Date
July 10, 2025, 11:10 p.m.
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 49.502289] ================================================================== [ 49.502641] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 49.502641] [ 49.503074] Use-after-free read at 0x(____ptrval____) (in kfence-#139): [ 49.503374] test_krealloc+0x6fc/0xbe0 [ 49.503615] kunit_try_run_case+0x1a5/0x480 [ 49.503784] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.504074] kthread+0x337/0x6f0 [ 49.504277] ret_from_fork+0x116/0x1d0 [ 49.504726] ret_from_fork_asm+0x1a/0x30 [ 49.504915] [ 49.504995] kfence-#139: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 49.504995] [ 49.505860] allocated by task 355 on cpu 0 at 49.501621s (0.004236s ago): [ 49.506198] test_alloc+0x364/0x10f0 [ 49.506634] test_krealloc+0xad/0xbe0 [ 49.506829] kunit_try_run_case+0x1a5/0x480 [ 49.507035] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.507293] kthread+0x337/0x6f0 [ 49.507499] ret_from_fork+0x116/0x1d0 [ 49.507701] ret_from_fork_asm+0x1a/0x30 [ 49.507917] [ 49.508018] freed by task 355 on cpu 0 at 49.501879s (0.006136s ago): [ 49.508294] krealloc_noprof+0x108/0x340 [ 49.508563] test_krealloc+0x226/0xbe0 [ 49.508741] kunit_try_run_case+0x1a5/0x480 [ 49.508952] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.509234] kthread+0x337/0x6f0 [ 49.509410] ret_from_fork+0x116/0x1d0 [ 49.509592] ret_from_fork_asm+0x1a/0x30 [ 49.509758] [ 49.509901] CPU: 0 UID: 0 PID: 355 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 49.510375] Tainted: [B]=BAD_PAGE, [N]=TEST [ 49.510601] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 49.510956] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 49.419950] ================================================================== [ 49.420463] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 49.420463] [ 49.420903] Use-after-free read at 0x(____ptrval____) (in kfence-#138): [ 49.421202] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 49.421405] kunit_try_run_case+0x1a5/0x480 [ 49.421625] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.421841] kthread+0x337/0x6f0 [ 49.421986] ret_from_fork+0x116/0x1d0 [ 49.422126] ret_from_fork_asm+0x1a/0x30 [ 49.422466] [ 49.422555] kfence-#138: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 49.422555] [ 49.422924] allocated by task 353 on cpu 1 at 49.398516s (0.024406s ago): [ 49.423215] test_alloc+0x2a6/0x10f0 [ 49.423435] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 49.423610] kunit_try_run_case+0x1a5/0x480 [ 49.423777] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.424028] kthread+0x337/0x6f0 [ 49.424164] ret_from_fork+0x116/0x1d0 [ 49.424298] ret_from_fork_asm+0x1a/0x30 [ 49.424796] [ 49.424908] freed by task 353 on cpu 1 at 49.398613s (0.026293s ago): [ 49.425233] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 49.425648] kunit_try_run_case+0x1a5/0x480 [ 49.426307] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.426559] kthread+0x337/0x6f0 [ 49.426737] ret_from_fork+0x116/0x1d0 [ 49.426887] ret_from_fork_asm+0x1a/0x30 [ 49.427085] [ 49.427212] CPU: 1 UID: 0 PID: 353 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 49.427717] Tainted: [B]=BAD_PAGE, [N]=TEST [ 49.427910] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 49.428286] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 24.760869] ================================================================== [ 24.761369] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 24.761369] [ 24.762372] Invalid read at 0x(____ptrval____): [ 24.762926] test_invalid_access+0xf0/0x210 [ 24.763437] kunit_try_run_case+0x1a5/0x480 [ 24.763774] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.764192] kthread+0x337/0x6f0 [ 24.764339] ret_from_fork+0x116/0x1d0 [ 24.764596] ret_from_fork_asm+0x1a/0x30 [ 24.764785] [ 24.764882] CPU: 1 UID: 0 PID: 349 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 24.765467] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.765698] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.766040] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 24.541874] ================================================================== [ 24.542276] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 24.542276] [ 24.542774] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#134): [ 24.543362] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 24.543585] kunit_try_run_case+0x1a5/0x480 [ 24.543831] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.544098] kthread+0x337/0x6f0 [ 24.544311] ret_from_fork+0x116/0x1d0 [ 24.544513] ret_from_fork_asm+0x1a/0x30 [ 24.544656] [ 24.544728] kfence-#134: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 24.544728] [ 24.545100] allocated by task 343 on cpu 1 at 24.541610s (0.003488s ago): [ 24.545532] test_alloc+0x364/0x10f0 [ 24.545740] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 24.545927] kunit_try_run_case+0x1a5/0x480 [ 24.546143] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.546461] kthread+0x337/0x6f0 [ 24.546640] ret_from_fork+0x116/0x1d0 [ 24.546841] ret_from_fork_asm+0x1a/0x30 [ 24.547010] [ 24.547107] freed by task 343 on cpu 1 at 24.541753s (0.005352s ago): [ 24.547463] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 24.547698] kunit_try_run_case+0x1a5/0x480 [ 24.547938] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.548208] kthread+0x337/0x6f0 [ 24.548382] ret_from_fork+0x116/0x1d0 [ 24.548549] ret_from_fork_asm+0x1a/0x30 [ 24.548685] [ 24.548779] CPU: 1 UID: 0 PID: 343 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 24.549566] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.549785] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.550201] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 24.333843] ================================================================== [ 24.334241] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 24.334241] [ 24.334732] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#132): [ 24.335083] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 24.335352] kunit_try_run_case+0x1a5/0x480 [ 24.335921] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.336190] kthread+0x337/0x6f0 [ 24.336630] ret_from_fork+0x116/0x1d0 [ 24.336823] ret_from_fork_asm+0x1a/0x30 [ 24.337076] [ 24.337173] kfence-#132: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 24.337173] [ 24.337584] allocated by task 341 on cpu 0 at 24.333634s (0.003947s ago): [ 24.337884] test_alloc+0x364/0x10f0 [ 24.338081] test_kmalloc_aligned_oob_read+0x105/0x560 [ 24.338321] kunit_try_run_case+0x1a5/0x480 [ 24.338878] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.339090] kthread+0x337/0x6f0 [ 24.339395] ret_from_fork+0x116/0x1d0 [ 24.339595] ret_from_fork_asm+0x1a/0x30 [ 24.339892] [ 24.340084] CPU: 0 UID: 0 PID: 341 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 24.340643] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.340916] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.341357] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 19.445919] ================================================================== [ 19.446296] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 19.446296] [ 19.446641] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#85): [ 19.447119] test_corruption+0x2df/0x3e0 [ 19.447343] kunit_try_run_case+0x1a5/0x480 [ 19.447561] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.447776] kthread+0x337/0x6f0 [ 19.447950] ret_from_fork+0x116/0x1d0 [ 19.448137] ret_from_fork_asm+0x1a/0x30 [ 19.448354] [ 19.448485] kfence-#85: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 19.448485] [ 19.448864] allocated by task 329 on cpu 0 at 19.445671s (0.003191s ago): [ 19.449194] test_alloc+0x364/0x10f0 [ 19.449396] test_corruption+0x1cb/0x3e0 [ 19.449613] kunit_try_run_case+0x1a5/0x480 [ 19.449756] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.450253] kthread+0x337/0x6f0 [ 19.450429] ret_from_fork+0x116/0x1d0 [ 19.450684] ret_from_fork_asm+0x1a/0x30 [ 19.450852] [ 19.450923] freed by task 329 on cpu 0 at 19.445762s (0.005159s ago): [ 19.451242] test_corruption+0x2df/0x3e0 [ 19.451473] kunit_try_run_case+0x1a5/0x480 [ 19.451668] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.451914] kthread+0x337/0x6f0 [ 19.452089] ret_from_fork+0x116/0x1d0 [ 19.452267] ret_from_fork_asm+0x1a/0x30 [ 19.452544] [ 19.452656] CPU: 0 UID: 0 PID: 329 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 19.453170] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.453372] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.453751] ================================================================== [ 19.549775] ================================================================== [ 19.550152] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 19.550152] [ 19.550647] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#86): [ 19.551168] test_corruption+0x131/0x3e0 [ 19.551494] kunit_try_run_case+0x1a5/0x480 [ 19.551657] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.551830] kthread+0x337/0x6f0 [ 19.551952] ret_from_fork+0x116/0x1d0 [ 19.552127] ret_from_fork_asm+0x1a/0x30 [ 19.552378] [ 19.552502] kfence-#86: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.552502] [ 19.553025] allocated by task 331 on cpu 0 at 19.549657s (0.003366s ago): [ 19.553420] test_alloc+0x2a6/0x10f0 [ 19.553614] test_corruption+0xe6/0x3e0 [ 19.553833] kunit_try_run_case+0x1a5/0x480 [ 19.554011] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.554184] kthread+0x337/0x6f0 [ 19.554353] ret_from_fork+0x116/0x1d0 [ 19.554581] ret_from_fork_asm+0x1a/0x30 [ 19.554781] [ 19.554909] freed by task 331 on cpu 0 at 19.549709s (0.005198s ago): [ 19.555212] test_corruption+0x131/0x3e0 [ 19.555481] kunit_try_run_case+0x1a5/0x480 [ 19.555667] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.555939] kthread+0x337/0x6f0 [ 19.556128] ret_from_fork+0x116/0x1d0 [ 19.556297] ret_from_fork_asm+0x1a/0x30 [ 19.556678] [ 19.556777] CPU: 0 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 19.557275] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.557523] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.557937] ================================================================== [ 19.341806] ================================================================== [ 19.342233] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 19.342233] [ 19.342924] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#84): [ 19.343821] test_corruption+0x2d2/0x3e0 [ 19.344189] kunit_try_run_case+0x1a5/0x480 [ 19.344413] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.344677] kthread+0x337/0x6f0 [ 19.344967] ret_from_fork+0x116/0x1d0 [ 19.345160] ret_from_fork_asm+0x1a/0x30 [ 19.345502] [ 19.345699] kfence-#84: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 19.345699] [ 19.346218] allocated by task 329 on cpu 0 at 19.341662s (0.004553s ago): [ 19.346819] test_alloc+0x364/0x10f0 [ 19.347053] test_corruption+0xe6/0x3e0 [ 19.347322] kunit_try_run_case+0x1a5/0x480 [ 19.347670] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.347923] kthread+0x337/0x6f0 [ 19.348087] ret_from_fork+0x116/0x1d0 [ 19.348267] ret_from_fork_asm+0x1a/0x30 [ 19.348705] [ 19.348796] freed by task 329 on cpu 0 at 19.341736s (0.007058s ago): [ 19.349215] test_corruption+0x2d2/0x3e0 [ 19.349519] kunit_try_run_case+0x1a5/0x480 [ 19.349842] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.350082] kthread+0x337/0x6f0 [ 19.350368] ret_from_fork+0x116/0x1d0 [ 19.350614] ret_from_fork_asm+0x1a/0x30 [ 19.350918] [ 19.351053] CPU: 0 UID: 0 PID: 329 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 19.351708] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.351917] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.352436] ================================================================== [ 19.653775] ================================================================== [ 19.654155] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 19.654155] [ 19.654634] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#87): [ 19.655065] test_corruption+0x216/0x3e0 [ 19.655222] kunit_try_run_case+0x1a5/0x480 [ 19.655450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.655780] kthread+0x337/0x6f0 [ 19.655922] ret_from_fork+0x116/0x1d0 [ 19.656112] ret_from_fork_asm+0x1a/0x30 [ 19.656367] [ 19.656471] kfence-#87: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.656471] [ 19.656907] allocated by task 331 on cpu 0 at 19.653666s (0.003239s ago): [ 19.657230] test_alloc+0x2a6/0x10f0 [ 19.657465] test_corruption+0x1cb/0x3e0 [ 19.657684] kunit_try_run_case+0x1a5/0x480 [ 19.657897] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.658156] kthread+0x337/0x6f0 [ 19.658367] ret_from_fork+0x116/0x1d0 [ 19.658649] ret_from_fork_asm+0x1a/0x30 [ 19.658856] [ 19.658949] freed by task 331 on cpu 0 at 19.653708s (0.005239s ago): [ 19.659159] test_corruption+0x216/0x3e0 [ 19.659304] kunit_try_run_case+0x1a5/0x480 [ 19.659462] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.659662] kthread+0x337/0x6f0 [ 19.659865] ret_from_fork+0x116/0x1d0 [ 19.660060] ret_from_fork_asm+0x1a/0x30 [ 19.660235] [ 19.660336] CPU: 0 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 19.660659] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.660798] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.661063] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 19.237785] ================================================================== [ 19.238513] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 19.238513] [ 19.238804] Invalid free of 0x(____ptrval____) (in kfence-#83): [ 19.239202] test_invalid_addr_free+0xfb/0x260 [ 19.239375] kunit_try_run_case+0x1a5/0x480 [ 19.239675] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.239896] kthread+0x337/0x6f0 [ 19.240070] ret_from_fork+0x116/0x1d0 [ 19.240288] ret_from_fork_asm+0x1a/0x30 [ 19.240556] [ 19.240662] kfence-#83: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.240662] [ 19.240987] allocated by task 327 on cpu 0 at 19.237688s (0.003297s ago): [ 19.241290] test_alloc+0x2a6/0x10f0 [ 19.241512] test_invalid_addr_free+0xdb/0x260 [ 19.241736] kunit_try_run_case+0x1a5/0x480 [ 19.241947] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.242140] kthread+0x337/0x6f0 [ 19.242297] ret_from_fork+0x116/0x1d0 [ 19.242499] ret_from_fork_asm+0x1a/0x30 [ 19.242664] [ 19.242758] CPU: 0 UID: 0 PID: 327 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 19.243458] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.243663] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.244008] ================================================================== [ 19.133769] ================================================================== [ 19.134157] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 19.134157] [ 19.134702] Invalid free of 0x(____ptrval____) (in kfence-#82): [ 19.134920] test_invalid_addr_free+0x1e1/0x260 [ 19.135209] kunit_try_run_case+0x1a5/0x480 [ 19.135426] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.135642] kthread+0x337/0x6f0 [ 19.135804] ret_from_fork+0x116/0x1d0 [ 19.135997] ret_from_fork_asm+0x1a/0x30 [ 19.136213] [ 19.136294] kfence-#82: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 19.136294] [ 19.136705] allocated by task 325 on cpu 1 at 19.133651s (0.003052s ago): [ 19.137042] test_alloc+0x364/0x10f0 [ 19.137223] test_invalid_addr_free+0xdb/0x260 [ 19.137502] kunit_try_run_case+0x1a5/0x480 [ 19.137707] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.137954] kthread+0x337/0x6f0 [ 19.138128] ret_from_fork+0x116/0x1d0 [ 19.138322] ret_from_fork_asm+0x1a/0x30 [ 19.138545] [ 19.138653] CPU: 1 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 19.139124] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.139337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.139618] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 18.925860] ================================================================== [ 18.926280] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 18.926280] [ 18.926635] Invalid free of 0x(____ptrval____) (in kfence-#80): [ 18.926941] test_double_free+0x1d3/0x260 [ 18.927129] kunit_try_run_case+0x1a5/0x480 [ 18.927338] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.927584] kthread+0x337/0x6f0 [ 18.927713] ret_from_fork+0x116/0x1d0 [ 18.927877] ret_from_fork_asm+0x1a/0x30 [ 18.928080] [ 18.928180] kfence-#80: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.928180] [ 18.928689] allocated by task 321 on cpu 1 at 18.925643s (0.003044s ago): [ 18.928935] test_alloc+0x364/0x10f0 [ 18.929108] test_double_free+0xdb/0x260 [ 18.929310] kunit_try_run_case+0x1a5/0x480 [ 18.929577] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.929816] kthread+0x337/0x6f0 [ 18.929945] ret_from_fork+0x116/0x1d0 [ 18.930136] ret_from_fork_asm+0x1a/0x30 [ 18.930323] [ 18.930436] freed by task 321 on cpu 1 at 18.925714s (0.004719s ago): [ 18.930708] test_double_free+0x1e0/0x260 [ 18.930848] kunit_try_run_case+0x1a5/0x480 [ 18.930993] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.931247] kthread+0x337/0x6f0 [ 18.931427] ret_from_fork+0x116/0x1d0 [ 18.931597] ret_from_fork_asm+0x1a/0x30 [ 18.931736] [ 18.931829] CPU: 1 UID: 0 PID: 321 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.932715] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.932903] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.933254] ================================================================== [ 19.029786] ================================================================== [ 19.030177] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 19.030177] [ 19.030644] Invalid free of 0x(____ptrval____) (in kfence-#81): [ 19.030909] test_double_free+0x112/0x260 [ 19.031099] kunit_try_run_case+0x1a5/0x480 [ 19.031286] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.031476] kthread+0x337/0x6f0 [ 19.031761] ret_from_fork+0x116/0x1d0 [ 19.031957] ret_from_fork_asm+0x1a/0x30 [ 19.032164] [ 19.032261] kfence-#81: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.032261] [ 19.032633] allocated by task 323 on cpu 1 at 19.029617s (0.003014s ago): [ 19.032910] test_alloc+0x2a6/0x10f0 [ 19.033085] test_double_free+0xdb/0x260 [ 19.033224] kunit_try_run_case+0x1a5/0x480 [ 19.033492] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.033750] kthread+0x337/0x6f0 [ 19.033895] ret_from_fork+0x116/0x1d0 [ 19.034074] ret_from_fork_asm+0x1a/0x30 [ 19.034242] [ 19.034313] freed by task 323 on cpu 1 at 19.029671s (0.004640s ago): [ 19.034579] test_double_free+0xfa/0x260 [ 19.034832] kunit_try_run_case+0x1a5/0x480 [ 19.035106] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.035375] kthread+0x337/0x6f0 [ 19.035538] ret_from_fork+0x116/0x1d0 [ 19.035672] ret_from_fork_asm+0x1a/0x30 [ 19.035813] [ 19.035909] CPU: 1 UID: 0 PID: 323 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 19.036406] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.036651] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.036971] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 18.509821] ================================================================== [ 18.510233] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 18.510233] [ 18.510789] Use-after-free read at 0x(____ptrval____) (in kfence-#76): [ 18.511069] test_use_after_free_read+0x129/0x270 [ 18.511267] kunit_try_run_case+0x1a5/0x480 [ 18.511513] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.511786] kthread+0x337/0x6f0 [ 18.511987] ret_from_fork+0x116/0x1d0 [ 18.512160] ret_from_fork_asm+0x1a/0x30 [ 18.512326] [ 18.512438] kfence-#76: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.512438] [ 18.512870] allocated by task 313 on cpu 1 at 18.509623s (0.003245s ago): [ 18.513130] test_alloc+0x364/0x10f0 [ 18.513265] test_use_after_free_read+0xdc/0x270 [ 18.513467] kunit_try_run_case+0x1a5/0x480 [ 18.513677] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.513962] kthread+0x337/0x6f0 [ 18.514104] ret_from_fork+0x116/0x1d0 [ 18.514239] ret_from_fork_asm+0x1a/0x30 [ 18.514389] [ 18.514467] freed by task 313 on cpu 1 at 18.509674s (0.004791s ago): [ 18.514806] test_use_after_free_read+0x1e7/0x270 [ 18.515038] kunit_try_run_case+0x1a5/0x480 [ 18.515207] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.515512] kthread+0x337/0x6f0 [ 18.515634] ret_from_fork+0x116/0x1d0 [ 18.515768] ret_from_fork_asm+0x1a/0x30 [ 18.515945] [ 18.516075] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.516872] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.517068] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.517512] ================================================================== [ 18.613787] ================================================================== [ 18.614185] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 18.614185] [ 18.614750] Use-after-free read at 0x(____ptrval____) (in kfence-#77): [ 18.615012] test_use_after_free_read+0x129/0x270 [ 18.615229] kunit_try_run_case+0x1a5/0x480 [ 18.615393] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.615703] kthread+0x337/0x6f0 [ 18.615881] ret_from_fork+0x116/0x1d0 [ 18.616062] ret_from_fork_asm+0x1a/0x30 [ 18.616215] [ 18.616315] kfence-#77: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.616315] [ 18.616701] allocated by task 315 on cpu 1 at 18.613670s (0.003029s ago): [ 18.616989] test_alloc+0x2a6/0x10f0 [ 18.617171] test_use_after_free_read+0xdc/0x270 [ 18.617507] kunit_try_run_case+0x1a5/0x480 [ 18.617707] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.617902] kthread+0x337/0x6f0 [ 18.618025] ret_from_fork+0x116/0x1d0 [ 18.618215] ret_from_fork_asm+0x1a/0x30 [ 18.618431] [ 18.618529] freed by task 315 on cpu 1 at 18.613714s (0.004813s ago): [ 18.618789] test_use_after_free_read+0xfb/0x270 [ 18.618979] kunit_try_run_case+0x1a5/0x480 [ 18.619191] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.619472] kthread+0x337/0x6f0 [ 18.619618] ret_from_fork+0x116/0x1d0 [ 18.619808] ret_from_fork_asm+0x1a/0x30 [ 18.619953] [ 18.620045] CPU: 1 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.620506] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.620711] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.621164] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 18.093776] ================================================================== [ 18.094174] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 18.094174] [ 18.094756] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#72): [ 18.095161] test_out_of_bounds_write+0x10d/0x260 [ 18.096020] kunit_try_run_case+0x1a5/0x480 [ 18.096270] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.096686] kthread+0x337/0x6f0 [ 18.096965] ret_from_fork+0x116/0x1d0 [ 18.097165] ret_from_fork_asm+0x1a/0x30 [ 18.097544] [ 18.097671] kfence-#72: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.097671] [ 18.098219] allocated by task 309 on cpu 0 at 18.093661s (0.004556s ago): [ 18.098794] test_alloc+0x364/0x10f0 [ 18.099074] test_out_of_bounds_write+0xd4/0x260 [ 18.099411] kunit_try_run_case+0x1a5/0x480 [ 18.099647] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.100026] kthread+0x337/0x6f0 [ 18.100209] ret_from_fork+0x116/0x1d0 [ 18.100547] ret_from_fork_asm+0x1a/0x30 [ 18.100831] [ 18.101044] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.101604] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.101887] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.102420] ================================================================== [ 18.405686] ================================================================== [ 18.406241] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 18.406241] [ 18.406680] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#75): [ 18.407174] test_out_of_bounds_write+0x10d/0x260 [ 18.407933] kunit_try_run_case+0x1a5/0x480 [ 18.408138] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.408684] kthread+0x337/0x6f0 [ 18.408865] ret_from_fork+0x116/0x1d0 [ 18.409041] ret_from_fork_asm+0x1a/0x30 [ 18.409204] [ 18.409558] kfence-#75: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.409558] [ 18.409969] allocated by task 311 on cpu 1 at 18.405627s (0.004340s ago): [ 18.410572] test_alloc+0x2a6/0x10f0 [ 18.410853] test_out_of_bounds_write+0xd4/0x260 [ 18.411154] kunit_try_run_case+0x1a5/0x480 [ 18.411468] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.411805] kthread+0x337/0x6f0 [ 18.412065] ret_from_fork+0x116/0x1d0 [ 18.412259] ret_from_fork_asm+0x1a/0x30 [ 18.412650] [ 18.412799] CPU: 1 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.413409] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.413751] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.414135] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 16.847658] ================================================================== [ 16.848060] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 16.848060] [ 16.848834] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#60): [ 16.849211] test_out_of_bounds_read+0x126/0x4e0 [ 16.849435] kunit_try_run_case+0x1a5/0x480 [ 16.849639] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.849900] kthread+0x337/0x6f0 [ 16.850064] ret_from_fork+0x116/0x1d0 [ 16.850234] ret_from_fork_asm+0x1a/0x30 [ 16.851049] [ 16.851333] kfence-#60: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.851333] [ 16.852005] allocated by task 305 on cpu 1 at 16.846549s (0.005454s ago): [ 16.852643] test_alloc+0x364/0x10f0 [ 16.853026] test_out_of_bounds_read+0xed/0x4e0 [ 16.853362] kunit_try_run_case+0x1a5/0x480 [ 16.853725] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.854117] kthread+0x337/0x6f0 [ 16.854441] ret_from_fork+0x116/0x1d0 [ 16.854778] ret_from_fork_asm+0x1a/0x30 [ 16.855016] [ 16.855373] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.855842] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.856031] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.856424] ================================================================== [ 17.261764] ================================================================== [ 17.262176] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 17.262176] [ 17.262742] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#64): [ 17.263679] test_out_of_bounds_read+0x216/0x4e0 [ 17.263913] kunit_try_run_case+0x1a5/0x480 [ 17.264139] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.264411] kthread+0x337/0x6f0 [ 17.264806] ret_from_fork+0x116/0x1d0 [ 17.265083] ret_from_fork_asm+0x1a/0x30 [ 17.265287] [ 17.265548] kfence-#64: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.265548] [ 17.266049] allocated by task 305 on cpu 1 at 17.261586s (0.004460s ago): [ 17.266515] test_alloc+0x364/0x10f0 [ 17.266703] test_out_of_bounds_read+0x1e2/0x4e0 [ 17.267058] kunit_try_run_case+0x1a5/0x480 [ 17.267268] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.267710] kthread+0x337/0x6f0 [ 17.267980] ret_from_fork+0x116/0x1d0 [ 17.268185] ret_from_fork_asm+0x1a/0x30 [ 17.268534] [ 17.268753] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.269293] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.269602] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.270002] ================================================================== [ 17.469748] ================================================================== [ 17.470147] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 17.470147] [ 17.470644] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#66): [ 17.470941] test_out_of_bounds_read+0x126/0x4e0 [ 17.471108] kunit_try_run_case+0x1a5/0x480 [ 17.471329] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.471644] kthread+0x337/0x6f0 [ 17.471825] ret_from_fork+0x116/0x1d0 [ 17.471988] ret_from_fork_asm+0x1a/0x30 [ 17.472202] [ 17.472290] kfence-#66: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.472290] [ 17.472681] allocated by task 307 on cpu 0 at 17.469684s (0.002994s ago): [ 17.472975] test_alloc+0x2a6/0x10f0 [ 17.473129] test_out_of_bounds_read+0xed/0x4e0 [ 17.473360] kunit_try_run_case+0x1a5/0x480 [ 17.473586] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.473842] kthread+0x337/0x6f0 [ 17.473963] ret_from_fork+0x116/0x1d0 [ 17.474096] ret_from_fork_asm+0x1a/0x30 [ 17.474295] [ 17.474437] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.474852] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.475054] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.475411] ================================================================== [ 17.885708] ================================================================== [ 17.886101] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 17.886101] [ 17.886614] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#70): [ 17.886922] test_out_of_bounds_read+0x216/0x4e0 [ 17.887139] kunit_try_run_case+0x1a5/0x480 [ 17.887303] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.887543] kthread+0x337/0x6f0 [ 17.887819] ret_from_fork+0x116/0x1d0 [ 17.888032] ret_from_fork_asm+0x1a/0x30 [ 17.888211] [ 17.888287] kfence-#70: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.888287] [ 17.888741] allocated by task 307 on cpu 0 at 17.885652s (0.003086s ago): [ 17.888992] test_alloc+0x2a6/0x10f0 [ 17.889185] test_out_of_bounds_read+0x1e2/0x4e0 [ 17.889434] kunit_try_run_case+0x1a5/0x480 [ 17.889594] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.889831] kthread+0x337/0x6f0 [ 17.890005] ret_from_fork+0x116/0x1d0 [ 17.890159] ret_from_fork_asm+0x1a/0x30 [ 17.890338] [ 17.890432] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.891011] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.891174] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.891634] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-kmalloc_track_caller_oob_right
[ 12.223162] ================================================================== [ 12.224195] BUG: KFENCE: memory corruption in kmalloc_track_caller_oob_right+0x288/0x520 [ 12.224195] [ 12.224675] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#32): [ 12.225688] kmalloc_track_caller_oob_right+0x288/0x520 [ 12.225948] kunit_try_run_case+0x1a5/0x480 [ 12.226141] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.226402] kthread+0x337/0x6f0 [ 12.226569] ret_from_fork+0x116/0x1d0 [ 12.226751] ret_from_fork_asm+0x1a/0x30 [ 12.226972] [ 12.227219] kfence-#32: 0x(____ptrval____)-0x(____ptrval____), size=120, cache=kmalloc-128 [ 12.227219] [ 12.227779] allocated by task 159 on cpu 1 at 12.221126s (0.006580s ago): [ 12.228199] kmalloc_track_caller_oob_right+0x19a/0x520 [ 12.228464] kunit_try_run_case+0x1a5/0x480 [ 12.228772] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.228996] kthread+0x337/0x6f0 [ 12.229167] ret_from_fork+0x116/0x1d0 [ 12.229347] ret_from_fork_asm+0x1a/0x30 [ 12.229615] [ 12.229851] freed by task 159 on cpu 1 at 12.222730s (0.007052s ago): [ 12.230122] kmalloc_track_caller_oob_right+0x288/0x520 [ 12.230390] kunit_try_run_case+0x1a5/0x480 [ 12.230616] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.230938] kthread+0x337/0x6f0 [ 12.231101] ret_from_fork+0x116/0x1d0 [ 12.231290] ret_from_fork_asm+0x1a/0x30 [ 12.231547] [ 12.231714] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.232137] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.232338] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.232729] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 16.740316] ================================================================== [ 16.740715] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 16.740942] Write of size 121 at addr ffff888103a2f000 by task kunit_try_catch/303 [ 16.741211] [ 16.741319] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.741373] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.741387] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.741408] Call Trace: [ 16.741422] <TASK> [ 16.741438] dump_stack_lvl+0x73/0xb0 [ 16.741467] print_report+0xd1/0x650 [ 16.741491] ? __virt_addr_valid+0x1db/0x2d0 [ 16.741515] ? strncpy_from_user+0x2e/0x1d0 [ 16.741579] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.741605] ? strncpy_from_user+0x2e/0x1d0 [ 16.741629] kasan_report+0x141/0x180 [ 16.741664] ? strncpy_from_user+0x2e/0x1d0 [ 16.741694] kasan_check_range+0x10c/0x1c0 [ 16.741718] __kasan_check_write+0x18/0x20 [ 16.741739] strncpy_from_user+0x2e/0x1d0 [ 16.741763] ? __kasan_check_read+0x15/0x20 [ 16.741786] copy_user_test_oob+0x760/0x10f0 [ 16.741814] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.741838] ? finish_task_switch.isra.0+0x153/0x700 [ 16.741863] ? __switch_to+0x47/0xf50 [ 16.741888] ? __schedule+0x10cc/0x2b60 [ 16.741912] ? __pfx_read_tsc+0x10/0x10 [ 16.741934] ? ktime_get_ts64+0x86/0x230 [ 16.741959] kunit_try_run_case+0x1a5/0x480 [ 16.741983] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.742008] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.742033] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.742058] ? __kthread_parkme+0x82/0x180 [ 16.742080] ? preempt_count_sub+0x50/0x80 [ 16.742104] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.742130] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.742155] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.742181] kthread+0x337/0x6f0 [ 16.742201] ? trace_preempt_on+0x20/0xc0 [ 16.742226] ? __pfx_kthread+0x10/0x10 [ 16.742248] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.742271] ? calculate_sigpending+0x7b/0xa0 [ 16.742296] ? __pfx_kthread+0x10/0x10 [ 16.742358] ret_from_fork+0x116/0x1d0 [ 16.742379] ? __pfx_kthread+0x10/0x10 [ 16.742400] ret_from_fork_asm+0x1a/0x30 [ 16.742454] </TASK> [ 16.742466] [ 16.750946] Allocated by task 303: [ 16.751134] kasan_save_stack+0x45/0x70 [ 16.751368] kasan_save_track+0x18/0x40 [ 16.751638] kasan_save_alloc_info+0x3b/0x50 [ 16.751890] __kasan_kmalloc+0xb7/0xc0 [ 16.752128] __kmalloc_noprof+0x1c9/0x500 [ 16.752386] kunit_kmalloc_array+0x25/0x60 [ 16.752609] copy_user_test_oob+0xab/0x10f0 [ 16.752822] kunit_try_run_case+0x1a5/0x480 [ 16.753061] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.753278] kthread+0x337/0x6f0 [ 16.753579] ret_from_fork+0x116/0x1d0 [ 16.753957] ret_from_fork_asm+0x1a/0x30 [ 16.754271] [ 16.754394] The buggy address belongs to the object at ffff888103a2f000 [ 16.754394] which belongs to the cache kmalloc-128 of size 128 [ 16.754861] The buggy address is located 0 bytes inside of [ 16.754861] allocated 120-byte region [ffff888103a2f000, ffff888103a2f078) [ 16.755213] [ 16.755292] The buggy address belongs to the physical page: [ 16.755743] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a2f [ 16.756505] flags: 0x200000000000000(node=0|zone=2) [ 16.756879] page_type: f5(slab) [ 16.757090] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.757420] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.757651] page dumped because: kasan: bad access detected [ 16.757820] [ 16.757914] Memory state around the buggy address: [ 16.758265] ffff888103a2ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.758848] ffff888103a2ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.759295] >ffff888103a2f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.759732] ^ [ 16.760065] ffff888103a2f080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.760292] ffff888103a2f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.760559] ================================================================== [ 16.761187] ================================================================== [ 16.761549] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 16.761845] Write of size 1 at addr ffff888103a2f078 by task kunit_try_catch/303 [ 16.762142] [ 16.762249] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.762291] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.762303] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.762323] Call Trace: [ 16.762336] <TASK> [ 16.762413] dump_stack_lvl+0x73/0xb0 [ 16.762443] print_report+0xd1/0x650 [ 16.762477] ? __virt_addr_valid+0x1db/0x2d0 [ 16.762500] ? strncpy_from_user+0x1a5/0x1d0 [ 16.762522] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.762545] ? strncpy_from_user+0x1a5/0x1d0 [ 16.762568] kasan_report+0x141/0x180 [ 16.762590] ? strncpy_from_user+0x1a5/0x1d0 [ 16.762618] __asan_report_store1_noabort+0x1b/0x30 [ 16.762644] strncpy_from_user+0x1a5/0x1d0 [ 16.762670] copy_user_test_oob+0x760/0x10f0 [ 16.762699] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.762722] ? finish_task_switch.isra.0+0x153/0x700 [ 16.762744] ? __switch_to+0x47/0xf50 [ 16.762768] ? __schedule+0x10cc/0x2b60 [ 16.762790] ? __pfx_read_tsc+0x10/0x10 [ 16.762811] ? ktime_get_ts64+0x86/0x230 [ 16.762834] kunit_try_run_case+0x1a5/0x480 [ 16.762859] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.762883] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.762907] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.762931] ? __kthread_parkme+0x82/0x180 [ 16.762952] ? preempt_count_sub+0x50/0x80 [ 16.762975] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.763058] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.763109] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.763138] kthread+0x337/0x6f0 [ 16.763160] ? trace_preempt_on+0x20/0xc0 [ 16.763184] ? __pfx_kthread+0x10/0x10 [ 16.763206] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.763229] ? calculate_sigpending+0x7b/0xa0 [ 16.763253] ? __pfx_kthread+0x10/0x10 [ 16.763276] ret_from_fork+0x116/0x1d0 [ 16.763295] ? __pfx_kthread+0x10/0x10 [ 16.763315] ret_from_fork_asm+0x1a/0x30 [ 16.763357] </TASK> [ 16.763368] [ 16.772364] Allocated by task 303: [ 16.772540] kasan_save_stack+0x45/0x70 [ 16.772747] kasan_save_track+0x18/0x40 [ 16.773064] kasan_save_alloc_info+0x3b/0x50 [ 16.773269] __kasan_kmalloc+0xb7/0xc0 [ 16.773414] __kmalloc_noprof+0x1c9/0x500 [ 16.773552] kunit_kmalloc_array+0x25/0x60 [ 16.773870] copy_user_test_oob+0xab/0x10f0 [ 16.774245] kunit_try_run_case+0x1a5/0x480 [ 16.774701] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.775004] kthread+0x337/0x6f0 [ 16.775134] ret_from_fork+0x116/0x1d0 [ 16.775393] ret_from_fork_asm+0x1a/0x30 [ 16.775651] [ 16.775749] The buggy address belongs to the object at ffff888103a2f000 [ 16.775749] which belongs to the cache kmalloc-128 of size 128 [ 16.776330] The buggy address is located 0 bytes to the right of [ 16.776330] allocated 120-byte region [ffff888103a2f000, ffff888103a2f078) [ 16.776966] [ 16.777108] The buggy address belongs to the physical page: [ 16.777462] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a2f [ 16.777747] flags: 0x200000000000000(node=0|zone=2) [ 16.777979] page_type: f5(slab) [ 16.778263] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.778700] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.779009] page dumped because: kasan: bad access detected [ 16.779233] [ 16.779316] Memory state around the buggy address: [ 16.779581] ffff888103a2ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.779944] ffff888103a2ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.780217] >ffff888103a2f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.780636] ^ [ 16.781053] ffff888103a2f080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.781416] ffff888103a2f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.781727] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 16.679369] ================================================================== [ 16.679744] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 16.680134] Read of size 121 at addr ffff888103a2f000 by task kunit_try_catch/303 [ 16.680527] [ 16.680645] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.680688] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.680713] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.680734] Call Trace: [ 16.680747] <TASK> [ 16.680791] dump_stack_lvl+0x73/0xb0 [ 16.680822] print_report+0xd1/0x650 [ 16.680845] ? __virt_addr_valid+0x1db/0x2d0 [ 16.680879] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.680904] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.680929] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.680954] kasan_report+0x141/0x180 [ 16.680977] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.681006] kasan_check_range+0x10c/0x1c0 [ 16.681031] __kasan_check_read+0x15/0x20 [ 16.681051] copy_user_test_oob+0x4aa/0x10f0 [ 16.681078] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.681102] ? finish_task_switch.isra.0+0x153/0x700 [ 16.681125] ? __switch_to+0x47/0xf50 [ 16.681151] ? __schedule+0x10cc/0x2b60 [ 16.681174] ? __pfx_read_tsc+0x10/0x10 [ 16.681196] ? ktime_get_ts64+0x86/0x230 [ 16.681220] kunit_try_run_case+0x1a5/0x480 [ 16.681245] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.681270] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.681294] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.681320] ? __kthread_parkme+0x82/0x180 [ 16.681353] ? preempt_count_sub+0x50/0x80 [ 16.681378] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.681404] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.681449] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.681490] kthread+0x337/0x6f0 [ 16.681524] ? trace_preempt_on+0x20/0xc0 [ 16.681562] ? __pfx_kthread+0x10/0x10 [ 16.681583] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.681619] ? calculate_sigpending+0x7b/0xa0 [ 16.681658] ? __pfx_kthread+0x10/0x10 [ 16.681681] ret_from_fork+0x116/0x1d0 [ 16.681711] ? __pfx_kthread+0x10/0x10 [ 16.681733] ret_from_fork_asm+0x1a/0x30 [ 16.681775] </TASK> [ 16.681786] [ 16.690186] Allocated by task 303: [ 16.690393] kasan_save_stack+0x45/0x70 [ 16.690698] kasan_save_track+0x18/0x40 [ 16.690893] kasan_save_alloc_info+0x3b/0x50 [ 16.691135] __kasan_kmalloc+0xb7/0xc0 [ 16.691371] __kmalloc_noprof+0x1c9/0x500 [ 16.691596] kunit_kmalloc_array+0x25/0x60 [ 16.691886] copy_user_test_oob+0xab/0x10f0 [ 16.692132] kunit_try_run_case+0x1a5/0x480 [ 16.692425] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.692680] kthread+0x337/0x6f0 [ 16.692834] ret_from_fork+0x116/0x1d0 [ 16.692967] ret_from_fork_asm+0x1a/0x30 [ 16.693139] [ 16.693232] The buggy address belongs to the object at ffff888103a2f000 [ 16.693232] which belongs to the cache kmalloc-128 of size 128 [ 16.693906] The buggy address is located 0 bytes inside of [ 16.693906] allocated 120-byte region [ffff888103a2f000, ffff888103a2f078) [ 16.694500] [ 16.694620] The buggy address belongs to the physical page: [ 16.694876] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a2f [ 16.695241] flags: 0x200000000000000(node=0|zone=2) [ 16.695530] page_type: f5(slab) [ 16.695727] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.696067] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.696442] page dumped because: kasan: bad access detected [ 16.696723] [ 16.696825] Memory state around the buggy address: [ 16.697017] ffff888103a2ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.697405] ffff888103a2ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.697753] >ffff888103a2f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.698046] ^ [ 16.698324] ffff888103a2f080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.698743] ffff888103a2f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.699092] ================================================================== [ 16.699761] ================================================================== [ 16.700119] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 16.700533] Write of size 121 at addr ffff888103a2f000 by task kunit_try_catch/303 [ 16.700859] [ 16.700967] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.701008] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.701021] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.701041] Call Trace: [ 16.701054] <TASK> [ 16.701067] dump_stack_lvl+0x73/0xb0 [ 16.701096] print_report+0xd1/0x650 [ 16.701119] ? __virt_addr_valid+0x1db/0x2d0 [ 16.701142] ? copy_user_test_oob+0x557/0x10f0 [ 16.701166] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.701191] ? copy_user_test_oob+0x557/0x10f0 [ 16.701216] kasan_report+0x141/0x180 [ 16.701238] ? copy_user_test_oob+0x557/0x10f0 [ 16.701295] kasan_check_range+0x10c/0x1c0 [ 16.701321] __kasan_check_write+0x18/0x20 [ 16.701376] copy_user_test_oob+0x557/0x10f0 [ 16.701424] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.701449] ? finish_task_switch.isra.0+0x153/0x700 [ 16.701472] ? __switch_to+0x47/0xf50 [ 16.701507] ? __schedule+0x10cc/0x2b60 [ 16.701530] ? __pfx_read_tsc+0x10/0x10 [ 16.701552] ? ktime_get_ts64+0x86/0x230 [ 16.701586] kunit_try_run_case+0x1a5/0x480 [ 16.701611] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.701638] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.701692] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.701719] ? __kthread_parkme+0x82/0x180 [ 16.701769] ? preempt_count_sub+0x50/0x80 [ 16.701795] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.701821] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.701848] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.701875] kthread+0x337/0x6f0 [ 16.701895] ? trace_preempt_on+0x20/0xc0 [ 16.701945] ? __pfx_kthread+0x10/0x10 [ 16.701967] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.701990] ? calculate_sigpending+0x7b/0xa0 [ 16.702048] ? __pfx_kthread+0x10/0x10 [ 16.702071] ret_from_fork+0x116/0x1d0 [ 16.702091] ? __pfx_kthread+0x10/0x10 [ 16.702123] ret_from_fork_asm+0x1a/0x30 [ 16.702154] </TASK> [ 16.702165] [ 16.710200] Allocated by task 303: [ 16.710419] kasan_save_stack+0x45/0x70 [ 16.710642] kasan_save_track+0x18/0x40 [ 16.710829] kasan_save_alloc_info+0x3b/0x50 [ 16.711073] __kasan_kmalloc+0xb7/0xc0 [ 16.711288] __kmalloc_noprof+0x1c9/0x500 [ 16.711532] kunit_kmalloc_array+0x25/0x60 [ 16.711779] copy_user_test_oob+0xab/0x10f0 [ 16.711970] kunit_try_run_case+0x1a5/0x480 [ 16.712118] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.712360] kthread+0x337/0x6f0 [ 16.712661] ret_from_fork+0x116/0x1d0 [ 16.712869] ret_from_fork_asm+0x1a/0x30 [ 16.713047] [ 16.713120] The buggy address belongs to the object at ffff888103a2f000 [ 16.713120] which belongs to the cache kmalloc-128 of size 128 [ 16.713714] The buggy address is located 0 bytes inside of [ 16.713714] allocated 120-byte region [ffff888103a2f000, ffff888103a2f078) [ 16.714289] [ 16.714379] The buggy address belongs to the physical page: [ 16.714882] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a2f [ 16.715328] flags: 0x200000000000000(node=0|zone=2) [ 16.715641] page_type: f5(slab) [ 16.715836] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.716252] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.716619] page dumped because: kasan: bad access detected [ 16.716930] [ 16.717013] Memory state around the buggy address: [ 16.717270] ffff888103a2ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.717630] ffff888103a2ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.718074] >ffff888103a2f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.718401] ^ [ 16.718797] ffff888103a2f080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.719138] ffff888103a2f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.719493] ================================================================== [ 16.720228] ================================================================== [ 16.720595] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 16.721062] Read of size 121 at addr ffff888103a2f000 by task kunit_try_catch/303 [ 16.721430] [ 16.721510] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.721551] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.721563] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.721583] Call Trace: [ 16.721600] <TASK> [ 16.721616] dump_stack_lvl+0x73/0xb0 [ 16.721645] print_report+0xd1/0x650 [ 16.721668] ? __virt_addr_valid+0x1db/0x2d0 [ 16.721689] ? copy_user_test_oob+0x604/0x10f0 [ 16.721712] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.721735] ? copy_user_test_oob+0x604/0x10f0 [ 16.721759] kasan_report+0x141/0x180 [ 16.721780] ? copy_user_test_oob+0x604/0x10f0 [ 16.721808] kasan_check_range+0x10c/0x1c0 [ 16.721832] __kasan_check_read+0x15/0x20 [ 16.721852] copy_user_test_oob+0x604/0x10f0 [ 16.721876] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.721899] ? finish_task_switch.isra.0+0x153/0x700 [ 16.721921] ? __switch_to+0x47/0xf50 [ 16.721946] ? __schedule+0x10cc/0x2b60 [ 16.721967] ? __pfx_read_tsc+0x10/0x10 [ 16.721989] ? ktime_get_ts64+0x86/0x230 [ 16.722012] kunit_try_run_case+0x1a5/0x480 [ 16.722053] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.722077] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.722102] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.722127] ? __kthread_parkme+0x82/0x180 [ 16.722149] ? preempt_count_sub+0x50/0x80 [ 16.722173] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.722199] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.722257] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.722285] kthread+0x337/0x6f0 [ 16.722331] ? trace_preempt_on+0x20/0xc0 [ 16.722379] ? __pfx_kthread+0x10/0x10 [ 16.722431] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.722455] ? calculate_sigpending+0x7b/0xa0 [ 16.722507] ? __pfx_kthread+0x10/0x10 [ 16.722555] ret_from_fork+0x116/0x1d0 [ 16.722576] ? __pfx_kthread+0x10/0x10 [ 16.722614] ret_from_fork_asm+0x1a/0x30 [ 16.722695] </TASK> [ 16.722707] [ 16.731014] Allocated by task 303: [ 16.731217] kasan_save_stack+0x45/0x70 [ 16.731395] kasan_save_track+0x18/0x40 [ 16.731629] kasan_save_alloc_info+0x3b/0x50 [ 16.731841] __kasan_kmalloc+0xb7/0xc0 [ 16.732054] __kmalloc_noprof+0x1c9/0x500 [ 16.732250] kunit_kmalloc_array+0x25/0x60 [ 16.732474] copy_user_test_oob+0xab/0x10f0 [ 16.732729] kunit_try_run_case+0x1a5/0x480 [ 16.732981] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.733271] kthread+0x337/0x6f0 [ 16.733451] ret_from_fork+0x116/0x1d0 [ 16.733767] ret_from_fork_asm+0x1a/0x30 [ 16.733962] [ 16.734056] The buggy address belongs to the object at ffff888103a2f000 [ 16.734056] which belongs to the cache kmalloc-128 of size 128 [ 16.734580] The buggy address is located 0 bytes inside of [ 16.734580] allocated 120-byte region [ffff888103a2f000, ffff888103a2f078) [ 16.734980] [ 16.735051] The buggy address belongs to the physical page: [ 16.735215] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a2f [ 16.735457] flags: 0x200000000000000(node=0|zone=2) [ 16.735750] page_type: f5(slab) [ 16.735917] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.736364] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.736831] page dumped because: kasan: bad access detected [ 16.737139] [ 16.737299] Memory state around the buggy address: [ 16.737583] ffff888103a2ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.737950] ffff888103a2ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.738269] >ffff888103a2f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.738664] ^ [ 16.739024] ffff888103a2f080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.739254] ffff888103a2f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.739622] ================================================================== [ 16.658971] ================================================================== [ 16.659292] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 16.659714] Write of size 121 at addr ffff888103a2f000 by task kunit_try_catch/303 [ 16.660087] [ 16.660251] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.660367] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.660382] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.660403] Call Trace: [ 16.660418] <TASK> [ 16.660433] dump_stack_lvl+0x73/0xb0 [ 16.660464] print_report+0xd1/0x650 [ 16.660488] ? __virt_addr_valid+0x1db/0x2d0 [ 16.660513] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.660537] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.660607] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.660633] kasan_report+0x141/0x180 [ 16.660666] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.660696] kasan_check_range+0x10c/0x1c0 [ 16.660721] __kasan_check_write+0x18/0x20 [ 16.660741] copy_user_test_oob+0x3fd/0x10f0 [ 16.660768] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.660792] ? finish_task_switch.isra.0+0x153/0x700 [ 16.660817] ? __switch_to+0x47/0xf50 [ 16.660843] ? __schedule+0x10cc/0x2b60 [ 16.660867] ? __pfx_read_tsc+0x10/0x10 [ 16.660888] ? ktime_get_ts64+0x86/0x230 [ 16.660912] kunit_try_run_case+0x1a5/0x480 [ 16.660937] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.660962] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.660987] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.661012] ? __kthread_parkme+0x82/0x180 [ 16.661034] ? preempt_count_sub+0x50/0x80 [ 16.661059] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.661085] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.661111] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.661137] kthread+0x337/0x6f0 [ 16.661157] ? trace_preempt_on+0x20/0xc0 [ 16.661181] ? __pfx_kthread+0x10/0x10 [ 16.661203] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.661226] ? calculate_sigpending+0x7b/0xa0 [ 16.661251] ? __pfx_kthread+0x10/0x10 [ 16.661273] ret_from_fork+0x116/0x1d0 [ 16.661293] ? __pfx_kthread+0x10/0x10 [ 16.661315] ret_from_fork_asm+0x1a/0x30 [ 16.661355] </TASK> [ 16.661367] [ 16.669913] Allocated by task 303: [ 16.670121] kasan_save_stack+0x45/0x70 [ 16.670376] kasan_save_track+0x18/0x40 [ 16.670572] kasan_save_alloc_info+0x3b/0x50 [ 16.670830] __kasan_kmalloc+0xb7/0xc0 [ 16.671062] __kmalloc_noprof+0x1c9/0x500 [ 16.671363] kunit_kmalloc_array+0x25/0x60 [ 16.671539] copy_user_test_oob+0xab/0x10f0 [ 16.671687] kunit_try_run_case+0x1a5/0x480 [ 16.671852] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.672106] kthread+0x337/0x6f0 [ 16.672361] ret_from_fork+0x116/0x1d0 [ 16.672727] ret_from_fork_asm+0x1a/0x30 [ 16.672925] [ 16.673007] The buggy address belongs to the object at ffff888103a2f000 [ 16.673007] which belongs to the cache kmalloc-128 of size 128 [ 16.673623] The buggy address is located 0 bytes inside of [ 16.673623] allocated 120-byte region [ffff888103a2f000, ffff888103a2f078) [ 16.674152] [ 16.674234] The buggy address belongs to the physical page: [ 16.674444] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a2f [ 16.674807] flags: 0x200000000000000(node=0|zone=2) [ 16.675020] page_type: f5(slab) [ 16.675215] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.675584] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.675917] page dumped because: kasan: bad access detected [ 16.676277] [ 16.676378] Memory state around the buggy address: [ 16.676592] ffff888103a2ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.676806] ffff888103a2ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.677263] >ffff888103a2f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.677760] ^ [ 16.678167] ffff888103a2f080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.678439] ffff888103a2f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.678822] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 16.634231] ================================================================== [ 16.634688] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x3c/0x70 [ 16.635017] Read of size 121 at addr ffff888103a2f000 by task kunit_try_catch/303 [ 16.635421] [ 16.635551] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.635644] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.635657] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.635688] Call Trace: [ 16.635715] <TASK> [ 16.635730] dump_stack_lvl+0x73/0xb0 [ 16.635761] print_report+0xd1/0x650 [ 16.635846] ? __virt_addr_valid+0x1db/0x2d0 [ 16.635870] ? _copy_to_user+0x3c/0x70 [ 16.635908] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.635933] ? _copy_to_user+0x3c/0x70 [ 16.635954] kasan_report+0x141/0x180 [ 16.635976] ? _copy_to_user+0x3c/0x70 [ 16.636001] kasan_check_range+0x10c/0x1c0 [ 16.636026] __kasan_check_read+0x15/0x20 [ 16.636046] _copy_to_user+0x3c/0x70 [ 16.636068] copy_user_test_oob+0x364/0x10f0 [ 16.636095] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.636119] ? finish_task_switch.isra.0+0x153/0x700 [ 16.636143] ? __switch_to+0x47/0xf50 [ 16.636174] ? __schedule+0x10cc/0x2b60 [ 16.636197] ? __pfx_read_tsc+0x10/0x10 [ 16.636220] ? ktime_get_ts64+0x86/0x230 [ 16.636244] kunit_try_run_case+0x1a5/0x480 [ 16.636269] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.636293] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.636319] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.636357] ? __kthread_parkme+0x82/0x180 [ 16.636379] ? preempt_count_sub+0x50/0x80 [ 16.636403] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.636441] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.636468] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.636495] kthread+0x337/0x6f0 [ 16.636515] ? trace_preempt_on+0x20/0xc0 [ 16.636539] ? __pfx_kthread+0x10/0x10 [ 16.636561] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.636584] ? calculate_sigpending+0x7b/0xa0 [ 16.636609] ? __pfx_kthread+0x10/0x10 [ 16.636632] ret_from_fork+0x116/0x1d0 [ 16.636652] ? __pfx_kthread+0x10/0x10 [ 16.636674] ret_from_fork_asm+0x1a/0x30 [ 16.636705] </TASK> [ 16.636716] [ 16.645424] Allocated by task 303: [ 16.645747] kasan_save_stack+0x45/0x70 [ 16.645997] kasan_save_track+0x18/0x40 [ 16.646204] kasan_save_alloc_info+0x3b/0x50 [ 16.646742] __kasan_kmalloc+0xb7/0xc0 [ 16.646899] __kmalloc_noprof+0x1c9/0x500 [ 16.647040] kunit_kmalloc_array+0x25/0x60 [ 16.647247] copy_user_test_oob+0xab/0x10f0 [ 16.647682] kunit_try_run_case+0x1a5/0x480 [ 16.647971] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.648219] kthread+0x337/0x6f0 [ 16.648420] ret_from_fork+0x116/0x1d0 [ 16.648628] ret_from_fork_asm+0x1a/0x30 [ 16.648863] [ 16.648963] The buggy address belongs to the object at ffff888103a2f000 [ 16.648963] which belongs to the cache kmalloc-128 of size 128 [ 16.649566] The buggy address is located 0 bytes inside of [ 16.649566] allocated 120-byte region [ffff888103a2f000, ffff888103a2f078) [ 16.650110] [ 16.650198] The buggy address belongs to the physical page: [ 16.650412] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a2f [ 16.650691] flags: 0x200000000000000(node=0|zone=2) [ 16.650926] page_type: f5(slab) [ 16.651053] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.651463] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.651749] page dumped because: kasan: bad access detected [ 16.651968] [ 16.652060] Memory state around the buggy address: [ 16.652553] ffff888103a2ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.652853] ffff888103a2ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.653129] >ffff888103a2f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.653495] ^ [ 16.653945] ffff888103a2f080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.654202] ffff888103a2f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.654645] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 16.602265] ================================================================== [ 16.603032] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 16.603796] Write of size 121 at addr ffff888103a2f000 by task kunit_try_catch/303 [ 16.604148] [ 16.604463] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.604670] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.604685] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.604709] Call Trace: [ 16.604724] <TASK> [ 16.604746] dump_stack_lvl+0x73/0xb0 [ 16.604781] print_report+0xd1/0x650 [ 16.604807] ? __virt_addr_valid+0x1db/0x2d0 [ 16.604833] ? _copy_from_user+0x32/0x90 [ 16.604853] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.604879] ? _copy_from_user+0x32/0x90 [ 16.604900] kasan_report+0x141/0x180 [ 16.604922] ? _copy_from_user+0x32/0x90 [ 16.604947] kasan_check_range+0x10c/0x1c0 [ 16.604972] __kasan_check_write+0x18/0x20 [ 16.604993] _copy_from_user+0x32/0x90 [ 16.605015] copy_user_test_oob+0x2be/0x10f0 [ 16.605042] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.605067] ? finish_task_switch.isra.0+0x153/0x700 [ 16.605092] ? __switch_to+0x47/0xf50 [ 16.605119] ? __schedule+0x10cc/0x2b60 [ 16.605143] ? __pfx_read_tsc+0x10/0x10 [ 16.605166] ? ktime_get_ts64+0x86/0x230 [ 16.605192] kunit_try_run_case+0x1a5/0x480 [ 16.605217] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.605241] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.605266] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.605292] ? __kthread_parkme+0x82/0x180 [ 16.605315] ? preempt_count_sub+0x50/0x80 [ 16.605446] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.605480] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.605508] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.605535] kthread+0x337/0x6f0 [ 16.605555] ? trace_preempt_on+0x20/0xc0 [ 16.605581] ? __pfx_kthread+0x10/0x10 [ 16.605603] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.605627] ? calculate_sigpending+0x7b/0xa0 [ 16.605653] ? __pfx_kthread+0x10/0x10 [ 16.605676] ret_from_fork+0x116/0x1d0 [ 16.605696] ? __pfx_kthread+0x10/0x10 [ 16.605718] ret_from_fork_asm+0x1a/0x30 [ 16.605750] </TASK> [ 16.605763] [ 16.617446] Allocated by task 303: [ 16.617843] kasan_save_stack+0x45/0x70 [ 16.618309] kasan_save_track+0x18/0x40 [ 16.618868] kasan_save_alloc_info+0x3b/0x50 [ 16.619417] __kasan_kmalloc+0xb7/0xc0 [ 16.619567] __kmalloc_noprof+0x1c9/0x500 [ 16.619983] kunit_kmalloc_array+0x25/0x60 [ 16.620192] copy_user_test_oob+0xab/0x10f0 [ 16.620644] kunit_try_run_case+0x1a5/0x480 [ 16.620858] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.621191] kthread+0x337/0x6f0 [ 16.621321] ret_from_fork+0x116/0x1d0 [ 16.621607] ret_from_fork_asm+0x1a/0x30 [ 16.622113] [ 16.622211] The buggy address belongs to the object at ffff888103a2f000 [ 16.622211] which belongs to the cache kmalloc-128 of size 128 [ 16.622990] The buggy address is located 0 bytes inside of [ 16.622990] allocated 120-byte region [ffff888103a2f000, ffff888103a2f078) [ 16.623794] [ 16.624009] The buggy address belongs to the physical page: [ 16.624223] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a2f [ 16.624805] flags: 0x200000000000000(node=0|zone=2) [ 16.625149] page_type: f5(slab) [ 16.625490] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.625998] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.626467] page dumped because: kasan: bad access detected [ 16.626913] [ 16.627006] Memory state around the buggy address: [ 16.627235] ffff888103a2ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.627801] ffff888103a2ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.628117] >ffff888103a2f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.628768] ^ [ 16.629185] ffff888103a2f080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.629772] ffff888103a2f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.630234] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 16.559508] ================================================================== [ 16.559951] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 16.560556] Write of size 8 at addr ffff8881027a3f78 by task kunit_try_catch/299 [ 16.562789] [ 16.562910] CPU: 0 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.562955] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.562968] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.562989] Call Trace: [ 16.563003] <TASK> [ 16.563019] dump_stack_lvl+0x73/0xb0 [ 16.563050] print_report+0xd1/0x650 [ 16.563074] ? __virt_addr_valid+0x1db/0x2d0 [ 16.563097] ? copy_to_kernel_nofault+0x99/0x260 [ 16.563121] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.563147] ? copy_to_kernel_nofault+0x99/0x260 [ 16.563172] kasan_report+0x141/0x180 [ 16.563195] ? copy_to_kernel_nofault+0x99/0x260 [ 16.563224] kasan_check_range+0x10c/0x1c0 [ 16.563249] __kasan_check_write+0x18/0x20 [ 16.563269] copy_to_kernel_nofault+0x99/0x260 [ 16.563296] copy_to_kernel_nofault_oob+0x288/0x560 [ 16.563321] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.563359] ? finish_task_switch.isra.0+0x153/0x700 [ 16.563383] ? __schedule+0x10cc/0x2b60 [ 16.563406] ? trace_hardirqs_on+0x37/0xe0 [ 16.563437] ? __pfx_read_tsc+0x10/0x10 [ 16.563459] ? ktime_get_ts64+0x86/0x230 [ 16.563483] kunit_try_run_case+0x1a5/0x480 [ 16.563508] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.564604] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.564646] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.564674] ? __kthread_parkme+0x82/0x180 [ 16.564698] ? preempt_count_sub+0x50/0x80 [ 16.564723] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.564749] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.564776] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.564803] kthread+0x337/0x6f0 [ 16.564823] ? trace_preempt_on+0x20/0xc0 [ 16.564848] ? __pfx_kthread+0x10/0x10 [ 16.564870] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.564893] ? calculate_sigpending+0x7b/0xa0 [ 16.564919] ? __pfx_kthread+0x10/0x10 [ 16.564941] ret_from_fork+0x116/0x1d0 [ 16.564961] ? __pfx_kthread+0x10/0x10 [ 16.564982] ret_from_fork_asm+0x1a/0x30 [ 16.565013] </TASK> [ 16.565025] [ 16.577156] Allocated by task 299: [ 16.577617] kasan_save_stack+0x45/0x70 [ 16.577939] kasan_save_track+0x18/0x40 [ 16.578246] kasan_save_alloc_info+0x3b/0x50 [ 16.578731] __kasan_kmalloc+0xb7/0xc0 [ 16.579040] __kmalloc_cache_noprof+0x189/0x420 [ 16.579266] copy_to_kernel_nofault_oob+0x12f/0x560 [ 16.579857] kunit_try_run_case+0x1a5/0x480 [ 16.580061] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.580503] kthread+0x337/0x6f0 [ 16.580783] ret_from_fork+0x116/0x1d0 [ 16.580962] ret_from_fork_asm+0x1a/0x30 [ 16.581130] [ 16.581233] The buggy address belongs to the object at ffff8881027a3f00 [ 16.581233] which belongs to the cache kmalloc-128 of size 128 [ 16.582144] The buggy address is located 0 bytes to the right of [ 16.582144] allocated 120-byte region [ffff8881027a3f00, ffff8881027a3f78) [ 16.583009] [ 16.583241] The buggy address belongs to the physical page: [ 16.583741] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a3 [ 16.584237] flags: 0x200000000000000(node=0|zone=2) [ 16.584455] page_type: f5(slab) [ 16.584986] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.585596] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.585951] page dumped because: kasan: bad access detected [ 16.586327] [ 16.586618] Memory state around the buggy address: [ 16.587035] ffff8881027a3e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.587646] ffff8881027a3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.587940] >ffff8881027a3f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.588387] ^ [ 16.588901] ffff8881027a3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.589355] ffff8881027a4000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.589923] ================================================================== [ 16.528187] ================================================================== [ 16.529519] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 16.530479] Read of size 8 at addr ffff8881027a3f78 by task kunit_try_catch/299 [ 16.530959] [ 16.531060] CPU: 0 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.531108] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.531121] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.531143] Call Trace: [ 16.531157] <TASK> [ 16.531176] dump_stack_lvl+0x73/0xb0 [ 16.531210] print_report+0xd1/0x650 [ 16.531236] ? __virt_addr_valid+0x1db/0x2d0 [ 16.531261] ? copy_to_kernel_nofault+0x225/0x260 [ 16.531287] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.531313] ? copy_to_kernel_nofault+0x225/0x260 [ 16.531351] kasan_report+0x141/0x180 [ 16.531375] ? copy_to_kernel_nofault+0x225/0x260 [ 16.531405] __asan_report_load8_noabort+0x18/0x20 [ 16.531431] copy_to_kernel_nofault+0x225/0x260 [ 16.531458] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 16.531507] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.531533] ? finish_task_switch.isra.0+0x153/0x700 [ 16.531559] ? __schedule+0x10cc/0x2b60 [ 16.531583] ? trace_hardirqs_on+0x37/0xe0 [ 16.531725] ? __pfx_read_tsc+0x10/0x10 [ 16.531760] ? ktime_get_ts64+0x86/0x230 [ 16.531788] kunit_try_run_case+0x1a5/0x480 [ 16.531816] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.531841] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.531867] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.531893] ? __kthread_parkme+0x82/0x180 [ 16.531916] ? preempt_count_sub+0x50/0x80 [ 16.531940] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.531966] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.531992] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.532018] kthread+0x337/0x6f0 [ 16.532038] ? trace_preempt_on+0x20/0xc0 [ 16.532062] ? __pfx_kthread+0x10/0x10 [ 16.532084] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.532107] ? calculate_sigpending+0x7b/0xa0 [ 16.532132] ? __pfx_kthread+0x10/0x10 [ 16.532154] ret_from_fork+0x116/0x1d0 [ 16.532180] ? __pfx_kthread+0x10/0x10 [ 16.532201] ret_from_fork_asm+0x1a/0x30 [ 16.532234] </TASK> [ 16.532245] [ 16.546494] Allocated by task 299: [ 16.546976] kasan_save_stack+0x45/0x70 [ 16.547189] kasan_save_track+0x18/0x40 [ 16.547520] kasan_save_alloc_info+0x3b/0x50 [ 16.547720] __kasan_kmalloc+0xb7/0xc0 [ 16.547910] __kmalloc_cache_noprof+0x189/0x420 [ 16.548107] copy_to_kernel_nofault_oob+0x12f/0x560 [ 16.548328] kunit_try_run_case+0x1a5/0x480 [ 16.548868] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.549182] kthread+0x337/0x6f0 [ 16.549391] ret_from_fork+0x116/0x1d0 [ 16.549756] ret_from_fork_asm+0x1a/0x30 [ 16.550042] [ 16.550252] The buggy address belongs to the object at ffff8881027a3f00 [ 16.550252] which belongs to the cache kmalloc-128 of size 128 [ 16.551128] The buggy address is located 0 bytes to the right of [ 16.551128] allocated 120-byte region [ffff8881027a3f00, ffff8881027a3f78) [ 16.552001] [ 16.552302] The buggy address belongs to the physical page: [ 16.552768] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a3 [ 16.553215] flags: 0x200000000000000(node=0|zone=2) [ 16.553704] page_type: f5(slab) [ 16.553863] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.554243] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.554801] page dumped because: kasan: bad access detected [ 16.555199] [ 16.555287] Memory state around the buggy address: [ 16.555777] ffff8881027a3e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.556640] ffff8881027a3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.556932] >ffff8881027a3f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.557144] ^ [ 16.557458] ffff8881027a3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.557675] ffff8881027a4000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.557882] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 16.488272] ================================================================== [ 16.488870] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 16.489423] Read of size 8 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 16.489857] [ 16.489957] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.489998] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.490010] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.490031] Call Trace: [ 16.490045] <TASK> [ 16.490060] dump_stack_lvl+0x73/0xb0 [ 16.490091] print_report+0xd1/0x650 [ 16.490114] ? __virt_addr_valid+0x1db/0x2d0 [ 16.490138] ? kasan_atomics_helper+0x5115/0x5450 [ 16.490161] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.490186] ? kasan_atomics_helper+0x5115/0x5450 [ 16.490209] kasan_report+0x141/0x180 [ 16.490232] ? kasan_atomics_helper+0x5115/0x5450 [ 16.490260] __asan_report_load8_noabort+0x18/0x20 [ 16.490286] kasan_atomics_helper+0x5115/0x5450 [ 16.490310] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.490335] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.490376] ? kasan_atomics+0x152/0x310 [ 16.490404] kasan_atomics+0x1dc/0x310 [ 16.490429] ? __pfx_kasan_atomics+0x10/0x10 [ 16.490454] ? __pfx_read_tsc+0x10/0x10 [ 16.490476] ? ktime_get_ts64+0x86/0x230 [ 16.490502] kunit_try_run_case+0x1a5/0x480 [ 16.490527] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.490551] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.490576] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.490602] ? __kthread_parkme+0x82/0x180 [ 16.490624] ? preempt_count_sub+0x50/0x80 [ 16.490649] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.490675] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.490701] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.490727] kthread+0x337/0x6f0 [ 16.490747] ? trace_preempt_on+0x20/0xc0 [ 16.490772] ? __pfx_kthread+0x10/0x10 [ 16.490793] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.490817] ? calculate_sigpending+0x7b/0xa0 [ 16.490842] ? __pfx_kthread+0x10/0x10 [ 16.490864] ret_from_fork+0x116/0x1d0 [ 16.490884] ? __pfx_kthread+0x10/0x10 [ 16.490905] ret_from_fork_asm+0x1a/0x30 [ 16.490938] </TASK> [ 16.490949] [ 16.499101] Allocated by task 283: [ 16.499300] kasan_save_stack+0x45/0x70 [ 16.499615] kasan_save_track+0x18/0x40 [ 16.499813] kasan_save_alloc_info+0x3b/0x50 [ 16.500038] __kasan_kmalloc+0xb7/0xc0 [ 16.500254] __kmalloc_cache_noprof+0x189/0x420 [ 16.500553] kasan_atomics+0x95/0x310 [ 16.500770] kunit_try_run_case+0x1a5/0x480 [ 16.500998] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.501282] kthread+0x337/0x6f0 [ 16.501514] ret_from_fork+0x116/0x1d0 [ 16.501708] ret_from_fork_asm+0x1a/0x30 [ 16.501906] [ 16.502047] The buggy address belongs to the object at ffff8881039b8c80 [ 16.502047] which belongs to the cache kmalloc-64 of size 64 [ 16.502592] The buggy address is located 0 bytes to the right of [ 16.502592] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 16.503151] [ 16.503259] The buggy address belongs to the physical page: [ 16.503556] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 16.503965] flags: 0x200000000000000(node=0|zone=2) [ 16.504236] page_type: f5(slab) [ 16.504471] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.504828] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.505166] page dumped because: kasan: bad access detected [ 16.505373] [ 16.505531] Memory state around the buggy address: [ 16.505758] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.506017] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.506233] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.506747] ^ [ 16.507006] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.507389] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.507744] ================================================================== [ 15.575551] ================================================================== [ 15.575884] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 15.576231] Write of size 4 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 15.576634] [ 15.576750] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.576792] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.576805] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.576826] Call Trace: [ 15.576840] <TASK> [ 15.576855] dump_stack_lvl+0x73/0xb0 [ 15.576886] print_report+0xd1/0x650 [ 15.576908] ? __virt_addr_valid+0x1db/0x2d0 [ 15.576932] ? kasan_atomics_helper+0xde0/0x5450 [ 15.576956] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.576980] ? kasan_atomics_helper+0xde0/0x5450 [ 15.577004] kasan_report+0x141/0x180 [ 15.577026] ? kasan_atomics_helper+0xde0/0x5450 [ 15.577054] kasan_check_range+0x10c/0x1c0 [ 15.577079] __kasan_check_write+0x18/0x20 [ 15.577099] kasan_atomics_helper+0xde0/0x5450 [ 15.577123] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.577147] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.577173] ? kasan_atomics+0x152/0x310 [ 15.577200] kasan_atomics+0x1dc/0x310 [ 15.577224] ? __pfx_kasan_atomics+0x10/0x10 [ 15.577250] ? __pfx_read_tsc+0x10/0x10 [ 15.577273] ? ktime_get_ts64+0x86/0x230 [ 15.577297] kunit_try_run_case+0x1a5/0x480 [ 15.577322] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.577361] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.577387] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.577455] ? __kthread_parkme+0x82/0x180 [ 15.577480] ? preempt_count_sub+0x50/0x80 [ 15.577505] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.577532] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.577559] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.577586] kthread+0x337/0x6f0 [ 15.577606] ? trace_preempt_on+0x20/0xc0 [ 15.577630] ? __pfx_kthread+0x10/0x10 [ 15.577652] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.577675] ? calculate_sigpending+0x7b/0xa0 [ 15.577700] ? __pfx_kthread+0x10/0x10 [ 15.577723] ret_from_fork+0x116/0x1d0 [ 15.577743] ? __pfx_kthread+0x10/0x10 [ 15.577765] ret_from_fork_asm+0x1a/0x30 [ 15.577797] </TASK> [ 15.577808] [ 15.585188] Allocated by task 283: [ 15.585319] kasan_save_stack+0x45/0x70 [ 15.585534] kasan_save_track+0x18/0x40 [ 15.585732] kasan_save_alloc_info+0x3b/0x50 [ 15.585949] __kasan_kmalloc+0xb7/0xc0 [ 15.586388] __kmalloc_cache_noprof+0x189/0x420 [ 15.586628] kasan_atomics+0x95/0x310 [ 15.587138] kunit_try_run_case+0x1a5/0x480 [ 15.588122] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.588635] kthread+0x337/0x6f0 [ 15.589119] ret_from_fork+0x116/0x1d0 [ 15.589775] ret_from_fork_asm+0x1a/0x30 [ 15.590377] [ 15.590505] The buggy address belongs to the object at ffff8881039b8c80 [ 15.590505] which belongs to the cache kmalloc-64 of size 64 [ 15.590867] The buggy address is located 0 bytes to the right of [ 15.590867] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 15.591235] [ 15.591309] The buggy address belongs to the physical page: [ 15.592533] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.593798] flags: 0x200000000000000(node=0|zone=2) [ 15.594573] page_type: f5(slab) [ 15.594962] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.595999] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.597061] page dumped because: kasan: bad access detected [ 15.597609] [ 15.597690] Memory state around the buggy address: [ 15.597848] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.598947] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.599848] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.600510] ^ [ 15.601042] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.601536] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.601757] ================================================================== [ 16.200625] ================================================================== [ 16.200961] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 16.201566] Read of size 8 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 16.201867] [ 16.201977] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.202018] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.202030] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.202051] Call Trace: [ 16.202066] <TASK> [ 16.202081] dump_stack_lvl+0x73/0xb0 [ 16.202132] print_report+0xd1/0x650 [ 16.202170] ? __virt_addr_valid+0x1db/0x2d0 [ 16.202209] ? kasan_atomics_helper+0x4f30/0x5450 [ 16.202245] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.202297] ? kasan_atomics_helper+0x4f30/0x5450 [ 16.202333] kasan_report+0x141/0x180 [ 16.202382] ? kasan_atomics_helper+0x4f30/0x5450 [ 16.202423] __asan_report_load8_noabort+0x18/0x20 [ 16.202464] kasan_atomics_helper+0x4f30/0x5450 [ 16.202488] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.202513] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.202538] ? kasan_atomics+0x152/0x310 [ 16.202566] kasan_atomics+0x1dc/0x310 [ 16.202590] ? __pfx_kasan_atomics+0x10/0x10 [ 16.202616] ? __pfx_read_tsc+0x10/0x10 [ 16.202638] ? ktime_get_ts64+0x86/0x230 [ 16.202663] kunit_try_run_case+0x1a5/0x480 [ 16.202688] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.202711] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.202738] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.202764] ? __kthread_parkme+0x82/0x180 [ 16.202785] ? preempt_count_sub+0x50/0x80 [ 16.202821] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.202846] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.202871] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.202899] kthread+0x337/0x6f0 [ 16.202919] ? trace_preempt_on+0x20/0xc0 [ 16.202943] ? __pfx_kthread+0x10/0x10 [ 16.202964] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.202987] ? calculate_sigpending+0x7b/0xa0 [ 16.203012] ? __pfx_kthread+0x10/0x10 [ 16.203034] ret_from_fork+0x116/0x1d0 [ 16.203054] ? __pfx_kthread+0x10/0x10 [ 16.203076] ret_from_fork_asm+0x1a/0x30 [ 16.203107] </TASK> [ 16.203118] [ 16.211892] Allocated by task 283: [ 16.212073] kasan_save_stack+0x45/0x70 [ 16.212265] kasan_save_track+0x18/0x40 [ 16.212805] kasan_save_alloc_info+0x3b/0x50 [ 16.213053] __kasan_kmalloc+0xb7/0xc0 [ 16.213480] __kmalloc_cache_noprof+0x189/0x420 [ 16.213763] kasan_atomics+0x95/0x310 [ 16.213952] kunit_try_run_case+0x1a5/0x480 [ 16.214143] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.214695] kthread+0x337/0x6f0 [ 16.215004] ret_from_fork+0x116/0x1d0 [ 16.215318] ret_from_fork_asm+0x1a/0x30 [ 16.215704] [ 16.215801] The buggy address belongs to the object at ffff8881039b8c80 [ 16.215801] which belongs to the cache kmalloc-64 of size 64 [ 16.216274] The buggy address is located 0 bytes to the right of [ 16.216274] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 16.217510] [ 16.217600] The buggy address belongs to the physical page: [ 16.217980] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 16.218602] flags: 0x200000000000000(node=0|zone=2) [ 16.218963] page_type: f5(slab) [ 16.219249] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.219925] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.220380] page dumped because: kasan: bad access detected [ 16.220889] [ 16.220993] Memory state around the buggy address: [ 16.221333] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.222131] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.222584] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.222875] ^ [ 16.223063] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.223356] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.224194] ================================================================== [ 16.247913] ================================================================== [ 16.248548] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 16.248932] Write of size 8 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 16.249244] [ 16.249380] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.249424] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.249437] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.249478] Call Trace: [ 16.249493] <TASK> [ 16.249508] dump_stack_lvl+0x73/0xb0 [ 16.249539] print_report+0xd1/0x650 [ 16.249562] ? __virt_addr_valid+0x1db/0x2d0 [ 16.249585] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.249608] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.249649] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.249686] kasan_report+0x141/0x180 [ 16.249723] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.249777] kasan_check_range+0x10c/0x1c0 [ 16.249803] __kasan_check_write+0x18/0x20 [ 16.249837] kasan_atomics_helper+0x1d7a/0x5450 [ 16.249875] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.249913] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.249952] ? kasan_atomics+0x152/0x310 [ 16.249979] kasan_atomics+0x1dc/0x310 [ 16.250003] ? __pfx_kasan_atomics+0x10/0x10 [ 16.250028] ? __pfx_read_tsc+0x10/0x10 [ 16.250051] ? ktime_get_ts64+0x86/0x230 [ 16.250075] kunit_try_run_case+0x1a5/0x480 [ 16.250100] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.250124] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.250148] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.250174] ? __kthread_parkme+0x82/0x180 [ 16.250195] ? preempt_count_sub+0x50/0x80 [ 16.250219] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.250245] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.250271] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.250297] kthread+0x337/0x6f0 [ 16.250317] ? trace_preempt_on+0x20/0xc0 [ 16.250351] ? __pfx_kthread+0x10/0x10 [ 16.250373] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.250396] ? calculate_sigpending+0x7b/0xa0 [ 16.250431] ? __pfx_kthread+0x10/0x10 [ 16.250454] ret_from_fork+0x116/0x1d0 [ 16.250473] ? __pfx_kthread+0x10/0x10 [ 16.250495] ret_from_fork_asm+0x1a/0x30 [ 16.250545] </TASK> [ 16.250556] [ 16.258318] Allocated by task 283: [ 16.258459] kasan_save_stack+0x45/0x70 [ 16.258604] kasan_save_track+0x18/0x40 [ 16.258740] kasan_save_alloc_info+0x3b/0x50 [ 16.258952] __kasan_kmalloc+0xb7/0xc0 [ 16.259145] __kmalloc_cache_noprof+0x189/0x420 [ 16.259407] kasan_atomics+0x95/0x310 [ 16.259705] kunit_try_run_case+0x1a5/0x480 [ 16.259877] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.260052] kthread+0x337/0x6f0 [ 16.260176] ret_from_fork+0x116/0x1d0 [ 16.260309] ret_from_fork_asm+0x1a/0x30 [ 16.260736] [ 16.260836] The buggy address belongs to the object at ffff8881039b8c80 [ 16.260836] which belongs to the cache kmalloc-64 of size 64 [ 16.261408] The buggy address is located 0 bytes to the right of [ 16.261408] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 16.262037] [ 16.262168] The buggy address belongs to the physical page: [ 16.262451] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 16.263077] flags: 0x200000000000000(node=0|zone=2) [ 16.263314] page_type: f5(slab) [ 16.263608] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.263950] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.264201] page dumped because: kasan: bad access detected [ 16.264388] [ 16.264574] Memory state around the buggy address: [ 16.264807] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.265153] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.265543] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.265800] ^ [ 16.265957] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.266173] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.266597] ================================================================== [ 15.379496] ================================================================== [ 15.379841] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 15.380178] Write of size 4 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 15.380611] [ 15.380727] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.380768] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.380781] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.380801] Call Trace: [ 15.380817] <TASK> [ 15.380833] dump_stack_lvl+0x73/0xb0 [ 15.380862] print_report+0xd1/0x650 [ 15.380885] ? __virt_addr_valid+0x1db/0x2d0 [ 15.380908] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.380931] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.380955] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.380979] kasan_report+0x141/0x180 [ 15.381002] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.381030] kasan_check_range+0x10c/0x1c0 [ 15.381055] __kasan_check_write+0x18/0x20 [ 15.381075] kasan_atomics_helper+0x7c7/0x5450 [ 15.381099] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.381124] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.381150] ? kasan_atomics+0x152/0x310 [ 15.381177] kasan_atomics+0x1dc/0x310 [ 15.381201] ? __pfx_kasan_atomics+0x10/0x10 [ 15.381227] ? __pfx_read_tsc+0x10/0x10 [ 15.381249] ? ktime_get_ts64+0x86/0x230 [ 15.381274] kunit_try_run_case+0x1a5/0x480 [ 15.381299] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.381323] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.381436] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.381469] ? __kthread_parkme+0x82/0x180 [ 15.381491] ? preempt_count_sub+0x50/0x80 [ 15.381516] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.381542] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.381569] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.381596] kthread+0x337/0x6f0 [ 15.381616] ? trace_preempt_on+0x20/0xc0 [ 15.381640] ? __pfx_kthread+0x10/0x10 [ 15.381661] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.381684] ? calculate_sigpending+0x7b/0xa0 [ 15.381707] ? __pfx_kthread+0x10/0x10 [ 15.381750] ret_from_fork+0x116/0x1d0 [ 15.381784] ? __pfx_kthread+0x10/0x10 [ 15.381806] ret_from_fork_asm+0x1a/0x30 [ 15.381850] </TASK> [ 15.381875] [ 15.390514] Allocated by task 283: [ 15.390693] kasan_save_stack+0x45/0x70 [ 15.390870] kasan_save_track+0x18/0x40 [ 15.391009] kasan_save_alloc_info+0x3b/0x50 [ 15.391157] __kasan_kmalloc+0xb7/0xc0 [ 15.391308] __kmalloc_cache_noprof+0x189/0x420 [ 15.391842] kasan_atomics+0x95/0x310 [ 15.392063] kunit_try_run_case+0x1a5/0x480 [ 15.392303] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.392632] kthread+0x337/0x6f0 [ 15.392789] ret_from_fork+0x116/0x1d0 [ 15.393277] ret_from_fork_asm+0x1a/0x30 [ 15.393453] [ 15.393561] The buggy address belongs to the object at ffff8881039b8c80 [ 15.393561] which belongs to the cache kmalloc-64 of size 64 [ 15.394167] The buggy address is located 0 bytes to the right of [ 15.394167] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 15.394541] [ 15.394614] The buggy address belongs to the physical page: [ 15.394782] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.395014] flags: 0x200000000000000(node=0|zone=2) [ 15.395174] page_type: f5(slab) [ 15.395343] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.396053] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.396480] page dumped because: kasan: bad access detected [ 15.396777] [ 15.396908] Memory state around the buggy address: [ 15.397151] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.397590] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.397977] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.398290] ^ [ 15.398531] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.399630] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.399951] ================================================================== [ 16.098274] ================================================================== [ 16.098960] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 16.099283] Write of size 8 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 16.100127] [ 16.100401] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.100576] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.100592] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.100613] Call Trace: [ 16.100626] <TASK> [ 