Date
July 5, 2025, 11:09 a.m.
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 51.684808] ================================================================== [ 51.685262] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 51.685262] [ 51.685733] Use-after-free read at 0x(____ptrval____) (in kfence-#150): [ 51.686068] test_krealloc+0x6fc/0xbe0 [ 51.686243] kunit_try_run_case+0x1a5/0x480 [ 51.686503] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 51.686729] kthread+0x337/0x6f0 [ 51.686884] ret_from_fork+0x116/0x1d0 [ 51.687114] ret_from_fork_asm+0x1a/0x30 [ 51.687351] [ 51.687470] kfence-#150: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 51.687470] [ 51.687949] allocated by task 355 on cpu 1 at 51.684074s (0.003872s ago): [ 51.688217] test_alloc+0x364/0x10f0 [ 51.688370] test_krealloc+0xad/0xbe0 [ 51.688523] kunit_try_run_case+0x1a5/0x480 [ 51.689479] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 51.689820] kthread+0x337/0x6f0 [ 51.690292] ret_from_fork+0x116/0x1d0 [ 51.690583] ret_from_fork_asm+0x1a/0x30 [ 51.690807] [ 51.690900] freed by task 355 on cpu 1 at 51.684371s (0.006526s ago): [ 51.691153] krealloc_noprof+0x108/0x340 [ 51.691317] test_krealloc+0x226/0xbe0 [ 51.692137] kunit_try_run_case+0x1a5/0x480 [ 51.692557] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 51.693051] kthread+0x337/0x6f0 [ 51.693440] ret_from_fork+0x116/0x1d0 [ 51.693869] ret_from_fork_asm+0x1a/0x30 [ 51.694095] [ 51.694220] CPU: 1 UID: 0 PID: 355 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 51.694864] Tainted: [B]=BAD_PAGE, [N]=TEST [ 51.695488] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 51.696231] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 51.590579] ================================================================== [ 51.591230] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 51.591230] [ 51.591770] Use-after-free read at 0x(____ptrval____) (in kfence-#149): [ 51.592865] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 51.593294] kunit_try_run_case+0x1a5/0x480 [ 51.593682] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 51.594185] kthread+0x337/0x6f0 [ 51.594518] ret_from_fork+0x116/0x1d0 [ 51.594924] ret_from_fork_asm+0x1a/0x30 [ 51.595272] [ 51.595387] kfence-#149: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 51.595387] [ 51.596045] allocated by task 353 on cpu 0 at 51.584075s (0.011967s ago): [ 51.596685] test_alloc+0x2a6/0x10f0 [ 51.596992] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 51.597208] kunit_try_run_case+0x1a5/0x480 [ 51.597387] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 51.597601] kthread+0x337/0x6f0 [ 51.597768] ret_from_fork+0x116/0x1d0 [ 51.598253] ret_from_fork_asm+0x1a/0x30 [ 51.598653] [ 51.598784] freed by task 353 on cpu 0 at 51.584200s (0.014581s ago): [ 51.599310] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 51.599722] kunit_try_run_case+0x1a5/0x480 [ 51.600031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 51.600321] kthread+0x337/0x6f0 [ 51.600519] ret_from_fork+0x116/0x1d0 [ 51.601072] ret_from_fork_asm+0x1a/0x30 [ 51.601314] [ 51.601640] CPU: 0 UID: 0 PID: 353 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 51.602263] Tainted: [B]=BAD_PAGE, [N]=TEST [ 51.602641] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 51.603248] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 26.327045] ================================================================== [ 26.327713] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 26.327713] [ 26.328519] Invalid read at 0x(____ptrval____): [ 26.329305] test_invalid_access+0xf0/0x210 [ 26.330026] kunit_try_run_case+0x1a5/0x480 [ 26.330335] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.330599] kthread+0x337/0x6f0 [ 26.330822] ret_from_fork+0x116/0x1d0 [ 26.331173] ret_from_fork_asm+0x1a/0x30 [ 26.331465] [ 26.331679] CPU: 0 UID: 0 PID: 349 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 26.332189] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.332594] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.333240] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 19.444288] ================================================================== [ 19.444789] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 19.444789] [ 19.445268] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#77): [ 19.445599] test_out_of_bounds_write+0x10d/0x260 [ 19.446201] kunit_try_run_case+0x1a5/0x480 [ 19.446503] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.447602] kthread+0x337/0x6f0 [ 19.447804] ret_from_fork+0x116/0x1d0 [ 19.447969] ret_from_fork_asm+0x1a/0x30 [ 19.448136] [ 19.448227] kfence-#77: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.448227] [ 19.448543] allocated by task 311 on cpu 1 at 19.444215s (0.004325s ago): [ 19.449444] test_alloc+0x2a6/0x10f0 [ 19.449620] test_out_of_bounds_write+0xd4/0x260 [ 19.450130] kunit_try_run_case+0x1a5/0x480 [ 19.450588] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.451187] kthread+0x337/0x6f0 [ 19.452736] ret_from_fork+0x116/0x1d0 [ 19.453542] ret_from_fork_asm+0x1a/0x30 [ 19.453751] [ 19.453877] CPU: 1 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 19.455701] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.456267] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.456592] ================================================================== [ 19.340341] ================================================================== [ 19.340849] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 19.340849] [ 19.341394] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#76): [ 19.341734] test_out_of_bounds_write+0x10d/0x260 [ 19.342080] kunit_try_run_case+0x1a5/0x480 [ 19.342427] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.342706] kthread+0x337/0x6f0 [ 19.343150] ret_from_fork+0x116/0x1d0 [ 19.344007] ret_from_fork_asm+0x1a/0x30 [ 19.344267] [ 19.344375] kfence-#76: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 19.344375] [ 19.344867] allocated by task 309 on cpu 0 at 19.340210s (0.004654s ago): [ 19.345585] test_alloc+0x364/0x10f0 [ 19.345954] test_out_of_bounds_write+0xd4/0x260 [ 19.346235] kunit_try_run_case+0x1a5/0x480 [ 19.346641] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.347085] kthread+0x337/0x6f0 [ 19.347305] ret_from_fork+0x116/0x1d0 [ 19.347693] ret_from_fork_asm+0x1a/0x30 [ 19.348095] [ 19.348284] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 19.349053] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.349328] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.350002] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 26.100530] ================================================================== [ 26.101133] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 26.101133] [ 26.101611] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#141): [ 26.102603] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 26.102880] kunit_try_run_case+0x1a5/0x480 [ 26.103174] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.103433] kthread+0x337/0x6f0 [ 26.103628] ret_from_fork+0x116/0x1d0 [ 26.103805] ret_from_fork_asm+0x1a/0x30 [ 26.104041] [ 26.104206] kfence-#141: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 26.104206] [ 26.104663] allocated by task 343 on cpu 0 at 26.100212s (0.004449s ago): [ 26.105131] test_alloc+0x364/0x10f0 [ 26.105329] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 26.105615] kunit_try_run_case+0x1a5/0x480 [ 26.105950] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.106190] kthread+0x337/0x6f0 [ 26.106394] ret_from_fork+0x116/0x1d0 [ 26.106618] ret_from_fork_asm+0x1a/0x30 [ 26.106882] [ 26.106971] freed by task 343 on cpu 0 at 26.100379s (0.006590s ago): [ 26.107222] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 26.107543] kunit_try_run_case+0x1a5/0x480 [ 26.107838] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.108385] kthread+0x337/0x6f0 [ 26.109012] ret_from_fork+0x116/0x1d0 [ 26.109580] ret_from_fork_asm+0x1a/0x30 [ 26.110038] [ 26.110185] CPU: 0 UID: 0 PID: 343 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 26.110915] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.111290] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.111906] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 25.996462] ================================================================== [ 25.997024] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 25.997024] [ 25.997590] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#140): [ 25.998242] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 25.998546] kunit_try_run_case+0x1a5/0x480 [ 25.998846] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.999069] kthread+0x337/0x6f0 [ 25.999219] ret_from_fork+0x116/0x1d0 [ 25.999391] ret_from_fork_asm+0x1a/0x30 [ 25.999634] [ 25.999770] kfence-#140: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 25.999770] [ 26.000416] allocated by task 341 on cpu 1 at 25.996221s (0.004193s ago): [ 26.000837] test_alloc+0x364/0x10f0 [ 26.001136] test_kmalloc_aligned_oob_read+0x105/0x560 [ 26.001443] kunit_try_run_case+0x1a5/0x480 [ 26.001628] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.001847] kthread+0x337/0x6f0 [ 26.001992] ret_from_fork+0x116/0x1d0 [ 26.002148] ret_from_fork_asm+0x1a/0x30 [ 26.002415] [ 26.002610] CPU: 1 UID: 0 PID: 341 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 26.003674] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.003990] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.004335] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 21.108221] ================================================================== [ 21.108683] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 21.108683] [ 21.109070] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#93): [ 21.109548] test_corruption+0x216/0x3e0 [ 21.109841] kunit_try_run_case+0x1a5/0x480 [ 21.110036] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.110343] kthread+0x337/0x6f0 [ 21.110560] ret_from_fork+0x116/0x1d0 [ 21.110788] ret_from_fork_asm+0x1a/0x30 [ 21.110992] [ 21.111113] kfence-#93: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 21.111113] [ 21.111546] allocated by task 331 on cpu 1 at 21.108081s (0.003462s ago): [ 21.111834] test_alloc+0x2a6/0x10f0 [ 21.112059] test_corruption+0x1cb/0x3e0 [ 21.112306] kunit_try_run_case+0x1a5/0x480 [ 21.112560] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.113008] kthread+0x337/0x6f0 [ 21.113167] ret_from_fork+0x116/0x1d0 [ 21.113395] ret_from_fork_asm+0x1a/0x30 [ 21.113592] [ 21.113722] freed by task 331 on cpu 1 at 21.108145s (0.005574s ago): [ 21.114081] test_corruption+0x216/0x3e0 [ 21.114281] kunit_try_run_case+0x1a5/0x480 [ 21.114463] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.114800] kthread+0x337/0x6f0 [ 21.115014] ret_from_fork+0x116/0x1d0 [ 21.115229] ret_from_fork_asm+0x1a/0x30 [ 21.115462] [ 21.115610] CPU: 1 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 21.116025] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.116195] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.116683] ================================================================== [ 20.692430] ================================================================== [ 20.693215] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 20.693215] [ 20.693561] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#89): [ 20.694084] test_corruption+0x2df/0x3e0 [ 20.694335] kunit_try_run_case+0x1a5/0x480 [ 20.694579] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.694810] kthread+0x337/0x6f0 [ 20.695025] ret_from_fork+0x116/0x1d0 [ 20.695266] ret_from_fork_asm+0x1a/0x30 [ 20.695498] [ 20.695624] kfence-#89: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 20.695624] [ 20.696086] allocated by task 329 on cpu 1 at 20.692129s (0.003955s ago): [ 20.696447] test_alloc+0x364/0x10f0 [ 20.696689] test_corruption+0x1cb/0x3e0 [ 20.696974] kunit_try_run_case+0x1a5/0x480 [ 20.697222] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.697442] kthread+0x337/0x6f0 [ 20.697588] ret_from_fork+0x116/0x1d0 [ 20.697894] ret_from_fork_asm+0x1a/0x30 [ 20.698138] [ 20.698246] freed by task 329 on cpu 1 at 20.692238s (0.006005s ago): [ 20.698594] test_corruption+0x2df/0x3e0 [ 20.698789] kunit_try_run_case+0x1a5/0x480 [ 20.699073] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.699381] kthread+0x337/0x6f0 [ 20.699590] ret_from_fork+0x116/0x1d0 [ 20.699814] ret_from_fork_asm+0x1a/0x30 [ 20.700057] [ 20.700208] CPU: 1 UID: 0 PID: 329 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 20.700726] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.700896] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.701279] ================================================================== [ 21.004305] ================================================================== [ 21.004804] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 21.004804] [ 21.005172] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#92): [ 21.005996] test_corruption+0x131/0x3e0 [ 21.006179] kunit_try_run_case+0x1a5/0x480 [ 21.006485] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.006922] kthread+0x337/0x6f0 [ 21.007108] ret_from_fork+0x116/0x1d0 [ 21.007272] ret_from_fork_asm+0x1a/0x30 [ 21.007512] [ 21.007635] kfence-#92: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 21.007635] [ 21.008137] allocated by task 331 on cpu 1 at 21.004155s (0.003979s ago): [ 21.008463] test_alloc+0x2a6/0x10f0 [ 21.008705] test_corruption+0xe6/0x3e0 [ 21.009084] kunit_try_run_case+0x1a5/0x480 [ 21.009309] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.009568] kthread+0x337/0x6f0 [ 21.009792] ret_from_fork+0x116/0x1d0 [ 21.010023] ret_from_fork_asm+0x1a/0x30 [ 21.010256] [ 21.010361] freed by task 331 on cpu 1 at 21.004219s (0.006139s ago): [ 21.010655] test_corruption+0x131/0x3e0 [ 21.010823] kunit_try_run_case+0x1a5/0x480 [ 21.011015] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.011419] kthread+0x337/0x6f0 [ 21.011618] ret_from_fork+0x116/0x1d0 [ 21.011789] ret_from_fork_asm+0x1a/0x30 [ 21.011958] [ 21.012078] CPU: 1 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 21.012681] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.012928] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.013488] ================================================================== [ 20.484450] ================================================================== [ 20.485043] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 20.485043] [ 20.485461] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#87): [ 20.486382] test_corruption+0x2d2/0x3e0 [ 20.486658] kunit_try_run_case+0x1a5/0x480 [ 20.486902] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.487199] kthread+0x337/0x6f0 [ 20.487353] ret_from_fork+0x116/0x1d0 [ 20.487571] ret_from_fork_asm+0x1a/0x30 [ 20.487909] [ 20.488054] kfence-#87: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 20.488054] [ 20.488578] allocated by task 329 on cpu 1 at 20.484162s (0.004414s ago): [ 20.489012] test_alloc+0x364/0x10f0 [ 20.489244] test_corruption+0xe6/0x3e0 [ 20.489437] kunit_try_run_case+0x1a5/0x480 [ 20.489734] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.490060] kthread+0x337/0x6f0 [ 20.490253] ret_from_fork+0x116/0x1d0 [ 20.490517] ret_from_fork_asm+0x1a/0x30 [ 20.490777] [ 20.490898] freed by task 329 on cpu 1 at 20.484263s (0.006632s ago): [ 20.491230] test_corruption+0x2d2/0x3e0 [ 20.491485] kunit_try_run_case+0x1a5/0x480 [ 20.491754] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.491962] kthread+0x337/0x6f0 [ 20.492106] ret_from_fork+0x116/0x1d0 [ 20.492264] ret_from_fork_asm+0x1a/0x30 [ 20.493176] [ 20.493335] CPU: 1 UID: 0 PID: 329 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 20.494257] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.494572] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.495092] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 20.172325] ================================================================== [ 20.172847] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 20.172847] [ 20.173303] Invalid free of 0x(____ptrval____) (in kfence-#84): [ 20.173641] test_invalid_addr_free+0x1e1/0x260 [ 20.173907] kunit_try_run_case+0x1a5/0x480 [ 20.174181] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.174594] kthread+0x337/0x6f0 [ 20.174758] ret_from_fork+0x116/0x1d0 [ 20.175315] ret_from_fork_asm+0x1a/0x30 [ 20.175616] [ 20.175756] kfence-#84: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 20.175756] [ 20.176279] allocated by task 325 on cpu 0 at 20.172166s (0.004111s ago): [ 20.176613] test_alloc+0x364/0x10f0 [ 20.176838] test_invalid_addr_free+0xdb/0x260 [ 20.177082] kunit_try_run_case+0x1a5/0x480 [ 20.177282] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.177585] kthread+0x337/0x6f0 [ 20.177800] ret_from_fork+0x116/0x1d0 [ 20.178061] ret_from_fork_asm+0x1a/0x30 [ 20.178359] [ 20.178486] CPU: 0 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 20.179154] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.179348] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.179787] ================================================================== [ 20.276345] ================================================================== [ 20.276845] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 20.276845] [ 20.277301] Invalid free of 0x(____ptrval____) (in kfence-#85): [ 20.277680] test_invalid_addr_free+0xfb/0x260 [ 20.277960] kunit_try_run_case+0x1a5/0x480 [ 20.278224] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.278455] kthread+0x337/0x6f0 [ 20.278607] ret_from_fork+0x116/0x1d0 [ 20.278920] ret_from_fork_asm+0x1a/0x30 [ 20.279201] [ 20.279349] kfence-#85: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 20.279349] [ 20.279971] allocated by task 327 on cpu 1 at 20.276233s (0.003735s ago): [ 20.281192] test_alloc+0x2a6/0x10f0 [ 20.281447] test_invalid_addr_free+0xdb/0x260 [ 20.281900] kunit_try_run_case+0x1a5/0x480 [ 20.282079] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.282285] kthread+0x337/0x6f0 [ 20.282431] ret_from_fork+0x116/0x1d0 [ 20.282590] ret_from_fork_asm+0x1a/0x30 [ 20.282781] [ 20.282967] CPU: 1 UID: 0 PID: 327 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 20.283491] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.283675] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.284069] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 19.964542] ================================================================== [ 19.965192] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 19.965192] [ 19.966474] Invalid free of 0x(____ptrval____) (in kfence-#82): [ 19.967101] test_double_free+0x1d3/0x260 [ 19.967298] kunit_try_run_case+0x1a5/0x480 [ 19.967484] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.967890] kthread+0x337/0x6f0 [ 19.968292] ret_from_fork+0x116/0x1d0 [ 19.969186] ret_from_fork_asm+0x1a/0x30 [ 19.969690] [ 19.969987] kfence-#82: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 19.969987] [ 19.970909] allocated by task 321 on cpu 1 at 19.964225s (0.006681s ago): [ 19.971207] test_alloc+0x364/0x10f0 [ 19.971473] test_double_free+0xdb/0x260 [ 19.971659] kunit_try_run_case+0x1a5/0x480 [ 19.971837] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.972471] kthread+0x337/0x6f0 [ 19.972844] ret_from_fork+0x116/0x1d0 [ 19.973247] ret_from_fork_asm+0x1a/0x30 [ 19.973557] [ 19.974596] freed by task 321 on cpu 1 at 19.964310s (0.010280s ago): [ 19.975452] test_double_free+0x1e0/0x260 [ 19.975660] kunit_try_run_case+0x1a5/0x480 [ 19.976300] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.977153] kthread+0x337/0x6f0 [ 19.977858] ret_from_fork+0x116/0x1d0 [ 19.978457] ret_from_fork_asm+0x1a/0x30 [ 19.978931] [ 19.979238] CPU: 1 UID: 0 PID: 321 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 19.980360] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.980948] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.981301] ================================================================== [ 20.068396] ================================================================== [ 20.068950] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 20.068950] [ 20.069344] Invalid free of 0x(____ptrval____) (in kfence-#83): [ 20.070021] test_double_free+0x112/0x260 [ 20.070293] kunit_try_run_case+0x1a5/0x480 [ 20.070563] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.071253] kthread+0x337/0x6f0 [ 20.071467] ret_from_fork+0x116/0x1d0 [ 20.071674] ret_from_fork_asm+0x1a/0x30 [ 20.071977] [ 20.072332] kfence-#83: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 20.072332] [ 20.072833] allocated by task 323 on cpu 0 at 20.068201s (0.004629s ago): [ 20.073267] test_alloc+0x2a6/0x10f0 [ 20.073443] test_double_free+0xdb/0x260 [ 20.073701] kunit_try_run_case+0x1a5/0x480 [ 20.074060] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.074359] kthread+0x337/0x6f0 [ 20.074520] ret_from_fork+0x116/0x1d0 [ 20.074785] ret_from_fork_asm+0x1a/0x30 [ 20.075060] [ 20.075207] freed by task 323 on cpu 0 at 20.068260s (0.006944s ago): [ 20.075564] test_double_free+0xfa/0x260 [ 20.075788] kunit_try_run_case+0x1a5/0x480 [ 20.076006] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.076390] kthread+0x337/0x6f0 [ 20.076818] ret_from_fork+0x116/0x1d0 [ 20.077459] ret_from_fork_asm+0x1a/0x30 [ 20.077707] [ 20.077934] CPU: 0 UID: 0 PID: 323 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 20.078455] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.078738] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.079184] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 19.652410] ================================================================== [ 19.652915] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 19.652915] [ 19.653455] Use-after-free read at 0x(____ptrval____) (in kfence-#79): [ 19.653771] test_use_after_free_read+0x129/0x270 [ 19.654109] kunit_try_run_case+0x1a5/0x480 [ 19.654390] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.654658] kthread+0x337/0x6f0 [ 19.654927] ret_from_fork+0x116/0x1d0 [ 19.655157] ret_from_fork_asm+0x1a/0x30 [ 19.655393] [ 19.655497] kfence-#79: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.655497] [ 19.655963] allocated by task 315 on cpu 0 at 19.652183s (0.003777s ago): [ 19.656237] test_alloc+0x2a6/0x10f0 [ 19.656488] test_use_after_free_read+0xdc/0x270 [ 19.656800] kunit_try_run_case+0x1a5/0x480 [ 19.657221] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.657552] kthread+0x337/0x6f0 [ 19.657778] ret_from_fork+0x116/0x1d0 [ 19.657967] ret_from_fork_asm+0x1a/0x30 [ 19.658138] [ 19.658284] freed by task 315 on cpu 0 at 19.652232s (0.006050s ago): [ 19.658719] test_use_after_free_read+0xfb/0x270 [ 19.659078] kunit_try_run_case+0x1a5/0x480 [ 19.659336] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.659653] kthread+0x337/0x6f0 [ 19.659886] ret_from_fork+0x116/0x1d0 [ 19.660072] ret_from_fork_asm+0x1a/0x30 [ 19.660340] [ 19.660518] CPU: 0 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 19.661078] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.661338] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.661795] ================================================================== [ 19.548451] ================================================================== [ 19.548996] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 19.548996] [ 19.549523] Use-after-free read at 0x(____ptrval____) (in kfence-#78): [ 19.549847] test_use_after_free_read+0x129/0x270 [ 19.550132] kunit_try_run_case+0x1a5/0x480 [ 19.550318] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.550626] kthread+0x337/0x6f0 [ 19.551085] ret_from_fork+0x116/0x1d0 [ 19.551319] ret_from_fork_asm+0x1a/0x30 [ 19.551524] [ 19.551630] kfence-#78: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 19.551630] [ 19.552684] allocated by task 313 on cpu 1 at 19.548209s (0.004472s ago): [ 19.553199] test_alloc+0x364/0x10f0 [ 19.553502] test_use_after_free_read+0xdc/0x270 [ 19.553816] kunit_try_run_case+0x1a5/0x480 [ 19.554242] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.554464] kthread+0x337/0x6f0 [ 19.554610] ret_from_fork+0x116/0x1d0 [ 19.554793] ret_from_fork_asm+0x1a/0x30 [ 19.555302] [ 19.555577] freed by task 313 on cpu 1 at 19.548268s (0.007208s ago): [ 19.556151] test_use_after_free_read+0x1e7/0x270 [ 19.556514] kunit_try_run_case+0x1a5/0x480 [ 19.556847] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.557130] kthread+0x337/0x6f0 [ 19.557321] ret_from_fork+0x116/0x1d0 [ 19.557517] ret_from_fork_asm+0x1a/0x30 [ 19.558063] [ 19.558201] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 19.558970] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.559293] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.559853] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 18.821470] ================================================================== [ 18.822068] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 18.822068] [ 18.822636] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#71): [ 18.823152] test_out_of_bounds_read+0x126/0x4e0 [ 18.823491] kunit_try_run_case+0x1a5/0x480 [ 18.823733] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.824014] kthread+0x337/0x6f0 [ 18.824232] ret_from_fork+0x116/0x1d0 [ 18.824438] ret_from_fork_asm+0x1a/0x30 [ 18.824680] [ 18.824982] kfence-#71: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.824982] [ 18.825570] allocated by task 305 on cpu 1 at 18.820219s (0.005286s ago): [ 18.826467] test_alloc+0x364/0x10f0 [ 18.826701] test_out_of_bounds_read+0xed/0x4e0 [ 18.826977] kunit_try_run_case+0x1a5/0x480 [ 18.827276] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.827576] kthread+0x337/0x6f0 [ 18.827778] ret_from_fork+0x116/0x1d0 [ 18.828007] ret_from_fork_asm+0x1a/0x30 [ 18.828311] [ 18.828467] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 18.829000] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.829325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.829741] ================================================================== [ 19.236272] ================================================================== [ 19.236764] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 19.236764] [ 19.237235] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#75): [ 19.237617] test_out_of_bounds_read+0x216/0x4e0 [ 19.237840] kunit_try_run_case+0x1a5/0x480 [ 19.238132] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.238463] kthread+0x337/0x6f0 [ 19.238677] ret_from_fork+0x116/0x1d0 [ 19.238860] ret_from_fork_asm+0x1a/0x30 [ 19.239187] [ 19.239307] kfence-#75: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.239307] [ 19.239638] allocated by task 307 on cpu 1 at 19.236210s (0.003425s ago): [ 19.240344] test_alloc+0x2a6/0x10f0 [ 19.240566] test_out_of_bounds_read+0x1e2/0x4e0 [ 19.240769] kunit_try_run_case+0x1a5/0x480 [ 19.241189] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.241425] kthread+0x337/0x6f0 [ 19.241577] ret_from_fork+0x116/0x1d0 [ 19.241826] ret_from_fork_asm+0x1a/0x30 [ 19.242073] [ 19.242219] CPU: 1 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 19.242844] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.243041] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.243495] ================================================================== [ 19.028256] ================================================================== [ 19.028730] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 19.028730] [ 19.029185] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#73): [ 19.029573] test_out_of_bounds_read+0x126/0x4e0 [ 19.029796] kunit_try_run_case+0x1a5/0x480 [ 19.030005] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.030392] kthread+0x337/0x6f0 [ 19.030681] ret_from_fork+0x116/0x1d0 [ 19.030989] ret_from_fork_asm+0x1a/0x30 [ 19.031189] [ 19.031280] kfence-#73: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.031280] [ 19.031764] allocated by task 307 on cpu 1 at 19.028188s (0.003574s ago): [ 19.032194] test_alloc+0x2a6/0x10f0 [ 19.032361] test_out_of_bounds_read+0xed/0x4e0 [ 19.032635] kunit_try_run_case+0x1a5/0x480 [ 19.032903] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.033280] kthread+0x337/0x6f0 [ 19.033430] ret_from_fork+0x116/0x1d0 [ 19.033661] ret_from_fork_asm+0x1a/0x30 [ 19.034010] [ 19.034156] CPU: 1 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 19.034705] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.034898] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.035282] ================================================================== [ 18.924419] ================================================================== [ 18.924839] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 18.924839] [ 18.925264] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#72): [ 18.925597] test_out_of_bounds_read+0x216/0x4e0 [ 18.925886] kunit_try_run_case+0x1a5/0x480 [ 18.926234] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.926488] kthread+0x337/0x6f0 [ 18.926728] ret_from_fork+0x116/0x1d0 [ 18.926936] ret_from_fork_asm+0x1a/0x30 [ 18.927113] [ 18.927208] kfence-#72: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.927208] [ 18.927549] allocated by task 305 on cpu 1 at 18.924196s (0.003351s ago): [ 18.927848] test_alloc+0x364/0x10f0 [ 18.928044] test_out_of_bounds_read+0x1e2/0x4e0 [ 18.928317] kunit_try_run_case+0x1a5/0x480 [ 18.928573] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.928922] kthread+0x337/0x6f0 [ 18.929260] ret_from_fork+0x116/0x1d0 [ 18.929421] ret_from_fork_asm+0x1a/0x30 [ 18.929592] [ 18.929728] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 18.930123] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.930392] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.930766] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 18.537483] ================================================================== [ 18.537830] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 18.538249] Write of size 121 at addr ffff888103332c00 by task kunit_try_catch/303 [ 18.538642] [ 18.538807] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 18.538865] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.538904] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.538933] Call Trace: [ 18.538974] <TASK> [ 18.539001] dump_stack_lvl+0x73/0xb0 [ 18.539055] print_report+0xd1/0x650 [ 18.539102] ? __virt_addr_valid+0x1db/0x2d0 [ 18.539147] ? strncpy_from_user+0x2e/0x1d0 [ 18.539176] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.539205] ? strncpy_from_user+0x2e/0x1d0 [ 18.539233] kasan_report+0x141/0x180 [ 18.539262] ? strncpy_from_user+0x2e/0x1d0 [ 18.539297] kasan_check_range+0x10c/0x1c0 [ 18.539327] __kasan_check_write+0x18/0x20 [ 18.539352] strncpy_from_user+0x2e/0x1d0 [ 18.539380] ? __kasan_check_read+0x15/0x20 [ 18.539408] copy_user_test_oob+0x760/0x10f0 [ 18.539441] ? __pfx_copy_user_test_oob+0x10/0x10 [ 18.539469] ? finish_task_switch.isra.0+0x153/0x700 [ 18.539498] ? __switch_to+0x47/0xf50 [ 18.539530] ? __schedule+0x10cc/0x2b60 [ 18.539559] ? __pfx_read_tsc+0x10/0x10 [ 18.539585] ? ktime_get_ts64+0x86/0x230 [ 18.539615] kunit_try_run_case+0x1a5/0x480 [ 18.539662] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.539691] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.539720] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.539750] ? __kthread_parkme+0x82/0x180 [ 18.539792] ? preempt_count_sub+0x50/0x80 [ 18.539822] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.539851] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.539880] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.539909] kthread+0x337/0x6f0 [ 18.539934] ? trace_preempt_on+0x20/0xc0 [ 18.539965] ? __pfx_kthread+0x10/0x10 [ 18.539991] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.540017] ? calculate_sigpending+0x7b/0xa0 [ 18.540047] ? __pfx_kthread+0x10/0x10 [ 18.540075] ret_from_fork+0x116/0x1d0 [ 18.540098] ? __pfx_kthread+0x10/0x10 [ 18.540123] ret_from_fork_asm+0x1a/0x30 [ 18.540161] </TASK> [ 18.540176] [ 18.549742] Allocated by task 303: [ 18.549994] kasan_save_stack+0x45/0x70 [ 18.550299] kasan_save_track+0x18/0x40 [ 18.550573] kasan_save_alloc_info+0x3b/0x50 [ 18.551172] __kasan_kmalloc+0xb7/0xc0 [ 18.551813] __kmalloc_noprof+0x1c9/0x500 [ 18.552701] kunit_kmalloc_array+0x25/0x60 [ 18.553016] copy_user_test_oob+0xab/0x10f0 [ 18.553264] kunit_try_run_case+0x1a5/0x480 [ 18.553493] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.553795] kthread+0x337/0x6f0 [ 18.554447] ret_from_fork+0x116/0x1d0 [ 18.554635] ret_from_fork_asm+0x1a/0x30 [ 18.555163] [ 18.555283] The buggy address belongs to the object at ffff888103332c00 [ 18.555283] which belongs to the cache kmalloc-128 of size 128 [ 18.556221] The buggy address is located 0 bytes inside of [ 18.556221] allocated 120-byte region [ffff888103332c00, ffff888103332c78) [ 18.556997] [ 18.557145] The buggy address belongs to the physical page: [ 18.557570] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103332 [ 18.558067] flags: 0x200000000000000(node=0|zone=2) [ 18.558344] page_type: f5(slab) [ 18.558580] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.558963] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.559364] page dumped because: kasan: bad access detected [ 18.559697] [ 18.559813] Memory state around the buggy address: [ 18.560029] ffff888103332b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.560387] ffff888103332b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.560756] >ffff888103332c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.561177] ^ [ 18.561624] ffff888103332c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.562129] ffff888103332d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.562507] ================================================================== [ 18.563814] ================================================================== [ 18.564230] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 18.564599] Write of size 1 at addr ffff888103332c78 by task kunit_try_catch/303 [ 18.565487] [ 18.565668] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 18.565730] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.565747] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.565776] Call Trace: [ 18.565817] <TASK> [ 18.565868] dump_stack_lvl+0x73/0xb0 [ 18.565907] print_report+0xd1/0x650 [ 18.565936] ? __virt_addr_valid+0x1db/0x2d0 [ 18.565965] ? strncpy_from_user+0x1a5/0x1d0 [ 18.565994] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.566023] ? strncpy_from_user+0x1a5/0x1d0 [ 18.566051] kasan_report+0x141/0x180 [ 18.566100] ? strncpy_from_user+0x1a5/0x1d0 [ 18.566135] __asan_report_store1_noabort+0x1b/0x30 [ 18.566162] strncpy_from_user+0x1a5/0x1d0 [ 18.566194] copy_user_test_oob+0x760/0x10f0 [ 18.566226] ? __pfx_copy_user_test_oob+0x10/0x10 [ 18.566255] ? finish_task_switch.isra.0+0x153/0x700 [ 18.566303] ? __switch_to+0x47/0xf50 [ 18.566336] ? __schedule+0x10cc/0x2b60 [ 18.566365] ? __pfx_read_tsc+0x10/0x10 [ 18.566392] ? ktime_get_ts64+0x86/0x230 [ 18.566426] kunit_try_run_case+0x1a5/0x480 [ 18.566456] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.566484] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.566514] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.566544] ? __kthread_parkme+0x82/0x180 [ 18.566569] ? preempt_count_sub+0x50/0x80 [ 18.566598] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.566628] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.566669] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.566698] kthread+0x337/0x6f0 [ 18.566722] ? trace_preempt_on+0x20/0xc0 [ 18.566751] ? __pfx_kthread+0x10/0x10 [ 18.566788] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.566815] ? calculate_sigpending+0x7b/0xa0 [ 18.566846] ? __pfx_kthread+0x10/0x10 [ 18.566874] ret_from_fork+0x116/0x1d0 [ 18.566898] ? __pfx_kthread+0x10/0x10 [ 18.566923] ret_from_fork_asm+0x1a/0x30 [ 18.566962] </TASK> [ 18.566976] [ 18.576242] Allocated by task 303: [ 18.576513] kasan_save_stack+0x45/0x70 [ 18.576813] kasan_save_track+0x18/0x40 [ 18.577036] kasan_save_alloc_info+0x3b/0x50 [ 18.577290] __kasan_kmalloc+0xb7/0xc0 [ 18.577500] __kmalloc_noprof+0x1c9/0x500 [ 18.577809] kunit_kmalloc_array+0x25/0x60 [ 18.578109] copy_user_test_oob+0xab/0x10f0 [ 18.578349] kunit_try_run_case+0x1a5/0x480 [ 18.578846] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.579064] kthread+0x337/0x6f0 [ 18.579206] ret_from_fork+0x116/0x1d0 [ 18.579361] ret_from_fork_asm+0x1a/0x30 [ 18.579522] [ 18.579607] The buggy address belongs to the object at ffff888103332c00 [ 18.579607] which belongs to the cache kmalloc-128 of size 128 [ 18.580278] The buggy address is located 0 bytes to the right of [ 18.580278] allocated 120-byte region [ffff888103332c00, ffff888103332c78) [ 18.581114] [ 18.581208] The buggy address belongs to the physical page: [ 18.581410] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103332 [ 18.581972] flags: 0x200000000000000(node=0|zone=2) [ 18.582256] page_type: f5(slab) [ 18.582439] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.582759] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.583208] page dumped because: kasan: bad access detected [ 18.583518] [ 18.583631] Memory state around the buggy address: [ 18.583990] ffff888103332b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.584241] ffff888103332b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.584488] >ffff888103332c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.584745] ^ [ 18.585127] ffff888103332c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.585533] ffff888103332d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.586076] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 18.479016] ================================================================== [ 18.479435] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 18.479918] Write of size 121 at addr ffff888103332c00 by task kunit_try_catch/303 [ 18.480326] [ 18.480475] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 18.480532] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.480550] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.480579] Call Trace: [ 18.480603] <TASK> [ 18.480626] dump_stack_lvl+0x73/0xb0 [ 18.480674] print_report+0xd1/0x650 [ 18.480702] ? __virt_addr_valid+0x1db/0x2d0 [ 18.480731] ? copy_user_test_oob+0x557/0x10f0 [ 18.480785] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.480816] ? copy_user_test_oob+0x557/0x10f0 [ 18.480846] kasan_report+0x141/0x180 [ 18.480874] ? copy_user_test_oob+0x557/0x10f0 [ 18.480910] kasan_check_range+0x10c/0x1c0 [ 18.480940] __kasan_check_write+0x18/0x20 [ 18.480965] copy_user_test_oob+0x557/0x10f0 [ 18.480998] ? __pfx_copy_user_test_oob+0x10/0x10 [ 18.481026] ? finish_task_switch.isra.0+0x153/0x700 [ 18.481054] ? __switch_to+0x47/0xf50 [ 18.481086] ? __schedule+0x10cc/0x2b60 [ 18.481114] ? __pfx_read_tsc+0x10/0x10 [ 18.481141] ? ktime_get_ts64+0x86/0x230 [ 18.481172] kunit_try_run_case+0x1a5/0x480 [ 18.481202] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.481230] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.481259] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.481289] ? __kthread_parkme+0x82/0x180 [ 18.481315] ? preempt_count_sub+0x50/0x80 [ 18.481344] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.481376] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.481404] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.481434] kthread+0x337/0x6f0 [ 18.481459] ? trace_preempt_on+0x20/0xc0 [ 18.481489] ? __pfx_kthread+0x10/0x10 [ 18.481520] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.481549] ? calculate_sigpending+0x7b/0xa0 [ 18.481581] ? __pfx_kthread+0x10/0x10 [ 18.481608] ret_from_fork+0x116/0x1d0 [ 18.481634] ? __pfx_kthread+0x10/0x10 [ 18.481672] ret_from_fork_asm+0x1a/0x30 [ 18.481713] </TASK> [ 18.481728] [ 18.494446] Allocated by task 303: [ 18.494704] kasan_save_stack+0x45/0x70 [ 18.495330] kasan_save_track+0x18/0x40 [ 18.495545] kasan_save_alloc_info+0x3b/0x50 [ 18.495952] __kasan_kmalloc+0xb7/0xc0 [ 18.496178] __kmalloc_noprof+0x1c9/0x500 [ 18.496418] kunit_kmalloc_array+0x25/0x60 [ 18.496898] copy_user_test_oob+0xab/0x10f0 [ 18.497382] kunit_try_run_case+0x1a5/0x480 [ 18.498019] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.498451] kthread+0x337/0x6f0 [ 18.498608] ret_from_fork+0x116/0x1d0 [ 18.498796] ret_from_fork_asm+0x1a/0x30 [ 18.499401] [ 18.499602] The buggy address belongs to the object at ffff888103332c00 [ 18.499602] which belongs to the cache kmalloc-128 of size 128 [ 18.501235] The buggy address is located 0 bytes inside of [ 18.501235] allocated 120-byte region [ffff888103332c00, ffff888103332c78) [ 18.502327] [ 18.502539] The buggy address belongs to the physical page: [ 18.503124] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103332 [ 18.503453] flags: 0x200000000000000(node=0|zone=2) [ 18.503675] page_type: f5(slab) [ 18.503849] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.504404] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.504779] page dumped because: kasan: bad access detected [ 18.505069] [ 18.505187] Memory state around the buggy address: [ 18.505444] ffff888103332b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.505871] ffff888103332b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.506189] >ffff888103332c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.506565] ^ [ 18.506841] ffff888103332c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.507326] ffff888103332d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.507702] ================================================================== [ 18.457669] ================================================================== [ 18.458178] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 18.458469] Read of size 121 at addr ffff888103332c00 by task kunit_try_catch/303 [ 18.458896] [ 18.459421] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 18.459487] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.459505] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.459545] Call Trace: [ 18.459569] <TASK> [ 18.459593] dump_stack_lvl+0x73/0xb0 [ 18.459630] print_report+0xd1/0x650 [ 18.459672] ? __virt_addr_valid+0x1db/0x2d0 [ 18.459702] ? copy_user_test_oob+0x4aa/0x10f0 [ 18.459731] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.459788] ? copy_user_test_oob+0x4aa/0x10f0 [ 18.459819] kasan_report+0x141/0x180 [ 18.459848] ? copy_user_test_oob+0x4aa/0x10f0 [ 18.459883] kasan_check_range+0x10c/0x1c0 [ 18.459913] __kasan_check_read+0x15/0x20 [ 18.459937] copy_user_test_oob+0x4aa/0x10f0 [ 18.459970] ? __pfx_copy_user_test_oob+0x10/0x10 [ 18.459998] ? finish_task_switch.isra.0+0x153/0x700 [ 18.460026] ? __switch_to+0x47/0xf50 [ 18.460057] ? __schedule+0x10cc/0x2b60 [ 18.460086] ? __pfx_read_tsc+0x10/0x10 [ 18.460112] ? ktime_get_ts64+0x86/0x230 [ 18.460144] kunit_try_run_case+0x1a5/0x480 [ 18.460175] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.460203] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.460232] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.460261] ? __kthread_parkme+0x82/0x180 [ 18.460287] ? preempt_count_sub+0x50/0x80 [ 18.460316] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.460348] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.460380] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.460408] kthread+0x337/0x6f0 [ 18.460433] ? trace_preempt_on+0x20/0xc0 [ 18.460464] ? __pfx_kthread+0x10/0x10 [ 18.460492] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.460518] ? calculate_sigpending+0x7b/0xa0 [ 18.460548] ? __pfx_kthread+0x10/0x10 [ 18.460575] ret_from_fork+0x116/0x1d0 [ 18.460599] ? __pfx_kthread+0x10/0x10 [ 18.460625] ret_from_fork_asm+0x1a/0x30 [ 18.460677] </TASK> [ 18.460692] [ 18.469127] Allocated by task 303: [ 18.469367] kasan_save_stack+0x45/0x70 [ 18.469621] kasan_save_track+0x18/0x40 [ 18.469888] kasan_save_alloc_info+0x3b/0x50 [ 18.470112] __kasan_kmalloc+0xb7/0xc0 [ 18.470336] __kmalloc_noprof+0x1c9/0x500 [ 18.470528] kunit_kmalloc_array+0x25/0x60 [ 18.470835] copy_user_test_oob+0xab/0x10f0 [ 18.471045] kunit_try_run_case+0x1a5/0x480 [ 18.471225] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.471514] kthread+0x337/0x6f0 [ 18.471737] ret_from_fork+0x116/0x1d0 [ 18.472002] ret_from_fork_asm+0x1a/0x30 [ 18.472257] [ 18.472375] The buggy address belongs to the object at ffff888103332c00 [ 18.472375] which belongs to the cache kmalloc-128 of size 128 [ 18.472982] The buggy address is located 0 bytes inside of [ 18.472982] allocated 120-byte region [ffff888103332c00, ffff888103332c78) [ 18.473484] [ 18.473609] The buggy address belongs to the physical page: [ 18.473958] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103332 [ 18.474332] flags: 0x200000000000000(node=0|zone=2) [ 18.474607] page_type: f5(slab) [ 18.474848] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.475217] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.475575] page dumped because: kasan: bad access detected [ 18.475859] [ 18.475948] Memory state around the buggy address: [ 18.476141] ffff888103332b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.476406] ffff888103332b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.476830] >ffff888103332c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.477213] ^ [ 18.477677] ffff888103332c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.478063] ffff888103332d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.478352] ================================================================== [ 18.425955] ================================================================== [ 18.426380] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 18.426816] Write of size 121 at addr ffff888103332c00 by task kunit_try_catch/303 [ 18.427208] [ 18.427351] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 18.427413] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.427430] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.427460] Call Trace: [ 18.427480] <TASK> [ 18.427505] dump_stack_lvl+0x73/0xb0 [ 18.427543] print_report+0xd1/0x650 [ 18.427573] ? __virt_addr_valid+0x1db/0x2d0 [ 18.427603] ? copy_user_test_oob+0x3fd/0x10f0 [ 18.427633] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.427674] ? copy_user_test_oob+0x3fd/0x10f0 [ 18.427705] kasan_report+0x141/0x180 [ 18.427733] ? copy_user_test_oob+0x3fd/0x10f0 [ 18.427793] kasan_check_range+0x10c/0x1c0 [ 18.427823] __kasan_check_write+0x18/0x20 [ 18.427849] copy_user_test_oob+0x3fd/0x10f0 [ 18.427881] ? __pfx_copy_user_test_oob+0x10/0x10 [ 18.427910] ? finish_task_switch.isra.0+0x153/0x700 [ 18.427939] ? __switch_to+0x47/0xf50 [ 18.427972] ? __schedule+0x10cc/0x2b60 [ 18.428001] ? __pfx_read_tsc+0x10/0x10 [ 18.428027] ? ktime_get_ts64+0x86/0x230 [ 18.428058] kunit_try_run_case+0x1a5/0x480 [ 18.428091] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.428118] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.428148] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.428178] ? __kthread_parkme+0x82/0x180 [ 18.428204] ? preempt_count_sub+0x50/0x80 [ 18.428233] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.428262] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.428292] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.428321] kthread+0x337/0x6f0 [ 18.428347] ? trace_preempt_on+0x20/0xc0 [ 18.428378] ? __pfx_kthread+0x10/0x10 [ 18.428404] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.428430] ? calculate_sigpending+0x7b/0xa0 [ 18.428460] ? __pfx_kthread+0x10/0x10 [ 18.428487] ret_from_fork+0x116/0x1d0 [ 18.428510] ? __pfx_kthread+0x10/0x10 [ 18.428535] ret_from_fork_asm+0x1a/0x30 [ 18.428575] </TASK> [ 18.428591] [ 18.442622] Allocated by task 303: [ 18.442914] kasan_save_stack+0x45/0x70 [ 18.443357] kasan_save_track+0x18/0x40 [ 18.443818] kasan_save_alloc_info+0x3b/0x50 [ 18.444270] __kasan_kmalloc+0xb7/0xc0 [ 18.444682] __kmalloc_noprof+0x1c9/0x500 [ 18.445022] kunit_kmalloc_array+0x25/0x60 [ 18.445205] copy_user_test_oob+0xab/0x10f0 [ 18.445384] kunit_try_run_case+0x1a5/0x480 [ 18.445561] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.446066] kthread+0x337/0x6f0 [ 18.446429] ret_from_fork+0x116/0x1d0 [ 18.446870] ret_from_fork_asm+0x1a/0x30 [ 18.447302] [ 18.447493] The buggy address belongs to the object at ffff888103332c00 [ 18.447493] which belongs to the cache kmalloc-128 of size 128 [ 18.448747] The buggy address is located 0 bytes inside of [ 18.448747] allocated 120-byte region [ffff888103332c00, ffff888103332c78) [ 18.449875] [ 18.449968] The buggy address belongs to the physical page: [ 18.450183] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103332 [ 18.450479] flags: 0x200000000000000(node=0|zone=2) [ 18.450737] page_type: f5(slab) [ 18.451110] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.451910] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.452678] page dumped because: kasan: bad access detected [ 18.453267] [ 18.453458] Memory state around the buggy address: [ 18.453988] ffff888103332b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.454737] ffff888103332b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.455484] >ffff888103332c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.456125] ^ [ 18.456388] ffff888103332c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.456663] ffff888103332d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.457004] ================================================================== [ 18.509716] ================================================================== [ 18.510699] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 18.511258] Read of size 121 at addr ffff888103332c00 by task kunit_try_catch/303 [ 18.511957] [ 18.512216] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 18.512280] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.512298] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.512328] Call Trace: [ 18.512454] <TASK> [ 18.512483] dump_stack_lvl+0x73/0xb0 [ 18.512523] print_report+0xd1/0x650 [ 18.512552] ? __virt_addr_valid+0x1db/0x2d0 [ 18.512583] ? copy_user_test_oob+0x604/0x10f0 [ 18.512614] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.512642] ? copy_user_test_oob+0x604/0x10f0 [ 18.512688] kasan_report+0x141/0x180 [ 18.512717] ? copy_user_test_oob+0x604/0x10f0 [ 18.512752] kasan_check_range+0x10c/0x1c0 [ 18.512782] __kasan_check_read+0x15/0x20 [ 18.512807] copy_user_test_oob+0x604/0x10f0 [ 18.512839] ? __pfx_copy_user_test_oob+0x10/0x10 [ 18.512867] ? finish_task_switch.isra.0+0x153/0x700 [ 18.512894] ? __switch_to+0x47/0xf50 [ 18.512926] ? __schedule+0x10cc/0x2b60 [ 18.512955] ? __pfx_read_tsc+0x10/0x10 [ 18.512982] ? ktime_get_ts64+0x86/0x230 [ 18.513012] kunit_try_run_case+0x1a5/0x480 [ 18.513043] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.513071] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.513101] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.513131] ? __kthread_parkme+0x82/0x180 [ 18.513157] ? preempt_count_sub+0x50/0x80 [ 18.513186] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.513216] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.513245] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.513274] kthread+0x337/0x6f0 [ 18.513299] ? trace_preempt_on+0x20/0xc0 [ 18.513329] ? __pfx_kthread+0x10/0x10 [ 18.513355] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.513382] ? calculate_sigpending+0x7b/0xa0 [ 18.513412] ? __pfx_kthread+0x10/0x10 [ 18.513439] ret_from_fork+0x116/0x1d0 [ 18.513463] ? __pfx_kthread+0x10/0x10 [ 18.513489] ret_from_fork_asm+0x1a/0x30 [ 18.513528] </TASK> [ 18.513543] [ 18.524794] Allocated by task 303: [ 18.524963] kasan_save_stack+0x45/0x70 [ 18.525259] kasan_save_track+0x18/0x40 [ 18.525494] kasan_save_alloc_info+0x3b/0x50 [ 18.525790] __kasan_kmalloc+0xb7/0xc0 [ 18.525967] __kmalloc_noprof+0x1c9/0x500 [ 18.526181] kunit_kmalloc_array+0x25/0x60 [ 18.526441] copy_user_test_oob+0xab/0x10f0 [ 18.526689] kunit_try_run_case+0x1a5/0x480 [ 18.527109] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.527414] kthread+0x337/0x6f0 [ 18.527617] ret_from_fork+0x116/0x1d0 [ 18.527880] ret_from_fork_asm+0x1a/0x30 [ 18.528091] [ 18.528178] The buggy address belongs to the object at ffff888103332c00 [ 18.528178] which belongs to the cache kmalloc-128 of size 128 [ 18.528623] The buggy address is located 0 bytes inside of [ 18.528623] allocated 120-byte region [ffff888103332c00, ffff888103332c78) [ 18.529539] [ 18.529699] The buggy address belongs to the physical page: [ 18.530318] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103332 [ 18.531494] flags: 0x200000000000000(node=0|zone=2) [ 18.531762] page_type: f5(slab) [ 18.532108] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.532629] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.533069] page dumped because: kasan: bad access detected [ 18.533336] [ 18.533425] Memory state around the buggy address: [ 18.533735] ffff888103332b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.534130] ffff888103332b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.534450] >ffff888103332c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.534844] ^ [ 18.535401] ffff888103332c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.535664] ffff888103332d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.536283] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 18.392958] ================================================================== [ 18.393355] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x3c/0x70 [ 18.393731] Read of size 121 at addr ffff888103332c00 by task kunit_try_catch/303 [ 18.394118] [ 18.394235] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 18.394293] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.394312] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.394340] Call Trace: [ 18.394366] <TASK> [ 18.394391] dump_stack_lvl+0x73/0xb0 [ 18.394435] print_report+0xd1/0x650 [ 18.394466] ? __virt_addr_valid+0x1db/0x2d0 [ 18.394496] ? _copy_to_user+0x3c/0x70 [ 18.394521] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.394549] ? _copy_to_user+0x3c/0x70 [ 18.394573] kasan_report+0x141/0x180 [ 18.394601] ? _copy_to_user+0x3c/0x70 [ 18.394632] kasan_check_range+0x10c/0x1c0 [ 18.394676] __kasan_check_read+0x15/0x20 [ 18.394701] _copy_to_user+0x3c/0x70 [ 18.394727] copy_user_test_oob+0x364/0x10f0 [ 18.394760] ? __pfx_copy_user_test_oob+0x10/0x10 [ 18.394801] ? finish_task_switch.isra.0+0x153/0x700 [ 18.394830] ? __switch_to+0x47/0xf50 [ 18.394862] ? __schedule+0x10cc/0x2b60 [ 18.394890] ? __pfx_read_tsc+0x10/0x10 [ 18.394917] ? ktime_get_ts64+0x86/0x230 [ 18.394947] kunit_try_run_case+0x1a5/0x480 [ 18.394977] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.395005] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.395035] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.395063] ? __kthread_parkme+0x82/0x180 [ 18.395089] ? preempt_count_sub+0x50/0x80 [ 18.395118] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.395148] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.395177] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.395207] kthread+0x337/0x6f0 [ 18.395232] ? trace_preempt_on+0x20/0xc0 [ 18.395262] ? __pfx_kthread+0x10/0x10 [ 18.395288] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.395315] ? calculate_sigpending+0x7b/0xa0 [ 18.395345] ? __pfx_kthread+0x10/0x10 [ 18.395373] ret_from_fork+0x116/0x1d0 [ 18.395398] ? __pfx_kthread+0x10/0x10 [ 18.395424] ret_from_fork_asm+0x1a/0x30 [ 18.395465] </TASK> [ 18.395480] [ 18.410466] Allocated by task 303: [ 18.410948] kasan_save_stack+0x45/0x70 [ 18.411149] kasan_save_track+0x18/0x40 [ 18.411317] kasan_save_alloc_info+0x3b/0x50 [ 18.411499] __kasan_kmalloc+0xb7/0xc0 [ 18.411676] __kmalloc_noprof+0x1c9/0x500 [ 18.411973] kunit_kmalloc_array+0x25/0x60 [ 18.412271] copy_user_test_oob+0xab/0x10f0 [ 18.412516] kunit_try_run_case+0x1a5/0x480 [ 18.412850] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.413162] kthread+0x337/0x6f0 [ 18.413329] ret_from_fork+0x116/0x1d0 [ 18.413564] ret_from_fork_asm+0x1a/0x30 [ 18.413782] [ 18.413905] The buggy address belongs to the object at ffff888103332c00 [ 18.413905] which belongs to the cache kmalloc-128 of size 128 [ 18.414538] The buggy address is located 0 bytes inside of [ 18.414538] allocated 120-byte region [ffff888103332c00, ffff888103332c78) [ 18.415172] [ 18.415297] The buggy address belongs to the physical page: [ 18.415614] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103332 [ 18.415986] flags: 0x200000000000000(node=0|zone=2) [ 18.416226] page_type: f5(slab) [ 18.416460] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.416944] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.417271] page dumped because: kasan: bad access detected [ 18.417567] [ 18.417715] Memory state around the buggy address: [ 18.417944] ffff888103332b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.418342] ffff888103332b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.418620] >ffff888103332c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.418988] ^ [ 18.419392] ffff888103332c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.419815] ffff888103332d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.420119] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 18.352998] ================================================================== [ 18.355602] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 18.357787] Write of size 121 at addr ffff888103332c00 by task kunit_try_catch/303 [ 18.359495] [ 18.359958] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 18.360032] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.360052] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.360233] Call Trace: [ 18.360264] <TASK> [ 18.360296] dump_stack_lvl+0x73/0xb0 [ 18.360345] print_report+0xd1/0x650 [ 18.360377] ? __virt_addr_valid+0x1db/0x2d0 [ 18.360410] ? _copy_from_user+0x32/0x90 [ 18.360435] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.360463] ? _copy_from_user+0x32/0x90 [ 18.360488] kasan_report+0x141/0x180 [ 18.360516] ? _copy_from_user+0x32/0x90 [ 18.360545] kasan_check_range+0x10c/0x1c0 [ 18.360575] __kasan_check_write+0x18/0x20 [ 18.360601] _copy_from_user+0x32/0x90 [ 18.360628] copy_user_test_oob+0x2be/0x10f0 [ 18.360675] ? __pfx_copy_user_test_oob+0x10/0x10 [ 18.360704] ? finish_task_switch.isra.0+0x153/0x700 [ 18.360733] ? __switch_to+0x47/0xf50 [ 18.360794] ? __schedule+0x10cc/0x2b60 [ 18.360822] ? __pfx_read_tsc+0x10/0x10 [ 18.360851] ? ktime_get_ts64+0x86/0x230 [ 18.360886] kunit_try_run_case+0x1a5/0x480 [ 18.360917] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.360945] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.360976] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.361005] ? __kthread_parkme+0x82/0x180 [ 18.361033] ? preempt_count_sub+0x50/0x80 [ 18.361062] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.361092] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.361121] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.361151] kthread+0x337/0x6f0 [ 18.361177] ? trace_preempt_on+0x20/0xc0 [ 18.361208] ? __pfx_kthread+0x10/0x10 [ 18.361234] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.361260] ? calculate_sigpending+0x7b/0xa0 [ 18.361292] ? __pfx_kthread+0x10/0x10 [ 18.361319] ret_from_fork+0x116/0x1d0 [ 18.361343] ? __pfx_kthread+0x10/0x10 [ 18.361370] ret_from_fork_asm+0x1a/0x30 [ 18.361410] </TASK> [ 18.361428] [ 18.377439] Allocated by task 303: [ 18.377632] kasan_save_stack+0x45/0x70 [ 18.377842] kasan_save_track+0x18/0x40 [ 18.378010] kasan_save_alloc_info+0x3b/0x50 [ 18.378436] __kasan_kmalloc+0xb7/0xc0 [ 18.378893] __kmalloc_noprof+0x1c9/0x500 [ 18.379321] kunit_kmalloc_array+0x25/0x60 [ 18.379761] copy_user_test_oob+0xab/0x10f0 [ 18.380270] kunit_try_run_case+0x1a5/0x480 [ 18.380746] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.381312] kthread+0x337/0x6f0 [ 18.381615] ret_from_fork+0x116/0x1d0 [ 18.381814] ret_from_fork_asm+0x1a/0x30 [ 18.382234] [ 18.382435] The buggy address belongs to the object at ffff888103332c00 [ 18.382435] which belongs to the cache kmalloc-128 of size 128 [ 18.383383] The buggy address is located 0 bytes inside of [ 18.383383] allocated 120-byte region [ffff888103332c00, ffff888103332c78) [ 18.383891] [ 18.383998] The buggy address belongs to the physical page: [ 18.384269] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103332 [ 18.384666] flags: 0x200000000000000(node=0|zone=2) [ 18.384956] page_type: f5(slab) [ 18.385162] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.385530] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.385827] page dumped because: kasan: bad access detected [ 18.386135] [ 18.386331] Memory state around the buggy address: [ 18.386571] ffff888103332b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.386998] ffff888103332b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.387326] >ffff888103332c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.387683] ^ [ 18.388049] ffff888103332c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.388379] ffff888103332d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.388688] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 18.290123] ================================================================== [ 18.290470] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 18.290862] Write of size 8 at addr ffff8881038e9478 by task kunit_try_catch/299 [ 18.291298] [ 18.291438] CPU: 0 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 18.291500] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.291518] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.291547] Call Trace: [ 18.291573] <TASK> [ 18.291596] dump_stack_lvl+0x73/0xb0 [ 18.291639] print_report+0xd1/0x650 [ 18.291681] ? __virt_addr_valid+0x1db/0x2d0 [ 18.291711] ? copy_to_kernel_nofault+0x99/0x260 [ 18.291741] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.291770] ? copy_to_kernel_nofault+0x99/0x260 [ 18.291799] kasan_report+0x141/0x180 [ 18.291828] ? copy_to_kernel_nofault+0x99/0x260 [ 18.291863] kasan_check_range+0x10c/0x1c0 [ 18.291893] __kasan_check_write+0x18/0x20 [ 18.291917] copy_to_kernel_nofault+0x99/0x260 [ 18.291949] copy_to_kernel_nofault_oob+0x288/0x560 [ 18.291979] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 18.292008] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 18.292054] ? trace_hardirqs_on+0x37/0xe0 [ 18.292095] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 18.292130] kunit_try_run_case+0x1a5/0x480 [ 18.292161] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.292188] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.292218] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.292248] ? __kthread_parkme+0x82/0x180 [ 18.292275] ? preempt_count_sub+0x50/0x80 [ 18.292305] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.292335] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.292363] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.292392] kthread+0x337/0x6f0 [ 18.292418] ? trace_preempt_on+0x20/0xc0 [ 18.292445] ? __pfx_kthread+0x10/0x10 [ 18.292472] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.292501] ? calculate_sigpending+0x7b/0xa0 [ 18.292532] ? __pfx_kthread+0x10/0x10 [ 18.292560] ret_from_fork+0x116/0x1d0 [ 18.292584] ? __pfx_kthread+0x10/0x10 [ 18.292612] ret_from_fork_asm+0x1a/0x30 [ 18.292661] </TASK> [ 18.292679] [ 18.302128] Allocated by task 299: [ 18.302368] kasan_save_stack+0x45/0x70 [ 18.302558] kasan_save_track+0x18/0x40 [ 18.302738] kasan_save_alloc_info+0x3b/0x50 [ 18.302920] __kasan_kmalloc+0xb7/0xc0 [ 18.303100] __kmalloc_cache_noprof+0x189/0x420 [ 18.303364] copy_to_kernel_nofault_oob+0x12f/0x560 [ 18.303643] kunit_try_run_case+0x1a5/0x480 [ 18.303905] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.304245] kthread+0x337/0x6f0 [ 18.304392] ret_from_fork+0x116/0x1d0 [ 18.304554] ret_from_fork_asm+0x1a/0x30 [ 18.304755] [ 18.304980] The buggy address belongs to the object at ffff8881038e9400 [ 18.304980] which belongs to the cache kmalloc-128 of size 128 [ 18.305622] The buggy address is located 0 bytes to the right of [ 18.305622] allocated 120-byte region [ffff8881038e9400, ffff8881038e9478) [ 18.306357] [ 18.306494] The buggy address belongs to the physical page: [ 18.308975] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e9 [ 18.310491] flags: 0x200000000000000(node=0|zone=2) [ 18.311385] page_type: f5(slab) [ 18.312563] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.314216] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.314741] page dumped because: kasan: bad access detected [ 18.316042] [ 18.317204] Memory state around the buggy address: [ 18.318097] ffff8881038e9300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.318382] ffff8881038e9380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.318667] >ffff8881038e9400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.320450] ^ [ 18.321751] ffff8881038e9480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.323772] ffff8881038e9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.325195] ================================================================== [ 18.259157] ================================================================== [ 18.260249] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 18.260565] Read of size 8 at addr ffff8881038e9478 by task kunit_try_catch/299 [ 18.260923] [ 18.261106] CPU: 0 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 18.261171] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.261190] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.261220] Call Trace: [ 18.261238] <TASK> [ 18.261265] dump_stack_lvl+0x73/0xb0 [ 18.261312] print_report+0xd1/0x650 [ 18.261343] ? __virt_addr_valid+0x1db/0x2d0 [ 18.261375] ? copy_to_kernel_nofault+0x225/0x260 [ 18.261405] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.261435] ? copy_to_kernel_nofault+0x225/0x260 [ 18.261493] kasan_report+0x141/0x180 [ 18.261521] ? copy_to_kernel_nofault+0x225/0x260 [ 18.261576] __asan_report_load8_noabort+0x18/0x20 [ 18.261607] copy_to_kernel_nofault+0x225/0x260 [ 18.261640] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 18.261685] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 18.261714] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 18.261746] ? trace_hardirqs_on+0x37/0xe0 [ 18.261810] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 18.261853] kunit_try_run_case+0x1a5/0x480 [ 18.261924] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.261953] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.261985] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.262014] ? __kthread_parkme+0x82/0x180 [ 18.262042] ? preempt_count_sub+0x50/0x80 [ 18.262075] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.262105] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.262135] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.262164] kthread+0x337/0x6f0 [ 18.262190] ? trace_preempt_on+0x20/0xc0 [ 18.262217] ? __pfx_kthread+0x10/0x10 [ 18.262245] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.262273] ? calculate_sigpending+0x7b/0xa0 [ 18.262305] ? __pfx_kthread+0x10/0x10 [ 18.262333] ret_from_fork+0x116/0x1d0 [ 18.262359] ? __pfx_kthread+0x10/0x10 [ 18.262385] ret_from_fork_asm+0x1a/0x30 [ 18.262431] </TASK> [ 18.262448] [ 18.273435] Allocated by task 299: [ 18.274070] kasan_save_stack+0x45/0x70 [ 18.274581] kasan_save_track+0x18/0x40 [ 18.275047] kasan_save_alloc_info+0x3b/0x50 [ 18.275435] __kasan_kmalloc+0xb7/0xc0 [ 18.275679] __kmalloc_cache_noprof+0x189/0x420 [ 18.276277] copy_to_kernel_nofault_oob+0x12f/0x560 [ 18.276713] kunit_try_run_case+0x1a5/0x480 [ 18.277178] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.277496] kthread+0x337/0x6f0 [ 18.277708] ret_from_fork+0x116/0x1d0 [ 18.278268] ret_from_fork_asm+0x1a/0x30 [ 18.278781] [ 18.279023] The buggy address belongs to the object at ffff8881038e9400 [ 18.279023] which belongs to the cache kmalloc-128 of size 128 [ 18.279591] The buggy address is located 0 bytes to the right of [ 18.279591] allocated 120-byte region [ffff8881038e9400, ffff8881038e9478) [ 18.280903] [ 18.281190] The buggy address belongs to the physical page: [ 18.281693] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e9 [ 18.282414] flags: 0x200000000000000(node=0|zone=2) [ 18.282938] page_type: f5(slab) [ 18.283417] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.284131] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.284673] page dumped because: kasan: bad access detected [ 18.285259] [ 18.285389] Memory state around the buggy address: [ 18.285642] ffff8881038e9300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.286526] ffff8881038e9380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.287191] >ffff8881038e9400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.287567] ^ [ 18.288287] ffff8881038e9480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.288840] ffff8881038e9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.289337] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 16.892393] ================================================================== [ 16.892755] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 16.893098] Write of size 4 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 16.893393] [ 16.893499] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.893555] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.893572] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.893601] Call Trace: [ 16.893624] <TASK> [ 16.893710] dump_stack_lvl+0x73/0xb0 [ 16.893754] print_report+0xd1/0x650 [ 16.893783] ? __virt_addr_valid+0x1db/0x2d0 [ 16.893854] ? kasan_atomics_helper+0xac7/0x5450 [ 16.893884] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.893913] ? kasan_atomics_helper+0xac7/0x5450 [ 16.893940] kasan_report+0x141/0x180 [ 16.893969] ? kasan_atomics_helper+0xac7/0x5450 [ 16.894001] kasan_check_range+0x10c/0x1c0 [ 16.894031] __kasan_check_write+0x18/0x20 [ 16.894056] kasan_atomics_helper+0xac7/0x5450 [ 16.894084] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.894112] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.894143] ? kasan_atomics+0x152/0x310 [ 16.894177] kasan_atomics+0x1dc/0x310 [ 16.894205] ? __pfx_kasan_atomics+0x10/0x10 [ 16.894236] ? __pfx_read_tsc+0x10/0x10 [ 16.894263] ? ktime_get_ts64+0x86/0x230 [ 16.894292] kunit_try_run_case+0x1a5/0x480 [ 16.894324] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.894351] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.894382] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.894411] ? __kthread_parkme+0x82/0x180 [ 16.894442] ? preempt_count_sub+0x50/0x80 [ 16.894471] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.894500] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.894529] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.894558] kthread+0x337/0x6f0 [ 16.894582] ? trace_preempt_on+0x20/0xc0 [ 16.894611] ? __pfx_kthread+0x10/0x10 [ 16.894637] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.894677] ? calculate_sigpending+0x7b/0xa0 [ 16.894707] ? __pfx_kthread+0x10/0x10 [ 16.894733] ret_from_fork+0x116/0x1d0 [ 16.894757] ? __pfx_kthread+0x10/0x10 [ 16.894782] ret_from_fork_asm+0x1a/0x30 [ 16.894868] </TASK> [ 16.894883] [ 16.904927] Allocated by task 283: [ 16.905121] kasan_save_stack+0x45/0x70 [ 16.905303] kasan_save_track+0x18/0x40 [ 16.905466] kasan_save_alloc_info+0x3b/0x50 [ 16.905713] __kasan_kmalloc+0xb7/0xc0 [ 16.905938] __kmalloc_cache_noprof+0x189/0x420 [ 16.906207] kasan_atomics+0x95/0x310 [ 16.906441] kunit_try_run_case+0x1a5/0x480 [ 16.906713] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.906920] kthread+0x337/0x6f0 [ 16.907065] ret_from_fork+0x116/0x1d0 [ 16.907270] ret_from_fork_asm+0x1a/0x30 [ 16.907509] [ 16.907624] The buggy address belongs to the object at ffff888103349180 [ 16.907624] which belongs to the cache kmalloc-64 of size 64 [ 16.908276] The buggy address is located 0 bytes to the right of [ 16.908276] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 16.910687] [ 16.911109] The buggy address belongs to the physical page: [ 16.911364] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 16.911683] flags: 0x200000000000000(node=0|zone=2) [ 16.912009] page_type: f5(slab) [ 16.912578] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.913535] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.914769] page dumped because: kasan: bad access detected [ 16.915560] [ 16.915773] Memory state around the buggy address: [ 16.916382] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.916743] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.917028] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.917915] ^ [ 16.918465] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.919321] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.920078] ================================================================== [ 16.519549] ================================================================== [ 16.519863] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 16.520788] Read of size 4 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 16.521488] [ 16.521887] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.521953] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.521971] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.522000] Call Trace: [ 16.522024] <TASK> [ 16.522048] dump_stack_lvl+0x73/0xb0 [ 16.522086] print_report+0xd1/0x650 [ 16.522117] ? __virt_addr_valid+0x1db/0x2d0 [ 16.522146] ? kasan_atomics_helper+0x4b54/0x5450 [ 16.522173] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.522202] ? kasan_atomics_helper+0x4b54/0x5450 [ 16.522230] kasan_report+0x141/0x180 [ 16.522259] ? kasan_atomics_helper+0x4b54/0x5450 [ 16.522291] __asan_report_load4_noabort+0x18/0x20 [ 16.522322] kasan_atomics_helper+0x4b54/0x5450 [ 16.522349] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.522376] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.522408] ? kasan_atomics+0x152/0x310 [ 16.522449] kasan_atomics+0x1dc/0x310 [ 16.522476] ? __pfx_kasan_atomics+0x10/0x10 [ 16.522507] ? __pfx_read_tsc+0x10/0x10 [ 16.522533] ? ktime_get_ts64+0x86/0x230 [ 16.522564] kunit_try_run_case+0x1a5/0x480 [ 16.522595] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.522623] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.522666] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.522695] ? __kthread_parkme+0x82/0x180 [ 16.522721] ? preempt_count_sub+0x50/0x80 [ 16.522751] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.522781] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.522809] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.522839] kthread+0x337/0x6f0 [ 16.522863] ? trace_preempt_on+0x20/0xc0 [ 16.522893] ? __pfx_kthread+0x10/0x10 [ 16.522920] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.522945] ? calculate_sigpending+0x7b/0xa0 [ 16.522975] ? __pfx_kthread+0x10/0x10 [ 16.523003] ret_from_fork+0x116/0x1d0 [ 16.523026] ? __pfx_kthread+0x10/0x10 [ 16.523052] ret_from_fork_asm+0x1a/0x30 [ 16.523091] </TASK> [ 16.523106] [ 16.536469] Allocated by task 283: [ 16.536719] kasan_save_stack+0x45/0x70 [ 16.537494] kasan_save_track+0x18/0x40 [ 16.537939] kasan_save_alloc_info+0x3b/0x50 [ 16.538297] __kasan_kmalloc+0xb7/0xc0 [ 16.538630] __kmalloc_cache_noprof+0x189/0x420 [ 16.538900] kasan_atomics+0x95/0x310 [ 16.539270] kunit_try_run_case+0x1a5/0x480 [ 16.539509] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.539971] kthread+0x337/0x6f0 [ 16.540144] ret_from_fork+0x116/0x1d0 [ 16.540545] ret_from_fork_asm+0x1a/0x30 [ 16.540922] [ 16.541158] The buggy address belongs to the object at ffff888103349180 [ 16.541158] which belongs to the cache kmalloc-64 of size 64 [ 16.541871] The buggy address is located 0 bytes to the right of [ 16.541871] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 16.542664] [ 16.543537] The buggy address belongs to the physical page: [ 16.544412] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 16.544737] flags: 0x200000000000000(node=0|zone=2) [ 16.544942] page_type: f5(slab) [ 16.545095] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.545367] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.545637] page dumped because: kasan: bad access detected [ 16.546981] [ 16.547083] Memory state around the buggy address: [ 16.547293] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.547567] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.548420] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.549616] ^ [ 16.551005] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.552399] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.553826] ================================================================== [ 16.869561] ================================================================== [ 16.870269] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 16.870634] Write of size 4 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 16.870979] [ 16.871185] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.871248] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.871266] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.871296] Call Trace: [ 16.871322] <TASK> [ 16.871349] dump_stack_lvl+0x73/0xb0 [ 16.871386] print_report+0xd1/0x650 [ 16.871414] ? __virt_addr_valid+0x1db/0x2d0 [ 16.871445] ? kasan_atomics_helper+0xa2b/0x5450 [ 16.871471] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.871500] ? kasan_atomics_helper+0xa2b/0x5450 [ 16.871527] kasan_report+0x141/0x180 [ 16.871556] ? kasan_atomics_helper+0xa2b/0x5450 [ 16.871588] kasan_check_range+0x10c/0x1c0 [ 16.871619] __kasan_check_write+0x18/0x20 [ 16.871644] kasan_atomics_helper+0xa2b/0x5450 [ 16.871688] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.871716] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.871748] ? kasan_atomics+0x152/0x310 [ 16.871794] kasan_atomics+0x1dc/0x310 [ 16.871824] ? __pfx_kasan_atomics+0x10/0x10 [ 16.871855] ? __pfx_read_tsc+0x10/0x10 [ 16.871883] ? ktime_get_ts64+0x86/0x230 [ 16.871913] kunit_try_run_case+0x1a5/0x480 [ 16.871945] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.871974] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.872003] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.872033] ? __kthread_parkme+0x82/0x180 [ 16.872059] ? preempt_count_sub+0x50/0x80 [ 16.872089] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.872119] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.872148] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.872177] kthread+0x337/0x6f0 [ 16.872203] ? trace_preempt_on+0x20/0xc0 [ 16.872233] ? __pfx_kthread+0x10/0x10 [ 16.872259] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.872286] ? calculate_sigpending+0x7b/0xa0 [ 16.872315] ? __pfx_kthread+0x10/0x10 [ 16.872344] ret_from_fork+0x116/0x1d0 [ 16.872368] ? __pfx_kthread+0x10/0x10 [ 16.872393] ret_from_fork_asm+0x1a/0x30 [ 16.872432] </TASK> [ 16.872448] [ 16.881702] Allocated by task 283: [ 16.881970] kasan_save_stack+0x45/0x70 [ 16.882212] kasan_save_track+0x18/0x40 [ 16.882383] kasan_save_alloc_info+0x3b/0x50 [ 16.882568] __kasan_kmalloc+0xb7/0xc0 [ 16.882769] __kmalloc_cache_noprof+0x189/0x420 [ 16.883253] kasan_atomics+0x95/0x310 [ 16.883494] kunit_try_run_case+0x1a5/0x480 [ 16.883744] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.884035] kthread+0x337/0x6f0 [ 16.884304] ret_from_fork+0x116/0x1d0 [ 16.884521] ret_from_fork_asm+0x1a/0x30 [ 16.884766] [ 16.884885] The buggy address belongs to the object at ffff888103349180 [ 16.884885] which belongs to the cache kmalloc-64 of size 64 [ 16.885291] The buggy address is located 0 bytes to the right of [ 16.885291] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 16.886020] [ 16.886141] The buggy address belongs to the physical page: [ 16.886447] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 16.887063] flags: 0x200000000000000(node=0|zone=2) [ 16.887271] page_type: f5(slab) [ 16.887418] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.887710] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.888630] page dumped because: kasan: bad access detected [ 16.889238] [ 16.889373] Memory state around the buggy address: [ 16.889634] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.890241] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.890594] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.890877] ^ [ 16.891058] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.891378] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.891777] ================================================================== [ 17.316965] ================================================================== [ 17.317598] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 17.318098] Write of size 4 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 17.318440] [ 17.318585] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.318690] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.318710] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.318743] Call Trace: [ 17.318768] <TASK> [ 17.318794] dump_stack_lvl+0x73/0xb0 [ 17.318832] print_report+0xd1/0x650 [ 17.318862] ? __virt_addr_valid+0x1db/0x2d0 [ 17.318893] ? kasan_atomics_helper+0x12e6/0x5450 [ 17.318920] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.318950] ? kasan_atomics_helper+0x12e6/0x5450 [ 17.318978] kasan_report+0x141/0x180 [ 17.319008] ? kasan_atomics_helper+0x12e6/0x5450 [ 17.319041] kasan_check_range+0x10c/0x1c0 [ 17.319071] __kasan_check_write+0x18/0x20 [ 17.319095] kasan_atomics_helper+0x12e6/0x5450 [ 17.319124] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.319152] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.319184] ? kasan_atomics+0x152/0x310 [ 17.319219] kasan_atomics+0x1dc/0x310 [ 17.319248] ? __pfx_kasan_atomics+0x10/0x10 [ 17.319279] ? __pfx_read_tsc+0x10/0x10 [ 17.319308] ? ktime_get_ts64+0x86/0x230 [ 17.319339] kunit_try_run_case+0x1a5/0x480 [ 17.319370] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.319400] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.319431] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.319459] ? __kthread_parkme+0x82/0x180 [ 17.319485] ? preempt_count_sub+0x50/0x80 [ 17.319515] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.319544] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.319573] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.319602] kthread+0x337/0x6f0 [ 17.319627] ? trace_preempt_on+0x20/0xc0 [ 17.319668] ? __pfx_kthread+0x10/0x10 [ 17.319694] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.319720] ? calculate_sigpending+0x7b/0xa0 [ 17.319750] ? __pfx_kthread+0x10/0x10 [ 17.319793] ret_from_fork+0x116/0x1d0 [ 17.319816] ? __pfx_kthread+0x10/0x10 [ 17.319843] ret_from_fork_asm+0x1a/0x30 [ 17.319881] </TASK> [ 17.319896] [ 17.329103] Allocated by task 283: [ 17.329300] kasan_save_stack+0x45/0x70 [ 17.329476] kasan_save_track+0x18/0x40 [ 17.329684] kasan_save_alloc_info+0x3b/0x50 [ 17.329939] __kasan_kmalloc+0xb7/0xc0 [ 17.330169] __kmalloc_cache_noprof+0x189/0x420 [ 17.330527] kasan_atomics+0x95/0x310 [ 17.330853] kunit_try_run_case+0x1a5/0x480 [ 17.331046] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.331257] kthread+0x337/0x6f0 [ 17.331469] ret_from_fork+0x116/0x1d0 [ 17.331713] ret_from_fork_asm+0x1a/0x30 [ 17.331977] [ 17.332072] The buggy address belongs to the object at ffff888103349180 [ 17.332072] which belongs to the cache kmalloc-64 of size 64 [ 17.332604] The buggy address is located 0 bytes to the right of [ 17.332604] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 17.333056] [ 17.333148] The buggy address belongs to the physical page: [ 17.333434] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 17.333868] flags: 0x200000000000000(node=0|zone=2) [ 17.334167] page_type: f5(slab) [ 17.334372] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.334802] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.335117] page dumped because: kasan: bad access detected [ 17.335328] [ 17.335416] Memory state around the buggy address: [ 17.335616] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.336315] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.336725] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.337138] ^ [ 17.337394] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.337763] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.338099] ================================================================== [ 17.338880] ================================================================== [ 17.339258] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 17.339570] Read of size 4 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 17.340153] [ 17.340302] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.340360] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.340377] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.340406] Call Trace: [ 17.340429] <TASK> [ 17.340452] dump_stack_lvl+0x73/0xb0 [ 17.340489] print_report+0xd1/0x650 [ 17.340517] ? __virt_addr_valid+0x1db/0x2d0 [ 17.340548] ? kasan_atomics_helper+0x49ce/0x5450 [ 17.340575] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.340604] ? kasan_atomics_helper+0x49ce/0x5450 [ 17.340633] kasan_report+0x141/0x180 [ 17.340675] ? kasan_atomics_helper+0x49ce/0x5450 [ 17.340708] __asan_report_load4_noabort+0x18/0x20 [ 17.340739] kasan_atomics_helper+0x49ce/0x5450 [ 17.340769] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.342719] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.342764] ? kasan_atomics+0x152/0x310 [ 17.342802] kasan_atomics+0x1dc/0x310 [ 17.342837] ? __pfx_kasan_atomics+0x10/0x10 [ 17.342869] ? __pfx_read_tsc+0x10/0x10 [ 17.342897] ? ktime_get_ts64+0x86/0x230 [ 17.342928] kunit_try_run_case+0x1a5/0x480 [ 17.342959] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.342988] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.343018] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.343048] ? __kthread_parkme+0x82/0x180 [ 17.343074] ? preempt_count_sub+0x50/0x80 [ 17.343105] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.343136] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.343166] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.343195] kthread+0x337/0x6f0 [ 17.343220] ? trace_preempt_on+0x20/0xc0 [ 17.343250] ? __pfx_kthread+0x10/0x10 [ 17.343276] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.343303] ? calculate_sigpending+0x7b/0xa0 [ 17.343332] ? __pfx_kthread+0x10/0x10 [ 17.343360] ret_from_fork+0x116/0x1d0 [ 17.343383] ? __pfx_kthread+0x10/0x10 [ 17.343410] ret_from_fork_asm+0x1a/0x30 [ 17.343449] </TASK> [ 17.343464] [ 17.353729] Allocated by task 283: [ 17.354011] kasan_save_stack+0x45/0x70 [ 17.354371] kasan_save_track+0x18/0x40 [ 17.354589] kasan_save_alloc_info+0x3b/0x50 [ 17.354845] __kasan_kmalloc+0xb7/0xc0 [ 17.356138] __kmalloc_cache_noprof+0x189/0x420 [ 17.356361] kasan_atomics+0x95/0x310 [ 17.356597] kunit_try_run_case+0x1a5/0x480 [ 17.356869] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.357141] kthread+0x337/0x6f0 [ 17.357293] ret_from_fork+0x116/0x1d0 [ 17.357564] ret_from_fork_asm+0x1a/0x30 [ 17.357915] [ 17.358016] The buggy address belongs to the object at ffff888103349180 [ 17.358016] which belongs to the cache kmalloc-64 of size 64 [ 17.358457] The buggy address is located 0 bytes to the right of [ 17.358457] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 17.359477] [ 17.359625] The buggy address belongs to the physical page: [ 17.360081] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 17.360458] flags: 0x200000000000000(node=0|zone=2) [ 17.360769] page_type: f5(slab) [ 17.360960] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.361274] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.361552] page dumped because: kasan: bad access detected [ 17.361852] [ 17.361971] Memory state around the buggy address: [ 17.362248] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.362739] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.363007] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.363444] ^ [ 17.363743] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.364158] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.364550] ================================================================== [ 17.552054] ================================================================== [ 17.552837] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 17.553578] Write of size 8 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 17.553892] [ 17.554003] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.554060] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.554078] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.554107] Call Trace: [ 17.554130] <TASK> [ 17.554161] dump_stack_lvl+0x73/0xb0 [ 17.554210] print_report+0xd1/0x650 [ 17.554238] ? __virt_addr_valid+0x1db/0x2d0 [ 17.554281] ? kasan_atomics_helper+0x16e7/0x5450 [ 17.554309] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.554337] ? kasan_atomics_helper+0x16e7/0x5450 [ 17.554363] kasan_report+0x141/0x180 [ 17.554391] ? kasan_atomics_helper+0x16e7/0x5450 [ 17.554429] kasan_check_range+0x10c/0x1c0 [ 17.554459] __kasan_check_write+0x18/0x20 [ 17.554483] kasan_atomics_helper+0x16e7/0x5450 [ 17.554511] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.554539] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.554569] ? kasan_atomics+0x152/0x310 [ 17.554603] kasan_atomics+0x1dc/0x310 [ 17.554632] ? __pfx_kasan_atomics+0x10/0x10 [ 17.554674] ? __pfx_read_tsc+0x10/0x10 [ 17.554702] ? ktime_get_ts64+0x86/0x230 [ 17.554731] kunit_try_run_case+0x1a5/0x480 [ 17.554761] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.554802] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.554832] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.554860] ? __kthread_parkme+0x82/0x180 [ 17.554886] ? preempt_count_sub+0x50/0x80 [ 17.554915] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.554944] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.554984] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.555012] kthread+0x337/0x6f0 [ 17.555036] ? trace_preempt_on+0x20/0xc0 [ 17.555080] ? __pfx_kthread+0x10/0x10 [ 17.555105] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.555132] ? calculate_sigpending+0x7b/0xa0 [ 17.555161] ? __pfx_kthread+0x10/0x10 [ 17.555187] ret_from_fork+0x116/0x1d0 [ 17.555211] ? __pfx_kthread+0x10/0x10 [ 17.555237] ret_from_fork_asm+0x1a/0x30 [ 17.555275] </TASK> [ 17.555300] [ 17.564557] Allocated by task 283: [ 17.564796] kasan_save_stack+0x45/0x70 [ 17.565041] kasan_save_track+0x18/0x40 [ 17.565280] kasan_save_alloc_info+0x3b/0x50 [ 17.565520] __kasan_kmalloc+0xb7/0xc0 [ 17.565692] __kmalloc_cache_noprof+0x189/0x420 [ 17.566203] kasan_atomics+0x95/0x310 [ 17.566435] kunit_try_run_case+0x1a5/0x480 [ 17.566614] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.566836] kthread+0x337/0x6f0 [ 17.566984] ret_from_fork+0x116/0x1d0 [ 17.567144] ret_from_fork_asm+0x1a/0x30 [ 17.567315] [ 17.567404] The buggy address belongs to the object at ffff888103349180 [ 17.567404] which belongs to the cache kmalloc-64 of size 64 [ 17.567996] The buggy address is located 0 bytes to the right of [ 17.567996] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 17.568698] [ 17.568821] The buggy address belongs to the physical page: [ 17.569135] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 17.569502] flags: 0x200000000000000(node=0|zone=2) [ 17.569718] page_type: f5(slab) [ 17.569869] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.570151] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.570511] page dumped because: kasan: bad access detected [ 17.570913] [ 17.571048] Memory state around the buggy address: [ 17.571373] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.571820] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.572271] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.572693] ^ [ 17.573218] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.573615] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.573983] ================================================================== [ 17.773045] ================================================================== [ 17.773342] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 17.773634] Write of size 8 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 17.776383] [ 17.776942] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.777009] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.777028] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.777058] Call Trace: [ 17.777084] <TASK> [ 17.777110] dump_stack_lvl+0x73/0xb0 [ 17.777150] print_report+0xd1/0x650 [ 17.777178] ? __virt_addr_valid+0x1db/0x2d0 [ 17.777209] ? kasan_atomics_helper+0x1c18/0x5450 [ 17.777236] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.777265] ? kasan_atomics_helper+0x1c18/0x5450 [ 17.777293] kasan_report+0x141/0x180 [ 17.777323] ? kasan_atomics_helper+0x1c18/0x5450 [ 17.777357] kasan_check_range+0x10c/0x1c0 [ 17.777387] __kasan_check_write+0x18/0x20 [ 17.777412] kasan_atomics_helper+0x1c18/0x5450 [ 17.777441] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.777469] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.777501] ? kasan_atomics+0x152/0x310 [ 17.777535] kasan_atomics+0x1dc/0x310 [ 17.777563] ? __pfx_kasan_atomics+0x10/0x10 [ 17.777593] ? __pfx_read_tsc+0x10/0x10 [ 17.777620] ? ktime_get_ts64+0x86/0x230 [ 17.777666] kunit_try_run_case+0x1a5/0x480 [ 17.777698] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.777725] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.778044] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.778137] ? __kthread_parkme+0x82/0x180 [ 17.778165] ? preempt_count_sub+0x50/0x80 [ 17.778195] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.778225] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.778254] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.778282] kthread+0x337/0x6f0 [ 17.778307] ? trace_preempt_on+0x20/0xc0 [ 17.778338] ? __pfx_kthread+0x10/0x10 [ 17.778364] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.778391] ? calculate_sigpending+0x7b/0xa0 [ 17.778425] ? __pfx_kthread+0x10/0x10 [ 17.778452] ret_from_fork+0x116/0x1d0 [ 17.778476] ? __pfx_kthread+0x10/0x10 [ 17.778502] ret_from_fork_asm+0x1a/0x30 [ 17.778540] </TASK> [ 17.778555] [ 17.802432] Allocated by task 283: [ 17.803367] kasan_save_stack+0x45/0x70 [ 17.804311] kasan_save_track+0x18/0x40 [ 17.805149] kasan_save_alloc_info+0x3b/0x50 [ 17.805918] __kasan_kmalloc+0xb7/0xc0 [ 17.806096] __kmalloc_cache_noprof+0x189/0x420 [ 17.806289] kasan_atomics+0x95/0x310 [ 17.806467] kunit_try_run_case+0x1a5/0x480 [ 17.807432] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.808397] kthread+0x337/0x6f0 [ 17.808949] ret_from_fork+0x116/0x1d0 [ 17.809632] ret_from_fork_asm+0x1a/0x30 [ 17.810318] [ 17.810736] The buggy address belongs to the object at ffff888103349180 [ 17.810736] which belongs to the cache kmalloc-64 of size 64 [ 17.811608] The buggy address is located 0 bytes to the right of [ 17.811608] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 17.813444] [ 17.813938] The buggy address belongs to the physical page: [ 17.814694] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 17.815505] flags: 0x200000000000000(node=0|zone=2) [ 17.816380] page_type: f5(slab) [ 17.817023] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.817537] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.818038] page dumped because: kasan: bad access detected [ 17.818634] [ 17.819041] Memory state around the buggy address: [ 17.819596] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.819901] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.820634] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.821472] ^ [ 17.822009] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.822288] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.822556] ================================================================== [ 17.931434] ================================================================== [ 17.931909] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 17.932261] Write of size 8 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 17.933006] [ 17.933329] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.933393] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.933411] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.933440] Call Trace: [ 17.933466] <TASK> [ 17.933490] dump_stack_lvl+0x73/0xb0 [ 17.933529] print_report+0xd1/0x650 [ 17.933557] ? __virt_addr_valid+0x1db/0x2d0 [ 17.933588] ? kasan_atomics_helper+0x1eaa/0x5450 [ 17.933615] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.933659] ? kasan_atomics_helper+0x1eaa/0x5450 [ 17.933688] kasan_report+0x141/0x180 [ 17.933716] ? kasan_atomics_helper+0x1eaa/0x5450 [ 17.933749] kasan_check_range+0x10c/0x1c0 [ 17.934199] __kasan_check_write+0x18/0x20 [ 17.934235] kasan_atomics_helper+0x1eaa/0x5450 [ 17.934265] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.934295] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.934340] ? kasan_atomics+0x152/0x310 [ 17.934373] kasan_atomics+0x1dc/0x310 [ 17.934402] ? __pfx_kasan_atomics+0x10/0x10 [ 17.934436] ? __pfx_read_tsc+0x10/0x10 [ 17.934465] ? ktime_get_ts64+0x86/0x230 [ 17.934495] kunit_try_run_case+0x1a5/0x480 [ 17.934528] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.934556] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.934586] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.934615] ? __kthread_parkme+0x82/0x180 [ 17.934641] ? preempt_count_sub+0x50/0x80 [ 17.934683] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.934713] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.934742] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.935019] kthread+0x337/0x6f0 [ 17.935058] ? trace_preempt_on+0x20/0xc0 [ 17.935090] ? __pfx_kthread+0x10/0x10 [ 17.935117] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.935145] ? calculate_sigpending+0x7b/0xa0 [ 17.935176] ? __pfx_kthread+0x10/0x10 [ 17.935203] ret_from_fork+0x116/0x1d0 [ 17.935228] ? __pfx_kthread+0x10/0x10 [ 17.935254] ret_from_fork_asm+0x1a/0x30 [ 17.935293] </TASK> [ 17.935309] [ 17.947740] Allocated by task 283: [ 17.948271] kasan_save_stack+0x45/0x70 [ 17.948526] kasan_save_track+0x18/0x40 [ 17.948740] kasan_save_alloc_info+0x3b/0x50 [ 17.949243] __kasan_kmalloc+0xb7/0xc0 [ 17.949467] __kmalloc_cache_noprof+0x189/0x420 [ 17.949701] kasan_atomics+0x95/0x310 [ 17.949935] kunit_try_run_case+0x1a5/0x480 [ 17.950411] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.950814] kthread+0x337/0x6f0 [ 17.951024] ret_from_fork+0x116/0x1d0 [ 17.951258] ret_from_fork_asm+0x1a/0x30 [ 17.951491] [ 17.951611] The buggy address belongs to the object at ffff888103349180 [ 17.951611] which belongs to the cache kmalloc-64 of size 64 [ 17.953056] The buggy address is located 0 bytes to the right of [ 17.953056] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 17.953882] [ 17.954229] The buggy address belongs to the physical page: [ 17.954946] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 17.955558] flags: 0x200000000000000(node=0|zone=2) [ 17.955800] page_type: f5(slab) [ 17.956177] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.957024] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.957814] page dumped because: kasan: bad access detected [ 17.958271] [ 17.958359] Memory state around the buggy address: [ 17.958556] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.958939] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.959665] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.960569] ^ [ 17.961207] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.962015] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.962751] ================================================================== [ 17.851695] ================================================================== [ 17.852037] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 17.852793] Write of size 8 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 17.853511] [ 17.853731] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.853789] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.853806] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.853855] Call Trace: [ 17.853877] <TASK> [ 17.853898] dump_stack_lvl+0x73/0xb0 [ 17.853934] print_report+0xd1/0x650 [ 17.853961] ? __virt_addr_valid+0x1db/0x2d0 [ 17.853990] ? kasan_atomics_helper+0x1ce1/0x5450 [ 17.854016] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.854043] ? kasan_atomics_helper+0x1ce1/0x5450 [ 17.854070] kasan_report+0x141/0x180 [ 17.854097] ? kasan_atomics_helper+0x1ce1/0x5450 [ 17.854128] kasan_check_range+0x10c/0x1c0 [ 17.854158] __kasan_check_write+0x18/0x20 [ 17.854182] kasan_atomics_helper+0x1ce1/0x5450 [ 17.854210] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.854237] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.854267] ? kasan_atomics+0x152/0x310 [ 17.854300] kasan_atomics+0x1dc/0x310 [ 17.854328] ? __pfx_kasan_atomics+0x10/0x10 [ 17.854359] ? __pfx_read_tsc+0x10/0x10 [ 17.854386] ? ktime_get_ts64+0x86/0x230 [ 17.854416] kunit_try_run_case+0x1a5/0x480 [ 17.854456] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.854486] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.854517] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.854546] ? __kthread_parkme+0x82/0x180 [ 17.854571] ? preempt_count_sub+0x50/0x80 [ 17.854600] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.854630] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.854673] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.854703] kthread+0x337/0x6f0 [ 17.854727] ? trace_preempt_on+0x20/0xc0 [ 17.854755] ? __pfx_kthread+0x10/0x10 [ 17.854792] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.854819] ? calculate_sigpending+0x7b/0xa0 [ 17.854847] ? __pfx_kthread+0x10/0x10 [ 17.854874] ret_from_fork+0x116/0x1d0 [ 17.854897] ? __pfx_kthread+0x10/0x10 [ 17.854922] ret_from_fork_asm+0x1a/0x30 [ 17.854959] </TASK> [ 17.854973] [ 17.864939] Allocated by task 283: [ 17.865112] kasan_save_stack+0x45/0x70 [ 17.865294] kasan_save_track+0x18/0x40 [ 17.865515] kasan_save_alloc_info+0x3b/0x50 [ 17.865783] __kasan_kmalloc+0xb7/0xc0 [ 17.866016] __kmalloc_cache_noprof+0x189/0x420 [ 17.866487] kasan_atomics+0x95/0x310 [ 17.866689] kunit_try_run_case+0x1a5/0x480 [ 17.866868] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.867180] kthread+0x337/0x6f0 [ 17.867392] ret_from_fork+0x116/0x1d0 [ 17.867611] ret_from_fork_asm+0x1a/0x30 [ 17.867852] [ 17.867969] The buggy address belongs to the object at ffff888103349180 [ 17.867969] which belongs to the cache kmalloc-64 of size 64 [ 17.868538] The buggy address is located 0 bytes to the right of [ 17.868538] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 17.869249] [ 17.869370] The buggy address belongs to the physical page: [ 17.869661] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 17.870054] flags: 0x200000000000000(node=0|zone=2) [ 17.870323] page_type: f5(slab) [ 17.870519] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.870904] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.874716] page dumped because: kasan: bad access detected [ 17.874960] [ 17.875059] Memory state around the buggy address: [ 17.875253] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.875561] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.877249] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.877537] ^ [ 17.877745] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.879953] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.880234] ================================================================== [ 17.824078] ================================================================== [ 17.824562] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 17.825055] Read of size 8 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 17.825379] [ 17.825521] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.825581] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.825598] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.825627] Call Trace: [ 17.825667] <TASK> [ 17.825693] dump_stack_lvl+0x73/0xb0 [ 17.825732] print_report+0xd1/0x650 [ 17.825761] ? __virt_addr_valid+0x1db/0x2d0 [ 17.825791] ? kasan_atomics_helper+0x4f30/0x5450 [ 17.825817] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.825845] ? kasan_atomics_helper+0x4f30/0x5450 [ 17.825872] kasan_report+0x141/0x180 [ 17.825900] ? kasan_atomics_helper+0x4f30/0x5450 [ 17.825934] __asan_report_load8_noabort+0x18/0x20 [ 17.825965] kasan_atomics_helper+0x4f30/0x5450 [ 17.825994] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.826022] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.826054] ? kasan_atomics+0x152/0x310 [ 17.826088] kasan_atomics+0x1dc/0x310 [ 17.826117] ? __pfx_kasan_atomics+0x10/0x10 [ 17.826149] ? __pfx_read_tsc+0x10/0x10 [ 17.826180] ? ktime_get_ts64+0x86/0x230 [ 17.826212] kunit_try_run_case+0x1a5/0x480 [ 17.826244] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.826272] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.826302] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.826331] ? __kthread_parkme+0x82/0x180 [ 17.826357] ? preempt_count_sub+0x50/0x80 [ 17.826388] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.826423] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.826453] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.826481] kthread+0x337/0x6f0 [ 17.826505] ? trace_preempt_on+0x20/0xc0 [ 17.826535] ? __pfx_kthread+0x10/0x10 [ 17.826560] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.826586] ? calculate_sigpending+0x7b/0xa0 [ 17.826617] ? __pfx_kthread+0x10/0x10 [ 17.826654] ret_from_fork+0x116/0x1d0 [ 17.826677] ? __pfx_kthread+0x10/0x10 [ 17.826702] ret_from_fork_asm+0x1a/0x30 [ 17.826741] </TASK> [ 17.826757] [ 17.838196] Allocated by task 283: [ 17.838478] kasan_save_stack+0x45/0x70 [ 17.838931] kasan_save_track+0x18/0x40 [ 17.839294] kasan_save_alloc_info+0x3b/0x50 [ 17.839539] __kasan_kmalloc+0xb7/0xc0 [ 17.839757] __kmalloc_cache_noprof+0x189/0x420 [ 17.840294] kasan_atomics+0x95/0x310 [ 17.840707] kunit_try_run_case+0x1a5/0x480 [ 17.841308] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.841735] kthread+0x337/0x6f0 [ 17.842081] ret_from_fork+0x116/0x1d0 [ 17.842309] ret_from_fork_asm+0x1a/0x30 [ 17.842539] [ 17.842667] The buggy address belongs to the object at ffff888103349180 [ 17.842667] which belongs to the cache kmalloc-64 of size 64 [ 17.843282] The buggy address is located 0 bytes to the right of [ 17.843282] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 17.843914] [ 17.844071] The buggy address belongs to the physical page: [ 17.844363] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 17.844669] flags: 0x200000000000000(node=0|zone=2) [ 17.845199] page_type: f5(slab) [ 17.845409] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.845829] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.846274] page dumped because: kasan: bad access detected [ 17.846589] [ 17.846691] Memory state around the buggy address: [ 17.847131] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.847623] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.848531] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.848916] ^ [ 17.849347] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.849839] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.850442] ================================================================== [ 16.678347] ================================================================== [ 16.678728] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 16.679630] Write of size 4 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 16.680157] [ 16.680274] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.680329] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.680347] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.680375] Call Trace: [ 16.680398] <TASK> [ 16.680422] dump_stack_lvl+0x73/0xb0 [ 16.680458] print_report+0xd1/0x650 [ 16.680487] ? __virt_addr_valid+0x1db/0x2d0 [ 16.680517] ? kasan_atomics_helper+0x697/0x5450 [ 16.680544] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.680571] ? kasan_atomics_helper+0x697/0x5450 [ 16.680599] kasan_report+0x141/0x180 [ 16.680627] ? kasan_atomics_helper+0x697/0x5450 [ 16.680674] kasan_check_range+0x10c/0x1c0 [ 16.680704] __kasan_check_write+0x18/0x20 [ 16.680729] kasan_atomics_helper+0x697/0x5450 [ 16.680758] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.680786] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.680864] ? kasan_atomics+0x152/0x310 [ 16.680899] kasan_atomics+0x1dc/0x310 [ 16.680928] ? __pfx_kasan_atomics+0x10/0x10 [ 16.680959] ? __pfx_read_tsc+0x10/0x10 [ 16.680986] ? ktime_get_ts64+0x86/0x230 [ 16.681017] kunit_try_run_case+0x1a5/0x480 [ 16.681049] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.681077] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.681107] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.681136] ? __kthread_parkme+0x82/0x180 [ 16.681161] ? preempt_count_sub+0x50/0x80 [ 16.681191] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.681221] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.681250] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.681279] kthread+0x337/0x6f0 [ 16.681304] ? trace_preempt_on+0x20/0xc0 [ 16.681334] ? __pfx_kthread+0x10/0x10 [ 16.681360] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.681386] ? calculate_sigpending+0x7b/0xa0 [ 16.681416] ? __pfx_kthread+0x10/0x10 [ 16.681443] ret_from_fork+0x116/0x1d0 [ 16.681467] ? __pfx_kthread+0x10/0x10 [ 16.681494] ret_from_fork_asm+0x1a/0x30 [ 16.681531] </TASK> [ 16.681545] [ 16.691429] Allocated by task 283: [ 16.691601] kasan_save_stack+0x45/0x70 [ 16.692113] kasan_save_track+0x18/0x40 [ 16.692355] kasan_save_alloc_info+0x3b/0x50 [ 16.692614] __kasan_kmalloc+0xb7/0xc0 [ 16.693128] __kmalloc_cache_noprof+0x189/0x420 [ 16.693361] kasan_atomics+0x95/0x310 [ 16.693567] kunit_try_run_case+0x1a5/0x480 [ 16.693761] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.693975] kthread+0x337/0x6f0 [ 16.694123] ret_from_fork+0x116/0x1d0 [ 16.694284] ret_from_fork_asm+0x1a/0x30 [ 16.694626] [ 16.694761] The buggy address belongs to the object at ffff888103349180 [ 16.694761] which belongs to the cache kmalloc-64 of size 64 [ 16.695413] The buggy address is located 0 bytes to the right of [ 16.695413] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 16.696070] [ 16.696161] The buggy address belongs to the physical page: [ 16.696371] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 16.697116] flags: 0x200000000000000(node=0|zone=2) [ 16.697414] page_type: f5(slab) [ 16.697625] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.698065] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.698437] page dumped because: kasan: bad access detected [ 16.698660] [ 16.698782] Memory state around the buggy address: [ 16.699057] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.699453] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.699860] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.700165] ^ [ 16.700352] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.700612] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.701661] ================================================================== [ 17.112951] ================================================================== [ 17.113538] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 17.114195] Write of size 4 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 17.114741] [ 17.114930] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.114990] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.115007] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.115038] Call Trace: [ 17.115056] <TASK> [ 17.115078] dump_stack_lvl+0x73/0xb0 [ 17.115129] print_report+0xd1/0x650 [ 17.115157] ? __virt_addr_valid+0x1db/0x2d0 [ 17.115200] ? kasan_atomics_helper+0xfa9/0x5450 [ 17.115226] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.115255] ? kasan_atomics_helper+0xfa9/0x5450 [ 17.115282] kasan_report+0x141/0x180 [ 17.115310] ? kasan_atomics_helper+0xfa9/0x5450 [ 17.115343] kasan_check_range+0x10c/0x1c0 [ 17.115373] __kasan_check_write+0x18/0x20 [ 17.115397] kasan_atomics_helper+0xfa9/0x5450 [ 17.115436] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.115464] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.115508] ? kasan_atomics+0x152/0x310 [ 17.115542] kasan_atomics+0x1dc/0x310 [ 17.115571] ? __pfx_kasan_atomics+0x10/0x10 [ 17.115601] ? __pfx_read_tsc+0x10/0x10 [ 17.115628] ? ktime_get_ts64+0x86/0x230 [ 17.115670] kunit_try_run_case+0x1a5/0x480 [ 17.115700] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.115728] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.115757] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.115812] ? __kthread_parkme+0x82/0x180 [ 17.115839] ? preempt_count_sub+0x50/0x80 [ 17.115881] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.115910] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.115939] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.115967] kthread+0x337/0x6f0 [ 17.116003] ? trace_preempt_on+0x20/0xc0 [ 17.116034] ? __pfx_kthread+0x10/0x10 [ 17.116061] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.116101] ? calculate_sigpending+0x7b/0xa0 [ 17.116131] ? __pfx_kthread+0x10/0x10 [ 17.116159] ret_from_fork+0x116/0x1d0 [ 17.116182] ? __pfx_kthread+0x10/0x10 [ 17.116208] ret_from_fork_asm+0x1a/0x30 [ 17.116247] </TASK> [ 17.116261] [ 17.125773] Allocated by task 283: [ 17.126006] kasan_save_stack+0x45/0x70 [ 17.126290] kasan_save_track+0x18/0x40 [ 17.126501] kasan_save_alloc_info+0x3b/0x50 [ 17.126696] __kasan_kmalloc+0xb7/0xc0 [ 17.126858] __kmalloc_cache_noprof+0x189/0x420 [ 17.127177] kasan_atomics+0x95/0x310 [ 17.127410] kunit_try_run_case+0x1a5/0x480 [ 17.127699] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.128020] kthread+0x337/0x6f0 [ 17.128277] ret_from_fork+0x116/0x1d0 [ 17.128558] ret_from_fork_asm+0x1a/0x30 [ 17.128777] [ 17.128866] The buggy address belongs to the object at ffff888103349180 [ 17.128866] which belongs to the cache kmalloc-64 of size 64 [ 17.129321] The buggy address is located 0 bytes to the right of [ 17.129321] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 17.130063] [ 17.130200] The buggy address belongs to the physical page: [ 17.130585] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 17.130889] flags: 0x200000000000000(node=0|zone=2) [ 17.131091] page_type: f5(slab) [ 17.131240] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.131678] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.132127] page dumped because: kasan: bad access detected [ 17.132473] [ 17.132618] Memory state around the buggy address: [ 17.132958] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.133305] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.133601] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.134295] ^ [ 17.134573] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.134985] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.135243] ================================================================== [ 17.484590] ================================================================== [ 17.484899] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 17.485591] Write of size 8 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 17.486017] [ 17.486156] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.486215] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.486232] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.486259] Call Trace: [ 17.486283] <TASK> [ 17.486307] dump_stack_lvl+0x73/0xb0 [ 17.486343] print_report+0xd1/0x650 [ 17.486372] ? __virt_addr_valid+0x1db/0x2d0 [ 17.486403] ? kasan_atomics_helper+0x151d/0x5450 [ 17.486433] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.486461] ? kasan_atomics_helper+0x151d/0x5450 [ 17.486491] kasan_report+0x141/0x180 [ 17.486520] ? kasan_atomics_helper+0x151d/0x5450 [ 17.486552] kasan_check_range+0x10c/0x1c0 [ 17.486581] __kasan_check_write+0x18/0x20 [ 17.486606] kasan_atomics_helper+0x151d/0x5450 [ 17.486633] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.486674] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.486706] ? kasan_atomics+0x152/0x310 [ 17.486740] kasan_atomics+0x1dc/0x310 [ 17.486781] ? __pfx_kasan_atomics+0x10/0x10 [ 17.486811] ? __pfx_read_tsc+0x10/0x10 [ 17.486837] ? ktime_get_ts64+0x86/0x230 [ 17.486867] kunit_try_run_case+0x1a5/0x480 [ 17.486897] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.486924] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.486954] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.486982] ? __kthread_parkme+0x82/0x180 [ 17.487008] ? preempt_count_sub+0x50/0x80 [ 17.487037] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.487066] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.487094] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.487123] kthread+0x337/0x6f0 [ 17.487146] ? trace_preempt_on+0x20/0xc0 [ 17.487175] ? __pfx_kthread+0x10/0x10 [ 17.487201] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.487227] ? calculate_sigpending+0x7b/0xa0 [ 17.487256] ? __pfx_kthread+0x10/0x10 [ 17.487283] ret_from_fork+0x116/0x1d0 [ 17.487305] ? __pfx_kthread+0x10/0x10 [ 17.487331] ret_from_fork_asm+0x1a/0x30 [ 17.487368] </TASK> [ 17.487382] [ 17.496013] Allocated by task 283: [ 17.496239] kasan_save_stack+0x45/0x70 [ 17.496482] kasan_save_track+0x18/0x40 [ 17.496702] kasan_save_alloc_info+0x3b/0x50 [ 17.497101] __kasan_kmalloc+0xb7/0xc0 [ 17.497336] __kmalloc_cache_noprof+0x189/0x420 [ 17.497592] kasan_atomics+0x95/0x310 [ 17.497769] kunit_try_run_case+0x1a5/0x480 [ 17.497949] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.498513] kthread+0x337/0x6f0 [ 17.498766] ret_from_fork+0x116/0x1d0 [ 17.499029] ret_from_fork_asm+0x1a/0x30 [ 17.499353] [ 17.499500] The buggy address belongs to the object at ffff888103349180 [ 17.499500] which belongs to the cache kmalloc-64 of size 64 [ 17.500061] The buggy address is located 0 bytes to the right of [ 17.500061] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 17.500770] [ 17.500883] The buggy address belongs to the physical page: [ 17.501196] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 17.501602] flags: 0x200000000000000(node=0|zone=2) [ 17.501914] page_type: f5(slab) [ 17.502110] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.502519] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.502969] page dumped because: kasan: bad access detected [ 17.503230] [ 17.503347] Memory state around the buggy address: [ 17.503582] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.503981] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.504379] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.504795] ^ [ 17.505026] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.505353] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.505612] ================================================================== [ 17.233152] ================================================================== [ 17.233700] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 17.234177] Read of size 4 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 17.234589] [ 17.234714] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.234775] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.234804] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.234835] Call Trace: [ 17.234862] <TASK> [ 17.234887] dump_stack_lvl+0x73/0xb0 [ 17.234965] print_report+0xd1/0x650 [ 17.234994] ? __virt_addr_valid+0x1db/0x2d0 [ 17.235059] ? kasan_atomics_helper+0x4a02/0x5450 [ 17.235117] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.235147] ? kasan_atomics_helper+0x4a02/0x5450 [ 17.235175] kasan_report+0x141/0x180 [ 17.235217] ? kasan_atomics_helper+0x4a02/0x5450 [ 17.235250] __asan_report_load4_noabort+0x18/0x20 [ 17.235280] kasan_atomics_helper+0x4a02/0x5450 [ 17.235309] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.235339] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.235401] ? kasan_atomics+0x152/0x310 [ 17.235436] kasan_atomics+0x1dc/0x310 [ 17.235465] ? __pfx_kasan_atomics+0x10/0x10 [ 17.235508] ? __pfx_read_tsc+0x10/0x10 [ 17.235567] ? ktime_get_ts64+0x86/0x230 [ 17.235596] kunit_try_run_case+0x1a5/0x480 [ 17.235640] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.235679] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.235709] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.235737] ? __kthread_parkme+0x82/0x180 [ 17.235762] ? preempt_count_sub+0x50/0x80 [ 17.235838] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.235869] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.235932] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.235961] kthread+0x337/0x6f0 [ 17.236000] ? trace_preempt_on+0x20/0xc0 [ 17.236030] ? __pfx_kthread+0x10/0x10 [ 17.236057] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.236083] ? calculate_sigpending+0x7b/0xa0 [ 17.236143] ? __pfx_kthread+0x10/0x10 [ 17.236171] ret_from_fork+0x116/0x1d0 [ 17.236194] ? __pfx_kthread+0x10/0x10 [ 17.236232] ret_from_fork_asm+0x1a/0x30 [ 17.236270] </TASK> [ 17.236285] [ 17.246157] Allocated by task 283: [ 17.246384] kasan_save_stack+0x45/0x70 [ 17.246668] kasan_save_track+0x18/0x40 [ 17.246998] kasan_save_alloc_info+0x3b/0x50 [ 17.247277] __kasan_kmalloc+0xb7/0xc0 [ 17.247506] __kmalloc_cache_noprof+0x189/0x420 [ 17.247712] kasan_atomics+0x95/0x310 [ 17.248150] kunit_try_run_case+0x1a5/0x480 [ 17.248405] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.248752] kthread+0x337/0x6f0 [ 17.248986] ret_from_fork+0x116/0x1d0 [ 17.249240] ret_from_fork_asm+0x1a/0x30 [ 17.249462] [ 17.249568] The buggy address belongs to the object at ffff888103349180 [ 17.249568] which belongs to the cache kmalloc-64 of size 64 [ 17.250312] The buggy address is located 0 bytes to the right of [ 17.250312] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 17.251017] [ 17.251111] The buggy address belongs to the physical page: [ 17.251462] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 17.251926] flags: 0x200000000000000(node=0|zone=2) [ 17.252298] page_type: f5(slab) [ 17.252525] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.253032] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.253449] page dumped because: kasan: bad access detected [ 17.253771] [ 17.253972] Memory state around the buggy address: [ 17.254255] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.254665] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.255183] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.255558] ^ [ 17.255953] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.256422] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.256964] ================================================================== [ 18.144695] ================================================================== [ 18.145853] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 18.146632] Read of size 8 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 18.147484] [ 18.147748] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 18.147835] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.147853] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.147882] Call Trace: [ 18.147911] <TASK> [ 18.147939] dump_stack_lvl+0x73/0xb0 [ 18.147977] print_report+0xd1/0x650 [ 18.148008] ? __virt_addr_valid+0x1db/0x2d0 [ 18.148039] ? kasan_atomics_helper+0x4fa5/0x5450 [ 18.148067] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.148095] ? kasan_atomics_helper+0x4fa5/0x5450 [ 18.148122] kasan_report+0x141/0x180 [ 18.148151] ? kasan_atomics_helper+0x4fa5/0x5450 [ 18.148184] __asan_report_load8_noabort+0x18/0x20 [ 18.148215] kasan_atomics_helper+0x4fa5/0x5450 [ 18.148276] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.148305] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.148338] ? kasan_atomics+0x152/0x310 [ 18.148373] kasan_atomics+0x1dc/0x310 [ 18.148402] ? __pfx_kasan_atomics+0x10/0x10 [ 18.148446] ? __pfx_read_tsc+0x10/0x10 [ 18.148474] ? ktime_get_ts64+0x86/0x230 [ 18.148518] kunit_try_run_case+0x1a5/0x480 [ 18.148550] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.148579] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.148610] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.148639] ? __kthread_parkme+0x82/0x180 [ 18.148684] ? preempt_count_sub+0x50/0x80 [ 18.148715] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.148804] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.148834] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.148878] kthread+0x337/0x6f0 [ 18.148903] ? trace_preempt_on+0x20/0xc0 [ 18.148956] ? __pfx_kthread+0x10/0x10 [ 18.148993] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.149021] ? calculate_sigpending+0x7b/0xa0 [ 18.149065] ? __pfx_kthread+0x10/0x10 [ 18.149093] ret_from_fork+0x116/0x1d0 [ 18.149138] ? __pfx_kthread+0x10/0x10 [ 18.149176] ret_from_fork_asm+0x1a/0x30 [ 18.149216] </TASK> [ 18.149247] [ 18.164000] Allocated by task 283: [ 18.164429] kasan_save_stack+0x45/0x70 [ 18.164900] kasan_save_track+0x18/0x40 [ 18.165376] kasan_save_alloc_info+0x3b/0x50 [ 18.165902] __kasan_kmalloc+0xb7/0xc0 [ 18.166337] __kmalloc_cache_noprof+0x189/0x420 [ 18.166888] kasan_atomics+0x95/0x310 [ 18.167317] kunit_try_run_case+0x1a5/0x480 [ 18.167814] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.168394] kthread+0x337/0x6f0 [ 18.168669] ret_from_fork+0x116/0x1d0 [ 18.169099] ret_from_fork_asm+0x1a/0x30 [ 18.169280] [ 18.169373] The buggy address belongs to the object at ffff888103349180 [ 18.169373] which belongs to the cache kmalloc-64 of size 64 [ 18.170169] The buggy address is located 0 bytes to the right of [ 18.170169] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 18.171162] [ 18.171361] The buggy address belongs to the physical page: [ 18.171732] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 18.172378] flags: 0x200000000000000(node=0|zone=2) [ 18.172588] page_type: f5(slab) [ 18.172954] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.173778] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.174565] page dumped because: kasan: bad access detected [ 18.175005] [ 18.175098] Memory state around the buggy address: [ 18.175292] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.175557] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.176240] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.177009] ^ [ 18.177521] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.178306] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.179100] ================================================================== [ 17.257929] ================================================================== [ 17.258814] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 17.259262] Write of size 4 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 17.259697] [ 17.259908] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.259980] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.259998] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.260027] Call Trace: [ 17.260084] <TASK> [ 17.260108] dump_stack_lvl+0x73/0xb0 [ 17.260161] print_report+0xd1/0x650 [ 17.260190] ? __virt_addr_valid+0x1db/0x2d0 [ 17.260252] ? kasan_atomics_helper+0x1217/0x5450 [ 17.260281] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.260309] ? kasan_atomics_helper+0x1217/0x5450 [ 17.260353] kasan_report+0x141/0x180 [ 17.260412] ? kasan_atomics_helper+0x1217/0x5450 [ 17.260446] kasan_check_range+0x10c/0x1c0 [ 17.260478] __kasan_check_write+0x18/0x20 [ 17.260516] kasan_atomics_helper+0x1217/0x5450 [ 17.260545] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.260602] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.260635] ? kasan_atomics+0x152/0x310 [ 17.260691] kasan_atomics+0x1dc/0x310 [ 17.260720] ? __pfx_kasan_atomics+0x10/0x10 [ 17.260751] ? __pfx_read_tsc+0x10/0x10 [ 17.260812] ? ktime_get_ts64+0x86/0x230 [ 17.260843] kunit_try_run_case+0x1a5/0x480 [ 17.260887] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.260915] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.260946] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.260978] ? __kthread_parkme+0x82/0x180 [ 17.261004] ? preempt_count_sub+0x50/0x80 [ 17.261067] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.261097] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.261140] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.261169] kthread+0x337/0x6f0 [ 17.261207] ? trace_preempt_on+0x20/0xc0 [ 17.261239] ? __pfx_kthread+0x10/0x10 [ 17.261265] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.261291] ? calculate_sigpending+0x7b/0xa0 [ 17.261321] ? __pfx_kthread+0x10/0x10 [ 17.261348] ret_from_fork+0x116/0x1d0 [ 17.261370] ? __pfx_kthread+0x10/0x10 [ 17.261398] ret_from_fork_asm+0x1a/0x30 [ 17.261435] </TASK> [ 17.261451] [ 17.271763] Allocated by task 283: [ 17.272024] kasan_save_stack+0x45/0x70 [ 17.272316] kasan_save_track+0x18/0x40 [ 17.272627] kasan_save_alloc_info+0x3b/0x50 [ 17.273191] __kasan_kmalloc+0xb7/0xc0 [ 17.273422] __kmalloc_cache_noprof+0x189/0x420 [ 17.273716] kasan_atomics+0x95/0x310 [ 17.274129] kunit_try_run_case+0x1a5/0x480 [ 17.274439] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.274672] kthread+0x337/0x6f0 [ 17.274821] ret_from_fork+0x116/0x1d0 [ 17.275192] ret_from_fork_asm+0x1a/0x30 [ 17.275521] [ 17.275744] The buggy address belongs to the object at ffff888103349180 [ 17.275744] which belongs to the cache kmalloc-64 of size 64 [ 17.276513] The buggy address is located 0 bytes to the right of [ 17.276513] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 17.277143] [ 17.277403] The buggy address belongs to the physical page: [ 17.277818] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 17.278288] flags: 0x200000000000000(node=0|zone=2) [ 17.278510] page_type: f5(slab) [ 17.278733] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.279216] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.279562] page dumped because: kasan: bad access detected [ 17.279985] [ 17.280114] Memory state around the buggy address: [ 17.280309] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.280760] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.281221] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.281634] ^ [ 17.281999] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.282436] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.282865] ================================================================== [ 16.621012] ================================================================== [ 16.621460] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 16.621859] Write of size 4 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 16.622269] [ 16.622425] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.622485] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.622504] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.622533] Call Trace: [ 16.622561] <TASK> [ 16.622585] dump_stack_lvl+0x73/0xb0 [ 16.622624] print_report+0xd1/0x650 [ 16.622669] ? __virt_addr_valid+0x1db/0x2d0 [ 16.622699] ? kasan_atomics_helper+0x565/0x5450 [ 16.622726] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.622755] ? kasan_atomics_helper+0x565/0x5450 [ 16.622782] kasan_report+0x141/0x180 [ 16.622812] ? kasan_atomics_helper+0x565/0x5450 [ 16.622845] kasan_check_range+0x10c/0x1c0 [ 16.622875] __kasan_check_write+0x18/0x20 [ 16.622899] kasan_atomics_helper+0x565/0x5450 [ 16.622927] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.622955] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.622990] ? kasan_atomics+0x152/0x310 [ 16.623024] kasan_atomics+0x1dc/0x310 [ 16.623053] ? __pfx_kasan_atomics+0x10/0x10 [ 16.623083] ? __pfx_read_tsc+0x10/0x10 [ 16.623110] ? ktime_get_ts64+0x86/0x230 [ 16.623141] kunit_try_run_case+0x1a5/0x480 [ 16.623172] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.623200] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.623230] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.623259] ? __kthread_parkme+0x82/0x180 [ 16.623285] ? preempt_count_sub+0x50/0x80 [ 16.623316] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.623346] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.623374] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.623403] kthread+0x337/0x6f0 [ 16.623428] ? trace_preempt_on+0x20/0xc0 [ 16.623458] ? __pfx_kthread+0x10/0x10 [ 16.623484] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.623510] ? calculate_sigpending+0x7b/0xa0 [ 16.623541] ? __pfx_kthread+0x10/0x10 [ 16.623568] ret_from_fork+0x116/0x1d0 [ 16.623592] ? __pfx_kthread+0x10/0x10 [ 16.623618] ret_from_fork_asm+0x1a/0x30 [ 16.623668] </TASK> [ 16.623683] [ 16.637342] Allocated by task 283: [ 16.637570] kasan_save_stack+0x45/0x70 [ 16.637773] kasan_save_track+0x18/0x40 [ 16.637941] kasan_save_alloc_info+0x3b/0x50 [ 16.638227] __kasan_kmalloc+0xb7/0xc0 [ 16.638619] __kmalloc_cache_noprof+0x189/0x420 [ 16.639302] kasan_atomics+0x95/0x310 [ 16.639975] kunit_try_run_case+0x1a5/0x480 [ 16.640224] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.640675] kthread+0x337/0x6f0 [ 16.641054] ret_from_fork+0x116/0x1d0 [ 16.641452] ret_from_fork_asm+0x1a/0x30 [ 16.641710] [ 16.642068] The buggy address belongs to the object at ffff888103349180 [ 16.642068] which belongs to the cache kmalloc-64 of size 64 [ 16.643705] The buggy address is located 0 bytes to the right of [ 16.643705] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 16.644676] [ 16.644790] The buggy address belongs to the physical page: [ 16.645479] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 16.646433] flags: 0x200000000000000(node=0|zone=2) [ 16.647125] page_type: f5(slab) [ 16.647547] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.648425] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.649409] page dumped because: kasan: bad access detected [ 16.649632] [ 16.649737] Memory state around the buggy address: [ 16.650025] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.650768] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.651588] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.652403] ^ [ 16.653007] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.654040] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.654310] ================================================================== [ 17.283701] ================================================================== [ 17.284439] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 17.285401] Read of size 4 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 17.285934] [ 17.286316] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.286380] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.286438] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.286467] Call Trace: [ 17.286492] <TASK> [ 17.286528] dump_stack_lvl+0x73/0xb0 [ 17.286568] print_report+0xd1/0x650 [ 17.286596] ? __virt_addr_valid+0x1db/0x2d0 [ 17.286627] ? kasan_atomics_helper+0x49e8/0x5450 [ 17.286665] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.286694] ? kasan_atomics_helper+0x49e8/0x5450 [ 17.286722] kasan_report+0x141/0x180 [ 17.286785] ? kasan_atomics_helper+0x49e8/0x5450 [ 17.286832] __asan_report_load4_noabort+0x18/0x20 [ 17.286877] kasan_atomics_helper+0x49e8/0x5450 [ 17.286907] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.286936] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.286969] ? kasan_atomics+0x152/0x310 [ 17.287023] kasan_atomics+0x1dc/0x310 [ 17.287068] ? __pfx_kasan_atomics+0x10/0x10 [ 17.287115] ? __pfx_read_tsc+0x10/0x10 [ 17.287143] ? ktime_get_ts64+0x86/0x230 [ 17.287174] kunit_try_run_case+0x1a5/0x480 [ 17.287222] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.287267] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.287308] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.287338] ? __kthread_parkme+0x82/0x180 [ 17.287365] ? preempt_count_sub+0x50/0x80 [ 17.287408] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.287439] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.287467] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.287496] kthread+0x337/0x6f0 [ 17.287522] ? trace_preempt_on+0x20/0xc0 [ 17.287552] ? __pfx_kthread+0x10/0x10 [ 17.287579] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.287605] ? calculate_sigpending+0x7b/0xa0 [ 17.287636] ? __pfx_kthread+0x10/0x10 [ 17.287673] ret_from_fork+0x116/0x1d0 [ 17.287697] ? __pfx_kthread+0x10/0x10 [ 17.287722] ret_from_fork_asm+0x1a/0x30 [ 17.287761] </TASK> [ 17.287786] [ 17.299493] Allocated by task 283: [ 17.300043] kasan_save_stack+0x45/0x70 [ 17.300304] kasan_save_track+0x18/0x40 [ 17.300525] kasan_save_alloc_info+0x3b/0x50 [ 17.300779] __kasan_kmalloc+0xb7/0xc0 [ 17.300993] __kmalloc_cache_noprof+0x189/0x420 [ 17.301241] kasan_atomics+0x95/0x310 [ 17.301458] kunit_try_run_case+0x1a5/0x480 [ 17.302132] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.302847] kthread+0x337/0x6f0 [ 17.303341] ret_from_fork+0x116/0x1d0 [ 17.303853] ret_from_fork_asm+0x1a/0x30 [ 17.304378] [ 17.304590] The buggy address belongs to the object at ffff888103349180 [ 17.304590] which belongs to the cache kmalloc-64 of size 64 [ 17.305401] The buggy address is located 0 bytes to the right of [ 17.305401] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 17.306736] [ 17.306963] The buggy address belongs to the physical page: [ 17.307661] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 17.308791] flags: 0x200000000000000(node=0|zone=2) [ 17.309291] page_type: f5(slab) [ 17.309750] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.310463] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.311360] page dumped because: kasan: bad access detected [ 17.312084] [ 17.312298] Memory state around the buggy address: [ 17.312823] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.313512] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.314090] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.314432] ^ [ 17.314695] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.315369] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.316201] ================================================================== [ 16.799310] ================================================================== [ 16.800095] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 16.800405] Write of size 4 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 16.800679] [ 16.801031] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.801091] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.801108] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.801138] Call Trace: [ 16.801164] <TASK> [ 16.801190] dump_stack_lvl+0x73/0xb0 [ 16.801227] print_report+0xd1/0x650 [ 16.801255] ? __virt_addr_valid+0x1db/0x2d0 [ 16.801284] ? kasan_atomics_helper+0x8f9/0x5450 [ 16.801310] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.801340] ? kasan_atomics_helper+0x8f9/0x5450 [ 16.801368] kasan_report+0x141/0x180 [ 16.801396] ? kasan_atomics_helper+0x8f9/0x5450 [ 16.801429] kasan_check_range+0x10c/0x1c0 [ 16.801459] __kasan_check_write+0x18/0x20 [ 16.801484] kasan_atomics_helper+0x8f9/0x5450 [ 16.801512] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.801584] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.801630] ? kasan_atomics+0x152/0x310 [ 16.801676] kasan_atomics+0x1dc/0x310 [ 16.801705] ? __pfx_kasan_atomics+0x10/0x10 [ 16.801739] ? __pfx_read_tsc+0x10/0x10 [ 16.801767] ? ktime_get_ts64+0x86/0x230 [ 16.801817] kunit_try_run_case+0x1a5/0x480 [ 16.801849] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.801877] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.801906] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.801936] ? __kthread_parkme+0x82/0x180 [ 16.801962] ? preempt_count_sub+0x50/0x80 [ 16.801992] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.802021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.802049] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.802079] kthread+0x337/0x6f0 [ 16.802104] ? trace_preempt_on+0x20/0xc0 [ 16.802134] ? __pfx_kthread+0x10/0x10 [ 16.802160] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.802187] ? calculate_sigpending+0x7b/0xa0 [ 16.802218] ? __pfx_kthread+0x10/0x10 [ 16.802244] ret_from_fork+0x116/0x1d0 [ 16.802268] ? __pfx_kthread+0x10/0x10 [ 16.802294] ret_from_fork_asm+0x1a/0x30 [ 16.802332] </TASK> [ 16.802348] [ 16.818474] Allocated by task 283: [ 16.818892] kasan_save_stack+0x45/0x70 [ 16.819359] kasan_save_track+0x18/0x40 [ 16.819784] kasan_save_alloc_info+0x3b/0x50 [ 16.820497] __kasan_kmalloc+0xb7/0xc0 [ 16.821143] __kmalloc_cache_noprof+0x189/0x420 [ 16.821621] kasan_atomics+0x95/0x310 [ 16.822085] kunit_try_run_case+0x1a5/0x480 [ 16.823068] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.823396] kthread+0x337/0x6f0 [ 16.823548] ret_from_fork+0x116/0x1d0 [ 16.823722] ret_from_fork_asm+0x1a/0x30 [ 16.824272] [ 16.824499] The buggy address belongs to the object at ffff888103349180 [ 16.824499] which belongs to the cache kmalloc-64 of size 64 [ 16.825980] The buggy address is located 0 bytes to the right of [ 16.825980] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 16.827568] [ 16.827830] The buggy address belongs to the physical page: [ 16.828194] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 16.828480] flags: 0x200000000000000(node=0|zone=2) [ 16.828692] page_type: f5(slab) [ 16.829040] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.830029] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.830989] page dumped because: kasan: bad access detected [ 16.831544] [ 16.831744] Memory state around the buggy address: [ 16.832316] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.833106] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.833952] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.834227] ^ [ 16.834757] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.835506] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.835952] ================================================================== [ 17.087518] ================================================================== [ 17.087837] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 17.088192] Write of size 4 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 17.088574] [ 17.088697] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.088754] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.088771] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.088800] Call Trace: [ 17.088825] <TASK> [ 17.088848] dump_stack_lvl+0x73/0xb0 [ 17.088884] print_report+0xd1/0x650 [ 17.088912] ? __virt_addr_valid+0x1db/0x2d0 [ 17.088940] ? kasan_atomics_helper+0xf10/0x5450 [ 17.088966] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.088994] ? kasan_atomics_helper+0xf10/0x5450 [ 17.089020] kasan_report+0x141/0x180 [ 17.089048] ? kasan_atomics_helper+0xf10/0x5450 [ 17.089079] kasan_check_range+0x10c/0x1c0 [ 17.089107] __kasan_check_write+0x18/0x20 [ 17.089131] kasan_atomics_helper+0xf10/0x5450 [ 17.089158] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.089185] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.089217] ? kasan_atomics+0x152/0x310 [ 17.089249] kasan_atomics+0x1dc/0x310 [ 17.089277] ? __pfx_kasan_atomics+0x10/0x10 [ 17.089306] ? __pfx_read_tsc+0x10/0x10 [ 17.089333] ? ktime_get_ts64+0x86/0x230 [ 17.089361] kunit_try_run_case+0x1a5/0x480 [ 17.089430] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.089459] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.089489] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.089516] ? __kthread_parkme+0x82/0x180 [ 17.089541] ? preempt_count_sub+0x50/0x80 [ 17.089570] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.089599] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.089627] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.089733] kthread+0x337/0x6f0 [ 17.089762] ? trace_preempt_on+0x20/0xc0 [ 17.089953] ? __pfx_kthread+0x10/0x10 [ 17.090005] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.090032] ? calculate_sigpending+0x7b/0xa0 [ 17.090078] ? __pfx_kthread+0x10/0x10 [ 17.090105] ret_from_fork+0x116/0x1d0 [ 17.090143] ? __pfx_kthread+0x10/0x10 [ 17.090169] ret_from_fork_asm+0x1a/0x30 [ 17.090221] </TASK> [ 17.090236] [ 17.101137] Allocated by task 283: [ 17.101402] kasan_save_stack+0x45/0x70 [ 17.101631] kasan_save_track+0x18/0x40 [ 17.101908] kasan_save_alloc_info+0x3b/0x50 [ 17.102210] __kasan_kmalloc+0xb7/0xc0 [ 17.102459] __kmalloc_cache_noprof+0x189/0x420 [ 17.102673] kasan_atomics+0x95/0x310 [ 17.102848] kunit_try_run_case+0x1a5/0x480 [ 17.103030] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.103308] kthread+0x337/0x6f0 [ 17.103572] ret_from_fork+0x116/0x1d0 [ 17.103902] ret_from_fork_asm+0x1a/0x30 [ 17.104155] [ 17.104273] The buggy address belongs to the object at ffff888103349180 [ 17.104273] which belongs to the cache kmalloc-64 of size 64 [ 17.105309] The buggy address is located 0 bytes to the right of [ 17.105309] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 17.105895] [ 17.105986] The buggy address belongs to the physical page: [ 17.106193] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 17.106663] flags: 0x200000000000000(node=0|zone=2) [ 17.107247] page_type: f5(slab) [ 17.107411] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.107918] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.108345] page dumped because: kasan: bad access detected [ 17.108655] [ 17.108749] Memory state around the buggy address: [ 17.109143] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.109410] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.110149] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.110593] ^ [ 17.111042] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.111468] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.111906] ================================================================== [ 16.376095] ================================================================== [ 16.376891] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 16.377382] Read of size 4 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 16.377747] [ 16.377956] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.378016] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.378032] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.378061] Call Trace: [ 16.378077] <TASK> [ 16.378100] dump_stack_lvl+0x73/0xb0 [ 16.378140] print_report+0xd1/0x650 [ 16.378167] ? __virt_addr_valid+0x1db/0x2d0 [ 16.378197] ? kasan_atomics_helper+0x4bbc/0x5450 [ 16.378223] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.378249] ? kasan_atomics_helper+0x4bbc/0x5450 [ 16.378275] kasan_report+0x141/0x180 [ 16.378301] ? kasan_atomics_helper+0x4bbc/0x5450 [ 16.378332] __asan_report_load4_noabort+0x18/0x20 [ 16.378362] kasan_atomics_helper+0x4bbc/0x5450 [ 16.378391] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.378417] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.378456] ? kasan_atomics+0x152/0x310 [ 16.378488] kasan_atomics+0x1dc/0x310 [ 16.378517] ? __pfx_kasan_atomics+0x10/0x10 [ 16.378546] ? __pfx_read_tsc+0x10/0x10 [ 16.378572] ? ktime_get_ts64+0x86/0x230 [ 16.378628] kunit_try_run_case+0x1a5/0x480 [ 16.378671] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.378697] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.378725] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.378753] ? __kthread_parkme+0x82/0x180 [ 16.378842] ? preempt_count_sub+0x50/0x80 [ 16.378877] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.378904] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.378932] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.378959] kthread+0x337/0x6f0 [ 16.378982] ? trace_preempt_on+0x20/0xc0 [ 16.379013] ? __pfx_kthread+0x10/0x10 [ 16.379036] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.379061] ? calculate_sigpending+0x7b/0xa0 [ 16.379090] ? __pfx_kthread+0x10/0x10 [ 16.379116] ret_from_fork+0x116/0x1d0 [ 16.379138] ? __pfx_kthread+0x10/0x10 [ 16.379163] ret_from_fork_asm+0x1a/0x30 [ 16.379204] </TASK> [ 16.379218] [ 16.390729] Allocated by task 283: [ 16.391194] kasan_save_stack+0x45/0x70 [ 16.391719] kasan_save_track+0x18/0x40 [ 16.392298] kasan_save_alloc_info+0x3b/0x50 [ 16.392913] __kasan_kmalloc+0xb7/0xc0 [ 16.393341] __kmalloc_cache_noprof+0x189/0x420 [ 16.393875] kasan_atomics+0x95/0x310 [ 16.394288] kunit_try_run_case+0x1a5/0x480 [ 16.394872] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.395454] kthread+0x337/0x6f0 [ 16.395843] ret_from_fork+0x116/0x1d0 [ 16.396394] ret_from_fork_asm+0x1a/0x30 [ 16.396830] [ 16.397073] The buggy address belongs to the object at ffff888103349180 [ 16.397073] which belongs to the cache kmalloc-64 of size 64 [ 16.398309] The buggy address is located 0 bytes to the right of [ 16.398309] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 16.399073] [ 16.399168] The buggy address belongs to the physical page: [ 16.399395] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 16.399737] flags: 0x200000000000000(node=0|zone=2) [ 16.400414] page_type: f5(slab) [ 16.400884] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.401634] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.402076] page dumped because: kasan: bad access detected [ 16.402706] [ 16.402965] Memory state around the buggy address: [ 16.403311] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.403800] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.404559] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.405207] ^ [ 16.405687] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.406247] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.407089] ================================================================== [ 16.555565] ================================================================== [ 16.556231] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 16.556803] Write of size 4 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 16.557267] [ 16.557389] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.557449] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.557467] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.557496] Call Trace: [ 16.557523] <TASK> [ 16.557549] dump_stack_lvl+0x73/0xb0 [ 16.557587] print_report+0xd1/0x650 [ 16.557616] ? __virt_addr_valid+0x1db/0x2d0 [ 16.557981] ? kasan_atomics_helper+0x4a0/0x5450 [ 16.558021] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.558050] ? kasan_atomics_helper+0x4a0/0x5450 [ 16.558078] kasan_report+0x141/0x180 [ 16.558107] ? kasan_atomics_helper+0x4a0/0x5450 [ 16.558140] kasan_check_range+0x10c/0x1c0 [ 16.558170] __kasan_check_write+0x18/0x20 [ 16.558194] kasan_atomics_helper+0x4a0/0x5450 [ 16.558223] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.558251] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.558283] ? kasan_atomics+0x152/0x310 [ 16.558317] kasan_atomics+0x1dc/0x310 [ 16.558346] ? __pfx_kasan_atomics+0x10/0x10 [ 16.558376] ? __pfx_read_tsc+0x10/0x10 [ 16.558403] ? ktime_get_ts64+0x86/0x230 [ 16.558440] kunit_try_run_case+0x1a5/0x480 [ 16.558472] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.558499] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.558530] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.558560] ? __kthread_parkme+0x82/0x180 [ 16.558587] ? preempt_count_sub+0x50/0x80 [ 16.558617] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.558672] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.558701] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.558730] kthread+0x337/0x6f0 [ 16.558756] ? trace_preempt_on+0x20/0xc0 [ 16.558822] ? __pfx_kthread+0x10/0x10 [ 16.558849] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.558878] ? calculate_sigpending+0x7b/0xa0 [ 16.558908] ? __pfx_kthread+0x10/0x10 [ 16.558935] ret_from_fork+0x116/0x1d0 [ 16.558959] ? __pfx_kthread+0x10/0x10 [ 16.558985] ret_from_fork_asm+0x1a/0x30 [ 16.559024] </TASK> [ 16.559039] [ 16.574642] Allocated by task 283: [ 16.575391] kasan_save_stack+0x45/0x70 [ 16.575992] kasan_save_track+0x18/0x40 [ 16.576285] kasan_save_alloc_info+0x3b/0x50 [ 16.576472] __kasan_kmalloc+0xb7/0xc0 [ 16.576636] __kmalloc_cache_noprof+0x189/0x420 [ 16.577099] kasan_atomics+0x95/0x310 [ 16.577528] kunit_try_run_case+0x1a5/0x480 [ 16.578108] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.578715] kthread+0x337/0x6f0 [ 16.579187] ret_from_fork+0x116/0x1d0 [ 16.579618] ret_from_fork_asm+0x1a/0x30 [ 16.580160] [ 16.580260] The buggy address belongs to the object at ffff888103349180 [ 16.580260] which belongs to the cache kmalloc-64 of size 64 [ 16.580789] The buggy address is located 0 bytes to the right of [ 16.580789] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 16.582235] [ 16.582443] The buggy address belongs to the physical page: [ 16.583124] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 16.583954] flags: 0x200000000000000(node=0|zone=2) [ 16.584157] page_type: f5(slab) [ 16.584305] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.584575] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.584867] page dumped because: kasan: bad access detected [ 16.585071] [ 16.585155] Memory state around the buggy address: [ 16.585340] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.585591] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.585949] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.586298] ^ [ 16.586503] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.586879] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.587218] ================================================================== [ 16.702340] ================================================================== [ 16.702728] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 16.703514] Write of size 4 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 16.704082] [ 16.704213] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.704271] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.704287] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.704315] Call Trace: [ 16.704342] <TASK> [ 16.704367] dump_stack_lvl+0x73/0xb0 [ 16.704402] print_report+0xd1/0x650 [ 16.704431] ? __virt_addr_valid+0x1db/0x2d0 [ 16.704462] ? kasan_atomics_helper+0x72f/0x5450 [ 16.704490] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.704517] ? kasan_atomics_helper+0x72f/0x5450 [ 16.704545] kasan_report+0x141/0x180 [ 16.704574] ? kasan_atomics_helper+0x72f/0x5450 [ 16.704606] kasan_check_range+0x10c/0x1c0 [ 16.704636] __kasan_check_write+0x18/0x20 [ 16.704675] kasan_atomics_helper+0x72f/0x5450 [ 16.704703] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.704732] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.704765] ? kasan_atomics+0x152/0x310 [ 16.704800] kasan_atomics+0x1dc/0x310 [ 16.704831] ? __pfx_kasan_atomics+0x10/0x10 [ 16.704879] ? __pfx_read_tsc+0x10/0x10 [ 16.704907] ? ktime_get_ts64+0x86/0x230 [ 16.704939] kunit_try_run_case+0x1a5/0x480 [ 16.704971] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.704999] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.705030] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.705059] ? __kthread_parkme+0x82/0x180 [ 16.705087] ? preempt_count_sub+0x50/0x80 [ 16.705118] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.705147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.705177] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.705206] kthread+0x337/0x6f0 [ 16.705232] ? trace_preempt_on+0x20/0xc0 [ 16.705262] ? __pfx_kthread+0x10/0x10 [ 16.705288] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.705315] ? calculate_sigpending+0x7b/0xa0 [ 16.705346] ? __pfx_kthread+0x10/0x10 [ 16.705373] ret_from_fork+0x116/0x1d0 [ 16.705398] ? __pfx_kthread+0x10/0x10 [ 16.705423] ret_from_fork_asm+0x1a/0x30 [ 16.705461] </TASK> [ 16.705475] [ 16.715278] Allocated by task 283: [ 16.715445] kasan_save_stack+0x45/0x70 [ 16.715624] kasan_save_track+0x18/0x40 [ 16.716029] kasan_save_alloc_info+0x3b/0x50 [ 16.716295] __kasan_kmalloc+0xb7/0xc0 [ 16.716527] __kmalloc_cache_noprof+0x189/0x420 [ 16.716810] kasan_atomics+0x95/0x310 [ 16.717045] kunit_try_run_case+0x1a5/0x480 [ 16.717508] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.718594] kthread+0x337/0x6f0 [ 16.718872] ret_from_fork+0x116/0x1d0 [ 16.719106] ret_from_fork_asm+0x1a/0x30 [ 16.719284] [ 16.719377] The buggy address belongs to the object at ffff888103349180 [ 16.719377] which belongs to the cache kmalloc-64 of size 64 [ 16.721432] The buggy address is located 0 bytes to the right of [ 16.721432] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 16.723402] [ 16.723873] The buggy address belongs to the physical page: [ 16.725048] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 16.726353] flags: 0x200000000000000(node=0|zone=2) [ 16.727168] page_type: f5(slab) [ 16.727615] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.728967] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.729256] page dumped because: kasan: bad access detected [ 16.729471] [ 16.729562] Memory state around the buggy address: [ 16.730164] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.731048] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.731900] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.732665] ^ [ 16.733275] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.733594] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.734592] ================================================================== [ 17.182099] ================================================================== [ 17.182475] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 17.182906] Read of size 4 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 17.183293] [ 17.183415] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.183471] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.183488] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.183517] Call Trace: [ 17.183539] <TASK> [ 17.183561] dump_stack_lvl+0x73/0xb0 [ 17.183596] print_report+0xd1/0x650 [ 17.183623] ? __virt_addr_valid+0x1db/0x2d0 [ 17.183923] ? kasan_atomics_helper+0x4a1c/0x5450 [ 17.183956] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.183984] ? kasan_atomics_helper+0x4a1c/0x5450 [ 17.184012] kasan_report+0x141/0x180 [ 17.184040] ? kasan_atomics_helper+0x4a1c/0x5450 [ 17.184074] __asan_report_load4_noabort+0x18/0x20 [ 17.184121] kasan_atomics_helper+0x4a1c/0x5450 [ 17.184149] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.184191] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.184223] ? kasan_atomics+0x152/0x310 [ 17.184257] kasan_atomics+0x1dc/0x310 [ 17.184296] ? __pfx_kasan_atomics+0x10/0x10 [ 17.184326] ? __pfx_read_tsc+0x10/0x10 [ 17.184352] ? ktime_get_ts64+0x86/0x230 [ 17.184394] kunit_try_run_case+0x1a5/0x480 [ 17.184424] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.184452] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.184492] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.184520] ? __kthread_parkme+0x82/0x180 [ 17.184545] ? preempt_count_sub+0x50/0x80 [ 17.184587] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.184615] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.184644] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.184692] kthread+0x337/0x6f0 [ 17.184718] ? trace_preempt_on+0x20/0xc0 [ 17.184747] ? __pfx_kthread+0x10/0x10 [ 17.184786] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.184830] ? calculate_sigpending+0x7b/0xa0 [ 17.184859] ? __pfx_kthread+0x10/0x10 [ 17.184886] ret_from_fork+0x116/0x1d0 [ 17.184908] ? __pfx_kthread+0x10/0x10 [ 17.184946] ret_from_fork_asm+0x1a/0x30 [ 17.184983] </TASK> [ 17.185010] [ 17.194432] Allocated by task 283: [ 17.194638] kasan_save_stack+0x45/0x70 [ 17.194939] kasan_save_track+0x18/0x40 [ 17.195150] kasan_save_alloc_info+0x3b/0x50 [ 17.195412] __kasan_kmalloc+0xb7/0xc0 [ 17.195676] __kmalloc_cache_noprof+0x189/0x420 [ 17.195995] kasan_atomics+0x95/0x310 [ 17.196253] kunit_try_run_case+0x1a5/0x480 [ 17.196468] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.196786] kthread+0x337/0x6f0 [ 17.197006] ret_from_fork+0x116/0x1d0 [ 17.197188] ret_from_fork_asm+0x1a/0x30 [ 17.197361] [ 17.197452] The buggy address belongs to the object at ffff888103349180 [ 17.197452] which belongs to the cache kmalloc-64 of size 64 [ 17.198010] The buggy address is located 0 bytes to the right of [ 17.198010] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 17.198708] [ 17.198883] The buggy address belongs to the physical page: [ 17.199145] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 17.199439] flags: 0x200000000000000(node=0|zone=2) [ 17.199703] page_type: f5(slab) [ 17.199945] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.200392] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.200750] page dumped because: kasan: bad access detected [ 17.201057] [ 17.201194] Memory state around the buggy address: [ 17.201452] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.201845] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.202241] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.202509] ^ [ 17.202859] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.203675] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.204675] ================================================================== [ 18.208048] ================================================================== [ 18.208436] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 18.208877] Read of size 8 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 18.209151] [ 18.209292] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 18.209361] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.209379] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.209407] Call Trace: [ 18.209444] <TASK> [ 18.209468] dump_stack_lvl+0x73/0xb0 [ 18.209507] print_report+0xd1/0x650 [ 18.209535] ? __virt_addr_valid+0x1db/0x2d0 [ 18.209564] ? kasan_atomics_helper+0x5115/0x5450 [ 18.209592] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.209622] ? kasan_atomics_helper+0x5115/0x5450 [ 18.209662] kasan_report+0x141/0x180 [ 18.209692] ? kasan_atomics_helper+0x5115/0x5450 [ 18.209724] __asan_report_load8_noabort+0x18/0x20 [ 18.209755] kasan_atomics_helper+0x5115/0x5450 [ 18.209798] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.209826] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.209870] ? kasan_atomics+0x152/0x310 [ 18.209904] kasan_atomics+0x1dc/0x310 [ 18.209947] ? __pfx_kasan_atomics+0x10/0x10 [ 18.209977] ? __pfx_read_tsc+0x10/0x10 [ 18.210004] ? ktime_get_ts64+0x86/0x230 [ 18.210035] kunit_try_run_case+0x1a5/0x480 [ 18.210066] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.210105] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.210135] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.210176] ? __kthread_parkme+0x82/0x180 [ 18.210203] ? preempt_count_sub+0x50/0x80 [ 18.210233] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.210263] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.210292] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.210332] kthread+0x337/0x6f0 [ 18.210357] ? trace_preempt_on+0x20/0xc0 [ 18.210399] ? __pfx_kthread+0x10/0x10 [ 18.210430] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.210457] ? calculate_sigpending+0x7b/0xa0 [ 18.210487] ? __pfx_kthread+0x10/0x10 [ 18.210515] ret_from_fork+0x116/0x1d0 [ 18.210539] ? __pfx_kthread+0x10/0x10 [ 18.210564] ret_from_fork_asm+0x1a/0x30 [ 18.210604] </TASK> [ 18.210618] [ 18.222178] Allocated by task 283: [ 18.222567] kasan_save_stack+0x45/0x70 [ 18.222966] kasan_save_track+0x18/0x40 [ 18.223138] kasan_save_alloc_info+0x3b/0x50 [ 18.223317] __kasan_kmalloc+0xb7/0xc0 [ 18.223477] __kmalloc_cache_noprof+0x189/0x420 [ 18.223679] kasan_atomics+0x95/0x310 [ 18.223972] kunit_try_run_case+0x1a5/0x480 [ 18.224243] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.224562] kthread+0x337/0x6f0 [ 18.224827] ret_from_fork+0x116/0x1d0 [ 18.225063] ret_from_fork_asm+0x1a/0x30 [ 18.225289] [ 18.225408] The buggy address belongs to the object at ffff888103349180 [ 18.225408] which belongs to the cache kmalloc-64 of size 64 [ 18.226198] The buggy address is located 0 bytes to the right of [ 18.226198] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 18.226878] [ 18.227104] The buggy address belongs to the physical page: [ 18.227433] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 18.227914] flags: 0x200000000000000(node=0|zone=2) [ 18.228247] page_type: f5(slab) [ 18.228450] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.228914] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.229289] page dumped because: kasan: bad access detected [ 18.229511] [ 18.229628] Memory state around the buggy address: [ 18.230036] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.230561] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.230881] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.231364] ^ [ 18.231728] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.232334] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.232641] ================================================================== [ 17.529425] ================================================================== [ 17.529777] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 17.530189] Write of size 8 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 17.530803] [ 17.531052] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.531110] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.531126] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.531154] Call Trace: [ 17.531176] <TASK> [ 17.531197] dump_stack_lvl+0x73/0xb0 [ 17.531231] print_report+0xd1/0x650 [ 17.531258] ? __virt_addr_valid+0x1db/0x2d0 [ 17.531287] ? kasan_atomics_helper+0x164f/0x5450 [ 17.531313] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.531342] ? kasan_atomics_helper+0x164f/0x5450 [ 17.531372] kasan_report+0x141/0x180 [ 17.531404] ? kasan_atomics_helper+0x164f/0x5450 [ 17.531437] kasan_check_range+0x10c/0x1c0 [ 17.531468] __kasan_check_write+0x18/0x20 [ 17.531492] kasan_atomics_helper+0x164f/0x5450 [ 17.531521] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.531550] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.531581] ? kasan_atomics+0x152/0x310 [ 17.531614] kasan_atomics+0x1dc/0x310 [ 17.531659] ? __pfx_kasan_atomics+0x10/0x10 [ 17.531689] ? __pfx_read_tsc+0x10/0x10 [ 17.531716] ? ktime_get_ts64+0x86/0x230 [ 17.531745] kunit_try_run_case+0x1a5/0x480 [ 17.531784] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.531812] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.531840] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.531869] ? __kthread_parkme+0x82/0x180 [ 17.531895] ? preempt_count_sub+0x50/0x80 [ 17.531924] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.531965] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.531993] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.532035] kthread+0x337/0x6f0 [ 17.532070] ? trace_preempt_on+0x20/0xc0 [ 17.532100] ? __pfx_kthread+0x10/0x10 [ 17.532139] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.532166] ? calculate_sigpending+0x7b/0xa0 [ 17.532195] ? __pfx_kthread+0x10/0x10 [ 17.532222] ret_from_fork+0x116/0x1d0 [ 17.532246] ? __pfx_kthread+0x10/0x10 [ 17.532272] ret_from_fork_asm+0x1a/0x30 [ 17.532311] </TASK> [ 17.532325] [ 17.541883] Allocated by task 283: [ 17.542050] kasan_save_stack+0x45/0x70 [ 17.542262] kasan_save_track+0x18/0x40 [ 17.542519] kasan_save_alloc_info+0x3b/0x50 [ 17.542780] __kasan_kmalloc+0xb7/0xc0 [ 17.543049] __kmalloc_cache_noprof+0x189/0x420 [ 17.543310] kasan_atomics+0x95/0x310 [ 17.543506] kunit_try_run_case+0x1a5/0x480 [ 17.543798] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.544080] kthread+0x337/0x6f0 [ 17.544289] ret_from_fork+0x116/0x1d0 [ 17.544503] ret_from_fork_asm+0x1a/0x30 [ 17.544756] [ 17.544886] The buggy address belongs to the object at ffff888103349180 [ 17.544886] which belongs to the cache kmalloc-64 of size 64 [ 17.545361] The buggy address is located 0 bytes to the right of [ 17.545361] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 17.546024] [ 17.546172] The buggy address belongs to the physical page: [ 17.546398] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 17.546799] flags: 0x200000000000000(node=0|zone=2) [ 17.547090] page_type: f5(slab) [ 17.547325] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.547732] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.548201] page dumped because: kasan: bad access detected [ 17.548530] [ 17.548634] Memory state around the buggy address: [ 17.549059] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.549424] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.549806] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.550174] ^ [ 17.550439] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.550859] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.551236] ================================================================== [ 16.589893] ================================================================== [ 16.590289] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 16.590679] Write of size 4 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 16.591281] [ 16.591403] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.591462] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.591480] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.591508] Call Trace: [ 16.591532] <TASK> [ 16.591557] dump_stack_lvl+0x73/0xb0 [ 16.591596] print_report+0xd1/0x650 [ 16.591625] ? __virt_addr_valid+0x1db/0x2d0 [ 16.591671] ? kasan_atomics_helper+0x4b3a/0x5450 [ 16.591698] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.591726] ? kasan_atomics_helper+0x4b3a/0x5450 [ 16.591753] kasan_report+0x141/0x180 [ 16.592004] ? kasan_atomics_helper+0x4b3a/0x5450 [ 16.592038] __asan_report_store4_noabort+0x1b/0x30 [ 16.592064] kasan_atomics_helper+0x4b3a/0x5450 [ 16.592093] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.592121] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.592154] ? kasan_atomics+0x152/0x310 [ 16.592189] kasan_atomics+0x1dc/0x310 [ 16.592218] ? __pfx_kasan_atomics+0x10/0x10 [ 16.592248] ? __pfx_read_tsc+0x10/0x10 [ 16.592276] ? ktime_get_ts64+0x86/0x230 [ 16.592307] kunit_try_run_case+0x1a5/0x480 [ 16.592338] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.592366] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.592396] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.592425] ? __kthread_parkme+0x82/0x180 [ 16.592452] ? preempt_count_sub+0x50/0x80 [ 16.592483] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.592513] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.592541] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.592569] kthread+0x337/0x6f0 [ 16.592594] ? trace_preempt_on+0x20/0xc0 [ 16.592623] ? __pfx_kthread+0x10/0x10 [ 16.592664] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.592690] ? calculate_sigpending+0x7b/0xa0 [ 16.592721] ? __pfx_kthread+0x10/0x10 [ 16.592747] ret_from_fork+0x116/0x1d0 [ 16.592867] ? __pfx_kthread+0x10/0x10 [ 16.592896] ret_from_fork_asm+0x1a/0x30 [ 16.592936] </TASK> [ 16.592951] [ 16.605587] Allocated by task 283: [ 16.606357] kasan_save_stack+0x45/0x70 [ 16.606584] kasan_save_track+0x18/0x40 [ 16.607068] kasan_save_alloc_info+0x3b/0x50 [ 16.607284] __kasan_kmalloc+0xb7/0xc0 [ 16.607679] __kmalloc_cache_noprof+0x189/0x420 [ 16.608341] kasan_atomics+0x95/0x310 [ 16.608580] kunit_try_run_case+0x1a5/0x480 [ 16.609070] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.609486] kthread+0x337/0x6f0 [ 16.609825] ret_from_fork+0x116/0x1d0 [ 16.610190] ret_from_fork_asm+0x1a/0x30 [ 16.610598] [ 16.610744] The buggy address belongs to the object at ffff888103349180 [ 16.610744] which belongs to the cache kmalloc-64 of size 64 [ 16.611732] The buggy address is located 0 bytes to the right of [ 16.611732] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 16.612760] [ 16.613147] The buggy address belongs to the physical page: [ 16.613528] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 16.614068] flags: 0x200000000000000(node=0|zone=2) [ 16.614484] page_type: f5(slab) [ 16.614644] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.615348] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.615848] page dumped because: kasan: bad access detected [ 16.616266] [ 16.616507] Memory state around the buggy address: [ 16.616777] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.617373] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.618012] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.618379] ^ [ 16.618778] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.619560] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.620172] ================================================================== [ 17.984839] ================================================================== [ 17.985499] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 17.985973] Read of size 8 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 17.986244] [ 17.986352] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.986408] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.986429] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.986475] Call Trace: [ 17.986499] <TASK> [ 17.986522] dump_stack_lvl+0x73/0xb0 [ 17.986558] print_report+0xd1/0x650 [ 17.986586] ? __virt_addr_valid+0x1db/0x2d0 [ 17.986615] ? kasan_atomics_helper+0x4f71/0x5450 [ 17.986642] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.986684] ? kasan_atomics_helper+0x4f71/0x5450 [ 17.986712] kasan_report+0x141/0x180 [ 17.986741] ? kasan_atomics_helper+0x4f71/0x5450 [ 17.986775] __asan_report_load8_noabort+0x18/0x20 [ 17.986807] kasan_atomics_helper+0x4f71/0x5450 [ 17.986836] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.986865] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.986897] ? kasan_atomics+0x152/0x310 [ 17.986932] kasan_atomics+0x1dc/0x310 [ 17.986960] ? __pfx_kasan_atomics+0x10/0x10 [ 17.986991] ? __pfx_read_tsc+0x10/0x10 [ 17.987019] ? ktime_get_ts64+0x86/0x230 [ 17.987049] kunit_try_run_case+0x1a5/0x480 [ 17.987081] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.987109] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.987139] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.987168] ? __kthread_parkme+0x82/0x180 [ 17.987194] ? preempt_count_sub+0x50/0x80 [ 17.987224] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.987254] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.987283] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.987313] kthread+0x337/0x6f0 [ 17.987338] ? trace_preempt_on+0x20/0xc0 [ 17.987368] ? __pfx_kthread+0x10/0x10 [ 17.987395] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.987422] ? calculate_sigpending+0x7b/0xa0 [ 17.987452] ? __pfx_kthread+0x10/0x10 [ 17.987480] ret_from_fork+0x116/0x1d0 [ 17.987504] ? __pfx_kthread+0x10/0x10 [ 17.987531] ret_from_fork_asm+0x1a/0x30 [ 17.987570] </TASK> [ 17.987585] [ 17.997180] Allocated by task 283: [ 17.997383] kasan_save_stack+0x45/0x70 [ 17.997655] kasan_save_track+0x18/0x40 [ 17.997960] kasan_save_alloc_info+0x3b/0x50 [ 17.998145] __kasan_kmalloc+0xb7/0xc0 [ 17.998309] __kmalloc_cache_noprof+0x189/0x420 [ 17.998505] kasan_atomics+0x95/0x310 [ 17.998685] kunit_try_run_case+0x1a5/0x480 [ 17.998989] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.999299] kthread+0x337/0x6f0 [ 17.999503] ret_from_fork+0x116/0x1d0 [ 17.999741] ret_from_fork_asm+0x1a/0x30 [ 17.999979] [ 18.000097] The buggy address belongs to the object at ffff888103349180 [ 18.000097] which belongs to the cache kmalloc-64 of size 64 [ 18.000564] The buggy address is located 0 bytes to the right of [ 18.000564] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 18.001613] [ 18.001747] The buggy address belongs to the physical page: [ 18.002018] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 18.002400] flags: 0x200000000000000(node=0|zone=2) [ 18.002681] page_type: f5(slab) [ 18.002878] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.003245] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.003602] page dumped because: kasan: bad access detected [ 18.003926] [ 18.004045] Memory state around the buggy address: [ 18.004292] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.004667] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.005046] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.005369] ^ [ 18.005638] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.006043] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.006329] ================================================================== [ 17.657770] ================================================================== [ 17.659463] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 17.660215] Write of size 8 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 17.660504] [ 17.660619] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.660695] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.660711] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.660740] Call Trace: [ 17.660766] <TASK> [ 17.660789] dump_stack_lvl+0x73/0xb0 [ 17.660937] print_report+0xd1/0x650 [ 17.660967] ? __virt_addr_valid+0x1db/0x2d0 [ 17.661045] ? kasan_atomics_helper+0x194a/0x5450 [ 17.661073] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.661158] ? kasan_atomics_helper+0x194a/0x5450 [ 17.661186] kasan_report+0x141/0x180 [ 17.661229] ? kasan_atomics_helper+0x194a/0x5450 [ 17.661262] kasan_check_range+0x10c/0x1c0 [ 17.661293] __kasan_check_write+0x18/0x20 [ 17.661318] kasan_atomics_helper+0x194a/0x5450 [ 17.661347] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.661375] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.661407] ? kasan_atomics+0x152/0x310 [ 17.661440] kasan_atomics+0x1dc/0x310 [ 17.661469] ? __pfx_kasan_atomics+0x10/0x10 [ 17.661499] ? __pfx_read_tsc+0x10/0x10 [ 17.661527] ? ktime_get_ts64+0x86/0x230 [ 17.661557] kunit_try_run_case+0x1a5/0x480 [ 17.661588] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.661615] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.661656] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.661684] ? __kthread_parkme+0x82/0x180 [ 17.661708] ? preempt_count_sub+0x50/0x80 [ 17.661739] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.661778] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.661806] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.661836] kthread+0x337/0x6f0 [ 17.661861] ? trace_preempt_on+0x20/0xc0 [ 17.661890] ? __pfx_kthread+0x10/0x10 [ 17.661916] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.661943] ? calculate_sigpending+0x7b/0xa0 [ 17.661973] ? __pfx_kthread+0x10/0x10 [ 17.661999] ret_from_fork+0x116/0x1d0 [ 17.662024] ? __pfx_kthread+0x10/0x10 [ 17.662049] ret_from_fork_asm+0x1a/0x30 [ 17.662087] </TASK> [ 17.662103] [ 17.677274] Allocated by task 283: [ 17.677787] kasan_save_stack+0x45/0x70 [ 17.678280] kasan_save_track+0x18/0x40 [ 17.678731] kasan_save_alloc_info+0x3b/0x50 [ 17.679232] __kasan_kmalloc+0xb7/0xc0 [ 17.679665] __kmalloc_cache_noprof+0x189/0x420 [ 17.679947] kasan_atomics+0x95/0x310 [ 17.680394] kunit_try_run_case+0x1a5/0x480 [ 17.680896] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.681568] kthread+0x337/0x6f0 [ 17.681731] ret_from_fork+0x116/0x1d0 [ 17.682178] ret_from_fork_asm+0x1a/0x30 [ 17.682633] [ 17.682867] The buggy address belongs to the object at ffff888103349180 [ 17.682867] which belongs to the cache kmalloc-64 of size 64 [ 17.683744] The buggy address is located 0 bytes to the right of [ 17.683744] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 17.684188] [ 17.684282] The buggy address belongs to the physical page: [ 17.684496] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 17.685113] flags: 0x200000000000000(node=0|zone=2) [ 17.685688] page_type: f5(slab) [ 17.686200] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.687112] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.687940] page dumped because: kasan: bad access detected [ 17.688755] [ 17.688983] Memory state around the buggy address: [ 17.689525] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.690516] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.691276] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.692050] ^ [ 17.692574] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.693169] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.693625] ================================================================== [ 16.948172] ================================================================== [ 16.948523] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 16.949158] Write of size 4 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 16.949563] [ 16.949696] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.949755] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.949772] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.949802] Call Trace: [ 16.949827] <TASK> [ 16.949853] dump_stack_lvl+0x73/0xb0 [ 16.949936] print_report+0xd1/0x650 [ 16.949965] ? __virt_addr_valid+0x1db/0x2d0 [ 16.950010] ? kasan_atomics_helper+0xc70/0x5450 [ 16.950037] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.950065] ? kasan_atomics_helper+0xc70/0x5450 [ 16.950092] kasan_report+0x141/0x180 [ 16.950213] ? kasan_atomics_helper+0xc70/0x5450 [ 16.950262] kasan_check_range+0x10c/0x1c0 [ 16.950292] __kasan_check_write+0x18/0x20 [ 16.950317] kasan_atomics_helper+0xc70/0x5450 [ 16.950345] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.950373] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.950408] ? kasan_atomics+0x152/0x310 [ 16.950448] kasan_atomics+0x1dc/0x310 [ 16.950477] ? __pfx_kasan_atomics+0x10/0x10 [ 16.950508] ? __pfx_read_tsc+0x10/0x10 [ 16.950537] ? ktime_get_ts64+0x86/0x230 [ 16.950567] kunit_try_run_case+0x1a5/0x480 [ 16.950635] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.950683] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.950748] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.950854] ? __kthread_parkme+0x82/0x180 [ 16.950886] ? preempt_count_sub+0x50/0x80 [ 16.950917] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.950947] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.950977] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.951007] kthread+0x337/0x6f0 [ 16.951032] ? trace_preempt_on+0x20/0xc0 [ 16.951063] ? __pfx_kthread+0x10/0x10 [ 16.951088] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.951114] ? calculate_sigpending+0x7b/0xa0 [ 16.951145] ? __pfx_kthread+0x10/0x10 [ 16.951171] ret_from_fork+0x116/0x1d0 [ 16.951195] ? __pfx_kthread+0x10/0x10 [ 16.951221] ret_from_fork_asm+0x1a/0x30 [ 16.951260] </TASK> [ 16.951275] [ 16.963173] Allocated by task 283: [ 16.963509] kasan_save_stack+0x45/0x70 [ 16.964153] kasan_save_track+0x18/0x40 [ 16.964363] kasan_save_alloc_info+0x3b/0x50 [ 16.964549] __kasan_kmalloc+0xb7/0xc0 [ 16.964892] __kmalloc_cache_noprof+0x189/0x420 [ 16.965191] kasan_atomics+0x95/0x310 [ 16.965389] kunit_try_run_case+0x1a5/0x480 [ 16.965639] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.966002] kthread+0x337/0x6f0 [ 16.966205] ret_from_fork+0x116/0x1d0 [ 16.966426] ret_from_fork_asm+0x1a/0x30 [ 16.966667] [ 16.966865] The buggy address belongs to the object at ffff888103349180 [ 16.966865] which belongs to the cache kmalloc-64 of size 64 [ 16.967492] The buggy address is located 0 bytes to the right of [ 16.967492] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 16.968005] [ 16.968132] The buggy address belongs to the physical page: [ 16.968508] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 16.968968] flags: 0x200000000000000(node=0|zone=2) [ 16.969349] page_type: f5(slab) [ 16.969535] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.969836] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.970320] page dumped because: kasan: bad access detected [ 16.970658] [ 16.970780] Memory state around the buggy address: [ 16.971514] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.971941] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.972357] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.972720] ^ [ 16.973100] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.973433] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.973867] ================================================================== [ 17.746156] ================================================================== [ 17.746588] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 17.747089] Write of size 8 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 17.747470] [ 17.747585] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.747641] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.747672] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.747702] Call Trace: [ 17.747727] <TASK> [ 17.747792] dump_stack_lvl+0x73/0xb0 [ 17.747829] print_report+0xd1/0x650 [ 17.747904] ? __virt_addr_valid+0x1db/0x2d0 [ 17.747934] ? kasan_atomics_helper+0x1b22/0x5450 [ 17.747976] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.748005] ? kasan_atomics_helper+0x1b22/0x5450 [ 17.748033] kasan_report+0x141/0x180 [ 17.748061] ? kasan_atomics_helper+0x1b22/0x5450 [ 17.748094] kasan_check_range+0x10c/0x1c0 [ 17.748141] __kasan_check_write+0x18/0x20 [ 17.748166] kasan_atomics_helper+0x1b22/0x5450 [ 17.748194] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.748223] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.748256] ? kasan_atomics+0x152/0x310 [ 17.748289] kasan_atomics+0x1dc/0x310 [ 17.748318] ? __pfx_kasan_atomics+0x10/0x10 [ 17.748348] ? __pfx_read_tsc+0x10/0x10 [ 17.748376] ? ktime_get_ts64+0x86/0x230 [ 17.748405] kunit_try_run_case+0x1a5/0x480 [ 17.748436] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.748464] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.748495] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.748524] ? __kthread_parkme+0x82/0x180 [ 17.748550] ? preempt_count_sub+0x50/0x80 [ 17.748580] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.748608] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.748637] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.748676] kthread+0x337/0x6f0 [ 17.748701] ? trace_preempt_on+0x20/0xc0 [ 17.748742] ? __pfx_kthread+0x10/0x10 [ 17.748781] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.748820] ? calculate_sigpending+0x7b/0xa0 [ 17.748851] ? __pfx_kthread+0x10/0x10 [ 17.748878] ret_from_fork+0x116/0x1d0 [ 17.748902] ? __pfx_kthread+0x10/0x10 [ 17.748928] ret_from_fork_asm+0x1a/0x30 [ 17.748967] </TASK> [ 17.748981] [ 17.758690] Allocated by task 283: [ 17.758959] kasan_save_stack+0x45/0x70 [ 17.759242] kasan_save_track+0x18/0x40 [ 17.759490] kasan_save_alloc_info+0x3b/0x50 [ 17.759733] __kasan_kmalloc+0xb7/0xc0 [ 17.759984] __kmalloc_cache_noprof+0x189/0x420 [ 17.760171] kasan_atomics+0x95/0x310 [ 17.760371] kunit_try_run_case+0x1a5/0x480 [ 17.760618] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.760983] kthread+0x337/0x6f0 [ 17.761156] ret_from_fork+0x116/0x1d0 [ 17.761402] ret_from_fork_asm+0x1a/0x30 [ 17.761569] [ 17.761667] The buggy address belongs to the object at ffff888103349180 [ 17.761667] which belongs to the cache kmalloc-64 of size 64 [ 17.762369] The buggy address is located 0 bytes to the right of [ 17.762369] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 17.762934] [ 17.763055] The buggy address belongs to the physical page: [ 17.763382] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 17.763824] flags: 0x200000000000000(node=0|zone=2) [ 17.764044] page_type: f5(slab) [ 17.764252] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.764699] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.765129] page dumped because: kasan: bad access detected [ 17.765403] [ 17.765518] Memory state around the buggy address: [ 17.765744] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.768133] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.768638] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.769837] ^ [ 17.770636] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.771822] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.772320] ================================================================== [ 16.974548] ================================================================== [ 16.975073] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 16.975564] Read of size 4 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 16.975961] [ 16.976242] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.976304] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.976322] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.976351] Call Trace: [ 16.976377] <TASK> [ 16.976401] dump_stack_lvl+0x73/0xb0 [ 16.976468] print_report+0xd1/0x650 [ 16.976497] ? __virt_addr_valid+0x1db/0x2d0 [ 16.976527] ? kasan_atomics_helper+0x4a84/0x5450 [ 16.976554] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.976604] ? kasan_atomics_helper+0x4a84/0x5450 [ 16.976633] kasan_report+0x141/0x180 [ 16.976682] ? kasan_atomics_helper+0x4a84/0x5450 [ 16.976715] __asan_report_load4_noabort+0x18/0x20 [ 16.976747] kasan_atomics_helper+0x4a84/0x5450 [ 16.976786] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.976866] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.976900] ? kasan_atomics+0x152/0x310 [ 16.976934] kasan_atomics+0x1dc/0x310 [ 16.977008] ? __pfx_kasan_atomics+0x10/0x10 [ 16.977041] ? __pfx_read_tsc+0x10/0x10 [ 16.977096] ? ktime_get_ts64+0x86/0x230 [ 16.977128] kunit_try_run_case+0x1a5/0x480 [ 16.977161] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.977190] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.977220] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.977250] ? __kthread_parkme+0x82/0x180 [ 16.977277] ? preempt_count_sub+0x50/0x80 [ 16.977307] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.977338] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.977367] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.977397] kthread+0x337/0x6f0 [ 16.977421] ? trace_preempt_on+0x20/0xc0 [ 16.977451] ? __pfx_kthread+0x10/0x10 [ 16.977477] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.977504] ? calculate_sigpending+0x7b/0xa0 [ 16.977534] ? __pfx_kthread+0x10/0x10 [ 16.977561] ret_from_fork+0x116/0x1d0 [ 16.977586] ? __pfx_kthread+0x10/0x10 [ 16.977611] ret_from_fork_asm+0x1a/0x30 [ 16.977661] </TASK> [ 16.977675] [ 16.988217] Allocated by task 283: [ 16.988580] kasan_save_stack+0x45/0x70 [ 16.988995] kasan_save_track+0x18/0x40 [ 16.989287] kasan_save_alloc_info+0x3b/0x50 [ 16.989661] __kasan_kmalloc+0xb7/0xc0 [ 16.989841] __kmalloc_cache_noprof+0x189/0x420 [ 16.990031] kasan_atomics+0x95/0x310 [ 16.990194] kunit_try_run_case+0x1a5/0x480 [ 16.990526] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.990912] kthread+0x337/0x6f0 [ 16.991128] ret_from_fork+0x116/0x1d0 [ 16.991354] ret_from_fork_asm+0x1a/0x30 [ 16.991579] [ 16.991683] The buggy address belongs to the object at ffff888103349180 [ 16.991683] which belongs to the cache kmalloc-64 of size 64 [ 16.992432] The buggy address is located 0 bytes to the right of [ 16.992432] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 16.993506] [ 16.993629] The buggy address belongs to the physical page: [ 16.994072] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 16.994500] flags: 0x200000000000000(node=0|zone=2) [ 16.994827] page_type: f5(slab) [ 16.995149] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.995558] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.996112] page dumped because: kasan: bad access detected [ 16.996416] [ 16.996618] Memory state around the buggy address: [ 16.997217] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.997588] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.998132] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.998465] ^ [ 16.998808] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.999265] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.999830] ================================================================== [ 17.034558] ================================================================== [ 17.035032] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 17.035414] Write of size 4 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 17.036061] [ 17.036636] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.036732] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.036750] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.036786] Call Trace: [ 17.036904] <TASK> [ 17.036937] dump_stack_lvl+0x73/0xb0 [ 17.036978] print_report+0xd1/0x650 [ 17.037006] ? __virt_addr_valid+0x1db/0x2d0 [ 17.037037] ? kasan_atomics_helper+0xde0/0x5450 [ 17.037064] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.037091] ? kasan_atomics_helper+0xde0/0x5450 [ 17.037120] kasan_report+0x141/0x180 [ 17.037149] ? kasan_atomics_helper+0xde0/0x5450 [ 17.037182] kasan_check_range+0x10c/0x1c0 [ 17.037211] __kasan_check_write+0x18/0x20 [ 17.037236] kasan_atomics_helper+0xde0/0x5450 [ 17.037265] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.037292] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.037325] ? kasan_atomics+0x152/0x310 [ 17.037359] kasan_atomics+0x1dc/0x310 [ 17.037388] ? __pfx_kasan_atomics+0x10/0x10 [ 17.037418] ? __pfx_read_tsc+0x10/0x10 [ 17.037445] ? ktime_get_ts64+0x86/0x230 [ 17.037476] kunit_try_run_case+0x1a5/0x480 [ 17.037508] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.037537] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.037567] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.037597] ? __kthread_parkme+0x82/0x180 [ 17.037623] ? preempt_count_sub+0x50/0x80 [ 17.037668] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.037698] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.037728] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.037757] kthread+0x337/0x6f0 [ 17.037783] ? trace_preempt_on+0x20/0xc0 [ 17.037864] ? __pfx_kthread+0x10/0x10 [ 17.037891] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.037919] ? calculate_sigpending+0x7b/0xa0 [ 17.037949] ? __pfx_kthread+0x10/0x10 [ 17.037976] ret_from_fork+0x116/0x1d0 [ 17.037999] ? __pfx_kthread+0x10/0x10 [ 17.038026] ret_from_fork_asm+0x1a/0x30 [ 17.038065] </TASK> [ 17.038081] [ 17.048787] Allocated by task 283: [ 17.049127] kasan_save_stack+0x45/0x70 [ 17.049341] kasan_save_track+0x18/0x40 [ 17.049577] kasan_save_alloc_info+0x3b/0x50 [ 17.050035] __kasan_kmalloc+0xb7/0xc0 [ 17.050268] __kmalloc_cache_noprof+0x189/0x420 [ 17.050547] kasan_atomics+0x95/0x310 [ 17.050803] kunit_try_run_case+0x1a5/0x480 [ 17.051125] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.051431] kthread+0x337/0x6f0 [ 17.051631] ret_from_fork+0x116/0x1d0 [ 17.052138] ret_from_fork_asm+0x1a/0x30 [ 17.052558] [ 17.052724] The buggy address belongs to the object at ffff888103349180 [ 17.052724] which belongs to the cache kmalloc-64 of size 64 [ 17.053392] The buggy address is located 0 bytes to the right of [ 17.053392] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 17.054094] [ 17.054301] The buggy address belongs to the physical page: [ 17.054621] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 17.055077] flags: 0x200000000000000(node=0|zone=2) [ 17.055289] page_type: f5(slab) [ 17.055444] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.055911] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.056515] page dumped because: kasan: bad access detected [ 17.056787] [ 17.056915] Memory state around the buggy address: [ 17.057222] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.057624] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.057903] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.058253] ^ [ 17.058539] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.058953] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.059999] ================================================================== [ 16.735597] ================================================================== [ 16.735988] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 16.736442] Write of size 4 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 16.736866] [ 16.737072] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.737133] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.737150] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.737194] Call Trace: [ 16.737220] <TASK> [ 16.737246] dump_stack_lvl+0x73/0xb0 [ 16.737302] print_report+0xd1/0x650 [ 16.737332] ? __virt_addr_valid+0x1db/0x2d0 [ 16.737362] ? kasan_atomics_helper+0x7c7/0x5450 [ 16.737389] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.737420] ? kasan_atomics_helper+0x7c7/0x5450 [ 16.737446] kasan_report+0x141/0x180 [ 16.737475] ? kasan_atomics_helper+0x7c7/0x5450 [ 16.737508] kasan_check_range+0x10c/0x1c0 [ 16.737538] __kasan_check_write+0x18/0x20 [ 16.737563] kasan_atomics_helper+0x7c7/0x5450 [ 16.737600] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.737628] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.737680] ? kasan_atomics+0x152/0x310 [ 16.737714] kasan_atomics+0x1dc/0x310 [ 16.737743] ? __pfx_kasan_atomics+0x10/0x10 [ 16.737788] ? __pfx_read_tsc+0x10/0x10 [ 16.737817] ? ktime_get_ts64+0x86/0x230 [ 16.737848] kunit_try_run_case+0x1a5/0x480 [ 16.737879] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.737908] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.737939] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.737969] ? __kthread_parkme+0x82/0x180 [ 16.737995] ? preempt_count_sub+0x50/0x80 [ 16.738025] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.738054] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.738084] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.738114] kthread+0x337/0x6f0 [ 16.738169] ? trace_preempt_on+0x20/0xc0 [ 16.738199] ? __pfx_kthread+0x10/0x10 [ 16.738226] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.738308] ? calculate_sigpending+0x7b/0xa0 [ 16.738341] ? __pfx_kthread+0x10/0x10 [ 16.738369] ret_from_fork+0x116/0x1d0 [ 16.738394] ? __pfx_kthread+0x10/0x10 [ 16.738425] ret_from_fork_asm+0x1a/0x30 [ 16.738465] </TASK> [ 16.738481] [ 16.751140] Allocated by task 283: [ 16.751381] kasan_save_stack+0x45/0x70 [ 16.751620] kasan_save_track+0x18/0x40 [ 16.752218] kasan_save_alloc_info+0x3b/0x50 [ 16.752476] __kasan_kmalloc+0xb7/0xc0 [ 16.752707] __kmalloc_cache_noprof+0x189/0x420 [ 16.753009] kasan_atomics+0x95/0x310 [ 16.753359] kunit_try_run_case+0x1a5/0x480 [ 16.753586] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.754334] kthread+0x337/0x6f0 [ 16.754519] ret_from_fork+0x116/0x1d0 [ 16.754772] ret_from_fork_asm+0x1a/0x30 [ 16.755096] [ 16.755200] The buggy address belongs to the object at ffff888103349180 [ 16.755200] which belongs to the cache kmalloc-64 of size 64 [ 16.756408] The buggy address is located 0 bytes to the right of [ 16.756408] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 16.757318] [ 16.757452] The buggy address belongs to the physical page: [ 16.757997] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 16.758531] flags: 0x200000000000000(node=0|zone=2) [ 16.758825] page_type: f5(slab) [ 16.759332] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.759914] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.760217] page dumped because: kasan: bad access detected [ 16.760431] [ 16.760520] Memory state around the buggy address: [ 16.760736] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.761465] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.761781] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.762363] ^ [ 16.762809] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.763276] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.763592] ================================================================== [ 16.439291] ================================================================== [ 16.439738] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 16.440764] Read of size 4 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 16.441563] [ 16.441702] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.441762] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.441788] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.441816] Call Trace: [ 16.441836] <TASK> [ 16.441859] dump_stack_lvl+0x73/0xb0 [ 16.441895] print_report+0xd1/0x650 [ 16.441922] ? __virt_addr_valid+0x1db/0x2d0 [ 16.441950] ? kasan_atomics_helper+0x4b88/0x5450 [ 16.441975] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.442001] ? kasan_atomics_helper+0x4b88/0x5450 [ 16.442026] kasan_report+0x141/0x180 [ 16.442052] ? kasan_atomics_helper+0x4b88/0x5450 [ 16.442084] __asan_report_load4_noabort+0x18/0x20 [ 16.442113] kasan_atomics_helper+0x4b88/0x5450 [ 16.442140] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.442166] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.442195] ? kasan_atomics+0x152/0x310 [ 16.442227] kasan_atomics+0x1dc/0x310 [ 16.442253] ? __pfx_kasan_atomics+0x10/0x10 [ 16.442282] ? __pfx_read_tsc+0x10/0x10 [ 16.442307] ? ktime_get_ts64+0x86/0x230 [ 16.442336] kunit_try_run_case+0x1a5/0x480 [ 16.442365] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.442390] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.442423] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.442450] ? __kthread_parkme+0x82/0x180 [ 16.442474] ? preempt_count_sub+0x50/0x80 [ 16.442503] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.442529] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.442555] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.442583] kthread+0x337/0x6f0 [ 16.442608] ? trace_preempt_on+0x20/0xc0 [ 16.442791] ? __pfx_kthread+0x10/0x10 [ 16.442820] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.442868] ? calculate_sigpending+0x7b/0xa0 [ 16.442899] ? __pfx_kthread+0x10/0x10 [ 16.442927] ret_from_fork+0x116/0x1d0 [ 16.442953] ? __pfx_kthread+0x10/0x10 [ 16.442979] ret_from_fork_asm+0x1a/0x30 [ 16.443019] </TASK> [ 16.443034] [ 16.455244] Allocated by task 283: [ 16.455449] kasan_save_stack+0x45/0x70 [ 16.455724] kasan_save_track+0x18/0x40 [ 16.455984] kasan_save_alloc_info+0x3b/0x50 [ 16.456242] __kasan_kmalloc+0xb7/0xc0 [ 16.456405] __kmalloc_cache_noprof+0x189/0x420 [ 16.456594] kasan_atomics+0x95/0x310 [ 16.456782] kunit_try_run_case+0x1a5/0x480 [ 16.457034] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.457353] kthread+0x337/0x6f0 [ 16.457561] ret_from_fork+0x116/0x1d0 [ 16.457880] ret_from_fork_asm+0x1a/0x30 [ 16.458095] [ 16.458217] The buggy address belongs to the object at ffff888103349180 [ 16.458217] which belongs to the cache kmalloc-64 of size 64 [ 16.458722] The buggy address is located 0 bytes to the right of [ 16.458722] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 16.459521] [ 16.459644] The buggy address belongs to the physical page: [ 16.459967] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 16.460466] flags: 0x200000000000000(node=0|zone=2) [ 16.460705] page_type: f5(slab) [ 16.461185] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.461572] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.462067] page dumped because: kasan: bad access detected [ 16.462350] [ 16.462457] Memory state around the buggy address: [ 16.462756] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.463164] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.463504] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.463931] ^ [ 16.464175] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.464528] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.464848] ================================================================== [ 17.365507] ================================================================== [ 17.365933] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 17.366349] Read of size 8 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 17.366713] [ 17.366860] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.366920] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.366938] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.366967] Call Trace: [ 17.366993] <TASK> [ 17.367019] dump_stack_lvl+0x73/0xb0 [ 17.367055] print_report+0xd1/0x650 [ 17.367085] ? __virt_addr_valid+0x1db/0x2d0 [ 17.367116] ? kasan_atomics_helper+0x13b5/0x5450 [ 17.367143] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.367171] ? kasan_atomics_helper+0x13b5/0x5450 [ 17.367199] kasan_report+0x141/0x180 [ 17.367227] ? kasan_atomics_helper+0x13b5/0x5450 [ 17.367261] kasan_check_range+0x10c/0x1c0 [ 17.367291] __kasan_check_read+0x15/0x20 [ 17.367315] kasan_atomics_helper+0x13b5/0x5450 [ 17.367343] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.367374] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.367407] ? kasan_atomics+0x152/0x310 [ 17.367442] kasan_atomics+0x1dc/0x310 [ 17.367471] ? __pfx_kasan_atomics+0x10/0x10 [ 17.367502] ? __pfx_read_tsc+0x10/0x10 [ 17.367529] ? ktime_get_ts64+0x86/0x230 [ 17.367560] kunit_try_run_case+0x1a5/0x480 [ 17.367591] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.367620] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.367665] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.367694] ? __kthread_parkme+0x82/0x180 [ 17.367719] ? preempt_count_sub+0x50/0x80 [ 17.367750] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.367795] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.367824] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.367853] kthread+0x337/0x6f0 [ 17.367878] ? trace_preempt_on+0x20/0xc0 [ 17.367908] ? __pfx_kthread+0x10/0x10 [ 17.367934] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.367961] ? calculate_sigpending+0x7b/0xa0 [ 17.367991] ? __pfx_kthread+0x10/0x10 [ 17.368018] ret_from_fork+0x116/0x1d0 [ 17.368041] ? __pfx_kthread+0x10/0x10 [ 17.368067] ret_from_fork_asm+0x1a/0x30 [ 17.368105] </TASK> [ 17.368121] [ 17.377321] Allocated by task 283: [ 17.377527] kasan_save_stack+0x45/0x70 [ 17.377768] kasan_save_track+0x18/0x40 [ 17.377982] kasan_save_alloc_info+0x3b/0x50 [ 17.378246] __kasan_kmalloc+0xb7/0xc0 [ 17.378448] __kmalloc_cache_noprof+0x189/0x420 [ 17.378708] kasan_atomics+0x95/0x310 [ 17.378876] kunit_try_run_case+0x1a5/0x480 [ 17.379088] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.379404] kthread+0x337/0x6f0 [ 17.379578] ret_from_fork+0x116/0x1d0 [ 17.379752] ret_from_fork_asm+0x1a/0x30 [ 17.379956] [ 17.380079] The buggy address belongs to the object at ffff888103349180 [ 17.380079] which belongs to the cache kmalloc-64 of size 64 [ 17.380741] The buggy address is located 0 bytes to the right of [ 17.380741] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 17.381342] [ 17.381463] The buggy address belongs to the physical page: [ 17.381744] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 17.382120] flags: 0x200000000000000(node=0|zone=2) [ 17.382407] page_type: f5(slab) [ 17.382570] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.383010] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.383368] page dumped because: kasan: bad access detected [ 17.383658] [ 17.383764] Memory state around the buggy address: [ 17.383994] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.384258] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.384519] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.384855] ^ [ 17.385223] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.385600] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.385920] ================================================================== [ 17.425411] ================================================================== [ 17.425800] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 17.426611] Write of size 8 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 17.427067] [ 17.427204] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.427263] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.427281] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.427311] Call Trace: [ 17.427337] <TASK> [ 17.427364] dump_stack_lvl+0x73/0xb0 [ 17.427403] print_report+0xd1/0x650 [ 17.427434] ? __virt_addr_valid+0x1db/0x2d0 [ 17.427465] ? kasan_atomics_helper+0x1467/0x5450 [ 17.427493] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.427521] ? kasan_atomics_helper+0x1467/0x5450 [ 17.427550] kasan_report+0x141/0x180 [ 17.427580] ? kasan_atomics_helper+0x1467/0x5450 [ 17.427613] kasan_check_range+0x10c/0x1c0 [ 17.427643] __kasan_check_write+0x18/0x20 [ 17.427684] kasan_atomics_helper+0x1467/0x5450 [ 17.427712] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.427742] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.427775] ? kasan_atomics+0x152/0x310 [ 17.427809] kasan_atomics+0x1dc/0x310 [ 17.427838] ? __pfx_kasan_atomics+0x10/0x10 [ 17.427869] ? __pfx_read_tsc+0x10/0x10 [ 17.427897] ? ktime_get_ts64+0x86/0x230 [ 17.427927] kunit_try_run_case+0x1a5/0x480 [ 17.427960] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.427988] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.428019] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.428049] ? __kthread_parkme+0x82/0x180 [ 17.428074] ? preempt_count_sub+0x50/0x80 [ 17.428106] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.428137] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.428166] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.428196] kthread+0x337/0x6f0 [ 17.428221] ? trace_preempt_on+0x20/0xc0 [ 17.428251] ? __pfx_kthread+0x10/0x10 [ 17.428278] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.428304] ? calculate_sigpending+0x7b/0xa0 [ 17.428335] ? __pfx_kthread+0x10/0x10 [ 17.428363] ret_from_fork+0x116/0x1d0 [ 17.428387] ? __pfx_kthread+0x10/0x10 [ 17.428412] ret_from_fork_asm+0x1a/0x30 [ 17.428453] </TASK> [ 17.428470] [ 17.439983] Allocated by task 283: [ 17.440456] kasan_save_stack+0x45/0x70 [ 17.440692] kasan_save_track+0x18/0x40 [ 17.441070] kasan_save_alloc_info+0x3b/0x50 [ 17.441309] __kasan_kmalloc+0xb7/0xc0 [ 17.441528] __kmalloc_cache_noprof+0x189/0x420 [ 17.442130] kasan_atomics+0x95/0x310 [ 17.442370] kunit_try_run_case+0x1a5/0x480 [ 17.442722] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.443139] kthread+0x337/0x6f0 [ 17.443521] ret_from_fork+0x116/0x1d0 [ 17.443765] ret_from_fork_asm+0x1a/0x30 [ 17.444114] [ 17.444213] The buggy address belongs to the object at ffff888103349180 [ 17.444213] which belongs to the cache kmalloc-64 of size 64 [ 17.445119] The buggy address is located 0 bytes to the right of [ 17.445119] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 17.445826] [ 17.445977] The buggy address belongs to the physical page: [ 17.446369] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 17.446993] flags: 0x200000000000000(node=0|zone=2) [ 17.447361] page_type: f5(slab) [ 17.447541] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.448245] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.448756] page dumped because: kasan: bad access detected [ 17.449183] [ 17.449308] Memory state around the buggy address: [ 17.449745] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.450140] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.450523] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.451212] ^ [ 17.451475] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.451993] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.452475] ================================================================== [ 17.880983] ================================================================== [ 17.882236] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 17.883098] Write of size 8 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 17.884026] [ 17.884429] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.884493] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.884512] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.884542] Call Trace: [ 17.884569] <TASK> [ 17.884596] dump_stack_lvl+0x73/0xb0 [ 17.884634] print_report+0xd1/0x650 [ 17.884678] ? __virt_addr_valid+0x1db/0x2d0 [ 17.884708] ? kasan_atomics_helper+0x1d7a/0x5450 [ 17.884736] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.884772] ? kasan_atomics_helper+0x1d7a/0x5450 [ 17.884800] kasan_report+0x141/0x180 [ 17.884829] ? kasan_atomics_helper+0x1d7a/0x5450 [ 17.884863] kasan_check_range+0x10c/0x1c0 [ 17.884892] __kasan_check_write+0x18/0x20 [ 17.884917] kasan_atomics_helper+0x1d7a/0x5450 [ 17.884945] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.884973] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.885031] ? kasan_atomics+0x152/0x310 [ 17.885064] kasan_atomics+0x1dc/0x310 [ 17.885092] ? __pfx_kasan_atomics+0x10/0x10 [ 17.885123] ? __pfx_read_tsc+0x10/0x10 [ 17.885150] ? ktime_get_ts64+0x86/0x230 [ 17.885181] kunit_try_run_case+0x1a5/0x480 [ 17.885213] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.885242] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.885272] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.885301] ? __kthread_parkme+0x82/0x180 [ 17.885328] ? preempt_count_sub+0x50/0x80 [ 17.885358] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.885387] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.885416] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.885445] kthread+0x337/0x6f0 [ 17.885472] ? trace_preempt_on+0x20/0xc0 [ 17.885503] ? __pfx_kthread+0x10/0x10 [ 17.885529] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.885556] ? calculate_sigpending+0x7b/0xa0 [ 17.885586] ? __pfx_kthread+0x10/0x10 [ 17.885613] ret_from_fork+0x116/0x1d0 [ 17.885636] ? __pfx_kthread+0x10/0x10 [ 17.885674] ret_from_fork_asm+0x1a/0x30 [ 17.885714] </TASK> [ 17.885731] [ 17.897506] Allocated by task 283: [ 17.897785] kasan_save_stack+0x45/0x70 [ 17.898036] kasan_save_track+0x18/0x40 [ 17.898207] kasan_save_alloc_info+0x3b/0x50 [ 17.898400] __kasan_kmalloc+0xb7/0xc0 [ 17.898624] __kmalloc_cache_noprof+0x189/0x420 [ 17.898943] kasan_atomics+0x95/0x310 [ 17.899210] kunit_try_run_case+0x1a5/0x480 [ 17.899699] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.900036] kthread+0x337/0x6f0 [ 17.900187] ret_from_fork+0x116/0x1d0 [ 17.900416] ret_from_fork_asm+0x1a/0x30 [ 17.900667] [ 17.900814] The buggy address belongs to the object at ffff888103349180 [ 17.900814] which belongs to the cache kmalloc-64 of size 64 [ 17.901278] The buggy address is located 0 bytes to the right of [ 17.901278] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 17.902069] [ 17.902189] The buggy address belongs to the physical page: [ 17.902457] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 17.902977] flags: 0x200000000000000(node=0|zone=2) [ 17.903279] page_type: f5(slab) [ 17.903454] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.903780] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.904184] page dumped because: kasan: bad access detected [ 17.904440] [ 17.904561] Memory state around the buggy address: [ 17.904886] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.905229] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.905546] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.905934] ^ [ 17.906232] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.906639] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.907069] ================================================================== [ 18.036144] ================================================================== [ 18.036583] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 18.037987] Read of size 8 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 18.038455] [ 18.038602] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 18.038713] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.038732] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.038762] Call Trace: [ 18.038803] <TASK> [ 18.038828] dump_stack_lvl+0x73/0xb0 [ 18.038867] print_report+0xd1/0x650 [ 18.038918] ? __virt_addr_valid+0x1db/0x2d0 [ 18.038961] ? kasan_atomics_helper+0x4f98/0x5450 [ 18.038988] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.039031] ? kasan_atomics_helper+0x4f98/0x5450 [ 18.039058] kasan_report+0x141/0x180 [ 18.039087] ? kasan_atomics_helper+0x4f98/0x5450 [ 18.039120] __asan_report_load8_noabort+0x18/0x20 [ 18.039150] kasan_atomics_helper+0x4f98/0x5450 [ 18.039211] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.039239] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.039284] ? kasan_atomics+0x152/0x310 [ 18.039318] kasan_atomics+0x1dc/0x310 [ 18.039347] ? __pfx_kasan_atomics+0x10/0x10 [ 18.039408] ? __pfx_read_tsc+0x10/0x10 [ 18.039435] ? ktime_get_ts64+0x86/0x230 [ 18.039479] kunit_try_run_case+0x1a5/0x480 [ 18.039511] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.039539] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.039571] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.039600] ? __kthread_parkme+0x82/0x180 [ 18.039627] ? preempt_count_sub+0x50/0x80 [ 18.039668] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.039697] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.039726] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.039755] kthread+0x337/0x6f0 [ 18.039790] ? trace_preempt_on+0x20/0xc0 [ 18.039822] ? __pfx_kthread+0x10/0x10 [ 18.039848] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.039874] ? calculate_sigpending+0x7b/0xa0 [ 18.039905] ? __pfx_kthread+0x10/0x10 [ 18.039932] ret_from_fork+0x116/0x1d0 [ 18.039956] ? __pfx_kthread+0x10/0x10 [ 18.039982] ret_from_fork_asm+0x1a/0x30 [ 18.040022] </TASK> [ 18.040038] [ 18.053614] Allocated by task 283: [ 18.053988] kasan_save_stack+0x45/0x70 [ 18.054302] kasan_save_track+0x18/0x40 [ 18.054597] kasan_save_alloc_info+0x3b/0x50 [ 18.054974] __kasan_kmalloc+0xb7/0xc0 [ 18.055193] __kmalloc_cache_noprof+0x189/0x420 [ 18.055465] kasan_atomics+0x95/0x310 [ 18.055814] kunit_try_run_case+0x1a5/0x480 [ 18.056045] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.056395] kthread+0x337/0x6f0 [ 18.056592] ret_from_fork+0x116/0x1d0 [ 18.056884] ret_from_fork_asm+0x1a/0x30 [ 18.057152] [ 18.057281] The buggy address belongs to the object at ffff888103349180 [ 18.057281] which belongs to the cache kmalloc-64 of size 64 [ 18.057956] The buggy address is located 0 bytes to the right of [ 18.057956] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 18.058685] [ 18.058849] The buggy address belongs to the physical page: [ 18.059114] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 18.059578] flags: 0x200000000000000(node=0|zone=2) [ 18.059958] page_type: f5(slab) [ 18.060201] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.060613] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.061071] page dumped because: kasan: bad access detected [ 18.061444] [ 18.061603] Memory state around the buggy address: [ 18.061885] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.062390] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.062940] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.063276] ^ [ 18.063625] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.064217] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.064616] ================================================================== [ 17.158630] ================================================================== [ 17.159054] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 17.159417] Write of size 4 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 17.159965] [ 17.160130] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.160186] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.160203] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.160233] Call Trace: [ 17.160266] <TASK> [ 17.160287] dump_stack_lvl+0x73/0xb0 [ 17.160337] print_report+0xd1/0x650 [ 17.160365] ? __virt_addr_valid+0x1db/0x2d0 [ 17.160394] ? kasan_atomics_helper+0x1079/0x5450 [ 17.160421] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.160460] ? kasan_atomics_helper+0x1079/0x5450 [ 17.160488] kasan_report+0x141/0x180 [ 17.160528] ? kasan_atomics_helper+0x1079/0x5450 [ 17.160562] kasan_check_range+0x10c/0x1c0 [ 17.160592] __kasan_check_write+0x18/0x20 [ 17.160617] kasan_atomics_helper+0x1079/0x5450 [ 17.160673] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.160700] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.160731] ? kasan_atomics+0x152/0x310 [ 17.160764] kasan_atomics+0x1dc/0x310 [ 17.160806] ? __pfx_kasan_atomics+0x10/0x10 [ 17.160836] ? __pfx_read_tsc+0x10/0x10 [ 17.160863] ? ktime_get_ts64+0x86/0x230 [ 17.160904] kunit_try_run_case+0x1a5/0x480 [ 17.160934] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.160974] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.161004] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.161032] ? __kthread_parkme+0x82/0x180 [ 17.161056] ? preempt_count_sub+0x50/0x80 [ 17.161086] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.161116] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.161144] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.161173] kthread+0x337/0x6f0 [ 17.161197] ? trace_preempt_on+0x20/0xc0 [ 17.161237] ? __pfx_kthread+0x10/0x10 [ 17.161262] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.161288] ? calculate_sigpending+0x7b/0xa0 [ 17.161330] ? __pfx_kthread+0x10/0x10 [ 17.161358] ret_from_fork+0x116/0x1d0 [ 17.161382] ? __pfx_kthread+0x10/0x10 [ 17.161407] ret_from_fork_asm+0x1a/0x30 [ 17.161445] </TASK> [ 17.161459] [ 17.170835] Allocated by task 283: [ 17.171057] kasan_save_stack+0x45/0x70 [ 17.171293] kasan_save_track+0x18/0x40 [ 17.171531] kasan_save_alloc_info+0x3b/0x50 [ 17.171793] __kasan_kmalloc+0xb7/0xc0 [ 17.172010] __kmalloc_cache_noprof+0x189/0x420 [ 17.172268] kasan_atomics+0x95/0x310 [ 17.172502] kunit_try_run_case+0x1a5/0x480 [ 17.172765] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.173137] kthread+0x337/0x6f0 [ 17.173285] ret_from_fork+0x116/0x1d0 [ 17.173479] ret_from_fork_asm+0x1a/0x30 [ 17.173741] [ 17.173858] The buggy address belongs to the object at ffff888103349180 [ 17.173858] which belongs to the cache kmalloc-64 of size 64 [ 17.174597] The buggy address is located 0 bytes to the right of [ 17.174597] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 17.175317] [ 17.175408] The buggy address belongs to the physical page: [ 17.175622] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 17.176461] flags: 0x200000000000000(node=0|zone=2) [ 17.176781] page_type: f5(slab) [ 17.177002] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.177335] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.177611] page dumped because: kasan: bad access detected [ 17.177881] [ 17.178017] Memory state around the buggy address: [ 17.178327] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.178778] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.179299] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.179741] ^ [ 17.179947] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.180525] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.181541] ================================================================== [ 18.006980] ================================================================== [ 18.007411] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 18.007981] Write of size 8 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 18.008344] [ 18.008476] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 18.008533] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.008551] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.008579] Call Trace: [ 18.008603] <TASK> [ 18.008626] dump_stack_lvl+0x73/0xb0 [ 18.008674] print_report+0xd1/0x650 [ 18.008701] ? __virt_addr_valid+0x1db/0x2d0 [ 18.008732] ? kasan_atomics_helper+0x2006/0x5450 [ 18.008760] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.008788] ? kasan_atomics_helper+0x2006/0x5450 [ 18.008816] kasan_report+0x141/0x180 [ 18.008844] ? kasan_atomics_helper+0x2006/0x5450 [ 18.008877] kasan_check_range+0x10c/0x1c0 [ 18.008907] __kasan_check_write+0x18/0x20 [ 18.008933] kasan_atomics_helper+0x2006/0x5450 [ 18.008962] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.008990] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.009021] ? kasan_atomics+0x152/0x310 [ 18.009056] kasan_atomics+0x1dc/0x310 [ 18.009085] ? __pfx_kasan_atomics+0x10/0x10 [ 18.009116] ? __pfx_read_tsc+0x10/0x10 [ 18.009144] ? ktime_get_ts64+0x86/0x230 [ 18.009174] kunit_try_run_case+0x1a5/0x480 [ 18.009205] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.009233] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.009263] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.009292] ? __kthread_parkme+0x82/0x180 [ 18.009318] ? preempt_count_sub+0x50/0x80 [ 18.009349] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.009378] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.009407] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.009437] kthread+0x337/0x6f0 [ 18.009462] ? trace_preempt_on+0x20/0xc0 [ 18.009492] ? __pfx_kthread+0x10/0x10 [ 18.009519] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.009548] ? calculate_sigpending+0x7b/0xa0 [ 18.009579] ? __pfx_kthread+0x10/0x10 [ 18.009607] ret_from_fork+0x116/0x1d0 [ 18.009631] ? __pfx_kthread+0x10/0x10 [ 18.009668] ret_from_fork_asm+0x1a/0x30 [ 18.009707] </TASK> [ 18.009723] [ 18.022398] Allocated by task 283: [ 18.023088] kasan_save_stack+0x45/0x70 [ 18.023298] kasan_save_track+0x18/0x40 [ 18.023469] kasan_save_alloc_info+0x3b/0x50 [ 18.023672] __kasan_kmalloc+0xb7/0xc0 [ 18.024199] __kmalloc_cache_noprof+0x189/0x420 [ 18.024753] kasan_atomics+0x95/0x310 [ 18.025096] kunit_try_run_case+0x1a5/0x480 [ 18.025426] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.025662] kthread+0x337/0x6f0 [ 18.025848] ret_from_fork+0x116/0x1d0 [ 18.026362] ret_from_fork_asm+0x1a/0x30 [ 18.026894] [ 18.027137] The buggy address belongs to the object at ffff888103349180 [ 18.027137] which belongs to the cache kmalloc-64 of size 64 [ 18.028509] The buggy address is located 0 bytes to the right of [ 18.028509] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 18.029371] [ 18.029614] The buggy address belongs to the physical page: [ 18.030302] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 18.030878] flags: 0x200000000000000(node=0|zone=2) [ 18.031090] page_type: f5(slab) [ 18.031241] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.031523] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.031882] page dumped because: kasan: bad access detected [ 18.032143] [ 18.032254] Memory state around the buggy address: [ 18.032530] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.032951] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.033317] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.033731] ^ [ 18.033979] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.034386] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.034822] ================================================================== [ 18.092592] ================================================================== [ 18.092917] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 18.093355] Read of size 8 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 18.093720] [ 18.093880] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 18.093939] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.093958] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.093986] Call Trace: [ 18.094009] <TASK> [ 18.094032] dump_stack_lvl+0x73/0xb0 [ 18.094068] print_report+0xd1/0x650 [ 18.094096] ? __virt_addr_valid+0x1db/0x2d0 [ 18.094124] ? kasan_atomics_helper+0x4fb2/0x5450 [ 18.094153] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.094180] ? kasan_atomics_helper+0x4fb2/0x5450 [ 18.094208] kasan_report+0x141/0x180 [ 18.094236] ? kasan_atomics_helper+0x4fb2/0x5450 [ 18.094269] __asan_report_load8_noabort+0x18/0x20 [ 18.094299] kasan_atomics_helper+0x4fb2/0x5450 [ 18.094327] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.094355] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.094386] ? kasan_atomics+0x152/0x310 [ 18.094425] kasan_atomics+0x1dc/0x310 [ 18.094454] ? __pfx_kasan_atomics+0x10/0x10 [ 18.094483] ? __pfx_read_tsc+0x10/0x10 [ 18.094510] ? ktime_get_ts64+0x86/0x230 [ 18.094540] kunit_try_run_case+0x1a5/0x480 [ 18.094571] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.094600] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.094630] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.094674] ? __kthread_parkme+0x82/0x180 [ 18.094700] ? preempt_count_sub+0x50/0x80 [ 18.094730] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.094760] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.094789] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.094818] kthread+0x337/0x6f0 [ 18.094843] ? trace_preempt_on+0x20/0xc0 [ 18.094873] ? __pfx_kthread+0x10/0x10 [ 18.094899] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.094925] ? calculate_sigpending+0x7b/0xa0 [ 18.094956] ? __pfx_kthread+0x10/0x10 [ 18.094982] ret_from_fork+0x116/0x1d0 [ 18.095006] ? __pfx_kthread+0x10/0x10 [ 18.095032] ret_from_fork_asm+0x1a/0x30 [ 18.095071] </TASK> [ 18.095086] [ 18.103712] Allocated by task 283: [ 18.103955] kasan_save_stack+0x45/0x70 [ 18.104185] kasan_save_track+0x18/0x40 [ 18.104416] kasan_save_alloc_info+0x3b/0x50 [ 18.104631] __kasan_kmalloc+0xb7/0xc0 [ 18.104877] __kmalloc_cache_noprof+0x189/0x420 [ 18.105140] kasan_atomics+0x95/0x310 [ 18.105318] kunit_try_run_case+0x1a5/0x480 [ 18.105502] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.105860] kthread+0x337/0x6f0 [ 18.106066] ret_from_fork+0x116/0x1d0 [ 18.106290] ret_from_fork_asm+0x1a/0x30 [ 18.106541] [ 18.106666] The buggy address belongs to the object at ffff888103349180 [ 18.106666] which belongs to the cache kmalloc-64 of size 64 [ 18.107390] The buggy address is located 0 bytes to the right of [ 18.107390] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 18.108022] [ 18.108116] The buggy address belongs to the physical page: [ 18.108329] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 18.108622] flags: 0x200000000000000(node=0|zone=2) [ 18.108917] page_type: f5(slab) [ 18.109122] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.109826] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.110120] page dumped because: kasan: bad access detected [ 18.110338] [ 18.110434] Memory state around the buggy address: [ 18.110625] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.111035] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.111425] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.111814] ^ [ 18.112090] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.112489] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.112970] ================================================================== [ 17.453987] ================================================================== [ 17.454363] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 17.454928] Write of size 8 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 17.455260] [ 17.455404] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.455464] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.455481] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.455509] Call Trace: [ 17.455533] <TASK> [ 17.455557] dump_stack_lvl+0x73/0xb0 [ 17.455592] print_report+0xd1/0x650 [ 17.455620] ? __virt_addr_valid+0x1db/0x2d0 [ 17.455664] ? kasan_atomics_helper+0x50d4/0x5450 [ 17.455691] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.455721] ? kasan_atomics_helper+0x50d4/0x5450 [ 17.455749] kasan_report+0x141/0x180 [ 17.455776] ? kasan_atomics_helper+0x50d4/0x5450 [ 17.455809] __asan_report_store8_noabort+0x1b/0x30 [ 17.455835] kasan_atomics_helper+0x50d4/0x5450 [ 17.455863] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.455889] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.455921] ? kasan_atomics+0x152/0x310 [ 17.455954] kasan_atomics+0x1dc/0x310 [ 17.455982] ? __pfx_kasan_atomics+0x10/0x10 [ 17.456012] ? __pfx_read_tsc+0x10/0x10 [ 17.456038] ? ktime_get_ts64+0x86/0x230 [ 17.456068] kunit_try_run_case+0x1a5/0x480 [ 17.456099] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.456126] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.456156] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.456185] ? __kthread_parkme+0x82/0x180 [ 17.456211] ? preempt_count_sub+0x50/0x80 [ 17.456240] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.456269] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.456297] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.456326] kthread+0x337/0x6f0 [ 17.456349] ? trace_preempt_on+0x20/0xc0 [ 17.456379] ? __pfx_kthread+0x10/0x10 [ 17.456405] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.456431] ? calculate_sigpending+0x7b/0xa0 [ 17.456461] ? __pfx_kthread+0x10/0x10 [ 17.456487] ret_from_fork+0x116/0x1d0 [ 17.456510] ? __pfx_kthread+0x10/0x10 [ 17.456536] ret_from_fork_asm+0x1a/0x30 [ 17.456574] </TASK> [ 17.456588] [ 17.469175] Allocated by task 283: [ 17.469507] kasan_save_stack+0x45/0x70 [ 17.470220] kasan_save_track+0x18/0x40 [ 17.470457] kasan_save_alloc_info+0x3b/0x50 [ 17.470693] __kasan_kmalloc+0xb7/0xc0 [ 17.471195] __kmalloc_cache_noprof+0x189/0x420 [ 17.471658] kasan_atomics+0x95/0x310 [ 17.472018] kunit_try_run_case+0x1a5/0x480 [ 17.472452] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.472751] kthread+0x337/0x6f0 [ 17.472942] ret_from_fork+0x116/0x1d0 [ 17.473150] ret_from_fork_asm+0x1a/0x30 [ 17.473363] [ 17.473475] The buggy address belongs to the object at ffff888103349180 [ 17.473475] which belongs to the cache kmalloc-64 of size 64 [ 17.474499] The buggy address is located 0 bytes to the right of [ 17.474499] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 17.475626] [ 17.475915] The buggy address belongs to the physical page: [ 17.476351] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 17.476762] flags: 0x200000000000000(node=0|zone=2) [ 17.477284] page_type: f5(slab) [ 17.477631] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.478149] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.478527] page dumped because: kasan: bad access detected [ 17.479101] [ 17.479377] Memory state around the buggy address: [ 17.479859] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.480354] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.481027] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.481472] ^ [ 17.481727] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.482512] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.483430] ================================================================== [ 17.060555] ================================================================== [ 17.061513] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 17.061955] Write of size 4 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 17.062406] [ 17.062587] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.062658] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.062676] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.062706] Call Trace: [ 17.062743] <TASK> [ 17.062769] dump_stack_lvl+0x73/0xb0 [ 17.062806] print_report+0xd1/0x650 [ 17.062905] ? __virt_addr_valid+0x1db/0x2d0 [ 17.062940] ? kasan_atomics_helper+0xe78/0x5450 [ 17.062966] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.063008] ? kasan_atomics_helper+0xe78/0x5450 [ 17.063034] kasan_report+0x141/0x180 [ 17.063076] ? kasan_atomics_helper+0xe78/0x5450 [ 17.063108] kasan_check_range+0x10c/0x1c0 [ 17.063138] __kasan_check_write+0x18/0x20 [ 17.063161] kasan_atomics_helper+0xe78/0x5450 [ 17.063200] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.063229] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.063273] ? kasan_atomics+0x152/0x310 [ 17.063306] kasan_atomics+0x1dc/0x310 [ 17.063335] ? __pfx_kasan_atomics+0x10/0x10 [ 17.063364] ? __pfx_read_tsc+0x10/0x10 [ 17.063392] ? ktime_get_ts64+0x86/0x230 [ 17.063423] kunit_try_run_case+0x1a5/0x480 [ 17.063454] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.063481] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.063510] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.063540] ? __kthread_parkme+0x82/0x180 [ 17.063565] ? preempt_count_sub+0x50/0x80 [ 17.063594] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.063625] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.063664] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.063694] kthread+0x337/0x6f0 [ 17.063718] ? trace_preempt_on+0x20/0xc0 [ 17.063748] ? __pfx_kthread+0x10/0x10 [ 17.063774] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.063801] ? calculate_sigpending+0x7b/0xa0 [ 17.063831] ? __pfx_kthread+0x10/0x10 [ 17.063858] ret_from_fork+0x116/0x1d0 [ 17.063882] ? __pfx_kthread+0x10/0x10 [ 17.063908] ret_from_fork_asm+0x1a/0x30 [ 17.063947] </TASK> [ 17.063962] [ 17.074158] Allocated by task 283: [ 17.074335] kasan_save_stack+0x45/0x70 [ 17.074519] kasan_save_track+0x18/0x40 [ 17.074740] kasan_save_alloc_info+0x3b/0x50 [ 17.074939] __kasan_kmalloc+0xb7/0xc0 [ 17.075096] __kmalloc_cache_noprof+0x189/0x420 [ 17.075279] kasan_atomics+0x95/0x310 [ 17.075438] kunit_try_run_case+0x1a5/0x480 [ 17.075759] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.076092] kthread+0x337/0x6f0 [ 17.076394] ret_from_fork+0x116/0x1d0 [ 17.076671] ret_from_fork_asm+0x1a/0x30 [ 17.076978] [ 17.077096] The buggy address belongs to the object at ffff888103349180 [ 17.077096] which belongs to the cache kmalloc-64 of size 64 [ 17.077747] The buggy address is located 0 bytes to the right of [ 17.077747] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 17.078631] [ 17.078787] The buggy address belongs to the physical page: [ 17.080424] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 17.080868] flags: 0x200000000000000(node=0|zone=2) [ 17.081153] page_type: f5(slab) [ 17.082620] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.083077] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.083351] page dumped because: kasan: bad access detected [ 17.083557] [ 17.083656] Memory state around the buggy address: [ 17.083903] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.084158] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.084409] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.085549] ^ [ 17.086095] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.086416] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.086937] ================================================================== [ 17.386627] ================================================================== [ 17.387491] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 17.387923] Read of size 8 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 17.388330] [ 17.388473] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.388527] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.388543] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.388571] Call Trace: [ 17.388591] <TASK> [ 17.388613] dump_stack_lvl+0x73/0xb0 [ 17.388660] print_report+0xd1/0x650 [ 17.388688] ? __virt_addr_valid+0x1db/0x2d0 [ 17.388718] ? kasan_atomics_helper+0x4eae/0x5450 [ 17.388745] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.388790] ? kasan_atomics_helper+0x4eae/0x5450 [ 17.388817] kasan_report+0x141/0x180 [ 17.388846] ? kasan_atomics_helper+0x4eae/0x5450 [ 17.388879] __asan_report_load8_noabort+0x18/0x20 [ 17.388912] kasan_atomics_helper+0x4eae/0x5450 [ 17.388945] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.388974] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.389005] ? kasan_atomics+0x152/0x310 [ 17.389038] kasan_atomics+0x1dc/0x310 [ 17.389067] ? __pfx_kasan_atomics+0x10/0x10 [ 17.389097] ? __pfx_read_tsc+0x10/0x10 [ 17.389123] ? ktime_get_ts64+0x86/0x230 [ 17.389153] kunit_try_run_case+0x1a5/0x480 [ 17.389182] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.389210] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.389240] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.389268] ? __kthread_parkme+0x82/0x180 [ 17.389294] ? preempt_count_sub+0x50/0x80 [ 17.389323] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.389352] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.389380] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.389409] kthread+0x337/0x6f0 [ 17.389434] ? trace_preempt_on+0x20/0xc0 [ 17.389462] ? __pfx_kthread+0x10/0x10 [ 17.389488] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.389514] ? calculate_sigpending+0x7b/0xa0 [ 17.389543] ? __pfx_kthread+0x10/0x10 [ 17.389570] ret_from_fork+0x116/0x1d0 [ 17.389594] ? __pfx_kthread+0x10/0x10 [ 17.389619] ret_from_fork_asm+0x1a/0x30 [ 17.389681] </TASK> [ 17.389697] [ 17.407900] Allocated by task 283: [ 17.408330] kasan_save_stack+0x45/0x70 [ 17.408808] kasan_save_track+0x18/0x40 [ 17.409250] kasan_save_alloc_info+0x3b/0x50 [ 17.409723] __kasan_kmalloc+0xb7/0xc0 [ 17.410231] __kmalloc_cache_noprof+0x189/0x420 [ 17.410471] kasan_atomics+0x95/0x310 [ 17.410636] kunit_try_run_case+0x1a5/0x480 [ 17.410936] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.411482] kthread+0x337/0x6f0 [ 17.411910] ret_from_fork+0x116/0x1d0 [ 17.412346] ret_from_fork_asm+0x1a/0x30 [ 17.412806] [ 17.413073] The buggy address belongs to the object at ffff888103349180 [ 17.413073] which belongs to the cache kmalloc-64 of size 64 [ 17.414248] The buggy address is located 0 bytes to the right of [ 17.414248] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 17.414711] [ 17.414873] The buggy address belongs to the physical page: [ 17.415467] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 17.416542] flags: 0x200000000000000(node=0|zone=2) [ 17.417273] page_type: f5(slab) [ 17.417662] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.418757] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.419639] page dumped because: kasan: bad access detected [ 17.419953] [ 17.420170] Memory state around the buggy address: [ 17.420720] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.421606] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.422500] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.423031] ^ [ 17.423551] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.424011] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.424276] ================================================================== [ 16.654809] ================================================================== [ 16.655296] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 16.655635] Write of size 4 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 16.656262] [ 16.656404] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.656462] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.656480] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.656508] Call Trace: [ 16.656534] <TASK> [ 16.656559] dump_stack_lvl+0x73/0xb0 [ 16.656598] print_report+0xd1/0x650 [ 16.656627] ? __virt_addr_valid+0x1db/0x2d0 [ 16.656668] ? kasan_atomics_helper+0x5fe/0x5450 [ 16.656695] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.656724] ? kasan_atomics_helper+0x5fe/0x5450 [ 16.656751] kasan_report+0x141/0x180 [ 16.656779] ? kasan_atomics_helper+0x5fe/0x5450 [ 16.656812] kasan_check_range+0x10c/0x1c0 [ 16.656842] __kasan_check_write+0x18/0x20 [ 16.656866] kasan_atomics_helper+0x5fe/0x5450 [ 16.656894] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.656983] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.657018] ? kasan_atomics+0x152/0x310 [ 16.657052] kasan_atomics+0x1dc/0x310 [ 16.657080] ? __pfx_kasan_atomics+0x10/0x10 [ 16.657110] ? __pfx_read_tsc+0x10/0x10 [ 16.657138] ? ktime_get_ts64+0x86/0x230 [ 16.657169] kunit_try_run_case+0x1a5/0x480 [ 16.657200] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.657228] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.657260] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.657288] ? __kthread_parkme+0x82/0x180 [ 16.657314] ? preempt_count_sub+0x50/0x80 [ 16.657345] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.657375] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.657404] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.657433] kthread+0x337/0x6f0 [ 16.657458] ? trace_preempt_on+0x20/0xc0 [ 16.657488] ? __pfx_kthread+0x10/0x10 [ 16.657514] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.657540] ? calculate_sigpending+0x7b/0xa0 [ 16.657569] ? __pfx_kthread+0x10/0x10 [ 16.657597] ret_from_fork+0x116/0x1d0 [ 16.657621] ? __pfx_kthread+0x10/0x10 [ 16.657660] ret_from_fork_asm+0x1a/0x30 [ 16.657699] </TASK> [ 16.657713] [ 16.667567] Allocated by task 283: [ 16.667888] kasan_save_stack+0x45/0x70 [ 16.668108] kasan_save_track+0x18/0x40 [ 16.668342] kasan_save_alloc_info+0x3b/0x50 [ 16.668556] __kasan_kmalloc+0xb7/0xc0 [ 16.668828] __kmalloc_cache_noprof+0x189/0x420 [ 16.669022] kasan_atomics+0x95/0x310 [ 16.669189] kunit_try_run_case+0x1a5/0x480 [ 16.669441] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.669750] kthread+0x337/0x6f0 [ 16.670015] ret_from_fork+0x116/0x1d0 [ 16.670236] ret_from_fork_asm+0x1a/0x30 [ 16.670454] [ 16.670574] The buggy address belongs to the object at ffff888103349180 [ 16.670574] which belongs to the cache kmalloc-64 of size 64 [ 16.671108] The buggy address is located 0 bytes to the right of [ 16.671108] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 16.671771] [ 16.671863] The buggy address belongs to the physical page: [ 16.672076] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 16.672367] flags: 0x200000000000000(node=0|zone=2) [ 16.672780] page_type: f5(slab) [ 16.673049] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.673462] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.673779] page dumped because: kasan: bad access detected [ 16.673988] [ 16.674074] Memory state around the buggy address: [ 16.674264] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.674617] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.675584] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.676352] ^ [ 16.676659] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.677405] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.677755] ================================================================== [ 17.136156] ================================================================== [ 17.136622] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 17.137276] Read of size 4 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 17.137640] [ 17.137812] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.137880] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.137897] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.137923] Call Trace: [ 17.137941] <TASK> [ 17.137973] dump_stack_lvl+0x73/0xb0 [ 17.138010] print_report+0xd1/0x650 [ 17.138051] ? __virt_addr_valid+0x1db/0x2d0 [ 17.138080] ? kasan_atomics_helper+0x4a36/0x5450 [ 17.138108] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.138140] ? kasan_atomics_helper+0x4a36/0x5450 [ 17.138180] kasan_report+0x141/0x180 [ 17.138207] ? kasan_atomics_helper+0x4a36/0x5450 [ 17.138254] __asan_report_load4_noabort+0x18/0x20 [ 17.138285] kasan_atomics_helper+0x4a36/0x5450 [ 17.138314] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.138342] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.138385] ? kasan_atomics+0x152/0x310 [ 17.138424] kasan_atomics+0x1dc/0x310 [ 17.138466] ? __pfx_kasan_atomics+0x10/0x10 [ 17.138495] ? __pfx_read_tsc+0x10/0x10 [ 17.138522] ? ktime_get_ts64+0x86/0x230 [ 17.138563] kunit_try_run_case+0x1a5/0x480 [ 17.138592] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.138620] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.138672] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.138701] ? __kthread_parkme+0x82/0x180 [ 17.138738] ? preempt_count_sub+0x50/0x80 [ 17.138782] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.138821] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.138850] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.138879] kthread+0x337/0x6f0 [ 17.138919] ? trace_preempt_on+0x20/0xc0 [ 17.138948] ? __pfx_kthread+0x10/0x10 [ 17.138986] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.139023] ? calculate_sigpending+0x7b/0xa0 [ 17.139053] ? __pfx_kthread+0x10/0x10 [ 17.139079] ret_from_fork+0x116/0x1d0 [ 17.139116] ? __pfx_kthread+0x10/0x10 [ 17.139142] ret_from_fork_asm+0x1a/0x30 [ 17.139195] </TASK> [ 17.139209] [ 17.148491] Allocated by task 283: [ 17.148717] kasan_save_stack+0x45/0x70 [ 17.149205] kasan_save_track+0x18/0x40 [ 17.149381] kasan_save_alloc_info+0x3b/0x50 [ 17.149570] __kasan_kmalloc+0xb7/0xc0 [ 17.149910] __kmalloc_cache_noprof+0x189/0x420 [ 17.150182] kasan_atomics+0x95/0x310 [ 17.150400] kunit_try_run_case+0x1a5/0x480 [ 17.150665] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.150995] kthread+0x337/0x6f0 [ 17.151151] ret_from_fork+0x116/0x1d0 [ 17.151411] ret_from_fork_asm+0x1a/0x30 [ 17.151624] [ 17.151759] The buggy address belongs to the object at ffff888103349180 [ 17.151759] which belongs to the cache kmalloc-64 of size 64 [ 17.152356] The buggy address is located 0 bytes to the right of [ 17.152356] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 17.153044] [ 17.153168] The buggy address belongs to the physical page: [ 17.153470] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 17.153945] flags: 0x200000000000000(node=0|zone=2) [ 17.154149] page_type: f5(slab) [ 17.154298] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.154582] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.154997] page dumped because: kasan: bad access detected [ 17.155336] [ 17.155456] Memory state around the buggy address: [ 17.155733] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.156068] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.156329] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.156603] ^ [ 17.157019] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.157435] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.157935] ================================================================== [ 17.506967] ================================================================== [ 17.507410] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 17.507938] Write of size 8 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 17.508218] [ 17.508326] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.508378] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.508395] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.508424] Call Trace: [ 17.508446] <TASK> [ 17.508465] dump_stack_lvl+0x73/0xb0 [ 17.508499] print_report+0xd1/0x650 [ 17.508541] ? __virt_addr_valid+0x1db/0x2d0 [ 17.508570] ? kasan_atomics_helper+0x15b6/0x5450 [ 17.508596] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.508637] ? kasan_atomics_helper+0x15b6/0x5450 [ 17.508675] kasan_report+0x141/0x180 [ 17.508703] ? kasan_atomics_helper+0x15b6/0x5450 [ 17.508735] kasan_check_range+0x10c/0x1c0 [ 17.508763] __kasan_check_write+0x18/0x20 [ 17.508788] kasan_atomics_helper+0x15b6/0x5450 [ 17.508815] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.508854] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.508897] ? kasan_atomics+0x152/0x310 [ 17.508944] kasan_atomics+0x1dc/0x310 [ 17.508973] ? __pfx_kasan_atomics+0x10/0x10 [ 17.509003] ? __pfx_read_tsc+0x10/0x10 [ 17.509029] ? ktime_get_ts64+0x86/0x230 [ 17.509061] kunit_try_run_case+0x1a5/0x480 [ 17.509092] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.509120] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.509150] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.509180] ? __kthread_parkme+0x82/0x180 [ 17.509206] ? preempt_count_sub+0x50/0x80 [ 17.509236] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.509266] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.509295] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.509324] kthread+0x337/0x6f0 [ 17.509350] ? trace_preempt_on+0x20/0xc0 [ 17.509380] ? __pfx_kthread+0x10/0x10 [ 17.509406] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.509433] ? calculate_sigpending+0x7b/0xa0 [ 17.509475] ? __pfx_kthread+0x10/0x10 [ 17.509503] ret_from_fork+0x116/0x1d0 [ 17.509538] ? __pfx_kthread+0x10/0x10 [ 17.509565] ret_from_fork_asm+0x1a/0x30 [ 17.509603] </TASK> [ 17.509618] [ 17.519323] Allocated by task 283: [ 17.519518] kasan_save_stack+0x45/0x70 [ 17.519710] kasan_save_track+0x18/0x40 [ 17.519877] kasan_save_alloc_info+0x3b/0x50 [ 17.520073] __kasan_kmalloc+0xb7/0xc0 [ 17.520331] __kmalloc_cache_noprof+0x189/0x420 [ 17.520603] kasan_atomics+0x95/0x310 [ 17.520836] kunit_try_run_case+0x1a5/0x480 [ 17.521200] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.521491] kthread+0x337/0x6f0 [ 17.521640] ret_from_fork+0x116/0x1d0 [ 17.521909] ret_from_fork_asm+0x1a/0x30 [ 17.522156] [ 17.522276] The buggy address belongs to the object at ffff888103349180 [ 17.522276] which belongs to the cache kmalloc-64 of size 64 [ 17.523015] The buggy address is located 0 bytes to the right of [ 17.523015] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 17.523692] [ 17.523828] The buggy address belongs to the physical page: [ 17.524111] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 17.524512] flags: 0x200000000000000(node=0|zone=2) [ 17.524805] page_type: f5(slab) [ 17.525018] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.525417] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.525743] page dumped because: kasan: bad access detected [ 17.526074] [ 17.526203] Memory state around the buggy address: [ 17.526440] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.526881] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.527246] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.527620] ^ [ 17.527918] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.528276] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.528612] ================================================================== [ 16.920588] ================================================================== [ 16.921261] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 16.921876] Write of size 4 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 16.922952] [ 16.923227] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.923287] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.923319] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.923348] Call Trace: [ 16.923373] <TASK> [ 16.923398] dump_stack_lvl+0x73/0xb0 [ 16.923437] print_report+0xd1/0x650 [ 16.923466] ? __virt_addr_valid+0x1db/0x2d0 [ 16.923497] ? kasan_atomics_helper+0xb6a/0x5450 [ 16.923525] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.923555] ? kasan_atomics_helper+0xb6a/0x5450 [ 16.923582] kasan_report+0x141/0x180 [ 16.923610] ? kasan_atomics_helper+0xb6a/0x5450 [ 16.923643] kasan_check_range+0x10c/0x1c0 [ 16.923687] __kasan_check_write+0x18/0x20 [ 16.923725] kasan_atomics_helper+0xb6a/0x5450 [ 16.923754] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.923796] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.923846] ? kasan_atomics+0x152/0x310 [ 16.923896] kasan_atomics+0x1dc/0x310 [ 16.923925] ? __pfx_kasan_atomics+0x10/0x10 [ 16.923956] ? __pfx_read_tsc+0x10/0x10 [ 16.923982] ? ktime_get_ts64+0x86/0x230 [ 16.924012] kunit_try_run_case+0x1a5/0x480 [ 16.924043] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.924069] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.924101] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.924129] ? __kthread_parkme+0x82/0x180 [ 16.924155] ? preempt_count_sub+0x50/0x80 [ 16.924186] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.924215] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.924244] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.924272] kthread+0x337/0x6f0 [ 16.924297] ? trace_preempt_on+0x20/0xc0 [ 16.924326] ? __pfx_kthread+0x10/0x10 [ 16.924351] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.924379] ? calculate_sigpending+0x7b/0xa0 [ 16.924409] ? __pfx_kthread+0x10/0x10 [ 16.924435] ret_from_fork+0x116/0x1d0 [ 16.924459] ? __pfx_kthread+0x10/0x10 [ 16.924484] ret_from_fork_asm+0x1a/0x30 [ 16.924523] </TASK> [ 16.924538] [ 16.936089] Allocated by task 283: [ 16.936489] kasan_save_stack+0x45/0x70 [ 16.936766] kasan_save_track+0x18/0x40 [ 16.937146] kasan_save_alloc_info+0x3b/0x50 [ 16.937379] __kasan_kmalloc+0xb7/0xc0 [ 16.937697] __kmalloc_cache_noprof+0x189/0x420 [ 16.937974] kasan_atomics+0x95/0x310 [ 16.938518] kunit_try_run_case+0x1a5/0x480 [ 16.938795] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.939095] kthread+0x337/0x6f0 [ 16.939293] ret_from_fork+0x116/0x1d0 [ 16.939474] ret_from_fork_asm+0x1a/0x30 [ 16.939715] [ 16.939974] The buggy address belongs to the object at ffff888103349180 [ 16.939974] which belongs to the cache kmalloc-64 of size 64 [ 16.940581] The buggy address is located 0 bytes to the right of [ 16.940581] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 16.941247] [ 16.941429] The buggy address belongs to the physical page: [ 16.941757] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 16.942291] flags: 0x200000000000000(node=0|zone=2) [ 16.942589] page_type: f5(slab) [ 16.942842] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.943389] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.943786] page dumped because: kasan: bad access detected [ 16.944459] [ 16.944697] Memory state around the buggy address: [ 16.945054] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.945450] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.945918] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.946252] ^ [ 16.946542] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.947042] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.947378] ================================================================== [ 16.488734] ================================================================== [ 16.489624] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 16.490136] Read of size 4 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 16.490526] [ 16.490691] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.490750] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.490769] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.490799] Call Trace: [ 16.490887] <TASK> [ 16.490915] dump_stack_lvl+0x73/0xb0 [ 16.490953] print_report+0xd1/0x650 [ 16.490983] ? __virt_addr_valid+0x1db/0x2d0 [ 16.491013] ? kasan_atomics_helper+0x3df/0x5450 [ 16.491039] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.491069] ? kasan_atomics_helper+0x3df/0x5450 [ 16.491097] kasan_report+0x141/0x180 [ 16.491124] ? kasan_atomics_helper+0x3df/0x5450 [ 16.491158] kasan_check_range+0x10c/0x1c0 [ 16.491188] __kasan_check_read+0x15/0x20 [ 16.491213] kasan_atomics_helper+0x3df/0x5450 [ 16.491241] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.491269] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.491301] ? kasan_atomics+0x152/0x310 [ 16.491334] kasan_atomics+0x1dc/0x310 [ 16.491364] ? __pfx_kasan_atomics+0x10/0x10 [ 16.491395] ? __pfx_read_tsc+0x10/0x10 [ 16.491422] ? ktime_get_ts64+0x86/0x230 [ 16.491453] kunit_try_run_case+0x1a5/0x480 [ 16.491484] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.491512] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.491541] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.491571] ? __kthread_parkme+0x82/0x180 [ 16.491596] ? preempt_count_sub+0x50/0x80 [ 16.491626] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.491670] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.491699] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.491729] kthread+0x337/0x6f0 [ 16.491754] ? trace_preempt_on+0x20/0xc0 [ 16.491784] ? __pfx_kthread+0x10/0x10 [ 16.491809] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.491835] ? calculate_sigpending+0x7b/0xa0 [ 16.491865] ? __pfx_kthread+0x10/0x10 [ 16.491893] ret_from_fork+0x116/0x1d0 [ 16.491916] ? __pfx_kthread+0x10/0x10 [ 16.491941] ret_from_fork_asm+0x1a/0x30 [ 16.491985] </TASK> [ 16.492000] [ 16.502615] Allocated by task 283: [ 16.503750] kasan_save_stack+0x45/0x70 [ 16.504323] kasan_save_track+0x18/0x40 [ 16.504512] kasan_save_alloc_info+0x3b/0x50 [ 16.504710] __kasan_kmalloc+0xb7/0xc0 [ 16.504884] __kmalloc_cache_noprof+0x189/0x420 [ 16.505078] kasan_atomics+0x95/0x310 [ 16.505243] kunit_try_run_case+0x1a5/0x480 [ 16.505424] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.505638] kthread+0x337/0x6f0 [ 16.506871] ret_from_fork+0x116/0x1d0 [ 16.507507] ret_from_fork_asm+0x1a/0x30 [ 16.508376] [ 16.508952] The buggy address belongs to the object at ffff888103349180 [ 16.508952] which belongs to the cache kmalloc-64 of size 64 [ 16.511288] The buggy address is located 0 bytes to the right of [ 16.511288] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 16.512332] [ 16.512442] The buggy address belongs to the physical page: [ 16.512676] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 16.513063] flags: 0x200000000000000(node=0|zone=2) [ 16.513398] page_type: f5(slab) [ 16.513595] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.514486] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.514987] page dumped because: kasan: bad access detected [ 16.515279] [ 16.515392] Memory state around the buggy address: [ 16.516032] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.516409] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.516921] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.517437] ^ [ 16.517718] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.518287] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.518734] ================================================================== [ 17.206353] ================================================================== [ 17.207087] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 17.207892] Write of size 4 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 17.208399] [ 17.208689] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.208746] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.208798] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.208845] Call Trace: [ 17.208911] <TASK> [ 17.208935] dump_stack_lvl+0x73/0xb0 [ 17.208971] print_report+0xd1/0x650 [ 17.209012] ? __virt_addr_valid+0x1db/0x2d0 [ 17.209042] ? kasan_atomics_helper+0x1148/0x5450 [ 17.209069] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.209098] ? kasan_atomics_helper+0x1148/0x5450 [ 17.209125] kasan_report+0x141/0x180 [ 17.209154] ? kasan_atomics_helper+0x1148/0x5450 [ 17.209186] kasan_check_range+0x10c/0x1c0 [ 17.209216] __kasan_check_write+0x18/0x20 [ 17.209242] kasan_atomics_helper+0x1148/0x5450 [ 17.209270] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.209299] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.209332] ? kasan_atomics+0x152/0x310 [ 17.209365] kasan_atomics+0x1dc/0x310 [ 17.209394] ? __pfx_kasan_atomics+0x10/0x10 [ 17.209424] ? __pfx_read_tsc+0x10/0x10 [ 17.209452] ? ktime_get_ts64+0x86/0x230 [ 17.209483] kunit_try_run_case+0x1a5/0x480 [ 17.209514] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.209541] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.209571] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.209600] ? __kthread_parkme+0x82/0x180 [ 17.209626] ? preempt_count_sub+0x50/0x80 [ 17.209667] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.209696] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.209724] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.209754] kthread+0x337/0x6f0 [ 17.209794] ? trace_preempt_on+0x20/0xc0 [ 17.209824] ? __pfx_kthread+0x10/0x10 [ 17.209850] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.209876] ? calculate_sigpending+0x7b/0xa0 [ 17.209906] ? __pfx_kthread+0x10/0x10 [ 17.209933] ret_from_fork+0x116/0x1d0 [ 17.209956] ? __pfx_kthread+0x10/0x10 [ 17.209982] ret_from_fork_asm+0x1a/0x30 [ 17.210020] </TASK> [ 17.210035] [ 17.221431] Allocated by task 283: [ 17.221628] kasan_save_stack+0x45/0x70 [ 17.221931] kasan_save_track+0x18/0x40 [ 17.222194] kasan_save_alloc_info+0x3b/0x50 [ 17.222447] __kasan_kmalloc+0xb7/0xc0 [ 17.222606] __kmalloc_cache_noprof+0x189/0x420 [ 17.222937] kasan_atomics+0x95/0x310 [ 17.223347] kunit_try_run_case+0x1a5/0x480 [ 17.223634] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.223990] kthread+0x337/0x6f0 [ 17.224138] ret_from_fork+0x116/0x1d0 [ 17.224470] ret_from_fork_asm+0x1a/0x30 [ 17.224806] [ 17.225069] The buggy address belongs to the object at ffff888103349180 [ 17.225069] which belongs to the cache kmalloc-64 of size 64 [ 17.225580] The buggy address is located 0 bytes to the right of [ 17.225580] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 17.226490] [ 17.226636] The buggy address belongs to the physical page: [ 17.227030] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 17.227486] flags: 0x200000000000000(node=0|zone=2) [ 17.227794] page_type: f5(slab) [ 17.228046] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.228392] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.228671] page dumped because: kasan: bad access detected [ 17.229253] [ 17.229387] Memory state around the buggy address: [ 17.229695] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.229953] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.230240] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.230695] ^ [ 17.231261] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.231802] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.232175] ================================================================== [ 16.764681] ================================================================== [ 16.765374] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 16.765834] Write of size 4 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 16.766221] [ 16.766352] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.766409] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.766431] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.766460] Call Trace: [ 16.766485] <TASK> [ 16.766508] dump_stack_lvl+0x73/0xb0 [ 16.766544] print_report+0xd1/0x650 [ 16.766573] ? __virt_addr_valid+0x1db/0x2d0 [ 16.766603] ? kasan_atomics_helper+0x860/0x5450 [ 16.766630] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.766672] ? kasan_atomics_helper+0x860/0x5450 [ 16.766699] kasan_report+0x141/0x180 [ 16.766728] ? kasan_atomics_helper+0x860/0x5450 [ 16.766763] kasan_check_range+0x10c/0x1c0 [ 16.766795] __kasan_check_write+0x18/0x20 [ 16.766820] kasan_atomics_helper+0x860/0x5450 [ 16.766849] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.766877] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.766908] ? kasan_atomics+0x152/0x310 [ 16.766942] kasan_atomics+0x1dc/0x310 [ 16.766971] ? __pfx_kasan_atomics+0x10/0x10 [ 16.767004] ? __pfx_read_tsc+0x10/0x10 [ 16.767034] ? ktime_get_ts64+0x86/0x230 [ 16.767066] kunit_try_run_case+0x1a5/0x480 [ 16.767097] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.767125] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.767156] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.767185] ? __kthread_parkme+0x82/0x180 [ 16.767212] ? preempt_count_sub+0x50/0x80 [ 16.767242] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.767273] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.767305] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.767348] kthread+0x337/0x6f0 [ 16.767372] ? trace_preempt_on+0x20/0xc0 [ 16.767402] ? __pfx_kthread+0x10/0x10 [ 16.767429] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.767457] ? calculate_sigpending+0x7b/0xa0 [ 16.767487] ? __pfx_kthread+0x10/0x10 [ 16.767513] ret_from_fork+0x116/0x1d0 [ 16.767537] ? __pfx_kthread+0x10/0x10 [ 16.767563] ret_from_fork_asm+0x1a/0x30 [ 16.767601] </TASK> [ 16.767618] [ 16.779916] Allocated by task 283: [ 16.780414] kasan_save_stack+0x45/0x70 [ 16.781016] kasan_save_track+0x18/0x40 [ 16.781476] kasan_save_alloc_info+0x3b/0x50 [ 16.782023] __kasan_kmalloc+0xb7/0xc0 [ 16.782582] __kmalloc_cache_noprof+0x189/0x420 [ 16.783079] kasan_atomics+0x95/0x310 [ 16.783636] kunit_try_run_case+0x1a5/0x480 [ 16.784278] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.784965] kthread+0x337/0x6f0 [ 16.785484] ret_from_fork+0x116/0x1d0 [ 16.786186] ret_from_fork_asm+0x1a/0x30 [ 16.786671] [ 16.786871] The buggy address belongs to the object at ffff888103349180 [ 16.786871] which belongs to the cache kmalloc-64 of size 64 [ 16.787556] The buggy address is located 0 bytes to the right of [ 16.787556] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 16.789045] [ 16.789337] The buggy address belongs to the physical page: [ 16.790106] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 16.791198] flags: 0x200000000000000(node=0|zone=2) [ 16.791684] page_type: f5(slab) [ 16.791865] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.792851] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.793463] page dumped because: kasan: bad access detected [ 16.793694] [ 16.793787] Memory state around the buggy address: [ 16.794004] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.795055] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.795662] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.796424] ^ [ 16.796620] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.797293] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.798152] ================================================================== [ 17.574668] ================================================================== [ 17.575356] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 17.575701] Write of size 8 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 17.576211] [ 17.576357] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.576427] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.576445] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.576486] Call Trace: [ 17.576511] <TASK> [ 17.576533] dump_stack_lvl+0x73/0xb0 [ 17.576569] print_report+0xd1/0x650 [ 17.576597] ? __virt_addr_valid+0x1db/0x2d0 [ 17.576627] ? kasan_atomics_helper+0x177f/0x5450 [ 17.576665] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.576693] ? kasan_atomics_helper+0x177f/0x5450 [ 17.576722] kasan_report+0x141/0x180 [ 17.576750] ? kasan_atomics_helper+0x177f/0x5450 [ 17.576791] kasan_check_range+0x10c/0x1c0 [ 17.576832] __kasan_check_write+0x18/0x20 [ 17.576856] kasan_atomics_helper+0x177f/0x5450 [ 17.576883] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.576925] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.576956] ? kasan_atomics+0x152/0x310 [ 17.576990] kasan_atomics+0x1dc/0x310 [ 17.577019] ? __pfx_kasan_atomics+0x10/0x10 [ 17.577049] ? __pfx_read_tsc+0x10/0x10 [ 17.577076] ? ktime_get_ts64+0x86/0x230 [ 17.577106] kunit_try_run_case+0x1a5/0x480 [ 17.577137] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.577163] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.577204] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.577233] ? __kthread_parkme+0x82/0x180 [ 17.577258] ? preempt_count_sub+0x50/0x80 [ 17.577301] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.577331] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.577359] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.577398] kthread+0x337/0x6f0 [ 17.577423] ? trace_preempt_on+0x20/0xc0 [ 17.577467] ? __pfx_kthread+0x10/0x10 [ 17.577492] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.577519] ? calculate_sigpending+0x7b/0xa0 [ 17.577561] ? __pfx_kthread+0x10/0x10 [ 17.577588] ret_from_fork+0x116/0x1d0 [ 17.577611] ? __pfx_kthread+0x10/0x10 [ 17.577638] ret_from_fork_asm+0x1a/0x30 [ 17.577687] </TASK> [ 17.577702] [ 17.587075] Allocated by task 283: [ 17.587336] kasan_save_stack+0x45/0x70 [ 17.587564] kasan_save_track+0x18/0x40 [ 17.588566] kasan_save_alloc_info+0x3b/0x50 [ 17.589249] __kasan_kmalloc+0xb7/0xc0 [ 17.589429] __kmalloc_cache_noprof+0x189/0x420 [ 17.589624] kasan_atomics+0x95/0x310 [ 17.589801] kunit_try_run_case+0x1a5/0x480 [ 17.589979] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.590190] kthread+0x337/0x6f0 [ 17.590338] ret_from_fork+0x116/0x1d0 [ 17.590505] ret_from_fork_asm+0x1a/0x30 [ 17.590965] [ 17.591158] The buggy address belongs to the object at ffff888103349180 [ 17.591158] which belongs to the cache kmalloc-64 of size 64 [ 17.592707] The buggy address is located 0 bytes to the right of [ 17.592707] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 17.594193] [ 17.594413] The buggy address belongs to the physical page: [ 17.595076] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 17.595948] flags: 0x200000000000000(node=0|zone=2) [ 17.596506] page_type: f5(slab) [ 17.596904] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.597693] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.598590] page dumped because: kasan: bad access detected [ 17.599236] [ 17.599424] Memory state around the buggy address: [ 17.599971] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.600522] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.600819] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.601561] ^ [ 17.602153] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.602933] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.603686] ================================================================== [ 17.000358] ================================================================== [ 17.000806] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 17.001377] Write of size 4 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 17.001829] [ 17.001948] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.002081] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.002103] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.002147] Call Trace: [ 17.002171] <TASK> [ 17.002193] dump_stack_lvl+0x73/0xb0 [ 17.002230] print_report+0xd1/0x650 [ 17.002259] ? __virt_addr_valid+0x1db/0x2d0 [ 17.002288] ? kasan_atomics_helper+0xd47/0x5450 [ 17.002315] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.002344] ? kasan_atomics_helper+0xd47/0x5450 [ 17.002371] kasan_report+0x141/0x180 [ 17.002399] ? kasan_atomics_helper+0xd47/0x5450 [ 17.002439] kasan_check_range+0x10c/0x1c0 [ 17.002511] __kasan_check_write+0x18/0x20 [ 17.002537] kasan_atomics_helper+0xd47/0x5450 [ 17.002593] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.002622] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.002678] ? kasan_atomics+0x152/0x310 [ 17.002711] kasan_atomics+0x1dc/0x310 [ 17.002740] ? __pfx_kasan_atomics+0x10/0x10 [ 17.002783] ? __pfx_read_tsc+0x10/0x10 [ 17.002858] ? ktime_get_ts64+0x86/0x230 [ 17.002919] kunit_try_run_case+0x1a5/0x480 [ 17.002952] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.003010] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.003041] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.003101] ? __kthread_parkme+0x82/0x180 [ 17.003128] ? preempt_count_sub+0x50/0x80 [ 17.003171] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.003200] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.003229] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.003258] kthread+0x337/0x6f0 [ 17.003284] ? trace_preempt_on+0x20/0xc0 [ 17.003313] ? __pfx_kthread+0x10/0x10 [ 17.003339] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.003366] ? calculate_sigpending+0x7b/0xa0 [ 17.003397] ? __pfx_kthread+0x10/0x10 [ 17.003424] ret_from_fork+0x116/0x1d0 [ 17.003448] ? __pfx_kthread+0x10/0x10 [ 17.003474] ret_from_fork_asm+0x1a/0x30 [ 17.003512] </TASK> [ 17.003527] [ 17.014531] Allocated by task 283: [ 17.014733] kasan_save_stack+0x45/0x70 [ 17.015028] kasan_save_track+0x18/0x40 [ 17.015377] kasan_save_alloc_info+0x3b/0x50 [ 17.015664] __kasan_kmalloc+0xb7/0xc0 [ 17.015962] __kmalloc_cache_noprof+0x189/0x420 [ 17.016478] kasan_atomics+0x95/0x310 [ 17.017349] kunit_try_run_case+0x1a5/0x480 [ 17.018153] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.018636] kthread+0x337/0x6f0 [ 17.019354] ret_from_fork+0x116/0x1d0 [ 17.019761] ret_from_fork_asm+0x1a/0x30 [ 17.020275] [ 17.020723] The buggy address belongs to the object at ffff888103349180 [ 17.020723] which belongs to the cache kmalloc-64 of size 64 [ 17.022120] The buggy address is located 0 bytes to the right of [ 17.022120] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 17.023912] [ 17.024079] The buggy address belongs to the physical page: [ 17.024606] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 17.025105] flags: 0x200000000000000(node=0|zone=2) [ 17.025382] page_type: f5(slab) [ 17.025577] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.026678] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.027639] page dumped because: kasan: bad access detected [ 17.028208] [ 17.028336] Memory state around the buggy address: [ 17.028597] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.029217] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.029582] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.030677] ^ [ 17.031611] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.032348] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.032721] ================================================================== [ 17.604586] ================================================================== [ 17.605395] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 17.605878] Write of size 8 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 17.606821] [ 17.606962] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.607023] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.607041] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.607071] Call Trace: [ 17.607097] <TASK> [ 17.607122] dump_stack_lvl+0x73/0xb0 [ 17.607162] print_report+0xd1/0x650 [ 17.607190] ? __virt_addr_valid+0x1db/0x2d0 [ 17.607220] ? kasan_atomics_helper+0x1818/0x5450 [ 17.607249] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.607278] ? kasan_atomics_helper+0x1818/0x5450 [ 17.607305] kasan_report+0x141/0x180 [ 17.607333] ? kasan_atomics_helper+0x1818/0x5450 [ 17.607366] kasan_check_range+0x10c/0x1c0 [ 17.607395] __kasan_check_write+0x18/0x20 [ 17.607420] kasan_atomics_helper+0x1818/0x5450 [ 17.607449] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.607476] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.607508] ? kasan_atomics+0x152/0x310 [ 17.607541] kasan_atomics+0x1dc/0x310 [ 17.607570] ? __pfx_kasan_atomics+0x10/0x10 [ 17.607600] ? __pfx_read_tsc+0x10/0x10 [ 17.607625] ? ktime_get_ts64+0x86/0x230 [ 17.607790] kunit_try_run_case+0x1a5/0x480 [ 17.607829] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.607858] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.607888] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.607930] ? __kthread_parkme+0x82/0x180 [ 17.607969] ? preempt_count_sub+0x50/0x80 [ 17.607998] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.608042] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.608070] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.608099] kthread+0x337/0x6f0 [ 17.608124] ? trace_preempt_on+0x20/0xc0 [ 17.608153] ? __pfx_kthread+0x10/0x10 [ 17.608180] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.608207] ? calculate_sigpending+0x7b/0xa0 [ 17.608236] ? __pfx_kthread+0x10/0x10 [ 17.608263] ret_from_fork+0x116/0x1d0 [ 17.608286] ? __pfx_kthread+0x10/0x10 [ 17.608312] ret_from_fork_asm+0x1a/0x30 [ 17.608351] </TASK> [ 17.608367] [ 17.621823] Allocated by task 283: [ 17.622066] kasan_save_stack+0x45/0x70 [ 17.622316] kasan_save_track+0x18/0x40 [ 17.622485] kasan_save_alloc_info+0x3b/0x50 [ 17.622687] __kasan_kmalloc+0xb7/0xc0 [ 17.623034] __kmalloc_cache_noprof+0x189/0x420 [ 17.623305] kasan_atomics+0x95/0x310 [ 17.623540] kunit_try_run_case+0x1a5/0x480 [ 17.623872] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.624154] kthread+0x337/0x6f0 [ 17.624336] ret_from_fork+0x116/0x1d0 [ 17.624533] ret_from_fork_asm+0x1a/0x30 [ 17.624749] [ 17.624881] The buggy address belongs to the object at ffff888103349180 [ 17.624881] which belongs to the cache kmalloc-64 of size 64 [ 17.625465] The buggy address is located 0 bytes to the right of [ 17.625465] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 17.626129] [ 17.626222] The buggy address belongs to the physical page: [ 17.626440] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 17.627052] flags: 0x200000000000000(node=0|zone=2) [ 17.627313] page_type: f5(slab) [ 17.627518] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.627847] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.628211] page dumped because: kasan: bad access detected [ 17.628490] [ 17.628606] Memory state around the buggy address: [ 17.628914] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.629175] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.629435] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.629756] ^ [ 17.630026] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.630408] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.630791] ================================================================== [ 17.631524] ================================================================== [ 17.631887] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 17.632250] Write of size 8 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 17.632716] [ 17.632897] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.632953] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.632970] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.632999] Call Trace: [ 17.633022] <TASK> [ 17.633047] dump_stack_lvl+0x73/0xb0 [ 17.633082] print_report+0xd1/0x650 [ 17.633109] ? __virt_addr_valid+0x1db/0x2d0 [ 17.633139] ? kasan_atomics_helper+0x18b1/0x5450 [ 17.633166] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.633194] ? kasan_atomics_helper+0x18b1/0x5450 [ 17.633222] kasan_report+0x141/0x180 [ 17.633250] ? kasan_atomics_helper+0x18b1/0x5450 [ 17.633283] kasan_check_range+0x10c/0x1c0 [ 17.633313] __kasan_check_write+0x18/0x20 [ 17.633338] kasan_atomics_helper+0x18b1/0x5450 [ 17.633367] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.633394] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.633426] ? kasan_atomics+0x152/0x310 [ 17.633459] kasan_atomics+0x1dc/0x310 [ 17.633488] ? __pfx_kasan_atomics+0x10/0x10 [ 17.633518] ? __pfx_read_tsc+0x10/0x10 [ 17.633546] ? ktime_get_ts64+0x86/0x230 [ 17.633576] kunit_try_run_case+0x1a5/0x480 [ 17.633605] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.633633] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.633677] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.633705] ? __kthread_parkme+0x82/0x180 [ 17.633731] ? preempt_count_sub+0x50/0x80 [ 17.633761] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.633790] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.633819] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.633848] kthread+0x337/0x6f0 [ 17.633872] ? trace_preempt_on+0x20/0xc0 [ 17.633901] ? __pfx_kthread+0x10/0x10 [ 17.633927] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.633953] ? calculate_sigpending+0x7b/0xa0 [ 17.633984] ? __pfx_kthread+0x10/0x10 [ 17.634010] ret_from_fork+0x116/0x1d0 [ 17.634034] ? __pfx_kthread+0x10/0x10 [ 17.634060] ret_from_fork_asm+0x1a/0x30 [ 17.634098] </TASK> [ 17.634113] [ 17.642933] Allocated by task 283: [ 17.643165] kasan_save_stack+0x45/0x70 [ 17.643413] kasan_save_track+0x18/0x40 [ 17.643593] kasan_save_alloc_info+0x3b/0x50 [ 17.643805] __kasan_kmalloc+0xb7/0xc0 [ 17.644036] __kmalloc_cache_noprof+0x189/0x420 [ 17.644313] kasan_atomics+0x95/0x310 [ 17.644545] kunit_try_run_case+0x1a5/0x480 [ 17.644737] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.644952] kthread+0x337/0x6f0 [ 17.645100] ret_from_fork+0x116/0x1d0 [ 17.645509] ret_from_fork_asm+0x1a/0x30 [ 17.645755] [ 17.645976] The buggy address belongs to the object at ffff888103349180 [ 17.645976] which belongs to the cache kmalloc-64 of size 64 [ 17.646836] The buggy address is located 0 bytes to the right of [ 17.646836] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 17.647283] [ 17.647409] The buggy address belongs to the physical page: [ 17.647950] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 17.648380] flags: 0x200000000000000(node=0|zone=2) [ 17.648684] page_type: f5(slab) [ 17.648836] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.649117] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.649391] page dumped because: kasan: bad access detected [ 17.649600] [ 17.650579] Memory state around the buggy address: [ 17.651854] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.652761] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.653923] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.654195] ^ [ 17.654392] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.655019] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.656283] ================================================================== [ 17.907949] ================================================================== [ 17.908326] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 17.908914] Write of size 8 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 17.909339] [ 17.909455] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.909513] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.909531] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.909561] Call Trace: [ 17.909585] <TASK> [ 17.909612] dump_stack_lvl+0x73/0xb0 [ 17.909700] print_report+0xd1/0x650 [ 17.909729] ? __virt_addr_valid+0x1db/0x2d0 [ 17.909761] ? kasan_atomics_helper+0x1e12/0x5450 [ 17.909788] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.909817] ? kasan_atomics_helper+0x1e12/0x5450 [ 17.909844] kasan_report+0x141/0x180 [ 17.909873] ? kasan_atomics_helper+0x1e12/0x5450 [ 17.909905] kasan_check_range+0x10c/0x1c0 [ 17.909936] __kasan_check_write+0x18/0x20 [ 17.909981] kasan_atomics_helper+0x1e12/0x5450 [ 17.910011] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.910043] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.910077] ? kasan_atomics+0x152/0x310 [ 17.910114] kasan_atomics+0x1dc/0x310 [ 17.910142] ? __pfx_kasan_atomics+0x10/0x10 [ 17.910174] ? __pfx_read_tsc+0x10/0x10 [ 17.910202] ? ktime_get_ts64+0x86/0x230 [ 17.910233] kunit_try_run_case+0x1a5/0x480 [ 17.910264] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.910294] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.910325] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.910355] ? __kthread_parkme+0x82/0x180 [ 17.910382] ? preempt_count_sub+0x50/0x80 [ 17.910413] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.910448] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.910478] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.910507] kthread+0x337/0x6f0 [ 17.910533] ? trace_preempt_on+0x20/0xc0 [ 17.910584] ? __pfx_kthread+0x10/0x10 [ 17.910610] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.910638] ? calculate_sigpending+0x7b/0xa0 [ 17.910678] ? __pfx_kthread+0x10/0x10 [ 17.910707] ret_from_fork+0x116/0x1d0 [ 17.910730] ? __pfx_kthread+0x10/0x10 [ 17.910756] ret_from_fork_asm+0x1a/0x30 [ 17.910794] </TASK> [ 17.910810] [ 17.920261] Allocated by task 283: [ 17.920700] kasan_save_stack+0x45/0x70 [ 17.920885] kasan_save_track+0x18/0x40 [ 17.921055] kasan_save_alloc_info+0x3b/0x50 [ 17.921596] __kasan_kmalloc+0xb7/0xc0 [ 17.921857] __kmalloc_cache_noprof+0x189/0x420 [ 17.922139] kasan_atomics+0x95/0x310 [ 17.922310] kunit_try_run_case+0x1a5/0x480 [ 17.922500] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.922849] kthread+0x337/0x6f0 [ 17.923060] ret_from_fork+0x116/0x1d0 [ 17.923289] ret_from_fork_asm+0x1a/0x30 [ 17.923534] [ 17.923667] The buggy address belongs to the object at ffff888103349180 [ 17.923667] which belongs to the cache kmalloc-64 of size 64 [ 17.924244] The buggy address is located 0 bytes to the right of [ 17.924244] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 17.924790] [ 17.924913] The buggy address belongs to the physical page: [ 17.925255] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 17.925709] flags: 0x200000000000000(node=0|zone=2) [ 17.926021] page_type: f5(slab) [ 17.926235] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.926607] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.926980] page dumped because: kasan: bad access detected [ 17.927500] [ 17.927599] Memory state around the buggy address: [ 17.927851] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.928118] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.928609] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.929069] ^ [ 17.929537] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.930033] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.930438] ================================================================== [ 16.465348] ================================================================== [ 16.465769] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 16.466197] Write of size 4 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 16.466519] [ 16.466632] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.466700] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.466716] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.466746] Call Trace: [ 16.466770] <TASK> [ 16.467013] dump_stack_lvl+0x73/0xb0 [ 16.467066] print_report+0xd1/0x650 [ 16.467096] ? __virt_addr_valid+0x1db/0x2d0 [ 16.467128] ? kasan_atomics_helper+0x4b6e/0x5450 [ 16.467154] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.467183] ? kasan_atomics_helper+0x4b6e/0x5450 [ 16.467212] kasan_report+0x141/0x180 [ 16.467240] ? kasan_atomics_helper+0x4b6e/0x5450 [ 16.467275] __asan_report_store4_noabort+0x1b/0x30 [ 16.467302] kasan_atomics_helper+0x4b6e/0x5450 [ 16.467331] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.467358] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.467390] ? kasan_atomics+0x152/0x310 [ 16.467424] kasan_atomics+0x1dc/0x310 [ 16.467453] ? __pfx_kasan_atomics+0x10/0x10 [ 16.467483] ? __pfx_read_tsc+0x10/0x10 [ 16.467510] ? ktime_get_ts64+0x86/0x230 [ 16.467541] kunit_try_run_case+0x1a5/0x480 [ 16.467571] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.467599] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.467629] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.467676] ? __kthread_parkme+0x82/0x180 [ 16.467701] ? preempt_count_sub+0x50/0x80 [ 16.467731] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.467762] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.467858] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.467891] kthread+0x337/0x6f0 [ 16.467917] ? trace_preempt_on+0x20/0xc0 [ 16.467947] ? __pfx_kthread+0x10/0x10 [ 16.467974] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.468001] ? calculate_sigpending+0x7b/0xa0 [ 16.468032] ? __pfx_kthread+0x10/0x10 [ 16.468059] ret_from_fork+0x116/0x1d0 [ 16.468084] ? __pfx_kthread+0x10/0x10 [ 16.468111] ret_from_fork_asm+0x1a/0x30 [ 16.468150] </TASK> [ 16.468167] [ 16.477991] Allocated by task 283: [ 16.478233] kasan_save_stack+0x45/0x70 [ 16.478492] kasan_save_track+0x18/0x40 [ 16.478756] kasan_save_alloc_info+0x3b/0x50 [ 16.479013] __kasan_kmalloc+0xb7/0xc0 [ 16.479241] __kmalloc_cache_noprof+0x189/0x420 [ 16.479434] kasan_atomics+0x95/0x310 [ 16.479632] kunit_try_run_case+0x1a5/0x480 [ 16.480034] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.480338] kthread+0x337/0x6f0 [ 16.480520] ret_from_fork+0x116/0x1d0 [ 16.480700] ret_from_fork_asm+0x1a/0x30 [ 16.481114] [ 16.481242] The buggy address belongs to the object at ffff888103349180 [ 16.481242] which belongs to the cache kmalloc-64 of size 64 [ 16.481760] The buggy address is located 0 bytes to the right of [ 16.481760] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 16.482230] [ 16.482348] The buggy address belongs to the physical page: [ 16.482924] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 16.483322] flags: 0x200000000000000(node=0|zone=2) [ 16.483529] page_type: f5(slab) [ 16.483694] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.484389] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.484889] page dumped because: kasan: bad access detected [ 16.485171] [ 16.485267] Memory state around the buggy address: [ 16.485501] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.486155] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.486437] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.486756] ^ [ 16.487072] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.487467] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.488085] ================================================================== [ 17.963821] ================================================================== [ 17.964303] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 17.964687] Write of size 8 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 17.965029] [ 17.965171] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.965229] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.965246] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.965274] Call Trace: [ 17.965299] <TASK> [ 17.965322] dump_stack_lvl+0x73/0xb0 [ 17.965358] print_report+0xd1/0x650 [ 17.965386] ? __virt_addr_valid+0x1db/0x2d0 [ 17.965415] ? kasan_atomics_helper+0x1f43/0x5450 [ 17.965441] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.965470] ? kasan_atomics_helper+0x1f43/0x5450 [ 17.965497] kasan_report+0x141/0x180 [ 17.965525] ? kasan_atomics_helper+0x1f43/0x5450 [ 17.965558] kasan_check_range+0x10c/0x1c0 [ 17.965587] __kasan_check_write+0x18/0x20 [ 17.965612] kasan_atomics_helper+0x1f43/0x5450 [ 17.965640] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.965681] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.965712] ? kasan_atomics+0x152/0x310 [ 17.965746] kasan_atomics+0x1dc/0x310 [ 17.965787] ? __pfx_kasan_atomics+0x10/0x10 [ 17.965817] ? __pfx_read_tsc+0x10/0x10 [ 17.965843] ? ktime_get_ts64+0x86/0x230 [ 17.965874] kunit_try_run_case+0x1a5/0x480 [ 17.965904] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.965932] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.965962] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.965991] ? __kthread_parkme+0x82/0x180 [ 17.966018] ? preempt_count_sub+0x50/0x80 [ 17.966048] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.966078] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.966106] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.966137] kthread+0x337/0x6f0 [ 17.966162] ? trace_preempt_on+0x20/0xc0 [ 17.966192] ? __pfx_kthread+0x10/0x10 [ 17.966218] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.966244] ? calculate_sigpending+0x7b/0xa0 [ 17.966274] ? __pfx_kthread+0x10/0x10 [ 17.966301] ret_from_fork+0x116/0x1d0 [ 17.966325] ? __pfx_kthread+0x10/0x10 [ 17.966351] ret_from_fork_asm+0x1a/0x30 [ 17.966389] </TASK> [ 17.966404] [ 17.975120] Allocated by task 283: [ 17.975279] kasan_save_stack+0x45/0x70 [ 17.975524] kasan_save_track+0x18/0x40 [ 17.975773] kasan_save_alloc_info+0x3b/0x50 [ 17.976043] __kasan_kmalloc+0xb7/0xc0 [ 17.976441] __kmalloc_cache_noprof+0x189/0x420 [ 17.976685] kasan_atomics+0x95/0x310 [ 17.976864] kunit_try_run_case+0x1a5/0x480 [ 17.977158] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.977468] kthread+0x337/0x6f0 [ 17.977639] ret_from_fork+0x116/0x1d0 [ 17.977877] ret_from_fork_asm+0x1a/0x30 [ 17.978097] [ 17.978217] The buggy address belongs to the object at ffff888103349180 [ 17.978217] which belongs to the cache kmalloc-64 of size 64 [ 17.978777] The buggy address is located 0 bytes to the right of [ 17.978777] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 17.979380] [ 17.979473] The buggy address belongs to the physical page: [ 17.979758] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 17.980468] flags: 0x200000000000000(node=0|zone=2) [ 17.980760] page_type: f5(slab) [ 17.980949] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.981231] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.981539] page dumped because: kasan: bad access detected [ 17.981875] [ 17.981983] Memory state around the buggy address: [ 17.982252] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.982587] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.983024] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.983358] ^ [ 17.983574] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.983851] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.984111] ================================================================== [ 17.694555] ================================================================== [ 17.695361] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 17.695877] Write of size 8 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 17.696795] [ 17.697036] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.697095] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.697114] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.697143] Call Trace: [ 17.697168] <TASK> [ 17.697193] dump_stack_lvl+0x73/0xb0 [ 17.697231] print_report+0xd1/0x650 [ 17.697260] ? __virt_addr_valid+0x1db/0x2d0 [ 17.697291] ? kasan_atomics_helper+0x19e3/0x5450 [ 17.697331] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.697359] ? kasan_atomics_helper+0x19e3/0x5450 [ 17.697388] kasan_report+0x141/0x180 [ 17.697439] ? kasan_atomics_helper+0x19e3/0x5450 [ 17.697473] kasan_check_range+0x10c/0x1c0 [ 17.697516] __kasan_check_write+0x18/0x20 [ 17.697541] kasan_atomics_helper+0x19e3/0x5450 [ 17.697570] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.697598] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.697630] ? kasan_atomics+0x152/0x310 [ 17.697676] kasan_atomics+0x1dc/0x310 [ 17.697705] ? __pfx_kasan_atomics+0x10/0x10 [ 17.697736] ? __pfx_read_tsc+0x10/0x10 [ 17.697762] ? ktime_get_ts64+0x86/0x230 [ 17.697806] kunit_try_run_case+0x1a5/0x480 [ 17.697837] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.697869] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.697901] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.697929] ? __kthread_parkme+0x82/0x180 [ 17.697955] ? preempt_count_sub+0x50/0x80 [ 17.697984] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.698015] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.698043] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.698072] kthread+0x337/0x6f0 [ 17.698098] ? trace_preempt_on+0x20/0xc0 [ 17.698129] ? __pfx_kthread+0x10/0x10 [ 17.698157] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.698183] ? calculate_sigpending+0x7b/0xa0 [ 17.698213] ? __pfx_kthread+0x10/0x10 [ 17.698239] ret_from_fork+0x116/0x1d0 [ 17.698263] ? __pfx_kthread+0x10/0x10 [ 17.698288] ret_from_fork_asm+0x1a/0x30 [ 17.698327] </TASK> [ 17.698342] [ 17.711781] Allocated by task 283: [ 17.712014] kasan_save_stack+0x45/0x70 [ 17.712270] kasan_save_track+0x18/0x40 [ 17.712482] kasan_save_alloc_info+0x3b/0x50 [ 17.712759] __kasan_kmalloc+0xb7/0xc0 [ 17.713030] __kmalloc_cache_noprof+0x189/0x420 [ 17.713361] kasan_atomics+0x95/0x310 [ 17.713589] kunit_try_run_case+0x1a5/0x480 [ 17.713858] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.714180] kthread+0x337/0x6f0 [ 17.714328] ret_from_fork+0x116/0x1d0 [ 17.714494] ret_from_fork_asm+0x1a/0x30 [ 17.714750] [ 17.714932] The buggy address belongs to the object at ffff888103349180 [ 17.714932] which belongs to the cache kmalloc-64 of size 64 [ 17.715417] The buggy address is located 0 bytes to the right of [ 17.715417] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 17.716292] [ 17.716387] The buggy address belongs to the physical page: [ 17.716601] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 17.717384] flags: 0x200000000000000(node=0|zone=2) [ 17.717694] page_type: f5(slab) [ 17.717954] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.718364] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.718753] page dumped because: kasan: bad access detected [ 17.719104] [ 17.719207] Memory state around the buggy address: [ 17.719409] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.719869] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.720413] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.720733] ^ [ 17.721178] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.721535] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.721975] ================================================================== [ 18.180256] ================================================================== [ 18.181151] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 18.182085] Write of size 8 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 18.182978] [ 18.183215] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 18.183298] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.183317] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.183347] Call Trace: [ 18.183384] <TASK> [ 18.183410] dump_stack_lvl+0x73/0xb0 [ 18.183447] print_report+0xd1/0x650 [ 18.183477] ? __virt_addr_valid+0x1db/0x2d0 [ 18.183507] ? kasan_atomics_helper+0x224c/0x5450 [ 18.183534] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.183563] ? kasan_atomics_helper+0x224c/0x5450 [ 18.183589] kasan_report+0x141/0x180 [ 18.183618] ? kasan_atomics_helper+0x224c/0x5450 [ 18.183664] kasan_check_range+0x10c/0x1c0 [ 18.183695] __kasan_check_write+0x18/0x20 [ 18.183720] kasan_atomics_helper+0x224c/0x5450 [ 18.183750] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.183802] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.183835] ? kasan_atomics+0x152/0x310 [ 18.183869] kasan_atomics+0x1dc/0x310 [ 18.183898] ? __pfx_kasan_atomics+0x10/0x10 [ 18.183930] ? __pfx_read_tsc+0x10/0x10 [ 18.183957] ? ktime_get_ts64+0x86/0x230 [ 18.183989] kunit_try_run_case+0x1a5/0x480 [ 18.184024] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.184053] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.184083] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.184113] ? __kthread_parkme+0x82/0x180 [ 18.184140] ? preempt_count_sub+0x50/0x80 [ 18.184172] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.184202] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.184231] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.184261] kthread+0x337/0x6f0 [ 18.184285] ? trace_preempt_on+0x20/0xc0 [ 18.184316] ? __pfx_kthread+0x10/0x10 [ 18.184344] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.184372] ? calculate_sigpending+0x7b/0xa0 [ 18.184403] ? __pfx_kthread+0x10/0x10 [ 18.184430] ret_from_fork+0x116/0x1d0 [ 18.184454] ? __pfx_kthread+0x10/0x10 [ 18.184480] ret_from_fork_asm+0x1a/0x30 [ 18.184521] </TASK> [ 18.184536] [ 18.197570] Allocated by task 283: [ 18.197873] kasan_save_stack+0x45/0x70 [ 18.198144] kasan_save_track+0x18/0x40 [ 18.198345] kasan_save_alloc_info+0x3b/0x50 [ 18.198535] __kasan_kmalloc+0xb7/0xc0 [ 18.198836] __kmalloc_cache_noprof+0x189/0x420 [ 18.199111] kasan_atomics+0x95/0x310 [ 18.199367] kunit_try_run_case+0x1a5/0x480 [ 18.199582] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.200036] kthread+0x337/0x6f0 [ 18.200229] ret_from_fork+0x116/0x1d0 [ 18.200468] ret_from_fork_asm+0x1a/0x30 [ 18.200717] [ 18.200892] The buggy address belongs to the object at ffff888103349180 [ 18.200892] which belongs to the cache kmalloc-64 of size 64 [ 18.201494] The buggy address is located 0 bytes to the right of [ 18.201494] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 18.201954] [ 18.202145] The buggy address belongs to the physical page: [ 18.202461] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 18.203055] flags: 0x200000000000000(node=0|zone=2) [ 18.203285] page_type: f5(slab) [ 18.203520] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.203969] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.204383] page dumped because: kasan: bad access detected [ 18.204594] [ 18.204696] Memory state around the buggy address: [ 18.205048] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.205440] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.205900] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.206273] ^ [ 18.206470] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.206823] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.207243] ================================================================== [ 18.065635] ================================================================== [ 18.066150] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 18.066561] Write of size 8 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 18.067179] [ 18.067349] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 18.067453] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.067513] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.067543] Call Trace: [ 18.067568] <TASK> [ 18.067605] dump_stack_lvl+0x73/0xb0 [ 18.067655] print_report+0xd1/0x650 [ 18.067684] ? __virt_addr_valid+0x1db/0x2d0 [ 18.067715] ? kasan_atomics_helper+0x20c8/0x5450 [ 18.067744] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.067784] ? kasan_atomics_helper+0x20c8/0x5450 [ 18.067814] kasan_report+0x141/0x180 [ 18.067843] ? kasan_atomics_helper+0x20c8/0x5450 [ 18.067912] kasan_check_range+0x10c/0x1c0 [ 18.067972] __kasan_check_write+0x18/0x20 [ 18.067997] kasan_atomics_helper+0x20c8/0x5450 [ 18.068059] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.068088] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.068131] ? kasan_atomics+0x152/0x310 [ 18.068166] kasan_atomics+0x1dc/0x310 [ 18.068194] ? __pfx_kasan_atomics+0x10/0x10 [ 18.068225] ? __pfx_read_tsc+0x10/0x10 [ 18.068253] ? ktime_get_ts64+0x86/0x230 [ 18.068284] kunit_try_run_case+0x1a5/0x480 [ 18.068315] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.068343] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.068374] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.068435] ? __kthread_parkme+0x82/0x180 [ 18.068461] ? preempt_count_sub+0x50/0x80 [ 18.068492] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.068534] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.068565] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.068623] kthread+0x337/0x6f0 [ 18.068668] ? trace_preempt_on+0x20/0xc0 [ 18.068700] ? __pfx_kthread+0x10/0x10 [ 18.068725] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.068752] ? calculate_sigpending+0x7b/0xa0 [ 18.068814] ? __pfx_kthread+0x10/0x10 [ 18.068843] ret_from_fork+0x116/0x1d0 [ 18.068895] ? __pfx_kthread+0x10/0x10 [ 18.068923] ret_from_fork_asm+0x1a/0x30 [ 18.068962] </TASK> [ 18.068977] [ 18.079320] Allocated by task 283: [ 18.079586] kasan_save_stack+0x45/0x70 [ 18.079868] kasan_save_track+0x18/0x40 [ 18.080164] kasan_save_alloc_info+0x3b/0x50 [ 18.080448] __kasan_kmalloc+0xb7/0xc0 [ 18.080721] __kmalloc_cache_noprof+0x189/0x420 [ 18.081055] kasan_atomics+0x95/0x310 [ 18.081282] kunit_try_run_case+0x1a5/0x480 [ 18.081500] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.081773] kthread+0x337/0x6f0 [ 18.082140] ret_from_fork+0x116/0x1d0 [ 18.082346] ret_from_fork_asm+0x1a/0x30 [ 18.082603] [ 18.082762] The buggy address belongs to the object at ffff888103349180 [ 18.082762] which belongs to the cache kmalloc-64 of size 64 [ 18.083380] The buggy address is located 0 bytes to the right of [ 18.083380] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 18.083822] [ 18.083943] The buggy address belongs to the physical page: [ 18.084245] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 18.084722] flags: 0x200000000000000(node=0|zone=2) [ 18.085208] page_type: f5(slab) [ 18.085385] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.086500] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.087344] page dumped because: kasan: bad access detected [ 18.087985] [ 18.088128] Memory state around the buggy address: [ 18.088393] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.089025] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.089543] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.090195] ^ [ 18.090472] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.091055] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.091837] ================================================================== [ 16.837025] ================================================================== [ 16.837608] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 16.838541] Write of size 4 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 16.838920] [ 16.839032] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.839092] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.839108] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.839137] Call Trace: [ 16.839163] <TASK> [ 16.839191] dump_stack_lvl+0x73/0xb0 [ 16.839228] print_report+0xd1/0x650 [ 16.839255] ? __virt_addr_valid+0x1db/0x2d0 [ 16.839284] ? kasan_atomics_helper+0x992/0x5450 [ 16.839312] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.839341] ? kasan_atomics_helper+0x992/0x5450 [ 16.839368] kasan_report+0x141/0x180 [ 16.839398] ? kasan_atomics_helper+0x992/0x5450 [ 16.839430] kasan_check_range+0x10c/0x1c0 [ 16.839460] __kasan_check_write+0x18/0x20 [ 16.839485] kasan_atomics_helper+0x992/0x5450 [ 16.839513] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.839540] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.839574] ? kasan_atomics+0x152/0x310 [ 16.839608] kasan_atomics+0x1dc/0x310 [ 16.839636] ? __pfx_kasan_atomics+0x10/0x10 [ 16.839682] ? __pfx_read_tsc+0x10/0x10 [ 16.839708] ? ktime_get_ts64+0x86/0x230 [ 16.839739] kunit_try_run_case+0x1a5/0x480 [ 16.839784] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.839836] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.839867] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.839896] ? __kthread_parkme+0x82/0x180 [ 16.839922] ? preempt_count_sub+0x50/0x80 [ 16.839953] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.839983] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.840011] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.840040] kthread+0x337/0x6f0 [ 16.840064] ? trace_preempt_on+0x20/0xc0 [ 16.840094] ? __pfx_kthread+0x10/0x10 [ 16.840119] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.840146] ? calculate_sigpending+0x7b/0xa0 [ 16.840177] ? __pfx_kthread+0x10/0x10 [ 16.840204] ret_from_fork+0x116/0x1d0 [ 16.840228] ? __pfx_kthread+0x10/0x10 [ 16.840253] ret_from_fork_asm+0x1a/0x30 [ 16.840293] </TASK> [ 16.840308] [ 16.856493] Allocated by task 283: [ 16.856697] kasan_save_stack+0x45/0x70 [ 16.856932] kasan_save_track+0x18/0x40 [ 16.857348] kasan_save_alloc_info+0x3b/0x50 [ 16.857817] __kasan_kmalloc+0xb7/0xc0 [ 16.858276] __kmalloc_cache_noprof+0x189/0x420 [ 16.858799] kasan_atomics+0x95/0x310 [ 16.859445] kunit_try_run_case+0x1a5/0x480 [ 16.860021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.860616] kthread+0x337/0x6f0 [ 16.861083] ret_from_fork+0x116/0x1d0 [ 16.861410] ret_from_fork_asm+0x1a/0x30 [ 16.861586] [ 16.861693] The buggy address belongs to the object at ffff888103349180 [ 16.861693] which belongs to the cache kmalloc-64 of size 64 [ 16.862294] The buggy address is located 0 bytes to the right of [ 16.862294] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 16.863078] [ 16.863207] The buggy address belongs to the physical page: [ 16.863481] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 16.863845] flags: 0x200000000000000(node=0|zone=2) [ 16.864136] page_type: f5(slab) [ 16.864402] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.864730] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.865143] page dumped because: kasan: bad access detected [ 16.865506] [ 16.866088] Memory state around the buggy address: [ 16.866344] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.866713] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.867168] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.867737] ^ [ 16.868117] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.868418] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.868807] ================================================================== [ 18.113592] ================================================================== [ 18.114275] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 18.114687] Write of size 8 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 18.114962] [ 18.115071] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 18.115126] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.115143] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.115171] Call Trace: [ 18.115193] <TASK> [ 18.115215] dump_stack_lvl+0x73/0xb0 [ 18.115248] print_report+0xd1/0x650 [ 18.115276] ? __virt_addr_valid+0x1db/0x2d0 [ 18.115306] ? kasan_atomics_helper+0x218a/0x5450 [ 18.115332] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.115360] ? kasan_atomics_helper+0x218a/0x5450 [ 18.115401] kasan_report+0x141/0x180 [ 18.115428] ? kasan_atomics_helper+0x218a/0x5450 [ 18.115462] kasan_check_range+0x10c/0x1c0 [ 18.115492] __kasan_check_write+0x18/0x20 [ 18.115550] kasan_atomics_helper+0x218a/0x5450 [ 18.115579] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.115607] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.115638] ? kasan_atomics+0x152/0x310 [ 18.115685] kasan_atomics+0x1dc/0x310 [ 18.115714] ? __pfx_kasan_atomics+0x10/0x10 [ 18.115744] ? __pfx_read_tsc+0x10/0x10 [ 18.115771] ? ktime_get_ts64+0x86/0x230 [ 18.115801] kunit_try_run_case+0x1a5/0x480 [ 18.115832] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.115859] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.115889] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.115918] ? __kthread_parkme+0x82/0x180 [ 18.115980] ? preempt_count_sub+0x50/0x80 [ 18.116011] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.116041] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.116069] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.116098] kthread+0x337/0x6f0 [ 18.116123] ? trace_preempt_on+0x20/0xc0 [ 18.116152] ? __pfx_kthread+0x10/0x10 [ 18.116178] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.116205] ? calculate_sigpending+0x7b/0xa0 [ 18.116234] ? __pfx_kthread+0x10/0x10 [ 18.116261] ret_from_fork+0x116/0x1d0 [ 18.116284] ? __pfx_kthread+0x10/0x10 [ 18.116311] ret_from_fork_asm+0x1a/0x30 [ 18.116348] </TASK> [ 18.116364] [ 18.129913] Allocated by task 283: [ 18.130164] kasan_save_stack+0x45/0x70 [ 18.130423] kasan_save_track+0x18/0x40 [ 18.130643] kasan_save_alloc_info+0x3b/0x50 [ 18.131343] __kasan_kmalloc+0xb7/0xc0 [ 18.131535] __kmalloc_cache_noprof+0x189/0x420 [ 18.131992] kasan_atomics+0x95/0x310 [ 18.132339] kunit_try_run_case+0x1a5/0x480 [ 18.132701] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.133165] kthread+0x337/0x6f0 [ 18.133334] ret_from_fork+0x116/0x1d0 [ 18.133720] ret_from_fork_asm+0x1a/0x30 [ 18.134560] [ 18.134691] The buggy address belongs to the object at ffff888103349180 [ 18.134691] which belongs to the cache kmalloc-64 of size 64 [ 18.135124] The buggy address is located 0 bytes to the right of [ 18.135124] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 18.135566] [ 18.135672] The buggy address belongs to the physical page: [ 18.135886] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 18.136183] flags: 0x200000000000000(node=0|zone=2) [ 18.136386] page_type: f5(slab) [ 18.137313] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.137617] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.137931] page dumped because: kasan: bad access detected [ 18.138151] [ 18.138241] Memory state around the buggy address: [ 18.138443] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.138883] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.139775] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.140472] ^ [ 18.141239] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.141996] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.142727] ================================================================== [ 16.408124] ================================================================== [ 16.409384] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 16.410214] Write of size 4 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 16.410742] [ 16.410922] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.410995] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.411011] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.411038] Call Trace: [ 16.411072] <TASK> [ 16.411093] dump_stack_lvl+0x73/0xb0 [ 16.411129] print_report+0xd1/0x650 [ 16.411157] ? __virt_addr_valid+0x1db/0x2d0 [ 16.411197] ? kasan_atomics_helper+0x4ba2/0x5450 [ 16.411222] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.411248] ? kasan_atomics_helper+0x4ba2/0x5450 [ 16.411285] kasan_report+0x141/0x180 [ 16.411311] ? kasan_atomics_helper+0x4ba2/0x5450 [ 16.411343] __asan_report_store4_noabort+0x1b/0x30 [ 16.411367] kasan_atomics_helper+0x4ba2/0x5450 [ 16.411393] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.411418] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.411448] ? kasan_atomics+0x152/0x310 [ 16.411479] kasan_atomics+0x1dc/0x310 [ 16.411506] ? __pfx_kasan_atomics+0x10/0x10 [ 16.411533] ? __pfx_read_tsc+0x10/0x10 [ 16.411559] ? ktime_get_ts64+0x86/0x230 [ 16.411587] kunit_try_run_case+0x1a5/0x480 [ 16.411616] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.411641] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.411680] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.411707] ? __kthread_parkme+0x82/0x180 [ 16.411730] ? preempt_count_sub+0x50/0x80 [ 16.411757] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.411785] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.411831] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.411857] kthread+0x337/0x6f0 [ 16.411881] ? trace_preempt_on+0x20/0xc0 [ 16.411908] ? __pfx_kthread+0x10/0x10 [ 16.411931] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.411956] ? calculate_sigpending+0x7b/0xa0 [ 16.411984] ? __pfx_kthread+0x10/0x10 [ 16.412008] ret_from_fork+0x116/0x1d0 [ 16.412029] ? __pfx_kthread+0x10/0x10 [ 16.412054] ret_from_fork_asm+0x1a/0x30 [ 16.412091] </TASK> [ 16.412104] [ 16.426961] Allocated by task 283: [ 16.427136] kasan_save_stack+0x45/0x70 [ 16.427321] kasan_save_track+0x18/0x40 [ 16.427491] kasan_save_alloc_info+0x3b/0x50 [ 16.427697] __kasan_kmalloc+0xb7/0xc0 [ 16.428066] __kmalloc_cache_noprof+0x189/0x420 [ 16.428315] kasan_atomics+0x95/0x310 [ 16.428479] kunit_try_run_case+0x1a5/0x480 [ 16.428672] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.428976] kthread+0x337/0x6f0 [ 16.429431] ret_from_fork+0x116/0x1d0 [ 16.429629] ret_from_fork_asm+0x1a/0x30 [ 16.429816] [ 16.429930] The buggy address belongs to the object at ffff888103349180 [ 16.429930] which belongs to the cache kmalloc-64 of size 64 [ 16.430574] The buggy address is located 0 bytes to the right of [ 16.430574] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 16.431244] [ 16.431338] The buggy address belongs to the physical page: [ 16.431606] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 16.432112] flags: 0x200000000000000(node=0|zone=2) [ 16.432391] page_type: f5(slab) [ 16.432599] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.432891] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.433435] page dumped because: kasan: bad access detected [ 16.433828] [ 16.433929] Memory state around the buggy address: [ 16.434233] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.434611] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.435058] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.435354] ^ [ 16.435619] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.435937] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.436301] ================================================================== [ 17.722730] ================================================================== [ 17.723154] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 17.723726] Write of size 8 at addr ffff8881033491b0 by task kunit_try_catch/283 [ 17.724006] [ 17.724164] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.724262] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.724279] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.724322] Call Trace: [ 17.724343] <TASK> [ 17.724364] dump_stack_lvl+0x73/0xb0 [ 17.724402] print_report+0xd1/0x650 [ 17.724433] ? __virt_addr_valid+0x1db/0x2d0 [ 17.724500] ? kasan_atomics_helper+0x1a7f/0x5450 [ 17.724530] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.724573] ? kasan_atomics_helper+0x1a7f/0x5450 [ 17.724601] kasan_report+0x141/0x180 [ 17.724630] ? kasan_atomics_helper+0x1a7f/0x5450 [ 17.724675] kasan_check_range+0x10c/0x1c0 [ 17.724705] __kasan_check_write+0x18/0x20 [ 17.724767] kasan_atomics_helper+0x1a7f/0x5450 [ 17.724797] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.724837] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.724869] ? kasan_atomics+0x152/0x310 [ 17.724904] kasan_atomics+0x1dc/0x310 [ 17.724933] ? __pfx_kasan_atomics+0x10/0x10 [ 17.724963] ? __pfx_read_tsc+0x10/0x10 [ 17.724991] ? ktime_get_ts64+0x86/0x230 [ 17.725034] kunit_try_run_case+0x1a5/0x480 [ 17.725066] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.725095] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.725162] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.725191] ? __kthread_parkme+0x82/0x180 [ 17.725229] ? preempt_count_sub+0x50/0x80 [ 17.725259] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.725287] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.725318] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.725352] kthread+0x337/0x6f0 [ 17.725377] ? trace_preempt_on+0x20/0xc0 [ 17.725407] ? __pfx_kthread+0x10/0x10 [ 17.725434] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.725461] ? calculate_sigpending+0x7b/0xa0 [ 17.725491] ? __pfx_kthread+0x10/0x10 [ 17.725518] ret_from_fork+0x116/0x1d0 [ 17.725542] ? __pfx_kthread+0x10/0x10 [ 17.725568] ret_from_fork_asm+0x1a/0x30 [ 17.725608] </TASK> [ 17.725623] [ 17.735281] Allocated by task 283: [ 17.735518] kasan_save_stack+0x45/0x70 [ 17.735830] kasan_save_track+0x18/0x40 [ 17.736084] kasan_save_alloc_info+0x3b/0x50 [ 17.736341] __kasan_kmalloc+0xb7/0xc0 [ 17.736579] __kmalloc_cache_noprof+0x189/0x420 [ 17.736791] kasan_atomics+0x95/0x310 [ 17.737039] kunit_try_run_case+0x1a5/0x480 [ 17.737350] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.737743] kthread+0x337/0x6f0 [ 17.737944] ret_from_fork+0x116/0x1d0 [ 17.738112] ret_from_fork_asm+0x1a/0x30 [ 17.738421] [ 17.738549] The buggy address belongs to the object at ffff888103349180 [ 17.738549] which belongs to the cache kmalloc-64 of size 64 [ 17.739263] The buggy address is located 0 bytes to the right of [ 17.739263] allocated 48-byte region [ffff888103349180, ffff8881033491b0) [ 17.739998] [ 17.740094] The buggy address belongs to the physical page: [ 17.740348] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103349 [ 17.740824] flags: 0x200000000000000(node=0|zone=2) [ 17.741054] page_type: f5(slab) [ 17.741206] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.741526] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.742202] page dumped because: kasan: bad access detected [ 17.742677] [ 17.742771] Memory state around the buggy address: [ 17.743112] ffff888103349080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.743447] ffff888103349100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.743788] >ffff888103349180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.744217] ^ [ 17.744513] ffff888103349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.745123] ffff888103349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.745431] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 16.284633] ================================================================== [ 16.286583] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 16.288068] Write of size 8 at addr ffff88810267b748 by task kunit_try_catch/279 [ 16.288356] [ 16.288470] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.288527] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.288544] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.288572] Call Trace: [ 16.288597] <TASK> [ 16.288622] dump_stack_lvl+0x73/0xb0 [ 16.289255] print_report+0xd1/0x650 [ 16.289292] ? __virt_addr_valid+0x1db/0x2d0 [ 16.289322] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 16.289355] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.289381] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 16.289414] kasan_report+0x141/0x180 [ 16.289440] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 16.289478] kasan_check_range+0x10c/0x1c0 [ 16.289505] __kasan_check_write+0x18/0x20 [ 16.289526] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 16.289558] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 16.289590] ? ret_from_fork_asm+0x1a/0x30 [ 16.289616] ? kthread+0x337/0x6f0 [ 16.289705] kasan_bitops_generic+0x121/0x1c0 [ 16.289737] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 16.289858] ? __pfx_read_tsc+0x10/0x10 [ 16.289888] ? ktime_get_ts64+0x86/0x230 [ 16.289919] kunit_try_run_case+0x1a5/0x480 [ 16.289948] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.289974] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.290002] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.290028] ? __kthread_parkme+0x82/0x180 [ 16.290053] ? preempt_count_sub+0x50/0x80 [ 16.290081] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.290107] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.290134] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.290160] kthread+0x337/0x6f0 [ 16.290183] ? trace_preempt_on+0x20/0xc0 [ 16.290211] ? __pfx_kthread+0x10/0x10 [ 16.290235] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.290258] ? calculate_sigpending+0x7b/0xa0 [ 16.290287] ? __pfx_kthread+0x10/0x10 [ 16.290311] ret_from_fork+0x116/0x1d0 [ 16.290333] ? __pfx_kthread+0x10/0x10 [ 16.290358] ret_from_fork_asm+0x1a/0x30 [ 16.290395] </TASK> [ 16.290411] [ 16.303056] Allocated by task 279: [ 16.303308] kasan_save_stack+0x45/0x70 [ 16.303699] kasan_save_track+0x18/0x40 [ 16.304182] kasan_save_alloc_info+0x3b/0x50 [ 16.304450] __kasan_kmalloc+0xb7/0xc0 [ 16.304722] __kmalloc_cache_noprof+0x189/0x420 [ 16.305248] kasan_bitops_generic+0x92/0x1c0 [ 16.305502] kunit_try_run_case+0x1a5/0x480 [ 16.305802] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.306017] kthread+0x337/0x6f0 [ 16.306158] ret_from_fork+0x116/0x1d0 [ 16.306362] ret_from_fork_asm+0x1a/0x30 [ 16.306841] [ 16.306966] The buggy address belongs to the object at ffff88810267b740 [ 16.306966] which belongs to the cache kmalloc-16 of size 16 [ 16.307628] The buggy address is located 8 bytes inside of [ 16.307628] allocated 9-byte region [ffff88810267b740, ffff88810267b749) [ 16.308402] [ 16.308525] The buggy address belongs to the physical page: [ 16.308952] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10267b [ 16.309418] flags: 0x200000000000000(node=0|zone=2) [ 16.309783] page_type: f5(slab) [ 16.310129] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.310619] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.311105] page dumped because: kasan: bad access detected [ 16.311313] [ 16.311397] Memory state around the buggy address: [ 16.311580] ffff88810267b600: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 16.312385] ffff88810267b680: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.312743] >ffff88810267b700: 00 05 fc fc 00 04 fc fc 00 01 fc fc fc fc fc fc [ 16.313031] ^ [ 16.313235] ffff88810267b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.313948] ffff88810267b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.314381] ================================================================== [ 16.179699] ================================================================== [ 16.180013] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 16.180596] Write of size 8 at addr ffff88810267b748 by task kunit_try_catch/279 [ 16.181366] [ 16.181505] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.181563] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.181577] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.181605] Call Trace: [ 16.181627] <TASK> [ 16.181666] dump_stack_lvl+0x73/0xb0 [ 16.181700] print_report+0xd1/0x650 [ 16.181727] ? __virt_addr_valid+0x1db/0x2d0 [ 16.181755] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 16.181883] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.181916] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 16.181948] kasan_report+0x141/0x180 [ 16.181976] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 16.182013] kasan_check_range+0x10c/0x1c0 [ 16.182041] __kasan_check_write+0x18/0x20 [ 16.182063] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 16.182095] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 16.182128] ? ret_from_fork_asm+0x1a/0x30 [ 16.182154] ? kthread+0x337/0x6f0 [ 16.182183] kasan_bitops_generic+0x121/0x1c0 [ 16.182210] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 16.182239] ? __pfx_read_tsc+0x10/0x10 [ 16.182264] ? ktime_get_ts64+0x86/0x230 [ 16.182293] kunit_try_run_case+0x1a5/0x480 [ 16.182323] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.182349] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.182376] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.182402] ? __kthread_parkme+0x82/0x180 [ 16.182433] ? preempt_count_sub+0x50/0x80 [ 16.182461] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.182489] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.182516] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.182543] kthread+0x337/0x6f0 [ 16.182566] ? trace_preempt_on+0x20/0xc0 [ 16.182593] ? __pfx_kthread+0x10/0x10 [ 16.182617] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.182641] ? calculate_sigpending+0x7b/0xa0 [ 16.182683] ? __pfx_kthread+0x10/0x10 [ 16.182708] ret_from_fork+0x116/0x1d0 [ 16.182730] ? __pfx_kthread+0x10/0x10 [ 16.182753] ret_from_fork_asm+0x1a/0x30 [ 16.182864] </TASK> [ 16.182880] [ 16.193969] Allocated by task 279: [ 16.194512] kasan_save_stack+0x45/0x70 [ 16.194823] kasan_save_track+0x18/0x40 [ 16.195192] kasan_save_alloc_info+0x3b/0x50 [ 16.195443] __kasan_kmalloc+0xb7/0xc0 [ 16.195607] __kmalloc_cache_noprof+0x189/0x420 [ 16.196068] kasan_bitops_generic+0x92/0x1c0 [ 16.196336] kunit_try_run_case+0x1a5/0x480 [ 16.196583] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.196855] kthread+0x337/0x6f0 [ 16.197079] ret_from_fork+0x116/0x1d0 [ 16.197433] ret_from_fork_asm+0x1a/0x30 [ 16.197610] [ 16.197716] The buggy address belongs to the object at ffff88810267b740 [ 16.197716] which belongs to the cache kmalloc-16 of size 16 [ 16.198413] The buggy address is located 8 bytes inside of [ 16.198413] allocated 9-byte region [ffff88810267b740, ffff88810267b749) [ 16.199420] [ 16.199591] The buggy address belongs to the physical page: [ 16.200119] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10267b [ 16.200450] flags: 0x200000000000000(node=0|zone=2) [ 16.200749] page_type: f5(slab) [ 16.201079] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.201428] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.201845] page dumped because: kasan: bad access detected [ 16.202129] [ 16.202217] Memory state around the buggy address: [ 16.202672] ffff88810267b600: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 16.203345] ffff88810267b680: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.203719] >ffff88810267b700: 00 05 fc fc 00 04 fc fc 00 01 fc fc fc fc fc fc [ 16.204348] ^ [ 16.204570] ffff88810267b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.205198] ffff88810267b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.205495] ================================================================== [ 16.315233] ================================================================== [ 16.315687] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 16.316210] Read of size 8 at addr ffff88810267b748 by task kunit_try_catch/279 [ 16.316632] [ 16.316888] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.316987] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.317003] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.317030] Call Trace: [ 16.317053] <TASK> [ 16.317078] dump_stack_lvl+0x73/0xb0 [ 16.317115] print_report+0xd1/0x650 [ 16.317141] ? __virt_addr_valid+0x1db/0x2d0 [ 16.317207] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 16.317266] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.317292] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 16.317326] kasan_report+0x141/0x180 [ 16.317351] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 16.317388] kasan_check_range+0x10c/0x1c0 [ 16.317417] __kasan_check_read+0x15/0x20 [ 16.317439] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 16.317510] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 16.317544] ? ret_from_fork_asm+0x1a/0x30 [ 16.317570] ? kthread+0x337/0x6f0 [ 16.317599] kasan_bitops_generic+0x121/0x1c0 [ 16.317626] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 16.317704] ? __pfx_read_tsc+0x10/0x10 [ 16.317730] ? ktime_get_ts64+0x86/0x230 [ 16.317779] kunit_try_run_case+0x1a5/0x480 [ 16.317829] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.317855] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.317883] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.317909] ? __kthread_parkme+0x82/0x180 [ 16.317971] ? preempt_count_sub+0x50/0x80 [ 16.318003] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.318031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.318059] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.318086] kthread+0x337/0x6f0 [ 16.318108] ? trace_preempt_on+0x20/0xc0 [ 16.318174] ? __pfx_kthread+0x10/0x10 [ 16.318197] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.318222] ? calculate_sigpending+0x7b/0xa0 [ 16.318250] ? __pfx_kthread+0x10/0x10 [ 16.318275] ret_from_fork+0x116/0x1d0 [ 16.318328] ? __pfx_kthread+0x10/0x10 [ 16.318353] ret_from_fork_asm+0x1a/0x30 [ 16.318389] </TASK> [ 16.318401] [ 16.329786] Allocated by task 279: [ 16.330002] kasan_save_stack+0x45/0x70 [ 16.330233] kasan_save_track+0x18/0x40 [ 16.330463] kasan_save_alloc_info+0x3b/0x50 [ 16.330902] __kasan_kmalloc+0xb7/0xc0 [ 16.331137] __kmalloc_cache_noprof+0x189/0x420 [ 16.331399] kasan_bitops_generic+0x92/0x1c0 [ 16.331659] kunit_try_run_case+0x1a5/0x480 [ 16.332222] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.332578] kthread+0x337/0x6f0 [ 16.332921] ret_from_fork+0x116/0x1d0 [ 16.333192] ret_from_fork_asm+0x1a/0x30 [ 16.333440] [ 16.333589] The buggy address belongs to the object at ffff88810267b740 [ 16.333589] which belongs to the cache kmalloc-16 of size 16 [ 16.334332] The buggy address is located 8 bytes inside of [ 16.334332] allocated 9-byte region [ffff88810267b740, ffff88810267b749) [ 16.335125] [ 16.335253] The buggy address belongs to the physical page: [ 16.335560] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10267b [ 16.336275] flags: 0x200000000000000(node=0|zone=2) [ 16.336501] page_type: f5(slab) [ 16.336758] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.337303] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.337743] page dumped because: kasan: bad access detected [ 16.338190] [ 16.338342] Memory state around the buggy address: [ 16.338583] ffff88810267b600: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 16.339141] ffff88810267b680: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.339529] >ffff88810267b700: 00 05 fc fc 00 04 fc fc 00 01 fc fc fc fc fc fc [ 16.340251] ^ [ 16.340547] ffff88810267b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.341030] ffff88810267b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.341354] ================================================================== [ 16.130425] ================================================================== [ 16.130765] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 16.131192] Write of size 8 at addr ffff88810267b748 by task kunit_try_catch/279 [ 16.132132] [ 16.132250] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.132306] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.132321] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.132346] Call Trace: [ 16.132366] <TASK> [ 16.132385] dump_stack_lvl+0x73/0xb0 [ 16.132419] print_report+0xd1/0x650 [ 16.132445] ? __virt_addr_valid+0x1db/0x2d0 [ 16.132471] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 16.132502] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.132529] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 16.132560] kasan_report+0x141/0x180 [ 16.132586] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 16.132623] kasan_check_range+0x10c/0x1c0 [ 16.132670] __kasan_check_write+0x18/0x20 [ 16.132697] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 16.132731] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 16.132765] ? ret_from_fork_asm+0x1a/0x30 [ 16.132791] ? kthread+0x337/0x6f0 [ 16.132821] kasan_bitops_generic+0x121/0x1c0 [ 16.132849] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 16.132877] ? __pfx_read_tsc+0x10/0x10 [ 16.132903] ? ktime_get_ts64+0x86/0x230 [ 16.132931] kunit_try_run_case+0x1a5/0x480 [ 16.132960] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.132986] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.133012] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.133039] ? __kthread_parkme+0x82/0x180 [ 16.133062] ? preempt_count_sub+0x50/0x80 [ 16.133089] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.133117] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.133143] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.133170] kthread+0x337/0x6f0 [ 16.133192] ? trace_preempt_on+0x20/0xc0 [ 16.133218] ? __pfx_kthread+0x10/0x10 [ 16.133242] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.133265] ? calculate_sigpending+0x7b/0xa0 [ 16.133293] ? __pfx_kthread+0x10/0x10 [ 16.133318] ret_from_fork+0x116/0x1d0 [ 16.133339] ? __pfx_kthread+0x10/0x10 [ 16.133362] ret_from_fork_asm+0x1a/0x30 [ 16.133397] </TASK> [ 16.133410] [ 16.144134] Allocated by task 279: [ 16.144373] kasan_save_stack+0x45/0x70 [ 16.144633] kasan_save_track+0x18/0x40 [ 16.144964] kasan_save_alloc_info+0x3b/0x50 [ 16.145185] __kasan_kmalloc+0xb7/0xc0 [ 16.145364] __kmalloc_cache_noprof+0x189/0x420 [ 16.145618] kasan_bitops_generic+0x92/0x1c0 [ 16.145991] kunit_try_run_case+0x1a5/0x480 [ 16.146219] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.146483] kthread+0x337/0x6f0 [ 16.146706] ret_from_fork+0x116/0x1d0 [ 16.146982] ret_from_fork_asm+0x1a/0x30 [ 16.147221] [ 16.147325] The buggy address belongs to the object at ffff88810267b740 [ 16.147325] which belongs to the cache kmalloc-16 of size 16 [ 16.148226] The buggy address is located 8 bytes inside of [ 16.148226] allocated 9-byte region [ffff88810267b740, ffff88810267b749) [ 16.148754] [ 16.148847] The buggy address belongs to the physical page: [ 16.149056] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10267b [ 16.149452] flags: 0x200000000000000(node=0|zone=2) [ 16.149747] page_type: f5(slab) [ 16.150104] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.150386] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.150678] page dumped because: kasan: bad access detected [ 16.151246] [ 16.151365] Memory state around the buggy address: [ 16.151641] ffff88810267b600: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 16.152356] ffff88810267b680: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.153073] >ffff88810267b700: 00 05 fc fc 00 04 fc fc 00 01 fc fc fc fc fc fc [ 16.153337] ^ [ 16.153546] ffff88810267b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.154200] ffff88810267b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.154595] ================================================================== [ 16.341916] ================================================================== [ 16.342230] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 16.342678] Read of size 8 at addr ffff88810267b748 by task kunit_try_catch/279 [ 16.343184] [ 16.343297] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.343352] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.343367] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.343393] Call Trace: [ 16.343415] <TASK> [ 16.343434] dump_stack_lvl+0x73/0xb0 [ 16.343468] print_report+0xd1/0x650 [ 16.343492] ? __virt_addr_valid+0x1db/0x2d0 [ 16.343520] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 16.343554] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.343582] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 16.343615] kasan_report+0x141/0x180 [ 16.343757] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 16.344049] __asan_report_load8_noabort+0x18/0x20 [ 16.344083] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 16.344116] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 16.344180] ? ret_from_fork_asm+0x1a/0x30 [ 16.344208] ? kthread+0x337/0x6f0 [ 16.344239] kasan_bitops_generic+0x121/0x1c0 [ 16.344267] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 16.344298] ? __pfx_read_tsc+0x10/0x10 [ 16.344323] ? ktime_get_ts64+0x86/0x230 [ 16.344351] kunit_try_run_case+0x1a5/0x480 [ 16.344382] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.344408] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.344437] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.344464] ? __kthread_parkme+0x82/0x180 [ 16.344487] ? preempt_count_sub+0x50/0x80 [ 16.344516] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.344544] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.344569] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.344597] kthread+0x337/0x6f0 [ 16.344644] ? trace_preempt_on+0x20/0xc0 [ 16.344685] ? __pfx_kthread+0x10/0x10 [ 16.344710] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.344735] ? calculate_sigpending+0x7b/0xa0 [ 16.344763] ? __pfx_kthread+0x10/0x10 [ 16.344873] ret_from_fork+0x116/0x1d0 [ 16.344898] ? __pfx_kthread+0x10/0x10 [ 16.344922] ret_from_fork_asm+0x1a/0x30 [ 16.344959] </TASK> [ 16.344972] [ 16.356580] Allocated by task 279: [ 16.356931] kasan_save_stack+0x45/0x70 [ 16.357195] kasan_save_track+0x18/0x40 [ 16.357440] kasan_save_alloc_info+0x3b/0x50 [ 16.357629] __kasan_kmalloc+0xb7/0xc0 [ 16.358000] __kmalloc_cache_noprof+0x189/0x420 [ 16.358323] kasan_bitops_generic+0x92/0x1c0 [ 16.358604] kunit_try_run_case+0x1a5/0x480 [ 16.359094] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.359610] kthread+0x337/0x6f0 [ 16.359881] ret_from_fork+0x116/0x1d0 [ 16.360223] ret_from_fork_asm+0x1a/0x30 [ 16.360487] [ 16.360608] The buggy address belongs to the object at ffff88810267b740 [ 16.360608] which belongs to the cache kmalloc-16 of size 16 [ 16.361330] The buggy address is located 8 bytes inside of [ 16.361330] allocated 9-byte region [ffff88810267b740, ffff88810267b749) [ 16.362069] [ 16.362191] The buggy address belongs to the physical page: [ 16.362451] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10267b [ 16.362914] flags: 0x200000000000000(node=0|zone=2) [ 16.363452] page_type: f5(slab) [ 16.363610] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.363912] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.364402] page dumped because: kasan: bad access detected [ 16.364902] [ 16.365022] Memory state around the buggy address: [ 16.365342] ffff88810267b600: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 16.365747] ffff88810267b680: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.366210] >ffff88810267b700: 00 05 fc fc 00 04 fc fc 00 01 fc fc fc fc fc fc [ 16.366633] ^ [ 16.367361] ffff88810267b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.367734] ffff88810267b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.368121] ================================================================== [ 16.232003] ================================================================== [ 16.232435] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 16.233215] Write of size 8 at addr ffff88810267b748 by task kunit_try_catch/279 [ 16.233602] [ 16.233747] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.233803] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.233819] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.233847] Call Trace: [ 16.233870] <TASK> [ 16.233894] dump_stack_lvl+0x73/0xb0 [ 16.233928] print_report+0xd1/0x650 [ 16.233955] ? __virt_addr_valid+0x1db/0x2d0 [ 16.233982] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 16.234015] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.234243] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 16.234288] kasan_report+0x141/0x180 [ 16.234315] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 16.234354] kasan_check_range+0x10c/0x1c0 [ 16.234382] __kasan_check_write+0x18/0x20 [ 16.234406] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 16.234442] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 16.234475] ? ret_from_fork_asm+0x1a/0x30 [ 16.234501] ? kthread+0x337/0x6f0 [ 16.234531] kasan_bitops_generic+0x121/0x1c0 [ 16.234559] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 16.234589] ? __pfx_read_tsc+0x10/0x10 [ 16.234613] ? ktime_get_ts64+0x86/0x230 [ 16.234642] kunit_try_run_case+0x1a5/0x480 [ 16.234683] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.234710] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.234928] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.234957] ? __kthread_parkme+0x82/0x180 [ 16.234982] ? preempt_count_sub+0x50/0x80 [ 16.235010] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.235039] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.235067] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.235094] kthread+0x337/0x6f0 [ 16.235117] ? trace_preempt_on+0x20/0xc0 [ 16.235144] ? __pfx_kthread+0x10/0x10 [ 16.235168] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.235193] ? calculate_sigpending+0x7b/0xa0 [ 16.235221] ? __pfx_kthread+0x10/0x10 [ 16.235247] ret_from_fork+0x116/0x1d0 [ 16.235269] ? __pfx_kthread+0x10/0x10 [ 16.235293] ret_from_fork_asm+0x1a/0x30 [ 16.235329] </TASK> [ 16.235343] [ 16.246719] Allocated by task 279: [ 16.246898] kasan_save_stack+0x45/0x70 [ 16.247146] kasan_save_track+0x18/0x40 [ 16.247377] kasan_save_alloc_info+0x3b/0x50 [ 16.247774] __kasan_kmalloc+0xb7/0xc0 [ 16.248185] __kmalloc_cache_noprof+0x189/0x420 [ 16.248385] kasan_bitops_generic+0x92/0x1c0 [ 16.248638] kunit_try_run_case+0x1a5/0x480 [ 16.248991] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.249304] kthread+0x337/0x6f0 [ 16.249454] ret_from_fork+0x116/0x1d0 [ 16.249616] ret_from_fork_asm+0x1a/0x30 [ 16.250063] [ 16.250356] The buggy address belongs to the object at ffff88810267b740 [ 16.250356] which belongs to the cache kmalloc-16 of size 16 [ 16.251048] The buggy address is located 8 bytes inside of [ 16.251048] allocated 9-byte region [ffff88810267b740, ffff88810267b749) [ 16.251609] [ 16.251769] The buggy address belongs to the physical page: [ 16.251991] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10267b [ 16.252893] flags: 0x200000000000000(node=0|zone=2) [ 16.253189] page_type: f5(slab) [ 16.253359] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.253782] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.254404] page dumped because: kasan: bad access detected [ 16.254777] [ 16.254873] Memory state around the buggy address: [ 16.255228] ffff88810267b600: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 16.255528] ffff88810267b680: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.255939] >ffff88810267b700: 00 05 fc fc 00 04 fc fc 00 01 fc fc fc fc fc fc [ 16.256340] ^ [ 16.256621] ffff88810267b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.257098] ffff88810267b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.257611] ================================================================== [ 16.206272] ================================================================== [ 16.206616] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 16.207216] Write of size 8 at addr ffff88810267b748 by task kunit_try_catch/279 [ 16.207896] [ 16.208015] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.208072] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.208088] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.208116] Call Trace: [ 16.208138] <TASK> [ 16.208160] dump_stack_lvl+0x73/0xb0 [ 16.208195] print_report+0xd1/0x650 [ 16.208221] ? __virt_addr_valid+0x1db/0x2d0 [ 16.208249] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 16.208282] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.208308] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 16.208341] kasan_report+0x141/0x180 [ 16.208368] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 16.208407] kasan_check_range+0x10c/0x1c0 [ 16.208434] __kasan_check_write+0x18/0x20 [ 16.208458] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 16.208491] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 16.208526] ? ret_from_fork_asm+0x1a/0x30 [ 16.208552] ? kthread+0x337/0x6f0 [ 16.208582] kasan_bitops_generic+0x121/0x1c0 [ 16.208610] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 16.208640] ? __pfx_read_tsc+0x10/0x10 [ 16.208708] ? ktime_get_ts64+0x86/0x230 [ 16.208739] kunit_try_run_case+0x1a5/0x480 [ 16.208768] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.208795] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.208823] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.208850] ? __kthread_parkme+0x82/0x180 [ 16.208873] ? preempt_count_sub+0x50/0x80 [ 16.208900] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.208929] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.208955] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.208998] kthread+0x337/0x6f0 [ 16.209021] ? trace_preempt_on+0x20/0xc0 [ 16.209048] ? __pfx_kthread+0x10/0x10 [ 16.209072] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.209098] ? calculate_sigpending+0x7b/0xa0 [ 16.209126] ? __pfx_kthread+0x10/0x10 [ 16.209152] ret_from_fork+0x116/0x1d0 [ 16.209173] ? __pfx_kthread+0x10/0x10 [ 16.209198] ret_from_fork_asm+0x1a/0x30 [ 16.209235] </TASK> [ 16.209249] [ 16.220455] Allocated by task 279: [ 16.220700] kasan_save_stack+0x45/0x70 [ 16.221104] kasan_save_track+0x18/0x40 [ 16.221291] kasan_save_alloc_info+0x3b/0x50 [ 16.221500] __kasan_kmalloc+0xb7/0xc0 [ 16.221763] __kmalloc_cache_noprof+0x189/0x420 [ 16.221983] kasan_bitops_generic+0x92/0x1c0 [ 16.222204] kunit_try_run_case+0x1a5/0x480 [ 16.222778] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.223141] kthread+0x337/0x6f0 [ 16.223331] ret_from_fork+0x116/0x1d0 [ 16.223551] ret_from_fork_asm+0x1a/0x30 [ 16.223734] [ 16.223823] The buggy address belongs to the object at ffff88810267b740 [ 16.223823] which belongs to the cache kmalloc-16 of size 16 [ 16.224813] The buggy address is located 8 bytes inside of [ 16.224813] allocated 9-byte region [ffff88810267b740, ffff88810267b749) [ 16.225427] [ 16.225621] The buggy address belongs to the physical page: [ 16.226176] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10267b [ 16.226479] flags: 0x200000000000000(node=0|zone=2) [ 16.226890] page_type: f5(slab) [ 16.227108] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.227533] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.228091] page dumped because: kasan: bad access detected [ 16.228367] [ 16.228489] Memory state around the buggy address: [ 16.228767] ffff88810267b600: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 16.229208] ffff88810267b680: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.229475] >ffff88810267b700: 00 05 fc fc 00 04 fc fc 00 01 fc fc fc fc fc fc [ 16.230198] ^ [ 16.230529] ffff88810267b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.231064] ffff88810267b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.231400] ================================================================== [ 16.258134] ================================================================== [ 16.258559] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 16.259342] Write of size 8 at addr ffff88810267b748 by task kunit_try_catch/279 [ 16.259884] [ 16.260061] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.260121] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.260138] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.260165] Call Trace: [ 16.260189] <TASK> [ 16.260211] dump_stack_lvl+0x73/0xb0 [ 16.260247] print_report+0xd1/0x650 [ 16.260274] ? __virt_addr_valid+0x1db/0x2d0 [ 16.260302] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 16.260335] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.260363] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 16.260396] kasan_report+0x141/0x180 [ 16.260423] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 16.260462] kasan_check_range+0x10c/0x1c0 [ 16.260492] __kasan_check_write+0x18/0x20 [ 16.260515] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 16.260549] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 16.260583] ? ret_from_fork_asm+0x1a/0x30 [ 16.260609] ? kthread+0x337/0x6f0 [ 16.260639] kasan_bitops_generic+0x121/0x1c0 [ 16.260682] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 16.260712] ? __pfx_read_tsc+0x10/0x10 [ 16.260737] ? ktime_get_ts64+0x86/0x230 [ 16.260767] kunit_try_run_case+0x1a5/0x480 [ 16.260916] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.260943] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.260971] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.260999] ? __kthread_parkme+0x82/0x180 [ 16.261024] ? preempt_count_sub+0x50/0x80 [ 16.261052] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.261081] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.261108] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.261136] kthread+0x337/0x6f0 [ 16.261159] ? trace_preempt_on+0x20/0xc0 [ 16.261188] ? __pfx_kthread+0x10/0x10 [ 16.261212] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.261237] ? calculate_sigpending+0x7b/0xa0 [ 16.261265] ? __pfx_kthread+0x10/0x10 [ 16.261291] ret_from_fork+0x116/0x1d0 [ 16.261312] ? __pfx_kthread+0x10/0x10 [ 16.261339] ret_from_fork_asm+0x1a/0x30 [ 16.261374] </TASK> [ 16.261388] [ 16.272728] Allocated by task 279: [ 16.272996] kasan_save_stack+0x45/0x70 [ 16.273388] kasan_save_track+0x18/0x40 [ 16.273591] kasan_save_alloc_info+0x3b/0x50 [ 16.273786] __kasan_kmalloc+0xb7/0xc0 [ 16.273961] __kmalloc_cache_noprof+0x189/0x420 [ 16.274224] kasan_bitops_generic+0x92/0x1c0 [ 16.274612] kunit_try_run_case+0x1a5/0x480 [ 16.275187] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.275487] kthread+0x337/0x6f0 [ 16.275738] ret_from_fork+0x116/0x1d0 [ 16.275909] ret_from_fork_asm+0x1a/0x30 [ 16.276307] [ 16.276463] The buggy address belongs to the object at ffff88810267b740 [ 16.276463] which belongs to the cache kmalloc-16 of size 16 [ 16.277060] The buggy address is located 8 bytes inside of [ 16.277060] allocated 9-byte region [ffff88810267b740, ffff88810267b749) [ 16.277583] [ 16.277754] The buggy address belongs to the physical page: [ 16.278073] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10267b [ 16.278536] flags: 0x200000000000000(node=0|zone=2) [ 16.279062] page_type: f5(slab) [ 16.279511] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.279902] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.280177] page dumped because: kasan: bad access detected [ 16.280586] [ 16.280809] Memory state around the buggy address: [ 16.281142] ffff88810267b600: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 16.281467] ffff88810267b680: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.281754] >ffff88810267b700: 00 05 fc fc 00 04 fc fc 00 01 fc fc fc fc fc fc [ 16.282005] ^ [ 16.282207] ffff88810267b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.282470] ffff88810267b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.283159] ================================================================== [ 16.155198] ================================================================== [ 16.155572] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 16.156078] Write of size 8 at addr ffff88810267b748 by task kunit_try_catch/279 [ 16.156853] [ 16.157008] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.157065] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.157081] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.157107] Call Trace: [ 16.157129] <TASK> [ 16.157152] dump_stack_lvl+0x73/0xb0 [ 16.157186] print_report+0xd1/0x650 [ 16.157211] ? __virt_addr_valid+0x1db/0x2d0 [ 16.157237] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 16.157269] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.157295] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 16.157327] kasan_report+0x141/0x180 [ 16.157352] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 16.157389] kasan_check_range+0x10c/0x1c0 [ 16.157416] __kasan_check_write+0x18/0x20 [ 16.157440] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 16.157472] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 16.157504] ? ret_from_fork_asm+0x1a/0x30 [ 16.157530] ? kthread+0x337/0x6f0 [ 16.157559] kasan_bitops_generic+0x121/0x1c0 [ 16.157586] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 16.157614] ? __pfx_read_tsc+0x10/0x10 [ 16.157639] ? ktime_get_ts64+0x86/0x230 [ 16.157684] kunit_try_run_case+0x1a5/0x480 [ 16.157713] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.157739] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.157767] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.157793] ? __kthread_parkme+0x82/0x180 [ 16.157815] ? preempt_count_sub+0x50/0x80 [ 16.157844] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.157870] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.157897] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.157924] kthread+0x337/0x6f0 [ 16.157946] ? trace_preempt_on+0x20/0xc0 [ 16.157973] ? __pfx_kthread+0x10/0x10 [ 16.157997] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.158022] ? calculate_sigpending+0x7b/0xa0 [ 16.158050] ? __pfx_kthread+0x10/0x10 [ 16.158075] ret_from_fork+0x116/0x1d0 [ 16.158097] ? __pfx_kthread+0x10/0x10 [ 16.158121] ret_from_fork_asm+0x1a/0x30 [ 16.158156] </TASK> [ 16.158168] [ 16.169070] Allocated by task 279: [ 16.169256] kasan_save_stack+0x45/0x70 [ 16.169491] kasan_save_track+0x18/0x40 [ 16.169672] kasan_save_alloc_info+0x3b/0x50 [ 16.170098] __kasan_kmalloc+0xb7/0xc0 [ 16.170336] __kmalloc_cache_noprof+0x189/0x420 [ 16.170610] kasan_bitops_generic+0x92/0x1c0 [ 16.170963] kunit_try_run_case+0x1a5/0x480 [ 16.171151] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.171361] kthread+0x337/0x6f0 [ 16.171559] ret_from_fork+0x116/0x1d0 [ 16.171774] ret_from_fork_asm+0x1a/0x30 [ 16.172013] [ 16.172126] The buggy address belongs to the object at ffff88810267b740 [ 16.172126] which belongs to the cache kmalloc-16 of size 16 [ 16.172772] The buggy address is located 8 bytes inside of [ 16.172772] allocated 9-byte region [ffff88810267b740, ffff88810267b749) [ 16.173279] [ 16.173673] The buggy address belongs to the physical page: [ 16.174014] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10267b [ 16.174457] flags: 0x200000000000000(node=0|zone=2) [ 16.174977] page_type: f5(slab) [ 16.175168] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.175479] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.175845] page dumped because: kasan: bad access detected [ 16.176161] [ 16.176414] Memory state around the buggy address: [ 16.176707] ffff88810267b600: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 16.177275] ffff88810267b680: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.177614] >ffff88810267b700: 00 05 fc fc 00 04 fc fc 00 01 fc fc fc fc fc fc [ 16.177888] ^ [ 16.178100] ffff88810267b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.178744] ffff88810267b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.179131] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 15.908676] ================================================================== [ 15.909281] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 15.909633] Write of size 8 at addr ffff88810267b748 by task kunit_try_catch/279 [ 15.909932] [ 15.910806] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.910876] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.910894] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.910927] Call Trace: [ 15.910946] <TASK> [ 15.910977] dump_stack_lvl+0x73/0xb0 [ 15.911021] print_report+0xd1/0x650 [ 15.911049] ? __virt_addr_valid+0x1db/0x2d0 [ 15.911080] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 15.911111] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.911137] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 15.911168] kasan_report+0x141/0x180 [ 15.911230] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 15.911267] kasan_check_range+0x10c/0x1c0 [ 15.911310] __kasan_check_write+0x18/0x20 [ 15.911333] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 15.911364] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.911396] ? ret_from_fork_asm+0x1a/0x30 [ 15.911424] ? kthread+0x337/0x6f0 [ 15.911457] kasan_bitops_generic+0x116/0x1c0 [ 15.911486] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.911516] ? __pfx_read_tsc+0x10/0x10 [ 15.911543] ? ktime_get_ts64+0x86/0x230 [ 15.911575] kunit_try_run_case+0x1a5/0x480 [ 15.911611] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.911637] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.911680] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.911708] ? __kthread_parkme+0x82/0x180 [ 15.911732] ? preempt_count_sub+0x50/0x80 [ 15.911761] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.911813] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.911841] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.911869] kthread+0x337/0x6f0 [ 15.911892] ? trace_preempt_on+0x20/0xc0 [ 15.911921] ? __pfx_kthread+0x10/0x10 [ 15.911945] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.911969] ? calculate_sigpending+0x7b/0xa0 [ 15.911999] ? __pfx_kthread+0x10/0x10 [ 15.912024] ret_from_fork+0x116/0x1d0 [ 15.912046] ? __pfx_kthread+0x10/0x10 [ 15.912071] ret_from_fork_asm+0x1a/0x30 [ 15.912106] </TASK> [ 15.912120] [ 15.927583] Allocated by task 279: [ 15.927881] kasan_save_stack+0x45/0x70 [ 15.928229] kasan_save_track+0x18/0x40 [ 15.928418] kasan_save_alloc_info+0x3b/0x50 [ 15.928695] __kasan_kmalloc+0xb7/0xc0 [ 15.929302] __kmalloc_cache_noprof+0x189/0x420 [ 15.929594] kasan_bitops_generic+0x92/0x1c0 [ 15.929855] kunit_try_run_case+0x1a5/0x480 [ 15.930168] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.930477] kthread+0x337/0x6f0 [ 15.930629] ret_from_fork+0x116/0x1d0 [ 15.930943] ret_from_fork_asm+0x1a/0x30 [ 15.931200] [ 15.931322] The buggy address belongs to the object at ffff88810267b740 [ 15.931322] which belongs to the cache kmalloc-16 of size 16 [ 15.932135] The buggy address is located 8 bytes inside of [ 15.932135] allocated 9-byte region [ffff88810267b740, ffff88810267b749) [ 15.932668] [ 15.932810] The buggy address belongs to the physical page: [ 15.933404] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10267b [ 15.933772] flags: 0x200000000000000(node=0|zone=2) [ 15.934174] page_type: f5(slab) [ 15.934386] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.934796] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.935318] page dumped because: kasan: bad access detected [ 15.935614] [ 15.935747] Memory state around the buggy address: [ 15.936166] ffff88810267b600: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 15.936546] ffff88810267b680: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.937214] >ffff88810267b700: 00 05 fc fc 00 04 fc fc 00 01 fc fc fc fc fc fc [ 15.937719] ^ [ 15.937996] ffff88810267b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.938394] ffff88810267b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.938785] ================================================================== [ 15.965788] ================================================================== [ 15.966277] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 15.966750] Write of size 8 at addr ffff88810267b748 by task kunit_try_catch/279 [ 15.967428] [ 15.967544] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.967612] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.967627] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.967681] Call Trace: [ 15.967703] <TASK> [ 15.967725] dump_stack_lvl+0x73/0xb0 [ 15.967759] print_report+0xd1/0x650 [ 15.967786] ? __virt_addr_valid+0x1db/0x2d0 [ 15.967813] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 15.967844] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.967871] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 15.967901] kasan_report+0x141/0x180 [ 15.967929] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 15.967964] kasan_check_range+0x10c/0x1c0 [ 15.968003] __kasan_check_write+0x18/0x20 [ 15.968026] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 15.968056] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.968144] ? ret_from_fork_asm+0x1a/0x30 [ 15.968171] ? kthread+0x337/0x6f0 [ 15.968249] kasan_bitops_generic+0x116/0x1c0 [ 15.968279] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.968309] ? __pfx_read_tsc+0x10/0x10 [ 15.968334] ? ktime_get_ts64+0x86/0x230 [ 15.968363] kunit_try_run_case+0x1a5/0x480 [ 15.968392] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.968418] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.968447] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.968485] ? __kthread_parkme+0x82/0x180 [ 15.968510] ? preempt_count_sub+0x50/0x80 [ 15.968552] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.968580] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.968606] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.968634] kthread+0x337/0x6f0 [ 15.968668] ? trace_preempt_on+0x20/0xc0 [ 15.968708] ? __pfx_kthread+0x10/0x10 [ 15.968734] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.968770] ? calculate_sigpending+0x7b/0xa0 [ 15.968802] ? __pfx_kthread+0x10/0x10 [ 15.968828] ret_from_fork+0x116/0x1d0 [ 15.968850] ? __pfx_kthread+0x10/0x10 [ 15.968875] ret_from_fork_asm+0x1a/0x30 [ 15.968912] </TASK> [ 15.968925] [ 15.979991] Allocated by task 279: [ 15.980266] kasan_save_stack+0x45/0x70 [ 15.980478] kasan_save_track+0x18/0x40 [ 15.980732] kasan_save_alloc_info+0x3b/0x50 [ 15.981028] __kasan_kmalloc+0xb7/0xc0 [ 15.981193] __kmalloc_cache_noprof+0x189/0x420 [ 15.981384] kasan_bitops_generic+0x92/0x1c0 [ 15.981632] kunit_try_run_case+0x1a5/0x480 [ 15.982166] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.982491] kthread+0x337/0x6f0 [ 15.982711] ret_from_fork+0x116/0x1d0 [ 15.983098] ret_from_fork_asm+0x1a/0x30 [ 15.983297] [ 15.983394] The buggy address belongs to the object at ffff88810267b740 [ 15.983394] which belongs to the cache kmalloc-16 of size 16 [ 15.984171] The buggy address is located 8 bytes inside of [ 15.984171] allocated 9-byte region [ffff88810267b740, ffff88810267b749) [ 15.984803] [ 15.985008] The buggy address belongs to the physical page: [ 15.985301] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10267b [ 15.985741] flags: 0x200000000000000(node=0|zone=2) [ 15.986312] page_type: f5(slab) [ 15.986510] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.987118] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.987537] page dumped because: kasan: bad access detected [ 15.988004] [ 15.988127] Memory state around the buggy address: [ 15.988364] ffff88810267b600: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 15.988628] ffff88810267b680: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.989156] >ffff88810267b700: 00 05 fc fc 00 04 fc fc 00 01 fc fc fc fc fc fc [ 15.989607] ^ [ 15.989928] ffff88810267b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.990188] ffff88810267b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.990494] ================================================================== [ 16.023965] ================================================================== [ 16.024712] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 16.025544] Write of size 8 at addr ffff88810267b748 by task kunit_try_catch/279 [ 16.026245] [ 16.026392] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.026465] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.026481] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.026509] Call Trace: [ 16.026532] <TASK> [ 16.026556] dump_stack_lvl+0x73/0xb0 [ 16.026591] print_report+0xd1/0x650 [ 16.026617] ? __virt_addr_valid+0x1db/0x2d0 [ 16.026659] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 16.027071] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.027101] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 16.027132] kasan_report+0x141/0x180 [ 16.027159] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 16.027204] kasan_check_range+0x10c/0x1c0 [ 16.027232] __kasan_check_write+0x18/0x20 [ 16.027255] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 16.027285] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 16.027316] ? ret_from_fork_asm+0x1a/0x30 [ 16.027342] ? kthread+0x337/0x6f0 [ 16.027372] kasan_bitops_generic+0x116/0x1c0 [ 16.027400] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 16.027429] ? __pfx_read_tsc+0x10/0x10 [ 16.027454] ? ktime_get_ts64+0x86/0x230 [ 16.027482] kunit_try_run_case+0x1a5/0x480 [ 16.027513] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.027541] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.027570] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.027597] ? __kthread_parkme+0x82/0x180 [ 16.027621] ? preempt_count_sub+0x50/0x80 [ 16.027659] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.027687] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.027867] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.027945] kthread+0x337/0x6f0 [ 16.027969] ? trace_preempt_on+0x20/0xc0 [ 16.027998] ? __pfx_kthread+0x10/0x10 [ 16.028023] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.028047] ? calculate_sigpending+0x7b/0xa0 [ 16.028077] ? __pfx_kthread+0x10/0x10 [ 16.028102] ret_from_fork+0x116/0x1d0 [ 16.028124] ? __pfx_kthread+0x10/0x10 [ 16.028147] ret_from_fork_asm+0x1a/0x30 [ 16.028184] </TASK> [ 16.028197] [ 16.043841] Allocated by task 279: [ 16.044061] kasan_save_stack+0x45/0x70 [ 16.044384] kasan_save_track+0x18/0x40 [ 16.044581] kasan_save_alloc_info+0x3b/0x50 [ 16.044938] __kasan_kmalloc+0xb7/0xc0 [ 16.045107] __kmalloc_cache_noprof+0x189/0x420 [ 16.045386] kasan_bitops_generic+0x92/0x1c0 [ 16.045627] kunit_try_run_case+0x1a5/0x480 [ 16.045949] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.046263] kthread+0x337/0x6f0 [ 16.046463] ret_from_fork+0x116/0x1d0 [ 16.046709] ret_from_fork_asm+0x1a/0x30 [ 16.046960] [ 16.047047] The buggy address belongs to the object at ffff88810267b740 [ 16.047047] which belongs to the cache kmalloc-16 of size 16 [ 16.047524] The buggy address is located 8 bytes inside of [ 16.047524] allocated 9-byte region [ffff88810267b740, ffff88810267b749) [ 16.048494] [ 16.048597] The buggy address belongs to the physical page: [ 16.049192] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10267b [ 16.049659] flags: 0x200000000000000(node=0|zone=2) [ 16.050182] page_type: f5(slab) [ 16.050371] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.050751] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.051199] page dumped because: kasan: bad access detected [ 16.051511] [ 16.051598] Memory state around the buggy address: [ 16.051853] ffff88810267b600: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 16.052161] ffff88810267b680: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.052558] >ffff88810267b700: 00 05 fc fc 00 04 fc fc 00 01 fc fc fc fc fc fc [ 16.052952] ^ [ 16.053201] ffff88810267b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.053614] ffff88810267b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.053921] ================================================================== [ 15.991191] ================================================================== [ 15.991562] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 15.992364] Write of size 8 at addr ffff88810267b748 by task kunit_try_catch/279 [ 15.992843] [ 15.993099] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.993155] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.993170] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.993197] Call Trace: [ 15.993220] <TASK> [ 15.993247] dump_stack_lvl+0x73/0xb0 [ 15.993282] print_report+0xd1/0x650 [ 15.993310] ? __virt_addr_valid+0x1db/0x2d0 [ 15.993340] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 15.993369] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.993397] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 15.993427] kasan_report+0x141/0x180 [ 15.993453] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 15.993488] kasan_check_range+0x10c/0x1c0 [ 15.993516] __kasan_check_write+0x18/0x20 [ 15.993555] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 15.993586] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.993631] ? ret_from_fork_asm+0x1a/0x30 [ 15.993669] ? kthread+0x337/0x6f0 [ 15.993698] kasan_bitops_generic+0x116/0x1c0 [ 15.993725] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.993754] ? __pfx_read_tsc+0x10/0x10 [ 15.993780] ? ktime_get_ts64+0x86/0x230 [ 15.993811] kunit_try_run_case+0x1a5/0x480 [ 15.993839] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.993866] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.993895] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.993921] ? __kthread_parkme+0x82/0x180 [ 15.993945] ? preempt_count_sub+0x50/0x80 [ 15.993974] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.994002] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.994028] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.994055] kthread+0x337/0x6f0 [ 15.994078] ? trace_preempt_on+0x20/0xc0 [ 15.994107] ? __pfx_kthread+0x10/0x10 [ 15.994131] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.994247] ? calculate_sigpending+0x7b/0xa0 [ 15.994277] ? __pfx_kthread+0x10/0x10 [ 15.994303] ret_from_fork+0x116/0x1d0 [ 15.994327] ? __pfx_kthread+0x10/0x10 [ 15.994351] ret_from_fork_asm+0x1a/0x30 [ 15.994388] </TASK> [ 15.994401] [ 16.008043] Allocated by task 279: [ 16.008347] kasan_save_stack+0x45/0x70 [ 16.008580] kasan_save_track+0x18/0x40 [ 16.009046] kasan_save_alloc_info+0x3b/0x50 [ 16.009506] __kasan_kmalloc+0xb7/0xc0 [ 16.010113] __kmalloc_cache_noprof+0x189/0x420 [ 16.010386] kasan_bitops_generic+0x92/0x1c0 [ 16.010628] kunit_try_run_case+0x1a5/0x480 [ 16.011283] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.011753] kthread+0x337/0x6f0 [ 16.012375] ret_from_fork+0x116/0x1d0 [ 16.012605] ret_from_fork_asm+0x1a/0x30 [ 16.013543] [ 16.013766] The buggy address belongs to the object at ffff88810267b740 [ 16.013766] which belongs to the cache kmalloc-16 of size 16 [ 16.014611] The buggy address is located 8 bytes inside of [ 16.014611] allocated 9-byte region [ffff88810267b740, ffff88810267b749) [ 16.015221] [ 16.015312] The buggy address belongs to the physical page: [ 16.015517] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10267b [ 16.016075] flags: 0x200000000000000(node=0|zone=2) [ 16.016283] page_type: f5(slab) [ 16.016433] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.017386] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.019614] page dumped because: kasan: bad access detected [ 16.020262] [ 16.020395] Memory state around the buggy address: [ 16.020670] ffff88810267b600: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 16.021049] ffff88810267b680: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.021412] >ffff88810267b700: 00 05 fc fc 00 04 fc fc 00 01 fc fc fc fc fc fc [ 16.022735] ^ [ 16.022956] ffff88810267b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.023213] ffff88810267b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.023464] ================================================================== [ 16.054597] ================================================================== [ 16.055103] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 16.055519] Write of size 8 at addr ffff88810267b748 by task kunit_try_catch/279 [ 16.056289] [ 16.056415] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.056474] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.056490] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.056516] Call Trace: [ 16.056540] <TASK> [ 16.056565] dump_stack_lvl+0x73/0xb0 [ 16.056601] print_report+0xd1/0x650 [ 16.056626] ? __virt_addr_valid+0x1db/0x2d0 [ 16.056672] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 16.056702] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.056728] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 16.056759] kasan_report+0x141/0x180 [ 16.056784] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 16.056835] kasan_check_range+0x10c/0x1c0 [ 16.056863] __kasan_check_write+0x18/0x20 [ 16.056886] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 16.056917] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 16.056948] ? ret_from_fork_asm+0x1a/0x30 [ 16.056973] ? kthread+0x337/0x6f0 [ 16.057003] kasan_bitops_generic+0x116/0x1c0 [ 16.057031] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 16.057061] ? __pfx_read_tsc+0x10/0x10 [ 16.057085] ? ktime_get_ts64+0x86/0x230 [ 16.057115] kunit_try_run_case+0x1a5/0x480 [ 16.057144] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.057171] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.057200] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.057228] ? __kthread_parkme+0x82/0x180 [ 16.057251] ? preempt_count_sub+0x50/0x80 [ 16.057279] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.057306] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.057333] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.057360] kthread+0x337/0x6f0 [ 16.057382] ? trace_preempt_on+0x20/0xc0 [ 16.057410] ? __pfx_kthread+0x10/0x10 [ 16.057433] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.057458] ? calculate_sigpending+0x7b/0xa0 [ 16.057485] ? __pfx_kthread+0x10/0x10 [ 16.057511] ret_from_fork+0x116/0x1d0 [ 16.057532] ? __pfx_kthread+0x10/0x10 [ 16.057556] ret_from_fork_asm+0x1a/0x30 [ 16.057592] </TASK> [ 16.057605] [ 16.066986] Allocated by task 279: [ 16.067154] kasan_save_stack+0x45/0x70 [ 16.067361] kasan_save_track+0x18/0x40 [ 16.067584] kasan_save_alloc_info+0x3b/0x50 [ 16.067844] __kasan_kmalloc+0xb7/0xc0 [ 16.068064] __kmalloc_cache_noprof+0x189/0x420 [ 16.068253] kasan_bitops_generic+0x92/0x1c0 [ 16.068430] kunit_try_run_case+0x1a5/0x480 [ 16.069165] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.069494] kthread+0x337/0x6f0 [ 16.069719] ret_from_fork+0x116/0x1d0 [ 16.070249] ret_from_fork_asm+0x1a/0x30 [ 16.070497] [ 16.070596] The buggy address belongs to the object at ffff88810267b740 [ 16.070596] which belongs to the cache kmalloc-16 of size 16 [ 16.071402] The buggy address is located 8 bytes inside of [ 16.071402] allocated 9-byte region [ffff88810267b740, ffff88810267b749) [ 16.072021] [ 16.072150] The buggy address belongs to the physical page: [ 16.072460] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10267b [ 16.072768] flags: 0x200000000000000(node=0|zone=2) [ 16.072969] page_type: f5(slab) [ 16.073117] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.073531] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.074734] page dumped because: kasan: bad access detected [ 16.075167] [ 16.075286] Memory state around the buggy address: [ 16.075538] ffff88810267b600: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 16.075816] ffff88810267b680: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.076075] >ffff88810267b700: 00 05 fc fc 00 04 fc fc 00 01 fc fc fc fc fc fc [ 16.077017] ^ [ 16.077363] ffff88810267b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.077784] ffff88810267b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.078177] ================================================================== [ 15.939508] ================================================================== [ 15.940083] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.940679] Write of size 8 at addr ffff88810267b748 by task kunit_try_catch/279 [ 15.941132] [ 15.941267] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.941364] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.941584] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.941616] Call Trace: [ 15.941667] <TASK> [ 15.941691] dump_stack_lvl+0x73/0xb0 [ 15.941728] print_report+0xd1/0x650 [ 15.941755] ? __virt_addr_valid+0x1db/0x2d0 [ 15.941784] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.941814] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.941840] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.941871] kasan_report+0x141/0x180 [ 15.941897] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.941933] kasan_check_range+0x10c/0x1c0 [ 15.941961] __kasan_check_write+0x18/0x20 [ 15.941983] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.942015] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.942113] ? ret_from_fork_asm+0x1a/0x30 [ 15.942160] ? kthread+0x337/0x6f0 [ 15.942190] kasan_bitops_generic+0x116/0x1c0 [ 15.942218] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.942248] ? __pfx_read_tsc+0x10/0x10 [ 15.942274] ? ktime_get_ts64+0x86/0x230 [ 15.942303] kunit_try_run_case+0x1a5/0x480 [ 15.942333] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.942359] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.942388] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.942431] ? __kthread_parkme+0x82/0x180 [ 15.942455] ? preempt_count_sub+0x50/0x80 [ 15.942485] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.942526] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.942554] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.942581] kthread+0x337/0x6f0 [ 15.942604] ? trace_preempt_on+0x20/0xc0 [ 15.942632] ? __pfx_kthread+0x10/0x10 [ 15.942666] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.942691] ? calculate_sigpending+0x7b/0xa0 [ 15.942720] ? __pfx_kthread+0x10/0x10 [ 15.942745] ret_from_fork+0x116/0x1d0 [ 15.942767] ? __pfx_kthread+0x10/0x10 [ 15.942873] ret_from_fork_asm+0x1a/0x30 [ 15.942921] </TASK> [ 15.942934] [ 15.953977] Allocated by task 279: [ 15.954211] kasan_save_stack+0x45/0x70 [ 15.954490] kasan_save_track+0x18/0x40 [ 15.954726] kasan_save_alloc_info+0x3b/0x50 [ 15.954983] __kasan_kmalloc+0xb7/0xc0 [ 15.955179] __kmalloc_cache_noprof+0x189/0x420 [ 15.955372] kasan_bitops_generic+0x92/0x1c0 [ 15.955549] kunit_try_run_case+0x1a5/0x480 [ 15.955920] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.956257] kthread+0x337/0x6f0 [ 15.956459] ret_from_fork+0x116/0x1d0 [ 15.956699] ret_from_fork_asm+0x1a/0x30 [ 15.957273] [ 15.957374] The buggy address belongs to the object at ffff88810267b740 [ 15.957374] which belongs to the cache kmalloc-16 of size 16 [ 15.958156] The buggy address is located 8 bytes inside of [ 15.958156] allocated 9-byte region [ffff88810267b740, ffff88810267b749) [ 15.958861] [ 15.959150] The buggy address belongs to the physical page: [ 15.959419] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10267b [ 15.959988] flags: 0x200000000000000(node=0|zone=2) [ 15.960285] page_type: f5(slab) [ 15.960486] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.960896] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.961535] page dumped because: kasan: bad access detected [ 15.961888] [ 15.962064] Memory state around the buggy address: [ 15.962322] ffff88810267b600: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 15.962700] ffff88810267b680: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.963206] >ffff88810267b700: 00 05 fc fc 00 04 fc fc 00 01 fc fc fc fc fc fc [ 15.963590] ^ [ 15.964066] ffff88810267b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.964537] ffff88810267b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.965160] ================================================================== [ 16.106320] ================================================================== [ 16.106914] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 16.107392] Write of size 8 at addr ffff88810267b748 by task kunit_try_catch/279 [ 16.107885] [ 16.108024] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.108080] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.108096] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.108123] Call Trace: [ 16.108145] <TASK> [ 16.108169] dump_stack_lvl+0x73/0xb0 [ 16.108202] print_report+0xd1/0x650 [ 16.108229] ? __virt_addr_valid+0x1db/0x2d0 [ 16.108256] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 16.108286] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.108313] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 16.108342] kasan_report+0x141/0x180 [ 16.108368] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 16.108402] kasan_check_range+0x10c/0x1c0 [ 16.108429] __kasan_check_write+0x18/0x20 [ 16.108452] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 16.108481] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 16.108512] ? ret_from_fork_asm+0x1a/0x30 [ 16.108537] ? kthread+0x337/0x6f0 [ 16.108567] kasan_bitops_generic+0x116/0x1c0 [ 16.108593] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 16.108622] ? __pfx_read_tsc+0x10/0x10 [ 16.108664] ? ktime_get_ts64+0x86/0x230 [ 16.108693] kunit_try_run_case+0x1a5/0x480 [ 16.108722] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.108747] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.108775] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.108801] ? __kthread_parkme+0x82/0x180 [ 16.108824] ? preempt_count_sub+0x50/0x80 [ 16.108853] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.108879] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.108971] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.109002] kthread+0x337/0x6f0 [ 16.109027] ? trace_preempt_on+0x20/0xc0 [ 16.109054] ? __pfx_kthread+0x10/0x10 [ 16.109078] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.109102] ? calculate_sigpending+0x7b/0xa0 [ 16.109131] ? __pfx_kthread+0x10/0x10 [ 16.109156] ret_from_fork+0x116/0x1d0 [ 16.109179] ? __pfx_kthread+0x10/0x10 [ 16.109202] ret_from_fork_asm+0x1a/0x30 [ 16.109238] </TASK> [ 16.109251] [ 16.119625] Allocated by task 279: [ 16.119860] kasan_save_stack+0x45/0x70 [ 16.120038] kasan_save_track+0x18/0x40 [ 16.120285] kasan_save_alloc_info+0x3b/0x50 [ 16.120791] __kasan_kmalloc+0xb7/0xc0 [ 16.120974] __kmalloc_cache_noprof+0x189/0x420 [ 16.121260] kasan_bitops_generic+0x92/0x1c0 [ 16.121527] kunit_try_run_case+0x1a5/0x480 [ 16.121793] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.122114] kthread+0x337/0x6f0 [ 16.122320] ret_from_fork+0x116/0x1d0 [ 16.122513] ret_from_fork_asm+0x1a/0x30 [ 16.122697] [ 16.122831] The buggy address belongs to the object at ffff88810267b740 [ 16.122831] which belongs to the cache kmalloc-16 of size 16 [ 16.123486] The buggy address is located 8 bytes inside of [ 16.123486] allocated 9-byte region [ffff88810267b740, ffff88810267b749) [ 16.124277] [ 16.124376] The buggy address belongs to the physical page: [ 16.124585] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10267b [ 16.124959] flags: 0x200000000000000(node=0|zone=2) [ 16.125363] page_type: f5(slab) [ 16.125573] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.125941] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.126216] page dumped because: kasan: bad access detected [ 16.126728] [ 16.126812] Memory state around the buggy address: [ 16.127290] ffff88810267b600: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 16.127660] ffff88810267b680: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.127940] >ffff88810267b700: 00 05 fc fc 00 04 fc fc 00 01 fc fc fc fc fc fc [ 16.128616] ^ [ 16.129071] ffff88810267b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.129385] ffff88810267b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.129805] ================================================================== [ 16.078811] ================================================================== [ 16.079231] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 16.079682] Write of size 8 at addr ffff88810267b748 by task kunit_try_catch/279 [ 16.079973] [ 16.080081] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.080136] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.080150] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.080177] Call Trace: [ 16.080201] <TASK> [ 16.080224] dump_stack_lvl+0x73/0xb0 [ 16.080258] print_report+0xd1/0x650 [ 16.080285] ? __virt_addr_valid+0x1db/0x2d0 [ 16.080313] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 16.080343] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.080369] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 16.080399] kasan_report+0x141/0x180 [ 16.080425] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 16.080461] kasan_check_range+0x10c/0x1c0 [ 16.080489] __kasan_check_write+0x18/0x20 [ 16.080513] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 16.080544] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 16.080576] ? ret_from_fork_asm+0x1a/0x30 [ 16.080603] ? kthread+0x337/0x6f0 [ 16.080758] kasan_bitops_generic+0x116/0x1c0 [ 16.080789] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 16.081017] ? __pfx_read_tsc+0x10/0x10 [ 16.081045] ? ktime_get_ts64+0x86/0x230 [ 16.081076] kunit_try_run_case+0x1a5/0x480 [ 16.081106] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.081133] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.081160] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.081187] ? __kthread_parkme+0x82/0x180 [ 16.081210] ? preempt_count_sub+0x50/0x80 [ 16.081239] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.081267] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.081293] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.081320] kthread+0x337/0x6f0 [ 16.081343] ? trace_preempt_on+0x20/0xc0 [ 16.081370] ? __pfx_kthread+0x10/0x10 [ 16.081395] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.081419] ? calculate_sigpending+0x7b/0xa0 [ 16.081449] ? __pfx_kthread+0x10/0x10 [ 16.081475] ret_from_fork+0x116/0x1d0 [ 16.081496] ? __pfx_kthread+0x10/0x10 [ 16.081520] ret_from_fork_asm+0x1a/0x30 [ 16.081556] </TASK> [ 16.081568] [ 16.092106] Allocated by task 279: [ 16.092335] kasan_save_stack+0x45/0x70 [ 16.092675] kasan_save_track+0x18/0x40 [ 16.093113] kasan_save_alloc_info+0x3b/0x50 [ 16.093314] __kasan_kmalloc+0xb7/0xc0 [ 16.093544] __kmalloc_cache_noprof+0x189/0x420 [ 16.093877] kasan_bitops_generic+0x92/0x1c0 [ 16.094085] kunit_try_run_case+0x1a5/0x480 [ 16.094262] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.094481] kthread+0x337/0x6f0 [ 16.094701] ret_from_fork+0x116/0x1d0 [ 16.094923] ret_from_fork_asm+0x1a/0x30 [ 16.095156] [ 16.095414] The buggy address belongs to the object at ffff88810267b740 [ 16.095414] which belongs to the cache kmalloc-16 of size 16 [ 16.097337] The buggy address is located 8 bytes inside of [ 16.097337] allocated 9-byte region [ffff88810267b740, ffff88810267b749) [ 16.098354] [ 16.098571] The buggy address belongs to the physical page: [ 16.099297] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10267b [ 16.100177] flags: 0x200000000000000(node=0|zone=2) [ 16.100773] page_type: f5(slab) [ 16.100944] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.101731] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.102642] page dumped because: kasan: bad access detected [ 16.103340] [ 16.103544] Memory state around the buggy address: [ 16.103948] ffff88810267b600: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 16.104224] ffff88810267b680: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.104486] >ffff88810267b700: 00 05 fc fc 00 04 fc fc 00 01 fc fc fc fc fc fc [ 16.104764] ^ [ 16.105073] ffff88810267b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.105420] ffff88810267b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.105747] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 15.876467] ================================================================== [ 15.876927] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 15.877304] Read of size 1 at addr ffff8881038e5fd0 by task kunit_try_catch/277 [ 15.877624] [ 15.877746] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.877921] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.877938] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.877965] Call Trace: [ 15.877988] <TASK> [ 15.878011] dump_stack_lvl+0x73/0xb0 [ 15.878045] print_report+0xd1/0x650 [ 15.878071] ? __virt_addr_valid+0x1db/0x2d0 [ 15.878099] ? strnlen+0x73/0x80 [ 15.878120] ? kasan_complete_mode_report_info+0x64/0x200 [ 15.878147] ? strnlen+0x73/0x80 [ 15.878168] kasan_report+0x141/0x180 [ 15.878194] ? strnlen+0x73/0x80 [ 15.878246] __asan_report_load1_noabort+0x18/0x20 [ 15.878275] strnlen+0x73/0x80 [ 15.878298] kasan_strings+0x615/0xe80 [ 15.878321] ? trace_hardirqs_on+0x37/0xe0 [ 15.878350] ? __pfx_kasan_strings+0x10/0x10 [ 15.878374] ? finish_task_switch.isra.0+0x153/0x700 [ 15.878416] ? __switch_to+0x47/0xf50 [ 15.878453] ? __schedule+0x10cc/0x2b60 [ 15.878480] ? __pfx_read_tsc+0x10/0x10 [ 15.878505] ? ktime_get_ts64+0x86/0x230 [ 15.878534] kunit_try_run_case+0x1a5/0x480 [ 15.878562] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.878588] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.878616] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.878656] ? __kthread_parkme+0x82/0x180 [ 15.878681] ? preempt_count_sub+0x50/0x80 [ 15.878708] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.878736] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.878999] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.879069] kthread+0x337/0x6f0 [ 15.879093] ? trace_preempt_on+0x20/0xc0 [ 15.879120] ? __pfx_kthread+0x10/0x10 [ 15.879148] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.879173] ? calculate_sigpending+0x7b/0xa0 [ 15.879203] ? __pfx_kthread+0x10/0x10 [ 15.879229] ret_from_fork+0x116/0x1d0 [ 15.879251] ? __pfx_kthread+0x10/0x10 [ 15.879274] ret_from_fork_asm+0x1a/0x30 [ 15.879310] </TASK> [ 15.879324] [ 15.889480] Allocated by task 277: [ 15.889663] kasan_save_stack+0x45/0x70 [ 15.890015] kasan_save_track+0x18/0x40 [ 15.890256] kasan_save_alloc_info+0x3b/0x50 [ 15.890514] __kasan_kmalloc+0xb7/0xc0 [ 15.890689] __kmalloc_cache_noprof+0x189/0x420 [ 15.891188] kasan_strings+0xc0/0xe80 [ 15.891434] kunit_try_run_case+0x1a5/0x480 [ 15.891705] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.892030] kthread+0x337/0x6f0 [ 15.892205] ret_from_fork+0x116/0x1d0 [ 15.892437] ret_from_fork_asm+0x1a/0x30 [ 15.892939] [ 15.893090] Freed by task 277: [ 15.893248] kasan_save_stack+0x45/0x70 [ 15.893482] kasan_save_track+0x18/0x40 [ 15.893727] kasan_save_free_info+0x3f/0x60 [ 15.894078] __kasan_slab_free+0x56/0x70 [ 15.894330] kfree+0x222/0x3f0 [ 15.894522] kasan_strings+0x2aa/0xe80 [ 15.894780] kunit_try_run_case+0x1a5/0x480 [ 15.895215] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.895430] kthread+0x337/0x6f0 [ 15.895626] ret_from_fork+0x116/0x1d0 [ 15.895999] ret_from_fork_asm+0x1a/0x30 [ 15.896246] [ 15.896350] The buggy address belongs to the object at ffff8881038e5fc0 [ 15.896350] which belongs to the cache kmalloc-32 of size 32 [ 15.897097] The buggy address is located 16 bytes inside of [ 15.897097] freed 32-byte region [ffff8881038e5fc0, ffff8881038e5fe0) [ 15.897684] [ 15.897867] The buggy address belongs to the physical page: [ 15.898180] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e5 [ 15.898633] flags: 0x200000000000000(node=0|zone=2) [ 15.899186] page_type: f5(slab) [ 15.899401] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 15.899943] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 15.900358] page dumped because: kasan: bad access detected [ 15.900608] [ 15.900724] Memory state around the buggy address: [ 15.900957] ffff8881038e5e80: fa fb fb fb fc fc fc fc 00 00 07 fc fc fc fc fc [ 15.901278] ffff8881038e5f00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.901588] >ffff8881038e5f80: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 15.902056] ^ [ 15.902439] ffff8881038e6000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.902858] ffff8881038e6080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.903386] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 15.849109] ================================================================== [ 15.849478] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 15.850108] Read of size 1 at addr ffff8881038e5fd0 by task kunit_try_catch/277 [ 15.850499] [ 15.850669] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.850725] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.850740] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.850767] Call Trace: [ 15.850790] <TASK> [ 15.850814] dump_stack_lvl+0x73/0xb0 [ 15.850848] print_report+0xd1/0x650 [ 15.850876] ? __virt_addr_valid+0x1db/0x2d0 [ 15.850903] ? strlen+0x8f/0xb0 [ 15.850923] ? kasan_complete_mode_report_info+0x64/0x200 [ 15.850958] ? strlen+0x8f/0xb0 [ 15.850978] kasan_report+0x141/0x180 [ 15.851049] ? strlen+0x8f/0xb0 [ 15.851076] __asan_report_load1_noabort+0x18/0x20 [ 15.851105] strlen+0x8f/0xb0 [ 15.851126] kasan_strings+0x57b/0xe80 [ 15.851149] ? trace_hardirqs_on+0x37/0xe0 [ 15.851178] ? __pfx_kasan_strings+0x10/0x10 [ 15.851201] ? finish_task_switch.isra.0+0x153/0x700 [ 15.851227] ? __switch_to+0x47/0xf50 [ 15.851257] ? __schedule+0x10cc/0x2b60 [ 15.851285] ? __pfx_read_tsc+0x10/0x10 [ 15.851310] ? ktime_get_ts64+0x86/0x230 [ 15.851337] kunit_try_run_case+0x1a5/0x480 [ 15.851366] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.851392] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.851420] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.851536] ? __kthread_parkme+0x82/0x180 [ 15.851564] ? preempt_count_sub+0x50/0x80 [ 15.851591] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.851619] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.851661] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.851688] kthread+0x337/0x6f0 [ 15.851711] ? trace_preempt_on+0x20/0xc0 [ 15.851738] ? __pfx_kthread+0x10/0x10 [ 15.851874] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.851908] ? calculate_sigpending+0x7b/0xa0 [ 15.851938] ? __pfx_kthread+0x10/0x10 [ 15.851964] ret_from_fork+0x116/0x1d0 [ 15.851989] ? __pfx_kthread+0x10/0x10 [ 15.852012] ret_from_fork_asm+0x1a/0x30 [ 15.852050] </TASK> [ 15.852064] [ 15.862128] Allocated by task 277: [ 15.862389] kasan_save_stack+0x45/0x70 [ 15.862609] kasan_save_track+0x18/0x40 [ 15.863062] kasan_save_alloc_info+0x3b/0x50 [ 15.863326] __kasan_kmalloc+0xb7/0xc0 [ 15.863551] __kmalloc_cache_noprof+0x189/0x420 [ 15.863834] kasan_strings+0xc0/0xe80 [ 15.864163] kunit_try_run_case+0x1a5/0x480 [ 15.864454] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.864847] kthread+0x337/0x6f0 [ 15.865058] ret_from_fork+0x116/0x1d0 [ 15.865276] ret_from_fork_asm+0x1a/0x30 [ 15.865508] [ 15.865623] Freed by task 277: [ 15.865804] kasan_save_stack+0x45/0x70 [ 15.866076] kasan_save_track+0x18/0x40 [ 15.866318] kasan_save_free_info+0x3f/0x60 [ 15.866569] __kasan_slab_free+0x56/0x70 [ 15.867024] kfree+0x222/0x3f0 [ 15.867203] kasan_strings+0x2aa/0xe80 [ 15.867365] kunit_try_run_case+0x1a5/0x480 [ 15.867659] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.868024] kthread+0x337/0x6f0 [ 15.868178] ret_from_fork+0x116/0x1d0 [ 15.868359] ret_from_fork_asm+0x1a/0x30 [ 15.868731] [ 15.868951] The buggy address belongs to the object at ffff8881038e5fc0 [ 15.868951] which belongs to the cache kmalloc-32 of size 32 [ 15.869509] The buggy address is located 16 bytes inside of [ 15.869509] freed 32-byte region [ffff8881038e5fc0, ffff8881038e5fe0) [ 15.870207] [ 15.870332] The buggy address belongs to the physical page: [ 15.870621] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e5 [ 15.871252] flags: 0x200000000000000(node=0|zone=2) [ 15.871506] page_type: f5(slab) [ 15.871753] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 15.872261] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 15.872677] page dumped because: kasan: bad access detected [ 15.872972] [ 15.873058] Memory state around the buggy address: [ 15.873322] ffff8881038e5e80: fa fb fb fb fc fc fc fc 00 00 07 fc fc fc fc fc [ 15.873672] ffff8881038e5f00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.874054] >ffff8881038e5f80: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 15.874433] ^ [ 15.875017] ffff8881038e6000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.875325] ffff8881038e6080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.875716] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 15.820728] ================================================================== [ 15.821705] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 15.822716] Read of size 1 at addr ffff8881038e5fd0 by task kunit_try_catch/277 [ 15.823300] [ 15.823416] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.823473] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.823489] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.823516] Call Trace: [ 15.823540] <TASK> [ 15.823565] dump_stack_lvl+0x73/0xb0 [ 15.823601] print_report+0xd1/0x650 [ 15.823628] ? __virt_addr_valid+0x1db/0x2d0 [ 15.823674] ? kasan_strings+0xcbc/0xe80 [ 15.823698] ? kasan_complete_mode_report_info+0x64/0x200 [ 15.823725] ? kasan_strings+0xcbc/0xe80 [ 15.823751] kasan_report+0x141/0x180 [ 15.823934] ? kasan_strings+0xcbc/0xe80 [ 15.823965] __asan_report_load1_noabort+0x18/0x20 [ 15.823995] kasan_strings+0xcbc/0xe80 [ 15.824018] ? trace_hardirqs_on+0x37/0xe0 [ 15.824077] ? __pfx_kasan_strings+0x10/0x10 [ 15.824102] ? finish_task_switch.isra.0+0x153/0x700 [ 15.824129] ? __switch_to+0x47/0xf50 [ 15.824160] ? __schedule+0x10cc/0x2b60 [ 15.824187] ? __pfx_read_tsc+0x10/0x10 [ 15.824213] ? ktime_get_ts64+0x86/0x230 [ 15.824242] kunit_try_run_case+0x1a5/0x480 [ 15.824271] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.824300] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.824329] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.824357] ? __kthread_parkme+0x82/0x180 [ 15.824382] ? preempt_count_sub+0x50/0x80 [ 15.824409] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.824437] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.824465] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.824493] kthread+0x337/0x6f0 [ 15.824515] ? trace_preempt_on+0x20/0xc0 [ 15.824541] ? __pfx_kthread+0x10/0x10 [ 15.824566] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.824591] ? calculate_sigpending+0x7b/0xa0 [ 15.824620] ? __pfx_kthread+0x10/0x10 [ 15.824660] ret_from_fork+0x116/0x1d0 [ 15.824682] ? __pfx_kthread+0x10/0x10 [ 15.824705] ret_from_fork_asm+0x1a/0x30 [ 15.824744] </TASK> [ 15.824780] [ 15.834671] Allocated by task 277: [ 15.834891] kasan_save_stack+0x45/0x70 [ 15.835079] kasan_save_track+0x18/0x40 [ 15.835243] kasan_save_alloc_info+0x3b/0x50 [ 15.835611] __kasan_kmalloc+0xb7/0xc0 [ 15.836001] __kmalloc_cache_noprof+0x189/0x420 [ 15.836281] kasan_strings+0xc0/0xe80 [ 15.836526] kunit_try_run_case+0x1a5/0x480 [ 15.836740] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.837149] kthread+0x337/0x6f0 [ 15.837334] ret_from_fork+0x116/0x1d0 [ 15.837508] ret_from_fork_asm+0x1a/0x30 [ 15.837690] [ 15.838015] Freed by task 277: [ 15.838220] kasan_save_stack+0x45/0x70 [ 15.838464] kasan_save_track+0x18/0x40 [ 15.838737] kasan_save_free_info+0x3f/0x60 [ 15.839085] __kasan_slab_free+0x56/0x70 [ 15.839336] kfree+0x222/0x3f0 [ 15.839494] kasan_strings+0x2aa/0xe80 [ 15.839671] kunit_try_run_case+0x1a5/0x480 [ 15.839918] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.840372] kthread+0x337/0x6f0 [ 15.840598] ret_from_fork+0x116/0x1d0 [ 15.840775] ret_from_fork_asm+0x1a/0x30 [ 15.840952] [ 15.841060] The buggy address belongs to the object at ffff8881038e5fc0 [ 15.841060] which belongs to the cache kmalloc-32 of size 32 [ 15.842073] The buggy address is located 16 bytes inside of [ 15.842073] freed 32-byte region [ffff8881038e5fc0, ffff8881038e5fe0) [ 15.842658] [ 15.842752] The buggy address belongs to the physical page: [ 15.843200] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e5 [ 15.843535] flags: 0x200000000000000(node=0|zone=2) [ 15.843979] page_type: f5(slab) [ 15.844191] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 15.844604] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 15.845135] page dumped because: kasan: bad access detected [ 15.845441] [ 15.845556] Memory state around the buggy address: [ 15.846055] ffff8881038e5e80: fa fb fb fb fc fc fc fc 00 00 07 fc fc fc fc fc [ 15.846427] ffff8881038e5f00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.846731] >ffff8881038e5f80: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 15.847233] ^ [ 15.847504] ffff8881038e6000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.848020] ffff8881038e6080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.848399] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 15.787413] ================================================================== [ 15.788721] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 15.789139] Read of size 1 at addr ffff8881038e5fd0 by task kunit_try_catch/277 [ 15.789509] [ 15.789642] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.789714] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.789730] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.789759] Call Trace: [ 15.789774] <TASK> [ 15.789797] dump_stack_lvl+0x73/0xb0 [ 15.789830] print_report+0xd1/0x650 [ 15.789875] ? __virt_addr_valid+0x1db/0x2d0 [ 15.789917] ? strcmp+0xb0/0xc0 [ 15.789944] ? kasan_complete_mode_report_info+0x64/0x200 [ 15.789972] ? strcmp+0xb0/0xc0 [ 15.790014] kasan_report+0x141/0x180 [ 15.790039] ? strcmp+0xb0/0xc0 [ 15.790070] __asan_report_load1_noabort+0x18/0x20 [ 15.790099] strcmp+0xb0/0xc0 [ 15.790125] kasan_strings+0x431/0xe80 [ 15.790150] ? trace_hardirqs_on+0x37/0xe0 [ 15.790179] ? __pfx_kasan_strings+0x10/0x10 [ 15.790203] ? finish_task_switch.isra.0+0x153/0x700 [ 15.790230] ? __switch_to+0x47/0xf50 [ 15.790272] ? __schedule+0x10cc/0x2b60 [ 15.790301] ? __pfx_read_tsc+0x10/0x10 [ 15.790340] ? ktime_get_ts64+0x86/0x230 [ 15.790371] kunit_try_run_case+0x1a5/0x480 [ 15.790402] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.790434] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.790461] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.790489] ? __kthread_parkme+0x82/0x180 [ 15.790514] ? preempt_count_sub+0x50/0x80 [ 15.790541] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.790569] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.790597] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.790624] kthread+0x337/0x6f0 [ 15.790670] ? trace_preempt_on+0x20/0xc0 [ 15.790697] ? __pfx_kthread+0x10/0x10 [ 15.790734] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.790760] ? calculate_sigpending+0x7b/0xa0 [ 15.790788] ? __pfx_kthread+0x10/0x10 [ 15.790813] ret_from_fork+0x116/0x1d0 [ 15.790836] ? __pfx_kthread+0x10/0x10 [ 15.790860] ret_from_fork_asm+0x1a/0x30 [ 15.790896] </TASK> [ 15.790909] [ 15.804134] Allocated by task 277: [ 15.804398] kasan_save_stack+0x45/0x70 [ 15.804587] kasan_save_track+0x18/0x40 [ 15.804811] kasan_save_alloc_info+0x3b/0x50 [ 15.805297] __kasan_kmalloc+0xb7/0xc0 [ 15.805891] __kmalloc_cache_noprof+0x189/0x420 [ 15.806417] kasan_strings+0xc0/0xe80 [ 15.806929] kunit_try_run_case+0x1a5/0x480 [ 15.807536] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.807873] kthread+0x337/0x6f0 [ 15.808058] ret_from_fork+0x116/0x1d0 [ 15.808529] ret_from_fork_asm+0x1a/0x30 [ 15.809040] [ 15.809287] Freed by task 277: [ 15.809529] kasan_save_stack+0x45/0x70 [ 15.810177] kasan_save_track+0x18/0x40 [ 15.810356] kasan_save_free_info+0x3f/0x60 [ 15.810538] __kasan_slab_free+0x56/0x70 [ 15.810723] kfree+0x222/0x3f0 [ 15.811026] kasan_strings+0x2aa/0xe80 [ 15.811266] kunit_try_run_case+0x1a5/0x480 [ 15.811476] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.811942] kthread+0x337/0x6f0 [ 15.812145] ret_from_fork+0x116/0x1d0 [ 15.812364] ret_from_fork_asm+0x1a/0x30 [ 15.812531] [ 15.812688] The buggy address belongs to the object at ffff8881038e5fc0 [ 15.812688] which belongs to the cache kmalloc-32 of size 32 [ 15.813387] The buggy address is located 16 bytes inside of [ 15.813387] freed 32-byte region [ffff8881038e5fc0, ffff8881038e5fe0) [ 15.814260] [ 15.814417] The buggy address belongs to the physical page: [ 15.814695] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e5 [ 15.815214] flags: 0x200000000000000(node=0|zone=2) [ 15.815462] page_type: f5(slab) [ 15.815702] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 15.816194] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 15.816542] page dumped because: kasan: bad access detected [ 15.816892] [ 15.817011] Memory state around the buggy address: [ 15.817319] ffff8881038e5e80: fa fb fb fb fc fc fc fc 00 00 07 fc fc fc fc fc [ 15.817734] ffff8881038e5f00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.818350] >ffff8881038e5f80: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 15.818728] ^ [ 15.819150] ffff8881038e6000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.819499] ffff8881038e6080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.820034] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 15.737000] ================================================================== [ 15.738700] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 15.740240] Read of size 1 at addr ffff888103347998 by task kunit_try_catch/275 [ 15.741304] [ 15.741432] CPU: 1 UID: 0 PID: 275 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.741495] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.741510] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.741538] Call Trace: [ 15.741555] <TASK> [ 15.741578] dump_stack_lvl+0x73/0xb0 [ 15.741617] print_report+0xd1/0x650 [ 15.741668] ? __virt_addr_valid+0x1db/0x2d0 [ 15.741698] ? memcmp+0x1b4/0x1d0 [ 15.741720] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.741746] ? memcmp+0x1b4/0x1d0 [ 15.741776] kasan_report+0x141/0x180 [ 15.741802] ? memcmp+0x1b4/0x1d0 [ 15.741828] __asan_report_load1_noabort+0x18/0x20 [ 15.741856] memcmp+0x1b4/0x1d0 [ 15.741880] kasan_memcmp+0x18f/0x390 [ 15.741904] ? trace_hardirqs_on+0x37/0xe0 [ 15.741933] ? __pfx_kasan_memcmp+0x10/0x10 [ 15.741957] ? finish_task_switch.isra.0+0x153/0x700 [ 15.741986] ? __switch_to+0x47/0xf50 [ 15.742021] ? __pfx_read_tsc+0x10/0x10 [ 15.742047] ? ktime_get_ts64+0x86/0x230 [ 15.742076] kunit_try_run_case+0x1a5/0x480 [ 15.742107] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.742134] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.742163] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.742190] ? __kthread_parkme+0x82/0x180 [ 15.742215] ? preempt_count_sub+0x50/0x80 [ 15.742242] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.742269] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.742297] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.742324] kthread+0x337/0x6f0 [ 15.742347] ? trace_preempt_on+0x20/0xc0 [ 15.742373] ? __pfx_kthread+0x10/0x10 [ 15.742397] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.742427] ? calculate_sigpending+0x7b/0xa0 [ 15.742456] ? __pfx_kthread+0x10/0x10 [ 15.742481] ret_from_fork+0x116/0x1d0 [ 15.742503] ? __pfx_kthread+0x10/0x10 [ 15.742527] ret_from_fork_asm+0x1a/0x30 [ 15.742564] </TASK> [ 15.742578] [ 15.762135] Allocated by task 275: [ 15.762910] kasan_save_stack+0x45/0x70 [ 15.763566] kasan_save_track+0x18/0x40 [ 15.764518] kasan_save_alloc_info+0x3b/0x50 [ 15.765255] __kasan_kmalloc+0xb7/0xc0 [ 15.765722] __kmalloc_cache_noprof+0x189/0x420 [ 15.766446] kasan_memcmp+0xb7/0x390 [ 15.766909] kunit_try_run_case+0x1a5/0x480 [ 15.767326] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.767698] kthread+0x337/0x6f0 [ 15.767857] ret_from_fork+0x116/0x1d0 [ 15.768023] ret_from_fork_asm+0x1a/0x30 [ 15.768191] [ 15.768283] The buggy address belongs to the object at ffff888103347980 [ 15.768283] which belongs to the cache kmalloc-32 of size 32 [ 15.768754] The buggy address is located 0 bytes to the right of [ 15.768754] allocated 24-byte region [ffff888103347980, ffff888103347998) [ 15.769367] [ 15.769571] The buggy address belongs to the physical page: [ 15.770464] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103347 [ 15.771546] flags: 0x200000000000000(node=0|zone=2) [ 15.772203] page_type: f5(slab) [ 15.772875] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 15.773746] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 15.774633] page dumped because: kasan: bad access detected [ 15.775396] [ 15.775590] Memory state around the buggy address: [ 15.776236] ffff888103347880: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.777195] ffff888103347900: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc [ 15.777488] >ffff888103347980: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.777999] ^ [ 15.778480] ffff888103347a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.779340] ffff888103347a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.780059] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 15.700393] ================================================================== [ 15.701060] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 15.701364] Read of size 1 at addr ffff888103a4fc4a by task kunit_try_catch/271 [ 15.701634] [ 15.701756] CPU: 0 UID: 0 PID: 271 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.701812] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.701827] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.701853] Call Trace: [ 15.701868] <TASK> [ 15.701891] dump_stack_lvl+0x73/0xb0 [ 15.701924] print_report+0xd1/0x650 [ 15.701950] ? __virt_addr_valid+0x1db/0x2d0 [ 15.701978] ? kasan_alloca_oob_right+0x329/0x390 [ 15.702004] ? kasan_addr_to_slab+0x11/0xa0 [ 15.702027] ? kasan_alloca_oob_right+0x329/0x390 [ 15.702054] kasan_report+0x141/0x180 [ 15.702079] ? kasan_alloca_oob_right+0x329/0x390 [ 15.702112] __asan_report_load1_noabort+0x18/0x20 [ 15.702140] kasan_alloca_oob_right+0x329/0x390 [ 15.702164] ? __kasan_check_write+0x18/0x20 [ 15.702187] ? __pfx_sched_clock_cpu+0x10/0x10 [ 15.702213] ? finish_task_switch.isra.0+0x153/0x700 [ 15.702239] ? ww_mutex_unlock+0x6e/0x150 [ 15.702266] ? trace_hardirqs_on+0x37/0xe0 [ 15.702295] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 15.702325] ? __schedule+0x10cc/0x2b60 [ 15.702349] ? __pfx_read_tsc+0x10/0x10 [ 15.702375] ? ktime_get_ts64+0x86/0x230 [ 15.702403] kunit_try_run_case+0x1a5/0x480 [ 15.702437] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.702463] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.702489] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.702515] ? __kthread_parkme+0x82/0x180 [ 15.702539] ? preempt_count_sub+0x50/0x80 [ 15.702566] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.702593] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.702619] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.702672] kthread+0x337/0x6f0 [ 15.702912] ? trace_preempt_on+0x20/0xc0 [ 15.702944] ? __pfx_kthread+0x10/0x10 [ 15.702969] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.702996] ? calculate_sigpending+0x7b/0xa0 [ 15.703023] ? __pfx_kthread+0x10/0x10 [ 15.703343] ret_from_fork+0x116/0x1d0 [ 15.703371] ? __pfx_kthread+0x10/0x10 [ 15.703395] ret_from_fork_asm+0x1a/0x30 [ 15.703434] </TASK> [ 15.703459] [ 15.721705] The buggy address belongs to stack of task kunit_try_catch/271 [ 15.722012] [ 15.722196] The buggy address belongs to the physical page: [ 15.722513] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a4f [ 15.722831] flags: 0x200000000000000(node=0|zone=2) [ 15.723342] raw: 0200000000000000 ffffea00040e93c8 ffffea00040e93c8 0000000000000000 [ 15.723913] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 15.724253] page dumped because: kasan: bad access detected [ 15.724561] [ 15.724664] Memory state around the buggy address: [ 15.725047] ffff888103a4fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.725320] ffff888103a4fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.725697] >ffff888103a4fc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 15.726142] ^ [ 15.726405] ffff888103a4fc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 15.726770] ffff888103a4fd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 15.727197] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 15.671241] ================================================================== [ 15.672211] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 15.672642] Read of size 1 at addr ffff888103957c3f by task kunit_try_catch/269 [ 15.673586] [ 15.673751] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.674041] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.674060] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.674089] Call Trace: [ 15.674109] <TASK> [ 15.674132] dump_stack_lvl+0x73/0xb0 [ 15.674173] print_report+0xd1/0x650 [ 15.674200] ? __virt_addr_valid+0x1db/0x2d0 [ 15.674229] ? kasan_alloca_oob_left+0x320/0x380 [ 15.674257] ? kasan_addr_to_slab+0x11/0xa0 [ 15.674280] ? kasan_alloca_oob_left+0x320/0x380 [ 15.674308] kasan_report+0x141/0x180 [ 15.674334] ? kasan_alloca_oob_left+0x320/0x380 [ 15.674366] __asan_report_load1_noabort+0x18/0x20 [ 15.674394] kasan_alloca_oob_left+0x320/0x380 [ 15.674429] ? __pfx_sched_clock_cpu+0x10/0x10 [ 15.674453] ? irqentry_exit+0x2a/0x60 [ 15.674481] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 15.674508] ? trace_hardirqs_on+0x37/0xe0 [ 15.674539] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 15.674572] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 15.674604] kunit_try_run_case+0x1a5/0x480 [ 15.674633] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.674675] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.674704] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.674731] ? __kthread_parkme+0x82/0x180 [ 15.674756] ? preempt_count_sub+0x50/0x80 [ 15.674784] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.674890] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.674920] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.674947] kthread+0x337/0x6f0 [ 15.674972] ? trace_preempt_on+0x20/0xc0 [ 15.674999] ? __pfx_kthread+0x10/0x10 [ 15.675024] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.675051] ? calculate_sigpending+0x7b/0xa0 [ 15.675080] ? __pfx_kthread+0x10/0x10 [ 15.675107] ret_from_fork+0x116/0x1d0 [ 15.675131] ? __pfx_kthread+0x10/0x10 [ 15.675155] ret_from_fork_asm+0x1a/0x30 [ 15.675193] </TASK> [ 15.675207] [ 15.689329] The buggy address belongs to stack of task kunit_try_catch/269 [ 15.689681] [ 15.689778] The buggy address belongs to the physical page: [ 15.690325] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103957 [ 15.690796] flags: 0x200000000000000(node=0|zone=2) [ 15.691418] raw: 0200000000000000 ffffea00040e55c8 ffffea00040e55c8 0000000000000000 [ 15.691889] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 15.692239] page dumped because: kasan: bad access detected [ 15.692505] [ 15.692604] Memory state around the buggy address: [ 15.693308] ffff888103957b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.693669] ffff888103957b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.694192] >ffff888103957c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 15.694679] ^ [ 15.695135] ffff888103957c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 15.695618] ffff888103957d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 15.696232] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 15.639600] ================================================================== [ 15.640901] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 15.641268] Read of size 1 at addr ffff888103a47d02 by task kunit_try_catch/267 [ 15.642075] [ 15.642216] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.642408] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.642434] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.642462] Call Trace: [ 15.642481] <TASK> [ 15.642504] dump_stack_lvl+0x73/0xb0 [ 15.642543] print_report+0xd1/0x650 [ 15.642571] ? __virt_addr_valid+0x1db/0x2d0 [ 15.642598] ? kasan_stack_oob+0x2b5/0x300 [ 15.642622] ? kasan_addr_to_slab+0x11/0xa0 [ 15.642660] ? kasan_stack_oob+0x2b5/0x300 [ 15.642684] kasan_report+0x141/0x180 [ 15.642709] ? kasan_stack_oob+0x2b5/0x300 [ 15.642738] __asan_report_load1_noabort+0x18/0x20 [ 15.642766] kasan_stack_oob+0x2b5/0x300 [ 15.642790] ? __pfx_kasan_stack_oob+0x10/0x10 [ 15.642812] ? finish_task_switch.isra.0+0x153/0x700 [ 15.642839] ? __switch_to+0x47/0xf50 [ 15.642870] ? __schedule+0x10cc/0x2b60 [ 15.642896] ? __pfx_read_tsc+0x10/0x10 [ 15.642921] ? ktime_get_ts64+0x86/0x230 [ 15.642951] kunit_try_run_case+0x1a5/0x480 [ 15.642980] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.643006] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.643034] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.643061] ? __kthread_parkme+0x82/0x180 [ 15.643085] ? preempt_count_sub+0x50/0x80 [ 15.643111] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.643141] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.643168] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.643194] kthread+0x337/0x6f0 [ 15.643218] ? trace_preempt_on+0x20/0xc0 [ 15.643246] ? __pfx_kthread+0x10/0x10 [ 15.643271] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.643294] ? calculate_sigpending+0x7b/0xa0 [ 15.643324] ? __pfx_kthread+0x10/0x10 [ 15.643349] ret_from_fork+0x116/0x1d0 [ 15.643370] ? __pfx_kthread+0x10/0x10 [ 15.643393] ret_from_fork_asm+0x1a/0x30 [ 15.643432] </TASK> [ 15.643446] [ 15.657559] The buggy address belongs to stack of task kunit_try_catch/267 [ 15.658282] and is located at offset 138 in frame: [ 15.658604] kasan_stack_oob+0x0/0x300 [ 15.659247] [ 15.659377] This frame has 4 objects: [ 15.659705] [48, 49) '__assertion' [ 15.659739] [64, 72) 'array' [ 15.660013] [96, 112) '__assertion' [ 15.660293] [128, 138) 'stack_array' [ 15.660602] [ 15.661038] The buggy address belongs to the physical page: [ 15.661340] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a47 [ 15.661824] flags: 0x200000000000000(node=0|zone=2) [ 15.662236] raw: 0200000000000000 ffffea00040e91c8 ffffea00040e91c8 0000000000000000 [ 15.662727] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 15.663089] page dumped because: kasan: bad access detected [ 15.663482] [ 15.663600] Memory state around the buggy address: [ 15.663954] ffff888103a47c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 15.664465] ffff888103a47c80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 15.664879] >ffff888103a47d00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 15.665166] ^ [ 15.665444] ffff888103a47d80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 15.666008] ffff888103a47e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.666676] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 15.609016] ================================================================== [ 15.610132] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 15.610455] Read of size 1 at addr ffffffff99e61e8d by task kunit_try_catch/263 [ 15.611109] [ 15.611438] CPU: 1 UID: 0 PID: 263 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.611504] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.611519] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.611547] Call Trace: [ 15.611564] <TASK> [ 15.611588] dump_stack_lvl+0x73/0xb0 [ 15.611628] print_report+0xd1/0x650 [ 15.611668] ? __virt_addr_valid+0x1db/0x2d0 [ 15.611698] ? kasan_global_oob_right+0x286/0x2d0 [ 15.611724] ? kasan_addr_to_slab+0x11/0xa0 [ 15.611748] ? kasan_global_oob_right+0x286/0x2d0 [ 15.611782] kasan_report+0x141/0x180 [ 15.611809] ? kasan_global_oob_right+0x286/0x2d0 [ 15.611840] __asan_report_load1_noabort+0x18/0x20 [ 15.611868] kasan_global_oob_right+0x286/0x2d0 [ 15.611894] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 15.611925] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 15.611956] kunit_try_run_case+0x1a5/0x480 [ 15.611987] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.612013] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.612043] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.612070] ? __kthread_parkme+0x82/0x180 [ 15.612095] ? preempt_count_sub+0x50/0x80 [ 15.612125] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.612153] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.612180] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.612208] kthread+0x337/0x6f0 [ 15.612231] ? trace_preempt_on+0x20/0xc0 [ 15.612261] ? __pfx_kthread+0x10/0x10 [ 15.612286] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.612330] ? calculate_sigpending+0x7b/0xa0 [ 15.612359] ? __pfx_kthread+0x10/0x10 [ 15.612386] ret_from_fork+0x116/0x1d0 [ 15.612410] ? __pfx_kthread+0x10/0x10 [ 15.612434] ret_from_fork_asm+0x1a/0x30 [ 15.612473] </TASK> [ 15.612487] [ 15.625235] The buggy address belongs to the variable: [ 15.625831] global_array+0xd/0x40 [ 15.626326] [ 15.626550] The buggy address belongs to the physical page: [ 15.627168] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x58061 [ 15.628099] flags: 0x100000000002000(reserved|node=0|zone=1) [ 15.628862] raw: 0100000000002000 ffffea0001601848 ffffea0001601848 0000000000000000 [ 15.629668] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 15.630153] page dumped because: kasan: bad access detected [ 15.630360] [ 15.630451] Memory state around the buggy address: [ 15.630640] ffffffff99e61d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.630928] ffffffff99e61e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.631451] >ffffffff99e61e80: 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 15.631737] ^ [ 15.631929] ffffffff99e61f00: 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 [ 15.632549] ffffffff99e61f80: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 15.632959] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 15.572269] ================================================================== [ 15.573171] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 15.573516] Free of addr ffff8881039f8001 by task kunit_try_catch/261 [ 15.574492] [ 15.574953] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.575018] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.575178] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.575213] Call Trace: [ 15.575230] <TASK> [ 15.575254] dump_stack_lvl+0x73/0xb0 [ 15.575293] print_report+0xd1/0x650 [ 15.575321] ? __virt_addr_valid+0x1db/0x2d0 [ 15.575351] ? kasan_addr_to_slab+0x11/0xa0 [ 15.575375] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 15.575407] kasan_report_invalid_free+0x10a/0x130 [ 15.575436] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 15.575468] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 15.575498] __kasan_mempool_poison_object+0x102/0x1d0 [ 15.575526] mempool_free+0x2ec/0x380 [ 15.575554] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 15.575584] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 15.575613] ? update_load_avg+0x1be/0x21b0 [ 15.575641] ? update_load_avg+0x1be/0x21b0 [ 15.575680] ? update_curr+0x80/0x810 [ 15.575706] ? finish_task_switch.isra.0+0x153/0x700 [ 15.575736] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 15.575810] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 15.575846] ? __pfx_mempool_kmalloc+0x10/0x10 [ 15.575873] ? __pfx_mempool_kfree+0x10/0x10 [ 15.575902] ? __pfx_read_tsc+0x10/0x10 [ 15.575927] ? ktime_get_ts64+0x86/0x230 [ 15.575957] kunit_try_run_case+0x1a5/0x480 [ 15.575988] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.576014] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.576042] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.576071] ? __kthread_parkme+0x82/0x180 [ 15.576095] ? preempt_count_sub+0x50/0x80 [ 15.576122] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.576150] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.576177] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.576204] kthread+0x337/0x6f0 [ 15.576228] ? trace_preempt_on+0x20/0xc0 [ 15.576257] ? __pfx_kthread+0x10/0x10 [ 15.576281] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.576307] ? calculate_sigpending+0x7b/0xa0 [ 15.576336] ? __pfx_kthread+0x10/0x10 [ 15.576361] ret_from_fork+0x116/0x1d0 [ 15.576383] ? __pfx_kthread+0x10/0x10 [ 15.576407] ret_from_fork_asm+0x1a/0x30 [ 15.576443] </TASK> [ 15.576458] [ 15.594720] The buggy address belongs to the physical page: [ 15.595288] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f8 [ 15.595894] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.596500] flags: 0x200000000000040(head|node=0|zone=2) [ 15.596822] page_type: f8(unknown) [ 15.597096] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.597605] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.598119] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.598499] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.599225] head: 0200000000000002 ffffea00040e7e01 00000000ffffffff 00000000ffffffff [ 15.599608] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.600068] page dumped because: kasan: bad access detected [ 15.600421] [ 15.600555] Memory state around the buggy address: [ 15.600813] ffff8881039f7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.601339] ffff8881039f7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.601699] >ffff8881039f8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.602097] ^ [ 15.602439] ffff8881039f8080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.602771] ffff8881039f8100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.603222] ================================================================== [ 15.535007] ================================================================== [ 15.536285] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 15.536765] Free of addr ffff8881038e9001 by task kunit_try_catch/259 [ 15.537087] [ 15.537509] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.537571] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.537586] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.537612] Call Trace: [ 15.537626] <TASK> [ 15.537664] dump_stack_lvl+0x73/0xb0 [ 15.537701] print_report+0xd1/0x650 [ 15.537728] ? __virt_addr_valid+0x1db/0x2d0 [ 15.537758] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.537784] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 15.537868] kasan_report_invalid_free+0x10a/0x130 [ 15.537902] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 15.537934] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 15.537963] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 15.537991] check_slab_allocation+0x11f/0x130 [ 15.538017] __kasan_mempool_poison_object+0x91/0x1d0 [ 15.538046] mempool_free+0x2ec/0x380 [ 15.538075] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 15.538105] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 15.538136] ? kasan_save_track+0x18/0x40 [ 15.538158] ? kasan_save_alloc_info+0x3b/0x50 [ 15.538185] ? kasan_save_stack+0x45/0x70 [ 15.538214] mempool_kmalloc_invalid_free+0xed/0x140 [ 15.538242] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 15.538274] ? __pfx_mempool_kmalloc+0x10/0x10 [ 15.538302] ? __pfx_mempool_kfree+0x10/0x10 [ 15.538331] ? __pfx_read_tsc+0x10/0x10 [ 15.538357] ? ktime_get_ts64+0x86/0x230 [ 15.538387] kunit_try_run_case+0x1a5/0x480 [ 15.538417] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.538450] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.538478] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.538505] ? __kthread_parkme+0x82/0x180 [ 15.538530] ? preempt_count_sub+0x50/0x80 [ 15.538557] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.538586] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.538613] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.538640] kthread+0x337/0x6f0 [ 15.538678] ? trace_preempt_on+0x20/0xc0 [ 15.538706] ? __pfx_kthread+0x10/0x10 [ 15.538730] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.538755] ? calculate_sigpending+0x7b/0xa0 [ 15.538784] ? __pfx_kthread+0x10/0x10 [ 15.538831] ret_from_fork+0x116/0x1d0 [ 15.538853] ? __pfx_kthread+0x10/0x10 [ 15.538877] ret_from_fork_asm+0x1a/0x30 [ 15.538916] </TASK> [ 15.538930] [ 15.552664] Allocated by task 259: [ 15.553423] kasan_save_stack+0x45/0x70 [ 15.553682] kasan_save_track+0x18/0x40 [ 15.553879] kasan_save_alloc_info+0x3b/0x50 [ 15.554255] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 15.554527] remove_element+0x11e/0x190 [ 15.554729] mempool_alloc_preallocated+0x4d/0x90 [ 15.555443] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 15.555734] mempool_kmalloc_invalid_free+0xed/0x140 [ 15.556313] kunit_try_run_case+0x1a5/0x480 [ 15.556682] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.557303] kthread+0x337/0x6f0 [ 15.557627] ret_from_fork+0x116/0x1d0 [ 15.558154] ret_from_fork_asm+0x1a/0x30 [ 15.558393] [ 15.558491] The buggy address belongs to the object at ffff8881038e9000 [ 15.558491] which belongs to the cache kmalloc-128 of size 128 [ 15.559451] The buggy address is located 1 bytes inside of [ 15.559451] 128-byte region [ffff8881038e9000, ffff8881038e9080) [ 15.560404] [ 15.560510] The buggy address belongs to the physical page: [ 15.560834] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e9 [ 15.562088] flags: 0x200000000000000(node=0|zone=2) [ 15.562382] page_type: f5(slab) [ 15.562801] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.563262] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.563776] page dumped because: kasan: bad access detected [ 15.564194] [ 15.564317] Memory state around the buggy address: [ 15.564580] ffff8881038e8f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.565458] ffff8881038e8f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.566056] >ffff8881038e9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.566497] ^ [ 15.566905] ffff8881038e9080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.567269] ffff8881038e9100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.567738] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 15.504599] ================================================================== [ 15.505387] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 15.505731] Free of addr ffff888102abc000 by task kunit_try_catch/257 [ 15.506541] [ 15.506697] CPU: 0 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.506769] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.506786] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.506826] Call Trace: [ 15.506843] <TASK> [ 15.506881] dump_stack_lvl+0x73/0xb0 [ 15.506920] print_report+0xd1/0x650 [ 15.506950] ? __virt_addr_valid+0x1db/0x2d0 [ 15.506980] ? kasan_addr_to_slab+0x11/0xa0 [ 15.507004] ? mempool_double_free_helper+0x184/0x370 [ 15.507033] kasan_report_invalid_free+0x10a/0x130 [ 15.507063] ? mempool_double_free_helper+0x184/0x370 [ 15.507106] ? mempool_double_free_helper+0x184/0x370 [ 15.507133] __kasan_mempool_poison_pages+0x115/0x130 [ 15.507176] mempool_free+0x290/0x380 [ 15.507204] mempool_double_free_helper+0x184/0x370 [ 15.507233] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 15.507266] ? finish_task_switch.isra.0+0x153/0x700 [ 15.507298] mempool_page_alloc_double_free+0xe8/0x140 [ 15.507338] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 15.507370] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 15.507394] ? __pfx_mempool_free_pages+0x10/0x10 [ 15.507428] ? __pfx_read_tsc+0x10/0x10 [ 15.507453] ? ktime_get_ts64+0x86/0x230 [ 15.507482] kunit_try_run_case+0x1a5/0x480 [ 15.507511] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.507538] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.507565] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.507592] ? __kthread_parkme+0x82/0x180 [ 15.507617] ? preempt_count_sub+0x50/0x80 [ 15.507643] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.507684] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.507712] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.507740] kthread+0x337/0x6f0 [ 15.507762] ? trace_preempt_on+0x20/0xc0 [ 15.507789] ? __pfx_kthread+0x10/0x10 [ 15.507813] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.507838] ? calculate_sigpending+0x7b/0xa0 [ 15.507865] ? __pfx_kthread+0x10/0x10 [ 15.507891] ret_from_fork+0x116/0x1d0 [ 15.507913] ? __pfx_kthread+0x10/0x10 [ 15.507937] ret_from_fork_asm+0x1a/0x30 [ 15.507973] </TASK> [ 15.507986] [ 15.523669] The buggy address belongs to the physical page: [ 15.524784] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102abc [ 15.525425] flags: 0x200000000000000(node=0|zone=2) [ 15.525931] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 15.526426] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 15.526819] page dumped because: kasan: bad access detected [ 15.527315] [ 15.527407] Memory state around the buggy address: [ 15.527699] ffff888102abbf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.528497] ffff888102abbf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.528931] >ffff888102abc000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.529502] ^ [ 15.529853] ffff888102abc080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.530228] ffff888102abc100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.530614] ================================================================== [ 15.472720] ================================================================== [ 15.473431] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 15.473860] Free of addr ffff8881039f8000 by task kunit_try_catch/255 [ 15.474217] [ 15.474365] CPU: 1 UID: 0 PID: 255 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.474431] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.474446] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.474475] Call Trace: [ 15.474491] <TASK> [ 15.474515] dump_stack_lvl+0x73/0xb0 [ 15.474552] print_report+0xd1/0x650 [ 15.474579] ? __virt_addr_valid+0x1db/0x2d0 [ 15.474609] ? kasan_addr_to_slab+0x11/0xa0 [ 15.474633] ? mempool_double_free_helper+0x184/0x370 [ 15.474678] kasan_report_invalid_free+0x10a/0x130 [ 15.474707] ? mempool_double_free_helper+0x184/0x370 [ 15.474741] ? mempool_double_free_helper+0x184/0x370 [ 15.474770] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 15.474854] mempool_free+0x2ec/0x380 [ 15.474898] mempool_double_free_helper+0x184/0x370 [ 15.474927] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 15.474957] ? __kasan_check_write+0x18/0x20 [ 15.475100] ? __pfx_sched_clock_cpu+0x10/0x10 [ 15.475131] ? finish_task_switch.isra.0+0x153/0x700 [ 15.475162] mempool_kmalloc_large_double_free+0xed/0x140 [ 15.475192] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 15.475225] ? __pfx_mempool_kmalloc+0x10/0x10 [ 15.475252] ? __pfx_mempool_kfree+0x10/0x10 [ 15.475327] ? __pfx_read_tsc+0x10/0x10 [ 15.475353] ? ktime_get_ts64+0x86/0x230 [ 15.475397] kunit_try_run_case+0x1a5/0x480 [ 15.475427] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.475454] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.475522] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.475552] ? __kthread_parkme+0x82/0x180 [ 15.475577] ? preempt_count_sub+0x50/0x80 [ 15.475616] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.475645] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.475683] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.475709] kthread+0x337/0x6f0 [ 15.475732] ? trace_preempt_on+0x20/0xc0 [ 15.475760] ? __pfx_kthread+0x10/0x10 [ 15.475797] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.475836] ? calculate_sigpending+0x7b/0xa0 [ 15.475866] ? __pfx_kthread+0x10/0x10 [ 15.475892] ret_from_fork+0x116/0x1d0 [ 15.475914] ? __pfx_kthread+0x10/0x10 [ 15.475940] ret_from_fork_asm+0x1a/0x30 [ 15.475978] </TASK> [ 15.475993] [ 15.489338] The buggy address belongs to the physical page: [ 15.489948] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f8 [ 15.490782] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.491667] flags: 0x200000000000040(head|node=0|zone=2) [ 15.492315] page_type: f8(unknown) [ 15.492695] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.493802] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.494303] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.494592] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.494885] head: 0200000000000002 ffffea00040e7e01 00000000ffffffff 00000000ffffffff [ 15.495157] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.495427] page dumped because: kasan: bad access detected [ 15.495627] [ 15.495934] Memory state around the buggy address: [ 15.496441] ffff8881039f7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.497218] ffff8881039f7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.497957] >ffff8881039f8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.498889] ^ [ 15.499244] ffff8881039f8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.499952] ffff8881039f8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.500694] ================================================================== [ 15.425106] ================================================================== [ 15.425701] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 15.426552] Free of addr ffff8881029dfc00 by task kunit_try_catch/253 [ 15.427136] [ 15.427623] CPU: 0 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.427700] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.427715] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.427743] Call Trace: [ 15.427762] <TASK> [ 15.427978] dump_stack_lvl+0x73/0xb0 [ 15.428027] print_report+0xd1/0x650 [ 15.428056] ? __virt_addr_valid+0x1db/0x2d0 [ 15.428085] ? kasan_complete_mode_report_info+0x64/0x200 [ 15.428111] ? mempool_double_free_helper+0x184/0x370 [ 15.428140] kasan_report_invalid_free+0x10a/0x130 [ 15.428169] ? mempool_double_free_helper+0x184/0x370 [ 15.428200] ? mempool_double_free_helper+0x184/0x370 [ 15.428228] ? mempool_double_free_helper+0x184/0x370 [ 15.428256] check_slab_allocation+0x101/0x130 [ 15.428281] __kasan_mempool_poison_object+0x91/0x1d0 [ 15.428309] mempool_free+0x2ec/0x380 [ 15.428336] mempool_double_free_helper+0x184/0x370 [ 15.428363] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 15.428394] ? __pfx_sched_clock_cpu+0x10/0x10 [ 15.428421] ? finish_task_switch.isra.0+0x153/0x700 [ 15.428451] mempool_kmalloc_double_free+0xed/0x140 [ 15.428478] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 15.428508] ? __pfx_mempool_kmalloc+0x10/0x10 [ 15.428534] ? __pfx_mempool_kfree+0x10/0x10 [ 15.428563] ? __pfx_read_tsc+0x10/0x10 [ 15.428587] ? ktime_get_ts64+0x86/0x230 [ 15.428615] kunit_try_run_case+0x1a5/0x480 [ 15.428657] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.428683] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.428710] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.428737] ? __kthread_parkme+0x82/0x180 [ 15.428761] ? preempt_count_sub+0x50/0x80 [ 15.428788] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.428816] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.428842] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.428868] kthread+0x337/0x6f0 [ 15.428892] ? trace_preempt_on+0x20/0xc0 [ 15.428920] ? __pfx_kthread+0x10/0x10 [ 15.428943] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.428967] ? calculate_sigpending+0x7b/0xa0 [ 15.428995] ? __pfx_kthread+0x10/0x10 [ 15.429020] ret_from_fork+0x116/0x1d0 [ 15.429040] ? __pfx_kthread+0x10/0x10 [ 15.429064] ret_from_fork_asm+0x1a/0x30 [ 15.429101] </TASK> [ 15.429115] [ 15.448363] Allocated by task 253: [ 15.448575] kasan_save_stack+0x45/0x70 [ 15.449225] kasan_save_track+0x18/0x40 [ 15.449451] kasan_save_alloc_info+0x3b/0x50 [ 15.449774] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 15.450225] remove_element+0x11e/0x190 [ 15.450458] mempool_alloc_preallocated+0x4d/0x90 [ 15.450751] mempool_double_free_helper+0x8a/0x370 [ 15.451362] mempool_kmalloc_double_free+0xed/0x140 [ 15.451751] kunit_try_run_case+0x1a5/0x480 [ 15.452180] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.452453] kthread+0x337/0x6f0 [ 15.452675] ret_from_fork+0x116/0x1d0 [ 15.453248] ret_from_fork_asm+0x1a/0x30 [ 15.453492] [ 15.453802] Freed by task 253: [ 15.454328] kasan_save_stack+0x45/0x70 [ 15.454710] kasan_save_track+0x18/0x40 [ 15.455173] kasan_save_free_info+0x3f/0x60 [ 15.455674] __kasan_mempool_poison_object+0x131/0x1d0 [ 15.456339] mempool_free+0x2ec/0x380 [ 15.456566] mempool_double_free_helper+0x109/0x370 [ 15.457103] mempool_kmalloc_double_free+0xed/0x140 [ 15.457528] kunit_try_run_case+0x1a5/0x480 [ 15.457769] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.458507] kthread+0x337/0x6f0 [ 15.458721] ret_from_fork+0x116/0x1d0 [ 15.459245] ret_from_fork_asm+0x1a/0x30 [ 15.459596] [ 15.459739] The buggy address belongs to the object at ffff8881029dfc00 [ 15.459739] which belongs to the cache kmalloc-128 of size 128 [ 15.460501] The buggy address is located 0 bytes inside of [ 15.460501] 128-byte region [ffff8881029dfc00, ffff8881029dfc80) [ 15.461481] [ 15.461614] The buggy address belongs to the physical page: [ 15.462448] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029df [ 15.463162] flags: 0x200000000000000(node=0|zone=2) [ 15.463433] page_type: f5(slab) [ 15.463640] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.464379] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.464760] page dumped because: kasan: bad access detected [ 15.465103] [ 15.465380] Memory state around the buggy address: [ 15.465633] ffff8881029dfb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.466503] ffff8881029dfb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.466874] >ffff8881029dfc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.467316] ^ [ 15.467566] ffff8881029dfc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.467885] ffff8881029dfd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.468336] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 15.325110] ================================================================== [ 15.326295] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 15.326592] Read of size 1 at addr ffff8881039f8000 by task kunit_try_catch/247 [ 15.326977] [ 15.327114] CPU: 1 UID: 0 PID: 247 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.327173] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.327189] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.327218] Call Trace: [ 15.327236] <TASK> [ 15.327258] dump_stack_lvl+0x73/0xb0 [ 15.327295] print_report+0xd1/0x650 [ 15.327324] ? __virt_addr_valid+0x1db/0x2d0 [ 15.327354] ? mempool_uaf_helper+0x392/0x400 [ 15.327382] ? kasan_addr_to_slab+0x11/0xa0 [ 15.327408] ? mempool_uaf_helper+0x392/0x400 [ 15.327436] kasan_report+0x141/0x180 [ 15.327464] ? mempool_uaf_helper+0x392/0x400 [ 15.327497] __asan_report_load1_noabort+0x18/0x20 [ 15.327527] mempool_uaf_helper+0x392/0x400 [ 15.327555] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 15.327585] ? __pfx_sched_clock_cpu+0x10/0x10 [ 15.327614] ? finish_task_switch.isra.0+0x153/0x700 [ 15.327645] mempool_kmalloc_large_uaf+0xef/0x140 [ 15.327691] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 15.327721] ? __kasan_check_write+0x18/0x20 [ 15.327748] ? __pfx_mempool_kmalloc+0x10/0x10 [ 15.327777] ? __pfx_mempool_kfree+0x10/0x10 [ 15.327808] ? __pfx_read_tsc+0x10/0x10 [ 15.327835] ? ktime_get_ts64+0x86/0x230 [ 15.327862] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 15.327894] kunit_try_run_case+0x1a5/0x480 [ 15.327927] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.327956] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.327987] ? __kthread_parkme+0x82/0x180 [ 15.328067] ? preempt_count_sub+0x50/0x80 [ 15.328100] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.328129] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.328157] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.328185] kthread+0x337/0x6f0 [ 15.328209] ? trace_preempt_on+0x20/0xc0 [ 15.328239] ? __pfx_kthread+0x10/0x10 [ 15.328265] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.328290] ? calculate_sigpending+0x7b/0xa0 [ 15.328319] ? __pfx_kthread+0x10/0x10 [ 15.328346] ret_from_fork+0x116/0x1d0 [ 15.328369] ? __pfx_kthread+0x10/0x10 [ 15.328394] ret_from_fork_asm+0x1a/0x30 [ 15.328432] </TASK> [ 15.328447] [ 15.338393] The buggy address belongs to the physical page: [ 15.338733] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f8 [ 15.339228] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.339625] flags: 0x200000000000040(head|node=0|zone=2) [ 15.339904] page_type: f8(unknown) [ 15.340063] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.340482] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.341122] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.341498] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.342137] head: 0200000000000002 ffffea00040e7e01 00000000ffffffff 00000000ffffffff [ 15.342520] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.343082] page dumped because: kasan: bad access detected [ 15.343301] [ 15.343389] Memory state around the buggy address: [ 15.343582] ffff8881039f7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.344135] ffff8881039f7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.344534] >ffff8881039f8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.344948] ^ [ 15.345112] ffff8881039f8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.345485] ffff8881039f8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.345780] ================================================================== [ 15.393053] ================================================================== [ 15.393574] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 15.394784] Read of size 1 at addr ffff8881039f8000 by task kunit_try_catch/251 [ 15.395694] [ 15.396094] CPU: 1 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.396160] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.396178] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.396208] Call Trace: [ 15.396225] <TASK> [ 15.396250] dump_stack_lvl+0x73/0xb0 [ 15.396293] print_report+0xd1/0x650 [ 15.396322] ? __virt_addr_valid+0x1db/0x2d0 [ 15.396351] ? mempool_uaf_helper+0x392/0x400 [ 15.396378] ? kasan_addr_to_slab+0x11/0xa0 [ 15.396402] ? mempool_uaf_helper+0x392/0x400 [ 15.396429] kasan_report+0x141/0x180 [ 15.396455] ? mempool_uaf_helper+0x392/0x400 [ 15.396487] __asan_report_load1_noabort+0x18/0x20 [ 15.396516] mempool_uaf_helper+0x392/0x400 [ 15.396542] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 15.396571] ? __pfx_sched_clock_cpu+0x10/0x10 [ 15.396598] ? finish_task_switch.isra.0+0x153/0x700 [ 15.396627] mempool_page_alloc_uaf+0xed/0x140 [ 15.396670] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 15.396702] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 15.396725] ? __pfx_mempool_free_pages+0x10/0x10 [ 15.396751] ? __pfx_read_tsc+0x10/0x10 [ 15.396785] ? ktime_get_ts64+0x86/0x230 [ 15.396814] kunit_try_run_case+0x1a5/0x480 [ 15.396844] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.396870] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.396899] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.396925] ? __kthread_parkme+0x82/0x180 [ 15.396951] ? preempt_count_sub+0x50/0x80 [ 15.396977] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.397004] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.397031] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.397057] kthread+0x337/0x6f0 [ 15.397081] ? trace_preempt_on+0x20/0xc0 [ 15.397108] ? __pfx_kthread+0x10/0x10 [ 15.397132] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.397156] ? calculate_sigpending+0x7b/0xa0 [ 15.397187] ? __pfx_kthread+0x10/0x10 [ 15.397211] ret_from_fork+0x116/0x1d0 [ 15.397233] ? __pfx_kthread+0x10/0x10 [ 15.397256] ret_from_fork_asm+0x1a/0x30 [ 15.397294] </TASK> [ 15.397307] [ 15.412520] The buggy address belongs to the physical page: [ 15.413152] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f8 [ 15.414009] flags: 0x200000000000000(node=0|zone=2) [ 15.414555] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 15.415365] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 15.416161] page dumped because: kasan: bad access detected [ 15.416486] [ 15.416573] Memory state around the buggy address: [ 15.417011] ffff8881039f7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.417722] ffff8881039f7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.418439] >ffff8881039f8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.418708] ^ [ 15.419043] ffff8881039f8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.419788] ffff8881039f8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.420490] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 15.351350] ================================================================== [ 15.352235] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 15.352663] Read of size 1 at addr ffff888103347240 by task kunit_try_catch/249 [ 15.353194] [ 15.353365] CPU: 1 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.353427] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.353443] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.353472] Call Trace: [ 15.353488] <TASK> [ 15.353512] dump_stack_lvl+0x73/0xb0 [ 15.353550] print_report+0xd1/0x650 [ 15.353578] ? __virt_addr_valid+0x1db/0x2d0 [ 15.353664] ? mempool_uaf_helper+0x392/0x400 [ 15.353694] ? kasan_complete_mode_report_info+0x64/0x200 [ 15.353721] ? mempool_uaf_helper+0x392/0x400 [ 15.353748] kasan_report+0x141/0x180 [ 15.353790] ? mempool_uaf_helper+0x392/0x400 [ 15.353823] __asan_report_load1_noabort+0x18/0x20 [ 15.353850] mempool_uaf_helper+0x392/0x400 [ 15.353878] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 15.354004] ? __pfx_sched_clock_cpu+0x10/0x10 [ 15.354037] ? irqentry_exit+0x2a/0x60 [ 15.354064] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 15.354095] mempool_slab_uaf+0xea/0x140 [ 15.354124] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 15.354201] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 15.354227] ? __pfx_mempool_free_slab+0x10/0x10 [ 15.354253] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 15.354283] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 15.354312] kunit_try_run_case+0x1a5/0x480 [ 15.354344] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.354371] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.354400] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.354436] ? __kthread_parkme+0x82/0x180 [ 15.354462] ? preempt_count_sub+0x50/0x80 [ 15.354490] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.354518] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.354547] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.354573] kthread+0x337/0x6f0 [ 15.354595] ? trace_preempt_on+0x20/0xc0 [ 15.354624] ? __pfx_kthread+0x10/0x10 [ 15.354661] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.354686] ? calculate_sigpending+0x7b/0xa0 [ 15.354717] ? __pfx_kthread+0x10/0x10 [ 15.354741] ret_from_fork+0x116/0x1d0 [ 15.354766] ? __pfx_kthread+0x10/0x10 [ 15.354789] ret_from_fork_asm+0x1a/0x30 [ 15.354872] </TASK> [ 15.354886] [ 15.367271] Allocated by task 249: [ 15.367449] kasan_save_stack+0x45/0x70 [ 15.368113] kasan_save_track+0x18/0x40 [ 15.368416] kasan_save_alloc_info+0x3b/0x50 [ 15.368686] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 15.369096] remove_element+0x11e/0x190 [ 15.369320] mempool_alloc_preallocated+0x4d/0x90 [ 15.369581] mempool_uaf_helper+0x96/0x400 [ 15.369817] mempool_slab_uaf+0xea/0x140 [ 15.370036] kunit_try_run_case+0x1a5/0x480 [ 15.370619] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.371018] kthread+0x337/0x6f0 [ 15.371228] ret_from_fork+0x116/0x1d0 [ 15.371443] ret_from_fork_asm+0x1a/0x30 [ 15.371631] [ 15.371742] Freed by task 249: [ 15.371950] kasan_save_stack+0x45/0x70 [ 15.372210] kasan_save_track+0x18/0x40 [ 15.372483] kasan_save_free_info+0x3f/0x60 [ 15.372662] __kasan_mempool_poison_object+0x131/0x1d0 [ 15.373268] mempool_free+0x2ec/0x380 [ 15.373489] mempool_uaf_helper+0x11a/0x400 [ 15.373733] mempool_slab_uaf+0xea/0x140 [ 15.373962] kunit_try_run_case+0x1a5/0x480 [ 15.374268] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.374543] kthread+0x337/0x6f0 [ 15.374772] ret_from_fork+0x116/0x1d0 [ 15.375012] ret_from_fork_asm+0x1a/0x30 [ 15.375180] [ 15.375301] The buggy address belongs to the object at ffff888103347240 [ 15.375301] which belongs to the cache test_cache of size 123 [ 15.375992] The buggy address is located 0 bytes inside of [ 15.375992] freed 123-byte region [ffff888103347240, ffff8881033472bb) [ 15.376541] [ 15.376735] The buggy address belongs to the physical page: [ 15.377186] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103347 [ 15.377621] flags: 0x200000000000000(node=0|zone=2) [ 15.378119] page_type: f5(slab) [ 15.378276] raw: 0200000000000000 ffff88810333c3c0 dead000000000122 0000000000000000 [ 15.378756] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 15.379242] page dumped because: kasan: bad access detected [ 15.379588] [ 15.379697] Memory state around the buggy address: [ 15.380032] ffff888103347100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.380497] ffff888103347180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.380866] >ffff888103347200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 15.381310] ^ [ 15.381623] ffff888103347280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.382265] ffff888103347300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.382603] ================================================================== [ 15.282801] ================================================================== [ 15.283957] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 15.284261] Read of size 1 at addr ffff888103332a00 by task kunit_try_catch/245 [ 15.284532] [ 15.284668] CPU: 1 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.284728] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.284744] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.284772] Call Trace: [ 15.284789] <TASK> [ 15.284815] dump_stack_lvl+0x73/0xb0 [ 15.284869] print_report+0xd1/0x650 [ 15.284897] ? __virt_addr_valid+0x1db/0x2d0 [ 15.284944] ? mempool_uaf_helper+0x392/0x400 [ 15.284972] ? kasan_complete_mode_report_info+0x64/0x200 [ 15.284999] ? mempool_uaf_helper+0x392/0x400 [ 15.285026] kasan_report+0x141/0x180 [ 15.285063] ? mempool_uaf_helper+0x392/0x400 [ 15.285096] __asan_report_load1_noabort+0x18/0x20 [ 15.285126] mempool_uaf_helper+0x392/0x400 [ 15.285165] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 15.285196] ? __pfx_sched_clock_cpu+0x10/0x10 [ 15.285225] ? finish_task_switch.isra.0+0x153/0x700 [ 15.285258] mempool_kmalloc_uaf+0xef/0x140 [ 15.285285] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 15.285316] ? __pfx_mempool_kmalloc+0x10/0x10 [ 15.285347] ? __pfx_mempool_kfree+0x10/0x10 [ 15.285378] ? __pfx_read_tsc+0x10/0x10 [ 15.285405] ? ktime_get_ts64+0x86/0x230 [ 15.285436] kunit_try_run_case+0x1a5/0x480 [ 15.285469] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.285497] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.285528] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.285567] ? __kthread_parkme+0x82/0x180 [ 15.285593] ? preempt_count_sub+0x50/0x80 [ 15.285634] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.285673] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.285701] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.285729] kthread+0x337/0x6f0 [ 15.285752] ? trace_preempt_on+0x20/0xc0 [ 15.285800] ? __pfx_kthread+0x10/0x10 [ 15.285837] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.285862] ? calculate_sigpending+0x7b/0xa0 [ 15.285904] ? __pfx_kthread+0x10/0x10 [ 15.285931] ret_from_fork+0x116/0x1d0 [ 15.285953] ? __pfx_kthread+0x10/0x10 [ 15.285979] ret_from_fork_asm+0x1a/0x30 [ 15.286018] </TASK> [ 15.286033] [ 15.300400] Allocated by task 245: [ 15.300586] kasan_save_stack+0x45/0x70 [ 15.300860] kasan_save_track+0x18/0x40 [ 15.301718] kasan_save_alloc_info+0x3b/0x50 [ 15.302114] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 15.302414] remove_element+0x11e/0x190 [ 15.302839] mempool_alloc_preallocated+0x4d/0x90 [ 15.303222] mempool_uaf_helper+0x96/0x400 [ 15.303567] mempool_kmalloc_uaf+0xef/0x140 [ 15.303974] kunit_try_run_case+0x1a5/0x480 [ 15.304341] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.304765] kthread+0x337/0x6f0 [ 15.304930] ret_from_fork+0x116/0x1d0 [ 15.305159] ret_from_fork_asm+0x1a/0x30 [ 15.305373] [ 15.305485] Freed by task 245: [ 15.305699] kasan_save_stack+0x45/0x70 [ 15.306313] kasan_save_track+0x18/0x40 [ 15.306532] kasan_save_free_info+0x3f/0x60 [ 15.306993] __kasan_mempool_poison_object+0x131/0x1d0 [ 15.307401] mempool_free+0x2ec/0x380 [ 15.307603] mempool_uaf_helper+0x11a/0x400 [ 15.308060] mempool_kmalloc_uaf+0xef/0x140 [ 15.308420] kunit_try_run_case+0x1a5/0x480 [ 15.308771] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.309146] kthread+0x337/0x6f0 [ 15.309497] ret_from_fork+0x116/0x1d0 [ 15.309747] ret_from_fork_asm+0x1a/0x30 [ 15.310160] [ 15.310265] The buggy address belongs to the object at ffff888103332a00 [ 15.310265] which belongs to the cache kmalloc-128 of size 128 [ 15.311269] The buggy address is located 0 bytes inside of [ 15.311269] freed 128-byte region [ffff888103332a00, ffff888103332a80) [ 15.312120] [ 15.312246] The buggy address belongs to the physical page: [ 15.312497] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103332 [ 15.313254] flags: 0x200000000000000(node=0|zone=2) [ 15.313615] page_type: f5(slab) [ 15.313964] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.314457] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.315038] page dumped because: kasan: bad access detected [ 15.315434] [ 15.315559] Memory state around the buggy address: [ 15.316004] ffff888103332900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.316384] ffff888103332980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.316775] >ffff888103332a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.317453] ^ [ 15.317993] ffff888103332a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.318876] ffff888103332b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.319725] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 15.200952] ================================================================== [ 15.201522] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 15.202283] Read of size 1 at addr ffff888102aba001 by task kunit_try_catch/241 [ 15.202564] [ 15.203069] CPU: 0 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.203140] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.203156] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.203184] Call Trace: [ 15.203202] <TASK> [ 15.203226] dump_stack_lvl+0x73/0xb0 [ 15.203267] print_report+0xd1/0x650 [ 15.203295] ? __virt_addr_valid+0x1db/0x2d0 [ 15.203324] ? mempool_oob_right_helper+0x318/0x380 [ 15.203352] ? kasan_addr_to_slab+0x11/0xa0 [ 15.203376] ? mempool_oob_right_helper+0x318/0x380 [ 15.203403] kasan_report+0x141/0x180 [ 15.203429] ? mempool_oob_right_helper+0x318/0x380 [ 15.203464] __asan_report_load1_noabort+0x18/0x20 [ 15.203493] mempool_oob_right_helper+0x318/0x380 [ 15.203522] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 15.203552] ? __kasan_check_write+0x18/0x20 [ 15.203575] ? __pfx_sched_clock_cpu+0x10/0x10 [ 15.203603] ? finish_task_switch.isra.0+0x153/0x700 [ 15.203633] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 15.203681] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 15.203714] ? __pfx_mempool_kmalloc+0x10/0x10 [ 15.203743] ? __pfx_mempool_kfree+0x10/0x10 [ 15.203785] ? __pfx_read_tsc+0x10/0x10 [ 15.203890] ? ktime_get_ts64+0x86/0x230 [ 15.203923] kunit_try_run_case+0x1a5/0x480 [ 15.203955] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.203982] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.204012] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.204040] ? __kthread_parkme+0x82/0x180 [ 15.204066] ? preempt_count_sub+0x50/0x80 [ 15.204092] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.204120] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.204148] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.204175] kthread+0x337/0x6f0 [ 15.204198] ? trace_preempt_on+0x20/0xc0 [ 15.204226] ? __pfx_kthread+0x10/0x10 [ 15.204251] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.204275] ? calculate_sigpending+0x7b/0xa0 [ 15.204306] ? __pfx_kthread+0x10/0x10 [ 15.204331] ret_from_fork+0x116/0x1d0 [ 15.204352] ? __pfx_kthread+0x10/0x10 [ 15.204376] ret_from_fork_asm+0x1a/0x30 [ 15.204415] </TASK> [ 15.204430] [ 15.220548] The buggy address belongs to the physical page: [ 15.221436] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab8 [ 15.222108] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.222519] flags: 0x200000000000040(head|node=0|zone=2) [ 15.222949] page_type: f8(unknown) [ 15.223109] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.223519] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.224455] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.224757] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.225030] head: 0200000000000002 ffffea00040aae01 00000000ffffffff 00000000ffffffff [ 15.225302] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.225565] page dumped because: kasan: bad access detected [ 15.225782] [ 15.225870] Memory state around the buggy address: [ 15.226057] ffff888102ab9f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.226319] ffff888102ab9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.226581] >ffff888102aba000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.226838] ^ [ 15.226975] ffff888102aba080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.227222] ffff888102aba100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.229229] ================================================================== [ 15.166313] ================================================================== [ 15.166903] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 15.167468] Read of size 1 at addr ffff888103332673 by task kunit_try_catch/239 [ 15.167915] [ 15.168085] CPU: 1 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.168148] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.168164] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.168192] Call Trace: [ 15.168237] <TASK> [ 15.168263] dump_stack_lvl+0x73/0xb0 [ 15.168305] print_report+0xd1/0x650 [ 15.168334] ? __virt_addr_valid+0x1db/0x2d0 [ 15.168824] ? mempool_oob_right_helper+0x318/0x380 [ 15.168858] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.168887] ? mempool_oob_right_helper+0x318/0x380 [ 15.168915] kasan_report+0x141/0x180 [ 15.168943] ? mempool_oob_right_helper+0x318/0x380 [ 15.168976] __asan_report_load1_noabort+0x18/0x20 [ 15.169004] mempool_oob_right_helper+0x318/0x380 [ 15.169034] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 15.169065] ? __kasan_check_write+0x18/0x20 [ 15.169089] ? __pfx_sched_clock_cpu+0x10/0x10 [ 15.169120] ? finish_task_switch.isra.0+0x153/0x700 [ 15.169154] mempool_kmalloc_oob_right+0xf2/0x150 [ 15.169184] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 15.169215] ? __pfx_mempool_kmalloc+0x10/0x10 [ 15.169248] ? __pfx_mempool_kfree+0x10/0x10 [ 15.169279] ? __pfx_read_tsc+0x10/0x10 [ 15.169306] ? ktime_get_ts64+0x86/0x230 [ 15.169337] kunit_try_run_case+0x1a5/0x480 [ 15.169370] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.169397] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.169428] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.169456] ? __kthread_parkme+0x82/0x180 [ 15.169482] ? preempt_count_sub+0x50/0x80 [ 15.169511] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.169540] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.169567] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.169595] kthread+0x337/0x6f0 [ 15.169617] ? trace_preempt_on+0x20/0xc0 [ 15.169662] ? __pfx_kthread+0x10/0x10 [ 15.169687] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.169711] ? calculate_sigpending+0x7b/0xa0 [ 15.169741] ? __pfx_kthread+0x10/0x10 [ 15.169768] ret_from_fork+0x116/0x1d0 [ 15.169790] ? __pfx_kthread+0x10/0x10 [ 15.169816] ret_from_fork_asm+0x1a/0x30 [ 15.169854] </TASK> [ 15.169869] [ 15.182508] Allocated by task 239: [ 15.182772] kasan_save_stack+0x45/0x70 [ 15.183897] kasan_save_track+0x18/0x40 [ 15.184138] kasan_save_alloc_info+0x3b/0x50 [ 15.184366] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 15.184641] remove_element+0x11e/0x190 [ 15.184908] mempool_alloc_preallocated+0x4d/0x90 [ 15.185477] mempool_oob_right_helper+0x8a/0x380 [ 15.185733] mempool_kmalloc_oob_right+0xf2/0x150 [ 15.186227] kunit_try_run_case+0x1a5/0x480 [ 15.186587] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.187015] kthread+0x337/0x6f0 [ 15.187322] ret_from_fork+0x116/0x1d0 [ 15.187547] ret_from_fork_asm+0x1a/0x30 [ 15.187782] [ 15.188094] The buggy address belongs to the object at ffff888103332600 [ 15.188094] which belongs to the cache kmalloc-128 of size 128 [ 15.188906] The buggy address is located 0 bytes to the right of [ 15.188906] allocated 115-byte region [ffff888103332600, ffff888103332673) [ 15.189694] [ 15.190053] The buggy address belongs to the physical page: [ 15.190361] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103332 [ 15.190775] flags: 0x200000000000000(node=0|zone=2) [ 15.191343] page_type: f5(slab) [ 15.191628] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.192163] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.192702] page dumped because: kasan: bad access detected [ 15.193134] [ 15.193259] Memory state around the buggy address: [ 15.193503] ffff888103332500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.194024] ffff888103332580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.194323] >ffff888103332600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.194607] ^ [ 15.195019] ffff888103332680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.195472] ffff888103332700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.196179] ================================================================== [ 15.238293] ================================================================== [ 15.239501] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 15.240813] Read of size 1 at addr ffff8881033442bb by task kunit_try_catch/243 [ 15.241162] [ 15.241281] CPU: 1 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.241342] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.241357] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.241385] Call Trace: [ 15.241403] <TASK> [ 15.241426] dump_stack_lvl+0x73/0xb0 [ 15.241467] print_report+0xd1/0x650 [ 15.241495] ? __virt_addr_valid+0x1db/0x2d0 [ 15.241527] ? mempool_oob_right_helper+0x318/0x380 [ 15.241556] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.241582] ? mempool_oob_right_helper+0x318/0x380 [ 15.241610] kasan_report+0x141/0x180 [ 15.241637] ? mempool_oob_right_helper+0x318/0x380 [ 15.241690] __asan_report_load1_noabort+0x18/0x20 [ 15.241721] mempool_oob_right_helper+0x318/0x380 [ 15.241750] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 15.241782] ? __pfx_sched_clock_cpu+0x10/0x10 [ 15.241812] ? finish_task_switch.isra.0+0x153/0x700 [ 15.241844] mempool_slab_oob_right+0xed/0x140 [ 15.241874] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 15.241905] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 15.241931] ? __pfx_mempool_free_slab+0x10/0x10 [ 15.241958] ? __pfx_read_tsc+0x10/0x10 [ 15.241983] ? ktime_get_ts64+0x86/0x230 [ 15.242014] kunit_try_run_case+0x1a5/0x480 [ 15.242046] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.242074] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.242104] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.242132] ? __kthread_parkme+0x82/0x180 [ 15.242159] ? preempt_count_sub+0x50/0x80 [ 15.242186] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.242215] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.242245] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.242274] kthread+0x337/0x6f0 [ 15.242297] ? trace_preempt_on+0x20/0xc0 [ 15.242327] ? __pfx_kthread+0x10/0x10 [ 15.242351] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.242377] ? calculate_sigpending+0x7b/0xa0 [ 15.242407] ? __pfx_kthread+0x10/0x10 [ 15.242438] ret_from_fork+0x116/0x1d0 [ 15.242461] ? __pfx_kthread+0x10/0x10 [ 15.242486] ret_from_fork_asm+0x1a/0x30 [ 15.242524] </TASK> [ 15.242540] [ 15.253485] Allocated by task 243: [ 15.254117] kasan_save_stack+0x45/0x70 [ 15.254676] kasan_save_track+0x18/0x40 [ 15.255231] kasan_save_alloc_info+0x3b/0x50 [ 15.255751] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 15.256439] remove_element+0x11e/0x190 [ 15.256973] mempool_alloc_preallocated+0x4d/0x90 [ 15.257492] mempool_oob_right_helper+0x8a/0x380 [ 15.258060] mempool_slab_oob_right+0xed/0x140 [ 15.258581] kunit_try_run_case+0x1a5/0x480 [ 15.259227] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.259945] kthread+0x337/0x6f0 [ 15.260358] ret_from_fork+0x116/0x1d0 [ 15.260801] ret_from_fork_asm+0x1a/0x30 [ 15.261352] [ 15.261550] The buggy address belongs to the object at ffff888103344240 [ 15.261550] which belongs to the cache test_cache of size 123 [ 15.263115] The buggy address is located 0 bytes to the right of [ 15.263115] allocated 123-byte region [ffff888103344240, ffff8881033442bb) [ 15.264826] [ 15.265053] The buggy address belongs to the physical page: [ 15.265784] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103344 [ 15.266500] flags: 0x200000000000000(node=0|zone=2) [ 15.267100] page_type: f5(slab) [ 15.267594] raw: 0200000000000000 ffff88810333c280 dead000000000122 0000000000000000 [ 15.268148] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 15.268957] page dumped because: kasan: bad access detected [ 15.269642] [ 15.269815] Memory state around the buggy address: [ 15.270255] ffff888103344180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.270929] ffff888103344200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 15.271733] >ffff888103344280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 15.272191] ^ [ 15.272828] ffff888103344300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.273557] ffff888103344380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.274294] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 14.583684] ================================================================== [ 14.584397] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 14.584733] Read of size 1 at addr ffff888101b9bc80 by task kunit_try_catch/232 [ 14.585084] [ 14.585255] CPU: 0 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.585314] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.585329] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.585357] Call Trace: [ 14.585374] <TASK> [ 14.585398] dump_stack_lvl+0x73/0xb0 [ 14.585436] print_report+0xd1/0x650 [ 14.585464] ? __virt_addr_valid+0x1db/0x2d0 [ 14.585493] ? kmem_cache_double_destroy+0x1bf/0x380 [ 14.585522] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.585548] ? kmem_cache_double_destroy+0x1bf/0x380 [ 14.585576] kasan_report+0x141/0x180 [ 14.585603] ? kmem_cache_double_destroy+0x1bf/0x380 [ 14.585635] ? kmem_cache_double_destroy+0x1bf/0x380 [ 14.585680] __kasan_check_byte+0x3d/0x50 [ 14.585706] kmem_cache_destroy+0x25/0x1d0 [ 14.585734] kmem_cache_double_destroy+0x1bf/0x380 [ 14.585762] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 14.585817] ? finish_task_switch.isra.0+0x153/0x700 [ 14.585844] ? __switch_to+0x47/0xf50 [ 14.585897] ? __pfx_read_tsc+0x10/0x10 [ 14.585924] ? ktime_get_ts64+0x86/0x230 [ 14.585976] kunit_try_run_case+0x1a5/0x480 [ 14.586008] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.586032] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.586076] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.586102] ? __kthread_parkme+0x82/0x180 [ 14.586129] ? preempt_count_sub+0x50/0x80 [ 14.586155] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.586183] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.586211] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.586237] kthread+0x337/0x6f0 [ 14.586260] ? trace_preempt_on+0x20/0xc0 [ 14.586289] ? __pfx_kthread+0x10/0x10 [ 14.586313] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.586337] ? calculate_sigpending+0x7b/0xa0 [ 14.586369] ? __pfx_kthread+0x10/0x10 [ 14.586394] ret_from_fork+0x116/0x1d0 [ 14.586416] ? __pfx_kthread+0x10/0x10 [ 14.586447] ret_from_fork_asm+0x1a/0x30 [ 14.586486] </TASK> [ 14.586500] [ 14.605268] Allocated by task 232: [ 14.605599] kasan_save_stack+0x45/0x70 [ 14.606063] kasan_save_track+0x18/0x40 [ 14.606273] kasan_save_alloc_info+0x3b/0x50 [ 14.606944] __kasan_slab_alloc+0x91/0xa0 [ 14.607424] kmem_cache_alloc_noprof+0x123/0x3f0 [ 14.607911] __kmem_cache_create_args+0x169/0x240 [ 14.608318] kmem_cache_double_destroy+0xd5/0x380 [ 14.608714] kunit_try_run_case+0x1a5/0x480 [ 14.609268] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.609811] kthread+0x337/0x6f0 [ 14.609990] ret_from_fork+0x116/0x1d0 [ 14.610202] ret_from_fork_asm+0x1a/0x30 [ 14.610429] [ 14.610543] Freed by task 232: [ 14.610738] kasan_save_stack+0x45/0x70 [ 14.611352] kasan_save_track+0x18/0x40 [ 14.611882] kasan_save_free_info+0x3f/0x60 [ 14.612183] __kasan_slab_free+0x56/0x70 [ 14.612598] kmem_cache_free+0x249/0x420 [ 14.612975] slab_kmem_cache_release+0x2e/0x40 [ 14.613479] kmem_cache_release+0x16/0x20 [ 14.613665] kobject_put+0x181/0x450 [ 14.613914] sysfs_slab_release+0x16/0x20 [ 14.614082] kmem_cache_destroy+0xf0/0x1d0 [ 14.614387] kmem_cache_double_destroy+0x14e/0x380 [ 14.614586] kunit_try_run_case+0x1a5/0x480 [ 14.615071] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.615366] kthread+0x337/0x6f0 [ 14.615521] ret_from_fork+0x116/0x1d0 [ 14.615764] ret_from_fork_asm+0x1a/0x30 [ 14.616004] [ 14.616110] The buggy address belongs to the object at ffff888101b9bc80 [ 14.616110] which belongs to the cache kmem_cache of size 208 [ 14.616685] The buggy address is located 0 bytes inside of [ 14.616685] freed 208-byte region [ffff888101b9bc80, ffff888101b9bd50) [ 14.617505] [ 14.617644] The buggy address belongs to the physical page: [ 14.618024] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b9b [ 14.618320] flags: 0x200000000000000(node=0|zone=2) [ 14.618717] page_type: f5(slab) [ 14.618921] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 14.619369] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 14.619641] page dumped because: kasan: bad access detected [ 14.620052] [ 14.620167] Memory state around the buggy address: [ 14.620438] ffff888101b9bb80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.620765] ffff888101b9bc00: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.621247] >ffff888101b9bc80: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.621506] ^ [ 14.621795] ffff888101b9bd00: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 14.622174] ffff888101b9bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.622436] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 14.525032] ================================================================== [ 14.525697] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 14.526217] Read of size 1 at addr ffff88810333f000 by task kunit_try_catch/230 [ 14.527153] [ 14.527298] CPU: 1 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.527373] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.527389] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.527431] Call Trace: [ 14.527447] <TASK> [ 14.527483] dump_stack_lvl+0x73/0xb0 [ 14.527523] print_report+0xd1/0x650 [ 14.527563] ? __virt_addr_valid+0x1db/0x2d0 [ 14.527593] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 14.527620] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.527658] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 14.527686] kasan_report+0x141/0x180 [ 14.527711] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 14.527744] __asan_report_load1_noabort+0x18/0x20 [ 14.527771] kmem_cache_rcu_uaf+0x3e3/0x510 [ 14.527908] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 14.527936] ? finish_task_switch.isra.0+0x153/0x700 [ 14.528120] ? __switch_to+0x47/0xf50 [ 14.528158] ? __pfx_read_tsc+0x10/0x10 [ 14.528197] ? ktime_get_ts64+0x86/0x230 [ 14.528227] kunit_try_run_case+0x1a5/0x480 [ 14.528259] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.528285] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.528314] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.528341] ? __kthread_parkme+0x82/0x180 [ 14.528365] ? preempt_count_sub+0x50/0x80 [ 14.528392] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.528419] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.528467] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.528494] kthread+0x337/0x6f0 [ 14.528529] ? trace_preempt_on+0x20/0xc0 [ 14.528557] ? __pfx_kthread+0x10/0x10 [ 14.528581] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.528619] ? calculate_sigpending+0x7b/0xa0 [ 14.528659] ? __pfx_kthread+0x10/0x10 [ 14.528685] ret_from_fork+0x116/0x1d0 [ 14.528706] ? __pfx_kthread+0x10/0x10 [ 14.528731] ret_from_fork_asm+0x1a/0x30 [ 14.528779] </TASK> [ 14.528793] [ 14.542085] Allocated by task 230: [ 14.542585] kasan_save_stack+0x45/0x70 [ 14.543277] kasan_save_track+0x18/0x40 [ 14.543508] kasan_save_alloc_info+0x3b/0x50 [ 14.543755] __kasan_slab_alloc+0x91/0xa0 [ 14.544283] kmem_cache_alloc_noprof+0x123/0x3f0 [ 14.544677] kmem_cache_rcu_uaf+0x155/0x510 [ 14.545088] kunit_try_run_case+0x1a5/0x480 [ 14.545548] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.546112] kthread+0x337/0x6f0 [ 14.546390] ret_from_fork+0x116/0x1d0 [ 14.547016] ret_from_fork_asm+0x1a/0x30 [ 14.547278] [ 14.547386] Freed by task 0: [ 14.547538] kasan_save_stack+0x45/0x70 [ 14.547765] kasan_save_track+0x18/0x40 [ 14.547975] kasan_save_free_info+0x3f/0x60 [ 14.548198] __kasan_slab_free+0x56/0x70 [ 14.548410] slab_free_after_rcu_debug+0xe4/0x310 [ 14.548875] rcu_core+0x66f/0x1c40 [ 14.549203] rcu_core_si+0x12/0x20 [ 14.549372] handle_softirqs+0x209/0x730 [ 14.549595] __irq_exit_rcu+0xc9/0x110 [ 14.549872] irq_exit_rcu+0x12/0x20 [ 14.550095] sysvec_apic_timer_interrupt+0x81/0x90 [ 14.550354] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 14.550676] [ 14.550856] Last potentially related work creation: [ 14.551135] kasan_save_stack+0x45/0x70 [ 14.551348] kasan_record_aux_stack+0xb2/0xc0 [ 14.551587] kmem_cache_free+0x131/0x420 [ 14.551996] kmem_cache_rcu_uaf+0x194/0x510 [ 14.552206] kunit_try_run_case+0x1a5/0x480 [ 14.552379] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.552585] kthread+0x337/0x6f0 [ 14.552740] ret_from_fork+0x116/0x1d0 [ 14.552899] ret_from_fork_asm+0x1a/0x30 [ 14.553093] [ 14.553211] The buggy address belongs to the object at ffff88810333f000 [ 14.553211] which belongs to the cache test_cache of size 200 [ 14.553857] The buggy address is located 0 bytes inside of [ 14.553857] freed 200-byte region [ffff88810333f000, ffff88810333f0c8) [ 14.554517] [ 14.554640] The buggy address belongs to the physical page: [ 14.555211] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10333f [ 14.556558] flags: 0x200000000000000(node=0|zone=2) [ 14.557127] page_type: f5(slab) [ 14.557428] raw: 0200000000000000 ffff88810333c000 dead000000000122 0000000000000000 [ 14.558119] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 14.558671] page dumped because: kasan: bad access detected [ 14.559164] [ 14.559401] Memory state around the buggy address: [ 14.559755] ffff88810333ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.560194] ffff88810333ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.560532] >ffff88810333f000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.561293] ^ [ 14.561448] ffff88810333f080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 14.562131] ffff88810333f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.562639] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 14.458891] ================================================================== [ 14.459433] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 14.459755] Free of addr ffff8881038df001 by task kunit_try_catch/228 [ 14.460278] [ 14.460575] CPU: 0 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.460637] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.460663] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.460692] Call Trace: [ 14.460709] <TASK> [ 14.460734] dump_stack_lvl+0x73/0xb0 [ 14.460775] print_report+0xd1/0x650 [ 14.461317] ? __virt_addr_valid+0x1db/0x2d0 [ 14.461356] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.461383] ? kmem_cache_invalid_free+0x1d8/0x460 [ 14.461412] kasan_report_invalid_free+0x10a/0x130 [ 14.461441] ? kmem_cache_invalid_free+0x1d8/0x460 [ 14.461472] ? kmem_cache_invalid_free+0x1d8/0x460 [ 14.461501] check_slab_allocation+0x11f/0x130 [ 14.461526] __kasan_slab_pre_free+0x28/0x40 [ 14.461550] kmem_cache_free+0xed/0x420 [ 14.461574] ? kasan_save_track+0x18/0x40 [ 14.461597] ? kasan_save_stack+0x45/0x70 [ 14.461619] ? kmem_cache_invalid_free+0x1d8/0x460 [ 14.461663] ? kmem_cache_invalid_free+0x157/0x460 [ 14.461694] kmem_cache_invalid_free+0x1d8/0x460 [ 14.461722] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 14.461750] ? finish_task_switch.isra.0+0x153/0x700 [ 14.461790] ? __switch_to+0x47/0xf50 [ 14.461827] ? __pfx_read_tsc+0x10/0x10 [ 14.461853] ? ktime_get_ts64+0x86/0x230 [ 14.461883] kunit_try_run_case+0x1a5/0x480 [ 14.461914] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.461940] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.461970] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.461997] ? __kthread_parkme+0x82/0x180 [ 14.462022] ? preempt_count_sub+0x50/0x80 [ 14.462049] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.462076] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.462103] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.462130] kthread+0x337/0x6f0 [ 14.462153] ? trace_preempt_on+0x20/0xc0 [ 14.462181] ? __pfx_kthread+0x10/0x10 [ 14.462205] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.462229] ? calculate_sigpending+0x7b/0xa0 [ 14.462258] ? __pfx_kthread+0x10/0x10 [ 14.462283] ret_from_fork+0x116/0x1d0 [ 14.462306] ? __pfx_kthread+0x10/0x10 [ 14.462330] ret_from_fork_asm+0x1a/0x30 [ 14.462367] </TASK> [ 14.462382] [ 14.474870] Allocated by task 228: [ 14.475326] kasan_save_stack+0x45/0x70 [ 14.475558] kasan_save_track+0x18/0x40 [ 14.475735] kasan_save_alloc_info+0x3b/0x50 [ 14.476233] __kasan_slab_alloc+0x91/0xa0 [ 14.476591] kmem_cache_alloc_noprof+0x123/0x3f0 [ 14.476838] kmem_cache_invalid_free+0x157/0x460 [ 14.477184] kunit_try_run_case+0x1a5/0x480 [ 14.477367] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.477580] kthread+0x337/0x6f0 [ 14.477743] ret_from_fork+0x116/0x1d0 [ 14.477934] ret_from_fork_asm+0x1a/0x30 [ 14.478263] [ 14.478412] The buggy address belongs to the object at ffff8881038df000 [ 14.478412] which belongs to the cache test_cache of size 200 [ 14.479167] The buggy address is located 1 bytes inside of [ 14.479167] 200-byte region [ffff8881038df000, ffff8881038df0c8) [ 14.480220] [ 14.480359] The buggy address belongs to the physical page: [ 14.480634] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038df [ 14.480946] flags: 0x200000000000000(node=0|zone=2) [ 14.481194] page_type: f5(slab) [ 14.481476] raw: 0200000000000000 ffff888101b9bb40 dead000000000122 0000000000000000 [ 14.482449] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 14.482981] page dumped because: kasan: bad access detected [ 14.483267] [ 14.483353] Memory state around the buggy address: [ 14.483579] ffff8881038def00: 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc [ 14.484016] ffff8881038def80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.484416] >ffff8881038df000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.484724] ^ [ 14.485185] ffff8881038df080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 14.485506] ffff8881038df100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.485926] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 14.400749] ================================================================== [ 14.401311] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 14.401602] Free of addr ffff88810333b000 by task kunit_try_catch/226 [ 14.403086] [ 14.403497] CPU: 1 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.403597] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.403614] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.403677] Call Trace: [ 14.403694] <TASK> [ 14.403717] dump_stack_lvl+0x73/0xb0 [ 14.403769] print_report+0xd1/0x650 [ 14.403796] ? __virt_addr_valid+0x1db/0x2d0 [ 14.403827] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.403852] ? kmem_cache_double_free+0x1e5/0x480 [ 14.403881] kasan_report_invalid_free+0x10a/0x130 [ 14.403909] ? kmem_cache_double_free+0x1e5/0x480 [ 14.403939] ? kmem_cache_double_free+0x1e5/0x480 [ 14.403967] check_slab_allocation+0x101/0x130 [ 14.403992] __kasan_slab_pre_free+0x28/0x40 [ 14.404016] kmem_cache_free+0xed/0x420 [ 14.404040] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 14.404064] ? kmem_cache_double_free+0x1e5/0x480 [ 14.404095] kmem_cache_double_free+0x1e5/0x480 [ 14.404123] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 14.404150] ? finish_task_switch.isra.0+0x153/0x700 [ 14.404176] ? __switch_to+0x47/0xf50 [ 14.404209] ? __pfx_read_tsc+0x10/0x10 [ 14.404234] ? ktime_get_ts64+0x86/0x230 [ 14.404262] kunit_try_run_case+0x1a5/0x480 [ 14.404292] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.404317] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.404344] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.404370] ? __kthread_parkme+0x82/0x180 [ 14.404394] ? preempt_count_sub+0x50/0x80 [ 14.404420] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.404446] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.404472] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.404498] kthread+0x337/0x6f0 [ 14.404520] ? trace_preempt_on+0x20/0xc0 [ 14.404548] ? __pfx_kthread+0x10/0x10 [ 14.404572] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.404595] ? calculate_sigpending+0x7b/0xa0 [ 14.404624] ? __pfx_kthread+0x10/0x10 [ 14.404659] ret_from_fork+0x116/0x1d0 [ 14.404680] ? __pfx_kthread+0x10/0x10 [ 14.404703] ret_from_fork_asm+0x1a/0x30 [ 14.404740] </TASK> [ 14.404753] [ 14.423572] Allocated by task 226: [ 14.423814] kasan_save_stack+0x45/0x70 [ 14.424687] kasan_save_track+0x18/0x40 [ 14.425182] kasan_save_alloc_info+0x3b/0x50 [ 14.425463] __kasan_slab_alloc+0x91/0xa0 [ 14.425915] kmem_cache_alloc_noprof+0x123/0x3f0 [ 14.426242] kmem_cache_double_free+0x14f/0x480 [ 14.426477] kunit_try_run_case+0x1a5/0x480 [ 14.426994] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.427434] kthread+0x337/0x6f0 [ 14.427610] ret_from_fork+0x116/0x1d0 [ 14.427897] ret_from_fork_asm+0x1a/0x30 [ 14.428548] [ 14.428645] Freed by task 226: [ 14.429058] kasan_save_stack+0x45/0x70 [ 14.429313] kasan_save_track+0x18/0x40 [ 14.429554] kasan_save_free_info+0x3f/0x60 [ 14.430444] __kasan_slab_free+0x56/0x70 [ 14.430765] kmem_cache_free+0x249/0x420 [ 14.431355] kmem_cache_double_free+0x16a/0x480 [ 14.431806] kunit_try_run_case+0x1a5/0x480 [ 14.432415] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.433088] kthread+0x337/0x6f0 [ 14.433328] ret_from_fork+0x116/0x1d0 [ 14.433489] ret_from_fork_asm+0x1a/0x30 [ 14.433671] [ 14.434015] The buggy address belongs to the object at ffff88810333b000 [ 14.434015] which belongs to the cache test_cache of size 200 [ 14.435770] The buggy address is located 0 bytes inside of [ 14.435770] 200-byte region [ffff88810333b000, ffff88810333b0c8) [ 14.436984] [ 14.437225] The buggy address belongs to the physical page: [ 14.437761] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10333b [ 14.438096] flags: 0x200000000000000(node=0|zone=2) [ 14.438317] page_type: f5(slab) [ 14.438501] raw: 0200000000000000 ffff888100ff4dc0 dead000000000122 0000000000000000 [ 14.439197] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 14.440006] page dumped because: kasan: bad access detected [ 14.440728] [ 14.440899] Memory state around the buggy address: [ 14.441133] ffff88810333af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.441404] ffff88810333af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.441989] >ffff88810333b000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.442788] ^ [ 14.443175] ffff88810333b080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 14.443931] ffff88810333b100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.444214] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 14.353988] ================================================================== [ 14.354594] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 14.355056] Read of size 1 at addr ffff8881038df0c8 by task kunit_try_catch/224 [ 14.355500] [ 14.355644] CPU: 0 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.355767] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.355784] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.355844] Call Trace: [ 14.355888] <TASK> [ 14.355911] dump_stack_lvl+0x73/0xb0 [ 14.355951] print_report+0xd1/0x650 [ 14.355980] ? __virt_addr_valid+0x1db/0x2d0 [ 14.356015] ? kmem_cache_oob+0x402/0x530 [ 14.356048] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.356078] ? kmem_cache_oob+0x402/0x530 [ 14.356109] kasan_report+0x141/0x180 [ 14.356138] ? kmem_cache_oob+0x402/0x530 [ 14.356175] __asan_report_load1_noabort+0x18/0x20 [ 14.356207] kmem_cache_oob+0x402/0x530 [ 14.356236] ? trace_hardirqs_on+0x37/0xe0 [ 14.356308] ? __pfx_kmem_cache_oob+0x10/0x10 [ 14.356338] ? finish_task_switch.isra.0+0x153/0x700 [ 14.356368] ? __switch_to+0x47/0xf50 [ 14.356406] ? __pfx_read_tsc+0x10/0x10 [ 14.356437] ? ktime_get_ts64+0x86/0x230 [ 14.356470] kunit_try_run_case+0x1a5/0x480 [ 14.356503] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.356571] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.356604] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.356635] ? __kthread_parkme+0x82/0x180 [ 14.356673] ? preempt_count_sub+0x50/0x80 [ 14.356704] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.356735] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.356767] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.356816] kthread+0x337/0x6f0 [ 14.356842] ? trace_preempt_on+0x20/0xc0 [ 14.356871] ? __pfx_kthread+0x10/0x10 [ 14.356898] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.356926] ? calculate_sigpending+0x7b/0xa0 [ 14.356958] ? __pfx_kthread+0x10/0x10 [ 14.356986] ret_from_fork+0x116/0x1d0 [ 14.357011] ? __pfx_kthread+0x10/0x10 [ 14.357038] ret_from_fork_asm+0x1a/0x30 [ 14.357079] </TASK> [ 14.357093] [ 14.369407] Allocated by task 224: [ 14.369628] kasan_save_stack+0x45/0x70 [ 14.370437] kasan_save_track+0x18/0x40 [ 14.370789] kasan_save_alloc_info+0x3b/0x50 [ 14.371175] __kasan_slab_alloc+0x91/0xa0 [ 14.371523] kmem_cache_alloc_noprof+0x123/0x3f0 [ 14.371904] kmem_cache_oob+0x157/0x530 [ 14.372127] kunit_try_run_case+0x1a5/0x480 [ 14.372490] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.373065] kthread+0x337/0x6f0 [ 14.373264] ret_from_fork+0x116/0x1d0 [ 14.373665] ret_from_fork_asm+0x1a/0x30 [ 14.374031] [ 14.374242] The buggy address belongs to the object at ffff8881038df000 [ 14.374242] which belongs to the cache test_cache of size 200 [ 14.375166] The buggy address is located 0 bytes to the right of [ 14.375166] allocated 200-byte region [ffff8881038df000, ffff8881038df0c8) [ 14.376084] [ 14.376216] The buggy address belongs to the physical page: [ 14.376467] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038df [ 14.377262] flags: 0x200000000000000(node=0|zone=2) [ 14.377549] page_type: f5(slab) [ 14.377779] raw: 0200000000000000 ffff888101b9ba00 dead000000000122 0000000000000000 [ 14.378545] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 14.379213] page dumped because: kasan: bad access detected [ 14.379492] [ 14.379614] Memory state around the buggy address: [ 14.380191] ffff8881038def80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.380595] ffff8881038df000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.381234] >ffff8881038df080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 14.381688] ^ [ 14.382140] ffff8881038df100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.382469] ffff8881038df180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.382988] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 14.311275] ================================================================== [ 14.311955] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 14.312391] Read of size 8 at addr ffff8881038d8880 by task kunit_try_catch/217 [ 14.312799] [ 14.312946] CPU: 0 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.313009] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.313024] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.313054] Call Trace: [ 14.313070] <TASK> [ 14.313093] dump_stack_lvl+0x73/0xb0 [ 14.313129] print_report+0xd1/0x650 [ 14.313156] ? __virt_addr_valid+0x1db/0x2d0 [ 14.313184] ? workqueue_uaf+0x4d6/0x560 [ 14.313210] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.313265] ? workqueue_uaf+0x4d6/0x560 [ 14.313308] kasan_report+0x141/0x180 [ 14.313335] ? workqueue_uaf+0x4d6/0x560 [ 14.313367] __asan_report_load8_noabort+0x18/0x20 [ 14.313413] workqueue_uaf+0x4d6/0x560 [ 14.313455] ? __pfx_workqueue_uaf+0x10/0x10 [ 14.313483] ? __schedule+0x10cc/0x2b60 [ 14.313510] ? __pfx_read_tsc+0x10/0x10 [ 14.313536] ? ktime_get_ts64+0x86/0x230 [ 14.313566] kunit_try_run_case+0x1a5/0x480 [ 14.313597] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.313623] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.313666] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.313694] ? __kthread_parkme+0x82/0x180 [ 14.313719] ? preempt_count_sub+0x50/0x80 [ 14.313748] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.313794] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.313822] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.313851] kthread+0x337/0x6f0 [ 14.313874] ? trace_preempt_on+0x20/0xc0 [ 14.313904] ? __pfx_kthread+0x10/0x10 [ 14.313928] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.313954] ? calculate_sigpending+0x7b/0xa0 [ 14.313984] ? __pfx_kthread+0x10/0x10 [ 14.314010] ret_from_fork+0x116/0x1d0 [ 14.314033] ? __pfx_kthread+0x10/0x10 [ 14.314058] ret_from_fork_asm+0x1a/0x30 [ 14.314097] </TASK> [ 14.314111] [ 14.326025] Allocated by task 217: [ 14.326262] kasan_save_stack+0x45/0x70 [ 14.326453] kasan_save_track+0x18/0x40 [ 14.326683] kasan_save_alloc_info+0x3b/0x50 [ 14.326930] __kasan_kmalloc+0xb7/0xc0 [ 14.327254] __kmalloc_cache_noprof+0x189/0x420 [ 14.327733] workqueue_uaf+0x152/0x560 [ 14.327936] kunit_try_run_case+0x1a5/0x480 [ 14.328110] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.328645] kthread+0x337/0x6f0 [ 14.329074] ret_from_fork+0x116/0x1d0 [ 14.329247] ret_from_fork_asm+0x1a/0x30 [ 14.329756] [ 14.329945] Freed by task 9: [ 14.330140] kasan_save_stack+0x45/0x70 [ 14.330354] kasan_save_track+0x18/0x40 [ 14.330633] kasan_save_free_info+0x3f/0x60 [ 14.330923] __kasan_slab_free+0x56/0x70 [ 14.331145] kfree+0x222/0x3f0 [ 14.331379] workqueue_uaf_work+0x12/0x20 [ 14.331707] process_one_work+0x5ee/0xf60 [ 14.332046] worker_thread+0x758/0x1220 [ 14.332321] kthread+0x337/0x6f0 [ 14.332530] ret_from_fork+0x116/0x1d0 [ 14.332743] ret_from_fork_asm+0x1a/0x30 [ 14.332907] [ 14.333020] Last potentially related work creation: [ 14.333506] kasan_save_stack+0x45/0x70 [ 14.333731] kasan_record_aux_stack+0xb2/0xc0 [ 14.334035] __queue_work+0x626/0xeb0 [ 14.334286] queue_work_on+0xb6/0xc0 [ 14.334548] workqueue_uaf+0x26d/0x560 [ 14.334763] kunit_try_run_case+0x1a5/0x480 [ 14.335120] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.335338] kthread+0x337/0x6f0 [ 14.335492] ret_from_fork+0x116/0x1d0 [ 14.335772] ret_from_fork_asm+0x1a/0x30 [ 14.336263] [ 14.336593] The buggy address belongs to the object at ffff8881038d8880 [ 14.336593] which belongs to the cache kmalloc-32 of size 32 [ 14.337374] The buggy address is located 0 bytes inside of [ 14.337374] freed 32-byte region [ffff8881038d8880, ffff8881038d88a0) [ 14.338011] [ 14.338256] The buggy address belongs to the physical page: [ 14.338510] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038d8 [ 14.338918] flags: 0x200000000000000(node=0|zone=2) [ 14.339541] page_type: f5(slab) [ 14.339762] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.340206] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.340476] page dumped because: kasan: bad access detected [ 14.340795] [ 14.340933] Memory state around the buggy address: [ 14.341359] ffff8881038d8780: 00 00 00 fc fc fc fc fc 00 00 03 fc fc fc fc fc [ 14.341722] ffff8881038d8800: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.342051] >ffff8881038d8880: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 14.342475] ^ [ 14.342790] ffff8881038d8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.343237] ffff8881038d8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.343604] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 14.262931] ================================================================== [ 14.263445] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 14.263754] Read of size 4 at addr ffff8881038d86c0 by task swapper/0/0 [ 14.264018] [ 14.264578] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.264646] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.264674] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.264797] Call Trace: [ 14.264852] <IRQ> [ 14.264997] dump_stack_lvl+0x73/0xb0 [ 14.265046] print_report+0xd1/0x650 [ 14.265075] ? __virt_addr_valid+0x1db/0x2d0 [ 14.265106] ? rcu_uaf_reclaim+0x50/0x60 [ 14.265132] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.265160] ? rcu_uaf_reclaim+0x50/0x60 [ 14.265185] kasan_report+0x141/0x180 [ 14.265211] ? rcu_uaf_reclaim+0x50/0x60 [ 14.265241] __asan_report_load4_noabort+0x18/0x20 [ 14.265271] rcu_uaf_reclaim+0x50/0x60 [ 14.265296] rcu_core+0x66f/0x1c40 [ 14.265332] ? __pfx_rcu_core+0x10/0x10 [ 14.265358] ? ktime_get+0x6b/0x150 [ 14.265384] ? handle_softirqs+0x18e/0x730 [ 14.265415] rcu_core_si+0x12/0x20 [ 14.265439] handle_softirqs+0x209/0x730 [ 14.265462] ? hrtimer_interrupt+0x2fe/0x780 [ 14.265489] ? __pfx_handle_softirqs+0x10/0x10 [ 14.265520] __irq_exit_rcu+0xc9/0x110 [ 14.265545] irq_exit_rcu+0x12/0x20 [ 14.265568] sysvec_apic_timer_interrupt+0x81/0x90 [ 14.265599] </IRQ> [ 14.265635] <TASK> [ 14.265661] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 14.265773] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 14.266027] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 03 9a 21 00 fb f4 <e9> 7c 1d 02 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 14.266161] RSP: 0000:ffffffff98a07dd8 EFLAGS: 00010212 [ 14.266268] RAX: ffff8881c1274000 RBX: ffffffff98a1cac0 RCX: ffffffff978720e5 [ 14.266324] RDX: ffffed102b60618b RSI: 0000000000000004 RDI: 000000000001442c [ 14.266381] RBP: ffffffff98a07de0 R08: 0000000000000001 R09: ffffed102b60618a [ 14.266442] R10: ffff88815b030c53 R11: 0000000000013000 R12: 0000000000000000 [ 14.266497] R13: fffffbfff3143958 R14: ffffffff995b0e90 R15: 0000000000000000 [ 14.266568] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 14.266633] ? default_idle+0xd/0x20 [ 14.266674] arch_cpu_idle+0xd/0x20 [ 14.266700] default_idle_call+0x48/0x80 [ 14.266723] do_idle+0x379/0x4f0 [ 14.266753] ? __pfx_do_idle+0x10/0x10 [ 14.266796] ? rest_init+0x10b/0x140 [ 14.266821] cpu_startup_entry+0x5c/0x70 [ 14.266849] rest_init+0x11a/0x140 [ 14.266870] ? acpi_subsystem_init+0x5d/0x150 [ 14.266901] start_kernel+0x330/0x410 [ 14.266930] x86_64_start_reservations+0x1c/0x30 [ 14.266961] x86_64_start_kernel+0x10d/0x120 [ 14.266990] common_startup_64+0x13e/0x148 [ 14.267030] </TASK> [ 14.267045] [ 14.283781] Allocated by task 215: [ 14.284010] kasan_save_stack+0x45/0x70 [ 14.284251] kasan_save_track+0x18/0x40 [ 14.284487] kasan_save_alloc_info+0x3b/0x50 [ 14.284865] __kasan_kmalloc+0xb7/0xc0 [ 14.285107] __kmalloc_cache_noprof+0x189/0x420 [ 14.285345] rcu_uaf+0xb0/0x330 [ 14.285490] kunit_try_run_case+0x1a5/0x480 [ 14.285813] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.286450] kthread+0x337/0x6f0 [ 14.286808] ret_from_fork+0x116/0x1d0 [ 14.287159] ret_from_fork_asm+0x1a/0x30 [ 14.287363] [ 14.287484] Freed by task 0: [ 14.287735] kasan_save_stack+0x45/0x70 [ 14.288105] kasan_save_track+0x18/0x40 [ 14.288331] kasan_save_free_info+0x3f/0x60 [ 14.288620] __kasan_slab_free+0x56/0x70 [ 14.288935] kfree+0x222/0x3f0 [ 14.289174] rcu_uaf_reclaim+0x1f/0x60 [ 14.289430] rcu_core+0x66f/0x1c40 [ 14.289697] rcu_core_si+0x12/0x20 [ 14.290112] handle_softirqs+0x209/0x730 [ 14.290480] __irq_exit_rcu+0xc9/0x110 [ 14.290730] irq_exit_rcu+0x12/0x20 [ 14.291059] sysvec_apic_timer_interrupt+0x81/0x90 [ 14.291307] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 14.291592] [ 14.291744] Last potentially related work creation: [ 14.292065] kasan_save_stack+0x45/0x70 [ 14.292235] kasan_record_aux_stack+0xb2/0xc0 [ 14.292495] __call_rcu_common.constprop.0+0x7b/0x9e0 [ 14.292799] call_rcu+0x12/0x20 [ 14.293274] rcu_uaf+0x168/0x330 [ 14.293584] kunit_try_run_case+0x1a5/0x480 [ 14.294117] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.294418] kthread+0x337/0x6f0 [ 14.294573] ret_from_fork+0x116/0x1d0 [ 14.294846] ret_from_fork_asm+0x1a/0x30 [ 14.295233] [ 14.295421] The buggy address belongs to the object at ffff8881038d86c0 [ 14.295421] which belongs to the cache kmalloc-32 of size 32 [ 14.296170] The buggy address is located 0 bytes inside of [ 14.296170] freed 32-byte region [ffff8881038d86c0, ffff8881038d86e0) [ 14.297060] [ 14.297169] The buggy address belongs to the physical page: [ 14.297987] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038d8 [ 14.298431] flags: 0x200000000000000(node=0|zone=2) [ 14.298727] page_type: f5(slab) [ 14.299167] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.299550] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.299907] page dumped because: kasan: bad access detected [ 14.300295] [ 14.300512] Memory state around the buggy address: [ 14.300799] ffff8881038d8580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.301226] ffff8881038d8600: 00 00 00 fc fc fc fc fc 00 00 05 fc fc fc fc fc [ 14.301603] >ffff8881038d8680: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.301999] ^ [ 14.302363] ffff8881038d8700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.302771] ffff8881038d8780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.303130] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 14.155744] ================================================================== [ 14.156614] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 14.157175] Read of size 1 at addr ffff888103332300 by task kunit_try_catch/213 [ 14.157559] [ 14.157732] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.157789] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.157804] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.157832] Call Trace: [ 14.157848] <TASK> [ 14.157887] dump_stack_lvl+0x73/0xb0 [ 14.157923] print_report+0xd1/0x650 [ 14.157950] ? __virt_addr_valid+0x1db/0x2d0 [ 14.157977] ? ksize_uaf+0x19d/0x6c0 [ 14.158001] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.158027] ? ksize_uaf+0x19d/0x6c0 [ 14.158080] kasan_report+0x141/0x180 [ 14.158123] ? ksize_uaf+0x19d/0x6c0 [ 14.158151] ? ksize_uaf+0x19d/0x6c0 [ 14.158174] __kasan_check_byte+0x3d/0x50 [ 14.158200] ksize+0x20/0x60 [ 14.158224] ksize_uaf+0x19d/0x6c0 [ 14.158247] ? __pfx_ksize_uaf+0x10/0x10 [ 14.158272] ? __schedule+0x10cc/0x2b60 [ 14.158298] ? __pfx_read_tsc+0x10/0x10 [ 14.158323] ? ktime_get_ts64+0x86/0x230 [ 14.158351] kunit_try_run_case+0x1a5/0x480 [ 14.158381] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.158406] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.158441] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.158468] ? __kthread_parkme+0x82/0x180 [ 14.158491] ? preempt_count_sub+0x50/0x80 [ 14.158519] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.158545] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.158571] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.158597] kthread+0x337/0x6f0 [ 14.158619] ? trace_preempt_on+0x20/0xc0 [ 14.158659] ? __pfx_kthread+0x10/0x10 [ 14.158683] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.158706] ? calculate_sigpending+0x7b/0xa0 [ 14.158734] ? __pfx_kthread+0x10/0x10 [ 14.158759] ret_from_fork+0x116/0x1d0 [ 14.158791] ? __pfx_kthread+0x10/0x10 [ 14.158814] ret_from_fork_asm+0x1a/0x30 [ 14.158851] </TASK> [ 14.158864] [ 14.170286] Allocated by task 213: [ 14.170661] kasan_save_stack+0x45/0x70 [ 14.170911] kasan_save_track+0x18/0x40 [ 14.171110] kasan_save_alloc_info+0x3b/0x50 [ 14.171348] __kasan_kmalloc+0xb7/0xc0 [ 14.171538] __kmalloc_cache_noprof+0x189/0x420 [ 14.171790] ksize_uaf+0xaa/0x6c0 [ 14.172326] kunit_try_run_case+0x1a5/0x480 [ 14.172541] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.172847] kthread+0x337/0x6f0 [ 14.173325] ret_from_fork+0x116/0x1d0 [ 14.173621] ret_from_fork_asm+0x1a/0x30 [ 14.174015] [ 14.174120] Freed by task 213: [ 14.174456] kasan_save_stack+0x45/0x70 [ 14.174689] kasan_save_track+0x18/0x40 [ 14.175085] kasan_save_free_info+0x3f/0x60 [ 14.175293] __kasan_slab_free+0x56/0x70 [ 14.175497] kfree+0x222/0x3f0 [ 14.175680] ksize_uaf+0x12c/0x6c0 [ 14.176163] kunit_try_run_case+0x1a5/0x480 [ 14.176486] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.176903] kthread+0x337/0x6f0 [ 14.177289] ret_from_fork+0x116/0x1d0 [ 14.177501] ret_from_fork_asm+0x1a/0x30 [ 14.177845] [ 14.177940] The buggy address belongs to the object at ffff888103332300 [ 14.177940] which belongs to the cache kmalloc-128 of size 128 [ 14.178543] The buggy address is located 0 bytes inside of [ 14.178543] freed 128-byte region [ffff888103332300, ffff888103332380) [ 14.179416] [ 14.179737] The buggy address belongs to the physical page: [ 14.180250] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103332 [ 14.180558] flags: 0x200000000000000(node=0|zone=2) [ 14.180853] page_type: f5(slab) [ 14.181212] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.181796] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.182069] page dumped because: kasan: bad access detected [ 14.182387] [ 14.183095] Memory state around the buggy address: [ 14.183320] ffff888103332200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.183684] ffff888103332280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.184031] >ffff888103332300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.184284] ^ [ 14.184425] ffff888103332380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.184863] ffff888103332400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.185124] ================================================================== [ 14.223163] ================================================================== [ 14.223626] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 14.223970] Read of size 1 at addr ffff888103332378 by task kunit_try_catch/213 [ 14.224953] [ 14.225228] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.225284] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.225298] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.225324] Call Trace: [ 14.225340] <TASK> [ 14.225361] dump_stack_lvl+0x73/0xb0 [ 14.225396] print_report+0xd1/0x650 [ 14.225422] ? __virt_addr_valid+0x1db/0x2d0 [ 14.225449] ? ksize_uaf+0x5e4/0x6c0 [ 14.225473] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.225498] ? ksize_uaf+0x5e4/0x6c0 [ 14.225522] kasan_report+0x141/0x180 [ 14.225547] ? ksize_uaf+0x5e4/0x6c0 [ 14.225576] __asan_report_load1_noabort+0x18/0x20 [ 14.225604] ksize_uaf+0x5e4/0x6c0 [ 14.225627] ? __pfx_ksize_uaf+0x10/0x10 [ 14.225669] ? __schedule+0x10cc/0x2b60 [ 14.225695] ? __pfx_read_tsc+0x10/0x10 [ 14.225721] ? ktime_get_ts64+0x86/0x230 [ 14.225749] kunit_try_run_case+0x1a5/0x480 [ 14.225778] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.225803] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.225830] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.225857] ? __kthread_parkme+0x82/0x180 [ 14.225880] ? preempt_count_sub+0x50/0x80 [ 14.225908] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.225934] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.225960] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.225986] kthread+0x337/0x6f0 [ 14.226008] ? trace_preempt_on+0x20/0xc0 [ 14.226035] ? __pfx_kthread+0x10/0x10 [ 14.226058] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.226082] ? calculate_sigpending+0x7b/0xa0 [ 14.226110] ? __pfx_kthread+0x10/0x10 [ 14.226135] ret_from_fork+0x116/0x1d0 [ 14.226155] ? __pfx_kthread+0x10/0x10 [ 14.226179] ret_from_fork_asm+0x1a/0x30 [ 14.226214] </TASK> [ 14.226227] [ 14.236371] Allocated by task 213: [ 14.236546] kasan_save_stack+0x45/0x70 [ 14.237100] kasan_save_track+0x18/0x40 [ 14.237337] kasan_save_alloc_info+0x3b/0x50 [ 14.237579] __kasan_kmalloc+0xb7/0xc0 [ 14.238448] __kmalloc_cache_noprof+0x189/0x420 [ 14.238927] ksize_uaf+0xaa/0x6c0 [ 14.239303] kunit_try_run_case+0x1a5/0x480 [ 14.239555] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.239808] kthread+0x337/0x6f0 [ 14.240022] ret_from_fork+0x116/0x1d0 [ 14.240252] ret_from_fork_asm+0x1a/0x30 [ 14.240428] [ 14.240515] Freed by task 213: [ 14.240722] kasan_save_stack+0x45/0x70 [ 14.241029] kasan_save_track+0x18/0x40 [ 14.241193] kasan_save_free_info+0x3f/0x60 [ 14.241440] __kasan_slab_free+0x56/0x70 [ 14.241689] kfree+0x222/0x3f0 [ 14.241874] ksize_uaf+0x12c/0x6c0 [ 14.242070] kunit_try_run_case+0x1a5/0x480 [ 14.242322] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.242575] kthread+0x337/0x6f0 [ 14.242800] ret_from_fork+0x116/0x1d0 [ 14.243028] ret_from_fork_asm+0x1a/0x30 [ 14.243242] [ 14.243351] The buggy address belongs to the object at ffff888103332300 [ 14.243351] which belongs to the cache kmalloc-128 of size 128 [ 14.243933] The buggy address is located 120 bytes inside of [ 14.243933] freed 128-byte region [ffff888103332300, ffff888103332380) [ 14.244502] [ 14.244594] The buggy address belongs to the physical page: [ 14.244840] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103332 [ 14.245314] flags: 0x200000000000000(node=0|zone=2) [ 14.245513] page_type: f5(slab) [ 14.246314] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.246775] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.247145] page dumped because: kasan: bad access detected [ 14.247841] [ 14.247941] Memory state around the buggy address: [ 14.248434] ffff888103332200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.249107] ffff888103332280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.249477] >ffff888103332300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.249902] ^ [ 14.250254] ffff888103332380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.250616] ffff888103332400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.251401] ================================================================== [ 14.186637] ================================================================== [ 14.187019] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 14.187301] Read of size 1 at addr ffff888103332300 by task kunit_try_catch/213 [ 14.187585] [ 14.189773] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.189840] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.189855] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.189881] Call Trace: [ 14.189900] <TASK> [ 14.189925] dump_stack_lvl+0x73/0xb0 [ 14.189964] print_report+0xd1/0x650 [ 14.189990] ? __virt_addr_valid+0x1db/0x2d0 [ 14.190020] ? ksize_uaf+0x5fe/0x6c0 [ 14.190043] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.190068] ? ksize_uaf+0x5fe/0x6c0 [ 14.190092] kasan_report+0x141/0x180 [ 14.190117] ? ksize_uaf+0x5fe/0x6c0 [ 14.190146] __asan_report_load1_noabort+0x18/0x20 [ 14.190173] ksize_uaf+0x5fe/0x6c0 [ 14.190197] ? __pfx_ksize_uaf+0x10/0x10 [ 14.190223] ? __schedule+0x10cc/0x2b60 [ 14.190248] ? __pfx_read_tsc+0x10/0x10 [ 14.190273] ? ktime_get_ts64+0x86/0x230 [ 14.190303] kunit_try_run_case+0x1a5/0x480 [ 14.190332] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.190357] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.190384] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.190409] ? __kthread_parkme+0x82/0x180 [ 14.190440] ? preempt_count_sub+0x50/0x80 [ 14.190467] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.190493] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.190518] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.190544] kthread+0x337/0x6f0 [ 14.190566] ? trace_preempt_on+0x20/0xc0 [ 14.190592] ? __pfx_kthread+0x10/0x10 [ 14.190615] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.190639] ? calculate_sigpending+0x7b/0xa0 [ 14.191274] ? __pfx_kthread+0x10/0x10 [ 14.191311] ret_from_fork+0x116/0x1d0 [ 14.191336] ? __pfx_kthread+0x10/0x10 [ 14.191359] ret_from_fork_asm+0x1a/0x30 [ 14.191397] </TASK> [ 14.191410] [ 14.205070] Allocated by task 213: [ 14.205360] kasan_save_stack+0x45/0x70 [ 14.205786] kasan_save_track+0x18/0x40 [ 14.206141] kasan_save_alloc_info+0x3b/0x50 [ 14.206385] __kasan_kmalloc+0xb7/0xc0 [ 14.206601] __kmalloc_cache_noprof+0x189/0x420 [ 14.207170] ksize_uaf+0xaa/0x6c0 [ 14.207513] kunit_try_run_case+0x1a5/0x480 [ 14.207971] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.208440] kthread+0x337/0x6f0 [ 14.208898] ret_from_fork+0x116/0x1d0 [ 14.209151] ret_from_fork_asm+0x1a/0x30 [ 14.209369] [ 14.209477] Freed by task 213: [ 14.209921] kasan_save_stack+0x45/0x70 [ 14.210215] kasan_save_track+0x18/0x40 [ 14.210633] kasan_save_free_info+0x3f/0x60 [ 14.211049] __kasan_slab_free+0x56/0x70 [ 14.211279] kfree+0x222/0x3f0 [ 14.211460] ksize_uaf+0x12c/0x6c0 [ 14.211666] kunit_try_run_case+0x1a5/0x480 [ 14.211931] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.212212] kthread+0x337/0x6f0 [ 14.212355] ret_from_fork+0x116/0x1d0 [ 14.212583] ret_from_fork_asm+0x1a/0x30 [ 14.212811] [ 14.212899] The buggy address belongs to the object at ffff888103332300 [ 14.212899] which belongs to the cache kmalloc-128 of size 128 [ 14.213692] The buggy address is located 0 bytes inside of [ 14.213692] freed 128-byte region [ffff888103332300, ffff888103332380) [ 14.214401] [ 14.214530] The buggy address belongs to the physical page: [ 14.215251] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103332 [ 14.215937] flags: 0x200000000000000(node=0|zone=2) [ 14.216324] page_type: f5(slab) [ 14.216490] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.217174] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.217679] page dumped because: kasan: bad access detected [ 14.218021] [ 14.218121] Memory state around the buggy address: [ 14.218407] ffff888103332200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.218766] ffff888103332280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.219128] >ffff888103332300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.219476] ^ [ 14.220125] ffff888103332380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.220469] ffff888103332400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.220848] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 14.097985] ================================================================== [ 14.098367] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 14.099222] Read of size 1 at addr ffff888103332278 by task kunit_try_catch/211 [ 14.099618] [ 14.099760] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.099815] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.099829] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.100166] Call Trace: [ 14.100186] <TASK> [ 14.100208] dump_stack_lvl+0x73/0xb0 [ 14.100244] print_report+0xd1/0x650 [ 14.100271] ? __virt_addr_valid+0x1db/0x2d0 [ 14.100297] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 14.100324] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.100349] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 14.100376] kasan_report+0x141/0x180 [ 14.100401] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 14.100433] __asan_report_load1_noabort+0x18/0x20 [ 14.100461] ksize_unpoisons_memory+0x7e9/0x9b0 [ 14.100488] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 14.100513] ? finish_task_switch.isra.0+0x153/0x700 [ 14.100537] ? __switch_to+0x47/0xf50 [ 14.100567] ? __schedule+0x10cc/0x2b60 [ 14.100592] ? __pfx_read_tsc+0x10/0x10 [ 14.100616] ? ktime_get_ts64+0x86/0x230 [ 14.100643] kunit_try_run_case+0x1a5/0x480 [ 14.100690] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.100715] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.100742] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.100767] ? __kthread_parkme+0x82/0x180 [ 14.100846] ? preempt_count_sub+0x50/0x80 [ 14.100875] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.100902] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.100928] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.100954] kthread+0x337/0x6f0 [ 14.100977] ? trace_preempt_on+0x20/0xc0 [ 14.101004] ? __pfx_kthread+0x10/0x10 [ 14.101027] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.101051] ? calculate_sigpending+0x7b/0xa0 [ 14.101078] ? __pfx_kthread+0x10/0x10 [ 14.101102] ret_from_fork+0x116/0x1d0 [ 14.101123] ? __pfx_kthread+0x10/0x10 [ 14.101147] ret_from_fork_asm+0x1a/0x30 [ 14.101182] </TASK> [ 14.101195] [ 14.112319] Allocated by task 211: [ 14.112541] kasan_save_stack+0x45/0x70 [ 14.113109] kasan_save_track+0x18/0x40 [ 14.113433] kasan_save_alloc_info+0x3b/0x50 [ 14.113957] __kasan_kmalloc+0xb7/0xc0 [ 14.114167] __kmalloc_cache_noprof+0x189/0x420 [ 14.114416] ksize_unpoisons_memory+0xc7/0x9b0 [ 14.114681] kunit_try_run_case+0x1a5/0x480 [ 14.115429] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.115959] kthread+0x337/0x6f0 [ 14.116680] ret_from_fork+0x116/0x1d0 [ 14.117296] ret_from_fork_asm+0x1a/0x30 [ 14.117548] [ 14.117675] The buggy address belongs to the object at ffff888103332200 [ 14.117675] which belongs to the cache kmalloc-128 of size 128 [ 14.119116] The buggy address is located 5 bytes to the right of [ 14.119116] allocated 115-byte region [ffff888103332200, ffff888103332273) [ 14.120273] [ 14.120548] The buggy address belongs to the physical page: [ 14.121207] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103332 [ 14.122057] flags: 0x200000000000000(node=0|zone=2) [ 14.122290] page_type: f5(slab) [ 14.122497] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.122871] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.123424] page dumped because: kasan: bad access detected [ 14.123681] [ 14.123850] Memory state around the buggy address: [ 14.124101] ffff888103332100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.124444] ffff888103332180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.124807] >ffff888103332200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.125210] ^ [ 14.125563] ffff888103332280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.125861] ffff888103332300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.126308] ================================================================== [ 14.068551] ================================================================== [ 14.069482] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 14.069930] Read of size 1 at addr ffff888103332273 by task kunit_try_catch/211 [ 14.070282] [ 14.070434] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.070492] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.070506] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.070532] Call Trace: [ 14.070548] <TASK> [ 14.070571] dump_stack_lvl+0x73/0xb0 [ 14.070607] print_report+0xd1/0x650 [ 14.070633] ? __virt_addr_valid+0x1db/0x2d0 [ 14.070804] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 14.070835] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.070876] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 14.070904] kasan_report+0x141/0x180 [ 14.070931] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 14.070963] __asan_report_load1_noabort+0x18/0x20 [ 14.070991] ksize_unpoisons_memory+0x81c/0x9b0 [ 14.071018] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 14.071043] ? finish_task_switch.isra.0+0x153/0x700 [ 14.071071] ? __switch_to+0x47/0xf50 [ 14.071197] ? __schedule+0x10cc/0x2b60 [ 14.071231] ? __pfx_read_tsc+0x10/0x10 [ 14.071256] ? ktime_get_ts64+0x86/0x230 [ 14.071305] kunit_try_run_case+0x1a5/0x480 [ 14.071336] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.071360] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.071388] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.071414] ? __kthread_parkme+0x82/0x180 [ 14.071437] ? preempt_count_sub+0x50/0x80 [ 14.071463] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.071490] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.071515] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.071541] kthread+0x337/0x6f0 [ 14.071565] ? trace_preempt_on+0x20/0xc0 [ 14.071592] ? __pfx_kthread+0x10/0x10 [ 14.071615] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.071639] ? calculate_sigpending+0x7b/0xa0 [ 14.071681] ? __pfx_kthread+0x10/0x10 [ 14.071705] ret_from_fork+0x116/0x1d0 [ 14.071727] ? __pfx_kthread+0x10/0x10 [ 14.071751] ret_from_fork_asm+0x1a/0x30 [ 14.071845] </TASK> [ 14.071862] [ 14.083690] Allocated by task 211: [ 14.083979] kasan_save_stack+0x45/0x70 [ 14.084171] kasan_save_track+0x18/0x40 [ 14.084690] kasan_save_alloc_info+0x3b/0x50 [ 14.084962] __kasan_kmalloc+0xb7/0xc0 [ 14.085191] __kmalloc_cache_noprof+0x189/0x420 [ 14.085934] ksize_unpoisons_memory+0xc7/0x9b0 [ 14.086208] kunit_try_run_case+0x1a5/0x480 [ 14.086489] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.086841] kthread+0x337/0x6f0 [ 14.087304] ret_from_fork+0x116/0x1d0 [ 14.087603] ret_from_fork_asm+0x1a/0x30 [ 14.087979] [ 14.088095] The buggy address belongs to the object at ffff888103332200 [ 14.088095] which belongs to the cache kmalloc-128 of size 128 [ 14.089101] The buggy address is located 0 bytes to the right of [ 14.089101] allocated 115-byte region [ffff888103332200, ffff888103332273) [ 14.089770] [ 14.089992] The buggy address belongs to the physical page: [ 14.090269] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103332 [ 14.090692] flags: 0x200000000000000(node=0|zone=2) [ 14.091067] page_type: f5(slab) [ 14.091308] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.091692] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.092169] page dumped because: kasan: bad access detected [ 14.092873] [ 14.093098] Memory state around the buggy address: [ 14.093538] ffff888103332100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.094074] ffff888103332180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.094505] >ffff888103332200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.095155] ^ [ 14.095514] ffff888103332280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.096167] ffff888103332300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.096518] ================================================================== [ 14.126994] ================================================================== [ 14.127412] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 14.127775] Read of size 1 at addr ffff88810333227f by task kunit_try_catch/211 [ 14.128213] [ 14.128329] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.128382] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.128396] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.128421] Call Trace: [ 14.128442] <TASK> [ 14.128465] dump_stack_lvl+0x73/0xb0 [ 14.128499] print_report+0xd1/0x650 [ 14.128524] ? __virt_addr_valid+0x1db/0x2d0 [ 14.128550] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 14.128576] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.128601] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 14.128627] kasan_report+0x141/0x180 [ 14.128665] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 14.128697] __asan_report_load1_noabort+0x18/0x20 [ 14.128725] ksize_unpoisons_memory+0x7b6/0x9b0 [ 14.128752] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 14.128777] ? finish_task_switch.isra.0+0x153/0x700 [ 14.128802] ? __switch_to+0x47/0xf50 [ 14.128832] ? __schedule+0x10cc/0x2b60 [ 14.128858] ? __pfx_read_tsc+0x10/0x10 [ 14.128882] ? ktime_get_ts64+0x86/0x230 [ 14.128909] kunit_try_run_case+0x1a5/0x480 [ 14.128936] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.128961] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.128988] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.129014] ? __kthread_parkme+0x82/0x180 [ 14.129037] ? preempt_count_sub+0x50/0x80 [ 14.129063] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.129090] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.129116] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.129142] kthread+0x337/0x6f0 [ 14.129164] ? trace_preempt_on+0x20/0xc0 [ 14.129191] ? __pfx_kthread+0x10/0x10 [ 14.129215] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.129239] ? calculate_sigpending+0x7b/0xa0 [ 14.129267] ? __pfx_kthread+0x10/0x10 [ 14.129291] ret_from_fork+0x116/0x1d0 [ 14.129311] ? __pfx_kthread+0x10/0x10 [ 14.129335] ret_from_fork_asm+0x1a/0x30 [ 14.129370] </TASK> [ 14.129382] [ 14.139329] Allocated by task 211: [ 14.139523] kasan_save_stack+0x45/0x70 [ 14.139723] kasan_save_track+0x18/0x40 [ 14.140043] kasan_save_alloc_info+0x3b/0x50 [ 14.140317] __kasan_kmalloc+0xb7/0xc0 [ 14.140539] __kmalloc_cache_noprof+0x189/0x420 [ 14.140884] ksize_unpoisons_memory+0xc7/0x9b0 [ 14.141099] kunit_try_run_case+0x1a5/0x480 [ 14.141338] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.141626] kthread+0x337/0x6f0 [ 14.141785] ret_from_fork+0x116/0x1d0 [ 14.142235] ret_from_fork_asm+0x1a/0x30 [ 14.142438] [ 14.142533] The buggy address belongs to the object at ffff888103332200 [ 14.142533] which belongs to the cache kmalloc-128 of size 128 [ 14.143176] The buggy address is located 12 bytes to the right of [ 14.143176] allocated 115-byte region [ffff888103332200, ffff888103332273) [ 14.143883] [ 14.143977] The buggy address belongs to the physical page: [ 14.144185] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103332 [ 14.144473] flags: 0x200000000000000(node=0|zone=2) [ 14.144733] page_type: f5(slab) [ 14.144933] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.145339] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.145757] page dumped because: kasan: bad access detected [ 14.146038] [ 14.146124] Memory state around the buggy address: [ 14.146311] ffff888103332100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.146578] ffff888103332180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.147474] >ffff888103332200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.148065] ^ [ 14.148458] ffff888103332280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.148780] ffff888103332300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.149155] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 14.031736] ================================================================== [ 14.032301] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 14.032558] Free of addr ffff8881018868c0 by task kunit_try_catch/209 [ 14.033333] [ 14.033705] CPU: 1 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.033808] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.033824] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.033850] Call Trace: [ 14.033867] <TASK> [ 14.033888] dump_stack_lvl+0x73/0xb0 [ 14.033925] print_report+0xd1/0x650 [ 14.033951] ? __virt_addr_valid+0x1db/0x2d0 [ 14.033979] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.034004] ? kfree_sensitive+0x2e/0x90 [ 14.034029] kasan_report_invalid_free+0x10a/0x130 [ 14.034057] ? kfree_sensitive+0x2e/0x90 [ 14.034082] ? kfree_sensitive+0x2e/0x90 [ 14.034105] check_slab_allocation+0x101/0x130 [ 14.034130] __kasan_slab_pre_free+0x28/0x40 [ 14.034154] kfree+0xf0/0x3f0 [ 14.034179] ? add_taint+0x2e/0xa0 [ 14.034200] ? kfree_sensitive+0x2e/0x90 [ 14.034226] kfree_sensitive+0x2e/0x90 [ 14.034249] kmalloc_double_kzfree+0x19c/0x350 [ 14.034278] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 14.034309] ? __schedule+0x10cc/0x2b60 [ 14.034337] ? __pfx_read_tsc+0x10/0x10 [ 14.034362] ? ktime_get_ts64+0x86/0x230 [ 14.034390] kunit_try_run_case+0x1a5/0x480 [ 14.034429] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.034454] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.034483] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.034509] ? __kthread_parkme+0x82/0x180 [ 14.034531] ? preempt_count_sub+0x50/0x80 [ 14.034560] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.034587] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.034613] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.034639] kthread+0x337/0x6f0 [ 14.034677] ? trace_preempt_on+0x20/0xc0 [ 14.034704] ? __pfx_kthread+0x10/0x10 [ 14.034728] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.034752] ? calculate_sigpending+0x7b/0xa0 [ 14.034795] ? __pfx_kthread+0x10/0x10 [ 14.034820] ret_from_fork+0x116/0x1d0 [ 14.034841] ? __pfx_kthread+0x10/0x10 [ 14.034866] ret_from_fork_asm+0x1a/0x30 [ 14.034901] </TASK> [ 14.034915] [ 14.049027] Allocated by task 209: [ 14.049247] kasan_save_stack+0x45/0x70 [ 14.049461] kasan_save_track+0x18/0x40 [ 14.049684] kasan_save_alloc_info+0x3b/0x50 [ 14.049859] __kasan_kmalloc+0xb7/0xc0 [ 14.050014] __kmalloc_cache_noprof+0x189/0x420 [ 14.050202] kmalloc_double_kzfree+0xa9/0x350 [ 14.050456] kunit_try_run_case+0x1a5/0x480 [ 14.050993] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.051277] kthread+0x337/0x6f0 [ 14.051431] ret_from_fork+0x116/0x1d0 [ 14.051676] ret_from_fork_asm+0x1a/0x30 [ 14.052093] [ 14.052205] Freed by task 209: [ 14.052403] kasan_save_stack+0x45/0x70 [ 14.052614] kasan_save_track+0x18/0x40 [ 14.052915] kasan_save_free_info+0x3f/0x60 [ 14.053141] __kasan_slab_free+0x56/0x70 [ 14.053374] kfree+0x222/0x3f0 [ 14.053551] kfree_sensitive+0x67/0x90 [ 14.053738] kmalloc_double_kzfree+0x12b/0x350 [ 14.054242] kunit_try_run_case+0x1a5/0x480 [ 14.054467] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.054747] kthread+0x337/0x6f0 [ 14.054966] ret_from_fork+0x116/0x1d0 [ 14.055195] ret_from_fork_asm+0x1a/0x30 [ 14.055383] [ 14.055500] The buggy address belongs to the object at ffff8881018868c0 [ 14.055500] which belongs to the cache kmalloc-16 of size 16 [ 14.056374] The buggy address is located 0 bytes inside of [ 14.056374] 16-byte region [ffff8881018868c0, ffff8881018868d0) [ 14.056827] [ 14.056948] The buggy address belongs to the physical page: [ 14.057373] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101886 [ 14.057805] flags: 0x200000000000000(node=0|zone=2) [ 14.058082] page_type: f5(slab) [ 14.058297] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.058734] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.059158] page dumped because: kasan: bad access detected [ 14.059423] [ 14.059510] Memory state around the buggy address: [ 14.059843] ffff888101886780: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.060225] ffff888101886800: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.060521] >ffff888101886880: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 14.060790] ^ [ 14.060994] ffff888101886900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.061373] ffff888101886980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.061770] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 13.995320] ================================================================== [ 13.996359] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 13.997157] Read of size 1 at addr ffff8881018868c0 by task kunit_try_catch/209 [ 13.997516] [ 13.997675] CPU: 1 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.997746] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.997762] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.997803] Call Trace: [ 13.997818] <TASK> [ 13.997852] dump_stack_lvl+0x73/0xb0 [ 13.997888] print_report+0xd1/0x650 [ 13.997914] ? __virt_addr_valid+0x1db/0x2d0 [ 13.998000] ? kmalloc_double_kzfree+0x19c/0x350 [ 13.998027] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.998053] ? kmalloc_double_kzfree+0x19c/0x350 [ 13.998096] kasan_report+0x141/0x180 [ 13.998122] ? kmalloc_double_kzfree+0x19c/0x350 [ 13.998166] ? kmalloc_double_kzfree+0x19c/0x350 [ 13.998193] __kasan_check_byte+0x3d/0x50 [ 13.998219] kfree_sensitive+0x22/0x90 [ 13.998259] kmalloc_double_kzfree+0x19c/0x350 [ 13.998286] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 13.998327] ? __schedule+0x10cc/0x2b60 [ 13.998353] ? __pfx_read_tsc+0x10/0x10 [ 13.998379] ? ktime_get_ts64+0x86/0x230 [ 13.998428] kunit_try_run_case+0x1a5/0x480 [ 13.998458] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.998496] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.998524] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.998550] ? __kthread_parkme+0x82/0x180 [ 13.998574] ? preempt_count_sub+0x50/0x80 [ 13.998602] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.998629] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.998666] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.998693] kthread+0x337/0x6f0 [ 13.998719] ? trace_preempt_on+0x20/0xc0 [ 13.998749] ? __pfx_kthread+0x10/0x10 [ 13.998794] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.998833] ? calculate_sigpending+0x7b/0xa0 [ 13.998864] ? __pfx_kthread+0x10/0x10 [ 13.998889] ret_from_fork+0x116/0x1d0 [ 13.998912] ? __pfx_kthread+0x10/0x10 [ 13.998935] ret_from_fork_asm+0x1a/0x30 [ 13.998972] </TASK> [ 13.998987] [ 14.012332] Allocated by task 209: [ 14.012573] kasan_save_stack+0x45/0x70 [ 14.012953] kasan_save_track+0x18/0x40 [ 14.013229] kasan_save_alloc_info+0x3b/0x50 [ 14.013509] __kasan_kmalloc+0xb7/0xc0 [ 14.013750] __kmalloc_cache_noprof+0x189/0x420 [ 14.014065] kmalloc_double_kzfree+0xa9/0x350 [ 14.014252] kunit_try_run_case+0x1a5/0x480 [ 14.014439] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.014662] kthread+0x337/0x6f0 [ 14.014926] ret_from_fork+0x116/0x1d0 [ 14.015220] ret_from_fork_asm+0x1a/0x30 [ 14.015797] [ 14.015996] Freed by task 209: [ 14.016139] kasan_save_stack+0x45/0x70 [ 14.016320] kasan_save_track+0x18/0x40 [ 14.016550] kasan_save_free_info+0x3f/0x60 [ 14.017242] __kasan_slab_free+0x56/0x70 [ 14.018108] kfree+0x222/0x3f0 [ 14.018338] kfree_sensitive+0x67/0x90 [ 14.018680] kmalloc_double_kzfree+0x12b/0x350 [ 14.018883] kunit_try_run_case+0x1a5/0x480 [ 14.019177] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.019964] kthread+0x337/0x6f0 [ 14.020183] ret_from_fork+0x116/0x1d0 [ 14.020731] ret_from_fork_asm+0x1a/0x30 [ 14.021307] [ 14.021419] The buggy address belongs to the object at ffff8881018868c0 [ 14.021419] which belongs to the cache kmalloc-16 of size 16 [ 14.022664] The buggy address is located 0 bytes inside of [ 14.022664] freed 16-byte region [ffff8881018868c0, ffff8881018868d0) [ 14.023694] [ 14.023936] The buggy address belongs to the physical page: [ 14.024591] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101886 [ 14.025210] flags: 0x200000000000000(node=0|zone=2) [ 14.025531] page_type: f5(slab) [ 14.025768] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.026217] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.026551] page dumped because: kasan: bad access detected [ 14.026855] [ 14.027121] Memory state around the buggy address: [ 14.027385] ffff888101886780: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.027768] ffff888101886800: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.028143] >ffff888101886880: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 14.028544] ^ [ 14.029232] ffff888101886900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.029542] ffff888101886980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.030183] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 13.958133] ================================================================== [ 13.958694] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 13.959240] Read of size 1 at addr ffff88810332dd28 by task kunit_try_catch/205 [ 13.959591] [ 13.959751] CPU: 1 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.959808] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.959822] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.959849] Call Trace: [ 13.959864] <TASK> [ 13.959885] dump_stack_lvl+0x73/0xb0 [ 13.959922] print_report+0xd1/0x650 [ 13.959948] ? __virt_addr_valid+0x1db/0x2d0 [ 13.959977] ? kmalloc_uaf2+0x4a8/0x520 [ 13.960000] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.960026] ? kmalloc_uaf2+0x4a8/0x520 [ 13.960049] kasan_report+0x141/0x180 [ 13.960142] ? kmalloc_uaf2+0x4a8/0x520 [ 13.960191] __asan_report_load1_noabort+0x18/0x20 [ 13.960219] kmalloc_uaf2+0x4a8/0x520 [ 13.960243] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 13.960265] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.960301] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 13.960329] kunit_try_run_case+0x1a5/0x480 [ 13.960359] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.960383] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.960411] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.960437] ? __kthread_parkme+0x82/0x180 [ 13.960462] ? preempt_count_sub+0x50/0x80 [ 13.960491] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.960519] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.960546] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.960572] kthread+0x337/0x6f0 [ 13.960594] ? trace_preempt_on+0x20/0xc0 [ 13.960621] ? __pfx_kthread+0x10/0x10 [ 13.960645] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.960678] ? calculate_sigpending+0x7b/0xa0 [ 13.960707] ? __pfx_kthread+0x10/0x10 [ 13.960731] ret_from_fork+0x116/0x1d0 [ 13.960754] ? __pfx_kthread+0x10/0x10 [ 13.960825] ret_from_fork_asm+0x1a/0x30 [ 13.960868] </TASK> [ 13.960882] [ 13.970031] Allocated by task 205: [ 13.970321] kasan_save_stack+0x45/0x70 [ 13.970575] kasan_save_track+0x18/0x40 [ 13.970912] kasan_save_alloc_info+0x3b/0x50 [ 13.971318] __kasan_kmalloc+0xb7/0xc0 [ 13.971616] __kmalloc_cache_noprof+0x189/0x420 [ 13.971939] kmalloc_uaf2+0xc6/0x520 [ 13.972318] kunit_try_run_case+0x1a5/0x480 [ 13.972576] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.972951] kthread+0x337/0x6f0 [ 13.973146] ret_from_fork+0x116/0x1d0 [ 13.973306] ret_from_fork_asm+0x1a/0x30 [ 13.973475] [ 13.973562] Freed by task 205: [ 13.973782] kasan_save_stack+0x45/0x70 [ 13.974220] kasan_save_track+0x18/0x40 [ 13.974519] kasan_save_free_info+0x3f/0x60 [ 13.974813] __kasan_slab_free+0x56/0x70 [ 13.974979] kfree+0x222/0x3f0 [ 13.975118] kmalloc_uaf2+0x14c/0x520 [ 13.975434] kunit_try_run_case+0x1a5/0x480 [ 13.975735] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.976064] kthread+0x337/0x6f0 [ 13.976349] ret_from_fork+0x116/0x1d0 [ 13.976515] ret_from_fork_asm+0x1a/0x30 [ 13.976764] [ 13.976909] The buggy address belongs to the object at ffff88810332dd00 [ 13.976909] which belongs to the cache kmalloc-64 of size 64 [ 13.977800] The buggy address is located 40 bytes inside of [ 13.977800] freed 64-byte region [ffff88810332dd00, ffff88810332dd40) [ 13.978835] [ 13.978991] The buggy address belongs to the physical page: [ 13.979882] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10332d [ 13.980527] flags: 0x200000000000000(node=0|zone=2) [ 13.981012] page_type: f5(slab) [ 13.981239] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.981614] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.982411] page dumped because: kasan: bad access detected [ 13.983468] [ 13.983617] Memory state around the buggy address: [ 13.984291] ffff88810332dc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.985042] ffff88810332dc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.985411] >ffff88810332dd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.985749] ^ [ 13.986367] ffff88810332dd80: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 13.987381] ffff88810332de00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.988183] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 13.915358] ================================================================== [ 13.916200] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 13.916558] Write of size 33 at addr ffff88810332dc00 by task kunit_try_catch/203 [ 13.916920] [ 13.917221] CPU: 1 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.917281] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.917296] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.917321] Call Trace: [ 13.917335] <TASK> [ 13.917356] dump_stack_lvl+0x73/0xb0 [ 13.917392] print_report+0xd1/0x650 [ 13.917418] ? __virt_addr_valid+0x1db/0x2d0 [ 13.917446] ? kmalloc_uaf_memset+0x1a3/0x360 [ 13.917471] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.917497] ? kmalloc_uaf_memset+0x1a3/0x360 [ 13.917522] kasan_report+0x141/0x180 [ 13.917548] ? kmalloc_uaf_memset+0x1a3/0x360 [ 13.917579] kasan_check_range+0x10c/0x1c0 [ 13.917606] __asan_memset+0x27/0x50 [ 13.917629] kmalloc_uaf_memset+0x1a3/0x360 [ 13.917670] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 13.917696] ? __schedule+0x10cc/0x2b60 [ 13.917722] ? __pfx_read_tsc+0x10/0x10 [ 13.917747] ? ktime_get_ts64+0x86/0x230 [ 13.917776] kunit_try_run_case+0x1a5/0x480 [ 13.917805] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.917830] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.917857] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.917884] ? __kthread_parkme+0x82/0x180 [ 13.917907] ? preempt_count_sub+0x50/0x80 [ 13.918000] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.918030] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.918056] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.918083] kthread+0x337/0x6f0 [ 13.918106] ? trace_preempt_on+0x20/0xc0 [ 13.918134] ? __pfx_kthread+0x10/0x10 [ 13.918158] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.918182] ? calculate_sigpending+0x7b/0xa0 [ 13.918210] ? __pfx_kthread+0x10/0x10 [ 13.918235] ret_from_fork+0x116/0x1d0 [ 13.918257] ? __pfx_kthread+0x10/0x10 [ 13.918282] ret_from_fork_asm+0x1a/0x30 [ 13.918320] </TASK> [ 13.918333] [ 13.935610] Allocated by task 203: [ 13.936267] kasan_save_stack+0x45/0x70 [ 13.936500] kasan_save_track+0x18/0x40 [ 13.936735] kasan_save_alloc_info+0x3b/0x50 [ 13.937768] __kasan_kmalloc+0xb7/0xc0 [ 13.938059] __kmalloc_cache_noprof+0x189/0x420 [ 13.938319] kmalloc_uaf_memset+0xa9/0x360 [ 13.938546] kunit_try_run_case+0x1a5/0x480 [ 13.939174] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.939482] kthread+0x337/0x6f0 [ 13.939692] ret_from_fork+0x116/0x1d0 [ 13.940163] ret_from_fork_asm+0x1a/0x30 [ 13.940415] [ 13.940515] Freed by task 203: [ 13.940718] kasan_save_stack+0x45/0x70 [ 13.940925] kasan_save_track+0x18/0x40 [ 13.941679] kasan_save_free_info+0x3f/0x60 [ 13.941879] __kasan_slab_free+0x56/0x70 [ 13.942353] kfree+0x222/0x3f0 [ 13.942569] kmalloc_uaf_memset+0x12b/0x360 [ 13.942963] kunit_try_run_case+0x1a5/0x480 [ 13.943216] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.943502] kthread+0x337/0x6f0 [ 13.943724] ret_from_fork+0x116/0x1d0 [ 13.944327] ret_from_fork_asm+0x1a/0x30 [ 13.944513] [ 13.945018] The buggy address belongs to the object at ffff88810332dc00 [ 13.945018] which belongs to the cache kmalloc-64 of size 64 [ 13.945616] The buggy address is located 0 bytes inside of [ 13.945616] freed 64-byte region [ffff88810332dc00, ffff88810332dc40) [ 13.946563] [ 13.946845] The buggy address belongs to the physical page: [ 13.947160] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10332d [ 13.947720] flags: 0x200000000000000(node=0|zone=2) [ 13.948122] page_type: f5(slab) [ 13.948298] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.948706] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.949185] page dumped because: kasan: bad access detected [ 13.950151] [ 13.950263] Memory state around the buggy address: [ 13.950469] ffff88810332db00: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc [ 13.951289] ffff88810332db80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.951677] >ffff88810332dc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.952290] ^ [ 13.952501] ffff88810332dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.953182] ffff88810332dd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.953492] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 13.880097] ================================================================== [ 13.880589] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 13.881318] Read of size 1 at addr ffff8881018868a8 by task kunit_try_catch/201 [ 13.881583] [ 13.881709] CPU: 1 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.881765] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.881781] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.882069] Call Trace: [ 13.882093] <TASK> [ 13.882115] dump_stack_lvl+0x73/0xb0 [ 13.882153] print_report+0xd1/0x650 [ 13.882179] ? __virt_addr_valid+0x1db/0x2d0 [ 13.882216] ? kmalloc_uaf+0x320/0x380 [ 13.882239] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.882264] ? kmalloc_uaf+0x320/0x380 [ 13.882288] kasan_report+0x141/0x180 [ 13.882313] ? kmalloc_uaf+0x320/0x380 [ 13.882342] __asan_report_load1_noabort+0x18/0x20 [ 13.882369] kmalloc_uaf+0x320/0x380 [ 13.882392] ? __pfx_kmalloc_uaf+0x10/0x10 [ 13.882416] ? __schedule+0x10cc/0x2b60 [ 13.882447] ? __pfx_read_tsc+0x10/0x10 [ 13.882504] ? ktime_get_ts64+0x86/0x230 [ 13.882533] kunit_try_run_case+0x1a5/0x480 [ 13.882592] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.882619] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.882681] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.882708] ? __kthread_parkme+0x82/0x180 [ 13.882732] ? preempt_count_sub+0x50/0x80 [ 13.882759] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.882786] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.882812] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.882838] kthread+0x337/0x6f0 [ 13.882860] ? trace_preempt_on+0x20/0xc0 [ 13.882888] ? __pfx_kthread+0x10/0x10 [ 13.882911] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.882935] ? calculate_sigpending+0x7b/0xa0 [ 13.882964] ? __pfx_kthread+0x10/0x10 [ 13.882988] ret_from_fork+0x116/0x1d0 [ 13.883010] ? __pfx_kthread+0x10/0x10 [ 13.883047] ret_from_fork_asm+0x1a/0x30 [ 13.883084] </TASK> [ 13.883097] [ 13.895686] Allocated by task 201: [ 13.896193] kasan_save_stack+0x45/0x70 [ 13.896553] kasan_save_track+0x18/0x40 [ 13.896919] kasan_save_alloc_info+0x3b/0x50 [ 13.897177] __kasan_kmalloc+0xb7/0xc0 [ 13.897394] __kmalloc_cache_noprof+0x189/0x420 [ 13.897670] kmalloc_uaf+0xaa/0x380 [ 13.898144] kunit_try_run_case+0x1a5/0x480 [ 13.898343] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.898642] kthread+0x337/0x6f0 [ 13.898840] ret_from_fork+0x116/0x1d0 [ 13.899103] ret_from_fork_asm+0x1a/0x30 [ 13.899382] [ 13.899505] Freed by task 201: [ 13.899689] kasan_save_stack+0x45/0x70 [ 13.899987] kasan_save_track+0x18/0x40 [ 13.900199] kasan_save_free_info+0x3f/0x60 [ 13.900435] __kasan_slab_free+0x56/0x70 [ 13.900695] kfree+0x222/0x3f0 [ 13.901186] kmalloc_uaf+0x12c/0x380 [ 13.901389] kunit_try_run_case+0x1a5/0x480 [ 13.901567] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.902097] kthread+0x337/0x6f0 [ 13.902289] ret_from_fork+0x116/0x1d0 [ 13.902506] ret_from_fork_asm+0x1a/0x30 [ 13.902725] [ 13.902896] The buggy address belongs to the object at ffff8881018868a0 [ 13.902896] which belongs to the cache kmalloc-16 of size 16 [ 13.903641] The buggy address is located 8 bytes inside of [ 13.903641] freed 16-byte region [ffff8881018868a0, ffff8881018868b0) [ 13.904296] [ 13.904537] The buggy address belongs to the physical page: [ 13.904891] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101886 [ 13.905456] flags: 0x200000000000000(node=0|zone=2) [ 13.905767] page_type: f5(slab) [ 13.905960] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.906434] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.906889] page dumped because: kasan: bad access detected [ 13.907160] [ 13.907275] Memory state around the buggy address: [ 13.907482] ffff888101886780: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.907855] ffff888101886800: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.908251] >ffff888101886880: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 13.908556] ^ [ 13.909421] ffff888101886900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.910186] ffff888101886980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.910572] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 13.846291] ================================================================== [ 13.846868] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 13.847195] Read of size 64 at addr ffff88810332da84 by task kunit_try_catch/199 [ 13.847466] [ 13.847581] CPU: 1 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.847638] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.848216] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.848252] Call Trace: [ 13.848270] <TASK> [ 13.848294] dump_stack_lvl+0x73/0xb0 [ 13.848335] print_report+0xd1/0x650 [ 13.848373] ? __virt_addr_valid+0x1db/0x2d0 [ 13.848403] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 13.848431] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.848456] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 13.848485] kasan_report+0x141/0x180 [ 13.848510] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 13.848544] kasan_check_range+0x10c/0x1c0 [ 13.848571] __asan_memmove+0x27/0x70 [ 13.848594] kmalloc_memmove_invalid_size+0x16f/0x330 [ 13.848622] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 13.848663] ? __schedule+0x10cc/0x2b60 [ 13.848689] ? __pfx_read_tsc+0x10/0x10 [ 13.848715] ? ktime_get_ts64+0x86/0x230 [ 13.848745] kunit_try_run_case+0x1a5/0x480 [ 13.849522] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.849558] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.849589] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.849617] ? __kthread_parkme+0x82/0x180 [ 13.849644] ? preempt_count_sub+0x50/0x80 [ 13.849691] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.849718] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.849744] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.849832] kthread+0x337/0x6f0 [ 13.849856] ? trace_preempt_on+0x20/0xc0 [ 13.849884] ? __pfx_kthread+0x10/0x10 [ 13.849907] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.849932] ? calculate_sigpending+0x7b/0xa0 [ 13.849960] ? __pfx_kthread+0x10/0x10 [ 13.849985] ret_from_fork+0x116/0x1d0 [ 13.850007] ? __pfx_kthread+0x10/0x10 [ 13.850030] ret_from_fork_asm+0x1a/0x30 [ 13.850068] </TASK> [ 13.850082] [ 13.864965] Allocated by task 199: [ 13.865269] kasan_save_stack+0x45/0x70 [ 13.865572] kasan_save_track+0x18/0x40 [ 13.865856] kasan_save_alloc_info+0x3b/0x50 [ 13.866043] __kasan_kmalloc+0xb7/0xc0 [ 13.866268] __kmalloc_cache_noprof+0x189/0x420 [ 13.866542] kmalloc_memmove_invalid_size+0xac/0x330 [ 13.866766] kunit_try_run_case+0x1a5/0x480 [ 13.867031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.867340] kthread+0x337/0x6f0 [ 13.867527] ret_from_fork+0x116/0x1d0 [ 13.867729] ret_from_fork_asm+0x1a/0x30 [ 13.868346] [ 13.868460] The buggy address belongs to the object at ffff88810332da80 [ 13.868460] which belongs to the cache kmalloc-64 of size 64 [ 13.869121] The buggy address is located 4 bytes inside of [ 13.869121] allocated 64-byte region [ffff88810332da80, ffff88810332dac0) [ 13.869700] [ 13.869809] The buggy address belongs to the physical page: [ 13.870038] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10332d [ 13.870332] flags: 0x200000000000000(node=0|zone=2) [ 13.870620] page_type: f5(slab) [ 13.870916] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.871326] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.871750] page dumped because: kasan: bad access detected [ 13.872075] [ 13.872193] Memory state around the buggy address: [ 13.872395] ffff88810332d980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.872678] ffff88810332da00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.873418] >ffff88810332da80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 13.873777] ^ [ 13.874139] ffff88810332db00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.874478] ffff88810332db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.875023] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 13.815418] ================================================================== [ 13.816018] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 13.816443] Read of size 18446744073709551614 at addr ffff8881038d5504 by task kunit_try_catch/197 [ 13.816862] [ 13.817006] CPU: 0 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.817063] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.817078] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.817104] Call Trace: [ 13.817119] <TASK> [ 13.817141] dump_stack_lvl+0x73/0xb0 [ 13.817175] print_report+0xd1/0x650 [ 13.817201] ? __virt_addr_valid+0x1db/0x2d0 [ 13.817229] ? kmalloc_memmove_negative_size+0x171/0x330 [ 13.817258] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.817283] ? kmalloc_memmove_negative_size+0x171/0x330 [ 13.817906] kasan_report+0x141/0x180 [ 13.817943] ? kmalloc_memmove_negative_size+0x171/0x330 [ 13.817979] kasan_check_range+0x10c/0x1c0 [ 13.818007] __asan_memmove+0x27/0x70 [ 13.818030] kmalloc_memmove_negative_size+0x171/0x330 [ 13.818058] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 13.818088] ? __schedule+0x10cc/0x2b60 [ 13.818116] ? __pfx_read_tsc+0x10/0x10 [ 13.818143] ? ktime_get_ts64+0x86/0x230 [ 13.818172] kunit_try_run_case+0x1a5/0x480 [ 13.818203] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.818228] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.818256] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.818283] ? __kthread_parkme+0x82/0x180 [ 13.818307] ? preempt_count_sub+0x50/0x80 [ 13.818334] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.818361] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.818387] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.818413] kthread+0x337/0x6f0 [ 13.818444] ? trace_preempt_on+0x20/0xc0 [ 13.818472] ? __pfx_kthread+0x10/0x10 [ 13.818496] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.818520] ? calculate_sigpending+0x7b/0xa0 [ 13.818548] ? __pfx_kthread+0x10/0x10 [ 13.818573] ret_from_fork+0x116/0x1d0 [ 13.818594] ? __pfx_kthread+0x10/0x10 [ 13.818618] ret_from_fork_asm+0x1a/0x30 [ 13.818671] </TASK> [ 13.818685] [ 13.830832] Allocated by task 197: [ 13.831075] kasan_save_stack+0x45/0x70 [ 13.831333] kasan_save_track+0x18/0x40 [ 13.831544] kasan_save_alloc_info+0x3b/0x50 [ 13.832364] __kasan_kmalloc+0xb7/0xc0 [ 13.832605] __kmalloc_cache_noprof+0x189/0x420 [ 13.833172] kmalloc_memmove_negative_size+0xac/0x330 [ 13.833451] kunit_try_run_case+0x1a5/0x480 [ 13.833989] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.834243] kthread+0x337/0x6f0 [ 13.834461] ret_from_fork+0x116/0x1d0 [ 13.834698] ret_from_fork_asm+0x1a/0x30 [ 13.835188] [ 13.835318] The buggy address belongs to the object at ffff8881038d5500 [ 13.835318] which belongs to the cache kmalloc-64 of size 64 [ 13.835921] The buggy address is located 4 bytes inside of [ 13.835921] 64-byte region [ffff8881038d5500, ffff8881038d5540) [ 13.836426] [ 13.836549] The buggy address belongs to the physical page: [ 13.836936] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038d5 [ 13.837316] flags: 0x200000000000000(node=0|zone=2) [ 13.837570] page_type: f5(slab) [ 13.837908] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.838284] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.838735] page dumped because: kasan: bad access detected [ 13.839280] [ 13.839408] Memory state around the buggy address: [ 13.839641] ffff8881038d5400: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 13.840132] ffff8881038d5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.840700] >ffff8881038d5500: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 13.841187] ^ [ 13.841395] ffff8881038d5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.841908] ffff8881038d5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.842217] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 13.783498] ================================================================== [ 13.784410] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 13.784727] Write of size 16 at addr ffff888103332169 by task kunit_try_catch/195 [ 13.785012] [ 13.785123] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.785178] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.785193] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.785219] Call Trace: [ 13.785234] <TASK> [ 13.785255] dump_stack_lvl+0x73/0xb0 [ 13.785288] print_report+0xd1/0x650 [ 13.785314] ? __virt_addr_valid+0x1db/0x2d0 [ 13.785341] ? kmalloc_oob_memset_16+0x166/0x330 [ 13.785366] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.785391] ? kmalloc_oob_memset_16+0x166/0x330 [ 13.785417] kasan_report+0x141/0x180 [ 13.785442] ? kmalloc_oob_memset_16+0x166/0x330 [ 13.785473] kasan_check_range+0x10c/0x1c0 [ 13.785500] __asan_memset+0x27/0x50 [ 13.785523] kmalloc_oob_memset_16+0x166/0x330 [ 13.785549] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 13.785576] ? __schedule+0x10cc/0x2b60 [ 13.785602] ? __pfx_read_tsc+0x10/0x10 [ 13.785627] ? ktime_get_ts64+0x86/0x230 [ 13.785685] kunit_try_run_case+0x1a5/0x480 [ 13.785714] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.785739] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.785766] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.785792] ? __kthread_parkme+0x82/0x180 [ 13.785816] ? preempt_count_sub+0x50/0x80 [ 13.785843] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.785912] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.785939] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.785965] kthread+0x337/0x6f0 [ 13.785988] ? trace_preempt_on+0x20/0xc0 [ 13.786015] ? __pfx_kthread+0x10/0x10 [ 13.786039] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.786063] ? calculate_sigpending+0x7b/0xa0 [ 13.786090] ? __pfx_kthread+0x10/0x10 [ 13.786114] ret_from_fork+0x116/0x1d0 [ 13.786136] ? __pfx_kthread+0x10/0x10 [ 13.786159] ret_from_fork_asm+0x1a/0x30 [ 13.786194] </TASK> [ 13.786206] [ 13.799477] Allocated by task 195: [ 13.799806] kasan_save_stack+0x45/0x70 [ 13.800077] kasan_save_track+0x18/0x40 [ 13.800283] kasan_save_alloc_info+0x3b/0x50 [ 13.800533] __kasan_kmalloc+0xb7/0xc0 [ 13.800996] __kmalloc_cache_noprof+0x189/0x420 [ 13.801277] kmalloc_oob_memset_16+0xac/0x330 [ 13.801606] kunit_try_run_case+0x1a5/0x480 [ 13.801961] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.802414] kthread+0x337/0x6f0 [ 13.802631] ret_from_fork+0x116/0x1d0 [ 13.803056] ret_from_fork_asm+0x1a/0x30 [ 13.803258] [ 13.803510] The buggy address belongs to the object at ffff888103332100 [ 13.803510] which belongs to the cache kmalloc-128 of size 128 [ 13.804264] The buggy address is located 105 bytes inside of [ 13.804264] allocated 120-byte region [ffff888103332100, ffff888103332178) [ 13.804973] [ 13.805093] The buggy address belongs to the physical page: [ 13.805511] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103332 [ 13.806072] flags: 0x200000000000000(node=0|zone=2) [ 13.806406] page_type: f5(slab) [ 13.806619] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.807259] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.807706] page dumped because: kasan: bad access detected [ 13.808142] [ 13.808237] Memory state around the buggy address: [ 13.808472] ffff888103332000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.808887] ffff888103332080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.809296] >ffff888103332100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 13.809831] ^ [ 13.810173] ffff888103332180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.810514] ffff888103332200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.811048] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 13.752222] ================================================================== [ 13.752772] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 13.753324] Write of size 8 at addr ffff888103332071 by task kunit_try_catch/193 [ 13.753640] [ 13.753905] CPU: 1 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.753969] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.753984] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.754010] Call Trace: [ 13.754026] <TASK> [ 13.754253] dump_stack_lvl+0x73/0xb0 [ 13.754365] print_report+0xd1/0x650 [ 13.754393] ? __virt_addr_valid+0x1db/0x2d0 [ 13.754432] ? kmalloc_oob_memset_8+0x166/0x330 [ 13.754458] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.754484] ? kmalloc_oob_memset_8+0x166/0x330 [ 13.754510] kasan_report+0x141/0x180 [ 13.754537] ? kmalloc_oob_memset_8+0x166/0x330 [ 13.754569] kasan_check_range+0x10c/0x1c0 [ 13.754597] __asan_memset+0x27/0x50 [ 13.754620] kmalloc_oob_memset_8+0x166/0x330 [ 13.754659] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 13.754686] ? __schedule+0x10cc/0x2b60 [ 13.754713] ? __pfx_read_tsc+0x10/0x10 [ 13.754739] ? ktime_get_ts64+0x86/0x230 [ 13.754769] kunit_try_run_case+0x1a5/0x480 [ 13.754829] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.754856] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.754884] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.754911] ? __kthread_parkme+0x82/0x180 [ 13.754936] ? preempt_count_sub+0x50/0x80 [ 13.754966] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.754994] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.755020] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.755047] kthread+0x337/0x6f0 [ 13.755070] ? trace_preempt_on+0x20/0xc0 [ 13.755099] ? __pfx_kthread+0x10/0x10 [ 13.755124] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.755148] ? calculate_sigpending+0x7b/0xa0 [ 13.755180] ? __pfx_kthread+0x10/0x10 [ 13.755209] ret_from_fork+0x116/0x1d0 [ 13.755231] ? __pfx_kthread+0x10/0x10 [ 13.755255] ret_from_fork_asm+0x1a/0x30 [ 13.755293] </TASK> [ 13.755308] [ 13.767716] Allocated by task 193: [ 13.767978] kasan_save_stack+0x45/0x70 [ 13.768292] kasan_save_track+0x18/0x40 [ 13.768591] kasan_save_alloc_info+0x3b/0x50 [ 13.769044] __kasan_kmalloc+0xb7/0xc0 [ 13.769250] __kmalloc_cache_noprof+0x189/0x420 [ 13.769719] kmalloc_oob_memset_8+0xac/0x330 [ 13.770116] kunit_try_run_case+0x1a5/0x480 [ 13.770396] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.770763] kthread+0x337/0x6f0 [ 13.771045] ret_from_fork+0x116/0x1d0 [ 13.771337] ret_from_fork_asm+0x1a/0x30 [ 13.771763] [ 13.771869] The buggy address belongs to the object at ffff888103332000 [ 13.771869] which belongs to the cache kmalloc-128 of size 128 [ 13.772876] The buggy address is located 113 bytes inside of [ 13.772876] allocated 120-byte region [ffff888103332000, ffff888103332078) [ 13.773612] [ 13.773727] The buggy address belongs to the physical page: [ 13.774400] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103332 [ 13.774984] flags: 0x200000000000000(node=0|zone=2) [ 13.775323] page_type: f5(slab) [ 13.775587] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.776005] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.776525] page dumped because: kasan: bad access detected [ 13.776850] [ 13.777072] Memory state around the buggy address: [ 13.777334] ffff888103331f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.777748] ffff888103331f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.778126] >ffff888103332000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 13.778450] ^ [ 13.779123] ffff888103332080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.779487] ffff888103332100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.779918] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 13.721281] ================================================================== [ 13.721883] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 13.722365] Write of size 4 at addr ffff8881029df975 by task kunit_try_catch/191 [ 13.723067] [ 13.723218] CPU: 0 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.723276] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.723384] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.723411] Call Trace: [ 13.723428] <TASK> [ 13.723450] dump_stack_lvl+0x73/0xb0 [ 13.723489] print_report+0xd1/0x650 [ 13.723544] ? __virt_addr_valid+0x1db/0x2d0 [ 13.723573] ? kmalloc_oob_memset_4+0x166/0x330 [ 13.723601] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.723627] ? kmalloc_oob_memset_4+0x166/0x330 [ 13.723687] kasan_report+0x141/0x180 [ 13.723714] ? kmalloc_oob_memset_4+0x166/0x330 [ 13.723762] kasan_check_range+0x10c/0x1c0 [ 13.723789] __asan_memset+0x27/0x50 [ 13.723891] kmalloc_oob_memset_4+0x166/0x330 [ 13.723921] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 13.723948] ? __schedule+0x10cc/0x2b60 [ 13.723975] ? __pfx_read_tsc+0x10/0x10 [ 13.724000] ? ktime_get_ts64+0x86/0x230 [ 13.724031] kunit_try_run_case+0x1a5/0x480 [ 13.724063] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.724088] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.724116] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.724142] ? __kthread_parkme+0x82/0x180 [ 13.724167] ? preempt_count_sub+0x50/0x80 [ 13.724195] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.724222] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.724248] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.724274] kthread+0x337/0x6f0 [ 13.724297] ? trace_preempt_on+0x20/0xc0 [ 13.724326] ? __pfx_kthread+0x10/0x10 [ 13.724349] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.724373] ? calculate_sigpending+0x7b/0xa0 [ 13.724403] ? __pfx_kthread+0x10/0x10 [ 13.724428] ret_from_fork+0x116/0x1d0 [ 13.724449] ? __pfx_kthread+0x10/0x10 [ 13.724472] ret_from_fork_asm+0x1a/0x30 [ 13.724509] </TASK> [ 13.724523] [ 13.735331] Allocated by task 191: [ 13.735542] kasan_save_stack+0x45/0x70 [ 13.735887] kasan_save_track+0x18/0x40 [ 13.736118] kasan_save_alloc_info+0x3b/0x50 [ 13.736350] __kasan_kmalloc+0xb7/0xc0 [ 13.736553] __kmalloc_cache_noprof+0x189/0x420 [ 13.737150] kmalloc_oob_memset_4+0xac/0x330 [ 13.737408] kunit_try_run_case+0x1a5/0x480 [ 13.737636] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.737901] kthread+0x337/0x6f0 [ 13.738146] ret_from_fork+0x116/0x1d0 [ 13.738693] ret_from_fork_asm+0x1a/0x30 [ 13.739225] [ 13.739353] The buggy address belongs to the object at ffff8881029df900 [ 13.739353] which belongs to the cache kmalloc-128 of size 128 [ 13.740344] The buggy address is located 117 bytes inside of [ 13.740344] allocated 120-byte region [ffff8881029df900, ffff8881029df978) [ 13.740843] [ 13.740966] The buggy address belongs to the physical page: [ 13.741406] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029df [ 13.742224] flags: 0x200000000000000(node=0|zone=2) [ 13.742519] page_type: f5(slab) [ 13.742735] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.743225] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.743688] page dumped because: kasan: bad access detected [ 13.743934] [ 13.744020] Memory state around the buggy address: [ 13.744204] ffff8881029df800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.744852] ffff8881029df880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.745399] >ffff8881029df900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 13.746995] ^ [ 13.747381] ffff8881029df980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.747693] ffff8881029dfa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.748373] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 13.688508] ================================================================== [ 13.689297] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 13.689629] Write of size 2 at addr ffff8881029df877 by task kunit_try_catch/189 [ 13.690098] [ 13.690514] CPU: 0 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.690578] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.690593] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.690618] Call Trace: [ 13.690634] <TASK> [ 13.690670] dump_stack_lvl+0x73/0xb0 [ 13.690706] print_report+0xd1/0x650 [ 13.690732] ? __virt_addr_valid+0x1db/0x2d0 [ 13.691163] ? kmalloc_oob_memset_2+0x166/0x330 [ 13.691195] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.691222] ? kmalloc_oob_memset_2+0x166/0x330 [ 13.691248] kasan_report+0x141/0x180 [ 13.691274] ? kmalloc_oob_memset_2+0x166/0x330 [ 13.691305] kasan_check_range+0x10c/0x1c0 [ 13.691333] __asan_memset+0x27/0x50 [ 13.691355] kmalloc_oob_memset_2+0x166/0x330 [ 13.691381] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 13.691408] ? __schedule+0x10cc/0x2b60 [ 13.691434] ? __pfx_read_tsc+0x10/0x10 [ 13.691459] ? ktime_get_ts64+0x86/0x230 [ 13.691487] kunit_try_run_case+0x1a5/0x480 [ 13.691517] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.691542] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.691569] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.691596] ? __kthread_parkme+0x82/0x180 [ 13.691619] ? preempt_count_sub+0x50/0x80 [ 13.691663] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.691690] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.691716] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.691742] kthread+0x337/0x6f0 [ 13.691765] ? trace_preempt_on+0x20/0xc0 [ 13.691793] ? __pfx_kthread+0x10/0x10 [ 13.691818] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.691843] ? calculate_sigpending+0x7b/0xa0 [ 13.691871] ? __pfx_kthread+0x10/0x10 [ 13.691896] ret_from_fork+0x116/0x1d0 [ 13.691917] ? __pfx_kthread+0x10/0x10 [ 13.691941] ret_from_fork_asm+0x1a/0x30 [ 13.691977] </TASK> [ 13.691992] [ 13.705580] Allocated by task 189: [ 13.705888] kasan_save_stack+0x45/0x70 [ 13.706114] kasan_save_track+0x18/0x40 [ 13.706341] kasan_save_alloc_info+0x3b/0x50 [ 13.706700] __kasan_kmalloc+0xb7/0xc0 [ 13.707019] __kmalloc_cache_noprof+0x189/0x420 [ 13.707294] kmalloc_oob_memset_2+0xac/0x330 [ 13.707516] kunit_try_run_case+0x1a5/0x480 [ 13.707768] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.708152] kthread+0x337/0x6f0 [ 13.708525] ret_from_fork+0x116/0x1d0 [ 13.708955] ret_from_fork_asm+0x1a/0x30 [ 13.709182] [ 13.709274] The buggy address belongs to the object at ffff8881029df800 [ 13.709274] which belongs to the cache kmalloc-128 of size 128 [ 13.710166] The buggy address is located 119 bytes inside of [ 13.710166] allocated 120-byte region [ffff8881029df800, ffff8881029df878) [ 13.710987] [ 13.711088] The buggy address belongs to the physical page: [ 13.711345] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029df [ 13.711845] flags: 0x200000000000000(node=0|zone=2) [ 13.712218] page_type: f5(slab) [ 13.712434] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.712824] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.713493] page dumped because: kasan: bad access detected [ 13.713800] [ 13.713955] Memory state around the buggy address: [ 13.714341] ffff8881029df700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.714738] ffff8881029df780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.715057] >ffff8881029df800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 13.715618] ^ [ 13.716233] ffff8881029df880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.716581] ffff8881029df900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.716986] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 13.653110] ================================================================== [ 13.654526] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 13.655924] Write of size 128 at addr ffff8881029df700 by task kunit_try_catch/187 [ 13.656646] [ 13.657136] CPU: 0 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.657203] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.657347] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.657380] Call Trace: [ 13.657398] <TASK> [ 13.657480] dump_stack_lvl+0x73/0xb0 [ 13.657529] print_report+0xd1/0x650 [ 13.657557] ? __virt_addr_valid+0x1db/0x2d0 [ 13.657587] ? kmalloc_oob_in_memset+0x15f/0x320 [ 13.657615] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.657642] ? kmalloc_oob_in_memset+0x15f/0x320 [ 13.657681] kasan_report+0x141/0x180 [ 13.657707] ? kmalloc_oob_in_memset+0x15f/0x320 [ 13.657738] kasan_check_range+0x10c/0x1c0 [ 13.657810] __asan_memset+0x27/0x50 [ 13.657835] kmalloc_oob_in_memset+0x15f/0x320 [ 13.657862] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 13.658059] ? __schedule+0x10cc/0x2b60 [ 13.658090] ? __pfx_read_tsc+0x10/0x10 [ 13.658117] ? ktime_get_ts64+0x86/0x230 [ 13.658150] kunit_try_run_case+0x1a5/0x480 [ 13.658182] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.658209] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.658237] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.658264] ? __kthread_parkme+0x82/0x180 [ 13.658290] ? preempt_count_sub+0x50/0x80 [ 13.658320] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.658348] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.658375] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.658402] kthread+0x337/0x6f0 [ 13.658433] ? trace_preempt_on+0x20/0xc0 [ 13.658461] ? __pfx_kthread+0x10/0x10 [ 13.658485] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.658510] ? calculate_sigpending+0x7b/0xa0 [ 13.658539] ? __pfx_kthread+0x10/0x10 [ 13.658564] ret_from_fork+0x116/0x1d0 [ 13.658586] ? __pfx_kthread+0x10/0x10 [ 13.658610] ret_from_fork_asm+0x1a/0x30 [ 13.658660] </TASK> [ 13.658675] [ 13.673454] Allocated by task 187: [ 13.673723] kasan_save_stack+0x45/0x70 [ 13.674127] kasan_save_track+0x18/0x40 [ 13.674365] kasan_save_alloc_info+0x3b/0x50 [ 13.674618] __kasan_kmalloc+0xb7/0xc0 [ 13.674906] __kmalloc_cache_noprof+0x189/0x420 [ 13.675097] kmalloc_oob_in_memset+0xac/0x320 [ 13.675384] kunit_try_run_case+0x1a5/0x480 [ 13.675670] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.676183] kthread+0x337/0x6f0 [ 13.676434] ret_from_fork+0x116/0x1d0 [ 13.676677] ret_from_fork_asm+0x1a/0x30 [ 13.676932] [ 13.677055] The buggy address belongs to the object at ffff8881029df700 [ 13.677055] which belongs to the cache kmalloc-128 of size 128 [ 13.677821] The buggy address is located 0 bytes inside of [ 13.677821] allocated 120-byte region [ffff8881029df700, ffff8881029df778) [ 13.678458] [ 13.678585] The buggy address belongs to the physical page: [ 13.679007] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029df [ 13.679409] flags: 0x200000000000000(node=0|zone=2) [ 13.679719] page_type: f5(slab) [ 13.679914] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.680415] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.681012] page dumped because: kasan: bad access detected [ 13.681294] [ 13.681407] Memory state around the buggy address: [ 13.681695] ffff8881029df600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.682072] ffff8881029df680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.682410] >ffff8881029df700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 13.682961] ^ [ 13.683340] ffff8881029df780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.683717] ffff8881029df800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.684180] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 13.614435] ================================================================== [ 13.615000] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 13.615408] Read of size 16 at addr ffff888101886880 by task kunit_try_catch/185 [ 13.615985] [ 13.616321] CPU: 1 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.616452] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.616535] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.616563] Call Trace: [ 13.616581] <TASK> [ 13.616607] dump_stack_lvl+0x73/0xb0 [ 13.616660] print_report+0xd1/0x650 [ 13.616687] ? __virt_addr_valid+0x1db/0x2d0 [ 13.616717] ? kmalloc_uaf_16+0x47b/0x4c0 [ 13.616741] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.616767] ? kmalloc_uaf_16+0x47b/0x4c0 [ 13.616794] kasan_report+0x141/0x180 [ 13.616954] ? kmalloc_uaf_16+0x47b/0x4c0 [ 13.616987] __asan_report_load16_noabort+0x18/0x20 [ 13.617016] kmalloc_uaf_16+0x47b/0x4c0 [ 13.617041] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 13.617066] ? __schedule+0x10cc/0x2b60 [ 13.617094] ? __pfx_read_tsc+0x10/0x10 [ 13.617120] ? ktime_get_ts64+0x86/0x230 [ 13.617150] kunit_try_run_case+0x1a5/0x480 [ 13.617181] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.617207] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.617235] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.617261] ? __kthread_parkme+0x82/0x180 [ 13.617286] ? preempt_count_sub+0x50/0x80 [ 13.617314] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.617341] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.617367] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.617393] kthread+0x337/0x6f0 [ 13.617417] ? trace_preempt_on+0x20/0xc0 [ 13.617445] ? __pfx_kthread+0x10/0x10 [ 13.617469] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.617493] ? calculate_sigpending+0x7b/0xa0 [ 13.617522] ? __pfx_kthread+0x10/0x10 [ 13.617547] ret_from_fork+0x116/0x1d0 [ 13.617568] ? __pfx_kthread+0x10/0x10 [ 13.617592] ret_from_fork_asm+0x1a/0x30 [ 13.617629] </TASK> [ 13.617643] [ 13.631014] Allocated by task 185: [ 13.631527] kasan_save_stack+0x45/0x70 [ 13.631949] kasan_save_track+0x18/0x40 [ 13.632360] kasan_save_alloc_info+0x3b/0x50 [ 13.632855] __kasan_kmalloc+0xb7/0xc0 [ 13.633283] __kmalloc_cache_noprof+0x189/0x420 [ 13.633672] kmalloc_uaf_16+0x15b/0x4c0 [ 13.634048] kunit_try_run_case+0x1a5/0x480 [ 13.634349] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.634767] kthread+0x337/0x6f0 [ 13.635178] ret_from_fork+0x116/0x1d0 [ 13.635605] ret_from_fork_asm+0x1a/0x30 [ 13.635945] [ 13.636035] Freed by task 185: [ 13.636233] kasan_save_stack+0x45/0x70 [ 13.636417] kasan_save_track+0x18/0x40 [ 13.636661] kasan_save_free_info+0x3f/0x60 [ 13.637236] __kasan_slab_free+0x56/0x70 [ 13.637432] kfree+0x222/0x3f0 [ 13.637921] kmalloc_uaf_16+0x1d6/0x4c0 [ 13.638162] kunit_try_run_case+0x1a5/0x480 [ 13.638613] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.639138] kthread+0x337/0x6f0 [ 13.639574] ret_from_fork+0x116/0x1d0 [ 13.639782] ret_from_fork_asm+0x1a/0x30 [ 13.640020] [ 13.640387] The buggy address belongs to the object at ffff888101886880 [ 13.640387] which belongs to the cache kmalloc-16 of size 16 [ 13.641358] The buggy address is located 0 bytes inside of [ 13.641358] freed 16-byte region [ffff888101886880, ffff888101886890) [ 13.642332] [ 13.642470] The buggy address belongs to the physical page: [ 13.643050] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101886 [ 13.643597] flags: 0x200000000000000(node=0|zone=2) [ 13.644026] page_type: f5(slab) [ 13.644211] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.644676] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.645259] page dumped because: kasan: bad access detected [ 13.645556] [ 13.645962] Memory state around the buggy address: [ 13.646218] ffff888101886780: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.646671] ffff888101886800: fa fb fc fc fa fb fc fc fa fb fc fc 00 00 fc fc [ 13.647334] >ffff888101886880: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.647835] ^ [ 13.648150] ffff888101886900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.648816] ffff888101886980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.649301] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 13.583098] ================================================================== [ 13.583676] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 13.584398] Write of size 16 at addr ffff888101886820 by task kunit_try_catch/183 [ 13.585110] [ 13.585445] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.585508] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.585523] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.585549] Call Trace: [ 13.585565] <TASK> [ 13.585588] dump_stack_lvl+0x73/0xb0 [ 13.585627] print_report+0xd1/0x650 [ 13.585667] ? __virt_addr_valid+0x1db/0x2d0 [ 13.585696] ? kmalloc_oob_16+0x452/0x4a0 [ 13.585720] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.585746] ? kmalloc_oob_16+0x452/0x4a0 [ 13.585783] kasan_report+0x141/0x180 [ 13.585809] ? kmalloc_oob_16+0x452/0x4a0 [ 13.585839] __asan_report_store16_noabort+0x1b/0x30 [ 13.585863] kmalloc_oob_16+0x452/0x4a0 [ 13.585887] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 13.585913] ? __schedule+0x10cc/0x2b60 [ 13.585940] ? __pfx_read_tsc+0x10/0x10 [ 13.585965] ? ktime_get_ts64+0x86/0x230 [ 13.585996] kunit_try_run_case+0x1a5/0x480 [ 13.586027] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.586053] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.586081] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.586107] ? __kthread_parkme+0x82/0x180 [ 13.586132] ? preempt_count_sub+0x50/0x80 [ 13.586160] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.586188] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.586214] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.586241] kthread+0x337/0x6f0 [ 13.586263] ? trace_preempt_on+0x20/0xc0 [ 13.586291] ? __pfx_kthread+0x10/0x10 [ 13.586315] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.586339] ? calculate_sigpending+0x7b/0xa0 [ 13.586368] ? __pfx_kthread+0x10/0x10 [ 13.586393] ret_from_fork+0x116/0x1d0 [ 13.586416] ? __pfx_kthread+0x10/0x10 [ 13.586444] ret_from_fork_asm+0x1a/0x30 [ 13.586482] </TASK> [ 13.586494] [ 13.597937] Allocated by task 183: [ 13.598332] kasan_save_stack+0x45/0x70 [ 13.598524] kasan_save_track+0x18/0x40 [ 13.598857] kasan_save_alloc_info+0x3b/0x50 [ 13.599063] __kasan_kmalloc+0xb7/0xc0 [ 13.599223] __kmalloc_cache_noprof+0x189/0x420 [ 13.599682] kmalloc_oob_16+0xa8/0x4a0 [ 13.599974] kunit_try_run_case+0x1a5/0x480 [ 13.600157] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.600519] kthread+0x337/0x6f0 [ 13.600727] ret_from_fork+0x116/0x1d0 [ 13.600987] ret_from_fork_asm+0x1a/0x30 [ 13.601161] [ 13.601259] The buggy address belongs to the object at ffff888101886820 [ 13.601259] which belongs to the cache kmalloc-16 of size 16 [ 13.601949] The buggy address is located 0 bytes inside of [ 13.601949] allocated 13-byte region [ffff888101886820, ffff88810188682d) [ 13.602658] [ 13.602769] The buggy address belongs to the physical page: [ 13.603030] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101886 [ 13.603324] flags: 0x200000000000000(node=0|zone=2) [ 13.603683] page_type: f5(slab) [ 13.603925] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.605133] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.605546] page dumped because: kasan: bad access detected [ 13.605891] [ 13.606048] Memory state around the buggy address: [ 13.606325] ffff888101886700: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.606735] ffff888101886780: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.607106] >ffff888101886800: fa fb fc fc 00 05 fc fc 00 00 fc fc fc fc fc fc [ 13.607771] ^ [ 13.608149] ffff888101886880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.608687] ffff888101886900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.609204] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 13.545443] ================================================================== [ 13.545861] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 13.546536] Read of size 1 at addr ffff888100ab1000 by task kunit_try_catch/181 [ 13.547125] [ 13.547373] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.547430] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.547445] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.547471] Call Trace: [ 13.547494] <TASK> [ 13.547517] dump_stack_lvl+0x73/0xb0 [ 13.547640] print_report+0xd1/0x650 [ 13.547681] ? __virt_addr_valid+0x1db/0x2d0 [ 13.547708] ? krealloc_uaf+0x53c/0x5e0 [ 13.547733] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.547769] ? krealloc_uaf+0x53c/0x5e0 [ 13.547867] kasan_report+0x141/0x180 [ 13.547899] ? krealloc_uaf+0x53c/0x5e0 [ 13.547932] __asan_report_load1_noabort+0x18/0x20 [ 13.547962] krealloc_uaf+0x53c/0x5e0 [ 13.547987] ? __pfx_krealloc_uaf+0x10/0x10 [ 13.548012] ? finish_task_switch.isra.0+0x153/0x700 [ 13.548049] ? __switch_to+0x47/0xf50 [ 13.548079] ? __schedule+0x10cc/0x2b60 [ 13.548118] ? __pfx_read_tsc+0x10/0x10 [ 13.548142] ? ktime_get_ts64+0x86/0x230 [ 13.548170] kunit_try_run_case+0x1a5/0x480 [ 13.548198] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.548224] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.548251] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.548277] ? __kthread_parkme+0x82/0x180 [ 13.548300] ? preempt_count_sub+0x50/0x80 [ 13.548325] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.548352] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.548378] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.548404] kthread+0x337/0x6f0 [ 13.548426] ? trace_preempt_on+0x20/0xc0 [ 13.548453] ? __pfx_kthread+0x10/0x10 [ 13.548477] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.548500] ? calculate_sigpending+0x7b/0xa0 [ 13.548528] ? __pfx_kthread+0x10/0x10 [ 13.548552] ret_from_fork+0x116/0x1d0 [ 13.548573] ? __pfx_kthread+0x10/0x10 [ 13.548597] ret_from_fork_asm+0x1a/0x30 [ 13.548633] </TASK> [ 13.548645] [ 13.558408] Allocated by task 181: [ 13.558639] kasan_save_stack+0x45/0x70 [ 13.558925] kasan_save_track+0x18/0x40 [ 13.559152] kasan_save_alloc_info+0x3b/0x50 [ 13.559534] __kasan_kmalloc+0xb7/0xc0 [ 13.560097] __kmalloc_cache_noprof+0x189/0x420 [ 13.560386] krealloc_uaf+0xbb/0x5e0 [ 13.560599] kunit_try_run_case+0x1a5/0x480 [ 13.561393] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.562293] kthread+0x337/0x6f0 [ 13.562974] ret_from_fork+0x116/0x1d0 [ 13.563209] ret_from_fork_asm+0x1a/0x30 [ 13.563436] [ 13.563548] Freed by task 181: [ 13.563737] kasan_save_stack+0x45/0x70 [ 13.564434] kasan_save_track+0x18/0x40 [ 13.565139] kasan_save_free_info+0x3f/0x60 [ 13.565380] __kasan_slab_free+0x56/0x70 [ 13.565602] kfree+0x222/0x3f0 [ 13.566096] krealloc_uaf+0x13d/0x5e0 [ 13.566392] kunit_try_run_case+0x1a5/0x480 [ 13.566673] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.567315] kthread+0x337/0x6f0 [ 13.567946] ret_from_fork+0x116/0x1d0 [ 13.568282] ret_from_fork_asm+0x1a/0x30 [ 13.568689] [ 13.568998] The buggy address belongs to the object at ffff888100ab1000 [ 13.568998] which belongs to the cache kmalloc-256 of size 256 [ 13.569630] The buggy address is located 0 bytes inside of [ 13.569630] freed 256-byte region [ffff888100ab1000, ffff888100ab1100) [ 13.570282] [ 13.570388] The buggy address belongs to the physical page: [ 13.570681] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100ab0 [ 13.571393] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.571751] flags: 0x200000000000040(head|node=0|zone=2) [ 13.571974] page_type: f5(slab) [ 13.572123] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.572427] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.573010] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.573341] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.573792] head: 0200000000000001 ffffea000402ac01 00000000ffffffff 00000000ffffffff [ 13.574194] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 13.574601] page dumped because: kasan: bad access detected [ 13.574863] [ 13.574952] Memory state around the buggy address: [ 13.575174] ffff888100ab0f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.575635] ffff888100ab0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.576281] >ffff888100ab1000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.576660] ^ [ 13.576911] ffff888100ab1080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.577340] ffff888100ab1100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.577615] ================================================================== [ 13.511951] ================================================================== [ 13.512599] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 13.513063] Read of size 1 at addr ffff888100ab1000 by task kunit_try_catch/181 [ 13.513581] [ 13.513723] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.513830] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.513846] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.513892] Call Trace: [ 13.513907] <TASK> [ 13.513928] dump_stack_lvl+0x73/0xb0 [ 13.514017] print_report+0xd1/0x650 [ 13.514047] ? __virt_addr_valid+0x1db/0x2d0 [ 13.514134] ? krealloc_uaf+0x1b8/0x5e0 [ 13.514159] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.514199] ? krealloc_uaf+0x1b8/0x5e0 [ 13.514225] kasan_report+0x141/0x180 [ 13.514250] ? krealloc_uaf+0x1b8/0x5e0 [ 13.514278] ? krealloc_uaf+0x1b8/0x5e0 [ 13.514303] __kasan_check_byte+0x3d/0x50 [ 13.514328] krealloc_noprof+0x3f/0x340 [ 13.514352] ? __kasan_slab_free+0x61/0x70 [ 13.514377] krealloc_uaf+0x1b8/0x5e0 [ 13.514402] ? __pfx_krealloc_uaf+0x10/0x10 [ 13.514430] ? finish_task_switch.isra.0+0x153/0x700 [ 13.514456] ? __switch_to+0x47/0xf50 [ 13.514487] ? __schedule+0x10cc/0x2b60 [ 13.514512] ? __pfx_read_tsc+0x10/0x10 [ 13.514536] ? ktime_get_ts64+0x86/0x230 [ 13.514565] kunit_try_run_case+0x1a5/0x480 [ 13.514595] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.514620] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.514658] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.514684] ? __kthread_parkme+0x82/0x180 [ 13.514746] ? preempt_count_sub+0x50/0x80 [ 13.514772] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.514811] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.514837] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.514863] kthread+0x337/0x6f0 [ 13.514886] ? trace_preempt_on+0x20/0xc0 [ 13.514913] ? __pfx_kthread+0x10/0x10 [ 13.514936] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.514962] ? calculate_sigpending+0x7b/0xa0 [ 13.514990] ? __pfx_kthread+0x10/0x10 [ 13.515015] ret_from_fork+0x116/0x1d0 [ 13.515036] ? __pfx_kthread+0x10/0x10 [ 13.515059] ret_from_fork_asm+0x1a/0x30 [ 13.515096] </TASK> [ 13.515110] [ 13.526296] Allocated by task 181: [ 13.526986] kasan_save_stack+0x45/0x70 [ 13.527286] kasan_save_track+0x18/0x40 [ 13.527509] kasan_save_alloc_info+0x3b/0x50 [ 13.527697] __kasan_kmalloc+0xb7/0xc0 [ 13.527854] __kmalloc_cache_noprof+0x189/0x420 [ 13.528278] krealloc_uaf+0xbb/0x5e0 [ 13.528838] kunit_try_run_case+0x1a5/0x480 [ 13.529174] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.529465] kthread+0x337/0x6f0 [ 13.529690] ret_from_fork+0x116/0x1d0 [ 13.530105] ret_from_fork_asm+0x1a/0x30 [ 13.530337] [ 13.530559] Freed by task 181: [ 13.530757] kasan_save_stack+0x45/0x70 [ 13.531014] kasan_save_track+0x18/0x40 [ 13.531212] kasan_save_free_info+0x3f/0x60 [ 13.531421] __kasan_slab_free+0x56/0x70 [ 13.531668] kfree+0x222/0x3f0 [ 13.532043] krealloc_uaf+0x13d/0x5e0 [ 13.532282] kunit_try_run_case+0x1a5/0x480 [ 13.532603] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.533311] kthread+0x337/0x6f0 [ 13.533540] ret_from_fork+0x116/0x1d0 [ 13.533906] ret_from_fork_asm+0x1a/0x30 [ 13.534114] [ 13.534199] The buggy address belongs to the object at ffff888100ab1000 [ 13.534199] which belongs to the cache kmalloc-256 of size 256 [ 13.535145] The buggy address is located 0 bytes inside of [ 13.535145] freed 256-byte region [ffff888100ab1000, ffff888100ab1100) [ 13.535676] [ 13.535917] The buggy address belongs to the physical page: [ 13.536300] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100ab0 [ 13.536761] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.537303] flags: 0x200000000000040(head|node=0|zone=2) [ 13.537635] page_type: f5(slab) [ 13.537925] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.538394] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.538907] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.539313] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.539663] head: 0200000000000001 ffffea000402ac01 00000000ffffffff 00000000ffffffff [ 13.540276] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 13.540692] page dumped because: kasan: bad access detected [ 13.541117] [ 13.541211] Memory state around the buggy address: [ 13.541980] ffff888100ab0f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.542399] ffff888100ab0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.542873] >ffff888100ab1000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.543246] ^ [ 13.543581] ffff888100ab1080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.544158] ffff888100ab1100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.544604] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 13.254362] ================================================================== [ 13.254789] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 13.255328] Write of size 1 at addr ffff8881003416da by task kunit_try_catch/175 [ 13.256122] [ 13.256422] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.256574] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.256591] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.256618] Call Trace: [ 13.256634] <TASK> [ 13.256676] dump_stack_lvl+0x73/0xb0 [ 13.256715] print_report+0xd1/0x650 [ 13.256742] ? __virt_addr_valid+0x1db/0x2d0 [ 13.256771] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 13.256798] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.256823] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 13.256850] kasan_report+0x141/0x180 [ 13.256876] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 13.256909] __asan_report_store1_noabort+0x1b/0x30 [ 13.256932] krealloc_less_oob_helper+0xec6/0x11d0 [ 13.256962] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 13.256989] ? irqentry_exit+0x2a/0x60 [ 13.257015] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.257048] ? __pfx_krealloc_less_oob+0x10/0x10 [ 13.257078] krealloc_less_oob+0x1c/0x30 [ 13.257102] kunit_try_run_case+0x1a5/0x480 [ 13.257132] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.257157] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.257185] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.257211] ? __kthread_parkme+0x82/0x180 [ 13.257235] ? preempt_count_sub+0x50/0x80 [ 13.257265] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.257291] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.257317] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.257343] kthread+0x337/0x6f0 [ 13.257365] ? trace_preempt_on+0x20/0xc0 [ 13.257393] ? __pfx_kthread+0x10/0x10 [ 13.257416] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.257441] ? calculate_sigpending+0x7b/0xa0 [ 13.257469] ? __pfx_kthread+0x10/0x10 [ 13.257494] ret_from_fork+0x116/0x1d0 [ 13.257517] ? __pfx_kthread+0x10/0x10 [ 13.257541] ret_from_fork_asm+0x1a/0x30 [ 13.257578] </TASK> [ 13.257591] [ 13.267639] Allocated by task 175: [ 13.267818] kasan_save_stack+0x45/0x70 [ 13.267992] kasan_save_track+0x18/0x40 [ 13.268213] kasan_save_alloc_info+0x3b/0x50 [ 13.268963] __kasan_krealloc+0x190/0x1f0 [ 13.269147] krealloc_noprof+0xf3/0x340 [ 13.269380] krealloc_less_oob_helper+0x1aa/0x11d0 [ 13.269691] krealloc_less_oob+0x1c/0x30 [ 13.269987] kunit_try_run_case+0x1a5/0x480 [ 13.270242] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.270569] kthread+0x337/0x6f0 [ 13.270823] ret_from_fork+0x116/0x1d0 [ 13.271014] ret_from_fork_asm+0x1a/0x30 [ 13.271232] [ 13.271425] The buggy address belongs to the object at ffff888100341600 [ 13.271425] which belongs to the cache kmalloc-256 of size 256 [ 13.272323] The buggy address is located 17 bytes to the right of [ 13.272323] allocated 201-byte region [ffff888100341600, ffff8881003416c9) [ 13.273055] [ 13.273183] The buggy address belongs to the physical page: [ 13.273581] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100340 [ 13.274239] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.274600] flags: 0x200000000000040(head|node=0|zone=2) [ 13.274933] page_type: f5(slab) [ 13.275236] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.275606] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.276271] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.276749] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.277195] head: 0200000000000001 ffffea000400d001 00000000ffffffff 00000000ffffffff [ 13.277556] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 13.278082] page dumped because: kasan: bad access detected [ 13.278396] [ 13.278516] Memory state around the buggy address: [ 13.278737] ffff888100341580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.278987] ffff888100341600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.279374] >ffff888100341680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 13.279769] ^ [ 13.279991] ffff888100341700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.280561] ffff888100341780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.281052] ================================================================== [ 13.415821] ================================================================== [ 13.416533] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 13.417337] Write of size 1 at addr ffff8881026f20d0 by task kunit_try_catch/179 [ 13.417919] [ 13.418323] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.418507] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.418526] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.418552] Call Trace: [ 13.418569] <TASK> [ 13.418591] dump_stack_lvl+0x73/0xb0 [ 13.418630] print_report+0xd1/0x650 [ 13.418673] ? __virt_addr_valid+0x1db/0x2d0 [ 13.418701] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 13.418729] ? kasan_addr_to_slab+0x11/0xa0 [ 13.418752] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 13.418789] kasan_report+0x141/0x180 [ 13.418824] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 13.418858] __asan_report_store1_noabort+0x1b/0x30 [ 13.418882] krealloc_less_oob_helper+0xe23/0x11d0 [ 13.418911] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 13.418940] ? __schedule+0x207f/0x2b60 [ 13.418964] ? schedule+0x7c/0x2e0 [ 13.418986] ? trace_hardirqs_on+0x37/0xe0 [ 13.419014] ? __schedule+0x207f/0x2b60 [ 13.419038] ? __pfx_read_tsc+0x10/0x10 [ 13.419066] krealloc_large_less_oob+0x1c/0x30 [ 13.419092] kunit_try_run_case+0x1a5/0x480 [ 13.419121] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.419146] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.419172] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.419198] ? __kthread_parkme+0x82/0x180 [ 13.419222] ? preempt_count_sub+0x50/0x80 [ 13.419250] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.419277] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.419303] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.419329] kthread+0x337/0x6f0 [ 13.419351] ? trace_preempt_on+0x20/0xc0 [ 13.419376] ? __pfx_kthread+0x10/0x10 [ 13.419401] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.419425] ? calculate_sigpending+0x7b/0xa0 [ 13.419453] ? __pfx_kthread+0x10/0x10 [ 13.419477] ret_from_fork+0x116/0x1d0 [ 13.419498] ? __pfx_kthread+0x10/0x10 [ 13.419522] ret_from_fork_asm+0x1a/0x30 [ 13.419559] </TASK> [ 13.419573] [ 13.433248] The buggy address belongs to the physical page: [ 13.433600] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f0 [ 13.434529] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.435052] flags: 0x200000000000040(head|node=0|zone=2) [ 13.435347] page_type: f8(unknown) [ 13.435556] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.436044] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.436821] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.437176] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.437590] head: 0200000000000002 ffffea000409bc01 00000000ffffffff 00000000ffffffff [ 13.438298] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.438697] page dumped because: kasan: bad access detected [ 13.438968] [ 13.439126] Memory state around the buggy address: [ 13.439452] ffff8881026f1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.439980] ffff8881026f2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.440354] >ffff8881026f2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 13.440734] ^ [ 13.440993] ffff8881026f2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.441410] ffff8881026f2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.441831] ================================================================== [ 13.465869] ================================================================== [ 13.466339] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 13.466753] Write of size 1 at addr ffff8881026f20ea by task kunit_try_catch/179 [ 13.467091] [ 13.467201] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.467253] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.467267] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.467293] Call Trace: [ 13.467314] <TASK> [ 13.467335] dump_stack_lvl+0x73/0xb0 [ 13.467367] print_report+0xd1/0x650 [ 13.467393] ? __virt_addr_valid+0x1db/0x2d0 [ 13.467421] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 13.467505] ? kasan_addr_to_slab+0x11/0xa0 [ 13.467545] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 13.467573] kasan_report+0x141/0x180 [ 13.467599] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 13.467633] __asan_report_store1_noabort+0x1b/0x30 [ 13.467667] krealloc_less_oob_helper+0xe90/0x11d0 [ 13.467697] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 13.467726] ? __schedule+0x207f/0x2b60 [ 13.467750] ? schedule+0x7c/0x2e0 [ 13.467772] ? trace_hardirqs_on+0x37/0xe0 [ 13.467838] ? __schedule+0x207f/0x2b60 [ 13.467863] ? __pfx_read_tsc+0x10/0x10 [ 13.467905] krealloc_large_less_oob+0x1c/0x30 [ 13.467932] kunit_try_run_case+0x1a5/0x480 [ 13.467974] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.468001] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.468028] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.468055] ? __kthread_parkme+0x82/0x180 [ 13.468089] ? preempt_count_sub+0x50/0x80 [ 13.468118] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.468145] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.468183] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.468210] kthread+0x337/0x6f0 [ 13.468232] ? trace_preempt_on+0x20/0xc0 [ 13.468257] ? __pfx_kthread+0x10/0x10 [ 13.468281] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.468305] ? calculate_sigpending+0x7b/0xa0 [ 13.468333] ? __pfx_kthread+0x10/0x10 [ 13.468358] ret_from_fork+0x116/0x1d0 [ 13.468380] ? __pfx_kthread+0x10/0x10 [ 13.468404] ret_from_fork_asm+0x1a/0x30 [ 13.468441] </TASK> [ 13.468454] [ 13.478553] The buggy address belongs to the physical page: [ 13.478879] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f0 [ 13.479337] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.479721] flags: 0x200000000000040(head|node=0|zone=2) [ 13.479976] page_type: f8(unknown) [ 13.480207] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.480867] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.481389] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.481780] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.482323] head: 0200000000000002 ffffea000409bc01 00000000ffffffff 00000000ffffffff [ 13.482735] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.483248] page dumped because: kasan: bad access detected [ 13.483562] [ 13.483661] Memory state around the buggy address: [ 13.483851] ffff8881026f1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.484260] ffff8881026f2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.484643] >ffff8881026f2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 13.485029] ^ [ 13.485355] ffff8881026f2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.486012] ffff8881026f2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.486482] ================================================================== [ 13.183347] ================================================================== [ 13.183941] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 13.184248] Write of size 1 at addr ffff8881003416c9 by task kunit_try_catch/175 [ 13.184518] [ 13.184627] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.185159] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.185179] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.185206] Call Trace: [ 13.185221] <TASK> [ 13.185254] dump_stack_lvl+0x73/0xb0 [ 13.185292] print_report+0xd1/0x650 [ 13.185318] ? __virt_addr_valid+0x1db/0x2d0 [ 13.185346] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 13.185373] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.185399] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 13.185427] kasan_report+0x141/0x180 [ 13.185452] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 13.185486] __asan_report_store1_noabort+0x1b/0x30 [ 13.185510] krealloc_less_oob_helper+0xd70/0x11d0 [ 13.185540] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 13.185566] ? irqentry_exit+0x2a/0x60 [ 13.185591] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.185625] ? __pfx_krealloc_less_oob+0x10/0x10 [ 13.185665] krealloc_less_oob+0x1c/0x30 [ 13.185690] kunit_try_run_case+0x1a5/0x480 [ 13.185719] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.185744] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.185813] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.185839] ? __kthread_parkme+0x82/0x180 [ 13.185863] ? preempt_count_sub+0x50/0x80 [ 13.185892] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.185919] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.185945] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.185971] kthread+0x337/0x6f0 [ 13.185993] ? trace_preempt_on+0x20/0xc0 [ 13.186021] ? __pfx_kthread+0x10/0x10 [ 13.186044] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.186068] ? calculate_sigpending+0x7b/0xa0 [ 13.186096] ? __pfx_kthread+0x10/0x10 [ 13.186120] ret_from_fork+0x116/0x1d0 [ 13.186142] ? __pfx_kthread+0x10/0x10 [ 13.186166] ret_from_fork_asm+0x1a/0x30 [ 13.186202] </TASK> [ 13.186214] [ 13.200097] Allocated by task 175: [ 13.200331] kasan_save_stack+0x45/0x70 [ 13.200580] kasan_save_track+0x18/0x40 [ 13.200929] kasan_save_alloc_info+0x3b/0x50 [ 13.201132] __kasan_krealloc+0x190/0x1f0 [ 13.201293] krealloc_noprof+0xf3/0x340 [ 13.201511] krealloc_less_oob_helper+0x1aa/0x11d0 [ 13.201878] krealloc_less_oob+0x1c/0x30 [ 13.202147] kunit_try_run_case+0x1a5/0x480 [ 13.202412] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.202741] kthread+0x337/0x6f0 [ 13.202940] ret_from_fork+0x116/0x1d0 [ 13.203236] ret_from_fork_asm+0x1a/0x30 [ 13.203419] [ 13.203504] The buggy address belongs to the object at ffff888100341600 [ 13.203504] which belongs to the cache kmalloc-256 of size 256 [ 13.204402] The buggy address is located 0 bytes to the right of [ 13.204402] allocated 201-byte region [ffff888100341600, ffff8881003416c9) [ 13.205515] [ 13.206160] The buggy address belongs to the physical page: [ 13.206456] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100340 [ 13.207311] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.207679] flags: 0x200000000000040(head|node=0|zone=2) [ 13.208185] page_type: f5(slab) [ 13.208607] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.209246] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.209800] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.210458] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.211152] head: 0200000000000001 ffffea000400d001 00000000ffffffff 00000000ffffffff [ 13.211511] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 13.212227] page dumped because: kasan: bad access detected [ 13.212507] [ 13.212630] Memory state around the buggy address: [ 13.213303] ffff888100341580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.213861] ffff888100341600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.214240] >ffff888100341680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 13.214994] ^ [ 13.215316] ffff888100341700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.215793] ffff888100341780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.216256] ================================================================== [ 13.442496] ================================================================== [ 13.442992] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 13.443722] Write of size 1 at addr ffff8881026f20da by task kunit_try_catch/179 [ 13.444148] [ 13.444271] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.444437] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.444454] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.444480] Call Trace: [ 13.444502] <TASK> [ 13.444523] dump_stack_lvl+0x73/0xb0 [ 13.444559] print_report+0xd1/0x650 [ 13.444586] ? __virt_addr_valid+0x1db/0x2d0 [ 13.444614] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 13.444662] ? kasan_addr_to_slab+0x11/0xa0 [ 13.444686] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 13.444713] kasan_report+0x141/0x180 [ 13.444752] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 13.444854] __asan_report_store1_noabort+0x1b/0x30 [ 13.444883] krealloc_less_oob_helper+0xec6/0x11d0 [ 13.444913] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 13.444941] ? __schedule+0x207f/0x2b60 [ 13.444978] ? schedule+0x7c/0x2e0 [ 13.445001] ? trace_hardirqs_on+0x37/0xe0 [ 13.445043] ? __schedule+0x207f/0x2b60 [ 13.445068] ? __pfx_read_tsc+0x10/0x10 [ 13.445097] krealloc_large_less_oob+0x1c/0x30 [ 13.445125] kunit_try_run_case+0x1a5/0x480 [ 13.445154] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.445179] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.445207] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.445233] ? __kthread_parkme+0x82/0x180 [ 13.445257] ? preempt_count_sub+0x50/0x80 [ 13.445297] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.445324] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.445363] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.445389] kthread+0x337/0x6f0 [ 13.445412] ? trace_preempt_on+0x20/0xc0 [ 13.445437] ? __pfx_kthread+0x10/0x10 [ 13.445460] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.445484] ? calculate_sigpending+0x7b/0xa0 [ 13.445512] ? __pfx_kthread+0x10/0x10 [ 13.445537] ret_from_fork+0x116/0x1d0 [ 13.445558] ? __pfx_kthread+0x10/0x10 [ 13.445582] ret_from_fork_asm+0x1a/0x30 [ 13.445618] </TASK> [ 13.445631] [ 13.455729] The buggy address belongs to the physical page: [ 13.456106] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f0 [ 13.456510] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.457279] flags: 0x200000000000040(head|node=0|zone=2) [ 13.458076] page_type: f8(unknown) [ 13.458744] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.459401] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.460262] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.460550] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.460883] head: 0200000000000002 ffffea000409bc01 00000000ffffffff 00000000ffffffff [ 13.461271] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.461885] page dumped because: kasan: bad access detected [ 13.462185] [ 13.462325] Memory state around the buggy address: [ 13.462565] ffff8881026f1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.463254] ffff8881026f2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.463661] >ffff8881026f2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 13.464014] ^ [ 13.464518] ffff8881026f2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.465036] ffff8881026f2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.465391] ================================================================== [ 13.306999] ================================================================== [ 13.307419] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 13.309172] Write of size 1 at addr ffff8881003416eb by task kunit_try_catch/175 [ 13.309481] [ 13.309623] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.309694] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.309709] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.309735] Call Trace: [ 13.309757] <TASK> [ 13.309813] dump_stack_lvl+0x73/0xb0 [ 13.309852] print_report+0xd1/0x650 [ 13.309878] ? __virt_addr_valid+0x1db/0x2d0 [ 13.309905] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 13.309933] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.309958] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 13.309986] kasan_report+0x141/0x180 [ 13.310012] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 13.310045] __asan_report_store1_noabort+0x1b/0x30 [ 13.310069] krealloc_less_oob_helper+0xd47/0x11d0 [ 13.310100] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 13.310127] ? irqentry_exit+0x2a/0x60 [ 13.310152] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.310186] ? __pfx_krealloc_less_oob+0x10/0x10 [ 13.310216] krealloc_less_oob+0x1c/0x30 [ 13.310241] kunit_try_run_case+0x1a5/0x480 [ 13.310270] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.310296] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.310323] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.310349] ? __kthread_parkme+0x82/0x180 [ 13.310373] ? preempt_count_sub+0x50/0x80 [ 13.310401] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.310435] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.310461] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.310487] kthread+0x337/0x6f0 [ 13.310510] ? trace_preempt_on+0x20/0xc0 [ 13.310538] ? __pfx_kthread+0x10/0x10 [ 13.310562] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.310586] ? calculate_sigpending+0x7b/0xa0 [ 13.310614] ? __pfx_kthread+0x10/0x10 [ 13.310639] ret_from_fork+0x116/0x1d0 [ 13.310674] ? __pfx_kthread+0x10/0x10 [ 13.310698] ret_from_fork_asm+0x1a/0x30 [ 13.310735] </TASK> [ 13.310749] [ 13.320591] Allocated by task 175: [ 13.320791] kasan_save_stack+0x45/0x70 [ 13.321040] kasan_save_track+0x18/0x40 [ 13.321668] kasan_save_alloc_info+0x3b/0x50 [ 13.322015] __kasan_krealloc+0x190/0x1f0 [ 13.322189] krealloc_noprof+0xf3/0x340 [ 13.322388] krealloc_less_oob_helper+0x1aa/0x11d0 [ 13.322683] krealloc_less_oob+0x1c/0x30 [ 13.322942] kunit_try_run_case+0x1a5/0x480 [ 13.323149] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.323359] kthread+0x337/0x6f0 [ 13.323563] ret_from_fork+0x116/0x1d0 [ 13.323950] ret_from_fork_asm+0x1a/0x30 [ 13.324196] [ 13.324284] The buggy address belongs to the object at ffff888100341600 [ 13.324284] which belongs to the cache kmalloc-256 of size 256 [ 13.325106] The buggy address is located 34 bytes to the right of [ 13.325106] allocated 201-byte region [ffff888100341600, ffff8881003416c9) [ 13.325638] [ 13.325773] The buggy address belongs to the physical page: [ 13.326145] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100340 [ 13.326556] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.327113] flags: 0x200000000000040(head|node=0|zone=2) [ 13.327444] page_type: f5(slab) [ 13.327619] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.328106] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.328482] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.328905] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.329521] head: 0200000000000001 ffffea000400d001 00000000ffffffff 00000000ffffffff [ 13.329866] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 13.330389] page dumped because: kasan: bad access detected [ 13.330637] [ 13.330766] Memory state around the buggy address: [ 13.331113] ffff888100341580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.331379] ffff888100341600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.331725] >ffff888100341680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 13.332118] ^ [ 13.332555] ffff888100341700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.332831] ffff888100341780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.333318] ================================================================== [ 13.281536] ================================================================== [ 13.282158] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 13.282576] Write of size 1 at addr ffff8881003416ea by task kunit_try_catch/175 [ 13.283100] [ 13.283224] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.283276] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.283290] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.283315] Call Trace: [ 13.283337] <TASK> [ 13.283360] dump_stack_lvl+0x73/0xb0 [ 13.283392] print_report+0xd1/0x650 [ 13.283417] ? __virt_addr_valid+0x1db/0x2d0 [ 13.283444] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 13.283471] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.283497] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 13.283524] kasan_report+0x141/0x180 [ 13.283550] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 13.283583] __asan_report_store1_noabort+0x1b/0x30 [ 13.283606] krealloc_less_oob_helper+0xe90/0x11d0 [ 13.283636] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 13.283676] ? irqentry_exit+0x2a/0x60 [ 13.283701] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.283735] ? __pfx_krealloc_less_oob+0x10/0x10 [ 13.283765] krealloc_less_oob+0x1c/0x30 [ 13.283790] kunit_try_run_case+0x1a5/0x480 [ 13.283818] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.283843] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.283870] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.283896] ? __kthread_parkme+0x82/0x180 [ 13.283920] ? preempt_count_sub+0x50/0x80 [ 13.283948] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.283975] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.284002] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.284028] kthread+0x337/0x6f0 [ 13.284051] ? trace_preempt_on+0x20/0xc0 [ 13.284078] ? __pfx_kthread+0x10/0x10 [ 13.284102] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.284126] ? calculate_sigpending+0x7b/0xa0 [ 13.284154] ? __pfx_kthread+0x10/0x10 [ 13.284178] ret_from_fork+0x116/0x1d0 [ 13.284200] ? __pfx_kthread+0x10/0x10 [ 13.284224] ret_from_fork_asm+0x1a/0x30 [ 13.284259] </TASK> [ 13.284271] [ 13.293476] Allocated by task 175: [ 13.293736] kasan_save_stack+0x45/0x70 [ 13.294143] kasan_save_track+0x18/0x40 [ 13.294316] kasan_save_alloc_info+0x3b/0x50 [ 13.294495] __kasan_krealloc+0x190/0x1f0 [ 13.294723] krealloc_noprof+0xf3/0x340 [ 13.295208] krealloc_less_oob_helper+0x1aa/0x11d0 [ 13.295493] krealloc_less_oob+0x1c/0x30 [ 13.295747] kunit_try_run_case+0x1a5/0x480 [ 13.296383] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.296626] kthread+0x337/0x6f0 [ 13.296835] ret_from_fork+0x116/0x1d0 [ 13.297061] ret_from_fork_asm+0x1a/0x30 [ 13.297285] [ 13.297396] The buggy address belongs to the object at ffff888100341600 [ 13.297396] which belongs to the cache kmalloc-256 of size 256 [ 13.298074] The buggy address is located 33 bytes to the right of [ 13.298074] allocated 201-byte region [ffff888100341600, ffff8881003416c9) [ 13.298639] [ 13.298769] The buggy address belongs to the physical page: [ 13.298971] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100340 [ 13.299253] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.299521] flags: 0x200000000000040(head|node=0|zone=2) [ 13.300191] page_type: f5(slab) [ 13.300410] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.300901] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.301179] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.301446] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.301854] head: 0200000000000001 ffffea000400d001 00000000ffffffff 00000000ffffffff [ 13.302262] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 13.302681] page dumped because: kasan: bad access detected [ 13.303273] [ 13.303394] Memory state around the buggy address: [ 13.303618] ffff888100341580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.304198] ffff888100341600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.304543] >ffff888100341680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 13.304953] ^ [ 13.305256] ffff888100341700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.305608] ffff888100341780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.306350] ================================================================== [ 13.384160] ================================================================== [ 13.384741] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 13.385255] Write of size 1 at addr ffff8881026f20c9 by task kunit_try_catch/179 [ 13.385603] [ 13.385764] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.385819] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.385833] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.385859] Call Trace: [ 13.385874] <TASK> [ 13.385896] dump_stack_lvl+0x73/0xb0 [ 13.385931] print_report+0xd1/0x650 [ 13.385958] ? __virt_addr_valid+0x1db/0x2d0 [ 13.385986] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 13.386014] ? kasan_addr_to_slab+0x11/0xa0 [ 13.386037] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 13.386066] kasan_report+0x141/0x180 [ 13.386092] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 13.386125] __asan_report_store1_noabort+0x1b/0x30 [ 13.386149] krealloc_less_oob_helper+0xd70/0x11d0 [ 13.386179] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 13.386207] ? __schedule+0x207f/0x2b60 [ 13.386232] ? schedule+0x7c/0x2e0 [ 13.386255] ? trace_hardirqs_on+0x37/0xe0 [ 13.386284] ? __schedule+0x207f/0x2b60 [ 13.386309] ? __pfx_read_tsc+0x10/0x10 [ 13.386338] krealloc_large_less_oob+0x1c/0x30 [ 13.386364] kunit_try_run_case+0x1a5/0x480 [ 13.386395] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.386425] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.386454] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.386481] ? __kthread_parkme+0x82/0x180 [ 13.386506] ? preempt_count_sub+0x50/0x80 [ 13.386535] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.386561] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.386588] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.386614] kthread+0x337/0x6f0 [ 13.386636] ? trace_preempt_on+0x20/0xc0 [ 13.386722] ? __pfx_kthread+0x10/0x10 [ 13.386748] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.386773] ? calculate_sigpending+0x7b/0xa0 [ 13.386838] ? __pfx_kthread+0x10/0x10 [ 13.386864] ret_from_fork+0x116/0x1d0 [ 13.386887] ? __pfx_kthread+0x10/0x10 [ 13.386911] ret_from_fork_asm+0x1a/0x30 [ 13.386949] </TASK> [ 13.386962] [ 13.401049] The buggy address belongs to the physical page: [ 13.401401] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f0 [ 13.401925] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.402409] flags: 0x200000000000040(head|node=0|zone=2) [ 13.405251] page_type: f8(unknown) [ 13.406208] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.407406] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.407721] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.408675] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.409182] head: 0200000000000002 ffffea000409bc01 00000000ffffffff 00000000ffffffff [ 13.409577] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.410082] page dumped because: kasan: bad access detected [ 13.410359] [ 13.410481] Memory state around the buggy address: [ 13.410794] ffff8881026f1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.411482] ffff8881026f2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.412538] >ffff8881026f2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 13.413140] ^ [ 13.413558] ffff8881026f2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.414194] ffff8881026f2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.414726] ================================================================== [ 13.487059] ================================================================== [ 13.487457] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 13.487915] Write of size 1 at addr ffff8881026f20eb by task kunit_try_catch/179 [ 13.488304] [ 13.488495] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.488576] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.488591] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.488627] Call Trace: [ 13.488656] <TASK> [ 13.488676] dump_stack_lvl+0x73/0xb0 [ 13.488709] print_report+0xd1/0x650 [ 13.488735] ? __virt_addr_valid+0x1db/0x2d0 [ 13.488761] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 13.488824] ? kasan_addr_to_slab+0x11/0xa0 [ 13.488850] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 13.488877] kasan_report+0x141/0x180 [ 13.488903] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 13.488948] __asan_report_store1_noabort+0x1b/0x30 [ 13.488972] krealloc_less_oob_helper+0xd47/0x11d0 [ 13.489015] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 13.489043] ? __schedule+0x207f/0x2b60 [ 13.489067] ? schedule+0x7c/0x2e0 [ 13.489090] ? trace_hardirqs_on+0x37/0xe0 [ 13.489118] ? __schedule+0x207f/0x2b60 [ 13.489153] ? __pfx_read_tsc+0x10/0x10 [ 13.489182] krealloc_large_less_oob+0x1c/0x30 [ 13.489222] kunit_try_run_case+0x1a5/0x480 [ 13.489251] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.489277] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.489304] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.489330] ? __kthread_parkme+0x82/0x180 [ 13.489354] ? preempt_count_sub+0x50/0x80 [ 13.489382] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.489409] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.489436] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.489464] kthread+0x337/0x6f0 [ 13.489488] ? trace_preempt_on+0x20/0xc0 [ 13.489523] ? __pfx_kthread+0x10/0x10 [ 13.489547] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.489570] ? calculate_sigpending+0x7b/0xa0 [ 13.489610] ? __pfx_kthread+0x10/0x10 [ 13.489635] ret_from_fork+0x116/0x1d0 [ 13.489665] ? __pfx_kthread+0x10/0x10 [ 13.489688] ret_from_fork_asm+0x1a/0x30 [ 13.489724] </TASK> [ 13.489738] [ 13.500153] The buggy address belongs to the physical page: [ 13.500416] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f0 [ 13.500741] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.501147] flags: 0x200000000000040(head|node=0|zone=2) [ 13.501457] page_type: f8(unknown) [ 13.502106] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.502536] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.502832] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.503133] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.503779] head: 0200000000000002 ffffea000409bc01 00000000ffffffff 00000000ffffffff [ 13.504216] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.504598] page dumped because: kasan: bad access detected [ 13.505031] [ 13.505148] Memory state around the buggy address: [ 13.505477] ffff8881026f1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.506121] ffff8881026f2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.506519] >ffff8881026f2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 13.507002] ^ [ 13.507358] ffff8881026f2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.507760] ffff8881026f2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.508069] ================================================================== [ 13.217036] ================================================================== [ 13.217383] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 13.218334] Write of size 1 at addr ffff8881003416d0 by task kunit_try_catch/175 [ 13.219173] [ 13.219368] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.219426] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.219465] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.219490] Call Trace: [ 13.219513] <TASK> [ 13.219555] dump_stack_lvl+0x73/0xb0 [ 13.219592] print_report+0xd1/0x650 [ 13.219617] ? __virt_addr_valid+0x1db/0x2d0 [ 13.219645] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 13.219688] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.219714] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 13.219741] kasan_report+0x141/0x180 [ 13.219767] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 13.219813] __asan_report_store1_noabort+0x1b/0x30 [ 13.219837] krealloc_less_oob_helper+0xe23/0x11d0 [ 13.219867] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 13.219894] ? irqentry_exit+0x2a/0x60 [ 13.219919] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.219953] ? __pfx_krealloc_less_oob+0x10/0x10 [ 13.219983] krealloc_less_oob+0x1c/0x30 [ 13.220008] kunit_try_run_case+0x1a5/0x480 [ 13.220036] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.220062] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.220089] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.220116] ? __kthread_parkme+0x82/0x180 [ 13.220140] ? preempt_count_sub+0x50/0x80 [ 13.220168] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.220195] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.220221] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.220248] kthread+0x337/0x6f0 [ 13.220273] ? trace_preempt_on+0x20/0xc0 [ 13.220300] ? __pfx_kthread+0x10/0x10 [ 13.220325] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.220349] ? calculate_sigpending+0x7b/0xa0 [ 13.220377] ? __pfx_kthread+0x10/0x10 [ 13.220401] ret_from_fork+0x116/0x1d0 [ 13.220424] ? __pfx_kthread+0x10/0x10 [ 13.220448] ret_from_fork_asm+0x1a/0x30 [ 13.220484] </TASK> [ 13.220497] [ 13.232667] Allocated by task 175: [ 13.233628] kasan_save_stack+0x45/0x70 [ 13.233891] kasan_save_track+0x18/0x40 [ 13.234061] kasan_save_alloc_info+0x3b/0x50 [ 13.234520] __kasan_krealloc+0x190/0x1f0 [ 13.234761] krealloc_noprof+0xf3/0x340 [ 13.234975] krealloc_less_oob_helper+0x1aa/0x11d0 [ 13.235242] krealloc_less_oob+0x1c/0x30 [ 13.235463] kunit_try_run_case+0x1a5/0x480 [ 13.236420] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.237147] kthread+0x337/0x6f0 [ 13.237526] ret_from_fork+0x116/0x1d0 [ 13.238127] ret_from_fork_asm+0x1a/0x30 [ 13.238365] [ 13.238482] The buggy address belongs to the object at ffff888100341600 [ 13.238482] which belongs to the cache kmalloc-256 of size 256 [ 13.239591] The buggy address is located 7 bytes to the right of [ 13.239591] allocated 201-byte region [ffff888100341600, ffff8881003416c9) [ 13.241386] [ 13.241702] The buggy address belongs to the physical page: [ 13.242441] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100340 [ 13.243135] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.243532] flags: 0x200000000000040(head|node=0|zone=2) [ 13.244218] page_type: f5(slab) [ 13.244424] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.245039] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.245431] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.246066] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.246470] head: 0200000000000001 ffffea000400d001 00000000ffffffff 00000000ffffffff [ 13.246833] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 13.247507] page dumped because: kasan: bad access detected [ 13.248027] [ 13.248123] Memory state around the buggy address: [ 13.248418] ffff888100341580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.249675] ffff888100341600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.250221] >ffff888100341680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 13.250573] ^ [ 13.251177] ffff888100341700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.251714] ffff888100341780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.252223] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 13.358083] ================================================================== [ 13.358452] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 13.358799] Write of size 1 at addr ffff8881026f20f0 by task kunit_try_catch/177 [ 13.359100] [ 13.359231] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.359283] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.359297] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.359321] Call Trace: [ 13.359342] <TASK> [ 13.359362] dump_stack_lvl+0x73/0xb0 [ 13.359394] print_report+0xd1/0x650 [ 13.359420] ? __virt_addr_valid+0x1db/0x2d0 [ 13.359448] ? krealloc_more_oob_helper+0x7eb/0x930 [ 13.359475] ? kasan_addr_to_slab+0x11/0xa0 [ 13.359499] ? krealloc_more_oob_helper+0x7eb/0x930 [ 13.359527] kasan_report+0x141/0x180 [ 13.359552] ? krealloc_more_oob_helper+0x7eb/0x930 [ 13.359584] __asan_report_store1_noabort+0x1b/0x30 [ 13.359608] krealloc_more_oob_helper+0x7eb/0x930 [ 13.359634] ? __schedule+0x10cc/0x2b60 [ 13.360024] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 13.360058] ? finish_task_switch.isra.0+0x153/0x700 [ 13.360083] ? __switch_to+0x47/0xf50 [ 13.360113] ? __schedule+0x10cc/0x2b60 [ 13.360137] ? __pfx_read_tsc+0x10/0x10 [ 13.360166] krealloc_large_more_oob+0x1c/0x30 [ 13.360194] kunit_try_run_case+0x1a5/0x480 [ 13.360222] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.360247] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.360275] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.360301] ? __kthread_parkme+0x82/0x180 [ 13.360326] ? preempt_count_sub+0x50/0x80 [ 13.360352] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.360380] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.360406] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.360432] kthread+0x337/0x6f0 [ 13.360455] ? trace_preempt_on+0x20/0xc0 [ 13.360482] ? __pfx_kthread+0x10/0x10 [ 13.360506] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.360530] ? calculate_sigpending+0x7b/0xa0 [ 13.360558] ? __pfx_kthread+0x10/0x10 [ 13.360583] ret_from_fork+0x116/0x1d0 [ 13.360604] ? __pfx_kthread+0x10/0x10 [ 13.360628] ret_from_fork_asm+0x1a/0x30 [ 13.360681] </TASK> [ 13.360694] [ 13.370714] The buggy address belongs to the physical page: [ 13.371063] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f0 [ 13.371366] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.371741] flags: 0x200000000000040(head|node=0|zone=2) [ 13.372120] page_type: f8(unknown) [ 13.372342] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.372761] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.373196] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.373531] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.373907] head: 0200000000000002 ffffea000409bc01 00000000ffffffff 00000000ffffffff [ 13.374529] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.374850] page dumped because: kasan: bad access detected [ 13.375063] [ 13.375148] Memory state around the buggy address: [ 13.375440] ffff8881026f1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.375830] ffff8881026f2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.376292] >ffff8881026f2080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 13.376579] ^ [ 13.376876] ffff8881026f2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.377305] ffff8881026f2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.377694] ================================================================== [ 13.105201] ================================================================== [ 13.106162] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 13.106580] Write of size 1 at addr ffff8881003414eb by task kunit_try_catch/173 [ 13.107095] [ 13.107252] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.107313] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.107350] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.107377] Call Trace: [ 13.107409] <TASK> [ 13.107432] dump_stack_lvl+0x73/0xb0 [ 13.107471] print_report+0xd1/0x650 [ 13.107498] ? __virt_addr_valid+0x1db/0x2d0 [ 13.107527] ? krealloc_more_oob_helper+0x821/0x930 [ 13.107555] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.107581] ? krealloc_more_oob_helper+0x821/0x930 [ 13.107609] kasan_report+0x141/0x180 [ 13.107635] ? krealloc_more_oob_helper+0x821/0x930 [ 13.107685] __asan_report_store1_noabort+0x1b/0x30 [ 13.107710] krealloc_more_oob_helper+0x821/0x930 [ 13.107736] ? __schedule+0x10cc/0x2b60 [ 13.107763] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 13.107791] ? finish_task_switch.isra.0+0x153/0x700 [ 13.107818] ? __switch_to+0x47/0xf50 [ 13.107849] ? __schedule+0x10cc/0x2b60 [ 13.107874] ? __pfx_read_tsc+0x10/0x10 [ 13.107904] krealloc_more_oob+0x1c/0x30 [ 13.107930] kunit_try_run_case+0x1a5/0x480 [ 13.107961] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.107986] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.108015] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.108041] ? __kthread_parkme+0x82/0x180 [ 13.108067] ? preempt_count_sub+0x50/0x80 [ 13.108094] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.108121] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.108147] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.108174] kthread+0x337/0x6f0 [ 13.108197] ? trace_preempt_on+0x20/0xc0 [ 13.108225] ? __pfx_kthread+0x10/0x10 [ 13.108249] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.108273] ? calculate_sigpending+0x7b/0xa0 [ 13.108302] ? __pfx_kthread+0x10/0x10 [ 13.108327] ret_from_fork+0x116/0x1d0 [ 13.108348] ? __pfx_kthread+0x10/0x10 [ 13.108372] ret_from_fork_asm+0x1a/0x30 [ 13.108410] </TASK> [ 13.108424] [ 13.119555] Allocated by task 173: [ 13.119740] kasan_save_stack+0x45/0x70 [ 13.121381] kasan_save_track+0x18/0x40 [ 13.122103] kasan_save_alloc_info+0x3b/0x50 [ 13.122327] __kasan_krealloc+0x190/0x1f0 [ 13.122503] krealloc_noprof+0xf3/0x340 [ 13.122999] krealloc_more_oob_helper+0x1a9/0x930 [ 13.123911] krealloc_more_oob+0x1c/0x30 [ 13.124412] kunit_try_run_case+0x1a5/0x480 [ 13.125125] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.125926] kthread+0x337/0x6f0 [ 13.126487] ret_from_fork+0x116/0x1d0 [ 13.127024] ret_from_fork_asm+0x1a/0x30 [ 13.127454] [ 13.127551] The buggy address belongs to the object at ffff888100341400 [ 13.127551] which belongs to the cache kmalloc-256 of size 256 [ 13.128486] The buggy address is located 0 bytes to the right of [ 13.128486] allocated 235-byte region [ffff888100341400, ffff8881003414eb) [ 13.130028] [ 13.130235] The buggy address belongs to the physical page: [ 13.130875] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100340 [ 13.131212] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.131487] flags: 0x200000000000040(head|node=0|zone=2) [ 13.132053] page_type: f5(slab) [ 13.132416] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.132784] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.133579] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.134262] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.135247] head: 0200000000000001 ffffea000400d001 00000000ffffffff 00000000ffffffff [ 13.135544] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 13.135853] page dumped because: kasan: bad access detected [ 13.136063] [ 13.136152] Memory state around the buggy address: [ 13.136345] ffff888100341380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.137707] ffff888100341400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.139296] >ffff888100341480: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 13.140425] ^ [ 13.141739] ffff888100341500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.143066] ffff888100341580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.144191] ================================================================== [ 13.336874] ================================================================== [ 13.337436] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 13.338114] Write of size 1 at addr ffff8881026f20eb by task kunit_try_catch/177 [ 13.338455] [ 13.338579] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.338634] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.338663] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.338691] Call Trace: [ 13.338706] <TASK> [ 13.338728] dump_stack_lvl+0x73/0xb0 [ 13.338764] print_report+0xd1/0x650 [ 13.338790] ? __virt_addr_valid+0x1db/0x2d0 [ 13.338818] ? krealloc_more_oob_helper+0x821/0x930 [ 13.338845] ? kasan_addr_to_slab+0x11/0xa0 [ 13.338869] ? krealloc_more_oob_helper+0x821/0x930 [ 13.338897] kasan_report+0x141/0x180 [ 13.338923] ? krealloc_more_oob_helper+0x821/0x930 [ 13.338956] __asan_report_store1_noabort+0x1b/0x30 [ 13.338980] krealloc_more_oob_helper+0x821/0x930 [ 13.339006] ? __schedule+0x10cc/0x2b60 [ 13.339032] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 13.339060] ? finish_task_switch.isra.0+0x153/0x700 [ 13.339086] ? __switch_to+0x47/0xf50 [ 13.339117] ? __schedule+0x10cc/0x2b60 [ 13.339142] ? __pfx_read_tsc+0x10/0x10 [ 13.339171] krealloc_large_more_oob+0x1c/0x30 [ 13.339197] kunit_try_run_case+0x1a5/0x480 [ 13.339227] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.339252] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.339280] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.339306] ? __kthread_parkme+0x82/0x180 [ 13.339329] ? preempt_count_sub+0x50/0x80 [ 13.339355] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.339383] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.339409] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.339435] kthread+0x337/0x6f0 [ 13.339458] ? trace_preempt_on+0x20/0xc0 [ 13.339486] ? __pfx_kthread+0x10/0x10 [ 13.339510] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.339534] ? calculate_sigpending+0x7b/0xa0 [ 13.339562] ? __pfx_kthread+0x10/0x10 [ 13.339587] ret_from_fork+0x116/0x1d0 [ 13.339608] ? __pfx_kthread+0x10/0x10 [ 13.339658] ret_from_fork_asm+0x1a/0x30 [ 13.339697] </TASK> [ 13.339712] [ 13.349373] The buggy address belongs to the physical page: [ 13.350035] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f0 [ 13.350414] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.350799] flags: 0x200000000000040(head|node=0|zone=2) [ 13.351079] page_type: f8(unknown) [ 13.351261] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.351575] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.352037] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.352426] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.352719] head: 0200000000000002 ffffea000409bc01 00000000ffffffff 00000000ffffffff [ 13.353010] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.353588] page dumped because: kasan: bad access detected [ 13.354411] [ 13.354508] Memory state around the buggy address: [ 13.354714] ffff8881026f1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.355037] ffff8881026f2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.355684] >ffff8881026f2080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 13.356128] ^ [ 13.356601] ffff8881026f2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.357021] ffff8881026f2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.357425] ================================================================== [ 13.145926] ================================================================== [ 13.148227] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 13.148602] Write of size 1 at addr ffff8881003414f0 by task kunit_try_catch/173 [ 13.149268] [ 13.149491] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.149547] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.149562] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.149588] Call Trace: [ 13.149606] <TASK> [ 13.149629] dump_stack_lvl+0x73/0xb0 [ 13.149681] print_report+0xd1/0x650 [ 13.149707] ? __virt_addr_valid+0x1db/0x2d0 [ 13.149735] ? krealloc_more_oob_helper+0x7eb/0x930 [ 13.150076] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.150115] ? krealloc_more_oob_helper+0x7eb/0x930 [ 13.150143] kasan_report+0x141/0x180 [ 13.150170] ? krealloc_more_oob_helper+0x7eb/0x930 [ 13.150203] __asan_report_store1_noabort+0x1b/0x30 [ 13.150226] krealloc_more_oob_helper+0x7eb/0x930 [ 13.150251] ? __schedule+0x10cc/0x2b60 [ 13.150278] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 13.150305] ? finish_task_switch.isra.0+0x153/0x700 [ 13.150332] ? __switch_to+0x47/0xf50 [ 13.150362] ? __schedule+0x10cc/0x2b60 [ 13.150386] ? __pfx_read_tsc+0x10/0x10 [ 13.150414] krealloc_more_oob+0x1c/0x30 [ 13.150447] kunit_try_run_case+0x1a5/0x480 [ 13.150476] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.150500] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.150528] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.150554] ? __kthread_parkme+0x82/0x180 [ 13.150577] ? preempt_count_sub+0x50/0x80 [ 13.150603] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.150630] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.150671] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.150697] kthread+0x337/0x6f0 [ 13.150719] ? trace_preempt_on+0x20/0xc0 [ 13.150747] ? __pfx_kthread+0x10/0x10 [ 13.150865] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.150891] ? calculate_sigpending+0x7b/0xa0 [ 13.150919] ? __pfx_kthread+0x10/0x10 [ 13.150943] ret_from_fork+0x116/0x1d0 [ 13.150965] ? __pfx_kthread+0x10/0x10 [ 13.150988] ret_from_fork_asm+0x1a/0x30 [ 13.151023] </TASK> [ 13.151037] [ 13.164351] Allocated by task 173: [ 13.164582] kasan_save_stack+0x45/0x70 [ 13.164811] kasan_save_track+0x18/0x40 [ 13.165159] kasan_save_alloc_info+0x3b/0x50 [ 13.165400] __kasan_krealloc+0x190/0x1f0 [ 13.165640] krealloc_noprof+0xf3/0x340 [ 13.165866] krealloc_more_oob_helper+0x1a9/0x930 [ 13.166721] krealloc_more_oob+0x1c/0x30 [ 13.167064] kunit_try_run_case+0x1a5/0x480 [ 13.167302] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.167600] kthread+0x337/0x6f0 [ 13.167896] ret_from_fork+0x116/0x1d0 [ 13.168100] ret_from_fork_asm+0x1a/0x30 [ 13.168358] [ 13.168480] The buggy address belongs to the object at ffff888100341400 [ 13.168480] which belongs to the cache kmalloc-256 of size 256 [ 13.169685] The buggy address is located 5 bytes to the right of [ 13.169685] allocated 235-byte region [ffff888100341400, ffff8881003414eb) [ 13.171119] [ 13.171263] The buggy address belongs to the physical page: [ 13.171669] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100340 [ 13.172190] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.172545] flags: 0x200000000000040(head|node=0|zone=2) [ 13.173005] page_type: f5(slab) [ 13.173217] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.173572] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.173923] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.174564] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.174953] head: 0200000000000001 ffffea000400d001 00000000ffffffff 00000000ffffffff [ 13.175477] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 13.175930] page dumped because: kasan: bad access detected [ 13.176403] [ 13.176525] Memory state around the buggy address: [ 13.176793] ffff888100341380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.177323] ffff888100341400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.177719] >ffff888100341480: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 13.178111] ^ [ 13.178486] ffff888100341500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.179004] ffff888100341580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.179360] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 13.080589] ================================================================== [ 13.082391] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 13.083084] Read of size 1 at addr ffff888103980000 by task kunit_try_catch/171 [ 13.083361] [ 13.083473] CPU: 1 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.083529] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.083545] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.083571] Call Trace: [ 13.083587] <TASK> [ 13.083614] dump_stack_lvl+0x73/0xb0 [ 13.083663] print_report+0xd1/0x650 [ 13.083690] ? __virt_addr_valid+0x1db/0x2d0 [ 13.083718] ? page_alloc_uaf+0x356/0x3d0 [ 13.083744] ? kasan_addr_to_slab+0x11/0xa0 [ 13.083853] ? page_alloc_uaf+0x356/0x3d0 [ 13.083883] kasan_report+0x141/0x180 [ 13.083909] ? page_alloc_uaf+0x356/0x3d0 [ 13.083940] __asan_report_load1_noabort+0x18/0x20 [ 13.083968] page_alloc_uaf+0x356/0x3d0 [ 13.083994] ? __pfx_page_alloc_uaf+0x10/0x10 [ 13.084021] ? __schedule+0x10cc/0x2b60 [ 13.084047] ? __pfx_read_tsc+0x10/0x10 [ 13.084076] ? ktime_get_ts64+0x86/0x230 [ 13.084108] kunit_try_run_case+0x1a5/0x480 [ 13.084138] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.084164] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.084191] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.084218] ? __kthread_parkme+0x82/0x180 [ 13.084243] ? preempt_count_sub+0x50/0x80 [ 13.084272] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.084299] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.084326] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.084353] kthread+0x337/0x6f0 [ 13.084376] ? trace_preempt_on+0x20/0xc0 [ 13.084405] ? __pfx_kthread+0x10/0x10 [ 13.084429] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.084453] ? calculate_sigpending+0x7b/0xa0 [ 13.084482] ? __pfx_kthread+0x10/0x10 [ 13.084507] ret_from_fork+0x116/0x1d0 [ 13.084528] ? __pfx_kthread+0x10/0x10 [ 13.084552] ret_from_fork_asm+0x1a/0x30 [ 13.084589] </TASK> [ 13.084602] [ 13.093513] The buggy address belongs to the physical page: [ 13.093885] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103980 [ 13.094312] flags: 0x200000000000000(node=0|zone=2) [ 13.094601] page_type: f0(buddy) [ 13.094908] raw: 0200000000000000 ffff88817fffb538 ffff88817fffb538 0000000000000000 [ 13.095276] raw: 0000000000000000 0000000000000007 00000000f0000000 0000000000000000 [ 13.095678] page dumped because: kasan: bad access detected [ 13.096169] [ 13.096293] Memory state around the buggy address: [ 13.096569] ffff88810397ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.097082] ffff88810397ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.097406] >ffff888103980000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.097785] ^ [ 13.098010] ffff888103980080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.098337] ffff888103980100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.098729] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 13.042970] ================================================================== [ 13.044067] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 13.044568] Free of addr ffff8881026ec001 by task kunit_try_catch/167 [ 13.045063] [ 13.045313] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.045383] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.045398] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.045424] Call Trace: [ 13.045441] <TASK> [ 13.045462] dump_stack_lvl+0x73/0xb0 [ 13.045499] print_report+0xd1/0x650 [ 13.045525] ? __virt_addr_valid+0x1db/0x2d0 [ 13.045554] ? kasan_addr_to_slab+0x11/0xa0 [ 13.045577] ? kfree+0x274/0x3f0 [ 13.045603] kasan_report_invalid_free+0x10a/0x130 [ 13.045631] ? kfree+0x274/0x3f0 [ 13.045672] ? kfree+0x274/0x3f0 [ 13.045696] __kasan_kfree_large+0x86/0xd0 [ 13.045721] free_large_kmalloc+0x4b/0x110 [ 13.045748] kfree+0x274/0x3f0 [ 13.045845] kmalloc_large_invalid_free+0x120/0x2b0 [ 13.045875] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 13.045902] ? __schedule+0x10cc/0x2b60 [ 13.045928] ? __pfx_read_tsc+0x10/0x10 [ 13.045953] ? ktime_get_ts64+0x86/0x230 [ 13.045982] kunit_try_run_case+0x1a5/0x480 [ 13.046026] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.046052] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.046079] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.046105] ? __kthread_parkme+0x82/0x180 [ 13.046130] ? preempt_count_sub+0x50/0x80 [ 13.046158] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.046186] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.046211] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.046237] kthread+0x337/0x6f0 [ 13.046260] ? trace_preempt_on+0x20/0xc0 [ 13.046288] ? __pfx_kthread+0x10/0x10 [ 13.046312] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.046337] ? calculate_sigpending+0x7b/0xa0 [ 13.046365] ? __pfx_kthread+0x10/0x10 [ 13.046390] ret_from_fork+0x116/0x1d0 [ 13.046411] ? __pfx_kthread+0x10/0x10 [ 13.046440] ret_from_fork_asm+0x1a/0x30 [ 13.046477] </TASK> [ 13.046490] [ 13.062629] The buggy address belongs to the physical page: [ 13.063371] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ec [ 13.064335] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.065234] flags: 0x200000000000040(head|node=0|zone=2) [ 13.065792] page_type: f8(unknown) [ 13.066053] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.066759] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.067629] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.068300] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.069231] head: 0200000000000002 ffffea000409bb01 00000000ffffffff 00000000ffffffff [ 13.069731] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.070444] page dumped because: kasan: bad access detected [ 13.071095] [ 13.071187] Memory state around the buggy address: [ 13.071379] ffff8881026ebf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.071638] ffff8881026ebf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.072010] >ffff8881026ec000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.072688] ^ [ 13.073074] ffff8881026ec080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.073340] ffff8881026ec100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.073632] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 13.012682] ================================================================== [ 13.013380] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 13.013752] Read of size 1 at addr ffff888102a9c000 by task kunit_try_catch/165 [ 13.014608] [ 13.015026] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.015090] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.015105] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.015130] Call Trace: [ 13.015155] <TASK> [ 13.015176] dump_stack_lvl+0x73/0xb0 [ 13.015214] print_report+0xd1/0x650 [ 13.015240] ? __virt_addr_valid+0x1db/0x2d0 [ 13.015268] ? kmalloc_large_uaf+0x2f1/0x340 [ 13.015292] ? kasan_addr_to_slab+0x11/0xa0 [ 13.015315] ? kmalloc_large_uaf+0x2f1/0x340 [ 13.015340] kasan_report+0x141/0x180 [ 13.015365] ? kmalloc_large_uaf+0x2f1/0x340 [ 13.015395] __asan_report_load1_noabort+0x18/0x20 [ 13.015423] kmalloc_large_uaf+0x2f1/0x340 [ 13.015447] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 13.015472] ? __schedule+0x10cc/0x2b60 [ 13.015498] ? __pfx_read_tsc+0x10/0x10 [ 13.015522] ? ktime_get_ts64+0x86/0x230 [ 13.015551] kunit_try_run_case+0x1a5/0x480 [ 13.015580] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.015605] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.015632] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.015672] ? __kthread_parkme+0x82/0x180 [ 13.015696] ? preempt_count_sub+0x50/0x80 [ 13.015723] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.015750] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.015815] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.015843] kthread+0x337/0x6f0 [ 13.015866] ? trace_preempt_on+0x20/0xc0 [ 13.015893] ? __pfx_kthread+0x10/0x10 [ 13.015917] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.015941] ? calculate_sigpending+0x7b/0xa0 [ 13.015969] ? __pfx_kthread+0x10/0x10 [ 13.015993] ret_from_fork+0x116/0x1d0 [ 13.016015] ? __pfx_kthread+0x10/0x10 [ 13.016038] ret_from_fork_asm+0x1a/0x30 [ 13.016075] </TASK> [ 13.016088] [ 13.030310] The buggy address belongs to the physical page: [ 13.030769] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a9c [ 13.031407] flags: 0x200000000000000(node=0|zone=2) [ 13.031839] raw: 0200000000000000 ffffea00040aa808 ffff88815b039f80 0000000000000000 [ 13.032218] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.033118] page dumped because: kasan: bad access detected [ 13.033583] [ 13.034086] Memory state around the buggy address: [ 13.034896] ffff888102a9bf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.035279] ffff888102a9bf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.035635] >ffff888102a9c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.035980] ^ [ 13.036185] ffff888102a9c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.036530] ffff888102a9c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.036965] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 12.977585] ================================================================== [ 12.978285] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 12.978611] Write of size 1 at addr ffff888102a9e00a by task kunit_try_catch/163 [ 12.978922] [ 12.979036] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.979092] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.979107] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.979192] Call Trace: [ 12.979208] <TASK> [ 12.979244] dump_stack_lvl+0x73/0xb0 [ 12.979282] print_report+0xd1/0x650 [ 12.979308] ? __virt_addr_valid+0x1db/0x2d0 [ 12.979338] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.979363] ? kasan_addr_to_slab+0x11/0xa0 [ 12.979386] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.979412] kasan_report+0x141/0x180 [ 12.979437] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.979468] __asan_report_store1_noabort+0x1b/0x30 [ 12.979492] kmalloc_large_oob_right+0x2e9/0x330 [ 12.979518] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 12.979544] ? __schedule+0x10cc/0x2b60 [ 12.979571] ? __pfx_read_tsc+0x10/0x10 [ 12.979597] ? ktime_get_ts64+0x86/0x230 [ 12.979676] kunit_try_run_case+0x1a5/0x480 [ 12.979707] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.979796] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.979842] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.979868] ? __kthread_parkme+0x82/0x180 [ 12.979894] ? preempt_count_sub+0x50/0x80 [ 12.979922] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.979949] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.979976] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.980035] kthread+0x337/0x6f0 [ 12.980059] ? trace_preempt_on+0x20/0xc0 [ 12.980087] ? __pfx_kthread+0x10/0x10 [ 12.980124] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.980180] ? calculate_sigpending+0x7b/0xa0 [ 12.980209] ? __pfx_kthread+0x10/0x10 [ 12.980248] ret_from_fork+0x116/0x1d0 [ 12.980270] ? __pfx_kthread+0x10/0x10 [ 12.980294] ret_from_fork_asm+0x1a/0x30 [ 12.980331] </TASK> [ 12.980344] [ 12.995995] The buggy address belongs to the physical page: [ 12.996302] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a9c [ 12.996710] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.998063] flags: 0x200000000000040(head|node=0|zone=2) [ 12.998470] page_type: f8(unknown) [ 12.998695] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.999635] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.000608] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.001327] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.001743] head: 0200000000000002 ffffea00040aa701 00000000ffffffff 00000000ffffffff [ 13.002534] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.003406] page dumped because: kasan: bad access detected [ 13.003723] [ 13.003963] Memory state around the buggy address: [ 13.004223] ffff888102a9df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.004581] ffff888102a9df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.005637] >ffff888102a9e000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.006523] ^ [ 13.006741] ffff888102a9e080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.007409] ffff888102a9e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.008059] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 12.929714] ================================================================== [ 12.930341] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 12.930786] Write of size 1 at addr ffff888102a0df00 by task kunit_try_catch/161 [ 12.931550] [ 12.931963] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.932025] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.932040] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.932157] Call Trace: [ 12.932175] <TASK> [ 12.932197] dump_stack_lvl+0x73/0xb0 [ 12.932235] print_report+0xd1/0x650 [ 12.932260] ? __virt_addr_valid+0x1db/0x2d0 [ 12.932288] ? kmalloc_big_oob_right+0x316/0x370 [ 12.932314] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.932340] ? kmalloc_big_oob_right+0x316/0x370 [ 12.932366] kasan_report+0x141/0x180 [ 12.932391] ? kmalloc_big_oob_right+0x316/0x370 [ 12.932423] __asan_report_store1_noabort+0x1b/0x30 [ 12.932446] kmalloc_big_oob_right+0x316/0x370 [ 12.932472] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 12.932498] ? __schedule+0x10cc/0x2b60 [ 12.932524] ? __pfx_read_tsc+0x10/0x10 [ 12.932549] ? ktime_get_ts64+0x86/0x230 [ 12.932577] kunit_try_run_case+0x1a5/0x480 [ 12.932607] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.932632] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.932675] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.932701] ? __kthread_parkme+0x82/0x180 [ 12.932725] ? preempt_count_sub+0x50/0x80 [ 12.932752] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.932844] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.932875] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.932901] kthread+0x337/0x6f0 [ 12.932925] ? trace_preempt_on+0x20/0xc0 [ 12.932953] ? __pfx_kthread+0x10/0x10 [ 12.932977] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.933001] ? calculate_sigpending+0x7b/0xa0 [ 12.933030] ? __pfx_kthread+0x10/0x10 [ 12.933055] ret_from_fork+0x116/0x1d0 [ 12.933076] ? __pfx_kthread+0x10/0x10 [ 12.933099] ret_from_fork_asm+0x1a/0x30 [ 12.933136] </TASK> [ 12.933150] [ 12.948158] Allocated by task 161: [ 12.948751] kasan_save_stack+0x45/0x70 [ 12.949405] kasan_save_track+0x18/0x40 [ 12.950059] kasan_save_alloc_info+0x3b/0x50 [ 12.950628] __kasan_kmalloc+0xb7/0xc0 [ 12.951239] __kmalloc_cache_noprof+0x189/0x420 [ 12.951938] kmalloc_big_oob_right+0xa9/0x370 [ 12.952668] kunit_try_run_case+0x1a5/0x480 [ 12.953269] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.953889] kthread+0x337/0x6f0 [ 12.954153] ret_from_fork+0x116/0x1d0 [ 12.954675] ret_from_fork_asm+0x1a/0x30 [ 12.955123] [ 12.955338] The buggy address belongs to the object at ffff888102a0c000 [ 12.955338] which belongs to the cache kmalloc-8k of size 8192 [ 12.956734] The buggy address is located 0 bytes to the right of [ 12.956734] allocated 7936-byte region [ffff888102a0c000, ffff888102a0df00) [ 12.957505] [ 12.957602] The buggy address belongs to the physical page: [ 12.957948] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a08 [ 12.958632] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.959025] flags: 0x200000000000040(head|node=0|zone=2) [ 12.959303] page_type: f5(slab) [ 12.959487] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 12.959855] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 12.960213] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 12.960570] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 12.962322] head: 0200000000000003 ffffea00040a8201 00000000ffffffff 00000000ffffffff [ 12.963603] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 12.964970] page dumped because: kasan: bad access detected [ 12.966011] [ 12.966546] Memory state around the buggy address: [ 12.968009] ffff888102a0de00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.969160] ffff888102a0de80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.970312] >ffff888102a0df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.971381] ^ [ 12.971539] ffff888102a0df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.971811] ffff888102a0e000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.972678] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 12.895726] ================================================================== [ 12.896531] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.897090] Write of size 1 at addr ffff8881029df678 by task kunit_try_catch/159 [ 12.897459] [ 12.897594] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.897658] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.897673] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.897698] Call Trace: [ 12.897714] <TASK> [ 12.897736] dump_stack_lvl+0x73/0xb0 [ 12.897771] print_report+0xd1/0x650 [ 12.897796] ? __virt_addr_valid+0x1db/0x2d0 [ 12.897824] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.897852] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.897877] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.897906] kasan_report+0x141/0x180 [ 12.897931] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.897965] __asan_report_store1_noabort+0x1b/0x30 [ 12.897989] kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.898017] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 12.898047] ? __schedule+0x10cc/0x2b60 [ 12.898073] ? __pfx_read_tsc+0x10/0x10 [ 12.898098] ? ktime_get_ts64+0x86/0x230 [ 12.898127] kunit_try_run_case+0x1a5/0x480 [ 12.898156] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.898184] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.898211] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.898237] ? __kthread_parkme+0x82/0x180 [ 12.898261] ? preempt_count_sub+0x50/0x80 [ 12.898288] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.898315] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.898341] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.898367] kthread+0x337/0x6f0 [ 12.898389] ? trace_preempt_on+0x20/0xc0 [ 12.898416] ? __pfx_kthread+0x10/0x10 [ 12.898450] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.898473] ? calculate_sigpending+0x7b/0xa0 [ 12.898501] ? __pfx_kthread+0x10/0x10 [ 12.898526] ret_from_fork+0x116/0x1d0 [ 12.898547] ? __pfx_kthread+0x10/0x10 [ 12.898570] ret_from_fork_asm+0x1a/0x30 [ 12.898605] </TASK> [ 12.898618] [ 12.909525] Allocated by task 159: [ 12.910251] kasan_save_stack+0x45/0x70 [ 12.910527] kasan_save_track+0x18/0x40 [ 12.910742] kasan_save_alloc_info+0x3b/0x50 [ 12.911256] __kasan_kmalloc+0xb7/0xc0 [ 12.911482] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 12.911788] kmalloc_track_caller_oob_right+0x19a/0x520 [ 12.912064] kunit_try_run_case+0x1a5/0x480 [ 12.912315] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.912594] kthread+0x337/0x6f0 [ 12.913321] ret_from_fork+0x116/0x1d0 [ 12.913552] ret_from_fork_asm+0x1a/0x30 [ 12.914009] [ 12.914134] The buggy address belongs to the object at ffff8881029df600 [ 12.914134] which belongs to the cache kmalloc-128 of size 128 [ 12.915185] The buggy address is located 0 bytes to the right of [ 12.915185] allocated 120-byte region [ffff8881029df600, ffff8881029df678) [ 12.915978] [ 12.916091] The buggy address belongs to the physical page: [ 12.916398] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029df [ 12.917199] flags: 0x200000000000000(node=0|zone=2) [ 12.917462] page_type: f5(slab) [ 12.918013] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.918410] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.919108] page dumped because: kasan: bad access detected [ 12.919344] [ 12.919716] Memory state around the buggy address: [ 12.920300] ffff8881029df500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.920767] ffff8881029df580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.921371] >ffff8881029df600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.921864] ^ [ 12.922429] ffff8881029df680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.923223] ffff8881029df700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.923530] ================================================================== [ 12.855272] ================================================================== [ 12.856411] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.857015] Write of size 1 at addr ffff8881029df578 by task kunit_try_catch/159 [ 12.857302] [ 12.857422] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.857482] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.857498] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.857527] Call Trace: [ 12.857543] <TASK> [ 12.857569] dump_stack_lvl+0x73/0xb0 [ 12.857607] print_report+0xd1/0x650 [ 12.857634] ? __virt_addr_valid+0x1db/0x2d0 [ 12.857677] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.857707] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.857732] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.857761] kasan_report+0x141/0x180 [ 12.857786] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.857820] __asan_report_store1_noabort+0x1b/0x30 [ 12.857844] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.857871] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 12.857901] ? __schedule+0x10cc/0x2b60 [ 12.857927] ? __pfx_read_tsc+0x10/0x10 [ 12.857952] ? ktime_get_ts64+0x86/0x230 [ 12.857982] kunit_try_run_case+0x1a5/0x480 [ 12.858013] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.858038] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.858066] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.858092] ? __kthread_parkme+0x82/0x180 [ 12.858117] ? preempt_count_sub+0x50/0x80 [ 12.858144] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.858172] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.858197] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.858223] kthread+0x337/0x6f0 [ 12.858246] ? trace_preempt_on+0x20/0xc0 [ 12.858273] ? __pfx_kthread+0x10/0x10 [ 12.858296] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.858320] ? calculate_sigpending+0x7b/0xa0 [ 12.858349] ? __pfx_kthread+0x10/0x10 [ 12.858373] ret_from_fork+0x116/0x1d0 [ 12.858394] ? __pfx_kthread+0x10/0x10 [ 12.858417] ret_from_fork_asm+0x1a/0x30 [ 12.858461] </TASK> [ 12.858475] [ 12.873124] Allocated by task 159: [ 12.873315] kasan_save_stack+0x45/0x70 [ 12.873503] kasan_save_track+0x18/0x40 [ 12.873675] kasan_save_alloc_info+0x3b/0x50 [ 12.874564] __kasan_kmalloc+0xb7/0xc0 [ 12.875625] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 12.876825] kmalloc_track_caller_oob_right+0x99/0x520 [ 12.877944] kunit_try_run_case+0x1a5/0x480 [ 12.878616] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.879459] kthread+0x337/0x6f0 [ 12.879622] ret_from_fork+0x116/0x1d0 [ 12.879796] ret_from_fork_asm+0x1a/0x30 [ 12.880421] [ 12.880821] The buggy address belongs to the object at ffff8881029df500 [ 12.880821] which belongs to the cache kmalloc-128 of size 128 [ 12.882734] The buggy address is located 0 bytes to the right of [ 12.882734] allocated 120-byte region [ffff8881029df500, ffff8881029df578) [ 12.884595] [ 12.885060] The buggy address belongs to the physical page: [ 12.885287] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029df [ 12.885585] flags: 0x200000000000000(node=0|zone=2) [ 12.886139] page_type: f5(slab) [ 12.886909] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.888004] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.889272] page dumped because: kasan: bad access detected [ 12.889986] [ 12.890349] Memory state around the buggy address: [ 12.891171] ffff8881029df400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.891453] ffff8881029df480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.891737] >ffff8881029df500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.892504] ^ [ 12.893377] ffff8881029df580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.893761] ffff8881029df600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.894611] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 12.820307] ================================================================== [ 12.820992] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 12.821351] Read of size 1 at addr ffff8881029f5000 by task kunit_try_catch/157 [ 12.821694] [ 12.821844] CPU: 1 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.821900] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.821914] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.821940] Call Trace: [ 12.821954] <TASK> [ 12.821974] dump_stack_lvl+0x73/0xb0 [ 12.822023] print_report+0xd1/0x650 [ 12.822049] ? __virt_addr_valid+0x1db/0x2d0 [ 12.822091] ? kmalloc_node_oob_right+0x369/0x3c0 [ 12.822118] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.822143] ? kmalloc_node_oob_right+0x369/0x3c0 [ 12.822171] kasan_report+0x141/0x180 [ 12.822206] ? kmalloc_node_oob_right+0x369/0x3c0 [ 12.822239] __asan_report_load1_noabort+0x18/0x20 [ 12.822279] kmalloc_node_oob_right+0x369/0x3c0 [ 12.822307] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 12.822336] ? __schedule+0x10cc/0x2b60 [ 12.822362] ? __pfx_read_tsc+0x10/0x10 [ 12.822386] ? ktime_get_ts64+0x86/0x230 [ 12.822415] kunit_try_run_case+0x1a5/0x480 [ 12.822449] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.822474] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.822501] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.822527] ? __kthread_parkme+0x82/0x180 [ 12.822551] ? preempt_count_sub+0x50/0x80 [ 12.822589] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.822617] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.822665] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.822691] kthread+0x337/0x6f0 [ 12.822714] ? trace_preempt_on+0x20/0xc0 [ 12.822753] ? __pfx_kthread+0x10/0x10 [ 12.822797] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.822834] ? calculate_sigpending+0x7b/0xa0 [ 12.822863] ? __pfx_kthread+0x10/0x10 [ 12.822888] ret_from_fork+0x116/0x1d0 [ 12.822909] ? __pfx_kthread+0x10/0x10 [ 12.822933] ret_from_fork_asm+0x1a/0x30 [ 12.822969] </TASK> [ 12.822982] [ 12.834156] Allocated by task 157: [ 12.834440] kasan_save_stack+0x45/0x70 [ 12.834746] kasan_save_track+0x18/0x40 [ 12.834977] kasan_save_alloc_info+0x3b/0x50 [ 12.835228] __kasan_kmalloc+0xb7/0xc0 [ 12.835408] __kmalloc_cache_node_noprof+0x188/0x420 [ 12.835601] kmalloc_node_oob_right+0xab/0x3c0 [ 12.836215] kunit_try_run_case+0x1a5/0x480 [ 12.836782] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.837020] kthread+0x337/0x6f0 [ 12.837227] ret_from_fork+0x116/0x1d0 [ 12.837457] ret_from_fork_asm+0x1a/0x30 [ 12.838256] [ 12.838548] The buggy address belongs to the object at ffff8881029f4000 [ 12.838548] which belongs to the cache kmalloc-4k of size 4096 [ 12.839608] The buggy address is located 0 bytes to the right of [ 12.839608] allocated 4096-byte region [ffff8881029f4000, ffff8881029f5000) [ 12.840851] [ 12.841128] The buggy address belongs to the physical page: [ 12.841499] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f0 [ 12.842269] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.842679] flags: 0x200000000000040(head|node=0|zone=2) [ 12.843120] page_type: f5(slab) [ 12.843351] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 12.844243] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 12.844776] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 12.845377] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 12.845929] head: 0200000000000003 ffffea00040a7c01 00000000ffffffff 00000000ffffffff [ 12.846419] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 12.847122] page dumped because: kasan: bad access detected [ 12.847631] [ 12.847750] Memory state around the buggy address: [ 12.848026] ffff8881029f4f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.848475] ffff8881029f4f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.848941] >ffff8881029f5000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.849590] ^ [ 12.850067] ffff8881029f5080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.850447] ffff8881029f5100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.851024] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 12.773350] ================================================================== [ 12.774630] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 12.775373] Read of size 1 at addr ffff8881018867ff by task kunit_try_catch/155 [ 12.776219] [ 12.776526] CPU: 1 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.776585] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.776600] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.776625] Call Trace: [ 12.776642] <TASK> [ 12.776678] dump_stack_lvl+0x73/0xb0 [ 12.776715] print_report+0xd1/0x650 [ 12.776741] ? __virt_addr_valid+0x1db/0x2d0 [ 12.776778] ? kmalloc_oob_left+0x361/0x3c0 [ 12.776803] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.776830] ? kmalloc_oob_left+0x361/0x3c0 [ 12.776855] kasan_report+0x141/0x180 [ 12.776923] ? kmalloc_oob_left+0x361/0x3c0 [ 12.776956] __asan_report_load1_noabort+0x18/0x20 [ 12.776998] kmalloc_oob_left+0x361/0x3c0 [ 12.777023] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 12.777049] ? __schedule+0x10cc/0x2b60 [ 12.777075] ? __pfx_read_tsc+0x10/0x10 [ 12.777101] ? ktime_get_ts64+0x86/0x230 [ 12.777131] kunit_try_run_case+0x1a5/0x480 [ 12.777160] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.777189] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.777219] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.777247] ? __kthread_parkme+0x82/0x180 [ 12.777272] ? preempt_count_sub+0x50/0x80 [ 12.777300] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.777328] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.777355] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.777382] kthread+0x337/0x6f0 [ 12.777405] ? trace_preempt_on+0x20/0xc0 [ 12.777434] ? __pfx_kthread+0x10/0x10 [ 12.777458] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.777483] ? calculate_sigpending+0x7b/0xa0 [ 12.777511] ? __pfx_kthread+0x10/0x10 [ 12.777536] ret_from_fork+0x116/0x1d0 [ 12.777558] ? __pfx_kthread+0x10/0x10 [ 12.777581] ret_from_fork_asm+0x1a/0x30 [ 12.777619] </TASK> [ 12.777633] [ 12.788830] Allocated by task 35: [ 12.789058] kasan_save_stack+0x45/0x70 [ 12.789302] kasan_save_track+0x18/0x40 [ 12.789500] kasan_save_alloc_info+0x3b/0x50 [ 12.790183] __kasan_kmalloc+0xb7/0xc0 [ 12.790599] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 12.791088] kvasprintf+0xc5/0x150 [ 12.791315] kasprintf+0xb6/0xf0 [ 12.791592] bsg_devnode+0x46/0x80 [ 12.791888] device_get_devnode+0x145/0x2a0 [ 12.792243] dev_uevent+0x41c/0x730 [ 12.792404] kobject_uevent_env+0x50d/0xff0 [ 12.792634] kobject_uevent+0xf/0x20 [ 12.793102] device_add+0xe4c/0x1820 [ 12.793748] cdev_device_add+0xab/0x1c0 [ 12.794278] bsg_register_queue+0x25e/0x3d0 [ 12.794543] scsi_bsg_register_queue+0x71/0xd0 [ 12.794891] scsi_sysfs_add_sdev+0x228/0x460 [ 12.795095] scsi_add_lun+0x125a/0x2080 [ 12.795328] scsi_probe_and_add_lun+0x2c8/0x700 [ 12.795597] __scsi_add_device+0x1d9/0x210 [ 12.795976] ata_scsi_scan_host+0x13d/0x3d0 [ 12.796164] async_port_probe+0xb0/0xe0 [ 12.796360] async_run_entry_fn+0x9c/0x430 [ 12.796603] process_one_work+0x5ee/0xf60 [ 12.797215] worker_thread+0x758/0x1220 [ 12.797453] kthread+0x337/0x6f0 [ 12.797603] ret_from_fork+0x116/0x1d0 [ 12.798000] ret_from_fork_asm+0x1a/0x30 [ 12.798375] [ 12.798530] Freed by task 35: [ 12.798736] kasan_save_stack+0x45/0x70 [ 12.799045] kasan_save_track+0x18/0x40 [ 12.799682] kasan_save_free_info+0x3f/0x60 [ 12.800153] __kasan_slab_free+0x56/0x70 [ 12.800476] kfree+0x222/0x3f0 [ 12.800696] dev_uevent+0x466/0x730 [ 12.801126] kobject_uevent_env+0x50d/0xff0 [ 12.801400] kobject_uevent+0xf/0x20 [ 12.801567] device_add+0xe4c/0x1820 [ 12.801798] cdev_device_add+0xab/0x1c0 [ 12.802263] bsg_register_queue+0x25e/0x3d0 [ 12.802501] scsi_bsg_register_queue+0x71/0xd0 [ 12.802785] scsi_sysfs_add_sdev+0x228/0x460 [ 12.803475] scsi_add_lun+0x125a/0x2080 [ 12.803682] scsi_probe_and_add_lun+0x2c8/0x700 [ 12.804297] __scsi_add_device+0x1d9/0x210 [ 12.804527] ata_scsi_scan_host+0x13d/0x3d0 [ 12.804863] async_port_probe+0xb0/0xe0 [ 12.805155] async_run_entry_fn+0x9c/0x430 [ 12.805497] process_one_work+0x5ee/0xf60 [ 12.805737] worker_thread+0x758/0x1220 [ 12.806063] kthread+0x337/0x6f0 [ 12.806394] ret_from_fork+0x116/0x1d0 [ 12.806761] ret_from_fork_asm+0x1a/0x30 [ 12.807105] [ 12.807277] The buggy address belongs to the object at ffff8881018867e0 [ 12.807277] which belongs to the cache kmalloc-16 of size 16 [ 12.808346] The buggy address is located 15 bytes to the right of [ 12.808346] allocated 16-byte region [ffff8881018867e0, ffff8881018867f0) [ 12.809322] [ 12.809516] The buggy address belongs to the physical page: [ 12.809908] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101886 [ 12.810877] flags: 0x200000000000000(node=0|zone=2) [ 12.811168] page_type: f5(slab) [ 12.811357] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.811996] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.812380] page dumped because: kasan: bad access detected [ 12.812681] [ 12.813143] Memory state around the buggy address: [ 12.813428] ffff888101886680: 00 00 fc fc 00 04 fc fc 00 04 fc fc 00 00 fc fc [ 12.813906] ffff888101886700: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.814269] >ffff888101886780: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.814615] ^ [ 12.815316] ffff888101886800: 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.815978] ffff888101886880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.816565] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 12.718451] ================================================================== [ 12.718978] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 12.719371] Write of size 1 at addr ffff888103324f78 by task kunit_try_catch/153 [ 12.720248] [ 12.720370] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.720425] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.720439] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.720466] Call Trace: [ 12.720489] <TASK> [ 12.720512] dump_stack_lvl+0x73/0xb0 [ 12.720546] print_report+0xd1/0x650 [ 12.720572] ? __virt_addr_valid+0x1db/0x2d0 [ 12.720599] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.720624] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.720666] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.720691] kasan_report+0x141/0x180 [ 12.720717] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.720747] __asan_report_store1_noabort+0x1b/0x30 [ 12.720770] kmalloc_oob_right+0x6bd/0x7f0 [ 12.720807] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.720836] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.720866] kunit_try_run_case+0x1a5/0x480 [ 12.720937] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.720963] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.721006] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.721032] ? __kthread_parkme+0x82/0x180 [ 12.721055] ? preempt_count_sub+0x50/0x80 [ 12.721084] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.721111] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.721137] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.721163] kthread+0x337/0x6f0 [ 12.721186] ? trace_preempt_on+0x20/0xc0 [ 12.721213] ? __pfx_kthread+0x10/0x10 [ 12.721236] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.721260] ? calculate_sigpending+0x7b/0xa0 [ 12.721288] ? __pfx_kthread+0x10/0x10 [ 12.721312] ret_from_fork+0x116/0x1d0 [ 12.721334] ? __pfx_kthread+0x10/0x10 [ 12.721358] ret_from_fork_asm+0x1a/0x30 [ 12.721394] </TASK> [ 12.721407] [ 12.731947] Allocated by task 153: [ 12.732502] kasan_save_stack+0x45/0x70 [ 12.732752] kasan_save_track+0x18/0x40 [ 12.733107] kasan_save_alloc_info+0x3b/0x50 [ 12.733333] __kasan_kmalloc+0xb7/0xc0 [ 12.733532] __kmalloc_cache_noprof+0x189/0x420 [ 12.733777] kmalloc_oob_right+0xa9/0x7f0 [ 12.733969] kunit_try_run_case+0x1a5/0x480 [ 12.734212] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.734464] kthread+0x337/0x6f0 [ 12.734636] ret_from_fork+0x116/0x1d0 [ 12.735356] ret_from_fork_asm+0x1a/0x30 [ 12.735537] [ 12.735820] The buggy address belongs to the object at ffff888103324f00 [ 12.735820] which belongs to the cache kmalloc-128 of size 128 [ 12.736522] The buggy address is located 5 bytes to the right of [ 12.736522] allocated 115-byte region [ffff888103324f00, ffff888103324f73) [ 12.737609] [ 12.737756] The buggy address belongs to the physical page: [ 12.738200] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103324 [ 12.738941] flags: 0x200000000000000(node=0|zone=2) [ 12.739294] page_type: f5(slab) [ 12.739464] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.740058] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.740667] page dumped because: kasan: bad access detected [ 12.741016] [ 12.741269] Memory state around the buggy address: [ 12.741483] ffff888103324e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.742108] ffff888103324e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.742448] >ffff888103324f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.742849] ^ [ 12.743333] ffff888103324f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.744010] ffff888103325000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.744456] ================================================================== [ 12.680202] ================================================================== [ 12.681120] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 12.682006] Write of size 1 at addr ffff888103324f73 by task kunit_try_catch/153 [ 12.682756] [ 12.684277] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.684705] Tainted: [N]=TEST [ 12.684745] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.685049] Call Trace: [ 12.685129] <TASK> [ 12.685297] dump_stack_lvl+0x73/0xb0 [ 12.685403] print_report+0xd1/0x650 [ 12.685436] ? __virt_addr_valid+0x1db/0x2d0 [ 12.685466] ? kmalloc_oob_right+0x6f0/0x7f0 [ 12.685491] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.685517] ? kmalloc_oob_right+0x6f0/0x7f0 [ 12.685542] kasan_report+0x141/0x180 [ 12.685567] ? kmalloc_oob_right+0x6f0/0x7f0 [ 12.685598] __asan_report_store1_noabort+0x1b/0x30 [ 12.685622] kmalloc_oob_right+0x6f0/0x7f0 [ 12.685662] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.685691] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.685721] kunit_try_run_case+0x1a5/0x480 [ 12.685752] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.685821] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.685850] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.685876] ? __kthread_parkme+0x82/0x180 [ 12.685901] ? preempt_count_sub+0x50/0x80 [ 12.685931] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.685958] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.685984] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.686009] kthread+0x337/0x6f0 [ 12.686032] ? trace_preempt_on+0x20/0xc0 [ 12.686060] ? __pfx_kthread+0x10/0x10 [ 12.686084] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.686108] ? calculate_sigpending+0x7b/0xa0 [ 12.686138] ? __pfx_kthread+0x10/0x10 [ 12.686163] ret_from_fork+0x116/0x1d0 [ 12.686187] ? __pfx_kthread+0x10/0x10 [ 12.686211] ret_from_fork_asm+0x1a/0x30 [ 12.686278] </TASK> [ 12.686360] [ 12.698754] Allocated by task 153: [ 12.699290] kasan_save_stack+0x45/0x70 [ 12.699610] kasan_save_track+0x18/0x40 [ 12.700016] kasan_save_alloc_info+0x3b/0x50 [ 12.700221] __kasan_kmalloc+0xb7/0xc0 [ 12.700476] __kmalloc_cache_noprof+0x189/0x420 [ 12.700756] kmalloc_oob_right+0xa9/0x7f0 [ 12.701021] kunit_try_run_case+0x1a5/0x480 [ 12.701315] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.702071] kthread+0x337/0x6f0 [ 12.702288] ret_from_fork+0x116/0x1d0 [ 12.702511] ret_from_fork_asm+0x1a/0x30 [ 12.703308] [ 12.703732] The buggy address belongs to the object at ffff888103324f00 [ 12.703732] which belongs to the cache kmalloc-128 of size 128 [ 12.704646] The buggy address is located 0 bytes to the right of [ 12.704646] allocated 115-byte region [ffff888103324f00, ffff888103324f73) [ 12.706070] [ 12.706293] The buggy address belongs to the physical page: [ 12.706886] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103324 [ 12.707886] flags: 0x200000000000000(node=0|zone=2) [ 12.709022] page_type: f5(slab) [ 12.709941] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.710546] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.710957] page dumped because: kasan: bad access detected [ 12.711566] [ 12.711783] Memory state around the buggy address: [ 12.712639] ffff888103324e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.713540] ffff888103324e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.714223] >ffff888103324f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.714985] ^ [ 12.715717] ffff888103324f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.716044] ffff888103325000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.716893] ================================================================== [ 12.745360] ================================================================== [ 12.746202] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 12.746572] Read of size 1 at addr ffff888103324f80 by task kunit_try_catch/153 [ 12.747113] [ 12.747275] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.747533] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.747547] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.747573] Call Trace: [ 12.747588] <TASK> [ 12.747609] dump_stack_lvl+0x73/0xb0 [ 12.747643] print_report+0xd1/0x650 [ 12.747687] ? __virt_addr_valid+0x1db/0x2d0 [ 12.747713] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.747738] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.747763] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.747788] kasan_report+0x141/0x180 [ 12.747814] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.747845] __asan_report_load1_noabort+0x18/0x20 [ 12.747953] kmalloc_oob_right+0x68a/0x7f0 [ 12.747983] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.748011] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.748041] kunit_try_run_case+0x1a5/0x480 [ 12.748070] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.748095] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.748123] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.748150] ? __kthread_parkme+0x82/0x180 [ 12.748173] ? preempt_count_sub+0x50/0x80 [ 12.748200] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.748227] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.748253] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.748279] kthread+0x337/0x6f0 [ 12.748302] ? trace_preempt_on+0x20/0xc0 [ 12.748342] ? __pfx_kthread+0x10/0x10 [ 12.748366] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.748390] ? calculate_sigpending+0x7b/0xa0 [ 12.748417] ? __pfx_kthread+0x10/0x10 [ 12.748443] ret_from_fork+0x116/0x1d0 [ 12.748465] ? __pfx_kthread+0x10/0x10 [ 12.748489] ret_from_fork_asm+0x1a/0x30 [ 12.748525] </TASK> [ 12.748541] [ 12.758551] Allocated by task 153: [ 12.758771] kasan_save_stack+0x45/0x70 [ 12.758980] kasan_save_track+0x18/0x40 [ 12.759881] kasan_save_alloc_info+0x3b/0x50 [ 12.760149] __kasan_kmalloc+0xb7/0xc0 [ 12.760316] __kmalloc_cache_noprof+0x189/0x420 [ 12.760507] kmalloc_oob_right+0xa9/0x7f0 [ 12.760688] kunit_try_run_case+0x1a5/0x480 [ 12.761677] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.762399] kthread+0x337/0x6f0 [ 12.762600] ret_from_fork+0x116/0x1d0 [ 12.762786] ret_from_fork_asm+0x1a/0x30 [ 12.763020] [ 12.763108] The buggy address belongs to the object at ffff888103324f00 [ 12.763108] which belongs to the cache kmalloc-128 of size 128 [ 12.763724] The buggy address is located 13 bytes to the right of [ 12.763724] allocated 115-byte region [ffff888103324f00, ffff888103324f73) [ 12.764403] [ 12.764491] The buggy address belongs to the physical page: [ 12.764961] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103324 [ 12.765297] flags: 0x200000000000000(node=0|zone=2) [ 12.765554] page_type: f5(slab) [ 12.765778] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.766185] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.766561] page dumped because: kasan: bad access detected [ 12.766961] [ 12.767051] Memory state around the buggy address: [ 12.767325] ffff888103324e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.767691] ffff888103324f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.768106] >ffff888103324f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.768515] ^ [ 12.769007] ffff888103325000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.769350] ffff888103325080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.769703] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 164.516251] WARNING: CPU: 0 PID: 2766 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 164.516972] Modules linked in: [ 164.517466] CPU: 0 UID: 0 PID: 2766 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 164.518842] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 164.519625] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 164.520653] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 164.521441] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 164.522632] RSP: 0000:ffff88810191fc78 EFLAGS: 00010286 [ 164.523146] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 164.523470] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff97e32ef4 [ 164.523881] RBP: ffff88810191fca0 R08: 0000000000000000 R09: ffffed1020c23c20 [ 164.524402] R10: ffff88810611e107 R11: 0000000000000000 R12: ffffffff97e32ee0 [ 164.524761] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810191fd38 [ 164.525262] FS: 0000000000000000(0000) GS:ffff8881c1274000(0000) knlGS:0000000000000000 [ 164.525686] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 164.526158] CR2: 00007ffff7ffe000 CR3: 0000000056cbc000 CR4: 00000000000006f0 [ 164.526503] DR0: ffffffff99e50440 DR1: ffffffff99e50441 DR2: ffffffff99e50443 [ 164.526992] DR3: ffffffff99e50445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 164.527318] Call Trace: [ 164.527478] <TASK> [ 164.527645] drm_test_rect_calc_vscale+0x108/0x270 [ 164.527989] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 164.528272] ? __schedule+0x10cc/0x2b60 [ 164.528492] ? __pfx_read_tsc+0x10/0x10 [ 164.528756] ? ktime_get_ts64+0x86/0x230 [ 164.528964] kunit_try_run_case+0x1a5/0x480 [ 164.529228] ? __pfx_kunit_try_run_case+0x10/0x10 [ 164.529602] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 164.530053] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 164.530314] ? __kthread_parkme+0x82/0x180 [ 164.530523] ? preempt_count_sub+0x50/0x80 [ 164.530748] ? __pfx_kunit_try_run_case+0x10/0x10 [ 164.531019] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 164.531556] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 164.532049] kthread+0x337/0x6f0 [ 164.532211] ? trace_preempt_on+0x20/0xc0 [ 164.532453] ? __pfx_kthread+0x10/0x10 [ 164.532682] ? _raw_spin_unlock_irq+0x47/0x80 [ 164.532864] ? calculate_sigpending+0x7b/0xa0 [ 164.533206] ? __pfx_kthread+0x10/0x10 [ 164.533486] ret_from_fork+0x116/0x1d0 [ 164.533664] ? __pfx_kthread+0x10/0x10 [ 164.534255] ret_from_fork_asm+0x1a/0x30 [ 164.534535] </TASK> [ 164.534670] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 164.487118] WARNING: CPU: 1 PID: 2764 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 164.487466] Modules linked in: [ 164.488715] CPU: 1 UID: 0 PID: 2764 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 164.490455] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 164.491359] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 164.491701] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 164.491918] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 164.492501] RSP: 0000:ffff888107e47c78 EFLAGS: 00010286 [ 164.493123] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 164.494194] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff97e32ebc [ 164.495249] RBP: ffff888107e47ca0 R08: 0000000000000000 R09: ffffed1020c247e0 [ 164.496105] R10: ffff888106123f07 R11: 0000000000000000 R12: ffffffff97e32ea8 [ 164.496896] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888107e47d38 [ 164.497756] FS: 0000000000000000(0000) GS:ffff8881c1374000(0000) knlGS:0000000000000000 [ 164.498990] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 164.499298] CR2: 00007ffff7ffe000 CR3: 0000000056cbc000 CR4: 00000000000006f0 [ 164.499567] DR0: ffffffff99e50444 DR1: ffffffff99e50449 DR2: ffffffff99e5044a [ 164.500384] DR3: ffffffff99e5044b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 164.501252] Call Trace: [ 164.501595] <TASK> [ 164.501887] drm_test_rect_calc_vscale+0x108/0x270 [ 164.502536] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 164.503371] ? __schedule+0x10cc/0x2b60 [ 164.503578] ? __pfx_read_tsc+0x10/0x10 [ 164.503999] ? ktime_get_ts64+0x86/0x230 [ 164.504457] kunit_try_run_case+0x1a5/0x480 [ 164.505032] ? __pfx_kunit_try_run_case+0x10/0x10 [ 164.505568] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 164.506075] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 164.506469] ? __kthread_parkme+0x82/0x180 [ 164.506659] ? preempt_count_sub+0x50/0x80 [ 164.507045] ? __pfx_kunit_try_run_case+0x10/0x10 [ 164.507612] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 164.508316] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 164.509080] kthread+0x337/0x6f0 [ 164.509562] ? trace_preempt_on+0x20/0xc0 [ 164.510021] ? __pfx_kthread+0x10/0x10 [ 164.510195] ? _raw_spin_unlock_irq+0x47/0x80 [ 164.510386] ? calculate_sigpending+0x7b/0xa0 [ 164.510593] ? __pfx_kthread+0x10/0x10 [ 164.510890] ret_from_fork+0x116/0x1d0 [ 164.511269] ? __pfx_kthread+0x10/0x10 [ 164.511790] ret_from_fork_asm+0x1a/0x30 [ 164.512346] </TASK> [ 164.512679] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 164.427346] WARNING: CPU: 0 PID: 2752 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 164.428903] Modules linked in: [ 164.429154] CPU: 0 UID: 0 PID: 2752 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 164.429698] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 164.430164] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 164.430622] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 164.431136] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 5b cf 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 164.432028] RSP: 0000:ffff8881038a7c78 EFLAGS: 00010286 [ 164.432484] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 164.432897] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff97e32ec0 [ 164.433311] RBP: ffff8881038a7ca0 R08: 0000000000000000 R09: ffffed1020c24700 [ 164.433769] R10: ffff888106123807 R11: 0000000000000000 R12: ffffffff97e32ea8 [ 164.434213] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881038a7d38 [ 164.434739] FS: 0000000000000000(0000) GS:ffff8881c1274000(0000) knlGS:0000000000000000 [ 164.435222] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 164.435591] CR2: 00007ffff7ffe000 CR3: 0000000056cbc000 CR4: 00000000000006f0 [ 164.435941] DR0: ffffffff99e50440 DR1: ffffffff99e50441 DR2: ffffffff99e50443 [ 164.436502] DR3: ffffffff99e50445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 164.437057] Call Trace: [ 164.437200] <TASK> [ 164.437347] drm_test_rect_calc_hscale+0x108/0x270 [ 164.437668] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 164.438054] ? __schedule+0x10cc/0x2b60 [ 164.438275] ? __pfx_read_tsc+0x10/0x10 [ 164.438487] ? ktime_get_ts64+0x86/0x230 [ 164.438768] kunit_try_run_case+0x1a5/0x480 [ 164.439091] ? __pfx_kunit_try_run_case+0x10/0x10 [ 164.439364] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 164.439651] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 164.439862] ? __kthread_parkme+0x82/0x180 [ 164.440249] ? preempt_count_sub+0x50/0x80 [ 164.440793] ? __pfx_kunit_try_run_case+0x10/0x10 [ 164.441145] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 164.441411] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 164.441732] kthread+0x337/0x6f0 [ 164.442016] ? trace_preempt_on+0x20/0xc0 [ 164.442336] ? __pfx_kthread+0x10/0x10 [ 164.442587] ? _raw_spin_unlock_irq+0x47/0x80 [ 164.442869] ? calculate_sigpending+0x7b/0xa0 [ 164.443418] ? __pfx_kthread+0x10/0x10 [ 164.444228] ret_from_fork+0x116/0x1d0 [ 164.444447] ? __pfx_kthread+0x10/0x10 [ 164.445152] ret_from_fork_asm+0x1a/0x30 [ 164.445418] </TASK> [ 164.445594] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 164.449433] WARNING: CPU: 1 PID: 2754 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 164.450077] Modules linked in: [ 164.450330] CPU: 1 UID: 0 PID: 2754 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 164.450951] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 164.451303] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 164.451714] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 164.452159] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 5b cf 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 164.453402] RSP: 0000:ffff888107e47c78 EFLAGS: 00010286 [ 164.453723] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 164.454144] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff97e32ef8 [ 164.454475] RBP: ffff888107e47ca0 R08: 0000000000000000 R09: ffffed1020c24720 [ 164.454848] R10: ffff888106123907 R11: 0000000000000000 R12: ffffffff97e32ee0 [ 164.455331] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888107e47d38 [ 164.455649] FS: 0000000000000000(0000) GS:ffff8881c1374000(0000) knlGS:0000000000000000 [ 164.456233] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 164.456517] CR2: 00007ffff7ffe000 CR3: 0000000056cbc000 CR4: 00000000000006f0 [ 164.457330] DR0: ffffffff99e50444 DR1: ffffffff99e50449 DR2: ffffffff99e5044a [ 164.458084] DR3: ffffffff99e5044b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 164.458423] Call Trace: [ 164.458590] <TASK> [ 164.458795] drm_test_rect_calc_hscale+0x108/0x270 [ 164.459571] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 164.460331] ? __schedule+0x10cc/0x2b60 [ 164.460661] ? __pfx_read_tsc+0x10/0x10 [ 164.461299] ? ktime_get_ts64+0x86/0x230 [ 164.461556] kunit_try_run_case+0x1a5/0x480 [ 164.462242] ? __pfx_kunit_try_run_case+0x10/0x10 [ 164.462673] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 164.463258] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 164.463537] ? __kthread_parkme+0x82/0x180 [ 164.463738] ? preempt_count_sub+0x50/0x80 [ 164.464080] ? __pfx_kunit_try_run_case+0x10/0x10 [ 164.464315] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 164.464626] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 164.465037] kthread+0x337/0x6f0 [ 164.465232] ? trace_preempt_on+0x20/0xc0 [ 164.465442] ? __pfx_kthread+0x10/0x10 [ 164.465682] ? _raw_spin_unlock_irq+0x47/0x80 [ 164.466115] ? calculate_sigpending+0x7b/0xa0 [ 164.466539] ? __pfx_kthread+0x10/0x10 [ 164.466734] ret_from_fork+0x116/0x1d0 [ 164.466963] ? __pfx_kthread+0x10/0x10 [ 164.467281] ret_from_fork_asm+0x1a/0x30 [ 164.467477] </TASK> [ 164.467643] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_gem_shmem_test_get_pages_sgtdrm-kunit-mock-device-drm-drm_warn_onrefcount_readshmem-pages_pin_count
------------[ cut here ]------------ [ 163.709913] drm-kunit-mock-device drm_gem_shmem_test_get_pages_sgt.drm-kunit-mock-device: [drm] drm_WARN_ON(refcount_read(&shmem->pages_pin_count)) [ 163.710031] WARNING: CPU: 1 PID: 2569 at drivers/gpu/drm/drm_gem_shmem_helper.c:180 drm_gem_shmem_free+0x3ed/0x6c0 [ 163.712213] Modules linked in: [ 163.712428] CPU: 1 UID: 0 PID: 2569 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 163.713535] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 163.714359] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 163.715014] RIP: 0010:drm_gem_shmem_free+0x3ed/0x6c0 [ 163.715234] Code: 85 f6 0f 84 ba 01 00 00 4c 89 e7 e8 6d 1d 80 00 48 c7 c1 a0 7d de 97 4c 89 f2 48 c7 c7 60 7a de 97 48 89 c6 e8 a4 d2 77 fe 90 <0f> 0b 90 90 e9 09 ff ff ff 90 48 b8 00 00 00 00 00 fc ff df 48 8d [ 163.716243] RSP: 0000:ffff888107c07d18 EFLAGS: 00010286 [ 163.716569] RAX: 0000000000000000 RBX: ffff88810876d800 RCX: 1ffffffff3164c80 [ 163.716901] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 163.717502] RBP: ffff888107c07d48 R08: 0000000000000000 R09: fffffbfff3164c80 [ 163.717929] R10: 0000000000000003 R11: 00000000000393d8 R12: ffff8881078a6800 [ 163.718281] R13: ffff88810876d8f8 R14: ffff88810907c000 R15: ffff88810039fb40 [ 163.718681] FS: 0000000000000000(0000) GS:ffff8881c1374000(0000) knlGS:0000000000000000 [ 163.719000] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 163.719336] CR2: 00007ffff7ffe000 CR3: 0000000056cbc000 CR4: 00000000000006f0 [ 163.719888] DR0: ffffffff99e50444 DR1: ffffffff99e50449 DR2: ffffffff99e5044a [ 163.720258] DR3: ffffffff99e5044b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 163.720597] Call Trace: [ 163.720826] <TASK> [ 163.721004] ? trace_preempt_on+0x20/0xc0 [ 163.721304] ? __pfx_drm_gem_shmem_free_wrapper+0x10/0x10 [ 163.721568] drm_gem_shmem_free_wrapper+0x12/0x20 [ 163.721886] __kunit_action_free+0x57/0x70 [ 163.722172] kunit_remove_resource+0x133/0x200 [ 163.722521] ? preempt_count_sub+0x50/0x80 [ 163.722887] kunit_cleanup+0x7a/0x120 [ 163.723139] kunit_try_run_case_cleanup+0xbd/0xf0 [ 163.723402] ? __pfx_kunit_try_run_case_cleanup+0x10/0x10 [ 163.723699] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 163.724047] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 163.724529] kthread+0x337/0x6f0 [ 163.724709] ? trace_preempt_on+0x20/0xc0 [ 163.725014] ? __pfx_kthread+0x10/0x10 [ 163.725386] ? _raw_spin_unlock_irq+0x47/0x80 [ 163.725659] ? calculate_sigpending+0x7b/0xa0 [ 163.726212] ? __pfx_kthread+0x10/0x10 [ 163.726419] ret_from_fork+0x116/0x1d0 [ 163.726693] ? __pfx_kthread+0x10/0x10 [ 163.726979] ret_from_fork_asm+0x1a/0x30 [ 163.727263] </TASK> [ 163.727406] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 163.554389] WARNING: CPU: 1 PID: 2550 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 163.554978] Modules linked in: [ 163.555805] CPU: 1 UID: 0 PID: 2550 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 163.556445] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 163.556669] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 163.557164] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 163.557438] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 163.558579] RSP: 0000:ffff888107c5fb30 EFLAGS: 00010246 [ 163.558907] RAX: dffffc0000000000 RBX: ffff888107c5fc28 RCX: 0000000000000000 [ 163.559233] RDX: 1ffff11020f8bf8e RSI: ffff888107c5fc28 RDI: ffff888107c5fc70 [ 163.559677] RBP: ffff888107c5fb70 R08: ffff8881078b7000 R09: ffffffff97dd80e0 [ 163.559951] R10: 0000000000000003 R11: 00000000e1288dcd R12: ffff8881078b7000 [ 163.560376] R13: ffff88810039fae8 R14: ffff888107c5fba8 R15: 0000000000000000 [ 163.560716] FS: 0000000000000000(0000) GS:ffff8881c1374000(0000) knlGS:0000000000000000 [ 163.561228] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 163.561537] CR2: 00007ffff7ffe000 CR3: 0000000056cbc000 CR4: 00000000000006f0 [ 163.561878] DR0: ffffffff99e50444 DR1: ffffffff99e50449 DR2: ffffffff99e5044a [ 163.562243] DR3: ffffffff99e5044b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 163.563006] Call Trace: [ 163.563167] <TASK> [ 163.563308] ? add_dr+0xc1/0x1d0 [ 163.563521] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 163.563765] ? add_dr+0x148/0x1d0 [ 163.563978] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 163.564449] ? __drmm_add_action+0x1a4/0x280 [ 163.564880] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 163.565431] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 163.565786] ? __drmm_add_action_or_reset+0x22/0x50 [ 163.566008] ? __schedule+0x10cc/0x2b60 [ 163.566352] ? __pfx_read_tsc+0x10/0x10 [ 163.566623] ? ktime_get_ts64+0x86/0x230 [ 163.566830] kunit_try_run_case+0x1a5/0x480 [ 163.567166] ? __pfx_kunit_try_run_case+0x10/0x10 [ 163.567477] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 163.567694] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 163.568042] ? __kthread_parkme+0x82/0x180 [ 163.568324] ? preempt_count_sub+0x50/0x80 [ 163.568617] ? __pfx_kunit_try_run_case+0x10/0x10 [ 163.568883] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 163.569478] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 163.570000] kthread+0x337/0x6f0 [ 163.570211] ? trace_preempt_on+0x20/0xc0 [ 163.570433] ? __pfx_kthread+0x10/0x10 [ 163.570642] ? _raw_spin_unlock_irq+0x47/0x80 [ 163.570919] ? calculate_sigpending+0x7b/0xa0 [ 163.571195] ? __pfx_kthread+0x10/0x10 [ 163.571420] ret_from_fork+0x116/0x1d0 [ 163.571749] ? __pfx_kthread+0x10/0x10 [ 163.571953] ret_from_fork_asm+0x1a/0x30 [ 163.572399] </TASK> [ 163.572517] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 163.511906] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 163.512065] WARNING: CPU: 1 PID: 2546 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 163.515583] Modules linked in: [ 163.516397] CPU: 1 UID: 0 PID: 2546 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 163.516959] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 163.517769] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 163.518307] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 163.518537] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 3b 3a 87 00 48 c7 c1 c0 2f dd 97 4c 89 fa 48 c7 c7 20 30 dd 97 48 89 c6 e8 72 ef 7e fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 163.520267] RSP: 0000:ffff888107a0fb68 EFLAGS: 00010282 [ 163.520589] RAX: 0000000000000000 RBX: ffff888107a0fc40 RCX: 1ffffffff3164c80 [ 163.521019] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 163.521441] RBP: ffff888107a0fb90 R08: 0000000000000000 R09: fffffbfff3164c80 [ 163.521824] R10: 0000000000000003 R11: 0000000000037a00 R12: ffff888107a0fc18 [ 163.522312] R13: ffff8881078a0800 R14: ffff8881078b5000 R15: ffff8881095c2500 [ 163.523185] FS: 0000000000000000(0000) GS:ffff8881c1374000(0000) knlGS:0000000000000000 [ 163.523624] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 163.524167] CR2: 00007ffff7ffe000 CR3: 0000000056cbc000 CR4: 00000000000006f0 [ 163.524619] DR0: ffffffff99e50444 DR1: ffffffff99e50449 DR2: ffffffff99e5044a [ 163.525216] DR3: ffffffff99e5044b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 163.525559] Call Trace: [ 163.526019] <TASK> [ 163.526211] drm_test_framebuffer_free+0x1ab/0x610 [ 163.526500] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 163.527044] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 163.527426] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 163.527743] ? __drmm_add_action_or_reset+0x22/0x50 [ 163.528316] ? __schedule+0x10cc/0x2b60 [ 163.528672] ? __pfx_read_tsc+0x10/0x10 [ 163.529053] ? ktime_get_ts64+0x86/0x230 [ 163.529283] kunit_try_run_case+0x1a5/0x480 [ 163.529512] ? __pfx_kunit_try_run_case+0x10/0x10 [ 163.529798] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 163.530383] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 163.530792] ? __kthread_parkme+0x82/0x180 [ 163.531340] ? preempt_count_sub+0x50/0x80 [ 163.531600] ? __pfx_kunit_try_run_case+0x10/0x10 [ 163.532005] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 163.532465] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 163.533067] kthread+0x337/0x6f0 [ 163.533266] ? trace_preempt_on+0x20/0xc0 [ 163.533473] ? __pfx_kthread+0x10/0x10 [ 163.533720] ? _raw_spin_unlock_irq+0x47/0x80 [ 163.534340] ? calculate_sigpending+0x7b/0xa0 [ 163.534764] ? __pfx_kthread+0x10/0x10 [ 163.535209] ret_from_fork+0x116/0x1d0 [ 163.535511] ? __pfx_kthread+0x10/0x10 [ 163.535781] ret_from_fork_asm+0x1a/0x30 [ 163.536278] </TASK> [ 163.536440] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 161.981600] WARNING: CPU: 0 PID: 1976 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 161.983379] Modules linked in: [ 161.983961] CPU: 0 UID: 0 PID: 1976 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 161.984914] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 161.985679] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 161.986524] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 161.986860] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 02 18 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 161.989075] RSP: 0000:ffff88810a14fc90 EFLAGS: 00010246 [ 161.989393] RAX: dffffc0000000000 RBX: ffff88810a514000 RCX: 0000000000000000 [ 161.989707] RDX: 1ffff110214a2832 RSI: ffffffff95004648 RDI: ffff88810a514190 [ 161.990168] RBP: ffff88810a14fca0 R08: 1ffff11020073f69 R09: ffffed1021429f65 [ 161.990894] R10: 0000000000000003 R11: ffffffff94586fa8 R12: 0000000000000000 [ 161.991324] R13: ffff88810a14fd38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 161.991966] FS: 0000000000000000(0000) GS:ffff8881c1274000(0000) knlGS:0000000000000000 [ 161.992497] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 161.993009] CR2: 00007ffff7ffe000 CR3: 0000000056cbc000 CR4: 00000000000006f0 [ 161.993633] DR0: ffffffff99e50440 DR1: ffffffff99e50441 DR2: ffffffff99e50443 [ 161.994096] DR3: ffffffff99e50445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 161.994477] Call Trace: [ 161.994643] <TASK> [ 161.995098] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 161.995571] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 161.996500] ? __schedule+0x10cc/0x2b60 [ 161.996815] ? __pfx_read_tsc+0x10/0x10 [ 161.997281] ? ktime_get_ts64+0x86/0x230 [ 161.997503] kunit_try_run_case+0x1a5/0x480 [ 161.997753] ? __pfx_kunit_try_run_case+0x10/0x10 [ 161.998355] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 161.998796] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 161.999282] ? __kthread_parkme+0x82/0x180 [ 161.999517] ? preempt_count_sub+0x50/0x80 [ 161.999783] ? __pfx_kunit_try_run_case+0x10/0x10 [ 162.000296] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 162.000587] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 162.001109] kthread+0x337/0x6f0 [ 162.001290] ? trace_preempt_on+0x20/0xc0 [ 162.001510] ? __pfx_kthread+0x10/0x10 [ 162.001774] ? _raw_spin_unlock_irq+0x47/0x80 [ 162.002508] ? calculate_sigpending+0x7b/0xa0 [ 162.002908] ? __pfx_kthread+0x10/0x10 [ 162.003289] ret_from_fork+0x116/0x1d0 [ 162.003643] ? __pfx_kthread+0x10/0x10 [ 162.004145] ret_from_fork_asm+0x1a/0x30 [ 162.004488] </TASK> [ 162.004692] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 162.071133] WARNING: CPU: 0 PID: 1984 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 162.071526] Modules linked in: [ 162.071723] CPU: 0 UID: 0 PID: 1984 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 162.072196] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 162.072459] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 162.072790] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 162.073112] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 02 18 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 162.073730] RSP: 0000:ffff88810a12fc90 EFLAGS: 00010246 [ 162.073941] RAX: dffffc0000000000 RBX: ffff88810a362000 RCX: 0000000000000000 [ 162.074184] RDX: 1ffff1102146c432 RSI: ffffffff95004648 RDI: ffff88810a362190 [ 162.074431] RBP: ffff88810a12fca0 R08: 1ffff11020073f69 R09: ffffed1021425f65 [ 162.074682] R10: 0000000000000003 R11: ffffffff94586fa8 R12: 0000000000000000 [ 162.075582] R13: ffff88810a12fd38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 162.076374] FS: 0000000000000000(0000) GS:ffff8881c1274000(0000) knlGS:0000000000000000 [ 162.077137] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 162.078102] CR2: 00007ffff7ffe000 CR3: 0000000056cbc000 CR4: 00000000000006f0 [ 162.078787] DR0: ffffffff99e50440 DR1: ffffffff99e50441 DR2: ffffffff99e50443 [ 162.079451] DR3: ffffffff99e50445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 162.079919] Call Trace: [ 162.080038] <TASK> [ 162.080156] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 162.080412] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 162.081143] ? __schedule+0x10cc/0x2b60 [ 162.081333] ? __pfx_read_tsc+0x10/0x10 [ 162.081508] ? ktime_get_ts64+0x86/0x230 [ 162.081762] kunit_try_run_case+0x1a5/0x480 [ 162.081974] ? __pfx_kunit_try_run_case+0x10/0x10 [ 162.082161] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 162.082506] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 162.083156] ? __kthread_parkme+0x82/0x180 [ 162.083597] ? preempt_count_sub+0x50/0x80 [ 162.084023] ? __pfx_kunit_try_run_case+0x10/0x10 [ 162.084497] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 162.085033] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 162.085291] kthread+0x337/0x6f0 [ 162.085430] ? trace_preempt_on+0x20/0xc0 [ 162.085607] ? __pfx_kthread+0x10/0x10 [ 162.085760] ? _raw_spin_unlock_irq+0x47/0x80 [ 162.086467] ? calculate_sigpending+0x7b/0xa0 [ 162.087090] ? __pfx_kthread+0x10/0x10 [ 162.087603] ret_from_fork+0x116/0x1d0 [ 162.088226] ? __pfx_kthread+0x10/0x10 [ 162.088721] ret_from_fork_asm+0x1a/0x30 [ 162.089322] </TASK> [ 162.089628] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 126.635872] WARNING: CPU: 0 PID: 674 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 126.637061] Modules linked in: [ 126.637254] CPU: 0 UID: 0 PID: 674 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 126.637654] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 126.638208] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 126.638666] RIP: 0010:intlog10+0x2a/0x40 [ 126.639469] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 126.641233] RSP: 0000:ffff888108227cb0 EFLAGS: 00010246 [ 126.641691] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff11021044fb4 [ 126.642705] RDX: 1ffffffff2f92c94 RSI: 1ffff11021044fb3 RDI: 0000000000000000 [ 126.643633] RBP: ffff888108227d60 R08: 0000000000000000 R09: ffffed1020375dc0 [ 126.644413] R10: ffff888101baee07 R11: 0000000000000000 R12: 1ffff11021044f97 [ 126.645126] R13: ffffffff97c964a0 R14: 0000000000000000 R15: ffff888108227d38 [ 126.645385] FS: 0000000000000000(0000) GS:ffff8881c1274000(0000) knlGS:0000000000000000 [ 126.645680] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.646427] CR2: dffffc0000000000 CR3: 0000000056cbc000 CR4: 00000000000006f0 [ 126.646850] DR0: ffffffff99e50440 DR1: ffffffff99e50441 DR2: ffffffff99e50443 [ 126.647219] DR3: ffffffff99e50445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 126.647729] Call Trace: [ 126.647873] <TASK> [ 126.648141] ? intlog10_test+0xf2/0x220 [ 126.648359] ? __pfx_intlog10_test+0x10/0x10 [ 126.648634] ? __schedule+0x10cc/0x2b60 [ 126.649039] ? __pfx_read_tsc+0x10/0x10 [ 126.649279] ? ktime_get_ts64+0x86/0x230 [ 126.649467] kunit_try_run_case+0x1a5/0x480 [ 126.649673] ? __pfx_kunit_try_run_case+0x10/0x10 [ 126.650010] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 126.650670] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 126.650986] ? __kthread_parkme+0x82/0x180 [ 126.651871] ? preempt_count_sub+0x50/0x80 [ 126.652127] ? __pfx_kunit_try_run_case+0x10/0x10 [ 126.652469] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 126.652794] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 126.653295] kthread+0x337/0x6f0 [ 126.653780] ? trace_preempt_on+0x20/0xc0 [ 126.654213] ? __pfx_kthread+0x10/0x10 [ 126.654502] ? _raw_spin_unlock_irq+0x47/0x80 [ 126.654802] ? calculate_sigpending+0x7b/0xa0 [ 126.655240] ? __pfx_kthread+0x10/0x10 [ 126.655532] ret_from_fork+0x116/0x1d0 [ 126.655754] ? __pfx_kthread+0x10/0x10 [ 126.656072] ret_from_fork_asm+0x1a/0x30 [ 126.656328] </TASK> [ 126.656471] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 126.591098] WARNING: CPU: 1 PID: 656 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 126.591929] Modules linked in: [ 126.592179] CPU: 1 UID: 0 PID: 656 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 126.593748] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 126.594340] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 126.594677] RIP: 0010:intlog2+0xdf/0x110 [ 126.594967] Code: c9 97 c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d c3 cc cc cc cc 90 <0f> 0b 90 31 c0 e9 17 9c 86 02 89 45 e4 e8 0f 10 56 ff 8b 45 e4 eb [ 126.596888] RSP: 0000:ffff88810840fcb0 EFLAGS: 00010246 [ 126.597683] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff11021081fb4 [ 126.598733] RDX: 1ffffffff2f92ce8 RSI: 1ffff11021081fb3 RDI: 0000000000000000 [ 126.599306] RBP: ffff88810840fd60 R08: 0000000000000000 R09: ffffed1020d1f340 [ 126.599562] R10: ffff8881068f9a07 R11: 0000000000000000 R12: 1ffff11021081f97 [ 126.599982] R13: ffffffff97c96740 R14: 0000000000000000 R15: ffff88810840fd38 [ 126.600371] FS: 0000000000000000(0000) GS:ffff8881c1374000(0000) knlGS:0000000000000000 [ 126.600937] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.601221] CR2: ffff88815a92e000 CR3: 0000000056cbc000 CR4: 00000000000006f0 [ 126.601595] DR0: ffffffff99e50444 DR1: ffffffff99e50449 DR2: ffffffff99e5044a [ 126.602017] DR3: ffffffff99e5044b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 126.602601] Call Trace: [ 126.602787] <TASK> [ 126.602929] ? intlog2_test+0xf2/0x220 [ 126.603360] ? __pfx_intlog2_test+0x10/0x10 [ 126.603663] ? __schedule+0x10cc/0x2b60 [ 126.603985] ? __pfx_read_tsc+0x10/0x10 [ 126.604245] ? ktime_get_ts64+0x86/0x230 [ 126.604472] kunit_try_run_case+0x1a5/0x480 [ 126.604725] ? __pfx_kunit_try_run_case+0x10/0x10 [ 126.605140] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 126.605425] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 126.605716] ? __kthread_parkme+0x82/0x180 [ 126.606089] ? preempt_count_sub+0x50/0x80 [ 126.606365] ? __pfx_kunit_try_run_case+0x10/0x10 [ 126.606647] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 126.607084] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 126.607504] kthread+0x337/0x6f0 [ 126.607728] ? trace_preempt_on+0x20/0xc0 [ 126.608176] ? __pfx_kthread+0x10/0x10 [ 126.608435] ? _raw_spin_unlock_irq+0x47/0x80 [ 126.608723] ? calculate_sigpending+0x7b/0xa0 [ 126.609046] ? __pfx_kthread+0x10/0x10 [ 126.609388] ret_from_fork+0x116/0x1d0 [ 126.609637] ? __pfx_kthread+0x10/0x10 [ 126.610033] ret_from_fork_asm+0x1a/0x30 [ 126.610316] </TASK> [ 126.610523] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
KNOWN ISSUE - qemu-x86_64: Oops: general protection fault, probably for non-canonical address - KASAN: null-ptr-deref - kunit_test_null_dereference
[ 125.930287] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI