Date
July 2, 2025, 11:09 p.m.
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 10.750821] ================================================================== [ 10.751856] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 10.752157] Read of size 1 at addr ffff888101c19ebf by task kunit_try_catch/157 [ 10.752681] [ 10.752886] CPU: 0 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 10.752934] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.752945] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.752969] Call Trace: [ 10.752982] <TASK> [ 10.753002] dump_stack_lvl+0x73/0xb0 [ 10.753050] print_report+0xd1/0x650 [ 10.753084] ? __virt_addr_valid+0x1db/0x2d0 [ 10.753108] ? kmalloc_oob_left+0x361/0x3c0 [ 10.753128] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.753148] ? kmalloc_oob_left+0x361/0x3c0 [ 10.753168] kasan_report+0x141/0x180 [ 10.753189] ? kmalloc_oob_left+0x361/0x3c0 [ 10.753213] __asan_report_load1_noabort+0x18/0x20 [ 10.753235] kmalloc_oob_left+0x361/0x3c0 [ 10.753256] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 10.753278] ? __schedule+0x10cc/0x2b60 [ 10.753300] ? __pfx_read_tsc+0x10/0x10 [ 10.753322] ? ktime_get_ts64+0x86/0x230 [ 10.753346] kunit_try_run_case+0x1a5/0x480 [ 10.753371] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.753403] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.753426] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.753447] ? __kthread_parkme+0x82/0x180 [ 10.753467] ? preempt_count_sub+0x50/0x80 [ 10.753491] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.753513] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.753534] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.753573] kthread+0x337/0x6f0 [ 10.753591] ? trace_preempt_on+0x20/0xc0 [ 10.753614] ? __pfx_kthread+0x10/0x10 [ 10.753633] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.753652] ? calculate_sigpending+0x7b/0xa0 [ 10.753675] ? __pfx_kthread+0x10/0x10 [ 10.753695] ret_from_fork+0x116/0x1d0 [ 10.753712] ? __pfx_kthread+0x10/0x10 [ 10.753731] ret_from_fork_asm+0x1a/0x30 [ 10.753776] </TASK> [ 10.753788] [ 10.764455] Allocated by task 1: [ 10.764749] kasan_save_stack+0x45/0x70 [ 10.765147] kasan_save_track+0x18/0x40 [ 10.765339] kasan_save_alloc_info+0x3b/0x50 [ 10.765542] __kasan_kmalloc+0xb7/0xc0 [ 10.765977] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 10.766486] kvasprintf+0xc5/0x150 [ 10.766865] __kthread_create_on_node+0x18b/0x3a0 [ 10.767326] kthread_create_on_node+0xab/0xe0 [ 10.767564] create_worker+0x3e5/0x7b0 [ 10.767713] alloc_unbound_pwq+0x8ea/0xdb0 [ 10.768281] apply_wqattrs_prepare+0x332/0xd20 [ 10.768693] apply_workqueue_attrs_locked+0x4d/0xa0 [ 10.769008] alloc_workqueue+0xcc7/0x1ad0 [ 10.769329] latency_fsnotify_init+0x1b/0x50 [ 10.769543] do_one_initcall+0xd8/0x370 [ 10.770018] kernel_init_freeable+0x420/0x6f0 [ 10.770230] kernel_init+0x23/0x1e0 [ 10.770400] ret_from_fork+0x116/0x1d0 [ 10.770808] ret_from_fork_asm+0x1a/0x30 [ 10.771100] [ 10.771195] The buggy address belongs to the object at ffff888101c19ea0 [ 10.771195] which belongs to the cache kmalloc-16 of size 16 [ 10.772341] The buggy address is located 18 bytes to the right of [ 10.772341] allocated 13-byte region [ffff888101c19ea0, ffff888101c19ead) [ 10.773076] [ 10.773320] The buggy address belongs to the physical page: [ 10.773751] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c19 [ 10.774253] flags: 0x200000000000000(node=0|zone=2) [ 10.774493] page_type: f5(slab) [ 10.774882] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 10.775409] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 10.775967] page dumped because: kasan: bad access detected [ 10.776210] [ 10.776301] Memory state around the buggy address: [ 10.776519] ffff888101c19d80: 00 06 fc fc 00 06 fc fc 00 00 fc fc 00 02 fc fc [ 10.777271] ffff888101c19e00: 00 02 fc fc 00 06 fc fc 00 06 fc fc fa fb fc fc [ 10.777734] >ffff888101c19e80: fa fb fc fc 00 05 fc fc 00 07 fc fc fc fc fc fc [ 10.778211] ^ [ 10.778447] ffff888101c19f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.779123] ffff888101c19f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.779675] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 10.676757] ================================================================== [ 10.677375] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 10.678118] Write of size 1 at addr ffff888102c7bc73 by task kunit_try_catch/155 [ 10.678511] [ 10.679492] CPU: 1 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 10.679862] Tainted: [N]=TEST [ 10.679895] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.680109] Call Trace: [ 10.680177] <TASK> [ 10.680332] dump_stack_lvl+0x73/0xb0 [ 10.680435] print_report+0xd1/0x650 [ 10.680464] ? __virt_addr_valid+0x1db/0x2d0 [ 10.680490] ? kmalloc_oob_right+0x6f0/0x7f0 [ 10.680510] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.680531] ? kmalloc_oob_right+0x6f0/0x7f0 [ 10.680552] kasan_report+0x141/0x180 [ 10.680573] ? kmalloc_oob_right+0x6f0/0x7f0 [ 10.680598] __asan_report_store1_noabort+0x1b/0x30 [ 10.680618] kmalloc_oob_right+0x6f0/0x7f0 [ 10.680640] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.680661] ? __schedule+0x10cc/0x2b60 [ 10.680683] ? __pfx_read_tsc+0x10/0x10 [ 10.680704] ? ktime_get_ts64+0x86/0x230 [ 10.680729] kunit_try_run_case+0x1a5/0x480 [ 10.680754] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.680775] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.680798] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.680819] ? __kthread_parkme+0x82/0x180 [ 10.680840] ? preempt_count_sub+0x50/0x80 [ 10.680864] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.680886] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.680908] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.680929] kthread+0x337/0x6f0 [ 10.680948] ? trace_preempt_on+0x20/0xc0 [ 10.680971] ? __pfx_kthread+0x10/0x10 [ 10.680991] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.681011] ? calculate_sigpending+0x7b/0xa0 [ 10.681035] ? __pfx_kthread+0x10/0x10 [ 10.681055] ret_from_fork+0x116/0x1d0 [ 10.681072] ? __pfx_kthread+0x10/0x10 [ 10.681092] ret_from_fork_asm+0x1a/0x30 [ 10.681143] </TASK> [ 10.681208] [ 10.689471] Allocated by task 155: [ 10.689793] kasan_save_stack+0x45/0x70 [ 10.690275] kasan_save_track+0x18/0x40 [ 10.690503] kasan_save_alloc_info+0x3b/0x50 [ 10.690795] __kasan_kmalloc+0xb7/0xc0 [ 10.690954] __kmalloc_cache_noprof+0x189/0x420 [ 10.691162] kmalloc_oob_right+0xa9/0x7f0 [ 10.691337] kunit_try_run_case+0x1a5/0x480 [ 10.691533] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.691863] kthread+0x337/0x6f0 [ 10.691989] ret_from_fork+0x116/0x1d0 [ 10.692124] ret_from_fork_asm+0x1a/0x30 [ 10.692366] [ 10.692530] The buggy address belongs to the object at ffff888102c7bc00 [ 10.692530] which belongs to the cache kmalloc-128 of size 128 [ 10.693548] The buggy address is located 0 bytes to the right of [ 10.693548] allocated 115-byte region [ffff888102c7bc00, ffff888102c7bc73) [ 10.694102] [ 10.694255] The buggy address belongs to the physical page: [ 10.694932] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c7b [ 10.695618] flags: 0x200000000000000(node=0|zone=2) [ 10.696242] page_type: f5(slab) [ 10.696731] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.697121] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.697537] page dumped because: kasan: bad access detected [ 10.697987] [ 10.698113] Memory state around the buggy address: [ 10.698538] ffff888102c7bb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.699024] ffff888102c7bb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.699348] >ffff888102c7bc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 10.699668] ^ [ 10.700001] ffff888102c7bc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.700287] ffff888102c7bd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.700613] ================================================================== [ 10.719794] ================================================================== [ 10.720364] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 10.720653] Read of size 1 at addr ffff888102c7bc80 by task kunit_try_catch/155 [ 10.720872] [ 10.720953] CPU: 1 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 10.720991] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.721002] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.721021] Call Trace: [ 10.721034] <TASK> [ 10.721047] dump_stack_lvl+0x73/0xb0 [ 10.721091] print_report+0xd1/0x650 [ 10.721113] ? __virt_addr_valid+0x1db/0x2d0 [ 10.721134] ? kmalloc_oob_right+0x68a/0x7f0 [ 10.721153] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.721174] ? kmalloc_oob_right+0x68a/0x7f0 [ 10.721194] kasan_report+0x141/0x180 [ 10.721215] ? kmalloc_oob_right+0x68a/0x7f0 [ 10.721239] __asan_report_load1_noabort+0x18/0x20 [ 10.721263] kmalloc_oob_right+0x68a/0x7f0 [ 10.721284] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.721305] ? __schedule+0x10cc/0x2b60 [ 10.721326] ? __pfx_read_tsc+0x10/0x10 [ 10.721345] ? ktime_get_ts64+0x86/0x230 [ 10.721367] kunit_try_run_case+0x1a5/0x480 [ 10.721400] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.721420] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.721441] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.721462] ? __kthread_parkme+0x82/0x180 [ 10.721482] ? preempt_count_sub+0x50/0x80 [ 10.721504] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.721525] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.721546] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.721568] kthread+0x337/0x6f0 [ 10.721586] ? trace_preempt_on+0x20/0xc0 [ 10.721608] ? __pfx_kthread+0x10/0x10 [ 10.721627] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.721646] ? calculate_sigpending+0x7b/0xa0 [ 10.721669] ? __pfx_kthread+0x10/0x10 [ 10.721689] ret_from_fork+0x116/0x1d0 [ 10.721706] ? __pfx_kthread+0x10/0x10 [ 10.721725] ret_from_fork_asm+0x1a/0x30 [ 10.721753] </TASK> [ 10.721763] [ 10.731245] Allocated by task 155: [ 10.731404] kasan_save_stack+0x45/0x70 [ 10.732088] kasan_save_track+0x18/0x40 [ 10.732439] kasan_save_alloc_info+0x3b/0x50 [ 10.732914] __kasan_kmalloc+0xb7/0xc0 [ 10.733427] __kmalloc_cache_noprof+0x189/0x420 [ 10.734023] kmalloc_oob_right+0xa9/0x7f0 [ 10.734375] kunit_try_run_case+0x1a5/0x480 [ 10.734869] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.735445] kthread+0x337/0x6f0 [ 10.735855] ret_from_fork+0x116/0x1d0 [ 10.736242] ret_from_fork_asm+0x1a/0x30 [ 10.736680] [ 10.736907] The buggy address belongs to the object at ffff888102c7bc00 [ 10.736907] which belongs to the cache kmalloc-128 of size 128 [ 10.738142] The buggy address is located 13 bytes to the right of [ 10.738142] allocated 115-byte region [ffff888102c7bc00, ffff888102c7bc73) [ 10.739404] [ 10.739597] The buggy address belongs to the physical page: [ 10.740134] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c7b [ 10.740915] flags: 0x200000000000000(node=0|zone=2) [ 10.741559] page_type: f5(slab) [ 10.741746] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.742371] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.742625] page dumped because: kasan: bad access detected [ 10.743004] [ 10.743124] Memory state around the buggy address: [ 10.743442] ffff888102c7bb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.744193] ffff888102c7bc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 10.744729] >ffff888102c7bc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.745414] ^ [ 10.745538] ffff888102c7bd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.746372] ffff888102c7bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.746972] ================================================================== [ 10.702162] ================================================================== [ 10.702469] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 10.702918] Write of size 1 at addr ffff888102c7bc78 by task kunit_try_catch/155 [ 10.703232] [ 10.703329] CPU: 1 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 10.703370] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.703395] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.703414] Call Trace: [ 10.703426] <TASK> [ 10.703441] dump_stack_lvl+0x73/0xb0 [ 10.703469] print_report+0xd1/0x650 [ 10.703491] ? __virt_addr_valid+0x1db/0x2d0 [ 10.703512] ? kmalloc_oob_right+0x6bd/0x7f0 [ 10.703533] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.703554] ? kmalloc_oob_right+0x6bd/0x7f0 [ 10.703626] kasan_report+0x141/0x180 [ 10.703650] ? kmalloc_oob_right+0x6bd/0x7f0 [ 10.703675] __asan_report_store1_noabort+0x1b/0x30 [ 10.703699] kmalloc_oob_right+0x6bd/0x7f0 [ 10.703722] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.703743] ? __schedule+0x10cc/0x2b60 [ 10.703764] ? __pfx_read_tsc+0x10/0x10 [ 10.703791] ? ktime_get_ts64+0x86/0x230 [ 10.703815] kunit_try_run_case+0x1a5/0x480 [ 10.703838] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.703858] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.703880] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.703901] ? __kthread_parkme+0x82/0x180 [ 10.703920] ? preempt_count_sub+0x50/0x80 [ 10.703943] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.703965] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.703986] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.704007] kthread+0x337/0x6f0 [ 10.704025] ? trace_preempt_on+0x20/0xc0 [ 10.704048] ? __pfx_kthread+0x10/0x10 [ 10.704068] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.704087] ? calculate_sigpending+0x7b/0xa0 [ 10.704109] ? __pfx_kthread+0x10/0x10 [ 10.704129] ret_from_fork+0x116/0x1d0 [ 10.704146] ? __pfx_kthread+0x10/0x10 [ 10.704165] ret_from_fork_asm+0x1a/0x30 [ 10.704194] </TASK> [ 10.704204] [ 10.711277] Allocated by task 155: [ 10.711415] kasan_save_stack+0x45/0x70 [ 10.711557] kasan_save_track+0x18/0x40 [ 10.711717] kasan_save_alloc_info+0x3b/0x50 [ 10.712363] __kasan_kmalloc+0xb7/0xc0 [ 10.712621] __kmalloc_cache_noprof+0x189/0x420 [ 10.712925] kmalloc_oob_right+0xa9/0x7f0 [ 10.713129] kunit_try_run_case+0x1a5/0x480 [ 10.713336] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.713565] kthread+0x337/0x6f0 [ 10.713766] ret_from_fork+0x116/0x1d0 [ 10.713927] ret_from_fork_asm+0x1a/0x30 [ 10.714080] [ 10.714179] The buggy address belongs to the object at ffff888102c7bc00 [ 10.714179] which belongs to the cache kmalloc-128 of size 128 [ 10.714751] The buggy address is located 5 bytes to the right of [ 10.714751] allocated 115-byte region [ffff888102c7bc00, ffff888102c7bc73) [ 10.715129] [ 10.715201] The buggy address belongs to the physical page: [ 10.715372] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c7b [ 10.715740] flags: 0x200000000000000(node=0|zone=2) [ 10.715972] page_type: f5(slab) [ 10.716157] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.716503] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.716906] page dumped because: kasan: bad access detected [ 10.717080] [ 10.717148] Memory state around the buggy address: [ 10.717317] ffff888102c7bb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.717889] ffff888102c7bb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.718222] >ffff888102c7bc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 10.718550] ^ [ 10.718909] ffff888102c7bc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.719125] ffff888102c7bd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.719336] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 140.894255] WARNING: CPU: 0 PID: 2767 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 140.895006] Modules linked in: [ 140.895298] CPU: 0 UID: 0 PID: 2767 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 140.896072] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.896453] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.897024] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 140.897375] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 40 cf 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 140.898463] RSP: 0000:ffff88810ad17c78 EFLAGS: 00010286 [ 140.898899] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 140.899270] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff8ae32794 [ 140.899560] RBP: ffff88810ad17ca0 R08: 0000000000000000 R09: ffffed1020a164e0 [ 140.900063] R10: ffff8881050b2707 R11: 0000000000000000 R12: ffffffff8ae32780 [ 140.900439] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810ad17d38 [ 140.901028] FS: 0000000000000000(0000) GS:ffff8881ce274000(0000) knlGS:0000000000000000 [ 140.901386] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.901623] CR2: 00007ffff7ffe000 CR3: 00000001356bc000 CR4: 00000000000006f0 [ 140.902177] DR0: ffffffff8ce50440 DR1: ffffffff8ce50441 DR2: ffffffff8ce50443 [ 140.902637] DR3: ffffffff8ce50445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.903087] Call Trace: [ 140.903294] <TASK> [ 140.903496] drm_test_rect_calc_vscale+0x108/0x270 [ 140.903900] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 140.904292] ? __schedule+0x10cc/0x2b60 [ 140.904650] ? __pfx_read_tsc+0x10/0x10 [ 140.904884] ? ktime_get_ts64+0x86/0x230 [ 140.905086] kunit_try_run_case+0x1a5/0x480 [ 140.905290] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.905516] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.906204] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.906460] ? __kthread_parkme+0x82/0x180 [ 140.906831] ? preempt_count_sub+0x50/0x80 [ 140.907031] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.907398] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.907645] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.908184] kthread+0x337/0x6f0 [ 140.908369] ? trace_preempt_on+0x20/0xc0 [ 140.908559] ? __pfx_kthread+0x10/0x10 [ 140.908977] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.909270] ? calculate_sigpending+0x7b/0xa0 [ 140.909735] ? __pfx_kthread+0x10/0x10 [ 140.909983] ret_from_fork+0x116/0x1d0 [ 140.910178] ? __pfx_kthread+0x10/0x10 [ 140.910374] ret_from_fork_asm+0x1a/0x30 [ 140.910570] </TASK> [ 140.911035] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 140.875368] WARNING: CPU: 0 PID: 2765 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 140.875842] Modules linked in: [ 140.876161] CPU: 0 UID: 0 PID: 2765 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 140.876566] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.876938] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.877527] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 140.878206] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 40 cf 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 140.879390] RSP: 0000:ffff88810aeffc78 EFLAGS: 00010286 [ 140.879760] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 140.880060] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff8ae3275c [ 140.880385] RBP: ffff88810aeffca0 R08: 0000000000000000 R09: ffffed1020dfdde0 [ 140.880823] R10: ffff888106feef07 R11: 0000000000000000 R12: ffffffff8ae32748 [ 140.881125] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810aeffd38 [ 140.881438] FS: 0000000000000000(0000) GS:ffff8881ce274000(0000) knlGS:0000000000000000 [ 140.881855] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.882129] CR2: 00007ffff7ffe000 CR3: 00000001356bc000 CR4: 00000000000006f0 [ 140.882470] DR0: ffffffff8ce50440 DR1: ffffffff8ce50441 DR2: ffffffff8ce50443 [ 140.883026] DR3: ffffffff8ce50445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.883353] Call Trace: [ 140.883477] <TASK> [ 140.883710] drm_test_rect_calc_vscale+0x108/0x270 [ 140.883970] ? __kasan_check_write+0x18/0x20 [ 140.884247] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 140.884466] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 140.884820] ? trace_hardirqs_on+0x37/0xe0 [ 140.885222] ? __pfx_read_tsc+0x10/0x10 [ 140.885391] ? ktime_get_ts64+0x86/0x230 [ 140.885680] kunit_try_run_case+0x1a5/0x480 [ 140.886010] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.886254] ? queued_spin_lock_slowpath+0x116/0xb40 [ 140.886512] ? __kthread_parkme+0x82/0x180 [ 140.886997] ? preempt_count_sub+0x50/0x80 [ 140.887238] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.887487] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.887820] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.888208] kthread+0x337/0x6f0 [ 140.888394] ? trace_preempt_on+0x20/0xc0 [ 140.888773] ? __pfx_kthread+0x10/0x10 [ 140.889048] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.889234] ? calculate_sigpending+0x7b/0xa0 [ 140.889472] ? __pfx_kthread+0x10/0x10 [ 140.889892] ret_from_fork+0x116/0x1d0 [ 140.890047] ? __pfx_kthread+0x10/0x10 [ 140.890316] ret_from_fork_asm+0x1a/0x30 [ 140.890822] </TASK> [ 140.890933] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 140.823407] WARNING: CPU: 1 PID: 2753 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 140.823858] Modules linked in: [ 140.824058] CPU: 1 UID: 0 PID: 2753 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 140.824447] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.824711] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.825094] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 140.826027] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 140.827187] RSP: 0000:ffff88810af9fc78 EFLAGS: 00010286 [ 140.827454] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 140.828007] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff8ae32760 [ 140.828470] RBP: ffff88810af9fca0 R08: 0000000000000000 R09: ffffed1020a15de0 [ 140.829055] R10: ffff8881050aef07 R11: 0000000000000000 R12: ffffffff8ae32748 [ 140.829507] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810af9fd38 [ 140.829959] FS: 0000000000000000(0000) GS:ffff8881ce374000(0000) knlGS:0000000000000000 [ 140.830280] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.830531] CR2: 00007ffff7ffe000 CR3: 00000001356bc000 CR4: 00000000000006f0 [ 140.830818] DR0: ffffffff8ce50444 DR1: ffffffff8ce50449 DR2: ffffffff8ce5044a [ 140.831107] DR3: ffffffff8ce5044b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.831861] Call Trace: [ 140.832025] <TASK> [ 140.832132] drm_test_rect_calc_hscale+0x108/0x270 [ 140.832817] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 140.833203] ? __schedule+0x10cc/0x2b60 [ 140.833533] ? __pfx_read_tsc+0x10/0x10 [ 140.833916] ? ktime_get_ts64+0x86/0x230 [ 140.834096] kunit_try_run_case+0x1a5/0x480 [ 140.834316] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.834551] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.834781] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.835004] ? __kthread_parkme+0x82/0x180 [ 140.835212] ? preempt_count_sub+0x50/0x80 [ 140.835935] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.836173] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.836978] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.837253] kthread+0x337/0x6f0 [ 140.837443] ? trace_preempt_on+0x20/0xc0 [ 140.837643] ? __pfx_kthread+0x10/0x10 [ 140.837826] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.838032] ? calculate_sigpending+0x7b/0xa0 [ 140.838229] ? __pfx_kthread+0x10/0x10 [ 140.838408] ret_from_fork+0x116/0x1d0 [ 140.838593] ? __pfx_kthread+0x10/0x10 [ 140.838771] ret_from_fork_asm+0x1a/0x30 [ 140.838973] </TASK> [ 140.839092] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 140.842542] WARNING: CPU: 0 PID: 2755 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 140.843536] Modules linked in: [ 140.843993] CPU: 0 UID: 0 PID: 2755 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 140.844838] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.845090] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.845745] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 140.845963] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 140.847451] RSP: 0000:ffff88810a7cfc78 EFLAGS: 00010286 [ 140.847865] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 140.848216] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff8ae32798 [ 140.848517] RBP: ffff88810a7cfca0 R08: 0000000000000000 R09: ffffed1020dfdd80 [ 140.848904] R10: ffff888106feec07 R11: 0000000000000000 R12: ffffffff8ae32780 [ 140.849317] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810a7cfd38 [ 140.849762] FS: 0000000000000000(0000) GS:ffff8881ce274000(0000) knlGS:0000000000000000 [ 140.850072] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.850344] CR2: 00007ffff7ffe000 CR3: 00000001356bc000 CR4: 00000000000006f0 [ 140.850883] DR0: ffffffff8ce50440 DR1: ffffffff8ce50441 DR2: ffffffff8ce50443 [ 140.851255] DR3: ffffffff8ce50445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.851479] Call Trace: [ 140.851884] <TASK> [ 140.852099] drm_test_rect_calc_hscale+0x108/0x270 [ 140.852385] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 140.852656] ? __schedule+0x10cc/0x2b60 [ 140.853148] ? __pfx_read_tsc+0x10/0x10 [ 140.853366] ? ktime_get_ts64+0x86/0x230 [ 140.853784] kunit_try_run_case+0x1a5/0x480 [ 140.854043] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.854267] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.854496] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.854713] ? __kthread_parkme+0x82/0x180 [ 140.854893] ? preempt_count_sub+0x50/0x80 [ 140.855276] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.855480] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.855657] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.855962] kthread+0x337/0x6f0 [ 140.856146] ? trace_preempt_on+0x20/0xc0 [ 140.856498] ? __pfx_kthread+0x10/0x10 [ 140.857094] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.857280] ? calculate_sigpending+0x7b/0xa0 [ 140.857523] ? __pfx_kthread+0x10/0x10 [ 140.858131] ret_from_fork+0x116/0x1d0 [ 140.858349] ? __pfx_kthread+0x10/0x10 [ 140.858534] ret_from_fork_asm+0x1a/0x30 [ 140.859008] </TASK> [ 140.859219] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 11.468348] ================================================================== [ 11.468847] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 11.469178] Write of size 2 at addr ffff888103109977 by task kunit_try_catch/191 [ 11.469506] [ 11.469673] CPU: 0 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.469721] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.469732] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.469753] Call Trace: [ 11.469765] <TASK> [ 11.469792] dump_stack_lvl+0x73/0xb0 [ 11.469824] print_report+0xd1/0x650 [ 11.469847] ? __virt_addr_valid+0x1db/0x2d0 [ 11.469870] ? kmalloc_oob_memset_2+0x166/0x330 [ 11.469891] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.469912] ? kmalloc_oob_memset_2+0x166/0x330 [ 11.469933] kasan_report+0x141/0x180 [ 11.469954] ? kmalloc_oob_memset_2+0x166/0x330 [ 11.469979] kasan_check_range+0x10c/0x1c0 [ 11.470001] __asan_memset+0x27/0x50 [ 11.470019] kmalloc_oob_memset_2+0x166/0x330 [ 11.470040] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 11.470061] ? __schedule+0x10cc/0x2b60 [ 11.470083] ? __pfx_read_tsc+0x10/0x10 [ 11.470104] ? ktime_get_ts64+0x86/0x230 [ 11.470128] kunit_try_run_case+0x1a5/0x480 [ 11.470154] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.470174] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.470197] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.470218] ? __kthread_parkme+0x82/0x180 [ 11.470239] ? preempt_count_sub+0x50/0x80 [ 11.470262] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.470284] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.470306] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.470327] kthread+0x337/0x6f0 [ 11.470345] ? trace_preempt_on+0x20/0xc0 [ 11.470368] ? __pfx_kthread+0x10/0x10 [ 11.470401] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.470420] ? calculate_sigpending+0x7b/0xa0 [ 11.470444] ? __pfx_kthread+0x10/0x10 [ 11.470464] ret_from_fork+0x116/0x1d0 [ 11.470481] ? __pfx_kthread+0x10/0x10 [ 11.470500] ret_from_fork_asm+0x1a/0x30 [ 11.470532] </TASK> [ 11.470543] [ 11.480736] Allocated by task 191: [ 11.480953] kasan_save_stack+0x45/0x70 [ 11.481115] kasan_save_track+0x18/0x40 [ 11.481291] kasan_save_alloc_info+0x3b/0x50 [ 11.481510] __kasan_kmalloc+0xb7/0xc0 [ 11.481644] __kmalloc_cache_noprof+0x189/0x420 [ 11.481800] kmalloc_oob_memset_2+0xac/0x330 [ 11.481953] kunit_try_run_case+0x1a5/0x480 [ 11.482179] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.482440] kthread+0x337/0x6f0 [ 11.482607] ret_from_fork+0x116/0x1d0 [ 11.482844] ret_from_fork_asm+0x1a/0x30 [ 11.482990] [ 11.483063] The buggy address belongs to the object at ffff888103109900 [ 11.483063] which belongs to the cache kmalloc-128 of size 128 [ 11.483548] The buggy address is located 119 bytes inside of [ 11.483548] allocated 120-byte region [ffff888103109900, ffff888103109978) [ 11.484313] [ 11.484416] The buggy address belongs to the physical page: [ 11.484726] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103109 [ 11.485077] flags: 0x200000000000000(node=0|zone=2) [ 11.485259] page_type: f5(slab) [ 11.485393] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.485696] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.486208] page dumped because: kasan: bad access detected [ 11.486473] [ 11.486542] Memory state around the buggy address: [ 11.486941] ffff888103109800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.487212] ffff888103109880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.487517] >ffff888103109900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.487865] ^ [ 11.488099] ffff888103109980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.488425] ffff888103109a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.488706] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 11.446534] ================================================================== [ 11.447310] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 11.447845] Write of size 128 at addr ffff888102c7bf00 by task kunit_try_catch/189 [ 11.448175] [ 11.448272] CPU: 1 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.448316] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.448327] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.448347] Call Trace: [ 11.448360] <TASK> [ 11.448390] dump_stack_lvl+0x73/0xb0 [ 11.448422] print_report+0xd1/0x650 [ 11.448448] ? __virt_addr_valid+0x1db/0x2d0 [ 11.448471] ? kmalloc_oob_in_memset+0x15f/0x320 [ 11.448492] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.448514] ? kmalloc_oob_in_memset+0x15f/0x320 [ 11.448535] kasan_report+0x141/0x180 [ 11.448557] ? kmalloc_oob_in_memset+0x15f/0x320 [ 11.448583] kasan_check_range+0x10c/0x1c0 [ 11.448605] __asan_memset+0x27/0x50 [ 11.448624] kmalloc_oob_in_memset+0x15f/0x320 [ 11.448645] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 11.448666] ? __schedule+0x10cc/0x2b60 [ 11.448688] ? __pfx_read_tsc+0x10/0x10 [ 11.448708] ? ktime_get_ts64+0x86/0x230 [ 11.448732] kunit_try_run_case+0x1a5/0x480 [ 11.448756] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.448777] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.448799] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.448820] ? __kthread_parkme+0x82/0x180 [ 11.448840] ? preempt_count_sub+0x50/0x80 [ 11.448863] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.448885] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.448906] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.448927] kthread+0x337/0x6f0 [ 11.448946] ? trace_preempt_on+0x20/0xc0 [ 11.448969] ? __pfx_kthread+0x10/0x10 [ 11.448989] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.449008] ? calculate_sigpending+0x7b/0xa0 [ 11.449031] ? __pfx_kthread+0x10/0x10 [ 11.449051] ret_from_fork+0x116/0x1d0 [ 11.449068] ? __pfx_kthread+0x10/0x10 [ 11.449087] ret_from_fork_asm+0x1a/0x30 [ 11.449117] </TASK> [ 11.449127] [ 11.456691] Allocated by task 189: [ 11.456873] kasan_save_stack+0x45/0x70 [ 11.457170] kasan_save_track+0x18/0x40 [ 11.457332] kasan_save_alloc_info+0x3b/0x50 [ 11.457510] __kasan_kmalloc+0xb7/0xc0 [ 11.457667] __kmalloc_cache_noprof+0x189/0x420 [ 11.457931] kmalloc_oob_in_memset+0xac/0x320 [ 11.458078] kunit_try_run_case+0x1a5/0x480 [ 11.458220] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.458657] kthread+0x337/0x6f0 [ 11.458916] ret_from_fork+0x116/0x1d0 [ 11.459086] ret_from_fork_asm+0x1a/0x30 [ 11.459225] [ 11.459296] The buggy address belongs to the object at ffff888102c7bf00 [ 11.459296] which belongs to the cache kmalloc-128 of size 128 [ 11.460356] The buggy address is located 0 bytes inside of [ 11.460356] allocated 120-byte region [ffff888102c7bf00, ffff888102c7bf78) [ 11.460887] [ 11.460990] The buggy address belongs to the physical page: [ 11.461240] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c7b [ 11.461569] flags: 0x200000000000000(node=0|zone=2) [ 11.461796] page_type: f5(slab) [ 11.461922] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.462158] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.462675] page dumped because: kasan: bad access detected [ 11.462955] [ 11.463049] Memory state around the buggy address: [ 11.463275] ffff888102c7be00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.463661] ffff888102c7be80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.463916] >ffff888102c7bf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.464197] ^ [ 11.464730] ffff888102c7bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.465170] ffff888102c7c000: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 11.465389] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 48.126511] ================================================================== [ 48.126899] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 48.126899] [ 48.127273] Use-after-free read at 0x(____ptrval____) (in kfence-#135): [ 48.127566] test_krealloc+0x6fc/0xbe0 [ 48.127730] kunit_try_run_case+0x1a5/0x480 [ 48.127972] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.128232] kthread+0x337/0x6f0 [ 48.128410] ret_from_fork+0x116/0x1d0 [ 48.128721] ret_from_fork_asm+0x1a/0x30 [ 48.128884] [ 48.128988] kfence-#135: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 48.128988] [ 48.129287] allocated by task 356 on cpu 1 at 48.125897s (0.003387s ago): [ 48.129609] test_alloc+0x364/0x10f0 [ 48.129889] test_krealloc+0xad/0xbe0 [ 48.130082] kunit_try_run_case+0x1a5/0x480 [ 48.130228] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.130822] kthread+0x337/0x6f0 [ 48.131248] ret_from_fork+0x116/0x1d0 [ 48.131469] ret_from_fork_asm+0x1a/0x30 [ 48.132009] [ 48.132130] freed by task 356 on cpu 1 at 48.126138s (0.005989s ago): [ 48.132559] krealloc_noprof+0x108/0x340 [ 48.132746] test_krealloc+0x226/0xbe0 [ 48.132901] kunit_try_run_case+0x1a5/0x480 [ 48.133109] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.133325] kthread+0x337/0x6f0 [ 48.133497] ret_from_fork+0x116/0x1d0 [ 48.133655] ret_from_fork_asm+0x1a/0x30 [ 48.133832] [ 48.133955] CPU: 1 UID: 0 PID: 356 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 48.134400] Tainted: [B]=BAD_PAGE, [N]=TEST [ 48.134612] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 48.134967] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 48.028540] ================================================================== [ 48.028974] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 48.028974] [ 48.029350] Use-after-free read at 0x(____ptrval____) (in kfence-#134): [ 48.029647] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 48.030018] kunit_try_run_case+0x1a5/0x480 [ 48.030796] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.031020] kthread+0x337/0x6f0 [ 48.031188] ret_from_fork+0x116/0x1d0 [ 48.031351] ret_from_fork_asm+0x1a/0x30 [ 48.031572] [ 48.031676] kfence-#134: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 48.031676] [ 48.032031] allocated by task 354 on cpu 0 at 48.023251s (0.008777s ago): [ 48.032340] test_alloc+0x2a6/0x10f0 [ 48.032943] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 48.033158] kunit_try_run_case+0x1a5/0x480 [ 48.033538] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.033845] kthread+0x337/0x6f0 [ 48.033984] ret_from_fork+0x116/0x1d0 [ 48.034306] ret_from_fork_asm+0x1a/0x30 [ 48.034475] [ 48.034651] freed by task 354 on cpu 0 at 48.023363s (0.011286s ago): [ 48.034991] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 48.035216] kunit_try_run_case+0x1a5/0x480 [ 48.035417] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.035877] kthread+0x337/0x6f0 [ 48.036015] ret_from_fork+0x116/0x1d0 [ 48.036337] ret_from_fork_asm+0x1a/0x30 [ 48.036586] [ 48.036768] CPU: 0 UID: 0 PID: 354 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 48.037294] Tainted: [B]=BAD_PAGE, [N]=TEST [ 48.037622] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 48.037995] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 23.077901] ================================================================== [ 23.078419] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 23.078419] [ 23.078905] Invalid read at 0x(____ptrval____): [ 23.079099] test_invalid_access+0xf0/0x210 [ 23.079655] kunit_try_run_case+0x1a5/0x480 [ 23.079938] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.080171] kthread+0x337/0x6f0 [ 23.080345] ret_from_fork+0x116/0x1d0 [ 23.080523] ret_from_fork_asm+0x1a/0x30 [ 23.081195] [ 23.081434] CPU: 0 UID: 0 PID: 350 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 23.081997] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.082201] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.082538] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 11.417836] ================================================================== [ 11.418237] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 11.418489] Read of size 16 at addr ffff888101c19f00 by task kunit_try_catch/187 [ 11.418733] [ 11.418963] CPU: 0 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.419011] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.419023] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.419351] Call Trace: [ 11.419369] <TASK> [ 11.419402] dump_stack_lvl+0x73/0xb0 [ 11.419436] print_report+0xd1/0x650 [ 11.419459] ? __virt_addr_valid+0x1db/0x2d0 [ 11.419483] ? kmalloc_uaf_16+0x47b/0x4c0 [ 11.419502] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.419522] ? kmalloc_uaf_16+0x47b/0x4c0 [ 11.419542] kasan_report+0x141/0x180 [ 11.419562] ? kmalloc_uaf_16+0x47b/0x4c0 [ 11.419586] __asan_report_load16_noabort+0x18/0x20 [ 11.419609] kmalloc_uaf_16+0x47b/0x4c0 [ 11.419629] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 11.419649] ? __schedule+0x10cc/0x2b60 [ 11.419670] ? __pfx_read_tsc+0x10/0x10 [ 11.419698] ? ktime_get_ts64+0x86/0x230 [ 11.419723] kunit_try_run_case+0x1a5/0x480 [ 11.419748] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.419769] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.419792] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.419813] ? __kthread_parkme+0x82/0x180 [ 11.419833] ? preempt_count_sub+0x50/0x80 [ 11.419856] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.419879] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.419900] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.419921] kthread+0x337/0x6f0 [ 11.419939] ? trace_preempt_on+0x20/0xc0 [ 11.419962] ? __pfx_kthread+0x10/0x10 [ 11.419982] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.420001] ? calculate_sigpending+0x7b/0xa0 [ 11.420024] ? __pfx_kthread+0x10/0x10 [ 11.420044] ret_from_fork+0x116/0x1d0 [ 11.420061] ? __pfx_kthread+0x10/0x10 [ 11.420081] ret_from_fork_asm+0x1a/0x30 [ 11.420110] </TASK> [ 11.420121] [ 11.432850] Allocated by task 187: [ 11.433061] kasan_save_stack+0x45/0x70 [ 11.433213] kasan_save_track+0x18/0x40 [ 11.433348] kasan_save_alloc_info+0x3b/0x50 [ 11.433507] __kasan_kmalloc+0xb7/0xc0 [ 11.433660] __kmalloc_cache_noprof+0x189/0x420 [ 11.433884] kmalloc_uaf_16+0x15b/0x4c0 [ 11.434086] kunit_try_run_case+0x1a5/0x480 [ 11.434294] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.434551] kthread+0x337/0x6f0 [ 11.434710] ret_from_fork+0x116/0x1d0 [ 11.434898] ret_from_fork_asm+0x1a/0x30 [ 11.435097] [ 11.435192] Freed by task 187: [ 11.435337] kasan_save_stack+0x45/0x70 [ 11.435498] kasan_save_track+0x18/0x40 [ 11.435679] kasan_save_free_info+0x3f/0x60 [ 11.435860] __kasan_slab_free+0x56/0x70 [ 11.435994] kfree+0x222/0x3f0 [ 11.436128] kmalloc_uaf_16+0x1d6/0x4c0 [ 11.436321] kunit_try_run_case+0x1a5/0x480 [ 11.436623] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.436948] kthread+0x337/0x6f0 [ 11.437082] ret_from_fork+0x116/0x1d0 [ 11.437271] ret_from_fork_asm+0x1a/0x30 [ 11.437433] [ 11.437503] The buggy address belongs to the object at ffff888101c19f00 [ 11.437503] which belongs to the cache kmalloc-16 of size 16 [ 11.438156] The buggy address is located 0 bytes inside of [ 11.438156] freed 16-byte region [ffff888101c19f00, ffff888101c19f10) [ 11.438800] [ 11.438884] The buggy address belongs to the physical page: [ 11.439196] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c19 [ 11.439540] flags: 0x200000000000000(node=0|zone=2) [ 11.439758] page_type: f5(slab) [ 11.439937] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.440386] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.440651] page dumped because: kasan: bad access detected [ 11.440998] [ 11.441070] Memory state around the buggy address: [ 11.441225] ffff888101c19e00: 00 02 fc fc 00 06 fc fc 00 06 fc fc fa fb fc fc [ 11.441503] ffff888101c19e80: fa fb fc fc 00 05 fc fc fa fb fc fc 00 00 fc fc [ 11.441818] >ffff888101c19f00: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.442081] ^ [ 11.442195] ffff888101c19f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.442493] ffff888101c1a000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.443185] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 11.393484] ================================================================== [ 11.394773] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 11.395464] Write of size 16 at addr ffff888102796080 by task kunit_try_catch/185 [ 11.395721] [ 11.396135] CPU: 1 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.396186] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.396198] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.396218] Call Trace: [ 11.396231] <TASK> [ 11.396250] dump_stack_lvl+0x73/0xb0 [ 11.396283] print_report+0xd1/0x650 [ 11.396307] ? __virt_addr_valid+0x1db/0x2d0 [ 11.396331] ? kmalloc_oob_16+0x452/0x4a0 [ 11.396351] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.396372] ? kmalloc_oob_16+0x452/0x4a0 [ 11.396402] kasan_report+0x141/0x180 [ 11.396424] ? kmalloc_oob_16+0x452/0x4a0 [ 11.396451] __asan_report_store16_noabort+0x1b/0x30 [ 11.396471] kmalloc_oob_16+0x452/0x4a0 [ 11.396492] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 11.396514] ? __schedule+0x10cc/0x2b60 [ 11.396537] ? __pfx_read_tsc+0x10/0x10 [ 11.396559] ? ktime_get_ts64+0x86/0x230 [ 11.396587] kunit_try_run_case+0x1a5/0x480 [ 11.396612] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.396633] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.396658] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.396680] ? __kthread_parkme+0x82/0x180 [ 11.396701] ? preempt_count_sub+0x50/0x80 [ 11.396726] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.396749] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.396778] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.396800] kthread+0x337/0x6f0 [ 11.396819] ? trace_preempt_on+0x20/0xc0 [ 11.396845] ? __pfx_kthread+0x10/0x10 [ 11.396866] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.396889] ? calculate_sigpending+0x7b/0xa0 [ 11.396916] ? __pfx_kthread+0x10/0x10 [ 11.396937] ret_from_fork+0x116/0x1d0 [ 11.396955] ? __pfx_kthread+0x10/0x10 [ 11.396975] ret_from_fork_asm+0x1a/0x30 [ 11.397011] </TASK> [ 11.397022] [ 11.405213] Allocated by task 185: [ 11.405538] kasan_save_stack+0x45/0x70 [ 11.405873] kasan_save_track+0x18/0x40 [ 11.406055] kasan_save_alloc_info+0x3b/0x50 [ 11.406297] __kasan_kmalloc+0xb7/0xc0 [ 11.406522] __kmalloc_cache_noprof+0x189/0x420 [ 11.406814] kmalloc_oob_16+0xa8/0x4a0 [ 11.407060] kunit_try_run_case+0x1a5/0x480 [ 11.407336] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.407658] kthread+0x337/0x6f0 [ 11.407847] ret_from_fork+0x116/0x1d0 [ 11.408112] ret_from_fork_asm+0x1a/0x30 [ 11.408308] [ 11.408422] The buggy address belongs to the object at ffff888102796080 [ 11.408422] which belongs to the cache kmalloc-16 of size 16 [ 11.409044] The buggy address is located 0 bytes inside of [ 11.409044] allocated 13-byte region [ffff888102796080, ffff88810279608d) [ 11.409859] [ 11.409971] The buggy address belongs to the physical page: [ 11.410263] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102796 [ 11.410729] flags: 0x200000000000000(node=0|zone=2) [ 11.411019] page_type: f5(slab) [ 11.411190] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.411530] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.411969] page dumped because: kasan: bad access detected [ 11.412249] [ 11.412341] Memory state around the buggy address: [ 11.412509] ffff888102795f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.412972] ffff888102796000: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 11.413261] >ffff888102796080: 00 05 fc fc 00 00 fc fc fc fc fc fc fc fc fc fc [ 11.413646] ^ [ 11.413932] ffff888102796100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.414221] ffff888102796180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.414611] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 11.364212] ================================================================== [ 11.365212] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 11.365869] Read of size 1 at addr ffff888100a21e00 by task kunit_try_catch/183 [ 11.366678] [ 11.366929] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.366985] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.366996] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.367016] Call Trace: [ 11.367030] <TASK> [ 11.367048] dump_stack_lvl+0x73/0xb0 [ 11.367079] print_report+0xd1/0x650 [ 11.367102] ? __virt_addr_valid+0x1db/0x2d0 [ 11.367125] ? krealloc_uaf+0x53c/0x5e0 [ 11.367145] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.367165] ? krealloc_uaf+0x53c/0x5e0 [ 11.367186] kasan_report+0x141/0x180 [ 11.367206] ? krealloc_uaf+0x53c/0x5e0 [ 11.367232] __asan_report_load1_noabort+0x18/0x20 [ 11.367255] krealloc_uaf+0x53c/0x5e0 [ 11.367275] ? __pfx_krealloc_uaf+0x10/0x10 [ 11.367295] ? finish_task_switch.isra.0+0x153/0x700 [ 11.367317] ? __switch_to+0x47/0xf50 [ 11.367342] ? __schedule+0x10cc/0x2b60 [ 11.367363] ? __pfx_read_tsc+0x10/0x10 [ 11.367397] ? ktime_get_ts64+0x86/0x230 [ 11.367420] kunit_try_run_case+0x1a5/0x480 [ 11.367444] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.367465] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.367488] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.367509] ? __kthread_parkme+0x82/0x180 [ 11.367529] ? preempt_count_sub+0x50/0x80 [ 11.367551] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.367575] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.367596] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.367618] kthread+0x337/0x6f0 [ 11.367637] ? trace_preempt_on+0x20/0xc0 [ 11.367661] ? __pfx_kthread+0x10/0x10 [ 11.367682] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.367706] ? calculate_sigpending+0x7b/0xa0 [ 11.367730] ? __pfx_kthread+0x10/0x10 [ 11.367750] ret_from_fork+0x116/0x1d0 [ 11.367768] ? __pfx_kthread+0x10/0x10 [ 11.367789] ret_from_fork_asm+0x1a/0x30 [ 11.367820] </TASK> [ 11.367831] [ 11.375481] Allocated by task 183: [ 11.375851] kasan_save_stack+0x45/0x70 [ 11.376061] kasan_save_track+0x18/0x40 [ 11.376230] kasan_save_alloc_info+0x3b/0x50 [ 11.376391] __kasan_kmalloc+0xb7/0xc0 [ 11.376578] __kmalloc_cache_noprof+0x189/0x420 [ 11.376897] krealloc_uaf+0xbb/0x5e0 [ 11.377070] kunit_try_run_case+0x1a5/0x480 [ 11.377228] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.377475] kthread+0x337/0x6f0 [ 11.377636] ret_from_fork+0x116/0x1d0 [ 11.377822] ret_from_fork_asm+0x1a/0x30 [ 11.378067] [ 11.378145] Freed by task 183: [ 11.378267] kasan_save_stack+0x45/0x70 [ 11.378471] kasan_save_track+0x18/0x40 [ 11.378779] kasan_save_free_info+0x3f/0x60 [ 11.378975] __kasan_slab_free+0x56/0x70 [ 11.379156] kfree+0x222/0x3f0 [ 11.379292] krealloc_uaf+0x13d/0x5e0 [ 11.379452] kunit_try_run_case+0x1a5/0x480 [ 11.379797] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.380061] kthread+0x337/0x6f0 [ 11.380200] ret_from_fork+0x116/0x1d0 [ 11.380354] ret_from_fork_asm+0x1a/0x30 [ 11.380565] [ 11.380712] The buggy address belongs to the object at ffff888100a21e00 [ 11.380712] which belongs to the cache kmalloc-256 of size 256 [ 11.381165] The buggy address is located 0 bytes inside of [ 11.381165] freed 256-byte region [ffff888100a21e00, ffff888100a21f00) [ 11.381519] [ 11.381601] The buggy address belongs to the physical page: [ 11.381853] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a20 [ 11.382217] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.382562] flags: 0x200000000000040(head|node=0|zone=2) [ 11.382971] page_type: f5(slab) [ 11.383156] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.383466] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.383918] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.384226] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.384519] head: 0200000000000001 ffffea0004028801 00000000ffffffff 00000000ffffffff [ 11.384939] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.385254] page dumped because: kasan: bad access detected [ 11.385437] [ 11.385506] Memory state around the buggy address: [ 11.385704] ffff888100a21d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.386017] ffff888100a21d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.386441] >ffff888100a21e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.386694] ^ [ 11.386834] ffff888100a21e80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.387163] ffff888100a21f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.387391] ================================================================== [ 11.329267] ================================================================== [ 11.330124] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 11.330351] Read of size 1 at addr ffff888100a21e00 by task kunit_try_catch/183 [ 11.330649] [ 11.330910] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.330957] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.330968] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.330987] Call Trace: [ 11.330999] <TASK> [ 11.331049] dump_stack_lvl+0x73/0xb0 [ 11.331079] print_report+0xd1/0x650 [ 11.331102] ? __virt_addr_valid+0x1db/0x2d0 [ 11.331124] ? krealloc_uaf+0x1b8/0x5e0 [ 11.331143] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.331164] ? krealloc_uaf+0x1b8/0x5e0 [ 11.331216] kasan_report+0x141/0x180 [ 11.331237] ? krealloc_uaf+0x1b8/0x5e0 [ 11.331260] ? krealloc_uaf+0x1b8/0x5e0 [ 11.331279] __kasan_check_byte+0x3d/0x50 [ 11.331300] krealloc_noprof+0x3f/0x340 [ 11.331322] krealloc_uaf+0x1b8/0x5e0 [ 11.331342] ? __pfx_krealloc_uaf+0x10/0x10 [ 11.331362] ? finish_task_switch.isra.0+0x153/0x700 [ 11.331394] ? __switch_to+0x47/0xf50 [ 11.331419] ? __schedule+0x10cc/0x2b60 [ 11.331469] ? __pfx_read_tsc+0x10/0x10 [ 11.331490] ? ktime_get_ts64+0x86/0x230 [ 11.331538] kunit_try_run_case+0x1a5/0x480 [ 11.331563] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.331625] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.331650] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.331671] ? __kthread_parkme+0x82/0x180 [ 11.331707] ? preempt_count_sub+0x50/0x80 [ 11.331728] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.331750] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.331772] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.331793] kthread+0x337/0x6f0 [ 11.331811] ? trace_preempt_on+0x20/0xc0 [ 11.331835] ? __pfx_kthread+0x10/0x10 [ 11.331855] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.331875] ? calculate_sigpending+0x7b/0xa0 [ 11.331897] ? __pfx_kthread+0x10/0x10 [ 11.331917] ret_from_fork+0x116/0x1d0 [ 11.331934] ? __pfx_kthread+0x10/0x10 [ 11.331953] ret_from_fork_asm+0x1a/0x30 [ 11.331982] </TASK> [ 11.331993] [ 11.344481] Allocated by task 183: [ 11.345241] kasan_save_stack+0x45/0x70 [ 11.345440] kasan_save_track+0x18/0x40 [ 11.345835] kasan_save_alloc_info+0x3b/0x50 [ 11.346175] __kasan_kmalloc+0xb7/0xc0 [ 11.346462] __kmalloc_cache_noprof+0x189/0x420 [ 11.346862] krealloc_uaf+0xbb/0x5e0 [ 11.347045] kunit_try_run_case+0x1a5/0x480 [ 11.347251] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.347502] kthread+0x337/0x6f0 [ 11.347967] ret_from_fork+0x116/0x1d0 [ 11.348146] ret_from_fork_asm+0x1a/0x30 [ 11.348543] [ 11.348734] Freed by task 183: [ 11.348880] kasan_save_stack+0x45/0x70 [ 11.349212] kasan_save_track+0x18/0x40 [ 11.349492] kasan_save_free_info+0x3f/0x60 [ 11.350037] __kasan_slab_free+0x56/0x70 [ 11.350199] kfree+0x222/0x3f0 [ 11.350367] krealloc_uaf+0x13d/0x5e0 [ 11.350557] kunit_try_run_case+0x1a5/0x480 [ 11.351167] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.351430] kthread+0x337/0x6f0 [ 11.351814] ret_from_fork+0x116/0x1d0 [ 11.351994] ret_from_fork_asm+0x1a/0x30 [ 11.352317] [ 11.352421] The buggy address belongs to the object at ffff888100a21e00 [ 11.352421] which belongs to the cache kmalloc-256 of size 256 [ 11.353537] The buggy address is located 0 bytes inside of [ 11.353537] freed 256-byte region [ffff888100a21e00, ffff888100a21f00) [ 11.354307] [ 11.354422] The buggy address belongs to the physical page: [ 11.355076] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a20 [ 11.355420] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.355882] flags: 0x200000000000040(head|node=0|zone=2) [ 11.356144] page_type: f5(slab) [ 11.356310] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.356598] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.357208] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.357497] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.358089] head: 0200000000000001 ffffea0004028801 00000000ffffffff 00000000ffffffff [ 11.358570] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.359023] page dumped because: kasan: bad access detected [ 11.359352] [ 11.359462] Memory state around the buggy address: [ 11.359914] ffff888100a21d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.360296] ffff888100a21d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.360715] >ffff888100a21e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.361642] ^ [ 11.361782] ffff888100a21e80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.362002] ffff888100a21f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.362217] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 22.854029] ================================================================== [ 22.854459] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 22.854459] [ 22.854985] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#129): [ 22.855604] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 22.855917] kunit_try_run_case+0x1a5/0x480 [ 22.856289] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.856511] kthread+0x337/0x6f0 [ 22.856734] ret_from_fork+0x116/0x1d0 [ 22.856932] ret_from_fork_asm+0x1a/0x30 [ 22.857129] [ 22.857250] kfence-#129: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 22.857250] [ 22.857671] allocated by task 344 on cpu 0 at 22.853769s (0.003899s ago): [ 22.858040] test_alloc+0x364/0x10f0 [ 22.858227] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 22.858406] kunit_try_run_case+0x1a5/0x480 [ 22.858617] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.858905] kthread+0x337/0x6f0 [ 22.859095] ret_from_fork+0x116/0x1d0 [ 22.859263] ret_from_fork_asm+0x1a/0x30 [ 22.859508] [ 22.859609] freed by task 344 on cpu 0 at 22.853913s (0.005693s ago): [ 22.859892] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 22.860111] kunit_try_run_case+0x1a5/0x480 [ 22.860314] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.860564] kthread+0x337/0x6f0 [ 22.860747] ret_from_fork+0x116/0x1d0 [ 22.860905] ret_from_fork_asm+0x1a/0x30 [ 22.861042] [ 22.861139] CPU: 0 UID: 0 PID: 344 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 22.861647] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.861857] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.862244] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 22.542114] ================================================================== [ 22.542545] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 22.542545] [ 22.542935] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#126): [ 22.543296] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 22.543539] kunit_try_run_case+0x1a5/0x480 [ 22.543763] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.543990] kthread+0x337/0x6f0 [ 22.544139] ret_from_fork+0x116/0x1d0 [ 22.544275] ret_from_fork_asm+0x1a/0x30 [ 22.544430] [ 22.544520] kfence-#126: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 22.544520] [ 22.545316] allocated by task 342 on cpu 1 at 22.541888s (0.003425s ago): [ 22.545591] test_alloc+0x364/0x10f0 [ 22.545721] test_kmalloc_aligned_oob_read+0x105/0x560 [ 22.546053] kunit_try_run_case+0x1a5/0x480 [ 22.546244] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.546473] kthread+0x337/0x6f0 [ 22.546642] ret_from_fork+0x116/0x1d0 [ 22.546813] ret_from_fork_asm+0x1a/0x30 [ 22.546954] [ 22.547072] CPU: 1 UID: 0 PID: 342 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 22.547538] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.547684] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.548059] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 17.862030] ================================================================== [ 17.862463] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 17.862463] [ 17.862949] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#81): [ 17.863776] test_corruption+0x2d2/0x3e0 [ 17.864115] kunit_try_run_case+0x1a5/0x480 [ 17.864302] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.864583] kthread+0x337/0x6f0 [ 17.864782] ret_from_fork+0x116/0x1d0 [ 17.864986] ret_from_fork_asm+0x1a/0x30 [ 17.865178] [ 17.865255] kfence-#81: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.865255] [ 17.865672] allocated by task 330 on cpu 1 at 17.861796s (0.003873s ago): [ 17.866037] test_alloc+0x364/0x10f0 [ 17.866228] test_corruption+0xe6/0x3e0 [ 17.866437] kunit_try_run_case+0x1a5/0x480 [ 17.866593] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.866770] kthread+0x337/0x6f0 [ 17.866968] ret_from_fork+0x116/0x1d0 [ 17.867179] ret_from_fork_asm+0x1a/0x30 [ 17.867509] [ 17.867611] freed by task 330 on cpu 1 at 17.861872s (0.005736s ago): [ 17.867964] test_corruption+0x2d2/0x3e0 [ 17.868142] kunit_try_run_case+0x1a5/0x480 [ 17.868298] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.868588] kthread+0x337/0x6f0 [ 17.868789] ret_from_fork+0x116/0x1d0 [ 17.868962] ret_from_fork_asm+0x1a/0x30 [ 17.869169] [ 17.869291] CPU: 1 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.869777] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.870003] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.870350] ================================================================== [ 18.174122] ================================================================== [ 18.174523] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 18.174523] [ 18.174869] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#84): [ 18.175251] test_corruption+0x216/0x3e0 [ 18.175448] kunit_try_run_case+0x1a5/0x480 [ 18.175783] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.175970] kthread+0x337/0x6f0 [ 18.176122] ret_from_fork+0x116/0x1d0 [ 18.176327] ret_from_fork_asm+0x1a/0x30 [ 18.176493] [ 18.176569] kfence-#84: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.176569] [ 18.177172] allocated by task 332 on cpu 0 at 18.174017s (0.003153s ago): [ 18.177519] test_alloc+0x2a6/0x10f0 [ 18.177681] test_corruption+0x1cb/0x3e0 [ 18.177915] kunit_try_run_case+0x1a5/0x480 [ 18.178078] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.178343] kthread+0x337/0x6f0 [ 18.178518] ret_from_fork+0x116/0x1d0 [ 18.178679] ret_from_fork_asm+0x1a/0x30 [ 18.178817] [ 18.178889] freed by task 332 on cpu 0 at 18.174055s (0.004832s ago): [ 18.179340] test_corruption+0x216/0x3e0 [ 18.179483] kunit_try_run_case+0x1a5/0x480 [ 18.179634] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.179890] kthread+0x337/0x6f0 [ 18.180079] ret_from_fork+0x116/0x1d0 [ 18.180346] ret_from_fork_asm+0x1a/0x30 [ 18.180719] [ 18.180835] CPU: 0 UID: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 18.181205] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.181418] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.181792] ================================================================== [ 18.070017] ================================================================== [ 18.070417] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 18.070417] [ 18.070874] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#83): [ 18.071474] test_corruption+0x131/0x3e0 [ 18.071662] kunit_try_run_case+0x1a5/0x480 [ 18.071979] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.072193] kthread+0x337/0x6f0 [ 18.072382] ret_from_fork+0x116/0x1d0 [ 18.072557] ret_from_fork_asm+0x1a/0x30 [ 18.072710] [ 18.072817] kfence-#83: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.072817] [ 18.073286] allocated by task 332 on cpu 0 at 18.069907s (0.003376s ago): [ 18.073594] test_alloc+0x2a6/0x10f0 [ 18.073821] test_corruption+0xe6/0x3e0 [ 18.073980] kunit_try_run_case+0x1a5/0x480 [ 18.074162] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.074350] kthread+0x337/0x6f0 [ 18.074517] ret_from_fork+0x116/0x1d0 [ 18.074704] ret_from_fork_asm+0x1a/0x30 [ 18.074884] [ 18.074981] freed by task 332 on cpu 0 at 18.069950s (0.005029s ago): [ 18.075200] test_corruption+0x131/0x3e0 [ 18.075407] kunit_try_run_case+0x1a5/0x480 [ 18.075626] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.075963] kthread+0x337/0x6f0 [ 18.076135] ret_from_fork+0x116/0x1d0 [ 18.076291] ret_from_fork_asm+0x1a/0x30 [ 18.076484] [ 18.076589] CPU: 0 UID: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 18.077044] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.077231] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.077587] ================================================================== [ 17.966146] ================================================================== [ 17.966548] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 17.966548] [ 17.966987] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#82): [ 17.967476] test_corruption+0x2df/0x3e0 [ 17.967655] kunit_try_run_case+0x1a5/0x480 [ 17.967924] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.968163] kthread+0x337/0x6f0 [ 17.968354] ret_from_fork+0x116/0x1d0 [ 17.968552] ret_from_fork_asm+0x1a/0x30 [ 17.968742] [ 17.968831] kfence-#82: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.968831] [ 17.969207] allocated by task 330 on cpu 1 at 17.965902s (0.003303s ago): [ 17.969558] test_alloc+0x364/0x10f0 [ 17.969740] test_corruption+0x1cb/0x3e0 [ 17.969928] kunit_try_run_case+0x1a5/0x480 [ 17.970109] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.970367] kthread+0x337/0x6f0 [ 17.970546] ret_from_fork+0x116/0x1d0 [ 17.970755] ret_from_fork_asm+0x1a/0x30 [ 17.970951] [ 17.971041] freed by task 330 on cpu 1 at 17.965997s (0.005042s ago): [ 17.971336] test_corruption+0x2df/0x3e0 [ 17.971548] kunit_try_run_case+0x1a5/0x480 [ 17.971787] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.972038] kthread+0x337/0x6f0 [ 17.972207] ret_from_fork+0x116/0x1d0 [ 17.972401] ret_from_fork_asm+0x1a/0x30 [ 17.972539] [ 17.972630] CPU: 1 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.973421] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.973662] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.974081] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 17.550010] ================================================================== [ 17.550384] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 17.550384] [ 17.550693] Invalid free of 0x(____ptrval____) (in kfence-#78): [ 17.551335] test_invalid_addr_free+0xfb/0x260 [ 17.551772] kunit_try_run_case+0x1a5/0x480 [ 17.552177] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.552529] kthread+0x337/0x6f0 [ 17.552658] ret_from_fork+0x116/0x1d0 [ 17.552832] ret_from_fork_asm+0x1a/0x30 [ 17.553214] [ 17.553405] kfence-#78: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.553405] [ 17.554219] allocated by task 328 on cpu 1 at 17.549912s (0.004305s ago): [ 17.554504] test_alloc+0x2a6/0x10f0 [ 17.554679] test_invalid_addr_free+0xdb/0x260 [ 17.554939] kunit_try_run_case+0x1a5/0x480 [ 17.555132] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.555395] kthread+0x337/0x6f0 [ 17.555561] ret_from_fork+0x116/0x1d0 [ 17.555744] ret_from_fork_asm+0x1a/0x30 [ 17.555965] [ 17.556091] CPU: 1 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.556533] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.556765] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.557088] ================================================================== [ 17.446077] ================================================================== [ 17.446434] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 17.446434] [ 17.446712] Invalid free of 0x(____ptrval____) (in kfence-#77): [ 17.446913] test_invalid_addr_free+0x1e1/0x260 [ 17.447071] kunit_try_run_case+0x1a5/0x480 [ 17.447222] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.447409] kthread+0x337/0x6f0 [ 17.447536] ret_from_fork+0x116/0x1d0 [ 17.447688] ret_from_fork_asm+0x1a/0x30 [ 17.447919] [ 17.448019] kfence-#77: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.448019] [ 17.448312] allocated by task 326 on cpu 0 at 17.445915s (0.002394s ago): [ 17.448566] test_alloc+0x364/0x10f0 [ 17.449545] test_invalid_addr_free+0xdb/0x260 [ 17.449785] kunit_try_run_case+0x1a5/0x480 [ 17.449981] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.450211] kthread+0x337/0x6f0 [ 17.450382] ret_from_fork+0x116/0x1d0 [ 17.450553] ret_from_fork_asm+0x1a/0x30 [ 17.450732] [ 17.450847] CPU: 0 UID: 0 PID: 326 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.451278] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.451930] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.452418] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 17.342129] ================================================================== [ 17.342546] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 17.342546] [ 17.343017] Invalid free of 0x(____ptrval____) (in kfence-#76): [ 17.343568] test_double_free+0x112/0x260 [ 17.343768] kunit_try_run_case+0x1a5/0x480 [ 17.343995] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.344348] kthread+0x337/0x6f0 [ 17.344542] ret_from_fork+0x116/0x1d0 [ 17.345164] ret_from_fork_asm+0x1a/0x30 [ 17.345371] [ 17.345453] kfence-#76: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.345453] [ 17.346023] allocated by task 324 on cpu 0 at 17.341946s (0.004074s ago): [ 17.346499] test_alloc+0x2a6/0x10f0 [ 17.346670] test_double_free+0xdb/0x260 [ 17.347009] kunit_try_run_case+0x1a5/0x480 [ 17.347208] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.347444] kthread+0x337/0x6f0 [ 17.347602] ret_from_fork+0x116/0x1d0 [ 17.347996] ret_from_fork_asm+0x1a/0x30 [ 17.348197] [ 17.348283] freed by task 324 on cpu 0 at 17.342000s (0.006280s ago): [ 17.348735] test_double_free+0xfa/0x260 [ 17.349041] kunit_try_run_case+0x1a5/0x480 [ 17.349212] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.349592] kthread+0x337/0x6f0 [ 17.349773] ret_from_fork+0x116/0x1d0 [ 17.350064] ret_from_fork_asm+0x1a/0x30 [ 17.350252] [ 17.350371] CPU: 0 UID: 0 PID: 324 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.350988] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.351176] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.351698] ================================================================== [ 17.238196] ================================================================== [ 17.238673] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 17.238673] [ 17.239078] Invalid free of 0x(____ptrval____) (in kfence-#75): [ 17.239462] test_double_free+0x1d3/0x260 [ 17.239651] kunit_try_run_case+0x1a5/0x480 [ 17.239919] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.240125] kthread+0x337/0x6f0 [ 17.240359] ret_from_fork+0x116/0x1d0 [ 17.240555] ret_from_fork_asm+0x1a/0x30 [ 17.240837] [ 17.240918] kfence-#75: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.240918] [ 17.241301] allocated by task 322 on cpu 1 at 17.237937s (0.003362s ago): [ 17.241602] test_alloc+0x364/0x10f0 [ 17.241766] test_double_free+0xdb/0x260 [ 17.241965] kunit_try_run_case+0x1a5/0x480 [ 17.242177] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.242410] kthread+0x337/0x6f0 [ 17.242564] ret_from_fork+0x116/0x1d0 [ 17.242793] ret_from_fork_asm+0x1a/0x30 [ 17.242960] [ 17.243035] freed by task 322 on cpu 1 at 17.238009s (0.005024s ago): [ 17.243240] test_double_free+0x1e0/0x260 [ 17.243388] kunit_try_run_case+0x1a5/0x480 [ 17.243583] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.243960] kthread+0x337/0x6f0 [ 17.244170] ret_from_fork+0x116/0x1d0 [ 17.244376] ret_from_fork_asm+0x1a/0x30 [ 17.244580] [ 17.244699] CPU: 1 UID: 0 PID: 322 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.245208] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.245415] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.245854] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 16.926086] ================================================================== [ 16.926511] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 16.926511] [ 16.926958] Use-after-free read at 0x(____ptrval____) (in kfence-#72): [ 16.927239] test_use_after_free_read+0x129/0x270 [ 16.927483] kunit_try_run_case+0x1a5/0x480 [ 16.927706] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.927971] kthread+0x337/0x6f0 [ 16.928103] ret_from_fork+0x116/0x1d0 [ 16.928317] ret_from_fork_asm+0x1a/0x30 [ 16.928526] [ 16.928630] kfence-#72: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.928630] [ 16.929041] allocated by task 316 on cpu 1 at 16.925940s (0.003098s ago): [ 16.929289] test_alloc+0x2a6/0x10f0 [ 16.929449] test_use_after_free_read+0xdc/0x270 [ 16.929672] kunit_try_run_case+0x1a5/0x480 [ 16.929904] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.930126] kthread+0x337/0x6f0 [ 16.930250] ret_from_fork+0x116/0x1d0 [ 16.930393] ret_from_fork_asm+0x1a/0x30 [ 16.930592] [ 16.930687] freed by task 316 on cpu 1 at 16.926000s (0.004684s ago): [ 16.931053] test_use_after_free_read+0xfb/0x270 [ 16.931285] kunit_try_run_case+0x1a5/0x480 [ 16.931505] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.931756] kthread+0x337/0x6f0 [ 16.931913] ret_from_fork+0x116/0x1d0 [ 16.932103] ret_from_fork_asm+0x1a/0x30 [ 16.932282] [ 16.932419] CPU: 1 UID: 0 PID: 316 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.932908] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.933076] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.933362] ================================================================== [ 16.822159] ================================================================== [ 16.822636] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 16.822636] [ 16.823378] Use-after-free read at 0x(____ptrval____) (in kfence-#71): [ 16.824043] test_use_after_free_read+0x129/0x270 [ 16.824277] kunit_try_run_case+0x1a5/0x480 [ 16.824503] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.824911] kthread+0x337/0x6f0 [ 16.825188] ret_from_fork+0x116/0x1d0 [ 16.825451] ret_from_fork_asm+0x1a/0x30 [ 16.825690] [ 16.825898] kfence-#71: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.825898] [ 16.826271] allocated by task 314 on cpu 0 at 16.821940s (0.004328s ago): [ 16.826604] test_alloc+0x364/0x10f0 [ 16.827048] test_use_after_free_read+0xdc/0x270 [ 16.827345] kunit_try_run_case+0x1a5/0x480 [ 16.827635] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.828023] kthread+0x337/0x6f0 [ 16.828297] ret_from_fork+0x116/0x1d0 [ 16.828509] ret_from_fork_asm+0x1a/0x30 [ 16.828947] [ 16.829382] freed by task 314 on cpu 0 at 16.822002s (0.007274s ago): [ 16.829742] test_use_after_free_read+0x1e7/0x270 [ 16.829964] kunit_try_run_case+0x1a5/0x480 [ 16.830311] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.830671] kthread+0x337/0x6f0 [ 16.830946] ret_from_fork+0x116/0x1d0 [ 16.831149] ret_from_fork_asm+0x1a/0x30 [ 16.831498] [ 16.831732] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.832204] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.832550] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.833038] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 16.717964] ================================================================== [ 16.718386] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 16.718386] [ 16.718946] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#70): [ 16.719215] test_out_of_bounds_write+0x10d/0x260 [ 16.719398] kunit_try_run_case+0x1a5/0x480 [ 16.719614] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.719928] kthread+0x337/0x6f0 [ 16.720073] ret_from_fork+0x116/0x1d0 [ 16.720257] ret_from_fork_asm+0x1a/0x30 [ 16.720443] [ 16.720543] kfence-#70: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.720543] [ 16.720902] allocated by task 312 on cpu 1 at 16.717901s (0.002997s ago): [ 16.721207] test_alloc+0x2a6/0x10f0 [ 16.721400] test_out_of_bounds_write+0xd4/0x260 [ 16.721577] kunit_try_run_case+0x1a5/0x480 [ 16.721735] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.721994] kthread+0x337/0x6f0 [ 16.722165] ret_from_fork+0x116/0x1d0 [ 16.722359] ret_from_fork_asm+0x1a/0x30 [ 16.722515] [ 16.722637] CPU: 1 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.723178] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.723369] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.723787] ================================================================== [ 16.510036] ================================================================== [ 16.510456] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 16.510456] [ 16.510969] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#68): [ 16.511284] test_out_of_bounds_write+0x10d/0x260 [ 16.511508] kunit_try_run_case+0x1a5/0x480 [ 16.511675] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.512184] kthread+0x337/0x6f0 [ 16.512366] ret_from_fork+0x116/0x1d0 [ 16.512501] ret_from_fork_asm+0x1a/0x30 [ 16.512641] [ 16.512714] kfence-#68: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.512714] [ 16.513119] allocated by task 310 on cpu 0 at 16.509904s (0.003213s ago): [ 16.513501] test_alloc+0x364/0x10f0 [ 16.513703] test_out_of_bounds_write+0xd4/0x260 [ 16.513951] kunit_try_run_case+0x1a5/0x480 [ 16.514147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.514318] kthread+0x337/0x6f0 [ 16.514523] ret_from_fork+0x116/0x1d0 [ 16.514743] ret_from_fork_asm+0x1a/0x30 [ 16.514983] [ 16.515119] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.515565] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.515707] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.515972] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 15.886123] ================================================================== [ 15.886528] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 15.886528] [ 15.887084] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#62): [ 15.887370] test_out_of_bounds_read+0x216/0x4e0 [ 15.887590] kunit_try_run_case+0x1a5/0x480 [ 15.887910] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.888169] kthread+0x337/0x6f0 [ 15.888349] ret_from_fork+0x116/0x1d0 [ 15.888504] ret_from_fork_asm+0x1a/0x30 [ 15.888714] [ 15.888828] kfence-#62: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 15.888828] [ 15.889223] allocated by task 306 on cpu 0 at 15.885931s (0.003289s ago): [ 15.889510] test_alloc+0x364/0x10f0 [ 15.889703] test_out_of_bounds_read+0x1e2/0x4e0 [ 15.889891] kunit_try_run_case+0x1a5/0x480 [ 15.890044] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.890282] kthread+0x337/0x6f0 [ 15.890468] ret_from_fork+0x116/0x1d0 [ 15.890662] ret_from_fork_asm+0x1a/0x30 [ 15.890852] [ 15.890949] CPU: 0 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.891657] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.891872] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.892227] ================================================================== [ 15.782910] ================================================================== [ 15.783392] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 15.783392] [ 15.783893] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#61): [ 15.784273] test_out_of_bounds_read+0x126/0x4e0 [ 15.784527] kunit_try_run_case+0x1a5/0x480 [ 15.784707] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.785033] kthread+0x337/0x6f0 [ 15.785271] ret_from_fork+0x116/0x1d0 [ 15.785466] ret_from_fork_asm+0x1a/0x30 [ 15.785667] [ 15.785911] kfence-#61: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 15.785911] [ 15.786438] allocated by task 306 on cpu 0 at 15.781886s (0.004496s ago): [ 15.786973] test_alloc+0x364/0x10f0 [ 15.787187] test_out_of_bounds_read+0xed/0x4e0 [ 15.787405] kunit_try_run_case+0x1a5/0x480 [ 15.787590] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.787902] kthread+0x337/0x6f0 [ 15.788043] ret_from_fork+0x116/0x1d0 [ 15.788225] ret_from_fork_asm+0x1a/0x30 [ 15.788470] [ 15.788598] CPU: 0 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.789078] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.789248] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.789715] ================================================================== [ 15.990009] ================================================================== [ 15.990426] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 15.990426] [ 15.990970] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#63): [ 15.991704] test_out_of_bounds_read+0x126/0x4e0 [ 15.991970] kunit_try_run_case+0x1a5/0x480 [ 15.992164] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.992428] kthread+0x337/0x6f0 [ 15.992593] ret_from_fork+0x116/0x1d0 [ 15.993167] ret_from_fork_asm+0x1a/0x30 [ 15.993362] [ 15.993443] kfence-#63: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 15.993443] [ 15.993969] allocated by task 308 on cpu 1 at 15.989945s (0.004021s ago): [ 15.994544] test_alloc+0x2a6/0x10f0 [ 15.994739] test_out_of_bounds_read+0xed/0x4e0 [ 15.995058] kunit_try_run_case+0x1a5/0x480 [ 15.995236] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.995601] kthread+0x337/0x6f0 [ 15.995766] ret_from_fork+0x116/0x1d0 [ 15.996065] ret_from_fork_asm+0x1a/0x30 [ 15.996242] [ 15.996356] CPU: 1 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.997020] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.997209] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.997662] ================================================================== [ 16.301955] ================================================================== [ 16.302376] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 16.302376] [ 16.302849] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#66): [ 16.303133] test_out_of_bounds_read+0x216/0x4e0 [ 16.303381] kunit_try_run_case+0x1a5/0x480 [ 16.303573] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.304452] kthread+0x337/0x6f0 [ 16.304638] ret_from_fork+0x116/0x1d0 [ 16.304927] ret_from_fork_asm+0x1a/0x30 [ 16.305089] [ 16.305194] kfence-#66: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.305194] [ 16.305577] allocated by task 308 on cpu 1 at 16.301895s (0.003680s ago): [ 16.306136] test_alloc+0x2a6/0x10f0 [ 16.306390] test_out_of_bounds_read+0x1e2/0x4e0 [ 16.306598] kunit_try_run_case+0x1a5/0x480 [ 16.307010] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.307342] kthread+0x337/0x6f0 [ 16.307592] ret_from_fork+0x116/0x1d0 [ 16.307759] ret_from_fork_asm+0x1a/0x30 [ 16.308084] [ 16.308188] CPU: 1 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.308747] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.309068] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.309521] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 15.526251] ================================================================== [ 15.526659] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 15.526933] Write of size 1 at addr ffff888102c8ba78 by task kunit_try_catch/304 [ 15.527278] [ 15.527401] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.527454] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.527468] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.527490] Call Trace: [ 15.527505] <TASK> [ 15.527532] dump_stack_lvl+0x73/0xb0 [ 15.527558] print_report+0xd1/0x650 [ 15.527581] ? __virt_addr_valid+0x1db/0x2d0 [ 15.527604] ? strncpy_from_user+0x1a5/0x1d0 [ 15.527628] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.527656] ? strncpy_from_user+0x1a5/0x1d0 [ 15.527679] kasan_report+0x141/0x180 [ 15.527702] ? strncpy_from_user+0x1a5/0x1d0 [ 15.527730] __asan_report_store1_noabort+0x1b/0x30 [ 15.527752] strncpy_from_user+0x1a5/0x1d0 [ 15.527778] copy_user_test_oob+0x760/0x10f0 [ 15.527804] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.527828] ? finish_task_switch.isra.0+0x153/0x700 [ 15.527871] ? __switch_to+0x47/0xf50 [ 15.527897] ? __schedule+0x10cc/0x2b60 [ 15.527925] ? __pfx_read_tsc+0x10/0x10 [ 15.527947] ? ktime_get_ts64+0x86/0x230 [ 15.527971] kunit_try_run_case+0x1a5/0x480 [ 15.527997] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.528020] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.528044] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.528068] ? __kthread_parkme+0x82/0x180 [ 15.528091] ? preempt_count_sub+0x50/0x80 [ 15.528117] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.528143] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.528170] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.528195] kthread+0x337/0x6f0 [ 15.528216] ? trace_preempt_on+0x20/0xc0 [ 15.528241] ? __pfx_kthread+0x10/0x10 [ 15.528263] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.528284] ? calculate_sigpending+0x7b/0xa0 [ 15.528309] ? __pfx_kthread+0x10/0x10 [ 15.528331] ret_from_fork+0x116/0x1d0 [ 15.528359] ? __pfx_kthread+0x10/0x10 [ 15.528380] ret_from_fork_asm+0x1a/0x30 [ 15.528413] </TASK> [ 15.528425] [ 15.536137] Allocated by task 304: [ 15.536320] kasan_save_stack+0x45/0x70 [ 15.536581] kasan_save_track+0x18/0x40 [ 15.536782] kasan_save_alloc_info+0x3b/0x50 [ 15.537090] __kasan_kmalloc+0xb7/0xc0 [ 15.537258] __kmalloc_noprof+0x1c9/0x500 [ 15.537411] kunit_kmalloc_array+0x25/0x60 [ 15.537622] copy_user_test_oob+0xab/0x10f0 [ 15.537885] kunit_try_run_case+0x1a5/0x480 [ 15.538136] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.538314] kthread+0x337/0x6f0 [ 15.538447] ret_from_fork+0x116/0x1d0 [ 15.538581] ret_from_fork_asm+0x1a/0x30 [ 15.538719] [ 15.538862] The buggy address belongs to the object at ffff888102c8ba00 [ 15.538862] which belongs to the cache kmalloc-128 of size 128 [ 15.539406] The buggy address is located 0 bytes to the right of [ 15.539406] allocated 120-byte region [ffff888102c8ba00, ffff888102c8ba78) [ 15.540096] [ 15.540171] The buggy address belongs to the physical page: [ 15.540368] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c8b [ 15.540803] flags: 0x200000000000000(node=0|zone=2) [ 15.541094] page_type: f5(slab) [ 15.541269] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.541630] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.542209] page dumped because: kasan: bad access detected [ 15.542518] [ 15.542663] Memory state around the buggy address: [ 15.542918] ffff888102c8b900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.543232] ffff888102c8b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.543461] >ffff888102c8ba00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.543680] ^ [ 15.544333] ffff888102c8ba80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.544706] ffff888102c8bb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.545018] ================================================================== [ 15.506961] ================================================================== [ 15.507294] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 15.507635] Write of size 121 at addr ffff888102c8ba00 by task kunit_try_catch/304 [ 15.508128] [ 15.508275] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.508318] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.508331] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.508364] Call Trace: [ 15.508379] <TASK> [ 15.508394] dump_stack_lvl+0x73/0xb0 [ 15.508422] print_report+0xd1/0x650 [ 15.508446] ? __virt_addr_valid+0x1db/0x2d0 [ 15.508469] ? strncpy_from_user+0x2e/0x1d0 [ 15.508494] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.508517] ? strncpy_from_user+0x2e/0x1d0 [ 15.508541] kasan_report+0x141/0x180 [ 15.508564] ? strncpy_from_user+0x2e/0x1d0 [ 15.508593] kasan_check_range+0x10c/0x1c0 [ 15.508618] __kasan_check_write+0x18/0x20 [ 15.508639] strncpy_from_user+0x2e/0x1d0 [ 15.508661] ? __kasan_check_read+0x15/0x20 [ 15.508684] copy_user_test_oob+0x760/0x10f0 [ 15.508710] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.508734] ? finish_task_switch.isra.0+0x153/0x700 [ 15.508757] ? __switch_to+0x47/0xf50 [ 15.508783] ? __schedule+0x10cc/0x2b60 [ 15.508806] ? __pfx_read_tsc+0x10/0x10 [ 15.508827] ? ktime_get_ts64+0x86/0x230 [ 15.508852] kunit_try_run_case+0x1a5/0x480 [ 15.508876] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.508900] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.508925] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.508949] ? __kthread_parkme+0x82/0x180 [ 15.508984] ? preempt_count_sub+0x50/0x80 [ 15.509008] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.509032] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.509068] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.509093] kthread+0x337/0x6f0 [ 15.509113] ? trace_preempt_on+0x20/0xc0 [ 15.509138] ? __pfx_kthread+0x10/0x10 [ 15.509160] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.509181] ? calculate_sigpending+0x7b/0xa0 [ 15.509205] ? __pfx_kthread+0x10/0x10 [ 15.509228] ret_from_fork+0x116/0x1d0 [ 15.509246] ? __pfx_kthread+0x10/0x10 [ 15.509267] ret_from_fork_asm+0x1a/0x30 [ 15.509298] </TASK> [ 15.509310] [ 15.517378] Allocated by task 304: [ 15.517516] kasan_save_stack+0x45/0x70 [ 15.517729] kasan_save_track+0x18/0x40 [ 15.517939] kasan_save_alloc_info+0x3b/0x50 [ 15.518161] __kasan_kmalloc+0xb7/0xc0 [ 15.518357] __kmalloc_noprof+0x1c9/0x500 [ 15.518558] kunit_kmalloc_array+0x25/0x60 [ 15.518794] copy_user_test_oob+0xab/0x10f0 [ 15.518974] kunit_try_run_case+0x1a5/0x480 [ 15.519210] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.519417] kthread+0x337/0x6f0 [ 15.519540] ret_from_fork+0x116/0x1d0 [ 15.519677] ret_from_fork_asm+0x1a/0x30 [ 15.519860] [ 15.520047] The buggy address belongs to the object at ffff888102c8ba00 [ 15.520047] which belongs to the cache kmalloc-128 of size 128 [ 15.520644] The buggy address is located 0 bytes inside of [ 15.520644] allocated 120-byte region [ffff888102c8ba00, ffff888102c8ba78) [ 15.521254] [ 15.521347] The buggy address belongs to the physical page: [ 15.521708] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c8b [ 15.522105] flags: 0x200000000000000(node=0|zone=2) [ 15.522333] page_type: f5(slab) [ 15.522511] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.522829] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.523170] page dumped because: kasan: bad access detected [ 15.523416] [ 15.523525] Memory state around the buggy address: [ 15.523736] ffff888102c8b900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.524065] ffff888102c8b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.524398] >ffff888102c8ba00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.524707] ^ [ 15.525024] ffff888102c8ba80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.525318] ffff888102c8bb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.525637] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 15.468450] ================================================================== [ 15.468749] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 15.469366] Write of size 121 at addr ffff888102c8ba00 by task kunit_try_catch/304 [ 15.469709] [ 15.470332] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.470390] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.470403] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.470425] Call Trace: [ 15.470441] <TASK> [ 15.470457] dump_stack_lvl+0x73/0xb0 [ 15.470486] print_report+0xd1/0x650 [ 15.470509] ? __virt_addr_valid+0x1db/0x2d0 [ 15.470533] ? copy_user_test_oob+0x557/0x10f0 [ 15.470557] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.470580] ? copy_user_test_oob+0x557/0x10f0 [ 15.470604] kasan_report+0x141/0x180 [ 15.470627] ? copy_user_test_oob+0x557/0x10f0 [ 15.470772] kasan_check_range+0x10c/0x1c0 [ 15.470799] __kasan_check_write+0x18/0x20 [ 15.470820] copy_user_test_oob+0x557/0x10f0 [ 15.470846] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.470879] ? finish_task_switch.isra.0+0x153/0x700 [ 15.470905] ? __switch_to+0x47/0xf50 [ 15.470942] ? __schedule+0x10cc/0x2b60 [ 15.470966] ? __pfx_read_tsc+0x10/0x10 [ 15.470987] ? ktime_get_ts64+0x86/0x230 [ 15.471011] kunit_try_run_case+0x1a5/0x480 [ 15.471036] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.471061] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.471085] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.471109] ? __kthread_parkme+0x82/0x180 [ 15.471131] ? preempt_count_sub+0x50/0x80 [ 15.471155] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.471179] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.471203] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.471236] kthread+0x337/0x6f0 [ 15.471257] ? trace_preempt_on+0x20/0xc0 [ 15.471281] ? __pfx_kthread+0x10/0x10 [ 15.471313] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.471335] ? calculate_sigpending+0x7b/0xa0 [ 15.471368] ? __pfx_kthread+0x10/0x10 [ 15.471391] ret_from_fork+0x116/0x1d0 [ 15.471418] ? __pfx_kthread+0x10/0x10 [ 15.471439] ret_from_fork_asm+0x1a/0x30 [ 15.471470] </TASK> [ 15.471493] [ 15.479163] Allocated by task 304: [ 15.479378] kasan_save_stack+0x45/0x70 [ 