16.100641] dump_stack_lvl+0x73/0xb0 [ 16.100681] print_report+0xd1/0x650 [ 16.100706] ? __virt_addr_valid+0x1db/0x2d0 [ 16.100730] ? kasan_atomics_helper+0x194a/0x5450 [ 16.100754] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.100779] ? kasan_atomics_helper+0x194a/0x5450 [ 16.100803] kasan_report+0x141/0x180 [ 16.100826] ? kasan_atomics_helper+0x194a/0x5450 [ 16.100854] kasan_check_range+0x10c/0x1c0 [ 16.100878] __kasan_check_write+0x18/0x20 [ 16.100898] kasan_atomics_helper+0x194a/0x5450 [ 16.100922] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.100946] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.100972] ? kasan_atomics+0x152/0x310 [ 16.100999] kasan_atomics+0x1dc/0x310 [ 16.101023] ? __pfx_kasan_atomics+0x10/0x10 [ 16.101048] ? __pfx_read_tsc+0x10/0x10 [ 16.101070] ? ktime_get_ts64+0x86/0x230 [ 16.101094] kunit_try_run_case+0x1a5/0x480 [ 16.101118] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.101142] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.101167] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.101192] ? __kthread_parkme+0x82/0x180 [ 16.101213] ? preempt_count_sub+0x50/0x80 [ 16.101238] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.101264] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.101290] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.101316] kthread+0x337/0x6f0 [ 16.101335] ? trace_preempt_on+0x20/0xc0 [ 16.101370] ? __pfx_kthread+0x10/0x10 [ 16.101392] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.101428] ? calculate_sigpending+0x7b/0xa0 [ 16.101453] ? __pfx_kthread+0x10/0x10 [ 16.101476] ret_from_fork+0x116/0x1d0 [ 16.101494] ? __pfx_kthread+0x10/0x10 [ 16.101515] ret_from_fork_asm+0x1a/0x30 [ 16.101547] </TASK> [ 16.101559] [ 16.108875] Allocated by task 283: [ 16.109055] kasan_save_stack+0x45/0x70 [ 16.109214] kasan_save_track+0x18/0x40 [ 16.109359] kasan_save_alloc_info+0x3b/0x50 [ 16.109505] __kasan_kmalloc+0xb7/0xc0 [ 16.109688] __kmalloc_cache_noprof+0x189/0x420 [ 16.109906] kasan_atomics+0x95/0x310 [ 16.110193] kunit_try_run_case+0x1a5/0x480 [ 16.110418] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.110597] kthread+0x337/0x6f0 [ 16.110717] ret_from_fork+0x116/0x1d0 [ 16.110846] ret_from_fork_asm+0x1a/0x30 [ 16.110982] [ 16.111069] The buggy address belongs to the object at ffff8881039b8c80 [ 16.111069] which belongs to the cache kmalloc-64 of size 64 [ 16.111626] The buggy address is located 0 bytes to the right of [ 16.111626] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 16.112282] [ 16.112363] The buggy address belongs to the physical page: [ 16.112532] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 16.113000] flags: 0x200000000000000(node=0|zone=2) [ 16.113228] page_type: f5(slab) [ 16.113403] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.113699] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.113919] page dumped because: kasan: bad access detected [ 16.114108] [ 16.114200] Memory state around the buggy address: [ 16.114473] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.114798] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.115140] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.115365] ^ [ 16.115742] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.116021] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.116327] ================================================================== [ 16.157633] ================================================================== [ 16.157962] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 16.158669] Write of size 8 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 16.159005] [ 16.159249] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.159316] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.159355] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.159377] Call Trace: [ 16.159392] <TASK> [ 16.159421] dump_stack_lvl+0x73/0xb0 [ 16.159609] print_report+0xd1/0x650 [ 16.159634] ? __virt_addr_valid+0x1db/0x2d0 [ 16.159658] ? kasan_atomics_helper+0x1b22/0x5450 [ 16.159682] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.159707] ? kasan_atomics_helper+0x1b22/0x5450 [ 16.159729] kasan_report+0x141/0x180 [ 16.159752] ? kasan_atomics_helper+0x1b22/0x5450 [ 16.159780] kasan_check_range+0x10c/0x1c0 [ 16.159805] __kasan_check_write+0x18/0x20 [ 16.159826] kasan_atomics_helper+0x1b22/0x5450 [ 16.159850] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.159874] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.159900] ? kasan_atomics+0x152/0x310 [ 16.159927] kasan_atomics+0x1dc/0x310 [ 16.159953] ? __pfx_kasan_atomics+0x10/0x10 [ 16.159979] ? __pfx_read_tsc+0x10/0x10 [ 16.160001] ? ktime_get_ts64+0x86/0x230 [ 16.160026] kunit_try_run_case+0x1a5/0x480 [ 16.160050] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.160074] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.160101] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.160126] ? __kthread_parkme+0x82/0x180 [ 16.160147] ? preempt_count_sub+0x50/0x80 [ 16.160177] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.160203] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.160227] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.160254] kthread+0x337/0x6f0 [ 16.160274] ? trace_preempt_on+0x20/0xc0 [ 16.160297] ? __pfx_kthread+0x10/0x10 [ 16.160319] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.160353] ? calculate_sigpending+0x7b/0xa0 [ 16.160379] ? __pfx_kthread+0x10/0x10 [ 16.160401] ret_from_fork+0x116/0x1d0 [ 16.160433] ? __pfx_kthread+0x10/0x10 [ 16.160455] ret_from_fork_asm+0x1a/0x30 [ 16.160486] </TASK> [ 16.160497] [ 16.170535] Allocated by task 283: [ 16.170897] kasan_save_stack+0x45/0x70 [ 16.171154] kasan_save_track+0x18/0x40 [ 16.171437] kasan_save_alloc_info+0x3b/0x50 [ 16.171851] __kasan_kmalloc+0xb7/0xc0 [ 16.172136] __kmalloc_cache_noprof+0x189/0x420 [ 16.172296] kasan_atomics+0x95/0x310 [ 16.172466] kunit_try_run_case+0x1a5/0x480 [ 16.172884] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.173378] kthread+0x337/0x6f0 [ 16.173700] ret_from_fork+0x116/0x1d0 [ 16.174050] ret_from_fork_asm+0x1a/0x30 [ 16.174447] [ 16.174581] The buggy address belongs to the object at ffff8881039b8c80 [ 16.174581] which belongs to the cache kmalloc-64 of size 64 [ 16.174918] The buggy address is located 0 bytes to the right of [ 16.174918] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 16.175269] [ 16.175339] The buggy address belongs to the physical page: [ 16.175587] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 16.176060] flags: 0x200000000000000(node=0|zone=2) [ 16.176228] page_type: f5(slab) [ 16.176373] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.177016] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.177392] page dumped because: kasan: bad access detected [ 16.177949] [ 16.178036] Memory state around the buggy address: [ 16.178482] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.178816] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.179235] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.179770] ^ [ 16.179971] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.180364] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.180786] ================================================================== [ 16.387264] ================================================================== [ 16.387633] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 16.387988] Write of size 8 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 16.388321] [ 16.388463] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.388518] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.388530] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.388550] Call Trace: [ 16.388567] <TASK> [ 16.388591] dump_stack_lvl+0x73/0xb0 [ 16.388620] print_report+0xd1/0x650 [ 16.388643] ? __virt_addr_valid+0x1db/0x2d0 [ 16.388677] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.388700] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.388724] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.388756] kasan_report+0x141/0x180 [ 16.388779] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.388807] kasan_check_range+0x10c/0x1c0 [ 16.388842] __kasan_check_write+0x18/0x20 [ 16.388863] kasan_atomics_helper+0x20c8/0x5450 [ 16.388887] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.388910] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.388936] ? kasan_atomics+0x152/0x310 [ 16.388964] kasan_atomics+0x1dc/0x310 [ 16.388987] ? __pfx_kasan_atomics+0x10/0x10 [ 16.389013] ? __pfx_read_tsc+0x10/0x10 [ 16.389035] ? ktime_get_ts64+0x86/0x230 [ 16.389059] kunit_try_run_case+0x1a5/0x480 [ 16.389084] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.389108] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.389133] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.389158] ? __kthread_parkme+0x82/0x180 [ 16.389180] ? preempt_count_sub+0x50/0x80 [ 16.389204] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.389230] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.389255] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.389281] kthread+0x337/0x6f0 [ 16.389301] ? trace_preempt_on+0x20/0xc0 [ 16.389325] ? __pfx_kthread+0x10/0x10 [ 16.389359] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.389390] ? calculate_sigpending+0x7b/0xa0 [ 16.389438] ? __pfx_kthread+0x10/0x10 [ 16.389461] ret_from_fork+0x116/0x1d0 [ 16.389481] ? __pfx_kthread+0x10/0x10 [ 16.389503] ret_from_fork_asm+0x1a/0x30 [ 16.389535] </TASK> [ 16.389545] [ 16.397127] Allocated by task 283: [ 16.397300] kasan_save_stack+0x45/0x70 [ 16.397515] kasan_save_track+0x18/0x40 [ 16.397655] kasan_save_alloc_info+0x3b/0x50 [ 16.397806] __kasan_kmalloc+0xb7/0xc0 [ 16.397984] __kmalloc_cache_noprof+0x189/0x420 [ 16.398241] kasan_atomics+0x95/0x310 [ 16.398493] kunit_try_run_case+0x1a5/0x480 [ 16.398711] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.398965] kthread+0x337/0x6f0 [ 16.399113] ret_from_fork+0x116/0x1d0 [ 16.399247] ret_from_fork_asm+0x1a/0x30 [ 16.399456] [ 16.399556] The buggy address belongs to the object at ffff8881039b8c80 [ 16.399556] which belongs to the cache kmalloc-64 of size 64 [ 16.400074] The buggy address is located 0 bytes to the right of [ 16.400074] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 16.400636] [ 16.400710] The buggy address belongs to the physical page: [ 16.400882] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 16.401125] flags: 0x200000000000000(node=0|zone=2) [ 16.401291] page_type: f5(slab) [ 16.401512] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.401852] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.402201] page dumped because: kasan: bad access detected [ 16.402489] [ 16.402586] Memory state around the buggy address: [ 16.402835] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.403154] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.403405] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.403620] ^ [ 16.403774] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.404069] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.404408] ================================================================== [ 15.927218] ================================================================== [ 15.927575] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 15.928028] Write of size 8 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 15.928261] [ 15.928438] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.928483] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.928509] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.928530] Call Trace: [ 15.928543] <TASK> [ 15.928557] dump_stack_lvl+0x73/0xb0 [ 15.928616] print_report+0xd1/0x650 [ 15.928639] ? __virt_addr_valid+0x1db/0x2d0 [ 15.928674] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.928697] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.928721] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.928745] kasan_report+0x141/0x180 [ 15.928767] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.928794] __asan_report_store8_noabort+0x1b/0x30 [ 15.928821] kasan_atomics_helper+0x50d4/0x5450 [ 15.928846] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.928870] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.928896] ? kasan_atomics+0x152/0x310 [ 15.928924] kasan_atomics+0x1dc/0x310 [ 15.928947] ? __pfx_kasan_atomics+0x10/0x10 [ 15.928973] ? __pfx_read_tsc+0x10/0x10 [ 15.928995] ? ktime_get_ts64+0x86/0x230 [ 15.929019] kunit_try_run_case+0x1a5/0x480 [ 15.929044] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.929100] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.929125] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.929178] ? __kthread_parkme+0x82/0x180 [ 15.929201] ? preempt_count_sub+0x50/0x80 [ 15.929225] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.929263] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.929289] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.929315] kthread+0x337/0x6f0 [ 15.929335] ? trace_preempt_on+0x20/0xc0 [ 15.929371] ? __pfx_kthread+0x10/0x10 [ 15.929393] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.929415] ? calculate_sigpending+0x7b/0xa0 [ 15.929440] ? __pfx_kthread+0x10/0x10 [ 15.929462] ret_from_fork+0x116/0x1d0 [ 15.929482] ? __pfx_kthread+0x10/0x10 [ 15.929504] ret_from_fork_asm+0x1a/0x30 [ 15.929535] </TASK> [ 15.929546] [ 15.937649] Allocated by task 283: [ 15.937780] kasan_save_stack+0x45/0x70 [ 15.938031] kasan_save_track+0x18/0x40 [ 15.938225] kasan_save_alloc_info+0x3b/0x50 [ 15.938532] __kasan_kmalloc+0xb7/0xc0 [ 15.938684] __kmalloc_cache_noprof+0x189/0x420 [ 15.938844] kasan_atomics+0x95/0x310 [ 15.939018] kunit_try_run_case+0x1a5/0x480 [ 15.939250] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.939639] kthread+0x337/0x6f0 [ 15.939853] ret_from_fork+0x116/0x1d0 [ 15.940044] ret_from_fork_asm+0x1a/0x30 [ 15.940192] [ 15.940366] The buggy address belongs to the object at ffff8881039b8c80 [ 15.940366] which belongs to the cache kmalloc-64 of size 64 [ 15.940823] The buggy address is located 0 bytes to the right of [ 15.940823] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 15.941174] [ 15.941266] The buggy address belongs to the physical page: [ 15.941636] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.942001] flags: 0x200000000000000(node=0|zone=2) [ 15.942212] page_type: f5(slab) [ 15.942365] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.942713] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.943065] page dumped because: kasan: bad access detected [ 15.943315] [ 15.943425] Memory state around the buggy address: [ 15.943647] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.943958] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.944171] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.944425] ^ [ 15.944683] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.945019] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.945402] ================================================================== [ 15.185074] ================================================================== [ 15.185335] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 15.186171] Read of size 4 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 15.186930] [ 15.187158] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.187206] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.187219] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.187239] Call Trace: [ 15.187254] <TASK> [ 15.187427] dump_stack_lvl+0x73/0xb0 [ 15.187462] print_report+0xd1/0x650 [ 15.187485] ? __virt_addr_valid+0x1db/0x2d0 [ 15.187509] ? kasan_atomics_helper+0x3df/0x5450 [ 15.187531] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.187556] ? kasan_atomics_helper+0x3df/0x5450 [ 15.187579] kasan_report+0x141/0x180 [ 15.187602] ? kasan_atomics_helper+0x3df/0x5450 [ 15.187630] kasan_check_range+0x10c/0x1c0 [ 15.187655] __kasan_check_read+0x15/0x20 [ 15.187675] kasan_atomics_helper+0x3df/0x5450 [ 15.187699] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.187723] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.187750] ? kasan_atomics+0x152/0x310 [ 15.187777] kasan_atomics+0x1dc/0x310 [ 15.187800] ? __pfx_kasan_atomics+0x10/0x10 [ 15.187825] ? __pfx_read_tsc+0x10/0x10 [ 15.187847] ? ktime_get_ts64+0x86/0x230 [ 15.187871] kunit_try_run_case+0x1a5/0x480 [ 15.187897] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.187921] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.187946] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.187972] ? __kthread_parkme+0x82/0x180 [ 15.187993] ? preempt_count_sub+0x50/0x80 [ 15.188018] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.188044] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.188070] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.188097] kthread+0x337/0x6f0 [ 15.188117] ? trace_preempt_on+0x20/0xc0 [ 15.188142] ? __pfx_kthread+0x10/0x10 [ 15.188164] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.188191] ? calculate_sigpending+0x7b/0xa0 [ 15.188217] ? __pfx_kthread+0x10/0x10 [ 15.188239] ret_from_fork+0x116/0x1d0 [ 15.188259] ? __pfx_kthread+0x10/0x10 [ 15.188281] ret_from_fork_asm+0x1a/0x30 [ 15.188312] </TASK> [ 15.188323] [ 15.200010] Allocated by task 283: [ 15.200333] kasan_save_stack+0x45/0x70 [ 15.200697] kasan_save_track+0x18/0x40 [ 15.200866] kasan_save_alloc_info+0x3b/0x50 [ 15.201087] __kasan_kmalloc+0xb7/0xc0 [ 15.201261] __kmalloc_cache_noprof+0x189/0x420 [ 15.201871] kasan_atomics+0x95/0x310 [ 15.202040] kunit_try_run_case+0x1a5/0x480 [ 15.202394] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.202958] kthread+0x337/0x6f0 [ 15.203105] ret_from_fork+0x116/0x1d0 [ 15.203563] ret_from_fork_asm+0x1a/0x30 [ 15.203890] [ 15.204091] The buggy address belongs to the object at ffff8881039b8c80 [ 15.204091] which belongs to the cache kmalloc-64 of size 64 [ 15.205094] The buggy address is located 0 bytes to the right of [ 15.205094] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 15.205874] [ 15.205959] The buggy address belongs to the physical page: [ 15.206275] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.206845] flags: 0x200000000000000(node=0|zone=2) [ 15.207169] page_type: f5(slab) [ 15.207510] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.207927] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.208237] page dumped because: kasan: bad access detected [ 15.208787] [ 15.208884] Memory state around the buggy address: [ 15.209231] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.209712] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.210027] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.210361] ^ [ 15.210965] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.211367] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.211862] ================================================================== [ 15.689074] ================================================================== [ 15.689783] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 15.690162] Read of size 4 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 15.690676] [ 15.690796] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.690836] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.690848] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.690879] Call Trace: [ 15.690892] <TASK> [ 15.690906] dump_stack_lvl+0x73/0xb0 [ 15.690935] print_report+0xd1/0x650 [ 15.690968] ? __virt_addr_valid+0x1db/0x2d0 [ 15.690991] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.691013] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.691048] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.691072] kasan_report+0x141/0x180 [ 15.691094] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.691130] __asan_report_load4_noabort+0x18/0x20 [ 15.691156] kasan_atomics_helper+0x4a36/0x5450 [ 15.691180] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.691215] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.691242] ? kasan_atomics+0x152/0x310 [ 15.691270] kasan_atomics+0x1dc/0x310 [ 15.691293] ? __pfx_kasan_atomics+0x10/0x10 [ 15.691319] ? __pfx_read_tsc+0x10/0x10 [ 15.691342] ? ktime_get_ts64+0x86/0x230 [ 15.691377] kunit_try_run_case+0x1a5/0x480 [ 15.691402] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.691434] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.691468] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.691494] ? __kthread_parkme+0x82/0x180 [ 15.691516] ? preempt_count_sub+0x50/0x80 [ 15.691551] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.691577] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.691603] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.691630] kthread+0x337/0x6f0 [ 15.691650] ? trace_preempt_on+0x20/0xc0 [ 15.691676] ? __pfx_kthread+0x10/0x10 [ 15.691698] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.691729] ? calculate_sigpending+0x7b/0xa0 [ 15.691755] ? __pfx_kthread+0x10/0x10 [ 15.691777] ret_from_fork+0x116/0x1d0 [ 15.691807] ? __pfx_kthread+0x10/0x10 [ 15.691828] ret_from_fork_asm+0x1a/0x30 [ 15.691860] </TASK> [ 15.691872] [ 15.699546] Allocated by task 283: [ 15.699827] kasan_save_stack+0x45/0x70 [ 15.699967] kasan_save_track+0x18/0x40 [ 15.700100] kasan_save_alloc_info+0x3b/0x50 [ 15.700252] __kasan_kmalloc+0xb7/0xc0 [ 15.700414] __kmalloc_cache_noprof+0x189/0x420 [ 15.700643] kasan_atomics+0x95/0x310 [ 15.700863] kunit_try_run_case+0x1a5/0x480 [ 15.701109] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.701404] kthread+0x337/0x6f0 [ 15.701585] ret_from_fork+0x116/0x1d0 [ 15.701784] ret_from_fork_asm+0x1a/0x30 [ 15.702020] [ 15.702129] The buggy address belongs to the object at ffff8881039b8c80 [ 15.702129] which belongs to the cache kmalloc-64 of size 64 [ 15.702697] The buggy address is located 0 bytes to the right of [ 15.702697] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 15.703126] [ 15.703198] The buggy address belongs to the physical page: [ 15.703388] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.703771] flags: 0x200000000000000(node=0|zone=2) [ 15.704028] page_type: f5(slab) [ 15.704230] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.704564] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.704841] page dumped because: kasan: bad access detected [ 15.705120] [ 15.705214] Memory state around the buggy address: [ 15.705468] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.705734] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.706040] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.706334] ^ [ 15.706580] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.706794] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.707007] ================================================================== [ 15.868563] ================================================================== [ 15.868919] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 15.869278] Read of size 8 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 15.869507] [ 15.869588] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.869627] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.869638] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.869675] Call Trace: [ 15.869722] <TASK> [ 15.869736] dump_stack_lvl+0x73/0xb0 [ 15.869765] print_report+0xd1/0x650 [ 15.869801] ? __virt_addr_valid+0x1db/0x2d0 [ 15.869824] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.869847] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.869871] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.869895] kasan_report+0x141/0x180 [ 15.869917] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.869945] kasan_check_range+0x10c/0x1c0 [ 15.869969] __kasan_check_read+0x15/0x20 [ 15.869989] kasan_atomics_helper+0x13b5/0x5450 [ 15.870013] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.870037] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.870063] ? kasan_atomics+0x152/0x310 [ 15.870089] kasan_atomics+0x1dc/0x310 [ 15.870113] ? __pfx_kasan_atomics+0x10/0x10 [ 15.870138] ? __pfx_read_tsc+0x10/0x10 [ 15.870161] ? ktime_get_ts64+0x86/0x230 [ 15.870185] kunit_try_run_case+0x1a5/0x480 [ 15.870210] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.870233] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.870258] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.870283] ? __kthread_parkme+0x82/0x180 [ 15.870305] ? preempt_count_sub+0x50/0x80 [ 15.870329] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.870363] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.870390] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.870460] kthread+0x337/0x6f0 [ 15.870492] ? trace_preempt_on+0x20/0xc0 [ 15.870527] ? __pfx_kthread+0x10/0x10 [ 15.870549] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.870572] ? calculate_sigpending+0x7b/0xa0 [ 15.870597] ? __pfx_kthread+0x10/0x10 [ 15.870620] ret_from_fork+0x116/0x1d0 [ 15.870639] ? __pfx_kthread+0x10/0x10 [ 15.870660] ret_from_fork_asm+0x1a/0x30 [ 15.870692] </TASK> [ 15.870703] [ 15.878589] Allocated by task 283: [ 15.878831] kasan_save_stack+0x45/0x70 [ 15.879072] kasan_save_track+0x18/0x40 [ 15.879322] kasan_save_alloc_info+0x3b/0x50 [ 15.879560] __kasan_kmalloc+0xb7/0xc0 [ 15.879697] __kmalloc_cache_noprof+0x189/0x420 [ 15.879854] kasan_atomics+0x95/0x310 [ 15.879988] kunit_try_run_case+0x1a5/0x480 [ 15.880203] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.880567] kthread+0x337/0x6f0 [ 15.880754] ret_from_fork+0x116/0x1d0 [ 15.880944] ret_from_fork_asm+0x1a/0x30 [ 15.881145] [ 15.881243] The buggy address belongs to the object at ffff8881039b8c80 [ 15.881243] which belongs to the cache kmalloc-64 of size 64 [ 15.881834] The buggy address is located 0 bytes to the right of [ 15.881834] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 15.882315] [ 15.882399] The buggy address belongs to the physical page: [ 15.882574] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.882972] flags: 0x200000000000000(node=0|zone=2) [ 15.883210] page_type: f5(slab) [ 15.883385] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.883854] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.884216] page dumped because: kasan: bad access detected [ 15.884401] [ 15.884507] Memory state around the buggy address: [ 15.884767] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.885151] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.885378] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.885646] ^ [ 15.885874] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.886195] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.886671] ================================================================== [ 15.906059] ================================================================== [ 15.906553] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 15.906959] Write of size 8 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 15.907209] [ 15.907320] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.907406] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.907418] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.907451] Call Trace: [ 15.907466] <TASK> [ 15.907489] dump_stack_lvl+0x73/0xb0 [ 15.907549] print_report+0xd1/0x650 [ 15.907573] ? __virt_addr_valid+0x1db/0x2d0 [ 15.907609] ? kasan_atomics_helper+0x1467/0x5450 [ 15.907631] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.907655] ? kasan_atomics_helper+0x1467/0x5450 [ 15.907678] kasan_report+0x141/0x180 [ 15.907701] ? kasan_atomics_helper+0x1467/0x5450 [ 15.907729] kasan_check_range+0x10c/0x1c0 [ 15.907753] __kasan_check_write+0x18/0x20 [ 15.907773] kasan_atomics_helper+0x1467/0x5450 [ 15.907798] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.907853] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.907880] ? kasan_atomics+0x152/0x310 [ 15.907918] kasan_atomics+0x1dc/0x310 [ 15.907942] ? __pfx_kasan_atomics+0x10/0x10 [ 15.907994] ? __pfx_read_tsc+0x10/0x10 [ 15.908017] ? ktime_get_ts64+0x86/0x230 [ 15.908064] kunit_try_run_case+0x1a5/0x480 [ 15.908115] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.908139] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.908168] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.908204] ? __kthread_parkme+0x82/0x180 [ 15.908227] ? preempt_count_sub+0x50/0x80 [ 15.908252] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.908277] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.908303] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.908330] kthread+0x337/0x6f0 [ 15.908374] ? trace_preempt_on+0x20/0xc0 [ 15.908398] ? __pfx_kthread+0x10/0x10 [ 15.908432] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.908454] ? calculate_sigpending+0x7b/0xa0 [ 15.908479] ? __pfx_kthread+0x10/0x10 [ 15.908514] ret_from_fork+0x116/0x1d0 [ 15.908533] ? __pfx_kthread+0x10/0x10 [ 15.908554] ret_from_fork_asm+0x1a/0x30 [ 15.908597] </TASK> [ 15.908608] [ 15.917693] Allocated by task 283: [ 15.917854] kasan_save_stack+0x45/0x70 [ 15.918332] kasan_save_track+0x18/0x40 [ 15.918709] kasan_save_alloc_info+0x3b/0x50 [ 15.918947] __kasan_kmalloc+0xb7/0xc0 [ 15.919139] __kmalloc_cache_noprof+0x189/0x420 [ 15.919356] kasan_atomics+0x95/0x310 [ 15.919573] kunit_try_run_case+0x1a5/0x480 [ 15.919722] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.920198] kthread+0x337/0x6f0 [ 15.920599] ret_from_fork+0x116/0x1d0 [ 15.920746] ret_from_fork_asm+0x1a/0x30 [ 15.920945] [ 15.921030] The buggy address belongs to the object at ffff8881039b8c80 [ 15.921030] which belongs to the cache kmalloc-64 of size 64 [ 15.921510] The buggy address is located 0 bytes to the right of [ 15.921510] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 15.922162] [ 15.922286] The buggy address belongs to the physical page: [ 15.922483] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.922880] flags: 0x200000000000000(node=0|zone=2) [ 15.923228] page_type: f5(slab) [ 15.923405] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.923792] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.924129] page dumped because: kasan: bad access detected [ 15.924450] [ 15.924582] Memory state around the buggy address: [ 15.924868] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.925120] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.925509] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.925873] ^ [ 15.926102] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.926502] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.926797] ================================================================== [ 15.809301] ================================================================== [ 15.809779] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 15.810038] Read of size 4 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 15.810375] [ 15.810536] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.810576] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.810588] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.810609] Call Trace: [ 15.810623] <TASK> [ 15.810636] dump_stack_lvl+0x73/0xb0 [ 15.810664] print_report+0xd1/0x650 [ 15.810687] ? __virt_addr_valid+0x1db/0x2d0 [ 15.810711] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.810734] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.810759] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.810782] kasan_report+0x141/0x180 [ 15.810804] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.810832] __asan_report_load4_noabort+0x18/0x20 [ 15.810857] kasan_atomics_helper+0x49e8/0x5450 [ 15.810881] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.810905] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.810931] ? kasan_atomics+0x152/0x310 [ 15.810958] kasan_atomics+0x1dc/0x310 [ 15.810982] ? __pfx_kasan_atomics+0x10/0x10 [ 15.811007] ? __pfx_read_tsc+0x10/0x10 [ 15.811029] ? ktime_get_ts64+0x86/0x230 [ 15.811053] kunit_try_run_case+0x1a5/0x480 [ 15.811078] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.811102] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.811127] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.811153] ? __kthread_parkme+0x82/0x180 [ 15.811176] ? preempt_count_sub+0x50/0x80 [ 15.811201] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.811227] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.811253] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.811279] kthread+0x337/0x6f0 [ 15.811299] ? trace_preempt_on+0x20/0xc0 [ 15.811322] ? __pfx_kthread+0x10/0x10 [ 15.811356] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.811379] ? calculate_sigpending+0x7b/0xa0 [ 15.811404] ? __pfx_kthread+0x10/0x10 [ 15.811426] ret_from_fork+0x116/0x1d0 [ 15.811446] ? __pfx_kthread+0x10/0x10 [ 15.811468] ret_from_fork_asm+0x1a/0x30 [ 15.811500] </TASK> [ 15.811511] [ 15.821173] Allocated by task 283: [ 15.821354] kasan_save_stack+0x45/0x70 [ 15.822072] kasan_save_track+0x18/0x40 [ 15.822595] kasan_save_alloc_info+0x3b/0x50 [ 15.822770] __kasan_kmalloc+0xb7/0xc0 [ 15.822908] __kmalloc_cache_noprof+0x189/0x420 [ 15.823068] kasan_atomics+0x95/0x310 [ 15.823205] kunit_try_run_case+0x1a5/0x480 [ 15.823369] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.823634] kthread+0x337/0x6f0 [ 15.823891] ret_from_fork+0x116/0x1d0 [ 15.824084] ret_from_fork_asm+0x1a/0x30 [ 15.824283] [ 15.824491] The buggy address belongs to the object at ffff8881039b8c80 [ 15.824491] which belongs to the cache kmalloc-64 of size 64 [ 15.825030] The buggy address is located 0 bytes to the right of [ 15.825030] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 15.825651] [ 15.825816] The buggy address belongs to the physical page: [ 15.826029] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.826412] flags: 0x200000000000000(node=0|zone=2) [ 15.826639] page_type: f5(slab) [ 15.826771] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.827089] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.827492] page dumped because: kasan: bad access detected [ 15.827736] [ 15.827813] Memory state around the buggy address: [ 15.827963] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.828449] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.828773] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.829043] ^ [ 15.829272] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.829697] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.829963] ================================================================== [ 16.315597] ================================================================== [ 16.315954] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 16.316201] Write of size 8 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 16.316526] [ 16.316641] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.316686] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.316699] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.316721] Call Trace: [ 16.316737] <TASK> [ 16.316753] dump_stack_lvl+0x73/0xb0 [ 16.316783] print_report+0xd1/0x650 [ 16.316807] ? __virt_addr_valid+0x1db/0x2d0 [ 16.316830] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.316853] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.316877] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.316900] kasan_report+0x141/0x180 [ 16.316923] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.316963] kasan_check_range+0x10c/0x1c0 [ 16.316988] __kasan_check_write+0x18/0x20 [ 16.317010] kasan_atomics_helper+0x1f43/0x5450 [ 16.317045] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.317071] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.317097] ? kasan_atomics+0x152/0x310 [ 16.317125] kasan_atomics+0x1dc/0x310 [ 16.317149] ? __pfx_kasan_atomics+0x10/0x10 [ 16.317178] ? __pfx_read_tsc+0x10/0x10 [ 16.317201] ? ktime_get_ts64+0x86/0x230 [ 16.317227] kunit_try_run_case+0x1a5/0x480 [ 16.317252] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.317277] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.317312] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.317337] ? __kthread_parkme+0x82/0x180 [ 16.317374] ? preempt_count_sub+0x50/0x80 [ 16.317419] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.317446] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.317482] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.317508] kthread+0x337/0x6f0 [ 16.317528] ? trace_preempt_on+0x20/0xc0 [ 16.317563] ? __pfx_kthread+0x10/0x10 [ 16.317585] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.317609] ? calculate_sigpending+0x7b/0xa0 [ 16.317633] ? __pfx_kthread+0x10/0x10 [ 16.317655] ret_from_fork+0x116/0x1d0 [ 16.317675] ? __pfx_kthread+0x10/0x10 [ 16.317696] ret_from_fork_asm+0x1a/0x30 [ 16.317727] </TASK> [ 16.317739] [ 16.325313] Allocated by task 283: [ 16.325538] kasan_save_stack+0x45/0x70 [ 16.325744] kasan_save_track+0x18/0x40 [ 16.325936] kasan_save_alloc_info+0x3b/0x50 [ 16.326149] __kasan_kmalloc+0xb7/0xc0 [ 16.326312] __kmalloc_cache_noprof+0x189/0x420 [ 16.326513] kasan_atomics+0x95/0x310 [ 16.326705] kunit_try_run_case+0x1a5/0x480 [ 16.326915] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.327183] kthread+0x337/0x6f0 [ 16.327308] ret_from_fork+0x116/0x1d0 [ 16.327475] ret_from_fork_asm+0x1a/0x30 [ 16.327618] [ 16.327738] The buggy address belongs to the object at ffff8881039b8c80 [ 16.327738] which belongs to the cache kmalloc-64 of size 64 [ 16.328268] The buggy address is located 0 bytes to the right of [ 16.328268] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 16.328843] [ 16.328921] The buggy address belongs to the physical page: [ 16.329178] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 16.329455] flags: 0x200000000000000(node=0|zone=2) [ 16.329673] page_type: f5(slab) [ 16.329859] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.330236] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.330564] page dumped because: kasan: bad access detected [ 16.330820] [ 16.330925] Memory state around the buggy address: [ 16.331139] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.331461] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.331776] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.332080] ^ [ 16.332271] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.332610] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.332920] ================================================================== [ 15.478235] ================================================================== [ 15.478670] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 15.478962] Write of size 4 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 15.479294] [ 15.479483] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.479527] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.479540] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.479562] Call Trace: [ 15.479576] <TASK> [ 15.479590] dump_stack_lvl+0x73/0xb0 [ 15.479620] print_report+0xd1/0x650 [ 15.479643] ? __virt_addr_valid+0x1db/0x2d0 [ 15.479668] ? kasan_atomics_helper+0xac7/0x5450 [ 15.479690] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.479714] ? kasan_atomics_helper+0xac7/0x5450 [ 15.479737] kasan_report+0x141/0x180 [ 15.479760] ? kasan_atomics_helper+0xac7/0x5450 [ 15.479787] kasan_check_range+0x10c/0x1c0 [ 15.479812] __kasan_check_write+0x18/0x20 [ 15.479834] kasan_atomics_helper+0xac7/0x5450 [ 15.479857] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.479881] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.479907] ? kasan_atomics+0x152/0x310 [ 15.479934] kasan_atomics+0x1dc/0x310 [ 15.479958] ? __pfx_kasan_atomics+0x10/0x10 [ 15.479985] ? __pfx_read_tsc+0x10/0x10 [ 15.480007] ? ktime_get_ts64+0x86/0x230 [ 15.480031] kunit_try_run_case+0x1a5/0x480 [ 15.480056] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.480080] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.480105] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.480130] ? __kthread_parkme+0x82/0x180 [ 15.480152] ? preempt_count_sub+0x50/0x80 [ 15.480186] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.480212] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.480237] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.480264] kthread+0x337/0x6f0 [ 15.480284] ? trace_preempt_on+0x20/0xc0 [ 15.480308] ? __pfx_kthread+0x10/0x10 [ 15.480330] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.480425] ? calculate_sigpending+0x7b/0xa0 [ 15.480452] ? __pfx_kthread+0x10/0x10 [ 15.480474] ret_from_fork+0x116/0x1d0 [ 15.480494] ? __pfx_kthread+0x10/0x10 [ 15.480515] ret_from_fork_asm+0x1a/0x30 [ 15.480547] </TASK> [ 15.480558] [ 15.488220] Allocated by task 283: [ 15.488444] kasan_save_stack+0x45/0x70 [ 15.488597] kasan_save_track+0x18/0x40 [ 15.488735] kasan_save_alloc_info+0x3b/0x50 [ 15.488948] __kasan_kmalloc+0xb7/0xc0 [ 15.489138] __kmalloc_cache_noprof+0x189/0x420 [ 15.489553] kasan_atomics+0x95/0x310 [ 15.489754] kunit_try_run_case+0x1a5/0x480 [ 15.489963] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.490216] kthread+0x337/0x6f0 [ 15.490451] ret_from_fork+0x116/0x1d0 [ 15.490654] ret_from_fork_asm+0x1a/0x30 [ 15.490835] [ 15.490915] The buggy address belongs to the object at ffff8881039b8c80 [ 15.490915] which belongs to the cache kmalloc-64 of size 64 [ 15.491406] The buggy address is located 0 bytes to the right of [ 15.491406] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 15.491796] [ 15.491869] The buggy address belongs to the physical page: [ 15.492123] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.492572] flags: 0x200000000000000(node=0|zone=2) [ 15.492812] page_type: f5(slab) [ 15.492977] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.493320] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.493749] page dumped because: kasan: bad access detected [ 15.493971] [ 15.494062] Memory state around the buggy address: [ 15.494222] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.494806] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.495147] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.495576] ^ [ 15.495793] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.496051] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.496447] ================================================================== [ 15.639759] ================================================================== [ 15.641176] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 15.641722] Write of size 4 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 15.642328] [ 15.642654] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.642699] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.642713] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.642734] Call Trace: [ 15.642751] <TASK> [ 15.642767] dump_stack_lvl+0x73/0xb0 [ 15.642797] print_report+0xd1/0x650 [ 15.642821] ? __virt_addr_valid+0x1db/0x2d0 [ 15.642898] ? kasan_atomics_helper+0xf10/0x5450 [ 15.642920] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.642959] ? kasan_atomics_helper+0xf10/0x5450 [ 15.642982] kasan_report+0x141/0x180 [ 15.643004] ? kasan_atomics_helper+0xf10/0x5450 [ 15.643032] kasan_check_range+0x10c/0x1c0 [ 15.643057] __kasan_check_write+0x18/0x20 [ 15.643077] kasan_atomics_helper+0xf10/0x5450 [ 15.643101] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.643125] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.643150] ? kasan_atomics+0x152/0x310 [ 15.643179] kasan_atomics+0x1dc/0x310 [ 15.643203] ? __pfx_kasan_atomics+0x10/0x10 [ 15.643228] ? __pfx_read_tsc+0x10/0x10 [ 15.643250] ? ktime_get_ts64+0x86/0x230 [ 15.643275] kunit_try_run_case+0x1a5/0x480 [ 15.643301] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.643325] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.643410] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.643439] ? __kthread_parkme+0x82/0x180 [ 15.643462] ? preempt_count_sub+0x50/0x80 [ 15.643486] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.643512] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.643539] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.643565] kthread+0x337/0x6f0 [ 15.643585] ? trace_preempt_on+0x20/0xc0 [ 15.643609] ? __pfx_kthread+0x10/0x10 [ 15.643631] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.643654] ? calculate_sigpending+0x7b/0xa0 [ 15.643680] ? __pfx_kthread+0x10/0x10 [ 15.643702] ret_from_fork+0x116/0x1d0 [ 15.643721] ? __pfx_kthread+0x10/0x10 [ 15.643743] ret_from_fork_asm+0x1a/0x30 [ 15.643776] </TASK> [ 15.643787] [ 15.657569] Allocated by task 283: [ 15.657916] kasan_save_stack+0x45/0x70 [ 15.658298] kasan_save_track+0x18/0x40 [ 15.658858] kasan_save_alloc_info+0x3b/0x50 [ 15.659282] __kasan_kmalloc+0xb7/0xc0 [ 15.659706] __kmalloc_cache_noprof+0x189/0x420 [ 15.660156] kasan_atomics+0x95/0x310 [ 15.660309] kunit_try_run_case+0x1a5/0x480 [ 15.660828] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.661310] kthread+0x337/0x6f0 [ 15.661696] ret_from_fork+0x116/0x1d0 [ 15.661963] ret_from_fork_asm+0x1a/0x30 [ 15.662302] [ 15.662433] The buggy address belongs to the object at ffff8881039b8c80 [ 15.662433] which belongs to the cache kmalloc-64 of size 64 [ 15.663141] The buggy address is located 0 bytes to the right of [ 15.663141] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 15.664116] [ 15.664289] The buggy address belongs to the physical page: [ 15.664902] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.665658] flags: 0x200000000000000(node=0|zone=2) [ 15.665830] page_type: f5(slab) [ 15.665957] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.666191] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.666449] page dumped because: kasan: bad access detected [ 15.666745] [ 15.666863] Memory state around the buggy address: [ 15.667022] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.667341] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.667831] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.668148] ^ [ 15.668405] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.668673] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.669015] ================================================================== [ 16.369270] ================================================================== [ 16.369685] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 16.369943] Read of size 8 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 16.370277] [ 16.370410] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.370451] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.370463] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.370483] Call Trace: [ 16.370497] <TASK> [ 16.370520] dump_stack_lvl+0x73/0xb0 [ 16.370550] print_report+0xd1/0x650 [ 16.370573] ? __virt_addr_valid+0x1db/0x2d0 [ 16.370608] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.370631] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.370656] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.370688] kasan_report+0x141/0x180 [ 16.370711] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.370738] __asan_report_load8_noabort+0x18/0x20 [ 16.370775] kasan_atomics_helper+0x4f98/0x5450 [ 16.370799] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.370823] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.370858] ? kasan_atomics+0x152/0x310 [ 16.370886] kasan_atomics+0x1dc/0x310 [ 16.370920] ? __pfx_kasan_atomics+0x10/0x10 [ 16.370946] ? __pfx_read_tsc+0x10/0x10 [ 16.370968] ? ktime_get_ts64+0x86/0x230 [ 16.370993] kunit_try_run_case+0x1a5/0x480 [ 16.371018] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.371042] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.371067] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.371092] ? __kthread_parkme+0x82/0x180 [ 16.371114] ? preempt_count_sub+0x50/0x80 [ 16.371139] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.371164] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.371191] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.371217] kthread+0x337/0x6f0 [ 16.371246] ? trace_preempt_on+0x20/0xc0 [ 16.371270] ? __pfx_kthread+0x10/0x10 [ 16.371292] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.371326] ? calculate_sigpending+0x7b/0xa0 [ 16.371360] ? __pfx_kthread+0x10/0x10 [ 16.371382] ret_from_fork+0x116/0x1d0 [ 16.371419] ? __pfx_kthread+0x10/0x10 [ 16.371442] ret_from_fork_asm+0x1a/0x30 [ 16.371473] </TASK> [ 16.371485] [ 16.379003] Allocated by task 283: [ 16.379188] kasan_save_stack+0x45/0x70 [ 16.379412] kasan_save_track+0x18/0x40 [ 16.379627] kasan_save_alloc_info+0x3b/0x50 [ 16.379825] __kasan_kmalloc+0xb7/0xc0 [ 16.379998] __kmalloc_cache_noprof+0x189/0x420 [ 16.380156] kasan_atomics+0x95/0x310 [ 16.380296] kunit_try_run_case+0x1a5/0x480 [ 16.380478] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.380658] kthread+0x337/0x6f0 [ 16.380779] ret_from_fork+0x116/0x1d0 [ 16.380948] ret_from_fork_asm+0x1a/0x30 [ 16.381174] [ 16.381283] The buggy address belongs to the object at ffff8881039b8c80 [ 16.381283] which belongs to the cache kmalloc-64 of size 64 [ 16.381933] The buggy address is located 0 bytes to the right of [ 16.381933] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 16.382544] [ 16.382646] The buggy address belongs to the physical page: [ 16.382897] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 16.383182] flags: 0x200000000000000(node=0|zone=2) [ 16.383353] page_type: f5(slab) [ 16.383498] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.383841] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.384191] page dumped because: kasan: bad access detected [ 16.384481] [ 16.384586] Memory state around the buggy address: [ 16.384808] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.385109] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.385445] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.385742] ^ [ 16.385972] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.386286] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.386627] ================================================================== [ 16.423227] ================================================================== [ 16.424201] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 16.424978] Write of size 8 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 16.425323] [ 16.425447] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.425491] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.425503] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.425524] Call Trace: [ 16.425536] <TASK> [ 16.425552] dump_stack_lvl+0x73/0xb0 [ 16.425583] print_report+0xd1/0x650 [ 16.425606] ? __virt_addr_valid+0x1db/0x2d0 [ 16.425630] ? kasan_atomics_helper+0x218a/0x5450 [ 16.425652] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.425676] ? kasan_atomics_helper+0x218a/0x5450 [ 16.425699] kasan_report+0x141/0x180 [ 16.425722] ? kasan_atomics_helper+0x218a/0x5450 [ 16.425749] kasan_check_range+0x10c/0x1c0 [ 16.425774] __kasan_check_write+0x18/0x20 [ 16.425795] kasan_atomics_helper+0x218a/0x5450 [ 16.425819] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.425843] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.425869] ? kasan_atomics+0x152/0x310 [ 16.425897] kasan_atomics+0x1dc/0x310 [ 16.425921] ? __pfx_kasan_atomics+0x10/0x10 [ 16.425947] ? __pfx_read_tsc+0x10/0x10 [ 16.425969] ? ktime_get_ts64+0x86/0x230 [ 16.425994] kunit_try_run_case+0x1a5/0x480 [ 16.426019] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.426043] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.426068] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.426094] ? __kthread_parkme+0x82/0x180 [ 16.426116] ? preempt_count_sub+0x50/0x80 [ 16.426140] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.426166] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.426192] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.426219] kthread+0x337/0x6f0 [ 16.426238] ? trace_preempt_on+0x20/0xc0 [ 16.426262] ? __pfx_kthread+0x10/0x10 [ 16.426284] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.426307] ? calculate_sigpending+0x7b/0xa0 [ 16.426332] ? __pfx_kthread+0x10/0x10 [ 16.426721] ret_from_fork+0x116/0x1d0 [ 16.426744] ? __pfx_kthread+0x10/0x10 [ 16.426784] ret_from_fork_asm+0x1a/0x30 [ 16.426815] </TASK> [ 16.426865] [ 16.438715] Allocated by task 283: [ 16.439127] kasan_save_stack+0x45/0x70 [ 16.439418] kasan_save_track+0x18/0x40 [ 16.439787] kasan_save_alloc_info+0x3b/0x50 [ 16.440006] __kasan_kmalloc+0xb7/0xc0 [ 16.440188] __kmalloc_cache_noprof+0x189/0x420 [ 16.440656] kasan_atomics+0x95/0x310 [ 16.440938] kunit_try_run_case+0x1a5/0x480 [ 16.441383] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.441923] kthread+0x337/0x6f0 [ 16.442221] ret_from_fork+0x116/0x1d0 [ 16.442652] ret_from_fork_asm+0x1a/0x30 [ 16.442976] [ 16.443201] The buggy address belongs to the object at ffff8881039b8c80 [ 16.443201] which belongs to the cache kmalloc-64 of size 64 [ 16.444099] The buggy address is located 0 bytes to the right of [ 16.444099] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 16.444783] [ 16.444884] The buggy address belongs to the physical page: [ 16.445110] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 16.445742] flags: 0x200000000000000(node=0|zone=2) [ 16.446025] page_type: f5(slab) [ 16.446326] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.446927] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.447392] page dumped because: kasan: bad access detected [ 16.447632] [ 16.447721] Memory state around the buggy address: [ 16.447928] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.448219] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.449090] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.449791] ^ [ 16.450034] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.450333] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.450614] ================================================================== [ 16.286452] ================================================================== [ 16.286799] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 16.287260] Write of size 8 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 16.287966] [ 16.288079] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.288119] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.288132] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.288153] Call Trace: [ 16.288175] <TASK> [ 16.288189] dump_stack_lvl+0x73/0xb0 [ 16.288221] print_report+0xd1/0x650 [ 16.288244] ? __virt_addr_valid+0x1db/0x2d0 [ 16.288267] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.288290] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.288314] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.288337] kasan_report+0x141/0x180 [ 16.288374] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.288402] kasan_check_range+0x10c/0x1c0 [ 16.288427] __kasan_check_write+0x18/0x20 [ 16.288448] kasan_atomics_helper+0x1eaa/0x5450 [ 16.288472] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.288496] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.288522] ? kasan_atomics+0x152/0x310 [ 16.288550] kasan_atomics+0x1dc/0x310 [ 16.288574] ? __pfx_kasan_atomics+0x10/0x10 [ 16.288600] ? __pfx_read_tsc+0x10/0x10 [ 16.288623] ? ktime_get_ts64+0x86/0x230 [ 16.288647] kunit_try_run_case+0x1a5/0x480 [ 16.288672] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.288697] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.288723] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.288748] ? __kthread_parkme+0x82/0x180 [ 16.288770] ? preempt_count_sub+0x50/0x80 [ 16.288794] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.288821] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.288846] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.288873] kthread+0x337/0x6f0 [ 16.288892] ? trace_preempt_on+0x20/0xc0 [ 16.288916] ? __pfx_kthread+0x10/0x10 [ 16.288938] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.288960] ? calculate_sigpending+0x7b/0xa0 [ 16.288986] ? __pfx_kthread+0x10/0x10 [ 16.289008] ret_from_fork+0x116/0x1d0 [ 16.289027] ? __pfx_kthread+0x10/0x10 [ 16.289048] ret_from_fork_asm+0x1a/0x30 [ 16.289080] </TASK> [ 16.289091] [ 16.302164] Allocated by task 283: [ 16.302545] kasan_save_stack+0x45/0x70 [ 16.303159] kasan_save_track+0x18/0x40 [ 16.303589] kasan_save_alloc_info+0x3b/0x50 [ 16.303806] __kasan_kmalloc+0xb7/0xc0 [ 16.303943] __kmalloc_cache_noprof+0x189/0x420 [ 16.304458] kasan_atomics+0x95/0x310 [ 16.304796] kunit_try_run_case+0x1a5/0x480 [ 16.305455] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.305938] kthread+0x337/0x6f0 [ 16.306072] ret_from_fork+0x116/0x1d0 [ 16.306208] ret_from_fork_asm+0x1a/0x30 [ 16.306370] [ 16.306740] The buggy address belongs to the object at ffff8881039b8c80 [ 16.306740] which belongs to the cache kmalloc-64 of size 64 [ 16.307853] The buggy address is located 0 bytes to the right of [ 16.307853] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 16.308855] [ 16.308935] The buggy address belongs to the physical page: [ 16.309109] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 16.309365] flags: 0x200000000000000(node=0|zone=2) [ 16.309582] page_type: f5(slab) [ 16.309749] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.310058] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.310450] page dumped because: kasan: bad access detected [ 16.310661] [ 16.310732] Memory state around the buggy address: [ 16.311034] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.311713] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.312362] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.313017] ^ [ 16.313507] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.314143] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.314803] ================================================================== [ 15.073177] ================================================================== [ 15.075013] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 15.076110] Read of size 4 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 15.077011] [ 15.077319] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.077387] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.077495] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.077521] Call Trace: [ 15.077534] <TASK> [ 15.077551] dump_stack_lvl+0x73/0xb0 [ 15.077584] print_report+0xd1/0x650 [ 15.077606] ? __virt_addr_valid+0x1db/0x2d0 [ 15.077630] ? kasan_atomics_helper+0x4bbc/0x5450 [ 15.077651] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.077674] ? kasan_atomics_helper+0x4bbc/0x5450 [ 15.077696] kasan_report+0x141/0x180 [ 15.077718] ? kasan_atomics_helper+0x4bbc/0x5450 [ 15.077745] __asan_report_load4_noabort+0x18/0x20 [ 15.077769] kasan_atomics_helper+0x4bbc/0x5450 [ 15.077792] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.077815] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.077840] ? kasan_atomics+0x152/0x310 [ 15.077866] kasan_atomics+0x1dc/0x310 [ 15.077889] ? __pfx_kasan_atomics+0x10/0x10 [ 15.077913] ? __pfx_read_tsc+0x10/0x10 [ 15.077934] ? ktime_get_ts64+0x86/0x230 [ 15.077959] kunit_try_run_case+0x1a5/0x480 [ 15.077983] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.078005] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.078031] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.078055] ? __kthread_parkme+0x82/0x180 [ 15.078076] ? preempt_count_sub+0x50/0x80 [ 15.078100] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.078126] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.078151] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.078178] kthread+0x337/0x6f0 [ 15.078197] ? trace_preempt_on+0x20/0xc0 [ 15.078220] ? __pfx_kthread+0x10/0x10 [ 15.078241] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.078263] ? calculate_sigpending+0x7b/0xa0 [ 15.078287] ? __pfx_kthread+0x10/0x10 [ 15.078309] ret_from_fork+0x116/0x1d0 [ 15.078327] ? __pfx_kthread+0x10/0x10 [ 15.078419] ret_from_fork_asm+0x1a/0x30 [ 15.078514] </TASK> [ 15.078527] [ 15.089516] Allocated by task 283: [ 15.089919] kasan_save_stack+0x45/0x70 [ 15.090230] kasan_save_track+0x18/0x40 [ 15.090658] kasan_save_alloc_info+0x3b/0x50 [ 15.090992] __kasan_kmalloc+0xb7/0xc0 [ 15.091252] __kmalloc_cache_noprof+0x189/0x420 [ 15.091674] kasan_atomics+0x95/0x310 [ 15.091865] kunit_try_run_case+0x1a5/0x480 [ 15.092196] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.092537] kthread+0x337/0x6f0 [ 15.092702] ret_from_fork+0x116/0x1d0 [ 15.092885] ret_from_fork_asm+0x1a/0x30 [ 15.093090] [ 15.093177] The buggy address belongs to the object at ffff8881039b8c80 [ 15.093177] which belongs to the cache kmalloc-64 of size 64 [ 15.094082] The buggy address is located 0 bytes to the right of [ 15.094082] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 15.094961] [ 15.095068] The buggy address belongs to the physical page: [ 15.095499] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.095977] flags: 0x200000000000000(node=0|zone=2) [ 15.096307] page_type: f5(slab) [ 15.096723] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.097085] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.097596] page dumped because: kasan: bad access detected [ 15.097934] [ 15.098036] Memory state around the buggy address: [ 15.098447] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.098882] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.099271] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.100005] ^ [ 15.100242] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.100785] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.101097] ================================================================== [ 15.440958] ================================================================== [ 15.441296] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 15.441742] Write of size 4 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 15.442055] [ 15.442146] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.442188] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.442200] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.442220] Call Trace: [ 15.442233] <TASK> [ 15.442246] dump_stack_lvl+0x73/0xb0 [ 15.442275] print_report+0xd1/0x650 [ 15.442298] ? __virt_addr_valid+0x1db/0x2d0 [ 15.442321] ? kasan_atomics_helper+0x992/0x5450 [ 15.442418] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.442462] ? kasan_atomics_helper+0x992/0x5450 [ 15.442485] kasan_report+0x141/0x180 [ 15.442508] ? kasan_atomics_helper+0x992/0x5450 [ 15.442536] kasan_check_range+0x10c/0x1c0 [ 15.442561] __kasan_check_write+0x18/0x20 [ 15.442582] kasan_atomics_helper+0x992/0x5450 [ 15.442607] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.442631] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.442656] ? kasan_atomics+0x152/0x310 [ 15.442683] kasan_atomics+0x1dc/0x310 [ 15.442706] ? __pfx_kasan_atomics+0x10/0x10 [ 15.442731] ? __pfx_read_tsc+0x10/0x10 [ 15.442753] ? ktime_get_ts64+0x86/0x230 [ 15.442777] kunit_try_run_case+0x1a5/0x480 [ 15.442802] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.442826] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.442852] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.442878] ? __kthread_parkme+0x82/0x180 [ 15.442899] ? preempt_count_sub+0x50/0x80 [ 15.442924] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.442949] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.442974] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.443001] kthread+0x337/0x6f0 [ 15.443021] ? trace_preempt_on+0x20/0xc0 [ 15.443045] ? __pfx_kthread+0x10/0x10 [ 15.443067] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.443090] ? calculate_sigpending+0x7b/0xa0 [ 15.443115] ? __pfx_kthread+0x10/0x10 [ 15.443137] ret_from_fork+0x116/0x1d0 [ 15.443156] ? __pfx_kthread+0x10/0x10 [ 15.443178] ret_from_fork_asm+0x1a/0x30 [ 15.443209] </TASK> [ 15.443220] [ 15.451166] Allocated by task 283: [ 15.451509] kasan_save_stack+0x45/0x70 [ 15.451696] kasan_save_track+0x18/0x40 [ 15.451872] kasan_save_alloc_info+0x3b/0x50 [ 15.452083] __kasan_kmalloc+0xb7/0xc0 [ 15.452278] __kmalloc_cache_noprof+0x189/0x420 [ 15.452519] kasan_atomics+0x95/0x310 [ 15.452680] kunit_try_run_case+0x1a5/0x480 [ 15.452829] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.453007] kthread+0x337/0x6f0 [ 15.453159] ret_from_fork+0x116/0x1d0 [ 15.453435] ret_from_fork_asm+0x1a/0x30 [ 15.453645] [ 15.453743] The buggy address belongs to the object at ffff8881039b8c80 [ 15.453743] which belongs to the cache kmalloc-64 of size 64 [ 15.454270] The buggy address is located 0 bytes to the right of [ 15.454270] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 15.454866] [ 15.454957] The buggy address belongs to the physical page: [ 15.455188] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.455546] flags: 0x200000000000000(node=0|zone=2) [ 15.455726] page_type: f5(slab) [ 15.455909] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.456224] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.456608] page dumped because: kasan: bad access detected [ 15.456853] [ 15.456943] Memory state around the buggy address: [ 15.457115] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.457566] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.457881] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.458196] ^ [ 15.458518] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.458846] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.459135] ================================================================== [ 16.181432] ================================================================== [ 16.181714] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 16.182471] Write of size 8 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 16.182988] [ 16.183182] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.183230] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.183245] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.183265] Call Trace: [ 16.183279] <TASK> [ 16.183295] dump_stack_lvl+0x73/0xb0 [ 16.183327] print_report+0xd1/0x650 [ 16.183364] ? __virt_addr_valid+0x1db/0x2d0 [ 16.183388] ? kasan_atomics_helper+0x1c18/0x5450 [ 16.183411] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.183437] ? kasan_atomics_helper+0x1c18/0x5450 [ 16.183461] kasan_report+0x141/0x180 [ 16.183484] ? kasan_atomics_helper+0x1c18/0x5450 [ 16.183512] kasan_check_range+0x10c/0x1c0 [ 16.183536] __kasan_check_write+0x18/0x20 [ 16.183556] kasan_atomics_helper+0x1c18/0x5450 [ 16.183580] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.183605] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.183632] ? kasan_atomics+0x152/0x310 [ 16.183660] kasan_atomics+0x1dc/0x310 [ 16.183683] ? __pfx_kasan_atomics+0x10/0x10 [ 16.183709] ? __pfx_read_tsc+0x10/0x10 [ 16.183731] ? ktime_get_ts64+0x86/0x230 [ 16.183755] kunit_try_run_case+0x1a5/0x480 [ 16.183781] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.183805] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.183830] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.183856] ? __kthread_parkme+0x82/0x180 [ 16.183877] ? preempt_count_sub+0x50/0x80 [ 16.183902] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.183928] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.183953] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.183979] kthread+0x337/0x6f0 [ 16.183999] ? trace_preempt_on+0x20/0xc0 [ 16.184023] ? __pfx_kthread+0x10/0x10 [ 16.184044] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.184067] ? calculate_sigpending+0x7b/0xa0 [ 16.184091] ? __pfx_kthread+0x10/0x10 [ 16.184113] ret_from_fork+0x116/0x1d0 [ 16.184132] ? __pfx_kthread+0x10/0x10 [ 16.184154] ret_from_fork_asm+0x1a/0x30 [ 16.184192] </TASK> [ 16.184204] [ 16.192019] Allocated by task 283: [ 16.192210] kasan_save_stack+0x45/0x70 [ 16.192404] kasan_save_track+0x18/0x40 [ 16.192611] kasan_save_alloc_info+0x3b/0x50 [ 16.192856] __kasan_kmalloc+0xb7/0xc0 [ 16.193040] __kmalloc_cache_noprof+0x189/0x420 [ 16.193309] kasan_atomics+0x95/0x310 [ 16.193511] kunit_try_run_case+0x1a5/0x480 [ 16.193729] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.193909] kthread+0x337/0x6f0 [ 16.194203] ret_from_fork+0x116/0x1d0 [ 16.194402] ret_from_fork_asm+0x1a/0x30 [ 16.194638] [ 16.194734] The buggy address belongs to the object at ffff8881039b8c80 [ 16.194734] which belongs to the cache kmalloc-64 of size 64 [ 16.195293] The buggy address is located 0 bytes to the right of [ 16.195293] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 16.195878] [ 16.195978] The buggy address belongs to the physical page: [ 16.196259] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 16.196611] flags: 0x200000000000000(node=0|zone=2) [ 16.196841] page_type: f5(slab) [ 16.196985] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.197254] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.197481] page dumped because: kasan: bad access detected [ 16.197648] [ 16.197717] Memory state around the buggy address: [ 16.198153] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.198572] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.198937] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.199259] ^ [ 16.199534] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.199826] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.200115] ================================================================== [ 15.602153] ================================================================== [ 15.602407] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 15.603058] Write of size 4 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 15.603720] [ 15.603896] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.603938] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.603950] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.603971] Call Trace: [ 15.603986] <TASK> [ 15.604001] dump_stack_lvl+0x73/0xb0 [ 15.604031] print_report+0xd1/0x650 [ 15.604066] ? __virt_addr_valid+0x1db/0x2d0 [ 15.604090] ? kasan_atomics_helper+0xe78/0x5450 [ 15.604112] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.604157] ? kasan_atomics_helper+0xe78/0x5450 [ 15.604185] kasan_report+0x141/0x180 [ 15.604219] ? kasan_atomics_helper+0xe78/0x5450 [ 15.604247] kasan_check_range+0x10c/0x1c0 [ 15.604272] __kasan_check_write+0x18/0x20 [ 15.604292] kasan_atomics_helper+0xe78/0x5450 [ 15.604316] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.604368] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.604414] ? kasan_atomics+0x152/0x310 [ 15.604442] kasan_atomics+0x1dc/0x310 [ 15.604466] ? __pfx_kasan_atomics+0x10/0x10 [ 15.604492] ? __pfx_read_tsc+0x10/0x10 [ 15.604515] ? ktime_get_ts64+0x86/0x230 [ 15.604539] kunit_try_run_case+0x1a5/0x480 [ 15.604565] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.604589] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.604616] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.604642] ? __kthread_parkme+0x82/0x180 [ 15.604664] ? preempt_count_sub+0x50/0x80 [ 15.604688] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.604714] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.604739] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.604766] kthread+0x337/0x6f0 [ 15.604786] ? trace_preempt_on+0x20/0xc0 [ 15.604811] ? __pfx_kthread+0x10/0x10 [ 15.604832] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.604856] ? calculate_sigpending+0x7b/0xa0 [ 15.604880] ? __pfx_kthread+0x10/0x10 [ 15.604903] ret_from_fork+0x116/0x1d0 [ 15.604922] ? __pfx_kthread+0x10/0x10 [ 15.604944] ret_from_fork_asm+0x1a/0x30 [ 15.604975] </TASK> [ 15.604987] [ 15.621765] Allocated by task 283: [ 15.622187] kasan_save_stack+0x45/0x70 [ 15.622901] kasan_save_track+0x18/0x40 [ 15.623573] kasan_save_alloc_info+0x3b/0x50 [ 15.624135] __kasan_kmalloc+0xb7/0xc0 [ 15.624922] __kmalloc_cache_noprof+0x189/0x420 [ 15.625123] kasan_atomics+0x95/0x310 [ 15.625264] kunit_try_run_case+0x1a5/0x480 [ 15.625732] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.626450] kthread+0x337/0x6f0 [ 15.626889] ret_from_fork+0x116/0x1d0 [ 15.627371] ret_from_fork_asm+0x1a/0x30 [ 15.627721] [ 15.627803] The buggy address belongs to the object at ffff8881039b8c80 [ 15.627803] which belongs to the cache kmalloc-64 of size 64 [ 15.628172] The buggy address is located 0 bytes to the right of [ 15.628172] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 15.629516] [ 15.629876] The buggy address belongs to the physical page: [ 15.630478] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.631332] flags: 0x200000000000000(node=0|zone=2) [ 15.632039] page_type: f5(slab) [ 15.632505] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.633039] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.633277] page dumped because: kasan: bad access detected [ 15.634015] [ 15.634385] Memory state around the buggy address: [ 15.634882] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.635754] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.636298] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.637293] ^ [ 15.638027] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.638688] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.639164] ================================================================== [ 15.670171] ================================================================== [ 15.670878] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 15.671216] Write of size 4 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 15.671641] [ 15.671778] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.671822] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.671834] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.671855] Call Trace: [ 15.671868] <TASK> [ 15.671884] dump_stack_lvl+0x73/0xb0 [ 15.671914] print_report+0xd1/0x650 [ 15.671937] ? __virt_addr_valid+0x1db/0x2d0 [ 15.671961] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.671995] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.672020] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.672042] kasan_report+0x141/0x180 [ 15.672077] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.672105] kasan_check_range+0x10c/0x1c0 [ 15.672131] __kasan_check_write+0x18/0x20 [ 15.672153] kasan_atomics_helper+0xfa9/0x5450 [ 15.672191] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.672215] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.672251] ? kasan_atomics+0x152/0x310 [ 15.672279] kasan_atomics+0x1dc/0x310 [ 15.672302] ? __pfx_kasan_atomics+0x10/0x10 [ 15.672339] ? __pfx_read_tsc+0x10/0x10 [ 15.672371] ? ktime_get_ts64+0x86/0x230 [ 15.672397] kunit_try_run_case+0x1a5/0x480 [ 15.672433] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.672457] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.672491] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.672517] ? __kthread_parkme+0x82/0x180 [ 15.672539] ? preempt_count_sub+0x50/0x80 [ 15.672575] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.672601] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.672627] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.672655] kthread+0x337/0x6f0 [ 15.672675] ? trace_preempt_on+0x20/0xc0 [ 15.672700] ? __pfx_kthread+0x10/0x10 [ 15.672722] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.672745] ? calculate_sigpending+0x7b/0xa0 [ 15.672770] ? __pfx_kthread+0x10/0x10 [ 15.672792] ret_from_fork+0x116/0x1d0 [ 15.672812] ? __pfx_kthread+0x10/0x10 [ 15.672834] ret_from_fork_asm+0x1a/0x30 [ 15.672865] </TASK> [ 15.672877] [ 15.680884] Allocated by task 283: [ 15.681014] kasan_save_stack+0x45/0x70 [ 15.681247] kasan_save_track+0x18/0x40 [ 15.681457] kasan_save_alloc_info+0x3b/0x50 [ 15.681669] __kasan_kmalloc+0xb7/0xc0 [ 15.681857] __kmalloc_cache_noprof+0x189/0x420 [ 15.682080] kasan_atomics+0x95/0x310 [ 15.682443] kunit_try_run_case+0x1a5/0x480 [ 15.682599] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.682780] kthread+0x337/0x6f0 [ 15.682902] ret_from_fork+0x116/0x1d0 [ 15.683040] ret_from_fork_asm+0x1a/0x30 [ 15.683240] [ 15.683334] The buggy address belongs to the object at ffff8881039b8c80 [ 15.683334] which belongs to the cache kmalloc-64 of size 64 [ 15.683878] The buggy address is located 0 bytes to the right of [ 15.683878] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 15.684291] [ 15.684374] The buggy address belongs to the physical page: [ 15.684799] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.685182] flags: 0x200000000000000(node=0|zone=2) [ 15.685503] page_type: f5(slab) [ 15.685690] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.685956] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.686224] page dumped because: kasan: bad access detected [ 15.686536] [ 15.686633] Memory state around the buggy address: [ 15.686883] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.687192] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.687420] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.687686] ^ [ 15.687908] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.688357] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.688668] ================================================================== [ 16.072531] ================================================================== [ 16.073080] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 16.073324] Write of size 8 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 16.074405] [ 16.074719] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.074766] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.074779] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.074801] Call Trace: [ 16.074816] <TASK> [ 16.074841] dump_stack_lvl+0x73/0xb0 [ 16.074873] print_report+0xd1/0x650 [ 16.074897] ? __virt_addr_valid+0x1db/0x2d0 [ 16.074922] ? kasan_atomics_helper+0x18b1/0x5450 [ 16.074945] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.074969] ? kasan_atomics_helper+0x18b1/0x5450 [ 16.074992] kasan_report+0x141/0x180 [ 16.075015] ? kasan_atomics_helper+0x18b1/0x5450 [ 16.075042] kasan_check_range+0x10c/0x1c0 [ 16.075067] __kasan_check_write+0x18/0x20 [ 16.075088] kasan_atomics_helper+0x18b1/0x5450 [ 16.075111] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.075135] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.075162] ? kasan_atomics+0x152/0x310 [ 16.075189] kasan_atomics+0x1dc/0x310 [ 16.075212] ? __pfx_kasan_atomics+0x10/0x10 [ 16.075237] ? __pfx_read_tsc+0x10/0x10 [ 16.075259] ? ktime_get_ts64+0x86/0x230 [ 16.075284] kunit_try_run_case+0x1a5/0x480 [ 16.075310] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.075335] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.075369] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.075395] ? __kthread_parkme+0x82/0x180 [ 16.075448] ? preempt_count_sub+0x50/0x80 [ 16.075473] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.075499] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.075525] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.075552] kthread+0x337/0x6f0 [ 16.075572] ? trace_preempt_on+0x20/0xc0 [ 16.075597] ? __pfx_kthread+0x10/0x10 [ 16.075619] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.075641] ? calculate_sigpending+0x7b/0xa0 [ 16.075666] ? __pfx_kthread+0x10/0x10 [ 16.075689] ret_from_fork+0x116/0x1d0 [ 16.075708] ? __pfx_kthread+0x10/0x10 [ 16.075730] ret_from_fork_asm+0x1a/0x30 [ 16.075762] </TASK> [ 16.075774] [ 16.089939] Allocated by task 283: [ 16.090075] kasan_save_stack+0x45/0x70 [ 16.090224] kasan_save_track+0x18/0x40 [ 16.090377] kasan_save_alloc_info+0x3b/0x50 [ 16.090557] __kasan_kmalloc+0xb7/0xc0 [ 16.090690] __kmalloc_cache_noprof+0x189/0x420 [ 16.091012] kasan_atomics+0x95/0x310 [ 16.091232] kunit_try_run_case+0x1a5/0x480 [ 16.091391] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.091668] kthread+0x337/0x6f0 [ 16.091839] ret_from_fork+0x116/0x1d0 [ 16.092002] ret_from_fork_asm+0x1a/0x30 [ 16.092175] [ 16.092270] The buggy address belongs to the object at ffff8881039b8c80 [ 16.092270] which belongs to the cache kmalloc-64 of size 64 [ 16.092785] The buggy address is located 0 bytes to the right of [ 16.092785] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 16.093300] [ 16.093397] The buggy address belongs to the physical page: [ 16.093774] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 16.094023] flags: 0x200000000000000(node=0|zone=2) [ 16.094250] page_type: f5(slab) [ 16.094414] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.094732] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.094972] page dumped because: kasan: bad access detected [ 16.095221] [ 16.095313] Memory state around the buggy address: [ 16.095553] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.096028] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.096332] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.096674] ^ [ 16.096894] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.097171] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.097444] ================================================================== [ 15.966545] ================================================================== [ 15.966829] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 15.967138] Write of size 8 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 15.967672] [ 15.967760] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.967801] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.967847] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.967867] Call Trace: [ 15.967884] <TASK> [ 15.967899] dump_stack_lvl+0x73/0xb0 [ 15.967969] print_report+0xd1/0x650 [ 15.967993] ? __virt_addr_valid+0x1db/0x2d0 [ 15.968026] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.968050] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.968073] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.968097] kasan_report+0x141/0x180 [ 15.968120] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.968147] kasan_check_range+0x10c/0x1c0 [ 15.968175] __kasan_check_write+0x18/0x20 [ 15.968196] kasan_atomics_helper+0x15b6/0x5450 [ 15.968220] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.968244] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.968270] ? kasan_atomics+0x152/0x310 [ 15.968297] kasan_atomics+0x1dc/0x310 [ 15.968321] ? __pfx_kasan_atomics+0x10/0x10 [ 15.968357] ? __pfx_read_tsc+0x10/0x10 [ 15.968379] ? ktime_get_ts64+0x86/0x230 [ 15.968403] kunit_try_run_case+0x1a5/0x480 [ 15.968437] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.968461] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.968486] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.968512] ? __kthread_parkme+0x82/0x180 [ 15.968533] ? preempt_count_sub+0x50/0x80 [ 15.968558] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.968583] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.968609] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.968636] kthread+0x337/0x6f0 [ 15.968656] ? trace_preempt_on+0x20/0xc0 [ 15.968679] ? __pfx_kthread+0x10/0x10 [ 15.968701] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.968724] ? calculate_sigpending+0x7b/0xa0 [ 15.968748] ? __pfx_kthread+0x10/0x10 [ 15.968771] ret_from_fork+0x116/0x1d0 [ 15.968790] ? __pfx_kthread+0x10/0x10 [ 15.968811] ret_from_fork_asm+0x1a/0x30 [ 15.968843] </TASK> [ 15.968855] [ 15.977383] Allocated by task 283: [ 15.977562] kasan_save_stack+0x45/0x70 [ 15.977709] kasan_save_track+0x18/0x40 [ 15.977847] kasan_save_alloc_info+0x3b/0x50 [ 15.978045] __kasan_kmalloc+0xb7/0xc0 [ 15.978276] __kmalloc_cache_noprof+0x189/0x420 [ 15.978532] kasan_atomics+0x95/0x310 [ 15.978726] kunit_try_run_case+0x1a5/0x480 [ 15.979020] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.979335] kthread+0x337/0x6f0 [ 15.979615] ret_from_fork+0x116/0x1d0 [ 15.979811] ret_from_fork_asm+0x1a/0x30 [ 15.980017] [ 15.980092] The buggy address belongs to the object at ffff8881039b8c80 [ 15.980092] which belongs to the cache kmalloc-64 of size 64 [ 15.980591] The buggy address is located 0 bytes to the right of [ 15.980591] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 15.981194] [ 15.981295] The buggy address belongs to the physical page: [ 15.981535] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.981949] flags: 0x200000000000000(node=0|zone=2) [ 15.982218] page_type: f5(slab) [ 15.982355] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.982588] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.982943] page dumped because: kasan: bad access detected [ 15.983243] [ 15.983337] Memory state around the buggy address: [ 15.983570] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.983912] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.984221] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.984610] ^ [ 15.984839] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.985089] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.985492] ================================================================== [ 15.129508] ================================================================== [ 15.129820] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 15.130150] Read of size 4 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 15.131178] [ 15.131736] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.131782] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.131794] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.131814] Call Trace: [ 15.131825] <TASK> [ 15.131840] dump_stack_lvl+0x73/0xb0 [ 15.131871] print_report+0xd1/0x650 [ 15.131893] ? __virt_addr_valid+0x1db/0x2d0 [ 15.131915] ? kasan_atomics_helper+0x4b88/0x5450 [ 15.131937] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.131960] ? kasan_atomics_helper+0x4b88/0x5450 [ 15.131983] kasan_report+0x141/0x180 [ 15.132006] ? kasan_atomics_helper+0x4b88/0x5450 [ 15.132032] __asan_report_load4_noabort+0x18/0x20 [ 15.132056] kasan_atomics_helper+0x4b88/0x5450 [ 15.132080] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.132102] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.132128] ? kasan_atomics+0x152/0x310 [ 15.132154] kasan_atomics+0x1dc/0x310 [ 15.132183] ? __pfx_kasan_atomics+0x10/0x10 [ 15.132208] ? __pfx_read_tsc+0x10/0x10 [ 15.132229] ? ktime_get_ts64+0x86/0x230 [ 15.132252] kunit_try_run_case+0x1a5/0x480 [ 15.132276] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.132299] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.132323] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.132412] ? __kthread_parkme+0x82/0x180 [ 15.132436] ? preempt_count_sub+0x50/0x80 [ 15.132460] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.132485] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.132510] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.132536] kthread+0x337/0x6f0 [ 15.132555] ? trace_preempt_on+0x20/0xc0 [ 15.132578] ? __pfx_kthread+0x10/0x10 [ 15.132598] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.132620] ? calculate_sigpending+0x7b/0xa0 [ 15.132644] ? __pfx_kthread+0x10/0x10 [ 15.132666] ret_from_fork+0x116/0x1d0 [ 15.132685] ? __pfx_kthread+0x10/0x10 [ 15.132705] ret_from_fork_asm+0x1a/0x30 [ 15.132736] </TASK> [ 15.132745] [ 15.143992] Allocated by task 283: [ 15.144315] kasan_save_stack+0x45/0x70 [ 15.144804] kasan_save_track+0x18/0x40 [ 15.145122] kasan_save_alloc_info+0x3b/0x50 [ 15.145321] __kasan_kmalloc+0xb7/0xc0 [ 15.145759] __kmalloc_cache_noprof+0x189/0x420 [ 15.146105] kasan_atomics+0x95/0x310 [ 15.146446] kunit_try_run_case+0x1a5/0x480 [ 15.146763] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.147117] kthread+0x337/0x6f0 [ 15.147438] ret_from_fork+0x116/0x1d0 [ 15.147768] ret_from_fork_asm+0x1a/0x30 [ 15.147971] [ 15.148084] The buggy address belongs to the object at ffff8881039b8c80 [ 15.148084] which belongs to the cache kmalloc-64 of size 64 [ 15.148793] The buggy address is located 0 bytes to the right of [ 15.148793] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 15.149305] [ 15.149416] The buggy address belongs to the physical page: [ 15.150009] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.150583] flags: 0x200000000000000(node=0|zone=2) [ 15.150919] page_type: f5(slab) [ 15.151055] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.151685] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.152079] page dumped because: kasan: bad access detected [ 15.152437] [ 15.152539] Memory state around the buggy address: [ 15.152736] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.153062] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.153387] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.153988] ^ [ 15.154313] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.154868] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.155232] ================================================================== [ 15.830664] ================================================================== [ 15.831058] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 15.831498] Write of size 4 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 15.831887] [ 15.832031] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.832073] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.832098] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.832118] Call Trace: [ 15.832170] <TASK> [ 15.832185] dump_stack_lvl+0x73/0xb0 [ 15.832228] print_report+0xd1/0x650 [ 15.832251] ? __virt_addr_valid+0x1db/0x2d0 [ 15.832276] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.832300] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.832324] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.832355] kasan_report+0x141/0x180 [ 15.832378] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.832426] kasan_check_range+0x10c/0x1c0 [ 15.832450] __kasan_check_write+0x18/0x20 [ 15.832471] kasan_atomics_helper+0x12e6/0x5450 [ 15.832495] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.832531] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.832567] ? kasan_atomics+0x152/0x310 [ 15.832595] kasan_atomics+0x1dc/0x310 [ 15.832619] ? __pfx_kasan_atomics+0x10/0x10 [ 15.832644] ? __pfx_read_tsc+0x10/0x10 [ 15.832700] ? ktime_get_ts64+0x86/0x230 [ 15.832725] kunit_try_run_case+0x1a5/0x480 [ 15.832762] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.832814] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.832839] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.832875] ? __kthread_parkme+0x82/0x180 [ 15.832896] ? preempt_count_sub+0x50/0x80 [ 15.832921] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.832946] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.832972] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.832998] kthread+0x337/0x6f0 [ 15.833018] ? trace_preempt_on+0x20/0xc0 [ 15.833042] ? __pfx_kthread+0x10/0x10 [ 15.833063] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.833086] ? calculate_sigpending+0x7b/0xa0 [ 15.833112] ? __pfx_kthread+0x10/0x10 [ 15.833134] ret_from_fork+0x116/0x1d0 [ 15.833153] ? __pfx_kthread+0x10/0x10 [ 15.833175] ret_from_fork_asm+0x1a/0x30 [ 15.833206] </TASK> [ 15.833217] [ 15.841161] Allocated by task 283: [ 15.841294] kasan_save_stack+0x45/0x70 [ 15.841592] kasan_save_track+0x18/0x40 [ 15.841790] kasan_save_alloc_info+0x3b/0x50 [ 15.842002] __kasan_kmalloc+0xb7/0xc0 [ 15.842176] __kmalloc_cache_noprof+0x189/0x420 [ 15.842401] kasan_atomics+0x95/0x310 [ 15.842607] kunit_try_run_case+0x1a5/0x480 [ 15.842759] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.843013] kthread+0x337/0x6f0 [ 15.843232] ret_from_fork+0x116/0x1d0 [ 15.843434] ret_from_fork_asm+0x1a/0x30 [ 15.843618] [ 15.843691] The buggy address belongs to the object at ffff8881039b8c80 [ 15.843691] which belongs to the cache kmalloc-64 of size 64 [ 15.844215] The buggy address is located 0 bytes to the right of [ 15.844215] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 15.844722] [ 15.844796] The buggy address belongs to the physical page: [ 15.844983] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.845404] flags: 0x200000000000000(node=0|zone=2) [ 15.845643] page_type: f5(slab) [ 15.845870] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.846363] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.846802] page dumped because: kasan: bad access detected [ 15.847080] [ 15.847168] Memory state around the buggy address: [ 15.847317] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.847538] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.847926] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.848264] ^ [ 15.848504] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.848889] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.849294] ================================================================== [ 15.459579] ================================================================== [ 15.459932] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 15.460277] Write of size 4 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 15.460715] [ 15.460826] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.460866] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.460879] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.460897] Call Trace: [ 15.460915] <TASK> [ 15.460931] dump_stack_lvl+0x73/0xb0 [ 15.460961] print_report+0xd1/0x650 [ 15.460983] ? __virt_addr_valid+0x1db/0x2d0 [ 15.461006] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.461028] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.461052] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.461075] kasan_report+0x141/0x180 [ 15.461098] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.461125] kasan_check_range+0x10c/0x1c0 [ 15.461149] __kasan_check_write+0x18/0x20 [ 15.461170] kasan_atomics_helper+0xa2b/0x5450 [ 15.461193] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.461218] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.461244] ? kasan_atomics+0x152/0x310 [ 15.461271] kasan_atomics+0x1dc/0x310 [ 15.461294] ? __pfx_kasan_atomics+0x10/0x10 [ 15.461320] ? __pfx_read_tsc+0x10/0x10 [ 15.461427] ? ktime_get_ts64+0x86/0x230 [ 15.461456] kunit_try_run_case+0x1a5/0x480 [ 15.461481] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.461505] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.461530] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.461555] ? __kthread_parkme+0x82/0x180 [ 15.461577] ? preempt_count_sub+0x50/0x80 [ 15.461601] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.461628] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.461653] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.461680] kthread+0x337/0x6f0 [ 15.461700] ? trace_preempt_on+0x20/0xc0 [ 15.461723] ? __pfx_kthread+0x10/0x10 [ 15.461745] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.461768] ? calculate_sigpending+0x7b/0xa0 [ 15.461793] ? __pfx_kthread+0x10/0x10 [ 15.461816] ret_from_fork+0x116/0x1d0 [ 15.461835] ? __pfx_kthread+0x10/0x10 [ 15.461857] ret_from_fork_asm+0x1a/0x30 [ 15.461888] </TASK> [ 15.461899] [ 15.469697] Allocated by task 283: [ 15.469881] kasan_save_stack+0x45/0x70 [ 15.470087] kasan_save_track+0x18/0x40 [ 15.470242] kasan_save_alloc_info+0x3b/0x50 [ 15.470618] __kasan_kmalloc+0xb7/0xc0 [ 15.470807] __kmalloc_cache_noprof+0x189/0x420 [ 15.471026] kasan_atomics+0x95/0x310 [ 15.471163] kunit_try_run_case+0x1a5/0x480 [ 15.471482] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.471749] kthread+0x337/0x6f0 [ 15.471901] ret_from_fork+0x116/0x1d0 [ 15.472038] ret_from_fork_asm+0x1a/0x30 [ 15.472242] [ 15.472417] The buggy address belongs to the object at ffff8881039b8c80 [ 15.472417] which belongs to the cache kmalloc-64 of size 64 [ 15.472906] The buggy address is located 0 bytes to the right of [ 15.472906] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 15.473479] [ 15.473561] The buggy address belongs to the physical page: [ 15.473760] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.474049] flags: 0x200000000000000(node=0|zone=2) [ 15.474212] page_type: f5(slab) [ 15.474403] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.474776] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.475116] page dumped because: kasan: bad access detected [ 15.475628] [ 15.475732] Memory state around the buggy address: [ 15.475963] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.476219] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.476542] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.476869] ^ [ 15.477094] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.477510] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.477832] ================================================================== [ 15.311316] ================================================================== [ 15.312112] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 15.312494] Write of size 4 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 15.312826] [ 15.312936] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.312977] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.312990] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.313058] Call Trace: [ 15.313076] <TASK> [ 15.313091] dump_stack_lvl+0x73/0xb0 [ 15.313122] print_report+0xd1/0x650 [ 15.313146] ? __virt_addr_valid+0x1db/0x2d0 [ 15.313171] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.313193] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.313232] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.313255] kasan_report+0x141/0x180 [ 15.313290] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.313318] kasan_check_range+0x10c/0x1c0 [ 15.313343] __kasan_check_write+0x18/0x20 [ 15.313418] kasan_atomics_helper+0x5fe/0x5450 [ 15.313454] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.313479] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.313517] ? kasan_atomics+0x152/0x310 [ 15.313545] kasan_atomics+0x1dc/0x310 [ 15.313569] ? __pfx_kasan_atomics+0x10/0x10 [ 15.313595] ? __pfx_read_tsc+0x10/0x10 [ 15.313627] ? ktime_get_ts64+0x86/0x230 [ 15.313652] kunit_try_run_case+0x1a5/0x480 [ 15.313680] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.313717] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.313744] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.313769] ? __kthread_parkme+0x82/0x180 [ 15.313799] ? preempt_count_sub+0x50/0x80 [ 15.313824] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.313849] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.313886] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.313914] kthread+0x337/0x6f0 [ 15.313934] ? trace_preempt_on+0x20/0xc0 [ 15.313959] ? __pfx_kthread+0x10/0x10 [ 15.313980] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.314012] ? calculate_sigpending+0x7b/0xa0 [ 15.314036] ? __pfx_kthread+0x10/0x10 [ 15.314059] ret_from_fork+0x116/0x1d0 [ 15.314088] ? __pfx_kthread+0x10/0x10 [ 15.314110] ret_from_fork_asm+0x1a/0x30 [ 15.314143] </TASK> [ 15.314163] [ 15.325339] Allocated by task 283: [ 15.325574] kasan_save_stack+0x45/0x70 [ 15.325914] kasan_save_track+0x18/0x40 [ 15.326218] kasan_save_alloc_info+0x3b/0x50 [ 15.326734] __kasan_kmalloc+0xb7/0xc0 [ 15.326940] __kmalloc_cache_noprof+0x189/0x420 [ 15.327276] kasan_atomics+0x95/0x310 [ 15.327586] kunit_try_run_case+0x1a5/0x480 [ 15.327898] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.328242] kthread+0x337/0x6f0 [ 15.328569] ret_from_fork+0x116/0x1d0 [ 15.328750] ret_from_fork_asm+0x1a/0x30 [ 15.328953] [ 15.329037] The buggy address belongs to the object at ffff8881039b8c80 [ 15.329037] which belongs to the cache kmalloc-64 of size 64 [ 15.329900] The buggy address is located 0 bytes to the right of [ 15.329900] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 15.330616] [ 15.330943] The buggy address belongs to the physical page: [ 15.331189] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.331884] flags: 0x200000000000000(node=0|zone=2) [ 15.332144] page_type: f5(slab) [ 15.332283] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.332929] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.333305] page dumped because: kasan: bad access detected [ 15.333830] [ 15.333928] Memory state around the buggy address: [ 15.334090] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.334717] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.334988] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.335303] ^ [ 15.335902] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.336129] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.336364] ================================================================== [ 15.360467] ================================================================== [ 15.360772] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 15.361057] Write of size 4 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 15.361360] [ 15.361471] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.361511] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.361524] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.361544] Call Trace: [ 15.361557] <TASK> [ 15.361724] dump_stack_lvl+0x73/0xb0 [ 15.361760] print_report+0xd1/0x650 [ 15.361784] ? __virt_addr_valid+0x1db/0x2d0 [ 15.361807] ? kasan_atomics_helper+0x72f/0x5450 [ 15.361830] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.361855] ? kasan_atomics_helper+0x72f/0x5450 [ 15.361879] kasan_report+0x141/0x180 [ 15.361902] ? kasan_atomics_helper+0x72f/0x5450 [ 15.361930] kasan_check_range+0x10c/0x1c0 [ 15.361956] __kasan_check_write+0x18/0x20 [ 15.361978] kasan_atomics_helper+0x72f/0x5450 [ 15.362003] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.362028] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.362054] ? kasan_atomics+0x152/0x310 [ 15.362083] kasan_atomics+0x1dc/0x310 [ 15.362107] ? __pfx_kasan_atomics+0x10/0x10 [ 15.362133] ? __pfx_read_tsc+0x10/0x10 [ 15.362156] ? ktime_get_ts64+0x86/0x230 [ 15.362180] kunit_try_run_case+0x1a5/0x480 [ 15.362205] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.362230] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.362255] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.362280] ? __kthread_parkme+0x82/0x180 [ 15.362301] ? preempt_count_sub+0x50/0x80 [ 15.362325] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.362365] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.362392] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.362417] kthread+0x337/0x6f0 [ 15.362437] ? trace_preempt_on+0x20/0xc0 [ 15.362461] ? __pfx_kthread+0x10/0x10 [ 15.362484] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.362506] ? calculate_sigpending+0x7b/0xa0 [ 15.362532] ? __pfx_kthread+0x10/0x10 [ 15.362553] ret_from_fork+0x116/0x1d0 [ 15.362573] ? __pfx_kthread+0x10/0x10 [ 15.362594] ret_from_fork_asm+0x1a/0x30 [ 15.362636] </TASK> [ 15.362694] [ 15.370547] Allocated by task 283: [ 15.370736] kasan_save_stack+0x45/0x70 [ 15.370930] kasan_save_track+0x18/0x40 [ 15.371113] kasan_save_alloc_info+0x3b/0x50 [ 15.371298] __kasan_kmalloc+0xb7/0xc0 [ 15.371448] __kmalloc_cache_noprof+0x189/0x420 [ 15.371609] kasan_atomics+0x95/0x310 [ 15.371806] kunit_try_run_case+0x1a5/0x480 [ 15.372176] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.372528] kthread+0x337/0x6f0 [ 15.372793] ret_from_fork+0x116/0x1d0 [ 15.372933] ret_from_fork_asm+0x1a/0x30 [ 15.373073] [ 15.373170] The buggy address belongs to the object at ffff8881039b8c80 [ 15.373170] which belongs to the cache kmalloc-64 of size 64 [ 15.374216] The buggy address is located 0 bytes to the right of [ 15.374216] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 15.374733] [ 15.374808] The buggy address belongs to the physical page: [ 15.375054] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.375407] flags: 0x200000000000000(node=0|zone=2) [ 15.375571] page_type: f5(slab) [ 15.375697] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.375933] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.376333] page dumped because: kasan: bad access detected [ 15.376660] [ 15.376755] Memory state around the buggy address: [ 15.376938] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.377155] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.377471] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.378175] ^ [ 15.378529] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.378819] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.379086] ================================================================== [ 15.400404] ================================================================== [ 15.401282] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 15.401929] Write of size 4 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 15.402253] [ 15.402669] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.402718] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.402741] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.402763] Call Trace: [ 15.402779] <TASK> [ 15.402795] dump_stack_lvl+0x73/0xb0 [ 15.402829] print_report+0xd1/0x650 [ 15.402852] ? __virt_addr_valid+0x1db/0x2d0 [ 15.402877] ? kasan_atomics_helper+0x860/0x5450 [ 15.402899] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.402924] ? kasan_atomics_helper+0x860/0x5450 [ 15.402947] kasan_report+0x141/0x180 [ 15.402971] ? kasan_atomics_helper+0x860/0x5450 [ 15.402999] kasan_check_range+0x10c/0x1c0 [ 15.403024] __kasan_check_write+0x18/0x20 [ 15.403046] kasan_atomics_helper+0x860/0x5450 [ 15.403070] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.403094] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.403122] ? kasan_atomics+0x152/0x310 [ 15.403149] kasan_atomics+0x1dc/0x310 [ 15.403172] ? __pfx_kasan_atomics+0x10/0x10 [ 15.403198] ? __pfx_read_tsc+0x10/0x10 [ 15.403221] ? ktime_get_ts64+0x86/0x230 [ 15.403245] kunit_try_run_case+0x1a5/0x480 [ 15.403270] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.403295] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.403321] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.403627] ? __kthread_parkme+0x82/0x180 [ 15.403660] ? preempt_count_sub+0x50/0x80 [ 15.403687] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.403713] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.403741] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.403767] kthread+0x337/0x6f0 [ 15.403787] ? trace_preempt_on+0x20/0xc0 [ 15.403813] ? __pfx_kthread+0x10/0x10 [ 15.403835] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.403858] ? calculate_sigpending+0x7b/0xa0 [ 15.403884] ? __pfx_kthread+0x10/0x10 [ 15.403906] ret_from_fork+0x116/0x1d0 [ 15.403925] ? __pfx_kthread+0x10/0x10 [ 15.403947] ret_from_fork_asm+0x1a/0x30 [ 15.403978] </TASK> [ 15.403989] [ 15.412708] Allocated by task 283: [ 15.413113] kasan_save_stack+0x45/0x70 [ 15.413338] kasan_save_track+0x18/0x40 [ 15.413585] kasan_save_alloc_info+0x3b/0x50 [ 15.413821] __kasan_kmalloc+0xb7/0xc0 [ 15.413970] __kmalloc_cache_noprof+0x189/0x420 [ 15.414128] kasan_atomics+0x95/0x310 [ 15.414319] kunit_try_run_case+0x1a5/0x480 [ 15.414600] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.414882] kthread+0x337/0x6f0 [ 15.415043] ret_from_fork+0x116/0x1d0 [ 15.415233] ret_from_fork_asm+0x1a/0x30 [ 15.415541] [ 15.415620] The buggy address belongs to the object at ffff8881039b8c80 [ 15.415620] which belongs to the cache kmalloc-64 of size 64 [ 15.416133] The buggy address is located 0 bytes to the right of [ 15.416133] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 15.416735] [ 15.416841] The buggy address belongs to the physical page: [ 15.417089] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.417481] flags: 0x200000000000000(node=0|zone=2) [ 15.417644] page_type: f5(slab) [ 15.417761] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.418069] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.418561] page dumped because: kasan: bad access detected [ 15.418843] [ 15.418957] Memory state around the buggy address: [ 15.419176] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.419612] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.419942] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.420262] ^ [ 15.420498] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.420821] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.421035] ================================================================== [ 15.422064] ================================================================== [ 15.422633] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 15.422988] Write of size 4 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 15.423293] [ 15.423482] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.423527] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.423540] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.423560] Call Trace: [ 15.423573] <TASK> [ 15.423587] dump_stack_lvl+0x73/0xb0 [ 15.423617] print_report+0xd1/0x650 [ 15.423640] ? __virt_addr_valid+0x1db/0x2d0 [ 15.423664] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.423686] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.423710] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.423732] kasan_report+0x141/0x180 [ 15.423755] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.423783] kasan_check_range+0x10c/0x1c0 [ 15.423807] __kasan_check_write+0x18/0x20 [ 15.423828] kasan_atomics_helper+0x8f9/0x5450 [ 15.423852] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.423876] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.423903] ? kasan_atomics+0x152/0x310 [ 15.423930] kasan_atomics+0x1dc/0x310 [ 15.423954] ? __pfx_kasan_atomics+0x10/0x10 [ 15.423980] ? __pfx_read_tsc+0x10/0x10 [ 15.424002] ? ktime_get_ts64+0x86/0x230 [ 15.424027] kunit_try_run_case+0x1a5/0x480 [ 15.424052] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.424076] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.424101] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.424127] ? __kthread_parkme+0x82/0x180 [ 15.424149] ? preempt_count_sub+0x50/0x80 [ 15.424182] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.424208] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.424234] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.424261] kthread+0x337/0x6f0 [ 15.424281] ? trace_preempt_on+0x20/0xc0 [ 15.424305] ? __pfx_kthread+0x10/0x10 [ 15.424327] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.424374] ? calculate_sigpending+0x7b/0xa0 [ 15.424400] ? __pfx_kthread+0x10/0x10 [ 15.424464] ret_from_fork+0x116/0x1d0 [ 15.424486] ? __pfx_kthread+0x10/0x10 [ 15.424508] ret_from_fork_asm+0x1a/0x30 [ 15.424539] </TASK> [ 15.424551] [ 15.432519] Allocated by task 283: [ 15.432700] kasan_save_stack+0x45/0x70 [ 15.432849] kasan_save_track+0x18/0x40 [ 15.432987] kasan_save_alloc_info+0x3b/0x50 [ 15.433155] __kasan_kmalloc+0xb7/0xc0 [ 15.433318] __kmalloc_cache_noprof+0x189/0x420 [ 15.433710] kasan_atomics+0x95/0x310 [ 15.433884] kunit_try_run_case+0x1a5/0x480 [ 15.434096] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.434318] kthread+0x337/0x6f0 [ 15.434583] ret_from_fork+0x116/0x1d0 [ 15.434753] ret_from_fork_asm+0x1a/0x30 [ 15.434933] [ 15.435023] The buggy address belongs to the object at ffff8881039b8c80 [ 15.435023] which belongs to the cache kmalloc-64 of size 64 [ 15.435503] The buggy address is located 0 bytes to the right of [ 15.435503] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 15.436007] [ 15.436103] The buggy address belongs to the physical page: [ 15.436454] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.436812] flags: 0x200000000000000(node=0|zone=2) [ 15.437046] page_type: f5(slab) [ 15.437216] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.437595] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.437937] page dumped because: kasan: bad access detected [ 15.438167] [ 15.438263] Memory state around the buggy address: [ 15.438677] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.438974] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.439262] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.439613] ^ [ 15.439775] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.440106] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.440520] ================================================================== [ 15.557497] ================================================================== [ 15.557737] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 15.558062] Write of size 4 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 15.558562] [ 15.558680] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.558721] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.558733] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.558754] Call Trace: [ 15.558767] <TASK> [ 15.558781] dump_stack_lvl+0x73/0xb0 [ 15.558811] print_report+0xd1/0x650 [ 15.558835] ? __virt_addr_valid+0x1db/0x2d0 [ 15.558858] ? kasan_atomics_helper+0xd47/0x5450 [ 15.558880] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.558905] ? kasan_atomics_helper+0xd47/0x5450 [ 15.558929] kasan_report+0x141/0x180 [ 15.558952] ? kasan_atomics_helper+0xd47/0x5450 [ 15.558979] kasan_check_range+0x10c/0x1c0 [ 15.559004] __kasan_check_write+0x18/0x20 [ 15.559025] kasan_atomics_helper+0xd47/0x5450 [ 15.559049] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.559074] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.559101] ? kasan_atomics+0x152/0x310 [ 15.559128] kasan_atomics+0x1dc/0x310 [ 15.559152] ? __pfx_kasan_atomics+0x10/0x10 [ 15.559177] ? __pfx_read_tsc+0x10/0x10 [ 15.559199] ? ktime_get_ts64+0x86/0x230 [ 15.559224] kunit_try_run_case+0x1a5/0x480 [ 15.559249] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.559274] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.559300] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.559325] ? __kthread_parkme+0x82/0x180 [ 15.559362] ? preempt_count_sub+0x50/0x80 [ 15.559387] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.559413] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.559439] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.559466] kthread+0x337/0x6f0 [ 15.559487] ? trace_preempt_on+0x20/0xc0 [ 15.559512] ? __pfx_kthread+0x10/0x10 [ 15.559534] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.559557] ? calculate_sigpending+0x7b/0xa0 [ 15.559583] ? __pfx_kthread+0x10/0x10 [ 15.559606] ret_from_fork+0x116/0x1d0 [ 15.559626] ? __pfx_kthread+0x10/0x10 [ 15.559648] ret_from_fork_asm+0x1a/0x30 [ 15.559745] </TASK> [ 15.559758] [ 15.567543] Allocated by task 283: [ 15.567680] kasan_save_stack+0x45/0x70 [ 15.567824] kasan_save_track+0x18/0x40 [ 15.568135] kasan_save_alloc_info+0x3b/0x50 [ 15.568366] __kasan_kmalloc+0xb7/0xc0 [ 15.568651] __kmalloc_cache_noprof+0x189/0x420 [ 15.568886] kasan_atomics+0x95/0x310 [ 15.569060] kunit_try_run_case+0x1a5/0x480 [ 15.569234] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.569531] kthread+0x337/0x6f0 [ 15.569711] ret_from_fork+0x116/0x1d0 [ 15.569896] ret_from_fork_asm+0x1a/0x30 [ 15.570054] [ 15.570149] The buggy address belongs to the object at ffff8881039b8c80 [ 15.570149] which belongs to the cache kmalloc-64 of size 64 [ 15.570659] The buggy address is located 0 bytes to the right of [ 15.570659] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 15.571019] [ 15.571113] The buggy address belongs to the physical page: [ 15.571384] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.571720] flags: 0x200000000000000(node=0|zone=2) [ 15.571879] page_type: f5(slab) [ 15.571999] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.572240] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.572811] page dumped because: kasan: bad access detected [ 15.573068] [ 15.573164] Memory state around the buggy address: [ 15.573406] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.573812] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.574065] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.574442] ^ [ 15.574677] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.574954] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.575160] ================================================================== [ 15.212550] ================================================================== [ 15.213191] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 15.213716] Read of size 4 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 15.214323] [ 15.214525] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.214669] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.214686] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.214706] Call Trace: [ 15.214724] <TASK> [ 15.214741] dump_stack_lvl+0x73/0xb0 [ 15.214773] print_report+0xd1/0x650 [ 15.214798] ? __virt_addr_valid+0x1db/0x2d0 [ 15.214820] ? kasan_atomics_helper+0x4b54/0x5450 [ 15.214843] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.214867] ? kasan_atomics_helper+0x4b54/0x5450 [ 15.214891] kasan_report+0x141/0x180 [ 15.214914] ? kasan_atomics_helper+0x4b54/0x5450 [ 15.214942] __asan_report_load4_noabort+0x18/0x20 [ 15.214968] kasan_atomics_helper+0x4b54/0x5450 [ 15.214991] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.215015] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.215042] ? kasan_atomics+0x152/0x310 [ 15.215070] kasan_atomics+0x1dc/0x310 [ 15.215093] ? __pfx_kasan_atomics+0x10/0x10 [ 15.215118] ? __pfx_read_tsc+0x10/0x10 [ 15.215140] ? ktime_get_ts64+0x86/0x230 [ 15.215164] kunit_try_run_case+0x1a5/0x480 [ 15.215189] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.215213] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.215238] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.215263] ? __kthread_parkme+0x82/0x180 [ 15.215285] ? preempt_count_sub+0x50/0x80 [ 15.215309] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.215335] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.215391] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.215461] kthread+0x337/0x6f0 [ 15.215484] ? trace_preempt_on+0x20/0xc0 [ 15.215509] ? __pfx_kthread+0x10/0x10 [ 15.215531] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.215554] ? calculate_sigpending+0x7b/0xa0 [ 15.215580] ? __pfx_kthread+0x10/0x10 [ 15.215602] ret_from_fork+0x116/0x1d0 [ 15.215622] ? __pfx_kthread+0x10/0x10 [ 15.215643] ret_from_fork_asm+0x1a/0x30 [ 15.215674] </TASK> [ 15.215686] [ 15.226149] Allocated by task 283: [ 15.226619] kasan_save_stack+0x45/0x70 [ 15.226941] kasan_save_track+0x18/0x40 [ 15.227214] kasan_save_alloc_info+0x3b/0x50 [ 15.227819] __kasan_kmalloc+0xb7/0xc0 [ 15.228019] __kmalloc_cache_noprof+0x189/0x420 [ 15.228213] kasan_atomics+0x95/0x310 [ 15.228861] kunit_try_run_case+0x1a5/0x480 [ 15.229081] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.229713] kthread+0x337/0x6f0 [ 15.229898] ret_from_fork+0x116/0x1d0 [ 15.230048] ret_from_fork_asm+0x1a/0x30 [ 15.230464] [ 15.230683] The buggy address belongs to the object at ffff8881039b8c80 [ 15.230683] which belongs to the cache kmalloc-64 of size 64 [ 15.231182] The buggy address is located 0 bytes to the right of [ 15.231182] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 15.232067] [ 15.232152] The buggy address belongs to the physical page: [ 15.232778] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.233249] flags: 0x200000000000000(node=0|zone=2) [ 15.233680] page_type: f5(slab) [ 15.233820] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.234291] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.234826] page dumped because: kasan: bad access detected [ 15.235151] [ 15.235234] Memory state around the buggy address: [ 15.235539] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.236215] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.236711] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.237114] ^ [ 15.237371] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.238063] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.238544] ================================================================== [ 16.451125] ================================================================== [ 16.451541] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 16.451864] Read of size 8 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 16.452195] [ 16.452306] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.452365] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.452378] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.452399] Call Trace: [ 16.452425] <TASK> [ 16.452441] dump_stack_lvl+0x73/0xb0 [ 16.452472] print_report+0xd1/0x650 [ 16.452498] ? __virt_addr_valid+0x1db/0x2d0 [ 16.452522] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.452544] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.452579] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.452603] kasan_report+0x141/0x180 [ 16.452636] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.452665] __asan_report_load8_noabort+0x18/0x20 [ 16.452691] kasan_atomics_helper+0x4fa5/0x5450 [ 16.452717] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.452749] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.452775] ? kasan_atomics+0x152/0x310 [ 16.452803] kasan_atomics+0x1dc/0x310 [ 16.452837] ? __pfx_kasan_atomics+0x10/0x10 [ 16.452863] ? __pfx_read_tsc+0x10/0x10 [ 16.452885] ? ktime_get_ts64+0x86/0x230 [ 16.452910] kunit_try_run_case+0x1a5/0x480 [ 16.452935] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.452959] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.452984] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.453010] ? __kthread_parkme+0x82/0x180 [ 16.453031] ? preempt_count_sub+0x50/0x80 [ 16.453056] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.453082] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.453108] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.453134] kthread+0x337/0x6f0 [ 16.453154] ? trace_preempt_on+0x20/0xc0 [ 16.453179] ? __pfx_kthread+0x10/0x10 [ 16.453200] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.453223] ? calculate_sigpending+0x7b/0xa0 [ 16.453249] ? __pfx_kthread+0x10/0x10 [ 16.453271] ret_from_fork+0x116/0x1d0 [ 16.453298] ? __pfx_kthread+0x10/0x10 [ 16.453320] ret_from_fork_asm+0x1a/0x30 [ 16.453368] </TASK> [ 16.453380] [ 16.461091] Allocated by task 283: [ 16.461289] kasan_save_stack+0x45/0x70 [ 16.461500] kasan_save_track+0x18/0x40 [ 16.461684] kasan_save_alloc_info+0x3b/0x50 [ 16.461901] __kasan_kmalloc+0xb7/0xc0 [ 16.462100] __kmalloc_cache_noprof+0x189/0x420 [ 16.462287] kasan_atomics+0x95/0x310 [ 16.462440] kunit_try_run_case+0x1a5/0x480 [ 16.462676] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.462938] kthread+0x337/0x6f0 [ 16.463175] ret_from_fork+0x116/0x1d0 [ 16.463313] ret_from_fork_asm+0x1a/0x30 [ 16.463681] [ 16.463778] The buggy address belongs to the object at ffff8881039b8c80 [ 16.463778] which belongs to the cache kmalloc-64 of size 64 [ 16.464220] The buggy address is located 0 bytes to the right of [ 16.464220] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 16.464637] [ 16.464747] The buggy address belongs to the physical page: [ 16.464999] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 16.465397] flags: 0x200000000000000(node=0|zone=2) [ 16.465558] page_type: f5(slab) [ 16.465679] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.466045] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.466401] page dumped because: kasan: bad access detected [ 16.466681] [ 16.466798] Memory state around the buggy address: [ 16.467048] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.467329] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.467883] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.468130] ^ [ 16.468292] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.468628] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.468941] ================================================================== [ 15.102892] ================================================================== [ 15.103169] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 15.103612] Write of size 4 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 15.104587] [ 15.104823] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.104868] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.104880] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.104899] Call Trace: [ 15.104998] <TASK> [ 15.105017] dump_stack_lvl+0x73/0xb0 [ 15.105050] print_report+0xd1/0x650 [ 15.105073] ? __virt_addr_valid+0x1db/0x2d0 [ 15.105095] ? kasan_atomics_helper+0x4ba2/0x5450 [ 15.105117] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.105141] ? kasan_atomics_helper+0x4ba2/0x5450 [ 15.105163] kasan_report+0x141/0x180 [ 15.105184] ? kasan_atomics_helper+0x4ba2/0x5450 [ 15.105210] __asan_report_store4_noabort+0x1b/0x30 [ 15.105236] kasan_atomics_helper+0x4ba2/0x5450 [ 15.105258] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.105281] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.105305] ? kasan_atomics+0x152/0x310 [ 15.105332] kasan_atomics+0x1dc/0x310 [ 15.105423] ? __pfx_kasan_atomics+0x10/0x10 [ 15.105449] ? __pfx_read_tsc+0x10/0x10 [ 15.105470] ? ktime_get_ts64+0x86/0x230 [ 15.105494] kunit_try_run_case+0x1a5/0x480 [ 15.105518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.105541] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.105566] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.105590] ? __kthread_parkme+0x82/0x180 [ 15.105611] ? preempt_count_sub+0x50/0x80 [ 15.105634] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.105659] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.105683] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.105709] kthread+0x337/0x6f0 [ 15.105727] ? trace_preempt_on+0x20/0xc0 [ 15.105750] ? __pfx_kthread+0x10/0x10 [ 15.105771] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.105793] ? calculate_sigpending+0x7b/0xa0 [ 15.105817] ? __pfx_kthread+0x10/0x10 [ 15.105838] ret_from_fork+0x116/0x1d0 [ 15.105857] ? __pfx_kthread+0x10/0x10 [ 15.105877] ret_from_fork_asm+0x1a/0x30 [ 15.105908] </TASK> [ 15.105918] [ 15.117167] Allocated by task 283: [ 15.117361] kasan_save_stack+0x45/0x70 [ 15.117914] kasan_save_track+0x18/0x40 [ 15.118222] kasan_save_alloc_info+0x3b/0x50 [ 15.118678] __kasan_kmalloc+0xb7/0xc0 [ 15.118863] __kmalloc_cache_noprof+0x189/0x420 [ 15.119047] kasan_atomics+0x95/0x310 [ 15.119255] kunit_try_run_case+0x1a5/0x480 [ 15.119992] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.120215] kthread+0x337/0x6f0 [ 15.120792] ret_from_fork+0x116/0x1d0 [ 15.120988] ret_from_fork_asm+0x1a/0x30 [ 15.121156] [ 15.121458] The buggy address belongs to the object at ffff8881039b8c80 [ 15.121458] which belongs to the cache kmalloc-64 of size 64 [ 15.122097] The buggy address is located 0 bytes to the right of [ 15.122097] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 15.122890] [ 15.122978] The buggy address belongs to the physical page: [ 15.123382] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.123938] flags: 0x200000000000000(node=0|zone=2) [ 15.124162] page_type: f5(slab) [ 15.124316] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.125067] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.125650] page dumped because: kasan: bad access detected [ 15.125996] [ 15.126241] Memory state around the buggy address: [ 15.126560] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.126991] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.127317] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.127845] ^ [ 15.128149] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.128650] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.128946] ================================================================== [ 15.270815] ================================================================== [ 15.271576] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 15.272315] Write of size 4 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 15.272888] [ 15.272984] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.273026] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.273039] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.273061] Call Trace: [ 15.273075] <TASK> [ 15.273090] dump_stack_lvl+0x73/0xb0 [ 15.273122] print_report+0xd1/0x650 [ 15.273145] ? __virt_addr_valid+0x1db/0x2d0 [ 15.273169] ? kasan_atomics_helper+0x4b3a/0x5450 [ 15.273193] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.273217] ? kasan_atomics_helper+0x4b3a/0x5450 [ 15.273240] kasan_report+0x141/0x180 [ 15.273264] ? kasan_atomics_helper+0x4b3a/0x5450 [ 15.273292] __asan_report_store4_noabort+0x1b/0x30 [ 15.273319] kasan_atomics_helper+0x4b3a/0x5450 [ 15.273344] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.273382] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.273407] ? kasan_atomics+0x152/0x310 [ 15.273435] kasan_atomics+0x1dc/0x310 [ 15.273458] ? __pfx_kasan_atomics+0x10/0x10 [ 15.273483] ? __pfx_read_tsc+0x10/0x10 [ 15.273506] ? ktime_get_ts64+0x86/0x230 [ 15.273586] kunit_try_run_case+0x1a5/0x480 [ 15.273614] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.273650] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.273677] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.273702] ? __kthread_parkme+0x82/0x180 [ 15.273725] ? preempt_count_sub+0x50/0x80 [ 15.273750] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.273775] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.273801] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.273828] kthread+0x337/0x6f0 [ 15.273847] ? trace_preempt_on+0x20/0xc0 [ 15.273872] ? __pfx_kthread+0x10/0x10 [ 15.273893] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.273915] ? calculate_sigpending+0x7b/0xa0 [ 15.273940] ? __pfx_kthread+0x10/0x10 [ 15.273962] ret_from_fork+0x116/0x1d0 [ 15.273982] ? __pfx_kthread+0x10/0x10 [ 15.274003] ret_from_fork_asm+0x1a/0x30 [ 15.274035] </TASK> [ 15.274046] [ 15.282675] Allocated by task 283: [ 15.282866] kasan_save_stack+0x45/0x70 [ 15.283071] kasan_save_track+0x18/0x40 [ 15.283258] kasan_save_alloc_info+0x3b/0x50 [ 15.283549] __kasan_kmalloc+0xb7/0xc0 [ 15.283734] __kmalloc_cache_noprof+0x189/0x420 [ 15.283964] kasan_atomics+0x95/0x310 [ 15.284155] kunit_try_run_case+0x1a5/0x480 [ 15.284403] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.284724] kthread+0x337/0x6f0 [ 15.284923] ret_from_fork+0x116/0x1d0 [ 15.285080] ret_from_fork_asm+0x1a/0x30 [ 15.285221] [ 15.285293] The buggy address belongs to the object at ffff8881039b8c80 [ 15.285293] which belongs to the cache kmalloc-64 of size 64 [ 15.285697] The buggy address is located 0 bytes to the right of [ 15.285697] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 15.286860] [ 15.286954] The buggy address belongs to the physical page: [ 15.287235] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.287612] flags: 0x200000000000000(node=0|zone=2) [ 15.287784] page_type: f5(slab) [ 15.287908] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.288293] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.288758] page dumped because: kasan: bad access detected [ 15.289032] [ 15.289146] Memory state around the buggy address: [ 15.289432] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.289766] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.290047] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.290369] ^ [ 15.290714] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.291023] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.291335] ================================================================== [ 15.726582] ================================================================== [ 15.727085] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 15.727467] Read of size 4 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 15.728000] [ 15.728100] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.728171] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.728184] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.728204] Call Trace: [ 15.728229] <TASK> [ 15.728244] dump_stack_lvl+0x73/0xb0 [ 15.728274] print_report+0xd1/0x650 [ 15.728297] ? __virt_addr_valid+0x1db/0x2d0 [ 15.728320] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.728353] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.728378] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.728401] kasan_report+0x141/0x180 [ 15.728434] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.728461] __asan_report_load4_noabort+0x18/0x20 [ 15.728487] kasan_atomics_helper+0x4a1c/0x5450 [ 15.728512] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.728536] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.728562] ? kasan_atomics+0x152/0x310 [ 15.728599] kasan_atomics+0x1dc/0x310 [ 15.728622] ? __pfx_kasan_atomics+0x10/0x10 [ 15.728648] ? __pfx_read_tsc+0x10/0x10 [ 15.728680] ? ktime_get_ts64+0x86/0x230 [ 15.728706] kunit_try_run_case+0x1a5/0x480 [ 15.728731] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.728755] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.728781] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.728806] ? __kthread_parkme+0x82/0x180 [ 15.728827] ? preempt_count_sub+0x50/0x80 [ 15.728861] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.728887] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.728923] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.728950] kthread+0x337/0x6f0 [ 15.728969] ? trace_preempt_on+0x20/0xc0 [ 15.729002] ? __pfx_kthread+0x10/0x10 [ 15.729024] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.729047] ? calculate_sigpending+0x7b/0xa0 [ 15.729082] ? __pfx_kthread+0x10/0x10 [ 15.729105] ret_from_fork+0x116/0x1d0 [ 15.729124] ? __pfx_kthread+0x10/0x10 [ 15.729146] ret_from_fork_asm+0x1a/0x30 [ 15.729187] </TASK> [ 15.729198] [ 15.737132] Allocated by task 283: [ 15.737271] kasan_save_stack+0x45/0x70 [ 15.737429] kasan_save_track+0x18/0x40 [ 15.737570] kasan_save_alloc_info+0x3b/0x50 [ 15.737723] __kasan_kmalloc+0xb7/0xc0 [ 15.737943] __kmalloc_cache_noprof+0x189/0x420 [ 15.738168] kasan_atomics+0x95/0x310 [ 15.738366] kunit_try_run_case+0x1a5/0x480 [ 15.738575] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.739022] kthread+0x337/0x6f0 [ 15.739146] ret_from_fork+0x116/0x1d0 [ 15.739281] ret_from_fork_asm+0x1a/0x30 [ 15.739476] [ 15.739574] The buggy address belongs to the object at ffff8881039b8c80 [ 15.739574] which belongs to the cache kmalloc-64 of size 64 [ 15.740141] The buggy address is located 0 bytes to the right of [ 15.740141] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 15.740958] [ 15.741049] The buggy address belongs to the physical page: [ 15.741222] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.741679] flags: 0x200000000000000(node=0|zone=2) [ 15.741929] page_type: f5(slab) [ 15.742113] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.742508] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.742824] page dumped because: kasan: bad access detected [ 15.743077] [ 15.743164] Memory state around the buggy address: [ 15.743403] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.744231] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.745187] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.745809] ^ [ 15.746019] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.746309] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.747106] ================================================================== [ 16.333427] ================================================================== [ 16.333738] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 16.334286] Read of size 8 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 16.334690] [ 16.334787] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.334827] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.334839] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.334859] Call Trace: [ 16.334884] <TASK> [ 16.334899] dump_stack_lvl+0x73/0xb0 [ 16.334930] print_report+0xd1/0x650 [ 16.334965] ? __virt_addr_valid+0x1db/0x2d0 [ 16.334989] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.335012] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.335036] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.335060] kasan_report+0x141/0x180 [ 16.335083] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.335110] __asan_report_load8_noabort+0x18/0x20 [ 16.335137] kasan_atomics_helper+0x4f71/0x5450 [ 16.335170] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.335194] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.335220] ? kasan_atomics+0x152/0x310 [ 16.335258] kasan_atomics+0x1dc/0x310 [ 16.335282] ? __pfx_kasan_atomics+0x10/0x10 [ 16.335307] ? __pfx_read_tsc+0x10/0x10 [ 16.335337] ? ktime_get_ts64+0x86/0x230 [ 16.335372] kunit_try_run_case+0x1a5/0x480 [ 16.335420] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.335446] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.335472] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.335497] ? __kthread_parkme+0x82/0x180 [ 16.335519] ? preempt_count_sub+0x50/0x80 [ 16.335553] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.335580] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.335615] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.335643] kthread+0x337/0x6f0 [ 16.335663] ? trace_preempt_on+0x20/0xc0 [ 16.335688] ? __pfx_kthread+0x10/0x10 [ 16.335720] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.335742] ? calculate_sigpending+0x7b/0xa0 [ 16.335777] ? __pfx_kthread+0x10/0x10 [ 16.335802] ret_from_fork+0x116/0x1d0 [ 16.335822] ? __pfx_kthread+0x10/0x10 [ 16.335844] ret_from_fork_asm+0x1a/0x30 [ 16.335876] </TASK> [ 16.335888] [ 16.343312] Allocated by task 283: [ 16.343524] kasan_save_stack+0x45/0x70 [ 16.343733] kasan_save_track+0x18/0x40 [ 16.343928] kasan_save_alloc_info+0x3b/0x50 [ 16.344135] __kasan_kmalloc+0xb7/0xc0 [ 16.344332] __kmalloc_cache_noprof+0x189/0x420 [ 16.344585] kasan_atomics+0x95/0x310 [ 16.344745] kunit_try_run_case+0x1a5/0x480 [ 16.344972] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.345151] kthread+0x337/0x6f0 [ 16.345273] ret_from_fork+0x116/0x1d0 [ 16.345467] ret_from_fork_asm+0x1a/0x30 [ 16.345689] [ 16.345786] The buggy address belongs to the object at ffff8881039b8c80 [ 16.345786] which belongs to the cache kmalloc-64 of size 64 [ 16.346304] The buggy address is located 0 bytes to the right of [ 16.346304] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 16.346823] [ 16.346947] The buggy address belongs to the physical page: [ 16.347179] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 16.347496] flags: 0x200000000000000(node=0|zone=2) [ 16.347662] page_type: f5(slab) [ 16.347784] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.348017] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.348336] page dumped because: kasan: bad access detected [ 16.348621] [ 16.348716] Memory state around the buggy address: [ 16.348938] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.349283] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.349694] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.350074] ^ [ 16.350334] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.350648] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.350962] ================================================================== [ 15.849811] ================================================================== [ 15.850178] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 15.850481] Read of size 4 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 15.850738] [ 15.850863] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.850906] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.850918] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.850939] Call Trace: [ 15.850952] <TASK> [ 15.850966] dump_stack_lvl+0x73/0xb0 [ 15.851021] print_report+0xd1/0x650 [ 15.851044] ? __virt_addr_valid+0x1db/0x2d0 [ 15.851079] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.851103] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.851128] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.851151] kasan_report+0x141/0x180 [ 15.851174] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.851202] __asan_report_load4_noabort+0x18/0x20 [ 15.851228] kasan_atomics_helper+0x49ce/0x5450 [ 15.851252] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.851276] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.851301] ? kasan_atomics+0x152/0x310 [ 15.851328] kasan_atomics+0x1dc/0x310 [ 15.851363] ? __pfx_kasan_atomics+0x10/0x10 [ 15.851419] ? __pfx_read_tsc+0x10/0x10 [ 15.851442] ? ktime_get_ts64+0x86/0x230 [ 15.851467] kunit_try_run_case+0x1a5/0x480 [ 15.851530] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.851554] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.851591] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.851616] ? __kthread_parkme+0x82/0x180 [ 15.851638] ? preempt_count_sub+0x50/0x80 [ 15.851663] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.851717] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.851755] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.851793] kthread+0x337/0x6f0 [ 15.851813] ? trace_preempt_on+0x20/0xc0 [ 15.851865] ? __pfx_kthread+0x10/0x10 [ 15.851898] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.851932] ? calculate_sigpending+0x7b/0xa0 [ 15.851958] ? __pfx_kthread+0x10/0x10 [ 15.851981] ret_from_fork+0x116/0x1d0 [ 15.852000] ? __pfx_kthread+0x10/0x10 [ 15.852022] ret_from_fork_asm+0x1a/0x30 [ 15.852054] </TASK> [ 15.852065] [ 15.859827] Allocated by task 283: [ 15.859950] kasan_save_stack+0x45/0x70 [ 15.860089] kasan_save_track+0x18/0x40 [ 15.860224] kasan_save_alloc_info+0x3b/0x50 [ 15.860485] __kasan_kmalloc+0xb7/0xc0 [ 15.860724] __kmalloc_cache_noprof+0x189/0x420 [ 15.861055] kasan_atomics+0x95/0x310 [ 15.861230] kunit_try_run_case+0x1a5/0x480 [ 15.861469] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.861727] kthread+0x337/0x6f0 [ 15.861874] ret_from_fork+0x116/0x1d0 [ 15.862043] ret_from_fork_asm+0x1a/0x30 [ 15.862178] [ 15.862268] The buggy address belongs to the object at ffff8881039b8c80 [ 15.862268] which belongs to the cache kmalloc-64 of size 64 [ 15.862938] The buggy address is located 0 bytes to the right of [ 15.862938] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 15.863586] [ 15.863666] The buggy address belongs to the physical page: [ 15.863961] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.864321] flags: 0x200000000000000(node=0|zone=2) [ 15.864581] page_type: f5(slab) [ 15.864845] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.865071] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.865382] page dumped because: kasan: bad access detected [ 15.865942] [ 15.866040] Memory state around the buggy address: [ 15.866191] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.866409] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.866767] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.867130] ^ [ 15.867369] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.867644] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.867998] ================================================================== [ 16.051636] ================================================================== [ 16.052001] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 16.052320] Write of size 8 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 16.052769] [ 16.052883] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.052968] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.053006] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.053037] Call Trace: [ 16.053110] <TASK> [ 16.053126] dump_stack_lvl+0x73/0xb0 [ 16.053168] print_report+0xd1/0x650 [ 16.053192] ? __virt_addr_valid+0x1db/0x2d0 [ 16.053214] ? kasan_atomics_helper+0x1818/0x5450 [ 16.053237] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.053261] ? kasan_atomics_helper+0x1818/0x5450 [ 16.053284] kasan_report+0x141/0x180 [ 16.053307] ? kasan_atomics_helper+0x1818/0x5450 [ 16.053335] kasan_check_range+0x10c/0x1c0 [ 16.053368] __kasan_check_write+0x18/0x20 [ 16.053389] kasan_atomics_helper+0x1818/0x5450 [ 16.053434] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.053457] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.053484] ? kasan_atomics+0x152/0x310 [ 16.053512] kasan_atomics+0x1dc/0x310 [ 16.053534] ? __pfx_kasan_atomics+0x10/0x10 [ 16.053560] ? __pfx_read_tsc+0x10/0x10 [ 16.053582] ? ktime_get_ts64+0x86/0x230 [ 16.053606] kunit_try_run_case+0x1a5/0x480 [ 16.053631] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.053657] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.053681] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.053706] ? __kthread_parkme+0x82/0x180 [ 16.053727] ? preempt_count_sub+0x50/0x80 [ 16.053752] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.053777] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.053803] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.053829] kthread+0x337/0x6f0 [ 16.053849] ? trace_preempt_on+0x20/0xc0 [ 16.053873] ? __pfx_kthread+0x10/0x10 [ 16.053896] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.053919] ? calculate_sigpending+0x7b/0xa0 [ 16.053944] ? __pfx_kthread+0x10/0x10 [ 16.053967] ret_from_fork+0x116/0x1d0 [ 16.053986] ? __pfx_kthread+0x10/0x10 [ 16.054007] ret_from_fork_asm+0x1a/0x30 [ 16.054039] </TASK> [ 16.054050] [ 16.062678] Allocated by task 283: [ 16.063100] kasan_save_stack+0x45/0x70 [ 16.063304] kasan_save_track+0x18/0x40 [ 16.063535] kasan_save_alloc_info+0x3b/0x50 [ 16.063691] __kasan_kmalloc+0xb7/0xc0 [ 16.063946] __kmalloc_cache_noprof+0x189/0x420 [ 16.064186] kasan_atomics+0x95/0x310 [ 16.064393] kunit_try_run_case+0x1a5/0x480 [ 16.064676] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.064936] kthread+0x337/0x6f0 [ 16.065124] ret_from_fork+0x116/0x1d0 [ 16.065288] ret_from_fork_asm+0x1a/0x30 [ 16.065587] [ 16.065777] The buggy address belongs to the object at ffff8881039b8c80 [ 16.065777] which belongs to the cache kmalloc-64 of size 64 [ 16.066262] The buggy address is located 0 bytes to the right of [ 16.066262] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 16.066831] [ 16.066936] The buggy address belongs to the physical page: [ 16.067196] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 16.067580] flags: 0x200000000000000(node=0|zone=2) [ 16.067772] page_type: f5(slab) [ 16.067977] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.068431] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.068776] page dumped because: kasan: bad access detected [ 16.069030] [ 16.069124] Memory state around the buggy address: [ 16.069368] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.069690] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.070016] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.070440] ^ [ 16.070667] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.071072] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.071436] ================================================================== [ 15.707525] ================================================================== [ 15.707888] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 15.708716] Write of size 4 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 15.709059] [ 15.709169] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.709223] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.709236] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.709255] Call Trace: [ 15.709284] <TASK> [ 15.709301] dump_stack_lvl+0x73/0xb0 [ 15.709330] print_report+0xd1/0x650 [ 15.709363] ? __virt_addr_valid+0x1db/0x2d0 [ 15.709385] ? kasan_atomics_helper+0x1079/0x5450 [ 15.709408] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.709433] ? kasan_atomics_helper+0x1079/0x5450 [ 15.709455] kasan_report+0x141/0x180 [ 15.709490] ? kasan_atomics_helper+0x1079/0x5450 [ 15.709517] kasan_check_range+0x10c/0x1c0 [ 15.709542] __kasan_check_write+0x18/0x20 [ 15.709563] kasan_atomics_helper+0x1079/0x5450 [ 15.709597] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.709621] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.709647] ? kasan_atomics+0x152/0x310 [ 15.709685] kasan_atomics+0x1dc/0x310 [ 15.709709] ? __pfx_kasan_atomics+0x10/0x10 [ 15.709734] ? __pfx_read_tsc+0x10/0x10 [ 15.709756] ? ktime_get_ts64+0x86/0x230 [ 15.709780] kunit_try_run_case+0x1a5/0x480 [ 15.709805] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.709829] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.709854] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.709888] ? __kthread_parkme+0x82/0x180 [ 15.709910] ? preempt_count_sub+0x50/0x80 [ 15.709935] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.709970] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.709996] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.710023] kthread+0x337/0x6f0 [ 15.710042] ? trace_preempt_on+0x20/0xc0 [ 15.710066] ? __pfx_kthread+0x10/0x10 [ 15.710088] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.710111] ? calculate_sigpending+0x7b/0xa0 [ 15.710136] ? __pfx_kthread+0x10/0x10 [ 15.710159] ret_from_fork+0x116/0x1d0 [ 15.710178] ? __pfx_kthread+0x10/0x10 [ 15.710200] ret_from_fork_asm+0x1a/0x30 [ 15.710232] </TASK> [ 15.710243] [ 15.718372] Allocated by task 283: [ 15.718584] kasan_save_stack+0x45/0x70 [ 15.718782] kasan_save_track+0x18/0x40 [ 15.718977] kasan_save_alloc_info+0x3b/0x50 [ 15.719133] __kasan_kmalloc+0xb7/0xc0 [ 15.719269] __kmalloc_cache_noprof+0x189/0x420 [ 15.719533] kasan_atomics+0x95/0x310 [ 15.719736] kunit_try_run_case+0x1a5/0x480 [ 15.719946] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.720238] kthread+0x337/0x6f0 [ 15.720376] ret_from_fork+0x116/0x1d0 [ 15.720716] ret_from_fork_asm+0x1a/0x30 [ 15.720895] [ 15.721005] The buggy address belongs to the object at ffff8881039b8c80 [ 15.721005] which belongs to the cache kmalloc-64 of size 64 [ 15.721530] The buggy address is located 0 bytes to the right of [ 15.721530] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 15.721969] [ 15.722043] The buggy address belongs to the physical page: [ 15.722295] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.722674] flags: 0x200000000000000(node=0|zone=2) [ 15.722997] page_type: f5(slab) [ 15.723143] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.723387] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.723615] page dumped because: kasan: bad access detected [ 15.723806] [ 15.723898] Memory state around the buggy address: [ 15.724120] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.724464] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.724803] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.725116] ^ [ 15.725317] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.725781] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.726088] ================================================================== [ 15.986150] ================================================================== [ 15.986594] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 15.986926] Write of size 8 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 15.987223] [ 15.987322] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.987375] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.987388] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.987408] Call Trace: [ 15.987471] <TASK> [ 15.987488] dump_stack_lvl+0x73/0xb0 [ 15.987518] print_report+0xd1/0x650 [ 15.987555] ? __virt_addr_valid+0x1db/0x2d0 [ 15.987579] ? kasan_atomics_helper+0x164f/0x5450 [ 15.987601] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.987625] ? kasan_atomics_helper+0x164f/0x5450 [ 15.987648] kasan_report+0x141/0x180 [ 15.987671] ? kasan_atomics_helper+0x164f/0x5450 [ 15.987698] kasan_check_range+0x10c/0x1c0 [ 15.987723] __kasan_check_write+0x18/0x20 [ 15.987743] kasan_atomics_helper+0x164f/0x5450 [ 15.987767] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.987791] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.987817] ? kasan_atomics+0x152/0x310 [ 15.987845] kasan_atomics+0x1dc/0x310 [ 15.987868] ? __pfx_kasan_atomics+0x10/0x10 [ 15.987894] ? __pfx_read_tsc+0x10/0x10 [ 15.987915] ? ktime_get_ts64+0x86/0x230 [ 15.987940] kunit_try_run_case+0x1a5/0x480 [ 15.987965] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.987990] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.988049] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.988075] ? __kthread_parkme+0x82/0x180 [ 15.988097] ? preempt_count_sub+0x50/0x80 [ 15.988165] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.988191] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.988228] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.988254] kthread+0x337/0x6f0 [ 15.988275] ? trace_preempt_on+0x20/0xc0 [ 15.988299] ? __pfx_kthread+0x10/0x10 [ 15.988321] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.988352] ? calculate_sigpending+0x7b/0xa0 [ 15.988377] ? __pfx_kthread+0x10/0x10 [ 15.988399] ret_from_fork+0x116/0x1d0 [ 15.988429] ? __pfx_kthread+0x10/0x10 [ 15.988450] ret_from_fork_asm+0x1a/0x30 [ 15.988481] </TASK> [ 15.988493] [ 15.996561] Allocated by task 283: [ 15.996713] kasan_save_stack+0x45/0x70 [ 15.996856] kasan_save_track+0x18/0x40 [ 15.997003] kasan_save_alloc_info+0x3b/0x50 [ 15.997267] __kasan_kmalloc+0xb7/0xc0 [ 15.997468] __kmalloc_cache_noprof+0x189/0x420 [ 15.997860] kasan_atomics+0x95/0x310 [ 15.998125] kunit_try_run_case+0x1a5/0x480 [ 15.998290] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.998494] kthread+0x337/0x6f0 [ 15.998666] ret_from_fork+0x116/0x1d0 [ 15.998912] ret_from_fork_asm+0x1a/0x30 [ 15.999115] [ 15.999211] The buggy address belongs to the object at ffff8881039b8c80 [ 15.999211] which belongs to the cache kmalloc-64 of size 64 [ 15.999737] The buggy address is located 0 bytes to the right of [ 15.999737] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 16.000276] [ 16.000360] The buggy address belongs to the physical page: [ 16.000534] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 16.000809] flags: 0x200000000000000(node=0|zone=2) [ 16.001098] page_type: f5(slab) [ 16.001271] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.001625] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.001971] page dumped because: kasan: bad access detected [ 16.002237] [ 16.002378] Memory state around the buggy address: [ 16.002612] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.002962] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.003228] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.003453] ^ [ 16.003623] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.003945] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.004322] ================================================================== [ 15.887151] ================================================================== [ 15.887488] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 15.887958] Read of size 8 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 15.888235] [ 15.888317] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.888368] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.888381] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.888400] Call Trace: [ 15.888416] <TASK> [ 15.888431] dump_stack_lvl+0x73/0xb0 [ 15.888459] print_report+0xd1/0x650 [ 15.888482] ? __virt_addr_valid+0x1db/0x2d0 [ 15.888505] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.888526] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.888550] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.888573] kasan_report+0x141/0x180 [ 15.888595] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.888623] __asan_report_load8_noabort+0x18/0x20 [ 15.888649] kasan_atomics_helper+0x4eae/0x5450 [ 15.888707] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.888732] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.888769] ? kasan_atomics+0x152/0x310 [ 15.888796] kasan_atomics+0x1dc/0x310 [ 15.888820] ? __pfx_kasan_atomics+0x10/0x10 [ 15.888873] ? __pfx_read_tsc+0x10/0x10 [ 15.888894] ? ktime_get_ts64+0x86/0x230 [ 15.888929] kunit_try_run_case+0x1a5/0x480 [ 15.888955] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.888978] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.889004] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.889029] ? __kthread_parkme+0x82/0x180 [ 15.889050] ? preempt_count_sub+0x50/0x80 [ 15.889102] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.889139] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.889177] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.889203] kthread+0x337/0x6f0 [ 15.889224] ? trace_preempt_on+0x20/0xc0 [ 15.889247] ? __pfx_kthread+0x10/0x10 [ 15.889268] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.889291] ? calculate_sigpending+0x7b/0xa0 [ 15.889316] ? __pfx_kthread+0x10/0x10 [ 15.889338] ret_from_fork+0x116/0x1d0 [ 15.889366] ? __pfx_kthread+0x10/0x10 [ 15.889388] ret_from_fork_asm+0x1a/0x30 [ 15.889431] </TASK> [ 15.889442] [ 15.897156] Allocated by task 283: [ 15.897359] kasan_save_stack+0x45/0x70 [ 15.897575] kasan_save_track+0x18/0x40 [ 15.897778] kasan_save_alloc_info+0x3b/0x50 [ 15.897936] __kasan_kmalloc+0xb7/0xc0 [ 15.898111] __kmalloc_cache_noprof+0x189/0x420 [ 15.898337] kasan_atomics+0x95/0x310 [ 15.898645] kunit_try_run_case+0x1a5/0x480 [ 15.898903] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.899176] kthread+0x337/0x6f0 [ 15.899394] ret_from_fork+0x116/0x1d0 [ 15.899593] ret_from_fork_asm+0x1a/0x30 [ 15.899734] [ 15.899805] The buggy address belongs to the object at ffff8881039b8c80 [ 15.899805] which belongs to the cache kmalloc-64 of size 64 [ 15.900317] The buggy address is located 0 bytes to the right of [ 15.900317] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 15.901000] [ 15.901080] The buggy address belongs to the physical page: [ 15.901420] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.901756] flags: 0x200000000000000(node=0|zone=2) [ 15.901922] page_type: f5(slab) [ 15.902045] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.902382] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.902738] page dumped because: kasan: bad access detected [ 15.903031] [ 15.903169] Memory state around the buggy address: [ 15.903531] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.903835] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.904055] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.904337] ^ [ 15.904782] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.905117] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.905478] ================================================================== [ 15.156051] ================================================================== [ 15.156836] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 15.157279] Write of size 4 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 15.157791] [ 15.157911] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.158273] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.158286] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.158307] Call Trace: [ 15.158322] <TASK> [ 15.158337] dump_stack_lvl+0x73/0xb0 [ 15.158390] print_report+0xd1/0x650 [ 15.158413] ? __virt_addr_valid+0x1db/0x2d0 [ 15.158437] ? kasan_atomics_helper+0x4b6e/0x5450 [ 15.158568] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.158593] ? kasan_atomics_helper+0x4b6e/0x5450 [ 15.158635] kasan_report+0x141/0x180 [ 15.158658] ? kasan_atomics_helper+0x4b6e/0x5450 [ 15.158686] __asan_report_store4_noabort+0x1b/0x30 [ 15.158713] kasan_atomics_helper+0x4b6e/0x5450 [ 15.158737] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.158761] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.158787] ? kasan_atomics+0x152/0x310 [ 15.158814] kasan_atomics+0x1dc/0x310 [ 15.158837] ? __pfx_kasan_atomics+0x10/0x10 [ 15.158862] ? __pfx_read_tsc+0x10/0x10 [ 15.158884] ? ktime_get_ts64+0x86/0x230 [ 15.158909] kunit_try_run_case+0x1a5/0x480 [ 15.158934] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.158958] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.158984] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.159009] ? __kthread_parkme+0x82/0x180 [ 15.159031] ? preempt_count_sub+0x50/0x80 [ 15.159056] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.159082] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.159108] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.159135] kthread+0x337/0x6f0 [ 15.159155] ? trace_preempt_on+0x20/0xc0 [ 15.159179] ? __pfx_kthread+0x10/0x10 [ 15.159201] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.159224] ? calculate_sigpending+0x7b/0xa0 [ 15.159249] ? __pfx_kthread+0x10/0x10 [ 15.159271] ret_from_fork+0x116/0x1d0 [ 15.159291] ? __pfx_kthread+0x10/0x10 [ 15.159313] ret_from_fork_asm+0x1a/0x30 [ 15.159356] </TASK> [ 15.159386] [ 15.171099] Allocated by task 283: [ 15.171504] kasan_save_stack+0x45/0x70 [ 15.171673] kasan_save_track+0x18/0x40 [ 15.172046] kasan_save_alloc_info+0x3b/0x50 [ 15.172510] __kasan_kmalloc+0xb7/0xc0 [ 15.172718] __kmalloc_cache_noprof+0x189/0x420 [ 15.172921] kasan_atomics+0x95/0x310 [ 15.173097] kunit_try_run_case+0x1a5/0x480 [ 15.173291] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.174340] kthread+0x337/0x6f0 [ 15.175008] ret_from_fork+0x116/0x1d0 [ 15.175184] ret_from_fork_asm+0x1a/0x30 [ 15.175375] [ 15.176026] The buggy address belongs to the object at ffff8881039b8c80 [ 15.176026] which belongs to the cache kmalloc-64 of size 64 [ 15.177316] The buggy address is located 0 bytes to the right of [ 15.177316] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 15.178132] [ 15.178327] The buggy address belongs to the physical page: [ 15.178742] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.179155] flags: 0x200000000000000(node=0|zone=2) [ 15.179389] page_type: f5(slab) [ 15.179920] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.180243] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.180926] page dumped because: kasan: bad access detected [ 15.181301] [ 15.181581] Memory state around the buggy address: [ 15.181854] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.182174] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.182706] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.183101] ^ [ 15.183539] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.183989] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.184579] ================================================================== [ 15.748692] ================================================================== [ 15.749010] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 15.749327] Write of size 4 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 15.750027] [ 15.750287] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.750361] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.750375] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.750395] Call Trace: [ 15.750411] <TASK> [ 15.750434] dump_stack_lvl+0x73/0xb0 [ 15.750467] print_report+0xd1/0x650 [ 15.750490] ? __virt_addr_valid+0x1db/0x2d0 [ 15.750515] ? kasan_atomics_helper+0x1148/0x5450 [ 15.750539] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.750563] ? kasan_atomics_helper+0x1148/0x5450 [ 15.750587] kasan_report+0x141/0x180 [ 15.750611] ? kasan_atomics_helper+0x1148/0x5450 [ 15.750639] kasan_check_range+0x10c/0x1c0 [ 15.750663] __kasan_check_write+0x18/0x20 [ 15.750684] kasan_atomics_helper+0x1148/0x5450 [ 15.750708] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.750732] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.750758] ? kasan_atomics+0x152/0x310 [ 15.750787] kasan_atomics+0x1dc/0x310 [ 15.750810] ? __pfx_kasan_atomics+0x10/0x10 [ 15.750836] ? __pfx_read_tsc+0x10/0x10 [ 15.750858] ? ktime_get_ts64+0x86/0x230 [ 15.750883] kunit_try_run_case+0x1a5/0x480 [ 15.750908] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.750932] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.750957] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.750982] ? __kthread_parkme+0x82/0x180 [ 15.751004] ? preempt_count_sub+0x50/0x80 [ 15.751029] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.751055] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.751081] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.751107] kthread+0x337/0x6f0 [ 15.751128] ? trace_preempt_on+0x20/0xc0 [ 15.751151] ? __pfx_kthread+0x10/0x10 [ 15.751173] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.751196] ? calculate_sigpending+0x7b/0xa0 [ 15.751221] ? __pfx_kthread+0x10/0x10 [ 15.751243] ret_from_fork+0x116/0x1d0 [ 15.751262] ? __pfx_kthread+0x10/0x10 [ 15.751284] ret_from_fork_asm+0x1a/0x30 [ 15.751315] </TASK> [ 15.751326] [ 15.759899] Allocated by task 283: [ 15.760081] kasan_save_stack+0x45/0x70 [ 15.760238] kasan_save_track+0x18/0x40 [ 15.760389] kasan_save_alloc_info+0x3b/0x50 [ 15.760641] __kasan_kmalloc+0xb7/0xc0 [ 15.760833] __kmalloc_cache_noprof+0x189/0x420 [ 15.761233] kasan_atomics+0x95/0x310 [ 15.761380] kunit_try_run_case+0x1a5/0x480 [ 15.761528] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.761787] kthread+0x337/0x6f0 [ 15.761961] ret_from_fork+0x116/0x1d0 [ 15.762178] ret_from_fork_asm+0x1a/0x30 [ 15.762422] [ 15.762521] The buggy address belongs to the object at ffff8881039b8c80 [ 15.762521] which belongs to the cache kmalloc-64 of size 64 [ 15.763029] The buggy address is located 0 bytes to the right of [ 15.763029] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 15.763456] [ 15.763531] The buggy address belongs to the physical page: [ 15.763757] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.764137] flags: 0x200000000000000(node=0|zone=2) [ 15.764330] page_type: f5(slab) [ 15.764462] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.764843] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.765195] page dumped because: kasan: bad access detected [ 15.765529] [ 15.765625] Memory state around the buggy address: [ 15.765850] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.766154] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.766490] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.766779] ^ [ 15.766939] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.767250] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.767791] ================================================================== [ 16.225246] ================================================================== [ 16.226132] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 16.226548] Write of size 8 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 16.227129] [ 16.227246] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.227290] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.227303] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.227323] Call Trace: [ 16.227339] <TASK> [ 16.227365] dump_stack_lvl+0x73/0xb0 [ 16.227397] print_report+0xd1/0x650 [ 16.227614] ? __virt_addr_valid+0x1db/0x2d0 [ 16.227640] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.227665] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.227690] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.227713] kasan_report+0x141/0x180 [ 16.227776] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.227805] kasan_check_range+0x10c/0x1c0 [ 16.227830] __kasan_check_write+0x18/0x20 [ 16.227851] kasan_atomics_helper+0x1ce1/0x5450 [ 16.227875] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.227899] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.227926] ? kasan_atomics+0x152/0x310 [ 16.227953] kasan_atomics+0x1dc/0x310 [ 16.227977] ? __pfx_kasan_atomics+0x10/0x10 [ 16.228003] ? __pfx_read_tsc+0x10/0x10 [ 16.228025] ? ktime_get_ts64+0x86/0x230 [ 16.228050] kunit_try_run_case+0x1a5/0x480 [ 16.228075] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.228099] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.228125] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.228150] ? __kthread_parkme+0x82/0x180 [ 16.228176] ? preempt_count_sub+0x50/0x80 [ 16.228200] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.228227] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.228252] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.228278] kthread+0x337/0x6f0 [ 16.228298] ? trace_preempt_on+0x20/0xc0 [ 16.228322] ? __pfx_kthread+0x10/0x10 [ 16.228355] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.228379] ? calculate_sigpending+0x7b/0xa0 [ 16.228403] ? __pfx_kthread+0x10/0x10 [ 16.228427] ret_from_fork+0x116/0x1d0 [ 16.228446] ? __pfx_kthread+0x10/0x10 [ 16.228468] ret_from_fork_asm+0x1a/0x30 [ 16.228499] </TASK> [ 16.228510] [ 16.239638] Allocated by task 283: [ 16.239828] kasan_save_stack+0x45/0x70 [ 16.240021] kasan_save_track+0x18/0x40 [ 16.240165] kasan_save_alloc_info+0x3b/0x50 [ 16.240376] __kasan_kmalloc+0xb7/0xc0 [ 16.240596] __kmalloc_cache_noprof+0x189/0x420 [ 16.240847] kasan_atomics+0x95/0x310 [ 16.241030] kunit_try_run_case+0x1a5/0x480 [ 16.241221] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.241525] kthread+0x337/0x6f0 [ 16.241709] ret_from_fork+0x116/0x1d0 [ 16.241878] ret_from_fork_asm+0x1a/0x30 [ 16.242085] [ 16.242207] The buggy address belongs to the object at ffff8881039b8c80 [ 16.242207] which belongs to the cache kmalloc-64 of size 64 [ 16.242788] The buggy address is located 0 bytes to the right of [ 16.242788] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 16.243310] [ 16.243417] The buggy address belongs to the physical page: [ 16.243636] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 16.243979] flags: 0x200000000000000(node=0|zone=2) [ 16.244247] page_type: f5(slab) [ 16.244421] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.244723] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.245048] page dumped because: kasan: bad access detected [ 16.245264] [ 16.245387] Memory state around the buggy address: [ 16.245675] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.245973] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.246270] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.246610] ^ [ 16.246879] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.247196] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.247480] ================================================================== [ 15.515616] ================================================================== [ 15.515965] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 15.516309] Write of size 4 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 15.516682] [ 15.516798] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.516839] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.516852] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.516871] Call Trace: [ 15.516885] <TASK> [ 15.516900] dump_stack_lvl+0x73/0xb0 [ 15.516930] print_report+0xd1/0x650 [ 15.516953] ? __virt_addr_valid+0x1db/0x2d0 [ 15.516977] ? kasan_atomics_helper+0xc70/0x5450 [ 15.516999] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.517024] ? kasan_atomics_helper+0xc70/0x5450 [ 15.517047] kasan_report+0x141/0x180 [ 15.517070] ? kasan_atomics_helper+0xc70/0x5450 [ 15.517097] kasan_check_range+0x10c/0x1c0 [ 15.519159] __kasan_check_write+0x18/0x20 [ 15.519206] kasan_atomics_helper+0xc70/0x5450 [ 15.519235] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.519260] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.519288] ? kasan_atomics+0x152/0x310 [ 15.519317] kasan_atomics+0x1dc/0x310 [ 15.519381] ? __pfx_kasan_atomics+0x10/0x10 [ 15.519425] ? __pfx_read_tsc+0x10/0x10 [ 15.519448] ? ktime_get_ts64+0x86/0x230 [ 15.519472] kunit_try_run_case+0x1a5/0x480 [ 15.519497] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.519522] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.519548] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.519573] ? __kthread_parkme+0x82/0x180 [ 15.519596] ? preempt_count_sub+0x50/0x80 [ 15.519621] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.519646] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.519671] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.519697] kthread+0x337/0x6f0 [ 15.519717] ? trace_preempt_on+0x20/0xc0 [ 15.519742] ? __pfx_kthread+0x10/0x10 [ 15.519764] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.519786] ? calculate_sigpending+0x7b/0xa0 [ 15.519811] ? __pfx_kthread+0x10/0x10 [ 15.519833] ret_from_fork+0x116/0x1d0 [ 15.519852] ? __pfx_kthread+0x10/0x10 [ 15.519873] ret_from_fork_asm+0x1a/0x30 [ 15.519918] </TASK> [ 15.519930] [ 15.529972] Allocated by task 283: [ 15.530163] kasan_save_stack+0x45/0x70 [ 15.530400] kasan_save_track+0x18/0x40 [ 15.530644] kasan_save_alloc_info+0x3b/0x50 [ 15.531062] __kasan_kmalloc+0xb7/0xc0 [ 15.531207] __kmalloc_cache_noprof+0x189/0x420 [ 15.531391] kasan_atomics+0x95/0x310 [ 15.531541] kunit_try_run_case+0x1a5/0x480 [ 15.531746] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.531999] kthread+0x337/0x6f0 [ 15.532229] ret_from_fork+0x116/0x1d0 [ 15.532434] ret_from_fork_asm+0x1a/0x30 [ 15.532793] [ 15.532895] The buggy address belongs to the object at ffff8881039b8c80 [ 15.532895] which belongs to the cache kmalloc-64 of size 64 [ 15.533305] The buggy address is located 0 bytes to the right of [ 15.533305] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 15.534118] [ 15.534220] The buggy address belongs to the physical page: [ 15.534533] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.534813] flags: 0x200000000000000(node=0|zone=2) [ 15.534978] page_type: f5(slab) [ 15.535101] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.535623] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.536438] page dumped because: kasan: bad access detected [ 15.536696] [ 15.536768] Memory state around the buggy address: [ 15.536926] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.537146] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.537659] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.537986] ^ [ 15.538215] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.538592] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.538890] ================================================================== [ 15.239167] ================================================================== [ 15.239794] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 15.240131] Write of size 4 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 15.240810] [ 15.240932] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.240975] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.240989] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.241011] Call Trace: [ 15.241027] <TASK> [ 15.241042] dump_stack_lvl+0x73/0xb0 [ 15.241073] print_report+0xd1/0x650 [ 15.241097] ? __virt_addr_valid+0x1db/0x2d0 [ 15.241120] ? kasan_atomics_helper+0x4a0/0x5450 [ 15.241142] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.241167] ? kasan_atomics_helper+0x4a0/0x5450 [ 15.241190] kasan_report+0x141/0x180 [ 15.241213] ? kasan_atomics_helper+0x4a0/0x5450 [ 15.241241] kasan_check_range+0x10c/0x1c0 [ 15.241266] __kasan_check_write+0x18/0x20 [ 15.241287] kasan_atomics_helper+0x4a0/0x5450 [ 15.241310] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.241334] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.241646] ? kasan_atomics+0x152/0x310 [ 15.241678] kasan_atomics+0x1dc/0x310 [ 15.241704] ? __pfx_kasan_atomics+0x10/0x10 [ 15.241730] ? __pfx_read_tsc+0x10/0x10 [ 15.241753] ? ktime_get_ts64+0x86/0x230 [ 15.241778] kunit_try_run_case+0x1a5/0x480 [ 15.241802] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.241827] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.241853] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.241879] ? __kthread_parkme+0x82/0x180 [ 15.241901] ? preempt_count_sub+0x50/0x80 [ 15.241927] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.241952] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.241978] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.242006] kthread+0x337/0x6f0 [ 15.242026] ? trace_preempt_on+0x20/0xc0 [ 15.242050] ? __pfx_kthread+0x10/0x10 [ 15.242072] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.242094] ? calculate_sigpending+0x7b/0xa0 [ 15.242119] ? __pfx_kthread+0x10/0x10 [ 15.242141] ret_from_fork+0x116/0x1d0 [ 15.242160] ? __pfx_kthread+0x10/0x10 [ 15.242182] ret_from_fork_asm+0x1a/0x30 [ 15.242214] </TASK> [ 15.242225] [ 15.253337] Allocated by task 283: [ 15.253819] kasan_save_stack+0x45/0x70 [ 15.254031] kasan_save_track+0x18/0x40 [ 15.254214] kasan_save_alloc_info+0x3b/0x50 [ 15.254861] __kasan_kmalloc+0xb7/0xc0 [ 15.255185] __kmalloc_cache_noprof+0x189/0x420 [ 15.255968] kasan_atomics+0x95/0x310 [ 15.256367] kunit_try_run_case+0x1a5/0x480 [ 15.257883] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.258242] kthread+0x337/0x6f0 [ 15.258394] ret_from_fork+0x116/0x1d0 [ 15.258535] ret_from_fork_asm+0x1a/0x30 [ 15.258678] [ 15.258754] The buggy address belongs to the object at ffff8881039b8c80 [ 15.258754] which belongs to the cache kmalloc-64 of size 64 [ 15.259110] The buggy address is located 0 bytes to the right of [ 15.259110] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 15.260242] [ 15.260366] The buggy address belongs to the physical page: [ 15.262064] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.262740] flags: 0x200000000000000(node=0|zone=2) [ 15.263193] page_type: f5(slab) [ 15.263830] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.264076] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.264316] page dumped because: kasan: bad access detected [ 15.265233] [ 15.265564] Memory state around the buggy address: [ 15.266211] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.267143] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.267932] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.268155] ^ [ 15.268319] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.269100] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.269861] ================================================================== [ 15.539297] ================================================================== [ 15.539662] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 15.540024] Read of size 4 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 15.540260] [ 15.540361] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.540403] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.540417] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.540437] Call Trace: [ 15.540454] <TASK> [ 15.540470] dump_stack_lvl+0x73/0xb0 [ 15.540562] print_report+0xd1/0x650 [ 15.540590] ? __virt_addr_valid+0x1db/0x2d0 [ 15.540613] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.540636] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.540661] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.540685] kasan_report+0x141/0x180 [ 15.540708] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.540736] __asan_report_load4_noabort+0x18/0x20 [ 15.540763] kasan_atomics_helper+0x4a84/0x5450 [ 15.540787] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.540811] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.540837] ? kasan_atomics+0x152/0x310 [ 15.540865] kasan_atomics+0x1dc/0x310 [ 15.540888] ? __pfx_kasan_atomics+0x10/0x10 [ 15.540914] ? __pfx_read_tsc+0x10/0x10 [ 15.540936] ? ktime_get_ts64+0x86/0x230 [ 15.540961] kunit_try_run_case+0x1a5/0x480 [ 15.540986] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.541010] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.541035] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.541061] ? __kthread_parkme+0x82/0x180 [ 15.541083] ? preempt_count_sub+0x50/0x80 [ 15.541107] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.541133] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.541159] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.541185] kthread+0x337/0x6f0 [ 15.541205] ? trace_preempt_on+0x20/0xc0 [ 15.541228] ? __pfx_kthread+0x10/0x10 [ 15.541250] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.541273] ? calculate_sigpending+0x7b/0xa0 [ 15.541299] ? __pfx_kthread+0x10/0x10 [ 15.541321] ret_from_fork+0x116/0x1d0 [ 15.541340] ? __pfx_kthread+0x10/0x10 [ 15.541412] ret_from_fork_asm+0x1a/0x30 [ 15.541454] </TASK> [ 15.541465] [ 15.549089] Allocated by task 283: [ 15.549249] kasan_save_stack+0x45/0x70 [ 15.549473] kasan_save_track+0x18/0x40 [ 15.549649] kasan_save_alloc_info+0x3b/0x50 [ 15.549837] __kasan_kmalloc+0xb7/0xc0 [ 15.549972] __kmalloc_cache_noprof+0x189/0x420 [ 15.550128] kasan_atomics+0x95/0x310 [ 15.550323] kunit_try_run_case+0x1a5/0x480 [ 15.550541] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.550841] kthread+0x337/0x6f0 [ 15.551025] ret_from_fork+0x116/0x1d0 [ 15.551214] ret_from_fork_asm+0x1a/0x30 [ 15.551371] [ 15.551488] The buggy address belongs to the object at ffff8881039b8c80 [ 15.551488] which belongs to the cache kmalloc-64 of size 64 [ 15.552064] The buggy address is located 0 bytes to the right of [ 15.552064] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 15.553052] [ 15.553193] The buggy address belongs to the physical page: [ 15.553477] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.553815] flags: 0x200000000000000(node=0|zone=2) [ 15.554025] page_type: f5(slab) [ 15.554185] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.554539] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.554770] page dumped because: kasan: bad access detected [ 15.554968] [ 15.555064] Memory state around the buggy address: [ 15.555294] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.555731] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.556009] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.556280] ^ [ 15.556448] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.556791] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.557115] ================================================================== [ 15.946224] ================================================================== [ 15.946800] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 15.947761] Write of size 8 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 15.948116] [ 15.948264] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.948318] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.948330] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.948360] Call Trace: [ 15.948374] <TASK> [ 15.948388] dump_stack_lvl+0x73/0xb0 [ 15.948419] print_report+0xd1/0x650 [ 15.948443] ? __virt_addr_valid+0x1db/0x2d0 [ 15.948466] ? kasan_atomics_helper+0x151d/0x5450 [ 15.948500] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.948524] ? kasan_atomics_helper+0x151d/0x5450 [ 15.948548] kasan_report+0x141/0x180 [ 15.948571] ? kasan_atomics_helper+0x151d/0x5450 [ 15.948599] kasan_check_range+0x10c/0x1c0 [ 15.948658] __kasan_check_write+0x18/0x20 [ 15.948679] kasan_atomics_helper+0x151d/0x5450 [ 15.948742] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.948767] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.948793] ? kasan_atomics+0x152/0x310 [ 15.948831] kasan_atomics+0x1dc/0x310 [ 15.948855] ? __pfx_kasan_atomics+0x10/0x10 [ 15.948881] ? __pfx_read_tsc+0x10/0x10 [ 15.948904] ? ktime_get_ts64+0x86/0x230 [ 15.948928] kunit_try_run_case+0x1a5/0x480 [ 15.948953] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.948977] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.949002] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.949028] ? __kthread_parkme+0x82/0x180 [ 15.949049] ? preempt_count_sub+0x50/0x80 [ 15.949075] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.949101] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.949127] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.949155] kthread+0x337/0x6f0 [ 15.949177] ? trace_preempt_on+0x20/0xc0 [ 15.949201] ? __pfx_kthread+0x10/0x10 [ 15.949223] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.949246] ? calculate_sigpending+0x7b/0xa0 [ 15.949272] ? __pfx_kthread+0x10/0x10 [ 15.949295] ret_from_fork+0x116/0x1d0 [ 15.949315] ? __pfx_kthread+0x10/0x10 [ 15.949337] ret_from_fork_asm+0x1a/0x30 [ 15.949379] </TASK> [ 15.949391] [ 15.957420] Allocated by task 283: [ 15.957645] kasan_save_stack+0x45/0x70 [ 15.957856] kasan_save_track+0x18/0x40 [ 15.958092] kasan_save_alloc_info+0x3b/0x50 [ 15.958308] __kasan_kmalloc+0xb7/0xc0 [ 15.958680] __kmalloc_cache_noprof+0x189/0x420 [ 15.958945] kasan_atomics+0x95/0x310 [ 15.959155] kunit_try_run_case+0x1a5/0x480 [ 15.959397] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.959708] kthread+0x337/0x6f0 [ 15.959900] ret_from_fork+0x116/0x1d0 [ 15.960086] ret_from_fork_asm+0x1a/0x30 [ 15.960228] [ 15.960299] The buggy address belongs to the object at ffff8881039b8c80 [ 15.960299] which belongs to the cache kmalloc-64 of size 64 [ 15.961152] The buggy address is located 0 bytes to the right of [ 15.961152] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 15.961940] [ 15.962050] The buggy address belongs to the physical page: [ 15.962247] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.962491] flags: 0x200000000000000(node=0|zone=2) [ 15.962722] page_type: f5(slab) [ 15.962908] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.963314] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.963675] page dumped because: kasan: bad access detected [ 15.964018] [ 15.964113] Memory state around the buggy address: [ 15.964369] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.964732] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.964976] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.965182] ^ [ 15.965427] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.965747] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.966059] ================================================================== [ 16.026302] ================================================================== [ 16.026719] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 16.027175] Write of size 8 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 16.027686] [ 16.027798] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.027838] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.027850] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.027870] Call Trace: [ 16.027882] <TASK> [ 16.027897] dump_stack_lvl+0x73/0xb0 [ 16.027927] print_report+0xd1/0x650 [ 16.027950] ? __virt_addr_valid+0x1db/0x2d0 [ 16.028014] ? kasan_atomics_helper+0x177f/0x5450 [ 16.028062] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.028138] ? kasan_atomics_helper+0x177f/0x5450 [ 16.028165] kasan_report+0x141/0x180 [ 16.028201] ? kasan_atomics_helper+0x177f/0x5450 [ 16.028229] kasan_check_range+0x10c/0x1c0 [ 16.028253] __kasan_check_write+0x18/0x20 [ 16.028273] kasan_atomics_helper+0x177f/0x5450 [ 16.028297] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.028371] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.028398] ? kasan_atomics+0x152/0x310 [ 16.028465] kasan_atomics+0x1dc/0x310 [ 16.028490] ? __pfx_kasan_atomics+0x10/0x10 [ 16.028526] ? __pfx_read_tsc+0x10/0x10 [ 16.028556] ? ktime_get_ts64+0x86/0x230 [ 16.028581] kunit_try_run_case+0x1a5/0x480 [ 16.028605] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.028629] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.028654] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.028680] ? __kthread_parkme+0x82/0x180 [ 16.028701] ? preempt_count_sub+0x50/0x80 [ 16.028726] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.028752] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.028777] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.028804] kthread+0x337/0x6f0 [ 16.028823] ? trace_preempt_on+0x20/0xc0 [ 16.028848] ? __pfx_kthread+0x10/0x10 [ 16.028870] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.028892] ? calculate_sigpending+0x7b/0xa0 [ 16.028917] ? __pfx_kthread+0x10/0x10 [ 16.028940] ret_from_fork+0x116/0x1d0 [ 16.028959] ? __pfx_kthread+0x10/0x10 [ 16.028980] ret_from_fork_asm+0x1a/0x30 [ 16.029012] </TASK> [ 16.029023] [ 16.040744] Allocated by task 283: [ 16.040935] kasan_save_stack+0x45/0x70 [ 16.041092] kasan_save_track+0x18/0x40 [ 16.041234] kasan_save_alloc_info+0x3b/0x50 [ 16.041460] __kasan_kmalloc+0xb7/0xc0 [ 16.041989] __kmalloc_cache_noprof+0x189/0x420 [ 16.042980] kasan_atomics+0x95/0x310 [ 16.043209] kunit_try_run_case+0x1a5/0x480 [ 16.043871] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.044159] kthread+0x337/0x6f0 [ 16.044336] ret_from_fork+0x116/0x1d0 [ 16.044549] ret_from_fork_asm+0x1a/0x30 [ 16.044695] [ 16.044770] The buggy address belongs to the object at ffff8881039b8c80 [ 16.044770] which belongs to the cache kmalloc-64 of size 64 [ 16.045179] The buggy address is located 0 bytes to the right of [ 16.045179] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 16.045763] [ 16.045908] The buggy address belongs to the physical page: [ 16.046212] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 16.046667] flags: 0x200000000000000(node=0|zone=2) [ 16.047013] page_type: f5(slab) [ 16.047238] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.047637] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.047916] page dumped because: kasan: bad access detected [ 16.048174] [ 16.048268] Memory state around the buggy address: [ 16.048592] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.048816] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.049122] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.049605] ^ [ 16.049897] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.050221] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.050639] ================================================================== [ 15.791578] ================================================================== [ 15.791916] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 15.792184] Write of size 4 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 15.792687] [ 15.792800] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.792840] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.792853] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.792873] Call Trace: [ 15.792890] <TASK> [ 15.792907] dump_stack_lvl+0x73/0xb0 [ 15.792936] print_report+0xd1/0x650 [ 15.792960] ? __virt_addr_valid+0x1db/0x2d0 [ 15.792983] ? kasan_atomics_helper+0x1217/0x5450 [ 15.793006] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.793030] ? kasan_atomics_helper+0x1217/0x5450 [ 15.793053] kasan_report+0x141/0x180 [ 15.793076] ? kasan_atomics_helper+0x1217/0x5450 [ 15.793104] kasan_check_range+0x10c/0x1c0 [ 15.793128] __kasan_check_write+0x18/0x20 [ 15.793149] kasan_atomics_helper+0x1217/0x5450 [ 15.793173] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.793198] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.793224] ? kasan_atomics+0x152/0x310 [ 15.793251] kasan_atomics+0x1dc/0x310 [ 15.793274] ? __pfx_kasan_atomics+0x10/0x10 [ 15.793299] ? __pfx_read_tsc+0x10/0x10 [ 15.793320] ? ktime_get_ts64+0x86/0x230 [ 15.793360] kunit_try_run_case+0x1a5/0x480 [ 15.793385] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.793420] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.793444] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.793470] ? __kthread_parkme+0x82/0x180 [ 15.793492] ? preempt_count_sub+0x50/0x80 [ 15.793516] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.793541] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.793567] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.793593] kthread+0x337/0x6f0 [ 15.793613] ? trace_preempt_on+0x20/0xc0 [ 15.793637] ? __pfx_kthread+0x10/0x10 [ 15.793658] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.793681] ? calculate_sigpending+0x7b/0xa0 [ 15.793706] ? __pfx_kthread+0x10/0x10 [ 15.793728] ret_from_fork+0x116/0x1d0 [ 15.793747] ? __pfx_kthread+0x10/0x10 [ 15.793769] ret_from_fork_asm+0x1a/0x30 [ 15.793800] </TASK> [ 15.793811] [ 15.801165] Allocated by task 283: [ 15.801306] kasan_save_stack+0x45/0x70 [ 15.801634] kasan_save_track+0x18/0x40 [ 15.801831] kasan_save_alloc_info+0x3b/0x50 [ 15.802046] __kasan_kmalloc+0xb7/0xc0 [ 15.802239] __kmalloc_cache_noprof+0x189/0x420 [ 15.802472] kasan_atomics+0x95/0x310 [ 15.802639] kunit_try_run_case+0x1a5/0x480 [ 15.802839] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.803067] kthread+0x337/0x6f0 [ 15.803222] ret_from_fork+0x116/0x1d0 [ 15.803372] ret_from_fork_asm+0x1a/0x30 [ 15.803519] [ 15.803591] The buggy address belongs to the object at ffff8881039b8c80 [ 15.803591] which belongs to the cache kmalloc-64 of size 64 [ 15.803946] The buggy address is located 0 bytes to the right of [ 15.803946] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 15.804889] [ 15.804967] The buggy address belongs to the physical page: [ 15.805138] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.805388] flags: 0x200000000000000(node=0|zone=2) [ 15.805634] page_type: f5(slab) [ 15.805804] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.806146] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.806523] page dumped because: kasan: bad access detected [ 15.806695] [ 15.806765] Memory state around the buggy address: [ 15.806920] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.807242] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.807649] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.807971] ^ [ 15.808188] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.808529] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.808821] ================================================================== [ 16.134573] ================================================================== [ 16.134918] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 16.135264] Write of size 8 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 16.135741] [ 16.135868] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.135909] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.135933] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.135953] Call Trace: [ 16.135969] <TASK> [ 16.135984] dump_stack_lvl+0x73/0xb0 [ 16.136013] print_report+0xd1/0x650 [ 16.136036] ? __virt_addr_valid+0x1db/0x2d0 [ 16.136058] ? kasan_atomics_helper+0x1a7f/0x5450 [ 16.136080] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.136104] ? kasan_atomics_helper+0x1a7f/0x5450 [ 16.136127] kasan_report+0x141/0x180 [ 16.136150] ? kasan_atomics_helper+0x1a7f/0x5450 [ 16.136182] kasan_check_range+0x10c/0x1c0 [ 16.136206] __kasan_check_write+0x18/0x20 [ 16.136227] kasan_atomics_helper+0x1a7f/0x5450 [ 16.136250] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.136294] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.136320] ? kasan_atomics+0x152/0x310 [ 16.136357] kasan_atomics+0x1dc/0x310 [ 16.136380] ? __pfx_kasan_atomics+0x10/0x10 [ 16.136407] ? __pfx_read_tsc+0x10/0x10 [ 16.136428] ? ktime_get_ts64+0x86/0x230 [ 16.136455] kunit_try_run_case+0x1a5/0x480 [ 16.136480] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.136503] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.136529] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.136554] ? __kthread_parkme+0x82/0x180 [ 16.136575] ? preempt_count_sub+0x50/0x80 [ 16.136599] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.136625] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.136669] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.136696] kthread+0x337/0x6f0 [ 16.136716] ? trace_preempt_on+0x20/0xc0 [ 16.136739] ? __pfx_kthread+0x10/0x10 [ 16.136761] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.136783] ? calculate_sigpending+0x7b/0xa0 [ 16.136809] ? __pfx_kthread+0x10/0x10 [ 16.136833] ret_from_fork+0x116/0x1d0 [ 16.136853] ? __pfx_kthread+0x10/0x10 [ 16.136874] ret_from_fork_asm+0x1a/0x30 [ 16.136906] </TASK> [ 16.136916] [ 16.146378] Allocated by task 283: [ 16.146708] kasan_save_stack+0x45/0x70 [ 16.147000] kasan_save_track+0x18/0x40 [ 16.147279] kasan_save_alloc_info+0x3b/0x50 [ 16.147591] __kasan_kmalloc+0xb7/0xc0 [ 16.147955] __kmalloc_cache_noprof+0x189/0x420 [ 16.148280] kasan_atomics+0x95/0x310 [ 16.148589] kunit_try_run_case+0x1a5/0x480 [ 16.148903] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.149144] kthread+0x337/0x6f0 [ 16.149321] ret_from_fork+0x116/0x1d0 [ 16.149564] ret_from_fork_asm+0x1a/0x30 [ 16.149721] [ 16.149797] The buggy address belongs to the object at ffff8881039b8c80 [ 16.149797] which belongs to the cache kmalloc-64 of size 64 [ 16.150365] The buggy address is located 0 bytes to the right of [ 16.150365] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 16.151051] [ 16.151473] The buggy address belongs to the physical page: [ 16.151689] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 16.152199] flags: 0x200000000000000(node=0|zone=2) [ 16.152514] page_type: f5(slab) [ 16.152810] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.153181] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.153738] page dumped because: kasan: bad access detected [ 16.154014] [ 16.154243] Memory state around the buggy address: [ 16.154608] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.155024] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.155519] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.155827] ^ [ 16.156055] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.156373] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.156937] ================================================================== [ 15.768294] ================================================================== [ 15.768949] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 15.769274] Read of size 4 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 15.769638] [ 15.769762] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.769816] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.769829] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.769850] Call Trace: [ 15.769863] <TASK> [ 15.769877] dump_stack_lvl+0x73/0xb0 [ 15.769918] print_report+0xd1/0x650 [ 15.769941] ? __virt_addr_valid+0x1db/0x2d0 [ 15.769964] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.769998] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.770022] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.770045] kasan_report+0x141/0x180 [ 15.770069] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.770097] __asan_report_load4_noabort+0x18/0x20 [ 15.770122] kasan_atomics_helper+0x4a02/0x5450 [ 15.770147] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.770171] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.770196] ? kasan_atomics+0x152/0x310 [ 15.770224] kasan_atomics+0x1dc/0x310 [ 15.770248] ? __pfx_kasan_atomics+0x10/0x10 [ 15.770273] ? __pfx_read_tsc+0x10/0x10 [ 15.770295] ? ktime_get_ts64+0x86/0x230 [ 15.770320] kunit_try_run_case+0x1a5/0x480 [ 15.770353] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.770378] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.770404] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.770441] ? __kthread_parkme+0x82/0x180 [ 15.770471] ? preempt_count_sub+0x50/0x80 [ 15.770496] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.770532] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.770558] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.770585] kthread+0x337/0x6f0 [ 15.770604] ? trace_preempt_on+0x20/0xc0 [ 15.770629] ? __pfx_kthread+0x10/0x10 [ 15.770650] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.770673] ? calculate_sigpending+0x7b/0xa0 [ 15.770699] ? __pfx_kthread+0x10/0x10 [ 15.770721] ret_from_fork+0x116/0x1d0 [ 15.770741] ? __pfx_kthread+0x10/0x10 [ 15.770763] ret_from_fork_asm+0x1a/0x30 [ 15.770803] </TASK> [ 15.770814] [ 15.780667] Allocated by task 283: [ 15.781690] kasan_save_stack+0x45/0x70 [ 15.781866] kasan_save_track+0x18/0x40 [ 15.782009] kasan_save_alloc_info+0x3b/0x50 [ 15.782162] __kasan_kmalloc+0xb7/0xc0 [ 15.782296] __kmalloc_cache_noprof+0x189/0x420 [ 15.782471] kasan_atomics+0x95/0x310 [ 15.782608] kunit_try_run_case+0x1a5/0x480 [ 15.782756] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.782936] kthread+0x337/0x6f0 [ 15.783058] ret_from_fork+0x116/0x1d0 [ 15.783192] ret_from_fork_asm+0x1a/0x30 [ 15.783332] [ 15.784919] The buggy address belongs to the object at ffff8881039b8c80 [ 15.784919] which belongs to the cache kmalloc-64 of size 64 [ 15.785817] The buggy address is located 0 bytes to the right of [ 15.785817] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 15.786293] [ 15.786405] The buggy address belongs to the physical page: [ 15.786797] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.787432] flags: 0x200000000000000(node=0|zone=2) [ 15.787617] page_type: f5(slab) [ 15.787788] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.788078] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.788376] page dumped because: kasan: bad access detected [ 15.788603] [ 15.788696] Memory state around the buggy address: [ 15.788854] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.789302] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.789734] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.790011] ^ [ 15.790216] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.790599] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.790894] ================================================================== [ 16.469568] ================================================================== [ 16.470188] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 16.470599] Write of size 8 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 16.470904] [ 16.470989] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.471029] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.471051] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.471071] Call Trace: [ 16.471086] <TASK> [ 16.471101] dump_stack_lvl+0x73/0xb0 [ 16.471142] print_report+0xd1/0x650 [ 16.471166] ? __virt_addr_valid+0x1db/0x2d0 [ 16.471188] ? kasan_atomics_helper+0x224c/0x5450 [ 16.471210] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.471245] ? kasan_atomics_helper+0x224c/0x5450 [ 16.471267] kasan_report+0x141/0x180 [ 16.471290] ? kasan_atomics_helper+0x224c/0x5450 [ 16.471328] kasan_check_range+0x10c/0x1c0 [ 16.471362] __kasan_check_write+0x18/0x20 [ 16.471383] kasan_atomics_helper+0x224c/0x5450 [ 16.471418] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.471442] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.471478] ? kasan_atomics+0x152/0x310 [ 16.471505] kasan_atomics+0x1dc/0x310 [ 16.471539] ? __pfx_kasan_atomics+0x10/0x10 [ 16.471564] ? __pfx_read_tsc+0x10/0x10 [ 16.471586] ? ktime_get_ts64+0x86/0x230 [ 16.471610] kunit_try_run_case+0x1a5/0x480 [ 16.471644] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.471668] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.471693] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.471728] ? __kthread_parkme+0x82/0x180 [ 16.471750] ? preempt_count_sub+0x50/0x80 [ 16.471774] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.471800] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.471826] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.471853] kthread+0x337/0x6f0 [ 16.471873] ? trace_preempt_on+0x20/0xc0 [ 16.471897] ? __pfx_kthread+0x10/0x10 [ 16.471919] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.471951] ? calculate_sigpending+0x7b/0xa0 [ 16.471976] ? __pfx_kthread+0x10/0x10 [ 16.471998] ret_from_fork+0x116/0x1d0 [ 16.472028] ? __pfx_kthread+0x10/0x10 [ 16.472049] ret_from_fork_asm+0x1a/0x30 [ 16.472082] </TASK> [ 16.472093] [ 16.479929] Allocated by task 283: [ 16.480098] kasan_save_stack+0x45/0x70 [ 16.480310] kasan_save_track+0x18/0x40 [ 16.480523] kasan_save_alloc_info+0x3b/0x50 [ 16.480716] __kasan_kmalloc+0xb7/0xc0 [ 16.480915] __kmalloc_cache_noprof+0x189/0x420 [ 16.481138] kasan_atomics+0x95/0x310 [ 16.481328] kunit_try_run_case+0x1a5/0x480 [ 16.481571] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.481788] kthread+0x337/0x6f0 [ 16.481911] ret_from_fork+0x116/0x1d0 [ 16.482078] ret_from_fork_asm+0x1a/0x30 [ 16.482276] [ 16.482383] The buggy address belongs to the object at ffff8881039b8c80 [ 16.482383] which belongs to the cache kmalloc-64 of size 64 [ 16.482854] The buggy address is located 0 bytes to the right of [ 16.482854] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 16.483426] [ 16.483514] The buggy address belongs to the physical page: [ 16.483688] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 16.483926] flags: 0x200000000000000(node=0|zone=2) [ 16.484088] page_type: f5(slab) [ 16.484214] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.484614] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.485017] page dumped because: kasan: bad access detected [ 16.485319] [ 16.485430] Memory state around the buggy address: [ 16.485815] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.486215] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.486527] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.486879] ^ [ 16.487162] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.487567] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.487916] ================================================================== [ 16.351557] ================================================================== [ 16.351862] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 16.352100] Write of size 8 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 16.352516] [ 16.352642] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.352695] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.352707] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.352727] Call Trace: [ 16.352741] <TASK> [ 16.352756] dump_stack_lvl+0x73/0xb0 [ 16.352785] print_report+0xd1/0x650 [ 16.352808] ? __virt_addr_valid+0x1db/0x2d0 [ 16.352831] ? kasan_atomics_helper+0x2006/0x5450 [ 16.352853] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.352878] ? kasan_atomics_helper+0x2006/0x5450 [ 16.352901] kasan_report+0x141/0x180 [ 16.352924] ? kasan_atomics_helper+0x2006/0x5450 [ 16.352952] kasan_check_range+0x10c/0x1c0 [ 16.352977] __kasan_check_write+0x18/0x20 [ 16.352997] kasan_atomics_helper+0x2006/0x5450 [ 16.353032] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.353056] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.353083] ? kasan_atomics+0x152/0x310 [ 16.353121] kasan_atomics+0x1dc/0x310 [ 16.353144] ? __pfx_kasan_atomics+0x10/0x10 [ 16.353170] ? __pfx_read_tsc+0x10/0x10 [ 16.353192] ? ktime_get_ts64+0x86/0x230 [ 16.353217] kunit_try_run_case+0x1a5/0x480 [ 16.353241] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.353265] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.353290] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.353315] ? __kthread_parkme+0x82/0x180 [ 16.353338] ? preempt_count_sub+0x50/0x80 [ 16.353372] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.353416] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.353443] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.353470] kthread+0x337/0x6f0 [ 16.353490] ? trace_preempt_on+0x20/0xc0 [ 16.353515] ? __pfx_kthread+0x10/0x10 [ 16.353536] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.353559] ? calculate_sigpending+0x7b/0xa0 [ 16.353584] ? __pfx_kthread+0x10/0x10 [ 16.353607] ret_from_fork+0x116/0x1d0 [ 16.353626] ? __pfx_kthread+0x10/0x10 [ 16.353648] ret_from_fork_asm+0x1a/0x30 [ 16.353689] </TASK> [ 16.353700] [ 16.361364] Allocated by task 283: [ 16.361556] kasan_save_stack+0x45/0x70 [ 16.361760] kasan_save_track+0x18/0x40 [ 16.361956] kasan_save_alloc_info+0x3b/0x50 [ 16.362167] __kasan_kmalloc+0xb7/0xc0 [ 16.362329] __kmalloc_cache_noprof+0x189/0x420 [ 16.362578] kasan_atomics+0x95/0x310 [ 16.362776] kunit_try_run_case+0x1a5/0x480 [ 16.362981] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.363226] kthread+0x337/0x6f0 [ 16.363430] ret_from_fork+0x116/0x1d0 [ 16.363602] ret_from_fork_asm+0x1a/0x30 [ 16.363824] [ 16.363919] The buggy address belongs to the object at ffff8881039b8c80 [ 16.363919] which belongs to the cache kmalloc-64 of size 64 [ 16.364382] The buggy address is located 0 bytes to the right of [ 16.364382] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 16.364766] [ 16.364839] The buggy address belongs to the physical page: [ 16.365011] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 16.365411] flags: 0x200000000000000(node=0|zone=2) [ 16.365649] page_type: f5(slab) [ 16.365816] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.366189] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.366566] page dumped because: kasan: bad access detected [ 16.366840] [ 16.366935] Memory state around the buggy address: [ 16.367188] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.367501] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.367720] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.367933] ^ [ 16.368087] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.368386] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.368756] ================================================================== [ 16.116958] ================================================================== [ 16.117282] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 16.117641] Write of size 8 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 16.117898] [ 16.118007] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.118047] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.118059] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.118080] Call Trace: [ 16.118093] <TASK> [ 16.118106] dump_stack_lvl+0x73/0xb0 [ 16.118135] print_report+0xd1/0x650 [ 16.118159] ? __virt_addr_valid+0x1db/0x2d0 [ 16.118181] ? kasan_atomics_helper+0x19e3/0x5450 [ 16.118203] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.118228] ? kasan_atomics_helper+0x19e3/0x5450 [ 16.118251] kasan_report+0x141/0x180 [ 16.118273] ? kasan_atomics_helper+0x19e3/0x5450 [ 16.118301] kasan_check_range+0x10c/0x1c0 [ 16.118325] __kasan_check_write+0x18/0x20 [ 16.118361] kasan_atomics_helper+0x19e3/0x5450 [ 16.118386] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.118409] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.118450] ? kasan_atomics+0x152/0x310 [ 16.118477] kasan_atomics+0x1dc/0x310 [ 16.118501] ? __pfx_kasan_atomics+0x10/0x10 [ 16.118526] ? __pfx_read_tsc+0x10/0x10 [ 16.118548] ? ktime_get_ts64+0x86/0x230 [ 16.118573] kunit_try_run_case+0x1a5/0x480 [ 16.118597] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.118642] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.118669] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.118693] ? __kthread_parkme+0x82/0x180 [ 16.118715] ? preempt_count_sub+0x50/0x80 [ 16.118740] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.118765] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.118790] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.118817] kthread+0x337/0x6f0 [ 16.118836] ? trace_preempt_on+0x20/0xc0 [ 16.118875] ? __pfx_kthread+0x10/0x10 [ 16.118896] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.118919] ? calculate_sigpending+0x7b/0xa0 [ 16.118956] ? __pfx_kthread+0x10/0x10 [ 16.118979] ret_from_fork+0x116/0x1d0 [ 16.118998] ? __pfx_kthread+0x10/0x10 [ 16.119019] ret_from_fork_asm+0x1a/0x30 [ 16.119050] </TASK> [ 16.119061] [ 16.126666] Allocated by task 283: [ 16.126876] kasan_save_stack+0x45/0x70 [ 16.127084] kasan_save_track+0x18/0x40 [ 16.127282] kasan_save_alloc_info+0x3b/0x50 [ 16.127541] __kasan_kmalloc+0xb7/0xc0 [ 16.127706] __kmalloc_cache_noprof+0x189/0x420 [ 16.127932] kasan_atomics+0x95/0x310 [ 16.128101] kunit_try_run_case+0x1a5/0x480 [ 16.128249] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.128543] kthread+0x337/0x6f0 [ 16.128713] ret_from_fork+0x116/0x1d0 [ 16.128897] ret_from_fork_asm+0x1a/0x30 [ 16.129093] [ 16.129168] The buggy address belongs to the object at ffff8881039b8c80 [ 16.129168] which belongs to the cache kmalloc-64 of size 64 [ 16.129518] The buggy address is located 0 bytes to the right of [ 16.129518] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 16.130317] [ 16.130477] The buggy address belongs to the physical page: [ 16.130713] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 16.130973] flags: 0x200000000000000(node=0|zone=2) [ 16.131129] page_type: f5(slab) [ 16.131246] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.131554] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.131891] page dumped because: kasan: bad access detected [ 16.132145] [ 16.132244] Memory state around the buggy address: [ 16.132556] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.132765] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.133106] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.133404] ^ [ 16.133623] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.133831] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.134038] ================================================================== [ 15.291992] ================================================================== [ 15.292328] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 15.292719] Write of size 4 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 15.293041] [ 15.293148] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.293189] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.293201] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.293230] Call Trace: [ 15.293248] <TASK> [ 15.293265] dump_stack_lvl+0x73/0xb0 [ 15.293305] print_report+0xd1/0x650 [ 15.293328] ? __virt_addr_valid+0x1db/0x2d0 [ 15.293404] ? kasan_atomics_helper+0x565/0x5450 [ 15.293430] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.293455] ? kasan_atomics_helper+0x565/0x5450 [ 15.293479] kasan_report+0x141/0x180 [ 15.293502] ? kasan_atomics_helper+0x565/0x5450 [ 15.293529] kasan_check_range+0x10c/0x1c0 [ 15.293554] __kasan_check_write+0x18/0x20 [ 15.293576] kasan_atomics_helper+0x565/0x5450 [ 15.293600] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.293624] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.293651] ? kasan_atomics+0x152/0x310 [ 15.293678] kasan_atomics+0x1dc/0x310 [ 15.293702] ? __pfx_kasan_atomics+0x10/0x10 [ 15.293728] ? __pfx_read_tsc+0x10/0x10 [ 15.293749] ? ktime_get_ts64+0x86/0x230 [ 15.293774] kunit_try_run_case+0x1a5/0x480 [ 15.293799] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.293835] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.293861] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.293886] ? __kthread_parkme+0x82/0x180 [ 15.293919] ? preempt_count_sub+0x50/0x80 [ 15.293944] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.293969] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.293996] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.294022] kthread+0x337/0x6f0 [ 15.294042] ? trace_preempt_on+0x20/0xc0 [ 15.294066] ? __pfx_kthread+0x10/0x10 [ 15.294087] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.294111] ? calculate_sigpending+0x7b/0xa0 [ 15.294135] ? __pfx_kthread+0x10/0x10 [ 15.294158] ret_from_fork+0x116/0x1d0 [ 15.294177] ? __pfx_kthread+0x10/0x10 [ 15.294198] ret_from_fork_asm+0x1a/0x30 [ 15.294230] </TASK> [ 15.294240] [ 15.302673] Allocated by task 283: [ 15.302854] kasan_save_stack+0x45/0x70 [ 15.303035] kasan_save_track+0x18/0x40 [ 15.303221] kasan_save_alloc_info+0x3b/0x50 [ 15.303557] __kasan_kmalloc+0xb7/0xc0 [ 15.303757] __kmalloc_cache_noprof+0x189/0x420 [ 15.303918] kasan_atomics+0x95/0x310 [ 15.304053] kunit_try_run_case+0x1a5/0x480 [ 15.304287] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.304551] kthread+0x337/0x6f0 [ 15.304739] ret_from_fork+0x116/0x1d0 [ 15.305099] ret_from_fork_asm+0x1a/0x30 [ 15.305238] [ 15.305308] The buggy address belongs to the object at ffff8881039b8c80 [ 15.305308] which belongs to the cache kmalloc-64 of size 64 [ 15.305666] The buggy address is located 0 bytes to the right of [ 15.305666] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 15.306193] [ 15.306288] The buggy address belongs to the physical page: [ 15.306549] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.306866] flags: 0x200000000000000(node=0|zone=2) [ 15.307030] page_type: f5(slab) [ 15.307152] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.307409] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.308035] page dumped because: kasan: bad access detected [ 15.308300] [ 15.308460] Memory state around the buggy address: [ 15.308949] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.309213] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.309442] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.309869] ^ [ 15.310404] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.310676] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.310898] ================================================================== [ 16.267120] ================================================================== [ 16.267587] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 16.267918] Write of size 8 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 16.268275] [ 16.268400] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.268453] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.268466] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.268487] Call Trace: [ 16.268501] <TASK> [ 16.268515] dump_stack_lvl+0x73/0xb0 [ 16.268545] print_report+0xd1/0x650 [ 16.268568] ? __virt_addr_valid+0x1db/0x2d0 [ 16.268591] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.268613] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.268638] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.268661] kasan_report+0x141/0x180 [ 16.268684] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.268712] kasan_check_range+0x10c/0x1c0 [ 16.268737] __kasan_check_write+0x18/0x20 [ 16.268758] kasan_atomics_helper+0x1e12/0x5450 [ 16.268783] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.268807] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.268834] ? kasan_atomics+0x152/0x310 [ 16.268861] kasan_atomics+0x1dc/0x310 [ 16.268885] ? __pfx_kasan_atomics+0x10/0x10 [ 16.268935] ? __pfx_read_tsc+0x10/0x10 [ 16.268957] ? ktime_get_ts64+0x86/0x230 [ 16.268997] kunit_try_run_case+0x1a5/0x480 [ 16.269022] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.269060] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.269099] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.269138] ? __kthread_parkme+0x82/0x180 [ 16.269174] ? preempt_count_sub+0x50/0x80 [ 16.269213] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.269264] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.269304] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.269331] kthread+0x337/0x6f0 [ 16.269362] ? trace_preempt_on+0x20/0xc0 [ 16.269387] ? __pfx_kthread+0x10/0x10 [ 16.269419] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.269442] ? calculate_sigpending+0x7b/0xa0 [ 16.269466] ? __pfx_kthread+0x10/0x10 [ 16.269490] ret_from_fork+0x116/0x1d0 [ 16.269509] ? __pfx_kthread+0x10/0x10 [ 16.269530] ret_from_fork_asm+0x1a/0x30 [ 16.269562] </TASK> [ 16.269572] [ 16.277628] Allocated by task 283: [ 16.277800] kasan_save_stack+0x45/0x70 [ 16.277975] kasan_save_track+0x18/0x40 [ 16.278144] kasan_save_alloc_info+0x3b/0x50 [ 16.278366] __kasan_kmalloc+0xb7/0xc0 [ 16.278635] __kmalloc_cache_noprof+0x189/0x420 [ 16.278824] kasan_atomics+0x95/0x310 [ 16.279016] kunit_try_run_case+0x1a5/0x480 [ 16.279249] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.279501] kthread+0x337/0x6f0 [ 16.279701] ret_from_fork+0x116/0x1d0 [ 16.279901] ret_from_fork_asm+0x1a/0x30 [ 16.280097] [ 16.280193] The buggy address belongs to the object at ffff8881039b8c80 [ 16.280193] which belongs to the cache kmalloc-64 of size 64 [ 16.280581] The buggy address is located 0 bytes to the right of [ 16.280581] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 16.281234] [ 16.281360] The buggy address belongs to the physical page: [ 16.281656] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 16.282111] flags: 0x200000000000000(node=0|zone=2) [ 16.282365] page_type: f5(slab) [ 16.282557] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.282895] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.283225] page dumped because: kasan: bad access detected [ 16.283641] [ 16.283712] Memory state around the buggy address: [ 16.283866] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.284079] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.284296] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.284921] ^ [ 16.285175] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.285598] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.285926] ================================================================== [ 16.404954] ================================================================== [ 16.405211] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 16.405537] Read of size 8 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 16.406231] [ 16.406386] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.406428] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.406440] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.406461] Call Trace: [ 16.406477] <TASK> [ 16.406492] dump_stack_lvl+0x73/0xb0 [ 16.406522] print_report+0xd1/0x650 [ 16.406545] ? __virt_addr_valid+0x1db/0x2d0 [ 16.406570] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.406593] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.406618] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.406640] kasan_report+0x141/0x180 [ 16.406663] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.406691] __asan_report_load8_noabort+0x18/0x20 [ 16.406717] kasan_atomics_helper+0x4fb2/0x5450 [ 16.406768] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.406792] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.406839] ? kasan_atomics+0x152/0x310 [ 16.406867] kasan_atomics+0x1dc/0x310 [ 16.406890] ? __pfx_kasan_atomics+0x10/0x10 [ 16.406926] ? __pfx_read_tsc+0x10/0x10 [ 16.406948] ? ktime_get_ts64+0x86/0x230 [ 16.406974] kunit_try_run_case+0x1a5/0x480 [ 16.406999] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.407023] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.407049] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.407074] ? __kthread_parkme+0x82/0x180 [ 16.407097] ? preempt_count_sub+0x50/0x80 [ 16.407122] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.407148] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.407173] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.407200] kthread+0x337/0x6f0 [ 16.407219] ? trace_preempt_on+0x20/0xc0 [ 16.407244] ? __pfx_kthread+0x10/0x10 [ 16.407266] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.407297] ? calculate_sigpending+0x7b/0xa0 [ 16.407322] ? __pfx_kthread+0x10/0x10 [ 16.407360] ret_from_fork+0x116/0x1d0 [ 16.407380] ? __pfx_kthread+0x10/0x10 [ 16.407419] ret_from_fork_asm+0x1a/0x30 [ 16.407451] </TASK> [ 16.407464] [ 16.415211] Allocated by task 283: [ 16.415338] kasan_save_stack+0x45/0x70 [ 16.415517] kasan_save_track+0x18/0x40 [ 16.415673] kasan_save_alloc_info+0x3b/0x50 [ 16.415897] __kasan_kmalloc+0xb7/0xc0 [ 16.416122] __kmalloc_cache_noprof+0x189/0x420 [ 16.416384] kasan_atomics+0x95/0x310 [ 16.416616] kunit_try_run_case+0x1a5/0x480 [ 16.416828] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.417111] kthread+0x337/0x6f0 [ 16.417280] ret_from_fork+0x116/0x1d0 [ 16.417501] ret_from_fork_asm+0x1a/0x30 [ 16.417657] [ 16.417729] The buggy address belongs to the object at ffff8881039b8c80 [ 16.417729] which belongs to the cache kmalloc-64 of size 64 [ 16.418275] The buggy address is located 0 bytes to the right of [ 16.418275] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 16.418754] [ 16.418852] The buggy address belongs to the physical page: [ 16.419098] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 16.419468] flags: 0x200000000000000(node=0|zone=2) [ 16.419698] page_type: f5(slab) [ 16.419873] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.420204] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.420585] page dumped because: kasan: bad access detected [ 16.420824] [ 16.420922] Memory state around the buggy address: [ 16.421123] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.421350] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.421594] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.421840] ^ [ 16.422064] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.422426] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.422743] ================================================================== [ 16.005024] ================================================================== [ 16.006105] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 16.006701] Write of size 8 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 16.007064] [ 16.007249] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.007305] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.007318] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.007339] Call Trace: [ 16.007363] <TASK> [ 16.007378] dump_stack_lvl+0x73/0xb0 [ 16.007409] print_report+0xd1/0x650 [ 16.007432] ? __virt_addr_valid+0x1db/0x2d0 [ 16.007456] ? kasan_atomics_helper+0x16e7/0x5450 [ 16.007525] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.007550] ? kasan_atomics_helper+0x16e7/0x5450 [ 16.007585] kasan_report+0x141/0x180 [ 16.007608] ? kasan_atomics_helper+0x16e7/0x5450 [ 16.007636] kasan_check_range+0x10c/0x1c0 [ 16.007660] __kasan_check_write+0x18/0x20 [ 16.007684] kasan_atomics_helper+0x16e7/0x5450 [ 16.007710] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.007735] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.007761] ? kasan_atomics+0x152/0x310 [ 16.007789] kasan_atomics+0x1dc/0x310 [ 16.007811] ? __pfx_kasan_atomics+0x10/0x10 [ 16.007837] ? __pfx_read_tsc+0x10/0x10 [ 16.007859] ? ktime_get_ts64+0x86/0x230 [ 16.007883] kunit_try_run_case+0x1a5/0x480 [ 16.007909] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.007934] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.007959] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.007985] ? __kthread_parkme+0x82/0x180 [ 16.008007] ? preempt_count_sub+0x50/0x80 [ 16.008031] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.008057] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.008083] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.008110] kthread+0x337/0x6f0 [ 16.008129] ? trace_preempt_on+0x20/0xc0 [ 16.008153] ? __pfx_kthread+0x10/0x10 [ 16.008183] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.008205] ? calculate_sigpending+0x7b/0xa0 [ 16.008230] ? __pfx_kthread+0x10/0x10 [ 16.008253] ret_from_fork+0x116/0x1d0 [ 16.008272] ? __pfx_kthread+0x10/0x10 [ 16.008293] ret_from_fork_asm+0x1a/0x30 [ 16.008326] </TASK> [ 16.008337] [ 16.016747] Allocated by task 283: [ 16.017044] kasan_save_stack+0x45/0x70 [ 16.017478] kasan_save_track+0x18/0x40 [ 16.017679] kasan_save_alloc_info+0x3b/0x50 [ 16.017894] __kasan_kmalloc+0xb7/0xc0 [ 16.018084] __kmalloc_cache_noprof+0x189/0x420 [ 16.018394] kasan_atomics+0x95/0x310 [ 16.018602] kunit_try_run_case+0x1a5/0x480 [ 16.018896] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.019224] kthread+0x337/0x6f0 [ 16.019408] ret_from_fork+0x116/0x1d0 [ 16.019718] ret_from_fork_asm+0x1a/0x30 [ 16.019922] [ 16.020019] The buggy address belongs to the object at ffff8881039b8c80 [ 16.020019] which belongs to the cache kmalloc-64 of size 64 [ 16.020693] The buggy address is located 0 bytes to the right of [ 16.020693] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 16.021171] [ 16.021391] The buggy address belongs to the physical page: [ 16.021663] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 16.022008] flags: 0x200000000000000(node=0|zone=2) [ 16.022201] page_type: f5(slab) [ 16.022470] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.022824] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.023102] page dumped because: kasan: bad access detected [ 16.023363] [ 16.023568] Memory state around the buggy address: [ 16.023824] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.024088] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.024430] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.024724] ^ [ 16.024942] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.025267] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.025622] ================================================================== [ 15.337145] ================================================================== [ 15.337779] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 15.338119] Write of size 4 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 15.338600] [ 15.338784] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.338830] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.338843] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.338863] Call Trace: [ 15.338877] <TASK> [ 15.338893] dump_stack_lvl+0x73/0xb0 [ 15.339066] print_report+0xd1/0x650 [ 15.339090] ? __virt_addr_valid+0x1db/0x2d0 [ 15.339114] ? kasan_atomics_helper+0x697/0x5450 [ 15.339137] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.339161] ? kasan_atomics_helper+0x697/0x5450 [ 15.339184] kasan_report+0x141/0x180 [ 15.339207] ? kasan_atomics_helper+0x697/0x5450 [ 15.339235] kasan_check_range+0x10c/0x1c0 [ 15.339260] __kasan_check_write+0x18/0x20 [ 15.339281] kasan_atomics_helper+0x697/0x5450 [ 15.339305] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.339330] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.339421] ? kasan_atomics+0x152/0x310 [ 15.339452] kasan_atomics+0x1dc/0x310 [ 15.339475] ? __pfx_kasan_atomics+0x10/0x10 [ 15.339501] ? __pfx_read_tsc+0x10/0x10 [ 15.339523] ? ktime_get_ts64+0x86/0x230 [ 15.339548] kunit_try_run_case+0x1a5/0x480 [ 15.339573] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.339597] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.339623] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.339647] ? __kthread_parkme+0x82/0x180 [ 15.339670] ? preempt_count_sub+0x50/0x80 [ 15.339694] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.339719] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.339745] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.339771] kthread+0x337/0x6f0 [ 15.339791] ? trace_preempt_on+0x20/0xc0 [ 15.339815] ? __pfx_kthread+0x10/0x10 [ 15.339836] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.339859] ? calculate_sigpending+0x7b/0xa0 [ 15.339884] ? __pfx_kthread+0x10/0x10 [ 15.339907] ret_from_fork+0x116/0x1d0 [ 15.339927] ? __pfx_kthread+0x10/0x10 [ 15.339948] ret_from_fork_asm+0x1a/0x30 [ 15.339980] </TASK> [ 15.339991] [ 15.350279] Allocated by task 283: [ 15.350791] kasan_save_stack+0x45/0x70 [ 15.350981] kasan_save_track+0x18/0x40 [ 15.351171] kasan_save_alloc_info+0x3b/0x50 [ 15.351377] __kasan_kmalloc+0xb7/0xc0 [ 15.351817] __kmalloc_cache_noprof+0x189/0x420 [ 15.352017] kasan_atomics+0x95/0x310 [ 15.352211] kunit_try_run_case+0x1a5/0x480 [ 15.352449] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.353131] kthread+0x337/0x6f0 [ 15.353300] ret_from_fork+0x116/0x1d0 [ 15.353600] ret_from_fork_asm+0x1a/0x30 [ 15.353789] [ 15.353886] The buggy address belongs to the object at ffff8881039b8c80 [ 15.353886] which belongs to the cache kmalloc-64 of size 64 [ 15.354417] The buggy address is located 0 bytes to the right of [ 15.354417] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 15.355256] [ 15.355370] The buggy address belongs to the physical page: [ 15.355621] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.356275] flags: 0x200000000000000(node=0|zone=2) [ 15.356658] page_type: f5(slab) [ 15.356822] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.357142] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.357486] page dumped because: kasan: bad access detected [ 15.357769] [ 15.357873] Memory state around the buggy address: [ 15.358042] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.358377] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.358746] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.359018] ^ [ 15.359203] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.359585] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.359962] ================================================================== [ 15.496895] ================================================================== [ 15.497172] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 15.497593] Write of size 4 at addr ffff8881039b8cb0 by task kunit_try_catch/283 [ 15.497895] [ 15.497979] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.498020] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.498032] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.498052] Call Trace: [ 15.498066] <TASK> [ 15.498079] dump_stack_lvl+0x73/0xb0 [ 15.498109] print_report+0xd1/0x650 [ 15.498131] ? __virt_addr_valid+0x1db/0x2d0 [ 15.498156] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.498178] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.498203] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.498227] kasan_report+0x141/0x180 [ 15.498251] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.498277] kasan_check_range+0x10c/0x1c0 [ 15.498302] __kasan_check_write+0x18/0x20 [ 15.498323] kasan_atomics_helper+0xb6a/0x5450 [ 15.498423] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.498456] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.498483] ? kasan_atomics+0x152/0x310 [ 15.498510] kasan_atomics+0x1dc/0x310 [ 15.498533] ? __pfx_kasan_atomics+0x10/0x10 [ 15.498559] ? __pfx_read_tsc+0x10/0x10 [ 15.498581] ? ktime_get_ts64+0x86/0x230 [ 15.498605] kunit_try_run_case+0x1a5/0x480 [ 15.498629] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.498653] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.498678] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.498704] ? __kthread_parkme+0x82/0x180 [ 15.498725] ? preempt_count_sub+0x50/0x80 [ 15.498749] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.498775] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.498801] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.498826] kthread+0x337/0x6f0 [ 15.498847] ? trace_preempt_on+0x20/0xc0 [ 15.498871] ? __pfx_kthread+0x10/0x10 [ 15.498892] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.498915] ? calculate_sigpending+0x7b/0xa0 [ 15.498941] ? __pfx_kthread+0x10/0x10 [ 15.498962] ret_from_fork+0x116/0x1d0 [ 15.498982] ? __pfx_kthread+0x10/0x10 [ 15.499003] ret_from_fork_asm+0x1a/0x30 [ 15.499034] </TASK> [ 15.499045] [ 15.506961] Allocated by task 283: [ 15.507104] kasan_save_stack+0x45/0x70 [ 15.507311] kasan_save_track+0x18/0x40 [ 15.507537] kasan_save_alloc_info+0x3b/0x50 [ 15.507696] __kasan_kmalloc+0xb7/0xc0 [ 15.507885] __kmalloc_cache_noprof+0x189/0x420 [ 15.508114] kasan_atomics+0x95/0x310 [ 15.508311] kunit_try_run_case+0x1a5/0x480 [ 15.508700] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.508918] kthread+0x337/0x6f0 [ 15.509092] ret_from_fork+0x116/0x1d0 [ 15.509290] ret_from_fork_asm+0x1a/0x30 [ 15.509579] [ 15.509659] The buggy address belongs to the object at ffff8881039b8c80 [ 15.509659] which belongs to the cache kmalloc-64 of size 64 [ 15.510137] The buggy address is located 0 bytes to the right of [ 15.510137] allocated 48-byte region [ffff8881039b8c80, ffff8881039b8cb0) [ 15.510747] [ 15.510834] The buggy address belongs to the physical page: [ 15.511065] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.511461] flags: 0x200000000000000(node=0|zone=2) [ 15.511682] page_type: f5(slab) [ 15.511830] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.512140] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.512485] page dumped because: kasan: bad access detected [ 15.512662] [ 15.512734] Memory state around the buggy address: [ 15.512889] ffff8881039b8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.513217] ffff8881039b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.513732] >ffff8881039b8c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.514057] ^ [ 15.514280] ffff8881039b8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.514707] ffff8881039b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.514982] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 14.897945] ================================================================== [ 14.898285] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.899020] Write of size 8 at addr ffff888102749de8 by task kunit_try_catch/279 [ 14.899341] [ 14.899494] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.899537] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.899548] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.899568] Call Trace: [ 14.899581] <TASK> [ 14.899594] dump_stack_lvl+0x73/0xb0 [ 14.899623] print_report+0xd1/0x650 [ 14.899644] ? __virt_addr_valid+0x1db/0x2d0 [ 14.899667] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.899696] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.899720] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.899748] kasan_report+0x141/0x180 [ 14.899770] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.899804] kasan_check_range+0x10c/0x1c0 [ 14.899827] __kasan_check_write+0x18/0x20 [ 14.899846] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.899876] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.899906] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.899930] ? trace_hardirqs_on+0x37/0xe0 [ 14.899951] ? kasan_bitops_generic+0x92/0x1c0 [ 14.899979] kasan_bitops_generic+0x121/0x1c0 [ 14.900003] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.900028] ? __pfx_read_tsc+0x10/0x10 [ 14.900049] ? ktime_get_ts64+0x86/0x230 [ 14.900073] kunit_try_run_case+0x1a5/0x480 [ 14.900096] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.900119] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.900142] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.900171] ? __kthread_parkme+0x82/0x180 [ 14.900192] ? preempt_count_sub+0x50/0x80 [ 14.900215] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.900239] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.900266] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.900291] kthread+0x337/0x6f0 [ 14.900309] ? trace_preempt_on+0x20/0xc0 [ 14.900332] ? __pfx_kthread+0x10/0x10 [ 14.900363] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.900384] ? calculate_sigpending+0x7b/0xa0 [ 14.900408] ? __pfx_kthread+0x10/0x10 [ 14.900430] ret_from_fork+0x116/0x1d0 [ 14.900448] ? __pfx_kthread+0x10/0x10 [ 14.900469] ret_from_fork_asm+0x1a/0x30 [ 14.900499] </TASK> [ 14.900509] [ 14.909774] Allocated by task 279: [ 14.909971] kasan_save_stack+0x45/0x70 [ 14.910190] kasan_save_track+0x18/0x40 [ 14.910423] kasan_save_alloc_info+0x3b/0x50 [ 14.910648] __kasan_kmalloc+0xb7/0xc0 [ 14.910801] __kmalloc_cache_noprof+0x189/0x420 [ 14.910950] kasan_bitops_generic+0x92/0x1c0 [ 14.911094] kunit_try_run_case+0x1a5/0x480 [ 14.911235] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.911502] kthread+0x337/0x6f0 [ 14.911687] ret_from_fork+0x116/0x1d0 [ 14.911873] ret_from_fork_asm+0x1a/0x30 [ 14.912090] [ 14.912213] The buggy address belongs to the object at ffff888102749de0 [ 14.912213] which belongs to the cache kmalloc-16 of size 16 [ 14.913003] The buggy address is located 8 bytes inside of [ 14.913003] allocated 9-byte region [ffff888102749de0, ffff888102749de9) [ 14.913505] [ 14.913604] The buggy address belongs to the physical page: [ 14.913823] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102749 [ 14.914085] flags: 0x200000000000000(node=0|zone=2) [ 14.914328] page_type: f5(slab) [ 14.914620] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.914941] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.915252] page dumped because: kasan: bad access detected [ 14.915524] [ 14.915634] Memory state around the buggy address: [ 14.915790] ffff888102749c80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.916065] ffff888102749d00: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.916411] >ffff888102749d80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.916645] ^ [ 14.916957] ffff888102749e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.917218] ffff888102749e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.917609] ================================================================== [ 14.978657] ================================================================== [ 14.979024] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.979551] Write of size 8 at addr ffff888102749de8 by task kunit_try_catch/279 [ 14.979905] [ 14.980068] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.980149] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.980161] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.980211] Call Trace: [ 14.980240] <TASK> [ 14.980254] dump_stack_lvl+0x73/0xb0 [ 14.980296] print_report+0xd1/0x650 [ 14.980318] ? __virt_addr_valid+0x1db/0x2d0 [ 14.980341] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.980381] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.980423] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.980453] kasan_report+0x141/0x180 [ 14.980475] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.980509] kasan_check_range+0x10c/0x1c0 [ 14.980532] __kasan_check_write+0x18/0x20 [ 14.980552] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.980580] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.980611] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.980635] ? trace_hardirqs_on+0x37/0xe0 [ 14.980657] ? kasan_bitops_generic+0x92/0x1c0 [ 14.980713] kasan_bitops_generic+0x121/0x1c0 [ 14.980737] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.980775] ? __pfx_read_tsc+0x10/0x10 [ 14.980797] ? ktime_get_ts64+0x86/0x230 [ 14.980821] kunit_try_run_case+0x1a5/0x480 [ 14.980844] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.980868] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.980892] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.980916] ? __kthread_parkme+0x82/0x180 [ 14.980936] ? preempt_count_sub+0x50/0x80 [ 14.980961] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.981014] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.981038] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.981063] kthread+0x337/0x6f0 [ 14.981093] ? trace_preempt_on+0x20/0xc0 [ 14.981115] ? __pfx_kthread+0x10/0x10 [ 14.981161] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.981183] ? calculate_sigpending+0x7b/0xa0 [ 14.981207] ? __pfx_kthread+0x10/0x10 [ 14.981239] ret_from_fork+0x116/0x1d0 [ 14.981257] ? __pfx_kthread+0x10/0x10 [ 14.981303] ret_from_fork_asm+0x1a/0x30 [ 14.981334] </TASK> [ 14.981343] [ 14.990538] Allocated by task 279: [ 14.990726] kasan_save_stack+0x45/0x70 [ 14.990925] kasan_save_track+0x18/0x40 [ 14.991117] kasan_save_alloc_info+0x3b/0x50 [ 14.991322] __kasan_kmalloc+0xb7/0xc0 [ 14.991465] __kmalloc_cache_noprof+0x189/0x420 [ 14.991847] kasan_bitops_generic+0x92/0x1c0 [ 14.992080] kunit_try_run_case+0x1a5/0x480 [ 14.992332] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.992733] kthread+0x337/0x6f0 [ 14.992924] ret_from_fork+0x116/0x1d0 [ 14.993059] ret_from_fork_asm+0x1a/0x30 [ 14.993253] [ 14.993346] The buggy address belongs to the object at ffff888102749de0 [ 14.993346] which belongs to the cache kmalloc-16 of size 16 [ 14.993973] The buggy address is located 8 bytes inside of [ 14.993973] allocated 9-byte region [ffff888102749de0, ffff888102749de9) [ 14.994973] [ 14.995108] The buggy address belongs to the physical page: [ 14.995433] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102749 [ 14.996610] flags: 0x200000000000000(node=0|zone=2) [ 14.997202] page_type: f5(slab) [ 14.997342] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.998746] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.999529] page dumped because: kasan: bad access detected [ 15.000086] [ 15.000174] Memory state around the buggy address: [ 15.000334] ffff888102749c80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.000713] ffff888102749d00: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.000930] >ffff888102749d80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 15.001146] ^ [ 15.001692] ffff888102749e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.001910] ffff888102749e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.002117] ================================================================== [ 15.024461] ================================================================== [ 15.024775] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.025134] Read of size 8 at addr ffff888102749de8 by task kunit_try_catch/279 [ 15.025460] [ 15.025570] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.025609] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.025621] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.025640] Call Trace: [ 15.025653] <TASK> [ 15.025665] dump_stack_lvl+0x73/0xb0 [ 15.025693] print_report+0xd1/0x650 [ 15.025714] ? __virt_addr_valid+0x1db/0x2d0 [ 15.025736] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.025765] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.025788] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.025817] kasan_report+0x141/0x180 [ 15.025839] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.025873] kasan_check_range+0x10c/0x1c0 [ 15.025897] __kasan_check_read+0x15/0x20 [ 15.025916] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.025945] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.025976] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.025999] ? trace_hardirqs_on+0x37/0xe0 [ 15.026021] ? kasan_bitops_generic+0x92/0x1c0 [ 15.026048] kasan_bitops_generic+0x121/0x1c0 [ 15.026071] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.026097] ? __pfx_read_tsc+0x10/0x10 [ 15.026117] ? ktime_get_ts64+0x86/0x230 [ 15.026140] kunit_try_run_case+0x1a5/0x480 [ 15.026163] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.026187] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.026210] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.026234] ? __kthread_parkme+0x82/0x180 [ 15.026253] ? preempt_count_sub+0x50/0x80 [ 15.026277] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.026302] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.026326] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.026361] kthread+0x337/0x6f0 [ 15.026381] ? trace_preempt_on+0x20/0xc0 [ 15.026422] ? __pfx_kthread+0x10/0x10 [ 15.026445] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.026468] ? calculate_sigpending+0x7b/0xa0 [ 15.026492] ? __pfx_kthread+0x10/0x10 [ 15.026514] ret_from_fork+0x116/0x1d0 [ 15.026532] ? __pfx_kthread+0x10/0x10 [ 15.026553] ret_from_fork_asm+0x1a/0x30 [ 15.026584] </TASK> [ 15.026593] [ 15.034377] Allocated by task 279: [ 15.034573] kasan_save_stack+0x45/0x70 [ 15.034752] kasan_save_track+0x18/0x40 [ 15.034931] kasan_save_alloc_info+0x3b/0x50 [ 15.035096] __kasan_kmalloc+0xb7/0xc0 [ 15.035285] __kmalloc_cache_noprof+0x189/0x420 [ 15.035519] kasan_bitops_generic+0x92/0x1c0 [ 15.035671] kunit_try_run_case+0x1a5/0x480 [ 15.035881] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.036144] kthread+0x337/0x6f0 [ 15.036332] ret_from_fork+0x116/0x1d0 [ 15.036547] ret_from_fork_asm+0x1a/0x30 [ 15.036716] [ 15.036810] The buggy address belongs to the object at ffff888102749de0 [ 15.036810] which belongs to the cache kmalloc-16 of size 16 [ 15.037198] The buggy address is located 8 bytes inside of [ 15.037198] allocated 9-byte region [ffff888102749de0, ffff888102749de9) [ 15.037575] [ 15.037670] The buggy address belongs to the physical page: [ 15.037921] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102749 [ 15.038270] flags: 0x200000000000000(node=0|zone=2) [ 15.038534] page_type: f5(slab) [ 15.038688] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.038920] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.039146] page dumped because: kasan: bad access detected [ 15.039366] [ 15.039483] Memory state around the buggy address: [ 15.039707] ffff888102749c80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.040036] ffff888102749d00: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.040377] >ffff888102749d80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 15.040712] ^ [ 15.041003] ffff888102749e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.041285] ffff888102749e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.041541] ================================================================== [ 15.003013] ================================================================== [ 15.003782] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.004711] Write of size 8 at addr ffff888102749de8 by task kunit_try_catch/279 [ 15.005230] [ 15.005721] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.005771] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.005791] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.005812] Call Trace: [ 15.005826] <TASK> [ 15.005848] dump_stack_lvl+0x73/0xb0 [ 15.005879] print_report+0xd1/0x650 [ 15.005901] ? __virt_addr_valid+0x1db/0x2d0 [ 15.005922] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.005951] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.005974] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.006004] kasan_report+0x141/0x180 [ 15.006025] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.006058] kasan_check_range+0x10c/0x1c0 [ 15.006082] __kasan_check_write+0x18/0x20 [ 15.006102] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.006131] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.006161] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.006186] ? trace_hardirqs_on+0x37/0xe0 [ 15.006207] ? kasan_bitops_generic+0x92/0x1c0 [ 15.006235] kasan_bitops_generic+0x121/0x1c0 [ 15.006259] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.006284] ? __pfx_read_tsc+0x10/0x10 [ 15.006305] ? ktime_get_ts64+0x86/0x230 [ 15.006328] kunit_try_run_case+0x1a5/0x480 [ 15.006367] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.006390] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.006438] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.006462] ? __kthread_parkme+0x82/0x180 [ 15.006483] ? preempt_count_sub+0x50/0x80 [ 15.006506] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.006531] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.006557] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.006582] kthread+0x337/0x6f0 [ 15.006600] ? trace_preempt_on+0x20/0xc0 [ 15.006622] ? __pfx_kthread+0x10/0x10 [ 15.006642] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.006664] ? calculate_sigpending+0x7b/0xa0 [ 15.006688] ? __pfx_kthread+0x10/0x10 [ 15.006710] ret_from_fork+0x116/0x1d0 [ 15.006727] ? __pfx_kthread+0x10/0x10 [ 15.006747] ret_from_fork_asm+0x1a/0x30 [ 15.006778] </TASK> [ 15.006789] [ 15.014486] Allocated by task 279: [ 15.014632] kasan_save_stack+0x45/0x70 [ 15.014777] kasan_save_track+0x18/0x40 [ 15.014968] kasan_save_alloc_info+0x3b/0x50 [ 15.015180] __kasan_kmalloc+0xb7/0xc0 [ 15.015358] __kmalloc_cache_noprof+0x189/0x420 [ 15.015541] kasan_bitops_generic+0x92/0x1c0 [ 15.015757] kunit_try_run_case+0x1a5/0x480 [ 15.015964] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.016229] kthread+0x337/0x6f0 [ 15.016359] ret_from_fork+0x116/0x1d0 [ 15.016516] ret_from_fork_asm+0x1a/0x30 [ 15.016657] [ 15.016726] The buggy address belongs to the object at ffff888102749de0 [ 15.016726] which belongs to the cache kmalloc-16 of size 16 [ 15.017244] The buggy address is located 8 bytes inside of [ 15.017244] allocated 9-byte region [ffff888102749de0, ffff888102749de9) [ 15.017790] [ 15.017887] The buggy address belongs to the physical page: [ 15.018064] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102749 [ 15.018300] flags: 0x200000000000000(node=0|zone=2) [ 15.018528] page_type: f5(slab) [ 15.018697] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.019039] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.019380] page dumped because: kasan: bad access detected [ 15.019644] [ 15.019730] Memory state around the buggy address: [ 15.019929] ffff888102749c80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.020195] ffff888102749d00: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.020511] >ffff888102749d80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 15.020796] ^ [ 15.021063] ffff888102749e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.021335] ffff888102749e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.021650] ================================================================== [ 14.919152] ================================================================== [ 14.919529] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.919835] Write of size 8 at addr ffff888102749de8 by task kunit_try_catch/279 [ 14.920059] [ 14.920140] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.920187] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.920199] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.920217] Call Trace: [ 14.920230] <TASK> [ 14.920244] dump_stack_lvl+0x73/0xb0 [ 14.920270] print_report+0xd1/0x650 [ 14.920292] ? __virt_addr_valid+0x1db/0x2d0 [ 14.920313] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.920341] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.920375] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.920405] kasan_report+0x141/0x180 [ 14.920440] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.920473] kasan_check_range+0x10c/0x1c0 [ 14.920497] __kasan_check_write+0x18/0x20 [ 14.920541] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.920570] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.920616] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.920640] ? trace_hardirqs_on+0x37/0xe0 [ 14.920676] ? kasan_bitops_generic+0x92/0x1c0 [ 14.920717] kasan_bitops_generic+0x121/0x1c0 [ 14.920767] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.920806] ? __pfx_read_tsc+0x10/0x10 [ 14.920841] ? ktime_get_ts64+0x86/0x230 [ 14.920878] kunit_try_run_case+0x1a5/0x480 [ 14.920917] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.920940] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.920963] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.920987] ? __kthread_parkme+0x82/0x180 [ 14.921008] ? preempt_count_sub+0x50/0x80 [ 14.921031] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.921055] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.921079] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.921105] kthread+0x337/0x6f0 [ 14.921123] ? trace_preempt_on+0x20/0xc0 [ 14.921146] ? __pfx_kthread+0x10/0x10 [ 14.921182] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.921217] ? calculate_sigpending+0x7b/0xa0 [ 14.921241] ? __pfx_kthread+0x10/0x10 [ 14.921276] ret_from_fork+0x116/0x1d0 [ 14.921307] ? __pfx_kthread+0x10/0x10 [ 14.921327] ret_from_fork_asm+0x1a/0x30 [ 14.921381] </TASK> [ 14.921392] [ 14.930204] Allocated by task 279: [ 14.930383] kasan_save_stack+0x45/0x70 [ 14.930577] kasan_save_track+0x18/0x40 [ 14.930788] kasan_save_alloc_info+0x3b/0x50 [ 14.930952] __kasan_kmalloc+0xb7/0xc0 [ 14.931086] __kmalloc_cache_noprof+0x189/0x420 [ 14.931266] kasan_bitops_generic+0x92/0x1c0 [ 14.931562] kunit_try_run_case+0x1a5/0x480 [ 14.931794] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.932079] kthread+0x337/0x6f0 [ 14.932258] ret_from_fork+0x116/0x1d0 [ 14.932550] ret_from_fork_asm+0x1a/0x30 [ 14.932748] [ 14.932840] The buggy address belongs to the object at ffff888102749de0 [ 14.932840] which belongs to the cache kmalloc-16 of size 16 [ 14.933266] The buggy address is located 8 bytes inside of [ 14.933266] allocated 9-byte region [ffff888102749de0, ffff888102749de9) [ 14.933991] [ 14.934100] The buggy address belongs to the physical page: [ 14.934306] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102749 [ 14.934764] flags: 0x200000000000000(node=0|zone=2) [ 14.934998] page_type: f5(slab) [ 14.935161] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.935452] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.935812] page dumped because: kasan: bad access detected [ 14.936007] [ 14.936099] Memory state around the buggy address: [ 14.936344] ffff888102749c80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.936704] ffff888102749d00: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.936954] >ffff888102749d80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.937285] ^ [ 14.937605] ffff888102749e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.937913] ffff888102749e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.938200] ================================================================== [ 14.958017] ================================================================== [ 14.958609] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.959023] Write of size 8 at addr ffff888102749de8 by task kunit_try_catch/279 [ 14.959314] [ 14.959511] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.959563] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.959575] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.959604] Call Trace: [ 14.959620] <TASK> [ 14.959633] dump_stack_lvl+0x73/0xb0 [ 14.959660] print_report+0xd1/0x650 [ 14.959682] ? __virt_addr_valid+0x1db/0x2d0 [ 14.959704] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.959762] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.959786] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.959826] kasan_report+0x141/0x180 [ 14.959849] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.959909] kasan_check_range+0x10c/0x1c0 [ 14.959933] __kasan_check_write+0x18/0x20 [ 14.959962] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.959993] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.960048] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.960073] ? trace_hardirqs_on+0x37/0xe0 [ 14.960104] ? kasan_bitops_generic+0x92/0x1c0 [ 14.960132] kasan_bitops_generic+0x121/0x1c0 [ 14.960184] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.960209] ? __pfx_read_tsc+0x10/0x10 [ 14.960241] ? ktime_get_ts64+0x86/0x230 [ 14.960264] kunit_try_run_case+0x1a5/0x480 [ 14.960289] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.960312] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.960334] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.960367] ? __kthread_parkme+0x82/0x180 [ 14.960388] ? preempt_count_sub+0x50/0x80 [ 14.960430] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.960455] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.960479] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.960532] kthread+0x337/0x6f0 [ 14.960552] ? trace_preempt_on+0x20/0xc0 [ 14.960575] ? __pfx_kthread+0x10/0x10 [ 14.960606] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.960628] ? calculate_sigpending+0x7b/0xa0 [ 14.960652] ? __pfx_kthread+0x10/0x10 [ 14.960699] ret_from_fork+0x116/0x1d0 [ 14.960717] ? __pfx_kthread+0x10/0x10 [ 14.960738] ret_from_fork_asm+0x1a/0x30 [ 14.960778] </TASK> [ 14.960787] [ 14.969684] Allocated by task 279: [ 14.969888] kasan_save_stack+0x45/0x70 [ 14.970111] kasan_save_track+0x18/0x40 [ 14.970332] kasan_save_alloc_info+0x3b/0x50 [ 14.970577] __kasan_kmalloc+0xb7/0xc0 [ 14.970750] __kmalloc_cache_noprof+0x189/0x420 [ 14.970934] kasan_bitops_generic+0x92/0x1c0 [ 14.971143] kunit_try_run_case+0x1a5/0x480 [ 14.971386] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.971738] kthread+0x337/0x6f0 [ 14.971860] ret_from_fork+0x116/0x1d0 [ 14.972089] ret_from_fork_asm+0x1a/0x30 [ 14.972368] [ 14.972491] The buggy address belongs to the object at ffff888102749de0 [ 14.972491] which belongs to the cache kmalloc-16 of size 16 [ 14.973072] The buggy address is located 8 bytes inside of [ 14.973072] allocated 9-byte region [ffff888102749de0, ffff888102749de9) [ 14.973712] [ 14.973810] The buggy address belongs to the physical page: [ 14.974060] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102749 [ 14.974332] flags: 0x200000000000000(node=0|zone=2) [ 14.974525] page_type: f5(slab) [ 14.974660] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.975007] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.975377] page dumped because: kasan: bad access detected [ 14.975702] [ 14.975832] Memory state around the buggy address: [ 14.976074] ffff888102749c80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.976427] ffff888102749d00: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.976804] >ffff888102749d80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.977107] ^ [ 14.977315] ffff888102749e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.977704] ffff888102749e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.978067] ================================================================== [ 14.938779] ================================================================== [ 14.939194] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.939643] Write of size 8 at addr ffff888102749de8 by task kunit_try_catch/279 [ 14.939951] [ 14.940074] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.940117] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.940135] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.940155] Call Trace: [ 14.940170] <TASK> [ 14.940201] dump_stack_lvl+0x73/0xb0 [ 14.940229] print_report+0xd1/0x650 [ 14.940250] ? __virt_addr_valid+0x1db/0x2d0 [ 14.940272] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.940324] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.940358] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.940388] kasan_report+0x141/0x180 [ 14.940409] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.940467] kasan_check_range+0x10c/0x1c0 [ 14.940491] __kasan_check_write+0x18/0x20 [ 14.940511] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.940541] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.940571] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.940596] ? trace_hardirqs_on+0x37/0xe0 [ 14.940634] ? kasan_bitops_generic+0x92/0x1c0 [ 14.940676] kasan_bitops_generic+0x121/0x1c0 [ 14.940713] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.940751] ? __pfx_read_tsc+0x10/0x10 [ 14.940772] ? ktime_get_ts64+0x86/0x230 [ 14.940795] kunit_try_run_case+0x1a5/0x480 [ 14.940819] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.940842] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.940865] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.940888] ? __kthread_parkme+0x82/0x180 [ 14.940908] ? preempt_count_sub+0x50/0x80 [ 14.940931] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.940955] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.940979] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.941004] kthread+0x337/0x6f0 [ 14.941023] ? trace_preempt_on+0x20/0xc0 [ 14.941044] ? __pfx_kthread+0x10/0x10 [ 14.941065] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.941087] ? calculate_sigpending+0x7b/0xa0 [ 14.941110] ? __pfx_kthread+0x10/0x10 [ 14.941132] ret_from_fork+0x116/0x1d0 [ 14.941150] ? __pfx_kthread+0x10/0x10 [ 14.941170] ret_from_fork_asm+0x1a/0x30 [ 14.941201] </TASK> [ 14.941210] [ 14.949363] Allocated by task 279: [ 14.949491] kasan_save_stack+0x45/0x70 [ 14.949635] kasan_save_track+0x18/0x40 [ 14.949825] kasan_save_alloc_info+0x3b/0x50 [ 14.950037] __kasan_kmalloc+0xb7/0xc0 [ 14.950226] __kmalloc_cache_noprof+0x189/0x420 [ 14.950525] kasan_bitops_generic+0x92/0x1c0 [ 14.950740] kunit_try_run_case+0x1a5/0x480 [ 14.950948] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.951230] kthread+0x337/0x6f0 [ 14.951446] ret_from_fork+0x116/0x1d0 [ 14.951629] ret_from_fork_asm+0x1a/0x30 [ 14.951768] [ 14.951839] The buggy address belongs to the object at ffff888102749de0 [ 14.951839] which belongs to the cache kmalloc-16 of size 16 [ 14.952182] The buggy address is located 8 bytes inside of [ 14.952182] allocated 9-byte region [ffff888102749de0, ffff888102749de9) [ 14.952836] [ 14.952996] The buggy address belongs to the physical page: [ 14.953298] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102749 [ 14.953677] flags: 0x200000000000000(node=0|zone=2) [ 14.953906] page_type: f5(slab) [ 14.954066] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.954431] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.954785] page dumped because: kasan: bad access detected [ 14.955050] [ 14.955165] Memory state around the buggy address: [ 14.955423] ffff888102749c80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.955758] ffff888102749d00: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.956072] >ffff888102749d80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.956492] ^ [ 14.956777] ffff888102749e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.957124] ffff888102749e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.957484] ================================================================== [ 14.879008] ================================================================== [ 14.879443] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.880076] Write of size 8 at addr ffff888102749de8 by task kunit_try_catch/279 [ 14.880467] [ 14.880583] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.880623] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.880635] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.880654] Call Trace: [ 14.880668] <TASK> [ 14.880682] dump_stack_lvl+0x73/0xb0 [ 14.880708] print_report+0xd1/0x650 [ 14.880729] ? __virt_addr_valid+0x1db/0x2d0 [ 14.880751] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.880779] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.880803] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.880831] kasan_report+0x141/0x180 [ 14.880853] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.880886] kasan_check_range+0x10c/0x1c0 [ 14.880910] __kasan_check_write+0x18/0x20 [ 14.880929] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.880958] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.880988] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.881012] ? trace_hardirqs_on+0x37/0xe0 [ 14.881034] ? kasan_bitops_generic+0x92/0x1c0 [ 14.881063] kasan_bitops_generic+0x121/0x1c0 [ 14.881086] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.881111] ? __pfx_read_tsc+0x10/0x10 [ 14.881132] ? ktime_get_ts64+0x86/0x230 [ 14.881154] kunit_try_run_case+0x1a5/0x480 [ 14.881178] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.881201] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.881247] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.881271] ? __kthread_parkme+0x82/0x180 [ 14.881291] ? preempt_count_sub+0x50/0x80 [ 14.881330] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.881379] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.881404] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.881440] kthread+0x337/0x6f0 [ 14.881459] ? trace_preempt_on+0x20/0xc0 [ 14.881481] ? __pfx_kthread+0x10/0x10 [ 14.881501] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.881523] ? calculate_sigpending+0x7b/0xa0 [ 14.881546] ? __pfx_kthread+0x10/0x10 [ 14.881568] ret_from_fork+0x116/0x1d0 [ 14.881586] ? __pfx_kthread+0x10/0x10 [ 14.881606] ret_from_fork_asm+0x1a/0x30 [ 14.881637] </TASK> [ 14.881646] [ 14.890002] Allocated by task 279: [ 14.890176] kasan_save_stack+0x45/0x70 [ 14.890393] kasan_save_track+0x18/0x40 [ 14.890607] kasan_save_alloc_info+0x3b/0x50 [ 14.890814] __kasan_kmalloc+0xb7/0xc0 [ 14.890997] __kmalloc_cache_noprof+0x189/0x420 [ 14.891220] kasan_bitops_generic+0x92/0x1c0 [ 14.891463] kunit_try_run_case+0x1a5/0x480 [ 14.891671] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.891864] kthread+0x337/0x6f0 [ 14.891986] ret_from_fork+0x116/0x1d0 [ 14.892130] ret_from_fork_asm+0x1a/0x30 [ 14.892334] [ 14.892449] The buggy address belongs to the object at ffff888102749de0 [ 14.892449] which belongs to the cache kmalloc-16 of size 16 [ 14.892966] The buggy address is located 8 bytes inside of [ 14.892966] allocated 9-byte region [ffff888102749de0, ffff888102749de9) [ 14.893465] [ 14.893561] The buggy address belongs to the physical page: [ 14.893797] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102749 [ 14.894141] flags: 0x200000000000000(node=0|zone=2) [ 14.894393] page_type: f5(slab) [ 14.894564] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.894916] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.895210] page dumped because: kasan: bad access detected [ 14.895495] [ 14.895593] Memory state around the buggy address: [ 14.895794] ffff888102749c80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.896110] ffff888102749d00: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.896445] >ffff888102749d80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.896739] ^ [ 14.896970] ffff888102749e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.897186] ffff888102749e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.897425] ================================================================== [ 15.042186] ================================================================== [ 15.042589] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.042881] Read of size 8 at addr ffff888102749de8 by task kunit_try_catch/279 [ 15.043210] [ 15.043314] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.043361] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.043374] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.043392] Call Trace: [ 15.043424] <TASK> [ 15.043438] dump_stack_lvl+0x73/0xb0 [ 15.043464] print_report+0xd1/0x650 [ 15.043485] ? __virt_addr_valid+0x1db/0x2d0 [ 15.043509] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.043537] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.043562] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.043590] kasan_report+0x141/0x180 [ 15.043612] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.043645] __asan_report_load8_noabort+0x18/0x20 [ 15.043671] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.043700] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.043731] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.043754] ? trace_hardirqs_on+0x37/0xe0 [ 15.043776] ? kasan_bitops_generic+0x92/0x1c0 [ 15.043804] kasan_bitops_generic+0x121/0x1c0 [ 15.043828] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.043854] ? __pfx_read_tsc+0x10/0x10 [ 15.043875] ? ktime_get_ts64+0x86/0x230 [ 15.043898] kunit_try_run_case+0x1a5/0x480 [ 15.043922] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.043945] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.043967] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.043991] ? __kthread_parkme+0x82/0x180 [ 15.044011] ? preempt_count_sub+0x50/0x80 [ 15.044034] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.044059] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.044084] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.044109] kthread+0x337/0x6f0 [ 15.044127] ? trace_preempt_on+0x20/0xc0 [ 15.044149] ? __pfx_kthread+0x10/0x10 [ 15.044174] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.044196] ? calculate_sigpending+0x7b/0xa0 [ 15.044220] ? __pfx_kthread+0x10/0x10 [ 15.044241] ret_from_fork+0x116/0x1d0 [ 15.044259] ? __pfx_kthread+0x10/0x10 [ 15.044280] ret_from_fork_asm+0x1a/0x30 [ 15.044310] </TASK> [ 15.044320] [ 15.055007] Allocated by task 279: [ 15.055247] kasan_save_stack+0x45/0x70 [ 15.055447] kasan_save_track+0x18/0x40 [ 15.055627] kasan_save_alloc_info+0x3b/0x50 [ 15.055844] __kasan_kmalloc+0xb7/0xc0 [ 15.056015] __kmalloc_cache_noprof+0x189/0x420 [ 15.056605] kasan_bitops_generic+0x92/0x1c0 [ 15.057084] kunit_try_run_case+0x1a5/0x480 [ 15.057592] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.058056] kthread+0x337/0x6f0 [ 15.058187] ret_from_fork+0x116/0x1d0 [ 15.058319] ret_from_fork_asm+0x1a/0x30 [ 15.058942] [ 15.059201] The buggy address belongs to the object at ffff888102749de0 [ 15.059201] which belongs to the cache kmalloc-16 of size 16 [ 15.060445] The buggy address is located 8 bytes inside of [ 15.060445] allocated 9-byte region [ffff888102749de0, ffff888102749de9) [ 15.060854] [ 15.060929] The buggy address belongs to the physical page: [ 15.061099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102749 [ 15.061335] flags: 0x200000000000000(node=0|zone=2) [ 15.061816] page_type: f5(slab) [ 15.062109] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.062831] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.063610] page dumped because: kasan: bad access detected [ 15.064186] [ 15.064449] Memory state around the buggy address: [ 15.065003] ffff888102749c80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.065563] ffff888102749d00: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.065785] >ffff888102749d80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 15.065998] ^ [ 15.066196] ffff888102749e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.066547] ffff888102749e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.067157] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 14.823517] ================================================================== [ 14.823804] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.824064] Write of size 8 at addr ffff888102749de8 by task kunit_try_catch/279 [ 14.824301] [ 14.824444] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.824487] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.824500] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.824521] Call Trace: [ 14.824536] <TASK> [ 14.824549] dump_stack_lvl+0x73/0xb0 [ 14.824578] print_report+0xd1/0x650 [ 14.824600] ? __virt_addr_valid+0x1db/0x2d0 [ 14.824623] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.824676] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.824699] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.824725] kasan_report+0x141/0x180 [ 14.824747] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.824778] kasan_check_range+0x10c/0x1c0 [ 14.824802] __kasan_check_write+0x18/0x20 [ 14.824822] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.824866] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.824908] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.824932] ? trace_hardirqs_on+0x37/0xe0 [ 14.824955] ? kasan_bitops_generic+0x92/0x1c0 [ 14.824982] kasan_bitops_generic+0x116/0x1c0 [ 14.825006] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.825032] ? __pfx_read_tsc+0x10/0x10 [ 14.825054] ? ktime_get_ts64+0x86/0x230 [ 14.825077] kunit_try_run_case+0x1a5/0x480 [ 14.825100] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.825124] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.825148] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.825172] ? __kthread_parkme+0x82/0x180 [ 14.825193] ? preempt_count_sub+0x50/0x80 [ 14.825216] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.825241] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.825265] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.825291] kthread+0x337/0x6f0 [ 14.825310] ? trace_preempt_on+0x20/0xc0 [ 14.825331] ? __pfx_kthread+0x10/0x10 [ 14.825365] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.825386] ? calculate_sigpending+0x7b/0xa0 [ 14.825429] ? __pfx_kthread+0x10/0x10 [ 14.825450] ret_from_fork+0x116/0x1d0 [ 14.825468] ? __pfx_kthread+0x10/0x10 [ 14.825488] ret_from_fork_asm+0x1a/0x30 [ 14.825518] </TASK> [ 14.825528] [ 14.833048] Allocated by task 279: [ 14.833257] kasan_save_stack+0x45/0x70 [ 14.833527] kasan_save_track+0x18/0x40 [ 14.833707] kasan_save_alloc_info+0x3b/0x50 [ 14.833947] __kasan_kmalloc+0xb7/0xc0 [ 14.834167] __kmalloc_cache_noprof+0x189/0x420 [ 14.834392] kasan_bitops_generic+0x92/0x1c0 [ 14.834624] kunit_try_run_case+0x1a5/0x480 [ 14.834828] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.835098] kthread+0x337/0x6f0 [ 14.835263] ret_from_fork+0x116/0x1d0 [ 14.835501] ret_from_fork_asm+0x1a/0x30 [ 14.835646] [ 14.835715] The buggy address belongs to the object at ffff888102749de0 [ 14.835715] which belongs to the cache kmalloc-16 of size 16 [ 14.836051] The buggy address is located 8 bytes inside of [ 14.836051] allocated 9-byte region [ffff888102749de0, ffff888102749de9) [ 14.836524] [ 14.836620] The buggy address belongs to the physical page: [ 14.836884] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102749 [ 14.837255] flags: 0x200000000000000(node=0|zone=2) [ 14.837559] page_type: f5(slab) [ 14.837748] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.838124] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.838501] page dumped because: kasan: bad access detected [ 14.838769] [ 14.838843] Memory state around the buggy address: [ 14.838989] ffff888102749c80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.839204] ffff888102749d00: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.839584] >ffff888102749d80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.839922] ^ [ 14.840241] ffff888102749e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.840529] ffff888102749e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.840750] ================================================================== [ 14.715694] ================================================================== [ 14.715951] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.716282] Write of size 8 at addr ffff888102749de8 by task kunit_try_catch/279 [ 14.716626] [ 14.716732] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.716770] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.716782] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.716801] Call Trace: [ 14.716811] <TASK> [ 14.716824] dump_stack_lvl+0x73/0xb0 [ 14.716851] print_report+0xd1/0x650 [ 14.716871] ? __virt_addr_valid+0x1db/0x2d0 [ 14.716891] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.716917] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.716938] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.716963] kasan_report+0x141/0x180 [ 14.716984] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.717014] kasan_check_range+0x10c/0x1c0 [ 14.717038] __kasan_check_write+0x18/0x20 [ 14.717056] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.717096] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.717393] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.717420] ? trace_hardirqs_on+0x37/0xe0 [ 14.717442] ? kasan_bitops_generic+0x92/0x1c0 [ 14.717469] kasan_bitops_generic+0x116/0x1c0 [ 14.717494] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.717519] ? __pfx_read_tsc+0x10/0x10 [ 14.717540] ? ktime_get_ts64+0x86/0x230 [ 14.717564] kunit_try_run_case+0x1a5/0x480 [ 14.717642] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.717667] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.717691] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.717716] ? __kthread_parkme+0x82/0x180 [ 14.717737] ? preempt_count_sub+0x50/0x80 [ 14.717760] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.717785] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.717810] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.717835] kthread+0x337/0x6f0 [ 14.717853] ? trace_preempt_on+0x20/0xc0 [ 14.717876] ? __pfx_kthread+0x10/0x10 [ 14.717896] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.717918] ? calculate_sigpending+0x7b/0xa0 [ 14.717941] ? __pfx_kthread+0x10/0x10 [ 14.717963] ret_from_fork+0x116/0x1d0 [ 14.717981] ? __pfx_kthread+0x10/0x10 [ 14.718002] ret_from_fork_asm+0x1a/0x30 [ 14.718032] </TASK> [ 14.718041] [ 14.725819] Allocated by task 279: [ 14.726003] kasan_save_stack+0x45/0x70 [ 14.726213] kasan_save_track+0x18/0x40 [ 14.726424] kasan_save_alloc_info+0x3b/0x50 [ 14.726803] __kasan_kmalloc+0xb7/0xc0 [ 14.727001] __kmalloc_cache_noprof+0x189/0x420 [ 14.727226] kasan_bitops_generic+0x92/0x1c0 [ 14.727498] kunit_try_run_case+0x1a5/0x480 [ 14.727698] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.727925] kthread+0x337/0x6f0 [ 14.728046] ret_from_fork+0x116/0x1d0 [ 14.728225] ret_from_fork_asm+0x1a/0x30 [ 14.728567] [ 14.728678] The buggy address belongs to the object at ffff888102749de0 [ 14.728678] which belongs to the cache kmalloc-16 of size 16 [ 14.729146] The buggy address is located 8 bytes inside of [ 14.729146] allocated 9-byte region [ffff888102749de0, ffff888102749de9) [ 14.729724] [ 14.729824] The buggy address belongs to the physical page: [ 14.730034] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102749 [ 14.730336] flags: 0x200000000000000(node=0|zone=2) [ 14.730727] page_type: f5(slab) [ 14.730885] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.731116] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.731341] page dumped because: kasan: bad access detected [ 14.731524] [ 14.731611] Memory state around the buggy address: [ 14.731829] ffff888102749c80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.732158] ffff888102749d00: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.732571] >ffff888102749d80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.732899] ^ [ 14.733141] ffff888102749e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.733407] ffff888102749e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.733734] ================================================================== [ 14.737168] ================================================================== [ 14.738089] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.739381] Write of size 8 at addr ffff888102749de8 by task kunit_try_catch/279 [ 14.739881] [ 14.739974] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.740018] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.740030] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.740051] Call Trace: [ 14.740063] <TASK> [ 14.740078] dump_stack_lvl+0x73/0xb0 [ 14.740108] print_report+0xd1/0x650 [ 14.740130] ? __virt_addr_valid+0x1db/0x2d0 [ 14.740153] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.740187] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.740210] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.740237] kasan_report+0x141/0x180 [ 14.740258] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.740289] kasan_check_range+0x10c/0x1c0 [ 14.740312] __kasan_check_write+0x18/0x20 [ 14.740331] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.740380] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.740462] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.740488] ? trace_hardirqs_on+0x37/0xe0 [ 14.740607] ? kasan_bitops_generic+0x92/0x1c0 [ 14.740677] kasan_bitops_generic+0x116/0x1c0 [ 14.740819] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.740851] ? __pfx_read_tsc+0x10/0x10 [ 14.740873] ? ktime_get_ts64+0x86/0x230 [ 14.740896] kunit_try_run_case+0x1a5/0x480 [ 14.740920] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.740943] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.740966] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.740990] ? __kthread_parkme+0x82/0x180 [ 14.741011] ? preempt_count_sub+0x50/0x80 [ 14.741034] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.741059] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.741083] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.741108] kthread+0x337/0x6f0 [ 14.741127] ? trace_preempt_on+0x20/0xc0 [ 14.741149] ? __pfx_kthread+0x10/0x10 [ 14.741170] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.741191] ? calculate_sigpending+0x7b/0xa0 [ 14.741214] ? __pfx_kthread+0x10/0x10 [ 14.741236] ret_from_fork+0x116/0x1d0 [ 14.741256] ? __pfx_kthread+0x10/0x10 [ 14.741276] ret_from_fork_asm+0x1a/0x30 [ 14.741306] </TASK> [ 14.741316] [ 14.756318] Allocated by task 279: [ 14.756500] kasan_save_stack+0x45/0x70 [ 14.756653] kasan_save_track+0x18/0x40 [ 14.756790] kasan_save_alloc_info+0x3b/0x50 [ 14.756943] __kasan_kmalloc+0xb7/0xc0 [ 14.757082] __kmalloc_cache_noprof+0x189/0x420 [ 14.757239] kasan_bitops_generic+0x92/0x1c0 [ 14.757481] kunit_try_run_case+0x1a5/0x480 [ 14.757950] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.758457] kthread+0x337/0x6f0 [ 14.758791] ret_from_fork+0x116/0x1d0 [ 14.759166] ret_from_fork_asm+0x1a/0x30 [ 14.759648] [ 14.759882] The buggy address belongs to the object at ffff888102749de0 [ 14.759882] which belongs to the cache kmalloc-16 of size 16 [ 14.760467] The buggy address is located 8 bytes inside of [ 14.760467] allocated 9-byte region [ffff888102749de0, ffff888102749de9) [ 14.761647] [ 14.761775] The buggy address belongs to the physical page: [ 14.762118] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102749 [ 14.762372] flags: 0x200000000000000(node=0|zone=2) [ 14.762704] page_type: f5(slab) [ 14.763032] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.763777] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.764470] page dumped because: kasan: bad access detected [ 14.764975] [ 14.765170] Memory state around the buggy address: [ 14.765569] ffff888102749c80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.765992] ffff888102749d00: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.766357] >ffff888102749d80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.766931] ^ [ 14.767539] ffff888102749e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.768000] ffff888102749e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.768216] ================================================================== [ 14.693243] ================================================================== [ 14.693858] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.694199] Write of size 8 at addr ffff888102749de8 by task kunit_try_catch/279 [ 14.694555] [ 14.694683] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.694724] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.694735] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.694755] Call Trace: [ 14.694766] <TASK> [ 14.694781] dump_stack_lvl+0x73/0xb0 [ 14.694808] print_report+0xd1/0x650 [ 14.694830] ? __virt_addr_valid+0x1db/0x2d0 [ 14.694853] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.694880] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.694903] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.694930] kasan_report+0x141/0x180 [ 14.694951] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.694982] kasan_check_range+0x10c/0x1c0 [ 14.695006] __kasan_check_write+0x18/0x20 [ 14.695026] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.695052] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.695080] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.695105] ? trace_hardirqs_on+0x37/0xe0 [ 14.695127] ? kasan_bitops_generic+0x92/0x1c0 [ 14.695155] kasan_bitops_generic+0x116/0x1c0 [ 14.695179] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.695204] ? __pfx_read_tsc+0x10/0x10 [ 14.695225] ? ktime_get_ts64+0x86/0x230 [ 14.695250] kunit_try_run_case+0x1a5/0x480 [ 14.695274] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.695297] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.695321] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.695345] ? __kthread_parkme+0x82/0x180 [ 14.695397] ? preempt_count_sub+0x50/0x80 [ 14.695421] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.695446] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.695470] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.695496] kthread+0x337/0x6f0 [ 14.695515] ? trace_preempt_on+0x20/0xc0 [ 14.695537] ? __pfx_kthread+0x10/0x10 [ 14.695558] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.695579] ? calculate_sigpending+0x7b/0xa0 [ 14.695603] ? __pfx_kthread+0x10/0x10 [ 14.695625] ret_from_fork+0x116/0x1d0 [ 14.695644] ? __pfx_kthread+0x10/0x10 [ 14.695664] ret_from_fork_asm+0x1a/0x30 [ 14.695696] </TASK> [ 14.695706] [ 14.703863] Allocated by task 279: [ 14.704088] kasan_save_stack+0x45/0x70 [ 14.704305] kasan_save_track+0x18/0x40 [ 14.704677] kasan_save_alloc_info+0x3b/0x50 [ 14.704902] __kasan_kmalloc+0xb7/0xc0 [ 14.705093] __kmalloc_cache_noprof+0x189/0x420 [ 14.705284] kasan_bitops_generic+0x92/0x1c0 [ 14.705551] kunit_try_run_case+0x1a5/0x480 [ 14.705740] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.705916] kthread+0x337/0x6f0 [ 14.706083] ret_from_fork+0x116/0x1d0 [ 14.706271] ret_from_fork_asm+0x1a/0x30 [ 14.706609] [ 14.706697] The buggy address belongs to the object at ffff888102749de0 [ 14.706697] which belongs to the cache kmalloc-16 of size 16 [ 14.707144] The buggy address is located 8 bytes inside of [ 14.707144] allocated 9-byte region [ffff888102749de0, ffff888102749de9) [ 14.707664] [ 14.707749] The buggy address belongs to the physical page: [ 14.708009] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102749 [ 14.708311] flags: 0x200000000000000(node=0|zone=2) [ 14.708569] page_type: f5(slab) [ 14.708728] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.709036] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.709260] page dumped because: kasan: bad access detected [ 14.709439] [ 14.709507] Memory state around the buggy address: [ 14.709657] ffff888102749c80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.710023] ffff888102749d00: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.710340] >ffff888102749d80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.710710] ^ [ 14.710915] ffff888102749e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.711130] ffff888102749e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.711339] ================================================================== [ 14.796314] ================================================================== [ 14.797286] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.797801] Write of size 8 at addr ffff888102749de8 by task kunit_try_catch/279 [ 14.798189] [ 14.798532] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.798576] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.798588] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.798607] Call Trace: [ 14.798622] <TASK> [ 14.798637] dump_stack_lvl+0x73/0xb0 [ 14.798666] print_report+0xd1/0x650 [ 14.798688] ? __virt_addr_valid+0x1db/0x2d0 [ 14.798822] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.798850] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.798908] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.798935] kasan_report+0x141/0x180 [ 14.798970] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.799001] kasan_check_range+0x10c/0x1c0 [ 14.799026] __kasan_check_write+0x18/0x20 [ 14.799045] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.799072] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.799100] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.799125] ? trace_hardirqs_on+0x37/0xe0 [ 14.799147] ? kasan_bitops_generic+0x92/0x1c0 [ 14.799174] kasan_bitops_generic+0x116/0x1c0 [ 14.799198] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.799224] ? __pfx_read_tsc+0x10/0x10 [ 14.799244] ? ktime_get_ts64+0x86/0x230 [ 14.799267] kunit_try_run_case+0x1a5/0x480 [ 14.799292] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.799315] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.799338] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.799371] ? __kthread_parkme+0x82/0x180 [ 14.799391] ? preempt_count_sub+0x50/0x80 [ 14.799414] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.799439] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.799463] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.799488] kthread+0x337/0x6f0 [ 14.799507] ? trace_preempt_on+0x20/0xc0 [ 14.799528] ? __pfx_kthread+0x10/0x10 [ 14.799548] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.799570] ? calculate_sigpending+0x7b/0xa0 [ 14.799594] ? __pfx_kthread+0x10/0x10 [ 14.799615] ret_from_fork+0x116/0x1d0 [ 14.799634] ? __pfx_kthread+0x10/0x10 [ 14.799654] ret_from_fork_asm+0x1a/0x30 [ 14.799685] </TASK> [ 14.799695] [ 14.811133] Allocated by task 279: [ 14.811310] kasan_save_stack+0x45/0x70 [ 14.811571] kasan_save_track+0x18/0x40 [ 14.811809] kasan_save_alloc_info+0x3b/0x50 [ 14.812049] __kasan_kmalloc+0xb7/0xc0 [ 14.812399] __kmalloc_cache_noprof+0x189/0x420 [ 14.812848] kasan_bitops_generic+0x92/0x1c0 [ 14.813039] kunit_try_run_case+0x1a5/0x480 [ 14.813240] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.813751] kthread+0x337/0x6f0 [ 14.813909] ret_from_fork+0x116/0x1d0 [ 14.814306] ret_from_fork_asm+0x1a/0x30 [ 14.814711] [ 14.814804] The buggy address belongs to the object at ffff888102749de0 [ 14.814804] which belongs to the cache kmalloc-16 of size 16 [ 14.815568] The buggy address is located 8 bytes inside of [ 14.815568] allocated 9-byte region [ffff888102749de0, ffff888102749de9) [ 14.816203] [ 14.816306] The buggy address belongs to the physical page: [ 14.816768] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102749 [ 14.817220] flags: 0x200000000000000(node=0|zone=2) [ 14.817619] page_type: f5(slab) [ 14.817908] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.818317] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.818909] page dumped because: kasan: bad access detected [ 14.819255] [ 14.819366] Memory state around the buggy address: [ 14.819845] ffff888102749c80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.820173] ffff888102749d00: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.820654] >ffff888102749d80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.820974] ^ [ 14.821246] ffff888102749e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.821818] ffff888102749e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.822229] ================================================================== [ 14.768753] ================================================================== [ 14.769867] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.770693] Write of size 8 at addr ffff888102749de8 by task kunit_try_catch/279 [ 14.771510] [ 14.771760] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.771802] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.771813] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.771833] Call Trace: [ 14.771846] <TASK> [ 14.771890] dump_stack_lvl+0x73/0xb0 [ 14.771922] print_report+0xd1/0x650 [ 14.771943] ? __virt_addr_valid+0x1db/0x2d0 [ 14.771977] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.772003] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.772026] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.772053] kasan_report+0x141/0x180 [ 14.772074] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.772105] kasan_check_range+0x10c/0x1c0 [ 14.772129] __kasan_check_write+0x18/0x20 [ 14.772148] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.772178] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.772206] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.772230] ? trace_hardirqs_on+0x37/0xe0 [ 14.772252] ? kasan_bitops_generic+0x92/0x1c0 [ 14.772280] kasan_bitops_generic+0x116/0x1c0 [ 14.772307] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.772334] ? __pfx_read_tsc+0x10/0x10 [ 14.772364] ? ktime_get_ts64+0x86/0x230 [ 14.772387] kunit_try_run_case+0x1a5/0x480 [ 14.772411] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.772442] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.772467] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.772491] ? __kthread_parkme+0x82/0x180 [ 14.772511] ? preempt_count_sub+0x50/0x80 [ 14.772536] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.772561] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.772585] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.772611] kthread+0x337/0x6f0 [ 14.772629] ? trace_preempt_on+0x20/0xc0 [ 14.772651] ? __pfx_kthread+0x10/0x10 [ 14.772672] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.772694] ? calculate_sigpending+0x7b/0xa0 [ 14.772718] ? __pfx_kthread+0x10/0x10 [ 14.772739] ret_from_fork+0x116/0x1d0 [ 14.772757] ? __pfx_kthread+0x10/0x10 [ 14.772778] ret_from_fork_asm+0x1a/0x30 [ 14.772808] </TASK> [ 14.772818] [ 14.784599] Allocated by task 279: [ 14.784959] kasan_save_stack+0x45/0x70 [ 14.785293] kasan_save_track+0x18/0x40 [ 14.785714] kasan_save_alloc_info+0x3b/0x50 [ 14.786065] __kasan_kmalloc+0xb7/0xc0 [ 14.786213] __kmalloc_cache_noprof+0x189/0x420 [ 14.786657] kasan_bitops_generic+0x92/0x1c0 [ 14.786823] kunit_try_run_case+0x1a5/0x480 [ 14.787240] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.787665] kthread+0x337/0x6f0 [ 14.787853] ret_from_fork+0x116/0x1d0 [ 14.788039] ret_from_fork_asm+0x1a/0x30 [ 14.788230] [ 14.788309] The buggy address belongs to the object at ffff888102749de0 [ 14.788309] which belongs to the cache kmalloc-16 of size 16 [ 14.789071] The buggy address is located 8 bytes inside of [ 14.789071] allocated 9-byte region [ffff888102749de0, ffff888102749de9) [ 14.790014] [ 14.790117] The buggy address belongs to the physical page: [ 14.790320] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102749 [ 14.791055] flags: 0x200000000000000(node=0|zone=2) [ 14.791273] page_type: f5(slab) [ 14.791589] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.791930] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.792367] page dumped because: kasan: bad access detected [ 14.792759] [ 14.792861] Memory state around the buggy address: [ 14.793251] ffff888102749c80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.793665] ffff888102749d00: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.794005] >ffff888102749d80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.794605] ^ [ 14.795008] ffff888102749e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.795431] ffff888102749e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.795740] ================================================================== [ 14.841272] ================================================================== [ 14.841636] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.841983] Write of size 8 at addr ffff888102749de8 by task kunit_try_catch/279 [ 14.842292] [ 14.842423] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.842464] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.842476] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.842495] Call Trace: [ 14.842508] <TASK> [ 14.842522] dump_stack_lvl+0x73/0xb0 [ 14.842548] print_report+0xd1/0x650 [ 14.842569] ? __virt_addr_valid+0x1db/0x2d0 [ 14.842589] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.842614] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.842636] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.842661] kasan_report+0x141/0x180 [ 14.842683] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.842713] kasan_check_range+0x10c/0x1c0 [ 14.842735] __kasan_check_write+0x18/0x20 [ 14.842753] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.842779] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.842805] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.842828] ? trace_hardirqs_on+0x37/0xe0 [ 14.842849] ? kasan_bitops_generic+0x92/0x1c0 [ 14.842875] kasan_bitops_generic+0x116/0x1c0 [ 14.842897] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.842922] ? __pfx_read_tsc+0x10/0x10 [ 14.842942] ? ktime_get_ts64+0x86/0x230 [ 14.842965] kunit_try_run_case+0x1a5/0x480 [ 14.842988] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.843010] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.843031] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.843054] ? __kthread_parkme+0x82/0x180 [ 14.843072] ? preempt_count_sub+0x50/0x80 [ 14.843094] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.843117] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.843140] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.843163] kthread+0x337/0x6f0 [ 14.843181] ? trace_preempt_on+0x20/0xc0 [ 14.843202] ? __pfx_kthread+0x10/0x10 [ 14.843221] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.843241] ? calculate_sigpending+0x7b/0xa0 [ 14.843263] ? __pfx_kthread+0x10/0x10 [ 14.843284] ret_from_fork+0x116/0x1d0 [ 14.843301] ? __pfx_kthread+0x10/0x10 [ 14.843320] ret_from_fork_asm+0x1a/0x30 [ 14.843360] </TASK> [ 14.843370] [ 14.851282] Allocated by task 279: [ 14.851496] kasan_save_stack+0x45/0x70 [ 14.851686] kasan_save_track+0x18/0x40 [ 14.851870] kasan_save_alloc_info+0x3b/0x50 [ 14.852057] __kasan_kmalloc+0xb7/0xc0 [ 14.852188] __kmalloc_cache_noprof+0x189/0x420 [ 14.852395] kasan_bitops_generic+0x92/0x1c0 [ 14.852636] kunit_try_run_case+0x1a5/0x480 [ 14.852845] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.853100] kthread+0x337/0x6f0 [ 14.853267] ret_from_fork+0x116/0x1d0 [ 14.853498] ret_from_fork_asm+0x1a/0x30 [ 14.853637] [ 14.853729] The buggy address belongs to the object at ffff888102749de0 [ 14.853729] which belongs to the cache kmalloc-16 of size 16 [ 14.854237] The buggy address is located 8 bytes inside of [ 14.854237] allocated 9-byte region [ffff888102749de0, ffff888102749de9) [ 14.854785] [ 14.854881] The buggy address belongs to the physical page: [ 14.855116] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102749 [ 14.855527] flags: 0x200000000000000(node=0|zone=2) [ 14.855803] page_type: f5(slab) [ 14.855981] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.856316] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.856667] page dumped because: kasan: bad access detected [ 14.856910] [ 14.856999] Memory state around the buggy address: [ 14.857212] ffff888102749c80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.857453] ffff888102749d00: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.857659] >ffff888102749d80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.857862] ^ [ 14.858051] ffff888102749e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.858523] ffff888102749e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.858860] ================================================================== [ 14.859853] ================================================================== [ 14.860250] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.860883] Write of size 8 at addr ffff888102749de8 by task kunit_try_catch/279 [ 14.861271] [ 14.861388] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.861428] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.861439] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.861457] Call Trace: [ 14.861470] <TASK> [ 14.861483] dump_stack_lvl+0x73/0xb0 [ 14.861510] print_report+0xd1/0x650 [ 14.861532] ? __virt_addr_valid+0x1db/0x2d0 [ 14.861554] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.861580] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.861603] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.861630] kasan_report+0x141/0x180 [ 14.861652] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.861683] kasan_check_range+0x10c/0x1c0 [ 14.861708] __kasan_check_write+0x18/0x20 [ 14.861727] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.861753] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.861781] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.861805] ? trace_hardirqs_on+0x37/0xe0 [ 14.861826] ? kasan_bitops_generic+0x92/0x1c0 [ 14.861854] kasan_bitops_generic+0x116/0x1c0 [ 14.861877] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.861902] ? __pfx_read_tsc+0x10/0x10 [ 14.861924] ? ktime_get_ts64+0x86/0x230 [ 14.861947] kunit_try_run_case+0x1a5/0x480 [ 14.861970] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.861994] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.862016] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.862040] ? __kthread_parkme+0x82/0x180 [ 14.862061] ? preempt_count_sub+0x50/0x80 [ 14.862083] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.862108] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.862133] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.862158] kthread+0x337/0x6f0 [ 14.862176] ? trace_preempt_on+0x20/0xc0 [ 14.862198] ? __pfx_kthread+0x10/0x10 [ 14.862218] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.862239] ? calculate_sigpending+0x7b/0xa0 [ 14.862263] ? __pfx_kthread+0x10/0x10 [ 14.862284] ret_from_fork+0x116/0x1d0 [ 14.862325] ? __pfx_kthread+0x10/0x10 [ 14.862347] ret_from_fork_asm+0x1a/0x30 [ 14.862387] </TASK> [ 14.862396] [ 14.870629] Allocated by task 279: [ 14.870830] kasan_save_stack+0x45/0x70 [ 14.871019] kasan_save_track+0x18/0x40 [ 14.871181] kasan_save_alloc_info+0x3b/0x50 [ 14.871408] __kasan_kmalloc+0xb7/0xc0 [ 14.871606] __kmalloc_cache_noprof+0x189/0x420 [ 14.871820] kasan_bitops_generic+0x92/0x1c0 [ 14.872023] kunit_try_run_case+0x1a5/0x480 [ 14.872231] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.872428] kthread+0x337/0x6f0 [ 14.872618] ret_from_fork+0x116/0x1d0 [ 14.872827] ret_from_fork_asm+0x1a/0x30 [ 14.873017] [ 14.873088] The buggy address belongs to the object at ffff888102749de0 [ 14.873088] which belongs to the cache kmalloc-16 of size 16 [ 14.873432] The buggy address is located 8 bytes inside of [ 14.873432] allocated 9-byte region [ffff888102749de0, ffff888102749de9) [ 14.873812] [ 14.873904] The buggy address belongs to the physical page: [ 14.874144] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102749 [ 14.874639] flags: 0x200000000000000(node=0|zone=2) [ 14.874807] page_type: f5(slab) [ 14.874958] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.875287] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.875751] page dumped because: kasan: bad access detected [ 14.875922] [ 14.875989] Memory state around the buggy address: [ 14.876142] ffff888102749c80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.876396] ffff888102749d00: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.876742] >ffff888102749d80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.877077] ^ [ 14.877411] ffff888102749e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.877746] ffff888102749e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.878049] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 14.669312] ================================================================== [ 14.669974] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 14.670209] Read of size 1 at addr ffff8881039ba750 by task kunit_try_catch/277 [ 14.670446] [ 14.670680] CPU: 1 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.670722] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.670735] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.670753] Call Trace: [ 14.670766] <TASK> [ 14.670780] dump_stack_lvl+0x73/0xb0 [ 14.670808] print_report+0xd1/0x650 [ 14.670831] ? __virt_addr_valid+0x1db/0x2d0 [ 14.670853] ? strnlen+0x73/0x80 [ 14.670870] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.670894] ? strnlen+0x73/0x80 [ 14.670911] kasan_report+0x141/0x180 [ 14.670933] ? strnlen+0x73/0x80 [ 14.670955] __asan_report_load1_noabort+0x18/0x20 [ 14.670980] strnlen+0x73/0x80 [ 14.670999] kasan_strings+0x615/0xe80 [ 14.671021] ? __pfx_kasan_strings+0x10/0x10 [ 14.671042] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.671073] ? __pfx_kasan_strings+0x10/0x10 [ 14.671099] kunit_try_run_case+0x1a5/0x480 [ 14.671123] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.671146] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.671170] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.671195] ? __kthread_parkme+0x82/0x180 [ 14.671215] ? preempt_count_sub+0x50/0x80 [ 14.671238] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.671263] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.671288] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.671313] kthread+0x337/0x6f0 [ 14.671332] ? trace_preempt_on+0x20/0xc0 [ 14.671368] ? __pfx_kthread+0x10/0x10 [ 14.671400] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.671432] ? calculate_sigpending+0x7b/0xa0 [ 14.671456] ? __pfx_kthread+0x10/0x10 [ 14.671477] ret_from_fork+0x116/0x1d0 [ 14.671497] ? __pfx_kthread+0x10/0x10 [ 14.671517] ret_from_fork_asm+0x1a/0x30 [ 14.671548] </TASK> [ 14.671559] [ 14.678720] Allocated by task 277: [ 14.678900] kasan_save_stack+0x45/0x70 [ 14.679104] kasan_save_track+0x18/0x40 [ 14.679299] kasan_save_alloc_info+0x3b/0x50 [ 14.679526] __kasan_kmalloc+0xb7/0xc0 [ 14.679714] __kmalloc_cache_noprof+0x189/0x420 [ 14.680010] kasan_strings+0xc0/0xe80 [ 14.680177] kunit_try_run_case+0x1a5/0x480 [ 14.680532] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.680726] kthread+0x337/0x6f0 [ 14.680848] ret_from_fork+0x116/0x1d0 [ 14.681033] ret_from_fork_asm+0x1a/0x30 [ 14.681173] [ 14.681242] Freed by task 277: [ 14.681364] kasan_save_stack+0x45/0x70 [ 14.681501] kasan_save_track+0x18/0x40 [ 14.681636] kasan_save_free_info+0x3f/0x60 [ 14.681813] __kasan_slab_free+0x56/0x70 [ 14.682012] kfree+0x222/0x3f0 [ 14.682176] kasan_strings+0x2aa/0xe80 [ 14.682376] kunit_try_run_case+0x1a5/0x480 [ 14.682580] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.682838] kthread+0x337/0x6f0 [ 14.683008] ret_from_fork+0x116/0x1d0 [ 14.683197] ret_from_fork_asm+0x1a/0x30 [ 14.683574] [ 14.683670] The buggy address belongs to the object at ffff8881039ba740 [ 14.683670] which belongs to the cache kmalloc-32 of size 32 [ 14.684286] The buggy address is located 16 bytes inside of [ 14.684286] freed 32-byte region [ffff8881039ba740, ffff8881039ba760) [ 14.684864] [ 14.684944] The buggy address belongs to the physical page: [ 14.685118] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039ba [ 14.685372] flags: 0x200000000000000(node=0|zone=2) [ 14.685583] page_type: f5(slab) [ 14.685749] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.686092] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.686437] page dumped because: kasan: bad access detected [ 14.686724] [ 14.686837] Memory state around the buggy address: [ 14.687062] ffff8881039ba600: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.687357] ffff8881039ba680: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.687804] >ffff8881039ba700: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.688076] ^ [ 14.688315] ffff8881039ba780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.688794] ffff8881039ba800: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.689019] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 14.648662] ================================================================== [ 14.648942] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 14.649186] Read of size 1 at addr ffff8881039ba750 by task kunit_try_catch/277 [ 14.649679] [ 14.649765] CPU: 1 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.649804] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.649815] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.649835] Call Trace: [ 14.649849] <TASK> [ 14.649861] dump_stack_lvl+0x73/0xb0 [ 14.649889] print_report+0xd1/0x650 [ 14.649911] ? __virt_addr_valid+0x1db/0x2d0 [ 14.649935] ? strlen+0x8f/0xb0 [ 14.649951] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.649975] ? strlen+0x8f/0xb0 [ 14.649992] kasan_report+0x141/0x180 [ 14.650014] ? strlen+0x8f/0xb0 [ 14.650035] __asan_report_load1_noabort+0x18/0x20 [ 14.650060] strlen+0x8f/0xb0 [ 14.650078] kasan_strings+0x57b/0xe80 [ 14.650100] ? __pfx_kasan_strings+0x10/0x10 [ 14.650120] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.650152] ? __pfx_kasan_strings+0x10/0x10 [ 14.650178] kunit_try_run_case+0x1a5/0x480 [ 14.650202] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.650225] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.650249] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.650274] ? __kthread_parkme+0x82/0x180 [ 14.650295] ? preempt_count_sub+0x50/0x80 [ 14.650318] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.650343] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.650380] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.650405] kthread+0x337/0x6f0 [ 14.650424] ? trace_preempt_on+0x20/0xc0 [ 14.650448] ? __pfx_kthread+0x10/0x10 [ 14.650469] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.650491] ? calculate_sigpending+0x7b/0xa0 [ 14.650641] ? __pfx_kthread+0x10/0x10 [ 14.650671] ret_from_fork+0x116/0x1d0 [ 14.650692] ? __pfx_kthread+0x10/0x10 [ 14.650713] ret_from_fork_asm+0x1a/0x30 [ 14.650744] </TASK> [ 14.650754] [ 14.658315] Allocated by task 277: [ 14.658581] kasan_save_stack+0x45/0x70 [ 14.658771] kasan_save_track+0x18/0x40 [ 14.658944] kasan_save_alloc_info+0x3b/0x50 [ 14.659096] __kasan_kmalloc+0xb7/0xc0 [ 14.659230] __kmalloc_cache_noprof+0x189/0x420 [ 14.659401] kasan_strings+0xc0/0xe80 [ 14.659535] kunit_try_run_case+0x1a5/0x480 [ 14.659682] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.659859] kthread+0x337/0x6f0 [ 14.660026] ret_from_fork+0x116/0x1d0 [ 14.660217] ret_from_fork_asm+0x1a/0x30 [ 14.660599] [ 14.660709] Freed by task 277: [ 14.660864] kasan_save_stack+0x45/0x70 [ 14.661061] kasan_save_track+0x18/0x40 [ 14.661251] kasan_save_free_info+0x3f/0x60 [ 14.661661] __kasan_slab_free+0x56/0x70 [ 14.661826] kfree+0x222/0x3f0 [ 14.661944] kasan_strings+0x2aa/0xe80 [ 14.662076] kunit_try_run_case+0x1a5/0x480 [ 14.662222] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.662473] kthread+0x337/0x6f0 [ 14.662651] ret_from_fork+0x116/0x1d0 [ 14.662839] ret_from_fork_asm+0x1a/0x30 [ 14.663035] [ 14.663130] The buggy address belongs to the object at ffff8881039ba740 [ 14.663130] which belongs to the cache kmalloc-32 of size 32 [ 14.664133] The buggy address is located 16 bytes inside of [ 14.664133] freed 32-byte region [ffff8881039ba740, ffff8881039ba760) [ 14.664661] [ 14.664760] The buggy address belongs to the physical page: [ 14.664977] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039ba [ 14.665282] flags: 0x200000000000000(node=0|zone=2) [ 14.665529] page_type: f5(slab) [ 14.665692] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.666000] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.666291] page dumped because: kasan: bad access detected [ 14.666537] [ 14.666630] Memory state around the buggy address: [ 14.666816] ffff8881039ba600: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.667065] ffff8881039ba680: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.667388] >ffff8881039ba700: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.667683] ^ [ 14.667872] ffff8881039ba780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.668197] ffff8881039ba800: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.668773] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 14.628160] ================================================================== [ 14.628540] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 14.628857] Read of size 1 at addr ffff8881039ba750 by task kunit_try_catch/277 [ 14.629184] [ 14.629291] CPU: 1 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.629331] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.629342] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.629370] Call Trace: [ 14.629384] <TASK> [ 14.629398] dump_stack_lvl+0x73/0xb0 [ 14.629553] print_report+0xd1/0x650 [ 14.629580] ? __virt_addr_valid+0x1db/0x2d0 [ 14.629602] ? kasan_strings+0xcbc/0xe80 [ 14.629623] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.629646] ? kasan_strings+0xcbc/0xe80 [ 14.629667] kasan_report+0x141/0x180 [ 14.629689] ? kasan_strings+0xcbc/0xe80 [ 14.629714] __asan_report_load1_noabort+0x18/0x20 [ 14.629739] kasan_strings+0xcbc/0xe80 [ 14.629761] ? __pfx_kasan_strings+0x10/0x10 [ 14.629781] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.629813] ? __pfx_kasan_strings+0x10/0x10 [ 14.629838] kunit_try_run_case+0x1a5/0x480 [ 14.629862] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.629886] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.629910] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.629934] ? __kthread_parkme+0x82/0x180 [ 14.629954] ? preempt_count_sub+0x50/0x80 [ 14.629977] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.630002] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.630027] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.630053] kthread+0x337/0x6f0 [ 14.630072] ? trace_preempt_on+0x20/0xc0 [ 14.630097] ? __pfx_kthread+0x10/0x10 [ 14.630118] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.630140] ? calculate_sigpending+0x7b/0xa0 [ 14.630164] ? __pfx_kthread+0x10/0x10 [ 14.630185] ret_from_fork+0x116/0x1d0 [ 14.630204] ? __pfx_kthread+0x10/0x10 [ 14.630225] ret_from_fork_asm+0x1a/0x30 [ 14.630256] </TASK> [ 14.630266] [ 14.637411] Allocated by task 277: [ 14.637724] kasan_save_stack+0x45/0x70 [ 14.637896] kasan_save_track+0x18/0x40 [ 14.638081] kasan_save_alloc_info+0x3b/0x50 [ 14.638272] __kasan_kmalloc+0xb7/0xc0 [ 14.638611] __kmalloc_cache_noprof+0x189/0x420 [ 14.638829] kasan_strings+0xc0/0xe80 [ 14.638990] kunit_try_run_case+0x1a5/0x480 [ 14.639179] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.639499] kthread+0x337/0x6f0 [ 14.639627] ret_from_fork+0x116/0x1d0 [ 14.639762] ret_from_fork_asm+0x1a/0x30 [ 14.639902] [ 14.639998] Freed by task 277: [ 14.640153] kasan_save_stack+0x45/0x70 [ 14.640361] kasan_save_track+0x18/0x40 [ 14.640563] kasan_save_free_info+0x3f/0x60 [ 14.640773] __kasan_slab_free+0x56/0x70 [ 14.640939] kfree+0x222/0x3f0 [ 14.641058] kasan_strings+0x2aa/0xe80 [ 14.641259] kunit_try_run_case+0x1a5/0x480 [ 14.641671] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.641900] kthread+0x337/0x6f0 [ 14.642050] ret_from_fork+0x116/0x1d0 [ 14.642183] ret_from_fork_asm+0x1a/0x30 [ 14.642321] [ 14.642404] The buggy address belongs to the object at ffff8881039ba740 [ 14.642404] which belongs to the cache kmalloc-32 of size 32 [ 14.642781] The buggy address is located 16 bytes inside of [ 14.642781] freed 32-byte region [ffff8881039ba740, ffff8881039ba760) [ 14.643693] [ 14.643776] The buggy address belongs to the physical page: [ 14.643952] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039ba [ 14.644198] flags: 0x200000000000000(node=0|zone=2) [ 14.644375] page_type: f5(slab) [ 14.644744] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.645089] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.645659] page dumped because: kasan: bad access detected [ 14.645926] [ 14.646019] Memory state around the buggy address: [ 14.646208] ffff8881039ba600: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.646482] ffff8881039ba680: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.646842] >ffff8881039ba700: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.647206] ^ [ 14.647577] ffff8881039ba780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.647854] ffff8881039ba800: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.648091] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 14.607108] ================================================================== [ 14.608115] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 14.608383] Read of size 1 at addr ffff8881039ba750 by task kunit_try_catch/277 [ 14.608811] [ 14.608940] CPU: 1 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.608984] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.608995] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.609016] Call Trace: [ 14.609029] <TASK> [ 14.609045] dump_stack_lvl+0x73/0xb0 [ 14.609077] print_report+0xd1/0x650 [ 14.609101] ? __virt_addr_valid+0x1db/0x2d0 [ 14.609125] ? strcmp+0xb0/0xc0 [ 14.609142] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.609165] ? strcmp+0xb0/0xc0 [ 14.609183] kasan_report+0x141/0x180 [ 14.609204] ? strcmp+0xb0/0xc0 [ 14.609225] __asan_report_load1_noabort+0x18/0x20 [ 14.609250] strcmp+0xb0/0xc0 [ 14.609269] kasan_strings+0x431/0xe80 [ 14.609291] ? __pfx_kasan_strings+0x10/0x10 [ 14.609312] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.609345] ? __pfx_kasan_strings+0x10/0x10 [ 14.609384] kunit_try_run_case+0x1a5/0x480 [ 14.609410] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.609506] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.609535] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.609560] ? __kthread_parkme+0x82/0x180 [ 14.609581] ? preempt_count_sub+0x50/0x80 [ 14.609606] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.609631] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.609656] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.609682] kthread+0x337/0x6f0 [ 14.609701] ? trace_preempt_on+0x20/0xc0 [ 14.609725] ? __pfx_kthread+0x10/0x10 [ 14.609746] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.609768] ? calculate_sigpending+0x7b/0xa0 [ 14.609792] ? __pfx_kthread+0x10/0x10 [ 14.609814] ret_from_fork+0x116/0x1d0 [ 14.609834] ? __pfx_kthread+0x10/0x10 [ 14.609854] ret_from_fork_asm+0x1a/0x30 [ 14.609885] </TASK> [ 14.609896] [ 14.617259] Allocated by task 277: [ 14.617519] kasan_save_stack+0x45/0x70 [ 14.617722] kasan_save_track+0x18/0x40 [ 14.617914] kasan_save_alloc_info+0x3b/0x50 [ 14.618108] __kasan_kmalloc+0xb7/0xc0 [ 14.618273] __kmalloc_cache_noprof+0x189/0x420 [ 14.618503] kasan_strings+0xc0/0xe80 [ 14.618768] kunit_try_run_case+0x1a5/0x480 [ 14.618946] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.619201] kthread+0x337/0x6f0 [ 14.619343] ret_from_fork+0x116/0x1d0 [ 14.619615] ret_from_fork_asm+0x1a/0x30 [ 14.619773] [ 14.619844] Freed by task 277: [ 14.620005] kasan_save_stack+0x45/0x70 [ 14.620211] kasan_save_track+0x18/0x40 [ 14.620397] kasan_save_free_info+0x3f/0x60 [ 14.620546] __kasan_slab_free+0x56/0x70 [ 14.620925] kfree+0x222/0x3f0 [ 14.621151] kasan_strings+0x2aa/0xe80 [ 14.621320] kunit_try_run_case+0x1a5/0x480 [ 14.621621] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.621838] kthread+0x337/0x6f0 [ 14.621961] ret_from_fork+0x116/0x1d0 [ 14.622150] ret_from_fork_asm+0x1a/0x30 [ 14.622428] [ 14.622534] The buggy address belongs to the object at ffff8881039ba740 [ 14.622534] which belongs to the cache kmalloc-32 of size 32 [ 14.622987] The buggy address is located 16 bytes inside of [ 14.622987] freed 32-byte region [ffff8881039ba740, ffff8881039ba760) [ 14.623537] [ 14.623613] The buggy address belongs to the physical page: [ 14.623786] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039ba [ 14.624027] flags: 0x200000000000000(node=0|zone=2) [ 14.624232] page_type: f5(slab) [ 14.624407] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.624746] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.625078] page dumped because: kasan: bad access detected [ 14.625290] [ 14.625367] Memory state around the buggy address: [ 14.625523] ffff8881039ba600: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.625740] ffff8881039ba680: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.626172] >ffff8881039ba700: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.626512] ^ [ 14.626994] ffff8881039ba780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.627326] ffff8881039ba800: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.627728] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 14.572463] ================================================================== [ 14.573492] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 14.573702] Read of size 1 at addr ffff8881039ba618 by task kunit_try_catch/275 [ 14.573920] [ 14.574006] CPU: 1 UID: 0 PID: 275 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.574048] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.574060] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.574080] Call Trace: [ 14.574092] <TASK> [ 14.574106] dump_stack_lvl+0x73/0xb0 [ 14.574133] print_report+0xd1/0x650 [ 14.574156] ? __virt_addr_valid+0x1db/0x2d0 [ 14.574180] ? memcmp+0x1b4/0x1d0 [ 14.574198] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.574221] ? memcmp+0x1b4/0x1d0 [ 14.574240] kasan_report+0x141/0x180 [ 14.574261] ? memcmp+0x1b4/0x1d0 [ 14.574284] __asan_report_load1_noabort+0x18/0x20 [ 14.574309] memcmp+0x1b4/0x1d0 [ 14.574328] kasan_memcmp+0x18f/0x390 [ 14.574373] ? trace_hardirqs_on+0x37/0xe0 [ 14.574406] ? __pfx_kasan_memcmp+0x10/0x10 [ 14.574427] ? finish_task_switch.isra.0+0x153/0x700 [ 14.574450] ? __switch_to+0x47/0xf50 [ 14.574477] ? __pfx_read_tsc+0x10/0x10 [ 14.574498] ? ktime_get_ts64+0x86/0x230 [ 14.574529] kunit_try_run_case+0x1a5/0x480 [ 14.574554] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.574577] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.574602] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.574626] ? __kthread_parkme+0x82/0x180 [ 14.574647] ? preempt_count_sub+0x50/0x80 [ 14.574670] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.574695] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.574720] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.574752] kthread+0x337/0x6f0 [ 14.574770] ? trace_preempt_on+0x20/0xc0 [ 14.574792] ? __pfx_kthread+0x10/0x10 [ 14.574813] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.574836] ? calculate_sigpending+0x7b/0xa0 [ 14.574860] ? __pfx_kthread+0x10/0x10 [ 14.574881] ret_from_fork+0x116/0x1d0 [ 14.574899] ? __pfx_kthread+0x10/0x10 [ 14.574920] ret_from_fork_asm+0x1a/0x30 [ 14.574950] </TASK> [ 14.574960] [ 14.588827] Allocated by task 275: [ 14.589146] kasan_save_stack+0x45/0x70 [ 14.589592] kasan_save_track+0x18/0x40 [ 14.589858] kasan_save_alloc_info+0x3b/0x50 [ 14.590007] __kasan_kmalloc+0xb7/0xc0 [ 14.590138] __kmalloc_cache_noprof+0x189/0x420 [ 14.590294] kasan_memcmp+0xb7/0x390 [ 14.590447] kunit_try_run_case+0x1a5/0x480 [ 14.590691] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.591133] kthread+0x337/0x6f0 [ 14.591264] ret_from_fork+0x116/0x1d0 [ 14.591470] ret_from_fork_asm+0x1a/0x30 [ 14.591768] [ 14.591842] The buggy address belongs to the object at ffff8881039ba600 [ 14.591842] which belongs to the cache kmalloc-32 of size 32 [ 14.592339] The buggy address is located 0 bytes to the right of [ 14.592339] allocated 24-byte region [ffff8881039ba600, ffff8881039ba618) [ 14.592862] [ 14.592939] The buggy address belongs to the physical page: [ 14.593191] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039ba [ 14.593552] flags: 0x200000000000000(node=0|zone=2) [ 14.593826] page_type: f5(slab) [ 14.593993] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.594224] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.594646] page dumped because: kasan: bad access detected [ 14.595009] [ 14.595097] Memory state around the buggy address: [ 14.595258] ffff8881039ba500: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.595701] ffff8881039ba580: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc [ 14.596069] >ffff8881039ba600: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.596377] ^ [ 14.596650] ffff8881039ba680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.596951] ffff8881039ba700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.597231] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 14.540137] ================================================================== [ 14.540923] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 14.541241] Read of size 1 at addr ffff888103947c4a by task kunit_try_catch/271 [ 14.542408] [ 14.542659] CPU: 1 UID: 0 PID: 271 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.542705] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.542824] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.542846] Call Trace: [ 14.542857] <TASK> [ 14.542873] dump_stack_lvl+0x73/0xb0 [ 14.542903] print_report+0xd1/0x650 [ 14.542924] ? __virt_addr_valid+0x1db/0x2d0 [ 14.542946] ? kasan_alloca_oob_right+0x329/0x390 [ 14.542979] ? kasan_addr_to_slab+0x11/0xa0 [ 14.543001] ? kasan_alloca_oob_right+0x329/0x390 [ 14.543025] kasan_report+0x141/0x180 [ 14.543048] ? kasan_alloca_oob_right+0x329/0x390 [ 14.543076] __asan_report_load1_noabort+0x18/0x20 [ 14.543100] kasan_alloca_oob_right+0x329/0x390 [ 14.543124] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.543146] ? finish_task_switch.isra.0+0x153/0x700 [ 14.543169] ? preempt_schedule_common+0xbe/0x110 [ 14.543193] ? trace_hardirqs_on+0x37/0xe0 [ 14.543217] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 14.543243] ? __schedule+0x10cc/0x2b60 [ 14.543266] ? __pfx_read_tsc+0x10/0x10 [ 14.543287] ? ktime_get_ts64+0x86/0x230 [ 14.543310] kunit_try_run_case+0x1a5/0x480 [ 14.543334] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.543491] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.543517] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.543542] ? __kthread_parkme+0x82/0x180 [ 14.543563] ? preempt_count_sub+0x50/0x80 [ 14.543586] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.543611] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.543637] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.543662] kthread+0x337/0x6f0 [ 14.543682] ? trace_preempt_on+0x20/0xc0 [ 14.543704] ? __pfx_kthread+0x10/0x10 [ 14.543725] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.543746] ? calculate_sigpending+0x7b/0xa0 [ 14.543770] ? __pfx_kthread+0x10/0x10 [ 14.543791] ret_from_fork+0x116/0x1d0 [ 14.543809] ? __pfx_kthread+0x10/0x10 [ 14.543830] ret_from_fork_asm+0x1a/0x30 [ 14.543860] </TASK> [ 14.543869] [ 14.557141] The buggy address belongs to stack of task kunit_try_catch/271 [ 14.557894] [ 14.558055] The buggy address belongs to the physical page: [ 14.558636] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103947 [ 14.559305] flags: 0x200000000000000(node=0|zone=2) [ 14.559812] raw: 0200000000000000 ffffea00040e51c8 ffffea00040e51c8 0000000000000000 [ 14.560049] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.560281] page dumped because: kasan: bad access detected [ 14.560788] [ 14.560950] Memory state around the buggy address: [ 14.561462] ffff888103947b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.562071] ffff888103947b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.562773] >ffff888103947c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 14.563446] ^ [ 14.563633] ffff888103947c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 14.563937] ffff888103947d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.564670] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 14.515699] ================================================================== [ 14.516202] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 14.516909] Read of size 1 at addr ffff88810397fc3f by task kunit_try_catch/269 [ 14.517201] [ 14.517309] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.517362] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.517375] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.517396] Call Trace: [ 14.517409] <TASK> [ 14.517567] dump_stack_lvl+0x73/0xb0 [ 14.517603] print_report+0xd1/0x650 [ 14.517626] ? __virt_addr_valid+0x1db/0x2d0 [ 14.517649] ? kasan_alloca_oob_left+0x320/0x380 [ 14.517671] ? kasan_addr_to_slab+0x11/0xa0 [ 14.517691] ? kasan_alloca_oob_left+0x320/0x380 [ 14.517750] kasan_report+0x141/0x180 [ 14.517772] ? kasan_alloca_oob_left+0x320/0x380 [ 14.517799] __asan_report_load1_noabort+0x18/0x20 [ 14.517824] kasan_alloca_oob_left+0x320/0x380 [ 14.517846] ? __kasan_check_write+0x18/0x20 [ 14.517866] ? finish_task_switch.isra.0+0x153/0x700 [ 14.517890] ? preempt_schedule_common+0xbe/0x110 [ 14.517914] ? trace_hardirqs_on+0x37/0xe0 [ 14.517939] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 14.517965] ? __schedule+0x10cc/0x2b60 [ 14.517988] ? __pfx_read_tsc+0x10/0x10 [ 14.518008] ? ktime_get_ts64+0x86/0x230 [ 14.518033] kunit_try_run_case+0x1a5/0x480 [ 14.518056] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.518079] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.518102] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.518126] ? __kthread_parkme+0x82/0x180 [ 14.518146] ? preempt_count_sub+0x50/0x80 [ 14.518170] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.518194] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.518221] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.518246] kthread+0x337/0x6f0 [ 14.518264] ? trace_preempt_on+0x20/0xc0 [ 14.518287] ? __pfx_kthread+0x10/0x10 [ 14.518307] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.518329] ? calculate_sigpending+0x7b/0xa0 [ 14.518382] ? __pfx_kthread+0x10/0x10 [ 14.518411] ret_from_fork+0x116/0x1d0 [ 14.518430] ? __pfx_kthread+0x10/0x10 [ 14.518457] ret_from_fork_asm+0x1a/0x30 [ 14.518488] </TASK> [ 14.518497] [ 14.529955] The buggy address belongs to stack of task kunit_try_catch/269 [ 14.530290] [ 14.530703] The buggy address belongs to the physical page: [ 14.530938] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10397f [ 14.531497] flags: 0x200000000000000(node=0|zone=2) [ 14.532006] raw: 0200000000000000 ffffea00040e5fc8 ffffea00040e5fc8 0000000000000000 [ 14.532736] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.533153] page dumped because: kasan: bad access detected [ 14.533645] [ 14.533900] Memory state around the buggy address: [ 14.534107] ffff88810397fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.534667] ffff88810397fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.534986] >ffff88810397fc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 14.535278] ^ [ 14.535911] ffff88810397fc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 14.536325] ffff88810397fd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.536886] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 14.489232] ================================================================== [ 14.489895] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 14.490208] Read of size 1 at addr ffff888103927d02 by task kunit_try_catch/267 [ 14.490528] [ 14.490641] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.490685] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.490696] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.490718] Call Trace: [ 14.490730] <TASK> [ 14.490747] dump_stack_lvl+0x73/0xb0 [ 14.490777] print_report+0xd1/0x650 [ 14.490799] ? __virt_addr_valid+0x1db/0x2d0 [ 14.490823] ? kasan_stack_oob+0x2b5/0x300 [ 14.490842] ? kasan_addr_to_slab+0x11/0xa0 [ 14.490861] ? kasan_stack_oob+0x2b5/0x300 [ 14.490881] kasan_report+0x141/0x180 [ 14.490902] ? kasan_stack_oob+0x2b5/0x300 [ 14.490927] __asan_report_load1_noabort+0x18/0x20 [ 14.490950] kasan_stack_oob+0x2b5/0x300 [ 14.490970] ? __pfx_kasan_stack_oob+0x10/0x10 [ 14.490989] ? finish_task_switch.isra.0+0x153/0x700 [ 14.491012] ? __switch_to+0x47/0xf50 [ 14.491038] ? __schedule+0x10cc/0x2b60 [ 14.491059] ? __pfx_read_tsc+0x10/0x10 [ 14.491079] ? ktime_get_ts64+0x86/0x230 [ 14.491103] kunit_try_run_case+0x1a5/0x480 [ 14.491126] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.491149] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.491172] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.491194] ? __kthread_parkme+0x82/0x180 [ 14.491214] ? preempt_count_sub+0x50/0x80 [ 14.491237] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.491260] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.491284] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.491308] kthread+0x337/0x6f0 [ 14.491325] ? trace_preempt_on+0x20/0xc0 [ 14.491348] ? __pfx_kthread+0x10/0x10 [ 14.491679] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.491703] ? calculate_sigpending+0x7b/0xa0 [ 14.491729] ? __pfx_kthread+0x10/0x10 [ 14.491751] ret_from_fork+0x116/0x1d0 [ 14.491769] ? __pfx_kthread+0x10/0x10 [ 14.491965] ret_from_fork_asm+0x1a/0x30 [ 14.492002] </TASK> [ 14.492012] [ 14.504462] The buggy address belongs to stack of task kunit_try_catch/267 [ 14.504910] and is located at offset 138 in frame: [ 14.505131] kasan_stack_oob+0x0/0x300 [ 14.505435] [ 14.505631] This frame has 4 objects: [ 14.505875] [48, 49) '__assertion' [ 14.505897] [64, 72) 'array' [ 14.506058] [96, 112) '__assertion' [ 14.506180] [128, 138) 'stack_array' [ 14.506383] [ 14.506732] The buggy address belongs to the physical page: [ 14.506989] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103927 [ 14.507250] flags: 0x200000000000000(node=0|zone=2) [ 14.507478] raw: 0200000000000000 ffffea00040e49c8 ffffea00040e49c8 0000000000000000 [ 14.508166] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.508895] page dumped because: kasan: bad access detected [ 14.509245] [ 14.509340] Memory state around the buggy address: [ 14.509827] ffff888103927c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.510124] ffff888103927c80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 14.510663] >ffff888103927d00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.511158] ^ [ 14.511327] ffff888103927d80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 14.511799] ffff888103927e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.512092] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 14.461833] ================================================================== [ 14.462317] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 14.462920] Read of size 1 at addr ffffffffa8863e8d by task kunit_try_catch/263 [ 14.463212] [ 14.463527] CPU: 0 UID: 0 PID: 263 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.463573] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.463584] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.463604] Call Trace: [ 14.463616] <TASK> [ 14.463629] dump_stack_lvl+0x73/0xb0 [ 14.463659] print_report+0xd1/0x650 [ 14.463682] ? __virt_addr_valid+0x1db/0x2d0 [ 14.463704] ? kasan_global_oob_right+0x286/0x2d0 [ 14.463726] ? kasan_addr_to_slab+0x11/0xa0 [ 14.463748] ? kasan_global_oob_right+0x286/0x2d0 [ 14.463771] kasan_report+0x141/0x180 [ 14.463793] ? kasan_global_oob_right+0x286/0x2d0 [ 14.463820] __asan_report_load1_noabort+0x18/0x20 [ 14.463845] kasan_global_oob_right+0x286/0x2d0 [ 14.463868] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 14.463895] ? __schedule+0x10cc/0x2b60 [ 14.463917] ? __pfx_read_tsc+0x10/0x10 [ 14.463938] ? ktime_get_ts64+0x86/0x230 [ 14.463964] kunit_try_run_case+0x1a5/0x480 [ 14.463988] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.464012] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.464035] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.464060] ? __kthread_parkme+0x82/0x180 [ 14.464080] ? preempt_count_sub+0x50/0x80 [ 14.464103] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.464128] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.464153] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.464185] kthread+0x337/0x6f0 [ 14.464204] ? trace_preempt_on+0x20/0xc0 [ 14.464228] ? __pfx_kthread+0x10/0x10 [ 14.464249] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.464271] ? calculate_sigpending+0x7b/0xa0 [ 14.464295] ? __pfx_kthread+0x10/0x10 [ 14.464317] ret_from_fork+0x116/0x1d0 [ 14.464335] ? __pfx_kthread+0x10/0x10 [ 14.464415] ret_from_fork_asm+0x1a/0x30 [ 14.464448] </TASK> [ 14.464458] [ 14.471245] The buggy address belongs to the variable: [ 14.471765] global_array+0xd/0x40 [ 14.471980] [ 14.472095] The buggy address belongs to the physical page: [ 14.472425] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x120063 [ 14.472800] flags: 0x200000000002000(reserved|node=0|zone=2) [ 14.473052] raw: 0200000000002000 ffffea00048018c8 ffffea00048018c8 0000000000000000 [ 14.473298] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.473990] page dumped because: kasan: bad access detected [ 14.474219] [ 14.475765] Memory state around the buggy address: [ 14.476559] ffffffffa8863d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.477595] ffffffffa8863e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.477894] >ffffffffa8863e80: 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 14.478171] ^ [ 14.478319] ffffffffa8863f00: 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 [ 14.479743] ffffffffa8863f80: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 14.481559] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 14.410434] ================================================================== [ 14.411728] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.412005] Free of addr ffff8881027a3d01 by task kunit_try_catch/259 [ 14.412217] [ 14.412302] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.412344] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.412386] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.412406] Call Trace: [ 14.412418] <TASK> [ 14.412432] dump_stack_lvl+0x73/0xb0 [ 14.412460] print_report+0xd1/0x650 [ 14.412483] ? __virt_addr_valid+0x1db/0x2d0 [ 14.412508] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.412531] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.412558] kasan_report_invalid_free+0x10a/0x130 [ 14.412583] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.412611] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.412648] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.412674] check_slab_allocation+0x11f/0x130 [ 14.412696] __kasan_mempool_poison_object+0x91/0x1d0 [ 14.412721] mempool_free+0x2ec/0x380 [ 14.412744] ? mempool_alloc_preallocated+0x5b/0x90 [ 14.412768] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.412795] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 14.412821] ? update_load_avg+0x1be/0x21b0 [ 14.412848] ? finish_task_switch.isra.0+0x153/0x700 [ 14.412874] mempool_kmalloc_invalid_free+0xed/0x140 [ 14.412897] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 14.412925] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.412948] ? __pfx_mempool_kfree+0x10/0x10 [ 14.412973] ? __pfx_read_tsc+0x10/0x10 [ 14.412994] ? ktime_get_ts64+0x86/0x230 [ 14.413018] kunit_try_run_case+0x1a5/0x480 [ 14.413042] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.413064] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.413088] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.413111] ? __kthread_parkme+0x82/0x180 [ 14.413133] ? preempt_count_sub+0x50/0x80 [ 14.413155] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.413179] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.413204] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.413229] kthread+0x337/0x6f0 [ 14.413247] ? trace_preempt_on+0x20/0xc0 [ 14.413270] ? __pfx_kthread+0x10/0x10 [ 14.413290] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.413312] ? calculate_sigpending+0x7b/0xa0 [ 14.413336] ? __pfx_kthread+0x10/0x10 [ 14.413374] ret_from_fork+0x116/0x1d0 [ 14.413393] ? __pfx_kthread+0x10/0x10 [ 14.413413] ret_from_fork_asm+0x1a/0x30 [ 14.413444] </TASK> [ 14.413455] [ 14.427961] Allocated by task 259: [ 14.428125] kasan_save_stack+0x45/0x70 [ 14.428331] kasan_save_track+0x18/0x40 [ 14.428685] kasan_save_alloc_info+0x3b/0x50 [ 14.428845] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.429018] remove_element+0x11e/0x190 [ 14.429208] mempool_alloc_preallocated+0x4d/0x90 [ 14.429444] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 14.429720] mempool_kmalloc_invalid_free+0xed/0x140 [ 14.429956] kunit_try_run_case+0x1a5/0x480 [ 14.430107] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.430382] kthread+0x337/0x6f0 [ 14.430759] ret_from_fork+0x116/0x1d0 [ 14.431015] ret_from_fork_asm+0x1a/0x30 [ 14.431219] [ 14.431313] The buggy address belongs to the object at ffff8881027a3d00 [ 14.431313] which belongs to the cache kmalloc-128 of size 128 [ 14.431911] The buggy address is located 1 bytes inside of [ 14.431911] 128-byte region [ffff8881027a3d00, ffff8881027a3d80) [ 14.432392] [ 14.432488] The buggy address belongs to the physical page: [ 14.432660] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a3 [ 14.432970] flags: 0x200000000000000(node=0|zone=2) [ 14.433201] page_type: f5(slab) [ 14.433457] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.433697] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.433968] page dumped because: kasan: bad access detected [ 14.434215] [ 14.434306] Memory state around the buggy address: [ 14.434844] ffff8881027a3c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.435120] ffff8881027a3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.435528] >ffff8881027a3d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.435751] ^ [ 14.435867] ffff8881027a3d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.436131] ffff8881027a3e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.436471] ================================================================== [ 14.441523] ================================================================== [ 14.441997] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.442310] Free of addr ffff888102a50001 by task kunit_try_catch/261 [ 14.442613] [ 14.442769] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.442812] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.442824] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.442845] Call Trace: [ 14.442856] <TASK> [ 14.442872] dump_stack_lvl+0x73/0xb0 [ 14.442901] print_report+0xd1/0x650 [ 14.442923] ? __virt_addr_valid+0x1db/0x2d0 [ 14.442945] ? kasan_addr_to_slab+0x11/0xa0 [ 14.442966] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.442995] kasan_report_invalid_free+0x10a/0x130 [ 14.443027] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.443058] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.443085] __kasan_mempool_poison_object+0x102/0x1d0 [ 14.443111] mempool_free+0x2ec/0x380 [ 14.443136] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.443163] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 14.443190] ? __kasan_check_write+0x18/0x20 [ 14.443222] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.443243] ? irqentry_exit+0x2a/0x60 [ 14.443266] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.443292] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 14.443319] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 14.443348] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.443383] ? __pfx_mempool_kfree+0x10/0x10 [ 14.443407] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 14.443448] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 14.443618] kunit_try_run_case+0x1a5/0x480 [ 14.443653] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.443676] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.443700] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.443724] ? __kthread_parkme+0x82/0x180 [ 14.443744] ? preempt_count_sub+0x50/0x80 [ 14.443767] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.443791] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.443815] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.443840] kthread+0x337/0x6f0 [ 14.443859] ? trace_preempt_on+0x20/0xc0 [ 14.443882] ? __pfx_kthread+0x10/0x10 [ 14.443902] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.443923] ? calculate_sigpending+0x7b/0xa0 [ 14.443947] ? __pfx_kthread+0x10/0x10 [ 14.443968] ret_from_fork+0x116/0x1d0 [ 14.443987] ? __pfx_kthread+0x10/0x10 [ 14.444007] ret_from_fork_asm+0x1a/0x30 [ 14.444037] </TASK> [ 14.444047] [ 14.453674] The buggy address belongs to the physical page: [ 14.453931] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a50 [ 14.454221] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.454786] flags: 0x200000000000040(head|node=0|zone=2) [ 14.455087] page_type: f8(unknown) [ 14.455214] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.455459] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.455795] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.456146] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.456500] head: 0200000000000002 ffffea00040a9401 00000000ffffffff 00000000ffffffff [ 14.456876] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.457107] page dumped because: kasan: bad access detected [ 14.457405] [ 14.457515] Memory state around the buggy address: [ 14.457746] ffff888102a4ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.458048] ffff888102a4ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.458300] >ffff888102a50000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.458954] ^ [ 14.459091] ffff888102a50080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.459424] ffff888102a50100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.459707] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 14.385226] ================================================================== [ 14.385845] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.386590] Free of addr ffff8881039f4000 by task kunit_try_catch/257 [ 14.387230] [ 14.387373] CPU: 0 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.387418] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.387430] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.387452] Call Trace: [ 14.387464] <TASK> [ 14.387480] dump_stack_lvl+0x73/0xb0 [ 14.387632] print_report+0xd1/0x650 [ 14.387654] ? __virt_addr_valid+0x1db/0x2d0 [ 14.387679] ? kasan_addr_to_slab+0x11/0xa0 [ 14.387699] ? mempool_double_free_helper+0x184/0x370 [ 14.387723] kasan_report_invalid_free+0x10a/0x130 [ 14.387749] ? mempool_double_free_helper+0x184/0x370 [ 14.387776] ? mempool_double_free_helper+0x184/0x370 [ 14.387802] __kasan_mempool_poison_pages+0x115/0x130 [ 14.387828] mempool_free+0x290/0x380 [ 14.387855] mempool_double_free_helper+0x184/0x370 [ 14.387879] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.387905] ? __kasan_check_write+0x18/0x20 [ 14.387927] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.387950] ? finish_task_switch.isra.0+0x153/0x700 [ 14.387976] mempool_page_alloc_double_free+0xe8/0x140 [ 14.388002] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 14.388031] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 14.388056] ? __pfx_mempool_free_pages+0x10/0x10 [ 14.388082] ? __pfx_read_tsc+0x10/0x10 [ 14.388103] ? ktime_get_ts64+0x86/0x230 [ 14.388128] kunit_try_run_case+0x1a5/0x480 [ 14.388154] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.388184] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.388208] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.388232] ? __kthread_parkme+0x82/0x180 [ 14.388252] ? preempt_count_sub+0x50/0x80 [ 14.388274] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.388299] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.388323] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.388348] kthread+0x337/0x6f0 [ 14.388385] ? trace_preempt_on+0x20/0xc0 [ 14.388408] ? __pfx_kthread+0x10/0x10 [ 14.388453] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.388474] ? calculate_sigpending+0x7b/0xa0 [ 14.388498] ? __pfx_kthread+0x10/0x10 [ 14.388519] ret_from_fork+0x116/0x1d0 [ 14.388537] ? __pfx_kthread+0x10/0x10 [ 14.388557] ret_from_fork_asm+0x1a/0x30 [ 14.388590] </TASK> [ 14.388600] [ 14.401164] The buggy address belongs to the physical page: [ 14.401370] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.401788] flags: 0x200000000000000(node=0|zone=2) [ 14.402122] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 14.402439] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.402898] page dumped because: kasan: bad access detected [ 14.403142] [ 14.403233] Memory state around the buggy address: [ 14.403425] ffff8881039f3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.403699] ffff8881039f3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.403985] >ffff8881039f4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.404513] ^ [ 14.404661] ffff8881039f4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.404922] ffff8881039f4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.405149] ================================================================== [ 14.357090] ================================================================== [ 14.357866] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.358349] Free of addr ffff8881039f4000 by task kunit_try_catch/255 [ 14.359164] [ 14.359500] CPU: 0 UID: 0 PID: 255 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.359547] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.359560] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.359580] Call Trace: [ 14.359591] <TASK> [ 14.359606] dump_stack_lvl+0x73/0xb0 [ 14.359637] print_report+0xd1/0x650 [ 14.359659] ? __virt_addr_valid+0x1db/0x2d0 [ 14.359683] ? kasan_addr_to_slab+0x11/0xa0 [ 14.359703] ? mempool_double_free_helper+0x184/0x370 [ 14.359728] kasan_report_invalid_free+0x10a/0x130 [ 14.359754] ? mempool_double_free_helper+0x184/0x370 [ 14.359781] ? mempool_double_free_helper+0x184/0x370 [ 14.359804] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 14.359830] mempool_free+0x2ec/0x380 [ 14.359858] mempool_double_free_helper+0x184/0x370 [ 14.359883] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.359909] ? update_load_avg+0x1be/0x21b0 [ 14.359936] ? finish_task_switch.isra.0+0x153/0x700 [ 14.359962] mempool_kmalloc_large_double_free+0xed/0x140 [ 14.359988] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 14.360017] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.360040] ? __pfx_mempool_kfree+0x10/0x10 [ 14.360065] ? __pfx_read_tsc+0x10/0x10 [ 14.360087] ? ktime_get_ts64+0x86/0x230 [ 14.360111] kunit_try_run_case+0x1a5/0x480 [ 14.360135] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.360158] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.360187] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.360211] ? __kthread_parkme+0x82/0x180 [ 14.360232] ? preempt_count_sub+0x50/0x80 [ 14.360255] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.360280] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.360304] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.360329] kthread+0x337/0x6f0 [ 14.360397] ? trace_preempt_on+0x20/0xc0 [ 14.360425] ? __pfx_kthread+0x10/0x10 [ 14.360447] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.360468] ? calculate_sigpending+0x7b/0xa0 [ 14.360491] ? __pfx_kthread+0x10/0x10 [ 14.360513] ret_from_fork+0x116/0x1d0 [ 14.360532] ? __pfx_kthread+0x10/0x10 [ 14.360552] ret_from_fork_asm+0x1a/0x30 [ 14.360583] </TASK> [ 14.360593] [ 14.373303] The buggy address belongs to the physical page: [ 14.373747] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.374322] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.374895] flags: 0x200000000000040(head|node=0|zone=2) [ 14.375225] page_type: f8(unknown) [ 14.375424] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.375966] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.376441] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.376882] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.377277] head: 0200000000000002 ffffea00040e7d01 00000000ffffffff 00000000ffffffff [ 14.377787] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.378122] page dumped because: kasan: bad access detected [ 14.378698] [ 14.378801] Memory state around the buggy address: [ 14.378990] ffff8881039f3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.379542] ffff8881039f3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.379957] >ffff8881039f4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.380336] ^ [ 14.380773] ffff8881039f4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.381165] ffff8881039f4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.381585] ================================================================== [ 14.327213] ================================================================== [ 14.328456] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.328820] Free of addr ffff888102d5ff00 by task kunit_try_catch/253 [ 14.329076] [ 14.329183] CPU: 1 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.329225] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.329237] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.329256] Call Trace: [ 14.329268] <TASK> [ 14.329283] dump_stack_lvl+0x73/0xb0 [ 14.329310] print_report+0xd1/0x650 [ 14.329332] ? __virt_addr_valid+0x1db/0x2d0 [ 14.329368] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.329392] ? mempool_double_free_helper+0x184/0x370 [ 14.329416] kasan_report_invalid_free+0x10a/0x130 [ 14.329441] ? mempool_double_free_helper+0x184/0x370 [ 14.329480] ? mempool_double_free_helper+0x184/0x370 [ 14.329503] ? mempool_double_free_helper+0x184/0x370 [ 14.329526] check_slab_allocation+0x101/0x130 [ 14.329548] __kasan_mempool_poison_object+0x91/0x1d0 [ 14.329573] mempool_free+0x2ec/0x380 [ 14.329599] mempool_double_free_helper+0x184/0x370 [ 14.329624] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.329647] ? update_load_avg+0x1be/0x21b0 [ 14.329673] ? finish_task_switch.isra.0+0x153/0x700 [ 14.329698] mempool_kmalloc_double_free+0xed/0x140 [ 14.329722] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 14.329750] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.329773] ? __pfx_mempool_kfree+0x10/0x10 [ 14.329797] ? __pfx_read_tsc+0x10/0x10 [ 14.329818] ? ktime_get_ts64+0x86/0x230 [ 14.329842] kunit_try_run_case+0x1a5/0x480 [ 14.329866] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.329890] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.329914] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.329938] ? __kthread_parkme+0x82/0x180 [ 14.329961] ? preempt_count_sub+0x50/0x80 [ 14.329985] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.330010] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.330034] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.330059] kthread+0x337/0x6f0 [ 14.330078] ? trace_preempt_on+0x20/0xc0 [ 14.330100] ? __pfx_kthread+0x10/0x10 [ 14.330121] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.330143] ? calculate_sigpending+0x7b/0xa0 [ 14.330168] ? __pfx_kthread+0x10/0x10 [ 14.330189] ret_from_fork+0x116/0x1d0 [ 14.330208] ? __pfx_kthread+0x10/0x10 [ 14.330229] ret_from_fork_asm+0x1a/0x30 [ 14.330260] </TASK> [ 14.330270] [ 14.339209] Allocated by task 253: [ 14.339423] kasan_save_stack+0x45/0x70 [ 14.339654] kasan_save_track+0x18/0x40 [ 14.339851] kasan_save_alloc_info+0x3b/0x50 [ 14.340090] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.340348] remove_element+0x11e/0x190 [ 14.340553] mempool_alloc_preallocated+0x4d/0x90 [ 14.340715] mempool_double_free_helper+0x8a/0x370 [ 14.340869] mempool_kmalloc_double_free+0xed/0x140 [ 14.341101] kunit_try_run_case+0x1a5/0x480 [ 14.341526] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.341846] kthread+0x337/0x6f0 [ 14.342017] ret_from_fork+0x116/0x1d0 [ 14.342257] ret_from_fork_asm+0x1a/0x30 [ 14.342700] [ 14.342828] Freed by task 253: [ 14.342959] kasan_save_stack+0x45/0x70 [ 14.343190] kasan_save_track+0x18/0x40 [ 14.343325] kasan_save_free_info+0x3f/0x60 [ 14.343677] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.343928] mempool_free+0x2ec/0x380 [ 14.344110] mempool_double_free_helper+0x109/0x370 [ 14.344285] mempool_kmalloc_double_free+0xed/0x140 [ 14.344661] kunit_try_run_case+0x1a5/0x480 [ 14.344880] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.345221] kthread+0x337/0x6f0 [ 14.345550] ret_from_fork+0x116/0x1d0 [ 14.345742] ret_from_fork_asm+0x1a/0x30 [ 14.345919] [ 14.345991] The buggy address belongs to the object at ffff888102d5ff00 [ 14.345991] which belongs to the cache kmalloc-128 of size 128 [ 14.346460] The buggy address is located 0 bytes inside of [ 14.346460] 128-byte region [ffff888102d5ff00, ffff888102d5ff80) [ 14.346943] [ 14.347038] The buggy address belongs to the physical page: [ 14.347269] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d5f [ 14.347849] flags: 0x200000000000000(node=0|zone=2) [ 14.348095] page_type: f5(slab) [ 14.348273] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.348754] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 14.349043] page dumped because: kasan: bad access detected [ 14.349217] [ 14.349311] Memory state around the buggy address: [ 14.349678] ffff888102d5fe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.350048] ffff888102d5fe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.350493] >ffff888102d5ff00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.350763] ^ [ 14.350927] ffff888102d5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.351608] ffff888102d60000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.351911] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 14.235558] ================================================================== [ 14.237052] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.238142] Read of size 1 at addr ffff8881039f4000 by task kunit_try_catch/246 [ 14.239266] [ 14.239584] CPU: 0 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.239633] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.239655] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.239677] Call Trace: [ 14.239689] <TASK> [ 14.239705] dump_stack_lvl+0x73/0xb0 [ 14.239737] print_report+0xd1/0x650 [ 14.239758] ? __virt_addr_valid+0x1db/0x2d0 [ 14.239786] ? mempool_uaf_helper+0x392/0x400 [ 14.239808] ? kasan_addr_to_slab+0x11/0xa0 [ 14.239828] ? mempool_uaf_helper+0x392/0x400 [ 14.239850] kasan_report+0x141/0x180 [ 14.239871] ? mempool_uaf_helper+0x392/0x400 [ 14.239897] __asan_report_load1_noabort+0x18/0x20 [ 14.240023] mempool_uaf_helper+0x392/0x400 [ 14.240048] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.240074] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.240096] ? irqentry_exit+0x2a/0x60 [ 14.240119] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.240146] mempool_kmalloc_large_uaf+0xef/0x140 [ 14.240169] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 14.240204] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.240228] ? __pfx_mempool_kfree+0x10/0x10 [ 14.240253] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 14.240279] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 14.240305] kunit_try_run_case+0x1a5/0x480 [ 14.240330] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.240387] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.240412] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.240436] ? __kthread_parkme+0x82/0x180 [ 14.240457] ? preempt_count_sub+0x50/0x80 [ 14.240481] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.240505] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.240529] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.240564] kthread+0x337/0x6f0 [ 14.240583] ? trace_preempt_on+0x20/0xc0 [ 14.240606] ? __pfx_kthread+0x10/0x10 [ 14.240626] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.240649] ? calculate_sigpending+0x7b/0xa0 [ 14.240672] ? __pfx_kthread+0x10/0x10 [ 14.240693] ret_from_fork+0x116/0x1d0 [ 14.240712] ? __pfx_kthread+0x10/0x10 [ 14.240732] ret_from_fork_asm+0x1a/0x30 [ 14.240763] </TASK> [ 14.240773] [ 14.256985] The buggy address belongs to the physical page: [ 14.257271] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.258114] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.258629] flags: 0x200000000000040(head|node=0|zone=2) [ 14.258872] page_type: f8(unknown) [ 14.259035] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.259344] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.259584] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.260090] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.260372] head: 0200000000000002 ffffea00040e7d01 00000000ffffffff 00000000ffffffff [ 14.260749] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.261046] page dumped because: kasan: bad access detected [ 14.261299] [ 14.261401] Memory state around the buggy address: [ 14.261662] ffff8881039f3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.261938] ffff8881039f3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.262255] >ffff8881039f4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.262594] ^ [ 14.262732] ffff8881039f4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.263050] ffff8881039f4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.263338] ================================================================== [ 14.304126] ================================================================== [ 14.305379] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.305930] Read of size 1 at addr ffff8881039f4000 by task kunit_try_catch/251 [ 14.306160] [ 14.306249] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.306293] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.306304] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.306324] Call Trace: [ 14.306339] <TASK> [ 14.306377] dump_stack_lvl+0x73/0xb0 [ 14.306411] print_report+0xd1/0x650 [ 14.306433] ? __virt_addr_valid+0x1db/0x2d0 [ 14.306458] ? mempool_uaf_helper+0x392/0x400 [ 14.306480] ? kasan_addr_to_slab+0x11/0xa0 [ 14.306500] ? mempool_uaf_helper+0x392/0x400 [ 14.306523] kasan_report+0x141/0x180 [ 14.306544] ? mempool_uaf_helper+0x392/0x400 [ 14.306572] __asan_report_load1_noabort+0x18/0x20 [ 14.306597] mempool_uaf_helper+0x392/0x400 [ 14.306619] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.306642] ? update_load_avg+0x1be/0x21b0 [ 14.306666] ? dequeue_entities+0x27e/0x1740 [ 14.306692] ? finish_task_switch.isra.0+0x153/0x700 [ 14.306718] mempool_page_alloc_uaf+0xed/0x140 [ 14.306742] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 14.306769] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 14.306795] ? __pfx_mempool_free_pages+0x10/0x10 [ 14.306822] ? __pfx_read_tsc+0x10/0x10 [ 14.306843] ? ktime_get_ts64+0x86/0x230 [ 14.306868] kunit_try_run_case+0x1a5/0x480 [ 14.306893] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.306916] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.306940] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.306966] ? __kthread_parkme+0x82/0x180 [ 14.306987] ? preempt_count_sub+0x50/0x80 [ 14.307011] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.307039] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.307065] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.307091] kthread+0x337/0x6f0 [ 14.307109] ? trace_preempt_on+0x20/0xc0 [ 14.307133] ? __pfx_kthread+0x10/0x10 [ 14.307155] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.307177] ? calculate_sigpending+0x7b/0xa0 [ 14.307201] ? __pfx_kthread+0x10/0x10 [ 14.307223] ret_from_fork+0x116/0x1d0 [ 14.307241] ? __pfx_kthread+0x10/0x10 [ 14.307262] ret_from_fork_asm+0x1a/0x30 [ 14.307295] </TASK> [ 14.307306] [ 14.318841] The buggy address belongs to the physical page: [ 14.319160] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.319805] flags: 0x200000000000000(node=0|zone=2) [ 14.320046] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 14.321250] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.321789] page dumped because: kasan: bad access detected [ 14.322070] [ 14.322171] Memory state around the buggy address: [ 14.322471] ffff8881039f3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.322895] ffff8881039f3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.323309] >ffff8881039f4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.323792] ^ [ 14.324268] ffff8881039f4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.324695] ffff8881039f4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.324981] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 14.269035] ================================================================== [ 14.269496] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.269844] Read of size 1 at addr ffff8881039ea240 by task kunit_try_catch/249 [ 14.270107] [ 14.270217] CPU: 0 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.270260] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.270410] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.270432] Call Trace: [ 14.270444] <TASK> [ 14.270781] dump_stack_lvl+0x73/0xb0 [ 14.270812] print_report+0xd1/0x650 [ 14.270834] ? __virt_addr_valid+0x1db/0x2d0 [ 14.270856] ? mempool_uaf_helper+0x392/0x400 [ 14.270878] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.270902] ? mempool_uaf_helper+0x392/0x400 [ 14.270925] kasan_report+0x141/0x180 [ 14.270946] ? mempool_uaf_helper+0x392/0x400 [ 14.270973] __asan_report_load1_noabort+0x18/0x20 [ 14.270999] mempool_uaf_helper+0x392/0x400 [ 14.271022] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.271045] ? update_load_avg+0x1be/0x21b0 [ 14.271071] ? finish_task_switch.isra.0+0x153/0x700 [ 14.271097] mempool_slab_uaf+0xea/0x140 [ 14.271120] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 14.271146] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 14.271172] ? __pfx_mempool_free_slab+0x10/0x10 [ 14.271198] ? __pfx_read_tsc+0x10/0x10 [ 14.271218] ? ktime_get_ts64+0x86/0x230 [ 14.271243] kunit_try_run_case+0x1a5/0x480 [ 14.271267] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.271290] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.271315] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.271339] ? __kthread_parkme+0x82/0x180 [ 14.271396] ? preempt_count_sub+0x50/0x80 [ 14.271426] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.271452] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.271477] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.271503] kthread+0x337/0x6f0 [ 14.271521] ? trace_preempt_on+0x20/0xc0 [ 14.271689] ? __pfx_kthread+0x10/0x10 [ 14.271710] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.271732] ? calculate_sigpending+0x7b/0xa0 [ 14.271757] ? __pfx_kthread+0x10/0x10 [ 14.271778] ret_from_fork+0x116/0x1d0 [ 14.271796] ? __pfx_kthread+0x10/0x10 [ 14.271817] ret_from_fork_asm+0x1a/0x30 [ 14.271848] </TASK> [ 14.271858] [ 14.282087] Allocated by task 249: [ 14.282273] kasan_save_stack+0x45/0x70 [ 14.282529] kasan_save_track+0x18/0x40 [ 14.282722] kasan_save_alloc_info+0x3b/0x50 [ 14.283016] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 14.283198] remove_element+0x11e/0x190 [ 14.283638] mempool_alloc_preallocated+0x4d/0x90 [ 14.283968] mempool_uaf_helper+0x96/0x400 [ 14.284194] mempool_slab_uaf+0xea/0x140 [ 14.284484] kunit_try_run_case+0x1a5/0x480 [ 14.284712] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.284943] kthread+0x337/0x6f0 [ 14.285067] ret_from_fork+0x116/0x1d0 [ 14.285258] ret_from_fork_asm+0x1a/0x30 [ 14.285657] [ 14.285751] Freed by task 249: [ 14.285980] kasan_save_stack+0x45/0x70 [ 14.286127] kasan_save_track+0x18/0x40 [ 14.286261] kasan_save_free_info+0x3f/0x60 [ 14.286625] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.286985] mempool_free+0x2ec/0x380 [ 14.287218] mempool_uaf_helper+0x11a/0x400 [ 14.287607] mempool_slab_uaf+0xea/0x140 [ 14.287754] kunit_try_run_case+0x1a5/0x480 [ 14.287962] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.288271] kthread+0x337/0x6f0 [ 14.288560] ret_from_fork+0x116/0x1d0 [ 14.289113] ret_from_fork_asm+0x1a/0x30 [ 14.289262] [ 14.289367] The buggy address belongs to the object at ffff8881039ea240 [ 14.289367] which belongs to the cache test_cache of size 123 [ 14.290337] The buggy address is located 0 bytes inside of [ 14.290337] freed 123-byte region [ffff8881039ea240, ffff8881039ea2bb) [ 14.291130] [ 14.291250] The buggy address belongs to the physical page: [ 14.291531] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039ea [ 14.291998] flags: 0x200000000000000(node=0|zone=2) [ 14.292262] page_type: f5(slab) [ 14.292425] raw: 0200000000000000 ffff8881027b7280 dead000000000122 0000000000000000 [ 14.292817] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 14.293155] page dumped because: kasan: bad access detected [ 14.293437] [ 14.293775] Memory state around the buggy address: [ 14.294224] ffff8881039ea100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.294825] ffff8881039ea180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.295232] >ffff8881039ea200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 14.295743] ^ [ 14.296249] ffff8881039ea280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.296941] ffff8881039ea300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.297232] ================================================================== [ 14.202610] ================================================================== [ 14.203089] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.203381] Read of size 1 at addr ffff888102d5fb00 by task kunit_try_catch/244 [ 14.203697] [ 14.203812] CPU: 1 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.203854] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.203866] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.203886] Call Trace: [ 14.203897] <TASK> [ 14.203912] dump_stack_lvl+0x73/0xb0 [ 14.203954] print_report+0xd1/0x650 [ 14.204151] ? __virt_addr_valid+0x1db/0x2d0 [ 14.204182] ? mempool_uaf_helper+0x392/0x400 [ 14.204205] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.204228] ? mempool_uaf_helper+0x392/0x400 [ 14.204250] kasan_report+0x141/0x180 [ 14.204272] ? mempool_uaf_helper+0x392/0x400 [ 14.204300] __asan_report_load1_noabort+0x18/0x20 [ 14.204325] mempool_uaf_helper+0x392/0x400 [ 14.204348] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.204384] ? update_load_avg+0x1be/0x21b0 [ 14.204408] ? update_load_avg+0x1be/0x21b0 [ 14.204429] ? update_curr+0x80/0x810 [ 14.204451] ? finish_task_switch.isra.0+0x153/0x700 [ 14.204477] mempool_kmalloc_uaf+0xef/0x140 [ 14.204499] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 14.204525] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.204549] ? __pfx_mempool_kfree+0x10/0x10 [ 14.204574] ? __pfx_read_tsc+0x10/0x10 [ 14.204596] ? ktime_get_ts64+0x86/0x230 [ 14.204622] kunit_try_run_case+0x1a5/0x480 [ 14.204647] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.204683] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.204708] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.204732] ? __kthread_parkme+0x82/0x180 [ 14.204753] ? preempt_count_sub+0x50/0x80 [ 14.204776] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.204801] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.204826] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.204853] kthread+0x337/0x6f0 [ 14.204872] ? trace_preempt_on+0x20/0xc0 [ 14.204894] ? __pfx_kthread+0x10/0x10 [ 14.204914] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.204935] ? calculate_sigpending+0x7b/0xa0 [ 14.204959] ? __pfx_kthread+0x10/0x10 [ 14.204981] ret_from_fork+0x116/0x1d0 [ 14.204999] ? __pfx_kthread+0x10/0x10 [ 14.205020] ret_from_fork_asm+0x1a/0x30 [ 14.205051] </TASK> [ 14.205061] [ 14.212958] Allocated by task 244: [ 14.213139] kasan_save_stack+0x45/0x70 [ 14.213341] kasan_save_track+0x18/0x40 [ 14.213626] kasan_save_alloc_info+0x3b/0x50 [ 14.213816] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.214015] remove_element+0x11e/0x190 [ 14.214208] mempool_alloc_preallocated+0x4d/0x90 [ 14.214515] mempool_uaf_helper+0x96/0x400 [ 14.214670] mempool_kmalloc_uaf+0xef/0x140 [ 14.214889] kunit_try_run_case+0x1a5/0x480 [ 14.215048] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.215224] kthread+0x337/0x6f0 [ 14.215366] ret_from_fork+0x116/0x1d0 [ 14.216644] ret_from_fork_asm+0x1a/0x30 [ 14.216810] [ 14.216882] Freed by task 244: [ 14.216993] kasan_save_stack+0x45/0x70 [ 14.217129] kasan_save_track+0x18/0x40 [ 14.217265] kasan_save_free_info+0x3f/0x60 [ 14.217453] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.217697] mempool_free+0x2ec/0x380 [ 14.220014] mempool_uaf_helper+0x11a/0x400 [ 14.221061] mempool_kmalloc_uaf+0xef/0x140 [ 14.222073] kunit_try_run_case+0x1a5/0x480 [ 14.222236] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.222439] kthread+0x337/0x6f0 [ 14.222569] ret_from_fork+0x116/0x1d0 [ 14.222703] ret_from_fork_asm+0x1a/0x30 [ 14.222844] [ 14.222916] The buggy address belongs to the object at ffff888102d5fb00 [ 14.222916] which belongs to the cache kmalloc-128 of size 128 [ 14.223281] The buggy address is located 0 bytes inside of [ 14.223281] freed 128-byte region [ffff888102d5fb00, ffff888102d5fb80) [ 14.225216] [ 14.225302] The buggy address belongs to the physical page: [ 14.225761] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d5f [ 14.226643] flags: 0x200000000000000(node=0|zone=2) [ 14.227138] page_type: f5(slab) [ 14.227538] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.227937] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.228163] page dumped because: kasan: bad access detected [ 14.228333] [ 14.228685] Memory state around the buggy address: [ 14.229119] ffff888102d5fa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.229901] ffff888102d5fa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.230661] >ffff888102d5fb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.231155] ^ [ 14.231269] ffff888102d5fb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.231562] ffff888102d5fc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.232256] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 14.150814] ================================================================== [ 14.151341] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 14.151943] Read of size 1 at addr ffff8881039f6001 by task kunit_try_catch/240 [ 14.152241] [ 14.152333] CPU: 0 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.152437] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.152450] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.152470] Call Trace: [ 14.152482] <TASK> [ 14.152496] dump_stack_lvl+0x73/0xb0 [ 14.152527] print_report+0xd1/0x650 [ 14.152549] ? __virt_addr_valid+0x1db/0x2d0 [ 14.152573] ? mempool_oob_right_helper+0x318/0x380 [ 14.152596] ? kasan_addr_to_slab+0x11/0xa0 [ 14.152616] ? mempool_oob_right_helper+0x318/0x380 [ 14.152640] kasan_report+0x141/0x180 [ 14.152661] ? mempool_oob_right_helper+0x318/0x380 [ 14.152690] __asan_report_load1_noabort+0x18/0x20 [ 14.152715] mempool_oob_right_helper+0x318/0x380 [ 14.152740] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 14.152763] ? update_load_avg+0x1be/0x21b0 [ 14.152790] ? finish_task_switch.isra.0+0x153/0x700 [ 14.152816] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 14.152841] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 14.152870] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.152893] ? __pfx_mempool_kfree+0x10/0x10 [ 14.152918] ? __pfx_read_tsc+0x10/0x10 [ 14.152938] ? ktime_get_ts64+0x86/0x230 [ 14.152962] kunit_try_run_case+0x1a5/0x480 [ 14.152986] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.153009] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.153034] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.153057] ? __kthread_parkme+0x82/0x180 [ 14.153079] ? preempt_count_sub+0x50/0x80 [ 14.153101] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.153126] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.153150] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.153175] kthread+0x337/0x6f0 [ 14.153194] ? trace_preempt_on+0x20/0xc0 [ 14.153217] ? __pfx_kthread+0x10/0x10 [ 14.153237] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.153258] ? calculate_sigpending+0x7b/0xa0 [ 14.153282] ? __pfx_kthread+0x10/0x10 [ 14.153303] ret_from_fork+0x116/0x1d0 [ 14.153321] ? __pfx_kthread+0x10/0x10 [ 14.153341] ret_from_fork_asm+0x1a/0x30 [ 14.153448] </TASK> [ 14.153458] [ 14.163005] The buggy address belongs to the physical page: [ 14.163242] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.163498] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.163723] flags: 0x200000000000040(head|node=0|zone=2) [ 14.164013] page_type: f8(unknown) [ 14.164195] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.164485] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.164714] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.165562] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.165927] head: 0200000000000002 ffffea00040e7d01 00000000ffffffff 00000000ffffffff [ 14.166263] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.166675] page dumped because: kasan: bad access detected [ 14.166896] [ 14.166992] Memory state around the buggy address: [ 14.167185] ffff8881039f5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.167570] ffff8881039f5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.167820] >ffff8881039f6000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.168031] ^ [ 14.168199] ffff8881039f6080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.168530] ffff8881039f6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.168810] ================================================================== [ 14.173153] ================================================================== [ 14.173938] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 14.174253] Read of size 1 at addr ffff8881039b62bb by task kunit_try_catch/242 [ 14.174630] [ 14.174749] CPU: 1 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.174792] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.174803] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.174823] Call Trace: [ 14.174836] <TASK> [ 14.174853] dump_stack_lvl+0x73/0xb0 [ 14.174884] print_report+0xd1/0x650 [ 14.174908] ? __virt_addr_valid+0x1db/0x2d0 [ 14.174933] ? mempool_oob_right_helper+0x318/0x380 [ 14.174957] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.174980] ? mempool_oob_right_helper+0x318/0x380 [ 14.175005] kasan_report+0x141/0x180 [ 14.175027] ? mempool_oob_right_helper+0x318/0x380 [ 14.175056] __asan_report_load1_noabort+0x18/0x20 [ 14.175081] mempool_oob_right_helper+0x318/0x380 [ 14.175106] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 14.175133] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.175158] ? finish_task_switch.isra.0+0x153/0x700 [ 14.175184] mempool_slab_oob_right+0xed/0x140 [ 14.175209] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 14.175238] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 14.175264] ? __pfx_mempool_free_slab+0x10/0x10 [ 14.175291] ? __pfx_read_tsc+0x10/0x10 [ 14.175312] ? ktime_get_ts64+0x86/0x230 [ 14.175338] kunit_try_run_case+0x1a5/0x480 [ 14.175438] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.175463] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.175489] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.175513] ? __kthread_parkme+0x82/0x180 [ 14.175535] ? preempt_count_sub+0x50/0x80 [ 14.175558] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.175583] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.175607] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.175633] kthread+0x337/0x6f0 [ 14.175652] ? trace_preempt_on+0x20/0xc0 [ 14.175677] ? __pfx_kthread+0x10/0x10 [ 14.175698] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.175720] ? calculate_sigpending+0x7b/0xa0 [ 14.175744] ? __pfx_kthread+0x10/0x10 [ 14.175766] ret_from_fork+0x116/0x1d0 [ 14.175784] ? __pfx_kthread+0x10/0x10 [ 14.175804] ret_from_fork_asm+0x1a/0x30 [ 14.175836] </TASK> [ 14.175846] [ 14.183841] Allocated by task 242: [ 14.184021] kasan_save_stack+0x45/0x70 [ 14.184235] kasan_save_track+0x18/0x40 [ 14.184443] kasan_save_alloc_info+0x3b/0x50 [ 14.184698] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 14.184878] remove_element+0x11e/0x190 [ 14.185016] mempool_alloc_preallocated+0x4d/0x90 [ 14.185217] mempool_oob_right_helper+0x8a/0x380 [ 14.185616] mempool_slab_oob_right+0xed/0x140 [ 14.185840] kunit_try_run_case+0x1a5/0x480 [ 14.186053] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.186314] kthread+0x337/0x6f0 [ 14.186573] ret_from_fork+0x116/0x1d0 [ 14.186774] ret_from_fork_asm+0x1a/0x30 [ 14.186954] [ 14.187031] The buggy address belongs to the object at ffff8881039b6240 [ 14.187031] which belongs to the cache test_cache of size 123 [ 14.187605] The buggy address is located 0 bytes to the right of [ 14.187605] allocated 123-byte region [ffff8881039b6240, ffff8881039b62bb) [ 14.188002] [ 14.188074] The buggy address belongs to the physical page: [ 14.188248] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b6 [ 14.188528] flags: 0x200000000000000(node=0|zone=2) [ 14.188966] page_type: f5(slab) [ 14.189133] raw: 0200000000000000 ffff8881039b0140 dead000000000122 0000000000000000 [ 14.189481] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 14.189814] page dumped because: kasan: bad access detected [ 14.190255] [ 14.190328] Memory state around the buggy address: [ 14.190693] ffff8881039b6180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.190972] ffff8881039b6200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 14.191220] >ffff8881039b6280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 14.191550] ^ [ 14.191964] ffff8881039b6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.192263] ffff8881039b6380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.192640] ================================================================== [ 14.123095] ================================================================== [ 14.123742] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 14.124025] Read of size 1 at addr ffff8881027a3973 by task kunit_try_catch/238 [ 14.124247] [ 14.124338] CPU: 0 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.124399] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.124410] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.124433] Call Trace: [ 14.124444] <TASK> [ 14.124463] dump_stack_lvl+0x73/0xb0 [ 14.124495] print_report+0xd1/0x650 [ 14.124519] ? __virt_addr_valid+0x1db/0x2d0 [ 14.124542] ? mempool_oob_right_helper+0x318/0x380 [ 14.124566] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.124590] ? mempool_oob_right_helper+0x318/0x380 [ 14.125088] kasan_report+0x141/0x180 [ 14.125112] ? mempool_oob_right_helper+0x318/0x380 [ 14.125148] __asan_report_load1_noabort+0x18/0x20 [ 14.125173] mempool_oob_right_helper+0x318/0x380 [ 14.125198] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 14.125222] ? update_load_avg+0x1be/0x21b0 [ 14.125246] ? dequeue_entities+0x27e/0x1740 [ 14.125269] ? __kasan_check_write+0x18/0x20 [ 14.125290] ? finish_task_switch.isra.0+0x153/0x700 [ 14.125316] mempool_kmalloc_oob_right+0xf2/0x150 [ 14.125340] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 14.125390] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.125417] ? __pfx_mempool_kfree+0x10/0x10 [ 14.125442] ? __pfx_read_tsc+0x10/0x10 [ 14.125474] ? ktime_get_ts64+0x86/0x230 [ 14.125499] kunit_try_run_case+0x1a5/0x480 [ 14.125524] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.125548] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.125573] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.125597] ? __kthread_parkme+0x82/0x180 [ 14.125618] ? preempt_count_sub+0x50/0x80 [ 14.125640] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.125665] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.125689] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.125714] kthread+0x337/0x6f0 [ 14.125732] ? trace_preempt_on+0x20/0xc0 [ 14.125757] ? __pfx_kthread+0x10/0x10 [ 14.125777] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.125798] ? calculate_sigpending+0x7b/0xa0 [ 14.125823] ? __pfx_kthread+0x10/0x10 [ 14.125844] ret_from_fork+0x116/0x1d0 [ 14.125863] ? __pfx_kthread+0x10/0x10 [ 14.125883] ret_from_fork_asm+0x1a/0x30 [ 14.125914] </TASK> [ 14.125925] [ 14.138188] Allocated by task 238: [ 14.138322] kasan_save_stack+0x45/0x70 [ 14.138557] kasan_save_track+0x18/0x40 [ 14.138735] kasan_save_alloc_info+0x3b/0x50 [ 14.138996] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.139233] remove_element+0x11e/0x190 [ 14.139440] mempool_alloc_preallocated+0x4d/0x90 [ 14.139692] mempool_oob_right_helper+0x8a/0x380 [ 14.139917] mempool_kmalloc_oob_right+0xf2/0x150 [ 14.140090] kunit_try_run_case+0x1a5/0x480 [ 14.140329] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.140531] kthread+0x337/0x6f0 [ 14.140831] ret_from_fork+0x116/0x1d0 [ 14.141079] ret_from_fork_asm+0x1a/0x30 [ 14.141283] [ 14.141376] The buggy address belongs to the object at ffff8881027a3900 [ 14.141376] which belongs to the cache kmalloc-128 of size 128 [ 14.142084] The buggy address is located 0 bytes to the right of [ 14.142084] allocated 115-byte region [ffff8881027a3900, ffff8881027a3973) [ 14.142701] [ 14.142957] The buggy address belongs to the physical page: [ 14.143154] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a3 [ 14.143629] flags: 0x200000000000000(node=0|zone=2) [ 14.143882] page_type: f5(slab) [ 14.144031] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.144362] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.144896] page dumped because: kasan: bad access detected [ 14.145124] [ 14.145214] Memory state around the buggy address: [ 14.145688] ffff8881027a3800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.145913] ffff8881027a3880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.146231] >ffff8881027a3900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.146657] ^ [ 14.147101] ffff8881027a3980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.147429] ffff8881027a3a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.147807] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 13.550215] ================================================================== [ 13.551422] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 13.552101] Read of size 1 at addr ffff8881027b7140 by task kunit_try_catch/232 [ 13.552338] [ 13.552915] CPU: 0 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.552964] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.552977] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.552998] Call Trace: [ 13.553012] <TASK> [ 13.553166] dump_stack_lvl+0x73/0xb0 [ 13.553203] print_report+0xd1/0x650 [ 13.553227] ? __virt_addr_valid+0x1db/0x2d0 [ 13.553252] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.553277] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.553300] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.553326] kasan_report+0x141/0x180 [ 13.553382] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.553413] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.553440] __kasan_check_byte+0x3d/0x50 [ 13.553461] kmem_cache_destroy+0x25/0x1d0 [ 13.553486] kmem_cache_double_destroy+0x1bf/0x380 [ 13.553512] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 13.553537] ? finish_task_switch.isra.0+0x153/0x700 [ 13.553561] ? __switch_to+0x47/0xf50 [ 13.553590] ? __pfx_read_tsc+0x10/0x10 [ 13.553613] ? ktime_get_ts64+0x86/0x230 [ 13.553637] kunit_try_run_case+0x1a5/0x480 [ 13.553664] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.553687] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.553712] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.553736] ? __kthread_parkme+0x82/0x180 [ 13.553757] ? preempt_count_sub+0x50/0x80 [ 13.553780] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.553805] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.553829] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.553855] kthread+0x337/0x6f0 [ 13.553874] ? trace_preempt_on+0x20/0xc0 [ 13.553898] ? __pfx_kthread+0x10/0x10 [ 13.553918] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.553940] ? calculate_sigpending+0x7b/0xa0 [ 13.553965] ? __pfx_kthread+0x10/0x10 [ 13.553986] ret_from_fork+0x116/0x1d0 [ 13.554004] ? __pfx_kthread+0x10/0x10 [ 13.554025] ret_from_fork_asm+0x1a/0x30 [ 13.554056] </TASK> [ 13.554067] [ 13.569599] Allocated by task 232: [ 13.570072] kasan_save_stack+0x45/0x70 [ 13.570329] kasan_save_track+0x18/0x40 [ 13.570781] kasan_save_alloc_info+0x3b/0x50 [ 13.571158] __kasan_slab_alloc+0x91/0xa0 [ 13.571577] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.571800] __kmem_cache_create_args+0x169/0x240 [ 13.572015] kmem_cache_double_destroy+0xd5/0x380 [ 13.572236] kunit_try_run_case+0x1a5/0x480 [ 13.572443] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.572662] kthread+0x337/0x6f0 [ 13.572815] ret_from_fork+0x116/0x1d0 [ 13.572986] ret_from_fork_asm+0x1a/0x30 [ 13.573166] [ 13.573254] Freed by task 232: [ 13.573454] kasan_save_stack+0x45/0x70 [ 13.573597] kasan_save_track+0x18/0x40 [ 13.573733] kasan_save_free_info+0x3f/0x60 [ 13.573909] __kasan_slab_free+0x56/0x70 [ 13.574105] kmem_cache_free+0x249/0x420 [ 13.574300] slab_kmem_cache_release+0x2e/0x40 [ 13.574511] kmem_cache_release+0x16/0x20 [ 13.574693] kobject_put+0x181/0x450 [ 13.574857] sysfs_slab_release+0x16/0x20 [ 13.575038] kmem_cache_destroy+0xf0/0x1d0 [ 13.575198] kmem_cache_double_destroy+0x14e/0x380 [ 13.575370] kunit_try_run_case+0x1a5/0x480 [ 13.575516] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.575690] kthread+0x337/0x6f0 [ 13.575808] ret_from_fork+0x116/0x1d0 [ 13.575971] ret_from_fork_asm+0x1a/0x30 [ 13.576455] [ 13.576572] The buggy address belongs to the object at ffff8881027b7140 [ 13.576572] which belongs to the cache kmem_cache of size 208 [ 13.577302] The buggy address is located 0 bytes inside of [ 13.577302] freed 208-byte region [ffff8881027b7140, ffff8881027b7210) [ 13.577910] [ 13.578014] The buggy address belongs to the physical page: [ 13.578250] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027b7 [ 13.578653] flags: 0x200000000000000(node=0|zone=2) [ 13.578835] page_type: f5(slab) [ 13.578959] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 13.579188] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 13.579536] page dumped because: kasan: bad access detected [ 13.579794] [ 13.579889] Memory state around the buggy address: [ 13.580296] ffff8881027b7000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.580738] ffff8881027b7080: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 13.581019] >ffff8881027b7100: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 13.581245] ^ [ 13.581502] ffff8881027b7180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.581826] ffff8881027b7200: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.582113] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 13.488643] ================================================================== [ 13.489877] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.490540] Read of size 1 at addr ffff888102d76000 by task kunit_try_catch/230 [ 13.491171] [ 13.491353] CPU: 1 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.491409] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.491421] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.491441] Call Trace: [ 13.491455] <TASK> [ 13.491474] dump_stack_lvl+0x73/0xb0 [ 13.491537] print_report+0xd1/0x650 [ 13.491561] ? __virt_addr_valid+0x1db/0x2d0 [ 13.491585] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.491607] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.491629] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.491652] kasan_report+0x141/0x180 [ 13.491673] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.491700] __asan_report_load1_noabort+0x18/0x20 [ 13.491724] kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.491747] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 13.491769] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.491800] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 13.491827] kunit_try_run_case+0x1a5/0x480 [ 13.491852] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.491874] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.491899] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.491922] ? __kthread_parkme+0x82/0x180 [ 13.491943] ? preempt_count_sub+0x50/0x80 [ 13.491967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.491991] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.492014] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.492039] kthread+0x337/0x6f0 [ 13.492069] ? trace_preempt_on+0x20/0xc0 [ 13.492093] ? __pfx_kthread+0x10/0x10 [ 13.492113] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.492147] ? calculate_sigpending+0x7b/0xa0 [ 13.492171] ? __pfx_kthread+0x10/0x10 [ 13.492209] ret_from_fork+0x116/0x1d0 [ 13.492229] ? __pfx_kthread+0x10/0x10 [ 13.492249] ret_from_fork_asm+0x1a/0x30 [ 13.492280] </TASK> [ 13.492290] [ 13.505300] Allocated by task 230: [ 13.505642] kasan_save_stack+0x45/0x70 [ 13.505995] kasan_save_track+0x18/0x40 [ 13.506332] kasan_save_alloc_info+0x3b/0x50 [ 13.506836] __kasan_slab_alloc+0x91/0xa0 [ 13.507209] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.507675] kmem_cache_rcu_uaf+0x155/0x510 [ 13.507818] kunit_try_run_case+0x1a5/0x480 [ 13.507959] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.508128] kthread+0x337/0x6f0 [ 13.508252] ret_from_fork+0x116/0x1d0 [ 13.508398] ret_from_fork_asm+0x1a/0x30 [ 13.508804] [ 13.508957] Freed by task 0: [ 13.509217] kasan_save_stack+0x45/0x70 [ 13.509644] kasan_save_track+0x18/0x40 [ 13.510051] kasan_save_free_info+0x3f/0x60 [ 13.510509] __kasan_slab_free+0x56/0x70 [ 13.510882] slab_free_after_rcu_debug+0xe4/0x310 [ 13.511397] rcu_core+0x66f/0x1c40 [ 13.511744] rcu_core_si+0x12/0x20 [ 13.512053] handle_softirqs+0x209/0x730 [ 13.512418] __irq_exit_rcu+0xc9/0x110 [ 13.512806] irq_exit_rcu+0x12/0x20 [ 13.512972] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.513593] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.514068] [ 13.514230] Last potentially related work creation: [ 13.514746] kasan_save_stack+0x45/0x70 [ 13.515178] kasan_record_aux_stack+0xb2/0xc0 [ 13.515644] kmem_cache_free+0x131/0x420 [ 13.516014] kmem_cache_rcu_uaf+0x194/0x510 [ 13.516303] kunit_try_run_case+0x1a5/0x480 [ 13.516728] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.517169] kthread+0x337/0x6f0 [ 13.517286] ret_from_fork+0x116/0x1d0 [ 13.517465] ret_from_fork_asm+0x1a/0x30 [ 13.517907] [ 13.518071] The buggy address belongs to the object at ffff888102d76000 [ 13.518071] which belongs to the cache test_cache of size 200 [ 13.519407] The buggy address is located 0 bytes inside of [ 13.519407] freed 200-byte region [ffff888102d76000, ffff888102d760c8) [ 13.519743] [ 13.519815] The buggy address belongs to the physical page: [ 13.519981] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d76 [ 13.520217] flags: 0x200000000000000(node=0|zone=2) [ 13.520426] page_type: f5(slab) [ 13.520558] raw: 0200000000000000 ffff888100ff4c80 dead000000000122 0000000000000000 [ 13.520988] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.521779] page dumped because: kasan: bad access detected [ 13.522280] [ 13.522549] Memory state around the buggy address: [ 13.522971] ffff888102d75f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.523674] ffff888102d75f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.524158] >ffff888102d76000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.524467] ^ [ 13.524788] ffff888102d76080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 13.525822] ffff888102d76100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.526495] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 13.425080] ================================================================== [ 13.425922] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 13.426228] Free of addr ffff8881027ba001 by task kunit_try_catch/228 [ 13.427078] [ 13.427194] CPU: 0 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.427483] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.427502] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.427524] Call Trace: [ 13.427537] <TASK> [ 13.427553] dump_stack_lvl+0x73/0xb0 [ 13.427588] print_report+0xd1/0x650 [ 13.427610] ? __virt_addr_valid+0x1db/0x2d0 [ 13.427635] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.427658] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.427684] kasan_report_invalid_free+0x10a/0x130 [ 13.427708] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.427735] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.427760] check_slab_allocation+0x11f/0x130 [ 13.427781] __kasan_slab_pre_free+0x28/0x40 [ 13.427802] kmem_cache_free+0xed/0x420 [ 13.427822] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.427842] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.427870] kmem_cache_invalid_free+0x1d8/0x460 [ 13.427895] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 13.427919] ? finish_task_switch.isra.0+0x153/0x700 [ 13.427943] ? __switch_to+0x47/0xf50 [ 13.427971] ? __pfx_read_tsc+0x10/0x10 [ 13.427992] ? ktime_get_ts64+0x86/0x230 [ 13.428017] kunit_try_run_case+0x1a5/0x480 [ 13.428041] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.428064] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.428088] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.428111] ? __kthread_parkme+0x82/0x180 [ 13.428132] ? preempt_count_sub+0x50/0x80 [ 13.428155] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.428187] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.428211] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.428236] kthread+0x337/0x6f0 [ 13.428254] ? trace_preempt_on+0x20/0xc0 [ 13.428278] ? __pfx_kthread+0x10/0x10 [ 13.428298] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.428319] ? calculate_sigpending+0x7b/0xa0 [ 13.428344] ? __pfx_kthread+0x10/0x10 [ 13.428413] ret_from_fork+0x116/0x1d0 [ 13.428445] ? __pfx_kthread+0x10/0x10 [ 13.428466] ret_from_fork_asm+0x1a/0x30 [ 13.428498] </TASK> [ 13.428509] [ 13.439327] Allocated by task 228: [ 13.439568] kasan_save_stack+0x45/0x70 [ 13.439726] kasan_save_track+0x18/0x40 [ 13.440072] kasan_save_alloc_info+0x3b/0x50 [ 13.440325] __kasan_slab_alloc+0x91/0xa0 [ 13.441660] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.441842] kmem_cache_invalid_free+0x157/0x460 [ 13.442009] kunit_try_run_case+0x1a5/0x480 [ 13.442165] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.443468] kthread+0x337/0x6f0 [ 13.443687] ret_from_fork+0x116/0x1d0 [ 13.443877] ret_from_fork_asm+0x1a/0x30 [ 13.444122] [ 13.444253] The buggy address belongs to the object at ffff8881027ba000 [ 13.444253] which belongs to the cache test_cache of size 200 [ 13.444838] The buggy address is located 1 bytes inside of [ 13.444838] 200-byte region [ffff8881027ba000, ffff8881027ba0c8) [ 13.445295] [ 13.445735] The buggy address belongs to the physical page: [ 13.445913] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027ba [ 13.446150] flags: 0x200000000000000(node=0|zone=2) [ 13.446335] page_type: f5(slab) [ 13.446517] raw: 0200000000000000 ffff8881027b7000 dead000000000122 0000000000000000 [ 13.446827] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.447046] page dumped because: kasan: bad access detected [ 13.447266] [ 13.448882] Memory state around the buggy address: [ 13.449078] ffff8881027b9f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.449299] ffff8881027b9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.449549] >ffff8881027ba000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.449763] ^ [ 13.449880] ffff8881027ba080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 13.450092] ffff8881027ba100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.450302] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 13.394868] ================================================================== [ 13.395630] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 13.395865] Free of addr ffff888102d74000 by task kunit_try_catch/226 [ 13.396063] [ 13.396153] CPU: 1 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.396200] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.396212] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.396231] Call Trace: [ 13.396242] <TASK> [ 13.396257] dump_stack_lvl+0x73/0xb0 [ 13.396287] print_report+0xd1/0x650 [ 13.396309] ? __virt_addr_valid+0x1db/0x2d0 [ 13.396333] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.396355] ? kmem_cache_double_free+0x1e5/0x480 [ 13.396445] kasan_report_invalid_free+0x10a/0x130 [ 13.396487] ? kmem_cache_double_free+0x1e5/0x480 [ 13.396515] ? kmem_cache_double_free+0x1e5/0x480 [ 13.396540] check_slab_allocation+0x101/0x130 [ 13.396562] __kasan_slab_pre_free+0x28/0x40 [ 13.396726] kmem_cache_free+0xed/0x420 [ 13.396747] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.396803] ? kmem_cache_double_free+0x1e5/0x480 [ 13.396831] kmem_cache_double_free+0x1e5/0x480 [ 13.396867] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 13.396892] ? finish_task_switch.isra.0+0x153/0x700 [ 13.396915] ? __switch_to+0x47/0xf50 [ 13.396942] ? __pfx_read_tsc+0x10/0x10 [ 13.396963] ? ktime_get_ts64+0x86/0x230 [ 13.396986] kunit_try_run_case+0x1a5/0x480 [ 13.397010] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.397032] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.397057] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.397080] ? __kthread_parkme+0x82/0x180 [ 13.397101] ? preempt_count_sub+0x50/0x80 [ 13.397123] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.397147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.397202] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.397227] kthread+0x337/0x6f0 [ 13.397246] ? trace_preempt_on+0x20/0xc0 [ 13.397305] ? __pfx_kthread+0x10/0x10 [ 13.397326] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.397440] ? calculate_sigpending+0x7b/0xa0 [ 13.397465] ? __pfx_kthread+0x10/0x10 [ 13.397486] ret_from_fork+0x116/0x1d0 [ 13.397505] ? __pfx_kthread+0x10/0x10 [ 13.397525] ret_from_fork_asm+0x1a/0x30 [ 13.397556] </TASK> [ 13.397566] [ 13.406258] Allocated by task 226: [ 13.406510] kasan_save_stack+0x45/0x70 [ 13.406770] kasan_save_track+0x18/0x40 [ 13.406969] kasan_save_alloc_info+0x3b/0x50 [ 13.407181] __kasan_slab_alloc+0x91/0xa0 [ 13.407489] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.407767] kmem_cache_double_free+0x14f/0x480 [ 13.407994] kunit_try_run_case+0x1a5/0x480 [ 13.408250] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.408601] kthread+0x337/0x6f0 [ 13.408730] ret_from_fork+0x116/0x1d0 [ 13.408863] ret_from_fork_asm+0x1a/0x30 [ 13.409063] [ 13.409158] Freed by task 226: [ 13.409450] kasan_save_stack+0x45/0x70 [ 13.409672] kasan_save_track+0x18/0x40 [ 13.409938] kasan_save_free_info+0x3f/0x60 [ 13.410161] __kasan_slab_free+0x56/0x70 [ 13.410412] kmem_cache_free+0x249/0x420 [ 13.410599] kmem_cache_double_free+0x16a/0x480 [ 13.410827] kunit_try_run_case+0x1a5/0x480 [ 13.411035] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.411296] kthread+0x337/0x6f0 [ 13.411484] ret_from_fork+0x116/0x1d0 [ 13.411665] ret_from_fork_asm+0x1a/0x30 [ 13.411840] [ 13.411935] The buggy address belongs to the object at ffff888102d74000 [ 13.411935] which belongs to the cache test_cache of size 200 [ 13.412581] The buggy address is located 0 bytes inside of [ 13.412581] 200-byte region [ffff888102d74000, ffff888102d740c8) [ 13.413060] [ 13.413159] The buggy address belongs to the physical page: [ 13.413530] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d74 [ 13.413791] flags: 0x200000000000000(node=0|zone=2) [ 13.414078] page_type: f5(slab) [ 13.414251] raw: 0200000000000000 ffff888100ff4b40 dead000000000122 0000000000000000 [ 13.414765] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.415128] page dumped because: kasan: bad access detected [ 13.415501] [ 13.415596] Memory state around the buggy address: [ 13.415873] ffff888102d73f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.416227] ffff888102d73f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.416568] >ffff888102d74000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.416945] ^ [ 13.417114] ffff888102d74080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 13.417553] ffff888102d74100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.417864] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 13.359052] ================================================================== [ 13.359979] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 13.360216] Read of size 1 at addr ffff8881027b70c8 by task kunit_try_catch/224 [ 13.360464] [ 13.360596] CPU: 0 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.360640] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.360651] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.360682] Call Trace: [ 13.360712] <TASK> [ 13.360728] dump_stack_lvl+0x73/0xb0 [ 13.361007] print_report+0xd1/0x650 [ 13.361030] ? __virt_addr_valid+0x1db/0x2d0 [ 13.361052] ? kmem_cache_oob+0x402/0x530 [ 13.361074] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.361097] ? kmem_cache_oob+0x402/0x530 [ 13.361119] kasan_report+0x141/0x180 [ 13.361140] ? kmem_cache_oob+0x402/0x530 [ 13.361166] __asan_report_load1_noabort+0x18/0x20 [ 13.361191] kmem_cache_oob+0x402/0x530 [ 13.361211] ? trace_hardirqs_on+0x37/0xe0 [ 13.361235] ? __pfx_kmem_cache_oob+0x10/0x10 [ 13.361257] ? finish_task_switch.isra.0+0x153/0x700 [ 13.361280] ? __switch_to+0x47/0xf50 [ 13.361307] ? __pfx_read_tsc+0x10/0x10 [ 13.361328] ? ktime_get_ts64+0x86/0x230 [ 13.361352] kunit_try_run_case+0x1a5/0x480 [ 13.361413] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.361436] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.361482] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.361506] ? __kthread_parkme+0x82/0x180 [ 13.361525] ? preempt_count_sub+0x50/0x80 [ 13.361548] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.361572] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.361596] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.361620] kthread+0x337/0x6f0 [ 13.361638] ? trace_preempt_on+0x20/0xc0 [ 13.361660] ? __pfx_kthread+0x10/0x10 [ 13.361680] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.361701] ? calculate_sigpending+0x7b/0xa0 [ 13.361724] ? __pfx_kthread+0x10/0x10 [ 13.361745] ret_from_fork+0x116/0x1d0 [ 13.361763] ? __pfx_kthread+0x10/0x10 [ 13.361783] ret_from_fork_asm+0x1a/0x30 [ 13.361813] </TASK> [ 13.361823] [ 13.369743] Allocated by task 224: [ 13.369924] kasan_save_stack+0x45/0x70 [ 13.370125] kasan_save_track+0x18/0x40 [ 13.370388] kasan_save_alloc_info+0x3b/0x50 [ 13.370763] __kasan_slab_alloc+0x91/0xa0 [ 13.371024] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.371260] kmem_cache_oob+0x157/0x530 [ 13.371625] kunit_try_run_case+0x1a5/0x480 [ 13.371854] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.372119] kthread+0x337/0x6f0 [ 13.372257] ret_from_fork+0x116/0x1d0 [ 13.372400] ret_from_fork_asm+0x1a/0x30 [ 13.372540] [ 13.372708] The buggy address belongs to the object at ffff8881027b7000 [ 13.372708] which belongs to the cache test_cache of size 200 [ 13.373295] The buggy address is located 0 bytes to the right of [ 13.373295] allocated 200-byte region [ffff8881027b7000, ffff8881027b70c8) [ 13.373833] [ 13.373961] The buggy address belongs to the physical page: [ 13.374441] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027b7 [ 13.374765] flags: 0x200000000000000(node=0|zone=2) [ 13.374945] page_type: f5(slab) [ 13.375065] raw: 0200000000000000 ffff88810130ddc0 dead000000000122 0000000000000000 [ 13.375293] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.375617] page dumped because: kasan: bad access detected [ 13.375867] [ 13.375959] Memory state around the buggy address: [ 13.376182] ffff8881027b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.376800] ffff8881027b7000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.377138] >ffff8881027b7080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 13.377605] ^ [ 13.377857] ffff8881027b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.378193] ffff8881027b7180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.378655] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 13.318502] ================================================================== [ 13.319113] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 13.319352] Read of size 8 at addr ffff888102d710c0 by task kunit_try_catch/217 [ 13.319675] [ 13.319833] CPU: 1 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.319878] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.319889] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.319909] Call Trace: [ 13.319922] <TASK> [ 13.319939] dump_stack_lvl+0x73/0xb0 [ 13.319970] print_report+0xd1/0x650 [ 13.320017] ? __virt_addr_valid+0x1db/0x2d0 [ 13.320041] ? workqueue_uaf+0x4d6/0x560 [ 13.320061] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.320084] ? workqueue_uaf+0x4d6/0x560 [ 13.320105] kasan_report+0x141/0x180 [ 13.320126] ? workqueue_uaf+0x4d6/0x560 [ 13.320151] __asan_report_load8_noabort+0x18/0x20 [ 13.320201] workqueue_uaf+0x4d6/0x560 [ 13.320224] ? __pfx_workqueue_uaf+0x10/0x10 [ 13.320246] ? __schedule+0x10cc/0x2b60 [ 13.320269] ? __pfx_read_tsc+0x10/0x10 [ 13.320291] ? ktime_get_ts64+0x86/0x230 [ 13.320315] kunit_try_run_case+0x1a5/0x480 [ 13.320340] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.320383] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.320407] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.320431] ? __kthread_parkme+0x82/0x180 [ 13.320513] ? preempt_count_sub+0x50/0x80 [ 13.320538] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.320562] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.320586] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.320611] kthread+0x337/0x6f0 [ 13.320629] ? trace_preempt_on+0x20/0xc0 [ 13.320653] ? __pfx_kthread+0x10/0x10 [ 13.320673] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.320695] ? calculate_sigpending+0x7b/0xa0 [ 13.320718] ? __pfx_kthread+0x10/0x10 [ 13.320739] ret_from_fork+0x116/0x1d0 [ 13.320757] ? __pfx_kthread+0x10/0x10 [ 13.320777] ret_from_fork_asm+0x1a/0x30 [ 13.320807] </TASK> [ 13.320817] [ 13.332997] Allocated by task 217: [ 13.333327] kasan_save_stack+0x45/0x70 [ 13.333866] kasan_save_track+0x18/0x40 [ 13.334230] kasan_save_alloc_info+0x3b/0x50 [ 13.334717] __kasan_kmalloc+0xb7/0xc0 [ 13.335184] __kmalloc_cache_noprof+0x189/0x420 [ 13.335788] workqueue_uaf+0x152/0x560 [ 13.336150] kunit_try_run_case+0x1a5/0x480 [ 13.336449] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.336994] kthread+0x337/0x6f0 [ 13.337121] ret_from_fork+0x116/0x1d0 [ 13.337253] ret_from_fork_asm+0x1a/0x30 [ 13.337457] [ 13.337675] Freed by task 44: [ 13.337960] kasan_save_stack+0x45/0x70 [ 13.338334] kasan_save_track+0x18/0x40 [ 13.338790] kasan_save_free_info+0x3f/0x60 [ 13.339184] __kasan_slab_free+0x56/0x70 [ 13.339677] kfree+0x222/0x3f0 [ 13.339982] workqueue_uaf_work+0x12/0x20 [ 13.340233] process_one_work+0x5ee/0xf60 [ 13.340474] worker_thread+0x758/0x1220 [ 13.340856] kthread+0x337/0x6f0 [ 13.341163] ret_from_fork+0x116/0x1d0 [ 13.341560] ret_from_fork_asm+0x1a/0x30 [ 13.341835] [ 13.341909] Last potentially related work creation: [ 13.342063] kasan_save_stack+0x45/0x70 [ 13.342200] kasan_record_aux_stack+0xb2/0xc0 [ 13.342419] __queue_work+0x626/0xeb0 [ 13.342842] queue_work_on+0xb6/0xc0 [ 13.343257] workqueue_uaf+0x26d/0x560 [ 13.343711] kunit_try_run_case+0x1a5/0x480 [ 13.344243] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.344890] kthread+0x337/0x6f0 [ 13.345212] ret_from_fork+0x116/0x1d0 [ 13.345598] ret_from_fork_asm+0x1a/0x30 [ 13.346102] [ 13.346263] The buggy address belongs to the object at ffff888102d710c0 [ 13.346263] which belongs to the cache kmalloc-32 of size 32 [ 13.346757] The buggy address is located 0 bytes inside of [ 13.346757] freed 32-byte region [ffff888102d710c0, ffff888102d710e0) [ 13.347094] [ 13.347165] The buggy address belongs to the physical page: [ 13.347331] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d71 [ 13.347580] flags: 0x200000000000000(node=0|zone=2) [ 13.347917] page_type: f5(slab) [ 13.348040] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.348269] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.348562] page dumped because: kasan: bad access detected [ 13.348840] [ 13.348937] Memory state around the buggy address: [ 13.349172] ffff888102d70f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.349513] ffff888102d71000: 00 00 03 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 13.349803] >ffff888102d71080: 00 00 00 07 fc fc fc fc fa fb fb fb fc fc fc fc [ 13.350114] ^ [ 13.350376] ffff888102d71100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.350736] ffff888102d71180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.351045] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 13.280567] ================================================================== [ 13.280993] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 13.281225] Read of size 4 at addr ffff8881027abe00 by task swapper/0/0 [ 13.281466] [ 13.281554] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.281641] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.281653] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.281673] Call Trace: [ 13.281701] <IRQ> [ 13.281718] dump_stack_lvl+0x73/0xb0 [ 13.281749] print_report+0xd1/0x650 [ 13.281771] ? __virt_addr_valid+0x1db/0x2d0 [ 13.281881] ? rcu_uaf_reclaim+0x50/0x60 [ 13.281904] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.281927] ? rcu_uaf_reclaim+0x50/0x60 [ 13.281949] kasan_report+0x141/0x180 [ 13.281971] ? rcu_uaf_reclaim+0x50/0x60 [ 13.281996] __asan_report_load4_noabort+0x18/0x20 [ 13.282021] rcu_uaf_reclaim+0x50/0x60 [ 13.282041] rcu_core+0x66f/0x1c40 [ 13.282069] ? __pfx_rcu_core+0x10/0x10 [ 13.282090] ? ktime_get+0x6b/0x150 [ 13.282110] ? handle_softirqs+0x18e/0x730 [ 13.282135] rcu_core_si+0x12/0x20 [ 13.282154] handle_softirqs+0x209/0x730 [ 13.282173] ? hrtimer_interrupt+0x2fe/0x780 [ 13.282195] ? __pfx_handle_softirqs+0x10/0x10 [ 13.282220] __irq_exit_rcu+0xc9/0x110 [ 13.282241] irq_exit_rcu+0x12/0x20 [ 13.282260] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.282286] </IRQ> [ 13.282332] <TASK> [ 13.282342] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.282533] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 13.282756] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d e3 81 21 00 fb f4 <c3> cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 13.282834] RSP: 0000:ffffffffa7407dd8 EFLAGS: 00010212 [ 13.282919] RAX: ffff8881b2872000 RBX: ffffffffa741cac0 RCX: ffffffffa6274105 [ 13.282963] RDX: ffffed102b60618b RSI: 0000000000000004 RDI: 0000000000004e2c [ 13.283007] RBP: ffffffffa7407de0 R08: 0000000000000001 R09: ffffed102b60618a [ 13.283047] R10: ffff88815b030c53 R11: ffffffffa87c36c0 R12: 0000000000000000 [ 13.283092] R13: fffffbfff4e83958 R14: ffffffffa7fb1490 R15: 0000000000000000 [ 13.283148] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 13.283201] ? default_idle+0xd/0x20 [ 13.283223] arch_cpu_idle+0xd/0x20 [ 13.283244] default_idle_call+0x48/0x80 [ 13.283263] do_idle+0x379/0x4f0 [ 13.283288] ? __pfx_do_idle+0x10/0x10 [ 13.283315] cpu_startup_entry+0x5c/0x70 [ 13.283335] rest_init+0x11a/0x140 [ 13.283379] ? acpi_subsystem_init+0x5d/0x150 [ 13.283405] start_kernel+0x330/0x410 [ 13.283430] x86_64_start_reservations+0x1c/0x30 [ 13.283502] x86_64_start_kernel+0x10d/0x120 [ 13.283527] common_startup_64+0x13e/0x148 [ 13.283559] </TASK> [ 13.283569] [ 13.296165] Allocated by task 215: [ 13.296350] kasan_save_stack+0x45/0x70 [ 13.296538] kasan_save_track+0x18/0x40 [ 13.297134] kasan_save_alloc_info+0x3b/0x50 [ 13.297339] __kasan_kmalloc+0xb7/0xc0 [ 13.297635] __kmalloc_cache_noprof+0x189/0x420 [ 13.297994] rcu_uaf+0xb0/0x330 [ 13.298170] kunit_try_run_case+0x1a5/0x480 [ 13.298603] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.298950] kthread+0x337/0x6f0 [ 13.299082] ret_from_fork+0x116/0x1d0 [ 13.299459] ret_from_fork_asm+0x1a/0x30 [ 13.299740] [ 13.299883] Freed by task 0: [ 13.300031] kasan_save_stack+0x45/0x70 [ 13.300381] kasan_save_track+0x18/0x40 [ 13.300882] kasan_save_free_info+0x3f/0x60 [ 13.301104] __kasan_slab_free+0x56/0x70 [ 13.301248] kfree+0x222/0x3f0 [ 13.301638] rcu_uaf_reclaim+0x1f/0x60 [ 13.301815] rcu_core+0x66f/0x1c40 [ 13.301983] rcu_core_si+0x12/0x20 [ 13.302134] handle_softirqs+0x209/0x730 [ 13.302304] __irq_exit_rcu+0xc9/0x110 [ 13.302567] irq_exit_rcu+0x12/0x20 [ 13.303104] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.303290] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.303766] [ 13.303863] Last potentially related work creation: [ 13.304204] kasan_save_stack+0x45/0x70 [ 13.304483] kasan_record_aux_stack+0xb2/0xc0 [ 13.304828] __call_rcu_common.constprop.0+0x7b/0x9e0 [ 13.305033] call_rcu+0x12/0x20 [ 13.305203] rcu_uaf+0x168/0x330 [ 13.305748] kunit_try_run_case+0x1a5/0x480 [ 13.305966] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.306180] kthread+0x337/0x6f0 [ 13.306354] ret_from_fork+0x116/0x1d0 [ 13.306800] ret_from_fork_asm+0x1a/0x30 [ 13.307010] [ 13.307107] The buggy address belongs to the object at ffff8881027abe00 [ 13.307107] which belongs to the cache kmalloc-32 of size 32 [ 13.307813] The buggy address is located 0 bytes inside of [ 13.307813] freed 32-byte region [ffff8881027abe00, ffff8881027abe20) [ 13.308318] [ 13.308466] The buggy address belongs to the physical page: [ 13.308712] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027ab [ 13.309046] flags: 0x200000000000000(node=0|zone=2) [ 13.309254] page_type: f5(slab) [ 13.309422] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.310085] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.310622] page dumped because: kasan: bad access detected [ 13.310954] [ 13.311106] Memory state around the buggy address: [ 13.311318] ffff8881027abd00: 00 00 00 fc fc fc fc fc 00 00 05 fc fc fc fc fc [ 13.311897] ffff8881027abd80: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 13.312276] >ffff8881027abe00: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 13.312680] ^ [ 13.312940] ffff8881027abe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.313346] ffff8881027abf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.313807] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 13.247561] ================================================================== [ 13.247924] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 13.248243] Read of size 1 at addr ffff888102d5f878 by task kunit_try_catch/213 [ 13.248739] [ 13.248837] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.248877] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.248888] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.248907] Call Trace: [ 13.248919] <TASK> [ 13.248932] dump_stack_lvl+0x73/0xb0 [ 13.248960] print_report+0xd1/0x650 [ 13.248982] ? __virt_addr_valid+0x1db/0x2d0 [ 13.249003] ? ksize_uaf+0x5e4/0x6c0 [ 13.249022] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.249045] ? ksize_uaf+0x5e4/0x6c0 [ 13.249066] kasan_report+0x141/0x180 [ 13.249087] ? ksize_uaf+0x5e4/0x6c0 [ 13.249111] __asan_report_load1_noabort+0x18/0x20 [ 13.249136] ksize_uaf+0x5e4/0x6c0 [ 13.249155] ? __pfx_ksize_uaf+0x10/0x10 [ 13.249176] ? __schedule+0x10cc/0x2b60 [ 13.249199] ? __pfx_read_tsc+0x10/0x10 [ 13.249219] ? ktime_get_ts64+0x86/0x230 [ 13.249242] kunit_try_run_case+0x1a5/0x480 [ 13.249265] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.249287] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.249310] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.249334] ? __kthread_parkme+0x82/0x180 [ 13.249354] ? preempt_count_sub+0x50/0x80 [ 13.249390] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.249414] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.249438] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.249462] kthread+0x337/0x6f0 [ 13.249480] ? trace_preempt_on+0x20/0xc0 [ 13.249503] ? __pfx_kthread+0x10/0x10 [ 13.249523] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.249558] ? calculate_sigpending+0x7b/0xa0 [ 13.249582] ? __pfx_kthread+0x10/0x10 [ 13.249602] ret_from_fork+0x116/0x1d0 [ 13.249620] ? __pfx_kthread+0x10/0x10 [ 13.249640] ret_from_fork_asm+0x1a/0x30 [ 13.249670] </TASK> [ 13.249679] [ 13.256882] Allocated by task 213: [ 13.257058] kasan_save_stack+0x45/0x70 [ 13.257256] kasan_save_track+0x18/0x40 [ 13.257501] kasan_save_alloc_info+0x3b/0x50 [ 13.257709] __kasan_kmalloc+0xb7/0xc0 [ 13.257894] __kmalloc_cache_noprof+0x189/0x420 [ 13.258075] ksize_uaf+0xaa/0x6c0 [ 13.258250] kunit_try_run_case+0x1a5/0x480 [ 13.258644] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.258864] kthread+0x337/0x6f0 [ 13.258986] ret_from_fork+0x116/0x1d0 [ 13.259118] ret_from_fork_asm+0x1a/0x30 [ 13.259256] [ 13.259326] Freed by task 213: [ 13.259500] kasan_save_stack+0x45/0x70 [ 13.259698] kasan_save_track+0x18/0x40 [ 13.259891] kasan_save_free_info+0x3f/0x60 [ 13.260330] __kasan_slab_free+0x56/0x70 [ 13.260539] kfree+0x222/0x3f0 [ 13.260766] ksize_uaf+0x12c/0x6c0 [ 13.260960] kunit_try_run_case+0x1a5/0x480 [ 13.261147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.261445] kthread+0x337/0x6f0 [ 13.261592] ret_from_fork+0x116/0x1d0 [ 13.261773] ret_from_fork_asm+0x1a/0x30 [ 13.261911] [ 13.261980] The buggy address belongs to the object at ffff888102d5f800 [ 13.261980] which belongs to the cache kmalloc-128 of size 128 [ 13.262399] The buggy address is located 120 bytes inside of [ 13.262399] freed 128-byte region [ffff888102d5f800, ffff888102d5f880) [ 13.262930] [ 13.263024] The buggy address belongs to the physical page: [ 13.263513] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d5f [ 13.263917] flags: 0x200000000000000(node=0|zone=2) [ 13.264154] page_type: f5(slab) [ 13.264278] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.265712] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.266680] page dumped because: kasan: bad access detected [ 13.266861] [ 13.266932] Memory state around the buggy address: [ 13.267087] ffff888102d5f700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.267303] ffff888102d5f780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.268004] >ffff888102d5f800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.268718] ^ [ 13.269344] ffff888102d5f880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.270030] ffff888102d5f900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.270771] ================================================================== [ 13.184668] ================================================================== [ 13.185471] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 13.185915] Read of size 1 at addr ffff888102d5f800 by task kunit_try_catch/213 [ 13.186144] [ 13.186232] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.186274] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.186285] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.186304] Call Trace: [ 13.186316] <TASK> [ 13.186330] dump_stack_lvl+0x73/0xb0 [ 13.186374] print_report+0xd1/0x650 [ 13.186396] ? __virt_addr_valid+0x1db/0x2d0 [ 13.186418] ? ksize_uaf+0x19d/0x6c0 [ 13.186533] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.186561] ? ksize_uaf+0x19d/0x6c0 [ 13.186582] kasan_report+0x141/0x180 [ 13.186604] ? ksize_uaf+0x19d/0x6c0 [ 13.186627] ? ksize_uaf+0x19d/0x6c0 [ 13.187008] __kasan_check_byte+0x3d/0x50 [ 13.187035] ksize+0x20/0x60 [ 13.187058] ksize_uaf+0x19d/0x6c0 [ 13.187079] ? __pfx_ksize_uaf+0x10/0x10 [ 13.187101] ? __schedule+0x10cc/0x2b60 [ 13.187125] ? __pfx_read_tsc+0x10/0x10 [ 13.187146] ? ktime_get_ts64+0x86/0x230 [ 13.187170] kunit_try_run_case+0x1a5/0x480 [ 13.187193] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.187216] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.187240] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.187264] ? __kthread_parkme+0x82/0x180 [ 13.187284] ? preempt_count_sub+0x50/0x80 [ 13.187307] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.187331] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.187355] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.187400] kthread+0x337/0x6f0 [ 13.187419] ? trace_preempt_on+0x20/0xc0 [ 13.187442] ? __pfx_kthread+0x10/0x10 [ 13.187463] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.187484] ? calculate_sigpending+0x7b/0xa0 [ 13.187508] ? __pfx_kthread+0x10/0x10 [ 13.187529] ret_from_fork+0x116/0x1d0 [ 13.187547] ? __pfx_kthread+0x10/0x10 [ 13.187567] ret_from_fork_asm+0x1a/0x30 [ 13.187597] </TASK> [ 13.187607] [ 13.199581] Allocated by task 213: [ 13.199922] kasan_save_stack+0x45/0x70 [ 13.200299] kasan_save_track+0x18/0x40 [ 13.200713] kasan_save_alloc_info+0x3b/0x50 [ 13.200871] __kasan_kmalloc+0xb7/0xc0 [ 13.201006] __kmalloc_cache_noprof+0x189/0x420 [ 13.201164] ksize_uaf+0xaa/0x6c0 [ 13.201286] kunit_try_run_case+0x1a5/0x480 [ 13.201510] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.202083] kthread+0x337/0x6f0 [ 13.202420] ret_from_fork+0x116/0x1d0 [ 13.202939] ret_from_fork_asm+0x1a/0x30 [ 13.203314] [ 13.203570] Freed by task 213: [ 13.203863] kasan_save_stack+0x45/0x70 [ 13.204226] kasan_save_track+0x18/0x40 [ 13.204691] kasan_save_free_info+0x3f/0x60 [ 13.204887] __kasan_slab_free+0x56/0x70 [ 13.205027] kfree+0x222/0x3f0 [ 13.205142] ksize_uaf+0x12c/0x6c0 [ 13.205266] kunit_try_run_case+0x1a5/0x480 [ 13.205749] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.206232] kthread+0x337/0x6f0 [ 13.207196] ret_from_fork+0x116/0x1d0 [ 13.207661] ret_from_fork_asm+0x1a/0x30 [ 13.208065] [ 13.208211] The buggy address belongs to the object at ffff888102d5f800 [ 13.208211] which belongs to the cache kmalloc-128 of size 128 [ 13.209137] The buggy address is located 0 bytes inside of [ 13.209137] freed 128-byte region [ffff888102d5f800, ffff888102d5f880) [ 13.209590] [ 13.209820] The buggy address belongs to the physical page: [ 13.210790] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d5f [ 13.211520] flags: 0x200000000000000(node=0|zone=2) [ 13.212028] page_type: f5(slab) [ 13.212340] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.212834] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.213082] page dumped because: kasan: bad access detected [ 13.213255] [ 13.213324] Memory state around the buggy address: [ 13.213508] ffff888102d5f700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.214735] ffff888102d5f780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.215366] >ffff888102d5f800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.216089] ^ [ 13.216518] ffff888102d5f880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.217227] ffff888102d5f900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.217999] ================================================================== [ 13.218534] ================================================================== [ 13.218773] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 13.218987] Read of size 1 at addr ffff888102d5f800 by task kunit_try_catch/213 [ 13.219210] [ 13.219295] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.219334] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.219345] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.219394] Call Trace: [ 13.219410] <TASK> [ 13.219426] dump_stack_lvl+0x73/0xb0 [ 13.219455] print_report+0xd1/0x650 [ 13.219477] ? __virt_addr_valid+0x1db/0x2d0 [ 13.219499] ? ksize_uaf+0x5fe/0x6c0 [ 13.219518] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.219541] ? ksize_uaf+0x5fe/0x6c0 [ 13.219561] kasan_report+0x141/0x180 [ 13.219582] ? ksize_uaf+0x5fe/0x6c0 [ 13.219606] __asan_report_load1_noabort+0x18/0x20 [ 13.219631] ksize_uaf+0x5fe/0x6c0 [ 13.219650] ? __pfx_ksize_uaf+0x10/0x10 [ 13.219671] ? __schedule+0x10cc/0x2b60 [ 13.219705] ? __pfx_read_tsc+0x10/0x10 [ 13.219725] ? ktime_get_ts64+0x86/0x230 [ 13.219749] kunit_try_run_case+0x1a5/0x480 [ 13.219773] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.219796] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.219820] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.219843] ? __kthread_parkme+0x82/0x180 [ 13.219863] ? preempt_count_sub+0x50/0x80 [ 13.219886] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.219910] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.219934] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.219958] kthread+0x337/0x6f0 [ 13.219976] ? trace_preempt_on+0x20/0xc0 [ 13.220000] ? __pfx_kthread+0x10/0x10 [ 13.220020] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.220041] ? calculate_sigpending+0x7b/0xa0 [ 13.220064] ? __pfx_kthread+0x10/0x10 [ 13.220085] ret_from_fork+0x116/0x1d0 [ 13.220102] ? __pfx_kthread+0x10/0x10 [ 13.220122] ret_from_fork_asm+0x1a/0x30 [ 13.220153] </TASK> [ 13.220162] [ 13.234583] Allocated by task 213: [ 13.234759] kasan_save_stack+0x45/0x70 [ 13.234907] kasan_save_track+0x18/0x40 [ 13.235043] kasan_save_alloc_info+0x3b/0x50 [ 13.235191] __kasan_kmalloc+0xb7/0xc0 [ 13.235321] __kmalloc_cache_noprof+0x189/0x420 [ 13.235797] ksize_uaf+0xaa/0x6c0 [ 13.236110] kunit_try_run_case+0x1a5/0x480 [ 13.236532] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.237056] kthread+0x337/0x6f0 [ 13.237503] ret_from_fork+0x116/0x1d0 [ 13.237869] ret_from_fork_asm+0x1a/0x30 [ 13.238222] [ 13.238397] Freed by task 213: [ 13.238746] kasan_save_stack+0x45/0x70 [ 13.239093] kasan_save_track+0x18/0x40 [ 13.239492] kasan_save_free_info+0x3f/0x60 [ 13.239827] __kasan_slab_free+0x56/0x70 [ 13.239974] kfree+0x222/0x3f0 [ 13.240091] ksize_uaf+0x12c/0x6c0 [ 13.240223] kunit_try_run_case+0x1a5/0x480 [ 13.240391] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.240567] kthread+0x337/0x6f0 [ 13.240838] ret_from_fork+0x116/0x1d0 [ 13.241083] ret_from_fork_asm+0x1a/0x30 [ 13.241252] [ 13.241323] The buggy address belongs to the object at ffff888102d5f800 [ 13.241323] which belongs to the cache kmalloc-128 of size 128 [ 13.241869] The buggy address is located 0 bytes inside of [ 13.241869] freed 128-byte region [ffff888102d5f800, ffff888102d5f880) [ 13.242778] [ 13.242870] The buggy address belongs to the physical page: [ 13.243087] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d5f [ 13.243411] flags: 0x200000000000000(node=0|zone=2) [ 13.243734] page_type: f5(slab) [ 13.243852] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.244217] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.244678] page dumped because: kasan: bad access detected [ 13.244953] [ 13.245038] Memory state around the buggy address: [ 13.245239] ffff888102d5f700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.245490] ffff888102d5f780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.245812] >ffff888102d5f800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.246094] ^ [ 13.246210] ffff888102d5f880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.246725] ffff888102d5f900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.247118] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 13.149619] ================================================================== [ 13.150400] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.151214] Read of size 1 at addr ffff888102d5f77f by task kunit_try_catch/211 [ 13.151893] [ 13.152009] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.152049] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.152060] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.152079] Call Trace: [ 13.152091] <TASK> [ 13.152106] dump_stack_lvl+0x73/0xb0 [ 13.152135] print_report+0xd1/0x650 [ 13.152157] ? __virt_addr_valid+0x1db/0x2d0 [ 13.152186] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.152209] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.152231] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.152255] kasan_report+0x141/0x180 [ 13.152276] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.152304] __asan_report_load1_noabort+0x18/0x20 [ 13.152328] ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.152352] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.152386] ? finish_task_switch.isra.0+0x153/0x700 [ 13.152618] ? __switch_to+0x47/0xf50 [ 13.152645] ? __schedule+0x10cc/0x2b60 [ 13.152899] ? __pfx_read_tsc+0x10/0x10 [ 13.152922] ? ktime_get_ts64+0x86/0x230 [ 13.152946] kunit_try_run_case+0x1a5/0x480 [ 13.152970] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.152992] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.153016] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.153039] ? __kthread_parkme+0x82/0x180 [ 13.153060] ? preempt_count_sub+0x50/0x80 [ 13.153083] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.153110] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.153134] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.153159] kthread+0x337/0x6f0 [ 13.153177] ? trace_preempt_on+0x20/0xc0 [ 13.153200] ? __pfx_kthread+0x10/0x10 [ 13.153221] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.153242] ? calculate_sigpending+0x7b/0xa0 [ 13.153265] ? __pfx_kthread+0x10/0x10 [ 13.153286] ret_from_fork+0x116/0x1d0 [ 13.153304] ? __pfx_kthread+0x10/0x10 [ 13.153324] ret_from_fork_asm+0x1a/0x30 [ 13.153378] </TASK> [ 13.153389] [ 13.165732] Allocated by task 211: [ 13.165885] kasan_save_stack+0x45/0x70 [ 13.166199] kasan_save_track+0x18/0x40 [ 13.166791] kasan_save_alloc_info+0x3b/0x50 [ 13.166997] __kasan_kmalloc+0xb7/0xc0 [ 13.167479] __kmalloc_cache_noprof+0x189/0x420 [ 13.167694] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.167903] kunit_try_run_case+0x1a5/0x480 [ 13.168110] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.168342] kthread+0x337/0x6f0 [ 13.168957] ret_from_fork+0x116/0x1d0 [ 13.169147] ret_from_fork_asm+0x1a/0x30 [ 13.169481] [ 13.169582] The buggy address belongs to the object at ffff888102d5f700 [ 13.169582] which belongs to the cache kmalloc-128 of size 128 [ 13.170761] The buggy address is located 12 bytes to the right of [ 13.170761] allocated 115-byte region [ffff888102d5f700, ffff888102d5f773) [ 13.171268] [ 13.171374] The buggy address belongs to the physical page: [ 13.171966] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d5f [ 13.172403] flags: 0x200000000000000(node=0|zone=2) [ 13.172837] page_type: f5(slab) [ 13.173116] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.173761] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.174171] page dumped because: kasan: bad access detected [ 13.174654] [ 13.174758] Memory state around the buggy address: [ 13.174980] ffff888102d5f600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.175253] ffff888102d5f680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.176058] >ffff888102d5f700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.176530] ^ [ 13.177219] ffff888102d5f780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.177742] ffff888102d5f800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.178201] ================================================================== [ 13.116078] ================================================================== [ 13.117071] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.117309] Read of size 1 at addr ffff888102d5f778 by task kunit_try_catch/211 [ 13.117631] [ 13.117888] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.117930] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.117940] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.117958] Call Trace: [ 13.117974] <TASK> [ 13.117989] dump_stack_lvl+0x73/0xb0 [ 13.118017] print_report+0xd1/0x650 [ 13.118039] ? __virt_addr_valid+0x1db/0x2d0 [ 13.118060] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.118082] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.118139] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.118164] kasan_report+0x141/0x180 [ 13.118185] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.118224] __asan_report_load1_noabort+0x18/0x20 [ 13.118276] ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.118301] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.118324] ? finish_task_switch.isra.0+0x153/0x700 [ 13.118437] ? __switch_to+0x47/0xf50 [ 13.118464] ? __schedule+0x10cc/0x2b60 [ 13.118486] ? __pfx_read_tsc+0x10/0x10 [ 13.118507] ? ktime_get_ts64+0x86/0x230 [ 13.118530] kunit_try_run_case+0x1a5/0x480 [ 13.118555] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.118577] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.118600] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.118624] ? __kthread_parkme+0x82/0x180 [ 13.118644] ? preempt_count_sub+0x50/0x80 [ 13.118666] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.118690] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.118714] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.118740] kthread+0x337/0x6f0 [ 13.118759] ? trace_preempt_on+0x20/0xc0 [ 13.118781] ? __pfx_kthread+0x10/0x10 [ 13.118802] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.118823] ? calculate_sigpending+0x7b/0xa0 [ 13.118847] ? __pfx_kthread+0x10/0x10 [ 13.118867] ret_from_fork+0x116/0x1d0 [ 13.118885] ? __pfx_kthread+0x10/0x10 [ 13.118905] ret_from_fork_asm+0x1a/0x30 [ 13.118936] </TASK> [ 13.118946] [ 13.133872] Allocated by task 211: [ 13.134236] kasan_save_stack+0x45/0x70 [ 13.134713] kasan_save_track+0x18/0x40 [ 13.135097] kasan_save_alloc_info+0x3b/0x50 [ 13.135568] __kasan_kmalloc+0xb7/0xc0 [ 13.135911] __kmalloc_cache_noprof+0x189/0x420 [ 13.136071] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.136229] kunit_try_run_case+0x1a5/0x480 [ 13.136402] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.137015] kthread+0x337/0x6f0 [ 13.137382] ret_from_fork+0x116/0x1d0 [ 13.137855] ret_from_fork_asm+0x1a/0x30 [ 13.138304] [ 13.138510] The buggy address belongs to the object at ffff888102d5f700 [ 13.138510] which belongs to the cache kmalloc-128 of size 128 [ 13.139823] The buggy address is located 5 bytes to the right of [ 13.139823] allocated 115-byte region [ffff888102d5f700, ffff888102d5f773) [ 13.140884] [ 13.141048] The buggy address belongs to the physical page: [ 13.141621] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d5f [ 13.142166] flags: 0x200000000000000(node=0|zone=2) [ 13.142564] page_type: f5(slab) [ 13.142953] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.143477] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.144043] page dumped because: kasan: bad access detected [ 13.144226] [ 13.144296] Memory state around the buggy address: [ 13.144473] ffff888102d5f600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.145085] ffff888102d5f680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.145786] >ffff888102d5f700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.146525] ^ [ 13.147171] ffff888102d5f780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.148042] ffff888102d5f800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.148815] ================================================================== [ 13.084278] ================================================================== [ 13.085797] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 13.086889] Read of size 1 at addr ffff888102d5f773 by task kunit_try_catch/211 [ 13.087764] [ 13.087952] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.087999] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.088045] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.088066] Call Trace: [ 13.088078] <TASK> [ 13.088096] dump_stack_lvl+0x73/0xb0 [ 13.088128] print_report+0xd1/0x650 [ 13.088151] ? __virt_addr_valid+0x1db/0x2d0 [ 13.088174] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.088207] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.088230] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.088254] kasan_report+0x141/0x180 [ 13.088275] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.088303] __asan_report_load1_noabort+0x18/0x20 [ 13.088327] ksize_unpoisons_memory+0x81c/0x9b0 [ 13.088376] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.088400] ? finish_task_switch.isra.0+0x153/0x700 [ 13.088424] ? __switch_to+0x47/0xf50 [ 13.088496] ? __schedule+0x10cc/0x2b60 [ 13.088662] ? __pfx_read_tsc+0x10/0x10 [ 13.088686] ? ktime_get_ts64+0x86/0x230 [ 13.088711] kunit_try_run_case+0x1a5/0x480 [ 13.088737] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.088760] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.088784] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.088807] ? __kthread_parkme+0x82/0x180 [ 13.088828] ? preempt_count_sub+0x50/0x80 [ 13.088851] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.088875] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.088899] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.088923] kthread+0x337/0x6f0 [ 13.088942] ? trace_preempt_on+0x20/0xc0 [ 13.088966] ? __pfx_kthread+0x10/0x10 [ 13.088986] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.089007] ? calculate_sigpending+0x7b/0xa0 [ 13.089031] ? __pfx_kthread+0x10/0x10 [ 13.089052] ret_from_fork+0x116/0x1d0 [ 13.089071] ? __pfx_kthread+0x10/0x10 [ 13.089091] ret_from_fork_asm+0x1a/0x30 [ 13.089121] </TASK> [ 13.089132] [ 13.100766] Allocated by task 211: [ 13.100907] kasan_save_stack+0x45/0x70 [ 13.101052] kasan_save_track+0x18/0x40 [ 13.101185] kasan_save_alloc_info+0x3b/0x50 [ 13.101330] __kasan_kmalloc+0xb7/0xc0 [ 13.101804] __kmalloc_cache_noprof+0x189/0x420 [ 13.102241] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.102786] kunit_try_run_case+0x1a5/0x480 [ 13.103203] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.103924] kthread+0x337/0x6f0 [ 13.104286] ret_from_fork+0x116/0x1d0 [ 13.104759] ret_from_fork_asm+0x1a/0x30 [ 13.105235] [ 13.105502] The buggy address belongs to the object at ffff888102d5f700 [ 13.105502] which belongs to the cache kmalloc-128 of size 128 [ 13.106424] The buggy address is located 0 bytes to the right of [ 13.106424] allocated 115-byte region [ffff888102d5f700, ffff888102d5f773) [ 13.107743] [ 13.107919] The buggy address belongs to the physical page: [ 13.108231] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d5f [ 13.108906] flags: 0x200000000000000(node=0|zone=2) [ 13.109458] page_type: f5(slab) [ 13.109800] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.110282] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.110906] page dumped because: kasan: bad access detected [ 13.111100] [ 13.111240] Memory state around the buggy address: [ 13.111888] ffff888102d5f600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.112551] ffff888102d5f680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.112938] >ffff888102d5f700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.113155] ^ [ 13.113421] ffff888102d5f780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.114139] ffff888102d5f800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.114892] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 13.056483] ================================================================== [ 13.056849] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 13.057156] Free of addr ffff888102749dc0 by task kunit_try_catch/209 [ 13.057582] [ 13.057684] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.057728] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.057739] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.057758] Call Trace: [ 13.057770] <TASK> [ 13.057787] dump_stack_lvl+0x73/0xb0 [ 13.057816] print_report+0xd1/0x650 [ 13.057838] ? __virt_addr_valid+0x1db/0x2d0 [ 13.057862] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.057884] ? kfree_sensitive+0x2e/0x90 [ 13.057905] kasan_report_invalid_free+0x10a/0x130 [ 13.057929] ? kfree_sensitive+0x2e/0x90 [ 13.057951] ? kfree_sensitive+0x2e/0x90 [ 13.057970] check_slab_allocation+0x101/0x130 [ 13.058017] __kasan_slab_pre_free+0x28/0x40 [ 13.058045] kfree+0xf0/0x3f0 [ 13.058067] ? kfree_sensitive+0x2e/0x90 [ 13.058101] kfree_sensitive+0x2e/0x90 [ 13.058127] kmalloc_double_kzfree+0x19c/0x350 [ 13.058159] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 13.058191] ? __schedule+0x10cc/0x2b60 [ 13.058220] ? __pfx_read_tsc+0x10/0x10 [ 13.058246] ? ktime_get_ts64+0x86/0x230 [ 13.058280] kunit_try_run_case+0x1a5/0x480 [ 13.058314] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.058373] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.058397] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.058436] ? __kthread_parkme+0x82/0x180 [ 13.058457] ? preempt_count_sub+0x50/0x80 [ 13.058481] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.058505] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.058529] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.058554] kthread+0x337/0x6f0 [ 13.058572] ? trace_preempt_on+0x20/0xc0 [ 13.058595] ? __pfx_kthread+0x10/0x10 [ 13.058615] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.058637] ? calculate_sigpending+0x7b/0xa0 [ 13.058660] ? __pfx_kthread+0x10/0x10 [ 13.058681] ret_from_fork+0x116/0x1d0 [ 13.058699] ? __pfx_kthread+0x10/0x10 [ 13.058719] ret_from_fork_asm+0x1a/0x30 [ 13.058749] </TASK> [ 13.058760] [ 13.067135] Allocated by task 209: [ 13.067499] kasan_save_stack+0x45/0x70 [ 13.067853] kasan_save_track+0x18/0x40 [ 13.068052] kasan_save_alloc_info+0x3b/0x50 [ 13.068274] __kasan_kmalloc+0xb7/0xc0 [ 13.068521] __kmalloc_cache_noprof+0x189/0x420 [ 13.068823] kmalloc_double_kzfree+0xa9/0x350 [ 13.069017] kunit_try_run_case+0x1a5/0x480 [ 13.069240] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.069728] kthread+0x337/0x6f0 [ 13.069980] ret_from_fork+0x116/0x1d0 [ 13.070195] ret_from_fork_asm+0x1a/0x30 [ 13.070333] [ 13.070418] Freed by task 209: [ 13.070627] kasan_save_stack+0x45/0x70 [ 13.070872] kasan_save_track+0x18/0x40 [ 13.071081] kasan_save_free_info+0x3f/0x60 [ 13.071388] __kasan_slab_free+0x56/0x70 [ 13.071561] kfree+0x222/0x3f0 [ 13.071682] kfree_sensitive+0x67/0x90 [ 13.071821] kmalloc_double_kzfree+0x12b/0x350 [ 13.071974] kunit_try_run_case+0x1a5/0x480 [ 13.072120] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.072628] kthread+0x337/0x6f0 [ 13.072916] ret_from_fork+0x116/0x1d0 [ 13.073199] ret_from_fork_asm+0x1a/0x30 [ 13.073435] [ 13.073530] The buggy address belongs to the object at ffff888102749dc0 [ 13.073530] which belongs to the cache kmalloc-16 of size 16 [ 13.074164] The buggy address is located 0 bytes inside of [ 13.074164] 16-byte region [ffff888102749dc0, ffff888102749dd0) [ 13.074518] [ 13.074590] The buggy address belongs to the physical page: [ 13.074758] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102749 [ 13.075501] flags: 0x200000000000000(node=0|zone=2) [ 13.076008] page_type: f5(slab) [ 13.076256] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.076608] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.076835] page dumped because: kasan: bad access detected [ 13.077007] [ 13.077181] Memory state around the buggy address: [ 13.077597] ffff888102749c80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.078310] ffff888102749d00: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.078798] >ffff888102749d80: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 13.079082] ^ [ 13.079436] ffff888102749e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.079651] ffff888102749e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.079860] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 13.017800] ================================================================== [ 13.019319] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 13.019729] Read of size 1 at addr ffff888102749dc0 by task kunit_try_catch/209 [ 13.019976] [ 13.020401] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.020489] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.020501] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.020686] Call Trace: [ 13.020703] <TASK> [ 13.020721] dump_stack_lvl+0x73/0xb0 [ 13.020879] print_report+0xd1/0x650 [ 13.020905] ? __virt_addr_valid+0x1db/0x2d0 [ 13.020929] ? kmalloc_double_kzfree+0x19c/0x350 [ 13.020952] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.020975] ? kmalloc_double_kzfree+0x19c/0x350 [ 13.020999] kasan_report+0x141/0x180 [ 13.021020] ? kmalloc_double_kzfree+0x19c/0x350 [ 13.021047] ? kmalloc_double_kzfree+0x19c/0x350 [ 13.021070] __kasan_check_byte+0x3d/0x50 [ 13.021093] kfree_sensitive+0x22/0x90 [ 13.021116] kmalloc_double_kzfree+0x19c/0x350 [ 13.021139] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 13.021163] ? __schedule+0x10cc/0x2b60 [ 13.021186] ? __pfx_read_tsc+0x10/0x10 [ 13.021208] ? ktime_get_ts64+0x86/0x230 [ 13.021233] kunit_try_run_case+0x1a5/0x480 [ 13.021258] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.021281] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.021305] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.021329] ? __kthread_parkme+0x82/0x180 [ 13.021385] ? preempt_count_sub+0x50/0x80 [ 13.021410] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.021451] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.021475] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.021500] kthread+0x337/0x6f0 [ 13.021519] ? trace_preempt_on+0x20/0xc0 [ 13.021542] ? __pfx_kthread+0x10/0x10 [ 13.021562] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.021584] ? calculate_sigpending+0x7b/0xa0 [ 13.021608] ? __pfx_kthread+0x10/0x10 [ 13.021629] ret_from_fork+0x116/0x1d0 [ 13.021647] ? __pfx_kthread+0x10/0x10 [ 13.021667] ret_from_fork_asm+0x1a/0x30 [ 13.021699] </TASK> [ 13.021710] [ 13.036976] Allocated by task 209: [ 13.037476] kasan_save_stack+0x45/0x70 [ 13.038013] kasan_save_track+0x18/0x40 [ 13.038519] kasan_save_alloc_info+0x3b/0x50 [ 13.039256] __kasan_kmalloc+0xb7/0xc0 [ 13.039886] __kmalloc_cache_noprof+0x189/0x420 [ 13.040460] kmalloc_double_kzfree+0xa9/0x350 [ 13.041036] kunit_try_run_case+0x1a5/0x480 [ 13.041696] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.042164] kthread+0x337/0x6f0 [ 13.042292] ret_from_fork+0x116/0x1d0 [ 13.042657] ret_from_fork_asm+0x1a/0x30 [ 13.043242] [ 13.043719] Freed by task 209: [ 13.044144] kasan_save_stack+0x45/0x70 [ 13.044667] kasan_save_track+0x18/0x40 [ 13.044821] kasan_save_free_info+0x3f/0x60 [ 13.045423] __kasan_slab_free+0x56/0x70 [ 13.045865] kfree+0x222/0x3f0 [ 13.045994] kfree_sensitive+0x67/0x90 [ 13.046128] kmalloc_double_kzfree+0x12b/0x350 [ 13.046279] kunit_try_run_case+0x1a5/0x480 [ 13.046727] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.047599] kthread+0x337/0x6f0 [ 13.048033] ret_from_fork+0x116/0x1d0 [ 13.048536] ret_from_fork_asm+0x1a/0x30 [ 13.049706] [ 13.049880] The buggy address belongs to the object at ffff888102749dc0 [ 13.049880] which belongs to the cache kmalloc-16 of size 16 [ 13.050706] The buggy address is located 0 bytes inside of [ 13.050706] freed 16-byte region [ffff888102749dc0, ffff888102749dd0) [ 13.051137] [ 13.051235] The buggy address belongs to the physical page: [ 13.051645] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102749 [ 13.052020] flags: 0x200000000000000(node=0|zone=2) [ 13.052236] page_type: f5(slab) [ 13.052407] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.052716] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.053084] page dumped because: kasan: bad access detected [ 13.053311] [ 13.053494] Memory state around the buggy address: [ 13.053734] ffff888102749c80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.054064] ffff888102749d00: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.054370] >ffff888102749d80: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 13.054716] ^ [ 13.054937] ffff888102749e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.055150] ffff888102749e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.055505] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 12.990092] ================================================================== [ 12.990659] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 12.990951] Read of size 1 at addr ffff888102d67fa8 by task kunit_try_catch/205 [ 12.991213] [ 12.991324] CPU: 1 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.991375] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.991386] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.991405] Call Trace: [ 12.991416] <TASK> [ 12.991431] dump_stack_lvl+0x73/0xb0 [ 12.991460] print_report+0xd1/0x650 [ 12.991483] ? __virt_addr_valid+0x1db/0x2d0 [ 12.991506] ? kmalloc_uaf2+0x4a8/0x520 [ 12.991525] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.991548] ? kmalloc_uaf2+0x4a8/0x520 [ 12.991568] kasan_report+0x141/0x180 [ 12.991589] ? kmalloc_uaf2+0x4a8/0x520 [ 12.991613] __asan_report_load1_noabort+0x18/0x20 [ 12.991638] kmalloc_uaf2+0x4a8/0x520 [ 12.991658] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 12.991699] ? finish_task_switch.isra.0+0x153/0x700 [ 12.991740] ? __switch_to+0x47/0xf50 [ 12.991767] ? __schedule+0x10cc/0x2b60 [ 12.991791] ? __pfx_read_tsc+0x10/0x10 [ 12.991813] ? ktime_get_ts64+0x86/0x230 [ 12.991838] kunit_try_run_case+0x1a5/0x480 [ 12.991863] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.991886] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.991910] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.991933] ? __kthread_parkme+0x82/0x180 [ 12.991954] ? preempt_count_sub+0x50/0x80 [ 12.991976] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.992000] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.992024] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.992049] kthread+0x337/0x6f0 [ 12.992067] ? trace_preempt_on+0x20/0xc0 [ 12.992091] ? __pfx_kthread+0x10/0x10 [ 12.992112] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.992133] ? calculate_sigpending+0x7b/0xa0 [ 12.992157] ? __pfx_kthread+0x10/0x10 [ 12.992184] ret_from_fork+0x116/0x1d0 [ 12.992202] ? __pfx_kthread+0x10/0x10 [ 12.992222] ret_from_fork_asm+0x1a/0x30 [ 12.992266] </TASK> [ 12.992275] [ 12.999600] Allocated by task 205: [ 13.000390] kasan_save_stack+0x45/0x70 [ 13.000590] kasan_save_track+0x18/0x40 [ 13.000916] kasan_save_alloc_info+0x3b/0x50 [ 13.001073] __kasan_kmalloc+0xb7/0xc0 [ 13.001207] __kmalloc_cache_noprof+0x189/0x420 [ 13.001374] kmalloc_uaf2+0xc6/0x520 [ 13.001756] kunit_try_run_case+0x1a5/0x480 [ 13.001965] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.002200] kthread+0x337/0x6f0 [ 13.002405] ret_from_fork+0x116/0x1d0 [ 13.002599] ret_from_fork_asm+0x1a/0x30 [ 13.002763] [ 13.002857] Freed by task 205: [ 13.002996] kasan_save_stack+0x45/0x70 [ 13.003164] kasan_save_track+0x18/0x40 [ 13.003330] kasan_save_free_info+0x3f/0x60 [ 13.003485] __kasan_slab_free+0x56/0x70 [ 13.003623] kfree+0x222/0x3f0 [ 13.003894] kmalloc_uaf2+0x14c/0x520 [ 13.004080] kunit_try_run_case+0x1a5/0x480 [ 13.004289] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.004521] kthread+0x337/0x6f0 [ 13.004664] ret_from_fork+0x116/0x1d0 [ 13.004796] ret_from_fork_asm+0x1a/0x30 [ 13.004934] [ 13.005004] The buggy address belongs to the object at ffff888102d67f80 [ 13.005004] which belongs to the cache kmalloc-64 of size 64 [ 13.005673] The buggy address is located 40 bytes inside of [ 13.005673] freed 64-byte region [ffff888102d67f80, ffff888102d67fc0) [ 13.006122] [ 13.006195] The buggy address belongs to the physical page: [ 13.006375] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d67 [ 13.007110] flags: 0x200000000000000(node=0|zone=2) [ 13.007508] page_type: f5(slab) [ 13.007641] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.008086] raw: 0000000000000000 0000000000200020 00000000f5000000 0000000000000000 [ 13.008440] page dumped because: kasan: bad access detected [ 13.008709] [ 13.008778] Memory state around the buggy address: [ 13.008932] ffff888102d67e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.009147] ffff888102d67f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.009653] >ffff888102d67f80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.009932] ^ [ 13.010079] ffff888102d68000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.010304] ffff888102d68080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.010903] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 12.967590] ================================================================== [ 12.968010] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 12.968316] Write of size 33 at addr ffff8881027af600 by task kunit_try_catch/203 [ 12.968688] [ 12.968780] CPU: 0 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.968822] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.968833] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.968852] Call Trace: [ 12.968863] <TASK> [ 12.968878] dump_stack_lvl+0x73/0xb0 [ 12.968907] print_report+0xd1/0x650 [ 12.968929] ? __virt_addr_valid+0x1db/0x2d0 [ 12.968952] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.968973] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.968996] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.969017] kasan_report+0x141/0x180 [ 12.969039] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.969065] kasan_check_range+0x10c/0x1c0 [ 12.969088] __asan_memset+0x27/0x50 [ 12.969107] kmalloc_uaf_memset+0x1a3/0x360 [ 12.969128] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 12.969152] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 12.969178] kunit_try_run_case+0x1a5/0x480 [ 12.969201] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.969224] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.969248] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.969271] ? __kthread_parkme+0x82/0x180 [ 12.969292] ? preempt_count_sub+0x50/0x80 [ 12.969316] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.969340] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.969376] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.969402] kthread+0x337/0x6f0 [ 12.969421] ? trace_preempt_on+0x20/0xc0 [ 12.969457] ? __pfx_kthread+0x10/0x10 [ 12.969477] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.969498] ? calculate_sigpending+0x7b/0xa0 [ 12.969522] ? __pfx_kthread+0x10/0x10 [ 12.969542] ret_from_fork+0x116/0x1d0 [ 12.969562] ? __pfx_kthread+0x10/0x10 [ 12.969583] ret_from_fork_asm+0x1a/0x30 [ 12.969613] </TASK> [ 12.969623] [ 12.975864] Allocated by task 203: [ 12.975998] kasan_save_stack+0x45/0x70 [ 12.976200] kasan_save_track+0x18/0x40 [ 12.976405] kasan_save_alloc_info+0x3b/0x50 [ 12.976618] __kasan_kmalloc+0xb7/0xc0 [ 12.976805] __kmalloc_cache_noprof+0x189/0x420 [ 12.977077] kmalloc_uaf_memset+0xa9/0x360 [ 12.977287] kunit_try_run_case+0x1a5/0x480 [ 12.977554] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.977773] kthread+0x337/0x6f0 [ 12.977891] ret_from_fork+0x116/0x1d0 [ 12.978022] ret_from_fork_asm+0x1a/0x30 [ 12.978218] [ 12.978314] Freed by task 203: [ 12.978478] kasan_save_stack+0x45/0x70 [ 12.978655] kasan_save_track+0x18/0x40 [ 12.978888] kasan_save_free_info+0x3f/0x60 [ 12.979075] __kasan_slab_free+0x56/0x70 [ 12.979210] kfree+0x222/0x3f0 [ 12.979325] kmalloc_uaf_memset+0x12b/0x360 [ 12.979478] kunit_try_run_case+0x1a5/0x480 [ 12.979623] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.980009] kthread+0x337/0x6f0 [ 12.980175] ret_from_fork+0x116/0x1d0 [ 12.980374] ret_from_fork_asm+0x1a/0x30 [ 12.980566] [ 12.980676] The buggy address belongs to the object at ffff8881027af600 [ 12.980676] which belongs to the cache kmalloc-64 of size 64 [ 12.981111] The buggy address is located 0 bytes inside of [ 12.981111] freed 64-byte region [ffff8881027af600, ffff8881027af640) [ 12.981466] [ 12.981538] The buggy address belongs to the physical page: [ 12.981709] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027af [ 12.982054] flags: 0x200000000000000(node=0|zone=2) [ 12.982286] page_type: f5(slab) [ 12.982463] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.983034] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.983296] page dumped because: kasan: bad access detected [ 12.983528] [ 12.983631] Memory state around the buggy address: [ 12.983861] ffff8881027af500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.984137] ffff8881027af580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.984403] >ffff8881027af600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.984612] ^ [ 12.984725] ffff8881027af680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.985286] ffff8881027af700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.985693] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 12.940873] ================================================================== [ 12.941966] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 12.942599] Read of size 1 at addr ffff888102749da8 by task kunit_try_catch/201 [ 12.943219] [ 12.943375] CPU: 0 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.943416] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.943444] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.943463] Call Trace: [ 12.943475] <TASK> [ 12.943490] dump_stack_lvl+0x73/0xb0 [ 12.943518] print_report+0xd1/0x650 [ 12.943540] ? __virt_addr_valid+0x1db/0x2d0 [ 12.943561] ? kmalloc_uaf+0x320/0x380 [ 12.943580] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.943602] ? kmalloc_uaf+0x320/0x380 [ 12.943622] kasan_report+0x141/0x180 [ 12.943643] ? kmalloc_uaf+0x320/0x380 [ 12.943667] __asan_report_load1_noabort+0x18/0x20 [ 12.943691] kmalloc_uaf+0x320/0x380 [ 12.943710] ? __pfx_kmalloc_uaf+0x10/0x10 [ 12.943730] ? __schedule+0x10cc/0x2b60 [ 12.943752] ? __pfx_read_tsc+0x10/0x10 [ 12.943772] ? ktime_get_ts64+0x86/0x230 [ 12.943796] kunit_try_run_case+0x1a5/0x480 [ 12.943821] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.943843] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.943867] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.943890] ? __kthread_parkme+0x82/0x180 [ 12.943910] ? preempt_count_sub+0x50/0x80 [ 12.943933] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.943957] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.943981] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.944005] kthread+0x337/0x6f0 [ 12.944024] ? trace_preempt_on+0x20/0xc0 [ 12.944046] ? __pfx_kthread+0x10/0x10 [ 12.944066] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.944087] ? calculate_sigpending+0x7b/0xa0 [ 12.944111] ? __pfx_kthread+0x10/0x10 [ 12.944131] ret_from_fork+0x116/0x1d0 [ 12.944149] ? __pfx_kthread+0x10/0x10 [ 12.944169] ret_from_fork_asm+0x1a/0x30 [ 12.944203] </TASK> [ 12.944212] [ 12.953748] Allocated by task 201: [ 12.953870] kasan_save_stack+0x45/0x70 [ 12.954082] kasan_save_track+0x18/0x40 [ 12.954275] kasan_save_alloc_info+0x3b/0x50 [ 12.954530] __kasan_kmalloc+0xb7/0xc0 [ 12.954667] __kmalloc_cache_noprof+0x189/0x420 [ 12.954822] kmalloc_uaf+0xaa/0x380 [ 12.955002] kunit_try_run_case+0x1a5/0x480 [ 12.955207] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.955516] kthread+0x337/0x6f0 [ 12.955672] ret_from_fork+0x116/0x1d0 [ 12.955835] ret_from_fork_asm+0x1a/0x30 [ 12.956031] [ 12.956104] Freed by task 201: [ 12.956251] kasan_save_stack+0x45/0x70 [ 12.956464] kasan_save_track+0x18/0x40 [ 12.956598] kasan_save_free_info+0x3f/0x60 [ 12.956742] __kasan_slab_free+0x56/0x70 [ 12.956877] kfree+0x222/0x3f0 [ 12.957017] kmalloc_uaf+0x12c/0x380 [ 12.957195] kunit_try_run_case+0x1a5/0x480 [ 12.957407] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.957656] kthread+0x337/0x6f0 [ 12.957820] ret_from_fork+0x116/0x1d0 [ 12.958016] ret_from_fork_asm+0x1a/0x30 [ 12.958153] [ 12.958221] The buggy address belongs to the object at ffff888102749da0 [ 12.958221] which belongs to the cache kmalloc-16 of size 16 [ 12.959021] The buggy address is located 8 bytes inside of [ 12.959021] freed 16-byte region [ffff888102749da0, ffff888102749db0) [ 12.959545] [ 12.959634] The buggy address belongs to the physical page: [ 12.959847] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102749 [ 12.960117] flags: 0x200000000000000(node=0|zone=2) [ 12.960309] page_type: f5(slab) [ 12.960502] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.960810] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.961112] page dumped because: kasan: bad access detected [ 12.961333] [ 12.961434] Memory state around the buggy address: [ 12.961631] ffff888102749c80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.961885] ffff888102749d00: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.962206] >ffff888102749d80: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 12.962506] ^ [ 12.962654] ffff888102749e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.962872] ffff888102749e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.963082] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 12.910187] ================================================================== [ 12.910803] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.911059] Read of size 64 at addr ffff8881027af484 by task kunit_try_catch/199 [ 12.911280] [ 12.911384] CPU: 0 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.911425] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.911435] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.911454] Call Trace: [ 12.911465] <TASK> [ 12.911479] dump_stack_lvl+0x73/0xb0 [ 12.911507] print_report+0xd1/0x650 [ 12.911529] ? __virt_addr_valid+0x1db/0x2d0 [ 12.911550] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.911574] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.911596] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.911621] kasan_report+0x141/0x180 [ 12.911642] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.911671] kasan_check_range+0x10c/0x1c0 [ 12.911694] __asan_memmove+0x27/0x70 [ 12.911714] kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.911738] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 12.911764] ? __schedule+0x10cc/0x2b60 [ 12.911785] ? __pfx_read_tsc+0x10/0x10 [ 12.911806] ? ktime_get_ts64+0x86/0x230 [ 12.911829] kunit_try_run_case+0x1a5/0x480 [ 12.911852] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.911875] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.911898] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.911921] ? __kthread_parkme+0x82/0x180 [ 12.912218] ? preempt_count_sub+0x50/0x80 [ 12.912248] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.912273] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.912297] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.912322] kthread+0x337/0x6f0 [ 12.912341] ? trace_preempt_on+0x20/0xc0 [ 12.912391] ? __pfx_kthread+0x10/0x10 [ 12.912522] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.912544] ? calculate_sigpending+0x7b/0xa0 [ 12.912567] ? __pfx_kthread+0x10/0x10 [ 12.912588] ret_from_fork+0x116/0x1d0 [ 12.912607] ? __pfx_kthread+0x10/0x10 [ 12.912627] ret_from_fork_asm+0x1a/0x30 [ 12.912658] </TASK> [ 12.912669] [ 12.923637] Allocated by task 199: [ 12.923769] kasan_save_stack+0x45/0x70 [ 12.923919] kasan_save_track+0x18/0x40 [ 12.924055] kasan_save_alloc_info+0x3b/0x50 [ 12.924210] __kasan_kmalloc+0xb7/0xc0 [ 12.924342] __kmalloc_cache_noprof+0x189/0x420 [ 12.924509] kmalloc_memmove_invalid_size+0xac/0x330 [ 12.924677] kunit_try_run_case+0x1a5/0x480 [ 12.924822] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.924996] kthread+0x337/0x6f0 [ 12.925113] ret_from_fork+0x116/0x1d0 [ 12.925243] ret_from_fork_asm+0x1a/0x30 [ 12.925883] [ 12.926310] The buggy address belongs to the object at ffff8881027af480 [ 12.926310] which belongs to the cache kmalloc-64 of size 64 [ 12.927411] The buggy address is located 4 bytes inside of [ 12.927411] allocated 64-byte region [ffff8881027af480, ffff8881027af4c0) [ 12.928652] [ 12.928852] The buggy address belongs to the physical page: [ 12.929389] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027af [ 12.930507] flags: 0x200000000000000(node=0|zone=2) [ 12.931052] page_type: f5(slab) [ 12.931384] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.932213] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.932971] page dumped because: kasan: bad access detected [ 12.933480] [ 12.933796] Memory state around the buggy address: [ 12.934215] ffff8881027af380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.935081] ffff8881027af400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.935318] >ffff8881027af480: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 12.935999] ^ [ 12.936542] ffff8881027af500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.936990] ffff8881027af580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.937203] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 12.881591] ================================================================== [ 12.882150] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 12.882600] Read of size 18446744073709551614 at addr ffff888102d67c04 by task kunit_try_catch/197 [ 12.883243] [ 12.883517] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.883575] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.883586] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.883606] Call Trace: [ 12.883618] <TASK> [ 12.883633] dump_stack_lvl+0x73/0xb0 [ 12.883664] print_report+0xd1/0x650 [ 12.883686] ? __virt_addr_valid+0x1db/0x2d0 [ 12.883722] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.883747] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.883770] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.883816] kasan_report+0x141/0x180 [ 12.883838] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.883868] kasan_check_range+0x10c/0x1c0 [ 12.883891] __asan_memmove+0x27/0x70 [ 12.883911] kmalloc_memmove_negative_size+0x171/0x330 [ 12.883936] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 12.883963] ? __schedule+0x10cc/0x2b60 [ 12.883986] ? __pfx_read_tsc+0x10/0x10 [ 12.884007] ? ktime_get_ts64+0x86/0x230 [ 12.884031] kunit_try_run_case+0x1a5/0x480 [ 12.884055] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.884078] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.884101] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.884125] ? __kthread_parkme+0x82/0x180 [ 12.884145] ? preempt_count_sub+0x50/0x80 [ 12.884169] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.884199] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.884223] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.884248] kthread+0x337/0x6f0 [ 12.884267] ? trace_preempt_on+0x20/0xc0 [ 12.884290] ? __pfx_kthread+0x10/0x10 [ 12.884311] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.884332] ? calculate_sigpending+0x7b/0xa0 [ 12.884357] ? __pfx_kthread+0x10/0x10 [ 12.884390] ret_from_fork+0x116/0x1d0 [ 12.884409] ? __pfx_kthread+0x10/0x10 [ 12.884429] ret_from_fork_asm+0x1a/0x30 [ 12.884467] </TASK> [ 12.884478] [ 12.895572] Allocated by task 197: [ 12.896075] kasan_save_stack+0x45/0x70 [ 12.896342] kasan_save_track+0x18/0x40 [ 12.896795] kasan_save_alloc_info+0x3b/0x50 [ 12.896986] __kasan_kmalloc+0xb7/0xc0 [ 12.897123] __kmalloc_cache_noprof+0x189/0x420 [ 12.897416] kmalloc_memmove_negative_size+0xac/0x330 [ 12.897666] kunit_try_run_case+0x1a5/0x480 [ 12.898225] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.898508] kthread+0x337/0x6f0 [ 12.898890] ret_from_fork+0x116/0x1d0 [ 12.899102] ret_from_fork_asm+0x1a/0x30 [ 12.899326] [ 12.899436] The buggy address belongs to the object at ffff888102d67c00 [ 12.899436] which belongs to the cache kmalloc-64 of size 64 [ 12.900250] The buggy address is located 4 bytes inside of [ 12.900250] 64-byte region [ffff888102d67c00, ffff888102d67c40) [ 12.900869] [ 12.900989] The buggy address belongs to the physical page: [ 12.901281] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d67 [ 12.901949] flags: 0x200000000000000(node=0|zone=2) [ 12.902194] page_type: f5(slab) [ 12.902347] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.902743] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.903085] page dumped because: kasan: bad access detected [ 12.903388] [ 12.903499] Memory state around the buggy address: [ 12.903763] ffff888102d67b00: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 12.904329] ffff888102d67b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.904746] >ffff888102d67c00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 12.905066] ^ [ 12.905205] ffff888102d67c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.905752] ffff888102d67d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.906065] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 12.855482] ================================================================== [ 12.856067] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 12.856498] Write of size 16 at addr ffff888102d5f669 by task kunit_try_catch/195 [ 12.857315] [ 12.857482] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.857555] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.857568] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.857605] Call Trace: [ 12.857616] <TASK> [ 12.857643] dump_stack_lvl+0x73/0xb0 [ 12.857675] print_report+0xd1/0x650 [ 12.857697] ? __virt_addr_valid+0x1db/0x2d0 [ 12.857718] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.857739] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.857762] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.857808] kasan_report+0x141/0x180 [ 12.857830] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.857857] kasan_check_range+0x10c/0x1c0 [ 12.857907] __asan_memset+0x27/0x50 [ 12.857936] kmalloc_oob_memset_16+0x166/0x330 [ 12.857958] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 12.857981] ? __schedule+0x10cc/0x2b60 [ 12.858005] ? __pfx_read_tsc+0x10/0x10 [ 12.858026] ? ktime_get_ts64+0x86/0x230 [ 12.858050] kunit_try_run_case+0x1a5/0x480 [ 12.858074] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.858097] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.858120] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.858144] ? __kthread_parkme+0x82/0x180 [ 12.858163] ? preempt_count_sub+0x50/0x80 [ 12.858186] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.858210] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.858234] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.858259] kthread+0x337/0x6f0 [ 12.858277] ? trace_preempt_on+0x20/0xc0 [ 12.858300] ? __pfx_kthread+0x10/0x10 [ 12.858320] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.858342] ? calculate_sigpending+0x7b/0xa0 [ 12.858460] ? __pfx_kthread+0x10/0x10 [ 12.858482] ret_from_fork+0x116/0x1d0 [ 12.858500] ? __pfx_kthread+0x10/0x10 [ 12.858520] ret_from_fork_asm+0x1a/0x30 [ 12.858550] </TASK> [ 12.858560] [ 12.867374] Allocated by task 195: [ 12.867505] kasan_save_stack+0x45/0x70 [ 12.867741] kasan_save_track+0x18/0x40 [ 12.867939] kasan_save_alloc_info+0x3b/0x50 [ 12.868151] __kasan_kmalloc+0xb7/0xc0 [ 12.868346] __kmalloc_cache_noprof+0x189/0x420 [ 12.868542] kmalloc_oob_memset_16+0xac/0x330 [ 12.869084] kunit_try_run_case+0x1a5/0x480 [ 12.869305] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.869671] kthread+0x337/0x6f0 [ 12.870023] ret_from_fork+0x116/0x1d0 [ 12.870288] ret_from_fork_asm+0x1a/0x30 [ 12.870475] [ 12.870544] The buggy address belongs to the object at ffff888102d5f600 [ 12.870544] which belongs to the cache kmalloc-128 of size 128 [ 12.871025] The buggy address is located 105 bytes inside of [ 12.871025] allocated 120-byte region [ffff888102d5f600, ffff888102d5f678) [ 12.871545] [ 12.871615] The buggy address belongs to the physical page: [ 12.872253] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d5f [ 12.872588] flags: 0x200000000000000(node=0|zone=2) [ 12.872987] page_type: f5(slab) [ 12.873155] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.873575] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.874027] page dumped because: kasan: bad access detected [ 12.874210] [ 12.874355] Memory state around the buggy address: [ 12.874806] ffff888102d5f500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.875193] ffff888102d5f580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.875449] >ffff888102d5f600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.875848] ^ [ 12.876344] ffff888102d5f680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.876863] ffff888102d5f700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.877157] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 12.815262] ================================================================== [ 12.816927] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 12.818409] Write of size 8 at addr ffff8881027a3671 by task kunit_try_catch/193 [ 12.818899] [ 12.818991] CPU: 0 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.819034] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.819046] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.819068] Call Trace: [ 12.819080] <TASK> [ 12.819094] dump_stack_lvl+0x73/0xb0 [ 12.819125] print_report+0xd1/0x650 [ 12.819147] ? __virt_addr_valid+0x1db/0x2d0 [ 12.819169] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.819190] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.819213] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.819235] kasan_report+0x141/0x180 [ 12.819256] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.819283] kasan_check_range+0x10c/0x1c0 [ 12.819305] __asan_memset+0x27/0x50 [ 12.819324] kmalloc_oob_memset_8+0x166/0x330 [ 12.819577] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 12.819613] ? __schedule+0x10cc/0x2b60 [ 12.819681] ? __pfx_read_tsc+0x10/0x10 [ 12.819704] ? ktime_get_ts64+0x86/0x230 [ 12.819730] kunit_try_run_case+0x1a5/0x480 [ 12.819754] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.819777] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.819800] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.819823] ? __kthread_parkme+0x82/0x180 [ 12.819842] ? preempt_count_sub+0x50/0x80 [ 12.819865] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.819889] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.819912] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.819937] kthread+0x337/0x6f0 [ 12.819956] ? trace_preempt_on+0x20/0xc0 [ 12.819979] ? __pfx_kthread+0x10/0x10 [ 12.820000] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.820023] ? calculate_sigpending+0x7b/0xa0 [ 12.820047] ? __pfx_kthread+0x10/0x10 [ 12.820068] ret_from_fork+0x116/0x1d0 [ 12.820086] ? __pfx_kthread+0x10/0x10 [ 12.820106] ret_from_fork_asm+0x1a/0x30 [ 12.820136] </TASK> [ 12.820146] [ 12.835667] Allocated by task 193: [ 12.836093] kasan_save_stack+0x45/0x70 [ 12.836638] kasan_save_track+0x18/0x40 [ 12.836857] kasan_save_alloc_info+0x3b/0x50 [ 12.837016] __kasan_kmalloc+0xb7/0xc0 [ 12.837149] __kmalloc_cache_noprof+0x189/0x420 [ 12.837304] kmalloc_oob_memset_8+0xac/0x330 [ 12.837821] kunit_try_run_case+0x1a5/0x480 [ 12.838256] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.838859] kthread+0x337/0x6f0 [ 12.839263] ret_from_fork+0x116/0x1d0 [ 12.839764] ret_from_fork_asm+0x1a/0x30 [ 12.840194] [ 12.840353] The buggy address belongs to the object at ffff8881027a3600 [ 12.840353] which belongs to the cache kmalloc-128 of size 128 [ 12.841595] The buggy address is located 113 bytes inside of [ 12.841595] allocated 120-byte region [ffff8881027a3600, ffff8881027a3678) [ 12.842135] [ 12.842213] The buggy address belongs to the physical page: [ 12.842461] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a3 [ 12.843298] flags: 0x200000000000000(node=0|zone=2) [ 12.843930] page_type: f5(slab) [ 12.844301] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.845105] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.845738] page dumped because: kasan: bad access detected [ 12.845919] [ 12.845987] Memory state around the buggy address: [ 12.846142] ffff8881027a3500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.846380] ffff8881027a3580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.847266] >ffff8881027a3600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.848068] ^ [ 12.848861] ffff8881027a3680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.849549] ffff8881027a3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.850327] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 12.793523] ================================================================== [ 12.794065] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 12.794672] Write of size 4 at addr ffff8881027a3575 by task kunit_try_catch/191 [ 12.794977] [ 12.795071] CPU: 0 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.795112] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.795123] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.795142] Call Trace: [ 12.795155] <TASK> [ 12.795169] dump_stack_lvl+0x73/0xb0 [ 12.795198] print_report+0xd1/0x650 [ 12.795219] ? __virt_addr_valid+0x1db/0x2d0 [ 12.795241] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.795262] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.795285] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.795307] kasan_report+0x141/0x180 [ 12.795328] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.795355] kasan_check_range+0x10c/0x1c0 [ 12.795600] __asan_memset+0x27/0x50 [ 12.795623] kmalloc_oob_memset_4+0x166/0x330 [ 12.795646] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 12.795671] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 12.795697] kunit_try_run_case+0x1a5/0x480 [ 12.795721] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.795743] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.795767] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.795791] ? __kthread_parkme+0x82/0x180 [ 12.795810] ? preempt_count_sub+0x50/0x80 [ 12.795834] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.795858] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.795882] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.795907] kthread+0x337/0x6f0 [ 12.795925] ? trace_preempt_on+0x20/0xc0 [ 12.795948] ? __pfx_kthread+0x10/0x10 [ 12.795968] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.795989] ? calculate_sigpending+0x7b/0xa0 [ 12.796012] ? __pfx_kthread+0x10/0x10 [ 12.796033] ret_from_fork+0x116/0x1d0 [ 12.796051] ? __pfx_kthread+0x10/0x10 [ 12.796071] ret_from_fork_asm+0x1a/0x30 [ 12.796102] </TASK> [ 12.796111] [ 12.803304] Allocated by task 191: [ 12.803725] kasan_save_stack+0x45/0x70 [ 12.803898] kasan_save_track+0x18/0x40 [ 12.804035] kasan_save_alloc_info+0x3b/0x50 [ 12.804205] __kasan_kmalloc+0xb7/0xc0 [ 12.804447] __kmalloc_cache_noprof+0x189/0x420 [ 12.804676] kmalloc_oob_memset_4+0xac/0x330 [ 12.804884] kunit_try_run_case+0x1a5/0x480 [ 12.805088] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.805337] kthread+0x337/0x6f0 [ 12.805578] ret_from_fork+0x116/0x1d0 [ 12.805754] ret_from_fork_asm+0x1a/0x30 [ 12.805922] [ 12.805992] The buggy address belongs to the object at ffff8881027a3500 [ 12.805992] which belongs to the cache kmalloc-128 of size 128 [ 12.806568] The buggy address is located 117 bytes inside of [ 12.806568] allocated 120-byte region [ffff8881027a3500, ffff8881027a3578) [ 12.807000] [ 12.807072] The buggy address belongs to the physical page: [ 12.807241] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a3 [ 12.807546] flags: 0x200000000000000(node=0|zone=2) [ 12.807778] page_type: f5(slab) [ 12.807942] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.808601] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.808877] page dumped because: kasan: bad access detected [ 12.809046] [ 12.809115] Memory state around the buggy address: [ 12.809266] ffff8881027a3400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.809774] ffff8881027a3480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.810102] >ffff8881027a3500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.810422] ^ [ 12.810695] ffff8881027a3580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.810940] ffff8881027a3600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.811253] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 12.774569] ================================================================== [ 12.775034] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 12.775331] Write of size 2 at addr ffff8881027a3477 by task kunit_try_catch/189 [ 12.775655] [ 12.775766] CPU: 0 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.775805] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.775816] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.775834] Call Trace: [ 12.775846] <TASK> [ 12.775860] dump_stack_lvl+0x73/0xb0 [ 12.775889] print_report+0xd1/0x650 [ 12.775911] ? __virt_addr_valid+0x1db/0x2d0 [ 12.775933] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.775955] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.775977] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.775999] kasan_report+0x141/0x180 [ 12.776020] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.776047] kasan_check_range+0x10c/0x1c0 [ 12.776070] __asan_memset+0x27/0x50 [ 12.776118] kmalloc_oob_memset_2+0x166/0x330 [ 12.776141] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 12.776166] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 12.776210] kunit_try_run_case+0x1a5/0x480 [ 12.776235] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.776257] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.776280] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.776304] ? __kthread_parkme+0x82/0x180 [ 12.776324] ? preempt_count_sub+0x50/0x80 [ 12.776348] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.776383] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.776407] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.776431] kthread+0x337/0x6f0 [ 12.776450] ? trace_preempt_on+0x20/0xc0 [ 12.776472] ? __pfx_kthread+0x10/0x10 [ 12.776492] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.776513] ? calculate_sigpending+0x7b/0xa0 [ 12.776550] ? __pfx_kthread+0x10/0x10 [ 12.776570] ret_from_fork+0x116/0x1d0 [ 12.776589] ? __pfx_kthread+0x10/0x10 [ 12.776609] ret_from_fork_asm+0x1a/0x30 [ 12.776639] </TASK> [ 12.776648] [ 12.783386] Allocated by task 189: [ 12.783569] kasan_save_stack+0x45/0x70 [ 12.783767] kasan_save_track+0x18/0x40 [ 12.783926] kasan_save_alloc_info+0x3b/0x50 [ 12.784074] __kasan_kmalloc+0xb7/0xc0 [ 12.784213] __kmalloc_cache_noprof+0x189/0x420 [ 12.784438] kmalloc_oob_memset_2+0xac/0x330 [ 12.784644] kunit_try_run_case+0x1a5/0x480 [ 12.784889] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.785143] kthread+0x337/0x6f0 [ 12.785308] ret_from_fork+0x116/0x1d0 [ 12.785551] ret_from_fork_asm+0x1a/0x30 [ 12.785696] [ 12.785765] The buggy address belongs to the object at ffff8881027a3400 [ 12.785765] which belongs to the cache kmalloc-128 of size 128 [ 12.786251] The buggy address is located 119 bytes inside of [ 12.786251] allocated 120-byte region [ffff8881027a3400, ffff8881027a3478) [ 12.787015] [ 12.787113] The buggy address belongs to the physical page: [ 12.787328] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a3 [ 12.787646] flags: 0x200000000000000(node=0|zone=2) [ 12.787908] page_type: f5(slab) [ 12.788051] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.788355] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.788612] page dumped because: kasan: bad access detected [ 12.788780] [ 12.788847] Memory state around the buggy address: [ 12.788998] ffff8881027a3300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.789227] ffff8881027a3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.789745] >ffff8881027a3400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.790062] ^ [ 12.790381] ffff8881027a3480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.790972] ffff8881027a3500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.791192] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 12.753315] ================================================================== [ 12.753855] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 12.754098] Write of size 128 at addr ffff888102d5f500 by task kunit_try_catch/187 [ 12.754325] [ 12.755183] CPU: 1 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.755228] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.755239] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.755258] Call Trace: [ 12.755269] <TASK> [ 12.755283] dump_stack_lvl+0x73/0xb0 [ 12.755314] print_report+0xd1/0x650 [ 12.755335] ? __virt_addr_valid+0x1db/0x2d0 [ 12.755357] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.755390] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.755469] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.755492] kasan_report+0x141/0x180 [ 12.755514] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.755540] kasan_check_range+0x10c/0x1c0 [ 12.755564] __asan_memset+0x27/0x50 [ 12.755582] kmalloc_oob_in_memset+0x15f/0x320 [ 12.755605] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 12.755628] ? __schedule+0x10cc/0x2b60 [ 12.755652] ? __pfx_read_tsc+0x10/0x10 [ 12.755673] ? ktime_get_ts64+0x86/0x230 [ 12.755697] kunit_try_run_case+0x1a5/0x480 [ 12.755721] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.755744] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.755768] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.755791] ? __kthread_parkme+0x82/0x180 [ 12.755811] ? preempt_count_sub+0x50/0x80 [ 12.755833] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.755857] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.755881] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.755906] kthread+0x337/0x6f0 [ 12.755924] ? trace_preempt_on+0x20/0xc0 [ 12.755947] ? __pfx_kthread+0x10/0x10 [ 12.755967] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.755988] ? calculate_sigpending+0x7b/0xa0 [ 12.756013] ? __pfx_kthread+0x10/0x10 [ 12.756033] ret_from_fork+0x116/0x1d0 [ 12.756051] ? __pfx_kthread+0x10/0x10 [ 12.756071] ret_from_fork_asm+0x1a/0x30 [ 12.756101] </TASK> [ 12.756111] [ 12.763208] Allocated by task 187: [ 12.763457] kasan_save_stack+0x45/0x70 [ 12.763641] kasan_save_track+0x18/0x40 [ 12.763809] kasan_save_alloc_info+0x3b/0x50 [ 12.763995] __kasan_kmalloc+0xb7/0xc0 [ 12.764131] __kmalloc_cache_noprof+0x189/0x420 [ 12.764292] kmalloc_oob_in_memset+0xac/0x320 [ 12.764489] kunit_try_run_case+0x1a5/0x480 [ 12.764699] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.764951] kthread+0x337/0x6f0 [ 12.765173] ret_from_fork+0x116/0x1d0 [ 12.765384] ret_from_fork_asm+0x1a/0x30 [ 12.765759] [ 12.765858] The buggy address belongs to the object at ffff888102d5f500 [ 12.765858] which belongs to the cache kmalloc-128 of size 128 [ 12.766224] The buggy address is located 0 bytes inside of [ 12.766224] allocated 120-byte region [ffff888102d5f500, ffff888102d5f578) [ 12.766608] [ 12.766703] The buggy address belongs to the physical page: [ 12.766952] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d5f [ 12.767301] flags: 0x200000000000000(node=0|zone=2) [ 12.767757] page_type: f5(slab) [ 12.768014] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.768246] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.768478] page dumped because: kasan: bad access detected [ 12.768798] [ 12.768895] Memory state around the buggy address: [ 12.769125] ffff888102d5f400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.769543] ffff888102d5f480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.769868] >ffff888102d5f500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.770186] ^ [ 12.770564] ffff888102d5f580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.770810] ffff888102d5f600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.771129] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 12.728899] ================================================================== [ 12.729312] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 12.729663] Read of size 16 at addr ffff888102749d80 by task kunit_try_catch/185 [ 12.729954] [ 12.730040] CPU: 0 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.730078] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.730090] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.730109] Call Trace: [ 12.730119] <TASK> [ 12.730133] dump_stack_lvl+0x73/0xb0 [ 12.730162] print_report+0xd1/0x650 [ 12.730184] ? __virt_addr_valid+0x1db/0x2d0 [ 12.730206] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.730226] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.730248] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.730269] kasan_report+0x141/0x180 [ 12.730290] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.730315] __asan_report_load16_noabort+0x18/0x20 [ 12.730340] kmalloc_uaf_16+0x47b/0x4c0 [ 12.730370] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 12.730392] ? __schedule+0x10cc/0x2b60 [ 12.730413] ? __pfx_read_tsc+0x10/0x10 [ 12.730433] ? ktime_get_ts64+0x86/0x230 [ 12.730456] kunit_try_run_case+0x1a5/0x480 [ 12.730567] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.730593] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.730617] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.730640] ? __kthread_parkme+0x82/0x180 [ 12.730661] ? preempt_count_sub+0x50/0x80 [ 12.730684] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.730708] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.730733] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.730758] kthread+0x337/0x6f0 [ 12.730776] ? trace_preempt_on+0x20/0xc0 [ 12.730799] ? __pfx_kthread+0x10/0x10 [ 12.730819] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.730841] ? calculate_sigpending+0x7b/0xa0 [ 12.730864] ? __pfx_kthread+0x10/0x10 [ 12.730886] ret_from_fork+0x116/0x1d0 [ 12.730904] ? __pfx_kthread+0x10/0x10 [ 12.730924] ret_from_fork_asm+0x1a/0x30 [ 12.730954] </TASK> [ 12.730964] [ 12.737879] Allocated by task 185: [ 12.738030] kasan_save_stack+0x45/0x70 [ 12.738173] kasan_save_track+0x18/0x40 [ 12.738307] kasan_save_alloc_info+0x3b/0x50 [ 12.738745] __kasan_kmalloc+0xb7/0xc0 [ 12.738945] __kmalloc_cache_noprof+0x189/0x420 [ 12.739169] kmalloc_uaf_16+0x15b/0x4c0 [ 12.739384] kunit_try_run_case+0x1a5/0x480 [ 12.739601] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.739801] kthread+0x337/0x6f0 [ 12.739971] ret_from_fork+0x116/0x1d0 [ 12.740156] ret_from_fork_asm+0x1a/0x30 [ 12.740421] [ 12.740505] Freed by task 185: [ 12.740659] kasan_save_stack+0x45/0x70 [ 12.740801] kasan_save_track+0x18/0x40 [ 12.740988] kasan_save_free_info+0x3f/0x60 [ 12.741193] __kasan_slab_free+0x56/0x70 [ 12.741453] kfree+0x222/0x3f0 [ 12.741594] kmalloc_uaf_16+0x1d6/0x4c0 [ 12.741747] kunit_try_run_case+0x1a5/0x480 [ 12.741951] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.742124] kthread+0x337/0x6f0 [ 12.742244] ret_from_fork+0x116/0x1d0 [ 12.742386] ret_from_fork_asm+0x1a/0x30 [ 12.742524] [ 12.742592] The buggy address belongs to the object at ffff888102749d80 [ 12.742592] which belongs to the cache kmalloc-16 of size 16 [ 12.743138] The buggy address is located 0 bytes inside of [ 12.743138] freed 16-byte region [ffff888102749d80, ffff888102749d90) [ 12.743987] [ 12.744085] The buggy address belongs to the physical page: [ 12.744314] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102749 [ 12.744807] flags: 0x200000000000000(node=0|zone=2) [ 12.744973] page_type: f5(slab) [ 12.745092] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.745411] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.745760] page dumped because: kasan: bad access detected [ 12.746010] [ 12.746101] Memory state around the buggy address: [ 12.746318] ffff888102749c80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.747080] ffff888102749d00: 00 05 fc fc fa fb fc fc fa fb fc fc 00 00 fc fc [ 12.747389] >ffff888102749d80: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.747735] ^ [ 12.747896] ffff888102749e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.748170] ffff888102749e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.748503] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 12.708330] ================================================================== [ 12.708841] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 12.709160] Write of size 16 at addr ffff888102749d20 by task kunit_try_catch/183 [ 12.709437] [ 12.709795] CPU: 0 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.709844] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.709855] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.709875] Call Trace: [ 12.709888] <TASK> [ 12.709904] dump_stack_lvl+0x73/0xb0 [ 12.709936] print_report+0xd1/0x650 [ 12.709958] ? __virt_addr_valid+0x1db/0x2d0 [ 12.709980] ? kmalloc_oob_16+0x452/0x4a0 [ 12.710000] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.710023] ? kmalloc_oob_16+0x452/0x4a0 [ 12.710045] kasan_report+0x141/0x180 [ 12.710069] ? kmalloc_oob_16+0x452/0x4a0 [ 12.710095] __asan_report_store16_noabort+0x1b/0x30 [ 12.710121] kmalloc_oob_16+0x452/0x4a0 [ 12.710141] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 12.710163] ? __schedule+0x10cc/0x2b60 [ 12.710186] ? __pfx_read_tsc+0x10/0x10 [ 12.710207] ? ktime_get_ts64+0x86/0x230 [ 12.710232] kunit_try_run_case+0x1a5/0x480 [ 12.710257] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.710281] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.710304] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.710327] ? __kthread_parkme+0x82/0x180 [ 12.710347] ? preempt_count_sub+0x50/0x80 [ 12.710477] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.710501] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.710526] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.710551] kthread+0x337/0x6f0 [ 12.710569] ? trace_preempt_on+0x20/0xc0 [ 12.710593] ? __pfx_kthread+0x10/0x10 [ 12.710613] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.710634] ? calculate_sigpending+0x7b/0xa0 [ 12.710658] ? __pfx_kthread+0x10/0x10 [ 12.710679] ret_from_fork+0x116/0x1d0 [ 12.710697] ? __pfx_kthread+0x10/0x10 [ 12.710717] ret_from_fork_asm+0x1a/0x30 [ 12.710747] </TASK> [ 12.710758] [ 12.717908] Allocated by task 183: [ 12.718091] kasan_save_stack+0x45/0x70 [ 12.718244] kasan_save_track+0x18/0x40 [ 12.718594] kasan_save_alloc_info+0x3b/0x50 [ 12.718799] __kasan_kmalloc+0xb7/0xc0 [ 12.718966] __kmalloc_cache_noprof+0x189/0x420 [ 12.719128] kmalloc_oob_16+0xa8/0x4a0 [ 12.719292] kunit_try_run_case+0x1a5/0x480 [ 12.719511] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.719893] kthread+0x337/0x6f0 [ 12.720068] ret_from_fork+0x116/0x1d0 [ 12.720221] ret_from_fork_asm+0x1a/0x30 [ 12.720464] [ 12.720560] The buggy address belongs to the object at ffff888102749d20 [ 12.720560] which belongs to the cache kmalloc-16 of size 16 [ 12.721003] The buggy address is located 0 bytes inside of [ 12.721003] allocated 13-byte region [ffff888102749d20, ffff888102749d2d) [ 12.721371] [ 12.721466] The buggy address belongs to the physical page: [ 12.721761] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102749 [ 12.722112] flags: 0x200000000000000(node=0|zone=2) [ 12.722345] page_type: f5(slab) [ 12.722640] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.722881] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.723140] page dumped because: kasan: bad access detected [ 12.723581] [ 12.723692] Memory state around the buggy address: [ 12.723923] ffff888102749c00: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.724215] ffff888102749c80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.724586] >ffff888102749d00: 00 05 fc fc 00 05 fc fc 00 00 fc fc fc fc fc fc [ 12.724850] ^ [ 12.725065] ffff888102749d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.725343] ffff888102749e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.725675] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 12.652081] ================================================================== [ 12.652514] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 12.652746] Read of size 1 at addr ffff88810099de00 by task kunit_try_catch/181 [ 12.652966] [ 12.653052] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.653092] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.653104] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.653123] Call Trace: [ 12.653135] <TASK> [ 12.653151] dump_stack_lvl+0x73/0xb0 [ 12.653179] print_report+0xd1/0x650 [ 12.653200] ? __virt_addr_valid+0x1db/0x2d0 [ 12.653223] ? krealloc_uaf+0x1b8/0x5e0 [ 12.653242] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.653263] ? krealloc_uaf+0x1b8/0x5e0 [ 12.653283] kasan_report+0x141/0x180 [ 12.653303] ? krealloc_uaf+0x1b8/0x5e0 [ 12.653326] ? krealloc_uaf+0x1b8/0x5e0 [ 12.653346] __kasan_check_byte+0x3d/0x50 [ 12.653725] krealloc_noprof+0x3f/0x340 [ 12.653759] krealloc_uaf+0x1b8/0x5e0 [ 12.653782] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.653804] ? finish_task_switch.isra.0+0x153/0x700 [ 12.653827] ? __switch_to+0x47/0xf50 [ 12.653852] ? __schedule+0x10cc/0x2b60 [ 12.654051] ? __pfx_read_tsc+0x10/0x10 [ 12.654073] ? ktime_get_ts64+0x86/0x230 [ 12.654099] kunit_try_run_case+0x1a5/0x480 [ 12.654125] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.654147] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.654170] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.654194] ? __kthread_parkme+0x82/0x180 [ 12.654215] ? preempt_count_sub+0x50/0x80 [ 12.654237] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.654260] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.654284] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.654308] kthread+0x337/0x6f0 [ 12.654326] ? trace_preempt_on+0x20/0xc0 [ 12.654391] ? __pfx_kthread+0x10/0x10 [ 12.654439] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.654460] ? calculate_sigpending+0x7b/0xa0 [ 12.654485] ? __pfx_kthread+0x10/0x10 [ 12.654506] ret_from_fork+0x116/0x1d0 [ 12.654525] ? __pfx_kthread+0x10/0x10 [ 12.654545] ret_from_fork_asm+0x1a/0x30 [ 12.654575] </TASK> [ 12.654585] [ 12.668778] Allocated by task 181: [ 12.669219] kasan_save_stack+0x45/0x70 [ 12.669764] kasan_save_track+0x18/0x40 [ 12.669978] kasan_save_alloc_info+0x3b/0x50 [ 12.670194] __kasan_kmalloc+0xb7/0xc0 [ 12.670398] __kmalloc_cache_noprof+0x189/0x420 [ 12.670654] krealloc_uaf+0xbb/0x5e0 [ 12.670789] kunit_try_run_case+0x1a5/0x480 [ 12.670994] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.671555] kthread+0x337/0x6f0 [ 12.671788] ret_from_fork+0x116/0x1d0 [ 12.671973] ret_from_fork_asm+0x1a/0x30 [ 12.672192] [ 12.672289] Freed by task 181: [ 12.672521] kasan_save_stack+0x45/0x70 [ 12.672691] kasan_save_track+0x18/0x40 [ 12.672930] kasan_save_free_info+0x3f/0x60 [ 12.673188] __kasan_slab_free+0x56/0x70 [ 12.673460] kfree+0x222/0x3f0 [ 12.673687] krealloc_uaf+0x13d/0x5e0 [ 12.673853] kunit_try_run_case+0x1a5/0x480 [ 12.674082] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.674340] kthread+0x337/0x6f0 [ 12.674662] ret_from_fork+0x116/0x1d0 [ 12.674867] ret_from_fork_asm+0x1a/0x30 [ 12.675056] [ 12.675170] The buggy address belongs to the object at ffff88810099de00 [ 12.675170] which belongs to the cache kmalloc-256 of size 256 [ 12.675916] The buggy address is located 0 bytes inside of [ 12.675916] freed 256-byte region [ffff88810099de00, ffff88810099df00) [ 12.676412] [ 12.676681] The buggy address belongs to the physical page: [ 12.677065] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10099c [ 12.677481] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.677850] flags: 0x200000000000040(head|node=0|zone=2) [ 12.678103] page_type: f5(slab) [ 12.678312] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.678843] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.679164] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.679642] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.679996] head: 0200000000000001 ffffea0004026701 00000000ffffffff 00000000ffffffff [ 12.680415] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.680776] page dumped because: kasan: bad access detected [ 12.680981] [ 12.681064] Memory state around the buggy address: [ 12.681254] ffff88810099dd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.681533] ffff88810099dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.681833] >ffff88810099de00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.682085] ^ [ 12.682241] ffff88810099de80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.682605] ffff88810099df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.682868] ================================================================== [ 12.683861] ================================================================== [ 12.684134] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 12.684407] Read of size 1 at addr ffff88810099de00 by task kunit_try_catch/181 [ 12.684747] [ 12.684851] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.684888] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.684899] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.684917] Call Trace: [ 12.684927] <TASK> [ 12.684941] dump_stack_lvl+0x73/0xb0 [ 12.685208] print_report+0xd1/0x650 [ 12.685240] ? __virt_addr_valid+0x1db/0x2d0 [ 12.685263] ? krealloc_uaf+0x53c/0x5e0 [ 12.685283] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.685306] ? krealloc_uaf+0x53c/0x5e0 [ 12.685326] kasan_report+0x141/0x180 [ 12.685607] ? krealloc_uaf+0x53c/0x5e0 [ 12.685640] __asan_report_load1_noabort+0x18/0x20 [ 12.685665] krealloc_uaf+0x53c/0x5e0 [ 12.685686] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.685706] ? finish_task_switch.isra.0+0x153/0x700 [ 12.685729] ? __switch_to+0x47/0xf50 [ 12.685752] ? __schedule+0x10cc/0x2b60 [ 12.685775] ? __pfx_read_tsc+0x10/0x10 [ 12.685795] ? ktime_get_ts64+0x86/0x230 [ 12.685818] kunit_try_run_case+0x1a5/0x480 [ 12.685841] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.685863] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.685886] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.685910] ? __kthread_parkme+0x82/0x180 [ 12.685929] ? preempt_count_sub+0x50/0x80 [ 12.685952] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.685975] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.685999] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.686023] kthread+0x337/0x6f0 [ 12.686041] ? trace_preempt_on+0x20/0xc0 [ 12.686063] ? __pfx_kthread+0x10/0x10 [ 12.686083] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.686104] ? calculate_sigpending+0x7b/0xa0 [ 12.686128] ? __pfx_kthread+0x10/0x10 [ 12.686149] ret_from_fork+0x116/0x1d0 [ 12.686167] ? __pfx_kthread+0x10/0x10 [ 12.686186] ret_from_fork_asm+0x1a/0x30 [ 12.686216] </TASK> [ 12.686227] [ 12.694025] Allocated by task 181: [ 12.694216] kasan_save_stack+0x45/0x70 [ 12.694545] kasan_save_track+0x18/0x40 [ 12.694754] kasan_save_alloc_info+0x3b/0x50 [ 12.694972] __kasan_kmalloc+0xb7/0xc0 [ 12.695158] __kmalloc_cache_noprof+0x189/0x420 [ 12.695379] krealloc_uaf+0xbb/0x5e0 [ 12.695596] kunit_try_run_case+0x1a5/0x480 [ 12.695808] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.696005] kthread+0x337/0x6f0 [ 12.696125] ret_from_fork+0x116/0x1d0 [ 12.696265] ret_from_fork_asm+0x1a/0x30 [ 12.696438] [ 12.696531] Freed by task 181: [ 12.696686] kasan_save_stack+0x45/0x70 [ 12.696882] kasan_save_track+0x18/0x40 [ 12.697259] kasan_save_free_info+0x3f/0x60 [ 12.697605] __kasan_slab_free+0x56/0x70 [ 12.697808] kfree+0x222/0x3f0 [ 12.697925] krealloc_uaf+0x13d/0x5e0 [ 12.698072] kunit_try_run_case+0x1a5/0x480 [ 12.698282] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.698715] kthread+0x337/0x6f0 [ 12.698868] ret_from_fork+0x116/0x1d0 [ 12.699032] ret_from_fork_asm+0x1a/0x30 [ 12.699180] [ 12.699274] The buggy address belongs to the object at ffff88810099de00 [ 12.699274] which belongs to the cache kmalloc-256 of size 256 [ 12.699894] The buggy address is located 0 bytes inside of [ 12.699894] freed 256-byte region [ffff88810099de00, ffff88810099df00) [ 12.700340] [ 12.700597] The buggy address belongs to the physical page: [ 12.700833] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10099c [ 12.701145] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.701427] flags: 0x200000000000040(head|node=0|zone=2) [ 12.701700] page_type: f5(slab) [ 12.701859] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.702117] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.702346] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.702716] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.703063] head: 0200000000000001 ffffea0004026701 00000000ffffffff 00000000ffffffff [ 12.703501] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.703804] page dumped because: kasan: bad access detected [ 12.703983] [ 12.704077] Memory state around the buggy address: [ 12.704303] ffff88810099dd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.704636] ffff88810099dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.704918] >ffff88810099de00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.705207] ^ [ 12.705369] ffff88810099de80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.705655] ffff88810099df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.705920] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 12.451592] ================================================================== [ 12.452119] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 12.452537] Write of size 1 at addr ffff8881003588da by task kunit_try_catch/175 [ 12.452849] [ 12.452953] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.452990] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.453001] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.453020] Call Trace: [ 12.453034] <TASK> [ 12.453047] dump_stack_lvl+0x73/0xb0 [ 12.453074] print_report+0xd1/0x650 [ 12.453096] ? __virt_addr_valid+0x1db/0x2d0 [ 12.453117] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.453140] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.453162] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.453186] kasan_report+0x141/0x180 [ 12.453208] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.453236] __asan_report_store1_noabort+0x1b/0x30 [ 12.453262] krealloc_less_oob_helper+0xec6/0x11d0 [ 12.453288] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.453312] ? irqentry_exit+0x2a/0x60 [ 12.453332] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.453372] ? __pfx_read_tsc+0x10/0x10 [ 12.453406] krealloc_less_oob+0x1c/0x30 [ 12.453427] kunit_try_run_case+0x1a5/0x480 [ 12.453451] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.453484] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.453507] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.453530] ? __kthread_parkme+0x82/0x180 [ 12.453550] ? preempt_count_sub+0x50/0x80 [ 12.453572] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.453596] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.453620] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.453644] kthread+0x337/0x6f0 [ 12.453663] ? trace_preempt_on+0x20/0xc0 [ 12.453685] ? __pfx_kthread+0x10/0x10 [ 12.453705] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.453726] ? calculate_sigpending+0x7b/0xa0 [ 12.453749] ? __pfx_kthread+0x10/0x10 [ 12.453770] ret_from_fork+0x116/0x1d0 [ 12.453788] ? __pfx_kthread+0x10/0x10 [ 12.453808] ret_from_fork_asm+0x1a/0x30 [ 12.453839] </TASK> [ 12.453848] [ 12.461151] Allocated by task 175: [ 12.461280] kasan_save_stack+0x45/0x70 [ 12.461506] kasan_save_track+0x18/0x40 [ 12.461765] kasan_save_alloc_info+0x3b/0x50 [ 12.461982] __kasan_krealloc+0x190/0x1f0 [ 12.462184] krealloc_noprof+0xf3/0x340 [ 12.462382] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.462660] krealloc_less_oob+0x1c/0x30 [ 12.462821] kunit_try_run_case+0x1a5/0x480 [ 12.462966] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.463140] kthread+0x337/0x6f0 [ 12.463257] ret_from_fork+0x116/0x1d0 [ 12.463405] ret_from_fork_asm+0x1a/0x30 [ 12.463604] [ 12.463701] The buggy address belongs to the object at ffff888100358800 [ 12.463701] which belongs to the cache kmalloc-256 of size 256 [ 12.464238] The buggy address is located 17 bytes to the right of [ 12.464238] allocated 201-byte region [ffff888100358800, ffff8881003588c9) [ 12.464854] [ 12.464978] The buggy address belongs to the physical page: [ 12.465286] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100358 [ 12.465995] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.466327] flags: 0x200000000000040(head|node=0|zone=2) [ 12.467204] page_type: f5(slab) [ 12.467345] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.468296] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.469000] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.469231] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.469471] head: 0200000000000001 ffffea000400d601 00000000ffffffff 00000000ffffffff [ 12.469692] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.469905] page dumped because: kasan: bad access detected [ 12.470066] [ 12.470134] Memory state around the buggy address: [ 12.470280] ffff888100358780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.470549] ffff888100358800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.470761] >ffff888100358880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.471073] ^ [ 12.471568] ffff888100358900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.471832] ffff888100358980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.472359] ================================================================== [ 12.577356] ================================================================== [ 12.577806] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 12.578176] Write of size 1 at addr ffff8881021160d0 by task kunit_try_catch/179 [ 12.578720] [ 12.578806] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.578844] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.578854] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.578872] Call Trace: [ 12.578884] <TASK> [ 12.578898] dump_stack_lvl+0x73/0xb0 [ 12.578925] print_report+0xd1/0x650 [ 12.578947] ? __virt_addr_valid+0x1db/0x2d0 [ 12.578968] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.578992] ? kasan_addr_to_slab+0x11/0xa0 [ 12.579012] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.579036] kasan_report+0x141/0x180 [ 12.579057] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.579085] __asan_report_store1_noabort+0x1b/0x30 [ 12.579110] krealloc_less_oob_helper+0xe23/0x11d0 [ 12.579137] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.579162] ? finish_task_switch.isra.0+0x153/0x700 [ 12.579183] ? __switch_to+0x47/0xf50 [ 12.579207] ? __schedule+0x10cc/0x2b60 [ 12.579228] ? __pfx_read_tsc+0x10/0x10 [ 12.579252] krealloc_large_less_oob+0x1c/0x30 [ 12.579275] kunit_try_run_case+0x1a5/0x480 [ 12.579298] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.579321] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.579345] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.579392] ? __kthread_parkme+0x82/0x180 [ 12.579412] ? preempt_count_sub+0x50/0x80 [ 12.579435] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.579504] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.579528] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.579553] kthread+0x337/0x6f0 [ 12.579572] ? trace_preempt_on+0x20/0xc0 [ 12.579595] ? __pfx_kthread+0x10/0x10 [ 12.579615] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.579636] ? calculate_sigpending+0x7b/0xa0 [ 12.579659] ? __pfx_kthread+0x10/0x10 [ 12.579680] ret_from_fork+0x116/0x1d0 [ 12.579698] ? __pfx_kthread+0x10/0x10 [ 12.579718] ret_from_fork_asm+0x1a/0x30 [ 12.579748] </TASK> [ 12.579757] [ 12.587205] The buggy address belongs to the physical page: [ 12.587586] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102114 [ 12.587891] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.588192] flags: 0x200000000000040(head|node=0|zone=2) [ 12.588421] page_type: f8(unknown) [ 12.588638] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.588924] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.589212] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.589719] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.590014] head: 0200000000000002 ffffea0004084501 00000000ffffffff 00000000ffffffff [ 12.590308] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.590713] page dumped because: kasan: bad access detected [ 12.590887] [ 12.590955] Memory state around the buggy address: [ 12.591104] ffff888102115f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.591319] ffff888102116000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.591627] >ffff888102116080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.592010] ^ [ 12.592307] ffff888102116100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.592668] ffff888102116180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.592881] ================================================================== [ 12.503289] ================================================================== [ 12.503723] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 12.503999] Write of size 1 at addr ffff8881003588eb by task kunit_try_catch/175 [ 12.504292] [ 12.504408] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.504447] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.504458] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.504476] Call Trace: [ 12.504488] <TASK> [ 12.504501] dump_stack_lvl+0x73/0xb0 [ 12.504528] print_report+0xd1/0x650 [ 12.504550] ? __virt_addr_valid+0x1db/0x2d0 [ 12.504571] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.504594] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.504616] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.504640] kasan_report+0x141/0x180 [ 12.504662] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.504690] __asan_report_store1_noabort+0x1b/0x30 [ 12.504717] krealloc_less_oob_helper+0xd47/0x11d0 [ 12.504743] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.504767] ? irqentry_exit+0x2a/0x60 [ 12.504788] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.504816] ? __pfx_read_tsc+0x10/0x10 [ 12.504840] krealloc_less_oob+0x1c/0x30 [ 12.504861] kunit_try_run_case+0x1a5/0x480 [ 12.504884] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.504906] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.504929] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.504952] ? __kthread_parkme+0x82/0x180 [ 12.504972] ? preempt_count_sub+0x50/0x80 [ 12.504995] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.505018] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.505042] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.505067] kthread+0x337/0x6f0 [ 12.505085] ? trace_preempt_on+0x20/0xc0 [ 12.505108] ? __pfx_kthread+0x10/0x10 [ 12.505128] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.505149] ? calculate_sigpending+0x7b/0xa0 [ 12.505172] ? __pfx_kthread+0x10/0x10 [ 12.505193] ret_from_fork+0x116/0x1d0 [ 12.505211] ? __pfx_kthread+0x10/0x10 [ 12.505230] ret_from_fork_asm+0x1a/0x30 [ 12.505260] </TASK> [ 12.505270] [ 12.512241] Allocated by task 175: [ 12.512419] kasan_save_stack+0x45/0x70 [ 12.512583] kasan_save_track+0x18/0x40 [ 12.512775] kasan_save_alloc_info+0x3b/0x50 [ 12.512959] __kasan_krealloc+0x190/0x1f0 [ 12.513111] krealloc_noprof+0xf3/0x340 [ 12.513244] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.513415] krealloc_less_oob+0x1c/0x30 [ 12.513630] kunit_try_run_case+0x1a5/0x480 [ 12.513836] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.514085] kthread+0x337/0x6f0 [ 12.514250] ret_from_fork+0x116/0x1d0 [ 12.514402] ret_from_fork_asm+0x1a/0x30 [ 12.514694] [ 12.514761] The buggy address belongs to the object at ffff888100358800 [ 12.514761] which belongs to the cache kmalloc-256 of size 256 [ 12.515224] The buggy address is located 34 bytes to the right of [ 12.515224] allocated 201-byte region [ffff888100358800, ffff8881003588c9) [ 12.515957] [ 12.516040] The buggy address belongs to the physical page: [ 12.516274] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100358 [ 12.516633] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.516917] flags: 0x200000000000040(head|node=0|zone=2) [ 12.517116] page_type: f5(slab) [ 12.517275] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.517596] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.517884] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.518193] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.518477] head: 0200000000000001 ffffea000400d601 00000000ffffffff 00000000ffffffff [ 12.518831] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.519056] page dumped because: kasan: bad access detected [ 12.519226] [ 12.519295] Memory state around the buggy address: [ 12.519576] ffff888100358780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.519904] ffff888100358800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.520226] >ffff888100358880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.520586] ^ [ 12.520789] ffff888100358900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.521000] ffff888100358980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.521291] ================================================================== [ 12.627965] ================================================================== [ 12.628218] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 12.628836] Write of size 1 at addr ffff8881021160eb by task kunit_try_catch/179 [ 12.629220] [ 12.629332] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.629389] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.629400] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.629421] Call Trace: [ 12.629436] <TASK> [ 12.629450] dump_stack_lvl+0x73/0xb0 [ 12.629480] print_report+0xd1/0x650 [ 12.629503] ? __virt_addr_valid+0x1db/0x2d0 [ 12.629526] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.629551] ? kasan_addr_to_slab+0x11/0xa0 [ 12.629572] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.629596] kasan_report+0x141/0x180 [ 12.629821] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.629851] __asan_report_store1_noabort+0x1b/0x30 [ 12.629877] krealloc_less_oob_helper+0xd47/0x11d0 [ 12.629904] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.629929] ? finish_task_switch.isra.0+0x153/0x700 [ 12.629952] ? __switch_to+0x47/0xf50 [ 12.629977] ? __schedule+0x10cc/0x2b60 [ 12.629999] ? __pfx_read_tsc+0x10/0x10 [ 12.630022] krealloc_large_less_oob+0x1c/0x30 [ 12.630046] kunit_try_run_case+0x1a5/0x480 [ 12.630069] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.630092] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.630116] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.630140] ? __kthread_parkme+0x82/0x180 [ 12.630160] ? preempt_count_sub+0x50/0x80 [ 12.630183] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.630207] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.630232] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.630257] kthread+0x337/0x6f0 [ 12.630275] ? trace_preempt_on+0x20/0xc0 [ 12.630298] ? __pfx_kthread+0x10/0x10 [ 12.630318] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.630340] ? calculate_sigpending+0x7b/0xa0 [ 12.630376] ? __pfx_kthread+0x10/0x10 [ 12.630398] ret_from_fork+0x116/0x1d0 [ 12.630416] ? __pfx_kthread+0x10/0x10 [ 12.630436] ret_from_fork_asm+0x1a/0x30 [ 12.630467] </TASK> [ 12.630477] [ 12.640771] The buggy address belongs to the physical page: [ 12.641208] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102114 [ 12.641666] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.641967] flags: 0x200000000000040(head|node=0|zone=2) [ 12.642208] page_type: f8(unknown) [ 12.642378] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.642956] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.643390] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.643863] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.644249] head: 0200000000000002 ffffea0004084501 00000000ffffffff 00000000ffffffff [ 12.644716] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.645136] page dumped because: kasan: bad access detected [ 12.645689] [ 12.645807] Memory state around the buggy address: [ 12.645999] ffff888102115f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.646572] ffff888102116000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.646884] >ffff888102116080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.647176] ^ [ 12.647721] ffff888102116100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.648036] ffff888102116180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.648470] ================================================================== [ 12.474014] ================================================================== [ 12.474638] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 12.474876] Write of size 1 at addr ffff8881003588ea by task kunit_try_catch/175 [ 12.475089] [ 12.475170] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.475209] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.475221] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.475240] Call Trace: [ 12.475250] <TASK> [ 12.475263] dump_stack_lvl+0x73/0xb0 [ 12.475290] print_report+0xd1/0x650 [ 12.475312] ? __virt_addr_valid+0x1db/0x2d0 [ 12.475336] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.475359] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.475402] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.475446] kasan_report+0x141/0x180 [ 12.475796] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.475831] __asan_report_store1_noabort+0x1b/0x30 [ 12.475858] krealloc_less_oob_helper+0xe90/0x11d0 [ 12.475884] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.475909] ? irqentry_exit+0x2a/0x60 [ 12.475929] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.475959] ? __pfx_read_tsc+0x10/0x10 [ 12.475983] krealloc_less_oob+0x1c/0x30 [ 12.476004] kunit_try_run_case+0x1a5/0x480 [ 12.476027] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.476050] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.476072] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.476095] ? __kthread_parkme+0x82/0x180 [ 12.476115] ? preempt_count_sub+0x50/0x80 [ 12.476139] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.476162] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.476193] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.476218] kthread+0x337/0x6f0 [ 12.476236] ? trace_preempt_on+0x20/0xc0 [ 12.476258] ? __pfx_kthread+0x10/0x10 [ 12.476278] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.476299] ? calculate_sigpending+0x7b/0xa0 [ 12.476323] ? __pfx_kthread+0x10/0x10 [ 12.476344] ret_from_fork+0x116/0x1d0 [ 12.476549] ? __pfx_kthread+0x10/0x10 [ 12.476581] ret_from_fork_asm+0x1a/0x30 [ 12.476611] </TASK> [ 12.476621] [ 12.488165] Allocated by task 175: [ 12.488342] kasan_save_stack+0x45/0x70 [ 12.488975] kasan_save_track+0x18/0x40 [ 12.489225] kasan_save_alloc_info+0x3b/0x50 [ 12.489551] __kasan_krealloc+0x190/0x1f0 [ 12.489926] krealloc_noprof+0xf3/0x340 [ 12.490227] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.490606] krealloc_less_oob+0x1c/0x30 [ 12.490800] kunit_try_run_case+0x1a5/0x480 [ 12.490994] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.491224] kthread+0x337/0x6f0 [ 12.491384] ret_from_fork+0x116/0x1d0 [ 12.491975] ret_from_fork_asm+0x1a/0x30 [ 12.492231] [ 12.492476] The buggy address belongs to the object at ffff888100358800 [ 12.492476] which belongs to the cache kmalloc-256 of size 256 [ 12.493207] The buggy address is located 33 bytes to the right of [ 12.493207] allocated 201-byte region [ffff888100358800, ffff8881003588c9) [ 12.493997] [ 12.494086] The buggy address belongs to the physical page: [ 12.494313] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100358 [ 12.494959] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.495575] flags: 0x200000000000040(head|node=0|zone=2) [ 12.495889] page_type: f5(slab) [ 12.496163] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.496666] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.496984] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.497287] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.498046] head: 0200000000000001 ffffea000400d601 00000000ffffffff 00000000ffffffff [ 12.498558] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.499181] page dumped because: kasan: bad access detected [ 12.499684] [ 12.499772] Memory state around the buggy address: [ 12.500164] ffff888100358780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.500693] ffff888100358800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.501174] >ffff888100358880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.501987] ^ [ 12.502202] ffff888100358900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.502550] ffff888100358980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.502799] ================================================================== [ 12.608947] ================================================================== [ 12.609341] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 12.609688] Write of size 1 at addr ffff8881021160ea by task kunit_try_catch/179 [ 12.609906] [ 12.609983] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.610019] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.610029] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.610046] Call Trace: [ 12.610060] <TASK> [ 12.610073] dump_stack_lvl+0x73/0xb0 [ 12.610097] print_report+0xd1/0x650 [ 12.610118] ? __virt_addr_valid+0x1db/0x2d0 [ 12.610139] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.610161] ? kasan_addr_to_slab+0x11/0xa0 [ 12.610180] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.610202] kasan_report+0x141/0x180 [ 12.610223] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.610249] __asan_report_store1_noabort+0x1b/0x30 [ 12.610273] krealloc_less_oob_helper+0xe90/0x11d0 [ 12.610297] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.610320] ? finish_task_switch.isra.0+0x153/0x700 [ 12.610340] ? __switch_to+0x47/0xf50 [ 12.610416] ? __schedule+0x10cc/0x2b60 [ 12.610441] ? __pfx_read_tsc+0x10/0x10 [ 12.610465] krealloc_large_less_oob+0x1c/0x30 [ 12.610488] kunit_try_run_case+0x1a5/0x480 [ 12.610511] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.610534] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.610556] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.610579] ? __kthread_parkme+0x82/0x180 [ 12.610599] ? preempt_count_sub+0x50/0x80 [ 12.610621] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.610645] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.610668] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.610693] kthread+0x337/0x6f0 [ 12.610711] ? trace_preempt_on+0x20/0xc0 [ 12.610734] ? __pfx_kthread+0x10/0x10 [ 12.610754] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.610775] ? calculate_sigpending+0x7b/0xa0 [ 12.610798] ? __pfx_kthread+0x10/0x10 [ 12.610819] ret_from_fork+0x116/0x1d0 [ 12.610837] ? __pfx_kthread+0x10/0x10 [ 12.610858] ret_from_fork_asm+0x1a/0x30 [ 12.610887] </TASK> [ 12.610896] [ 12.618619] The buggy address belongs to the physical page: [ 12.618878] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102114 [ 12.619244] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.619729] flags: 0x200000000000040(head|node=0|zone=2) [ 12.620085] page_type: f8(unknown) [ 12.620263] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.621070] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.621953] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.622236] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.623442] head: 0200000000000002 ffffea0004084501 00000000ffffffff 00000000ffffffff [ 12.623761] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.624084] page dumped because: kasan: bad access detected [ 12.624330] [ 12.624874] Memory state around the buggy address: [ 12.625073] ffff888102115f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.625542] ffff888102116000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.625839] >ffff888102116080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.626129] ^ [ 12.626657] ffff888102116100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.626912] ffff888102116180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.627204] ================================================================== [ 12.593219] ================================================================== [ 12.593563] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 12.593918] Write of size 1 at addr ffff8881021160da by task kunit_try_catch/179 [ 12.594438] [ 12.594548] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.594585] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.594596] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.594614] Call Trace: [ 12.594625] <TASK> [ 12.594638] dump_stack_lvl+0x73/0xb0 [ 12.594665] print_report+0xd1/0x650 [ 12.594686] ? __virt_addr_valid+0x1db/0x2d0 [ 12.594708] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.594731] ? kasan_addr_to_slab+0x11/0xa0 [ 12.594751] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.594775] kasan_report+0x141/0x180 [ 12.594796] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.594825] __asan_report_store1_noabort+0x1b/0x30 [ 12.594850] krealloc_less_oob_helper+0xec6/0x11d0 [ 12.594875] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.594900] ? finish_task_switch.isra.0+0x153/0x700 [ 12.594922] ? __switch_to+0x47/0xf50 [ 12.594945] ? __schedule+0x10cc/0x2b60 [ 12.594966] ? __pfx_read_tsc+0x10/0x10 [ 12.594990] krealloc_large_less_oob+0x1c/0x30 [ 12.595013] kunit_try_run_case+0x1a5/0x480 [ 12.595036] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.595058] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.595081] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.595105] ? __kthread_parkme+0x82/0x180 [ 12.595124] ? preempt_count_sub+0x50/0x80 [ 12.595147] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.595170] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.595194] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.595219] kthread+0x337/0x6f0 [ 12.595237] ? trace_preempt_on+0x20/0xc0 [ 12.595260] ? __pfx_kthread+0x10/0x10 [ 12.595280] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.595301] ? calculate_sigpending+0x7b/0xa0 [ 12.595325] ? __pfx_kthread+0x10/0x10 [ 12.595346] ret_from_fork+0x116/0x1d0 [ 12.595373] ? __pfx_kthread+0x10/0x10 [ 12.595394] ret_from_fork_asm+0x1a/0x30 [ 12.595424] </TASK> [ 12.595433] [ 12.602580] The buggy address belongs to the physical page: [ 12.602839] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102114 [ 12.603197] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.603542] flags: 0x200000000000040(head|node=0|zone=2) [ 12.603764] page_type: f8(unknown) [ 12.603893] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.604122] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.604770] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.605123] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.605405] head: 0200000000000002 ffffea0004084501 00000000ffffffff 00000000ffffffff [ 12.606077] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.606494] page dumped because: kasan: bad access detected [ 12.606793] [ 12.606883] Memory state around the buggy address: [ 12.607036] ffff888102115f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.607373] ffff888102116000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.607666] >ffff888102116080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.607876] ^ [ 12.608058] ffff888102116100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.608275] ffff888102116180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.608570] ================================================================== [ 12.561066] ================================================================== [ 12.561568] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 12.562216] Write of size 1 at addr ffff8881021160c9 by task kunit_try_catch/179 [ 12.562548] [ 12.562850] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.562894] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.562906] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.562924] Call Trace: [ 12.562935] <TASK> [ 12.562950] dump_stack_lvl+0x73/0xb0 [ 12.562981] print_report+0xd1/0x650 [ 12.563003] ? __virt_addr_valid+0x1db/0x2d0 [ 12.563026] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.563050] ? kasan_addr_to_slab+0x11/0xa0 [ 12.563070] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.563094] kasan_report+0x141/0x180 [ 12.563115] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.563144] __asan_report_store1_noabort+0x1b/0x30 [ 12.563168] krealloc_less_oob_helper+0xd70/0x11d0 [ 12.563194] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.563219] ? finish_task_switch.isra.0+0x153/0x700 [ 12.563241] ? __switch_to+0x47/0xf50 [ 12.563266] ? __schedule+0x10cc/0x2b60 [ 12.563288] ? __pfx_read_tsc+0x10/0x10 [ 12.563311] krealloc_large_less_oob+0x1c/0x30 [ 12.563334] kunit_try_run_case+0x1a5/0x480 [ 12.563385] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.563408] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.563431] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.563454] ? __kthread_parkme+0x82/0x180 [ 12.563476] ? preempt_count_sub+0x50/0x80 [ 12.563498] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.563522] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.563546] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.563570] kthread+0x337/0x6f0 [ 12.563589] ? trace_preempt_on+0x20/0xc0 [ 12.563612] ? __pfx_kthread+0x10/0x10 [ 12.563632] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.563653] ? calculate_sigpending+0x7b/0xa0 [ 12.563676] ? __pfx_kthread+0x10/0x10 [ 12.563697] ret_from_fork+0x116/0x1d0 [ 12.563715] ? __pfx_kthread+0x10/0x10 [ 12.563735] ret_from_fork_asm+0x1a/0x30 [ 12.563765] </TASK> [ 12.563774] [ 12.571213] The buggy address belongs to the physical page: [ 12.571435] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102114 [ 12.571701] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.572080] flags: 0x200000000000040(head|node=0|zone=2) [ 12.572271] page_type: f8(unknown) [ 12.572422] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.572816] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.573166] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.573555] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.573798] head: 0200000000000002 ffffea0004084501 00000000ffffffff 00000000ffffffff [ 12.574050] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.574391] page dumped because: kasan: bad access detected [ 12.574725] [ 12.574832] Memory state around the buggy address: [ 12.575035] ffff888102115f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.575441] ffff888102116000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.575740] >ffff888102116080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.576000] ^ [ 12.576207] ffff888102116100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.576432] ffff888102116180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.576940] ================================================================== [ 12.406585] ================================================================== [ 12.408840] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 12.410122] Write of size 1 at addr ffff8881003588c9 by task kunit_try_catch/175 [ 12.411360] [ 12.411623] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.411678] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.411690] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.411711] Call Trace: [ 12.411723] <TASK> [ 12.411739] dump_stack_lvl+0x73/0xb0 [ 12.411770] print_report+0xd1/0x650 [ 12.411791] ? __virt_addr_valid+0x1db/0x2d0 [ 12.411814] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.411838] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.411860] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.411884] kasan_report+0x141/0x180 [ 12.411906] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.411934] __asan_report_store1_noabort+0x1b/0x30 [ 12.411960] krealloc_less_oob_helper+0xd70/0x11d0 [ 12.411985] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.412010] ? irqentry_exit+0x2a/0x60 [ 12.412031] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.412059] ? __pfx_read_tsc+0x10/0x10 [ 12.412083] krealloc_less_oob+0x1c/0x30 [ 12.412104] kunit_try_run_case+0x1a5/0x480 [ 12.412127] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.412149] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.412172] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.412203] ? __kthread_parkme+0x82/0x180 [ 12.412224] ? preempt_count_sub+0x50/0x80 [ 12.412247] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.412271] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.412294] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.412318] kthread+0x337/0x6f0 [ 12.412336] ? trace_preempt_on+0x20/0xc0 [ 12.412360] ? __pfx_kthread+0x10/0x10 [ 12.412392] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.412413] ? calculate_sigpending+0x7b/0xa0 [ 12.412436] ? __pfx_kthread+0x10/0x10 [ 12.412457] ret_from_fork+0x116/0x1d0 [ 12.412474] ? __pfx_kthread+0x10/0x10 [ 12.412494] ret_from_fork_asm+0x1a/0x30 [ 12.412570] </TASK> [ 12.412580] [ 12.420416] Allocated by task 175: [ 12.420602] kasan_save_stack+0x45/0x70 [ 12.420819] kasan_save_track+0x18/0x40 [ 12.421051] kasan_save_alloc_info+0x3b/0x50 [ 12.421287] __kasan_krealloc+0x190/0x1f0 [ 12.421554] krealloc_noprof+0xf3/0x340 [ 12.421734] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.421910] krealloc_less_oob+0x1c/0x30 [ 12.422107] kunit_try_run_case+0x1a5/0x480 [ 12.422338] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.422581] kthread+0x337/0x6f0 [ 12.422700] ret_from_fork+0x116/0x1d0 [ 12.422829] ret_from_fork_asm+0x1a/0x30 [ 12.423030] [ 12.423135] The buggy address belongs to the object at ffff888100358800 [ 12.423135] which belongs to the cache kmalloc-256 of size 256 [ 12.423675] The buggy address is located 0 bytes to the right of [ 12.423675] allocated 201-byte region [ffff888100358800, ffff8881003588c9) [ 12.424085] [ 12.424157] The buggy address belongs to the physical page: [ 12.424425] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100358 [ 12.424805] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.425106] flags: 0x200000000000040(head|node=0|zone=2) [ 12.425356] page_type: f5(slab) [ 12.425546] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.425861] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.426195] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.426538] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.426883] head: 0200000000000001 ffffea000400d601 00000000ffffffff 00000000ffffffff [ 12.427208] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.427548] page dumped because: kasan: bad access detected [ 12.427795] [ 12.427877] Memory state around the buggy address: [ 12.428085] ffff888100358780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.428372] ffff888100358800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.428792] >ffff888100358880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.429124] ^ [ 12.429562] ffff888100358900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.429889] ffff888100358980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.430119] ================================================================== [ 12.431145] ================================================================== [ 12.431687] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 12.432111] Write of size 1 at addr ffff8881003588d0 by task kunit_try_catch/175 [ 12.432467] [ 12.432585] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.432623] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.432635] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.432665] Call Trace: [ 12.432675] <TASK> [ 12.432688] dump_stack_lvl+0x73/0xb0 [ 12.432717] print_report+0xd1/0x650 [ 12.432739] ? __virt_addr_valid+0x1db/0x2d0 [ 12.432760] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.432793] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.432815] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.432839] kasan_report+0x141/0x180 [ 12.432872] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.432901] __asan_report_store1_noabort+0x1b/0x30 [ 12.432927] krealloc_less_oob_helper+0xe23/0x11d0 [ 12.432962] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.432986] ? irqentry_exit+0x2a/0x60 [ 12.433006] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.433045] ? __pfx_read_tsc+0x10/0x10 [ 12.433069] krealloc_less_oob+0x1c/0x30 [ 12.433099] kunit_try_run_case+0x1a5/0x480 [ 12.433122] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.433144] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.433176] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.433199] ? __kthread_parkme+0x82/0x180 [ 12.433219] ? preempt_count_sub+0x50/0x80 [ 12.433241] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.433265] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.433288] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.433312] kthread+0x337/0x6f0 [ 12.433331] ? trace_preempt_on+0x20/0xc0 [ 12.433353] ? __pfx_kthread+0x10/0x10 [ 12.433390] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.433411] ? calculate_sigpending+0x7b/0xa0 [ 12.433445] ? __pfx_kthread+0x10/0x10 [ 12.433466] ret_from_fork+0x116/0x1d0 [ 12.433483] ? __pfx_kthread+0x10/0x10 [ 12.433503] ret_from_fork_asm+0x1a/0x30 [ 12.433533] </TASK> [ 12.433542] [ 12.440891] Allocated by task 175: [ 12.441023] kasan_save_stack+0x45/0x70 [ 12.441258] kasan_save_track+0x18/0x40 [ 12.441456] kasan_save_alloc_info+0x3b/0x50 [ 12.441665] __kasan_krealloc+0x190/0x1f0 [ 12.441861] krealloc_noprof+0xf3/0x340 [ 12.442047] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.442269] krealloc_less_oob+0x1c/0x30 [ 12.442414] kunit_try_run_case+0x1a5/0x480 [ 12.442575] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.442828] kthread+0x337/0x6f0 [ 12.443012] ret_from_fork+0x116/0x1d0 [ 12.443212] ret_from_fork_asm+0x1a/0x30 [ 12.443413] [ 12.443543] The buggy address belongs to the object at ffff888100358800 [ 12.443543] which belongs to the cache kmalloc-256 of size 256 [ 12.444038] The buggy address is located 7 bytes to the right of [ 12.444038] allocated 201-byte region [ffff888100358800, ffff8881003588c9) [ 12.444619] [ 12.444713] The buggy address belongs to the physical page: [ 12.444943] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100358 [ 12.445279] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.445677] flags: 0x200000000000040(head|node=0|zone=2) [ 12.445907] page_type: f5(slab) [ 12.446026] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.446253] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.446544] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.446894] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.447235] head: 0200000000000001 ffffea000400d601 00000000ffffffff 00000000ffffffff [ 12.447625] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.447849] page dumped because: kasan: bad access detected [ 12.448017] [ 12.448084] Memory state around the buggy address: [ 12.448312] ffff888100358780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.448935] ffff888100358800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.449271] >ffff888100358880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.449782] ^ [ 12.450048] ffff888100358900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.450392] ffff888100358980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.450695] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 12.542416] ================================================================== [ 12.542741] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 12.543008] Write of size 1 at addr ffff8881021160f0 by task kunit_try_catch/177 [ 12.543263] [ 12.543595] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.543640] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.543651] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.543669] Call Trace: [ 12.543682] <TASK> [ 12.543695] dump_stack_lvl+0x73/0xb0 [ 12.543724] print_report+0xd1/0x650 [ 12.543746] ? __virt_addr_valid+0x1db/0x2d0 [ 12.543768] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.543791] ? kasan_addr_to_slab+0x11/0xa0 [ 12.543812] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.543836] kasan_report+0x141/0x180 [ 12.543858] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.543886] __asan_report_store1_noabort+0x1b/0x30 [ 12.543912] krealloc_more_oob_helper+0x7eb/0x930 [ 12.543934] ? __schedule+0x10cc/0x2b60 [ 12.543956] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.543980] ? finish_task_switch.isra.0+0x153/0x700 [ 12.544003] ? __switch_to+0x47/0xf50 [ 12.544027] ? __schedule+0x10cc/0x2b60 [ 12.544047] ? __pfx_read_tsc+0x10/0x10 [ 12.544070] krealloc_large_more_oob+0x1c/0x30 [ 12.544093] kunit_try_run_case+0x1a5/0x480 [ 12.544116] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.544139] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.544161] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.544189] ? __kthread_parkme+0x82/0x180 [ 12.544209] ? preempt_count_sub+0x50/0x80 [ 12.544231] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.544255] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.544278] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.544303] kthread+0x337/0x6f0 [ 12.544321] ? trace_preempt_on+0x20/0xc0 [ 12.544344] ? __pfx_kthread+0x10/0x10 [ 12.544429] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.544451] ? calculate_sigpending+0x7b/0xa0 [ 12.544474] ? __pfx_kthread+0x10/0x10 [ 12.544495] ret_from_fork+0x116/0x1d0 [ 12.544513] ? __pfx_kthread+0x10/0x10 [ 12.544533] ret_from_fork_asm+0x1a/0x30 [ 12.544562] </TASK> [ 12.544571] [ 12.552404] The buggy address belongs to the physical page: [ 12.552778] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102114 [ 12.553111] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.553586] flags: 0x200000000000040(head|node=0|zone=2) [ 12.553807] page_type: f8(unknown) [ 12.553932] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.554186] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.554902] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.555407] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.555718] head: 0200000000000002 ffffea0004084501 00000000ffffffff 00000000ffffffff [ 12.555979] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.556212] page dumped because: kasan: bad access detected [ 12.556469] [ 12.556562] Memory state around the buggy address: [ 12.556782] ffff888102115f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.557130] ffff888102116000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.557346] >ffff888102116080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 12.557687] ^ [ 12.557998] ffff888102116100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.558313] ffff888102116180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.558638] ================================================================== [ 12.365257] ================================================================== [ 12.365766] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 12.366154] Write of size 1 at addr ffff8881003586f0 by task kunit_try_catch/173 [ 12.366626] [ 12.366735] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.366807] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.366818] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.366837] Call Trace: [ 12.366850] <TASK> [ 12.366864] dump_stack_lvl+0x73/0xb0 [ 12.366891] print_report+0xd1/0x650 [ 12.366913] ? __virt_addr_valid+0x1db/0x2d0 [ 12.366965] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.366988] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.367011] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.367035] kasan_report+0x141/0x180 [ 12.367057] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.367117] __asan_report_store1_noabort+0x1b/0x30 [ 12.367143] krealloc_more_oob_helper+0x7eb/0x930 [ 12.367165] ? __schedule+0x10cc/0x2b60 [ 12.367187] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.367211] ? finish_task_switch.isra.0+0x153/0x700 [ 12.367232] ? __switch_to+0x47/0xf50 [ 12.367256] ? __schedule+0x10cc/0x2b60 [ 12.367276] ? __pfx_read_tsc+0x10/0x10 [ 12.367300] krealloc_more_oob+0x1c/0x30 [ 12.367321] kunit_try_run_case+0x1a5/0x480 [ 12.367414] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.367457] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.367480] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.367504] ? __kthread_parkme+0x82/0x180 [ 12.367523] ? preempt_count_sub+0x50/0x80 [ 12.367546] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.367570] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.367593] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.367618] kthread+0x337/0x6f0 [ 12.367676] ? trace_preempt_on+0x20/0xc0 [ 12.367699] ? __pfx_kthread+0x10/0x10 [ 12.367719] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.367740] ? calculate_sigpending+0x7b/0xa0 [ 12.367762] ? __pfx_kthread+0x10/0x10 [ 12.367784] ret_from_fork+0x116/0x1d0 [ 12.367833] ? __pfx_kthread+0x10/0x10 [ 12.367853] ret_from_fork_asm+0x1a/0x30 [ 12.367883] </TASK> [ 12.367892] [ 12.382118] Allocated by task 173: [ 12.382522] kasan_save_stack+0x45/0x70 [ 12.382940] kasan_save_track+0x18/0x40 [ 12.383079] kasan_save_alloc_info+0x3b/0x50 [ 12.383228] __kasan_krealloc+0x190/0x1f0 [ 12.383444] krealloc_noprof+0xf3/0x340 [ 12.383889] krealloc_more_oob_helper+0x1a9/0x930 [ 12.384547] krealloc_more_oob+0x1c/0x30 [ 12.384953] kunit_try_run_case+0x1a5/0x480 [ 12.385411] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.385993] kthread+0x337/0x6f0 [ 12.386310] ret_from_fork+0x116/0x1d0 [ 12.386776] ret_from_fork_asm+0x1a/0x30 [ 12.386927] [ 12.387040] The buggy address belongs to the object at ffff888100358600 [ 12.387040] which belongs to the cache kmalloc-256 of size 256 [ 12.388150] The buggy address is located 5 bytes to the right of [ 12.388150] allocated 235-byte region [ffff888100358600, ffff8881003586eb) [ 12.389087] [ 12.389266] The buggy address belongs to the physical page: [ 12.389797] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100358 [ 12.390738] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.391238] flags: 0x200000000000040(head|node=0|zone=2) [ 12.391782] page_type: f5(slab) [ 12.392099] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.392850] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.393327] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.393936] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.394710] head: 0200000000000001 ffffea000400d601 00000000ffffffff 00000000ffffffff [ 12.394953] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.395181] page dumped because: kasan: bad access detected [ 12.395359] [ 12.395529] Memory state around the buggy address: [ 12.396084] ffff888100358580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.396844] ffff888100358600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.397533] >ffff888100358680: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 12.398281] ^ [ 12.399012] ffff888100358700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.400163] ffff888100358780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.400859] ================================================================== [ 12.525279] ================================================================== [ 12.526065] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 12.526346] Write of size 1 at addr ffff8881021160eb by task kunit_try_catch/177 [ 12.526784] [ 12.526939] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.526980] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.526991] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.527009] Call Trace: [ 12.527020] <TASK> [ 12.527035] dump_stack_lvl+0x73/0xb0 [ 12.527062] print_report+0xd1/0x650 [ 12.527084] ? __virt_addr_valid+0x1db/0x2d0 [ 12.527105] ? krealloc_more_oob_helper+0x821/0x930 [ 12.527128] ? kasan_addr_to_slab+0x11/0xa0 [ 12.527149] ? krealloc_more_oob_helper+0x821/0x930 [ 12.527172] kasan_report+0x141/0x180 [ 12.527194] ? krealloc_more_oob_helper+0x821/0x930 [ 12.527222] __asan_report_store1_noabort+0x1b/0x30 [ 12.527249] krealloc_more_oob_helper+0x821/0x930 [ 12.527272] ? __schedule+0x10cc/0x2b60 [ 12.527294] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.527318] ? finish_task_switch.isra.0+0x153/0x700 [ 12.527340] ? __switch_to+0x47/0xf50 [ 12.527389] ? __schedule+0x10cc/0x2b60 [ 12.527410] ? __pfx_read_tsc+0x10/0x10 [ 12.527433] krealloc_large_more_oob+0x1c/0x30 [ 12.527456] kunit_try_run_case+0x1a5/0x480 [ 12.527479] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.527501] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.527524] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.527547] ? __kthread_parkme+0x82/0x180 [ 12.527568] ? preempt_count_sub+0x50/0x80 [ 12.527590] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.527613] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.527637] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.527661] kthread+0x337/0x6f0 [ 12.527680] ? trace_preempt_on+0x20/0xc0 [ 12.527702] ? __pfx_kthread+0x10/0x10 [ 12.527722] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.527743] ? calculate_sigpending+0x7b/0xa0 [ 12.527766] ? __pfx_kthread+0x10/0x10 [ 12.527787] ret_from_fork+0x116/0x1d0 [ 12.527805] ? __pfx_kthread+0x10/0x10 [ 12.527825] ret_from_fork_asm+0x1a/0x30 [ 12.527855] </TASK> [ 12.527864] [ 12.535550] The buggy address belongs to the physical page: [ 12.535730] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102114 [ 12.536082] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.536653] flags: 0x200000000000040(head|node=0|zone=2) [ 12.536874] page_type: f8(unknown) [ 12.537032] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.537300] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.537798] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.538101] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.538549] head: 0200000000000002 ffffea0004084501 00000000ffffffff 00000000ffffffff [ 12.538826] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.539049] page dumped because: kasan: bad access detected [ 12.539218] [ 12.539315] Memory state around the buggy address: [ 12.539544] ffff888102115f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.539858] ffff888102116000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.540447] >ffff888102116080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 12.540658] ^ [ 12.540851] ffff888102116100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.541479] ffff888102116180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.541947] ================================================================== [ 12.343024] ================================================================== [ 12.343826] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 12.344176] Write of size 1 at addr ffff8881003586eb by task kunit_try_catch/173 [ 12.344570] [ 12.344684] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.344735] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.344746] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.344764] Call Trace: [ 12.344775] <TASK> [ 12.344800] dump_stack_lvl+0x73/0xb0 [ 12.344837] print_report+0xd1/0x650 [ 12.344859] ? __virt_addr_valid+0x1db/0x2d0 [ 12.344891] ? krealloc_more_oob_helper+0x821/0x930 [ 12.344914] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.344937] ? krealloc_more_oob_helper+0x821/0x930 [ 12.344960] kasan_report+0x141/0x180 [ 12.344983] ? krealloc_more_oob_helper+0x821/0x930 [ 12.345011] __asan_report_store1_noabort+0x1b/0x30 [ 12.345038] krealloc_more_oob_helper+0x821/0x930 [ 12.345069] ? __schedule+0x10cc/0x2b60 [ 12.345091] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.345115] ? finish_task_switch.isra.0+0x153/0x700 [ 12.345148] ? __switch_to+0x47/0xf50 [ 12.345174] ? __schedule+0x10cc/0x2b60 [ 12.345194] ? __pfx_read_tsc+0x10/0x10 [ 12.345218] krealloc_more_oob+0x1c/0x30 [ 12.345239] kunit_try_run_case+0x1a5/0x480 [ 12.345272] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.345294] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.345317] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.345402] ? __kthread_parkme+0x82/0x180 [ 12.345426] ? preempt_count_sub+0x50/0x80 [ 12.345461] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.345485] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.345509] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.345534] kthread+0x337/0x6f0 [ 12.345552] ? trace_preempt_on+0x20/0xc0 [ 12.345574] ? __pfx_kthread+0x10/0x10 [ 12.345594] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.345615] ? calculate_sigpending+0x7b/0xa0 [ 12.345638] ? __pfx_kthread+0x10/0x10 [ 12.345659] ret_from_fork+0x116/0x1d0 [ 12.345677] ? __pfx_kthread+0x10/0x10 [ 12.345696] ret_from_fork_asm+0x1a/0x30 [ 12.345726] </TASK> [ 12.345736] [ 12.354231] Allocated by task 173: [ 12.354587] kasan_save_stack+0x45/0x70 [ 12.354822] kasan_save_track+0x18/0x40 [ 12.355001] kasan_save_alloc_info+0x3b/0x50 [ 12.355232] __kasan_krealloc+0x190/0x1f0 [ 12.355491] krealloc_noprof+0xf3/0x340 [ 12.355698] krealloc_more_oob_helper+0x1a9/0x930 [ 12.355918] krealloc_more_oob+0x1c/0x30 [ 12.356112] kunit_try_run_case+0x1a5/0x480 [ 12.356327] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.356663] kthread+0x337/0x6f0 [ 12.356791] ret_from_fork+0x116/0x1d0 [ 12.356923] ret_from_fork_asm+0x1a/0x30 [ 12.357061] [ 12.357167] The buggy address belongs to the object at ffff888100358600 [ 12.357167] which belongs to the cache kmalloc-256 of size 256 [ 12.357839] The buggy address is located 0 bytes to the right of [ 12.357839] allocated 235-byte region [ffff888100358600, ffff8881003586eb) [ 12.358320] [ 12.358401] The buggy address belongs to the physical page: [ 12.358571] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100358 [ 12.359011] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.359441] flags: 0x200000000000040(head|node=0|zone=2) [ 12.359679] page_type: f5(slab) [ 12.359835] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.360141] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.361322] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.361584] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.361819] head: 0200000000000001 ffffea000400d601 00000000ffffffff 00000000ffffffff [ 12.362049] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.362275] page dumped because: kasan: bad access detected [ 12.362453] [ 12.362523] Memory state around the buggy address: [ 12.362678] ffff888100358580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.362892] ffff888100358600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.363103] >ffff888100358680: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 12.363312] ^ [ 12.363722] ffff888100358700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.364046] ffff888100358780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.364520] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 12.323864] ================================================================== [ 12.324578] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 12.324873] Read of size 1 at addr ffff888103910000 by task kunit_try_catch/171 [ 12.325195] [ 12.325312] CPU: 1 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.325353] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.325375] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.325394] Call Trace: [ 12.325405] <TASK> [ 12.325419] dump_stack_lvl+0x73/0xb0 [ 12.325542] print_report+0xd1/0x650 [ 12.325564] ? __virt_addr_valid+0x1db/0x2d0 [ 12.325586] ? page_alloc_uaf+0x356/0x3d0 [ 12.325607] ? kasan_addr_to_slab+0x11/0xa0 [ 12.325627] ? page_alloc_uaf+0x356/0x3d0 [ 12.325797] kasan_report+0x141/0x180 [ 12.325826] ? page_alloc_uaf+0x356/0x3d0 [ 12.325852] __asan_report_load1_noabort+0x18/0x20 [ 12.325876] page_alloc_uaf+0x356/0x3d0 [ 12.325897] ? __pfx_page_alloc_uaf+0x10/0x10 [ 12.325920] ? __schedule+0x10cc/0x2b60 [ 12.325942] ? __pfx_read_tsc+0x10/0x10 [ 12.325962] ? ktime_get_ts64+0x86/0x230 [ 12.325998] kunit_try_run_case+0x1a5/0x480 [ 12.326022] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.326056] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.326080] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.326103] ? __kthread_parkme+0x82/0x180 [ 12.326123] ? preempt_count_sub+0x50/0x80 [ 12.326146] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.326169] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.326193] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.326218] kthread+0x337/0x6f0 [ 12.326236] ? trace_preempt_on+0x20/0xc0 [ 12.326259] ? __pfx_kthread+0x10/0x10 [ 12.326279] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.326300] ? calculate_sigpending+0x7b/0xa0 [ 12.326324] ? __pfx_kthread+0x10/0x10 [ 12.326345] ret_from_fork+0x116/0x1d0 [ 12.326505] ? __pfx_kthread+0x10/0x10 [ 12.326527] ret_from_fork_asm+0x1a/0x30 [ 12.326557] </TASK> [ 12.326566] [ 12.334685] The buggy address belongs to the physical page: [ 12.334941] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103910 [ 12.335281] flags: 0x200000000000000(node=0|zone=2) [ 12.335559] page_type: f0(buddy) [ 12.335682] raw: 0200000000000000 ffff88817fffc460 ffff88817fffc460 0000000000000000 [ 12.336164] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 12.336619] page dumped because: kasan: bad access detected [ 12.336853] [ 12.336947] Memory state around the buggy address: [ 12.337190] ffff88810390ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.337593] ffff88810390ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.337888] >ffff888103910000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.338200] ^ [ 12.338351] ffff888103910080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.338870] ffff888103910100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.339089] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 12.300643] ================================================================== [ 12.301151] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 12.301455] Free of addr ffff888102a38001 by task kunit_try_catch/167 [ 12.301855] [ 12.301991] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.302034] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.302057] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.302076] Call Trace: [ 12.302087] <TASK> [ 12.302101] dump_stack_lvl+0x73/0xb0 [ 12.302152] print_report+0xd1/0x650 [ 12.302173] ? __virt_addr_valid+0x1db/0x2d0 [ 12.302197] ? kasan_addr_to_slab+0x11/0xa0 [ 12.302227] ? kfree+0x274/0x3f0 [ 12.302248] kasan_report_invalid_free+0x10a/0x130 [ 12.302272] ? kfree+0x274/0x3f0 [ 12.302295] ? kfree+0x274/0x3f0 [ 12.302314] __kasan_kfree_large+0x86/0xd0 [ 12.302335] free_large_kmalloc+0x4b/0x110 [ 12.302426] kfree+0x274/0x3f0 [ 12.302451] kmalloc_large_invalid_free+0x120/0x2b0 [ 12.302474] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 12.302498] ? __schedule+0x10cc/0x2b60 [ 12.302531] ? __pfx_read_tsc+0x10/0x10 [ 12.302551] ? ktime_get_ts64+0x86/0x230 [ 12.302575] kunit_try_run_case+0x1a5/0x480 [ 12.302610] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.302632] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.302655] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.302679] ? __kthread_parkme+0x82/0x180 [ 12.302699] ? preempt_count_sub+0x50/0x80 [ 12.302722] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.302746] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.302770] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.302795] kthread+0x337/0x6f0 [ 12.302813] ? trace_preempt_on+0x20/0xc0 [ 12.302836] ? __pfx_kthread+0x10/0x10 [ 12.302856] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.302877] ? calculate_sigpending+0x7b/0xa0 [ 12.302900] ? __pfx_kthread+0x10/0x10 [ 12.302921] ret_from_fork+0x116/0x1d0 [ 12.302938] ? __pfx_kthread+0x10/0x10 [ 12.302958] ret_from_fork_asm+0x1a/0x30 [ 12.302988] </TASK> [ 12.302998] [ 12.310987] The buggy address belongs to the physical page: [ 12.311251] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a38 [ 12.311649] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.311995] flags: 0x200000000000040(head|node=0|zone=2) [ 12.312173] page_type: f8(unknown) [ 12.312371] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.312796] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.313049] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.313900] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.314227] head: 0200000000000002 ffffea00040a8e01 00000000ffffffff 00000000ffffffff [ 12.314667] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.314979] page dumped because: kasan: bad access detected [ 12.315152] [ 12.315268] Memory state around the buggy address: [ 12.315632] ffff888102a37f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.315899] ffff888102a37f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.316301] >ffff888102a38000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.316744] ^ [ 12.316931] ffff888102a38080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.317214] ffff888102a38100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.317821] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 12.282739] ================================================================== [ 12.283234] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 12.283598] Read of size 1 at addr ffff888102a38000 by task kunit_try_catch/165 [ 12.283879] [ 12.284128] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.284172] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.284188] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.284218] Call Trace: [ 12.284230] <TASK> [ 12.284245] dump_stack_lvl+0x73/0xb0 [ 12.284287] print_report+0xd1/0x650 [ 12.284309] ? __virt_addr_valid+0x1db/0x2d0 [ 12.284333] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.284354] ? kasan_addr_to_slab+0x11/0xa0 [ 12.284443] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.284475] kasan_report+0x141/0x180 [ 12.284497] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.284522] __asan_report_load1_noabort+0x18/0x20 [ 12.284558] kmalloc_large_uaf+0x2f1/0x340 [ 12.284580] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 12.284602] ? __schedule+0x10cc/0x2b60 [ 12.284624] ? __pfx_read_tsc+0x10/0x10 [ 12.284645] ? ktime_get_ts64+0x86/0x230 [ 12.284669] kunit_try_run_case+0x1a5/0x480 [ 12.284695] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.284717] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.284750] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.284773] ? __kthread_parkme+0x82/0x180 [ 12.284793] ? preempt_count_sub+0x50/0x80 [ 12.284827] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.284851] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.284875] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.284900] kthread+0x337/0x6f0 [ 12.284918] ? trace_preempt_on+0x20/0xc0 [ 12.284951] ? __pfx_kthread+0x10/0x10 [ 12.284971] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.284992] ? calculate_sigpending+0x7b/0xa0 [ 12.285026] ? __pfx_kthread+0x10/0x10 [ 12.285046] ret_from_fork+0x116/0x1d0 [ 12.285064] ? __pfx_kthread+0x10/0x10 [ 12.285084] ret_from_fork_asm+0x1a/0x30 [ 12.285115] </TASK> [ 12.285125] [ 12.293164] The buggy address belongs to the physical page: [ 12.293417] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a38 [ 12.293768] flags: 0x200000000000000(node=0|zone=2) [ 12.294178] raw: 0200000000000000 ffffea00040a8f08 ffff88815b139f80 0000000000000000 [ 12.294699] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 12.295025] page dumped because: kasan: bad access detected [ 12.295251] [ 12.295344] Memory state around the buggy address: [ 12.295697] ffff888102a37f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.296001] ffff888102a37f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.296313] >ffff888102a38000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.296731] ^ [ 12.296912] ffff888102a38080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.297146] ffff888102a38100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.297361] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 12.261675] ================================================================== [ 12.262129] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 12.262596] Write of size 1 at addr ffff88810211200a by task kunit_try_catch/163 [ 12.262969] [ 12.263216] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.263261] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.263272] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.263291] Call Trace: [ 12.263301] <TASK> [ 12.263315] dump_stack_lvl+0x73/0xb0 [ 12.263344] print_report+0xd1/0x650 [ 12.263435] ? __virt_addr_valid+0x1db/0x2d0 [ 12.263459] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.263481] ? kasan_addr_to_slab+0x11/0xa0 [ 12.263502] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.263524] kasan_report+0x141/0x180 [ 12.263547] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.263585] __asan_report_store1_noabort+0x1b/0x30 [ 12.263612] kmalloc_large_oob_right+0x2e9/0x330 [ 12.263634] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 12.263670] ? __schedule+0x10cc/0x2b60 [ 12.263692] ? __pfx_read_tsc+0x10/0x10 [ 12.263713] ? ktime_get_ts64+0x86/0x230 [ 12.263736] kunit_try_run_case+0x1a5/0x480 [ 12.263759] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.263781] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.263804] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.263827] ? __kthread_parkme+0x82/0x180 [ 12.263846] ? preempt_count_sub+0x50/0x80 [ 12.263869] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.263893] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.263916] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.263941] kthread+0x337/0x6f0 [ 12.263959] ? trace_preempt_on+0x20/0xc0 [ 12.263981] ? __pfx_kthread+0x10/0x10 [ 12.264001] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.264022] ? calculate_sigpending+0x7b/0xa0 [ 12.264046] ? __pfx_kthread+0x10/0x10 [ 12.264066] ret_from_fork+0x116/0x1d0 [ 12.264084] ? __pfx_kthread+0x10/0x10 [ 12.264104] ret_from_fork_asm+0x1a/0x30 [ 12.264134] </TASK> [ 12.264143] [ 12.272163] The buggy address belongs to the physical page: [ 12.272576] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102110 [ 12.272922] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.273212] flags: 0x200000000000040(head|node=0|zone=2) [ 12.273421] page_type: f8(unknown) [ 12.273626] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.274092] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.274566] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.274863] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.275130] head: 0200000000000002 ffffea0004084401 00000000ffffffff 00000000ffffffff [ 12.275500] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.275797] page dumped because: kasan: bad access detected [ 12.275966] [ 12.276078] Memory state around the buggy address: [ 12.276314] ffff888102111f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.276836] ffff888102111f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.277151] >ffff888102112000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.277393] ^ [ 12.277536] ffff888102112080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.277962] ffff888102112100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.278205] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 12.235639] ================================================================== [ 12.236160] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 12.236505] Write of size 1 at addr ffff8881038e1f00 by task kunit_try_catch/161 [ 12.236808] [ 12.236917] CPU: 0 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.236958] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.236969] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.236988] Call Trace: [ 12.236999] <TASK> [ 12.237015] dump_stack_lvl+0x73/0xb0 [ 12.237046] print_report+0xd1/0x650 [ 12.237069] ? __virt_addr_valid+0x1db/0x2d0 [ 12.237274] ? kmalloc_big_oob_right+0x316/0x370 [ 12.237297] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.237320] ? kmalloc_big_oob_right+0x316/0x370 [ 12.237343] kasan_report+0x141/0x180 [ 12.237373] ? kmalloc_big_oob_right+0x316/0x370 [ 12.237400] __asan_report_store1_noabort+0x1b/0x30 [ 12.237427] kmalloc_big_oob_right+0x316/0x370 [ 12.237461] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 12.237484] ? __schedule+0x10cc/0x2b60 [ 12.237507] ? __pfx_read_tsc+0x10/0x10 [ 12.237528] ? ktime_get_ts64+0x86/0x230 [ 12.237552] kunit_try_run_case+0x1a5/0x480 [ 12.237577] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.237600] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.237623] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.237646] ? __kthread_parkme+0x82/0x180 [ 12.237666] ? preempt_count_sub+0x50/0x80 [ 12.237702] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.237902] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.237932] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.237957] kthread+0x337/0x6f0 [ 12.237976] ? trace_preempt_on+0x20/0xc0 [ 12.237999] ? __pfx_kthread+0x10/0x10 [ 12.238019] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.238040] ? calculate_sigpending+0x7b/0xa0 [ 12.238063] ? __pfx_kthread+0x10/0x10 [ 12.238084] ret_from_fork+0x116/0x1d0 [ 12.238101] ? __pfx_kthread+0x10/0x10 [ 12.238121] ret_from_fork_asm+0x1a/0x30 [ 12.238152] </TASK> [ 12.238161] [ 12.245757] Allocated by task 161: [ 12.245913] kasan_save_stack+0x45/0x70 [ 12.246125] kasan_save_track+0x18/0x40 [ 12.246316] kasan_save_alloc_info+0x3b/0x50 [ 12.246502] __kasan_kmalloc+0xb7/0xc0 [ 12.246927] __kmalloc_cache_noprof+0x189/0x420 [ 12.247137] kmalloc_big_oob_right+0xa9/0x370 [ 12.247286] kunit_try_run_case+0x1a5/0x480 [ 12.247444] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.247684] kthread+0x337/0x6f0 [ 12.247848] ret_from_fork+0x116/0x1d0 [ 12.248051] ret_from_fork_asm+0x1a/0x30 [ 12.248306] [ 12.248382] The buggy address belongs to the object at ffff8881038e0000 [ 12.248382] which belongs to the cache kmalloc-8k of size 8192 [ 12.249172] The buggy address is located 0 bytes to the right of [ 12.249172] allocated 7936-byte region [ffff8881038e0000, ffff8881038e1f00) [ 12.249768] [ 12.249984] The buggy address belongs to the physical page: [ 12.250247] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e0 [ 12.250665] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.250907] flags: 0x200000000000040(head|node=0|zone=2) [ 12.251185] page_type: f5(slab) [ 12.251351] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 12.251866] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 12.252201] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 12.252733] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 12.253070] head: 0200000000000003 ffffea00040e3801 00000000ffffffff 00000000ffffffff [ 12.253397] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 12.253760] page dumped because: kasan: bad access detected [ 12.253961] [ 12.254065] Memory state around the buggy address: [ 12.254285] ffff8881038e1e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.254667] ffff8881038e1e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.255020] >ffff8881038e1f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.255464] ^ [ 12.255649] ffff8881038e1f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.255969] ffff8881038e2000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.256283] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 12.202152] ================================================================== [ 12.202871] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.203206] Write of size 1 at addr ffff888102d5f378 by task kunit_try_catch/159 [ 12.203548] [ 12.203711] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.203751] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.203761] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.203779] Call Trace: [ 12.203790] <TASK> [ 12.203804] dump_stack_lvl+0x73/0xb0 [ 12.203831] print_report+0xd1/0x650 [ 12.203852] ? __virt_addr_valid+0x1db/0x2d0 [ 12.203873] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.203898] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.203920] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.203957] kasan_report+0x141/0x180 [ 12.203979] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.204009] __asan_report_store1_noabort+0x1b/0x30 [ 12.204046] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.204072] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 12.204099] ? __schedule+0x10cc/0x2b60 [ 12.204120] ? __pfx_read_tsc+0x10/0x10 [ 12.204141] ? ktime_get_ts64+0x86/0x230 [ 12.204164] kunit_try_run_case+0x1a5/0x480 [ 12.204193] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.204215] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.204238] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.204261] ? __kthread_parkme+0x82/0x180 [ 12.204281] ? preempt_count_sub+0x50/0x80 [ 12.204304] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.204327] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.204351] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.204386] kthread+0x337/0x6f0 [ 12.204405] ? trace_preempt_on+0x20/0xc0 [ 12.204428] ? __pfx_kthread+0x10/0x10 [ 12.204459] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.204480] ? calculate_sigpending+0x7b/0xa0 [ 12.204503] ? __pfx_kthread+0x10/0x10 [ 12.204524] ret_from_fork+0x116/0x1d0 [ 12.204542] ? __pfx_kthread+0x10/0x10 [ 12.204562] ret_from_fork_asm+0x1a/0x30 [ 12.204592] </TASK> [ 12.204602] [ 12.211902] Allocated by task 159: [ 12.212090] kasan_save_stack+0x45/0x70 [ 12.212314] kasan_save_track+0x18/0x40 [ 12.212595] kasan_save_alloc_info+0x3b/0x50 [ 12.212772] __kasan_kmalloc+0xb7/0xc0 [ 12.212907] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 12.213188] kmalloc_track_caller_oob_right+0x99/0x520 [ 12.213423] kunit_try_run_case+0x1a5/0x480 [ 12.213617] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.213955] kthread+0x337/0x6f0 [ 12.214123] ret_from_fork+0x116/0x1d0 [ 12.214308] ret_from_fork_asm+0x1a/0x30 [ 12.214539] [ 12.214626] The buggy address belongs to the object at ffff888102d5f300 [ 12.214626] which belongs to the cache kmalloc-128 of size 128 [ 12.215119] The buggy address is located 0 bytes to the right of [ 12.215119] allocated 120-byte region [ffff888102d5f300, ffff888102d5f378) [ 12.215497] [ 12.215569] The buggy address belongs to the physical page: [ 12.215819] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d5f [ 12.216190] flags: 0x200000000000000(node=0|zone=2) [ 12.216427] page_type: f5(slab) [ 12.216628] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.216859] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.217111] page dumped because: kasan: bad access detected [ 12.217360] [ 12.217480] Memory state around the buggy address: [ 12.217728] ffff888102d5f200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.218048] ffff888102d5f280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.218427] >ffff888102d5f300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.218683] ^ [ 12.218919] ffff888102d5f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.219229] ffff888102d5f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.219698] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 12.179568] ================================================================== [ 12.180039] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 12.180356] Read of size 1 at addr ffff8881029e3000 by task kunit_try_catch/157 [ 12.180837] [ 12.180961] CPU: 1 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.181004] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.181015] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.181034] Call Trace: [ 12.181045] <TASK> [ 12.181060] dump_stack_lvl+0x73/0xb0 [ 12.181101] print_report+0xd1/0x650 [ 12.181122] ? __virt_addr_valid+0x1db/0x2d0 [ 12.181144] ? kmalloc_node_oob_right+0x369/0x3c0 [ 12.181179] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.181202] ? kmalloc_node_oob_right+0x369/0x3c0 [ 12.181225] kasan_report+0x141/0x180 [ 12.181246] ? kmalloc_node_oob_right+0x369/0x3c0 [ 12.181274] __asan_report_load1_noabort+0x18/0x20 [ 12.181299] kmalloc_node_oob_right+0x369/0x3c0 [ 12.181330] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 12.181355] ? __schedule+0x10cc/0x2b60 [ 12.181393] ? __pfx_read_tsc+0x10/0x10 [ 12.181414] ? ktime_get_ts64+0x86/0x230 [ 12.181438] kunit_try_run_case+0x1a5/0x480 [ 12.181461] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.181484] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.181507] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.181548] ? __kthread_parkme+0x82/0x180 [ 12.181569] ? preempt_count_sub+0x50/0x80 [ 12.181592] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.181627] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.181651] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.181676] kthread+0x337/0x6f0 [ 12.181694] ? trace_preempt_on+0x20/0xc0 [ 12.181718] ? __pfx_kthread+0x10/0x10 [ 12.181738] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.181759] ? calculate_sigpending+0x7b/0xa0 [ 12.181783] ? __pfx_kthread+0x10/0x10 [ 12.181804] ret_from_fork+0x116/0x1d0 [ 12.181821] ? __pfx_kthread+0x10/0x10 [ 12.181842] ret_from_fork_asm+0x1a/0x30 [ 12.181872] </TASK> [ 12.181881] [ 12.188988] Allocated by task 157: [ 12.189170] kasan_save_stack+0x45/0x70 [ 12.189340] kasan_save_track+0x18/0x40 [ 12.189649] kasan_save_alloc_info+0x3b/0x50 [ 12.189827] __kasan_kmalloc+0xb7/0xc0 [ 12.189959] __kmalloc_cache_node_noprof+0x188/0x420 [ 12.190217] kmalloc_node_oob_right+0xab/0x3c0 [ 12.190443] kunit_try_run_case+0x1a5/0x480 [ 12.190649] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.190927] kthread+0x337/0x6f0 [ 12.191060] ret_from_fork+0x116/0x1d0 [ 12.191265] ret_from_fork_asm+0x1a/0x30 [ 12.191420] [ 12.191491] The buggy address belongs to the object at ffff8881029e2000 [ 12.191491] which belongs to the cache kmalloc-4k of size 4096 [ 12.191936] The buggy address is located 0 bytes to the right of [ 12.191936] allocated 4096-byte region [ffff8881029e2000, ffff8881029e3000) [ 12.192572] [ 12.192645] The buggy address belongs to the physical page: [ 12.192867] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e0 [ 12.193601] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.193980] flags: 0x200000000000040(head|node=0|zone=2) [ 12.194294] page_type: f5(slab) [ 12.194428] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 12.194819] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 12.195205] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 12.195597] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 12.195899] head: 0200000000000003 ffffea00040a7801 00000000ffffffff 00000000ffffffff [ 12.196253] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 12.196627] page dumped because: kasan: bad access detected [ 12.196862] [ 12.196968] Memory state around the buggy address: [ 12.197168] ffff8881029e2f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.197464] ffff8881029e2f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.197774] >ffff8881029e3000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.198058] ^ [ 12.198202] ffff8881029e3080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.198477] ffff8881029e3100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.198932] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 12.134816] ================================================================== [ 12.136380] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 12.137222] Read of size 1 at addr ffff88810266b21f by task kunit_try_catch/155 [ 12.137547] [ 12.137907] CPU: 1 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.137957] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.137969] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.137990] Call Trace: [ 12.138003] <TASK> [ 12.138020] dump_stack_lvl+0x73/0xb0 [ 12.138052] print_report+0xd1/0x650 [ 12.138074] ? __virt_addr_valid+0x1db/0x2d0 [ 12.138098] ? kmalloc_oob_left+0x361/0x3c0 [ 12.138118] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.138140] ? kmalloc_oob_left+0x361/0x3c0 [ 12.138161] kasan_report+0x141/0x180 [ 12.138182] ? kmalloc_oob_left+0x361/0x3c0 [ 12.138209] __asan_report_load1_noabort+0x18/0x20 [ 12.138234] kmalloc_oob_left+0x361/0x3c0 [ 12.138255] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 12.138277] ? __schedule+0x10cc/0x2b60 [ 12.138299] ? __pfx_read_tsc+0x10/0x10 [ 12.138320] ? ktime_get_ts64+0x86/0x230 [ 12.138346] kunit_try_run_case+0x1a5/0x480 [ 12.138385] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.138408] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.138602] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.138633] ? __kthread_parkme+0x82/0x180 [ 12.138655] ? preempt_count_sub+0x50/0x80 [ 12.138679] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.138704] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.138728] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.138753] kthread+0x337/0x6f0 [ 12.138771] ? trace_preempt_on+0x20/0xc0 [ 12.138794] ? __pfx_kthread+0x10/0x10 [ 12.138814] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.138835] ? calculate_sigpending+0x7b/0xa0 [ 12.138859] ? __pfx_kthread+0x10/0x10 [ 12.138880] ret_from_fork+0x116/0x1d0 [ 12.138897] ? __pfx_kthread+0x10/0x10 [ 12.138917] ret_from_fork_asm+0x1a/0x30 [ 12.138948] </TASK> [ 12.138959] [ 12.154577] Allocated by task 1: [ 12.154992] kasan_save_stack+0x45/0x70 [ 12.155276] kasan_save_track+0x18/0x40 [ 12.155459] kasan_save_alloc_info+0x3b/0x50 [ 12.155812] __kasan_kmalloc+0xb7/0xc0 [ 12.155946] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 12.156124] kvasprintf+0xc5/0x150 [ 12.156253] __kthread_create_on_node+0x18b/0x3a0 [ 12.156431] kthread_create_on_node+0xab/0xe0 [ 12.156708] cryptomgr_notify+0x704/0x9f0 [ 12.156909] notifier_call_chain+0xcb/0x250 [ 12.157179] blocking_notifier_call_chain+0x64/0x90 [ 12.157508] crypto_alg_mod_lookup+0x21f/0x440 [ 12.157722] crypto_alloc_tfm_node+0xc5/0x1f0 [ 12.157992] crypto_alloc_sig+0x23/0x30 [ 12.158225] public_key_verify_signature+0x208/0x9f0 [ 12.158571] x509_check_for_self_signed+0x2cb/0x480 [ 12.158898] x509_cert_parse+0x59c/0x830 [ 12.159131] x509_key_preparse+0x68/0x8a0 [ 12.159351] asymmetric_key_preparse+0xb1/0x160 [ 12.159637] __key_create_or_update+0x43d/0xcc0 [ 12.160029] key_create_or_update+0x17/0x20 [ 12.160253] x509_load_certificate_list+0x174/0x200 [ 12.160592] regulatory_init_db+0xee/0x3a0 [ 12.161163] do_one_initcall+0xd8/0x370 [ 12.161514] kernel_init_freeable+0x420/0x6f0 [ 12.161918] kernel_init+0x23/0x1e0 [ 12.162045] ret_from_fork+0x116/0x1d0 [ 12.162173] ret_from_fork_asm+0x1a/0x30 [ 12.162307] [ 12.162497] Freed by task 0: [ 12.162903] kasan_save_stack+0x45/0x70 [ 12.163304] kasan_save_track+0x18/0x40 [ 12.163849] kasan_save_free_info+0x3f/0x60 [ 12.164269] __kasan_slab_free+0x56/0x70 [ 12.164776] kfree+0x222/0x3f0 [ 12.165110] free_kthread_struct+0xeb/0x150 [ 12.165633] free_task+0xf3/0x130 [ 12.165899] __put_task_struct+0x1c8/0x480 [ 12.166114] delayed_put_task_struct+0x10a/0x150 [ 12.166270] rcu_core+0x66f/0x1c40 [ 12.166433] rcu_core_si+0x12/0x20 [ 12.166796] handle_softirqs+0x209/0x730 [ 12.167234] __irq_exit_rcu+0xc9/0x110 [ 12.167723] irq_exit_rcu+0x12/0x20 [ 12.168063] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.168478] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 12.168781] [ 12.168860] The buggy address belongs to the object at ffff88810266b200 [ 12.168860] which belongs to the cache kmalloc-16 of size 16 [ 12.169203] The buggy address is located 15 bytes to the right of [ 12.169203] allocated 16-byte region [ffff88810266b200, ffff88810266b210) [ 12.170009] [ 12.170087] The buggy address belongs to the physical page: [ 12.170256] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10266b [ 12.170933] flags: 0x200000000000000(node=0|zone=2) [ 12.171472] page_type: f5(slab) [ 12.171869] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.172668] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.173190] page dumped because: kasan: bad access detected [ 12.173386] [ 12.173521] Memory state around the buggy address: [ 12.173970] ffff88810266b100: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 12.174638] ffff88810266b180: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 12.175043] >ffff88810266b200: fa fb fc fc 00 07 fc fc fc fc fc fc fc fc fc fc [ 12.175250] ^ [ 12.175390] ffff88810266b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.175709] ffff88810266b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.176054] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 12.068819] ================================================================== [ 12.069400] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 12.070123] Write of size 1 at addr ffff8881027a3373 by task kunit_try_catch/153 [ 12.070531] [ 12.071532] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.071870] Tainted: [N]=TEST [ 12.071900] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.072108] Call Trace: [ 12.072172] <TASK> [ 12.072317] dump_stack_lvl+0x73/0xb0 [ 12.072442] print_report+0xd1/0x650 [ 12.072474] ? __virt_addr_valid+0x1db/0x2d0 [ 12.072500] ? kmalloc_oob_right+0x6f0/0x7f0 [ 12.072521] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.072544] ? kmalloc_oob_right+0x6f0/0x7f0 [ 12.072566] kasan_report+0x141/0x180 [ 12.072588] ? kmalloc_oob_right+0x6f0/0x7f0 [ 12.072615] __asan_report_store1_noabort+0x1b/0x30 [ 12.072641] kmalloc_oob_right+0x6f0/0x7f0 [ 12.072663] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.072686] ? __schedule+0x10cc/0x2b60 [ 12.072709] ? __pfx_read_tsc+0x10/0x10 [ 12.072731] ? ktime_get_ts64+0x86/0x230 [ 12.072757] kunit_try_run_case+0x1a5/0x480 [ 12.072784] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.072806] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.072831] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.072854] ? __kthread_parkme+0x82/0x180 [ 12.072876] ? preempt_count_sub+0x50/0x80 [ 12.072901] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.072925] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.072949] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.072974] kthread+0x337/0x6f0 [ 12.072992] ? trace_preempt_on+0x20/0xc0 [ 12.073017] ? __pfx_kthread+0x10/0x10 [ 12.073037] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.073058] ? calculate_sigpending+0x7b/0xa0 [ 12.073083] ? __pfx_kthread+0x10/0x10 [ 12.073104] ret_from_fork+0x116/0x1d0 [ 12.073122] ? __pfx_kthread+0x10/0x10 [ 12.073143] ret_from_fork_asm+0x1a/0x30 [ 12.073196] </TASK> [ 12.073258] [ 12.080375] Allocated by task 153: [ 12.080628] kasan_save_stack+0x45/0x70 [ 12.081211] kasan_save_track+0x18/0x40 [ 12.081521] kasan_save_alloc_info+0x3b/0x50 [ 12.081751] __kasan_kmalloc+0xb7/0xc0 [ 12.081920] __kmalloc_cache_noprof+0x189/0x420 [ 12.082121] kmalloc_oob_right+0xa9/0x7f0 [ 12.082308] kunit_try_run_case+0x1a5/0x480 [ 12.082627] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.082885] kthread+0x337/0x6f0 [ 12.083013] ret_from_fork+0x116/0x1d0 [ 12.083146] ret_from_fork_asm+0x1a/0x30 [ 12.083398] [ 12.083640] The buggy address belongs to the object at ffff8881027a3300 [ 12.083640] which belongs to the cache kmalloc-128 of size 128 [ 12.084207] The buggy address is located 0 bytes to the right of [ 12.084207] allocated 115-byte region [ffff8881027a3300, ffff8881027a3373) [ 12.085088] [ 12.085250] The buggy address belongs to the physical page: [ 12.085611] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a3 [ 12.086200] flags: 0x200000000000000(node=0|zone=2) [ 12.086926] page_type: f5(slab) [ 12.087483] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.087855] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.088246] page dumped because: kasan: bad access detected [ 12.088660] [ 12.088772] Memory state around the buggy address: [ 12.089217] ffff8881027a3200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.089636] ffff8881027a3280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.089968] >ffff8881027a3300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.090208] ^ [ 12.090726] ffff8881027a3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.091066] ffff8881027a3400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.091495] ================================================================== [ 12.092729] ================================================================== [ 12.093038] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 12.093317] Write of size 1 at addr ffff8881027a3378 by task kunit_try_catch/153 [ 12.093688] [ 12.093999] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.094044] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.094055] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.094077] Call Trace: [ 12.094088] <TASK> [ 12.094102] dump_stack_lvl+0x73/0xb0 [ 12.094131] print_report+0xd1/0x650 [ 12.094153] ? __virt_addr_valid+0x1db/0x2d0 [ 12.094174] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.094195] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.094218] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.094239] kasan_report+0x141/0x180 [ 12.094261] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.094288] __asan_report_store1_noabort+0x1b/0x30 [ 12.094315] kmalloc_oob_right+0x6bd/0x7f0 [ 12.094337] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.094361] ? __schedule+0x10cc/0x2b60 [ 12.094398] ? __pfx_read_tsc+0x10/0x10 [ 12.094419] ? ktime_get_ts64+0x86/0x230 [ 12.094460] kunit_try_run_case+0x1a5/0x480 [ 12.094483] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.094506] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.094529] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.094553] ? __kthread_parkme+0x82/0x180 [ 12.094572] ? preempt_count_sub+0x50/0x80 [ 12.094595] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.094619] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.094644] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.094669] kthread+0x337/0x6f0 [ 12.094687] ? trace_preempt_on+0x20/0xc0 [ 12.094710] ? __pfx_kthread+0x10/0x10 [ 12.094730] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.094751] ? calculate_sigpending+0x7b/0xa0 [ 12.094775] ? __pfx_kthread+0x10/0x10 [ 12.094796] ret_from_fork+0x116/0x1d0 [ 12.094814] ? __pfx_kthread+0x10/0x10 [ 12.094834] ret_from_fork_asm+0x1a/0x30 [ 12.094864] </TASK> [ 12.094873] [ 12.102232] Allocated by task 153: [ 12.102513] kasan_save_stack+0x45/0x70 [ 12.102670] kasan_save_track+0x18/0x40 [ 12.102807] kasan_save_alloc_info+0x3b/0x50 [ 12.102959] __kasan_kmalloc+0xb7/0xc0 [ 12.103111] __kmalloc_cache_noprof+0x189/0x420 [ 12.103331] kmalloc_oob_right+0xa9/0x7f0 [ 12.103540] kunit_try_run_case+0x1a5/0x480 [ 12.103746] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.104025] kthread+0x337/0x6f0 [ 12.104209] ret_from_fork+0x116/0x1d0 [ 12.104405] ret_from_fork_asm+0x1a/0x30 [ 12.104623] [ 12.104696] The buggy address belongs to the object at ffff8881027a3300 [ 12.104696] which belongs to the cache kmalloc-128 of size 128 [ 12.105204] The buggy address is located 5 bytes to the right of [ 12.105204] allocated 115-byte region [ffff8881027a3300, ffff8881027a3373) [ 12.105872] [ 12.105973] The buggy address belongs to the physical page: [ 12.106196] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a3 [ 12.106618] flags: 0x200000000000000(node=0|zone=2) [ 12.106809] page_type: f5(slab) [ 12.106929] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.107157] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.107611] page dumped because: kasan: bad access detected [ 12.107931] [ 12.108072] Memory state around the buggy address: [ 12.108295] ffff8881027a3200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.108682] ffff8881027a3280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.108962] >ffff8881027a3300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.109218] ^ [ 12.109440] ffff8881027a3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.109653] ffff8881027a3400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.110024] ================================================================== [ 12.110838] ================================================================== [ 12.111180] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 12.111507] Read of size 1 at addr ffff8881027a3380 by task kunit_try_catch/153 [ 12.111812] [ 12.111893] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.111932] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.111944] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.111964] Call Trace: [ 12.112010] <TASK> [ 12.112024] dump_stack_lvl+0x73/0xb0 [ 12.112051] print_report+0xd1/0x650 [ 12.112073] ? __virt_addr_valid+0x1db/0x2d0 [ 12.112094] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.112115] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.112138] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.112160] kasan_report+0x141/0x180 [ 12.112188] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.112214] __asan_report_load1_noabort+0x18/0x20 [ 12.112240] kmalloc_oob_right+0x68a/0x7f0 [ 12.112262] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.112285] ? __schedule+0x10cc/0x2b60 [ 12.112306] ? __pfx_read_tsc+0x10/0x10 [ 12.112327] ? ktime_get_ts64+0x86/0x230 [ 12.112350] kunit_try_run_case+0x1a5/0x480 [ 12.112383] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.112406] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.112428] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.112517] ? __kthread_parkme+0x82/0x180 [ 12.112541] ? preempt_count_sub+0x50/0x80 [ 12.112565] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.112589] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.112614] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.112639] kthread+0x337/0x6f0 [ 12.112657] ? trace_preempt_on+0x20/0xc0 [ 12.112680] ? __pfx_kthread+0x10/0x10 [ 12.112700] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.112721] ? calculate_sigpending+0x7b/0xa0 [ 12.112745] ? __pfx_kthread+0x10/0x10 [ 12.112766] ret_from_fork+0x116/0x1d0 [ 12.112784] ? __pfx_kthread+0x10/0x10 [ 12.112804] ret_from_fork_asm+0x1a/0x30 [ 12.112835] </TASK> [ 12.112845] [ 12.120755] Allocated by task 153: [ 12.120915] kasan_save_stack+0x45/0x70 [ 12.121100] kasan_save_track+0x18/0x40 [ 12.121261] kasan_save_alloc_info+0x3b/0x50 [ 12.121425] __kasan_kmalloc+0xb7/0xc0 [ 12.121682] __kmalloc_cache_noprof+0x189/0x420 [ 12.121913] kmalloc_oob_right+0xa9/0x7f0 [ 12.122114] kunit_try_run_case+0x1a5/0x480 [ 12.122332] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.122612] kthread+0x337/0x6f0 [ 12.122954] ret_from_fork+0x116/0x1d0 [ 12.123124] ret_from_fork_asm+0x1a/0x30 [ 12.123266] [ 12.123421] The buggy address belongs to the object at ffff8881027a3300 [ 12.123421] which belongs to the cache kmalloc-128 of size 128 [ 12.123966] The buggy address is located 13 bytes to the right of [ 12.123966] allocated 115-byte region [ffff8881027a3300, ffff8881027a3373) [ 12.124589] [ 12.124703] The buggy address belongs to the physical page: [ 12.124909] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a3 [ 12.125230] flags: 0x200000000000000(node=0|zone=2) [ 12.125561] page_type: f5(slab) [ 12.125721] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.126035] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.126292] page dumped because: kasan: bad access detected [ 12.126474] [ 12.126543] Memory state around the buggy address: [ 12.126696] ffff8881027a3280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.126924] ffff8881027a3300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.127240] >ffff8881027a3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.128023] ^ [ 12.128154] ffff8881027a3400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.128401] ffff8881027a3480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.129095] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 141.257936] WARNING: CPU: 1 PID: 2766 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 141.258569] Modules linked in: [ 141.258729] CPU: 1 UID: 0 PID: 2766 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 141.259053] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.259230] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.259497] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 141.260800] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 141.262964] RSP: 0000:ffff888109c27c78 EFLAGS: 00010286 [ 141.263621] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 141.264658] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffa68337f4 [ 141.265510] RBP: ffff888109c27ca0 R08: 0000000000000000 R09: ffffed102073d7a0 [ 141.266321] R10: ffff8881039ebd07 R11: 0000000000000000 R12: ffffffffa68337e0 [ 141.267223] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888109c27d38 [ 141.267980] FS: 0000000000000000(0000) GS:ffff8881b2972000(0000) knlGS:0000000000000000 [ 141.268876] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.269330] CR2: 00007ffff7ffe000 CR3: 000000011ecbc000 CR4: 00000000000006f0 [ 141.270221] DR0: ffffffffa8852444 DR1: ffffffffa8852449 DR2: ffffffffa885244a [ 141.270855] DR3: ffffffffa885244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.271594] Call Trace: [ 141.271727] <TASK> [ 141.271829] drm_test_rect_calc_vscale+0x108/0x270 [ 141.272009] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 141.272186] ? __schedule+0x10cc/0x2b60 [ 141.272333] ? __pfx_read_tsc+0x10/0x10 [ 141.272475] ? ktime_get_ts64+0x86/0x230 [ 141.272619] kunit_try_run_case+0x1a5/0x480 [ 141.273858] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.274597] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.275259] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.276026] ? __kthread_parkme+0x82/0x180 [ 141.276717] ? preempt_count_sub+0x50/0x80 [ 141.277299] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.278115] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.278992] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.279830] kthread+0x337/0x6f0 [ 141.280421] ? trace_preempt_on+0x20/0xc0 [ 141.280954] ? __pfx_kthread+0x10/0x10 [ 141.281114] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.281270] ? calculate_sigpending+0x7b/0xa0 [ 141.281436] ? __pfx_kthread+0x10/0x10 [ 141.281576] ret_from_fork+0x116/0x1d0 [ 141.281720] ? __pfx_kthread+0x10/0x10 [ 141.281857] ret_from_fork_asm+0x1a/0x30 [ 141.282005] </TASK> [ 141.282094] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 141.237175] WARNING: CPU: 0 PID: 2764 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 141.238081] Modules linked in: [ 141.238295] CPU: 0 UID: 0 PID: 2764 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 141.239646] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.240038] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.240416] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 141.240928] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 141.242121] RSP: 0000:ffff888109527c78 EFLAGS: 00010286 [ 141.242393] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 141.242971] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffa68337bc [ 141.243325] RBP: ffff888109527ca0 R08: 0000000000000000 R09: ffffed102073d600 [ 141.243741] R10: ffff8881039eb007 R11: 0000000000000000 R12: ffffffffa68337a8 [ 141.244063] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888109527d38 [ 141.244402] FS: 0000000000000000(0000) GS:ffff8881b2872000(0000) knlGS:0000000000000000 [ 141.244851] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.245175] CR2: ffffffffffffffff CR3: 000000011ecbc000 CR4: 00000000000006f0 [ 141.245750] DR0: ffffffffa8852440 DR1: ffffffffa8852441 DR2: ffffffffa8852443 [ 141.246109] DR3: ffffffffa8852445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.246512] Call Trace: [ 141.246685] <TASK> [ 141.246834] drm_test_rect_calc_vscale+0x108/0x270 [ 141.247054] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 141.247345] ? __schedule+0x10cc/0x2b60 [ 141.247547] ? __pfx_read_tsc+0x10/0x10 [ 141.247845] ? ktime_get_ts64+0x86/0x230 [ 141.248017] kunit_try_run_case+0x1a5/0x480 [ 141.248236] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.248590] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.248836] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.249020] ? __kthread_parkme+0x82/0x180 [ 141.249259] ? preempt_count_sub+0x50/0x80 [ 141.249473] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.249865] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.250093] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.250339] kthread+0x337/0x6f0 [ 141.250815] ? trace_preempt_on+0x20/0xc0 [ 141.250979] ? __pfx_kthread+0x10/0x10 [ 141.251189] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.251519] ? calculate_sigpending+0x7b/0xa0 [ 141.251703] ? __pfx_kthread+0x10/0x10 [ 141.251924] ret_from_fork+0x116/0x1d0 [ 141.252116] ? __pfx_kthread+0x10/0x10 [ 141.252311] ret_from_fork_asm+0x1a/0x30 [ 141.252602] </TASK> [ 141.252753] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 141.204749] WARNING: CPU: 1 PID: 2754 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 141.205176] Modules linked in: [ 141.205457] CPU: 1 UID: 0 PID: 2754 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 141.206126] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.206381] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.206849] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 141.207186] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 5b dc 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 141.208217] RSP: 0000:ffff88810399fc78 EFLAGS: 00010286 [ 141.208624] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 141.208971] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffa68337f8 [ 141.209265] RBP: ffff88810399fca0 R08: 0000000000000000 R09: ffffed102073d720 [ 141.209554] R10: ffff8881039eb907 R11: 0000000000000000 R12: ffffffffa68337e0 [ 141.209958] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810399fd38 [ 141.210317] FS: 0000000000000000(0000) GS:ffff8881b2972000(0000) knlGS:0000000000000000 [ 141.210720] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.210989] CR2: 00007ffff7ffe000 CR3: 000000011ecbc000 CR4: 00000000000006f0 [ 141.211275] DR0: ffffffffa8852444 DR1: ffffffffa8852449 DR2: ffffffffa885244a [ 141.212420] DR3: ffffffffa885244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.212729] Call Trace: [ 141.212921] <TASK> [ 141.213061] drm_test_rect_calc_hscale+0x108/0x270 [ 141.213309] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 141.213665] ? __schedule+0x10cc/0x2b60 [ 141.213884] ? __pfx_read_tsc+0x10/0x10 [ 141.214237] ? ktime_get_ts64+0x86/0x230 [ 141.214412] kunit_try_run_case+0x1a5/0x480 [ 141.214708] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.214950] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.215165] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.215395] ? __kthread_parkme+0x82/0x180 [ 141.215819] ? preempt_count_sub+0x50/0x80 [ 141.216068] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.216377] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.216688] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.216964] kthread+0x337/0x6f0 [ 141.217150] ? trace_preempt_on+0x20/0xc0 [ 141.217348] ? __pfx_kthread+0x10/0x10 [ 141.217593] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.217852] ? calculate_sigpending+0x7b/0xa0 [ 141.218033] ? __pfx_kthread+0x10/0x10 [ 141.218238] ret_from_fork+0x116/0x1d0 [ 141.218566] ? __pfx_kthread+0x10/0x10 [ 141.218886] ret_from_fork_asm+0x1a/0x30 [ 141.219104] </TASK> [ 141.219237] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 141.182079] WARNING: CPU: 1 PID: 2752 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 141.182785] Modules linked in: [ 141.183440] CPU: 1 UID: 0 PID: 2752 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 141.184095] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.184657] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.185213] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 141.185620] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 5b dc 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 141.187397] RSP: 0000:ffff888109527c78 EFLAGS: 00010286 [ 141.187992] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 141.188713] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffa68337c0 [ 141.189326] RBP: ffff888109527ca0 R08: 0000000000000000 R09: ffffed10204b6440 [ 141.190025] R10: ffff8881025b2207 R11: 0000000000000000 R12: ffffffffa68337a8 [ 141.190862] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888109527d38 [ 141.191788] FS: 0000000000000000(0000) GS:ffff8881b2972000(0000) knlGS:0000000000000000 [ 141.192158] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.192346] CR2: 00007ffff7ffe000 CR3: 000000011ecbc000 CR4: 00000000000006f0 [ 141.192558] DR0: ffffffffa8852444 DR1: ffffffffa8852449 DR2: ffffffffa885244a [ 141.192788] DR3: ffffffffa885244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.193088] Call Trace: [ 141.193229] <TASK> [ 141.193360] drm_test_rect_calc_hscale+0x108/0x270 [ 141.193838] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 141.194026] ? __schedule+0x10cc/0x2b60 [ 141.194236] ? __pfx_read_tsc+0x10/0x10 [ 141.194586] ? ktime_get_ts64+0x86/0x230 [ 141.194821] kunit_try_run_case+0x1a5/0x480 [ 141.195104] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.195282] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.195876] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.196133] ? __kthread_parkme+0x82/0x180 [ 141.196324] ? preempt_count_sub+0x50/0x80 [ 141.196555] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.196817] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.197224] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.197658] kthread+0x337/0x6f0 [ 141.197862] ? trace_preempt_on+0x20/0xc0 [ 141.198067] ? __pfx_kthread+0x10/0x10 [ 141.198222] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.198375] ? calculate_sigpending+0x7b/0xa0 [ 141.198749] ? __pfx_kthread+0x10/0x10 [ 141.198957] ret_from_fork+0x116/0x1d0 [ 141.199201] ? __pfx_kthread+0x10/0x10 [ 141.199513] ret_from_fork_asm+0x1a/0x30 [ 141.199750] </TASK> [ 141.199897] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_gem_shmem_test_get_pages_sgtdrm-kunit-mock-device-drm-drm_warn_onrefcount_readshmem-pages_pin_count
------------[ cut here ]------------ [ 140.572700] drm-kunit-mock-device drm_gem_shmem_test_get_pages_sgt.drm-kunit-mock-device: [drm] drm_WARN_ON(refcount_read(&shmem->pages_pin_count)) [ 140.572800] WARNING: CPU: 0 PID: 2569 at drivers/gpu/drm/drm_gem_shmem_helper.c:180 drm_gem_shmem_free+0x3ed/0x6c0 [ 140.574007] Modules linked in: [ 140.574164] CPU: 0 UID: 0 PID: 2569 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 140.574569] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.574828] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.575166] RIP: 0010:drm_gem_shmem_free+0x3ed/0x6c0 [ 140.575421] Code: 85 f6 0f 84 ba 01 00 00 4c 89 e7 e8 6d 1d 80 00 48 c7 c1 a0 86 7e a6 4c 89 f2 48 c7 c7 60 83 7e a6 48 89 c6 e8 f4 ce 77 fe 90 <0f> 0b 90 90 e9 09 ff ff ff 90 48 b8 00 00 00 00 00 fc ff df 48 8d [ 140.576245] RSP: 0000:ffff88810a0c7d18 EFLAGS: 00010286 [ 140.576675] RAX: 0000000000000000 RBX: ffff88810597f800 RCX: 1ffffffff4ea4ce8 [ 140.577027] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 140.577309] RBP: ffff88810a0c7d48 R08: 0000000000000000 R09: fffffbfff4ea4ce8 [ 140.577655] R10: 0000000000000003 R11: 0000000000038b68 R12: ffff88810a07c000 [ 140.577964] R13: ffff88810597f8f8 R14: ffff88810af46080 R15: ffff88810039fb40 [ 140.578221] FS: 0000000000000000(0000) GS:ffff8881b2872000(0000) knlGS:0000000000000000 [ 140.578511] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.578900] CR2: ffffffffffffffff CR3: 000000011ecbc000 CR4: 00000000000006f0 [ 140.579169] DR0: ffffffffa8852440 DR1: ffffffffa8852441 DR2: ffffffffa8852443 [ 140.579461] DR3: ffffffffa8852445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.579766] Call Trace: [ 140.579908] <TASK> [ 140.580034] ? trace_preempt_on+0x20/0xc0 [ 140.580253] ? __pfx_drm_gem_shmem_free_wrapper+0x10/0x10 [ 140.580463] drm_gem_shmem_free_wrapper+0x12/0x20 [ 140.580975] __kunit_action_free+0x57/0x70 [ 140.581152] kunit_remove_resource+0x133/0x200 [ 140.581418] ? preempt_count_sub+0x50/0x80 [ 140.581657] kunit_cleanup+0x7a/0x120 [ 140.581807] kunit_try_run_case_cleanup+0xbd/0xf0 [ 140.582025] ? __pfx_kunit_try_run_case_cleanup+0x10/0x10 [ 140.582290] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.582544] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.582994] kthread+0x337/0x6f0 [ 140.583159] ? trace_preempt_on+0x20/0xc0 [ 140.583320] ? __pfx_kthread+0x10/0x10 [ 140.583589] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.583841] ? calculate_sigpending+0x7b/0xa0 [ 140.584045] ? __pfx_kthread+0x10/0x10 [ 140.584211] ret_from_fork+0x116/0x1d0 [ 140.584349] ? __pfx_kthread+0x10/0x10 [ 140.584535] ret_from_fork_asm+0x1a/0x30 [ 140.584755] </TASK> [ 140.585038] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 140.443835] WARNING: CPU: 1 PID: 2550 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 140.444958] Modules linked in: [ 140.445291] CPU: 1 UID: 0 PID: 2550 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 140.446009] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.446260] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.446754] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 140.447089] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 140.448068] RSP: 0000:ffff88810a077b30 EFLAGS: 00010246 [ 140.448376] RAX: dffffc0000000000 RBX: ffff88810a077c28 RCX: 0000000000000000 [ 140.448956] RDX: 1ffff1102140ef8e RSI: ffff88810a077c28 RDI: ffff88810a077c70 [ 140.449368] RBP: ffff88810a077b70 R08: ffff888109e8e000 R09: ffffffffa67d89e0 [ 140.450060] R10: 0000000000000003 R11: 00000000ff4d8197 R12: ffff888109e8e000 [ 140.450540] R13: ffff88810039fae8 R14: ffff88810a077ba8 R15: 0000000000000000 [ 140.450945] FS: 0000000000000000(0000) GS:ffff8881b2972000(0000) knlGS:0000000000000000 [ 140.451298] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.451682] CR2: 00007ffff7ffe000 CR3: 000000011ecbc000 CR4: 00000000000006f0 [ 140.452048] DR0: ffffffffa8852444 DR1: ffffffffa8852449 DR2: ffffffffa885244a [ 140.452502] DR3: ffffffffa885244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.452841] Call Trace: [ 140.453033] <TASK> [ 140.453139] ? add_dr+0xc1/0x1d0 [ 140.453387] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 140.453980] ? add_dr+0x148/0x1d0 [ 140.454162] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 140.454611] ? __drmm_add_action+0x1a4/0x280 [ 140.454927] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.455228] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.455595] ? __drmm_add_action_or_reset+0x22/0x50 [ 140.455999] ? __schedule+0x10cc/0x2b60 [ 140.456241] ? __pfx_read_tsc+0x10/0x10 [ 140.456532] ? ktime_get_ts64+0x86/0x230 [ 140.456739] kunit_try_run_case+0x1a5/0x480 [ 140.457028] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.457253] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.457686] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.457921] ? __kthread_parkme+0x82/0x180 [ 140.458124] ? preempt_count_sub+0x50/0x80 [ 140.458301] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.458735] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.459038] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.459389] kthread+0x337/0x6f0 [ 140.459703] ? trace_preempt_on+0x20/0xc0 [ 140.459880] ? __pfx_kthread+0x10/0x10 [ 140.460172] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.460497] ? calculate_sigpending+0x7b/0xa0 [ 140.460795] ? __pfx_kthread+0x10/0x10 [ 140.461038] ret_from_fork+0x116/0x1d0 [ 140.461269] ? __pfx_kthread+0x10/0x10 [ 140.461525] ret_from_fork_asm+0x1a/0x30 [ 140.461844] </TASK> [ 140.462219] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 140.408734] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 140.408922] WARNING: CPU: 1 PID: 2546 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 140.409980] Modules linked in: [ 140.410796] CPU: 1 UID: 0 PID: 2546 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 140.412033] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.412217] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.412930] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 140.413485] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 3b 3a 87 00 48 c7 c1 c0 38 7d a6 4c 89 fa 48 c7 c7 20 39 7d a6 48 89 c6 e8 c2 eb 7e fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 140.415235] RSP: 0000:ffff8881098cfb68 EFLAGS: 00010282 [ 140.415808] RAX: 0000000000000000 RBX: ffff8881098cfc40 RCX: 1ffffffff4ea4ce8 [ 140.416102] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 140.416544] RBP: ffff8881098cfb90 R08: 0000000000000000 R09: fffffbfff4ea4ce8 [ 140.416838] R10: 0000000000000003 R11: 00000000000371e8 R12: ffff8881098cfc18 [ 140.417240] R13: ffff888109e9c000 R14: ffff888109e8c000 R15: ffff888103f34b80 [ 140.417672] FS: 0000000000000000(0000) GS:ffff8881b2972000(0000) knlGS:0000000000000000 [ 140.418104] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.418325] CR2: 00007ffff7ffe000 CR3: 000000011ecbc000 CR4: 00000000000006f0 [ 140.418780] DR0: ffffffffa8852444 DR1: ffffffffa8852449 DR2: ffffffffa885244a [ 140.419077] DR3: ffffffffa885244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.419361] Call Trace: [ 140.419530] <TASK> [ 140.419801] drm_test_framebuffer_free+0x1ab/0x610 [ 140.420103] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 140.420299] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.420667] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.421144] ? __drmm_add_action_or_reset+0x22/0x50 [ 140.421483] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 140.421773] kunit_try_run_case+0x1a5/0x480 [ 140.421979] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.422210] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.422495] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.422786] ? __kthread_parkme+0x82/0x180 [ 140.422982] ? preempt_count_sub+0x50/0x80 [ 140.423303] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.423807] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.424137] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.424504] kthread+0x337/0x6f0 [ 140.424710] ? trace_preempt_on+0x20/0xc0 [ 140.424924] ? __pfx_kthread+0x10/0x10 [ 140.425113] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.425306] ? calculate_sigpending+0x7b/0xa0 [ 140.425560] ? __pfx_kthread+0x10/0x10 [ 140.425782] ret_from_fork+0x116/0x1d0 [ 140.426056] ? __pfx_kthread+0x10/0x10 [ 140.426225] ret_from_fork_asm+0x1a/0x30 [ 140.426417] </TASK> [ 140.426728] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 139.196049] WARNING: CPU: 1 PID: 1984 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 139.196551] Modules linked in: [ 139.197257] CPU: 1 UID: 0 PID: 1984 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 139.197940] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 139.198159] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.198523] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 139.198997] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 02 25 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 139.199876] RSP: 0000:ffff8881086f7c90 EFLAGS: 00010246 [ 139.200153] RAX: dffffc0000000000 RBX: ffff888108c06000 RCX: 0000000000000000 [ 139.200533] RDX: 1ffff11021180c32 RSI: ffffffffa3a05968 RDI: ffff888108c06190 [ 139.201044] RBP: ffff8881086f7ca0 R08: 1ffff11020073f69 R09: ffffed10210def65 [ 139.201347] R10: 0000000000000003 R11: ffffffffa2f85b48 R12: 0000000000000000 [ 139.201936] R13: ffff8881086f7d38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 139.202252] FS: 0000000000000000(0000) GS:ffff8881b2972000(0000) knlGS:0000000000000000 [ 139.202698] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.203063] CR2: 00007ffff7ffe000 CR3: 000000011ecbc000 CR4: 00000000000006f0 [ 139.203504] DR0: ffffffffa8852444 DR1: ffffffffa8852449 DR2: ffffffffa885244a [ 139.203835] DR3: ffffffffa885244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 139.204240] Call Trace: [ 139.204525] <TASK> [ 139.204749] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 139.205079] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 139.205462] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 139.206113] kunit_try_run_case+0x1a5/0x480 [ 139.206352] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.206759] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 139.207039] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 139.207254] ? __kthread_parkme+0x82/0x180 [ 139.207492] ? preempt_count_sub+0x50/0x80 [ 139.207829] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.208134] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 139.208399] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 139.208857] kthread+0x337/0x6f0 [ 139.209338] ? trace_preempt_on+0x20/0xc0 [ 139.209888] ? __pfx_kthread+0x10/0x10 [ 139.210110] ? _raw_spin_unlock_irq+0x47/0x80 [ 139.210446] ? calculate_sigpending+0x7b/0xa0 [ 139.210736] ? __pfx_kthread+0x10/0x10 [ 139.211021] ret_from_fork+0x116/0x1d0 [ 139.211225] ? __pfx_kthread+0x10/0x10 [ 139.211441] ret_from_fork_asm+0x1a/0x30 [ 139.211795] </TASK> [ 139.211926] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 139.114248] WARNING: CPU: 0 PID: 1976 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 139.115844] Modules linked in: [ 139.116477] CPU: 0 UID: 0 PID: 1976 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 139.117789] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 139.118537] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.119508] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 139.120280] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 02 25 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 139.121686] RSP: 0000:ffff8881044efc90 EFLAGS: 00010246 [ 139.122338] RAX: dffffc0000000000 RBX: ffff888103d5e000 RCX: 0000000000000000 [ 139.122950] RDX: 1ffff110207abc32 RSI: ffffffffa3a05968 RDI: ffff888103d5e190 [ 139.123171] RBP: ffff8881044efca0 R08: 1ffff11020073f69 R09: ffffed102089df65 [ 139.123822] R10: 0000000000000003 R11: ffffffffa2f85b48 R12: 0000000000000000 [ 139.124623] R13: ffff8881044efd38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 139.125494] FS: 0000000000000000(0000) GS:ffff8881b2872000(0000) knlGS:0000000000000000 [ 139.126281] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.126988] CR2: ffffffffffffffff CR3: 000000011ecbc000 CR4: 00000000000006f0 [ 139.127531] DR0: ffffffffa8852440 DR1: ffffffffa8852441 DR2: ffffffffa8852443 [ 139.128199] DR3: ffffffffa8852445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 139.128917] Call Trace: [ 139.129216] <TASK> [ 139.129656] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 139.130185] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 139.130446] ? __schedule+0x10cc/0x2b60 [ 139.130597] ? __pfx_read_tsc+0x10/0x10 [ 139.131015] ? ktime_get_ts64+0x86/0x230 [ 139.131433] kunit_try_run_case+0x1a5/0x480 [ 139.131837] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.132043] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 139.132204] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 139.132477] ? __kthread_parkme+0x82/0x180 [ 139.132934] ? preempt_count_sub+0x50/0x80 [ 139.133458] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.133964] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 139.134500] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 139.134900] kthread+0x337/0x6f0 [ 139.135184] ? trace_preempt_on+0x20/0xc0 [ 139.135332] ? __pfx_kthread+0x10/0x10 [ 139.135863] ? _raw_spin_unlock_irq+0x47/0x80 [ 139.136248] ? calculate_sigpending+0x7b/0xa0 [ 139.136557] ? __pfx_kthread+0x10/0x10 [ 139.136879] ret_from_fork+0x116/0x1d0 [ 139.137231] ? __pfx_kthread+0x10/0x10 [ 139.137640] ret_from_fork_asm+0x1a/0x30 [ 139.137924] </TASK> [ 139.138018] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 108.401260] WARNING: CPU: 0 PID: 674 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 108.401526] Modules linked in: [ 108.401678] CPU: 0 UID: 0 PID: 674 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 108.402032] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 108.402211] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 108.402472] RIP: 0010:intlog10+0x2a/0x40 [ 108.402622] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f e9 97 a8 86 02 90 <0f> 0b 90 31 c0 e9 8c a8 86 02 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 108.404784] RSP: 0000:ffff88810aa87cb0 EFLAGS: 00010246 [ 108.405534] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff11021550fb4 [ 108.406439] RDX: 1ffffffff4cd2db4 RSI: 1ffff11021550fb3 RDI: 0000000000000000 [ 108.407298] RBP: ffff88810aa87d60 R08: 0000000000000000 R09: ffffed10207366c0 [ 108.408160] R10: ffff8881039b3607 R11: 0000000000000000 R12: 1ffff11021550f97 [ 108.409111] R13: ffffffffa6696da0 R14: 0000000000000000 R15: ffff88810aa87d38 [ 108.410005] FS: 0000000000000000(0000) GS:ffff8881b2872000(0000) knlGS:0000000000000000 [ 108.410982] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.411714] CR2: ffff88815a918000 CR3: 000000011ecbc000 CR4: 00000000000006f0 [ 108.412941] DR0: ffffffffa8852440 DR1: ffffffffa8852441 DR2: ffffffffa8852443 [ 108.413940] DR3: ffffffffa8852445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 108.414689] Call Trace: [ 108.414798] <TASK> [ 108.414906] ? intlog10_test+0xf2/0x220 [ 108.415067] ? __pfx_intlog10_test+0x10/0x10 [ 108.415223] ? __schedule+0x10cc/0x2b60 [ 108.415409] ? __pfx_read_tsc+0x10/0x10 [ 108.416311] ? ktime_get_ts64+0x86/0x230 [ 108.416772] kunit_try_run_case+0x1a5/0x480 [ 108.416968] ? __pfx_kunit_try_run_case+0x10/0x10 [ 108.417525] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 108.418083] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 108.418614] ? __kthread_parkme+0x82/0x180 [ 108.418771] ? preempt_count_sub+0x50/0x80 [ 108.418948] ? __pfx_kunit_try_run_case+0x10/0x10 [ 108.419111] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 108.419289] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 108.419500] kthread+0x337/0x6f0 [ 108.419802] ? trace_preempt_on+0x20/0xc0 [ 108.420206] ? __pfx_kthread+0x10/0x10 [ 108.420655] ? _raw_spin_unlock_irq+0x47/0x80 [ 108.420847] ? calculate_sigpending+0x7b/0xa0 [ 108.421310] ? __pfx_kthread+0x10/0x10 [ 108.421569] ret_from_fork+0x116/0x1d0 [ 108.422057] ? __pfx_kthread+0x10/0x10 [ 108.422251] ret_from_fork_asm+0x1a/0x30 [ 108.422568] </TASK> [ 108.422807] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 108.362504] WARNING: CPU: 0 PID: 656 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 108.363015] Modules linked in: [ 108.363185] CPU: 0 UID: 0 PID: 656 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 108.363662] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 108.363983] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 108.364830] RIP: 0010:intlog2+0xdf/0x110 [ 108.365241] Code: 69 a6 c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d e9 02 a9 86 02 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 89 45 e4 e8 8f e8 55 ff 8b 45 e4 eb [ 108.366457] RSP: 0000:ffff88810aaafcb0 EFLAGS: 00010246 [ 108.367036] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff11021555fb4 [ 108.367554] RDX: 1ffffffff4cd2e08 RSI: 1ffff11021555fb3 RDI: 0000000000000000 [ 108.367775] RBP: ffff88810aaafd60 R08: 0000000000000000 R09: ffffed1020736680 [ 108.368034] R10: ffff8881039b3407 R11: 0000000000000000 R12: 1ffff11021555f97 [ 108.368304] R13: ffffffffa6697040 R14: 0000000000000000 R15: ffff88810aaafd38 [ 108.368615] FS: 0000000000000000(0000) GS:ffff8881b2872000(0000) knlGS:0000000000000000 [ 108.369233] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.369494] CR2: ffff88815a918000 CR3: 000000011ecbc000 CR4: 00000000000006f0 [ 108.369895] DR0: ffffffffa8852440 DR1: ffffffffa8852441 DR2: ffffffffa8852443 [ 108.370312] DR3: ffffffffa8852445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 108.370689] Call Trace: [ 108.370859] <TASK> [ 108.370991] ? intlog2_test+0xf2/0x220 [ 108.371211] ? __pfx_intlog2_test+0x10/0x10 [ 108.371525] ? __schedule+0x10cc/0x2b60 [ 108.371696] ? __pfx_read_tsc+0x10/0x10 [ 108.371911] ? ktime_get_ts64+0x86/0x230 [ 108.372115] kunit_try_run_case+0x1a5/0x480 [ 108.372294] ? __pfx_kunit_try_run_case+0x10/0x10 [ 108.372529] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 108.372967] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 108.373165] ? __kthread_parkme+0x82/0x180 [ 108.373368] ? preempt_count_sub+0x50/0x80 [ 108.373569] ? __pfx_kunit_try_run_case+0x10/0x10 [ 108.373853] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 108.374114] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 108.374303] kthread+0x337/0x6f0 [ 108.374467] ? trace_preempt_on+0x20/0xc0 [ 108.374674] ? __pfx_kthread+0x10/0x10 [ 108.375021] ? _raw_spin_unlock_irq+0x47/0x80 [ 108.375203] ? calculate_sigpending+0x7b/0xa0 [ 108.375357] ? __pfx_kthread+0x10/0x10 [ 108.375552] ret_from_fork+0x116/0x1d0 [ 108.375859] ? __pfx_kthread+0x10/0x10 [ 108.376112] ret_from_fork_asm+0x1a/0x30 [ 108.376283] </TASK> [ 108.376603] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
KNOWN ISSUE - qemu-x86_64: Oops: general protection fault, probably for non-canonical address - KASAN: null-ptr-deref - kunit_test_null_dereference
[ 107.794517] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI