Date
July 3, 2025, 11:10 p.m.
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 11.694272] ================================================================== [ 11.694717] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 11.694954] Write of size 16 at addr ffff8881027a9e69 by task kunit_try_catch/195 [ 11.695366] [ 11.695596] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.695639] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.695650] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.695680] Call Trace: [ 11.695692] <TASK> [ 11.695705] dump_stack_lvl+0x73/0xb0 [ 11.695731] print_report+0xd1/0x650 [ 11.695752] ? __virt_addr_valid+0x1db/0x2d0 [ 11.695775] ? kmalloc_oob_memset_16+0x166/0x330 [ 11.695795] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.695816] ? kmalloc_oob_memset_16+0x166/0x330 [ 11.695836] kasan_report+0x141/0x180 [ 11.695857] ? kmalloc_oob_memset_16+0x166/0x330 [ 11.695883] kasan_check_range+0x10c/0x1c0 [ 11.695935] __asan_memset+0x27/0x50 [ 11.695954] kmalloc_oob_memset_16+0x166/0x330 [ 11.695975] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 11.696030] ? __schedule+0x10cc/0x2b60 [ 11.696051] ? __pfx_read_tsc+0x10/0x10 [ 11.696070] ? ktime_get_ts64+0x86/0x230 [ 11.696106] kunit_try_run_case+0x1a5/0x480 [ 11.696137] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.696158] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.696180] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.696201] ? __kthread_parkme+0x82/0x180 [ 11.696245] ? preempt_count_sub+0x50/0x80 [ 11.696268] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.696290] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.696324] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.696346] kthread+0x337/0x6f0 [ 11.696364] ? trace_preempt_on+0x20/0xc0 [ 11.696387] ? __pfx_kthread+0x10/0x10 [ 11.696406] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.696425] ? calculate_sigpending+0x7b/0xa0 [ 11.696447] ? __pfx_kthread+0x10/0x10 [ 11.696467] ret_from_fork+0x116/0x1d0 [ 11.696484] ? __pfx_kthread+0x10/0x10 [ 11.696503] ret_from_fork_asm+0x1a/0x30 [ 11.696532] </TASK> [ 11.696543] [ 11.710149] Allocated by task 195: [ 11.710466] kasan_save_stack+0x45/0x70 [ 11.710899] kasan_save_track+0x18/0x40 [ 11.711327] kasan_save_alloc_info+0x3b/0x50 [ 11.711731] __kasan_kmalloc+0xb7/0xc0 [ 11.712103] __kmalloc_cache_noprof+0x189/0x420 [ 11.712591] kmalloc_oob_memset_16+0xac/0x330 [ 11.713135] kunit_try_run_case+0x1a5/0x480 [ 11.713641] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.713933] kthread+0x337/0x6f0 [ 11.714057] ret_from_fork+0x116/0x1d0 [ 11.714362] ret_from_fork_asm+0x1a/0x30 [ 11.714820] [ 11.714990] The buggy address belongs to the object at ffff8881027a9e00 [ 11.714990] which belongs to the cache kmalloc-128 of size 128 [ 11.716261] The buggy address is located 105 bytes inside of [ 11.716261] allocated 120-byte region [ffff8881027a9e00, ffff8881027a9e78) [ 11.717040] [ 11.717112] The buggy address belongs to the physical page: [ 11.717287] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a9 [ 11.717530] flags: 0x200000000000000(node=0|zone=2) [ 11.717686] page_type: f5(slab) [ 11.717854] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.718205] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.718537] page dumped because: kasan: bad access detected [ 11.718703] [ 11.718771] Memory state around the buggy address: [ 11.719029] ffff8881027a9d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.719438] ffff8881027a9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.719868] >ffff8881027a9e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.720238] ^ [ 11.720724] ffff8881027a9e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.721041] ffff8881027a9f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.721319] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 11.668014] ================================================================== [ 11.668526] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 11.668956] Write of size 8 at addr ffff888103173e71 by task kunit_try_catch/193 [ 11.669456] [ 11.669551] CPU: 0 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.669595] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.669606] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.669626] Call Trace: [ 11.669743] <TASK> [ 11.669816] dump_stack_lvl+0x73/0xb0 [ 11.669848] print_report+0xd1/0x650 [ 11.669870] ? __virt_addr_valid+0x1db/0x2d0 [ 11.669893] ? kmalloc_oob_memset_8+0x166/0x330 [ 11.669915] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.669936] ? kmalloc_oob_memset_8+0x166/0x330 [ 11.669957] kasan_report+0x141/0x180 [ 11.669978] ? kmalloc_oob_memset_8+0x166/0x330 [ 11.670004] kasan_check_range+0x10c/0x1c0 [ 11.670026] __asan_memset+0x27/0x50 [ 11.670045] kmalloc_oob_memset_8+0x166/0x330 [ 11.670067] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 11.670088] ? __schedule+0x10cc/0x2b60 [ 11.670110] ? __pfx_read_tsc+0x10/0x10 [ 11.670144] ? ktime_get_ts64+0x86/0x230 [ 11.670170] kunit_try_run_case+0x1a5/0x480 [ 11.670194] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.670215] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.670238] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.670260] ? __kthread_parkme+0x82/0x180 [ 11.670280] ? preempt_count_sub+0x50/0x80 [ 11.670304] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.670326] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.670348] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.670370] kthread+0x337/0x6f0 [ 11.670389] ? trace_preempt_on+0x20/0xc0 [ 11.670412] ? __pfx_kthread+0x10/0x10 [ 11.670432] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.670451] ? calculate_sigpending+0x7b/0xa0 [ 11.670474] ? __pfx_kthread+0x10/0x10 [ 11.670495] ret_from_fork+0x116/0x1d0 [ 11.670517] ? __pfx_kthread+0x10/0x10 [ 11.670537] ret_from_fork_asm+0x1a/0x30 [ 11.670567] </TASK> [ 11.670578] [ 11.680524] Allocated by task 193: [ 11.680699] kasan_save_stack+0x45/0x70 [ 11.681082] kasan_save_track+0x18/0x40 [ 11.681367] kasan_save_alloc_info+0x3b/0x50 [ 11.681759] __kasan_kmalloc+0xb7/0xc0 [ 11.681948] __kmalloc_cache_noprof+0x189/0x420 [ 11.682160] kmalloc_oob_memset_8+0xac/0x330 [ 11.682600] kunit_try_run_case+0x1a5/0x480 [ 11.682833] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.683066] kthread+0x337/0x6f0 [ 11.683440] ret_from_fork+0x116/0x1d0 [ 11.683752] ret_from_fork_asm+0x1a/0x30 [ 11.683936] [ 11.684023] The buggy address belongs to the object at ffff888103173e00 [ 11.684023] which belongs to the cache kmalloc-128 of size 128 [ 11.684894] The buggy address is located 113 bytes inside of [ 11.684894] allocated 120-byte region [ffff888103173e00, ffff888103173e78) [ 11.685666] [ 11.685756] The buggy address belongs to the physical page: [ 11.686102] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103173 [ 11.686744] flags: 0x200000000000000(node=0|zone=2) [ 11.686964] page_type: f5(slab) [ 11.687090] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.687752] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.688136] page dumped because: kasan: bad access detected [ 11.688403] [ 11.688493] Memory state around the buggy address: [ 11.688907] ffff888103173d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.689333] ffff888103173d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.689691] >ffff888103173e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.690009] ^ [ 11.690606] ffff888103173e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.691074] ffff888103173f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.691421] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 11.633292] ================================================================== [ 11.635339] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 11.637238] Write of size 4 at addr ffff888103173d75 by task kunit_try_catch/191 [ 11.637487] [ 11.637586] CPU: 0 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.637632] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.637643] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.637664] Call Trace: [ 11.637677] <TASK> [ 11.637693] dump_stack_lvl+0x73/0xb0 [ 11.637725] print_report+0xd1/0x650 [ 11.637748] ? __virt_addr_valid+0x1db/0x2d0 [ 11.637771] ? kmalloc_oob_memset_4+0x166/0x330 [ 11.637791] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.637812] ? kmalloc_oob_memset_4+0x166/0x330 [ 11.637833] kasan_report+0x141/0x180 [ 11.637854] ? kmalloc_oob_memset_4+0x166/0x330 [ 11.637879] kasan_check_range+0x10c/0x1c0 [ 11.637901] __asan_memset+0x27/0x50 [ 11.637919] kmalloc_oob_memset_4+0x166/0x330 [ 11.637939] ? __kasan_check_write+0x18/0x20 [ 11.637957] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 11.637979] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 11.638003] ? __pfx_read_tsc+0x10/0x10 [ 11.638024] ? ktime_get_ts64+0x86/0x230 [ 11.638049] kunit_try_run_case+0x1a5/0x480 [ 11.638073] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.638094] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 11.638114] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.638147] ? __kthread_parkme+0x82/0x180 [ 11.638168] ? preempt_count_sub+0x50/0x80 [ 11.638192] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.638215] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.638236] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.638258] kthread+0x337/0x6f0 [ 11.638276] ? trace_preempt_on+0x20/0xc0 [ 11.638299] ? __pfx_kthread+0x10/0x10 [ 11.638319] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.638338] ? calculate_sigpending+0x7b/0xa0 [ 11.638361] ? __pfx_kthread+0x10/0x10 [ 11.638381] ret_from_fork+0x116/0x1d0 [ 11.638398] ? __pfx_kthread+0x10/0x10 [ 11.638418] ret_from_fork_asm+0x1a/0x30 [ 11.638447] </TASK> [ 11.638458] [ 11.654342] Allocated by task 191: [ 11.654797] kasan_save_stack+0x45/0x70 [ 11.655380] kasan_save_track+0x18/0x40 [ 11.655732] kasan_save_alloc_info+0x3b/0x50 [ 11.655894] __kasan_kmalloc+0xb7/0xc0 [ 11.656028] __kmalloc_cache_noprof+0x189/0x420 [ 11.656435] kmalloc_oob_memset_4+0xac/0x330 [ 11.656751] kunit_try_run_case+0x1a5/0x480 [ 11.657162] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.657568] kthread+0x337/0x6f0 [ 11.657734] ret_from_fork+0x116/0x1d0 [ 11.657907] ret_from_fork_asm+0x1a/0x30 [ 11.658088] [ 11.658504] The buggy address belongs to the object at ffff888103173d00 [ 11.658504] which belongs to the cache kmalloc-128 of size 128 [ 11.659247] The buggy address is located 117 bytes inside of [ 11.659247] allocated 120-byte region [ffff888103173d00, ffff888103173d78) [ 11.660051] [ 11.660318] The buggy address belongs to the physical page: [ 11.660662] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103173 [ 11.660945] flags: 0x200000000000000(node=0|zone=2) [ 11.661195] page_type: f5(slab) [ 11.661354] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.661650] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.662100] page dumped because: kasan: bad access detected [ 11.662336] [ 11.662430] Memory state around the buggy address: [ 11.662647] ffff888103173c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.663032] ffff888103173c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.663411] >ffff888103173d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.663655] ^ [ 11.663938] ffff888103173d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.664189] ffff888103173e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.664631] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 11.605633] ================================================================== [ 11.606017] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 11.606633] Write of size 2 at addr ffff8881027a9d77 by task kunit_try_catch/189 [ 11.607336] [ 11.607522] CPU: 1 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.607565] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.607576] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.607597] Call Trace: [ 11.607608] <TASK> [ 11.607622] dump_stack_lvl+0x73/0xb0 [ 11.607651] print_report+0xd1/0x650 [ 11.607673] ? __virt_addr_valid+0x1db/0x2d0 [ 11.607696] ? kmalloc_oob_memset_2+0x166/0x330 [ 11.607716] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.607736] ? kmalloc_oob_memset_2+0x166/0x330 [ 11.607766] kasan_report+0x141/0x180 [ 11.607790] ? kmalloc_oob_memset_2+0x166/0x330 [ 11.607815] kasan_check_range+0x10c/0x1c0 [ 11.607838] __asan_memset+0x27/0x50 [ 11.607857] kmalloc_oob_memset_2+0x166/0x330 [ 11.607879] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 11.607900] ? __schedule+0x10cc/0x2b60 [ 11.607922] ? __pfx_read_tsc+0x10/0x10 [ 11.607943] ? ktime_get_ts64+0x86/0x230 [ 11.607967] kunit_try_run_case+0x1a5/0x480 [ 11.607991] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.608012] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.608034] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.608055] ? __kthread_parkme+0x82/0x180 [ 11.608075] ? preempt_count_sub+0x50/0x80 [ 11.608098] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.608120] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.608150] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.608172] kthread+0x337/0x6f0 [ 11.608190] ? trace_preempt_on+0x20/0xc0 [ 11.608214] ? __pfx_kthread+0x10/0x10 [ 11.608234] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.608255] ? calculate_sigpending+0x7b/0xa0 [ 11.608278] ? __pfx_kthread+0x10/0x10 [ 11.608298] ret_from_fork+0x116/0x1d0 [ 11.608315] ? __pfx_kthread+0x10/0x10 [ 11.608334] ret_from_fork_asm+0x1a/0x30 [ 11.608363] </TASK> [ 11.608373] [ 11.619786] Allocated by task 189: [ 11.619934] kasan_save_stack+0x45/0x70 [ 11.620082] kasan_save_track+0x18/0x40 [ 11.620482] kasan_save_alloc_info+0x3b/0x50 [ 11.620907] __kasan_kmalloc+0xb7/0xc0 [ 11.621241] __kmalloc_cache_noprof+0x189/0x420 [ 11.621689] kmalloc_oob_memset_2+0xac/0x330 [ 11.622048] kunit_try_run_case+0x1a5/0x480 [ 11.622289] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.622845] kthread+0x337/0x6f0 [ 11.623168] ret_from_fork+0x116/0x1d0 [ 11.623450] ret_from_fork_asm+0x1a/0x30 [ 11.623638] [ 11.623708] The buggy address belongs to the object at ffff8881027a9d00 [ 11.623708] which belongs to the cache kmalloc-128 of size 128 [ 11.624064] The buggy address is located 119 bytes inside of [ 11.624064] allocated 120-byte region [ffff8881027a9d00, ffff8881027a9d78) [ 11.624661] [ 11.624751] The buggy address belongs to the physical page: [ 11.625019] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a9 [ 11.625382] flags: 0x200000000000000(node=0|zone=2) [ 11.625609] page_type: f5(slab) [ 11.625831] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.626156] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.626385] page dumped because: kasan: bad access detected [ 11.626713] [ 11.626807] Memory state around the buggy address: [ 11.627034] ffff8881027a9c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.627324] ffff8881027a9c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.627613] >ffff8881027a9d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.627930] ^ [ 11.628259] ffff8881027a9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.628535] ffff8881027a9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.628905] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 11.574654] ================================================================== [ 11.575773] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 11.576017] Write of size 128 at addr ffff8881027a9c00 by task kunit_try_catch/187 [ 11.576263] [ 11.576351] CPU: 1 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.576394] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.576405] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.576424] Call Trace: [ 11.576436] <TASK> [ 11.576450] dump_stack_lvl+0x73/0xb0 [ 11.576475] print_report+0xd1/0x650 [ 11.576496] ? __virt_addr_valid+0x1db/0x2d0 [ 11.576517] ? kmalloc_oob_in_memset+0x15f/0x320 [ 11.576537] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.576558] ? kmalloc_oob_in_memset+0x15f/0x320 [ 11.576578] kasan_report+0x141/0x180 [ 11.576598] ? kmalloc_oob_in_memset+0x15f/0x320 [ 11.576624] kasan_check_range+0x10c/0x1c0 [ 11.576647] __asan_memset+0x27/0x50 [ 11.576666] kmalloc_oob_in_memset+0x15f/0x320 [ 11.576687] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 11.576708] ? __schedule+0x10cc/0x2b60 [ 11.576728] ? __pfx_read_tsc+0x10/0x10 [ 11.576747] ? ktime_get_ts64+0x86/0x230 [ 11.576771] kunit_try_run_case+0x1a5/0x480 [ 11.576794] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.576814] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.576836] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.576857] ? __kthread_parkme+0x82/0x180 [ 11.576876] ? preempt_count_sub+0x50/0x80 [ 11.576898] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.576919] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.576940] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.576962] kthread+0x337/0x6f0 [ 11.576979] ? trace_preempt_on+0x20/0xc0 [ 11.577001] ? __pfx_kthread+0x10/0x10 [ 11.577020] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.577039] ? calculate_sigpending+0x7b/0xa0 [ 11.577061] ? __pfx_kthread+0x10/0x10 [ 11.577081] ret_from_fork+0x116/0x1d0 [ 11.577098] ? __pfx_kthread+0x10/0x10 [ 11.577117] ret_from_fork_asm+0x1a/0x30 [ 11.577170] </TASK> [ 11.577179] [ 11.590598] Allocated by task 187: [ 11.590831] kasan_save_stack+0x45/0x70 [ 11.590973] kasan_save_track+0x18/0x40 [ 11.591103] kasan_save_alloc_info+0x3b/0x50 [ 11.591509] __kasan_kmalloc+0xb7/0xc0 [ 11.591849] __kmalloc_cache_noprof+0x189/0x420 [ 11.592340] kmalloc_oob_in_memset+0xac/0x320 [ 11.592835] kunit_try_run_case+0x1a5/0x480 [ 11.593269] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.593731] kthread+0x337/0x6f0 [ 11.593864] ret_from_fork+0x116/0x1d0 [ 11.593992] ret_from_fork_asm+0x1a/0x30 [ 11.594149] [ 11.594220] The buggy address belongs to the object at ffff8881027a9c00 [ 11.594220] which belongs to the cache kmalloc-128 of size 128 [ 11.594563] The buggy address is located 0 bytes inside of [ 11.594563] allocated 120-byte region [ffff8881027a9c00, ffff8881027a9c78) [ 11.594902] [ 11.594971] The buggy address belongs to the physical page: [ 11.595156] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a9 [ 11.595798] flags: 0x200000000000000(node=0|zone=2) [ 11.596261] page_type: f5(slab) [ 11.596558] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.597227] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.597863] page dumped because: kasan: bad access detected [ 11.598378] [ 11.598540] Memory state around the buggy address: [ 11.598955] ffff8881027a9b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.599609] ffff8881027a9b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.600225] >ffff8881027a9c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.600930] ^ [ 11.601742] ffff8881027a9c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.602118] ffff8881027a9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.602728] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 11.543433] ================================================================== [ 11.543910] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 11.544261] Read of size 16 at addr ffff8881019d1b00 by task kunit_try_catch/185 [ 11.544631] [ 11.544746] CPU: 1 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.544816] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.544827] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.544870] Call Trace: [ 11.544882] <TASK> [ 11.544895] dump_stack_lvl+0x73/0xb0 [ 11.544921] print_report+0xd1/0x650 [ 11.544953] ? __virt_addr_valid+0x1db/0x2d0 [ 11.544974] ? kmalloc_uaf_16+0x47b/0x4c0 [ 11.544994] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.545025] ? kmalloc_uaf_16+0x47b/0x4c0 [ 11.545045] kasan_report+0x141/0x180 [ 11.545065] ? kmalloc_uaf_16+0x47b/0x4c0 [ 11.545090] __asan_report_load16_noabort+0x18/0x20 [ 11.545162] kmalloc_uaf_16+0x47b/0x4c0 [ 11.545183] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 11.545214] ? __schedule+0x10cc/0x2b60 [ 11.545235] ? __pfx_read_tsc+0x10/0x10 [ 11.545255] ? ktime_get_ts64+0x86/0x230 [ 11.545306] kunit_try_run_case+0x1a5/0x480 [ 11.545329] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.545350] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.545382] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.545404] ? __kthread_parkme+0x82/0x180 [ 11.545423] ? preempt_count_sub+0x50/0x80 [ 11.545446] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.545468] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.545489] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.545511] kthread+0x337/0x6f0 [ 11.545529] ? trace_preempt_on+0x20/0xc0 [ 11.545550] ? __pfx_kthread+0x10/0x10 [ 11.545570] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.545589] ? calculate_sigpending+0x7b/0xa0 [ 11.545611] ? __pfx_kthread+0x10/0x10 [ 11.545631] ret_from_fork+0x116/0x1d0 [ 11.545648] ? __pfx_kthread+0x10/0x10 [ 11.545667] ret_from_fork_asm+0x1a/0x30 [ 11.545696] </TASK> [ 11.545706] [ 11.557426] Allocated by task 185: [ 11.557779] kasan_save_stack+0x45/0x70 [ 11.558192] kasan_save_track+0x18/0x40 [ 11.558568] kasan_save_alloc_info+0x3b/0x50 [ 11.558982] __kasan_kmalloc+0xb7/0xc0 [ 11.559383] __kmalloc_cache_noprof+0x189/0x420 [ 11.559824] kmalloc_uaf_16+0x15b/0x4c0 [ 11.560143] kunit_try_run_case+0x1a5/0x480 [ 11.560418] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.560595] kthread+0x337/0x6f0 [ 11.560715] ret_from_fork+0x116/0x1d0 [ 11.560845] ret_from_fork_asm+0x1a/0x30 [ 11.560983] [ 11.561052] Freed by task 185: [ 11.561288] kasan_save_stack+0x45/0x70 [ 11.561774] kasan_save_track+0x18/0x40 [ 11.562175] kasan_save_free_info+0x3f/0x60 [ 11.562655] __kasan_slab_free+0x56/0x70 [ 11.563049] kfree+0x222/0x3f0 [ 11.563437] kmalloc_uaf_16+0x1d6/0x4c0 [ 11.563834] kunit_try_run_case+0x1a5/0x480 [ 11.564315] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.564924] kthread+0x337/0x6f0 [ 11.565307] ret_from_fork+0x116/0x1d0 [ 11.565691] ret_from_fork_asm+0x1a/0x30 [ 11.566094] [ 11.566342] The buggy address belongs to the object at ffff8881019d1b00 [ 11.566342] which belongs to the cache kmalloc-16 of size 16 [ 11.567398] The buggy address is located 0 bytes inside of [ 11.567398] freed 16-byte region [ffff8881019d1b00, ffff8881019d1b10) [ 11.567747] [ 11.567822] The buggy address belongs to the physical page: [ 11.567994] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1019d1 [ 11.568292] flags: 0x200000000000000(node=0|zone=2) [ 11.568463] page_type: f5(slab) [ 11.568637] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.568979] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.569371] page dumped because: kasan: bad access detected [ 11.569560] [ 11.569629] Memory state around the buggy address: [ 11.569781] ffff8881019d1a00: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 11.570104] ffff8881019d1a80: fa fb fc fc fa fb fc fc fa fb fc fc 00 00 fc fc [ 11.570472] >ffff8881019d1b00: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.570767] ^ [ 11.570969] ffff8881019d1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.571344] ffff8881019d1c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.571558] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 11.516049] ================================================================== [ 11.517032] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 11.517589] Write of size 16 at addr ffff8881019d1aa0 by task kunit_try_catch/183 [ 11.518389] [ 11.518600] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.518643] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.518655] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.518674] Call Trace: [ 11.518686] <TASK> [ 11.518699] dump_stack_lvl+0x73/0xb0 [ 11.518726] print_report+0xd1/0x650 [ 11.518768] ? __virt_addr_valid+0x1db/0x2d0 [ 11.518790] ? kmalloc_oob_16+0x452/0x4a0 [ 11.518809] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.518830] ? kmalloc_oob_16+0x452/0x4a0 [ 11.518849] kasan_report+0x141/0x180 [ 11.518869] ? kmalloc_oob_16+0x452/0x4a0 [ 11.518894] __asan_report_store16_noabort+0x1b/0x30 [ 11.518913] kmalloc_oob_16+0x452/0x4a0 [ 11.518933] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 11.518953] ? __schedule+0x10cc/0x2b60 [ 11.518974] ? __pfx_read_tsc+0x10/0x10 [ 11.518993] ? ktime_get_ts64+0x86/0x230 [ 11.519018] kunit_try_run_case+0x1a5/0x480 [ 11.519041] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.519061] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.519083] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.519104] ? __kthread_parkme+0x82/0x180 [ 11.519133] ? preempt_count_sub+0x50/0x80 [ 11.519156] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.519187] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.519208] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.519229] kthread+0x337/0x6f0 [ 11.519259] ? trace_preempt_on+0x20/0xc0 [ 11.519282] ? __pfx_kthread+0x10/0x10 [ 11.519301] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.519320] ? calculate_sigpending+0x7b/0xa0 [ 11.519342] ? __pfx_kthread+0x10/0x10 [ 11.519362] ret_from_fork+0x116/0x1d0 [ 11.519379] ? __pfx_kthread+0x10/0x10 [ 11.519398] ret_from_fork_asm+0x1a/0x30 [ 11.519427] </TASK> [ 11.519438] [ 11.528406] Allocated by task 183: [ 11.528577] kasan_save_stack+0x45/0x70 [ 11.528766] kasan_save_track+0x18/0x40 [ 11.528942] kasan_save_alloc_info+0x3b/0x50 [ 11.529417] __kasan_kmalloc+0xb7/0xc0 [ 11.529632] __kmalloc_cache_noprof+0x189/0x420 [ 11.530032] kmalloc_oob_16+0xa8/0x4a0 [ 11.530392] kunit_try_run_case+0x1a5/0x480 [ 11.530737] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.530979] kthread+0x337/0x6f0 [ 11.531381] ret_from_fork+0x116/0x1d0 [ 11.531644] ret_from_fork_asm+0x1a/0x30 [ 11.531983] [ 11.532078] The buggy address belongs to the object at ffff8881019d1aa0 [ 11.532078] which belongs to the cache kmalloc-16 of size 16 [ 11.533047] The buggy address is located 0 bytes inside of [ 11.533047] allocated 13-byte region [ffff8881019d1aa0, ffff8881019d1aad) [ 11.533851] [ 11.533952] The buggy address belongs to the physical page: [ 11.534516] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1019d1 [ 11.534938] flags: 0x200000000000000(node=0|zone=2) [ 11.535413] page_type: f5(slab) [ 11.535659] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.536266] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.536582] page dumped because: kasan: bad access detected [ 11.536813] [ 11.536901] Memory state around the buggy address: [ 11.537106] ffff8881019d1980: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 11.537733] ffff8881019d1a00: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 11.538272] >ffff8881019d1a80: fa fb fc fc 00 05 fc fc 00 00 fc fc fc fc fc fc [ 11.538710] ^ [ 11.538906] ffff8881019d1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.539491] ffff8881019d1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.539924] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 11.464279] ================================================================== [ 11.464864] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 11.465184] Read of size 1 at addr ffff888100333000 by task kunit_try_catch/181 [ 11.465470] [ 11.465632] CPU: 0 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.465675] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.465686] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.465706] Call Trace: [ 11.465717] <TASK> [ 11.465730] dump_stack_lvl+0x73/0xb0 [ 11.465756] print_report+0xd1/0x650 [ 11.465778] ? __virt_addr_valid+0x1db/0x2d0 [ 11.465800] ? krealloc_uaf+0x1b8/0x5e0 [ 11.465819] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.465840] ? krealloc_uaf+0x1b8/0x5e0 [ 11.465860] kasan_report+0x141/0x180 [ 11.465881] ? krealloc_uaf+0x1b8/0x5e0 [ 11.465903] ? krealloc_uaf+0x1b8/0x5e0 [ 11.465924] __kasan_check_byte+0x3d/0x50 [ 11.465944] krealloc_noprof+0x3f/0x340 [ 11.465966] krealloc_uaf+0x1b8/0x5e0 [ 11.465987] ? __pfx_krealloc_uaf+0x10/0x10 [ 11.466006] ? finish_task_switch.isra.0+0x153/0x700 [ 11.466027] ? __switch_to+0x47/0xf50 [ 11.466051] ? __schedule+0x10cc/0x2b60 [ 11.466072] ? __pfx_read_tsc+0x10/0x10 [ 11.466091] ? ktime_get_ts64+0x86/0x230 [ 11.466116] kunit_try_run_case+0x1a5/0x480 [ 11.466152] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.466173] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.466194] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.466216] ? __kthread_parkme+0x82/0x180 [ 11.466237] ? preempt_count_sub+0x50/0x80 [ 11.466258] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.466280] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.466301] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.466323] kthread+0x337/0x6f0 [ 11.466341] ? trace_preempt_on+0x20/0xc0 [ 11.466363] ? __pfx_kthread+0x10/0x10 [ 11.466382] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.466401] ? calculate_sigpending+0x7b/0xa0 [ 11.466425] ? __pfx_kthread+0x10/0x10 [ 11.466445] ret_from_fork+0x116/0x1d0 [ 11.466462] ? __pfx_kthread+0x10/0x10 [ 11.466481] ret_from_fork_asm+0x1a/0x30 [ 11.466518] </TASK> [ 11.466529] [ 11.474041] Allocated by task 181: [ 11.474262] kasan_save_stack+0x45/0x70 [ 11.474527] kasan_save_track+0x18/0x40 [ 11.474705] kasan_save_alloc_info+0x3b/0x50 [ 11.474872] __kasan_kmalloc+0xb7/0xc0 [ 11.475061] __kmalloc_cache_noprof+0x189/0x420 [ 11.475516] krealloc_uaf+0xbb/0x5e0 [ 11.475703] kunit_try_run_case+0x1a5/0x480 [ 11.475858] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.476076] kthread+0x337/0x6f0 [ 11.476260] ret_from_fork+0x116/0x1d0 [ 11.476542] ret_from_fork_asm+0x1a/0x30 [ 11.476680] [ 11.476774] Freed by task 181: [ 11.476962] kasan_save_stack+0x45/0x70 [ 11.477240] kasan_save_track+0x18/0x40 [ 11.477434] kasan_save_free_info+0x3f/0x60 [ 11.477637] __kasan_slab_free+0x56/0x70 [ 11.477782] kfree+0x222/0x3f0 [ 11.477905] krealloc_uaf+0x13d/0x5e0 [ 11.478035] kunit_try_run_case+0x1a5/0x480 [ 11.478193] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.478488] kthread+0x337/0x6f0 [ 11.478891] ret_from_fork+0x116/0x1d0 [ 11.479077] ret_from_fork_asm+0x1a/0x30 [ 11.479425] [ 11.479532] The buggy address belongs to the object at ffff888100333000 [ 11.479532] which belongs to the cache kmalloc-256 of size 256 [ 11.479989] The buggy address is located 0 bytes inside of [ 11.479989] freed 256-byte region [ffff888100333000, ffff888100333100) [ 11.480949] [ 11.481037] The buggy address belongs to the physical page: [ 11.481612] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100332 [ 11.481941] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.482359] flags: 0x200000000000040(head|node=0|zone=2) [ 11.482594] page_type: f5(slab) [ 11.482760] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.483073] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.483539] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.483807] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.484119] head: 0200000000000001 ffffea000400cc81 00000000ffffffff 00000000ffffffff [ 11.484573] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.484875] page dumped because: kasan: bad access detected [ 11.485071] [ 11.485164] Memory state around the buggy address: [ 11.485474] ffff888100332f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.485759] ffff888100332f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.486061] >ffff888100333000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.486411] ^ [ 11.486584] ffff888100333080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.486860] ffff888100333100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.487165] ================================================================== [ 11.488188] ================================================================== [ 11.488917] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 11.489266] Read of size 1 at addr ffff888100333000 by task kunit_try_catch/181 [ 11.489492] [ 11.489579] CPU: 0 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.489620] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.489679] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.489701] Call Trace: [ 11.489715] <TASK> [ 11.489732] dump_stack_lvl+0x73/0xb0 [ 11.489760] print_report+0xd1/0x650 [ 11.489781] ? __virt_addr_valid+0x1db/0x2d0 [ 11.489804] ? krealloc_uaf+0x53c/0x5e0 [ 11.489824] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.489844] ? krealloc_uaf+0x53c/0x5e0 [ 11.489865] kasan_report+0x141/0x180 [ 11.489885] ? krealloc_uaf+0x53c/0x5e0 [ 11.489910] __asan_report_load1_noabort+0x18/0x20 [ 11.489933] krealloc_uaf+0x53c/0x5e0 [ 11.489953] ? __pfx_krealloc_uaf+0x10/0x10 [ 11.489973] ? finish_task_switch.isra.0+0x153/0x700 [ 11.489994] ? __switch_to+0x47/0xf50 [ 11.490019] ? __schedule+0x10cc/0x2b60 [ 11.490039] ? __pfx_read_tsc+0x10/0x10 [ 11.490059] ? ktime_get_ts64+0x86/0x230 [ 11.490082] kunit_try_run_case+0x1a5/0x480 [ 11.490106] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.490141] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.490163] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.490184] ? __kthread_parkme+0x82/0x180 [ 11.490204] ? preempt_count_sub+0x50/0x80 [ 11.490225] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.490247] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.490268] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.490290] kthread+0x337/0x6f0 [ 11.490352] ? trace_preempt_on+0x20/0xc0 [ 11.490377] ? __pfx_kthread+0x10/0x10 [ 11.490397] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.490416] ? calculate_sigpending+0x7b/0xa0 [ 11.490439] ? __pfx_kthread+0x10/0x10 [ 11.490459] ret_from_fork+0x116/0x1d0 [ 11.490476] ? __pfx_kthread+0x10/0x10 [ 11.490495] ret_from_fork_asm+0x1a/0x30 [ 11.490530] </TASK> [ 11.490540] [ 11.498539] Allocated by task 181: [ 11.498722] kasan_save_stack+0x45/0x70 [ 11.498889] kasan_save_track+0x18/0x40 [ 11.499026] kasan_save_alloc_info+0x3b/0x50 [ 11.499213] __kasan_kmalloc+0xb7/0xc0 [ 11.499568] __kmalloc_cache_noprof+0x189/0x420 [ 11.499800] krealloc_uaf+0xbb/0x5e0 [ 11.499980] kunit_try_run_case+0x1a5/0x480 [ 11.500213] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.500516] kthread+0x337/0x6f0 [ 11.500670] ret_from_fork+0x116/0x1d0 [ 11.500803] ret_from_fork_asm+0x1a/0x30 [ 11.500940] [ 11.501035] Freed by task 181: [ 11.501281] kasan_save_stack+0x45/0x70 [ 11.501552] kasan_save_track+0x18/0x40 [ 11.501756] kasan_save_free_info+0x3f/0x60 [ 11.501993] __kasan_slab_free+0x56/0x70 [ 11.502221] kfree+0x222/0x3f0 [ 11.502570] krealloc_uaf+0x13d/0x5e0 [ 11.502739] kunit_try_run_case+0x1a5/0x480 [ 11.502922] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.503147] kthread+0x337/0x6f0 [ 11.503327] ret_from_fork+0x116/0x1d0 [ 11.503461] ret_from_fork_asm+0x1a/0x30 [ 11.503598] [ 11.503669] The buggy address belongs to the object at ffff888100333000 [ 11.503669] which belongs to the cache kmalloc-256 of size 256 [ 11.504063] The buggy address is located 0 bytes inside of [ 11.504063] freed 256-byte region [ffff888100333000, ffff888100333100) [ 11.504732] [ 11.504833] The buggy address belongs to the physical page: [ 11.505086] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100332 [ 11.505530] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.505763] flags: 0x200000000000040(head|node=0|zone=2) [ 11.505938] page_type: f5(slab) [ 11.506059] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.506596] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.506949] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.507558] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.507844] head: 0200000000000001 ffffea000400cc81 00000000ffffffff 00000000ffffffff [ 11.508077] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.508640] page dumped because: kasan: bad access detected [ 11.508934] [ 11.509003] Memory state around the buggy address: [ 11.509198] ffff888100332f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.510533] ffff888100332f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.510873] >ffff888100333000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.511584] ^ [ 11.511846] ffff888100333080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.512341] ffff888100333100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.512763] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 11.244715] ================================================================== [ 11.245072] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 11.245439] Write of size 1 at addr ffff888100332eea by task kunit_try_catch/175 [ 11.245819] [ 11.245928] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.245979] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.245990] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.246008] Call Trace: [ 11.246024] <TASK> [ 11.246039] dump_stack_lvl+0x73/0xb0 [ 11.246075] print_report+0xd1/0x650 [ 11.246097] ? __virt_addr_valid+0x1db/0x2d0 [ 11.246119] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.246152] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.246172] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.246204] kasan_report+0x141/0x180 [ 11.246224] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.246251] __asan_report_store1_noabort+0x1b/0x30 [ 11.246281] krealloc_less_oob_helper+0xe90/0x11d0 [ 11.246305] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.246366] ? finish_task_switch.isra.0+0x153/0x700 [ 11.246387] ? __switch_to+0x47/0xf50 [ 11.246410] ? __schedule+0x10cc/0x2b60 [ 11.246431] ? __pfx_read_tsc+0x10/0x10 [ 11.246454] krealloc_less_oob+0x1c/0x30 [ 11.246474] kunit_try_run_case+0x1a5/0x480 [ 11.246498] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.246524] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.246546] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.246567] ? __kthread_parkme+0x82/0x180 [ 11.246587] ? preempt_count_sub+0x50/0x80 [ 11.246608] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.246630] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.246651] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.246673] kthread+0x337/0x6f0 [ 11.246691] ? trace_preempt_on+0x20/0xc0 [ 11.246713] ? __pfx_kthread+0x10/0x10 [ 11.246733] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.246752] ? calculate_sigpending+0x7b/0xa0 [ 11.246774] ? __pfx_kthread+0x10/0x10 [ 11.246794] ret_from_fork+0x116/0x1d0 [ 11.246812] ? __pfx_kthread+0x10/0x10 [ 11.246831] ret_from_fork_asm+0x1a/0x30 [ 11.246871] </TASK> [ 11.246881] [ 11.254938] Allocated by task 175: [ 11.255145] kasan_save_stack+0x45/0x70 [ 11.255535] kasan_save_track+0x18/0x40 [ 11.255753] kasan_save_alloc_info+0x3b/0x50 [ 11.255904] __kasan_krealloc+0x190/0x1f0 [ 11.256079] krealloc_noprof+0xf3/0x340 [ 11.256288] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.256598] krealloc_less_oob+0x1c/0x30 [ 11.256811] kunit_try_run_case+0x1a5/0x480 [ 11.257029] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.257285] kthread+0x337/0x6f0 [ 11.257519] ret_from_fork+0x116/0x1d0 [ 11.257711] ret_from_fork_asm+0x1a/0x30 [ 11.257909] [ 11.258008] The buggy address belongs to the object at ffff888100332e00 [ 11.258008] which belongs to the cache kmalloc-256 of size 256 [ 11.258595] The buggy address is located 33 bytes to the right of [ 11.258595] allocated 201-byte region [ffff888100332e00, ffff888100332ec9) [ 11.259039] [ 11.259111] The buggy address belongs to the physical page: [ 11.259386] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100332 [ 11.259807] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.260101] flags: 0x200000000000040(head|node=0|zone=2) [ 11.260514] page_type: f5(slab) [ 11.260699] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.261065] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.261430] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.261752] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.262149] head: 0200000000000001 ffffea000400cc81 00000000ffffffff 00000000ffffffff [ 11.262459] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.262807] page dumped because: kasan: bad access detected [ 11.263082] [ 11.263211] Memory state around the buggy address: [ 11.263501] ffff888100332d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.263815] ffff888100332e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.264114] >ffff888100332e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.264447] ^ [ 11.264652] ffff888100332f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.265024] ffff888100332f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.265521] ================================================================== [ 11.342155] ================================================================== [ 11.342945] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 11.343531] Write of size 1 at addr ffff888102aa20c9 by task kunit_try_catch/179 [ 11.344120] [ 11.344227] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.344268] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.344279] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.344298] Call Trace: [ 11.344311] <TASK> [ 11.344325] dump_stack_lvl+0x73/0xb0 [ 11.344353] print_report+0xd1/0x650 [ 11.344375] ? __virt_addr_valid+0x1db/0x2d0 [ 11.344398] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.344420] ? kasan_addr_to_slab+0x11/0xa0 [ 11.344439] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.344462] kasan_report+0x141/0x180 [ 11.344482] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.344509] __asan_report_store1_noabort+0x1b/0x30 [ 11.344528] krealloc_less_oob_helper+0xd70/0x11d0 [ 11.344552] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.344575] ? finish_task_switch.isra.0+0x153/0x700 [ 11.344597] ? __switch_to+0x47/0xf50 [ 11.344622] ? __schedule+0x10cc/0x2b60 [ 11.344643] ? __pfx_read_tsc+0x10/0x10 [ 11.344666] krealloc_large_less_oob+0x1c/0x30 [ 11.344687] kunit_try_run_case+0x1a5/0x480 [ 11.344711] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.344731] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.344754] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.344776] ? __kthread_parkme+0x82/0x180 [ 11.344796] ? preempt_count_sub+0x50/0x80 [ 11.344817] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.344839] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.344860] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.344882] kthread+0x337/0x6f0 [ 11.344900] ? trace_preempt_on+0x20/0xc0 [ 11.344924] ? __pfx_kthread+0x10/0x10 [ 11.344943] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.344962] ? calculate_sigpending+0x7b/0xa0 [ 11.344985] ? __pfx_kthread+0x10/0x10 [ 11.345005] ret_from_fork+0x116/0x1d0 [ 11.345023] ? __pfx_kthread+0x10/0x10 [ 11.345042] ret_from_fork_asm+0x1a/0x30 [ 11.345071] </TASK> [ 11.345081] [ 11.361007] The buggy address belongs to the physical page: [ 11.362024] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102aa0 [ 11.363292] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.364539] flags: 0x200000000000040(head|node=0|zone=2) [ 11.364736] page_type: f8(unknown) [ 11.364866] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.365099] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.366705] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.367765] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.368677] head: 0200000000000002 ffffea00040aa801 00000000ffffffff 00000000ffffffff [ 11.368912] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.369147] page dumped because: kasan: bad access detected [ 11.369609] [ 11.369711] Memory state around the buggy address: [ 11.369934] ffff888102aa1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.370248] ffff888102aa2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.370588] >ffff888102aa2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.370963] ^ [ 11.371185] ffff888102aa2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.372018] ffff888102aa2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.372747] ================================================================== [ 11.265985] ================================================================== [ 11.266413] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 11.266710] Write of size 1 at addr ffff888100332eeb by task kunit_try_catch/175 [ 11.267011] [ 11.267098] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.267164] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.267176] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.267195] Call Trace: [ 11.267206] <TASK> [ 11.267219] dump_stack_lvl+0x73/0xb0 [ 11.267244] print_report+0xd1/0x650 [ 11.267272] ? __virt_addr_valid+0x1db/0x2d0 [ 11.267361] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.267388] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.267410] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.267433] kasan_report+0x141/0x180 [ 11.267454] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.267481] __asan_report_store1_noabort+0x1b/0x30 [ 11.267500] krealloc_less_oob_helper+0xd47/0x11d0 [ 11.267525] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.267547] ? finish_task_switch.isra.0+0x153/0x700 [ 11.267568] ? __switch_to+0x47/0xf50 [ 11.267603] ? __schedule+0x10cc/0x2b60 [ 11.267626] ? __pfx_read_tsc+0x10/0x10 [ 11.267648] krealloc_less_oob+0x1c/0x30 [ 11.267681] kunit_try_run_case+0x1a5/0x480 [ 11.267704] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.267725] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.267746] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.267768] ? __kthread_parkme+0x82/0x180 [ 11.267795] ? preempt_count_sub+0x50/0x80 [ 11.267816] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.267838] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.267870] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.267891] kthread+0x337/0x6f0 [ 11.267910] ? trace_preempt_on+0x20/0xc0 [ 11.267933] ? __pfx_kthread+0x10/0x10 [ 11.267952] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.267972] ? calculate_sigpending+0x7b/0xa0 [ 11.267994] ? __pfx_kthread+0x10/0x10 [ 11.268016] ret_from_fork+0x116/0x1d0 [ 11.268033] ? __pfx_kthread+0x10/0x10 [ 11.268052] ret_from_fork_asm+0x1a/0x30 [ 11.268081] </TASK> [ 11.268091] [ 11.276670] Allocated by task 175: [ 11.276826] kasan_save_stack+0x45/0x70 [ 11.277071] kasan_save_track+0x18/0x40 [ 11.277390] kasan_save_alloc_info+0x3b/0x50 [ 11.277601] __kasan_krealloc+0x190/0x1f0 [ 11.277743] krealloc_noprof+0xf3/0x340 [ 11.277911] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.278194] krealloc_less_oob+0x1c/0x30 [ 11.278407] kunit_try_run_case+0x1a5/0x480 [ 11.278606] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.278871] kthread+0x337/0x6f0 [ 11.279053] ret_from_fork+0x116/0x1d0 [ 11.279279] ret_from_fork_asm+0x1a/0x30 [ 11.279523] [ 11.279617] The buggy address belongs to the object at ffff888100332e00 [ 11.279617] which belongs to the cache kmalloc-256 of size 256 [ 11.280149] The buggy address is located 34 bytes to the right of [ 11.280149] allocated 201-byte region [ffff888100332e00, ffff888100332ec9) [ 11.280830] [ 11.280933] The buggy address belongs to the physical page: [ 11.281236] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100332 [ 11.281592] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.281901] flags: 0x200000000000040(head|node=0|zone=2) [ 11.282194] page_type: f5(slab) [ 11.282339] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.282644] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.283056] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.283466] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.283800] head: 0200000000000001 ffffea000400cc81 00000000ffffffff 00000000ffffffff [ 11.284160] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.284539] page dumped because: kasan: bad access detected [ 11.284790] [ 11.284860] Memory state around the buggy address: [ 11.285081] ffff888100332d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.285623] ffff888100332e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.285941] >ffff888100332e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.286250] ^ [ 11.286617] ffff888100332f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.286939] ffff888100332f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.287280] ================================================================== [ 11.400251] ================================================================== [ 11.400907] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 11.401667] Write of size 1 at addr ffff888102aa20da by task kunit_try_catch/179 [ 11.402375] [ 11.402464] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.402504] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.402522] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.402541] Call Trace: [ 11.402555] <TASK> [ 11.402570] dump_stack_lvl+0x73/0xb0 [ 11.402595] print_report+0xd1/0x650 [ 11.402616] ? __virt_addr_valid+0x1db/0x2d0 [ 11.402638] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.402660] ? kasan_addr_to_slab+0x11/0xa0 [ 11.402679] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.402701] kasan_report+0x141/0x180 [ 11.402722] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.402748] __asan_report_store1_noabort+0x1b/0x30 [ 11.402767] krealloc_less_oob_helper+0xec6/0x11d0 [ 11.402791] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.402813] ? finish_task_switch.isra.0+0x153/0x700 [ 11.402833] ? __switch_to+0x47/0xf50 [ 11.402857] ? __schedule+0x10cc/0x2b60 [ 11.402877] ? __pfx_read_tsc+0x10/0x10 [ 11.402899] krealloc_large_less_oob+0x1c/0x30 [ 11.402920] kunit_try_run_case+0x1a5/0x480 [ 11.402942] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.402963] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.402984] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.403005] ? __kthread_parkme+0x82/0x180 [ 11.403024] ? preempt_count_sub+0x50/0x80 [ 11.403045] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.403067] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.403087] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.403109] kthread+0x337/0x6f0 [ 11.403139] ? trace_preempt_on+0x20/0xc0 [ 11.403162] ? __pfx_kthread+0x10/0x10 [ 11.403181] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.403200] ? calculate_sigpending+0x7b/0xa0 [ 11.403222] ? __pfx_kthread+0x10/0x10 [ 11.403242] ret_from_fork+0x116/0x1d0 [ 11.403259] ? __pfx_kthread+0x10/0x10 [ 11.403278] ret_from_fork_asm+0x1a/0x30 [ 11.403308] </TASK> [ 11.403319] [ 11.410948] The buggy address belongs to the physical page: [ 11.411270] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102aa0 [ 11.411768] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.411996] flags: 0x200000000000040(head|node=0|zone=2) [ 11.412214] page_type: f8(unknown) [ 11.412371] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.412689] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.412972] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.413424] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.413699] head: 0200000000000002 ffffea00040aa801 00000000ffffffff 00000000ffffffff [ 11.413921] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.414229] page dumped because: kasan: bad access detected [ 11.414474] [ 11.414573] Memory state around the buggy address: [ 11.414880] ffff888102aa1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.415112] ffff888102aa2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.415835] >ffff888102aa2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.416115] ^ [ 11.416833] ffff888102aa2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.417312] ffff888102aa2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.417816] ================================================================== [ 11.148170] ================================================================== [ 11.149080] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 11.149934] Write of size 1 at addr ffff888100332ec9 by task kunit_try_catch/175 [ 11.150880] [ 11.150990] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.151081] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.151094] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.151114] Call Trace: [ 11.151322] <TASK> [ 11.151343] dump_stack_lvl+0x73/0xb0 [ 11.151375] print_report+0xd1/0x650 [ 11.151396] ? __virt_addr_valid+0x1db/0x2d0 [ 11.151419] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.151441] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.151462] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.151485] kasan_report+0x141/0x180 [ 11.151505] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.151532] __asan_report_store1_noabort+0x1b/0x30 [ 11.151551] krealloc_less_oob_helper+0xd70/0x11d0 [ 11.151576] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.151598] ? finish_task_switch.isra.0+0x153/0x700 [ 11.151620] ? __switch_to+0x47/0xf50 [ 11.151648] ? __schedule+0x10cc/0x2b60 [ 11.151670] ? __pfx_read_tsc+0x10/0x10 [ 11.151694] krealloc_less_oob+0x1c/0x30 [ 11.151715] kunit_try_run_case+0x1a5/0x480 [ 11.151738] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.151759] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.151781] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.151803] ? __kthread_parkme+0x82/0x180 [ 11.151823] ? preempt_count_sub+0x50/0x80 [ 11.151844] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.151866] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.151887] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.151909] kthread+0x337/0x6f0 [ 11.151927] ? trace_preempt_on+0x20/0xc0 [ 11.151949] ? __pfx_kthread+0x10/0x10 [ 11.151968] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.151988] ? calculate_sigpending+0x7b/0xa0 [ 11.152010] ? __pfx_kthread+0x10/0x10 [ 11.152031] ret_from_fork+0x116/0x1d0 [ 11.152048] ? __pfx_kthread+0x10/0x10 [ 11.152068] ret_from_fork_asm+0x1a/0x30 [ 11.152097] </TASK> [ 11.152108] [ 11.167370] Allocated by task 175: [ 11.167511] kasan_save_stack+0x45/0x70 [ 11.167719] kasan_save_track+0x18/0x40 [ 11.167867] kasan_save_alloc_info+0x3b/0x50 [ 11.168079] __kasan_krealloc+0x190/0x1f0 [ 11.168230] krealloc_noprof+0xf3/0x340 [ 11.168933] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.169188] krealloc_less_oob+0x1c/0x30 [ 11.169554] kunit_try_run_case+0x1a5/0x480 [ 11.169983] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.170529] kthread+0x337/0x6f0 [ 11.170917] ret_from_fork+0x116/0x1d0 [ 11.171147] ret_from_fork_asm+0x1a/0x30 [ 11.171495] [ 11.171596] The buggy address belongs to the object at ffff888100332e00 [ 11.171596] which belongs to the cache kmalloc-256 of size 256 [ 11.172487] The buggy address is located 0 bytes to the right of [ 11.172487] allocated 201-byte region [ffff888100332e00, ffff888100332ec9) [ 11.173107] [ 11.173228] The buggy address belongs to the physical page: [ 11.173820] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100332 [ 11.174346] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.175058] flags: 0x200000000000040(head|node=0|zone=2) [ 11.175592] page_type: f5(slab) [ 11.175729] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.176281] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.176929] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.177828] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.178785] head: 0200000000000001 ffffea000400cc81 00000000ffffffff 00000000ffffffff [ 11.179376] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.180020] page dumped because: kasan: bad access detected [ 11.180607] [ 11.180754] Memory state around the buggy address: [ 11.181291] ffff888100332d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.181604] ffff888100332e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.182670] >ffff888100332e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.183589] ^ [ 11.184189] ffff888100332f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.184882] ffff888100332f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.185620] ================================================================== [ 11.186175] ================================================================== [ 11.186425] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 11.187873] Write of size 1 at addr ffff888100332ed0 by task kunit_try_catch/175 [ 11.189292] [ 11.189767] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.189815] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.189827] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.189846] Call Trace: [ 11.189862] <TASK> [ 11.189877] dump_stack_lvl+0x73/0xb0 [ 11.189906] print_report+0xd1/0x650 [ 11.189928] ? __virt_addr_valid+0x1db/0x2d0 [ 11.189951] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.189973] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.189994] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.190019] kasan_report+0x141/0x180 [ 11.190041] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.190069] __asan_report_store1_noabort+0x1b/0x30 [ 11.190089] krealloc_less_oob_helper+0xe23/0x11d0 [ 11.190114] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.190148] ? finish_task_switch.isra.0+0x153/0x700 [ 11.190170] ? __switch_to+0x47/0xf50 [ 11.190194] ? __schedule+0x10cc/0x2b60 [ 11.190217] ? __pfx_read_tsc+0x10/0x10 [ 11.190241] krealloc_less_oob+0x1c/0x30 [ 11.190261] kunit_try_run_case+0x1a5/0x480 [ 11.190284] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.190314] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.190336] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.190358] ? __kthread_parkme+0x82/0x180 [ 11.190377] ? preempt_count_sub+0x50/0x80 [ 11.190398] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.190422] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.190443] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.190464] kthread+0x337/0x6f0 [ 11.190483] ? trace_preempt_on+0x20/0xc0 [ 11.190505] ? __pfx_kthread+0x10/0x10 [ 11.190528] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.190548] ? calculate_sigpending+0x7b/0xa0 [ 11.190571] ? __pfx_kthread+0x10/0x10 [ 11.190591] ret_from_fork+0x116/0x1d0 [ 11.190609] ? __pfx_kthread+0x10/0x10 [ 11.190629] ret_from_fork_asm+0x1a/0x30 [ 11.190658] </TASK> [ 11.190669] [ 11.205674] Allocated by task 175: [ 11.205987] kasan_save_stack+0x45/0x70 [ 11.206156] kasan_save_track+0x18/0x40 [ 11.206661] kasan_save_alloc_info+0x3b/0x50 [ 11.207084] __kasan_krealloc+0x190/0x1f0 [ 11.207392] krealloc_noprof+0xf3/0x340 [ 11.207750] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.207912] krealloc_less_oob+0x1c/0x30 [ 11.208046] kunit_try_run_case+0x1a5/0x480 [ 11.208224] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.208771] kthread+0x337/0x6f0 [ 11.209092] ret_from_fork+0x116/0x1d0 [ 11.209650] ret_from_fork_asm+0x1a/0x30 [ 11.210037] [ 11.210227] The buggy address belongs to the object at ffff888100332e00 [ 11.210227] which belongs to the cache kmalloc-256 of size 256 [ 11.211352] The buggy address is located 7 bytes to the right of [ 11.211352] allocated 201-byte region [ffff888100332e00, ffff888100332ec9) [ 11.211897] [ 11.211971] The buggy address belongs to the physical page: [ 11.212175] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100332 [ 11.212985] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.213725] flags: 0x200000000000040(head|node=0|zone=2) [ 11.214240] page_type: f5(slab) [ 11.214603] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.215361] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.215919] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.216209] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.216905] head: 0200000000000001 ffffea000400cc81 00000000ffffffff 00000000ffffffff [ 11.217659] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.218225] page dumped because: kasan: bad access detected [ 11.218643] [ 11.218713] Memory state around the buggy address: [ 11.218863] ffff888100332d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.219071] ffff888100332e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.219316] >ffff888100332e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.219739] ^ [ 11.219919] ffff888100332f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.220496] ffff888100332f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.220854] ================================================================== [ 11.418569] ================================================================== [ 11.419289] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 11.419758] Write of size 1 at addr ffff888102aa20ea by task kunit_try_catch/179 [ 11.420080] [ 11.420515] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.420558] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.420569] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.420588] Call Trace: [ 11.420601] <TASK> [ 11.420614] dump_stack_lvl+0x73/0xb0 [ 11.420684] print_report+0xd1/0x650 [ 11.420705] ? __virt_addr_valid+0x1db/0x2d0 [ 11.420729] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.420750] ? kasan_addr_to_slab+0x11/0xa0 [ 11.420769] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.420792] kasan_report+0x141/0x180 [ 11.420812] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.420839] __asan_report_store1_noabort+0x1b/0x30 [ 11.420858] krealloc_less_oob_helper+0xe90/0x11d0 [ 11.420882] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.420904] ? finish_task_switch.isra.0+0x153/0x700 [ 11.420925] ? __switch_to+0x47/0xf50 [ 11.420948] ? __schedule+0x10cc/0x2b60 [ 11.420969] ? __pfx_read_tsc+0x10/0x10 [ 11.420992] krealloc_large_less_oob+0x1c/0x30 [ 11.421014] kunit_try_run_case+0x1a5/0x480 [ 11.421036] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.421057] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.421079] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.421100] ? __kthread_parkme+0x82/0x180 [ 11.421119] ? preempt_count_sub+0x50/0x80 [ 11.421151] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.421173] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.421194] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.421215] kthread+0x337/0x6f0 [ 11.421233] ? trace_preempt_on+0x20/0xc0 [ 11.421256] ? __pfx_kthread+0x10/0x10 [ 11.421275] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.421294] ? calculate_sigpending+0x7b/0xa0 [ 11.421318] ? __pfx_kthread+0x10/0x10 [ 11.421340] ret_from_fork+0x116/0x1d0 [ 11.421358] ? __pfx_kthread+0x10/0x10 [ 11.421377] ret_from_fork_asm+0x1a/0x30 [ 11.421406] </TASK> [ 11.421416] [ 11.432832] The buggy address belongs to the physical page: [ 11.433069] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102aa0 [ 11.433856] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.434354] flags: 0x200000000000040(head|node=0|zone=2) [ 11.434764] page_type: f8(unknown) [ 11.435046] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.435526] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.435847] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.436612] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.437057] head: 0200000000000002 ffffea00040aa801 00000000ffffffff 00000000ffffffff [ 11.437702] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.438219] page dumped because: kasan: bad access detected [ 11.438644] [ 11.438738] Memory state around the buggy address: [ 11.438947] ffff888102aa1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.439715] ffff888102aa2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.440166] >ffff888102aa2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.440867] ^ [ 11.441544] ffff888102aa2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.441861] ffff888102aa2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.442597] ================================================================== [ 11.443105] ================================================================== [ 11.443935] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 11.444609] Write of size 1 at addr ffff888102aa20eb by task kunit_try_catch/179 [ 11.445069] [ 11.445399] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.445444] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.445455] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.445474] Call Trace: [ 11.445488] <TASK> [ 11.445501] dump_stack_lvl+0x73/0xb0 [ 11.445527] print_report+0xd1/0x650 [ 11.445548] ? __virt_addr_valid+0x1db/0x2d0 [ 11.445571] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.445592] ? kasan_addr_to_slab+0x11/0xa0 [ 11.445611] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.445634] kasan_report+0x141/0x180 [ 11.445654] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.445681] __asan_report_store1_noabort+0x1b/0x30 [ 11.445700] krealloc_less_oob_helper+0xd47/0x11d0 [ 11.445724] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.445746] ? finish_task_switch.isra.0+0x153/0x700 [ 11.445766] ? __switch_to+0x47/0xf50 [ 11.445789] ? __schedule+0x10cc/0x2b60 [ 11.445809] ? __pfx_read_tsc+0x10/0x10 [ 11.445831] krealloc_large_less_oob+0x1c/0x30 [ 11.445852] kunit_try_run_case+0x1a5/0x480 [ 11.445874] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.445894] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.445916] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.445937] ? __kthread_parkme+0x82/0x180 [ 11.445955] ? preempt_count_sub+0x50/0x80 [ 11.445976] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.445998] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.446019] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.446040] kthread+0x337/0x6f0 [ 11.446058] ? trace_preempt_on+0x20/0xc0 [ 11.446080] ? __pfx_kthread+0x10/0x10 [ 11.446100] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.446119] ? calculate_sigpending+0x7b/0xa0 [ 11.446158] ? __pfx_kthread+0x10/0x10 [ 11.446178] ret_from_fork+0x116/0x1d0 [ 11.446195] ? __pfx_kthread+0x10/0x10 [ 11.446214] ret_from_fork_asm+0x1a/0x30 [ 11.446242] </TASK> [ 11.446252] [ 11.454304] The buggy address belongs to the physical page: [ 11.454566] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102aa0 [ 11.454884] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.455112] flags: 0x200000000000040(head|node=0|zone=2) [ 11.455372] page_type: f8(unknown) [ 11.455551] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.455820] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.456112] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.456704] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.457014] head: 0200000000000002 ffffea00040aa801 00000000ffffffff 00000000ffffffff [ 11.457419] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.457663] page dumped because: kasan: bad access detected [ 11.457867] [ 11.457960] Memory state around the buggy address: [ 11.458240] ffff888102aa1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.458496] ffff888102aa2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.458863] >ffff888102aa2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.459265] ^ [ 11.459670] ffff888102aa2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.459890] ffff888102aa2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.460217] ================================================================== [ 11.221662] ================================================================== [ 11.221949] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 11.222403] Write of size 1 at addr ffff888100332eda by task kunit_try_catch/175 [ 11.222753] [ 11.222866] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.222908] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.222930] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.222950] Call Trace: [ 11.222961] <TASK> [ 11.222976] dump_stack_lvl+0x73/0xb0 [ 11.223014] print_report+0xd1/0x650 [ 11.223035] ? __virt_addr_valid+0x1db/0x2d0 [ 11.223056] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.223078] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.223106] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.223156] kasan_report+0x141/0x180 [ 11.223177] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.223203] __asan_report_store1_noabort+0x1b/0x30 [ 11.223223] krealloc_less_oob_helper+0xec6/0x11d0 [ 11.223247] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.223269] ? finish_task_switch.isra.0+0x153/0x700 [ 11.223290] ? __switch_to+0x47/0xf50 [ 11.223609] ? __schedule+0x10cc/0x2b60 [ 11.223631] ? __pfx_read_tsc+0x10/0x10 [ 11.223654] krealloc_less_oob+0x1c/0x30 [ 11.223674] kunit_try_run_case+0x1a5/0x480 [ 11.223742] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.223763] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.223784] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.223805] ? __kthread_parkme+0x82/0x180 [ 11.223825] ? preempt_count_sub+0x50/0x80 [ 11.223846] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.223868] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.223890] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.223911] kthread+0x337/0x6f0 [ 11.223929] ? trace_preempt_on+0x20/0xc0 [ 11.223951] ? __pfx_kthread+0x10/0x10 [ 11.223970] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.223989] ? calculate_sigpending+0x7b/0xa0 [ 11.224012] ? __pfx_kthread+0x10/0x10 [ 11.224032] ret_from_fork+0x116/0x1d0 [ 11.224048] ? __pfx_kthread+0x10/0x10 [ 11.224067] ret_from_fork_asm+0x1a/0x30 [ 11.224096] </TASK> [ 11.224107] [ 11.232395] Allocated by task 175: [ 11.232532] kasan_save_stack+0x45/0x70 [ 11.232742] kasan_save_track+0x18/0x40 [ 11.232962] kasan_save_alloc_info+0x3b/0x50 [ 11.233499] __kasan_krealloc+0x190/0x1f0 [ 11.233705] krealloc_noprof+0xf3/0x340 [ 11.233900] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.234149] krealloc_less_oob+0x1c/0x30 [ 11.234448] kunit_try_run_case+0x1a5/0x480 [ 11.234636] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.234814] kthread+0x337/0x6f0 [ 11.234951] ret_from_fork+0x116/0x1d0 [ 11.235146] ret_from_fork_asm+0x1a/0x30 [ 11.235427] [ 11.235525] The buggy address belongs to the object at ffff888100332e00 [ 11.235525] which belongs to the cache kmalloc-256 of size 256 [ 11.235906] The buggy address is located 17 bytes to the right of [ 11.235906] allocated 201-byte region [ffff888100332e00, ffff888100332ec9) [ 11.236936] [ 11.237047] The buggy address belongs to the physical page: [ 11.237323] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100332 [ 11.237793] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.238138] flags: 0x200000000000040(head|node=0|zone=2) [ 11.238558] page_type: f5(slab) [ 11.238725] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.238955] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.239304] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.239579] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.240075] head: 0200000000000001 ffffea000400cc81 00000000ffffffff 00000000ffffffff [ 11.240862] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.241158] page dumped because: kasan: bad access detected [ 11.241444] [ 11.241623] Memory state around the buggy address: [ 11.241943] ffff888100332d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.242254] ffff888100332e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.242674] >ffff888100332e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.242989] ^ [ 11.243219] ffff888100332f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.243564] ffff888100332f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.243929] ================================================================== [ 11.373560] ================================================================== [ 11.375085] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 11.375544] Write of size 1 at addr ffff888102aa20d0 by task kunit_try_catch/179 [ 11.376093] [ 11.376192] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.376234] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.376245] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.376264] Call Trace: [ 11.376276] <TASK> [ 11.376290] dump_stack_lvl+0x73/0xb0 [ 11.376318] print_report+0xd1/0x650 [ 11.376340] ? __virt_addr_valid+0x1db/0x2d0 [ 11.376362] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.376384] ? kasan_addr_to_slab+0x11/0xa0 [ 11.376403] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.376425] kasan_report+0x141/0x180 [ 11.376446] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.376472] __asan_report_store1_noabort+0x1b/0x30 [ 11.376931] krealloc_less_oob_helper+0xe23/0x11d0 [ 11.376958] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.376981] ? finish_task_switch.isra.0+0x153/0x700 [ 11.377003] ? __switch_to+0x47/0xf50 [ 11.377027] ? __schedule+0x10cc/0x2b60 [ 11.377048] ? __pfx_read_tsc+0x10/0x10 [ 11.377071] krealloc_large_less_oob+0x1c/0x30 [ 11.377092] kunit_try_run_case+0x1a5/0x480 [ 11.377116] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.377152] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.377173] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.377194] ? __kthread_parkme+0x82/0x180 [ 11.377214] ? preempt_count_sub+0x50/0x80 [ 11.377236] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.377258] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.377279] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.377300] kthread+0x337/0x6f0 [ 11.377318] ? trace_preempt_on+0x20/0xc0 [ 11.377340] ? __pfx_kthread+0x10/0x10 [ 11.377359] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.377378] ? calculate_sigpending+0x7b/0xa0 [ 11.377401] ? __pfx_kthread+0x10/0x10 [ 11.377420] ret_from_fork+0x116/0x1d0 [ 11.377438] ? __pfx_kthread+0x10/0x10 [ 11.377457] ret_from_fork_asm+0x1a/0x30 [ 11.377486] </TASK> [ 11.377497] [ 11.389730] The buggy address belongs to the physical page: [ 11.390048] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102aa0 [ 11.390314] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.390622] flags: 0x200000000000040(head|node=0|zone=2) [ 11.391079] page_type: f8(unknown) [ 11.391446] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.392302] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.393153] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.393510] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.394260] head: 0200000000000002 ffffea00040aa801 00000000ffffffff 00000000ffffffff [ 11.395024] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.395560] page dumped because: kasan: bad access detected [ 11.396070] [ 11.396152] Memory state around the buggy address: [ 11.396494] ffff888102aa1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.397097] ffff888102aa2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.397913] >ffff888102aa2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.398523] ^ [ 11.398870] ffff888102aa2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.399082] ffff888102aa2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.399539] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 11.290492] ================================================================== [ 11.291365] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 11.292115] Write of size 1 at addr ffff888102aa20eb by task kunit_try_catch/177 [ 11.293186] [ 11.293301] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.293347] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.293359] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.293495] Call Trace: [ 11.293510] <TASK> [ 11.293525] dump_stack_lvl+0x73/0xb0 [ 11.293556] print_report+0xd1/0x650 [ 11.293578] ? __virt_addr_valid+0x1db/0x2d0 [ 11.293601] ? krealloc_more_oob_helper+0x821/0x930 [ 11.293622] ? kasan_addr_to_slab+0x11/0xa0 [ 11.293641] ? krealloc_more_oob_helper+0x821/0x930 [ 11.293663] kasan_report+0x141/0x180 [ 11.293684] ? krealloc_more_oob_helper+0x821/0x930 [ 11.293710] __asan_report_store1_noabort+0x1b/0x30 [ 11.293729] krealloc_more_oob_helper+0x821/0x930 [ 11.293750] ? __schedule+0x10cc/0x2b60 [ 11.293771] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.293794] ? finish_task_switch.isra.0+0x153/0x700 [ 11.293815] ? __switch_to+0x47/0xf50 [ 11.293840] ? __schedule+0x10cc/0x2b60 [ 11.293859] ? __pfx_read_tsc+0x10/0x10 [ 11.293883] krealloc_large_more_oob+0x1c/0x30 [ 11.293904] kunit_try_run_case+0x1a5/0x480 [ 11.293927] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.293948] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.293969] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.293990] ? __kthread_parkme+0x82/0x180 [ 11.294011] ? preempt_count_sub+0x50/0x80 [ 11.294032] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.294054] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.294075] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.294096] kthread+0x337/0x6f0 [ 11.294114] ? trace_preempt_on+0x20/0xc0 [ 11.294149] ? __pfx_kthread+0x10/0x10 [ 11.294168] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.294200] ? calculate_sigpending+0x7b/0xa0 [ 11.294223] ? __pfx_kthread+0x10/0x10 [ 11.294243] ret_from_fork+0x116/0x1d0 [ 11.294260] ? __pfx_kthread+0x10/0x10 [ 11.294279] ret_from_fork_asm+0x1a/0x30 [ 11.294308] </TASK> [ 11.294319] [ 11.305078] The buggy address belongs to the physical page: [ 11.305371] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102aa0 [ 11.305884] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.306544] flags: 0x200000000000040(head|node=0|zone=2) [ 11.306800] page_type: f8(unknown) [ 11.306954] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.307561] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.307985] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.308552] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.309009] head: 0200000000000002 ffffea00040aa801 00000000ffffffff 00000000ffffffff [ 11.309597] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.310014] page dumped because: kasan: bad access detected [ 11.310520] [ 11.310620] Memory state around the buggy address: [ 11.310817] ffff888102aa1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.311253] ffff888102aa2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.311777] >ffff888102aa2080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 11.312075] ^ [ 11.312837] ffff888102aa2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.313280] ffff888102aa2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.313841] ================================================================== [ 11.314605] ================================================================== [ 11.314921] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 11.315364] Write of size 1 at addr ffff888102aa20f0 by task kunit_try_catch/177 [ 11.316228] [ 11.316506] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.316551] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.316563] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.316582] Call Trace: [ 11.316593] <TASK> [ 11.316608] dump_stack_lvl+0x73/0xb0 [ 11.316636] print_report+0xd1/0x650 [ 11.316657] ? __virt_addr_valid+0x1db/0x2d0 [ 11.316679] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.316702] ? kasan_addr_to_slab+0x11/0xa0 [ 11.316723] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.316747] kasan_report+0x141/0x180 [ 11.316768] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.316794] __asan_report_store1_noabort+0x1b/0x30 [ 11.316813] krealloc_more_oob_helper+0x7eb/0x930 [ 11.316834] ? __schedule+0x10cc/0x2b60 [ 11.316854] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.316877] ? finish_task_switch.isra.0+0x153/0x700 [ 11.316897] ? __switch_to+0x47/0xf50 [ 11.316920] ? __schedule+0x10cc/0x2b60 [ 11.316940] ? __pfx_read_tsc+0x10/0x10 [ 11.316962] krealloc_large_more_oob+0x1c/0x30 [ 11.316983] kunit_try_run_case+0x1a5/0x480 [ 11.317006] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.317026] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.317047] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.317069] ? __kthread_parkme+0x82/0x180 [ 11.317089] ? preempt_count_sub+0x50/0x80 [ 11.317111] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.317151] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.317173] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.317195] kthread+0x337/0x6f0 [ 11.317213] ? trace_preempt_on+0x20/0xc0 [ 11.317234] ? __pfx_kthread+0x10/0x10 [ 11.317255] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.317274] ? calculate_sigpending+0x7b/0xa0 [ 11.317296] ? __pfx_kthread+0x10/0x10 [ 11.317317] ret_from_fork+0x116/0x1d0 [ 11.317334] ? __pfx_kthread+0x10/0x10 [ 11.317353] ret_from_fork_asm+0x1a/0x30 [ 11.317381] </TASK> [ 11.317392] [ 11.328868] The buggy address belongs to the physical page: [ 11.329407] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102aa0 [ 11.329851] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.330339] flags: 0x200000000000040(head|node=0|zone=2) [ 11.330720] page_type: f8(unknown) [ 11.330891] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.331609] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.332052] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.332659] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.333096] head: 0200000000000002 ffffea00040aa801 00000000ffffffff 00000000ffffffff [ 11.333575] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.333983] page dumped because: kasan: bad access detected [ 11.334414] [ 11.334509] Memory state around the buggy address: [ 11.334750] ffff888102aa1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.335043] ffff888102aa2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.335630] >ffff888102aa2080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 11.335982] ^ [ 11.336655] ffff888102aa2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.336979] ffff888102aa2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.337448] ================================================================== [ 11.081276] ================================================================== [ 11.082970] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 11.083779] Write of size 1 at addr ffff88810295b4eb by task kunit_try_catch/173 [ 11.084024] [ 11.084118] CPU: 1 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.084172] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.084184] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.084204] Call Trace: [ 11.084215] <TASK> [ 11.084230] dump_stack_lvl+0x73/0xb0 [ 11.084320] print_report+0xd1/0x650 [ 11.084344] ? __virt_addr_valid+0x1db/0x2d0 [ 11.084515] ? krealloc_more_oob_helper+0x821/0x930 [ 11.084543] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.084741] ? krealloc_more_oob_helper+0x821/0x930 [ 11.084773] kasan_report+0x141/0x180 [ 11.084808] ? krealloc_more_oob_helper+0x821/0x930 [ 11.084835] __asan_report_store1_noabort+0x1b/0x30 [ 11.084855] krealloc_more_oob_helper+0x821/0x930 [ 11.084876] ? __schedule+0x10cc/0x2b60 [ 11.084898] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.084921] ? finish_task_switch.isra.0+0x153/0x700 [ 11.084943] ? __switch_to+0x47/0xf50 [ 11.084969] ? __schedule+0x10cc/0x2b60 [ 11.084989] ? __pfx_read_tsc+0x10/0x10 [ 11.085012] krealloc_more_oob+0x1c/0x30 [ 11.085032] kunit_try_run_case+0x1a5/0x480 [ 11.085056] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.085077] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.085099] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.085241] ? __kthread_parkme+0x82/0x180 [ 11.085268] ? preempt_count_sub+0x50/0x80 [ 11.085290] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.085312] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.085334] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.085355] kthread+0x337/0x6f0 [ 11.085373] ? trace_preempt_on+0x20/0xc0 [ 11.085395] ? __pfx_kthread+0x10/0x10 [ 11.085414] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.085433] ? calculate_sigpending+0x7b/0xa0 [ 11.085456] ? __pfx_kthread+0x10/0x10 [ 11.085476] ret_from_fork+0x116/0x1d0 [ 11.085493] ? __pfx_kthread+0x10/0x10 [ 11.085511] ret_from_fork_asm+0x1a/0x30 [ 11.085541] </TASK> [ 11.085551] [ 11.100579] Allocated by task 173: [ 11.100840] kasan_save_stack+0x45/0x70 [ 11.100986] kasan_save_track+0x18/0x40 [ 11.101116] kasan_save_alloc_info+0x3b/0x50 [ 11.101272] __kasan_krealloc+0x190/0x1f0 [ 11.101443] krealloc_noprof+0xf3/0x340 [ 11.101631] krealloc_more_oob_helper+0x1a9/0x930 [ 11.101864] krealloc_more_oob+0x1c/0x30 [ 11.102060] kunit_try_run_case+0x1a5/0x480 [ 11.102416] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.102638] kthread+0x337/0x6f0 [ 11.102756] ret_from_fork+0x116/0x1d0 [ 11.102941] ret_from_fork_asm+0x1a/0x30 [ 11.103151] [ 11.103276] The buggy address belongs to the object at ffff88810295b400 [ 11.103276] which belongs to the cache kmalloc-256 of size 256 [ 11.103762] The buggy address is located 0 bytes to the right of [ 11.103762] allocated 235-byte region [ffff88810295b400, ffff88810295b4eb) [ 11.104193] [ 11.104302] The buggy address belongs to the physical page: [ 11.104703] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10295a [ 11.105033] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.105354] flags: 0x200000000000040(head|node=0|zone=2) [ 11.105558] page_type: f5(slab) [ 11.105728] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.106119] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.106394] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.106750] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.107035] head: 0200000000000001 ffffea00040a5681 00000000ffffffff 00000000ffffffff [ 11.107266] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.107742] page dumped because: kasan: bad access detected [ 11.107959] [ 11.108056] Memory state around the buggy address: [ 11.108241] ffff88810295b380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.108450] ffff88810295b400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.108658] >ffff88810295b480: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 11.108863] ^ [ 11.109056] ffff88810295b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.109273] ffff88810295b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.109479] ================================================================== [ 11.112263] ================================================================== [ 11.112596] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 11.113146] Write of size 1 at addr ffff88810295b4f0 by task kunit_try_catch/173 [ 11.113630] [ 11.113737] CPU: 1 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.113780] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.113791] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.113811] Call Trace: [ 11.113825] <TASK> [ 11.113840] dump_stack_lvl+0x73/0xb0 [ 11.113866] print_report+0xd1/0x650 [ 11.113887] ? __virt_addr_valid+0x1db/0x2d0 [ 11.113909] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.113930] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.113951] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.113973] kasan_report+0x141/0x180 [ 11.113994] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.114022] __asan_report_store1_noabort+0x1b/0x30 [ 11.114041] krealloc_more_oob_helper+0x7eb/0x930 [ 11.114062] ? __schedule+0x10cc/0x2b60 [ 11.114082] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.114105] ? finish_task_switch.isra.0+0x153/0x700 [ 11.114144] ? __switch_to+0x47/0xf50 [ 11.114168] ? __schedule+0x10cc/0x2b60 [ 11.114189] ? __pfx_read_tsc+0x10/0x10 [ 11.114211] krealloc_more_oob+0x1c/0x30 [ 11.114231] kunit_try_run_case+0x1a5/0x480 [ 11.114254] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.114274] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.114295] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.114317] ? __kthread_parkme+0x82/0x180 [ 11.114336] ? preempt_count_sub+0x50/0x80 [ 11.114357] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.114379] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.114401] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.114423] kthread+0x337/0x6f0 [ 11.114442] ? trace_preempt_on+0x20/0xc0 [ 11.114464] ? __pfx_kthread+0x10/0x10 [ 11.114483] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.114502] ? calculate_sigpending+0x7b/0xa0 [ 11.114534] ? __pfx_kthread+0x10/0x10 [ 11.114554] ret_from_fork+0x116/0x1d0 [ 11.114571] ? __pfx_kthread+0x10/0x10 [ 11.114590] ret_from_fork_asm+0x1a/0x30 [ 11.114619] </TASK> [ 11.114629] [ 11.126689] Allocated by task 173: [ 11.126861] kasan_save_stack+0x45/0x70 [ 11.127054] kasan_save_track+0x18/0x40 [ 11.127866] kasan_save_alloc_info+0x3b/0x50 [ 11.128307] __kasan_krealloc+0x190/0x1f0 [ 11.128772] krealloc_noprof+0xf3/0x340 [ 11.129019] krealloc_more_oob_helper+0x1a9/0x930 [ 11.129448] krealloc_more_oob+0x1c/0x30 [ 11.129649] kunit_try_run_case+0x1a5/0x480 [ 11.129836] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.130070] kthread+0x337/0x6f0 [ 11.130658] ret_from_fork+0x116/0x1d0 [ 11.130919] ret_from_fork_asm+0x1a/0x30 [ 11.131335] [ 11.131719] The buggy address belongs to the object at ffff88810295b400 [ 11.131719] which belongs to the cache kmalloc-256 of size 256 [ 11.132598] The buggy address is located 5 bytes to the right of [ 11.132598] allocated 235-byte region [ffff88810295b400, ffff88810295b4eb) [ 11.133474] [ 11.133573] The buggy address belongs to the physical page: [ 11.133811] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10295a [ 11.134150] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.134742] flags: 0x200000000000040(head|node=0|zone=2) [ 11.134989] page_type: f5(slab) [ 11.135168] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.136267] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.137176] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.137679] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.137919] head: 0200000000000001 ffffea00040a5681 00000000ffffffff 00000000ffffffff [ 11.138248] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.138867] page dumped because: kasan: bad access detected [ 11.139134] [ 11.139247] Memory state around the buggy address: [ 11.139746] ffff88810295b380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.140417] ffff88810295b400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.141225] >ffff88810295b480: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 11.141913] ^ [ 11.142593] ffff88810295b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.143153] ffff88810295b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.143616] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 10.873451] ================================================================== [ 10.873990] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 10.874552] Read of size 1 at addr ffff8881019d1a7f by task kunit_try_catch/155 [ 10.874823] [ 10.874964] CPU: 1 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 10.875023] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.875034] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.875067] Call Trace: [ 10.875079] <TASK> [ 10.875112] dump_stack_lvl+0x73/0xb0 [ 10.875166] print_report+0xd1/0x650 [ 10.875465] ? __virt_addr_valid+0x1db/0x2d0 [ 10.875491] ? kmalloc_oob_left+0x361/0x3c0 [ 10.875511] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.875531] ? kmalloc_oob_left+0x361/0x3c0 [ 10.875551] kasan_report+0x141/0x180 [ 10.875571] ? kmalloc_oob_left+0x361/0x3c0 [ 10.875595] __asan_report_load1_noabort+0x18/0x20 [ 10.875618] kmalloc_oob_left+0x361/0x3c0 [ 10.875638] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 10.875659] ? __schedule+0x10cc/0x2b60 [ 10.875680] ? __pfx_read_tsc+0x10/0x10 [ 10.875700] ? ktime_get_ts64+0x86/0x230 [ 10.875724] kunit_try_run_case+0x1a5/0x480 [ 10.875748] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.875768] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.875789] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.875810] ? __kthread_parkme+0x82/0x180 [ 10.875830] ? preempt_count_sub+0x50/0x80 [ 10.875852] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.875874] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.875895] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.875916] kthread+0x337/0x6f0 [ 10.875934] ? trace_preempt_on+0x20/0xc0 [ 10.875956] ? __pfx_kthread+0x10/0x10 [ 10.875975] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.875994] ? calculate_sigpending+0x7b/0xa0 [ 10.876016] ? __pfx_kthread+0x10/0x10 [ 10.876036] ret_from_fork+0x116/0x1d0 [ 10.876053] ? __pfx_kthread+0x10/0x10 [ 10.876072] ret_from_fork_asm+0x1a/0x30 [ 10.876100] </TASK> [ 10.876111] [ 10.886808] Allocated by task 1: [ 10.886963] kasan_save_stack+0x45/0x70 [ 10.887138] kasan_save_track+0x18/0x40 [ 10.887676] kasan_save_alloc_info+0x3b/0x50 [ 10.887965] __kasan_kmalloc+0xb7/0xc0 [ 10.888157] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 10.888632] kvasprintf+0xc5/0x150 [ 10.888897] __kthread_create_on_node+0x18b/0x3a0 [ 10.889100] kthread_create_on_node+0xab/0xe0 [ 10.889484] create_worker+0x3e5/0x7b0 [ 10.889681] alloc_unbound_pwq+0x8ea/0xdb0 [ 10.890115] apply_wqattrs_prepare+0x332/0xd20 [ 10.890380] apply_workqueue_attrs_locked+0x4d/0xa0 [ 10.891004] alloc_workqueue+0xcc7/0x1ad0 [ 10.891517] latency_fsnotify_init+0x1b/0x50 [ 10.891854] do_one_initcall+0xd8/0x370 [ 10.891994] kernel_init_freeable+0x420/0x6f0 [ 10.892162] kernel_init+0x23/0x1e0 [ 10.892374] ret_from_fork+0x116/0x1d0 [ 10.892781] ret_from_fork_asm+0x1a/0x30 [ 10.893305] [ 10.893490] The buggy address belongs to the object at ffff8881019d1a60 [ 10.893490] which belongs to the cache kmalloc-16 of size 16 [ 10.894762] The buggy address is located 18 bytes to the right of [ 10.894762] allocated 13-byte region [ffff8881019d1a60, ffff8881019d1a6d) [ 10.895902] [ 10.895980] The buggy address belongs to the physical page: [ 10.896187] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1019d1 [ 10.897041] flags: 0x200000000000000(node=0|zone=2) [ 10.897620] page_type: f5(slab) [ 10.897987] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 10.898817] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 10.899478] page dumped because: kasan: bad access detected [ 10.899658] [ 10.899729] Memory state around the buggy address: [ 10.899886] ffff8881019d1900: 00 03 fc fc fa fb fc fc 00 02 fc fc 00 05 fc fc [ 10.900105] ffff8881019d1980: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 10.900423] >ffff8881019d1a00: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 10.900767] ^ [ 10.901002] ffff8881019d1a80: 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.901454] ffff8881019d1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.901998] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 10.826760] ================================================================== [ 10.827474] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 10.827741] Write of size 1 at addr ffff888103173c78 by task kunit_try_catch/153 [ 10.828404] [ 10.828574] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 10.828616] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.828635] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.828655] Call Trace: [ 10.828672] <TASK> [ 10.828688] dump_stack_lvl+0x73/0xb0 [ 10.828713] print_report+0xd1/0x650 [ 10.828735] ? __virt_addr_valid+0x1db/0x2d0 [ 10.828758] ? kmalloc_oob_right+0x6bd/0x7f0 [ 10.828777] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.828798] ? kmalloc_oob_right+0x6bd/0x7f0 [ 10.828819] kasan_report+0x141/0x180 [ 10.828839] ? kmalloc_oob_right+0x6bd/0x7f0 [ 10.828864] __asan_report_store1_noabort+0x1b/0x30 [ 10.828883] kmalloc_oob_right+0x6bd/0x7f0 [ 10.828904] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.828926] ? __schedule+0x10cc/0x2b60 [ 10.828946] ? __pfx_read_tsc+0x10/0x10 [ 10.828966] ? ktime_get_ts64+0x86/0x230 [ 10.828989] kunit_try_run_case+0x1a5/0x480 [ 10.829013] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.829033] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.829056] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.829077] ? __kthread_parkme+0x82/0x180 [ 10.829097] ? preempt_count_sub+0x50/0x80 [ 10.829131] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.829153] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.829175] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.829197] kthread+0x337/0x6f0 [ 10.829215] ? trace_preempt_on+0x20/0xc0 [ 10.829237] ? __pfx_kthread+0x10/0x10 [ 10.829257] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.829276] ? calculate_sigpending+0x7b/0xa0 [ 10.829299] ? __pfx_kthread+0x10/0x10 [ 10.829319] ret_from_fork+0x116/0x1d0 [ 10.829336] ? __pfx_kthread+0x10/0x10 [ 10.829356] ret_from_fork_asm+0x1a/0x30 [ 10.829386] </TASK> [ 10.829396] [ 10.836518] Allocated by task 153: [ 10.836665] kasan_save_stack+0x45/0x70 [ 10.836909] kasan_save_track+0x18/0x40 [ 10.837093] kasan_save_alloc_info+0x3b/0x50 [ 10.837340] __kasan_kmalloc+0xb7/0xc0 [ 10.837474] __kmalloc_cache_noprof+0x189/0x420 [ 10.837629] kmalloc_oob_right+0xa9/0x7f0 [ 10.837926] kunit_try_run_case+0x1a5/0x480 [ 10.838151] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.838496] kthread+0x337/0x6f0 [ 10.838723] ret_from_fork+0x116/0x1d0 [ 10.838908] ret_from_fork_asm+0x1a/0x30 [ 10.839105] [ 10.839226] The buggy address belongs to the object at ffff888103173c00 [ 10.839226] which belongs to the cache kmalloc-128 of size 128 [ 10.839626] The buggy address is located 5 bytes to the right of [ 10.839626] allocated 115-byte region [ffff888103173c00, ffff888103173c73) [ 10.840091] [ 10.840171] The buggy address belongs to the physical page: [ 10.840568] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103173 [ 10.841730] flags: 0x200000000000000(node=0|zone=2) [ 10.841944] page_type: f5(slab) [ 10.842087] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.842376] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.842607] page dumped because: kasan: bad access detected [ 10.842779] [ 10.842848] Memory state around the buggy address: [ 10.843005] ffff888103173b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.843596] ffff888103173b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.844272] >ffff888103173c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 10.844885] ^ [ 10.845175] ffff888103173c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.845390] ffff888103173d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.845695] ================================================================== [ 10.846689] ================================================================== [ 10.847278] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 10.847571] Read of size 1 at addr ffff888103173c80 by task kunit_try_catch/153 [ 10.848070] [ 10.848187] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 10.848226] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.848257] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.848278] Call Trace: [ 10.848303] <TASK> [ 10.848315] dump_stack_lvl+0x73/0xb0 [ 10.848354] print_report+0xd1/0x650 [ 10.848375] ? __virt_addr_valid+0x1db/0x2d0 [ 10.848397] ? kmalloc_oob_right+0x68a/0x7f0 [ 10.848430] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.848451] ? kmalloc_oob_right+0x68a/0x7f0 [ 10.848485] kasan_report+0x141/0x180 [ 10.848519] ? kmalloc_oob_right+0x68a/0x7f0 [ 10.848557] __asan_report_load1_noabort+0x18/0x20 [ 10.848580] kmalloc_oob_right+0x68a/0x7f0 [ 10.848601] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.848622] ? __schedule+0x10cc/0x2b60 [ 10.848643] ? __pfx_read_tsc+0x10/0x10 [ 10.848662] ? ktime_get_ts64+0x86/0x230 [ 10.848685] kunit_try_run_case+0x1a5/0x480 [ 10.848708] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.848728] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.848750] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.848771] ? __kthread_parkme+0x82/0x180 [ 10.849577] ? preempt_count_sub+0x50/0x80 [ 10.849614] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.849739] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.849763] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.849785] kthread+0x337/0x6f0 [ 10.849803] ? trace_preempt_on+0x20/0xc0 [ 10.849825] ? __pfx_kthread+0x10/0x10 [ 10.849845] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.849865] ? calculate_sigpending+0x7b/0xa0 [ 10.849887] ? __pfx_kthread+0x10/0x10 [ 10.849909] ret_from_fork+0x116/0x1d0 [ 10.849927] ? __pfx_kthread+0x10/0x10 [ 10.849946] ret_from_fork_asm+0x1a/0x30 [ 10.849974] </TASK> [ 10.849985] [ 10.861604] Allocated by task 153: [ 10.861768] kasan_save_stack+0x45/0x70 [ 10.862025] kasan_save_track+0x18/0x40 [ 10.862330] kasan_save_alloc_info+0x3b/0x50 [ 10.862527] __kasan_kmalloc+0xb7/0xc0 [ 10.862712] __kmalloc_cache_noprof+0x189/0x420 [ 10.862926] kmalloc_oob_right+0xa9/0x7f0 [ 10.863110] kunit_try_run_case+0x1a5/0x480 [ 10.863420] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.863606] kthread+0x337/0x6f0 [ 10.863775] ret_from_fork+0x116/0x1d0 [ 10.864007] ret_from_fork_asm+0x1a/0x30 [ 10.864245] [ 10.864318] The buggy address belongs to the object at ffff888103173c00 [ 10.864318] which belongs to the cache kmalloc-128 of size 128 [ 10.864790] The buggy address is located 13 bytes to the right of [ 10.864790] allocated 115-byte region [ffff888103173c00, ffff888103173c73) [ 10.865434] [ 10.865531] The buggy address belongs to the physical page: [ 10.865918] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103173 [ 10.866422] flags: 0x200000000000000(node=0|zone=2) [ 10.866650] page_type: f5(slab) [ 10.866804] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.867195] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.867454] page dumped because: kasan: bad access detected [ 10.867708] [ 10.867803] Memory state around the buggy address: [ 10.868035] ffff888103173b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.868412] ffff888103173c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 10.868681] >ffff888103173c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.869044] ^ [ 10.869292] ffff888103173d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.869562] ffff888103173d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.869881] ================================================================== [ 10.790248] ================================================================== [ 10.791390] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 10.792393] Write of size 1 at addr ffff888103173c73 by task kunit_try_catch/153 [ 10.793214] [ 10.794183] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 10.794539] Tainted: [N]=TEST [ 10.794571] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.794784] Call Trace: [ 10.794848] <TASK> [ 10.794995] dump_stack_lvl+0x73/0xb0 [ 10.795079] print_report+0xd1/0x650 [ 10.795108] ? __virt_addr_valid+0x1db/0x2d0 [ 10.795147] ? kmalloc_oob_right+0x6f0/0x7f0 [ 10.795167] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.795188] ? kmalloc_oob_right+0x6f0/0x7f0 [ 10.795209] kasan_report+0x141/0x180 [ 10.795230] ? kmalloc_oob_right+0x6f0/0x7f0 [ 10.795255] __asan_report_store1_noabort+0x1b/0x30 [ 10.795275] kmalloc_oob_right+0x6f0/0x7f0 [ 10.795296] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.795320] ? __schedule+0x10cc/0x2b60 [ 10.795343] ? __pfx_read_tsc+0x10/0x10 [ 10.795365] ? ktime_get_ts64+0x86/0x230 [ 10.795390] kunit_try_run_case+0x1a5/0x480 [ 10.795416] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.795437] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.795460] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.795481] ? __kthread_parkme+0x82/0x180 [ 10.795502] ? preempt_count_sub+0x50/0x80 [ 10.795526] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.795548] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.795570] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.795592] kthread+0x337/0x6f0 [ 10.795610] ? trace_preempt_on+0x20/0xc0 [ 10.795633] ? __pfx_kthread+0x10/0x10 [ 10.795653] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.795672] ? calculate_sigpending+0x7b/0xa0 [ 10.795696] ? __pfx_kthread+0x10/0x10 [ 10.795716] ret_from_fork+0x116/0x1d0 [ 10.795734] ? __pfx_kthread+0x10/0x10 [ 10.795753] ret_from_fork_asm+0x1a/0x30 [ 10.795810] </TASK> [ 10.795873] [ 10.808485] Allocated by task 153: [ 10.808985] kasan_save_stack+0x45/0x70 [ 10.809336] kasan_save_track+0x18/0x40 [ 10.809728] kasan_save_alloc_info+0x3b/0x50 [ 10.810022] __kasan_kmalloc+0xb7/0xc0 [ 10.810450] __kmalloc_cache_noprof+0x189/0x420 [ 10.810748] kmalloc_oob_right+0xa9/0x7f0 [ 10.810938] kunit_try_run_case+0x1a5/0x480 [ 10.811390] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.811973] kthread+0x337/0x6f0 [ 10.812345] ret_from_fork+0x116/0x1d0 [ 10.812731] ret_from_fork_asm+0x1a/0x30 [ 10.813095] [ 10.813290] The buggy address belongs to the object at ffff888103173c00 [ 10.813290] which belongs to the cache kmalloc-128 of size 128 [ 10.814531] The buggy address is located 0 bytes to the right of [ 10.814531] allocated 115-byte region [ffff888103173c00, ffff888103173c73) [ 10.815597] [ 10.815831] The buggy address belongs to the physical page: [ 10.816402] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103173 [ 10.817383] flags: 0x200000000000000(node=0|zone=2) [ 10.818151] page_type: f5(slab) [ 10.818587] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.818835] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.819150] page dumped because: kasan: bad access detected [ 10.819694] [ 10.819933] Memory state around the buggy address: [ 10.820671] ffff888103173b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.821347] ffff888103173b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.822107] >ffff888103173c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 10.822887] ^ [ 10.823658] ffff888103173c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.824389] ffff888103173d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.825016] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 138.517840] WARNING: CPU: 0 PID: 2766 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 138.518242] Modules linked in: [ 138.518522] CPU: 0 UID: 0 PID: 2766 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 138.518955] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 138.519212] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 138.519658] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 138.519895] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 00 ce 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 138.520762] RSP: 0000:ffff8881085c7c78 EFLAGS: 00010286 [ 138.521043] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 138.521596] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff9ea32794 [ 138.521920] RBP: ffff8881085c7ca0 R08: 0000000000000000 R09: ffffed1020e091e0 [ 138.522227] R10: ffff888107048f07 R11: 0000000000000000 R12: ffffffff9ea32780 [ 138.522677] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881085c7d38 [ 138.522967] FS: 0000000000000000(0000) GS:ffff8881ba674000(0000) knlGS:0000000000000000 [ 138.523436] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.523673] CR2: 00007ffff7ffe000 CR3: 00000000218bc000 CR4: 00000000000006f0 [ 138.523948] DR0: ffffffffa0a50440 DR1: ffffffffa0a50441 DR2: ffffffffa0a50443 [ 138.524383] DR3: ffffffffa0a50445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 138.524675] Call Trace: [ 138.524814] <TASK> [ 138.524964] drm_test_rect_calc_vscale+0x108/0x270 [ 138.525236] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 138.525677] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 138.525937] ? trace_hardirqs_on+0x37/0xe0 [ 138.526186] ? __pfx_read_tsc+0x10/0x10 [ 138.526511] ? ktime_get_ts64+0x86/0x230 [ 138.526704] kunit_try_run_case+0x1a5/0x480 [ 138.526895] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.527172] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 138.527376] ? __kthread_parkme+0x82/0x180 [ 138.527556] ? preempt_count_sub+0x50/0x80 [ 138.527804] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.528104] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 138.528461] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 138.528739] kthread+0x337/0x6f0 [ 138.528896] ? trace_preempt_on+0x20/0xc0 [ 138.529148] ? __pfx_kthread+0x10/0x10 [ 138.529543] ? _raw_spin_unlock_irq+0x47/0x80 [ 138.529783] ? calculate_sigpending+0x7b/0xa0 [ 138.529982] ? __pfx_kthread+0x10/0x10 [ 138.530215] ret_from_fork+0x116/0x1d0 [ 138.530565] ? __pfx_kthread+0x10/0x10 [ 138.530800] ret_from_fork_asm+0x1a/0x30 [ 138.530973] </TASK> [ 138.531161] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 138.492948] WARNING: CPU: 1 PID: 2764 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 138.493966] Modules linked in: [ 138.494409] CPU: 1 UID: 0 PID: 2764 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 138.495368] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 138.495920] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 138.496278] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 138.497029] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 00 ce 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 138.498597] RSP: 0000:ffff8881087bfc78 EFLAGS: 00010286 [ 138.498798] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 138.499013] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff9ea3275c [ 138.499265] RBP: ffff8881087bfca0 R08: 0000000000000000 R09: ffffed1020e091c0 [ 138.499656] R10: ffff888107048e07 R11: 0000000000000000 R12: ffffffff9ea32748 [ 138.499934] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881087bfd38 [ 138.500267] FS: 0000000000000000(0000) GS:ffff8881ba774000(0000) knlGS:0000000000000000 [ 138.500860] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.501127] CR2: 00007ffff7ffe000 CR3: 00000000218bc000 CR4: 00000000000006f0 [ 138.501474] DR0: ffffffffa0a50444 DR1: ffffffffa0a50449 DR2: ffffffffa0a5044a [ 138.501758] DR3: ffffffffa0a5044b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 138.502035] Call Trace: [ 138.502260] <TASK> [ 138.502960] drm_test_rect_calc_vscale+0x108/0x270 [ 138.503455] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 138.503911] ? __schedule+0x10cc/0x2b60 [ 138.504489] ? __pfx_read_tsc+0x10/0x10 [ 138.504700] ? ktime_get_ts64+0x86/0x230 [ 138.504892] kunit_try_run_case+0x1a5/0x480 [ 138.505106] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.505675] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 138.506007] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 138.506690] ? __kthread_parkme+0x82/0x180 [ 138.506966] ? preempt_count_sub+0x50/0x80 [ 138.507461] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.507706] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 138.507945] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 138.508710] kthread+0x337/0x6f0 [ 138.508954] ? trace_preempt_on+0x20/0xc0 [ 138.509268] ? __pfx_kthread+0x10/0x10 [ 138.509679] ? _raw_spin_unlock_irq+0x47/0x80 [ 138.510109] ? calculate_sigpending+0x7b/0xa0 [ 138.510551] ? __pfx_kthread+0x10/0x10 [ 138.510755] ret_from_fork+0x116/0x1d0 [ 138.510937] ? __pfx_kthread+0x10/0x10 [ 138.511423] ret_from_fork_asm+0x1a/0x30 [ 138.511835] </TASK> [ 138.512076] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 138.443321] WARNING: CPU: 0 PID: 2752 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 138.444576] Modules linked in: [ 138.445031] CPU: 0 UID: 0 PID: 2752 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 138.446216] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 138.446886] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 138.447366] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 138.448029] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 138.449714] RSP: 0000:ffff888107db7c78 EFLAGS: 00010286 [ 138.449913] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 138.450339] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff9ea32760 [ 138.450970] RBP: ffff888107db7ca0 R08: 0000000000000000 R09: ffffed1020a71800 [ 138.451524] R10: ffff88810538c007 R11: 0000000000000000 R12: ffffffff9ea32748 [ 138.451813] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888107db7d38 [ 138.452147] FS: 0000000000000000(0000) GS:ffff8881ba674000(0000) knlGS:0000000000000000 [ 138.452538] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.453049] CR2: 00007ffff7ffe000 CR3: 00000000218bc000 CR4: 00000000000006f0 [ 138.453546] DR0: ffffffffa0a50440 DR1: ffffffffa0a50441 DR2: ffffffffa0a50443 [ 138.453873] DR3: ffffffffa0a50445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 138.454187] Call Trace: [ 138.454371] <TASK> [ 138.454646] drm_test_rect_calc_hscale+0x108/0x270 [ 138.454934] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 138.455270] ? __schedule+0x10cc/0x2b60 [ 138.455574] ? __pfx_read_tsc+0x10/0x10 [ 138.455794] ? ktime_get_ts64+0x86/0x230 [ 138.456007] kunit_try_run_case+0x1a5/0x480 [ 138.456234] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.456477] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 138.456831] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 138.457048] ? __kthread_parkme+0x82/0x180 [ 138.457572] ? preempt_count_sub+0x50/0x80 [ 138.457802] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.458000] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 138.458303] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 138.458786] kthread+0x337/0x6f0 [ 138.459014] ? trace_preempt_on+0x20/0xc0 [ 138.459297] ? __pfx_kthread+0x10/0x10 [ 138.459501] ? _raw_spin_unlock_irq+0x47/0x80 [ 138.459764] ? calculate_sigpending+0x7b/0xa0 [ 138.460015] ? __pfx_kthread+0x10/0x10 [ 138.460235] ret_from_fork+0x116/0x1d0 [ 138.460433] ? __pfx_kthread+0x10/0x10 [ 138.460671] ret_from_fork_asm+0x1a/0x30 [ 138.460908] </TASK> [ 138.461039] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 138.464669] WARNING: CPU: 0 PID: 2754 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 138.465105] Modules linked in: [ 138.465308] CPU: 0 UID: 0 PID: 2754 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 138.465895] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 138.466160] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 138.466744] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 138.467012] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 138.467951] RSP: 0000:ffff88810871fc78 EFLAGS: 00010286 [ 138.468220] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 138.468726] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff9ea32798 [ 138.469062] RBP: ffff88810871fca0 R08: 0000000000000000 R09: ffffed1020e09120 [ 138.469480] R10: ffff888107048907 R11: 0000000000000000 R12: ffffffff9ea32780 [ 138.469807] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810871fd38 [ 138.470094] FS: 0000000000000000(0000) GS:ffff8881ba674000(0000) knlGS:0000000000000000 [ 138.470569] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.470824] CR2: 00007ffff7ffe000 CR3: 00000000218bc000 CR4: 00000000000006f0 [ 138.471152] DR0: ffffffffa0a50440 DR1: ffffffffa0a50441 DR2: ffffffffa0a50443 [ 138.471589] DR3: ffffffffa0a50445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 138.471950] Call Trace: [ 138.472082] <TASK> [ 138.472221] drm_test_rect_calc_hscale+0x108/0x270 [ 138.472668] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 138.472915] ? __schedule+0x10cc/0x2b60 [ 138.473143] ? __pfx_read_tsc+0x10/0x10 [ 138.473369] ? ktime_get_ts64+0x86/0x230 [ 138.473553] kunit_try_run_case+0x1a5/0x480 [ 138.473827] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.474056] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 138.474337] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 138.474590] ? __kthread_parkme+0x82/0x180 [ 138.474851] ? preempt_count_sub+0x50/0x80 [ 138.475065] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.475418] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 138.475685] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 138.475951] kthread+0x337/0x6f0 [ 138.476154] ? trace_preempt_on+0x20/0xc0 [ 138.476582] ? __pfx_kthread+0x10/0x10 [ 138.476794] ? _raw_spin_unlock_irq+0x47/0x80 [ 138.477045] ? calculate_sigpending+0x7b/0xa0 [ 138.477259] ? __pfx_kthread+0x10/0x10 [ 138.477484] ret_from_fork+0x116/0x1d0 [ 138.477707] ? __pfx_kthread+0x10/0x10 [ 138.477878] ret_from_fork_asm+0x1a/0x30 [ 138.478101] </TASK> [ 138.478253] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 15.577873] ================================================================== [ 15.578432] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 15.579254] Write of size 121 at addr ffff8881039bf700 by task kunit_try_catch/303 [ 15.580066] [ 15.580320] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.580371] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.580385] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.580410] Call Trace: [ 15.580424] <TASK> [ 15.580445] dump_stack_lvl+0x73/0xb0 [ 15.580476] print_report+0xd1/0x650 [ 15.580503] ? __virt_addr_valid+0x1db/0x2d0 [ 15.580528] ? _copy_from_user+0x32/0x90 [ 15.580548] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.580572] ? _copy_from_user+0x32/0x90 [ 15.580592] kasan_report+0x141/0x180 [ 15.580615] ? _copy_from_user+0x32/0x90 [ 15.580639] kasan_check_range+0x10c/0x1c0 [ 15.580665] __kasan_check_write+0x18/0x20 [ 15.580686] _copy_from_user+0x32/0x90 [ 15.580707] copy_user_test_oob+0x2be/0x10f0 [ 15.580734] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.580758] ? finish_task_switch.isra.0+0x153/0x700 [ 15.580782] ? __switch_to+0x47/0xf50 [ 15.580810] ? __schedule+0x10cc/0x2b60 [ 15.580833] ? __pfx_read_tsc+0x10/0x10 [ 15.580855] ? ktime_get_ts64+0x86/0x230 [ 15.580882] kunit_try_run_case+0x1a5/0x480 [ 15.580905] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.580930] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.580954] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.580977] ? __kthread_parkme+0x82/0x180 [ 15.581000] ? preempt_count_sub+0x50/0x80 [ 15.581024] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.581048] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.581072] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.581096] kthread+0x337/0x6f0 [ 15.581117] ? trace_preempt_on+0x20/0xc0 [ 15.581173] ? __pfx_kthread+0x10/0x10 [ 15.581194] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.581216] ? calculate_sigpending+0x7b/0xa0 [ 15.581241] ? __pfx_kthread+0x10/0x10 [ 15.581263] ret_from_fork+0x116/0x1d0 [ 15.581283] ? __pfx_kthread+0x10/0x10 [ 15.581304] ret_from_fork_asm+0x1a/0x30 [ 15.581335] </TASK> [ 15.581349] [ 15.589155] Allocated by task 303: [ 15.589378] kasan_save_stack+0x45/0x70 [ 15.589563] kasan_save_track+0x18/0x40 [ 15.589750] kasan_save_alloc_info+0x3b/0x50 [ 15.589902] __kasan_kmalloc+0xb7/0xc0 [ 15.590110] __kmalloc_noprof+0x1c9/0x500 [ 15.590545] kunit_kmalloc_array+0x25/0x60 [ 15.590750] copy_user_test_oob+0xab/0x10f0 [ 15.590939] kunit_try_run_case+0x1a5/0x480 [ 15.591178] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.591481] kthread+0x337/0x6f0 [ 15.591651] ret_from_fork+0x116/0x1d0 [ 15.591866] ret_from_fork_asm+0x1a/0x30 [ 15.592048] [ 15.592173] The buggy address belongs to the object at ffff8881039bf700 [ 15.592173] which belongs to the cache kmalloc-128 of size 128 [ 15.592642] The buggy address is located 0 bytes inside of [ 15.592642] allocated 120-byte region [ffff8881039bf700, ffff8881039bf778) [ 15.593219] [ 15.593330] The buggy address belongs to the physical page: [ 15.593567] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bf [ 15.593951] flags: 0x200000000000000(node=0|zone=2) [ 15.594281] page_type: f5(slab) [ 15.594411] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.594751] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.595032] page dumped because: kasan: bad access detected [ 15.595220] [ 15.595292] Memory state around the buggy address: [ 15.595453] ffff8881039bf600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.595743] ffff8881039bf680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.596487] >ffff8881039bf700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.596714] ^ [ 15.596930] ffff8881039bf780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.597160] ffff8881039bf800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.597378] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 15.507589] ================================================================== [ 15.508041] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 15.508327] Read of size 8 at addr ffff8881039bf678 by task kunit_try_catch/299 [ 15.509119] [ 15.509503] CPU: 1 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.509658] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.509677] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.509702] Call Trace: [ 15.509717] <TASK> [ 15.509736] dump_stack_lvl+0x73/0xb0 [ 15.509768] print_report+0xd1/0x650 [ 15.509794] ? __virt_addr_valid+0x1db/0x2d0 [ 15.509818] ? copy_to_kernel_nofault+0x225/0x260 [ 15.509842] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.509864] ? copy_to_kernel_nofault+0x225/0x260 [ 15.509888] kasan_report+0x141/0x180 [ 15.509912] ? copy_to_kernel_nofault+0x225/0x260 [ 15.509941] __asan_report_load8_noabort+0x18/0x20 [ 15.509967] copy_to_kernel_nofault+0x225/0x260 [ 15.509993] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 15.510017] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 15.510040] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 15.510066] ? trace_hardirqs_on+0x37/0xe0 [ 15.510097] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 15.510138] kunit_try_run_case+0x1a5/0x480 [ 15.510165] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.510187] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.510211] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.510234] ? __kthread_parkme+0x82/0x180 [ 15.510256] ? preempt_count_sub+0x50/0x80 [ 15.510280] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.510322] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.510346] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.510370] kthread+0x337/0x6f0 [ 15.510390] ? trace_preempt_on+0x20/0xc0 [ 15.510413] ? __pfx_kthread+0x10/0x10 [ 15.510435] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.510457] ? calculate_sigpending+0x7b/0xa0 [ 15.510481] ? __pfx_kthread+0x10/0x10 [ 15.510503] ret_from_fork+0x116/0x1d0 [ 15.510526] ? __pfx_kthread+0x10/0x10 [ 15.510547] ret_from_fork_asm+0x1a/0x30 [ 15.510578] </TASK> [ 15.510591] [ 15.521581] Allocated by task 299: [ 15.521777] kasan_save_stack+0x45/0x70 [ 15.521959] kasan_save_track+0x18/0x40 [ 15.522354] kasan_save_alloc_info+0x3b/0x50 [ 15.522745] __kasan_kmalloc+0xb7/0xc0 [ 15.522959] __kmalloc_cache_noprof+0x189/0x420 [ 15.523378] copy_to_kernel_nofault_oob+0x12f/0x560 [ 15.523570] kunit_try_run_case+0x1a5/0x480 [ 15.523804] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.524182] kthread+0x337/0x6f0 [ 15.524395] ret_from_fork+0x116/0x1d0 [ 15.524656] ret_from_fork_asm+0x1a/0x30 [ 15.524848] [ 15.525149] The buggy address belongs to the object at ffff8881039bf600 [ 15.525149] which belongs to the cache kmalloc-128 of size 128 [ 15.525956] The buggy address is located 0 bytes to the right of [ 15.525956] allocated 120-byte region [ffff8881039bf600, ffff8881039bf678) [ 15.526683] [ 15.526923] The buggy address belongs to the physical page: [ 15.527338] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bf [ 15.527641] flags: 0x200000000000000(node=0|zone=2) [ 15.528192] page_type: f5(slab) [ 15.528341] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.528681] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.529075] page dumped because: kasan: bad access detected [ 15.529570] [ 15.529655] Memory state around the buggy address: [ 15.530019] ffff8881039bf500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.530500] ffff8881039bf580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.530841] >ffff8881039bf600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.531289] ^ [ 15.531767] ffff8881039bf680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.532276] ffff8881039bf700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.532633] ================================================================== [ 15.533490] ================================================================== [ 15.534413] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 15.534670] Write of size 8 at addr ffff8881039bf678 by task kunit_try_catch/299 [ 15.535030] [ 15.535357] CPU: 1 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.535405] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.535418] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.535440] Call Trace: [ 15.535453] <TASK> [ 15.535469] dump_stack_lvl+0x73/0xb0 [ 15.535498] print_report+0xd1/0x650 [ 15.535522] ? __virt_addr_valid+0x1db/0x2d0 [ 15.535780] ? copy_to_kernel_nofault+0x99/0x260 [ 15.535805] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.535828] ? copy_to_kernel_nofault+0x99/0x260 [ 15.535852] kasan_report+0x141/0x180 [ 15.535876] ? copy_to_kernel_nofault+0x99/0x260 [ 15.535905] kasan_check_range+0x10c/0x1c0 [ 15.535930] __kasan_check_write+0x18/0x20 [ 15.535950] copy_to_kernel_nofault+0x99/0x260 [ 15.535975] copy_to_kernel_nofault_oob+0x288/0x560 [ 15.535999] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 15.536024] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 15.536049] ? trace_hardirqs_on+0x37/0xe0 [ 15.536081] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 15.536109] kunit_try_run_case+0x1a5/0x480 [ 15.536148] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.536171] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.536195] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.536219] ? __kthread_parkme+0x82/0x180 [ 15.536241] ? preempt_count_sub+0x50/0x80 [ 15.536266] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.536289] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.536312] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.536338] kthread+0x337/0x6f0 [ 15.536358] ? trace_preempt_on+0x20/0xc0 [ 15.536381] ? __pfx_kthread+0x10/0x10 [ 15.536402] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.536423] ? calculate_sigpending+0x7b/0xa0 [ 15.536448] ? __pfx_kthread+0x10/0x10 [ 15.536470] ret_from_fork+0x116/0x1d0 [ 15.536489] ? __pfx_kthread+0x10/0x10 [ 15.536510] ret_from_fork_asm+0x1a/0x30 [ 15.536541] </TASK> [ 15.536553] [ 15.547738] Allocated by task 299: [ 15.548483] kasan_save_stack+0x45/0x70 [ 15.549148] kasan_save_track+0x18/0x40 [ 15.550042] kasan_save_alloc_info+0x3b/0x50 [ 15.550903] __kasan_kmalloc+0xb7/0xc0 [ 15.551822] __kmalloc_cache_noprof+0x189/0x420 [ 15.552483] copy_to_kernel_nofault_oob+0x12f/0x560 [ 15.553378] kunit_try_run_case+0x1a5/0x480 [ 15.553781] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.554596] kthread+0x337/0x6f0 [ 15.554926] ret_from_fork+0x116/0x1d0 [ 15.555425] ret_from_fork_asm+0x1a/0x30 [ 15.555849] [ 15.556062] The buggy address belongs to the object at ffff8881039bf600 [ 15.556062] which belongs to the cache kmalloc-128 of size 128 [ 15.556928] The buggy address is located 0 bytes to the right of [ 15.556928] allocated 120-byte region [ffff8881039bf600, ffff8881039bf678) [ 15.557901] [ 15.558067] The buggy address belongs to the physical page: [ 15.558854] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bf [ 15.559280] flags: 0x200000000000000(node=0|zone=2) [ 15.559811] page_type: f5(slab) [ 15.560098] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.560520] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.560756] page dumped because: kasan: bad access detected [ 15.560929] [ 15.561001] Memory state around the buggy address: [ 15.561172] ffff8881039bf500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.561922] ffff8881039bf580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.562668] >ffff8881039bf600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.563380] ^ [ 15.564042] ffff8881039bf680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.564927] ffff8881039bf700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.565711] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 14.605220] ================================================================== [ 14.605919] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 14.606321] Read of size 4 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 14.606797] [ 14.606928] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.606970] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.606982] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.607034] Call Trace: [ 14.607050] <TASK> [ 14.607078] dump_stack_lvl+0x73/0xb0 [ 14.607118] print_report+0xd1/0x650 [ 14.607153] ? __virt_addr_valid+0x1db/0x2d0 [ 14.607178] ? kasan_atomics_helper+0x4a36/0x5450 [ 14.607200] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.607222] ? kasan_atomics_helper+0x4a36/0x5450 [ 14.607244] kasan_report+0x141/0x180 [ 14.607267] ? kasan_atomics_helper+0x4a36/0x5450 [ 14.607294] __asan_report_load4_noabort+0x18/0x20 [ 14.607319] kasan_atomics_helper+0x4a36/0x5450 [ 14.607342] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.607364] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.607438] ? kasan_atomics+0x152/0x310 [ 14.607465] kasan_atomics+0x1dc/0x310 [ 14.607490] ? __pfx_kasan_atomics+0x10/0x10 [ 14.607514] ? __pfx_read_tsc+0x10/0x10 [ 14.607535] ? ktime_get_ts64+0x86/0x230 [ 14.607561] kunit_try_run_case+0x1a5/0x480 [ 14.607585] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.607607] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.607671] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.607695] ? __kthread_parkme+0x82/0x180 [ 14.607745] ? preempt_count_sub+0x50/0x80 [ 14.607770] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.607794] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.607829] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.607853] kthread+0x337/0x6f0 [ 14.607874] ? trace_preempt_on+0x20/0xc0 [ 14.607898] ? __pfx_kthread+0x10/0x10 [ 14.607918] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.607940] ? calculate_sigpending+0x7b/0xa0 [ 14.607966] ? __pfx_kthread+0x10/0x10 [ 14.607989] ret_from_fork+0x116/0x1d0 [ 14.608009] ? __pfx_kthread+0x10/0x10 [ 14.608030] ret_from_fork_asm+0x1a/0x30 [ 14.608061] </TASK> [ 14.608073] [ 14.617064] Allocated by task 282: [ 14.617300] kasan_save_stack+0x45/0x70 [ 14.617586] kasan_save_track+0x18/0x40 [ 14.617826] kasan_save_alloc_info+0x3b/0x50 [ 14.617981] __kasan_kmalloc+0xb7/0xc0 [ 14.618179] __kmalloc_cache_noprof+0x189/0x420 [ 14.618451] kasan_atomics+0x95/0x310 [ 14.618596] kunit_try_run_case+0x1a5/0x480 [ 14.618744] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.618999] kthread+0x337/0x6f0 [ 14.619350] ret_from_fork+0x116/0x1d0 [ 14.619624] ret_from_fork_asm+0x1a/0x30 [ 14.619867] [ 14.620006] The buggy address belongs to the object at ffff8881039c5a00 [ 14.620006] which belongs to the cache kmalloc-64 of size 64 [ 14.620788] The buggy address is located 0 bytes to the right of [ 14.620788] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 14.621238] [ 14.621336] The buggy address belongs to the physical page: [ 14.621840] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 14.622242] flags: 0x200000000000000(node=0|zone=2) [ 14.622518] page_type: f5(slab) [ 14.622660] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.623008] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.623447] page dumped because: kasan: bad access detected [ 14.623795] [ 14.623869] Memory state around the buggy address: [ 14.624027] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.624674] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.625053] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.625558] ^ [ 14.625816] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.626176] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.626525] ================================================================== [ 15.378210] ================================================================== [ 15.378614] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 15.378974] Write of size 8 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 15.379361] [ 15.379451] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.379492] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.379505] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.379526] Call Trace: [ 15.379539] <TASK> [ 15.379574] dump_stack_lvl+0x73/0xb0 [ 15.379602] print_report+0xd1/0x650 [ 15.379626] ? __virt_addr_valid+0x1db/0x2d0 [ 15.379650] ? kasan_atomics_helper+0x20c8/0x5450 [ 15.379671] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.379693] ? kasan_atomics_helper+0x20c8/0x5450 [ 15.379715] kasan_report+0x141/0x180 [ 15.379737] ? kasan_atomics_helper+0x20c8/0x5450 [ 15.379764] kasan_check_range+0x10c/0x1c0 [ 15.379788] __kasan_check_write+0x18/0x20 [ 15.379808] kasan_atomics_helper+0x20c8/0x5450 [ 15.379831] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.379863] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.379888] ? kasan_atomics+0x152/0x310 [ 15.379927] kasan_atomics+0x1dc/0x310 [ 15.379950] ? __pfx_kasan_atomics+0x10/0x10 [ 15.379974] ? __pfx_read_tsc+0x10/0x10 [ 15.379995] ? ktime_get_ts64+0x86/0x230 [ 15.380020] kunit_try_run_case+0x1a5/0x480 [ 15.380043] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.380066] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.380090] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.380112] ? __kthread_parkme+0x82/0x180 [ 15.380161] ? preempt_count_sub+0x50/0x80 [ 15.380184] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.380208] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.380232] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.380255] kthread+0x337/0x6f0 [ 15.380284] ? trace_preempt_on+0x20/0xc0 [ 15.380308] ? __pfx_kthread+0x10/0x10 [ 15.380329] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.380361] ? calculate_sigpending+0x7b/0xa0 [ 15.380385] ? __pfx_kthread+0x10/0x10 [ 15.380407] ret_from_fork+0x116/0x1d0 [ 15.380426] ? __pfx_kthread+0x10/0x10 [ 15.380457] ret_from_fork_asm+0x1a/0x30 [ 15.380490] </TASK> [ 15.380502] [ 15.388439] Allocated by task 282: [ 15.388666] kasan_save_stack+0x45/0x70 [ 15.388884] kasan_save_track+0x18/0x40 [ 15.389029] kasan_save_alloc_info+0x3b/0x50 [ 15.389331] __kasan_kmalloc+0xb7/0xc0 [ 15.389551] __kmalloc_cache_noprof+0x189/0x420 [ 15.389802] kasan_atomics+0x95/0x310 [ 15.389953] kunit_try_run_case+0x1a5/0x480 [ 15.390234] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.390551] kthread+0x337/0x6f0 [ 15.390751] ret_from_fork+0x116/0x1d0 [ 15.390968] ret_from_fork_asm+0x1a/0x30 [ 15.391163] [ 15.391236] The buggy address belongs to the object at ffff8881039c5a00 [ 15.391236] which belongs to the cache kmalloc-64 of size 64 [ 15.391735] The buggy address is located 0 bytes to the right of [ 15.391735] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 15.392351] [ 15.392485] The buggy address belongs to the physical page: [ 15.392759] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 15.393004] flags: 0x200000000000000(node=0|zone=2) [ 15.393278] page_type: f5(slab) [ 15.393494] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.393810] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.394039] page dumped because: kasan: bad access detected [ 15.394332] [ 15.394428] Memory state around the buggy address: [ 15.394654] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.394970] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.395275] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.395489] ^ [ 15.395663] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.395981] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.396370] ================================================================== [ 14.045492] ================================================================== [ 14.045956] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 14.046776] Write of size 4 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 14.047498] [ 14.047730] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.047775] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.047788] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.047809] Call Trace: [ 14.047821] <TASK> [ 14.047835] dump_stack_lvl+0x73/0xb0 [ 14.047882] print_report+0xd1/0x650 [ 14.047904] ? __virt_addr_valid+0x1db/0x2d0 [ 14.047929] ? kasan_atomics_helper+0x4ba2/0x5450 [ 14.047949] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.047971] ? kasan_atomics_helper+0x4ba2/0x5450 [ 14.047991] kasan_report+0x141/0x180 [ 14.048012] ? kasan_atomics_helper+0x4ba2/0x5450 [ 14.048038] __asan_report_store4_noabort+0x1b/0x30 [ 14.048057] kasan_atomics_helper+0x4ba2/0x5450 [ 14.048078] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.048100] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.048139] ? kasan_atomics+0x152/0x310 [ 14.048166] kasan_atomics+0x1dc/0x310 [ 14.048187] ? __pfx_kasan_atomics+0x10/0x10 [ 14.048211] ? __pfx_read_tsc+0x10/0x10 [ 14.048231] ? ktime_get_ts64+0x86/0x230 [ 14.048254] kunit_try_run_case+0x1a5/0x480 [ 14.048276] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.048296] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.048319] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.048340] ? __kthread_parkme+0x82/0x180 [ 14.048361] ? preempt_count_sub+0x50/0x80 [ 14.048383] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.048405] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.048427] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.048448] kthread+0x337/0x6f0 [ 14.048468] ? trace_preempt_on+0x20/0xc0 [ 14.048491] ? __pfx_kthread+0x10/0x10 [ 14.048511] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.048531] ? calculate_sigpending+0x7b/0xa0 [ 14.048555] ? __pfx_kthread+0x10/0x10 [ 14.048576] ret_from_fork+0x116/0x1d0 [ 14.048592] ? __pfx_kthread+0x10/0x10 [ 14.048612] ret_from_fork_asm+0x1a/0x30 [ 14.048642] </TASK> [ 14.048664] [ 14.062475] Allocated by task 282: [ 14.062889] kasan_save_stack+0x45/0x70 [ 14.063324] kasan_save_track+0x18/0x40 [ 14.063728] kasan_save_alloc_info+0x3b/0x50 [ 14.064038] __kasan_kmalloc+0xb7/0xc0 [ 14.064208] __kmalloc_cache_noprof+0x189/0x420 [ 14.064709] kasan_atomics+0x95/0x310 [ 14.065101] kunit_try_run_case+0x1a5/0x480 [ 14.065521] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.065700] kthread+0x337/0x6f0 [ 14.065822] ret_from_fork+0x116/0x1d0 [ 14.065957] ret_from_fork_asm+0x1a/0x30 [ 14.066096] [ 14.066205] The buggy address belongs to the object at ffff8881039c5a00 [ 14.066205] which belongs to the cache kmalloc-64 of size 64 [ 14.067115] The buggy address is located 0 bytes to the right of [ 14.067115] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 14.067667] [ 14.067775] The buggy address belongs to the physical page: [ 14.068042] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 14.068360] flags: 0x200000000000000(node=0|zone=2) [ 14.068725] page_type: f5(slab) [ 14.068847] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.069318] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.069651] page dumped because: kasan: bad access detected [ 14.069936] [ 14.070008] Memory state around the buggy address: [ 14.070236] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.070665] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.070998] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.071650] ^ [ 14.071912] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.072247] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.072567] ================================================================== [ 14.539869] ================================================================== [ 14.540226] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 14.540592] Write of size 4 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 14.541048] [ 14.541180] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.541222] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.541235] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.541258] Call Trace: [ 14.541272] <TASK> [ 14.541286] dump_stack_lvl+0x73/0xb0 [ 14.541315] print_report+0xd1/0x650 [ 14.541337] ? __virt_addr_valid+0x1db/0x2d0 [ 14.541361] ? kasan_atomics_helper+0xe78/0x5450 [ 14.541382] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.541491] ? kasan_atomics_helper+0xe78/0x5450 [ 14.541513] kasan_report+0x141/0x180 [ 14.541548] ? kasan_atomics_helper+0xe78/0x5450 [ 14.541575] kasan_check_range+0x10c/0x1c0 [ 14.541599] __kasan_check_write+0x18/0x20 [ 14.541618] kasan_atomics_helper+0xe78/0x5450 [ 14.541642] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.541665] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.541691] ? kasan_atomics+0x152/0x310 [ 14.541718] kasan_atomics+0x1dc/0x310 [ 14.541742] ? __pfx_kasan_atomics+0x10/0x10 [ 14.541766] ? __pfx_read_tsc+0x10/0x10 [ 14.541788] ? ktime_get_ts64+0x86/0x230 [ 14.541813] kunit_try_run_case+0x1a5/0x480 [ 14.541837] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.541859] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.541884] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.541907] ? __kthread_parkme+0x82/0x180 [ 14.541929] ? preempt_count_sub+0x50/0x80 [ 14.541953] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.541977] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.542000] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.542023] kthread+0x337/0x6f0 [ 14.542043] ? trace_preempt_on+0x20/0xc0 [ 14.542067] ? __pfx_kthread+0x10/0x10 [ 14.542088] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.542109] ? calculate_sigpending+0x7b/0xa0 [ 14.542181] ? __pfx_kthread+0x10/0x10 [ 14.542204] ret_from_fork+0x116/0x1d0 [ 14.542222] ? __pfx_kthread+0x10/0x10 [ 14.542254] ret_from_fork_asm+0x1a/0x30 [ 14.542285] </TASK> [ 14.542296] [ 14.551836] Allocated by task 282: [ 14.552033] kasan_save_stack+0x45/0x70 [ 14.552309] kasan_save_track+0x18/0x40 [ 14.552593] kasan_save_alloc_info+0x3b/0x50 [ 14.552838] __kasan_kmalloc+0xb7/0xc0 [ 14.553064] __kmalloc_cache_noprof+0x189/0x420 [ 14.553309] kasan_atomics+0x95/0x310 [ 14.553450] kunit_try_run_case+0x1a5/0x480 [ 14.553807] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.554200] kthread+0x337/0x6f0 [ 14.554381] ret_from_fork+0x116/0x1d0 [ 14.554571] ret_from_fork_asm+0x1a/0x30 [ 14.554770] [ 14.554860] The buggy address belongs to the object at ffff8881039c5a00 [ 14.554860] which belongs to the cache kmalloc-64 of size 64 [ 14.555509] The buggy address is located 0 bytes to the right of [ 14.555509] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 14.555967] [ 14.556079] The buggy address belongs to the physical page: [ 14.556344] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 14.557043] flags: 0x200000000000000(node=0|zone=2) [ 14.557327] page_type: f5(slab) [ 14.557538] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.557921] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.558348] page dumped because: kasan: bad access detected [ 14.558573] [ 14.558670] Memory state around the buggy address: [ 14.558895] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.559367] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.559639] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.559947] ^ [ 14.560216] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.560642] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.560988] ================================================================== [ 14.474879] ================================================================== [ 14.475423] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 14.475852] Read of size 4 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 14.476223] [ 14.476439] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.476485] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.476498] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.476518] Call Trace: [ 14.476536] <TASK> [ 14.476551] dump_stack_lvl+0x73/0xb0 [ 14.476577] print_report+0xd1/0x650 [ 14.476601] ? __virt_addr_valid+0x1db/0x2d0 [ 14.476625] ? kasan_atomics_helper+0x4a84/0x5450 [ 14.476647] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.476669] ? kasan_atomics_helper+0x4a84/0x5450 [ 14.476692] kasan_report+0x141/0x180 [ 14.476715] ? kasan_atomics_helper+0x4a84/0x5450 [ 14.476741] __asan_report_load4_noabort+0x18/0x20 [ 14.476766] kasan_atomics_helper+0x4a84/0x5450 [ 14.476790] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.476813] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.476838] ? kasan_atomics+0x152/0x310 [ 14.476865] kasan_atomics+0x1dc/0x310 [ 14.476889] ? __pfx_kasan_atomics+0x10/0x10 [ 14.476913] ? __pfx_read_tsc+0x10/0x10 [ 14.476934] ? ktime_get_ts64+0x86/0x230 [ 14.476959] kunit_try_run_case+0x1a5/0x480 [ 14.476983] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.477006] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.477030] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.477054] ? __kthread_parkme+0x82/0x180 [ 14.477075] ? preempt_count_sub+0x50/0x80 [ 14.477099] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.477137] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.477160] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.477184] kthread+0x337/0x6f0 [ 14.477204] ? trace_preempt_on+0x20/0xc0 [ 14.477226] ? __pfx_kthread+0x10/0x10 [ 14.477248] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.477269] ? calculate_sigpending+0x7b/0xa0 [ 14.477293] ? __pfx_kthread+0x10/0x10 [ 14.477315] ret_from_fork+0x116/0x1d0 [ 14.477334] ? __pfx_kthread+0x10/0x10 [ 14.477354] ret_from_fork_asm+0x1a/0x30 [ 14.477385] </TASK> [ 14.477396] [ 14.486279] Allocated by task 282: [ 14.486475] kasan_save_stack+0x45/0x70 [ 14.486628] kasan_save_track+0x18/0x40 [ 14.486765] kasan_save_alloc_info+0x3b/0x50 [ 14.486947] __kasan_kmalloc+0xb7/0xc0 [ 14.487164] __kmalloc_cache_noprof+0x189/0x420 [ 14.487497] kasan_atomics+0x95/0x310 [ 14.487692] kunit_try_run_case+0x1a5/0x480 [ 14.488069] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.488508] kthread+0x337/0x6f0 [ 14.488697] ret_from_fork+0x116/0x1d0 [ 14.488836] ret_from_fork_asm+0x1a/0x30 [ 14.488980] [ 14.489053] The buggy address belongs to the object at ffff8881039c5a00 [ 14.489053] which belongs to the cache kmalloc-64 of size 64 [ 14.489421] The buggy address is located 0 bytes to the right of [ 14.489421] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 14.490477] [ 14.490613] The buggy address belongs to the physical page: [ 14.490944] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 14.491326] flags: 0x200000000000000(node=0|zone=2) [ 14.491495] page_type: f5(slab) [ 14.491618] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.491850] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.492079] page dumped because: kasan: bad access detected [ 14.492261] [ 14.492333] Memory state around the buggy address: [ 14.492490] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.492710] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.492931] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.493157] ^ [ 14.493314] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.493718] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.493934] ================================================================== [ 14.781996] ================================================================== [ 14.782241] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 14.782877] Write of size 4 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 14.783228] [ 14.783316] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.783359] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.783372] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.783395] Call Trace: [ 14.783460] <TASK> [ 14.783477] dump_stack_lvl+0x73/0xb0 [ 14.783505] print_report+0xd1/0x650 [ 14.783529] ? __virt_addr_valid+0x1db/0x2d0 [ 14.783555] ? kasan_atomics_helper+0x12e6/0x5450 [ 14.783576] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.783600] ? kasan_atomics_helper+0x12e6/0x5450 [ 14.783622] kasan_report+0x141/0x180 [ 14.783644] ? kasan_atomics_helper+0x12e6/0x5450 [ 14.783671] kasan_check_range+0x10c/0x1c0 [ 14.783695] __kasan_check_write+0x18/0x20 [ 14.783715] kasan_atomics_helper+0x12e6/0x5450 [ 14.783738] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.783759] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.783785] ? kasan_atomics+0x152/0x310 [ 14.783812] kasan_atomics+0x1dc/0x310 [ 14.783835] ? __pfx_kasan_atomics+0x10/0x10 [ 14.783873] ? __pfx_read_tsc+0x10/0x10 [ 14.783894] ? ktime_get_ts64+0x86/0x230 [ 14.783920] kunit_try_run_case+0x1a5/0x480 [ 14.783956] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.783979] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.784004] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.784037] ? __kthread_parkme+0x82/0x180 [ 14.784058] ? preempt_count_sub+0x50/0x80 [ 14.784082] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.784117] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.784162] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.784186] kthread+0x337/0x6f0 [ 14.784205] ? trace_preempt_on+0x20/0xc0 [ 14.784230] ? __pfx_kthread+0x10/0x10 [ 14.784250] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.784272] ? calculate_sigpending+0x7b/0xa0 [ 14.784296] ? __pfx_kthread+0x10/0x10 [ 14.784359] ret_from_fork+0x116/0x1d0 [ 14.784379] ? __pfx_kthread+0x10/0x10 [ 14.784400] ret_from_fork_asm+0x1a/0x30 [ 14.784431] </TASK> [ 14.784444] [ 14.798644] Allocated by task 282: [ 14.798974] kasan_save_stack+0x45/0x70 [ 14.799442] kasan_save_track+0x18/0x40 [ 14.799812] kasan_save_alloc_info+0x3b/0x50 [ 14.800218] __kasan_kmalloc+0xb7/0xc0 [ 14.800562] __kmalloc_cache_noprof+0x189/0x420 [ 14.800918] kasan_atomics+0x95/0x310 [ 14.801057] kunit_try_run_case+0x1a5/0x480 [ 14.801484] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.801976] kthread+0x337/0x6f0 [ 14.802336] ret_from_fork+0x116/0x1d0 [ 14.802753] ret_from_fork_asm+0x1a/0x30 [ 14.802901] [ 14.802972] The buggy address belongs to the object at ffff8881039c5a00 [ 14.802972] which belongs to the cache kmalloc-64 of size 64 [ 14.803862] The buggy address is located 0 bytes to the right of [ 14.803862] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 14.805163] [ 14.805379] The buggy address belongs to the physical page: [ 14.805873] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 14.806111] flags: 0x200000000000000(node=0|zone=2) [ 14.806652] page_type: f5(slab) [ 14.806949] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.807869] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.808465] page dumped because: kasan: bad access detected [ 14.808955] [ 14.809081] Memory state around the buggy address: [ 14.809563] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.810055] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.810598] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.810976] ^ [ 14.811158] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.811877] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.812710] ================================================================== [ 14.921992] ================================================================== [ 14.922487] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 14.922835] Write of size 8 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 14.923104] [ 14.923247] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.923287] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.923301] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.923332] Call Trace: [ 14.923348] <TASK> [ 14.923363] dump_stack_lvl+0x73/0xb0 [ 14.923389] print_report+0xd1/0x650 [ 14.923414] ? __virt_addr_valid+0x1db/0x2d0 [ 14.923437] ? kasan_atomics_helper+0x15b6/0x5450 [ 14.923459] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.923481] ? kasan_atomics_helper+0x15b6/0x5450 [ 14.923503] kasan_report+0x141/0x180 [ 14.923526] ? kasan_atomics_helper+0x15b6/0x5450 [ 14.923553] kasan_check_range+0x10c/0x1c0 [ 14.923577] __kasan_check_write+0x18/0x20 [ 14.923597] kasan_atomics_helper+0x15b6/0x5450 [ 14.923621] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.923642] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.923669] ? kasan_atomics+0x152/0x310 [ 14.923705] kasan_atomics+0x1dc/0x310 [ 14.923730] ? __pfx_kasan_atomics+0x10/0x10 [ 14.923754] ? __pfx_read_tsc+0x10/0x10 [ 14.923788] ? ktime_get_ts64+0x86/0x230 [ 14.923813] kunit_try_run_case+0x1a5/0x480 [ 14.923839] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.923863] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.923889] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.923912] ? __kthread_parkme+0x82/0x180 [ 14.923933] ? preempt_count_sub+0x50/0x80 [ 14.923956] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.923990] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.924013] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.924036] kthread+0x337/0x6f0 [ 14.924067] ? trace_preempt_on+0x20/0xc0 [ 14.924090] ? __pfx_kthread+0x10/0x10 [ 14.924112] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.924167] ? calculate_sigpending+0x7b/0xa0 [ 14.924191] ? __pfx_kthread+0x10/0x10 [ 14.924212] ret_from_fork+0x116/0x1d0 [ 14.924242] ? __pfx_kthread+0x10/0x10 [ 14.924264] ret_from_fork_asm+0x1a/0x30 [ 14.924295] </TASK> [ 14.924317] [ 14.931842] Allocated by task 282: [ 14.931995] kasan_save_stack+0x45/0x70 [ 14.932245] kasan_save_track+0x18/0x40 [ 14.932422] kasan_save_alloc_info+0x3b/0x50 [ 14.932572] __kasan_kmalloc+0xb7/0xc0 [ 14.932706] __kmalloc_cache_noprof+0x189/0x420 [ 14.932865] kasan_atomics+0x95/0x310 [ 14.933005] kunit_try_run_case+0x1a5/0x480 [ 14.933202] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.933483] kthread+0x337/0x6f0 [ 14.933655] ret_from_fork+0x116/0x1d0 [ 14.933842] ret_from_fork_asm+0x1a/0x30 [ 14.934039] [ 14.934168] The buggy address belongs to the object at ffff8881039c5a00 [ 14.934168] which belongs to the cache kmalloc-64 of size 64 [ 14.934699] The buggy address is located 0 bytes to the right of [ 14.934699] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 14.935272] [ 14.935377] The buggy address belongs to the physical page: [ 14.935614] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 14.935857] flags: 0x200000000000000(node=0|zone=2) [ 14.936093] page_type: f5(slab) [ 14.936318] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.936657] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.936980] page dumped because: kasan: bad access detected [ 14.937246] [ 14.937357] Memory state around the buggy address: [ 14.937564] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.937869] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.938203] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.938533] ^ [ 14.938742] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.939057] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.939392] ================================================================== [ 14.747956] ================================================================== [ 14.748331] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 14.748652] Read of size 4 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 14.749302] [ 14.749445] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.749491] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.749504] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.749527] Call Trace: [ 14.749541] <TASK> [ 14.749555] dump_stack_lvl+0x73/0xb0 [ 14.749583] print_report+0xd1/0x650 [ 14.749606] ? __virt_addr_valid+0x1db/0x2d0 [ 14.749629] ? kasan_atomics_helper+0x49e8/0x5450 [ 14.749651] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.749674] ? kasan_atomics_helper+0x49e8/0x5450 [ 14.749696] kasan_report+0x141/0x180 [ 14.749720] ? kasan_atomics_helper+0x49e8/0x5450 [ 14.749749] __asan_report_load4_noabort+0x18/0x20 [ 14.749774] kasan_atomics_helper+0x49e8/0x5450 [ 14.749798] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.749821] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.749849] ? kasan_atomics+0x152/0x310 [ 14.749877] kasan_atomics+0x1dc/0x310 [ 14.749902] ? __pfx_kasan_atomics+0x10/0x10 [ 14.749926] ? __pfx_read_tsc+0x10/0x10 [ 14.749948] ? ktime_get_ts64+0x86/0x230 [ 14.749972] kunit_try_run_case+0x1a5/0x480 [ 14.749996] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.750018] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.750042] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.750065] ? __kthread_parkme+0x82/0x180 [ 14.750085] ? preempt_count_sub+0x50/0x80 [ 14.750109] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.750213] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.750240] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.750265] kthread+0x337/0x6f0 [ 14.750296] ? trace_preempt_on+0x20/0xc0 [ 14.750360] ? __pfx_kthread+0x10/0x10 [ 14.750396] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.750417] ? calculate_sigpending+0x7b/0xa0 [ 14.750441] ? __pfx_kthread+0x10/0x10 [ 14.750463] ret_from_fork+0x116/0x1d0 [ 14.750482] ? __pfx_kthread+0x10/0x10 [ 14.750516] ret_from_fork_asm+0x1a/0x30 [ 14.750547] </TASK> [ 14.750559] [ 14.766958] Allocated by task 282: [ 14.767343] kasan_save_stack+0x45/0x70 [ 14.767724] kasan_save_track+0x18/0x40 [ 14.767866] kasan_save_alloc_info+0x3b/0x50 [ 14.768012] __kasan_kmalloc+0xb7/0xc0 [ 14.768177] __kmalloc_cache_noprof+0x189/0x420 [ 14.768697] kasan_atomics+0x95/0x310 [ 14.769339] kunit_try_run_case+0x1a5/0x480 [ 14.769789] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.770333] kthread+0x337/0x6f0 [ 14.770667] ret_from_fork+0x116/0x1d0 [ 14.771042] ret_from_fork_asm+0x1a/0x30 [ 14.771670] [ 14.771781] The buggy address belongs to the object at ffff8881039c5a00 [ 14.771781] which belongs to the cache kmalloc-64 of size 64 [ 14.772148] The buggy address is located 0 bytes to the right of [ 14.772148] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 14.773549] [ 14.773753] The buggy address belongs to the physical page: [ 14.774278] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 14.774978] flags: 0x200000000000000(node=0|zone=2) [ 14.775179] page_type: f5(slab) [ 14.775451] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.776054] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.776766] page dumped because: kasan: bad access detected [ 14.777422] [ 14.777566] Memory state around the buggy address: [ 14.777872] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.778095] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.778647] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.779357] ^ [ 14.779794] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.780496] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.781148] ================================================================== [ 15.041237] ================================================================== [ 15.041970] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 15.042727] Write of size 8 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 15.043040] [ 15.043324] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.043371] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.043384] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.043408] Call Trace: [ 15.043423] <TASK> [ 15.043438] dump_stack_lvl+0x73/0xb0 [ 15.043467] print_report+0xd1/0x650 [ 15.043490] ? __virt_addr_valid+0x1db/0x2d0 [ 15.043514] ? kasan_atomics_helper+0x194a/0x5450 [ 15.043537] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.043559] ? kasan_atomics_helper+0x194a/0x5450 [ 15.043582] kasan_report+0x141/0x180 [ 15.043604] ? kasan_atomics_helper+0x194a/0x5450 [ 15.043631] kasan_check_range+0x10c/0x1c0 [ 15.043655] __kasan_check_write+0x18/0x20 [ 15.043675] kasan_atomics_helper+0x194a/0x5450 [ 15.043698] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.043720] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.043746] ? kasan_atomics+0x152/0x310 [ 15.043772] kasan_atomics+0x1dc/0x310 [ 15.043795] ? __pfx_kasan_atomics+0x10/0x10 [ 15.043820] ? __pfx_read_tsc+0x10/0x10 [ 15.043841] ? ktime_get_ts64+0x86/0x230 [ 15.043867] kunit_try_run_case+0x1a5/0x480 [ 15.043892] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.043915] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.043940] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.043963] ? __kthread_parkme+0x82/0x180 [ 15.043984] ? preempt_count_sub+0x50/0x80 [ 15.044009] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.044034] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.044058] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.044082] kthread+0x337/0x6f0 [ 15.044102] ? trace_preempt_on+0x20/0xc0 [ 15.044297] ? __pfx_kthread+0x10/0x10 [ 15.044323] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.044347] ? calculate_sigpending+0x7b/0xa0 [ 15.044372] ? __pfx_kthread+0x10/0x10 [ 15.044393] ret_from_fork+0x116/0x1d0 [ 15.044413] ? __pfx_kthread+0x10/0x10 [ 15.044434] ret_from_fork_asm+0x1a/0x30 [ 15.044464] </TASK> [ 15.044476] [ 15.054855] Allocated by task 282: [ 15.055214] kasan_save_stack+0x45/0x70 [ 15.055421] kasan_save_track+0x18/0x40 [ 15.055753] kasan_save_alloc_info+0x3b/0x50 [ 15.056030] __kasan_kmalloc+0xb7/0xc0 [ 15.056360] __kmalloc_cache_noprof+0x189/0x420 [ 15.056673] kasan_atomics+0x95/0x310 [ 15.056892] kunit_try_run_case+0x1a5/0x480 [ 15.057239] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.057577] kthread+0x337/0x6f0 [ 15.057816] ret_from_fork+0x116/0x1d0 [ 15.058032] ret_from_fork_asm+0x1a/0x30 [ 15.058359] [ 15.058482] The buggy address belongs to the object at ffff8881039c5a00 [ 15.058482] which belongs to the cache kmalloc-64 of size 64 [ 15.059214] The buggy address is located 0 bytes to the right of [ 15.059214] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 15.059841] [ 15.059941] The buggy address belongs to the physical page: [ 15.060336] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 15.060766] flags: 0x200000000000000(node=0|zone=2) [ 15.060985] page_type: f5(slab) [ 15.061332] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.061741] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.062175] page dumped because: kasan: bad access detected [ 15.062378] [ 15.062568] Memory state around the buggy address: [ 15.062898] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.063233] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.063701] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.064042] ^ [ 15.064376] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.064772] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.065181] ================================================================== [ 15.140655] ================================================================== [ 15.140968] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 15.141699] Write of size 8 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 15.142099] [ 15.142403] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.142453] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.142466] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.142488] Call Trace: [ 15.142504] <TASK> [ 15.142529] dump_stack_lvl+0x73/0xb0 [ 15.142557] print_report+0xd1/0x650 [ 15.142581] ? __virt_addr_valid+0x1db/0x2d0 [ 15.142605] ? kasan_atomics_helper+0x1c18/0x5450 [ 15.142627] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.142650] ? kasan_atomics_helper+0x1c18/0x5450 [ 15.142672] kasan_report+0x141/0x180 [ 15.142696] ? kasan_atomics_helper+0x1c18/0x5450 [ 15.142723] kasan_check_range+0x10c/0x1c0 [ 15.142747] __kasan_check_write+0x18/0x20 [ 15.142767] kasan_atomics_helper+0x1c18/0x5450 [ 15.142791] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.142815] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.142841] ? kasan_atomics+0x152/0x310 [ 15.142869] kasan_atomics+0x1dc/0x310 [ 15.142892] ? __pfx_kasan_atomics+0x10/0x10 [ 15.142917] ? __pfx_read_tsc+0x10/0x10 [ 15.142938] ? ktime_get_ts64+0x86/0x230 [ 15.142962] kunit_try_run_case+0x1a5/0x480 [ 15.142987] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.143009] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.143031] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.143054] ? __kthread_parkme+0x82/0x180 [ 15.143075] ? preempt_count_sub+0x50/0x80 [ 15.143099] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.143145] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.143168] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.143192] kthread+0x337/0x6f0 [ 15.143212] ? trace_preempt_on+0x20/0xc0 [ 15.143236] ? __pfx_kthread+0x10/0x10 [ 15.143257] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.143278] ? calculate_sigpending+0x7b/0xa0 [ 15.143302] ? __pfx_kthread+0x10/0x10 [ 15.143323] ret_from_fork+0x116/0x1d0 [ 15.143343] ? __pfx_kthread+0x10/0x10 [ 15.143364] ret_from_fork_asm+0x1a/0x30 [ 15.143395] </TASK> [ 15.143406] [ 15.154042] Allocated by task 282: [ 15.154431] kasan_save_stack+0x45/0x70 [ 15.154659] kasan_save_track+0x18/0x40 [ 15.154966] kasan_save_alloc_info+0x3b/0x50 [ 15.155211] __kasan_kmalloc+0xb7/0xc0 [ 15.155525] __kmalloc_cache_noprof+0x189/0x420 [ 15.155810] kasan_atomics+0x95/0x310 [ 15.156000] kunit_try_run_case+0x1a5/0x480 [ 15.156401] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.156675] kthread+0x337/0x6f0 [ 15.156945] ret_from_fork+0x116/0x1d0 [ 15.157260] ret_from_fork_asm+0x1a/0x30 [ 15.157493] [ 15.157613] The buggy address belongs to the object at ffff8881039c5a00 [ 15.157613] which belongs to the cache kmalloc-64 of size 64 [ 15.158078] The buggy address is located 0 bytes to the right of [ 15.158078] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 15.158900] [ 15.159175] The buggy address belongs to the physical page: [ 15.159466] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 15.159881] flags: 0x200000000000000(node=0|zone=2) [ 15.160238] page_type: f5(slab) [ 15.160515] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.160837] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.161384] page dumped because: kasan: bad access detected [ 15.161718] [ 15.161840] Memory state around the buggy address: [ 15.162185] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.162498] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.162931] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.163329] ^ [ 15.163628] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.163997] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.164423] ================================================================== [ 14.561673] ================================================================== [ 14.562000] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 14.562446] Write of size 4 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 14.562698] [ 14.562801] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.562928] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.562944] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.562991] Call Trace: [ 14.563029] <TASK> [ 14.563045] dump_stack_lvl+0x73/0xb0 [ 14.563073] print_report+0xd1/0x650 [ 14.563116] ? __virt_addr_valid+0x1db/0x2d0 [ 14.563157] ? kasan_atomics_helper+0xf10/0x5450 [ 14.563178] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.563200] ? kasan_atomics_helper+0xf10/0x5450 [ 14.563222] kasan_report+0x141/0x180 [ 14.563245] ? kasan_atomics_helper+0xf10/0x5450 [ 14.563271] kasan_check_range+0x10c/0x1c0 [ 14.563295] __kasan_check_write+0x18/0x20 [ 14.563358] kasan_atomics_helper+0xf10/0x5450 [ 14.563382] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.563405] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.563431] ? kasan_atomics+0x152/0x310 [ 14.563457] kasan_atomics+0x1dc/0x310 [ 14.563481] ? __pfx_kasan_atomics+0x10/0x10 [ 14.563505] ? __pfx_read_tsc+0x10/0x10 [ 14.563527] ? ktime_get_ts64+0x86/0x230 [ 14.563552] kunit_try_run_case+0x1a5/0x480 [ 14.563612] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.563637] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.563661] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.563711] ? __kthread_parkme+0x82/0x180 [ 14.563734] ? preempt_count_sub+0x50/0x80 [ 14.563758] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.563793] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.563816] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.563840] kthread+0x337/0x6f0 [ 14.563860] ? trace_preempt_on+0x20/0xc0 [ 14.563884] ? __pfx_kthread+0x10/0x10 [ 14.563905] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.563927] ? calculate_sigpending+0x7b/0xa0 [ 14.563951] ? __pfx_kthread+0x10/0x10 [ 14.563973] ret_from_fork+0x116/0x1d0 [ 14.563992] ? __pfx_kthread+0x10/0x10 [ 14.564014] ret_from_fork_asm+0x1a/0x30 [ 14.564045] </TASK> [ 14.564057] [ 14.573076] Allocated by task 282: [ 14.573479] kasan_save_stack+0x45/0x70 [ 14.573648] kasan_save_track+0x18/0x40 [ 14.573787] kasan_save_alloc_info+0x3b/0x50 [ 14.573992] __kasan_kmalloc+0xb7/0xc0 [ 14.574300] __kmalloc_cache_noprof+0x189/0x420 [ 14.574860] kasan_atomics+0x95/0x310 [ 14.575108] kunit_try_run_case+0x1a5/0x480 [ 14.575425] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.575718] kthread+0x337/0x6f0 [ 14.575844] ret_from_fork+0x116/0x1d0 [ 14.575979] ret_from_fork_asm+0x1a/0x30 [ 14.576245] [ 14.576432] The buggy address belongs to the object at ffff8881039c5a00 [ 14.576432] which belongs to the cache kmalloc-64 of size 64 [ 14.577209] The buggy address is located 0 bytes to the right of [ 14.577209] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 14.577789] [ 14.577869] The buggy address belongs to the physical page: [ 14.578155] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 14.578613] flags: 0x200000000000000(node=0|zone=2) [ 14.578922] page_type: f5(slab) [ 14.579053] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.579642] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.579970] page dumped because: kasan: bad access detected [ 14.580245] [ 14.580346] Memory state around the buggy address: [ 14.580558] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.580865] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.581546] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.581882] ^ [ 14.582044] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.582540] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.582877] ================================================================== [ 14.583511] ================================================================== [ 14.583826] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 14.584210] Write of size 4 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 14.584729] [ 14.584862] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.584907] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.584920] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.584943] Call Trace: [ 14.584960] <TASK> [ 14.584976] dump_stack_lvl+0x73/0xb0 [ 14.585005] print_report+0xd1/0x650 [ 14.585027] ? __virt_addr_valid+0x1db/0x2d0 [ 14.585051] ? kasan_atomics_helper+0xfa9/0x5450 [ 14.585073] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.585095] ? kasan_atomics_helper+0xfa9/0x5450 [ 14.585117] kasan_report+0x141/0x180 [ 14.585194] ? kasan_atomics_helper+0xfa9/0x5450 [ 14.585231] kasan_check_range+0x10c/0x1c0 [ 14.585256] __kasan_check_write+0x18/0x20 [ 14.585276] kasan_atomics_helper+0xfa9/0x5450 [ 14.585298] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.585321] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.585346] ? kasan_atomics+0x152/0x310 [ 14.585373] kasan_atomics+0x1dc/0x310 [ 14.585397] ? __pfx_kasan_atomics+0x10/0x10 [ 14.585422] ? __pfx_read_tsc+0x10/0x10 [ 14.585443] ? ktime_get_ts64+0x86/0x230 [ 14.585468] kunit_try_run_case+0x1a5/0x480 [ 14.585492] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.585514] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.585539] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.585562] ? __kthread_parkme+0x82/0x180 [ 14.585584] ? preempt_count_sub+0x50/0x80 [ 14.585608] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.585632] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.585655] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.585679] kthread+0x337/0x6f0 [ 14.585699] ? trace_preempt_on+0x20/0xc0 [ 14.585723] ? __pfx_kthread+0x10/0x10 [ 14.585744] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.585765] ? calculate_sigpending+0x7b/0xa0 [ 14.585789] ? __pfx_kthread+0x10/0x10 [ 14.585812] ret_from_fork+0x116/0x1d0 [ 14.585831] ? __pfx_kthread+0x10/0x10 [ 14.585852] ret_from_fork_asm+0x1a/0x30 [ 14.585883] </TASK> [ 14.585894] [ 14.595696] Allocated by task 282: [ 14.595872] kasan_save_stack+0x45/0x70 [ 14.596140] kasan_save_track+0x18/0x40 [ 14.596481] kasan_save_alloc_info+0x3b/0x50 [ 14.596703] __kasan_kmalloc+0xb7/0xc0 [ 14.596925] __kmalloc_cache_noprof+0x189/0x420 [ 14.597228] kasan_atomics+0x95/0x310 [ 14.597499] kunit_try_run_case+0x1a5/0x480 [ 14.597737] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.598007] kthread+0x337/0x6f0 [ 14.598194] ret_from_fork+0x116/0x1d0 [ 14.598454] ret_from_fork_asm+0x1a/0x30 [ 14.598641] [ 14.598716] The buggy address belongs to the object at ffff8881039c5a00 [ 14.598716] which belongs to the cache kmalloc-64 of size 64 [ 14.599391] The buggy address is located 0 bytes to the right of [ 14.599391] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 14.599896] [ 14.599994] The buggy address belongs to the physical page: [ 14.600314] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 14.600995] flags: 0x200000000000000(node=0|zone=2) [ 14.601265] page_type: f5(slab) [ 14.601389] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.601695] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.602094] page dumped because: kasan: bad access detected [ 14.602366] [ 14.602464] Memory state around the buggy address: [ 14.602694] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.603075] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.603477] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.603764] ^ [ 14.604008] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.604446] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.604828] ================================================================== [ 14.727042] ================================================================== [ 14.727297] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 14.727987] Write of size 4 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 14.728753] [ 14.728863] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.728908] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.728923] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.728944] Call Trace: [ 14.728960] <TASK> [ 14.728976] dump_stack_lvl+0x73/0xb0 [ 14.729004] print_report+0xd1/0x650 [ 14.729028] ? __virt_addr_valid+0x1db/0x2d0 [ 14.729053] ? kasan_atomics_helper+0x1217/0x5450 [ 14.729075] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.729098] ? kasan_atomics_helper+0x1217/0x5450 [ 14.729134] kasan_report+0x141/0x180 [ 14.729158] ? kasan_atomics_helper+0x1217/0x5450 [ 14.729185] kasan_check_range+0x10c/0x1c0 [ 14.729209] __kasan_check_write+0x18/0x20 [ 14.729230] kasan_atomics_helper+0x1217/0x5450 [ 14.729253] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.729277] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.729303] ? kasan_atomics+0x152/0x310 [ 14.729330] kasan_atomics+0x1dc/0x310 [ 14.729353] ? __pfx_kasan_atomics+0x10/0x10 [ 14.729379] ? __pfx_read_tsc+0x10/0x10 [ 14.729400] ? ktime_get_ts64+0x86/0x230 [ 14.729479] kunit_try_run_case+0x1a5/0x480 [ 14.729519] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.729541] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.729565] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.729588] ? __kthread_parkme+0x82/0x180 [ 14.729611] ? preempt_count_sub+0x50/0x80 [ 14.729634] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.729658] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.729682] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.729705] kthread+0x337/0x6f0 [ 14.729725] ? trace_preempt_on+0x20/0xc0 [ 14.729748] ? __pfx_kthread+0x10/0x10 [ 14.729770] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.729791] ? calculate_sigpending+0x7b/0xa0 [ 14.729815] ? __pfx_kthread+0x10/0x10 [ 14.729837] ret_from_fork+0x116/0x1d0 [ 14.729855] ? __pfx_kthread+0x10/0x10 [ 14.729876] ret_from_fork_asm+0x1a/0x30 [ 14.729906] </TASK> [ 14.729918] [ 14.738808] Allocated by task 282: [ 14.739027] kasan_save_stack+0x45/0x70 [ 14.739246] kasan_save_track+0x18/0x40 [ 14.739385] kasan_save_alloc_info+0x3b/0x50 [ 14.739796] __kasan_kmalloc+0xb7/0xc0 [ 14.740002] __kmalloc_cache_noprof+0x189/0x420 [ 14.740241] kasan_atomics+0x95/0x310 [ 14.740456] kunit_try_run_case+0x1a5/0x480 [ 14.740669] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.740908] kthread+0x337/0x6f0 [ 14.741099] ret_from_fork+0x116/0x1d0 [ 14.741294] ret_from_fork_asm+0x1a/0x30 [ 14.741437] [ 14.741510] The buggy address belongs to the object at ffff8881039c5a00 [ 14.741510] which belongs to the cache kmalloc-64 of size 64 [ 14.741966] The buggy address is located 0 bytes to the right of [ 14.741966] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 14.742505] [ 14.742598] The buggy address belongs to the physical page: [ 14.742766] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 14.743153] flags: 0x200000000000000(node=0|zone=2) [ 14.743552] page_type: f5(slab) [ 14.743907] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.744488] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.744784] page dumped because: kasan: bad access detected [ 14.745022] [ 14.745120] Memory state around the buggy address: [ 14.745518] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.745832] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.746156] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.746575] ^ [ 14.746792] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.747105] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.747548] ================================================================== [ 14.813404] ================================================================== [ 14.813674] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 14.813912] Read of size 4 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 14.814153] [ 14.814249] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.814292] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.814320] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.814341] Call Trace: [ 14.814358] <TASK> [ 14.814387] dump_stack_lvl+0x73/0xb0 [ 14.814424] print_report+0xd1/0x650 [ 14.814450] ? __virt_addr_valid+0x1db/0x2d0 [ 14.814474] ? kasan_atomics_helper+0x49ce/0x5450 [ 14.814496] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.814523] ? kasan_atomics_helper+0x49ce/0x5450 [ 14.814545] kasan_report+0x141/0x180 [ 14.814568] ? kasan_atomics_helper+0x49ce/0x5450 [ 14.814594] __asan_report_load4_noabort+0x18/0x20 [ 14.814619] kasan_atomics_helper+0x49ce/0x5450 [ 14.814642] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.814664] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.814689] ? kasan_atomics+0x152/0x310 [ 14.814726] kasan_atomics+0x1dc/0x310 [ 14.814750] ? __pfx_kasan_atomics+0x10/0x10 [ 14.814784] ? __pfx_read_tsc+0x10/0x10 [ 14.814806] ? ktime_get_ts64+0x86/0x230 [ 14.814830] kunit_try_run_case+0x1a5/0x480 [ 14.814855] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.814878] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.814911] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.814934] ? __kthread_parkme+0x82/0x180 [ 14.814955] ? preempt_count_sub+0x50/0x80 [ 14.814990] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.815015] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.815038] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.815062] kthread+0x337/0x6f0 [ 14.815081] ? trace_preempt_on+0x20/0xc0 [ 14.815105] ? __pfx_kthread+0x10/0x10 [ 14.815135] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.815167] ? calculate_sigpending+0x7b/0xa0 [ 14.815192] ? __pfx_kthread+0x10/0x10 [ 14.815214] ret_from_fork+0x116/0x1d0 [ 14.815234] ? __pfx_kthread+0x10/0x10 [ 14.815254] ret_from_fork_asm+0x1a/0x30 [ 14.815285] </TASK> [ 14.815297] [ 14.822893] Allocated by task 282: [ 14.823070] kasan_save_stack+0x45/0x70 [ 14.823325] kasan_save_track+0x18/0x40 [ 14.823506] kasan_save_alloc_info+0x3b/0x50 [ 14.823735] __kasan_kmalloc+0xb7/0xc0 [ 14.823920] __kmalloc_cache_noprof+0x189/0x420 [ 14.824200] kasan_atomics+0x95/0x310 [ 14.824380] kunit_try_run_case+0x1a5/0x480 [ 14.824599] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.824838] kthread+0x337/0x6f0 [ 14.824974] ret_from_fork+0x116/0x1d0 [ 14.825238] ret_from_fork_asm+0x1a/0x30 [ 14.825439] [ 14.825533] The buggy address belongs to the object at ffff8881039c5a00 [ 14.825533] which belongs to the cache kmalloc-64 of size 64 [ 14.825894] The buggy address is located 0 bytes to the right of [ 14.825894] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 14.826306] [ 14.826406] The buggy address belongs to the physical page: [ 14.826665] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 14.827042] flags: 0x200000000000000(node=0|zone=2) [ 14.827309] page_type: f5(slab) [ 14.827478] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.827820] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.828173] page dumped because: kasan: bad access detected [ 14.828349] [ 14.828422] Memory state around the buggy address: [ 14.828580] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.828917] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.829283] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.829629] ^ [ 14.829858] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.830188] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.830468] ================================================================== [ 14.885487] ================================================================== [ 14.885816] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 14.886194] Write of size 8 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 14.886526] [ 14.886610] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.886664] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.886677] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.886708] Call Trace: [ 14.886724] <TASK> [ 14.886740] dump_stack_lvl+0x73/0xb0 [ 14.886766] print_report+0xd1/0x650 [ 14.886808] ? __virt_addr_valid+0x1db/0x2d0 [ 14.886832] ? kasan_atomics_helper+0x50d4/0x5450 [ 14.886853] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.886887] ? kasan_atomics_helper+0x50d4/0x5450 [ 14.886910] kasan_report+0x141/0x180 [ 14.886932] ? kasan_atomics_helper+0x50d4/0x5450 [ 14.886959] __asan_report_store8_noabort+0x1b/0x30 [ 14.886990] kasan_atomics_helper+0x50d4/0x5450 [ 14.887013] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.887036] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.887072] ? kasan_atomics+0x152/0x310 [ 14.887100] kasan_atomics+0x1dc/0x310 [ 14.887153] ? __pfx_kasan_atomics+0x10/0x10 [ 14.887179] ? __pfx_read_tsc+0x10/0x10 [ 14.887212] ? ktime_get_ts64+0x86/0x230 [ 14.887237] kunit_try_run_case+0x1a5/0x480 [ 14.887261] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.887295] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.887318] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.887342] ? __kthread_parkme+0x82/0x180 [ 14.887374] ? preempt_count_sub+0x50/0x80 [ 14.887399] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.887423] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.887458] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.887482] kthread+0x337/0x6f0 [ 14.887502] ? trace_preempt_on+0x20/0xc0 [ 14.887537] ? __pfx_kthread+0x10/0x10 [ 14.887558] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.887580] ? calculate_sigpending+0x7b/0xa0 [ 14.887615] ? __pfx_kthread+0x10/0x10 [ 14.887637] ret_from_fork+0x116/0x1d0 [ 14.887656] ? __pfx_kthread+0x10/0x10 [ 14.887688] ret_from_fork_asm+0x1a/0x30 [ 14.887718] </TASK> [ 14.887730] [ 14.895314] Allocated by task 282: [ 14.895493] kasan_save_stack+0x45/0x70 [ 14.895720] kasan_save_track+0x18/0x40 [ 14.895948] kasan_save_alloc_info+0x3b/0x50 [ 14.896221] __kasan_kmalloc+0xb7/0xc0 [ 14.896403] __kmalloc_cache_noprof+0x189/0x420 [ 14.896600] kasan_atomics+0x95/0x310 [ 14.896791] kunit_try_run_case+0x1a5/0x480 [ 14.897014] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.897299] kthread+0x337/0x6f0 [ 14.897470] ret_from_fork+0x116/0x1d0 [ 14.897666] ret_from_fork_asm+0x1a/0x30 [ 14.897859] [ 14.897968] The buggy address belongs to the object at ffff8881039c5a00 [ 14.897968] which belongs to the cache kmalloc-64 of size 64 [ 14.898505] The buggy address is located 0 bytes to the right of [ 14.898505] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 14.899040] [ 14.899112] The buggy address belongs to the physical page: [ 14.899362] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 14.899734] flags: 0x200000000000000(node=0|zone=2) [ 14.899951] page_type: f5(slab) [ 14.900093] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.900468] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.900728] page dumped because: kasan: bad access detected [ 14.900901] [ 14.900972] Memory state around the buggy address: [ 14.901156] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.901374] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.901684] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.902001] ^ [ 14.902257] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.902585] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.902901] ================================================================== [ 15.165670] ================================================================== [ 15.165980] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 15.166475] Read of size 8 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 15.166831] [ 15.166957] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.167004] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.167017] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.167039] Call Trace: [ 15.167054] <TASK> [ 15.167069] dump_stack_lvl+0x73/0xb0 [ 15.167097] print_report+0xd1/0x650 [ 15.167120] ? __virt_addr_valid+0x1db/0x2d0 [ 15.167436] ? kasan_atomics_helper+0x4f30/0x5450 [ 15.167464] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.167487] ? kasan_atomics_helper+0x4f30/0x5450 [ 15.167510] kasan_report+0x141/0x180 [ 15.167533] ? kasan_atomics_helper+0x4f30/0x5450 [ 15.167560] __asan_report_load8_noabort+0x18/0x20 [ 15.167586] kasan_atomics_helper+0x4f30/0x5450 [ 15.167609] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.167631] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.167657] ? kasan_atomics+0x152/0x310 [ 15.167684] kasan_atomics+0x1dc/0x310 [ 15.167707] ? __pfx_kasan_atomics+0x10/0x10 [ 15.167732] ? __pfx_read_tsc+0x10/0x10 [ 15.167753] ? ktime_get_ts64+0x86/0x230 [ 15.167778] kunit_try_run_case+0x1a5/0x480 [ 15.167801] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.167824] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.167848] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.167871] ? __kthread_parkme+0x82/0x180 [ 15.167892] ? preempt_count_sub+0x50/0x80 [ 15.167916] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.167939] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.167962] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.167986] kthread+0x337/0x6f0 [ 15.168006] ? trace_preempt_on+0x20/0xc0 [ 15.168028] ? __pfx_kthread+0x10/0x10 [ 15.168050] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.168071] ? calculate_sigpending+0x7b/0xa0 [ 15.168095] ? __pfx_kthread+0x10/0x10 [ 15.168116] ret_from_fork+0x116/0x1d0 [ 15.168148] ? __pfx_kthread+0x10/0x10 [ 15.168169] ret_from_fork_asm+0x1a/0x30 [ 15.168200] </TASK> [ 15.168212] [ 15.178678] Allocated by task 282: [ 15.178955] kasan_save_stack+0x45/0x70 [ 15.179179] kasan_save_track+0x18/0x40 [ 15.179509] kasan_save_alloc_info+0x3b/0x50 [ 15.179733] __kasan_kmalloc+0xb7/0xc0 [ 15.180025] __kmalloc_cache_noprof+0x189/0x420 [ 15.180334] kasan_atomics+0x95/0x310 [ 15.180602] kunit_try_run_case+0x1a5/0x480 [ 15.180834] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.181253] kthread+0x337/0x6f0 [ 15.181454] ret_from_fork+0x116/0x1d0 [ 15.181744] ret_from_fork_asm+0x1a/0x30 [ 15.182018] [ 15.182277] The buggy address belongs to the object at ffff8881039c5a00 [ 15.182277] which belongs to the cache kmalloc-64 of size 64 [ 15.182797] The buggy address is located 0 bytes to the right of [ 15.182797] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 15.183647] [ 15.183746] The buggy address belongs to the physical page: [ 15.183958] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 15.184489] flags: 0x200000000000000(node=0|zone=2) [ 15.184840] page_type: f5(slab) [ 15.185080] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.185611] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.186027] page dumped because: kasan: bad access detected [ 15.186413] [ 15.186568] Memory state around the buggy address: [ 15.186875] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.187362] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.187713] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.188069] ^ [ 15.188442] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.188804] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.189230] ================================================================== [ 14.831025] ================================================================== [ 14.831367] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 14.831662] Read of size 8 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 14.831952] [ 14.832065] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.832108] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.832476] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.832523] Call Trace: [ 14.832539] <TASK> [ 14.832554] dump_stack_lvl+0x73/0xb0 [ 14.832582] print_report+0xd1/0x650 [ 14.832605] ? __virt_addr_valid+0x1db/0x2d0 [ 14.832629] ? kasan_atomics_helper+0x13b5/0x5450 [ 14.832652] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.832675] ? kasan_atomics_helper+0x13b5/0x5450 [ 14.832697] kasan_report+0x141/0x180 [ 14.832719] ? kasan_atomics_helper+0x13b5/0x5450 [ 14.832746] kasan_check_range+0x10c/0x1c0 [ 14.832780] __kasan_check_read+0x15/0x20 [ 14.832800] kasan_atomics_helper+0x13b5/0x5450 [ 14.832823] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.832857] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.832882] ? kasan_atomics+0x152/0x310 [ 14.832908] kasan_atomics+0x1dc/0x310 [ 14.832941] ? __pfx_kasan_atomics+0x10/0x10 [ 14.832965] ? __pfx_read_tsc+0x10/0x10 [ 14.832986] ? ktime_get_ts64+0x86/0x230 [ 14.833020] kunit_try_run_case+0x1a5/0x480 [ 14.833044] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.833066] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.833090] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.833154] ? __kthread_parkme+0x82/0x180 [ 14.833181] ? preempt_count_sub+0x50/0x80 [ 14.833219] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.833246] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.833279] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.833303] kthread+0x337/0x6f0 [ 14.833323] ? trace_preempt_on+0x20/0xc0 [ 14.833346] ? __pfx_kthread+0x10/0x10 [ 14.833368] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.833398] ? calculate_sigpending+0x7b/0xa0 [ 14.833423] ? __pfx_kthread+0x10/0x10 [ 14.833445] ret_from_fork+0x116/0x1d0 [ 14.833474] ? __pfx_kthread+0x10/0x10 [ 14.833495] ret_from_fork_asm+0x1a/0x30 [ 14.833526] </TASK> [ 14.833537] [ 14.841157] Allocated by task 282: [ 14.841293] kasan_save_stack+0x45/0x70 [ 14.841437] kasan_save_track+0x18/0x40 [ 14.841574] kasan_save_alloc_info+0x3b/0x50 [ 14.841787] __kasan_kmalloc+0xb7/0xc0 [ 14.842008] __kmalloc_cache_noprof+0x189/0x420 [ 14.842282] kasan_atomics+0x95/0x310 [ 14.842495] kunit_try_run_case+0x1a5/0x480 [ 14.842720] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.843001] kthread+0x337/0x6f0 [ 14.843215] ret_from_fork+0x116/0x1d0 [ 14.843421] ret_from_fork_asm+0x1a/0x30 [ 14.843575] [ 14.843660] The buggy address belongs to the object at ffff8881039c5a00 [ 14.843660] which belongs to the cache kmalloc-64 of size 64 [ 14.844232] The buggy address is located 0 bytes to the right of [ 14.844232] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 14.844606] [ 14.844680] The buggy address belongs to the physical page: [ 14.844856] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 14.845271] flags: 0x200000000000000(node=0|zone=2) [ 14.845507] page_type: f5(slab) [ 14.845674] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.846012] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.846383] page dumped because: kasan: bad access detected [ 14.846617] [ 14.846727] Memory state around the buggy address: [ 14.846922] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.847175] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.847437] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.847781] ^ [ 14.848010] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.848385] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.848706] ================================================================== [ 14.849436] ================================================================== [ 14.849769] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 14.850146] Read of size 8 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 14.850503] [ 14.850645] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.850688] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.850712] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.850733] Call Trace: [ 14.850750] <TASK> [ 14.850779] dump_stack_lvl+0x73/0xb0 [ 14.850806] print_report+0xd1/0x650 [ 14.850829] ? __virt_addr_valid+0x1db/0x2d0 [ 14.850863] ? kasan_atomics_helper+0x4eae/0x5450 [ 14.850884] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.850907] ? kasan_atomics_helper+0x4eae/0x5450 [ 14.850929] kasan_report+0x141/0x180 [ 14.850952] ? kasan_atomics_helper+0x4eae/0x5450 [ 14.850978] __asan_report_load8_noabort+0x18/0x20 [ 14.851003] kasan_atomics_helper+0x4eae/0x5450 [ 14.851026] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.851048] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.851074] ? kasan_atomics+0x152/0x310 [ 14.851100] kasan_atomics+0x1dc/0x310 [ 14.851152] ? __pfx_kasan_atomics+0x10/0x10 [ 14.851177] ? __pfx_read_tsc+0x10/0x10 [ 14.851199] ? ktime_get_ts64+0x86/0x230 [ 14.851223] kunit_try_run_case+0x1a5/0x480 [ 14.851247] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.851270] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.851294] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.851317] ? __kthread_parkme+0x82/0x180 [ 14.851338] ? preempt_count_sub+0x50/0x80 [ 14.851361] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.851385] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.851418] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.851443] kthread+0x337/0x6f0 [ 14.851463] ? trace_preempt_on+0x20/0xc0 [ 14.851507] ? __pfx_kthread+0x10/0x10 [ 14.851528] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.851549] ? calculate_sigpending+0x7b/0xa0 [ 14.851584] ? __pfx_kthread+0x10/0x10 [ 14.851607] ret_from_fork+0x116/0x1d0 [ 14.851626] ? __pfx_kthread+0x10/0x10 [ 14.851648] ret_from_fork_asm+0x1a/0x30 [ 14.851678] </TASK> [ 14.851691] [ 14.859168] Allocated by task 282: [ 14.859327] kasan_save_stack+0x45/0x70 [ 14.859557] kasan_save_track+0x18/0x40 [ 14.859755] kasan_save_alloc_info+0x3b/0x50 [ 14.859949] __kasan_kmalloc+0xb7/0xc0 [ 14.860176] __kmalloc_cache_noprof+0x189/0x420 [ 14.860400] kasan_atomics+0x95/0x310 [ 14.860598] kunit_try_run_case+0x1a5/0x480 [ 14.860787] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.861046] kthread+0x337/0x6f0 [ 14.861237] ret_from_fork+0x116/0x1d0 [ 14.861423] ret_from_fork_asm+0x1a/0x30 [ 14.861634] [ 14.861718] The buggy address belongs to the object at ffff8881039c5a00 [ 14.861718] which belongs to the cache kmalloc-64 of size 64 [ 14.862256] The buggy address is located 0 bytes to the right of [ 14.862256] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 14.862747] [ 14.862843] The buggy address belongs to the physical page: [ 14.863103] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 14.863395] flags: 0x200000000000000(node=0|zone=2) [ 14.863559] page_type: f5(slab) [ 14.863680] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.863913] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.864286] page dumped because: kasan: bad access detected [ 14.864590] [ 14.864699] Memory state around the buggy address: [ 14.864973] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.865341] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.865567] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.865783] ^ [ 14.865938] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.866295] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.866643] ================================================================== [ 14.274987] ================================================================== [ 14.275532] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 14.275813] Write of size 4 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 14.276162] [ 14.276258] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.276383] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.276397] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.276419] Call Trace: [ 14.276436] <TASK> [ 14.276451] dump_stack_lvl+0x73/0xb0 [ 14.276479] print_report+0xd1/0x650 [ 14.276502] ? __virt_addr_valid+0x1db/0x2d0 [ 14.276526] ? kasan_atomics_helper+0x72f/0x5450 [ 14.276548] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.276571] ? kasan_atomics_helper+0x72f/0x5450 [ 14.276594] kasan_report+0x141/0x180 [ 14.276617] ? kasan_atomics_helper+0x72f/0x5450 [ 14.276644] kasan_check_range+0x10c/0x1c0 [ 14.276668] __kasan_check_write+0x18/0x20 [ 14.276688] kasan_atomics_helper+0x72f/0x5450 [ 14.276711] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.276735] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.276761] ? kasan_atomics+0x152/0x310 [ 14.276788] kasan_atomics+0x1dc/0x310 [ 14.276811] ? __pfx_kasan_atomics+0x10/0x10 [ 14.276836] ? __pfx_read_tsc+0x10/0x10 [ 14.276858] ? ktime_get_ts64+0x86/0x230 [ 14.276883] kunit_try_run_case+0x1a5/0x480 [ 14.276907] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.276929] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.276954] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.276977] ? __kthread_parkme+0x82/0x180 [ 14.277000] ? preempt_count_sub+0x50/0x80 [ 14.277023] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.277047] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.277070] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.277093] kthread+0x337/0x6f0 [ 14.277113] ? trace_preempt_on+0x20/0xc0 [ 14.277148] ? __pfx_kthread+0x10/0x10 [ 14.277188] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.277209] ? calculate_sigpending+0x7b/0xa0 [ 14.277233] ? __pfx_kthread+0x10/0x10 [ 14.277255] ret_from_fork+0x116/0x1d0 [ 14.277275] ? __pfx_kthread+0x10/0x10 [ 14.277347] ret_from_fork_asm+0x1a/0x30 [ 14.277382] </TASK> [ 14.277393] [ 14.285250] Allocated by task 282: [ 14.285700] kasan_save_stack+0x45/0x70 [ 14.285864] kasan_save_track+0x18/0x40 [ 14.286063] kasan_save_alloc_info+0x3b/0x50 [ 14.286281] __kasan_kmalloc+0xb7/0xc0 [ 14.286547] __kmalloc_cache_noprof+0x189/0x420 [ 14.286741] kasan_atomics+0x95/0x310 [ 14.286933] kunit_try_run_case+0x1a5/0x480 [ 14.287088] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.287441] kthread+0x337/0x6f0 [ 14.287579] ret_from_fork+0x116/0x1d0 [ 14.287770] ret_from_fork_asm+0x1a/0x30 [ 14.287912] [ 14.287984] The buggy address belongs to the object at ffff8881039c5a00 [ 14.287984] which belongs to the cache kmalloc-64 of size 64 [ 14.288442] The buggy address is located 0 bytes to the right of [ 14.288442] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 14.288986] [ 14.289087] The buggy address belongs to the physical page: [ 14.289386] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 14.289748] flags: 0x200000000000000(node=0|zone=2) [ 14.289980] page_type: f5(slab) [ 14.290151] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.290451] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.290708] page dumped because: kasan: bad access detected [ 14.290880] [ 14.290952] Memory state around the buggy address: [ 14.291110] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.291733] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.292079] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.292511] ^ [ 14.292751] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.293063] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.293414] ================================================================== [ 15.016645] ================================================================== [ 15.016895] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 15.017318] Write of size 8 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 15.017660] [ 15.017772] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.017814] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.017828] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.017850] Call Trace: [ 15.017868] <TASK> [ 15.017885] dump_stack_lvl+0x73/0xb0 [ 15.017911] print_report+0xd1/0x650 [ 15.017935] ? __virt_addr_valid+0x1db/0x2d0 [ 15.017959] ? kasan_atomics_helper+0x18b1/0x5450 [ 15.017981] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.018004] ? kasan_atomics_helper+0x18b1/0x5450 [ 15.018026] kasan_report+0x141/0x180 [ 15.018049] ? kasan_atomics_helper+0x18b1/0x5450 [ 15.018076] kasan_check_range+0x10c/0x1c0 [ 15.018100] __kasan_check_write+0x18/0x20 [ 15.018160] kasan_atomics_helper+0x18b1/0x5450 [ 15.018185] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.018207] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.018232] ? kasan_atomics+0x152/0x310 [ 15.018260] kasan_atomics+0x1dc/0x310 [ 15.018283] ? __pfx_kasan_atomics+0x10/0x10 [ 15.018308] ? __pfx_read_tsc+0x10/0x10 [ 15.018328] ? ktime_get_ts64+0x86/0x230 [ 15.018354] kunit_try_run_case+0x1a5/0x480 [ 15.018379] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.018402] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.018426] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.018448] ? __kthread_parkme+0x82/0x180 [ 15.018469] ? preempt_count_sub+0x50/0x80 [ 15.018492] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.018524] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.018547] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.018571] kthread+0x337/0x6f0 [ 15.018591] ? trace_preempt_on+0x20/0xc0 [ 15.018614] ? __pfx_kthread+0x10/0x10 [ 15.018636] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.018656] ? calculate_sigpending+0x7b/0xa0 [ 15.018680] ? __pfx_kthread+0x10/0x10 [ 15.018702] ret_from_fork+0x116/0x1d0 [ 15.018721] ? __pfx_kthread+0x10/0x10 [ 15.018742] ret_from_fork_asm+0x1a/0x30 [ 15.018773] </TASK> [ 15.018784] [ 15.028886] Allocated by task 282: [ 15.029023] kasan_save_stack+0x45/0x70 [ 15.029186] kasan_save_track+0x18/0x40 [ 15.029445] kasan_save_alloc_info+0x3b/0x50 [ 15.029665] __kasan_kmalloc+0xb7/0xc0 [ 15.029859] __kmalloc_cache_noprof+0x189/0x420 [ 15.030085] kasan_atomics+0x95/0x310 [ 15.031882] kunit_try_run_case+0x1a5/0x480 [ 15.032184] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.032528] kthread+0x337/0x6f0 [ 15.032713] ret_from_fork+0x116/0x1d0 [ 15.032929] ret_from_fork_asm+0x1a/0x30 [ 15.033090] [ 15.033450] The buggy address belongs to the object at ffff8881039c5a00 [ 15.033450] which belongs to the cache kmalloc-64 of size 64 [ 15.034017] The buggy address is located 0 bytes to the right of [ 15.034017] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 15.034759] [ 15.034859] The buggy address belongs to the physical page: [ 15.035112] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 15.035750] flags: 0x200000000000000(node=0|zone=2) [ 15.036060] page_type: f5(slab) [ 15.036321] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.036743] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.037171] page dumped because: kasan: bad access detected [ 15.037444] [ 15.037669] Memory state around the buggy address: [ 15.037880] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.038391] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.038805] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.039148] ^ [ 15.039497] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.039930] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.040423] ================================================================== [ 14.698488] ================================================================== [ 14.699132] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 14.699669] Read of size 4 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 14.700410] [ 14.700528] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.700699] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.700718] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.700742] Call Trace: [ 14.700761] <TASK> [ 14.700779] dump_stack_lvl+0x73/0xb0 [ 14.700808] print_report+0xd1/0x650 [ 14.700832] ? __virt_addr_valid+0x1db/0x2d0 [ 14.700856] ? kasan_atomics_helper+0x4a02/0x5450 [ 14.700879] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.700901] ? kasan_atomics_helper+0x4a02/0x5450 [ 14.700923] kasan_report+0x141/0x180 [ 14.700945] ? kasan_atomics_helper+0x4a02/0x5450 [ 14.700972] __asan_report_load4_noabort+0x18/0x20 [ 14.700997] kasan_atomics_helper+0x4a02/0x5450 [ 14.701019] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.701042] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.701067] ? kasan_atomics+0x152/0x310 [ 14.701094] kasan_atomics+0x1dc/0x310 [ 14.701118] ? __pfx_kasan_atomics+0x10/0x10 [ 14.701152] ? __pfx_read_tsc+0x10/0x10 [ 14.701175] ? ktime_get_ts64+0x86/0x230 [ 14.701200] kunit_try_run_case+0x1a5/0x480 [ 14.701224] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.701246] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.701270] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.701294] ? __kthread_parkme+0x82/0x180 [ 14.701371] ? preempt_count_sub+0x50/0x80 [ 14.701395] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.701420] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.701443] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.701468] kthread+0x337/0x6f0 [ 14.701487] ? trace_preempt_on+0x20/0xc0 [ 14.701512] ? __pfx_kthread+0x10/0x10 [ 14.701534] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.701556] ? calculate_sigpending+0x7b/0xa0 [ 14.701580] ? __pfx_kthread+0x10/0x10 [ 14.701601] ret_from_fork+0x116/0x1d0 [ 14.701621] ? __pfx_kthread+0x10/0x10 [ 14.701642] ret_from_fork_asm+0x1a/0x30 [ 14.701673] </TASK> [ 14.701685] [ 14.713781] Allocated by task 282: [ 14.713969] kasan_save_stack+0x45/0x70 [ 14.714828] kasan_save_track+0x18/0x40 [ 14.715006] kasan_save_alloc_info+0x3b/0x50 [ 14.715494] __kasan_kmalloc+0xb7/0xc0 [ 14.715871] __kmalloc_cache_noprof+0x189/0x420 [ 14.716074] kasan_atomics+0x95/0x310 [ 14.716526] kunit_try_run_case+0x1a5/0x480 [ 14.716884] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.717180] kthread+0x337/0x6f0 [ 14.717564] ret_from_fork+0x116/0x1d0 [ 14.717864] ret_from_fork_asm+0x1a/0x30 [ 14.718177] [ 14.718472] The buggy address belongs to the object at ffff8881039c5a00 [ 14.718472] which belongs to the cache kmalloc-64 of size 64 [ 14.718971] The buggy address is located 0 bytes to the right of [ 14.718971] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 14.720059] [ 14.720168] The buggy address belongs to the physical page: [ 14.720814] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 14.721386] flags: 0x200000000000000(node=0|zone=2) [ 14.721627] page_type: f5(slab) [ 14.721795] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.722119] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.722745] page dumped because: kasan: bad access detected [ 14.723004] [ 14.723096] Memory state around the buggy address: [ 14.723607] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.724013] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.724709] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.725000] ^ [ 14.725541] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.725840] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.726282] ================================================================== [ 14.903598] ================================================================== [ 14.903949] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 14.904399] Write of size 8 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 14.904703] [ 14.904793] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.904836] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.904849] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.904873] Call Trace: [ 14.904886] <TASK> [ 14.904901] dump_stack_lvl+0x73/0xb0 [ 14.904928] print_report+0xd1/0x650 [ 14.904951] ? __virt_addr_valid+0x1db/0x2d0 [ 14.904974] ? kasan_atomics_helper+0x151d/0x5450 [ 14.904996] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.905019] ? kasan_atomics_helper+0x151d/0x5450 [ 14.905042] kasan_report+0x141/0x180 [ 14.905065] ? kasan_atomics_helper+0x151d/0x5450 [ 14.905095] kasan_check_range+0x10c/0x1c0 [ 14.905148] __kasan_check_write+0x18/0x20 [ 14.905169] kasan_atomics_helper+0x151d/0x5450 [ 14.905202] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.905225] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.905262] ? kasan_atomics+0x152/0x310 [ 14.905290] kasan_atomics+0x1dc/0x310 [ 14.905313] ? __pfx_kasan_atomics+0x10/0x10 [ 14.905338] ? __pfx_read_tsc+0x10/0x10 [ 14.905360] ? ktime_get_ts64+0x86/0x230 [ 14.905383] kunit_try_run_case+0x1a5/0x480 [ 14.905407] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.905432] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.905455] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.905479] ? __kthread_parkme+0x82/0x180 [ 14.905500] ? preempt_count_sub+0x50/0x80 [ 14.905525] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.905549] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.905573] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.905597] kthread+0x337/0x6f0 [ 14.905617] ? trace_preempt_on+0x20/0xc0 [ 14.905641] ? __pfx_kthread+0x10/0x10 [ 14.905662] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.905684] ? calculate_sigpending+0x7b/0xa0 [ 14.905709] ? __pfx_kthread+0x10/0x10 [ 14.905741] ret_from_fork+0x116/0x1d0 [ 14.905760] ? __pfx_kthread+0x10/0x10 [ 14.905782] ret_from_fork_asm+0x1a/0x30 [ 14.905822] </TASK> [ 14.905834] [ 14.913739] Allocated by task 282: [ 14.913909] kasan_save_stack+0x45/0x70 [ 14.914111] kasan_save_track+0x18/0x40 [ 14.914327] kasan_save_alloc_info+0x3b/0x50 [ 14.914549] __kasan_kmalloc+0xb7/0xc0 [ 14.914729] __kmalloc_cache_noprof+0x189/0x420 [ 14.914952] kasan_atomics+0x95/0x310 [ 14.915203] kunit_try_run_case+0x1a5/0x480 [ 14.915384] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.915677] kthread+0x337/0x6f0 [ 14.915867] ret_from_fork+0x116/0x1d0 [ 14.916058] ret_from_fork_asm+0x1a/0x30 [ 14.916292] [ 14.916388] The buggy address belongs to the object at ffff8881039c5a00 [ 14.916388] which belongs to the cache kmalloc-64 of size 64 [ 14.916880] The buggy address is located 0 bytes to the right of [ 14.916880] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 14.917437] [ 14.917559] The buggy address belongs to the physical page: [ 14.917796] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 14.918175] flags: 0x200000000000000(node=0|zone=2) [ 14.918418] page_type: f5(slab) [ 14.918595] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.918844] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.919074] page dumped because: kasan: bad access detected [ 14.919368] [ 14.919474] Memory state around the buggy address: [ 14.919700] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.919965] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.920216] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.920553] ^ [ 14.920781] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.921152] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.921486] ================================================================== [ 14.384725] ================================================================== [ 14.385088] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 14.385474] Write of size 4 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 14.385956] [ 14.386064] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.386207] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.386221] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.386243] Call Trace: [ 14.386259] <TASK> [ 14.386276] dump_stack_lvl+0x73/0xb0 [ 14.386363] print_report+0xd1/0x650 [ 14.386389] ? __virt_addr_valid+0x1db/0x2d0 [ 14.386480] ? kasan_atomics_helper+0xa2b/0x5450 [ 14.386518] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.386541] ? kasan_atomics_helper+0xa2b/0x5450 [ 14.386563] kasan_report+0x141/0x180 [ 14.386586] ? kasan_atomics_helper+0xa2b/0x5450 [ 14.386614] kasan_check_range+0x10c/0x1c0 [ 14.386637] __kasan_check_write+0x18/0x20 [ 14.386658] kasan_atomics_helper+0xa2b/0x5450 [ 14.386681] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.386704] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.386730] ? kasan_atomics+0x152/0x310 [ 14.386757] kasan_atomics+0x1dc/0x310 [ 14.386780] ? __pfx_kasan_atomics+0x10/0x10 [ 14.386806] ? __pfx_read_tsc+0x10/0x10 [ 14.386827] ? ktime_get_ts64+0x86/0x230 [ 14.386852] kunit_try_run_case+0x1a5/0x480 [ 14.386875] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.386897] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.386921] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.386944] ? __kthread_parkme+0x82/0x180 [ 14.386964] ? preempt_count_sub+0x50/0x80 [ 14.386988] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.387012] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.387034] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.387059] kthread+0x337/0x6f0 [ 14.387079] ? trace_preempt_on+0x20/0xc0 [ 14.387103] ? __pfx_kthread+0x10/0x10 [ 14.387150] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.387172] ? calculate_sigpending+0x7b/0xa0 [ 14.387195] ? __pfx_kthread+0x10/0x10 [ 14.387217] ret_from_fork+0x116/0x1d0 [ 14.387236] ? __pfx_kthread+0x10/0x10 [ 14.387258] ret_from_fork_asm+0x1a/0x30 [ 14.387288] </TASK> [ 14.387307] [ 14.397234] Allocated by task 282: [ 14.397419] kasan_save_stack+0x45/0x70 [ 14.397606] kasan_save_track+0x18/0x40 [ 14.397779] kasan_save_alloc_info+0x3b/0x50 [ 14.397976] __kasan_kmalloc+0xb7/0xc0 [ 14.398285] __kmalloc_cache_noprof+0x189/0x420 [ 14.398556] kasan_atomics+0x95/0x310 [ 14.398772] kunit_try_run_case+0x1a5/0x480 [ 14.399040] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.399355] kthread+0x337/0x6f0 [ 14.399534] ret_from_fork+0x116/0x1d0 [ 14.399800] ret_from_fork_asm+0x1a/0x30 [ 14.399946] [ 14.400037] The buggy address belongs to the object at ffff8881039c5a00 [ 14.400037] which belongs to the cache kmalloc-64 of size 64 [ 14.400933] The buggy address is located 0 bytes to the right of [ 14.400933] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 14.401603] [ 14.401796] The buggy address belongs to the physical page: [ 14.402082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 14.402571] flags: 0x200000000000000(node=0|zone=2) [ 14.402843] page_type: f5(slab) [ 14.403016] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.403481] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.403857] page dumped because: kasan: bad access detected [ 14.404133] [ 14.404262] Memory state around the buggy address: [ 14.404651] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.405024] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.405576] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.405931] ^ [ 14.406170] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.406631] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.406961] ================================================================== [ 14.429512] ================================================================== [ 14.429748] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 14.430056] Write of size 4 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 14.430779] [ 14.430901] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.430984] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.431022] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.431044] Call Trace: [ 14.431074] <TASK> [ 14.431091] dump_stack_lvl+0x73/0xb0 [ 14.431148] print_report+0xd1/0x650 [ 14.431173] ? __virt_addr_valid+0x1db/0x2d0 [ 14.431197] ? kasan_atomics_helper+0xb6a/0x5450 [ 14.431218] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.431240] ? kasan_atomics_helper+0xb6a/0x5450 [ 14.431262] kasan_report+0x141/0x180 [ 14.431284] ? kasan_atomics_helper+0xb6a/0x5450 [ 14.431371] kasan_check_range+0x10c/0x1c0 [ 14.431396] __kasan_check_write+0x18/0x20 [ 14.431418] kasan_atomics_helper+0xb6a/0x5450 [ 14.431440] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.431462] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.431488] ? kasan_atomics+0x152/0x310 [ 14.431515] kasan_atomics+0x1dc/0x310 [ 14.431538] ? __pfx_kasan_atomics+0x10/0x10 [ 14.431563] ? __pfx_read_tsc+0x10/0x10 [ 14.431583] ? ktime_get_ts64+0x86/0x230 [ 14.431608] kunit_try_run_case+0x1a5/0x480 [ 14.431632] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.431655] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.431679] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.431702] ? __kthread_parkme+0x82/0x180 [ 14.431722] ? preempt_count_sub+0x50/0x80 [ 14.431746] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.431770] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.431793] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.431817] kthread+0x337/0x6f0 [ 14.431836] ? trace_preempt_on+0x20/0xc0 [ 14.431860] ? __pfx_kthread+0x10/0x10 [ 14.431880] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.431902] ? calculate_sigpending+0x7b/0xa0 [ 14.431926] ? __pfx_kthread+0x10/0x10 [ 14.431947] ret_from_fork+0x116/0x1d0 [ 14.431966] ? __pfx_kthread+0x10/0x10 [ 14.431987] ret_from_fork_asm+0x1a/0x30 [ 14.432018] </TASK> [ 14.432029] [ 14.441659] Allocated by task 282: [ 14.441986] kasan_save_stack+0x45/0x70 [ 14.442237] kasan_save_track+0x18/0x40 [ 14.442546] kasan_save_alloc_info+0x3b/0x50 [ 14.442828] __kasan_kmalloc+0xb7/0xc0 [ 14.442969] __kmalloc_cache_noprof+0x189/0x420 [ 14.443227] kasan_atomics+0x95/0x310 [ 14.443556] kunit_try_run_case+0x1a5/0x480 [ 14.443813] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.444063] kthread+0x337/0x6f0 [ 14.444283] ret_from_fork+0x116/0x1d0 [ 14.444596] ret_from_fork_asm+0x1a/0x30 [ 14.444798] [ 14.444895] The buggy address belongs to the object at ffff8881039c5a00 [ 14.444895] which belongs to the cache kmalloc-64 of size 64 [ 14.445809] The buggy address is located 0 bytes to the right of [ 14.445809] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 14.446527] [ 14.446608] The buggy address belongs to the physical page: [ 14.446980] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 14.447458] flags: 0x200000000000000(node=0|zone=2) [ 14.447740] page_type: f5(slab) [ 14.447883] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.448243] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.448573] page dumped because: kasan: bad access detected [ 14.448819] [ 14.448908] Memory state around the buggy address: [ 14.449352] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.449591] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.449915] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.450330] ^ [ 14.450787] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.451132] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.451438] ================================================================== [ 14.518099] ================================================================== [ 14.518714] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 14.519034] Write of size 4 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 14.519408] [ 14.519693] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.519770] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.519784] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.519805] Call Trace: [ 14.519836] <TASK> [ 14.519852] dump_stack_lvl+0x73/0xb0 [ 14.519882] print_report+0xd1/0x650 [ 14.519905] ? __virt_addr_valid+0x1db/0x2d0 [ 14.519930] ? kasan_atomics_helper+0xde0/0x5450 [ 14.519952] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.519975] ? kasan_atomics_helper+0xde0/0x5450 [ 14.519996] kasan_report+0x141/0x180 [ 14.520019] ? kasan_atomics_helper+0xde0/0x5450 [ 14.520074] kasan_check_range+0x10c/0x1c0 [ 14.520099] __kasan_check_write+0x18/0x20 [ 14.520120] kasan_atomics_helper+0xde0/0x5450 [ 14.520186] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.520210] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.520235] ? kasan_atomics+0x152/0x310 [ 14.520273] kasan_atomics+0x1dc/0x310 [ 14.520345] ? __pfx_kasan_atomics+0x10/0x10 [ 14.520373] ? __pfx_read_tsc+0x10/0x10 [ 14.520396] ? ktime_get_ts64+0x86/0x230 [ 14.520422] kunit_try_run_case+0x1a5/0x480 [ 14.520446] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.520468] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.520493] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.520517] ? __kthread_parkme+0x82/0x180 [ 14.520539] ? preempt_count_sub+0x50/0x80 [ 14.520564] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.520588] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.520612] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.520635] kthread+0x337/0x6f0 [ 14.520656] ? trace_preempt_on+0x20/0xc0 [ 14.520681] ? __pfx_kthread+0x10/0x10 [ 14.520702] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.520724] ? calculate_sigpending+0x7b/0xa0 [ 14.520749] ? __pfx_kthread+0x10/0x10 [ 14.520771] ret_from_fork+0x116/0x1d0 [ 14.520789] ? __pfx_kthread+0x10/0x10 [ 14.520811] ret_from_fork_asm+0x1a/0x30 [ 14.520841] </TASK> [ 14.520854] [ 14.529818] Allocated by task 282: [ 14.529953] kasan_save_stack+0x45/0x70 [ 14.530235] kasan_save_track+0x18/0x40 [ 14.530449] kasan_save_alloc_info+0x3b/0x50 [ 14.530888] __kasan_kmalloc+0xb7/0xc0 [ 14.531101] __kmalloc_cache_noprof+0x189/0x420 [ 14.531278] kasan_atomics+0x95/0x310 [ 14.531611] kunit_try_run_case+0x1a5/0x480 [ 14.531879] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.532149] kthread+0x337/0x6f0 [ 14.532291] ret_from_fork+0x116/0x1d0 [ 14.532486] ret_from_fork_asm+0x1a/0x30 [ 14.532669] [ 14.532757] The buggy address belongs to the object at ffff8881039c5a00 [ 14.532757] which belongs to the cache kmalloc-64 of size 64 [ 14.533486] The buggy address is located 0 bytes to the right of [ 14.533486] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 14.533949] [ 14.534024] The buggy address belongs to the physical page: [ 14.534507] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 14.534935] flags: 0x200000000000000(node=0|zone=2) [ 14.535279] page_type: f5(slab) [ 14.535446] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.535851] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.536170] page dumped because: kasan: bad access detected [ 14.536479] [ 14.536577] Memory state around the buggy address: [ 14.536969] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.537405] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.537702] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.538004] ^ [ 14.538284] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.538844] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.539088] ================================================================== [ 15.396977] ================================================================== [ 15.397401] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 15.397640] Read of size 8 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 15.397933] [ 15.398076] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.398149] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.398163] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.398184] Call Trace: [ 15.398200] <TASK> [ 15.398215] dump_stack_lvl+0x73/0xb0 [ 15.398241] print_report+0xd1/0x650 [ 15.398263] ? __virt_addr_valid+0x1db/0x2d0 [ 15.398288] ? kasan_atomics_helper+0x4fb2/0x5450 [ 15.398309] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.398333] ? kasan_atomics_helper+0x4fb2/0x5450 [ 15.398356] kasan_report+0x141/0x180 [ 15.398378] ? kasan_atomics_helper+0x4fb2/0x5450 [ 15.398405] __asan_report_load8_noabort+0x18/0x20 [ 15.398462] kasan_atomics_helper+0x4fb2/0x5450 [ 15.398485] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.398521] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.398548] ? kasan_atomics+0x152/0x310 [ 15.398574] kasan_atomics+0x1dc/0x310 [ 15.398597] ? __pfx_kasan_atomics+0x10/0x10 [ 15.398621] ? __pfx_read_tsc+0x10/0x10 [ 15.398642] ? ktime_get_ts64+0x86/0x230 [ 15.398666] kunit_try_run_case+0x1a5/0x480 [ 15.398691] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.398714] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.398737] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.398760] ? __kthread_parkme+0x82/0x180 [ 15.398782] ? preempt_count_sub+0x50/0x80 [ 15.398806] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.398830] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.398853] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.398877] kthread+0x337/0x6f0 [ 15.398897] ? trace_preempt_on+0x20/0xc0 [ 15.398920] ? __pfx_kthread+0x10/0x10 [ 15.398941] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.398962] ? calculate_sigpending+0x7b/0xa0 [ 15.398986] ? __pfx_kthread+0x10/0x10 [ 15.399007] ret_from_fork+0x116/0x1d0 [ 15.399060] ? __pfx_kthread+0x10/0x10 [ 15.399081] ret_from_fork_asm+0x1a/0x30 [ 15.399150] </TASK> [ 15.399162] [ 15.407052] Allocated by task 282: [ 15.407252] kasan_save_stack+0x45/0x70 [ 15.407409] kasan_save_track+0x18/0x40 [ 15.407603] kasan_save_alloc_info+0x3b/0x50 [ 15.407864] __kasan_kmalloc+0xb7/0xc0 [ 15.408039] __kmalloc_cache_noprof+0x189/0x420 [ 15.408353] kasan_atomics+0x95/0x310 [ 15.408495] kunit_try_run_case+0x1a5/0x480 [ 15.408673] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.408971] kthread+0x337/0x6f0 [ 15.409207] ret_from_fork+0x116/0x1d0 [ 15.409494] ret_from_fork_asm+0x1a/0x30 [ 15.409638] [ 15.409711] The buggy address belongs to the object at ffff8881039c5a00 [ 15.409711] which belongs to the cache kmalloc-64 of size 64 [ 15.410305] The buggy address is located 0 bytes to the right of [ 15.410305] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 15.410798] [ 15.410896] The buggy address belongs to the physical page: [ 15.411170] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 15.411560] flags: 0x200000000000000(node=0|zone=2) [ 15.411727] page_type: f5(slab) [ 15.411846] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.412172] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.412560] page dumped because: kasan: bad access detected [ 15.412818] [ 15.412912] Memory state around the buggy address: [ 15.413256] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.413530] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.413818] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.414147] ^ [ 15.414311] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.414671] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.415152] ================================================================== [ 15.434028] ================================================================== [ 15.434568] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 15.434915] Read of size 8 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 15.435147] [ 15.435230] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.435271] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.435284] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.435304] Call Trace: [ 15.435322] <TASK> [ 15.435338] dump_stack_lvl+0x73/0xb0 [ 15.435364] print_report+0xd1/0x650 [ 15.435388] ? __virt_addr_valid+0x1db/0x2d0 [ 15.435410] ? kasan_atomics_helper+0x4fa5/0x5450 [ 15.435432] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.435455] ? kasan_atomics_helper+0x4fa5/0x5450 [ 15.435476] kasan_report+0x141/0x180 [ 15.435499] ? kasan_atomics_helper+0x4fa5/0x5450 [ 15.435526] __asan_report_load8_noabort+0x18/0x20 [ 15.435552] kasan_atomics_helper+0x4fa5/0x5450 [ 15.435587] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.435610] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.435635] ? kasan_atomics+0x152/0x310 [ 15.435674] kasan_atomics+0x1dc/0x310 [ 15.435697] ? __pfx_kasan_atomics+0x10/0x10 [ 15.435722] ? __pfx_read_tsc+0x10/0x10 [ 15.435743] ? ktime_get_ts64+0x86/0x230 [ 15.435767] kunit_try_run_case+0x1a5/0x480 [ 15.435792] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.435815] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.435839] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.435863] ? __kthread_parkme+0x82/0x180 [ 15.435884] ? preempt_count_sub+0x50/0x80 [ 15.435908] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.435941] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.435965] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.435989] kthread+0x337/0x6f0 [ 15.436020] ? trace_preempt_on+0x20/0xc0 [ 15.436042] ? __pfx_kthread+0x10/0x10 [ 15.436064] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.436086] ? calculate_sigpending+0x7b/0xa0 [ 15.436110] ? __pfx_kthread+0x10/0x10 [ 15.436141] ret_from_fork+0x116/0x1d0 [ 15.436161] ? __pfx_kthread+0x10/0x10 [ 15.436185] ret_from_fork_asm+0x1a/0x30 [ 15.436217] </TASK> [ 15.436229] [ 15.443994] Allocated by task 282: [ 15.444274] kasan_save_stack+0x45/0x70 [ 15.444478] kasan_save_track+0x18/0x40 [ 15.444698] kasan_save_alloc_info+0x3b/0x50 [ 15.444911] __kasan_kmalloc+0xb7/0xc0 [ 15.445102] __kmalloc_cache_noprof+0x189/0x420 [ 15.445356] kasan_atomics+0x95/0x310 [ 15.445516] kunit_try_run_case+0x1a5/0x480 [ 15.445664] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.445944] kthread+0x337/0x6f0 [ 15.446116] ret_from_fork+0x116/0x1d0 [ 15.446309] ret_from_fork_asm+0x1a/0x30 [ 15.446446] [ 15.446524] The buggy address belongs to the object at ffff8881039c5a00 [ 15.446524] which belongs to the cache kmalloc-64 of size 64 [ 15.447051] The buggy address is located 0 bytes to the right of [ 15.447051] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 15.447588] [ 15.447662] The buggy address belongs to the physical page: [ 15.447838] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 15.448080] flags: 0x200000000000000(node=0|zone=2) [ 15.448328] page_type: f5(slab) [ 15.448511] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.448848] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.449214] page dumped because: kasan: bad access detected [ 15.449466] [ 15.449564] Memory state around the buggy address: [ 15.449786] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.450101] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.450431] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.450652] ^ [ 15.450809] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.451085] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.451467] ================================================================== [ 14.220268] ================================================================== [ 14.220624] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 14.220977] Write of size 4 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 14.221380] [ 14.221490] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.221532] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.221544] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.221581] Call Trace: [ 14.221598] <TASK> [ 14.221613] dump_stack_lvl+0x73/0xb0 [ 14.221652] print_report+0xd1/0x650 [ 14.221676] ? __virt_addr_valid+0x1db/0x2d0 [ 14.221700] ? kasan_atomics_helper+0x5fe/0x5450 [ 14.221730] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.221753] ? kasan_atomics_helper+0x5fe/0x5450 [ 14.221775] kasan_report+0x141/0x180 [ 14.221808] ? kasan_atomics_helper+0x5fe/0x5450 [ 14.221835] kasan_check_range+0x10c/0x1c0 [ 14.221859] __kasan_check_write+0x18/0x20 [ 14.221888] kasan_atomics_helper+0x5fe/0x5450 [ 14.221912] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.221936] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.221972] ? kasan_atomics+0x152/0x310 [ 14.222000] kasan_atomics+0x1dc/0x310 [ 14.222023] ? __pfx_kasan_atomics+0x10/0x10 [ 14.222048] ? __pfx_read_tsc+0x10/0x10 [ 14.222077] ? ktime_get_ts64+0x86/0x230 [ 14.222102] kunit_try_run_case+0x1a5/0x480 [ 14.222142] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.222166] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.222190] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.222213] ? __kthread_parkme+0x82/0x180 [ 14.222235] ? preempt_count_sub+0x50/0x80 [ 14.222258] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.222283] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.222306] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.222330] kthread+0x337/0x6f0 [ 14.222351] ? trace_preempt_on+0x20/0xc0 [ 14.222429] ? __pfx_kthread+0x10/0x10 [ 14.222452] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.222484] ? calculate_sigpending+0x7b/0xa0 [ 14.222507] ? __pfx_kthread+0x10/0x10 [ 14.222532] ret_from_fork+0x116/0x1d0 [ 14.222564] ? __pfx_kthread+0x10/0x10 [ 14.222585] ret_from_fork_asm+0x1a/0x30 [ 14.222615] </TASK> [ 14.222626] [ 14.232146] Allocated by task 282: [ 14.232283] kasan_save_stack+0x45/0x70 [ 14.232431] kasan_save_track+0x18/0x40 [ 14.232571] kasan_save_alloc_info+0x3b/0x50 [ 14.234035] __kasan_kmalloc+0xb7/0xc0 [ 14.234625] __kmalloc_cache_noprof+0x189/0x420 [ 14.235464] kasan_atomics+0x95/0x310 [ 14.236181] kunit_try_run_case+0x1a5/0x480 [ 14.236893] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.237796] kthread+0x337/0x6f0 [ 14.238462] ret_from_fork+0x116/0x1d0 [ 14.239254] ret_from_fork_asm+0x1a/0x30 [ 14.239960] [ 14.240328] The buggy address belongs to the object at ffff8881039c5a00 [ 14.240328] which belongs to the cache kmalloc-64 of size 64 [ 14.241909] The buggy address is located 0 bytes to the right of [ 14.241909] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 14.242373] [ 14.242639] The buggy address belongs to the physical page: [ 14.243174] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 14.243989] flags: 0x200000000000000(node=0|zone=2) [ 14.244512] page_type: f5(slab) [ 14.244937] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.245357] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.245593] page dumped because: kasan: bad access detected [ 14.245769] [ 14.245845] Memory state around the buggy address: [ 14.246012] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.246277] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.247012] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.247623] ^ [ 14.247906] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.248151] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.248955] ================================================================== [ 15.215379] ================================================================== [ 15.215711] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 15.216022] Write of size 8 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 15.216823] [ 15.217034] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.217082] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.217095] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.217118] Call Trace: [ 15.217168] <TASK> [ 15.217261] dump_stack_lvl+0x73/0xb0 [ 15.217291] print_report+0xd1/0x650 [ 15.217314] ? __virt_addr_valid+0x1db/0x2d0 [ 15.217339] ? kasan_atomics_helper+0x1d7a/0x5450 [ 15.217361] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.217383] ? kasan_atomics_helper+0x1d7a/0x5450 [ 15.217405] kasan_report+0x141/0x180 [ 15.217429] ? kasan_atomics_helper+0x1d7a/0x5450 [ 15.217457] kasan_check_range+0x10c/0x1c0 [ 15.217481] __kasan_check_write+0x18/0x20 [ 15.217501] kasan_atomics_helper+0x1d7a/0x5450 [ 15.217525] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.217547] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.217573] ? kasan_atomics+0x152/0x310 [ 15.217600] kasan_atomics+0x1dc/0x310 [ 15.217624] ? __pfx_kasan_atomics+0x10/0x10 [ 15.217649] ? __pfx_read_tsc+0x10/0x10 [ 15.217670] ? ktime_get_ts64+0x86/0x230 [ 15.217695] kunit_try_run_case+0x1a5/0x480 [ 15.217719] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.217741] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.217765] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.217788] ? __kthread_parkme+0x82/0x180 [ 15.217809] ? preempt_count_sub+0x50/0x80 [ 15.217833] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.217858] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.217881] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.217904] kthread+0x337/0x6f0 [ 15.217924] ? trace_preempt_on+0x20/0xc0 [ 15.217947] ? __pfx_kthread+0x10/0x10 [ 15.217968] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.217990] ? calculate_sigpending+0x7b/0xa0 [ 15.218014] ? __pfx_kthread+0x10/0x10 [ 15.218036] ret_from_fork+0x116/0x1d0 [ 15.218055] ? __pfx_kthread+0x10/0x10 [ 15.218076] ret_from_fork_asm+0x1a/0x30 [ 15.218106] </TASK> [ 15.218118] [ 15.228542] Allocated by task 282: [ 15.228704] kasan_save_stack+0x45/0x70 [ 15.229060] kasan_save_track+0x18/0x40 [ 15.229399] kasan_save_alloc_info+0x3b/0x50 [ 15.229674] __kasan_kmalloc+0xb7/0xc0 [ 15.229882] __kmalloc_cache_noprof+0x189/0x420 [ 15.230280] kasan_atomics+0x95/0x310 [ 15.230485] kunit_try_run_case+0x1a5/0x480 [ 15.230787] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.231159] kthread+0x337/0x6f0 [ 15.231299] ret_from_fork+0x116/0x1d0 [ 15.231507] ret_from_fork_asm+0x1a/0x30 [ 15.231905] [ 15.232023] The buggy address belongs to the object at ffff8881039c5a00 [ 15.232023] which belongs to the cache kmalloc-64 of size 64 [ 15.232662] The buggy address is located 0 bytes to the right of [ 15.232662] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 15.233331] [ 15.233572] The buggy address belongs to the physical page: [ 15.233841] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 15.234449] flags: 0x200000000000000(node=0|zone=2) [ 15.234755] page_type: f5(slab) [ 15.234948] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.235386] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.235807] page dumped because: kasan: bad access detected [ 15.236042] [ 15.236252] Memory state around the buggy address: [ 15.236582] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.236877] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.237376] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.237766] ^ [ 15.238066] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.238580] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.238872] ================================================================== [ 15.313465] ================================================================== [ 15.313951] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 15.314316] Read of size 8 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 15.314623] [ 15.314764] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.314806] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.314820] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.314841] Call Trace: [ 15.314857] <TASK> [ 15.314874] dump_stack_lvl+0x73/0xb0 [ 15.314901] print_report+0xd1/0x650 [ 15.314924] ? __virt_addr_valid+0x1db/0x2d0 [ 15.314947] ? kasan_atomics_helper+0x4f71/0x5450 [ 15.314969] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.314991] ? kasan_atomics_helper+0x4f71/0x5450 [ 15.315014] kasan_report+0x141/0x180 [ 15.315036] ? kasan_atomics_helper+0x4f71/0x5450 [ 15.315063] __asan_report_load8_noabort+0x18/0x20 [ 15.315087] kasan_atomics_helper+0x4f71/0x5450 [ 15.315111] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.315163] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.315189] ? kasan_atomics+0x152/0x310 [ 15.315216] kasan_atomics+0x1dc/0x310 [ 15.315239] ? __pfx_kasan_atomics+0x10/0x10 [ 15.315264] ? __pfx_read_tsc+0x10/0x10 [ 15.315284] ? ktime_get_ts64+0x86/0x230 [ 15.315308] kunit_try_run_case+0x1a5/0x480 [ 15.315333] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.315354] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.315378] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.315401] ? __kthread_parkme+0x82/0x180 [ 15.315423] ? preempt_count_sub+0x50/0x80 [ 15.315447] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.315470] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.315494] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.315518] kthread+0x337/0x6f0 [ 15.315539] ? trace_preempt_on+0x20/0xc0 [ 15.315562] ? __pfx_kthread+0x10/0x10 [ 15.315583] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.315604] ? calculate_sigpending+0x7b/0xa0 [ 15.315628] ? __pfx_kthread+0x10/0x10 [ 15.315650] ret_from_fork+0x116/0x1d0 [ 15.315669] ? __pfx_kthread+0x10/0x10 [ 15.315691] ret_from_fork_asm+0x1a/0x30 [ 15.315721] </TASK> [ 15.315733] [ 15.326055] Allocated by task 282: [ 15.326598] kasan_save_stack+0x45/0x70 [ 15.327016] kasan_save_track+0x18/0x40 [ 15.327408] kasan_save_alloc_info+0x3b/0x50 [ 15.327980] __kasan_kmalloc+0xb7/0xc0 [ 15.328625] __kmalloc_cache_noprof+0x189/0x420 [ 15.328846] kasan_atomics+0x95/0x310 [ 15.328988] kunit_try_run_case+0x1a5/0x480 [ 15.329150] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.329430] kthread+0x337/0x6f0 [ 15.329569] ret_from_fork+0x116/0x1d0 [ 15.329763] ret_from_fork_asm+0x1a/0x30 [ 15.329916] [ 15.330153] The buggy address belongs to the object at ffff8881039c5a00 [ 15.330153] which belongs to the cache kmalloc-64 of size 64 [ 15.330659] The buggy address is located 0 bytes to the right of [ 15.330659] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 15.331030] [ 15.331105] The buggy address belongs to the physical page: [ 15.331739] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 15.332524] flags: 0x200000000000000(node=0|zone=2) [ 15.333177] page_type: f5(slab) [ 15.333516] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.334245] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.334954] page dumped because: kasan: bad access detected [ 15.335354] [ 15.335431] Memory state around the buggy address: [ 15.335588] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.335806] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.336022] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.336616] ^ [ 15.337089] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.337809] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.338547] ================================================================== [ 15.116062] ================================================================== [ 15.116532] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 15.116882] Write of size 8 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 15.117479] [ 15.117826] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.117876] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.117890] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.117912] Call Trace: [ 15.117928] <TASK> [ 15.117943] dump_stack_lvl+0x73/0xb0 [ 15.117971] print_report+0xd1/0x650 [ 15.117995] ? __virt_addr_valid+0x1db/0x2d0 [ 15.118021] ? kasan_atomics_helper+0x1b22/0x5450 [ 15.118043] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.118067] ? kasan_atomics_helper+0x1b22/0x5450 [ 15.118089] kasan_report+0x141/0x180 [ 15.118112] ? kasan_atomics_helper+0x1b22/0x5450 [ 15.118154] kasan_check_range+0x10c/0x1c0 [ 15.118178] __kasan_check_write+0x18/0x20 [ 15.118198] kasan_atomics_helper+0x1b22/0x5450 [ 15.118221] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.118243] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.118269] ? kasan_atomics+0x152/0x310 [ 15.118296] kasan_atomics+0x1dc/0x310 [ 15.118319] ? __pfx_kasan_atomics+0x10/0x10 [ 15.118345] ? __pfx_read_tsc+0x10/0x10 [ 15.118366] ? ktime_get_ts64+0x86/0x230 [ 15.118391] kunit_try_run_case+0x1a5/0x480 [ 15.118414] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.118437] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.118461] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.118485] ? __kthread_parkme+0x82/0x180 [ 15.118506] ? preempt_count_sub+0x50/0x80 [ 15.118535] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.118559] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.118582] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.118605] kthread+0x337/0x6f0 [ 15.118625] ? trace_preempt_on+0x20/0xc0 [ 15.118648] ? __pfx_kthread+0x10/0x10 [ 15.118670] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.118691] ? calculate_sigpending+0x7b/0xa0 [ 15.118716] ? __pfx_kthread+0x10/0x10 [ 15.118738] ret_from_fork+0x116/0x1d0 [ 15.118757] ? __pfx_kthread+0x10/0x10 [ 15.118778] ret_from_fork_asm+0x1a/0x30 [ 15.118809] </TASK> [ 15.118820] [ 15.129225] Allocated by task 282: [ 15.129548] kasan_save_stack+0x45/0x70 [ 15.129752] kasan_save_track+0x18/0x40 [ 15.130033] kasan_save_alloc_info+0x3b/0x50 [ 15.130371] __kasan_kmalloc+0xb7/0xc0 [ 15.130581] __kmalloc_cache_noprof+0x189/0x420 [ 15.130892] kasan_atomics+0x95/0x310 [ 15.131157] kunit_try_run_case+0x1a5/0x480 [ 15.131490] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.131882] kthread+0x337/0x6f0 [ 15.132065] ret_from_fork+0x116/0x1d0 [ 15.132467] ret_from_fork_asm+0x1a/0x30 [ 15.132659] [ 15.132741] The buggy address belongs to the object at ffff8881039c5a00 [ 15.132741] which belongs to the cache kmalloc-64 of size 64 [ 15.133540] The buggy address is located 0 bytes to the right of [ 15.133540] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 15.134047] [ 15.134177] The buggy address belongs to the physical page: [ 15.134685] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 15.135117] flags: 0x200000000000000(node=0|zone=2) [ 15.135469] page_type: f5(slab) [ 15.135695] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.136051] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.136572] page dumped because: kasan: bad access detected [ 15.136844] [ 15.137059] Memory state around the buggy address: [ 15.137424] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.137719] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.138149] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.138537] ^ [ 15.138814] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.139137] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.139683] ================================================================== [ 14.407428] ================================================================== [ 14.407692] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 14.407957] Write of size 4 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 14.408433] [ 14.408550] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.408634] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.408671] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.408692] Call Trace: [ 14.408790] <TASK> [ 14.408806] dump_stack_lvl+0x73/0xb0 [ 14.408834] print_report+0xd1/0x650 [ 14.408858] ? __virt_addr_valid+0x1db/0x2d0 [ 14.408882] ? kasan_atomics_helper+0xac7/0x5450 [ 14.408904] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.408926] ? kasan_atomics_helper+0xac7/0x5450 [ 14.408949] kasan_report+0x141/0x180 [ 14.408972] ? kasan_atomics_helper+0xac7/0x5450 [ 14.408998] kasan_check_range+0x10c/0x1c0 [ 14.409023] __kasan_check_write+0x18/0x20 [ 14.409043] kasan_atomics_helper+0xac7/0x5450 [ 14.409065] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.409087] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.409113] ? kasan_atomics+0x152/0x310 [ 14.409166] kasan_atomics+0x1dc/0x310 [ 14.409189] ? __pfx_kasan_atomics+0x10/0x10 [ 14.409214] ? __pfx_read_tsc+0x10/0x10 [ 14.409235] ? ktime_get_ts64+0x86/0x230 [ 14.409259] kunit_try_run_case+0x1a5/0x480 [ 14.409283] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.409365] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.409391] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.409414] ? __kthread_parkme+0x82/0x180 [ 14.409435] ? preempt_count_sub+0x50/0x80 [ 14.409458] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.409483] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.409506] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.409530] kthread+0x337/0x6f0 [ 14.409550] ? trace_preempt_on+0x20/0xc0 [ 14.409574] ? __pfx_kthread+0x10/0x10 [ 14.409594] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.409616] ? calculate_sigpending+0x7b/0xa0 [ 14.409641] ? __pfx_kthread+0x10/0x10 [ 14.409663] ret_from_fork+0x116/0x1d0 [ 14.409681] ? __pfx_kthread+0x10/0x10 [ 14.409703] ret_from_fork_asm+0x1a/0x30 [ 14.409732] </TASK> [ 14.409744] [ 14.419548] Allocated by task 282: [ 14.419737] kasan_save_stack+0x45/0x70 [ 14.419943] kasan_save_track+0x18/0x40 [ 14.420212] kasan_save_alloc_info+0x3b/0x50 [ 14.420616] __kasan_kmalloc+0xb7/0xc0 [ 14.420777] __kmalloc_cache_noprof+0x189/0x420 [ 14.421005] kasan_atomics+0x95/0x310 [ 14.421269] kunit_try_run_case+0x1a5/0x480 [ 14.421546] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.421920] kthread+0x337/0x6f0 [ 14.422068] ret_from_fork+0x116/0x1d0 [ 14.422432] ret_from_fork_asm+0x1a/0x30 [ 14.422652] [ 14.422830] The buggy address belongs to the object at ffff8881039c5a00 [ 14.422830] which belongs to the cache kmalloc-64 of size 64 [ 14.423715] The buggy address is located 0 bytes to the right of [ 14.423715] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 14.424284] [ 14.424535] The buggy address belongs to the physical page: [ 14.424806] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 14.425172] flags: 0x200000000000000(node=0|zone=2) [ 14.425407] page_type: f5(slab) [ 14.425571] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.425901] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.426395] page dumped because: kasan: bad access detected [ 14.426627] [ 14.426724] Memory state around the buggy address: [ 14.427073] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.427503] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.427781] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.428235] ^ [ 14.428433] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.428748] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.429058] ================================================================== [ 15.415692] ================================================================== [ 15.416268] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 15.416576] Write of size 8 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 15.417005] [ 15.417109] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.417184] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.417197] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.417219] Call Trace: [ 15.417248] <TASK> [ 15.417263] dump_stack_lvl+0x73/0xb0 [ 15.417289] print_report+0xd1/0x650 [ 15.417312] ? __virt_addr_valid+0x1db/0x2d0 [ 15.417335] ? kasan_atomics_helper+0x218a/0x5450 [ 15.417356] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.417378] ? kasan_atomics_helper+0x218a/0x5450 [ 15.417400] kasan_report+0x141/0x180 [ 15.417422] ? kasan_atomics_helper+0x218a/0x5450 [ 15.417449] kasan_check_range+0x10c/0x1c0 [ 15.417473] __kasan_check_write+0x18/0x20 [ 15.417494] kasan_atomics_helper+0x218a/0x5450 [ 15.417517] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.417539] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.417563] ? kasan_atomics+0x152/0x310 [ 15.417590] kasan_atomics+0x1dc/0x310 [ 15.417614] ? __pfx_kasan_atomics+0x10/0x10 [ 15.417638] ? __pfx_read_tsc+0x10/0x10 [ 15.417659] ? ktime_get_ts64+0x86/0x230 [ 15.417683] kunit_try_run_case+0x1a5/0x480 [ 15.417707] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.417729] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.417753] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.417776] ? __kthread_parkme+0x82/0x180 [ 15.417798] ? preempt_count_sub+0x50/0x80 [ 15.417832] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.417857] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.417880] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.417916] kthread+0x337/0x6f0 [ 15.417936] ? trace_preempt_on+0x20/0xc0 [ 15.417959] ? __pfx_kthread+0x10/0x10 [ 15.417980] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.418002] ? calculate_sigpending+0x7b/0xa0 [ 15.418026] ? __pfx_kthread+0x10/0x10 [ 15.418048] ret_from_fork+0x116/0x1d0 [ 15.418066] ? __pfx_kthread+0x10/0x10 [ 15.418087] ret_from_fork_asm+0x1a/0x30 [ 15.418130] </TASK> [ 15.418142] [ 15.425731] Allocated by task 282: [ 15.425900] kasan_save_stack+0x45/0x70 [ 15.426114] kasan_save_track+0x18/0x40 [ 15.426316] kasan_save_alloc_info+0x3b/0x50 [ 15.426534] __kasan_kmalloc+0xb7/0xc0 [ 15.426874] __kmalloc_cache_noprof+0x189/0x420 [ 15.427034] kasan_atomics+0x95/0x310 [ 15.427206] kunit_try_run_case+0x1a5/0x480 [ 15.427422] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.427823] kthread+0x337/0x6f0 [ 15.428015] ret_from_fork+0x116/0x1d0 [ 15.428268] ret_from_fork_asm+0x1a/0x30 [ 15.428416] [ 15.428489] The buggy address belongs to the object at ffff8881039c5a00 [ 15.428489] which belongs to the cache kmalloc-64 of size 64 [ 15.428885] The buggy address is located 0 bytes to the right of [ 15.428885] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 15.429439] [ 15.429566] The buggy address belongs to the physical page: [ 15.429819] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 15.430080] flags: 0x200000000000000(node=0|zone=2) [ 15.430474] page_type: f5(slab) [ 15.430633] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.430928] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.431248] page dumped because: kasan: bad access detected [ 15.431533] [ 15.431631] Memory state around the buggy address: [ 15.431855] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.432173] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.432471] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.432776] ^ [ 15.432955] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.433295] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.433571] ================================================================== [ 14.073509] ================================================================== [ 14.073794] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 14.074446] Read of size 4 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 14.074896] [ 14.075037] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.075093] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.075105] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.075137] Call Trace: [ 14.075149] <TASK> [ 14.075162] dump_stack_lvl+0x73/0xb0 [ 14.075190] print_report+0xd1/0x650 [ 14.075211] ? __virt_addr_valid+0x1db/0x2d0 [ 14.075233] ? kasan_atomics_helper+0x4b88/0x5450 [ 14.075254] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.075275] ? kasan_atomics_helper+0x4b88/0x5450 [ 14.075295] kasan_report+0x141/0x180 [ 14.075316] ? kasan_atomics_helper+0x4b88/0x5450 [ 14.075341] __asan_report_load4_noabort+0x18/0x20 [ 14.075407] kasan_atomics_helper+0x4b88/0x5450 [ 14.075430] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.075451] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.075509] ? kasan_atomics+0x152/0x310 [ 14.075536] kasan_atomics+0x1dc/0x310 [ 14.075559] ? __pfx_kasan_atomics+0x10/0x10 [ 14.075582] ? __pfx_read_tsc+0x10/0x10 [ 14.075601] ? ktime_get_ts64+0x86/0x230 [ 14.075625] kunit_try_run_case+0x1a5/0x480 [ 14.075647] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.075668] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.075690] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.075712] ? __kthread_parkme+0x82/0x180 [ 14.075731] ? preempt_count_sub+0x50/0x80 [ 14.075754] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.075777] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.075798] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.075822] kthread+0x337/0x6f0 [ 14.075840] ? trace_preempt_on+0x20/0xc0 [ 14.075863] ? __pfx_kthread+0x10/0x10 [ 14.075883] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.075902] ? calculate_sigpending+0x7b/0xa0 [ 14.075926] ? __pfx_kthread+0x10/0x10 [ 14.075946] ret_from_fork+0x116/0x1d0 [ 14.075963] ? __pfx_kthread+0x10/0x10 [ 14.075983] ret_from_fork_asm+0x1a/0x30 [ 14.076012] </TASK> [ 14.076024] [ 14.084667] Allocated by task 282: [ 14.084848] kasan_save_stack+0x45/0x70 [ 14.085069] kasan_save_track+0x18/0x40 [ 14.085356] kasan_save_alloc_info+0x3b/0x50 [ 14.085573] __kasan_kmalloc+0xb7/0xc0 [ 14.085749] __kmalloc_cache_noprof+0x189/0x420 [ 14.085978] kasan_atomics+0x95/0x310 [ 14.086177] kunit_try_run_case+0x1a5/0x480 [ 14.086427] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.086659] kthread+0x337/0x6f0 [ 14.086787] ret_from_fork+0x116/0x1d0 [ 14.086920] ret_from_fork_asm+0x1a/0x30 [ 14.087154] [ 14.087252] The buggy address belongs to the object at ffff8881039c5a00 [ 14.087252] which belongs to the cache kmalloc-64 of size 64 [ 14.087857] The buggy address is located 0 bytes to the right of [ 14.087857] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 14.088666] [ 14.088746] The buggy address belongs to the physical page: [ 14.089008] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 14.089492] flags: 0x200000000000000(node=0|zone=2) [ 14.089664] page_type: f5(slab) [ 14.089788] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.090089] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.090571] page dumped because: kasan: bad access detected [ 14.090827] [ 14.090938] Memory state around the buggy address: [ 14.091322] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.091666] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.092071] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.092477] ^ [ 14.092699] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.093030] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.093633] ================================================================== [ 14.017992] ================================================================== [ 14.018853] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 14.019106] Read of size 4 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 14.019798] [ 14.019964] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.020236] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.020258] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.020281] Call Trace: [ 14.020294] <TASK> [ 14.020363] dump_stack_lvl+0x73/0xb0 [ 14.020397] print_report+0xd1/0x650 [ 14.020421] ? __virt_addr_valid+0x1db/0x2d0 [ 14.020444] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.020466] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.020487] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.020508] kasan_report+0x141/0x180 [ 14.020528] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.020553] __asan_report_load4_noabort+0x18/0x20 [ 14.020577] kasan_atomics_helper+0x4bbc/0x5450 [ 14.020598] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.020619] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.020644] ? kasan_atomics+0x152/0x310 [ 14.020669] kasan_atomics+0x1dc/0x310 [ 14.020691] ? __pfx_kasan_atomics+0x10/0x10 [ 14.020713] ? __pfx_read_tsc+0x10/0x10 [ 14.020735] ? ktime_get_ts64+0x86/0x230 [ 14.020762] kunit_try_run_case+0x1a5/0x480 [ 14.020787] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.020808] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.020832] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.020853] ? __kthread_parkme+0x82/0x180 [ 14.020875] ? preempt_count_sub+0x50/0x80 [ 14.020898] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.020921] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.020944] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.020965] kthread+0x337/0x6f0 [ 14.020984] ? trace_preempt_on+0x20/0xc0 [ 14.021008] ? __pfx_kthread+0x10/0x10 [ 14.021029] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.021049] ? calculate_sigpending+0x7b/0xa0 [ 14.021074] ? __pfx_kthread+0x10/0x10 [ 14.021094] ret_from_fork+0x116/0x1d0 [ 14.021112] ? __pfx_kthread+0x10/0x10 [ 14.021144] ret_from_fork_asm+0x1a/0x30 [ 14.021176] </TASK> [ 14.021187] [ 14.030838] Allocated by task 282: [ 14.031011] kasan_save_stack+0x45/0x70 [ 14.031710] kasan_save_track+0x18/0x40 [ 14.031856] kasan_save_alloc_info+0x3b/0x50 [ 14.032005] __kasan_kmalloc+0xb7/0xc0 [ 14.032650] __kmalloc_cache_noprof+0x189/0x420 [ 14.032890] kasan_atomics+0x95/0x310 [ 14.033072] kunit_try_run_case+0x1a5/0x480 [ 14.033884] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.034362] kthread+0x337/0x6f0 [ 14.034544] ret_from_fork+0x116/0x1d0 [ 14.034722] ret_from_fork_asm+0x1a/0x30 [ 14.034908] [ 14.034999] The buggy address belongs to the object at ffff8881039c5a00 [ 14.034999] which belongs to the cache kmalloc-64 of size 64 [ 14.036323] The buggy address is located 0 bytes to the right of [ 14.036323] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 14.037270] [ 14.037588] The buggy address belongs to the physical page: [ 14.037829] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 14.038157] flags: 0x200000000000000(node=0|zone=2) [ 14.038764] page_type: f5(slab) [ 14.039251] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.039827] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.040145] page dumped because: kasan: bad access detected [ 14.040488] [ 14.040581] Memory state around the buggy address: [ 14.040778] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.041057] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.041770] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.042064] ^ [ 14.042656] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.043246] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.043784] ================================================================== [ 14.094243] ================================================================== [ 14.094693] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 14.095052] Write of size 4 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 14.095467] [ 14.095579] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.095622] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.095636] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.095656] Call Trace: [ 14.095669] <TASK> [ 14.095686] dump_stack_lvl+0x73/0xb0 [ 14.095723] print_report+0xd1/0x650 [ 14.095746] ? __virt_addr_valid+0x1db/0x2d0 [ 14.095781] ? kasan_atomics_helper+0x4b6e/0x5450 [ 14.095803] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.095825] ? kasan_atomics_helper+0x4b6e/0x5450 [ 14.095847] kasan_report+0x141/0x180 [ 14.095869] ? kasan_atomics_helper+0x4b6e/0x5450 [ 14.095905] __asan_report_store4_noabort+0x1b/0x30 [ 14.095926] kasan_atomics_helper+0x4b6e/0x5450 [ 14.095960] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.095982] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.096008] ? kasan_atomics+0x152/0x310 [ 14.096034] kasan_atomics+0x1dc/0x310 [ 14.096058] ? __pfx_kasan_atomics+0x10/0x10 [ 14.096083] ? __pfx_read_tsc+0x10/0x10 [ 14.096110] ? ktime_get_ts64+0x86/0x230 [ 14.096170] kunit_try_run_case+0x1a5/0x480 [ 14.096194] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.096216] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.096241] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.096263] ? __kthread_parkme+0x82/0x180 [ 14.096283] ? preempt_count_sub+0x50/0x80 [ 14.096365] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.096391] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.096414] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.096439] kthread+0x337/0x6f0 [ 14.096459] ? trace_preempt_on+0x20/0xc0 [ 14.096483] ? __pfx_kthread+0x10/0x10 [ 14.096504] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.096538] ? calculate_sigpending+0x7b/0xa0 [ 14.096562] ? __pfx_kthread+0x10/0x10 [ 14.096584] ret_from_fork+0x116/0x1d0 [ 14.096614] ? __pfx_kthread+0x10/0x10 [ 14.096636] ret_from_fork_asm+0x1a/0x30 [ 14.096667] </TASK> [ 14.096678] [ 14.104945] Allocated by task 282: [ 14.105181] kasan_save_stack+0x45/0x70 [ 14.105431] kasan_save_track+0x18/0x40 [ 14.105575] kasan_save_alloc_info+0x3b/0x50 [ 14.105765] __kasan_kmalloc+0xb7/0xc0 [ 14.105906] __kmalloc_cache_noprof+0x189/0x420 [ 14.106199] kasan_atomics+0x95/0x310 [ 14.106433] kunit_try_run_case+0x1a5/0x480 [ 14.106657] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.106927] kthread+0x337/0x6f0 [ 14.107054] ret_from_fork+0x116/0x1d0 [ 14.107225] ret_from_fork_asm+0x1a/0x30 [ 14.107505] [ 14.107606] The buggy address belongs to the object at ffff8881039c5a00 [ 14.107606] which belongs to the cache kmalloc-64 of size 64 [ 14.108141] The buggy address is located 0 bytes to the right of [ 14.108141] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 14.108872] [ 14.108968] The buggy address belongs to the physical page: [ 14.109278] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 14.109703] flags: 0x200000000000000(node=0|zone=2) [ 14.109951] page_type: f5(slab) [ 14.110163] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.110423] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.110791] page dumped because: kasan: bad access detected [ 14.111047] [ 14.111186] Memory state around the buggy address: [ 14.111468] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.111774] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.112074] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.112497] ^ [ 14.112680] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.112974] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.113519] ================================================================== [ 14.940251] ================================================================== [ 14.940599] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 14.941240] Write of size 8 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 14.941682] [ 14.941833] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.941875] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.941897] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.941917] Call Trace: [ 14.941935] <TASK> [ 14.941950] dump_stack_lvl+0x73/0xb0 [ 14.941990] print_report+0xd1/0x650 [ 14.942013] ? __virt_addr_valid+0x1db/0x2d0 [ 14.942037] ? kasan_atomics_helper+0x164f/0x5450 [ 14.942059] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.942081] ? kasan_atomics_helper+0x164f/0x5450 [ 14.942104] kasan_report+0x141/0x180 [ 14.942158] ? kasan_atomics_helper+0x164f/0x5450 [ 14.942194] kasan_check_range+0x10c/0x1c0 [ 14.942218] __kasan_check_write+0x18/0x20 [ 14.942237] kasan_atomics_helper+0x164f/0x5450 [ 14.942272] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.942294] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.942320] ? kasan_atomics+0x152/0x310 [ 14.942348] kasan_atomics+0x1dc/0x310 [ 14.942370] ? __pfx_kasan_atomics+0x10/0x10 [ 14.942394] ? __pfx_read_tsc+0x10/0x10 [ 14.942417] ? ktime_get_ts64+0x86/0x230 [ 14.942442] kunit_try_run_case+0x1a5/0x480 [ 14.942466] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.942489] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.942521] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.942543] ? __kthread_parkme+0x82/0x180 [ 14.942566] ? preempt_count_sub+0x50/0x80 [ 14.942590] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.942624] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.942647] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.942683] kthread+0x337/0x6f0 [ 14.942703] ? trace_preempt_on+0x20/0xc0 [ 14.942727] ? __pfx_kthread+0x10/0x10 [ 14.942748] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.942769] ? calculate_sigpending+0x7b/0xa0 [ 14.942794] ? __pfx_kthread+0x10/0x10 [ 14.942816] ret_from_fork+0x116/0x1d0 [ 14.942835] ? __pfx_kthread+0x10/0x10 [ 14.942857] ret_from_fork_asm+0x1a/0x30 [ 14.942890] </TASK> [ 14.942901] [ 14.950442] Allocated by task 282: [ 14.950575] kasan_save_stack+0x45/0x70 [ 14.950769] kasan_save_track+0x18/0x40 [ 14.950975] kasan_save_alloc_info+0x3b/0x50 [ 14.951215] __kasan_kmalloc+0xb7/0xc0 [ 14.951410] __kmalloc_cache_noprof+0x189/0x420 [ 14.951631] kasan_atomics+0x95/0x310 [ 14.951806] kunit_try_run_case+0x1a5/0x480 [ 14.952010] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.952262] kthread+0x337/0x6f0 [ 14.952389] ret_from_fork+0x116/0x1d0 [ 14.952532] ret_from_fork_asm+0x1a/0x30 [ 14.952732] [ 14.952855] The buggy address belongs to the object at ffff8881039c5a00 [ 14.952855] which belongs to the cache kmalloc-64 of size 64 [ 14.953449] The buggy address is located 0 bytes to the right of [ 14.953449] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 14.953950] [ 14.954048] The buggy address belongs to the physical page: [ 14.954334] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 14.954687] flags: 0x200000000000000(node=0|zone=2) [ 14.954927] page_type: f5(slab) [ 14.955100] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.955388] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.955616] page dumped because: kasan: bad access detected [ 14.955790] [ 14.955861] Memory state around the buggy address: [ 14.956085] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.956445] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.956765] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.957085] ^ [ 14.957346] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.957695] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.957983] ================================================================== [ 14.361788] ================================================================== [ 14.362191] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 14.362658] Write of size 4 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 14.363063] [ 14.363252] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.363428] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.363443] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.363465] Call Trace: [ 14.363480] <TASK> [ 14.363496] dump_stack_lvl+0x73/0xb0 [ 14.363524] print_report+0xd1/0x650 [ 14.363548] ? __virt_addr_valid+0x1db/0x2d0 [ 14.363572] ? kasan_atomics_helper+0x992/0x5450 [ 14.363594] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.363668] ? kasan_atomics_helper+0x992/0x5450 [ 14.363691] kasan_report+0x141/0x180 [ 14.363762] ? kasan_atomics_helper+0x992/0x5450 [ 14.363790] kasan_check_range+0x10c/0x1c0 [ 14.363814] __kasan_check_write+0x18/0x20 [ 14.363845] kasan_atomics_helper+0x992/0x5450 [ 14.363869] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.363892] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.363918] ? kasan_atomics+0x152/0x310 [ 14.363945] kasan_atomics+0x1dc/0x310 [ 14.363969] ? __pfx_kasan_atomics+0x10/0x10 [ 14.363993] ? __pfx_read_tsc+0x10/0x10 [ 14.364014] ? ktime_get_ts64+0x86/0x230 [ 14.364038] kunit_try_run_case+0x1a5/0x480 [ 14.364062] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.364084] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.364109] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.364141] ? __kthread_parkme+0x82/0x180 [ 14.364181] ? preempt_count_sub+0x50/0x80 [ 14.364206] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.364229] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.364252] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.364276] kthread+0x337/0x6f0 [ 14.364302] ? trace_preempt_on+0x20/0xc0 [ 14.364327] ? __pfx_kthread+0x10/0x10 [ 14.364348] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.364370] ? calculate_sigpending+0x7b/0xa0 [ 14.364394] ? __pfx_kthread+0x10/0x10 [ 14.364416] ret_from_fork+0x116/0x1d0 [ 14.364435] ? __pfx_kthread+0x10/0x10 [ 14.364457] ret_from_fork_asm+0x1a/0x30 [ 14.364487] </TASK> [ 14.364499] [ 14.374239] Allocated by task 282: [ 14.374491] kasan_save_stack+0x45/0x70 [ 14.374825] kasan_save_track+0x18/0x40 [ 14.375041] kasan_save_alloc_info+0x3b/0x50 [ 14.375430] __kasan_kmalloc+0xb7/0xc0 [ 14.375601] __kmalloc_cache_noprof+0x189/0x420 [ 14.375830] kasan_atomics+0x95/0x310 [ 14.376018] kunit_try_run_case+0x1a5/0x480 [ 14.376233] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.376436] kthread+0x337/0x6f0 [ 14.376621] ret_from_fork+0x116/0x1d0 [ 14.376795] ret_from_fork_asm+0x1a/0x30 [ 14.376961] [ 14.377064] The buggy address belongs to the object at ffff8881039c5a00 [ 14.377064] which belongs to the cache kmalloc-64 of size 64 [ 14.377948] The buggy address is located 0 bytes to the right of [ 14.377948] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 14.378623] [ 14.378745] The buggy address belongs to the physical page: [ 14.379096] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 14.379565] flags: 0x200000000000000(node=0|zone=2) [ 14.379842] page_type: f5(slab) [ 14.379987] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.380508] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.380870] page dumped because: kasan: bad access detected [ 14.381105] [ 14.381381] Memory state around the buggy address: [ 14.381611] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.382041] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.382644] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.383003] ^ [ 14.383232] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.383681] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.384038] ================================================================== [ 15.239603] ================================================================== [ 15.240434] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 15.240772] Write of size 8 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 15.241330] [ 15.241440] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.241606] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.241623] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.241645] Call Trace: [ 15.241660] <TASK> [ 15.241676] dump_stack_lvl+0x73/0xb0 [ 15.241704] print_report+0xd1/0x650 [ 15.241727] ? __virt_addr_valid+0x1db/0x2d0 [ 15.241750] ? kasan_atomics_helper+0x1e12/0x5450 [ 15.241772] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.241796] ? kasan_atomics_helper+0x1e12/0x5450 [ 15.241818] kasan_report+0x141/0x180 [ 15.241840] ? kasan_atomics_helper+0x1e12/0x5450 [ 15.241866] kasan_check_range+0x10c/0x1c0 [ 15.241890] __kasan_check_write+0x18/0x20 [ 15.241910] kasan_atomics_helper+0x1e12/0x5450 [ 15.241935] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.241958] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.241984] ? kasan_atomics+0x152/0x310 [ 15.242011] kasan_atomics+0x1dc/0x310 [ 15.242034] ? __pfx_kasan_atomics+0x10/0x10 [ 15.242059] ? __pfx_read_tsc+0x10/0x10 [ 15.242081] ? ktime_get_ts64+0x86/0x230 [ 15.242105] kunit_try_run_case+0x1a5/0x480 [ 15.242150] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.242174] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.242198] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.242221] ? __kthread_parkme+0x82/0x180 [ 15.242243] ? preempt_count_sub+0x50/0x80 [ 15.242267] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.242290] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.242314] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.242338] kthread+0x337/0x6f0 [ 15.242358] ? trace_preempt_on+0x20/0xc0 [ 15.242382] ? __pfx_kthread+0x10/0x10 [ 15.242404] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.242424] ? calculate_sigpending+0x7b/0xa0 [ 15.242449] ? __pfx_kthread+0x10/0x10 [ 15.242470] ret_from_fork+0x116/0x1d0 [ 15.242488] ? __pfx_kthread+0x10/0x10 [ 15.242518] ret_from_fork_asm+0x1a/0x30 [ 15.242548] </TASK> [ 15.242561] [ 15.253231] Allocated by task 282: [ 15.253597] kasan_save_stack+0x45/0x70 [ 15.253824] kasan_save_track+0x18/0x40 [ 15.253987] kasan_save_alloc_info+0x3b/0x50 [ 15.254495] __kasan_kmalloc+0xb7/0xc0 [ 15.254692] __kmalloc_cache_noprof+0x189/0x420 [ 15.254969] kasan_atomics+0x95/0x310 [ 15.255195] kunit_try_run_case+0x1a5/0x480 [ 15.255531] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.255787] kthread+0x337/0x6f0 [ 15.256061] ret_from_fork+0x116/0x1d0 [ 15.256378] ret_from_fork_asm+0x1a/0x30 [ 15.256667] [ 15.256749] The buggy address belongs to the object at ffff8881039c5a00 [ 15.256749] which belongs to the cache kmalloc-64 of size 64 [ 15.257518] The buggy address is located 0 bytes to the right of [ 15.257518] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 15.258379] [ 15.258483] The buggy address belongs to the physical page: [ 15.258857] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 15.259341] flags: 0x200000000000000(node=0|zone=2) [ 15.259558] page_type: f5(slab) [ 15.259881] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.260346] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.260769] page dumped because: kasan: bad access detected [ 15.261044] [ 15.261314] Memory state around the buggy address: [ 15.261530] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.261914] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.262406] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.262733] ^ [ 15.263038] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.263560] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.263930] ================================================================== [ 14.648693] ================================================================== [ 14.648997] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 14.649416] Read of size 4 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 14.649680] [ 14.649792] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.649834] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.649847] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.649906] Call Trace: [ 14.649934] <TASK> [ 14.649962] dump_stack_lvl+0x73/0xb0 [ 14.650017] print_report+0xd1/0x650 [ 14.650041] ? __virt_addr_valid+0x1db/0x2d0 [ 14.650064] ? kasan_atomics_helper+0x4a1c/0x5450 [ 14.650097] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.650119] ? kasan_atomics_helper+0x4a1c/0x5450 [ 14.650150] kasan_report+0x141/0x180 [ 14.650173] ? kasan_atomics_helper+0x4a1c/0x5450 [ 14.650199] __asan_report_load4_noabort+0x18/0x20 [ 14.650224] kasan_atomics_helper+0x4a1c/0x5450 [ 14.650278] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.650301] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.650337] ? kasan_atomics+0x152/0x310 [ 14.650365] kasan_atomics+0x1dc/0x310 [ 14.650388] ? __pfx_kasan_atomics+0x10/0x10 [ 14.650413] ? __pfx_read_tsc+0x10/0x10 [ 14.650435] ? ktime_get_ts64+0x86/0x230 [ 14.650459] kunit_try_run_case+0x1a5/0x480 [ 14.650483] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.650505] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.650533] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.650625] ? __kthread_parkme+0x82/0x180 [ 14.650663] ? preempt_count_sub+0x50/0x80 [ 14.650688] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.650712] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.650735] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.650759] kthread+0x337/0x6f0 [ 14.650779] ? trace_preempt_on+0x20/0xc0 [ 14.650802] ? __pfx_kthread+0x10/0x10 [ 14.650824] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.650845] ? calculate_sigpending+0x7b/0xa0 [ 14.650869] ? __pfx_kthread+0x10/0x10 [ 14.650891] ret_from_fork+0x116/0x1d0 [ 14.650910] ? __pfx_kthread+0x10/0x10 [ 14.650932] ret_from_fork_asm+0x1a/0x30 [ 14.650962] </TASK> [ 14.650974] [ 14.659716] Allocated by task 282: [ 14.659903] kasan_save_stack+0x45/0x70 [ 14.660111] kasan_save_track+0x18/0x40 [ 14.660322] kasan_save_alloc_info+0x3b/0x50 [ 14.660505] __kasan_kmalloc+0xb7/0xc0 [ 14.660688] __kmalloc_cache_noprof+0x189/0x420 [ 14.660904] kasan_atomics+0x95/0x310 [ 14.661054] kunit_try_run_case+0x1a5/0x480 [ 14.661550] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.661797] kthread+0x337/0x6f0 [ 14.661963] ret_from_fork+0x116/0x1d0 [ 14.662346] ret_from_fork_asm+0x1a/0x30 [ 14.662617] [ 14.662694] The buggy address belongs to the object at ffff8881039c5a00 [ 14.662694] which belongs to the cache kmalloc-64 of size 64 [ 14.663166] The buggy address is located 0 bytes to the right of [ 14.663166] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 14.663785] [ 14.663891] The buggy address belongs to the physical page: [ 14.664230] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 14.664876] flags: 0x200000000000000(node=0|zone=2) [ 14.665053] page_type: f5(slab) [ 14.665189] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.665797] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.666170] page dumped because: kasan: bad access detected [ 14.666421] [ 14.666539] Memory state around the buggy address: [ 14.666944] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.667329] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.667597] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.668147] ^ [ 14.668448] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.668847] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.669240] ================================================================== [ 15.295884] ================================================================== [ 15.296159] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 15.296499] Write of size 8 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 15.296772] [ 15.296860] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.296902] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.296916] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.296939] Call Trace: [ 15.296952] <TASK> [ 15.296967] dump_stack_lvl+0x73/0xb0 [ 15.296994] print_report+0xd1/0x650 [ 15.297018] ? __virt_addr_valid+0x1db/0x2d0 [ 15.297043] ? kasan_atomics_helper+0x1f43/0x5450 [ 15.297065] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.297088] ? kasan_atomics_helper+0x1f43/0x5450 [ 15.297110] kasan_report+0x141/0x180 [ 15.297172] ? kasan_atomics_helper+0x1f43/0x5450 [ 15.297223] kasan_check_range+0x10c/0x1c0 [ 15.297248] __kasan_check_write+0x18/0x20 [ 15.297268] kasan_atomics_helper+0x1f43/0x5450 [ 15.297291] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.297314] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.297341] ? kasan_atomics+0x152/0x310 [ 15.297368] kasan_atomics+0x1dc/0x310 [ 15.297393] ? __pfx_kasan_atomics+0x10/0x10 [ 15.297418] ? __pfx_read_tsc+0x10/0x10 [ 15.297440] ? ktime_get_ts64+0x86/0x230 [ 15.297465] kunit_try_run_case+0x1a5/0x480 [ 15.297489] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.297512] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.297536] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.297559] ? __kthread_parkme+0x82/0x180 [ 15.297581] ? preempt_count_sub+0x50/0x80 [ 15.297622] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.297647] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.297682] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.297706] kthread+0x337/0x6f0 [ 15.297727] ? trace_preempt_on+0x20/0xc0 [ 15.297751] ? __pfx_kthread+0x10/0x10 [ 15.297772] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.297794] ? calculate_sigpending+0x7b/0xa0 [ 15.297818] ? __pfx_kthread+0x10/0x10 [ 15.297840] ret_from_fork+0x116/0x1d0 [ 15.297859] ? __pfx_kthread+0x10/0x10 [ 15.297880] ret_from_fork_asm+0x1a/0x30 [ 15.297911] </TASK> [ 15.297923] [ 15.305443] Allocated by task 282: [ 15.305627] kasan_save_stack+0x45/0x70 [ 15.305837] kasan_save_track+0x18/0x40 [ 15.306032] kasan_save_alloc_info+0x3b/0x50 [ 15.306281] __kasan_kmalloc+0xb7/0xc0 [ 15.306473] __kmalloc_cache_noprof+0x189/0x420 [ 15.306693] kasan_atomics+0x95/0x310 [ 15.306900] kunit_try_run_case+0x1a5/0x480 [ 15.307093] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.307326] kthread+0x337/0x6f0 [ 15.307452] ret_from_fork+0x116/0x1d0 [ 15.307587] ret_from_fork_asm+0x1a/0x30 [ 15.307810] [ 15.307910] The buggy address belongs to the object at ffff8881039c5a00 [ 15.307910] which belongs to the cache kmalloc-64 of size 64 [ 15.308511] The buggy address is located 0 bytes to the right of [ 15.308511] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 15.309001] [ 15.309100] The buggy address belongs to the physical page: [ 15.309363] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 15.309715] flags: 0x200000000000000(node=0|zone=2) [ 15.309878] page_type: f5(slab) [ 15.310000] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.310287] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.310633] page dumped because: kasan: bad access detected [ 15.310887] [ 15.310983] Memory state around the buggy address: [ 15.311240] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.311586] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.311895] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.312182] ^ [ 15.312365] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.312684] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.313000] ================================================================== [ 15.090613] ================================================================== [ 15.090935] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 15.091602] Write of size 8 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 15.092100] [ 15.092262] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.092309] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.092453] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.092482] Call Trace: [ 15.092499] <TASK> [ 15.092515] dump_stack_lvl+0x73/0xb0 [ 15.092544] print_report+0xd1/0x650 [ 15.092567] ? __virt_addr_valid+0x1db/0x2d0 [ 15.092591] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.092614] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.092637] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.092661] kasan_report+0x141/0x180 [ 15.092686] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.092715] kasan_check_range+0x10c/0x1c0 [ 15.092740] __kasan_check_write+0x18/0x20 [ 15.092760] kasan_atomics_helper+0x1a7f/0x5450 [ 15.092784] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.092806] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.092832] ? kasan_atomics+0x152/0x310 [ 15.092859] kasan_atomics+0x1dc/0x310 [ 15.092883] ? __pfx_kasan_atomics+0x10/0x10 [ 15.092907] ? __pfx_read_tsc+0x10/0x10 [ 15.092927] ? ktime_get_ts64+0x86/0x230 [ 15.092952] kunit_try_run_case+0x1a5/0x480 [ 15.092975] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.092998] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.093021] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.093044] ? __kthread_parkme+0x82/0x180 [ 15.093065] ? preempt_count_sub+0x50/0x80 [ 15.093088] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.093112] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.093170] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.093194] kthread+0x337/0x6f0 [ 15.093215] ? trace_preempt_on+0x20/0xc0 [ 15.093237] ? __pfx_kthread+0x10/0x10 [ 15.093261] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.093283] ? calculate_sigpending+0x7b/0xa0 [ 15.093306] ? __pfx_kthread+0x10/0x10 [ 15.093328] ret_from_fork+0x116/0x1d0 [ 15.093347] ? __pfx_kthread+0x10/0x10 [ 15.093368] ret_from_fork_asm+0x1a/0x30 [ 15.093398] </TASK> [ 15.093411] [ 15.104140] Allocated by task 282: [ 15.104462] kasan_save_stack+0x45/0x70 [ 15.104656] kasan_save_track+0x18/0x40 [ 15.104992] kasan_save_alloc_info+0x3b/0x50 [ 15.105303] __kasan_kmalloc+0xb7/0xc0 [ 15.105582] __kmalloc_cache_noprof+0x189/0x420 [ 15.105792] kasan_atomics+0x95/0x310 [ 15.106110] kunit_try_run_case+0x1a5/0x480 [ 15.106347] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.106635] kthread+0x337/0x6f0 [ 15.106913] ret_from_fork+0x116/0x1d0 [ 15.107205] ret_from_fork_asm+0x1a/0x30 [ 15.107422] [ 15.107501] The buggy address belongs to the object at ffff8881039c5a00 [ 15.107501] which belongs to the cache kmalloc-64 of size 64 [ 15.108024] The buggy address is located 0 bytes to the right of [ 15.108024] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 15.108830] [ 15.109061] The buggy address belongs to the physical page: [ 15.109462] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 15.110041] flags: 0x200000000000000(node=0|zone=2) [ 15.110448] page_type: f5(slab) [ 15.110662] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.111119] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.111477] page dumped because: kasan: bad access detected [ 15.111843] [ 15.112027] Memory state around the buggy address: [ 15.112293] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.112731] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.113040] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.113601] ^ [ 15.113845] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.114305] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.114622] ================================================================== [ 15.469874] ================================================================== [ 15.470228] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 15.470578] Read of size 8 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 15.470838] [ 15.470958] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.470998] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.471011] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.471032] Call Trace: [ 15.471047] <TASK> [ 15.471063] dump_stack_lvl+0x73/0xb0 [ 15.471098] print_report+0xd1/0x650 [ 15.471154] ? __virt_addr_valid+0x1db/0x2d0 [ 15.471178] ? kasan_atomics_helper+0x5115/0x5450 [ 15.471200] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.471233] ? kasan_atomics_helper+0x5115/0x5450 [ 15.471264] kasan_report+0x141/0x180 [ 15.471287] ? kasan_atomics_helper+0x5115/0x5450 [ 15.471314] __asan_report_load8_noabort+0x18/0x20 [ 15.471349] kasan_atomics_helper+0x5115/0x5450 [ 15.471372] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.471395] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.471429] ? kasan_atomics+0x152/0x310 [ 15.471457] kasan_atomics+0x1dc/0x310 [ 15.471480] ? __pfx_kasan_atomics+0x10/0x10 [ 15.471515] ? __pfx_read_tsc+0x10/0x10 [ 15.471535] ? ktime_get_ts64+0x86/0x230 [ 15.471559] kunit_try_run_case+0x1a5/0x480 [ 15.471583] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.471606] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.471629] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.471653] ? __kthread_parkme+0x82/0x180 [ 15.471674] ? preempt_count_sub+0x50/0x80 [ 15.471697] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.471721] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.471744] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.471768] kthread+0x337/0x6f0 [ 15.471788] ? trace_preempt_on+0x20/0xc0 [ 15.471811] ? __pfx_kthread+0x10/0x10 [ 15.471833] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.471854] ? calculate_sigpending+0x7b/0xa0 [ 15.471879] ? __pfx_kthread+0x10/0x10 [ 15.471900] ret_from_fork+0x116/0x1d0 [ 15.471919] ? __pfx_kthread+0x10/0x10 [ 15.471941] ret_from_fork_asm+0x1a/0x30 [ 15.471972] </TASK> [ 15.471983] [ 15.479170] Allocated by task 282: [ 15.479385] kasan_save_stack+0x45/0x70 [ 15.479621] kasan_save_track+0x18/0x40 [ 15.479839] kasan_save_alloc_info+0x3b/0x50 [ 15.480050] __kasan_kmalloc+0xb7/0xc0 [ 15.480270] __kmalloc_cache_noprof+0x189/0x420 [ 15.480499] kasan_atomics+0x95/0x310 [ 15.480662] kunit_try_run_case+0x1a5/0x480 [ 15.480810] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.480986] kthread+0x337/0x6f0 [ 15.481172] ret_from_fork+0x116/0x1d0 [ 15.481385] ret_from_fork_asm+0x1a/0x30 [ 15.481584] [ 15.481696] The buggy address belongs to the object at ffff8881039c5a00 [ 15.481696] which belongs to the cache kmalloc-64 of size 64 [ 15.482283] The buggy address is located 0 bytes to the right of [ 15.482283] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 15.482798] [ 15.482895] The buggy address belongs to the physical page: [ 15.483184] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 15.483534] flags: 0x200000000000000(node=0|zone=2) [ 15.483760] page_type: f5(slab) [ 15.483927] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.484281] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.484619] page dumped because: kasan: bad access detected [ 15.484871] [ 15.484991] Memory state around the buggy address: [ 15.485188] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.485491] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.485817] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.486166] ^ [ 15.486393] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.486649] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.486863] ================================================================== [ 14.452246] ================================================================== [ 14.452707] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 14.453110] Write of size 4 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 14.453594] [ 14.453734] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.453846] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.453860] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.453894] Call Trace: [ 14.453907] <TASK> [ 14.453922] dump_stack_lvl+0x73/0xb0 [ 14.453951] print_report+0xd1/0x650 [ 14.453973] ? __virt_addr_valid+0x1db/0x2d0 [ 14.453997] ? kasan_atomics_helper+0xc70/0x5450 [ 14.454019] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.454042] ? kasan_atomics_helper+0xc70/0x5450 [ 14.454064] kasan_report+0x141/0x180 [ 14.454086] ? kasan_atomics_helper+0xc70/0x5450 [ 14.454113] kasan_check_range+0x10c/0x1c0 [ 14.454163] __kasan_check_write+0x18/0x20 [ 14.454184] kasan_atomics_helper+0xc70/0x5450 [ 14.454207] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.454230] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.454256] ? kasan_atomics+0x152/0x310 [ 14.454283] kasan_atomics+0x1dc/0x310 [ 14.454372] ? __pfx_kasan_atomics+0x10/0x10 [ 14.454397] ? __pfx_read_tsc+0x10/0x10 [ 14.454420] ? ktime_get_ts64+0x86/0x230 [ 14.454445] kunit_try_run_case+0x1a5/0x480 [ 14.454470] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.454492] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.454521] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.454544] ? __kthread_parkme+0x82/0x180 [ 14.454565] ? preempt_count_sub+0x50/0x80 [ 14.454590] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.454614] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.454637] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.454661] kthread+0x337/0x6f0 [ 14.454681] ? trace_preempt_on+0x20/0xc0 [ 14.454706] ? __pfx_kthread+0x10/0x10 [ 14.454726] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.454748] ? calculate_sigpending+0x7b/0xa0 [ 14.454771] ? __pfx_kthread+0x10/0x10 [ 14.454793] ret_from_fork+0x116/0x1d0 [ 14.454812] ? __pfx_kthread+0x10/0x10 [ 14.454834] ret_from_fork_asm+0x1a/0x30 [ 14.454865] </TASK> [ 14.454877] [ 14.464920] Allocated by task 282: [ 14.465106] kasan_save_stack+0x45/0x70 [ 14.465513] kasan_save_track+0x18/0x40 [ 14.465680] kasan_save_alloc_info+0x3b/0x50 [ 14.465896] __kasan_kmalloc+0xb7/0xc0 [ 14.466229] __kmalloc_cache_noprof+0x189/0x420 [ 14.466433] kasan_atomics+0x95/0x310 [ 14.466610] kunit_try_run_case+0x1a5/0x480 [ 14.466826] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.467072] kthread+0x337/0x6f0 [ 14.467244] ret_from_fork+0x116/0x1d0 [ 14.467427] ret_from_fork_asm+0x1a/0x30 [ 14.467613] [ 14.467701] The buggy address belongs to the object at ffff8881039c5a00 [ 14.467701] which belongs to the cache kmalloc-64 of size 64 [ 14.468482] The buggy address is located 0 bytes to the right of [ 14.468482] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 14.469044] [ 14.469220] The buggy address belongs to the physical page: [ 14.469622] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 14.469934] flags: 0x200000000000000(node=0|zone=2) [ 14.470269] page_type: f5(slab) [ 14.470579] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.470894] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.471361] page dumped because: kasan: bad access detected [ 14.471623] [ 14.471811] Memory state around the buggy address: [ 14.472025] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.472489] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.472846] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.473228] ^ [ 14.473623] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.473993] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.474435] ================================================================== [ 14.976818] ================================================================== [ 14.977272] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 14.977603] Write of size 8 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 14.977831] [ 14.977913] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.977954] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.977967] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.977986] Call Trace: [ 14.978002] <TASK> [ 14.978018] dump_stack_lvl+0x73/0xb0 [ 14.978042] print_report+0xd1/0x650 [ 14.978075] ? __virt_addr_valid+0x1db/0x2d0 [ 14.978099] ? kasan_atomics_helper+0x177f/0x5450 [ 14.978153] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.978177] ? kasan_atomics_helper+0x177f/0x5450 [ 14.978199] kasan_report+0x141/0x180 [ 14.978221] ? kasan_atomics_helper+0x177f/0x5450 [ 14.978248] kasan_check_range+0x10c/0x1c0 [ 14.978272] __kasan_check_write+0x18/0x20 [ 14.978292] kasan_atomics_helper+0x177f/0x5450 [ 14.978315] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.978338] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.978364] ? kasan_atomics+0x152/0x310 [ 14.978390] kasan_atomics+0x1dc/0x310 [ 14.978413] ? __pfx_kasan_atomics+0x10/0x10 [ 14.978437] ? __pfx_read_tsc+0x10/0x10 [ 14.978459] ? ktime_get_ts64+0x86/0x230 [ 14.978482] kunit_try_run_case+0x1a5/0x480 [ 14.978507] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.978536] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.978559] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.978582] ? __kthread_parkme+0x82/0x180 [ 14.978604] ? preempt_count_sub+0x50/0x80 [ 14.978627] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.978652] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.978674] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.978698] kthread+0x337/0x6f0 [ 14.978717] ? trace_preempt_on+0x20/0xc0 [ 14.978741] ? __pfx_kthread+0x10/0x10 [ 14.978762] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.978782] ? calculate_sigpending+0x7b/0xa0 [ 14.978806] ? __pfx_kthread+0x10/0x10 [ 14.978828] ret_from_fork+0x116/0x1d0 [ 14.978846] ? __pfx_kthread+0x10/0x10 [ 14.978867] ret_from_fork_asm+0x1a/0x30 [ 14.978899] </TASK> [ 14.978910] [ 14.989764] Allocated by task 282: [ 14.990089] kasan_save_stack+0x45/0x70 [ 14.990303] kasan_save_track+0x18/0x40 [ 14.990649] kasan_save_alloc_info+0x3b/0x50 [ 14.990942] __kasan_kmalloc+0xb7/0xc0 [ 14.991096] __kmalloc_cache_noprof+0x189/0x420 [ 14.991548] kasan_atomics+0x95/0x310 [ 14.991742] kunit_try_run_case+0x1a5/0x480 [ 14.992034] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.992302] kthread+0x337/0x6f0 [ 14.992585] ret_from_fork+0x116/0x1d0 [ 14.992881] ret_from_fork_asm+0x1a/0x30 [ 14.993102] [ 14.993296] The buggy address belongs to the object at ffff8881039c5a00 [ 14.993296] which belongs to the cache kmalloc-64 of size 64 [ 14.993896] The buggy address is located 0 bytes to the right of [ 14.993896] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 14.994380] [ 14.994481] The buggy address belongs to the physical page: [ 14.994744] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 14.995046] flags: 0x200000000000000(node=0|zone=2) [ 14.995256] page_type: f5(slab) [ 14.995380] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.995742] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.996043] page dumped because: kasan: bad access detected [ 14.996297] [ 14.996390] Memory state around the buggy address: [ 14.996557] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.997008] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.997339] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.997668] ^ [ 14.997880] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.998150] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.998459] ================================================================== [ 15.360453] ================================================================== [ 15.360913] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 15.361266] Read of size 8 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 15.361547] [ 15.361652] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.361692] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.361705] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.361725] Call Trace: [ 15.361741] <TASK> [ 15.361755] dump_stack_lvl+0x73/0xb0 [ 15.361782] print_report+0xd1/0x650 [ 15.361805] ? __virt_addr_valid+0x1db/0x2d0 [ 15.361828] ? kasan_atomics_helper+0x4f98/0x5450 [ 15.361850] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.361872] ? kasan_atomics_helper+0x4f98/0x5450 [ 15.361894] kasan_report+0x141/0x180 [ 15.361916] ? kasan_atomics_helper+0x4f98/0x5450 [ 15.361942] __asan_report_load8_noabort+0x18/0x20 [ 15.361966] kasan_atomics_helper+0x4f98/0x5450 [ 15.362021] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.362043] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.362082] ? kasan_atomics+0x152/0x310 [ 15.362110] kasan_atomics+0x1dc/0x310 [ 15.362159] ? __pfx_kasan_atomics+0x10/0x10 [ 15.362184] ? __pfx_read_tsc+0x10/0x10 [ 15.362206] ? ktime_get_ts64+0x86/0x230 [ 15.362230] kunit_try_run_case+0x1a5/0x480 [ 15.362254] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.362277] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.362303] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.362327] ? __kthread_parkme+0x82/0x180 [ 15.362349] ? preempt_count_sub+0x50/0x80 [ 15.362373] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.362397] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.362421] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.362445] kthread+0x337/0x6f0 [ 15.362464] ? trace_preempt_on+0x20/0xc0 [ 15.362489] ? __pfx_kthread+0x10/0x10 [ 15.362513] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.362534] ? calculate_sigpending+0x7b/0xa0 [ 15.362559] ? __pfx_kthread+0x10/0x10 [ 15.362582] ret_from_fork+0x116/0x1d0 [ 15.362601] ? __pfx_kthread+0x10/0x10 [ 15.362623] ret_from_fork_asm+0x1a/0x30 [ 15.362665] </TASK> [ 15.362677] [ 15.370219] Allocated by task 282: [ 15.370397] kasan_save_stack+0x45/0x70 [ 15.370586] kasan_save_track+0x18/0x40 [ 15.370784] kasan_save_alloc_info+0x3b/0x50 [ 15.370931] __kasan_kmalloc+0xb7/0xc0 [ 15.371060] __kmalloc_cache_noprof+0x189/0x420 [ 15.371327] kasan_atomics+0x95/0x310 [ 15.371519] kunit_try_run_case+0x1a5/0x480 [ 15.371712] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.371895] kthread+0x337/0x6f0 [ 15.372062] ret_from_fork+0x116/0x1d0 [ 15.372311] ret_from_fork_asm+0x1a/0x30 [ 15.372522] [ 15.372597] The buggy address belongs to the object at ffff8881039c5a00 [ 15.372597] which belongs to the cache kmalloc-64 of size 64 [ 15.373138] The buggy address is located 0 bytes to the right of [ 15.373138] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 15.373656] [ 15.373729] The buggy address belongs to the physical page: [ 15.373904] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 15.374183] flags: 0x200000000000000(node=0|zone=2) [ 15.374437] page_type: f5(slab) [ 15.374604] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.374974] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.375350] page dumped because: kasan: bad access detected [ 15.375594] [ 15.375715] Memory state around the buggy address: [ 15.375873] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.376090] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.376354] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.376671] ^ [ 15.376922] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.377321] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.377615] ================================================================== [ 15.190462] ================================================================== [ 15.190797] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 15.191152] Write of size 8 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 15.191709] [ 15.192065] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.192115] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.192154] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.192175] Call Trace: [ 15.192193] <TASK> [ 15.192210] dump_stack_lvl+0x73/0xb0 [ 15.192239] print_report+0xd1/0x650 [ 15.192262] ? __virt_addr_valid+0x1db/0x2d0 [ 15.192287] ? kasan_atomics_helper+0x1ce1/0x5450 [ 15.192309] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.192331] ? kasan_atomics_helper+0x1ce1/0x5450 [ 15.192354] kasan_report+0x141/0x180 [ 15.192377] ? kasan_atomics_helper+0x1ce1/0x5450 [ 15.192403] kasan_check_range+0x10c/0x1c0 [ 15.192427] __kasan_check_write+0x18/0x20 [ 15.192448] kasan_atomics_helper+0x1ce1/0x5450 [ 15.192472] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.192496] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.192522] ? kasan_atomics+0x152/0x310 [ 15.192549] kasan_atomics+0x1dc/0x310 [ 15.192573] ? __pfx_kasan_atomics+0x10/0x10 [ 15.192598] ? __pfx_read_tsc+0x10/0x10 [ 15.192620] ? ktime_get_ts64+0x86/0x230 [ 15.192644] kunit_try_run_case+0x1a5/0x480 [ 15.192669] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.192692] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.192717] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.192741] ? __kthread_parkme+0x82/0x180 [ 15.192762] ? preempt_count_sub+0x50/0x80 [ 15.192786] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.192810] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.192833] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.192855] kthread+0x337/0x6f0 [ 15.192876] ? trace_preempt_on+0x20/0xc0 [ 15.192899] ? __pfx_kthread+0x10/0x10 [ 15.192920] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.192941] ? calculate_sigpending+0x7b/0xa0 [ 15.192965] ? __pfx_kthread+0x10/0x10 [ 15.192987] ret_from_fork+0x116/0x1d0 [ 15.193007] ? __pfx_kthread+0x10/0x10 [ 15.193027] ret_from_fork_asm+0x1a/0x30 [ 15.193058] </TASK> [ 15.193070] [ 15.203914] Allocated by task 282: [ 15.204388] kasan_save_stack+0x45/0x70 [ 15.204601] kasan_save_track+0x18/0x40 [ 15.204803] kasan_save_alloc_info+0x3b/0x50 [ 15.205103] __kasan_kmalloc+0xb7/0xc0 [ 15.205420] __kmalloc_cache_noprof+0x189/0x420 [ 15.205718] kasan_atomics+0x95/0x310 [ 15.205923] kunit_try_run_case+0x1a5/0x480 [ 15.206320] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.206660] kthread+0x337/0x6f0 [ 15.206912] ret_from_fork+0x116/0x1d0 [ 15.207119] ret_from_fork_asm+0x1a/0x30 [ 15.207423] [ 15.207523] The buggy address belongs to the object at ffff8881039c5a00 [ 15.207523] which belongs to the cache kmalloc-64 of size 64 [ 15.208252] The buggy address is located 0 bytes to the right of [ 15.208252] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 15.208864] [ 15.208988] The buggy address belongs to the physical page: [ 15.209447] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 15.209795] flags: 0x200000000000000(node=0|zone=2) [ 15.210160] page_type: f5(slab) [ 15.210452] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.210889] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.211369] page dumped because: kasan: bad access detected [ 15.211705] [ 15.211785] Memory state around the buggy address: [ 15.212036] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.212545] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.212881] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.213352] ^ [ 15.213606] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.214039] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.214482] ================================================================== [ 14.133919] ================================================================== [ 14.134190] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 14.134641] Read of size 4 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 14.134891] [ 14.134982] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.135034] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.135048] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.135079] Call Trace: [ 14.135095] <TASK> [ 14.135110] dump_stack_lvl+0x73/0xb0 [ 14.135164] print_report+0xd1/0x650 [ 14.135186] ? __virt_addr_valid+0x1db/0x2d0 [ 14.135209] ? kasan_atomics_helper+0x4b54/0x5450 [ 14.135231] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.135253] ? kasan_atomics_helper+0x4b54/0x5450 [ 14.135275] kasan_report+0x141/0x180 [ 14.135368] ? kasan_atomics_helper+0x4b54/0x5450 [ 14.135399] __asan_report_load4_noabort+0x18/0x20 [ 14.135436] kasan_atomics_helper+0x4b54/0x5450 [ 14.135468] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.135490] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.135526] ? kasan_atomics+0x152/0x310 [ 14.135554] kasan_atomics+0x1dc/0x310 [ 14.135576] ? __pfx_kasan_atomics+0x10/0x10 [ 14.135601] ? __pfx_read_tsc+0x10/0x10 [ 14.135622] ? ktime_get_ts64+0x86/0x230 [ 14.135646] kunit_try_run_case+0x1a5/0x480 [ 14.135670] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.135692] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.135716] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.135739] ? __kthread_parkme+0x82/0x180 [ 14.135760] ? preempt_count_sub+0x50/0x80 [ 14.135793] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.135817] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.135840] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.135874] kthread+0x337/0x6f0 [ 14.135894] ? trace_preempt_on+0x20/0xc0 [ 14.135917] ? __pfx_kthread+0x10/0x10 [ 14.135938] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.135968] ? calculate_sigpending+0x7b/0xa0 [ 14.135991] ? __pfx_kthread+0x10/0x10 [ 14.136013] ret_from_fork+0x116/0x1d0 [ 14.136042] ? __pfx_kthread+0x10/0x10 [ 14.136064] ret_from_fork_asm+0x1a/0x30 [ 14.136094] </TASK> [ 14.136105] [ 14.145318] Allocated by task 282: [ 14.145491] kasan_save_stack+0x45/0x70 [ 14.145677] kasan_save_track+0x18/0x40 [ 14.145856] kasan_save_alloc_info+0x3b/0x50 [ 14.146052] __kasan_kmalloc+0xb7/0xc0 [ 14.146675] __kmalloc_cache_noprof+0x189/0x420 [ 14.146898] kasan_atomics+0x95/0x310 [ 14.147065] kunit_try_run_case+0x1a5/0x480 [ 14.147259] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.147601] kthread+0x337/0x6f0 [ 14.147765] ret_from_fork+0x116/0x1d0 [ 14.147956] ret_from_fork_asm+0x1a/0x30 [ 14.148097] [ 14.148250] The buggy address belongs to the object at ffff8881039c5a00 [ 14.148250] which belongs to the cache kmalloc-64 of size 64 [ 14.148803] The buggy address is located 0 bytes to the right of [ 14.148803] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 14.149400] [ 14.149502] The buggy address belongs to the physical page: [ 14.149791] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 14.150179] flags: 0x200000000000000(node=0|zone=2) [ 14.150632] page_type: f5(slab) [ 14.150782] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.151137] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.151557] page dumped because: kasan: bad access detected [ 14.151798] [ 14.151912] Memory state around the buggy address: [ 14.152090] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.152530] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.152837] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.153099] ^ [ 14.153429] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.153716] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.154038] ================================================================== [ 14.958446] ================================================================== [ 14.958798] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 14.959152] Write of size 8 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 14.959492] [ 14.959602] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.959642] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.959654] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.959676] Call Trace: [ 14.959689] <TASK> [ 14.959702] dump_stack_lvl+0x73/0xb0 [ 14.959726] print_report+0xd1/0x650 [ 14.959749] ? __virt_addr_valid+0x1db/0x2d0 [ 14.959772] ? kasan_atomics_helper+0x16e7/0x5450 [ 14.959793] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.959816] ? kasan_atomics_helper+0x16e7/0x5450 [ 14.959837] kasan_report+0x141/0x180 [ 14.959860] ? kasan_atomics_helper+0x16e7/0x5450 [ 14.959886] kasan_check_range+0x10c/0x1c0 [ 14.959910] __kasan_check_write+0x18/0x20 [ 14.959930] kasan_atomics_helper+0x16e7/0x5450 [ 14.959954] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.959976] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.960001] ? kasan_atomics+0x152/0x310 [ 14.960027] kasan_atomics+0x1dc/0x310 [ 14.960050] ? __pfx_kasan_atomics+0x10/0x10 [ 14.960074] ? __pfx_read_tsc+0x10/0x10 [ 14.960095] ? ktime_get_ts64+0x86/0x230 [ 14.960240] kunit_try_run_case+0x1a5/0x480 [ 14.960275] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.960313] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.960338] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.960370] ? __kthread_parkme+0x82/0x180 [ 14.960391] ? preempt_count_sub+0x50/0x80 [ 14.960426] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.960450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.960475] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.960499] kthread+0x337/0x6f0 [ 14.960528] ? trace_preempt_on+0x20/0xc0 [ 14.960552] ? __pfx_kthread+0x10/0x10 [ 14.960573] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.960606] ? calculate_sigpending+0x7b/0xa0 [ 14.960630] ? __pfx_kthread+0x10/0x10 [ 14.960652] ret_from_fork+0x116/0x1d0 [ 14.960680] ? __pfx_kthread+0x10/0x10 [ 14.960701] ret_from_fork_asm+0x1a/0x30 [ 14.960742] </TASK> [ 14.960755] [ 14.968502] Allocated by task 282: [ 14.968685] kasan_save_stack+0x45/0x70 [ 14.968889] kasan_save_track+0x18/0x40 [ 14.969086] kasan_save_alloc_info+0x3b/0x50 [ 14.969264] __kasan_kmalloc+0xb7/0xc0 [ 14.969402] __kmalloc_cache_noprof+0x189/0x420 [ 14.969560] kasan_atomics+0x95/0x310 [ 14.969695] kunit_try_run_case+0x1a5/0x480 [ 14.969842] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.970074] kthread+0x337/0x6f0 [ 14.970313] ret_from_fork+0x116/0x1d0 [ 14.970549] ret_from_fork_asm+0x1a/0x30 [ 14.970785] [ 14.970896] The buggy address belongs to the object at ffff8881039c5a00 [ 14.970896] which belongs to the cache kmalloc-64 of size 64 [ 14.971464] The buggy address is located 0 bytes to the right of [ 14.971464] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 14.972020] [ 14.972092] The buggy address belongs to the physical page: [ 14.972400] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 14.972656] flags: 0x200000000000000(node=0|zone=2) [ 14.972823] page_type: f5(slab) [ 14.972952] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.973360] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.973702] page dumped because: kasan: bad access detected [ 14.973981] [ 14.974076] Memory state around the buggy address: [ 14.974342] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.974642] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.974960] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.975316] ^ [ 14.975544] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.975853] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.976205] ================================================================== [ 14.313837] ================================================================== [ 14.314104] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 14.314710] Write of size 4 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 14.314933] [ 14.315018] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.315060] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.315073] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.315095] Call Trace: [ 14.315109] <TASK> [ 14.315154] dump_stack_lvl+0x73/0xb0 [ 14.315183] print_report+0xd1/0x650 [ 14.315206] ? __virt_addr_valid+0x1db/0x2d0 [ 14.315272] ? kasan_atomics_helper+0x860/0x5450 [ 14.315378] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.315456] ? kasan_atomics_helper+0x860/0x5450 [ 14.315525] kasan_report+0x141/0x180 [ 14.315548] ? kasan_atomics_helper+0x860/0x5450 [ 14.315575] kasan_check_range+0x10c/0x1c0 [ 14.315599] __kasan_check_write+0x18/0x20 [ 14.315620] kasan_atomics_helper+0x860/0x5450 [ 14.315643] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.315666] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.315693] ? kasan_atomics+0x152/0x310 [ 14.315721] kasan_atomics+0x1dc/0x310 [ 14.315744] ? __pfx_kasan_atomics+0x10/0x10 [ 14.315770] ? __pfx_read_tsc+0x10/0x10 [ 14.315792] ? ktime_get_ts64+0x86/0x230 [ 14.315816] kunit_try_run_case+0x1a5/0x480 [ 14.315842] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.315865] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.315922] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.315946] ? __kthread_parkme+0x82/0x180 [ 14.315968] ? preempt_count_sub+0x50/0x80 [ 14.315993] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.316017] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.316071] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.316096] kthread+0x337/0x6f0 [ 14.316140] ? trace_preempt_on+0x20/0xc0 [ 14.316165] ? __pfx_kthread+0x10/0x10 [ 14.316187] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.316208] ? calculate_sigpending+0x7b/0xa0 [ 14.316233] ? __pfx_kthread+0x10/0x10 [ 14.316256] ret_from_fork+0x116/0x1d0 [ 14.316275] ? __pfx_kthread+0x10/0x10 [ 14.316353] ret_from_fork_asm+0x1a/0x30 [ 14.316387] </TASK> [ 14.316399] [ 14.327110] Allocated by task 282: [ 14.327283] kasan_save_stack+0x45/0x70 [ 14.327491] kasan_save_track+0x18/0x40 [ 14.327670] kasan_save_alloc_info+0x3b/0x50 [ 14.327869] __kasan_kmalloc+0xb7/0xc0 [ 14.328052] __kmalloc_cache_noprof+0x189/0x420 [ 14.328294] kasan_atomics+0x95/0x310 [ 14.328433] kunit_try_run_case+0x1a5/0x480 [ 14.328575] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.328747] kthread+0x337/0x6f0 [ 14.328867] ret_from_fork+0x116/0x1d0 [ 14.329064] ret_from_fork_asm+0x1a/0x30 [ 14.329368] [ 14.329599] The buggy address belongs to the object at ffff8881039c5a00 [ 14.329599] which belongs to the cache kmalloc-64 of size 64 [ 14.330722] The buggy address is located 0 bytes to the right of [ 14.330722] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 14.331552] [ 14.331711] The buggy address belongs to the physical page: [ 14.332013] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 14.332559] flags: 0x200000000000000(node=0|zone=2) [ 14.332803] page_type: f5(slab) [ 14.333036] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.333527] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.333969] page dumped because: kasan: bad access detected [ 14.334249] [ 14.334509] Memory state around the buggy address: [ 14.334739] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.335009] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.335655] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.336067] ^ [ 14.336413] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.336685] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.337022] ================================================================== [ 14.494445] ================================================================== [ 14.494707] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 14.494933] Write of size 4 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 14.495695] [ 14.495828] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.495940] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.495955] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.496005] Call Trace: [ 14.496020] <TASK> [ 14.496046] dump_stack_lvl+0x73/0xb0 [ 14.496087] print_report+0xd1/0x650 [ 14.496111] ? __virt_addr_valid+0x1db/0x2d0 [ 14.496145] ? kasan_atomics_helper+0xd47/0x5450 [ 14.496167] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.496190] ? kasan_atomics_helper+0xd47/0x5450 [ 14.496212] kasan_report+0x141/0x180 [ 14.496235] ? kasan_atomics_helper+0xd47/0x5450 [ 14.496262] kasan_check_range+0x10c/0x1c0 [ 14.496287] __kasan_check_write+0x18/0x20 [ 14.496307] kasan_atomics_helper+0xd47/0x5450 [ 14.496330] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.496353] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.496379] ? kasan_atomics+0x152/0x310 [ 14.496406] kasan_atomics+0x1dc/0x310 [ 14.496429] ? __pfx_kasan_atomics+0x10/0x10 [ 14.496454] ? __pfx_read_tsc+0x10/0x10 [ 14.496553] ? ktime_get_ts64+0x86/0x230 [ 14.496598] kunit_try_run_case+0x1a5/0x480 [ 14.496623] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.496646] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.496671] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.496694] ? __kthread_parkme+0x82/0x180 [ 14.496716] ? preempt_count_sub+0x50/0x80 [ 14.496740] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.496764] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.496788] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.496812] kthread+0x337/0x6f0 [ 14.496832] ? trace_preempt_on+0x20/0xc0 [ 14.496856] ? __pfx_kthread+0x10/0x10 [ 14.496878] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.496899] ? calculate_sigpending+0x7b/0xa0 [ 14.496923] ? __pfx_kthread+0x10/0x10 [ 14.496945] ret_from_fork+0x116/0x1d0 [ 14.496965] ? __pfx_kthread+0x10/0x10 [ 14.496986] ret_from_fork_asm+0x1a/0x30 [ 14.497017] </TASK> [ 14.497029] [ 14.508052] Allocated by task 282: [ 14.508266] kasan_save_stack+0x45/0x70 [ 14.508900] kasan_save_track+0x18/0x40 [ 14.509110] kasan_save_alloc_info+0x3b/0x50 [ 14.509437] __kasan_kmalloc+0xb7/0xc0 [ 14.509579] __kmalloc_cache_noprof+0x189/0x420 [ 14.509794] kasan_atomics+0x95/0x310 [ 14.509985] kunit_try_run_case+0x1a5/0x480 [ 14.510277] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.510651] kthread+0x337/0x6f0 [ 14.510787] ret_from_fork+0x116/0x1d0 [ 14.510969] ret_from_fork_asm+0x1a/0x30 [ 14.511223] [ 14.511325] The buggy address belongs to the object at ffff8881039c5a00 [ 14.511325] which belongs to the cache kmalloc-64 of size 64 [ 14.511920] The buggy address is located 0 bytes to the right of [ 14.511920] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 14.512558] [ 14.512638] The buggy address belongs to the physical page: [ 14.512930] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 14.513625] flags: 0x200000000000000(node=0|zone=2) [ 14.513892] page_type: f5(slab) [ 14.514091] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.514360] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.514747] page dumped because: kasan: bad access detected [ 14.515039] [ 14.515134] Memory state around the buggy address: [ 14.515422] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.515774] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.516081] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.516425] ^ [ 14.516751] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.517106] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.517527] ================================================================== [ 15.066017] ================================================================== [ 15.066543] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 15.066992] Write of size 8 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 15.067444] [ 15.067657] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.067705] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.067721] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.067895] Call Trace: [ 15.067915] <TASK> [ 15.067932] dump_stack_lvl+0x73/0xb0 [ 15.067961] print_report+0xd1/0x650 [ 15.067985] ? __virt_addr_valid+0x1db/0x2d0 [ 15.068009] ? kasan_atomics_helper+0x19e3/0x5450 [ 15.068031] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.068054] ? kasan_atomics_helper+0x19e3/0x5450 [ 15.068077] kasan_report+0x141/0x180 [ 15.068099] ? kasan_atomics_helper+0x19e3/0x5450 [ 15.068158] kasan_check_range+0x10c/0x1c0 [ 15.068183] __kasan_check_write+0x18/0x20 [ 15.068203] kasan_atomics_helper+0x19e3/0x5450 [ 15.068227] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.068250] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.068277] ? kasan_atomics+0x152/0x310 [ 15.068303] kasan_atomics+0x1dc/0x310 [ 15.068327] ? __pfx_kasan_atomics+0x10/0x10 [ 15.068351] ? __pfx_read_tsc+0x10/0x10 [ 15.068372] ? ktime_get_ts64+0x86/0x230 [ 15.068397] kunit_try_run_case+0x1a5/0x480 [ 15.068422] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.068444] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.068467] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.068490] ? __kthread_parkme+0x82/0x180 [ 15.068513] ? preempt_count_sub+0x50/0x80 [ 15.068537] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.068561] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.068585] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.068608] kthread+0x337/0x6f0 [ 15.068629] ? trace_preempt_on+0x20/0xc0 [ 15.068653] ? __pfx_kthread+0x10/0x10 [ 15.068674] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.068695] ? calculate_sigpending+0x7b/0xa0 [ 15.068718] ? __pfx_kthread+0x10/0x10 [ 15.068740] ret_from_fork+0x116/0x1d0 [ 15.068758] ? __pfx_kthread+0x10/0x10 [ 15.068780] ret_from_fork_asm+0x1a/0x30 [ 15.068810] </TASK> [ 15.068822] [ 15.079397] Allocated by task 282: [ 15.079644] kasan_save_stack+0x45/0x70 [ 15.079907] kasan_save_track+0x18/0x40 [ 15.080219] kasan_save_alloc_info+0x3b/0x50 [ 15.080502] __kasan_kmalloc+0xb7/0xc0 [ 15.080754] __kmalloc_cache_noprof+0x189/0x420 [ 15.081041] kasan_atomics+0x95/0x310 [ 15.081290] kunit_try_run_case+0x1a5/0x480 [ 15.081507] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.081756] kthread+0x337/0x6f0 [ 15.081911] ret_from_fork+0x116/0x1d0 [ 15.082058] ret_from_fork_asm+0x1a/0x30 [ 15.082571] [ 15.082770] The buggy address belongs to the object at ffff8881039c5a00 [ 15.082770] which belongs to the cache kmalloc-64 of size 64 [ 15.083429] The buggy address is located 0 bytes to the right of [ 15.083429] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 15.084206] [ 15.084291] The buggy address belongs to the physical page: [ 15.084675] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 15.085142] flags: 0x200000000000000(node=0|zone=2) [ 15.085467] page_type: f5(slab) [ 15.085714] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.086168] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.086597] page dumped because: kasan: bad access detected [ 15.086870] [ 15.087096] Memory state around the buggy address: [ 15.087461] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.087778] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.088238] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.088606] ^ [ 15.088862] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.089305] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.089643] ================================================================== [ 14.867300] ================================================================== [ 14.867671] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 14.868020] Write of size 8 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 14.868386] [ 14.868514] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.868556] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.868569] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.868602] Call Trace: [ 14.868614] <TASK> [ 14.868628] dump_stack_lvl+0x73/0xb0 [ 14.868655] print_report+0xd1/0x650 [ 14.868689] ? __virt_addr_valid+0x1db/0x2d0 [ 14.868713] ? kasan_atomics_helper+0x1467/0x5450 [ 14.868735] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.868766] ? kasan_atomics_helper+0x1467/0x5450 [ 14.868788] kasan_report+0x141/0x180 [ 14.868811] ? kasan_atomics_helper+0x1467/0x5450 [ 14.868847] kasan_check_range+0x10c/0x1c0 [ 14.868872] __kasan_check_write+0x18/0x20 [ 14.868892] kasan_atomics_helper+0x1467/0x5450 [ 14.868923] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.868946] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.868971] ? kasan_atomics+0x152/0x310 [ 14.869008] kasan_atomics+0x1dc/0x310 [ 14.869032] ? __pfx_kasan_atomics+0x10/0x10 [ 14.869057] ? __pfx_read_tsc+0x10/0x10 [ 14.869078] ? ktime_get_ts64+0x86/0x230 [ 14.869102] kunit_try_run_case+0x1a5/0x480 [ 14.869156] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.869178] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.869203] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.869226] ? __kthread_parkme+0x82/0x180 [ 14.869248] ? preempt_count_sub+0x50/0x80 [ 14.869273] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.869307] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.869332] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.869355] kthread+0x337/0x6f0 [ 14.869388] ? trace_preempt_on+0x20/0xc0 [ 14.869412] ? __pfx_kthread+0x10/0x10 [ 14.869433] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.869465] ? calculate_sigpending+0x7b/0xa0 [ 14.869489] ? __pfx_kthread+0x10/0x10 [ 14.869511] ret_from_fork+0x116/0x1d0 [ 14.869530] ? __pfx_kthread+0x10/0x10 [ 14.869551] ret_from_fork_asm+0x1a/0x30 [ 14.869581] </TASK> [ 14.869593] [ 14.877320] Allocated by task 282: [ 14.877524] kasan_save_stack+0x45/0x70 [ 14.877710] kasan_save_track+0x18/0x40 [ 14.877900] kasan_save_alloc_info+0x3b/0x50 [ 14.878051] __kasan_kmalloc+0xb7/0xc0 [ 14.878213] __kmalloc_cache_noprof+0x189/0x420 [ 14.878372] kasan_atomics+0x95/0x310 [ 14.878506] kunit_try_run_case+0x1a5/0x480 [ 14.878657] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.878853] kthread+0x337/0x6f0 [ 14.879052] ret_from_fork+0x116/0x1d0 [ 14.879279] ret_from_fork_asm+0x1a/0x30 [ 14.879474] [ 14.879576] The buggy address belongs to the object at ffff8881039c5a00 [ 14.879576] which belongs to the cache kmalloc-64 of size 64 [ 14.880110] The buggy address is located 0 bytes to the right of [ 14.880110] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 14.880697] [ 14.880783] The buggy address belongs to the physical page: [ 14.880960] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 14.881242] flags: 0x200000000000000(node=0|zone=2) [ 14.881413] page_type: f5(slab) [ 14.881534] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.881908] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.882309] page dumped because: kasan: bad access detected [ 14.882589] [ 14.882699] Memory state around the buggy address: [ 14.882924] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.883300] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.883642] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.883948] ^ [ 14.884181] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.884503] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.884823] ================================================================== [ 15.451986] ================================================================== [ 15.452368] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 15.452668] Write of size 8 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 15.452993] [ 15.453149] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.453192] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.453204] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.453225] Call Trace: [ 15.453239] <TASK> [ 15.453254] dump_stack_lvl+0x73/0xb0 [ 15.453281] print_report+0xd1/0x650 [ 15.453314] ? __virt_addr_valid+0x1db/0x2d0 [ 15.453339] ? kasan_atomics_helper+0x224c/0x5450 [ 15.453360] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.453395] ? kasan_atomics_helper+0x224c/0x5450 [ 15.453417] kasan_report+0x141/0x180 [ 15.453440] ? kasan_atomics_helper+0x224c/0x5450 [ 15.453467] kasan_check_range+0x10c/0x1c0 [ 15.453501] __kasan_check_write+0x18/0x20 [ 15.453521] kasan_atomics_helper+0x224c/0x5450 [ 15.453544] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.453577] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.453603] ? kasan_atomics+0x152/0x310 [ 15.453631] kasan_atomics+0x1dc/0x310 [ 15.453662] ? __pfx_kasan_atomics+0x10/0x10 [ 15.453687] ? __pfx_read_tsc+0x10/0x10 [ 15.453708] ? ktime_get_ts64+0x86/0x230 [ 15.453744] kunit_try_run_case+0x1a5/0x480 [ 15.453768] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.453791] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.453815] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.453838] ? __kthread_parkme+0x82/0x180 [ 15.453869] ? preempt_count_sub+0x50/0x80 [ 15.453893] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.453917] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.453951] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.453975] kthread+0x337/0x6f0 [ 15.453994] ? trace_preempt_on+0x20/0xc0 [ 15.454019] ? __pfx_kthread+0x10/0x10 [ 15.454040] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.454062] ? calculate_sigpending+0x7b/0xa0 [ 15.454086] ? __pfx_kthread+0x10/0x10 [ 15.454107] ret_from_fork+0x116/0x1d0 [ 15.454154] ? __pfx_kthread+0x10/0x10 [ 15.454176] ret_from_fork_asm+0x1a/0x30 [ 15.454206] </TASK> [ 15.454217] [ 15.461769] Allocated by task 282: [ 15.461916] kasan_save_stack+0x45/0x70 [ 15.462153] kasan_save_track+0x18/0x40 [ 15.462371] kasan_save_alloc_info+0x3b/0x50 [ 15.462555] __kasan_kmalloc+0xb7/0xc0 [ 15.462770] __kmalloc_cache_noprof+0x189/0x420 [ 15.462978] kasan_atomics+0x95/0x310 [ 15.463193] kunit_try_run_case+0x1a5/0x480 [ 15.463409] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.463639] kthread+0x337/0x6f0 [ 15.463814] ret_from_fork+0x116/0x1d0 [ 15.464031] ret_from_fork_asm+0x1a/0x30 [ 15.464221] [ 15.464293] The buggy address belongs to the object at ffff8881039c5a00 [ 15.464293] which belongs to the cache kmalloc-64 of size 64 [ 15.464649] The buggy address is located 0 bytes to the right of [ 15.464649] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 15.465069] [ 15.465195] The buggy address belongs to the physical page: [ 15.465488] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 15.465909] flags: 0x200000000000000(node=0|zone=2) [ 15.466207] page_type: f5(slab) [ 15.466379] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.466726] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.467046] page dumped because: kasan: bad access detected [ 15.467257] [ 15.467330] Memory state around the buggy address: [ 15.467487] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.467731] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.468080] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.468435] ^ [ 15.468690] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.469018] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.469380] ================================================================== [ 14.999020] ================================================================== [ 14.999345] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 14.999669] Write of size 8 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 14.999975] [ 15.000077] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.000132] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.000145] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.000168] Call Trace: [ 15.000183] <TASK> [ 15.000200] dump_stack_lvl+0x73/0xb0 [ 15.000226] print_report+0xd1/0x650 [ 15.000249] ? __virt_addr_valid+0x1db/0x2d0 [ 15.000273] ? kasan_atomics_helper+0x1818/0x5450 [ 15.000295] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.000319] ? kasan_atomics_helper+0x1818/0x5450 [ 15.000342] kasan_report+0x141/0x180 [ 15.000364] ? kasan_atomics_helper+0x1818/0x5450 [ 15.000390] kasan_check_range+0x10c/0x1c0 [ 15.000414] __kasan_check_write+0x18/0x20 [ 15.000433] kasan_atomics_helper+0x1818/0x5450 [ 15.000457] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.000479] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.000504] ? kasan_atomics+0x152/0x310 [ 15.000530] kasan_atomics+0x1dc/0x310 [ 15.000554] ? __pfx_kasan_atomics+0x10/0x10 [ 15.000578] ? __pfx_read_tsc+0x10/0x10 [ 15.000600] ? ktime_get_ts64+0x86/0x230 [ 15.000623] kunit_try_run_case+0x1a5/0x480 [ 15.000647] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.000670] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.000693] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.000717] ? __kthread_parkme+0x82/0x180 [ 15.000738] ? preempt_count_sub+0x50/0x80 [ 15.000761] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.000785] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.000808] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.000833] kthread+0x337/0x6f0 [ 15.000852] ? trace_preempt_on+0x20/0xc0 [ 15.000876] ? __pfx_kthread+0x10/0x10 [ 15.000898] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.000921] ? calculate_sigpending+0x7b/0xa0 [ 15.000947] ? __pfx_kthread+0x10/0x10 [ 15.000971] ret_from_fork+0x116/0x1d0 [ 15.000992] ? __pfx_kthread+0x10/0x10 [ 15.001015] ret_from_fork_asm+0x1a/0x30 [ 15.001046] </TASK> [ 15.001058] [ 15.008819] Allocated by task 282: [ 15.009013] kasan_save_stack+0x45/0x70 [ 15.009276] kasan_save_track+0x18/0x40 [ 15.009451] kasan_save_alloc_info+0x3b/0x50 [ 15.009644] __kasan_kmalloc+0xb7/0xc0 [ 15.009812] __kmalloc_cache_noprof+0x189/0x420 [ 15.009985] kasan_atomics+0x95/0x310 [ 15.010221] kunit_try_run_case+0x1a5/0x480 [ 15.010401] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.010586] kthread+0x337/0x6f0 [ 15.010768] ret_from_fork+0x116/0x1d0 [ 15.010954] ret_from_fork_asm+0x1a/0x30 [ 15.011192] [ 15.011288] The buggy address belongs to the object at ffff8881039c5a00 [ 15.011288] which belongs to the cache kmalloc-64 of size 64 [ 15.011696] The buggy address is located 0 bytes to the right of [ 15.011696] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 15.012069] [ 15.012202] The buggy address belongs to the physical page: [ 15.012454] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 15.012805] flags: 0x200000000000000(node=0|zone=2) [ 15.013037] page_type: f5(slab) [ 15.013233] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.013468] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.013697] page dumped because: kasan: bad access detected [ 15.013926] [ 15.014022] Memory state around the buggy address: [ 15.014278] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.014605] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.014931] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.015265] ^ [ 15.015485] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.015759] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.016033] ================================================================== [ 14.627079] ================================================================== [ 14.627527] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 14.627929] Write of size 4 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 14.628235] [ 14.628410] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.628492] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.628544] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.628567] Call Trace: [ 14.628583] <TASK> [ 14.628598] dump_stack_lvl+0x73/0xb0 [ 14.628638] print_report+0xd1/0x650 [ 14.628660] ? __virt_addr_valid+0x1db/0x2d0 [ 14.628684] ? kasan_atomics_helper+0x1079/0x5450 [ 14.628708] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.628731] ? kasan_atomics_helper+0x1079/0x5450 [ 14.628753] kasan_report+0x141/0x180 [ 14.628805] ? kasan_atomics_helper+0x1079/0x5450 [ 14.628833] kasan_check_range+0x10c/0x1c0 [ 14.628858] __kasan_check_write+0x18/0x20 [ 14.628888] kasan_atomics_helper+0x1079/0x5450 [ 14.628911] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.628934] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.628960] ? kasan_atomics+0x152/0x310 [ 14.628987] kasan_atomics+0x1dc/0x310 [ 14.629011] ? __pfx_kasan_atomics+0x10/0x10 [ 14.629035] ? __pfx_read_tsc+0x10/0x10 [ 14.629084] ? ktime_get_ts64+0x86/0x230 [ 14.629136] kunit_try_run_case+0x1a5/0x480 [ 14.629162] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.629185] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.629209] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.629231] ? __kthread_parkme+0x82/0x180 [ 14.629253] ? preempt_count_sub+0x50/0x80 [ 14.629278] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.629301] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.629341] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.629365] kthread+0x337/0x6f0 [ 14.629387] ? trace_preempt_on+0x20/0xc0 [ 14.629413] ? __pfx_kthread+0x10/0x10 [ 14.629434] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.629456] ? calculate_sigpending+0x7b/0xa0 [ 14.629480] ? __pfx_kthread+0x10/0x10 [ 14.629502] ret_from_fork+0x116/0x1d0 [ 14.629522] ? __pfx_kthread+0x10/0x10 [ 14.629543] ret_from_fork_asm+0x1a/0x30 [ 14.629573] </TASK> [ 14.629585] [ 14.639064] Allocated by task 282: [ 14.639304] kasan_save_stack+0x45/0x70 [ 14.639472] kasan_save_track+0x18/0x40 [ 14.639611] kasan_save_alloc_info+0x3b/0x50 [ 14.640034] __kasan_kmalloc+0xb7/0xc0 [ 14.640259] __kmalloc_cache_noprof+0x189/0x420 [ 14.640466] kasan_atomics+0x95/0x310 [ 14.640792] kunit_try_run_case+0x1a5/0x480 [ 14.641016] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.641294] kthread+0x337/0x6f0 [ 14.641511] ret_from_fork+0x116/0x1d0 [ 14.641840] ret_from_fork_asm+0x1a/0x30 [ 14.642048] [ 14.642206] The buggy address belongs to the object at ffff8881039c5a00 [ 14.642206] which belongs to the cache kmalloc-64 of size 64 [ 14.642678] The buggy address is located 0 bytes to the right of [ 14.642678] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 14.643455] [ 14.643583] The buggy address belongs to the physical page: [ 14.643846] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 14.644209] flags: 0x200000000000000(node=0|zone=2) [ 14.644549] page_type: f5(slab) [ 14.644717] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.645082] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.645324] page dumped because: kasan: bad access detected [ 14.645643] [ 14.645796] Memory state around the buggy address: [ 14.646026] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.646459] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.646797] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.647016] ^ [ 14.647553] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.647892] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.648183] ================================================================== [ 14.337632] ================================================================== [ 14.338003] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 14.338488] Write of size 4 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 14.339031] [ 14.339158] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.339203] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.339216] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.339240] Call Trace: [ 14.339257] <TASK> [ 14.339274] dump_stack_lvl+0x73/0xb0 [ 14.339302] print_report+0xd1/0x650 [ 14.339324] ? __virt_addr_valid+0x1db/0x2d0 [ 14.339419] ? kasan_atomics_helper+0x8f9/0x5450 [ 14.339496] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.339523] ? kasan_atomics_helper+0x8f9/0x5450 [ 14.339546] kasan_report+0x141/0x180 [ 14.339569] ? kasan_atomics_helper+0x8f9/0x5450 [ 14.339596] kasan_check_range+0x10c/0x1c0 [ 14.339620] __kasan_check_write+0x18/0x20 [ 14.339708] kasan_atomics_helper+0x8f9/0x5450 [ 14.339744] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.339767] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.339793] ? kasan_atomics+0x152/0x310 [ 14.339821] kasan_atomics+0x1dc/0x310 [ 14.339844] ? __pfx_kasan_atomics+0x10/0x10 [ 14.339869] ? __pfx_read_tsc+0x10/0x10 [ 14.339892] ? ktime_get_ts64+0x86/0x230 [ 14.339918] kunit_try_run_case+0x1a5/0x480 [ 14.339943] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.339966] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.339990] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.340013] ? __kthread_parkme+0x82/0x180 [ 14.340034] ? preempt_count_sub+0x50/0x80 [ 14.340058] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.340082] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.340106] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.340139] kthread+0x337/0x6f0 [ 14.340159] ? trace_preempt_on+0x20/0xc0 [ 14.340184] ? __pfx_kthread+0x10/0x10 [ 14.340205] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.340227] ? calculate_sigpending+0x7b/0xa0 [ 14.340251] ? __pfx_kthread+0x10/0x10 [ 14.340274] ret_from_fork+0x116/0x1d0 [ 14.340293] ? __pfx_kthread+0x10/0x10 [ 14.340363] ret_from_fork_asm+0x1a/0x30 [ 14.340396] </TASK> [ 14.340408] [ 14.351173] Allocated by task 282: [ 14.351358] kasan_save_stack+0x45/0x70 [ 14.351639] kasan_save_track+0x18/0x40 [ 14.351837] kasan_save_alloc_info+0x3b/0x50 [ 14.352106] __kasan_kmalloc+0xb7/0xc0 [ 14.352372] __kmalloc_cache_noprof+0x189/0x420 [ 14.352826] kasan_atomics+0x95/0x310 [ 14.353030] kunit_try_run_case+0x1a5/0x480 [ 14.353258] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.353578] kthread+0x337/0x6f0 [ 14.353977] ret_from_fork+0x116/0x1d0 [ 14.354193] ret_from_fork_asm+0x1a/0x30 [ 14.354556] [ 14.354716] The buggy address belongs to the object at ffff8881039c5a00 [ 14.354716] which belongs to the cache kmalloc-64 of size 64 [ 14.355298] The buggy address is located 0 bytes to the right of [ 14.355298] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 14.356140] [ 14.356254] The buggy address belongs to the physical page: [ 14.356484] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 14.356850] flags: 0x200000000000000(node=0|zone=2) [ 14.357076] page_type: f5(slab) [ 14.357335] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.357709] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.358261] page dumped because: kasan: bad access detected [ 14.358589] [ 14.358689] Memory state around the buggy address: [ 14.358859] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.359464] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.359772] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.360076] ^ [ 14.360503] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.360811] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.361237] ================================================================== [ 14.200582] ================================================================== [ 14.200998] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 14.201398] Write of size 4 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 14.201682] [ 14.201807] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.201859] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.201872] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.201893] Call Trace: [ 14.201906] <TASK> [ 14.201921] dump_stack_lvl+0x73/0xb0 [ 14.201947] print_report+0xd1/0x650 [ 14.201971] ? __virt_addr_valid+0x1db/0x2d0 [ 14.201995] ? kasan_atomics_helper+0x565/0x5450 [ 14.202017] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.202040] ? kasan_atomics_helper+0x565/0x5450 [ 14.202062] kasan_report+0x141/0x180 [ 14.202085] ? kasan_atomics_helper+0x565/0x5450 [ 14.202120] kasan_check_range+0x10c/0x1c0 [ 14.202162] __kasan_check_write+0x18/0x20 [ 14.202182] kasan_atomics_helper+0x565/0x5450 [ 14.202206] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.202239] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.202265] ? kasan_atomics+0x152/0x310 [ 14.202293] kasan_atomics+0x1dc/0x310 [ 14.202316] ? __pfx_kasan_atomics+0x10/0x10 [ 14.202411] ? __pfx_read_tsc+0x10/0x10 [ 14.202434] ? ktime_get_ts64+0x86/0x230 [ 14.202460] kunit_try_run_case+0x1a5/0x480 [ 14.202484] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.202508] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.202535] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.202558] ? __kthread_parkme+0x82/0x180 [ 14.202580] ? preempt_count_sub+0x50/0x80 [ 14.202604] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.202628] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.202652] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.202676] kthread+0x337/0x6f0 [ 14.202696] ? trace_preempt_on+0x20/0xc0 [ 14.202720] ? __pfx_kthread+0x10/0x10 [ 14.202751] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.202774] ? calculate_sigpending+0x7b/0xa0 [ 14.202797] ? __pfx_kthread+0x10/0x10 [ 14.202829] ret_from_fork+0x116/0x1d0 [ 14.202851] ? __pfx_kthread+0x10/0x10 [ 14.202872] ret_from_fork_asm+0x1a/0x30 [ 14.202902] </TASK> [ 14.202923] [ 14.211058] Allocated by task 282: [ 14.211518] kasan_save_stack+0x45/0x70 [ 14.211777] kasan_save_track+0x18/0x40 [ 14.211978] kasan_save_alloc_info+0x3b/0x50 [ 14.212207] __kasan_kmalloc+0xb7/0xc0 [ 14.212473] __kmalloc_cache_noprof+0x189/0x420 [ 14.212674] kasan_atomics+0x95/0x310 [ 14.212852] kunit_try_run_case+0x1a5/0x480 [ 14.213078] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.213413] kthread+0x337/0x6f0 [ 14.213609] ret_from_fork+0x116/0x1d0 [ 14.213798] ret_from_fork_asm+0x1a/0x30 [ 14.213983] [ 14.214101] The buggy address belongs to the object at ffff8881039c5a00 [ 14.214101] which belongs to the cache kmalloc-64 of size 64 [ 14.214538] The buggy address is located 0 bytes to the right of [ 14.214538] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 14.215051] [ 14.215189] The buggy address belongs to the physical page: [ 14.215534] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 14.215898] flags: 0x200000000000000(node=0|zone=2) [ 14.216153] page_type: f5(slab) [ 14.216542] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.216905] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.217227] page dumped because: kasan: bad access detected [ 14.217579] [ 14.217685] Memory state around the buggy address: [ 14.217881] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.218216] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.218502] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.218780] ^ [ 14.219022] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.219450] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.219794] ================================================================== [ 14.113928] ================================================================== [ 14.114320] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 14.114714] Read of size 4 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 14.115017] [ 14.115186] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.115228] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.115241] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.115264] Call Trace: [ 14.115277] <TASK> [ 14.115342] dump_stack_lvl+0x73/0xb0 [ 14.115373] print_report+0xd1/0x650 [ 14.115408] ? __virt_addr_valid+0x1db/0x2d0 [ 14.115434] ? kasan_atomics_helper+0x3df/0x5450 [ 14.115455] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.115489] ? kasan_atomics_helper+0x3df/0x5450 [ 14.115510] kasan_report+0x141/0x180 [ 14.115533] ? kasan_atomics_helper+0x3df/0x5450 [ 14.115559] kasan_check_range+0x10c/0x1c0 [ 14.115584] __kasan_check_read+0x15/0x20 [ 14.115603] kasan_atomics_helper+0x3df/0x5450 [ 14.115626] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.115648] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.115674] ? kasan_atomics+0x152/0x310 [ 14.115701] kasan_atomics+0x1dc/0x310 [ 14.115724] ? __pfx_kasan_atomics+0x10/0x10 [ 14.115758] ? __pfx_read_tsc+0x10/0x10 [ 14.115779] ? ktime_get_ts64+0x86/0x230 [ 14.115804] kunit_try_run_case+0x1a5/0x480 [ 14.115838] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.115862] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.115886] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.115909] ? __kthread_parkme+0x82/0x180 [ 14.115940] ? preempt_count_sub+0x50/0x80 [ 14.115965] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.115988] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.116021] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.116045] kthread+0x337/0x6f0 [ 14.116065] ? trace_preempt_on+0x20/0xc0 [ 14.116097] ? __pfx_kthread+0x10/0x10 [ 14.116151] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.116173] ? calculate_sigpending+0x7b/0xa0 [ 14.116197] ? __pfx_kthread+0x10/0x10 [ 14.116219] ret_from_fork+0x116/0x1d0 [ 14.116239] ? __pfx_kthread+0x10/0x10 [ 14.116260] ret_from_fork_asm+0x1a/0x30 [ 14.116337] </TASK> [ 14.116352] [ 14.124905] Allocated by task 282: [ 14.125103] kasan_save_stack+0x45/0x70 [ 14.125421] kasan_save_track+0x18/0x40 [ 14.125649] kasan_save_alloc_info+0x3b/0x50 [ 14.125835] __kasan_kmalloc+0xb7/0xc0 [ 14.126010] __kmalloc_cache_noprof+0x189/0x420 [ 14.126253] kasan_atomics+0x95/0x310 [ 14.126535] kunit_try_run_case+0x1a5/0x480 [ 14.126742] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.126945] kthread+0x337/0x6f0 [ 14.127070] ret_from_fork+0x116/0x1d0 [ 14.127239] ret_from_fork_asm+0x1a/0x30 [ 14.127524] [ 14.127623] The buggy address belongs to the object at ffff8881039c5a00 [ 14.127623] which belongs to the cache kmalloc-64 of size 64 [ 14.128168] The buggy address is located 0 bytes to the right of [ 14.128168] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 14.128556] [ 14.128653] The buggy address belongs to the physical page: [ 14.129181] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 14.129636] flags: 0x200000000000000(node=0|zone=2) [ 14.129898] page_type: f5(slab) [ 14.130069] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.130447] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.130753] page dumped because: kasan: bad access detected [ 14.131026] [ 14.131144] Memory state around the buggy address: [ 14.131355] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.131682] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.132028] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.132352] ^ [ 14.132618] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.132941] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.133467] ================================================================== [ 15.264978] ================================================================== [ 15.265928] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 15.266195] Write of size 8 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 15.266427] [ 15.266521] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.266565] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.266579] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.266600] Call Trace: [ 15.266618] <TASK> [ 15.266636] dump_stack_lvl+0x73/0xb0 [ 15.266663] print_report+0xd1/0x650 [ 15.266686] ? __virt_addr_valid+0x1db/0x2d0 [ 15.266710] ? kasan_atomics_helper+0x1eaa/0x5450 [ 15.266732] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.266754] ? kasan_atomics_helper+0x1eaa/0x5450 [ 15.266776] kasan_report+0x141/0x180 [ 15.266799] ? kasan_atomics_helper+0x1eaa/0x5450 [ 15.266826] kasan_check_range+0x10c/0x1c0 [ 15.266850] __kasan_check_write+0x18/0x20 [ 15.266870] kasan_atomics_helper+0x1eaa/0x5450 [ 15.266892] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.266915] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.266940] ? kasan_atomics+0x152/0x310 [ 15.266968] kasan_atomics+0x1dc/0x310 [ 15.266991] ? __pfx_kasan_atomics+0x10/0x10 [ 15.267016] ? __pfx_read_tsc+0x10/0x10 [ 15.267037] ? ktime_get_ts64+0x86/0x230 [ 15.267061] kunit_try_run_case+0x1a5/0x480 [ 15.267086] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.267109] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.267143] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.267166] ? __kthread_parkme+0x82/0x180 [ 15.267187] ? preempt_count_sub+0x50/0x80 [ 15.267212] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.267236] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.267259] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.267283] kthread+0x337/0x6f0 [ 15.267303] ? trace_preempt_on+0x20/0xc0 [ 15.267326] ? __pfx_kthread+0x10/0x10 [ 15.267347] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.267369] ? calculate_sigpending+0x7b/0xa0 [ 15.267393] ? __pfx_kthread+0x10/0x10 [ 15.267415] ret_from_fork+0x116/0x1d0 [ 15.267433] ? __pfx_kthread+0x10/0x10 [ 15.267454] ret_from_fork_asm+0x1a/0x30 [ 15.267484] </TASK> [ 15.267496] [ 15.280195] Allocated by task 282: [ 15.280510] kasan_save_stack+0x45/0x70 [ 15.280858] kasan_save_track+0x18/0x40 [ 15.281221] kasan_save_alloc_info+0x3b/0x50 [ 15.281672] __kasan_kmalloc+0xb7/0xc0 [ 15.282009] __kmalloc_cache_noprof+0x189/0x420 [ 15.282741] kasan_atomics+0x95/0x310 [ 15.282899] kunit_try_run_case+0x1a5/0x480 [ 15.283045] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.283507] kthread+0x337/0x6f0 [ 15.283804] ret_from_fork+0x116/0x1d0 [ 15.284142] ret_from_fork_asm+0x1a/0x30 [ 15.285216] [ 15.285592] The buggy address belongs to the object at ffff8881039c5a00 [ 15.285592] which belongs to the cache kmalloc-64 of size 64 [ 15.286495] The buggy address is located 0 bytes to the right of [ 15.286495] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 15.288435] [ 15.288522] The buggy address belongs to the physical page: [ 15.288705] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 15.289042] flags: 0x200000000000000(node=0|zone=2) [ 15.289282] page_type: f5(slab) [ 15.289443] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.289748] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.290049] page dumped because: kasan: bad access detected [ 15.291859] [ 15.291943] Memory state around the buggy address: [ 15.292108] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.292739] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.292963] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.293353] ^ [ 15.293813] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.294479] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.295093] ================================================================== [ 14.180883] ================================================================== [ 14.181238] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 14.181704] Write of size 4 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 14.182046] [ 14.182154] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.182199] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.182212] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.182235] Call Trace: [ 14.182263] <TASK> [ 14.182279] dump_stack_lvl+0x73/0xb0 [ 14.182307] print_report+0xd1/0x650 [ 14.182343] ? __virt_addr_valid+0x1db/0x2d0 [ 14.182367] ? kasan_atomics_helper+0x4b3a/0x5450 [ 14.182389] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.182412] ? kasan_atomics_helper+0x4b3a/0x5450 [ 14.182434] kasan_report+0x141/0x180 [ 14.182465] ? kasan_atomics_helper+0x4b3a/0x5450 [ 14.182507] __asan_report_store4_noabort+0x1b/0x30 [ 14.182581] kasan_atomics_helper+0x4b3a/0x5450 [ 14.182606] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.182629] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.182655] ? kasan_atomics+0x152/0x310 [ 14.182683] kasan_atomics+0x1dc/0x310 [ 14.182706] ? __pfx_kasan_atomics+0x10/0x10 [ 14.182732] ? __pfx_read_tsc+0x10/0x10 [ 14.182754] ? ktime_get_ts64+0x86/0x230 [ 14.182778] kunit_try_run_case+0x1a5/0x480 [ 14.182803] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.182827] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.182851] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.182874] ? __kthread_parkme+0x82/0x180 [ 14.182895] ? preempt_count_sub+0x50/0x80 [ 14.182920] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.182943] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.182967] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.182991] kthread+0x337/0x6f0 [ 14.183021] ? trace_preempt_on+0x20/0xc0 [ 14.183045] ? __pfx_kthread+0x10/0x10 [ 14.183066] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.183099] ? calculate_sigpending+0x7b/0xa0 [ 14.183130] ? __pfx_kthread+0x10/0x10 [ 14.183153] ret_from_fork+0x116/0x1d0 [ 14.183172] ? __pfx_kthread+0x10/0x10 [ 14.183192] ret_from_fork_asm+0x1a/0x30 [ 14.183223] </TASK> [ 14.183235] [ 14.191760] Allocated by task 282: [ 14.191927] kasan_save_stack+0x45/0x70 [ 14.192162] kasan_save_track+0x18/0x40 [ 14.192356] kasan_save_alloc_info+0x3b/0x50 [ 14.192569] __kasan_kmalloc+0xb7/0xc0 [ 14.192787] __kmalloc_cache_noprof+0x189/0x420 [ 14.193004] kasan_atomics+0x95/0x310 [ 14.193240] kunit_try_run_case+0x1a5/0x480 [ 14.193502] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.193684] kthread+0x337/0x6f0 [ 14.193807] ret_from_fork+0x116/0x1d0 [ 14.193990] ret_from_fork_asm+0x1a/0x30 [ 14.194221] [ 14.194318] The buggy address belongs to the object at ffff8881039c5a00 [ 14.194318] which belongs to the cache kmalloc-64 of size 64 [ 14.194760] The buggy address is located 0 bytes to the right of [ 14.194760] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 14.195685] [ 14.195775] The buggy address belongs to the physical page: [ 14.195993] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 14.196262] flags: 0x200000000000000(node=0|zone=2) [ 14.196541] page_type: f5(slab) [ 14.196709] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.197053] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.197665] page dumped because: kasan: bad access detected [ 14.197928] [ 14.198016] Memory state around the buggy address: [ 14.198185] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.198639] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.198981] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.199274] ^ [ 14.199550] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.199790] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.200184] ================================================================== [ 14.154626] ================================================================== [ 14.154945] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 14.155268] Write of size 4 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 14.155777] [ 14.155875] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.155920] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.155934] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.155956] Call Trace: [ 14.155982] <TASK> [ 14.155996] dump_stack_lvl+0x73/0xb0 [ 14.156025] print_report+0xd1/0x650 [ 14.156060] ? __virt_addr_valid+0x1db/0x2d0 [ 14.156084] ? kasan_atomics_helper+0x4a0/0x5450 [ 14.156105] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.156137] ? kasan_atomics_helper+0x4a0/0x5450 [ 14.156159] kasan_report+0x141/0x180 [ 14.156182] ? kasan_atomics_helper+0x4a0/0x5450 [ 14.156208] kasan_check_range+0x10c/0x1c0 [ 14.156233] __kasan_check_write+0x18/0x20 [ 14.156259] kasan_atomics_helper+0x4a0/0x5450 [ 14.156324] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.156357] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.156382] ? kasan_atomics+0x152/0x310 [ 14.156461] kasan_atomics+0x1dc/0x310 [ 14.156488] ? __pfx_kasan_atomics+0x10/0x10 [ 14.156513] ? __pfx_read_tsc+0x10/0x10 [ 14.156534] ? ktime_get_ts64+0x86/0x230 [ 14.156558] kunit_try_run_case+0x1a5/0x480 [ 14.156582] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.156605] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.156628] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.156651] ? __kthread_parkme+0x82/0x180 [ 14.156672] ? preempt_count_sub+0x50/0x80 [ 14.156695] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.156731] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.156754] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.156779] kthread+0x337/0x6f0 [ 14.156810] ? trace_preempt_on+0x20/0xc0 [ 14.156842] ? __pfx_kthread+0x10/0x10 [ 14.156863] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.156884] ? calculate_sigpending+0x7b/0xa0 [ 14.156919] ? __pfx_kthread+0x10/0x10 [ 14.156940] ret_from_fork+0x116/0x1d0 [ 14.156959] ? __pfx_kthread+0x10/0x10 [ 14.156980] ret_from_fork_asm+0x1a/0x30 [ 14.157011] </TASK> [ 14.157023] [ 14.168550] Allocated by task 282: [ 14.168819] kasan_save_stack+0x45/0x70 [ 14.169139] kasan_save_track+0x18/0x40 [ 14.169558] kasan_save_alloc_info+0x3b/0x50 [ 14.169977] __kasan_kmalloc+0xb7/0xc0 [ 14.170192] __kmalloc_cache_noprof+0x189/0x420 [ 14.170842] kasan_atomics+0x95/0x310 [ 14.171345] kunit_try_run_case+0x1a5/0x480 [ 14.171699] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.171883] kthread+0x337/0x6f0 [ 14.172005] ret_from_fork+0x116/0x1d0 [ 14.172203] ret_from_fork_asm+0x1a/0x30 [ 14.172647] [ 14.172841] The buggy address belongs to the object at ffff8881039c5a00 [ 14.172841] which belongs to the cache kmalloc-64 of size 64 [ 14.173998] The buggy address is located 0 bytes to the right of [ 14.173998] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 14.175039] [ 14.175142] The buggy address belongs to the physical page: [ 14.175878] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 14.176490] flags: 0x200000000000000(node=0|zone=2) [ 14.176664] page_type: f5(slab) [ 14.176787] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.177020] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.177287] page dumped because: kasan: bad access detected [ 14.177644] [ 14.177787] Memory state around the buggy address: [ 14.178027] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.178371] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.178671] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.179045] ^ [ 14.179450] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.179725] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.180049] ================================================================== [ 15.339476] ================================================================== [ 15.340357] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 15.341052] Write of size 8 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 15.341714] [ 15.341810] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.341854] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.341867] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.341889] Call Trace: [ 15.341905] <TASK> [ 15.341921] dump_stack_lvl+0x73/0xb0 [ 15.341949] print_report+0xd1/0x650 [ 15.341971] ? __virt_addr_valid+0x1db/0x2d0 [ 15.341995] ? kasan_atomics_helper+0x2006/0x5450 [ 15.342017] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.342039] ? kasan_atomics_helper+0x2006/0x5450 [ 15.342062] kasan_report+0x141/0x180 [ 15.342085] ? kasan_atomics_helper+0x2006/0x5450 [ 15.342111] kasan_check_range+0x10c/0x1c0 [ 15.342148] __kasan_check_write+0x18/0x20 [ 15.342200] kasan_atomics_helper+0x2006/0x5450 [ 15.342225] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.342249] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.342301] ? kasan_atomics+0x152/0x310 [ 15.342329] kasan_atomics+0x1dc/0x310 [ 15.342364] ? __pfx_kasan_atomics+0x10/0x10 [ 15.342389] ? __pfx_read_tsc+0x10/0x10 [ 15.342410] ? ktime_get_ts64+0x86/0x230 [ 15.342434] kunit_try_run_case+0x1a5/0x480 [ 15.342458] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.342481] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.342504] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.342534] ? __kthread_parkme+0x82/0x180 [ 15.342555] ? preempt_count_sub+0x50/0x80 [ 15.342580] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.342603] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.342627] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.342651] kthread+0x337/0x6f0 [ 15.342671] ? trace_preempt_on+0x20/0xc0 [ 15.342695] ? __pfx_kthread+0x10/0x10 [ 15.342716] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.342738] ? calculate_sigpending+0x7b/0xa0 [ 15.342762] ? __pfx_kthread+0x10/0x10 [ 15.342784] ret_from_fork+0x116/0x1d0 [ 15.342803] ? __pfx_kthread+0x10/0x10 [ 15.342824] ret_from_fork_asm+0x1a/0x30 [ 15.342854] </TASK> [ 15.342867] [ 15.352002] Allocated by task 282: [ 15.352148] kasan_save_stack+0x45/0x70 [ 15.352432] kasan_save_track+0x18/0x40 [ 15.352644] kasan_save_alloc_info+0x3b/0x50 [ 15.352858] __kasan_kmalloc+0xb7/0xc0 [ 15.353023] __kmalloc_cache_noprof+0x189/0x420 [ 15.353287] kasan_atomics+0x95/0x310 [ 15.353533] kunit_try_run_case+0x1a5/0x480 [ 15.353805] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.354085] kthread+0x337/0x6f0 [ 15.354324] ret_from_fork+0x116/0x1d0 [ 15.354539] ret_from_fork_asm+0x1a/0x30 [ 15.354779] [ 15.354853] The buggy address belongs to the object at ffff8881039c5a00 [ 15.354853] which belongs to the cache kmalloc-64 of size 64 [ 15.355250] The buggy address is located 0 bytes to the right of [ 15.355250] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 15.355855] [ 15.355957] The buggy address belongs to the physical page: [ 15.356235] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 15.356481] flags: 0x200000000000000(node=0|zone=2) [ 15.356717] page_type: f5(slab) [ 15.356886] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.357252] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.357482] page dumped because: kasan: bad access detected [ 15.357655] [ 15.357731] Memory state around the buggy address: [ 15.357958] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.358349] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.358680] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.359162] ^ [ 15.359415] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.359698] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.359914] ================================================================== [ 14.249929] ================================================================== [ 14.250593] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 14.251002] Write of size 4 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 14.251501] [ 14.251767] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.251813] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.251828] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.251851] Call Trace: [ 14.251867] <TASK> [ 14.251883] dump_stack_lvl+0x73/0xb0 [ 14.251912] print_report+0xd1/0x650 [ 14.251967] ? __virt_addr_valid+0x1db/0x2d0 [ 14.251990] ? kasan_atomics_helper+0x697/0x5450 [ 14.252012] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.252035] ? kasan_atomics_helper+0x697/0x5450 [ 14.252057] kasan_report+0x141/0x180 [ 14.252080] ? kasan_atomics_helper+0x697/0x5450 [ 14.252107] kasan_check_range+0x10c/0x1c0 [ 14.252154] __kasan_check_write+0x18/0x20 [ 14.252175] kasan_atomics_helper+0x697/0x5450 [ 14.252198] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.252221] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.252247] ? kasan_atomics+0x152/0x310 [ 14.252275] kasan_atomics+0x1dc/0x310 [ 14.252298] ? __pfx_kasan_atomics+0x10/0x10 [ 14.252374] ? __pfx_read_tsc+0x10/0x10 [ 14.252395] ? ktime_get_ts64+0x86/0x230 [ 14.252420] kunit_try_run_case+0x1a5/0x480 [ 14.252444] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.252467] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.252491] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.252514] ? __kthread_parkme+0x82/0x180 [ 14.252535] ? preempt_count_sub+0x50/0x80 [ 14.252560] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.252584] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.252608] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.252631] kthread+0x337/0x6f0 [ 14.252651] ? trace_preempt_on+0x20/0xc0 [ 14.252675] ? __pfx_kthread+0x10/0x10 [ 14.252695] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.252718] ? calculate_sigpending+0x7b/0xa0 [ 14.252742] ? __pfx_kthread+0x10/0x10 [ 14.252767] ret_from_fork+0x116/0x1d0 [ 14.252787] ? __pfx_kthread+0x10/0x10 [ 14.252808] ret_from_fork_asm+0x1a/0x30 [ 14.252839] </TASK> [ 14.252852] [ 14.266616] Allocated by task 282: [ 14.266805] kasan_save_stack+0x45/0x70 [ 14.266994] kasan_save_track+0x18/0x40 [ 14.267163] kasan_save_alloc_info+0x3b/0x50 [ 14.267440] __kasan_kmalloc+0xb7/0xc0 [ 14.267637] __kmalloc_cache_noprof+0x189/0x420 [ 14.267830] kasan_atomics+0x95/0x310 [ 14.268016] kunit_try_run_case+0x1a5/0x480 [ 14.268219] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.268453] kthread+0x337/0x6f0 [ 14.268605] ret_from_fork+0x116/0x1d0 [ 14.268738] ret_from_fork_asm+0x1a/0x30 [ 14.268878] [ 14.268958] The buggy address belongs to the object at ffff8881039c5a00 [ 14.268958] which belongs to the cache kmalloc-64 of size 64 [ 14.269616] The buggy address is located 0 bytes to the right of [ 14.269616] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 14.270035] [ 14.270170] The buggy address belongs to the physical page: [ 14.270598] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 14.270966] flags: 0x200000000000000(node=0|zone=2) [ 14.271206] page_type: f5(slab) [ 14.271450] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.271699] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.271999] page dumped because: kasan: bad access detected [ 14.272357] [ 14.272459] Memory state around the buggy address: [ 14.272684] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.272915] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.273268] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.273640] ^ [ 14.273842] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.274088] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.274499] ================================================================== [ 14.293840] ================================================================== [ 14.294220] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 14.294609] Write of size 4 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 14.294932] [ 14.295031] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.295073] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.295087] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.295108] Call Trace: [ 14.295134] <TASK> [ 14.295151] dump_stack_lvl+0x73/0xb0 [ 14.295198] print_report+0xd1/0x650 [ 14.295223] ? __virt_addr_valid+0x1db/0x2d0 [ 14.295247] ? kasan_atomics_helper+0x7c7/0x5450 [ 14.295271] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.295355] ? kasan_atomics_helper+0x7c7/0x5450 [ 14.295381] kasan_report+0x141/0x180 [ 14.295405] ? kasan_atomics_helper+0x7c7/0x5450 [ 14.295432] kasan_check_range+0x10c/0x1c0 [ 14.295457] __kasan_check_write+0x18/0x20 [ 14.295478] kasan_atomics_helper+0x7c7/0x5450 [ 14.295501] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.295523] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.295550] ? kasan_atomics+0x152/0x310 [ 14.295578] kasan_atomics+0x1dc/0x310 [ 14.295601] ? __pfx_kasan_atomics+0x10/0x10 [ 14.295626] ? __pfx_read_tsc+0x10/0x10 [ 14.295648] ? ktime_get_ts64+0x86/0x230 [ 14.295671] kunit_try_run_case+0x1a5/0x480 [ 14.295696] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.295718] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.295743] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.295766] ? __kthread_parkme+0x82/0x180 [ 14.295787] ? preempt_count_sub+0x50/0x80 [ 14.295811] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.295835] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.295859] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.295883] kthread+0x337/0x6f0 [ 14.295903] ? trace_preempt_on+0x20/0xc0 [ 14.295927] ? __pfx_kthread+0x10/0x10 [ 14.295948] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.295970] ? calculate_sigpending+0x7b/0xa0 [ 14.295993] ? __pfx_kthread+0x10/0x10 [ 14.296015] ret_from_fork+0x116/0x1d0 [ 14.296034] ? __pfx_kthread+0x10/0x10 [ 14.296054] ret_from_fork_asm+0x1a/0x30 [ 14.296084] </TASK> [ 14.296097] [ 14.304674] Allocated by task 282: [ 14.304881] kasan_save_stack+0x45/0x70 [ 14.305076] kasan_save_track+0x18/0x40 [ 14.305372] kasan_save_alloc_info+0x3b/0x50 [ 14.305592] __kasan_kmalloc+0xb7/0xc0 [ 14.305779] __kmalloc_cache_noprof+0x189/0x420 [ 14.305998] kasan_atomics+0x95/0x310 [ 14.306220] kunit_try_run_case+0x1a5/0x480 [ 14.306478] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.306663] kthread+0x337/0x6f0 [ 14.306864] ret_from_fork+0x116/0x1d0 [ 14.307075] ret_from_fork_asm+0x1a/0x30 [ 14.307305] [ 14.307423] The buggy address belongs to the object at ffff8881039c5a00 [ 14.307423] which belongs to the cache kmalloc-64 of size 64 [ 14.307955] The buggy address is located 0 bytes to the right of [ 14.307955] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 14.308634] [ 14.308779] The buggy address belongs to the physical page: [ 14.308968] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 14.309622] flags: 0x200000000000000(node=0|zone=2) [ 14.309806] page_type: f5(slab) [ 14.310016] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.310410] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.310823] page dumped because: kasan: bad access detected [ 14.311079] [ 14.311234] Memory state around the buggy address: [ 14.311564] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.311901] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.312239] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.312664] ^ [ 14.312823] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.313058] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.313377] ================================================================== [ 14.669856] ================================================================== [ 14.670239] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 14.670808] Write of size 4 at addr ffff8881039c5a30 by task kunit_try_catch/282 [ 14.671080] [ 14.671316] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.671376] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.671426] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.671450] Call Trace: [ 14.671469] <TASK> [ 14.671497] dump_stack_lvl+0x73/0xb0 [ 14.671528] print_report+0xd1/0x650 [ 14.671551] ? __virt_addr_valid+0x1db/0x2d0 [ 14.671575] ? kasan_atomics_helper+0x1148/0x5450 [ 14.671596] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.671619] ? kasan_atomics_helper+0x1148/0x5450 [ 14.671641] kasan_report+0x141/0x180 [ 14.671664] ? kasan_atomics_helper+0x1148/0x5450 [ 14.671691] kasan_check_range+0x10c/0x1c0 [ 14.671715] __kasan_check_write+0x18/0x20 [ 14.671734] kasan_atomics_helper+0x1148/0x5450 [ 14.671757] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.671779] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.671804] ? kasan_atomics+0x152/0x310 [ 14.671832] kasan_atomics+0x1dc/0x310 [ 14.671855] ? __pfx_kasan_atomics+0x10/0x10 [ 14.671880] ? __pfx_read_tsc+0x10/0x10 [ 14.671901] ? ktime_get_ts64+0x86/0x230 [ 14.671926] kunit_try_run_case+0x1a5/0x480 [ 14.671950] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.671972] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.671995] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.672019] ? __kthread_parkme+0x82/0x180 [ 14.672040] ? preempt_count_sub+0x50/0x80 [ 14.672065] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.672089] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.672112] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.672237] kthread+0x337/0x6f0 [ 14.672265] ? trace_preempt_on+0x20/0xc0 [ 14.672303] ? __pfx_kthread+0x10/0x10 [ 14.672324] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.672388] ? calculate_sigpending+0x7b/0xa0 [ 14.672416] ? __pfx_kthread+0x10/0x10 [ 14.672438] ret_from_fork+0x116/0x1d0 [ 14.672457] ? __pfx_kthread+0x10/0x10 [ 14.672478] ret_from_fork_asm+0x1a/0x30 [ 14.672509] </TASK> [ 14.672520] [ 14.685137] Allocated by task 282: [ 14.685753] kasan_save_stack+0x45/0x70 [ 14.685981] kasan_save_track+0x18/0x40 [ 14.686379] kasan_save_alloc_info+0x3b/0x50 [ 14.686783] __kasan_kmalloc+0xb7/0xc0 [ 14.687084] __kmalloc_cache_noprof+0x189/0x420 [ 14.687616] kasan_atomics+0x95/0x310 [ 14.687808] kunit_try_run_case+0x1a5/0x480 [ 14.687974] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.688539] kthread+0x337/0x6f0 [ 14.688687] ret_from_fork+0x116/0x1d0 [ 14.689019] ret_from_fork_asm+0x1a/0x30 [ 14.689499] [ 14.689600] The buggy address belongs to the object at ffff8881039c5a00 [ 14.689600] which belongs to the cache kmalloc-64 of size 64 [ 14.690392] The buggy address is located 0 bytes to the right of [ 14.690392] allocated 48-byte region [ffff8881039c5a00, ffff8881039c5a30) [ 14.691268] [ 14.691369] The buggy address belongs to the physical page: [ 14.691760] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c5 [ 14.692119] flags: 0x200000000000000(node=0|zone=2) [ 14.692685] page_type: f5(slab) [ 14.693004] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.693469] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.693864] page dumped because: kasan: bad access detected [ 14.694109] [ 14.694260] Memory state around the buggy address: [ 14.694869] ffff8881039c5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.695362] ffff8881039c5980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.695965] >ffff8881039c5a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.696545] ^ [ 14.696886] ffff8881039c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.697395] ffff8881039c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.697821] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 13.931884] ================================================================== [ 13.932222] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.932649] Write of size 8 at addr ffff8881023854e8 by task kunit_try_catch/278 [ 13.933026] [ 13.933160] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.933200] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.933211] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.933239] Call Trace: [ 13.933254] <TASK> [ 13.933267] dump_stack_lvl+0x73/0xb0 [ 13.933384] print_report+0xd1/0x650 [ 13.933414] ? __virt_addr_valid+0x1db/0x2d0 [ 13.933439] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.933465] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.933487] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.933513] kasan_report+0x141/0x180 [ 13.933534] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.933566] kasan_check_range+0x10c/0x1c0 [ 13.933601] __kasan_check_write+0x18/0x20 [ 13.933620] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.933647] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.933686] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.933710] ? kasan_bitops_generic+0x92/0x1c0 [ 13.933736] kasan_bitops_generic+0x121/0x1c0 [ 13.933759] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.933784] ? __pfx_read_tsc+0x10/0x10 [ 13.933805] ? ktime_get_ts64+0x86/0x230 [ 13.933829] kunit_try_run_case+0x1a5/0x480 [ 13.933851] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.933873] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.933896] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.933925] ? __kthread_parkme+0x82/0x180 [ 13.933946] ? preempt_count_sub+0x50/0x80 [ 13.933969] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.934001] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.934023] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.934045] kthread+0x337/0x6f0 [ 13.934064] ? trace_preempt_on+0x20/0xc0 [ 13.934094] ? __pfx_kthread+0x10/0x10 [ 13.934114] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.934166] ? calculate_sigpending+0x7b/0xa0 [ 13.934189] ? __pfx_kthread+0x10/0x10 [ 13.934210] ret_from_fork+0x116/0x1d0 [ 13.934228] ? __pfx_kthread+0x10/0x10 [ 13.934248] ret_from_fork_asm+0x1a/0x30 [ 13.934278] </TASK> [ 13.934288] [ 13.942730] Allocated by task 278: [ 13.942879] kasan_save_stack+0x45/0x70 [ 13.943029] kasan_save_track+0x18/0x40 [ 13.944974] kasan_save_alloc_info+0x3b/0x50 [ 13.945271] __kasan_kmalloc+0xb7/0xc0 [ 13.945612] __kmalloc_cache_noprof+0x189/0x420 [ 13.945843] kasan_bitops_generic+0x92/0x1c0 [ 13.946053] kunit_try_run_case+0x1a5/0x480 [ 13.946284] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.946619] kthread+0x337/0x6f0 [ 13.946809] ret_from_fork+0x116/0x1d0 [ 13.946994] ret_from_fork_asm+0x1a/0x30 [ 13.947219] [ 13.947518] The buggy address belongs to the object at ffff8881023854e0 [ 13.947518] which belongs to the cache kmalloc-16 of size 16 [ 13.948068] The buggy address is located 8 bytes inside of [ 13.948068] allocated 9-byte region [ffff8881023854e0, ffff8881023854e9) [ 13.948568] [ 13.948690] The buggy address belongs to the physical page: [ 13.948942] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102385 [ 13.949279] flags: 0x200000000000000(node=0|zone=2) [ 13.949634] page_type: f5(slab) [ 13.949799] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.950134] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.950567] page dumped because: kasan: bad access detected [ 13.950800] [ 13.950918] Memory state around the buggy address: [ 13.951076] ffff888102385380: 00 06 fc fc 00 06 fc fc fa fb fc fc fa fb fc fc [ 13.951384] ffff888102385400: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc [ 13.951873] >ffff888102385480: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.952235] ^ [ 13.952591] ffff888102385500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.952895] ffff888102385580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.953240] ================================================================== [ 13.953967] ================================================================== [ 13.954486] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.954879] Read of size 8 at addr ffff8881023854e8 by task kunit_try_catch/278 [ 13.955218] [ 13.955546] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.955592] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.955604] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.955637] Call Trace: [ 13.955649] <TASK> [ 13.955662] dump_stack_lvl+0x73/0xb0 [ 13.955689] print_report+0xd1/0x650 [ 13.955720] ? __virt_addr_valid+0x1db/0x2d0 [ 13.955742] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.955780] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.955802] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.955828] kasan_report+0x141/0x180 [ 13.955850] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.955889] kasan_check_range+0x10c/0x1c0 [ 13.955912] __kasan_check_read+0x15/0x20 [ 13.955930] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.955967] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.955995] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.956019] ? kasan_bitops_generic+0x92/0x1c0 [ 13.956046] kasan_bitops_generic+0x121/0x1c0 [ 13.956068] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.956100] ? __pfx_read_tsc+0x10/0x10 [ 13.956153] ? ktime_get_ts64+0x86/0x230 [ 13.956180] kunit_try_run_case+0x1a5/0x480 [ 13.956204] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.956226] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.956248] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.956269] ? __kthread_parkme+0x82/0x180 [ 13.956289] ? preempt_count_sub+0x50/0x80 [ 13.956395] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.956419] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.956441] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.956474] kthread+0x337/0x6f0 [ 13.956493] ? trace_preempt_on+0x20/0xc0 [ 13.956515] ? __pfx_kthread+0x10/0x10 [ 13.956536] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.956557] ? calculate_sigpending+0x7b/0xa0 [ 13.956579] ? __pfx_kthread+0x10/0x10 [ 13.956600] ret_from_fork+0x116/0x1d0 [ 13.956617] ? __pfx_kthread+0x10/0x10 [ 13.956638] ret_from_fork_asm+0x1a/0x30 [ 13.956667] </TASK> [ 13.956679] [ 13.965871] Allocated by task 278: [ 13.966496] kasan_save_stack+0x45/0x70 [ 13.966711] kasan_save_track+0x18/0x40 [ 13.966855] kasan_save_alloc_info+0x3b/0x50 [ 13.967015] __kasan_kmalloc+0xb7/0xc0 [ 13.967176] __kmalloc_cache_noprof+0x189/0x420 [ 13.967400] kasan_bitops_generic+0x92/0x1c0 [ 13.967604] kunit_try_run_case+0x1a5/0x480 [ 13.967811] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.968013] kthread+0x337/0x6f0 [ 13.970213] ret_from_fork+0x116/0x1d0 [ 13.970501] ret_from_fork_asm+0x1a/0x30 [ 13.970724] [ 13.970821] The buggy address belongs to the object at ffff8881023854e0 [ 13.970821] which belongs to the cache kmalloc-16 of size 16 [ 13.971380] The buggy address is located 8 bytes inside of [ 13.971380] allocated 9-byte region [ffff8881023854e0, ffff8881023854e9) [ 13.971811] [ 13.971891] The buggy address belongs to the physical page: [ 13.972204] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102385 [ 13.972965] flags: 0x200000000000000(node=0|zone=2) [ 13.973229] page_type: f5(slab) [ 13.973939] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.974420] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.975402] page dumped because: kasan: bad access detected [ 13.976891] [ 13.976979] Memory state around the buggy address: [ 13.977525] ffff888102385380: 00 06 fc fc 00 06 fc fc fa fb fc fc fa fb fc fc [ 13.978445] ffff888102385400: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc [ 13.978783] >ffff888102385480: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.979016] ^ [ 13.980094] ffff888102385500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.980630] ffff888102385580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.981241] ================================================================== [ 13.796819] ================================================================== [ 13.797165] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.797708] Write of size 8 at addr ffff8881023854e8 by task kunit_try_catch/278 [ 13.798092] [ 13.798281] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.798339] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.798351] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.798370] Call Trace: [ 13.798384] <TASK> [ 13.798399] dump_stack_lvl+0x73/0xb0 [ 13.798440] print_report+0xd1/0x650 [ 13.798474] ? __virt_addr_valid+0x1db/0x2d0 [ 13.798515] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.798544] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.798565] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.798603] kasan_report+0x141/0x180 [ 13.798694] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.798726] kasan_check_range+0x10c/0x1c0 [ 13.798748] __kasan_check_write+0x18/0x20 [ 13.798767] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.798795] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.798822] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.798846] ? kasan_bitops_generic+0x92/0x1c0 [ 13.798872] kasan_bitops_generic+0x121/0x1c0 [ 13.798895] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.799077] ? __pfx_read_tsc+0x10/0x10 [ 13.799098] ? ktime_get_ts64+0x86/0x230 [ 13.799132] kunit_try_run_case+0x1a5/0x480 [ 13.799156] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.799178] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.799232] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.799254] ? __kthread_parkme+0x82/0x180 [ 13.799299] ? preempt_count_sub+0x50/0x80 [ 13.799389] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.799425] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.799448] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.799470] kthread+0x337/0x6f0 [ 13.799501] ? trace_preempt_on+0x20/0xc0 [ 13.799524] ? __pfx_kthread+0x10/0x10 [ 13.799543] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.799564] ? calculate_sigpending+0x7b/0xa0 [ 13.799587] ? __pfx_kthread+0x10/0x10 [ 13.799607] ret_from_fork+0x116/0x1d0 [ 13.799624] ? __pfx_kthread+0x10/0x10 [ 13.799645] ret_from_fork_asm+0x1a/0x30 [ 13.799674] </TASK> [ 13.799684] [ 13.809664] Allocated by task 278: [ 13.809847] kasan_save_stack+0x45/0x70 [ 13.810129] kasan_save_track+0x18/0x40 [ 13.810451] kasan_save_alloc_info+0x3b/0x50 [ 13.810649] __kasan_kmalloc+0xb7/0xc0 [ 13.810828] __kmalloc_cache_noprof+0x189/0x420 [ 13.811036] kasan_bitops_generic+0x92/0x1c0 [ 13.811294] kunit_try_run_case+0x1a5/0x480 [ 13.811445] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.811698] kthread+0x337/0x6f0 [ 13.811903] ret_from_fork+0x116/0x1d0 [ 13.812373] ret_from_fork_asm+0x1a/0x30 [ 13.812569] [ 13.812663] The buggy address belongs to the object at ffff8881023854e0 [ 13.812663] which belongs to the cache kmalloc-16 of size 16 [ 13.813212] The buggy address is located 8 bytes inside of [ 13.813212] allocated 9-byte region [ffff8881023854e0, ffff8881023854e9) [ 13.813860] [ 13.814029] The buggy address belongs to the physical page: [ 13.814289] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102385 [ 13.814860] flags: 0x200000000000000(node=0|zone=2) [ 13.815184] page_type: f5(slab) [ 13.815474] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.815769] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.816103] page dumped because: kasan: bad access detected [ 13.816363] [ 13.816458] Memory state around the buggy address: [ 13.816683] ffff888102385380: 00 06 fc fc 00 06 fc fc fa fb fc fc fa fb fc fc [ 13.816986] ffff888102385400: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc [ 13.817487] >ffff888102385480: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.817760] ^ [ 13.818173] ffff888102385500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.818772] ffff888102385580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.819147] ================================================================== [ 13.888119] ================================================================== [ 13.888382] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.888880] Write of size 8 at addr ffff8881023854e8 by task kunit_try_catch/278 [ 13.889245] [ 13.889398] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.889474] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.889487] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.889506] Call Trace: [ 13.889519] <TASK> [ 13.889534] dump_stack_lvl+0x73/0xb0 [ 13.889570] print_report+0xd1/0x650 [ 13.889593] ? __virt_addr_valid+0x1db/0x2d0 [ 13.889615] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.889654] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.889676] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.889703] kasan_report+0x141/0x180 [ 13.889723] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.889754] kasan_check_range+0x10c/0x1c0 [ 13.889779] __kasan_check_write+0x18/0x20 [ 13.889798] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.889825] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.889851] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.889875] ? kasan_bitops_generic+0x92/0x1c0 [ 13.889902] kasan_bitops_generic+0x121/0x1c0 [ 13.889934] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.889958] ? __pfx_read_tsc+0x10/0x10 [ 13.889977] ? ktime_get_ts64+0x86/0x230 [ 13.890012] kunit_try_run_case+0x1a5/0x480 [ 13.890035] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.890057] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.890078] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.890107] ? __kthread_parkme+0x82/0x180 [ 13.890144] ? preempt_count_sub+0x50/0x80 [ 13.890167] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.890201] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.890223] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.890246] kthread+0x337/0x6f0 [ 13.890264] ? trace_preempt_on+0x20/0xc0 [ 13.890286] ? __pfx_kthread+0x10/0x10 [ 13.890385] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.890411] ? calculate_sigpending+0x7b/0xa0 [ 13.890434] ? __pfx_kthread+0x10/0x10 [ 13.890454] ret_from_fork+0x116/0x1d0 [ 13.890472] ? __pfx_kthread+0x10/0x10 [ 13.890491] ret_from_fork_asm+0x1a/0x30 [ 13.890526] </TASK> [ 13.890537] [ 13.899860] Allocated by task 278: [ 13.899994] kasan_save_stack+0x45/0x70 [ 13.900227] kasan_save_track+0x18/0x40 [ 13.900537] kasan_save_alloc_info+0x3b/0x50 [ 13.900694] __kasan_kmalloc+0xb7/0xc0 [ 13.900826] __kmalloc_cache_noprof+0x189/0x420 [ 13.901023] kasan_bitops_generic+0x92/0x1c0 [ 13.901243] kunit_try_run_case+0x1a5/0x480 [ 13.901673] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.901886] kthread+0x337/0x6f0 [ 13.902008] ret_from_fork+0x116/0x1d0 [ 13.902239] ret_from_fork_asm+0x1a/0x30 [ 13.902679] [ 13.902797] The buggy address belongs to the object at ffff8881023854e0 [ 13.902797] which belongs to the cache kmalloc-16 of size 16 [ 13.903500] The buggy address is located 8 bytes inside of [ 13.903500] allocated 9-byte region [ffff8881023854e0, ffff8881023854e9) [ 13.904098] [ 13.904263] The buggy address belongs to the physical page: [ 13.904447] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102385 [ 13.904687] flags: 0x200000000000000(node=0|zone=2) [ 13.905025] page_type: f5(slab) [ 13.905285] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.905851] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.906086] page dumped because: kasan: bad access detected [ 13.906338] [ 13.906447] Memory state around the buggy address: [ 13.906704] ffff888102385380: 00 06 fc fc 00 06 fc fc fa fb fc fc fa fb fc fc [ 13.907299] ffff888102385400: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc [ 13.907686] >ffff888102385480: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.908302] ^ [ 13.908753] ffff888102385500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.909079] ffff888102385580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.909471] ================================================================== [ 13.820297] ================================================================== [ 13.820617] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.820992] Write of size 8 at addr ffff8881023854e8 by task kunit_try_catch/278 [ 13.821325] [ 13.821425] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.821466] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.821478] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.821498] Call Trace: [ 13.821511] <TASK> [ 13.821524] dump_stack_lvl+0x73/0xb0 [ 13.821549] print_report+0xd1/0x650 [ 13.821572] ? __virt_addr_valid+0x1db/0x2d0 [ 13.821595] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.821621] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.821643] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.821669] kasan_report+0x141/0x180 [ 13.821691] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.821721] kasan_check_range+0x10c/0x1c0 [ 13.821744] __kasan_check_write+0x18/0x20 [ 13.821762] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.821789] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.821816] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.821840] ? kasan_bitops_generic+0x92/0x1c0 [ 13.821866] kasan_bitops_generic+0x121/0x1c0 [ 13.821888] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.821912] ? __pfx_read_tsc+0x10/0x10 [ 13.821932] ? ktime_get_ts64+0x86/0x230 [ 13.821956] kunit_try_run_case+0x1a5/0x480 [ 13.821977] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.821999] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.822021] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.822042] ? __kthread_parkme+0x82/0x180 [ 13.822062] ? preempt_count_sub+0x50/0x80 [ 13.822086] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.822109] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.822488] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.822522] kthread+0x337/0x6f0 [ 13.822557] ? trace_preempt_on+0x20/0xc0 [ 13.822581] ? __pfx_kthread+0x10/0x10 [ 13.822601] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.822621] ? calculate_sigpending+0x7b/0xa0 [ 13.822644] ? __pfx_kthread+0x10/0x10 [ 13.822665] ret_from_fork+0x116/0x1d0 [ 13.822683] ? __pfx_kthread+0x10/0x10 [ 13.822703] ret_from_fork_asm+0x1a/0x30 [ 13.822732] </TASK> [ 13.822743] [ 13.832969] Allocated by task 278: [ 13.833217] kasan_save_stack+0x45/0x70 [ 13.833437] kasan_save_track+0x18/0x40 [ 13.833752] kasan_save_alloc_info+0x3b/0x50 [ 13.834002] __kasan_kmalloc+0xb7/0xc0 [ 13.834151] __kmalloc_cache_noprof+0x189/0x420 [ 13.834353] kasan_bitops_generic+0x92/0x1c0 [ 13.834629] kunit_try_run_case+0x1a5/0x480 [ 13.834994] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.835587] kthread+0x337/0x6f0 [ 13.835912] ret_from_fork+0x116/0x1d0 [ 13.836060] ret_from_fork_asm+0x1a/0x30 [ 13.836289] [ 13.836553] The buggy address belongs to the object at ffff8881023854e0 [ 13.836553] which belongs to the cache kmalloc-16 of size 16 [ 13.837035] The buggy address is located 8 bytes inside of [ 13.837035] allocated 9-byte region [ffff8881023854e0, ffff8881023854e9) [ 13.837785] [ 13.837925] The buggy address belongs to the physical page: [ 13.838226] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102385 [ 13.838611] flags: 0x200000000000000(node=0|zone=2) [ 13.839159] page_type: f5(slab) [ 13.839453] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.839814] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.840137] page dumped because: kasan: bad access detected [ 13.840575] [ 13.840658] Memory state around the buggy address: [ 13.840849] ffff888102385380: 00 06 fc fc 00 06 fc fc fa fb fc fc fa fb fc fc [ 13.841188] ffff888102385400: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc [ 13.841590] >ffff888102385480: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.841925] ^ [ 13.842194] ffff888102385500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.842796] ffff888102385580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.843090] ================================================================== [ 13.909938] ================================================================== [ 13.910358] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.910695] Write of size 8 at addr ffff8881023854e8 by task kunit_try_catch/278 [ 13.911204] [ 13.911323] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.911366] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.911379] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.911494] Call Trace: [ 13.911512] <TASK> [ 13.911527] dump_stack_lvl+0x73/0xb0 [ 13.911554] print_report+0xd1/0x650 [ 13.911576] ? __virt_addr_valid+0x1db/0x2d0 [ 13.911598] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.911625] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.911647] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.911674] kasan_report+0x141/0x180 [ 13.911695] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.911839] kasan_check_range+0x10c/0x1c0 [ 13.911870] __kasan_check_write+0x18/0x20 [ 13.911888] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.911916] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.911943] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.911967] ? kasan_bitops_generic+0x92/0x1c0 [ 13.911994] kasan_bitops_generic+0x121/0x1c0 [ 13.912026] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.912051] ? __pfx_read_tsc+0x10/0x10 [ 13.912071] ? ktime_get_ts64+0x86/0x230 [ 13.912105] kunit_try_run_case+0x1a5/0x480 [ 13.912150] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.912172] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.912194] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.912215] ? __kthread_parkme+0x82/0x180 [ 13.912245] ? preempt_count_sub+0x50/0x80 [ 13.912267] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.912290] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.912391] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.912416] kthread+0x337/0x6f0 [ 13.912435] ? trace_preempt_on+0x20/0xc0 [ 13.912457] ? __pfx_kthread+0x10/0x10 [ 13.912477] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.912497] ? calculate_sigpending+0x7b/0xa0 [ 13.912520] ? __pfx_kthread+0x10/0x10 [ 13.912539] ret_from_fork+0x116/0x1d0 [ 13.912557] ? __pfx_kthread+0x10/0x10 [ 13.912577] ret_from_fork_asm+0x1a/0x30 [ 13.912618] </TASK> [ 13.912628] [ 13.921955] Allocated by task 278: [ 13.922199] kasan_save_stack+0x45/0x70 [ 13.922350] kasan_save_track+0x18/0x40 [ 13.922486] kasan_save_alloc_info+0x3b/0x50 [ 13.922871] __kasan_kmalloc+0xb7/0xc0 [ 13.923067] __kmalloc_cache_noprof+0x189/0x420 [ 13.923672] kasan_bitops_generic+0x92/0x1c0 [ 13.923848] kunit_try_run_case+0x1a5/0x480 [ 13.924006] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.924547] kthread+0x337/0x6f0 [ 13.924713] ret_from_fork+0x116/0x1d0 [ 13.924860] ret_from_fork_asm+0x1a/0x30 [ 13.925002] [ 13.925095] The buggy address belongs to the object at ffff8881023854e0 [ 13.925095] which belongs to the cache kmalloc-16 of size 16 [ 13.925780] The buggy address is located 8 bytes inside of [ 13.925780] allocated 9-byte region [ffff8881023854e0, ffff8881023854e9) [ 13.926484] [ 13.926571] The buggy address belongs to the physical page: [ 13.926805] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102385 [ 13.927232] flags: 0x200000000000000(node=0|zone=2) [ 13.927704] page_type: f5(slab) [ 13.927872] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.928258] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.928658] page dumped because: kasan: bad access detected [ 13.928915] [ 13.929012] Memory state around the buggy address: [ 13.929262] ffff888102385380: 00 06 fc fc 00 06 fc fc fa fb fc fc fa fb fc fc [ 13.929538] ffff888102385400: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc [ 13.929913] >ffff888102385480: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.930275] ^ [ 13.930615] ffff888102385500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.930873] ffff888102385580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.931220] ================================================================== [ 13.843764] ================================================================== [ 13.844101] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.844689] Write of size 8 at addr ffff8881023854e8 by task kunit_try_catch/278 [ 13.844940] [ 13.845098] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.845150] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.845161] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.845181] Call Trace: [ 13.845198] <TASK> [ 13.845213] dump_stack_lvl+0x73/0xb0 [ 13.845239] print_report+0xd1/0x650 [ 13.845262] ? __virt_addr_valid+0x1db/0x2d0 [ 13.845284] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.845390] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.845439] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.845466] kasan_report+0x141/0x180 [ 13.845509] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.845539] kasan_check_range+0x10c/0x1c0 [ 13.845573] __kasan_check_write+0x18/0x20 [ 13.845592] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.845620] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.845647] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.845671] ? kasan_bitops_generic+0x92/0x1c0 [ 13.845698] kasan_bitops_generic+0x121/0x1c0 [ 13.845720] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.845775] ? __pfx_read_tsc+0x10/0x10 [ 13.845795] ? ktime_get_ts64+0x86/0x230 [ 13.845842] kunit_try_run_case+0x1a5/0x480 [ 13.845865] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.845886] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.845908] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.845930] ? __kthread_parkme+0x82/0x180 [ 13.845950] ? preempt_count_sub+0x50/0x80 [ 13.845971] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.845994] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.846016] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.846038] kthread+0x337/0x6f0 [ 13.846056] ? trace_preempt_on+0x20/0xc0 [ 13.846078] ? __pfx_kthread+0x10/0x10 [ 13.846097] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.846118] ? calculate_sigpending+0x7b/0xa0 [ 13.846149] ? __pfx_kthread+0x10/0x10 [ 13.846170] ret_from_fork+0x116/0x1d0 [ 13.846188] ? __pfx_kthread+0x10/0x10 [ 13.846208] ret_from_fork_asm+0x1a/0x30 [ 13.846237] </TASK> [ 13.846248] [ 13.856164] Allocated by task 278: [ 13.856351] kasan_save_stack+0x45/0x70 [ 13.856773] kasan_save_track+0x18/0x40 [ 13.856983] kasan_save_alloc_info+0x3b/0x50 [ 13.857146] __kasan_kmalloc+0xb7/0xc0 [ 13.857336] __kmalloc_cache_noprof+0x189/0x420 [ 13.857620] kasan_bitops_generic+0x92/0x1c0 [ 13.857832] kunit_try_run_case+0x1a5/0x480 [ 13.857988] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.858528] kthread+0x337/0x6f0 [ 13.858721] ret_from_fork+0x116/0x1d0 [ 13.858903] ret_from_fork_asm+0x1a/0x30 [ 13.859074] [ 13.859241] The buggy address belongs to the object at ffff8881023854e0 [ 13.859241] which belongs to the cache kmalloc-16 of size 16 [ 13.859840] The buggy address is located 8 bytes inside of [ 13.859840] allocated 9-byte region [ffff8881023854e0, ffff8881023854e9) [ 13.860457] [ 13.860667] The buggy address belongs to the physical page: [ 13.860963] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102385 [ 13.861356] flags: 0x200000000000000(node=0|zone=2) [ 13.861545] page_type: f5(slab) [ 13.861768] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.862165] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.862519] page dumped because: kasan: bad access detected [ 13.862973] [ 13.863074] Memory state around the buggy address: [ 13.863485] ffff888102385380: 00 06 fc fc 00 06 fc fc fa fb fc fc fa fb fc fc [ 13.863824] ffff888102385400: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc [ 13.864131] >ffff888102385480: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.864435] ^ [ 13.864846] ffff888102385500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.865237] ffff888102385580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.865655] ================================================================== [ 13.866158] ================================================================== [ 13.866692] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.867106] Write of size 8 at addr ffff8881023854e8 by task kunit_try_catch/278 [ 13.867532] [ 13.867648] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.867691] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.867703] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.867724] Call Trace: [ 13.867735] <TASK> [ 13.867748] dump_stack_lvl+0x73/0xb0 [ 13.867775] print_report+0xd1/0x650 [ 13.867797] ? __virt_addr_valid+0x1db/0x2d0 [ 13.867820] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.867848] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.867869] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.867896] kasan_report+0x141/0x180 [ 13.867917] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.867947] kasan_check_range+0x10c/0x1c0 [ 13.867971] __kasan_check_write+0x18/0x20 [ 13.867989] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.868015] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.868042] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.868066] ? kasan_bitops_generic+0x92/0x1c0 [ 13.868093] kasan_bitops_generic+0x121/0x1c0 [ 13.868151] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.868188] ? __pfx_read_tsc+0x10/0x10 [ 13.868208] ? ktime_get_ts64+0x86/0x230 [ 13.868232] kunit_try_run_case+0x1a5/0x480 [ 13.868265] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.868286] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.868314] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.868335] ? __kthread_parkme+0x82/0x180 [ 13.868355] ? preempt_count_sub+0x50/0x80 [ 13.868377] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.868400] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.868422] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.868445] kthread+0x337/0x6f0 [ 13.868463] ? trace_preempt_on+0x20/0xc0 [ 13.868485] ? __pfx_kthread+0x10/0x10 [ 13.868505] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.868525] ? calculate_sigpending+0x7b/0xa0 [ 13.868547] ? __pfx_kthread+0x10/0x10 [ 13.868567] ret_from_fork+0x116/0x1d0 [ 13.868585] ? __pfx_kthread+0x10/0x10 [ 13.868604] ret_from_fork_asm+0x1a/0x30 [ 13.868633] </TASK> [ 13.868643] [ 13.878590] Allocated by task 278: [ 13.878913] kasan_save_stack+0x45/0x70 [ 13.879137] kasan_save_track+0x18/0x40 [ 13.879344] kasan_save_alloc_info+0x3b/0x50 [ 13.879748] __kasan_kmalloc+0xb7/0xc0 [ 13.880037] __kmalloc_cache_noprof+0x189/0x420 [ 13.880283] kasan_bitops_generic+0x92/0x1c0 [ 13.880433] kunit_try_run_case+0x1a5/0x480 [ 13.880608] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.880869] kthread+0x337/0x6f0 [ 13.881224] ret_from_fork+0x116/0x1d0 [ 13.881471] ret_from_fork_asm+0x1a/0x30 [ 13.881632] [ 13.881727] The buggy address belongs to the object at ffff8881023854e0 [ 13.881727] which belongs to the cache kmalloc-16 of size 16 [ 13.882274] The buggy address is located 8 bytes inside of [ 13.882274] allocated 9-byte region [ffff8881023854e0, ffff8881023854e9) [ 13.882711] [ 13.882792] The buggy address belongs to the physical page: [ 13.883112] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102385 [ 13.883631] flags: 0x200000000000000(node=0|zone=2) [ 13.883846] page_type: f5(slab) [ 13.884022] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.884499] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.884835] page dumped because: kasan: bad access detected [ 13.885083] [ 13.885236] Memory state around the buggy address: [ 13.885478] ffff888102385380: 00 06 fc fc 00 06 fc fc fa fb fc fc fa fb fc fc [ 13.885851] ffff888102385400: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc [ 13.886175] >ffff888102385480: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.886583] ^ [ 13.886876] ffff888102385500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.887157] ffff888102385580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.887514] ================================================================== [ 13.981741] ================================================================== [ 13.981974] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.982565] Read of size 8 at addr ffff8881023854e8 by task kunit_try_catch/278 [ 13.983280] [ 13.983459] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.983505] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.983517] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.983537] Call Trace: [ 13.983554] <TASK> [ 13.983570] dump_stack_lvl+0x73/0xb0 [ 13.983597] print_report+0xd1/0x650 [ 13.983620] ? __virt_addr_valid+0x1db/0x2d0 [ 13.983645] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.983671] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.983693] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.983719] kasan_report+0x141/0x180 [ 13.983740] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.983770] __asan_report_load8_noabort+0x18/0x20 [ 13.983794] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.983821] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.983848] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.983873] ? kasan_bitops_generic+0x92/0x1c0 [ 13.983898] kasan_bitops_generic+0x121/0x1c0 [ 13.983921] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.983947] ? __pfx_read_tsc+0x10/0x10 [ 13.983967] ? ktime_get_ts64+0x86/0x230 [ 13.983992] kunit_try_run_case+0x1a5/0x480 [ 13.984015] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.984036] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.984059] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.984081] ? __kthread_parkme+0x82/0x180 [ 13.984101] ? preempt_count_sub+0x50/0x80 [ 13.984147] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.984170] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.984191] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.984214] kthread+0x337/0x6f0 [ 13.984242] ? trace_preempt_on+0x20/0xc0 [ 13.984265] ? __pfx_kthread+0x10/0x10 [ 13.984285] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.984305] ? calculate_sigpending+0x7b/0xa0 [ 13.984327] ? __pfx_kthread+0x10/0x10 [ 13.984349] ret_from_fork+0x116/0x1d0 [ 13.984367] ? __pfx_kthread+0x10/0x10 [ 13.984387] ret_from_fork_asm+0x1a/0x30 [ 13.984417] </TASK> [ 13.984427] [ 13.998749] Allocated by task 278: [ 13.999068] kasan_save_stack+0x45/0x70 [ 13.999435] kasan_save_track+0x18/0x40 [ 13.999898] kasan_save_alloc_info+0x3b/0x50 [ 14.000090] __kasan_kmalloc+0xb7/0xc0 [ 14.000529] __kmalloc_cache_noprof+0x189/0x420 [ 14.000994] kasan_bitops_generic+0x92/0x1c0 [ 14.001391] kunit_try_run_case+0x1a5/0x480 [ 14.001675] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.002151] kthread+0x337/0x6f0 [ 14.002328] ret_from_fork+0x116/0x1d0 [ 14.002461] ret_from_fork_asm+0x1a/0x30 [ 14.002861] [ 14.003067] The buggy address belongs to the object at ffff8881023854e0 [ 14.003067] which belongs to the cache kmalloc-16 of size 16 [ 14.003494] The buggy address is located 8 bytes inside of [ 14.003494] allocated 9-byte region [ffff8881023854e0, ffff8881023854e9) [ 14.004675] [ 14.004864] The buggy address belongs to the physical page: [ 14.005398] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102385 [ 14.005669] flags: 0x200000000000000(node=0|zone=2) [ 14.005842] page_type: f5(slab) [ 14.005963] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.006321] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.007028] page dumped because: kasan: bad access detected [ 14.007612] [ 14.007779] Memory state around the buggy address: [ 14.008328] ffff888102385380: 00 06 fc fc 00 06 fc fc fa fb fc fc fa fb fc fc [ 14.008970] ffff888102385400: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc [ 14.009670] >ffff888102385480: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.010429] ^ [ 14.011056] ffff888102385500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.011781] ffff888102385580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.012578] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 13.657889] ================================================================== [ 13.658199] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.658768] Write of size 8 at addr ffff8881023854e8 by task kunit_try_catch/278 [ 13.659141] [ 13.659280] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.659400] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.659413] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.659433] Call Trace: [ 13.659447] <TASK> [ 13.659462] dump_stack_lvl+0x73/0xb0 [ 13.659490] print_report+0xd1/0x650 [ 13.659512] ? __virt_addr_valid+0x1db/0x2d0 [ 13.659535] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.659560] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.659582] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.659607] kasan_report+0x141/0x180 [ 13.659651] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.659682] kasan_check_range+0x10c/0x1c0 [ 13.659705] __kasan_check_write+0x18/0x20 [ 13.659724] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.659748] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.659774] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.659798] ? kasan_bitops_generic+0x92/0x1c0 [ 13.659825] kasan_bitops_generic+0x116/0x1c0 [ 13.659848] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.659873] ? __pfx_read_tsc+0x10/0x10 [ 13.659894] ? ktime_get_ts64+0x86/0x230 [ 13.659917] kunit_try_run_case+0x1a5/0x480 [ 13.659940] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.659962] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.659984] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.660006] ? __kthread_parkme+0x82/0x180 [ 13.660025] ? preempt_count_sub+0x50/0x80 [ 13.660067] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.660091] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.660112] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.660160] kthread+0x337/0x6f0 [ 13.660179] ? trace_preempt_on+0x20/0xc0 [ 13.660202] ? __pfx_kthread+0x10/0x10 [ 13.660222] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.660244] ? calculate_sigpending+0x7b/0xa0 [ 13.660267] ? __pfx_kthread+0x10/0x10 [ 13.660288] ret_from_fork+0x116/0x1d0 [ 13.660391] ? __pfx_kthread+0x10/0x10 [ 13.660413] ret_from_fork_asm+0x1a/0x30 [ 13.660443] </TASK> [ 13.660453] [ 13.669272] Allocated by task 278: [ 13.669521] kasan_save_stack+0x45/0x70 [ 13.669702] kasan_save_track+0x18/0x40 [ 13.669871] kasan_save_alloc_info+0x3b/0x50 [ 13.670088] __kasan_kmalloc+0xb7/0xc0 [ 13.670557] __kmalloc_cache_noprof+0x189/0x420 [ 13.670792] kasan_bitops_generic+0x92/0x1c0 [ 13.670968] kunit_try_run_case+0x1a5/0x480 [ 13.671142] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.671475] kthread+0x337/0x6f0 [ 13.671680] ret_from_fork+0x116/0x1d0 [ 13.671870] ret_from_fork_asm+0x1a/0x30 [ 13.672060] [ 13.672186] The buggy address belongs to the object at ffff8881023854e0 [ 13.672186] which belongs to the cache kmalloc-16 of size 16 [ 13.672725] The buggy address is located 8 bytes inside of [ 13.672725] allocated 9-byte region [ffff8881023854e0, ffff8881023854e9) [ 13.673229] [ 13.673328] The buggy address belongs to the physical page: [ 13.673558] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102385 [ 13.673875] flags: 0x200000000000000(node=0|zone=2) [ 13.674104] page_type: f5(slab) [ 13.674306] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.674546] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.674780] page dumped because: kasan: bad access detected [ 13.675352] [ 13.675462] Memory state around the buggy address: [ 13.675702] ffff888102385380: 00 06 fc fc 00 06 fc fc fa fb fc fc fa fb fc fc [ 13.676029] ffff888102385400: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc [ 13.676453] >ffff888102385480: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.676673] ^ [ 13.676970] ffff888102385500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.677423] ffff888102385580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.677707] ================================================================== [ 13.678214] ================================================================== [ 13.678692] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.679091] Write of size 8 at addr ffff8881023854e8 by task kunit_try_catch/278 [ 13.679517] [ 13.679617] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.679658] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.679670] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.679711] Call Trace: [ 13.679726] <TASK> [ 13.679740] dump_stack_lvl+0x73/0xb0 [ 13.679767] print_report+0xd1/0x650 [ 13.679788] ? __virt_addr_valid+0x1db/0x2d0 [ 13.679812] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.679837] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.679859] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.679904] kasan_report+0x141/0x180 [ 13.679925] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.679954] kasan_check_range+0x10c/0x1c0 [ 13.679978] __kasan_check_write+0x18/0x20 [ 13.679997] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.680022] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.680067] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.680092] ? kasan_bitops_generic+0x92/0x1c0 [ 13.680119] kasan_bitops_generic+0x116/0x1c0 [ 13.680152] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.680195] ? __pfx_read_tsc+0x10/0x10 [ 13.680216] ? ktime_get_ts64+0x86/0x230 [ 13.680240] kunit_try_run_case+0x1a5/0x480 [ 13.680264] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.680285] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.680419] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.680443] ? __kthread_parkme+0x82/0x180 [ 13.680464] ? preempt_count_sub+0x50/0x80 [ 13.680488] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.680511] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.680535] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.680558] kthread+0x337/0x6f0 [ 13.680577] ? trace_preempt_on+0x20/0xc0 [ 13.680601] ? __pfx_kthread+0x10/0x10 [ 13.680621] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.680641] ? calculate_sigpending+0x7b/0xa0 [ 13.680664] ? __pfx_kthread+0x10/0x10 [ 13.680685] ret_from_fork+0x116/0x1d0 [ 13.680703] ? __pfx_kthread+0x10/0x10 [ 13.680723] ret_from_fork_asm+0x1a/0x30 [ 13.680753] </TASK> [ 13.680764] [ 13.689622] Allocated by task 278: [ 13.689803] kasan_save_stack+0x45/0x70 [ 13.690005] kasan_save_track+0x18/0x40 [ 13.690226] kasan_save_alloc_info+0x3b/0x50 [ 13.690609] __kasan_kmalloc+0xb7/0xc0 [ 13.690808] __kmalloc_cache_noprof+0x189/0x420 [ 13.691030] kasan_bitops_generic+0x92/0x1c0 [ 13.691228] kunit_try_run_case+0x1a5/0x480 [ 13.691510] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.691745] kthread+0x337/0x6f0 [ 13.691913] ret_from_fork+0x116/0x1d0 [ 13.692093] ret_from_fork_asm+0x1a/0x30 [ 13.692301] [ 13.692377] The buggy address belongs to the object at ffff8881023854e0 [ 13.692377] which belongs to the cache kmalloc-16 of size 16 [ 13.692915] The buggy address is located 8 bytes inside of [ 13.692915] allocated 9-byte region [ffff8881023854e0, ffff8881023854e9) [ 13.693521] [ 13.693620] The buggy address belongs to the physical page: [ 13.693863] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102385 [ 13.694230] flags: 0x200000000000000(node=0|zone=2) [ 13.694628] page_type: f5(slab) [ 13.694791] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.695133] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.695521] page dumped because: kasan: bad access detected [ 13.695743] [ 13.695836] Memory state around the buggy address: [ 13.696060] ffff888102385380: 00 06 fc fc 00 06 fc fc fa fb fc fc fa fb fc fc [ 13.696503] ffff888102385400: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc [ 13.696827] >ffff888102385480: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.697095] ^ [ 13.697416] ffff888102385500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.697770] ffff888102385580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.698087] ================================================================== [ 13.773196] ================================================================== [ 13.773799] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.774301] Write of size 8 at addr ffff8881023854e8 by task kunit_try_catch/278 [ 13.774804] [ 13.774947] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.775002] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.775014] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.775036] Call Trace: [ 13.775074] <TASK> [ 13.775089] dump_stack_lvl+0x73/0xb0 [ 13.775116] print_report+0xd1/0x650 [ 13.775156] ? __virt_addr_valid+0x1db/0x2d0 [ 13.775180] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.775206] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.775247] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.775280] kasan_report+0x141/0x180 [ 13.775302] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.775342] kasan_check_range+0x10c/0x1c0 [ 13.775365] __kasan_check_write+0x18/0x20 [ 13.775384] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.775409] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.775434] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.775458] ? kasan_bitops_generic+0x92/0x1c0 [ 13.775485] kasan_bitops_generic+0x116/0x1c0 [ 13.775508] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.775531] ? __pfx_read_tsc+0x10/0x10 [ 13.775552] ? ktime_get_ts64+0x86/0x230 [ 13.775575] kunit_try_run_case+0x1a5/0x480 [ 13.775597] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.775618] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.775641] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.775663] ? __kthread_parkme+0x82/0x180 [ 13.775682] ? preempt_count_sub+0x50/0x80 [ 13.775705] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.775728] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.775749] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.775771] kthread+0x337/0x6f0 [ 13.775789] ? trace_preempt_on+0x20/0xc0 [ 13.775812] ? __pfx_kthread+0x10/0x10 [ 13.775831] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.775851] ? calculate_sigpending+0x7b/0xa0 [ 13.775873] ? __pfx_kthread+0x10/0x10 [ 13.775893] ret_from_fork+0x116/0x1d0 [ 13.775911] ? __pfx_kthread+0x10/0x10 [ 13.775931] ret_from_fork_asm+0x1a/0x30 [ 13.775959] </TASK> [ 13.775970] [ 13.786110] Allocated by task 278: [ 13.786367] kasan_save_stack+0x45/0x70 [ 13.786749] kasan_save_track+0x18/0x40 [ 13.786949] kasan_save_alloc_info+0x3b/0x50 [ 13.787189] __kasan_kmalloc+0xb7/0xc0 [ 13.787343] __kmalloc_cache_noprof+0x189/0x420 [ 13.787493] kasan_bitops_generic+0x92/0x1c0 [ 13.787637] kunit_try_run_case+0x1a5/0x480 [ 13.788088] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.788484] kthread+0x337/0x6f0 [ 13.788708] ret_from_fork+0x116/0x1d0 [ 13.788905] ret_from_fork_asm+0x1a/0x30 [ 13.789096] [ 13.789249] The buggy address belongs to the object at ffff8881023854e0 [ 13.789249] which belongs to the cache kmalloc-16 of size 16 [ 13.789744] The buggy address is located 8 bytes inside of [ 13.789744] allocated 9-byte region [ffff8881023854e0, ffff8881023854e9) [ 13.790210] [ 13.790310] The buggy address belongs to the physical page: [ 13.790577] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102385 [ 13.791543] flags: 0x200000000000000(node=0|zone=2) [ 13.791836] page_type: f5(slab) [ 13.791957] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.792599] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.793000] page dumped because: kasan: bad access detected [ 13.793415] [ 13.793552] Memory state around the buggy address: [ 13.793815] ffff888102385380: 00 06 fc fc 00 06 fc fc fa fb fc fc fa fb fc fc [ 13.794116] ffff888102385400: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc [ 13.794533] >ffff888102385480: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.794865] ^ [ 13.795288] ffff888102385500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.795753] ffff888102385580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.796099] ================================================================== [ 13.751580] ================================================================== [ 13.751828] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.752257] Write of size 8 at addr ffff8881023854e8 by task kunit_try_catch/278 [ 13.752745] [ 13.752840] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.752884] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.752895] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.752916] Call Trace: [ 13.752933] <TASK> [ 13.752950] dump_stack_lvl+0x73/0xb0 [ 13.752979] print_report+0xd1/0x650 [ 13.753002] ? __virt_addr_valid+0x1db/0x2d0 [ 13.753037] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.753061] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.753094] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.753119] kasan_report+0x141/0x180 [ 13.753149] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.753178] kasan_check_range+0x10c/0x1c0 [ 13.753209] __kasan_check_write+0x18/0x20 [ 13.753251] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.753276] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.753530] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.753565] ? kasan_bitops_generic+0x92/0x1c0 [ 13.753593] kasan_bitops_generic+0x116/0x1c0 [ 13.753618] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.753643] ? __pfx_read_tsc+0x10/0x10 [ 13.753665] ? ktime_get_ts64+0x86/0x230 [ 13.753688] kunit_try_run_case+0x1a5/0x480 [ 13.753711] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.753732] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.753755] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.753777] ? __kthread_parkme+0x82/0x180 [ 13.753796] ? preempt_count_sub+0x50/0x80 [ 13.753820] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.753842] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.753864] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.753886] kthread+0x337/0x6f0 [ 13.753904] ? trace_preempt_on+0x20/0xc0 [ 13.753926] ? __pfx_kthread+0x10/0x10 [ 13.753946] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.753966] ? calculate_sigpending+0x7b/0xa0 [ 13.753988] ? __pfx_kthread+0x10/0x10 [ 13.754009] ret_from_fork+0x116/0x1d0 [ 13.754027] ? __pfx_kthread+0x10/0x10 [ 13.754046] ret_from_fork_asm+0x1a/0x30 [ 13.754076] </TASK> [ 13.754087] [ 13.763652] Allocated by task 278: [ 13.763826] kasan_save_stack+0x45/0x70 [ 13.764008] kasan_save_track+0x18/0x40 [ 13.764279] kasan_save_alloc_info+0x3b/0x50 [ 13.764510] __kasan_kmalloc+0xb7/0xc0 [ 13.764715] __kmalloc_cache_noprof+0x189/0x420 [ 13.764922] kasan_bitops_generic+0x92/0x1c0 [ 13.765117] kunit_try_run_case+0x1a5/0x480 [ 13.765473] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.765811] kthread+0x337/0x6f0 [ 13.765993] ret_from_fork+0x116/0x1d0 [ 13.766254] ret_from_fork_asm+0x1a/0x30 [ 13.766525] [ 13.766624] The buggy address belongs to the object at ffff8881023854e0 [ 13.766624] which belongs to the cache kmalloc-16 of size 16 [ 13.767042] The buggy address is located 8 bytes inside of [ 13.767042] allocated 9-byte region [ffff8881023854e0, ffff8881023854e9) [ 13.767575] [ 13.767677] The buggy address belongs to the physical page: [ 13.767926] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102385 [ 13.768284] flags: 0x200000000000000(node=0|zone=2) [ 13.768589] page_type: f5(slab) [ 13.768716] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.769031] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.769719] page dumped because: kasan: bad access detected [ 13.770015] [ 13.770088] Memory state around the buggy address: [ 13.770557] ffff888102385380: 00 06 fc fc 00 06 fc fc fa fb fc fc fa fb fc fc [ 13.770884] ffff888102385400: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc [ 13.771177] >ffff888102385480: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.771557] ^ [ 13.771761] ffff888102385500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.772191] ffff888102385580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.772681] ================================================================== [ 13.726050] ================================================================== [ 13.726436] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.726991] Write of size 8 at addr ffff8881023854e8 by task kunit_try_catch/278 [ 13.727329] [ 13.727564] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.727610] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.727635] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.727656] Call Trace: [ 13.727673] <TASK> [ 13.727690] dump_stack_lvl+0x73/0xb0 [ 13.727718] print_report+0xd1/0x650 [ 13.727740] ? __virt_addr_valid+0x1db/0x2d0 [ 13.727764] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.727789] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.727811] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.727846] kasan_report+0x141/0x180 [ 13.727866] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.727907] kasan_check_range+0x10c/0x1c0 [ 13.727930] __kasan_check_write+0x18/0x20 [ 13.727957] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.727982] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.728008] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.728043] ? kasan_bitops_generic+0x92/0x1c0 [ 13.728070] kasan_bitops_generic+0x116/0x1c0 [ 13.728092] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.728117] ? __pfx_read_tsc+0x10/0x10 [ 13.728147] ? ktime_get_ts64+0x86/0x230 [ 13.728171] kunit_try_run_case+0x1a5/0x480 [ 13.728194] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.728216] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.728239] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.728269] ? __kthread_parkme+0x82/0x180 [ 13.728290] ? preempt_count_sub+0x50/0x80 [ 13.728314] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.728356] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.728378] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.728400] kthread+0x337/0x6f0 [ 13.728418] ? trace_preempt_on+0x20/0xc0 [ 13.728440] ? __pfx_kthread+0x10/0x10 [ 13.728461] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.728480] ? calculate_sigpending+0x7b/0xa0 [ 13.728550] ? __pfx_kthread+0x10/0x10 [ 13.728584] ret_from_fork+0x116/0x1d0 [ 13.728602] ? __pfx_kthread+0x10/0x10 [ 13.728622] ret_from_fork_asm+0x1a/0x30 [ 13.728651] </TASK> [ 13.728662] [ 13.740407] Allocated by task 278: [ 13.740577] kasan_save_stack+0x45/0x70 [ 13.740779] kasan_save_track+0x18/0x40 [ 13.740972] kasan_save_alloc_info+0x3b/0x50 [ 13.741677] __kasan_kmalloc+0xb7/0xc0 [ 13.742021] __kmalloc_cache_noprof+0x189/0x420 [ 13.742418] kasan_bitops_generic+0x92/0x1c0 [ 13.742807] kunit_try_run_case+0x1a5/0x480 [ 13.743135] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.743496] kthread+0x337/0x6f0 [ 13.743671] ret_from_fork+0x116/0x1d0 [ 13.744084] ret_from_fork_asm+0x1a/0x30 [ 13.744328] [ 13.744426] The buggy address belongs to the object at ffff8881023854e0 [ 13.744426] which belongs to the cache kmalloc-16 of size 16 [ 13.744930] The buggy address is located 8 bytes inside of [ 13.744930] allocated 9-byte region [ffff8881023854e0, ffff8881023854e9) [ 13.746007] [ 13.746141] The buggy address belongs to the physical page: [ 13.746518] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102385 [ 13.746907] flags: 0x200000000000000(node=0|zone=2) [ 13.747174] page_type: f5(slab) [ 13.747326] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.747698] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.748007] page dumped because: kasan: bad access detected [ 13.748377] [ 13.748503] Memory state around the buggy address: [ 13.748731] ffff888102385380: 00 06 fc fc 00 06 fc fc fa fb fc fc fa fb fc fc [ 13.748994] ffff888102385400: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc [ 13.749344] >ffff888102385480: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.749848] ^ [ 13.750148] ffff888102385500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.750623] ffff888102385580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.750933] ================================================================== [ 13.615488] ================================================================== [ 13.615952] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.616551] Write of size 8 at addr ffff8881023854e8 by task kunit_try_catch/278 [ 13.616875] [ 13.616968] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.617036] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.617048] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.617070] Call Trace: [ 13.617082] <TASK> [ 13.617096] dump_stack_lvl+0x73/0xb0 [ 13.617138] print_report+0xd1/0x650 [ 13.617161] ? __virt_addr_valid+0x1db/0x2d0 [ 13.617186] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.617210] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.617232] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.617258] kasan_report+0x141/0x180 [ 13.617279] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.617520] kasan_check_range+0x10c/0x1c0 [ 13.617554] __kasan_check_write+0x18/0x20 [ 13.617574] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.617599] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.617625] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.617651] ? kasan_bitops_generic+0x92/0x1c0 [ 13.617679] kasan_bitops_generic+0x116/0x1c0 [ 13.617701] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.617726] ? __pfx_read_tsc+0x10/0x10 [ 13.617748] ? ktime_get_ts64+0x86/0x230 [ 13.617773] kunit_try_run_case+0x1a5/0x480 [ 13.617798] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.617820] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.617844] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.617866] ? __kthread_parkme+0x82/0x180 [ 13.617887] ? preempt_count_sub+0x50/0x80 [ 13.617910] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.617934] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.617956] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.617978] kthread+0x337/0x6f0 [ 13.617997] ? trace_preempt_on+0x20/0xc0 [ 13.618021] ? __pfx_kthread+0x10/0x10 [ 13.618041] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.618062] ? calculate_sigpending+0x7b/0xa0 [ 13.618085] ? __pfx_kthread+0x10/0x10 [ 13.618106] ret_from_fork+0x116/0x1d0 [ 13.618135] ? __pfx_kthread+0x10/0x10 [ 13.618155] ret_from_fork_asm+0x1a/0x30 [ 13.618186] </TASK> [ 13.618197] [ 13.627587] Allocated by task 278: [ 13.627845] kasan_save_stack+0x45/0x70 [ 13.628114] kasan_save_track+0x18/0x40 [ 13.628375] kasan_save_alloc_info+0x3b/0x50 [ 13.628561] __kasan_kmalloc+0xb7/0xc0 [ 13.628746] __kmalloc_cache_noprof+0x189/0x420 [ 13.628903] kasan_bitops_generic+0x92/0x1c0 [ 13.629215] kunit_try_run_case+0x1a5/0x480 [ 13.629449] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.629710] kthread+0x337/0x6f0 [ 13.630071] ret_from_fork+0x116/0x1d0 [ 13.630305] ret_from_fork_asm+0x1a/0x30 [ 13.630603] [ 13.630680] The buggy address belongs to the object at ffff8881023854e0 [ 13.630680] which belongs to the cache kmalloc-16 of size 16 [ 13.631230] The buggy address is located 8 bytes inside of [ 13.631230] allocated 9-byte region [ffff8881023854e0, ffff8881023854e9) [ 13.631890] [ 13.632011] The buggy address belongs to the physical page: [ 13.632239] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102385 [ 13.632669] flags: 0x200000000000000(node=0|zone=2) [ 13.632831] page_type: f5(slab) [ 13.633055] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.633802] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.634100] page dumped because: kasan: bad access detected [ 13.634329] [ 13.634425] Memory state around the buggy address: [ 13.634748] ffff888102385380: 00 06 fc fc 00 06 fc fc fa fb fc fc fa fb fc fc [ 13.635101] ffff888102385400: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc [ 13.635487] >ffff888102385480: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.635750] ^ [ 13.636070] ffff888102385500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.636506] ffff888102385580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.636758] ================================================================== [ 13.637301] ================================================================== [ 13.637782] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.638136] Write of size 8 at addr ffff8881023854e8 by task kunit_try_catch/278 [ 13.638366] [ 13.638682] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.638727] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.638739] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.638759] Call Trace: [ 13.638774] <TASK> [ 13.638789] dump_stack_lvl+0x73/0xb0 [ 13.638816] print_report+0xd1/0x650 [ 13.638839] ? __virt_addr_valid+0x1db/0x2d0 [ 13.638862] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.638886] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.638908] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.638932] kasan_report+0x141/0x180 [ 13.638954] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.638984] kasan_check_range+0x10c/0x1c0 [ 13.639007] __kasan_check_write+0x18/0x20 [ 13.639052] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.639077] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.639104] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.639138] ? kasan_bitops_generic+0x92/0x1c0 [ 13.639166] kasan_bitops_generic+0x116/0x1c0 [ 13.639189] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.639213] ? __pfx_read_tsc+0x10/0x10 [ 13.639234] ? ktime_get_ts64+0x86/0x230 [ 13.639258] kunit_try_run_case+0x1a5/0x480 [ 13.639281] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.639303] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.639418] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.639441] ? __kthread_parkme+0x82/0x180 [ 13.639462] ? preempt_count_sub+0x50/0x80 [ 13.639485] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.639528] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.639552] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.639575] kthread+0x337/0x6f0 [ 13.639594] ? trace_preempt_on+0x20/0xc0 [ 13.639617] ? __pfx_kthread+0x10/0x10 [ 13.639638] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.639659] ? calculate_sigpending+0x7b/0xa0 [ 13.639682] ? __pfx_kthread+0x10/0x10 [ 13.639703] ret_from_fork+0x116/0x1d0 [ 13.639721] ? __pfx_kthread+0x10/0x10 [ 13.639741] ret_from_fork_asm+0x1a/0x30 [ 13.639771] </TASK> [ 13.639783] [ 13.648698] Allocated by task 278: [ 13.648868] kasan_save_stack+0x45/0x70 [ 13.649089] kasan_save_track+0x18/0x40 [ 13.649377] kasan_save_alloc_info+0x3b/0x50 [ 13.649542] __kasan_kmalloc+0xb7/0xc0 [ 13.649754] __kmalloc_cache_noprof+0x189/0x420 [ 13.649949] kasan_bitops_generic+0x92/0x1c0 [ 13.650101] kunit_try_run_case+0x1a5/0x480 [ 13.650256] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.650504] kthread+0x337/0x6f0 [ 13.650681] ret_from_fork+0x116/0x1d0 [ 13.651180] ret_from_fork_asm+0x1a/0x30 [ 13.651330] [ 13.651402] The buggy address belongs to the object at ffff8881023854e0 [ 13.651402] which belongs to the cache kmalloc-16 of size 16 [ 13.652011] The buggy address is located 8 bytes inside of [ 13.652011] allocated 9-byte region [ffff8881023854e0, ffff8881023854e9) [ 13.652831] [ 13.652950] The buggy address belongs to the physical page: [ 13.653251] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102385 [ 13.653566] flags: 0x200000000000000(node=0|zone=2) [ 13.653733] page_type: f5(slab) [ 13.653923] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.654452] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.654838] page dumped because: kasan: bad access detected [ 13.655031] [ 13.655102] Memory state around the buggy address: [ 13.655445] ffff888102385380: 00 06 fc fc 00 06 fc fc fa fb fc fc fa fb fc fc [ 13.655795] ffff888102385400: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc [ 13.656147] >ffff888102385480: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.656389] ^ [ 13.656672] ffff888102385500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.656959] ffff888102385580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.657432] ================================================================== [ 13.698738] ================================================================== [ 13.699026] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.699496] Write of size 8 at addr ffff8881023854e8 by task kunit_try_catch/278 [ 13.699840] [ 13.699930] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.699970] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.699982] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.700003] Call Trace: [ 13.700015] <TASK> [ 13.700029] dump_stack_lvl+0x73/0xb0 [ 13.700078] print_report+0xd1/0x650 [ 13.700099] ? __virt_addr_valid+0x1db/0x2d0 [ 13.700148] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.700174] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.700196] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.700221] kasan_report+0x141/0x180 [ 13.700242] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.700271] kasan_check_range+0x10c/0x1c0 [ 13.700418] __kasan_check_write+0x18/0x20 [ 13.700447] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.700473] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.700499] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.700524] ? kasan_bitops_generic+0x92/0x1c0 [ 13.700551] kasan_bitops_generic+0x116/0x1c0 [ 13.700574] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.700599] ? __pfx_read_tsc+0x10/0x10 [ 13.700619] ? ktime_get_ts64+0x86/0x230 [ 13.700644] kunit_try_run_case+0x1a5/0x480 [ 13.700666] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.700713] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.700736] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.700759] ? __kthread_parkme+0x82/0x180 [ 13.700779] ? preempt_count_sub+0x50/0x80 [ 13.700801] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.700824] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.700847] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.700889] kthread+0x337/0x6f0 [ 13.700908] ? trace_preempt_on+0x20/0xc0 [ 13.700931] ? __pfx_kthread+0x10/0x10 [ 13.700952] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.700972] ? calculate_sigpending+0x7b/0xa0 [ 13.700995] ? __pfx_kthread+0x10/0x10 [ 13.701017] ret_from_fork+0x116/0x1d0 [ 13.701035] ? __pfx_kthread+0x10/0x10 [ 13.701055] ret_from_fork_asm+0x1a/0x30 [ 13.701083] </TASK> [ 13.701094] [ 13.712935] Allocated by task 278: [ 13.713099] kasan_save_stack+0x45/0x70 [ 13.714637] kasan_save_track+0x18/0x40 [ 13.714799] kasan_save_alloc_info+0x3b/0x50 [ 13.715480] __kasan_kmalloc+0xb7/0xc0 [ 13.715668] __kmalloc_cache_noprof+0x189/0x420 [ 13.715830] kasan_bitops_generic+0x92/0x1c0 [ 13.716289] kunit_try_run_case+0x1a5/0x480 [ 13.716569] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.716774] kthread+0x337/0x6f0 [ 13.716950] ret_from_fork+0x116/0x1d0 [ 13.717490] ret_from_fork_asm+0x1a/0x30 [ 13.717651] [ 13.717954] The buggy address belongs to the object at ffff8881023854e0 [ 13.717954] which belongs to the cache kmalloc-16 of size 16 [ 13.718858] The buggy address is located 8 bytes inside of [ 13.718858] allocated 9-byte region [ffff8881023854e0, ffff8881023854e9) [ 13.719705] [ 13.719805] The buggy address belongs to the physical page: [ 13.720443] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102385 [ 13.720914] flags: 0x200000000000000(node=0|zone=2) [ 13.721310] page_type: f5(slab) [ 13.721665] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.722013] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.722389] page dumped because: kasan: bad access detected [ 13.722892] [ 13.723040] Memory state around the buggy address: [ 13.723296] ffff888102385380: 00 06 fc fc 00 06 fc fc fa fb fc fc fa fb fc fc [ 13.723723] ffff888102385400: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc [ 13.724052] >ffff888102385480: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.724540] ^ [ 13.724824] ffff888102385500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.725119] ffff888102385580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.725588] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 13.589109] ================================================================== [ 13.589924] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 13.590133] Read of size 1 at addr ffff8881039c45d0 by task kunit_try_catch/276 [ 13.590450] [ 13.590666] CPU: 1 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.590711] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.590723] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.590742] Call Trace: [ 13.590758] <TASK> [ 13.590772] dump_stack_lvl+0x73/0xb0 [ 13.590822] print_report+0xd1/0x650 [ 13.590844] ? __virt_addr_valid+0x1db/0x2d0 [ 13.590865] ? strnlen+0x73/0x80 [ 13.590882] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.590905] ? strnlen+0x73/0x80 [ 13.590922] kasan_report+0x141/0x180 [ 13.590943] ? strnlen+0x73/0x80 [ 13.590965] __asan_report_load1_noabort+0x18/0x20 [ 13.590988] strnlen+0x73/0x80 [ 13.591006] kasan_strings+0x615/0xe80 [ 13.591025] ? trace_hardirqs_on+0x37/0xe0 [ 13.591047] ? __pfx_kasan_strings+0x10/0x10 [ 13.591068] ? __kasan_check_write+0x18/0x20 [ 13.591086] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.591108] ? irqentry_exit+0x2a/0x60 [ 13.591139] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.591162] ? trace_hardirqs_on+0x37/0xe0 [ 13.591183] ? __pfx_read_tsc+0x10/0x10 [ 13.591204] ? ktime_get_ts64+0x86/0x230 [ 13.591227] kunit_try_run_case+0x1a5/0x480 [ 13.591251] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.591274] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.591296] ? __kthread_parkme+0x82/0x180 [ 13.591335] ? preempt_count_sub+0x50/0x80 [ 13.591374] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.591398] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.591420] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.591443] kthread+0x337/0x6f0 [ 13.591462] ? trace_preempt_on+0x20/0xc0 [ 13.591482] ? __pfx_kthread+0x10/0x10 [ 13.591503] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.591523] ? calculate_sigpending+0x7b/0xa0 [ 13.591545] ? __pfx_kthread+0x10/0x10 [ 13.591566] ret_from_fork+0x116/0x1d0 [ 13.591583] ? __pfx_kthread+0x10/0x10 [ 13.591604] ret_from_fork_asm+0x1a/0x30 [ 13.591633] </TASK> [ 13.591643] [ 13.600136] Allocated by task 276: [ 13.600267] kasan_save_stack+0x45/0x70 [ 13.600486] kasan_save_track+0x18/0x40 [ 13.600678] kasan_save_alloc_info+0x3b/0x50 [ 13.600890] __kasan_kmalloc+0xb7/0xc0 [ 13.601279] __kmalloc_cache_noprof+0x189/0x420 [ 13.601447] kasan_strings+0xc0/0xe80 [ 13.601582] kunit_try_run_case+0x1a5/0x480 [ 13.601787] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.602039] kthread+0x337/0x6f0 [ 13.602505] ret_from_fork+0x116/0x1d0 [ 13.602706] ret_from_fork_asm+0x1a/0x30 [ 13.602879] [ 13.602951] Freed by task 276: [ 13.603109] kasan_save_stack+0x45/0x70 [ 13.603410] kasan_save_track+0x18/0x40 [ 13.603600] kasan_save_free_info+0x3f/0x60 [ 13.603816] __kasan_slab_free+0x56/0x70 [ 13.603988] kfree+0x222/0x3f0 [ 13.604177] kasan_strings+0x2aa/0xe80 [ 13.604463] kunit_try_run_case+0x1a5/0x480 [ 13.604623] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.604798] kthread+0x337/0x6f0 [ 13.604918] ret_from_fork+0x116/0x1d0 [ 13.605049] ret_from_fork_asm+0x1a/0x30 [ 13.605417] [ 13.605516] The buggy address belongs to the object at ffff8881039c45c0 [ 13.605516] which belongs to the cache kmalloc-32 of size 32 [ 13.606037] The buggy address is located 16 bytes inside of [ 13.606037] freed 32-byte region [ffff8881039c45c0, ffff8881039c45e0) [ 13.606971] [ 13.607075] The buggy address belongs to the physical page: [ 13.607418] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c4 [ 13.607755] flags: 0x200000000000000(node=0|zone=2) [ 13.607986] page_type: f5(slab) [ 13.608215] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.608449] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.608867] page dumped because: kasan: bad access detected [ 13.609160] [ 13.609274] Memory state around the buggy address: [ 13.609525] ffff8881039c4480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.609786] ffff8881039c4500: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.610151] >ffff8881039c4580: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 13.610487] ^ [ 13.610850] ffff8881039c4600: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.611136] ffff8881039c4680: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 13.611646] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 13.565806] ================================================================== [ 13.566588] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 13.566986] Read of size 1 at addr ffff8881039c45d0 by task kunit_try_catch/276 [ 13.567633] [ 13.567747] CPU: 1 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.567791] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.567803] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.567823] Call Trace: [ 13.567836] <TASK> [ 13.567850] dump_stack_lvl+0x73/0xb0 [ 13.567876] print_report+0xd1/0x650 [ 13.567899] ? __virt_addr_valid+0x1db/0x2d0 [ 13.567921] ? strlen+0x8f/0xb0 [ 13.567938] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.567960] ? strlen+0x8f/0xb0 [ 13.567976] kasan_report+0x141/0x180 [ 13.567998] ? strlen+0x8f/0xb0 [ 13.568019] __asan_report_load1_noabort+0x18/0x20 [ 13.568042] strlen+0x8f/0xb0 [ 13.568059] kasan_strings+0x57b/0xe80 [ 13.568079] ? trace_hardirqs_on+0x37/0xe0 [ 13.568101] ? __pfx_kasan_strings+0x10/0x10 [ 13.568134] ? __kasan_check_write+0x18/0x20 [ 13.568153] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.568175] ? irqentry_exit+0x2a/0x60 [ 13.568195] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.568217] ? trace_hardirqs_on+0x37/0xe0 [ 13.568238] ? __pfx_read_tsc+0x10/0x10 [ 13.568259] ? ktime_get_ts64+0x86/0x230 [ 13.568281] kunit_try_run_case+0x1a5/0x480 [ 13.568304] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.568364] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.568387] ? __kthread_parkme+0x82/0x180 [ 13.568406] ? preempt_count_sub+0x50/0x80 [ 13.568428] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.568452] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.568474] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.568497] kthread+0x337/0x6f0 [ 13.568515] ? trace_preempt_on+0x20/0xc0 [ 13.568536] ? __pfx_kthread+0x10/0x10 [ 13.568556] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.568576] ? calculate_sigpending+0x7b/0xa0 [ 13.568599] ? __pfx_kthread+0x10/0x10 [ 13.568620] ret_from_fork+0x116/0x1d0 [ 13.568637] ? __pfx_kthread+0x10/0x10 [ 13.568657] ret_from_fork_asm+0x1a/0x30 [ 13.568686] </TASK> [ 13.568696] [ 13.577251] Allocated by task 276: [ 13.577582] kasan_save_stack+0x45/0x70 [ 13.577854] kasan_save_track+0x18/0x40 [ 13.578069] kasan_save_alloc_info+0x3b/0x50 [ 13.578297] __kasan_kmalloc+0xb7/0xc0 [ 13.578536] __kmalloc_cache_noprof+0x189/0x420 [ 13.578718] kasan_strings+0xc0/0xe80 [ 13.578850] kunit_try_run_case+0x1a5/0x480 [ 13.579079] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.579496] kthread+0x337/0x6f0 [ 13.579619] ret_from_fork+0x116/0x1d0 [ 13.579797] ret_from_fork_asm+0x1a/0x30 [ 13.580002] [ 13.580134] Freed by task 276: [ 13.580293] kasan_save_stack+0x45/0x70 [ 13.580530] kasan_save_track+0x18/0x40 [ 13.580667] kasan_save_free_info+0x3f/0x60 [ 13.580813] __kasan_slab_free+0x56/0x70 [ 13.581049] kfree+0x222/0x3f0 [ 13.581493] kasan_strings+0x2aa/0xe80 [ 13.581709] kunit_try_run_case+0x1a5/0x480 [ 13.581919] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.582216] kthread+0x337/0x6f0 [ 13.582447] ret_from_fork+0x116/0x1d0 [ 13.582616] ret_from_fork_asm+0x1a/0x30 [ 13.582789] [ 13.582887] The buggy address belongs to the object at ffff8881039c45c0 [ 13.582887] which belongs to the cache kmalloc-32 of size 32 [ 13.583477] The buggy address is located 16 bytes inside of [ 13.583477] freed 32-byte region [ffff8881039c45c0, ffff8881039c45e0) [ 13.583835] [ 13.583931] The buggy address belongs to the physical page: [ 13.584219] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c4 [ 13.584779] flags: 0x200000000000000(node=0|zone=2) [ 13.585162] page_type: f5(slab) [ 13.585311] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.585940] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.586335] page dumped because: kasan: bad access detected [ 13.586579] [ 13.586729] Memory state around the buggy address: [ 13.586963] ffff8881039c4480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.587279] ffff8881039c4500: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.587623] >ffff8881039c4580: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 13.587886] ^ [ 13.588170] ffff8881039c4600: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.588445] ffff8881039c4680: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 13.588659] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 13.541985] ================================================================== [ 13.542757] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 13.543186] Read of size 1 at addr ffff8881039c45d0 by task kunit_try_catch/276 [ 13.543619] [ 13.543738] CPU: 1 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.543783] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.543797] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.543817] Call Trace: [ 13.543831] <TASK> [ 13.543846] dump_stack_lvl+0x73/0xb0 [ 13.543874] print_report+0xd1/0x650 [ 13.543896] ? __virt_addr_valid+0x1db/0x2d0 [ 13.543918] ? kasan_strings+0xcbc/0xe80 [ 13.543937] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.543959] ? kasan_strings+0xcbc/0xe80 [ 13.543979] kasan_report+0x141/0x180 [ 13.544000] ? kasan_strings+0xcbc/0xe80 [ 13.544025] __asan_report_load1_noabort+0x18/0x20 [ 13.544048] kasan_strings+0xcbc/0xe80 [ 13.544068] ? trace_hardirqs_on+0x37/0xe0 [ 13.544090] ? __pfx_kasan_strings+0x10/0x10 [ 13.544112] ? __kasan_check_write+0x18/0x20 [ 13.544143] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.544190] ? irqentry_exit+0x2a/0x60 [ 13.544212] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.544235] ? trace_hardirqs_on+0x37/0xe0 [ 13.544255] ? __pfx_read_tsc+0x10/0x10 [ 13.544275] ? ktime_get_ts64+0x86/0x230 [ 13.544298] kunit_try_run_case+0x1a5/0x480 [ 13.544321] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.544344] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.544365] ? __kthread_parkme+0x82/0x180 [ 13.544385] ? preempt_count_sub+0x50/0x80 [ 13.544408] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.544431] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.544587] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.544612] kthread+0x337/0x6f0 [ 13.544632] ? trace_preempt_on+0x20/0xc0 [ 13.544653] ? __pfx_kthread+0x10/0x10 [ 13.544673] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.544694] ? calculate_sigpending+0x7b/0xa0 [ 13.544718] ? __pfx_kthread+0x10/0x10 [ 13.544739] ret_from_fork+0x116/0x1d0 [ 13.544757] ? __pfx_kthread+0x10/0x10 [ 13.544777] ret_from_fork_asm+0x1a/0x30 [ 13.544806] </TASK> [ 13.544817] [ 13.552970] Allocated by task 276: [ 13.553296] kasan_save_stack+0x45/0x70 [ 13.553513] kasan_save_track+0x18/0x40 [ 13.553785] kasan_save_alloc_info+0x3b/0x50 [ 13.553954] __kasan_kmalloc+0xb7/0xc0 [ 13.554167] __kmalloc_cache_noprof+0x189/0x420 [ 13.554527] kasan_strings+0xc0/0xe80 [ 13.554706] kunit_try_run_case+0x1a5/0x480 [ 13.554895] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.555165] kthread+0x337/0x6f0 [ 13.555365] ret_from_fork+0x116/0x1d0 [ 13.555538] ret_from_fork_asm+0x1a/0x30 [ 13.555773] [ 13.555863] Freed by task 276: [ 13.555976] kasan_save_stack+0x45/0x70 [ 13.556112] kasan_save_track+0x18/0x40 [ 13.556504] kasan_save_free_info+0x3f/0x60 [ 13.556730] __kasan_slab_free+0x56/0x70 [ 13.556931] kfree+0x222/0x3f0 [ 13.557113] kasan_strings+0x2aa/0xe80 [ 13.557379] kunit_try_run_case+0x1a5/0x480 [ 13.557539] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.557800] kthread+0x337/0x6f0 [ 13.557987] ret_from_fork+0x116/0x1d0 [ 13.558199] ret_from_fork_asm+0x1a/0x30 [ 13.558455] [ 13.558547] The buggy address belongs to the object at ffff8881039c45c0 [ 13.558547] which belongs to the cache kmalloc-32 of size 32 [ 13.558903] The buggy address is located 16 bytes inside of [ 13.558903] freed 32-byte region [ffff8881039c45c0, ffff8881039c45e0) [ 13.559392] [ 13.559485] The buggy address belongs to the physical page: [ 13.559788] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c4 [ 13.560032] flags: 0x200000000000000(node=0|zone=2) [ 13.560367] page_type: f5(slab) [ 13.560556] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.561058] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.561473] page dumped because: kasan: bad access detected [ 13.561963] [ 13.562035] Memory state around the buggy address: [ 13.562202] ffff8881039c4480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.562707] ffff8881039c4500: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.563040] >ffff8881039c4580: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 13.563401] ^ [ 13.564381] ffff8881039c4600: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.564748] ffff8881039c4680: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 13.565089] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 13.508778] ================================================================== [ 13.509840] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 13.510096] Read of size 1 at addr ffff8881039c45d0 by task kunit_try_catch/276 [ 13.510597] [ 13.510718] CPU: 1 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.510764] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.510776] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.510797] Call Trace: [ 13.510809] <TASK> [ 13.510825] dump_stack_lvl+0x73/0xb0 [ 13.510852] print_report+0xd1/0x650 [ 13.510875] ? __virt_addr_valid+0x1db/0x2d0 [ 13.510896] ? strcmp+0xb0/0xc0 [ 13.510916] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.510938] ? strcmp+0xb0/0xc0 [ 13.510999] kasan_report+0x141/0x180 [ 13.511046] ? strcmp+0xb0/0xc0 [ 13.511070] __asan_report_load1_noabort+0x18/0x20 [ 13.511095] strcmp+0xb0/0xc0 [ 13.511116] kasan_strings+0x431/0xe80 [ 13.511148] ? trace_hardirqs_on+0x37/0xe0 [ 13.511171] ? __pfx_kasan_strings+0x10/0x10 [ 13.511192] ? __kasan_check_write+0x18/0x20 [ 13.511210] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.511232] ? irqentry_exit+0x2a/0x60 [ 13.511253] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.511275] ? trace_hardirqs_on+0x37/0xe0 [ 13.511296] ? __pfx_read_tsc+0x10/0x10 [ 13.511522] ? ktime_get_ts64+0x86/0x230 [ 13.511550] kunit_try_run_case+0x1a5/0x480 [ 13.511576] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.511599] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.511621] ? __kthread_parkme+0x82/0x180 [ 13.511642] ? preempt_count_sub+0x50/0x80 [ 13.511665] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.511688] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.511710] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.511733] kthread+0x337/0x6f0 [ 13.511751] ? trace_preempt_on+0x20/0xc0 [ 13.511773] ? __pfx_kthread+0x10/0x10 [ 13.511793] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.511813] ? calculate_sigpending+0x7b/0xa0 [ 13.511836] ? __pfx_kthread+0x10/0x10 [ 13.511856] ret_from_fork+0x116/0x1d0 [ 13.511874] ? __pfx_kthread+0x10/0x10 [ 13.511894] ret_from_fork_asm+0x1a/0x30 [ 13.511924] </TASK> [ 13.511936] [ 13.524059] Allocated by task 276: [ 13.524343] kasan_save_stack+0x45/0x70 [ 13.524770] kasan_save_track+0x18/0x40 [ 13.525058] kasan_save_alloc_info+0x3b/0x50 [ 13.525408] __kasan_kmalloc+0xb7/0xc0 [ 13.525698] __kmalloc_cache_noprof+0x189/0x420 [ 13.525933] kasan_strings+0xc0/0xe80 [ 13.526109] kunit_try_run_case+0x1a5/0x480 [ 13.526640] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.526975] kthread+0x337/0x6f0 [ 13.527316] ret_from_fork+0x116/0x1d0 [ 13.527672] ret_from_fork_asm+0x1a/0x30 [ 13.527957] [ 13.528188] Freed by task 276: [ 13.528628] kasan_save_stack+0x45/0x70 [ 13.528814] kasan_save_track+0x18/0x40 [ 13.529007] kasan_save_free_info+0x3f/0x60 [ 13.529736] __kasan_slab_free+0x56/0x70 [ 13.529934] kfree+0x222/0x3f0 [ 13.530257] kasan_strings+0x2aa/0xe80 [ 13.530612] kunit_try_run_case+0x1a5/0x480 [ 13.530958] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.531249] kthread+0x337/0x6f0 [ 13.531587] ret_from_fork+0x116/0x1d0 [ 13.532007] ret_from_fork_asm+0x1a/0x30 [ 13.532236] [ 13.532686] The buggy address belongs to the object at ffff8881039c45c0 [ 13.532686] which belongs to the cache kmalloc-32 of size 32 [ 13.533484] The buggy address is located 16 bytes inside of [ 13.533484] freed 32-byte region [ffff8881039c45c0, ffff8881039c45e0) [ 13.534118] [ 13.534415] The buggy address belongs to the physical page: [ 13.534859] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c4 [ 13.535479] flags: 0x200000000000000(node=0|zone=2) [ 13.535803] page_type: f5(slab) [ 13.535965] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.536680] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.537032] page dumped because: kasan: bad access detected [ 13.537591] [ 13.537688] Memory state around the buggy address: [ 13.538051] ffff8881039c4480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.538758] ffff8881039c4500: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.539090] >ffff8881039c4580: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 13.539687] ^ [ 13.540029] ffff8881039c4600: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.540448] ffff8881039c4680: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 13.541108] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 13.467819] ================================================================== [ 13.468893] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 13.469449] Read of size 1 at addr ffff88810319c458 by task kunit_try_catch/274 [ 13.470111] [ 13.470358] CPU: 0 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.470418] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.470431] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.470453] Call Trace: [ 13.470466] <TASK> [ 13.470483] dump_stack_lvl+0x73/0xb0 [ 13.470540] print_report+0xd1/0x650 [ 13.470567] ? __virt_addr_valid+0x1db/0x2d0 [ 13.470590] ? memcmp+0x1b4/0x1d0 [ 13.470620] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.470642] ? memcmp+0x1b4/0x1d0 [ 13.470660] kasan_report+0x141/0x180 [ 13.470682] ? memcmp+0x1b4/0x1d0 [ 13.470703] __asan_report_load1_noabort+0x18/0x20 [ 13.470726] memcmp+0x1b4/0x1d0 [ 13.470746] kasan_memcmp+0x18f/0x390 [ 13.470766] ? trace_hardirqs_on+0x37/0xe0 [ 13.470789] ? __pfx_kasan_memcmp+0x10/0x10 [ 13.470808] ? finish_task_switch.isra.0+0x153/0x700 [ 13.470832] ? __switch_to+0x47/0xf50 [ 13.470861] ? __pfx_read_tsc+0x10/0x10 [ 13.470880] ? ktime_get_ts64+0x86/0x230 [ 13.470904] kunit_try_run_case+0x1a5/0x480 [ 13.470928] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.470949] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.470972] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.470994] ? __kthread_parkme+0x82/0x180 [ 13.471016] ? preempt_count_sub+0x50/0x80 [ 13.471038] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.471061] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.471083] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.471106] kthread+0x337/0x6f0 [ 13.471134] ? trace_preempt_on+0x20/0xc0 [ 13.471155] ? __pfx_kthread+0x10/0x10 [ 13.471175] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.471195] ? calculate_sigpending+0x7b/0xa0 [ 13.471218] ? __pfx_kthread+0x10/0x10 [ 13.471239] ret_from_fork+0x116/0x1d0 [ 13.471257] ? __pfx_kthread+0x10/0x10 [ 13.471277] ret_from_fork_asm+0x1a/0x30 [ 13.471306] </TASK> [ 13.471317] [ 13.484981] Allocated by task 274: [ 13.485326] kasan_save_stack+0x45/0x70 [ 13.485741] kasan_save_track+0x18/0x40 [ 13.486463] kasan_save_alloc_info+0x3b/0x50 [ 13.487071] __kasan_kmalloc+0xb7/0xc0 [ 13.487502] __kmalloc_cache_noprof+0x189/0x420 [ 13.487939] kasan_memcmp+0xb7/0x390 [ 13.488390] kunit_try_run_case+0x1a5/0x480 [ 13.488796] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.489299] kthread+0x337/0x6f0 [ 13.489677] ret_from_fork+0x116/0x1d0 [ 13.490096] ret_from_fork_asm+0x1a/0x30 [ 13.490460] [ 13.490536] The buggy address belongs to the object at ffff88810319c440 [ 13.490536] which belongs to the cache kmalloc-32 of size 32 [ 13.490936] The buggy address is located 0 bytes to the right of [ 13.490936] allocated 24-byte region [ffff88810319c440, ffff88810319c458) [ 13.492297] [ 13.492464] The buggy address belongs to the physical page: [ 13.493017] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10319c [ 13.493540] flags: 0x200000000000000(node=0|zone=2) [ 13.494067] page_type: f5(slab) [ 13.494438] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.494735] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.495112] page dumped because: kasan: bad access detected [ 13.495691] [ 13.495879] Memory state around the buggy address: [ 13.496407] ffff88810319c300: fa fb fb fb fc fc fc fc 00 00 07 fc fc fc fc fc [ 13.497192] ffff88810319c380: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 13.497871] >ffff88810319c400: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.498434] ^ [ 13.498904] ffff88810319c480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.499136] ffff88810319c500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.499350] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 12.067853] ================================================================== [ 12.068389] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 12.069065] Read of size 1 at addr ffff8881027a9f78 by task kunit_try_catch/213 [ 12.069652] [ 12.069765] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.069808] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.069820] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.069840] Call Trace: [ 12.069854] <TASK> [ 12.069868] dump_stack_lvl+0x73/0xb0 [ 12.069895] print_report+0xd1/0x650 [ 12.069915] ? __virt_addr_valid+0x1db/0x2d0 [ 12.069937] ? ksize_uaf+0x5e4/0x6c0 [ 12.069956] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.069976] ? ksize_uaf+0x5e4/0x6c0 [ 12.069996] kasan_report+0x141/0x180 [ 12.070016] ? ksize_uaf+0x5e4/0x6c0 [ 12.070040] __asan_report_load1_noabort+0x18/0x20 [ 12.070062] ksize_uaf+0x5e4/0x6c0 [ 12.070081] ? __pfx_ksize_uaf+0x10/0x10 [ 12.070102] ? __schedule+0x10cc/0x2b60 [ 12.070135] ? __pfx_read_tsc+0x10/0x10 [ 12.070155] ? ktime_get_ts64+0x86/0x230 [ 12.070177] kunit_try_run_case+0x1a5/0x480 [ 12.070199] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.070220] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.070241] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.070262] ? __kthread_parkme+0x82/0x180 [ 12.070280] ? preempt_count_sub+0x50/0x80 [ 12.070303] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.070326] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.070347] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.070369] kthread+0x337/0x6f0 [ 12.070387] ? trace_preempt_on+0x20/0xc0 [ 12.070408] ? __pfx_kthread+0x10/0x10 [ 12.070427] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.070446] ? calculate_sigpending+0x7b/0xa0 [ 12.070468] ? __pfx_kthread+0x10/0x10 [ 12.070488] ret_from_fork+0x116/0x1d0 [ 12.070559] ? __pfx_kthread+0x10/0x10 [ 12.070581] ret_from_fork_asm+0x1a/0x30 [ 12.070610] </TASK> [ 12.070621] [ 12.078052] Allocated by task 213: [ 12.078244] kasan_save_stack+0x45/0x70 [ 12.078391] kasan_save_track+0x18/0x40 [ 12.078768] kasan_save_alloc_info+0x3b/0x50 [ 12.078985] __kasan_kmalloc+0xb7/0xc0 [ 12.079186] __kmalloc_cache_noprof+0x189/0x420 [ 12.079664] ksize_uaf+0xaa/0x6c0 [ 12.079849] kunit_try_run_case+0x1a5/0x480 [ 12.080019] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.080291] kthread+0x337/0x6f0 [ 12.080465] ret_from_fork+0x116/0x1d0 [ 12.080659] ret_from_fork_asm+0x1a/0x30 [ 12.080861] [ 12.080957] Freed by task 213: [ 12.081103] kasan_save_stack+0x45/0x70 [ 12.081309] kasan_save_track+0x18/0x40 [ 12.081537] kasan_save_free_info+0x3f/0x60 [ 12.081719] __kasan_slab_free+0x56/0x70 [ 12.081880] kfree+0x222/0x3f0 [ 12.081997] ksize_uaf+0x12c/0x6c0 [ 12.082120] kunit_try_run_case+0x1a5/0x480 [ 12.082277] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.082479] kthread+0x337/0x6f0 [ 12.082694] ret_from_fork+0x116/0x1d0 [ 12.082879] ret_from_fork_asm+0x1a/0x30 [ 12.083070] [ 12.083176] The buggy address belongs to the object at ffff8881027a9f00 [ 12.083176] which belongs to the cache kmalloc-128 of size 128 [ 12.083620] The buggy address is located 120 bytes inside of [ 12.083620] freed 128-byte region [ffff8881027a9f00, ffff8881027a9f80) [ 12.084220] [ 12.084311] The buggy address belongs to the physical page: [ 12.084541] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a9 [ 12.084861] flags: 0x200000000000000(node=0|zone=2) [ 12.085074] page_type: f5(slab) [ 12.085925] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.086200] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.086966] page dumped because: kasan: bad access detected [ 12.087623] [ 12.087708] Memory state around the buggy address: [ 12.087947] ffff8881027a9e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.088435] ffff8881027a9e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.089134] >ffff8881027a9f00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.089718] ^ [ 12.090298] ffff8881027a9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.090671] ffff8881027aa000: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.090965] ================================================================== [ 12.021440] ================================================================== [ 12.021904] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 12.022243] Read of size 1 at addr ffff8881027a9f00 by task kunit_try_catch/213 [ 12.022594] [ 12.022709] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.022750] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.022761] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.022780] Call Trace: [ 12.022791] <TASK> [ 12.022803] dump_stack_lvl+0x73/0xb0 [ 12.022829] print_report+0xd1/0x650 [ 12.022850] ? __virt_addr_valid+0x1db/0x2d0 [ 12.022872] ? ksize_uaf+0x19d/0x6c0 [ 12.022890] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.022911] ? ksize_uaf+0x19d/0x6c0 [ 12.022930] kasan_report+0x141/0x180 [ 12.022950] ? ksize_uaf+0x19d/0x6c0 [ 12.022972] ? ksize_uaf+0x19d/0x6c0 [ 12.022991] __kasan_check_byte+0x3d/0x50 [ 12.023012] ksize+0x20/0x60 [ 12.023032] ksize_uaf+0x19d/0x6c0 [ 12.023051] ? __pfx_ksize_uaf+0x10/0x10 [ 12.023104] ? __schedule+0x10cc/0x2b60 [ 12.023145] ? __pfx_read_tsc+0x10/0x10 [ 12.023165] ? ktime_get_ts64+0x86/0x230 [ 12.023189] kunit_try_run_case+0x1a5/0x480 [ 12.023212] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.023233] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.023255] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.023276] ? __kthread_parkme+0x82/0x180 [ 12.023315] ? preempt_count_sub+0x50/0x80 [ 12.023338] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.023359] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.023380] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.023402] kthread+0x337/0x6f0 [ 12.023420] ? trace_preempt_on+0x20/0xc0 [ 12.023442] ? __pfx_kthread+0x10/0x10 [ 12.023463] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.023483] ? calculate_sigpending+0x7b/0xa0 [ 12.023505] ? __pfx_kthread+0x10/0x10 [ 12.023524] ret_from_fork+0x116/0x1d0 [ 12.023541] ? __pfx_kthread+0x10/0x10 [ 12.023560] ret_from_fork_asm+0x1a/0x30 [ 12.023589] </TASK> [ 12.023599] [ 12.030877] Allocated by task 213: [ 12.031045] kasan_save_stack+0x45/0x70 [ 12.031285] kasan_save_track+0x18/0x40 [ 12.031508] kasan_save_alloc_info+0x3b/0x50 [ 12.031688] __kasan_kmalloc+0xb7/0xc0 [ 12.031820] __kmalloc_cache_noprof+0x189/0x420 [ 12.031976] ksize_uaf+0xaa/0x6c0 [ 12.032140] kunit_try_run_case+0x1a5/0x480 [ 12.032571] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.032828] kthread+0x337/0x6f0 [ 12.032997] ret_from_fork+0x116/0x1d0 [ 12.033197] ret_from_fork_asm+0x1a/0x30 [ 12.033467] [ 12.033560] Freed by task 213: [ 12.033717] kasan_save_stack+0x45/0x70 [ 12.033889] kasan_save_track+0x18/0x40 [ 12.034063] kasan_save_free_info+0x3f/0x60 [ 12.034279] __kasan_slab_free+0x56/0x70 [ 12.034530] kfree+0x222/0x3f0 [ 12.034675] ksize_uaf+0x12c/0x6c0 [ 12.034820] kunit_try_run_case+0x1a5/0x480 [ 12.035024] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.035267] kthread+0x337/0x6f0 [ 12.035490] ret_from_fork+0x116/0x1d0 [ 12.035657] ret_from_fork_asm+0x1a/0x30 [ 12.035850] [ 12.035939] The buggy address belongs to the object at ffff8881027a9f00 [ 12.035939] which belongs to the cache kmalloc-128 of size 128 [ 12.036509] The buggy address is located 0 bytes inside of [ 12.036509] freed 128-byte region [ffff8881027a9f00, ffff8881027a9f80) [ 12.036911] [ 12.036983] The buggy address belongs to the physical page: [ 12.037185] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a9 [ 12.037671] flags: 0x200000000000000(node=0|zone=2) [ 12.037910] page_type: f5(slab) [ 12.038076] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.038526] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.038859] page dumped because: kasan: bad access detected [ 12.039104] [ 12.039237] Memory state around the buggy address: [ 12.039518] ffff8881027a9e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.039760] ffff8881027a9e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.039975] >ffff8881027a9f00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.040323] ^ [ 12.040487] ffff8881027a9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.040807] ffff8881027aa000: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.041201] ================================================================== [ 12.042504] ================================================================== [ 12.042851] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 12.043093] Read of size 1 at addr ffff8881027a9f00 by task kunit_try_catch/213 [ 12.043327] [ 12.043408] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.043446] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.043457] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.043474] Call Trace: [ 12.043484] <TASK> [ 12.043498] dump_stack_lvl+0x73/0xb0 [ 12.043521] print_report+0xd1/0x650 [ 12.043542] ? __virt_addr_valid+0x1db/0x2d0 [ 12.043563] ? ksize_uaf+0x5fe/0x6c0 [ 12.043582] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.043602] ? ksize_uaf+0x5fe/0x6c0 [ 12.043622] kasan_report+0x141/0x180 [ 12.043642] ? ksize_uaf+0x5fe/0x6c0 [ 12.043666] __asan_report_load1_noabort+0x18/0x20 [ 12.043689] ksize_uaf+0x5fe/0x6c0 [ 12.043708] ? __pfx_ksize_uaf+0x10/0x10 [ 12.043728] ? __schedule+0x10cc/0x2b60 [ 12.043748] ? __pfx_read_tsc+0x10/0x10 [ 12.043767] ? ktime_get_ts64+0x86/0x230 [ 12.043789] kunit_try_run_case+0x1a5/0x480 [ 12.043812] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.043832] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.043853] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.043874] ? __kthread_parkme+0x82/0x180 [ 12.043893] ? preempt_count_sub+0x50/0x80 [ 12.043915] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.043937] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.043958] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.043979] kthread+0x337/0x6f0 [ 12.043997] ? trace_preempt_on+0x20/0xc0 [ 12.044018] ? __pfx_kthread+0x10/0x10 [ 12.044037] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.044056] ? calculate_sigpending+0x7b/0xa0 [ 12.044078] ? __pfx_kthread+0x10/0x10 [ 12.044098] ret_from_fork+0x116/0x1d0 [ 12.044115] ? __pfx_kthread+0x10/0x10 [ 12.044422] ret_from_fork_asm+0x1a/0x30 [ 12.044453] </TASK> [ 12.044463] [ 12.051615] Allocated by task 213: [ 12.051743] kasan_save_stack+0x45/0x70 [ 12.051884] kasan_save_track+0x18/0x40 [ 12.052018] kasan_save_alloc_info+0x3b/0x50 [ 12.052197] __kasan_kmalloc+0xb7/0xc0 [ 12.052394] __kmalloc_cache_noprof+0x189/0x420 [ 12.052629] ksize_uaf+0xaa/0x6c0 [ 12.052799] kunit_try_run_case+0x1a5/0x480 [ 12.053001] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.053922] kthread+0x337/0x6f0 [ 12.054138] ret_from_fork+0x116/0x1d0 [ 12.054335] ret_from_fork_asm+0x1a/0x30 [ 12.054535] [ 12.054629] Freed by task 213: [ 12.054783] kasan_save_stack+0x45/0x70 [ 12.054973] kasan_save_track+0x18/0x40 [ 12.055561] kasan_save_free_info+0x3f/0x60 [ 12.055984] __kasan_slab_free+0x56/0x70 [ 12.056454] kfree+0x222/0x3f0 [ 12.056622] ksize_uaf+0x12c/0x6c0 [ 12.056787] kunit_try_run_case+0x1a5/0x480 [ 12.056979] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.057228] kthread+0x337/0x6f0 [ 12.057386] ret_from_fork+0x116/0x1d0 [ 12.057559] ret_from_fork_asm+0x1a/0x30 [ 12.057738] [ 12.057827] The buggy address belongs to the object at ffff8881027a9f00 [ 12.057827] which belongs to the cache kmalloc-128 of size 128 [ 12.058858] The buggy address is located 0 bytes inside of [ 12.058858] freed 128-byte region [ffff8881027a9f00, ffff8881027a9f80) [ 12.059797] [ 12.060024] The buggy address belongs to the physical page: [ 12.060603] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a9 [ 12.060932] flags: 0x200000000000000(node=0|zone=2) [ 12.061418] page_type: f5(slab) [ 12.061712] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.062406] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.062922] page dumped because: kasan: bad access detected [ 12.063570] [ 12.063685] Memory state around the buggy address: [ 12.063900] ffff8881027a9e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.064450] ffff8881027a9e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.064957] >ffff8881027a9f00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.065710] ^ [ 12.065879] ffff8881027a9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.066447] ffff8881027aa000: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.066970] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 11.994629] ================================================================== [ 11.994973] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.995569] Read of size 1 at addr ffff888103173f7f by task kunit_try_catch/211 [ 11.995856] [ 11.995964] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.996003] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.996014] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.996031] Call Trace: [ 11.996047] <TASK> [ 11.996061] dump_stack_lvl+0x73/0xb0 [ 11.996087] print_report+0xd1/0x650 [ 11.996108] ? __virt_addr_valid+0x1db/0x2d0 [ 11.996143] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.996164] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.996185] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.996207] kasan_report+0x141/0x180 [ 11.996227] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.996253] __asan_report_load1_noabort+0x18/0x20 [ 11.996276] ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.996299] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 11.996397] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.996425] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 11.996451] kunit_try_run_case+0x1a5/0x480 [ 11.996474] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.996495] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.996539] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.996560] ? __kthread_parkme+0x82/0x180 [ 11.996579] ? preempt_count_sub+0x50/0x80 [ 11.996602] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.996624] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.996645] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.996667] kthread+0x337/0x6f0 [ 11.996685] ? trace_preempt_on+0x20/0xc0 [ 11.996707] ? __pfx_kthread+0x10/0x10 [ 11.996728] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.996749] ? calculate_sigpending+0x7b/0xa0 [ 11.996772] ? __pfx_kthread+0x10/0x10 [ 11.996794] ret_from_fork+0x116/0x1d0 [ 11.996812] ? __pfx_kthread+0x10/0x10 [ 11.996832] ret_from_fork_asm+0x1a/0x30 [ 11.996862] </TASK> [ 11.996873] [ 12.004538] Allocated by task 211: [ 12.004731] kasan_save_stack+0x45/0x70 [ 12.004896] kasan_save_track+0x18/0x40 [ 12.005204] kasan_save_alloc_info+0x3b/0x50 [ 12.005417] __kasan_kmalloc+0xb7/0xc0 [ 12.005624] __kmalloc_cache_noprof+0x189/0x420 [ 12.005848] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.006058] kunit_try_run_case+0x1a5/0x480 [ 12.006290] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.006614] kthread+0x337/0x6f0 [ 12.006759] ret_from_fork+0x116/0x1d0 [ 12.006894] ret_from_fork_asm+0x1a/0x30 [ 12.007033] [ 12.007110] The buggy address belongs to the object at ffff888103173f00 [ 12.007110] which belongs to the cache kmalloc-128 of size 128 [ 12.007903] The buggy address is located 12 bytes to the right of [ 12.007903] allocated 115-byte region [ffff888103173f00, ffff888103173f73) [ 12.008592] [ 12.008711] The buggy address belongs to the physical page: [ 12.008918] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103173 [ 12.009170] flags: 0x200000000000000(node=0|zone=2) [ 12.009381] page_type: f5(slab) [ 12.009620] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.009973] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.010468] page dumped because: kasan: bad access detected [ 12.010736] [ 12.010830] Memory state around the buggy address: [ 12.011034] ffff888103173e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.011325] ffff888103173e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.011859] >ffff888103173f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.012195] ^ [ 12.012547] ffff888103173f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.012887] ffff888103174000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.013148] ================================================================== [ 11.977042] ================================================================== [ 11.977409] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.977703] Read of size 1 at addr ffff888103173f78 by task kunit_try_catch/211 [ 11.977927] [ 11.978036] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.978076] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.978087] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.978107] Call Trace: [ 11.978142] <TASK> [ 11.978156] dump_stack_lvl+0x73/0xb0 [ 11.978180] print_report+0xd1/0x650 [ 11.978201] ? __virt_addr_valid+0x1db/0x2d0 [ 11.978223] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.978245] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.978265] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.978287] kasan_report+0x141/0x180 [ 11.978328] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.978355] __asan_report_load1_noabort+0x18/0x20 [ 11.978378] ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.978400] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 11.978421] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.978448] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 11.978474] kunit_try_run_case+0x1a5/0x480 [ 11.978496] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.978524] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.978546] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.978567] ? __kthread_parkme+0x82/0x180 [ 11.978586] ? preempt_count_sub+0x50/0x80 [ 11.978608] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.978630] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.978651] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.978673] kthread+0x337/0x6f0 [ 11.978691] ? trace_preempt_on+0x20/0xc0 [ 11.978713] ? __pfx_kthread+0x10/0x10 [ 11.978732] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.978752] ? calculate_sigpending+0x7b/0xa0 [ 11.978775] ? __pfx_kthread+0x10/0x10 [ 11.978795] ret_from_fork+0x116/0x1d0 [ 11.978812] ? __pfx_kthread+0x10/0x10 [ 11.978831] ret_from_fork_asm+0x1a/0x30 [ 11.978860] </TASK> [ 11.978870] [ 11.986004] Allocated by task 211: [ 11.986203] kasan_save_stack+0x45/0x70 [ 11.986500] kasan_save_track+0x18/0x40 [ 11.986674] kasan_save_alloc_info+0x3b/0x50 [ 11.986851] __kasan_kmalloc+0xb7/0xc0 [ 11.986983] __kmalloc_cache_noprof+0x189/0x420 [ 11.987188] ksize_unpoisons_memory+0xc7/0x9b0 [ 11.987466] kunit_try_run_case+0x1a5/0x480 [ 11.987673] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.987899] kthread+0x337/0x6f0 [ 11.988062] ret_from_fork+0x116/0x1d0 [ 11.988223] ret_from_fork_asm+0x1a/0x30 [ 11.988387] [ 11.988478] The buggy address belongs to the object at ffff888103173f00 [ 11.988478] which belongs to the cache kmalloc-128 of size 128 [ 11.989014] The buggy address is located 5 bytes to the right of [ 11.989014] allocated 115-byte region [ffff888103173f00, ffff888103173f73) [ 11.989749] [ 11.989820] The buggy address belongs to the physical page: [ 11.989991] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103173 [ 11.990259] flags: 0x200000000000000(node=0|zone=2) [ 11.990447] page_type: f5(slab) [ 11.990573] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.990833] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.991523] page dumped because: kasan: bad access detected [ 11.991788] [ 11.991882] Memory state around the buggy address: [ 11.992110] ffff888103173e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.992535] ffff888103173e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.992852] >ffff888103173f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.993184] ^ [ 11.993471] ffff888103173f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.993690] ffff888103174000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.994006] ================================================================== [ 11.958696] ================================================================== [ 11.959159] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 11.959489] Read of size 1 at addr ffff888103173f73 by task kunit_try_catch/211 [ 11.959797] [ 11.959923] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.959966] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.959977] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.959996] Call Trace: [ 11.960007] <TASK> [ 11.960021] dump_stack_lvl+0x73/0xb0 [ 11.960046] print_report+0xd1/0x650 [ 11.960069] ? __virt_addr_valid+0x1db/0x2d0 [ 11.960090] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 11.960112] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.960168] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 11.960190] kasan_report+0x141/0x180 [ 11.960211] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 11.960237] __asan_report_load1_noabort+0x18/0x20 [ 11.960260] ksize_unpoisons_memory+0x81c/0x9b0 [ 11.960282] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 11.960323] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.960352] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 11.960378] kunit_try_run_case+0x1a5/0x480 [ 11.960402] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.960423] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.960445] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.960466] ? __kthread_parkme+0x82/0x180 [ 11.960489] ? preempt_count_sub+0x50/0x80 [ 11.960513] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.960535] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.960557] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.960579] kthread+0x337/0x6f0 [ 11.960597] ? trace_preempt_on+0x20/0xc0 [ 11.960618] ? __pfx_kthread+0x10/0x10 [ 11.960639] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.960659] ? calculate_sigpending+0x7b/0xa0 [ 11.960682] ? __pfx_kthread+0x10/0x10 [ 11.960702] ret_from_fork+0x116/0x1d0 [ 11.960719] ? __pfx_kthread+0x10/0x10 [ 11.960739] ret_from_fork_asm+0x1a/0x30 [ 11.960768] </TASK> [ 11.960779] [ 11.967950] Allocated by task 211: [ 11.968113] kasan_save_stack+0x45/0x70 [ 11.968299] kasan_save_track+0x18/0x40 [ 11.968435] kasan_save_alloc_info+0x3b/0x50 [ 11.968582] __kasan_kmalloc+0xb7/0xc0 [ 11.968826] __kmalloc_cache_noprof+0x189/0x420 [ 11.969050] ksize_unpoisons_memory+0xc7/0x9b0 [ 11.969350] kunit_try_run_case+0x1a5/0x480 [ 11.969557] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.969798] kthread+0x337/0x6f0 [ 11.969920] ret_from_fork+0x116/0x1d0 [ 11.970051] ret_from_fork_asm+0x1a/0x30 [ 11.970219] [ 11.970310] The buggy address belongs to the object at ffff888103173f00 [ 11.970310] which belongs to the cache kmalloc-128 of size 128 [ 11.971060] The buggy address is located 0 bytes to the right of [ 11.971060] allocated 115-byte region [ffff888103173f00, ffff888103173f73) [ 11.971588] [ 11.971662] The buggy address belongs to the physical page: [ 11.971835] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103173 [ 11.972269] flags: 0x200000000000000(node=0|zone=2) [ 11.972763] page_type: f5(slab) [ 11.972930] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.973209] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.973840] page dumped because: kasan: bad access detected [ 11.974043] [ 11.974163] Memory state around the buggy address: [ 11.974440] ffff888103173e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.974686] ffff888103173e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.974902] >ffff888103173f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.975182] ^ [ 11.975742] ffff888103173f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.976243] ffff888103174000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.976613] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 11.932144] ================================================================== [ 11.933248] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 11.933602] Free of addr ffff8881023854c0 by task kunit_try_catch/209 [ 11.934036] [ 11.934180] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.934223] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.934234] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.934254] Call Trace: [ 11.934266] <TASK> [ 11.934282] dump_stack_lvl+0x73/0xb0 [ 11.934310] print_report+0xd1/0x650 [ 11.934333] ? __virt_addr_valid+0x1db/0x2d0 [ 11.934356] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.934377] ? kfree_sensitive+0x2e/0x90 [ 11.934397] kasan_report_invalid_free+0x10a/0x130 [ 11.934483] ? kfree_sensitive+0x2e/0x90 [ 11.934505] ? kfree_sensitive+0x2e/0x90 [ 11.934528] check_slab_allocation+0x101/0x130 [ 11.934549] __kasan_slab_pre_free+0x28/0x40 [ 11.934568] kfree+0xf0/0x3f0 [ 11.934589] ? kfree_sensitive+0x2e/0x90 [ 11.934610] kfree_sensitive+0x2e/0x90 [ 11.934629] kmalloc_double_kzfree+0x19c/0x350 [ 11.934650] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 11.934672] ? __schedule+0x10cc/0x2b60 [ 11.934693] ? __pfx_read_tsc+0x10/0x10 [ 11.934713] ? ktime_get_ts64+0x86/0x230 [ 11.934737] kunit_try_run_case+0x1a5/0x480 [ 11.934760] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.934781] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.934803] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.934824] ? __kthread_parkme+0x82/0x180 [ 11.934843] ? preempt_count_sub+0x50/0x80 [ 11.934866] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.934888] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.934909] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.934931] kthread+0x337/0x6f0 [ 11.934949] ? trace_preempt_on+0x20/0xc0 [ 11.934970] ? __pfx_kthread+0x10/0x10 [ 11.934989] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.935009] ? calculate_sigpending+0x7b/0xa0 [ 11.935031] ? __pfx_kthread+0x10/0x10 [ 11.935051] ret_from_fork+0x116/0x1d0 [ 11.935068] ? __pfx_kthread+0x10/0x10 [ 11.935087] ret_from_fork_asm+0x1a/0x30 [ 11.935117] </TASK> [ 11.935153] [ 11.943264] Allocated by task 209: [ 11.943636] kasan_save_stack+0x45/0x70 [ 11.943807] kasan_save_track+0x18/0x40 [ 11.944008] kasan_save_alloc_info+0x3b/0x50 [ 11.944270] __kasan_kmalloc+0xb7/0xc0 [ 11.944484] __kmalloc_cache_noprof+0x189/0x420 [ 11.944647] kmalloc_double_kzfree+0xa9/0x350 [ 11.944814] kunit_try_run_case+0x1a5/0x480 [ 11.945029] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.945398] kthread+0x337/0x6f0 [ 11.945831] ret_from_fork+0x116/0x1d0 [ 11.946180] ret_from_fork_asm+0x1a/0x30 [ 11.946329] [ 11.946475] Freed by task 209: [ 11.946640] kasan_save_stack+0x45/0x70 [ 11.946807] kasan_save_track+0x18/0x40 [ 11.946988] kasan_save_free_info+0x3f/0x60 [ 11.947166] __kasan_slab_free+0x56/0x70 [ 11.947395] kfree+0x222/0x3f0 [ 11.947563] kfree_sensitive+0x67/0x90 [ 11.947729] kmalloc_double_kzfree+0x12b/0x350 [ 11.947944] kunit_try_run_case+0x1a5/0x480 [ 11.948089] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.948274] kthread+0x337/0x6f0 [ 11.948393] ret_from_fork+0x116/0x1d0 [ 11.948524] ret_from_fork_asm+0x1a/0x30 [ 11.948690] [ 11.948784] The buggy address belongs to the object at ffff8881023854c0 [ 11.948784] which belongs to the cache kmalloc-16 of size 16 [ 11.949463] The buggy address is located 0 bytes inside of [ 11.949463] 16-byte region [ffff8881023854c0, ffff8881023854d0) [ 11.949792] [ 11.949862] The buggy address belongs to the physical page: [ 11.950031] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102385 [ 11.950746] flags: 0x200000000000000(node=0|zone=2) [ 11.950998] page_type: f5(slab) [ 11.951225] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.951704] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.952051] page dumped because: kasan: bad access detected [ 11.952422] [ 11.952523] Memory state around the buggy address: [ 11.952710] ffff888102385380: 00 06 fc fc 00 06 fc fc fa fb fc fc fa fb fc fc [ 11.952928] ffff888102385400: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc [ 11.953437] >ffff888102385480: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 11.953758] ^ [ 11.953976] ffff888102385500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.954285] ffff888102385580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.954722] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 11.902191] ================================================================== [ 11.902847] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 11.903790] Read of size 1 at addr ffff8881023854c0 by task kunit_try_catch/209 [ 11.904232] [ 11.904337] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.904586] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.904600] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.904622] Call Trace: [ 11.904635] <TASK> [ 11.904651] dump_stack_lvl+0x73/0xb0 [ 11.904679] print_report+0xd1/0x650 [ 11.904701] ? __virt_addr_valid+0x1db/0x2d0 [ 11.904723] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.904744] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.904764] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.904787] kasan_report+0x141/0x180 [ 11.904807] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.904832] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.904853] __kasan_check_byte+0x3d/0x50 [ 11.904874] kfree_sensitive+0x22/0x90 [ 11.904897] kmalloc_double_kzfree+0x19c/0x350 [ 11.904918] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 11.904941] ? __schedule+0x10cc/0x2b60 [ 11.904962] ? __pfx_read_tsc+0x10/0x10 [ 11.904981] ? ktime_get_ts64+0x86/0x230 [ 11.905006] kunit_try_run_case+0x1a5/0x480 [ 11.905031] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.905053] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.905075] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.905096] ? __kthread_parkme+0x82/0x180 [ 11.905116] ? preempt_count_sub+0x50/0x80 [ 11.905155] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.905177] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.905198] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.905220] kthread+0x337/0x6f0 [ 11.905238] ? trace_preempt_on+0x20/0xc0 [ 11.905259] ? __pfx_kthread+0x10/0x10 [ 11.905279] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.905298] ? calculate_sigpending+0x7b/0xa0 [ 11.905376] ? __pfx_kthread+0x10/0x10 [ 11.905397] ret_from_fork+0x116/0x1d0 [ 11.905414] ? __pfx_kthread+0x10/0x10 [ 11.905434] ret_from_fork_asm+0x1a/0x30 [ 11.905464] </TASK> [ 11.905476] [ 11.915811] Allocated by task 209: [ 11.915970] kasan_save_stack+0x45/0x70 [ 11.916292] kasan_save_track+0x18/0x40 [ 11.916648] kasan_save_alloc_info+0x3b/0x50 [ 11.916983] __kasan_kmalloc+0xb7/0xc0 [ 11.917414] __kmalloc_cache_noprof+0x189/0x420 [ 11.917710] kmalloc_double_kzfree+0xa9/0x350 [ 11.917866] kunit_try_run_case+0x1a5/0x480 [ 11.918013] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.918219] kthread+0x337/0x6f0 [ 11.918499] ret_from_fork+0x116/0x1d0 [ 11.918973] ret_from_fork_asm+0x1a/0x30 [ 11.919134] [ 11.919231] Freed by task 209: [ 11.919742] kasan_save_stack+0x45/0x70 [ 11.919929] kasan_save_track+0x18/0x40 [ 11.920256] kasan_save_free_info+0x3f/0x60 [ 11.920561] __kasan_slab_free+0x56/0x70 [ 11.920886] kfree+0x222/0x3f0 [ 11.921141] kfree_sensitive+0x67/0x90 [ 11.921428] kmalloc_double_kzfree+0x12b/0x350 [ 11.921805] kunit_try_run_case+0x1a5/0x480 [ 11.922009] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.922457] kthread+0x337/0x6f0 [ 11.922645] ret_from_fork+0x116/0x1d0 [ 11.922838] ret_from_fork_asm+0x1a/0x30 [ 11.923346] [ 11.923452] The buggy address belongs to the object at ffff8881023854c0 [ 11.923452] which belongs to the cache kmalloc-16 of size 16 [ 11.924034] The buggy address is located 0 bytes inside of [ 11.924034] freed 16-byte region [ffff8881023854c0, ffff8881023854d0) [ 11.924909] [ 11.924992] The buggy address belongs to the physical page: [ 11.925592] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102385 [ 11.925935] flags: 0x200000000000000(node=0|zone=2) [ 11.926527] page_type: f5(slab) [ 11.926787] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.927226] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.927777] page dumped because: kasan: bad access detected [ 11.928014] [ 11.928098] Memory state around the buggy address: [ 11.928613] ffff888102385380: 00 06 fc fc 00 06 fc fc fa fb fc fc fa fb fc fc [ 11.929103] ffff888102385400: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc [ 11.929670] >ffff888102385480: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 11.930075] ^ [ 11.930528] ffff888102385500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.930927] ffff888102385580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.931456] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 11.864593] ================================================================== [ 11.865476] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 11.866048] Read of size 1 at addr ffff8881027afe28 by task kunit_try_catch/205 [ 11.866939] [ 11.867054] CPU: 1 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.867099] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.867110] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.867167] Call Trace: [ 11.867179] <TASK> [ 11.867193] dump_stack_lvl+0x73/0xb0 [ 11.867221] print_report+0xd1/0x650 [ 11.867242] ? __virt_addr_valid+0x1db/0x2d0 [ 11.867264] ? kmalloc_uaf2+0x4a8/0x520 [ 11.867282] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.867324] ? kmalloc_uaf2+0x4a8/0x520 [ 11.867344] kasan_report+0x141/0x180 [ 11.867365] ? kmalloc_uaf2+0x4a8/0x520 [ 11.867388] __asan_report_load1_noabort+0x18/0x20 [ 11.867411] kmalloc_uaf2+0x4a8/0x520 [ 11.867430] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 11.867448] ? finish_task_switch.isra.0+0x153/0x700 [ 11.867470] ? __switch_to+0x47/0xf50 [ 11.867495] ? __schedule+0x10cc/0x2b60 [ 11.867516] ? __pfx_read_tsc+0x10/0x10 [ 11.867535] ? ktime_get_ts64+0x86/0x230 [ 11.867599] kunit_try_run_case+0x1a5/0x480 [ 11.867622] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.867654] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.867676] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.867697] ? __kthread_parkme+0x82/0x180 [ 11.867716] ? preempt_count_sub+0x50/0x80 [ 11.867737] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.867759] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.867780] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.867801] kthread+0x337/0x6f0 [ 11.867819] ? trace_preempt_on+0x20/0xc0 [ 11.867840] ? __pfx_kthread+0x10/0x10 [ 11.867859] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.867878] ? calculate_sigpending+0x7b/0xa0 [ 11.867900] ? __pfx_kthread+0x10/0x10 [ 11.867920] ret_from_fork+0x116/0x1d0 [ 11.867937] ? __pfx_kthread+0x10/0x10 [ 11.867955] ret_from_fork_asm+0x1a/0x30 [ 11.867984] </TASK> [ 11.867995] [ 11.878077] Allocated by task 205: [ 11.878597] kasan_save_stack+0x45/0x70 [ 11.878911] kasan_save_track+0x18/0x40 [ 11.879114] kasan_save_alloc_info+0x3b/0x50 [ 11.879579] __kasan_kmalloc+0xb7/0xc0 [ 11.879862] __kmalloc_cache_noprof+0x189/0x420 [ 11.880200] kmalloc_uaf2+0xc6/0x520 [ 11.880555] kunit_try_run_case+0x1a5/0x480 [ 11.880767] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.881009] kthread+0x337/0x6f0 [ 11.881423] ret_from_fork+0x116/0x1d0 [ 11.881604] ret_from_fork_asm+0x1a/0x30 [ 11.881951] [ 11.882030] Freed by task 205: [ 11.882434] kasan_save_stack+0x45/0x70 [ 11.882802] kasan_save_track+0x18/0x40 [ 11.882986] kasan_save_free_info+0x3f/0x60 [ 11.883221] __kasan_slab_free+0x56/0x70 [ 11.883406] kfree+0x222/0x3f0 [ 11.883566] kmalloc_uaf2+0x14c/0x520 [ 11.883738] kunit_try_run_case+0x1a5/0x480 [ 11.883944] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.884204] kthread+0x337/0x6f0 [ 11.884363] ret_from_fork+0x116/0x1d0 [ 11.884539] ret_from_fork_asm+0x1a/0x30 [ 11.884727] [ 11.884821] The buggy address belongs to the object at ffff8881027afe00 [ 11.884821] which belongs to the cache kmalloc-64 of size 64 [ 11.885967] The buggy address is located 40 bytes inside of [ 11.885967] freed 64-byte region [ffff8881027afe00, ffff8881027afe40) [ 11.886487] [ 11.886615] The buggy address belongs to the physical page: [ 11.887100] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027af [ 11.887575] flags: 0x200000000000000(node=0|zone=2) [ 11.887924] page_type: f5(slab) [ 11.888101] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.888623] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.888922] page dumped because: kasan: bad access detected [ 11.889445] [ 11.889543] Memory state around the buggy address: [ 11.889901] ffff8881027afd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.890270] ffff8881027afd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.890825] >ffff8881027afe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.891276] ^ [ 11.891516] ffff8881027afe80: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 11.891737] ffff8881027aff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.893317] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 11.821288] ================================================================== [ 11.821701] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 11.821943] Write of size 33 at addr ffff888103184600 by task kunit_try_catch/203 [ 11.822431] [ 11.822635] CPU: 0 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.822681] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.822693] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.822714] Call Trace: [ 11.822727] <TASK> [ 11.822746] dump_stack_lvl+0x73/0xb0 [ 11.823018] print_report+0xd1/0x650 [ 11.823047] ? __virt_addr_valid+0x1db/0x2d0 [ 11.823070] ? kmalloc_uaf_memset+0x1a3/0x360 [ 11.823090] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.823111] ? kmalloc_uaf_memset+0x1a3/0x360 [ 11.823165] kasan_report+0x141/0x180 [ 11.823186] ? kmalloc_uaf_memset+0x1a3/0x360 [ 11.823211] kasan_check_range+0x10c/0x1c0 [ 11.823234] __asan_memset+0x27/0x50 [ 11.823252] kmalloc_uaf_memset+0x1a3/0x360 [ 11.823272] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 11.823372] ? __schedule+0x10cc/0x2b60 [ 11.823399] ? __pfx_read_tsc+0x10/0x10 [ 11.823419] ? ktime_get_ts64+0x86/0x230 [ 11.823443] kunit_try_run_case+0x1a5/0x480 [ 11.823468] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.823488] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.823510] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.823532] ? __kthread_parkme+0x82/0x180 [ 11.823551] ? preempt_count_sub+0x50/0x80 [ 11.823574] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.823596] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.823617] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.823639] kthread+0x337/0x6f0 [ 11.823657] ? trace_preempt_on+0x20/0xc0 [ 11.823679] ? __pfx_kthread+0x10/0x10 [ 11.823698] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.823717] ? calculate_sigpending+0x7b/0xa0 [ 11.823741] ? __pfx_kthread+0x10/0x10 [ 11.823761] ret_from_fork+0x116/0x1d0 [ 11.823778] ? __pfx_kthread+0x10/0x10 [ 11.823797] ret_from_fork_asm+0x1a/0x30 [ 11.823827] </TASK> [ 11.823838] [ 11.840047] Allocated by task 203: [ 11.840626] kasan_save_stack+0x45/0x70 [ 11.841081] kasan_save_track+0x18/0x40 [ 11.841662] kasan_save_alloc_info+0x3b/0x50 [ 11.842270] __kasan_kmalloc+0xb7/0xc0 [ 11.842776] __kmalloc_cache_noprof+0x189/0x420 [ 11.843350] kmalloc_uaf_memset+0xa9/0x360 [ 11.843607] kunit_try_run_case+0x1a5/0x480 [ 11.843755] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.843929] kthread+0x337/0x6f0 [ 11.844049] ret_from_fork+0x116/0x1d0 [ 11.844632] ret_from_fork_asm+0x1a/0x30 [ 11.845072] [ 11.845256] Freed by task 203: [ 11.845698] kasan_save_stack+0x45/0x70 [ 11.846144] kasan_save_track+0x18/0x40 [ 11.846661] kasan_save_free_info+0x3f/0x60 [ 11.847211] __kasan_slab_free+0x56/0x70 [ 11.847716] kfree+0x222/0x3f0 [ 11.848115] kmalloc_uaf_memset+0x12b/0x360 [ 11.848677] kunit_try_run_case+0x1a5/0x480 [ 11.849047] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.849282] kthread+0x337/0x6f0 [ 11.849768] ret_from_fork+0x116/0x1d0 [ 11.850226] ret_from_fork_asm+0x1a/0x30 [ 11.850758] [ 11.850924] The buggy address belongs to the object at ffff888103184600 [ 11.850924] which belongs to the cache kmalloc-64 of size 64 [ 11.851911] The buggy address is located 0 bytes inside of [ 11.851911] freed 64-byte region [ffff888103184600, ffff888103184640) [ 11.853441] [ 11.853732] The buggy address belongs to the physical page: [ 11.853914] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103184 [ 11.854228] flags: 0x200000000000000(node=0|zone=2) [ 11.854728] page_type: f5(slab) [ 11.855154] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.855934] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.856841] page dumped because: kasan: bad access detected [ 11.857345] [ 11.857649] Memory state around the buggy address: [ 11.858034] ffff888103184500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.858485] ffff888103184580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.859136] >ffff888103184600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.859776] ^ [ 11.859998] ffff888103184680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.860423] ffff888103184700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.861198] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 11.783949] ================================================================== [ 11.784730] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 11.785167] Read of size 1 at addr ffff8881019d1b28 by task kunit_try_catch/201 [ 11.785661] [ 11.785764] CPU: 1 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.785810] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.785822] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.785844] Call Trace: [ 11.785856] <TASK> [ 11.785874] dump_stack_lvl+0x73/0xb0 [ 11.785902] print_report+0xd1/0x650 [ 11.785923] ? __virt_addr_valid+0x1db/0x2d0 [ 11.785945] ? kmalloc_uaf+0x320/0x380 [ 11.785964] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.785984] ? kmalloc_uaf+0x320/0x380 [ 11.786002] kasan_report+0x141/0x180 [ 11.786022] ? kmalloc_uaf+0x320/0x380 [ 11.786046] __asan_report_load1_noabort+0x18/0x20 [ 11.786068] kmalloc_uaf+0x320/0x380 [ 11.786086] ? __pfx_kmalloc_uaf+0x10/0x10 [ 11.786106] ? __schedule+0x10cc/0x2b60 [ 11.786139] ? __pfx_read_tsc+0x10/0x10 [ 11.786159] ? ktime_get_ts64+0x86/0x230 [ 11.786183] kunit_try_run_case+0x1a5/0x480 [ 11.786206] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.786226] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.786247] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.786268] ? __kthread_parkme+0x82/0x180 [ 11.786287] ? preempt_count_sub+0x50/0x80 [ 11.786355] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.786379] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.786400] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.786433] kthread+0x337/0x6f0 [ 11.786452] ? trace_preempt_on+0x20/0xc0 [ 11.786474] ? __pfx_kthread+0x10/0x10 [ 11.786493] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.786520] ? calculate_sigpending+0x7b/0xa0 [ 11.786543] ? __pfx_kthread+0x10/0x10 [ 11.786563] ret_from_fork+0x116/0x1d0 [ 11.786580] ? __pfx_kthread+0x10/0x10 [ 11.786600] ret_from_fork_asm+0x1a/0x30 [ 11.786629] </TASK> [ 11.786639] [ 11.798928] Allocated by task 201: [ 11.799097] kasan_save_stack+0x45/0x70 [ 11.799598] kasan_save_track+0x18/0x40 [ 11.799936] kasan_save_alloc_info+0x3b/0x50 [ 11.800460] __kasan_kmalloc+0xb7/0xc0 [ 11.800711] __kmalloc_cache_noprof+0x189/0x420 [ 11.801116] kmalloc_uaf+0xaa/0x380 [ 11.801481] kunit_try_run_case+0x1a5/0x480 [ 11.801908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.802372] kthread+0x337/0x6f0 [ 11.802628] ret_from_fork+0x116/0x1d0 [ 11.803043] ret_from_fork_asm+0x1a/0x30 [ 11.803485] [ 11.803582] Freed by task 201: [ 11.803727] kasan_save_stack+0x45/0x70 [ 11.803910] kasan_save_track+0x18/0x40 [ 11.804088] kasan_save_free_info+0x3f/0x60 [ 11.804579] __kasan_slab_free+0x56/0x70 [ 11.804951] kfree+0x222/0x3f0 [ 11.805449] kmalloc_uaf+0x12c/0x380 [ 11.805634] kunit_try_run_case+0x1a5/0x480 [ 11.805824] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.806050] kthread+0x337/0x6f0 [ 11.806534] ret_from_fork+0x116/0x1d0 [ 11.806998] ret_from_fork_asm+0x1a/0x30 [ 11.807404] [ 11.807504] The buggy address belongs to the object at ffff8881019d1b20 [ 11.807504] which belongs to the cache kmalloc-16 of size 16 [ 11.807992] The buggy address is located 8 bytes inside of [ 11.807992] freed 16-byte region [ffff8881019d1b20, ffff8881019d1b30) [ 11.809141] [ 11.809417] The buggy address belongs to the physical page: [ 11.810227] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1019d1 [ 11.811012] flags: 0x200000000000000(node=0|zone=2) [ 11.811491] page_type: f5(slab) [ 11.811662] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.811977] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.812605] page dumped because: kasan: bad access detected [ 11.813084] [ 11.813469] Memory state around the buggy address: [ 11.813865] ffff8881019d1a00: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 11.814644] ffff8881019d1a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 11.815470] >ffff8881019d1b00: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 11.815936] ^ [ 11.816456] ffff8881019d1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.817002] ffff8881019d1c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.817807] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 11.749247] ================================================================== [ 11.749841] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.750093] Read of size 64 at addr ffff888103184404 by task kunit_try_catch/199 [ 11.750868] [ 11.750996] CPU: 0 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.751039] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.751050] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.751068] Call Trace: [ 11.751080] <TASK> [ 11.751094] dump_stack_lvl+0x73/0xb0 [ 11.751133] print_report+0xd1/0x650 [ 11.751156] ? __virt_addr_valid+0x1db/0x2d0 [ 11.751178] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.751200] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.751220] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.751243] kasan_report+0x141/0x180 [ 11.751263] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.751290] kasan_check_range+0x10c/0x1c0 [ 11.751322] __asan_memmove+0x27/0x70 [ 11.751341] kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.751363] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 11.751387] ? __schedule+0x10cc/0x2b60 [ 11.751407] ? __pfx_read_tsc+0x10/0x10 [ 11.751427] ? ktime_get_ts64+0x86/0x230 [ 11.751451] kunit_try_run_case+0x1a5/0x480 [ 11.751474] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.751495] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.751517] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.751538] ? __kthread_parkme+0x82/0x180 [ 11.751557] ? preempt_count_sub+0x50/0x80 [ 11.751579] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.751601] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.751622] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.751643] kthread+0x337/0x6f0 [ 11.751662] ? trace_preempt_on+0x20/0xc0 [ 11.751684] ? __pfx_kthread+0x10/0x10 [ 11.751703] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.751722] ? calculate_sigpending+0x7b/0xa0 [ 11.751744] ? __pfx_kthread+0x10/0x10 [ 11.751764] ret_from_fork+0x116/0x1d0 [ 11.751782] ? __pfx_kthread+0x10/0x10 [ 11.751801] ret_from_fork_asm+0x1a/0x30 [ 11.751830] </TASK> [ 11.751840] [ 11.766021] Allocated by task 199: [ 11.766270] kasan_save_stack+0x45/0x70 [ 11.766674] kasan_save_track+0x18/0x40 [ 11.767049] kasan_save_alloc_info+0x3b/0x50 [ 11.767522] __kasan_kmalloc+0xb7/0xc0 [ 11.767882] __kmalloc_cache_noprof+0x189/0x420 [ 11.768371] kmalloc_memmove_invalid_size+0xac/0x330 [ 11.768918] kunit_try_run_case+0x1a5/0x480 [ 11.769403] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.769760] kthread+0x337/0x6f0 [ 11.770086] ret_from_fork+0x116/0x1d0 [ 11.770481] ret_from_fork_asm+0x1a/0x30 [ 11.770894] [ 11.771078] The buggy address belongs to the object at ffff888103184400 [ 11.771078] which belongs to the cache kmalloc-64 of size 64 [ 11.772960] The buggy address is located 4 bytes inside of [ 11.772960] allocated 64-byte region [ffff888103184400, ffff888103184440) [ 11.773971] [ 11.774061] The buggy address belongs to the physical page: [ 11.774294] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103184 [ 11.774615] flags: 0x200000000000000(node=0|zone=2) [ 11.774825] page_type: f5(slab) [ 11.774978] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.775283] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.775567] page dumped because: kasan: bad access detected [ 11.775794] [ 11.775879] Memory state around the buggy address: [ 11.776074] ffff888103184300: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 11.776722] ffff888103184380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.777390] >ffff888103184400: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 11.778195] ^ [ 11.778704] ffff888103184480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.779432] ffff888103184500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.780106] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 11.724651] ================================================================== [ 11.725222] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 11.725597] Read of size 18446744073709551614 at addr ffff8881027afb84 by task kunit_try_catch/197 [ 11.726022] [ 11.726136] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.726209] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.726220] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.726240] Call Trace: [ 11.726262] <TASK> [ 11.726276] dump_stack_lvl+0x73/0xb0 [ 11.726324] print_report+0xd1/0x650 [ 11.726347] ? __virt_addr_valid+0x1db/0x2d0 [ 11.726368] ? kmalloc_memmove_negative_size+0x171/0x330 [ 11.726390] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.726410] ? kmalloc_memmove_negative_size+0x171/0x330 [ 11.726451] kasan_report+0x141/0x180 [ 11.726505] ? kmalloc_memmove_negative_size+0x171/0x330 [ 11.726538] kasan_check_range+0x10c/0x1c0 [ 11.726560] __asan_memmove+0x27/0x70 [ 11.726590] kmalloc_memmove_negative_size+0x171/0x330 [ 11.726613] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 11.726636] ? __schedule+0x10cc/0x2b60 [ 11.726657] ? __pfx_read_tsc+0x10/0x10 [ 11.726676] ? ktime_get_ts64+0x86/0x230 [ 11.726727] kunit_try_run_case+0x1a5/0x480 [ 11.726750] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.726770] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.726798] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.726819] ? __kthread_parkme+0x82/0x180 [ 11.726838] ? preempt_count_sub+0x50/0x80 [ 11.726860] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.726882] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.726903] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.726924] kthread+0x337/0x6f0 [ 11.726966] ? trace_preempt_on+0x20/0xc0 [ 11.726988] ? __pfx_kthread+0x10/0x10 [ 11.727007] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.727037] ? calculate_sigpending+0x7b/0xa0 [ 11.727059] ? __pfx_kthread+0x10/0x10 [ 11.727079] ret_from_fork+0x116/0x1d0 [ 11.727130] ? __pfx_kthread+0x10/0x10 [ 11.727150] ret_from_fork_asm+0x1a/0x30 [ 11.727189] </TASK> [ 11.727200] [ 11.735324] Allocated by task 197: [ 11.735675] kasan_save_stack+0x45/0x70 [ 11.735935] kasan_save_track+0x18/0x40 [ 11.736209] kasan_save_alloc_info+0x3b/0x50 [ 11.736433] __kasan_kmalloc+0xb7/0xc0 [ 11.736582] __kmalloc_cache_noprof+0x189/0x420 [ 11.736808] kmalloc_memmove_negative_size+0xac/0x330 [ 11.737040] kunit_try_run_case+0x1a5/0x480 [ 11.737211] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.737418] kthread+0x337/0x6f0 [ 11.737738] ret_from_fork+0x116/0x1d0 [ 11.737995] ret_from_fork_asm+0x1a/0x30 [ 11.738261] [ 11.738398] The buggy address belongs to the object at ffff8881027afb80 [ 11.738398] which belongs to the cache kmalloc-64 of size 64 [ 11.739008] The buggy address is located 4 bytes inside of [ 11.739008] 64-byte region [ffff8881027afb80, ffff8881027afbc0) [ 11.739651] [ 11.739796] The buggy address belongs to the physical page: [ 11.740046] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027af [ 11.740474] flags: 0x200000000000000(node=0|zone=2) [ 11.740754] page_type: f5(slab) [ 11.740938] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.741376] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.741673] page dumped because: kasan: bad access detected [ 11.741928] [ 11.742021] Memory state around the buggy address: [ 11.742288] ffff8881027afa80: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 11.742725] ffff8881027afb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.743069] >ffff8881027afb80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 11.743440] ^ [ 11.743693] ffff8881027afc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.744064] ffff8881027afc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.744416] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 47.226255] ================================================================== [ 47.226636] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 47.226636] [ 47.227004] Use-after-free read at 0x(____ptrval____) (in kfence-#126): [ 47.227277] test_krealloc+0x6fc/0xbe0 [ 47.227833] kunit_try_run_case+0x1a5/0x480 [ 47.228018] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 47.228541] kthread+0x337/0x6f0 [ 47.228720] ret_from_fork+0x116/0x1d0 [ 47.228889] ret_from_fork_asm+0x1a/0x30 [ 47.229082] [ 47.229423] kfence-#126: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 47.229423] [ 47.229913] allocated by task 355 on cpu 1 at 47.225628s (0.004283s ago): [ 47.230395] test_alloc+0x364/0x10f0 [ 47.230650] test_krealloc+0xad/0xbe0 [ 47.230803] kunit_try_run_case+0x1a5/0x480 [ 47.231142] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 47.231408] kthread+0x337/0x6f0 [ 47.231699] ret_from_fork+0x116/0x1d0 [ 47.231886] ret_from_fork_asm+0x1a/0x30 [ 47.232066] [ 47.232304] freed by task 355 on cpu 1 at 47.225883s (0.006418s ago): [ 47.232710] krealloc_noprof+0x108/0x340 [ 47.232974] test_krealloc+0x226/0xbe0 [ 47.233148] kunit_try_run_case+0x1a5/0x480 [ 47.233364] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 47.233719] kthread+0x337/0x6f0 [ 47.233888] ret_from_fork+0x116/0x1d0 [ 47.234057] ret_from_fork_asm+0x1a/0x30 [ 47.234479] [ 47.234609] CPU: 1 UID: 0 PID: 355 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 47.235128] Tainted: [B]=BAD_PAGE, [N]=TEST [ 47.235332] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 47.235880] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 47.139454] ================================================================== [ 47.139859] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 47.139859] [ 47.140273] Use-after-free read at 0x(____ptrval____) (in kfence-#125): [ 47.140774] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 47.141052] kunit_try_run_case+0x1a5/0x480 [ 47.141234] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 47.141512] kthread+0x337/0x6f0 [ 47.141734] ret_from_fork+0x116/0x1d0 [ 47.141891] ret_from_fork_asm+0x1a/0x30 [ 47.142177] [ 47.142271] kfence-#125: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 47.142271] [ 47.142595] allocated by task 353 on cpu 1 at 47.121544s (0.021049s ago): [ 47.142873] test_alloc+0x2a6/0x10f0 [ 47.143058] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 47.143301] kunit_try_run_case+0x1a5/0x480 [ 47.143603] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 47.143873] kthread+0x337/0x6f0 [ 47.144008] ret_from_fork+0x116/0x1d0 [ 47.144151] ret_from_fork_asm+0x1a/0x30 [ 47.144456] [ 47.144597] freed by task 353 on cpu 1 at 47.121645s (0.022950s ago): [ 47.144907] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 47.145146] kunit_try_run_case+0x1a5/0x480 [ 47.145380] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 47.145583] kthread+0x337/0x6f0 [ 47.145706] ret_from_fork+0x116/0x1d0 [ 47.145853] ret_from_fork_asm+0x1a/0x30 [ 47.146060] [ 47.146247] CPU: 1 UID: 0 PID: 353 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 47.146795] Tainted: [B]=BAD_PAGE, [N]=TEST [ 47.146941] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 47.147487] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 22.281094] ================================================================== [ 22.281571] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 22.281571] [ 22.281901] Invalid read at 0x(____ptrval____): [ 22.283389] test_invalid_access+0xf0/0x210 [ 22.283633] kunit_try_run_case+0x1a5/0x480 [ 22.283978] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.284284] kthread+0x337/0x6f0 [ 22.284475] ret_from_fork+0x116/0x1d0 [ 22.284613] ret_from_fork_asm+0x1a/0x30 [ 22.284769] [ 22.284870] CPU: 1 UID: 0 PID: 349 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 22.285378] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.285515] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.286061] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 22.057871] ================================================================== [ 22.058354] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 22.058354] [ 22.058737] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#121): [ 22.059352] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 22.059597] kunit_try_run_case+0x1a5/0x480 [ 22.059814] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.060065] kthread+0x337/0x6f0 [ 22.060204] ret_from_fork+0x116/0x1d0 [ 22.060415] ret_from_fork_asm+0x1a/0x30 [ 22.060616] [ 22.060716] kfence-#121: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 22.060716] [ 22.061035] allocated by task 343 on cpu 0 at 22.057629s (0.003405s ago): [ 22.061447] test_alloc+0x364/0x10f0 [ 22.061579] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 22.061973] kunit_try_run_case+0x1a5/0x480 [ 22.062203] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.062384] kthread+0x337/0x6f0 [ 22.062523] ret_from_fork+0x116/0x1d0 [ 22.062718] ret_from_fork_asm+0x1a/0x30 [ 22.062920] [ 22.063019] freed by task 343 on cpu 0 at 22.057763s (0.005254s ago): [ 22.063399] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 22.063574] kunit_try_run_case+0x1a5/0x480 [ 22.063781] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.064034] kthread+0x337/0x6f0 [ 22.064265] ret_from_fork+0x116/0x1d0 [ 22.064407] ret_from_fork_asm+0x1a/0x30 [ 22.064547] [ 22.064670] CPU: 0 UID: 0 PID: 343 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 22.065167] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.065338] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.065630] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 21.953822] ================================================================== [ 21.954315] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 21.954315] [ 21.954743] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#120): [ 21.954985] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 21.955178] kunit_try_run_case+0x1a5/0x480 [ 21.955331] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.955508] kthread+0x337/0x6f0 [ 21.955634] ret_from_fork+0x116/0x1d0 [ 21.955850] ret_from_fork_asm+0x1a/0x30 [ 21.956057] [ 21.956178] kfence-#120: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 21.956178] [ 21.956582] allocated by task 341 on cpu 0 at 21.953607s (0.002973s ago): [ 21.956815] test_alloc+0x364/0x10f0 [ 21.956948] test_kmalloc_aligned_oob_read+0x105/0x560 [ 21.957151] kunit_try_run_case+0x1a5/0x480 [ 21.957366] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.957639] kthread+0x337/0x6f0 [ 21.957846] ret_from_fork+0x116/0x1d0 [ 21.958056] ret_from_fork_asm+0x1a/0x30 [ 21.958467] [ 21.958606] CPU: 0 UID: 0 PID: 341 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 21.958952] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.959092] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.959497] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 18.209693] ================================================================== [ 18.210089] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 18.210089] [ 18.210464] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#84): [ 18.211023] test_corruption+0x131/0x3e0 [ 18.211278] kunit_try_run_case+0x1a5/0x480 [ 18.211498] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.211703] kthread+0x337/0x6f0 [ 18.211882] ret_from_fork+0x116/0x1d0 [ 18.212046] ret_from_fork_asm+0x1a/0x30 [ 18.212202] [ 18.212295] kfence-#84: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.212295] [ 18.212694] allocated by task 331 on cpu 0 at 18.209584s (0.003109s ago): [ 18.213008] test_alloc+0x2a6/0x10f0 [ 18.213147] test_corruption+0xe6/0x3e0 [ 18.213319] kunit_try_run_case+0x1a5/0x480 [ 18.213614] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.213807] kthread+0x337/0x6f0 [ 18.213983] ret_from_fork+0x116/0x1d0 [ 18.214222] ret_from_fork_asm+0x1a/0x30 [ 18.214382] [ 18.214479] freed by task 331 on cpu 0 at 18.209620s (0.004857s ago): [ 18.214706] test_corruption+0x131/0x3e0 [ 18.214847] kunit_try_run_case+0x1a5/0x480 [ 18.215052] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.215328] kthread+0x337/0x6f0 [ 18.215502] ret_from_fork+0x116/0x1d0 [ 18.215669] ret_from_fork_asm+0x1a/0x30 [ 18.215809] [ 18.215906] CPU: 0 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 18.216732] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.216925] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.217277] ================================================================== [ 17.689838] ================================================================== [ 17.690236] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 17.690236] [ 17.691097] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#79): [ 17.691766] test_corruption+0x2d2/0x3e0 [ 17.691977] kunit_try_run_case+0x1a5/0x480 [ 17.692214] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.692491] kthread+0x337/0x6f0 [ 17.692674] ret_from_fork+0x116/0x1d0 [ 17.692842] ret_from_fork_asm+0x1a/0x30 [ 17.693033] [ 17.693130] kfence-#79: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.693130] [ 17.693526] allocated by task 329 on cpu 1 at 17.689602s (0.003922s ago): [ 17.693829] test_alloc+0x364/0x10f0 [ 17.694004] test_corruption+0xe6/0x3e0 [ 17.694792] kunit_try_run_case+0x1a5/0x480 [ 17.694973] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.695488] kthread+0x337/0x6f0 [ 17.695719] ret_from_fork+0x116/0x1d0 [ 17.695977] ret_from_fork_asm+0x1a/0x30 [ 17.696253] [ 17.696353] freed by task 329 on cpu 1 at 17.689687s (0.006663s ago): [ 17.696754] test_corruption+0x2d2/0x3e0 [ 17.696996] kunit_try_run_case+0x1a5/0x480 [ 17.697307] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.697628] kthread+0x337/0x6f0 [ 17.697769] ret_from_fork+0x116/0x1d0 [ 17.698033] ret_from_fork_asm+0x1a/0x30 [ 17.698298] [ 17.698576] CPU: 1 UID: 0 PID: 329 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.699102] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.699431] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.699857] ================================================================== [ 18.313746] ================================================================== [ 18.314137] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 18.314137] [ 18.314619] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#85): [ 18.314959] test_corruption+0x216/0x3e0 [ 18.315170] kunit_try_run_case+0x1a5/0x480 [ 18.315373] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.315708] kthread+0x337/0x6f0 [ 18.315855] ret_from_fork+0x116/0x1d0 [ 18.316036] ret_from_fork_asm+0x1a/0x30 [ 18.316220] [ 18.316294] kfence-#85: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.316294] [ 18.316912] allocated by task 331 on cpu 0 at 18.313626s (0.003284s ago): [ 18.317258] test_alloc+0x2a6/0x10f0 [ 18.317393] test_corruption+0x1cb/0x3e0 [ 18.317708] kunit_try_run_case+0x1a5/0x480 [ 18.317886] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.318061] kthread+0x337/0x6f0 [ 18.318197] ret_from_fork+0x116/0x1d0 [ 18.318528] ret_from_fork_asm+0x1a/0x30 [ 18.318734] [ 18.318830] freed by task 331 on cpu 0 at 18.313682s (0.005146s ago): [ 18.319146] test_corruption+0x216/0x3e0 [ 18.319368] kunit_try_run_case+0x1a5/0x480 [ 18.319529] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.319774] kthread+0x337/0x6f0 [ 18.319950] ret_from_fork+0x116/0x1d0 [ 18.320103] ret_from_fork_asm+0x1a/0x30 [ 18.320253] [ 18.320349] CPU: 0 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 18.320909] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.321052] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.321385] ================================================================== [ 18.002161] ================================================================== [ 18.002592] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 18.002592] [ 18.002883] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#82): [ 18.003456] test_corruption+0x2df/0x3e0 [ 18.003612] kunit_try_run_case+0x1a5/0x480 [ 18.003835] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.004102] kthread+0x337/0x6f0 [ 18.004300] ret_from_fork+0x116/0x1d0 [ 18.004473] ret_from_fork_asm+0x1a/0x30 [ 18.004650] [ 18.004726] kfence-#82: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.004726] [ 18.005138] allocated by task 329 on cpu 1 at 18.001900s (0.003236s ago): [ 18.005490] test_alloc+0x364/0x10f0 [ 18.005658] test_corruption+0x1cb/0x3e0 [ 18.005838] kunit_try_run_case+0x1a5/0x480 [ 18.006032] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.006218] kthread+0x337/0x6f0 [ 18.006383] ret_from_fork+0x116/0x1d0 [ 18.006640] ret_from_fork_asm+0x1a/0x30 [ 18.006817] [ 18.006891] freed by task 329 on cpu 1 at 18.001986s (0.004903s ago): [ 18.007284] test_corruption+0x2df/0x3e0 [ 18.007428] kunit_try_run_case+0x1a5/0x480 [ 18.007624] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.007881] kthread+0x337/0x6f0 [ 18.008054] ret_from_fork+0x116/0x1d0 [ 18.008277] ret_from_fork_asm+0x1a/0x30 [ 18.008476] [ 18.008595] CPU: 1 UID: 0 PID: 329 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 18.009011] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.009165] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.009471] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 17.585685] ================================================================== [ 17.586243] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 17.586243] [ 17.586611] Invalid free of 0x(____ptrval____) (in kfence-#78): [ 17.586915] test_invalid_addr_free+0xfb/0x260 [ 17.587146] kunit_try_run_case+0x1a5/0x480 [ 17.587382] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.587646] kthread+0x337/0x6f0 [ 17.587774] ret_from_fork+0x116/0x1d0 [ 17.587911] ret_from_fork_asm+0x1a/0x30 [ 17.588115] [ 17.588258] kfence-#78: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.588258] [ 17.588700] allocated by task 327 on cpu 0 at 17.585595s (0.003102s ago): [ 17.589029] test_alloc+0x2a6/0x10f0 [ 17.589177] test_invalid_addr_free+0xdb/0x260 [ 17.589404] kunit_try_run_case+0x1a5/0x480 [ 17.589642] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.589932] kthread+0x337/0x6f0 [ 17.590097] ret_from_fork+0x116/0x1d0 [ 17.590326] ret_from_fork_asm+0x1a/0x30 [ 17.590526] [ 17.590647] CPU: 0 UID: 0 PID: 327 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.591042] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.591392] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.591736] ================================================================== [ 17.481727] ================================================================== [ 17.482110] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 17.482110] [ 17.482563] Invalid free of 0x(____ptrval____) (in kfence-#77): [ 17.483115] test_invalid_addr_free+0x1e1/0x260 [ 17.483374] kunit_try_run_case+0x1a5/0x480 [ 17.483630] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.483880] kthread+0x337/0x6f0 [ 17.484081] ret_from_fork+0x116/0x1d0 [ 17.484335] ret_from_fork_asm+0x1a/0x30 [ 17.484485] [ 17.484587] kfence-#77: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.484587] [ 17.485097] allocated by task 325 on cpu 0 at 17.481624s (0.003471s ago): [ 17.485452] test_alloc+0x364/0x10f0 [ 17.485760] test_invalid_addr_free+0xdb/0x260 [ 17.485974] kunit_try_run_case+0x1a5/0x480 [ 17.486297] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.486563] kthread+0x337/0x6f0 [ 17.486721] ret_from_fork+0x116/0x1d0 [ 17.486922] ret_from_fork_asm+0x1a/0x30 [ 17.487147] [ 17.487283] CPU: 0 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.487793] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.488023] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.488554] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 17.273842] ================================================================== [ 17.274281] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 17.274281] [ 17.274706] Invalid free of 0x(____ptrval____) (in kfence-#75): [ 17.274968] test_double_free+0x1d3/0x260 [ 17.275199] kunit_try_run_case+0x1a5/0x480 [ 17.275390] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.275605] kthread+0x337/0x6f0 [ 17.275778] ret_from_fork+0x116/0x1d0 [ 17.275969] ret_from_fork_asm+0x1a/0x30 [ 17.276178] [ 17.276268] kfence-#75: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.276268] [ 17.276587] allocated by task 321 on cpu 1 at 17.273594s (0.002991s ago): [ 17.276902] test_alloc+0x364/0x10f0 [ 17.277089] test_double_free+0xdb/0x260 [ 17.277257] kunit_try_run_case+0x1a5/0x480 [ 17.277571] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.277966] kthread+0x337/0x6f0 [ 17.278137] ret_from_fork+0x116/0x1d0 [ 17.278275] ret_from_fork_asm+0x1a/0x30 [ 17.278474] [ 17.279093] freed by task 321 on cpu 1 at 17.273652s (0.005439s ago): [ 17.279536] test_double_free+0x1e0/0x260 [ 17.279927] kunit_try_run_case+0x1a5/0x480 [ 17.280154] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.280538] kthread+0x337/0x6f0 [ 17.280713] ret_from_fork+0x116/0x1d0 [ 17.281006] ret_from_fork_asm+0x1a/0x30 [ 17.281215] [ 17.281323] CPU: 1 UID: 0 PID: 321 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.281793] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.281980] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.282628] ================================================================== [ 17.377852] ================================================================== [ 17.378278] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 17.378278] [ 17.378681] Invalid free of 0x(____ptrval____) (in kfence-#76): [ 17.378954] test_double_free+0x112/0x260 [ 17.379139] kunit_try_run_case+0x1a5/0x480 [ 17.379473] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.379656] kthread+0x337/0x6f0 [ 17.379856] ret_from_fork+0x116/0x1d0 [ 17.380048] ret_from_fork_asm+0x1a/0x30 [ 17.380315] [ 17.380405] kfence-#76: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.380405] [ 17.380784] allocated by task 323 on cpu 0 at 17.377698s (0.003085s ago): [ 17.381116] test_alloc+0x2a6/0x10f0 [ 17.381309] test_double_free+0xdb/0x260 [ 17.381496] kunit_try_run_case+0x1a5/0x480 [ 17.381709] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.381978] kthread+0x337/0x6f0 [ 17.382162] ret_from_fork+0x116/0x1d0 [ 17.382369] ret_from_fork_asm+0x1a/0x30 [ 17.382569] [ 17.382653] freed by task 323 on cpu 0 at 17.377748s (0.004902s ago): [ 17.382899] test_double_free+0xfa/0x260 [ 17.383135] kunit_try_run_case+0x1a5/0x480 [ 17.383336] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.383593] kthread+0x337/0x6f0 [ 17.383762] ret_from_fork+0x116/0x1d0 [ 17.383943] ret_from_fork_asm+0x1a/0x30 [ 17.384195] [ 17.384300] CPU: 0 UID: 0 PID: 323 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.384682] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.384830] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.385402] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 16.857882] ================================================================== [ 16.858369] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 16.858369] [ 16.858812] Use-after-free read at 0x(____ptrval____) (in kfence-#71): [ 16.859414] test_use_after_free_read+0x129/0x270 [ 16.859692] kunit_try_run_case+0x1a5/0x480 [ 16.859904] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.860472] kthread+0x337/0x6f0 [ 16.860659] ret_from_fork+0x116/0x1d0 [ 16.860817] ret_from_fork_asm+0x1a/0x30 [ 16.861099] [ 16.861278] kfence-#71: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.861278] [ 16.861679] allocated by task 313 on cpu 1 at 16.857677s (0.004000s ago): [ 16.861977] test_alloc+0x364/0x10f0 [ 16.862450] test_use_after_free_read+0xdc/0x270 [ 16.862750] kunit_try_run_case+0x1a5/0x480 [ 16.863034] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.863367] kthread+0x337/0x6f0 [ 16.863602] ret_from_fork+0x116/0x1d0 [ 16.863761] ret_from_fork_asm+0x1a/0x30 [ 16.864105] [ 16.864476] freed by task 313 on cpu 1 at 16.857727s (0.006543s ago): [ 16.864823] test_use_after_free_read+0x1e7/0x270 [ 16.865173] kunit_try_run_case+0x1a5/0x480 [ 16.865384] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.865616] kthread+0x337/0x6f0 [ 16.865784] ret_from_fork+0x116/0x1d0 [ 16.865959] ret_from_fork_asm+0x1a/0x30 [ 16.866436] [ 16.866573] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.867093] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.867363] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.867890] ================================================================== [ 16.961739] ================================================================== [ 16.962152] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 16.962152] [ 16.962559] Use-after-free read at 0x(____ptrval____) (in kfence-#72): [ 16.963251] test_use_after_free_read+0x129/0x270 [ 16.963470] kunit_try_run_case+0x1a5/0x480 [ 16.963681] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.963910] kthread+0x337/0x6f0 [ 16.964087] ret_from_fork+0x116/0x1d0 [ 16.964293] ret_from_fork_asm+0x1a/0x30 [ 16.964915] [ 16.964999] kfence-#72: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.964999] [ 16.965703] allocated by task 315 on cpu 1 at 16.961614s (0.004086s ago): [ 16.966155] test_alloc+0x2a6/0x10f0 [ 16.966436] test_use_after_free_read+0xdc/0x270 [ 16.966628] kunit_try_run_case+0x1a5/0x480 [ 16.966949] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.967347] kthread+0x337/0x6f0 [ 16.967510] ret_from_fork+0x116/0x1d0 [ 16.967680] ret_from_fork_asm+0x1a/0x30 [ 16.967864] [ 16.967948] freed by task 315 on cpu 1 at 16.961672s (0.006274s ago): [ 16.968541] test_use_after_free_read+0xfb/0x270 [ 16.968753] kunit_try_run_case+0x1a5/0x480 [ 16.969018] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.969275] kthread+0x337/0x6f0 [ 16.969574] ret_from_fork+0x116/0x1d0 [ 16.969735] ret_from_fork_asm+0x1a/0x30 [ 16.970091] [ 16.970325] CPU: 1 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.970883] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.971173] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.971532] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 16.753676] ================================================================== [ 16.754064] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 16.754064] [ 16.754518] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#70): [ 16.754821] test_out_of_bounds_write+0x10d/0x260 [ 16.755065] kunit_try_run_case+0x1a5/0x480 [ 16.755301] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.755482] kthread+0x337/0x6f0 [ 16.755660] ret_from_fork+0x116/0x1d0 [ 16.755858] ret_from_fork_asm+0x1a/0x30 [ 16.756065] [ 16.756183] kfence-#70: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.756183] [ 16.756578] allocated by task 311 on cpu 0 at 16.753617s (0.002959s ago): [ 16.756861] test_alloc+0x2a6/0x10f0 [ 16.757009] test_out_of_bounds_write+0xd4/0x260 [ 16.757273] kunit_try_run_case+0x1a5/0x480 [ 16.757429] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.757687] kthread+0x337/0x6f0 [ 16.757821] ret_from_fork+0x116/0x1d0 [ 16.757955] ret_from_fork_asm+0x1a/0x30 [ 16.758132] [ 16.758254] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.758771] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.758911] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.759618] ================================================================== [ 16.649675] ================================================================== [ 16.650074] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 16.650074] [ 16.650734] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#69): [ 16.651061] test_out_of_bounds_write+0x10d/0x260 [ 16.651369] kunit_try_run_case+0x1a5/0x480 [ 16.651582] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.651889] kthread+0x337/0x6f0 [ 16.652062] ret_from_fork+0x116/0x1d0 [ 16.652233] ret_from_fork_asm+0x1a/0x30 [ 16.652593] [ 16.652710] kfence-#69: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.652710] [ 16.653073] allocated by task 309 on cpu 1 at 16.649550s (0.003521s ago): [ 16.653694] test_alloc+0x364/0x10f0 [ 16.653857] test_out_of_bounds_write+0xd4/0x260 [ 16.654066] kunit_try_run_case+0x1a5/0x480 [ 16.654731] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.655014] kthread+0x337/0x6f0 [ 16.655414] ret_from_fork+0x116/0x1d0 [ 16.655652] ret_from_fork_asm+0x1a/0x30 [ 16.655970] [ 16.656080] CPU: 1 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.656658] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.656820] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.657223] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 16.233670] ================================================================== [ 16.234048] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 16.234048] [ 16.234566] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#65): [ 16.234842] test_out_of_bounds_read+0x126/0x4e0 [ 16.235041] kunit_try_run_case+0x1a5/0x480 [ 16.235417] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.235672] kthread+0x337/0x6f0 [ 16.235852] ret_from_fork+0x116/0x1d0 [ 16.236029] ret_from_fork_asm+0x1a/0x30 [ 16.236182] [ 16.236282] kfence-#65: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.236282] [ 16.236758] allocated by task 307 on cpu 1 at 16.233606s (0.003150s ago): [ 16.237057] test_alloc+0x2a6/0x10f0 [ 16.237355] test_out_of_bounds_read+0xed/0x4e0 [ 16.237570] kunit_try_run_case+0x1a5/0x480 [ 16.237795] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.238048] kthread+0x337/0x6f0 [ 16.238212] ret_from_fork+0x116/0x1d0 [ 16.238342] ret_from_fork_asm+0x1a/0x30 [ 16.238725] [ 16.238910] CPU: 1 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.239383] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.239611] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.239948] ================================================================== [ 15.922678] ================================================================== [ 15.923250] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 15.923250] [ 15.923751] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#62): [ 15.924146] test_out_of_bounds_read+0x126/0x4e0 [ 15.924399] kunit_try_run_case+0x1a5/0x480 [ 15.924608] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.924843] kthread+0x337/0x6f0 [ 15.925027] ret_from_fork+0x116/0x1d0 [ 15.925923] ret_from_fork_asm+0x1a/0x30 [ 15.926108] [ 15.926506] kfence-#62: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 15.926506] [ 15.927031] allocated by task 305 on cpu 0 at 15.921623s (0.005350s ago): [ 15.927980] test_alloc+0x364/0x10f0 [ 15.928250] test_out_of_bounds_read+0xed/0x4e0 [ 15.928585] kunit_try_run_case+0x1a5/0x480 [ 15.928877] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.929239] kthread+0x337/0x6f0 [ 15.929505] ret_from_fork+0x116/0x1d0 [ 15.929808] ret_from_fork_asm+0x1a/0x30 [ 15.930187] [ 15.930359] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.930930] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.931243] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.931655] ================================================================== [ 16.129651] ================================================================== [ 16.130045] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 16.130045] [ 16.130537] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#64): [ 16.131357] test_out_of_bounds_read+0x216/0x4e0 [ 16.131549] kunit_try_run_case+0x1a5/0x480 [ 16.131909] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.132178] kthread+0x337/0x6f0 [ 16.132480] ret_from_fork+0x116/0x1d0 [ 16.132731] ret_from_fork_asm+0x1a/0x30 [ 16.132909] [ 16.133074] kfence-#64: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.133074] [ 16.133622] allocated by task 305 on cpu 0 at 16.129496s (0.004124s ago): [ 16.134011] test_alloc+0x364/0x10f0 [ 16.134312] test_out_of_bounds_read+0x1e2/0x4e0 [ 16.134504] kunit_try_run_case+0x1a5/0x480 [ 16.134705] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.134939] kthread+0x337/0x6f0 [ 16.135098] ret_from_fork+0x116/0x1d0 [ 16.135550] ret_from_fork_asm+0x1a/0x30 [ 16.135852] [ 16.135972] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.136628] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.136915] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.137429] ================================================================== [ 16.337681] ================================================================== [ 16.338061] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 16.338061] [ 16.338566] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#66): [ 16.338835] test_out_of_bounds_read+0x216/0x4e0 [ 16.339070] kunit_try_run_case+0x1a5/0x480 [ 16.339233] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.339483] kthread+0x337/0x6f0 [ 16.339663] ret_from_fork+0x116/0x1d0 [ 16.339857] ret_from_fork_asm+0x1a/0x30 [ 16.340040] [ 16.340114] kfence-#66: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.340114] [ 16.340620] allocated by task 307 on cpu 1 at 16.337628s (0.002990s ago): [ 16.340849] test_alloc+0x2a6/0x10f0 [ 16.341026] test_out_of_bounds_read+0x1e2/0x4e0 [ 16.341432] kunit_try_run_case+0x1a5/0x480 [ 16.341650] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.341846] kthread+0x337/0x6f0 [ 16.341985] ret_from_fork+0x116/0x1d0 [ 16.342183] ret_from_fork_asm+0x1a/0x30 [ 16.342493] [ 16.342618] CPU: 1 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.343111] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.343319] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.343666] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 15.741162] ================================================================== [ 15.741961] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 15.742553] Write of size 1 at addr ffff8881039bf778 by task kunit_try_catch/303 [ 15.742878] [ 15.742987] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.743032] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.743046] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.743068] Call Trace: [ 15.743084] <TASK> [ 15.743100] dump_stack_lvl+0x73/0xb0 [ 15.743334] print_report+0xd1/0x650 [ 15.743367] ? __virt_addr_valid+0x1db/0x2d0 [ 15.743393] ? strncpy_from_user+0x1a5/0x1d0 [ 15.743418] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.743442] ? strncpy_from_user+0x1a5/0x1d0 [ 15.743691] kasan_report+0x141/0x180 [ 15.743724] ? strncpy_from_user+0x1a5/0x1d0 [ 15.743754] __asan_report_store1_noabort+0x1b/0x30 [ 15.743777] strncpy_from_user+0x1a5/0x1d0 [ 15.743802] copy_user_test_oob+0x760/0x10f0 [ 15.743830] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.743855] ? finish_task_switch.isra.0+0x153/0x700 [ 15.743878] ? __switch_to+0x47/0xf50 [ 15.743906] ? __schedule+0x10cc/0x2b60 [ 15.743928] ? __pfx_read_tsc+0x10/0x10 [ 15.743950] ? ktime_get_ts64+0x86/0x230 [ 15.743975] kunit_try_run_case+0x1a5/0x480 [ 15.744000] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.744024] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.744047] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.744071] ? __kthread_parkme+0x82/0x180 [ 15.744092] ? preempt_count_sub+0x50/0x80 [ 15.744117] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.744154] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.744178] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.744216] kthread+0x337/0x6f0 [ 15.744237] ? trace_preempt_on+0x20/0xc0 [ 15.744260] ? __pfx_kthread+0x10/0x10 [ 15.744283] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.744304] ? calculate_sigpending+0x7b/0xa0 [ 15.744329] ? __pfx_kthread+0x10/0x10 [ 15.744350] ret_from_fork+0x116/0x1d0 [ 15.744369] ? __pfx_kthread+0x10/0x10 [ 15.744389] ret_from_fork_asm+0x1a/0x30 [ 15.744421] </TASK> [ 15.744432] [ 15.755688] Allocated by task 303: [ 15.755868] kasan_save_stack+0x45/0x70 [ 15.756073] kasan_save_track+0x18/0x40 [ 15.756365] kasan_save_alloc_info+0x3b/0x50 [ 15.756567] __kasan_kmalloc+0xb7/0xc0 [ 15.756742] __kmalloc_noprof+0x1c9/0x500 [ 15.756932] kunit_kmalloc_array+0x25/0x60 [ 15.757595] copy_user_test_oob+0xab/0x10f0 [ 15.757876] kunit_try_run_case+0x1a5/0x480 [ 15.758224] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.758872] kthread+0x337/0x6f0 [ 15.759428] ret_from_fork+0x116/0x1d0 [ 15.760025] ret_from_fork_asm+0x1a/0x30 [ 15.760727] [ 15.760972] The buggy address belongs to the object at ffff8881039bf700 [ 15.760972] which belongs to the cache kmalloc-128 of size 128 [ 15.762306] The buggy address is located 0 bytes to the right of [ 15.762306] allocated 120-byte region [ffff8881039bf700, ffff8881039bf778) [ 15.763001] [ 15.763087] The buggy address belongs to the physical page: [ 15.763330] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bf [ 15.763621] flags: 0x200000000000000(node=0|zone=2) [ 15.763865] page_type: f5(slab) [ 15.763997] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.764364] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.764600] page dumped because: kasan: bad access detected [ 15.764856] [ 15.764953] Memory state around the buggy address: [ 15.765247] ffff8881039bf600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.765536] ffff8881039bf680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.765789] >ffff8881039bf700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.766114] ^ [ 15.766388] ffff8881039bf780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.766708] ffff8881039bf800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.767004] ================================================================== [ 15.714119] ================================================================== [ 15.714680] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 15.715233] Write of size 121 at addr ffff8881039bf700 by task kunit_try_catch/303 [ 15.715939] [ 15.716051] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.716207] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.716222] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.716245] Call Trace: [ 15.716261] <TASK> [ 15.716277] dump_stack_lvl+0x73/0xb0 [ 15.716339] print_report+0xd1/0x650 [ 15.716367] ? __virt_addr_valid+0x1db/0x2d0 [ 15.716392] ? strncpy_from_user+0x2e/0x1d0 [ 15.716416] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.716440] ? strncpy_from_user+0x2e/0x1d0 [ 15.716463] kasan_report+0x141/0x180 [ 15.716485] ? strncpy_from_user+0x2e/0x1d0 [ 15.716513] kasan_check_range+0x10c/0x1c0 [ 15.716537] __kasan_check_write+0x18/0x20 [ 15.716558] strncpy_from_user+0x2e/0x1d0 [ 15.716580] ? __kasan_check_read+0x15/0x20 [ 15.716602] copy_user_test_oob+0x760/0x10f0 [ 15.716630] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.716653] ? finish_task_switch.isra.0+0x153/0x700 [ 15.716677] ? __switch_to+0x47/0xf50 [ 15.716702] ? __schedule+0x10cc/0x2b60 [ 15.716725] ? __pfx_read_tsc+0x10/0x10 [ 15.716746] ? ktime_get_ts64+0x86/0x230 [ 15.716770] kunit_try_run_case+0x1a5/0x480 [ 15.716795] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.716818] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.716841] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.716866] ? __kthread_parkme+0x82/0x180 [ 15.716887] ? preempt_count_sub+0x50/0x80 [ 15.716911] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.716935] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.716958] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.716982] kthread+0x337/0x6f0 [ 15.717002] ? trace_preempt_on+0x20/0xc0 [ 15.717026] ? __pfx_kthread+0x10/0x10 [ 15.717047] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.717069] ? calculate_sigpending+0x7b/0xa0 [ 15.717093] ? __pfx_kthread+0x10/0x10 [ 15.717116] ret_from_fork+0x116/0x1d0 [ 15.717156] ? __pfx_kthread+0x10/0x10 [ 15.717177] ret_from_fork_asm+0x1a/0x30 [ 15.717207] </TASK> [ 15.717219] [ 15.728631] Allocated by task 303: [ 15.728826] kasan_save_stack+0x45/0x70 [ 15.729021] kasan_save_track+0x18/0x40 [ 15.729534] kasan_save_alloc_info+0x3b/0x50 [ 15.729796] __kasan_kmalloc+0xb7/0xc0 [ 15.730089] __kmalloc_noprof+0x1c9/0x500 [ 15.730479] kunit_kmalloc_array+0x25/0x60 [ 15.730802] copy_user_test_oob+0xab/0x10f0 [ 15.731015] kunit_try_run_case+0x1a5/0x480 [ 15.731483] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.731762] kthread+0x337/0x6f0 [ 15.732038] ret_from_fork+0x116/0x1d0 [ 15.732383] ret_from_fork_asm+0x1a/0x30 [ 15.732574] [ 15.732666] The buggy address belongs to the object at ffff8881039bf700 [ 15.732666] which belongs to the cache kmalloc-128 of size 128 [ 15.733431] The buggy address is located 0 bytes inside of [ 15.733431] allocated 120-byte region [ffff8881039bf700, ffff8881039bf778) [ 15.734164] [ 15.734436] The buggy address belongs to the physical page: [ 15.734730] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bf [ 15.735349] flags: 0x200000000000000(node=0|zone=2) [ 15.735649] page_type: f5(slab) [ 15.735927] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.736446] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.736883] page dumped because: kasan: bad access detected [ 15.737296] [ 15.737400] Memory state around the buggy address: [ 15.737833] ffff8881039bf600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.738280] ffff8881039bf680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.738662] >ffff8881039bf700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.738961] ^ [ 15.739458] ffff8881039bf780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.739943] ffff8881039bf800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.740459] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 15.685646] ================================================================== [ 15.686293] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 15.686933] Read of size 121 at addr ffff8881039bf700 by task kunit_try_catch/303 [ 15.687539] [ 15.687630] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.687676] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.687689] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.687711] Call Trace: [ 15.687728] <TASK> [ 15.687747] dump_stack_lvl+0x73/0xb0 [ 15.687774] print_report+0xd1/0x650 [ 15.687799] ? __virt_addr_valid+0x1db/0x2d0 [ 15.687824] ? copy_user_test_oob+0x604/0x10f0 [ 15.687851] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.687875] ? copy_user_test_oob+0x604/0x10f0 [ 15.687900] kasan_report+0x141/0x180 [ 15.687923] ? copy_user_test_oob+0x604/0x10f0 [ 15.687951] kasan_check_range+0x10c/0x1c0 [ 15.687975] __kasan_check_read+0x15/0x20 [ 15.687996] copy_user_test_oob+0x604/0x10f0 [ 15.688022] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.688045] ? finish_task_switch.isra.0+0x153/0x700 [ 15.688068] ? __switch_to+0x47/0xf50 [ 15.688093] ? __schedule+0x10cc/0x2b60 [ 15.688143] ? __pfx_read_tsc+0x10/0x10 [ 15.688178] ? ktime_get_ts64+0x86/0x230 [ 15.688203] kunit_try_run_case+0x1a5/0x480 [ 15.688228] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.688250] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.688274] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.688299] ? __kthread_parkme+0x82/0x180 [ 15.688321] ? preempt_count_sub+0x50/0x80 [ 15.688344] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.688370] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.688396] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.688420] kthread+0x337/0x6f0 [ 15.688440] ? trace_preempt_on+0x20/0xc0 [ 15.688464] ? __pfx_kthread+0x10/0x10 [ 15.688486] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.688507] ? calculate_sigpending+0x7b/0xa0 [ 15.688531] ? __pfx_kthread+0x10/0x10 [ 15.688555] ret_from_fork+0x116/0x1d0 [ 15.688575] ? __pfx_kthread+0x10/0x10 [ 15.688596] ret_from_fork_asm+0x1a/0x30 [ 15.688628] </TASK> [ 15.688640] [ 15.700036] Allocated by task 303: [ 15.700555] kasan_save_stack+0x45/0x70 [ 15.700828] kasan_save_track+0x18/0x40 [ 15.701114] kasan_save_alloc_info+0x3b/0x50 [ 15.701461] __kasan_kmalloc+0xb7/0xc0 [ 15.701645] __kmalloc_noprof+0x1c9/0x500 [ 15.701831] kunit_kmalloc_array+0x25/0x60 [ 15.702024] copy_user_test_oob+0xab/0x10f0 [ 15.702463] kunit_try_run_case+0x1a5/0x480 [ 15.702862] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.703324] kthread+0x337/0x6f0 [ 15.703625] ret_from_fork+0x116/0x1d0 [ 15.703917] ret_from_fork_asm+0x1a/0x30 [ 15.704275] [ 15.704370] The buggy address belongs to the object at ffff8881039bf700 [ 15.704370] which belongs to the cache kmalloc-128 of size 128 [ 15.704856] The buggy address is located 0 bytes inside of [ 15.704856] allocated 120-byte region [ffff8881039bf700, ffff8881039bf778) [ 15.705793] [ 15.706026] The buggy address belongs to the physical page: [ 15.706499] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bf [ 15.706960] flags: 0x200000000000000(node=0|zone=2) [ 15.707459] page_type: f5(slab) [ 15.707702] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.708240] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.708740] page dumped because: kasan: bad access detected [ 15.708982] [ 15.709073] Memory state around the buggy address: [ 15.709747] ffff8881039bf600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.710229] ffff8881039bf680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.710734] >ffff8881039bf700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.711336] ^ [ 15.711753] ffff8881039bf780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.712046] ffff8881039bf800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.712649] ================================================================== [ 15.642459] ================================================================== [ 15.642728] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 15.643044] Read of size 121 at addr ffff8881039bf700 by task kunit_try_catch/303 [ 15.643409] [ 15.643493] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.643535] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.643548] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.643571] Call Trace: [ 15.643587] <TASK> [ 15.643619] dump_stack_lvl+0x73/0xb0 [ 15.643645] print_report+0xd1/0x650 [ 15.643668] ? __virt_addr_valid+0x1db/0x2d0 [ 15.643692] ? copy_user_test_oob+0x4aa/0x10f0 [ 15.643717] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.643741] ? copy_user_test_oob+0x4aa/0x10f0 [ 15.643765] kasan_report+0x141/0x180 [ 15.643788] ? copy_user_test_oob+0x4aa/0x10f0 [ 15.643817] kasan_check_range+0x10c/0x1c0 [ 15.643841] __kasan_check_read+0x15/0x20 [ 15.643861] copy_user_test_oob+0x4aa/0x10f0 [ 15.643888] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.643911] ? finish_task_switch.isra.0+0x153/0x700 [ 15.643933] ? __switch_to+0x47/0xf50 [ 15.643958] ? __schedule+0x10cc/0x2b60 [ 15.643980] ? __pfx_read_tsc+0x10/0x10 [ 15.644002] ? ktime_get_ts64+0x86/0x230 [ 15.644027] kunit_try_run_case+0x1a5/0x480 [ 15.644052] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.644075] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.644099] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.644132] ? __kthread_parkme+0x82/0x180 [ 15.644156] ? preempt_count_sub+0x50/0x80 [ 15.644180] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.644205] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.644229] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.644253] kthread+0x337/0x6f0 [ 15.644272] ? trace_preempt_on+0x20/0xc0 [ 15.644296] ? __pfx_kthread+0x10/0x10 [ 15.644318] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.644339] ? calculate_sigpending+0x7b/0xa0 [ 15.644363] ? __pfx_kthread+0x10/0x10 [ 15.644385] ret_from_fork+0x116/0x1d0 [ 15.644404] ? __pfx_kthread+0x10/0x10 [ 15.644426] ret_from_fork_asm+0x1a/0x30 [ 15.644456] </TASK> [ 15.644468] [ 15.651337] Allocated by task 303: [ 15.651514] kasan_save_stack+0x45/0x70 [ 15.651718] kasan_save_track+0x18/0x40 [ 15.651915] kasan_save_alloc_info+0x3b/0x50 [ 15.652153] __kasan_kmalloc+0xb7/0xc0 [ 15.652538] __kmalloc_noprof+0x1c9/0x500 [ 15.652744] kunit_kmalloc_array+0x25/0x60 [ 15.652958] copy_user_test_oob+0xab/0x10f0 [ 15.653106] kunit_try_run_case+0x1a5/0x480 [ 15.653335] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.653562] kthread+0x337/0x6f0 [ 15.653695] ret_from_fork+0x116/0x1d0 [ 15.653830] ret_from_fork_asm+0x1a/0x30 [ 15.653969] [ 15.654040] The buggy address belongs to the object at ffff8881039bf700 [ 15.654040] which belongs to the cache kmalloc-128 of size 128 [ 15.654562] The buggy address is located 0 bytes inside of [ 15.654562] allocated 120-byte region [ffff8881039bf700, ffff8881039bf778) [ 15.655160] [ 15.655258] The buggy address belongs to the physical page: [ 15.655453] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bf [ 15.655694] flags: 0x200000000000000(node=0|zone=2) [ 15.655855] page_type: f5(slab) [ 15.656019] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.656716] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.657077] page dumped because: kasan: bad access detected [ 15.657306] [ 15.657374] Memory state around the buggy address: [ 15.657524] ffff8881039bf600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.657768] ffff8881039bf680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.658079] >ffff8881039bf700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.658394] ^ [ 15.658822] ffff8881039bf780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.659102] ffff8881039bf800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.659440] ================================================================== [ 15.624588] ================================================================== [ 15.624918] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 15.625258] Write of size 121 at addr ffff8881039bf700 by task kunit_try_catch/303 [ 15.625572] [ 15.625672] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.625714] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.625727] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.625749] Call Trace: [ 15.625762] <TASK> [ 15.625776] dump_stack_lvl+0x73/0xb0 [ 15.625803] print_report+0xd1/0x650 [ 15.625830] ? __virt_addr_valid+0x1db/0x2d0 [ 15.625854] ? copy_user_test_oob+0x3fd/0x10f0 [ 15.625878] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.625902] ? copy_user_test_oob+0x3fd/0x10f0 [ 15.625926] kasan_report+0x141/0x180 [ 15.625949] ? copy_user_test_oob+0x3fd/0x10f0 [ 15.625977] kasan_check_range+0x10c/0x1c0 [ 15.626001] __kasan_check_write+0x18/0x20 [ 15.626021] copy_user_test_oob+0x3fd/0x10f0 [ 15.626047] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.626070] ? finish_task_switch.isra.0+0x153/0x700 [ 15.626094] ? __switch_to+0x47/0xf50 [ 15.626130] ? __schedule+0x10cc/0x2b60 [ 15.626153] ? __pfx_read_tsc+0x10/0x10 [ 15.626174] ? ktime_get_ts64+0x86/0x230 [ 15.626198] kunit_try_run_case+0x1a5/0x480 [ 15.626223] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.626247] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.626270] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.626293] ? __kthread_parkme+0x82/0x180 [ 15.626313] ? preempt_count_sub+0x50/0x80 [ 15.626337] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.626361] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.626384] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.626408] kthread+0x337/0x6f0 [ 15.626428] ? trace_preempt_on+0x20/0xc0 [ 15.626453] ? __pfx_kthread+0x10/0x10 [ 15.626474] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.626495] ? calculate_sigpending+0x7b/0xa0 [ 15.626526] ? __pfx_kthread+0x10/0x10 [ 15.626548] ret_from_fork+0x116/0x1d0 [ 15.626566] ? __pfx_kthread+0x10/0x10 [ 15.626588] ret_from_fork_asm+0x1a/0x30 [ 15.626618] </TASK> [ 15.626629] [ 15.634154] Allocated by task 303: [ 15.634338] kasan_save_stack+0x45/0x70 [ 15.634551] kasan_save_track+0x18/0x40 [ 15.634744] kasan_save_alloc_info+0x3b/0x50 [ 15.635052] __kasan_kmalloc+0xb7/0xc0 [ 15.635315] __kmalloc_noprof+0x1c9/0x500 [ 15.635480] kunit_kmalloc_array+0x25/0x60 [ 15.635666] copy_user_test_oob+0xab/0x10f0 [ 15.635817] kunit_try_run_case+0x1a5/0x480 [ 15.636007] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.636253] kthread+0x337/0x6f0 [ 15.636390] ret_from_fork+0x116/0x1d0 [ 15.636527] ret_from_fork_asm+0x1a/0x30 [ 15.636670] [ 15.636742] The buggy address belongs to the object at ffff8881039bf700 [ 15.636742] which belongs to the cache kmalloc-128 of size 128 [ 15.637262] The buggy address is located 0 bytes inside of [ 15.637262] allocated 120-byte region [ffff8881039bf700, ffff8881039bf778) [ 15.637773] [ 15.637848] The buggy address belongs to the physical page: [ 15.638020] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bf [ 15.638528] flags: 0x200000000000000(node=0|zone=2) [ 15.638768] page_type: f5(slab) [ 15.638947] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.639293] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.639524] page dumped because: kasan: bad access detected [ 15.639738] [ 15.639833] Memory state around the buggy address: [ 15.640059] ffff8881039bf600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.640482] ffff8881039bf680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.640739] >ffff8881039bf700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.640956] ^ [ 15.641201] ffff8881039bf780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.641528] ffff8881039bf800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.641851] ================================================================== [ 15.659901] ================================================================== [ 15.660173] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 15.660982] Write of size 121 at addr ffff8881039bf700 by task kunit_try_catch/303 [ 15.661379] [ 15.661471] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.661514] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.661527] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.661549] Call Trace: [ 15.661563] <TASK> [ 15.661576] dump_stack_lvl+0x73/0xb0 [ 15.661603] print_report+0xd1/0x650 [ 15.661627] ? __virt_addr_valid+0x1db/0x2d0 [ 15.661650] ? copy_user_test_oob+0x557/0x10f0 [ 15.661675] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.661699] ? copy_user_test_oob+0x557/0x10f0 [ 15.661723] kasan_report+0x141/0x180 [ 15.661745] ? copy_user_test_oob+0x557/0x10f0 [ 15.661774] kasan_check_range+0x10c/0x1c0 [ 15.661798] __kasan_check_write+0x18/0x20 [ 15.661819] copy_user_test_oob+0x557/0x10f0 [ 15.661846] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.661870] ? finish_task_switch.isra.0+0x153/0x700 [ 15.661892] ? __switch_to+0x47/0xf50 [ 15.661919] ? __schedule+0x10cc/0x2b60 [ 15.661940] ? __pfx_read_tsc+0x10/0x10 [ 15.661962] ? ktime_get_ts64+0x86/0x230 [ 15.661987] kunit_try_run_case+0x1a5/0x480 [ 15.662011] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.662035] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.662058] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.662081] ? __kthread_parkme+0x82/0x180 [ 15.662103] ? preempt_count_sub+0x50/0x80 [ 15.662138] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.662164] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.662187] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.662211] kthread+0x337/0x6f0 [ 15.662231] ? trace_preempt_on+0x20/0xc0 [ 15.662256] ? __pfx_kthread+0x10/0x10 [ 15.662277] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.662298] ? calculate_sigpending+0x7b/0xa0 [ 15.662323] ? __pfx_kthread+0x10/0x10 [ 15.662345] ret_from_fork+0x116/0x1d0 [ 15.662364] ? __pfx_kthread+0x10/0x10 [ 15.662386] ret_from_fork_asm+0x1a/0x30 [ 15.662417] </TASK> [ 15.662430] [ 15.672222] Allocated by task 303: [ 15.672552] kasan_save_stack+0x45/0x70 [ 15.672908] kasan_save_track+0x18/0x40 [ 15.673280] kasan_save_alloc_info+0x3b/0x50 [ 15.673664] __kasan_kmalloc+0xb7/0xc0 [ 15.674009] __kmalloc_noprof+0x1c9/0x500 [ 15.674410] kunit_kmalloc_array+0x25/0x60 [ 15.674789] copy_user_test_oob+0xab/0x10f0 [ 15.675198] kunit_try_run_case+0x1a5/0x480 [ 15.675582] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.676051] kthread+0x337/0x6f0 [ 15.676386] ret_from_fork+0x116/0x1d0 [ 15.676723] ret_from_fork_asm+0x1a/0x30 [ 15.677074] [ 15.677261] The buggy address belongs to the object at ffff8881039bf700 [ 15.677261] which belongs to the cache kmalloc-128 of size 128 [ 15.677637] The buggy address is located 0 bytes inside of [ 15.677637] allocated 120-byte region [ffff8881039bf700, ffff8881039bf778) [ 15.677994] [ 15.678070] The buggy address belongs to the physical page: [ 15.678515] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bf [ 15.679203] flags: 0x200000000000000(node=0|zone=2) [ 15.679649] page_type: f5(slab) [ 15.679940] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.680611] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.681280] page dumped because: kasan: bad access detected [ 15.681754] [ 15.681921] Memory state around the buggy address: [ 15.682358] ffff8881039bf600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.682965] ffff8881039bf680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.683473] >ffff8881039bf700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.683694] ^ [ 15.683908] ffff8881039bf780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.684154] ffff8881039bf800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.684753] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 15.600986] ================================================================== [ 15.601333] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x3c/0x70 [ 15.601755] Read of size 121 at addr ffff8881039bf700 by task kunit_try_catch/303 [ 15.602053] [ 15.602173] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.602217] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.602253] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.602275] Call Trace: [ 15.602292] <TASK> [ 15.602309] dump_stack_lvl+0x73/0xb0 [ 15.602336] print_report+0xd1/0x650 [ 15.602361] ? __virt_addr_valid+0x1db/0x2d0 [ 15.602384] ? _copy_to_user+0x3c/0x70 [ 15.602422] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.602447] ? _copy_to_user+0x3c/0x70 [ 15.602467] kasan_report+0x141/0x180 [ 15.602490] ? _copy_to_user+0x3c/0x70 [ 15.602522] kasan_check_range+0x10c/0x1c0 [ 15.602547] __kasan_check_read+0x15/0x20 [ 15.602566] _copy_to_user+0x3c/0x70 [ 15.602587] copy_user_test_oob+0x364/0x10f0 [ 15.602614] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.602638] ? finish_task_switch.isra.0+0x153/0x700 [ 15.602661] ? __switch_to+0x47/0xf50 [ 15.602686] ? __schedule+0x10cc/0x2b60 [ 15.602725] ? __pfx_read_tsc+0x10/0x10 [ 15.602747] ? ktime_get_ts64+0x86/0x230 [ 15.602770] kunit_try_run_case+0x1a5/0x480 [ 15.602795] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.602818] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.602842] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.602866] ? __kthread_parkme+0x82/0x180 [ 15.602902] ? preempt_count_sub+0x50/0x80 [ 15.602927] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.602951] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.602975] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.602999] kthread+0x337/0x6f0 [ 15.603019] ? trace_preempt_on+0x20/0xc0 [ 15.603042] ? __pfx_kthread+0x10/0x10 [ 15.603063] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.603085] ? calculate_sigpending+0x7b/0xa0 [ 15.603109] ? __pfx_kthread+0x10/0x10 [ 15.603153] ret_from_fork+0x116/0x1d0 [ 15.603173] ? __pfx_kthread+0x10/0x10 [ 15.603194] ret_from_fork_asm+0x1a/0x30 [ 15.603225] </TASK> [ 15.603238] [ 15.612138] Allocated by task 303: [ 15.612340] kasan_save_stack+0x45/0x70 [ 15.612578] kasan_save_track+0x18/0x40 [ 15.612769] kasan_save_alloc_info+0x3b/0x50 [ 15.612981] __kasan_kmalloc+0xb7/0xc0 [ 15.613209] __kmalloc_noprof+0x1c9/0x500 [ 15.613406] kunit_kmalloc_array+0x25/0x60 [ 15.613606] copy_user_test_oob+0xab/0x10f0 [ 15.613792] kunit_try_run_case+0x1a5/0x480 [ 15.613936] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.614133] kthread+0x337/0x6f0 [ 15.614310] ret_from_fork+0x116/0x1d0 [ 15.614523] ret_from_fork_asm+0x1a/0x30 [ 15.614727] [ 15.614843] The buggy address belongs to the object at ffff8881039bf700 [ 15.614843] which belongs to the cache kmalloc-128 of size 128 [ 15.615358] The buggy address is located 0 bytes inside of [ 15.615358] allocated 120-byte region [ffff8881039bf700, ffff8881039bf778) [ 15.615844] [ 15.615924] The buggy address belongs to the physical page: [ 15.616227] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bf [ 15.616576] flags: 0x200000000000000(node=0|zone=2) [ 15.616796] page_type: f5(slab) [ 15.616958] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.617380] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.617766] page dumped because: kasan: bad access detected [ 15.618029] [ 15.618136] Memory state around the buggy address: [ 15.618355] ffff8881039bf600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.618749] ffff8881039bf680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.619048] >ffff8881039bf700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.619262] ^ [ 15.619466] ffff8881039bf780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.619891] ffff8881039bf800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.620336] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 13.427855] ================================================================== [ 13.428321] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 13.428566] Read of size 1 at addr ffff888103907c4a by task kunit_try_catch/270 [ 13.428786] [ 13.428870] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.428912] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.428923] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.428943] Call Trace: [ 13.428955] <TASK> [ 13.428968] dump_stack_lvl+0x73/0xb0 [ 13.428994] print_report+0xd1/0x650 [ 13.429016] ? __virt_addr_valid+0x1db/0x2d0 [ 13.429038] ? kasan_alloca_oob_right+0x329/0x390 [ 13.429059] ? kasan_addr_to_slab+0x11/0xa0 [ 13.429079] ? kasan_alloca_oob_right+0x329/0x390 [ 13.429100] kasan_report+0x141/0x180 [ 13.429133] ? kasan_alloca_oob_right+0x329/0x390 [ 13.429160] __asan_report_load1_noabort+0x18/0x20 [ 13.429184] kasan_alloca_oob_right+0x329/0x390 [ 13.429205] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.429227] ? finish_task_switch.isra.0+0x153/0x700 [ 13.429249] ? out_of_line_wait_on_bit_timeout+0x7e/0x190 [ 13.429273] ? trace_hardirqs_on+0x37/0xe0 [ 13.429297] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 13.429323] ? __schedule+0x10cc/0x2b60 [ 13.429343] ? __pfx_read_tsc+0x10/0x10 [ 13.429362] ? ktime_get_ts64+0x86/0x230 [ 13.429387] kunit_try_run_case+0x1a5/0x480 [ 13.429412] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.429434] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.429456] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.429478] ? __kthread_parkme+0x82/0x180 [ 13.429498] ? preempt_count_sub+0x50/0x80 [ 13.429520] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.429543] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.429565] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.429587] kthread+0x337/0x6f0 [ 13.429606] ? trace_preempt_on+0x20/0xc0 [ 13.429627] ? __pfx_kthread+0x10/0x10 [ 13.429646] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.429666] ? calculate_sigpending+0x7b/0xa0 [ 13.429690] ? __pfx_kthread+0x10/0x10 [ 13.429710] ret_from_fork+0x116/0x1d0 [ 13.429728] ? __pfx_kthread+0x10/0x10 [ 13.429748] ret_from_fork_asm+0x1a/0x30 [ 13.429778] </TASK> [ 13.429788] [ 13.449472] The buggy address belongs to stack of task kunit_try_catch/270 [ 13.450666] [ 13.451037] The buggy address belongs to the physical page: [ 13.452066] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103907 [ 13.452896] flags: 0x200000000000000(node=0|zone=2) [ 13.453145] raw: 0200000000000000 ffffea00040e41c8 ffffea00040e41c8 0000000000000000 [ 13.454496] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.455456] page dumped because: kasan: bad access detected [ 13.455642] [ 13.455715] Memory state around the buggy address: [ 13.455868] ffff888103907b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.456079] ffff888103907b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.456569] >ffff888103907c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 13.457349] ^ [ 13.457874] ffff888103907c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 13.458504] ffff888103907d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.458725] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 13.408675] ================================================================== [ 13.409161] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 13.409487] Read of size 1 at addr ffff888103a1fc3f by task kunit_try_catch/268 [ 13.409894] [ 13.410022] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.410071] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.410082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.410105] Call Trace: [ 13.410117] <TASK> [ 13.410158] dump_stack_lvl+0x73/0xb0 [ 13.410191] print_report+0xd1/0x650 [ 13.410213] ? __virt_addr_valid+0x1db/0x2d0 [ 13.410237] ? kasan_alloca_oob_left+0x320/0x380 [ 13.410260] ? kasan_addr_to_slab+0x11/0xa0 [ 13.410279] ? kasan_alloca_oob_left+0x320/0x380 [ 13.410302] kasan_report+0x141/0x180 [ 13.410322] ? kasan_alloca_oob_left+0x320/0x380 [ 13.410348] __asan_report_load1_noabort+0x18/0x20 [ 13.410372] kasan_alloca_oob_left+0x320/0x380 [ 13.410395] ? finish_task_switch.isra.0+0x153/0x700 [ 13.410418] ? out_of_line_wait_on_bit_timeout+0x7e/0x190 [ 13.410443] ? trace_hardirqs_on+0x37/0xe0 [ 13.410469] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 13.410494] ? __schedule+0x10cc/0x2b60 [ 13.410518] ? __pfx_read_tsc+0x10/0x10 [ 13.410540] ? ktime_get_ts64+0x86/0x230 [ 13.410564] kunit_try_run_case+0x1a5/0x480 [ 13.410590] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.410611] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.410633] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.410654] ? __kthread_parkme+0x82/0x180 [ 13.410676] ? preempt_count_sub+0x50/0x80 [ 13.410698] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.410720] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.410743] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.410766] kthread+0x337/0x6f0 [ 13.410784] ? trace_preempt_on+0x20/0xc0 [ 13.410805] ? __pfx_kthread+0x10/0x10 [ 13.410825] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.410845] ? calculate_sigpending+0x7b/0xa0 [ 13.410869] ? __pfx_kthread+0x10/0x10 [ 13.410890] ret_from_fork+0x116/0x1d0 [ 13.410907] ? __pfx_kthread+0x10/0x10 [ 13.410927] ret_from_fork_asm+0x1a/0x30 [ 13.410957] </TASK> [ 13.410969] [ 13.419148] The buggy address belongs to stack of task kunit_try_catch/268 [ 13.419476] [ 13.419550] The buggy address belongs to the physical page: [ 13.419727] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a1f [ 13.420365] flags: 0x200000000000000(node=0|zone=2) [ 13.420619] raw: 0200000000000000 ffffea00040e87c8 ffffea00040e87c8 0000000000000000 [ 13.420919] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.421249] page dumped because: kasan: bad access detected [ 13.421460] [ 13.421605] Memory state around the buggy address: [ 13.421804] ffff888103a1fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.422048] ffff888103a1fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.422275] >ffff888103a1fc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 13.422593] ^ [ 13.422810] ffff888103a1fc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 13.423164] ffff888103a1fd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.423911] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 13.373576] ================================================================== [ 13.374825] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 13.375064] Read of size 1 at addr ffff888103a3fd02 by task kunit_try_catch/266 [ 13.376096] [ 13.376469] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.376520] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.376533] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.376555] Call Trace: [ 13.376567] <TASK> [ 13.376586] dump_stack_lvl+0x73/0xb0 [ 13.376613] print_report+0xd1/0x650 [ 13.376636] ? __virt_addr_valid+0x1db/0x2d0 [ 13.376659] ? kasan_stack_oob+0x2b5/0x300 [ 13.376678] ? kasan_addr_to_slab+0x11/0xa0 [ 13.376698] ? kasan_stack_oob+0x2b5/0x300 [ 13.376718] kasan_report+0x141/0x180 [ 13.376740] ? kasan_stack_oob+0x2b5/0x300 [ 13.376764] __asan_report_load1_noabort+0x18/0x20 [ 13.376788] kasan_stack_oob+0x2b5/0x300 [ 13.376806] ? __pfx_kasan_stack_oob+0x10/0x10 [ 13.376826] ? finish_task_switch.isra.0+0x153/0x700 [ 13.376846] ? __switch_to+0x47/0xf50 [ 13.376872] ? __schedule+0x10cc/0x2b60 [ 13.376894] ? __pfx_read_tsc+0x10/0x10 [ 13.376914] ? ktime_get_ts64+0x86/0x230 [ 13.376937] kunit_try_run_case+0x1a5/0x480 [ 13.376959] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.376980] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.377002] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.377024] ? __kthread_parkme+0x82/0x180 [ 13.377043] ? preempt_count_sub+0x50/0x80 [ 13.377065] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.377088] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.377108] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.377258] kthread+0x337/0x6f0 [ 13.377286] ? trace_preempt_on+0x20/0xc0 [ 13.377311] ? __pfx_kthread+0x10/0x10 [ 13.377344] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.377366] ? calculate_sigpending+0x7b/0xa0 [ 13.377421] ? __pfx_kthread+0x10/0x10 [ 13.377442] ret_from_fork+0x116/0x1d0 [ 13.377461] ? __pfx_kthread+0x10/0x10 [ 13.377481] ret_from_fork_asm+0x1a/0x30 [ 13.377511] </TASK> [ 13.377522] [ 13.394102] The buggy address belongs to stack of task kunit_try_catch/266 [ 13.395105] and is located at offset 138 in frame: [ 13.395840] kasan_stack_oob+0x0/0x300 [ 13.396549] [ 13.396646] This frame has 4 objects: [ 13.396860] [48, 49) '__assertion' [ 13.396883] [64, 72) 'array' [ 13.397012] [96, 112) '__assertion' [ 13.397449] [128, 138) 'stack_array' [ 13.397943] [ 13.398860] The buggy address belongs to the physical page: [ 13.399542] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a3f [ 13.400008] flags: 0x200000000000000(node=0|zone=2) [ 13.400428] raw: 0200000000000000 ffffea00040e8fc8 ffffea00040e8fc8 0000000000000000 [ 13.400756] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.401042] page dumped because: kasan: bad access detected [ 13.401607] [ 13.402105] Memory state around the buggy address: [ 13.402661] ffff888103a3fc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.403090] ffff888103a3fc80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 13.403677] >ffff888103a3fd00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.403964] ^ [ 13.404115] ffff888103a3fd80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 13.404426] ffff888103a3fe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.404721] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 13.335974] ================================================================== [ 13.336467] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 13.336715] Read of size 1 at addr ffffffffa0a61e8d by task kunit_try_catch/262 [ 13.336940] [ 13.337045] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.337089] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.337101] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.337120] Call Trace: [ 13.337146] <TASK> [ 13.337161] dump_stack_lvl+0x73/0xb0 [ 13.337186] print_report+0xd1/0x650 [ 13.337208] ? __virt_addr_valid+0x1db/0x2d0 [ 13.337230] ? kasan_global_oob_right+0x286/0x2d0 [ 13.337250] ? kasan_addr_to_slab+0x11/0xa0 [ 13.337269] ? kasan_global_oob_right+0x286/0x2d0 [ 13.337290] kasan_report+0x141/0x180 [ 13.337311] ? kasan_global_oob_right+0x286/0x2d0 [ 13.337336] __asan_report_load1_noabort+0x18/0x20 [ 13.337358] kasan_global_oob_right+0x286/0x2d0 [ 13.337379] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 13.337402] ? __schedule+0x10cc/0x2b60 [ 13.337423] ? __pfx_read_tsc+0x10/0x10 [ 13.337443] ? ktime_get_ts64+0x86/0x230 [ 13.337465] kunit_try_run_case+0x1a5/0x480 [ 13.337488] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.337509] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.337531] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.337552] ? __kthread_parkme+0x82/0x180 [ 13.337572] ? preempt_count_sub+0x50/0x80 [ 13.337594] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.337616] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.337638] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.337659] kthread+0x337/0x6f0 [ 13.337677] ? trace_preempt_on+0x20/0xc0 [ 13.337699] ? __pfx_kthread+0x10/0x10 [ 13.337718] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.337738] ? calculate_sigpending+0x7b/0xa0 [ 13.337760] ? __pfx_kthread+0x10/0x10 [ 13.337780] ret_from_fork+0x116/0x1d0 [ 13.337797] ? __pfx_kthread+0x10/0x10 [ 13.337817] ret_from_fork_asm+0x1a/0x30 [ 13.337847] </TASK> [ 13.337857] [ 13.359014] The buggy address belongs to the variable: [ 13.359748] global_array+0xd/0x40 [ 13.360267] [ 13.360642] The buggy address belongs to the physical page: [ 13.361352] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x22c61 [ 13.362007] flags: 0x100000000002000(reserved|node=0|zone=1) [ 13.362405] raw: 0100000000002000 ffffea00008b1848 ffffea00008b1848 0000000000000000 [ 13.363403] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.363993] page dumped because: kasan: bad access detected [ 13.364199] [ 13.364288] Memory state around the buggy address: [ 13.364756] ffffffffa0a61d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.365428] ffffffffa0a61e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.366173] >ffffffffa0a61e80: 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 13.366854] ^ [ 13.366984] ffffffffa0a61f00: 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 [ 13.367255] ffffffffa0a61f80: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 13.367975] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 13.310273] ================================================================== [ 13.311442] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.311707] Free of addr ffff888102abc001 by task kunit_try_catch/260 [ 13.311906] [ 13.311996] CPU: 0 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.312040] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.312051] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.312073] Call Trace: [ 13.312084] <TASK> [ 13.312100] dump_stack_lvl+0x73/0xb0 [ 13.312150] print_report+0xd1/0x650 [ 13.312173] ? __virt_addr_valid+0x1db/0x2d0 [ 13.312197] ? kasan_addr_to_slab+0x11/0xa0 [ 13.312217] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.312242] kasan_report_invalid_free+0x10a/0x130 [ 13.312266] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.312292] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.312316] __kasan_mempool_poison_object+0x102/0x1d0 [ 13.312340] mempool_free+0x2ec/0x380 [ 13.312362] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.312386] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 13.312413] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.312436] ? finish_task_switch.isra.0+0x153/0x700 [ 13.312460] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 13.312484] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 13.312508] ? __kasan_check_write+0x18/0x20 [ 13.312529] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.312551] ? __pfx_mempool_kfree+0x10/0x10 [ 13.312575] ? __pfx_read_tsc+0x10/0x10 [ 13.312596] ? ktime_get_ts64+0x86/0x230 [ 13.312619] kunit_try_run_case+0x1a5/0x480 [ 13.312643] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.312664] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 13.312687] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.312709] ? __kthread_parkme+0x82/0x180 [ 13.312730] ? preempt_count_sub+0x50/0x80 [ 13.312753] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.312775] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.312797] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.312821] kthread+0x337/0x6f0 [ 13.312839] ? trace_preempt_on+0x20/0xc0 [ 13.312863] ? __pfx_kthread+0x10/0x10 [ 13.312884] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.312904] ? calculate_sigpending+0x7b/0xa0 [ 13.312927] ? __pfx_kthread+0x10/0x10 [ 13.312948] ret_from_fork+0x116/0x1d0 [ 13.312966] ? __pfx_kthread+0x10/0x10 [ 13.312986] ret_from_fork_asm+0x1a/0x30 [ 13.313016] </TASK> [ 13.313028] [ 13.324516] The buggy address belongs to the physical page: [ 13.324772] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102abc [ 13.325020] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.325583] flags: 0x200000000000040(head|node=0|zone=2) [ 13.325847] page_type: f8(unknown) [ 13.326023] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.326463] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.326746] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.327084] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.327472] head: 0200000000000002 ffffea00040aaf01 00000000ffffffff 00000000ffffffff [ 13.327708] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.327990] page dumped because: kasan: bad access detected [ 13.328351] [ 13.328637] Memory state around the buggy address: [ 13.328884] ffff888102abbf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.329276] ffff888102abbf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.329662] >ffff888102abc000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.329914] ^ [ 13.330039] ffff888102abc080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.330579] ffff888102abc100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.330855] ================================================================== [ 13.274818] ================================================================== [ 13.275810] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.276083] Free of addr ffff88810319aa01 by task kunit_try_catch/258 [ 13.276522] [ 13.276765] CPU: 0 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.276814] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.276826] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.276847] Call Trace: [ 13.276859] <TASK> [ 13.276876] dump_stack_lvl+0x73/0xb0 [ 13.276927] print_report+0xd1/0x650 [ 13.276950] ? __virt_addr_valid+0x1db/0x2d0 [ 13.276975] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.276996] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.277021] kasan_report_invalid_free+0x10a/0x130 [ 13.277045] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.277070] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.277094] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.277117] check_slab_allocation+0x11f/0x130 [ 13.277149] __kasan_mempool_poison_object+0x91/0x1d0 [ 13.277173] mempool_free+0x2ec/0x380 [ 13.277196] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.277221] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 13.277245] ? update_load_avg+0x1be/0x21b0 [ 13.277297] ? finish_task_switch.isra.0+0x153/0x700 [ 13.277385] mempool_kmalloc_invalid_free+0xed/0x140 [ 13.277410] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 13.277436] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.277459] ? __pfx_mempool_kfree+0x10/0x10 [ 13.277483] ? __pfx_read_tsc+0x10/0x10 [ 13.277504] ? ktime_get_ts64+0x86/0x230 [ 13.277529] kunit_try_run_case+0x1a5/0x480 [ 13.277555] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.277576] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.277600] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.277622] ? __kthread_parkme+0x82/0x180 [ 13.277644] ? preempt_count_sub+0x50/0x80 [ 13.277666] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.277689] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.277710] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.277733] kthread+0x337/0x6f0 [ 13.277751] ? trace_preempt_on+0x20/0xc0 [ 13.277774] ? __pfx_kthread+0x10/0x10 [ 13.277794] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.277814] ? calculate_sigpending+0x7b/0xa0 [ 13.277839] ? __pfx_kthread+0x10/0x10 [ 13.277859] ret_from_fork+0x116/0x1d0 [ 13.277877] ? __pfx_kthread+0x10/0x10 [ 13.277896] ret_from_fork_asm+0x1a/0x30 [ 13.277928] </TASK> [ 13.277939] [ 13.292339] Allocated by task 258: [ 13.292742] kasan_save_stack+0x45/0x70 [ 13.293094] kasan_save_track+0x18/0x40 [ 13.293272] kasan_save_alloc_info+0x3b/0x50 [ 13.293460] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.293635] remove_element+0x11e/0x190 [ 13.293768] mempool_alloc_preallocated+0x4d/0x90 [ 13.293925] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 13.294104] mempool_kmalloc_invalid_free+0xed/0x140 [ 13.294598] kunit_try_run_case+0x1a5/0x480 [ 13.295106] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.295682] kthread+0x337/0x6f0 [ 13.296059] ret_from_fork+0x116/0x1d0 [ 13.296498] ret_from_fork_asm+0x1a/0x30 [ 13.296852] [ 13.297009] The buggy address belongs to the object at ffff88810319aa00 [ 13.297009] which belongs to the cache kmalloc-128 of size 128 [ 13.298247] The buggy address is located 1 bytes inside of [ 13.298247] 128-byte region [ffff88810319aa00, ffff88810319aa80) [ 13.299348] [ 13.299585] The buggy address belongs to the physical page: [ 13.299918] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10319a [ 13.300193] flags: 0x200000000000000(node=0|zone=2) [ 13.300362] page_type: f5(slab) [ 13.300838] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.301590] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.301969] page dumped because: kasan: bad access detected [ 13.302165] [ 13.302319] Memory state around the buggy address: [ 13.302799] ffff88810319a900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.303568] ffff88810319a980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.304299] >ffff88810319aa00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.304897] ^ [ 13.305072] ffff88810319aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.305404] ffff88810319ab00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.306014] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 13.214066] ================================================================== [ 13.215734] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 13.216146] Free of addr ffff888103960000 by task kunit_try_catch/254 [ 13.216563] [ 13.217021] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.217071] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.217083] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.217105] Call Trace: [ 13.217116] <TASK> [ 13.217171] dump_stack_lvl+0x73/0xb0 [ 13.217201] print_report+0xd1/0x650 [ 13.217224] ? __virt_addr_valid+0x1db/0x2d0 [ 13.217247] ? kasan_addr_to_slab+0x11/0xa0 [ 13.217268] ? mempool_double_free_helper+0x184/0x370 [ 13.217291] kasan_report_invalid_free+0x10a/0x130 [ 13.217316] ? mempool_double_free_helper+0x184/0x370 [ 13.217342] ? mempool_double_free_helper+0x184/0x370 [ 13.217364] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 13.217387] mempool_free+0x2ec/0x380 [ 13.217409] mempool_double_free_helper+0x184/0x370 [ 13.217431] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 13.217477] ? update_load_avg+0x1be/0x21b0 [ 13.217504] ? finish_task_switch.isra.0+0x153/0x700 [ 13.217528] mempool_kmalloc_large_double_free+0xed/0x140 [ 13.217552] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 13.217579] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.217602] ? __pfx_mempool_kfree+0x10/0x10 [ 13.217626] ? __pfx_read_tsc+0x10/0x10 [ 13.217646] ? ktime_get_ts64+0x86/0x230 [ 13.217669] kunit_try_run_case+0x1a5/0x480 [ 13.217692] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.217714] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.217736] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.217758] ? __kthread_parkme+0x82/0x180 [ 13.217778] ? preempt_count_sub+0x50/0x80 [ 13.217800] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.217822] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.217845] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.217867] kthread+0x337/0x6f0 [ 13.217885] ? trace_preempt_on+0x20/0xc0 [ 13.217908] ? __pfx_kthread+0x10/0x10 [ 13.217928] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.217948] ? calculate_sigpending+0x7b/0xa0 [ 13.217972] ? __pfx_kthread+0x10/0x10 [ 13.217992] ret_from_fork+0x116/0x1d0 [ 13.218009] ? __pfx_kthread+0x10/0x10 [ 13.218028] ret_from_fork_asm+0x1a/0x30 [ 13.218057] </TASK> [ 13.218067] [ 13.233231] The buggy address belongs to the physical page: [ 13.233724] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103960 [ 13.234225] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.234717] flags: 0x200000000000040(head|node=0|zone=2) [ 13.235259] page_type: f8(unknown) [ 13.235510] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.236182] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.236474] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.237255] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.237847] head: 0200000000000002 ffffea00040e5801 00000000ffffffff 00000000ffffffff [ 13.238089] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.238655] page dumped because: kasan: bad access detected [ 13.239255] [ 13.239454] Memory state around the buggy address: [ 13.240151] ffff88810395ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.240903] ffff88810395ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.241533] >ffff888103960000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.241949] ^ [ 13.242073] ffff888103960080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.242394] ffff888103960100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.243077] ================================================================== [ 13.247323] ================================================================== [ 13.247915] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 13.248609] Free of addr ffff888103964000 by task kunit_try_catch/256 [ 13.249466] [ 13.249657] CPU: 1 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.249705] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.249718] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.249739] Call Trace: [ 13.249753] <TASK> [ 13.249768] dump_stack_lvl+0x73/0xb0 [ 13.249798] print_report+0xd1/0x650 [ 13.249819] ? __virt_addr_valid+0x1db/0x2d0 [ 13.249844] ? kasan_addr_to_slab+0x11/0xa0 [ 13.249863] ? mempool_double_free_helper+0x184/0x370 [ 13.249887] kasan_report_invalid_free+0x10a/0x130 [ 13.249911] ? mempool_double_free_helper+0x184/0x370 [ 13.249936] ? mempool_double_free_helper+0x184/0x370 [ 13.249958] __kasan_mempool_poison_pages+0x115/0x130 [ 13.249983] mempool_free+0x290/0x380 [ 13.250005] mempool_double_free_helper+0x184/0x370 [ 13.250028] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 13.250055] ? finish_task_switch.isra.0+0x153/0x700 [ 13.250079] mempool_page_alloc_double_free+0xe8/0x140 [ 13.250102] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 13.250140] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 13.250160] ? __pfx_mempool_free_pages+0x10/0x10 [ 13.250181] ? __pfx_read_tsc+0x10/0x10 [ 13.250201] ? ktime_get_ts64+0x86/0x230 [ 13.250224] kunit_try_run_case+0x1a5/0x480 [ 13.250247] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.250269] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.250292] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.250316] ? __kthread_parkme+0x82/0x180 [ 13.250338] ? preempt_count_sub+0x50/0x80 [ 13.250371] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.250394] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.250416] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.250449] kthread+0x337/0x6f0 [ 13.250468] ? trace_preempt_on+0x20/0xc0 [ 13.250490] ? __pfx_kthread+0x10/0x10 [ 13.250514] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.250534] ? calculate_sigpending+0x7b/0xa0 [ 13.250557] ? __pfx_kthread+0x10/0x10 [ 13.250578] ret_from_fork+0x116/0x1d0 [ 13.250597] ? __pfx_kthread+0x10/0x10 [ 13.250616] ret_from_fork_asm+0x1a/0x30 [ 13.250644] </TASK> [ 13.250655] [ 13.265790] The buggy address belongs to the physical page: [ 13.266140] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103964 [ 13.266719] flags: 0x200000000000000(node=0|zone=2) [ 13.267073] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 13.267680] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.268438] page dumped because: kasan: bad access detected [ 13.268790] [ 13.268863] Memory state around the buggy address: [ 13.269023] ffff888103963f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.269298] ffff888103963f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.269699] >ffff888103964000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.270027] ^ [ 13.270247] ffff888103964080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.270651] ffff888103964100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.271237] ================================================================== [ 13.169488] ================================================================== [ 13.169941] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 13.170221] Free of addr ffff88810319a600 by task kunit_try_catch/252 [ 13.170630] [ 13.170750] CPU: 0 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.170796] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.170809] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.170829] Call Trace: [ 13.170841] <TASK> [ 13.170898] dump_stack_lvl+0x73/0xb0 [ 13.170928] print_report+0xd1/0x650 [ 13.171289] ? __virt_addr_valid+0x1db/0x2d0 [ 13.171341] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.171364] ? mempool_double_free_helper+0x184/0x370 [ 13.171388] kasan_report_invalid_free+0x10a/0x130 [ 13.171412] ? mempool_double_free_helper+0x184/0x370 [ 13.171437] ? mempool_double_free_helper+0x184/0x370 [ 13.171458] ? mempool_double_free_helper+0x184/0x370 [ 13.171481] check_slab_allocation+0x101/0x130 [ 13.171502] __kasan_mempool_poison_object+0x91/0x1d0 [ 13.171526] mempool_free+0x2ec/0x380 [ 13.171549] mempool_double_free_helper+0x184/0x370 [ 13.171572] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 13.171595] ? __kasan_check_write+0x18/0x20 [ 13.171615] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.171637] ? finish_task_switch.isra.0+0x153/0x700 [ 13.171662] mempool_kmalloc_double_free+0xed/0x140 [ 13.171685] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 13.171712] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.171735] ? __pfx_mempool_kfree+0x10/0x10 [ 13.171760] ? __pfx_read_tsc+0x10/0x10 [ 13.171782] ? ktime_get_ts64+0x86/0x230 [ 13.171806] kunit_try_run_case+0x1a5/0x480 [ 13.171829] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.171851] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.171873] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.171896] ? __kthread_parkme+0x82/0x180 [ 13.171917] ? preempt_count_sub+0x50/0x80 [ 13.171938] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.171961] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.171982] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.172006] kthread+0x337/0x6f0 [ 13.172026] ? trace_preempt_on+0x20/0xc0 [ 13.172048] ? __pfx_kthread+0x10/0x10 [ 13.172069] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.172089] ? calculate_sigpending+0x7b/0xa0 [ 13.172112] ? __pfx_kthread+0x10/0x10 [ 13.172161] ret_from_fork+0x116/0x1d0 [ 13.172179] ? __pfx_kthread+0x10/0x10 [ 13.172199] ret_from_fork_asm+0x1a/0x30 [ 13.172230] </TASK> [ 13.172241] [ 13.187107] Allocated by task 252: [ 13.188380] kasan_save_stack+0x45/0x70 [ 13.188973] kasan_save_track+0x18/0x40 [ 13.189719] kasan_save_alloc_info+0x3b/0x50 [ 13.190460] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.190900] remove_element+0x11e/0x190 [ 13.191049] mempool_alloc_preallocated+0x4d/0x90 [ 13.191225] mempool_double_free_helper+0x8a/0x370 [ 13.191886] mempool_kmalloc_double_free+0xed/0x140 [ 13.192544] kunit_try_run_case+0x1a5/0x480 [ 13.193115] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.194014] kthread+0x337/0x6f0 [ 13.194658] ret_from_fork+0x116/0x1d0 [ 13.194818] ret_from_fork_asm+0x1a/0x30 [ 13.194962] [ 13.195033] Freed by task 252: [ 13.195231] kasan_save_stack+0x45/0x70 [ 13.195581] kasan_save_track+0x18/0x40 [ 13.196042] kasan_save_free_info+0x3f/0x60 [ 13.196538] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.197075] mempool_free+0x2ec/0x380 [ 13.197521] mempool_double_free_helper+0x109/0x370 [ 13.197784] mempool_kmalloc_double_free+0xed/0x140 [ 13.197949] kunit_try_run_case+0x1a5/0x480 [ 13.198093] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.198617] kthread+0x337/0x6f0 [ 13.198911] ret_from_fork+0x116/0x1d0 [ 13.199302] ret_from_fork_asm+0x1a/0x30 [ 13.199823] [ 13.199992] The buggy address belongs to the object at ffff88810319a600 [ 13.199992] which belongs to the cache kmalloc-128 of size 128 [ 13.201099] The buggy address is located 0 bytes inside of [ 13.201099] 128-byte region [ffff88810319a600, ffff88810319a680) [ 13.202140] [ 13.202238] The buggy address belongs to the physical page: [ 13.202812] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10319a [ 13.203585] flags: 0x200000000000000(node=0|zone=2) [ 13.203763] page_type: f5(slab) [ 13.203889] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.204134] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.204769] page dumped because: kasan: bad access detected [ 13.205320] [ 13.205712] Memory state around the buggy address: [ 13.206225] ffff88810319a500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.207005] ffff88810319a580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.207795] >ffff88810319a600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.208521] ^ [ 13.208840] ffff88810319a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.209498] ffff88810319a700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.210407] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 13.143413] ================================================================== [ 13.144238] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.144672] Read of size 1 at addr ffff888103960000 by task kunit_try_catch/250 [ 13.144981] [ 13.145098] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.145411] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.145428] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.145452] Call Trace: [ 13.145644] <TASK> [ 13.145665] dump_stack_lvl+0x73/0xb0 [ 13.145697] print_report+0xd1/0x650 [ 13.145720] ? __virt_addr_valid+0x1db/0x2d0 [ 13.145744] ? mempool_uaf_helper+0x392/0x400 [ 13.145765] ? kasan_addr_to_slab+0x11/0xa0 [ 13.145785] ? mempool_uaf_helper+0x392/0x400 [ 13.145807] kasan_report+0x141/0x180 [ 13.145828] ? mempool_uaf_helper+0x392/0x400 [ 13.145854] __asan_report_load1_noabort+0x18/0x20 [ 13.145877] mempool_uaf_helper+0x392/0x400 [ 13.145899] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.145923] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.145946] ? finish_task_switch.isra.0+0x153/0x700 [ 13.145972] mempool_page_alloc_uaf+0xed/0x140 [ 13.145996] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 13.146022] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 13.146042] ? __pfx_mempool_free_pages+0x10/0x10 [ 13.146063] ? __pfx_read_tsc+0x10/0x10 [ 13.146085] ? ktime_get_ts64+0x86/0x230 [ 13.146108] kunit_try_run_case+0x1a5/0x480 [ 13.146147] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.146169] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.146193] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.146217] ? __kthread_parkme+0x82/0x180 [ 13.146238] ? preempt_count_sub+0x50/0x80 [ 13.146261] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.146284] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.146318] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.146341] kthread+0x337/0x6f0 [ 13.146360] ? trace_preempt_on+0x20/0xc0 [ 13.146384] ? __pfx_kthread+0x10/0x10 [ 13.146404] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.146424] ? calculate_sigpending+0x7b/0xa0 [ 13.146448] ? __pfx_kthread+0x10/0x10 [ 13.146469] ret_from_fork+0x116/0x1d0 [ 13.146487] ? __pfx_kthread+0x10/0x10 [ 13.146506] ret_from_fork_asm+0x1a/0x30 [ 13.146542] </TASK> [ 13.146553] [ 13.159022] The buggy address belongs to the physical page: [ 13.159863] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103960 [ 13.160513] flags: 0x200000000000000(node=0|zone=2) [ 13.160764] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 13.161072] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.161808] page dumped because: kasan: bad access detected [ 13.162073] [ 13.162498] Memory state around the buggy address: [ 13.162803] ffff88810395ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.163437] ffff88810395ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.163744] >ffff888103960000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.164030] ^ [ 13.164524] ffff888103960080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.164831] ffff888103960100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.165333] ================================================================== [ 13.070902] ================================================================== [ 13.071402] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.071821] Read of size 1 at addr ffff888103960000 by task kunit_try_catch/246 [ 13.072061] [ 13.072176] CPU: 1 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.072225] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.072272] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.072295] Call Trace: [ 13.072309] <TASK> [ 13.072325] dump_stack_lvl+0x73/0xb0 [ 13.072399] print_report+0xd1/0x650 [ 13.072421] ? __virt_addr_valid+0x1db/0x2d0 [ 13.072446] ? mempool_uaf_helper+0x392/0x400 [ 13.072478] ? kasan_addr_to_slab+0x11/0xa0 [ 13.072499] ? mempool_uaf_helper+0x392/0x400 [ 13.072520] kasan_report+0x141/0x180 [ 13.072541] ? mempool_uaf_helper+0x392/0x400 [ 13.072567] __asan_report_load1_noabort+0x18/0x20 [ 13.072622] mempool_uaf_helper+0x392/0x400 [ 13.072668] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.072702] ? __kasan_check_write+0x18/0x20 [ 13.072722] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.072745] ? finish_task_switch.isra.0+0x153/0x700 [ 13.072770] mempool_kmalloc_large_uaf+0xef/0x140 [ 13.072793] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 13.072818] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.072841] ? __pfx_mempool_kfree+0x10/0x10 [ 13.072866] ? __pfx_read_tsc+0x10/0x10 [ 13.072887] ? ktime_get_ts64+0x86/0x230 [ 13.072910] kunit_try_run_case+0x1a5/0x480 [ 13.072934] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.072956] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.072977] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.072999] ? __kthread_parkme+0x82/0x180 [ 13.073019] ? preempt_count_sub+0x50/0x80 [ 13.073041] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.073064] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.073086] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.073108] kthread+0x337/0x6f0 [ 13.073136] ? trace_preempt_on+0x20/0xc0 [ 13.073171] ? __pfx_kthread+0x10/0x10 [ 13.073191] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.073211] ? calculate_sigpending+0x7b/0xa0 [ 13.073235] ? __pfx_kthread+0x10/0x10 [ 13.073256] ret_from_fork+0x116/0x1d0 [ 13.073274] ? __pfx_kthread+0x10/0x10 [ 13.073294] ret_from_fork_asm+0x1a/0x30 [ 13.073324] </TASK> [ 13.073336] [ 13.089117] The buggy address belongs to the physical page: [ 13.089714] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103960 [ 13.090159] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.091103] flags: 0x200000000000040(head|node=0|zone=2) [ 13.091609] page_type: f8(unknown) [ 13.091747] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.091983] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.092278] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.092950] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.093356] head: 0200000000000002 ffffea00040e5801 00000000ffffffff 00000000ffffffff [ 13.093777] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.094282] page dumped because: kasan: bad access detected [ 13.094501] [ 13.094720] Memory state around the buggy address: [ 13.095031] ffff88810395ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.095336] ffff88810395ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.095756] >ffff888103960000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.096212] ^ [ 13.096443] ffff888103960080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.096835] ffff888103960100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.097249] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 13.101639] ================================================================== [ 13.102102] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.103075] Read of size 1 at addr ffff88810319c240 by task kunit_try_catch/248 [ 13.103878] [ 13.103983] CPU: 0 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.104031] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.104044] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.104066] Call Trace: [ 13.104079] <TASK> [ 13.104093] dump_stack_lvl+0x73/0xb0 [ 13.104136] print_report+0xd1/0x650 [ 13.104159] ? __virt_addr_valid+0x1db/0x2d0 [ 13.104184] ? mempool_uaf_helper+0x392/0x400 [ 13.104206] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.104229] ? mempool_uaf_helper+0x392/0x400 [ 13.104250] kasan_report+0x141/0x180 [ 13.104271] ? mempool_uaf_helper+0x392/0x400 [ 13.104296] __asan_report_load1_noabort+0x18/0x20 [ 13.104320] mempool_uaf_helper+0x392/0x400 [ 13.104342] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.104363] ? update_load_avg+0x1be/0x21b0 [ 13.104391] ? finish_task_switch.isra.0+0x153/0x700 [ 13.104416] mempool_slab_uaf+0xea/0x140 [ 13.104439] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 13.104463] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 13.104484] ? __pfx_mempool_free_slab+0x10/0x10 [ 13.104548] ? __pfx_read_tsc+0x10/0x10 [ 13.104570] ? ktime_get_ts64+0x86/0x230 [ 13.104595] kunit_try_run_case+0x1a5/0x480 [ 13.104621] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.104643] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.104667] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.104689] ? __kthread_parkme+0x82/0x180 [ 13.104710] ? preempt_count_sub+0x50/0x80 [ 13.104732] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.104754] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.104777] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.104800] kthread+0x337/0x6f0 [ 13.104818] ? trace_preempt_on+0x20/0xc0 [ 13.104841] ? __pfx_kthread+0x10/0x10 [ 13.104861] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.104881] ? calculate_sigpending+0x7b/0xa0 [ 13.104904] ? __pfx_kthread+0x10/0x10 [ 13.104925] ret_from_fork+0x116/0x1d0 [ 13.104943] ? __pfx_kthread+0x10/0x10 [ 13.104963] ret_from_fork_asm+0x1a/0x30 [ 13.104993] </TASK> [ 13.105005] [ 13.116301] Allocated by task 248: [ 13.116543] kasan_save_stack+0x45/0x70 [ 13.116739] kasan_save_track+0x18/0x40 [ 13.116916] kasan_save_alloc_info+0x3b/0x50 [ 13.117111] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 13.117788] remove_element+0x11e/0x190 [ 13.117984] mempool_alloc_preallocated+0x4d/0x90 [ 13.118523] mempool_uaf_helper+0x96/0x400 [ 13.118780] mempool_slab_uaf+0xea/0x140 [ 13.119079] kunit_try_run_case+0x1a5/0x480 [ 13.119535] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.119781] kthread+0x337/0x6f0 [ 13.119935] ret_from_fork+0x116/0x1d0 [ 13.120107] ret_from_fork_asm+0x1a/0x30 [ 13.120289] [ 13.120691] Freed by task 248: [ 13.120848] kasan_save_stack+0x45/0x70 [ 13.121025] kasan_save_track+0x18/0x40 [ 13.121577] kasan_save_free_info+0x3f/0x60 [ 13.121865] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.122408] mempool_free+0x2ec/0x380 [ 13.122598] mempool_uaf_helper+0x11a/0x400 [ 13.122785] mempool_slab_uaf+0xea/0x140 [ 13.122967] kunit_try_run_case+0x1a5/0x480 [ 13.123401] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.123841] kthread+0x337/0x6f0 [ 13.124151] ret_from_fork+0x116/0x1d0 [ 13.124460] ret_from_fork_asm+0x1a/0x30 [ 13.124845] [ 13.124942] The buggy address belongs to the object at ffff88810319c240 [ 13.124942] which belongs to the cache test_cache of size 123 [ 13.125957] The buggy address is located 0 bytes inside of [ 13.125957] freed 123-byte region [ffff88810319c240, ffff88810319c2bb) [ 13.126833] [ 13.126933] The buggy address belongs to the physical page: [ 13.127456] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10319c [ 13.127913] flags: 0x200000000000000(node=0|zone=2) [ 13.128402] page_type: f5(slab) [ 13.128595] raw: 0200000000000000 ffff888100c16b40 dead000000000122 0000000000000000 [ 13.128909] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 13.129395] page dumped because: kasan: bad access detected [ 13.129900] [ 13.130143] Memory state around the buggy address: [ 13.130503] ffff88810319c100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.130815] ffff88810319c180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.131107] >ffff88810319c200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 13.131758] ^ [ 13.131986] ffff88810319c280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.132710] ffff88810319c300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.133439] ================================================================== [ 13.040080] ================================================================== [ 13.041377] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.041649] Read of size 1 at addr ffff88810319a200 by task kunit_try_catch/244 [ 13.041877] [ 13.041963] CPU: 0 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.042008] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.042020] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.042042] Call Trace: [ 13.042054] <TASK> [ 13.042069] dump_stack_lvl+0x73/0xb0 [ 13.042096] print_report+0xd1/0x650 [ 13.042118] ? __virt_addr_valid+0x1db/0x2d0 [ 13.042155] ? mempool_uaf_helper+0x392/0x400 [ 13.042176] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.042197] ? mempool_uaf_helper+0x392/0x400 [ 13.042218] kasan_report+0x141/0x180 [ 13.042240] ? mempool_uaf_helper+0x392/0x400 [ 13.042327] __asan_report_load1_noabort+0x18/0x20 [ 13.042352] mempool_uaf_helper+0x392/0x400 [ 13.042531] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.042559] ? __kasan_check_write+0x18/0x20 [ 13.042578] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.042601] ? finish_task_switch.isra.0+0x153/0x700 [ 13.042626] mempool_kmalloc_uaf+0xef/0x140 [ 13.042648] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 13.042671] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.042694] ? __pfx_mempool_kfree+0x10/0x10 [ 13.042719] ? __pfx_read_tsc+0x10/0x10 [ 13.042741] ? ktime_get_ts64+0x86/0x230 [ 13.042764] kunit_try_run_case+0x1a5/0x480 [ 13.042788] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.042809] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.042832] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.042854] ? __kthread_parkme+0x82/0x180 [ 13.042875] ? preempt_count_sub+0x50/0x80 [ 13.042897] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.042919] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.042941] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.042963] kthread+0x337/0x6f0 [ 13.043246] ? trace_preempt_on+0x20/0xc0 [ 13.043271] ? __pfx_kthread+0x10/0x10 [ 13.043293] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.043324] ? calculate_sigpending+0x7b/0xa0 [ 13.043346] ? __pfx_kthread+0x10/0x10 [ 13.043368] ret_from_fork+0x116/0x1d0 [ 13.043385] ? __pfx_kthread+0x10/0x10 [ 13.043405] ret_from_fork_asm+0x1a/0x30 [ 13.043436] </TASK> [ 13.043447] [ 13.056012] Allocated by task 244: [ 13.056160] kasan_save_stack+0x45/0x70 [ 13.056309] kasan_save_track+0x18/0x40 [ 13.056682] kasan_save_alloc_info+0x3b/0x50 [ 13.056904] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.057166] remove_element+0x11e/0x190 [ 13.057302] mempool_alloc_preallocated+0x4d/0x90 [ 13.057480] mempool_uaf_helper+0x96/0x400 [ 13.057726] mempool_kmalloc_uaf+0xef/0x140 [ 13.057930] kunit_try_run_case+0x1a5/0x480 [ 13.058160] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.058431] kthread+0x337/0x6f0 [ 13.058599] ret_from_fork+0x116/0x1d0 [ 13.058733] ret_from_fork_asm+0x1a/0x30 [ 13.058883] [ 13.058976] Freed by task 244: [ 13.059157] kasan_save_stack+0x45/0x70 [ 13.059432] kasan_save_track+0x18/0x40 [ 13.059618] kasan_save_free_info+0x3f/0x60 [ 13.059799] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.060033] mempool_free+0x2ec/0x380 [ 13.060256] mempool_uaf_helper+0x11a/0x400 [ 13.060579] mempool_kmalloc_uaf+0xef/0x140 [ 13.060775] kunit_try_run_case+0x1a5/0x480 [ 13.060952] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.061242] kthread+0x337/0x6f0 [ 13.061423] ret_from_fork+0x116/0x1d0 [ 13.061554] ret_from_fork_asm+0x1a/0x30 [ 13.061693] [ 13.061840] The buggy address belongs to the object at ffff88810319a200 [ 13.061840] which belongs to the cache kmalloc-128 of size 128 [ 13.062382] The buggy address is located 0 bytes inside of [ 13.062382] freed 128-byte region [ffff88810319a200, ffff88810319a280) [ 13.062829] [ 13.062932] The buggy address belongs to the physical page: [ 13.063266] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10319a [ 13.063600] flags: 0x200000000000000(node=0|zone=2) [ 13.063768] page_type: f5(slab) [ 13.063890] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.065029] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.065564] page dumped because: kasan: bad access detected [ 13.065741] [ 13.065833] Memory state around the buggy address: [ 13.066058] ffff88810319a100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.066343] ffff88810319a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.067093] >ffff88810319a200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.067451] ^ [ 13.067636] ffff88810319a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.067895] ffff88810319a300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.068403] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 12.983120] ================================================================== [ 12.983647] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 12.983902] Read of size 1 at addr ffff888102aba001 by task kunit_try_catch/240 [ 12.984150] [ 12.984382] CPU: 0 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.984430] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.984443] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.984504] Call Trace: [ 12.984517] <TASK> [ 12.984546] dump_stack_lvl+0x73/0xb0 [ 12.984576] print_report+0xd1/0x650 [ 12.984599] ? __virt_addr_valid+0x1db/0x2d0 [ 12.984621] ? mempool_oob_right_helper+0x318/0x380 [ 12.984644] ? kasan_addr_to_slab+0x11/0xa0 [ 12.984664] ? mempool_oob_right_helper+0x318/0x380 [ 12.984686] kasan_report+0x141/0x180 [ 12.984708] ? mempool_oob_right_helper+0x318/0x380 [ 12.984735] __asan_report_load1_noabort+0x18/0x20 [ 12.984758] mempool_oob_right_helper+0x318/0x380 [ 12.984782] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 12.984806] ? __kasan_check_write+0x18/0x20 [ 12.984825] ? __pfx_sched_clock_cpu+0x10/0x10 [ 12.984847] ? finish_task_switch.isra.0+0x153/0x700 [ 12.984908] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 12.984956] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 12.984996] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.985021] ? __pfx_mempool_kfree+0x10/0x10 [ 12.985045] ? __pfx_read_tsc+0x10/0x10 [ 12.985066] ? ktime_get_ts64+0x86/0x230 [ 12.985090] kunit_try_run_case+0x1a5/0x480 [ 12.985113] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.985155] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.985178] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.985200] ? __kthread_parkme+0x82/0x180 [ 12.985220] ? preempt_count_sub+0x50/0x80 [ 12.985243] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.985265] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.985287] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.985330] kthread+0x337/0x6f0 [ 12.985349] ? trace_preempt_on+0x20/0xc0 [ 12.985371] ? __pfx_kthread+0x10/0x10 [ 12.985392] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.985412] ? calculate_sigpending+0x7b/0xa0 [ 12.985435] ? __pfx_kthread+0x10/0x10 [ 12.985456] ret_from_fork+0x116/0x1d0 [ 12.985474] ? __pfx_kthread+0x10/0x10 [ 12.985493] ret_from_fork_asm+0x1a/0x30 [ 12.985524] </TASK> [ 12.985536] [ 12.996400] The buggy address belongs to the physical page: [ 12.996657] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab8 [ 12.997018] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.997662] flags: 0x200000000000040(head|node=0|zone=2) [ 12.998036] page_type: f8(unknown) [ 12.998376] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.998997] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.999577] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.999989] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.000555] head: 0200000000000002 ffffea00040aae01 00000000ffffffff 00000000ffffffff [ 13.000884] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.001481] page dumped because: kasan: bad access detected [ 13.001841] [ 13.001949] Memory state around the buggy address: [ 13.002455] ffff888102ab9f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.002753] ffff888102ab9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.003235] >ffff888102aba000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.003661] ^ [ 13.004113] ffff888102aba080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.004564] ffff888102aba100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.005065] ================================================================== [ 13.011723] ================================================================== [ 13.012496] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 13.013013] Read of size 1 at addr ffff8881039c32bb by task kunit_try_catch/242 [ 13.013694] [ 13.013793] CPU: 1 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.013837] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.013849] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.013869] Call Trace: [ 13.013881] <TASK> [ 13.013896] dump_stack_lvl+0x73/0xb0 [ 13.013926] print_report+0xd1/0x650 [ 13.013948] ? __virt_addr_valid+0x1db/0x2d0 [ 13.013972] ? mempool_oob_right_helper+0x318/0x380 [ 13.013994] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.014015] ? mempool_oob_right_helper+0x318/0x380 [ 13.014038] kasan_report+0x141/0x180 [ 13.014058] ? mempool_oob_right_helper+0x318/0x380 [ 13.014086] __asan_report_load1_noabort+0x18/0x20 [ 13.014110] mempool_oob_right_helper+0x318/0x380 [ 13.014146] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.014172] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.014193] ? finish_task_switch.isra.0+0x153/0x700 [ 13.014218] mempool_slab_oob_right+0xed/0x140 [ 13.014242] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 13.014267] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 13.014287] ? __pfx_mempool_free_slab+0x10/0x10 [ 13.014308] ? __pfx_read_tsc+0x10/0x10 [ 13.014328] ? ktime_get_ts64+0x86/0x230 [ 13.014351] kunit_try_run_case+0x1a5/0x480 [ 13.014375] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.014396] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.014419] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.014441] ? __kthread_parkme+0x82/0x180 [ 13.014461] ? preempt_count_sub+0x50/0x80 [ 13.014482] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.014505] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.014530] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.014552] kthread+0x337/0x6f0 [ 13.014570] ? trace_preempt_on+0x20/0xc0 [ 13.014593] ? __pfx_kthread+0x10/0x10 [ 13.014613] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.014632] ? calculate_sigpending+0x7b/0xa0 [ 13.014656] ? __pfx_kthread+0x10/0x10 [ 13.014676] ret_from_fork+0x116/0x1d0 [ 13.014696] ? __pfx_kthread+0x10/0x10 [ 13.014716] ret_from_fork_asm+0x1a/0x30 [ 13.014747] </TASK> [ 13.014758] [ 13.023043] Allocated by task 242: [ 13.023232] kasan_save_stack+0x45/0x70 [ 13.023433] kasan_save_track+0x18/0x40 [ 13.023619] kasan_save_alloc_info+0x3b/0x50 [ 13.023765] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 13.024063] remove_element+0x11e/0x190 [ 13.024564] mempool_alloc_preallocated+0x4d/0x90 [ 13.024801] mempool_oob_right_helper+0x8a/0x380 [ 13.024983] mempool_slab_oob_right+0xed/0x140 [ 13.025270] kunit_try_run_case+0x1a5/0x480 [ 13.025633] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.025827] kthread+0x337/0x6f0 [ 13.025948] ret_from_fork+0x116/0x1d0 [ 13.026080] ret_from_fork_asm+0x1a/0x30 [ 13.026266] [ 13.026361] The buggy address belongs to the object at ffff8881039c3240 [ 13.026361] which belongs to the cache test_cache of size 123 [ 13.026891] The buggy address is located 0 bytes to the right of [ 13.026891] allocated 123-byte region [ffff8881039c3240, ffff8881039c32bb) [ 13.027493] [ 13.027567] The buggy address belongs to the physical page: [ 13.027779] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c3 [ 13.028166] flags: 0x200000000000000(node=0|zone=2) [ 13.028629] page_type: f5(slab) [ 13.028784] raw: 0200000000000000 ffff8881019c6640 dead000000000122 0000000000000000 [ 13.029072] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 13.029501] page dumped because: kasan: bad access detected [ 13.029724] [ 13.029803] Memory state around the buggy address: [ 13.029987] ffff8881039c3180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.030338] ffff8881039c3200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 13.030752] >ffff8881039c3280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 13.031029] ^ [ 13.031220] ffff8881039c3300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.031427] ffff8881039c3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.031682] ================================================================== [ 12.951026] ================================================================== [ 12.951712] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 12.952067] Read of size 1 at addr ffff8881039bf273 by task kunit_try_catch/238 [ 12.952575] [ 12.952858] CPU: 1 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.952966] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.952981] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.953005] Call Trace: [ 12.953020] <TASK> [ 12.953039] dump_stack_lvl+0x73/0xb0 [ 12.953069] print_report+0xd1/0x650 [ 12.953093] ? __virt_addr_valid+0x1db/0x2d0 [ 12.953116] ? mempool_oob_right_helper+0x318/0x380 [ 12.953151] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.953172] ? mempool_oob_right_helper+0x318/0x380 [ 12.953195] kasan_report+0x141/0x180 [ 12.953215] ? mempool_oob_right_helper+0x318/0x380 [ 12.953243] __asan_report_load1_noabort+0x18/0x20 [ 12.953265] mempool_oob_right_helper+0x318/0x380 [ 12.953288] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 12.953312] ? __kasan_check_write+0x18/0x20 [ 12.953330] ? __pfx_sched_clock_cpu+0x10/0x10 [ 12.953354] ? finish_task_switch.isra.0+0x153/0x700 [ 12.953378] mempool_kmalloc_oob_right+0xf2/0x150 [ 12.953401] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 12.953426] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.953450] ? __pfx_mempool_kfree+0x10/0x10 [ 12.953474] ? __pfx_read_tsc+0x10/0x10 [ 12.953495] ? ktime_get_ts64+0x86/0x230 [ 12.953519] kunit_try_run_case+0x1a5/0x480 [ 12.953545] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.953566] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.953590] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.953611] ? __kthread_parkme+0x82/0x180 [ 12.953632] ? preempt_count_sub+0x50/0x80 [ 12.953653] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.953675] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.953697] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.953719] kthread+0x337/0x6f0 [ 12.953737] ? trace_preempt_on+0x20/0xc0 [ 12.953760] ? __pfx_kthread+0x10/0x10 [ 12.953779] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.953799] ? calculate_sigpending+0x7b/0xa0 [ 12.953823] ? __pfx_kthread+0x10/0x10 [ 12.953843] ret_from_fork+0x116/0x1d0 [ 12.953861] ? __pfx_kthread+0x10/0x10 [ 12.953880] ret_from_fork_asm+0x1a/0x30 [ 12.953911] </TASK> [ 12.953922] [ 12.966322] Allocated by task 238: [ 12.966709] kasan_save_stack+0x45/0x70 [ 12.966921] kasan_save_track+0x18/0x40 [ 12.967097] kasan_save_alloc_info+0x3b/0x50 [ 12.967736] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 12.968049] remove_element+0x11e/0x190 [ 12.968330] mempool_alloc_preallocated+0x4d/0x90 [ 12.968735] mempool_oob_right_helper+0x8a/0x380 [ 12.969068] mempool_kmalloc_oob_right+0xf2/0x150 [ 12.969438] kunit_try_run_case+0x1a5/0x480 [ 12.969755] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.970005] kthread+0x337/0x6f0 [ 12.970447] ret_from_fork+0x116/0x1d0 [ 12.970642] ret_from_fork_asm+0x1a/0x30 [ 12.970897] [ 12.971006] The buggy address belongs to the object at ffff8881039bf200 [ 12.971006] which belongs to the cache kmalloc-128 of size 128 [ 12.971784] The buggy address is located 0 bytes to the right of [ 12.971784] allocated 115-byte region [ffff8881039bf200, ffff8881039bf273) [ 12.972690] [ 12.972809] The buggy address belongs to the physical page: [ 12.973162] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bf [ 12.973700] flags: 0x200000000000000(node=0|zone=2) [ 12.974054] page_type: f5(slab) [ 12.974212] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.974824] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.975346] page dumped because: kasan: bad access detected [ 12.975581] [ 12.975658] Memory state around the buggy address: [ 12.975819] ffff8881039bf100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.976036] ffff8881039bf180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.976286] >ffff8881039bf200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.976836] ^ [ 12.977054] ffff8881039bf280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.977737] ffff8881039bf300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.978268] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 12.380186] ================================================================== [ 12.380750] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 12.381108] Read of size 1 at addr ffff888100c16780 by task kunit_try_catch/232 [ 12.381418] [ 12.381514] CPU: 0 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.381562] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.381574] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.381597] Call Trace: [ 12.381609] <TASK> [ 12.381627] dump_stack_lvl+0x73/0xb0 [ 12.381655] print_report+0xd1/0x650 [ 12.381678] ? __virt_addr_valid+0x1db/0x2d0 [ 12.381702] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.381725] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.381746] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.381771] kasan_report+0x141/0x180 [ 12.381792] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.381818] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.381842] __kasan_check_byte+0x3d/0x50 [ 12.381863] kmem_cache_destroy+0x25/0x1d0 [ 12.381887] kmem_cache_double_destroy+0x1bf/0x380 [ 12.381911] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 12.381934] ? finish_task_switch.isra.0+0x153/0x700 [ 12.381956] ? __switch_to+0x47/0xf50 [ 12.381984] ? __pfx_read_tsc+0x10/0x10 [ 12.382005] ? ktime_get_ts64+0x86/0x230 [ 12.382029] kunit_try_run_case+0x1a5/0x480 [ 12.382055] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.382076] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.382099] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.382137] ? __kthread_parkme+0x82/0x180 [ 12.382333] ? preempt_count_sub+0x50/0x80 [ 12.382356] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.382380] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.382446] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.382472] kthread+0x337/0x6f0 [ 12.382491] ? trace_preempt_on+0x20/0xc0 [ 12.382523] ? __pfx_kthread+0x10/0x10 [ 12.382542] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.382563] ? calculate_sigpending+0x7b/0xa0 [ 12.382587] ? __pfx_kthread+0x10/0x10 [ 12.382608] ret_from_fork+0x116/0x1d0 [ 12.382625] ? __pfx_kthread+0x10/0x10 [ 12.382645] ret_from_fork_asm+0x1a/0x30 [ 12.382674] </TASK> [ 12.382686] [ 12.392905] Allocated by task 232: [ 12.393051] kasan_save_stack+0x45/0x70 [ 12.393891] kasan_save_track+0x18/0x40 [ 12.394083] kasan_save_alloc_info+0x3b/0x50 [ 12.394437] __kasan_slab_alloc+0x91/0xa0 [ 12.394663] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.394854] __kmem_cache_create_args+0x169/0x240 [ 12.395079] kmem_cache_double_destroy+0xd5/0x380 [ 12.395326] kunit_try_run_case+0x1a5/0x480 [ 12.395600] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.395819] kthread+0x337/0x6f0 [ 12.395994] ret_from_fork+0x116/0x1d0 [ 12.396246] ret_from_fork_asm+0x1a/0x30 [ 12.396529] [ 12.396606] Freed by task 232: [ 12.396759] kasan_save_stack+0x45/0x70 [ 12.396920] kasan_save_track+0x18/0x40 [ 12.397099] kasan_save_free_info+0x3f/0x60 [ 12.397534] __kasan_slab_free+0x56/0x70 [ 12.397774] kmem_cache_free+0x249/0x420 [ 12.397909] slab_kmem_cache_release+0x2e/0x40 [ 12.398115] kmem_cache_release+0x16/0x20 [ 12.398401] kobject_put+0x181/0x450 [ 12.398576] sysfs_slab_release+0x16/0x20 [ 12.398881] kmem_cache_destroy+0xf0/0x1d0 [ 12.399083] kmem_cache_double_destroy+0x14e/0x380 [ 12.399299] kunit_try_run_case+0x1a5/0x480 [ 12.399570] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.399988] kthread+0x337/0x6f0 [ 12.400120] ret_from_fork+0x116/0x1d0 [ 12.400599] ret_from_fork_asm+0x1a/0x30 [ 12.400804] [ 12.400883] The buggy address belongs to the object at ffff888100c16780 [ 12.400883] which belongs to the cache kmem_cache of size 208 [ 12.402112] The buggy address is located 0 bytes inside of [ 12.402112] freed 208-byte region [ffff888100c16780, ffff888100c16850) [ 12.402855] [ 12.403058] The buggy address belongs to the physical page: [ 12.403311] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100c16 [ 12.403845] flags: 0x200000000000000(node=0|zone=2) [ 12.404070] page_type: f5(slab) [ 12.404541] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 12.404883] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 12.405630] page dumped because: kasan: bad access detected [ 12.405868] [ 12.405944] Memory state around the buggy address: [ 12.406459] ffff888100c16680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.406868] ffff888100c16700: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.407367] >ffff888100c16780: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.407811] ^ [ 12.407996] ffff888100c16800: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 12.408602] ffff888100c16880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.408994] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 12.321684] ================================================================== [ 12.322166] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.322439] Read of size 1 at addr ffff88810318f000 by task kunit_try_catch/230 [ 12.322751] [ 12.322849] CPU: 1 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.322895] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.322906] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.322926] Call Trace: [ 12.322938] <TASK> [ 12.322956] dump_stack_lvl+0x73/0xb0 [ 12.322983] print_report+0xd1/0x650 [ 12.323004] ? __virt_addr_valid+0x1db/0x2d0 [ 12.323027] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.323048] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.323068] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.323090] kasan_report+0x141/0x180 [ 12.323110] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.323168] __asan_report_load1_noabort+0x18/0x20 [ 12.323191] kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.323212] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 12.323234] ? finish_task_switch.isra.0+0x153/0x700 [ 12.323256] ? __switch_to+0x47/0xf50 [ 12.323283] ? __pfx_read_tsc+0x10/0x10 [ 12.323303] ? ktime_get_ts64+0x86/0x230 [ 12.323327] kunit_try_run_case+0x1a5/0x480 [ 12.323353] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.323375] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.323398] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.323419] ? __kthread_parkme+0x82/0x180 [ 12.323439] ? preempt_count_sub+0x50/0x80 [ 12.323460] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.323482] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.323503] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.323744] kthread+0x337/0x6f0 [ 12.323764] ? trace_preempt_on+0x20/0xc0 [ 12.323787] ? __pfx_kthread+0x10/0x10 [ 12.323809] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.323829] ? calculate_sigpending+0x7b/0xa0 [ 12.323852] ? __pfx_kthread+0x10/0x10 [ 12.323872] ret_from_fork+0x116/0x1d0 [ 12.323891] ? __pfx_kthread+0x10/0x10 [ 12.323912] ret_from_fork_asm+0x1a/0x30 [ 12.323941] </TASK> [ 12.323953] [ 12.330728] Allocated by task 230: [ 12.330864] kasan_save_stack+0x45/0x70 [ 12.331064] kasan_save_track+0x18/0x40 [ 12.331292] kasan_save_alloc_info+0x3b/0x50 [ 12.331512] __kasan_slab_alloc+0x91/0xa0 [ 12.331719] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.331923] kmem_cache_rcu_uaf+0x155/0x510 [ 12.332144] kunit_try_run_case+0x1a5/0x480 [ 12.332292] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.332523] kthread+0x337/0x6f0 [ 12.332701] ret_from_fork+0x116/0x1d0 [ 12.332870] ret_from_fork_asm+0x1a/0x30 [ 12.333032] [ 12.333167] Freed by task 0: [ 12.333319] kasan_save_stack+0x45/0x70 [ 12.333465] kasan_save_track+0x18/0x40 [ 12.333598] kasan_save_free_info+0x3f/0x60 [ 12.333743] __kasan_slab_free+0x56/0x70 [ 12.333878] slab_free_after_rcu_debug+0xe4/0x310 [ 12.334065] rcu_core+0x66f/0x1c40 [ 12.334276] rcu_core_si+0x12/0x20 [ 12.334454] handle_softirqs+0x209/0x730 [ 12.334654] __irq_exit_rcu+0xc9/0x110 [ 12.334844] irq_exit_rcu+0x12/0x20 [ 12.335020] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.335228] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 12.335399] [ 12.335469] Last potentially related work creation: [ 12.335640] kasan_save_stack+0x45/0x70 [ 12.335834] kasan_record_aux_stack+0xb2/0xc0 [ 12.336048] kmem_cache_free+0x131/0x420 [ 12.336277] kmem_cache_rcu_uaf+0x194/0x510 [ 12.336490] kunit_try_run_case+0x1a5/0x480 [ 12.336695] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.336937] kthread+0x337/0x6f0 [ 12.337100] ret_from_fork+0x116/0x1d0 [ 12.337285] ret_from_fork_asm+0x1a/0x30 [ 12.337484] [ 12.337557] The buggy address belongs to the object at ffff88810318f000 [ 12.337557] which belongs to the cache test_cache of size 200 [ 12.338043] The buggy address is located 0 bytes inside of [ 12.338043] freed 200-byte region [ffff88810318f000, ffff88810318f0c8) [ 12.338541] [ 12.338633] The buggy address belongs to the physical page: [ 12.338814] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10318f [ 12.339054] flags: 0x200000000000000(node=0|zone=2) [ 12.339251] page_type: f5(slab) [ 12.339413] raw: 0200000000000000 ffff888100c16640 dead000000000122 0000000000000000 [ 12.339752] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.340089] page dumped because: kasan: bad access detected [ 12.340366] [ 12.340462] Memory state around the buggy address: [ 12.340672] ffff88810318ef00: 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc [ 12.340889] ffff88810318ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.341150] >ffff88810318f000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.341473] ^ [ 12.341639] ffff88810318f080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 12.341955] ffff88810318f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.342279] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 12.263904] ================================================================== [ 12.264659] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 12.266163] Free of addr ffff8881039be001 by task kunit_try_catch/228 [ 12.266486] [ 12.266588] CPU: 1 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.266630] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.266641] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.266661] Call Trace: [ 12.266673] <TASK> [ 12.266688] dump_stack_lvl+0x73/0xb0 [ 12.266718] print_report+0xd1/0x650 [ 12.266740] ? __virt_addr_valid+0x1db/0x2d0 [ 12.266765] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.266785] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.266809] kasan_report_invalid_free+0x10a/0x130 [ 12.266832] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.266857] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.266879] check_slab_allocation+0x11f/0x130 [ 12.266900] __kasan_slab_pre_free+0x28/0x40 [ 12.266920] kmem_cache_free+0xed/0x420 [ 12.266939] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.266959] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.266984] kmem_cache_invalid_free+0x1d8/0x460 [ 12.267008] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 12.267030] ? finish_task_switch.isra.0+0x153/0x700 [ 12.267053] ? __switch_to+0x47/0xf50 [ 12.267090] ? __pfx_read_tsc+0x10/0x10 [ 12.267111] ? ktime_get_ts64+0x86/0x230 [ 12.267147] kunit_try_run_case+0x1a5/0x480 [ 12.267171] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.267191] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.267214] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.267235] ? __kthread_parkme+0x82/0x180 [ 12.267255] ? preempt_count_sub+0x50/0x80 [ 12.267276] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.267298] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.267319] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.267340] kthread+0x337/0x6f0 [ 12.267358] ? trace_preempt_on+0x20/0xc0 [ 12.267381] ? __pfx_kthread+0x10/0x10 [ 12.267400] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.267420] ? calculate_sigpending+0x7b/0xa0 [ 12.267443] ? __pfx_kthread+0x10/0x10 [ 12.267463] ret_from_fork+0x116/0x1d0 [ 12.267480] ? __pfx_kthread+0x10/0x10 [ 12.267499] ret_from_fork_asm+0x1a/0x30 [ 12.267529] </TASK> [ 12.267539] [ 12.276008] Allocated by task 228: [ 12.276151] kasan_save_stack+0x45/0x70 [ 12.276479] kasan_save_track+0x18/0x40 [ 12.276676] kasan_save_alloc_info+0x3b/0x50 [ 12.276844] __kasan_slab_alloc+0x91/0xa0 [ 12.277045] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.277279] kmem_cache_invalid_free+0x157/0x460 [ 12.277525] kunit_try_run_case+0x1a5/0x480 [ 12.277693] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.277937] kthread+0x337/0x6f0 [ 12.278058] ret_from_fork+0x116/0x1d0 [ 12.278307] ret_from_fork_asm+0x1a/0x30 [ 12.278637] [ 12.278735] The buggy address belongs to the object at ffff8881039be000 [ 12.278735] which belongs to the cache test_cache of size 200 [ 12.279275] The buggy address is located 1 bytes inside of [ 12.279275] 200-byte region [ffff8881039be000, ffff8881039be0c8) [ 12.279725] [ 12.279813] The buggy address belongs to the physical page: [ 12.280054] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039be [ 12.280621] flags: 0x200000000000000(node=0|zone=2) [ 12.280851] page_type: f5(slab) [ 12.281007] raw: 0200000000000000 ffff8881019c6500 dead000000000122 0000000000000000 [ 12.281356] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.281680] page dumped because: kasan: bad access detected [ 12.281852] [ 12.281922] Memory state around the buggy address: [ 12.282077] ffff8881039bdf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.282349] ffff8881039bdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.282674] >ffff8881039be000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.282987] ^ [ 12.283104] ffff8881039be080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 12.283327] ffff8881039be100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.283540] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 12.227713] ================================================================== [ 12.228194] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 12.228829] Free of addr ffff88810318e000 by task kunit_try_catch/226 [ 12.229590] [ 12.229822] CPU: 0 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.229870] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.229881] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.229902] Call Trace: [ 12.229914] <TASK> [ 12.229931] dump_stack_lvl+0x73/0xb0 [ 12.229960] print_report+0xd1/0x650 [ 12.229982] ? __virt_addr_valid+0x1db/0x2d0 [ 12.230005] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.230066] ? kmem_cache_double_free+0x1e5/0x480 [ 12.230090] kasan_report_invalid_free+0x10a/0x130 [ 12.230113] ? kmem_cache_double_free+0x1e5/0x480 [ 12.230149] ? kmem_cache_double_free+0x1e5/0x480 [ 12.230172] check_slab_allocation+0x101/0x130 [ 12.230193] __kasan_slab_pre_free+0x28/0x40 [ 12.230212] kmem_cache_free+0xed/0x420 [ 12.230232] ? kasan_save_track+0x18/0x40 [ 12.230250] ? kasan_save_stack+0x45/0x70 [ 12.230268] ? kmem_cache_double_free+0x1e5/0x480 [ 12.230290] ? __kasan_slab_free+0x61/0x70 [ 12.230322] kmem_cache_double_free+0x1e5/0x480 [ 12.230345] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 12.230367] ? finish_task_switch.isra.0+0x153/0x700 [ 12.230390] ? __switch_to+0x47/0xf50 [ 12.230418] ? __pfx_read_tsc+0x10/0x10 [ 12.230437] ? ktime_get_ts64+0x86/0x230 [ 12.230461] kunit_try_run_case+0x1a5/0x480 [ 12.230485] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.230506] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.230533] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.230555] ? __kthread_parkme+0x82/0x180 [ 12.230575] ? preempt_count_sub+0x50/0x80 [ 12.230597] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.230619] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.230642] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.230663] kthread+0x337/0x6f0 [ 12.230682] ? trace_preempt_on+0x20/0xc0 [ 12.230704] ? __pfx_kthread+0x10/0x10 [ 12.230724] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.230743] ? calculate_sigpending+0x7b/0xa0 [ 12.230766] ? __pfx_kthread+0x10/0x10 [ 12.230787] ret_from_fork+0x116/0x1d0 [ 12.230804] ? __pfx_kthread+0x10/0x10 [ 12.230823] ret_from_fork_asm+0x1a/0x30 [ 12.230854] </TASK> [ 12.230867] [ 12.245330] Allocated by task 226: [ 12.245478] kasan_save_stack+0x45/0x70 [ 12.245627] kasan_save_track+0x18/0x40 [ 12.245768] kasan_save_alloc_info+0x3b/0x50 [ 12.245975] __kasan_slab_alloc+0x91/0xa0 [ 12.246116] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.246297] kmem_cache_double_free+0x14f/0x480 [ 12.246585] kunit_try_run_case+0x1a5/0x480 [ 12.246745] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.246925] kthread+0x337/0x6f0 [ 12.247095] ret_from_fork+0x116/0x1d0 [ 12.247316] ret_from_fork_asm+0x1a/0x30 [ 12.247512] [ 12.247600] Freed by task 226: [ 12.247726] kasan_save_stack+0x45/0x70 [ 12.247883] kasan_save_track+0x18/0x40 [ 12.248074] kasan_save_free_info+0x3f/0x60 [ 12.248265] __kasan_slab_free+0x56/0x70 [ 12.248451] kmem_cache_free+0x249/0x420 [ 12.248612] kmem_cache_double_free+0x16a/0x480 [ 12.248763] kunit_try_run_case+0x1a5/0x480 [ 12.248903] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.249154] kthread+0x337/0x6f0 [ 12.249497] ret_from_fork+0x116/0x1d0 [ 12.249672] ret_from_fork_asm+0x1a/0x30 [ 12.249804] [ 12.249873] The buggy address belongs to the object at ffff88810318e000 [ 12.249873] which belongs to the cache test_cache of size 200 [ 12.250555] The buggy address is located 0 bytes inside of [ 12.250555] 200-byte region [ffff88810318e000, ffff88810318e0c8) [ 12.251049] [ 12.251133] The buggy address belongs to the physical page: [ 12.251336] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10318e [ 12.251569] flags: 0x200000000000000(node=0|zone=2) [ 12.251803] page_type: f5(slab) [ 12.251966] raw: 0200000000000000 ffff888100c16500 dead000000000122 0000000000000000 [ 12.252867] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.253219] page dumped because: kasan: bad access detected [ 12.253525] [ 12.253622] Memory state around the buggy address: [ 12.253818] ffff88810318df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.254057] ffff88810318df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.254592] >ffff88810318e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.254851] ^ [ 12.255016] ffff88810318e080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 12.255548] ffff88810318e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.255828] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 12.188169] ================================================================== [ 12.189644] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 12.190132] Read of size 1 at addr ffff8881039bc0c8 by task kunit_try_catch/224 [ 12.190518] [ 12.190736] CPU: 1 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.190809] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.190821] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.190842] Call Trace: [ 12.190854] <TASK> [ 12.190869] dump_stack_lvl+0x73/0xb0 [ 12.190908] print_report+0xd1/0x650 [ 12.190929] ? __virt_addr_valid+0x1db/0x2d0 [ 12.190953] ? kmem_cache_oob+0x402/0x530 [ 12.190974] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.190995] ? kmem_cache_oob+0x402/0x530 [ 12.191017] kasan_report+0x141/0x180 [ 12.191038] ? kmem_cache_oob+0x402/0x530 [ 12.191064] __asan_report_load1_noabort+0x18/0x20 [ 12.191087] kmem_cache_oob+0x402/0x530 [ 12.191107] ? trace_hardirqs_on+0x37/0xe0 [ 12.191166] ? __pfx_kmem_cache_oob+0x10/0x10 [ 12.191188] ? finish_task_switch.isra.0+0x153/0x700 [ 12.191210] ? __switch_to+0x47/0xf50 [ 12.191237] ? __pfx_read_tsc+0x10/0x10 [ 12.191257] ? ktime_get_ts64+0x86/0x230 [ 12.191281] kunit_try_run_case+0x1a5/0x480 [ 12.191304] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.191335] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.191357] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.191379] ? __kthread_parkme+0x82/0x180 [ 12.191398] ? preempt_count_sub+0x50/0x80 [ 12.191419] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.191441] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.191462] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.191483] kthread+0x337/0x6f0 [ 12.191501] ? trace_preempt_on+0x20/0xc0 [ 12.191521] ? __pfx_kthread+0x10/0x10 [ 12.191540] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.191559] ? calculate_sigpending+0x7b/0xa0 [ 12.191582] ? __pfx_kthread+0x10/0x10 [ 12.191604] ret_from_fork+0x116/0x1d0 [ 12.191621] ? __pfx_kthread+0x10/0x10 [ 12.191640] ret_from_fork_asm+0x1a/0x30 [ 12.191669] </TASK> [ 12.191679] [ 12.203803] Allocated by task 224: [ 12.203944] kasan_save_stack+0x45/0x70 [ 12.204157] kasan_save_track+0x18/0x40 [ 12.204565] kasan_save_alloc_info+0x3b/0x50 [ 12.204831] __kasan_slab_alloc+0x91/0xa0 [ 12.205013] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.205234] kmem_cache_oob+0x157/0x530 [ 12.205456] kunit_try_run_case+0x1a5/0x480 [ 12.205697] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.205902] kthread+0x337/0x6f0 [ 12.206100] ret_from_fork+0x116/0x1d0 [ 12.206437] ret_from_fork_asm+0x1a/0x30 [ 12.206675] [ 12.206772] The buggy address belongs to the object at ffff8881039bc000 [ 12.206772] which belongs to the cache test_cache of size 200 [ 12.207350] The buggy address is located 0 bytes to the right of [ 12.207350] allocated 200-byte region [ffff8881039bc000, ffff8881039bc0c8) [ 12.207958] [ 12.208061] The buggy address belongs to the physical page: [ 12.208375] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bc [ 12.208807] flags: 0x200000000000000(node=0|zone=2) [ 12.208981] page_type: f5(slab) [ 12.209099] raw: 0200000000000000 ffff8881019c63c0 dead000000000122 0000000000000000 [ 12.209536] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.209851] page dumped because: kasan: bad access detected [ 12.210057] [ 12.210172] Memory state around the buggy address: [ 12.210490] ffff8881039bbf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.210719] ffff8881039bc000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.211064] >ffff8881039bc080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 12.211366] ^ [ 12.211888] ffff8881039bc100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.212542] ffff8881039bc180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.212862] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 12.147025] ================================================================== [ 12.147754] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 12.148062] Read of size 8 at addr ffff888103180f80 by task kunit_try_catch/217 [ 12.148821] [ 12.149215] CPU: 0 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.149366] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.149392] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.149415] Call Trace: [ 12.149430] <TASK> [ 12.149449] dump_stack_lvl+0x73/0xb0 [ 12.149516] print_report+0xd1/0x650 [ 12.149539] ? __virt_addr_valid+0x1db/0x2d0 [ 12.149561] ? workqueue_uaf+0x4d6/0x560 [ 12.149581] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.149601] ? workqueue_uaf+0x4d6/0x560 [ 12.149621] kasan_report+0x141/0x180 [ 12.149642] ? workqueue_uaf+0x4d6/0x560 [ 12.149666] __asan_report_load8_noabort+0x18/0x20 [ 12.149689] workqueue_uaf+0x4d6/0x560 [ 12.149710] ? __pfx_workqueue_uaf+0x10/0x10 [ 12.149731] ? __schedule+0x10cc/0x2b60 [ 12.149751] ? __pfx_read_tsc+0x10/0x10 [ 12.149772] ? ktime_get_ts64+0x86/0x230 [ 12.149796] kunit_try_run_case+0x1a5/0x480 [ 12.149819] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.149840] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.149862] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.149883] ? __kthread_parkme+0x82/0x180 [ 12.149903] ? preempt_count_sub+0x50/0x80 [ 12.149926] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.149948] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.149969] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.149990] kthread+0x337/0x6f0 [ 12.150008] ? trace_preempt_on+0x20/0xc0 [ 12.150032] ? __pfx_kthread+0x10/0x10 [ 12.150051] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.150071] ? calculate_sigpending+0x7b/0xa0 [ 12.150094] ? __pfx_kthread+0x10/0x10 [ 12.150131] ret_from_fork+0x116/0x1d0 [ 12.150149] ? __pfx_kthread+0x10/0x10 [ 12.150168] ret_from_fork_asm+0x1a/0x30 [ 12.150197] </TASK> [ 12.150209] [ 12.163622] Allocated by task 217: [ 12.164089] kasan_save_stack+0x45/0x70 [ 12.164315] kasan_save_track+0x18/0x40 [ 12.164474] kasan_save_alloc_info+0x3b/0x50 [ 12.164917] __kasan_kmalloc+0xb7/0xc0 [ 12.165136] __kmalloc_cache_noprof+0x189/0x420 [ 12.165450] workqueue_uaf+0x152/0x560 [ 12.165763] kunit_try_run_case+0x1a5/0x480 [ 12.165915] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.166424] kthread+0x337/0x6f0 [ 12.166592] ret_from_fork+0x116/0x1d0 [ 12.166913] ret_from_fork_asm+0x1a/0x30 [ 12.167210] [ 12.167287] Freed by task 9: [ 12.167552] kasan_save_stack+0x45/0x70 [ 12.167950] kasan_save_track+0x18/0x40 [ 12.168144] kasan_save_free_info+0x3f/0x60 [ 12.168373] __kasan_slab_free+0x56/0x70 [ 12.168548] kfree+0x222/0x3f0 [ 12.168676] workqueue_uaf_work+0x12/0x20 [ 12.168875] process_one_work+0x5ee/0xf60 [ 12.169068] worker_thread+0x758/0x1220 [ 12.169743] kthread+0x337/0x6f0 [ 12.169925] ret_from_fork+0x116/0x1d0 [ 12.170074] ret_from_fork_asm+0x1a/0x30 [ 12.170629] [ 12.170733] Last potentially related work creation: [ 12.171027] kasan_save_stack+0x45/0x70 [ 12.171422] kasan_record_aux_stack+0xb2/0xc0 [ 12.171618] __queue_work+0x626/0xeb0 [ 12.171919] queue_work_on+0xb6/0xc0 [ 12.172089] workqueue_uaf+0x26d/0x560 [ 12.172457] kunit_try_run_case+0x1a5/0x480 [ 12.172721] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.172953] kthread+0x337/0x6f0 [ 12.173111] ret_from_fork+0x116/0x1d0 [ 12.173544] ret_from_fork_asm+0x1a/0x30 [ 12.173805] [ 12.173884] The buggy address belongs to the object at ffff888103180f80 [ 12.173884] which belongs to the cache kmalloc-32 of size 32 [ 12.174735] The buggy address is located 0 bytes inside of [ 12.174735] freed 32-byte region [ffff888103180f80, ffff888103180fa0) [ 12.175252] [ 12.175374] The buggy address belongs to the physical page: [ 12.175909] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103180 [ 12.176398] flags: 0x200000000000000(node=0|zone=2) [ 12.176625] page_type: f5(slab) [ 12.176919] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.177329] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 12.177647] page dumped because: kasan: bad access detected [ 12.177892] [ 12.177980] Memory state around the buggy address: [ 12.178532] ffff888103180e80: 00 00 00 fc fc fc fc fc 00 00 03 fc fc fc fc fc [ 12.178814] ffff888103180f00: 00 00 07 fc fc fc fc fc 00 00 00 07 fc fc fc fc [ 12.179316] >ffff888103180f80: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 12.179846] ^ [ 12.180004] ffff888103181000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.180440] ffff888103181080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 12.180804] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 12.104453] ================================================================== [ 12.104904] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 12.105208] Read of size 4 at addr ffff8881027b4f00 by task swapper/1/0 [ 12.105491] [ 12.105685] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.105731] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.105742] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.105762] Call Trace: [ 12.105786] <IRQ> [ 12.105802] dump_stack_lvl+0x73/0xb0 [ 12.105831] print_report+0xd1/0x650 [ 12.105853] ? __virt_addr_valid+0x1db/0x2d0 [ 12.105876] ? rcu_uaf_reclaim+0x50/0x60 [ 12.105896] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.105916] ? rcu_uaf_reclaim+0x50/0x60 [ 12.105935] kasan_report+0x141/0x180 [ 12.105956] ? rcu_uaf_reclaim+0x50/0x60 [ 12.105979] __asan_report_load4_noabort+0x18/0x20 [ 12.106002] rcu_uaf_reclaim+0x50/0x60 [ 12.106021] rcu_core+0x66f/0x1c40 [ 12.106049] ? __pfx_rcu_core+0x10/0x10 [ 12.106069] ? ktime_get+0x6b/0x150 [ 12.106094] rcu_core_si+0x12/0x20 [ 12.106113] handle_softirqs+0x209/0x730 [ 12.106167] ? hrtimer_interrupt+0x2fe/0x780 [ 12.106189] ? __pfx_handle_softirqs+0x10/0x10 [ 12.106213] __irq_exit_rcu+0xc9/0x110 [ 12.106232] irq_exit_rcu+0x12/0x20 [ 12.106250] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.106274] </IRQ> [ 12.106298] <TASK> [ 12.106309] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 12.106394] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 12.106608] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 03 8a 21 00 fb f4 <e9> 7c 1d 02 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 12.106686] RSP: 0000:ffff888100877dc8 EFLAGS: 00010202 [ 12.106772] RAX: ffff8881ba774000 RBX: ffff888100853000 RCX: ffffffff9e4730e5 [ 12.106816] RDX: ffffed102b62618b RSI: 0000000000000004 RDI: 0000000000010bb4 [ 12.106858] RBP: ffff888100877dd0 R08: 0000000000000001 R09: ffffed102b62618a [ 12.106906] R10: ffff88815b130c53 R11: 000000000000cc00 R12: 0000000000000001 [ 12.106947] R13: ffffed102010a600 R14: ffffffffa01b0690 R15: 0000000000000000 [ 12.107005] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 12.107056] ? default_idle+0xd/0x20 [ 12.107077] arch_cpu_idle+0xd/0x20 [ 12.107097] default_idle_call+0x48/0x80 [ 12.107119] do_idle+0x379/0x4f0 [ 12.107156] ? complete+0x15b/0x1d0 [ 12.107173] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.107197] ? __pfx_do_idle+0x10/0x10 [ 12.107217] ? _raw_spin_unlock_irqrestore+0x49/0x90 [ 12.107238] ? complete+0x15b/0x1d0 [ 12.107259] cpu_startup_entry+0x5c/0x70 [ 12.107281] start_secondary+0x211/0x290 [ 12.107302] ? __pfx_start_secondary+0x10/0x10 [ 12.107326] common_startup_64+0x13e/0x148 [ 12.107357] </TASK> [ 12.107368] [ 12.120639] Allocated by task 215: [ 12.120970] kasan_save_stack+0x45/0x70 [ 12.121476] kasan_save_track+0x18/0x40 [ 12.121746] kasan_save_alloc_info+0x3b/0x50 [ 12.122094] __kasan_kmalloc+0xb7/0xc0 [ 12.122288] __kmalloc_cache_noprof+0x189/0x420 [ 12.122821] rcu_uaf+0xb0/0x330 [ 12.122991] kunit_try_run_case+0x1a5/0x480 [ 12.123531] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.123803] kthread+0x337/0x6f0 [ 12.123965] ret_from_fork+0x116/0x1d0 [ 12.124428] ret_from_fork_asm+0x1a/0x30 [ 12.124704] [ 12.124796] Freed by task 0: [ 12.124935] kasan_save_stack+0x45/0x70 [ 12.125111] kasan_save_track+0x18/0x40 [ 12.125581] kasan_save_free_info+0x3f/0x60 [ 12.125771] __kasan_slab_free+0x56/0x70 [ 12.125946] kfree+0x222/0x3f0 [ 12.126093] rcu_uaf_reclaim+0x1f/0x60 [ 12.126557] rcu_core+0x66f/0x1c40 [ 12.126964] rcu_core_si+0x12/0x20 [ 12.127290] handle_softirqs+0x209/0x730 [ 12.127641] __irq_exit_rcu+0xc9/0x110 [ 12.127823] irq_exit_rcu+0x12/0x20 [ 12.127989] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.128635] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 12.129087] [ 12.129262] Last potentially related work creation: [ 12.129544] kasan_save_stack+0x45/0x70 [ 12.129733] kasan_record_aux_stack+0xb2/0xc0 [ 12.129932] __call_rcu_common.constprop.0+0x7b/0x9e0 [ 12.130501] call_rcu+0x12/0x20 [ 12.130820] rcu_uaf+0x168/0x330 [ 12.131004] kunit_try_run_case+0x1a5/0x480 [ 12.131584] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.131923] kthread+0x337/0x6f0 [ 12.132297] ret_from_fork+0x116/0x1d0 [ 12.132696] ret_from_fork_asm+0x1a/0x30 [ 12.132899] [ 12.133003] The buggy address belongs to the object at ffff8881027b4f00 [ 12.133003] which belongs to the cache kmalloc-32 of size 32 [ 12.134238] The buggy address is located 0 bytes inside of [ 12.134238] freed 32-byte region [ffff8881027b4f00, ffff8881027b4f20) [ 12.134996] [ 12.135096] The buggy address belongs to the physical page: [ 12.135843] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027b4 [ 12.136494] flags: 0x200000000000000(node=0|zone=2) [ 12.136720] page_type: f5(slab) [ 12.136881] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.137472] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 12.137782] page dumped because: kasan: bad access detected [ 12.138012] [ 12.138100] Memory state around the buggy address: [ 12.138718] ffff8881027b4e00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 12.139016] ffff8881027b4e80: 00 00 05 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 12.139592] >ffff8881027b4f00: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 12.139884] ^ [ 12.140035] ffff8881027b4f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.140981] ffff8881027b5000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.141655] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 11.060424] ================================================================== [ 11.061028] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 11.061456] Read of size 1 at addr ffff888103980000 by task kunit_try_catch/171 [ 11.061762] [ 11.061864] CPU: 0 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.061906] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.061917] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.061937] Call Trace: [ 11.061950] <TASK> [ 11.061964] dump_stack_lvl+0x73/0xb0 [ 11.061990] print_report+0xd1/0x650 [ 11.062012] ? __virt_addr_valid+0x1db/0x2d0 [ 11.062034] ? page_alloc_uaf+0x356/0x3d0 [ 11.062055] ? kasan_addr_to_slab+0x11/0xa0 [ 11.062074] ? page_alloc_uaf+0x356/0x3d0 [ 11.062095] kasan_report+0x141/0x180 [ 11.062115] ? page_alloc_uaf+0x356/0x3d0 [ 11.062153] __asan_report_load1_noabort+0x18/0x20 [ 11.062176] page_alloc_uaf+0x356/0x3d0 [ 11.062197] ? __pfx_page_alloc_uaf+0x10/0x10 [ 11.062220] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 11.062243] ? __pfx_read_tsc+0x10/0x10 [ 11.062264] ? ktime_get_ts64+0x86/0x230 [ 11.062286] kunit_try_run_case+0x1a5/0x480 [ 11.062309] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.062330] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 11.062351] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.062632] ? __kthread_parkme+0x82/0x180 [ 11.062655] ? preempt_count_sub+0x50/0x80 [ 11.062679] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.062701] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.062723] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.062745] kthread+0x337/0x6f0 [ 11.062763] ? trace_preempt_on+0x20/0xc0 [ 11.062785] ? __pfx_kthread+0x10/0x10 [ 11.062805] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.062825] ? calculate_sigpending+0x7b/0xa0 [ 11.062848] ? __pfx_kthread+0x10/0x10 [ 11.062868] ret_from_fork+0x116/0x1d0 [ 11.062885] ? __pfx_kthread+0x10/0x10 [ 11.062905] ret_from_fork_asm+0x1a/0x30 [ 11.062934] </TASK> [ 11.062945] [ 11.070347] The buggy address belongs to the physical page: [ 11.070879] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103980 [ 11.071195] flags: 0x200000000000000(node=0|zone=2) [ 11.071576] page_type: f0(buddy) [ 11.071700] raw: 0200000000000000 ffff88817fffb538 ffff88817fffb538 0000000000000000 [ 11.071988] raw: 0000000000000000 0000000000000007 00000000f0000000 0000000000000000 [ 11.072383] page dumped because: kasan: bad access detected [ 11.072730] [ 11.072828] Memory state around the buggy address: [ 11.073038] ffff88810397ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.073431] ffff88810397ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.073951] >ffff888103980000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.074318] ^ [ 11.074518] ffff888103980080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.074798] ffff888103980100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.075055] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 11.036713] ================================================================== [ 11.037444] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 11.037697] Free of addr ffff888103948001 by task kunit_try_catch/167 [ 11.037960] [ 11.038070] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.038112] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.038136] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.038155] Call Trace: [ 11.038166] <TASK> [ 11.038180] dump_stack_lvl+0x73/0xb0 [ 11.038206] print_report+0xd1/0x650 [ 11.038228] ? __virt_addr_valid+0x1db/0x2d0 [ 11.038250] ? kasan_addr_to_slab+0x11/0xa0 [ 11.038269] ? kfree+0x274/0x3f0 [ 11.038290] kasan_report_invalid_free+0x10a/0x130 [ 11.038323] ? kfree+0x274/0x3f0 [ 11.038346] ? kfree+0x274/0x3f0 [ 11.038366] __kasan_kfree_large+0x86/0xd0 [ 11.038386] free_large_kmalloc+0x4b/0x110 [ 11.038408] kfree+0x274/0x3f0 [ 11.038432] kmalloc_large_invalid_free+0x120/0x2b0 [ 11.038454] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 11.038476] ? __schedule+0x10cc/0x2b60 [ 11.038496] ? __pfx_read_tsc+0x10/0x10 [ 11.038520] ? ktime_get_ts64+0x86/0x230 [ 11.038543] kunit_try_run_case+0x1a5/0x480 [ 11.038567] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.038588] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.038609] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.038631] ? __kthread_parkme+0x82/0x180 [ 11.038651] ? preempt_count_sub+0x50/0x80 [ 11.038673] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.038696] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.038717] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.038739] kthread+0x337/0x6f0 [ 11.038757] ? trace_preempt_on+0x20/0xc0 [ 11.038780] ? __pfx_kthread+0x10/0x10 [ 11.038799] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.038819] ? calculate_sigpending+0x7b/0xa0 [ 11.038841] ? __pfx_kthread+0x10/0x10 [ 11.038861] ret_from_fork+0x116/0x1d0 [ 11.038878] ? __pfx_kthread+0x10/0x10 [ 11.038897] ret_from_fork_asm+0x1a/0x30 [ 11.038927] </TASK> [ 11.038936] [ 11.046988] The buggy address belongs to the physical page: [ 11.047182] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103948 [ 11.047909] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.048226] flags: 0x200000000000040(head|node=0|zone=2) [ 11.048723] page_type: f8(unknown) [ 11.048858] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.049202] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.049706] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.050184] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.050533] head: 0200000000000002 ffffea00040e5201 00000000ffffffff 00000000ffffffff [ 11.050793] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.051142] page dumped because: kasan: bad access detected [ 11.051439] [ 11.051528] Memory state around the buggy address: [ 11.051687] ffff888103947f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.051928] ffff888103947f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.052262] >ffff888103948000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.052581] ^ [ 11.052902] ffff888103948080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.053194] ffff888103948100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.053556] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 11.020403] ================================================================== [ 11.020957] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 11.021479] Read of size 1 at addr ffff888102aa0000 by task kunit_try_catch/165 [ 11.021773] [ 11.021884] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.021923] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.021934] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.021953] Call Trace: [ 11.021965] <TASK> [ 11.021979] dump_stack_lvl+0x73/0xb0 [ 11.022005] print_report+0xd1/0x650 [ 11.022026] ? __virt_addr_valid+0x1db/0x2d0 [ 11.022049] ? kmalloc_large_uaf+0x2f1/0x340 [ 11.022069] ? kasan_addr_to_slab+0x11/0xa0 [ 11.022088] ? kmalloc_large_uaf+0x2f1/0x340 [ 11.022108] kasan_report+0x141/0x180 [ 11.022151] ? kmalloc_large_uaf+0x2f1/0x340 [ 11.022176] __asan_report_load1_noabort+0x18/0x20 [ 11.022199] kmalloc_large_uaf+0x2f1/0x340 [ 11.022219] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 11.022240] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 11.022267] ? __pfx_read_tsc+0x10/0x10 [ 11.022289] ? ktime_get_ts64+0x86/0x230 [ 11.022312] kunit_try_run_case+0x1a5/0x480 [ 11.022336] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.022358] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 11.022378] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.022399] ? __kthread_parkme+0x82/0x180 [ 11.022418] ? preempt_count_sub+0x50/0x80 [ 11.022441] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.022463] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.022484] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.022505] kthread+0x337/0x6f0 [ 11.022530] ? trace_preempt_on+0x20/0xc0 [ 11.022552] ? __pfx_kthread+0x10/0x10 [ 11.022572] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.022591] ? calculate_sigpending+0x7b/0xa0 [ 11.022613] ? __pfx_kthread+0x10/0x10 [ 11.022634] ret_from_fork+0x116/0x1d0 [ 11.022652] ? __pfx_kthread+0x10/0x10 [ 11.022672] ret_from_fork_asm+0x1a/0x30 [ 11.022701] </TASK> [ 11.022711] [ 11.029961] The buggy address belongs to the physical page: [ 11.030517] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102aa0 [ 11.030878] flags: 0x200000000000000(node=0|zone=2) [ 11.031099] raw: 0200000000000000 ffffea00040aa908 ffff88815b039f80 0000000000000000 [ 11.031508] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 11.031785] page dumped because: kasan: bad access detected [ 11.031959] [ 11.032055] Memory state around the buggy address: [ 11.032535] ffff888102a9ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.032811] ffff888102a9ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.033114] >ffff888102aa0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.033548] ^ [ 11.033722] ffff888102aa0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.034025] ffff888102aa0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.034253] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 10.999748] ================================================================== [ 11.000321] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 11.000677] Write of size 1 at addr ffff88810394a00a by task kunit_try_catch/163 [ 11.001114] [ 11.001256] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.001298] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.001309] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.001328] Call Trace: [ 11.001340] <TASK> [ 11.001354] dump_stack_lvl+0x73/0xb0 [ 11.001383] print_report+0xd1/0x650 [ 11.001404] ? __virt_addr_valid+0x1db/0x2d0 [ 11.001427] ? kmalloc_large_oob_right+0x2e9/0x330 [ 11.001447] ? kasan_addr_to_slab+0x11/0xa0 [ 11.001466] ? kmalloc_large_oob_right+0x2e9/0x330 [ 11.001487] kasan_report+0x141/0x180 [ 11.001508] ? kmalloc_large_oob_right+0x2e9/0x330 [ 11.001533] __asan_report_store1_noabort+0x1b/0x30 [ 11.001552] kmalloc_large_oob_right+0x2e9/0x330 [ 11.001573] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 11.001594] ? __schedule+0x10cc/0x2b60 [ 11.001615] ? __pfx_read_tsc+0x10/0x10 [ 11.001636] ? ktime_get_ts64+0x86/0x230 [ 11.001659] kunit_try_run_case+0x1a5/0x480 [ 11.001683] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.001704] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.001726] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.001747] ? __kthread_parkme+0x82/0x180 [ 11.001767] ? preempt_count_sub+0x50/0x80 [ 11.001790] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.001812] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.001833] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.001855] kthread+0x337/0x6f0 [ 11.001873] ? trace_preempt_on+0x20/0xc0 [ 11.001896] ? __pfx_kthread+0x10/0x10 [ 11.001915] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.001934] ? calculate_sigpending+0x7b/0xa0 [ 11.001957] ? __pfx_kthread+0x10/0x10 [ 11.001977] ret_from_fork+0x116/0x1d0 [ 11.001995] ? __pfx_kthread+0x10/0x10 [ 11.002014] ret_from_fork_asm+0x1a/0x30 [ 11.002044] </TASK> [ 11.002054] [ 11.009471] The buggy address belongs to the physical page: [ 11.009737] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103948 [ 11.010011] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.010552] flags: 0x200000000000040(head|node=0|zone=2) [ 11.010815] page_type: f8(unknown) [ 11.010967] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.011408] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.011715] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.012020] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.012313] head: 0200000000000002 ffffea00040e5201 00000000ffffffff 00000000ffffffff [ 11.012741] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.013001] page dumped because: kasan: bad access detected [ 11.013517] [ 11.013604] Memory state around the buggy address: [ 11.013805] ffff888103949f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.014024] ffff888103949f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.014255] >ffff88810394a000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.014574] ^ [ 11.014752] ffff88810394a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.015066] ffff88810394a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.015479] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 10.978156] ================================================================== [ 10.979099] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 10.979401] Write of size 1 at addr ffff8881038f9f00 by task kunit_try_catch/161 [ 10.979788] [ 10.980142] CPU: 0 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 10.980189] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.980201] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.980221] Call Trace: [ 10.980232] <TASK> [ 10.980247] dump_stack_lvl+0x73/0xb0 [ 10.980276] print_report+0xd1/0x650 [ 10.980297] ? __virt_addr_valid+0x1db/0x2d0 [ 10.980337] ? kmalloc_big_oob_right+0x316/0x370 [ 10.980358] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.980379] ? kmalloc_big_oob_right+0x316/0x370 [ 10.980400] kasan_report+0x141/0x180 [ 10.980420] ? kmalloc_big_oob_right+0x316/0x370 [ 10.980446] __asan_report_store1_noabort+0x1b/0x30 [ 10.980466] kmalloc_big_oob_right+0x316/0x370 [ 10.980487] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 10.980508] ? __schedule+0x10cc/0x2b60 [ 10.980529] ? __pfx_read_tsc+0x10/0x10 [ 10.980550] ? ktime_get_ts64+0x86/0x230 [ 10.980573] kunit_try_run_case+0x1a5/0x480 [ 10.980597] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.980618] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.980639] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.980660] ? __kthread_parkme+0x82/0x180 [ 10.980680] ? preempt_count_sub+0x50/0x80 [ 10.980702] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.980724] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.980745] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.980767] kthread+0x337/0x6f0 [ 10.980785] ? trace_preempt_on+0x20/0xc0 [ 10.980807] ? __pfx_kthread+0x10/0x10 [ 10.980826] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.980846] ? calculate_sigpending+0x7b/0xa0 [ 10.980868] ? __pfx_kthread+0x10/0x10 [ 10.980889] ret_from_fork+0x116/0x1d0 [ 10.980906] ? __pfx_kthread+0x10/0x10 [ 10.980925] ret_from_fork_asm+0x1a/0x30 [ 10.980954] </TASK> [ 10.980965] [ 10.988146] Allocated by task 161: [ 10.988298] kasan_save_stack+0x45/0x70 [ 10.988498] kasan_save_track+0x18/0x40 [ 10.988634] kasan_save_alloc_info+0x3b/0x50 [ 10.988782] __kasan_kmalloc+0xb7/0xc0 [ 10.988967] __kmalloc_cache_noprof+0x189/0x420 [ 10.989282] kmalloc_big_oob_right+0xa9/0x370 [ 10.989497] kunit_try_run_case+0x1a5/0x480 [ 10.989708] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.989939] kthread+0x337/0x6f0 [ 10.990084] ret_from_fork+0x116/0x1d0 [ 10.990292] ret_from_fork_asm+0x1a/0x30 [ 10.990479] [ 10.990565] The buggy address belongs to the object at ffff8881038f8000 [ 10.990565] which belongs to the cache kmalloc-8k of size 8192 [ 10.991000] The buggy address is located 0 bytes to the right of [ 10.991000] allocated 7936-byte region [ffff8881038f8000, ffff8881038f9f00) [ 10.991552] [ 10.991671] The buggy address belongs to the physical page: [ 10.991886] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038f8 [ 10.992555] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.992796] flags: 0x200000000000040(head|node=0|zone=2) [ 10.992976] page_type: f5(slab) [ 10.993095] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 10.993449] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 10.993844] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 10.994137] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 10.994574] head: 0200000000000003 ffffea00040e3e01 00000000ffffffff 00000000ffffffff [ 10.994810] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 10.995105] page dumped because: kasan: bad access detected [ 10.995618] [ 10.995718] Memory state around the buggy address: [ 10.995945] ffff8881038f9e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.996289] ffff8881038f9e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.996557] >ffff8881038f9f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.996772] ^ [ 10.996942] ffff8881038f9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.997445] ffff8881038fa000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.997687] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 10.936637] ================================================================== [ 10.937098] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.937452] Write of size 1 at addr ffff8881027a9a78 by task kunit_try_catch/159 [ 10.937897] [ 10.938015] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 10.938057] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.938068] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.938088] Call Trace: [ 10.938099] <TASK> [ 10.938112] dump_stack_lvl+0x73/0xb0 [ 10.938151] print_report+0xd1/0x650 [ 10.938172] ? __virt_addr_valid+0x1db/0x2d0 [ 10.938194] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.938227] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.938248] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.938272] kasan_report+0x141/0x180 [ 10.938292] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.938320] __asan_report_store1_noabort+0x1b/0x30 [ 10.938340] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.938375] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 10.938400] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 10.938424] ? trace_hardirqs_on+0x37/0xe0 [ 10.938447] ? __pfx_read_tsc+0x10/0x10 [ 10.938468] ? ktime_get_ts64+0x86/0x230 [ 10.938490] kunit_try_run_case+0x1a5/0x480 [ 10.938518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.938541] ? queued_spin_lock_slowpath+0x116/0xb40 [ 10.938563] ? __kthread_parkme+0x82/0x180 [ 10.938582] ? preempt_count_sub+0x50/0x80 [ 10.938605] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.938627] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.938648] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.938670] kthread+0x337/0x6f0 [ 10.938688] ? trace_preempt_on+0x20/0xc0 [ 10.938708] ? __pfx_kthread+0x10/0x10 [ 10.938728] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.938747] ? calculate_sigpending+0x7b/0xa0 [ 10.938769] ? __pfx_kthread+0x10/0x10 [ 10.938789] ret_from_fork+0x116/0x1d0 [ 10.938806] ? __pfx_kthread+0x10/0x10 [ 10.938825] ret_from_fork_asm+0x1a/0x30 [ 10.938855] </TASK> [ 10.938865] [ 10.946598] Allocated by task 159: [ 10.946784] kasan_save_stack+0x45/0x70 [ 10.946986] kasan_save_track+0x18/0x40 [ 10.947191] kasan_save_alloc_info+0x3b/0x50 [ 10.947442] __kasan_kmalloc+0xb7/0xc0 [ 10.947594] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 10.947837] kmalloc_track_caller_oob_right+0x99/0x520 [ 10.948006] kunit_try_run_case+0x1a5/0x480 [ 10.948247] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.948556] kthread+0x337/0x6f0 [ 10.948724] ret_from_fork+0x116/0x1d0 [ 10.948856] ret_from_fork_asm+0x1a/0x30 [ 10.948992] [ 10.949061] The buggy address belongs to the object at ffff8881027a9a00 [ 10.949061] which belongs to the cache kmalloc-128 of size 128 [ 10.949735] The buggy address is located 0 bytes to the right of [ 10.949735] allocated 120-byte region [ffff8881027a9a00, ffff8881027a9a78) [ 10.950369] [ 10.950442] The buggy address belongs to the physical page: [ 10.950619] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a9 [ 10.951299] flags: 0x200000000000000(node=0|zone=2) [ 10.951550] page_type: f5(slab) [ 10.951721] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.952020] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.952507] page dumped because: kasan: bad access detected [ 10.952720] [ 10.952817] Memory state around the buggy address: [ 10.953003] ffff8881027a9900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.953436] ffff8881027a9980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.953724] >ffff8881027a9a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 10.953998] ^ [ 10.954522] ffff8881027a9a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.954797] ffff8881027a9b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.955091] ================================================================== [ 10.955787] ================================================================== [ 10.956154] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.956692] Write of size 1 at addr ffff8881027a9b78 by task kunit_try_catch/159 [ 10.956923] [ 10.957007] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 10.957045] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.957056] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.957075] Call Trace: [ 10.957086] <TASK> [ 10.957098] dump_stack_lvl+0x73/0xb0 [ 10.957135] print_report+0xd1/0x650 [ 10.957157] ? __virt_addr_valid+0x1db/0x2d0 [ 10.957178] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.957201] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.957222] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.957245] kasan_report+0x141/0x180 [ 10.957266] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.957294] __asan_report_store1_noabort+0x1b/0x30 [ 10.957314] kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.957337] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 10.957361] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 10.957383] ? trace_hardirqs_on+0x37/0xe0 [ 10.957405] ? __pfx_read_tsc+0x10/0x10 [ 10.957471] ? ktime_get_ts64+0x86/0x230 [ 10.957496] kunit_try_run_case+0x1a5/0x480 [ 10.957519] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.957542] ? queued_spin_lock_slowpath+0x116/0xb40 [ 10.957564] ? __kthread_parkme+0x82/0x180 [ 10.957583] ? preempt_count_sub+0x50/0x80 [ 10.957605] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.957627] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.957648] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.957670] kthread+0x337/0x6f0 [ 10.957688] ? trace_preempt_on+0x20/0xc0 [ 10.957708] ? __pfx_kthread+0x10/0x10 [ 10.957728] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.957747] ? calculate_sigpending+0x7b/0xa0 [ 10.957769] ? __pfx_kthread+0x10/0x10 [ 10.957789] ret_from_fork+0x116/0x1d0 [ 10.957807] ? __pfx_kthread+0x10/0x10 [ 10.957826] ret_from_fork_asm+0x1a/0x30 [ 10.957855] </TASK> [ 10.957864] [ 10.965826] Allocated by task 159: [ 10.966002] kasan_save_stack+0x45/0x70 [ 10.966193] kasan_save_track+0x18/0x40 [ 10.966371] kasan_save_alloc_info+0x3b/0x50 [ 10.966631] __kasan_kmalloc+0xb7/0xc0 [ 10.966767] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 10.967011] kmalloc_track_caller_oob_right+0x19a/0x520 [ 10.967311] kunit_try_run_case+0x1a5/0x480 [ 10.967597] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.967843] kthread+0x337/0x6f0 [ 10.967980] ret_from_fork+0x116/0x1d0 [ 10.968119] ret_from_fork_asm+0x1a/0x30 [ 10.968324] [ 10.968419] The buggy address belongs to the object at ffff8881027a9b00 [ 10.968419] which belongs to the cache kmalloc-128 of size 128 [ 10.968830] The buggy address is located 0 bytes to the right of [ 10.968830] allocated 120-byte region [ffff8881027a9b00, ffff8881027a9b78) [ 10.969402] [ 10.969503] The buggy address belongs to the physical page: [ 10.969921] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a9 [ 10.970286] flags: 0x200000000000000(node=0|zone=2) [ 10.970572] page_type: f5(slab) [ 10.970726] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.971052] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.971475] page dumped because: kasan: bad access detected [ 10.971652] [ 10.971748] Memory state around the buggy address: [ 10.971974] ffff8881027a9a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.972484] ffff8881027a9a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.972786] >ffff8881027a9b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 10.973042] ^ [ 10.973589] ffff8881027a9b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.973886] ffff8881027a9c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.974149] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 10.905169] ================================================================== [ 10.905680] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 10.905924] Read of size 1 at addr ffff88810281d000 by task kunit_try_catch/157 [ 10.906726] [ 10.906856] CPU: 1 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 10.906901] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.906912] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.906932] Call Trace: [ 10.906944] <TASK> [ 10.906959] dump_stack_lvl+0x73/0xb0 [ 10.906986] print_report+0xd1/0x650 [ 10.907007] ? __virt_addr_valid+0x1db/0x2d0 [ 10.907028] ? kmalloc_node_oob_right+0x369/0x3c0 [ 10.907050] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.907070] ? kmalloc_node_oob_right+0x369/0x3c0 [ 10.907092] kasan_report+0x141/0x180 [ 10.907113] ? kmalloc_node_oob_right+0x369/0x3c0 [ 10.907160] __asan_report_load1_noabort+0x18/0x20 [ 10.907184] kmalloc_node_oob_right+0x369/0x3c0 [ 10.907207] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 10.907229] ? __schedule+0x10cc/0x2b60 [ 10.907250] ? __pfx_read_tsc+0x10/0x10 [ 10.907269] ? ktime_get_ts64+0x86/0x230 [ 10.907291] kunit_try_run_case+0x1a5/0x480 [ 10.907376] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.907400] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.907422] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.907443] ? __kthread_parkme+0x82/0x180 [ 10.907462] ? preempt_count_sub+0x50/0x80 [ 10.907484] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.907506] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.907528] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.907549] kthread+0x337/0x6f0 [ 10.907567] ? trace_preempt_on+0x20/0xc0 [ 10.907588] ? __pfx_kthread+0x10/0x10 [ 10.907607] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.907626] ? calculate_sigpending+0x7b/0xa0 [ 10.907648] ? __pfx_kthread+0x10/0x10 [ 10.907668] ret_from_fork+0x116/0x1d0 [ 10.907686] ? __pfx_kthread+0x10/0x10 [ 10.907705] ret_from_fork_asm+0x1a/0x30 [ 10.907735] </TASK> [ 10.907745] [ 10.920196] Allocated by task 157: [ 10.920527] kasan_save_stack+0x45/0x70 [ 10.920890] kasan_save_track+0x18/0x40 [ 10.921040] kasan_save_alloc_info+0x3b/0x50 [ 10.921323] __kasan_kmalloc+0xb7/0xc0 [ 10.921710] __kmalloc_cache_node_noprof+0x188/0x420 [ 10.922364] kmalloc_node_oob_right+0xab/0x3c0 [ 10.922655] kunit_try_run_case+0x1a5/0x480 [ 10.922803] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.922976] kthread+0x337/0x6f0 [ 10.923096] ret_from_fork+0x116/0x1d0 [ 10.923252] ret_from_fork_asm+0x1a/0x30 [ 10.923523] [ 10.923620] The buggy address belongs to the object at ffff88810281c000 [ 10.923620] which belongs to the cache kmalloc-4k of size 4096 [ 10.924099] The buggy address is located 0 bytes to the right of [ 10.924099] allocated 4096-byte region [ffff88810281c000, ffff88810281d000) [ 10.924615] [ 10.924722] The buggy address belongs to the physical page: [ 10.925034] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102818 [ 10.925659] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.926008] flags: 0x200000000000040(head|node=0|zone=2) [ 10.926329] page_type: f5(slab) [ 10.926525] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 10.926824] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 10.927307] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 10.927628] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 10.927922] head: 0200000000000003 ffffea00040a0601 00000000ffffffff 00000000ffffffff [ 10.928291] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 10.928622] page dumped because: kasan: bad access detected [ 10.928839] [ 10.928937] Memory state around the buggy address: [ 10.929161] ffff88810281cf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.929396] ffff88810281cf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.929694] >ffff88810281d000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.929951] ^ [ 10.930105] ffff88810281d080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.930585] ffff88810281d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.931055] ==================================================================
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_gem_shmem_test_get_pages_sgtdrm-kunit-mock-device-drm-drm_warn_onrefcount_readshmem-pages_pin_count
------------[ cut here ]------------ [ 137.833676] drm-kunit-mock-device drm_gem_shmem_test_get_pages_sgt.drm-kunit-mock-device: [drm] drm_WARN_ON(refcount_read(&shmem->pages_pin_count)) [ 137.833779] WARNING: CPU: 0 PID: 2569 at drivers/gpu/drm/drm_gem_shmem_helper.c:180 drm_gem_shmem_free+0x3ed/0x6c0 [ 137.835713] Modules linked in: [ 137.835886] CPU: 0 UID: 0 PID: 2569 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 137.836734] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 137.836980] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 137.837735] RIP: 0010:drm_gem_shmem_free+0x3ed/0x6c0 [ 137.837985] Code: 85 f6 0f 84 ba 01 00 00 4c 89 e7 e8 9d 24 80 00 48 c7 c1 40 76 9e 9e 4c 89 f2 48 c7 c7 00 73 9e 9e 48 89 c6 e8 34 c6 77 fe 90 <0f> 0b 90 90 e9 09 ff ff ff 90 48 b8 00 00 00 00 00 fc ff df 48 8d [ 137.839117] RSP: 0000:ffff888107fbfd18 EFLAGS: 00010286 [ 137.839445] RAX: 0000000000000000 RBX: ffff888103edc000 RCX: 1ffffffff3ee4c80 [ 137.839873] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 137.840428] RBP: ffff888107fbfd48 R08: 0000000000000000 R09: fffffbfff3ee4c80 [ 137.840851] R10: 0000000000000003 R11: 0000000000038fb8 R12: ffff888107fcb000 [ 137.841295] R13: ffff888103edc0f8 R14: ffff888106fdaf80 R15: ffff88810039fb40 [ 137.841759] FS: 0000000000000000(0000) GS:ffff8881ba674000(0000) knlGS:0000000000000000 [ 137.842229] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 137.842654] CR2: 00007ffff7ffe000 CR3: 00000000218bc000 CR4: 00000000000006f0 [ 137.843075] DR0: ffffffffa0a50440 DR1: ffffffffa0a50441 DR2: ffffffffa0a50443 [ 137.843575] DR3: ffffffffa0a50445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 137.843859] Call Trace: [ 137.843982] <TASK> [ 137.844109] ? trace_preempt_on+0x20/0xc0 [ 137.844717] ? __pfx_drm_gem_shmem_free_wrapper+0x10/0x10 [ 137.844975] drm_gem_shmem_free_wrapper+0x12/0x20 [ 137.845263] __kunit_action_free+0x57/0x70 [ 137.845829] kunit_remove_resource+0x133/0x200 [ 137.846053] ? preempt_count_sub+0x50/0x80 [ 137.846279] kunit_cleanup+0x7a/0x120 [ 137.846657] kunit_try_run_case_cleanup+0xbd/0xf0 [ 137.846886] ? __pfx_kunit_try_run_case_cleanup+0x10/0x10 [ 137.847311] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 137.847735] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 137.847981] kthread+0x337/0x6f0 [ 137.848185] ? trace_preempt_on+0x20/0xc0 [ 137.848513] ? __pfx_kthread+0x10/0x10 [ 137.848895] ? _raw_spin_unlock_irq+0x47/0x80 [ 137.849156] ? calculate_sigpending+0x7b/0xa0 [ 137.849345] ? __pfx_kthread+0x10/0x10 [ 137.849692] ret_from_fork+0x116/0x1d0 [ 137.849916] ? __pfx_kthread+0x10/0x10 [ 137.850058] ret_from_fork_asm+0x1a/0x30 [ 137.850370] </TASK> [ 137.850590] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 137.689031] WARNING: CPU: 1 PID: 2550 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 137.689530] Modules linked in: [ 137.689897] CPU: 1 UID: 0 PID: 2550 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 137.690445] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 137.690886] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 137.691564] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 137.691871] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 137.692788] RSP: 0000:ffff888102affb30 EFLAGS: 00010246 [ 137.692996] RAX: dffffc0000000000 RBX: ffff888102affc28 RCX: 0000000000000000 [ 137.693317] RDX: 1ffff1102055ff8e RSI: ffff888102affc28 RDI: ffff888102affc70 [ 137.693616] RBP: ffff888102affb70 R08: ffff88810324a000 R09: ffffffff9e9d7980 [ 137.693862] R10: 0000000000000003 R11: 0000000050f797af R12: ffff88810324a000 [ 137.694355] R13: ffff88810039fae8 R14: ffff888102affba8 R15: 0000000000000000 [ 137.694665] FS: 0000000000000000(0000) GS:ffff8881ba774000(0000) knlGS:0000000000000000 [ 137.695004] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 137.695386] CR2: 00007ffff7ffe000 CR3: 00000000218bc000 CR4: 00000000000006f0 [ 137.695641] DR0: ffffffffa0a50444 DR1: ffffffffa0a50449 DR2: ffffffffa0a5044a [ 137.695930] DR3: ffffffffa0a5044b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 137.696228] Call Trace: [ 137.696334] <TASK> [ 137.696422] ? add_dr+0xc1/0x1d0 [ 137.696609] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 137.697225] ? add_dr+0x148/0x1d0 [ 137.697647] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 137.697937] ? __drmm_add_action+0x1a4/0x280 [ 137.698168] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 137.698576] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 137.698815] ? __drmm_add_action_or_reset+0x22/0x50 [ 137.699057] ? __schedule+0x10cc/0x2b60 [ 137.699270] ? __pfx_read_tsc+0x10/0x10 [ 137.699544] ? ktime_get_ts64+0x86/0x230 [ 137.699818] kunit_try_run_case+0x1a5/0x480 [ 137.700002] ? __pfx_kunit_try_run_case+0x10/0x10 [ 137.700273] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 137.700694] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 137.700926] ? __kthread_parkme+0x82/0x180 [ 137.701176] ? preempt_count_sub+0x50/0x80 [ 137.701484] ? __pfx_kunit_try_run_case+0x10/0x10 [ 137.701727] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 137.701966] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 137.702248] kthread+0x337/0x6f0 [ 137.702498] ? trace_preempt_on+0x20/0xc0 [ 137.702693] ? __pfx_kthread+0x10/0x10 [ 137.702867] ? _raw_spin_unlock_irq+0x47/0x80 [ 137.703047] ? calculate_sigpending+0x7b/0xa0 [ 137.703435] ? __pfx_kthread+0x10/0x10 [ 137.703662] ret_from_fork+0x116/0x1d0 [ 137.703818] ? __pfx_kthread+0x10/0x10 [ 137.703981] ret_from_fork_asm+0x1a/0x30 [ 137.704234] </TASK> [ 137.704596] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 137.654796] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 137.654927] WARNING: CPU: 1 PID: 2546 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 137.655989] Modules linked in: [ 137.656228] CPU: 1 UID: 0 PID: 2546 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 137.656876] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 137.657151] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 137.657979] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 137.658433] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 cb 3e 87 00 48 c7 c1 40 29 9d 9e 4c 89 fa 48 c7 c7 a0 29 9d 9e 48 89 c6 e8 62 e0 7e fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 137.659384] RSP: 0000:ffff888103a0fb68 EFLAGS: 00010282 [ 137.659732] RAX: 0000000000000000 RBX: ffff888103a0fc40 RCX: 1ffffffff3ee4c80 [ 137.660004] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 137.660346] RBP: ffff888103a0fb90 R08: 0000000000000000 R09: fffffbfff3ee4c80 [ 137.660866] R10: 0000000000000003 R11: 0000000000037538 R12: ffff888103a0fc18 [ 137.661381] R13: ffff8881037ec800 R14: ffff888107e0e000 R15: ffff888105454700 [ 137.661788] FS: 0000000000000000(0000) GS:ffff8881ba774000(0000) knlGS:0000000000000000 [ 137.662194] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 137.662573] CR2: 00007ffff7ffe000 CR3: 00000000218bc000 CR4: 00000000000006f0 [ 137.662981] DR0: ffffffffa0a50444 DR1: ffffffffa0a50449 DR2: ffffffffa0a5044a [ 137.663486] DR3: ffffffffa0a5044b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 137.663865] Call Trace: [ 137.664211] <TASK> [ 137.664550] drm_test_framebuffer_free+0x1ab/0x610 [ 137.665450] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 137.665964] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 137.666700] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 137.667246] ? __drmm_add_action_or_reset+0x22/0x50 [ 137.667759] ? __schedule+0x10cc/0x2b60 [ 137.668134] ? __pfx_read_tsc+0x10/0x10 [ 137.668283] ? ktime_get_ts64+0x86/0x230 [ 137.668739] kunit_try_run_case+0x1a5/0x480 [ 137.669146] ? __pfx_kunit_try_run_case+0x10/0x10 [ 137.669537] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 137.669701] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 137.669864] ? __kthread_parkme+0x82/0x180 [ 137.670008] ? preempt_count_sub+0x50/0x80 [ 137.670190] ? __pfx_kunit_try_run_case+0x10/0x10 [ 137.670347] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 137.670777] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 137.671047] kthread+0x337/0x6f0 [ 137.671270] ? trace_preempt_on+0x20/0xc0 [ 137.671420] ? __pfx_kthread+0x10/0x10 [ 137.671669] ? _raw_spin_unlock_irq+0x47/0x80 [ 137.671893] ? calculate_sigpending+0x7b/0xa0 [ 137.672130] ? __pfx_kthread+0x10/0x10 [ 137.672357] ret_from_fork+0x116/0x1d0 [ 137.672599] ? __pfx_kthread+0x10/0x10 [ 137.672742] ret_from_fork_asm+0x1a/0x30 [ 137.672949] </TASK> [ 137.673073] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 136.436734] WARNING: CPU: 0 PID: 1984 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 136.437074] Modules linked in: [ 136.437420] CPU: 0 UID: 0 PID: 1984 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 136.438554] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 136.439066] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 136.439920] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 136.440548] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d c3 cc cc cc cc 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 136.442382] RSP: 0000:ffff888102d57c90 EFLAGS: 00010246 [ 136.442579] RAX: dffffc0000000000 RBX: ffff888102a42000 RCX: 0000000000000000 [ 136.442785] RDX: 1ffff11020548432 RSI: ffffffff9bc05688 RDI: ffff888102a42190 [ 136.442990] RBP: ffff888102d57ca0 R08: 1ffff11020073f69 R09: ffffed10205aaf65 [ 136.443441] R10: 0000000000000003 R11: ffffffff9b186fb8 R12: 0000000000000000 [ 136.443869] R13: ffff888102d57d38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 136.444098] FS: 0000000000000000(0000) GS:ffff8881ba674000(0000) knlGS:0000000000000000 [ 136.444861] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 136.445599] CR2: 00007ffff7ffe000 CR3: 00000000218bc000 CR4: 00000000000006f0 [ 136.446357] DR0: ffffffffa0a50440 DR1: ffffffffa0a50441 DR2: ffffffffa0a50443 [ 136.447475] DR3: ffffffffa0a50445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 136.447970] Call Trace: [ 136.448074] <TASK> [ 136.448194] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 136.448732] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 136.449492] ? __schedule+0x10cc/0x2b60 [ 136.449884] ? __pfx_read_tsc+0x10/0x10 [ 136.450149] ? ktime_get_ts64+0x86/0x230 [ 136.450303] kunit_try_run_case+0x1a5/0x480 [ 136.450809] ? __pfx_kunit_try_run_case+0x10/0x10 [ 136.451177] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 136.451564] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 136.452041] ? __kthread_parkme+0x82/0x180 [ 136.452416] ? preempt_count_sub+0x50/0x80 [ 136.452642] ? __pfx_kunit_try_run_case+0x10/0x10 [ 136.452799] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 136.452972] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 136.453183] kthread+0x337/0x6f0 [ 136.453373] ? trace_preempt_on+0x20/0xc0 [ 136.453596] ? __pfx_kthread+0x10/0x10 [ 136.453788] ? _raw_spin_unlock_irq+0x47/0x80 [ 136.453958] ? calculate_sigpending+0x7b/0xa0 [ 136.454258] ? __pfx_kthread+0x10/0x10 [ 136.454423] ret_from_fork+0x116/0x1d0 [ 136.454649] ? __pfx_kthread+0x10/0x10 [ 136.454852] ret_from_fork_asm+0x1a/0x30 [ 136.455039] </TASK> [ 136.455180] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 136.365048] WARNING: CPU: 1 PID: 1976 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 136.365766] Modules linked in: [ 136.365970] CPU: 1 UID: 0 PID: 1976 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 136.366636] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 136.367198] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 136.367515] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 136.367721] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d c3 cc cc cc cc 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 136.368409] RSP: 0000:ffff888107b37c90 EFLAGS: 00010246 [ 136.368717] RAX: dffffc0000000000 RBX: ffff888102ed0000 RCX: 0000000000000000 [ 136.369509] RDX: 1ffff110205da032 RSI: ffffffff9bc05688 RDI: ffff888102ed0190 [ 136.369960] RBP: ffff888107b37ca0 R08: 1ffff11020073f69 R09: ffffed1020f66f65 [ 136.370840] R10: 0000000000000003 R11: ffffffff9b186fb8 R12: 0000000000000000 [ 136.371193] R13: ffff888107b37d38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 136.372054] FS: 0000000000000000(0000) GS:ffff8881ba774000(0000) knlGS:0000000000000000 [ 136.372490] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 136.372863] CR2: 00007ffff7ffe000 CR3: 00000000218bc000 CR4: 00000000000006f0 [ 136.373296] DR0: ffffffffa0a50444 DR1: ffffffffa0a50449 DR2: ffffffffa0a5044a [ 136.373686] DR3: ffffffffa0a5044b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 136.374226] Call Trace: [ 136.374765] <TASK> [ 136.374912] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 136.375300] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 136.375844] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 136.376394] kunit_try_run_case+0x1a5/0x480 [ 136.376727] ? __pfx_kunit_try_run_case+0x10/0x10 [ 136.377015] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 136.377489] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 136.377838] ? __kthread_parkme+0x82/0x180 [ 136.378056] ? preempt_count_sub+0x50/0x80 [ 136.378738] ? __pfx_kunit_try_run_case+0x10/0x10 [ 136.379058] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 136.379472] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 136.379854] kthread+0x337/0x6f0 [ 136.380119] ? trace_preempt_on+0x20/0xc0 [ 136.380504] ? __pfx_kthread+0x10/0x10 [ 136.380697] ? _raw_spin_unlock_irq+0x47/0x80 [ 136.380913] ? calculate_sigpending+0x7b/0xa0 [ 136.381118] ? __pfx_kthread+0x10/0x10 [ 136.381300] ret_from_fork+0x116/0x1d0 [ 136.381775] ? __pfx_kthread+0x10/0x10 [ 136.381924] ret_from_fork_asm+0x1a/0x30 [ 136.382403] </TASK> [ 136.382703] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 106.141771] WARNING: CPU: 1 PID: 674 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 106.142910] Modules linked in: [ 106.143115] CPU: 1 UID: 0 PID: 674 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 106.143708] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 106.143940] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 106.144466] RIP: 0010:intlog10+0x2a/0x40 [ 106.144699] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 106.145666] RSP: 0000:ffff8881095afcb0 EFLAGS: 00010246 [ 106.145939] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff110212b5fb4 [ 106.146281] RDX: 1ffffffff3d12bc4 RSI: 1ffff110212b5fb3 RDI: 0000000000000000 [ 106.146618] RBP: ffff8881095afd60 R08: 0000000000000000 R09: ffffed1020dd2c40 [ 106.146925] R10: ffff888106e96207 R11: 0000000000000000 R12: 1ffff110212b5f97 [ 106.147203] R13: ffffffff9e895e20 R14: 0000000000000000 R15: ffff8881095afd38 [ 106.147534] FS: 0000000000000000(0000) GS:ffff8881ba774000(0000) knlGS:0000000000000000 [ 106.147875] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 106.148082] CR2: ffff88815a8fe000 CR3: 00000000218bc000 CR4: 00000000000006f0 [ 106.148409] DR0: ffffffffa0a50444 DR1: ffffffffa0a50449 DR2: ffffffffa0a5044a [ 106.148855] DR3: ffffffffa0a5044b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 106.149162] Call Trace: [ 106.149294] <TASK> [ 106.149666] ? intlog10_test+0xf2/0x220 [ 106.149879] ? __pfx_intlog10_test+0x10/0x10 [ 106.150083] ? __schedule+0x10cc/0x2b60 [ 106.150337] ? __pfx_read_tsc+0x10/0x10 [ 106.150772] ? ktime_get_ts64+0x86/0x230 [ 106.150963] kunit_try_run_case+0x1a5/0x480 [ 106.151163] ? __pfx_kunit_try_run_case+0x10/0x10 [ 106.151450] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 106.151630] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 106.151877] ? __kthread_parkme+0x82/0x180 [ 106.152038] ? preempt_count_sub+0x50/0x80 [ 106.152271] ? __pfx_kunit_try_run_case+0x10/0x10 [ 106.152433] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 106.152681] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 106.153091] kthread+0x337/0x6f0 [ 106.153273] ? trace_preempt_on+0x20/0xc0 [ 106.153698] ? __pfx_kthread+0x10/0x10 [ 106.153922] ? _raw_spin_unlock_irq+0x47/0x80 [ 106.154162] ? calculate_sigpending+0x7b/0xa0 [ 106.154321] ? __pfx_kthread+0x10/0x10 [ 106.154503] ret_from_fork+0x116/0x1d0 [ 106.154804] ? __pfx_kthread+0x10/0x10 [ 106.155008] ret_from_fork_asm+0x1a/0x30 [ 106.155283] </TASK> [ 106.155380] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 106.104861] WARNING: CPU: 1 PID: 656 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 106.105292] Modules linked in: [ 106.105610] CPU: 1 UID: 0 PID: 656 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 106.106134] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 106.106456] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 106.106817] RIP: 0010:intlog2+0xdf/0x110 [ 106.107034] Code: 89 9e c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d c3 cc cc cc cc 90 <0f> 0b 90 31 c0 e9 d7 9b 86 02 89 45 e4 e8 df ff 55 ff 8b 45 e4 eb [ 106.107819] RSP: 0000:ffff88810990fcb0 EFLAGS: 00010246 [ 106.108083] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff11021321fb4 [ 106.108553] RDX: 1ffffffff3d12c18 RSI: 1ffff11021321fb3 RDI: 0000000000000000 [ 106.108872] RBP: ffff88810990fd60 R08: 0000000000000000 R09: ffffed1020dd2300 [ 106.109277] R10: ffff888106e91807 R11: 0000000000000000 R12: 1ffff11021321f97 [ 106.109579] R13: ffffffff9e8960c0 R14: 0000000000000000 R15: ffff88810990fd38 [ 106.109912] FS: 0000000000000000(0000) GS:ffff8881ba774000(0000) knlGS:0000000000000000 [ 106.110492] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 106.110730] CR2: ffff88815a8fe000 CR3: 00000000218bc000 CR4: 00000000000006f0 [ 106.110985] DR0: ffffffffa0a50444 DR1: ffffffffa0a50449 DR2: ffffffffa0a5044a [ 106.111301] DR3: ffffffffa0a5044b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 106.111719] Call Trace: [ 106.111829] <TASK> [ 106.111957] ? intlog2_test+0xf2/0x220 [ 106.112186] ? __pfx_intlog2_test+0x10/0x10 [ 106.112465] ? __schedule+0x10cc/0x2b60 [ 106.112621] ? __pfx_read_tsc+0x10/0x10 [ 106.112804] ? ktime_get_ts64+0x86/0x230 [ 106.113029] kunit_try_run_case+0x1a5/0x480 [ 106.113366] ? __pfx_kunit_try_run_case+0x10/0x10 [ 106.113556] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 106.113800] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 106.114083] ? __kthread_parkme+0x82/0x180 [ 106.114569] ? preempt_count_sub+0x50/0x80 [ 106.114764] ? __pfx_kunit_try_run_case+0x10/0x10 [ 106.114996] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 106.115493] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 106.115783] kthread+0x337/0x6f0 [ 106.115914] ? trace_preempt_on+0x20/0xc0 [ 106.116162] ? __pfx_kthread+0x10/0x10 [ 106.116369] ? _raw_spin_unlock_irq+0x47/0x80 [ 106.116641] ? calculate_sigpending+0x7b/0xa0 [ 106.116919] ? __pfx_kthread+0x10/0x10 [ 106.117128] ret_from_fork+0x116/0x1d0 [ 106.117311] ? __pfx_kthread+0x10/0x10 [ 106.117598] ret_from_fork_asm+0x1a/0x30 [ 106.117767] </TASK> [ 106.117885] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
KNOWN ISSUE - qemu-x86_64: Oops: general protection fault, probably for non-canonical address - KASAN: null-ptr-deref - kunit_test_null_dereference
[ 105.550088] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI