret_from_fork_asm+0x1a/0x30 [ 17.628517] </TASK> [ 17.628552] [ 17.652146] The buggy address belongs to the physical page: [ 17.653229] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a08 [ 17.654087] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.654836] flags: 0x200000000000040(head|node=0|zone=2) [ 17.655314] page_type: f8(unknown) [ 17.655622] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.656162] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.657474] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.657812] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.658071] head: 0200000000000002 ffffea00040a8201 00000000ffffffff 00000000ffffffff [ 17.658999] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.659928] page dumped because: kasan: bad access detected [ 17.660647] [ 17.660916] Memory state around the buggy address: [ 17.661735] ffff888102a09f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.662415] ffff888102a09f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.662973] >ffff888102a0a000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.663870] ^ [ 17.664196] ffff888102a0a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.664875] ffff888102a0a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.665550] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 17.560192] ================================================================== [ 17.561961] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 17.563137] Write of size 1 at addr ffff888103999f00 by task kunit_try_catch/162 [ 17.564017] [ 17.564582] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 17.564716] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.564754] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.564819] Call Trace: [ 17.564867] <TASK> [ 17.565102] dump_stack_lvl+0x73/0xb0 [ 17.565268] print_report+0xd1/0x650 [ 17.565373] ? __virt_addr_valid+0x1db/0x2d0 [ 17.565416] ? kmalloc_big_oob_right+0x316/0x370 [ 17.565451] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.565481] ? kmalloc_big_oob_right+0x316/0x370 [ 17.565551] kasan_report+0x141/0x180 [ 17.565668] ? kmalloc_big_oob_right+0x316/0x370 [ 17.565742] __asan_report_store1_noabort+0x1b/0x30 [ 17.565806] kmalloc_big_oob_right+0x316/0x370 [ 17.565871] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 17.565911] ? __schedule+0x10cc/0x2b60 [ 17.565946] ? __pfx_read_tsc+0x10/0x10 [ 17.565976] ? ktime_get_ts64+0x86/0x230 [ 17.566010] kunit_try_run_case+0x1a5/0x480 [ 17.566048] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.566081] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.566115] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.566147] ? __kthread_parkme+0x82/0x180 [ 17.566175] ? preempt_count_sub+0x50/0x80 [ 17.566209] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.566285] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.566322] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.566357] kthread+0x337/0x6f0 [ 17.566386] ? trace_preempt_on+0x20/0xc0 [ 17.566421] ? __pfx_kthread+0x10/0x10 [ 17.566450] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.566480] ? calculate_sigpending+0x7b/0xa0 [ 17.566551] ? __pfx_kthread+0x10/0x10 [ 17.566626] ret_from_fork+0x116/0x1d0 [ 17.566680] ? __pfx_kthread+0x10/0x10 [ 17.566711] ret_from_fork_asm+0x1a/0x30 [ 17.566755] </TASK> [ 17.566771] [ 17.589937] Allocated by task 162: [ 17.590631] kasan_save_stack+0x45/0x70 [ 17.591275] kasan_save_track+0x18/0x40 [ 17.591706] kasan_save_alloc_info+0x3b/0x50 [ 17.592163] __kasan_kmalloc+0xb7/0xc0 [ 17.592563] __kmalloc_cache_noprof+0x189/0x420 [ 17.593032] kmalloc_big_oob_right+0xa9/0x370 [ 17.593591] kunit_try_run_case+0x1a5/0x480 [ 17.593976] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.594935] kthread+0x337/0x6f0 [ 17.595388] ret_from_fork+0x116/0x1d0 [ 17.596185] ret_from_fork_asm+0x1a/0x30 [ 17.596821] [ 17.597053] The buggy address belongs to the object at ffff888103998000 [ 17.597053] which belongs to the cache kmalloc-8k of size 8192 [ 17.598283] The buggy address is located 0 bytes to the right of [ 17.598283] allocated 7936-byte region [ffff888103998000, ffff888103999f00) [ 17.599858] [ 17.600288] The buggy address belongs to the physical page: [ 17.601050] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103998 [ 17.602010] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.602674] flags: 0x200000000000040(head|node=0|zone=2) [ 17.603375] page_type: f5(slab) [ 17.603917] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 17.604756] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 17.605435] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 17.606708] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 17.607325] head: 0200000000000003 ffffea00040e6601 00000000ffffffff 00000000ffffffff [ 17.608116] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 17.608955] page dumped because: kasan: bad access detected [ 17.609492] [ 17.609936] Memory state around the buggy address: [ 17.610406] ffff888103999e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.611435] ffff888103999e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.612210] >ffff888103999f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.613000] ^ [ 17.613396] ffff888103999f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.614202] ffff88810399a000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.615008] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 17.480151] ================================================================== [ 17.481975] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 17.482931] Write of size 1 at addr ffff888102b80e78 by task kunit_try_catch/160 [ 17.483774] [ 17.484108] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 17.484256] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.484295] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.484353] Call Trace: [ 17.484400] <TASK> [ 17.484451] dump_stack_lvl+0x73/0xb0 [ 17.484574] print_report+0xd1/0x650 [ 17.484656] ? __virt_addr_valid+0x1db/0x2d0 [ 17.484840] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 17.484923] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.484997] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 17.485055] kasan_report+0x141/0x180 [ 17.485092] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 17.485136] __asan_report_store1_noabort+0x1b/0x30 [ 17.485174] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 17.485210] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 17.485285] ? __schedule+0x10cc/0x2b60 [ 17.485326] ? __pfx_read_tsc+0x10/0x10 [ 17.485358] ? ktime_get_ts64+0x86/0x230 [ 17.485395] kunit_try_run_case+0x1a5/0x480 [ 17.485435] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.485470] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.485531] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.485572] ? __kthread_parkme+0x82/0x180 [ 17.485602] ? preempt_count_sub+0x50/0x80 [ 17.485654] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.485693] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.485726] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.485760] kthread+0x337/0x6f0 [ 17.485787] ? trace_preempt_on+0x20/0xc0 [ 17.485821] ? __pfx_kthread+0x10/0x10 [ 17.485850] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.485881] ? calculate_sigpending+0x7b/0xa0 [ 17.485915] ? __pfx_kthread+0x10/0x10 [ 17.485944] ret_from_fork+0x116/0x1d0 [ 17.485969] ? __pfx_kthread+0x10/0x10 [ 17.485997] ret_from_fork_asm+0x1a/0x30 [ 17.486040] </TASK> [ 17.486055] [ 17.505278] Allocated by task 160: [ 17.505720] kasan_save_stack+0x45/0x70 [ 17.506217] kasan_save_track+0x18/0x40 [ 17.506736] kasan_save_alloc_info+0x3b/0x50 [ 17.507300] __kasan_kmalloc+0xb7/0xc0 [ 17.507723] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 17.508292] kmalloc_track_caller_oob_right+0x99/0x520 [ 17.508816] kunit_try_run_case+0x1a5/0x480 [ 17.509308] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.509800] kthread+0x337/0x6f0 [ 17.510302] ret_from_fork+0x116/0x1d0 [ 17.510769] ret_from_fork_asm+0x1a/0x30 [ 17.511151] [ 17.511434] The buggy address belongs to the object at ffff888102b80e00 [ 17.511434] which belongs to the cache kmalloc-128 of size 128 [ 17.512553] The buggy address is located 0 bytes to the right of [ 17.512553] allocated 120-byte region [ffff888102b80e00, ffff888102b80e78) [ 17.513572] [ 17.513846] The buggy address belongs to the physical page: [ 17.514360] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b80 [ 17.515108] flags: 0x200000000000000(node=0|zone=2) [ 17.515627] page_type: f5(slab) [ 17.516049] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.516809] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.517533] page dumped because: kasan: bad access detected [ 17.518079] [ 17.518417] Memory state around the buggy address: [ 17.518842] ffff888102b80d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.519574] ffff888102b80d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.520196] >ffff888102b80e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.520904] ^ [ 17.521462] ffff888102b80e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.522154] ffff888102b80f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.522870] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 17.412356] ================================================================== [ 17.413415] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 17.414940] Read of size 1 at addr ffff8881029dd000 by task kunit_try_catch/158 [ 17.415676] [ 17.415967] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 17.416096] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.416130] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.416184] Call Trace: [ 17.416228] <TASK> [ 17.416277] dump_stack_lvl+0x73/0xb0 [ 17.416385] print_report+0xd1/0x650 [ 17.416465] ? __virt_addr_valid+0x1db/0x2d0 [ 17.416574] ? kmalloc_node_oob_right+0x369/0x3c0 [ 17.416657] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.416737] ? kmalloc_node_oob_right+0x369/0x3c0 [ 17.416825] kasan_report+0x141/0x180 [ 17.416903] ? kmalloc_node_oob_right+0x369/0x3c0 [ 17.416995] __asan_report_load1_noabort+0x18/0x20 [ 17.417078] kmalloc_node_oob_right+0x369/0x3c0 [ 17.417157] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 17.417244] ? __schedule+0x10cc/0x2b60 [ 17.417323] ? __pfx_read_tsc+0x10/0x10 [ 17.417361] ? ktime_get_ts64+0x86/0x230 [ 17.417400] kunit_try_run_case+0x1a5/0x480 [ 17.417444] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.417483] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.417609] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.417707] ? __kthread_parkme+0x82/0x180 [ 17.417772] ? preempt_count_sub+0x50/0x80 [ 17.417839] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.417909] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.417979] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.418046] kthread+0x337/0x6f0 [ 17.418105] ? trace_preempt_on+0x20/0xc0 [ 17.418181] ? __pfx_kthread+0x10/0x10 [ 17.418224] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.418289] ? calculate_sigpending+0x7b/0xa0 [ 17.418333] ? __pfx_kthread+0x10/0x10 [ 17.418365] ret_from_fork+0x116/0x1d0 [ 17.418395] ? __pfx_kthread+0x10/0x10 [ 17.418425] ret_from_fork_asm+0x1a/0x30 [ 17.418472] </TASK> [ 17.418489] [ 17.442524] Allocated by task 158: [ 17.443206] kasan_save_stack+0x45/0x70 [ 17.443735] kasan_save_track+0x18/0x40 [ 17.444020] kasan_save_alloc_info+0x3b/0x50 [ 17.444316] __kasan_kmalloc+0xb7/0xc0 [ 17.444659] __kmalloc_cache_node_noprof+0x188/0x420 [ 17.445487] kmalloc_node_oob_right+0xab/0x3c0 [ 17.446609] kunit_try_run_case+0x1a5/0x480 [ 17.447404] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.447805] kthread+0x337/0x6f0 [ 17.448197] ret_from_fork+0x116/0x1d0 [ 17.449594] ret_from_fork_asm+0x1a/0x30 [ 17.450205] [ 17.450937] The buggy address belongs to the object at ffff8881029dc000 [ 17.450937] which belongs to the cache kmalloc-4k of size 4096 [ 17.453313] The buggy address is located 0 bytes to the right of [ 17.453313] allocated 4096-byte region [ffff8881029dc000, ffff8881029dd000) [ 17.454833] [ 17.455210] The buggy address belongs to the physical page: [ 17.456025] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029d8 [ 17.457089] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.458143] flags: 0x200000000000040(head|node=0|zone=2) [ 17.458928] page_type: f5(slab) [ 17.459838] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 17.461201] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 17.462236] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 17.462995] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 17.464014] head: 0200000000000003 ffffea00040a7601 00000000ffffffff 00000000ffffffff [ 17.464856] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 17.465737] page dumped because: kasan: bad access detected [ 17.466137] [ 17.466369] Memory state around the buggy address: [ 17.466805] ffff8881029dcf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.467401] ffff8881029dcf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.469425] >ffff8881029dd000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.470148] ^ [ 17.470842] ffff8881029dd080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.471358] ffff8881029dd100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.472956] ==================================================================
Failure - log-parser-boot - exception-drm-kunit-mock-device-drm_gem_shmem_test_get_pages_sgtdrm-kunit-mock-device-drm-drm_warn_onrefcount_readshmem-pages_pin_count
------------[ cut here ]------------ [ 215.280794] drm-kunit-mock-device drm_gem_shmem_test_get_pages_sgt.drm-kunit-mock-device: [drm] drm_WARN_ON(refcount_read(&shmem->pages_pin_count)) [ 215.281221] WARNING: CPU: 0 PID: 2618 at drivers/gpu/drm/drm_gem_shmem_helper.c:180 drm_gem_shmem_free+0x3ed/0x6c0 [ 215.284946] Modules linked in: [ 215.285481] CPU: 0 UID: 0 PID: 2618 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 215.286845] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 215.287564] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 215.289284] RIP: 0010:drm_gem_shmem_free+0x3ed/0x6c0 [ 215.289971] Code: 85 f6 0f 84 ba 01 00 00 4c 89 e7 e8 5d 27 80 00 48 c7 c1 c0 04 1f b3 4c 89 f2 48 c7 c7 80 01 1f b3 48 89 c6 e8 34 f8 73 fe 90 <0f> 0b 90 90 e9 09 ff ff ff 90 48 b8 00 00 00 00 00 fc ff df 48 8d [ 215.291451] RSP: 0000:ffff8881028cfd18 EFLAGS: 00010286 [ 215.292321] RAX: 0000000000000000 RBX: ffff888104397800 RCX: 1ffffffff67e4c5c [ 215.293590] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 215.294412] RBP: ffff8881028cfd48 R08: 0000000000000000 R09: fffffbfff67e4c5c [ 215.295865] R10: 0000000000000003 R11: 0000000000038a98 R12: ffff8881028ae800 [ 215.296483] R13: ffff8881043978f8 R14: ffff88810a920e80 R15: ffff8881003c7b40 [ 215.297342] FS: 0000000000000000(0000) GS:ffff8881a5e5f000(0000) knlGS:0000000000000000 [ 215.298694] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 215.299148] CR2: 00007ffff7ffe000 CR3: 000000003f4bc000 CR4: 00000000000006f0 [ 215.299583] DR0: ffffffffb5265440 DR1: ffffffffb5265441 DR2: ffffffffb5265442 [ 215.300792] DR3: ffffffffb5265443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 215.301414] Call Trace: [ 215.301988] <TASK> [ 215.302279] ? trace_preempt_on+0x20/0xc0 [ 215.303190] ? __pfx_drm_gem_shmem_free_wrapper+0x10/0x10 [ 215.303578] drm_gem_shmem_free_wrapper+0x12/0x20 [ 215.304831] __kunit_action_free+0x57/0x70 [ 215.305921] kunit_remove_resource+0x133/0x200 [ 215.306710] ? preempt_count_sub+0x50/0x80 [ 215.307122] kunit_cleanup+0x7a/0x120 [ 215.307578] kunit_try_run_case_cleanup+0xbd/0xf0 [ 215.308395] ? __pfx_kunit_try_run_case_cleanup+0x10/0x10 [ 215.309767] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 215.310291] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 215.311108] kthread+0x337/0x6f0 [ 215.311470] ? trace_preempt_on+0x20/0xc0 [ 215.313033] ? __pfx_kthread+0x10/0x10 [ 215.313772] ? _raw_spin_unlock_irq+0x47/0x80 [ 215.314204] ? calculate_sigpending+0x7b/0xa0 [ 215.314612] ? __pfx_kthread+0x10/0x10 [ 215.315270] ret_from_fork+0x116/0x1d0 [ 215.315673] ? __pfx_kthread+0x10/0x10 [ 215.316610] ret_from_fork_asm+0x1a/0x30 [ 215.317923] </TASK> [ 215.318250] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 214.996425] WARNING: CPU: 1 PID: 2599 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 214.997913] Modules linked in: [ 214.998397] CPU: 1 UID: 0 PID: 2599 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 214.999229] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 214.999965] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 215.001040] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 215.001761] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 215.003899] RSP: 0000:ffff8881026e7b30 EFLAGS: 00010246 [ 215.004427] RAX: dffffc0000000000 RBX: ffff8881026e7c28 RCX: 0000000000000000 [ 215.005096] RDX: 1ffff110204dcf8e RSI: ffff8881026e7c28 RDI: ffff8881026e7c70 [ 215.005929] RBP: ffff8881026e7b70 R08: ffff8881028d6000 R09: ffffffffb31e07e0 [ 215.007169] R10: 0000000000000003 R11: 0000000093b42265 R12: ffff8881028d6000 [ 215.007805] R13: ffff8881003c7ae8 R14: ffff8881026e7ba8 R15: 0000000000000000 [ 215.008372] FS: 0000000000000000(0000) GS:ffff8881a5f5f000(0000) knlGS:0000000000000000 [ 215.009280] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 215.009853] CR2: 00007ffff7ffe000 CR3: 000000003f4bc000 CR4: 00000000000006f0 [ 215.010726] DR0: ffffffffb5265440 DR1: ffffffffb5265441 DR2: ffffffffb5265443 [ 215.011478] DR3: ffffffffb5265445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 215.012656] Call Trace: [ 215.013176] <TASK> [ 215.013603] ? add_dr+0xc1/0x1d0 [ 215.014536] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 215.015161] ? add_dr+0x148/0x1d0 [ 215.015698] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 215.016298] ? __drmm_add_action+0x1a4/0x280 [ 215.016986] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 215.017540] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 215.018256] ? __drmm_add_action_or_reset+0x22/0x50 [ 215.019017] ? __schedule+0x10cc/0x2b60 [ 215.019534] ? __pfx_read_tsc+0x10/0x10 [ 215.020133] ? ktime_get_ts64+0x86/0x230 [ 215.020983] kunit_try_run_case+0x1a5/0x480 [ 215.021558] ? __pfx_kunit_try_run_case+0x10/0x10 [ 215.022115] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 215.022805] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 215.023308] ? __kthread_parkme+0x82/0x180 [ 215.023936] ? preempt_count_sub+0x50/0x80 [ 215.024437] ? __pfx_kunit_try_run_case+0x10/0x10 [ 215.025231] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 215.026267] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 215.026992] kthread+0x337/0x6f0 [ 215.027486] ? trace_preempt_on+0x20/0xc0 [ 215.028046] ? __pfx_kthread+0x10/0x10 [ 215.028666] ? _raw_spin_unlock_irq+0x47/0x80 [ 215.029290] ? calculate_sigpending+0x7b/0xa0 [ 215.030047] ? __pfx_kthread+0x10/0x10 [ 215.030510] ret_from_fork+0x116/0x1d0 [ 215.031227] ? __pfx_kthread+0x10/0x10 [ 215.031877] ret_from_fork_asm+0x1a/0x30 [ 215.032413] </TASK> [ 215.032950] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 214.927744] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 214.929021] WARNING: CPU: 0 PID: 2595 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 214.932059] Modules linked in: [ 214.932835] CPU: 0 UID: 0 PID: 2595 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 214.933965] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 214.934605] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 214.935588] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 214.936707] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 8b 41 87 00 48 c7 c1 a0 b7 1d b3 4c 89 fa 48 c7 c7 00 b8 1d b3 48 89 c6 e8 62 12 7b fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 214.938127] RSP: 0000:ffff88810293fb68 EFLAGS: 00010282 [ 214.938995] RAX: 0000000000000000 RBX: ffff88810293fc40 RCX: 1ffffffff67e4c5c [ 214.939402] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 214.940669] RBP: ffff88810293fb90 R08: 0000000000000000 R09: fffffbfff67e4c5c [ 214.942031] R10: 0000000000000003 R11: 0000000000037330 R12: ffff88810293fc18 [ 214.943308] R13: ffff8881028a9800 R14: ffff8881020e3000 R15: ffff888107448900 [ 214.943890] FS: 0000000000000000(0000) GS:ffff8881a5e5f000(0000) knlGS:0000000000000000 [ 214.944779] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 214.945133] CR2: 00007ffff7ffe000 CR3: 000000003f4bc000 CR4: 00000000000006f0 [ 214.945614] DR0: ffffffffb5265440 DR1: ffffffffb5265441 DR2: ffffffffb5265442 [ 214.946191] DR3: ffffffffb5265443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 214.946615] Call Trace: [ 214.946848] <TASK> [ 214.947096] drm_test_framebuffer_free+0x1ab/0x610 [ 214.947967] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 214.948316] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 214.948693] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 214.949240] ? __drmm_add_action_or_reset+0x22/0x50 [ 214.949761] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 214.950365] kunit_try_run_case+0x1a5/0x480 [ 214.951270] ? __pfx_kunit_try_run_case+0x10/0x10 [ 214.951815] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 214.952253] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 214.953159] ? __kthread_parkme+0x82/0x180 [ 214.953759] ? preempt_count_sub+0x50/0x80 [ 214.954199] ? __pfx_kunit_try_run_case+0x10/0x10 [ 214.954628] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 214.956323] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 214.956829] kthread+0x337/0x6f0 [ 214.957143] ? trace_preempt_on+0x20/0xc0 [ 214.958109] ? __pfx_kthread+0x10/0x10 [ 214.958584] ? _raw_spin_unlock_irq+0x47/0x80 [ 214.959387] ? calculate_sigpending+0x7b/0xa0 [ 214.959730] ? __pfx_kthread+0x10/0x10 [ 214.960026] ret_from_fork+0x116/0x1d0 [ 214.960917] ? __pfx_kthread+0x10/0x10 [ 214.962296] ret_from_fork_asm+0x1a/0x30 [ 214.962808] </TASK> [ 214.963227] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 211.921368] WARNING: CPU: 0 PID: 2033 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 211.922456] Modules linked in: [ 211.923160] CPU: 0 UID: 0 PID: 2033 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 211.926690] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 211.927740] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 211.928250] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 211.929139] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d c3 cc cc cc cc 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d e9 90 0b 26 02 48 89 df e8 68 [ 211.934422] RSP: 0000:ffff88810a587c90 EFLAGS: 00010246 [ 211.935579] RAX: dffffc0000000000 RBX: ffff88810a958000 RCX: 0000000000000000 [ 211.936589] RDX: 1ffff1102152b032 RSI: ffffffffb0442758 RDI: ffff88810a958190 [ 211.937728] RBP: ffff88810a587ca0 R08: 1ffff11020078f69 R09: ffffed10214b0f65 [ 211.940744] R10: 0000000000000003 R11: ffffffffaee049da R12: 0000000000000000 [ 211.941288] R13: ffff88810a587d38 R14: ffff8881003c7c50 R15: ffff8881003c7c58 [ 211.942249] FS: 0000000000000000(0000) GS:ffff8881a5e5f000(0000) knlGS:0000000000000000 [ 211.943178] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 211.943703] CR2: 00007ffff7ffe000 CR3: 000000003f4bc000 CR4: 00000000000006f0 [ 211.944722] DR0: ffffffffb5265440 DR1: ffffffffb5265441 DR2: ffffffffb5265442 [ 211.945335] DR3: ffffffffb5265443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 211.946455] Call Trace: [ 211.946909] <TASK> [ 211.947235] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 211.947953] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 211.949175] ? __schedule+0x10cc/0x2b60 [ 211.949725] ? __pfx_read_tsc+0x10/0x10 [ 211.950536] ? ktime_get_ts64+0x86/0x230 [ 211.951004] kunit_try_run_case+0x1a5/0x480 [ 211.951535] ? __pfx_kunit_try_run_case+0x10/0x10 [ 211.952112] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 211.952759] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 211.953556] ? __kthread_parkme+0x82/0x180 [ 211.954433] ? preempt_count_sub+0x50/0x80 [ 211.955133] ? __pfx_kunit_try_run_case+0x10/0x10 [ 211.956033] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 211.956537] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 211.957425] kthread+0x337/0x6f0 [ 211.957985] ? trace_preempt_on+0x20/0xc0 [ 211.958487] ? __pfx_kthread+0x10/0x10 [ 211.959060] ? _raw_spin_unlock_irq+0x47/0x80 [ 211.959697] ? calculate_sigpending+0x7b/0xa0 [ 211.960270] ? __pfx_kthread+0x10/0x10 [ 211.960725] ret_from_fork+0x116/0x1d0 [ 211.961178] ? __pfx_kthread+0x10/0x10 [ 211.962041] ret_from_fork_asm+0x1a/0x30 [ 211.962533] </TASK> [ 211.962942] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 211.773946] WARNING: CPU: 0 PID: 2025 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 211.775425] Modules linked in: [ 211.776003] CPU: 0 UID: 0 PID: 2025 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 211.777544] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 211.778166] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 211.778982] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 211.779714] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d c3 cc cc cc cc 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d e9 90 0b 26 02 48 89 df e8 68 [ 211.781148] RSP: 0000:ffff88810a747c90 EFLAGS: 00010246 [ 211.781802] RAX: dffffc0000000000 RBX: ffff88810a5b6000 RCX: 0000000000000000 [ 211.782400] RDX: 1ffff110214b6c32 RSI: ffffffffb0442758 RDI: ffff88810a5b6190 [ 211.782925] RBP: ffff88810a747ca0 R08: 1ffff11020078f69 R09: ffffed10214e8f65 [ 211.783694] R10: 0000000000000003 R11: ffffffffaf9861a8 R12: 0000000000000000 [ 211.784299] R13: ffff88810a747d38 R14: ffff8881003c7c50 R15: ffff8881003c7c58 [ 211.784955] FS: 0000000000000000(0000) GS:ffff8881a5e5f000(0000) knlGS:0000000000000000 [ 211.785802] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 211.786401] CR2: 00007ffff7ffe000 CR3: 000000003f4bc000 CR4: 00000000000006f0 [ 211.787121] DR0: ffffffffb5265440 DR1: ffffffffb5265441 DR2: ffffffffb5265442 [ 211.787748] DR3: ffffffffb5265443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 211.788419] Call Trace: [ 211.788844] <TASK> [ 211.789224] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 211.789936] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 211.790792] ? __schedule+0x10cc/0x2b60 [ 211.791278] ? __pfx_read_tsc+0x10/0x10 [ 211.791875] ? ktime_get_ts64+0x86/0x230 [ 211.792301] kunit_try_run_case+0x1a5/0x480 [ 211.792906] ? __pfx_kunit_try_run_case+0x10/0x10 [ 211.793427] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 211.794028] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 211.794538] ? __kthread_parkme+0x82/0x180 [ 211.795147] ? preempt_count_sub+0x50/0x80 [ 211.795694] ? __pfx_kunit_try_run_case+0x10/0x10 [ 211.796238] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 211.796935] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 211.797735] kthread+0x337/0x6f0 [ 211.798179] ? trace_preempt_on+0x20/0xc0 [ 211.798787] ? __pfx_kthread+0x10/0x10 [ 211.799231] ? _raw_spin_unlock_irq+0x47/0x80 [ 211.799779] ? calculate_sigpending+0x7b/0xa0 [ 211.800317] ? __pfx_kthread+0x10/0x10 [ 211.800909] ret_from_fork+0x116/0x1d0 [ 211.801343] ? __pfx_kthread+0x10/0x10 [ 211.802344] ret_from_fork_asm+0x1a/0x30 [ 211.803043] </TASK> [ 211.803312] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 159.947754] WARNING: CPU: 1 PID: 722 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 159.949370] Modules linked in: [ 159.950128] CPU: 1 UID: 0 PID: 722 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 159.951176] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 159.951988] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 159.953302] RIP: 0010:intlog10+0x2a/0x40 [ 159.954374] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 159.956940] RSP: 0000:ffff888107dffcb0 EFLAGS: 00010246 [ 159.958078] RAX: 0000000000000000 RBX: ffff8881003c7ae8 RCX: 1ffff11020fbffb4 [ 159.959085] RDX: 1ffffffff6613dd4 RSI: 1ffff11020fbffb3 RDI: 0000000000000000 [ 159.959781] RBP: ffff888107dffd60 R08: 0000000000000000 R09: ffffed1020224440 [ 159.960485] R10: ffff888101122207 R11: 0000000000000000 R12: 1ffff11020fbff97 [ 159.962681] R13: ffffffffb309eea0 R14: 0000000000000000 R15: ffff888107dffd38 [ 159.963242] FS: 0000000000000000(0000) GS:ffff8881a5f5f000(0000) knlGS:0000000000000000 [ 159.964039] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 159.964590] CR2: dffffc0000000000 CR3: 000000003f4bc000 CR4: 00000000000006f0 [ 159.965504] DR0: ffffffffb5265440 DR1: ffffffffb5265441 DR2: ffffffffb5265443 [ 159.965908] DR3: ffffffffb5265445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 159.966315] Call Trace: [ 159.967198] <TASK> [ 159.967439] ? intlog10_test+0xf2/0x220 [ 159.968034] ? __pfx_intlog10_test+0x10/0x10 [ 159.968436] ? __schedule+0x10cc/0x2b60 [ 159.969064] ? __pfx_read_tsc+0x10/0x10 [ 159.969661] ? ktime_get_ts64+0x86/0x230 [ 159.970333] kunit_try_run_case+0x1a5/0x480 [ 159.971013] ? __pfx_kunit_try_run_case+0x10/0x10 [ 159.971538] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 159.974242] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 159.974952] ? __kthread_parkme+0x82/0x180 [ 159.975790] ? preempt_count_sub+0x50/0x80 [ 159.976513] ? __pfx_kunit_try_run_case+0x10/0x10 [ 159.976882] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 159.977257] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 159.977669] kthread+0x337/0x6f0 [ 159.979096] ? trace_preempt_on+0x20/0xc0 [ 159.980034] ? __pfx_kthread+0x10/0x10 [ 159.980626] ? _raw_spin_unlock_irq+0x47/0x80 [ 159.981038] ? calculate_sigpending+0x7b/0xa0 [ 159.981513] ? __pfx_kthread+0x10/0x10 [ 159.981936] ret_from_fork+0x116/0x1d0 [ 159.982306] ? __pfx_kthread+0x10/0x10 [ 159.984501] ret_from_fork_asm+0x1a/0x30 [ 159.984987] </TASK> [ 159.985667] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 159.844797] WARNING: CPU: 1 PID: 704 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 159.847194] Modules linked in: [ 159.848746] CPU: 1 UID: 0 PID: 704 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc1 #1 PREEMPT(voluntary) [ 159.849631] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 159.850062] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 159.851259] RIP: 0010:intlog2+0xdf/0x110 [ 159.851996] Code: 09 b3 c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d e9 d2 8b 86 02 90 <0f> 0b 90 31 c0 e9 c7 8b 86 02 89 45 e4 e8 ff 20 52 ff 8b 45 e4 eb [ 159.853858] RSP: 0000:ffff8881085ffcb0 EFLAGS: 00010246 [ 159.854506] RAX: 0000000000000000 RBX: ffff8881003c7ae8 RCX: 1ffff110210bffb4 [ 159.855295] RDX: 1ffffffff6613e28 RSI: 1ffff110210bffb3 RDI: 0000000000000000 [ 159.856231] RBP: ffff8881085ffd60 R08: 0000000000000000 R09: ffffed102034bf20 [ 159.857096] R10: ffff888101a5f907 R11: 0000000000000000 R12: 1ffff110210bff97 [ 159.857862] R13: ffffffffb309f140 R14: 0000000000000000 R15: ffff8881085ffd38 [ 159.858603] FS: 0000000000000000(0000) GS:ffff8881a5f5f000(0000) knlGS:0000000000000000 [ 159.859395] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 159.860469] CR2: dffffc0000000000 CR3: 000000003f4bc000 CR4: 00000000000006f0 [ 159.861714] DR0: ffffffffb5265440 DR1: ffffffffb5265441 DR2: ffffffffb5265443 [ 159.862288] DR3: ffffffffb5265445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 159.863283] Call Trace: [ 159.863626] <TASK> [ 159.864046] ? intlog2_test+0xf2/0x220 [ 159.864755] ? __pfx_intlog2_test+0x10/0x10 [ 159.865259] ? __schedule+0x10cc/0x2b60 [ 159.865883] ? __pfx_read_tsc+0x10/0x10 [ 159.866414] ? ktime_get_ts64+0x86/0x230 [ 159.867107] kunit_try_run_case+0x1a5/0x480 [ 159.867643] ? __pfx_kunit_try_run_case+0x10/0x10 [ 159.868086] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 159.868561] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 159.869080] ? __kthread_parkme+0x82/0x180 [ 159.870070] ? preempt_count_sub+0x50/0x80 [ 159.870736] ? __pfx_kunit_try_run_case+0x10/0x10 [ 159.871195] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 159.871917] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 159.872524] kthread+0x337/0x6f0 [ 159.873072] ? trace_preempt_on+0x20/0xc0 [ 159.873805] ? __pfx_kthread+0x10/0x10 [ 159.874251] ? _raw_spin_unlock_irq+0x47/0x80 [ 159.874848] ? calculate_sigpending+0x7b/0xa0 [ 159.875372] ? __pfx_kthread+0x10/0x10 [ 159.875959] ret_from_fork+0x116/0x1d0 [ 159.876464] ? __pfx_kthread+0x10/0x10 [ 159.877077] ret_from_fork_asm+0x1a/0x30 [ 159.877754] </TASK> [ 159.878104] ---[ end trace 0000000000000000 ]---