15.479573] kasan_save_track+0x18/0x40 [ 15.479819] kasan_save_alloc_info+0x3b/0x50 [ 15.479993] __kasan_kmalloc+0xb7/0xc0 [ 15.480173] __kmalloc_noprof+0x1c9/0x500 [ 15.480315] kunit_kmalloc_array+0x25/0x60 [ 15.480472] copy_user_test_oob+0xab/0x10f0 [ 15.480667] kunit_try_run_case+0x1a5/0x480 [ 15.480879] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.481131] kthread+0x337/0x6f0 [ 15.481297] ret_from_fork+0x116/0x1d0 [ 15.481551] ret_from_fork_asm+0x1a/0x30 [ 15.481692] [ 15.481828] The buggy address belongs to the object at ffff888102c8ba00 [ 15.481828] which belongs to the cache kmalloc-128 of size 128 [ 15.482364] The buggy address is located 0 bytes inside of [ 15.482364] allocated 120-byte region [ffff888102c8ba00, ffff888102c8ba78) [ 15.482966] [ 15.483058] The buggy address belongs to the physical page: [ 15.483304] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c8b [ 15.483644] flags: 0x200000000000000(node=0|zone=2) [ 15.483940] page_type: f5(slab) [ 15.484111] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.484372] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.484603] page dumped because: kasan: bad access detected [ 15.484776] [ 15.484847] Memory state around the buggy address: [ 15.485015] ffff888102c8b900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.485430] ffff888102c8b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.485746] >ffff888102c8ba00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.486043] ^ [ 15.486253] ffff888102c8ba80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.486822] ffff888102c8bb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.487124] ================================================================== [ 15.450067] ================================================================== [ 15.450437] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 15.450762] Read of size 121 at addr ffff888102c8ba00 by task kunit_try_catch/304 [ 15.451042] [ 15.451126] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.451182] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.451194] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.451216] Call Trace: [ 15.451230] <TASK> [ 15.451247] dump_stack_lvl+0x73/0xb0 [ 15.451272] print_report+0xd1/0x650 [ 15.451296] ? __virt_addr_valid+0x1db/0x2d0 [ 15.451330] ? copy_user_test_oob+0x4aa/0x10f0 [ 15.451372] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.451395] ? copy_user_test_oob+0x4aa/0x10f0 [ 15.451419] kasan_report+0x141/0x180 [ 15.451442] ? copy_user_test_oob+0x4aa/0x10f0 [ 15.451471] kasan_check_range+0x10c/0x1c0 [ 15.451505] __kasan_check_read+0x15/0x20 [ 15.451524] copy_user_test_oob+0x4aa/0x10f0 [ 15.451550] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.451584] ? finish_task_switch.isra.0+0x153/0x700 [ 15.451607] ? __switch_to+0x47/0xf50 [ 15.451633] ? __schedule+0x10cc/0x2b60 [ 15.451659] ? __pfx_read_tsc+0x10/0x10 [ 15.451691] ? ktime_get_ts64+0x86/0x230 [ 15.451715] kunit_try_run_case+0x1a5/0x480 [ 15.451753] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.451784] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.451808] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.451832] ? __kthread_parkme+0x82/0x180 [ 15.451854] ? preempt_count_sub+0x50/0x80 [ 15.451878] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.451913] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.451936] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.451970] kthread+0x337/0x6f0 [ 15.451990] ? trace_preempt_on+0x20/0xc0 [ 15.452015] ? __pfx_kthread+0x10/0x10 [ 15.452036] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.452066] ? calculate_sigpending+0x7b/0xa0 [ 15.452091] ? __pfx_kthread+0x10/0x10 [ 15.452114] ret_from_fork+0x116/0x1d0 [ 15.452144] ? __pfx_kthread+0x10/0x10 [ 15.452165] ret_from_fork_asm+0x1a/0x30 [ 15.452195] </TASK> [ 15.452216] [ 15.460092] Allocated by task 304: [ 15.460255] kasan_save_stack+0x45/0x70 [ 15.460408] kasan_save_track+0x18/0x40 [ 15.460547] kasan_save_alloc_info+0x3b/0x50 [ 15.460697] __kasan_kmalloc+0xb7/0xc0 [ 15.460831] __kmalloc_noprof+0x1c9/0x500 [ 15.460985] kunit_kmalloc_array+0x25/0x60 [ 15.461230] copy_user_test_oob+0xab/0x10f0 [ 15.461478] kunit_try_run_case+0x1a5/0x480 [ 15.461722] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.461993] kthread+0x337/0x6f0 [ 15.462227] ret_from_fork+0x116/0x1d0 [ 15.462376] ret_from_fork_asm+0x1a/0x30 [ 15.462573] [ 15.462671] The buggy address belongs to the object at ffff888102c8ba00 [ 15.462671] which belongs to the cache kmalloc-128 of size 128 [ 15.463127] The buggy address is located 0 bytes inside of [ 15.463127] allocated 120-byte region [ffff888102c8ba00, ffff888102c8ba78) [ 15.463659] [ 15.463806] The buggy address belongs to the physical page: [ 15.464035] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c8b [ 15.464388] flags: 0x200000000000000(node=0|zone=2) [ 15.464587] page_type: f5(slab) [ 15.464781] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.465096] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.465441] page dumped because: kasan: bad access detected [ 15.465683] [ 15.465818] Memory state around the buggy address: [ 15.466036] ffff888102c8b900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.466307] ffff888102c8b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.466532] >ffff888102c8ba00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.466934] ^ [ 15.467271] ffff888102c8ba80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.467577] ffff888102c8bb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.467949] ================================================================== [ 15.431712] ================================================================== [ 15.432042] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 15.432376] Write of size 121 at addr ffff888102c8ba00 by task kunit_try_catch/304 [ 15.432778] [ 15.432914] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.432960] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.432994] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.433016] Call Trace: [ 15.433031] <TASK> [ 15.433059] dump_stack_lvl+0x73/0xb0 [ 15.433089] print_report+0xd1/0x650 [ 15.433113] ? __virt_addr_valid+0x1db/0x2d0 [ 15.433138] ? copy_user_test_oob+0x3fd/0x10f0 [ 15.433171] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.433194] ? copy_user_test_oob+0x3fd/0x10f0 [ 15.433219] kasan_report+0x141/0x180 [ 15.433257] ? copy_user_test_oob+0x3fd/0x10f0 [ 15.433287] kasan_check_range+0x10c/0x1c0 [ 15.433312] __kasan_check_write+0x18/0x20 [ 15.433350] copy_user_test_oob+0x3fd/0x10f0 [ 15.433378] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.433412] ? finish_task_switch.isra.0+0x153/0x700 [ 15.433435] ? __switch_to+0x47/0xf50 [ 15.433464] ? __schedule+0x10cc/0x2b60 [ 15.433489] ? __pfx_read_tsc+0x10/0x10 [ 15.433520] ? ktime_get_ts64+0x86/0x230 [ 15.433545] kunit_try_run_case+0x1a5/0x480 [ 15.433571] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.433605] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.433629] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.433653] ? __kthread_parkme+0x82/0x180 [ 15.433675] ? preempt_count_sub+0x50/0x80 [ 15.433700] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.433724] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.433748] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.433772] kthread+0x337/0x6f0 [ 15.433793] ? trace_preempt_on+0x20/0xc0 [ 15.433818] ? __pfx_kthread+0x10/0x10 [ 15.433839] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.433862] ? calculate_sigpending+0x7b/0xa0 [ 15.433886] ? __pfx_kthread+0x10/0x10 [ 15.433909] ret_from_fork+0x116/0x1d0 [ 15.433929] ? __pfx_kthread+0x10/0x10 [ 15.433950] ret_from_fork_asm+0x1a/0x30 [ 15.433982] </TASK> [ 15.433993] [ 15.441314] Allocated by task 304: [ 15.441540] kasan_save_stack+0x45/0x70 [ 15.441706] kasan_save_track+0x18/0x40 [ 15.441911] kasan_save_alloc_info+0x3b/0x50 [ 15.442071] __kasan_kmalloc+0xb7/0xc0 [ 15.442237] __kmalloc_noprof+0x1c9/0x500 [ 15.442474] kunit_kmalloc_array+0x25/0x60 [ 15.442673] copy_user_test_oob+0xab/0x10f0 [ 15.442920] kunit_try_run_case+0x1a5/0x480 [ 15.443141] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.443396] kthread+0x337/0x6f0 [ 15.443583] ret_from_fork+0x116/0x1d0 [ 15.443762] ret_from_fork_asm+0x1a/0x30 [ 15.443968] [ 15.444077] The buggy address belongs to the object at ffff888102c8ba00 [ 15.444077] which belongs to the cache kmalloc-128 of size 128 [ 15.444614] The buggy address is located 0 bytes inside of [ 15.444614] allocated 120-byte region [ffff888102c8ba00, ffff888102c8ba78) [ 15.445153] [ 15.445245] The buggy address belongs to the physical page: [ 15.445451] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c8b [ 15.445763] flags: 0x200000000000000(node=0|zone=2) [ 15.445930] page_type: f5(slab) [ 15.446055] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.446286] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.446631] page dumped because: kasan: bad access detected [ 15.447134] [ 15.447245] Memory state around the buggy address: [ 15.447477] ffff888102c8b900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.447755] ffff888102c8b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.447973] >ffff888102c8ba00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.448187] ^ [ 15.448649] ffff888102c8ba80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.449296] ffff888102c8bb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.449653] ================================================================== [ 15.487519] ================================================================== [ 15.488241] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 15.488536] Read of size 121 at addr ffff888102c8ba00 by task kunit_try_catch/304 [ 15.488949] [ 15.489037] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.489079] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.489092] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.489115] Call Trace: [ 15.489130] <TASK> [ 15.489148] dump_stack_lvl+0x73/0xb0 [ 15.489174] print_report+0xd1/0x650 [ 15.489197] ? __virt_addr_valid+0x1db/0x2d0 [ 15.489220] ? copy_user_test_oob+0x604/0x10f0 [ 15.489244] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.489266] ? copy_user_test_oob+0x604/0x10f0 [ 15.489291] kasan_report+0x141/0x180 [ 15.489314] ? copy_user_test_oob+0x604/0x10f0 [ 15.489354] kasan_check_range+0x10c/0x1c0 [ 15.489389] __kasan_check_read+0x15/0x20 [ 15.489410] copy_user_test_oob+0x604/0x10f0 [ 15.489436] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.489470] ? finish_task_switch.isra.0+0x153/0x700 [ 15.489494] ? __switch_to+0x47/0xf50 [ 15.489519] ? __schedule+0x10cc/0x2b60 [ 15.489542] ? __pfx_read_tsc+0x10/0x10 [ 15.489572] ? ktime_get_ts64+0x86/0x230 [ 15.489596] kunit_try_run_case+0x1a5/0x480 [ 15.489632] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.489655] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.489679] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.489703] ? __kthread_parkme+0x82/0x180 [ 15.489734] ? preempt_count_sub+0x50/0x80 [ 15.489764] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.489799] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.489823] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.489847] kthread+0x337/0x6f0 [ 15.489867] ? trace_preempt_on+0x20/0xc0 [ 15.489892] ? __pfx_kthread+0x10/0x10 [ 15.489923] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.489945] ? calculate_sigpending+0x7b/0xa0 [ 15.489969] ? __pfx_kthread+0x10/0x10 [ 15.490002] ret_from_fork+0x116/0x1d0 [ 15.490021] ? __pfx_kthread+0x10/0x10 [ 15.490042] ret_from_fork_asm+0x1a/0x30 [ 15.490082] </TASK> [ 15.490094] [ 15.497334] Allocated by task 304: [ 15.497527] kasan_save_stack+0x45/0x70 [ 15.497728] kasan_save_track+0x18/0x40 [ 15.497924] kasan_save_alloc_info+0x3b/0x50 [ 15.498234] __kasan_kmalloc+0xb7/0xc0 [ 15.498476] __kmalloc_noprof+0x1c9/0x500 [ 15.498617] kunit_kmalloc_array+0x25/0x60 [ 15.498760] copy_user_test_oob+0xab/0x10f0 [ 15.498906] kunit_try_run_case+0x1a5/0x480 [ 15.499072] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.499329] kthread+0x337/0x6f0 [ 15.499530] ret_from_fork+0x116/0x1d0 [ 15.499727] ret_from_fork_asm+0x1a/0x30 [ 15.500082] [ 15.500180] The buggy address belongs to the object at ffff888102c8ba00 [ 15.500180] which belongs to the cache kmalloc-128 of size 128 [ 15.500827] The buggy address is located 0 bytes inside of [ 15.500827] allocated 120-byte region [ffff888102c8ba00, ffff888102c8ba78) [ 15.501284] [ 15.501370] The buggy address belongs to the physical page: [ 15.501559] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c8b [ 15.502155] flags: 0x200000000000000(node=0|zone=2) [ 15.502361] page_type: f5(slab) [ 15.502550] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.502946] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.503266] page dumped because: kasan: bad access detected [ 15.503509] [ 15.503625] Memory state around the buggy address: [ 15.503866] ffff888102c8b900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.504165] ffff888102c8b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.504468] >ffff888102c8ba00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.504860] ^ [ 15.505145] ffff888102c8ba80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.505483] ffff888102c8bb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.505701] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 15.402994] ================================================================== [ 15.403681] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x3c/0x70 [ 15.404115] Read of size 121 at addr ffff888102c8ba00 by task kunit_try_catch/304 [ 15.404466] [ 15.404666] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.404724] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.404754] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.404777] Call Trace: [ 15.404792] <TASK> [ 15.404812] dump_stack_lvl+0x73/0xb0 [ 15.404841] print_report+0xd1/0x650 [ 15.404883] ? __virt_addr_valid+0x1db/0x2d0 [ 15.404908] ? _copy_to_user+0x3c/0x70 [ 15.404927] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.404951] ? _copy_to_user+0x3c/0x70 [ 15.404970] kasan_report+0x141/0x180 [ 15.405003] ? _copy_to_user+0x3c/0x70 [ 15.405028] kasan_check_range+0x10c/0x1c0 [ 15.405052] __kasan_check_read+0x15/0x20 [ 15.405083] _copy_to_user+0x3c/0x70 [ 15.405104] copy_user_test_oob+0x364/0x10f0 [ 15.405129] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.405153] ? finish_task_switch.isra.0+0x153/0x700 [ 15.405176] ? __switch_to+0x47/0xf50 [ 15.405203] ? __schedule+0x10cc/0x2b60 [ 15.405226] ? __pfx_read_tsc+0x10/0x10 [ 15.405248] ? ktime_get_ts64+0x86/0x230 [ 15.405273] kunit_try_run_case+0x1a5/0x480 [ 15.405297] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.405320] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.405354] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.405379] ? __kthread_parkme+0x82/0x180 [ 15.405400] ? preempt_count_sub+0x50/0x80 [ 15.405425] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.405449] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.405473] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.405498] kthread+0x337/0x6f0 [ 15.405517] ? trace_preempt_on+0x20/0xc0 [ 15.405543] ? __pfx_kthread+0x10/0x10 [ 15.405565] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.405588] ? calculate_sigpending+0x7b/0xa0 [ 15.405613] ? __pfx_kthread+0x10/0x10 [ 15.405635] ret_from_fork+0x116/0x1d0 [ 15.405654] ? __pfx_kthread+0x10/0x10 [ 15.405676] ret_from_fork_asm+0x1a/0x30 [ 15.405708] </TASK> [ 15.405720] [ 15.418004] Allocated by task 304: [ 15.418190] kasan_save_stack+0x45/0x70 [ 15.418366] kasan_save_track+0x18/0x40 [ 15.418588] kasan_save_alloc_info+0x3b/0x50 [ 15.418799] __kasan_kmalloc+0xb7/0xc0 [ 15.418977] __kmalloc_noprof+0x1c9/0x500 [ 15.419170] kunit_kmalloc_array+0x25/0x60 [ 15.419421] copy_user_test_oob+0xab/0x10f0 [ 15.419766] kunit_try_run_case+0x1a5/0x480 [ 15.419976] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.420373] kthread+0x337/0x6f0 [ 15.420575] ret_from_fork+0x116/0x1d0 [ 15.420973] ret_from_fork_asm+0x1a/0x30 [ 15.421171] [ 15.421252] The buggy address belongs to the object at ffff888102c8ba00 [ 15.421252] which belongs to the cache kmalloc-128 of size 128 [ 15.421777] The buggy address is located 0 bytes inside of [ 15.421777] allocated 120-byte region [ffff888102c8ba00, ffff888102c8ba78) [ 15.422259] [ 15.422333] The buggy address belongs to the physical page: [ 15.422601] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c8b [ 15.422952] flags: 0x200000000000000(node=0|zone=2) [ 15.423240] page_type: f5(slab) [ 15.423408] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.423854] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.424179] page dumped because: kasan: bad access detected [ 15.424454] [ 15.424560] Memory state around the buggy address: [ 15.424877] ffff888102c8b900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.425141] ffff888102c8b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.425414] >ffff888102c8ba00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.425907] ^ [ 15.426139] ffff888102c8ba80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.426472] ffff888102c8bb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.426786] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 15.366211] ================================================================== [ 15.367735] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 15.368522] Write of size 121 at addr ffff888102c8ba00 by task kunit_try_catch/304 [ 15.369420] [ 15.369532] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.369597] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.369612] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.369637] Call Trace: [ 15.369653] <TASK> [ 15.369676] dump_stack_lvl+0x73/0xb0 [ 15.369713] print_report+0xd1/0x650 [ 15.369741] ? __virt_addr_valid+0x1db/0x2d0 [ 15.369768] ? _copy_from_user+0x32/0x90 [ 15.369787] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.369812] ? _copy_from_user+0x32/0x90 [ 15.369831] kasan_report+0x141/0x180 [ 15.369855] ? _copy_from_user+0x32/0x90 [ 15.369879] kasan_check_range+0x10c/0x1c0 [ 15.369904] __kasan_check_write+0x18/0x20 [ 15.369924] _copy_from_user+0x32/0x90 [ 15.369946] copy_user_test_oob+0x2be/0x10f0 [ 15.369972] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.369995] ? finish_task_switch.isra.0+0x153/0x700 [ 15.370020] ? __switch_to+0x47/0xf50 [ 15.370049] ? __schedule+0x10cc/0x2b60 [ 15.370073] ? __pfx_read_tsc+0x10/0x10 [ 15.370096] ? ktime_get_ts64+0x86/0x230 [ 15.370122] kunit_try_run_case+0x1a5/0x480 [ 15.370147] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.370170] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.370195] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.370218] ? __kthread_parkme+0x82/0x180 [ 15.370242] ? preempt_count_sub+0x50/0x80 [ 15.370266] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.370291] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.370315] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.370338] kthread+0x337/0x6f0 [ 15.370371] ? trace_preempt_on+0x20/0xc0 [ 15.370397] ? __pfx_kthread+0x10/0x10 [ 15.370419] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.370441] ? calculate_sigpending+0x7b/0xa0 [ 15.370467] ? __pfx_kthread+0x10/0x10 [ 15.370490] ret_from_fork+0x116/0x1d0 [ 15.370509] ? __pfx_kthread+0x10/0x10 [ 15.370531] ret_from_fork_asm+0x1a/0x30 [ 15.370564] </TASK> [ 15.370578] [ 15.385787] Allocated by task 304: [ 15.386183] kasan_save_stack+0x45/0x70 [ 15.386590] kasan_save_track+0x18/0x40 [ 15.387002] kasan_save_alloc_info+0x3b/0x50 [ 15.387177] __kasan_kmalloc+0xb7/0xc0 [ 15.387520] __kmalloc_noprof+0x1c9/0x500 [ 15.387968] kunit_kmalloc_array+0x25/0x60 [ 15.388412] copy_user_test_oob+0xab/0x10f0 [ 15.388695] kunit_try_run_case+0x1a5/0x480 [ 15.389139] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.389492] kthread+0x337/0x6f0 [ 15.389647] ret_from_fork+0x116/0x1d0 [ 15.389989] ret_from_fork_asm+0x1a/0x30 [ 15.390526] [ 15.390640] The buggy address belongs to the object at ffff888102c8ba00 [ 15.390640] which belongs to the cache kmalloc-128 of size 128 [ 15.391594] The buggy address is located 0 bytes inside of [ 15.391594] allocated 120-byte region [ffff888102c8ba00, ffff888102c8ba78) [ 15.392624] [ 15.392806] The buggy address belongs to the physical page: [ 15.393313] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c8b [ 15.393962] flags: 0x200000000000000(node=0|zone=2) [ 15.394223] page_type: f5(slab) [ 15.394564] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.395179] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.395780] page dumped because: kasan: bad access detected [ 15.396259] [ 15.396337] Memory state around the buggy address: [ 15.396655] ffff888102c8b900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.397367] ffff888102c8b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.397968] >ffff888102c8ba00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.398637] ^ [ 15.398927] ffff888102c8ba80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.399402] ffff888102c8bb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.399656] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 15.292733] ================================================================== [ 15.293612] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 15.294079] Read of size 8 at addr ffff888102c8b978 by task kunit_try_catch/300 [ 15.294715] [ 15.294937] CPU: 1 UID: 0 PID: 300 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.294999] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.295015] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.295039] Call Trace: [ 15.295054] <TASK> [ 15.295073] dump_stack_lvl+0x73/0xb0 [ 15.295107] print_report+0xd1/0x650 [ 15.295135] ? __virt_addr_valid+0x1db/0x2d0 [ 15.295161] ? copy_to_kernel_nofault+0x225/0x260 [ 15.295185] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.295209] ? copy_to_kernel_nofault+0x225/0x260 [ 15.295233] kasan_report+0x141/0x180 [ 15.295256] ? copy_to_kernel_nofault+0x225/0x260 [ 15.295284] __asan_report_load8_noabort+0x18/0x20 [ 15.295309] copy_to_kernel_nofault+0x225/0x260 [ 15.295334] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 15.295371] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 15.295395] ? finish_task_switch.isra.0+0x153/0x700 [ 15.295419] ? __schedule+0x10cc/0x2b60 [ 15.295442] ? trace_hardirqs_on+0x37/0xe0 [ 15.295475] ? __pfx_read_tsc+0x10/0x10 [ 15.295497] ? ktime_get_ts64+0x86/0x230 [ 15.295522] kunit_try_run_case+0x1a5/0x480 [ 15.295549] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.295678] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.295712] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.295737] ? __kthread_parkme+0x82/0x180 [ 15.295760] ? preempt_count_sub+0x50/0x80 [ 15.295785] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.295810] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.295835] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.295859] kthread+0x337/0x6f0 [ 15.295879] ? trace_preempt_on+0x20/0xc0 [ 15.295902] ? __pfx_kthread+0x10/0x10 [ 15.295924] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.295945] ? calculate_sigpending+0x7b/0xa0 [ 15.295970] ? __pfx_kthread+0x10/0x10 [ 15.295992] ret_from_fork+0x116/0x1d0 [ 15.296012] ? __pfx_kthread+0x10/0x10 [ 15.296033] ret_from_fork_asm+0x1a/0x30 [ 15.296065] </TASK> [ 15.296079] [ 15.308375] Allocated by task 300: [ 15.308962] kasan_save_stack+0x45/0x70 [ 15.309309] kasan_save_track+0x18/0x40 [ 15.309612] kasan_save_alloc_info+0x3b/0x50 [ 15.309924] __kasan_kmalloc+0xb7/0xc0 [ 15.310125] __kmalloc_cache_noprof+0x189/0x420 [ 15.310367] copy_to_kernel_nofault_oob+0x12f/0x560 [ 15.310585] kunit_try_run_case+0x1a5/0x480 [ 15.310774] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.311441] kthread+0x337/0x6f0 [ 15.311855] ret_from_fork+0x116/0x1d0 [ 15.312047] ret_from_fork_asm+0x1a/0x30 [ 15.312313] [ 15.312410] The buggy address belongs to the object at ffff888102c8b900 [ 15.312410] which belongs to the cache kmalloc-128 of size 128 [ 15.313339] The buggy address is located 0 bytes to the right of [ 15.313339] allocated 120-byte region [ffff888102c8b900, ffff888102c8b978) [ 15.314221] [ 15.314310] The buggy address belongs to the physical page: [ 15.314550] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c8b [ 15.315325] flags: 0x200000000000000(node=0|zone=2) [ 15.315784] page_type: f5(slab) [ 15.315966] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.316354] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.316858] page dumped because: kasan: bad access detected [ 15.317236] [ 15.317318] Memory state around the buggy address: [ 15.317801] ffff888102c8b800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.318137] ffff888102c8b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.318441] >ffff888102c8b900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.319081] ^ [ 15.319389] ffff888102c8b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.319904] ffff888102c8ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.320391] ================================================================== [ 15.321257] ================================================================== [ 15.321566] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 15.323057] Write of size 8 at addr ffff888102c8b978 by task kunit_try_catch/300 [ 15.323519] [ 15.323832] CPU: 1 UID: 0 PID: 300 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.324022] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.324039] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.324062] Call Trace: [ 15.324076] <TASK> [ 15.324095] dump_stack_lvl+0x73/0xb0 [ 15.324129] print_report+0xd1/0x650 [ 15.324153] ? __virt_addr_valid+0x1db/0x2d0 [ 15.324178] ? copy_to_kernel_nofault+0x99/0x260 [ 15.324203] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.324226] ? copy_to_kernel_nofault+0x99/0x260 [ 15.324250] kasan_report+0x141/0x180 [ 15.324273] ? copy_to_kernel_nofault+0x99/0x260 [ 15.324301] kasan_check_range+0x10c/0x1c0 [ 15.324325] __kasan_check_write+0x18/0x20 [ 15.324358] copy_to_kernel_nofault+0x99/0x260 [ 15.324384] copy_to_kernel_nofault_oob+0x288/0x560 [ 15.324409] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 15.324435] ? finish_task_switch.isra.0+0x153/0x700 [ 15.324458] ? __schedule+0x10cc/0x2b60 [ 15.324481] ? trace_hardirqs_on+0x37/0xe0 [ 15.324513] ? __pfx_read_tsc+0x10/0x10 [ 15.324535] ? ktime_get_ts64+0x86/0x230 [ 15.324560] kunit_try_run_case+0x1a5/0x480 [ 15.324597] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.324620] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.324644] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.324668] ? __kthread_parkme+0x82/0x180 [ 15.324690] ? preempt_count_sub+0x50/0x80 [ 15.324713] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.324737] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.324761] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.324786] kthread+0x337/0x6f0 [ 15.324805] ? trace_preempt_on+0x20/0xc0 [ 15.324828] ? __pfx_kthread+0x10/0x10 [ 15.324849] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.324871] ? calculate_sigpending+0x7b/0xa0 [ 15.324895] ? __pfx_kthread+0x10/0x10 [ 15.324917] ret_from_fork+0x116/0x1d0 [ 15.324936] ? __pfx_kthread+0x10/0x10 [ 15.324957] ret_from_fork_asm+0x1a/0x30 [ 15.324988] </TASK> [ 15.325001] [ 15.337810] Allocated by task 300: [ 15.338011] kasan_save_stack+0x45/0x70 [ 15.338210] kasan_save_track+0x18/0x40 [ 15.338401] kasan_save_alloc_info+0x3b/0x50 [ 15.338596] __kasan_kmalloc+0xb7/0xc0 [ 15.339187] __kmalloc_cache_noprof+0x189/0x420 [ 15.339636] copy_to_kernel_nofault_oob+0x12f/0x560 [ 15.340242] kunit_try_run_case+0x1a5/0x480 [ 15.340420] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.340601] kthread+0x337/0x6f0 [ 15.340736] ret_from_fork+0x116/0x1d0 [ 15.340871] ret_from_fork_asm+0x1a/0x30 [ 15.341013] [ 15.341085] The buggy address belongs to the object at ffff888102c8b900 [ 15.341085] which belongs to the cache kmalloc-128 of size 128 [ 15.341455] The buggy address is located 0 bytes to the right of [ 15.341455] allocated 120-byte region [ffff888102c8b900, ffff888102c8b978) [ 15.343958] [ 15.344264] The buggy address belongs to the physical page: [ 15.345224] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c8b [ 15.345930] flags: 0x200000000000000(node=0|zone=2) [ 15.346168] page_type: f5(slab) [ 15.346329] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.347057] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.347360] page dumped because: kasan: bad access detected [ 15.348097] [ 15.348281] Memory state around the buggy address: [ 15.348771] ffff888102c8b800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.349582] ffff888102c8b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.350068] >ffff888102c8b900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.350770] ^ [ 15.351543] ffff888102c8b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.351976] ffff888102c8ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.352663] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 14.787154] ================================================================== [ 14.787512] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 14.788143] Write of size 8 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.788408] [ 14.788521] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.788576] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.788590] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.788611] Call Trace: [ 14.788638] <TASK> [ 14.788654] dump_stack_lvl+0x73/0xb0 [ 14.788691] print_report+0xd1/0x650 [ 14.788716] ? __virt_addr_valid+0x1db/0x2d0 [ 14.788759] ? kasan_atomics_helper+0x16e7/0x5450 [ 14.788782] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.788804] ? kasan_atomics_helper+0x16e7/0x5450 [ 14.788826] kasan_report+0x141/0x180 [ 14.788849] ? kasan_atomics_helper+0x16e7/0x5450 [ 14.788874] kasan_check_range+0x10c/0x1c0 [ 14.788898] __kasan_check_write+0x18/0x20 [ 14.788918] kasan_atomics_helper+0x16e7/0x5450 [ 14.788941] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.788963] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.788989] ? kasan_atomics+0x152/0x310 [ 14.789016] kasan_atomics+0x1dc/0x310 [ 14.789039] ? __pfx_kasan_atomics+0x10/0x10 [ 14.789073] ? __pfx_read_tsc+0x10/0x10 [ 14.789094] ? ktime_get_ts64+0x86/0x230 [ 14.789130] kunit_try_run_case+0x1a5/0x480 [ 14.789155] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.789179] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.789203] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.789236] ? __kthread_parkme+0x82/0x180 [ 14.789257] ? preempt_count_sub+0x50/0x80 [ 14.789282] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.789316] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.789340] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.789373] kthread+0x337/0x6f0 [ 14.789402] ? trace_preempt_on+0x20/0xc0 [ 14.789426] ? __pfx_kthread+0x10/0x10 [ 14.789448] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.789480] ? calculate_sigpending+0x7b/0xa0 [ 14.789504] ? __pfx_kthread+0x10/0x10 [ 14.789526] ret_from_fork+0x116/0x1d0 [ 14.789546] ? __pfx_kthread+0x10/0x10 [ 14.789575] ret_from_fork_asm+0x1a/0x30 [ 14.789606] </TASK> [ 14.789618] [ 14.797444] Allocated by task 284: [ 14.797652] kasan_save_stack+0x45/0x70 [ 14.798001] kasan_save_track+0x18/0x40 [ 14.798195] kasan_save_alloc_info+0x3b/0x50 [ 14.798440] __kasan_kmalloc+0xb7/0xc0 [ 14.798632] __kmalloc_cache_noprof+0x189/0x420 [ 14.798893] kasan_atomics+0x95/0x310 [ 14.799070] kunit_try_run_case+0x1a5/0x480 [ 14.799278] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.799542] kthread+0x337/0x6f0 [ 14.799705] ret_from_fork+0x116/0x1d0 [ 14.799873] ret_from_fork_asm+0x1a/0x30 [ 14.800095] [ 14.800181] The buggy address belongs to the object at ffff888103128480 [ 14.800181] which belongs to the cache kmalloc-64 of size 64 [ 14.800679] The buggy address is located 0 bytes to the right of [ 14.800679] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.801246] [ 14.801355] The buggy address belongs to the physical page: [ 14.801579] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.801953] flags: 0x200000000000000(node=0|zone=2) [ 14.802200] page_type: f5(slab) [ 14.802334] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.802718] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.803004] page dumped because: kasan: bad access detected [ 14.803285] [ 14.803391] Memory state around the buggy address: [ 14.803606] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.803844] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.804072] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.804317] ^ [ 14.804548] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.805236] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.805544] ================================================================== [ 15.110580] ================================================================== [ 15.111023] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 15.111387] Write of size 8 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 15.111662] [ 15.111753] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.111798] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.111812] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.111834] Call Trace: [ 15.111854] <TASK> [ 15.111874] dump_stack_lvl+0x73/0xb0 [ 15.111902] print_report+0xd1/0x650 [ 15.111926] ? __virt_addr_valid+0x1db/0x2d0 [ 15.111950] ? kasan_atomics_helper+0x2006/0x5450 [ 15.111972] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.111995] ? kasan_atomics_helper+0x2006/0x5450 [ 15.112017] kasan_report+0x141/0x180 [ 15.112041] ? kasan_atomics_helper+0x2006/0x5450 [ 15.112067] kasan_check_range+0x10c/0x1c0 [ 15.112091] __kasan_check_write+0x18/0x20 [ 15.112111] kasan_atomics_helper+0x2006/0x5450 [ 15.112135] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.112157] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.112183] ? kasan_atomics+0x152/0x310 [ 15.112211] kasan_atomics+0x1dc/0x310 [ 15.112246] ? __pfx_kasan_atomics+0x10/0x10 [ 15.112271] ? __pfx_read_tsc+0x10/0x10 [ 15.112293] ? ktime_get_ts64+0x86/0x230 [ 15.112317] kunit_try_run_case+0x1a5/0x480 [ 15.112354] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.112377] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.112402] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.112425] ? __kthread_parkme+0x82/0x180 [ 15.112448] ? preempt_count_sub+0x50/0x80 [ 15.112473] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.112497] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.112521] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.112546] kthread+0x337/0x6f0 [ 15.112566] ? trace_preempt_on+0x20/0xc0 [ 15.112591] ? __pfx_kthread+0x10/0x10 [ 15.112613] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.112636] ? calculate_sigpending+0x7b/0xa0 [ 15.112661] ? __pfx_kthread+0x10/0x10 [ 15.112683] ret_from_fork+0x116/0x1d0 [ 15.112702] ? __pfx_kthread+0x10/0x10 [ 15.112724] ret_from_fork_asm+0x1a/0x30 [ 15.112756] </TASK> [ 15.112768] [ 15.120391] Allocated by task 284: [ 15.120525] kasan_save_stack+0x45/0x70 [ 15.120724] kasan_save_track+0x18/0x40 [ 15.120950] kasan_save_alloc_info+0x3b/0x50 [ 15.121160] __kasan_kmalloc+0xb7/0xc0 [ 15.121356] __kmalloc_cache_noprof+0x189/0x420 [ 15.121585] kasan_atomics+0x95/0x310 [ 15.121812] kunit_try_run_case+0x1a5/0x480 [ 15.122023] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.122233] kthread+0x337/0x6f0 [ 15.122390] ret_from_fork+0x116/0x1d0 [ 15.122527] ret_from_fork_asm+0x1a/0x30 [ 15.122667] [ 15.122738] The buggy address belongs to the object at ffff888103128480 [ 15.122738] which belongs to the cache kmalloc-64 of size 64 [ 15.123371] The buggy address is located 0 bytes to the right of [ 15.123371] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 15.123872] [ 15.123946] The buggy address belongs to the physical page: [ 15.124120] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 15.124368] flags: 0x200000000000000(node=0|zone=2) [ 15.124674] page_type: f5(slab) [ 15.124953] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.125289] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.125621] page dumped because: kasan: bad access detected [ 15.125936] [ 15.126031] Memory state around the buggy address: [ 15.126227] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.126511] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.126774] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.127079] ^ [ 15.127262] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.127493] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.127725] ================================================================== [ 13.928350] ================================================================== [ 13.928803] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 13.929115] Read of size 4 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 13.929421] [ 13.929507] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.929548] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.929560] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.929631] Call Trace: [ 13.929647] <TASK> [ 13.929675] dump_stack_lvl+0x73/0xb0 [ 13.929701] print_report+0xd1/0x650 [ 13.929722] ? __virt_addr_valid+0x1db/0x2d0 [ 13.929744] ? kasan_atomics_helper+0x4b88/0x5450 [ 13.929764] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.929785] ? kasan_atomics_helper+0x4b88/0x5450 [ 13.929806] kasan_report+0x141/0x180 [ 13.929827] ? kasan_atomics_helper+0x4b88/0x5450 [ 13.929851] __asan_report_load4_noabort+0x18/0x20 [ 13.929876] kasan_atomics_helper+0x4b88/0x5450 [ 13.929897] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.929917] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.929944] ? kasan_atomics+0x152/0x310 [ 13.929969] kasan_atomics+0x1dc/0x310 [ 13.930001] ? __pfx_kasan_atomics+0x10/0x10 [ 13.930025] ? __pfx_read_tsc+0x10/0x10 [ 13.930043] ? ktime_get_ts64+0x86/0x230 [ 13.930078] kunit_try_run_case+0x1a5/0x480 [ 13.930101] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.930123] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.930154] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.930177] ? __kthread_parkme+0x82/0x180 [ 13.930197] ? preempt_count_sub+0x50/0x80 [ 13.930220] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.930253] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.930275] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.930298] kthread+0x337/0x6f0 [ 13.930318] ? trace_preempt_on+0x20/0xc0 [ 13.930341] ? __pfx_kthread+0x10/0x10 [ 13.930370] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.930390] ? calculate_sigpending+0x7b/0xa0 [ 13.930421] ? __pfx_kthread+0x10/0x10 [ 13.930441] ret_from_fork+0x116/0x1d0 [ 13.930459] ? __pfx_kthread+0x10/0x10 [ 13.930484] ret_from_fork_asm+0x1a/0x30 [ 13.930514] </TASK> [ 13.930526] [ 13.938655] Allocated by task 284: [ 13.938844] kasan_save_stack+0x45/0x70 [ 13.939296] kasan_save_track+0x18/0x40 [ 13.939541] kasan_save_alloc_info+0x3b/0x50 [ 13.939994] __kasan_kmalloc+0xb7/0xc0 [ 13.940166] __kmalloc_cache_noprof+0x189/0x420 [ 13.940459] kasan_atomics+0x95/0x310 [ 13.940650] kunit_try_run_case+0x1a5/0x480 [ 13.941012] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.941272] kthread+0x337/0x6f0 [ 13.941426] ret_from_fork+0x116/0x1d0 [ 13.941561] ret_from_fork_asm+0x1a/0x30 [ 13.941859] [ 13.941972] The buggy address belongs to the object at ffff888103128480 [ 13.941972] which belongs to the cache kmalloc-64 of size 64 [ 13.942424] The buggy address is located 0 bytes to the right of [ 13.942424] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 13.942904] [ 13.943032] The buggy address belongs to the physical page: [ 13.943316] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 13.943939] flags: 0x200000000000000(node=0|zone=2) [ 13.944106] page_type: f5(slab) [ 13.944228] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.944901] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.945228] page dumped because: kasan: bad access detected [ 13.945485] [ 13.945558] Memory state around the buggy address: [ 13.945933] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.946202] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.946447] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.947065] ^ [ 13.947320] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.947713] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.948022] ================================================================== [ 14.118252] ================================================================== [ 14.118892] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 14.119238] Write of size 4 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.119645] [ 14.119781] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.119825] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.119838] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.119860] Call Trace: [ 14.119876] <TASK> [ 14.119893] dump_stack_lvl+0x73/0xb0 [ 14.119922] print_report+0xd1/0x650 [ 14.119946] ? __virt_addr_valid+0x1db/0x2d0 [ 14.119970] ? kasan_atomics_helper+0x72f/0x5450 [ 14.119992] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.120016] ? kasan_atomics_helper+0x72f/0x5450 [ 14.120038] kasan_report+0x141/0x180 [ 14.120061] ? kasan_atomics_helper+0x72f/0x5450 [ 14.120088] kasan_check_range+0x10c/0x1c0 [ 14.120112] __kasan_check_write+0x18/0x20 [ 14.120132] kasan_atomics_helper+0x72f/0x5450 [ 14.120169] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.120192] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.120231] ? kasan_atomics+0x152/0x310 [ 14.120259] kasan_atomics+0x1dc/0x310 [ 14.120283] ? __pfx_kasan_atomics+0x10/0x10 [ 14.120307] ? __pfx_read_tsc+0x10/0x10 [ 14.120328] ? ktime_get_ts64+0x86/0x230 [ 14.120362] kunit_try_run_case+0x1a5/0x480 [ 14.120386] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.120408] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.120433] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.120458] ? __kthread_parkme+0x82/0x180 [ 14.120480] ? preempt_count_sub+0x50/0x80 [ 14.120507] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.120532] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.120556] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.120624] kthread+0x337/0x6f0 [ 14.120647] ? trace_preempt_on+0x20/0xc0 [ 14.120672] ? __pfx_kthread+0x10/0x10 [ 14.120694] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.120717] ? calculate_sigpending+0x7b/0xa0 [ 14.120750] ? __pfx_kthread+0x10/0x10 [ 14.120772] ret_from_fork+0x116/0x1d0 [ 14.120792] ? __pfx_kthread+0x10/0x10 [ 14.120813] ret_from_fork_asm+0x1a/0x30 [ 14.120844] </TASK> [ 14.120856] [ 14.129431] Allocated by task 284: [ 14.129895] kasan_save_stack+0x45/0x70 [ 14.130083] kasan_save_track+0x18/0x40 [ 14.130227] kasan_save_alloc_info+0x3b/0x50 [ 14.130444] __kasan_kmalloc+0xb7/0xc0 [ 14.130720] __kmalloc_cache_noprof+0x189/0x420 [ 14.130902] kasan_atomics+0x95/0x310 [ 14.131038] kunit_try_run_case+0x1a5/0x480 [ 14.131242] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.131561] kthread+0x337/0x6f0 [ 14.131848] ret_from_fork+0x116/0x1d0 [ 14.132037] ret_from_fork_asm+0x1a/0x30 [ 14.132265] [ 14.132342] The buggy address belongs to the object at ffff888103128480 [ 14.132342] which belongs to the cache kmalloc-64 of size 64 [ 14.132786] The buggy address is located 0 bytes to the right of [ 14.132786] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.133556] [ 14.133717] The buggy address belongs to the physical page: [ 14.133998] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.134243] flags: 0x200000000000000(node=0|zone=2) [ 14.134417] page_type: f5(slab) [ 14.134542] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.135135] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.135506] page dumped because: kasan: bad access detected [ 14.135969] [ 14.136104] Memory state around the buggy address: [ 14.136331] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.136569] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.137193] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.137472] ^ [ 14.137671] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.138030] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.138669] ================================================================== [ 14.374648] ================================================================== [ 14.375384] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 14.375673] Write of size 4 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.376077] [ 14.376221] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.376263] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.376276] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.376297] Call Trace: [ 14.376310] <TASK> [ 14.376327] dump_stack_lvl+0x73/0xb0 [ 14.376375] print_report+0xd1/0x650 [ 14.376399] ? __virt_addr_valid+0x1db/0x2d0 [ 14.376424] ? kasan_atomics_helper+0xe78/0x5450 [ 14.376457] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.376480] ? kasan_atomics_helper+0xe78/0x5450 [ 14.376501] kasan_report+0x141/0x180 [ 14.376533] ? kasan_atomics_helper+0xe78/0x5450 [ 14.376560] kasan_check_range+0x10c/0x1c0 [ 14.376585] __kasan_check_write+0x18/0x20 [ 14.376615] kasan_atomics_helper+0xe78/0x5450 [ 14.376638] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.376661] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.376696] ? kasan_atomics+0x152/0x310 [ 14.376724] kasan_atomics+0x1dc/0x310 [ 14.376747] ? __pfx_kasan_atomics+0x10/0x10 [ 14.376781] ? __pfx_read_tsc+0x10/0x10 [ 14.376803] ? ktime_get_ts64+0x86/0x230 [ 14.376828] kunit_try_run_case+0x1a5/0x480 [ 14.376852] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.376884] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.376908] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.376932] ? __kthread_parkme+0x82/0x180 [ 14.376965] ? preempt_count_sub+0x50/0x80 [ 14.376989] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.377014] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.377037] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.377070] kthread+0x337/0x6f0 [ 14.377090] ? trace_preempt_on+0x20/0xc0 [ 14.377115] ? __pfx_kthread+0x10/0x10 [ 14.377146] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.377168] ? calculate_sigpending+0x7b/0xa0 [ 14.377193] ? __pfx_kthread+0x10/0x10 [ 14.377224] ret_from_fork+0x116/0x1d0 [ 14.377244] ? __pfx_kthread+0x10/0x10 [ 14.377265] ret_from_fork_asm+0x1a/0x30 [ 14.377307] </TASK> [ 14.377319] [ 14.384999] Allocated by task 284: [ 14.385159] kasan_save_stack+0x45/0x70 [ 14.385397] kasan_save_track+0x18/0x40 [ 14.385565] kasan_save_alloc_info+0x3b/0x50 [ 14.385802] __kasan_kmalloc+0xb7/0xc0 [ 14.385951] __kmalloc_cache_noprof+0x189/0x420 [ 14.386187] kasan_atomics+0x95/0x310 [ 14.386401] kunit_try_run_case+0x1a5/0x480 [ 14.386597] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.386867] kthread+0x337/0x6f0 [ 14.387032] ret_from_fork+0x116/0x1d0 [ 14.387225] ret_from_fork_asm+0x1a/0x30 [ 14.387393] [ 14.387468] The buggy address belongs to the object at ffff888103128480 [ 14.387468] which belongs to the cache kmalloc-64 of size 64 [ 14.387822] The buggy address is located 0 bytes to the right of [ 14.387822] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.388243] [ 14.388360] The buggy address belongs to the physical page: [ 14.388615] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.389282] flags: 0x200000000000000(node=0|zone=2) [ 14.389530] page_type: f5(slab) [ 14.389698] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.390085] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.390434] page dumped because: kasan: bad access detected [ 14.390619] [ 14.390689] Memory state around the buggy address: [ 14.390845] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.391061] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.391276] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.391510] ^ [ 14.391897] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.392246] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.392594] ================================================================== [ 14.492118] ================================================================== [ 14.492412] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 14.492854] Write of size 4 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.493167] [ 14.493302] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.493370] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.493384] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.493405] Call Trace: [ 14.493424] <TASK> [ 14.493453] dump_stack_lvl+0x73/0xb0 [ 14.493482] print_report+0xd1/0x650 [ 14.493507] ? __virt_addr_valid+0x1db/0x2d0 [ 14.493543] ? kasan_atomics_helper+0x1148/0x5450 [ 14.493565] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.493833] ? kasan_atomics_helper+0x1148/0x5450 [ 14.493868] kasan_report+0x141/0x180 [ 14.493892] ? kasan_atomics_helper+0x1148/0x5450 [ 14.493919] kasan_check_range+0x10c/0x1c0 [ 14.493955] __kasan_check_write+0x18/0x20 [ 14.493974] kasan_atomics_helper+0x1148/0x5450 [ 14.493998] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.494021] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.494056] ? kasan_atomics+0x152/0x310 [ 14.494084] kasan_atomics+0x1dc/0x310 [ 14.494117] ? __pfx_kasan_atomics+0x10/0x10 [ 14.494142] ? __pfx_read_tsc+0x10/0x10 [ 14.494163] ? ktime_get_ts64+0x86/0x230 [ 14.494189] kunit_try_run_case+0x1a5/0x480 [ 14.494214] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.494246] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.494271] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.494304] ? __kthread_parkme+0x82/0x180 [ 14.494326] ? preempt_count_sub+0x50/0x80 [ 14.494359] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.494383] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.494416] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.494441] kthread+0x337/0x6f0 [ 14.494461] ? trace_preempt_on+0x20/0xc0 [ 14.494498] ? __pfx_kthread+0x10/0x10 [ 14.494520] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.494542] ? calculate_sigpending+0x7b/0xa0 [ 14.494576] ? __pfx_kthread+0x10/0x10 [ 14.494599] ret_from_fork+0x116/0x1d0 [ 14.494618] ? __pfx_kthread+0x10/0x10 [ 14.494640] ret_from_fork_asm+0x1a/0x30 [ 14.494673] </TASK> [ 14.494684] [ 14.506215] Allocated by task 284: [ 14.506437] kasan_save_stack+0x45/0x70 [ 14.506635] kasan_save_track+0x18/0x40 [ 14.507132] kasan_save_alloc_info+0x3b/0x50 [ 14.507385] __kasan_kmalloc+0xb7/0xc0 [ 14.507567] __kmalloc_cache_noprof+0x189/0x420 [ 14.507966] kasan_atomics+0x95/0x310 [ 14.508282] kunit_try_run_case+0x1a5/0x480 [ 14.508683] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.509079] kthread+0x337/0x6f0 [ 14.509250] ret_from_fork+0x116/0x1d0 [ 14.509440] ret_from_fork_asm+0x1a/0x30 [ 14.509629] [ 14.509722] The buggy address belongs to the object at ffff888103128480 [ 14.509722] which belongs to the cache kmalloc-64 of size 64 [ 14.510206] The buggy address is located 0 bytes to the right of [ 14.510206] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.511450] [ 14.511702] The buggy address belongs to the physical page: [ 14.512357] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.512829] flags: 0x200000000000000(node=0|zone=2) [ 14.513061] page_type: f5(slab) [ 14.513224] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.513543] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.514232] page dumped because: kasan: bad access detected [ 14.514539] [ 14.514774] Memory state around the buggy address: [ 14.515137] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.515450] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.515964] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.516438] ^ [ 14.516613] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.516848] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.517065] ================================================================== [ 14.011321] ================================================================== [ 14.011763] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 14.012067] Write of size 4 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.012400] [ 14.012511] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.012554] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.012611] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.012633] Call Trace: [ 14.012646] <TASK> [ 14.012664] dump_stack_lvl+0x73/0xb0 [ 14.012692] print_report+0xd1/0x650 [ 14.012717] ? __virt_addr_valid+0x1db/0x2d0 [ 14.012741] ? kasan_atomics_helper+0x4a0/0x5450 [ 14.012763] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.012787] ? kasan_atomics_helper+0x4a0/0x5450 [ 14.012808] kasan_report+0x141/0x180 [ 14.012831] ? kasan_atomics_helper+0x4a0/0x5450 [ 14.012857] kasan_check_range+0x10c/0x1c0 [ 14.012882] __kasan_check_write+0x18/0x20 [ 14.012902] kasan_atomics_helper+0x4a0/0x5450 [ 14.012925] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.012947] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.012973] ? kasan_atomics+0x152/0x310 [ 14.013000] kasan_atomics+0x1dc/0x310 [ 14.013024] ? __pfx_kasan_atomics+0x10/0x10 [ 14.013048] ? __pfx_read_tsc+0x10/0x10 [ 14.013069] ? ktime_get_ts64+0x86/0x230 [ 14.013094] kunit_try_run_case+0x1a5/0x480 [ 14.013118] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.013141] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.013165] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.013187] ? __kthread_parkme+0x82/0x180 [ 14.013209] ? preempt_count_sub+0x50/0x80 [ 14.013233] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.013257] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.013281] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.013303] kthread+0x337/0x6f0 [ 14.013324] ? trace_preempt_on+0x20/0xc0 [ 14.013348] ? __pfx_kthread+0x10/0x10 [ 14.013382] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.013403] ? calculate_sigpending+0x7b/0xa0 [ 14.013426] ? __pfx_kthread+0x10/0x10 [ 14.013448] ret_from_fork+0x116/0x1d0 [ 14.013467] ? __pfx_kthread+0x10/0x10 [ 14.013488] ret_from_fork_asm+0x1a/0x30 [ 14.013519] </TASK> [ 14.013531] [ 14.022133] Allocated by task 284: [ 14.022370] kasan_save_stack+0x45/0x70 [ 14.022732] kasan_save_track+0x18/0x40 [ 14.022963] kasan_save_alloc_info+0x3b/0x50 [ 14.023271] __kasan_kmalloc+0xb7/0xc0 [ 14.023485] __kmalloc_cache_noprof+0x189/0x420 [ 14.023859] kasan_atomics+0x95/0x310 [ 14.024072] kunit_try_run_case+0x1a5/0x480 [ 14.024276] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.024539] kthread+0x337/0x6f0 [ 14.024797] ret_from_fork+0x116/0x1d0 [ 14.024980] ret_from_fork_asm+0x1a/0x30 [ 14.025181] [ 14.025281] The buggy address belongs to the object at ffff888103128480 [ 14.025281] which belongs to the cache kmalloc-64 of size 64 [ 14.025861] The buggy address is located 0 bytes to the right of [ 14.025861] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.026229] [ 14.026303] The buggy address belongs to the physical page: [ 14.026595] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.026952] flags: 0x200000000000000(node=0|zone=2) [ 14.027187] page_type: f5(slab) [ 14.027309] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.027572] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.028182] page dumped because: kasan: bad access detected [ 14.028486] [ 14.028804] Memory state around the buggy address: [ 14.029029] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.029251] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.029630] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.030174] ^ [ 14.030421] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.030768] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.031157] ================================================================== [ 14.595828] ================================================================== [ 14.596186] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 14.596550] Read of size 4 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.597015] [ 14.597128] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.597172] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.597186] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.597208] Call Trace: [ 14.597225] <TASK> [ 14.597243] dump_stack_lvl+0x73/0xb0 [ 14.597270] print_report+0xd1/0x650 [ 14.597294] ? __virt_addr_valid+0x1db/0x2d0 [ 14.597318] ? kasan_atomics_helper+0x49ce/0x5450 [ 14.597339] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.597376] ? kasan_atomics_helper+0x49ce/0x5450 [ 14.597398] kasan_report+0x141/0x180 [ 14.597420] ? kasan_atomics_helper+0x49ce/0x5450 [ 14.597446] __asan_report_load4_noabort+0x18/0x20 [ 14.597471] kasan_atomics_helper+0x49ce/0x5450 [ 14.597494] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.597516] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.597542] ? kasan_atomics+0x152/0x310 [ 14.597568] kasan_atomics+0x1dc/0x310 [ 14.597593] ? __pfx_kasan_atomics+0x10/0x10 [ 14.597617] ? __pfx_read_tsc+0x10/0x10 [ 14.597639] ? ktime_get_ts64+0x86/0x230 [ 14.597663] kunit_try_run_case+0x1a5/0x480 [ 14.597687] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.597710] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.597733] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.597769] ? __kthread_parkme+0x82/0x180 [ 14.597791] ? preempt_count_sub+0x50/0x80 [ 14.597815] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.597839] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.597862] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.597885] kthread+0x337/0x6f0 [ 14.597905] ? trace_preempt_on+0x20/0xc0 [ 14.597929] ? __pfx_kthread+0x10/0x10 [ 14.597950] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.597971] ? calculate_sigpending+0x7b/0xa0 [ 14.597995] ? __pfx_kthread+0x10/0x10 [ 14.598018] ret_from_fork+0x116/0x1d0 [ 14.598036] ? __pfx_kthread+0x10/0x10 [ 14.598057] ret_from_fork_asm+0x1a/0x30 [ 14.598088] </TASK> [ 14.598100] [ 14.605541] Allocated by task 284: [ 14.605739] kasan_save_stack+0x45/0x70 [ 14.605956] kasan_save_track+0x18/0x40 [ 14.606151] kasan_save_alloc_info+0x3b/0x50 [ 14.606380] __kasan_kmalloc+0xb7/0xc0 [ 14.606579] __kmalloc_cache_noprof+0x189/0x420 [ 14.606809] kasan_atomics+0x95/0x310 [ 14.607013] kunit_try_run_case+0x1a5/0x480 [ 14.607190] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.607420] kthread+0x337/0x6f0 [ 14.607578] ret_from_fork+0x116/0x1d0 [ 14.607716] ret_from_fork_asm+0x1a/0x30 [ 14.607858] [ 14.607931] The buggy address belongs to the object at ffff888103128480 [ 14.607931] which belongs to the cache kmalloc-64 of size 64 [ 14.608587] The buggy address is located 0 bytes to the right of [ 14.608587] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.609034] [ 14.609149] The buggy address belongs to the physical page: [ 14.609422] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.610246] flags: 0x200000000000000(node=0|zone=2) [ 14.610507] page_type: f5(slab) [ 14.610664] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.611866] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.612777] page dumped because: kasan: bad access detected [ 14.613261] [ 14.613695] Memory state around the buggy address: [ 14.614301] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.615113] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.615870] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.616463] ^ [ 14.616628] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.616854] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.617074] ================================================================== [ 14.691342] ================================================================== [ 14.691849] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 14.692305] Write of size 8 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.692545] [ 14.692633] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.692677] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.692690] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.692713] Call Trace: [ 14.692731] <TASK> [ 14.692758] dump_stack_lvl+0x73/0xb0 [ 14.692786] print_report+0xd1/0x650 [ 14.692811] ? __virt_addr_valid+0x1db/0x2d0 [ 14.692834] ? kasan_atomics_helper+0x50d4/0x5450 [ 14.692879] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.692902] ? kasan_atomics_helper+0x50d4/0x5450 [ 14.692924] kasan_report+0x141/0x180 [ 14.692947] ? kasan_atomics_helper+0x50d4/0x5450 [ 14.692973] __asan_report_store8_noabort+0x1b/0x30 [ 14.692995] kasan_atomics_helper+0x50d4/0x5450 [ 14.693018] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.693040] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.693067] ? kasan_atomics+0x152/0x310 [ 14.693094] kasan_atomics+0x1dc/0x310 [ 14.693117] ? __pfx_kasan_atomics+0x10/0x10 [ 14.693141] ? __pfx_read_tsc+0x10/0x10 [ 14.693163] ? ktime_get_ts64+0x86/0x230 [ 14.693188] kunit_try_run_case+0x1a5/0x480 [ 14.693212] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.693235] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.693259] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.693282] ? __kthread_parkme+0x82/0x180 [ 14.693303] ? preempt_count_sub+0x50/0x80 [ 14.693326] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.693361] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.693384] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.693408] kthread+0x337/0x6f0 [ 14.693428] ? trace_preempt_on+0x20/0xc0 [ 14.693452] ? __pfx_kthread+0x10/0x10 [ 14.693473] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.693495] ? calculate_sigpending+0x7b/0xa0 [ 14.693519] ? __pfx_kthread+0x10/0x10 [ 14.693541] ret_from_fork+0x116/0x1d0 [ 14.693562] ? __pfx_kthread+0x10/0x10 [ 14.693583] ret_from_fork_asm+0x1a/0x30 [ 14.693614] </TASK> [ 14.693627] [ 14.704629] Allocated by task 284: [ 14.704839] kasan_save_stack+0x45/0x70 [ 14.704989] kasan_save_track+0x18/0x40 [ 14.705186] kasan_save_alloc_info+0x3b/0x50 [ 14.705428] __kasan_kmalloc+0xb7/0xc0 [ 14.705632] __kmalloc_cache_noprof+0x189/0x420 [ 14.705823] kasan_atomics+0x95/0x310 [ 14.706038] kunit_try_run_case+0x1a5/0x480 [ 14.706269] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.706541] kthread+0x337/0x6f0 [ 14.706700] ret_from_fork+0x116/0x1d0 [ 14.706859] ret_from_fork_asm+0x1a/0x30 [ 14.707099] [ 14.707223] The buggy address belongs to the object at ffff888103128480 [ 14.707223] which belongs to the cache kmalloc-64 of size 64 [ 14.707773] The buggy address is located 0 bytes to the right of [ 14.707773] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.708363] [ 14.708463] The buggy address belongs to the physical page: [ 14.708725] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.709009] flags: 0x200000000000000(node=0|zone=2) [ 14.709175] page_type: f5(slab) [ 14.709296] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.710020] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.710388] page dumped because: kasan: bad access detected [ 14.710640] [ 14.710749] Memory state around the buggy address: [ 14.710955] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.711201] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.711517] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.711738] ^ [ 14.712006] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.712324] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.712620] ================================================================== [ 14.763779] ================================================================== [ 14.764113] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 14.764442] Write of size 8 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.765145] [ 14.765424] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.765474] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.765487] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.765511] Call Trace: [ 14.765527] <TASK> [ 14.765551] dump_stack_lvl+0x73/0xb0 [ 14.765581] print_report+0xd1/0x650 [ 14.765605] ? __virt_addr_valid+0x1db/0x2d0 [ 14.765629] ? kasan_atomics_helper+0x164f/0x5450 [ 14.765650] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.765673] ? kasan_atomics_helper+0x164f/0x5450 [ 14.765695] kasan_report+0x141/0x180 [ 14.765718] ? kasan_atomics_helper+0x164f/0x5450 [ 14.765776] kasan_check_range+0x10c/0x1c0 [ 14.765802] __kasan_check_write+0x18/0x20 [ 14.765822] kasan_atomics_helper+0x164f/0x5450 [ 14.765846] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.765868] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.765894] ? kasan_atomics+0x152/0x310 [ 14.765921] kasan_atomics+0x1dc/0x310 [ 14.765945] ? __pfx_kasan_atomics+0x10/0x10 [ 14.765969] ? __pfx_read_tsc+0x10/0x10 [ 14.765991] ? ktime_get_ts64+0x86/0x230 [ 14.766016] kunit_try_run_case+0x1a5/0x480 [ 14.766042] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.766064] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.766088] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.766111] ? __kthread_parkme+0x82/0x180 [ 14.766133] ? preempt_count_sub+0x50/0x80 [ 14.766157] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.766181] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.766205] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.766228] kthread+0x337/0x6f0 [ 14.766249] ? trace_preempt_on+0x20/0xc0 [ 14.766272] ? __pfx_kthread+0x10/0x10 [ 14.766295] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.766317] ? calculate_sigpending+0x7b/0xa0 [ 14.766341] ? __pfx_kthread+0x10/0x10 [ 14.766374] ret_from_fork+0x116/0x1d0 [ 14.766394] ? __pfx_kthread+0x10/0x10 [ 14.766415] ret_from_fork_asm+0x1a/0x30 [ 14.766445] </TASK> [ 14.766458] [ 14.778505] Allocated by task 284: [ 14.778722] kasan_save_stack+0x45/0x70 [ 14.778933] kasan_save_track+0x18/0x40 [ 14.779138] kasan_save_alloc_info+0x3b/0x50 [ 14.779368] __kasan_kmalloc+0xb7/0xc0 [ 14.779531] __kmalloc_cache_noprof+0x189/0x420 [ 14.779836] kasan_atomics+0x95/0x310 [ 14.780018] kunit_try_run_case+0x1a5/0x480 [ 14.780225] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.780474] kthread+0x337/0x6f0 [ 14.780618] ret_from_fork+0x116/0x1d0 [ 14.780828] ret_from_fork_asm+0x1a/0x30 [ 14.781094] [ 14.781169] The buggy address belongs to the object at ffff888103128480 [ 14.781169] which belongs to the cache kmalloc-64 of size 64 [ 14.781714] The buggy address is located 0 bytes to the right of [ 14.781714] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.782228] [ 14.782330] The buggy address belongs to the physical page: [ 14.782596] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.783030] flags: 0x200000000000000(node=0|zone=2) [ 14.783227] page_type: f5(slab) [ 14.783362] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.783717] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.784062] page dumped because: kasan: bad access detected [ 14.784299] [ 14.784378] Memory state around the buggy address: [ 14.784571] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.784956] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.785304] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.785619] ^ [ 14.786036] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.786340] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.786623] ================================================================== [ 14.888875] ================================================================== [ 14.889230] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 14.889635] Write of size 8 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.890002] [ 14.890118] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.890161] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.890174] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.890196] Call Trace: [ 14.890212] <TASK> [ 14.890228] dump_stack_lvl+0x73/0xb0 [ 14.890256] print_report+0xd1/0x650 [ 14.890278] ? __virt_addr_valid+0x1db/0x2d0 [ 14.890301] ? kasan_atomics_helper+0x19e3/0x5450 [ 14.890323] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.890357] ? kasan_atomics_helper+0x19e3/0x5450 [ 14.890378] kasan_report+0x141/0x180 [ 14.890401] ? kasan_atomics_helper+0x19e3/0x5450 [ 14.890428] kasan_check_range+0x10c/0x1c0 [ 14.890452] __kasan_check_write+0x18/0x20 [ 14.890471] kasan_atomics_helper+0x19e3/0x5450 [ 14.890494] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.890528] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.890554] ? kasan_atomics+0x152/0x310 [ 14.890582] kasan_atomics+0x1dc/0x310 [ 14.890616] ? __pfx_kasan_atomics+0x10/0x10 [ 14.890641] ? __pfx_read_tsc+0x10/0x10 [ 14.890664] ? ktime_get_ts64+0x86/0x230 [ 14.890689] kunit_try_run_case+0x1a5/0x480 [ 14.890713] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.890736] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.890760] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.890792] ? __kthread_parkme+0x82/0x180 [ 14.890814] ? preempt_count_sub+0x50/0x80 [ 14.890838] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.890873] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.890896] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.890920] kthread+0x337/0x6f0 [ 14.890939] ? trace_preempt_on+0x20/0xc0 [ 14.890963] ? __pfx_kthread+0x10/0x10 [ 14.890984] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.891005] ? calculate_sigpending+0x7b/0xa0 [ 14.891030] ? __pfx_kthread+0x10/0x10 [ 14.891052] ret_from_fork+0x116/0x1d0 [ 14.891070] ? __pfx_kthread+0x10/0x10 [ 14.891092] ret_from_fork_asm+0x1a/0x30 [ 14.891132] </TASK> [ 14.891143] [ 14.904906] Allocated by task 284: [ 14.905257] kasan_save_stack+0x45/0x70 [ 14.905583] kasan_save_track+0x18/0x40 [ 14.905722] kasan_save_alloc_info+0x3b/0x50 [ 14.905871] __kasan_kmalloc+0xb7/0xc0 [ 14.906005] __kmalloc_cache_noprof+0x189/0x420 [ 14.906166] kasan_atomics+0x95/0x310 [ 14.906305] kunit_try_run_case+0x1a5/0x480 [ 14.906470] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.906679] kthread+0x337/0x6f0 [ 14.906867] ret_from_fork+0x116/0x1d0 [ 14.907060] ret_from_fork_asm+0x1a/0x30 [ 14.907256] [ 14.907363] The buggy address belongs to the object at ffff888103128480 [ 14.907363] which belongs to the cache kmalloc-64 of size 64 [ 14.907792] The buggy address is located 0 bytes to the right of [ 14.907792] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.908366] [ 14.908444] The buggy address belongs to the physical page: [ 14.908631] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.909189] flags: 0x200000000000000(node=0|zone=2) [ 14.909402] page_type: f5(slab) [ 14.909531] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.909894] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.910235] page dumped because: kasan: bad access detected [ 14.910498] [ 14.910594] Memory state around the buggy address: [ 14.910829] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.911187] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.911517] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.911805] ^ [ 14.912048] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.912273] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.912604] ================================================================== [ 14.205808] ================================================================== [ 14.206168] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 14.206507] Write of size 4 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.206927] [ 14.207045] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.207089] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.207102] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.207124] Call Trace: [ 14.207140] <TASK> [ 14.207156] dump_stack_lvl+0x73/0xb0 [ 14.207185] print_report+0xd1/0x650 [ 14.207209] ? __virt_addr_valid+0x1db/0x2d0 [ 14.207234] ? kasan_atomics_helper+0x992/0x5450 [ 14.207256] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.207279] ? kasan_atomics_helper+0x992/0x5450 [ 14.207301] kasan_report+0x141/0x180 [ 14.207333] ? kasan_atomics_helper+0x992/0x5450 [ 14.207376] kasan_check_range+0x10c/0x1c0 [ 14.207400] __kasan_check_write+0x18/0x20 [ 14.207419] kasan_atomics_helper+0x992/0x5450 [ 14.207442] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.207465] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.207490] ? kasan_atomics+0x152/0x310 [ 14.207526] kasan_atomics+0x1dc/0x310 [ 14.207549] ? __pfx_kasan_atomics+0x10/0x10 [ 14.207584] ? __pfx_read_tsc+0x10/0x10 [ 14.207615] ? ktime_get_ts64+0x86/0x230 [ 14.207640] kunit_try_run_case+0x1a5/0x480 [ 14.207669] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.207692] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.207758] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.207794] ? __kthread_parkme+0x82/0x180 [ 14.207816] ? preempt_count_sub+0x50/0x80 [ 14.207841] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.207866] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.207889] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.207913] kthread+0x337/0x6f0 [ 14.207934] ? trace_preempt_on+0x20/0xc0 [ 14.207959] ? __pfx_kthread+0x10/0x10 [ 14.207981] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.208003] ? calculate_sigpending+0x7b/0xa0 [ 14.208027] ? __pfx_kthread+0x10/0x10 [ 14.208050] ret_from_fork+0x116/0x1d0 [ 14.208070] ? __pfx_kthread+0x10/0x10 [ 14.208101] ret_from_fork_asm+0x1a/0x30 [ 14.208133] </TASK> [ 14.208145] [ 14.217231] Allocated by task 284: [ 14.217465] kasan_save_stack+0x45/0x70 [ 14.217777] kasan_save_track+0x18/0x40 [ 14.218022] kasan_save_alloc_info+0x3b/0x50 [ 14.218254] __kasan_kmalloc+0xb7/0xc0 [ 14.218414] __kmalloc_cache_noprof+0x189/0x420 [ 14.218574] kasan_atomics+0x95/0x310 [ 14.218709] kunit_try_run_case+0x1a5/0x480 [ 14.219140] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.219456] kthread+0x337/0x6f0 [ 14.219631] ret_from_fork+0x116/0x1d0 [ 14.219828] ret_from_fork_asm+0x1a/0x30 [ 14.220125] [ 14.220265] The buggy address belongs to the object at ffff888103128480 [ 14.220265] which belongs to the cache kmalloc-64 of size 64 [ 14.220631] The buggy address is located 0 bytes to the right of [ 14.220631] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.221253] [ 14.221584] The buggy address belongs to the physical page: [ 14.222035] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.222285] flags: 0x200000000000000(node=0|zone=2) [ 14.222626] page_type: f5(slab) [ 14.222864] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.223256] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.223689] page dumped because: kasan: bad access detected [ 14.223977] [ 14.224091] Memory state around the buggy address: [ 14.224369] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.224844] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.225187] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.225441] ^ [ 14.225938] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.226400] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.226620] ================================================================== [ 14.271481] ================================================================== [ 14.271895] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 14.272229] Write of size 4 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.272493] [ 14.272640] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.272684] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.272696] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.272760] Call Trace: [ 14.272778] <TASK> [ 14.272808] dump_stack_lvl+0x73/0xb0 [ 14.272836] print_report+0xd1/0x650 [ 14.272860] ? __virt_addr_valid+0x1db/0x2d0 [ 14.272883] ? kasan_atomics_helper+0xb6a/0x5450 [ 14.272905] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.272928] ? kasan_atomics_helper+0xb6a/0x5450 [ 14.272949] kasan_report+0x141/0x180 [ 14.272972] ? kasan_atomics_helper+0xb6a/0x5450 [ 14.272998] kasan_check_range+0x10c/0x1c0 [ 14.273023] __kasan_check_write+0x18/0x20 [ 14.273053] kasan_atomics_helper+0xb6a/0x5450 [ 14.273076] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.273098] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.273139] ? kasan_atomics+0x152/0x310 [ 14.273165] kasan_atomics+0x1dc/0x310 [ 14.273199] ? __pfx_kasan_atomics+0x10/0x10 [ 14.273224] ? __pfx_read_tsc+0x10/0x10 [ 14.273245] ? ktime_get_ts64+0x86/0x230 [ 14.273270] kunit_try_run_case+0x1a5/0x480 [ 14.273295] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.273318] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.273341] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.273373] ? __kthread_parkme+0x82/0x180 [ 14.273395] ? preempt_count_sub+0x50/0x80 [ 14.273419] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.273452] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.273475] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.273499] kthread+0x337/0x6f0 [ 14.273529] ? trace_preempt_on+0x20/0xc0 [ 14.273554] ? __pfx_kthread+0x10/0x10 [ 14.273609] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.273633] ? calculate_sigpending+0x7b/0xa0 [ 14.273666] ? __pfx_kthread+0x10/0x10 [ 14.273690] ret_from_fork+0x116/0x1d0 [ 14.273709] ? __pfx_kthread+0x10/0x10 [ 14.273741] ret_from_fork_asm+0x1a/0x30 [ 14.273773] </TASK> [ 14.273785] [ 14.282228] Allocated by task 284: [ 14.282423] kasan_save_stack+0x45/0x70 [ 14.282709] kasan_save_track+0x18/0x40 [ 14.283023] kasan_save_alloc_info+0x3b/0x50 [ 14.283227] __kasan_kmalloc+0xb7/0xc0 [ 14.283437] __kmalloc_cache_noprof+0x189/0x420 [ 14.283652] kasan_atomics+0x95/0x310 [ 14.283967] kunit_try_run_case+0x1a5/0x480 [ 14.284169] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.284430] kthread+0x337/0x6f0 [ 14.284616] ret_from_fork+0x116/0x1d0 [ 14.284844] ret_from_fork_asm+0x1a/0x30 [ 14.285018] [ 14.285092] The buggy address belongs to the object at ffff888103128480 [ 14.285092] which belongs to the cache kmalloc-64 of size 64 [ 14.285453] The buggy address is located 0 bytes to the right of [ 14.285453] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.286112] [ 14.286211] The buggy address belongs to the physical page: [ 14.286823] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.287174] flags: 0x200000000000000(node=0|zone=2) [ 14.287436] page_type: f5(slab) [ 14.287574] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.288007] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.288236] page dumped because: kasan: bad access detected [ 14.288658] [ 14.288780] Memory state around the buggy address: [ 14.289078] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.289299] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.289528] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.289746] ^ [ 14.290038] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.290439] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.290792] ================================================================== [ 14.314467] ================================================================== [ 14.314867] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 14.315201] Read of size 4 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.315528] [ 14.315706] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.315793] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.315810] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.315832] Call Trace: [ 14.315851] <TASK> [ 14.315869] dump_stack_lvl+0x73/0xb0 [ 14.315898] print_report+0xd1/0x650 [ 14.315922] ? __virt_addr_valid+0x1db/0x2d0 [ 14.315946] ? kasan_atomics_helper+0x4a84/0x5450 [ 14.315980] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.316004] ? kasan_atomics_helper+0x4a84/0x5450 [ 14.316027] kasan_report+0x141/0x180 [ 14.316061] ? kasan_atomics_helper+0x4a84/0x5450 [ 14.316088] __asan_report_load4_noabort+0x18/0x20 [ 14.316114] kasan_atomics_helper+0x4a84/0x5450 [ 14.316137] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.316160] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.316186] ? kasan_atomics+0x152/0x310 [ 14.316212] kasan_atomics+0x1dc/0x310 [ 14.316236] ? __pfx_kasan_atomics+0x10/0x10 [ 14.316270] ? __pfx_read_tsc+0x10/0x10 [ 14.316291] ? ktime_get_ts64+0x86/0x230 [ 14.316315] kunit_try_run_case+0x1a5/0x480 [ 14.316361] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.316385] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.316408] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.316440] ? __kthread_parkme+0x82/0x180 [ 14.316462] ? preempt_count_sub+0x50/0x80 [ 14.316486] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.316522] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.316545] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.316569] kthread+0x337/0x6f0 [ 14.316629] ? trace_preempt_on+0x20/0xc0 [ 14.316657] ? __pfx_kthread+0x10/0x10 [ 14.316678] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.316700] ? calculate_sigpending+0x7b/0xa0 [ 14.316725] ? __pfx_kthread+0x10/0x10 [ 14.316747] ret_from_fork+0x116/0x1d0 [ 14.316766] ? __pfx_kthread+0x10/0x10 [ 14.316787] ret_from_fork_asm+0x1a/0x30 [ 14.316818] </TASK> [ 14.316830] [ 14.325643] Allocated by task 284: [ 14.325873] kasan_save_stack+0x45/0x70 [ 14.326092] kasan_save_track+0x18/0x40 [ 14.326288] kasan_save_alloc_info+0x3b/0x50 [ 14.326483] __kasan_kmalloc+0xb7/0xc0 [ 14.326775] __kmalloc_cache_noprof+0x189/0x420 [ 14.326984] kasan_atomics+0x95/0x310 [ 14.327186] kunit_try_run_case+0x1a5/0x480 [ 14.327412] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.327728] kthread+0x337/0x6f0 [ 14.327926] ret_from_fork+0x116/0x1d0 [ 14.328126] ret_from_fork_asm+0x1a/0x30 [ 14.328310] [ 14.328427] The buggy address belongs to the object at ffff888103128480 [ 14.328427] which belongs to the cache kmalloc-64 of size 64 [ 14.329115] The buggy address is located 0 bytes to the right of [ 14.329115] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.329702] [ 14.329940] The buggy address belongs to the physical page: [ 14.330203] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.330575] flags: 0x200000000000000(node=0|zone=2) [ 14.330743] page_type: f5(slab) [ 14.330866] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.331170] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.331442] page dumped because: kasan: bad access detected [ 14.331725] [ 14.331812] Memory state around the buggy address: [ 14.331970] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.332336] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.332840] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.333176] ^ [ 14.333397] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.333872] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.334236] ================================================================== [ 14.334750] ================================================================== [ 14.335280] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 14.335629] Write of size 4 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.336049] [ 14.336160] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.336206] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.336229] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.336252] Call Trace: [ 14.336268] <TASK> [ 14.336297] dump_stack_lvl+0x73/0xb0 [ 14.336329] print_report+0xd1/0x650 [ 14.336365] ? __virt_addr_valid+0x1db/0x2d0 [ 14.336398] ? kasan_atomics_helper+0xd47/0x5450 [ 14.336420] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.336443] ? kasan_atomics_helper+0xd47/0x5450 [ 14.336476] kasan_report+0x141/0x180 [ 14.336499] ? kasan_atomics_helper+0xd47/0x5450 [ 14.336526] kasan_check_range+0x10c/0x1c0 [ 14.336550] __kasan_check_write+0x18/0x20 [ 14.336590] kasan_atomics_helper+0xd47/0x5450 [ 14.336614] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.336636] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.336719] ? kasan_atomics+0x152/0x310 [ 14.336747] kasan_atomics+0x1dc/0x310 [ 14.336771] ? __pfx_kasan_atomics+0x10/0x10 [ 14.336795] ? __pfx_read_tsc+0x10/0x10 [ 14.336828] ? ktime_get_ts64+0x86/0x230 [ 14.336852] kunit_try_run_case+0x1a5/0x480 [ 14.336878] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.336913] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.336938] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.336962] ? __kthread_parkme+0x82/0x180 [ 14.336984] ? preempt_count_sub+0x50/0x80 [ 14.337009] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.337033] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.337057] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.337091] kthread+0x337/0x6f0 [ 14.337111] ? trace_preempt_on+0x20/0xc0 [ 14.337135] ? __pfx_kthread+0x10/0x10 [ 14.337168] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.337190] ? calculate_sigpending+0x7b/0xa0 [ 14.337214] ? __pfx_kthread+0x10/0x10 [ 14.337236] ret_from_fork+0x116/0x1d0 [ 14.337256] ? __pfx_kthread+0x10/0x10 [ 14.337278] ret_from_fork_asm+0x1a/0x30 [ 14.337308] </TASK> [ 14.337320] [ 14.345616] Allocated by task 284: [ 14.345811] kasan_save_stack+0x45/0x70 [ 14.346022] kasan_save_track+0x18/0x40 [ 14.346650] kasan_save_alloc_info+0x3b/0x50 [ 14.346976] __kasan_kmalloc+0xb7/0xc0 [ 14.347132] __kmalloc_cache_noprof+0x189/0x420 [ 14.347520] kasan_atomics+0x95/0x310 [ 14.347830] kunit_try_run_case+0x1a5/0x480 [ 14.348054] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.348322] kthread+0x337/0x6f0 [ 14.348504] ret_from_fork+0x116/0x1d0 [ 14.348647] ret_from_fork_asm+0x1a/0x30 [ 14.348786] [ 14.348859] The buggy address belongs to the object at ffff888103128480 [ 14.348859] which belongs to the cache kmalloc-64 of size 64 [ 14.349774] The buggy address is located 0 bytes to the right of [ 14.349774] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.350146] [ 14.350221] The buggy address belongs to the physical page: [ 14.350496] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.351111] flags: 0x200000000000000(node=0|zone=2) [ 14.351388] page_type: f5(slab) [ 14.351623] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.352044] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.352292] page dumped because: kasan: bad access detected [ 14.352592] [ 14.352689] Memory state around the buggy address: [ 14.353013] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.353247] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.353564] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.353927] ^ [ 14.354184] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.354460] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.355042] ================================================================== [ 14.448967] ================================================================== [ 14.449631] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 14.450400] Write of size 4 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.450735] [ 14.450861] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.450906] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.450919] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.450940] Call Trace: [ 14.450956] <TASK> [ 14.450974] dump_stack_lvl+0x73/0xb0 [ 14.451003] print_report+0xd1/0x650 [ 14.451028] ? __virt_addr_valid+0x1db/0x2d0 [ 14.451053] ? kasan_atomics_helper+0x1079/0x5450 [ 14.451075] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.451098] ? kasan_atomics_helper+0x1079/0x5450 [ 14.451120] kasan_report+0x141/0x180 [ 14.451142] ? kasan_atomics_helper+0x1079/0x5450 [ 14.451169] kasan_check_range+0x10c/0x1c0 [ 14.451194] __kasan_check_write+0x18/0x20 [ 14.451214] kasan_atomics_helper+0x1079/0x5450 [ 14.451237] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.451260] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.451287] ? kasan_atomics+0x152/0x310 [ 14.451315] kasan_atomics+0x1dc/0x310 [ 14.451337] ? __pfx_kasan_atomics+0x10/0x10 [ 14.451373] ? __pfx_read_tsc+0x10/0x10 [ 14.451394] ? ktime_get_ts64+0x86/0x230 [ 14.451419] kunit_try_run_case+0x1a5/0x480 [ 14.451444] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.451467] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.451491] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.451514] ? __kthread_parkme+0x82/0x180 [ 14.451537] ? preempt_count_sub+0x50/0x80 [ 14.451561] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.451585] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.451620] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.451645] kthread+0x337/0x6f0 [ 14.451670] ? trace_preempt_on+0x20/0xc0 [ 14.451708] ? __pfx_kthread+0x10/0x10 [ 14.451729] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.451762] ? calculate_sigpending+0x7b/0xa0 [ 14.451809] ? __pfx_kthread+0x10/0x10 [ 14.451831] ret_from_fork+0x116/0x1d0 [ 14.451850] ? __pfx_kthread+0x10/0x10 [ 14.451872] ret_from_fork_asm+0x1a/0x30 [ 14.451914] </TASK> [ 14.451926] [ 14.459620] Allocated by task 284: [ 14.459872] kasan_save_stack+0x45/0x70 [ 14.460069] kasan_save_track+0x18/0x40 [ 14.460266] kasan_save_alloc_info+0x3b/0x50 [ 14.460437] __kasan_kmalloc+0xb7/0xc0 [ 14.460571] __kmalloc_cache_noprof+0x189/0x420 [ 14.460727] kasan_atomics+0x95/0x310 [ 14.460928] kunit_try_run_case+0x1a5/0x480 [ 14.461161] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.461462] kthread+0x337/0x6f0 [ 14.461589] ret_from_fork+0x116/0x1d0 [ 14.461723] ret_from_fork_asm+0x1a/0x30 [ 14.463029] [ 14.463139] The buggy address belongs to the object at ffff888103128480 [ 14.463139] which belongs to the cache kmalloc-64 of size 64 [ 14.463691] The buggy address is located 0 bytes to the right of [ 14.463691] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.464231] [ 14.464308] The buggy address belongs to the physical page: [ 14.464496] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.465304] flags: 0x200000000000000(node=0|zone=2) [ 14.465721] page_type: f5(slab) [ 14.466288] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.467233] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.467937] page dumped because: kasan: bad access detected [ 14.468441] [ 14.468604] Memory state around the buggy address: [ 14.468922] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.469142] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.469374] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.469590] ^ [ 14.469754] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.469970] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.470185] ================================================================== [ 14.913298] ================================================================== [ 14.913612] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 14.914046] Write of size 8 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.914364] [ 14.914454] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.914498] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.914511] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.914532] Call Trace: [ 14.914549] <TASK> [ 14.914566] dump_stack_lvl+0x73/0xb0 [ 14.914607] print_report+0xd1/0x650 [ 14.914631] ? __virt_addr_valid+0x1db/0x2d0 [ 14.914653] ? kasan_atomics_helper+0x1a7f/0x5450 [ 14.914675] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.914697] ? kasan_atomics_helper+0x1a7f/0x5450 [ 14.914719] kasan_report+0x141/0x180 [ 14.914742] ? kasan_atomics_helper+0x1a7f/0x5450 [ 14.914768] kasan_check_range+0x10c/0x1c0 [ 14.914792] __kasan_check_write+0x18/0x20 [ 14.914812] kasan_atomics_helper+0x1a7f/0x5450 [ 14.914844] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.914878] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.914904] ? kasan_atomics+0x152/0x310 [ 14.914930] kasan_atomics+0x1dc/0x310 [ 14.914965] ? __pfx_kasan_atomics+0x10/0x10 [ 14.914989] ? __pfx_read_tsc+0x10/0x10 [ 14.915012] ? ktime_get_ts64+0x86/0x230 [ 14.915037] kunit_try_run_case+0x1a5/0x480 [ 14.915061] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.915084] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.915108] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.915142] ? __kthread_parkme+0x82/0x180 [ 14.915163] ? preempt_count_sub+0x50/0x80 [ 14.915187] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.915211] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.915234] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.915258] kthread+0x337/0x6f0 [ 14.915277] ? trace_preempt_on+0x20/0xc0 [ 14.915301] ? __pfx_kthread+0x10/0x10 [ 14.915323] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.915363] ? calculate_sigpending+0x7b/0xa0 [ 14.915386] ? __pfx_kthread+0x10/0x10 [ 14.915409] ret_from_fork+0x116/0x1d0 [ 14.915438] ? __pfx_kthread+0x10/0x10 [ 14.915460] ret_from_fork_asm+0x1a/0x30 [ 14.915491] </TASK> [ 14.915502] [ 14.923401] Allocated by task 284: [ 14.923568] kasan_save_stack+0x45/0x70 [ 14.923717] kasan_save_track+0x18/0x40 [ 14.923853] kasan_save_alloc_info+0x3b/0x50 [ 14.924041] __kasan_kmalloc+0xb7/0xc0 [ 14.924239] __kmalloc_cache_noprof+0x189/0x420 [ 14.924490] kasan_atomics+0x95/0x310 [ 14.924680] kunit_try_run_case+0x1a5/0x480 [ 14.925048] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.925279] kthread+0x337/0x6f0 [ 14.925412] ret_from_fork+0x116/0x1d0 [ 14.925558] ret_from_fork_asm+0x1a/0x30 [ 14.925764] [ 14.925860] The buggy address belongs to the object at ffff888103128480 [ 14.925860] which belongs to the cache kmalloc-64 of size 64 [ 14.926278] The buggy address is located 0 bytes to the right of [ 14.926278] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.926670] [ 14.926767] The buggy address belongs to the physical page: [ 14.927185] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.927548] flags: 0x200000000000000(node=0|zone=2) [ 14.927782] page_type: f5(slab) [ 14.927936] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.928171] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.928411] page dumped because: kasan: bad access detected [ 14.928866] [ 14.928961] Memory state around the buggy address: [ 14.929198] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.929568] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.930066] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.930421] ^ [ 14.930594] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.930979] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.931352] ================================================================== [ 14.641030] ================================================================== [ 14.641556] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 14.642319] Read of size 8 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.642730] [ 14.642844] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.642889] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.642902] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.642923] Call Trace: [ 14.642978] <TASK> [ 14.642997] dump_stack_lvl+0x73/0xb0 [ 14.643025] print_report+0xd1/0x650 [ 14.643050] ? __virt_addr_valid+0x1db/0x2d0 [ 14.643074] ? kasan_atomics_helper+0x4eae/0x5450 [ 14.643097] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.643146] ? kasan_atomics_helper+0x4eae/0x5450 [ 14.643168] kasan_report+0x141/0x180 [ 14.643190] ? kasan_atomics_helper+0x4eae/0x5450 [ 14.643217] __asan_report_load8_noabort+0x18/0x20 [ 14.643243] kasan_atomics_helper+0x4eae/0x5450 [ 14.643266] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.643288] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.643314] ? kasan_atomics+0x152/0x310 [ 14.643341] kasan_atomics+0x1dc/0x310 [ 14.643375] ? __pfx_kasan_atomics+0x10/0x10 [ 14.643400] ? __pfx_read_tsc+0x10/0x10 [ 14.643421] ? ktime_get_ts64+0x86/0x230 [ 14.643446] kunit_try_run_case+0x1a5/0x480 [ 14.643470] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.643492] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.643516] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.643540] ? __kthread_parkme+0x82/0x180 [ 14.643562] ? preempt_count_sub+0x50/0x80 [ 14.643587] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.643611] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.643634] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.643664] kthread+0x337/0x6f0 [ 14.643685] ? trace_preempt_on+0x20/0xc0 [ 14.643709] ? __pfx_kthread+0x10/0x10 [ 14.643730] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.643771] ? calculate_sigpending+0x7b/0xa0 [ 14.643796] ? __pfx_kthread+0x10/0x10 [ 14.643818] ret_from_fork+0x116/0x1d0 [ 14.643837] ? __pfx_kthread+0x10/0x10 [ 14.643858] ret_from_fork_asm+0x1a/0x30 [ 14.643890] </TASK> [ 14.643902] [ 14.653491] Allocated by task 284: [ 14.653659] kasan_save_stack+0x45/0x70 [ 14.654184] kasan_save_track+0x18/0x40 [ 14.654607] kasan_save_alloc_info+0x3b/0x50 [ 14.655100] __kasan_kmalloc+0xb7/0xc0 [ 14.655341] __kmalloc_cache_noprof+0x189/0x420 [ 14.655679] kasan_atomics+0x95/0x310 [ 14.656170] kunit_try_run_case+0x1a5/0x480 [ 14.656450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.656869] kthread+0x337/0x6f0 [ 14.657177] ret_from_fork+0x116/0x1d0 [ 14.657373] ret_from_fork_asm+0x1a/0x30 [ 14.657559] [ 14.657653] The buggy address belongs to the object at ffff888103128480 [ 14.657653] which belongs to the cache kmalloc-64 of size 64 [ 14.658634] The buggy address is located 0 bytes to the right of [ 14.658634] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.659523] [ 14.659632] The buggy address belongs to the physical page: [ 14.660072] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.660549] flags: 0x200000000000000(node=0|zone=2) [ 14.660965] page_type: f5(slab) [ 14.661191] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.661717] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.662232] page dumped because: kasan: bad access detected [ 14.662489] [ 14.662581] Memory state around the buggy address: [ 14.663054] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.663603] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.664336] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.664793] ^ [ 14.665143] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.665588] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.666234] ================================================================== [ 14.052332] ================================================================== [ 14.052787] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 14.053345] Write of size 4 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.053811] [ 14.053905] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.053954] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.053967] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.053990] Call Trace: [ 14.054007] <TASK> [ 14.054025] dump_stack_lvl+0x73/0xb0 [ 14.054054] print_report+0xd1/0x650 [ 14.054090] ? __virt_addr_valid+0x1db/0x2d0 [ 14.054114] ? kasan_atomics_helper+0x565/0x5450 [ 14.054137] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.054172] ? kasan_atomics_helper+0x565/0x5450 [ 14.054194] kasan_report+0x141/0x180 [ 14.054217] ? kasan_atomics_helper+0x565/0x5450 [ 14.054244] kasan_check_range+0x10c/0x1c0 [ 14.054277] __kasan_check_write+0x18/0x20 [ 14.054298] kasan_atomics_helper+0x565/0x5450 [ 14.054327] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.054350] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.054386] ? kasan_atomics+0x152/0x310 [ 14.054414] kasan_atomics+0x1dc/0x310 [ 14.054437] ? __pfx_kasan_atomics+0x10/0x10 [ 14.054462] ? __pfx_read_tsc+0x10/0x10 [ 14.054484] ? ktime_get_ts64+0x86/0x230 [ 14.054509] kunit_try_run_case+0x1a5/0x480 [ 14.054533] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.054556] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.054620] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.054660] ? __kthread_parkme+0x82/0x180 [ 14.054681] ? preempt_count_sub+0x50/0x80 [ 14.054718] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.054743] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.054766] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.054790] kthread+0x337/0x6f0 [ 14.054810] ? trace_preempt_on+0x20/0xc0 [ 14.054844] ? __pfx_kthread+0x10/0x10 [ 14.054865] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.054887] ? calculate_sigpending+0x7b/0xa0 [ 14.054922] ? __pfx_kthread+0x10/0x10 [ 14.054944] ret_from_fork+0x116/0x1d0 [ 14.054963] ? __pfx_kthread+0x10/0x10 [ 14.054993] ret_from_fork_asm+0x1a/0x30 [ 14.055024] </TASK> [ 14.055036] [ 14.068161] Allocated by task 284: [ 14.068513] kasan_save_stack+0x45/0x70 [ 14.068917] kasan_save_track+0x18/0x40 [ 14.069261] kasan_save_alloc_info+0x3b/0x50 [ 14.069618] __kasan_kmalloc+0xb7/0xc0 [ 14.069982] __kmalloc_cache_noprof+0x189/0x420 [ 14.070145] kasan_atomics+0x95/0x310 [ 14.070282] kunit_try_run_case+0x1a5/0x480 [ 14.070437] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.070641] kthread+0x337/0x6f0 [ 14.070765] ret_from_fork+0x116/0x1d0 [ 14.070980] ret_from_fork_asm+0x1a/0x30 [ 14.071382] [ 14.071484] The buggy address belongs to the object at ffff888103128480 [ 14.071484] which belongs to the cache kmalloc-64 of size 64 [ 14.072056] The buggy address is located 0 bytes to the right of [ 14.072056] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.072588] [ 14.072682] The buggy address belongs to the physical page: [ 14.073103] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.073448] flags: 0x200000000000000(node=0|zone=2) [ 14.073673] page_type: f5(slab) [ 14.073845] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.074173] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.074509] page dumped because: kasan: bad access detected [ 14.074807] [ 14.074925] Memory state around the buggy address: [ 14.075140] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.075455] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.075931] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.076206] ^ [ 14.076422] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.076806] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.077221] ================================================================== [ 14.355714] ================================================================== [ 14.356219] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 14.356555] Write of size 4 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.357111] [ 14.357252] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.357298] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.357311] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.357333] Call Trace: [ 14.357345] <TASK> [ 14.357382] dump_stack_lvl+0x73/0xb0 [ 14.357412] print_report+0xd1/0x650 [ 14.357436] ? __virt_addr_valid+0x1db/0x2d0 [ 14.357472] ? kasan_atomics_helper+0xde0/0x5450 [ 14.357494] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.357516] ? kasan_atomics_helper+0xde0/0x5450 [ 14.357538] kasan_report+0x141/0x180 [ 14.357569] ? kasan_atomics_helper+0xde0/0x5450 [ 14.357596] kasan_check_range+0x10c/0x1c0 [ 14.357630] __kasan_check_write+0x18/0x20 [ 14.357651] kasan_atomics_helper+0xde0/0x5450 [ 14.357674] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.357697] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.357724] ? kasan_atomics+0x152/0x310 [ 14.357764] kasan_atomics+0x1dc/0x310 [ 14.357796] ? __pfx_kasan_atomics+0x10/0x10 [ 14.357821] ? __pfx_read_tsc+0x10/0x10 [ 14.357855] ? ktime_get_ts64+0x86/0x230 [ 14.357881] kunit_try_run_case+0x1a5/0x480 [ 14.357906] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.357929] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.357954] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.357978] ? __kthread_parkme+0x82/0x180 [ 14.358000] ? preempt_count_sub+0x50/0x80 [ 14.358025] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.358050] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.358073] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.358098] kthread+0x337/0x6f0 [ 14.358118] ? trace_preempt_on+0x20/0xc0 [ 14.358144] ? __pfx_kthread+0x10/0x10 [ 14.358165] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.358187] ? calculate_sigpending+0x7b/0xa0 [ 14.358212] ? __pfx_kthread+0x10/0x10 [ 14.358235] ret_from_fork+0x116/0x1d0 [ 14.358255] ? __pfx_kthread+0x10/0x10 [ 14.358277] ret_from_fork_asm+0x1a/0x30 [ 14.358309] </TASK> [ 14.358322] [ 14.366380] Allocated by task 284: [ 14.366596] kasan_save_stack+0x45/0x70 [ 14.366824] kasan_save_track+0x18/0x40 [ 14.367013] kasan_save_alloc_info+0x3b/0x50 [ 14.367293] __kasan_kmalloc+0xb7/0xc0 [ 14.367494] __kmalloc_cache_noprof+0x189/0x420 [ 14.367703] kasan_atomics+0x95/0x310 [ 14.367904] kunit_try_run_case+0x1a5/0x480 [ 14.368112] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.368361] kthread+0x337/0x6f0 [ 14.368486] ret_from_fork+0x116/0x1d0 [ 14.368696] ret_from_fork_asm+0x1a/0x30 [ 14.368891] [ 14.369012] The buggy address belongs to the object at ffff888103128480 [ 14.369012] which belongs to the cache kmalloc-64 of size 64 [ 14.369499] The buggy address is located 0 bytes to the right of [ 14.369499] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.370110] [ 14.370202] The buggy address belongs to the physical page: [ 14.370436] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.370804] flags: 0x200000000000000(node=0|zone=2) [ 14.371028] page_type: f5(slab) [ 14.371180] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.371419] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.371644] page dumped because: kasan: bad access detected [ 14.371842] [ 14.371969] Memory state around the buggy address: [ 14.372198] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.372534] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.372986] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.373249] ^ [ 14.373411] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.373626] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.373900] ================================================================== [ 15.069454] ================================================================== [ 15.069806] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 15.070248] Write of size 8 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 15.070637] [ 15.070988] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.071040] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.071054] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.071075] Call Trace: [ 15.071095] <TASK> [ 15.071114] dump_stack_lvl+0x73/0xb0 [ 15.071145] print_report+0xd1/0x650 [ 15.071170] ? __virt_addr_valid+0x1db/0x2d0 [ 15.071194] ? kasan_atomics_helper+0x1f43/0x5450 [ 15.071216] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.071239] ? kasan_atomics_helper+0x1f43/0x5450 [ 15.071261] kasan_report+0x141/0x180 [ 15.071284] ? kasan_atomics_helper+0x1f43/0x5450 [ 15.071311] kasan_check_range+0x10c/0x1c0 [ 15.071336] __kasan_check_write+0x18/0x20 [ 15.071368] kasan_atomics_helper+0x1f43/0x5450 [ 15.071392] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.071415] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.071441] ? kasan_atomics+0x152/0x310 [ 15.071469] kasan_atomics+0x1dc/0x310 [ 15.071492] ? __pfx_kasan_atomics+0x10/0x10 [ 15.071517] ? __pfx_read_tsc+0x10/0x10 [ 15.071539] ? ktime_get_ts64+0x86/0x230 [ 15.071564] kunit_try_run_case+0x1a5/0x480 [ 15.071589] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.071612] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.071638] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.071667] ? __kthread_parkme+0x82/0x180 [ 15.071689] ? preempt_count_sub+0x50/0x80 [ 15.071713] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.071747] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.071771] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.071794] kthread+0x337/0x6f0 [ 15.071816] ? trace_preempt_on+0x20/0xc0 [ 15.071841] ? __pfx_kthread+0x10/0x10 [ 15.071863] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.071884] ? calculate_sigpending+0x7b/0xa0 [ 15.071908] ? __pfx_kthread+0x10/0x10 [ 15.071931] ret_from_fork+0x116/0x1d0 [ 15.071949] ? __pfx_kthread+0x10/0x10 [ 15.071969] ret_from_fork_asm+0x1a/0x30 [ 15.072002] </TASK> [ 15.072015] [ 15.081857] Allocated by task 284: [ 15.082173] kasan_save_stack+0x45/0x70 [ 15.082412] kasan_save_track+0x18/0x40 [ 15.082592] kasan_save_alloc_info+0x3b/0x50 [ 15.082966] __kasan_kmalloc+0xb7/0xc0 [ 15.083155] __kmalloc_cache_noprof+0x189/0x420 [ 15.083437] kasan_atomics+0x95/0x310 [ 15.083584] kunit_try_run_case+0x1a5/0x480 [ 15.083987] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.084301] kthread+0x337/0x6f0 [ 15.084454] ret_from_fork+0x116/0x1d0 [ 15.084638] ret_from_fork_asm+0x1a/0x30 [ 15.085005] [ 15.085113] The buggy address belongs to the object at ffff888103128480 [ 15.085113] which belongs to the cache kmalloc-64 of size 64 [ 15.085644] The buggy address is located 0 bytes to the right of [ 15.085644] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 15.086384] [ 15.086484] The buggy address belongs to the physical page: [ 15.086718] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 15.087046] flags: 0x200000000000000(node=0|zone=2) [ 15.087262] page_type: f5(slab) [ 15.087425] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.087745] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.088491] page dumped because: kasan: bad access detected [ 15.088744] [ 15.088998] Memory state around the buggy address: [ 15.089225] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.089638] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.090064] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.090463] ^ [ 15.090643] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.091161] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.091553] ================================================================== [ 15.255682] ================================================================== [ 15.256042] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 15.256469] Read of size 8 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 15.256692] [ 15.256776] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.256817] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.256829] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.256850] Call Trace: [ 15.256865] <TASK> [ 15.256881] dump_stack_lvl+0x73/0xb0 [ 15.256909] print_report+0xd1/0x650 [ 15.256932] ? __virt_addr_valid+0x1db/0x2d0 [ 15.256957] ? kasan_atomics_helper+0x5115/0x5450 [ 15.256978] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.257000] ? kasan_atomics_helper+0x5115/0x5450 [ 15.257023] kasan_report+0x141/0x180 [ 15.257046] ? kasan_atomics_helper+0x5115/0x5450 [ 15.257073] __asan_report_load8_noabort+0x18/0x20 [ 15.257098] kasan_atomics_helper+0x5115/0x5450 [ 15.257121] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.257143] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.257168] ? kasan_atomics+0x152/0x310 [ 15.257195] kasan_atomics+0x1dc/0x310 [ 15.257218] ? __pfx_kasan_atomics+0x10/0x10 [ 15.257243] ? __pfx_read_tsc+0x10/0x10 [ 15.257264] ? ktime_get_ts64+0x86/0x230 [ 15.257289] kunit_try_run_case+0x1a5/0x480 [ 15.257313] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.257335] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.257373] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.257396] ? __kthread_parkme+0x82/0x180 [ 15.257417] ? preempt_count_sub+0x50/0x80 [ 15.257441] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.257466] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.257489] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.257512] kthread+0x337/0x6f0 [ 15.257532] ? trace_preempt_on+0x20/0xc0 [ 15.257556] ? __pfx_kthread+0x10/0x10 [ 15.257578] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.257599] ? calculate_sigpending+0x7b/0xa0 [ 15.257623] ? __pfx_kthread+0x10/0x10 [ 15.257645] ret_from_fork+0x116/0x1d0 [ 15.257664] ? __pfx_kthread+0x10/0x10 [ 15.257685] ret_from_fork_asm+0x1a/0x30 [ 15.257716] </TASK> [ 15.257728] [ 15.265679] Allocated by task 284: [ 15.265867] kasan_save_stack+0x45/0x70 [ 15.266071] kasan_save_track+0x18/0x40 [ 15.266409] kasan_save_alloc_info+0x3b/0x50 [ 15.266559] __kasan_kmalloc+0xb7/0xc0 [ 15.266693] __kmalloc_cache_noprof+0x189/0x420 [ 15.266847] kasan_atomics+0x95/0x310 [ 15.267189] kunit_try_run_case+0x1a5/0x480 [ 15.267414] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.267677] kthread+0x337/0x6f0 [ 15.267847] ret_from_fork+0x116/0x1d0 [ 15.268113] ret_from_fork_asm+0x1a/0x30 [ 15.268296] [ 15.268457] The buggy address belongs to the object at ffff888103128480 [ 15.268457] which belongs to the cache kmalloc-64 of size 64 [ 15.268815] The buggy address is located 0 bytes to the right of [ 15.268815] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 15.269538] [ 15.269637] The buggy address belongs to the physical page: [ 15.269922] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 15.270160] flags: 0x200000000000000(node=0|zone=2) [ 15.270324] page_type: f5(slab) [ 15.270454] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.270798] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.271134] page dumped because: kasan: bad access detected [ 15.271400] [ 15.271496] Memory state around the buggy address: [ 15.271729] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.272028] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.272242] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.272794] ^ [ 15.273008] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.273255] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.273478] ================================================================== [ 14.291486] ================================================================== [ 14.291924] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 14.292309] Write of size 4 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.292680] [ 14.292993] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.293041] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.293055] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.293077] Call Trace: [ 14.293092] <TASK> [ 14.293109] dump_stack_lvl+0x73/0xb0 [ 14.293138] print_report+0xd1/0x650 [ 14.293162] ? __virt_addr_valid+0x1db/0x2d0 [ 14.293186] ? kasan_atomics_helper+0xc70/0x5450 [ 14.293207] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.293230] ? kasan_atomics_helper+0xc70/0x5450 [ 14.293254] kasan_report+0x141/0x180 [ 14.293278] ? kasan_atomics_helper+0xc70/0x5450 [ 14.293303] kasan_check_range+0x10c/0x1c0 [ 14.293327] __kasan_check_write+0x18/0x20 [ 14.293347] kasan_atomics_helper+0xc70/0x5450 [ 14.293380] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.293403] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.293430] ? kasan_atomics+0x152/0x310 [ 14.293456] kasan_atomics+0x1dc/0x310 [ 14.293479] ? __pfx_kasan_atomics+0x10/0x10 [ 14.293504] ? __pfx_read_tsc+0x10/0x10 [ 14.293526] ? ktime_get_ts64+0x86/0x230 [ 14.293550] kunit_try_run_case+0x1a5/0x480 [ 14.293575] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.293703] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.293730] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.293753] ? __kthread_parkme+0x82/0x180 [ 14.293787] ? preempt_count_sub+0x50/0x80 [ 14.293813] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.293837] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.293861] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.293885] kthread+0x337/0x6f0 [ 14.293908] ? trace_preempt_on+0x20/0xc0 [ 14.293936] ? __pfx_kthread+0x10/0x10 [ 14.293958] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.293980] ? calculate_sigpending+0x7b/0xa0 [ 14.294005] ? __pfx_kthread+0x10/0x10 [ 14.294027] ret_from_fork+0x116/0x1d0 [ 14.294047] ? __pfx_kthread+0x10/0x10 [ 14.294068] ret_from_fork_asm+0x1a/0x30 [ 14.294099] </TASK> [ 14.294111] [ 14.302669] Allocated by task 284: [ 14.302892] kasan_save_stack+0x45/0x70 [ 14.303098] kasan_save_track+0x18/0x40 [ 14.303280] kasan_save_alloc_info+0x3b/0x50 [ 14.303501] __kasan_kmalloc+0xb7/0xc0 [ 14.303984] __kmalloc_cache_noprof+0x189/0x420 [ 14.304201] kasan_atomics+0x95/0x310 [ 14.304368] kunit_try_run_case+0x1a5/0x480 [ 14.304672] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.305010] kthread+0x337/0x6f0 [ 14.305198] ret_from_fork+0x116/0x1d0 [ 14.305405] ret_from_fork_asm+0x1a/0x30 [ 14.305844] [ 14.306037] The buggy address belongs to the object at ffff888103128480 [ 14.306037] which belongs to the cache kmalloc-64 of size 64 [ 14.307079] The buggy address is located 0 bytes to the right of [ 14.307079] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.308087] [ 14.308321] The buggy address belongs to the physical page: [ 14.308738] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.309089] flags: 0x200000000000000(node=0|zone=2) [ 14.309312] page_type: f5(slab) [ 14.309482] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.310129] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.310460] page dumped because: kasan: bad access detected [ 14.311166] [ 14.311283] Memory state around the buggy address: [ 14.311502] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.311867] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.312164] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.312458] ^ [ 14.313045] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.313564] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.314017] ================================================================== [ 14.430906] ================================================================== [ 14.431363] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 14.431810] Read of size 4 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.432166] [ 14.432304] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.432371] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.432384] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.432407] Call Trace: [ 14.432426] <TASK> [ 14.432446] dump_stack_lvl+0x73/0xb0 [ 14.432474] print_report+0xd1/0x650 [ 14.432498] ? __virt_addr_valid+0x1db/0x2d0 [ 14.432523] ? kasan_atomics_helper+0x4a36/0x5450 [ 14.432544] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.432567] ? kasan_atomics_helper+0x4a36/0x5450 [ 14.432589] kasan_report+0x141/0x180 [ 14.432611] ? kasan_atomics_helper+0x4a36/0x5450 [ 14.432638] __asan_report_load4_noabort+0x18/0x20 [ 14.432663] kasan_atomics_helper+0x4a36/0x5450 [ 14.432696] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.432720] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.432768] ? kasan_atomics+0x152/0x310 [ 14.432795] kasan_atomics+0x1dc/0x310 [ 14.432819] ? __pfx_kasan_atomics+0x10/0x10 [ 14.432844] ? __pfx_read_tsc+0x10/0x10 [ 14.432865] ? ktime_get_ts64+0x86/0x230 [ 14.432890] kunit_try_run_case+0x1a5/0x480 [ 14.432915] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.432938] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.432963] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.432986] ? __kthread_parkme+0x82/0x180 [ 14.433009] ? preempt_count_sub+0x50/0x80 [ 14.433034] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.433058] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.433081] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.433105] kthread+0x337/0x6f0 [ 14.433134] ? trace_preempt_on+0x20/0xc0 [ 14.433160] ? __pfx_kthread+0x10/0x10 [ 14.433181] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.433213] ? calculate_sigpending+0x7b/0xa0 [ 14.433238] ? __pfx_kthread+0x10/0x10 [ 14.433260] ret_from_fork+0x116/0x1d0 [ 14.433279] ? __pfx_kthread+0x10/0x10 [ 14.433308] ret_from_fork_asm+0x1a/0x30 [ 14.433339] </TASK> [ 14.433366] [ 14.440711] Allocated by task 284: [ 14.440925] kasan_save_stack+0x45/0x70 [ 14.441164] kasan_save_track+0x18/0x40 [ 14.441398] kasan_save_alloc_info+0x3b/0x50 [ 14.441657] __kasan_kmalloc+0xb7/0xc0 [ 14.441921] __kmalloc_cache_noprof+0x189/0x420 [ 14.442145] kasan_atomics+0x95/0x310 [ 14.442334] kunit_try_run_case+0x1a5/0x480 [ 14.442553] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.442850] kthread+0x337/0x6f0 [ 14.442984] ret_from_fork+0x116/0x1d0 [ 14.443119] ret_from_fork_asm+0x1a/0x30 [ 14.443259] [ 14.443338] The buggy address belongs to the object at ffff888103128480 [ 14.443338] which belongs to the cache kmalloc-64 of size 64 [ 14.444121] The buggy address is located 0 bytes to the right of [ 14.444121] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.444642] [ 14.444774] The buggy address belongs to the physical page: [ 14.444983] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.445334] flags: 0x200000000000000(node=0|zone=2) [ 14.445572] page_type: f5(slab) [ 14.445747] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.446063] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.446364] page dumped because: kasan: bad access detected [ 14.446538] [ 14.446608] Memory state around the buggy address: [ 14.446851] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.447223] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.447551] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.447909] ^ [ 14.448067] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.448283] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.448507] ================================================================== [ 14.869260] ================================================================== [ 14.870004] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 14.870667] Write of size 8 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.871176] [ 14.871267] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.871312] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.871335] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.871366] Call Trace: [ 14.871382] <TASK> [ 14.871400] dump_stack_lvl+0x73/0xb0 [ 14.871440] print_report+0xd1/0x650 [ 14.871463] ? __virt_addr_valid+0x1db/0x2d0 [ 14.871486] ? kasan_atomics_helper+0x194a/0x5450 [ 14.871508] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.871530] ? kasan_atomics_helper+0x194a/0x5450 [ 14.871552] kasan_report+0x141/0x180 [ 14.871575] ? kasan_atomics_helper+0x194a/0x5450 [ 14.871602] kasan_check_range+0x10c/0x1c0 [ 14.871626] __kasan_check_write+0x18/0x20 [ 14.871645] kasan_atomics_helper+0x194a/0x5450 [ 14.871674] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.871705] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.871731] ? kasan_atomics+0x152/0x310 [ 14.871759] kasan_atomics+0x1dc/0x310 [ 14.871792] ? __pfx_kasan_atomics+0x10/0x10 [ 14.871817] ? __pfx_read_tsc+0x10/0x10 [ 14.871839] ? ktime_get_ts64+0x86/0x230 [ 14.871863] kunit_try_run_case+0x1a5/0x480 [ 14.871888] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.871910] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.871934] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.871966] ? __kthread_parkme+0x82/0x180 [ 14.871987] ? preempt_count_sub+0x50/0x80 [ 14.872011] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.872036] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.872058] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.872081] kthread+0x337/0x6f0 [ 14.872102] ? trace_preempt_on+0x20/0xc0 [ 14.872126] ? __pfx_kthread+0x10/0x10 [ 14.872147] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.872169] ? calculate_sigpending+0x7b/0xa0 [ 14.872193] ? __pfx_kthread+0x10/0x10 [ 14.872215] ret_from_fork+0x116/0x1d0 [ 14.872233] ? __pfx_kthread+0x10/0x10 [ 14.872254] ret_from_fork_asm+0x1a/0x30 [ 14.872285] </TASK> [ 14.872297] [ 14.880449] Allocated by task 284: [ 14.880657] kasan_save_stack+0x45/0x70 [ 14.880917] kasan_save_track+0x18/0x40 [ 14.881089] kasan_save_alloc_info+0x3b/0x50 [ 14.881340] __kasan_kmalloc+0xb7/0xc0 [ 14.881522] __kmalloc_cache_noprof+0x189/0x420 [ 14.881749] kasan_atomics+0x95/0x310 [ 14.881941] kunit_try_run_case+0x1a5/0x480 [ 14.882138] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.882386] kthread+0x337/0x6f0 [ 14.882511] ret_from_fork+0x116/0x1d0 [ 14.882716] ret_from_fork_asm+0x1a/0x30 [ 14.882938] [ 14.883033] The buggy address belongs to the object at ffff888103128480 [ 14.883033] which belongs to the cache kmalloc-64 of size 64 [ 14.883711] The buggy address is located 0 bytes to the right of [ 14.883711] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.884243] [ 14.884319] The buggy address belongs to the physical page: [ 14.884606] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.884950] flags: 0x200000000000000(node=0|zone=2) [ 14.885181] page_type: f5(slab) [ 14.885372] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.885659] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.886038] page dumped because: kasan: bad access detected [ 14.886247] [ 14.886321] Memory state around the buggy address: [ 14.886498] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.886724] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.887043] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.887367] ^ [ 14.887618] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.887976] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.888196] ================================================================== [ 14.250285] ================================================================== [ 14.250720] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 14.251052] Write of size 4 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.251312] [ 14.251416] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.251462] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.251475] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.251496] Call Trace: [ 14.251514] <TASK> [ 14.251530] dump_stack_lvl+0x73/0xb0 [ 14.251560] print_report+0xd1/0x650 [ 14.251583] ? __virt_addr_valid+0x1db/0x2d0 [ 14.251607] ? kasan_atomics_helper+0xac7/0x5450 [ 14.251628] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.251651] ? kasan_atomics_helper+0xac7/0x5450 [ 14.251678] kasan_report+0x141/0x180 [ 14.251700] ? kasan_atomics_helper+0xac7/0x5450 [ 14.251727] kasan_check_range+0x10c/0x1c0 [ 14.251751] __kasan_check_write+0x18/0x20 [ 14.251772] kasan_atomics_helper+0xac7/0x5450 [ 14.251795] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.251817] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.251843] ? kasan_atomics+0x152/0x310 [ 14.251872] kasan_atomics+0x1dc/0x310 [ 14.251894] ? __pfx_kasan_atomics+0x10/0x10 [ 14.251921] ? __pfx_read_tsc+0x10/0x10 [ 14.251942] ? ktime_get_ts64+0x86/0x230 [ 14.251967] kunit_try_run_case+0x1a5/0x480 [ 14.251992] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.252015] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.252039] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.252062] ? __kthread_parkme+0x82/0x180 [ 14.252083] ? preempt_count_sub+0x50/0x80 [ 14.252108] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.252132] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.252156] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.252180] kthread+0x337/0x6f0 [ 14.252200] ? trace_preempt_on+0x20/0xc0 [ 14.252225] ? __pfx_kthread+0x10/0x10 [ 14.252246] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.252268] ? calculate_sigpending+0x7b/0xa0 [ 14.252292] ? __pfx_kthread+0x10/0x10 [ 14.252315] ret_from_fork+0x116/0x1d0 [ 14.252333] ? __pfx_kthread+0x10/0x10 [ 14.252426] ret_from_fork_asm+0x1a/0x30 [ 14.252462] </TASK> [ 14.252473] [ 14.262080] Allocated by task 284: [ 14.262252] kasan_save_stack+0x45/0x70 [ 14.262479] kasan_save_track+0x18/0x40 [ 14.262877] kasan_save_alloc_info+0x3b/0x50 [ 14.263110] __kasan_kmalloc+0xb7/0xc0 [ 14.263306] __kmalloc_cache_noprof+0x189/0x420 [ 14.263522] kasan_atomics+0x95/0x310 [ 14.263836] kunit_try_run_case+0x1a5/0x480 [ 14.264055] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.264285] kthread+0x337/0x6f0 [ 14.264467] ret_from_fork+0x116/0x1d0 [ 14.264678] ret_from_fork_asm+0x1a/0x30 [ 14.264954] [ 14.265074] The buggy address belongs to the object at ffff888103128480 [ 14.265074] which belongs to the cache kmalloc-64 of size 64 [ 14.265547] The buggy address is located 0 bytes to the right of [ 14.265547] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.266089] [ 14.266167] The buggy address belongs to the physical page: [ 14.266392] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.266807] flags: 0x200000000000000(node=0|zone=2) [ 14.267110] page_type: f5(slab) [ 14.267284] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.267525] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.267947] page dumped because: kasan: bad access detected [ 14.268222] [ 14.268562] Memory state around the buggy address: [ 14.268785] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.269182] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.269471] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.270005] ^ [ 14.270174] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.270407] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.270957] ================================================================== [ 14.227343] ================================================================== [ 14.227759] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 14.228212] Write of size 4 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.228565] [ 14.228695] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.228826] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.228854] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.228875] Call Trace: [ 14.228891] <TASK> [ 14.228908] dump_stack_lvl+0x73/0xb0 [ 14.228948] print_report+0xd1/0x650 [ 14.228972] ? __virt_addr_valid+0x1db/0x2d0 [ 14.229012] ? kasan_atomics_helper+0xa2b/0x5450 [ 14.229033] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.229069] ? kasan_atomics_helper+0xa2b/0x5450 [ 14.229091] kasan_report+0x141/0x180 [ 14.229127] ? kasan_atomics_helper+0xa2b/0x5450 [ 14.229180] kasan_check_range+0x10c/0x1c0 [ 14.229214] __kasan_check_write+0x18/0x20 [ 14.229234] kasan_atomics_helper+0xa2b/0x5450 [ 14.229256] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.229291] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.229317] ? kasan_atomics+0x152/0x310 [ 14.229362] kasan_atomics+0x1dc/0x310 [ 14.229385] ? __pfx_kasan_atomics+0x10/0x10 [ 14.229410] ? __pfx_read_tsc+0x10/0x10 [ 14.229431] ? ktime_get_ts64+0x86/0x230 [ 14.229456] kunit_try_run_case+0x1a5/0x480 [ 14.229481] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.229505] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.229529] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.229553] ? __kthread_parkme+0x82/0x180 [ 14.229584] ? preempt_count_sub+0x50/0x80 [ 14.229608] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.229688] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.229716] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.229754] kthread+0x337/0x6f0 [ 14.229775] ? trace_preempt_on+0x20/0xc0 [ 14.229800] ? __pfx_kthread+0x10/0x10 [ 14.229851] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.229887] ? calculate_sigpending+0x7b/0xa0 [ 14.229938] ? __pfx_kthread+0x10/0x10 [ 14.229962] ret_from_fork+0x116/0x1d0 [ 14.230003] ? __pfx_kthread+0x10/0x10 [ 14.230037] ret_from_fork_asm+0x1a/0x30 [ 14.230081] </TASK> [ 14.230094] [ 14.239969] Allocated by task 284: [ 14.240209] kasan_save_stack+0x45/0x70 [ 14.240443] kasan_save_track+0x18/0x40 [ 14.240682] kasan_save_alloc_info+0x3b/0x50 [ 14.240929] __kasan_kmalloc+0xb7/0xc0 [ 14.241147] __kmalloc_cache_noprof+0x189/0x420 [ 14.241365] kasan_atomics+0x95/0x310 [ 14.241590] kunit_try_run_case+0x1a5/0x480 [ 14.241890] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.242168] kthread+0x337/0x6f0 [ 14.242389] ret_from_fork+0x116/0x1d0 [ 14.242589] ret_from_fork_asm+0x1a/0x30 [ 14.242839] [ 14.243165] The buggy address belongs to the object at ffff888103128480 [ 14.243165] which belongs to the cache kmalloc-64 of size 64 [ 14.243925] The buggy address is located 0 bytes to the right of [ 14.243925] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.244522] [ 14.244640] The buggy address belongs to the physical page: [ 14.244934] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.245306] flags: 0x200000000000000(node=0|zone=2) [ 14.245636] page_type: f5(slab) [ 14.245762] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.246382] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.246871] page dumped because: kasan: bad access detected [ 14.247163] [ 14.247239] Memory state around the buggy address: [ 14.247410] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.247648] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.248016] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.248426] ^ [ 14.248916] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.249322] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.249544] ================================================================== [ 13.990794] ================================================================== [ 13.991218] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 13.991523] Read of size 4 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 13.992213] [ 13.992338] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.992520] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.992547] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.992568] Call Trace: [ 13.992623] <TASK> [ 13.992639] dump_stack_lvl+0x73/0xb0 [ 13.992669] print_report+0xd1/0x650 [ 13.992693] ? __virt_addr_valid+0x1db/0x2d0 [ 13.992717] ? kasan_atomics_helper+0x4b54/0x5450 [ 13.992739] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.992761] ? kasan_atomics_helper+0x4b54/0x5450 [ 13.992784] kasan_report+0x141/0x180 [ 13.992806] ? kasan_atomics_helper+0x4b54/0x5450 [ 13.992833] __asan_report_load4_noabort+0x18/0x20 [ 13.992869] kasan_atomics_helper+0x4b54/0x5450 [ 13.992892] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.992914] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.992951] ? kasan_atomics+0x152/0x310 [ 13.992978] kasan_atomics+0x1dc/0x310 [ 13.993001] ? __pfx_kasan_atomics+0x10/0x10 [ 13.993024] ? __pfx_read_tsc+0x10/0x10 [ 13.993046] ? ktime_get_ts64+0x86/0x230 [ 13.993070] kunit_try_run_case+0x1a5/0x480 [ 13.993095] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.993117] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.993141] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.993163] ? __kthread_parkme+0x82/0x180 [ 13.993185] ? preempt_count_sub+0x50/0x80 [ 13.993208] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.993232] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.993265] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.993289] kthread+0x337/0x6f0 [ 13.993309] ? trace_preempt_on+0x20/0xc0 [ 13.993344] ? __pfx_kthread+0x10/0x10 [ 13.993373] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.993394] ? calculate_sigpending+0x7b/0xa0 [ 13.993419] ? __pfx_kthread+0x10/0x10 [ 13.993450] ret_from_fork+0x116/0x1d0 [ 13.993469] ? __pfx_kthread+0x10/0x10 [ 13.993489] ret_from_fork_asm+0x1a/0x30 [ 13.993530] </TASK> [ 13.993542] [ 14.001560] Allocated by task 284: [ 14.002064] kasan_save_stack+0x45/0x70 [ 14.002295] kasan_save_track+0x18/0x40 [ 14.002665] kasan_save_alloc_info+0x3b/0x50 [ 14.003074] __kasan_kmalloc+0xb7/0xc0 [ 14.003213] __kmalloc_cache_noprof+0x189/0x420 [ 14.003448] kasan_atomics+0x95/0x310 [ 14.003688] kunit_try_run_case+0x1a5/0x480 [ 14.003987] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.004257] kthread+0x337/0x6f0 [ 14.004454] ret_from_fork+0x116/0x1d0 [ 14.004681] ret_from_fork_asm+0x1a/0x30 [ 14.004883] [ 14.004983] The buggy address belongs to the object at ffff888103128480 [ 14.004983] which belongs to the cache kmalloc-64 of size 64 [ 14.005485] The buggy address is located 0 bytes to the right of [ 14.005485] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.005951] [ 14.006025] The buggy address belongs to the physical page: [ 14.006198] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.006705] flags: 0x200000000000000(node=0|zone=2) [ 14.007031] page_type: f5(slab) [ 14.007202] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.007563] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.008085] page dumped because: kasan: bad access detected [ 14.008277] [ 14.008350] Memory state around the buggy address: [ 14.008549] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.008958] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.009311] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.009639] ^ [ 14.009912] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.010200] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.010531] ================================================================== [ 14.393179] ================================================================== [ 14.393678] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 14.394113] Write of size 4 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.394465] [ 14.394551] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.394592] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.394605] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.394625] Call Trace: [ 14.394640] <TASK> [ 14.394655] dump_stack_lvl+0x73/0xb0 [ 14.394684] print_report+0xd1/0x650 [ 14.394707] ? __virt_addr_valid+0x1db/0x2d0 [ 14.394730] ? kasan_atomics_helper+0xf10/0x5450 [ 14.394751] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.394774] ? kasan_atomics_helper+0xf10/0x5450 [ 14.394796] kasan_report+0x141/0x180 [ 14.394820] ? kasan_atomics_helper+0xf10/0x5450 [ 14.394847] kasan_check_range+0x10c/0x1c0 [ 14.394871] __kasan_check_write+0x18/0x20 [ 14.394892] kasan_atomics_helper+0xf10/0x5450 [ 14.394915] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.394938] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.394964] ? kasan_atomics+0x152/0x310 [ 14.394991] kasan_atomics+0x1dc/0x310 [ 14.395015] ? __pfx_kasan_atomics+0x10/0x10 [ 14.395041] ? __pfx_read_tsc+0x10/0x10 [ 14.395062] ? ktime_get_ts64+0x86/0x230 [ 14.395086] kunit_try_run_case+0x1a5/0x480 [ 14.395111] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.395134] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.395158] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.395182] ? __kthread_parkme+0x82/0x180 [ 14.395204] ? preempt_count_sub+0x50/0x80 [ 14.395228] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.395252] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.395289] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.395314] kthread+0x337/0x6f0 [ 14.395334] ? trace_preempt_on+0x20/0xc0 [ 14.395374] ? __pfx_kthread+0x10/0x10 [ 14.395395] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.395417] ? calculate_sigpending+0x7b/0xa0 [ 14.395441] ? __pfx_kthread+0x10/0x10 [ 14.395464] ret_from_fork+0x116/0x1d0 [ 14.395483] ? __pfx_kthread+0x10/0x10 [ 14.395504] ret_from_fork_asm+0x1a/0x30 [ 14.395535] </TASK> [ 14.395547] [ 14.403774] Allocated by task 284: [ 14.403983] kasan_save_stack+0x45/0x70 [ 14.404157] kasan_save_track+0x18/0x40 [ 14.404363] kasan_save_alloc_info+0x3b/0x50 [ 14.404570] __kasan_kmalloc+0xb7/0xc0 [ 14.404753] __kmalloc_cache_noprof+0x189/0x420 [ 14.404933] kasan_atomics+0x95/0x310 [ 14.405144] kunit_try_run_case+0x1a5/0x480 [ 14.405310] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.405494] kthread+0x337/0x6f0 [ 14.405619] ret_from_fork+0x116/0x1d0 [ 14.405822] ret_from_fork_asm+0x1a/0x30 [ 14.406042] [ 14.406139] The buggy address belongs to the object at ffff888103128480 [ 14.406139] which belongs to the cache kmalloc-64 of size 64 [ 14.406616] The buggy address is located 0 bytes to the right of [ 14.406616] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.407558] [ 14.407635] The buggy address belongs to the physical page: [ 14.407953] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.408196] flags: 0x200000000000000(node=0|zone=2) [ 14.408420] page_type: f5(slab) [ 14.408591] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.409220] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.409520] page dumped because: kasan: bad access detected [ 14.409810] [ 14.409893] Memory state around the buggy address: [ 14.410101] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.410441] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.410736] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.411049] ^ [ 14.411261] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.411578] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.411892] ================================================================== [ 15.092292] ================================================================== [ 15.093023] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 15.093451] Read of size 8 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 15.093804] [ 15.093921] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.093967] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.093981] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.094004] Call Trace: [ 15.094022] <TASK> [ 15.094043] dump_stack_lvl+0x73/0xb0 [ 15.094073] print_report+0xd1/0x650 [ 15.094098] ? __virt_addr_valid+0x1db/0x2d0 [ 15.094123] ? kasan_atomics_helper+0x4f71/0x5450 [ 15.094146] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.094168] ? kasan_atomics_helper+0x4f71/0x5450 [ 15.094191] kasan_report+0x141/0x180 [ 15.094213] ? kasan_atomics_helper+0x4f71/0x5450 [ 15.094240] __asan_report_load8_noabort+0x18/0x20 [ 15.094265] kasan_atomics_helper+0x4f71/0x5450 [ 15.094289] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.094312] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.094338] ? kasan_atomics+0x152/0x310 [ 15.094378] kasan_atomics+0x1dc/0x310 [ 15.094401] ? __pfx_kasan_atomics+0x10/0x10 [ 15.094426] ? __pfx_read_tsc+0x10/0x10 [ 15.094448] ? ktime_get_ts64+0x86/0x230 [ 15.094473] kunit_try_run_case+0x1a5/0x480 [ 15.094498] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.094521] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.094546] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.094570] ? __kthread_parkme+0x82/0x180 [ 15.094592] ? preempt_count_sub+0x50/0x80 [ 15.094618] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.094643] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.094666] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.094690] kthread+0x337/0x6f0 [ 15.094711] ? trace_preempt_on+0x20/0xc0 [ 15.094747] ? __pfx_kthread+0x10/0x10 [ 15.094769] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.094791] ? calculate_sigpending+0x7b/0xa0 [ 15.094815] ? __pfx_kthread+0x10/0x10 [ 15.094838] ret_from_fork+0x116/0x1d0 [ 15.094858] ? __pfx_kthread+0x10/0x10 [ 15.094879] ret_from_fork_asm+0x1a/0x30 [ 15.094911] </TASK> [ 15.094923] [ 15.102202] Allocated by task 284: [ 15.102400] kasan_save_stack+0x45/0x70 [ 15.102685] kasan_save_track+0x18/0x40 [ 15.102967] kasan_save_alloc_info+0x3b/0x50 [ 15.103180] __kasan_kmalloc+0xb7/0xc0 [ 15.103361] __kmalloc_cache_noprof+0x189/0x420 [ 15.103560] kasan_atomics+0x95/0x310 [ 15.103703] kunit_try_run_case+0x1a5/0x480 [ 15.103914] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.104293] kthread+0x337/0x6f0 [ 15.104440] ret_from_fork+0x116/0x1d0 [ 15.104619] ret_from_fork_asm+0x1a/0x30 [ 15.104839] [ 15.104932] The buggy address belongs to the object at ffff888103128480 [ 15.104932] which belongs to the cache kmalloc-64 of size 64 [ 15.105289] The buggy address is located 0 bytes to the right of [ 15.105289] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 15.105703] [ 15.105806] The buggy address belongs to the physical page: [ 15.106061] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 15.106424] flags: 0x200000000000000(node=0|zone=2) [ 15.106611] page_type: f5(slab) [ 15.106735] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.106965] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.107404] page dumped because: kasan: bad access detected [ 15.107661] [ 15.107767] Memory state around the buggy address: [ 15.107997] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.108316] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.108641] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.108976] ^ [ 15.109170] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.109435] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.109682] ================================================================== [ 14.542458] ================================================================== [ 14.542789] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 14.543046] Write of size 4 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.543388] [ 14.543503] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.543548] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.543562] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.543585] Call Trace: [ 14.543603] <TASK> [ 14.543623] dump_stack_lvl+0x73/0xb0 [ 14.543652] print_report+0xd1/0x650 [ 14.543681] ? __virt_addr_valid+0x1db/0x2d0 [ 14.543706] ? kasan_atomics_helper+0x1217/0x5450 [ 14.543728] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.543759] ? kasan_atomics_helper+0x1217/0x5450 [ 14.543782] kasan_report+0x141/0x180 [ 14.543804] ? kasan_atomics_helper+0x1217/0x5450 [ 14.543830] kasan_check_range+0x10c/0x1c0 [ 14.543855] __kasan_check_write+0x18/0x20 [ 14.543876] kasan_atomics_helper+0x1217/0x5450 [ 14.543898] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.543921] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.543949] ? kasan_atomics+0x152/0x310 [ 14.543976] kasan_atomics+0x1dc/0x310 [ 14.543999] ? __pfx_kasan_atomics+0x10/0x10 [ 14.544023] ? __pfx_read_tsc+0x10/0x10 [ 14.544045] ? ktime_get_ts64+0x86/0x230 [ 14.544069] kunit_try_run_case+0x1a5/0x480 [ 14.544095] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.544117] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.544141] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.544165] ? __kthread_parkme+0x82/0x180 [ 14.544188] ? preempt_count_sub+0x50/0x80 [ 14.544212] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.544237] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.544260] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.544283] kthread+0x337/0x6f0 [ 14.544303] ? trace_preempt_on+0x20/0xc0 [ 14.544327] ? __pfx_kthread+0x10/0x10 [ 14.544360] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.544382] ? calculate_sigpending+0x7b/0xa0 [ 14.544406] ? __pfx_kthread+0x10/0x10 [ 14.544428] ret_from_fork+0x116/0x1d0 [ 14.544447] ? __pfx_kthread+0x10/0x10 [ 14.544468] ret_from_fork_asm+0x1a/0x30 [ 14.544499] </TASK> [ 14.544512] [ 14.551823] Allocated by task 284: [ 14.551959] kasan_save_stack+0x45/0x70 [ 14.552127] kasan_save_track+0x18/0x40 [ 14.552329] kasan_save_alloc_info+0x3b/0x50 [ 14.552555] __kasan_kmalloc+0xb7/0xc0 [ 14.552758] __kmalloc_cache_noprof+0x189/0x420 [ 14.552956] kasan_atomics+0x95/0x310 [ 14.553143] kunit_try_run_case+0x1a5/0x480 [ 14.553317] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.553545] kthread+0x337/0x6f0 [ 14.553715] ret_from_fork+0x116/0x1d0 [ 14.553892] ret_from_fork_asm+0x1a/0x30 [ 14.554034] [ 14.554130] The buggy address belongs to the object at ffff888103128480 [ 14.554130] which belongs to the cache kmalloc-64 of size 64 [ 14.554639] The buggy address is located 0 bytes to the right of [ 14.554639] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.555230] [ 14.555305] The buggy address belongs to the physical page: [ 14.555493] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.555738] flags: 0x200000000000000(node=0|zone=2) [ 14.555969] page_type: f5(slab) [ 14.556136] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.556619] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.556952] page dumped because: kasan: bad access detected [ 14.557176] [ 14.557246] Memory state around the buggy address: [ 14.557411] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.557628] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.557954] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.558272] ^ [ 14.558511] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.558829] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.559246] ================================================================== [ 14.825369] ================================================================== [ 14.825868] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 14.826195] Write of size 8 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.826526] [ 14.826639] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.826694] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.826706] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.826749] Call Trace: [ 14.826766] <TASK> [ 14.826781] dump_stack_lvl+0x73/0xb0 [ 14.826808] print_report+0xd1/0x650 [ 14.826832] ? __virt_addr_valid+0x1db/0x2d0 [ 14.826864] ? kasan_atomics_helper+0x1818/0x5450 [ 14.826886] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.826909] ? kasan_atomics_helper+0x1818/0x5450 [ 14.826942] kasan_report+0x141/0x180 [ 14.826964] ? kasan_atomics_helper+0x1818/0x5450 [ 14.826990] kasan_check_range+0x10c/0x1c0 [ 14.827014] __kasan_check_write+0x18/0x20 [ 14.827033] kasan_atomics_helper+0x1818/0x5450 [ 14.827065] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.827088] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.827113] ? kasan_atomics+0x152/0x310 [ 14.827150] kasan_atomics+0x1dc/0x310 [ 14.827174] ? __pfx_kasan_atomics+0x10/0x10 [ 14.827197] ? __pfx_read_tsc+0x10/0x10 [ 14.827218] ? ktime_get_ts64+0x86/0x230 [ 14.827243] kunit_try_run_case+0x1a5/0x480 [ 14.827267] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.827290] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.827314] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.827337] ? __kthread_parkme+0x82/0x180 [ 14.827377] ? preempt_count_sub+0x50/0x80 [ 14.827400] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.827424] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.827458] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.827481] kthread+0x337/0x6f0 [ 14.827502] ? trace_preempt_on+0x20/0xc0 [ 14.827526] ? __pfx_kthread+0x10/0x10 [ 14.827548] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.827570] ? calculate_sigpending+0x7b/0xa0 [ 14.827594] ? __pfx_kthread+0x10/0x10 [ 14.827615] ret_from_fork+0x116/0x1d0 [ 14.827634] ? __pfx_kthread+0x10/0x10 [ 14.827660] ret_from_fork_asm+0x1a/0x30 [ 14.827691] </TASK> [ 14.827703] [ 14.835495] Allocated by task 284: [ 14.835677] kasan_save_stack+0x45/0x70 [ 14.835946] kasan_save_track+0x18/0x40 [ 14.836107] kasan_save_alloc_info+0x3b/0x50 [ 14.836359] __kasan_kmalloc+0xb7/0xc0 [ 14.836574] __kmalloc_cache_noprof+0x189/0x420 [ 14.836754] kasan_atomics+0x95/0x310 [ 14.836967] kunit_try_run_case+0x1a5/0x480 [ 14.837127] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.837301] kthread+0x337/0x6f0 [ 14.837437] ret_from_fork+0x116/0x1d0 [ 14.837574] ret_from_fork_asm+0x1a/0x30 [ 14.837716] [ 14.837822] The buggy address belongs to the object at ffff888103128480 [ 14.837822] which belongs to the cache kmalloc-64 of size 64 [ 14.838367] The buggy address is located 0 bytes to the right of [ 14.838367] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.839145] [ 14.839255] The buggy address belongs to the physical page: [ 14.839454] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.839704] flags: 0x200000000000000(node=0|zone=2) [ 14.839869] page_type: f5(slab) [ 14.840030] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.840405] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.840781] page dumped because: kasan: bad access detected [ 14.841285] [ 14.841398] Memory state around the buggy address: [ 14.841639] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.842119] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.842338] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.842623] ^ [ 14.842854] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.843159] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.843382] ================================================================== [ 14.713210] ================================================================== [ 14.713595] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 14.713946] Write of size 8 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.714171] [ 14.714257] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.714464] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.714479] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.714501] Call Trace: [ 14.714517] <TASK> [ 14.714548] dump_stack_lvl+0x73/0xb0 [ 14.714590] print_report+0xd1/0x650 [ 14.714629] ? __virt_addr_valid+0x1db/0x2d0 [ 14.714677] ? kasan_atomics_helper+0x151d/0x5450 [ 14.714699] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.714722] ? kasan_atomics_helper+0x151d/0x5450 [ 14.714753] kasan_report+0x141/0x180 [ 14.714777] ? kasan_atomics_helper+0x151d/0x5450 [ 14.714803] kasan_check_range+0x10c/0x1c0 [ 14.714828] __kasan_check_write+0x18/0x20 [ 14.714848] kasan_atomics_helper+0x151d/0x5450 [ 14.714871] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.714894] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.714919] ? kasan_atomics+0x152/0x310 [ 14.714946] kasan_atomics+0x1dc/0x310 [ 14.714969] ? __pfx_kasan_atomics+0x10/0x10 [ 14.714994] ? __pfx_read_tsc+0x10/0x10 [ 14.715015] ? ktime_get_ts64+0x86/0x230 [ 14.715040] kunit_try_run_case+0x1a5/0x480 [ 14.715065] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.715088] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.715112] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.715136] ? __kthread_parkme+0x82/0x180 [ 14.715157] ? preempt_count_sub+0x50/0x80 [ 14.715182] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.715207] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.715230] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.715254] kthread+0x337/0x6f0 [ 14.715274] ? trace_preempt_on+0x20/0xc0 [ 14.715318] ? __pfx_kthread+0x10/0x10 [ 14.715339] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.715372] ? calculate_sigpending+0x7b/0xa0 [ 14.715396] ? __pfx_kthread+0x10/0x10 [ 14.715419] ret_from_fork+0x116/0x1d0 [ 14.715437] ? __pfx_kthread+0x10/0x10 [ 14.715458] ret_from_fork_asm+0x1a/0x30 [ 14.715506] </TASK> [ 14.715518] [ 14.723902] Allocated by task 284: [ 14.724100] kasan_save_stack+0x45/0x70 [ 14.724273] kasan_save_track+0x18/0x40 [ 14.724502] kasan_save_alloc_info+0x3b/0x50 [ 14.724722] __kasan_kmalloc+0xb7/0xc0 [ 14.724929] __kmalloc_cache_noprof+0x189/0x420 [ 14.725177] kasan_atomics+0x95/0x310 [ 14.725373] kunit_try_run_case+0x1a5/0x480 [ 14.725578] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.725825] kthread+0x337/0x6f0 [ 14.726033] ret_from_fork+0x116/0x1d0 [ 14.726164] ret_from_fork_asm+0x1a/0x30 [ 14.726540] [ 14.726651] The buggy address belongs to the object at ffff888103128480 [ 14.726651] which belongs to the cache kmalloc-64 of size 64 [ 14.727266] The buggy address is located 0 bytes to the right of [ 14.727266] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.728398] [ 14.728579] The buggy address belongs to the physical page: [ 14.728769] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.729014] flags: 0x200000000000000(node=0|zone=2) [ 14.729175] page_type: f5(slab) [ 14.729292] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.730463] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.730935] page dumped because: kasan: bad access detected [ 14.731118] [ 14.731190] Memory state around the buggy address: [ 14.731367] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.731979] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.732626] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.733254] ^ [ 14.733701] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.734240] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.734694] ================================================================== [ 14.412481] ================================================================== [ 14.412963] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 14.413202] Write of size 4 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.413473] [ 14.413586] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.413629] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.413643] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.413665] Call Trace: [ 14.413693] <TASK> [ 14.413713] dump_stack_lvl+0x73/0xb0 [ 14.413741] print_report+0xd1/0x650 [ 14.413777] ? __virt_addr_valid+0x1db/0x2d0 [ 14.413803] ? kasan_atomics_helper+0xfa9/0x5450 [ 14.413825] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.413848] ? kasan_atomics_helper+0xfa9/0x5450 [ 14.413870] kasan_report+0x141/0x180 [ 14.413892] ? kasan_atomics_helper+0xfa9/0x5450 [ 14.413919] kasan_check_range+0x10c/0x1c0 [ 14.413943] __kasan_check_write+0x18/0x20 [ 14.413963] kasan_atomics_helper+0xfa9/0x5450 [ 14.413986] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.414009] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.414035] ? kasan_atomics+0x152/0x310 [ 14.414063] kasan_atomics+0x1dc/0x310 [ 14.414085] ? __pfx_kasan_atomics+0x10/0x10 [ 14.414110] ? __pfx_read_tsc+0x10/0x10 [ 14.414131] ? ktime_get_ts64+0x86/0x230 [ 14.414157] kunit_try_run_case+0x1a5/0x480 [ 14.414182] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.414205] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.414229] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.414253] ? __kthread_parkme+0x82/0x180 [ 14.414275] ? preempt_count_sub+0x50/0x80 [ 14.414300] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.414338] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.414371] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.414395] kthread+0x337/0x6f0 [ 14.414415] ? trace_preempt_on+0x20/0xc0 [ 14.414450] ? __pfx_kthread+0x10/0x10 [ 14.414471] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.414493] ? calculate_sigpending+0x7b/0xa0 [ 14.414529] ? __pfx_kthread+0x10/0x10 [ 14.414551] ret_from_fork+0x116/0x1d0 [ 14.414571] ? __pfx_kthread+0x10/0x10 [ 14.414592] ret_from_fork_asm+0x1a/0x30 [ 14.414632] </TASK> [ 14.414645] [ 14.422663] Allocated by task 284: [ 14.422897] kasan_save_stack+0x45/0x70 [ 14.423107] kasan_save_track+0x18/0x40 [ 14.423301] kasan_save_alloc_info+0x3b/0x50 [ 14.423505] __kasan_kmalloc+0xb7/0xc0 [ 14.423640] __kmalloc_cache_noprof+0x189/0x420 [ 14.423917] kasan_atomics+0x95/0x310 [ 14.424231] kunit_try_run_case+0x1a5/0x480 [ 14.424452] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.424687] kthread+0x337/0x6f0 [ 14.424844] ret_from_fork+0x116/0x1d0 [ 14.425023] ret_from_fork_asm+0x1a/0x30 [ 14.425167] [ 14.425240] The buggy address belongs to the object at ffff888103128480 [ 14.425240] which belongs to the cache kmalloc-64 of size 64 [ 14.425601] The buggy address is located 0 bytes to the right of [ 14.425601] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.425964] [ 14.426039] The buggy address belongs to the physical page: [ 14.426249] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.426845] flags: 0x200000000000000(node=0|zone=2) [ 14.427100] page_type: f5(slab) [ 14.427271] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.427620] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.427960] page dumped because: kasan: bad access detected [ 14.428215] [ 14.428391] Memory state around the buggy address: [ 14.428558] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.428844] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.429163] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.429485] ^ [ 14.429690] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.430104] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.430440] ================================================================== [ 13.948508] ================================================================== [ 13.948952] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 13.949218] Write of size 4 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 13.949626] [ 13.949749] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.949793] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.949817] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.949838] Call Trace: [ 13.949854] <TASK> [ 13.949870] dump_stack_lvl+0x73/0xb0 [ 13.949898] print_report+0xd1/0x650 [ 13.949930] ? __virt_addr_valid+0x1db/0x2d0 [ 13.949954] ? kasan_atomics_helper+0x4b6e/0x5450 [ 13.949986] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.950009] ? kasan_atomics_helper+0x4b6e/0x5450 [ 13.950031] kasan_report+0x141/0x180 [ 13.950054] ? kasan_atomics_helper+0x4b6e/0x5450 [ 13.950090] __asan_report_store4_noabort+0x1b/0x30 [ 13.950111] kasan_atomics_helper+0x4b6e/0x5450 [ 13.950133] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.950167] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.950192] ? kasan_atomics+0x152/0x310 [ 13.950220] kasan_atomics+0x1dc/0x310 [ 13.950243] ? __pfx_kasan_atomics+0x10/0x10 [ 13.950267] ? __pfx_read_tsc+0x10/0x10 [ 13.950289] ? ktime_get_ts64+0x86/0x230 [ 13.950321] kunit_try_run_case+0x1a5/0x480 [ 13.950345] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.950383] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.950407] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.950431] ? __kthread_parkme+0x82/0x180 [ 13.950452] ? preempt_count_sub+0x50/0x80 [ 13.950477] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.950500] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.950524] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.950547] kthread+0x337/0x6f0 [ 13.950607] ? trace_preempt_on+0x20/0xc0 [ 13.950634] ? __pfx_kthread+0x10/0x10 [ 13.950655] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.950677] ? calculate_sigpending+0x7b/0xa0 [ 13.950701] ? __pfx_kthread+0x10/0x10 [ 13.950723] ret_from_fork+0x116/0x1d0 [ 13.950742] ? __pfx_kthread+0x10/0x10 [ 13.950764] ret_from_fork_asm+0x1a/0x30 [ 13.950795] </TASK> [ 13.950817] [ 13.959041] Allocated by task 284: [ 13.959271] kasan_save_stack+0x45/0x70 [ 13.959511] kasan_save_track+0x18/0x40 [ 13.959878] kasan_save_alloc_info+0x3b/0x50 [ 13.960107] __kasan_kmalloc+0xb7/0xc0 [ 13.960247] __kmalloc_cache_noprof+0x189/0x420 [ 13.960475] kasan_atomics+0x95/0x310 [ 13.960685] kunit_try_run_case+0x1a5/0x480 [ 13.961106] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.961422] kthread+0x337/0x6f0 [ 13.961703] ret_from_fork+0x116/0x1d0 [ 13.961896] ret_from_fork_asm+0x1a/0x30 [ 13.962086] [ 13.962159] The buggy address belongs to the object at ffff888103128480 [ 13.962159] which belongs to the cache kmalloc-64 of size 64 [ 13.962663] The buggy address is located 0 bytes to the right of [ 13.962663] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 13.963158] [ 13.963236] The buggy address belongs to the physical page: [ 13.963423] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 13.964128] flags: 0x200000000000000(node=0|zone=2) [ 13.964508] page_type: f5(slab) [ 13.965027] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.965432] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.966375] page dumped because: kasan: bad access detected [ 13.966753] [ 13.966935] Memory state around the buggy address: [ 13.967305] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.967683] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.968055] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.968434] ^ [ 13.968904] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.969218] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.969814] ================================================================== [ 14.517563] ================================================================== [ 14.517863] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 14.518305] Read of size 4 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.518914] [ 14.519220] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.519269] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.519283] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.519306] Call Trace: [ 14.519328] <TASK> [ 14.519360] dump_stack_lvl+0x73/0xb0 [ 14.519390] print_report+0xd1/0x650 [ 14.519415] ? __virt_addr_valid+0x1db/0x2d0 [ 14.519439] ? kasan_atomics_helper+0x4a02/0x5450 [ 14.519461] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.519495] ? kasan_atomics_helper+0x4a02/0x5450 [ 14.519517] kasan_report+0x141/0x180 [ 14.519540] ? kasan_atomics_helper+0x4a02/0x5450 [ 14.519566] __asan_report_load4_noabort+0x18/0x20 [ 14.519591] kasan_atomics_helper+0x4a02/0x5450 [ 14.519614] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.519637] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.519668] ? kasan_atomics+0x152/0x310 [ 14.519695] kasan_atomics+0x1dc/0x310 [ 14.519718] ? __pfx_kasan_atomics+0x10/0x10 [ 14.519749] ? __pfx_read_tsc+0x10/0x10 [ 14.519796] ? ktime_get_ts64+0x86/0x230 [ 14.519821] kunit_try_run_case+0x1a5/0x480 [ 14.519849] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.519872] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.519897] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.519919] ? __kthread_parkme+0x82/0x180 [ 14.519942] ? preempt_count_sub+0x50/0x80 [ 14.519967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.519993] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.520016] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.520040] kthread+0x337/0x6f0 [ 14.520060] ? trace_preempt_on+0x20/0xc0 [ 14.520085] ? __pfx_kthread+0x10/0x10 [ 14.520107] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.520128] ? calculate_sigpending+0x7b/0xa0 [ 14.520153] ? __pfx_kthread+0x10/0x10 [ 14.520175] ret_from_fork+0x116/0x1d0 [ 14.520193] ? __pfx_kthread+0x10/0x10 [ 14.520214] ret_from_fork_asm+0x1a/0x30 [ 14.520247] </TASK> [ 14.520261] [ 14.534098] Allocated by task 284: [ 14.534329] kasan_save_stack+0x45/0x70 [ 14.534491] kasan_save_track+0x18/0x40 [ 14.534624] kasan_save_alloc_info+0x3b/0x50 [ 14.534786] __kasan_kmalloc+0xb7/0xc0 [ 14.534929] __kmalloc_cache_noprof+0x189/0x420 [ 14.535151] kasan_atomics+0x95/0x310 [ 14.535357] kunit_try_run_case+0x1a5/0x480 [ 14.535553] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.535747] kthread+0x337/0x6f0 [ 14.535885] ret_from_fork+0x116/0x1d0 [ 14.536097] ret_from_fork_asm+0x1a/0x30 [ 14.536391] [ 14.536501] The buggy address belongs to the object at ffff888103128480 [ 14.536501] which belongs to the cache kmalloc-64 of size 64 [ 14.537049] The buggy address is located 0 bytes to the right of [ 14.537049] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.537527] [ 14.537603] The buggy address belongs to the physical page: [ 14.537888] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.538245] flags: 0x200000000000000(node=0|zone=2) [ 14.538466] page_type: f5(slab) [ 14.538588] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.538973] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.539328] page dumped because: kasan: bad access detected [ 14.539586] [ 14.539669] Memory state around the buggy address: [ 14.539905] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.540146] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.540413] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.540746] ^ [ 14.541036] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.541276] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.541620] ================================================================== [ 14.950062] ================================================================== [ 14.950531] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 14.950907] Write of size 8 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.951239] [ 14.951363] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.951408] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.951422] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.951443] Call Trace: [ 14.951458] <TASK> [ 14.951472] dump_stack_lvl+0x73/0xb0 [ 14.951498] print_report+0xd1/0x650 [ 14.951522] ? __virt_addr_valid+0x1db/0x2d0 [ 14.951544] ? kasan_atomics_helper+0x1c18/0x5450 [ 14.951566] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.951589] ? kasan_atomics_helper+0x1c18/0x5450 [ 14.951611] kasan_report+0x141/0x180 [ 14.951635] ? kasan_atomics_helper+0x1c18/0x5450 [ 14.951664] kasan_check_range+0x10c/0x1c0 [ 14.951699] __kasan_check_write+0x18/0x20 [ 14.951719] kasan_atomics_helper+0x1c18/0x5450 [ 14.951741] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.951785] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.951811] ? kasan_atomics+0x152/0x310 [ 14.951838] kasan_atomics+0x1dc/0x310 [ 14.951861] ? __pfx_kasan_atomics+0x10/0x10 [ 14.951886] ? __pfx_read_tsc+0x10/0x10 [ 14.951908] ? ktime_get_ts64+0x86/0x230 [ 14.951932] kunit_try_run_case+0x1a5/0x480 [ 14.951955] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.951978] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.952001] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.952024] ? __kthread_parkme+0x82/0x180 [ 14.952046] ? preempt_count_sub+0x50/0x80 [ 14.952070] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.952093] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.952117] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.952140] kthread+0x337/0x6f0 [ 14.952160] ? trace_preempt_on+0x20/0xc0 [ 14.952184] ? __pfx_kthread+0x10/0x10 [ 14.952205] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.952226] ? calculate_sigpending+0x7b/0xa0 [ 14.952251] ? __pfx_kthread+0x10/0x10 [ 14.952273] ret_from_fork+0x116/0x1d0 [ 14.952293] ? __pfx_kthread+0x10/0x10 [ 14.952313] ret_from_fork_asm+0x1a/0x30 [ 14.952353] </TASK> [ 14.952365] [ 14.959893] Allocated by task 284: [ 14.960230] kasan_save_stack+0x45/0x70 [ 14.960459] kasan_save_track+0x18/0x40 [ 14.960654] kasan_save_alloc_info+0x3b/0x50 [ 14.961032] __kasan_kmalloc+0xb7/0xc0 [ 14.961221] __kmalloc_cache_noprof+0x189/0x420 [ 14.961454] kasan_atomics+0x95/0x310 [ 14.961645] kunit_try_run_case+0x1a5/0x480 [ 14.962008] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.962205] kthread+0x337/0x6f0 [ 14.962329] ret_from_fork+0x116/0x1d0 [ 14.962479] ret_from_fork_asm+0x1a/0x30 [ 14.962620] [ 14.962692] The buggy address belongs to the object at ffff888103128480 [ 14.962692] which belongs to the cache kmalloc-64 of size 64 [ 14.963893] The buggy address is located 0 bytes to the right of [ 14.963893] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.964465] [ 14.964580] The buggy address belongs to the physical page: [ 14.964768] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.965149] flags: 0x200000000000000(node=0|zone=2) [ 14.965401] page_type: f5(slab) [ 14.965589] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.965946] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.966264] page dumped because: kasan: bad access detected [ 14.966522] [ 14.966614] Memory state around the buggy address: [ 14.966865] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.967167] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.967503] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.967824] ^ [ 14.968083] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.968415] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.968727] ================================================================== [ 15.028969] ================================================================== [ 15.029317] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 15.029655] Write of size 8 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 15.030061] [ 15.030170] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.030217] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.030242] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.030264] Call Trace: [ 15.030285] <TASK> [ 15.030304] dump_stack_lvl+0x73/0xb0 [ 15.030340] print_report+0xd1/0x650 [ 15.030383] ? __virt_addr_valid+0x1db/0x2d0 [ 15.030407] ? kasan_atomics_helper+0x1e12/0x5450 [ 15.030429] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.030453] ? kasan_atomics_helper+0x1e12/0x5450 [ 15.030475] kasan_report+0x141/0x180 [ 15.030508] ? kasan_atomics_helper+0x1e12/0x5450 [ 15.030535] kasan_check_range+0x10c/0x1c0 [ 15.030559] __kasan_check_write+0x18/0x20 [ 15.030592] kasan_atomics_helper+0x1e12/0x5450 [ 15.030616] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.030639] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.030676] ? kasan_atomics+0x152/0x310 [ 15.030704] kasan_atomics+0x1dc/0x310 [ 15.030727] ? __pfx_kasan_atomics+0x10/0x10 [ 15.030764] ? __pfx_read_tsc+0x10/0x10 [ 15.030786] ? ktime_get_ts64+0x86/0x230 [ 15.030811] kunit_try_run_case+0x1a5/0x480 [ 15.030837] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.030859] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.030895] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.030919] ? __kthread_parkme+0x82/0x180 [ 15.030941] ? preempt_count_sub+0x50/0x80 [ 15.030978] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.031002] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.031025] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.031059] kthread+0x337/0x6f0 [ 15.031079] ? trace_preempt_on+0x20/0xc0 [ 15.031103] ? __pfx_kthread+0x10/0x10 [ 15.031136] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.031158] ? calculate_sigpending+0x7b/0xa0 [ 15.031183] ? __pfx_kthread+0x10/0x10 [ 15.031216] ret_from_fork+0x116/0x1d0 [ 15.031234] ? __pfx_kthread+0x10/0x10 [ 15.031256] ret_from_fork_asm+0x1a/0x30 [ 15.031298] </TASK> [ 15.031312] [ 15.039315] Allocated by task 284: [ 15.039467] kasan_save_stack+0x45/0x70 [ 15.039704] kasan_save_track+0x18/0x40 [ 15.039897] kasan_save_alloc_info+0x3b/0x50 [ 15.040105] __kasan_kmalloc+0xb7/0xc0 [ 15.040402] __kmalloc_cache_noprof+0x189/0x420 [ 15.040625] kasan_atomics+0x95/0x310 [ 15.040830] kunit_try_run_case+0x1a5/0x480 [ 15.041036] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.041290] kthread+0x337/0x6f0 [ 15.041457] ret_from_fork+0x116/0x1d0 [ 15.041637] ret_from_fork_asm+0x1a/0x30 [ 15.041924] [ 15.042024] The buggy address belongs to the object at ffff888103128480 [ 15.042024] which belongs to the cache kmalloc-64 of size 64 [ 15.042404] The buggy address is located 0 bytes to the right of [ 15.042404] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 15.042815] [ 15.042953] The buggy address belongs to the physical page: [ 15.043229] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 15.043598] flags: 0x200000000000000(node=0|zone=2) [ 15.043933] page_type: f5(slab) [ 15.044060] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.044293] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.044559] page dumped because: kasan: bad access detected [ 15.044900] [ 15.044996] Memory state around the buggy address: [ 15.045245] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.045601] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.045952] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.046169] ^ [ 15.046330] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.046675] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.046993] ================================================================== [ 15.047585] ================================================================== [ 15.048131] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 15.048487] Write of size 8 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 15.048830] [ 15.048952] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.049011] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.049024] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.049047] Call Trace: [ 15.049066] <TASK> [ 15.049096] dump_stack_lvl+0x73/0xb0 [ 15.049125] print_report+0xd1/0x650 [ 15.049152] ? __virt_addr_valid+0x1db/0x2d0 [ 15.049177] ? kasan_atomics_helper+0x1eaa/0x5450 [ 15.049199] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.049222] ? kasan_atomics_helper+0x1eaa/0x5450 [ 15.049243] kasan_report+0x141/0x180 [ 15.049266] ? kasan_atomics_helper+0x1eaa/0x5450 [ 15.049294] kasan_check_range+0x10c/0x1c0 [ 15.049318] __kasan_check_write+0x18/0x20 [ 15.049338] kasan_atomics_helper+0x1eaa/0x5450 [ 15.049381] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.049403] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.049431] ? kasan_atomics+0x152/0x310 [ 15.049469] kasan_atomics+0x1dc/0x310 [ 15.049493] ? __pfx_kasan_atomics+0x10/0x10 [ 15.049517] ? __pfx_read_tsc+0x10/0x10 [ 15.049540] ? ktime_get_ts64+0x86/0x230 [ 15.049566] kunit_try_run_case+0x1a5/0x480 [ 15.049591] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.049614] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.049639] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.049662] ? __kthread_parkme+0x82/0x180 [ 15.049684] ? preempt_count_sub+0x50/0x80 [ 15.049709] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.049745] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.049769] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.049792] kthread+0x337/0x6f0 [ 15.049812] ? trace_preempt_on+0x20/0xc0 [ 15.049837] ? __pfx_kthread+0x10/0x10 [ 15.049867] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.049889] ? calculate_sigpending+0x7b/0xa0 [ 15.049914] ? __pfx_kthread+0x10/0x10 [ 15.049942] ret_from_fork+0x116/0x1d0 [ 15.049960] ? __pfx_kthread+0x10/0x10 [ 15.049982] ret_from_fork_asm+0x1a/0x30 [ 15.050013] </TASK> [ 15.050025] [ 15.058080] Allocated by task 284: [ 15.058272] kasan_save_stack+0x45/0x70 [ 15.058503] kasan_save_track+0x18/0x40 [ 15.058688] kasan_save_alloc_info+0x3b/0x50 [ 15.058907] __kasan_kmalloc+0xb7/0xc0 [ 15.059105] __kmalloc_cache_noprof+0x189/0x420 [ 15.059329] kasan_atomics+0x95/0x310 [ 15.059494] kunit_try_run_case+0x1a5/0x480 [ 15.059644] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.059946] kthread+0x337/0x6f0 [ 15.060152] ret_from_fork+0x116/0x1d0 [ 15.060354] ret_from_fork_asm+0x1a/0x30 [ 15.060532] [ 15.060603] The buggy address belongs to the object at ffff888103128480 [ 15.060603] which belongs to the cache kmalloc-64 of size 64 [ 15.060956] The buggy address is located 0 bytes to the right of [ 15.060956] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 15.061433] [ 15.061531] The buggy address belongs to the physical page: [ 15.061784] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 15.062305] flags: 0x200000000000000(node=0|zone=2) [ 15.063318] page_type: f5(slab) [ 15.063814] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.064223] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.064581] page dumped because: kasan: bad access detected [ 15.065432] [ 15.065530] Memory state around the buggy address: [ 15.065695] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.066182] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.066575] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.067136] ^ [ 15.067458] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.067869] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.068243] ================================================================== [ 14.077874] ================================================================== [ 14.078285] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 14.078656] Write of size 4 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.078996] [ 14.079112] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.079167] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.079181] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.079214] Call Trace: [ 14.079232] <TASK> [ 14.079249] dump_stack_lvl+0x73/0xb0 [ 14.079278] print_report+0xd1/0x650 [ 14.079302] ? __virt_addr_valid+0x1db/0x2d0 [ 14.079326] ? kasan_atomics_helper+0x5fe/0x5450 [ 14.079348] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.079382] ? kasan_atomics_helper+0x5fe/0x5450 [ 14.079404] kasan_report+0x141/0x180 [ 14.079427] ? kasan_atomics_helper+0x5fe/0x5450 [ 14.079462] kasan_check_range+0x10c/0x1c0 [ 14.079487] __kasan_check_write+0x18/0x20 [ 14.079508] kasan_atomics_helper+0x5fe/0x5450 [ 14.079542] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.079565] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.079592] ? kasan_atomics+0x152/0x310 [ 14.079619] kasan_atomics+0x1dc/0x310 [ 14.079643] ? __pfx_kasan_atomics+0x10/0x10 [ 14.079672] ? __pfx_read_tsc+0x10/0x10 [ 14.079694] ? ktime_get_ts64+0x86/0x230 [ 14.079718] kunit_try_run_case+0x1a5/0x480 [ 14.079744] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.079766] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.079789] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.079872] ? __kthread_parkme+0x82/0x180 [ 14.079896] ? preempt_count_sub+0x50/0x80 [ 14.079920] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.079955] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.079979] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.080002] kthread+0x337/0x6f0 [ 14.080034] ? trace_preempt_on+0x20/0xc0 [ 14.080059] ? __pfx_kthread+0x10/0x10 [ 14.080080] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.080101] ? calculate_sigpending+0x7b/0xa0 [ 14.080126] ? __pfx_kthread+0x10/0x10 [ 14.080148] ret_from_fork+0x116/0x1d0 [ 14.080167] ? __pfx_kthread+0x10/0x10 [ 14.080188] ret_from_fork_asm+0x1a/0x30 [ 14.080219] </TASK> [ 14.080231] [ 14.088930] Allocated by task 284: [ 14.089069] kasan_save_stack+0x45/0x70 [ 14.089231] kasan_save_track+0x18/0x40 [ 14.089435] kasan_save_alloc_info+0x3b/0x50 [ 14.089653] __kasan_kmalloc+0xb7/0xc0 [ 14.090095] __kmalloc_cache_noprof+0x189/0x420 [ 14.090314] kasan_atomics+0x95/0x310 [ 14.090505] kunit_try_run_case+0x1a5/0x480 [ 14.090765] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.091065] kthread+0x337/0x6f0 [ 14.091193] ret_from_fork+0x116/0x1d0 [ 14.091325] ret_from_fork_asm+0x1a/0x30 [ 14.091471] [ 14.091579] The buggy address belongs to the object at ffff888103128480 [ 14.091579] which belongs to the cache kmalloc-64 of size 64 [ 14.092130] The buggy address is located 0 bytes to the right of [ 14.092130] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.092547] [ 14.092622] The buggy address belongs to the physical page: [ 14.093077] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.093468] flags: 0x200000000000000(node=0|zone=2) [ 14.093734] page_type: f5(slab) [ 14.093998] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.094321] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.094723] page dumped because: kasan: bad access detected [ 14.094947] [ 14.095095] Memory state around the buggy address: [ 14.095304] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.095626] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.096199] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.096519] ^ [ 14.096672] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.096879] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.097213] ================================================================== [ 15.238073] ================================================================== [ 15.238631] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 15.238993] Write of size 8 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 15.239303] [ 15.239414] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.239458] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.239471] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.239493] Call Trace: [ 15.239509] <TASK> [ 15.239526] dump_stack_lvl+0x73/0xb0 [ 15.239556] print_report+0xd1/0x650 [ 15.239579] ? __virt_addr_valid+0x1db/0x2d0 [ 15.239603] ? kasan_atomics_helper+0x224c/0x5450 [ 15.239625] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.239647] ? kasan_atomics_helper+0x224c/0x5450 [ 15.239675] kasan_report+0x141/0x180 [ 15.239699] ? kasan_atomics_helper+0x224c/0x5450 [ 15.239728] kasan_check_range+0x10c/0x1c0 [ 15.239752] __kasan_check_write+0x18/0x20 [ 15.239773] kasan_atomics_helper+0x224c/0x5450 [ 15.239796] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.239819] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.239844] ? kasan_atomics+0x152/0x310 [ 15.239871] kasan_atomics+0x1dc/0x310 [ 15.239895] ? __pfx_kasan_atomics+0x10/0x10 [ 15.239921] ? __pfx_read_tsc+0x10/0x10 [ 15.239942] ? ktime_get_ts64+0x86/0x230 [ 15.239967] kunit_try_run_case+0x1a5/0x480 [ 15.239992] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.240015] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.240040] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.240063] ? __kthread_parkme+0x82/0x180 [ 15.240085] ? preempt_count_sub+0x50/0x80 [ 15.240110] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.240135] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.240160] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.240184] kthread+0x337/0x6f0 [ 15.240205] ? trace_preempt_on+0x20/0xc0 [ 15.240229] ? __pfx_kthread+0x10/0x10 [ 15.240251] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.240272] ? calculate_sigpending+0x7b/0xa0 [ 15.240296] ? __pfx_kthread+0x10/0x10 [ 15.240319] ret_from_fork+0x116/0x1d0 [ 15.240337] ? __pfx_kthread+0x10/0x10 [ 15.240368] ret_from_fork_asm+0x1a/0x30 [ 15.240400] </TASK> [ 15.240412] [ 15.247660] Allocated by task 284: [ 15.247851] kasan_save_stack+0x45/0x70 [ 15.248053] kasan_save_track+0x18/0x40 [ 15.248223] kasan_save_alloc_info+0x3b/0x50 [ 15.248409] __kasan_kmalloc+0xb7/0xc0 [ 15.248551] __kmalloc_cache_noprof+0x189/0x420 [ 15.248799] kasan_atomics+0x95/0x310 [ 15.248989] kunit_try_run_case+0x1a5/0x480 [ 15.249136] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.249333] kthread+0x337/0x6f0 [ 15.249519] ret_from_fork+0x116/0x1d0 [ 15.249708] ret_from_fork_asm+0x1a/0x30 [ 15.249921] [ 15.250006] The buggy address belongs to the object at ffff888103128480 [ 15.250006] which belongs to the cache kmalloc-64 of size 64 [ 15.250368] The buggy address is located 0 bytes to the right of [ 15.250368] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 15.251030] [ 15.251222] The buggy address belongs to the physical page: [ 15.251461] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 15.251706] flags: 0x200000000000000(node=0|zone=2) [ 15.251869] page_type: f5(slab) [ 15.251988] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.252326] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.252676] page dumped because: kasan: bad access detected [ 15.252924] [ 15.253019] Memory state around the buggy address: [ 15.253249] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.253576] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.253926] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.254158] ^ [ 15.254320] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.254649] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.255068] ================================================================== [ 14.843905] ================================================================== [ 14.844431] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 14.845075] Write of size 8 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.845450] [ 14.845583] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.845626] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.845638] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.845660] Call Trace: [ 14.845676] <TASK> [ 14.845692] dump_stack_lvl+0x73/0xb0 [ 14.845719] print_report+0xd1/0x650 [ 14.845742] ? __virt_addr_valid+0x1db/0x2d0 [ 14.845766] ? kasan_atomics_helper+0x18b1/0x5450 [ 14.845787] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.845810] ? kasan_atomics_helper+0x18b1/0x5450 [ 14.845832] kasan_report+0x141/0x180 [ 14.845854] ? kasan_atomics_helper+0x18b1/0x5450 [ 14.845881] kasan_check_range+0x10c/0x1c0 [ 14.845905] __kasan_check_write+0x18/0x20 [ 14.845924] kasan_atomics_helper+0x18b1/0x5450 [ 14.845948] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.845970] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.845996] ? kasan_atomics+0x152/0x310 [ 14.846023] kasan_atomics+0x1dc/0x310 [ 14.846048] ? __pfx_kasan_atomics+0x10/0x10 [ 14.846086] ? __pfx_read_tsc+0x10/0x10 [ 14.846107] ? ktime_get_ts64+0x86/0x230 [ 14.846132] kunit_try_run_case+0x1a5/0x480 [ 14.846169] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.846192] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.846217] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.846240] ? __kthread_parkme+0x82/0x180 [ 14.846262] ? preempt_count_sub+0x50/0x80 [ 14.846288] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.846312] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.846337] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.846368] kthread+0x337/0x6f0 [ 14.846388] ? trace_preempt_on+0x20/0xc0 [ 14.846413] ? __pfx_kthread+0x10/0x10 [ 14.846434] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.846455] ? calculate_sigpending+0x7b/0xa0 [ 14.846489] ? __pfx_kthread+0x10/0x10 [ 14.846511] ret_from_fork+0x116/0x1d0 [ 14.846530] ? __pfx_kthread+0x10/0x10 [ 14.846562] ret_from_fork_asm+0x1a/0x30 [ 14.846594] </TASK> [ 14.846605] [ 14.855777] Allocated by task 284: [ 14.855953] kasan_save_stack+0x45/0x70 [ 14.856131] kasan_save_track+0x18/0x40 [ 14.856549] kasan_save_alloc_info+0x3b/0x50 [ 14.857095] __kasan_kmalloc+0xb7/0xc0 [ 14.857495] __kmalloc_cache_noprof+0x189/0x420 [ 14.857838] kasan_atomics+0x95/0x310 [ 14.858119] kunit_try_run_case+0x1a5/0x480 [ 14.858534] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.858713] kthread+0x337/0x6f0 [ 14.858858] ret_from_fork+0x116/0x1d0 [ 14.859212] ret_from_fork_asm+0x1a/0x30 [ 14.859589] [ 14.859751] The buggy address belongs to the object at ffff888103128480 [ 14.859751] which belongs to the cache kmalloc-64 of size 64 [ 14.860572] The buggy address is located 0 bytes to the right of [ 14.860572] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.861420] [ 14.861495] The buggy address belongs to the physical page: [ 14.861669] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.862296] flags: 0x200000000000000(node=0|zone=2) [ 14.862763] page_type: f5(slab) [ 14.863080] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.863749] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.864413] page dumped because: kasan: bad access detected [ 14.864939] [ 14.865096] Memory state around the buggy address: [ 14.865428] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.865648] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.866152] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.866793] ^ [ 14.867230] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.867873] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.868560] ================================================================== [ 15.192035] ================================================================== [ 15.192376] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 15.193123] Write of size 8 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 15.193514] [ 15.193634] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.193804] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.193820] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.193843] Call Trace: [ 15.193865] <TASK> [ 15.193885] dump_stack_lvl+0x73/0xb0 [ 15.193915] print_report+0xd1/0x650 [ 15.193940] ? __virt_addr_valid+0x1db/0x2d0 [ 15.193965] ? kasan_atomics_helper+0x218a/0x5450 [ 15.193987] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.194010] ? kasan_atomics_helper+0x218a/0x5450 [ 15.194032] kasan_report+0x141/0x180 [ 15.194055] ? kasan_atomics_helper+0x218a/0x5450 [ 15.194083] kasan_check_range+0x10c/0x1c0 [ 15.194107] __kasan_check_write+0x18/0x20 [ 15.194128] kasan_atomics_helper+0x218a/0x5450 [ 15.194152] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.194175] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.194201] ? kasan_atomics+0x152/0x310 [ 15.194229] kasan_atomics+0x1dc/0x310 [ 15.194252] ? __pfx_kasan_atomics+0x10/0x10 [ 15.194277] ? __pfx_read_tsc+0x10/0x10 [ 15.194299] ? ktime_get_ts64+0x86/0x230 [ 15.194324] kunit_try_run_case+0x1a5/0x480 [ 15.194362] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.194385] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.194410] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.194434] ? __kthread_parkme+0x82/0x180 [ 15.194456] ? preempt_count_sub+0x50/0x80 [ 15.194481] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.194506] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.194529] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.194553] kthread+0x337/0x6f0 [ 15.194574] ? trace_preempt_on+0x20/0xc0 [ 15.194598] ? __pfx_kthread+0x10/0x10 [ 15.194620] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.194642] ? calculate_sigpending+0x7b/0xa0 [ 15.194666] ? __pfx_kthread+0x10/0x10 [ 15.194688] ret_from_fork+0x116/0x1d0 [ 15.194707] ? __pfx_kthread+0x10/0x10 [ 15.194728] ret_from_fork_asm+0x1a/0x30 [ 15.194761] </TASK> [ 15.194774] [ 15.204566] Allocated by task 284: [ 15.204713] kasan_save_stack+0x45/0x70 [ 15.205226] kasan_save_track+0x18/0x40 [ 15.205405] kasan_save_alloc_info+0x3b/0x50 [ 15.205765] __kasan_kmalloc+0xb7/0xc0 [ 15.205959] __kmalloc_cache_noprof+0x189/0x420 [ 15.206282] kasan_atomics+0x95/0x310 [ 15.206560] kunit_try_run_case+0x1a5/0x480 [ 15.206905] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.207145] kthread+0x337/0x6f0 [ 15.207306] ret_from_fork+0x116/0x1d0 [ 15.207506] ret_from_fork_asm+0x1a/0x30 [ 15.207702] [ 15.208054] The buggy address belongs to the object at ffff888103128480 [ 15.208054] which belongs to the cache kmalloc-64 of size 64 [ 15.208584] The buggy address is located 0 bytes to the right of [ 15.208584] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 15.209389] [ 15.209500] The buggy address belongs to the physical page: [ 15.209849] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 15.210227] flags: 0x200000000000000(node=0|zone=2) [ 15.210534] page_type: f5(slab) [ 15.210706] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.211152] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.211540] page dumped because: kasan: bad access detected [ 15.211921] [ 15.212091] Memory state around the buggy address: [ 15.212289] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.212602] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.213146] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.213529] ^ [ 15.213716] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.214142] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.214527] ================================================================== [ 13.907609] ================================================================== [ 13.907993] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 13.908337] Write of size 4 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 13.908646] [ 13.908996] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.909065] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.909076] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.909096] Call Trace: [ 13.909108] <TASK> [ 13.909123] dump_stack_lvl+0x73/0xb0 [ 13.909164] print_report+0xd1/0x650 [ 13.909187] ? __virt_addr_valid+0x1db/0x2d0 [ 13.909208] ? kasan_atomics_helper+0x4ba2/0x5450 [ 13.909229] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.909249] ? kasan_atomics_helper+0x4ba2/0x5450 [ 13.909269] kasan_report+0x141/0x180 [ 13.909291] ? kasan_atomics_helper+0x4ba2/0x5450 [ 13.909323] __asan_report_store4_noabort+0x1b/0x30 [ 13.909343] kasan_atomics_helper+0x4ba2/0x5450 [ 13.909379] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.909402] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.909426] ? kasan_atomics+0x152/0x310 [ 13.909452] kasan_atomics+0x1dc/0x310 [ 13.909474] ? __pfx_kasan_atomics+0x10/0x10 [ 13.909497] ? __pfx_read_tsc+0x10/0x10 [ 13.909518] ? ktime_get_ts64+0x86/0x230 [ 13.909541] kunit_try_run_case+0x1a5/0x480 [ 13.909564] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.909640] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.909668] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.909690] ? __kthread_parkme+0x82/0x180 [ 13.909722] ? preempt_count_sub+0x50/0x80 [ 13.909745] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.909768] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.909791] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.909814] kthread+0x337/0x6f0 [ 13.909832] ? trace_preempt_on+0x20/0xc0 [ 13.909856] ? __pfx_kthread+0x10/0x10 [ 13.909876] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.909896] ? calculate_sigpending+0x7b/0xa0 [ 13.909919] ? __pfx_kthread+0x10/0x10 [ 13.909939] ret_from_fork+0x116/0x1d0 [ 13.909957] ? __pfx_kthread+0x10/0x10 [ 13.909976] ret_from_fork_asm+0x1a/0x30 [ 13.910006] </TASK> [ 13.910017] [ 13.918899] Allocated by task 284: [ 13.919039] kasan_save_stack+0x45/0x70 [ 13.919239] kasan_save_track+0x18/0x40 [ 13.919634] kasan_save_alloc_info+0x3b/0x50 [ 13.919871] __kasan_kmalloc+0xb7/0xc0 [ 13.920005] __kmalloc_cache_noprof+0x189/0x420 [ 13.920158] kasan_atomics+0x95/0x310 [ 13.920343] kunit_try_run_case+0x1a5/0x480 [ 13.920566] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.920873] kthread+0x337/0x6f0 [ 13.921200] ret_from_fork+0x116/0x1d0 [ 13.921507] ret_from_fork_asm+0x1a/0x30 [ 13.921855] [ 13.921933] The buggy address belongs to the object at ffff888103128480 [ 13.921933] which belongs to the cache kmalloc-64 of size 64 [ 13.922360] The buggy address is located 0 bytes to the right of [ 13.922360] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 13.922873] [ 13.922984] The buggy address belongs to the physical page: [ 13.923534] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 13.923961] flags: 0x200000000000000(node=0|zone=2) [ 13.924181] page_type: f5(slab) [ 13.924303] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.924550] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.924993] page dumped because: kasan: bad access detected [ 13.925280] [ 13.925394] Memory state around the buggy address: [ 13.925719] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.926019] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.926339] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.926759] ^ [ 13.926969] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.927283] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.927566] ================================================================== [ 15.146017] ================================================================== [ 15.146980] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 15.147336] Write of size 8 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 15.147836] [ 15.147954] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.147998] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.148011] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.148034] Call Trace: [ 15.148054] <TASK> [ 15.148073] dump_stack_lvl+0x73/0xb0 [ 15.148101] print_report+0xd1/0x650 [ 15.148127] ? __virt_addr_valid+0x1db/0x2d0 [ 15.148150] ? kasan_atomics_helper+0x20c8/0x5450 [ 15.148172] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.148194] ? kasan_atomics_helper+0x20c8/0x5450 [ 15.148216] kasan_report+0x141/0x180 [ 15.148239] ? kasan_atomics_helper+0x20c8/0x5450 [ 15.148266] kasan_check_range+0x10c/0x1c0 [ 15.148290] __kasan_check_write+0x18/0x20 [ 15.148310] kasan_atomics_helper+0x20c8/0x5450 [ 15.148333] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.148367] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.148393] ? kasan_atomics+0x152/0x310 [ 15.148420] kasan_atomics+0x1dc/0x310 [ 15.148444] ? __pfx_kasan_atomics+0x10/0x10 [ 15.148470] ? __pfx_read_tsc+0x10/0x10 [ 15.148492] ? ktime_get_ts64+0x86/0x230 [ 15.148517] kunit_try_run_case+0x1a5/0x480 [ 15.148541] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.148564] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.148590] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.148614] ? __kthread_parkme+0x82/0x180 [ 15.148636] ? preempt_count_sub+0x50/0x80 [ 15.148661] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.148686] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.148710] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.148734] kthread+0x337/0x6f0 [ 15.148753] ? trace_preempt_on+0x20/0xc0 [ 15.148779] ? __pfx_kthread+0x10/0x10 [ 15.148800] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.148822] ? calculate_sigpending+0x7b/0xa0 [ 15.148847] ? __pfx_kthread+0x10/0x10 [ 15.148880] ret_from_fork+0x116/0x1d0 [ 15.148899] ? __pfx_kthread+0x10/0x10 [ 15.148921] ret_from_fork_asm+0x1a/0x30 [ 15.148952] </TASK> [ 15.148964] [ 15.158467] Allocated by task 284: [ 15.158755] kasan_save_stack+0x45/0x70 [ 15.158941] kasan_save_track+0x18/0x40 [ 15.159126] kasan_save_alloc_info+0x3b/0x50 [ 15.159324] __kasan_kmalloc+0xb7/0xc0 [ 15.159510] __kmalloc_cache_noprof+0x189/0x420 [ 15.159719] kasan_atomics+0x95/0x310 [ 15.160267] kunit_try_run_case+0x1a5/0x480 [ 15.160444] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.160832] kthread+0x337/0x6f0 [ 15.161081] ret_from_fork+0x116/0x1d0 [ 15.161305] ret_from_fork_asm+0x1a/0x30 [ 15.161523] [ 15.161747] The buggy address belongs to the object at ffff888103128480 [ 15.161747] which belongs to the cache kmalloc-64 of size 64 [ 15.162323] The buggy address is located 0 bytes to the right of [ 15.162323] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 15.162855] [ 15.163028] The buggy address belongs to the physical page: [ 15.163328] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 15.163708] flags: 0x200000000000000(node=0|zone=2) [ 15.164156] page_type: f5(slab) [ 15.164304] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.164713] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.165025] page dumped because: kasan: bad access detected [ 15.165364] [ 15.165465] Memory state around the buggy address: [ 15.165834] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.166274] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.166561] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.166978] ^ [ 15.167181] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.167604] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.167991] ================================================================== [ 14.618402] ================================================================== [ 14.618678] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 14.619297] Read of size 8 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.619677] [ 14.619822] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.619893] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.619906] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.619928] Call Trace: [ 14.619947] <TASK> [ 14.619965] dump_stack_lvl+0x73/0xb0 [ 14.619994] print_report+0xd1/0x650 [ 14.620017] ? __virt_addr_valid+0x1db/0x2d0 [ 14.620041] ? kasan_atomics_helper+0x13b5/0x5450 [ 14.620062] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.620117] ? kasan_atomics_helper+0x13b5/0x5450 [ 14.620140] kasan_report+0x141/0x180 [ 14.620163] ? kasan_atomics_helper+0x13b5/0x5450 [ 14.620189] kasan_check_range+0x10c/0x1c0 [ 14.620213] __kasan_check_read+0x15/0x20 [ 14.620233] kasan_atomics_helper+0x13b5/0x5450 [ 14.620256] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.620279] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.620306] ? kasan_atomics+0x152/0x310 [ 14.620369] kasan_atomics+0x1dc/0x310 [ 14.620392] ? __pfx_kasan_atomics+0x10/0x10 [ 14.620418] ? __pfx_read_tsc+0x10/0x10 [ 14.620439] ? ktime_get_ts64+0x86/0x230 [ 14.620465] kunit_try_run_case+0x1a5/0x480 [ 14.620488] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.620512] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.620536] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.620559] ? __kthread_parkme+0x82/0x180 [ 14.620581] ? preempt_count_sub+0x50/0x80 [ 14.620605] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.620629] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.620653] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.620676] kthread+0x337/0x6f0 [ 14.620696] ? trace_preempt_on+0x20/0xc0 [ 14.620720] ? __pfx_kthread+0x10/0x10 [ 14.620752] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.620775] ? calculate_sigpending+0x7b/0xa0 [ 14.620799] ? __pfx_kthread+0x10/0x10 [ 14.620821] ret_from_fork+0x116/0x1d0 [ 14.620840] ? __pfx_kthread+0x10/0x10 [ 14.620862] ret_from_fork_asm+0x1a/0x30 [ 14.620893] </TASK> [ 14.620905] [ 14.631275] Allocated by task 284: [ 14.631463] kasan_save_stack+0x45/0x70 [ 14.631652] kasan_save_track+0x18/0x40 [ 14.632254] kasan_save_alloc_info+0x3b/0x50 [ 14.632483] __kasan_kmalloc+0xb7/0xc0 [ 14.632941] __kmalloc_cache_noprof+0x189/0x420 [ 14.633151] kasan_atomics+0x95/0x310 [ 14.633323] kunit_try_run_case+0x1a5/0x480 [ 14.633477] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.633810] kthread+0x337/0x6f0 [ 14.634090] ret_from_fork+0x116/0x1d0 [ 14.634242] ret_from_fork_asm+0x1a/0x30 [ 14.634488] [ 14.634616] The buggy address belongs to the object at ffff888103128480 [ 14.634616] which belongs to the cache kmalloc-64 of size 64 [ 14.635227] The buggy address is located 0 bytes to the right of [ 14.635227] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.635858] [ 14.635948] The buggy address belongs to the physical page: [ 14.636236] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.636526] flags: 0x200000000000000(node=0|zone=2) [ 14.636774] page_type: f5(slab) [ 14.637008] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.637359] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.637692] page dumped because: kasan: bad access detected [ 14.638034] [ 14.638169] Memory state around the buggy address: [ 14.638335] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.638676] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.639115] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.639445] ^ [ 14.639690] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.639992] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.640339] ================================================================== [ 14.139174] ================================================================== [ 14.139693] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 14.140152] Write of size 4 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.140483] [ 14.140673] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.140733] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.140746] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.140768] Call Trace: [ 14.140785] <TASK> [ 14.140825] dump_stack_lvl+0x73/0xb0 [ 14.140855] print_report+0xd1/0x650 [ 14.140879] ? __virt_addr_valid+0x1db/0x2d0 [ 14.140914] ? kasan_atomics_helper+0x7c7/0x5450 [ 14.140936] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.140959] ? kasan_atomics_helper+0x7c7/0x5450 [ 14.140982] kasan_report+0x141/0x180 [ 14.141004] ? kasan_atomics_helper+0x7c7/0x5450 [ 14.141031] kasan_check_range+0x10c/0x1c0 [ 14.141087] __kasan_check_write+0x18/0x20 [ 14.141107] kasan_atomics_helper+0x7c7/0x5450 [ 14.141143] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.141167] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.141194] ? kasan_atomics+0x152/0x310 [ 14.141221] kasan_atomics+0x1dc/0x310 [ 14.141245] ? __pfx_kasan_atomics+0x10/0x10 [ 14.141270] ? __pfx_read_tsc+0x10/0x10 [ 14.141291] ? ktime_get_ts64+0x86/0x230 [ 14.141316] kunit_try_run_case+0x1a5/0x480 [ 14.141341] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.141374] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.141399] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.141422] ? __kthread_parkme+0x82/0x180 [ 14.141444] ? preempt_count_sub+0x50/0x80 [ 14.141468] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.141491] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.141515] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.141538] kthread+0x337/0x6f0 [ 14.141629] ? trace_preempt_on+0x20/0xc0 [ 14.141668] ? __pfx_kthread+0x10/0x10 [ 14.141689] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.141711] ? calculate_sigpending+0x7b/0xa0 [ 14.141735] ? __pfx_kthread+0x10/0x10 [ 14.141767] ret_from_fork+0x116/0x1d0 [ 14.141786] ? __pfx_kthread+0x10/0x10 [ 14.141807] ret_from_fork_asm+0x1a/0x30 [ 14.141839] </TASK> [ 14.141851] [ 14.151763] Allocated by task 284: [ 14.152167] kasan_save_stack+0x45/0x70 [ 14.152318] kasan_save_track+0x18/0x40 [ 14.152462] kasan_save_alloc_info+0x3b/0x50 [ 14.152714] __kasan_kmalloc+0xb7/0xc0 [ 14.153189] __kmalloc_cache_noprof+0x189/0x420 [ 14.153638] kasan_atomics+0x95/0x310 [ 14.154142] kunit_try_run_case+0x1a5/0x480 [ 14.154608] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.155126] kthread+0x337/0x6f0 [ 14.155306] ret_from_fork+0x116/0x1d0 [ 14.155574] ret_from_fork_asm+0x1a/0x30 [ 14.156183] [ 14.156346] The buggy address belongs to the object at ffff888103128480 [ 14.156346] which belongs to the cache kmalloc-64 of size 64 [ 14.157252] The buggy address is located 0 bytes to the right of [ 14.157252] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.158133] [ 14.158330] The buggy address belongs to the physical page: [ 14.158924] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.159257] flags: 0x200000000000000(node=0|zone=2) [ 14.159437] page_type: f5(slab) [ 14.159561] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.160277] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.161172] page dumped because: kasan: bad access detected [ 14.161745] [ 14.161983] Memory state around the buggy address: [ 14.162424] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.163163] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.163526] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.164285] ^ [ 14.164677] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.165030] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.165258] ================================================================== [ 15.168642] ================================================================== [ 15.168948] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 15.169292] Read of size 8 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 15.170241] [ 15.170441] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.170491] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.170504] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.170527] Call Trace: [ 15.170545] <TASK> [ 15.170629] dump_stack_lvl+0x73/0xb0 [ 15.170663] print_report+0xd1/0x650 [ 15.170689] ? __virt_addr_valid+0x1db/0x2d0 [ 15.170714] ? kasan_atomics_helper+0x4fb2/0x5450 [ 15.170748] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.170771] ? kasan_atomics_helper+0x4fb2/0x5450 [ 15.170793] kasan_report+0x141/0x180 [ 15.170816] ? kasan_atomics_helper+0x4fb2/0x5450 [ 15.170842] __asan_report_load8_noabort+0x18/0x20 [ 15.170867] kasan_atomics_helper+0x4fb2/0x5450 [ 15.170890] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.170913] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.170939] ? kasan_atomics+0x152/0x310 [ 15.170966] kasan_atomics+0x1dc/0x310 [ 15.170988] ? __pfx_kasan_atomics+0x10/0x10 [ 15.171013] ? __pfx_read_tsc+0x10/0x10 [ 15.171035] ? ktime_get_ts64+0x86/0x230 [ 15.171059] kunit_try_run_case+0x1a5/0x480 [ 15.171084] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.171108] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.171132] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.171156] ? __kthread_parkme+0x82/0x180 [ 15.171178] ? preempt_count_sub+0x50/0x80 [ 15.171202] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.171226] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.171249] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.171273] kthread+0x337/0x6f0 [ 15.171293] ? trace_preempt_on+0x20/0xc0 [ 15.171317] ? __pfx_kthread+0x10/0x10 [ 15.171339] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.171373] ? calculate_sigpending+0x7b/0xa0 [ 15.171398] ? __pfx_kthread+0x10/0x10 [ 15.171421] ret_from_fork+0x116/0x1d0 [ 15.171440] ? __pfx_kthread+0x10/0x10 [ 15.171462] ret_from_fork_asm+0x1a/0x30 [ 15.171495] </TASK> [ 15.171507] [ 15.181186] Allocated by task 284: [ 15.181505] kasan_save_stack+0x45/0x70 [ 15.181713] kasan_save_track+0x18/0x40 [ 15.182051] kasan_save_alloc_info+0x3b/0x50 [ 15.182322] __kasan_kmalloc+0xb7/0xc0 [ 15.182488] __kmalloc_cache_noprof+0x189/0x420 [ 15.182930] kasan_atomics+0x95/0x310 [ 15.183116] kunit_try_run_case+0x1a5/0x480 [ 15.183428] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.183676] kthread+0x337/0x6f0 [ 15.184043] ret_from_fork+0x116/0x1d0 [ 15.184217] ret_from_fork_asm+0x1a/0x30 [ 15.184521] [ 15.184623] The buggy address belongs to the object at ffff888103128480 [ 15.184623] which belongs to the cache kmalloc-64 of size 64 [ 15.185249] The buggy address is located 0 bytes to the right of [ 15.185249] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 15.185760] [ 15.186128] The buggy address belongs to the physical page: [ 15.186399] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 15.186823] flags: 0x200000000000000(node=0|zone=2) [ 15.187050] page_type: f5(slab) [ 15.187334] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.187749] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.188170] page dumped because: kasan: bad access detected [ 15.188489] [ 15.188567] Memory state around the buggy address: [ 15.188851] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.189271] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.189652] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.190000] ^ [ 15.190328] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.190641] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.191055] ================================================================== [ 14.931849] ================================================================== [ 14.932269] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 14.932714] Write of size 8 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.933006] [ 14.933093] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.933134] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.933147] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.933168] Call Trace: [ 14.933184] <TASK> [ 14.933219] dump_stack_lvl+0x73/0xb0 [ 14.933246] print_report+0xd1/0x650 [ 14.933270] ? __virt_addr_valid+0x1db/0x2d0 [ 14.933294] ? kasan_atomics_helper+0x1b22/0x5450 [ 14.933316] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.933338] ? kasan_atomics_helper+0x1b22/0x5450 [ 14.933372] kasan_report+0x141/0x180 [ 14.933405] ? kasan_atomics_helper+0x1b22/0x5450 [ 14.933430] kasan_check_range+0x10c/0x1c0 [ 14.933466] __kasan_check_write+0x18/0x20 [ 14.933486] kasan_atomics_helper+0x1b22/0x5450 [ 14.933509] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.933531] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.933557] ? kasan_atomics+0x152/0x310 [ 14.933593] kasan_atomics+0x1dc/0x310 [ 14.933617] ? __pfx_kasan_atomics+0x10/0x10 [ 14.933651] ? __pfx_read_tsc+0x10/0x10 [ 14.933672] ? ktime_get_ts64+0x86/0x230 [ 14.933696] kunit_try_run_case+0x1a5/0x480 [ 14.933730] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.933754] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.933778] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.933811] ? __kthread_parkme+0x82/0x180 [ 14.933832] ? preempt_count_sub+0x50/0x80 [ 14.933856] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.933880] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.933903] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.933935] kthread+0x337/0x6f0 [ 14.933954] ? trace_preempt_on+0x20/0xc0 [ 14.933979] ? __pfx_kthread+0x10/0x10 [ 14.934011] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.934033] ? calculate_sigpending+0x7b/0xa0 [ 14.934058] ? __pfx_kthread+0x10/0x10 [ 14.934088] ret_from_fork+0x116/0x1d0 [ 14.934107] ? __pfx_kthread+0x10/0x10 [ 14.934128] ret_from_fork_asm+0x1a/0x30 [ 14.934169] </TASK> [ 14.934183] [ 14.941975] Allocated by task 284: [ 14.942166] kasan_save_stack+0x45/0x70 [ 14.942381] kasan_save_track+0x18/0x40 [ 14.942563] kasan_save_alloc_info+0x3b/0x50 [ 14.942784] __kasan_kmalloc+0xb7/0xc0 [ 14.942973] __kmalloc_cache_noprof+0x189/0x420 [ 14.943192] kasan_atomics+0x95/0x310 [ 14.943368] kunit_try_run_case+0x1a5/0x480 [ 14.943559] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.943741] kthread+0x337/0x6f0 [ 14.943865] ret_from_fork+0x116/0x1d0 [ 14.943999] ret_from_fork_asm+0x1a/0x30 [ 14.944139] [ 14.944211] The buggy address belongs to the object at ffff888103128480 [ 14.944211] which belongs to the cache kmalloc-64 of size 64 [ 14.944652] The buggy address is located 0 bytes to the right of [ 14.944652] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.945274] [ 14.945381] The buggy address belongs to the physical page: [ 14.945634] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.946004] flags: 0x200000000000000(node=0|zone=2) [ 14.946240] page_type: f5(slab) [ 14.946420] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.946681] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.947225] page dumped because: kasan: bad access detected [ 14.947502] [ 14.947575] Memory state around the buggy address: [ 14.947739] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.948074] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.948430] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.948755] ^ [ 14.948930] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.949147] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.949421] ================================================================== [ 15.009671] ================================================================== [ 15.010577] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 15.010820] Write of size 8 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 15.011209] [ 15.011327] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.011381] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.011394] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.011426] Call Trace: [ 15.011444] <TASK> [ 15.011462] dump_stack_lvl+0x73/0xb0 [ 15.011503] print_report+0xd1/0x650 [ 15.011526] ? __virt_addr_valid+0x1db/0x2d0 [ 15.011550] ? kasan_atomics_helper+0x1d7a/0x5450 [ 15.011572] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.011595] ? kasan_atomics_helper+0x1d7a/0x5450 [ 15.011618] kasan_report+0x141/0x180 [ 15.011641] ? kasan_atomics_helper+0x1d7a/0x5450 [ 15.011674] kasan_check_range+0x10c/0x1c0 [ 15.011698] __kasan_check_write+0x18/0x20 [ 15.011718] kasan_atomics_helper+0x1d7a/0x5450 [ 15.011752] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.011774] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.011801] ? kasan_atomics+0x152/0x310 [ 15.011828] kasan_atomics+0x1dc/0x310 [ 15.011851] ? __pfx_kasan_atomics+0x10/0x10 [ 15.011876] ? __pfx_read_tsc+0x10/0x10 [ 15.011897] ? ktime_get_ts64+0x86/0x230 [ 15.011923] kunit_try_run_case+0x1a5/0x480 [ 15.011958] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.011980] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.012005] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.012038] ? __kthread_parkme+0x82/0x180 [ 15.012059] ? preempt_count_sub+0x50/0x80 [ 15.012083] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.012108] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.012131] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.012154] kthread+0x337/0x6f0 [ 15.012175] ? trace_preempt_on+0x20/0xc0 [ 15.012199] ? __pfx_kthread+0x10/0x10 [ 15.012221] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.012242] ? calculate_sigpending+0x7b/0xa0 [ 15.012267] ? __pfx_kthread+0x10/0x10 [ 15.012290] ret_from_fork+0x116/0x1d0 [ 15.012309] ? __pfx_kthread+0x10/0x10 [ 15.012330] ret_from_fork_asm+0x1a/0x30 [ 15.012381] </TASK> [ 15.012393] [ 15.019973] Allocated by task 284: [ 15.020165] kasan_save_stack+0x45/0x70 [ 15.020335] kasan_save_track+0x18/0x40 [ 15.020558] kasan_save_alloc_info+0x3b/0x50 [ 15.020710] __kasan_kmalloc+0xb7/0xc0 [ 15.020843] __kmalloc_cache_noprof+0x189/0x420 [ 15.021014] kasan_atomics+0x95/0x310 [ 15.021184] kunit_try_run_case+0x1a5/0x480 [ 15.021356] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.021629] kthread+0x337/0x6f0 [ 15.021820] ret_from_fork+0x116/0x1d0 [ 15.022037] ret_from_fork_asm+0x1a/0x30 [ 15.022205] [ 15.022278] The buggy address belongs to the object at ffff888103128480 [ 15.022278] which belongs to the cache kmalloc-64 of size 64 [ 15.022665] The buggy address is located 0 bytes to the right of [ 15.022665] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 15.023208] [ 15.023319] The buggy address belongs to the physical page: [ 15.023621] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 15.023921] flags: 0x200000000000000(node=0|zone=2) [ 15.024087] page_type: f5(slab) [ 15.024212] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.024545] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.025130] page dumped because: kasan: bad access detected [ 15.025402] [ 15.025490] Memory state around the buggy address: [ 15.025718] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.026029] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.026356] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.026657] ^ [ 15.026929] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.027242] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.027562] ================================================================== [ 14.735809] ================================================================== [ 14.736206] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 14.736855] Write of size 8 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.737357] [ 14.737449] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.737494] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.737507] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.737530] Call Trace: [ 14.737547] <TASK> [ 14.737563] dump_stack_lvl+0x73/0xb0 [ 14.737590] print_report+0xd1/0x650 [ 14.737614] ? __virt_addr_valid+0x1db/0x2d0 [ 14.737638] ? kasan_atomics_helper+0x15b6/0x5450 [ 14.737661] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.737684] ? kasan_atomics_helper+0x15b6/0x5450 [ 14.737706] kasan_report+0x141/0x180 [ 14.737757] ? kasan_atomics_helper+0x15b6/0x5450 [ 14.737785] kasan_check_range+0x10c/0x1c0 [ 14.737809] __kasan_check_write+0x18/0x20 [ 14.737829] kasan_atomics_helper+0x15b6/0x5450 [ 14.737863] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.737885] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.737911] ? kasan_atomics+0x152/0x310 [ 14.737949] kasan_atomics+0x1dc/0x310 [ 14.737973] ? __pfx_kasan_atomics+0x10/0x10 [ 14.737998] ? __pfx_read_tsc+0x10/0x10 [ 14.738019] ? ktime_get_ts64+0x86/0x230 [ 14.738042] kunit_try_run_case+0x1a5/0x480 [ 14.738068] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.738091] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.738115] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.738138] ? __kthread_parkme+0x82/0x180 [ 14.738160] ? preempt_count_sub+0x50/0x80 [ 14.738184] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.738208] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.738232] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.738255] kthread+0x337/0x6f0 [ 14.738276] ? trace_preempt_on+0x20/0xc0 [ 14.738302] ? __pfx_kthread+0x10/0x10 [ 14.738324] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.738361] ? calculate_sigpending+0x7b/0xa0 [ 14.738387] ? __pfx_kthread+0x10/0x10 [ 14.738410] ret_from_fork+0x116/0x1d0 [ 14.738428] ? __pfx_kthread+0x10/0x10 [ 14.738450] ret_from_fork_asm+0x1a/0x30 [ 14.738481] </TASK> [ 14.738493] [ 14.751717] Allocated by task 284: [ 14.752017] kasan_save_stack+0x45/0x70 [ 14.752166] kasan_save_track+0x18/0x40 [ 14.752305] kasan_save_alloc_info+0x3b/0x50 [ 14.752475] __kasan_kmalloc+0xb7/0xc0 [ 14.752611] __kmalloc_cache_noprof+0x189/0x420 [ 14.752921] kasan_atomics+0x95/0x310 [ 14.753117] kunit_try_run_case+0x1a5/0x480 [ 14.753314] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.753554] kthread+0x337/0x6f0 [ 14.753707] ret_from_fork+0x116/0x1d0 [ 14.754448] ret_from_fork_asm+0x1a/0x30 [ 14.754752] [ 14.755001] The buggy address belongs to the object at ffff888103128480 [ 14.755001] which belongs to the cache kmalloc-64 of size 64 [ 14.755486] The buggy address is located 0 bytes to the right of [ 14.755486] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.756304] [ 14.756459] The buggy address belongs to the physical page: [ 14.756676] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.757505] flags: 0x200000000000000(node=0|zone=2) [ 14.757919] page_type: f5(slab) [ 14.758222] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.758714] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.759250] page dumped because: kasan: bad access detected [ 14.759502] [ 14.759595] Memory state around the buggy address: [ 14.760119] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.760444] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.760733] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.761422] ^ [ 14.761730] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.762202] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.762512] ================================================================== [ 13.970494] ================================================================== [ 13.970748] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 13.971246] Read of size 4 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 13.971560] [ 13.971662] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.971709] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.971723] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.971744] Call Trace: [ 13.971761] <TASK> [ 13.971778] dump_stack_lvl+0x73/0xb0 [ 13.971804] print_report+0xd1/0x650 [ 13.971828] ? __virt_addr_valid+0x1db/0x2d0 [ 13.971851] ? kasan_atomics_helper+0x3df/0x5450 [ 13.971871] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.971895] ? kasan_atomics_helper+0x3df/0x5450 [ 13.971917] kasan_report+0x141/0x180 [ 13.971940] ? kasan_atomics_helper+0x3df/0x5450 [ 13.971965] kasan_check_range+0x10c/0x1c0 [ 13.971990] __kasan_check_read+0x15/0x20 [ 13.972009] kasan_atomics_helper+0x3df/0x5450 [ 13.972032] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.972054] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.972081] ? kasan_atomics+0x152/0x310 [ 13.972107] kasan_atomics+0x1dc/0x310 [ 13.972130] ? __pfx_kasan_atomics+0x10/0x10 [ 13.972155] ? __pfx_read_tsc+0x10/0x10 [ 13.972175] ? ktime_get_ts64+0x86/0x230 [ 13.972199] kunit_try_run_case+0x1a5/0x480 [ 13.972224] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.972247] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.972271] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.972294] ? __kthread_parkme+0x82/0x180 [ 13.972315] ? preempt_count_sub+0x50/0x80 [ 13.972339] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.972372] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.972397] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.972431] kthread+0x337/0x6f0 [ 13.972452] ? trace_preempt_on+0x20/0xc0 [ 13.972476] ? __pfx_kthread+0x10/0x10 [ 13.972508] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.972530] ? calculate_sigpending+0x7b/0xa0 [ 13.972554] ? __pfx_kthread+0x10/0x10 [ 13.972576] ret_from_fork+0x116/0x1d0 [ 13.972595] ? __pfx_kthread+0x10/0x10 [ 13.972616] ret_from_fork_asm+0x1a/0x30 [ 13.972647] </TASK> [ 13.972659] [ 13.981137] Allocated by task 284: [ 13.981330] kasan_save_stack+0x45/0x70 [ 13.981544] kasan_save_track+0x18/0x40 [ 13.981844] kasan_save_alloc_info+0x3b/0x50 [ 13.982084] __kasan_kmalloc+0xb7/0xc0 [ 13.982221] __kmalloc_cache_noprof+0x189/0x420 [ 13.982450] kasan_atomics+0x95/0x310 [ 13.982766] kunit_try_run_case+0x1a5/0x480 [ 13.982969] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.983225] kthread+0x337/0x6f0 [ 13.983422] ret_from_fork+0x116/0x1d0 [ 13.983639] ret_from_fork_asm+0x1a/0x30 [ 13.983940] [ 13.984030] The buggy address belongs to the object at ffff888103128480 [ 13.984030] which belongs to the cache kmalloc-64 of size 64 [ 13.984442] The buggy address is located 0 bytes to the right of [ 13.984442] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 13.985033] [ 13.985218] The buggy address belongs to the physical page: [ 13.985484] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 13.986120] flags: 0x200000000000000(node=0|zone=2) [ 13.986411] page_type: f5(slab) [ 13.986544] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.986777] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.987295] page dumped because: kasan: bad access detected [ 13.987569] [ 13.987736] Memory state around the buggy address: [ 13.988017] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.988426] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.988860] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.989128] ^ [ 13.989285] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.989696] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.990168] ================================================================== [ 14.165715] ================================================================== [ 14.166129] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 14.166598] Write of size 4 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.166909] [ 14.167028] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.167073] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.167096] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.167119] Call Trace: [ 14.167136] <TASK> [ 14.167155] dump_stack_lvl+0x73/0xb0 [ 14.167196] print_report+0xd1/0x650 [ 14.167221] ? __virt_addr_valid+0x1db/0x2d0 [ 14.167245] ? kasan_atomics_helper+0x860/0x5450 [ 14.167267] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.167290] ? kasan_atomics_helper+0x860/0x5450 [ 14.167314] kasan_report+0x141/0x180 [ 14.167337] ? kasan_atomics_helper+0x860/0x5450 [ 14.167373] kasan_check_range+0x10c/0x1c0 [ 14.167408] __kasan_check_write+0x18/0x20 [ 14.167432] kasan_atomics_helper+0x860/0x5450 [ 14.167456] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.167492] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.167519] ? kasan_atomics+0x152/0x310 [ 14.167556] kasan_atomics+0x1dc/0x310 [ 14.167581] ? __pfx_kasan_atomics+0x10/0x10 [ 14.167655] ? __pfx_read_tsc+0x10/0x10 [ 14.167686] ? ktime_get_ts64+0x86/0x230 [ 14.167712] kunit_try_run_case+0x1a5/0x480 [ 14.167739] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.167762] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.167786] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.167810] ? __kthread_parkme+0x82/0x180 [ 14.167832] ? preempt_count_sub+0x50/0x80 [ 14.167868] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.167892] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.167916] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.167951] kthread+0x337/0x6f0 [ 14.167981] ? trace_preempt_on+0x20/0xc0 [ 14.168005] ? __pfx_kthread+0x10/0x10 [ 14.168027] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.168059] ? calculate_sigpending+0x7b/0xa0 [ 14.168084] ? __pfx_kthread+0x10/0x10 [ 14.168106] ret_from_fork+0x116/0x1d0 [ 14.168125] ? __pfx_kthread+0x10/0x10 [ 14.168146] ret_from_fork_asm+0x1a/0x30 [ 14.168177] </TASK> [ 14.168190] [ 14.176672] Allocated by task 284: [ 14.177023] kasan_save_stack+0x45/0x70 [ 14.177215] kasan_save_track+0x18/0x40 [ 14.177358] kasan_save_alloc_info+0x3b/0x50 [ 14.177584] __kasan_kmalloc+0xb7/0xc0 [ 14.177905] __kmalloc_cache_noprof+0x189/0x420 [ 14.178143] kasan_atomics+0x95/0x310 [ 14.178340] kunit_try_run_case+0x1a5/0x480 [ 14.178605] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.178895] kthread+0x337/0x6f0 [ 14.179018] ret_from_fork+0x116/0x1d0 [ 14.179148] ret_from_fork_asm+0x1a/0x30 [ 14.179283] [ 14.179388] The buggy address belongs to the object at ffff888103128480 [ 14.179388] which belongs to the cache kmalloc-64 of size 64 [ 14.179912] The buggy address is located 0 bytes to the right of [ 14.179912] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.180307] [ 14.180425] The buggy address belongs to the physical page: [ 14.180944] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.181311] flags: 0x200000000000000(node=0|zone=2) [ 14.181610] page_type: f5(slab) [ 14.181745] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.182105] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.182421] page dumped because: kasan: bad access detected [ 14.182706] [ 14.182854] Memory state around the buggy address: [ 14.183072] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.183386] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.183603] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.183815] ^ [ 14.184114] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.184443] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.184988] ================================================================== [ 14.559806] ================================================================== [ 14.560112] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 14.560392] Read of size 4 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.560715] [ 14.560808] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.560852] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.560865] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.560886] Call Trace: [ 14.560903] <TASK> [ 14.560920] dump_stack_lvl+0x73/0xb0 [ 14.560947] print_report+0xd1/0x650 [ 14.560970] ? __virt_addr_valid+0x1db/0x2d0 [ 14.560994] ? kasan_atomics_helper+0x49e8/0x5450 [ 14.561016] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.561037] ? kasan_atomics_helper+0x49e8/0x5450 [ 14.561059] kasan_report+0x141/0x180 [ 14.561082] ? kasan_atomics_helper+0x49e8/0x5450 [ 14.561107] __asan_report_load4_noabort+0x18/0x20 [ 14.561131] kasan_atomics_helper+0x49e8/0x5450 [ 14.561153] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.561175] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.561201] ? kasan_atomics+0x152/0x310 [ 14.561227] kasan_atomics+0x1dc/0x310 [ 14.561251] ? __pfx_kasan_atomics+0x10/0x10 [ 14.561296] ? __pfx_read_tsc+0x10/0x10 [ 14.561318] ? ktime_get_ts64+0x86/0x230 [ 14.561343] kunit_try_run_case+0x1a5/0x480 [ 14.561379] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.561402] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.561426] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.561449] ? __kthread_parkme+0x82/0x180 [ 14.561472] ? preempt_count_sub+0x50/0x80 [ 14.561498] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.561522] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.561544] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.561567] kthread+0x337/0x6f0 [ 14.561588] ? trace_preempt_on+0x20/0xc0 [ 14.561612] ? __pfx_kthread+0x10/0x10 [ 14.561633] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.561654] ? calculate_sigpending+0x7b/0xa0 [ 14.561678] ? __pfx_kthread+0x10/0x10 [ 14.561700] ret_from_fork+0x116/0x1d0 [ 14.561718] ? __pfx_kthread+0x10/0x10 [ 14.561740] ret_from_fork_asm+0x1a/0x30 [ 14.561778] </TASK> [ 14.561789] [ 14.569366] Allocated by task 284: [ 14.569507] kasan_save_stack+0x45/0x70 [ 14.569651] kasan_save_track+0x18/0x40 [ 14.569785] kasan_save_alloc_info+0x3b/0x50 [ 14.569933] __kasan_kmalloc+0xb7/0xc0 [ 14.570067] __kmalloc_cache_noprof+0x189/0x420 [ 14.570292] kasan_atomics+0x95/0x310 [ 14.570495] kunit_try_run_case+0x1a5/0x480 [ 14.570712] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.571087] kthread+0x337/0x6f0 [ 14.571261] ret_from_fork+0x116/0x1d0 [ 14.571464] ret_from_fork_asm+0x1a/0x30 [ 14.571676] [ 14.571770] The buggy address belongs to the object at ffff888103128480 [ 14.571770] which belongs to the cache kmalloc-64 of size 64 [ 14.572358] The buggy address is located 0 bytes to the right of [ 14.572358] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.572723] [ 14.572822] The buggy address belongs to the physical page: [ 14.573080] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.573678] flags: 0x200000000000000(node=0|zone=2) [ 14.573924] page_type: f5(slab) [ 14.574093] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.574331] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.574567] page dumped because: kasan: bad access detected [ 14.574739] [ 14.574809] Memory state around the buggy address: [ 14.574963] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.575280] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.575601] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.576093] ^ [ 14.576312] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.576596] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.576894] ================================================================== [ 14.031556] ================================================================== [ 14.032241] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 14.032691] Write of size 4 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.033042] [ 14.033135] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.033180] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.033194] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.033217] Call Trace: [ 14.033235] <TASK> [ 14.033253] dump_stack_lvl+0x73/0xb0 [ 14.033281] print_report+0xd1/0x650 [ 14.033304] ? __virt_addr_valid+0x1db/0x2d0 [ 14.033329] ? kasan_atomics_helper+0x4b3a/0x5450 [ 14.033362] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.033386] ? kasan_atomics_helper+0x4b3a/0x5450 [ 14.033410] kasan_report+0x141/0x180 [ 14.033432] ? kasan_atomics_helper+0x4b3a/0x5450 [ 14.033458] __asan_report_store4_noabort+0x1b/0x30 [ 14.033480] kasan_atomics_helper+0x4b3a/0x5450 [ 14.033513] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.033536] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.033574] ? kasan_atomics+0x152/0x310 [ 14.033675] kasan_atomics+0x1dc/0x310 [ 14.033701] ? __pfx_kasan_atomics+0x10/0x10 [ 14.033725] ? __pfx_read_tsc+0x10/0x10 [ 14.033758] ? ktime_get_ts64+0x86/0x230 [ 14.033782] kunit_try_run_case+0x1a5/0x480 [ 14.033807] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.033829] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.033854] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.033877] ? __kthread_parkme+0x82/0x180 [ 14.033899] ? preempt_count_sub+0x50/0x80 [ 14.033924] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.033948] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.033970] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.033994] kthread+0x337/0x6f0 [ 14.034014] ? trace_preempt_on+0x20/0xc0 [ 14.034039] ? __pfx_kthread+0x10/0x10 [ 14.034060] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.034081] ? calculate_sigpending+0x7b/0xa0 [ 14.034104] ? __pfx_kthread+0x10/0x10 [ 14.034127] ret_from_fork+0x116/0x1d0 [ 14.034145] ? __pfx_kthread+0x10/0x10 [ 14.034167] ret_from_fork_asm+0x1a/0x30 [ 14.034198] </TASK> [ 14.034210] [ 14.042622] Allocated by task 284: [ 14.042921] kasan_save_stack+0x45/0x70 [ 14.043182] kasan_save_track+0x18/0x40 [ 14.043344] kasan_save_alloc_info+0x3b/0x50 [ 14.043743] __kasan_kmalloc+0xb7/0xc0 [ 14.043971] __kmalloc_cache_noprof+0x189/0x420 [ 14.044133] kasan_atomics+0x95/0x310 [ 14.044307] kunit_try_run_case+0x1a5/0x480 [ 14.044559] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.044984] kthread+0x337/0x6f0 [ 14.045160] ret_from_fork+0x116/0x1d0 [ 14.045333] ret_from_fork_asm+0x1a/0x30 [ 14.045514] [ 14.045628] The buggy address belongs to the object at ffff888103128480 [ 14.045628] which belongs to the cache kmalloc-64 of size 64 [ 14.046215] The buggy address is located 0 bytes to the right of [ 14.046215] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.046779] [ 14.046941] The buggy address belongs to the physical page: [ 14.047116] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.047361] flags: 0x200000000000000(node=0|zone=2) [ 14.047529] page_type: f5(slab) [ 14.047837] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.048635] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.049002] page dumped because: kasan: bad access detected [ 14.049179] [ 14.049252] Memory state around the buggy address: [ 14.049421] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.049983] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.050327] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.050925] ^ [ 14.051168] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.051462] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.051749] ================================================================== [ 14.667194] ================================================================== [ 14.667519] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 14.668567] Write of size 8 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.669042] [ 14.669288] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.669338] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.669364] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.669387] Call Trace: [ 14.669404] <TASK> [ 14.669457] dump_stack_lvl+0x73/0xb0 [ 14.669490] print_report+0xd1/0x650 [ 14.669514] ? __virt_addr_valid+0x1db/0x2d0 [ 14.669538] ? kasan_atomics_helper+0x1467/0x5450 [ 14.669560] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.669585] ? kasan_atomics_helper+0x1467/0x5450 [ 14.669607] kasan_report+0x141/0x180 [ 14.669631] ? kasan_atomics_helper+0x1467/0x5450 [ 14.669659] kasan_check_range+0x10c/0x1c0 [ 14.669683] __kasan_check_write+0x18/0x20 [ 14.669703] kasan_atomics_helper+0x1467/0x5450 [ 14.669727] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.669764] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.669791] ? kasan_atomics+0x152/0x310 [ 14.669818] kasan_atomics+0x1dc/0x310 [ 14.669841] ? __pfx_kasan_atomics+0x10/0x10 [ 14.669866] ? __pfx_read_tsc+0x10/0x10 [ 14.669888] ? ktime_get_ts64+0x86/0x230 [ 14.669913] kunit_try_run_case+0x1a5/0x480 [ 14.669938] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.669960] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.669984] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.670007] ? __kthread_parkme+0x82/0x180 [ 14.670030] ? preempt_count_sub+0x50/0x80 [ 14.670054] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.670079] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.670102] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.670126] kthread+0x337/0x6f0 [ 14.670147] ? trace_preempt_on+0x20/0xc0 [ 14.670171] ? __pfx_kthread+0x10/0x10 [ 14.670192] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.670213] ? calculate_sigpending+0x7b/0xa0 [ 14.670238] ? __pfx_kthread+0x10/0x10 [ 14.670260] ret_from_fork+0x116/0x1d0 [ 14.670279] ? __pfx_kthread+0x10/0x10 [ 14.670301] ret_from_fork_asm+0x1a/0x30 [ 14.670332] </TASK> [ 14.670344] [ 14.678730] Allocated by task 284: [ 14.678889] kasan_save_stack+0x45/0x70 [ 14.679039] kasan_save_track+0x18/0x40 [ 14.679201] kasan_save_alloc_info+0x3b/0x50 [ 14.679409] __kasan_kmalloc+0xb7/0xc0 [ 14.679584] __kmalloc_cache_noprof+0x189/0x420 [ 14.680316] kasan_atomics+0x95/0x310 [ 14.680677] kunit_try_run_case+0x1a5/0x480 [ 14.681096] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.681361] kthread+0x337/0x6f0 [ 14.681524] ret_from_fork+0x116/0x1d0 [ 14.681697] ret_from_fork_asm+0x1a/0x30 [ 14.682305] [ 14.682488] The buggy address belongs to the object at ffff888103128480 [ 14.682488] which belongs to the cache kmalloc-64 of size 64 [ 14.683555] The buggy address is located 0 bytes to the right of [ 14.683555] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.684319] [ 14.684438] The buggy address belongs to the physical page: [ 14.684680] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.685396] flags: 0x200000000000000(node=0|zone=2) [ 14.685587] page_type: f5(slab) [ 14.685714] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.686001] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.686293] page dumped because: kasan: bad access detected [ 14.686479] [ 14.686554] Memory state around the buggy address: [ 14.686711] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.687322] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.687958] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.688554] ^ [ 14.688982] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.689602] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.689932] ================================================================== [ 14.185381] ================================================================== [ 14.186065] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 14.186433] Write of size 4 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.187003] [ 14.187132] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.187190] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.187203] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.187226] Call Trace: [ 14.187255] <TASK> [ 14.187273] dump_stack_lvl+0x73/0xb0 [ 14.187302] print_report+0xd1/0x650 [ 14.187326] ? __virt_addr_valid+0x1db/0x2d0 [ 14.187360] ? kasan_atomics_helper+0x8f9/0x5450 [ 14.187382] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.187406] ? kasan_atomics_helper+0x8f9/0x5450 [ 14.187428] kasan_report+0x141/0x180 [ 14.187451] ? kasan_atomics_helper+0x8f9/0x5450 [ 14.187478] kasan_check_range+0x10c/0x1c0 [ 14.187503] __kasan_check_write+0x18/0x20 [ 14.187523] kasan_atomics_helper+0x8f9/0x5450 [ 14.187547] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.187569] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.187606] ? kasan_atomics+0x152/0x310 [ 14.187634] kasan_atomics+0x1dc/0x310 [ 14.187674] ? __pfx_kasan_atomics+0x10/0x10 [ 14.187699] ? __pfx_read_tsc+0x10/0x10 [ 14.187722] ? ktime_get_ts64+0x86/0x230 [ 14.187747] kunit_try_run_case+0x1a5/0x480 [ 14.187771] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.187794] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.187818] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.187842] ? __kthread_parkme+0x82/0x180 [ 14.187865] ? preempt_count_sub+0x50/0x80 [ 14.187909] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.187934] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.187958] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.187982] kthread+0x337/0x6f0 [ 14.188002] ? trace_preempt_on+0x20/0xc0 [ 14.188027] ? __pfx_kthread+0x10/0x10 [ 14.188049] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.188145] ? calculate_sigpending+0x7b/0xa0 [ 14.188179] ? __pfx_kthread+0x10/0x10 [ 14.188201] ret_from_fork+0x116/0x1d0 [ 14.188221] ? __pfx_kthread+0x10/0x10 [ 14.188253] ret_from_fork_asm+0x1a/0x30 [ 14.188283] </TASK> [ 14.188295] [ 14.196497] Allocated by task 284: [ 14.196669] kasan_save_stack+0x45/0x70 [ 14.197035] kasan_save_track+0x18/0x40 [ 14.197299] kasan_save_alloc_info+0x3b/0x50 [ 14.197525] __kasan_kmalloc+0xb7/0xc0 [ 14.197851] __kmalloc_cache_noprof+0x189/0x420 [ 14.198056] kasan_atomics+0x95/0x310 [ 14.198252] kunit_try_run_case+0x1a5/0x480 [ 14.198411] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.198694] kthread+0x337/0x6f0 [ 14.198926] ret_from_fork+0x116/0x1d0 [ 14.199073] ret_from_fork_asm+0x1a/0x30 [ 14.199273] [ 14.199371] The buggy address belongs to the object at ffff888103128480 [ 14.199371] which belongs to the cache kmalloc-64 of size 64 [ 14.199970] The buggy address is located 0 bytes to the right of [ 14.199970] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.200342] [ 14.200427] The buggy address belongs to the physical page: [ 14.200672] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.201148] flags: 0x200000000000000(node=0|zone=2) [ 14.201421] page_type: f5(slab) [ 14.201668] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.202155] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.202398] page dumped because: kasan: bad access detected [ 14.202571] [ 14.202701] Memory state around the buggy address: [ 14.202975] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.203704] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.204071] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.204397] ^ [ 14.204628] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.205001] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.205242] ================================================================== [ 14.471308] ================================================================== [ 14.472340] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 14.472680] Read of size 4 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.473031] [ 14.473154] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.473198] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.473212] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.473234] Call Trace: [ 14.473253] <TASK> [ 14.473272] dump_stack_lvl+0x73/0xb0 [ 14.473302] print_report+0xd1/0x650 [ 14.473327] ? __virt_addr_valid+0x1db/0x2d0 [ 14.473361] ? kasan_atomics_helper+0x4a1c/0x5450 [ 14.473385] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.473408] ? kasan_atomics_helper+0x4a1c/0x5450 [ 14.473429] kasan_report+0x141/0x180 [ 14.473452] ? kasan_atomics_helper+0x4a1c/0x5450 [ 14.473478] __asan_report_load4_noabort+0x18/0x20 [ 14.473505] kasan_atomics_helper+0x4a1c/0x5450 [ 14.473528] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.473551] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.473577] ? kasan_atomics+0x152/0x310 [ 14.473603] kasan_atomics+0x1dc/0x310 [ 14.473628] ? __pfx_kasan_atomics+0x10/0x10 [ 14.473653] ? __pfx_read_tsc+0x10/0x10 [ 14.473675] ? ktime_get_ts64+0x86/0x230 [ 14.473699] kunit_try_run_case+0x1a5/0x480 [ 14.473725] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.473747] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.473772] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.473796] ? __kthread_parkme+0x82/0x180 [ 14.473818] ? preempt_count_sub+0x50/0x80 [ 14.473843] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.473867] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.473890] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.473914] kthread+0x337/0x6f0 [ 14.473934] ? trace_preempt_on+0x20/0xc0 [ 14.473959] ? __pfx_kthread+0x10/0x10 [ 14.473982] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.474004] ? calculate_sigpending+0x7b/0xa0 [ 14.474029] ? __pfx_kthread+0x10/0x10 [ 14.474051] ret_from_fork+0x116/0x1d0 [ 14.474070] ? __pfx_kthread+0x10/0x10 [ 14.474091] ret_from_fork_asm+0x1a/0x30 [ 14.474122] </TASK> [ 14.474135] [ 14.482730] Allocated by task 284: [ 14.482868] kasan_save_stack+0x45/0x70 [ 14.483034] kasan_save_track+0x18/0x40 [ 14.483276] kasan_save_alloc_info+0x3b/0x50 [ 14.483714] __kasan_kmalloc+0xb7/0xc0 [ 14.483929] __kmalloc_cache_noprof+0x189/0x420 [ 14.484144] kasan_atomics+0x95/0x310 [ 14.484308] kunit_try_run_case+0x1a5/0x480 [ 14.484491] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.484762] kthread+0x337/0x6f0 [ 14.484974] ret_from_fork+0x116/0x1d0 [ 14.485106] ret_from_fork_asm+0x1a/0x30 [ 14.485302] [ 14.485445] The buggy address belongs to the object at ffff888103128480 [ 14.485445] which belongs to the cache kmalloc-64 of size 64 [ 14.485975] The buggy address is located 0 bytes to the right of [ 14.485975] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.486666] [ 14.486800] The buggy address belongs to the physical page: [ 14.487076] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.487476] flags: 0x200000000000000(node=0|zone=2) [ 14.487735] page_type: f5(slab) [ 14.487913] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.488280] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.488642] page dumped because: kasan: bad access detected [ 14.488912] [ 14.488994] Memory state around the buggy address: [ 14.489232] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.489608] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.489980] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.490290] ^ [ 14.490522] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.490741] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.490947] ================================================================== [ 14.806396] ================================================================== [ 14.807436] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 14.807809] Write of size 8 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.808142] [ 14.808261] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.808304] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.808317] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.808339] Call Trace: [ 14.808376] <TASK> [ 14.808392] dump_stack_lvl+0x73/0xb0 [ 14.808420] print_report+0xd1/0x650 [ 14.808457] ? __virt_addr_valid+0x1db/0x2d0 [ 14.808480] ? kasan_atomics_helper+0x177f/0x5450 [ 14.808502] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.808525] ? kasan_atomics_helper+0x177f/0x5450 [ 14.808556] kasan_report+0x141/0x180 [ 14.808579] ? kasan_atomics_helper+0x177f/0x5450 [ 14.808616] kasan_check_range+0x10c/0x1c0 [ 14.808641] __kasan_check_write+0x18/0x20 [ 14.808660] kasan_atomics_helper+0x177f/0x5450 [ 14.808692] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.808715] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.808740] ? kasan_atomics+0x152/0x310 [ 14.808778] kasan_atomics+0x1dc/0x310 [ 14.808801] ? __pfx_kasan_atomics+0x10/0x10 [ 14.808825] ? __pfx_read_tsc+0x10/0x10 [ 14.808846] ? ktime_get_ts64+0x86/0x230 [ 14.808871] kunit_try_run_case+0x1a5/0x480 [ 14.808894] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.808927] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.808952] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.808987] ? __kthread_parkme+0x82/0x180 [ 14.809008] ? preempt_count_sub+0x50/0x80 [ 14.809033] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.809057] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.809089] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.809114] kthread+0x337/0x6f0 [ 14.809134] ? trace_preempt_on+0x20/0xc0 [ 14.809168] ? __pfx_kthread+0x10/0x10 [ 14.809190] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.809211] ? calculate_sigpending+0x7b/0xa0 [ 14.809235] ? __pfx_kthread+0x10/0x10 [ 14.809257] ret_from_fork+0x116/0x1d0 [ 14.809283] ? __pfx_kthread+0x10/0x10 [ 14.809304] ret_from_fork_asm+0x1a/0x30 [ 14.809335] </TASK> [ 14.809363] [ 14.817029] Allocated by task 284: [ 14.817161] kasan_save_stack+0x45/0x70 [ 14.817333] kasan_save_track+0x18/0x40 [ 14.817551] kasan_save_alloc_info+0x3b/0x50 [ 14.817758] __kasan_kmalloc+0xb7/0xc0 [ 14.817945] __kmalloc_cache_noprof+0x189/0x420 [ 14.818166] kasan_atomics+0x95/0x310 [ 14.818361] kunit_try_run_case+0x1a5/0x480 [ 14.818563] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.818850] kthread+0x337/0x6f0 [ 14.819020] ret_from_fork+0x116/0x1d0 [ 14.819168] ret_from_fork_asm+0x1a/0x30 [ 14.819306] [ 14.819389] The buggy address belongs to the object at ffff888103128480 [ 14.819389] which belongs to the cache kmalloc-64 of size 64 [ 14.819889] The buggy address is located 0 bytes to the right of [ 14.819889] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.820446] [ 14.820544] The buggy address belongs to the physical page: [ 14.820837] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.821081] flags: 0x200000000000000(node=0|zone=2) [ 14.821246] page_type: f5(slab) [ 14.821382] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.821699] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.822173] page dumped because: kasan: bad access detected [ 14.822476] [ 14.822575] Memory state around the buggy address: [ 14.822851] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.823195] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.823497] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.823847] ^ [ 14.824057] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.824367] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.824666] ================================================================== [ 14.989248] ================================================================== [ 14.989671] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 14.990106] Write of size 8 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.990381] [ 14.990470] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.990513] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.990526] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.990547] Call Trace: [ 14.990563] <TASK> [ 14.990579] dump_stack_lvl+0x73/0xb0 [ 14.990605] print_report+0xd1/0x650 [ 14.990629] ? __virt_addr_valid+0x1db/0x2d0 [ 14.990652] ? kasan_atomics_helper+0x1ce1/0x5450 [ 14.990674] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.990697] ? kasan_atomics_helper+0x1ce1/0x5450 [ 14.990720] kasan_report+0x141/0x180 [ 14.990744] ? kasan_atomics_helper+0x1ce1/0x5450 [ 14.990771] kasan_check_range+0x10c/0x1c0 [ 14.990795] __kasan_check_write+0x18/0x20 [ 14.990815] kasan_atomics_helper+0x1ce1/0x5450 [ 14.990838] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.990861] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.990887] ? kasan_atomics+0x152/0x310 [ 14.990915] kasan_atomics+0x1dc/0x310 [ 14.990937] ? __pfx_kasan_atomics+0x10/0x10 [ 14.990962] ? __pfx_read_tsc+0x10/0x10 [ 14.990983] ? ktime_get_ts64+0x86/0x230 [ 14.991006] kunit_try_run_case+0x1a5/0x480 [ 14.991030] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.991053] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.991077] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.991100] ? __kthread_parkme+0x82/0x180 [ 14.991122] ? preempt_count_sub+0x50/0x80 [ 14.991146] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.991171] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.991194] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.991218] kthread+0x337/0x6f0 [ 14.991238] ? trace_preempt_on+0x20/0xc0 [ 14.991262] ? __pfx_kthread+0x10/0x10 [ 14.991283] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.991304] ? calculate_sigpending+0x7b/0xa0 [ 14.991328] ? __pfx_kthread+0x10/0x10 [ 14.991392] ret_from_fork+0x116/0x1d0 [ 14.991413] ? __pfx_kthread+0x10/0x10 [ 14.991434] ret_from_fork_asm+0x1a/0x30 [ 14.991476] </TASK> [ 14.991488] [ 14.999872] Allocated by task 284: [ 15.000054] kasan_save_stack+0x45/0x70 [ 15.000302] kasan_save_track+0x18/0x40 [ 15.000522] kasan_save_alloc_info+0x3b/0x50 [ 15.000769] __kasan_kmalloc+0xb7/0xc0 [ 15.000961] __kmalloc_cache_noprof+0x189/0x420 [ 15.001236] kasan_atomics+0x95/0x310 [ 15.001540] kunit_try_run_case+0x1a5/0x480 [ 15.001768] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.002020] kthread+0x337/0x6f0 [ 15.002189] ret_from_fork+0x116/0x1d0 [ 15.002457] ret_from_fork_asm+0x1a/0x30 [ 15.002598] [ 15.002684] The buggy address belongs to the object at ffff888103128480 [ 15.002684] which belongs to the cache kmalloc-64 of size 64 [ 15.003502] The buggy address is located 0 bytes to the right of [ 15.003502] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 15.004473] [ 15.004615] The buggy address belongs to the physical page: [ 15.004915] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 15.005201] flags: 0x200000000000000(node=0|zone=2) [ 15.005378] page_type: f5(slab) [ 15.005588] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.006080] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.006422] page dumped because: kasan: bad access detected [ 15.006595] [ 15.006665] Memory state around the buggy address: [ 15.007078] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.007498] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.007951] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.008212] ^ [ 15.008410] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.008778] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.009042] ================================================================== [ 15.215644] ================================================================== [ 15.216079] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 15.216409] Read of size 8 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 15.216901] [ 15.217002] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.217194] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.217259] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.217281] Call Trace: [ 15.217298] <TASK> [ 15.217316] dump_stack_lvl+0x73/0xb0 [ 15.217360] print_report+0xd1/0x650 [ 15.217385] ? __virt_addr_valid+0x1db/0x2d0 [ 15.217409] ? kasan_atomics_helper+0x4fa5/0x5450 [ 15.217431] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.217453] ? kasan_atomics_helper+0x4fa5/0x5450 [ 15.217475] kasan_report+0x141/0x180 [ 15.217498] ? kasan_atomics_helper+0x4fa5/0x5450 [ 15.217525] __asan_report_load8_noabort+0x18/0x20 [ 15.217550] kasan_atomics_helper+0x4fa5/0x5450 [ 15.217574] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.217596] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.217622] ? kasan_atomics+0x152/0x310 [ 15.217649] kasan_atomics+0x1dc/0x310 [ 15.217672] ? __pfx_kasan_atomics+0x10/0x10 [ 15.217697] ? __pfx_read_tsc+0x10/0x10 [ 15.217718] ? ktime_get_ts64+0x86/0x230 [ 15.217754] kunit_try_run_case+0x1a5/0x480 [ 15.217779] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.217802] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.217826] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.217849] ? __kthread_parkme+0x82/0x180 [ 15.217871] ? preempt_count_sub+0x50/0x80 [ 15.217896] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.217920] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.217944] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.217967] kthread+0x337/0x6f0 [ 15.217987] ? trace_preempt_on+0x20/0xc0 [ 15.218012] ? __pfx_kthread+0x10/0x10 [ 15.218033] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.218054] ? calculate_sigpending+0x7b/0xa0 [ 15.218079] ? __pfx_kthread+0x10/0x10 [ 15.218100] ret_from_fork+0x116/0x1d0 [ 15.218119] ? __pfx_kthread+0x10/0x10 [ 15.218140] ret_from_fork_asm+0x1a/0x30 [ 15.218171] </TASK> [ 15.218183] [ 15.227691] Allocated by task 284: [ 15.228062] kasan_save_stack+0x45/0x70 [ 15.228319] kasan_save_track+0x18/0x40 [ 15.228593] kasan_save_alloc_info+0x3b/0x50 [ 15.228762] __kasan_kmalloc+0xb7/0xc0 [ 15.229098] __kmalloc_cache_noprof+0x189/0x420 [ 15.229305] kasan_atomics+0x95/0x310 [ 15.229646] kunit_try_run_case+0x1a5/0x480 [ 15.229884] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.230121] kthread+0x337/0x6f0 [ 15.230277] ret_from_fork+0x116/0x1d0 [ 15.230455] ret_from_fork_asm+0x1a/0x30 [ 15.230641] [ 15.230720] The buggy address belongs to the object at ffff888103128480 [ 15.230720] which belongs to the cache kmalloc-64 of size 64 [ 15.231511] The buggy address is located 0 bytes to the right of [ 15.231511] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 15.232261] [ 15.232375] The buggy address belongs to the physical page: [ 15.232721] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 15.233131] flags: 0x200000000000000(node=0|zone=2) [ 15.233416] page_type: f5(slab) [ 15.233628] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.234048] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.234431] page dumped because: kasan: bad access detected [ 15.234666] [ 15.234844] Memory state around the buggy address: [ 15.235080] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.235469] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.235775] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.236231] ^ [ 15.236520] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.236885] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.237247] ================================================================== [ 14.969210] ================================================================== [ 14.969704] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 14.970429] Read of size 8 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.970805] [ 14.970917] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.970959] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.970972] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.970994] Call Trace: [ 14.971009] <TASK> [ 14.971025] dump_stack_lvl+0x73/0xb0 [ 14.971053] print_report+0xd1/0x650 [ 14.971077] ? __virt_addr_valid+0x1db/0x2d0 [ 14.971100] ? kasan_atomics_helper+0x4f30/0x5450 [ 14.971122] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.971145] ? kasan_atomics_helper+0x4f30/0x5450 [ 14.971168] kasan_report+0x141/0x180 [ 14.971190] ? kasan_atomics_helper+0x4f30/0x5450 [ 14.971217] __asan_report_load8_noabort+0x18/0x20 [ 14.971242] kasan_atomics_helper+0x4f30/0x5450 [ 14.971265] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.971287] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.971313] ? kasan_atomics+0x152/0x310 [ 14.971339] kasan_atomics+0x1dc/0x310 [ 14.971373] ? __pfx_kasan_atomics+0x10/0x10 [ 14.971397] ? __pfx_read_tsc+0x10/0x10 [ 14.971418] ? ktime_get_ts64+0x86/0x230 [ 14.971443] kunit_try_run_case+0x1a5/0x480 [ 14.971466] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.971490] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.971513] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.971536] ? __kthread_parkme+0x82/0x180 [ 14.971558] ? preempt_count_sub+0x50/0x80 [ 14.971582] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.971608] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.971636] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.971669] kthread+0x337/0x6f0 [ 14.971689] ? trace_preempt_on+0x20/0xc0 [ 14.971713] ? __pfx_kthread+0x10/0x10 [ 14.971734] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.971757] ? calculate_sigpending+0x7b/0xa0 [ 14.971780] ? __pfx_kthread+0x10/0x10 [ 14.971803] ret_from_fork+0x116/0x1d0 [ 14.971822] ? __pfx_kthread+0x10/0x10 [ 14.971865] ret_from_fork_asm+0x1a/0x30 [ 14.971921] </TASK> [ 14.971932] [ 14.980135] Allocated by task 284: [ 14.980341] kasan_save_stack+0x45/0x70 [ 14.980581] kasan_save_track+0x18/0x40 [ 14.980792] kasan_save_alloc_info+0x3b/0x50 [ 14.980991] __kasan_kmalloc+0xb7/0xc0 [ 14.981217] __kmalloc_cache_noprof+0x189/0x420 [ 14.981460] kasan_atomics+0x95/0x310 [ 14.981666] kunit_try_run_case+0x1a5/0x480 [ 14.981907] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.982175] kthread+0x337/0x6f0 [ 14.982358] ret_from_fork+0x116/0x1d0 [ 14.982568] ret_from_fork_asm+0x1a/0x30 [ 14.982808] [ 14.982921] The buggy address belongs to the object at ffff888103128480 [ 14.982921] which belongs to the cache kmalloc-64 of size 64 [ 14.983491] The buggy address is located 0 bytes to the right of [ 14.983491] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.984051] [ 14.984166] The buggy address belongs to the physical page: [ 14.984410] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.984767] flags: 0x200000000000000(node=0|zone=2) [ 14.985037] page_type: f5(slab) [ 14.985259] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.985650] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.985996] page dumped because: kasan: bad access detected [ 14.986201] [ 14.986272] Memory state around the buggy address: [ 14.986433] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.986750] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.987143] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.987543] ^ [ 14.987874] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.988144] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.988432] ================================================================== [ 14.577520] ================================================================== [ 14.578560] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 14.578905] Write of size 4 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.579158] [ 14.579247] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.579291] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.579304] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.579325] Call Trace: [ 14.579343] <TASK> [ 14.579373] dump_stack_lvl+0x73/0xb0 [ 14.579400] print_report+0xd1/0x650 [ 14.579424] ? __virt_addr_valid+0x1db/0x2d0 [ 14.579447] ? kasan_atomics_helper+0x12e6/0x5450 [ 14.579469] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.579492] ? kasan_atomics_helper+0x12e6/0x5450 [ 14.579515] kasan_report+0x141/0x180 [ 14.579537] ? kasan_atomics_helper+0x12e6/0x5450 [ 14.579563] kasan_check_range+0x10c/0x1c0 [ 14.579588] __kasan_check_write+0x18/0x20 [ 14.579607] kasan_atomics_helper+0x12e6/0x5450 [ 14.579630] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.579653] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.579683] ? kasan_atomics+0x152/0x310 [ 14.579710] kasan_atomics+0x1dc/0x310 [ 14.579733] ? __pfx_kasan_atomics+0x10/0x10 [ 14.579759] ? __pfx_read_tsc+0x10/0x10 [ 14.579781] ? ktime_get_ts64+0x86/0x230 [ 14.579807] kunit_try_run_case+0x1a5/0x480 [ 14.579831] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.579853] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.579878] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.579900] ? __kthread_parkme+0x82/0x180 [ 14.579922] ? preempt_count_sub+0x50/0x80 [ 14.579946] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.579970] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.579994] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.580016] kthread+0x337/0x6f0 [ 14.580037] ? trace_preempt_on+0x20/0xc0 [ 14.580062] ? __pfx_kthread+0x10/0x10 [ 14.580083] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.580105] ? calculate_sigpending+0x7b/0xa0 [ 14.580130] ? __pfx_kthread+0x10/0x10 [ 14.580152] ret_from_fork+0x116/0x1d0 [ 14.580170] ? __pfx_kthread+0x10/0x10 [ 14.580191] ret_from_fork_asm+0x1a/0x30 [ 14.580223] </TASK> [ 14.580235] [ 14.587678] Allocated by task 284: [ 14.587867] kasan_save_stack+0x45/0x70 [ 14.588069] kasan_save_track+0x18/0x40 [ 14.588268] kasan_save_alloc_info+0x3b/0x50 [ 14.588456] __kasan_kmalloc+0xb7/0xc0 [ 14.588590] __kmalloc_cache_noprof+0x189/0x420 [ 14.588744] kasan_atomics+0x95/0x310 [ 14.588878] kunit_try_run_case+0x1a5/0x480 [ 14.589023] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.589196] kthread+0x337/0x6f0 [ 14.589404] ret_from_fork+0x116/0x1d0 [ 14.589599] ret_from_fork_asm+0x1a/0x30 [ 14.589860] [ 14.589955] The buggy address belongs to the object at ffff888103128480 [ 14.589955] which belongs to the cache kmalloc-64 of size 64 [ 14.590490] The buggy address is located 0 bytes to the right of [ 14.590490] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.591337] [ 14.591423] The buggy address belongs to the physical page: [ 14.591597] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.591841] flags: 0x200000000000000(node=0|zone=2) [ 14.592004] page_type: f5(slab) [ 14.592124] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.592820] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.593160] page dumped because: kasan: bad access detected [ 14.593374] [ 14.593444] Memory state around the buggy address: [ 14.593600] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.593991] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.594310] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.594651] ^ [ 14.594862] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.595079] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.595290] ================================================================== [ 13.874789] ================================================================== [ 13.876244] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 13.877038] Read of size 4 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 13.877438] [ 13.877536] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.877590] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.877602] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.877623] Call Trace: [ 13.877636] <TASK> [ 13.877654] dump_stack_lvl+0x73/0xb0 [ 13.877685] print_report+0xd1/0x650 [ 13.877708] ? __virt_addr_valid+0x1db/0x2d0 [ 13.877731] ? kasan_atomics_helper+0x4bbc/0x5450 [ 13.877750] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.877772] ? kasan_atomics_helper+0x4bbc/0x5450 [ 13.877792] kasan_report+0x141/0x180 [ 13.877813] ? kasan_atomics_helper+0x4bbc/0x5450 [ 13.877838] __asan_report_load4_noabort+0x18/0x20 [ 13.877861] kasan_atomics_helper+0x4bbc/0x5450 [ 13.877882] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.877903] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.877929] ? kasan_atomics+0x152/0x310 [ 13.877956] kasan_atomics+0x1dc/0x310 [ 13.877978] ? __pfx_kasan_atomics+0x10/0x10 [ 13.878001] ? __pfx_read_tsc+0x10/0x10 [ 13.878023] ? ktime_get_ts64+0x86/0x230 [ 13.878047] kunit_try_run_case+0x1a5/0x480 [ 13.878073] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.878094] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.878116] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.878138] ? __kthread_parkme+0x82/0x180 [ 13.878158] ? preempt_count_sub+0x50/0x80 [ 13.878182] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.878205] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.878227] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.878249] kthread+0x337/0x6f0 [ 13.878268] ? trace_preempt_on+0x20/0xc0 [ 13.878291] ? __pfx_kthread+0x10/0x10 [ 13.878312] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.878332] ? calculate_sigpending+0x7b/0xa0 [ 13.878366] ? __pfx_kthread+0x10/0x10 [ 13.878387] ret_from_fork+0x116/0x1d0 [ 13.878404] ? __pfx_kthread+0x10/0x10 [ 13.878424] ret_from_fork_asm+0x1a/0x30 [ 13.878455] </TASK> [ 13.878466] [ 13.891810] Allocated by task 284: [ 13.892204] kasan_save_stack+0x45/0x70 [ 13.892679] kasan_save_track+0x18/0x40 [ 13.893143] kasan_save_alloc_info+0x3b/0x50 [ 13.893584] __kasan_kmalloc+0xb7/0xc0 [ 13.894049] __kmalloc_cache_noprof+0x189/0x420 [ 13.894515] kasan_atomics+0x95/0x310 [ 13.894915] kunit_try_run_case+0x1a5/0x480 [ 13.895139] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.895307] kthread+0x337/0x6f0 [ 13.895437] ret_from_fork+0x116/0x1d0 [ 13.895669] ret_from_fork_asm+0x1a/0x30 [ 13.896166] [ 13.896388] The buggy address belongs to the object at ffff888103128480 [ 13.896388] which belongs to the cache kmalloc-64 of size 64 [ 13.897679] The buggy address is located 0 bytes to the right of [ 13.897679] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 13.899100] [ 13.899278] The buggy address belongs to the physical page: [ 13.899767] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 13.900605] flags: 0x200000000000000(node=0|zone=2) [ 13.901079] page_type: f5(slab) [ 13.901238] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.902016] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.902512] page dumped because: kasan: bad access detected [ 13.903079] [ 13.903216] Memory state around the buggy address: [ 13.903957] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.904211] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.905045] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.905825] ^ [ 13.905984] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.906190] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.906424] ================================================================== [ 15.128425] ================================================================== [ 15.129050] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 15.129413] Read of size 8 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 15.129751] [ 15.129853] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.129898] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.129911] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.129932] Call Trace: [ 15.129951] <TASK> [ 15.129968] dump_stack_lvl+0x73/0xb0 [ 15.129997] print_report+0xd1/0x650 [ 15.130020] ? __virt_addr_valid+0x1db/0x2d0 [ 15.130044] ? kasan_atomics_helper+0x4f98/0x5450 [ 15.130067] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.130088] ? kasan_atomics_helper+0x4f98/0x5450 [ 15.130111] kasan_report+0x141/0x180 [ 15.130134] ? kasan_atomics_helper+0x4f98/0x5450 [ 15.130160] __asan_report_load8_noabort+0x18/0x20 [ 15.130185] kasan_atomics_helper+0x4f98/0x5450 [ 15.130208] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.130230] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.130256] ? kasan_atomics+0x152/0x310 [ 15.130283] kasan_atomics+0x1dc/0x310 [ 15.130307] ? __pfx_kasan_atomics+0x10/0x10 [ 15.130331] ? __pfx_read_tsc+0x10/0x10 [ 15.130365] ? ktime_get_ts64+0x86/0x230 [ 15.130389] kunit_try_run_case+0x1a5/0x480 [ 15.130414] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.130436] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.130462] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.130485] ? __kthread_parkme+0x82/0x180 [ 15.130506] ? preempt_count_sub+0x50/0x80 [ 15.130531] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.130555] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.130579] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.130602] kthread+0x337/0x6f0 [ 15.130622] ? trace_preempt_on+0x20/0xc0 [ 15.130648] ? __pfx_kthread+0x10/0x10 [ 15.130669] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.130691] ? calculate_sigpending+0x7b/0xa0 [ 15.130717] ? __pfx_kthread+0x10/0x10 [ 15.130751] ret_from_fork+0x116/0x1d0 [ 15.130770] ? __pfx_kthread+0x10/0x10 [ 15.130792] ret_from_fork_asm+0x1a/0x30 [ 15.130823] </TASK> [ 15.130835] [ 15.138060] Allocated by task 284: [ 15.138242] kasan_save_stack+0x45/0x70 [ 15.138443] kasan_save_track+0x18/0x40 [ 15.138616] kasan_save_alloc_info+0x3b/0x50 [ 15.138852] __kasan_kmalloc+0xb7/0xc0 [ 15.139019] __kmalloc_cache_noprof+0x189/0x420 [ 15.139227] kasan_atomics+0x95/0x310 [ 15.139404] kunit_try_run_case+0x1a5/0x480 [ 15.139559] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.139751] kthread+0x337/0x6f0 [ 15.139923] ret_from_fork+0x116/0x1d0 [ 15.140109] ret_from_fork_asm+0x1a/0x30 [ 15.140306] [ 15.140428] The buggy address belongs to the object at ffff888103128480 [ 15.140428] which belongs to the cache kmalloc-64 of size 64 [ 15.140920] The buggy address is located 0 bytes to the right of [ 15.140920] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 15.141424] [ 15.141524] The buggy address belongs to the physical page: [ 15.141807] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 15.142112] flags: 0x200000000000000(node=0|zone=2) [ 15.142325] page_type: f5(slab) [ 15.142482] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.142715] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.142943] page dumped because: kasan: bad access detected [ 15.143116] [ 15.143186] Memory state around the buggy address: [ 15.143361] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.143684] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.144259] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.144572] ^ [ 15.144729] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.145049] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.145292] ================================================================== [ 14.097654] ================================================================== [ 14.098039] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 14.098302] Write of size 4 at addr ffff8881031284b0 by task kunit_try_catch/284 [ 14.098830] [ 14.098983] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.099029] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.099042] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.099074] Call Trace: [ 14.099092] <TASK> [ 14.099119] dump_stack_lvl+0x73/0xb0 [ 14.099147] print_report+0xd1/0x650 [ 14.099171] ? __virt_addr_valid+0x1db/0x2d0 [ 14.099205] ? kasan_atomics_helper+0x697/0x5450 [ 14.099228] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.099251] ? kasan_atomics_helper+0x697/0x5450 [ 14.099273] kasan_report+0x141/0x180 [ 14.099296] ? kasan_atomics_helper+0x697/0x5450 [ 14.099325] kasan_check_range+0x10c/0x1c0 [ 14.099358] __kasan_check_write+0x18/0x20 [ 14.099379] kasan_atomics_helper+0x697/0x5450 [ 14.099402] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.099425] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.099452] ? kasan_atomics+0x152/0x310 [ 14.099479] kasan_atomics+0x1dc/0x310 [ 14.099503] ? __pfx_kasan_atomics+0x10/0x10 [ 14.099536] ? __pfx_read_tsc+0x10/0x10 [ 14.099557] ? ktime_get_ts64+0x86/0x230 [ 14.099636] kunit_try_run_case+0x1a5/0x480 [ 14.099671] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.099693] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.099728] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.099752] ? __kthread_parkme+0x82/0x180 [ 14.099773] ? preempt_count_sub+0x50/0x80 [ 14.099797] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.099821] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.099854] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.099878] kthread+0x337/0x6f0 [ 14.099899] ? trace_preempt_on+0x20/0xc0 [ 14.099934] ? __pfx_kthread+0x10/0x10 [ 14.099955] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.099977] ? calculate_sigpending+0x7b/0xa0 [ 14.100002] ? __pfx_kthread+0x10/0x10 [ 14.100024] ret_from_fork+0x116/0x1d0 [ 14.100043] ? __pfx_kthread+0x10/0x10 [ 14.100064] ret_from_fork_asm+0x1a/0x30 [ 14.100095] </TASK> [ 14.100107] [ 14.108668] Allocated by task 284: [ 14.108940] kasan_save_stack+0x45/0x70 [ 14.109106] kasan_save_track+0x18/0x40 [ 14.109244] kasan_save_alloc_info+0x3b/0x50 [ 14.109402] __kasan_kmalloc+0xb7/0xc0 [ 14.109612] __kmalloc_cache_noprof+0x189/0x420 [ 14.109837] kasan_atomics+0x95/0x310 [ 14.110032] kunit_try_run_case+0x1a5/0x480 [ 14.110236] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.110660] kthread+0x337/0x6f0 [ 14.110907] ret_from_fork+0x116/0x1d0 [ 14.111084] ret_from_fork_asm+0x1a/0x30 [ 14.111224] [ 14.111298] The buggy address belongs to the object at ffff888103128480 [ 14.111298] which belongs to the cache kmalloc-64 of size 64 [ 14.112086] The buggy address is located 0 bytes to the right of [ 14.112086] allocated 48-byte region [ffff888103128480, ffff8881031284b0) [ 14.112797] [ 14.112898] The buggy address belongs to the physical page: [ 14.113134] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103128 [ 14.113484] flags: 0x200000000000000(node=0|zone=2) [ 14.113711] page_type: f5(slab) [ 14.113944] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.114239] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.114533] page dumped because: kasan: bad access detected [ 14.114837] [ 14.114948] Memory state around the buggy address: [ 14.115183] ffff888103128380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.115498] ffff888103128400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.115865] >ffff888103128480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.116083] ^ [ 14.116238] ffff888103128500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.116518] ffff888103128580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.117189] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 13.669465] ================================================================== [ 13.669789] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.670380] Write of size 8 at addr ffff8881027960e8 by task kunit_try_catch/280 [ 13.670701] [ 13.671414] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.671465] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.671485] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.671506] Call Trace: [ 13.671520] <TASK> [ 13.671535] dump_stack_lvl+0x73/0xb0 [ 13.671572] print_report+0xd1/0x650 [ 13.671594] ? __virt_addr_valid+0x1db/0x2d0 [ 13.671619] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.671648] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.671677] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.671704] kasan_report+0x141/0x180 [ 13.671725] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.671758] kasan_check_range+0x10c/0x1c0 [ 13.671782] __kasan_check_write+0x18/0x20 [ 13.671801] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.671827] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.671854] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.671878] ? trace_hardirqs_on+0x37/0xe0 [ 13.671901] ? kasan_bitops_generic+0x92/0x1c0 [ 13.671927] kasan_bitops_generic+0x121/0x1c0 [ 13.671949] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.671974] ? __pfx_read_tsc+0x10/0x10 [ 13.671993] ? ktime_get_ts64+0x86/0x230 [ 13.672016] kunit_try_run_case+0x1a5/0x480 [ 13.672040] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.672061] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.672083] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.672105] ? __kthread_parkme+0x82/0x180 [ 13.672125] ? preempt_count_sub+0x50/0x80 [ 13.672147] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.672170] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.672192] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.672214] kthread+0x337/0x6f0 [ 13.672233] ? trace_preempt_on+0x20/0xc0 [ 13.672255] ? __pfx_kthread+0x10/0x10 [ 13.672275] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.672296] ? calculate_sigpending+0x7b/0xa0 [ 13.672319] ? __pfx_kthread+0x10/0x10 [ 13.672340] ret_from_fork+0x116/0x1d0 [ 13.672370] ? __pfx_kthread+0x10/0x10 [ 13.672390] ret_from_fork_asm+0x1a/0x30 [ 13.672419] </TASK> [ 13.672430] [ 13.689696] Allocated by task 280: [ 13.689923] kasan_save_stack+0x45/0x70 [ 13.690340] kasan_save_track+0x18/0x40 [ 13.690772] kasan_save_alloc_info+0x3b/0x50 [ 13.691101] __kasan_kmalloc+0xb7/0xc0 [ 13.691394] __kmalloc_cache_noprof+0x189/0x420 [ 13.691764] kasan_bitops_generic+0x92/0x1c0 [ 13.692085] kunit_try_run_case+0x1a5/0x480 [ 13.692385] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.692561] kthread+0x337/0x6f0 [ 13.692741] ret_from_fork+0x116/0x1d0 [ 13.693197] ret_from_fork_asm+0x1a/0x30 [ 13.693539] [ 13.693783] The buggy address belongs to the object at ffff8881027960e0 [ 13.693783] which belongs to the cache kmalloc-16 of size 16 [ 13.694482] The buggy address is located 8 bytes inside of [ 13.694482] allocated 9-byte region [ffff8881027960e0, ffff8881027960e9) [ 13.695493] [ 13.695719] The buggy address belongs to the physical page: [ 13.696298] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102796 [ 13.697075] flags: 0x200000000000000(node=0|zone=2) [ 13.697622] page_type: f5(slab) [ 13.697747] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.697976] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.698200] page dumped because: kasan: bad access detected [ 13.698379] [ 13.698447] Memory state around the buggy address: [ 13.698625] ffff888102795f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.698838] ffff888102796000: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.699615] >ffff888102796080: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.700173] ^ [ 13.700535] ffff888102796100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.701283] ffff888102796180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.702016] ================================================================== [ 13.818463] ================================================================== [ 13.818817] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.819386] Read of size 8 at addr ffff8881027960e8 by task kunit_try_catch/280 [ 13.819764] [ 13.819900] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.819943] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.819965] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.819984] Call Trace: [ 13.819996] <TASK> [ 13.820010] dump_stack_lvl+0x73/0xb0 [ 13.820049] print_report+0xd1/0x650 [ 13.820073] ? __virt_addr_valid+0x1db/0x2d0 [ 13.820095] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.820120] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.820151] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.820176] kasan_report+0x141/0x180 [ 13.820197] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.820239] kasan_check_range+0x10c/0x1c0 [ 13.820261] __kasan_check_read+0x15/0x20 [ 13.820279] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.820306] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.820332] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.820366] ? trace_hardirqs_on+0x37/0xe0 [ 13.820388] ? kasan_bitops_generic+0x92/0x1c0 [ 13.820422] kasan_bitops_generic+0x121/0x1c0 [ 13.820445] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.820469] ? __pfx_read_tsc+0x10/0x10 [ 13.820501] ? ktime_get_ts64+0x86/0x230 [ 13.820524] kunit_try_run_case+0x1a5/0x480 [ 13.820547] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.820568] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.820591] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.820612] ? __kthread_parkme+0x82/0x180 [ 13.820633] ? preempt_count_sub+0x50/0x80 [ 13.820656] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.820678] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.820701] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.820724] kthread+0x337/0x6f0 [ 13.820743] ? trace_preempt_on+0x20/0xc0 [ 13.820764] ? __pfx_kthread+0x10/0x10 [ 13.820828] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.820852] ? calculate_sigpending+0x7b/0xa0 [ 13.820888] ? __pfx_kthread+0x10/0x10 [ 13.820910] ret_from_fork+0x116/0x1d0 [ 13.820928] ? __pfx_kthread+0x10/0x10 [ 13.820948] ret_from_fork_asm+0x1a/0x30 [ 13.820986] </TASK> [ 13.820996] [ 13.832467] Allocated by task 280: [ 13.832653] kasan_save_stack+0x45/0x70 [ 13.832833] kasan_save_track+0x18/0x40 [ 13.833008] kasan_save_alloc_info+0x3b/0x50 [ 13.833202] __kasan_kmalloc+0xb7/0xc0 [ 13.833856] __kmalloc_cache_noprof+0x189/0x420 [ 13.834278] kasan_bitops_generic+0x92/0x1c0 [ 13.834926] kunit_try_run_case+0x1a5/0x480 [ 13.835257] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.835851] kthread+0x337/0x6f0 [ 13.836154] ret_from_fork+0x116/0x1d0 [ 13.836641] ret_from_fork_asm+0x1a/0x30 [ 13.836928] [ 13.837030] The buggy address belongs to the object at ffff8881027960e0 [ 13.837030] which belongs to the cache kmalloc-16 of size 16 [ 13.837520] The buggy address is located 8 bytes inside of [ 13.837520] allocated 9-byte region [ffff8881027960e0, ffff8881027960e9) [ 13.837996] [ 13.838088] The buggy address belongs to the physical page: [ 13.838319] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102796 [ 13.839171] flags: 0x200000000000000(node=0|zone=2) [ 13.839549] page_type: f5(slab) [ 13.839990] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.840490] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.841419] page dumped because: kasan: bad access detected [ 13.842101] [ 13.842190] Memory state around the buggy address: [ 13.842425] ffff888102795f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.843125] ffff888102796000: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.843560] >ffff888102796080: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.844041] ^ [ 13.844324] ffff888102796100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.844922] ffff888102796180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.845350] ================================================================== [ 13.646393] ================================================================== [ 13.646791] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.647489] Write of size 8 at addr ffff8881027960e8 by task kunit_try_catch/280 [ 13.647915] [ 13.648024] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.648081] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.648093] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.648113] Call Trace: [ 13.648128] <TASK> [ 13.648163] dump_stack_lvl+0x73/0xb0 [ 13.648191] print_report+0xd1/0x650 [ 13.648212] ? __virt_addr_valid+0x1db/0x2d0 [ 13.648245] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.648271] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.648292] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.648319] kasan_report+0x141/0x180 [ 13.648340] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.648390] kasan_check_range+0x10c/0x1c0 [ 13.648412] __kasan_check_write+0x18/0x20 [ 13.648431] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.648468] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.648495] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.648519] ? trace_hardirqs_on+0x37/0xe0 [ 13.648540] ? kasan_bitops_generic+0x92/0x1c0 [ 13.648575] kasan_bitops_generic+0x121/0x1c0 [ 13.648597] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.648621] ? __pfx_read_tsc+0x10/0x10 [ 13.648692] ? ktime_get_ts64+0x86/0x230 [ 13.648715] kunit_try_run_case+0x1a5/0x480 [ 13.648740] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.648760] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.648783] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.648804] ? __kthread_parkme+0x82/0x180 [ 13.648825] ? preempt_count_sub+0x50/0x80 [ 13.648847] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.648869] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.648891] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.648914] kthread+0x337/0x6f0 [ 13.648932] ? trace_preempt_on+0x20/0xc0 [ 13.648953] ? __pfx_kthread+0x10/0x10 [ 13.648973] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.648993] ? calculate_sigpending+0x7b/0xa0 [ 13.649016] ? __pfx_kthread+0x10/0x10 [ 13.649037] ret_from_fork+0x116/0x1d0 [ 13.649055] ? __pfx_kthread+0x10/0x10 [ 13.649074] ret_from_fork_asm+0x1a/0x30 [ 13.649103] </TASK> [ 13.649114] [ 13.658067] Allocated by task 280: [ 13.658270] kasan_save_stack+0x45/0x70 [ 13.658495] kasan_save_track+0x18/0x40 [ 13.658844] kasan_save_alloc_info+0x3b/0x50 [ 13.659034] __kasan_kmalloc+0xb7/0xc0 [ 13.659252] __kmalloc_cache_noprof+0x189/0x420 [ 13.659480] kasan_bitops_generic+0x92/0x1c0 [ 13.659838] kunit_try_run_case+0x1a5/0x480 [ 13.659990] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.660165] kthread+0x337/0x6f0 [ 13.660312] ret_from_fork+0x116/0x1d0 [ 13.660511] ret_from_fork_asm+0x1a/0x30 [ 13.660732] [ 13.660828] The buggy address belongs to the object at ffff8881027960e0 [ 13.660828] which belongs to the cache kmalloc-16 of size 16 [ 13.661268] The buggy address is located 8 bytes inside of [ 13.661268] allocated 9-byte region [ffff8881027960e0, ffff8881027960e9) [ 13.662112] [ 13.662213] The buggy address belongs to the physical page: [ 13.662660] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102796 [ 13.663319] flags: 0x200000000000000(node=0|zone=2) [ 13.663990] page_type: f5(slab) [ 13.664280] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.664865] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.665274] page dumped because: kasan: bad access detected [ 13.665531] [ 13.665867] Memory state around the buggy address: [ 13.666178] ffff888102795f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.666561] ffff888102796000: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.667078] >ffff888102796080: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.667457] ^ [ 13.667995] ffff888102796100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.668298] ffff888102796180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.668761] ================================================================== [ 13.754614] ================================================================== [ 13.755165] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.755639] Write of size 8 at addr ffff8881027960e8 by task kunit_try_catch/280 [ 13.755995] [ 13.756120] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.756175] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.756187] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.756206] Call Trace: [ 13.756221] <TASK> [ 13.756237] dump_stack_lvl+0x73/0xb0 [ 13.756263] print_report+0xd1/0x650 [ 13.756296] ? __virt_addr_valid+0x1db/0x2d0 [ 13.756318] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.756344] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.756386] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.756412] kasan_report+0x141/0x180 [ 13.756433] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.756464] kasan_check_range+0x10c/0x1c0 [ 13.756486] __kasan_check_write+0x18/0x20 [ 13.756514] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.756541] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.756567] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.756601] ? trace_hardirqs_on+0x37/0xe0 [ 13.756622] ? kasan_bitops_generic+0x92/0x1c0 [ 13.756648] kasan_bitops_generic+0x121/0x1c0 [ 13.756681] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.756705] ? __pfx_read_tsc+0x10/0x10 [ 13.756725] ? ktime_get_ts64+0x86/0x230 [ 13.756792] kunit_try_run_case+0x1a5/0x480 [ 13.756818] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.756840] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.756862] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.756894] ? __kthread_parkme+0x82/0x180 [ 13.756914] ? preempt_count_sub+0x50/0x80 [ 13.756937] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.756972] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.756994] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.757016] kthread+0x337/0x6f0 [ 13.757035] ? trace_preempt_on+0x20/0xc0 [ 13.757065] ? __pfx_kthread+0x10/0x10 [ 13.757085] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.757105] ? calculate_sigpending+0x7b/0xa0 [ 13.757143] ? __pfx_kthread+0x10/0x10 [ 13.757165] ret_from_fork+0x116/0x1d0 [ 13.757184] ? __pfx_kthread+0x10/0x10 [ 13.757212] ret_from_fork_asm+0x1a/0x30 [ 13.757242] </TASK> [ 13.757254] [ 13.766465] Allocated by task 280: [ 13.766604] kasan_save_stack+0x45/0x70 [ 13.766809] kasan_save_track+0x18/0x40 [ 13.767012] kasan_save_alloc_info+0x3b/0x50 [ 13.767251] __kasan_kmalloc+0xb7/0xc0 [ 13.767478] __kmalloc_cache_noprof+0x189/0x420 [ 13.767847] kasan_bitops_generic+0x92/0x1c0 [ 13.768053] kunit_try_run_case+0x1a5/0x480 [ 13.768210] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.768394] kthread+0x337/0x6f0 [ 13.768552] ret_from_fork+0x116/0x1d0 [ 13.768736] ret_from_fork_asm+0x1a/0x30 [ 13.768965] [ 13.769077] The buggy address belongs to the object at ffff8881027960e0 [ 13.769077] which belongs to the cache kmalloc-16 of size 16 [ 13.769556] The buggy address is located 8 bytes inside of [ 13.769556] allocated 9-byte region [ffff8881027960e0, ffff8881027960e9) [ 13.770366] [ 13.770453] The buggy address belongs to the physical page: [ 13.770798] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102796 [ 13.771086] flags: 0x200000000000000(node=0|zone=2) [ 13.771263] page_type: f5(slab) [ 13.771454] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.772111] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.772490] page dumped because: kasan: bad access detected [ 13.772811] [ 13.772896] Memory state around the buggy address: [ 13.773053] ffff888102795f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.773333] ffff888102796000: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.773671] >ffff888102796080: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.773953] ^ [ 13.774150] ffff888102796100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.774716] ffff888102796180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.775040] ================================================================== [ 13.775514] ================================================================== [ 13.776049] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.776443] Write of size 8 at addr ffff8881027960e8 by task kunit_try_catch/280 [ 13.776845] [ 13.776951] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.776994] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.777006] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.777027] Call Trace: [ 13.777041] <TASK> [ 13.777055] dump_stack_lvl+0x73/0xb0 [ 13.777080] print_report+0xd1/0x650 [ 13.777102] ? __virt_addr_valid+0x1db/0x2d0 [ 13.777124] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.777150] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.777171] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.777197] kasan_report+0x141/0x180 [ 13.777231] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.777262] kasan_check_range+0x10c/0x1c0 [ 13.777295] __kasan_check_write+0x18/0x20 [ 13.777314] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.777341] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.777378] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.777402] ? trace_hardirqs_on+0x37/0xe0 [ 13.777423] ? kasan_bitops_generic+0x92/0x1c0 [ 13.777449] kasan_bitops_generic+0x121/0x1c0 [ 13.777471] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.777495] ? __pfx_read_tsc+0x10/0x10 [ 13.777516] ? ktime_get_ts64+0x86/0x230 [ 13.777538] kunit_try_run_case+0x1a5/0x480 [ 13.777561] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.777594] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.777616] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.777637] ? __kthread_parkme+0x82/0x180 [ 13.777657] ? preempt_count_sub+0x50/0x80 [ 13.777680] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.777703] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.777762] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.777787] kthread+0x337/0x6f0 [ 13.777820] ? trace_preempt_on+0x20/0xc0 [ 13.777841] ? __pfx_kthread+0x10/0x10 [ 13.777861] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.777881] ? calculate_sigpending+0x7b/0xa0 [ 13.777904] ? __pfx_kthread+0x10/0x10 [ 13.777924] ret_from_fork+0x116/0x1d0 [ 13.777941] ? __pfx_kthread+0x10/0x10 [ 13.777962] ret_from_fork_asm+0x1a/0x30 [ 13.777991] </TASK> [ 13.778003] [ 13.787108] Allocated by task 280: [ 13.787247] kasan_save_stack+0x45/0x70 [ 13.787479] kasan_save_track+0x18/0x40 [ 13.787678] kasan_save_alloc_info+0x3b/0x50 [ 13.787988] __kasan_kmalloc+0xb7/0xc0 [ 13.788209] __kmalloc_cache_noprof+0x189/0x420 [ 13.788429] kasan_bitops_generic+0x92/0x1c0 [ 13.788626] kunit_try_run_case+0x1a5/0x480 [ 13.789021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.789242] kthread+0x337/0x6f0 [ 13.789420] ret_from_fork+0x116/0x1d0 [ 13.789671] ret_from_fork_asm+0x1a/0x30 [ 13.789899] [ 13.790008] The buggy address belongs to the object at ffff8881027960e0 [ 13.790008] which belongs to the cache kmalloc-16 of size 16 [ 13.790508] The buggy address is located 8 bytes inside of [ 13.790508] allocated 9-byte region [ffff8881027960e0, ffff8881027960e9) [ 13.791015] [ 13.791092] The buggy address belongs to the physical page: [ 13.791264] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102796 [ 13.791631] flags: 0x200000000000000(node=0|zone=2) [ 13.791899] page_type: f5(slab) [ 13.792068] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.792419] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.792734] page dumped because: kasan: bad access detected [ 13.793328] [ 13.793422] Memory state around the buggy address: [ 13.793579] ffff888102795f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.794373] ffff888102796000: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.794622] >ffff888102796080: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.794836] ^ [ 13.795140] ffff888102796100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.795559] ffff888102796180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.796154] ================================================================== [ 13.702679] ================================================================== [ 13.703546] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.704353] Write of size 8 at addr ffff8881027960e8 by task kunit_try_catch/280 [ 13.705086] [ 13.705210] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.705253] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.705266] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.705286] Call Trace: [ 13.705299] <TASK> [ 13.705316] dump_stack_lvl+0x73/0xb0 [ 13.705380] print_report+0xd1/0x650 [ 13.705404] ? __virt_addr_valid+0x1db/0x2d0 [ 13.705427] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.705453] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.705473] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.705500] kasan_report+0x141/0x180 [ 13.705544] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.705596] kasan_check_range+0x10c/0x1c0 [ 13.705630] __kasan_check_write+0x18/0x20 [ 13.705649] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.705675] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.705712] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.705737] ? trace_hardirqs_on+0x37/0xe0 [ 13.705759] ? kasan_bitops_generic+0x92/0x1c0 [ 13.705785] kasan_bitops_generic+0x121/0x1c0 [ 13.705807] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.705831] ? __pfx_read_tsc+0x10/0x10 [ 13.705851] ? ktime_get_ts64+0x86/0x230 [ 13.705875] kunit_try_run_case+0x1a5/0x480 [ 13.705898] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.705919] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.705943] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.705964] ? __kthread_parkme+0x82/0x180 [ 13.705984] ? preempt_count_sub+0x50/0x80 [ 13.706007] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.706029] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.706051] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.706072] kthread+0x337/0x6f0 [ 13.706091] ? trace_preempt_on+0x20/0xc0 [ 13.706113] ? __pfx_kthread+0x10/0x10 [ 13.706133] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.706153] ? calculate_sigpending+0x7b/0xa0 [ 13.706176] ? __pfx_kthread+0x10/0x10 [ 13.706197] ret_from_fork+0x116/0x1d0 [ 13.706215] ? __pfx_kthread+0x10/0x10 [ 13.706235] ret_from_fork_asm+0x1a/0x30 [ 13.706264] </TASK> [ 13.706275] [ 13.720440] Allocated by task 280: [ 13.720813] kasan_save_stack+0x45/0x70 [ 13.721333] kasan_save_track+0x18/0x40 [ 13.721751] kasan_save_alloc_info+0x3b/0x50 [ 13.722292] __kasan_kmalloc+0xb7/0xc0 [ 13.722594] __kmalloc_cache_noprof+0x189/0x420 [ 13.723024] kasan_bitops_generic+0x92/0x1c0 [ 13.723178] kunit_try_run_case+0x1a5/0x480 [ 13.723323] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.723509] kthread+0x337/0x6f0 [ 13.723658] ret_from_fork+0x116/0x1d0 [ 13.723793] ret_from_fork_asm+0x1a/0x30 [ 13.724040] [ 13.724137] The buggy address belongs to the object at ffff8881027960e0 [ 13.724137] which belongs to the cache kmalloc-16 of size 16 [ 13.724596] The buggy address is located 8 bytes inside of [ 13.724596] allocated 9-byte region [ffff8881027960e0, ffff8881027960e9) [ 13.725160] [ 13.725232] The buggy address belongs to the physical page: [ 13.725738] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102796 [ 13.726281] flags: 0x200000000000000(node=0|zone=2) [ 13.726480] page_type: f5(slab) [ 13.726604] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.726981] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.727429] page dumped because: kasan: bad access detected [ 13.727842] [ 13.727927] Memory state around the buggy address: [ 13.728169] ffff888102795f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.728448] ffff888102796000: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.729191] >ffff888102796080: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.730090] ^ [ 13.730528] ffff888102796100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.731078] ffff888102796180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.731652] ================================================================== [ 13.846085] ================================================================== [ 13.846415] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.847470] Read of size 8 at addr ffff8881027960e8 by task kunit_try_catch/280 [ 13.848116] [ 13.848223] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.848375] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.848389] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.848409] Call Trace: [ 13.848425] <TASK> [ 13.848442] dump_stack_lvl+0x73/0xb0 [ 13.848469] print_report+0xd1/0x650 [ 13.848500] ? __virt_addr_valid+0x1db/0x2d0 [ 13.848523] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.848548] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.848619] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.848649] kasan_report+0x141/0x180 [ 13.848672] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.848702] __asan_report_load8_noabort+0x18/0x20 [ 13.848727] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.848755] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.848783] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.848807] ? trace_hardirqs_on+0x37/0xe0 [ 13.848829] ? kasan_bitops_generic+0x92/0x1c0 [ 13.848856] kasan_bitops_generic+0x121/0x1c0 [ 13.848878] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.848901] ? __pfx_read_tsc+0x10/0x10 [ 13.848922] ? ktime_get_ts64+0x86/0x230 [ 13.848945] kunit_try_run_case+0x1a5/0x480 [ 13.848969] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.848991] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.849014] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.849036] ? __kthread_parkme+0x82/0x180 [ 13.849056] ? preempt_count_sub+0x50/0x80 [ 13.849079] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.849101] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.849123] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.849146] kthread+0x337/0x6f0 [ 13.849164] ? trace_preempt_on+0x20/0xc0 [ 13.849185] ? __pfx_kthread+0x10/0x10 [ 13.849206] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.849226] ? calculate_sigpending+0x7b/0xa0 [ 13.849249] ? __pfx_kthread+0x10/0x10 [ 13.849270] ret_from_fork+0x116/0x1d0 [ 13.849286] ? __pfx_kthread+0x10/0x10 [ 13.849306] ret_from_fork_asm+0x1a/0x30 [ 13.849336] </TASK> [ 13.849346] [ 13.858742] Allocated by task 280: [ 13.859008] kasan_save_stack+0x45/0x70 [ 13.859200] kasan_save_track+0x18/0x40 [ 13.859400] kasan_save_alloc_info+0x3b/0x50 [ 13.859586] __kasan_kmalloc+0xb7/0xc0 [ 13.860261] __kmalloc_cache_noprof+0x189/0x420 [ 13.860471] kasan_bitops_generic+0x92/0x1c0 [ 13.860912] kunit_try_run_case+0x1a5/0x480 [ 13.861251] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.861598] kthread+0x337/0x6f0 [ 13.861882] ret_from_fork+0x116/0x1d0 [ 13.862119] ret_from_fork_asm+0x1a/0x30 [ 13.862311] [ 13.862404] The buggy address belongs to the object at ffff8881027960e0 [ 13.862404] which belongs to the cache kmalloc-16 of size 16 [ 13.863094] The buggy address is located 8 bytes inside of [ 13.863094] allocated 9-byte region [ffff8881027960e0, ffff8881027960e9) [ 13.863596] [ 13.863708] The buggy address belongs to the physical page: [ 13.864256] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102796 [ 13.864885] flags: 0x200000000000000(node=0|zone=2) [ 13.865124] page_type: f5(slab) [ 13.865439] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.865852] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.866155] page dumped because: kasan: bad access detected [ 13.866400] [ 13.866472] Memory state around the buggy address: [ 13.866683] ffff888102795f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.867284] ffff888102796000: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.867572] >ffff888102796080: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.868179] ^ [ 13.868425] ffff888102796100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.868985] ffff888102796180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.869461] ================================================================== [ 13.732449] ================================================================== [ 13.733094] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.733536] Write of size 8 at addr ffff8881027960e8 by task kunit_try_catch/280 [ 13.734097] [ 13.734395] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.734443] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.734454] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.734474] Call Trace: [ 13.734490] <TASK> [ 13.734506] dump_stack_lvl+0x73/0xb0 [ 13.734533] print_report+0xd1/0x650 [ 13.734667] ? __virt_addr_valid+0x1db/0x2d0 [ 13.734694] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.734720] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.734742] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.734768] kasan_report+0x141/0x180 [ 13.734790] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.734820] kasan_check_range+0x10c/0x1c0 [ 13.734843] __kasan_check_write+0x18/0x20 [ 13.734861] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.734887] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.734915] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.734939] ? trace_hardirqs_on+0x37/0xe0 [ 13.734961] ? kasan_bitops_generic+0x92/0x1c0 [ 13.734988] kasan_bitops_generic+0x121/0x1c0 [ 13.735011] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.735035] ? __pfx_read_tsc+0x10/0x10 [ 13.735055] ? ktime_get_ts64+0x86/0x230 [ 13.735078] kunit_try_run_case+0x1a5/0x480 [ 13.735102] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.735123] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.735146] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.735168] ? __kthread_parkme+0x82/0x180 [ 13.735187] ? preempt_count_sub+0x50/0x80 [ 13.735211] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.735233] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.735255] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.735277] kthread+0x337/0x6f0 [ 13.735295] ? trace_preempt_on+0x20/0xc0 [ 13.735316] ? __pfx_kthread+0x10/0x10 [ 13.735336] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.735367] ? calculate_sigpending+0x7b/0xa0 [ 13.735389] ? __pfx_kthread+0x10/0x10 [ 13.735409] ret_from_fork+0x116/0x1d0 [ 13.735427] ? __pfx_kthread+0x10/0x10 [ 13.735447] ret_from_fork_asm+0x1a/0x30 [ 13.735476] </TASK> [ 13.735487] [ 13.745395] Allocated by task 280: [ 13.745552] kasan_save_stack+0x45/0x70 [ 13.745807] kasan_save_track+0x18/0x40 [ 13.746041] kasan_save_alloc_info+0x3b/0x50 [ 13.746263] __kasan_kmalloc+0xb7/0xc0 [ 13.746425] __kmalloc_cache_noprof+0x189/0x420 [ 13.746795] kasan_bitops_generic+0x92/0x1c0 [ 13.746990] kunit_try_run_case+0x1a5/0x480 [ 13.747185] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.747387] kthread+0x337/0x6f0 [ 13.747575] ret_from_fork+0x116/0x1d0 [ 13.747766] ret_from_fork_asm+0x1a/0x30 [ 13.748035] [ 13.748189] The buggy address belongs to the object at ffff8881027960e0 [ 13.748189] which belongs to the cache kmalloc-16 of size 16 [ 13.748584] The buggy address is located 8 bytes inside of [ 13.748584] allocated 9-byte region [ffff8881027960e0, ffff8881027960e9) [ 13.749345] [ 13.749468] The buggy address belongs to the physical page: [ 13.749798] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102796 [ 13.750047] flags: 0x200000000000000(node=0|zone=2) [ 13.750246] page_type: f5(slab) [ 13.750449] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.750930] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.751274] page dumped because: kasan: bad access detected [ 13.751458] [ 13.751533] Memory state around the buggy address: [ 13.751762] ffff888102795f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.752233] ffff888102796000: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.752475] >ffff888102796080: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.753096] ^ [ 13.753399] ffff888102796100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.753857] ffff888102796180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.754106] ================================================================== [ 13.796777] ================================================================== [ 13.797293] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.797679] Write of size 8 at addr ffff8881027960e8 by task kunit_try_catch/280 [ 13.798004] [ 13.798110] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.798150] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.798163] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.798182] Call Trace: [ 13.798198] <TASK> [ 13.798214] dump_stack_lvl+0x73/0xb0 [ 13.798324] print_report+0xd1/0x650 [ 13.798349] ? __virt_addr_valid+0x1db/0x2d0 [ 13.798393] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.798419] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.798441] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.798479] kasan_report+0x141/0x180 [ 13.798500] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.798530] kasan_check_range+0x10c/0x1c0 [ 13.798562] __kasan_check_write+0x18/0x20 [ 13.798615] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.798656] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.798683] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.798717] ? trace_hardirqs_on+0x37/0xe0 [ 13.798739] ? kasan_bitops_generic+0x92/0x1c0 [ 13.798767] kasan_bitops_generic+0x121/0x1c0 [ 13.798790] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.798813] ? __pfx_read_tsc+0x10/0x10 [ 13.798833] ? ktime_get_ts64+0x86/0x230 [ 13.798856] kunit_try_run_case+0x1a5/0x480 [ 13.798879] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.798900] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.798923] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.798944] ? __kthread_parkme+0x82/0x180 [ 13.798965] ? preempt_count_sub+0x50/0x80 [ 13.798988] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.799011] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.799033] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.799054] kthread+0x337/0x6f0 [ 13.799073] ? trace_preempt_on+0x20/0xc0 [ 13.799095] ? __pfx_kthread+0x10/0x10 [ 13.799115] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.799135] ? calculate_sigpending+0x7b/0xa0 [ 13.799158] ? __pfx_kthread+0x10/0x10 [ 13.799179] ret_from_fork+0x116/0x1d0 [ 13.799196] ? __pfx_kthread+0x10/0x10 [ 13.799216] ret_from_fork_asm+0x1a/0x30 [ 13.799255] </TASK> [ 13.799266] [ 13.808750] Allocated by task 280: [ 13.808962] kasan_save_stack+0x45/0x70 [ 13.809154] kasan_save_track+0x18/0x40 [ 13.809294] kasan_save_alloc_info+0x3b/0x50 [ 13.809534] __kasan_kmalloc+0xb7/0xc0 [ 13.809722] __kmalloc_cache_noprof+0x189/0x420 [ 13.809972] kasan_bitops_generic+0x92/0x1c0 [ 13.810187] kunit_try_run_case+0x1a5/0x480 [ 13.810396] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.810761] kthread+0x337/0x6f0 [ 13.810927] ret_from_fork+0x116/0x1d0 [ 13.811113] ret_from_fork_asm+0x1a/0x30 [ 13.811306] [ 13.811386] The buggy address belongs to the object at ffff8881027960e0 [ 13.811386] which belongs to the cache kmalloc-16 of size 16 [ 13.811739] The buggy address is located 8 bytes inside of [ 13.811739] allocated 9-byte region [ffff8881027960e0, ffff8881027960e9) [ 13.812576] [ 13.812668] The buggy address belongs to the physical page: [ 13.812841] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102796 [ 13.813081] flags: 0x200000000000000(node=0|zone=2) [ 13.813244] page_type: f5(slab) [ 13.813768] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.814253] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.814773] page dumped because: kasan: bad access detected [ 13.815096] [ 13.815195] Memory state around the buggy address: [ 13.815437] ffff888102795f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.815853] ffff888102796000: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.816079] >ffff888102796080: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.816403] ^ [ 13.816816] ffff888102796100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.817300] ffff888102796180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.817829] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 13.515062] ================================================================== [ 13.515400] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.516005] Write of size 8 at addr ffff8881027960e8 by task kunit_try_catch/280 [ 13.516347] [ 13.516501] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.516546] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.516557] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.516589] Call Trace: [ 13.516607] <TASK> [ 13.516625] dump_stack_lvl+0x73/0xb0 [ 13.516655] print_report+0xd1/0x650 [ 13.516677] ? __virt_addr_valid+0x1db/0x2d0 [ 13.516700] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.516725] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.516746] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.516770] kasan_report+0x141/0x180 [ 13.516791] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.516888] kasan_check_range+0x10c/0x1c0 [ 13.516912] __kasan_check_write+0x18/0x20 [ 13.516942] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.516968] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.516993] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.517018] ? trace_hardirqs_on+0x37/0xe0 [ 13.517040] ? kasan_bitops_generic+0x92/0x1c0 [ 13.517065] kasan_bitops_generic+0x116/0x1c0 [ 13.517088] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.517112] ? __pfx_read_tsc+0x10/0x10 [ 13.517162] ? ktime_get_ts64+0x86/0x230 [ 13.517186] kunit_try_run_case+0x1a5/0x480 [ 13.517237] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.517259] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.517282] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.517303] ? __kthread_parkme+0x82/0x180 [ 13.517323] ? preempt_count_sub+0x50/0x80 [ 13.517346] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.517378] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.517400] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.517427] kthread+0x337/0x6f0 [ 13.517446] ? trace_preempt_on+0x20/0xc0 [ 13.517467] ? __pfx_kthread+0x10/0x10 [ 13.517487] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.517507] ? calculate_sigpending+0x7b/0xa0 [ 13.517530] ? __pfx_kthread+0x10/0x10 [ 13.517551] ret_from_fork+0x116/0x1d0 [ 13.517609] ? __pfx_kthread+0x10/0x10 [ 13.517631] ret_from_fork_asm+0x1a/0x30 [ 13.517661] </TASK> [ 13.517672] [ 13.528231] Allocated by task 280: [ 13.528469] kasan_save_stack+0x45/0x70 [ 13.528934] kasan_save_track+0x18/0x40 [ 13.529199] kasan_save_alloc_info+0x3b/0x50 [ 13.529442] __kasan_kmalloc+0xb7/0xc0 [ 13.529574] __kmalloc_cache_noprof+0x189/0x420 [ 13.529728] kasan_bitops_generic+0x92/0x1c0 [ 13.530156] kunit_try_run_case+0x1a5/0x480 [ 13.530626] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.530939] kthread+0x337/0x6f0 [ 13.531087] ret_from_fork+0x116/0x1d0 [ 13.531244] ret_from_fork_asm+0x1a/0x30 [ 13.531396] [ 13.531490] The buggy address belongs to the object at ffff8881027960e0 [ 13.531490] which belongs to the cache kmalloc-16 of size 16 [ 13.532374] The buggy address is located 8 bytes inside of [ 13.532374] allocated 9-byte region [ffff8881027960e0, ffff8881027960e9) [ 13.533001] [ 13.533352] The buggy address belongs to the physical page: [ 13.533762] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102796 [ 13.534216] flags: 0x200000000000000(node=0|zone=2) [ 13.534420] page_type: f5(slab) [ 13.534651] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.535054] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.535427] page dumped because: kasan: bad access detected [ 13.535816] [ 13.535965] Memory state around the buggy address: [ 13.536258] ffff888102795f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.536591] ffff888102796000: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.537272] >ffff888102796080: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.537714] ^ [ 13.538012] ffff888102796100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.538347] ffff888102796180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.538751] ================================================================== [ 13.492177] ================================================================== [ 13.492556] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.493082] Write of size 8 at addr ffff8881027960e8 by task kunit_try_catch/280 [ 13.493458] [ 13.493612] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.493765] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.493777] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.493809] Call Trace: [ 13.493821] <TASK> [ 13.493839] dump_stack_lvl+0x73/0xb0 [ 13.493869] print_report+0xd1/0x650 [ 13.493892] ? __virt_addr_valid+0x1db/0x2d0 [ 13.493916] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.493940] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.493962] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.493986] kasan_report+0x141/0x180 [ 13.494009] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.494069] kasan_check_range+0x10c/0x1c0 [ 13.494094] __kasan_check_write+0x18/0x20 [ 13.494129] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.494166] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.494191] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.494215] ? trace_hardirqs_on+0x37/0xe0 [ 13.494238] ? kasan_bitops_generic+0x92/0x1c0 [ 13.494265] kasan_bitops_generic+0x116/0x1c0 [ 13.494289] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.494313] ? __pfx_read_tsc+0x10/0x10 [ 13.494334] ? ktime_get_ts64+0x86/0x230 [ 13.494369] kunit_try_run_case+0x1a5/0x480 [ 13.494394] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.494416] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.494439] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.494461] ? __kthread_parkme+0x82/0x180 [ 13.494481] ? preempt_count_sub+0x50/0x80 [ 13.494506] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.494528] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.494550] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.494618] kthread+0x337/0x6f0 [ 13.494640] ? trace_preempt_on+0x20/0xc0 [ 13.494661] ? __pfx_kthread+0x10/0x10 [ 13.494681] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.494701] ? calculate_sigpending+0x7b/0xa0 [ 13.494725] ? __pfx_kthread+0x10/0x10 [ 13.494746] ret_from_fork+0x116/0x1d0 [ 13.494764] ? __pfx_kthread+0x10/0x10 [ 13.494783] ret_from_fork_asm+0x1a/0x30 [ 13.494814] </TASK> [ 13.494824] [ 13.504797] Allocated by task 280: [ 13.505054] kasan_save_stack+0x45/0x70 [ 13.505257] kasan_save_track+0x18/0x40 [ 13.505472] kasan_save_alloc_info+0x3b/0x50 [ 13.505779] __kasan_kmalloc+0xb7/0xc0 [ 13.505988] __kmalloc_cache_noprof+0x189/0x420 [ 13.506417] kasan_bitops_generic+0x92/0x1c0 [ 13.506707] kunit_try_run_case+0x1a5/0x480 [ 13.506948] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.507227] kthread+0x337/0x6f0 [ 13.507454] ret_from_fork+0x116/0x1d0 [ 13.507643] ret_from_fork_asm+0x1a/0x30 [ 13.507844] [ 13.508211] The buggy address belongs to the object at ffff8881027960e0 [ 13.508211] which belongs to the cache kmalloc-16 of size 16 [ 13.508759] The buggy address is located 8 bytes inside of [ 13.508759] allocated 9-byte region [ffff8881027960e0, ffff8881027960e9) [ 13.509334] [ 13.509476] The buggy address belongs to the physical page: [ 13.509788] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102796 [ 13.510197] flags: 0x200000000000000(node=0|zone=2) [ 13.510457] page_type: f5(slab) [ 13.510715] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.511131] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.511412] page dumped because: kasan: bad access detected [ 13.511613] [ 13.511784] Memory state around the buggy address: [ 13.512013] ffff888102795f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.512327] ffff888102796000: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.512843] >ffff888102796080: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.513384] ^ [ 13.513688] ffff888102796100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.514045] ffff888102796180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.514406] ================================================================== [ 13.467271] ================================================================== [ 13.467976] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.468341] Write of size 8 at addr ffff8881027960e8 by task kunit_try_catch/280 [ 13.468613] [ 13.468841] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.468890] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.468902] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.468924] Call Trace: [ 13.468936] <TASK> [ 13.468954] dump_stack_lvl+0x73/0xb0 [ 13.468984] print_report+0xd1/0x650 [ 13.469036] ? __virt_addr_valid+0x1db/0x2d0 [ 13.469058] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.469083] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.469121] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.469145] kasan_report+0x141/0x180 [ 13.469166] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.469195] kasan_check_range+0x10c/0x1c0 [ 13.469218] __kasan_check_write+0x18/0x20 [ 13.469236] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.469261] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.469286] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.469310] ? trace_hardirqs_on+0x37/0xe0 [ 13.469334] ? kasan_bitops_generic+0x92/0x1c0 [ 13.469372] kasan_bitops_generic+0x116/0x1c0 [ 13.469395] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.469418] ? __pfx_read_tsc+0x10/0x10 [ 13.469440] ? ktime_get_ts64+0x86/0x230 [ 13.469482] kunit_try_run_case+0x1a5/0x480 [ 13.469508] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.469529] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.469552] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.469573] ? __kthread_parkme+0x82/0x180 [ 13.469594] ? preempt_count_sub+0x50/0x80 [ 13.469617] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.469656] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.469677] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.469740] kthread+0x337/0x6f0 [ 13.469760] ? trace_preempt_on+0x20/0xc0 [ 13.469781] ? __pfx_kthread+0x10/0x10 [ 13.469801] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.469821] ? calculate_sigpending+0x7b/0xa0 [ 13.469843] ? __pfx_kthread+0x10/0x10 [ 13.469863] ret_from_fork+0x116/0x1d0 [ 13.469880] ? __pfx_kthread+0x10/0x10 [ 13.469901] ret_from_fork_asm+0x1a/0x30 [ 13.469930] </TASK> [ 13.469942] [ 13.480895] Allocated by task 280: [ 13.481189] kasan_save_stack+0x45/0x70 [ 13.481468] kasan_save_track+0x18/0x40 [ 13.481684] kasan_save_alloc_info+0x3b/0x50 [ 13.481975] __kasan_kmalloc+0xb7/0xc0 [ 13.482205] __kmalloc_cache_noprof+0x189/0x420 [ 13.482418] kasan_bitops_generic+0x92/0x1c0 [ 13.482885] kunit_try_run_case+0x1a5/0x480 [ 13.483161] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.483479] kthread+0x337/0x6f0 [ 13.483689] ret_from_fork+0x116/0x1d0 [ 13.483923] ret_from_fork_asm+0x1a/0x30 [ 13.484131] [ 13.484256] The buggy address belongs to the object at ffff8881027960e0 [ 13.484256] which belongs to the cache kmalloc-16 of size 16 [ 13.484909] The buggy address is located 8 bytes inside of [ 13.484909] allocated 9-byte region [ffff8881027960e0, ffff8881027960e9) [ 13.485464] [ 13.485574] The buggy address belongs to the physical page: [ 13.485963] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102796 [ 13.486339] flags: 0x200000000000000(node=0|zone=2) [ 13.486591] page_type: f5(slab) [ 13.486877] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.487432] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.487694] page dumped because: kasan: bad access detected [ 13.488084] [ 13.488267] Memory state around the buggy address: [ 13.488750] ffff888102795f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.489117] ffff888102796000: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.489446] >ffff888102796080: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.489888] ^ [ 13.490190] ffff888102796100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.490522] ffff888102796180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.491025] ================================================================== [ 13.604791] ================================================================== [ 13.605725] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.606059] Write of size 8 at addr ffff8881027960e8 by task kunit_try_catch/280 [ 13.606381] [ 13.606491] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.606545] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.606556] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.606576] Call Trace: [ 13.606637] <TASK> [ 13.606654] dump_stack_lvl+0x73/0xb0 [ 13.606683] print_report+0xd1/0x650 [ 13.606716] ? __virt_addr_valid+0x1db/0x2d0 [ 13.606738] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.606763] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.606795] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.606823] kasan_report+0x141/0x180 [ 13.606845] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.606874] kasan_check_range+0x10c/0x1c0 [ 13.606905] __kasan_check_write+0x18/0x20 [ 13.606925] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.606949] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.606985] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.607010] ? trace_hardirqs_on+0x37/0xe0 [ 13.607030] ? kasan_bitops_generic+0x92/0x1c0 [ 13.607057] kasan_bitops_generic+0x116/0x1c0 [ 13.607079] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.607112] ? __pfx_read_tsc+0x10/0x10 [ 13.607132] ? ktime_get_ts64+0x86/0x230 [ 13.607155] kunit_try_run_case+0x1a5/0x480 [ 13.607188] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.607210] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.607232] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.607253] ? __kthread_parkme+0x82/0x180 [ 13.607274] ? preempt_count_sub+0x50/0x80 [ 13.607296] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.607319] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.607341] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.607380] kthread+0x337/0x6f0 [ 13.607398] ? trace_preempt_on+0x20/0xc0 [ 13.607419] ? __pfx_kthread+0x10/0x10 [ 13.607449] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.607469] ? calculate_sigpending+0x7b/0xa0 [ 13.607491] ? __pfx_kthread+0x10/0x10 [ 13.607512] ret_from_fork+0x116/0x1d0 [ 13.607530] ? __pfx_kthread+0x10/0x10 [ 13.607549] ret_from_fork_asm+0x1a/0x30 [ 13.607613] </TASK> [ 13.607624] [ 13.616562] Allocated by task 280: [ 13.616777] kasan_save_stack+0x45/0x70 [ 13.616979] kasan_save_track+0x18/0x40 [ 13.617341] kasan_save_alloc_info+0x3b/0x50 [ 13.617518] __kasan_kmalloc+0xb7/0xc0 [ 13.617654] __kmalloc_cache_noprof+0x189/0x420 [ 13.617809] kasan_bitops_generic+0x92/0x1c0 [ 13.617982] kunit_try_run_case+0x1a5/0x480 [ 13.618184] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.618517] kthread+0x337/0x6f0 [ 13.618715] ret_from_fork+0x116/0x1d0 [ 13.618955] ret_from_fork_asm+0x1a/0x30 [ 13.619099] [ 13.619170] The buggy address belongs to the object at ffff8881027960e0 [ 13.619170] which belongs to the cache kmalloc-16 of size 16 [ 13.619793] The buggy address is located 8 bytes inside of [ 13.619793] allocated 9-byte region [ffff8881027960e0, ffff8881027960e9) [ 13.620348] [ 13.620437] The buggy address belongs to the physical page: [ 13.620807] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102796 [ 13.621155] flags: 0x200000000000000(node=0|zone=2) [ 13.621386] page_type: f5(slab) [ 13.621549] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.622103] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.622403] page dumped because: kasan: bad access detected [ 13.622575] [ 13.622646] Memory state around the buggy address: [ 13.622833] ffff888102795f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.623232] ffff888102796000: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.623721] >ffff888102796080: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.624198] ^ [ 13.624411] ffff888102796100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.624964] ffff888102796180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.625284] ================================================================== [ 13.562506] ================================================================== [ 13.562744] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.563286] Write of size 8 at addr ffff8881027960e8 by task kunit_try_catch/280 [ 13.563786] [ 13.563927] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.564009] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.564021] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.564064] Call Trace: [ 13.564083] <TASK> [ 13.564101] dump_stack_lvl+0x73/0xb0 [ 13.564131] print_report+0xd1/0x650 [ 13.564155] ? __virt_addr_valid+0x1db/0x2d0 [ 13.564178] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.564204] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.564226] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.564250] kasan_report+0x141/0x180 [ 13.564272] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.564301] kasan_check_range+0x10c/0x1c0 [ 13.564324] __kasan_check_write+0x18/0x20 [ 13.564342] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.564409] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.564435] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.564471] ? trace_hardirqs_on+0x37/0xe0 [ 13.564494] ? kasan_bitops_generic+0x92/0x1c0 [ 13.564519] kasan_bitops_generic+0x116/0x1c0 [ 13.564542] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.564615] ? __pfx_read_tsc+0x10/0x10 [ 13.564639] ? ktime_get_ts64+0x86/0x230 [ 13.564663] kunit_try_run_case+0x1a5/0x480 [ 13.564687] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.564709] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.564732] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.564755] ? __kthread_parkme+0x82/0x180 [ 13.564775] ? preempt_count_sub+0x50/0x80 [ 13.564799] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.564822] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.564844] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.564866] kthread+0x337/0x6f0 [ 13.564884] ? trace_preempt_on+0x20/0xc0 [ 13.564905] ? __pfx_kthread+0x10/0x10 [ 13.564925] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.564946] ? calculate_sigpending+0x7b/0xa0 [ 13.564969] ? __pfx_kthread+0x10/0x10 [ 13.564990] ret_from_fork+0x116/0x1d0 [ 13.565007] ? __pfx_kthread+0x10/0x10 [ 13.565028] ret_from_fork_asm+0x1a/0x30 [ 13.565058] </TASK> [ 13.565069] [ 13.574425] Allocated by task 280: [ 13.574571] kasan_save_stack+0x45/0x70 [ 13.574815] kasan_save_track+0x18/0x40 [ 13.575047] kasan_save_alloc_info+0x3b/0x50 [ 13.575286] __kasan_kmalloc+0xb7/0xc0 [ 13.575495] __kmalloc_cache_noprof+0x189/0x420 [ 13.575746] kasan_bitops_generic+0x92/0x1c0 [ 13.575900] kunit_try_run_case+0x1a5/0x480 [ 13.576188] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.576474] kthread+0x337/0x6f0 [ 13.576665] ret_from_fork+0x116/0x1d0 [ 13.576973] ret_from_fork_asm+0x1a/0x30 [ 13.577124] [ 13.577234] The buggy address belongs to the object at ffff8881027960e0 [ 13.577234] which belongs to the cache kmalloc-16 of size 16 [ 13.577759] The buggy address is located 8 bytes inside of [ 13.577759] allocated 9-byte region [ffff8881027960e0, ffff8881027960e9) [ 13.578625] [ 13.578748] The buggy address belongs to the physical page: [ 13.578998] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102796 [ 13.579343] flags: 0x200000000000000(node=0|zone=2) [ 13.579653] page_type: f5(slab) [ 13.579849] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.580133] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.580484] page dumped because: kasan: bad access detected [ 13.580833] [ 13.580930] Memory state around the buggy address: [ 13.581115] ffff888102795f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.581332] ffff888102796000: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.581575] >ffff888102796080: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.582123] ^ [ 13.582555] ffff888102796100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.583090] ffff888102796180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.583439] ================================================================== [ 13.583821] ================================================================== [ 13.584087] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.584502] Write of size 8 at addr ffff8881027960e8 by task kunit_try_catch/280 [ 13.584885] [ 13.585060] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.585126] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.585138] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.585159] Call Trace: [ 13.585185] <TASK> [ 13.585202] dump_stack_lvl+0x73/0xb0 [ 13.585229] print_report+0xd1/0x650 [ 13.585251] ? __virt_addr_valid+0x1db/0x2d0 [ 13.585283] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.585307] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.585329] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.585373] kasan_report+0x141/0x180 [ 13.585393] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.585422] kasan_check_range+0x10c/0x1c0 [ 13.585446] __kasan_check_write+0x18/0x20 [ 13.585465] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.585491] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.585516] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.585541] ? trace_hardirqs_on+0x37/0xe0 [ 13.585564] ? kasan_bitops_generic+0x92/0x1c0 [ 13.585625] kasan_bitops_generic+0x116/0x1c0 [ 13.585650] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.585674] ? __pfx_read_tsc+0x10/0x10 [ 13.585695] ? ktime_get_ts64+0x86/0x230 [ 13.585718] kunit_try_run_case+0x1a5/0x480 [ 13.585742] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.585763] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.585786] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.585808] ? __kthread_parkme+0x82/0x180 [ 13.585828] ? preempt_count_sub+0x50/0x80 [ 13.585851] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.585873] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.585895] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.585917] kthread+0x337/0x6f0 [ 13.585936] ? trace_preempt_on+0x20/0xc0 [ 13.585957] ? __pfx_kthread+0x10/0x10 [ 13.585987] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.586007] ? calculate_sigpending+0x7b/0xa0 [ 13.586030] ? __pfx_kthread+0x10/0x10 [ 13.586061] ret_from_fork+0x116/0x1d0 [ 13.586079] ? __pfx_kthread+0x10/0x10 [ 13.586099] ret_from_fork_asm+0x1a/0x30 [ 13.586136] </TASK> [ 13.586147] [ 13.595226] Allocated by task 280: [ 13.595370] kasan_save_stack+0x45/0x70 [ 13.595576] kasan_save_track+0x18/0x40 [ 13.596032] kasan_save_alloc_info+0x3b/0x50 [ 13.596283] __kasan_kmalloc+0xb7/0xc0 [ 13.596503] __kmalloc_cache_noprof+0x189/0x420 [ 13.596947] kasan_bitops_generic+0x92/0x1c0 [ 13.597102] kunit_try_run_case+0x1a5/0x480 [ 13.597262] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.597522] kthread+0x337/0x6f0 [ 13.597895] ret_from_fork+0x116/0x1d0 [ 13.598101] ret_from_fork_asm+0x1a/0x30 [ 13.598257] [ 13.598327] The buggy address belongs to the object at ffff8881027960e0 [ 13.598327] which belongs to the cache kmalloc-16 of size 16 [ 13.598990] The buggy address is located 8 bytes inside of [ 13.598990] allocated 9-byte region [ffff8881027960e0, ffff8881027960e9) [ 13.599628] [ 13.599710] The buggy address belongs to the physical page: [ 13.599883] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102796 [ 13.600317] flags: 0x200000000000000(node=0|zone=2) [ 13.600733] page_type: f5(slab) [ 13.600915] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.601213] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.601538] page dumped because: kasan: bad access detected [ 13.601901] [ 13.601974] Memory state around the buggy address: [ 13.602130] ffff888102795f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.602386] ffff888102796000: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.602901] >ffff888102796080: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.603250] ^ [ 13.603625] ffff888102796100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.603964] ffff888102796180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.604220] ================================================================== [ 13.625827] ================================================================== [ 13.626251] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.626652] Write of size 8 at addr ffff8881027960e8 by task kunit_try_catch/280 [ 13.626877] [ 13.626982] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.627087] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.627101] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.627133] Call Trace: [ 13.627148] <TASK> [ 13.627164] dump_stack_lvl+0x73/0xb0 [ 13.627190] print_report+0xd1/0x650 [ 13.627212] ? __virt_addr_valid+0x1db/0x2d0 [ 13.627234] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.627259] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.627279] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.627316] kasan_report+0x141/0x180 [ 13.627338] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.627383] kasan_check_range+0x10c/0x1c0 [ 13.627406] __kasan_check_write+0x18/0x20 [ 13.627424] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.627460] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.627485] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.627508] ? trace_hardirqs_on+0x37/0xe0 [ 13.627540] ? kasan_bitops_generic+0x92/0x1c0 [ 13.627567] kasan_bitops_generic+0x116/0x1c0 [ 13.627589] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.627612] ? __pfx_read_tsc+0x10/0x10 [ 13.627632] ? ktime_get_ts64+0x86/0x230 [ 13.627655] kunit_try_run_case+0x1a5/0x480 [ 13.627682] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.627703] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.627726] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.627748] ? __kthread_parkme+0x82/0x180 [ 13.627767] ? preempt_count_sub+0x50/0x80 [ 13.627799] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.627822] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.627844] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.627911] kthread+0x337/0x6f0 [ 13.627941] ? trace_preempt_on+0x20/0xc0 [ 13.627962] ? __pfx_kthread+0x10/0x10 [ 13.627982] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.628003] ? calculate_sigpending+0x7b/0xa0 [ 13.628027] ? __pfx_kthread+0x10/0x10 [ 13.628047] ret_from_fork+0x116/0x1d0 [ 13.628064] ? __pfx_kthread+0x10/0x10 [ 13.628097] ret_from_fork_asm+0x1a/0x30 [ 13.628127] </TASK> [ 13.628140] [ 13.637046] Allocated by task 280: [ 13.637230] kasan_save_stack+0x45/0x70 [ 13.637646] kasan_save_track+0x18/0x40 [ 13.637877] kasan_save_alloc_info+0x3b/0x50 [ 13.638032] __kasan_kmalloc+0xb7/0xc0 [ 13.638192] __kmalloc_cache_noprof+0x189/0x420 [ 13.638442] kasan_bitops_generic+0x92/0x1c0 [ 13.638716] kunit_try_run_case+0x1a5/0x480 [ 13.639075] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.639248] kthread+0x337/0x6f0 [ 13.639377] ret_from_fork+0x116/0x1d0 [ 13.639506] ret_from_fork_asm+0x1a/0x30 [ 13.639775] [ 13.639905] The buggy address belongs to the object at ffff8881027960e0 [ 13.639905] which belongs to the cache kmalloc-16 of size 16 [ 13.640441] The buggy address is located 8 bytes inside of [ 13.640441] allocated 9-byte region [ffff8881027960e0, ffff8881027960e9) [ 13.640973] [ 13.641049] The buggy address belongs to the physical page: [ 13.641220] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102796 [ 13.641549] flags: 0x200000000000000(node=0|zone=2) [ 13.642035] page_type: f5(slab) [ 13.642233] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.642680] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.643057] page dumped because: kasan: bad access detected [ 13.643236] [ 13.643316] Memory state around the buggy address: [ 13.643549] ffff888102795f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.644161] ffff888102796000: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.644412] >ffff888102796080: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.644821] ^ [ 13.645212] ffff888102796100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.645555] ffff888102796180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.645899] ================================================================== [ 13.539387] ================================================================== [ 13.539723] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.540391] Write of size 8 at addr ffff8881027960e8 by task kunit_try_catch/280 [ 13.540870] [ 13.541079] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.541125] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.541136] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.541177] Call Trace: [ 13.541195] <TASK> [ 13.541214] dump_stack_lvl+0x73/0xb0 [ 13.541255] print_report+0xd1/0x650 [ 13.541278] ? __virt_addr_valid+0x1db/0x2d0 [ 13.541301] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.541325] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.541346] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.541382] kasan_report+0x141/0x180 [ 13.541402] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.541432] kasan_check_range+0x10c/0x1c0 [ 13.541454] __kasan_check_write+0x18/0x20 [ 13.541472] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.541496] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.541522] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.541546] ? trace_hardirqs_on+0x37/0xe0 [ 13.541569] ? kasan_bitops_generic+0x92/0x1c0 [ 13.541595] kasan_bitops_generic+0x116/0x1c0 [ 13.541618] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.541666] ? __pfx_read_tsc+0x10/0x10 [ 13.541688] ? ktime_get_ts64+0x86/0x230 [ 13.541712] kunit_try_run_case+0x1a5/0x480 [ 13.541746] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.541768] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.541791] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.541814] ? __kthread_parkme+0x82/0x180 [ 13.541835] ? preempt_count_sub+0x50/0x80 [ 13.541858] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.541880] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.541903] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.541925] kthread+0x337/0x6f0 [ 13.541944] ? trace_preempt_on+0x20/0xc0 [ 13.541965] ? __pfx_kthread+0x10/0x10 [ 13.541984] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.542004] ? calculate_sigpending+0x7b/0xa0 [ 13.542028] ? __pfx_kthread+0x10/0x10 [ 13.542048] ret_from_fork+0x116/0x1d0 [ 13.542066] ? __pfx_kthread+0x10/0x10 [ 13.542086] ret_from_fork_asm+0x1a/0x30 [ 13.542116] </TASK> [ 13.542126] [ 13.551986] Allocated by task 280: [ 13.552254] kasan_save_stack+0x45/0x70 [ 13.552584] kasan_save_track+0x18/0x40 [ 13.552916] kasan_save_alloc_info+0x3b/0x50 [ 13.553159] __kasan_kmalloc+0xb7/0xc0 [ 13.553322] __kmalloc_cache_noprof+0x189/0x420 [ 13.553486] kasan_bitops_generic+0x92/0x1c0 [ 13.553673] kunit_try_run_case+0x1a5/0x480 [ 13.553888] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.554149] kthread+0x337/0x6f0 [ 13.554391] ret_from_fork+0x116/0x1d0 [ 13.554599] ret_from_fork_asm+0x1a/0x30 [ 13.554961] [ 13.555094] The buggy address belongs to the object at ffff8881027960e0 [ 13.555094] which belongs to the cache kmalloc-16 of size 16 [ 13.555526] The buggy address is located 8 bytes inside of [ 13.555526] allocated 9-byte region [ffff8881027960e0, ffff8881027960e9) [ 13.556315] [ 13.556729] The buggy address belongs to the physical page: [ 13.557001] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102796 [ 13.557382] flags: 0x200000000000000(node=0|zone=2) [ 13.557722] page_type: f5(slab) [ 13.557950] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.558305] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.558674] page dumped because: kasan: bad access detected [ 13.559055] [ 13.559132] Memory state around the buggy address: [ 13.559412] ffff888102795f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.559844] ffff888102796000: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.560054] >ffff888102796080: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.560431] ^ [ 13.561154] ffff888102796100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.561494] ffff888102796180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.562015] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 13.440813] ================================================================== [ 13.441395] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 13.441984] Read of size 1 at addr ffff888103988590 by task kunit_try_catch/278 [ 13.442640] [ 13.442862] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.442908] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.442920] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.442941] Call Trace: [ 13.442957] <TASK> [ 13.442975] dump_stack_lvl+0x73/0xb0 [ 13.443002] print_report+0xd1/0x650 [ 13.443026] ? __virt_addr_valid+0x1db/0x2d0 [ 13.443068] ? strnlen+0x73/0x80 [ 13.443086] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.443107] ? strnlen+0x73/0x80 [ 13.443124] kasan_report+0x141/0x180 [ 13.443145] ? strnlen+0x73/0x80 [ 13.443166] __asan_report_load1_noabort+0x18/0x20 [ 13.443190] strnlen+0x73/0x80 [ 13.443207] kasan_strings+0x615/0xe80 [ 13.443227] ? trace_hardirqs_on+0x37/0xe0 [ 13.443249] ? __pfx_kasan_strings+0x10/0x10 [ 13.443268] ? finish_task_switch.isra.0+0x153/0x700 [ 13.443289] ? __switch_to+0x47/0xf50 [ 13.443314] ? __schedule+0x10cc/0x2b60 [ 13.443335] ? __pfx_read_tsc+0x10/0x10 [ 13.443367] ? ktime_get_ts64+0x86/0x230 [ 13.443390] kunit_try_run_case+0x1a5/0x480 [ 13.443413] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.443434] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.443458] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.443479] ? __kthread_parkme+0x82/0x180 [ 13.443500] ? preempt_count_sub+0x50/0x80 [ 13.443521] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.443545] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.443567] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.443590] kthread+0x337/0x6f0 [ 13.443610] ? trace_preempt_on+0x20/0xc0 [ 13.443633] ? __pfx_kthread+0x10/0x10 [ 13.443653] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.443677] ? calculate_sigpending+0x7b/0xa0 [ 13.443701] ? __pfx_kthread+0x10/0x10 [ 13.443721] ret_from_fork+0x116/0x1d0 [ 13.443759] ? __pfx_kthread+0x10/0x10 [ 13.443781] ret_from_fork_asm+0x1a/0x30 [ 13.443810] </TASK> [ 13.443820] [ 13.452724] Allocated by task 278: [ 13.452933] kasan_save_stack+0x45/0x70 [ 13.453154] kasan_save_track+0x18/0x40 [ 13.453328] kasan_save_alloc_info+0x3b/0x50 [ 13.453488] __kasan_kmalloc+0xb7/0xc0 [ 13.453656] __kmalloc_cache_noprof+0x189/0x420 [ 13.454056] kasan_strings+0xc0/0xe80 [ 13.454244] kunit_try_run_case+0x1a5/0x480 [ 13.454458] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.454675] kthread+0x337/0x6f0 [ 13.454954] ret_from_fork+0x116/0x1d0 [ 13.455148] ret_from_fork_asm+0x1a/0x30 [ 13.455351] [ 13.455458] Freed by task 278: [ 13.455621] kasan_save_stack+0x45/0x70 [ 13.455851] kasan_save_track+0x18/0x40 [ 13.456062] kasan_save_free_info+0x3f/0x60 [ 13.456267] __kasan_slab_free+0x56/0x70 [ 13.456419] kfree+0x222/0x3f0 [ 13.456544] kasan_strings+0x2aa/0xe80 [ 13.456749] kunit_try_run_case+0x1a5/0x480 [ 13.456955] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.457221] kthread+0x337/0x6f0 [ 13.457408] ret_from_fork+0x116/0x1d0 [ 13.457543] ret_from_fork_asm+0x1a/0x30 [ 13.457756] [ 13.457905] The buggy address belongs to the object at ffff888103988580 [ 13.457905] which belongs to the cache kmalloc-32 of size 32 [ 13.458474] The buggy address is located 16 bytes inside of [ 13.458474] freed 32-byte region [ffff888103988580, ffff8881039885a0) [ 13.458989] [ 13.459063] The buggy address belongs to the physical page: [ 13.459236] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103988 [ 13.459603] flags: 0x200000000000000(node=0|zone=2) [ 13.459984] page_type: f5(slab) [ 13.460167] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.460426] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.460654] page dumped because: kasan: bad access detected [ 13.460879] [ 13.460971] Memory state around the buggy address: [ 13.461237] ffff888103988480: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.461564] ffff888103988500: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 13.461903] >ffff888103988580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.462118] ^ [ 13.462246] ffff888103988600: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.462484] ffff888103988680: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.462829] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 13.405319] ================================================================== [ 13.405657] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 13.406082] Read of size 1 at addr ffff888103988590 by task kunit_try_catch/278 [ 13.406336] [ 13.406445] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.406489] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.406500] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.406521] Call Trace: [ 13.406536] <TASK> [ 13.406552] dump_stack_lvl+0x73/0xb0 [ 13.406578] print_report+0xd1/0x650 [ 13.406600] ? __virt_addr_valid+0x1db/0x2d0 [ 13.406622] ? strlen+0x8f/0xb0 [ 13.406638] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.406661] ? strlen+0x8f/0xb0 [ 13.406677] kasan_report+0x141/0x180 [ 13.406699] ? strlen+0x8f/0xb0 [ 13.406720] __asan_report_load1_noabort+0x18/0x20 [ 13.406743] strlen+0x8f/0xb0 [ 13.406760] kasan_strings+0x57b/0xe80 [ 13.406779] ? trace_hardirqs_on+0x37/0xe0 [ 13.406802] ? __pfx_kasan_strings+0x10/0x10 [ 13.406821] ? finish_task_switch.isra.0+0x153/0x700 [ 13.406843] ? __switch_to+0x47/0xf50 [ 13.406868] ? __schedule+0x10cc/0x2b60 [ 13.406889] ? __pfx_read_tsc+0x10/0x10 [ 13.406909] ? ktime_get_ts64+0x86/0x230 [ 13.406932] kunit_try_run_case+0x1a5/0x480 [ 13.406955] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.406978] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.407001] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.407023] ? __kthread_parkme+0x82/0x180 [ 13.407043] ? preempt_count_sub+0x50/0x80 [ 13.407065] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.407088] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.407110] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.407132] kthread+0x337/0x6f0 [ 13.407151] ? trace_preempt_on+0x20/0xc0 [ 13.407172] ? __pfx_kthread+0x10/0x10 [ 13.407192] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.407212] ? calculate_sigpending+0x7b/0xa0 [ 13.407235] ? __pfx_kthread+0x10/0x10 [ 13.407256] ret_from_fork+0x116/0x1d0 [ 13.407274] ? __pfx_kthread+0x10/0x10 [ 13.407293] ret_from_fork_asm+0x1a/0x30 [ 13.407322] </TASK> [ 13.407333] [ 13.418044] Allocated by task 278: [ 13.418646] kasan_save_stack+0x45/0x70 [ 13.419280] kasan_save_track+0x18/0x40 [ 13.419783] kasan_save_alloc_info+0x3b/0x50 [ 13.420269] __kasan_kmalloc+0xb7/0xc0 [ 13.420432] __kmalloc_cache_noprof+0x189/0x420 [ 13.420586] kasan_strings+0xc0/0xe80 [ 13.420714] kunit_try_run_case+0x1a5/0x480 [ 13.421569] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.422316] kthread+0x337/0x6f0 [ 13.422949] ret_from_fork+0x116/0x1d0 [ 13.423486] ret_from_fork_asm+0x1a/0x30 [ 13.424105] [ 13.424194] Freed by task 278: [ 13.424309] kasan_save_stack+0x45/0x70 [ 13.425015] kasan_save_track+0x18/0x40 [ 13.425658] kasan_save_free_info+0x3f/0x60 [ 13.426131] __kasan_slab_free+0x56/0x70 [ 13.426281] kfree+0x222/0x3f0 [ 13.426411] kasan_strings+0x2aa/0xe80 [ 13.426543] kunit_try_run_case+0x1a5/0x480 [ 13.426686] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.427725] kthread+0x337/0x6f0 [ 13.428178] ret_from_fork+0x116/0x1d0 [ 13.428905] ret_from_fork_asm+0x1a/0x30 [ 13.429473] [ 13.429824] The buggy address belongs to the object at ffff888103988580 [ 13.429824] which belongs to the cache kmalloc-32 of size 32 [ 13.431048] The buggy address is located 16 bytes inside of [ 13.431048] freed 32-byte region [ffff888103988580, ffff8881039885a0) [ 13.431659] [ 13.432010] The buggy address belongs to the physical page: [ 13.432662] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103988 [ 13.433627] flags: 0x200000000000000(node=0|zone=2) [ 13.434037] page_type: f5(slab) [ 13.434165] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.434591] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.435551] page dumped because: kasan: bad access detected [ 13.436220] [ 13.436545] Memory state around the buggy address: [ 13.436903] ffff888103988480: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.437127] ffff888103988500: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 13.437342] >ffff888103988580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.438377] ^ [ 13.438894] ffff888103988600: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.439520] ffff888103988680: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.440154] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 13.385665] ================================================================== [ 13.386267] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 13.386501] Read of size 1 at addr ffff888103988590 by task kunit_try_catch/278 [ 13.386821] [ 13.386930] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.386971] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.386982] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.387198] Call Trace: [ 13.387211] <TASK> [ 13.387227] dump_stack_lvl+0x73/0xb0 [ 13.387255] print_report+0xd1/0x650 [ 13.387277] ? __virt_addr_valid+0x1db/0x2d0 [ 13.387300] ? kasan_strings+0xcbc/0xe80 [ 13.387320] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.387342] ? kasan_strings+0xcbc/0xe80 [ 13.387375] kasan_report+0x141/0x180 [ 13.387398] ? kasan_strings+0xcbc/0xe80 [ 13.387423] __asan_report_load1_noabort+0x18/0x20 [ 13.387446] kasan_strings+0xcbc/0xe80 [ 13.387465] ? trace_hardirqs_on+0x37/0xe0 [ 13.387489] ? __pfx_kasan_strings+0x10/0x10 [ 13.387508] ? finish_task_switch.isra.0+0x153/0x700 [ 13.387530] ? __switch_to+0x47/0xf50 [ 13.387555] ? __schedule+0x10cc/0x2b60 [ 13.387576] ? __pfx_read_tsc+0x10/0x10 [ 13.387596] ? ktime_get_ts64+0x86/0x230 [ 13.387620] kunit_try_run_case+0x1a5/0x480 [ 13.387643] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.387665] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.387692] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.387714] ? __kthread_parkme+0x82/0x180 [ 13.387733] ? preempt_count_sub+0x50/0x80 [ 13.387755] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.387778] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.387800] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.387823] kthread+0x337/0x6f0 [ 13.387842] ? trace_preempt_on+0x20/0xc0 [ 13.387876] ? __pfx_kthread+0x10/0x10 [ 13.387896] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.387916] ? calculate_sigpending+0x7b/0xa0 [ 13.387940] ? __pfx_kthread+0x10/0x10 [ 13.387960] ret_from_fork+0x116/0x1d0 [ 13.387977] ? __pfx_kthread+0x10/0x10 [ 13.387996] ret_from_fork_asm+0x1a/0x30 [ 13.388026] </TASK> [ 13.388036] [ 13.395178] Allocated by task 278: [ 13.395320] kasan_save_stack+0x45/0x70 [ 13.395473] kasan_save_track+0x18/0x40 [ 13.395607] kasan_save_alloc_info+0x3b/0x50 [ 13.395789] __kasan_kmalloc+0xb7/0xc0 [ 13.395980] __kmalloc_cache_noprof+0x189/0x420 [ 13.396209] kasan_strings+0xc0/0xe80 [ 13.396408] kunit_try_run_case+0x1a5/0x480 [ 13.396621] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.397023] kthread+0x337/0x6f0 [ 13.397180] ret_from_fork+0x116/0x1d0 [ 13.397350] ret_from_fork_asm+0x1a/0x30 [ 13.397532] [ 13.397615] Freed by task 278: [ 13.397775] kasan_save_stack+0x45/0x70 [ 13.397937] kasan_save_track+0x18/0x40 [ 13.398109] kasan_save_free_info+0x3f/0x60 [ 13.398287] __kasan_slab_free+0x56/0x70 [ 13.398486] kfree+0x222/0x3f0 [ 13.398634] kasan_strings+0x2aa/0xe80 [ 13.398855] kunit_try_run_case+0x1a5/0x480 [ 13.399038] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.399250] kthread+0x337/0x6f0 [ 13.399412] ret_from_fork+0x116/0x1d0 [ 13.399598] ret_from_fork_asm+0x1a/0x30 [ 13.399771] [ 13.399871] The buggy address belongs to the object at ffff888103988580 [ 13.399871] which belongs to the cache kmalloc-32 of size 32 [ 13.400321] The buggy address is located 16 bytes inside of [ 13.400321] freed 32-byte region [ffff888103988580, ffff8881039885a0) [ 13.400790] [ 13.400888] The buggy address belongs to the physical page: [ 13.401097] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103988 [ 13.401430] flags: 0x200000000000000(node=0|zone=2) [ 13.401621] page_type: f5(slab) [ 13.401797] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.402098] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.402404] page dumped because: kasan: bad access detected [ 13.402604] [ 13.402674] Memory state around the buggy address: [ 13.403014] ffff888103988480: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.403322] ffff888103988500: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 13.403611] >ffff888103988580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.403933] ^ [ 13.404093] ffff888103988600: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.404381] ffff888103988680: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.404693] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 13.363427] ================================================================== [ 13.364512] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 13.365063] Read of size 1 at addr ffff888103988590 by task kunit_try_catch/278 [ 13.365334] [ 13.365464] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.365516] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.365530] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.365552] Call Trace: [ 13.365563] <TASK> [ 13.365581] dump_stack_lvl+0x73/0xb0 [ 13.365783] print_report+0xd1/0x650 [ 13.365817] ? __virt_addr_valid+0x1db/0x2d0 [ 13.365842] ? strcmp+0xb0/0xc0 [ 13.365862] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.365884] ? strcmp+0xb0/0xc0 [ 13.365904] kasan_report+0x141/0x180 [ 13.365926] ? strcmp+0xb0/0xc0 [ 13.365959] __asan_report_load1_noabort+0x18/0x20 [ 13.365982] strcmp+0xb0/0xc0 [ 13.366004] kasan_strings+0x431/0xe80 [ 13.366024] ? trace_hardirqs_on+0x37/0xe0 [ 13.366048] ? __pfx_kasan_strings+0x10/0x10 [ 13.366069] ? finish_task_switch.isra.0+0x153/0x700 [ 13.366091] ? __switch_to+0x47/0xf50 [ 13.366117] ? __schedule+0x10cc/0x2b60 [ 13.366139] ? __pfx_read_tsc+0x10/0x10 [ 13.366159] ? ktime_get_ts64+0x86/0x230 [ 13.366183] kunit_try_run_case+0x1a5/0x480 [ 13.366210] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.366231] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.366254] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.366276] ? __kthread_parkme+0x82/0x180 [ 13.366299] ? preempt_count_sub+0x50/0x80 [ 13.366321] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.366344] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.366382] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.366405] kthread+0x337/0x6f0 [ 13.366424] ? trace_preempt_on+0x20/0xc0 [ 13.366445] ? __pfx_kthread+0x10/0x10 [ 13.366466] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.366485] ? calculate_sigpending+0x7b/0xa0 [ 13.366508] ? __pfx_kthread+0x10/0x10 [ 13.366529] ret_from_fork+0x116/0x1d0 [ 13.366546] ? __pfx_kthread+0x10/0x10 [ 13.366565] ret_from_fork_asm+0x1a/0x30 [ 13.366608] </TASK> [ 13.366620] [ 13.374184] Allocated by task 278: [ 13.374322] kasan_save_stack+0x45/0x70 [ 13.374885] kasan_save_track+0x18/0x40 [ 13.375099] kasan_save_alloc_info+0x3b/0x50 [ 13.375315] __kasan_kmalloc+0xb7/0xc0 [ 13.375527] __kmalloc_cache_noprof+0x189/0x420 [ 13.375955] kasan_strings+0xc0/0xe80 [ 13.376092] kunit_try_run_case+0x1a5/0x480 [ 13.376262] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.376535] kthread+0x337/0x6f0 [ 13.376715] ret_from_fork+0x116/0x1d0 [ 13.376989] ret_from_fork_asm+0x1a/0x30 [ 13.377169] [ 13.377251] Freed by task 278: [ 13.377402] kasan_save_stack+0x45/0x70 [ 13.377540] kasan_save_track+0x18/0x40 [ 13.377674] kasan_save_free_info+0x3f/0x60 [ 13.377822] __kasan_slab_free+0x56/0x70 [ 13.378006] kfree+0x222/0x3f0 [ 13.378168] kasan_strings+0x2aa/0xe80 [ 13.378423] kunit_try_run_case+0x1a5/0x480 [ 13.378998] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.379279] kthread+0x337/0x6f0 [ 13.379416] ret_from_fork+0x116/0x1d0 [ 13.379548] ret_from_fork_asm+0x1a/0x30 [ 13.379863] [ 13.379962] The buggy address belongs to the object at ffff888103988580 [ 13.379962] which belongs to the cache kmalloc-32 of size 32 [ 13.380511] The buggy address is located 16 bytes inside of [ 13.380511] freed 32-byte region [ffff888103988580, ffff8881039885a0) [ 13.381018] [ 13.381095] The buggy address belongs to the physical page: [ 13.381297] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103988 [ 13.381660] flags: 0x200000000000000(node=0|zone=2) [ 13.381994] page_type: f5(slab) [ 13.382173] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.382493] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.382719] page dumped because: kasan: bad access detected [ 13.382920] [ 13.383039] Memory state around the buggy address: [ 13.383409] ffff888103988480: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.383724] ffff888103988500: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 13.384093] >ffff888103988580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.384370] ^ [ 13.384529] ffff888103988600: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.384871] ffff888103988680: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.385130] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 13.321209] ================================================================== [ 13.322367] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 13.323048] Read of size 1 at addr ffff8881031254d8 by task kunit_try_catch/276 [ 13.323742] [ 13.323953] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.324001] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.324014] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.324036] Call Trace: [ 13.324048] <TASK> [ 13.324067] dump_stack_lvl+0x73/0xb0 [ 13.324096] print_report+0xd1/0x650 [ 13.324153] ? __virt_addr_valid+0x1db/0x2d0 [ 13.324177] ? memcmp+0x1b4/0x1d0 [ 13.324195] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.324218] ? memcmp+0x1b4/0x1d0 [ 13.324235] kasan_report+0x141/0x180 [ 13.324256] ? memcmp+0x1b4/0x1d0 [ 13.324277] __asan_report_load1_noabort+0x18/0x20 [ 13.324301] memcmp+0x1b4/0x1d0 [ 13.324320] kasan_memcmp+0x18f/0x390 [ 13.324339] ? trace_hardirqs_on+0x37/0xe0 [ 13.324376] ? __pfx_kasan_memcmp+0x10/0x10 [ 13.324396] ? finish_task_switch.isra.0+0x153/0x700 [ 13.324418] ? __switch_to+0x47/0xf50 [ 13.324447] ? __pfx_read_tsc+0x10/0x10 [ 13.324468] ? ktime_get_ts64+0x86/0x230 [ 13.324492] kunit_try_run_case+0x1a5/0x480 [ 13.324517] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.324539] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.324562] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.324598] ? __kthread_parkme+0x82/0x180 [ 13.324619] ? preempt_count_sub+0x50/0x80 [ 13.324641] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.324664] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.324686] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.324709] kthread+0x337/0x6f0 [ 13.324727] ? trace_preempt_on+0x20/0xc0 [ 13.324748] ? __pfx_kthread+0x10/0x10 [ 13.324768] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.324789] ? calculate_sigpending+0x7b/0xa0 [ 13.324812] ? __pfx_kthread+0x10/0x10 [ 13.324833] ret_from_fork+0x116/0x1d0 [ 13.324850] ? __pfx_kthread+0x10/0x10 [ 13.324870] ret_from_fork_asm+0x1a/0x30 [ 13.324901] </TASK> [ 13.324912] [ 13.338824] Allocated by task 276: [ 13.339221] kasan_save_stack+0x45/0x70 [ 13.339697] kasan_save_track+0x18/0x40 [ 13.339874] kasan_save_alloc_info+0x3b/0x50 [ 13.340381] __kasan_kmalloc+0xb7/0xc0 [ 13.340814] __kmalloc_cache_noprof+0x189/0x420 [ 13.341042] kasan_memcmp+0xb7/0x390 [ 13.341413] kunit_try_run_case+0x1a5/0x480 [ 13.341890] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.342211] kthread+0x337/0x6f0 [ 13.342554] ret_from_fork+0x116/0x1d0 [ 13.342846] ret_from_fork_asm+0x1a/0x30 [ 13.343224] [ 13.343298] The buggy address belongs to the object at ffff8881031254c0 [ 13.343298] which belongs to the cache kmalloc-32 of size 32 [ 13.343653] The buggy address is located 0 bytes to the right of [ 13.343653] allocated 24-byte region [ffff8881031254c0, ffff8881031254d8) [ 13.344970] [ 13.345170] The buggy address belongs to the physical page: [ 13.345469] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103125 [ 13.346148] flags: 0x200000000000000(node=0|zone=2) [ 13.346650] page_type: f5(slab) [ 13.346857] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.347379] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.347668] page dumped because: kasan: bad access detected [ 13.348226] [ 13.348471] Memory state around the buggy address: [ 13.349153] ffff888103125380: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.349796] ffff888103125400: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 13.350235] >ffff888103125480: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.350464] ^ [ 13.350879] ffff888103125500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.351627] ffff888103125580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.352369] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 13.288510] ================================================================== [ 13.289217] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 13.289575] Read of size 1 at addr ffff888103a37c4a by task kunit_try_catch/272 [ 13.289890] [ 13.290025] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.290071] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.290111] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.290132] Call Trace: [ 13.290144] <TASK> [ 13.290160] dump_stack_lvl+0x73/0xb0 [ 13.290189] print_report+0xd1/0x650 [ 13.290223] ? __virt_addr_valid+0x1db/0x2d0 [ 13.290245] ? kasan_alloca_oob_right+0x329/0x390 [ 13.290267] ? kasan_addr_to_slab+0x11/0xa0 [ 13.290393] ? kasan_alloca_oob_right+0x329/0x390 [ 13.290427] kasan_report+0x141/0x180 [ 13.290450] ? kasan_alloca_oob_right+0x329/0x390 [ 13.290476] __asan_report_load1_noabort+0x18/0x20 [ 13.290513] kasan_alloca_oob_right+0x329/0x390 [ 13.290537] ? finish_task_switch.isra.0+0x153/0x700 [ 13.290560] ? out_of_line_wait_on_bit_timeout+0x7e/0x190 [ 13.290636] ? trace_hardirqs_on+0x37/0xe0 [ 13.290663] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 13.290687] ? __schedule+0x10cc/0x2b60 [ 13.290708] ? __pfx_read_tsc+0x10/0x10 [ 13.290729] ? ktime_get_ts64+0x86/0x230 [ 13.290753] kunit_try_run_case+0x1a5/0x480 [ 13.290777] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.290799] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.290820] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.290842] ? __kthread_parkme+0x82/0x180 [ 13.290862] ? preempt_count_sub+0x50/0x80 [ 13.290885] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.290908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.290942] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.290965] kthread+0x337/0x6f0 [ 13.290983] ? trace_preempt_on+0x20/0xc0 [ 13.291016] ? __pfx_kthread+0x10/0x10 [ 13.291036] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.291056] ? calculate_sigpending+0x7b/0xa0 [ 13.291079] ? __pfx_kthread+0x10/0x10 [ 13.291099] ret_from_fork+0x116/0x1d0 [ 13.291117] ? __pfx_kthread+0x10/0x10 [ 13.291136] ret_from_fork_asm+0x1a/0x30 [ 13.291168] </TASK> [ 13.291179] [ 13.304765] The buggy address belongs to stack of task kunit_try_catch/272 [ 13.305183] [ 13.305262] The buggy address belongs to the physical page: [ 13.305452] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a37 [ 13.306111] flags: 0x200000000000000(node=0|zone=2) [ 13.306633] raw: 0200000000000000 ffffea00040e8dc8 ffffea00040e8dc8 0000000000000000 [ 13.307347] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.308234] page dumped because: kasan: bad access detected [ 13.308873] [ 13.308952] Memory state around the buggy address: [ 13.309110] ffff888103a37b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.309325] ffff888103a37b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.309556] >ffff888103a37c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 13.309913] ^ [ 13.310254] ffff888103a37c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 13.310580] ffff888103a37d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.310863] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 11.070059] ================================================================== [ 11.070678] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 11.071732] Write of size 1 at addr ffff8881003508c9 by task kunit_try_catch/177 [ 11.072505] [ 11.072697] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.072746] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.072757] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.072779] Call Trace: [ 11.072794] <TASK> [ 11.072811] dump_stack_lvl+0x73/0xb0 [ 11.072841] print_report+0xd1/0x650 [ 11.072865] ? __virt_addr_valid+0x1db/0x2d0 [ 11.072888] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.072912] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.072934] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.072957] kasan_report+0x141/0x180 [ 11.072977] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.073004] __asan_report_store1_noabort+0x1b/0x30 [ 11.073024] krealloc_less_oob_helper+0xd70/0x11d0 [ 11.073050] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.073072] ? irqentry_exit+0x2a/0x60 [ 11.073093] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.073120] ? __pfx_krealloc_less_oob+0x10/0x10 [ 11.073144] krealloc_less_oob+0x1c/0x30 [ 11.073164] kunit_try_run_case+0x1a5/0x480 [ 11.073188] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.073209] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.073231] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.073252] ? __kthread_parkme+0x82/0x180 [ 11.073273] ? preempt_count_sub+0x50/0x80 [ 11.073296] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.073318] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.073338] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.073360] kthread+0x337/0x6f0 [ 11.073388] ? trace_preempt_on+0x20/0xc0 [ 11.073411] ? __pfx_kthread+0x10/0x10 [ 11.073431] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.073450] ? calculate_sigpending+0x7b/0xa0 [ 11.073472] ? __pfx_kthread+0x10/0x10 [ 11.073492] ret_from_fork+0x116/0x1d0 [ 11.073511] ? __pfx_kthread+0x10/0x10 [ 11.073530] ret_from_fork_asm+0x1a/0x30 [ 11.073559] </TASK> [ 11.073604] [ 11.088004] Allocated by task 177: [ 11.088413] kasan_save_stack+0x45/0x70 [ 11.088740] kasan_save_track+0x18/0x40 [ 11.089147] kasan_save_alloc_info+0x3b/0x50 [ 11.089302] __kasan_krealloc+0x190/0x1f0 [ 11.089455] krealloc_noprof+0xf3/0x340 [ 11.089611] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.090310] krealloc_less_oob+0x1c/0x30 [ 11.090726] kunit_try_run_case+0x1a5/0x480 [ 11.091277] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.091889] kthread+0x337/0x6f0 [ 11.092304] ret_from_fork+0x116/0x1d0 [ 11.092738] ret_from_fork_asm+0x1a/0x30 [ 11.093197] [ 11.093498] The buggy address belongs to the object at ffff888100350800 [ 11.093498] which belongs to the cache kmalloc-256 of size 256 [ 11.094193] The buggy address is located 0 bytes to the right of [ 11.094193] allocated 201-byte region [ffff888100350800, ffff8881003508c9) [ 11.094576] [ 11.094671] The buggy address belongs to the physical page: [ 11.094969] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100350 [ 11.095284] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.095581] flags: 0x200000000000040(head|node=0|zone=2) [ 11.096192] page_type: f5(slab) [ 11.096322] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.096832] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.097295] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.097701] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.098226] head: 0200000000000001 ffffea000400d401 00000000ffffffff 00000000ffffffff [ 11.098554] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.099108] page dumped because: kasan: bad access detected [ 11.099427] [ 11.099507] Memory state around the buggy address: [ 11.099713] ffff888100350780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.100285] ffff888100350800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.100561] >ffff888100350880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.101112] ^ [ 11.101426] ffff888100350900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.101850] ffff888100350980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.102175] ================================================================== [ 11.151760] ================================================================== [ 11.152081] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 11.152617] Write of size 1 at addr ffff8881003508ea by task kunit_try_catch/177 [ 11.153070] [ 11.153167] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.153206] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.153217] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.153235] Call Trace: [ 11.153249] <TASK> [ 11.153264] dump_stack_lvl+0x73/0xb0 [ 11.153291] print_report+0xd1/0x650 [ 11.153313] ? __virt_addr_valid+0x1db/0x2d0 [ 11.153334] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.153356] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.153390] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.153413] kasan_report+0x141/0x180 [ 11.153433] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.153460] __asan_report_store1_noabort+0x1b/0x30 [ 11.153479] krealloc_less_oob_helper+0xe90/0x11d0 [ 11.153504] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.153525] ? irqentry_exit+0x2a/0x60 [ 11.153545] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.153571] ? __pfx_krealloc_less_oob+0x10/0x10 [ 11.153595] krealloc_less_oob+0x1c/0x30 [ 11.153616] kunit_try_run_case+0x1a5/0x480 [ 11.153639] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.153659] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.153681] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.153702] ? __kthread_parkme+0x82/0x180 [ 11.153721] ? preempt_count_sub+0x50/0x80 [ 11.153744] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.153766] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.153787] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.153808] kthread+0x337/0x6f0 [ 11.153826] ? trace_preempt_on+0x20/0xc0 [ 11.153848] ? __pfx_kthread+0x10/0x10 [ 11.153868] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.153887] ? calculate_sigpending+0x7b/0xa0 [ 11.153910] ? __pfx_kthread+0x10/0x10 [ 11.153930] ret_from_fork+0x116/0x1d0 [ 11.153947] ? __pfx_kthread+0x10/0x10 [ 11.153966] ret_from_fork_asm+0x1a/0x30 [ 11.153994] </TASK> [ 11.154005] [ 11.161793] Allocated by task 177: [ 11.161987] kasan_save_stack+0x45/0x70 [ 11.162187] kasan_save_track+0x18/0x40 [ 11.162326] kasan_save_alloc_info+0x3b/0x50 [ 11.162537] __kasan_krealloc+0x190/0x1f0 [ 11.162786] krealloc_noprof+0xf3/0x340 [ 11.162919] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.163165] krealloc_less_oob+0x1c/0x30 [ 11.163346] kunit_try_run_case+0x1a5/0x480 [ 11.163498] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.163757] kthread+0x337/0x6f0 [ 11.164087] ret_from_fork+0x116/0x1d0 [ 11.164242] ret_from_fork_asm+0x1a/0x30 [ 11.164393] [ 11.164465] The buggy address belongs to the object at ffff888100350800 [ 11.164465] which belongs to the cache kmalloc-256 of size 256 [ 11.164863] The buggy address is located 33 bytes to the right of [ 11.164863] allocated 201-byte region [ffff888100350800, ffff8881003508c9) [ 11.165412] [ 11.165508] The buggy address belongs to the physical page: [ 11.165707] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100350 [ 11.165945] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.166251] flags: 0x200000000000040(head|node=0|zone=2) [ 11.166524] page_type: f5(slab) [ 11.166724] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.167157] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.167909] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.168242] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.168512] head: 0200000000000001 ffffea000400d401 00000000ffffffff 00000000ffffffff [ 11.168785] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.169120] page dumped because: kasan: bad access detected [ 11.169361] [ 11.169438] Memory state around the buggy address: [ 11.169590] ffff888100350780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.170004] ffff888100350800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.170418] >ffff888100350880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.170834] ^ [ 11.171093] ffff888100350900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.171324] ffff888100350980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.171826] ================================================================== [ 11.130761] ================================================================== [ 11.131050] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 11.131593] Write of size 1 at addr ffff8881003508da by task kunit_try_catch/177 [ 11.132313] [ 11.132449] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.132491] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.132503] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.132522] Call Trace: [ 11.132534] <TASK> [ 11.132550] dump_stack_lvl+0x73/0xb0 [ 11.132579] print_report+0xd1/0x650 [ 11.132601] ? __virt_addr_valid+0x1db/0x2d0 [ 11.132623] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.132645] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.132666] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.132688] kasan_report+0x141/0x180 [ 11.132709] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.132735] __asan_report_store1_noabort+0x1b/0x30 [ 11.132755] krealloc_less_oob_helper+0xec6/0x11d0 [ 11.132779] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.132800] ? irqentry_exit+0x2a/0x60 [ 11.132820] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.132847] ? __pfx_krealloc_less_oob+0x10/0x10 [ 11.132871] krealloc_less_oob+0x1c/0x30 [ 11.132891] kunit_try_run_case+0x1a5/0x480 [ 11.132914] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.132935] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.132956] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.132977] ? __kthread_parkme+0x82/0x180 [ 11.132997] ? preempt_count_sub+0x50/0x80 [ 11.133019] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.133041] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.133062] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.133084] kthread+0x337/0x6f0 [ 11.133102] ? trace_preempt_on+0x20/0xc0 [ 11.133123] ? __pfx_kthread+0x10/0x10 [ 11.133143] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.133162] ? calculate_sigpending+0x7b/0xa0 [ 11.133184] ? __pfx_kthread+0x10/0x10 [ 11.133204] ret_from_fork+0x116/0x1d0 [ 11.133222] ? __pfx_kthread+0x10/0x10 [ 11.133241] ret_from_fork_asm+0x1a/0x30 [ 11.133270] </TASK> [ 11.133280] [ 11.140775] Allocated by task 177: [ 11.140952] kasan_save_stack+0x45/0x70 [ 11.141233] kasan_save_track+0x18/0x40 [ 11.141387] kasan_save_alloc_info+0x3b/0x50 [ 11.141533] __kasan_krealloc+0x190/0x1f0 [ 11.141669] krealloc_noprof+0xf3/0x340 [ 11.142064] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.142313] krealloc_less_oob+0x1c/0x30 [ 11.142525] kunit_try_run_case+0x1a5/0x480 [ 11.142731] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.142990] kthread+0x337/0x6f0 [ 11.143163] ret_from_fork+0x116/0x1d0 [ 11.143429] ret_from_fork_asm+0x1a/0x30 [ 11.143604] [ 11.143748] The buggy address belongs to the object at ffff888100350800 [ 11.143748] which belongs to the cache kmalloc-256 of size 256 [ 11.144331] The buggy address is located 17 bytes to the right of [ 11.144331] allocated 201-byte region [ffff888100350800, ffff8881003508c9) [ 11.144788] [ 11.144861] The buggy address belongs to the physical page: [ 11.145034] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100350 [ 11.145508] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.145830] flags: 0x200000000000040(head|node=0|zone=2) [ 11.146005] page_type: f5(slab) [ 11.146124] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.146352] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.147172] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.147546] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.147912] head: 0200000000000001 ffffea000400d401 00000000ffffffff 00000000ffffffff [ 11.148210] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.148640] page dumped because: kasan: bad access detected [ 11.149000] [ 11.149093] Memory state around the buggy address: [ 11.149250] ffff888100350780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.149546] ffff888100350800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.149867] >ffff888100350880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.150180] ^ [ 11.150368] ffff888100350900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.150904] ffff888100350980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.151247] ================================================================== [ 11.257035] ================================================================== [ 11.257292] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 11.257686] Write of size 1 at addr ffff8881029ce0d0 by task kunit_try_catch/181 [ 11.258141] [ 11.258269] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.258312] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.258323] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.258343] Call Trace: [ 11.258360] <TASK> [ 11.258388] dump_stack_lvl+0x73/0xb0 [ 11.258418] print_report+0xd1/0x650 [ 11.258441] ? __virt_addr_valid+0x1db/0x2d0 [ 11.258463] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.258486] ? kasan_addr_to_slab+0x11/0xa0 [ 11.258507] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.258530] kasan_report+0x141/0x180 [ 11.258552] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.258579] __asan_report_store1_noabort+0x1b/0x30 [ 11.258600] krealloc_less_oob_helper+0xe23/0x11d0 [ 11.258668] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.258696] ? __kasan_check_write+0x18/0x20 [ 11.258714] ? queued_spin_lock_slowpath+0x116/0xb40 [ 11.258736] ? irqentry_exit+0x2a/0x60 [ 11.258756] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.258778] ? trace_hardirqs_on+0x37/0xe0 [ 11.258801] ? __pfx_read_tsc+0x10/0x10 [ 11.258824] krealloc_large_less_oob+0x1c/0x30 [ 11.258847] kunit_try_run_case+0x1a5/0x480 [ 11.258870] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.258892] ? queued_spin_lock_slowpath+0x116/0xb40 [ 11.258913] ? __kthread_parkme+0x82/0x180 [ 11.258933] ? preempt_count_sub+0x50/0x80 [ 11.258955] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.258977] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.258998] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.259020] kthread+0x337/0x6f0 [ 11.259038] ? trace_preempt_on+0x20/0xc0 [ 11.259058] ? __pfx_kthread+0x10/0x10 [ 11.259079] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.259098] ? calculate_sigpending+0x7b/0xa0 [ 11.259120] ? __pfx_kthread+0x10/0x10 [ 11.259141] ret_from_fork+0x116/0x1d0 [ 11.259157] ? __pfx_kthread+0x10/0x10 [ 11.259177] ret_from_fork_asm+0x1a/0x30 [ 11.259208] </TASK> [ 11.259219] [ 11.267722] The buggy address belongs to the physical page: [ 11.267974] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cc [ 11.268217] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.268713] flags: 0x200000000000040(head|node=0|zone=2) [ 11.268970] page_type: f8(unknown) [ 11.269098] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.269418] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.270035] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.270316] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.270563] head: 0200000000000002 ffffea00040a7301 00000000ffffffff 00000000ffffffff [ 11.270925] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.271275] page dumped because: kasan: bad access detected [ 11.271638] [ 11.271718] Memory state around the buggy address: [ 11.271968] ffff8881029cdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.272185] ffff8881029ce000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.272412] >ffff8881029ce080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.272732] ^ [ 11.272998] ffff8881029ce100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.273272] ffff8881029ce180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.273883] ================================================================== [ 11.306827] ================================================================== [ 11.307145] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 11.307400] Write of size 1 at addr ffff8881029ce0eb by task kunit_try_catch/181 [ 11.307621] [ 11.307731] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.307772] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.307783] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.307801] Call Trace: [ 11.307817] <TASK> [ 11.307833] dump_stack_lvl+0x73/0xb0 [ 11.307859] print_report+0xd1/0x650 [ 11.307882] ? __virt_addr_valid+0x1db/0x2d0 [ 11.307903] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.307927] ? kasan_addr_to_slab+0x11/0xa0 [ 11.308004] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.308032] kasan_report+0x141/0x180 [ 11.308053] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.308081] __asan_report_store1_noabort+0x1b/0x30 [ 11.308102] krealloc_less_oob_helper+0xd47/0x11d0 [ 11.308127] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.308152] ? __kasan_check_write+0x18/0x20 [ 11.308171] ? queued_spin_lock_slowpath+0x116/0xb40 [ 11.308193] ? irqentry_exit+0x2a/0x60 [ 11.308213] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.308235] ? trace_hardirqs_on+0x37/0xe0 [ 11.308257] ? __pfx_read_tsc+0x10/0x10 [ 11.308280] krealloc_large_less_oob+0x1c/0x30 [ 11.308303] kunit_try_run_case+0x1a5/0x480 [ 11.308326] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.308348] ? queued_spin_lock_slowpath+0x116/0xb40 [ 11.308369] ? __kthread_parkme+0x82/0x180 [ 11.308400] ? preempt_count_sub+0x50/0x80 [ 11.308422] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.308445] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.308466] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.308487] kthread+0x337/0x6f0 [ 11.308506] ? trace_preempt_on+0x20/0xc0 [ 11.308527] ? __pfx_kthread+0x10/0x10 [ 11.308546] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.308565] ? calculate_sigpending+0x7b/0xa0 [ 11.308616] ? __pfx_kthread+0x10/0x10 [ 11.308637] ret_from_fork+0x116/0x1d0 [ 11.308655] ? __pfx_kthread+0x10/0x10 [ 11.308674] ret_from_fork_asm+0x1a/0x30 [ 11.308703] </TASK> [ 11.308714] [ 11.318849] The buggy address belongs to the physical page: [ 11.319081] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cc [ 11.320026] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.320425] flags: 0x200000000000040(head|node=0|zone=2) [ 11.320921] page_type: f8(unknown) [ 11.321084] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.321467] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.321885] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.322254] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.322621] head: 0200000000000002 ffffea00040a7301 00000000ffffffff 00000000ffffffff [ 11.322980] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.323317] page dumped because: kasan: bad access detected [ 11.323641] [ 11.323741] Memory state around the buggy address: [ 11.323973] ffff8881029cdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.324280] ffff8881029ce000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.324702] >ffff8881029ce080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.325045] ^ [ 11.325320] ffff8881029ce100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.325853] ffff8881029ce180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.326189] ================================================================== [ 11.172279] ================================================================== [ 11.172599] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 11.173007] Write of size 1 at addr ffff8881003508eb by task kunit_try_catch/177 [ 11.173231] [ 11.173329] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.173370] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.173393] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.173412] Call Trace: [ 11.173429] <TASK> [ 11.173445] dump_stack_lvl+0x73/0xb0 [ 11.173472] print_report+0xd1/0x650 [ 11.173494] ? __virt_addr_valid+0x1db/0x2d0 [ 11.173515] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.173537] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.173558] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.173581] kasan_report+0x141/0x180 [ 11.173602] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.173628] __asan_report_store1_noabort+0x1b/0x30 [ 11.173648] krealloc_less_oob_helper+0xd47/0x11d0 [ 11.173672] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.173694] ? irqentry_exit+0x2a/0x60 [ 11.173713] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.173740] ? __pfx_krealloc_less_oob+0x10/0x10 [ 11.173764] krealloc_less_oob+0x1c/0x30 [ 11.173784] kunit_try_run_case+0x1a5/0x480 [ 11.173808] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.173886] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.173912] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.173933] ? __kthread_parkme+0x82/0x180 [ 11.173952] ? preempt_count_sub+0x50/0x80 [ 11.173974] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.173997] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.174018] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.174040] kthread+0x337/0x6f0 [ 11.174058] ? trace_preempt_on+0x20/0xc0 [ 11.174080] ? __pfx_kthread+0x10/0x10 [ 11.174099] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.174119] ? calculate_sigpending+0x7b/0xa0 [ 11.174141] ? __pfx_kthread+0x10/0x10 [ 11.174161] ret_from_fork+0x116/0x1d0 [ 11.174179] ? __pfx_kthread+0x10/0x10 [ 11.174198] ret_from_fork_asm+0x1a/0x30 [ 11.174227] </TASK> [ 11.174238] [ 11.182004] Allocated by task 177: [ 11.182138] kasan_save_stack+0x45/0x70 [ 11.182388] kasan_save_track+0x18/0x40 [ 11.182577] kasan_save_alloc_info+0x3b/0x50 [ 11.182782] __kasan_krealloc+0x190/0x1f0 [ 11.182976] krealloc_noprof+0xf3/0x340 [ 11.183368] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.183547] krealloc_less_oob+0x1c/0x30 [ 11.183749] kunit_try_run_case+0x1a5/0x480 [ 11.183933] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.184105] kthread+0x337/0x6f0 [ 11.184273] ret_from_fork+0x116/0x1d0 [ 11.184470] ret_from_fork_asm+0x1a/0x30 [ 11.184673] [ 11.184782] The buggy address belongs to the object at ffff888100350800 [ 11.184782] which belongs to the cache kmalloc-256 of size 256 [ 11.185253] The buggy address is located 34 bytes to the right of [ 11.185253] allocated 201-byte region [ffff888100350800, ffff8881003508c9) [ 11.185749] [ 11.185854] The buggy address belongs to the physical page: [ 11.186076] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100350 [ 11.186408] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.186712] flags: 0x200000000000040(head|node=0|zone=2) [ 11.187020] page_type: f5(slab) [ 11.187170] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.187481] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.187835] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.188120] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.188436] head: 0200000000000001 ffffea000400d401 00000000ffffffff 00000000ffffffff [ 11.188727] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.189053] page dumped because: kasan: bad access detected [ 11.189519] [ 11.189653] Memory state around the buggy address: [ 11.189895] ffff888100350780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.190183] ffff888100350800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.190499] >ffff888100350880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.190921] ^ [ 11.191186] ffff888100350900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.191484] ffff888100350980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.191775] ================================================================== [ 11.290308] ================================================================== [ 11.290649] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 11.291002] Write of size 1 at addr ffff8881029ce0ea by task kunit_try_catch/181 [ 11.291232] [ 11.291316] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.291355] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.291366] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.291396] Call Trace: [ 11.291411] <TASK> [ 11.291427] dump_stack_lvl+0x73/0xb0 [ 11.291454] print_report+0xd1/0x650 [ 11.291477] ? __virt_addr_valid+0x1db/0x2d0 [ 11.291499] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.291522] ? kasan_addr_to_slab+0x11/0xa0 [ 11.291541] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.291565] kasan_report+0x141/0x180 [ 11.291624] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.291653] __asan_report_store1_noabort+0x1b/0x30 [ 11.291673] krealloc_less_oob_helper+0xe90/0x11d0 [ 11.291703] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.291728] ? __kasan_check_write+0x18/0x20 [ 11.291746] ? queued_spin_lock_slowpath+0x116/0xb40 [ 11.291779] ? irqentry_exit+0x2a/0x60 [ 11.291799] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.291821] ? trace_hardirqs_on+0x37/0xe0 [ 11.291845] ? __pfx_read_tsc+0x10/0x10 [ 11.291868] krealloc_large_less_oob+0x1c/0x30 [ 11.291891] kunit_try_run_case+0x1a5/0x480 [ 11.291914] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.291936] ? queued_spin_lock_slowpath+0x116/0xb40 [ 11.291958] ? __kthread_parkme+0x82/0x180 [ 11.291977] ? preempt_count_sub+0x50/0x80 [ 11.291999] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.292021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.292042] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.292064] kthread+0x337/0x6f0 [ 11.292082] ? trace_preempt_on+0x20/0xc0 [ 11.292102] ? __pfx_kthread+0x10/0x10 [ 11.292121] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.292141] ? calculate_sigpending+0x7b/0xa0 [ 11.292163] ? __pfx_kthread+0x10/0x10 [ 11.292183] ret_from_fork+0x116/0x1d0 [ 11.292200] ? __pfx_kthread+0x10/0x10 [ 11.292219] ret_from_fork_asm+0x1a/0x30 [ 11.292249] </TASK> [ 11.292259] [ 11.300431] The buggy address belongs to the physical page: [ 11.300700] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cc [ 11.301149] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.301389] flags: 0x200000000000040(head|node=0|zone=2) [ 11.301566] page_type: f8(unknown) [ 11.301693] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.301966] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.302311] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.302662] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.303005] head: 0200000000000002 ffffea00040a7301 00000000ffffffff 00000000ffffffff [ 11.303349] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.303831] page dumped because: kasan: bad access detected [ 11.304319] [ 11.304421] Memory state around the buggy address: [ 11.304723] ffff8881029cdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.305077] ffff8881029ce000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.305292] >ffff8881029ce080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.305585] ^ [ 11.305885] ffff8881029ce100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.306143] ffff8881029ce180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.306411] ================================================================== [ 11.102777] ================================================================== [ 11.103052] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 11.103337] Write of size 1 at addr ffff8881003508d0 by task kunit_try_catch/177 [ 11.104218] [ 11.104405] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.104449] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.104461] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.104481] Call Trace: [ 11.104498] <TASK> [ 11.104515] dump_stack_lvl+0x73/0xb0 [ 11.104543] print_report+0xd1/0x650 [ 11.104566] ? __virt_addr_valid+0x1db/0x2d0 [ 11.104586] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.104608] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.104783] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.104809] kasan_report+0x141/0x180 [ 11.104831] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.104857] __asan_report_store1_noabort+0x1b/0x30 [ 11.104877] krealloc_less_oob_helper+0xe23/0x11d0 [ 11.104901] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.104922] ? irqentry_exit+0x2a/0x60 [ 11.104943] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.104969] ? __pfx_krealloc_less_oob+0x10/0x10 [ 11.104996] krealloc_less_oob+0x1c/0x30 [ 11.105033] kunit_try_run_case+0x1a5/0x480 [ 11.105057] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.105077] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.105099] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.105120] ? __kthread_parkme+0x82/0x180 [ 11.105140] ? preempt_count_sub+0x50/0x80 [ 11.105163] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.105185] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.105206] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.105227] kthread+0x337/0x6f0 [ 11.105245] ? trace_preempt_on+0x20/0xc0 [ 11.105268] ? __pfx_kthread+0x10/0x10 [ 11.105287] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.105307] ? calculate_sigpending+0x7b/0xa0 [ 11.105329] ? __pfx_kthread+0x10/0x10 [ 11.105350] ret_from_fork+0x116/0x1d0 [ 11.105368] ? __pfx_kthread+0x10/0x10 [ 11.105398] ret_from_fork_asm+0x1a/0x30 [ 11.105427] </TASK> [ 11.105437] [ 11.115181] Allocated by task 177: [ 11.115346] kasan_save_stack+0x45/0x70 [ 11.115547] kasan_save_track+0x18/0x40 [ 11.115709] kasan_save_alloc_info+0x3b/0x50 [ 11.116320] __kasan_krealloc+0x190/0x1f0 [ 11.116627] krealloc_noprof+0xf3/0x340 [ 11.117075] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.117242] krealloc_less_oob+0x1c/0x30 [ 11.117393] kunit_try_run_case+0x1a5/0x480 [ 11.117538] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.118202] kthread+0x337/0x6f0 [ 11.118363] ret_from_fork+0x116/0x1d0 [ 11.118508] ret_from_fork_asm+0x1a/0x30 [ 11.118645] [ 11.118716] The buggy address belongs to the object at ffff888100350800 [ 11.118716] which belongs to the cache kmalloc-256 of size 256 [ 11.120158] The buggy address is located 7 bytes to the right of [ 11.120158] allocated 201-byte region [ffff888100350800, ffff8881003508c9) [ 11.121725] [ 11.122026] The buggy address belongs to the physical page: [ 11.122502] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100350 [ 11.123080] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.123896] flags: 0x200000000000040(head|node=0|zone=2) [ 11.124485] page_type: f5(slab) [ 11.124617] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.125404] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.125968] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.126202] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.126463] head: 0200000000000001 ffffea000400d401 00000000ffffffff 00000000ffffffff [ 11.127138] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.127447] page dumped because: kasan: bad access detected [ 11.127708] [ 11.127846] Memory state around the buggy address: [ 11.128042] ffff888100350780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.128343] ffff888100350800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.128828] >ffff888100350880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.129117] ^ [ 11.129354] ffff888100350900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.129647] ffff888100350980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.129965] ================================================================== [ 11.237261] ================================================================== [ 11.238073] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 11.238790] Write of size 1 at addr ffff8881029ce0c9 by task kunit_try_catch/181 [ 11.239165] [ 11.239285] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.239330] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.239341] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.239361] Call Trace: [ 11.239385] <TASK> [ 11.239403] dump_stack_lvl+0x73/0xb0 [ 11.239433] print_report+0xd1/0x650 [ 11.239456] ? __virt_addr_valid+0x1db/0x2d0 [ 11.239479] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.239503] ? kasan_addr_to_slab+0x11/0xa0 [ 11.239523] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.239546] kasan_report+0x141/0x180 [ 11.239567] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.239595] __asan_report_store1_noabort+0x1b/0x30 [ 11.239615] krealloc_less_oob_helper+0xd70/0x11d0 [ 11.239640] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.239665] ? __kasan_check_write+0x18/0x20 [ 11.239684] ? queued_spin_lock_slowpath+0x116/0xb40 [ 11.239711] ? irqentry_exit+0x2a/0x60 [ 11.239731] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.239754] ? trace_hardirqs_on+0x37/0xe0 [ 11.239779] ? __pfx_read_tsc+0x10/0x10 [ 11.239802] krealloc_large_less_oob+0x1c/0x30 [ 11.239825] kunit_try_run_case+0x1a5/0x480 [ 11.239850] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.239873] ? queued_spin_lock_slowpath+0x116/0xb40 [ 11.239894] ? __kthread_parkme+0x82/0x180 [ 11.239914] ? preempt_count_sub+0x50/0x80 [ 11.239937] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.239959] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.239980] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.240002] kthread+0x337/0x6f0 [ 11.240020] ? trace_preempt_on+0x20/0xc0 [ 11.240040] ? __pfx_kthread+0x10/0x10 [ 11.240060] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.240080] ? calculate_sigpending+0x7b/0xa0 [ 11.240104] ? __pfx_kthread+0x10/0x10 [ 11.240124] ret_from_fork+0x116/0x1d0 [ 11.240141] ? __pfx_kthread+0x10/0x10 [ 11.240160] ret_from_fork_asm+0x1a/0x30 [ 11.240190] </TASK> [ 11.240201] [ 11.248404] The buggy address belongs to the physical page: [ 11.248592] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cc [ 11.248917] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.249271] flags: 0x200000000000040(head|node=0|zone=2) [ 11.249541] page_type: f8(unknown) [ 11.249721] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.250208] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.250450] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.250835] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.251187] head: 0200000000000002 ffffea00040a7301 00000000ffffffff 00000000ffffffff [ 11.251426] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.251962] page dumped because: kasan: bad access detected [ 11.252227] [ 11.252320] Memory state around the buggy address: [ 11.252511] ffff8881029cdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.253556] ffff8881029ce000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.254230] >ffff8881029ce080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.254554] ^ [ 11.255287] ffff8881029ce100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.255645] ffff8881029ce180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.256159] ================================================================== [ 11.274180] ================================================================== [ 11.274451] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 11.275108] Write of size 1 at addr ffff8881029ce0da by task kunit_try_catch/181 [ 11.275443] [ 11.275559] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.275601] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.275612] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.275631] Call Trace: [ 11.275648] <TASK> [ 11.275665] dump_stack_lvl+0x73/0xb0 [ 11.275697] print_report+0xd1/0x650 [ 11.275721] ? __virt_addr_valid+0x1db/0x2d0 [ 11.275743] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.275766] ? kasan_addr_to_slab+0x11/0xa0 [ 11.275786] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.275809] kasan_report+0x141/0x180 [ 11.275830] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.275858] __asan_report_store1_noabort+0x1b/0x30 [ 11.275879] krealloc_less_oob_helper+0xec6/0x11d0 [ 11.275904] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.275929] ? __kasan_check_write+0x18/0x20 [ 11.275948] ? queued_spin_lock_slowpath+0x116/0xb40 [ 11.275970] ? irqentry_exit+0x2a/0x60 [ 11.275991] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.276012] ? trace_hardirqs_on+0x37/0xe0 [ 11.276035] ? __pfx_read_tsc+0x10/0x10 [ 11.276058] krealloc_large_less_oob+0x1c/0x30 [ 11.276081] kunit_try_run_case+0x1a5/0x480 [ 11.276104] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.276127] ? queued_spin_lock_slowpath+0x116/0xb40 [ 11.276148] ? __kthread_parkme+0x82/0x180 [ 11.276168] ? preempt_count_sub+0x50/0x80 [ 11.276191] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.276213] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.276234] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.276255] kthread+0x337/0x6f0 [ 11.276274] ? trace_preempt_on+0x20/0xc0 [ 11.276294] ? __pfx_kthread+0x10/0x10 [ 11.276313] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.276332] ? calculate_sigpending+0x7b/0xa0 [ 11.276355] ? __pfx_kthread+0x10/0x10 [ 11.276385] ret_from_fork+0x116/0x1d0 [ 11.276402] ? __pfx_kthread+0x10/0x10 [ 11.276422] ret_from_fork_asm+0x1a/0x30 [ 11.276451] </TASK> [ 11.276462] [ 11.284068] The buggy address belongs to the physical page: [ 11.284315] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cc [ 11.284650] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.284899] flags: 0x200000000000040(head|node=0|zone=2) [ 11.285075] page_type: f8(unknown) [ 11.285336] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.285686] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.286026] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.286401] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.286696] head: 0200000000000002 ffffea00040a7301 00000000ffffffff 00000000ffffffff [ 11.287045] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.287334] page dumped because: kasan: bad access detected [ 11.287589] [ 11.287663] Memory state around the buggy address: [ 11.287822] ffff8881029cdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.288035] ffff8881029ce000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.288246] >ffff8881029ce080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.288606] ^ [ 11.288944] ffff8881029ce100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.289259] ffff8881029ce180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.289581] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 11.196193] ================================================================== [ 11.196663] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 11.197151] Write of size 1 at addr ffff8881028ce0eb by task kunit_try_catch/179 [ 11.197464] [ 11.197577] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.197620] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.197632] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.197652] Call Trace: [ 11.197665] <TASK> [ 11.197681] dump_stack_lvl+0x73/0xb0 [ 11.197712] print_report+0xd1/0x650 [ 11.197734] ? __virt_addr_valid+0x1db/0x2d0 [ 11.197755] ? krealloc_more_oob_helper+0x821/0x930 [ 11.197840] ? kasan_addr_to_slab+0x11/0xa0 [ 11.197863] ? krealloc_more_oob_helper+0x821/0x930 [ 11.197886] kasan_report+0x141/0x180 [ 11.197907] ? krealloc_more_oob_helper+0x821/0x930 [ 11.197933] __asan_report_store1_noabort+0x1b/0x30 [ 11.197953] krealloc_more_oob_helper+0x821/0x930 [ 11.197974] ? __schedule+0x10cc/0x2b60 [ 11.197995] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.198017] ? finish_task_switch.isra.0+0x153/0x700 [ 11.198039] ? __switch_to+0x47/0xf50 [ 11.198065] ? __schedule+0x10cc/0x2b60 [ 11.198084] ? __pfx_read_tsc+0x10/0x10 [ 11.198108] krealloc_large_more_oob+0x1c/0x30 [ 11.198129] kunit_try_run_case+0x1a5/0x480 [ 11.198152] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.198173] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.198195] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.198216] ? __kthread_parkme+0x82/0x180 [ 11.198235] ? preempt_count_sub+0x50/0x80 [ 11.198257] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.198279] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.198301] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.198323] kthread+0x337/0x6f0 [ 11.198341] ? trace_preempt_on+0x20/0xc0 [ 11.198364] ? __pfx_kthread+0x10/0x10 [ 11.198395] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.198414] ? calculate_sigpending+0x7b/0xa0 [ 11.198437] ? __pfx_kthread+0x10/0x10 [ 11.198457] ret_from_fork+0x116/0x1d0 [ 11.198475] ? __pfx_kthread+0x10/0x10 [ 11.198494] ret_from_fork_asm+0x1a/0x30 [ 11.198523] </TASK> [ 11.198534] [ 11.206757] The buggy address belongs to the physical page: [ 11.207009] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028cc [ 11.207307] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.207644] flags: 0x200000000000040(head|node=0|zone=2) [ 11.207834] page_type: f8(unknown) [ 11.208032] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.208297] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.209026] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.209290] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.209535] head: 0200000000000002 ffffea00040a3301 00000000ffffffff 00000000ffffffff [ 11.209884] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.210373] page dumped because: kasan: bad access detected [ 11.210562] [ 11.210633] Memory state around the buggy address: [ 11.210834] ffff8881028cdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.211159] ffff8881028ce000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.211490] >ffff8881028ce080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 11.211815] ^ [ 11.212144] ffff8881028ce100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.212516] ffff8881028ce180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.212822] ================================================================== [ 11.213300] ================================================================== [ 11.213802] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 11.214163] Write of size 1 at addr ffff8881028ce0f0 by task kunit_try_catch/179 [ 11.214425] [ 11.214511] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.214550] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.214561] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.214631] Call Trace: [ 11.214645] <TASK> [ 11.214661] dump_stack_lvl+0x73/0xb0 [ 11.214687] print_report+0xd1/0x650 [ 11.214709] ? __virt_addr_valid+0x1db/0x2d0 [ 11.214730] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.214752] ? kasan_addr_to_slab+0x11/0xa0 [ 11.214771] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.214794] kasan_report+0x141/0x180 [ 11.214815] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.214842] __asan_report_store1_noabort+0x1b/0x30 [ 11.214862] krealloc_more_oob_helper+0x7eb/0x930 [ 11.214882] ? __schedule+0x10cc/0x2b60 [ 11.214903] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.214925] ? finish_task_switch.isra.0+0x153/0x700 [ 11.214947] ? __switch_to+0x47/0xf50 [ 11.214971] ? __schedule+0x10cc/0x2b60 [ 11.214991] ? __pfx_read_tsc+0x10/0x10 [ 11.215013] krealloc_large_more_oob+0x1c/0x30 [ 11.215034] kunit_try_run_case+0x1a5/0x480 [ 11.215057] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.215078] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.215101] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.215123] ? __kthread_parkme+0x82/0x180 [ 11.215146] ? preempt_count_sub+0x50/0x80 [ 11.215169] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.215192] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.215213] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.215236] kthread+0x337/0x6f0 [ 11.215254] ? trace_preempt_on+0x20/0xc0 [ 11.215278] ? __pfx_kthread+0x10/0x10 [ 11.215298] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.215317] ? calculate_sigpending+0x7b/0xa0 [ 11.215340] ? __pfx_kthread+0x10/0x10 [ 11.215360] ret_from_fork+0x116/0x1d0 [ 11.215388] ? __pfx_kthread+0x10/0x10 [ 11.215408] ret_from_fork_asm+0x1a/0x30 [ 11.215437] </TASK> [ 11.215447] [ 11.225168] The buggy address belongs to the physical page: [ 11.225430] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028cc [ 11.226187] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.226979] flags: 0x200000000000040(head|node=0|zone=2) [ 11.227236] page_type: f8(unknown) [ 11.227415] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.227732] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.228498] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.229021] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.229550] head: 0200000000000002 ffffea00040a3301 00000000ffffffff 00000000ffffffff [ 11.230179] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.230500] page dumped because: kasan: bad access detected [ 11.231117] [ 11.231227] Memory state around the buggy address: [ 11.231446] ffff8881028cdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.232065] ffff8881028ce000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.232337] >ffff8881028ce080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 11.232753] ^ [ 11.233044] ffff8881028ce100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.233340] ffff8881028ce180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.234074] ================================================================== [ 11.040084] ================================================================== [ 11.040490] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 11.040992] Write of size 1 at addr ffff888100a21cf0 by task kunit_try_catch/175 [ 11.041385] [ 11.041501] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.041673] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.041688] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.041708] Call Trace: [ 11.041721] <TASK> [ 11.041738] dump_stack_lvl+0x73/0xb0 [ 11.041829] print_report+0xd1/0x650 [ 11.041852] ? __virt_addr_valid+0x1db/0x2d0 [ 11.041885] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.041907] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.041927] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.041950] kasan_report+0x141/0x180 [ 11.041970] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.041999] __asan_report_store1_noabort+0x1b/0x30 [ 11.042018] krealloc_more_oob_helper+0x7eb/0x930 [ 11.042040] ? __schedule+0x10cc/0x2b60 [ 11.042061] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.042084] ? finish_task_switch.isra.0+0x153/0x700 [ 11.042105] ? __switch_to+0x47/0xf50 [ 11.042130] ? __schedule+0x10cc/0x2b60 [ 11.042149] ? __pfx_read_tsc+0x10/0x10 [ 11.042172] krealloc_more_oob+0x1c/0x30 [ 11.042192] kunit_try_run_case+0x1a5/0x480 [ 11.042215] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.042236] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.042258] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.042279] ? __kthread_parkme+0x82/0x180 [ 11.042299] ? preempt_count_sub+0x50/0x80 [ 11.042320] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.042342] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.042363] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.042393] kthread+0x337/0x6f0 [ 11.042412] ? trace_preempt_on+0x20/0xc0 [ 11.042437] ? __pfx_kthread+0x10/0x10 [ 11.042457] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.042479] ? calculate_sigpending+0x7b/0xa0 [ 11.042504] ? __pfx_kthread+0x10/0x10 [ 11.042524] ret_from_fork+0x116/0x1d0 [ 11.042541] ? __pfx_kthread+0x10/0x10 [ 11.042627] ret_from_fork_asm+0x1a/0x30 [ 11.042660] </TASK> [ 11.042670] [ 11.052146] Allocated by task 175: [ 11.052420] kasan_save_stack+0x45/0x70 [ 11.052707] kasan_save_track+0x18/0x40 [ 11.052961] kasan_save_alloc_info+0x3b/0x50 [ 11.053263] __kasan_krealloc+0x190/0x1f0 [ 11.053462] krealloc_noprof+0xf3/0x340 [ 11.053659] krealloc_more_oob_helper+0x1a9/0x930 [ 11.053887] krealloc_more_oob+0x1c/0x30 [ 11.054059] kunit_try_run_case+0x1a5/0x480 [ 11.054264] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.054517] kthread+0x337/0x6f0 [ 11.054690] ret_from_fork+0x116/0x1d0 [ 11.054865] ret_from_fork_asm+0x1a/0x30 [ 11.055054] [ 11.055132] The buggy address belongs to the object at ffff888100a21c00 [ 11.055132] which belongs to the cache kmalloc-256 of size 256 [ 11.055825] The buggy address is located 5 bytes to the right of [ 11.055825] allocated 235-byte region [ffff888100a21c00, ffff888100a21ceb) [ 11.056244] [ 11.056447] The buggy address belongs to the physical page: [ 11.057058] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a20 [ 11.057490] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.057958] flags: 0x200000000000040(head|node=0|zone=2) [ 11.058234] page_type: f5(slab) [ 11.058410] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.058916] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.059261] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.059684] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.060058] head: 0200000000000001 ffffea0004028801 00000000ffffffff 00000000ffffffff [ 11.060385] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.060889] page dumped because: kasan: bad access detected [ 11.061192] [ 11.061271] Memory state around the buggy address: [ 11.061512] ffff888100a21b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.062216] ffff888100a21c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.062588] >ffff888100a21c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 11.062972] ^ [ 11.063326] ffff888100a21d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.063683] ffff888100a21d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.064043] ================================================================== [ 11.009260] ================================================================== [ 11.009779] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 11.010142] Write of size 1 at addr ffff888100a21ceb by task kunit_try_catch/175 [ 11.010469] [ 11.010573] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.010619] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.010630] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.010650] Call Trace: [ 11.010662] <TASK> [ 11.010680] dump_stack_lvl+0x73/0xb0 [ 11.010708] print_report+0xd1/0x650 [ 11.010731] ? __virt_addr_valid+0x1db/0x2d0 [ 11.010753] ? krealloc_more_oob_helper+0x821/0x930 [ 11.010775] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.010796] ? krealloc_more_oob_helper+0x821/0x930 [ 11.010818] kasan_report+0x141/0x180 [ 11.010838] ? krealloc_more_oob_helper+0x821/0x930 [ 11.010866] __asan_report_store1_noabort+0x1b/0x30 [ 11.010887] krealloc_more_oob_helper+0x821/0x930 [ 11.010908] ? __schedule+0x10cc/0x2b60 [ 11.010930] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.010954] ? finish_task_switch.isra.0+0x153/0x700 [ 11.010976] ? __switch_to+0x47/0xf50 [ 11.011001] ? __schedule+0x10cc/0x2b60 [ 11.011021] ? __pfx_read_tsc+0x10/0x10 [ 11.011045] krealloc_more_oob+0x1c/0x30 [ 11.011065] kunit_try_run_case+0x1a5/0x480 [ 11.011090] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.011111] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.011134] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.011155] ? __kthread_parkme+0x82/0x180 [ 11.011176] ? preempt_count_sub+0x50/0x80 [ 11.011198] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.011220] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.011241] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.011262] kthread+0x337/0x6f0 [ 11.011280] ? trace_preempt_on+0x20/0xc0 [ 11.011303] ? __pfx_kthread+0x10/0x10 [ 11.011323] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.011342] ? calculate_sigpending+0x7b/0xa0 [ 11.011364] ? __pfx_kthread+0x10/0x10 [ 11.011876] ret_from_fork+0x116/0x1d0 [ 11.011903] ? __pfx_kthread+0x10/0x10 [ 11.011939] ret_from_fork_asm+0x1a/0x30 [ 11.011970] </TASK> [ 11.011982] [ 11.027402] Allocated by task 175: [ 11.027737] kasan_save_stack+0x45/0x70 [ 11.028008] kasan_save_track+0x18/0x40 [ 11.028263] kasan_save_alloc_info+0x3b/0x50 [ 11.028506] __kasan_krealloc+0x190/0x1f0 [ 11.028837] krealloc_noprof+0xf3/0x340 [ 11.029045] krealloc_more_oob_helper+0x1a9/0x930 [ 11.029363] krealloc_more_oob+0x1c/0x30 [ 11.029625] kunit_try_run_case+0x1a5/0x480 [ 11.029861] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.030153] kthread+0x337/0x6f0 [ 11.030333] ret_from_fork+0x116/0x1d0 [ 11.030521] ret_from_fork_asm+0x1a/0x30 [ 11.030723] [ 11.030814] The buggy address belongs to the object at ffff888100a21c00 [ 11.030814] which belongs to the cache kmalloc-256 of size 256 [ 11.031300] The buggy address is located 0 bytes to the right of [ 11.031300] allocated 235-byte region [ffff888100a21c00, ffff888100a21ceb) [ 11.031804] [ 11.031896] The buggy address belongs to the physical page: [ 11.032129] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a20 [ 11.032822] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.033096] flags: 0x200000000000040(head|node=0|zone=2) [ 11.033358] page_type: f5(slab) [ 11.033726] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.034151] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.034534] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.034978] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.035362] head: 0200000000000001 ffffea0004028801 00000000ffffffff 00000000ffffffff [ 11.035833] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.036188] page dumped because: kasan: bad access detected [ 11.036491] [ 11.036819] Memory state around the buggy address: [ 11.037084] ffff888100a21b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.037399] ffff888100a21c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.037879] >ffff888100a21c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 11.038167] ^ [ 11.038497] ffff888100a21d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.038953] ffff888100a21d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.039326] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 13.266430] ================================================================== [ 13.267250] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 13.267854] Read of size 1 at addr ffff8881038ffc3f by task kunit_try_catch/270 [ 13.268745] [ 13.268853] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.268902] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.268914] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.268936] Call Trace: [ 13.268948] <TASK> [ 13.268965] dump_stack_lvl+0x73/0xb0 [ 13.268997] print_report+0xd1/0x650 [ 13.269020] ? __virt_addr_valid+0x1db/0x2d0 [ 13.269044] ? kasan_alloca_oob_left+0x320/0x380 [ 13.269066] ? kasan_addr_to_slab+0x11/0xa0 [ 13.269087] ? kasan_alloca_oob_left+0x320/0x380 [ 13.269109] kasan_report+0x141/0x180 [ 13.269131] ? kasan_alloca_oob_left+0x320/0x380 [ 13.269157] __asan_report_load1_noabort+0x18/0x20 [ 13.269180] kasan_alloca_oob_left+0x320/0x380 [ 13.269201] ? __kasan_check_write+0x18/0x20 [ 13.269221] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.269243] ? finish_task_switch.isra.0+0x153/0x700 [ 13.269266] ? out_of_line_wait_on_bit_timeout+0x7e/0x190 [ 13.269290] ? trace_hardirqs_on+0x37/0xe0 [ 13.269316] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 13.269341] ? __schedule+0x10cc/0x2b60 [ 13.269376] ? __pfx_read_tsc+0x10/0x10 [ 13.269398] ? ktime_get_ts64+0x86/0x230 [ 13.269422] kunit_try_run_case+0x1a5/0x480 [ 13.269448] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.269470] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.269504] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.269526] ? __kthread_parkme+0x82/0x180 [ 13.269548] ? preempt_count_sub+0x50/0x80 [ 13.269582] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.269605] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.269628] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.269650] kthread+0x337/0x6f0 [ 13.269670] ? trace_preempt_on+0x20/0xc0 [ 13.269691] ? __pfx_kthread+0x10/0x10 [ 13.269712] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.269733] ? calculate_sigpending+0x7b/0xa0 [ 13.269773] ? __pfx_kthread+0x10/0x10 [ 13.269795] ret_from_fork+0x116/0x1d0 [ 13.269821] ? __pfx_kthread+0x10/0x10 [ 13.269840] ret_from_fork_asm+0x1a/0x30 [ 13.269872] </TASK> [ 13.269883] [ 13.278990] The buggy address belongs to stack of task kunit_try_catch/270 [ 13.279648] [ 13.279773] The buggy address belongs to the physical page: [ 13.280044] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038ff [ 13.280437] flags: 0x200000000000000(node=0|zone=2) [ 13.280755] raw: 0200000000000000 ffffea00040e3fc8 ffffea00040e3fc8 0000000000000000 [ 13.281024] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.281393] page dumped because: kasan: bad access detected [ 13.281593] [ 13.281670] Memory state around the buggy address: [ 13.281833] ffff8881038ffb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.282152] ffff8881038ffb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.282799] >ffff8881038ffc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 13.283163] ^ [ 13.283327] ffff8881038ffc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 13.284110] ffff8881038ffd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.284452] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 13.240900] ================================================================== [ 13.241697] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 13.241986] Read of size 1 at addr ffff88810393fd02 by task kunit_try_catch/268 [ 13.242404] [ 13.242678] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.242727] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.242739] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.242760] Call Trace: [ 13.242772] <TASK> [ 13.242790] dump_stack_lvl+0x73/0xb0 [ 13.242821] print_report+0xd1/0x650 [ 13.242844] ? __virt_addr_valid+0x1db/0x2d0 [ 13.243173] ? kasan_stack_oob+0x2b5/0x300 [ 13.243201] ? kasan_addr_to_slab+0x11/0xa0 [ 13.243222] ? kasan_stack_oob+0x2b5/0x300 [ 13.243242] kasan_report+0x141/0x180 [ 13.243264] ? kasan_stack_oob+0x2b5/0x300 [ 13.243288] __asan_report_load1_noabort+0x18/0x20 [ 13.243313] kasan_stack_oob+0x2b5/0x300 [ 13.243332] ? __pfx_kasan_stack_oob+0x10/0x10 [ 13.243351] ? finish_task_switch.isra.0+0x153/0x700 [ 13.243384] ? __switch_to+0x47/0xf50 [ 13.243411] ? __schedule+0x10cc/0x2b60 [ 13.243433] ? __pfx_read_tsc+0x10/0x10 [ 13.243452] ? ktime_get_ts64+0x86/0x230 [ 13.243476] kunit_try_run_case+0x1a5/0x480 [ 13.243500] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.243521] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.243545] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.243617] ? __kthread_parkme+0x82/0x180 [ 13.243640] ? preempt_count_sub+0x50/0x80 [ 13.243663] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.243691] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.243715] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.243738] kthread+0x337/0x6f0 [ 13.243757] ? trace_preempt_on+0x20/0xc0 [ 13.243781] ? __pfx_kthread+0x10/0x10 [ 13.243802] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.243822] ? calculate_sigpending+0x7b/0xa0 [ 13.243846] ? __pfx_kthread+0x10/0x10 [ 13.243866] ret_from_fork+0x116/0x1d0 [ 13.243884] ? __pfx_kthread+0x10/0x10 [ 13.243904] ret_from_fork_asm+0x1a/0x30 [ 13.243934] </TASK> [ 13.243946] [ 13.255128] The buggy address belongs to stack of task kunit_try_catch/268 [ 13.255508] and is located at offset 138 in frame: [ 13.255920] kasan_stack_oob+0x0/0x300 [ 13.256434] [ 13.256554] This frame has 4 objects: [ 13.257246] [48, 49) '__assertion' [ 13.257278] [64, 72) 'array' [ 13.257456] [96, 112) '__assertion' [ 13.257587] [128, 138) 'stack_array' [ 13.258085] [ 13.258458] The buggy address belongs to the physical page: [ 13.259002] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10393f [ 13.259313] flags: 0x200000000000000(node=0|zone=2) [ 13.259817] raw: 0200000000000000 ffffea00040e4fc8 ffffea00040e4fc8 0000000000000000 [ 13.260230] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.260553] page dumped because: kasan: bad access detected [ 13.260991] [ 13.261093] Memory state around the buggy address: [ 13.261434] ffff88810393fc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.261818] ffff88810393fc80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 13.262131] >ffff88810393fd00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.262440] ^ [ 13.262603] ffff88810393fd80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 13.263188] ffff88810393fe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.263548] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 13.213682] ================================================================== [ 13.214294] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 13.214845] Read of size 1 at addr ffffffff8ce61e8d by task kunit_try_catch/264 [ 13.215196] [ 13.215586] CPU: 0 UID: 0 PID: 264 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.215640] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.215653] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.215681] Call Trace: [ 13.215693] <TASK> [ 13.215711] dump_stack_lvl+0x73/0xb0 [ 13.215741] print_report+0xd1/0x650 [ 13.215765] ? __virt_addr_valid+0x1db/0x2d0 [ 13.215788] ? kasan_global_oob_right+0x286/0x2d0 [ 13.215808] ? kasan_addr_to_slab+0x11/0xa0 [ 13.215828] ? kasan_global_oob_right+0x286/0x2d0 [ 13.215849] kasan_report+0x141/0x180 [ 13.215871] ? kasan_global_oob_right+0x286/0x2d0 [ 13.215896] __asan_report_load1_noabort+0x18/0x20 [ 13.215920] kasan_global_oob_right+0x286/0x2d0 [ 13.215941] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 13.215964] ? __schedule+0x10cc/0x2b60 [ 13.215986] ? __pfx_read_tsc+0x10/0x10 [ 13.216007] ? ktime_get_ts64+0x86/0x230 [ 13.216030] kunit_try_run_case+0x1a5/0x480 [ 13.216055] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.216076] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.216099] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.216120] ? __kthread_parkme+0x82/0x180 [ 13.216141] ? preempt_count_sub+0x50/0x80 [ 13.216165] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.216187] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.216210] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.216232] kthread+0x337/0x6f0 [ 13.216251] ? trace_preempt_on+0x20/0xc0 [ 13.216274] ? __pfx_kthread+0x10/0x10 [ 13.216295] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.216315] ? calculate_sigpending+0x7b/0xa0 [ 13.216338] ? __pfx_kthread+0x10/0x10 [ 13.216371] ret_from_fork+0x116/0x1d0 [ 13.216389] ? __pfx_kthread+0x10/0x10 [ 13.216409] ret_from_fork_asm+0x1a/0x30 [ 13.216439] </TASK> [ 13.216451] [ 13.228723] The buggy address belongs to the variable: [ 13.229165] global_array+0xd/0x40 [ 13.229516] [ 13.229895] The buggy address belongs to the physical page: [ 13.230143] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x136a61 [ 13.230482] flags: 0x200000000002000(reserved|node=0|zone=2) [ 13.230750] raw: 0200000000002000 ffffea0004da9848 ffffea0004da9848 0000000000000000 [ 13.231333] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.231743] page dumped because: kasan: bad access detected [ 13.232165] [ 13.232247] Memory state around the buggy address: [ 13.232663] ffffffff8ce61d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.233175] ffffffff8ce61e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.233650] >ffffffff8ce61e80: 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 13.234091] ^ [ 13.234225] ffffffff8ce61f00: 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 [ 13.234691] ffffffff8ce61f80: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 13.235160] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 13.179080] ================================================================== [ 13.179561] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.180634] Free of addr ffff8881039c0001 by task kunit_try_catch/262 [ 13.181318] [ 13.181653] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.181706] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.181719] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.181744] Call Trace: [ 13.181757] <TASK> [ 13.181776] dump_stack_lvl+0x73/0xb0 [ 13.181908] print_report+0xd1/0x650 [ 13.181946] ? __virt_addr_valid+0x1db/0x2d0 [ 13.181972] ? kasan_addr_to_slab+0x11/0xa0 [ 13.181993] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.182020] kasan_report_invalid_free+0x10a/0x130 [ 13.182044] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.182071] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.182096] __kasan_mempool_poison_object+0x102/0x1d0 [ 13.182121] mempool_free+0x2ec/0x380 [ 13.182144] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.182169] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 13.182197] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.182219] ? finish_task_switch.isra.0+0x153/0x700 [ 13.182245] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 13.182270] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 13.182298] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.182320] ? __pfx_mempool_kfree+0x10/0x10 [ 13.182345] ? __pfx_read_tsc+0x10/0x10 [ 13.182376] ? ktime_get_ts64+0x86/0x230 [ 13.182401] kunit_try_run_case+0x1a5/0x480 [ 13.182427] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.182449] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.182473] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.182496] ? __kthread_parkme+0x82/0x180 [ 13.182517] ? preempt_count_sub+0x50/0x80 [ 13.182540] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.182564] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.182587] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.182610] kthread+0x337/0x6f0 [ 13.182629] ? trace_preempt_on+0x20/0xc0 [ 13.182653] ? __pfx_kthread+0x10/0x10 [ 13.182672] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.182693] ? calculate_sigpending+0x7b/0xa0 [ 13.182717] ? __pfx_kthread+0x10/0x10 [ 13.182738] ret_from_fork+0x116/0x1d0 [ 13.182756] ? __pfx_kthread+0x10/0x10 [ 13.182776] ret_from_fork_asm+0x1a/0x30 [ 13.182807] </TASK> [ 13.182819] [ 13.200179] The buggy address belongs to the physical page: [ 13.200553] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c0 [ 13.200951] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.201810] flags: 0x200000000000040(head|node=0|zone=2) [ 13.202483] page_type: f8(unknown) [ 13.202969] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.203737] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.204234] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.204477] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.205053] head: 0200000000000002 ffffea00040e7001 00000000ffffffff 00000000ffffffff [ 13.205922] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.206617] page dumped because: kasan: bad access detected [ 13.207198] [ 13.207273] Memory state around the buggy address: [ 13.207435] ffff8881039bff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.207645] ffff8881039bff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.207916] >ffff8881039c0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.208749] ^ [ 13.208934] ffff8881039c0080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.209323] ffff8881039c0100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.209798] ================================================================== [ 13.143468] ================================================================== [ 13.143908] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.144173] Free of addr ffff888103124601 by task kunit_try_catch/260 [ 13.144382] [ 13.144471] CPU: 0 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.144520] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.144533] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.144554] Call Trace: [ 13.144566] <TASK> [ 13.144582] dump_stack_lvl+0x73/0xb0 [ 13.144610] print_report+0xd1/0x650 [ 13.144632] ? __virt_addr_valid+0x1db/0x2d0 [ 13.144655] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.144676] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.144700] kasan_report_invalid_free+0x10a/0x130 [ 13.144724] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.144751] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.144775] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.144799] check_slab_allocation+0x11f/0x130 [ 13.144820] __kasan_mempool_poison_object+0x91/0x1d0 [ 13.144843] mempool_free+0x2ec/0x380 [ 13.144865] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.144888] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 13.144915] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.144937] ? finish_task_switch.isra.0+0x153/0x700 [ 13.144961] mempool_kmalloc_invalid_free+0xed/0x140 [ 13.144984] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 13.145009] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.145031] ? __pfx_mempool_kfree+0x10/0x10 [ 13.145056] ? __pfx_read_tsc+0x10/0x10 [ 13.145077] ? ktime_get_ts64+0x86/0x230 [ 13.145100] kunit_try_run_case+0x1a5/0x480 [ 13.145124] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.145145] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.145168] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.145189] ? __kthread_parkme+0x82/0x180 [ 13.145210] ? preempt_count_sub+0x50/0x80 [ 13.145231] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.145254] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.145275] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.145298] kthread+0x337/0x6f0 [ 13.145315] ? trace_preempt_on+0x20/0xc0 [ 13.145338] ? __pfx_kthread+0x10/0x10 [ 13.145710] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.145768] ? calculate_sigpending+0x7b/0xa0 [ 13.145795] ? __pfx_kthread+0x10/0x10 [ 13.145818] ret_from_fork+0x116/0x1d0 [ 13.146043] ? __pfx_kthread+0x10/0x10 [ 13.146068] ret_from_fork_asm+0x1a/0x30 [ 13.146103] </TASK> [ 13.146114] [ 13.163048] Allocated by task 260: [ 13.163207] kasan_save_stack+0x45/0x70 [ 13.163407] kasan_save_track+0x18/0x40 [ 13.163600] kasan_save_alloc_info+0x3b/0x50 [ 13.164231] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.164488] remove_element+0x11e/0x190 [ 13.164934] mempool_alloc_preallocated+0x4d/0x90 [ 13.165170] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 13.165495] mempool_kmalloc_invalid_free+0xed/0x140 [ 13.166118] kunit_try_run_case+0x1a5/0x480 [ 13.166335] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.166597] kthread+0x337/0x6f0 [ 13.167159] ret_from_fork+0x116/0x1d0 [ 13.167324] ret_from_fork_asm+0x1a/0x30 [ 13.167787] [ 13.167999] The buggy address belongs to the object at ffff888103124600 [ 13.167999] which belongs to the cache kmalloc-128 of size 128 [ 13.168808] The buggy address is located 1 bytes inside of [ 13.168808] 128-byte region [ffff888103124600, ffff888103124680) [ 13.169259] [ 13.169370] The buggy address belongs to the physical page: [ 13.169966] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103124 [ 13.170299] flags: 0x200000000000000(node=0|zone=2) [ 13.170818] page_type: f5(slab) [ 13.170989] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.171332] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.172054] page dumped because: kasan: bad access detected [ 13.172265] [ 13.172541] Memory state around the buggy address: [ 13.172991] ffff888103124500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.173442] ffff888103124580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.174030] >ffff888103124600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.174348] ^ [ 13.174677] ffff888103124680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.175089] ffff888103124700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.175492] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 13.115394] ================================================================== [ 13.116044] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 13.116406] Free of addr ffff8881039bc000 by task kunit_try_catch/258 [ 13.116690] [ 13.116889] CPU: 1 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.116938] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.116950] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.116971] Call Trace: [ 13.116984] <TASK> [ 13.117001] dump_stack_lvl+0x73/0xb0 [ 13.117032] print_report+0xd1/0x650 [ 13.117055] ? __virt_addr_valid+0x1db/0x2d0 [ 13.117489] ? kasan_addr_to_slab+0x11/0xa0 [ 13.117519] ? mempool_double_free_helper+0x184/0x370 [ 13.117546] kasan_report_invalid_free+0x10a/0x130 [ 13.117754] ? mempool_double_free_helper+0x184/0x370 [ 13.117788] ? mempool_double_free_helper+0x184/0x370 [ 13.117811] __kasan_mempool_poison_pages+0x115/0x130 [ 13.117835] mempool_free+0x290/0x380 [ 13.117857] mempool_double_free_helper+0x184/0x370 [ 13.117880] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 13.117905] ? __kasan_check_write+0x18/0x20 [ 13.117924] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.117946] ? finish_task_switch.isra.0+0x153/0x700 [ 13.117972] mempool_page_alloc_double_free+0xe8/0x140 [ 13.117996] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 13.118023] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 13.118042] ? __pfx_mempool_free_pages+0x10/0x10 [ 13.118064] ? __pfx_read_tsc+0x10/0x10 [ 13.118086] ? ktime_get_ts64+0x86/0x230 [ 13.118112] kunit_try_run_case+0x1a5/0x480 [ 13.118137] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.118159] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.118182] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.118204] ? __kthread_parkme+0x82/0x180 [ 13.118225] ? preempt_count_sub+0x50/0x80 [ 13.118247] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.118271] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.118293] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.118315] kthread+0x337/0x6f0 [ 13.118334] ? trace_preempt_on+0x20/0xc0 [ 13.118357] ? __pfx_kthread+0x10/0x10 [ 13.118392] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.118411] ? calculate_sigpending+0x7b/0xa0 [ 13.118434] ? __pfx_kthread+0x10/0x10 [ 13.118456] ret_from_fork+0x116/0x1d0 [ 13.118473] ? __pfx_kthread+0x10/0x10 [ 13.118493] ret_from_fork_asm+0x1a/0x30 [ 13.118523] </TASK> [ 13.118535] [ 13.132271] The buggy address belongs to the physical page: [ 13.132767] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bc [ 13.133135] flags: 0x200000000000000(node=0|zone=2) [ 13.133396] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 13.134156] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.134582] page dumped because: kasan: bad access detected [ 13.134996] [ 13.135118] Memory state around the buggy address: [ 13.135474] ffff8881039bbf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.136147] ffff8881039bbf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.136456] >ffff8881039bc000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.136944] ^ [ 13.137185] ffff8881039bc080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.137541] ffff8881039bc100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.138125] ================================================================== [ 13.086805] ================================================================== [ 13.087276] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 13.088268] Free of addr ffff8881039f4000 by task kunit_try_catch/256 [ 13.088674] [ 13.089207] CPU: 0 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.089260] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.089272] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.089294] Call Trace: [ 13.089307] <TASK> [ 13.089326] dump_stack_lvl+0x73/0xb0 [ 13.089357] print_report+0xd1/0x650 [ 13.089394] ? __virt_addr_valid+0x1db/0x2d0 [ 13.089418] ? kasan_addr_to_slab+0x11/0xa0 [ 13.089438] ? mempool_double_free_helper+0x184/0x370 [ 13.089461] kasan_report_invalid_free+0x10a/0x130 [ 13.089486] ? mempool_double_free_helper+0x184/0x370 [ 13.089511] ? mempool_double_free_helper+0x184/0x370 [ 13.089533] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 13.089557] mempool_free+0x2ec/0x380 [ 13.089708] mempool_double_free_helper+0x184/0x370 [ 13.089734] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 13.089759] ? __kasan_check_write+0x18/0x20 [ 13.089779] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.089801] ? finish_task_switch.isra.0+0x153/0x700 [ 13.089827] mempool_kmalloc_large_double_free+0xed/0x140 [ 13.089851] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 13.089877] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.089899] ? __pfx_mempool_kfree+0x10/0x10 [ 13.089923] ? __pfx_read_tsc+0x10/0x10 [ 13.089943] ? ktime_get_ts64+0x86/0x230 [ 13.089966] kunit_try_run_case+0x1a5/0x480 [ 13.089990] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.090012] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.090035] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.090058] ? __kthread_parkme+0x82/0x180 [ 13.090078] ? preempt_count_sub+0x50/0x80 [ 13.090100] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.090123] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.090145] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.090168] kthread+0x337/0x6f0 [ 13.090187] ? trace_preempt_on+0x20/0xc0 [ 13.090209] ? __pfx_kthread+0x10/0x10 [ 13.090230] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.090249] ? calculate_sigpending+0x7b/0xa0 [ 13.090271] ? __pfx_kthread+0x10/0x10 [ 13.090293] ret_from_fork+0x116/0x1d0 [ 13.090310] ? __pfx_kthread+0x10/0x10 [ 13.090330] ret_from_fork_asm+0x1a/0x30 [ 13.090372] </TASK> [ 13.090385] [ 13.103405] The buggy address belongs to the physical page: [ 13.103911] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 13.104377] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.104867] flags: 0x200000000000040(head|node=0|zone=2) [ 13.105244] page_type: f8(unknown) [ 13.105530] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.106101] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.106451] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.107076] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.107483] head: 0200000000000002 ffffea00040e7d01 00000000ffffffff 00000000ffffffff [ 13.108049] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.108499] page dumped because: kasan: bad access detected [ 13.108989] [ 13.109189] Memory state around the buggy address: [ 13.109389] ffff8881039f3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.110052] ffff8881039f3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.110471] >ffff8881039f4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.111024] ^ [ 13.111212] ffff8881039f4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.111601] ffff8881039f4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.112155] ================================================================== [ 13.052813] ================================================================== [ 13.053310] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 13.053911] Free of addr ffff888103124200 by task kunit_try_catch/254 [ 13.054385] [ 13.054520] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.054606] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.054620] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.054640] Call Trace: [ 13.054652] <TASK> [ 13.054667] dump_stack_lvl+0x73/0xb0 [ 13.054699] print_report+0xd1/0x650 [ 13.054723] ? __virt_addr_valid+0x1db/0x2d0 [ 13.054886] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.054912] ? mempool_double_free_helper+0x184/0x370 [ 13.054938] kasan_report_invalid_free+0x10a/0x130 [ 13.054962] ? mempool_double_free_helper+0x184/0x370 [ 13.054989] ? mempool_double_free_helper+0x184/0x370 [ 13.055011] ? mempool_double_free_helper+0x184/0x370 [ 13.055033] check_slab_allocation+0x101/0x130 [ 13.055054] __kasan_mempool_poison_object+0x91/0x1d0 [ 13.055078] mempool_free+0x2ec/0x380 [ 13.055101] mempool_double_free_helper+0x184/0x370 [ 13.055124] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 13.055150] ? finish_task_switch.isra.0+0x153/0x700 [ 13.055176] mempool_kmalloc_double_free+0xed/0x140 [ 13.055199] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 13.055225] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.055247] ? __pfx_mempool_kfree+0x10/0x10 [ 13.055271] ? __pfx_read_tsc+0x10/0x10 [ 13.055292] ? ktime_get_ts64+0x86/0x230 [ 13.055315] kunit_try_run_case+0x1a5/0x480 [ 13.055339] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.055371] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.055396] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.055417] ? __kthread_parkme+0x82/0x180 [ 13.055437] ? preempt_count_sub+0x50/0x80 [ 13.055459] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.055482] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.055504] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.055526] kthread+0x337/0x6f0 [ 13.055546] ? trace_preempt_on+0x20/0xc0 [ 13.055593] ? __pfx_kthread+0x10/0x10 [ 13.055614] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.055635] ? calculate_sigpending+0x7b/0xa0 [ 13.055659] ? __pfx_kthread+0x10/0x10 [ 13.055687] ret_from_fork+0x116/0x1d0 [ 13.055706] ? __pfx_kthread+0x10/0x10 [ 13.055728] ret_from_fork_asm+0x1a/0x30 [ 13.055777] </TASK> [ 13.055787] [ 13.068000] Allocated by task 254: [ 13.068221] kasan_save_stack+0x45/0x70 [ 13.068824] kasan_save_track+0x18/0x40 [ 13.069027] kasan_save_alloc_info+0x3b/0x50 [ 13.069375] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.069679] remove_element+0x11e/0x190 [ 13.070137] mempool_alloc_preallocated+0x4d/0x90 [ 13.070396] mempool_double_free_helper+0x8a/0x370 [ 13.070864] mempool_kmalloc_double_free+0xed/0x140 [ 13.071118] kunit_try_run_case+0x1a5/0x480 [ 13.071438] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.071701] kthread+0x337/0x6f0 [ 13.072018] ret_from_fork+0x116/0x1d0 [ 13.072241] ret_from_fork_asm+0x1a/0x30 [ 13.072562] [ 13.072830] Freed by task 254: [ 13.072995] kasan_save_stack+0x45/0x70 [ 13.073249] kasan_save_track+0x18/0x40 [ 13.073457] kasan_save_free_info+0x3f/0x60 [ 13.073665] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.073876] mempool_free+0x2ec/0x380 [ 13.074054] mempool_double_free_helper+0x109/0x370 [ 13.074279] mempool_kmalloc_double_free+0xed/0x140 [ 13.074515] kunit_try_run_case+0x1a5/0x480 [ 13.074724] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.074946] kthread+0x337/0x6f0 [ 13.075115] ret_from_fork+0x116/0x1d0 [ 13.075288] ret_from_fork_asm+0x1a/0x30 [ 13.076176] [ 13.076292] The buggy address belongs to the object at ffff888103124200 [ 13.076292] which belongs to the cache kmalloc-128 of size 128 [ 13.077212] The buggy address is located 0 bytes inside of [ 13.077212] 128-byte region [ffff888103124200, ffff888103124280) [ 13.077968] [ 13.078086] The buggy address belongs to the physical page: [ 13.078452] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103124 [ 13.078962] flags: 0x200000000000000(node=0|zone=2) [ 13.079294] page_type: f5(slab) [ 13.079567] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.080083] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.080513] page dumped because: kasan: bad access detected [ 13.080911] [ 13.081017] Memory state around the buggy address: [ 13.081241] ffff888103124100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.081871] ffff888103124180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.082245] >ffff888103124200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.082609] ^ [ 13.082862] ffff888103124280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.083372] ffff888103124300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.083797] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 12.956406] ================================================================== [ 12.957305] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 12.957970] Read of size 1 at addr ffff8881039f4000 by task kunit_try_catch/248 [ 12.958430] [ 12.958689] CPU: 0 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.958740] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.958766] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.958788] Call Trace: [ 12.958802] <TASK> [ 12.958819] dump_stack_lvl+0x73/0xb0 [ 12.958852] print_report+0xd1/0x650 [ 12.958875] ? __virt_addr_valid+0x1db/0x2d0 [ 12.958900] ? mempool_uaf_helper+0x392/0x400 [ 12.958922] ? kasan_addr_to_slab+0x11/0xa0 [ 12.958941] ? mempool_uaf_helper+0x392/0x400 [ 12.958962] kasan_report+0x141/0x180 [ 12.958984] ? mempool_uaf_helper+0x392/0x400 [ 12.959011] __asan_report_load1_noabort+0x18/0x20 [ 12.959035] mempool_uaf_helper+0x392/0x400 [ 12.959057] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 12.959080] ? __kasan_check_write+0x18/0x20 [ 12.959099] ? __pfx_sched_clock_cpu+0x10/0x10 [ 12.959121] ? finish_task_switch.isra.0+0x153/0x700 [ 12.959147] mempool_kmalloc_large_uaf+0xef/0x140 [ 12.959169] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 12.959194] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.959218] ? __pfx_mempool_kfree+0x10/0x10 [ 12.959242] ? __pfx_read_tsc+0x10/0x10 [ 12.959263] ? ktime_get_ts64+0x86/0x230 [ 12.959288] kunit_try_run_case+0x1a5/0x480 [ 12.959315] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.959335] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.959359] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.959393] ? __kthread_parkme+0x82/0x180 [ 12.959414] ? preempt_count_sub+0x50/0x80 [ 12.959436] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.959459] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.959481] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.959505] kthread+0x337/0x6f0 [ 12.959523] ? trace_preempt_on+0x20/0xc0 [ 12.959547] ? __pfx_kthread+0x10/0x10 [ 12.959567] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.959597] ? calculate_sigpending+0x7b/0xa0 [ 12.959622] ? __pfx_kthread+0x10/0x10 [ 12.959642] ret_from_fork+0x116/0x1d0 [ 12.959660] ? __pfx_kthread+0x10/0x10 [ 12.959686] ret_from_fork_asm+0x1a/0x30 [ 12.959717] </TASK> [ 12.959729] [ 12.974054] The buggy address belongs to the physical page: [ 12.974249] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 12.974507] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.974750] flags: 0x200000000000040(head|node=0|zone=2) [ 12.974956] page_type: f8(unknown) [ 12.975088] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.975320] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.975589] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.976219] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.976769] head: 0200000000000002 ffffea00040e7d01 00000000ffffffff 00000000ffffffff [ 12.977344] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.977640] page dumped because: kasan: bad access detected [ 12.978160] [ 12.978315] Memory state around the buggy address: [ 12.978764] ffff8881039f3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.979521] ffff8881039f3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.979901] >ffff8881039f4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.980509] ^ [ 12.980993] ffff8881039f4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.981395] ffff8881039f4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.981670] ================================================================== [ 13.027113] ================================================================== [ 13.027687] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.028682] Read of size 1 at addr ffff8881039f4000 by task kunit_try_catch/252 [ 13.029348] [ 13.029507] CPU: 0 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.029712] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.029728] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.029805] Call Trace: [ 13.029820] <TASK> [ 13.029840] dump_stack_lvl+0x73/0xb0 [ 13.029873] print_report+0xd1/0x650 [ 13.029898] ? __virt_addr_valid+0x1db/0x2d0 [ 13.029922] ? mempool_uaf_helper+0x392/0x400 [ 13.029945] ? kasan_addr_to_slab+0x11/0xa0 [ 13.029966] ? mempool_uaf_helper+0x392/0x400 [ 13.029989] kasan_report+0x141/0x180 [ 13.030011] ? mempool_uaf_helper+0x392/0x400 [ 13.030038] __asan_report_load1_noabort+0x18/0x20 [ 13.030062] mempool_uaf_helper+0x392/0x400 [ 13.030084] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.030107] ? __kasan_check_write+0x18/0x20 [ 13.030127] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.030150] ? finish_task_switch.isra.0+0x153/0x700 [ 13.030176] mempool_page_alloc_uaf+0xed/0x140 [ 13.030198] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 13.030224] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 13.030245] ? __pfx_mempool_free_pages+0x10/0x10 [ 13.030266] ? __pfx_read_tsc+0x10/0x10 [ 13.030287] ? ktime_get_ts64+0x86/0x230 [ 13.030311] kunit_try_run_case+0x1a5/0x480 [ 13.030336] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.030358] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.030393] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.030415] ? __kthread_parkme+0x82/0x180 [ 13.030436] ? preempt_count_sub+0x50/0x80 [ 13.030459] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.030482] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.030504] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.030527] kthread+0x337/0x6f0 [ 13.030546] ? trace_preempt_on+0x20/0xc0 [ 13.030580] ? __pfx_kthread+0x10/0x10 [ 13.030602] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.030622] ? calculate_sigpending+0x7b/0xa0 [ 13.030645] ? __pfx_kthread+0x10/0x10 [ 13.030666] ret_from_fork+0x116/0x1d0 [ 13.030684] ? __pfx_kthread+0x10/0x10 [ 13.030704] ret_from_fork_asm+0x1a/0x30 [ 13.030734] </TASK> [ 13.030745] [ 13.043325] The buggy address belongs to the physical page: [ 13.043793] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 13.044162] flags: 0x200000000000000(node=0|zone=2) [ 13.044425] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 13.045041] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.045446] page dumped because: kasan: bad access detected [ 13.045895] [ 13.046094] Memory state around the buggy address: [ 13.046377] ffff8881039f3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.046987] ffff8881039f3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.047280] >ffff8881039f4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.047615] ^ [ 13.047982] ffff8881039f4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.048307] ffff8881039f4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.048916] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 12.921350] ================================================================== [ 12.922772] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 12.923022] Read of size 1 at addr ffff888102c8b500 by task kunit_try_catch/246 [ 12.923246] [ 12.923334] CPU: 1 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.923389] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.923401] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.923421] Call Trace: [ 12.923434] <TASK> [ 12.923451] dump_stack_lvl+0x73/0xb0 [ 12.923477] print_report+0xd1/0x650 [ 12.923499] ? __virt_addr_valid+0x1db/0x2d0 [ 12.923521] ? mempool_uaf_helper+0x392/0x400 [ 12.923541] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.923563] ? mempool_uaf_helper+0x392/0x400 [ 12.923585] kasan_report+0x141/0x180 [ 12.923605] ? mempool_uaf_helper+0x392/0x400 [ 12.923630] __asan_report_load1_noabort+0x18/0x20 [ 12.923654] mempool_uaf_helper+0x392/0x400 [ 12.923681] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 12.923704] ? __kasan_check_write+0x18/0x20 [ 12.923735] ? __pfx_sched_clock_cpu+0x10/0x10 [ 12.923769] ? finish_task_switch.isra.0+0x153/0x700 [ 12.923805] mempool_kmalloc_uaf+0xef/0x140 [ 12.923826] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 12.923850] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.923874] ? __pfx_mempool_kfree+0x10/0x10 [ 12.923899] ? __pfx_read_tsc+0x10/0x10 [ 12.923920] ? ktime_get_ts64+0x86/0x230 [ 12.923943] kunit_try_run_case+0x1a5/0x480 [ 12.923967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.923988] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.924010] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.924032] ? __kthread_parkme+0x82/0x180 [ 12.924052] ? preempt_count_sub+0x50/0x80 [ 12.924075] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.924098] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.924120] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.924141] kthread+0x337/0x6f0 [ 12.924160] ? trace_preempt_on+0x20/0xc0 [ 12.924182] ? __pfx_kthread+0x10/0x10 [ 12.924202] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.924222] ? calculate_sigpending+0x7b/0xa0 [ 12.924254] ? __pfx_kthread+0x10/0x10 [ 12.924274] ret_from_fork+0x116/0x1d0 [ 12.924292] ? __pfx_kthread+0x10/0x10 [ 12.924321] ret_from_fork_asm+0x1a/0x30 [ 12.924352] </TASK> [ 12.924372] [ 12.935648] Allocated by task 246: [ 12.936356] kasan_save_stack+0x45/0x70 [ 12.936856] kasan_save_track+0x18/0x40 [ 12.937053] kasan_save_alloc_info+0x3b/0x50 [ 12.937212] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 12.937476] remove_element+0x11e/0x190 [ 12.937978] mempool_alloc_preallocated+0x4d/0x90 [ 12.938171] mempool_uaf_helper+0x96/0x400 [ 12.938648] mempool_kmalloc_uaf+0xef/0x140 [ 12.938958] kunit_try_run_case+0x1a5/0x480 [ 12.939140] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.939407] kthread+0x337/0x6f0 [ 12.939951] ret_from_fork+0x116/0x1d0 [ 12.940148] ret_from_fork_asm+0x1a/0x30 [ 12.940497] [ 12.940682] Freed by task 246: [ 12.940974] kasan_save_stack+0x45/0x70 [ 12.941293] kasan_save_track+0x18/0x40 [ 12.941639] kasan_save_free_info+0x3f/0x60 [ 12.941980] __kasan_mempool_poison_object+0x131/0x1d0 [ 12.942376] mempool_free+0x2ec/0x380 [ 12.942746] mempool_uaf_helper+0x11a/0x400 [ 12.942919] mempool_kmalloc_uaf+0xef/0x140 [ 12.943303] kunit_try_run_case+0x1a5/0x480 [ 12.943562] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.943871] kthread+0x337/0x6f0 [ 12.944011] ret_from_fork+0x116/0x1d0 [ 12.944201] ret_from_fork_asm+0x1a/0x30 [ 12.944409] [ 12.944506] The buggy address belongs to the object at ffff888102c8b500 [ 12.944506] which belongs to the cache kmalloc-128 of size 128 [ 12.945466] The buggy address is located 0 bytes inside of [ 12.945466] freed 128-byte region [ffff888102c8b500, ffff888102c8b580) [ 12.946336] [ 12.946433] The buggy address belongs to the physical page: [ 12.946998] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c8b [ 12.947494] flags: 0x200000000000000(node=0|zone=2) [ 12.947829] page_type: f5(slab) [ 12.947994] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.948321] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.948664] page dumped because: kasan: bad access detected [ 12.949242] [ 12.949334] Memory state around the buggy address: [ 12.949762] ffff888102c8b400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.950330] ffff888102c8b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.950877] >ffff888102c8b500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.951280] ^ [ 12.951535] ffff888102c8b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.952160] ffff888102c8b600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.952462] ================================================================== [ 12.987293] ================================================================== [ 12.988021] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 12.988382] Read of size 1 at addr ffff888103987240 by task kunit_try_catch/250 [ 12.988721] [ 12.988826] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.988871] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.988884] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.988906] Call Trace: [ 12.988919] <TASK> [ 12.988934] dump_stack_lvl+0x73/0xb0 [ 12.988963] print_report+0xd1/0x650 [ 12.988985] ? __virt_addr_valid+0x1db/0x2d0 [ 12.989008] ? mempool_uaf_helper+0x392/0x400 [ 12.989028] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.989049] ? mempool_uaf_helper+0x392/0x400 [ 12.989071] kasan_report+0x141/0x180 [ 12.989092] ? mempool_uaf_helper+0x392/0x400 [ 12.989117] __asan_report_load1_noabort+0x18/0x20 [ 12.989142] mempool_uaf_helper+0x392/0x400 [ 12.989164] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 12.989187] ? __pfx_sched_clock_cpu+0x10/0x10 [ 12.989211] ? finish_task_switch.isra.0+0x153/0x700 [ 12.989237] mempool_slab_uaf+0xea/0x140 [ 12.989293] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 12.989318] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 12.989338] ? __pfx_mempool_free_slab+0x10/0x10 [ 12.989380] ? __pfx_read_tsc+0x10/0x10 [ 12.989401] ? ktime_get_ts64+0x86/0x230 [ 12.989425] kunit_try_run_case+0x1a5/0x480 [ 12.989449] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.989470] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.989493] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.989516] ? __kthread_parkme+0x82/0x180 [ 12.989536] ? preempt_count_sub+0x50/0x80 [ 12.989558] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.989580] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.989602] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.989626] kthread+0x337/0x6f0 [ 12.989644] ? trace_preempt_on+0x20/0xc0 [ 12.989667] ? __pfx_kthread+0x10/0x10 [ 12.989687] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.989707] ? calculate_sigpending+0x7b/0xa0 [ 12.989730] ? __pfx_kthread+0x10/0x10 [ 12.989751] ret_from_fork+0x116/0x1d0 [ 12.989769] ? __pfx_kthread+0x10/0x10 [ 12.989790] ret_from_fork_asm+0x1a/0x30 [ 12.989820] </TASK> [ 12.989831] [ 13.001418] Allocated by task 250: [ 13.001852] kasan_save_stack+0x45/0x70 [ 13.002062] kasan_save_track+0x18/0x40 [ 13.002247] kasan_save_alloc_info+0x3b/0x50 [ 13.002452] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 13.002681] remove_element+0x11e/0x190 [ 13.003379] mempool_alloc_preallocated+0x4d/0x90 [ 13.003554] mempool_uaf_helper+0x96/0x400 [ 13.004003] mempool_slab_uaf+0xea/0x140 [ 13.004165] kunit_try_run_case+0x1a5/0x480 [ 13.004380] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.004973] kthread+0x337/0x6f0 [ 13.005138] ret_from_fork+0x116/0x1d0 [ 13.005512] ret_from_fork_asm+0x1a/0x30 [ 13.005946] [ 13.006160] Freed by task 250: [ 13.006282] kasan_save_stack+0x45/0x70 [ 13.006901] kasan_save_track+0x18/0x40 [ 13.007114] kasan_save_free_info+0x3f/0x60 [ 13.007423] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.007888] mempool_free+0x2ec/0x380 [ 13.008201] mempool_uaf_helper+0x11a/0x400 [ 13.008518] mempool_slab_uaf+0xea/0x140 [ 13.008745] kunit_try_run_case+0x1a5/0x480 [ 13.009069] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.009333] kthread+0x337/0x6f0 [ 13.009506] ret_from_fork+0x116/0x1d0 [ 13.010088] ret_from_fork_asm+0x1a/0x30 [ 13.010277] [ 13.010353] The buggy address belongs to the object at ffff888103987240 [ 13.010353] which belongs to the cache test_cache of size 123 [ 13.011443] The buggy address is located 0 bytes inside of [ 13.011443] freed 123-byte region [ffff888103987240, ffff8881039872bb) [ 13.012347] [ 13.012460] The buggy address belongs to the physical page: [ 13.012953] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103987 [ 13.013324] flags: 0x200000000000000(node=0|zone=2) [ 13.013557] page_type: f5(slab) [ 13.014148] raw: 0200000000000000 ffff888100faeb40 dead000000000122 0000000000000000 [ 13.014658] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 13.015130] page dumped because: kasan: bad access detected [ 13.015503] [ 13.015802] Memory state around the buggy address: [ 13.016186] ffff888103987100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.016657] ffff888103987180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.017183] >ffff888103987200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 13.017520] ^ [ 13.018017] ffff888103987280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.018439] ffff888103987300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.018991] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 12.856795] ================================================================== [ 12.857322] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 12.857739] Read of size 1 at addr ffff8881039ba001 by task kunit_try_catch/242 [ 12.858328] [ 12.858510] CPU: 1 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.858698] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.858710] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.858738] Call Trace: [ 12.858752] <TASK> [ 12.858770] dump_stack_lvl+0x73/0xb0 [ 12.858803] print_report+0xd1/0x650 [ 12.858826] ? __virt_addr_valid+0x1db/0x2d0 [ 12.858851] ? mempool_oob_right_helper+0x318/0x380 [ 12.858873] ? kasan_addr_to_slab+0x11/0xa0 [ 12.858892] ? mempool_oob_right_helper+0x318/0x380 [ 12.858915] kasan_report+0x141/0x180 [ 12.858936] ? mempool_oob_right_helper+0x318/0x380 [ 12.858963] __asan_report_load1_noabort+0x18/0x20 [ 12.858987] mempool_oob_right_helper+0x318/0x380 [ 12.859010] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 12.859034] ? __pfx_sched_clock_cpu+0x10/0x10 [ 12.859057] ? finish_task_switch.isra.0+0x153/0x700 [ 12.859082] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 12.859105] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 12.859131] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.859155] ? __pfx_mempool_kfree+0x10/0x10 [ 12.859179] ? __pfx_read_tsc+0x10/0x10 [ 12.859200] ? ktime_get_ts64+0x86/0x230 [ 12.859225] kunit_try_run_case+0x1a5/0x480 [ 12.859251] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.859272] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.859295] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.859317] ? __kthread_parkme+0x82/0x180 [ 12.859338] ? preempt_count_sub+0x50/0x80 [ 12.859360] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.859393] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.859415] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.859437] kthread+0x337/0x6f0 [ 12.859455] ? trace_preempt_on+0x20/0xc0 [ 12.859478] ? __pfx_kthread+0x10/0x10 [ 12.859501] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.859521] ? calculate_sigpending+0x7b/0xa0 [ 12.859546] ? __pfx_kthread+0x10/0x10 [ 12.859567] ret_from_fork+0x116/0x1d0 [ 12.859586] ? __pfx_kthread+0x10/0x10 [ 12.859606] ret_from_fork_asm+0x1a/0x30 [ 12.859638] </TASK> [ 12.859649] [ 12.869273] The buggy address belongs to the physical page: [ 12.869622] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 12.870003] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.870386] flags: 0x200000000000040(head|node=0|zone=2) [ 12.870711] page_type: f8(unknown) [ 12.871085] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.871464] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.872073] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.872357] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.872657] head: 0200000000000002 ffffea00040e6e01 00000000ffffffff 00000000ffffffff [ 12.873228] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.873624] page dumped because: kasan: bad access detected [ 12.874045] [ 12.874197] Memory state around the buggy address: [ 12.874380] ffff8881039b9f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.874897] ffff8881039b9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.875386] >ffff8881039ba000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.875811] ^ [ 12.876033] ffff8881039ba080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.876273] ffff8881039ba100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.876626] ================================================================== [ 12.828840] ================================================================== [ 12.829285] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 12.830006] Read of size 1 at addr ffff888103109e73 by task kunit_try_catch/240 [ 12.830346] [ 12.830472] CPU: 0 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.830522] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.830533] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.830555] Call Trace: [ 12.830568] <TASK> [ 12.830589] dump_stack_lvl+0x73/0xb0 [ 12.830622] print_report+0xd1/0x650 [ 12.830645] ? __virt_addr_valid+0x1db/0x2d0 [ 12.830671] ? mempool_oob_right_helper+0x318/0x380 [ 12.830693] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.830714] ? mempool_oob_right_helper+0x318/0x380 [ 12.830737] kasan_report+0x141/0x180 [ 12.830758] ? mempool_oob_right_helper+0x318/0x380 [ 12.830785] __asan_report_load1_noabort+0x18/0x20 [ 12.830808] mempool_oob_right_helper+0x318/0x380 [ 12.830832] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 12.830856] ? __kasan_check_write+0x18/0x20 [ 12.830875] ? __pfx_sched_clock_cpu+0x10/0x10 [ 12.830898] ? finish_task_switch.isra.0+0x153/0x700 [ 12.830923] mempool_kmalloc_oob_right+0xf2/0x150 [ 12.830945] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 12.830970] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.830994] ? __pfx_mempool_kfree+0x10/0x10 [ 12.831018] ? __pfx_read_tsc+0x10/0x10 [ 12.831039] ? ktime_get_ts64+0x86/0x230 [ 12.831064] kunit_try_run_case+0x1a5/0x480 [ 12.831090] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.831111] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.831134] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.831156] ? __kthread_parkme+0x82/0x180 [ 12.831177] ? preempt_count_sub+0x50/0x80 [ 12.831199] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.831222] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.831244] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.831267] kthread+0x337/0x6f0 [ 12.831285] ? trace_preempt_on+0x20/0xc0 [ 12.831308] ? __pfx_kthread+0x10/0x10 [ 12.831328] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.831347] ? calculate_sigpending+0x7b/0xa0 [ 12.831382] ? __pfx_kthread+0x10/0x10 [ 12.831403] ret_from_fork+0x116/0x1d0 [ 12.831420] ? __pfx_kthread+0x10/0x10 [ 12.831440] ret_from_fork_asm+0x1a/0x30 [ 12.831471] </TASK> [ 12.831482] [ 12.840480] Allocated by task 240: [ 12.840755] kasan_save_stack+0x45/0x70 [ 12.840943] kasan_save_track+0x18/0x40 [ 12.841112] kasan_save_alloc_info+0x3b/0x50 [ 12.841297] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 12.841530] remove_element+0x11e/0x190 [ 12.841759] mempool_alloc_preallocated+0x4d/0x90 [ 12.841973] mempool_oob_right_helper+0x8a/0x380 [ 12.842180] mempool_kmalloc_oob_right+0xf2/0x150 [ 12.842397] kunit_try_run_case+0x1a5/0x480 [ 12.842864] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.843101] kthread+0x337/0x6f0 [ 12.843257] ret_from_fork+0x116/0x1d0 [ 12.843428] ret_from_fork_asm+0x1a/0x30 [ 12.843565] [ 12.843636] The buggy address belongs to the object at ffff888103109e00 [ 12.843636] which belongs to the cache kmalloc-128 of size 128 [ 12.844142] The buggy address is located 0 bytes to the right of [ 12.844142] allocated 115-byte region [ffff888103109e00, ffff888103109e73) [ 12.845900] [ 12.846009] The buggy address belongs to the physical page: [ 12.846242] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103109 [ 12.846640] flags: 0x200000000000000(node=0|zone=2) [ 12.846877] page_type: f5(slab) [ 12.847036] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.847332] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.848477] page dumped because: kasan: bad access detected [ 12.848676] [ 12.848750] Memory state around the buggy address: [ 12.849531] ffff888103109d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.850507] ffff888103109d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.850732] >ffff888103109e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.851333] ^ [ 12.852012] ffff888103109e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.852663] ffff888103109f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.853108] ================================================================== [ 12.881280] ================================================================== [ 12.882121] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 12.882796] Read of size 1 at addr ffff8881031222bb by task kunit_try_catch/244 [ 12.883200] [ 12.883293] CPU: 0 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.883340] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.883352] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.883387] Call Trace: [ 12.883399] <TASK> [ 12.883416] dump_stack_lvl+0x73/0xb0 [ 12.883446] print_report+0xd1/0x650 [ 12.883469] ? __virt_addr_valid+0x1db/0x2d0 [ 12.883494] ? mempool_oob_right_helper+0x318/0x380 [ 12.883517] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.883540] ? mempool_oob_right_helper+0x318/0x380 [ 12.883563] kasan_report+0x141/0x180 [ 12.883596] ? mempool_oob_right_helper+0x318/0x380 [ 12.883624] __asan_report_load1_noabort+0x18/0x20 [ 12.883648] mempool_oob_right_helper+0x318/0x380 [ 12.883765] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 12.883800] ? __pfx_sched_clock_cpu+0x10/0x10 [ 12.883823] ? finish_task_switch.isra.0+0x153/0x700 [ 12.883883] mempool_slab_oob_right+0xed/0x140 [ 12.883908] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 12.883935] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 12.883956] ? __pfx_mempool_free_slab+0x10/0x10 [ 12.883977] ? __pfx_read_tsc+0x10/0x10 [ 12.883999] ? ktime_get_ts64+0x86/0x230 [ 12.884024] kunit_try_run_case+0x1a5/0x480 [ 12.884049] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.884071] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.884095] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.884117] ? __kthread_parkme+0x82/0x180 [ 12.884139] ? preempt_count_sub+0x50/0x80 [ 12.884161] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.884185] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.884208] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.884232] kthread+0x337/0x6f0 [ 12.884251] ? trace_preempt_on+0x20/0xc0 [ 12.884275] ? __pfx_kthread+0x10/0x10 [ 12.884296] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.884317] ? calculate_sigpending+0x7b/0xa0 [ 12.884342] ? __pfx_kthread+0x10/0x10 [ 12.884374] ret_from_fork+0x116/0x1d0 [ 12.884393] ? __pfx_kthread+0x10/0x10 [ 12.884413] ret_from_fork_asm+0x1a/0x30 [ 12.884444] </TASK> [ 12.884456] [ 12.899216] Allocated by task 244: [ 12.899358] kasan_save_stack+0x45/0x70 [ 12.899527] kasan_save_track+0x18/0x40 [ 12.899767] kasan_save_alloc_info+0x3b/0x50 [ 12.899941] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 12.900308] remove_element+0x11e/0x190 [ 12.900457] mempool_alloc_preallocated+0x4d/0x90 [ 12.900690] mempool_oob_right_helper+0x8a/0x380 [ 12.901195] mempool_slab_oob_right+0xed/0x140 [ 12.901611] kunit_try_run_case+0x1a5/0x480 [ 12.902114] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.902590] kthread+0x337/0x6f0 [ 12.902946] ret_from_fork+0x116/0x1d0 [ 12.903280] ret_from_fork_asm+0x1a/0x30 [ 12.903435] [ 12.903510] The buggy address belongs to the object at ffff888103122240 [ 12.903510] which belongs to the cache test_cache of size 123 [ 12.904596] The buggy address is located 0 bytes to the right of [ 12.904596] allocated 123-byte region [ffff888103122240, ffff8881031222bb) [ 12.905909] [ 12.906105] The buggy address belongs to the physical page: [ 12.906285] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103122 [ 12.906543] flags: 0x200000000000000(node=0|zone=2) [ 12.907054] page_type: f5(slab) [ 12.907400] raw: 0200000000000000 ffff888101b7e500 dead000000000122 0000000000000000 [ 12.908189] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 12.908930] page dumped because: kasan: bad access detected [ 12.909425] [ 12.909583] Memory state around the buggy address: [ 12.910117] ffff888103122180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.910343] ffff888103122200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 12.910585] >ffff888103122280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 12.911240] ^ [ 12.911774] ffff888103122300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.912386] ffff888103122380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.913076] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 12.252311] ================================================================== [ 12.253157] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 12.254328] Read of size 1 at addr ffff888100fae8c0 by task kunit_try_catch/234 [ 12.255126] [ 12.255395] CPU: 1 UID: 0 PID: 234 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.255448] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.255461] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.255484] Call Trace: [ 12.255497] <TASK> [ 12.255516] dump_stack_lvl+0x73/0xb0 [ 12.255553] print_report+0xd1/0x650 [ 12.255579] ? __virt_addr_valid+0x1db/0x2d0 [ 12.255604] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.255628] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.255649] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.255673] kasan_report+0x141/0x180 [ 12.255699] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.255725] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.255749] __kasan_check_byte+0x3d/0x50 [ 12.255770] kmem_cache_destroy+0x25/0x1d0 [ 12.255793] kmem_cache_double_destroy+0x1bf/0x380 [ 12.255815] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 12.255838] ? finish_task_switch.isra.0+0x153/0x700 [ 12.255862] ? __switch_to+0x47/0xf50 [ 12.255890] ? __pfx_read_tsc+0x10/0x10 [ 12.255911] ? ktime_get_ts64+0x86/0x230 [ 12.255935] kunit_try_run_case+0x1a5/0x480 [ 12.255961] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.255983] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.256006] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.256029] ? __kthread_parkme+0x82/0x180 [ 12.256050] ? preempt_count_sub+0x50/0x80 [ 12.256072] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.256094] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.256116] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.256138] kthread+0x337/0x6f0 [ 12.256157] ? trace_preempt_on+0x20/0xc0 [ 12.256180] ? __pfx_kthread+0x10/0x10 [ 12.256200] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.256220] ? calculate_sigpending+0x7b/0xa0 [ 12.256244] ? __pfx_kthread+0x10/0x10 [ 12.256263] ret_from_fork+0x116/0x1d0 [ 12.256282] ? __pfx_kthread+0x10/0x10 [ 12.256302] ret_from_fork_asm+0x1a/0x30 [ 12.256332] </TASK> [ 12.256344] [ 12.272059] Allocated by task 234: [ 12.272351] kasan_save_stack+0x45/0x70 [ 12.272522] kasan_save_track+0x18/0x40 [ 12.272674] kasan_save_alloc_info+0x3b/0x50 [ 12.273150] __kasan_slab_alloc+0x91/0xa0 [ 12.273308] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.273515] __kmem_cache_create_args+0x169/0x240 [ 12.274624] kmem_cache_double_destroy+0xd5/0x380 [ 12.274866] kunit_try_run_case+0x1a5/0x480 [ 12.275025] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.275391] kthread+0x337/0x6f0 [ 12.275551] ret_from_fork+0x116/0x1d0 [ 12.275838] ret_from_fork_asm+0x1a/0x30 [ 12.276111] [ 12.276241] Freed by task 234: [ 12.276505] kasan_save_stack+0x45/0x70 [ 12.276905] kasan_save_track+0x18/0x40 [ 12.277105] kasan_save_free_info+0x3f/0x60 [ 12.277282] __kasan_slab_free+0x56/0x70 [ 12.277484] kmem_cache_free+0x249/0x420 [ 12.277717] slab_kmem_cache_release+0x2e/0x40 [ 12.278192] kmem_cache_release+0x16/0x20 [ 12.278430] kobject_put+0x181/0x450 [ 12.278573] sysfs_slab_release+0x16/0x20 [ 12.279058] kmem_cache_destroy+0xf0/0x1d0 [ 12.279240] kmem_cache_double_destroy+0x14e/0x380 [ 12.279623] kunit_try_run_case+0x1a5/0x480 [ 12.279946] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.280405] kthread+0x337/0x6f0 [ 12.280543] ret_from_fork+0x116/0x1d0 [ 12.280879] ret_from_fork_asm+0x1a/0x30 [ 12.281204] [ 12.281306] The buggy address belongs to the object at ffff888100fae8c0 [ 12.281306] which belongs to the cache kmem_cache of size 208 [ 12.282048] The buggy address is located 0 bytes inside of [ 12.282048] freed 208-byte region [ffff888100fae8c0, ffff888100fae990) [ 12.282806] [ 12.282940] The buggy address belongs to the physical page: [ 12.283308] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fae [ 12.283783] flags: 0x200000000000000(node=0|zone=2) [ 12.284116] page_type: f5(slab) [ 12.284454] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 12.284856] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 12.285255] page dumped because: kasan: bad access detected [ 12.285674] [ 12.285815] Memory state around the buggy address: [ 12.286044] ffff888100fae780: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.286427] ffff888100fae800: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 12.286972] >ffff888100fae880: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 12.287381] ^ [ 12.287713] ffff888100fae900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.288020] ffff888100fae980: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.288321] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 12.188880] ================================================================== [ 12.189388] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.189831] Read of size 1 at addr ffff88810311d000 by task kunit_try_catch/232 [ 12.190701] [ 12.190857] CPU: 0 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.190906] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.190918] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.190939] Call Trace: [ 12.191147] <TASK> [ 12.191176] dump_stack_lvl+0x73/0xb0 [ 12.191213] print_report+0xd1/0x650 [ 12.191237] ? __virt_addr_valid+0x1db/0x2d0 [ 12.191262] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.191284] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.191305] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.191327] kasan_report+0x141/0x180 [ 12.191348] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.191386] __asan_report_load1_noabort+0x18/0x20 [ 12.191411] kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.191433] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 12.191455] ? finish_task_switch.isra.0+0x153/0x700 [ 12.191478] ? __switch_to+0x47/0xf50 [ 12.191506] ? __pfx_read_tsc+0x10/0x10 [ 12.191528] ? ktime_get_ts64+0x86/0x230 [ 12.191552] kunit_try_run_case+0x1a5/0x480 [ 12.191734] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.191763] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.192020] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.192043] ? __kthread_parkme+0x82/0x180 [ 12.192066] ? preempt_count_sub+0x50/0x80 [ 12.192089] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.192112] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.192134] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.192156] kthread+0x337/0x6f0 [ 12.192176] ? trace_preempt_on+0x20/0xc0 [ 12.192201] ? __pfx_kthread+0x10/0x10 [ 12.192222] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.192242] ? calculate_sigpending+0x7b/0xa0 [ 12.192266] ? __pfx_kthread+0x10/0x10 [ 12.192287] ret_from_fork+0x116/0x1d0 [ 12.192304] ? __pfx_kthread+0x10/0x10 [ 12.192324] ret_from_fork_asm+0x1a/0x30 [ 12.192355] </TASK> [ 12.192381] [ 12.203040] Allocated by task 232: [ 12.203198] kasan_save_stack+0x45/0x70 [ 12.203583] kasan_save_track+0x18/0x40 [ 12.203930] kasan_save_alloc_info+0x3b/0x50 [ 12.204357] __kasan_slab_alloc+0x91/0xa0 [ 12.204790] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.204971] kmem_cache_rcu_uaf+0x155/0x510 [ 12.205316] kunit_try_run_case+0x1a5/0x480 [ 12.205599] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.206014] kthread+0x337/0x6f0 [ 12.206280] ret_from_fork+0x116/0x1d0 [ 12.206436] ret_from_fork_asm+0x1a/0x30 [ 12.206752] [ 12.207094] Freed by task 0: [ 12.207222] kasan_save_stack+0x45/0x70 [ 12.207423] kasan_save_track+0x18/0x40 [ 12.207615] kasan_save_free_info+0x3f/0x60 [ 12.208228] __kasan_slab_free+0x56/0x70 [ 12.208395] slab_free_after_rcu_debug+0xe4/0x310 [ 12.208816] rcu_core+0x66f/0x1c40 [ 12.209142] rcu_core_si+0x12/0x20 [ 12.209450] handle_softirqs+0x209/0x730 [ 12.209725] __irq_exit_rcu+0xc9/0x110 [ 12.210043] irq_exit_rcu+0x12/0x20 [ 12.210301] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.210528] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 12.211130] [ 12.211209] Last potentially related work creation: [ 12.211721] kasan_save_stack+0x45/0x70 [ 12.211918] kasan_record_aux_stack+0xb2/0xc0 [ 12.212076] kmem_cache_free+0x131/0x420 [ 12.212283] kmem_cache_rcu_uaf+0x194/0x510 [ 12.212499] kunit_try_run_case+0x1a5/0x480 [ 12.213142] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.213378] kthread+0x337/0x6f0 [ 12.213777] ret_from_fork+0x116/0x1d0 [ 12.214176] ret_from_fork_asm+0x1a/0x30 [ 12.214357] [ 12.214471] The buggy address belongs to the object at ffff88810311d000 [ 12.214471] which belongs to the cache test_cache of size 200 [ 12.215401] The buggy address is located 0 bytes inside of [ 12.215401] freed 200-byte region [ffff88810311d000, ffff88810311d0c8) [ 12.216029] [ 12.216115] The buggy address belongs to the physical page: [ 12.216344] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10311d [ 12.217176] flags: 0x200000000000000(node=0|zone=2) [ 12.217867] page_type: f5(slab) [ 12.218316] raw: 0200000000000000 ffff888101b7e280 dead000000000122 0000000000000000 [ 12.219247] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.220156] page dumped because: kasan: bad access detected [ 12.220643] [ 12.220728] Memory state around the buggy address: [ 12.220890] ffff88810311cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.221107] ffff88810311cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.221325] >ffff88810311d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.221642] ^ [ 12.221812] ffff88810311d080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 12.222147] ffff88810311d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.222532] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 12.132881] ================================================================== [ 12.133421] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 12.133790] Free of addr ffff88810397e001 by task kunit_try_catch/230 [ 12.134144] [ 12.134264] CPU: 1 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.134311] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.134322] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.134342] Call Trace: [ 12.134355] <TASK> [ 12.134384] dump_stack_lvl+0x73/0xb0 [ 12.134414] print_report+0xd1/0x650 [ 12.134436] ? __virt_addr_valid+0x1db/0x2d0 [ 12.134461] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.134482] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.134507] kasan_report_invalid_free+0x10a/0x130 [ 12.134530] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.134555] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.134578] check_slab_allocation+0x11f/0x130 [ 12.134598] __kasan_slab_pre_free+0x28/0x40 [ 12.134617] kmem_cache_free+0xed/0x420 [ 12.134637] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.134655] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.134680] kmem_cache_invalid_free+0x1d8/0x460 [ 12.134715] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 12.134737] ? finish_task_switch.isra.0+0x153/0x700 [ 12.134760] ? __switch_to+0x47/0xf50 [ 12.134799] ? __pfx_read_tsc+0x10/0x10 [ 12.134819] ? ktime_get_ts64+0x86/0x230 [ 12.134843] kunit_try_run_case+0x1a5/0x480 [ 12.134867] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.134888] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.134910] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.134931] ? __kthread_parkme+0x82/0x180 [ 12.134951] ? preempt_count_sub+0x50/0x80 [ 12.134972] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.135003] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.135025] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.135046] kthread+0x337/0x6f0 [ 12.135064] ? trace_preempt_on+0x20/0xc0 [ 12.135087] ? __pfx_kthread+0x10/0x10 [ 12.135107] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.135127] ? calculate_sigpending+0x7b/0xa0 [ 12.135150] ? __pfx_kthread+0x10/0x10 [ 12.135170] ret_from_fork+0x116/0x1d0 [ 12.135187] ? __pfx_kthread+0x10/0x10 [ 12.135206] ret_from_fork_asm+0x1a/0x30 [ 12.135235] </TASK> [ 12.135246] [ 12.145560] Allocated by task 230: [ 12.145727] kasan_save_stack+0x45/0x70 [ 12.145936] kasan_save_track+0x18/0x40 [ 12.146130] kasan_save_alloc_info+0x3b/0x50 [ 12.146340] __kasan_slab_alloc+0x91/0xa0 [ 12.146992] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.147173] kmem_cache_invalid_free+0x157/0x460 [ 12.147545] kunit_try_run_case+0x1a5/0x480 [ 12.147849] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.148092] kthread+0x337/0x6f0 [ 12.148419] ret_from_fork+0x116/0x1d0 [ 12.148615] ret_from_fork_asm+0x1a/0x30 [ 12.148948] [ 12.149049] The buggy address belongs to the object at ffff88810397e000 [ 12.149049] which belongs to the cache test_cache of size 200 [ 12.149742] The buggy address is located 1 bytes inside of [ 12.149742] 200-byte region [ffff88810397e000, ffff88810397e0c8) [ 12.150313] [ 12.150400] The buggy address belongs to the physical page: [ 12.150787] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10397e [ 12.151258] flags: 0x200000000000000(node=0|zone=2) [ 12.151575] page_type: f5(slab) [ 12.151711] raw: 0200000000000000 ffff888100fae780 dead000000000122 0000000000000000 [ 12.152277] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.152700] page dumped because: kasan: bad access detected [ 12.152933] [ 12.153029] Memory state around the buggy address: [ 12.153332] ffff88810397df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.153649] ffff88810397df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.154118] >ffff88810397e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.154504] ^ [ 12.154754] ffff88810397e080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 12.155011] ffff88810397e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.155443] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 12.092243] ================================================================== [ 12.093102] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 12.093572] Free of addr ffff88810397d000 by task kunit_try_catch/228 [ 12.094011] [ 12.094249] CPU: 1 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.094298] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.094309] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.094329] Call Trace: [ 12.094340] <TASK> [ 12.094359] dump_stack_lvl+0x73/0xb0 [ 12.094400] print_report+0xd1/0x650 [ 12.094422] ? __virt_addr_valid+0x1db/0x2d0 [ 12.094445] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.094466] ? kmem_cache_double_free+0x1e5/0x480 [ 12.094490] kasan_report_invalid_free+0x10a/0x130 [ 12.094513] ? kmem_cache_double_free+0x1e5/0x480 [ 12.094537] ? kmem_cache_double_free+0x1e5/0x480 [ 12.094560] check_slab_allocation+0x101/0x130 [ 12.094580] __kasan_slab_pre_free+0x28/0x40 [ 12.094600] kmem_cache_free+0xed/0x420 [ 12.094619] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.094638] ? kmem_cache_double_free+0x1e5/0x480 [ 12.094664] kmem_cache_double_free+0x1e5/0x480 [ 12.094688] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 12.094735] ? finish_task_switch.isra.0+0x153/0x700 [ 12.094757] ? __switch_to+0x47/0xf50 [ 12.094785] ? __pfx_read_tsc+0x10/0x10 [ 12.094805] ? ktime_get_ts64+0x86/0x230 [ 12.094829] kunit_try_run_case+0x1a5/0x480 [ 12.094853] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.094873] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.094897] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.094918] ? __kthread_parkme+0x82/0x180 [ 12.094938] ? preempt_count_sub+0x50/0x80 [ 12.094959] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.094981] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.095002] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.095023] kthread+0x337/0x6f0 [ 12.095042] ? trace_preempt_on+0x20/0xc0 [ 12.095065] ? __pfx_kthread+0x10/0x10 [ 12.095084] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.095103] ? calculate_sigpending+0x7b/0xa0 [ 12.095126] ? __pfx_kthread+0x10/0x10 [ 12.095146] ret_from_fork+0x116/0x1d0 [ 12.095163] ? __pfx_kthread+0x10/0x10 [ 12.095182] ret_from_fork_asm+0x1a/0x30 [ 12.095211] </TASK> [ 12.095222] [ 12.109927] Allocated by task 228: [ 12.110290] kasan_save_stack+0x45/0x70 [ 12.110941] kasan_save_track+0x18/0x40 [ 12.111431] kasan_save_alloc_info+0x3b/0x50 [ 12.111804] __kasan_slab_alloc+0x91/0xa0 [ 12.111950] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.112106] kmem_cache_double_free+0x14f/0x480 [ 12.112260] kunit_try_run_case+0x1a5/0x480 [ 12.112423] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.112664] kthread+0x337/0x6f0 [ 12.112913] ret_from_fork+0x116/0x1d0 [ 12.113054] ret_from_fork_asm+0x1a/0x30 [ 12.113226] [ 12.113498] Freed by task 228: [ 12.113856] kasan_save_stack+0x45/0x70 [ 12.114338] kasan_save_track+0x18/0x40 [ 12.114485] kasan_save_free_info+0x3f/0x60 [ 12.114648] __kasan_slab_free+0x56/0x70 [ 12.114838] kmem_cache_free+0x249/0x420 [ 12.115267] kmem_cache_double_free+0x16a/0x480 [ 12.115801] kunit_try_run_case+0x1a5/0x480 [ 12.116239] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.116428] kthread+0x337/0x6f0 [ 12.116548] ret_from_fork+0x116/0x1d0 [ 12.117003] ret_from_fork_asm+0x1a/0x30 [ 12.117524] [ 12.117710] The buggy address belongs to the object at ffff88810397d000 [ 12.117710] which belongs to the cache test_cache of size 200 [ 12.119015] The buggy address is located 0 bytes inside of [ 12.119015] 200-byte region [ffff88810397d000, ffff88810397d0c8) [ 12.119686] [ 12.119872] The buggy address belongs to the physical page: [ 12.120450] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10397d [ 12.121214] flags: 0x200000000000000(node=0|zone=2) [ 12.121391] page_type: f5(slab) [ 12.121514] raw: 0200000000000000 ffff888100fae640 dead000000000122 0000000000000000 [ 12.121798] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.122207] page dumped because: kasan: bad access detected [ 12.122527] [ 12.122653] Memory state around the buggy address: [ 12.122961] ffff88810397cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.123269] ffff88810397cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.123614] >ffff88810397d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.124082] ^ [ 12.124199] ffff88810397d080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 12.124731] ffff88810397d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.125042] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 12.044665] ================================================================== [ 12.045168] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 12.045472] Read of size 1 at addr ffff88810397a0c8 by task kunit_try_catch/226 [ 12.046888] [ 12.047143] CPU: 1 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.047192] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.047204] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.047258] Call Trace: [ 12.047270] <TASK> [ 12.047289] dump_stack_lvl+0x73/0xb0 [ 12.047335] print_report+0xd1/0x650 [ 12.047358] ? __virt_addr_valid+0x1db/0x2d0 [ 12.047392] ? kmem_cache_oob+0x402/0x530 [ 12.047413] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.047434] ? kmem_cache_oob+0x402/0x530 [ 12.047455] kasan_report+0x141/0x180 [ 12.047475] ? kmem_cache_oob+0x402/0x530 [ 12.047501] __asan_report_load1_noabort+0x18/0x20 [ 12.047524] kmem_cache_oob+0x402/0x530 [ 12.047546] ? __pfx_kmem_cache_oob+0x10/0x10 [ 12.047567] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.047596] ? __pfx_kmem_cache_oob+0x10/0x10 [ 12.047621] kunit_try_run_case+0x1a5/0x480 [ 12.047647] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.047667] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.047694] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.047715] ? __kthread_parkme+0x82/0x180 [ 12.047735] ? preempt_count_sub+0x50/0x80 [ 12.047760] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.047782] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.047804] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.047825] kthread+0x337/0x6f0 [ 12.047843] ? trace_preempt_on+0x20/0xc0 [ 12.047867] ? __pfx_kthread+0x10/0x10 [ 12.047886] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.047906] ? calculate_sigpending+0x7b/0xa0 [ 12.047929] ? __pfx_kthread+0x10/0x10 [ 12.047949] ret_from_fork+0x116/0x1d0 [ 12.047968] ? __pfx_kthread+0x10/0x10 [ 12.047986] ret_from_fork_asm+0x1a/0x30 [ 12.048016] </TASK> [ 12.048028] [ 12.059530] Allocated by task 226: [ 12.059725] kasan_save_stack+0x45/0x70 [ 12.060036] kasan_save_track+0x18/0x40 [ 12.060186] kasan_save_alloc_info+0x3b/0x50 [ 12.060460] __kasan_slab_alloc+0x91/0xa0 [ 12.060783] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.061270] kmem_cache_oob+0x157/0x530 [ 12.061508] kunit_try_run_case+0x1a5/0x480 [ 12.061695] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.062248] kthread+0x337/0x6f0 [ 12.062453] ret_from_fork+0x116/0x1d0 [ 12.062641] ret_from_fork_asm+0x1a/0x30 [ 12.062994] [ 12.063071] The buggy address belongs to the object at ffff88810397a000 [ 12.063071] which belongs to the cache test_cache of size 200 [ 12.063628] The buggy address is located 0 bytes to the right of [ 12.063628] allocated 200-byte region [ffff88810397a000, ffff88810397a0c8) [ 12.064362] [ 12.064493] The buggy address belongs to the physical page: [ 12.064928] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10397a [ 12.065615] flags: 0x200000000000000(node=0|zone=2) [ 12.066119] page_type: f5(slab) [ 12.066358] raw: 0200000000000000 ffff888100fae500 dead000000000122 0000000000000000 [ 12.066910] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.067331] page dumped because: kasan: bad access detected [ 12.067851] [ 12.067967] Memory state around the buggy address: [ 12.068169] ffff888103979f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.068508] ffff88810397a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.069158] >ffff88810397a080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 12.069430] ^ [ 12.069740] ffff88810397a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.070353] ffff88810397a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.070755] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 11.998869] ================================================================== [ 11.999312] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 11.999554] Read of size 8 at addr ffff88810312f180 by task kunit_try_catch/219 [ 12.000963] [ 12.001227] CPU: 1 UID: 0 PID: 219 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.001277] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.001289] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.001309] Call Trace: [ 12.001322] <TASK> [ 12.001340] dump_stack_lvl+0x73/0xb0 [ 12.001381] print_report+0xd1/0x650 [ 12.001405] ? __virt_addr_valid+0x1db/0x2d0 [ 12.001428] ? workqueue_uaf+0x4d6/0x560 [ 12.001448] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.001469] ? workqueue_uaf+0x4d6/0x560 [ 12.001489] kasan_report+0x141/0x180 [ 12.001510] ? workqueue_uaf+0x4d6/0x560 [ 12.001534] __asan_report_load8_noabort+0x18/0x20 [ 12.001557] workqueue_uaf+0x4d6/0x560 [ 12.001604] ? __pfx_workqueue_uaf+0x10/0x10 [ 12.001626] ? __schedule+0x10cc/0x2b60 [ 12.001647] ? __pfx_read_tsc+0x10/0x10 [ 12.001667] ? ktime_get_ts64+0x86/0x230 [ 12.001691] kunit_try_run_case+0x1a5/0x480 [ 12.001715] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.001735] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.001757] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.001778] ? __kthread_parkme+0x82/0x180 [ 12.001798] ? preempt_count_sub+0x50/0x80 [ 12.001821] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.001843] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.001864] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.001885] kthread+0x337/0x6f0 [ 12.001903] ? trace_preempt_on+0x20/0xc0 [ 12.001926] ? __pfx_kthread+0x10/0x10 [ 12.001945] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.001964] ? calculate_sigpending+0x7b/0xa0 [ 12.001987] ? __pfx_kthread+0x10/0x10 [ 12.002006] ret_from_fork+0x116/0x1d0 [ 12.002023] ? __pfx_kthread+0x10/0x10 [ 12.002042] ret_from_fork_asm+0x1a/0x30 [ 12.002072] </TASK> [ 12.002083] [ 12.013261] Allocated by task 219: [ 12.013465] kasan_save_stack+0x45/0x70 [ 12.013877] kasan_save_track+0x18/0x40 [ 12.014060] kasan_save_alloc_info+0x3b/0x50 [ 12.014253] __kasan_kmalloc+0xb7/0xc0 [ 12.014439] __kmalloc_cache_noprof+0x189/0x420 [ 12.014932] workqueue_uaf+0x152/0x560 [ 12.015161] kunit_try_run_case+0x1a5/0x480 [ 12.015516] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.015981] kthread+0x337/0x6f0 [ 12.016255] ret_from_fork+0x116/0x1d0 [ 12.016515] ret_from_fork_asm+0x1a/0x30 [ 12.017206] [ 12.017314] Freed by task 24: [ 12.017666] kasan_save_stack+0x45/0x70 [ 12.017855] kasan_save_track+0x18/0x40 [ 12.018240] kasan_save_free_info+0x3f/0x60 [ 12.018546] __kasan_slab_free+0x56/0x70 [ 12.018958] kfree+0x222/0x3f0 [ 12.019139] workqueue_uaf_work+0x12/0x20 [ 12.019589] process_one_work+0x5ee/0xf60 [ 12.019983] worker_thread+0x758/0x1220 [ 12.020286] kthread+0x337/0x6f0 [ 12.020881] ret_from_fork+0x116/0x1d0 [ 12.021068] ret_from_fork_asm+0x1a/0x30 [ 12.021211] [ 12.021310] Last potentially related work creation: [ 12.021556] kasan_save_stack+0x45/0x70 [ 12.022073] kasan_record_aux_stack+0xb2/0xc0 [ 12.022388] __queue_work+0x626/0xeb0 [ 12.022824] queue_work_on+0xb6/0xc0 [ 12.023010] workqueue_uaf+0x26d/0x560 [ 12.023308] kunit_try_run_case+0x1a5/0x480 [ 12.023565] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.024053] kthread+0x337/0x6f0 [ 12.024321] ret_from_fork+0x116/0x1d0 [ 12.024758] ret_from_fork_asm+0x1a/0x30 [ 12.025068] [ 12.025169] The buggy address belongs to the object at ffff88810312f180 [ 12.025169] which belongs to the cache kmalloc-32 of size 32 [ 12.026056] The buggy address is located 0 bytes inside of [ 12.026056] freed 32-byte region [ffff88810312f180, ffff88810312f1a0) [ 12.026755] [ 12.026847] The buggy address belongs to the physical page: [ 12.027082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10312f [ 12.027456] flags: 0x200000000000000(node=0|zone=2) [ 12.027713] page_type: f5(slab) [ 12.028262] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.028830] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 12.029290] page dumped because: kasan: bad access detected [ 12.029701] [ 12.029853] Memory state around the buggy address: [ 12.030309] ffff88810312f080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.030859] ffff88810312f100: fa fb fb fb fc fc fc fc 00 00 00 07 fc fc fc fc [ 12.031272] >ffff88810312f180: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 12.031904] ^ [ 12.032053] ffff88810312f200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.032455] ffff88810312f280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.033018] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 11.959694] ================================================================== [ 11.960178] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 11.960705] Read of size 4 at addr ffff88810312f0c0 by task swapper/1/0 [ 11.961075] [ 11.961303] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.961350] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.961361] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.961393] Call Trace: [ 11.961422] <IRQ> [ 11.961441] dump_stack_lvl+0x73/0xb0 [ 11.961474] print_report+0xd1/0x650 [ 11.961497] ? __virt_addr_valid+0x1db/0x2d0 [ 11.961521] ? rcu_uaf_reclaim+0x50/0x60 [ 11.961540] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.961561] ? rcu_uaf_reclaim+0x50/0x60 [ 11.961580] kasan_report+0x141/0x180 [ 11.961601] ? rcu_uaf_reclaim+0x50/0x60 [ 11.961624] __asan_report_load4_noabort+0x18/0x20 [ 11.961647] rcu_uaf_reclaim+0x50/0x60 [ 11.961666] rcu_core+0x66f/0x1c40 [ 11.961695] ? __pfx_rcu_core+0x10/0x10 [ 11.961715] ? ktime_get+0x6b/0x150 [ 11.961739] rcu_core_si+0x12/0x20 [ 11.961758] handle_softirqs+0x209/0x730 [ 11.961779] ? hrtimer_interrupt+0x2fe/0x780 [ 11.961800] ? __pfx_handle_softirqs+0x10/0x10 [ 11.961823] __irq_exit_rcu+0xc9/0x110 [ 11.961842] irq_exit_rcu+0x12/0x20 [ 11.961860] sysvec_apic_timer_interrupt+0x81/0x90 [ 11.961883] </IRQ> [ 11.961908] <TASK> [ 11.961918] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 11.962007] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 11.962215] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 03 8a 21 00 fb f4 <e9> 7c 1d 02 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 11.962292] RSP: 0000:ffff888100877dc8 EFLAGS: 00010216 [ 11.962387] RAX: ffff8881ce374000 RBX: ffff888100853000 RCX: ffffffff8a8730e5 [ 11.962432] RDX: ffffed102b62618b RSI: 0000000000000004 RDI: 000000000000ed7c [ 11.962474] RBP: ffff888100877dd0 R08: 0000000000000001 R09: ffffed102b62618a [ 11.962525] R10: ffff88815b130c53 R11: 00000000000a1c00 R12: 0000000000000001 [ 11.962567] R13: ffffed102010a600 R14: ffffffff8c5b0690 R15: 0000000000000000 [ 11.962622] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 11.962672] ? default_idle+0xd/0x20 [ 11.962693] arch_cpu_idle+0xd/0x20 [ 11.962713] default_idle_call+0x48/0x80 [ 11.962734] do_idle+0x379/0x4f0 [ 11.962757] ? complete+0x15b/0x1d0 [ 11.962774] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.962798] ? __pfx_do_idle+0x10/0x10 [ 11.962818] ? _raw_spin_unlock_irqrestore+0x49/0x90 [ 11.962839] ? complete+0x15b/0x1d0 [ 11.962859] cpu_startup_entry+0x5c/0x70 [ 11.962881] start_secondary+0x211/0x290 [ 11.962902] ? __pfx_start_secondary+0x10/0x10 [ 11.962926] common_startup_64+0x13e/0x148 [ 11.962956] </TASK> [ 11.962967] [ 11.976507] Allocated by task 217: [ 11.976731] kasan_save_stack+0x45/0x70 [ 11.977403] kasan_save_track+0x18/0x40 [ 11.977583] kasan_save_alloc_info+0x3b/0x50 [ 11.977971] __kasan_kmalloc+0xb7/0xc0 [ 11.978239] __kmalloc_cache_noprof+0x189/0x420 [ 11.978423] rcu_uaf+0xb0/0x330 [ 11.978767] kunit_try_run_case+0x1a5/0x480 [ 11.979187] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.979457] kthread+0x337/0x6f0 [ 11.979618] ret_from_fork+0x116/0x1d0 [ 11.979792] ret_from_fork_asm+0x1a/0x30 [ 11.979969] [ 11.980057] Freed by task 0: [ 11.980206] kasan_save_stack+0x45/0x70 [ 11.980392] kasan_save_track+0x18/0x40 [ 11.980555] kasan_save_free_info+0x3f/0x60 [ 11.980753] __kasan_slab_free+0x56/0x70 [ 11.981600] kfree+0x222/0x3f0 [ 11.981863] rcu_uaf_reclaim+0x1f/0x60 [ 11.982049] rcu_core+0x66f/0x1c40 [ 11.982226] rcu_core_si+0x12/0x20 [ 11.982409] handle_softirqs+0x209/0x730 [ 11.982595] __irq_exit_rcu+0xc9/0x110 [ 11.982768] irq_exit_rcu+0x12/0x20 [ 11.983383] sysvec_apic_timer_interrupt+0x81/0x90 [ 11.983729] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 11.984228] [ 11.984555] Last potentially related work creation: [ 11.984985] kasan_save_stack+0x45/0x70 [ 11.985296] kasan_record_aux_stack+0xb2/0xc0 [ 11.985677] __call_rcu_common.constprop.0+0x7b/0x9e0 [ 11.986098] call_rcu+0x12/0x20 [ 11.986321] rcu_uaf+0x168/0x330 [ 11.986479] kunit_try_run_case+0x1a5/0x480 [ 11.986883] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.987271] kthread+0x337/0x6f0 [ 11.987462] ret_from_fork+0x116/0x1d0 [ 11.987938] ret_from_fork_asm+0x1a/0x30 [ 11.988138] [ 11.988248] The buggy address belongs to the object at ffff88810312f0c0 [ 11.988248] which belongs to the cache kmalloc-32 of size 32 [ 11.989071] The buggy address is located 0 bytes inside of [ 11.989071] freed 32-byte region [ffff88810312f0c0, ffff88810312f0e0) [ 11.989823] [ 11.990011] The buggy address belongs to the physical page: [ 11.990279] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10312f [ 11.990612] flags: 0x200000000000000(node=0|zone=2) [ 11.991030] page_type: f5(slab) [ 11.991260] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 11.991572] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 11.991984] page dumped because: kasan: bad access detected [ 11.992196] [ 11.992290] Memory state around the buggy address: [ 11.992552] ffff88810312ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.992917] ffff88810312f000: 00 00 00 fc fc fc fc fc 00 00 05 fc fc fc fc fc [ 11.993401] >ffff88810312f080: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 11.993718] ^ [ 11.994060] ffff88810312f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.994400] ffff88810312f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.994673] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 11.864305] ================================================================== [ 11.864805] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 11.865328] Read of size 1 at addr ffff888102c8b200 by task kunit_try_catch/215 [ 11.865780] [ 11.866266] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.866317] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.866328] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.866350] Call Trace: [ 11.866361] <TASK> [ 11.866394] dump_stack_lvl+0x73/0xb0 [ 11.866427] print_report+0xd1/0x650 [ 11.866450] ? __virt_addr_valid+0x1db/0x2d0 [ 11.866474] ? ksize_uaf+0x19d/0x6c0 [ 11.866494] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.866517] ? ksize_uaf+0x19d/0x6c0 [ 11.866538] kasan_report+0x141/0x180 [ 11.866559] ? ksize_uaf+0x19d/0x6c0 [ 11.866583] ? ksize_uaf+0x19d/0x6c0 [ 11.866602] __kasan_check_byte+0x3d/0x50 [ 11.866624] ksize+0x20/0x60 [ 11.866645] ksize_uaf+0x19d/0x6c0 [ 11.866666] ? __pfx_ksize_uaf+0x10/0x10 [ 11.866687] ? __schedule+0x10cc/0x2b60 [ 11.866708] ? __pfx_read_tsc+0x10/0x10 [ 11.866729] ? ktime_get_ts64+0x86/0x230 [ 11.866753] kunit_try_run_case+0x1a5/0x480 [ 11.866778] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.866799] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.866824] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.866846] ? __kthread_parkme+0x82/0x180 [ 11.866867] ? preempt_count_sub+0x50/0x80 [ 11.866890] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.866913] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.866934] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.866955] kthread+0x337/0x6f0 [ 11.866973] ? trace_preempt_on+0x20/0xc0 [ 11.866995] ? __pfx_kthread+0x10/0x10 [ 11.867015] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.867034] ? calculate_sigpending+0x7b/0xa0 [ 11.867058] ? __pfx_kthread+0x10/0x10 [ 11.867077] ret_from_fork+0x116/0x1d0 [ 11.867095] ? __pfx_kthread+0x10/0x10 [ 11.867114] ret_from_fork_asm+0x1a/0x30 [ 11.867144] </TASK> [ 11.867154] [ 11.878140] Allocated by task 215: [ 11.878310] kasan_save_stack+0x45/0x70 [ 11.878755] kasan_save_track+0x18/0x40 [ 11.879025] kasan_save_alloc_info+0x3b/0x50 [ 11.879196] __kasan_kmalloc+0xb7/0xc0 [ 11.879497] __kmalloc_cache_noprof+0x189/0x420 [ 11.880044] ksize_uaf+0xaa/0x6c0 [ 11.880327] kunit_try_run_case+0x1a5/0x480 [ 11.880542] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.881094] kthread+0x337/0x6f0 [ 11.881348] ret_from_fork+0x116/0x1d0 [ 11.881531] ret_from_fork_asm+0x1a/0x30 [ 11.881989] [ 11.882230] Freed by task 215: [ 11.882380] kasan_save_stack+0x45/0x70 [ 11.882770] kasan_save_track+0x18/0x40 [ 11.882940] kasan_save_free_info+0x3f/0x60 [ 11.883288] __kasan_slab_free+0x56/0x70 [ 11.883506] kfree+0x222/0x3f0 [ 11.884018] ksize_uaf+0x12c/0x6c0 [ 11.884192] kunit_try_run_case+0x1a5/0x480 [ 11.884348] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.884658] kthread+0x337/0x6f0 [ 11.885234] ret_from_fork+0x116/0x1d0 [ 11.885410] ret_from_fork_asm+0x1a/0x30 [ 11.885853] [ 11.885950] The buggy address belongs to the object at ffff888102c8b200 [ 11.885950] which belongs to the cache kmalloc-128 of size 128 [ 11.886476] The buggy address is located 0 bytes inside of [ 11.886476] freed 128-byte region [ffff888102c8b200, ffff888102c8b280) [ 11.887408] [ 11.887502] The buggy address belongs to the physical page: [ 11.888092] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c8b [ 11.888559] flags: 0x200000000000000(node=0|zone=2) [ 11.888951] page_type: f5(slab) [ 11.889119] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.889470] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.890133] page dumped because: kasan: bad access detected [ 11.890467] [ 11.890545] Memory state around the buggy address: [ 11.891024] ffff888102c8b100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.891321] ffff888102c8b180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.891842] >ffff888102c8b200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.892199] ^ [ 11.892382] ffff888102c8b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.892975] ffff888102c8b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.893364] ================================================================== [ 11.893962] ================================================================== [ 11.894209] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 11.894530] Read of size 1 at addr ffff888102c8b200 by task kunit_try_catch/215 [ 11.895022] [ 11.895116] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.895160] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.895171] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.895191] Call Trace: [ 11.895211] <TASK> [ 11.895230] dump_stack_lvl+0x73/0xb0 [ 11.895258] print_report+0xd1/0x650 [ 11.895281] ? __virt_addr_valid+0x1db/0x2d0 [ 11.895303] ? ksize_uaf+0x5fe/0x6c0 [ 11.895322] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.895343] ? ksize_uaf+0x5fe/0x6c0 [ 11.895362] kasan_report+0x141/0x180 [ 11.895886] ? ksize_uaf+0x5fe/0x6c0 [ 11.895923] __asan_report_load1_noabort+0x18/0x20 [ 11.895948] ksize_uaf+0x5fe/0x6c0 [ 11.895969] ? __pfx_ksize_uaf+0x10/0x10 [ 11.895989] ? __schedule+0x10cc/0x2b60 [ 11.896010] ? __pfx_read_tsc+0x10/0x10 [ 11.896030] ? ktime_get_ts64+0x86/0x230 [ 11.896053] kunit_try_run_case+0x1a5/0x480 [ 11.896077] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.896098] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.896119] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.896140] ? __kthread_parkme+0x82/0x180 [ 11.896160] ? preempt_count_sub+0x50/0x80 [ 11.896183] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.896205] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.896227] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.896248] kthread+0x337/0x6f0 [ 11.896266] ? trace_preempt_on+0x20/0xc0 [ 11.896289] ? __pfx_kthread+0x10/0x10 [ 11.896308] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.896327] ? calculate_sigpending+0x7b/0xa0 [ 11.896350] ? __pfx_kthread+0x10/0x10 [ 11.896382] ret_from_fork+0x116/0x1d0 [ 11.896400] ? __pfx_kthread+0x10/0x10 [ 11.896419] ret_from_fork_asm+0x1a/0x30 [ 11.896448] </TASK> [ 11.896459] [ 11.906278] Allocated by task 215: [ 11.906461] kasan_save_stack+0x45/0x70 [ 11.906952] kasan_save_track+0x18/0x40 [ 11.907138] kasan_save_alloc_info+0x3b/0x50 [ 11.907332] __kasan_kmalloc+0xb7/0xc0 [ 11.907531] __kmalloc_cache_noprof+0x189/0x420 [ 11.908159] ksize_uaf+0xaa/0x6c0 [ 11.908323] kunit_try_run_case+0x1a5/0x480 [ 11.908622] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.908960] kthread+0x337/0x6f0 [ 11.909126] ret_from_fork+0x116/0x1d0 [ 11.909299] ret_from_fork_asm+0x1a/0x30 [ 11.909493] [ 11.909945] Freed by task 215: [ 11.910104] kasan_save_stack+0x45/0x70 [ 11.910262] kasan_save_track+0x18/0x40 [ 11.910568] kasan_save_free_info+0x3f/0x60 [ 11.910869] __kasan_slab_free+0x56/0x70 [ 11.911166] kfree+0x222/0x3f0 [ 11.911329] ksize_uaf+0x12c/0x6c0 [ 11.911502] kunit_try_run_case+0x1a5/0x480 [ 11.911905] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.912127] kthread+0x337/0x6f0 [ 11.912293] ret_from_fork+0x116/0x1d0 [ 11.912481] ret_from_fork_asm+0x1a/0x30 [ 11.912654] [ 11.913207] The buggy address belongs to the object at ffff888102c8b200 [ 11.913207] which belongs to the cache kmalloc-128 of size 128 [ 11.913718] The buggy address is located 0 bytes inside of [ 11.913718] freed 128-byte region [ffff888102c8b200, ffff888102c8b280) [ 11.914381] [ 11.914489] The buggy address belongs to the physical page: [ 11.915014] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c8b [ 11.915338] flags: 0x200000000000000(node=0|zone=2) [ 11.915579] page_type: f5(slab) [ 11.915913] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.916247] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.916574] page dumped because: kasan: bad access detected [ 11.916798] [ 11.917249] Memory state around the buggy address: [ 11.917472] ffff888102c8b100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.918033] ffff888102c8b180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.918433] >ffff888102c8b200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.918742] ^ [ 11.919012] ffff888102c8b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.919304] ffff888102c8b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.919612] ================================================================== [ 11.920571] ================================================================== [ 11.920999] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 11.921602] Read of size 1 at addr ffff888102c8b278 by task kunit_try_catch/215 [ 11.922028] [ 11.922265] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.922388] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.922458] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.922479] Call Trace: [ 11.922545] <TASK> [ 11.922563] dump_stack_lvl+0x73/0xb0 [ 11.922644] print_report+0xd1/0x650 [ 11.922666] ? __virt_addr_valid+0x1db/0x2d0 [ 11.922688] ? ksize_uaf+0x5e4/0x6c0 [ 11.922707] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.922728] ? ksize_uaf+0x5e4/0x6c0 [ 11.922747] kasan_report+0x141/0x180 [ 11.922768] ? ksize_uaf+0x5e4/0x6c0 [ 11.922792] __asan_report_load1_noabort+0x18/0x20 [ 11.922814] ksize_uaf+0x5e4/0x6c0 [ 11.922834] ? __pfx_ksize_uaf+0x10/0x10 [ 11.922854] ? __schedule+0x10cc/0x2b60 [ 11.922875] ? __pfx_read_tsc+0x10/0x10 [ 11.922894] ? ktime_get_ts64+0x86/0x230 [ 11.922917] kunit_try_run_case+0x1a5/0x480 [ 11.922940] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.922960] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.922981] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.923002] ? __kthread_parkme+0x82/0x180 [ 11.923022] ? preempt_count_sub+0x50/0x80 [ 11.923044] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.923066] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.923087] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.923109] kthread+0x337/0x6f0 [ 11.923127] ? trace_preempt_on+0x20/0xc0 [ 11.923150] ? __pfx_kthread+0x10/0x10 [ 11.923169] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.923189] ? calculate_sigpending+0x7b/0xa0 [ 11.923211] ? __pfx_kthread+0x10/0x10 [ 11.923231] ret_from_fork+0x116/0x1d0 [ 11.923249] ? __pfx_kthread+0x10/0x10 [ 11.923267] ret_from_fork_asm+0x1a/0x30 [ 11.923296] </TASK> [ 11.923307] [ 11.933284] Allocated by task 215: [ 11.933743] kasan_save_stack+0x45/0x70 [ 11.933957] kasan_save_track+0x18/0x40 [ 11.934129] kasan_save_alloc_info+0x3b/0x50 [ 11.934326] __kasan_kmalloc+0xb7/0xc0 [ 11.934524] __kmalloc_cache_noprof+0x189/0x420 [ 11.934737] ksize_uaf+0xaa/0x6c0 [ 11.935432] kunit_try_run_case+0x1a5/0x480 [ 11.935838] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.936083] kthread+0x337/0x6f0 [ 11.936228] ret_from_fork+0x116/0x1d0 [ 11.936721] ret_from_fork_asm+0x1a/0x30 [ 11.937017] [ 11.937095] Freed by task 215: [ 11.937386] kasan_save_stack+0x45/0x70 [ 11.937570] kasan_save_track+0x18/0x40 [ 11.937985] kasan_save_free_info+0x3f/0x60 [ 11.938265] __kasan_slab_free+0x56/0x70 [ 11.938460] kfree+0x222/0x3f0 [ 11.938629] ksize_uaf+0x12c/0x6c0 [ 11.939033] kunit_try_run_case+0x1a5/0x480 [ 11.939229] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.939755] kthread+0x337/0x6f0 [ 11.939917] ret_from_fork+0x116/0x1d0 [ 11.940099] ret_from_fork_asm+0x1a/0x30 [ 11.940279] [ 11.940383] The buggy address belongs to the object at ffff888102c8b200 [ 11.940383] which belongs to the cache kmalloc-128 of size 128 [ 11.941268] The buggy address is located 120 bytes inside of [ 11.941268] freed 128-byte region [ffff888102c8b200, ffff888102c8b280) [ 11.941857] [ 11.942121] The buggy address belongs to the physical page: [ 11.942320] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c8b [ 11.942852] flags: 0x200000000000000(node=0|zone=2) [ 11.943040] page_type: f5(slab) [ 11.943283] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.943610] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.944130] page dumped because: kasan: bad access detected [ 11.944364] [ 11.944539] Memory state around the buggy address: [ 11.944932] ffff888102c8b100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.945312] ffff888102c8b180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.945631] >ffff888102c8b200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.946085] ^ [ 11.946400] ffff888102c8b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.947046] ffff888102c8b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.947460] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 11.831824] ================================================================== [ 11.832159] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.832410] Read of size 1 at addr ffff888102c8b17f by task kunit_try_catch/213 [ 11.832897] [ 11.833397] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.833445] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.833456] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.833476] Call Trace: [ 11.833492] <TASK> [ 11.833786] dump_stack_lvl+0x73/0xb0 [ 11.833821] print_report+0xd1/0x650 [ 11.833845] ? __virt_addr_valid+0x1db/0x2d0 [ 11.833867] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.833889] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.833910] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.833931] kasan_report+0x141/0x180 [ 11.833952] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.833978] __asan_report_load1_noabort+0x18/0x20 [ 11.834001] ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.834023] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 11.834044] ? finish_task_switch.isra.0+0x153/0x700 [ 11.834065] ? __switch_to+0x47/0xf50 [ 11.834089] ? __schedule+0x10cc/0x2b60 [ 11.834110] ? __pfx_read_tsc+0x10/0x10 [ 11.834129] ? ktime_get_ts64+0x86/0x230 [ 11.834151] kunit_try_run_case+0x1a5/0x480 [ 11.834174] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.834194] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.834215] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.834238] ? __kthread_parkme+0x82/0x180 [ 11.834257] ? preempt_count_sub+0x50/0x80 [ 11.834278] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.834301] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.834322] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.834344] kthread+0x337/0x6f0 [ 11.834362] ? trace_preempt_on+0x20/0xc0 [ 11.834400] ? __pfx_kthread+0x10/0x10 [ 11.834419] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.834439] ? calculate_sigpending+0x7b/0xa0 [ 11.834461] ? __pfx_kthread+0x10/0x10 [ 11.834481] ret_from_fork+0x116/0x1d0 [ 11.834499] ? __pfx_kthread+0x10/0x10 [ 11.834518] ret_from_fork_asm+0x1a/0x30 [ 11.834546] </TASK> [ 11.834556] [ 11.845619] Allocated by task 213: [ 11.846102] kasan_save_stack+0x45/0x70 [ 11.846295] kasan_save_track+0x18/0x40 [ 11.846756] kasan_save_alloc_info+0x3b/0x50 [ 11.847070] __kasan_kmalloc+0xb7/0xc0 [ 11.847335] __kmalloc_cache_noprof+0x189/0x420 [ 11.847721] ksize_unpoisons_memory+0xc7/0x9b0 [ 11.848136] kunit_try_run_case+0x1a5/0x480 [ 11.848314] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.848965] kthread+0x337/0x6f0 [ 11.849239] ret_from_fork+0x116/0x1d0 [ 11.849526] ret_from_fork_asm+0x1a/0x30 [ 11.849782] [ 11.850059] The buggy address belongs to the object at ffff888102c8b100 [ 11.850059] which belongs to the cache kmalloc-128 of size 128 [ 11.850581] The buggy address is located 12 bytes to the right of [ 11.850581] allocated 115-byte region [ffff888102c8b100, ffff888102c8b173) [ 11.851389] [ 11.851632] The buggy address belongs to the physical page: [ 11.852003] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c8b [ 11.852333] flags: 0x200000000000000(node=0|zone=2) [ 11.852935] page_type: f5(slab) [ 11.853106] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.853412] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.853949] page dumped because: kasan: bad access detected [ 11.854216] [ 11.854314] Memory state around the buggy address: [ 11.854763] ffff888102c8b000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.855132] ffff888102c8b080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.855464] >ffff888102c8b100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.855957] ^ [ 11.856399] ffff888102c8b180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.857024] ffff888102c8b200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.857444] ================================================================== [ 11.808444] ================================================================== [ 11.809055] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.809303] Read of size 1 at addr ffff888102c8b178 by task kunit_try_catch/213 [ 11.809641] [ 11.809821] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.809863] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.809874] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.809894] Call Trace: [ 11.809910] <TASK> [ 11.809926] dump_stack_lvl+0x73/0xb0 [ 11.809952] print_report+0xd1/0x650 [ 11.809974] ? __virt_addr_valid+0x1db/0x2d0 [ 11.809996] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.810017] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.810038] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.810059] kasan_report+0x141/0x180 [ 11.810080] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.810106] __asan_report_load1_noabort+0x18/0x20 [ 11.810129] ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.810151] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 11.810172] ? finish_task_switch.isra.0+0x153/0x700 [ 11.810192] ? __switch_to+0x47/0xf50 [ 11.810217] ? __schedule+0x10cc/0x2b60 [ 11.810237] ? __pfx_read_tsc+0x10/0x10 [ 11.810257] ? ktime_get_ts64+0x86/0x230 [ 11.810280] kunit_try_run_case+0x1a5/0x480 [ 11.810302] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.810323] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.810345] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.810367] ? __kthread_parkme+0x82/0x180 [ 11.810401] ? preempt_count_sub+0x50/0x80 [ 11.810422] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.810445] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.810466] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.810487] kthread+0x337/0x6f0 [ 11.810505] ? trace_preempt_on+0x20/0xc0 [ 11.810528] ? __pfx_kthread+0x10/0x10 [ 11.810547] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.810566] ? calculate_sigpending+0x7b/0xa0 [ 11.810589] ? __pfx_kthread+0x10/0x10 [ 11.810609] ret_from_fork+0x116/0x1d0 [ 11.810626] ? __pfx_kthread+0x10/0x10 [ 11.810645] ret_from_fork_asm+0x1a/0x30 [ 11.810675] </TASK> [ 11.810684] [ 11.818160] Allocated by task 213: [ 11.818291] kasan_save_stack+0x45/0x70 [ 11.818446] kasan_save_track+0x18/0x40 [ 11.818585] kasan_save_alloc_info+0x3b/0x50 [ 11.818739] __kasan_kmalloc+0xb7/0xc0 [ 11.818905] __kmalloc_cache_noprof+0x189/0x420 [ 11.819125] ksize_unpoisons_memory+0xc7/0x9b0 [ 11.819454] kunit_try_run_case+0x1a5/0x480 [ 11.820054] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.820509] kthread+0x337/0x6f0 [ 11.820631] ret_from_fork+0x116/0x1d0 [ 11.820764] ret_from_fork_asm+0x1a/0x30 [ 11.820901] [ 11.820971] The buggy address belongs to the object at ffff888102c8b100 [ 11.820971] which belongs to the cache kmalloc-128 of size 128 [ 11.821998] The buggy address is located 5 bytes to the right of [ 11.821998] allocated 115-byte region [ffff888102c8b100, ffff888102c8b173) [ 11.822559] [ 11.822673] The buggy address belongs to the physical page: [ 11.823087] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c8b [ 11.824214] flags: 0x200000000000000(node=0|zone=2) [ 11.825243] page_type: f5(slab) [ 11.825477] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.825867] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.826341] page dumped because: kasan: bad access detected [ 11.826831] [ 11.827064] Memory state around the buggy address: [ 11.827272] ffff888102c8b000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.827858] ffff888102c8b080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.828154] >ffff888102c8b100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.828471] ^ [ 11.829216] ffff888102c8b180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.829708] ffff888102c8b200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.830076] ================================================================== [ 11.789920] ================================================================== [ 11.790362] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 11.790720] Read of size 1 at addr ffff888102c8b173 by task kunit_try_catch/213 [ 11.791100] [ 11.791211] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.791254] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.791266] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.791285] Call Trace: [ 11.791297] <TASK> [ 11.791314] dump_stack_lvl+0x73/0xb0 [ 11.791342] print_report+0xd1/0x650 [ 11.791363] ? __virt_addr_valid+0x1db/0x2d0 [ 11.791400] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 11.791421] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.791441] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 11.791463] kasan_report+0x141/0x180 [ 11.791484] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 11.791510] __asan_report_load1_noabort+0x18/0x20 [ 11.791532] ksize_unpoisons_memory+0x81c/0x9b0 [ 11.791555] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 11.791575] ? finish_task_switch.isra.0+0x153/0x700 [ 11.791596] ? __switch_to+0x47/0xf50 [ 11.791622] ? __schedule+0x10cc/0x2b60 [ 11.791642] ? __pfx_read_tsc+0x10/0x10 [ 11.791662] ? ktime_get_ts64+0x86/0x230 [ 11.791691] kunit_try_run_case+0x1a5/0x480 [ 11.791716] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.791736] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.791758] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.791779] ? __kthread_parkme+0x82/0x180 [ 11.791798] ? preempt_count_sub+0x50/0x80 [ 11.791820] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.791843] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.791864] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.791885] kthread+0x337/0x6f0 [ 11.791903] ? trace_preempt_on+0x20/0xc0 [ 11.791927] ? __pfx_kthread+0x10/0x10 [ 11.791946] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.791965] ? calculate_sigpending+0x7b/0xa0 [ 11.791988] ? __pfx_kthread+0x10/0x10 [ 11.792008] ret_from_fork+0x116/0x1d0 [ 11.792025] ? __pfx_kthread+0x10/0x10 [ 11.792044] ret_from_fork_asm+0x1a/0x30 [ 11.792073] </TASK> [ 11.792084] [ 11.799713] Allocated by task 213: [ 11.799850] kasan_save_stack+0x45/0x70 [ 11.800397] kasan_save_track+0x18/0x40 [ 11.800604] kasan_save_alloc_info+0x3b/0x50 [ 11.800896] __kasan_kmalloc+0xb7/0xc0 [ 11.801066] __kmalloc_cache_noprof+0x189/0x420 [ 11.801283] ksize_unpoisons_memory+0xc7/0x9b0 [ 11.801497] kunit_try_run_case+0x1a5/0x480 [ 11.801757] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.801994] kthread+0x337/0x6f0 [ 11.802131] ret_from_fork+0x116/0x1d0 [ 11.802263] ret_from_fork_asm+0x1a/0x30 [ 11.802418] [ 11.802492] The buggy address belongs to the object at ffff888102c8b100 [ 11.802492] which belongs to the cache kmalloc-128 of size 128 [ 11.803023] The buggy address is located 0 bytes to the right of [ 11.803023] allocated 115-byte region [ffff888102c8b100, ffff888102c8b173) [ 11.803600] [ 11.803673] The buggy address belongs to the physical page: [ 11.803853] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c8b [ 11.804281] flags: 0x200000000000000(node=0|zone=2) [ 11.804551] page_type: f5(slab) [ 11.804790] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.805143] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.805493] page dumped because: kasan: bad access detected [ 11.805872] [ 11.805944] Memory state around the buggy address: [ 11.806122] ffff888102c8b000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.806452] ffff888102c8b080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.806878] >ffff888102c8b100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.807111] ^ [ 11.807318] ffff888102c8b180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.807639] ffff888102c8b200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.807961] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 11.763668] ================================================================== [ 11.763961] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 11.764314] Free of addr ffff8881027960c0 by task kunit_try_catch/211 [ 11.764570] [ 11.764693] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.764732] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.764743] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.764762] Call Trace: [ 11.764778] <TASK> [ 11.764796] dump_stack_lvl+0x73/0xb0 [ 11.764822] print_report+0xd1/0x650 [ 11.764844] ? __virt_addr_valid+0x1db/0x2d0 [ 11.764867] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.764887] ? kfree_sensitive+0x2e/0x90 [ 11.764907] kasan_report_invalid_free+0x10a/0x130 [ 11.764993] ? kfree_sensitive+0x2e/0x90 [ 11.765014] ? kfree_sensitive+0x2e/0x90 [ 11.765032] check_slab_allocation+0x101/0x130 [ 11.765053] __kasan_slab_pre_free+0x28/0x40 [ 11.765072] kfree+0xf0/0x3f0 [ 11.765094] ? kfree_sensitive+0x2e/0x90 [ 11.765115] kfree_sensitive+0x2e/0x90 [ 11.765133] kmalloc_double_kzfree+0x19c/0x350 [ 11.765155] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 11.765177] ? __schedule+0x10cc/0x2b60 [ 11.765199] ? __pfx_read_tsc+0x10/0x10 [ 11.765220] ? ktime_get_ts64+0x86/0x230 [ 11.765243] kunit_try_run_case+0x1a5/0x480 [ 11.765265] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.765286] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.765308] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.765329] ? __kthread_parkme+0x82/0x180 [ 11.765350] ? preempt_count_sub+0x50/0x80 [ 11.765383] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.765405] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.765427] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.765448] kthread+0x337/0x6f0 [ 11.765466] ? trace_preempt_on+0x20/0xc0 [ 11.765488] ? __pfx_kthread+0x10/0x10 [ 11.765507] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.765527] ? calculate_sigpending+0x7b/0xa0 [ 11.765549] ? __pfx_kthread+0x10/0x10 [ 11.765569] ret_from_fork+0x116/0x1d0 [ 11.765587] ? __pfx_kthread+0x10/0x10 [ 11.765606] ret_from_fork_asm+0x1a/0x30 [ 11.765635] </TASK> [ 11.765645] [ 11.773587] Allocated by task 211: [ 11.773912] kasan_save_stack+0x45/0x70 [ 11.774388] kasan_save_track+0x18/0x40 [ 11.774664] kasan_save_alloc_info+0x3b/0x50 [ 11.774880] __kasan_kmalloc+0xb7/0xc0 [ 11.775012] __kmalloc_cache_noprof+0x189/0x420 [ 11.775166] kmalloc_double_kzfree+0xa9/0x350 [ 11.775389] kunit_try_run_case+0x1a5/0x480 [ 11.775665] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.776038] kthread+0x337/0x6f0 [ 11.776218] ret_from_fork+0x116/0x1d0 [ 11.776352] ret_from_fork_asm+0x1a/0x30 [ 11.776500] [ 11.776570] Freed by task 211: [ 11.776679] kasan_save_stack+0x45/0x70 [ 11.776812] kasan_save_track+0x18/0x40 [ 11.776943] kasan_save_free_info+0x3f/0x60 [ 11.777149] __kasan_slab_free+0x56/0x70 [ 11.777344] kfree+0x222/0x3f0 [ 11.777522] kfree_sensitive+0x67/0x90 [ 11.777713] kmalloc_double_kzfree+0x12b/0x350 [ 11.778130] kunit_try_run_case+0x1a5/0x480 [ 11.778408] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.778850] kthread+0x337/0x6f0 [ 11.779007] ret_from_fork+0x116/0x1d0 [ 11.779174] ret_from_fork_asm+0x1a/0x30 [ 11.779325] [ 11.779407] The buggy address belongs to the object at ffff8881027960c0 [ 11.779407] which belongs to the cache kmalloc-16 of size 16 [ 11.780256] The buggy address is located 0 bytes inside of [ 11.780256] 16-byte region [ffff8881027960c0, ffff8881027960d0) [ 11.780599] [ 11.780672] The buggy address belongs to the physical page: [ 11.781033] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102796 [ 11.781750] flags: 0x200000000000000(node=0|zone=2) [ 11.782006] page_type: f5(slab) [ 11.782177] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.782521] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.782957] page dumped because: kasan: bad access detected [ 11.783164] [ 11.783233] Memory state around the buggy address: [ 11.783400] ffff888102795f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.783922] ffff888102796000: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 11.784249] >ffff888102796080: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 11.784537] ^ [ 11.785004] ffff888102796100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.785292] ffff888102796180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.785555] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 11.728971] ================================================================== [ 11.729827] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 11.730369] Read of size 1 at addr ffff8881027960c0 by task kunit_try_catch/211 [ 11.731090] [ 11.731270] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.731315] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.731326] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.731346] Call Trace: [ 11.731358] <TASK> [ 11.731389] dump_stack_lvl+0x73/0xb0 [ 11.731419] print_report+0xd1/0x650 [ 11.731441] ? __virt_addr_valid+0x1db/0x2d0 [ 11.731463] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.731485] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.731506] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.731527] kasan_report+0x141/0x180 [ 11.731548] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.731572] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.731594] __kasan_check_byte+0x3d/0x50 [ 11.731615] kfree_sensitive+0x22/0x90 [ 11.731637] kmalloc_double_kzfree+0x19c/0x350 [ 11.731658] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 11.731681] ? __schedule+0x10cc/0x2b60 [ 11.731706] ? __pfx_read_tsc+0x10/0x10 [ 11.731726] ? ktime_get_ts64+0x86/0x230 [ 11.731750] kunit_try_run_case+0x1a5/0x480 [ 11.731774] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.731795] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.731817] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.731838] ? __kthread_parkme+0x82/0x180 [ 11.731857] ? preempt_count_sub+0x50/0x80 [ 11.731880] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.731902] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.731923] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.731945] kthread+0x337/0x6f0 [ 11.731963] ? trace_preempt_on+0x20/0xc0 [ 11.731986] ? __pfx_kthread+0x10/0x10 [ 11.732005] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.732025] ? calculate_sigpending+0x7b/0xa0 [ 11.732047] ? __pfx_kthread+0x10/0x10 [ 11.732068] ret_from_fork+0x116/0x1d0 [ 11.732085] ? __pfx_kthread+0x10/0x10 [ 11.732104] ret_from_fork_asm+0x1a/0x30 [ 11.732134] </TASK> [ 11.732145] [ 11.745209] Allocated by task 211: [ 11.745550] kasan_save_stack+0x45/0x70 [ 11.745974] kasan_save_track+0x18/0x40 [ 11.746413] kasan_save_alloc_info+0x3b/0x50 [ 11.746572] __kasan_kmalloc+0xb7/0xc0 [ 11.746704] __kmalloc_cache_noprof+0x189/0x420 [ 11.747116] kmalloc_double_kzfree+0xa9/0x350 [ 11.747528] kunit_try_run_case+0x1a5/0x480 [ 11.747978] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.748498] kthread+0x337/0x6f0 [ 11.748812] ret_from_fork+0x116/0x1d0 [ 11.749207] ret_from_fork_asm+0x1a/0x30 [ 11.749453] [ 11.749525] Freed by task 211: [ 11.749851] kasan_save_stack+0x45/0x70 [ 11.750216] kasan_save_track+0x18/0x40 [ 11.750576] kasan_save_free_info+0x3f/0x60 [ 11.751041] __kasan_slab_free+0x56/0x70 [ 11.751436] kfree+0x222/0x3f0 [ 11.751807] kfree_sensitive+0x67/0x90 [ 11.752078] kmalloc_double_kzfree+0x12b/0x350 [ 11.752240] kunit_try_run_case+0x1a5/0x480 [ 11.752396] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.752568] kthread+0x337/0x6f0 [ 11.753065] ret_from_fork+0x116/0x1d0 [ 11.753445] ret_from_fork_asm+0x1a/0x30 [ 11.753870] [ 11.754193] The buggy address belongs to the object at ffff8881027960c0 [ 11.754193] which belongs to the cache kmalloc-16 of size 16 [ 11.755329] The buggy address is located 0 bytes inside of [ 11.755329] freed 16-byte region [ffff8881027960c0, ffff8881027960d0) [ 11.756237] [ 11.756315] The buggy address belongs to the physical page: [ 11.756501] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102796 [ 11.757128] flags: 0x200000000000000(node=0|zone=2) [ 11.757744] page_type: f5(slab) [ 11.758088] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.758918] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.759631] page dumped because: kasan: bad access detected [ 11.759994] [ 11.760077] Memory state around the buggy address: [ 11.760506] ffff888102795f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.761313] ffff888102796000: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 11.761751] >ffff888102796080: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 11.762502] ^ [ 11.762874] ffff888102796100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.763091] ffff888102796180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.763302] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 11.695532] ================================================================== [ 11.696155] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 11.696396] Read of size 1 at addr ffff888103113728 by task kunit_try_catch/207 [ 11.696856] [ 11.697074] CPU: 0 UID: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.697119] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.697130] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.697150] Call Trace: [ 11.697162] <TASK> [ 11.697180] dump_stack_lvl+0x73/0xb0 [ 11.697210] print_report+0xd1/0x650 [ 11.697232] ? __virt_addr_valid+0x1db/0x2d0 [ 11.697255] ? kmalloc_uaf2+0x4a8/0x520 [ 11.697273] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.697293] ? kmalloc_uaf2+0x4a8/0x520 [ 11.697312] kasan_report+0x141/0x180 [ 11.697333] ? kmalloc_uaf2+0x4a8/0x520 [ 11.697356] __asan_report_load1_noabort+0x18/0x20 [ 11.697392] kmalloc_uaf2+0x4a8/0x520 [ 11.697443] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 11.697462] ? finish_task_switch.isra.0+0x153/0x700 [ 11.697483] ? __switch_to+0x47/0xf50 [ 11.697520] ? __schedule+0x10cc/0x2b60 [ 11.697541] ? __pfx_read_tsc+0x10/0x10 [ 11.697582] ? ktime_get_ts64+0x86/0x230 [ 11.697606] kunit_try_run_case+0x1a5/0x480 [ 11.697629] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.697650] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.697672] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.697693] ? __kthread_parkme+0x82/0x180 [ 11.697713] ? preempt_count_sub+0x50/0x80 [ 11.697734] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.697770] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.697792] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.697813] kthread+0x337/0x6f0 [ 11.697831] ? trace_preempt_on+0x20/0xc0 [ 11.697855] ? __pfx_kthread+0x10/0x10 [ 11.697874] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.697894] ? calculate_sigpending+0x7b/0xa0 [ 11.697916] ? __pfx_kthread+0x10/0x10 [ 11.697936] ret_from_fork+0x116/0x1d0 [ 11.697953] ? __pfx_kthread+0x10/0x10 [ 11.697972] ret_from_fork_asm+0x1a/0x30 [ 11.698002] </TASK> [ 11.698013] [ 11.709677] Allocated by task 207: [ 11.710055] kasan_save_stack+0x45/0x70 [ 11.710446] kasan_save_track+0x18/0x40 [ 11.710878] kasan_save_alloc_info+0x3b/0x50 [ 11.711031] __kasan_kmalloc+0xb7/0xc0 [ 11.711162] __kmalloc_cache_noprof+0x189/0x420 [ 11.711318] kmalloc_uaf2+0xc6/0x520 [ 11.711463] kunit_try_run_case+0x1a5/0x480 [ 11.711722] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.711999] kthread+0x337/0x6f0 [ 11.712184] ret_from_fork+0x116/0x1d0 [ 11.712332] ret_from_fork_asm+0x1a/0x30 [ 11.712518] [ 11.712828] Freed by task 207: [ 11.712992] kasan_save_stack+0x45/0x70 [ 11.713198] kasan_save_track+0x18/0x40 [ 11.713366] kasan_save_free_info+0x3f/0x60 [ 11.713643] __kasan_slab_free+0x56/0x70 [ 11.713910] kfree+0x222/0x3f0 [ 11.714063] kmalloc_uaf2+0x14c/0x520 [ 11.714226] kunit_try_run_case+0x1a5/0x480 [ 11.714394] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.714726] kthread+0x337/0x6f0 [ 11.714904] ret_from_fork+0x116/0x1d0 [ 11.715081] ret_from_fork_asm+0x1a/0x30 [ 11.715250] [ 11.715344] The buggy address belongs to the object at ffff888103113700 [ 11.715344] which belongs to the cache kmalloc-64 of size 64 [ 11.715928] The buggy address is located 40 bytes inside of [ 11.715928] freed 64-byte region [ffff888103113700, ffff888103113740) [ 11.716442] [ 11.716517] The buggy address belongs to the physical page: [ 11.716887] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103113 [ 11.717227] flags: 0x200000000000000(node=0|zone=2) [ 11.717506] page_type: f5(slab) [ 11.717899] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.718177] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.718613] page dumped because: kasan: bad access detected [ 11.718878] [ 11.718989] Memory state around the buggy address: [ 11.719200] ffff888103113600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.719480] ffff888103113680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.719899] >ffff888103113700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.720161] ^ [ 11.720407] ffff888103113780: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 11.720824] ffff888103113800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.721114] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 11.666036] ================================================================== [ 11.666481] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 11.667090] Write of size 33 at addr ffff888102c84f00 by task kunit_try_catch/205 [ 11.667339] [ 11.667466] CPU: 1 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.667514] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.667525] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.667547] Call Trace: [ 11.667760] <TASK> [ 11.667794] dump_stack_lvl+0x73/0xb0 [ 11.667845] print_report+0xd1/0x650 [ 11.667869] ? __virt_addr_valid+0x1db/0x2d0 [ 11.667893] ? kmalloc_uaf_memset+0x1a3/0x360 [ 11.667913] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.667933] ? kmalloc_uaf_memset+0x1a3/0x360 [ 11.667953] kasan_report+0x141/0x180 [ 11.667974] ? kmalloc_uaf_memset+0x1a3/0x360 [ 11.667998] kasan_check_range+0x10c/0x1c0 [ 11.668021] __asan_memset+0x27/0x50 [ 11.668039] kmalloc_uaf_memset+0x1a3/0x360 [ 11.668060] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 11.668080] ? __schedule+0x10cc/0x2b60 [ 11.668102] ? __pfx_read_tsc+0x10/0x10 [ 11.668123] ? ktime_get_ts64+0x86/0x230 [ 11.668147] kunit_try_run_case+0x1a5/0x480 [ 11.668173] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.668193] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.668216] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.668237] ? __kthread_parkme+0x82/0x180 [ 11.668257] ? preempt_count_sub+0x50/0x80 [ 11.668280] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.668303] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.668324] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.668345] kthread+0x337/0x6f0 [ 11.668363] ? trace_preempt_on+0x20/0xc0 [ 11.668398] ? __pfx_kthread+0x10/0x10 [ 11.668418] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.668437] ? calculate_sigpending+0x7b/0xa0 [ 11.668461] ? __pfx_kthread+0x10/0x10 [ 11.668481] ret_from_fork+0x116/0x1d0 [ 11.668498] ? __pfx_kthread+0x10/0x10 [ 11.668517] ret_from_fork_asm+0x1a/0x30 [ 11.668547] </TASK> [ 11.668558] [ 11.678162] Allocated by task 205: [ 11.678492] kasan_save_stack+0x45/0x70 [ 11.678742] kasan_save_track+0x18/0x40 [ 11.679127] kasan_save_alloc_info+0x3b/0x50 [ 11.679410] __kasan_kmalloc+0xb7/0xc0 [ 11.679557] __kmalloc_cache_noprof+0x189/0x420 [ 11.680102] kmalloc_uaf_memset+0xa9/0x360 [ 11.680302] kunit_try_run_case+0x1a5/0x480 [ 11.680606] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.681071] kthread+0x337/0x6f0 [ 11.681236] ret_from_fork+0x116/0x1d0 [ 11.681531] ret_from_fork_asm+0x1a/0x30 [ 11.681733] [ 11.681890] Freed by task 205: [ 11.682022] kasan_save_stack+0x45/0x70 [ 11.682222] kasan_save_track+0x18/0x40 [ 11.682400] kasan_save_free_info+0x3f/0x60 [ 11.682957] __kasan_slab_free+0x56/0x70 [ 11.683148] kfree+0x222/0x3f0 [ 11.683293] kmalloc_uaf_memset+0x12b/0x360 [ 11.683784] kunit_try_run_case+0x1a5/0x480 [ 11.684013] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.684244] kthread+0x337/0x6f0 [ 11.684422] ret_from_fork+0x116/0x1d0 [ 11.684600] ret_from_fork_asm+0x1a/0x30 [ 11.685114] [ 11.685211] The buggy address belongs to the object at ffff888102c84f00 [ 11.685211] which belongs to the cache kmalloc-64 of size 64 [ 11.686130] The buggy address is located 0 bytes inside of [ 11.686130] freed 64-byte region [ffff888102c84f00, ffff888102c84f40) [ 11.686604] [ 11.686704] The buggy address belongs to the physical page: [ 11.687234] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c84 [ 11.687552] flags: 0x200000000000000(node=0|zone=2) [ 11.687906] page_type: f5(slab) [ 11.688045] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.688392] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.689163] page dumped because: kasan: bad access detected [ 11.689416] [ 11.689513] Memory state around the buggy address: [ 11.689735] ffff888102c84e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.690254] ffff888102c84e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.690619] >ffff888102c84f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.691100] ^ [ 11.691296] ffff888102c84f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.691788] ffff888102c85000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.692088] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 11.632480] ================================================================== [ 11.633238] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 11.633537] Read of size 1 at addr ffff888101c19f28 by task kunit_try_catch/203 [ 11.634260] [ 11.634480] CPU: 0 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.634633] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.634649] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.634672] Call Trace: [ 11.634687] <TASK> [ 11.634707] dump_stack_lvl+0x73/0xb0 [ 11.634777] print_report+0xd1/0x650 [ 11.634803] ? __virt_addr_valid+0x1db/0x2d0 [ 11.634827] ? kmalloc_uaf+0x320/0x380 [ 11.634846] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.634867] ? kmalloc_uaf+0x320/0x380 [ 11.634886] kasan_report+0x141/0x180 [ 11.634908] ? kmalloc_uaf+0x320/0x380 [ 11.634931] __asan_report_load1_noabort+0x18/0x20 [ 11.634954] kmalloc_uaf+0x320/0x380 [ 11.634973] ? __pfx_kmalloc_uaf+0x10/0x10 [ 11.634993] ? __schedule+0x10cc/0x2b60 [ 11.635014] ? __pfx_read_tsc+0x10/0x10 [ 11.635035] ? ktime_get_ts64+0x86/0x230 [ 11.635060] kunit_try_run_case+0x1a5/0x480 [ 11.635085] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.635106] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.635128] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.635149] ? __kthread_parkme+0x82/0x180 [ 11.635169] ? preempt_count_sub+0x50/0x80 [ 11.635193] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.635215] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.635236] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.635258] kthread+0x337/0x6f0 [ 11.635277] ? trace_preempt_on+0x20/0xc0 [ 11.635300] ? __pfx_kthread+0x10/0x10 [ 11.635320] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.635339] ? calculate_sigpending+0x7b/0xa0 [ 11.635363] ? __pfx_kthread+0x10/0x10 [ 11.635394] ret_from_fork+0x116/0x1d0 [ 11.635411] ? __pfx_kthread+0x10/0x10 [ 11.635430] ret_from_fork_asm+0x1a/0x30 [ 11.635461] </TASK> [ 11.635473] [ 11.647022] Allocated by task 203: [ 11.647200] kasan_save_stack+0x45/0x70 [ 11.647398] kasan_save_track+0x18/0x40 [ 11.648057] kasan_save_alloc_info+0x3b/0x50 [ 11.648267] __kasan_kmalloc+0xb7/0xc0 [ 11.648441] __kmalloc_cache_noprof+0x189/0x420 [ 11.648796] kmalloc_uaf+0xaa/0x380 [ 11.648970] kunit_try_run_case+0x1a5/0x480 [ 11.649159] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.649394] kthread+0x337/0x6f0 [ 11.649548] ret_from_fork+0x116/0x1d0 [ 11.650142] ret_from_fork_asm+0x1a/0x30 [ 11.650482] [ 11.650699] Freed by task 203: [ 11.651089] kasan_save_stack+0x45/0x70 [ 11.651411] kasan_save_track+0x18/0x40 [ 11.651655] kasan_save_free_info+0x3f/0x60 [ 11.652166] __kasan_slab_free+0x56/0x70 [ 11.652356] kfree+0x222/0x3f0 [ 11.652518] kmalloc_uaf+0x12c/0x380 [ 11.653216] kunit_try_run_case+0x1a5/0x480 [ 11.653426] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.653861] kthread+0x337/0x6f0 [ 11.654018] ret_from_fork+0x116/0x1d0 [ 11.654174] ret_from_fork_asm+0x1a/0x30 [ 11.654349] [ 11.654450] The buggy address belongs to the object at ffff888101c19f20 [ 11.654450] which belongs to the cache kmalloc-16 of size 16 [ 11.655198] The buggy address is located 8 bytes inside of [ 11.655198] freed 16-byte region [ffff888101c19f20, ffff888101c19f30) [ 11.655897] [ 11.655999] The buggy address belongs to the physical page: [ 11.656235] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c19 [ 11.656931] flags: 0x200000000000000(node=0|zone=2) [ 11.657192] page_type: f5(slab) [ 11.657559] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.658203] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.659074] page dumped because: kasan: bad access detected [ 11.659519] [ 11.659607] Memory state around the buggy address: [ 11.660118] ffff888101c19e00: 00 02 fc fc 00 06 fc fc 00 06 fc fc fa fb fc fc [ 11.660439] ffff888101c19e80: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 11.661035] >ffff888101c19f00: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 11.661363] ^ [ 11.661803] ffff888101c19f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.662105] ffff888101c1a000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.662404] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 11.601814] ================================================================== [ 11.602961] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.603224] Read of size 64 at addr ffff888103113604 by task kunit_try_catch/201 [ 11.603720] [ 11.603962] CPU: 0 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.604011] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.604024] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.604044] Call Trace: [ 11.604056] <TASK> [ 11.604074] dump_stack_lvl+0x73/0xb0 [ 11.604104] print_report+0xd1/0x650 [ 11.604127] ? __virt_addr_valid+0x1db/0x2d0 [ 11.604149] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.604174] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.604194] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.604217] kasan_report+0x141/0x180 [ 11.604238] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.604266] kasan_check_range+0x10c/0x1c0 [ 11.604288] __asan_memmove+0x27/0x70 [ 11.604307] kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.604330] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 11.604353] ? __schedule+0x10cc/0x2b60 [ 11.604391] ? __pfx_read_tsc+0x10/0x10 [ 11.604412] ? ktime_get_ts64+0x86/0x230 [ 11.604436] kunit_try_run_case+0x1a5/0x480 [ 11.604459] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.604480] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.604503] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.604524] ? __kthread_parkme+0x82/0x180 [ 11.604543] ? preempt_count_sub+0x50/0x80 [ 11.604573] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.604595] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.604616] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.604637] kthread+0x337/0x6f0 [ 11.604656] ? trace_preempt_on+0x20/0xc0 [ 11.604679] ? __pfx_kthread+0x10/0x10 [ 11.604699] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.604718] ? calculate_sigpending+0x7b/0xa0 [ 11.604741] ? __pfx_kthread+0x10/0x10 [ 11.604761] ret_from_fork+0x116/0x1d0 [ 11.604778] ? __pfx_kthread+0x10/0x10 [ 11.604797] ret_from_fork_asm+0x1a/0x30 [ 11.604827] </TASK> [ 11.604838] [ 11.617336] Allocated by task 201: [ 11.617498] kasan_save_stack+0x45/0x70 [ 11.617792] kasan_save_track+0x18/0x40 [ 11.617971] kasan_save_alloc_info+0x3b/0x50 [ 11.618207] __kasan_kmalloc+0xb7/0xc0 [ 11.618359] __kmalloc_cache_noprof+0x189/0x420 [ 11.618653] kmalloc_memmove_invalid_size+0xac/0x330 [ 11.618846] kunit_try_run_case+0x1a5/0x480 [ 11.619052] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.619437] kthread+0x337/0x6f0 [ 11.619560] ret_from_fork+0x116/0x1d0 [ 11.619775] ret_from_fork_asm+0x1a/0x30 [ 11.619966] [ 11.620057] The buggy address belongs to the object at ffff888103113600 [ 11.620057] which belongs to the cache kmalloc-64 of size 64 [ 11.620549] The buggy address is located 4 bytes inside of [ 11.620549] allocated 64-byte region [ffff888103113600, ffff888103113640) [ 11.621751] [ 11.621887] The buggy address belongs to the physical page: [ 11.622062] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103113 [ 11.623136] flags: 0x200000000000000(node=0|zone=2) [ 11.623458] page_type: f5(slab) [ 11.623740] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.624066] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.624385] page dumped because: kasan: bad access detected [ 11.624556] [ 11.624626] Memory state around the buggy address: [ 11.624845] ffff888103113500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.625159] ffff888103113580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.625617] >ffff888103113600: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 11.626154] ^ [ 11.626355] ffff888103113680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.626820] ffff888103113700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.627114] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 11.569511] ================================================================== [ 11.569913] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 11.570162] Read of size 18446744073709551614 at addr ffff888102c84b04 by task kunit_try_catch/199 [ 11.570471] [ 11.570560] CPU: 1 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.570604] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.570615] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.570636] Call Trace: [ 11.570648] <TASK> [ 11.570665] dump_stack_lvl+0x73/0xb0 [ 11.570693] print_report+0xd1/0x650 [ 11.570715] ? __virt_addr_valid+0x1db/0x2d0 [ 11.570736] ? kmalloc_memmove_negative_size+0x171/0x330 [ 11.570758] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.570778] ? kmalloc_memmove_negative_size+0x171/0x330 [ 11.570817] kasan_report+0x141/0x180 [ 11.570839] ? kmalloc_memmove_negative_size+0x171/0x330 [ 11.570866] kasan_check_range+0x10c/0x1c0 [ 11.570887] __asan_memmove+0x27/0x70 [ 11.570906] kmalloc_memmove_negative_size+0x171/0x330 [ 11.570928] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 11.570952] ? __schedule+0x10cc/0x2b60 [ 11.570973] ? __pfx_read_tsc+0x10/0x10 [ 11.570993] ? ktime_get_ts64+0x86/0x230 [ 11.571016] kunit_try_run_case+0x1a5/0x480 [ 11.571040] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.571060] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.571082] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.571103] ? __kthread_parkme+0x82/0x180 [ 11.571122] ? preempt_count_sub+0x50/0x80 [ 11.571145] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.571167] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.571188] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.571208] kthread+0x337/0x6f0 [ 11.571226] ? trace_preempt_on+0x20/0xc0 [ 11.571249] ? __pfx_kthread+0x10/0x10 [ 11.571268] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.571287] ? calculate_sigpending+0x7b/0xa0 [ 11.571309] ? __pfx_kthread+0x10/0x10 [ 11.571329] ret_from_fork+0x116/0x1d0 [ 11.571346] ? __pfx_kthread+0x10/0x10 [ 11.571364] ret_from_fork_asm+0x1a/0x30 [ 11.571447] </TASK> [ 11.571458] [ 11.586036] Allocated by task 199: [ 11.586350] kasan_save_stack+0x45/0x70 [ 11.586512] kasan_save_track+0x18/0x40 [ 11.586957] kasan_save_alloc_info+0x3b/0x50 [ 11.587356] __kasan_kmalloc+0xb7/0xc0 [ 11.587780] __kmalloc_cache_noprof+0x189/0x420 [ 11.588124] kmalloc_memmove_negative_size+0xac/0x330 [ 11.588297] kunit_try_run_case+0x1a5/0x480 [ 11.588452] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.589013] kthread+0x337/0x6f0 [ 11.589351] ret_from_fork+0x116/0x1d0 [ 11.589799] ret_from_fork_asm+0x1a/0x30 [ 11.590173] [ 11.590336] The buggy address belongs to the object at ffff888102c84b00 [ 11.590336] which belongs to the cache kmalloc-64 of size 64 [ 11.591486] The buggy address is located 4 bytes inside of [ 11.591486] 64-byte region [ffff888102c84b00, ffff888102c84b40) [ 11.592039] [ 11.592117] The buggy address belongs to the physical page: [ 11.592294] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c84 [ 11.593102] flags: 0x200000000000000(node=0|zone=2) [ 11.593576] page_type: f5(slab) [ 11.593964] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.594708] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.595346] page dumped because: kasan: bad access detected [ 11.595525] [ 11.595603] Memory state around the buggy address: [ 11.595764] ffff888102c84a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.595979] ffff888102c84a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.596193] >ffff888102c84b00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 11.596461] ^ [ 11.596751] ffff888102c84b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.597685] ffff888102c84c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.598364] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 11.544025] ================================================================== [ 11.544508] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 11.544853] Write of size 16 at addr ffff888102c8b069 by task kunit_try_catch/197 [ 11.545511] [ 11.545783] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.545837] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.545849] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.545869] Call Trace: [ 11.545881] <TASK> [ 11.545900] dump_stack_lvl+0x73/0xb0 [ 11.545932] print_report+0xd1/0x650 [ 11.545956] ? __virt_addr_valid+0x1db/0x2d0 [ 11.545978] ? kmalloc_oob_memset_16+0x166/0x330 [ 11.545999] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.546019] ? kmalloc_oob_memset_16+0x166/0x330 [ 11.546041] kasan_report+0x141/0x180 [ 11.546062] ? kmalloc_oob_memset_16+0x166/0x330 [ 11.546087] kasan_check_range+0x10c/0x1c0 [ 11.546109] __asan_memset+0x27/0x50 [ 11.546128] kmalloc_oob_memset_16+0x166/0x330 [ 11.546148] ? __kasan_check_write+0x18/0x20 [ 11.546166] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 11.546187] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.546210] ? trace_hardirqs_on+0x37/0xe0 [ 11.546234] ? __pfx_read_tsc+0x10/0x10 [ 11.546254] ? ktime_get_ts64+0x86/0x230 [ 11.546278] kunit_try_run_case+0x1a5/0x480 [ 11.546302] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.546324] ? queued_spin_lock_slowpath+0x116/0xb40 [ 11.546347] ? __kthread_parkme+0x82/0x180 [ 11.546367] ? preempt_count_sub+0x50/0x80 [ 11.546406] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.546428] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.546449] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.546470] kthread+0x337/0x6f0 [ 11.546489] ? trace_preempt_on+0x20/0xc0 [ 11.546509] ? __pfx_kthread+0x10/0x10 [ 11.546528] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.546548] ? calculate_sigpending+0x7b/0xa0 [ 11.546634] ? __pfx_kthread+0x10/0x10 [ 11.546658] ret_from_fork+0x116/0x1d0 [ 11.546676] ? __pfx_kthread+0x10/0x10 [ 11.546695] ret_from_fork_asm+0x1a/0x30 [ 11.546725] </TASK> [ 11.546737] [ 11.554568] Allocated by task 197: [ 11.554767] kasan_save_stack+0x45/0x70 [ 11.555149] kasan_save_track+0x18/0x40 [ 11.555342] kasan_save_alloc_info+0x3b/0x50 [ 11.555792] __kasan_kmalloc+0xb7/0xc0 [ 11.556041] __kmalloc_cache_noprof+0x189/0x420 [ 11.556231] kmalloc_oob_memset_16+0xac/0x330 [ 11.556432] kunit_try_run_case+0x1a5/0x480 [ 11.556577] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.556748] kthread+0x337/0x6f0 [ 11.556920] ret_from_fork+0x116/0x1d0 [ 11.558296] ret_from_fork_asm+0x1a/0x30 [ 11.558481] [ 11.558575] The buggy address belongs to the object at ffff888102c8b000 [ 11.558575] which belongs to the cache kmalloc-128 of size 128 [ 11.559310] The buggy address is located 105 bytes inside of [ 11.559310] allocated 120-byte region [ffff888102c8b000, ffff888102c8b078) [ 11.560174] [ 11.560280] The buggy address belongs to the physical page: [ 11.560510] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c8b [ 11.561137] flags: 0x200000000000000(node=0|zone=2) [ 11.561431] page_type: f5(slab) [ 11.561906] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.562220] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.562786] page dumped because: kasan: bad access detected [ 11.563050] [ 11.563127] Memory state around the buggy address: [ 11.563332] ffff888102c8af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.563966] ffff888102c8af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.564253] >ffff888102c8b000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.564575] ^ [ 11.565039] ffff888102c8b080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.565326] ffff888102c8b100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.565657] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 11.518492] ================================================================== [ 11.519148] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 11.519444] Write of size 8 at addr ffff888103109b71 by task kunit_try_catch/195 [ 11.520029] [ 11.520143] CPU: 0 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.520185] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.520196] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.520216] Call Trace: [ 11.520226] <TASK> [ 11.520241] dump_stack_lvl+0x73/0xb0 [ 11.520269] print_report+0xd1/0x650 [ 11.520293] ? __virt_addr_valid+0x1db/0x2d0 [ 11.520315] ? kmalloc_oob_memset_8+0x166/0x330 [ 11.520335] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.520355] ? kmalloc_oob_memset_8+0x166/0x330 [ 11.520388] kasan_report+0x141/0x180 [ 11.520409] ? kmalloc_oob_memset_8+0x166/0x330 [ 11.520434] kasan_check_range+0x10c/0x1c0 [ 11.520456] __asan_memset+0x27/0x50 [ 11.520475] kmalloc_oob_memset_8+0x166/0x330 [ 11.520496] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 11.520517] ? __schedule+0x10cc/0x2b60 [ 11.520538] ? __pfx_read_tsc+0x10/0x10 [ 11.520558] ? ktime_get_ts64+0x86/0x230 [ 11.520582] kunit_try_run_case+0x1a5/0x480 [ 11.520605] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.520625] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.520647] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.520668] ? __kthread_parkme+0x82/0x180 [ 11.520687] ? preempt_count_sub+0x50/0x80 [ 11.520709] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.520731] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.520752] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.520773] kthread+0x337/0x6f0 [ 11.520791] ? trace_preempt_on+0x20/0xc0 [ 11.520815] ? __pfx_kthread+0x10/0x10 [ 11.520834] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.520854] ? calculate_sigpending+0x7b/0xa0 [ 11.520875] ? __pfx_kthread+0x10/0x10 [ 11.520896] ret_from_fork+0x116/0x1d0 [ 11.520913] ? __pfx_kthread+0x10/0x10 [ 11.520932] ret_from_fork_asm+0x1a/0x30 [ 11.520961] </TASK> [ 11.520972] [ 11.528637] Allocated by task 195: [ 11.528868] kasan_save_stack+0x45/0x70 [ 11.529148] kasan_save_track+0x18/0x40 [ 11.529343] kasan_save_alloc_info+0x3b/0x50 [ 11.529534] __kasan_kmalloc+0xb7/0xc0 [ 11.529664] __kmalloc_cache_noprof+0x189/0x420 [ 11.529880] kmalloc_oob_memset_8+0xac/0x330 [ 11.530091] kunit_try_run_case+0x1a5/0x480 [ 11.530365] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.530554] kthread+0x337/0x6f0 [ 11.530769] ret_from_fork+0x116/0x1d0 [ 11.530957] ret_from_fork_asm+0x1a/0x30 [ 11.531160] [ 11.531258] The buggy address belongs to the object at ffff888103109b00 [ 11.531258] which belongs to the cache kmalloc-128 of size 128 [ 11.531759] The buggy address is located 113 bytes inside of [ 11.531759] allocated 120-byte region [ffff888103109b00, ffff888103109b78) [ 11.532143] [ 11.532216] The buggy address belongs to the physical page: [ 11.532732] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103109 [ 11.533100] flags: 0x200000000000000(node=0|zone=2) [ 11.533327] page_type: f5(slab) [ 11.533510] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.533915] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.534144] page dumped because: kasan: bad access detected [ 11.534344] [ 11.534447] Memory state around the buggy address: [ 11.534672] ffff888103109a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.535185] ffff888103109a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.535475] >ffff888103109b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.535703] ^ [ 11.536120] ffff888103109b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.536476] ffff888103109c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.536687] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 11.494437] ================================================================== [ 11.494928] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 11.495163] Write of size 4 at addr ffff888103109a75 by task kunit_try_catch/193 [ 11.495397] [ 11.495484] CPU: 0 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.495527] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.495538] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.495557] Call Trace: [ 11.495568] <TASK> [ 11.495585] dump_stack_lvl+0x73/0xb0 [ 11.495612] print_report+0xd1/0x650 [ 11.495634] ? __virt_addr_valid+0x1db/0x2d0 [ 11.495657] ? kmalloc_oob_memset_4+0x166/0x330 [ 11.495676] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.495702] ? kmalloc_oob_memset_4+0x166/0x330 [ 11.495722] kasan_report+0x141/0x180 [ 11.495742] ? kmalloc_oob_memset_4+0x166/0x330 [ 11.495767] kasan_check_range+0x10c/0x1c0 [ 11.495789] __asan_memset+0x27/0x50 [ 11.495807] kmalloc_oob_memset_4+0x166/0x330 [ 11.495828] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 11.495849] ? __schedule+0x10cc/0x2b60 [ 11.495870] ? __pfx_read_tsc+0x10/0x10 [ 11.495890] ? ktime_get_ts64+0x86/0x230 [ 11.495913] kunit_try_run_case+0x1a5/0x480 [ 11.495937] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.495957] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.495979] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.495999] ? __kthread_parkme+0x82/0x180 [ 11.496019] ? preempt_count_sub+0x50/0x80 [ 11.496042] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.496064] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.496085] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.496106] kthread+0x337/0x6f0 [ 11.496124] ? trace_preempt_on+0x20/0xc0 [ 11.496146] ? __pfx_kthread+0x10/0x10 [ 11.496166] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.496185] ? calculate_sigpending+0x7b/0xa0 [ 11.496208] ? __pfx_kthread+0x10/0x10 [ 11.496227] ret_from_fork+0x116/0x1d0 [ 11.496244] ? __pfx_kthread+0x10/0x10 [ 11.496263] ret_from_fork_asm+0x1a/0x30 [ 11.496293] </TASK> [ 11.496303] [ 11.505248] Allocated by task 193: [ 11.505448] kasan_save_stack+0x45/0x70 [ 11.505677] kasan_save_track+0x18/0x40 [ 11.506115] kasan_save_alloc_info+0x3b/0x50 [ 11.506391] __kasan_kmalloc+0xb7/0xc0 [ 11.506592] __kmalloc_cache_noprof+0x189/0x420 [ 11.506868] kmalloc_oob_memset_4+0xac/0x330 [ 11.507062] kunit_try_run_case+0x1a5/0x480 [ 11.507262] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.507447] kthread+0x337/0x6f0 [ 11.507689] ret_from_fork+0x116/0x1d0 [ 11.507882] ret_from_fork_asm+0x1a/0x30 [ 11.508094] [ 11.508183] The buggy address belongs to the object at ffff888103109a00 [ 11.508183] which belongs to the cache kmalloc-128 of size 128 [ 11.508878] The buggy address is located 117 bytes inside of [ 11.508878] allocated 120-byte region [ffff888103109a00, ffff888103109a78) [ 11.509397] [ 11.509494] The buggy address belongs to the physical page: [ 11.509783] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103109 [ 11.510070] flags: 0x200000000000000(node=0|zone=2) [ 11.510305] page_type: f5(slab) [ 11.510487] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.510921] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.511149] page dumped because: kasan: bad access detected [ 11.511318] [ 11.511399] Memory state around the buggy address: [ 11.511623] ffff888103109900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.512001] ffff888103109980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.512421] >ffff888103109a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.512972] ^ [ 11.513221] ffff888103109a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.513451] ffff888103109b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.514058] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 10.982863] ================================================================== [ 10.983324] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 10.983590] Read of size 1 at addr ffff888103940000 by task kunit_try_catch/173 [ 10.984463] [ 10.984769] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 10.984816] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.984828] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.984847] Call Trace: [ 10.984860] <TASK> [ 10.984878] dump_stack_lvl+0x73/0xb0 [ 10.984906] print_report+0xd1/0x650 [ 10.984928] ? __virt_addr_valid+0x1db/0x2d0 [ 10.984952] ? page_alloc_uaf+0x356/0x3d0 [ 10.984972] ? kasan_addr_to_slab+0x11/0xa0 [ 10.984991] ? page_alloc_uaf+0x356/0x3d0 [ 10.985011] kasan_report+0x141/0x180 [ 10.985032] ? page_alloc_uaf+0x356/0x3d0 [ 10.985056] __asan_report_load1_noabort+0x18/0x20 [ 10.985079] page_alloc_uaf+0x356/0x3d0 [ 10.985099] ? __pfx_page_alloc_uaf+0x10/0x10 [ 10.985121] ? __schedule+0x10cc/0x2b60 [ 10.985141] ? __pfx_read_tsc+0x10/0x10 [ 10.985161] ? ktime_get_ts64+0x86/0x230 [ 10.985184] kunit_try_run_case+0x1a5/0x480 [ 10.985208] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.985228] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.985250] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.985271] ? __kthread_parkme+0x82/0x180 [ 10.985291] ? preempt_count_sub+0x50/0x80 [ 10.985313] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.985335] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.985356] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.985388] kthread+0x337/0x6f0 [ 10.985407] ? trace_preempt_on+0x20/0xc0 [ 10.985429] ? __pfx_kthread+0x10/0x10 [ 10.985448] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.985467] ? calculate_sigpending+0x7b/0xa0 [ 10.985490] ? __pfx_kthread+0x10/0x10 [ 10.985510] ret_from_fork+0x116/0x1d0 [ 10.985526] ? __pfx_kthread+0x10/0x10 [ 10.985546] ret_from_fork_asm+0x1a/0x30 [ 10.985575] </TASK> [ 10.985586] [ 10.999459] The buggy address belongs to the physical page: [ 10.999674] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103940 [ 10.999972] flags: 0x200000000000000(node=0|zone=2) [ 11.000445] page_type: f0(buddy) [ 11.000754] raw: 0200000000000000 ffff88817fffc4f0 ffff88817fffc4f0 0000000000000000 [ 11.001523] raw: 0000000000000000 0000000000000006 00000000f0000000 0000000000000000 [ 11.001914] page dumped because: kasan: bad access detected [ 11.002102] [ 11.002186] Memory state around the buggy address: [ 11.002342] ffff88810393ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.002565] ffff88810393ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.002987] >ffff888103940000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.003556] ^ [ 11.003860] ffff888103940080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.004614] ffff888103940100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.005403] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 10.954910] ================================================================== [ 10.955310] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 10.956241] Free of addr ffff8881029cc001 by task kunit_try_catch/169 [ 10.957030] [ 10.957189] CPU: 1 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 10.957359] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.957387] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.957408] Call Trace: [ 10.957421] <TASK> [ 10.957438] dump_stack_lvl+0x73/0xb0 [ 10.957471] print_report+0xd1/0x650 [ 10.957495] ? __virt_addr_valid+0x1db/0x2d0 [ 10.957519] ? kasan_addr_to_slab+0x11/0xa0 [ 10.957538] ? kfree+0x274/0x3f0 [ 10.957559] kasan_report_invalid_free+0x10a/0x130 [ 10.957582] ? kfree+0x274/0x3f0 [ 10.957604] ? kfree+0x274/0x3f0 [ 10.957623] __kasan_kfree_large+0x86/0xd0 [ 10.957644] free_large_kmalloc+0x4b/0x110 [ 10.957665] kfree+0x274/0x3f0 [ 10.957689] kmalloc_large_invalid_free+0x120/0x2b0 [ 10.957713] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 10.957736] ? __schedule+0x10cc/0x2b60 [ 10.957757] ? __pfx_read_tsc+0x10/0x10 [ 10.957779] ? ktime_get_ts64+0x86/0x230 [ 10.957804] kunit_try_run_case+0x1a5/0x480 [ 10.957829] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.957849] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.957872] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.957893] ? __kthread_parkme+0x82/0x180 [ 10.957913] ? preempt_count_sub+0x50/0x80 [ 10.957936] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.957958] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.957979] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.958000] kthread+0x337/0x6f0 [ 10.958018] ? trace_preempt_on+0x20/0xc0 [ 10.958041] ? __pfx_kthread+0x10/0x10 [ 10.958061] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.958080] ? calculate_sigpending+0x7b/0xa0 [ 10.958103] ? __pfx_kthread+0x10/0x10 [ 10.958123] ret_from_fork+0x116/0x1d0 [ 10.958140] ? __pfx_kthread+0x10/0x10 [ 10.958159] ret_from_fork_asm+0x1a/0x30 [ 10.958188] </TASK> [ 10.958198] [ 10.970346] The buggy address belongs to the physical page: [ 10.970630] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cc [ 10.970999] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.971507] flags: 0x200000000000040(head|node=0|zone=2) [ 10.972084] page_type: f8(unknown) [ 10.972303] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.972603] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.973070] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.973394] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.973696] head: 0200000000000002 ffffea00040a7301 00000000ffffffff 00000000ffffffff [ 10.974199] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.974442] page dumped because: kasan: bad access detected [ 10.974611] [ 10.974706] Memory state around the buggy address: [ 10.974936] ffff8881029cbf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.975498] ffff8881029cbf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.976193] >ffff8881029cc000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.976530] ^ [ 10.976715] ffff8881029cc080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.977255] ffff8881029cc100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.977663] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 10.931738] ================================================================== [ 10.932488] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 10.933290] Read of size 1 at addr ffff8881028c8000 by task kunit_try_catch/167 [ 10.934040] [ 10.934234] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 10.934279] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.934290] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.934310] Call Trace: [ 10.934324] <TASK> [ 10.934341] dump_stack_lvl+0x73/0xb0 [ 10.934369] print_report+0xd1/0x650 [ 10.934404] ? __virt_addr_valid+0x1db/0x2d0 [ 10.934428] ? kmalloc_large_uaf+0x2f1/0x340 [ 10.934447] ? kasan_addr_to_slab+0x11/0xa0 [ 10.934467] ? kmalloc_large_uaf+0x2f1/0x340 [ 10.934487] kasan_report+0x141/0x180 [ 10.934508] ? kmalloc_large_uaf+0x2f1/0x340 [ 10.934532] __asan_report_load1_noabort+0x18/0x20 [ 10.934562] kmalloc_large_uaf+0x2f1/0x340 [ 10.934582] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 10.934602] ? __schedule+0x10cc/0x2b60 [ 10.934623] ? __pfx_read_tsc+0x10/0x10 [ 10.934643] ? ktime_get_ts64+0x86/0x230 [ 10.934666] kunit_try_run_case+0x1a5/0x480 [ 10.934690] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.934711] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.934733] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.934754] ? __kthread_parkme+0x82/0x180 [ 10.934774] ? preempt_count_sub+0x50/0x80 [ 10.934796] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.934818] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.934839] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.934860] kthread+0x337/0x6f0 [ 10.934878] ? trace_preempt_on+0x20/0xc0 [ 10.934901] ? __pfx_kthread+0x10/0x10 [ 10.934920] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.934940] ? calculate_sigpending+0x7b/0xa0 [ 10.934962] ? __pfx_kthread+0x10/0x10 [ 10.934982] ret_from_fork+0x116/0x1d0 [ 10.935000] ? __pfx_kthread+0x10/0x10 [ 10.935019] ret_from_fork_asm+0x1a/0x30 [ 10.935050] </TASK> [ 10.935060] [ 10.947210] The buggy address belongs to the physical page: [ 10.947407] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c8 [ 10.947672] flags: 0x200000000000000(node=0|zone=2) [ 10.947891] raw: 0200000000000000 ffffea00040a3308 ffff88815b039f80 0000000000000000 [ 10.948225] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 10.948551] page dumped because: kasan: bad access detected [ 10.948743] [ 10.948857] Memory state around the buggy address: [ 10.949087] ffff8881028c7f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.949343] ffff8881028c7f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.949700] >ffff8881028c8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.950009] ^ [ 10.950149] ffff8881028c8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.950441] ffff8881028c8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.950801] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 10.901346] ================================================================== [ 10.902463] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 10.902718] Write of size 1 at addr ffff8881029ca00a by task kunit_try_catch/165 [ 10.902951] [ 10.903040] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 10.903083] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.903094] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.903114] Call Trace: [ 10.903127] <TASK> [ 10.903143] dump_stack_lvl+0x73/0xb0 [ 10.903170] print_report+0xd1/0x650 [ 10.903193] ? __virt_addr_valid+0x1db/0x2d0 [ 10.903214] ? kmalloc_large_oob_right+0x2e9/0x330 [ 10.903235] ? kasan_addr_to_slab+0x11/0xa0 [ 10.903254] ? kmalloc_large_oob_right+0x2e9/0x330 [ 10.903275] kasan_report+0x141/0x180 [ 10.903296] ? kmalloc_large_oob_right+0x2e9/0x330 [ 10.903321] __asan_report_store1_noabort+0x1b/0x30 [ 10.903340] kmalloc_large_oob_right+0x2e9/0x330 [ 10.903361] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 10.903408] ? __schedule+0x10cc/0x2b60 [ 10.903433] ? __pfx_read_tsc+0x10/0x10 [ 10.903454] ? ktime_get_ts64+0x86/0x230 [ 10.903478] kunit_try_run_case+0x1a5/0x480 [ 10.903525] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.903546] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.903569] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.903590] ? __kthread_parkme+0x82/0x180 [ 10.903610] ? preempt_count_sub+0x50/0x80 [ 10.903633] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.903657] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.903679] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.903705] kthread+0x337/0x6f0 [ 10.903723] ? trace_preempt_on+0x20/0xc0 [ 10.903747] ? __pfx_kthread+0x10/0x10 [ 10.903766] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.903786] ? calculate_sigpending+0x7b/0xa0 [ 10.903809] ? __pfx_kthread+0x10/0x10 [ 10.903829] ret_from_fork+0x116/0x1d0 [ 10.903846] ? __pfx_kthread+0x10/0x10 [ 10.903865] ret_from_fork_asm+0x1a/0x30 [ 10.903895] </TASK> [ 10.903905] [ 10.919525] The buggy address belongs to the physical page: [ 10.920147] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029c8 [ 10.920878] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.921109] flags: 0x200000000000040(head|node=0|zone=2) [ 10.921309] page_type: f8(unknown) [ 10.921462] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.921980] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.922851] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.923605] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.924197] head: 0200000000000002 ffffea00040a7201 00000000ffffffff 00000000ffffffff [ 10.924443] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.924712] page dumped because: kasan: bad access detected [ 10.925198] [ 10.925469] Memory state around the buggy address: [ 10.925736] ffff8881029c9f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.926637] ffff8881029c9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.927181] >ffff8881029ca000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.927621] ^ [ 10.927767] ffff8881029ca080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.927985] ffff8881029ca100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.928198] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 10.871007] ================================================================== [ 10.871439] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 10.871713] Write of size 1 at addr ffff888101f95f00 by task kunit_try_catch/163 [ 10.872161] [ 10.872268] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 10.872312] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.872323] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.872343] Call Trace: [ 10.872356] <TASK> [ 10.872374] dump_stack_lvl+0x73/0xb0 [ 10.872417] print_report+0xd1/0x650 [ 10.872442] ? __virt_addr_valid+0x1db/0x2d0 [ 10.872477] ? kmalloc_big_oob_right+0x316/0x370 [ 10.872498] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.872518] ? kmalloc_big_oob_right+0x316/0x370 [ 10.872550] kasan_report+0x141/0x180 [ 10.872647] ? kmalloc_big_oob_right+0x316/0x370 [ 10.872677] __asan_report_store1_noabort+0x1b/0x30 [ 10.872696] kmalloc_big_oob_right+0x316/0x370 [ 10.872717] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 10.872738] ? __schedule+0x10cc/0x2b60 [ 10.872759] ? __pfx_read_tsc+0x10/0x10 [ 10.872780] ? ktime_get_ts64+0x86/0x230 [ 10.872805] kunit_try_run_case+0x1a5/0x480 [ 10.872829] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.872849] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.872872] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.872892] ? __kthread_parkme+0x82/0x180 [ 10.872912] ? preempt_count_sub+0x50/0x80 [ 10.872936] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.872957] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.872978] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.873012] kthread+0x337/0x6f0 [ 10.873030] ? trace_preempt_on+0x20/0xc0 [ 10.873053] ? __pfx_kthread+0x10/0x10 [ 10.873084] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.873103] ? calculate_sigpending+0x7b/0xa0 [ 10.873127] ? __pfx_kthread+0x10/0x10 [ 10.873146] ret_from_fork+0x116/0x1d0 [ 10.873164] ? __pfx_kthread+0x10/0x10 [ 10.873182] ret_from_fork_asm+0x1a/0x30 [ 10.873212] </TASK> [ 10.873223] [ 10.883753] Allocated by task 163: [ 10.884160] kasan_save_stack+0x45/0x70 [ 10.884582] kasan_save_track+0x18/0x40 [ 10.885001] kasan_save_alloc_info+0x3b/0x50 [ 10.885388] __kasan_kmalloc+0xb7/0xc0 [ 10.885723] __kmalloc_cache_noprof+0x189/0x420 [ 10.886258] kmalloc_big_oob_right+0xa9/0x370 [ 10.886718] kunit_try_run_case+0x1a5/0x480 [ 10.887200] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.887752] kthread+0x337/0x6f0 [ 10.888149] ret_from_fork+0x116/0x1d0 [ 10.888555] ret_from_fork_asm+0x1a/0x30 [ 10.888951] [ 10.889118] The buggy address belongs to the object at ffff888101f94000 [ 10.889118] which belongs to the cache kmalloc-8k of size 8192 [ 10.890193] The buggy address is located 0 bytes to the right of [ 10.890193] allocated 7936-byte region [ffff888101f94000, ffff888101f95f00) [ 10.891479] [ 10.891638] The buggy address belongs to the physical page: [ 10.892206] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101f90 [ 10.892988] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.893569] flags: 0x200000000000040(head|node=0|zone=2) [ 10.893809] page_type: f5(slab) [ 10.894123] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 10.894563] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 10.894805] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 10.895141] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 10.895365] head: 0200000000000003 ffffea000407e401 00000000ffffffff 00000000ffffffff [ 10.895614] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 10.895858] page dumped because: kasan: bad access detected [ 10.896029] [ 10.896097] Memory state around the buggy address: [ 10.896248] ffff888101f95e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.896467] ffff888101f95e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.896767] >ffff888101f95f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.897029] ^ [ 10.897224] ffff888101f95f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.897472] ffff888101f96000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.898057] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 10.810323] ================================================================== [ 10.811345] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.811629] Write of size 1 at addr ffff888102c7bd78 by task kunit_try_catch/161 [ 10.811858] [ 10.811947] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 10.811991] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.812005] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.812024] Call Trace: [ 10.812036] <TASK> [ 10.812052] dump_stack_lvl+0x73/0xb0 [ 10.812079] print_report+0xd1/0x650 [ 10.812101] ? __virt_addr_valid+0x1db/0x2d0 [ 10.812123] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.812146] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.812166] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.812189] kasan_report+0x141/0x180 [ 10.812210] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.812237] __asan_report_store1_noabort+0x1b/0x30 [ 10.812257] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.812280] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 10.812303] ? __schedule+0x10cc/0x2b60 [ 10.812324] ? __pfx_read_tsc+0x10/0x10 [ 10.812344] ? ktime_get_ts64+0x86/0x230 [ 10.812366] kunit_try_run_case+0x1a5/0x480 [ 10.812602] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.812629] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.812651] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.812800] ? __kthread_parkme+0x82/0x180 [ 10.812827] ? preempt_count_sub+0x50/0x80 [ 10.812946] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.812970] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.812992] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.813014] kthread+0x337/0x6f0 [ 10.813033] ? trace_preempt_on+0x20/0xc0 [ 10.813056] ? __pfx_kthread+0x10/0x10 [ 10.813075] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.813095] ? calculate_sigpending+0x7b/0xa0 [ 10.813118] ? __pfx_kthread+0x10/0x10 [ 10.813138] ret_from_fork+0x116/0x1d0 [ 10.813155] ? __pfx_kthread+0x10/0x10 [ 10.813174] ret_from_fork_asm+0x1a/0x30 [ 10.813205] </TASK> [ 10.813215] [ 10.828983] Allocated by task 161: [ 10.829311] kasan_save_stack+0x45/0x70 [ 10.829781] kasan_save_track+0x18/0x40 [ 10.830099] kasan_save_alloc_info+0x3b/0x50 [ 10.830247] __kasan_kmalloc+0xb7/0xc0 [ 10.830388] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 10.830609] kmalloc_track_caller_oob_right+0x99/0x520 [ 10.831055] kunit_try_run_case+0x1a5/0x480 [ 10.831465] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.832261] kthread+0x337/0x6f0 [ 10.832653] ret_from_fork+0x116/0x1d0 [ 10.833050] ret_from_fork_asm+0x1a/0x30 [ 10.833416] [ 10.833574] The buggy address belongs to the object at ffff888102c7bd00 [ 10.833574] which belongs to the cache kmalloc-128 of size 128 [ 10.834151] The buggy address is located 0 bytes to the right of [ 10.834151] allocated 120-byte region [ffff888102c7bd00, ffff888102c7bd78) [ 10.834530] [ 10.834688] The buggy address belongs to the physical page: [ 10.835155] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c7b [ 10.835951] flags: 0x200000000000000(node=0|zone=2) [ 10.836389] page_type: f5(slab) [ 10.836874] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.837539] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.838344] page dumped because: kasan: bad access detected [ 10.839005] [ 10.839176] Memory state around the buggy address: [ 10.839343] ffff888102c7bc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.839571] ffff888102c7bc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.840287] >ffff888102c7bd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 10.841090] ^ [ 10.841767] ffff888102c7bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.842420] ffff888102c7be00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.842767] ================================================================== [ 10.843833] ================================================================== [ 10.844701] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.845112] Write of size 1 at addr ffff888102c7be78 by task kunit_try_catch/161 [ 10.845339] [ 10.845443] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 10.845485] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.845496] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.845516] Call Trace: [ 10.845527] <TASK> [ 10.845543] dump_stack_lvl+0x73/0xb0 [ 10.845582] print_report+0xd1/0x650 [ 10.845605] ? __virt_addr_valid+0x1db/0x2d0 [ 10.845626] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.845649] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.845669] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.845692] kasan_report+0x141/0x180 [ 10.845713] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.845740] __asan_report_store1_noabort+0x1b/0x30 [ 10.845760] kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.845782] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 10.845807] ? __schedule+0x10cc/0x2b60 [ 10.845828] ? __pfx_read_tsc+0x10/0x10 [ 10.845848] ? ktime_get_ts64+0x86/0x230 [ 10.845870] kunit_try_run_case+0x1a5/0x480 [ 10.845893] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.845913] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.845935] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.845955] ? __kthread_parkme+0x82/0x180 [ 10.845975] ? preempt_count_sub+0x50/0x80 [ 10.845997] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.846019] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.846039] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.846061] kthread+0x337/0x6f0 [ 10.846079] ? trace_preempt_on+0x20/0xc0 [ 10.846101] ? __pfx_kthread+0x10/0x10 [ 10.846121] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.846140] ? calculate_sigpending+0x7b/0xa0 [ 10.846163] ? __pfx_kthread+0x10/0x10 [ 10.846183] ret_from_fork+0x116/0x1d0 [ 10.846200] ? __pfx_kthread+0x10/0x10 [ 10.846219] ret_from_fork_asm+0x1a/0x30 [ 10.846248] </TASK> [ 10.846258] [ 10.856502] Allocated by task 161: [ 10.856686] kasan_save_stack+0x45/0x70 [ 10.857281] kasan_save_track+0x18/0x40 [ 10.857665] kasan_save_alloc_info+0x3b/0x50 [ 10.857901] __kasan_kmalloc+0xb7/0xc0 [ 10.858047] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 10.858290] kmalloc_track_caller_oob_right+0x19a/0x520 [ 10.858531] kunit_try_run_case+0x1a5/0x480 [ 10.859035] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.859260] kthread+0x337/0x6f0 [ 10.859434] ret_from_fork+0x116/0x1d0 [ 10.859612] ret_from_fork_asm+0x1a/0x30 [ 10.860188] [ 10.860299] The buggy address belongs to the object at ffff888102c7be00 [ 10.860299] which belongs to the cache kmalloc-128 of size 128 [ 10.860680] The buggy address is located 0 bytes to the right of [ 10.860680] allocated 120-byte region [ffff888102c7be00, ffff888102c7be78) [ 10.861342] [ 10.861455] The buggy address belongs to the physical page: [ 10.861802] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c7b [ 10.862086] flags: 0x200000000000000(node=0|zone=2) [ 10.862369] page_type: f5(slab) [ 10.862896] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.863262] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.863771] page dumped because: kasan: bad access detected [ 10.864168] [ 10.864424] Memory state around the buggy address: [ 10.864680] ffff888102c7bd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.865185] ffff888102c7bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.865643] >ffff888102c7be00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 10.866048] ^ [ 10.866475] ffff888102c7be80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.867039] ffff888102c7bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.867406] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 10.784222] ================================================================== [ 10.784774] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 10.785373] Read of size 1 at addr ffff8881038a9000 by task kunit_try_catch/159 [ 10.785769] [ 10.785905] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 10.785949] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.785961] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.785980] Call Trace: [ 10.786004] <TASK> [ 10.786022] dump_stack_lvl+0x73/0xb0 [ 10.786054] print_report+0xd1/0x650 [ 10.786089] ? __virt_addr_valid+0x1db/0x2d0 [ 10.786113] ? kmalloc_node_oob_right+0x369/0x3c0 [ 10.786135] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.786155] ? kmalloc_node_oob_right+0x369/0x3c0 [ 10.786178] kasan_report+0x141/0x180 [ 10.786198] ? kmalloc_node_oob_right+0x369/0x3c0 [ 10.786226] __asan_report_load1_noabort+0x18/0x20 [ 10.786258] kmalloc_node_oob_right+0x369/0x3c0 [ 10.786281] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 10.786304] ? __schedule+0x10cc/0x2b60 [ 10.786335] ? __pfx_read_tsc+0x10/0x10 [ 10.786357] ? ktime_get_ts64+0x86/0x230 [ 10.786391] kunit_try_run_case+0x1a5/0x480 [ 10.786417] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.786438] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.786461] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.786490] ? __kthread_parkme+0x82/0x180 [ 10.786510] ? preempt_count_sub+0x50/0x80 [ 10.786534] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.786566] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.786627] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.786651] kthread+0x337/0x6f0 [ 10.786670] ? trace_preempt_on+0x20/0xc0 [ 10.786693] ? __pfx_kthread+0x10/0x10 [ 10.786713] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.786733] ? calculate_sigpending+0x7b/0xa0 [ 10.786756] ? __pfx_kthread+0x10/0x10 [ 10.786777] ret_from_fork+0x116/0x1d0 [ 10.786794] ? __pfx_kthread+0x10/0x10 [ 10.786813] ret_from_fork_asm+0x1a/0x30 [ 10.786843] </TASK> [ 10.786854] [ 10.794980] Allocated by task 159: [ 10.795173] kasan_save_stack+0x45/0x70 [ 10.795406] kasan_save_track+0x18/0x40 [ 10.795544] kasan_save_alloc_info+0x3b/0x50 [ 10.795835] __kasan_kmalloc+0xb7/0xc0 [ 10.796037] __kmalloc_cache_node_noprof+0x188/0x420 [ 10.796226] kmalloc_node_oob_right+0xab/0x3c0 [ 10.796451] kunit_try_run_case+0x1a5/0x480 [ 10.796724] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.797029] kthread+0x337/0x6f0 [ 10.797190] ret_from_fork+0x116/0x1d0 [ 10.797397] ret_from_fork_asm+0x1a/0x30 [ 10.797631] [ 10.797735] The buggy address belongs to the object at ffff8881038a8000 [ 10.797735] which belongs to the cache kmalloc-4k of size 4096 [ 10.798305] The buggy address is located 0 bytes to the right of [ 10.798305] allocated 4096-byte region [ffff8881038a8000, ffff8881038a9000) [ 10.798959] [ 10.799059] The buggy address belongs to the physical page: [ 10.799354] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038a8 [ 10.799807] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.800622] flags: 0x200000000000040(head|node=0|zone=2) [ 10.801014] page_type: f5(slab) [ 10.801214] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 10.801526] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 10.802075] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 10.802347] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 10.802649] head: 0200000000000003 ffffea00040e2a01 00000000ffffffff 00000000ffffffff [ 10.803118] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 10.803532] page dumped because: kasan: bad access detected [ 10.803901] [ 10.803992] Memory state around the buggy address: [ 10.804167] ffff8881038a8f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.804494] ffff8881038a8f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.805067] >ffff8881038a9000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.805363] ^ [ 10.805509] ffff8881038a9080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.805724] ffff8881038a9100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.806058] ==================================================================
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_gem_shmem_test_get_pages_sgtdrm-kunit-mock-device-drm-drm_warn_onrefcount_readshmem-pages_pin_count
------------[ cut here ]------------ [ 140.206895] drm-kunit-mock-device drm_gem_shmem_test_get_pages_sgt.drm-kunit-mock-device: [drm] drm_WARN_ON(refcount_read(&shmem->pages_pin_count)) [ 140.207043] WARNING: CPU: 1 PID: 2570 at drivers/gpu/drm/drm_gem_shmem_helper.c:180 drm_gem_shmem_free+0x3ed/0x6c0 [ 140.208035] Modules linked in: [ 140.208334] CPU: 1 UID: 0 PID: 2570 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 140.208946] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.209236] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.209763] RIP: 0010:drm_gem_shmem_free+0x3ed/0x6c0 [ 140.210066] Code: 85 f6 0f 84 ba 01 00 00 4c 89 e7 e8 9d 24 80 00 48 c7 c1 40 76 de 8a 4c 89 f2 48 c7 c7 00 73 de 8a 48 89 c6 e8 74 c7 77 fe 90 <0f> 0b 90 90 e9 09 ff ff ff 90 48 b8 00 00 00 00 00 fc ff df 48 8d [ 140.210970] RSP: 0000:ffff88810a78fd18 EFLAGS: 00010286 [ 140.211215] RAX: 0000000000000000 RBX: ffff888106855400 RCX: 1ffffffff1764c80 [ 140.211748] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 140.212228] RBP: ffff88810a78fd48 R08: 0000000000000000 R09: fffffbfff1764c80 [ 140.212561] R10: 0000000000000003 R11: 0000000000039390 R12: ffff88810a4df800 [ 140.212989] R13: ffff8881068554f8 R14: ffff888105262580 R15: ffff88810039fb40 [ 140.213313] FS: 0000000000000000(0000) GS:ffff8881ce374000(0000) knlGS:0000000000000000 [ 140.213781] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.214101] CR2: 00007ffff7ffe000 CR3: 00000001356bc000 CR4: 00000000000006f0 [ 140.214440] DR0: ffffffff8ce50444 DR1: ffffffff8ce50449 DR2: ffffffff8ce5044a [ 140.214959] DR3: ffffffff8ce5044b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.215525] Call Trace: [ 140.215677] <TASK> [ 140.215789] ? trace_preempt_on+0x20/0xc0 [ 140.215985] ? __pfx_drm_gem_shmem_free_wrapper+0x10/0x10 [ 140.216471] drm_gem_shmem_free_wrapper+0x12/0x20 [ 140.216749] __kunit_action_free+0x57/0x70 [ 140.217124] kunit_remove_resource+0x133/0x200 [ 140.217415] ? preempt_count_sub+0x50/0x80 [ 140.217682] kunit_cleanup+0x7a/0x120 [ 140.218030] kunit_try_run_case_cleanup+0xbd/0xf0 [ 140.218281] ? __pfx_kunit_try_run_case_cleanup+0x10/0x10 [ 140.218660] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.219035] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.219352] kthread+0x337/0x6f0 [ 140.219525] ? trace_preempt_on+0x20/0xc0 [ 140.219808] ? __pfx_kthread+0x10/0x10 [ 140.219994] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.220207] ? calculate_sigpending+0x7b/0xa0 [ 140.220537] ? __pfx_kthread+0x10/0x10 [ 140.221077] ret_from_fork+0x116/0x1d0 [ 140.221285] ? __pfx_kthread+0x10/0x10 [ 140.221535] ret_from_fork_asm+0x1a/0x30 [ 140.221850] </TASK> [ 140.221986] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 140.070155] WARNING: CPU: 0 PID: 2551 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 140.071650] Modules linked in: [ 140.072150] CPU: 0 UID: 0 PID: 2551 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 140.073730] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.073980] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.074238] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 140.074425] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 140.075852] RSP: 0000:ffff88810a7dfb30 EFLAGS: 00010246 [ 140.076420] RAX: dffffc0000000000 RBX: ffff88810a7dfc28 RCX: 0000000000000000 [ 140.077634] RDX: 1ffff110214fbf8e RSI: ffff88810a7dfc28 RDI: ffff88810a7dfc70 [ 140.077946] RBP: ffff88810a7dfb70 R08: ffff88810a6e8000 R09: ffffffff8add7980 [ 140.078237] R10: 0000000000000003 R11: 00000000286ad266 R12: ffff88810a6e8000 [ 140.078527] R13: ffff88810039fae8 R14: ffff88810a7dfba8 R15: 0000000000000000 [ 140.078953] FS: 0000000000000000(0000) GS:ffff8881ce274000(0000) knlGS:0000000000000000 [ 140.079284] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.079514] CR2: 00007ffff7ffe000 CR3: 00000001356bc000 CR4: 00000000000006f0 [ 140.079931] DR0: ffffffff8ce50440 DR1: ffffffff8ce50441 DR2: ffffffff8ce50443 [ 140.080242] DR3: ffffffff8ce50445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.080552] Call Trace: [ 140.080676] <TASK> [ 140.080827] ? add_dr+0xc1/0x1d0 [ 140.081027] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 140.081293] ? add_dr+0x148/0x1d0 [ 140.081494] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 140.081702] ? __drmm_add_action+0x1a4/0x280 [ 140.082026] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.082267] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.082746] ? __drmm_add_action_or_reset+0x22/0x50 [ 140.083067] ? __schedule+0x10cc/0x2b60 [ 140.083350] ? __pfx_read_tsc+0x10/0x10 [ 140.083583] ? ktime_get_ts64+0x86/0x230 [ 140.083930] kunit_try_run_case+0x1a5/0x480 [ 140.084148] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.084372] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.085026] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.085273] ? __kthread_parkme+0x82/0x180 [ 140.085484] ? preempt_count_sub+0x50/0x80 [ 140.086161] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.086484] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.086730] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.087169] kthread+0x337/0x6f0 [ 140.087324] ? trace_preempt_on+0x20/0xc0 [ 140.087543] ? __pfx_kthread+0x10/0x10 [ 140.087850] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.088031] ? calculate_sigpending+0x7b/0xa0 [ 140.088418] ? __pfx_kthread+0x10/0x10 [ 140.088631] ret_from_fork+0x116/0x1d0 [ 140.088796] ? __pfx_kthread+0x10/0x10 [ 140.089013] ret_from_fork_asm+0x1a/0x30 [ 140.089296] </TASK> [ 140.089436] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 140.035554] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 140.035752] WARNING: CPU: 0 PID: 2547 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 140.037005] Modules linked in: [ 140.037386] CPU: 0 UID: 0 PID: 2547 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 140.038080] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.038483] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.039063] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 140.039421] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 cb 3e 87 00 48 c7 c1 40 29 dd 8a 4c 89 fa 48 c7 c7 a0 29 dd 8a 48 89 c6 e8 a2 e1 7e fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 140.040393] RSP: 0000:ffff88810a4c7b68 EFLAGS: 00010282 [ 140.040618] RAX: 0000000000000000 RBX: ffff88810a4c7c40 RCX: 1ffffffff1764c80 [ 140.041486] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 140.042347] RBP: ffff88810a4c7b90 R08: 0000000000000000 R09: fffffbfff1764c80 [ 140.042879] R10: 0000000000000003 R11: 0000000000037a38 R12: ffff88810a4c7c18 [ 140.043092] R13: ffff88810a648800 R14: ffff88810a4f6000 R15: ffff888102eb8400 [ 140.043295] FS: 0000000000000000(0000) GS:ffff8881ce274000(0000) knlGS:0000000000000000 [ 140.043547] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.044172] CR2: 00007ffff7ffe000 CR3: 00000001356bc000 CR4: 00000000000006f0 [ 140.044709] DR0: ffffffff8ce50440 DR1: ffffffff8ce50441 DR2: ffffffff8ce50443 [ 140.045012] DR3: ffffffff8ce50445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.045313] Call Trace: [ 140.045455] <TASK> [ 140.045582] drm_test_framebuffer_free+0x1ab/0x610 [ 140.046202] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 140.046863] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.047107] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.047382] ? __drmm_add_action_or_reset+0x22/0x50 [ 140.047926] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 140.048187] kunit_try_run_case+0x1a5/0x480 [ 140.048542] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.048967] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.049295] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.049706] ? __kthread_parkme+0x82/0x180 [ 140.050151] ? preempt_count_sub+0x50/0x80 [ 140.050372] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.050617] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.051116] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.051390] kthread+0x337/0x6f0 [ 140.051528] ? trace_preempt_on+0x20/0xc0 [ 140.051923] ? __pfx_kthread+0x10/0x10 [ 140.052101] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.052296] ? calculate_sigpending+0x7b/0xa0 [ 140.052500] ? __pfx_kthread+0x10/0x10 [ 140.052666] ret_from_fork+0x116/0x1d0 [ 140.052911] ? __pfx_kthread+0x10/0x10 [ 140.053163] ret_from_fork_asm+0x1a/0x30 [ 140.053365] </TASK> [ 140.053456] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 138.815182] WARNING: CPU: 1 PID: 1985 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 138.816276] Modules linked in: [ 138.816679] CPU: 1 UID: 0 PID: 1985 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 138.817901] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 138.818428] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 138.819464] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 138.820144] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d c3 cc cc cc cc 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 138.821662] RSP: 0000:ffff88810967fc90 EFLAGS: 00010246 [ 138.822226] RAX: dffffc0000000000 RBX: ffff88815a99c000 RCX: 0000000000000000 [ 138.822934] RDX: 1ffff1102b533832 RSI: ffffffff88005688 RDI: ffff88815a99c190 [ 138.823370] RBP: ffff88810967fca0 R08: 1ffff11020073f69 R09: ffffed10212cff65 [ 138.823642] R10: 0000000000000003 R11: ffffffff86a049da R12: 0000000000000000 [ 138.824459] R13: ffff88810967fd38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 138.824688] FS: 0000000000000000(0000) GS:ffff8881ce374000(0000) knlGS:0000000000000000 [ 138.824924] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.825101] CR2: 00007ffff7ffe000 CR3: 00000001356bc000 CR4: 00000000000006f0 [ 138.825308] DR0: ffffffff8ce50444 DR1: ffffffff8ce50449 DR2: ffffffff8ce5044a [ 138.825529] DR3: ffffffff8ce5044b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 138.825741] Call Trace: [ 138.825844] <TASK> [ 138.825948] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 138.826170] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 138.826529] ? __schedule+0x10cc/0x2b60 [ 138.826878] ? __pfx_read_tsc+0x10/0x10 [ 138.827544] ? ktime_get_ts64+0x86/0x230 [ 138.828088] kunit_try_run_case+0x1a5/0x480 [ 138.828516] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.829191] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 138.829698] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 138.830221] ? __kthread_parkme+0x82/0x180 [ 138.830774] ? preempt_count_sub+0x50/0x80 [ 138.831193] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.831729] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 138.832286] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 138.833119] kthread+0x337/0x6f0 [ 138.833466] ? trace_preempt_on+0x20/0xc0 [ 138.833962] ? __pfx_kthread+0x10/0x10 [ 138.834331] ? _raw_spin_unlock_irq+0x47/0x80 [ 138.834723] ? calculate_sigpending+0x7b/0xa0 [ 138.835104] ? __pfx_kthread+0x10/0x10 [ 138.835479] ret_from_fork+0x116/0x1d0 [ 138.835892] ? __pfx_kthread+0x10/0x10 [ 138.836114] ret_from_fork_asm+0x1a/0x30 [ 138.836271] </TASK> [ 138.836376] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 138.735540] WARNING: CPU: 0 PID: 1977 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 138.736181] Modules linked in: [ 138.736403] CPU: 0 UID: 0 PID: 1977 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 138.737034] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 138.737297] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 138.737641] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 138.738010] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d c3 cc cc cc cc 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 138.739015] RSP: 0000:ffff8881095efc90 EFLAGS: 00010246 [ 138.739284] RAX: dffffc0000000000 RBX: ffff8881098e2000 RCX: 0000000000000000 [ 138.739819] RDX: 1ffff1102131c432 RSI: ffffffff88005688 RDI: ffff8881098e2190 [ 138.741065] RBP: ffff8881095efca0 R08: 1ffff11020073f69 R09: ffffed10212bdf65 [ 138.741368] R10: 0000000000000003 R11: ffffffff86a049da R12: 0000000000000000 [ 138.742051] R13: ffff8881095efd38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 138.742364] FS: 0000000000000000(0000) GS:ffff8881ce274000(0000) knlGS:0000000000000000 [ 138.742756] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.743002] CR2: 00007ffff7ffe000 CR3: 00000001356bc000 CR4: 00000000000006f0 [ 138.743317] DR0: ffffffff8ce50440 DR1: ffffffff8ce50441 DR2: ffffffff8ce50443 [ 138.743679] DR3: ffffffff8ce50445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 138.744018] Call Trace: [ 138.744159] <TASK> [ 138.744292] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 138.744687] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 138.745286] ? __schedule+0x207f/0x2b60 [ 138.745495] ? __pfx_read_tsc+0x10/0x10 [ 138.745776] ? ktime_get_ts64+0x86/0x230 [ 138.746012] kunit_try_run_case+0x1a5/0x480 [ 138.746298] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.746524] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 138.746899] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 138.747180] ? __kthread_parkme+0x82/0x180 [ 138.747422] ? preempt_count_sub+0x50/0x80 [ 138.747840] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.748086] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 138.748330] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 138.748627] kthread+0x337/0x6f0 [ 138.748815] ? trace_preempt_on+0x20/0xc0 [ 138.749408] ? __pfx_kthread+0x10/0x10 [ 138.749679] ? _raw_spin_unlock_irq+0x47/0x80 [ 138.749952] ? calculate_sigpending+0x7b/0xa0 [ 138.750134] ? __pfx_kthread+0x10/0x10 [ 138.750333] ret_from_fork+0x116/0x1d0 [ 138.750535] ? __pfx_kthread+0x10/0x10 [ 138.750909] ret_from_fork_asm+0x1a/0x30 [ 138.751095] </TASK> [ 138.751296] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 108.400633] WARNING: CPU: 0 PID: 675 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 108.401309] Modules linked in: [ 108.401478] CPU: 0 UID: 0 PID: 675 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 108.402662] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 108.403398] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 108.404579] RIP: 0010:intlog10+0x2a/0x40 [ 108.405034] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 108.406541] RSP: 0000:ffff8881023d7cb0 EFLAGS: 00010246 [ 108.407191] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff1102047afb4 [ 108.408048] RDX: 1ffffffff1592bc4 RSI: 1ffff1102047afb3 RDI: 0000000000000000 [ 108.408733] RBP: ffff8881023d7d60 R08: 0000000000000000 R09: ffffed10208277a0 [ 108.409541] R10: ffff88810413bd07 R11: 0000000000000000 R12: 1ffff1102047af97 [ 108.410428] R13: ffffffff8ac95e20 R14: 0000000000000000 R15: ffff8881023d7d38 [ 108.410751] FS: 0000000000000000(0000) GS:ffff8881ce274000(0000) knlGS:0000000000000000 [ 108.411960] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.412496] CR2: ffff88815a90e000 CR3: 00000001356bc000 CR4: 00000000000006f0 [ 108.412994] DR0: ffffffff8ce50440 DR1: ffffffff8ce50441 DR2: ffffffff8ce50443 [ 108.413707] DR3: ffffffff8ce50445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 108.414166] Call Trace: [ 108.414280] <TASK> [ 108.414372] ? intlog10_test+0xf2/0x220 [ 108.414541] ? __pfx_intlog10_test+0x10/0x10 [ 108.415046] ? __schedule+0x10cc/0x2b60 [ 108.415437] ? __pfx_read_tsc+0x10/0x10 [ 108.415903] ? ktime_get_ts64+0x86/0x230 [ 108.416456] kunit_try_run_case+0x1a5/0x480 [ 108.416957] ? __pfx_kunit_try_run_case+0x10/0x10 [ 108.417453] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 108.417879] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 108.418207] ? __kthread_parkme+0x82/0x180 [ 108.418710] ? preempt_count_sub+0x50/0x80 [ 108.418997] ? __pfx_kunit_try_run_case+0x10/0x10 [ 108.419162] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 108.419332] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 108.419514] kthread+0x337/0x6f0 [ 108.419914] ? trace_preempt_on+0x20/0xc0 [ 108.420353] ? __pfx_kthread+0x10/0x10 [ 108.420871] ? _raw_spin_unlock_irq+0x47/0x80 [ 108.421094] ? calculate_sigpending+0x7b/0xa0 [ 108.421248] ? __pfx_kthread+0x10/0x10 [ 108.421381] ret_from_fork+0x116/0x1d0 [ 108.421510] ? __pfx_kthread+0x10/0x10 [ 108.421665] ret_from_fork_asm+0x1a/0x30 [ 108.421898] </TASK> [ 108.422065] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 108.362085] WARNING: CPU: 1 PID: 657 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 108.362370] Modules linked in: [ 108.362546] CPU: 1 UID: 0 PID: 657 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 108.363248] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 108.363412] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 108.363884] RIP: 0010:intlog2+0xdf/0x110 [ 108.364270] Code: c9 8a c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d c3 cc cc cc cc 90 <0f> 0b 90 31 c0 e9 d7 9b 86 02 89 45 e4 e8 df ff 55 ff 8b 45 e4 eb [ 108.365777] RSP: 0000:ffff888101fafcb0 EFLAGS: 00010246 [ 108.365964] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff110203f5fb4 [ 108.366174] RDX: 1ffffffff1592c18 RSI: 1ffff110203f5fb3 RDI: 0000000000000000 [ 108.366382] RBP: ffff888101fafd60 R08: 0000000000000000 R09: ffffed1021029260 [ 108.366952] R10: ffff888108149307 R11: 0000000000000000 R12: 1ffff110203f5f97 [ 108.367234] R13: ffffffff8ac960c0 R14: 0000000000000000 R15: ffff888101fafd38 [ 108.367491] FS: 0000000000000000(0000) GS:ffff8881ce374000(0000) knlGS:0000000000000000 [ 108.368044] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.368295] CR2: dffffc0000000000 CR3: 00000001356bc000 CR4: 00000000000006f0 [ 108.368861] DR0: ffffffff8ce50444 DR1: ffffffff8ce50449 DR2: ffffffff8ce5044a [ 108.369268] DR3: ffffffff8ce5044b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 108.369714] Call Trace: [ 108.369948] <TASK> [ 108.370110] ? intlog2_test+0xf2/0x220 [ 108.370426] ? __pfx_intlog2_test+0x10/0x10 [ 108.370783] ? __schedule+0x10cc/0x2b60 [ 108.370996] ? __pfx_read_tsc+0x10/0x10 [ 108.371382] ? ktime_get_ts64+0x86/0x230 [ 108.371640] kunit_try_run_case+0x1a5/0x480 [ 108.371832] ? __pfx_kunit_try_run_case+0x10/0x10 [ 108.372032] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 108.372246] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 108.372457] ? __kthread_parkme+0x82/0x180 [ 108.372751] ? preempt_count_sub+0x50/0x80 [ 108.372936] ? __pfx_kunit_try_run_case+0x10/0x10 [ 108.373141] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 108.373429] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 108.373762] kthread+0x337/0x6f0 [ 108.373929] ? trace_preempt_on+0x20/0xc0 [ 108.374180] ? __pfx_kthread+0x10/0x10 [ 108.374372] ? _raw_spin_unlock_irq+0x47/0x80 [ 108.374672] ? calculate_sigpending+0x7b/0xa0 [ 108.374867] ? __pfx_kthread+0x10/0x10 [ 108.375117] ret_from_fork+0x116/0x1d0 [ 108.375306] ? __pfx_kthread+0x10/0x10 [ 108.375509] ret_from_fork_asm+0x1a/0x30 [ 108.375800] </TASK> [ 108.375992] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
KNOWN ISSUE - qemu-x86_64: Oops: general protection fault, probably for non-canonical address - KASAN: null-ptr-deref - kunit_test_null_dereference
[ 107.794858] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI