Date
July 11, 2025, 11:09 p.m.
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 49.991949] ================================================================== [ 49.992324] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 49.992324] [ 49.992931] Use-after-free read at 0x(____ptrval____) (in kfence-#140): [ 49.993196] test_krealloc+0x6fc/0xbe0 [ 49.993378] kunit_try_run_case+0x1a5/0x480 [ 49.993593] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.993829] kthread+0x337/0x6f0 [ 49.994341] ret_from_fork+0x116/0x1d0 [ 49.994595] ret_from_fork_asm+0x1a/0x30 [ 49.994891] [ 49.994985] kfence-#140: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 49.994985] [ 49.995502] allocated by task 354 on cpu 1 at 49.991337s (0.004162s ago): [ 49.996036] test_alloc+0x364/0x10f0 [ 49.996298] test_krealloc+0xad/0xbe0 [ 49.996453] kunit_try_run_case+0x1a5/0x480 [ 49.996650] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.997167] kthread+0x337/0x6f0 [ 49.997344] ret_from_fork+0x116/0x1d0 [ 49.997585] ret_from_fork_asm+0x1a/0x30 [ 49.997866] [ 49.997963] freed by task 354 on cpu 1 at 49.991559s (0.006402s ago): [ 49.998242] krealloc_noprof+0x108/0x340 [ 49.998437] test_krealloc+0x226/0xbe0 [ 49.998614] kunit_try_run_case+0x1a5/0x480 [ 49.998805] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.999350] kthread+0x337/0x6f0 [ 49.999482] ret_from_fork+0x116/0x1d0 [ 49.999671] ret_from_fork_asm+0x1a/0x30 [ 50.000060] [ 50.000254] CPU: 1 UID: 0 PID: 354 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 50.000831] Tainted: [B]=BAD_PAGE, [N]=TEST [ 50.001206] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 50.001651] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 49.911253] ================================================================== [ 49.911679] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 49.911679] [ 49.912535] Use-after-free read at 0x(____ptrval____) (in kfence-#139): [ 49.912833] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 49.913265] kunit_try_run_case+0x1a5/0x480 [ 49.913458] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.913714] kthread+0x337/0x6f0 [ 49.914330] ret_from_fork+0x116/0x1d0 [ 49.914500] ret_from_fork_asm+0x1a/0x30 [ 49.914669] [ 49.914780] kfence-#139: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 49.914780] [ 49.915157] allocated by task 352 on cpu 0 at 49.887262s (0.027892s ago): [ 49.915448] test_alloc+0x2a6/0x10f0 [ 49.915626] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 49.915850] kunit_try_run_case+0x1a5/0x480 [ 49.916028] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.916277] kthread+0x337/0x6f0 [ 49.916400] ret_from_fork+0x116/0x1d0 [ 49.916566] ret_from_fork_asm+0x1a/0x30 [ 49.916778] [ 49.916876] freed by task 352 on cpu 0 at 49.887372s (0.029502s ago): [ 49.917096] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 49.917349] kunit_try_run_case+0x1a5/0x480 [ 49.917557] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.917771] kthread+0x337/0x6f0 [ 49.917962] ret_from_fork+0x116/0x1d0 [ 49.918112] ret_from_fork_asm+0x1a/0x30 [ 49.918295] [ 49.918392] CPU: 0 UID: 0 PID: 352 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 49.918842] Tainted: [B]=BAD_PAGE, [N]=TEST [ 49.918990] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 49.919674] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 24.836435] ================================================================== [ 24.836993] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 24.836993] [ 24.837498] Invalid read at 0x(____ptrval____): [ 24.837723] test_invalid_access+0xf0/0x210 [ 24.838025] kunit_try_run_case+0x1a5/0x480 [ 24.838181] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.838353] kthread+0x337/0x6f0 [ 24.838521] ret_from_fork+0x116/0x1d0 [ 24.838715] ret_from_fork_asm+0x1a/0x30 [ 24.839596] [ 24.839738] CPU: 0 UID: 0 PID: 348 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 24.840729] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.841352] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.842149] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 24.615448] ================================================================== [ 24.615889] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 24.615889] [ 24.616252] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#135): [ 24.616855] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 24.617140] kunit_try_run_case+0x1a5/0x480 [ 24.617340] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.617577] kthread+0x337/0x6f0 [ 24.617756] ret_from_fork+0x116/0x1d0 [ 24.617943] ret_from_fork_asm+0x1a/0x30 [ 24.618104] [ 24.618204] kfence-#135: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 24.618204] [ 24.618544] allocated by task 342 on cpu 0 at 24.615194s (0.003348s ago): [ 24.618827] test_alloc+0x364/0x10f0 [ 24.619012] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 24.619331] kunit_try_run_case+0x1a5/0x480 [ 24.619531] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.619706] kthread+0x337/0x6f0 [ 24.619868] ret_from_fork+0x116/0x1d0 [ 24.620070] ret_from_fork_asm+0x1a/0x30 [ 24.620385] [ 24.620462] freed by task 342 on cpu 0 at 24.615332s (0.005127s ago): [ 24.620763] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 24.620971] kunit_try_run_case+0x1a5/0x480 [ 24.621149] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.621362] kthread+0x337/0x6f0 [ 24.621533] ret_from_fork+0x116/0x1d0 [ 24.621716] ret_from_fork_asm+0x1a/0x30 [ 24.621950] [ 24.622053] CPU: 0 UID: 0 PID: 342 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 24.622505] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.622692] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.623063] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 24.303512] ================================================================== [ 24.304034] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 24.304034] [ 24.304394] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#132): [ 24.304726] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 24.304974] kunit_try_run_case+0x1a5/0x480 [ 24.305208] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.305417] kthread+0x337/0x6f0 [ 24.305543] ret_from_fork+0x116/0x1d0 [ 24.305734] ret_from_fork_asm+0x1a/0x30 [ 24.305996] [ 24.306097] kfence-#132: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 24.306097] [ 24.306454] allocated by task 340 on cpu 1 at 24.303288s (0.003163s ago): [ 24.306825] test_alloc+0x364/0x10f0 [ 24.307021] test_kmalloc_aligned_oob_read+0x105/0x560 [ 24.307243] kunit_try_run_case+0x1a5/0x480 [ 24.307389] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.307634] kthread+0x337/0x6f0 [ 24.307798] ret_from_fork+0x116/0x1d0 [ 24.307985] ret_from_fork_asm+0x1a/0x30 [ 24.308174] [ 24.308269] CPU: 1 UID: 0 PID: 340 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 24.308716] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.308945] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.309635] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 19.623467] ================================================================== [ 19.623958] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 19.623958] [ 19.624334] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#87): [ 19.625470] test_corruption+0x131/0x3e0 [ 19.625680] kunit_try_run_case+0x1a5/0x480 [ 19.625887] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.626198] kthread+0x337/0x6f0 [ 19.626361] ret_from_fork+0x116/0x1d0 [ 19.626558] ret_from_fork_asm+0x1a/0x30 [ 19.626774] [ 19.626858] kfence-#87: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.626858] [ 19.627265] allocated by task 330 on cpu 0 at 19.623360s (0.003902s ago): [ 19.627542] test_alloc+0x2a6/0x10f0 [ 19.627719] test_corruption+0xe6/0x3e0 [ 19.627934] kunit_try_run_case+0x1a5/0x480 [ 19.628201] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.628427] kthread+0x337/0x6f0 [ 19.628592] ret_from_fork+0x116/0x1d0 [ 19.628727] ret_from_fork_asm+0x1a/0x30 [ 19.628963] [ 19.629137] freed by task 330 on cpu 0 at 19.623395s (0.005740s ago): [ 19.629425] test_corruption+0x131/0x3e0 [ 19.629726] kunit_try_run_case+0x1a5/0x480 [ 19.630338] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.630561] kthread+0x337/0x6f0 [ 19.630937] ret_from_fork+0x116/0x1d0 [ 19.631213] ret_from_fork_asm+0x1a/0x30 [ 19.631490] [ 19.631594] CPU: 0 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 19.632303] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.632474] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.632858] ================================================================== [ 19.311524] ================================================================== [ 19.311982] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 19.311982] [ 19.312316] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#84): [ 19.312950] test_corruption+0x2d2/0x3e0 [ 19.313099] kunit_try_run_case+0x1a5/0x480 [ 19.313520] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.313762] kthread+0x337/0x6f0 [ 19.313889] ret_from_fork+0x116/0x1d0 [ 19.314062] ret_from_fork_asm+0x1a/0x30 [ 19.314278] [ 19.314379] kfence-#84: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 19.314379] [ 19.314746] allocated by task 328 on cpu 1 at 19.311354s (0.003390s ago): [ 19.315081] test_alloc+0x364/0x10f0 [ 19.315216] test_corruption+0xe6/0x3e0 [ 19.315362] kunit_try_run_case+0x1a5/0x480 [ 19.315573] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.315882] kthread+0x337/0x6f0 [ 19.316023] ret_from_fork+0x116/0x1d0 [ 19.316156] ret_from_fork_asm+0x1a/0x30 [ 19.316296] [ 19.316394] freed by task 328 on cpu 1 at 19.311452s (0.004939s ago): [ 19.316698] test_corruption+0x2d2/0x3e0 [ 19.316978] kunit_try_run_case+0x1a5/0x480 [ 19.317203] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.317380] kthread+0x337/0x6f0 [ 19.317626] ret_from_fork+0x116/0x1d0 [ 19.317852] ret_from_fork_asm+0x1a/0x30 [ 19.318005] [ 19.318098] CPU: 1 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 19.318506] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.318705] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.319406] ================================================================== [ 19.727364] ================================================================== [ 19.727734] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 19.727734] [ 19.728179] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#88): [ 19.728545] test_corruption+0x216/0x3e0 [ 19.728752] kunit_try_run_case+0x1a5/0x480 [ 19.728901] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.729122] kthread+0x337/0x6f0 [ 19.729323] ret_from_fork+0x116/0x1d0 [ 19.729568] ret_from_fork_asm+0x1a/0x30 [ 19.729853] [ 19.729975] kfence-#88: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.729975] [ 19.730255] allocated by task 330 on cpu 0 at 19.727251s (0.003002s ago): [ 19.730608] test_alloc+0x2a6/0x10f0 [ 19.730832] test_corruption+0x1cb/0x3e0 [ 19.731059] kunit_try_run_case+0x1a5/0x480 [ 19.731225] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.731471] kthread+0x337/0x6f0 [ 19.731630] ret_from_fork+0x116/0x1d0 [ 19.731769] ret_from_fork_asm+0x1a/0x30 [ 19.732001] [ 19.732096] freed by task 330 on cpu 0 at 19.727297s (0.004796s ago): [ 19.732299] test_corruption+0x216/0x3e0 [ 19.732497] kunit_try_run_case+0x1a5/0x480 [ 19.732737] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.733050] kthread+0x337/0x6f0 [ 19.733173] ret_from_fork+0x116/0x1d0 [ 19.733324] ret_from_fork_asm+0x1a/0x30 [ 19.733518] [ 19.733661] CPU: 0 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 19.734052] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.734471] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.734980] ================================================================== [ 19.519557] ================================================================== [ 19.519995] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 19.519995] [ 19.520287] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#86): [ 19.520687] test_corruption+0x2df/0x3e0 [ 19.520941] kunit_try_run_case+0x1a5/0x480 [ 19.521100] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.521292] kthread+0x337/0x6f0 [ 19.521470] ret_from_fork+0x116/0x1d0 [ 19.521658] ret_from_fork_asm+0x1a/0x30 [ 19.521802] [ 19.521893] kfence-#86: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 19.521893] [ 19.522325] allocated by task 328 on cpu 1 at 19.519305s (0.003019s ago): [ 19.522554] test_alloc+0x364/0x10f0 [ 19.522738] test_corruption+0x1cb/0x3e0 [ 19.522963] kunit_try_run_case+0x1a5/0x480 [ 19.523174] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.523397] kthread+0x337/0x6f0 [ 19.523538] ret_from_fork+0x116/0x1d0 [ 19.523672] ret_from_fork_asm+0x1a/0x30 [ 19.523839] [ 19.523943] freed by task 328 on cpu 1 at 19.519399s (0.004543s ago): [ 19.524215] test_corruption+0x2df/0x3e0 [ 19.524353] kunit_try_run_case+0x1a5/0x480 [ 19.524500] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.524907] kthread+0x337/0x6f0 [ 19.525041] ret_from_fork+0x116/0x1d0 [ 19.525174] ret_from_fork_asm+0x1a/0x30 [ 19.525315] [ 19.525411] CPU: 1 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 19.525892] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.526058] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.526327] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 19.103428] ================================================================== [ 19.103902] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 19.103902] [ 19.104265] Invalid free of 0x(____ptrval____) (in kfence-#82): [ 19.104548] test_invalid_addr_free+0x1e1/0x260 [ 19.104740] kunit_try_run_case+0x1a5/0x480 [ 19.105527] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.105901] kthread+0x337/0x6f0 [ 19.106196] ret_from_fork+0x116/0x1d0 [ 19.106357] ret_from_fork_asm+0x1a/0x30 [ 19.106565] [ 19.106656] kfence-#82: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 19.106656] [ 19.107051] allocated by task 324 on cpu 0 at 19.103289s (0.003760s ago): [ 19.107370] test_alloc+0x364/0x10f0 [ 19.107502] test_invalid_addr_free+0xdb/0x260 [ 19.107719] kunit_try_run_case+0x1a5/0x480 [ 19.107891] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.108139] kthread+0x337/0x6f0 [ 19.108308] ret_from_fork+0x116/0x1d0 [ 19.108441] ret_from_fork_asm+0x1a/0x30 [ 19.108644] [ 19.108758] CPU: 0 UID: 0 PID: 324 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 19.109219] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.109382] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.109668] ================================================================== [ 19.207474] ================================================================== [ 19.207935] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 19.207935] [ 19.208273] Invalid free of 0x(____ptrval____) (in kfence-#83): [ 19.208572] test_invalid_addr_free+0xfb/0x260 [ 19.208936] kunit_try_run_case+0x1a5/0x480 [ 19.209110] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.209363] kthread+0x337/0x6f0 [ 19.209537] ret_from_fork+0x116/0x1d0 [ 19.209673] ret_from_fork_asm+0x1a/0x30 [ 19.209993] [ 19.210089] kfence-#83: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.210089] [ 19.210448] allocated by task 326 on cpu 0 at 19.207360s (0.003086s ago): [ 19.210722] test_alloc+0x2a6/0x10f0 [ 19.210889] test_invalid_addr_free+0xdb/0x260 [ 19.211090] kunit_try_run_case+0x1a5/0x480 [ 19.211238] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.211471] kthread+0x337/0x6f0 [ 19.211642] ret_from_fork+0x116/0x1d0 [ 19.211824] ret_from_fork_asm+0x1a/0x30 [ 19.212042] [ 19.212162] CPU: 0 UID: 0 PID: 326 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 19.212584] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.212761] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.213102] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 18.895563] ================================================================== [ 18.896045] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 18.896045] [ 18.896348] Invalid free of 0x(____ptrval____) (in kfence-#80): [ 18.897035] test_double_free+0x1d3/0x260 [ 18.897437] kunit_try_run_case+0x1a5/0x480 [ 18.897718] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.898069] kthread+0x337/0x6f0 [ 18.898235] ret_from_fork+0x116/0x1d0 [ 18.898402] ret_from_fork_asm+0x1a/0x30 [ 18.898592] [ 18.898670] kfence-#80: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.898670] [ 18.899359] allocated by task 320 on cpu 1 at 18.895366s (0.003990s ago): [ 18.899648] test_alloc+0x364/0x10f0 [ 18.900063] test_double_free+0xdb/0x260 [ 18.900323] kunit_try_run_case+0x1a5/0x480 [ 18.900502] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.900950] kthread+0x337/0x6f0 [ 18.901131] ret_from_fork+0x116/0x1d0 [ 18.901421] ret_from_fork_asm+0x1a/0x30 [ 18.901614] [ 18.901689] freed by task 320 on cpu 1 at 18.895418s (0.006268s ago): [ 18.902205] test_double_free+0x1e0/0x260 [ 18.902397] kunit_try_run_case+0x1a5/0x480 [ 18.902575] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.902978] kthread+0x337/0x6f0 [ 18.903146] ret_from_fork+0x116/0x1d0 [ 18.903398] ret_from_fork_asm+0x1a/0x30 [ 18.903585] [ 18.903698] CPU: 1 UID: 0 PID: 320 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.904395] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.904649] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.905149] ================================================================== [ 18.999565] ================================================================== [ 19.000095] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 19.000095] [ 19.000418] Invalid free of 0x(____ptrval____) (in kfence-#81): [ 19.000665] test_double_free+0x112/0x260 [ 19.000930] kunit_try_run_case+0x1a5/0x480 [ 19.001084] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.001444] kthread+0x337/0x6f0 [ 19.001571] ret_from_fork+0x116/0x1d0 [ 19.001733] ret_from_fork_asm+0x1a/0x30 [ 19.001954] [ 19.002054] kfence-#81: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.002054] [ 19.002364] allocated by task 322 on cpu 0 at 18.999405s (0.002956s ago): [ 19.002671] test_alloc+0x2a6/0x10f0 [ 19.002889] test_double_free+0xdb/0x260 [ 19.003103] kunit_try_run_case+0x1a5/0x480 [ 19.003277] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.003494] kthread+0x337/0x6f0 [ 19.003614] ret_from_fork+0x116/0x1d0 [ 19.003778] ret_from_fork_asm+0x1a/0x30 [ 19.004071] [ 19.004183] freed by task 322 on cpu 0 at 18.999445s (0.004737s ago): [ 19.004421] test_double_free+0xfa/0x260 [ 19.004560] kunit_try_run_case+0x1a5/0x480 [ 19.004784] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.005053] kthread+0x337/0x6f0 [ 19.005223] ret_from_fork+0x116/0x1d0 [ 19.005383] ret_from_fork_asm+0x1a/0x30 [ 19.005529] [ 19.005632] CPU: 0 UID: 0 PID: 322 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 19.005975] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.006328] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.006708] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 18.583482] ================================================================== [ 18.584066] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 18.584066] [ 18.584429] Use-after-free read at 0x(____ptrval____) (in kfence-#77): [ 18.584744] test_use_after_free_read+0x129/0x270 [ 18.584928] kunit_try_run_case+0x1a5/0x480 [ 18.585179] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.585449] kthread+0x337/0x6f0 [ 18.585577] ret_from_fork+0x116/0x1d0 [ 18.585765] ret_from_fork_asm+0x1a/0x30 [ 18.585968] [ 18.586070] kfence-#77: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.586070] [ 18.586432] allocated by task 314 on cpu 0 at 18.583340s (0.003089s ago): [ 18.586665] test_alloc+0x2a6/0x10f0 [ 18.586985] test_use_after_free_read+0xdc/0x270 [ 18.587254] kunit_try_run_case+0x1a5/0x480 [ 18.587493] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.587750] kthread+0x337/0x6f0 [ 18.587932] ret_from_fork+0x116/0x1d0 [ 18.588091] ret_from_fork_asm+0x1a/0x30 [ 18.588294] [ 18.588399] freed by task 314 on cpu 0 at 18.583392s (0.005004s ago): [ 18.588689] test_use_after_free_read+0xfb/0x270 [ 18.589113] kunit_try_run_case+0x1a5/0x480 [ 18.589270] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.589448] kthread+0x337/0x6f0 [ 18.589583] ret_from_fork+0x116/0x1d0 [ 18.589782] ret_from_fork_asm+0x1a/0x30 [ 18.590003] [ 18.590125] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.590549] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.590758] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.591183] ================================================================== [ 18.479591] ================================================================== [ 18.480215] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 18.480215] [ 18.480562] Use-after-free read at 0x(____ptrval____) (in kfence-#76): [ 18.480952] test_use_after_free_read+0x129/0x270 [ 18.481185] kunit_try_run_case+0x1a5/0x480 [ 18.481491] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.481724] kthread+0x337/0x6f0 [ 18.481859] ret_from_fork+0x116/0x1d0 [ 18.482062] ret_from_fork_asm+0x1a/0x30 [ 18.482235] [ 18.482334] kfence-#76: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.482334] [ 18.482722] allocated by task 312 on cpu 0 at 18.479365s (0.003355s ago): [ 18.483023] test_alloc+0x364/0x10f0 [ 18.483212] test_use_after_free_read+0xdc/0x270 [ 18.483404] kunit_try_run_case+0x1a5/0x480 [ 18.483588] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.483864] kthread+0x337/0x6f0 [ 18.484042] ret_from_fork+0x116/0x1d0 [ 18.484231] ret_from_fork_asm+0x1a/0x30 [ 18.484401] [ 18.484497] freed by task 312 on cpu 0 at 18.479435s (0.005060s ago): [ 18.484763] test_use_after_free_read+0x1e7/0x270 [ 18.484980] kunit_try_run_case+0x1a5/0x480 [ 18.485180] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.485368] kthread+0x337/0x6f0 [ 18.485490] ret_from_fork+0x116/0x1d0 [ 18.485622] ret_from_fork_asm+0x1a/0x30 [ 18.485828] [ 18.485960] CPU: 0 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.486387] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.486537] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.486973] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 18.271498] ================================================================== [ 18.271978] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 18.271978] [ 18.272404] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#74): [ 18.272665] test_out_of_bounds_write+0x10d/0x260 [ 18.272988] kunit_try_run_case+0x1a5/0x480 [ 18.273213] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.273407] kthread+0x337/0x6f0 [ 18.273569] ret_from_fork+0x116/0x1d0 [ 18.273761] ret_from_fork_asm+0x1a/0x30 [ 18.273996] [ 18.274082] kfence-#74: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.274082] [ 18.274420] allocated by task 308 on cpu 1 at 18.271327s (0.003091s ago): [ 18.274732] test_alloc+0x364/0x10f0 [ 18.274863] test_out_of_bounds_write+0xd4/0x260 [ 18.275224] kunit_try_run_case+0x1a5/0x480 [ 18.275436] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.275647] kthread+0x337/0x6f0 [ 18.275810] ret_from_fork+0x116/0x1d0 [ 18.275985] ret_from_fork_asm+0x1a/0x30 [ 18.276128] [ 18.276222] CPU: 1 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.276706] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.276845] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.277266] ================================================================== [ 18.375408] ================================================================== [ 18.375824] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 18.375824] [ 18.376331] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#75): [ 18.377212] test_out_of_bounds_write+0x10d/0x260 [ 18.377463] kunit_try_run_case+0x1a5/0x480 [ 18.377829] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.378186] kthread+0x337/0x6f0 [ 18.378367] ret_from_fork+0x116/0x1d0 [ 18.378539] ret_from_fork_asm+0x1a/0x30 [ 18.378717] [ 18.378791] kfence-#75: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.378791] [ 18.379186] allocated by task 310 on cpu 1 at 18.375353s (0.003831s ago): [ 18.379493] test_alloc+0x2a6/0x10f0 [ 18.379658] test_out_of_bounds_write+0xd4/0x260 [ 18.380334] kunit_try_run_case+0x1a5/0x480 [ 18.380517] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.381063] kthread+0x337/0x6f0 [ 18.381330] ret_from_fork+0x116/0x1d0 [ 18.381585] ret_from_fork_asm+0x1a/0x30 [ 18.381897] [ 18.382048] CPU: 1 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.382638] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.382991] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.383479] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 17.959384] ================================================================== [ 17.959779] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 17.959779] [ 17.960184] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#71): [ 17.960532] test_out_of_bounds_read+0x216/0x4e0 [ 17.960703] kunit_try_run_case+0x1a5/0x480 [ 17.961019] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.961276] kthread+0x337/0x6f0 [ 17.961405] ret_from_fork+0x116/0x1d0 [ 17.961599] ret_from_fork_asm+0x1a/0x30 [ 17.961802] [ 17.961900] kfence-#71: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.961900] [ 17.962317] allocated by task 306 on cpu 0 at 17.959328s (0.002986s ago): [ 17.962564] test_alloc+0x2a6/0x10f0 [ 17.962751] test_out_of_bounds_read+0x1e2/0x4e0 [ 17.962971] kunit_try_run_case+0x1a5/0x480 [ 17.963119] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.963402] kthread+0x337/0x6f0 [ 17.963584] ret_from_fork+0x116/0x1d0 [ 17.963802] ret_from_fork_asm+0x1a/0x30 [ 17.963999] [ 17.964128] CPU: 0 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.964464] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.964624] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.965174] ================================================================== [ 17.335393] ================================================================== [ 17.335789] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 17.335789] [ 17.336322] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#65): [ 17.336630] test_out_of_bounds_read+0x126/0x4e0 [ 17.336869] kunit_try_run_case+0x1a5/0x480 [ 17.337033] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.337321] kthread+0x337/0x6f0 [ 17.337489] ret_from_fork+0x116/0x1d0 [ 17.337691] ret_from_fork_asm+0x1a/0x30 [ 17.337861] [ 17.337944] kfence-#65: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.337944] [ 17.338355] allocated by task 306 on cpu 0 at 17.335328s (0.003024s ago): [ 17.338648] test_alloc+0x2a6/0x10f0 [ 17.338835] test_out_of_bounds_read+0xed/0x4e0 [ 17.339063] kunit_try_run_case+0x1a5/0x480 [ 17.339276] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.339488] kthread+0x337/0x6f0 [ 17.339659] ret_from_fork+0x116/0x1d0 [ 17.339853] ret_from_fork_asm+0x1a/0x30 [ 17.340067] [ 17.340168] CPU: 0 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.340525] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.340715] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.341257] ================================================================== [ 16.712200] ================================================================== [ 16.712652] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 16.712652] [ 16.713387] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#59): [ 16.713710] test_out_of_bounds_read+0x126/0x4e0 [ 16.713949] kunit_try_run_case+0x1a5/0x480 [ 16.714100] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.714421] kthread+0x337/0x6f0 [ 16.714636] ret_from_fork+0x116/0x1d0 [ 16.714864] ret_from_fork_asm+0x1a/0x30 [ 16.715091] [ 16.715203] kfence-#59: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.715203] [ 16.715650] allocated by task 304 on cpu 1 at 16.711268s (0.004380s ago): [ 16.715973] test_alloc+0x364/0x10f0 [ 16.716454] test_out_of_bounds_read+0xed/0x4e0 [ 16.716691] kunit_try_run_case+0x1a5/0x480 [ 16.717335] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.717595] kthread+0x337/0x6f0 [ 16.717969] ret_from_fork+0x116/0x1d0 [ 16.718200] ret_from_fork_asm+0x1a/0x30 [ 16.718415] [ 16.718573] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.719067] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.719271] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.719692] ================================================================== [ 17.127531] ================================================================== [ 17.128008] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 17.128008] [ 17.128461] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#63): [ 17.128820] test_out_of_bounds_read+0x216/0x4e0 [ 17.129001] kunit_try_run_case+0x1a5/0x480 [ 17.129177] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.129435] kthread+0x337/0x6f0 [ 17.129634] ret_from_fork+0x116/0x1d0 [ 17.129844] ret_from_fork_asm+0x1a/0x30 [ 17.130059] [ 17.130244] kfence-#63: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.130244] [ 17.130629] allocated by task 304 on cpu 1 at 17.127348s (0.003279s ago): [ 17.130849] test_alloc+0x364/0x10f0 [ 17.131070] test_out_of_bounds_read+0x1e2/0x4e0 [ 17.131320] kunit_try_run_case+0x1a5/0x480 [ 17.131549] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.131823] kthread+0x337/0x6f0 [ 17.131978] ret_from_fork+0x116/0x1d0 [ 17.132186] ret_from_fork_asm+0x1a/0x30 [ 17.132407] [ 17.132548] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.133032] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.133200] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.133605] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-kmalloc_oob_memset_16
[ 12.537318] ================================================================== [ 12.538361] BUG: KFENCE: memory corruption in kmalloc_oob_memset_16+0x187/0x330 [ 12.538361] [ 12.538821] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . ] (in kfence-#36): [ 12.539699] kmalloc_oob_memset_16+0x187/0x330 [ 12.539954] kunit_try_run_case+0x1a5/0x480 [ 12.540250] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.540466] kthread+0x337/0x6f0 [ 12.540654] ret_from_fork+0x116/0x1d0 [ 12.540878] ret_from_fork_asm+0x1a/0x30 [ 12.541170] [ 12.541442] kfence-#36: 0x(____ptrval____)-0x(____ptrval____), size=120, cache=kmalloc-128 [ 12.541442] [ 12.542266] allocated by task 195 on cpu 1 at 12.535245s (0.006751s ago): [ 12.542704] kmalloc_oob_memset_16+0xac/0x330 [ 12.542964] kunit_try_run_case+0x1a5/0x480 [ 12.543246] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.543479] kthread+0x337/0x6f0 [ 12.543645] ret_from_fork+0x116/0x1d0 [ 12.543873] ret_from_fork_asm+0x1a/0x30 [ 12.544229] [ 12.544489] freed by task 195 on cpu 1 at 12.536824s (0.007548s ago): [ 12.544793] kmalloc_oob_memset_16+0x187/0x330 [ 12.545119] kunit_try_run_case+0x1a5/0x480 [ 12.545331] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.545543] kthread+0x337/0x6f0 [ 12.545729] ret_from_fork+0x116/0x1d0 [ 12.545886] ret_from_fork_asm+0x1a/0x30 [ 12.546130] [ 12.546396] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.546788] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.547161] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.547566] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 16.553156] ================================================================== [ 16.553411] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 16.553631] Write of size 1 at addr ffff888103953e78 by task kunit_try_catch/302 [ 16.553853] [ 16.553946] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.553987] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.553999] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.554019] Call Trace: [ 16.554034] <TASK> [ 16.554050] dump_stack_lvl+0x73/0xb0 [ 16.554075] print_report+0xd1/0x650 [ 16.554097] ? __virt_addr_valid+0x1db/0x2d0 [ 16.554119] ? strncpy_from_user+0x1a5/0x1d0 [ 16.554141] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.554164] ? strncpy_from_user+0x1a5/0x1d0 [ 16.554188] kasan_report+0x141/0x180 [ 16.554210] ? strncpy_from_user+0x1a5/0x1d0 [ 16.554238] __asan_report_store1_noabort+0x1b/0x30 [ 16.554262] strncpy_from_user+0x1a5/0x1d0 [ 16.554288] copy_user_test_oob+0x760/0x10f0 [ 16.554315] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.554337] ? finish_task_switch.isra.0+0x153/0x700 [ 16.554359] ? __switch_to+0x47/0xf50 [ 16.554384] ? irqentry_exit+0x2a/0x60 [ 16.554404] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 16.554442] ? __pfx_read_tsc+0x10/0x10 [ 16.554464] ? ktime_get_ts64+0x86/0x230 [ 16.554489] kunit_try_run_case+0x1a5/0x480 [ 16.554520] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.554548] ? __kthread_parkme+0x8f/0x180 [ 16.554570] ? __kthread_parkme+0xfa/0x180 [ 16.554593] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.554619] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.554644] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.554672] kthread+0x337/0x6f0 [ 16.554691] ? trace_preempt_on+0x20/0xc0 [ 16.554715] ? __pfx_kthread+0x10/0x10 [ 16.554738] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.554761] ? calculate_sigpending+0x7b/0xa0 [ 16.554786] ? __pfx_kthread+0x10/0x10 [ 16.554808] ret_from_fork+0x116/0x1d0 [ 16.554827] ? __pfx_kthread+0x10/0x10 [ 16.554849] ret_from_fork_asm+0x1a/0x30 [ 16.554883] </TASK> [ 16.554893] [ 16.563195] Allocated by task 302: [ 16.563326] kasan_save_stack+0x45/0x70 [ 16.564668] kasan_save_track+0x18/0x40 [ 16.564996] kasan_save_alloc_info+0x3b/0x50 [ 16.565184] __kasan_kmalloc+0xb7/0xc0 [ 16.565360] __kmalloc_noprof+0x1c9/0x500 [ 16.565543] kunit_kmalloc_array+0x25/0x60 [ 16.565739] copy_user_test_oob+0xab/0x10f0 [ 16.566319] kunit_try_run_case+0x1a5/0x480 [ 16.566525] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.567513] kthread+0x337/0x6f0 [ 16.567686] ret_from_fork+0x116/0x1d0 [ 16.567853] ret_from_fork_asm+0x1a/0x30 [ 16.568016] [ 16.568097] The buggy address belongs to the object at ffff888103953e00 [ 16.568097] which belongs to the cache kmalloc-128 of size 128 [ 16.568645] The buggy address is located 0 bytes to the right of [ 16.568645] allocated 120-byte region [ffff888103953e00, ffff888103953e78) [ 16.569471] [ 16.569640] The buggy address belongs to the physical page: [ 16.569878] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103953 [ 16.570349] flags: 0x200000000000000(node=0|zone=2) [ 16.570537] page_type: f5(slab) [ 16.570707] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.571268] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.571605] page dumped because: kasan: bad access detected [ 16.572063] [ 16.572158] Memory state around the buggy address: [ 16.572377] ffff888103953d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.572802] ffff888103953d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.573222] >ffff888103953e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.573601] ^ [ 16.573869] ffff888103953e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.574272] ffff888103953f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.574582] ================================================================== [ 16.534916] ================================================================== [ 16.535270] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 16.535592] Write of size 121 at addr ffff888103953e00 by task kunit_try_catch/302 [ 16.535995] [ 16.536079] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.536118] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.536130] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.536151] Call Trace: [ 16.536165] <TASK> [ 16.536178] dump_stack_lvl+0x73/0xb0 [ 16.536206] print_report+0xd1/0x650 [ 16.536228] ? __virt_addr_valid+0x1db/0x2d0 [ 16.536252] ? strncpy_from_user+0x2e/0x1d0 [ 16.536275] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.536300] ? strncpy_from_user+0x2e/0x1d0 [ 16.536324] kasan_report+0x141/0x180 [ 16.536347] ? strncpy_from_user+0x2e/0x1d0 [ 16.536377] kasan_check_range+0x10c/0x1c0 [ 16.536401] __kasan_check_write+0x18/0x20 [ 16.536421] strncpy_from_user+0x2e/0x1d0 [ 16.536444] ? __kasan_check_read+0x15/0x20 [ 16.536467] copy_user_test_oob+0x760/0x10f0 [ 16.536494] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.536518] ? finish_task_switch.isra.0+0x153/0x700 [ 16.536543] ? __switch_to+0x47/0xf50 [ 16.536569] ? irqentry_exit+0x2a/0x60 [ 16.536591] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 16.536616] ? __pfx_read_tsc+0x10/0x10 [ 16.536638] ? ktime_get_ts64+0x86/0x230 [ 16.536663] kunit_try_run_case+0x1a5/0x480 [ 16.536688] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.536716] ? __kthread_parkme+0x8f/0x180 [ 16.536739] ? __kthread_parkme+0xfa/0x180 [ 16.536772] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.536797] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.536823] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.536851] kthread+0x337/0x6f0 [ 16.536870] ? trace_preempt_on+0x20/0xc0 [ 16.536894] ? __pfx_kthread+0x10/0x10 [ 16.536916] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.536950] ? calculate_sigpending+0x7b/0xa0 [ 16.536974] ? __pfx_kthread+0x10/0x10 [ 16.536997] ret_from_fork+0x116/0x1d0 [ 16.537017] ? __pfx_kthread+0x10/0x10 [ 16.537038] ret_from_fork_asm+0x1a/0x30 [ 16.537070] </TASK> [ 16.537081] [ 16.544767] Allocated by task 302: [ 16.544962] kasan_save_stack+0x45/0x70 [ 16.545167] kasan_save_track+0x18/0x40 [ 16.545332] kasan_save_alloc_info+0x3b/0x50 [ 16.545544] __kasan_kmalloc+0xb7/0xc0 [ 16.545696] __kmalloc_noprof+0x1c9/0x500 [ 16.545947] kunit_kmalloc_array+0x25/0x60 [ 16.546121] copy_user_test_oob+0xab/0x10f0 [ 16.546319] kunit_try_run_case+0x1a5/0x480 [ 16.546516] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.546767] kthread+0x337/0x6f0 [ 16.546928] ret_from_fork+0x116/0x1d0 [ 16.547092] ret_from_fork_asm+0x1a/0x30 [ 16.547271] [ 16.547347] The buggy address belongs to the object at ffff888103953e00 [ 16.547347] which belongs to the cache kmalloc-128 of size 128 [ 16.547835] The buggy address is located 0 bytes inside of [ 16.547835] allocated 120-byte region [ffff888103953e00, ffff888103953e78) [ 16.548271] [ 16.548344] The buggy address belongs to the physical page: [ 16.548517] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103953 [ 16.548754] flags: 0x200000000000000(node=0|zone=2) [ 16.548995] page_type: f5(slab) [ 16.549162] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.549511] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.549843] page dumped because: kasan: bad access detected [ 16.550179] [ 16.550248] Memory state around the buggy address: [ 16.550401] ffff888103953d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.550626] ffff888103953d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.551197] >ffff888103953e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.551518] ^ [ 16.551808] ffff888103953e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.552250] ffff888103953f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.552500] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 16.481511] ================================================================== [ 16.481948] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 16.482383] Read of size 121 at addr ffff888103953e00 by task kunit_try_catch/302 [ 16.482636] [ 16.482773] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.482815] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.482828] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.482866] Call Trace: [ 16.482882] <TASK> [ 16.482897] dump_stack_lvl+0x73/0xb0 [ 16.482955] print_report+0xd1/0x650 [ 16.482977] ? __virt_addr_valid+0x1db/0x2d0 [ 16.483001] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.483026] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.483050] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.483075] kasan_report+0x141/0x180 [ 16.483098] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.483158] kasan_check_range+0x10c/0x1c0 [ 16.483196] __kasan_check_read+0x15/0x20 [ 16.483217] copy_user_test_oob+0x4aa/0x10f0 [ 16.483243] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.483267] ? finish_task_switch.isra.0+0x153/0x700 [ 16.483290] ? __switch_to+0x47/0xf50 [ 16.483317] ? irqentry_exit+0x2a/0x60 [ 16.483338] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 16.483364] ? __pfx_read_tsc+0x10/0x10 [ 16.483386] ? ktime_get_ts64+0x86/0x230 [ 16.483411] kunit_try_run_case+0x1a5/0x480 [ 16.483436] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.483464] ? __kthread_parkme+0x8f/0x180 [ 16.483486] ? __kthread_parkme+0xfa/0x180 [ 16.483508] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.483534] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.483578] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.483605] kthread+0x337/0x6f0 [ 16.483625] ? trace_preempt_on+0x20/0xc0 [ 16.483649] ? __pfx_kthread+0x10/0x10 [ 16.483671] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.483694] ? calculate_sigpending+0x7b/0xa0 [ 16.483719] ? __pfx_kthread+0x10/0x10 [ 16.483742] ret_from_fork+0x116/0x1d0 [ 16.483761] ? __pfx_kthread+0x10/0x10 [ 16.483793] ret_from_fork_asm+0x1a/0x30 [ 16.483826] </TASK> [ 16.483836] [ 16.491153] Allocated by task 302: [ 16.491287] kasan_save_stack+0x45/0x70 [ 16.491480] kasan_save_track+0x18/0x40 [ 16.491672] kasan_save_alloc_info+0x3b/0x50 [ 16.491900] __kasan_kmalloc+0xb7/0xc0 [ 16.492046] __kmalloc_noprof+0x1c9/0x500 [ 16.492186] kunit_kmalloc_array+0x25/0x60 [ 16.492410] copy_user_test_oob+0xab/0x10f0 [ 16.492645] kunit_try_run_case+0x1a5/0x480 [ 16.492891] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.493154] kthread+0x337/0x6f0 [ 16.493385] ret_from_fork+0x116/0x1d0 [ 16.493568] ret_from_fork_asm+0x1a/0x30 [ 16.493781] [ 16.493852] The buggy address belongs to the object at ffff888103953e00 [ 16.493852] which belongs to the cache kmalloc-128 of size 128 [ 16.494352] The buggy address is located 0 bytes inside of [ 16.494352] allocated 120-byte region [ffff888103953e00, ffff888103953e78) [ 16.494789] [ 16.494904] The buggy address belongs to the physical page: [ 16.495245] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103953 [ 16.495536] flags: 0x200000000000000(node=0|zone=2) [ 16.495831] page_type: f5(slab) [ 16.495964] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.496356] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.496753] page dumped because: kasan: bad access detected [ 16.497008] [ 16.497104] Memory state around the buggy address: [ 16.497321] ffff888103953d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.497630] ffff888103953d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.497952] >ffff888103953e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.498159] ^ [ 16.498365] ffff888103953e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.498584] ffff888103953f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.498797] ================================================================== [ 16.517977] ================================================================== [ 16.518332] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 16.518624] Read of size 121 at addr ffff888103953e00 by task kunit_try_catch/302 [ 16.519015] [ 16.519114] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.519177] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.519190] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.519211] Call Trace: [ 16.519226] <TASK> [ 16.519243] dump_stack_lvl+0x73/0xb0 [ 16.519271] print_report+0xd1/0x650 [ 16.519294] ? __virt_addr_valid+0x1db/0x2d0 [ 16.519317] ? copy_user_test_oob+0x604/0x10f0 [ 16.519342] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.519369] ? copy_user_test_oob+0x604/0x10f0 [ 16.519395] kasan_report+0x141/0x180 [ 16.519420] ? copy_user_test_oob+0x604/0x10f0 [ 16.519450] kasan_check_range+0x10c/0x1c0 [ 16.519474] __kasan_check_read+0x15/0x20 [ 16.519495] copy_user_test_oob+0x604/0x10f0 [ 16.519522] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.519546] ? finish_task_switch.isra.0+0x153/0x700 [ 16.519570] ? __switch_to+0x47/0xf50 [ 16.519597] ? irqentry_exit+0x2a/0x60 [ 16.519619] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 16.519644] ? __pfx_read_tsc+0x10/0x10 [ 16.519667] ? ktime_get_ts64+0x86/0x230 [ 16.519692] kunit_try_run_case+0x1a5/0x480 [ 16.519718] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.519746] ? __kthread_parkme+0x8f/0x180 [ 16.519769] ? __kthread_parkme+0xfa/0x180 [ 16.519791] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.519818] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.519843] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.519869] kthread+0x337/0x6f0 [ 16.519890] ? trace_preempt_on+0x20/0xc0 [ 16.519913] ? __pfx_kthread+0x10/0x10 [ 16.519945] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.519968] ? calculate_sigpending+0x7b/0xa0 [ 16.519993] ? __pfx_kthread+0x10/0x10 [ 16.520016] ret_from_fork+0x116/0x1d0 [ 16.520035] ? __pfx_kthread+0x10/0x10 [ 16.520056] ret_from_fork_asm+0x1a/0x30 [ 16.520089] </TASK> [ 16.520099] [ 16.526939] Allocated by task 302: [ 16.527085] kasan_save_stack+0x45/0x70 [ 16.527275] kasan_save_track+0x18/0x40 [ 16.527452] kasan_save_alloc_info+0x3b/0x50 [ 16.527601] __kasan_kmalloc+0xb7/0xc0 [ 16.527736] __kmalloc_noprof+0x1c9/0x500 [ 16.527874] kunit_kmalloc_array+0x25/0x60 [ 16.528094] copy_user_test_oob+0xab/0x10f0 [ 16.528308] kunit_try_run_case+0x1a5/0x480 [ 16.528513] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.528765] kthread+0x337/0x6f0 [ 16.528952] ret_from_fork+0x116/0x1d0 [ 16.529151] ret_from_fork_asm+0x1a/0x30 [ 16.529342] [ 16.529417] The buggy address belongs to the object at ffff888103953e00 [ 16.529417] which belongs to the cache kmalloc-128 of size 128 [ 16.529906] The buggy address is located 0 bytes inside of [ 16.529906] allocated 120-byte region [ffff888103953e00, ffff888103953e78) [ 16.530316] [ 16.530387] The buggy address belongs to the physical page: [ 16.530599] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103953 [ 16.531086] flags: 0x200000000000000(node=0|zone=2) [ 16.531335] page_type: f5(slab) [ 16.531497] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.531828] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.532113] page dumped because: kasan: bad access detected [ 16.532316] [ 16.532386] Memory state around the buggy address: [ 16.532568] ffff888103953d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.533055] ffff888103953d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.533338] >ffff888103953e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.533599] ^ [ 16.534015] ffff888103953e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.534248] ffff888103953f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.534463] ================================================================== [ 16.499484] ================================================================== [ 16.499817] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 16.500211] Write of size 121 at addr ffff888103953e00 by task kunit_try_catch/302 [ 16.500549] [ 16.500683] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.500742] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.500754] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.500784] Call Trace: [ 16.500798] <TASK> [ 16.500811] dump_stack_lvl+0x73/0xb0 [ 16.500858] print_report+0xd1/0x650 [ 16.500881] ? __virt_addr_valid+0x1db/0x2d0 [ 16.500932] ? copy_user_test_oob+0x557/0x10f0 [ 16.500957] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.500982] ? copy_user_test_oob+0x557/0x10f0 [ 16.501007] kasan_report+0x141/0x180 [ 16.501030] ? copy_user_test_oob+0x557/0x10f0 [ 16.501060] kasan_check_range+0x10c/0x1c0 [ 16.501101] __kasan_check_write+0x18/0x20 [ 16.501135] copy_user_test_oob+0x557/0x10f0 [ 16.501175] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.501212] ? finish_task_switch.isra.0+0x153/0x700 [ 16.501236] ? __switch_to+0x47/0xf50 [ 16.501262] ? irqentry_exit+0x2a/0x60 [ 16.501284] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 16.501310] ? __pfx_read_tsc+0x10/0x10 [ 16.501331] ? ktime_get_ts64+0x86/0x230 [ 16.501356] kunit_try_run_case+0x1a5/0x480 [ 16.501381] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.501410] ? __kthread_parkme+0x8f/0x180 [ 16.501432] ? __kthread_parkme+0xfa/0x180 [ 16.501455] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.501480] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.501506] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.501533] kthread+0x337/0x6f0 [ 16.501552] ? trace_preempt_on+0x20/0xc0 [ 16.501577] ? __pfx_kthread+0x10/0x10 [ 16.501599] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.501623] ? calculate_sigpending+0x7b/0xa0 [ 16.501648] ? __pfx_kthread+0x10/0x10 [ 16.501671] ret_from_fork+0x116/0x1d0 [ 16.501691] ? __pfx_kthread+0x10/0x10 [ 16.501712] ret_from_fork_asm+0x1a/0x30 [ 16.501744] </TASK> [ 16.501762] [ 16.509424] Allocated by task 302: [ 16.509552] kasan_save_stack+0x45/0x70 [ 16.509762] kasan_save_track+0x18/0x40 [ 16.509990] kasan_save_alloc_info+0x3b/0x50 [ 16.510204] __kasan_kmalloc+0xb7/0xc0 [ 16.510411] __kmalloc_noprof+0x1c9/0x500 [ 16.510633] kunit_kmalloc_array+0x25/0x60 [ 16.510942] copy_user_test_oob+0xab/0x10f0 [ 16.511149] kunit_try_run_case+0x1a5/0x480 [ 16.511356] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.511607] kthread+0x337/0x6f0 [ 16.511759] ret_from_fork+0x116/0x1d0 [ 16.511957] ret_from_fork_asm+0x1a/0x30 [ 16.512116] [ 16.512185] The buggy address belongs to the object at ffff888103953e00 [ 16.512185] which belongs to the cache kmalloc-128 of size 128 [ 16.512657] The buggy address is located 0 bytes inside of [ 16.512657] allocated 120-byte region [ffff888103953e00, ffff888103953e78) [ 16.513320] [ 16.513406] The buggy address belongs to the physical page: [ 16.513652] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103953 [ 16.514039] flags: 0x200000000000000(node=0|zone=2) [ 16.514259] page_type: f5(slab) [ 16.514425] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.514750] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.515062] page dumped because: kasan: bad access detected [ 16.515296] [ 16.515368] Memory state around the buggy address: [ 16.515590] ffff888103953d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.515952] ffff888103953d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.516226] >ffff888103953e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.516508] ^ [ 16.516829] ffff888103953e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.517154] ffff888103953f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.517436] ================================================================== [ 16.458472] ================================================================== [ 16.458826] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 16.459238] Write of size 121 at addr ffff888103953e00 by task kunit_try_catch/302 [ 16.459573] [ 16.459687] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.459730] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.459743] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.459764] Call Trace: [ 16.459777] <TASK> [ 16.459792] dump_stack_lvl+0x73/0xb0 [ 16.459846] print_report+0xd1/0x650 [ 16.459876] ? __virt_addr_valid+0x1db/0x2d0 [ 16.459900] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.459936] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.459961] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.459986] kasan_report+0x141/0x180 [ 16.460009] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.460038] kasan_check_range+0x10c/0x1c0 [ 16.460062] __kasan_check_write+0x18/0x20 [ 16.460102] copy_user_test_oob+0x3fd/0x10f0 [ 16.460128] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.460153] ? finish_task_switch.isra.0+0x153/0x700 [ 16.460177] ? __switch_to+0x47/0xf50 [ 16.460204] ? irqentry_exit+0x2a/0x60 [ 16.460226] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 16.460251] ? __pfx_read_tsc+0x10/0x10 [ 16.460274] ? ktime_get_ts64+0x86/0x230 [ 16.460298] kunit_try_run_case+0x1a5/0x480 [ 16.460343] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.460371] ? __kthread_parkme+0x8f/0x180 [ 16.460394] ? __kthread_parkme+0xfa/0x180 [ 16.460416] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.460442] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.460468] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.460510] kthread+0x337/0x6f0 [ 16.460530] ? trace_preempt_on+0x20/0xc0 [ 16.460555] ? __pfx_kthread+0x10/0x10 [ 16.460577] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.460602] ? calculate_sigpending+0x7b/0xa0 [ 16.460628] ? __pfx_kthread+0x10/0x10 [ 16.460651] ret_from_fork+0x116/0x1d0 [ 16.460671] ? __pfx_kthread+0x10/0x10 [ 16.460692] ret_from_fork_asm+0x1a/0x30 [ 16.460726] </TASK> [ 16.460736] [ 16.472882] Allocated by task 302: [ 16.473255] kasan_save_stack+0x45/0x70 [ 16.473432] kasan_save_track+0x18/0x40 [ 16.473569] kasan_save_alloc_info+0x3b/0x50 [ 16.473712] __kasan_kmalloc+0xb7/0xc0 [ 16.473875] __kmalloc_noprof+0x1c9/0x500 [ 16.474145] kunit_kmalloc_array+0x25/0x60 [ 16.474356] copy_user_test_oob+0xab/0x10f0 [ 16.474562] kunit_try_run_case+0x1a5/0x480 [ 16.474772] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.475026] kthread+0x337/0x6f0 [ 16.475169] ret_from_fork+0x116/0x1d0 [ 16.475346] ret_from_fork_asm+0x1a/0x30 [ 16.475482] [ 16.475576] The buggy address belongs to the object at ffff888103953e00 [ 16.475576] which belongs to the cache kmalloc-128 of size 128 [ 16.476192] The buggy address is located 0 bytes inside of [ 16.476192] allocated 120-byte region [ffff888103953e00, ffff888103953e78) [ 16.476665] [ 16.476737] The buggy address belongs to the physical page: [ 16.476902] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103953 [ 16.477289] flags: 0x200000000000000(node=0|zone=2) [ 16.477632] page_type: f5(slab) [ 16.477802] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.478188] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.478439] page dumped because: kasan: bad access detected [ 16.478627] [ 16.478740] Memory state around the buggy address: [ 16.479049] ffff888103953d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.479411] ffff888103953d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.479727] >ffff888103953e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.480056] ^ [ 16.480333] ffff888103953e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.480567] ffff888103953f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.480964] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 16.431531] ================================================================== [ 16.432346] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x3c/0x70 [ 16.433100] Read of size 121 at addr ffff888103953e00 by task kunit_try_catch/302 [ 16.433551] [ 16.433641] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.433686] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.433699] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.433720] Call Trace: [ 16.433734] <TASK> [ 16.433750] dump_stack_lvl+0x73/0xb0 [ 16.433783] print_report+0xd1/0x650 [ 16.433807] ? __virt_addr_valid+0x1db/0x2d0 [ 16.433832] ? _copy_to_user+0x3c/0x70 [ 16.433852] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.433877] ? _copy_to_user+0x3c/0x70 [ 16.433897] kasan_report+0x141/0x180 [ 16.433933] ? _copy_to_user+0x3c/0x70 [ 16.433959] kasan_check_range+0x10c/0x1c0 [ 16.433984] __kasan_check_read+0x15/0x20 [ 16.434005] _copy_to_user+0x3c/0x70 [ 16.434026] copy_user_test_oob+0x364/0x10f0 [ 16.434054] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.434078] ? finish_task_switch.isra.0+0x153/0x700 [ 16.434102] ? __switch_to+0x47/0xf50 [ 16.434127] ? irqentry_exit+0x2a/0x60 [ 16.434149] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 16.434175] ? __pfx_read_tsc+0x10/0x10 [ 16.434196] ? ktime_get_ts64+0x86/0x230 [ 16.434222] kunit_try_run_case+0x1a5/0x480 [ 16.434246] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.434275] ? __kthread_parkme+0x8f/0x180 [ 16.434297] ? __kthread_parkme+0xfa/0x180 [ 16.434320] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.434345] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.434372] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.434398] kthread+0x337/0x6f0 [ 16.434417] ? trace_preempt_on+0x20/0xc0 [ 16.434442] ? __pfx_kthread+0x10/0x10 [ 16.434464] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.434487] ? calculate_sigpending+0x7b/0xa0 [ 16.434518] ? __pfx_kthread+0x10/0x10 [ 16.434541] ret_from_fork+0x116/0x1d0 [ 16.434560] ? __pfx_kthread+0x10/0x10 [ 16.434582] ret_from_fork_asm+0x1a/0x30 [ 16.434615] </TASK> [ 16.434627] [ 16.446082] Allocated by task 302: [ 16.446286] kasan_save_stack+0x45/0x70 [ 16.446513] kasan_save_track+0x18/0x40 [ 16.446721] kasan_save_alloc_info+0x3b/0x50 [ 16.446927] __kasan_kmalloc+0xb7/0xc0 [ 16.447127] __kmalloc_noprof+0x1c9/0x500 [ 16.447373] kunit_kmalloc_array+0x25/0x60 [ 16.447579] copy_user_test_oob+0xab/0x10f0 [ 16.447841] kunit_try_run_case+0x1a5/0x480 [ 16.448031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.448212] kthread+0x337/0x6f0 [ 16.448363] ret_from_fork+0x116/0x1d0 [ 16.448573] ret_from_fork_asm+0x1a/0x30 [ 16.448788] [ 16.448883] The buggy address belongs to the object at ffff888103953e00 [ 16.448883] which belongs to the cache kmalloc-128 of size 128 [ 16.449417] The buggy address is located 0 bytes inside of [ 16.449417] allocated 120-byte region [ffff888103953e00, ffff888103953e78) [ 16.449953] [ 16.450027] The buggy address belongs to the physical page: [ 16.450198] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103953 [ 16.450553] flags: 0x200000000000000(node=0|zone=2) [ 16.450856] page_type: f5(slab) [ 16.451053] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.451401] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.451757] page dumped because: kasan: bad access detected [ 16.452018] [ 16.452151] Memory state around the buggy address: [ 16.452358] ffff888103953d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.452579] ffff888103953d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.452793] >ffff888103953e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.453014] ^ [ 16.453353] ffff888103953e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.453702] ffff888103953f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.454070] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 16.397221] ================================================================== [ 16.398452] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 16.399151] Write of size 121 at addr ffff888103953e00 by task kunit_try_catch/302 [ 16.400193] [ 16.400325] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.400374] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.400387] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.400411] Call Trace: [ 16.400425] <TASK> [ 16.400445] dump_stack_lvl+0x73/0xb0 [ 16.400479] print_report+0xd1/0x650 [ 16.400504] ? __virt_addr_valid+0x1db/0x2d0 [ 16.400529] ? _copy_from_user+0x32/0x90 [ 16.400549] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.400577] ? _copy_from_user+0x32/0x90 [ 16.400599] kasan_report+0x141/0x180 [ 16.400622] ? _copy_from_user+0x32/0x90 [ 16.400648] kasan_check_range+0x10c/0x1c0 [ 16.400673] __kasan_check_write+0x18/0x20 [ 16.400693] _copy_from_user+0x32/0x90 [ 16.400715] copy_user_test_oob+0x2be/0x10f0 [ 16.400742] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.400766] ? finish_task_switch.isra.0+0x153/0x700 [ 16.400791] ? __switch_to+0x47/0xf50 [ 16.400819] ? irqentry_exit+0x2a/0x60 [ 16.400842] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 16.401009] ? __pfx_read_tsc+0x10/0x10 [ 16.401035] ? ktime_get_ts64+0x86/0x230 [ 16.401062] kunit_try_run_case+0x1a5/0x480 [ 16.401088] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.401116] ? __kthread_parkme+0x8f/0x180 [ 16.401140] ? __kthread_parkme+0xfa/0x180 [ 16.401163] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.401188] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.401215] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.401241] kthread+0x337/0x6f0 [ 16.401261] ? trace_preempt_on+0x20/0xc0 [ 16.401286] ? __pfx_kthread+0x10/0x10 [ 16.401308] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.401332] ? calculate_sigpending+0x7b/0xa0 [ 16.401357] ? __pfx_kthread+0x10/0x10 [ 16.401380] ret_from_fork+0x116/0x1d0 [ 16.401399] ? __pfx_kthread+0x10/0x10 [ 16.401421] ret_from_fork_asm+0x1a/0x30 [ 16.401455] </TASK> [ 16.401467] [ 16.413737] Allocated by task 302: [ 16.414313] kasan_save_stack+0x45/0x70 [ 16.414481] kasan_save_track+0x18/0x40 [ 16.414967] kasan_save_alloc_info+0x3b/0x50 [ 16.415282] __kasan_kmalloc+0xb7/0xc0 [ 16.415596] __kmalloc_noprof+0x1c9/0x500 [ 16.415928] kunit_kmalloc_array+0x25/0x60 [ 16.416294] copy_user_test_oob+0xab/0x10f0 [ 16.416528] kunit_try_run_case+0x1a5/0x480 [ 16.416885] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.417329] kthread+0x337/0x6f0 [ 16.417522] ret_from_fork+0x116/0x1d0 [ 16.417801] ret_from_fork_asm+0x1a/0x30 [ 16.418202] [ 16.418301] The buggy address belongs to the object at ffff888103953e00 [ 16.418301] which belongs to the cache kmalloc-128 of size 128 [ 16.419519] The buggy address is located 0 bytes inside of [ 16.419519] allocated 120-byte region [ffff888103953e00, ffff888103953e78) [ 16.419878] [ 16.420269] The buggy address belongs to the physical page: [ 16.420576] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103953 [ 16.420816] flags: 0x200000000000000(node=0|zone=2) [ 16.421261] page_type: f5(slab) [ 16.421390] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.421721] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.423210] page dumped because: kasan: bad access detected [ 16.423483] [ 16.423558] Memory state around the buggy address: [ 16.423719] ffff888103953d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.423959] ffff888103953d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.424179] >ffff888103953e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.424396] ^ [ 16.424612] ffff888103953e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.424827] ffff888103953f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.426767] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 16.324222] ================================================================== [ 16.325951] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 16.326422] Read of size 8 at addr ffff888103953d78 by task kunit_try_catch/298 [ 16.326653] [ 16.326966] CPU: 0 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.327042] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.327055] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.327077] Call Trace: [ 16.327092] <TASK> [ 16.327312] dump_stack_lvl+0x73/0xb0 [ 16.327349] print_report+0xd1/0x650 [ 16.327377] ? __virt_addr_valid+0x1db/0x2d0 [ 16.327404] ? copy_to_kernel_nofault+0x225/0x260 [ 16.327429] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.327455] ? copy_to_kernel_nofault+0x225/0x260 [ 16.327481] kasan_report+0x141/0x180 [ 16.327504] ? copy_to_kernel_nofault+0x225/0x260 [ 16.327534] __asan_report_load8_noabort+0x18/0x20 [ 16.327560] copy_to_kernel_nofault+0x225/0x260 [ 16.327587] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 16.327615] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.327640] ? finish_task_switch.isra.0+0x153/0x700 [ 16.327665] ? __schedule+0x10cc/0x2b60 [ 16.327688] ? trace_hardirqs_on+0x37/0xe0 [ 16.327721] ? __pfx_read_tsc+0x10/0x10 [ 16.327754] ? ktime_get_ts64+0x86/0x230 [ 16.327781] kunit_try_run_case+0x1a5/0x480 [ 16.327807] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.327832] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.327857] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.327882] ? __kthread_parkme+0x82/0x180 [ 16.327904] ? preempt_count_sub+0x50/0x80 [ 16.327944] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.327970] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.327995] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.328037] kthread+0x337/0x6f0 [ 16.328057] ? trace_preempt_on+0x20/0xc0 [ 16.328081] ? __pfx_kthread+0x10/0x10 [ 16.328103] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.328126] ? calculate_sigpending+0x7b/0xa0 [ 16.328152] ? __pfx_kthread+0x10/0x10 [ 16.328174] ret_from_fork+0x116/0x1d0 [ 16.328194] ? __pfx_kthread+0x10/0x10 [ 16.328215] ret_from_fork_asm+0x1a/0x30 [ 16.328250] </TASK> [ 16.328261] [ 16.346363] Allocated by task 298: [ 16.346517] kasan_save_stack+0x45/0x70 [ 16.346673] kasan_save_track+0x18/0x40 [ 16.347287] kasan_save_alloc_info+0x3b/0x50 [ 16.347710] __kasan_kmalloc+0xb7/0xc0 [ 16.348239] __kmalloc_cache_noprof+0x189/0x420 [ 16.348410] copy_to_kernel_nofault_oob+0x12f/0x560 [ 16.348576] kunit_try_run_case+0x1a5/0x480 [ 16.348724] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.349711] kthread+0x337/0x6f0 [ 16.350250] ret_from_fork+0x116/0x1d0 [ 16.350790] ret_from_fork_asm+0x1a/0x30 [ 16.351460] [ 16.351866] The buggy address belongs to the object at ffff888103953d00 [ 16.351866] which belongs to the cache kmalloc-128 of size 128 [ 16.353113] The buggy address is located 0 bytes to the right of [ 16.353113] allocated 120-byte region [ffff888103953d00, ffff888103953d78) [ 16.353693] [ 16.353784] The buggy address belongs to the physical page: [ 16.353981] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103953 [ 16.354296] flags: 0x200000000000000(node=0|zone=2) [ 16.354545] page_type: f5(slab) [ 16.354703] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.355277] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.355624] page dumped because: kasan: bad access detected [ 16.355865] [ 16.356007] Memory state around the buggy address: [ 16.356321] ffff888103953c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.356587] ffff888103953c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.357126] >ffff888103953d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.357418] ^ [ 16.357759] ffff888103953d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.358233] ffff888103953e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.358555] ================================================================== [ 16.359382] ================================================================== [ 16.359682] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 16.360116] Write of size 8 at addr ffff888103953d78 by task kunit_try_catch/298 [ 16.360533] [ 16.360649] CPU: 0 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.360694] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.360707] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.360728] Call Trace: [ 16.360741] <TASK> [ 16.360796] dump_stack_lvl+0x73/0xb0 [ 16.360829] print_report+0xd1/0x650 [ 16.360853] ? __virt_addr_valid+0x1db/0x2d0 [ 16.360877] ? copy_to_kernel_nofault+0x99/0x260 [ 16.360945] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.360972] ? copy_to_kernel_nofault+0x99/0x260 [ 16.361009] kasan_report+0x141/0x180 [ 16.361101] ? copy_to_kernel_nofault+0x99/0x260 [ 16.361144] kasan_check_range+0x10c/0x1c0 [ 16.361199] __kasan_check_write+0x18/0x20 [ 16.361220] copy_to_kernel_nofault+0x99/0x260 [ 16.361247] copy_to_kernel_nofault_oob+0x288/0x560 [ 16.361273] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.361298] ? finish_task_switch.isra.0+0x153/0x700 [ 16.361323] ? __schedule+0x10cc/0x2b60 [ 16.361345] ? trace_hardirqs_on+0x37/0xe0 [ 16.361378] ? __pfx_read_tsc+0x10/0x10 [ 16.361417] ? ktime_get_ts64+0x86/0x230 [ 16.361452] kunit_try_run_case+0x1a5/0x480 [ 16.361478] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.361513] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.361538] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.361590] ? __kthread_parkme+0x82/0x180 [ 16.361612] ? preempt_count_sub+0x50/0x80 [ 16.361637] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.361673] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.361699] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.361726] kthread+0x337/0x6f0 [ 16.361746] ? trace_preempt_on+0x20/0xc0 [ 16.361781] ? __pfx_kthread+0x10/0x10 [ 16.361803] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.361826] ? calculate_sigpending+0x7b/0xa0 [ 16.361851] ? __pfx_kthread+0x10/0x10 [ 16.361873] ret_from_fork+0x116/0x1d0 [ 16.361893] ? __pfx_kthread+0x10/0x10 [ 16.361914] ret_from_fork_asm+0x1a/0x30 [ 16.361958] </TASK> [ 16.361970] [ 16.372062] Allocated by task 298: [ 16.372324] kasan_save_stack+0x45/0x70 [ 16.372571] kasan_save_track+0x18/0x40 [ 16.372775] kasan_save_alloc_info+0x3b/0x50 [ 16.373012] __kasan_kmalloc+0xb7/0xc0 [ 16.373298] __kmalloc_cache_noprof+0x189/0x420 [ 16.373527] copy_to_kernel_nofault_oob+0x12f/0x560 [ 16.373786] kunit_try_run_case+0x1a5/0x480 [ 16.374130] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.374572] kthread+0x337/0x6f0 [ 16.374776] ret_from_fork+0x116/0x1d0 [ 16.375068] ret_from_fork_asm+0x1a/0x30 [ 16.375282] [ 16.375378] The buggy address belongs to the object at ffff888103953d00 [ 16.375378] which belongs to the cache kmalloc-128 of size 128 [ 16.375932] The buggy address is located 0 bytes to the right of [ 16.375932] allocated 120-byte region [ffff888103953d00, ffff888103953d78) [ 16.376546] [ 16.376625] The buggy address belongs to the physical page: [ 16.376799] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103953 [ 16.377146] flags: 0x200000000000000(node=0|zone=2) [ 16.377490] page_type: f5(slab) [ 16.377887] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.378631] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.378940] page dumped because: kasan: bad access detected [ 16.379496] [ 16.379575] Memory state around the buggy address: [ 16.379820] ffff888103953c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.380243] ffff888103953c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.380609] >ffff888103953d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.380987] ^ [ 16.381477] ffff888103953d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.381804] ffff888103953e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.382176] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 16.180098] ================================================================== [ 16.180451] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 16.180824] Write of size 8 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 16.181265] [ 16.181387] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.181431] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.181444] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.181464] Call Trace: [ 16.181480] <TASK> [ 16.181497] dump_stack_lvl+0x73/0xb0 [ 16.181529] print_report+0xd1/0x650 [ 16.181552] ? __virt_addr_valid+0x1db/0x2d0 [ 16.181576] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.181599] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.181623] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.181646] kasan_report+0x141/0x180 [ 16.181670] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.181698] kasan_check_range+0x10c/0x1c0 [ 16.181724] __kasan_check_write+0x18/0x20 [ 16.181766] kasan_atomics_helper+0x20c8/0x5450 [ 16.181791] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.181815] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.181841] ? kasan_atomics+0x152/0x310 [ 16.181869] kasan_atomics+0x1dc/0x310 [ 16.181893] ? __pfx_kasan_atomics+0x10/0x10 [ 16.181928] ? __pfx_read_tsc+0x10/0x10 [ 16.181950] ? ktime_get_ts64+0x86/0x230 [ 16.181975] kunit_try_run_case+0x1a5/0x480 [ 16.182000] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.182025] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.182051] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.182077] ? __kthread_parkme+0x82/0x180 [ 16.182098] ? preempt_count_sub+0x50/0x80 [ 16.182123] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.182150] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.182175] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.182201] kthread+0x337/0x6f0 [ 16.182221] ? trace_preempt_on+0x20/0xc0 [ 16.182245] ? __pfx_kthread+0x10/0x10 [ 16.182266] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.182289] ? calculate_sigpending+0x7b/0xa0 [ 16.182314] ? __pfx_kthread+0x10/0x10 [ 16.182337] ret_from_fork+0x116/0x1d0 [ 16.182356] ? __pfx_kthread+0x10/0x10 [ 16.182378] ret_from_fork_asm+0x1a/0x30 [ 16.182411] </TASK> [ 16.182422] [ 16.189852] Allocated by task 282: [ 16.190026] kasan_save_stack+0x45/0x70 [ 16.190192] kasan_save_track+0x18/0x40 [ 16.190392] kasan_save_alloc_info+0x3b/0x50 [ 16.190588] __kasan_kmalloc+0xb7/0xc0 [ 16.190759] __kmalloc_cache_noprof+0x189/0x420 [ 16.190998] kasan_atomics+0x95/0x310 [ 16.191164] kunit_try_run_case+0x1a5/0x480 [ 16.191329] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.191505] kthread+0x337/0x6f0 [ 16.191626] ret_from_fork+0x116/0x1d0 [ 16.191784] ret_from_fork_asm+0x1a/0x30 [ 16.191933] [ 16.192003] The buggy address belongs to the object at ffff888102a1a680 [ 16.192003] which belongs to the cache kmalloc-64 of size 64 [ 16.192371] The buggy address is located 0 bytes to the right of [ 16.192371] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 16.192944] [ 16.193041] The buggy address belongs to the physical page: [ 16.193294] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 16.193648] flags: 0x200000000000000(node=0|zone=2) [ 16.193894] page_type: f5(slab) [ 16.194022] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.194254] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.194482] page dumped because: kasan: bad access detected [ 16.194659] [ 16.194727] Memory state around the buggy address: [ 16.194965] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.195293] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.195626] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.195983] ^ [ 16.196214] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.196542] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.196888] ================================================================== [ 15.699838] ================================================================== [ 15.700570] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 15.701272] Write of size 8 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 15.701934] [ 15.702153] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.702195] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.702207] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.702229] Call Trace: [ 15.702244] <TASK> [ 15.702261] dump_stack_lvl+0x73/0xb0 [ 15.702291] print_report+0xd1/0x650 [ 15.702313] ? __virt_addr_valid+0x1db/0x2d0 [ 15.702337] ? kasan_atomics_helper+0x1467/0x5450 [ 15.702359] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.702385] ? kasan_atomics_helper+0x1467/0x5450 [ 15.702408] kasan_report+0x141/0x180 [ 15.702431] ? kasan_atomics_helper+0x1467/0x5450 [ 15.702459] kasan_check_range+0x10c/0x1c0 [ 15.702483] __kasan_check_write+0x18/0x20 [ 15.702508] kasan_atomics_helper+0x1467/0x5450 [ 15.702532] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.702556] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.702582] ? kasan_atomics+0x152/0x310 [ 15.702610] kasan_atomics+0x1dc/0x310 [ 15.702633] ? __pfx_kasan_atomics+0x10/0x10 [ 15.702659] ? __pfx_read_tsc+0x10/0x10 [ 15.702680] ? ktime_get_ts64+0x86/0x230 [ 15.702705] kunit_try_run_case+0x1a5/0x480 [ 15.702731] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.702765] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.702790] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.702816] ? __kthread_parkme+0x82/0x180 [ 15.702838] ? preempt_count_sub+0x50/0x80 [ 15.702863] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.702889] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.702915] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.702954] kthread+0x337/0x6f0 [ 15.702973] ? trace_preempt_on+0x20/0xc0 [ 15.702998] ? __pfx_kthread+0x10/0x10 [ 15.703019] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.703042] ? calculate_sigpending+0x7b/0xa0 [ 15.703066] ? __pfx_kthread+0x10/0x10 [ 15.703089] ret_from_fork+0x116/0x1d0 [ 15.703109] ? __pfx_kthread+0x10/0x10 [ 15.703131] ret_from_fork_asm+0x1a/0x30 [ 15.703164] </TASK> [ 15.703175] [ 15.710567] Allocated by task 282: [ 15.710696] kasan_save_stack+0x45/0x70 [ 15.710906] kasan_save_track+0x18/0x40 [ 15.711109] kasan_save_alloc_info+0x3b/0x50 [ 15.711425] __kasan_kmalloc+0xb7/0xc0 [ 15.711611] __kmalloc_cache_noprof+0x189/0x420 [ 15.711893] kasan_atomics+0x95/0x310 [ 15.712041] kunit_try_run_case+0x1a5/0x480 [ 15.712190] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.712447] kthread+0x337/0x6f0 [ 15.712616] ret_from_fork+0x116/0x1d0 [ 15.712825] ret_from_fork_asm+0x1a/0x30 [ 15.713033] [ 15.713108] The buggy address belongs to the object at ffff888102a1a680 [ 15.713108] which belongs to the cache kmalloc-64 of size 64 [ 15.713575] The buggy address is located 0 bytes to the right of [ 15.713575] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 15.714099] [ 15.714186] The buggy address belongs to the physical page: [ 15.714408] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 15.714721] flags: 0x200000000000000(node=0|zone=2) [ 15.714912] page_type: f5(slab) [ 15.715083] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.715385] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.715610] page dumped because: kasan: bad access detected [ 15.715780] [ 15.715849] Memory state around the buggy address: [ 15.716011] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.716268] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.716873] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.717204] ^ [ 15.717428] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.717743] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.718066] ================================================================== [ 15.882286] ================================================================== [ 15.882634] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 15.882999] Write of size 8 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 15.883250] [ 15.883357] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.883399] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.883426] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.883447] Call Trace: [ 15.883462] <TASK> [ 15.883479] dump_stack_lvl+0x73/0xb0 [ 15.883507] print_report+0xd1/0x650 [ 15.883529] ? __virt_addr_valid+0x1db/0x2d0 [ 15.883552] ? kasan_atomics_helper+0x194a/0x5450 [ 15.883575] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.883599] ? kasan_atomics_helper+0x194a/0x5450 [ 15.883623] kasan_report+0x141/0x180 [ 15.883646] ? kasan_atomics_helper+0x194a/0x5450 [ 15.883674] kasan_check_range+0x10c/0x1c0 [ 15.883699] __kasan_check_write+0x18/0x20 [ 15.883719] kasan_atomics_helper+0x194a/0x5450 [ 15.883742] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.883778] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.883804] ? kasan_atomics+0x152/0x310 [ 15.883831] kasan_atomics+0x1dc/0x310 [ 15.883855] ? __pfx_kasan_atomics+0x10/0x10 [ 15.883880] ? __pfx_read_tsc+0x10/0x10 [ 15.883902] ? ktime_get_ts64+0x86/0x230 [ 15.883936] kunit_try_run_case+0x1a5/0x480 [ 15.883962] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.883985] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.884010] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.884035] ? __kthread_parkme+0x82/0x180 [ 15.884056] ? preempt_count_sub+0x50/0x80 [ 15.884081] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.884106] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.884131] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.884157] kthread+0x337/0x6f0 [ 15.884177] ? trace_preempt_on+0x20/0xc0 [ 15.884201] ? __pfx_kthread+0x10/0x10 [ 15.884222] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.884245] ? calculate_sigpending+0x7b/0xa0 [ 15.884270] ? __pfx_kthread+0x10/0x10 [ 15.884293] ret_from_fork+0x116/0x1d0 [ 15.884312] ? __pfx_kthread+0x10/0x10 [ 15.884333] ret_from_fork_asm+0x1a/0x30 [ 15.884366] </TASK> [ 15.884377] [ 15.892991] Allocated by task 282: [ 15.893192] kasan_save_stack+0x45/0x70 [ 15.893395] kasan_save_track+0x18/0x40 [ 15.893583] kasan_save_alloc_info+0x3b/0x50 [ 15.893848] __kasan_kmalloc+0xb7/0xc0 [ 15.894025] __kmalloc_cache_noprof+0x189/0x420 [ 15.894218] kasan_atomics+0x95/0x310 [ 15.894429] kunit_try_run_case+0x1a5/0x480 [ 15.894645] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.894899] kthread+0x337/0x6f0 [ 15.895074] ret_from_fork+0x116/0x1d0 [ 15.895262] ret_from_fork_asm+0x1a/0x30 [ 15.895473] [ 15.895542] The buggy address belongs to the object at ffff888102a1a680 [ 15.895542] which belongs to the cache kmalloc-64 of size 64 [ 15.896143] The buggy address is located 0 bytes to the right of [ 15.896143] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 15.896497] [ 15.896912] The buggy address belongs to the physical page: [ 15.897189] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 15.897525] flags: 0x200000000000000(node=0|zone=2) [ 15.897743] page_type: f5(slab) [ 15.898655] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.901682] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.901973] page dumped because: kasan: bad access detected [ 15.902145] [ 15.902281] Memory state around the buggy address: [ 15.902461] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.902681] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.903183] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.903901] ^ [ 15.904672] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.905023] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.905342] ================================================================== [ 15.948338] ================================================================== [ 15.949748] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 15.950284] Write of size 8 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 15.950999] [ 15.951171] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.951217] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.951230] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.951252] Call Trace: [ 15.951267] <TASK> [ 15.951283] dump_stack_lvl+0x73/0xb0 [ 15.951345] print_report+0xd1/0x650 [ 15.951368] ? __virt_addr_valid+0x1db/0x2d0 [ 15.951393] ? kasan_atomics_helper+0x1b22/0x5450 [ 15.951427] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.951452] ? kasan_atomics_helper+0x1b22/0x5450 [ 15.951475] kasan_report+0x141/0x180 [ 15.951499] ? kasan_atomics_helper+0x1b22/0x5450 [ 15.951527] kasan_check_range+0x10c/0x1c0 [ 15.951552] __kasan_check_write+0x18/0x20 [ 15.951572] kasan_atomics_helper+0x1b22/0x5450 [ 15.951596] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.951621] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.951648] ? kasan_atomics+0x152/0x310 [ 15.951675] kasan_atomics+0x1dc/0x310 [ 15.951699] ? __pfx_kasan_atomics+0x10/0x10 [ 15.951724] ? __pfx_read_tsc+0x10/0x10 [ 15.951745] ? ktime_get_ts64+0x86/0x230 [ 15.951780] kunit_try_run_case+0x1a5/0x480 [ 15.951806] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.951830] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.951856] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.951883] ? __kthread_parkme+0x82/0x180 [ 15.951906] ? preempt_count_sub+0x50/0x80 [ 15.951945] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.951970] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.951995] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.952022] kthread+0x337/0x6f0 [ 15.952041] ? trace_preempt_on+0x20/0xc0 [ 15.952066] ? __pfx_kthread+0x10/0x10 [ 15.952090] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.952112] ? calculate_sigpending+0x7b/0xa0 [ 15.952137] ? __pfx_kthread+0x10/0x10 [ 15.952160] ret_from_fork+0x116/0x1d0 [ 15.952179] ? __pfx_kthread+0x10/0x10 [ 15.952201] ret_from_fork_asm+0x1a/0x30 [ 15.952235] </TASK> [ 15.952246] [ 15.961128] Allocated by task 282: [ 15.961322] kasan_save_stack+0x45/0x70 [ 15.961530] kasan_save_track+0x18/0x40 [ 15.961720] kasan_save_alloc_info+0x3b/0x50 [ 15.961968] __kasan_kmalloc+0xb7/0xc0 [ 15.962194] __kmalloc_cache_noprof+0x189/0x420 [ 15.962349] kasan_atomics+0x95/0x310 [ 15.962481] kunit_try_run_case+0x1a5/0x480 [ 15.962687] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.963076] kthread+0x337/0x6f0 [ 15.963330] ret_from_fork+0x116/0x1d0 [ 15.963570] ret_from_fork_asm+0x1a/0x30 [ 15.963883] [ 15.963966] The buggy address belongs to the object at ffff888102a1a680 [ 15.963966] which belongs to the cache kmalloc-64 of size 64 [ 15.964489] The buggy address is located 0 bytes to the right of [ 15.964489] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 15.965019] [ 15.965116] The buggy address belongs to the physical page: [ 15.965370] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 15.965741] flags: 0x200000000000000(node=0|zone=2) [ 15.965999] page_type: f5(slab) [ 15.966166] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.966487] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.966913] page dumped because: kasan: bad access detected [ 15.967182] [ 15.967304] Memory state around the buggy address: [ 15.967532] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.967869] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.968254] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.968584] ^ [ 15.968799] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.969116] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.969547] ================================================================== [ 16.125467] ================================================================== [ 16.125808] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 16.126177] Read of size 8 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 16.126485] [ 16.126590] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.126634] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.126647] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.126669] Call Trace: [ 16.126686] <TASK> [ 16.126702] dump_stack_lvl+0x73/0xb0 [ 16.126733] print_report+0xd1/0x650 [ 16.126768] ? __virt_addr_valid+0x1db/0x2d0 [ 16.126793] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.126816] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.126841] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.126865] kasan_report+0x141/0x180 [ 16.126888] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.126917] __asan_report_load8_noabort+0x18/0x20 [ 16.126955] kasan_atomics_helper+0x4f71/0x5450 [ 16.126980] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.127007] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.127033] ? kasan_atomics+0x152/0x310 [ 16.127062] kasan_atomics+0x1dc/0x310 [ 16.127086] ? __pfx_kasan_atomics+0x10/0x10 [ 16.127112] ? __pfx_read_tsc+0x10/0x10 [ 16.127136] ? ktime_get_ts64+0x86/0x230 [ 16.127161] kunit_try_run_case+0x1a5/0x480 [ 16.127187] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.127212] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.127238] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.127264] ? __kthread_parkme+0x82/0x180 [ 16.127286] ? preempt_count_sub+0x50/0x80 [ 16.127311] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.127337] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.127363] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.127391] kthread+0x337/0x6f0 [ 16.127411] ? trace_preempt_on+0x20/0xc0 [ 16.127437] ? __pfx_kthread+0x10/0x10 [ 16.127459] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.127482] ? calculate_sigpending+0x7b/0xa0 [ 16.127507] ? __pfx_kthread+0x10/0x10 [ 16.127530] ret_from_fork+0x116/0x1d0 [ 16.127550] ? __pfx_kthread+0x10/0x10 [ 16.127572] ret_from_fork_asm+0x1a/0x30 [ 16.127608] </TASK> [ 16.127619] [ 16.134750] Allocated by task 282: [ 16.134965] kasan_save_stack+0x45/0x70 [ 16.135159] kasan_save_track+0x18/0x40 [ 16.135351] kasan_save_alloc_info+0x3b/0x50 [ 16.135560] __kasan_kmalloc+0xb7/0xc0 [ 16.135746] __kmalloc_cache_noprof+0x189/0x420 [ 16.135916] kasan_atomics+0x95/0x310 [ 16.136091] kunit_try_run_case+0x1a5/0x480 [ 16.136239] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.136417] kthread+0x337/0x6f0 [ 16.136538] ret_from_fork+0x116/0x1d0 [ 16.136680] ret_from_fork_asm+0x1a/0x30 [ 16.136901] [ 16.137005] The buggy address belongs to the object at ffff888102a1a680 [ 16.137005] which belongs to the cache kmalloc-64 of size 64 [ 16.137461] The buggy address is located 0 bytes to the right of [ 16.137461] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 16.138000] [ 16.138075] The buggy address belongs to the physical page: [ 16.138301] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 16.138624] flags: 0x200000000000000(node=0|zone=2) [ 16.138868] page_type: f5(slab) [ 16.139025] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.139341] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.139612] page dumped because: kasan: bad access detected [ 16.139882] [ 16.139983] Memory state around the buggy address: [ 16.140185] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.140460] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.140790] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.141052] ^ [ 16.141275] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.141514] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.141726] ================================================================== [ 15.194609] ================================================================== [ 15.195217] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 15.195479] Write of size 4 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 15.195850] [ 15.195949] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.195992] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.196005] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.196026] Call Trace: [ 15.196040] <TASK> [ 15.196055] dump_stack_lvl+0x73/0xb0 [ 15.196086] print_report+0xd1/0x650 [ 15.196109] ? __virt_addr_valid+0x1db/0x2d0 [ 15.196132] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.196206] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.196231] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.196254] kasan_report+0x141/0x180 [ 15.196421] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.196451] kasan_check_range+0x10c/0x1c0 [ 15.196476] __kasan_check_write+0x18/0x20 [ 15.196497] kasan_atomics_helper+0xa2b/0x5450 [ 15.196521] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.196546] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.196572] ? kasan_atomics+0x152/0x310 [ 15.196613] kasan_atomics+0x1dc/0x310 [ 15.196637] ? __pfx_kasan_atomics+0x10/0x10 [ 15.196675] ? __pfx_read_tsc+0x10/0x10 [ 15.196696] ? ktime_get_ts64+0x86/0x230 [ 15.196721] kunit_try_run_case+0x1a5/0x480 [ 15.196747] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.196791] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.196817] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.196853] ? __kthread_parkme+0x82/0x180 [ 15.196875] ? preempt_count_sub+0x50/0x80 [ 15.196902] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.196941] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.196969] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.196995] kthread+0x337/0x6f0 [ 15.197073] ? trace_preempt_on+0x20/0xc0 [ 15.197102] ? __pfx_kthread+0x10/0x10 [ 15.197124] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.197147] ? calculate_sigpending+0x7b/0xa0 [ 15.197182] ? __pfx_kthread+0x10/0x10 [ 15.197205] ret_from_fork+0x116/0x1d0 [ 15.197225] ? __pfx_kthread+0x10/0x10 [ 15.197258] ret_from_fork_asm+0x1a/0x30 [ 15.197291] </TASK> [ 15.197302] [ 15.205973] Allocated by task 282: [ 15.206115] kasan_save_stack+0x45/0x70 [ 15.206261] kasan_save_track+0x18/0x40 [ 15.206395] kasan_save_alloc_info+0x3b/0x50 [ 15.206802] __kasan_kmalloc+0xb7/0xc0 [ 15.207064] __kmalloc_cache_noprof+0x189/0x420 [ 15.207312] kasan_atomics+0x95/0x310 [ 15.207541] kunit_try_run_case+0x1a5/0x480 [ 15.207802] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.208171] kthread+0x337/0x6f0 [ 15.208438] ret_from_fork+0x116/0x1d0 [ 15.208610] ret_from_fork_asm+0x1a/0x30 [ 15.208857] [ 15.209000] The buggy address belongs to the object at ffff888102a1a680 [ 15.209000] which belongs to the cache kmalloc-64 of size 64 [ 15.209610] The buggy address is located 0 bytes to the right of [ 15.209610] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 15.210258] [ 15.210451] The buggy address belongs to the physical page: [ 15.210728] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 15.211098] flags: 0x200000000000000(node=0|zone=2) [ 15.211396] page_type: f5(slab) [ 15.211569] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.211828] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.212322] page dumped because: kasan: bad access detected [ 15.212502] [ 15.212573] Memory state around the buggy address: [ 15.212727] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.212994] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.213329] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.214024] ^ [ 15.214337] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.214630] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.215081] ================================================================== [ 15.215554] ================================================================== [ 15.215912] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 15.216343] Write of size 4 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 15.216885] [ 15.216989] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.217032] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.217044] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.217064] Call Trace: [ 15.217081] <TASK> [ 15.217097] dump_stack_lvl+0x73/0xb0 [ 15.217125] print_report+0xd1/0x650 [ 15.217148] ? __virt_addr_valid+0x1db/0x2d0 [ 15.217171] ? kasan_atomics_helper+0xac7/0x5450 [ 15.217193] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.217259] ? kasan_atomics_helper+0xac7/0x5450 [ 15.217282] kasan_report+0x141/0x180 [ 15.217317] ? kasan_atomics_helper+0xac7/0x5450 [ 15.217344] kasan_check_range+0x10c/0x1c0 [ 15.217369] __kasan_check_write+0x18/0x20 [ 15.217390] kasan_atomics_helper+0xac7/0x5450 [ 15.217414] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.217439] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.217465] ? kasan_atomics+0x152/0x310 [ 15.217492] kasan_atomics+0x1dc/0x310 [ 15.217516] ? __pfx_kasan_atomics+0x10/0x10 [ 15.217542] ? __pfx_read_tsc+0x10/0x10 [ 15.217678] ? ktime_get_ts64+0x86/0x230 [ 15.217708] kunit_try_run_case+0x1a5/0x480 [ 15.217828] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.217858] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.217884] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.217909] ? __kthread_parkme+0x82/0x180 [ 15.217942] ? preempt_count_sub+0x50/0x80 [ 15.217967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.217992] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.218019] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.218045] kthread+0x337/0x6f0 [ 15.218125] ? trace_preempt_on+0x20/0xc0 [ 15.218153] ? __pfx_kthread+0x10/0x10 [ 15.218175] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.218199] ? calculate_sigpending+0x7b/0xa0 [ 15.218224] ? __pfx_kthread+0x10/0x10 [ 15.218247] ret_from_fork+0x116/0x1d0 [ 15.218267] ? __pfx_kthread+0x10/0x10 [ 15.218288] ret_from_fork_asm+0x1a/0x30 [ 15.218322] </TASK> [ 15.218333] [ 15.232780] Allocated by task 282: [ 15.233168] kasan_save_stack+0x45/0x70 [ 15.233767] kasan_save_track+0x18/0x40 [ 15.234266] kasan_save_alloc_info+0x3b/0x50 [ 15.234706] __kasan_kmalloc+0xb7/0xc0 [ 15.235169] __kmalloc_cache_noprof+0x189/0x420 [ 15.235626] kasan_atomics+0x95/0x310 [ 15.236108] kunit_try_run_case+0x1a5/0x480 [ 15.236281] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.236459] kthread+0x337/0x6f0 [ 15.236580] ret_from_fork+0x116/0x1d0 [ 15.236713] ret_from_fork_asm+0x1a/0x30 [ 15.236951] [ 15.237025] The buggy address belongs to the object at ffff888102a1a680 [ 15.237025] which belongs to the cache kmalloc-64 of size 64 [ 15.237568] The buggy address is located 0 bytes to the right of [ 15.237568] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 15.238257] [ 15.238379] The buggy address belongs to the physical page: [ 15.238814] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 15.239338] flags: 0x200000000000000(node=0|zone=2) [ 15.239594] page_type: f5(slab) [ 15.239744] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.240209] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.240540] page dumped because: kasan: bad access detected [ 15.240848] [ 15.240979] Memory state around the buggy address: [ 15.241271] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.241543] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.241965] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.242344] ^ [ 15.242556] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.243138] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.243427] ================================================================== [ 15.498352] ================================================================== [ 15.498595] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 15.498882] Write of size 4 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 15.499228] [ 15.499377] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.499448] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.499474] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.499507] Call Trace: [ 15.499521] <TASK> [ 15.499549] dump_stack_lvl+0x73/0xb0 [ 15.499592] print_report+0xd1/0x650 [ 15.499628] ? __virt_addr_valid+0x1db/0x2d0 [ 15.499651] ? kasan_atomics_helper+0x1148/0x5450 [ 15.499672] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.499695] ? kasan_atomics_helper+0x1148/0x5450 [ 15.499716] kasan_report+0x141/0x180 [ 15.499738] ? kasan_atomics_helper+0x1148/0x5450 [ 15.499780] kasan_check_range+0x10c/0x1c0 [ 15.499805] __kasan_check_write+0x18/0x20 [ 15.499825] kasan_atomics_helper+0x1148/0x5450 [ 15.499849] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.499873] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.499900] ? kasan_atomics+0x152/0x310 [ 15.499939] kasan_atomics+0x1dc/0x310 [ 15.499963] ? __pfx_kasan_atomics+0x10/0x10 [ 15.499988] ? __pfx_read_tsc+0x10/0x10 [ 15.500010] ? ktime_get_ts64+0x86/0x230 [ 15.500056] kunit_try_run_case+0x1a5/0x480 [ 15.500082] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.500106] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.500132] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.500157] ? __kthread_parkme+0x82/0x180 [ 15.500178] ? preempt_count_sub+0x50/0x80 [ 15.500204] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.500229] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.500254] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.500280] kthread+0x337/0x6f0 [ 15.500300] ? trace_preempt_on+0x20/0xc0 [ 15.500324] ? __pfx_kthread+0x10/0x10 [ 15.500346] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.500369] ? calculate_sigpending+0x7b/0xa0 [ 15.500394] ? __pfx_kthread+0x10/0x10 [ 15.500417] ret_from_fork+0x116/0x1d0 [ 15.500436] ? __pfx_kthread+0x10/0x10 [ 15.500457] ret_from_fork_asm+0x1a/0x30 [ 15.500490] </TASK> [ 15.500502] [ 15.508717] Allocated by task 282: [ 15.508910] kasan_save_stack+0x45/0x70 [ 15.509064] kasan_save_track+0x18/0x40 [ 15.509276] kasan_save_alloc_info+0x3b/0x50 [ 15.509504] __kasan_kmalloc+0xb7/0xc0 [ 15.509715] __kmalloc_cache_noprof+0x189/0x420 [ 15.509883] kasan_atomics+0x95/0x310 [ 15.510107] kunit_try_run_case+0x1a5/0x480 [ 15.510335] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.510543] kthread+0x337/0x6f0 [ 15.510727] ret_from_fork+0x116/0x1d0 [ 15.510936] ret_from_fork_asm+0x1a/0x30 [ 15.511125] [ 15.511206] The buggy address belongs to the object at ffff888102a1a680 [ 15.511206] which belongs to the cache kmalloc-64 of size 64 [ 15.511678] The buggy address is located 0 bytes to the right of [ 15.511678] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 15.512198] [ 15.512315] The buggy address belongs to the physical page: [ 15.512579] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 15.513000] flags: 0x200000000000000(node=0|zone=2) [ 15.513237] page_type: f5(slab) [ 15.513353] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.513692] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.514040] page dumped because: kasan: bad access detected [ 15.514208] [ 15.514276] Memory state around the buggy address: [ 15.514425] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.514636] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.515012] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.515320] ^ [ 15.515536] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.515842] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.516341] ================================================================== [ 15.923939] ================================================================== [ 15.924275] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 15.924596] Write of size 8 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 15.924882] [ 15.924977] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.925019] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.925033] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.925053] Call Trace: [ 15.925069] <TASK> [ 15.925084] dump_stack_lvl+0x73/0xb0 [ 15.925114] print_report+0xd1/0x650 [ 15.925137] ? __virt_addr_valid+0x1db/0x2d0 [ 15.925161] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.925183] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.925208] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.925231] kasan_report+0x141/0x180 [ 15.925254] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.925282] kasan_check_range+0x10c/0x1c0 [ 15.925308] __kasan_check_write+0x18/0x20 [ 15.925329] kasan_atomics_helper+0x1a7f/0x5450 [ 15.925353] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.925377] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.925402] ? kasan_atomics+0x152/0x310 [ 15.925430] kasan_atomics+0x1dc/0x310 [ 15.925453] ? __pfx_kasan_atomics+0x10/0x10 [ 15.925480] ? __pfx_read_tsc+0x10/0x10 [ 15.925502] ? ktime_get_ts64+0x86/0x230 [ 15.925527] kunit_try_run_case+0x1a5/0x480 [ 15.925553] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.925577] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.925603] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.925630] ? __kthread_parkme+0x82/0x180 [ 15.925651] ? preempt_count_sub+0x50/0x80 [ 15.925676] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.925702] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.925728] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.925777] kthread+0x337/0x6f0 [ 15.925796] ? trace_preempt_on+0x20/0xc0 [ 15.925820] ? __pfx_kthread+0x10/0x10 [ 15.925842] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.925864] ? calculate_sigpending+0x7b/0xa0 [ 15.925889] ? __pfx_kthread+0x10/0x10 [ 15.925913] ret_from_fork+0x116/0x1d0 [ 15.925941] ? __pfx_kthread+0x10/0x10 [ 15.925962] ret_from_fork_asm+0x1a/0x30 [ 15.925995] </TASK> [ 15.926006] [ 15.934975] Allocated by task 282: [ 15.935137] kasan_save_stack+0x45/0x70 [ 15.935290] kasan_save_track+0x18/0x40 [ 15.935566] kasan_save_alloc_info+0x3b/0x50 [ 15.935716] __kasan_kmalloc+0xb7/0xc0 [ 15.935874] __kmalloc_cache_noprof+0x189/0x420 [ 15.936414] kasan_atomics+0x95/0x310 [ 15.936790] kunit_try_run_case+0x1a5/0x480 [ 15.937311] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.937852] kthread+0x337/0x6f0 [ 15.938114] ret_from_fork+0x116/0x1d0 [ 15.938487] ret_from_fork_asm+0x1a/0x30 [ 15.938655] [ 15.938728] The buggy address belongs to the object at ffff888102a1a680 [ 15.938728] which belongs to the cache kmalloc-64 of size 64 [ 15.939831] The buggy address is located 0 bytes to the right of [ 15.939831] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 15.940345] [ 15.940420] The buggy address belongs to the physical page: [ 15.940593] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 15.941071] flags: 0x200000000000000(node=0|zone=2) [ 15.941551] page_type: f5(slab) [ 15.941869] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.942723] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.943428] page dumped because: kasan: bad access detected [ 15.944005] [ 15.944166] Memory state around the buggy address: [ 15.944609] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.945171] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.945474] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.945687] ^ [ 15.945880] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.946558] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.947200] ================================================================== [ 15.430371] ================================================================== [ 15.430690] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 15.431293] Read of size 4 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 15.431866] [ 15.432117] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.432165] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.432178] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.432199] Call Trace: [ 15.432215] <TASK> [ 15.432233] dump_stack_lvl+0x73/0xb0 [ 15.432263] print_report+0xd1/0x650 [ 15.432287] ? __virt_addr_valid+0x1db/0x2d0 [ 15.432312] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.432334] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.432359] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.432382] kasan_report+0x141/0x180 [ 15.432405] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.432434] __asan_report_load4_noabort+0x18/0x20 [ 15.432459] kasan_atomics_helper+0x4a36/0x5450 [ 15.432483] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.432507] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.432533] ? kasan_atomics+0x152/0x310 [ 15.432561] kasan_atomics+0x1dc/0x310 [ 15.432585] ? __pfx_kasan_atomics+0x10/0x10 [ 15.432611] ? __pfx_read_tsc+0x10/0x10 [ 15.432632] ? ktime_get_ts64+0x86/0x230 [ 15.432657] kunit_try_run_case+0x1a5/0x480 [ 15.432682] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.432706] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.432730] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.432878] ? __kthread_parkme+0x82/0x180 [ 15.432902] ? preempt_count_sub+0x50/0x80 [ 15.432948] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.432974] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.433000] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.433026] kthread+0x337/0x6f0 [ 15.433046] ? trace_preempt_on+0x20/0xc0 [ 15.433070] ? __pfx_kthread+0x10/0x10 [ 15.433092] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.433115] ? calculate_sigpending+0x7b/0xa0 [ 15.433141] ? __pfx_kthread+0x10/0x10 [ 15.433163] ret_from_fork+0x116/0x1d0 [ 15.433183] ? __pfx_kthread+0x10/0x10 [ 15.433204] ret_from_fork_asm+0x1a/0x30 [ 15.433237] </TASK> [ 15.433249] [ 15.442829] Allocated by task 282: [ 15.443052] kasan_save_stack+0x45/0x70 [ 15.443292] kasan_save_track+0x18/0x40 [ 15.443431] kasan_save_alloc_info+0x3b/0x50 [ 15.443579] __kasan_kmalloc+0xb7/0xc0 [ 15.443708] __kmalloc_cache_noprof+0x189/0x420 [ 15.444202] kasan_atomics+0x95/0x310 [ 15.444626] kunit_try_run_case+0x1a5/0x480 [ 15.445093] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.445585] kthread+0x337/0x6f0 [ 15.445938] ret_from_fork+0x116/0x1d0 [ 15.446312] ret_from_fork_asm+0x1a/0x30 [ 15.446586] [ 15.446795] The buggy address belongs to the object at ffff888102a1a680 [ 15.446795] which belongs to the cache kmalloc-64 of size 64 [ 15.447284] The buggy address is located 0 bytes to the right of [ 15.447284] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 15.447660] [ 15.447756] The buggy address belongs to the physical page: [ 15.448351] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 15.449068] flags: 0x200000000000000(node=0|zone=2) [ 15.449529] page_type: f5(slab) [ 15.449874] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.450547] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.451245] page dumped because: kasan: bad access detected [ 15.451461] [ 15.451677] Memory state around the buggy address: [ 15.452153] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.452545] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.453012] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.453228] ^ [ 15.453381] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.453597] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.454085] ================================================================== [ 16.103675] ================================================================== [ 16.104232] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 16.104673] Write of size 8 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 16.105443] [ 16.105553] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.105599] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.105612] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.105634] Call Trace: [ 16.105650] <TASK> [ 16.105667] dump_stack_lvl+0x73/0xb0 [ 16.105701] print_report+0xd1/0x650 [ 16.105725] ? __virt_addr_valid+0x1db/0x2d0 [ 16.105751] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.105992] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.106017] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.106041] kasan_report+0x141/0x180 [ 16.106064] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.106093] kasan_check_range+0x10c/0x1c0 [ 16.106118] __kasan_check_write+0x18/0x20 [ 16.106139] kasan_atomics_helper+0x1f43/0x5450 [ 16.106164] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.106188] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.106214] ? kasan_atomics+0x152/0x310 [ 16.106245] kasan_atomics+0x1dc/0x310 [ 16.106268] ? __pfx_kasan_atomics+0x10/0x10 [ 16.106295] ? __pfx_read_tsc+0x10/0x10 [ 16.106317] ? ktime_get_ts64+0x86/0x230 [ 16.106343] kunit_try_run_case+0x1a5/0x480 [ 16.106371] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.106396] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.106421] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.106447] ? __kthread_parkme+0x82/0x180 [ 16.106469] ? preempt_count_sub+0x50/0x80 [ 16.106496] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.106531] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.106557] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.106583] kthread+0x337/0x6f0 [ 16.106604] ? trace_preempt_on+0x20/0xc0 [ 16.106628] ? __pfx_kthread+0x10/0x10 [ 16.106651] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.106673] ? calculate_sigpending+0x7b/0xa0 [ 16.106698] ? __pfx_kthread+0x10/0x10 [ 16.106721] ret_from_fork+0x116/0x1d0 [ 16.106740] ? __pfx_kthread+0x10/0x10 [ 16.106824] ret_from_fork_asm+0x1a/0x30 [ 16.106858] </TASK> [ 16.106869] [ 16.117153] Allocated by task 282: [ 16.117347] kasan_save_stack+0x45/0x70 [ 16.117518] kasan_save_track+0x18/0x40 [ 16.117707] kasan_save_alloc_info+0x3b/0x50 [ 16.117859] __kasan_kmalloc+0xb7/0xc0 [ 16.118008] __kmalloc_cache_noprof+0x189/0x420 [ 16.118232] kasan_atomics+0x95/0x310 [ 16.118439] kunit_try_run_case+0x1a5/0x480 [ 16.118747] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.119057] kthread+0x337/0x6f0 [ 16.119187] ret_from_fork+0x116/0x1d0 [ 16.119320] ret_from_fork_asm+0x1a/0x30 [ 16.119460] [ 16.119549] The buggy address belongs to the object at ffff888102a1a680 [ 16.119549] which belongs to the cache kmalloc-64 of size 64 [ 16.120415] The buggy address is located 0 bytes to the right of [ 16.120415] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 16.120929] [ 16.121009] The buggy address belongs to the physical page: [ 16.121221] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 16.121541] flags: 0x200000000000000(node=0|zone=2) [ 16.121784] page_type: f5(slab) [ 16.121980] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.122241] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.122519] page dumped because: kasan: bad access detected [ 16.122764] [ 16.122844] Memory state around the buggy address: [ 16.123136] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.123366] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.123675] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.124123] ^ [ 16.124316] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.124566] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.124966] ================================================================== [ 15.618225] ================================================================== [ 15.618526] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 15.618856] Read of size 4 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 15.619207] [ 15.619316] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.619358] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.619370] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.619391] Call Trace: [ 15.619407] <TASK> [ 15.619423] dump_stack_lvl+0x73/0xb0 [ 15.619452] print_report+0xd1/0x650 [ 15.619475] ? __virt_addr_valid+0x1db/0x2d0 [ 15.619498] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.619521] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.619545] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.619568] kasan_report+0x141/0x180 [ 15.619592] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.619643] __asan_report_load4_noabort+0x18/0x20 [ 15.619670] kasan_atomics_helper+0x49ce/0x5450 [ 15.619695] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.619735] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.619771] ? kasan_atomics+0x152/0x310 [ 15.619800] kasan_atomics+0x1dc/0x310 [ 15.619823] ? __pfx_kasan_atomics+0x10/0x10 [ 15.619850] ? __pfx_read_tsc+0x10/0x10 [ 15.619871] ? ktime_get_ts64+0x86/0x230 [ 15.619897] kunit_try_run_case+0x1a5/0x480 [ 15.619933] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.619976] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.620001] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.620026] ? __kthread_parkme+0x82/0x180 [ 15.620048] ? preempt_count_sub+0x50/0x80 [ 15.620073] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.620098] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.620125] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.620151] kthread+0x337/0x6f0 [ 15.620170] ? trace_preempt_on+0x20/0xc0 [ 15.620211] ? __pfx_kthread+0x10/0x10 [ 15.620233] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.620255] ? calculate_sigpending+0x7b/0xa0 [ 15.620280] ? __pfx_kthread+0x10/0x10 [ 15.620303] ret_from_fork+0x116/0x1d0 [ 15.620322] ? __pfx_kthread+0x10/0x10 [ 15.620343] ret_from_fork_asm+0x1a/0x30 [ 15.620392] </TASK> [ 15.620403] [ 15.628002] Allocated by task 282: [ 15.628200] kasan_save_stack+0x45/0x70 [ 15.628423] kasan_save_track+0x18/0x40 [ 15.628637] kasan_save_alloc_info+0x3b/0x50 [ 15.628886] __kasan_kmalloc+0xb7/0xc0 [ 15.629104] __kmalloc_cache_noprof+0x189/0x420 [ 15.629258] kasan_atomics+0x95/0x310 [ 15.629442] kunit_try_run_case+0x1a5/0x480 [ 15.629645] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.630049] kthread+0x337/0x6f0 [ 15.630261] ret_from_fork+0x116/0x1d0 [ 15.630780] ret_from_fork_asm+0x1a/0x30 [ 15.630968] [ 15.631096] The buggy address belongs to the object at ffff888102a1a680 [ 15.631096] which belongs to the cache kmalloc-64 of size 64 [ 15.631565] The buggy address is located 0 bytes to the right of [ 15.631565] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 15.632207] [ 15.632364] The buggy address belongs to the physical page: [ 15.633078] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 15.634327] flags: 0x200000000000000(node=0|zone=2) [ 15.634725] page_type: f5(slab) [ 15.634854] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.635198] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.635685] page dumped because: kasan: bad access detected [ 15.636156] [ 15.636271] Memory state around the buggy address: [ 15.636425] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.636636] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.636844] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.637069] ^ [ 15.637224] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.637434] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.637679] ================================================================== [ 16.214202] ================================================================== [ 16.214782] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 16.215219] Write of size 8 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 16.215505] [ 16.215590] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.215632] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.215644] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.215664] Call Trace: [ 16.215679] <TASK> [ 16.215695] dump_stack_lvl+0x73/0xb0 [ 16.215722] print_report+0xd1/0x650 [ 16.215767] ? __virt_addr_valid+0x1db/0x2d0 [ 16.215791] ? kasan_atomics_helper+0x218a/0x5450 [ 16.215813] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.215837] ? kasan_atomics_helper+0x218a/0x5450 [ 16.215861] kasan_report+0x141/0x180 [ 16.215883] ? kasan_atomics_helper+0x218a/0x5450 [ 16.215912] kasan_check_range+0x10c/0x1c0 [ 16.215946] __kasan_check_write+0x18/0x20 [ 16.215966] kasan_atomics_helper+0x218a/0x5450 [ 16.215991] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.216015] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.216041] ? kasan_atomics+0x152/0x310 [ 16.216069] kasan_atomics+0x1dc/0x310 [ 16.216093] ? __pfx_kasan_atomics+0x10/0x10 [ 16.216118] ? __pfx_read_tsc+0x10/0x10 [ 16.216139] ? ktime_get_ts64+0x86/0x230 [ 16.216164] kunit_try_run_case+0x1a5/0x480 [ 16.216189] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.216213] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.216238] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.216263] ? __kthread_parkme+0x82/0x180 [ 16.216284] ? preempt_count_sub+0x50/0x80 [ 16.216309] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.216336] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.216362] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.216389] kthread+0x337/0x6f0 [ 16.216408] ? trace_preempt_on+0x20/0xc0 [ 16.216432] ? __pfx_kthread+0x10/0x10 [ 16.216454] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.216477] ? calculate_sigpending+0x7b/0xa0 [ 16.216502] ? __pfx_kthread+0x10/0x10 [ 16.216524] ret_from_fork+0x116/0x1d0 [ 16.216543] ? __pfx_kthread+0x10/0x10 [ 16.216565] ret_from_fork_asm+0x1a/0x30 [ 16.216598] </TASK> [ 16.216609] [ 16.224019] Allocated by task 282: [ 16.224144] kasan_save_stack+0x45/0x70 [ 16.224286] kasan_save_track+0x18/0x40 [ 16.224465] kasan_save_alloc_info+0x3b/0x50 [ 16.224682] __kasan_kmalloc+0xb7/0xc0 [ 16.224897] __kmalloc_cache_noprof+0x189/0x420 [ 16.225137] kasan_atomics+0x95/0x310 [ 16.225326] kunit_try_run_case+0x1a5/0x480 [ 16.225536] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.225812] kthread+0x337/0x6f0 [ 16.225951] ret_from_fork+0x116/0x1d0 [ 16.226085] ret_from_fork_asm+0x1a/0x30 [ 16.226290] [ 16.226387] The buggy address belongs to the object at ffff888102a1a680 [ 16.226387] which belongs to the cache kmalloc-64 of size 64 [ 16.226897] The buggy address is located 0 bytes to the right of [ 16.226897] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 16.227389] [ 16.227463] The buggy address belongs to the physical page: [ 16.227704] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 16.228042] flags: 0x200000000000000(node=0|zone=2) [ 16.228243] page_type: f5(slab) [ 16.228361] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.228592] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.228843] page dumped because: kasan: bad access detected [ 16.230234] [ 16.230776] Memory state around the buggy address: [ 16.231416] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.232460] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.233362] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.234492] ^ [ 16.234912] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.235639] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.236542] ================================================================== [ 15.592895] ================================================================== [ 15.593548] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 15.594138] Write of size 4 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 15.594522] [ 15.594630] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.594673] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.594686] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.594708] Call Trace: [ 15.594726] <TASK> [ 15.594742] dump_stack_lvl+0x73/0xb0 [ 15.594773] print_report+0xd1/0x650 [ 15.594797] ? __virt_addr_valid+0x1db/0x2d0 [ 15.594821] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.594845] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.594870] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.594895] kasan_report+0x141/0x180 [ 15.594930] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.594960] kasan_check_range+0x10c/0x1c0 [ 15.594984] __kasan_check_write+0x18/0x20 [ 15.595004] kasan_atomics_helper+0x12e6/0x5450 [ 15.595028] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.595051] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.595078] ? kasan_atomics+0x152/0x310 [ 15.595404] kasan_atomics+0x1dc/0x310 [ 15.595432] ? __pfx_kasan_atomics+0x10/0x10 [ 15.595460] ? __pfx_read_tsc+0x10/0x10 [ 15.595481] ? ktime_get_ts64+0x86/0x230 [ 15.595506] kunit_try_run_case+0x1a5/0x480 [ 15.595532] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.595555] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.595581] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.595606] ? __kthread_parkme+0x82/0x180 [ 15.595628] ? preempt_count_sub+0x50/0x80 [ 15.595653] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.595680] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.595706] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.595733] kthread+0x337/0x6f0 [ 15.595762] ? trace_preempt_on+0x20/0xc0 [ 15.595787] ? __pfx_kthread+0x10/0x10 [ 15.595808] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.595830] ? calculate_sigpending+0x7b/0xa0 [ 15.595856] ? __pfx_kthread+0x10/0x10 [ 15.595878] ret_from_fork+0x116/0x1d0 [ 15.595898] ? __pfx_kthread+0x10/0x10 [ 15.595934] ret_from_fork_asm+0x1a/0x30 [ 15.595967] </TASK> [ 15.595977] [ 15.607396] Allocated by task 282: [ 15.607658] kasan_save_stack+0x45/0x70 [ 15.608002] kasan_save_track+0x18/0x40 [ 15.608283] kasan_save_alloc_info+0x3b/0x50 [ 15.608571] __kasan_kmalloc+0xb7/0xc0 [ 15.608887] __kmalloc_cache_noprof+0x189/0x420 [ 15.609226] kasan_atomics+0x95/0x310 [ 15.609441] kunit_try_run_case+0x1a5/0x480 [ 15.609641] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.609943] kthread+0x337/0x6f0 [ 15.610380] ret_from_fork+0x116/0x1d0 [ 15.610641] ret_from_fork_asm+0x1a/0x30 [ 15.610937] [ 15.611035] The buggy address belongs to the object at ffff888102a1a680 [ 15.611035] which belongs to the cache kmalloc-64 of size 64 [ 15.611884] The buggy address is located 0 bytes to the right of [ 15.611884] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 15.612573] [ 15.612775] The buggy address belongs to the physical page: [ 15.613245] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 15.613679] flags: 0x200000000000000(node=0|zone=2) [ 15.614000] page_type: f5(slab) [ 15.614198] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.614525] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.615108] page dumped because: kasan: bad access detected [ 15.615353] [ 15.615433] Memory state around the buggy address: [ 15.615749] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.616108] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.616406] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.616684] ^ [ 15.616962] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.617248] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.617560] ================================================================== [ 14.972136] ================================================================== [ 14.972396] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 14.972735] Write of size 4 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 14.973021] [ 14.973102] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.973142] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.973154] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.973175] Call Trace: [ 14.973188] <TASK> [ 14.973202] dump_stack_lvl+0x73/0xb0 [ 14.973229] print_report+0xd1/0x650 [ 14.973252] ? __virt_addr_valid+0x1db/0x2d0 [ 14.973274] ? kasan_atomics_helper+0x4b3a/0x5450 [ 14.973296] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.973319] ? kasan_atomics_helper+0x4b3a/0x5450 [ 14.973341] kasan_report+0x141/0x180 [ 14.973363] ? kasan_atomics_helper+0x4b3a/0x5450 [ 14.973391] __asan_report_store4_noabort+0x1b/0x30 [ 14.973416] kasan_atomics_helper+0x4b3a/0x5450 [ 14.973440] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.973462] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.973486] ? kasan_atomics+0x152/0x310 [ 14.973513] kasan_atomics+0x1dc/0x310 [ 14.973535] ? __pfx_kasan_atomics+0x10/0x10 [ 14.973560] ? __pfx_read_tsc+0x10/0x10 [ 14.973581] ? ktime_get_ts64+0x86/0x230 [ 14.973605] kunit_try_run_case+0x1a5/0x480 [ 14.973775] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.973806] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.973832] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.973857] ? __kthread_parkme+0x82/0x180 [ 14.973878] ? preempt_count_sub+0x50/0x80 [ 14.973903] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.973944] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.973971] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.973997] kthread+0x337/0x6f0 [ 14.974063] ? trace_preempt_on+0x20/0xc0 [ 14.974090] ? __pfx_kthread+0x10/0x10 [ 14.974112] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.974135] ? calculate_sigpending+0x7b/0xa0 [ 14.974159] ? __pfx_kthread+0x10/0x10 [ 14.974182] ret_from_fork+0x116/0x1d0 [ 14.974202] ? __pfx_kthread+0x10/0x10 [ 14.974223] ret_from_fork_asm+0x1a/0x30 [ 14.974256] </TASK> [ 14.974267] [ 14.981735] Allocated by task 282: [ 14.982060] kasan_save_stack+0x45/0x70 [ 14.982209] kasan_save_track+0x18/0x40 [ 14.982348] kasan_save_alloc_info+0x3b/0x50 [ 14.982506] __kasan_kmalloc+0xb7/0xc0 [ 14.982755] __kmalloc_cache_noprof+0x189/0x420 [ 14.983054] kasan_atomics+0x95/0x310 [ 14.983249] kunit_try_run_case+0x1a5/0x480 [ 14.983633] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.983808] kthread+0x337/0x6f0 [ 14.983937] ret_from_fork+0x116/0x1d0 [ 14.984070] ret_from_fork_asm+0x1a/0x30 [ 14.984393] [ 14.984495] The buggy address belongs to the object at ffff888102a1a680 [ 14.984495] which belongs to the cache kmalloc-64 of size 64 [ 14.985264] The buggy address is located 0 bytes to the right of [ 14.985264] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 14.986023] [ 14.986194] The buggy address belongs to the physical page: [ 14.986425] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 14.986756] flags: 0x200000000000000(node=0|zone=2) [ 14.987060] page_type: f5(slab) [ 14.987228] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.987528] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.987819] page dumped because: kasan: bad access detected [ 14.988076] [ 14.988225] Memory state around the buggy address: [ 14.988421] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.988718] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.989080] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.989533] ^ [ 14.989697] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.990018] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.990406] ================================================================== [ 15.516755] ================================================================== [ 15.517123] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 15.517583] Read of size 4 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 15.517871] [ 15.517965] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.518008] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.518020] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.518041] Call Trace: [ 15.518056] <TASK> [ 15.518072] dump_stack_lvl+0x73/0xb0 [ 15.518100] print_report+0xd1/0x650 [ 15.518122] ? __virt_addr_valid+0x1db/0x2d0 [ 15.518146] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.518168] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.518193] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.518216] kasan_report+0x141/0x180 [ 15.518238] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.518267] __asan_report_load4_noabort+0x18/0x20 [ 15.518292] kasan_atomics_helper+0x4a02/0x5450 [ 15.518317] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.518340] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.518366] ? kasan_atomics+0x152/0x310 [ 15.518394] kasan_atomics+0x1dc/0x310 [ 15.518417] ? __pfx_kasan_atomics+0x10/0x10 [ 15.518443] ? __pfx_read_tsc+0x10/0x10 [ 15.518464] ? ktime_get_ts64+0x86/0x230 [ 15.518489] kunit_try_run_case+0x1a5/0x480 [ 15.518519] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.518543] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.518568] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.518593] ? __kthread_parkme+0x82/0x180 [ 15.518614] ? preempt_count_sub+0x50/0x80 [ 15.518641] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.518666] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.518691] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.518718] kthread+0x337/0x6f0 [ 15.518737] ? trace_preempt_on+0x20/0xc0 [ 15.518771] ? __pfx_kthread+0x10/0x10 [ 15.518816] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.518839] ? calculate_sigpending+0x7b/0xa0 [ 15.518865] ? __pfx_kthread+0x10/0x10 [ 15.518907] ret_from_fork+0x116/0x1d0 [ 15.518936] ? __pfx_kthread+0x10/0x10 [ 15.518958] ret_from_fork_asm+0x1a/0x30 [ 15.518992] </TASK> [ 15.519002] [ 15.527431] Allocated by task 282: [ 15.527556] kasan_save_stack+0x45/0x70 [ 15.527694] kasan_save_track+0x18/0x40 [ 15.527877] kasan_save_alloc_info+0x3b/0x50 [ 15.528319] __kasan_kmalloc+0xb7/0xc0 [ 15.528538] __kmalloc_cache_noprof+0x189/0x420 [ 15.528801] kasan_atomics+0x95/0x310 [ 15.529000] kunit_try_run_case+0x1a5/0x480 [ 15.529204] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.529458] kthread+0x337/0x6f0 [ 15.529670] ret_from_fork+0x116/0x1d0 [ 15.529907] ret_from_fork_asm+0x1a/0x30 [ 15.530053] [ 15.530150] The buggy address belongs to the object at ffff888102a1a680 [ 15.530150] which belongs to the cache kmalloc-64 of size 64 [ 15.530668] The buggy address is located 0 bytes to the right of [ 15.530668] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 15.531232] [ 15.531353] The buggy address belongs to the physical page: [ 15.531523] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 15.531763] flags: 0x200000000000000(node=0|zone=2) [ 15.531998] page_type: f5(slab) [ 15.532162] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.532502] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.532743] page dumped because: kasan: bad access detected [ 15.533034] [ 15.533131] Memory state around the buggy address: [ 15.533344] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.533610] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.533820] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.534034] ^ [ 15.534454] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.534791] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.535158] ================================================================== [ 15.455067] ================================================================== [ 15.455819] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 15.456529] Write of size 4 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 15.457424] [ 15.457641] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.457694] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.457707] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.457728] Call Trace: [ 15.457745] <TASK> [ 15.457761] dump_stack_lvl+0x73/0xb0 [ 15.457790] print_report+0xd1/0x650 [ 15.457833] ? __virt_addr_valid+0x1db/0x2d0 [ 15.457856] ? kasan_atomics_helper+0x1079/0x5450 [ 15.457879] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.457904] ? kasan_atomics_helper+0x1079/0x5450 [ 15.457940] kasan_report+0x141/0x180 [ 15.457963] ? kasan_atomics_helper+0x1079/0x5450 [ 15.457992] kasan_check_range+0x10c/0x1c0 [ 15.458018] __kasan_check_write+0x18/0x20 [ 15.458038] kasan_atomics_helper+0x1079/0x5450 [ 15.458062] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.458086] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.458112] ? kasan_atomics+0x152/0x310 [ 15.458140] kasan_atomics+0x1dc/0x310 [ 15.458163] ? __pfx_kasan_atomics+0x10/0x10 [ 15.458188] ? __pfx_read_tsc+0x10/0x10 [ 15.458210] ? ktime_get_ts64+0x86/0x230 [ 15.458234] kunit_try_run_case+0x1a5/0x480 [ 15.458260] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.458283] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.458309] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.458334] ? __kthread_parkme+0x82/0x180 [ 15.458355] ? preempt_count_sub+0x50/0x80 [ 15.458380] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.458405] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.458431] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.458457] kthread+0x337/0x6f0 [ 15.458476] ? trace_preempt_on+0x20/0xc0 [ 15.458504] ? __pfx_kthread+0x10/0x10 [ 15.458527] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.458549] ? calculate_sigpending+0x7b/0xa0 [ 15.458574] ? __pfx_kthread+0x10/0x10 [ 15.458596] ret_from_fork+0x116/0x1d0 [ 15.458616] ? __pfx_kthread+0x10/0x10 [ 15.458637] ret_from_fork_asm+0x1a/0x30 [ 15.458670] </TASK> [ 15.458681] [ 15.469465] Allocated by task 282: [ 15.469803] kasan_save_stack+0x45/0x70 [ 15.470271] kasan_save_track+0x18/0x40 [ 15.470635] kasan_save_alloc_info+0x3b/0x50 [ 15.471138] __kasan_kmalloc+0xb7/0xc0 [ 15.471570] __kmalloc_cache_noprof+0x189/0x420 [ 15.472031] kasan_atomics+0x95/0x310 [ 15.472384] kunit_try_run_case+0x1a5/0x480 [ 15.472784] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.473274] kthread+0x337/0x6f0 [ 15.473456] ret_from_fork+0x116/0x1d0 [ 15.473851] ret_from_fork_asm+0x1a/0x30 [ 15.474072] [ 15.474144] The buggy address belongs to the object at ffff888102a1a680 [ 15.474144] which belongs to the cache kmalloc-64 of size 64 [ 15.474495] The buggy address is located 0 bytes to the right of [ 15.474495] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 15.474968] [ 15.475087] The buggy address belongs to the physical page: [ 15.475340] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 15.475692] flags: 0x200000000000000(node=0|zone=2) [ 15.475983] page_type: f5(slab) [ 15.476111] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.476420] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.476756] page dumped because: kasan: bad access detected [ 15.477068] [ 15.477158] Memory state around the buggy address: [ 15.477399] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.477728] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.477965] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.478467] ^ [ 15.478714] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.479054] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.479357] ================================================================== [ 16.006791] ================================================================== [ 16.007107] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 16.007591] Write of size 8 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 16.008135] [ 16.008334] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.008377] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.008390] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.008411] Call Trace: [ 16.008426] <TASK> [ 16.008442] dump_stack_lvl+0x73/0xb0 [ 16.008472] print_report+0xd1/0x650 [ 16.008496] ? __virt_addr_valid+0x1db/0x2d0 [ 16.008519] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.008542] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.008567] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.008590] kasan_report+0x141/0x180 [ 16.008614] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.008642] kasan_check_range+0x10c/0x1c0 [ 16.008667] __kasan_check_write+0x18/0x20 [ 16.008689] kasan_atomics_helper+0x1ce1/0x5450 [ 16.008726] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.008761] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.008799] ? kasan_atomics+0x152/0x310 [ 16.008827] kasan_atomics+0x1dc/0x310 [ 16.008851] ? __pfx_kasan_atomics+0x10/0x10 [ 16.008877] ? __pfx_read_tsc+0x10/0x10 [ 16.008899] ? ktime_get_ts64+0x86/0x230 [ 16.008935] kunit_try_run_case+0x1a5/0x480 [ 16.008961] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.008985] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.009011] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.009036] ? __kthread_parkme+0x82/0x180 [ 16.009057] ? preempt_count_sub+0x50/0x80 [ 16.009083] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.009108] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.009134] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.009161] kthread+0x337/0x6f0 [ 16.009180] ? trace_preempt_on+0x20/0xc0 [ 16.009204] ? __pfx_kthread+0x10/0x10 [ 16.009226] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.009249] ? calculate_sigpending+0x7b/0xa0 [ 16.009274] ? __pfx_kthread+0x10/0x10 [ 16.009296] ret_from_fork+0x116/0x1d0 [ 16.009316] ? __pfx_kthread+0x10/0x10 [ 16.009337] ret_from_fork_asm+0x1a/0x30 [ 16.009379] </TASK> [ 16.009390] [ 16.017214] Allocated by task 282: [ 16.017721] kasan_save_stack+0x45/0x70 [ 16.018208] kasan_save_track+0x18/0x40 [ 16.018573] kasan_save_alloc_info+0x3b/0x50 [ 16.019044] __kasan_kmalloc+0xb7/0xc0 [ 16.019394] __kmalloc_cache_noprof+0x189/0x420 [ 16.019828] kasan_atomics+0x95/0x310 [ 16.020187] kunit_try_run_case+0x1a5/0x480 [ 16.020589] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.021321] kthread+0x337/0x6f0 [ 16.021693] ret_from_fork+0x116/0x1d0 [ 16.022003] ret_from_fork_asm+0x1a/0x30 [ 16.022145] [ 16.022215] The buggy address belongs to the object at ffff888102a1a680 [ 16.022215] which belongs to the cache kmalloc-64 of size 64 [ 16.022566] The buggy address is located 0 bytes to the right of [ 16.022566] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 16.022957] [ 16.023029] The buggy address belongs to the physical page: [ 16.023504] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 16.024135] flags: 0x200000000000000(node=0|zone=2) [ 16.024300] page_type: f5(slab) [ 16.024419] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.024647] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.025131] page dumped because: kasan: bad access detected [ 16.025610] [ 16.025765] Memory state around the buggy address: [ 16.026275] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.026985] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.027603] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.028477] ^ [ 16.028916] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.029633] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.030164] ================================================================== [ 15.402726] ================================================================== [ 15.403562] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 15.404503] Write of size 4 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 15.405321] [ 15.405490] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.405546] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.405559] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.405580] Call Trace: [ 15.405593] <TASK> [ 15.405608] dump_stack_lvl+0x73/0xb0 [ 15.405636] print_report+0xd1/0x650 [ 15.405660] ? __virt_addr_valid+0x1db/0x2d0 [ 15.405685] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.405707] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.405732] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.405783] kasan_report+0x141/0x180 [ 15.405806] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.405845] kasan_check_range+0x10c/0x1c0 [ 15.405870] __kasan_check_write+0x18/0x20 [ 15.405891] kasan_atomics_helper+0xfa9/0x5450 [ 15.405916] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.405949] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.405975] ? kasan_atomics+0x152/0x310 [ 15.406004] kasan_atomics+0x1dc/0x310 [ 15.406027] ? __pfx_kasan_atomics+0x10/0x10 [ 15.406053] ? __pfx_read_tsc+0x10/0x10 [ 15.406075] ? ktime_get_ts64+0x86/0x230 [ 15.406100] kunit_try_run_case+0x1a5/0x480 [ 15.406125] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.406149] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.406175] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.406200] ? __kthread_parkme+0x82/0x180 [ 15.406221] ? preempt_count_sub+0x50/0x80 [ 15.406245] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.406271] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.406296] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.406323] kthread+0x337/0x6f0 [ 15.406342] ? trace_preempt_on+0x20/0xc0 [ 15.406367] ? __pfx_kthread+0x10/0x10 [ 15.406388] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.406411] ? calculate_sigpending+0x7b/0xa0 [ 15.406436] ? __pfx_kthread+0x10/0x10 [ 15.406459] ret_from_fork+0x116/0x1d0 [ 15.406478] ? __pfx_kthread+0x10/0x10 [ 15.406499] ret_from_fork_asm+0x1a/0x30 [ 15.406535] </TASK> [ 15.406546] [ 15.419023] Allocated by task 282: [ 15.419427] kasan_save_stack+0x45/0x70 [ 15.419840] kasan_save_track+0x18/0x40 [ 15.420033] kasan_save_alloc_info+0x3b/0x50 [ 15.420498] __kasan_kmalloc+0xb7/0xc0 [ 15.420784] __kmalloc_cache_noprof+0x189/0x420 [ 15.421105] kasan_atomics+0x95/0x310 [ 15.421243] kunit_try_run_case+0x1a5/0x480 [ 15.421390] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.421564] kthread+0x337/0x6f0 [ 15.421685] ret_from_fork+0x116/0x1d0 [ 15.421851] ret_from_fork_asm+0x1a/0x30 [ 15.422002] [ 15.422178] The buggy address belongs to the object at ffff888102a1a680 [ 15.422178] which belongs to the cache kmalloc-64 of size 64 [ 15.422732] The buggy address is located 0 bytes to the right of [ 15.422732] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 15.423523] [ 15.423655] The buggy address belongs to the physical page: [ 15.423855] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 15.424409] flags: 0x200000000000000(node=0|zone=2) [ 15.424671] page_type: f5(slab) [ 15.424941] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.425182] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.425496] page dumped because: kasan: bad access detected [ 15.426156] [ 15.426244] Memory state around the buggy address: [ 15.426519] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.427104] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.427421] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.427878] ^ [ 15.428223] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.428647] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.429191] ================================================================== [ 14.913580] ================================================================== [ 14.913805] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 14.914356] Read of size 4 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 14.914686] [ 14.914995] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.915041] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.915054] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.915074] Call Trace: [ 14.915090] <TASK> [ 14.915105] dump_stack_lvl+0x73/0xb0 [ 14.915135] print_report+0xd1/0x650 [ 14.915217] ? __virt_addr_valid+0x1db/0x2d0 [ 14.915241] ? kasan_atomics_helper+0x3df/0x5450 [ 14.915264] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.915288] ? kasan_atomics_helper+0x3df/0x5450 [ 14.915311] kasan_report+0x141/0x180 [ 14.915334] ? kasan_atomics_helper+0x3df/0x5450 [ 14.915362] kasan_check_range+0x10c/0x1c0 [ 14.915387] __kasan_check_read+0x15/0x20 [ 14.915406] kasan_atomics_helper+0x3df/0x5450 [ 14.915430] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.915454] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.915480] ? kasan_atomics+0x152/0x310 [ 14.915508] kasan_atomics+0x1dc/0x310 [ 14.915531] ? __pfx_kasan_atomics+0x10/0x10 [ 14.915556] ? __pfx_read_tsc+0x10/0x10 [ 14.915579] ? ktime_get_ts64+0x86/0x230 [ 14.915603] kunit_try_run_case+0x1a5/0x480 [ 14.915629] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.915653] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.915678] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.915702] ? __kthread_parkme+0x82/0x180 [ 14.915724] ? preempt_count_sub+0x50/0x80 [ 14.915749] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.915775] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.915801] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.915827] kthread+0x337/0x6f0 [ 14.915847] ? trace_preempt_on+0x20/0xc0 [ 14.915872] ? __pfx_kthread+0x10/0x10 [ 14.915894] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.915916] ? calculate_sigpending+0x7b/0xa0 [ 14.915956] ? __pfx_kthread+0x10/0x10 [ 14.915978] ret_from_fork+0x116/0x1d0 [ 14.915998] ? __pfx_kthread+0x10/0x10 [ 14.916058] ret_from_fork_asm+0x1a/0x30 [ 14.916093] </TASK> [ 14.916104] [ 14.924404] Allocated by task 282: [ 14.924558] kasan_save_stack+0x45/0x70 [ 14.924706] kasan_save_track+0x18/0x40 [ 14.925146] kasan_save_alloc_info+0x3b/0x50 [ 14.925356] __kasan_kmalloc+0xb7/0xc0 [ 14.925538] __kmalloc_cache_noprof+0x189/0x420 [ 14.925713] kasan_atomics+0x95/0x310 [ 14.926019] kunit_try_run_case+0x1a5/0x480 [ 14.926209] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.926640] kthread+0x337/0x6f0 [ 14.926770] ret_from_fork+0x116/0x1d0 [ 14.926903] ret_from_fork_asm+0x1a/0x30 [ 14.927057] [ 14.927150] The buggy address belongs to the object at ffff888102a1a680 [ 14.927150] which belongs to the cache kmalloc-64 of size 64 [ 14.927842] The buggy address is located 0 bytes to the right of [ 14.927842] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 14.928557] [ 14.928634] The buggy address belongs to the physical page: [ 14.928805] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 14.929146] flags: 0x200000000000000(node=0|zone=2) [ 14.929383] page_type: f5(slab) [ 14.929554] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.929897] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.930285] page dumped because: kasan: bad access detected [ 14.930675] [ 14.930751] Memory state around the buggy address: [ 14.930995] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.931407] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.931626] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.931879] ^ [ 14.932117] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.932487] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.932800] ================================================================== [ 14.933243] ================================================================== [ 14.933672] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 14.934234] Read of size 4 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 14.934660] [ 14.934777] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.934818] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.934831] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.934851] Call Trace: [ 14.934866] <TASK> [ 14.934882] dump_stack_lvl+0x73/0xb0 [ 14.934913] print_report+0xd1/0x650 [ 14.934953] ? __virt_addr_valid+0x1db/0x2d0 [ 14.934978] ? kasan_atomics_helper+0x4b54/0x5450 [ 14.935001] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.935083] ? kasan_atomics_helper+0x4b54/0x5450 [ 14.935108] kasan_report+0x141/0x180 [ 14.935131] ? kasan_atomics_helper+0x4b54/0x5450 [ 14.935159] __asan_report_load4_noabort+0x18/0x20 [ 14.935186] kasan_atomics_helper+0x4b54/0x5450 [ 14.935210] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.935234] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.935261] ? kasan_atomics+0x152/0x310 [ 14.935289] kasan_atomics+0x1dc/0x310 [ 14.935312] ? __pfx_kasan_atomics+0x10/0x10 [ 14.935337] ? __pfx_read_tsc+0x10/0x10 [ 14.935359] ? ktime_get_ts64+0x86/0x230 [ 14.935383] kunit_try_run_case+0x1a5/0x480 [ 14.935409] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.935433] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.935457] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.935482] ? __kthread_parkme+0x82/0x180 [ 14.935504] ? preempt_count_sub+0x50/0x80 [ 14.935529] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.935555] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.935579] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.935605] kthread+0x337/0x6f0 [ 14.935626] ? trace_preempt_on+0x20/0xc0 [ 14.935649] ? __pfx_kthread+0x10/0x10 [ 14.935671] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.935694] ? calculate_sigpending+0x7b/0xa0 [ 14.935719] ? __pfx_kthread+0x10/0x10 [ 14.935741] ret_from_fork+0x116/0x1d0 [ 14.935768] ? __pfx_kthread+0x10/0x10 [ 14.935789] ret_from_fork_asm+0x1a/0x30 [ 14.935822] </TASK> [ 14.935833] [ 14.944178] Allocated by task 282: [ 14.944357] kasan_save_stack+0x45/0x70 [ 14.944530] kasan_save_track+0x18/0x40 [ 14.944670] kasan_save_alloc_info+0x3b/0x50 [ 14.944928] __kasan_kmalloc+0xb7/0xc0 [ 14.945122] __kmalloc_cache_noprof+0x189/0x420 [ 14.945354] kasan_atomics+0x95/0x310 [ 14.945537] kunit_try_run_case+0x1a5/0x480 [ 14.945735] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.945950] kthread+0x337/0x6f0 [ 14.946072] ret_from_fork+0x116/0x1d0 [ 14.946384] ret_from_fork_asm+0x1a/0x30 [ 14.946590] [ 14.946687] The buggy address belongs to the object at ffff888102a1a680 [ 14.946687] which belongs to the cache kmalloc-64 of size 64 [ 14.947139] The buggy address is located 0 bytes to the right of [ 14.947139] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 14.947506] [ 14.947784] The buggy address belongs to the physical page: [ 14.948186] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 14.948518] flags: 0x200000000000000(node=0|zone=2) [ 14.948682] page_type: f5(slab) [ 14.948938] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.949436] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.949809] page dumped because: kasan: bad access detected [ 14.950009] [ 14.950080] Memory state around the buggy address: [ 14.950236] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.950856] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.951202] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.951552] ^ [ 14.951708] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.952131] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.952588] ================================================================== [ 15.090893] ================================================================== [ 15.091381] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 15.091815] Write of size 4 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 15.092050] [ 15.092133] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.092174] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.092187] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.092208] Call Trace: [ 15.092223] <TASK> [ 15.092240] dump_stack_lvl+0x73/0xb0 [ 15.092269] print_report+0xd1/0x650 [ 15.092291] ? __virt_addr_valid+0x1db/0x2d0 [ 15.092315] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.092338] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.092373] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.092397] kasan_report+0x141/0x180 [ 15.092420] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.092448] kasan_check_range+0x10c/0x1c0 [ 15.092473] __kasan_check_write+0x18/0x20 [ 15.092493] kasan_atomics_helper+0x7c7/0x5450 [ 15.092517] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.092541] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.092568] ? kasan_atomics+0x152/0x310 [ 15.092597] kasan_atomics+0x1dc/0x310 [ 15.092621] ? __pfx_kasan_atomics+0x10/0x10 [ 15.092647] ? __pfx_read_tsc+0x10/0x10 [ 15.092669] ? ktime_get_ts64+0x86/0x230 [ 15.092694] kunit_try_run_case+0x1a5/0x480 [ 15.092719] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.092744] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.092778] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.092803] ? __kthread_parkme+0x82/0x180 [ 15.092824] ? preempt_count_sub+0x50/0x80 [ 15.092850] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.092876] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.092901] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.092938] kthread+0x337/0x6f0 [ 15.092958] ? trace_preempt_on+0x20/0xc0 [ 15.092981] ? __pfx_kthread+0x10/0x10 [ 15.093003] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.093026] ? calculate_sigpending+0x7b/0xa0 [ 15.093051] ? __pfx_kthread+0x10/0x10 [ 15.093083] ret_from_fork+0x116/0x1d0 [ 15.093103] ? __pfx_kthread+0x10/0x10 [ 15.093124] ret_from_fork_asm+0x1a/0x30 [ 15.093158] </TASK> [ 15.093168] [ 15.100839] Allocated by task 282: [ 15.101026] kasan_save_stack+0x45/0x70 [ 15.101331] kasan_save_track+0x18/0x40 [ 15.101530] kasan_save_alloc_info+0x3b/0x50 [ 15.101740] __kasan_kmalloc+0xb7/0xc0 [ 15.101937] __kmalloc_cache_noprof+0x189/0x420 [ 15.102169] kasan_atomics+0x95/0x310 [ 15.102394] kunit_try_run_case+0x1a5/0x480 [ 15.102581] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.102811] kthread+0x337/0x6f0 [ 15.102970] ret_from_fork+0x116/0x1d0 [ 15.103101] ret_from_fork_asm+0x1a/0x30 [ 15.103240] [ 15.103309] The buggy address belongs to the object at ffff888102a1a680 [ 15.103309] which belongs to the cache kmalloc-64 of size 64 [ 15.103654] The buggy address is located 0 bytes to the right of [ 15.103654] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 15.104941] [ 15.105076] The buggy address belongs to the physical page: [ 15.105292] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 15.105577] flags: 0x200000000000000(node=0|zone=2) [ 15.105804] page_type: f5(slab) [ 15.105941] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.106230] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.106457] page dumped because: kasan: bad access detected [ 15.106629] [ 15.106698] Memory state around the buggy address: [ 15.106852] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.107194] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.107558] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.107977] ^ [ 15.108195] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.108612] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.108929] ================================================================== [ 14.860992] ================================================================== [ 14.861227] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 14.861468] Read of size 4 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 14.863698] [ 14.864126] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.864173] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.864186] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.864206] Call Trace: [ 14.864221] <TASK> [ 14.864235] dump_stack_lvl+0x73/0xb0 [ 14.864266] print_report+0xd1/0x650 [ 14.864288] ? __virt_addr_valid+0x1db/0x2d0 [ 14.864311] ? kasan_atomics_helper+0x4b88/0x5450 [ 14.864332] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.864355] ? kasan_atomics_helper+0x4b88/0x5450 [ 14.864378] kasan_report+0x141/0x180 [ 14.864400] ? kasan_atomics_helper+0x4b88/0x5450 [ 14.864426] __asan_report_load4_noabort+0x18/0x20 [ 14.864451] kasan_atomics_helper+0x4b88/0x5450 [ 14.864474] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.864497] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.864521] ? kasan_atomics+0x152/0x310 [ 14.864548] kasan_atomics+0x1dc/0x310 [ 14.864571] ? __pfx_kasan_atomics+0x10/0x10 [ 14.864594] ? __pfx_read_tsc+0x10/0x10 [ 14.864615] ? ktime_get_ts64+0x86/0x230 [ 14.864639] kunit_try_run_case+0x1a5/0x480 [ 14.864664] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.864687] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.864712] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.864736] ? __kthread_parkme+0x82/0x180 [ 14.864791] ? preempt_count_sub+0x50/0x80 [ 14.864816] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.864841] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.864877] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.864902] kthread+0x337/0x6f0 [ 14.864931] ? trace_preempt_on+0x20/0xc0 [ 14.864955] ? __pfx_kthread+0x10/0x10 [ 14.864975] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.864997] ? calculate_sigpending+0x7b/0xa0 [ 14.865080] ? __pfx_kthread+0x10/0x10 [ 14.865104] ret_from_fork+0x116/0x1d0 [ 14.865123] ? __pfx_kthread+0x10/0x10 [ 14.865143] ret_from_fork_asm+0x1a/0x30 [ 14.865175] </TASK> [ 14.865185] [ 14.879667] Allocated by task 282: [ 14.879824] kasan_save_stack+0x45/0x70 [ 14.880347] kasan_save_track+0x18/0x40 [ 14.880709] kasan_save_alloc_info+0x3b/0x50 [ 14.881227] __kasan_kmalloc+0xb7/0xc0 [ 14.881587] __kmalloc_cache_noprof+0x189/0x420 [ 14.882075] kasan_atomics+0x95/0x310 [ 14.882434] kunit_try_run_case+0x1a5/0x480 [ 14.882722] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.883408] kthread+0x337/0x6f0 [ 14.883562] ret_from_fork+0x116/0x1d0 [ 14.883981] ret_from_fork_asm+0x1a/0x30 [ 14.884330] [ 14.884404] The buggy address belongs to the object at ffff888102a1a680 [ 14.884404] which belongs to the cache kmalloc-64 of size 64 [ 14.884764] The buggy address is located 0 bytes to the right of [ 14.884764] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 14.885989] [ 14.886147] The buggy address belongs to the physical page: [ 14.886671] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 14.887481] flags: 0x200000000000000(node=0|zone=2) [ 14.888159] page_type: f5(slab) [ 14.888394] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.888624] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.888966] page dumped because: kasan: bad access detected [ 14.889506] [ 14.889708] Memory state around the buggy address: [ 14.890158] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.891003] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.891781] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.892601] ^ [ 14.892947] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.893549] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.894150] ================================================================== [ 15.736511] ================================================================== [ 15.736822] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 15.737245] Write of size 8 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 15.737546] [ 15.737626] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.737664] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.737675] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.737696] Call Trace: [ 15.737709] <TASK> [ 15.737722] dump_stack_lvl+0x73/0xb0 [ 15.737750] print_report+0xd1/0x650 [ 15.737773] ? __virt_addr_valid+0x1db/0x2d0 [ 15.737797] ? kasan_atomics_helper+0x151d/0x5450 [ 15.737820] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.737845] ? kasan_atomics_helper+0x151d/0x5450 [ 15.737868] kasan_report+0x141/0x180 [ 15.737892] ? kasan_atomics_helper+0x151d/0x5450 [ 15.737931] kasan_check_range+0x10c/0x1c0 [ 15.737957] __kasan_check_write+0x18/0x20 [ 15.737979] kasan_atomics_helper+0x151d/0x5450 [ 15.738005] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.738031] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.738058] ? kasan_atomics+0x152/0x310 [ 15.738086] kasan_atomics+0x1dc/0x310 [ 15.738110] ? __pfx_kasan_atomics+0x10/0x10 [ 15.738135] ? __pfx_read_tsc+0x10/0x10 [ 15.738157] ? ktime_get_ts64+0x86/0x230 [ 15.738183] kunit_try_run_case+0x1a5/0x480 [ 15.738208] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.738232] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.738258] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.738283] ? __kthread_parkme+0x82/0x180 [ 15.738304] ? preempt_count_sub+0x50/0x80 [ 15.738328] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.738354] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.738380] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.738407] kthread+0x337/0x6f0 [ 15.738426] ? trace_preempt_on+0x20/0xc0 [ 15.738451] ? __pfx_kthread+0x10/0x10 [ 15.738473] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.738495] ? calculate_sigpending+0x7b/0xa0 [ 15.738528] ? __pfx_kthread+0x10/0x10 [ 15.738551] ret_from_fork+0x116/0x1d0 [ 15.738571] ? __pfx_kthread+0x10/0x10 [ 15.738592] ret_from_fork_asm+0x1a/0x30 [ 15.738636] </TASK> [ 15.738646] [ 15.749274] Allocated by task 282: [ 15.749581] kasan_save_stack+0x45/0x70 [ 15.749787] kasan_save_track+0x18/0x40 [ 15.750098] kasan_save_alloc_info+0x3b/0x50 [ 15.750358] __kasan_kmalloc+0xb7/0xc0 [ 15.750608] __kmalloc_cache_noprof+0x189/0x420 [ 15.750917] kasan_atomics+0x95/0x310 [ 15.751087] kunit_try_run_case+0x1a5/0x480 [ 15.751302] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.751527] kthread+0x337/0x6f0 [ 15.751686] ret_from_fork+0x116/0x1d0 [ 15.752113] ret_from_fork_asm+0x1a/0x30 [ 15.752386] [ 15.752475] The buggy address belongs to the object at ffff888102a1a680 [ 15.752475] which belongs to the cache kmalloc-64 of size 64 [ 15.753194] The buggy address is located 0 bytes to the right of [ 15.753194] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 15.753713] [ 15.754000] The buggy address belongs to the physical page: [ 15.754230] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 15.754668] flags: 0x200000000000000(node=0|zone=2) [ 15.755000] page_type: f5(slab) [ 15.755137] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.755468] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.755994] page dumped because: kasan: bad access detected [ 15.756240] [ 15.756431] Memory state around the buggy address: [ 15.756689] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.757143] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.757457] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.757741] ^ [ 15.758153] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.758519] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.758817] ================================================================== [ 16.142204] ================================================================== [ 16.142550] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 16.142916] Write of size 8 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 16.143283] [ 16.143391] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.143433] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.143445] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.143465] Call Trace: [ 16.143480] <TASK> [ 16.143496] dump_stack_lvl+0x73/0xb0 [ 16.143524] print_report+0xd1/0x650 [ 16.143546] ? __virt_addr_valid+0x1db/0x2d0 [ 16.143570] ? kasan_atomics_helper+0x2006/0x5450 [ 16.143593] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.143617] ? kasan_atomics_helper+0x2006/0x5450 [ 16.143641] kasan_report+0x141/0x180 [ 16.143664] ? kasan_atomics_helper+0x2006/0x5450 [ 16.143693] kasan_check_range+0x10c/0x1c0 [ 16.143719] __kasan_check_write+0x18/0x20 [ 16.143762] kasan_atomics_helper+0x2006/0x5450 [ 16.143786] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.143810] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.143836] ? kasan_atomics+0x152/0x310 [ 16.143865] kasan_atomics+0x1dc/0x310 [ 16.143888] ? __pfx_kasan_atomics+0x10/0x10 [ 16.143914] ? __pfx_read_tsc+0x10/0x10 [ 16.143944] ? ktime_get_ts64+0x86/0x230 [ 16.143969] kunit_try_run_case+0x1a5/0x480 [ 16.143994] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.144018] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.144043] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.144069] ? __kthread_parkme+0x82/0x180 [ 16.144090] ? preempt_count_sub+0x50/0x80 [ 16.144115] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.144142] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.144167] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.144194] kthread+0x337/0x6f0 [ 16.144214] ? trace_preempt_on+0x20/0xc0 [ 16.144238] ? __pfx_kthread+0x10/0x10 [ 16.144260] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.144283] ? calculate_sigpending+0x7b/0xa0 [ 16.144308] ? __pfx_kthread+0x10/0x10 [ 16.144331] ret_from_fork+0x116/0x1d0 [ 16.144351] ? __pfx_kthread+0x10/0x10 [ 16.144373] ret_from_fork_asm+0x1a/0x30 [ 16.144406] </TASK> [ 16.144416] [ 16.151521] Allocated by task 282: [ 16.151694] kasan_save_stack+0x45/0x70 [ 16.151939] kasan_save_track+0x18/0x40 [ 16.152134] kasan_save_alloc_info+0x3b/0x50 [ 16.152333] __kasan_kmalloc+0xb7/0xc0 [ 16.152499] __kmalloc_cache_noprof+0x189/0x420 [ 16.152686] kasan_atomics+0x95/0x310 [ 16.152897] kunit_try_run_case+0x1a5/0x480 [ 16.153056] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.153233] kthread+0x337/0x6f0 [ 16.153356] ret_from_fork+0x116/0x1d0 [ 16.153548] ret_from_fork_asm+0x1a/0x30 [ 16.153762] [ 16.153859] The buggy address belongs to the object at ffff888102a1a680 [ 16.153859] which belongs to the cache kmalloc-64 of size 64 [ 16.154407] The buggy address is located 0 bytes to the right of [ 16.154407] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 16.155000] [ 16.155076] The buggy address belongs to the physical page: [ 16.155273] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 16.155511] flags: 0x200000000000000(node=0|zone=2) [ 16.155671] page_type: f5(slab) [ 16.155813] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.156114] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.156449] page dumped because: kasan: bad access detected [ 16.156699] [ 16.156819] Memory state around the buggy address: [ 16.157048] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.157988] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.158340] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.158640] ^ [ 16.160480] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.160712] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.160966] ================================================================== [ 14.837556] ================================================================== [ 14.838448] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 14.839818] Write of size 4 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 14.840108] [ 14.840266] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.840311] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.840323] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.840343] Call Trace: [ 14.840356] <TASK> [ 14.840553] dump_stack_lvl+0x73/0xb0 [ 14.840591] print_report+0xd1/0x650 [ 14.840614] ? __virt_addr_valid+0x1db/0x2d0 [ 14.840638] ? kasan_atomics_helper+0x4ba2/0x5450 [ 14.840660] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.840683] ? kasan_atomics_helper+0x4ba2/0x5450 [ 14.840726] kasan_report+0x141/0x180 [ 14.840748] ? kasan_atomics_helper+0x4ba2/0x5450 [ 14.840981] __asan_report_store4_noabort+0x1b/0x30 [ 14.841008] kasan_atomics_helper+0x4ba2/0x5450 [ 14.841031] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.841054] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.841080] ? kasan_atomics+0x152/0x310 [ 14.841106] kasan_atomics+0x1dc/0x310 [ 14.841129] ? __pfx_kasan_atomics+0x10/0x10 [ 14.841153] ? __pfx_read_tsc+0x10/0x10 [ 14.841173] ? ktime_get_ts64+0x86/0x230 [ 14.841237] kunit_try_run_case+0x1a5/0x480 [ 14.841275] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.841300] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.841326] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.841352] ? __kthread_parkme+0x82/0x180 [ 14.841372] ? preempt_count_sub+0x50/0x80 [ 14.841396] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.841420] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.841445] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.841471] kthread+0x337/0x6f0 [ 14.841490] ? trace_preempt_on+0x20/0xc0 [ 14.841513] ? __pfx_kthread+0x10/0x10 [ 14.841534] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.841556] ? calculate_sigpending+0x7b/0xa0 [ 14.841580] ? __pfx_kthread+0x10/0x10 [ 14.841602] ret_from_fork+0x116/0x1d0 [ 14.841623] ? __pfx_kthread+0x10/0x10 [ 14.841644] ret_from_fork_asm+0x1a/0x30 [ 14.841678] </TASK> [ 14.841688] [ 14.851211] Allocated by task 282: [ 14.851658] kasan_save_stack+0x45/0x70 [ 14.851863] kasan_save_track+0x18/0x40 [ 14.852056] kasan_save_alloc_info+0x3b/0x50 [ 14.852228] __kasan_kmalloc+0xb7/0xc0 [ 14.852383] __kmalloc_cache_noprof+0x189/0x420 [ 14.852558] kasan_atomics+0x95/0x310 [ 14.852711] kunit_try_run_case+0x1a5/0x480 [ 14.852876] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.853092] kthread+0x337/0x6f0 [ 14.853243] ret_from_fork+0x116/0x1d0 [ 14.853397] ret_from_fork_asm+0x1a/0x30 [ 14.853554] [ 14.853758] The buggy address belongs to the object at ffff888102a1a680 [ 14.853758] which belongs to the cache kmalloc-64 of size 64 [ 14.854352] The buggy address is located 0 bytes to the right of [ 14.854352] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 14.854731] [ 14.854804] The buggy address belongs to the physical page: [ 14.855009] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 14.855474] flags: 0x200000000000000(node=0|zone=2) [ 14.855766] page_type: f5(slab) [ 14.855953] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.856371] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.856777] page dumped because: kasan: bad access detected [ 14.857170] [ 14.857382] Memory state around the buggy address: [ 14.857547] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.857858] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.858092] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.858323] ^ [ 14.858476] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.860304] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.860540] ================================================================== [ 14.816556] ================================================================== [ 14.817415] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 14.817768] Read of size 4 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 14.818352] [ 14.818467] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.818516] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.818528] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.818547] Call Trace: [ 14.818558] <TASK> [ 14.818574] dump_stack_lvl+0x73/0xb0 [ 14.818603] print_report+0xd1/0x650 [ 14.818626] ? __virt_addr_valid+0x1db/0x2d0 [ 14.818650] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.818671] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.818695] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.818718] kasan_report+0x141/0x180 [ 14.818740] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.818767] __asan_report_load4_noabort+0x18/0x20 [ 14.818793] kasan_atomics_helper+0x4bbc/0x5450 [ 14.818816] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.818839] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.818866] ? kasan_atomics+0x152/0x310 [ 14.818908] kasan_atomics+0x1dc/0x310 [ 14.818942] ? __pfx_kasan_atomics+0x10/0x10 [ 14.818967] ? __pfx_read_tsc+0x10/0x10 [ 14.818989] ? ktime_get_ts64+0x86/0x230 [ 14.819014] kunit_try_run_case+0x1a5/0x480 [ 14.819039] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.819062] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.819098] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.819123] ? __kthread_parkme+0x82/0x180 [ 14.819143] ? preempt_count_sub+0x50/0x80 [ 14.819168] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.819193] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.819216] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.819242] kthread+0x337/0x6f0 [ 14.819260] ? trace_preempt_on+0x20/0xc0 [ 14.819284] ? __pfx_kthread+0x10/0x10 [ 14.819306] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.819328] ? calculate_sigpending+0x7b/0xa0 [ 14.819352] ? __pfx_kthread+0x10/0x10 [ 14.819374] ret_from_fork+0x116/0x1d0 [ 14.819391] ? __pfx_kthread+0x10/0x10 [ 14.819413] ret_from_fork_asm+0x1a/0x30 [ 14.819444] </TASK> [ 14.819454] [ 14.827182] Allocated by task 282: [ 14.827319] kasan_save_stack+0x45/0x70 [ 14.827474] kasan_save_track+0x18/0x40 [ 14.827663] kasan_save_alloc_info+0x3b/0x50 [ 14.828224] __kasan_kmalloc+0xb7/0xc0 [ 14.828437] __kmalloc_cache_noprof+0x189/0x420 [ 14.828654] kasan_atomics+0x95/0x310 [ 14.828876] kunit_try_run_case+0x1a5/0x480 [ 14.829192] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.829412] kthread+0x337/0x6f0 [ 14.829556] ret_from_fork+0x116/0x1d0 [ 14.829687] ret_from_fork_asm+0x1a/0x30 [ 14.829854] [ 14.829964] The buggy address belongs to the object at ffff888102a1a680 [ 14.829964] which belongs to the cache kmalloc-64 of size 64 [ 14.830591] The buggy address is located 0 bytes to the right of [ 14.830591] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 14.831153] [ 14.831251] The buggy address belongs to the physical page: [ 14.831681] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 14.831959] flags: 0x200000000000000(node=0|zone=2) [ 14.832552] page_type: f5(slab) [ 14.832734] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.833126] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.833421] page dumped because: kasan: bad access detected [ 14.833621] [ 14.833690] Memory state around the buggy address: [ 14.833845] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.834250] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.834587] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.834938] ^ [ 14.835226] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.835485] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.835699] ================================================================== [ 15.021913] ================================================================== [ 15.022568] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 15.023368] Write of size 4 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 15.023873] [ 15.024008] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.024053] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.024066] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.024087] Call Trace: [ 15.024105] <TASK> [ 15.024121] dump_stack_lvl+0x73/0xb0 [ 15.024151] print_report+0xd1/0x650 [ 15.024173] ? __virt_addr_valid+0x1db/0x2d0 [ 15.024205] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.024229] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.024253] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.024276] kasan_report+0x141/0x180 [ 15.024299] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.024328] kasan_check_range+0x10c/0x1c0 [ 15.024353] __kasan_check_write+0x18/0x20 [ 15.024374] kasan_atomics_helper+0x5fe/0x5450 [ 15.024398] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.024422] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.024448] ? kasan_atomics+0x152/0x310 [ 15.024476] kasan_atomics+0x1dc/0x310 [ 15.024499] ? __pfx_kasan_atomics+0x10/0x10 [ 15.024525] ? __pfx_read_tsc+0x10/0x10 [ 15.024546] ? ktime_get_ts64+0x86/0x230 [ 15.024572] kunit_try_run_case+0x1a5/0x480 [ 15.024597] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.024621] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.024646] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.024671] ? __kthread_parkme+0x82/0x180 [ 15.024694] ? preempt_count_sub+0x50/0x80 [ 15.024719] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.024754] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.024780] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.024806] kthread+0x337/0x6f0 [ 15.024826] ? trace_preempt_on+0x20/0xc0 [ 15.024850] ? __pfx_kthread+0x10/0x10 [ 15.024871] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.024894] ? calculate_sigpending+0x7b/0xa0 [ 15.024931] ? __pfx_kthread+0x10/0x10 [ 15.024954] ret_from_fork+0x116/0x1d0 [ 15.024972] ? __pfx_kthread+0x10/0x10 [ 15.024994] ret_from_fork_asm+0x1a/0x30 [ 15.025029] </TASK> [ 15.025041] [ 15.033398] Allocated by task 282: [ 15.033558] kasan_save_stack+0x45/0x70 [ 15.033759] kasan_save_track+0x18/0x40 [ 15.033903] kasan_save_alloc_info+0x3b/0x50 [ 15.034063] __kasan_kmalloc+0xb7/0xc0 [ 15.034196] __kmalloc_cache_noprof+0x189/0x420 [ 15.034351] kasan_atomics+0x95/0x310 [ 15.034562] kunit_try_run_case+0x1a5/0x480 [ 15.034794] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.035112] kthread+0x337/0x6f0 [ 15.035283] ret_from_fork+0x116/0x1d0 [ 15.035474] ret_from_fork_asm+0x1a/0x30 [ 15.035737] [ 15.035882] The buggy address belongs to the object at ffff888102a1a680 [ 15.035882] which belongs to the cache kmalloc-64 of size 64 [ 15.036691] The buggy address is located 0 bytes to the right of [ 15.036691] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 15.037763] [ 15.038649] The buggy address belongs to the physical page: [ 15.039391] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 15.039956] flags: 0x200000000000000(node=0|zone=2) [ 15.040140] page_type: f5(slab) [ 15.040265] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.040497] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.040731] page dumped because: kasan: bad access detected [ 15.040905] [ 15.041869] Memory state around the buggy address: [ 15.042583] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.043530] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.044320] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.044649] ^ [ 15.044952] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.045375] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.045780] ================================================================== [ 15.243946] ================================================================== [ 15.244368] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 15.244719] Write of size 4 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 15.245037] [ 15.245195] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.245250] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.245263] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.245282] Call Trace: [ 15.245297] <TASK> [ 15.245401] dump_stack_lvl+0x73/0xb0 [ 15.245432] print_report+0xd1/0x650 [ 15.245455] ? __virt_addr_valid+0x1db/0x2d0 [ 15.245479] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.245501] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.245526] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.245549] kasan_report+0x141/0x180 [ 15.245572] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.245599] kasan_check_range+0x10c/0x1c0 [ 15.245625] __kasan_check_write+0x18/0x20 [ 15.245678] kasan_atomics_helper+0xb6a/0x5450 [ 15.245703] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.245738] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.245772] ? kasan_atomics+0x152/0x310 [ 15.245799] kasan_atomics+0x1dc/0x310 [ 15.245824] ? __pfx_kasan_atomics+0x10/0x10 [ 15.245849] ? __pfx_read_tsc+0x10/0x10 [ 15.245871] ? ktime_get_ts64+0x86/0x230 [ 15.245897] kunit_try_run_case+0x1a5/0x480 [ 15.245964] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.245988] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.246047] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.246072] ? __kthread_parkme+0x82/0x180 [ 15.246104] ? preempt_count_sub+0x50/0x80 [ 15.246269] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.246303] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.246329] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.246355] kthread+0x337/0x6f0 [ 15.246378] ? trace_preempt_on+0x20/0xc0 [ 15.246402] ? __pfx_kthread+0x10/0x10 [ 15.246423] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.246446] ? calculate_sigpending+0x7b/0xa0 [ 15.246472] ? __pfx_kthread+0x10/0x10 [ 15.246494] ret_from_fork+0x116/0x1d0 [ 15.246523] ? __pfx_kthread+0x10/0x10 [ 15.246546] ret_from_fork_asm+0x1a/0x30 [ 15.246579] </TASK> [ 15.246590] [ 15.255706] Allocated by task 282: [ 15.255842] kasan_save_stack+0x45/0x70 [ 15.256097] kasan_save_track+0x18/0x40 [ 15.256295] kasan_save_alloc_info+0x3b/0x50 [ 15.256509] __kasan_kmalloc+0xb7/0xc0 [ 15.256702] __kmalloc_cache_noprof+0x189/0x420 [ 15.256997] kasan_atomics+0x95/0x310 [ 15.257183] kunit_try_run_case+0x1a5/0x480 [ 15.257508] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.257723] kthread+0x337/0x6f0 [ 15.257905] ret_from_fork+0x116/0x1d0 [ 15.258350] ret_from_fork_asm+0x1a/0x30 [ 15.258558] [ 15.258674] The buggy address belongs to the object at ffff888102a1a680 [ 15.258674] which belongs to the cache kmalloc-64 of size 64 [ 15.259149] The buggy address is located 0 bytes to the right of [ 15.259149] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 15.259827] [ 15.259972] The buggy address belongs to the physical page: [ 15.260167] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 15.260732] flags: 0x200000000000000(node=0|zone=2) [ 15.260908] page_type: f5(slab) [ 15.261046] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.261474] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.261853] page dumped because: kasan: bad access detected [ 15.262348] [ 15.262452] Memory state around the buggy address: [ 15.262633] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.263121] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.263391] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.263679] ^ [ 15.264488] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.264947] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.265475] ================================================================== [ 15.565374] ================================================================== [ 15.566226] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 15.566846] Read of size 4 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 15.567085] [ 15.567171] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.567213] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.567226] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.567247] Call Trace: [ 15.567263] <TASK> [ 15.567279] dump_stack_lvl+0x73/0xb0 [ 15.567307] print_report+0xd1/0x650 [ 15.567331] ? __virt_addr_valid+0x1db/0x2d0 [ 15.567355] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.567378] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.567403] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.567427] kasan_report+0x141/0x180 [ 15.567450] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.567479] __asan_report_load4_noabort+0x18/0x20 [ 15.567505] kasan_atomics_helper+0x49e8/0x5450 [ 15.567529] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.567554] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.567579] ? kasan_atomics+0x152/0x310 [ 15.567607] kasan_atomics+0x1dc/0x310 [ 15.567631] ? __pfx_kasan_atomics+0x10/0x10 [ 15.567657] ? __pfx_read_tsc+0x10/0x10 [ 15.567678] ? ktime_get_ts64+0x86/0x230 [ 15.567704] kunit_try_run_case+0x1a5/0x480 [ 15.567728] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.567801] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.567853] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.567950] ? __kthread_parkme+0x82/0x180 [ 15.567972] ? preempt_count_sub+0x50/0x80 [ 15.568007] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.568033] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.568060] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.568087] kthread+0x337/0x6f0 [ 15.568107] ? trace_preempt_on+0x20/0xc0 [ 15.568131] ? __pfx_kthread+0x10/0x10 [ 15.568153] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.568176] ? calculate_sigpending+0x7b/0xa0 [ 15.568200] ? __pfx_kthread+0x10/0x10 [ 15.568223] ret_from_fork+0x116/0x1d0 [ 15.568241] ? __pfx_kthread+0x10/0x10 [ 15.568264] ret_from_fork_asm+0x1a/0x30 [ 15.568297] </TASK> [ 15.568307] [ 15.580277] Allocated by task 282: [ 15.580443] kasan_save_stack+0x45/0x70 [ 15.580644] kasan_save_track+0x18/0x40 [ 15.581659] kasan_save_alloc_info+0x3b/0x50 [ 15.581852] __kasan_kmalloc+0xb7/0xc0 [ 15.582162] __kmalloc_cache_noprof+0x189/0x420 [ 15.582398] kasan_atomics+0x95/0x310 [ 15.582583] kunit_try_run_case+0x1a5/0x480 [ 15.583110] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.583360] kthread+0x337/0x6f0 [ 15.583538] ret_from_fork+0x116/0x1d0 [ 15.583914] ret_from_fork_asm+0x1a/0x30 [ 15.584216] [ 15.584423] The buggy address belongs to the object at ffff888102a1a680 [ 15.584423] which belongs to the cache kmalloc-64 of size 64 [ 15.585141] The buggy address is located 0 bytes to the right of [ 15.585141] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 15.585821] [ 15.586035] The buggy address belongs to the physical page: [ 15.586397] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 15.586853] flags: 0x200000000000000(node=0|zone=2) [ 15.587072] page_type: f5(slab) [ 15.587247] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.587574] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.588157] page dumped because: kasan: bad access detected [ 15.588468] [ 15.588543] Memory state around the buggy address: [ 15.589072] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.589505] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.589977] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.590385] ^ [ 15.590694] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.591136] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.591437] ================================================================== [ 15.047033] ================================================================== [ 15.047414] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 15.048067] Write of size 4 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 15.048489] [ 15.048749] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.048796] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.048808] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.048829] Call Trace: [ 15.048846] <TASK> [ 15.048861] dump_stack_lvl+0x73/0xb0 [ 15.048893] print_report+0xd1/0x650 [ 15.048916] ? __virt_addr_valid+0x1db/0x2d0 [ 15.049032] ? kasan_atomics_helper+0x697/0x5450 [ 15.049055] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.049080] ? kasan_atomics_helper+0x697/0x5450 [ 15.049103] kasan_report+0x141/0x180 [ 15.049127] ? kasan_atomics_helper+0x697/0x5450 [ 15.049156] kasan_check_range+0x10c/0x1c0 [ 15.049181] __kasan_check_write+0x18/0x20 [ 15.049202] kasan_atomics_helper+0x697/0x5450 [ 15.049226] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.049250] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.049276] ? kasan_atomics+0x152/0x310 [ 15.049321] kasan_atomics+0x1dc/0x310 [ 15.049345] ? __pfx_kasan_atomics+0x10/0x10 [ 15.049371] ? __pfx_read_tsc+0x10/0x10 [ 15.049392] ? ktime_get_ts64+0x86/0x230 [ 15.049417] kunit_try_run_case+0x1a5/0x480 [ 15.049442] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.049467] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.049491] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.049516] ? __kthread_parkme+0x82/0x180 [ 15.049537] ? preempt_count_sub+0x50/0x80 [ 15.049562] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.049587] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.049613] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.049639] kthread+0x337/0x6f0 [ 15.049659] ? trace_preempt_on+0x20/0xc0 [ 15.049683] ? __pfx_kthread+0x10/0x10 [ 15.049705] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.049727] ? calculate_sigpending+0x7b/0xa0 [ 15.049760] ? __pfx_kthread+0x10/0x10 [ 15.049783] ret_from_fork+0x116/0x1d0 [ 15.049802] ? __pfx_kthread+0x10/0x10 [ 15.049823] ret_from_fork_asm+0x1a/0x30 [ 15.049858] </TASK> [ 15.049868] [ 15.060395] Allocated by task 282: [ 15.060549] kasan_save_stack+0x45/0x70 [ 15.060791] kasan_save_track+0x18/0x40 [ 15.061325] kasan_save_alloc_info+0x3b/0x50 [ 15.061525] __kasan_kmalloc+0xb7/0xc0 [ 15.061711] __kmalloc_cache_noprof+0x189/0x420 [ 15.062021] kasan_atomics+0x95/0x310 [ 15.062356] kunit_try_run_case+0x1a5/0x480 [ 15.062612] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.063019] kthread+0x337/0x6f0 [ 15.063196] ret_from_fork+0x116/0x1d0 [ 15.063366] ret_from_fork_asm+0x1a/0x30 [ 15.063700] [ 15.063851] The buggy address belongs to the object at ffff888102a1a680 [ 15.063851] which belongs to the cache kmalloc-64 of size 64 [ 15.064559] The buggy address is located 0 bytes to the right of [ 15.064559] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 15.065357] [ 15.065480] The buggy address belongs to the physical page: [ 15.065724] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 15.066112] flags: 0x200000000000000(node=0|zone=2) [ 15.066531] page_type: f5(slab) [ 15.066691] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.067251] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.067577] page dumped because: kasan: bad access detected [ 15.067941] [ 15.068017] Memory state around the buggy address: [ 15.068388] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.068839] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.069142] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.069584] ^ [ 15.069818] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.070222] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.070672] ================================================================== [ 15.638659] ================================================================== [ 15.639117] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 15.639633] Read of size 8 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 15.640472] [ 15.640583] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.640626] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.640640] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.640661] Call Trace: [ 15.640699] <TASK> [ 15.640731] dump_stack_lvl+0x73/0xb0 [ 15.640762] print_report+0xd1/0x650 [ 15.640799] ? __virt_addr_valid+0x1db/0x2d0 [ 15.640836] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.640858] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.640897] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.640950] kasan_report+0x141/0x180 [ 15.640974] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.641014] kasan_check_range+0x10c/0x1c0 [ 15.641038] __kasan_check_read+0x15/0x20 [ 15.641059] kasan_atomics_helper+0x13b5/0x5450 [ 15.641407] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.641437] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.641464] ? kasan_atomics+0x152/0x310 [ 15.641492] kasan_atomics+0x1dc/0x310 [ 15.641515] ? __pfx_kasan_atomics+0x10/0x10 [ 15.641541] ? __pfx_read_tsc+0x10/0x10 [ 15.641562] ? ktime_get_ts64+0x86/0x230 [ 15.641587] kunit_try_run_case+0x1a5/0x480 [ 15.641611] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.641636] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.641660] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.641685] ? __kthread_parkme+0x82/0x180 [ 15.641706] ? preempt_count_sub+0x50/0x80 [ 15.641731] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.641756] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.641782] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.641808] kthread+0x337/0x6f0 [ 15.641828] ? trace_preempt_on+0x20/0xc0 [ 15.642779] ? __pfx_kthread+0x10/0x10 [ 15.642820] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.642846] ? calculate_sigpending+0x7b/0xa0 [ 15.642871] ? __pfx_kthread+0x10/0x10 [ 15.642895] ret_from_fork+0x116/0x1d0 [ 15.642916] ? __pfx_kthread+0x10/0x10 [ 15.642954] ret_from_fork_asm+0x1a/0x30 [ 15.642992] </TASK> [ 15.643004] [ 15.658281] Allocated by task 282: [ 15.658555] kasan_save_stack+0x45/0x70 [ 15.658871] kasan_save_track+0x18/0x40 [ 15.659112] kasan_save_alloc_info+0x3b/0x50 [ 15.659464] __kasan_kmalloc+0xb7/0xc0 [ 15.659600] __kmalloc_cache_noprof+0x189/0x420 [ 15.659784] kasan_atomics+0x95/0x310 [ 15.660146] kunit_try_run_case+0x1a5/0x480 [ 15.660546] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.661094] kthread+0x337/0x6f0 [ 15.661411] ret_from_fork+0x116/0x1d0 [ 15.661752] ret_from_fork_asm+0x1a/0x30 [ 15.662129] [ 15.662204] The buggy address belongs to the object at ffff888102a1a680 [ 15.662204] which belongs to the cache kmalloc-64 of size 64 [ 15.662566] The buggy address is located 0 bytes to the right of [ 15.662566] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 15.663359] [ 15.663532] The buggy address belongs to the physical page: [ 15.664089] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 15.664765] flags: 0x200000000000000(node=0|zone=2) [ 15.665213] page_type: f5(slab) [ 15.665505] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.666258] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.667015] page dumped because: kasan: bad access detected [ 15.667195] [ 15.667265] Memory state around the buggy address: [ 15.667422] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.667638] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.668084] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.668695] ^ [ 15.669193] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.669813] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.670420] ================================================================== [ 15.267816] ================================================================== [ 15.268559] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 15.269235] Write of size 4 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 15.269758] [ 15.269988] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.270074] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.270223] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.270250] Call Trace: [ 15.270266] <TASK> [ 15.270295] dump_stack_lvl+0x73/0xb0 [ 15.270360] print_report+0xd1/0x650 [ 15.270386] ? __virt_addr_valid+0x1db/0x2d0 [ 15.270412] ? kasan_atomics_helper+0xc70/0x5450 [ 15.270436] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.270462] ? kasan_atomics_helper+0xc70/0x5450 [ 15.270486] kasan_report+0x141/0x180 [ 15.270520] ? kasan_atomics_helper+0xc70/0x5450 [ 15.270548] kasan_check_range+0x10c/0x1c0 [ 15.270573] __kasan_check_write+0x18/0x20 [ 15.270592] kasan_atomics_helper+0xc70/0x5450 [ 15.270617] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.270640] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.270666] ? kasan_atomics+0x152/0x310 [ 15.270695] kasan_atomics+0x1dc/0x310 [ 15.270719] ? __pfx_kasan_atomics+0x10/0x10 [ 15.270744] ? __pfx_read_tsc+0x10/0x10 [ 15.270777] ? ktime_get_ts64+0x86/0x230 [ 15.270802] kunit_try_run_case+0x1a5/0x480 [ 15.270828] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.270852] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.270877] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.270901] ? __kthread_parkme+0x82/0x180 [ 15.270934] ? preempt_count_sub+0x50/0x80 [ 15.270961] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.270986] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.271013] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.271039] kthread+0x337/0x6f0 [ 15.271059] ? trace_preempt_on+0x20/0xc0 [ 15.271082] ? __pfx_kthread+0x10/0x10 [ 15.271104] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.271126] ? calculate_sigpending+0x7b/0xa0 [ 15.271152] ? __pfx_kthread+0x10/0x10 [ 15.271174] ret_from_fork+0x116/0x1d0 [ 15.271193] ? __pfx_kthread+0x10/0x10 [ 15.271214] ret_from_fork_asm+0x1a/0x30 [ 15.271247] </TASK> [ 15.271258] [ 15.282620] Allocated by task 282: [ 15.283109] kasan_save_stack+0x45/0x70 [ 15.283382] kasan_save_track+0x18/0x40 [ 15.283799] kasan_save_alloc_info+0x3b/0x50 [ 15.284035] __kasan_kmalloc+0xb7/0xc0 [ 15.284210] __kmalloc_cache_noprof+0x189/0x420 [ 15.284415] kasan_atomics+0x95/0x310 [ 15.284590] kunit_try_run_case+0x1a5/0x480 [ 15.285081] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.285369] kthread+0x337/0x6f0 [ 15.285762] ret_from_fork+0x116/0x1d0 [ 15.285981] ret_from_fork_asm+0x1a/0x30 [ 15.286168] [ 15.286259] The buggy address belongs to the object at ffff888102a1a680 [ 15.286259] which belongs to the cache kmalloc-64 of size 64 [ 15.286744] The buggy address is located 0 bytes to the right of [ 15.286744] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 15.287669] [ 15.287992] The buggy address belongs to the physical page: [ 15.288312] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 15.288639] flags: 0x200000000000000(node=0|zone=2) [ 15.289187] page_type: f5(slab) [ 15.289366] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.289680] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.290459] page dumped because: kasan: bad access detected [ 15.290769] [ 15.291101] Memory state around the buggy address: [ 15.291462] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.292298] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.292857] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.293170] ^ [ 15.293382] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.293671] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.294267] ================================================================== [ 15.376050] ================================================================== [ 15.377076] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 15.377331] Write of size 4 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 15.377551] [ 15.377638] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.377682] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.377695] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.377716] Call Trace: [ 15.378137] <TASK> [ 15.378159] dump_stack_lvl+0x73/0xb0 [ 15.378190] print_report+0xd1/0x650 [ 15.378214] ? __virt_addr_valid+0x1db/0x2d0 [ 15.378238] ? kasan_atomics_helper+0xf10/0x5450 [ 15.378261] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.378287] ? kasan_atomics_helper+0xf10/0x5450 [ 15.378310] kasan_report+0x141/0x180 [ 15.378333] ? kasan_atomics_helper+0xf10/0x5450 [ 15.378362] kasan_check_range+0x10c/0x1c0 [ 15.378437] __kasan_check_write+0x18/0x20 [ 15.378779] kasan_atomics_helper+0xf10/0x5450 [ 15.378813] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.378838] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.378864] ? kasan_atomics+0x152/0x310 [ 15.378893] kasan_atomics+0x1dc/0x310 [ 15.378917] ? __pfx_kasan_atomics+0x10/0x10 [ 15.378953] ? __pfx_read_tsc+0x10/0x10 [ 15.378974] ? ktime_get_ts64+0x86/0x230 [ 15.378999] kunit_try_run_case+0x1a5/0x480 [ 15.379024] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.379048] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.379073] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.379098] ? __kthread_parkme+0x82/0x180 [ 15.379119] ? preempt_count_sub+0x50/0x80 [ 15.379144] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.379170] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.379195] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.379222] kthread+0x337/0x6f0 [ 15.379241] ? trace_preempt_on+0x20/0xc0 [ 15.379265] ? __pfx_kthread+0x10/0x10 [ 15.379287] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.379311] ? calculate_sigpending+0x7b/0xa0 [ 15.379336] ? __pfx_kthread+0x10/0x10 [ 15.379359] ret_from_fork+0x116/0x1d0 [ 15.379378] ? __pfx_kthread+0x10/0x10 [ 15.379400] ret_from_fork_asm+0x1a/0x30 [ 15.379433] </TASK> [ 15.379444] [ 15.388994] Allocated by task 282: [ 15.389187] kasan_save_stack+0x45/0x70 [ 15.389400] kasan_save_track+0x18/0x40 [ 15.389599] kasan_save_alloc_info+0x3b/0x50 [ 15.389875] __kasan_kmalloc+0xb7/0xc0 [ 15.391074] __kmalloc_cache_noprof+0x189/0x420 [ 15.391558] kasan_atomics+0x95/0x310 [ 15.391708] kunit_try_run_case+0x1a5/0x480 [ 15.391867] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.392136] kthread+0x337/0x6f0 [ 15.392470] ret_from_fork+0x116/0x1d0 [ 15.392878] ret_from_fork_asm+0x1a/0x30 [ 15.393335] [ 15.393496] The buggy address belongs to the object at ffff888102a1a680 [ 15.393496] which belongs to the cache kmalloc-64 of size 64 [ 15.394716] The buggy address is located 0 bytes to the right of [ 15.394716] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 15.395850] [ 15.396044] The buggy address belongs to the physical page: [ 15.396562] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 15.397265] flags: 0x200000000000000(node=0|zone=2) [ 15.397723] page_type: f5(slab) [ 15.398080] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.398672] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.399272] page dumped because: kasan: bad access detected [ 15.399700] [ 15.399772] Memory state around the buggy address: [ 15.400239] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.400704] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.400977] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.401189] ^ [ 15.401344] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.401560] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.401834] ================================================================== [ 15.821256] ================================================================== [ 15.821828] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 15.823329] Write of size 8 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 15.823687] [ 15.823771] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.823812] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.823824] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.823845] Call Trace: [ 15.823858] <TASK> [ 15.823871] dump_stack_lvl+0x73/0xb0 [ 15.823901] print_report+0xd1/0x650 [ 15.823935] ? __virt_addr_valid+0x1db/0x2d0 [ 15.823959] ? kasan_atomics_helper+0x177f/0x5450 [ 15.823982] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.824007] ? kasan_atomics_helper+0x177f/0x5450 [ 15.824030] kasan_report+0x141/0x180 [ 15.824053] ? kasan_atomics_helper+0x177f/0x5450 [ 15.824082] kasan_check_range+0x10c/0x1c0 [ 15.824106] __kasan_check_write+0x18/0x20 [ 15.824127] kasan_atomics_helper+0x177f/0x5450 [ 15.824151] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.824175] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.824201] ? kasan_atomics+0x152/0x310 [ 15.824229] kasan_atomics+0x1dc/0x310 [ 15.824252] ? __pfx_kasan_atomics+0x10/0x10 [ 15.824300] ? __pfx_read_tsc+0x10/0x10 [ 15.824322] ? ktime_get_ts64+0x86/0x230 [ 15.824348] kunit_try_run_case+0x1a5/0x480 [ 15.824373] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.824398] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.824429] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.824454] ? __kthread_parkme+0x82/0x180 [ 15.824475] ? preempt_count_sub+0x50/0x80 [ 15.824500] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.824526] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.824551] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.824578] kthread+0x337/0x6f0 [ 15.824597] ? trace_preempt_on+0x20/0xc0 [ 15.824632] ? __pfx_kthread+0x10/0x10 [ 15.824653] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.824676] ? calculate_sigpending+0x7b/0xa0 [ 15.824713] ? __pfx_kthread+0x10/0x10 [ 15.824735] ret_from_fork+0x116/0x1d0 [ 15.824755] ? __pfx_kthread+0x10/0x10 [ 15.824777] ret_from_fork_asm+0x1a/0x30 [ 15.824810] </TASK> [ 15.824820] [ 15.836352] Allocated by task 282: [ 15.836705] kasan_save_stack+0x45/0x70 [ 15.836939] kasan_save_track+0x18/0x40 [ 15.837140] kasan_save_alloc_info+0x3b/0x50 [ 15.837344] __kasan_kmalloc+0xb7/0xc0 [ 15.837523] __kmalloc_cache_noprof+0x189/0x420 [ 15.837736] kasan_atomics+0x95/0x310 [ 15.838282] kunit_try_run_case+0x1a5/0x480 [ 15.838514] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.838887] kthread+0x337/0x6f0 [ 15.839046] ret_from_fork+0x116/0x1d0 [ 15.839365] ret_from_fork_asm+0x1a/0x30 [ 15.839642] [ 15.839743] The buggy address belongs to the object at ffff888102a1a680 [ 15.839743] which belongs to the cache kmalloc-64 of size 64 [ 15.840429] The buggy address is located 0 bytes to the right of [ 15.840429] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 15.841299] [ 15.841408] The buggy address belongs to the physical page: [ 15.841654] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 15.842151] flags: 0x200000000000000(node=0|zone=2) [ 15.842458] page_type: f5(slab) [ 15.842595] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.843222] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.843622] page dumped because: kasan: bad access detected [ 15.844064] [ 15.844165] Memory state around the buggy address: [ 15.844375] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.844684] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.845143] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.845527] ^ [ 15.845744] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.846211] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.846582] ================================================================== [ 14.894531] ================================================================== [ 14.894761] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 14.895081] Write of size 4 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 14.895375] [ 14.895456] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.895496] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.895508] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.895527] Call Trace: [ 14.895542] <TASK> [ 14.895556] dump_stack_lvl+0x73/0xb0 [ 14.895584] print_report+0xd1/0x650 [ 14.895605] ? __virt_addr_valid+0x1db/0x2d0 [ 14.895628] ? kasan_atomics_helper+0x4b6e/0x5450 [ 14.895650] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.895673] ? kasan_atomics_helper+0x4b6e/0x5450 [ 14.895695] kasan_report+0x141/0x180 [ 14.895881] ? kasan_atomics_helper+0x4b6e/0x5450 [ 14.895912] __asan_report_store4_noabort+0x1b/0x30 [ 14.895972] kasan_atomics_helper+0x4b6e/0x5450 [ 14.895997] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.896021] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.896196] ? kasan_atomics+0x152/0x310 [ 14.896230] kasan_atomics+0x1dc/0x310 [ 14.896253] ? __pfx_kasan_atomics+0x10/0x10 [ 14.896279] ? __pfx_read_tsc+0x10/0x10 [ 14.896301] ? ktime_get_ts64+0x86/0x230 [ 14.896327] kunit_try_run_case+0x1a5/0x480 [ 14.896352] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.896376] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.896402] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.896426] ? __kthread_parkme+0x82/0x180 [ 14.896448] ? preempt_count_sub+0x50/0x80 [ 14.896473] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.896499] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.896524] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.896551] kthread+0x337/0x6f0 [ 14.896571] ? trace_preempt_on+0x20/0xc0 [ 14.896596] ? __pfx_kthread+0x10/0x10 [ 14.896617] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.896640] ? calculate_sigpending+0x7b/0xa0 [ 14.896665] ? __pfx_kthread+0x10/0x10 [ 14.896687] ret_from_fork+0x116/0x1d0 [ 14.896706] ? __pfx_kthread+0x10/0x10 [ 14.896728] ret_from_fork_asm+0x1a/0x30 [ 14.896761] </TASK> [ 14.896772] [ 14.905046] Allocated by task 282: [ 14.905236] kasan_save_stack+0x45/0x70 [ 14.905442] kasan_save_track+0x18/0x40 [ 14.905638] kasan_save_alloc_info+0x3b/0x50 [ 14.905827] __kasan_kmalloc+0xb7/0xc0 [ 14.906128] __kmalloc_cache_noprof+0x189/0x420 [ 14.906320] kasan_atomics+0x95/0x310 [ 14.906459] kunit_try_run_case+0x1a5/0x480 [ 14.906672] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.907081] kthread+0x337/0x6f0 [ 14.907242] ret_from_fork+0x116/0x1d0 [ 14.907419] ret_from_fork_asm+0x1a/0x30 [ 14.907590] [ 14.907661] The buggy address belongs to the object at ffff888102a1a680 [ 14.907661] which belongs to the cache kmalloc-64 of size 64 [ 14.908213] The buggy address is located 0 bytes to the right of [ 14.908213] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 14.908598] [ 14.908708] The buggy address belongs to the physical page: [ 14.909279] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 14.909648] flags: 0x200000000000000(node=0|zone=2) [ 14.909885] page_type: f5(slab) [ 14.910070] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.910429] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.910754] page dumped because: kasan: bad access detected [ 14.910937] [ 14.911008] Memory state around the buggy address: [ 14.911164] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.911489] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.911951] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.912344] ^ [ 14.912519] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.912744] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.913140] ================================================================== [ 15.313621] ================================================================== [ 15.314299] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 15.314660] Write of size 4 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 15.314900] [ 15.315121] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.315163] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.315175] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.315207] Call Trace: [ 15.315221] <TASK> [ 15.315237] dump_stack_lvl+0x73/0xb0 [ 15.315265] print_report+0xd1/0x650 [ 15.315301] ? __virt_addr_valid+0x1db/0x2d0 [ 15.315325] ? kasan_atomics_helper+0xd47/0x5450 [ 15.315348] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.315372] ? kasan_atomics_helper+0xd47/0x5450 [ 15.315396] kasan_report+0x141/0x180 [ 15.315419] ? kasan_atomics_helper+0xd47/0x5450 [ 15.315448] kasan_check_range+0x10c/0x1c0 [ 15.315474] __kasan_check_write+0x18/0x20 [ 15.315495] kasan_atomics_helper+0xd47/0x5450 [ 15.315519] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.315552] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.315578] ? kasan_atomics+0x152/0x310 [ 15.315606] kasan_atomics+0x1dc/0x310 [ 15.315640] ? __pfx_kasan_atomics+0x10/0x10 [ 15.315666] ? __pfx_read_tsc+0x10/0x10 [ 15.315688] ? ktime_get_ts64+0x86/0x230 [ 15.315714] kunit_try_run_case+0x1a5/0x480 [ 15.315752] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.315776] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.315802] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.315849] ? __kthread_parkme+0x82/0x180 [ 15.315870] ? preempt_count_sub+0x50/0x80 [ 15.315896] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.315931] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.315956] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.315984] kthread+0x337/0x6f0 [ 15.316004] ? trace_preempt_on+0x20/0xc0 [ 15.316030] ? __pfx_kthread+0x10/0x10 [ 15.316051] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.316073] ? calculate_sigpending+0x7b/0xa0 [ 15.316099] ? __pfx_kthread+0x10/0x10 [ 15.316121] ret_from_fork+0x116/0x1d0 [ 15.316140] ? __pfx_kthread+0x10/0x10 [ 15.316171] ret_from_fork_asm+0x1a/0x30 [ 15.316204] </TASK> [ 15.316215] [ 15.324166] Allocated by task 282: [ 15.324357] kasan_save_stack+0x45/0x70 [ 15.324524] kasan_save_track+0x18/0x40 [ 15.324743] kasan_save_alloc_info+0x3b/0x50 [ 15.324907] __kasan_kmalloc+0xb7/0xc0 [ 15.325053] __kmalloc_cache_noprof+0x189/0x420 [ 15.325212] kasan_atomics+0x95/0x310 [ 15.325421] kunit_try_run_case+0x1a5/0x480 [ 15.325634] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.325882] kthread+0x337/0x6f0 [ 15.326130] ret_from_fork+0x116/0x1d0 [ 15.326345] ret_from_fork_asm+0x1a/0x30 [ 15.326492] [ 15.326570] The buggy address belongs to the object at ffff888102a1a680 [ 15.326570] which belongs to the cache kmalloc-64 of size 64 [ 15.327370] The buggy address is located 0 bytes to the right of [ 15.327370] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 15.327930] [ 15.328016] The buggy address belongs to the physical page: [ 15.328263] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 15.328613] flags: 0x200000000000000(node=0|zone=2) [ 15.328864] page_type: f5(slab) [ 15.329038] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.329353] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.329627] page dumped because: kasan: bad access detected [ 15.329799] [ 15.329869] Memory state around the buggy address: [ 15.330034] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.330249] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.330600] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.331233] ^ [ 15.331461] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.331773] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.332100] ================================================================== [ 15.071270] ================================================================== [ 15.071614] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 15.072296] Write of size 4 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 15.072670] [ 15.072891] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.072947] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.072961] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.072981] Call Trace: [ 15.072995] <TASK> [ 15.073010] dump_stack_lvl+0x73/0xb0 [ 15.073041] print_report+0xd1/0x650 [ 15.073064] ? __virt_addr_valid+0x1db/0x2d0 [ 15.073089] ? kasan_atomics_helper+0x72f/0x5450 [ 15.073111] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.073136] ? kasan_atomics_helper+0x72f/0x5450 [ 15.073160] kasan_report+0x141/0x180 [ 15.073183] ? kasan_atomics_helper+0x72f/0x5450 [ 15.073211] kasan_check_range+0x10c/0x1c0 [ 15.073236] __kasan_check_write+0x18/0x20 [ 15.073257] kasan_atomics_helper+0x72f/0x5450 [ 15.073281] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.073305] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.073331] ? kasan_atomics+0x152/0x310 [ 15.073360] kasan_atomics+0x1dc/0x310 [ 15.073383] ? __pfx_kasan_atomics+0x10/0x10 [ 15.073408] ? __pfx_read_tsc+0x10/0x10 [ 15.073431] ? ktime_get_ts64+0x86/0x230 [ 15.073456] kunit_try_run_case+0x1a5/0x480 [ 15.073482] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.073506] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.073530] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.073556] ? __kthread_parkme+0x82/0x180 [ 15.073576] ? preempt_count_sub+0x50/0x80 [ 15.073600] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.073626] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.073653] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.073679] kthread+0x337/0x6f0 [ 15.073698] ? trace_preempt_on+0x20/0xc0 [ 15.073724] ? __pfx_kthread+0x10/0x10 [ 15.073745] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.073783] ? calculate_sigpending+0x7b/0xa0 [ 15.073808] ? __pfx_kthread+0x10/0x10 [ 15.073831] ret_from_fork+0x116/0x1d0 [ 15.073849] ? __pfx_kthread+0x10/0x10 [ 15.073872] ret_from_fork_asm+0x1a/0x30 [ 15.073905] </TASK> [ 15.073915] [ 15.082045] Allocated by task 282: [ 15.082178] kasan_save_stack+0x45/0x70 [ 15.082324] kasan_save_track+0x18/0x40 [ 15.082457] kasan_save_alloc_info+0x3b/0x50 [ 15.083005] __kasan_kmalloc+0xb7/0xc0 [ 15.083193] __kmalloc_cache_noprof+0x189/0x420 [ 15.083417] kasan_atomics+0x95/0x310 [ 15.083612] kunit_try_run_case+0x1a5/0x480 [ 15.083898] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.084252] kthread+0x337/0x6f0 [ 15.084410] ret_from_fork+0x116/0x1d0 [ 15.084543] ret_from_fork_asm+0x1a/0x30 [ 15.084732] [ 15.084838] The buggy address belongs to the object at ffff888102a1a680 [ 15.084838] which belongs to the cache kmalloc-64 of size 64 [ 15.085337] The buggy address is located 0 bytes to the right of [ 15.085337] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 15.085699] [ 15.085769] The buggy address belongs to the physical page: [ 15.086126] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 15.086488] flags: 0x200000000000000(node=0|zone=2) [ 15.086699] page_type: f5(slab) [ 15.086959] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.087195] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.087420] page dumped because: kasan: bad access detected [ 15.087590] [ 15.087745] Memory state around the buggy address: [ 15.088105] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.088612] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.089053] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.089354] ^ [ 15.089538] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.089753] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.090017] ================================================================== [ 15.759482] ================================================================== [ 15.759743] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 15.760431] Write of size 8 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 15.760868] [ 15.761064] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.761107] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.761121] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.761253] Call Trace: [ 15.761270] <TASK> [ 15.761288] dump_stack_lvl+0x73/0xb0 [ 15.761318] print_report+0xd1/0x650 [ 15.761343] ? __virt_addr_valid+0x1db/0x2d0 [ 15.761366] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.761389] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.761414] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.761437] kasan_report+0x141/0x180 [ 15.761460] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.761490] kasan_check_range+0x10c/0x1c0 [ 15.761515] __kasan_check_write+0x18/0x20 [ 15.761536] kasan_atomics_helper+0x15b6/0x5450 [ 15.761561] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.761585] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.761612] ? kasan_atomics+0x152/0x310 [ 15.761640] kasan_atomics+0x1dc/0x310 [ 15.761664] ? __pfx_kasan_atomics+0x10/0x10 [ 15.761689] ? __pfx_read_tsc+0x10/0x10 [ 15.761711] ? ktime_get_ts64+0x86/0x230 [ 15.761736] kunit_try_run_case+0x1a5/0x480 [ 15.761772] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.761796] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.761821] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.761847] ? __kthread_parkme+0x82/0x180 [ 15.761868] ? preempt_count_sub+0x50/0x80 [ 15.761894] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.761933] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.761959] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.761987] kthread+0x337/0x6f0 [ 15.762007] ? trace_preempt_on+0x20/0xc0 [ 15.762032] ? __pfx_kthread+0x10/0x10 [ 15.762055] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.762077] ? calculate_sigpending+0x7b/0xa0 [ 15.762103] ? __pfx_kthread+0x10/0x10 [ 15.762125] ret_from_fork+0x116/0x1d0 [ 15.762144] ? __pfx_kthread+0x10/0x10 [ 15.762166] ret_from_fork_asm+0x1a/0x30 [ 15.762200] </TASK> [ 15.762211] [ 15.771854] Allocated by task 282: [ 15.772210] kasan_save_stack+0x45/0x70 [ 15.772410] kasan_save_track+0x18/0x40 [ 15.772598] kasan_save_alloc_info+0x3b/0x50 [ 15.772790] __kasan_kmalloc+0xb7/0xc0 [ 15.773115] __kmalloc_cache_noprof+0x189/0x420 [ 15.773334] kasan_atomics+0x95/0x310 [ 15.773508] kunit_try_run_case+0x1a5/0x480 [ 15.773707] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.774133] kthread+0x337/0x6f0 [ 15.774379] ret_from_fork+0x116/0x1d0 [ 15.774541] ret_from_fork_asm+0x1a/0x30 [ 15.774746] [ 15.774833] The buggy address belongs to the object at ffff888102a1a680 [ 15.774833] which belongs to the cache kmalloc-64 of size 64 [ 15.775545] The buggy address is located 0 bytes to the right of [ 15.775545] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 15.776250] [ 15.776340] The buggy address belongs to the physical page: [ 15.776581] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 15.777136] flags: 0x200000000000000(node=0|zone=2) [ 15.777429] page_type: f5(slab) [ 15.777555] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.778117] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.778514] page dumped because: kasan: bad access detected [ 15.778738] [ 15.778902] Memory state around the buggy address: [ 15.779197] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.779633] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.780030] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.780336] ^ [ 15.780541] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.781102] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.781700] ================================================================== [ 15.905984] ================================================================== [ 15.907159] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 15.907430] Write of size 8 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 15.907780] [ 15.907891] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.907952] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.907966] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.907988] Call Trace: [ 15.908002] <TASK> [ 15.908017] dump_stack_lvl+0x73/0xb0 [ 15.908047] print_report+0xd1/0x650 [ 15.908071] ? __virt_addr_valid+0x1db/0x2d0 [ 15.908095] ? kasan_atomics_helper+0x19e3/0x5450 [ 15.908118] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.908143] ? kasan_atomics_helper+0x19e3/0x5450 [ 15.908166] kasan_report+0x141/0x180 [ 15.908190] ? kasan_atomics_helper+0x19e3/0x5450 [ 15.908218] kasan_check_range+0x10c/0x1c0 [ 15.908244] __kasan_check_write+0x18/0x20 [ 15.908265] kasan_atomics_helper+0x19e3/0x5450 [ 15.908289] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.908313] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.908339] ? kasan_atomics+0x152/0x310 [ 15.908367] kasan_atomics+0x1dc/0x310 [ 15.908390] ? __pfx_kasan_atomics+0x10/0x10 [ 15.908416] ? __pfx_read_tsc+0x10/0x10 [ 15.908437] ? ktime_get_ts64+0x86/0x230 [ 15.908463] kunit_try_run_case+0x1a5/0x480 [ 15.908488] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.908512] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.908537] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.908562] ? __kthread_parkme+0x82/0x180 [ 15.908584] ? preempt_count_sub+0x50/0x80 [ 15.908608] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.908634] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.908660] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.908686] kthread+0x337/0x6f0 [ 15.908705] ? trace_preempt_on+0x20/0xc0 [ 15.908730] ? __pfx_kthread+0x10/0x10 [ 15.908772] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.908796] ? calculate_sigpending+0x7b/0xa0 [ 15.908821] ? __pfx_kthread+0x10/0x10 [ 15.908844] ret_from_fork+0x116/0x1d0 [ 15.908862] ? __pfx_kthread+0x10/0x10 [ 15.908884] ret_from_fork_asm+0x1a/0x30 [ 15.908947] </TASK> [ 15.908958] [ 15.916029] Allocated by task 282: [ 15.916214] kasan_save_stack+0x45/0x70 [ 15.916423] kasan_save_track+0x18/0x40 [ 15.916617] kasan_save_alloc_info+0x3b/0x50 [ 15.916860] __kasan_kmalloc+0xb7/0xc0 [ 15.917122] __kmalloc_cache_noprof+0x189/0x420 [ 15.917313] kasan_atomics+0x95/0x310 [ 15.917487] kunit_try_run_case+0x1a5/0x480 [ 15.917664] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.917911] kthread+0x337/0x6f0 [ 15.918098] ret_from_fork+0x116/0x1d0 [ 15.918255] ret_from_fork_asm+0x1a/0x30 [ 15.918448] [ 15.918540] The buggy address belongs to the object at ffff888102a1a680 [ 15.918540] which belongs to the cache kmalloc-64 of size 64 [ 15.919062] The buggy address is located 0 bytes to the right of [ 15.919062] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 15.919552] [ 15.919648] The buggy address belongs to the physical page: [ 15.919907] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 15.920251] flags: 0x200000000000000(node=0|zone=2) [ 15.920441] page_type: f5(slab) [ 15.920561] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.920826] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.921064] page dumped because: kasan: bad access detected [ 15.921276] [ 15.921370] Memory state around the buggy address: [ 15.921594] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.921936] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.922253] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.922583] ^ [ 15.922756] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.923024] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.923350] ================================================================== [ 16.055957] ================================================================== [ 16.057036] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 16.057371] Write of size 8 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 16.057694] [ 16.057842] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.057886] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.057898] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.057931] Call Trace: [ 16.057950] <TASK> [ 16.057966] dump_stack_lvl+0x73/0xb0 [ 16.057996] print_report+0xd1/0x650 [ 16.058018] ? __virt_addr_valid+0x1db/0x2d0 [ 16.058052] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.058075] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.058099] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.058133] kasan_report+0x141/0x180 [ 16.058157] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.058184] kasan_check_range+0x10c/0x1c0 [ 16.058210] __kasan_check_write+0x18/0x20 [ 16.058231] kasan_atomics_helper+0x1e12/0x5450 [ 16.058255] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.058279] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.058306] ? kasan_atomics+0x152/0x310 [ 16.058335] kasan_atomics+0x1dc/0x310 [ 16.058359] ? __pfx_kasan_atomics+0x10/0x10 [ 16.058394] ? __pfx_read_tsc+0x10/0x10 [ 16.058417] ? ktime_get_ts64+0x86/0x230 [ 16.058442] kunit_try_run_case+0x1a5/0x480 [ 16.058480] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.058508] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.058544] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.058569] ? __kthread_parkme+0x82/0x180 [ 16.058591] ? preempt_count_sub+0x50/0x80 [ 16.058616] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.058642] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.058668] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.058695] kthread+0x337/0x6f0 [ 16.058716] ? trace_preempt_on+0x20/0xc0 [ 16.058740] ? __pfx_kthread+0x10/0x10 [ 16.058772] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.058795] ? calculate_sigpending+0x7b/0xa0 [ 16.058820] ? __pfx_kthread+0x10/0x10 [ 16.058843] ret_from_fork+0x116/0x1d0 [ 16.058863] ? __pfx_kthread+0x10/0x10 [ 16.058885] ret_from_fork_asm+0x1a/0x30 [ 16.058928] </TASK> [ 16.058938] [ 16.067655] Allocated by task 282: [ 16.068216] kasan_save_stack+0x45/0x70 [ 16.068508] kasan_save_track+0x18/0x40 [ 16.069116] kasan_save_alloc_info+0x3b/0x50 [ 16.069353] __kasan_kmalloc+0xb7/0xc0 [ 16.069541] __kmalloc_cache_noprof+0x189/0x420 [ 16.069949] kasan_atomics+0x95/0x310 [ 16.070209] kunit_try_run_case+0x1a5/0x480 [ 16.070417] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.070661] kthread+0x337/0x6f0 [ 16.071160] ret_from_fork+0x116/0x1d0 [ 16.071432] ret_from_fork_asm+0x1a/0x30 [ 16.071753] [ 16.071859] The buggy address belongs to the object at ffff888102a1a680 [ 16.071859] which belongs to the cache kmalloc-64 of size 64 [ 16.072350] The buggy address is located 0 bytes to the right of [ 16.072350] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 16.073139] [ 16.073378] The buggy address belongs to the physical page: [ 16.073839] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 16.074174] flags: 0x200000000000000(node=0|zone=2) [ 16.074350] page_type: f5(slab) [ 16.074474] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.074718] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.074985] page dumped because: kasan: bad access detected [ 16.075236] [ 16.075332] Memory state around the buggy address: [ 16.075560] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.075891] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.077104] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.077842] ^ [ 16.078362] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.079160] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.079864] ================================================================== [ 15.671504] ================================================================== [ 15.672193] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 15.672965] Read of size 8 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 15.673527] [ 15.673733] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.673777] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.673790] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.673811] Call Trace: [ 15.673828] <TASK> [ 15.673844] dump_stack_lvl+0x73/0xb0 [ 15.673883] print_report+0xd1/0x650 [ 15.673907] ? __virt_addr_valid+0x1db/0x2d0 [ 15.673947] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.673972] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.673997] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.674021] kasan_report+0x141/0x180 [ 15.674053] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.674082] __asan_report_load8_noabort+0x18/0x20 [ 15.674119] kasan_atomics_helper+0x4eae/0x5450 [ 15.674142] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.674166] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.674193] ? kasan_atomics+0x152/0x310 [ 15.674220] kasan_atomics+0x1dc/0x310 [ 15.674243] ? __pfx_kasan_atomics+0x10/0x10 [ 15.674269] ? __pfx_read_tsc+0x10/0x10 [ 15.674290] ? ktime_get_ts64+0x86/0x230 [ 15.674316] kunit_try_run_case+0x1a5/0x480 [ 15.674341] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.674366] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.674390] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.674415] ? __kthread_parkme+0x82/0x180 [ 15.674436] ? preempt_count_sub+0x50/0x80 [ 15.674461] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.674487] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.674517] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.674543] kthread+0x337/0x6f0 [ 15.674562] ? trace_preempt_on+0x20/0xc0 [ 15.674587] ? __pfx_kthread+0x10/0x10 [ 15.674608] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.674630] ? calculate_sigpending+0x7b/0xa0 [ 15.674656] ? __pfx_kthread+0x10/0x10 [ 15.674679] ret_from_fork+0x116/0x1d0 [ 15.674698] ? __pfx_kthread+0x10/0x10 [ 15.674720] ret_from_fork_asm+0x1a/0x30 [ 15.674753] </TASK> [ 15.674765] [ 15.686953] Allocated by task 282: [ 15.687356] kasan_save_stack+0x45/0x70 [ 15.687726] kasan_save_track+0x18/0x40 [ 15.688105] kasan_save_alloc_info+0x3b/0x50 [ 15.688499] __kasan_kmalloc+0xb7/0xc0 [ 15.688851] __kmalloc_cache_noprof+0x189/0x420 [ 15.689298] kasan_atomics+0x95/0x310 [ 15.689576] kunit_try_run_case+0x1a5/0x480 [ 15.689724] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.689934] kthread+0x337/0x6f0 [ 15.690060] ret_from_fork+0x116/0x1d0 [ 15.690193] ret_from_fork_asm+0x1a/0x30 [ 15.690334] [ 15.690403] The buggy address belongs to the object at ffff888102a1a680 [ 15.690403] which belongs to the cache kmalloc-64 of size 64 [ 15.690767] The buggy address is located 0 bytes to the right of [ 15.690767] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 15.691843] [ 15.692016] The buggy address belongs to the physical page: [ 15.692487] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 15.693375] flags: 0x200000000000000(node=0|zone=2) [ 15.693830] page_type: f5(slab) [ 15.694134] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.694802] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.695446] page dumped because: kasan: bad access detected [ 15.695961] [ 15.696151] Memory state around the buggy address: [ 15.696568] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.697139] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.697357] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.697570] ^ [ 15.697723] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.698336] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.698965] ================================================================== [ 15.988262] ================================================================== [ 15.988516] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 15.989137] Read of size 8 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 15.989489] [ 15.989623] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.989679] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.989693] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.989713] Call Trace: [ 15.989726] <TASK> [ 15.989740] dump_stack_lvl+0x73/0xb0 [ 15.989780] print_report+0xd1/0x650 [ 15.989804] ? __virt_addr_valid+0x1db/0x2d0 [ 15.989829] ? kasan_atomics_helper+0x4f30/0x5450 [ 15.989861] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.989887] ? kasan_atomics_helper+0x4f30/0x5450 [ 15.989910] kasan_report+0x141/0x180 [ 15.989951] ? kasan_atomics_helper+0x4f30/0x5450 [ 15.989979] __asan_report_load8_noabort+0x18/0x20 [ 15.990005] kasan_atomics_helper+0x4f30/0x5450 [ 15.990030] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.990054] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.990080] ? kasan_atomics+0x152/0x310 [ 15.990109] kasan_atomics+0x1dc/0x310 [ 15.990142] ? __pfx_kasan_atomics+0x10/0x10 [ 15.990167] ? __pfx_read_tsc+0x10/0x10 [ 15.990190] ? ktime_get_ts64+0x86/0x230 [ 15.990227] kunit_try_run_case+0x1a5/0x480 [ 15.990253] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.990277] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.990302] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.990327] ? __kthread_parkme+0x82/0x180 [ 15.990348] ? preempt_count_sub+0x50/0x80 [ 15.990373] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.990399] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.990424] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.990451] kthread+0x337/0x6f0 [ 15.990479] ? trace_preempt_on+0x20/0xc0 [ 15.990511] ? __pfx_kthread+0x10/0x10 [ 15.990532] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.990566] ? calculate_sigpending+0x7b/0xa0 [ 15.990590] ? __pfx_kthread+0x10/0x10 [ 15.990613] ret_from_fork+0x116/0x1d0 [ 15.990632] ? __pfx_kthread+0x10/0x10 [ 15.990654] ret_from_fork_asm+0x1a/0x30 [ 15.990688] </TASK> [ 15.990698] [ 15.998208] Allocated by task 282: [ 15.998336] kasan_save_stack+0x45/0x70 [ 15.998518] kasan_save_track+0x18/0x40 [ 15.998734] kasan_save_alloc_info+0x3b/0x50 [ 15.998950] __kasan_kmalloc+0xb7/0xc0 [ 15.999140] __kmalloc_cache_noprof+0x189/0x420 [ 15.999362] kasan_atomics+0x95/0x310 [ 15.999729] kunit_try_run_case+0x1a5/0x480 [ 15.999970] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.000190] kthread+0x337/0x6f0 [ 16.000393] ret_from_fork+0x116/0x1d0 [ 16.000544] ret_from_fork_asm+0x1a/0x30 [ 16.000747] [ 16.000852] The buggy address belongs to the object at ffff888102a1a680 [ 16.000852] which belongs to the cache kmalloc-64 of size 64 [ 16.001363] The buggy address is located 0 bytes to the right of [ 16.001363] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 16.001968] [ 16.002041] The buggy address belongs to the physical page: [ 16.002217] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 16.002459] flags: 0x200000000000000(node=0|zone=2) [ 16.002674] page_type: f5(slab) [ 16.002979] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.003322] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.003657] page dumped because: kasan: bad access detected [ 16.004123] [ 16.004218] Memory state around the buggy address: [ 16.004373] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.004589] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.004994] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.005312] ^ [ 16.005514] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.005729] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.006275] ================================================================== [ 15.804064] ================================================================== [ 15.804402] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 15.804895] Write of size 8 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 15.805136] [ 15.805221] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.805263] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.805275] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.805295] Call Trace: [ 15.805311] <TASK> [ 15.805327] dump_stack_lvl+0x73/0xb0 [ 15.805356] print_report+0xd1/0x650 [ 15.805379] ? __virt_addr_valid+0x1db/0x2d0 [ 15.805403] ? kasan_atomics_helper+0x16e7/0x5450 [ 15.805425] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.805449] ? kasan_atomics_helper+0x16e7/0x5450 [ 15.805473] kasan_report+0x141/0x180 [ 15.805495] ? kasan_atomics_helper+0x16e7/0x5450 [ 15.805523] kasan_check_range+0x10c/0x1c0 [ 15.805548] __kasan_check_write+0x18/0x20 [ 15.805568] kasan_atomics_helper+0x16e7/0x5450 [ 15.805592] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.805616] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.805642] ? kasan_atomics+0x152/0x310 [ 15.805670] kasan_atomics+0x1dc/0x310 [ 15.805693] ? __pfx_kasan_atomics+0x10/0x10 [ 15.805718] ? __pfx_read_tsc+0x10/0x10 [ 15.805739] ? ktime_get_ts64+0x86/0x230 [ 15.805779] kunit_try_run_case+0x1a5/0x480 [ 15.805804] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.805828] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.805852] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.805877] ? __kthread_parkme+0x82/0x180 [ 15.805898] ? preempt_count_sub+0x50/0x80 [ 15.805933] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.805959] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.805984] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.806011] kthread+0x337/0x6f0 [ 15.806031] ? trace_preempt_on+0x20/0xc0 [ 15.806055] ? __pfx_kthread+0x10/0x10 [ 15.806077] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.806100] ? calculate_sigpending+0x7b/0xa0 [ 15.806125] ? __pfx_kthread+0x10/0x10 [ 15.806148] ret_from_fork+0x116/0x1d0 [ 15.806167] ? __pfx_kthread+0x10/0x10 [ 15.806189] ret_from_fork_asm+0x1a/0x30 [ 15.806222] </TASK> [ 15.806233] [ 15.813846] Allocated by task 282: [ 15.814000] kasan_save_stack+0x45/0x70 [ 15.814175] kasan_save_track+0x18/0x40 [ 15.814371] kasan_save_alloc_info+0x3b/0x50 [ 15.814543] __kasan_kmalloc+0xb7/0xc0 [ 15.814736] __kmalloc_cache_noprof+0x189/0x420 [ 15.814927] kasan_atomics+0x95/0x310 [ 15.815119] kunit_try_run_case+0x1a5/0x480 [ 15.815309] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.815543] kthread+0x337/0x6f0 [ 15.815665] ret_from_fork+0x116/0x1d0 [ 15.815797] ret_from_fork_asm+0x1a/0x30 [ 15.815963] [ 15.816063] The buggy address belongs to the object at ffff888102a1a680 [ 15.816063] which belongs to the cache kmalloc-64 of size 64 [ 15.816587] The buggy address is located 0 bytes to the right of [ 15.816587] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 15.817037] [ 15.817109] The buggy address belongs to the physical page: [ 15.817465] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 15.817791] flags: 0x200000000000000(node=0|zone=2) [ 15.818019] page_type: f5(slab) [ 15.818174] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.818465] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.818791] page dumped because: kasan: bad access detected [ 15.818972] [ 15.819055] Memory state around the buggy address: [ 15.819278] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.819561] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.819878] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.820161] ^ [ 15.820362] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.820600] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.820812] ================================================================== [ 15.480013] ================================================================== [ 15.480317] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 15.480672] Read of size 4 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 15.481023] [ 15.481215] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.481255] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.481267] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.481287] Call Trace: [ 15.481300] <TASK> [ 15.481314] dump_stack_lvl+0x73/0xb0 [ 15.481342] print_report+0xd1/0x650 [ 15.481365] ? __virt_addr_valid+0x1db/0x2d0 [ 15.481389] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.481414] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.481438] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.481461] kasan_report+0x141/0x180 [ 15.481484] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.481512] __asan_report_load4_noabort+0x18/0x20 [ 15.481538] kasan_atomics_helper+0x4a1c/0x5450 [ 15.481562] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.481586] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.481612] ? kasan_atomics+0x152/0x310 [ 15.481639] kasan_atomics+0x1dc/0x310 [ 15.481663] ? __pfx_kasan_atomics+0x10/0x10 [ 15.481711] ? __pfx_read_tsc+0x10/0x10 [ 15.481732] ? ktime_get_ts64+0x86/0x230 [ 15.481766] kunit_try_run_case+0x1a5/0x480 [ 15.481792] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.481815] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.481857] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.481896] ? __kthread_parkme+0x82/0x180 [ 15.481928] ? preempt_count_sub+0x50/0x80 [ 15.481953] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.481979] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.482004] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.482031] kthread+0x337/0x6f0 [ 15.482051] ? trace_preempt_on+0x20/0xc0 [ 15.482075] ? __pfx_kthread+0x10/0x10 [ 15.482097] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.482120] ? calculate_sigpending+0x7b/0xa0 [ 15.482145] ? __pfx_kthread+0x10/0x10 [ 15.482168] ret_from_fork+0x116/0x1d0 [ 15.482187] ? __pfx_kthread+0x10/0x10 [ 15.482209] ret_from_fork_asm+0x1a/0x30 [ 15.482244] </TASK> [ 15.482276] [ 15.490190] Allocated by task 282: [ 15.490382] kasan_save_stack+0x45/0x70 [ 15.490632] kasan_save_track+0x18/0x40 [ 15.490850] kasan_save_alloc_info+0x3b/0x50 [ 15.491083] __kasan_kmalloc+0xb7/0xc0 [ 15.491271] __kmalloc_cache_noprof+0x189/0x420 [ 15.491494] kasan_atomics+0x95/0x310 [ 15.491688] kunit_try_run_case+0x1a5/0x480 [ 15.491935] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.492188] kthread+0x337/0x6f0 [ 15.492320] ret_from_fork+0x116/0x1d0 [ 15.492498] ret_from_fork_asm+0x1a/0x30 [ 15.492638] [ 15.492730] The buggy address belongs to the object at ffff888102a1a680 [ 15.492730] which belongs to the cache kmalloc-64 of size 64 [ 15.493275] The buggy address is located 0 bytes to the right of [ 15.493275] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 15.493817] [ 15.493916] The buggy address belongs to the physical page: [ 15.494156] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 15.494498] flags: 0x200000000000000(node=0|zone=2) [ 15.494736] page_type: f5(slab) [ 15.494893] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.495135] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.495361] page dumped because: kasan: bad access detected [ 15.495532] [ 15.495607] Memory state around the buggy address: [ 15.495958] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.496280] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.496602] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.496953] ^ [ 15.497206] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.497520] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.497836] ================================================================== [ 14.990757] ================================================================== [ 14.991107] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 14.991607] Write of size 4 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 14.992098] [ 14.992208] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.992250] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.992263] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.992284] Call Trace: [ 14.992298] <TASK> [ 14.992313] dump_stack_lvl+0x73/0xb0 [ 14.992343] print_report+0xd1/0x650 [ 14.992368] ? __virt_addr_valid+0x1db/0x2d0 [ 14.992392] ? kasan_atomics_helper+0x565/0x5450 [ 14.992416] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.992441] ? kasan_atomics_helper+0x565/0x5450 [ 14.992464] kasan_report+0x141/0x180 [ 14.992487] ? kasan_atomics_helper+0x565/0x5450 [ 14.992517] kasan_check_range+0x10c/0x1c0 [ 14.992543] __kasan_check_write+0x18/0x20 [ 14.992564] kasan_atomics_helper+0x565/0x5450 [ 14.992588] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.992612] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.992639] ? kasan_atomics+0x152/0x310 [ 14.992667] kasan_atomics+0x1dc/0x310 [ 14.992691] ? __pfx_kasan_atomics+0x10/0x10 [ 14.992717] ? __pfx_read_tsc+0x10/0x10 [ 14.992738] ? ktime_get_ts64+0x86/0x230 [ 14.992775] kunit_try_run_case+0x1a5/0x480 [ 14.992800] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.992825] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.992851] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.992876] ? __kthread_parkme+0x82/0x180 [ 14.992896] ? preempt_count_sub+0x50/0x80 [ 14.992934] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.992960] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.992986] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.993012] kthread+0x337/0x6f0 [ 14.993032] ? trace_preempt_on+0x20/0xc0 [ 14.993057] ? __pfx_kthread+0x10/0x10 [ 14.993079] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.993102] ? calculate_sigpending+0x7b/0xa0 [ 14.993128] ? __pfx_kthread+0x10/0x10 [ 14.993150] ret_from_fork+0x116/0x1d0 [ 14.993169] ? __pfx_kthread+0x10/0x10 [ 14.993191] ret_from_fork_asm+0x1a/0x30 [ 14.993224] </TASK> [ 14.993402] [ 15.007734] Allocated by task 282: [ 15.008236] kasan_save_stack+0x45/0x70 [ 15.008697] kasan_save_track+0x18/0x40 [ 15.008880] kasan_save_alloc_info+0x3b/0x50 [ 15.009049] __kasan_kmalloc+0xb7/0xc0 [ 15.009420] __kmalloc_cache_noprof+0x189/0x420 [ 15.009927] kasan_atomics+0x95/0x310 [ 15.010350] kunit_try_run_case+0x1a5/0x480 [ 15.010727] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.011279] kthread+0x337/0x6f0 [ 15.011574] ret_from_fork+0x116/0x1d0 [ 15.011977] ret_from_fork_asm+0x1a/0x30 [ 15.012378] [ 15.012533] The buggy address belongs to the object at ffff888102a1a680 [ 15.012533] which belongs to the cache kmalloc-64 of size 64 [ 15.012930] The buggy address is located 0 bytes to the right of [ 15.012930] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 15.013369] [ 15.013453] The buggy address belongs to the physical page: [ 15.013627] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 15.014115] flags: 0x200000000000000(node=0|zone=2) [ 15.014604] page_type: f5(slab) [ 15.014961] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.015714] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.016443] page dumped because: kasan: bad access detected [ 15.017044] [ 15.017199] Memory state around the buggy address: [ 15.017620] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.018288] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.018984] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.019694] ^ [ 15.020152] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.020873] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.021330] ================================================================== [ 16.161421] ================================================================== [ 16.161664] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 16.161960] Read of size 8 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 16.162243] [ 16.162614] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.162661] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.162675] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.162695] Call Trace: [ 16.162709] <TASK> [ 16.162723] dump_stack_lvl+0x73/0xb0 [ 16.164526] print_report+0xd1/0x650 [ 16.164553] ? __virt_addr_valid+0x1db/0x2d0 [ 16.164580] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.164604] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.164629] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.164653] kasan_report+0x141/0x180 [ 16.164676] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.164705] __asan_report_load8_noabort+0x18/0x20 [ 16.164732] kasan_atomics_helper+0x4f98/0x5450 [ 16.164782] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.164806] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.164833] ? kasan_atomics+0x152/0x310 [ 16.164861] kasan_atomics+0x1dc/0x310 [ 16.164884] ? __pfx_kasan_atomics+0x10/0x10 [ 16.164910] ? __pfx_read_tsc+0x10/0x10 [ 16.164986] ? ktime_get_ts64+0x86/0x230 [ 16.165013] kunit_try_run_case+0x1a5/0x480 [ 16.165039] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.165063] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.165089] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.165114] ? __kthread_parkme+0x82/0x180 [ 16.165135] ? preempt_count_sub+0x50/0x80 [ 16.165160] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.165185] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.165211] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.165237] kthread+0x337/0x6f0 [ 16.165257] ? trace_preempt_on+0x20/0xc0 [ 16.165281] ? __pfx_kthread+0x10/0x10 [ 16.165302] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.165325] ? calculate_sigpending+0x7b/0xa0 [ 16.165351] ? __pfx_kthread+0x10/0x10 [ 16.165374] ret_from_fork+0x116/0x1d0 [ 16.165394] ? __pfx_kthread+0x10/0x10 [ 16.165415] ret_from_fork_asm+0x1a/0x30 [ 16.165450] </TASK> [ 16.165462] [ 16.172399] Allocated by task 282: [ 16.172584] kasan_save_stack+0x45/0x70 [ 16.172790] kasan_save_track+0x18/0x40 [ 16.172988] kasan_save_alloc_info+0x3b/0x50 [ 16.173191] __kasan_kmalloc+0xb7/0xc0 [ 16.173359] __kmalloc_cache_noprof+0x189/0x420 [ 16.173563] kasan_atomics+0x95/0x310 [ 16.173724] kunit_try_run_case+0x1a5/0x480 [ 16.173953] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.174141] kthread+0x337/0x6f0 [ 16.174262] ret_from_fork+0x116/0x1d0 [ 16.174395] ret_from_fork_asm+0x1a/0x30 [ 16.174567] [ 16.174659] The buggy address belongs to the object at ffff888102a1a680 [ 16.174659] which belongs to the cache kmalloc-64 of size 64 [ 16.175220] The buggy address is located 0 bytes to the right of [ 16.175220] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 16.175591] [ 16.175664] The buggy address belongs to the physical page: [ 16.175947] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 16.176307] flags: 0x200000000000000(node=0|zone=2) [ 16.176542] page_type: f5(slab) [ 16.176720] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.177101] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.177352] page dumped because: kasan: bad access detected [ 16.177524] [ 16.177593] Memory state around the buggy address: [ 16.177766] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.178058] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.178375] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.178692] ^ [ 16.178948] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.179233] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.179448] ================================================================== [ 16.237609] ================================================================== [ 16.238719] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 16.239275] Read of size 8 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 16.239498] [ 16.239581] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.239621] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.239634] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.239654] Call Trace: [ 16.239669] <TASK> [ 16.239684] dump_stack_lvl+0x73/0xb0 [ 16.239714] print_report+0xd1/0x650 [ 16.239739] ? __virt_addr_valid+0x1db/0x2d0 [ 16.240127] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.240429] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.240466] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.240505] kasan_report+0x141/0x180 [ 16.240530] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.240560] __asan_report_load8_noabort+0x18/0x20 [ 16.240586] kasan_atomics_helper+0x4fa5/0x5450 [ 16.240610] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.240634] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.240660] ? kasan_atomics+0x152/0x310 [ 16.240691] kasan_atomics+0x1dc/0x310 [ 16.240715] ? __pfx_kasan_atomics+0x10/0x10 [ 16.240740] ? __pfx_read_tsc+0x10/0x10 [ 16.240775] ? ktime_get_ts64+0x86/0x230 [ 16.240801] kunit_try_run_case+0x1a5/0x480 [ 16.240826] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.240851] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.240877] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.240902] ? __kthread_parkme+0x82/0x180 [ 16.240934] ? preempt_count_sub+0x50/0x80 [ 16.240959] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.240985] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.241011] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.241037] kthread+0x337/0x6f0 [ 16.241056] ? trace_preempt_on+0x20/0xc0 [ 16.241081] ? __pfx_kthread+0x10/0x10 [ 16.241103] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.241129] ? calculate_sigpending+0x7b/0xa0 [ 16.241155] ? __pfx_kthread+0x10/0x10 [ 16.241179] ret_from_fork+0x116/0x1d0 [ 16.241199] ? __pfx_kthread+0x10/0x10 [ 16.241221] ret_from_fork_asm+0x1a/0x30 [ 16.241254] </TASK> [ 16.241265] [ 16.254509] Allocated by task 282: [ 16.254894] kasan_save_stack+0x45/0x70 [ 16.255204] kasan_save_track+0x18/0x40 [ 16.255464] kasan_save_alloc_info+0x3b/0x50 [ 16.255612] __kasan_kmalloc+0xb7/0xc0 [ 16.255742] __kmalloc_cache_noprof+0x189/0x420 [ 16.256188] kasan_atomics+0x95/0x310 [ 16.256552] kunit_try_run_case+0x1a5/0x480 [ 16.256985] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.257477] kthread+0x337/0x6f0 [ 16.257780] ret_from_fork+0x116/0x1d0 [ 16.258124] ret_from_fork_asm+0x1a/0x30 [ 16.258263] [ 16.258333] The buggy address belongs to the object at ffff888102a1a680 [ 16.258333] which belongs to the cache kmalloc-64 of size 64 [ 16.258679] The buggy address is located 0 bytes to the right of [ 16.258679] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 16.259743] [ 16.259940] The buggy address belongs to the physical page: [ 16.260430] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 16.261153] flags: 0x200000000000000(node=0|zone=2) [ 16.261702] page_type: f5(slab) [ 16.262066] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.262735] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.263230] page dumped because: kasan: bad access detected [ 16.263396] [ 16.263464] Memory state around the buggy address: [ 16.263612] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.263846] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.264158] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.264491] ^ [ 16.264644] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.265065] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.265351] ================================================================== [ 15.332547] ================================================================== [ 15.332817] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 15.333181] Write of size 4 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 15.333684] [ 15.333884] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.333938] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.333951] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.333971] Call Trace: [ 15.333987] <TASK> [ 15.334002] dump_stack_lvl+0x73/0xb0 [ 15.334043] print_report+0xd1/0x650 [ 15.334066] ? __virt_addr_valid+0x1db/0x2d0 [ 15.334102] ? kasan_atomics_helper+0xde0/0x5450 [ 15.334125] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.334149] ? kasan_atomics_helper+0xde0/0x5450 [ 15.334172] kasan_report+0x141/0x180 [ 15.334195] ? kasan_atomics_helper+0xde0/0x5450 [ 15.334223] kasan_check_range+0x10c/0x1c0 [ 15.334248] __kasan_check_write+0x18/0x20 [ 15.334268] kasan_atomics_helper+0xde0/0x5450 [ 15.334292] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.334316] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.334343] ? kasan_atomics+0x152/0x310 [ 15.334370] kasan_atomics+0x1dc/0x310 [ 15.334394] ? __pfx_kasan_atomics+0x10/0x10 [ 15.334419] ? __pfx_read_tsc+0x10/0x10 [ 15.334450] ? ktime_get_ts64+0x86/0x230 [ 15.334476] kunit_try_run_case+0x1a5/0x480 [ 15.334517] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.334543] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.334568] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.334594] ? __kthread_parkme+0x82/0x180 [ 15.334624] ? preempt_count_sub+0x50/0x80 [ 15.334649] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.334675] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.334712] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.334738] kthread+0x337/0x6f0 [ 15.334767] ? trace_preempt_on+0x20/0xc0 [ 15.334792] ? __pfx_kthread+0x10/0x10 [ 15.334823] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.334846] ? calculate_sigpending+0x7b/0xa0 [ 15.334872] ? __pfx_kthread+0x10/0x10 [ 15.334905] ret_from_fork+0x116/0x1d0 [ 15.334933] ? __pfx_kthread+0x10/0x10 [ 15.334955] ret_from_fork_asm+0x1a/0x30 [ 15.334988] </TASK> [ 15.334998] [ 15.342641] Allocated by task 282: [ 15.342883] kasan_save_stack+0x45/0x70 [ 15.343080] kasan_save_track+0x18/0x40 [ 15.343282] kasan_save_alloc_info+0x3b/0x50 [ 15.343495] __kasan_kmalloc+0xb7/0xc0 [ 15.343685] __kmalloc_cache_noprof+0x189/0x420 [ 15.343928] kasan_atomics+0x95/0x310 [ 15.344087] kunit_try_run_case+0x1a5/0x480 [ 15.344274] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.344481] kthread+0x337/0x6f0 [ 15.344651] ret_from_fork+0x116/0x1d0 [ 15.344852] ret_from_fork_asm+0x1a/0x30 [ 15.345033] [ 15.345154] The buggy address belongs to the object at ffff888102a1a680 [ 15.345154] which belongs to the cache kmalloc-64 of size 64 [ 15.345632] The buggy address is located 0 bytes to the right of [ 15.345632] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 15.346077] [ 15.346151] The buggy address belongs to the physical page: [ 15.346323] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 15.346568] flags: 0x200000000000000(node=0|zone=2) [ 15.346730] page_type: f5(slab) [ 15.346897] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.347556] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.347900] page dumped because: kasan: bad access detected [ 15.348161] [ 15.348253] Memory state around the buggy address: [ 15.348468] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.348682] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.348895] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.349115] ^ [ 15.349270] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.349548] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.350028] ================================================================== [ 15.350585] ================================================================== [ 15.351058] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 15.351427] Write of size 4 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 15.351786] [ 15.351892] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.351944] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.351957] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.351979] Call Trace: [ 15.351996] <TASK> [ 15.352013] dump_stack_lvl+0x73/0xb0 [ 15.352042] print_report+0xd1/0x650 [ 15.352065] ? __virt_addr_valid+0x1db/0x2d0 [ 15.352091] ? kasan_atomics_helper+0xe78/0x5450 [ 15.352113] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.352137] ? kasan_atomics_helper+0xe78/0x5450 [ 15.352171] kasan_report+0x141/0x180 [ 15.352194] ? kasan_atomics_helper+0xe78/0x5450 [ 15.352222] kasan_check_range+0x10c/0x1c0 [ 15.352257] __kasan_check_write+0x18/0x20 [ 15.352280] kasan_atomics_helper+0xe78/0x5450 [ 15.352304] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.352336] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.352362] ? kasan_atomics+0x152/0x310 [ 15.352390] kasan_atomics+0x1dc/0x310 [ 15.352424] ? __pfx_kasan_atomics+0x10/0x10 [ 15.352451] ? __pfx_read_tsc+0x10/0x10 [ 15.352473] ? ktime_get_ts64+0x86/0x230 [ 15.352508] kunit_try_run_case+0x1a5/0x480 [ 15.352533] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.352567] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.352592] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.352617] ? __kthread_parkme+0x82/0x180 [ 15.352648] ? preempt_count_sub+0x50/0x80 [ 15.352673] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.352699] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.352735] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.352771] kthread+0x337/0x6f0 [ 15.352791] ? trace_preempt_on+0x20/0xc0 [ 15.352816] ? __pfx_kthread+0x10/0x10 [ 15.352846] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.352869] ? calculate_sigpending+0x7b/0xa0 [ 15.352905] ? __pfx_kthread+0x10/0x10 [ 15.352937] ret_from_fork+0x116/0x1d0 [ 15.352956] ? __pfx_kthread+0x10/0x10 [ 15.352978] ret_from_fork_asm+0x1a/0x30 [ 15.353020] </TASK> [ 15.353030] [ 15.363983] Allocated by task 282: [ 15.364281] kasan_save_stack+0x45/0x70 [ 15.364509] kasan_save_track+0x18/0x40 [ 15.364667] kasan_save_alloc_info+0x3b/0x50 [ 15.364877] __kasan_kmalloc+0xb7/0xc0 [ 15.365263] __kmalloc_cache_noprof+0x189/0x420 [ 15.365543] kasan_atomics+0x95/0x310 [ 15.365806] kunit_try_run_case+0x1a5/0x480 [ 15.366115] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.366313] kthread+0x337/0x6f0 [ 15.366609] ret_from_fork+0x116/0x1d0 [ 15.366807] ret_from_fork_asm+0x1a/0x30 [ 15.367107] [ 15.367181] The buggy address belongs to the object at ffff888102a1a680 [ 15.367181] which belongs to the cache kmalloc-64 of size 64 [ 15.367669] The buggy address is located 0 bytes to the right of [ 15.367669] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 15.368417] [ 15.368520] The buggy address belongs to the physical page: [ 15.368990] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 15.369305] flags: 0x200000000000000(node=0|zone=2) [ 15.369668] page_type: f5(slab) [ 15.369828] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.370265] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.370681] page dumped because: kasan: bad access detected [ 15.370892] [ 15.371075] Memory state around the buggy address: [ 15.371435] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.371773] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.372178] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.372523] ^ [ 15.372734] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.373239] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.373618] ================================================================== [ 16.266488] ================================================================== [ 16.267068] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 16.267396] Write of size 8 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 16.267692] [ 16.267831] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.267874] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.267909] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.267939] Call Trace: [ 16.267956] <TASK> [ 16.267973] dump_stack_lvl+0x73/0xb0 [ 16.268003] print_report+0xd1/0x650 [ 16.268027] ? __virt_addr_valid+0x1db/0x2d0 [ 16.268060] ? kasan_atomics_helper+0x224c/0x5450 [ 16.268082] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.268107] ? kasan_atomics_helper+0x224c/0x5450 [ 16.268141] kasan_report+0x141/0x180 [ 16.268164] ? kasan_atomics_helper+0x224c/0x5450 [ 16.268193] kasan_check_range+0x10c/0x1c0 [ 16.268218] __kasan_check_write+0x18/0x20 [ 16.268239] kasan_atomics_helper+0x224c/0x5450 [ 16.268263] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.268287] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.268313] ? kasan_atomics+0x152/0x310 [ 16.268350] kasan_atomics+0x1dc/0x310 [ 16.268374] ? __pfx_kasan_atomics+0x10/0x10 [ 16.268399] ? __pfx_read_tsc+0x10/0x10 [ 16.268431] ? ktime_get_ts64+0x86/0x230 [ 16.268456] kunit_try_run_case+0x1a5/0x480 [ 16.268482] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.268506] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.268531] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.268564] ? __kthread_parkme+0x82/0x180 [ 16.268585] ? preempt_count_sub+0x50/0x80 [ 16.268621] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.268647] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.268672] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.268698] kthread+0x337/0x6f0 [ 16.268718] ? trace_preempt_on+0x20/0xc0 [ 16.268742] ? __pfx_kthread+0x10/0x10 [ 16.268778] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.268800] ? calculate_sigpending+0x7b/0xa0 [ 16.268825] ? __pfx_kthread+0x10/0x10 [ 16.268847] ret_from_fork+0x116/0x1d0 [ 16.268867] ? __pfx_kthread+0x10/0x10 [ 16.268888] ret_from_fork_asm+0x1a/0x30 [ 16.268929] </TASK> [ 16.268940] [ 16.276287] Allocated by task 282: [ 16.276409] kasan_save_stack+0x45/0x70 [ 16.276583] kasan_save_track+0x18/0x40 [ 16.276798] kasan_save_alloc_info+0x3b/0x50 [ 16.277113] __kasan_kmalloc+0xb7/0xc0 [ 16.277336] __kmalloc_cache_noprof+0x189/0x420 [ 16.277558] kasan_atomics+0x95/0x310 [ 16.277758] kunit_try_run_case+0x1a5/0x480 [ 16.277981] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.278272] kthread+0x337/0x6f0 [ 16.278461] ret_from_fork+0x116/0x1d0 [ 16.278668] ret_from_fork_asm+0x1a/0x30 [ 16.278949] [ 16.279037] The buggy address belongs to the object at ffff888102a1a680 [ 16.279037] which belongs to the cache kmalloc-64 of size 64 [ 16.279580] The buggy address is located 0 bytes to the right of [ 16.279580] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 16.280222] [ 16.280335] The buggy address belongs to the physical page: [ 16.280660] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 16.281020] flags: 0x200000000000000(node=0|zone=2) [ 16.281410] page_type: f5(slab) [ 16.281757] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.282073] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.282295] page dumped because: kasan: bad access detected [ 16.282458] [ 16.282536] Memory state around the buggy address: [ 16.282767] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.283211] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.283561] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.283991] ^ [ 16.284252] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.284516] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.284815] ================================================================== [ 16.080729] ================================================================== [ 16.080981] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 16.082109] Write of size 8 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 16.083203] [ 16.083411] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.083456] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.083469] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.083492] Call Trace: [ 16.083507] <TASK> [ 16.083524] dump_stack_lvl+0x73/0xb0 [ 16.083556] print_report+0xd1/0x650 [ 16.083581] ? __virt_addr_valid+0x1db/0x2d0 [ 16.083606] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.083629] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.083654] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.083677] kasan_report+0x141/0x180 [ 16.083700] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.083729] kasan_check_range+0x10c/0x1c0 [ 16.083781] __kasan_check_write+0x18/0x20 [ 16.083802] kasan_atomics_helper+0x1eaa/0x5450 [ 16.083826] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.083850] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.083877] ? kasan_atomics+0x152/0x310 [ 16.083907] kasan_atomics+0x1dc/0x310 [ 16.083942] ? __pfx_kasan_atomics+0x10/0x10 [ 16.083968] ? __pfx_read_tsc+0x10/0x10 [ 16.083993] ? ktime_get_ts64+0x86/0x230 [ 16.084021] kunit_try_run_case+0x1a5/0x480 [ 16.084048] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.084073] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.084099] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.084124] ? __kthread_parkme+0x82/0x180 [ 16.084147] ? preempt_count_sub+0x50/0x80 [ 16.084172] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.084198] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.084224] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.084251] kthread+0x337/0x6f0 [ 16.084271] ? trace_preempt_on+0x20/0xc0 [ 16.084297] ? __pfx_kthread+0x10/0x10 [ 16.084319] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.084342] ? calculate_sigpending+0x7b/0xa0 [ 16.084368] ? __pfx_kthread+0x10/0x10 [ 16.084390] ret_from_fork+0x116/0x1d0 [ 16.084409] ? __pfx_kthread+0x10/0x10 [ 16.084430] ret_from_fork_asm+0x1a/0x30 [ 16.084463] </TASK> [ 16.084474] [ 16.095363] Allocated by task 282: [ 16.095557] kasan_save_stack+0x45/0x70 [ 16.095784] kasan_save_track+0x18/0x40 [ 16.095990] kasan_save_alloc_info+0x3b/0x50 [ 16.096177] __kasan_kmalloc+0xb7/0xc0 [ 16.096309] __kmalloc_cache_noprof+0x189/0x420 [ 16.096487] kasan_atomics+0x95/0x310 [ 16.096676] kunit_try_run_case+0x1a5/0x480 [ 16.096898] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.097213] kthread+0x337/0x6f0 [ 16.097338] ret_from_fork+0x116/0x1d0 [ 16.097472] ret_from_fork_asm+0x1a/0x30 [ 16.097649] [ 16.097744] The buggy address belongs to the object at ffff888102a1a680 [ 16.097744] which belongs to the cache kmalloc-64 of size 64 [ 16.098308] The buggy address is located 0 bytes to the right of [ 16.098308] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 16.098727] [ 16.098801] The buggy address belongs to the physical page: [ 16.099061] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 16.099511] flags: 0x200000000000000(node=0|zone=2) [ 16.099690] page_type: f5(slab) [ 16.099812] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.100325] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.100687] page dumped because: kasan: bad access detected [ 16.100979] [ 16.101069] Memory state around the buggy address: [ 16.101290] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.101601] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.101958] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.102203] ^ [ 16.102431] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.102660] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.103109] ================================================================== [ 15.109269] ================================================================== [ 15.109998] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 15.110358] Write of size 4 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 15.110652] [ 15.110782] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.110823] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.110835] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.110855] Call Trace: [ 15.110869] <TASK> [ 15.110884] dump_stack_lvl+0x73/0xb0 [ 15.110913] print_report+0xd1/0x650 [ 15.110946] ? __virt_addr_valid+0x1db/0x2d0 [ 15.110970] ? kasan_atomics_helper+0x860/0x5450 [ 15.110992] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.111027] ? kasan_atomics_helper+0x860/0x5450 [ 15.111057] kasan_report+0x141/0x180 [ 15.111080] ? kasan_atomics_helper+0x860/0x5450 [ 15.111108] kasan_check_range+0x10c/0x1c0 [ 15.111133] __kasan_check_write+0x18/0x20 [ 15.111153] kasan_atomics_helper+0x860/0x5450 [ 15.111178] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.111201] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.111228] ? kasan_atomics+0x152/0x310 [ 15.111256] kasan_atomics+0x1dc/0x310 [ 15.111279] ? __pfx_kasan_atomics+0x10/0x10 [ 15.111305] ? __pfx_read_tsc+0x10/0x10 [ 15.111327] ? ktime_get_ts64+0x86/0x230 [ 15.111352] kunit_try_run_case+0x1a5/0x480 [ 15.111378] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.111402] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.111428] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.111453] ? __kthread_parkme+0x82/0x180 [ 15.111476] ? preempt_count_sub+0x50/0x80 [ 15.111502] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.111527] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.111553] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.111581] kthread+0x337/0x6f0 [ 15.111601] ? trace_preempt_on+0x20/0xc0 [ 15.111625] ? __pfx_kthread+0x10/0x10 [ 15.111646] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.111669] ? calculate_sigpending+0x7b/0xa0 [ 15.111696] ? __pfx_kthread+0x10/0x10 [ 15.111720] ret_from_fork+0x116/0x1d0 [ 15.111742] ? __pfx_kthread+0x10/0x10 [ 15.111764] ret_from_fork_asm+0x1a/0x30 [ 15.111797] </TASK> [ 15.111807] [ 15.130384] Allocated by task 282: [ 15.130973] kasan_save_stack+0x45/0x70 [ 15.131145] kasan_save_track+0x18/0x40 [ 15.131285] kasan_save_alloc_info+0x3b/0x50 [ 15.131440] __kasan_kmalloc+0xb7/0xc0 [ 15.131577] __kmalloc_cache_noprof+0x189/0x420 [ 15.131734] kasan_atomics+0x95/0x310 [ 15.132402] kunit_try_run_case+0x1a5/0x480 [ 15.132845] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.133465] kthread+0x337/0x6f0 [ 15.133823] ret_from_fork+0x116/0x1d0 [ 15.134419] ret_from_fork_asm+0x1a/0x30 [ 15.134871] [ 15.135042] The buggy address belongs to the object at ffff888102a1a680 [ 15.135042] which belongs to the cache kmalloc-64 of size 64 [ 15.136279] The buggy address is located 0 bytes to the right of [ 15.136279] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 15.137005] [ 15.137265] The buggy address belongs to the physical page: [ 15.137797] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 15.138239] flags: 0x200000000000000(node=0|zone=2) [ 15.138735] page_type: f5(slab) [ 15.139081] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.139640] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.140176] page dumped because: kasan: bad access detected [ 15.140679] [ 15.140889] Memory state around the buggy address: [ 15.141120] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.141734] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.141965] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.142627] ^ [ 15.143166] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.143825] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.144510] ================================================================== [ 16.030747] ================================================================== [ 16.031418] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 16.032085] Write of size 8 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 16.032719] [ 16.032901] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.032959] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.032972] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.032993] Call Trace: [ 16.033009] <TASK> [ 16.033025] dump_stack_lvl+0x73/0xb0 [ 16.033056] print_report+0xd1/0x650 [ 16.033089] ? __virt_addr_valid+0x1db/0x2d0 [ 16.033114] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.033137] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.033167] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.033191] kasan_report+0x141/0x180 [ 16.033214] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.033243] kasan_check_range+0x10c/0x1c0 [ 16.033268] __kasan_check_write+0x18/0x20 [ 16.033289] kasan_atomics_helper+0x1d7a/0x5450 [ 16.033314] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.033338] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.033366] ? kasan_atomics+0x152/0x310 [ 16.033394] kasan_atomics+0x1dc/0x310 [ 16.033418] ? __pfx_kasan_atomics+0x10/0x10 [ 16.033444] ? __pfx_read_tsc+0x10/0x10 [ 16.033466] ? ktime_get_ts64+0x86/0x230 [ 16.033491] kunit_try_run_case+0x1a5/0x480 [ 16.033517] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.033543] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.033568] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.033594] ? __kthread_parkme+0x82/0x180 [ 16.033615] ? preempt_count_sub+0x50/0x80 [ 16.033641] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.033667] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.033693] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.033719] kthread+0x337/0x6f0 [ 16.033738] ? trace_preempt_on+0x20/0xc0 [ 16.033783] ? __pfx_kthread+0x10/0x10 [ 16.033806] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.033829] ? calculate_sigpending+0x7b/0xa0 [ 16.033853] ? __pfx_kthread+0x10/0x10 [ 16.033876] ret_from_fork+0x116/0x1d0 [ 16.033895] ? __pfx_kthread+0x10/0x10 [ 16.033917] ret_from_fork_asm+0x1a/0x30 [ 16.033959] </TASK> [ 16.033970] [ 16.046089] Allocated by task 282: [ 16.046385] kasan_save_stack+0x45/0x70 [ 16.046794] kasan_save_track+0x18/0x40 [ 16.046984] kasan_save_alloc_info+0x3b/0x50 [ 16.047410] __kasan_kmalloc+0xb7/0xc0 [ 16.047735] __kmalloc_cache_noprof+0x189/0x420 [ 16.047902] kasan_atomics+0x95/0x310 [ 16.048268] kunit_try_run_case+0x1a5/0x480 [ 16.048661] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.049177] kthread+0x337/0x6f0 [ 16.049300] ret_from_fork+0x116/0x1d0 [ 16.049433] ret_from_fork_asm+0x1a/0x30 [ 16.049575] [ 16.049646] The buggy address belongs to the object at ffff888102a1a680 [ 16.049646] which belongs to the cache kmalloc-64 of size 64 [ 16.050129] The buggy address is located 0 bytes to the right of [ 16.050129] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 16.050616] [ 16.050727] The buggy address belongs to the physical page: [ 16.050937] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 16.051429] flags: 0x200000000000000(node=0|zone=2) [ 16.051740] page_type: f5(slab) [ 16.051932] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.052260] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.052519] page dumped because: kasan: bad access detected [ 16.052794] [ 16.052886] Memory state around the buggy address: [ 16.053098] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.053434] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.053750] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.054073] ^ [ 16.054296] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.054541] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.055045] ================================================================== [ 14.953110] ================================================================== [ 14.953446] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 14.953710] Write of size 4 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 14.954145] [ 14.954229] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.954331] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.954345] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.954367] Call Trace: [ 14.954382] <TASK> [ 14.954397] dump_stack_lvl+0x73/0xb0 [ 14.954426] print_report+0xd1/0x650 [ 14.954449] ? __virt_addr_valid+0x1db/0x2d0 [ 14.954472] ? kasan_atomics_helper+0x4a0/0x5450 [ 14.954493] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.954524] ? kasan_atomics_helper+0x4a0/0x5450 [ 14.954548] kasan_report+0x141/0x180 [ 14.954571] ? kasan_atomics_helper+0x4a0/0x5450 [ 14.954599] kasan_check_range+0x10c/0x1c0 [ 14.954625] __kasan_check_write+0x18/0x20 [ 14.954646] kasan_atomics_helper+0x4a0/0x5450 [ 14.954669] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.954694] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.954720] ? kasan_atomics+0x152/0x310 [ 14.954747] kasan_atomics+0x1dc/0x310 [ 14.954772] ? __pfx_kasan_atomics+0x10/0x10 [ 14.954798] ? __pfx_read_tsc+0x10/0x10 [ 14.954819] ? ktime_get_ts64+0x86/0x230 [ 14.954844] kunit_try_run_case+0x1a5/0x480 [ 14.954868] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.954892] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.954928] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.954954] ? __kthread_parkme+0x82/0x180 [ 14.954974] ? preempt_count_sub+0x50/0x80 [ 14.954999] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.955075] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.955102] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.955129] kthread+0x337/0x6f0 [ 14.955148] ? trace_preempt_on+0x20/0xc0 [ 14.955173] ? __pfx_kthread+0x10/0x10 [ 14.955194] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.955217] ? calculate_sigpending+0x7b/0xa0 [ 14.955241] ? __pfx_kthread+0x10/0x10 [ 14.955264] ret_from_fork+0x116/0x1d0 [ 14.955283] ? __pfx_kthread+0x10/0x10 [ 14.955305] ret_from_fork_asm+0x1a/0x30 [ 14.955338] </TASK> [ 14.955348] [ 14.963476] Allocated by task 282: [ 14.963666] kasan_save_stack+0x45/0x70 [ 14.963837] kasan_save_track+0x18/0x40 [ 14.964066] kasan_save_alloc_info+0x3b/0x50 [ 14.964424] __kasan_kmalloc+0xb7/0xc0 [ 14.964587] __kmalloc_cache_noprof+0x189/0x420 [ 14.964745] kasan_atomics+0x95/0x310 [ 14.964943] kunit_try_run_case+0x1a5/0x480 [ 14.965278] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.965514] kthread+0x337/0x6f0 [ 14.965636] ret_from_fork+0x116/0x1d0 [ 14.965876] ret_from_fork_asm+0x1a/0x30 [ 14.966216] [ 14.966319] The buggy address belongs to the object at ffff888102a1a680 [ 14.966319] which belongs to the cache kmalloc-64 of size 64 [ 14.966759] The buggy address is located 0 bytes to the right of [ 14.966759] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 14.967312] [ 14.967429] The buggy address belongs to the physical page: [ 14.967602] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 14.967841] flags: 0x200000000000000(node=0|zone=2) [ 14.968015] page_type: f5(slab) [ 14.968180] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.968519] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.968980] page dumped because: kasan: bad access detected [ 14.969161] [ 14.969230] Memory state around the buggy address: [ 14.969382] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.969595] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.969810] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.970365] ^ [ 14.970615] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.971225] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.971556] ================================================================== [ 15.969994] ================================================================== [ 15.970557] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 15.971038] Write of size 8 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 15.971303] [ 15.971416] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.971457] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.971470] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.971491] Call Trace: [ 15.971506] <TASK> [ 15.971522] dump_stack_lvl+0x73/0xb0 [ 15.971553] print_report+0xd1/0x650 [ 15.971576] ? __virt_addr_valid+0x1db/0x2d0 [ 15.971600] ? kasan_atomics_helper+0x1c18/0x5450 [ 15.971623] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.971649] ? kasan_atomics_helper+0x1c18/0x5450 [ 15.971672] kasan_report+0x141/0x180 [ 15.971695] ? kasan_atomics_helper+0x1c18/0x5450 [ 15.971724] kasan_check_range+0x10c/0x1c0 [ 15.971749] __kasan_check_write+0x18/0x20 [ 15.971805] kasan_atomics_helper+0x1c18/0x5450 [ 15.971830] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.971865] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.971891] ? kasan_atomics+0x152/0x310 [ 15.971927] kasan_atomics+0x1dc/0x310 [ 15.971952] ? __pfx_kasan_atomics+0x10/0x10 [ 15.971978] ? __pfx_read_tsc+0x10/0x10 [ 15.971999] ? ktime_get_ts64+0x86/0x230 [ 15.972024] kunit_try_run_case+0x1a5/0x480 [ 15.972076] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.972100] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.972125] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.972178] ? __kthread_parkme+0x82/0x180 [ 15.972199] ? preempt_count_sub+0x50/0x80 [ 15.972224] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.972250] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.972276] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.972303] kthread+0x337/0x6f0 [ 15.972349] ? trace_preempt_on+0x20/0xc0 [ 15.972373] ? __pfx_kthread+0x10/0x10 [ 15.972396] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.972430] ? calculate_sigpending+0x7b/0xa0 [ 15.972454] ? __pfx_kthread+0x10/0x10 [ 15.972478] ret_from_fork+0x116/0x1d0 [ 15.972522] ? __pfx_kthread+0x10/0x10 [ 15.972544] ret_from_fork_asm+0x1a/0x30 [ 15.972578] </TASK> [ 15.972599] [ 15.980476] Allocated by task 282: [ 15.980646] kasan_save_stack+0x45/0x70 [ 15.980903] kasan_save_track+0x18/0x40 [ 15.981142] kasan_save_alloc_info+0x3b/0x50 [ 15.981351] __kasan_kmalloc+0xb7/0xc0 [ 15.981540] __kmalloc_cache_noprof+0x189/0x420 [ 15.981786] kasan_atomics+0x95/0x310 [ 15.981941] kunit_try_run_case+0x1a5/0x480 [ 15.982139] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.982310] kthread+0x337/0x6f0 [ 15.982429] ret_from_fork+0x116/0x1d0 [ 15.982564] ret_from_fork_asm+0x1a/0x30 [ 15.982708] [ 15.982851] The buggy address belongs to the object at ffff888102a1a680 [ 15.982851] which belongs to the cache kmalloc-64 of size 64 [ 15.983418] The buggy address is located 0 bytes to the right of [ 15.983418] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 15.984027] [ 15.984122] The buggy address belongs to the physical page: [ 15.984334] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 15.984566] flags: 0x200000000000000(node=0|zone=2) [ 15.984811] page_type: f5(slab) [ 15.984986] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.985335] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.985636] page dumped because: kasan: bad access detected [ 15.985957] [ 15.986062] Memory state around the buggy address: [ 15.986252] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.986493] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.986705] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.986933] ^ [ 15.987165] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.987471] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.987776] ================================================================== [ 15.145113] ================================================================== [ 15.145346] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 15.145574] Write of size 4 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 15.145967] [ 15.146182] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.146226] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.146238] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.146259] Call Trace: [ 15.146276] <TASK> [ 15.146292] dump_stack_lvl+0x73/0xb0 [ 15.146454] print_report+0xd1/0x650 [ 15.146480] ? __virt_addr_valid+0x1db/0x2d0 [ 15.146525] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.146547] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.146572] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.146596] kasan_report+0x141/0x180 [ 15.146620] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.146648] kasan_check_range+0x10c/0x1c0 [ 15.146675] __kasan_check_write+0x18/0x20 [ 15.146698] kasan_atomics_helper+0x8f9/0x5450 [ 15.146723] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.146748] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.146796] ? kasan_atomics+0x152/0x310 [ 15.146824] kasan_atomics+0x1dc/0x310 [ 15.146858] ? __pfx_kasan_atomics+0x10/0x10 [ 15.146884] ? __pfx_read_tsc+0x10/0x10 [ 15.146906] ? ktime_get_ts64+0x86/0x230 [ 15.146939] kunit_try_run_case+0x1a5/0x480 [ 15.146965] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.146998] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.147023] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.147059] ? __kthread_parkme+0x82/0x180 [ 15.147134] ? preempt_count_sub+0x50/0x80 [ 15.147159] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.147197] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.147223] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.147260] kthread+0x337/0x6f0 [ 15.147281] ? trace_preempt_on+0x20/0xc0 [ 15.147306] ? __pfx_kthread+0x10/0x10 [ 15.147328] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.147361] ? calculate_sigpending+0x7b/0xa0 [ 15.147385] ? __pfx_kthread+0x10/0x10 [ 15.147407] ret_from_fork+0x116/0x1d0 [ 15.147437] ? __pfx_kthread+0x10/0x10 [ 15.147459] ret_from_fork_asm+0x1a/0x30 [ 15.147492] </TASK> [ 15.147503] [ 15.161639] Allocated by task 282: [ 15.161786] kasan_save_stack+0x45/0x70 [ 15.162170] kasan_save_track+0x18/0x40 [ 15.162539] kasan_save_alloc_info+0x3b/0x50 [ 15.162993] __kasan_kmalloc+0xb7/0xc0 [ 15.163565] __kmalloc_cache_noprof+0x189/0x420 [ 15.164094] kasan_atomics+0x95/0x310 [ 15.164465] kunit_try_run_case+0x1a5/0x480 [ 15.164890] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.165595] kthread+0x337/0x6f0 [ 15.166047] ret_from_fork+0x116/0x1d0 [ 15.166413] ret_from_fork_asm+0x1a/0x30 [ 15.166794] [ 15.166974] The buggy address belongs to the object at ffff888102a1a680 [ 15.166974] which belongs to the cache kmalloc-64 of size 64 [ 15.168360] The buggy address is located 0 bytes to the right of [ 15.168360] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 15.168741] [ 15.168816] The buggy address belongs to the physical page: [ 15.169014] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 15.169369] flags: 0x200000000000000(node=0|zone=2) [ 15.169627] page_type: f5(slab) [ 15.169811] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.170173] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.170496] page dumped because: kasan: bad access detected [ 15.170725] [ 15.170832] Memory state around the buggy address: [ 15.171296] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.171626] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.171893] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.172260] ^ [ 15.172528] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.172934] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.173200] ================================================================== [ 16.197376] ================================================================== [ 16.197623] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 16.198037] Read of size 8 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 16.198286] [ 16.198368] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.198408] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.198421] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.198441] Call Trace: [ 16.198455] <TASK> [ 16.198471] dump_stack_lvl+0x73/0xb0 [ 16.198499] print_report+0xd1/0x650 [ 16.198526] ? __virt_addr_valid+0x1db/0x2d0 [ 16.198551] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.198573] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.198598] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.198621] kasan_report+0x141/0x180 [ 16.198644] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.198672] __asan_report_load8_noabort+0x18/0x20 [ 16.198698] kasan_atomics_helper+0x4fb2/0x5450 [ 16.198722] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.198768] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.198794] ? kasan_atomics+0x152/0x310 [ 16.198822] kasan_atomics+0x1dc/0x310 [ 16.198845] ? __pfx_kasan_atomics+0x10/0x10 [ 16.198871] ? __pfx_read_tsc+0x10/0x10 [ 16.198892] ? ktime_get_ts64+0x86/0x230 [ 16.198917] kunit_try_run_case+0x1a5/0x480 [ 16.198951] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.198975] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.199000] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.199026] ? __kthread_parkme+0x82/0x180 [ 16.199047] ? preempt_count_sub+0x50/0x80 [ 16.199072] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.199099] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.199126] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.199152] kthread+0x337/0x6f0 [ 16.199172] ? trace_preempt_on+0x20/0xc0 [ 16.199196] ? __pfx_kthread+0x10/0x10 [ 16.199218] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.199240] ? calculate_sigpending+0x7b/0xa0 [ 16.199265] ? __pfx_kthread+0x10/0x10 [ 16.199288] ret_from_fork+0x116/0x1d0 [ 16.199307] ? __pfx_kthread+0x10/0x10 [ 16.199329] ret_from_fork_asm+0x1a/0x30 [ 16.199362] </TASK> [ 16.199374] [ 16.206681] Allocated by task 282: [ 16.206860] kasan_save_stack+0x45/0x70 [ 16.207064] kasan_save_track+0x18/0x40 [ 16.207236] kasan_save_alloc_info+0x3b/0x50 [ 16.207387] __kasan_kmalloc+0xb7/0xc0 [ 16.207521] __kmalloc_cache_noprof+0x189/0x420 [ 16.207678] kasan_atomics+0x95/0x310 [ 16.207838] kunit_try_run_case+0x1a5/0x480 [ 16.207996] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.208175] kthread+0x337/0x6f0 [ 16.208343] ret_from_fork+0x116/0x1d0 [ 16.208531] ret_from_fork_asm+0x1a/0x30 [ 16.208730] [ 16.208846] The buggy address belongs to the object at ffff888102a1a680 [ 16.208846] which belongs to the cache kmalloc-64 of size 64 [ 16.209374] The buggy address is located 0 bytes to the right of [ 16.209374] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 16.209880] [ 16.209964] The buggy address belongs to the physical page: [ 16.210136] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 16.210375] flags: 0x200000000000000(node=0|zone=2) [ 16.210541] page_type: f5(slab) [ 16.210663] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.211023] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.211369] page dumped because: kasan: bad access detected [ 16.211626] [ 16.211725] Memory state around the buggy address: [ 16.211992] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.212310] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.212633] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.212990] ^ [ 16.213220] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.213536] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.213776] ================================================================== [ 15.782528] ================================================================== [ 15.783527] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 15.783955] Write of size 8 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 15.784193] [ 15.784283] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.784326] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.784339] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.784359] Call Trace: [ 15.784373] <TASK> [ 15.784389] dump_stack_lvl+0x73/0xb0 [ 15.784419] print_report+0xd1/0x650 [ 15.784441] ? __virt_addr_valid+0x1db/0x2d0 [ 15.784465] ? kasan_atomics_helper+0x164f/0x5450 [ 15.784488] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.784513] ? kasan_atomics_helper+0x164f/0x5450 [ 15.784536] kasan_report+0x141/0x180 [ 15.784559] ? kasan_atomics_helper+0x164f/0x5450 [ 15.784587] kasan_check_range+0x10c/0x1c0 [ 15.784612] __kasan_check_write+0x18/0x20 [ 15.784633] kasan_atomics_helper+0x164f/0x5450 [ 15.784656] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.784680] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.784707] ? kasan_atomics+0x152/0x310 [ 15.784734] kasan_atomics+0x1dc/0x310 [ 15.784769] ? __pfx_kasan_atomics+0x10/0x10 [ 15.784796] ? __pfx_read_tsc+0x10/0x10 [ 15.784818] ? ktime_get_ts64+0x86/0x230 [ 15.784843] kunit_try_run_case+0x1a5/0x480 [ 15.785023] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.785048] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.785074] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.785100] ? __kthread_parkme+0x82/0x180 [ 15.785121] ? preempt_count_sub+0x50/0x80 [ 15.785148] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.785174] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.785201] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.785227] kthread+0x337/0x6f0 [ 15.785248] ? trace_preempt_on+0x20/0xc0 [ 15.785272] ? __pfx_kthread+0x10/0x10 [ 15.785296] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.785318] ? calculate_sigpending+0x7b/0xa0 [ 15.785343] ? __pfx_kthread+0x10/0x10 [ 15.785366] ret_from_fork+0x116/0x1d0 [ 15.785386] ? __pfx_kthread+0x10/0x10 [ 15.785408] ret_from_fork_asm+0x1a/0x30 [ 15.785441] </TASK> [ 15.785452] [ 15.795950] Allocated by task 282: [ 15.796139] kasan_save_stack+0x45/0x70 [ 15.796346] kasan_save_track+0x18/0x40 [ 15.796539] kasan_save_alloc_info+0x3b/0x50 [ 15.796847] __kasan_kmalloc+0xb7/0xc0 [ 15.796993] __kmalloc_cache_noprof+0x189/0x420 [ 15.797149] kasan_atomics+0x95/0x310 [ 15.797314] kunit_try_run_case+0x1a5/0x480 [ 15.797524] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.797826] kthread+0x337/0x6f0 [ 15.797988] ret_from_fork+0x116/0x1d0 [ 15.798151] ret_from_fork_asm+0x1a/0x30 [ 15.798291] [ 15.798362] The buggy address belongs to the object at ffff888102a1a680 [ 15.798362] which belongs to the cache kmalloc-64 of size 64 [ 15.798861] The buggy address is located 0 bytes to the right of [ 15.798861] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 15.799413] [ 15.799485] The buggy address belongs to the physical page: [ 15.799667] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 15.800410] flags: 0x200000000000000(node=0|zone=2) [ 15.800627] page_type: f5(slab) [ 15.800773] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.801107] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.801357] page dumped because: kasan: bad access detected [ 15.801582] [ 15.801679] Memory state around the buggy address: [ 15.802011] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.802298] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.802586] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.802898] ^ [ 15.803088] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.803306] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.803518] ================================================================== [ 15.718485] ================================================================== [ 15.718723] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 15.719082] Write of size 8 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 15.719568] [ 15.719777] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.719818] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.719830] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.719850] Call Trace: [ 15.719865] <TASK> [ 15.719881] dump_stack_lvl+0x73/0xb0 [ 15.719908] print_report+0xd1/0x650 [ 15.719942] ? __virt_addr_valid+0x1db/0x2d0 [ 15.719966] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.719989] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.720012] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.720036] kasan_report+0x141/0x180 [ 15.720059] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.720088] __asan_report_store8_noabort+0x1b/0x30 [ 15.720115] kasan_atomics_helper+0x50d4/0x5450 [ 15.720139] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.720163] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.720189] ? kasan_atomics+0x152/0x310 [ 15.720217] kasan_atomics+0x1dc/0x310 [ 15.720241] ? __pfx_kasan_atomics+0x10/0x10 [ 15.720266] ? __pfx_read_tsc+0x10/0x10 [ 15.720287] ? ktime_get_ts64+0x86/0x230 [ 15.720312] kunit_try_run_case+0x1a5/0x480 [ 15.720337] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.720361] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.720386] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.720411] ? __kthread_parkme+0x82/0x180 [ 15.720432] ? preempt_count_sub+0x50/0x80 [ 15.720457] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.720482] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.720508] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.720534] kthread+0x337/0x6f0 [ 15.720554] ? trace_preempt_on+0x20/0xc0 [ 15.720578] ? __pfx_kthread+0x10/0x10 [ 15.720600] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.720623] ? calculate_sigpending+0x7b/0xa0 [ 15.720648] ? __pfx_kthread+0x10/0x10 [ 15.720670] ret_from_fork+0x116/0x1d0 [ 15.720690] ? __pfx_kthread+0x10/0x10 [ 15.720711] ret_from_fork_asm+0x1a/0x30 [ 15.720744] </TASK> [ 15.720768] [ 15.728207] Allocated by task 282: [ 15.728382] kasan_save_stack+0x45/0x70 [ 15.728586] kasan_save_track+0x18/0x40 [ 15.728809] kasan_save_alloc_info+0x3b/0x50 [ 15.729033] __kasan_kmalloc+0xb7/0xc0 [ 15.729225] __kmalloc_cache_noprof+0x189/0x420 [ 15.729434] kasan_atomics+0x95/0x310 [ 15.729610] kunit_try_run_case+0x1a5/0x480 [ 15.729757] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.729943] kthread+0x337/0x6f0 [ 15.730063] ret_from_fork+0x116/0x1d0 [ 15.730195] ret_from_fork_asm+0x1a/0x30 [ 15.730335] [ 15.730404] The buggy address belongs to the object at ffff888102a1a680 [ 15.730404] which belongs to the cache kmalloc-64 of size 64 [ 15.730858] The buggy address is located 0 bytes to the right of [ 15.730858] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 15.731930] [ 15.732005] The buggy address belongs to the physical page: [ 15.732176] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 15.732413] flags: 0x200000000000000(node=0|zone=2) [ 15.732573] page_type: f5(slab) [ 15.732691] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.733404] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.733746] page dumped because: kasan: bad access detected [ 15.734022] [ 15.734118] Memory state around the buggy address: [ 15.734313] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.734534] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.734748] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.735083] ^ [ 15.735311] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.735634] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.736031] ================================================================== [ 16.285526] ================================================================== [ 16.285988] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 16.286356] Read of size 8 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 16.286662] [ 16.286789] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.286831] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.286854] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.286875] Call Trace: [ 16.286888] <TASK> [ 16.286903] dump_stack_lvl+0x73/0xb0 [ 16.286942] print_report+0xd1/0x650 [ 16.286964] ? __virt_addr_valid+0x1db/0x2d0 [ 16.286987] ? kasan_atomics_helper+0x5115/0x5450 [ 16.287040] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.287064] ? kasan_atomics_helper+0x5115/0x5450 [ 16.287087] kasan_report+0x141/0x180 [ 16.287121] ? kasan_atomics_helper+0x5115/0x5450 [ 16.287175] __asan_report_load8_noabort+0x18/0x20 [ 16.287201] kasan_atomics_helper+0x5115/0x5450 [ 16.287226] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.287260] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.287287] ? kasan_atomics+0x152/0x310 [ 16.287340] kasan_atomics+0x1dc/0x310 [ 16.287365] ? __pfx_kasan_atomics+0x10/0x10 [ 16.287401] ? __pfx_read_tsc+0x10/0x10 [ 16.287423] ? ktime_get_ts64+0x86/0x230 [ 16.287468] kunit_try_run_case+0x1a5/0x480 [ 16.287495] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.287519] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.287545] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.287570] ? __kthread_parkme+0x82/0x180 [ 16.287610] ? preempt_count_sub+0x50/0x80 [ 16.287648] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.287711] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.287769] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.287795] kthread+0x337/0x6f0 [ 16.287815] ? trace_preempt_on+0x20/0xc0 [ 16.287851] ? __pfx_kthread+0x10/0x10 [ 16.287872] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.287895] ? calculate_sigpending+0x7b/0xa0 [ 16.287929] ? __pfx_kthread+0x10/0x10 [ 16.287951] ret_from_fork+0x116/0x1d0 [ 16.287971] ? __pfx_kthread+0x10/0x10 [ 16.287993] ret_from_fork_asm+0x1a/0x30 [ 16.288026] </TASK> [ 16.288037] [ 16.295824] Allocated by task 282: [ 16.296152] kasan_save_stack+0x45/0x70 [ 16.296449] kasan_save_track+0x18/0x40 [ 16.296683] kasan_save_alloc_info+0x3b/0x50 [ 16.296972] __kasan_kmalloc+0xb7/0xc0 [ 16.297102] __kmalloc_cache_noprof+0x189/0x420 [ 16.297252] kasan_atomics+0x95/0x310 [ 16.297380] kunit_try_run_case+0x1a5/0x480 [ 16.297589] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.298036] kthread+0x337/0x6f0 [ 16.298275] ret_from_fork+0x116/0x1d0 [ 16.298531] ret_from_fork_asm+0x1a/0x30 [ 16.298743] [ 16.298851] The buggy address belongs to the object at ffff888102a1a680 [ 16.298851] which belongs to the cache kmalloc-64 of size 64 [ 16.299337] The buggy address is located 0 bytes to the right of [ 16.299337] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 16.299928] [ 16.300085] The buggy address belongs to the physical page: [ 16.300453] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 16.300723] flags: 0x200000000000000(node=0|zone=2) [ 16.301167] page_type: f5(slab) [ 16.301375] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.301757] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.302053] page dumped because: kasan: bad access detected [ 16.302469] [ 16.302683] Memory state around the buggy address: [ 16.302894] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.303218] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.303476] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.303679] ^ [ 16.304065] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.304415] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.304768] ================================================================== [ 15.847274] ================================================================== [ 15.847712] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 15.847958] Write of size 8 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 15.848809] [ 15.848970] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.849018] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.849031] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.849052] Call Trace: [ 15.849069] <TASK> [ 15.849087] dump_stack_lvl+0x73/0xb0 [ 15.849118] print_report+0xd1/0x650 [ 15.849141] ? __virt_addr_valid+0x1db/0x2d0 [ 15.849165] ? kasan_atomics_helper+0x1818/0x5450 [ 15.849188] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.849212] ? kasan_atomics_helper+0x1818/0x5450 [ 15.849235] kasan_report+0x141/0x180 [ 15.849258] ? kasan_atomics_helper+0x1818/0x5450 [ 15.849286] kasan_check_range+0x10c/0x1c0 [ 15.849311] __kasan_check_write+0x18/0x20 [ 15.849331] kasan_atomics_helper+0x1818/0x5450 [ 15.849356] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.849379] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.849406] ? kasan_atomics+0x152/0x310 [ 15.849433] kasan_atomics+0x1dc/0x310 [ 15.849457] ? __pfx_kasan_atomics+0x10/0x10 [ 15.849482] ? __pfx_read_tsc+0x10/0x10 [ 15.849504] ? ktime_get_ts64+0x86/0x230 [ 15.849529] kunit_try_run_case+0x1a5/0x480 [ 15.849554] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.849577] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.849602] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.849627] ? __kthread_parkme+0x82/0x180 [ 15.849649] ? preempt_count_sub+0x50/0x80 [ 15.849675] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.849700] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.849725] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.849753] kthread+0x337/0x6f0 [ 15.849773] ? trace_preempt_on+0x20/0xc0 [ 15.849797] ? __pfx_kthread+0x10/0x10 [ 15.849818] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.849841] ? calculate_sigpending+0x7b/0xa0 [ 15.849866] ? __pfx_kthread+0x10/0x10 [ 15.849889] ret_from_fork+0x116/0x1d0 [ 15.849907] ? __pfx_kthread+0x10/0x10 [ 15.849940] ret_from_fork_asm+0x1a/0x30 [ 15.849973] </TASK> [ 15.849984] [ 15.857319] Allocated by task 282: [ 15.857495] kasan_save_stack+0x45/0x70 [ 15.857697] kasan_save_track+0x18/0x40 [ 15.858010] kasan_save_alloc_info+0x3b/0x50 [ 15.858223] __kasan_kmalloc+0xb7/0xc0 [ 15.858372] __kmalloc_cache_noprof+0x189/0x420 [ 15.858535] kasan_atomics+0x95/0x310 [ 15.858669] kunit_try_run_case+0x1a5/0x480 [ 15.858868] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.859233] kthread+0x337/0x6f0 [ 15.859408] ret_from_fork+0x116/0x1d0 [ 15.859581] ret_from_fork_asm+0x1a/0x30 [ 15.859725] [ 15.859941] The buggy address belongs to the object at ffff888102a1a680 [ 15.859941] which belongs to the cache kmalloc-64 of size 64 [ 15.860387] The buggy address is located 0 bytes to the right of [ 15.860387] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 15.860810] [ 15.860905] The buggy address belongs to the physical page: [ 15.861165] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 15.861520] flags: 0x200000000000000(node=0|zone=2) [ 15.861765] page_type: f5(slab) [ 15.861942] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.862243] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.862507] page dumped because: kasan: bad access detected [ 15.862753] [ 15.862853] Memory state around the buggy address: [ 15.863057] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.863273] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.863489] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.863805] ^ [ 15.864037] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.864345] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.864561] ================================================================== [ 15.864978] ================================================================== [ 15.865319] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 15.865670] Write of size 8 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 15.866012] [ 15.866118] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.866160] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.866172] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.866192] Call Trace: [ 15.866206] <TASK> [ 15.866220] dump_stack_lvl+0x73/0xb0 [ 15.866249] print_report+0xd1/0x650 [ 15.866272] ? __virt_addr_valid+0x1db/0x2d0 [ 15.866295] ? kasan_atomics_helper+0x18b1/0x5450 [ 15.866317] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.866342] ? kasan_atomics_helper+0x18b1/0x5450 [ 15.866365] kasan_report+0x141/0x180 [ 15.866388] ? kasan_atomics_helper+0x18b1/0x5450 [ 15.866415] kasan_check_range+0x10c/0x1c0 [ 15.866440] __kasan_check_write+0x18/0x20 [ 15.866473] kasan_atomics_helper+0x18b1/0x5450 [ 15.866497] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.866528] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.866554] ? kasan_atomics+0x152/0x310 [ 15.866583] kasan_atomics+0x1dc/0x310 [ 15.866608] ? __pfx_kasan_atomics+0x10/0x10 [ 15.866633] ? __pfx_read_tsc+0x10/0x10 [ 15.866655] ? ktime_get_ts64+0x86/0x230 [ 15.866682] kunit_try_run_case+0x1a5/0x480 [ 15.866710] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.866736] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.866769] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.866794] ? __kthread_parkme+0x82/0x180 [ 15.866816] ? preempt_count_sub+0x50/0x80 [ 15.866840] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.866866] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.866892] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.866929] kthread+0x337/0x6f0 [ 15.866950] ? trace_preempt_on+0x20/0xc0 [ 15.866974] ? __pfx_kthread+0x10/0x10 [ 15.866996] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.867018] ? calculate_sigpending+0x7b/0xa0 [ 15.867043] ? __pfx_kthread+0x10/0x10 [ 15.867065] ret_from_fork+0x116/0x1d0 [ 15.867086] ? __pfx_kthread+0x10/0x10 [ 15.867107] ret_from_fork_asm+0x1a/0x30 [ 15.867141] </TASK> [ 15.867151] [ 15.874490] Allocated by task 282: [ 15.874653] kasan_save_stack+0x45/0x70 [ 15.874862] kasan_save_track+0x18/0x40 [ 15.875011] kasan_save_alloc_info+0x3b/0x50 [ 15.875191] __kasan_kmalloc+0xb7/0xc0 [ 15.875384] __kmalloc_cache_noprof+0x189/0x420 [ 15.875607] kasan_atomics+0x95/0x310 [ 15.875835] kunit_try_run_case+0x1a5/0x480 [ 15.876036] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.876220] kthread+0x337/0x6f0 [ 15.876391] ret_from_fork+0x116/0x1d0 [ 15.876572] ret_from_fork_asm+0x1a/0x30 [ 15.876712] [ 15.876861] The buggy address belongs to the object at ffff888102a1a680 [ 15.876861] which belongs to the cache kmalloc-64 of size 64 [ 15.877394] The buggy address is located 0 bytes to the right of [ 15.877394] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 15.877762] [ 15.877856] The buggy address belongs to the physical page: [ 15.878186] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 15.878621] flags: 0x200000000000000(node=0|zone=2) [ 15.878885] page_type: f5(slab) [ 15.879026] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.879300] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.879531] page dumped because: kasan: bad access detected [ 15.879767] [ 15.879862] Memory state around the buggy address: [ 15.880099] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.880429] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.880669] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.881064] ^ [ 15.881282] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.881498] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.881778] ================================================================== [ 15.535767] ================================================================== [ 15.536176] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 15.536583] Write of size 4 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 15.537236] [ 15.537350] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.537392] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.537405] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.537426] Call Trace: [ 15.537441] <TASK> [ 15.537457] dump_stack_lvl+0x73/0xb0 [ 15.537487] print_report+0xd1/0x650 [ 15.537510] ? __virt_addr_valid+0x1db/0x2d0 [ 15.537533] ? kasan_atomics_helper+0x1217/0x5450 [ 15.537556] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.537581] ? kasan_atomics_helper+0x1217/0x5450 [ 15.537604] kasan_report+0x141/0x180 [ 15.537628] ? kasan_atomics_helper+0x1217/0x5450 [ 15.537656] kasan_check_range+0x10c/0x1c0 [ 15.537681] __kasan_check_write+0x18/0x20 [ 15.537703] kasan_atomics_helper+0x1217/0x5450 [ 15.537727] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.538786] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.538835] ? kasan_atomics+0x152/0x310 [ 15.538867] kasan_atomics+0x1dc/0x310 [ 15.538894] ? __pfx_kasan_atomics+0x10/0x10 [ 15.538930] ? __pfx_read_tsc+0x10/0x10 [ 15.538953] ? ktime_get_ts64+0x86/0x230 [ 15.538982] kunit_try_run_case+0x1a5/0x480 [ 15.539010] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.539034] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.539059] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.539085] ? __kthread_parkme+0x82/0x180 [ 15.539106] ? preempt_count_sub+0x50/0x80 [ 15.539132] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.539158] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.539184] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.539211] kthread+0x337/0x6f0 [ 15.539231] ? trace_preempt_on+0x20/0xc0 [ 15.539256] ? __pfx_kthread+0x10/0x10 [ 15.539278] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.539300] ? calculate_sigpending+0x7b/0xa0 [ 15.539325] ? __pfx_kthread+0x10/0x10 [ 15.539347] ret_from_fork+0x116/0x1d0 [ 15.539367] ? __pfx_kthread+0x10/0x10 [ 15.539388] ret_from_fork_asm+0x1a/0x30 [ 15.539421] </TASK> [ 15.539432] [ 15.551531] Allocated by task 282: [ 15.551665] kasan_save_stack+0x45/0x70 [ 15.552171] kasan_save_track+0x18/0x40 [ 15.552512] kasan_save_alloc_info+0x3b/0x50 [ 15.553000] __kasan_kmalloc+0xb7/0xc0 [ 15.553391] __kmalloc_cache_noprof+0x189/0x420 [ 15.553930] kasan_atomics+0x95/0x310 [ 15.554326] kunit_try_run_case+0x1a5/0x480 [ 15.554766] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.555296] kthread+0x337/0x6f0 [ 15.555647] ret_from_fork+0x116/0x1d0 [ 15.556087] ret_from_fork_asm+0x1a/0x30 [ 15.556487] [ 15.556699] The buggy address belongs to the object at ffff888102a1a680 [ 15.556699] which belongs to the cache kmalloc-64 of size 64 [ 15.557686] The buggy address is located 0 bytes to the right of [ 15.557686] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 15.558203] [ 15.558280] The buggy address belongs to the physical page: [ 15.558452] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 15.558694] flags: 0x200000000000000(node=0|zone=2) [ 15.558878] page_type: f5(slab) [ 15.559009] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.559587] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.560509] page dumped because: kasan: bad access detected [ 15.561163] [ 15.561340] Memory state around the buggy address: [ 15.561607] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.562197] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.562420] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.562641] ^ [ 15.562956] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.563610] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.564306] ================================================================== [ 15.173763] ================================================================== [ 15.174235] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 15.174519] Write of size 4 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 15.174884] [ 15.175001] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.175054] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.175066] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.175087] Call Trace: [ 15.175274] <TASK> [ 15.175299] dump_stack_lvl+0x73/0xb0 [ 15.175333] print_report+0xd1/0x650 [ 15.175371] ? __virt_addr_valid+0x1db/0x2d0 [ 15.175405] ? kasan_atomics_helper+0x992/0x5450 [ 15.175428] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.175453] ? kasan_atomics_helper+0x992/0x5450 [ 15.175487] kasan_report+0x141/0x180 [ 15.175510] ? kasan_atomics_helper+0x992/0x5450 [ 15.175538] kasan_check_range+0x10c/0x1c0 [ 15.175562] __kasan_check_write+0x18/0x20 [ 15.175582] kasan_atomics_helper+0x992/0x5450 [ 15.175606] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.175630] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.175656] ? kasan_atomics+0x152/0x310 [ 15.175685] kasan_atomics+0x1dc/0x310 [ 15.175708] ? __pfx_kasan_atomics+0x10/0x10 [ 15.175734] ? __pfx_read_tsc+0x10/0x10 [ 15.175763] ? ktime_get_ts64+0x86/0x230 [ 15.175799] kunit_try_run_case+0x1a5/0x480 [ 15.175823] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.175847] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.175883] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.175915] ? __kthread_parkme+0x82/0x180 [ 15.175947] ? preempt_count_sub+0x50/0x80 [ 15.175972] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.176009] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.176034] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.176061] kthread+0x337/0x6f0 [ 15.176081] ? trace_preempt_on+0x20/0xc0 [ 15.176106] ? __pfx_kthread+0x10/0x10 [ 15.176128] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.176151] ? calculate_sigpending+0x7b/0xa0 [ 15.176176] ? __pfx_kthread+0x10/0x10 [ 15.176200] ret_from_fork+0x116/0x1d0 [ 15.176219] ? __pfx_kthread+0x10/0x10 [ 15.176241] ret_from_fork_asm+0x1a/0x30 [ 15.176275] </TASK> [ 15.176343] [ 15.185023] Allocated by task 282: [ 15.185166] kasan_save_stack+0x45/0x70 [ 15.185392] kasan_save_track+0x18/0x40 [ 15.185586] kasan_save_alloc_info+0x3b/0x50 [ 15.185800] __kasan_kmalloc+0xb7/0xc0 [ 15.186119] __kmalloc_cache_noprof+0x189/0x420 [ 15.186276] kasan_atomics+0x95/0x310 [ 15.186543] kunit_try_run_case+0x1a5/0x480 [ 15.186815] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.187108] kthread+0x337/0x6f0 [ 15.187321] ret_from_fork+0x116/0x1d0 [ 15.187500] ret_from_fork_asm+0x1a/0x30 [ 15.187698] [ 15.187815] The buggy address belongs to the object at ffff888102a1a680 [ 15.187815] which belongs to the cache kmalloc-64 of size 64 [ 15.188449] The buggy address is located 0 bytes to the right of [ 15.188449] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 15.188836] [ 15.189000] The buggy address belongs to the physical page: [ 15.189418] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 15.189784] flags: 0x200000000000000(node=0|zone=2) [ 15.189961] page_type: f5(slab) [ 15.190197] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.190550] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.190874] page dumped because: kasan: bad access detected [ 15.191362] [ 15.191466] Memory state around the buggy address: [ 15.191689] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.192276] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.192502] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.192846] ^ [ 15.193243] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.193604] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.193985] ================================================================== [ 15.294970] ================================================================== [ 15.295405] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 15.295746] Read of size 4 at addr ffff888102a1a6b0 by task kunit_try_catch/282 [ 15.296077] [ 15.296164] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.296209] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.296222] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.296243] Call Trace: [ 15.296261] <TASK> [ 15.296278] dump_stack_lvl+0x73/0xb0 [ 15.296320] print_report+0xd1/0x650 [ 15.296343] ? __virt_addr_valid+0x1db/0x2d0 [ 15.296368] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.296403] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.296428] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.296452] kasan_report+0x141/0x180 [ 15.296486] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.296514] __asan_report_load4_noabort+0x18/0x20 [ 15.296540] kasan_atomics_helper+0x4a84/0x5450 [ 15.296565] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.296588] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.296614] ? kasan_atomics+0x152/0x310 [ 15.296642] kasan_atomics+0x1dc/0x310 [ 15.296665] ? __pfx_kasan_atomics+0x10/0x10 [ 15.296691] ? __pfx_read_tsc+0x10/0x10 [ 15.296713] ? ktime_get_ts64+0x86/0x230 [ 15.296738] kunit_try_run_case+0x1a5/0x480 [ 15.296773] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.296797] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.296832] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.296857] ? __kthread_parkme+0x82/0x180 [ 15.296889] ? preempt_count_sub+0x50/0x80 [ 15.296916] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.296950] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.296976] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.297002] kthread+0x337/0x6f0 [ 15.297021] ? trace_preempt_on+0x20/0xc0 [ 15.297055] ? __pfx_kthread+0x10/0x10 [ 15.297076] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.297098] ? calculate_sigpending+0x7b/0xa0 [ 15.297134] ? __pfx_kthread+0x10/0x10 [ 15.297157] ret_from_fork+0x116/0x1d0 [ 15.297176] ? __pfx_kthread+0x10/0x10 [ 15.297198] ret_from_fork_asm+0x1a/0x30 [ 15.297240] </TASK> [ 15.297251] [ 15.305204] Allocated by task 282: [ 15.305375] kasan_save_stack+0x45/0x70 [ 15.305575] kasan_save_track+0x18/0x40 [ 15.305778] kasan_save_alloc_info+0x3b/0x50 [ 15.305990] __kasan_kmalloc+0xb7/0xc0 [ 15.306124] __kmalloc_cache_noprof+0x189/0x420 [ 15.306303] kasan_atomics+0x95/0x310 [ 15.306490] kunit_try_run_case+0x1a5/0x480 [ 15.306728] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.307074] kthread+0x337/0x6f0 [ 15.307197] ret_from_fork+0x116/0x1d0 [ 15.307329] ret_from_fork_asm+0x1a/0x30 [ 15.307526] [ 15.307618] The buggy address belongs to the object at ffff888102a1a680 [ 15.307618] which belongs to the cache kmalloc-64 of size 64 [ 15.308332] The buggy address is located 0 bytes to the right of [ 15.308332] allocated 48-byte region [ffff888102a1a680, ffff888102a1a6b0) [ 15.308912] [ 15.309022] The buggy address belongs to the physical page: [ 15.309287] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 15.309632] flags: 0x200000000000000(node=0|zone=2) [ 15.309904] page_type: f5(slab) [ 15.310087] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.310317] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.310545] page dumped because: kasan: bad access detected [ 15.310734] [ 15.310827] Memory state around the buggy address: [ 15.311088] ffff888102a1a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.311416] ffff888102a1a600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.311732] >ffff888102a1a680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.312098] ^ [ 15.312252] ffff888102a1a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.312465] ffff888102a1a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.312676] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 14.737380] ================================================================== [ 14.737709] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.738530] Write of size 8 at addr ffff888102321e88 by task kunit_try_catch/278 [ 14.738989] [ 14.739098] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.739138] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.739150] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.739170] Call Trace: [ 14.739183] <TASK> [ 14.739196] dump_stack_lvl+0x73/0xb0 [ 14.739226] print_report+0xd1/0x650 [ 14.739248] ? __virt_addr_valid+0x1db/0x2d0 [ 14.739272] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.739302] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.739325] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.739355] kasan_report+0x141/0x180 [ 14.739378] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.739415] kasan_check_range+0x10c/0x1c0 [ 14.739439] __kasan_check_write+0x18/0x20 [ 14.739459] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.739488] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.739520] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.739545] ? trace_hardirqs_on+0x37/0xe0 [ 14.739567] ? kasan_bitops_generic+0x92/0x1c0 [ 14.739595] kasan_bitops_generic+0x121/0x1c0 [ 14.739619] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.739646] ? __pfx_read_tsc+0x10/0x10 [ 14.739666] ? ktime_get_ts64+0x86/0x230 [ 14.739690] kunit_try_run_case+0x1a5/0x480 [ 14.739715] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.739738] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.739764] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.739788] ? __kthread_parkme+0x82/0x180 [ 14.739809] ? preempt_count_sub+0x50/0x80 [ 14.739833] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.739857] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.739882] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.739907] kthread+0x337/0x6f0 [ 14.739937] ? trace_preempt_on+0x20/0xc0 [ 14.739959] ? __pfx_kthread+0x10/0x10 [ 14.739980] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.740002] ? calculate_sigpending+0x7b/0xa0 [ 14.740026] ? __pfx_kthread+0x10/0x10 [ 14.740048] ret_from_fork+0x116/0x1d0 [ 14.740066] ? __pfx_kthread+0x10/0x10 [ 14.740087] ret_from_fork_asm+0x1a/0x30 [ 14.740119] </TASK> [ 14.740129] [ 14.748121] Allocated by task 278: [ 14.748250] kasan_save_stack+0x45/0x70 [ 14.748672] kasan_save_track+0x18/0x40 [ 14.748970] kasan_save_alloc_info+0x3b/0x50 [ 14.749193] __kasan_kmalloc+0xb7/0xc0 [ 14.749381] __kmalloc_cache_noprof+0x189/0x420 [ 14.749593] kasan_bitops_generic+0x92/0x1c0 [ 14.749742] kunit_try_run_case+0x1a5/0x480 [ 14.749887] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.750071] kthread+0x337/0x6f0 [ 14.750265] ret_from_fork+0x116/0x1d0 [ 14.750447] ret_from_fork_asm+0x1a/0x30 [ 14.750646] [ 14.750739] The buggy address belongs to the object at ffff888102321e80 [ 14.750739] which belongs to the cache kmalloc-16 of size 16 [ 14.751232] The buggy address is located 8 bytes inside of [ 14.751232] allocated 9-byte region [ffff888102321e80, ffff888102321e89) [ 14.751583] [ 14.751654] The buggy address belongs to the physical page: [ 14.752048] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102321 [ 14.752401] flags: 0x200000000000000(node=0|zone=2) [ 14.752626] page_type: f5(slab) [ 14.752827] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.753161] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.753438] page dumped because: kasan: bad access detected [ 14.753661] [ 14.753761] Memory state around the buggy address: [ 14.753972] ffff888102321d80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 14.754253] ffff888102321e00: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 14.754545] >ffff888102321e80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.754812] ^ [ 14.754989] ffff888102321f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.755228] ffff888102321f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.755543] ================================================================== [ 14.688463] ================================================================== [ 14.688700] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.689790] Write of size 8 at addr ffff888102321e88 by task kunit_try_catch/278 [ 14.690420] [ 14.690596] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.690639] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.690651] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.690671] Call Trace: [ 14.690685] <TASK> [ 14.690701] dump_stack_lvl+0x73/0xb0 [ 14.690752] print_report+0xd1/0x650 [ 14.690775] ? __virt_addr_valid+0x1db/0x2d0 [ 14.690798] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.690827] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.690850] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.690879] kasan_report+0x141/0x180 [ 14.690901] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.690944] kasan_check_range+0x10c/0x1c0 [ 14.690968] __kasan_check_write+0x18/0x20 [ 14.690987] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.691017] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.691047] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.691071] ? trace_hardirqs_on+0x37/0xe0 [ 14.691093] ? kasan_bitops_generic+0x92/0x1c0 [ 14.691121] kasan_bitops_generic+0x121/0x1c0 [ 14.691145] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.691172] ? __pfx_read_tsc+0x10/0x10 [ 14.691192] ? ktime_get_ts64+0x86/0x230 [ 14.691217] kunit_try_run_case+0x1a5/0x480 [ 14.691242] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.691264] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.691288] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.691313] ? __kthread_parkme+0x82/0x180 [ 14.691335] ? preempt_count_sub+0x50/0x80 [ 14.691359] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.691383] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.691408] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.691434] kthread+0x337/0x6f0 [ 14.691453] ? trace_preempt_on+0x20/0xc0 [ 14.691475] ? __pfx_kthread+0x10/0x10 [ 14.691496] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.691517] ? calculate_sigpending+0x7b/0xa0 [ 14.691541] ? __pfx_kthread+0x10/0x10 [ 14.691562] ret_from_fork+0x116/0x1d0 [ 14.691581] ? __pfx_kthread+0x10/0x10 [ 14.691601] ret_from_fork_asm+0x1a/0x30 [ 14.691633] </TASK> [ 14.691642] [ 14.704755] Allocated by task 278: [ 14.705077] kasan_save_stack+0x45/0x70 [ 14.705436] kasan_save_track+0x18/0x40 [ 14.705780] kasan_save_alloc_info+0x3b/0x50 [ 14.705944] __kasan_kmalloc+0xb7/0xc0 [ 14.706287] __kmalloc_cache_noprof+0x189/0x420 [ 14.706696] kasan_bitops_generic+0x92/0x1c0 [ 14.706967] kunit_try_run_case+0x1a5/0x480 [ 14.707116] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.707293] kthread+0x337/0x6f0 [ 14.707413] ret_from_fork+0x116/0x1d0 [ 14.707545] ret_from_fork_asm+0x1a/0x30 [ 14.707683] [ 14.707759] The buggy address belongs to the object at ffff888102321e80 [ 14.707759] which belongs to the cache kmalloc-16 of size 16 [ 14.708506] The buggy address is located 8 bytes inside of [ 14.708506] allocated 9-byte region [ffff888102321e80, ffff888102321e89) [ 14.709527] [ 14.709683] The buggy address belongs to the physical page: [ 14.710183] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102321 [ 14.710877] flags: 0x200000000000000(node=0|zone=2) [ 14.711310] page_type: f5(slab) [ 14.711594] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.712274] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.713042] page dumped because: kasan: bad access detected [ 14.713470] [ 14.713539] Memory state around the buggy address: [ 14.713694] ffff888102321d80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 14.713938] ffff888102321e00: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 14.714154] >ffff888102321e80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.714364] ^ [ 14.714486] ffff888102321f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.714703] ffff888102321f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.715284] ================================================================== [ 14.756405] ================================================================== [ 14.756759] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.757229] Write of size 8 at addr ffff888102321e88 by task kunit_try_catch/278 [ 14.757516] [ 14.757622] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.757663] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.757675] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.757695] Call Trace: [ 14.757709] <TASK> [ 14.757726] dump_stack_lvl+0x73/0xb0 [ 14.757768] print_report+0xd1/0x650 [ 14.757791] ? __virt_addr_valid+0x1db/0x2d0 [ 14.757814] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.757843] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.757867] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.757897] kasan_report+0x141/0x180 [ 14.757934] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.757971] kasan_check_range+0x10c/0x1c0 [ 14.757996] __kasan_check_write+0x18/0x20 [ 14.758015] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.758046] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.758077] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.758101] ? trace_hardirqs_on+0x37/0xe0 [ 14.758123] ? kasan_bitops_generic+0x92/0x1c0 [ 14.758151] kasan_bitops_generic+0x121/0x1c0 [ 14.758176] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.758202] ? __pfx_read_tsc+0x10/0x10 [ 14.758222] ? ktime_get_ts64+0x86/0x230 [ 14.758246] kunit_try_run_case+0x1a5/0x480 [ 14.758270] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.758293] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.758317] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.758341] ? __kthread_parkme+0x82/0x180 [ 14.758362] ? preempt_count_sub+0x50/0x80 [ 14.758387] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.758411] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.758437] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.758462] kthread+0x337/0x6f0 [ 14.758481] ? trace_preempt_on+0x20/0xc0 [ 14.758508] ? __pfx_kthread+0x10/0x10 [ 14.758529] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.758551] ? calculate_sigpending+0x7b/0xa0 [ 14.758575] ? __pfx_kthread+0x10/0x10 [ 14.758597] ret_from_fork+0x116/0x1d0 [ 14.758615] ? __pfx_kthread+0x10/0x10 [ 14.758635] ret_from_fork_asm+0x1a/0x30 [ 14.758668] </TASK> [ 14.758677] [ 14.766528] Allocated by task 278: [ 14.766700] kasan_save_stack+0x45/0x70 [ 14.767060] kasan_save_track+0x18/0x40 [ 14.767197] kasan_save_alloc_info+0x3b/0x50 [ 14.767347] __kasan_kmalloc+0xb7/0xc0 [ 14.767480] __kmalloc_cache_noprof+0x189/0x420 [ 14.767634] kasan_bitops_generic+0x92/0x1c0 [ 14.767868] kunit_try_run_case+0x1a5/0x480 [ 14.768088] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.768342] kthread+0x337/0x6f0 [ 14.768514] ret_from_fork+0x116/0x1d0 [ 14.768708] ret_from_fork_asm+0x1a/0x30 [ 14.769114] [ 14.769213] The buggy address belongs to the object at ffff888102321e80 [ 14.769213] which belongs to the cache kmalloc-16 of size 16 [ 14.769692] The buggy address is located 8 bytes inside of [ 14.769692] allocated 9-byte region [ffff888102321e80, ffff888102321e89) [ 14.770052] [ 14.770121] The buggy address belongs to the physical page: [ 14.770334] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102321 [ 14.770682] flags: 0x200000000000000(node=0|zone=2) [ 14.771116] page_type: f5(slab) [ 14.771282] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.771585] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.771810] page dumped because: kasan: bad access detected [ 14.771990] [ 14.772057] Memory state around the buggy address: [ 14.772209] ffff888102321d80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 14.772621] ffff888102321e00: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 14.773202] >ffff888102321e80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.773531] ^ [ 14.773715] ffff888102321f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.774050] ffff888102321f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.774303] ================================================================== [ 14.631405] ================================================================== [ 14.632099] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.632551] Write of size 8 at addr ffff888102321e88 by task kunit_try_catch/278 [ 14.633183] [ 14.633359] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.633401] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.633412] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.633431] Call Trace: [ 14.633442] <TASK> [ 14.633457] dump_stack_lvl+0x73/0xb0 [ 14.633485] print_report+0xd1/0x650 [ 14.633507] ? __virt_addr_valid+0x1db/0x2d0 [ 14.633529] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.633558] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.633581] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.633611] kasan_report+0x141/0x180 [ 14.633633] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.633667] kasan_check_range+0x10c/0x1c0 [ 14.633691] __kasan_check_write+0x18/0x20 [ 14.633710] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.633761] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.633792] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.633816] ? trace_hardirqs_on+0x37/0xe0 [ 14.633838] ? kasan_bitops_generic+0x92/0x1c0 [ 14.633866] kasan_bitops_generic+0x121/0x1c0 [ 14.633890] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.633917] ? __pfx_read_tsc+0x10/0x10 [ 14.633946] ? ktime_get_ts64+0x86/0x230 [ 14.633970] kunit_try_run_case+0x1a5/0x480 [ 14.633994] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.634016] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.634040] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.634063] ? __kthread_parkme+0x82/0x180 [ 14.634085] ? preempt_count_sub+0x50/0x80 [ 14.634109] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.634133] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.634157] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.634182] kthread+0x337/0x6f0 [ 14.634200] ? trace_preempt_on+0x20/0xc0 [ 14.634223] ? __pfx_kthread+0x10/0x10 [ 14.634242] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.634264] ? calculate_sigpending+0x7b/0xa0 [ 14.634287] ? __pfx_kthread+0x10/0x10 [ 14.634309] ret_from_fork+0x116/0x1d0 [ 14.634326] ? __pfx_kthread+0x10/0x10 [ 14.634347] ret_from_fork_asm+0x1a/0x30 [ 14.634379] </TASK> [ 14.634389] [ 14.647411] Allocated by task 278: [ 14.647610] kasan_save_stack+0x45/0x70 [ 14.647809] kasan_save_track+0x18/0x40 [ 14.648166] kasan_save_alloc_info+0x3b/0x50 [ 14.648547] __kasan_kmalloc+0xb7/0xc0 [ 14.648897] __kmalloc_cache_noprof+0x189/0x420 [ 14.649085] kasan_bitops_generic+0x92/0x1c0 [ 14.649235] kunit_try_run_case+0x1a5/0x480 [ 14.649379] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.649554] kthread+0x337/0x6f0 [ 14.649673] ret_from_fork+0x116/0x1d0 [ 14.649964] ret_from_fork_asm+0x1a/0x30 [ 14.650324] [ 14.650475] The buggy address belongs to the object at ffff888102321e80 [ 14.650475] which belongs to the cache kmalloc-16 of size 16 [ 14.651500] The buggy address is located 8 bytes inside of [ 14.651500] allocated 9-byte region [ffff888102321e80, ffff888102321e89) [ 14.652521] [ 14.652678] The buggy address belongs to the physical page: [ 14.653188] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102321 [ 14.653874] flags: 0x200000000000000(node=0|zone=2) [ 14.654307] page_type: f5(slab) [ 14.654432] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.654666] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.655239] page dumped because: kasan: bad access detected [ 14.655705] [ 14.655880] Memory state around the buggy address: [ 14.656315] ffff888102321d80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 14.656945] ffff888102321e00: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 14.657242] >ffff888102321e80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.657453] ^ [ 14.657575] ffff888102321f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.657902] ffff888102321f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.658499] ================================================================== [ 14.716220] ================================================================== [ 14.717179] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.718024] Write of size 8 at addr ffff888102321e88 by task kunit_try_catch/278 [ 14.718783] [ 14.719006] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.719046] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.719057] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.719076] Call Trace: [ 14.719091] <TASK> [ 14.719106] dump_stack_lvl+0x73/0xb0 [ 14.719133] print_report+0xd1/0x650 [ 14.719155] ? __virt_addr_valid+0x1db/0x2d0 [ 14.719177] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.719206] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.719229] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.719259] kasan_report+0x141/0x180 [ 14.719281] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.719317] kasan_check_range+0x10c/0x1c0 [ 14.719341] __kasan_check_write+0x18/0x20 [ 14.719360] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.719392] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.719423] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.719447] ? trace_hardirqs_on+0x37/0xe0 [ 14.719469] ? kasan_bitops_generic+0x92/0x1c0 [ 14.719497] kasan_bitops_generic+0x121/0x1c0 [ 14.719521] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.719547] ? __pfx_read_tsc+0x10/0x10 [ 14.719568] ? ktime_get_ts64+0x86/0x230 [ 14.719591] kunit_try_run_case+0x1a5/0x480 [ 14.719615] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.719638] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.719661] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.719685] ? __kthread_parkme+0x82/0x180 [ 14.719705] ? preempt_count_sub+0x50/0x80 [ 14.719729] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.719767] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.719792] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.719818] kthread+0x337/0x6f0 [ 14.719837] ? trace_preempt_on+0x20/0xc0 [ 14.719859] ? __pfx_kthread+0x10/0x10 [ 14.719880] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.719901] ? calculate_sigpending+0x7b/0xa0 [ 14.719936] ? __pfx_kthread+0x10/0x10 [ 14.719958] ret_from_fork+0x116/0x1d0 [ 14.719976] ? __pfx_kthread+0x10/0x10 [ 14.719997] ret_from_fork_asm+0x1a/0x30 [ 14.720029] </TASK> [ 14.720039] [ 14.729772] Allocated by task 278: [ 14.729959] kasan_save_stack+0x45/0x70 [ 14.730157] kasan_save_track+0x18/0x40 [ 14.730352] kasan_save_alloc_info+0x3b/0x50 [ 14.730543] __kasan_kmalloc+0xb7/0xc0 [ 14.730733] __kmalloc_cache_noprof+0x189/0x420 [ 14.730942] kasan_bitops_generic+0x92/0x1c0 [ 14.731127] kunit_try_run_case+0x1a5/0x480 [ 14.731331] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.731565] kthread+0x337/0x6f0 [ 14.731728] ret_from_fork+0x116/0x1d0 [ 14.731885] ret_from_fork_asm+0x1a/0x30 [ 14.732079] [ 14.732159] The buggy address belongs to the object at ffff888102321e80 [ 14.732159] which belongs to the cache kmalloc-16 of size 16 [ 14.732632] The buggy address is located 8 bytes inside of [ 14.732632] allocated 9-byte region [ffff888102321e80, ffff888102321e89) [ 14.733092] [ 14.733219] The buggy address belongs to the physical page: [ 14.733410] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102321 [ 14.733680] flags: 0x200000000000000(node=0|zone=2) [ 14.733905] page_type: f5(slab) [ 14.734080] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.734387] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.734765] page dumped because: kasan: bad access detected [ 14.735028] [ 14.735116] Memory state around the buggy address: [ 14.735303] ffff888102321d80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 14.735517] ffff888102321e00: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 14.735731] >ffff888102321e80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.735975] ^ [ 14.736153] ffff888102321f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.736467] ffff888102321f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.736811] ================================================================== [ 14.794010] ================================================================== [ 14.794299] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.794579] Read of size 8 at addr ffff888102321e88 by task kunit_try_catch/278 [ 14.794827] [ 14.794947] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.794991] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.795003] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.795022] Call Trace: [ 14.795036] <TASK> [ 14.795051] dump_stack_lvl+0x73/0xb0 [ 14.795078] print_report+0xd1/0x650 [ 14.795099] ? __virt_addr_valid+0x1db/0x2d0 [ 14.795121] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.795150] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.795174] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.795204] kasan_report+0x141/0x180 [ 14.795239] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.795274] __asan_report_load8_noabort+0x18/0x20 [ 14.795299] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.795329] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.795360] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.795384] ? trace_hardirqs_on+0x37/0xe0 [ 14.795405] ? kasan_bitops_generic+0x92/0x1c0 [ 14.795434] kasan_bitops_generic+0x121/0x1c0 [ 14.795457] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.795484] ? __pfx_read_tsc+0x10/0x10 [ 14.795506] ? ktime_get_ts64+0x86/0x230 [ 14.795530] kunit_try_run_case+0x1a5/0x480 [ 14.795554] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.795577] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.795601] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.795625] ? __kthread_parkme+0x82/0x180 [ 14.795645] ? preempt_count_sub+0x50/0x80 [ 14.795669] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.795694] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.795719] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.795745] kthread+0x337/0x6f0 [ 14.795773] ? trace_preempt_on+0x20/0xc0 [ 14.795795] ? __pfx_kthread+0x10/0x10 [ 14.795815] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.795837] ? calculate_sigpending+0x7b/0xa0 [ 14.795860] ? __pfx_kthread+0x10/0x10 [ 14.795881] ret_from_fork+0x116/0x1d0 [ 14.795900] ? __pfx_kthread+0x10/0x10 [ 14.795930] ret_from_fork_asm+0x1a/0x30 [ 14.795961] </TASK> [ 14.795970] [ 14.804095] Allocated by task 278: [ 14.804224] kasan_save_stack+0x45/0x70 [ 14.804364] kasan_save_track+0x18/0x40 [ 14.804498] kasan_save_alloc_info+0x3b/0x50 [ 14.804646] __kasan_kmalloc+0xb7/0xc0 [ 14.804777] __kmalloc_cache_noprof+0x189/0x420 [ 14.804942] kasan_bitops_generic+0x92/0x1c0 [ 14.805159] kunit_try_run_case+0x1a5/0x480 [ 14.805365] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.805624] kthread+0x337/0x6f0 [ 14.805792] ret_from_fork+0x116/0x1d0 [ 14.805989] ret_from_fork_asm+0x1a/0x30 [ 14.806339] [ 14.806413] The buggy address belongs to the object at ffff888102321e80 [ 14.806413] which belongs to the cache kmalloc-16 of size 16 [ 14.806933] The buggy address is located 8 bytes inside of [ 14.806933] allocated 9-byte region [ffff888102321e80, ffff888102321e89) [ 14.807381] [ 14.807457] The buggy address belongs to the physical page: [ 14.807675] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102321 [ 14.808041] flags: 0x200000000000000(node=0|zone=2) [ 14.808244] page_type: f5(slab) [ 14.808407] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.808658] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.809245] page dumped because: kasan: bad access detected [ 14.809481] [ 14.809549] Memory state around the buggy address: [ 14.809701] ffff888102321d80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 14.810050] ffff888102321e00: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 14.810359] >ffff888102321e80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.810609] ^ [ 14.810732] ffff888102321f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.810960] ffff888102321f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.811176] ================================================================== [ 14.659679] ================================================================== [ 14.660522] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.661328] Write of size 8 at addr ffff888102321e88 by task kunit_try_catch/278 [ 14.661982] [ 14.662151] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.662192] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.662203] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.662222] Call Trace: [ 14.662235] <TASK> [ 14.662248] dump_stack_lvl+0x73/0xb0 [ 14.662276] print_report+0xd1/0x650 [ 14.662298] ? __virt_addr_valid+0x1db/0x2d0 [ 14.662321] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.662350] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.662373] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.662404] kasan_report+0x141/0x180 [ 14.662426] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.662462] kasan_check_range+0x10c/0x1c0 [ 14.662486] __kasan_check_write+0x18/0x20 [ 14.662511] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.662540] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.662570] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.662595] ? trace_hardirqs_on+0x37/0xe0 [ 14.662617] ? kasan_bitops_generic+0x92/0x1c0 [ 14.662645] kasan_bitops_generic+0x121/0x1c0 [ 14.662669] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.662694] ? __pfx_read_tsc+0x10/0x10 [ 14.662715] ? ktime_get_ts64+0x86/0x230 [ 14.662748] kunit_try_run_case+0x1a5/0x480 [ 14.662772] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.662796] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.662820] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.662844] ? __kthread_parkme+0x82/0x180 [ 14.662864] ? preempt_count_sub+0x50/0x80 [ 14.662888] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.662913] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.662961] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.662986] kthread+0x337/0x6f0 [ 14.663005] ? trace_preempt_on+0x20/0xc0 [ 14.663028] ? __pfx_kthread+0x10/0x10 [ 14.663048] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.663069] ? calculate_sigpending+0x7b/0xa0 [ 14.663094] ? __pfx_kthread+0x10/0x10 [ 14.663115] ret_from_fork+0x116/0x1d0 [ 14.663133] ? __pfx_kthread+0x10/0x10 [ 14.663153] ret_from_fork_asm+0x1a/0x30 [ 14.663184] </TASK> [ 14.663193] [ 14.676029] Allocated by task 278: [ 14.676160] kasan_save_stack+0x45/0x70 [ 14.676303] kasan_save_track+0x18/0x40 [ 14.676437] kasan_save_alloc_info+0x3b/0x50 [ 14.676586] __kasan_kmalloc+0xb7/0xc0 [ 14.676717] __kmalloc_cache_noprof+0x189/0x420 [ 14.677135] kasan_bitops_generic+0x92/0x1c0 [ 14.677505] kunit_try_run_case+0x1a5/0x480 [ 14.677892] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.678359] kthread+0x337/0x6f0 [ 14.678658] ret_from_fork+0x116/0x1d0 [ 14.679041] ret_from_fork_asm+0x1a/0x30 [ 14.679387] [ 14.679541] The buggy address belongs to the object at ffff888102321e80 [ 14.679541] which belongs to the cache kmalloc-16 of size 16 [ 14.680569] The buggy address is located 8 bytes inside of [ 14.680569] allocated 9-byte region [ffff888102321e80, ffff888102321e89) [ 14.681535] [ 14.681608] The buggy address belongs to the physical page: [ 14.681883] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102321 [ 14.682537] flags: 0x200000000000000(node=0|zone=2) [ 14.683007] page_type: f5(slab) [ 14.683244] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.683476] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.683701] page dumped because: kasan: bad access detected [ 14.683878] [ 14.684007] Memory state around the buggy address: [ 14.684407] ffff888102321d80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 14.685022] ffff888102321e00: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 14.685634] >ffff888102321e80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.686248] ^ [ 14.686559] ffff888102321f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.687186] ffff888102321f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.687799] ================================================================== [ 14.602245] ================================================================== [ 14.603020] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.603544] Write of size 8 at addr ffff888102321e88 by task kunit_try_catch/278 [ 14.603843] [ 14.604025] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.604068] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.604080] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.604100] Call Trace: [ 14.604116] <TASK> [ 14.604131] dump_stack_lvl+0x73/0xb0 [ 14.604159] print_report+0xd1/0x650 [ 14.604181] ? __virt_addr_valid+0x1db/0x2d0 [ 14.604204] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.604232] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.604257] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.604286] kasan_report+0x141/0x180 [ 14.604308] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.604343] kasan_check_range+0x10c/0x1c0 [ 14.604367] __kasan_check_write+0x18/0x20 [ 14.604386] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.604416] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.604447] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.604471] ? trace_hardirqs_on+0x37/0xe0 [ 14.604493] ? kasan_bitops_generic+0x92/0x1c0 [ 14.604521] kasan_bitops_generic+0x121/0x1c0 [ 14.604545] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.604571] ? __pfx_read_tsc+0x10/0x10 [ 14.604592] ? ktime_get_ts64+0x86/0x230 [ 14.604616] kunit_try_run_case+0x1a5/0x480 [ 14.604639] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.604662] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.604686] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.604711] ? __kthread_parkme+0x82/0x180 [ 14.604752] ? preempt_count_sub+0x50/0x80 [ 14.604778] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.604802] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.604827] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.604852] kthread+0x337/0x6f0 [ 14.604872] ? trace_preempt_on+0x20/0xc0 [ 14.604894] ? __pfx_kthread+0x10/0x10 [ 14.604914] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.604946] ? calculate_sigpending+0x7b/0xa0 [ 14.604970] ? __pfx_kthread+0x10/0x10 [ 14.604992] ret_from_fork+0x116/0x1d0 [ 14.605010] ? __pfx_kthread+0x10/0x10 [ 14.605030] ret_from_fork_asm+0x1a/0x30 [ 14.605062] </TASK> [ 14.605072] [ 14.618411] Allocated by task 278: [ 14.618554] kasan_save_stack+0x45/0x70 [ 14.618704] kasan_save_track+0x18/0x40 [ 14.619070] kasan_save_alloc_info+0x3b/0x50 [ 14.619450] __kasan_kmalloc+0xb7/0xc0 [ 14.619803] __kmalloc_cache_noprof+0x189/0x420 [ 14.620209] kasan_bitops_generic+0x92/0x1c0 [ 14.620597] kunit_try_run_case+0x1a5/0x480 [ 14.621071] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.621533] kthread+0x337/0x6f0 [ 14.621855] ret_from_fork+0x116/0x1d0 [ 14.622091] ret_from_fork_asm+0x1a/0x30 [ 14.622232] [ 14.622302] The buggy address belongs to the object at ffff888102321e80 [ 14.622302] which belongs to the cache kmalloc-16 of size 16 [ 14.622656] The buggy address is located 8 bytes inside of [ 14.622656] allocated 9-byte region [ffff888102321e80, ffff888102321e89) [ 14.623576] [ 14.623750] The buggy address belongs to the physical page: [ 14.624220] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102321 [ 14.624899] flags: 0x200000000000000(node=0|zone=2) [ 14.625339] page_type: f5(slab) [ 14.625633] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.626284] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.626940] page dumped because: kasan: bad access detected [ 14.627200] [ 14.627268] Memory state around the buggy address: [ 14.627424] ffff888102321d80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 14.627637] ffff888102321e00: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 14.628101] >ffff888102321e80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.628706] ^ [ 14.629046] ffff888102321f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.629642] ffff888102321f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.630254] ================================================================== [ 14.775136] ================================================================== [ 14.775489] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.775850] Read of size 8 at addr ffff888102321e88 by task kunit_try_catch/278 [ 14.776273] [ 14.776390] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.776431] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.776442] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.776461] Call Trace: [ 14.776474] <TASK> [ 14.776487] dump_stack_lvl+0x73/0xb0 [ 14.776517] print_report+0xd1/0x650 [ 14.776539] ? __virt_addr_valid+0x1db/0x2d0 [ 14.776562] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.776592] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.776616] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.776646] kasan_report+0x141/0x180 [ 14.776667] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.776702] kasan_check_range+0x10c/0x1c0 [ 14.776726] __kasan_check_read+0x15/0x20 [ 14.776745] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.776775] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.776805] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.776829] ? trace_hardirqs_on+0x37/0xe0 [ 14.776851] ? kasan_bitops_generic+0x92/0x1c0 [ 14.776879] kasan_bitops_generic+0x121/0x1c0 [ 14.776903] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.776941] ? __pfx_read_tsc+0x10/0x10 [ 14.776961] ? ktime_get_ts64+0x86/0x230 [ 14.776985] kunit_try_run_case+0x1a5/0x480 [ 14.777019] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.777044] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.777068] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.777093] ? __kthread_parkme+0x82/0x180 [ 14.777113] ? preempt_count_sub+0x50/0x80 [ 14.777137] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.777162] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.777187] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.777212] kthread+0x337/0x6f0 [ 14.777230] ? trace_preempt_on+0x20/0xc0 [ 14.777253] ? __pfx_kthread+0x10/0x10 [ 14.777273] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.777296] ? calculate_sigpending+0x7b/0xa0 [ 14.777319] ? __pfx_kthread+0x10/0x10 [ 14.777340] ret_from_fork+0x116/0x1d0 [ 14.777358] ? __pfx_kthread+0x10/0x10 [ 14.777378] ret_from_fork_asm+0x1a/0x30 [ 14.777410] </TASK> [ 14.777419] [ 14.785701] Allocated by task 278: [ 14.785881] kasan_save_stack+0x45/0x70 [ 14.786095] kasan_save_track+0x18/0x40 [ 14.786289] kasan_save_alloc_info+0x3b/0x50 [ 14.786498] __kasan_kmalloc+0xb7/0xc0 [ 14.786728] __kmalloc_cache_noprof+0x189/0x420 [ 14.786891] kasan_bitops_generic+0x92/0x1c0 [ 14.787196] kunit_try_run_case+0x1a5/0x480 [ 14.787390] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.787593] kthread+0x337/0x6f0 [ 14.787714] ret_from_fork+0x116/0x1d0 [ 14.787845] ret_from_fork_asm+0x1a/0x30 [ 14.787995] [ 14.788064] The buggy address belongs to the object at ffff888102321e80 [ 14.788064] which belongs to the cache kmalloc-16 of size 16 [ 14.788584] The buggy address is located 8 bytes inside of [ 14.788584] allocated 9-byte region [ffff888102321e80, ffff888102321e89) [ 14.789230] [ 14.789303] The buggy address belongs to the physical page: [ 14.789472] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102321 [ 14.789784] flags: 0x200000000000000(node=0|zone=2) [ 14.790029] page_type: f5(slab) [ 14.790200] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.790529] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.790828] page dumped because: kasan: bad access detected [ 14.791080] [ 14.791167] Memory state around the buggy address: [ 14.791361] ffff888102321d80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 14.791613] ffff888102321e00: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 14.792013] >ffff888102321e80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.792309] ^ [ 14.792428] ffff888102321f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.792641] ffff888102321f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.793219] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 14.579127] ================================================================== [ 14.579569] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.579903] Write of size 8 at addr ffff888102321e88 by task kunit_try_catch/278 [ 14.580348] [ 14.580482] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.580522] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.580534] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.580553] Call Trace: [ 14.580567] <TASK> [ 14.580582] dump_stack_lvl+0x73/0xb0 [ 14.580610] print_report+0xd1/0x650 [ 14.580632] ? __virt_addr_valid+0x1db/0x2d0 [ 14.580656] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.580681] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.580705] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.580756] kasan_report+0x141/0x180 [ 14.580779] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.580813] kasan_check_range+0x10c/0x1c0 [ 14.580838] __kasan_check_write+0x18/0x20 [ 14.580859] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.580888] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.580917] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.580974] ? trace_hardirqs_on+0x37/0xe0 [ 14.580997] ? kasan_bitops_generic+0x92/0x1c0 [ 14.581026] kasan_bitops_generic+0x116/0x1c0 [ 14.581050] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.581076] ? __pfx_read_tsc+0x10/0x10 [ 14.581114] ? ktime_get_ts64+0x86/0x230 [ 14.581139] kunit_try_run_case+0x1a5/0x480 [ 14.581164] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.581187] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.581211] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.581235] ? __kthread_parkme+0x82/0x180 [ 14.581255] ? preempt_count_sub+0x50/0x80 [ 14.581280] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.581304] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.581330] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.581357] kthread+0x337/0x6f0 [ 14.581377] ? trace_preempt_on+0x20/0xc0 [ 14.581399] ? __pfx_kthread+0x10/0x10 [ 14.581419] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.581440] ? calculate_sigpending+0x7b/0xa0 [ 14.581465] ? __pfx_kthread+0x10/0x10 [ 14.581487] ret_from_fork+0x116/0x1d0 [ 14.581505] ? __pfx_kthread+0x10/0x10 [ 14.581526] ret_from_fork_asm+0x1a/0x30 [ 14.581557] </TASK> [ 14.581567] [ 14.589210] Allocated by task 278: [ 14.589391] kasan_save_stack+0x45/0x70 [ 14.589593] kasan_save_track+0x18/0x40 [ 14.589812] kasan_save_alloc_info+0x3b/0x50 [ 14.590035] __kasan_kmalloc+0xb7/0xc0 [ 14.590213] __kmalloc_cache_noprof+0x189/0x420 [ 14.590370] kasan_bitops_generic+0x92/0x1c0 [ 14.590587] kunit_try_run_case+0x1a5/0x480 [ 14.590828] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.591042] kthread+0x337/0x6f0 [ 14.591162] ret_from_fork+0x116/0x1d0 [ 14.591295] ret_from_fork_asm+0x1a/0x30 [ 14.591492] [ 14.591579] The buggy address belongs to the object at ffff888102321e80 [ 14.591579] which belongs to the cache kmalloc-16 of size 16 [ 14.594426] The buggy address is located 8 bytes inside of [ 14.594426] allocated 9-byte region [ffff888102321e80, ffff888102321e89) [ 14.594829] [ 14.594957] The buggy address belongs to the physical page: [ 14.595190] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102321 [ 14.595502] flags: 0x200000000000000(node=0|zone=2) [ 14.595721] page_type: f5(slab) [ 14.596339] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.596571] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.596831] page dumped because: kasan: bad access detected [ 14.598082] [ 14.598213] Memory state around the buggy address: [ 14.598375] ffff888102321d80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 14.599856] ffff888102321e00: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 14.600266] >ffff888102321e80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.600483] ^ [ 14.600607] ffff888102321f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.600833] ffff888102321f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.601057] ================================================================== [ 14.499501] ================================================================== [ 14.500252] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.500629] Write of size 8 at addr ffff888102321e88 by task kunit_try_catch/278 [ 14.500962] [ 14.501109] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.501152] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.501164] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.501185] Call Trace: [ 14.501234] <TASK> [ 14.501249] dump_stack_lvl+0x73/0xb0 [ 14.501277] print_report+0xd1/0x650 [ 14.501298] ? __virt_addr_valid+0x1db/0x2d0 [ 14.501320] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.501346] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.501401] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.501428] kasan_report+0x141/0x180 [ 14.501450] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.501481] kasan_check_range+0x10c/0x1c0 [ 14.501533] __kasan_check_write+0x18/0x20 [ 14.501552] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.501580] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.501608] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.501633] ? trace_hardirqs_on+0x37/0xe0 [ 14.501656] ? kasan_bitops_generic+0x92/0x1c0 [ 14.501684] kasan_bitops_generic+0x116/0x1c0 [ 14.501709] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.501805] ? __pfx_read_tsc+0x10/0x10 [ 14.501828] ? ktime_get_ts64+0x86/0x230 [ 14.501852] kunit_try_run_case+0x1a5/0x480 [ 14.501877] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.501899] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.501932] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.501957] ? __kthread_parkme+0x82/0x180 [ 14.501977] ? preempt_count_sub+0x50/0x80 [ 14.502001] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.502026] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.502050] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.502075] kthread+0x337/0x6f0 [ 14.502094] ? trace_preempt_on+0x20/0xc0 [ 14.502116] ? __pfx_kthread+0x10/0x10 [ 14.502136] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.502158] ? calculate_sigpending+0x7b/0xa0 [ 14.502182] ? __pfx_kthread+0x10/0x10 [ 14.502203] ret_from_fork+0x116/0x1d0 [ 14.502221] ? __pfx_kthread+0x10/0x10 [ 14.502241] ret_from_fork_asm+0x1a/0x30 [ 14.502274] </TASK> [ 14.502283] [ 14.510709] Allocated by task 278: [ 14.510945] kasan_save_stack+0x45/0x70 [ 14.511161] kasan_save_track+0x18/0x40 [ 14.511366] kasan_save_alloc_info+0x3b/0x50 [ 14.511517] __kasan_kmalloc+0xb7/0xc0 [ 14.511649] __kmalloc_cache_noprof+0x189/0x420 [ 14.511897] kasan_bitops_generic+0x92/0x1c0 [ 14.512119] kunit_try_run_case+0x1a5/0x480 [ 14.512327] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.512613] kthread+0x337/0x6f0 [ 14.512834] ret_from_fork+0x116/0x1d0 [ 14.512991] ret_from_fork_asm+0x1a/0x30 [ 14.513134] [ 14.513204] The buggy address belongs to the object at ffff888102321e80 [ 14.513204] which belongs to the cache kmalloc-16 of size 16 [ 14.513800] The buggy address is located 8 bytes inside of [ 14.513800] allocated 9-byte region [ffff888102321e80, ffff888102321e89) [ 14.514338] [ 14.514433] The buggy address belongs to the physical page: [ 14.514622] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102321 [ 14.515000] flags: 0x200000000000000(node=0|zone=2) [ 14.515163] page_type: f5(slab) [ 14.515324] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.515699] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.516104] page dumped because: kasan: bad access detected [ 14.516349] [ 14.516467] Memory state around the buggy address: [ 14.516645] ffff888102321d80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 14.517032] ffff888102321e00: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 14.517357] >ffff888102321e80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.517677] ^ [ 14.517904] ffff888102321f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.518243] ffff888102321f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.518590] ================================================================== [ 14.479661] ================================================================== [ 14.480101] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.480480] Write of size 8 at addr ffff888102321e88 by task kunit_try_catch/278 [ 14.480839] [ 14.480996] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.481082] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.481093] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.481112] Call Trace: [ 14.481124] <TASK> [ 14.481137] dump_stack_lvl+0x73/0xb0 [ 14.481165] print_report+0xd1/0x650 [ 14.481187] ? __virt_addr_valid+0x1db/0x2d0 [ 14.481210] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.481236] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.481260] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.481286] kasan_report+0x141/0x180 [ 14.481308] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.481340] kasan_check_range+0x10c/0x1c0 [ 14.481393] __kasan_check_write+0x18/0x20 [ 14.481413] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.481439] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.481467] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.481491] ? trace_hardirqs_on+0x37/0xe0 [ 14.481513] ? kasan_bitops_generic+0x92/0x1c0 [ 14.481542] kasan_bitops_generic+0x116/0x1c0 [ 14.481566] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.481591] ? __pfx_read_tsc+0x10/0x10 [ 14.481613] ? ktime_get_ts64+0x86/0x230 [ 14.481636] kunit_try_run_case+0x1a5/0x480 [ 14.481685] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.481709] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.481790] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.481816] ? __kthread_parkme+0x82/0x180 [ 14.481883] ? preempt_count_sub+0x50/0x80 [ 14.481907] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.481941] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.481966] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.481992] kthread+0x337/0x6f0 [ 14.482010] ? trace_preempt_on+0x20/0xc0 [ 14.482032] ? __pfx_kthread+0x10/0x10 [ 14.482052] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.482074] ? calculate_sigpending+0x7b/0xa0 [ 14.482097] ? __pfx_kthread+0x10/0x10 [ 14.482120] ret_from_fork+0x116/0x1d0 [ 14.482138] ? __pfx_kthread+0x10/0x10 [ 14.482157] ret_from_fork_asm+0x1a/0x30 [ 14.482190] </TASK> [ 14.482199] [ 14.490521] Allocated by task 278: [ 14.490724] kasan_save_stack+0x45/0x70 [ 14.490995] kasan_save_track+0x18/0x40 [ 14.491195] kasan_save_alloc_info+0x3b/0x50 [ 14.491384] __kasan_kmalloc+0xb7/0xc0 [ 14.491604] __kmalloc_cache_noprof+0x189/0x420 [ 14.491867] kasan_bitops_generic+0x92/0x1c0 [ 14.492097] kunit_try_run_case+0x1a5/0x480 [ 14.492322] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.492578] kthread+0x337/0x6f0 [ 14.492859] ret_from_fork+0x116/0x1d0 [ 14.493070] ret_from_fork_asm+0x1a/0x30 [ 14.493264] [ 14.493334] The buggy address belongs to the object at ffff888102321e80 [ 14.493334] which belongs to the cache kmalloc-16 of size 16 [ 14.493714] The buggy address is located 8 bytes inside of [ 14.493714] allocated 9-byte region [ffff888102321e80, ffff888102321e89) [ 14.494195] [ 14.494280] The buggy address belongs to the physical page: [ 14.494538] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102321 [ 14.494934] flags: 0x200000000000000(node=0|zone=2) [ 14.495098] page_type: f5(slab) [ 14.495218] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.495496] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.495956] page dumped because: kasan: bad access detected [ 14.496260] [ 14.496352] Memory state around the buggy address: [ 14.496603] ffff888102321d80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 14.496999] ffff888102321e00: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 14.497236] >ffff888102321e80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.497558] ^ [ 14.497751] ffff888102321f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.498114] ffff888102321f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.498456] ================================================================== [ 14.439494] ================================================================== [ 14.440077] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.440473] Write of size 8 at addr ffff888102321e88 by task kunit_try_catch/278 [ 14.440873] [ 14.441007] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.441083] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.441119] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.441163] Call Trace: [ 14.441175] <TASK> [ 14.441191] dump_stack_lvl+0x73/0xb0 [ 14.441224] print_report+0xd1/0x650 [ 14.441246] ? __virt_addr_valid+0x1db/0x2d0 [ 14.441270] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.441297] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.441321] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.441347] kasan_report+0x141/0x180 [ 14.441369] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.441400] kasan_check_range+0x10c/0x1c0 [ 14.441424] __kasan_check_write+0x18/0x20 [ 14.441443] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.441470] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.441498] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.441522] ? trace_hardirqs_on+0x37/0xe0 [ 14.441544] ? kasan_bitops_generic+0x92/0x1c0 [ 14.441572] kasan_bitops_generic+0x116/0x1c0 [ 14.441596] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.441620] ? __pfx_read_tsc+0x10/0x10 [ 14.441642] ? ktime_get_ts64+0x86/0x230 [ 14.441666] kunit_try_run_case+0x1a5/0x480 [ 14.441691] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.441714] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.441761] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.441785] ? __kthread_parkme+0x82/0x180 [ 14.441806] ? preempt_count_sub+0x50/0x80 [ 14.441831] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.441855] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.441880] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.441906] kthread+0x337/0x6f0 [ 14.441936] ? trace_preempt_on+0x20/0xc0 [ 14.441960] ? __pfx_kthread+0x10/0x10 [ 14.441982] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.442002] ? calculate_sigpending+0x7b/0xa0 [ 14.442026] ? __pfx_kthread+0x10/0x10 [ 14.442048] ret_from_fork+0x116/0x1d0 [ 14.442066] ? __pfx_kthread+0x10/0x10 [ 14.442086] ret_from_fork_asm+0x1a/0x30 [ 14.442118] </TASK> [ 14.442128] [ 14.450372] Allocated by task 278: [ 14.450543] kasan_save_stack+0x45/0x70 [ 14.450692] kasan_save_track+0x18/0x40 [ 14.450857] kasan_save_alloc_info+0x3b/0x50 [ 14.451148] __kasan_kmalloc+0xb7/0xc0 [ 14.451344] __kmalloc_cache_noprof+0x189/0x420 [ 14.451558] kasan_bitops_generic+0x92/0x1c0 [ 14.451818] kunit_try_run_case+0x1a5/0x480 [ 14.452041] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.452299] kthread+0x337/0x6f0 [ 14.452453] ret_from_fork+0x116/0x1d0 [ 14.452687] ret_from_fork_asm+0x1a/0x30 [ 14.452886] [ 14.452965] The buggy address belongs to the object at ffff888102321e80 [ 14.452965] which belongs to the cache kmalloc-16 of size 16 [ 14.453304] The buggy address is located 8 bytes inside of [ 14.453304] allocated 9-byte region [ffff888102321e80, ffff888102321e89) [ 14.453644] [ 14.453762] The buggy address belongs to the physical page: [ 14.454097] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102321 [ 14.454587] flags: 0x200000000000000(node=0|zone=2) [ 14.454964] page_type: f5(slab) [ 14.455161] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.455493] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.455845] page dumped because: kasan: bad access detected [ 14.456062] [ 14.456130] Memory state around the buggy address: [ 14.456277] ffff888102321d80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 14.456593] ffff888102321e00: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 14.456980] >ffff888102321e80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.457295] ^ [ 14.457501] ffff888102321f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.457829] ffff888102321f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.458148] ================================================================== [ 14.538874] ================================================================== [ 14.539406] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.539854] Write of size 8 at addr ffff888102321e88 by task kunit_try_catch/278 [ 14.540194] [ 14.540321] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.540363] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.540374] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.540393] Call Trace: [ 14.540407] <TASK> [ 14.540422] dump_stack_lvl+0x73/0xb0 [ 14.540449] print_report+0xd1/0x650 [ 14.540471] ? __virt_addr_valid+0x1db/0x2d0 [ 14.540528] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.540554] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.540578] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.540605] kasan_report+0x141/0x180 [ 14.540626] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.540688] kasan_check_range+0x10c/0x1c0 [ 14.540712] __kasan_check_write+0x18/0x20 [ 14.540730] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.540809] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.540837] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.540862] ? trace_hardirqs_on+0x37/0xe0 [ 14.540883] ? kasan_bitops_generic+0x92/0x1c0 [ 14.541002] kasan_bitops_generic+0x116/0x1c0 [ 14.541030] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.541056] ? __pfx_read_tsc+0x10/0x10 [ 14.541077] ? ktime_get_ts64+0x86/0x230 [ 14.541100] kunit_try_run_case+0x1a5/0x480 [ 14.541125] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.541177] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.541225] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.541250] ? __kthread_parkme+0x82/0x180 [ 14.541270] ? preempt_count_sub+0x50/0x80 [ 14.541293] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.541318] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.541342] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.541368] kthread+0x337/0x6f0 [ 14.541387] ? trace_preempt_on+0x20/0xc0 [ 14.541409] ? __pfx_kthread+0x10/0x10 [ 14.541429] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.541451] ? calculate_sigpending+0x7b/0xa0 [ 14.541475] ? __pfx_kthread+0x10/0x10 [ 14.541497] ret_from_fork+0x116/0x1d0 [ 14.541514] ? __pfx_kthread+0x10/0x10 [ 14.541535] ret_from_fork_asm+0x1a/0x30 [ 14.541567] </TASK> [ 14.541576] [ 14.549810] Allocated by task 278: [ 14.549946] kasan_save_stack+0x45/0x70 [ 14.550130] kasan_save_track+0x18/0x40 [ 14.550397] kasan_save_alloc_info+0x3b/0x50 [ 14.550643] __kasan_kmalloc+0xb7/0xc0 [ 14.550860] __kmalloc_cache_noprof+0x189/0x420 [ 14.551090] kasan_bitops_generic+0x92/0x1c0 [ 14.551335] kunit_try_run_case+0x1a5/0x480 [ 14.551548] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.551863] kthread+0x337/0x6f0 [ 14.552020] ret_from_fork+0x116/0x1d0 [ 14.552231] ret_from_fork_asm+0x1a/0x30 [ 14.552429] [ 14.552555] The buggy address belongs to the object at ffff888102321e80 [ 14.552555] which belongs to the cache kmalloc-16 of size 16 [ 14.553103] The buggy address is located 8 bytes inside of [ 14.553103] allocated 9-byte region [ffff888102321e80, ffff888102321e89) [ 14.553644] [ 14.553772] The buggy address belongs to the physical page: [ 14.554037] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102321 [ 14.554405] flags: 0x200000000000000(node=0|zone=2) [ 14.554661] page_type: f5(slab) [ 14.554874] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.555233] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.555600] page dumped because: kasan: bad access detected [ 14.555897] [ 14.556025] Memory state around the buggy address: [ 14.556324] ffff888102321d80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 14.556676] ffff888102321e00: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 14.557053] >ffff888102321e80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.557362] ^ [ 14.557533] ffff888102321f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.557797] ffff888102321f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.558070] ================================================================== [ 14.459519] ================================================================== [ 14.459930] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.460353] Write of size 8 at addr ffff888102321e88 by task kunit_try_catch/278 [ 14.460675] [ 14.460810] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.460852] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.460898] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.460929] Call Trace: [ 14.460940] <TASK> [ 14.460953] dump_stack_lvl+0x73/0xb0 [ 14.460981] print_report+0xd1/0x650 [ 14.461002] ? __virt_addr_valid+0x1db/0x2d0 [ 14.461024] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.461050] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.461107] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.461134] kasan_report+0x141/0x180 [ 14.461156] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.461187] kasan_check_range+0x10c/0x1c0 [ 14.461239] __kasan_check_write+0x18/0x20 [ 14.461258] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.461285] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.461313] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.461338] ? trace_hardirqs_on+0x37/0xe0 [ 14.461359] ? kasan_bitops_generic+0x92/0x1c0 [ 14.461388] kasan_bitops_generic+0x116/0x1c0 [ 14.461411] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.461436] ? __pfx_read_tsc+0x10/0x10 [ 14.461485] ? ktime_get_ts64+0x86/0x230 [ 14.461532] kunit_try_run_case+0x1a5/0x480 [ 14.461556] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.461579] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.461602] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.461626] ? __kthread_parkme+0x82/0x180 [ 14.461647] ? preempt_count_sub+0x50/0x80 [ 14.461670] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.461694] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.461719] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.461765] kthread+0x337/0x6f0 [ 14.461783] ? trace_preempt_on+0x20/0xc0 [ 14.461805] ? __pfx_kthread+0x10/0x10 [ 14.461826] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.461848] ? calculate_sigpending+0x7b/0xa0 [ 14.461872] ? __pfx_kthread+0x10/0x10 [ 14.461894] ret_from_fork+0x116/0x1d0 [ 14.461913] ? __pfx_kthread+0x10/0x10 [ 14.461943] ret_from_fork_asm+0x1a/0x30 [ 14.461974] </TASK> [ 14.461984] [ 14.470896] Allocated by task 278: [ 14.471028] kasan_save_stack+0x45/0x70 [ 14.471211] kasan_save_track+0x18/0x40 [ 14.471442] kasan_save_alloc_info+0x3b/0x50 [ 14.471656] __kasan_kmalloc+0xb7/0xc0 [ 14.471896] __kmalloc_cache_noprof+0x189/0x420 [ 14.472148] kasan_bitops_generic+0x92/0x1c0 [ 14.472367] kunit_try_run_case+0x1a5/0x480 [ 14.472568] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.472878] kthread+0x337/0x6f0 [ 14.473058] ret_from_fork+0x116/0x1d0 [ 14.473242] ret_from_fork_asm+0x1a/0x30 [ 14.473442] [ 14.473558] The buggy address belongs to the object at ffff888102321e80 [ 14.473558] which belongs to the cache kmalloc-16 of size 16 [ 14.474127] The buggy address is located 8 bytes inside of [ 14.474127] allocated 9-byte region [ffff888102321e80, ffff888102321e89) [ 14.474680] [ 14.474777] The buggy address belongs to the physical page: [ 14.475071] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102321 [ 14.475412] flags: 0x200000000000000(node=0|zone=2) [ 14.475567] page_type: f5(slab) [ 14.475687] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.476087] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.476410] page dumped because: kasan: bad access detected [ 14.476658] [ 14.476767] Memory state around the buggy address: [ 14.477066] ffff888102321d80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 14.477393] ffff888102321e00: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 14.477672] >ffff888102321e80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.477937] ^ [ 14.478150] ffff888102321f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.478564] ffff888102321f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.478943] ================================================================== [ 14.519651] ================================================================== [ 14.520107] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.520483] Write of size 8 at addr ffff888102321e88 by task kunit_try_catch/278 [ 14.520815] [ 14.520970] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.521013] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.521025] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.521043] Call Trace: [ 14.521056] <TASK> [ 14.521070] dump_stack_lvl+0x73/0xb0 [ 14.521131] print_report+0xd1/0x650 [ 14.521154] ? __virt_addr_valid+0x1db/0x2d0 [ 14.521177] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.521203] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.521226] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.521284] kasan_report+0x141/0x180 [ 14.521305] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.521337] kasan_check_range+0x10c/0x1c0 [ 14.521361] __kasan_check_write+0x18/0x20 [ 14.521407] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.521434] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.521462] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.521486] ? trace_hardirqs_on+0x37/0xe0 [ 14.521509] ? kasan_bitops_generic+0x92/0x1c0 [ 14.521537] kasan_bitops_generic+0x116/0x1c0 [ 14.521560] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.521587] ? __pfx_read_tsc+0x10/0x10 [ 14.521607] ? ktime_get_ts64+0x86/0x230 [ 14.521631] kunit_try_run_case+0x1a5/0x480 [ 14.521655] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.521677] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.521701] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.521727] ? __kthread_parkme+0x82/0x180 [ 14.521803] ? preempt_count_sub+0x50/0x80 [ 14.521830] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.521856] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.521881] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.521906] kthread+0x337/0x6f0 [ 14.521937] ? trace_preempt_on+0x20/0xc0 [ 14.521958] ? __pfx_kthread+0x10/0x10 [ 14.521979] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.522001] ? calculate_sigpending+0x7b/0xa0 [ 14.522024] ? __pfx_kthread+0x10/0x10 [ 14.522045] ret_from_fork+0x116/0x1d0 [ 14.522064] ? __pfx_kthread+0x10/0x10 [ 14.522083] ret_from_fork_asm+0x1a/0x30 [ 14.522115] </TASK> [ 14.522125] [ 14.530424] Allocated by task 278: [ 14.530607] kasan_save_stack+0x45/0x70 [ 14.530823] kasan_save_track+0x18/0x40 [ 14.531025] kasan_save_alloc_info+0x3b/0x50 [ 14.531187] __kasan_kmalloc+0xb7/0xc0 [ 14.531359] __kmalloc_cache_noprof+0x189/0x420 [ 14.531589] kasan_bitops_generic+0x92/0x1c0 [ 14.531792] kunit_try_run_case+0x1a5/0x480 [ 14.532083] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.532317] kthread+0x337/0x6f0 [ 14.532483] ret_from_fork+0x116/0x1d0 [ 14.532651] ret_from_fork_asm+0x1a/0x30 [ 14.532814] [ 14.532884] The buggy address belongs to the object at ffff888102321e80 [ 14.532884] which belongs to the cache kmalloc-16 of size 16 [ 14.533228] The buggy address is located 8 bytes inside of [ 14.533228] allocated 9-byte region [ffff888102321e80, ffff888102321e89) [ 14.533581] [ 14.533717] The buggy address belongs to the physical page: [ 14.534078] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102321 [ 14.534541] flags: 0x200000000000000(node=0|zone=2) [ 14.534898] page_type: f5(slab) [ 14.535074] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.535408] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.535755] page dumped because: kasan: bad access detected [ 14.535931] [ 14.536000] Memory state around the buggy address: [ 14.536150] ffff888102321d80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 14.536500] ffff888102321e00: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 14.536879] >ffff888102321e80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.537206] ^ [ 14.537409] ffff888102321f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.537755] ffff888102321f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.538085] ================================================================== [ 14.558954] ================================================================== [ 14.559386] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.559681] Write of size 8 at addr ffff888102321e88 by task kunit_try_catch/278 [ 14.559984] [ 14.560072] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.560112] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.560123] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.560142] Call Trace: [ 14.560153] <TASK> [ 14.560166] dump_stack_lvl+0x73/0xb0 [ 14.560228] print_report+0xd1/0x650 [ 14.560250] ? __virt_addr_valid+0x1db/0x2d0 [ 14.560273] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.560299] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.560322] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.560349] kasan_report+0x141/0x180 [ 14.560370] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.560402] kasan_check_range+0x10c/0x1c0 [ 14.560426] __kasan_check_write+0x18/0x20 [ 14.560445] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.560472] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.560500] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.560524] ? trace_hardirqs_on+0x37/0xe0 [ 14.560545] ? kasan_bitops_generic+0x92/0x1c0 [ 14.560573] kasan_bitops_generic+0x116/0x1c0 [ 14.560597] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.560622] ? __pfx_read_tsc+0x10/0x10 [ 14.560644] ? ktime_get_ts64+0x86/0x230 [ 14.560667] kunit_try_run_case+0x1a5/0x480 [ 14.560691] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.560715] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.560787] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.560813] ? __kthread_parkme+0x82/0x180 [ 14.560832] ? preempt_count_sub+0x50/0x80 [ 14.560857] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.560882] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.560907] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.560942] kthread+0x337/0x6f0 [ 14.560961] ? trace_preempt_on+0x20/0xc0 [ 14.560982] ? __pfx_kthread+0x10/0x10 [ 14.561003] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.561025] ? calculate_sigpending+0x7b/0xa0 [ 14.561049] ? __pfx_kthread+0x10/0x10 [ 14.561071] ret_from_fork+0x116/0x1d0 [ 14.561088] ? __pfx_kthread+0x10/0x10 [ 14.561109] ret_from_fork_asm+0x1a/0x30 [ 14.561141] </TASK> [ 14.561151] [ 14.569561] Allocated by task 278: [ 14.569786] kasan_save_stack+0x45/0x70 [ 14.570025] kasan_save_track+0x18/0x40 [ 14.570215] kasan_save_alloc_info+0x3b/0x50 [ 14.570385] __kasan_kmalloc+0xb7/0xc0 [ 14.570540] __kmalloc_cache_noprof+0x189/0x420 [ 14.570817] kasan_bitops_generic+0x92/0x1c0 [ 14.571045] kunit_try_run_case+0x1a5/0x480 [ 14.571273] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.571538] kthread+0x337/0x6f0 [ 14.571664] ret_from_fork+0x116/0x1d0 [ 14.571853] ret_from_fork_asm+0x1a/0x30 [ 14.572156] [ 14.572270] The buggy address belongs to the object at ffff888102321e80 [ 14.572270] which belongs to the cache kmalloc-16 of size 16 [ 14.572646] The buggy address is located 8 bytes inside of [ 14.572646] allocated 9-byte region [ffff888102321e80, ffff888102321e89) [ 14.573201] [ 14.573297] The buggy address belongs to the physical page: [ 14.573522] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102321 [ 14.573787] flags: 0x200000000000000(node=0|zone=2) [ 14.573982] page_type: f5(slab) [ 14.574155] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.574625] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.575028] page dumped because: kasan: bad access detected [ 14.575311] [ 14.575425] Memory state around the buggy address: [ 14.575613] ffff888102321d80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 14.575905] ffff888102321e00: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 14.576267] >ffff888102321e80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.576581] ^ [ 14.576794] ffff888102321f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.577119] ffff888102321f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.577441] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 14.411535] ================================================================== [ 14.412181] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 14.412623] Read of size 1 at addr ffff888102a16ad0 by task kunit_try_catch/276 [ 14.412844] [ 14.412999] CPU: 1 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.413132] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.413145] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.413164] Call Trace: [ 14.413177] <TASK> [ 14.413191] dump_stack_lvl+0x73/0xb0 [ 14.413219] print_report+0xd1/0x650 [ 14.413240] ? __virt_addr_valid+0x1db/0x2d0 [ 14.413264] ? strnlen+0x73/0x80 [ 14.413280] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.413304] ? strnlen+0x73/0x80 [ 14.413322] kasan_report+0x141/0x180 [ 14.413344] ? strnlen+0x73/0x80 [ 14.413367] __asan_report_load1_noabort+0x18/0x20 [ 14.413391] strnlen+0x73/0x80 [ 14.413409] kasan_strings+0x615/0xe80 [ 14.413428] ? trace_hardirqs_on+0x37/0xe0 [ 14.413451] ? __pfx_kasan_strings+0x10/0x10 [ 14.413471] ? finish_task_switch.isra.0+0x153/0x700 [ 14.413493] ? __switch_to+0x47/0xf50 [ 14.413517] ? __schedule+0x10cc/0x2b60 [ 14.413609] ? __pfx_read_tsc+0x10/0x10 [ 14.413631] ? ktime_get_ts64+0x86/0x230 [ 14.413655] kunit_try_run_case+0x1a5/0x480 [ 14.413680] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.413703] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.413726] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.413769] ? __kthread_parkme+0x82/0x180 [ 14.413789] ? preempt_count_sub+0x50/0x80 [ 14.413812] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.413870] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.413895] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.413929] kthread+0x337/0x6f0 [ 14.413948] ? trace_preempt_on+0x20/0xc0 [ 14.413970] ? __pfx_kthread+0x10/0x10 [ 14.414089] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.414114] ? calculate_sigpending+0x7b/0xa0 [ 14.414139] ? __pfx_kthread+0x10/0x10 [ 14.414161] ret_from_fork+0x116/0x1d0 [ 14.414180] ? __pfx_kthread+0x10/0x10 [ 14.414201] ret_from_fork_asm+0x1a/0x30 [ 14.414232] </TASK> [ 14.414241] [ 14.422678] Allocated by task 276: [ 14.422899] kasan_save_stack+0x45/0x70 [ 14.423184] kasan_save_track+0x18/0x40 [ 14.423409] kasan_save_alloc_info+0x3b/0x50 [ 14.423621] __kasan_kmalloc+0xb7/0xc0 [ 14.423851] __kmalloc_cache_noprof+0x189/0x420 [ 14.424284] kasan_strings+0xc0/0xe80 [ 14.424431] kunit_try_run_case+0x1a5/0x480 [ 14.424573] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.424883] kthread+0x337/0x6f0 [ 14.425196] ret_from_fork+0x116/0x1d0 [ 14.425385] ret_from_fork_asm+0x1a/0x30 [ 14.425600] [ 14.425695] Freed by task 276: [ 14.425887] kasan_save_stack+0x45/0x70 [ 14.426192] kasan_save_track+0x18/0x40 [ 14.426421] kasan_save_free_info+0x3f/0x60 [ 14.426650] __kasan_slab_free+0x56/0x70 [ 14.426877] kfree+0x222/0x3f0 [ 14.427138] kasan_strings+0x2aa/0xe80 [ 14.427344] kunit_try_run_case+0x1a5/0x480 [ 14.427569] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.427854] kthread+0x337/0x6f0 [ 14.428231] ret_from_fork+0x116/0x1d0 [ 14.428390] ret_from_fork_asm+0x1a/0x30 [ 14.428623] [ 14.428712] The buggy address belongs to the object at ffff888102a16ac0 [ 14.428712] which belongs to the cache kmalloc-32 of size 32 [ 14.429385] The buggy address is located 16 bytes inside of [ 14.429385] freed 32-byte region [ffff888102a16ac0, ffff888102a16ae0) [ 14.429973] [ 14.430165] The buggy address belongs to the physical page: [ 14.430417] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a16 [ 14.430763] flags: 0x200000000000000(node=0|zone=2) [ 14.431050] page_type: f5(slab) [ 14.431221] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.431492] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.431836] page dumped because: kasan: bad access detected [ 14.432106] [ 14.432191] Memory state around the buggy address: [ 14.432404] ffff888102a16980: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.432705] ffff888102a16a00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.433227] >ffff888102a16a80: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.433570] ^ [ 14.433804] ffff888102a16b00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.434173] ffff888102a16b80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.434544] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 14.389804] ================================================================== [ 14.390528] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 14.390758] Read of size 1 at addr ffff888102a16ad0 by task kunit_try_catch/276 [ 14.391031] [ 14.391138] CPU: 1 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.391178] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.391190] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.391210] Call Trace: [ 14.391224] <TASK> [ 14.391238] dump_stack_lvl+0x73/0xb0 [ 14.391264] print_report+0xd1/0x650 [ 14.391346] ? __virt_addr_valid+0x1db/0x2d0 [ 14.391371] ? strlen+0x8f/0xb0 [ 14.391389] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.391413] ? strlen+0x8f/0xb0 [ 14.391430] kasan_report+0x141/0x180 [ 14.391452] ? strlen+0x8f/0xb0 [ 14.391474] __asan_report_load1_noabort+0x18/0x20 [ 14.391693] strlen+0x8f/0xb0 [ 14.391724] kasan_strings+0x57b/0xe80 [ 14.391744] ? trace_hardirqs_on+0x37/0xe0 [ 14.391779] ? __pfx_kasan_strings+0x10/0x10 [ 14.391799] ? finish_task_switch.isra.0+0x153/0x700 [ 14.391821] ? __switch_to+0x47/0xf50 [ 14.391865] ? __schedule+0x10cc/0x2b60 [ 14.391887] ? __pfx_read_tsc+0x10/0x10 [ 14.391907] ? ktime_get_ts64+0x86/0x230 [ 14.391942] kunit_try_run_case+0x1a5/0x480 [ 14.391966] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.391989] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.392011] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.392110] ? __kthread_parkme+0x82/0x180 [ 14.392130] ? preempt_count_sub+0x50/0x80 [ 14.392153] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.392178] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.392225] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.392251] kthread+0x337/0x6f0 [ 14.392270] ? trace_preempt_on+0x20/0xc0 [ 14.392292] ? __pfx_kthread+0x10/0x10 [ 14.392313] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.392335] ? calculate_sigpending+0x7b/0xa0 [ 14.392359] ? __pfx_kthread+0x10/0x10 [ 14.392400] ret_from_fork+0x116/0x1d0 [ 14.392419] ? __pfx_kthread+0x10/0x10 [ 14.392439] ret_from_fork_asm+0x1a/0x30 [ 14.392471] </TASK> [ 14.392480] [ 14.400023] Allocated by task 276: [ 14.400196] kasan_save_stack+0x45/0x70 [ 14.400398] kasan_save_track+0x18/0x40 [ 14.400579] kasan_save_alloc_info+0x3b/0x50 [ 14.400962] __kasan_kmalloc+0xb7/0xc0 [ 14.401231] __kmalloc_cache_noprof+0x189/0x420 [ 14.401395] kasan_strings+0xc0/0xe80 [ 14.401536] kunit_try_run_case+0x1a5/0x480 [ 14.401680] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.401918] kthread+0x337/0x6f0 [ 14.402100] ret_from_fork+0x116/0x1d0 [ 14.402293] ret_from_fork_asm+0x1a/0x30 [ 14.402656] [ 14.402874] Freed by task 276: [ 14.403115] kasan_save_stack+0x45/0x70 [ 14.403345] kasan_save_track+0x18/0x40 [ 14.403534] kasan_save_free_info+0x3f/0x60 [ 14.403726] __kasan_slab_free+0x56/0x70 [ 14.403945] kfree+0x222/0x3f0 [ 14.404266] kasan_strings+0x2aa/0xe80 [ 14.404456] kunit_try_run_case+0x1a5/0x480 [ 14.404657] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.404960] kthread+0x337/0x6f0 [ 14.405169] ret_from_fork+0x116/0x1d0 [ 14.405303] ret_from_fork_asm+0x1a/0x30 [ 14.405436] [ 14.405521] The buggy address belongs to the object at ffff888102a16ac0 [ 14.405521] which belongs to the cache kmalloc-32 of size 32 [ 14.406060] The buggy address is located 16 bytes inside of [ 14.406060] freed 32-byte region [ffff888102a16ac0, ffff888102a16ae0) [ 14.406627] [ 14.406699] The buggy address belongs to the physical page: [ 14.406863] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a16 [ 14.407411] flags: 0x200000000000000(node=0|zone=2) [ 14.407678] page_type: f5(slab) [ 14.407851] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.408321] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.408660] page dumped because: kasan: bad access detected [ 14.408883] [ 14.409003] Memory state around the buggy address: [ 14.409230] ffff888102a16980: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.409572] ffff888102a16a00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.409800] >ffff888102a16a80: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.410320] ^ [ 14.410612] ffff888102a16b00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.410877] ffff888102a16b80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.411096] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 14.359520] ================================================================== [ 14.359755] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 14.359988] Read of size 1 at addr ffff888102a16ad0 by task kunit_try_catch/276 [ 14.360694] [ 14.360871] CPU: 1 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.360916] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.360939] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.361368] Call Trace: [ 14.361386] <TASK> [ 14.361404] dump_stack_lvl+0x73/0xb0 [ 14.361436] print_report+0xd1/0x650 [ 14.361457] ? __virt_addr_valid+0x1db/0x2d0 [ 14.361480] ? kasan_strings+0xcbc/0xe80 [ 14.361501] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.361524] ? kasan_strings+0xcbc/0xe80 [ 14.361546] kasan_report+0x141/0x180 [ 14.361568] ? kasan_strings+0xcbc/0xe80 [ 14.361594] __asan_report_load1_noabort+0x18/0x20 [ 14.361619] kasan_strings+0xcbc/0xe80 [ 14.361638] ? trace_hardirqs_on+0x37/0xe0 [ 14.361662] ? __pfx_kasan_strings+0x10/0x10 [ 14.361682] ? finish_task_switch.isra.0+0x153/0x700 [ 14.361705] ? __switch_to+0x47/0xf50 [ 14.361730] ? __schedule+0x10cc/0x2b60 [ 14.361765] ? __pfx_read_tsc+0x10/0x10 [ 14.361786] ? ktime_get_ts64+0x86/0x230 [ 14.361809] kunit_try_run_case+0x1a5/0x480 [ 14.361834] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.361856] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.361879] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.361903] ? __kthread_parkme+0x82/0x180 [ 14.361935] ? preempt_count_sub+0x50/0x80 [ 14.361958] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.361982] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.362007] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.362100] kthread+0x337/0x6f0 [ 14.362121] ? trace_preempt_on+0x20/0xc0 [ 14.362144] ? __pfx_kthread+0x10/0x10 [ 14.362165] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.362187] ? calculate_sigpending+0x7b/0xa0 [ 14.362211] ? __pfx_kthread+0x10/0x10 [ 14.362232] ret_from_fork+0x116/0x1d0 [ 14.362251] ? __pfx_kthread+0x10/0x10 [ 14.362271] ret_from_fork_asm+0x1a/0x30 [ 14.362303] </TASK> [ 14.362313] [ 14.376709] Allocated by task 276: [ 14.377041] kasan_save_stack+0x45/0x70 [ 14.377417] kasan_save_track+0x18/0x40 [ 14.377883] kasan_save_alloc_info+0x3b/0x50 [ 14.378499] __kasan_kmalloc+0xb7/0xc0 [ 14.378955] __kmalloc_cache_noprof+0x189/0x420 [ 14.379439] kasan_strings+0xc0/0xe80 [ 14.379735] kunit_try_run_case+0x1a5/0x480 [ 14.380161] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.380341] kthread+0x337/0x6f0 [ 14.380457] ret_from_fork+0x116/0x1d0 [ 14.380586] ret_from_fork_asm+0x1a/0x30 [ 14.380722] [ 14.380809] Freed by task 276: [ 14.380917] kasan_save_stack+0x45/0x70 [ 14.381186] kasan_save_track+0x18/0x40 [ 14.381384] kasan_save_free_info+0x3f/0x60 [ 14.381591] __kasan_slab_free+0x56/0x70 [ 14.381799] kfree+0x222/0x3f0 [ 14.381952] kasan_strings+0x2aa/0xe80 [ 14.382309] kunit_try_run_case+0x1a5/0x480 [ 14.382467] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.382643] kthread+0x337/0x6f0 [ 14.382759] ret_from_fork+0x116/0x1d0 [ 14.382936] ret_from_fork_asm+0x1a/0x30 [ 14.383156] [ 14.383252] The buggy address belongs to the object at ffff888102a16ac0 [ 14.383252] which belongs to the cache kmalloc-32 of size 32 [ 14.383916] The buggy address is located 16 bytes inside of [ 14.383916] freed 32-byte region [ffff888102a16ac0, ffff888102a16ae0) [ 14.384453] [ 14.384526] The buggy address belongs to the physical page: [ 14.384823] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a16 [ 14.385326] flags: 0x200000000000000(node=0|zone=2) [ 14.385481] page_type: f5(slab) [ 14.385634] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.386008] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.386395] page dumped because: kasan: bad access detected [ 14.386648] [ 14.386741] Memory state around the buggy address: [ 14.386965] ffff888102a16980: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.387306] ffff888102a16a00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.387620] >ffff888102a16a80: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.387957] ^ [ 14.388127] ffff888102a16b00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.388883] ffff888102a16b80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.389347] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 14.322940] ================================================================== [ 14.323945] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 14.324333] Read of size 1 at addr ffff888102a16ad0 by task kunit_try_catch/276 [ 14.324630] [ 14.324738] CPU: 1 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.324782] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.324793] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.324813] Call Trace: [ 14.324825] <TASK> [ 14.324840] dump_stack_lvl+0x73/0xb0 [ 14.324870] print_report+0xd1/0x650 [ 14.324893] ? __virt_addr_valid+0x1db/0x2d0 [ 14.324937] ? strcmp+0xb0/0xc0 [ 14.324954] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.324978] ? strcmp+0xb0/0xc0 [ 14.324994] kasan_report+0x141/0x180 [ 14.325016] ? strcmp+0xb0/0xc0 [ 14.325038] __asan_report_load1_noabort+0x18/0x20 [ 14.325064] strcmp+0xb0/0xc0 [ 14.325222] kasan_strings+0x431/0xe80 [ 14.325246] ? trace_hardirqs_on+0x37/0xe0 [ 14.325270] ? __pfx_kasan_strings+0x10/0x10 [ 14.325291] ? finish_task_switch.isra.0+0x153/0x700 [ 14.325313] ? __switch_to+0x47/0xf50 [ 14.325339] ? __schedule+0x10cc/0x2b60 [ 14.325361] ? __pfx_read_tsc+0x10/0x10 [ 14.325382] ? ktime_get_ts64+0x86/0x230 [ 14.325406] kunit_try_run_case+0x1a5/0x480 [ 14.325430] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.325453] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.325478] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.325501] ? __kthread_parkme+0x82/0x180 [ 14.325520] ? preempt_count_sub+0x50/0x80 [ 14.325544] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.325569] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.325593] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.325619] kthread+0x337/0x6f0 [ 14.325638] ? trace_preempt_on+0x20/0xc0 [ 14.325660] ? __pfx_kthread+0x10/0x10 [ 14.325681] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.325702] ? calculate_sigpending+0x7b/0xa0 [ 14.325726] ? __pfx_kthread+0x10/0x10 [ 14.325748] ret_from_fork+0x116/0x1d0 [ 14.325774] ? __pfx_kthread+0x10/0x10 [ 14.325795] ret_from_fork_asm+0x1a/0x30 [ 14.325827] </TASK> [ 14.325836] [ 14.336458] Allocated by task 276: [ 14.337859] kasan_save_stack+0x45/0x70 [ 14.338036] kasan_save_track+0x18/0x40 [ 14.338176] kasan_save_alloc_info+0x3b/0x50 [ 14.338330] __kasan_kmalloc+0xb7/0xc0 [ 14.338467] __kmalloc_cache_noprof+0x189/0x420 [ 14.338631] kasan_strings+0xc0/0xe80 [ 14.338772] kunit_try_run_case+0x1a5/0x480 [ 14.338931] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.339106] kthread+0x337/0x6f0 [ 14.339227] ret_from_fork+0x116/0x1d0 [ 14.339358] ret_from_fork_asm+0x1a/0x30 [ 14.339496] [ 14.339566] Freed by task 276: [ 14.339678] kasan_save_stack+0x45/0x70 [ 14.339813] kasan_save_track+0x18/0x40 [ 14.340144] kasan_save_free_info+0x3f/0x60 [ 14.341868] __kasan_slab_free+0x56/0x70 [ 14.342399] kfree+0x222/0x3f0 [ 14.342707] kasan_strings+0x2aa/0xe80 [ 14.343167] kunit_try_run_case+0x1a5/0x480 [ 14.343547] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.344228] kthread+0x337/0x6f0 [ 14.344537] ret_from_fork+0x116/0x1d0 [ 14.344907] ret_from_fork_asm+0x1a/0x30 [ 14.345904] [ 14.346266] The buggy address belongs to the object at ffff888102a16ac0 [ 14.346266] which belongs to the cache kmalloc-32 of size 32 [ 14.347739] The buggy address is located 16 bytes inside of [ 14.347739] freed 32-byte region [ffff888102a16ac0, ffff888102a16ae0) [ 14.349150] [ 14.349605] The buggy address belongs to the physical page: [ 14.350306] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a16 [ 14.351297] flags: 0x200000000000000(node=0|zone=2) [ 14.351735] page_type: f5(slab) [ 14.351862] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.352557] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.353408] page dumped because: kasan: bad access detected [ 14.354251] [ 14.354474] Memory state around the buggy address: [ 14.354643] ffff888102a16980: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.355358] ffff888102a16a00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.356143] >ffff888102a16a80: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.356675] ^ [ 14.356903] ffff888102a16b00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.357936] ffff888102a16b80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.358750] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 14.292666] ================================================================== [ 14.294307] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 14.294889] Read of size 1 at addr ffff888103958098 by task kunit_try_catch/274 [ 14.295583] [ 14.295692] CPU: 0 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.295738] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.295984] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.296014] Call Trace: [ 14.296028] <TASK> [ 14.296090] dump_stack_lvl+0x73/0xb0 [ 14.296134] print_report+0xd1/0x650 [ 14.296159] ? __virt_addr_valid+0x1db/0x2d0 [ 14.296183] ? memcmp+0x1b4/0x1d0 [ 14.296200] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.296224] ? memcmp+0x1b4/0x1d0 [ 14.296242] kasan_report+0x141/0x180 [ 14.296264] ? memcmp+0x1b4/0x1d0 [ 14.296287] __asan_report_load1_noabort+0x18/0x20 [ 14.296312] memcmp+0x1b4/0x1d0 [ 14.296331] kasan_memcmp+0x18f/0x390 [ 14.296352] ? trace_hardirqs_on+0x37/0xe0 [ 14.296375] ? __pfx_kasan_memcmp+0x10/0x10 [ 14.296396] ? finish_task_switch.isra.0+0x153/0x700 [ 14.296418] ? __switch_to+0x47/0xf50 [ 14.296447] ? __pfx_read_tsc+0x10/0x10 [ 14.296468] ? ktime_get_ts64+0x86/0x230 [ 14.296492] kunit_try_run_case+0x1a5/0x480 [ 14.296517] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.296540] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.296563] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.296588] ? __kthread_parkme+0x82/0x180 [ 14.296609] ? preempt_count_sub+0x50/0x80 [ 14.296631] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.296656] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.296680] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.296705] kthread+0x337/0x6f0 [ 14.296724] ? trace_preempt_on+0x20/0xc0 [ 14.296745] ? __pfx_kthread+0x10/0x10 [ 14.296766] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.296787] ? calculate_sigpending+0x7b/0xa0 [ 14.296811] ? __pfx_kthread+0x10/0x10 [ 14.296832] ret_from_fork+0x116/0x1d0 [ 14.296850] ? __pfx_kthread+0x10/0x10 [ 14.296870] ret_from_fork_asm+0x1a/0x30 [ 14.296902] </TASK> [ 14.296912] [ 14.307443] Allocated by task 274: [ 14.307613] kasan_save_stack+0x45/0x70 [ 14.307878] kasan_save_track+0x18/0x40 [ 14.308205] kasan_save_alloc_info+0x3b/0x50 [ 14.308417] __kasan_kmalloc+0xb7/0xc0 [ 14.308605] __kmalloc_cache_noprof+0x189/0x420 [ 14.308788] kasan_memcmp+0xb7/0x390 [ 14.309068] kunit_try_run_case+0x1a5/0x480 [ 14.309246] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.309463] kthread+0x337/0x6f0 [ 14.309583] ret_from_fork+0x116/0x1d0 [ 14.309718] ret_from_fork_asm+0x1a/0x30 [ 14.309915] [ 14.310023] The buggy address belongs to the object at ffff888103958080 [ 14.310023] which belongs to the cache kmalloc-32 of size 32 [ 14.310568] The buggy address is located 0 bytes to the right of [ 14.310568] allocated 24-byte region [ffff888103958080, ffff888103958098) [ 14.311097] [ 14.311194] The buggy address belongs to the physical page: [ 14.311454] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103958 [ 14.311811] flags: 0x200000000000000(node=0|zone=2) [ 14.312034] page_type: f5(slab) [ 14.312304] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.312563] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.312891] page dumped because: kasan: bad access detected [ 14.313218] [ 14.313291] Memory state around the buggy address: [ 14.313447] ffff888103957f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.313727] ffff888103958000: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.314002] >ffff888103958080: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.314366] ^ [ 14.314554] ffff888103958100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.314849] ffff888103958180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.315273] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 14.263336] ================================================================== [ 14.263939] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 14.264288] Read of size 1 at addr ffff888103aa7c4a by task kunit_try_catch/270 [ 14.264595] [ 14.264695] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.264739] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.264752] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.264772] Call Trace: [ 14.264784] <TASK> [ 14.264801] dump_stack_lvl+0x73/0xb0 [ 14.264829] print_report+0xd1/0x650 [ 14.264850] ? __virt_addr_valid+0x1db/0x2d0 [ 14.264873] ? kasan_alloca_oob_right+0x329/0x390 [ 14.264895] ? kasan_addr_to_slab+0x11/0xa0 [ 14.264914] ? kasan_alloca_oob_right+0x329/0x390 [ 14.265345] kasan_report+0x141/0x180 [ 14.265370] ? kasan_alloca_oob_right+0x329/0x390 [ 14.265414] __asan_report_load1_noabort+0x18/0x20 [ 14.265440] kasan_alloca_oob_right+0x329/0x390 [ 14.265462] ? __kasan_check_write+0x18/0x20 [ 14.265483] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.265506] ? finish_task_switch.isra.0+0x153/0x700 [ 14.265530] ? preempt_schedule_common+0xbe/0x110 [ 14.265555] ? trace_hardirqs_on+0x37/0xe0 [ 14.265580] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 14.265607] ? __schedule+0x10cc/0x2b60 [ 14.265629] ? __pfx_read_tsc+0x10/0x10 [ 14.265650] ? ktime_get_ts64+0x86/0x230 [ 14.265674] kunit_try_run_case+0x1a5/0x480 [ 14.265699] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.265724] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.265770] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.265795] ? __kthread_parkme+0x82/0x180 [ 14.265816] ? preempt_count_sub+0x50/0x80 [ 14.265840] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.265864] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.265890] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.265927] kthread+0x337/0x6f0 [ 14.265948] ? trace_preempt_on+0x20/0xc0 [ 14.265971] ? __pfx_kthread+0x10/0x10 [ 14.265992] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.266032] ? calculate_sigpending+0x7b/0xa0 [ 14.266057] ? __pfx_kthread+0x10/0x10 [ 14.266078] ret_from_fork+0x116/0x1d0 [ 14.266096] ? __pfx_kthread+0x10/0x10 [ 14.266116] ret_from_fork_asm+0x1a/0x30 [ 14.266148] </TASK> [ 14.266158] [ 14.278964] The buggy address belongs to stack of task kunit_try_catch/270 [ 14.279712] [ 14.279967] The buggy address belongs to the physical page: [ 14.280437] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103aa7 [ 14.280943] flags: 0x200000000000000(node=0|zone=2) [ 14.281360] raw: 0200000000000000 ffffea00040ea9c8 ffffea00040ea9c8 0000000000000000 [ 14.281868] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.282441] page dumped because: kasan: bad access detected [ 14.282833] [ 14.283069] Memory state around the buggy address: [ 14.283342] ffff888103aa7b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.283630] ffff888103aa7b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.283964] >ffff888103aa7c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 14.284265] ^ [ 14.284508] ffff888103aa7c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 14.284813] ffff888103aa7d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.285617] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 14.232468] ================================================================== [ 14.233226] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 14.233606] Read of size 1 at addr ffff888103abfc3f by task kunit_try_catch/268 [ 14.234253] [ 14.234373] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.234417] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.234539] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.234562] Call Trace: [ 14.234576] <TASK> [ 14.234591] dump_stack_lvl+0x73/0xb0 [ 14.234663] print_report+0xd1/0x650 [ 14.234699] ? __virt_addr_valid+0x1db/0x2d0 [ 14.234724] ? kasan_alloca_oob_left+0x320/0x380 [ 14.234759] ? kasan_addr_to_slab+0x11/0xa0 [ 14.234780] ? kasan_alloca_oob_left+0x320/0x380 [ 14.234803] kasan_report+0x141/0x180 [ 14.234825] ? kasan_alloca_oob_left+0x320/0x380 [ 14.234853] __asan_report_load1_noabort+0x18/0x20 [ 14.234878] kasan_alloca_oob_left+0x320/0x380 [ 14.234899] ? __kasan_check_write+0x18/0x20 [ 14.234932] ? pick_task_fair+0xc9/0x340 [ 14.234962] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 14.234986] ? trace_hardirqs_on+0x37/0xe0 [ 14.235010] ? __schedule+0x207f/0x2b60 [ 14.235035] ? __pfx_read_tsc+0x10/0x10 [ 14.235057] ? ktime_get_ts64+0x86/0x230 [ 14.235083] kunit_try_run_case+0x1a5/0x480 [ 14.235109] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.235133] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.235157] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.235181] ? __kthread_parkme+0x82/0x180 [ 14.235202] ? preempt_count_sub+0x50/0x80 [ 14.235225] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.235249] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.235274] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.235302] kthread+0x337/0x6f0 [ 14.235321] ? trace_preempt_on+0x20/0xc0 [ 14.235343] ? __pfx_kthread+0x10/0x10 [ 14.235364] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.235385] ? calculate_sigpending+0x7b/0xa0 [ 14.235409] ? __pfx_kthread+0x10/0x10 [ 14.235430] ret_from_fork+0x116/0x1d0 [ 14.235449] ? __pfx_kthread+0x10/0x10 [ 14.235469] ret_from_fork_asm+0x1a/0x30 [ 14.235501] </TASK> [ 14.235511] [ 14.248937] The buggy address belongs to stack of task kunit_try_catch/268 [ 14.249176] [ 14.249588] The buggy address belongs to the physical page: [ 14.250252] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103abf [ 14.251300] flags: 0x200000000000000(node=0|zone=2) [ 14.251986] raw: 0200000000000000 ffffea00040eafc8 ffffea00040eafc8 0000000000000000 [ 14.252954] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.253896] page dumped because: kasan: bad access detected [ 14.254564] [ 14.254643] Memory state around the buggy address: [ 14.255176] ffff888103abfb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.256009] ffff888103abfb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.256611] >ffff888103abfc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 14.257175] ^ [ 14.257813] ffff888103abfc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 14.258578] ffff888103abfd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.258990] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 14.205162] ================================================================== [ 14.205640] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 14.206629] Read of size 1 at addr ffff888102b57d02 by task kunit_try_catch/266 [ 14.207579] [ 14.207992] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.208062] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.208075] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.208098] Call Trace: [ 14.208110] <TASK> [ 14.208126] dump_stack_lvl+0x73/0xb0 [ 14.208195] print_report+0xd1/0x650 [ 14.208218] ? __virt_addr_valid+0x1db/0x2d0 [ 14.208333] ? kasan_stack_oob+0x2b5/0x300 [ 14.208356] ? kasan_addr_to_slab+0x11/0xa0 [ 14.208378] ? kasan_stack_oob+0x2b5/0x300 [ 14.208400] kasan_report+0x141/0x180 [ 14.208422] ? kasan_stack_oob+0x2b5/0x300 [ 14.208448] __asan_report_load1_noabort+0x18/0x20 [ 14.208474] kasan_stack_oob+0x2b5/0x300 [ 14.208495] ? __pfx_kasan_stack_oob+0x10/0x10 [ 14.208516] ? finish_task_switch.isra.0+0x153/0x700 [ 14.208540] ? __switch_to+0x47/0xf50 [ 14.208567] ? __schedule+0x10cc/0x2b60 [ 14.208589] ? __pfx_read_tsc+0x10/0x10 [ 14.208609] ? ktime_get_ts64+0x86/0x230 [ 14.208634] kunit_try_run_case+0x1a5/0x480 [ 14.208658] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.208680] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.208705] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.208729] ? __kthread_parkme+0x82/0x180 [ 14.208771] ? preempt_count_sub+0x50/0x80 [ 14.208794] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.208819] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.208846] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.208872] kthread+0x337/0x6f0 [ 14.208890] ? trace_preempt_on+0x20/0xc0 [ 14.208914] ? __pfx_kthread+0x10/0x10 [ 14.208943] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.208965] ? calculate_sigpending+0x7b/0xa0 [ 14.208989] ? __pfx_kthread+0x10/0x10 [ 14.209028] ret_from_fork+0x116/0x1d0 [ 14.209048] ? __pfx_kthread+0x10/0x10 [ 14.209069] ret_from_fork_asm+0x1a/0x30 [ 14.209101] </TASK> [ 14.209111] [ 14.220501] The buggy address belongs to stack of task kunit_try_catch/266 [ 14.221146] and is located at offset 138 in frame: [ 14.221391] kasan_stack_oob+0x0/0x300 [ 14.222058] [ 14.222176] This frame has 4 objects: [ 14.222456] [48, 49) '__assertion' [ 14.222481] [64, 72) 'array' [ 14.222672] [96, 112) '__assertion' [ 14.222839] [128, 138) 'stack_array' [ 14.223039] [ 14.223283] The buggy address belongs to the physical page: [ 14.223515] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b57 [ 14.223856] flags: 0x200000000000000(node=0|zone=2) [ 14.224108] raw: 0200000000000000 0000000000000000 ffffea00040ad5c8 0000000000000000 [ 14.224417] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.224735] page dumped because: kasan: bad access detected [ 14.225608] [ 14.225713] Memory state around the buggy address: [ 14.226128] ffff888102b57c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.226415] ffff888102b57c80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 14.226853] >ffff888102b57d00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.227340] ^ [ 14.227500] ffff888102b57d80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 14.228301] ffff888102b57e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.228577] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 14.176297] ================================================================== [ 14.176721] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 14.176995] Read of size 1 at addr ffffffffbb663e8d by task kunit_try_catch/262 [ 14.177219] [ 14.177909] CPU: 0 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.177971] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.177984] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.178006] Call Trace: [ 14.178177] <TASK> [ 14.178195] dump_stack_lvl+0x73/0xb0 [ 14.178229] print_report+0xd1/0x650 [ 14.178251] ? __virt_addr_valid+0x1db/0x2d0 [ 14.178274] ? kasan_global_oob_right+0x286/0x2d0 [ 14.178296] ? kasan_addr_to_slab+0x11/0xa0 [ 14.178317] ? kasan_global_oob_right+0x286/0x2d0 [ 14.178339] kasan_report+0x141/0x180 [ 14.178361] ? kasan_global_oob_right+0x286/0x2d0 [ 14.178389] __asan_report_load1_noabort+0x18/0x20 [ 14.178414] kasan_global_oob_right+0x286/0x2d0 [ 14.178436] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 14.178461] ? __schedule+0x10cc/0x2b60 [ 14.178484] ? __pfx_read_tsc+0x10/0x10 [ 14.178511] ? ktime_get_ts64+0x86/0x230 [ 14.178536] kunit_try_run_case+0x1a5/0x480 [ 14.178561] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.178583] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.178607] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.178631] ? __kthread_parkme+0x82/0x180 [ 14.178651] ? preempt_count_sub+0x50/0x80 [ 14.178675] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.178699] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.178724] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.178762] kthread+0x337/0x6f0 [ 14.178780] ? trace_preempt_on+0x20/0xc0 [ 14.178803] ? __pfx_kthread+0x10/0x10 [ 14.178825] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.178848] ? calculate_sigpending+0x7b/0xa0 [ 14.178872] ? __pfx_kthread+0x10/0x10 [ 14.178895] ret_from_fork+0x116/0x1d0 [ 14.178912] ? __pfx_kthread+0x10/0x10 [ 14.178944] ret_from_fork_asm+0x1a/0x30 [ 14.178975] </TASK> [ 14.178985] [ 14.192028] The buggy address belongs to the variable: [ 14.192591] global_array+0xd/0x40 [ 14.192978] [ 14.193244] The buggy address belongs to the physical page: [ 14.193784] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x69063 [ 14.194167] flags: 0x100000000002000(reserved|node=0|zone=1) [ 14.194700] raw: 0100000000002000 ffffea0001a418c8 ffffea0001a418c8 0000000000000000 [ 14.195208] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.195906] page dumped because: kasan: bad access detected [ 14.196350] [ 14.196423] Memory state around the buggy address: [ 14.196575] ffffffffbb663d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.196858] ffffffffbb663e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.197681] >ffffffffbb663e80: 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 14.198466] ^ [ 14.198837] ffffffffbb663f00: 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 [ 14.199568] ffffffffbb663f80: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 14.199800] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 14.143554] ================================================================== [ 14.144070] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.144430] Free of addr ffff8881039c4001 by task kunit_try_catch/260 [ 14.144726] [ 14.144840] CPU: 0 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.144882] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.144894] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.144914] Call Trace: [ 14.145325] <TASK> [ 14.145530] dump_stack_lvl+0x73/0xb0 [ 14.145572] print_report+0xd1/0x650 [ 14.145596] ? __virt_addr_valid+0x1db/0x2d0 [ 14.145623] ? kasan_addr_to_slab+0x11/0xa0 [ 14.145644] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.145671] kasan_report_invalid_free+0x10a/0x130 [ 14.145696] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.145726] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.145773] __kasan_mempool_poison_object+0x102/0x1d0 [ 14.145798] mempool_free+0x2ec/0x380 [ 14.145825] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.145852] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 14.145881] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.145904] ? finish_task_switch.isra.0+0x153/0x700 [ 14.145939] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 14.145965] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 14.145994] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.146056] ? __pfx_mempool_kfree+0x10/0x10 [ 14.146080] ? __pfx_read_tsc+0x10/0x10 [ 14.146103] ? ktime_get_ts64+0x86/0x230 [ 14.146128] kunit_try_run_case+0x1a5/0x480 [ 14.146154] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.146177] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.146201] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.146225] ? __kthread_parkme+0x82/0x180 [ 14.146244] ? preempt_count_sub+0x50/0x80 [ 14.146267] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.146292] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.146316] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.146341] kthread+0x337/0x6f0 [ 14.146359] ? trace_preempt_on+0x20/0xc0 [ 14.146383] ? __pfx_kthread+0x10/0x10 [ 14.146403] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.146424] ? calculate_sigpending+0x7b/0xa0 [ 14.146448] ? __pfx_kthread+0x10/0x10 [ 14.146470] ret_from_fork+0x116/0x1d0 [ 14.146489] ? __pfx_kthread+0x10/0x10 [ 14.146516] ret_from_fork_asm+0x1a/0x30 [ 14.146550] </TASK> [ 14.146560] [ 14.165540] The buggy address belongs to the physical page: [ 14.166023] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c4 [ 14.166556] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.166951] flags: 0x200000000000040(head|node=0|zone=2) [ 14.167536] page_type: f8(unknown) [ 14.167887] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.168423] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.168659] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.168899] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.169167] head: 0200000000000002 ffffea00040e7101 00000000ffffffff 00000000ffffffff [ 14.169518] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.169861] page dumped because: kasan: bad access detected [ 14.170339] [ 14.170425] Memory state around the buggy address: [ 14.170664] ffff8881039c3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.170986] ffff8881039c3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.171408] >ffff8881039c4000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.171717] ^ [ 14.171902] ffff8881039c4080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.172244] ffff8881039c4100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.172589] ================================================================== [ 14.105835] ================================================================== [ 14.107447] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.108117] Free of addr ffff888103953a01 by task kunit_try_catch/258 [ 14.108506] [ 14.108685] CPU: 0 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.108729] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.108741] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.108762] Call Trace: [ 14.108775] <TASK> [ 14.108790] dump_stack_lvl+0x73/0xb0 [ 14.108819] print_report+0xd1/0x650 [ 14.108841] ? __virt_addr_valid+0x1db/0x2d0 [ 14.108865] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.108888] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.108916] kasan_report_invalid_free+0x10a/0x130 [ 14.108953] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.108982] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.109007] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.109033] check_slab_allocation+0x11f/0x130 [ 14.109098] __kasan_mempool_poison_object+0x91/0x1d0 [ 14.109126] mempool_free+0x2ec/0x380 [ 14.109153] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.109180] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 14.109210] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.109231] ? finish_task_switch.isra.0+0x153/0x700 [ 14.109258] mempool_kmalloc_invalid_free+0xed/0x140 [ 14.109282] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 14.109310] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.109332] ? __pfx_mempool_kfree+0x10/0x10 [ 14.109357] ? __pfx_read_tsc+0x10/0x10 [ 14.109378] ? ktime_get_ts64+0x86/0x230 [ 14.109402] kunit_try_run_case+0x1a5/0x480 [ 14.109427] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.109450] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.109474] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.109498] ? __kthread_parkme+0x82/0x180 [ 14.109519] ? preempt_count_sub+0x50/0x80 [ 14.109542] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.109567] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.109592] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.109617] kthread+0x337/0x6f0 [ 14.109635] ? trace_preempt_on+0x20/0xc0 [ 14.109659] ? __pfx_kthread+0x10/0x10 [ 14.109679] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.109701] ? calculate_sigpending+0x7b/0xa0 [ 14.109726] ? __pfx_kthread+0x10/0x10 [ 14.109747] ret_from_fork+0x116/0x1d0 [ 14.109765] ? __pfx_kthread+0x10/0x10 [ 14.109786] ret_from_fork_asm+0x1a/0x30 [ 14.109818] </TASK> [ 14.109829] [ 14.125909] Allocated by task 258: [ 14.126385] kasan_save_stack+0x45/0x70 [ 14.126767] kasan_save_track+0x18/0x40 [ 14.127013] kasan_save_alloc_info+0x3b/0x50 [ 14.127453] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.127643] remove_element+0x11e/0x190 [ 14.127799] mempool_alloc_preallocated+0x4d/0x90 [ 14.127971] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 14.128306] mempool_kmalloc_invalid_free+0xed/0x140 [ 14.128738] kunit_try_run_case+0x1a5/0x480 [ 14.129161] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.129686] kthread+0x337/0x6f0 [ 14.130152] ret_from_fork+0x116/0x1d0 [ 14.130452] ret_from_fork_asm+0x1a/0x30 [ 14.130605] [ 14.130678] The buggy address belongs to the object at ffff888103953a00 [ 14.130678] which belongs to the cache kmalloc-128 of size 128 [ 14.131788] The buggy address is located 1 bytes inside of [ 14.131788] 128-byte region [ffff888103953a00, ffff888103953a80) [ 14.132837] [ 14.132913] The buggy address belongs to the physical page: [ 14.133289] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103953 [ 14.134010] flags: 0x200000000000000(node=0|zone=2) [ 14.134428] page_type: f5(slab) [ 14.134565] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.134880] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.135643] page dumped because: kasan: bad access detected [ 14.136237] [ 14.136432] Memory state around the buggy address: [ 14.136855] ffff888103953900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.137419] ffff888103953980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.137638] >ffff888103953a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.138016] ^ [ 14.138355] ffff888103953a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.139290] ffff888103953b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.139973] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 14.050216] ================================================================== [ 14.050702] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.051424] Free of addr ffff888102a58000 by task kunit_try_catch/254 [ 14.052100] [ 14.052285] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.052343] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.052355] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.052377] Call Trace: [ 14.052389] <TASK> [ 14.052404] dump_stack_lvl+0x73/0xb0 [ 14.052442] print_report+0xd1/0x650 [ 14.052464] ? __virt_addr_valid+0x1db/0x2d0 [ 14.052488] ? kasan_addr_to_slab+0x11/0xa0 [ 14.052520] ? mempool_double_free_helper+0x184/0x370 [ 14.052545] kasan_report_invalid_free+0x10a/0x130 [ 14.052571] ? mempool_double_free_helper+0x184/0x370 [ 14.052599] ? mempool_double_free_helper+0x184/0x370 [ 14.052624] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 14.052650] mempool_free+0x2ec/0x380 [ 14.052676] mempool_double_free_helper+0x184/0x370 [ 14.052702] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.052726] ? update_load_avg+0x1be/0x21b0 [ 14.052758] ? update_load_avg+0x1be/0x21b0 [ 14.052780] ? update_curr+0x80/0x810 [ 14.052802] ? irqentry_exit+0x2a/0x60 [ 14.052823] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.052851] mempool_kmalloc_large_double_free+0xed/0x140 [ 14.052878] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 14.052908] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.052942] ? __pfx_mempool_kfree+0x10/0x10 [ 14.052966] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 14.052996] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 14.053042] kunit_try_run_case+0x1a5/0x480 [ 14.053066] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.053090] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.053114] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.053140] ? __kthread_parkme+0x82/0x180 [ 14.053161] ? preempt_count_sub+0x50/0x80 [ 14.053185] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.053210] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.053236] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.053262] kthread+0x337/0x6f0 [ 14.053281] ? trace_preempt_on+0x20/0xc0 [ 14.053305] ? __pfx_kthread+0x10/0x10 [ 14.053326] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.053348] ? calculate_sigpending+0x7b/0xa0 [ 14.053372] ? __pfx_kthread+0x10/0x10 [ 14.053394] ret_from_fork+0x116/0x1d0 [ 14.053413] ? __pfx_kthread+0x10/0x10 [ 14.053434] ret_from_fork_asm+0x1a/0x30 [ 14.053466] </TASK> [ 14.053476] [ 14.063336] The buggy address belongs to the physical page: [ 14.063608] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a58 [ 14.064024] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.064312] flags: 0x200000000000040(head|node=0|zone=2) [ 14.064530] page_type: f8(unknown) [ 14.064707] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.065063] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.065301] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.065631] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.066101] head: 0200000000000002 ffffea00040a9601 00000000ffffffff 00000000ffffffff [ 14.066421] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.066653] page dumped because: kasan: bad access detected [ 14.067044] [ 14.067177] Memory state around the buggy address: [ 14.067477] ffff888102a57f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.067899] ffff888102a57f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.068479] >ffff888102a58000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.068821] ^ [ 14.068947] ffff888102a58080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.069497] ffff888102a58100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.069859] ================================================================== [ 14.075810] ================================================================== [ 14.076633] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.076881] Free of addr ffff8881039c4000 by task kunit_try_catch/256 [ 14.077100] [ 14.077188] CPU: 0 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.077232] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.077243] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.077262] Call Trace: [ 14.077274] <TASK> [ 14.077288] dump_stack_lvl+0x73/0xb0 [ 14.077317] print_report+0xd1/0x650 [ 14.077339] ? __virt_addr_valid+0x1db/0x2d0 [ 14.077363] ? kasan_addr_to_slab+0x11/0xa0 [ 14.077382] ? mempool_double_free_helper+0x184/0x370 [ 14.077406] kasan_report_invalid_free+0x10a/0x130 [ 14.077432] ? mempool_double_free_helper+0x184/0x370 [ 14.077459] ? mempool_double_free_helper+0x184/0x370 [ 14.077483] __kasan_mempool_poison_pages+0x115/0x130 [ 14.077507] mempool_free+0x290/0x380 [ 14.077535] mempool_double_free_helper+0x184/0x370 [ 14.077561] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.077587] ? __kasan_check_write+0x18/0x20 [ 14.077607] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.078379] ? finish_task_switch.isra.0+0x153/0x700 [ 14.078413] mempool_page_alloc_double_free+0xe8/0x140 [ 14.078454] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 14.078485] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 14.078518] ? __pfx_mempool_free_pages+0x10/0x10 [ 14.078545] ? __pfx_read_tsc+0x10/0x10 [ 14.078567] ? ktime_get_ts64+0x86/0x230 [ 14.078592] kunit_try_run_case+0x1a5/0x480 [ 14.078617] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.078669] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.078694] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.078719] ? __kthread_parkme+0x82/0x180 [ 14.078986] ? preempt_count_sub+0x50/0x80 [ 14.079024] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.079049] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.079076] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.079102] kthread+0x337/0x6f0 [ 14.079121] ? trace_preempt_on+0x20/0xc0 [ 14.079146] ? __pfx_kthread+0x10/0x10 [ 14.079167] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.079189] ? calculate_sigpending+0x7b/0xa0 [ 14.079213] ? __pfx_kthread+0x10/0x10 [ 14.079235] ret_from_fork+0x116/0x1d0 [ 14.079254] ? __pfx_kthread+0x10/0x10 [ 14.079275] ret_from_fork_asm+0x1a/0x30 [ 14.079307] </TASK> [ 14.079317] [ 14.096707] The buggy address belongs to the physical page: [ 14.097191] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c4 [ 14.098112] flags: 0x200000000000000(node=0|zone=2) [ 14.098407] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 14.098645] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.099136] page dumped because: kasan: bad access detected [ 14.099659] [ 14.099831] Memory state around the buggy address: [ 14.100327] ffff8881039c3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.100988] ffff8881039c3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.101418] >ffff8881039c4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.101632] ^ [ 14.101748] ffff8881039c4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.101990] ffff8881039c4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.102346] ================================================================== [ 14.010458] ================================================================== [ 14.011328] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.011684] Free of addr ffff888103953600 by task kunit_try_catch/252 [ 14.012372] [ 14.012592] CPU: 0 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.012647] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.012659] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.012681] Call Trace: [ 14.012694] <TASK> [ 14.012711] dump_stack_lvl+0x73/0xb0 [ 14.012790] print_report+0xd1/0x650 [ 14.012814] ? __virt_addr_valid+0x1db/0x2d0 [ 14.012840] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.012874] ? mempool_double_free_helper+0x184/0x370 [ 14.012899] kasan_report_invalid_free+0x10a/0x130 [ 14.012934] ? mempool_double_free_helper+0x184/0x370 [ 14.012960] ? mempool_double_free_helper+0x184/0x370 [ 14.012984] ? mempool_double_free_helper+0x184/0x370 [ 14.013033] check_slab_allocation+0x101/0x130 [ 14.013056] __kasan_mempool_poison_object+0x91/0x1d0 [ 14.013082] mempool_free+0x2ec/0x380 [ 14.013110] mempool_double_free_helper+0x184/0x370 [ 14.013134] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.013161] ? __kasan_check_write+0x18/0x20 [ 14.013180] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.013202] ? finish_task_switch.isra.0+0x153/0x700 [ 14.013230] mempool_kmalloc_double_free+0xed/0x140 [ 14.013254] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 14.013282] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.013304] ? __pfx_mempool_kfree+0x10/0x10 [ 14.013330] ? __pfx_read_tsc+0x10/0x10 [ 14.013352] ? ktime_get_ts64+0x86/0x230 [ 14.013378] kunit_try_run_case+0x1a5/0x480 [ 14.013404] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.013427] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.013451] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.013476] ? __kthread_parkme+0x82/0x180 [ 14.013497] ? preempt_count_sub+0x50/0x80 [ 14.013520] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.013545] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.013569] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.013594] kthread+0x337/0x6f0 [ 14.013613] ? trace_preempt_on+0x20/0xc0 [ 14.013637] ? __pfx_kthread+0x10/0x10 [ 14.013657] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.013679] ? calculate_sigpending+0x7b/0xa0 [ 14.013703] ? __pfx_kthread+0x10/0x10 [ 14.013724] ret_from_fork+0x116/0x1d0 [ 14.013759] ? __pfx_kthread+0x10/0x10 [ 14.013780] ret_from_fork_asm+0x1a/0x30 [ 14.013812] </TASK> [ 14.013822] [ 14.027278] Allocated by task 252: [ 14.027620] kasan_save_stack+0x45/0x70 [ 14.028102] kasan_save_track+0x18/0x40 [ 14.028580] kasan_save_alloc_info+0x3b/0x50 [ 14.029069] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.029546] remove_element+0x11e/0x190 [ 14.029937] mempool_alloc_preallocated+0x4d/0x90 [ 14.030557] mempool_double_free_helper+0x8a/0x370 [ 14.031016] mempool_kmalloc_double_free+0xed/0x140 [ 14.031495] kunit_try_run_case+0x1a5/0x480 [ 14.031898] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.032505] kthread+0x337/0x6f0 [ 14.032904] ret_from_fork+0x116/0x1d0 [ 14.033298] ret_from_fork_asm+0x1a/0x30 [ 14.033664] [ 14.033841] Freed by task 252: [ 14.034213] kasan_save_stack+0x45/0x70 [ 14.034707] kasan_save_track+0x18/0x40 [ 14.035207] kasan_save_free_info+0x3f/0x60 [ 14.035597] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.036154] mempool_free+0x2ec/0x380 [ 14.036505] mempool_double_free_helper+0x109/0x370 [ 14.036977] mempool_kmalloc_double_free+0xed/0x140 [ 14.037524] kunit_try_run_case+0x1a5/0x480 [ 14.038035] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.038664] kthread+0x337/0x6f0 [ 14.039051] ret_from_fork+0x116/0x1d0 [ 14.039356] ret_from_fork_asm+0x1a/0x30 [ 14.039494] [ 14.039562] The buggy address belongs to the object at ffff888103953600 [ 14.039562] which belongs to the cache kmalloc-128 of size 128 [ 14.039913] The buggy address is located 0 bytes inside of [ 14.039913] 128-byte region [ffff888103953600, ffff888103953680) [ 14.040540] [ 14.040738] The buggy address belongs to the physical page: [ 14.041205] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103953 [ 14.041439] flags: 0x200000000000000(node=0|zone=2) [ 14.041595] page_type: f5(slab) [ 14.041711] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.042492] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.043402] page dumped because: kasan: bad access detected [ 14.043937] [ 14.044128] Memory state around the buggy address: [ 14.044542] ffff888103953500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.044819] ffff888103953580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.045509] >ffff888103953600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.045996] ^ [ 14.046378] ffff888103953680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.046829] ffff888103953700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.047332] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 13.983613] ================================================================== [ 13.984507] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.985214] Read of size 1 at addr ffff888102a58000 by task kunit_try_catch/250 [ 13.986090] [ 13.986334] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.986383] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.986395] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.986416] Call Trace: [ 13.986430] <TASK> [ 13.986446] dump_stack_lvl+0x73/0xb0 [ 13.986477] print_report+0xd1/0x650 [ 13.986508] ? __virt_addr_valid+0x1db/0x2d0 [ 13.986532] ? mempool_uaf_helper+0x392/0x400 [ 13.986554] ? kasan_addr_to_slab+0x11/0xa0 [ 13.986575] ? mempool_uaf_helper+0x392/0x400 [ 13.986598] kasan_report+0x141/0x180 [ 13.986619] ? mempool_uaf_helper+0x392/0x400 [ 13.986647] __asan_report_load1_noabort+0x18/0x20 [ 13.986672] mempool_uaf_helper+0x392/0x400 [ 13.986696] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.986720] ? __kasan_check_write+0x18/0x20 [ 13.986740] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.986773] ? irqentry_exit+0x2a/0x60 [ 13.986795] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.986824] mempool_page_alloc_uaf+0xed/0x140 [ 13.986958] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 13.986989] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 13.987034] ? __pfx_mempool_free_pages+0x10/0x10 [ 13.987060] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 13.987087] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 13.987113] kunit_try_run_case+0x1a5/0x480 [ 13.987138] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.987160] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.987184] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.987208] ? __kthread_parkme+0x82/0x180 [ 13.987228] ? preempt_count_sub+0x50/0x80 [ 13.987252] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.987277] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.987300] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.987326] kthread+0x337/0x6f0 [ 13.987344] ? trace_preempt_on+0x20/0xc0 [ 13.987368] ? __pfx_kthread+0x10/0x10 [ 13.987388] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.987409] ? calculate_sigpending+0x7b/0xa0 [ 13.987434] ? __pfx_kthread+0x10/0x10 [ 13.987456] ret_from_fork+0x116/0x1d0 [ 13.987474] ? __pfx_kthread+0x10/0x10 [ 13.987494] ret_from_fork_asm+0x1a/0x30 [ 13.987527] </TASK> [ 13.987536] [ 14.000968] The buggy address belongs to the physical page: [ 14.001513] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a58 [ 14.001975] flags: 0x200000000000000(node=0|zone=2) [ 14.002356] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 14.002684] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.003197] page dumped because: kasan: bad access detected [ 14.003521] [ 14.003609] Memory state around the buggy address: [ 14.003965] ffff888102a57f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.004453] ffff888102a57f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.004741] >ffff888102a58000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.005389] ^ [ 14.005516] ffff888102a58080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.005984] ffff888102a58100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.006403] ================================================================== [ 13.910638] ================================================================== [ 13.911409] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.911717] Read of size 1 at addr ffff888102a54000 by task kunit_try_catch/246 [ 13.912161] [ 13.912303] CPU: 1 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.912348] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.912361] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.912381] Call Trace: [ 13.912394] <TASK> [ 13.912411] dump_stack_lvl+0x73/0xb0 [ 13.912463] print_report+0xd1/0x650 [ 13.912486] ? __virt_addr_valid+0x1db/0x2d0 [ 13.912509] ? mempool_uaf_helper+0x392/0x400 [ 13.912531] ? kasan_addr_to_slab+0x11/0xa0 [ 13.912551] ? mempool_uaf_helper+0x392/0x400 [ 13.912574] kasan_report+0x141/0x180 [ 13.912595] ? mempool_uaf_helper+0x392/0x400 [ 13.912641] __asan_report_load1_noabort+0x18/0x20 [ 13.912666] mempool_uaf_helper+0x392/0x400 [ 13.912689] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.912711] ? update_load_avg+0x1be/0x21b0 [ 13.912735] ? update_load_avg+0x1be/0x21b0 [ 13.912765] ? update_curr+0x80/0x810 [ 13.912787] ? finish_task_switch.isra.0+0x153/0x700 [ 13.912814] mempool_kmalloc_large_uaf+0xef/0x140 [ 13.912837] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 13.912865] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.912889] ? __pfx_mempool_kfree+0x10/0x10 [ 13.912913] ? __pfx_read_tsc+0x10/0x10 [ 13.912947] ? ktime_get_ts64+0x86/0x230 [ 13.912972] kunit_try_run_case+0x1a5/0x480 [ 13.912997] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.913020] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.913044] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.913114] ? __kthread_parkme+0x82/0x180 [ 13.913136] ? preempt_count_sub+0x50/0x80 [ 13.913160] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.913184] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.913209] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.913234] kthread+0x337/0x6f0 [ 13.913253] ? trace_preempt_on+0x20/0xc0 [ 13.913276] ? __pfx_kthread+0x10/0x10 [ 13.913296] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.913317] ? calculate_sigpending+0x7b/0xa0 [ 13.913342] ? __pfx_kthread+0x10/0x10 [ 13.913364] ret_from_fork+0x116/0x1d0 [ 13.913382] ? __pfx_kthread+0x10/0x10 [ 13.913403] ret_from_fork_asm+0x1a/0x30 [ 13.913435] </TASK> [ 13.913446] [ 13.922456] The buggy address belongs to the physical page: [ 13.922773] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a54 [ 13.923174] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.923407] flags: 0x200000000000040(head|node=0|zone=2) [ 13.923674] page_type: f8(unknown) [ 13.923850] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.924193] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.924426] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.925113] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.925433] head: 0200000000000002 ffffea00040a9501 00000000ffffffff 00000000ffffffff [ 13.925748] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.926134] page dumped because: kasan: bad access detected [ 13.926344] [ 13.926446] Memory state around the buggy address: [ 13.926704] ffff888102a53f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.927283] ffff888102a53f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.927616] >ffff888102a54000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.928001] ^ [ 13.928168] ffff888102a54080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.928508] ffff888102a54100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.928870] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 13.932897] ================================================================== [ 13.933484] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.933724] Read of size 1 at addr ffff888103956240 by task kunit_try_catch/248 [ 13.934008] [ 13.934096] CPU: 0 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.934159] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.934174] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.934197] Call Trace: [ 13.934208] <TASK> [ 13.934224] dump_stack_lvl+0x73/0xb0 [ 13.934254] print_report+0xd1/0x650 [ 13.934277] ? __virt_addr_valid+0x1db/0x2d0 [ 13.934301] ? mempool_uaf_helper+0x392/0x400 [ 13.934323] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.934347] ? mempool_uaf_helper+0x392/0x400 [ 13.934369] kasan_report+0x141/0x180 [ 13.934392] ? mempool_uaf_helper+0x392/0x400 [ 13.934420] __asan_report_load1_noabort+0x18/0x20 [ 13.934445] mempool_uaf_helper+0x392/0x400 [ 13.934469] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.934491] ? update_load_avg+0x1be/0x21b0 [ 13.934526] ? finish_task_switch.isra.0+0x153/0x700 [ 13.934552] mempool_slab_uaf+0xea/0x140 [ 13.934576] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 13.934604] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 13.934632] ? __pfx_mempool_free_slab+0x10/0x10 [ 13.934660] ? __pfx_read_tsc+0x10/0x10 [ 13.934682] ? ktime_get_ts64+0x86/0x230 [ 13.934706] kunit_try_run_case+0x1a5/0x480 [ 13.934731] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.935343] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.935378] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.935405] ? __kthread_parkme+0x82/0x180 [ 13.935429] ? preempt_count_sub+0x50/0x80 [ 13.935454] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.935481] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.935508] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.935534] kthread+0x337/0x6f0 [ 13.935554] ? trace_preempt_on+0x20/0xc0 [ 13.935579] ? __pfx_kthread+0x10/0x10 [ 13.935601] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.935623] ? calculate_sigpending+0x7b/0xa0 [ 13.935647] ? __pfx_kthread+0x10/0x10 [ 13.935669] ret_from_fork+0x116/0x1d0 [ 13.935687] ? __pfx_kthread+0x10/0x10 [ 13.935707] ret_from_fork_asm+0x1a/0x30 [ 13.935738] </TASK> [ 13.935802] [ 13.954690] Allocated by task 248: [ 13.955158] kasan_save_stack+0x45/0x70 [ 13.955630] kasan_save_track+0x18/0x40 [ 13.955781] kasan_save_alloc_info+0x3b/0x50 [ 13.956527] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 13.957114] remove_element+0x11e/0x190 [ 13.957610] mempool_alloc_preallocated+0x4d/0x90 [ 13.958029] mempool_uaf_helper+0x96/0x400 [ 13.958448] mempool_slab_uaf+0xea/0x140 [ 13.958610] kunit_try_run_case+0x1a5/0x480 [ 13.958761] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.958955] kthread+0x337/0x6f0 [ 13.959130] ret_from_fork+0x116/0x1d0 [ 13.959331] ret_from_fork_asm+0x1a/0x30 [ 13.959538] [ 13.959632] Freed by task 248: [ 13.960333] kasan_save_stack+0x45/0x70 [ 13.960616] kasan_save_track+0x18/0x40 [ 13.960876] kasan_save_free_info+0x3f/0x60 [ 13.961219] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.961656] mempool_free+0x2ec/0x380 [ 13.962217] mempool_uaf_helper+0x11a/0x400 [ 13.962438] mempool_slab_uaf+0xea/0x140 [ 13.962937] kunit_try_run_case+0x1a5/0x480 [ 13.963158] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.963842] kthread+0x337/0x6f0 [ 13.964348] ret_from_fork+0x116/0x1d0 [ 13.964489] ret_from_fork_asm+0x1a/0x30 [ 13.964626] [ 13.964697] The buggy address belongs to the object at ffff888103956240 [ 13.964697] which belongs to the cache test_cache of size 123 [ 13.966152] The buggy address is located 0 bytes inside of [ 13.966152] freed 123-byte region [ffff888103956240, ffff8881039562bb) [ 13.966887] [ 13.967051] The buggy address belongs to the physical page: [ 13.967646] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103956 [ 13.968429] flags: 0x200000000000000(node=0|zone=2) [ 13.968979] page_type: f5(slab) [ 13.969305] raw: 0200000000000000 ffff88810394a500 dead000000000122 0000000000000000 [ 13.970192] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 13.970417] page dumped because: kasan: bad access detected [ 13.970591] [ 13.970659] Memory state around the buggy address: [ 13.971296] ffff888103956100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.972130] ffff888103956180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.972947] >ffff888103956200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 13.973784] ^ [ 13.974259] ffff888103956280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.974700] ffff888103956300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.975478] ================================================================== [ 13.883863] ================================================================== [ 13.884595] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.884965] Read of size 1 at addr ffff888103953200 by task kunit_try_catch/244 [ 13.885274] [ 13.885362] CPU: 0 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.885485] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.885501] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.885537] Call Trace: [ 13.885550] <TASK> [ 13.885566] dump_stack_lvl+0x73/0xb0 [ 13.885598] print_report+0xd1/0x650 [ 13.885620] ? __virt_addr_valid+0x1db/0x2d0 [ 13.885645] ? mempool_uaf_helper+0x392/0x400 [ 13.885666] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.885689] ? mempool_uaf_helper+0x392/0x400 [ 13.885712] kasan_report+0x141/0x180 [ 13.885734] ? mempool_uaf_helper+0x392/0x400 [ 13.885770] __asan_report_load1_noabort+0x18/0x20 [ 13.885795] mempool_uaf_helper+0x392/0x400 [ 13.885818] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.885865] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.885888] ? finish_task_switch.isra.0+0x153/0x700 [ 13.885914] mempool_kmalloc_uaf+0xef/0x140 [ 13.885949] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 13.885975] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.886000] ? __pfx_mempool_kfree+0x10/0x10 [ 13.886025] ? __pfx_read_tsc+0x10/0x10 [ 13.886097] ? ktime_get_ts64+0x86/0x230 [ 13.886125] kunit_try_run_case+0x1a5/0x480 [ 13.886150] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.886173] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.886197] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.886222] ? __kthread_parkme+0x82/0x180 [ 13.886242] ? preempt_count_sub+0x50/0x80 [ 13.886266] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.886290] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.886314] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.886340] kthread+0x337/0x6f0 [ 13.886359] ? trace_preempt_on+0x20/0xc0 [ 13.886383] ? __pfx_kthread+0x10/0x10 [ 13.886403] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.886425] ? calculate_sigpending+0x7b/0xa0 [ 13.886449] ? __pfx_kthread+0x10/0x10 [ 13.886471] ret_from_fork+0x116/0x1d0 [ 13.886489] ? __pfx_kthread+0x10/0x10 [ 13.886516] ret_from_fork_asm+0x1a/0x30 [ 13.886549] </TASK> [ 13.886558] [ 13.894913] Allocated by task 244: [ 13.895059] kasan_save_stack+0x45/0x70 [ 13.895277] kasan_save_track+0x18/0x40 [ 13.895470] kasan_save_alloc_info+0x3b/0x50 [ 13.895766] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.895994] remove_element+0x11e/0x190 [ 13.896136] mempool_alloc_preallocated+0x4d/0x90 [ 13.896294] mempool_uaf_helper+0x96/0x400 [ 13.896491] mempool_kmalloc_uaf+0xef/0x140 [ 13.896696] kunit_try_run_case+0x1a5/0x480 [ 13.897057] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.897313] kthread+0x337/0x6f0 [ 13.897479] ret_from_fork+0x116/0x1d0 [ 13.897635] ret_from_fork_asm+0x1a/0x30 [ 13.897905] [ 13.898109] Freed by task 244: [ 13.898279] kasan_save_stack+0x45/0x70 [ 13.898438] kasan_save_track+0x18/0x40 [ 13.898611] kasan_save_free_info+0x3f/0x60 [ 13.898847] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.899183] mempool_free+0x2ec/0x380 [ 13.899383] mempool_uaf_helper+0x11a/0x400 [ 13.899570] mempool_kmalloc_uaf+0xef/0x140 [ 13.899836] kunit_try_run_case+0x1a5/0x480 [ 13.900011] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.900187] kthread+0x337/0x6f0 [ 13.900307] ret_from_fork+0x116/0x1d0 [ 13.900507] ret_from_fork_asm+0x1a/0x30 [ 13.900708] [ 13.900878] The buggy address belongs to the object at ffff888103953200 [ 13.900878] which belongs to the cache kmalloc-128 of size 128 [ 13.901725] The buggy address is located 0 bytes inside of [ 13.901725] freed 128-byte region [ffff888103953200, ffff888103953280) [ 13.902309] [ 13.902387] The buggy address belongs to the physical page: [ 13.902629] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103953 [ 13.903149] flags: 0x200000000000000(node=0|zone=2) [ 13.903363] page_type: f5(slab) [ 13.903579] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.903832] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.904070] page dumped because: kasan: bad access detected [ 13.904241] [ 13.904322] Memory state around the buggy address: [ 13.904574] ffff888103953100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.904901] ffff888103953180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.905517] >ffff888103953200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.905852] ^ [ 13.905978] ffff888103953280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.906635] ffff888103953300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.907003] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 13.788999] ================================================================== [ 13.789668] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 13.790222] Read of size 1 at addr ffff888102a13273 by task kunit_try_catch/238 [ 13.790749] [ 13.790945] CPU: 1 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.791147] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.791162] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.791186] Call Trace: [ 13.791200] <TASK> [ 13.791220] dump_stack_lvl+0x73/0xb0 [ 13.791256] print_report+0xd1/0x650 [ 13.791279] ? __virt_addr_valid+0x1db/0x2d0 [ 13.791305] ? mempool_oob_right_helper+0x318/0x380 [ 13.791330] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.791354] ? mempool_oob_right_helper+0x318/0x380 [ 13.791378] kasan_report+0x141/0x180 [ 13.791401] ? mempool_oob_right_helper+0x318/0x380 [ 13.791430] __asan_report_load1_noabort+0x18/0x20 [ 13.791455] mempool_oob_right_helper+0x318/0x380 [ 13.791480] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.791503] ? update_load_avg+0x1be/0x21b0 [ 13.791529] ? update_load_avg+0x1be/0x21b0 [ 13.791551] ? update_curr+0x80/0x810 [ 13.791570] ? pick_eevdf+0x18a/0x590 [ 13.791592] ? finish_task_switch.isra.0+0x153/0x700 [ 13.791619] mempool_kmalloc_oob_right+0xf2/0x150 [ 13.791644] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 13.791671] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.791697] ? __pfx_mempool_kfree+0x10/0x10 [ 13.791723] ? __pfx_read_tsc+0x10/0x10 [ 13.791755] ? ktime_get_ts64+0x86/0x230 [ 13.791781] kunit_try_run_case+0x1a5/0x480 [ 13.791808] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.791830] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.791855] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.791879] ? __kthread_parkme+0x82/0x180 [ 13.791901] ? preempt_count_sub+0x50/0x80 [ 13.791937] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.791961] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.791986] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.792028] kthread+0x337/0x6f0 [ 13.792054] ? trace_preempt_on+0x20/0xc0 [ 13.792078] ? __pfx_kthread+0x10/0x10 [ 13.792099] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.792121] ? calculate_sigpending+0x7b/0xa0 [ 13.792145] ? __pfx_kthread+0x10/0x10 [ 13.792167] ret_from_fork+0x116/0x1d0 [ 13.792185] ? __pfx_kthread+0x10/0x10 [ 13.792205] ret_from_fork_asm+0x1a/0x30 [ 13.792238] </TASK> [ 13.792250] [ 13.804455] Allocated by task 238: [ 13.804648] kasan_save_stack+0x45/0x70 [ 13.804858] kasan_save_track+0x18/0x40 [ 13.805075] kasan_save_alloc_info+0x3b/0x50 [ 13.805566] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.805844] remove_element+0x11e/0x190 [ 13.806176] mempool_alloc_preallocated+0x4d/0x90 [ 13.806376] mempool_oob_right_helper+0x8a/0x380 [ 13.806585] mempool_kmalloc_oob_right+0xf2/0x150 [ 13.806971] kunit_try_run_case+0x1a5/0x480 [ 13.807305] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.807504] kthread+0x337/0x6f0 [ 13.807839] ret_from_fork+0x116/0x1d0 [ 13.808024] ret_from_fork_asm+0x1a/0x30 [ 13.808414] [ 13.808519] The buggy address belongs to the object at ffff888102a13200 [ 13.808519] which belongs to the cache kmalloc-128 of size 128 [ 13.809222] The buggy address is located 0 bytes to the right of [ 13.809222] allocated 115-byte region [ffff888102a13200, ffff888102a13273) [ 13.809720] [ 13.810118] The buggy address belongs to the physical page: [ 13.810440] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a13 [ 13.810874] flags: 0x200000000000000(node=0|zone=2) [ 13.811061] page_type: f5(slab) [ 13.811186] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.811420] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.811816] page dumped because: kasan: bad access detected [ 13.811997] [ 13.812065] Memory state around the buggy address: [ 13.812217] ffff888102a13100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.812428] ffff888102a13180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.812637] >ffff888102a13200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.812844] ^ [ 13.813456] ffff888102a13280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.813685] ffff888102a13300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.814391] ================================================================== [ 13.852824] ================================================================== [ 13.853580] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 13.853865] Read of size 1 at addr ffff8881039532bb by task kunit_try_catch/242 [ 13.854411] [ 13.854532] CPU: 0 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.854579] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.854590] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.854613] Call Trace: [ 13.854625] <TASK> [ 13.854642] dump_stack_lvl+0x73/0xb0 [ 13.854674] print_report+0xd1/0x650 [ 13.854697] ? __virt_addr_valid+0x1db/0x2d0 [ 13.854724] ? mempool_oob_right_helper+0x318/0x380 [ 13.855006] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.855253] ? mempool_oob_right_helper+0x318/0x380 [ 13.855280] kasan_report+0x141/0x180 [ 13.855302] ? mempool_oob_right_helper+0x318/0x380 [ 13.855332] __asan_report_load1_noabort+0x18/0x20 [ 13.855357] mempool_oob_right_helper+0x318/0x380 [ 13.855382] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.855409] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.855432] ? finish_task_switch.isra.0+0x153/0x700 [ 13.855459] mempool_slab_oob_right+0xed/0x140 [ 13.855483] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 13.855511] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 13.855537] ? __pfx_mempool_free_slab+0x10/0x10 [ 13.855563] ? __pfx_read_tsc+0x10/0x10 [ 13.855584] ? ktime_get_ts64+0x86/0x230 [ 13.855608] kunit_try_run_case+0x1a5/0x480 [ 13.855634] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.855657] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.855681] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.855705] ? __kthread_parkme+0x82/0x180 [ 13.855726] ? preempt_count_sub+0x50/0x80 [ 13.855751] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.855776] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.855801] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.855827] kthread+0x337/0x6f0 [ 13.855846] ? trace_preempt_on+0x20/0xc0 [ 13.855869] ? __pfx_kthread+0x10/0x10 [ 13.855891] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.855913] ? calculate_sigpending+0x7b/0xa0 [ 13.855955] ? __pfx_kthread+0x10/0x10 [ 13.855977] ret_from_fork+0x116/0x1d0 [ 13.855995] ? __pfx_kthread+0x10/0x10 [ 13.856015] ret_from_fork_asm+0x1a/0x30 [ 13.856061] </TASK> [ 13.856071] [ 13.867987] Allocated by task 242: [ 13.868195] kasan_save_stack+0x45/0x70 [ 13.868491] kasan_save_track+0x18/0x40 [ 13.868644] kasan_save_alloc_info+0x3b/0x50 [ 13.868788] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 13.869059] remove_element+0x11e/0x190 [ 13.869280] mempool_alloc_preallocated+0x4d/0x90 [ 13.869507] mempool_oob_right_helper+0x8a/0x380 [ 13.869661] mempool_slab_oob_right+0xed/0x140 [ 13.869895] kunit_try_run_case+0x1a5/0x480 [ 13.870223] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.870481] kthread+0x337/0x6f0 [ 13.870607] ret_from_fork+0x116/0x1d0 [ 13.870735] ret_from_fork_asm+0x1a/0x30 [ 13.870953] [ 13.871126] The buggy address belongs to the object at ffff888103953240 [ 13.871126] which belongs to the cache test_cache of size 123 [ 13.871676] The buggy address is located 0 bytes to the right of [ 13.871676] allocated 123-byte region [ffff888103953240, ffff8881039532bb) [ 13.872412] [ 13.872491] The buggy address belongs to the physical page: [ 13.872712] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103953 [ 13.873289] flags: 0x200000000000000(node=0|zone=2) [ 13.873488] page_type: f5(slab) [ 13.873694] raw: 0200000000000000 ffff88810394a3c0 dead000000000122 0000000000000000 [ 13.874011] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 13.874349] page dumped because: kasan: bad access detected [ 13.874520] [ 13.874586] Memory state around the buggy address: [ 13.874827] ffff888103953180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.875414] ffff888103953200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 13.875748] >ffff888103953280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 13.875997] ^ [ 13.876169] ffff888103953300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.876592] ffff888103953380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.876950] ================================================================== [ 13.823745] ================================================================== [ 13.824484] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 13.825012] Read of size 1 at addr ffff888102a56001 by task kunit_try_catch/240 [ 13.825466] [ 13.825651] CPU: 1 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.825698] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.825709] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.825728] Call Trace: [ 13.825741] <TASK> [ 13.825755] dump_stack_lvl+0x73/0xb0 [ 13.825956] print_report+0xd1/0x650 [ 13.825990] ? __virt_addr_valid+0x1db/0x2d0 [ 13.826046] ? mempool_oob_right_helper+0x318/0x380 [ 13.826088] ? kasan_addr_to_slab+0x11/0xa0 [ 13.826112] ? mempool_oob_right_helper+0x318/0x380 [ 13.826137] kasan_report+0x141/0x180 [ 13.826160] ? mempool_oob_right_helper+0x318/0x380 [ 13.826189] __asan_report_load1_noabort+0x18/0x20 [ 13.826214] mempool_oob_right_helper+0x318/0x380 [ 13.826240] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.826268] ? __kasan_check_write+0x18/0x20 [ 13.826289] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.826312] ? finish_task_switch.isra.0+0x153/0x700 [ 13.826339] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 13.826366] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 13.826396] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.826421] ? __pfx_mempool_kfree+0x10/0x10 [ 13.826447] ? __pfx_read_tsc+0x10/0x10 [ 13.826468] ? ktime_get_ts64+0x86/0x230 [ 13.826494] kunit_try_run_case+0x1a5/0x480 [ 13.826522] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.826545] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.826570] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.826593] ? __kthread_parkme+0x82/0x180 [ 13.826613] ? preempt_count_sub+0x50/0x80 [ 13.826637] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.826661] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.826686] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.826711] kthread+0x337/0x6f0 [ 13.826729] ? trace_preempt_on+0x20/0xc0 [ 13.826771] ? __pfx_kthread+0x10/0x10 [ 13.826791] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.826814] ? calculate_sigpending+0x7b/0xa0 [ 13.826838] ? __pfx_kthread+0x10/0x10 [ 13.826859] ret_from_fork+0x116/0x1d0 [ 13.826878] ? __pfx_kthread+0x10/0x10 [ 13.826898] ret_from_fork_asm+0x1a/0x30 [ 13.826941] </TASK> [ 13.826951] [ 13.838215] The buggy address belongs to the physical page: [ 13.838468] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a54 [ 13.839017] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.839667] flags: 0x200000000000040(head|node=0|zone=2) [ 13.840329] page_type: f8(unknown) [ 13.840530] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.840944] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.841537] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.842131] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.842466] head: 0200000000000002 ffffea00040a9501 00000000ffffffff 00000000ffffffff [ 13.842991] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.843681] page dumped because: kasan: bad access detected [ 13.844001] [ 13.844236] Memory state around the buggy address: [ 13.844454] ffff888102a55f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.844748] ffff888102a55f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.845048] >ffff888102a56000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.845337] ^ [ 13.845489] ffff888102a56080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.846417] ffff888102a56100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.846973] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 13.218024] ================================================================== [ 13.218843] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 13.219253] Read of size 1 at addr ffff88810394a140 by task kunit_try_catch/232 [ 13.219574] [ 13.219673] CPU: 0 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.219719] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.219730] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.219753] Call Trace: [ 13.219766] <TASK> [ 13.219783] dump_stack_lvl+0x73/0xb0 [ 13.219815] print_report+0xd1/0x650 [ 13.219838] ? __virt_addr_valid+0x1db/0x2d0 [ 13.219862] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.219887] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.219910] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.219947] kasan_report+0x141/0x180 [ 13.219969] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.219997] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.220023] __kasan_check_byte+0x3d/0x50 [ 13.220046] kmem_cache_destroy+0x25/0x1d0 [ 13.220070] kmem_cache_double_destroy+0x1bf/0x380 [ 13.220095] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 13.220120] ? finish_task_switch.isra.0+0x153/0x700 [ 13.220143] ? __switch_to+0x47/0xf50 [ 13.220173] ? __pfx_read_tsc+0x10/0x10 [ 13.220194] ? ktime_get_ts64+0x86/0x230 [ 13.220218] kunit_try_run_case+0x1a5/0x480 [ 13.220244] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.220267] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.220293] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.220316] ? __kthread_parkme+0x82/0x180 [ 13.220338] ? preempt_count_sub+0x50/0x80 [ 13.220360] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.220385] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.220409] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.220434] kthread+0x337/0x6f0 [ 13.220453] ? trace_preempt_on+0x20/0xc0 [ 13.220476] ? __pfx_kthread+0x10/0x10 [ 13.220497] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.220517] ? calculate_sigpending+0x7b/0xa0 [ 13.220542] ? __pfx_kthread+0x10/0x10 [ 13.220563] ret_from_fork+0x116/0x1d0 [ 13.220581] ? __pfx_kthread+0x10/0x10 [ 13.220601] ret_from_fork_asm+0x1a/0x30 [ 13.220635] </TASK> [ 13.220644] [ 13.231581] Allocated by task 232: [ 13.232241] kasan_save_stack+0x45/0x70 [ 13.232443] kasan_save_track+0x18/0x40 [ 13.232585] kasan_save_alloc_info+0x3b/0x50 [ 13.232943] __kasan_slab_alloc+0x91/0xa0 [ 13.233292] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.233508] __kmem_cache_create_args+0x169/0x240 [ 13.233719] kmem_cache_double_destroy+0xd5/0x380 [ 13.234294] kunit_try_run_case+0x1a5/0x480 [ 13.234471] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.234954] kthread+0x337/0x6f0 [ 13.235204] ret_from_fork+0x116/0x1d0 [ 13.235360] ret_from_fork_asm+0x1a/0x30 [ 13.235569] [ 13.235663] Freed by task 232: [ 13.235793] kasan_save_stack+0x45/0x70 [ 13.236447] kasan_save_track+0x18/0x40 [ 13.236689] kasan_save_free_info+0x3f/0x60 [ 13.236951] __kasan_slab_free+0x56/0x70 [ 13.237446] kmem_cache_free+0x249/0x420 [ 13.237607] slab_kmem_cache_release+0x2e/0x40 [ 13.237988] kmem_cache_release+0x16/0x20 [ 13.238350] kobject_put+0x181/0x450 [ 13.238611] sysfs_slab_release+0x16/0x20 [ 13.238887] kmem_cache_destroy+0xf0/0x1d0 [ 13.239066] kmem_cache_double_destroy+0x14e/0x380 [ 13.239440] kunit_try_run_case+0x1a5/0x480 [ 13.239649] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.240202] kthread+0x337/0x6f0 [ 13.240348] ret_from_fork+0x116/0x1d0 [ 13.240661] ret_from_fork_asm+0x1a/0x30 [ 13.240898] [ 13.240983] The buggy address belongs to the object at ffff88810394a140 [ 13.240983] which belongs to the cache kmem_cache of size 208 [ 13.241789] The buggy address is located 0 bytes inside of [ 13.241789] freed 208-byte region [ffff88810394a140, ffff88810394a210) [ 13.242609] [ 13.242794] The buggy address belongs to the physical page: [ 13.243241] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10394a [ 13.243553] flags: 0x200000000000000(node=0|zone=2) [ 13.243964] page_type: f5(slab) [ 13.244308] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 13.244697] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 13.245171] page dumped because: kasan: bad access detected [ 13.245569] [ 13.245665] Memory state around the buggy address: [ 13.246180] ffff88810394a000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.246439] ffff88810394a080: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 13.246906] >ffff88810394a100: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 13.247323] ^ [ 13.247573] ffff88810394a180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.248127] ffff88810394a200: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.248410] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 13.156320] ================================================================== [ 13.156799] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.157246] Read of size 1 at addr ffff888102a0e000 by task kunit_try_catch/230 [ 13.157520] [ 13.157636] CPU: 1 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.157682] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.157693] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.157714] Call Trace: [ 13.157728] <TASK> [ 13.157747] dump_stack_lvl+0x73/0xb0 [ 13.157779] print_report+0xd1/0x650 [ 13.157802] ? __virt_addr_valid+0x1db/0x2d0 [ 13.157852] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.157875] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.157898] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.157931] kasan_report+0x141/0x180 [ 13.157953] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.157981] __asan_report_load1_noabort+0x18/0x20 [ 13.158006] kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.158030] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 13.158052] ? finish_task_switch.isra.0+0x153/0x700 [ 13.158076] ? __switch_to+0x47/0xf50 [ 13.158123] ? __pfx_read_tsc+0x10/0x10 [ 13.158144] ? ktime_get_ts64+0x86/0x230 [ 13.158169] kunit_try_run_case+0x1a5/0x480 [ 13.158195] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.158217] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.158242] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.158265] ? __kthread_parkme+0x82/0x180 [ 13.158286] ? preempt_count_sub+0x50/0x80 [ 13.158309] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.158333] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.158357] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.158382] kthread+0x337/0x6f0 [ 13.158400] ? trace_preempt_on+0x20/0xc0 [ 13.158424] ? __pfx_kthread+0x10/0x10 [ 13.158445] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.158466] ? calculate_sigpending+0x7b/0xa0 [ 13.158490] ? __pfx_kthread+0x10/0x10 [ 13.158515] ret_from_fork+0x116/0x1d0 [ 13.158533] ? __pfx_kthread+0x10/0x10 [ 13.158553] ret_from_fork_asm+0x1a/0x30 [ 13.158586] </TASK> [ 13.158595] [ 13.168587] Allocated by task 230: [ 13.168759] kasan_save_stack+0x45/0x70 [ 13.168962] kasan_save_track+0x18/0x40 [ 13.169142] kasan_save_alloc_info+0x3b/0x50 [ 13.169339] __kasan_slab_alloc+0x91/0xa0 [ 13.169525] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.169729] kmem_cache_rcu_uaf+0x155/0x510 [ 13.170740] kunit_try_run_case+0x1a5/0x480 [ 13.171221] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.171529] kthread+0x337/0x6f0 [ 13.171949] ret_from_fork+0x116/0x1d0 [ 13.172239] ret_from_fork_asm+0x1a/0x30 [ 13.172436] [ 13.172528] Freed by task 0: [ 13.172665] kasan_save_stack+0x45/0x70 [ 13.173198] kasan_save_track+0x18/0x40 [ 13.173482] kasan_save_free_info+0x3f/0x60 [ 13.173792] __kasan_slab_free+0x56/0x70 [ 13.174219] slab_free_after_rcu_debug+0xe4/0x310 [ 13.174446] rcu_core+0x66f/0x1c40 [ 13.174621] rcu_core_si+0x12/0x20 [ 13.175276] handle_softirqs+0x209/0x730 [ 13.175555] __irq_exit_rcu+0xc9/0x110 [ 13.175915] irq_exit_rcu+0x12/0x20 [ 13.176383] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.176679] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.177133] [ 13.177232] Last potentially related work creation: [ 13.177440] kasan_save_stack+0x45/0x70 [ 13.177623] kasan_record_aux_stack+0xb2/0xc0 [ 13.178421] kmem_cache_free+0x131/0x420 [ 13.178705] kmem_cache_rcu_uaf+0x194/0x510 [ 13.179239] kunit_try_run_case+0x1a5/0x480 [ 13.179452] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.179698] kthread+0x337/0x6f0 [ 13.180135] ret_from_fork+0x116/0x1d0 [ 13.180458] ret_from_fork_asm+0x1a/0x30 [ 13.180908] [ 13.181026] The buggy address belongs to the object at ffff888102a0e000 [ 13.181026] which belongs to the cache test_cache of size 200 [ 13.181777] The buggy address is located 0 bytes inside of [ 13.181777] freed 200-byte region [ffff888102a0e000, ffff888102a0e0c8) [ 13.182551] [ 13.182790] The buggy address belongs to the physical page: [ 13.183197] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 13.183784] flags: 0x200000000000000(node=0|zone=2) [ 13.184094] page_type: f5(slab) [ 13.184299] raw: 0200000000000000 ffff888101c02c80 dead000000000122 0000000000000000 [ 13.184597] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.184942] page dumped because: kasan: bad access detected [ 13.185217] [ 13.185318] Memory state around the buggy address: [ 13.185520] ffff888102a0df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.185770] ffff888102a0df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.186285] >ffff888102a0e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.186564] ^ [ 13.186729] ffff888102a0e080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 13.187144] ffff888102a0e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.187413] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 13.094946] ================================================================== [ 13.095612] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 13.096308] Free of addr ffff88810394d001 by task kunit_try_catch/228 [ 13.097209] [ 13.097467] CPU: 0 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.097513] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.097524] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.097545] Call Trace: [ 13.097558] <TASK> [ 13.097575] dump_stack_lvl+0x73/0xb0 [ 13.097609] print_report+0xd1/0x650 [ 13.097631] ? __virt_addr_valid+0x1db/0x2d0 [ 13.097656] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.097678] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.097704] kasan_report_invalid_free+0x10a/0x130 [ 13.097728] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.097764] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.097789] check_slab_allocation+0x11f/0x130 [ 13.097811] __kasan_slab_pre_free+0x28/0x40 [ 13.097831] kmem_cache_free+0xed/0x420 [ 13.097851] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.097871] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.097899] kmem_cache_invalid_free+0x1d8/0x460 [ 13.097960] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 13.097986] ? finish_task_switch.isra.0+0x153/0x700 [ 13.098010] ? __switch_to+0x47/0xf50 [ 13.098039] ? __pfx_read_tsc+0x10/0x10 [ 13.098060] ? ktime_get_ts64+0x86/0x230 [ 13.098084] kunit_try_run_case+0x1a5/0x480 [ 13.098109] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.098132] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.098156] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.098179] ? __kthread_parkme+0x82/0x180 [ 13.098201] ? preempt_count_sub+0x50/0x80 [ 13.098224] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.098248] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.098272] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.098296] kthread+0x337/0x6f0 [ 13.098315] ? trace_preempt_on+0x20/0xc0 [ 13.098340] ? __pfx_kthread+0x10/0x10 [ 13.098380] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.098402] ? calculate_sigpending+0x7b/0xa0 [ 13.098429] ? __pfx_kthread+0x10/0x10 [ 13.098452] ret_from_fork+0x116/0x1d0 [ 13.098472] ? __pfx_kthread+0x10/0x10 [ 13.098492] ret_from_fork_asm+0x1a/0x30 [ 13.098528] </TASK> [ 13.098539] [ 13.113054] Allocated by task 228: [ 13.113369] kasan_save_stack+0x45/0x70 [ 13.113518] kasan_save_track+0x18/0x40 [ 13.113650] kasan_save_alloc_info+0x3b/0x50 [ 13.113856] __kasan_slab_alloc+0x91/0xa0 [ 13.114221] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.114673] kmem_cache_invalid_free+0x157/0x460 [ 13.115158] kunit_try_run_case+0x1a5/0x480 [ 13.115597] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.116118] kthread+0x337/0x6f0 [ 13.116440] ret_from_fork+0x116/0x1d0 [ 13.116579] ret_from_fork_asm+0x1a/0x30 [ 13.116716] [ 13.116805] The buggy address belongs to the object at ffff88810394d000 [ 13.116805] which belongs to the cache test_cache of size 200 [ 13.117898] The buggy address is located 1 bytes inside of [ 13.117898] 200-byte region [ffff88810394d000, ffff88810394d0c8) [ 13.119248] [ 13.119357] The buggy address belongs to the physical page: [ 13.119530] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10394d [ 13.119801] flags: 0x200000000000000(node=0|zone=2) [ 13.120289] page_type: f5(slab) [ 13.120622] raw: 0200000000000000 ffff88810394a000 dead000000000122 0000000000000000 [ 13.121399] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.122330] page dumped because: kasan: bad access detected [ 13.122548] [ 13.122618] Memory state around the buggy address: [ 13.122789] ffff88810394cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.123498] ffff88810394cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.124230] >ffff88810394d000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.124830] ^ [ 13.124979] ffff88810394d080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 13.125530] ffff88810394d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.125754] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 13.049896] ================================================================== [ 13.051001] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 13.051231] Free of addr ffff888102a0d000 by task kunit_try_catch/226 [ 13.051422] [ 13.051511] CPU: 1 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.051552] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.051563] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.051583] Call Trace: [ 13.051594] <TASK> [ 13.051611] dump_stack_lvl+0x73/0xb0 [ 13.051641] print_report+0xd1/0x650 [ 13.051663] ? __virt_addr_valid+0x1db/0x2d0 [ 13.051688] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.051711] ? kmem_cache_double_free+0x1e5/0x480 [ 13.051737] kasan_report_invalid_free+0x10a/0x130 [ 13.051967] ? kmem_cache_double_free+0x1e5/0x480 [ 13.052034] ? kmem_cache_double_free+0x1e5/0x480 [ 13.052059] check_slab_allocation+0x101/0x130 [ 13.052083] __kasan_slab_pre_free+0x28/0x40 [ 13.052104] kmem_cache_free+0xed/0x420 [ 13.052124] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.052145] ? kmem_cache_double_free+0x1e5/0x480 [ 13.052173] kmem_cache_double_free+0x1e5/0x480 [ 13.052197] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 13.052221] ? finish_task_switch.isra.0+0x153/0x700 [ 13.052244] ? __switch_to+0x47/0xf50 [ 13.052273] ? __pfx_read_tsc+0x10/0x10 [ 13.052295] ? ktime_get_ts64+0x86/0x230 [ 13.052320] kunit_try_run_case+0x1a5/0x480 [ 13.052345] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.052506] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.052533] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.052557] ? __kthread_parkme+0x82/0x180 [ 13.052610] ? preempt_count_sub+0x50/0x80 [ 13.052633] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.052669] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.052694] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.052719] kthread+0x337/0x6f0 [ 13.052737] ? trace_preempt_on+0x20/0xc0 [ 13.052781] ? __pfx_kthread+0x10/0x10 [ 13.052801] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.052823] ? calculate_sigpending+0x7b/0xa0 [ 13.052847] ? __pfx_kthread+0x10/0x10 [ 13.052868] ret_from_fork+0x116/0x1d0 [ 13.052887] ? __pfx_kthread+0x10/0x10 [ 13.052907] ret_from_fork_asm+0x1a/0x30 [ 13.052954] </TASK> [ 13.052965] [ 13.068446] Allocated by task 226: [ 13.068589] kasan_save_stack+0x45/0x70 [ 13.068755] kasan_save_track+0x18/0x40 [ 13.069160] kasan_save_alloc_info+0x3b/0x50 [ 13.069632] __kasan_slab_alloc+0x91/0xa0 [ 13.070158] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.070721] kmem_cache_double_free+0x14f/0x480 [ 13.071303] kunit_try_run_case+0x1a5/0x480 [ 13.071625] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.071931] kthread+0x337/0x6f0 [ 13.072452] ret_from_fork+0x116/0x1d0 [ 13.072850] ret_from_fork_asm+0x1a/0x30 [ 13.073093] [ 13.073314] Freed by task 226: [ 13.073575] kasan_save_stack+0x45/0x70 [ 13.073715] kasan_save_track+0x18/0x40 [ 13.074062] kasan_save_free_info+0x3f/0x60 [ 13.074561] __kasan_slab_free+0x56/0x70 [ 13.075032] kmem_cache_free+0x249/0x420 [ 13.075283] kmem_cache_double_free+0x16a/0x480 [ 13.075443] kunit_try_run_case+0x1a5/0x480 [ 13.075592] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.075802] kthread+0x337/0x6f0 [ 13.076177] ret_from_fork+0x116/0x1d0 [ 13.076695] ret_from_fork_asm+0x1a/0x30 [ 13.077248] [ 13.077462] The buggy address belongs to the object at ffff888102a0d000 [ 13.077462] which belongs to the cache test_cache of size 200 [ 13.078709] The buggy address is located 0 bytes inside of [ 13.078709] 200-byte region [ffff888102a0d000, ffff888102a0d0c8) [ 13.079522] [ 13.079601] The buggy address belongs to the physical page: [ 13.079820] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0d [ 13.080746] flags: 0x200000000000000(node=0|zone=2) [ 13.081366] page_type: f5(slab) [ 13.081711] raw: 0200000000000000 ffff888101c02b40 dead000000000122 0000000000000000 [ 13.082317] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.082553] page dumped because: kasan: bad access detected [ 13.082723] [ 13.082836] Memory state around the buggy address: [ 13.083329] ffff888102a0cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.084143] ffff888102a0cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.085130] >ffff888102a0d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.085602] ^ [ 13.085722] ffff888102a0d080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 13.086488] ffff888102a0d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.086735] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 13.011127] ================================================================== [ 13.011497] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 13.011721] Read of size 1 at addr ffff888102a0a0c8 by task kunit_try_catch/224 [ 13.012024] [ 13.012320] CPU: 1 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.012366] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.012378] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.012398] Call Trace: [ 13.012410] <TASK> [ 13.012426] dump_stack_lvl+0x73/0xb0 [ 13.012456] print_report+0xd1/0x650 [ 13.012478] ? __virt_addr_valid+0x1db/0x2d0 [ 13.012501] ? kmem_cache_oob+0x402/0x530 [ 13.012523] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.012546] ? kmem_cache_oob+0x402/0x530 [ 13.012568] kasan_report+0x141/0x180 [ 13.012590] ? kmem_cache_oob+0x402/0x530 [ 13.012618] __asan_report_load1_noabort+0x18/0x20 [ 13.012642] kmem_cache_oob+0x402/0x530 [ 13.012663] ? trace_hardirqs_on+0x37/0xe0 [ 13.012687] ? __pfx_kmem_cache_oob+0x10/0x10 [ 13.012709] ? finish_task_switch.isra.0+0x153/0x700 [ 13.012732] ? __switch_to+0x47/0xf50 [ 13.012761] ? __pfx_read_tsc+0x10/0x10 [ 13.012782] ? ktime_get_ts64+0x86/0x230 [ 13.012806] kunit_try_run_case+0x1a5/0x480 [ 13.012830] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.012853] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.012877] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.012901] ? __kthread_parkme+0x82/0x180 [ 13.012935] ? preempt_count_sub+0x50/0x80 [ 13.012958] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.012982] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.013006] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.013030] kthread+0x337/0x6f0 [ 13.013048] ? trace_preempt_on+0x20/0xc0 [ 13.013070] ? __pfx_kthread+0x10/0x10 [ 13.013091] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.013125] ? calculate_sigpending+0x7b/0xa0 [ 13.013148] ? __pfx_kthread+0x10/0x10 [ 13.013170] ret_from_fork+0x116/0x1d0 [ 13.013187] ? __pfx_kthread+0x10/0x10 [ 13.013208] ret_from_fork_asm+0x1a/0x30 [ 13.013240] </TASK> [ 13.013249] [ 13.021259] Allocated by task 224: [ 13.021397] kasan_save_stack+0x45/0x70 [ 13.021544] kasan_save_track+0x18/0x40 [ 13.021742] kasan_save_alloc_info+0x3b/0x50 [ 13.021967] __kasan_slab_alloc+0x91/0xa0 [ 13.022378] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.022631] kmem_cache_oob+0x157/0x530 [ 13.022782] kunit_try_run_case+0x1a5/0x480 [ 13.022943] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.023251] kthread+0x337/0x6f0 [ 13.023429] ret_from_fork+0x116/0x1d0 [ 13.023616] ret_from_fork_asm+0x1a/0x30 [ 13.023818] [ 13.023913] The buggy address belongs to the object at ffff888102a0a000 [ 13.023913] which belongs to the cache test_cache of size 200 [ 13.024427] The buggy address is located 0 bytes to the right of [ 13.024427] allocated 200-byte region [ffff888102a0a000, ffff888102a0a0c8) [ 13.025087] [ 13.025189] The buggy address belongs to the physical page: [ 13.025418] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 13.025657] flags: 0x200000000000000(node=0|zone=2) [ 13.026002] page_type: f5(slab) [ 13.026193] raw: 0200000000000000 ffff888101c02a00 dead000000000122 0000000000000000 [ 13.026626] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.027006] page dumped because: kasan: bad access detected [ 13.027180] [ 13.027249] Memory state around the buggy address: [ 13.027571] ffff888102a09f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.027897] ffff888102a0a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.028233] >ffff888102a0a080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 13.028741] ^ [ 13.028954] ffff888102a0a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.029233] ffff888102a0a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.029544] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 12.967007] ================================================================== [ 12.967650] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 12.968000] Read of size 8 at addr ffff888102c62d80 by task kunit_try_catch/217 [ 12.968593] [ 12.968715] CPU: 0 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.969019] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.969035] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.969055] Call Trace: [ 12.969067] <TASK> [ 12.969083] dump_stack_lvl+0x73/0xb0 [ 12.969114] print_report+0xd1/0x650 [ 12.969136] ? __virt_addr_valid+0x1db/0x2d0 [ 12.969159] ? workqueue_uaf+0x4d6/0x560 [ 12.969180] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.969203] ? workqueue_uaf+0x4d6/0x560 [ 12.969224] kasan_report+0x141/0x180 [ 12.969246] ? workqueue_uaf+0x4d6/0x560 [ 12.969272] __asan_report_load8_noabort+0x18/0x20 [ 12.969296] workqueue_uaf+0x4d6/0x560 [ 12.969318] ? __pfx_workqueue_uaf+0x10/0x10 [ 12.969341] ? __schedule+0x10cc/0x2b60 [ 12.969364] ? __pfx_read_tsc+0x10/0x10 [ 12.969385] ? ktime_get_ts64+0x86/0x230 [ 12.969410] kunit_try_run_case+0x1a5/0x480 [ 12.969434] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.969457] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.969481] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.969505] ? __kthread_parkme+0x82/0x180 [ 12.969525] ? preempt_count_sub+0x50/0x80 [ 12.969549] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.969573] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.969597] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.969622] kthread+0x337/0x6f0 [ 12.969641] ? trace_preempt_on+0x20/0xc0 [ 12.969665] ? __pfx_kthread+0x10/0x10 [ 12.969686] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.969709] ? calculate_sigpending+0x7b/0xa0 [ 12.969737] ? __pfx_kthread+0x10/0x10 [ 12.969759] ret_from_fork+0x116/0x1d0 [ 12.969777] ? __pfx_kthread+0x10/0x10 [ 12.969812] ret_from_fork_asm+0x1a/0x30 [ 12.969844] </TASK> [ 12.969853] [ 12.980444] Allocated by task 217: [ 12.980785] kasan_save_stack+0x45/0x70 [ 12.981217] kasan_save_track+0x18/0x40 [ 12.981572] kasan_save_alloc_info+0x3b/0x50 [ 12.981985] __kasan_kmalloc+0xb7/0xc0 [ 12.982492] __kmalloc_cache_noprof+0x189/0x420 [ 12.982944] workqueue_uaf+0x152/0x560 [ 12.983369] kunit_try_run_case+0x1a5/0x480 [ 12.983694] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.984144] kthread+0x337/0x6f0 [ 12.984431] ret_from_fork+0x116/0x1d0 [ 12.984563] ret_from_fork_asm+0x1a/0x30 [ 12.984704] [ 12.984800] Freed by task 9: [ 12.985141] kasan_save_stack+0x45/0x70 [ 12.985480] kasan_save_track+0x18/0x40 [ 12.985839] kasan_save_free_info+0x3f/0x60 [ 12.986399] __kasan_slab_free+0x56/0x70 [ 12.986732] kfree+0x222/0x3f0 [ 12.986852] workqueue_uaf_work+0x12/0x20 [ 12.987319] process_one_work+0x5ee/0xf60 [ 12.987682] worker_thread+0x758/0x1220 [ 12.987896] kthread+0x337/0x6f0 [ 12.988141] ret_from_fork+0x116/0x1d0 [ 12.988478] ret_from_fork_asm+0x1a/0x30 [ 12.988872] [ 12.989003] Last potentially related work creation: [ 12.989383] kasan_save_stack+0x45/0x70 [ 12.989617] kasan_record_aux_stack+0xb2/0xc0 [ 12.989774] __queue_work+0x626/0xeb0 [ 12.989906] queue_work_on+0xb6/0xc0 [ 12.990227] workqueue_uaf+0x26d/0x560 [ 12.990579] kunit_try_run_case+0x1a5/0x480 [ 12.990969] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.991490] kthread+0x337/0x6f0 [ 12.991789] ret_from_fork+0x116/0x1d0 [ 12.992234] ret_from_fork_asm+0x1a/0x30 [ 12.992615] [ 12.992767] The buggy address belongs to the object at ffff888102c62d80 [ 12.992767] which belongs to the cache kmalloc-32 of size 32 [ 12.993607] The buggy address is located 0 bytes inside of [ 12.993607] freed 32-byte region [ffff888102c62d80, ffff888102c62da0) [ 12.994604] [ 12.994785] The buggy address belongs to the physical page: [ 12.995339] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c62 [ 12.995874] flags: 0x200000000000000(node=0|zone=2) [ 12.996412] page_type: f5(slab) [ 12.996718] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.997091] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 12.997754] page dumped because: kasan: bad access detected [ 12.998178] [ 12.998495] Memory state around the buggy address: [ 12.998856] ffff888102c62c80: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 12.999156] ffff888102c62d00: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 12.999743] >ffff888102c62d80: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 13.000400] ^ [ 13.000688] ffff888102c62e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.000962] ffff888102c62e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.001243] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 12.916152] ================================================================== [ 12.916546] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 12.916830] Read of size 4 at addr ffff888102c62cc0 by task swapper/0/0 [ 12.918051] [ 12.918374] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.918453] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.918464] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.918484] Call Trace: [ 12.918523] <IRQ> [ 12.918541] dump_stack_lvl+0x73/0xb0 [ 12.918576] print_report+0xd1/0x650 [ 12.918598] ? __virt_addr_valid+0x1db/0x2d0 [ 12.918623] ? rcu_uaf_reclaim+0x50/0x60 [ 12.918642] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.918665] ? rcu_uaf_reclaim+0x50/0x60 [ 12.918686] kasan_report+0x141/0x180 [ 12.918707] ? rcu_uaf_reclaim+0x50/0x60 [ 12.918732] __asan_report_load4_noabort+0x18/0x20 [ 12.918757] rcu_uaf_reclaim+0x50/0x60 [ 12.918777] rcu_core+0x66f/0x1c40 [ 12.918806] ? __pfx_rcu_core+0x10/0x10 [ 12.918827] ? ktime_get+0x6b/0x150 [ 12.918848] ? handle_softirqs+0x18e/0x730 [ 12.918873] rcu_core_si+0x12/0x20 [ 12.918892] handle_softirqs+0x209/0x730 [ 12.918911] ? hrtimer_interrupt+0x2fe/0x780 [ 12.918945] ? __pfx_handle_softirqs+0x10/0x10 [ 12.918971] __irq_exit_rcu+0xc9/0x110 [ 12.918991] irq_exit_rcu+0x12/0x20 [ 12.919146] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.919180] </IRQ> [ 12.919210] <TASK> [ 12.919220] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 12.919312] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 12.919524] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d e3 81 21 00 fb f4 <c3> cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 12.919602] RSP: 0000:ffffffffba207dd8 EFLAGS: 00010212 [ 12.919687] RAX: ffff88819fa72000 RBX: ffffffffba21cac0 RCX: ffffffffb9074105 [ 12.919731] RDX: ffffed102b60618b RSI: 0000000000000004 RDI: 000000000001464c [ 12.919778] RBP: ffffffffba207de0 R08: 0000000000000001 R09: ffffed102b60618a [ 12.919819] R10: ffff88815b030c53 R11: 000000000000c000 R12: 0000000000000000 [ 12.919860] R13: fffffbfff7443958 R14: ffffffffbadb1490 R15: 0000000000000000 [ 12.919915] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 12.919966] ? default_idle+0xd/0x20 [ 12.919988] arch_cpu_idle+0xd/0x20 [ 12.920086] default_idle_call+0x48/0x80 [ 12.920109] do_idle+0x379/0x4f0 [ 12.920135] ? __pfx_do_idle+0x10/0x10 [ 12.920163] cpu_startup_entry+0x5c/0x70 [ 12.920183] rest_init+0x11a/0x140 [ 12.920200] ? acpi_subsystem_init+0x5d/0x150 [ 12.920225] start_kernel+0x330/0x410 [ 12.920250] x86_64_start_reservations+0x1c/0x30 [ 12.920275] x86_64_start_kernel+0x10d/0x120 [ 12.920299] common_startup_64+0x13e/0x148 [ 12.920331] </TASK> [ 12.920341] [ 12.940941] Allocated by task 215: [ 12.941385] kasan_save_stack+0x45/0x70 [ 12.941839] kasan_save_track+0x18/0x40 [ 12.941996] kasan_save_alloc_info+0x3b/0x50 [ 12.942597] __kasan_kmalloc+0xb7/0xc0 [ 12.943176] __kmalloc_cache_noprof+0x189/0x420 [ 12.943512] rcu_uaf+0xb0/0x330 [ 12.943642] kunit_try_run_case+0x1a5/0x480 [ 12.943981] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.944669] kthread+0x337/0x6f0 [ 12.945239] ret_from_fork+0x116/0x1d0 [ 12.945688] ret_from_fork_asm+0x1a/0x30 [ 12.945974] [ 12.946065] Freed by task 0: [ 12.946420] kasan_save_stack+0x45/0x70 [ 12.946725] kasan_save_track+0x18/0x40 [ 12.946894] kasan_save_free_info+0x3f/0x60 [ 12.947289] __kasan_slab_free+0x56/0x70 [ 12.947659] kfree+0x222/0x3f0 [ 12.947839] rcu_uaf_reclaim+0x1f/0x60 [ 12.948313] rcu_core+0x66f/0x1c40 [ 12.948481] rcu_core_si+0x12/0x20 [ 12.948663] handle_softirqs+0x209/0x730 [ 12.948846] __irq_exit_rcu+0xc9/0x110 [ 12.949382] irq_exit_rcu+0x12/0x20 [ 12.949547] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.949947] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 12.950421] [ 12.950543] Last potentially related work creation: [ 12.951018] kasan_save_stack+0x45/0x70 [ 12.951298] kasan_record_aux_stack+0xb2/0xc0 [ 12.951680] __call_rcu_common.constprop.0+0x7b/0x9e0 [ 12.952002] call_rcu+0x12/0x20 [ 12.952230] rcu_uaf+0x168/0x330 [ 12.952361] kunit_try_run_case+0x1a5/0x480 [ 12.952576] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.953184] kthread+0x337/0x6f0 [ 12.953360] ret_from_fork+0x116/0x1d0 [ 12.953515] ret_from_fork_asm+0x1a/0x30 [ 12.954081] [ 12.954321] The buggy address belongs to the object at ffff888102c62cc0 [ 12.954321] which belongs to the cache kmalloc-32 of size 32 [ 12.955202] The buggy address is located 0 bytes inside of [ 12.955202] freed 32-byte region [ffff888102c62cc0, ffff888102c62ce0) [ 12.955685] [ 12.956005] The buggy address belongs to the physical page: [ 12.956255] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c62 [ 12.956711] flags: 0x200000000000000(node=0|zone=2) [ 12.957354] page_type: f5(slab) [ 12.957774] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.958341] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 12.958579] page dumped because: kasan: bad access detected [ 12.958759] [ 12.959174] Memory state around the buggy address: [ 12.959598] ffff888102c62b80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.960393] ffff888102c62c00: 00 00 00 fc fc fc fc fc 00 00 05 fc fc fc fc fc [ 12.961154] >ffff888102c62c80: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 12.961899] ^ [ 12.962280] ffff888102c62d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.962514] ffff888102c62d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.962728] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 12.847593] ================================================================== [ 12.848197] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 12.848482] Read of size 1 at addr ffff8881029f2f00 by task kunit_try_catch/213 [ 12.848792] [ 12.848878] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.848931] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.848942] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.848961] Call Trace: [ 12.848972] <TASK> [ 12.848986] dump_stack_lvl+0x73/0xb0 [ 12.849015] print_report+0xd1/0x650 [ 12.849037] ? __virt_addr_valid+0x1db/0x2d0 [ 12.849060] ? ksize_uaf+0x5fe/0x6c0 [ 12.849079] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.849102] ? ksize_uaf+0x5fe/0x6c0 [ 12.849123] kasan_report+0x141/0x180 [ 12.849145] ? ksize_uaf+0x5fe/0x6c0 [ 12.849171] __asan_report_load1_noabort+0x18/0x20 [ 12.849195] ksize_uaf+0x5fe/0x6c0 [ 12.849215] ? __pfx_ksize_uaf+0x10/0x10 [ 12.849239] ? __pfx_ksize_uaf+0x10/0x10 [ 12.849266] kunit_try_run_case+0x1a5/0x480 [ 12.849292] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.849315] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.849339] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.849362] ? __kthread_parkme+0x82/0x180 [ 12.849383] ? preempt_count_sub+0x50/0x80 [ 12.849408] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.849432] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.849456] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.849480] kthread+0x337/0x6f0 [ 12.849518] ? trace_preempt_on+0x20/0xc0 [ 12.849541] ? __pfx_kthread+0x10/0x10 [ 12.849561] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.849581] ? calculate_sigpending+0x7b/0xa0 [ 12.849606] ? __pfx_kthread+0x10/0x10 [ 12.849627] ret_from_fork+0x116/0x1d0 [ 12.849646] ? __pfx_kthread+0x10/0x10 [ 12.849666] ret_from_fork_asm+0x1a/0x30 [ 12.849699] </TASK> [ 12.849708] [ 12.856567] Allocated by task 213: [ 12.856698] kasan_save_stack+0x45/0x70 [ 12.857129] kasan_save_track+0x18/0x40 [ 12.857336] kasan_save_alloc_info+0x3b/0x50 [ 12.857554] __kasan_kmalloc+0xb7/0xc0 [ 12.857759] __kmalloc_cache_noprof+0x189/0x420 [ 12.857992] ksize_uaf+0xaa/0x6c0 [ 12.858190] kunit_try_run_case+0x1a5/0x480 [ 12.858352] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.858535] kthread+0x337/0x6f0 [ 12.858654] ret_from_fork+0x116/0x1d0 [ 12.858929] ret_from_fork_asm+0x1a/0x30 [ 12.859195] [ 12.859342] Freed by task 213: [ 12.859604] kasan_save_stack+0x45/0x70 [ 12.859825] kasan_save_track+0x18/0x40 [ 12.859974] kasan_save_free_info+0x3f/0x60 [ 12.860492] __kasan_slab_free+0x56/0x70 [ 12.860656] kfree+0x222/0x3f0 [ 12.860773] ksize_uaf+0x12c/0x6c0 [ 12.860896] kunit_try_run_case+0x1a5/0x480 [ 12.861201] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.861453] kthread+0x337/0x6f0 [ 12.861622] ret_from_fork+0x116/0x1d0 [ 12.862069] ret_from_fork_asm+0x1a/0x30 [ 12.862279] [ 12.862373] The buggy address belongs to the object at ffff8881029f2f00 [ 12.862373] which belongs to the cache kmalloc-128 of size 128 [ 12.863469] The buggy address is located 0 bytes inside of [ 12.863469] freed 128-byte region [ffff8881029f2f00, ffff8881029f2f80) [ 12.864903] [ 12.865375] The buggy address belongs to the physical page: [ 12.865878] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f2 [ 12.866144] flags: 0x200000000000000(node=0|zone=2) [ 12.866307] page_type: f5(slab) [ 12.866430] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.866663] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.866888] page dumped because: kasan: bad access detected [ 12.867344] [ 12.867531] Memory state around the buggy address: [ 12.867983] ffff8881029f2e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.868666] ffff8881029f2e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.869601] >ffff8881029f2f00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.870448] ^ [ 12.870901] ffff8881029f2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.871723] ffff8881029f3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.872548] ================================================================== [ 12.827326] ================================================================== [ 12.827800] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 12.828125] Read of size 1 at addr ffff8881029f2f00 by task kunit_try_catch/213 [ 12.828443] [ 12.828545] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.828588] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.828600] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.828618] Call Trace: [ 12.828630] <TASK> [ 12.828644] dump_stack_lvl+0x73/0xb0 [ 12.828673] print_report+0xd1/0x650 [ 12.828696] ? __virt_addr_valid+0x1db/0x2d0 [ 12.828719] ? ksize_uaf+0x19d/0x6c0 [ 12.828738] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.828912] ? ksize_uaf+0x19d/0x6c0 [ 12.828959] kasan_report+0x141/0x180 [ 12.828983] ? ksize_uaf+0x19d/0x6c0 [ 12.829008] ? ksize_uaf+0x19d/0x6c0 [ 12.829077] __kasan_check_byte+0x3d/0x50 [ 12.829100] ksize+0x20/0x60 [ 12.829121] ksize_uaf+0x19d/0x6c0 [ 12.829141] ? __pfx_ksize_uaf+0x10/0x10 [ 12.829164] ? __pfx_ksize_uaf+0x10/0x10 [ 12.829189] kunit_try_run_case+0x1a5/0x480 [ 12.829213] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.829236] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.829260] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.829283] ? __kthread_parkme+0x82/0x180 [ 12.829303] ? preempt_count_sub+0x50/0x80 [ 12.829327] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.829352] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.829376] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.829401] kthread+0x337/0x6f0 [ 12.829419] ? trace_preempt_on+0x20/0xc0 [ 12.829442] ? __pfx_kthread+0x10/0x10 [ 12.829462] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.829483] ? calculate_sigpending+0x7b/0xa0 [ 12.829507] ? __pfx_kthread+0x10/0x10 [ 12.829528] ret_from_fork+0x116/0x1d0 [ 12.829546] ? __pfx_kthread+0x10/0x10 [ 12.829566] ret_from_fork_asm+0x1a/0x30 [ 12.829598] </TASK> [ 12.829608] [ 12.836628] Allocated by task 213: [ 12.836787] kasan_save_stack+0x45/0x70 [ 12.836974] kasan_save_track+0x18/0x40 [ 12.837178] kasan_save_alloc_info+0x3b/0x50 [ 12.837338] __kasan_kmalloc+0xb7/0xc0 [ 12.837469] __kmalloc_cache_noprof+0x189/0x420 [ 12.837625] ksize_uaf+0xaa/0x6c0 [ 12.837818] kunit_try_run_case+0x1a5/0x480 [ 12.838042] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.838358] kthread+0x337/0x6f0 [ 12.838538] ret_from_fork+0x116/0x1d0 [ 12.838723] ret_from_fork_asm+0x1a/0x30 [ 12.839055] [ 12.839140] Freed by task 213: [ 12.839252] kasan_save_stack+0x45/0x70 [ 12.839387] kasan_save_track+0x18/0x40 [ 12.839522] kasan_save_free_info+0x3f/0x60 [ 12.839728] __kasan_slab_free+0x56/0x70 [ 12.840243] kfree+0x222/0x3f0 [ 12.840423] ksize_uaf+0x12c/0x6c0 [ 12.840580] kunit_try_run_case+0x1a5/0x480 [ 12.840745] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.841029] kthread+0x337/0x6f0 [ 12.841187] ret_from_fork+0x116/0x1d0 [ 12.841353] ret_from_fork_asm+0x1a/0x30 [ 12.841506] [ 12.841602] The buggy address belongs to the object at ffff8881029f2f00 [ 12.841602] which belongs to the cache kmalloc-128 of size 128 [ 12.842086] The buggy address is located 0 bytes inside of [ 12.842086] freed 128-byte region [ffff8881029f2f00, ffff8881029f2f80) [ 12.842430] [ 12.842504] The buggy address belongs to the physical page: [ 12.842754] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f2 [ 12.843127] flags: 0x200000000000000(node=0|zone=2) [ 12.843358] page_type: f5(slab) [ 12.843691] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.844163] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.844397] page dumped because: kasan: bad access detected [ 12.844566] [ 12.844634] Memory state around the buggy address: [ 12.845131] ffff8881029f2e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.845459] ffff8881029f2e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.845779] >ffff8881029f2f00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.846112] ^ [ 12.846262] ffff8881029f2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.846516] ffff8881029f3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.846730] ================================================================== [ 12.873442] ================================================================== [ 12.874470] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 12.874689] Read of size 1 at addr ffff8881029f2f78 by task kunit_try_catch/213 [ 12.875546] [ 12.875844] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.875887] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.875899] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.876017] Call Trace: [ 12.876034] <TASK> [ 12.876048] dump_stack_lvl+0x73/0xb0 [ 12.876078] print_report+0xd1/0x650 [ 12.876099] ? __virt_addr_valid+0x1db/0x2d0 [ 12.876121] ? ksize_uaf+0x5e4/0x6c0 [ 12.876141] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.876164] ? ksize_uaf+0x5e4/0x6c0 [ 12.876184] kasan_report+0x141/0x180 [ 12.876205] ? ksize_uaf+0x5e4/0x6c0 [ 12.876230] __asan_report_load1_noabort+0x18/0x20 [ 12.876254] ksize_uaf+0x5e4/0x6c0 [ 12.876274] ? __pfx_ksize_uaf+0x10/0x10 [ 12.876297] ? __pfx_ksize_uaf+0x10/0x10 [ 12.876322] kunit_try_run_case+0x1a5/0x480 [ 12.876345] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.876367] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.876390] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.876413] ? __kthread_parkme+0x82/0x180 [ 12.876433] ? preempt_count_sub+0x50/0x80 [ 12.876456] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.876479] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.876504] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.876528] kthread+0x337/0x6f0 [ 12.876547] ? trace_preempt_on+0x20/0xc0 [ 12.876569] ? __pfx_kthread+0x10/0x10 [ 12.876589] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.876610] ? calculate_sigpending+0x7b/0xa0 [ 12.876633] ? __pfx_kthread+0x10/0x10 [ 12.876654] ret_from_fork+0x116/0x1d0 [ 12.876673] ? __pfx_kthread+0x10/0x10 [ 12.876692] ret_from_fork_asm+0x1a/0x30 [ 12.876724] </TASK> [ 12.876733] [ 12.887445] Allocated by task 213: [ 12.887620] kasan_save_stack+0x45/0x70 [ 12.888114] kasan_save_track+0x18/0x40 [ 12.888357] kasan_save_alloc_info+0x3b/0x50 [ 12.888646] __kasan_kmalloc+0xb7/0xc0 [ 12.888976] __kmalloc_cache_noprof+0x189/0x420 [ 12.889284] ksize_uaf+0xaa/0x6c0 [ 12.889453] kunit_try_run_case+0x1a5/0x480 [ 12.889649] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.890146] kthread+0x337/0x6f0 [ 12.890558] ret_from_fork+0x116/0x1d0 [ 12.890874] ret_from_fork_asm+0x1a/0x30 [ 12.891402] [ 12.891503] Freed by task 213: [ 12.891653] kasan_save_stack+0x45/0x70 [ 12.892057] kasan_save_track+0x18/0x40 [ 12.892505] kasan_save_free_info+0x3f/0x60 [ 12.892876] __kasan_slab_free+0x56/0x70 [ 12.893461] kfree+0x222/0x3f0 [ 12.893687] ksize_uaf+0x12c/0x6c0 [ 12.893994] kunit_try_run_case+0x1a5/0x480 [ 12.894348] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.894584] kthread+0x337/0x6f0 [ 12.894744] ret_from_fork+0x116/0x1d0 [ 12.895233] ret_from_fork_asm+0x1a/0x30 [ 12.895547] [ 12.895773] The buggy address belongs to the object at ffff8881029f2f00 [ 12.895773] which belongs to the cache kmalloc-128 of size 128 [ 12.896412] The buggy address is located 120 bytes inside of [ 12.896412] freed 128-byte region [ffff8881029f2f00, ffff8881029f2f80) [ 12.897279] [ 12.897379] The buggy address belongs to the physical page: [ 12.897836] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f2 [ 12.898398] flags: 0x200000000000000(node=0|zone=2) [ 12.898628] page_type: f5(slab) [ 12.899033] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.899542] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.900341] page dumped because: kasan: bad access detected [ 12.900566] [ 12.900650] Memory state around the buggy address: [ 12.901090] ffff8881029f2e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.901726] ffff8881029f2e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.902278] >ffff8881029f2f00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.902725] ^ [ 12.903192] ffff8881029f2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.903628] ffff8881029f3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.904168] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 12.803538] ================================================================== [ 12.803838] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.804327] Read of size 1 at addr ffff8881029f2e7f by task kunit_try_catch/211 [ 12.804542] [ 12.804622] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.804677] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.804688] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.804707] Call Trace: [ 12.804719] <TASK> [ 12.804732] dump_stack_lvl+0x73/0xb0 [ 12.804760] print_report+0xd1/0x650 [ 12.804783] ? __virt_addr_valid+0x1db/0x2d0 [ 12.804806] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.804828] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.804852] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.804876] kasan_report+0x141/0x180 [ 12.804897] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.804935] __asan_report_load1_noabort+0x18/0x20 [ 12.804960] ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.804984] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.805007] ? finish_task_switch.isra.0+0x153/0x700 [ 12.805029] ? __switch_to+0x47/0xf50 [ 12.805054] ? __schedule+0x10cc/0x2b60 [ 12.805076] ? __pfx_read_tsc+0x10/0x10 [ 12.805097] ? ktime_get_ts64+0x86/0x230 [ 12.805121] kunit_try_run_case+0x1a5/0x480 [ 12.805145] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.805168] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.805193] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.805217] ? __kthread_parkme+0x82/0x180 [ 12.805236] ? preempt_count_sub+0x50/0x80 [ 12.805260] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.805284] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.805308] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.805332] kthread+0x337/0x6f0 [ 12.805350] ? trace_preempt_on+0x20/0xc0 [ 12.805374] ? __pfx_kthread+0x10/0x10 [ 12.805394] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.805415] ? calculate_sigpending+0x7b/0xa0 [ 12.805439] ? __pfx_kthread+0x10/0x10 [ 12.805460] ret_from_fork+0x116/0x1d0 [ 12.805478] ? __pfx_kthread+0x10/0x10 [ 12.805498] ret_from_fork_asm+0x1a/0x30 [ 12.805531] </TASK> [ 12.805540] [ 12.813181] Allocated by task 211: [ 12.813520] kasan_save_stack+0x45/0x70 [ 12.813671] kasan_save_track+0x18/0x40 [ 12.813902] kasan_save_alloc_info+0x3b/0x50 [ 12.814229] __kasan_kmalloc+0xb7/0xc0 [ 12.814389] __kmalloc_cache_noprof+0x189/0x420 [ 12.814556] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.814711] kunit_try_run_case+0x1a5/0x480 [ 12.814857] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.815069] kthread+0x337/0x6f0 [ 12.815237] ret_from_fork+0x116/0x1d0 [ 12.815423] ret_from_fork_asm+0x1a/0x30 [ 12.815661] [ 12.815769] The buggy address belongs to the object at ffff8881029f2e00 [ 12.815769] which belongs to the cache kmalloc-128 of size 128 [ 12.816659] The buggy address is located 12 bytes to the right of [ 12.816659] allocated 115-byte region [ffff8881029f2e00, ffff8881029f2e73) [ 12.818690] [ 12.818796] The buggy address belongs to the physical page: [ 12.819428] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f2 [ 12.819679] flags: 0x200000000000000(node=0|zone=2) [ 12.819887] page_type: f5(slab) [ 12.820164] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.820509] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.820853] page dumped because: kasan: bad access detected [ 12.821152] [ 12.821238] Memory state around the buggy address: [ 12.821446] ffff8881029f2d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.821675] ffff8881029f2d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.822002] >ffff8881029f2e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.822310] ^ [ 12.822544] ffff8881029f2e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.822984] ffff8881029f2f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.823284] ================================================================== [ 12.751937] ================================================================== [ 12.752959] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 12.753566] Read of size 1 at addr ffff8881029f2e73 by task kunit_try_catch/211 [ 12.754080] [ 12.754448] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.754508] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.754520] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.754577] Call Trace: [ 12.754592] <TASK> [ 12.754611] dump_stack_lvl+0x73/0xb0 [ 12.754646] print_report+0xd1/0x650 [ 12.754669] ? __virt_addr_valid+0x1db/0x2d0 [ 12.754694] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.754717] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.754740] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.754781] kasan_report+0x141/0x180 [ 12.754803] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.754832] __asan_report_load1_noabort+0x18/0x20 [ 12.754857] ksize_unpoisons_memory+0x81c/0x9b0 [ 12.754880] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.754903] ? finish_task_switch.isra.0+0x153/0x700 [ 12.754939] ? __switch_to+0x47/0xf50 [ 12.754966] ? __schedule+0x10cc/0x2b60 [ 12.754989] ? __pfx_read_tsc+0x10/0x10 [ 12.755020] ? ktime_get_ts64+0x86/0x230 [ 12.755046] kunit_try_run_case+0x1a5/0x480 [ 12.755071] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.755094] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.755118] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.755141] ? __kthread_parkme+0x82/0x180 [ 12.755163] ? preempt_count_sub+0x50/0x80 [ 12.755186] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.755210] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.755235] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.755259] kthread+0x337/0x6f0 [ 12.755278] ? trace_preempt_on+0x20/0xc0 [ 12.755301] ? __pfx_kthread+0x10/0x10 [ 12.755321] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.755343] ? calculate_sigpending+0x7b/0xa0 [ 12.755367] ? __pfx_kthread+0x10/0x10 [ 12.755389] ret_from_fork+0x116/0x1d0 [ 12.755406] ? __pfx_kthread+0x10/0x10 [ 12.755427] ret_from_fork_asm+0x1a/0x30 [ 12.755459] </TASK> [ 12.755471] [ 12.764989] Allocated by task 211: [ 12.765194] kasan_save_stack+0x45/0x70 [ 12.765375] kasan_save_track+0x18/0x40 [ 12.765514] kasan_save_alloc_info+0x3b/0x50 [ 12.765664] __kasan_kmalloc+0xb7/0xc0 [ 12.765798] __kmalloc_cache_noprof+0x189/0x420 [ 12.766029] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.766381] kunit_try_run_case+0x1a5/0x480 [ 12.766544] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.766721] kthread+0x337/0x6f0 [ 12.766985] ret_from_fork+0x116/0x1d0 [ 12.767348] ret_from_fork_asm+0x1a/0x30 [ 12.767550] [ 12.767632] The buggy address belongs to the object at ffff8881029f2e00 [ 12.767632] which belongs to the cache kmalloc-128 of size 128 [ 12.768148] The buggy address is located 0 bytes to the right of [ 12.768148] allocated 115-byte region [ffff8881029f2e00, ffff8881029f2e73) [ 12.768667] [ 12.768739] The buggy address belongs to the physical page: [ 12.768911] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f2 [ 12.769261] flags: 0x200000000000000(node=0|zone=2) [ 12.769498] page_type: f5(slab) [ 12.769637] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.769867] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.770103] page dumped because: kasan: bad access detected [ 12.770274] [ 12.770377] Memory state around the buggy address: [ 12.770627] ffff8881029f2d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.771022] ffff8881029f2d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.771238] >ffff8881029f2e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.771448] ^ [ 12.771650] ffff8881029f2e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.771860] ffff8881029f2f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.772155] ================================================================== [ 12.772649] ================================================================== [ 12.772885] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.773778] Read of size 1 at addr ffff8881029f2e78 by task kunit_try_catch/211 [ 12.774122] [ 12.774289] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.774331] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.774342] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.774360] Call Trace: [ 12.774375] <TASK> [ 12.774389] dump_stack_lvl+0x73/0xb0 [ 12.774417] print_report+0xd1/0x650 [ 12.774438] ? __virt_addr_valid+0x1db/0x2d0 [ 12.774461] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.774484] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.774513] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.774536] kasan_report+0x141/0x180 [ 12.774558] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.774586] __asan_report_load1_noabort+0x18/0x20 [ 12.774611] ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.774635] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.774658] ? finish_task_switch.isra.0+0x153/0x700 [ 12.774680] ? __switch_to+0x47/0xf50 [ 12.774704] ? __schedule+0x10cc/0x2b60 [ 12.774726] ? __pfx_read_tsc+0x10/0x10 [ 12.774764] ? ktime_get_ts64+0x86/0x230 [ 12.774788] kunit_try_run_case+0x1a5/0x480 [ 12.774811] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.776377] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.776427] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.776453] ? __kthread_parkme+0x82/0x180 [ 12.776474] ? preempt_count_sub+0x50/0x80 [ 12.776498] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.776524] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.776550] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.776576] kthread+0x337/0x6f0 [ 12.776595] ? trace_preempt_on+0x20/0xc0 [ 12.776618] ? __pfx_kthread+0x10/0x10 [ 12.776639] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.776660] ? calculate_sigpending+0x7b/0xa0 [ 12.776684] ? __pfx_kthread+0x10/0x10 [ 12.776705] ret_from_fork+0x116/0x1d0 [ 12.776724] ? __pfx_kthread+0x10/0x10 [ 12.776744] ret_from_fork_asm+0x1a/0x30 [ 12.776967] </TASK> [ 12.776977] [ 12.789524] Allocated by task 211: [ 12.789653] kasan_save_stack+0x45/0x70 [ 12.789850] kasan_save_track+0x18/0x40 [ 12.790651] kasan_save_alloc_info+0x3b/0x50 [ 12.791164] __kasan_kmalloc+0xb7/0xc0 [ 12.791513] __kmalloc_cache_noprof+0x189/0x420 [ 12.791938] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.792503] kunit_try_run_case+0x1a5/0x480 [ 12.792890] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.793440] kthread+0x337/0x6f0 [ 12.793650] ret_from_fork+0x116/0x1d0 [ 12.793811] ret_from_fork_asm+0x1a/0x30 [ 12.794239] [ 12.794404] The buggy address belongs to the object at ffff8881029f2e00 [ 12.794404] which belongs to the cache kmalloc-128 of size 128 [ 12.795060] The buggy address is located 5 bytes to the right of [ 12.795060] allocated 115-byte region [ffff8881029f2e00, ffff8881029f2e73) [ 12.796166] [ 12.796362] The buggy address belongs to the physical page: [ 12.796611] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f2 [ 12.796998] flags: 0x200000000000000(node=0|zone=2) [ 12.797491] page_type: f5(slab) [ 12.798006] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.798708] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.799321] page dumped because: kasan: bad access detected [ 12.799744] [ 12.799815] Memory state around the buggy address: [ 12.799981] ffff8881029f2d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.800610] ffff8881029f2d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.801432] >ffff8881029f2e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.801991] ^ [ 12.802587] ffff8881029f2e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.802822] ffff8881029f2f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.803117] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 12.711611] ================================================================== [ 12.712573] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 12.713043] Free of addr ffff888100a6e1a0 by task kunit_try_catch/209 [ 12.713512] [ 12.713753] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.713793] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.713813] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.713832] Call Trace: [ 12.713843] <TASK> [ 12.713857] dump_stack_lvl+0x73/0xb0 [ 12.713897] print_report+0xd1/0x650 [ 12.713935] ? __virt_addr_valid+0x1db/0x2d0 [ 12.713961] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.713997] ? kfree_sensitive+0x2e/0x90 [ 12.714018] kasan_report_invalid_free+0x10a/0x130 [ 12.714044] ? kfree_sensitive+0x2e/0x90 [ 12.714065] ? kfree_sensitive+0x2e/0x90 [ 12.714085] check_slab_allocation+0x101/0x130 [ 12.714107] __kasan_slab_pre_free+0x28/0x40 [ 12.714128] kfree+0xf0/0x3f0 [ 12.714157] ? kfree_sensitive+0x2e/0x90 [ 12.714179] kfree_sensitive+0x2e/0x90 [ 12.714199] kmalloc_double_kzfree+0x19c/0x350 [ 12.714243] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 12.714268] ? __schedule+0x10cc/0x2b60 [ 12.714289] ? __pfx_read_tsc+0x10/0x10 [ 12.714309] ? ktime_get_ts64+0x86/0x230 [ 12.714333] kunit_try_run_case+0x1a5/0x480 [ 12.714356] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.714379] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.714403] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.714426] ? __kthread_parkme+0x82/0x180 [ 12.714455] ? preempt_count_sub+0x50/0x80 [ 12.714478] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.714519] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.714543] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.714568] kthread+0x337/0x6f0 [ 12.714586] ? trace_preempt_on+0x20/0xc0 [ 12.714609] ? __pfx_kthread+0x10/0x10 [ 12.714629] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.714651] ? calculate_sigpending+0x7b/0xa0 [ 12.714674] ? __pfx_kthread+0x10/0x10 [ 12.714695] ret_from_fork+0x116/0x1d0 [ 12.714714] ? __pfx_kthread+0x10/0x10 [ 12.714734] ret_from_fork_asm+0x1a/0x30 [ 12.714776] </TASK> [ 12.714785] [ 12.728397] Allocated by task 209: [ 12.728773] kasan_save_stack+0x45/0x70 [ 12.729214] kasan_save_track+0x18/0x40 [ 12.729653] kasan_save_alloc_info+0x3b/0x50 [ 12.730134] __kasan_kmalloc+0xb7/0xc0 [ 12.730549] __kmalloc_cache_noprof+0x189/0x420 [ 12.731006] kmalloc_double_kzfree+0xa9/0x350 [ 12.731225] kunit_try_run_case+0x1a5/0x480 [ 12.731636] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.732116] kthread+0x337/0x6f0 [ 12.732500] ret_from_fork+0x116/0x1d0 [ 12.732659] ret_from_fork_asm+0x1a/0x30 [ 12.732799] [ 12.733008] Freed by task 209: [ 12.733331] kasan_save_stack+0x45/0x70 [ 12.733722] kasan_save_track+0x18/0x40 [ 12.734141] kasan_save_free_info+0x3f/0x60 [ 12.734619] __kasan_slab_free+0x56/0x70 [ 12.735052] kfree+0x222/0x3f0 [ 12.735384] kfree_sensitive+0x67/0x90 [ 12.735729] kmalloc_double_kzfree+0x12b/0x350 [ 12.736085] kunit_try_run_case+0x1a5/0x480 [ 12.736267] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.736755] kthread+0x337/0x6f0 [ 12.737091] ret_from_fork+0x116/0x1d0 [ 12.737516] ret_from_fork_asm+0x1a/0x30 [ 12.738004] [ 12.738189] The buggy address belongs to the object at ffff888100a6e1a0 [ 12.738189] which belongs to the cache kmalloc-16 of size 16 [ 12.738617] The buggy address is located 0 bytes inside of [ 12.738617] 16-byte region [ffff888100a6e1a0, ffff888100a6e1b0) [ 12.739595] [ 12.739789] The buggy address belongs to the physical page: [ 12.740387] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a6e [ 12.741186] flags: 0x200000000000000(node=0|zone=2) [ 12.741711] page_type: f5(slab) [ 12.742082] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.742405] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.743154] page dumped because: kasan: bad access detected [ 12.743687] [ 12.743849] Memory state around the buggy address: [ 12.744392] ffff888100a6e080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.744637] ffff888100a6e100: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.745154] >ffff888100a6e180: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 12.745794] ^ [ 12.746208] ffff888100a6e200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.746993] ffff888100a6e280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.747470] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 12.672238] ================================================================== [ 12.673892] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 12.674158] Read of size 1 at addr ffff888100a6e1a0 by task kunit_try_catch/209 [ 12.674381] [ 12.674480] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.674531] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.674543] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.674563] Call Trace: [ 12.674576] <TASK> [ 12.674593] dump_stack_lvl+0x73/0xb0 [ 12.674623] print_report+0xd1/0x650 [ 12.674644] ? __virt_addr_valid+0x1db/0x2d0 [ 12.674667] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.674690] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.674714] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.674738] kasan_report+0x141/0x180 [ 12.674759] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.674785] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.674808] __kasan_check_byte+0x3d/0x50 [ 12.674830] kfree_sensitive+0x22/0x90 [ 12.674853] kmalloc_double_kzfree+0x19c/0x350 [ 12.674876] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 12.674901] ? __schedule+0x10cc/0x2b60 [ 12.674939] ? __pfx_read_tsc+0x10/0x10 [ 12.674960] ? ktime_get_ts64+0x86/0x230 [ 12.674984] kunit_try_run_case+0x1a5/0x480 [ 12.675008] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.675032] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.675187] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.675341] ? __kthread_parkme+0x82/0x180 [ 12.675364] ? preempt_count_sub+0x50/0x80 [ 12.675388] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.675413] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.675438] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.675462] kthread+0x337/0x6f0 [ 12.675481] ? trace_preempt_on+0x20/0xc0 [ 12.675505] ? __pfx_kthread+0x10/0x10 [ 12.675526] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.675547] ? calculate_sigpending+0x7b/0xa0 [ 12.675571] ? __pfx_kthread+0x10/0x10 [ 12.675592] ret_from_fork+0x116/0x1d0 [ 12.675610] ? __pfx_kthread+0x10/0x10 [ 12.675630] ret_from_fork_asm+0x1a/0x30 [ 12.675661] </TASK> [ 12.675672] [ 12.692160] Allocated by task 209: [ 12.692514] kasan_save_stack+0x45/0x70 [ 12.692788] kasan_save_track+0x18/0x40 [ 12.692936] kasan_save_alloc_info+0x3b/0x50 [ 12.693242] __kasan_kmalloc+0xb7/0xc0 [ 12.693703] __kmalloc_cache_noprof+0x189/0x420 [ 12.694172] kmalloc_double_kzfree+0xa9/0x350 [ 12.694617] kunit_try_run_case+0x1a5/0x480 [ 12.695090] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.695604] kthread+0x337/0x6f0 [ 12.695724] ret_from_fork+0x116/0x1d0 [ 12.696095] ret_from_fork_asm+0x1a/0x30 [ 12.696531] [ 12.696712] Freed by task 209: [ 12.697073] kasan_save_stack+0x45/0x70 [ 12.697476] kasan_save_track+0x18/0x40 [ 12.697648] kasan_save_free_info+0x3f/0x60 [ 12.698142] __kasan_slab_free+0x56/0x70 [ 12.698482] kfree+0x222/0x3f0 [ 12.698772] kfree_sensitive+0x67/0x90 [ 12.699160] kmalloc_double_kzfree+0x12b/0x350 [ 12.699684] kunit_try_run_case+0x1a5/0x480 [ 12.700026] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.700561] kthread+0x337/0x6f0 [ 12.700821] ret_from_fork+0x116/0x1d0 [ 12.701216] ret_from_fork_asm+0x1a/0x30 [ 12.701357] [ 12.701427] The buggy address belongs to the object at ffff888100a6e1a0 [ 12.701427] which belongs to the cache kmalloc-16 of size 16 [ 12.701801] The buggy address is located 0 bytes inside of [ 12.701801] freed 16-byte region [ffff888100a6e1a0, ffff888100a6e1b0) [ 12.702951] [ 12.703133] The buggy address belongs to the physical page: [ 12.703632] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a6e [ 12.704467] flags: 0x200000000000000(node=0|zone=2) [ 12.704952] page_type: f5(slab) [ 12.705305] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.706048] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.706712] page dumped because: kasan: bad access detected [ 12.706937] [ 12.707005] Memory state around the buggy address: [ 12.707409] ffff888100a6e080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.708095] ffff888100a6e100: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.708709] >ffff888100a6e180: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 12.709415] ^ [ 12.709563] ffff888100a6e200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.709818] ffff888100a6e280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.710559] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 12.638107] ================================================================== [ 12.638491] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 12.638800] Read of size 1 at addr ffff888102c61ea8 by task kunit_try_catch/205 [ 12.639157] [ 12.639242] CPU: 0 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.639281] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.639292] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.639310] Call Trace: [ 12.639321] <TASK> [ 12.639334] dump_stack_lvl+0x73/0xb0 [ 12.639363] print_report+0xd1/0x650 [ 12.639385] ? __virt_addr_valid+0x1db/0x2d0 [ 12.639408] ? kmalloc_uaf2+0x4a8/0x520 [ 12.639427] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.639451] ? kmalloc_uaf2+0x4a8/0x520 [ 12.639481] kasan_report+0x141/0x180 [ 12.639503] ? kmalloc_uaf2+0x4a8/0x520 [ 12.639528] __asan_report_load1_noabort+0x18/0x20 [ 12.639554] kmalloc_uaf2+0x4a8/0x520 [ 12.639573] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 12.639593] ? finish_task_switch.isra.0+0x153/0x700 [ 12.639615] ? __switch_to+0x47/0xf50 [ 12.639642] ? __schedule+0x10cc/0x2b60 [ 12.639663] ? __pfx_read_tsc+0x10/0x10 [ 12.639684] ? ktime_get_ts64+0x86/0x230 [ 12.639709] kunit_try_run_case+0x1a5/0x480 [ 12.639734] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.639771] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.639798] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.639823] ? __kthread_parkme+0x82/0x180 [ 12.639842] ? preempt_count_sub+0x50/0x80 [ 12.639865] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.639889] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.639913] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.639949] kthread+0x337/0x6f0 [ 12.639967] ? trace_preempt_on+0x20/0xc0 [ 12.639991] ? __pfx_kthread+0x10/0x10 [ 12.640012] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.640041] ? calculate_sigpending+0x7b/0xa0 [ 12.640066] ? __pfx_kthread+0x10/0x10 [ 12.640096] ret_from_fork+0x116/0x1d0 [ 12.640114] ? __pfx_kthread+0x10/0x10 [ 12.640135] ret_from_fork_asm+0x1a/0x30 [ 12.640167] </TASK> [ 12.640176] [ 12.648146] Allocated by task 205: [ 12.648319] kasan_save_stack+0x45/0x70 [ 12.648496] kasan_save_track+0x18/0x40 [ 12.648683] kasan_save_alloc_info+0x3b/0x50 [ 12.648943] __kasan_kmalloc+0xb7/0xc0 [ 12.649169] __kmalloc_cache_noprof+0x189/0x420 [ 12.649334] kmalloc_uaf2+0xc6/0x520 [ 12.649464] kunit_try_run_case+0x1a5/0x480 [ 12.649629] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.650007] kthread+0x337/0x6f0 [ 12.650179] ret_from_fork+0x116/0x1d0 [ 12.650499] ret_from_fork_asm+0x1a/0x30 [ 12.650955] [ 12.651031] Freed by task 205: [ 12.651143] kasan_save_stack+0x45/0x70 [ 12.651281] kasan_save_track+0x18/0x40 [ 12.651417] kasan_save_free_info+0x3f/0x60 [ 12.651894] __kasan_slab_free+0x56/0x70 [ 12.652352] kfree+0x222/0x3f0 [ 12.652518] kmalloc_uaf2+0x14c/0x520 [ 12.652697] kunit_try_run_case+0x1a5/0x480 [ 12.652952] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.653319] kthread+0x337/0x6f0 [ 12.653443] ret_from_fork+0x116/0x1d0 [ 12.653575] ret_from_fork_asm+0x1a/0x30 [ 12.653713] [ 12.653860] The buggy address belongs to the object at ffff888102c61e80 [ 12.653860] which belongs to the cache kmalloc-64 of size 64 [ 12.654884] The buggy address is located 40 bytes inside of [ 12.654884] freed 64-byte region [ffff888102c61e80, ffff888102c61ec0) [ 12.655328] [ 12.655400] The buggy address belongs to the physical page: [ 12.655569] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c61 [ 12.655912] flags: 0x200000000000000(node=0|zone=2) [ 12.656165] page_type: f5(slab) [ 12.656340] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.656681] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.658643] page dumped because: kasan: bad access detected [ 12.659028] [ 12.659120] Memory state around the buggy address: [ 12.660084] ffff888102c61d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.661214] ffff888102c61e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.662179] >ffff888102c61e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.662464] ^ [ 12.662653] ffff888102c61f00: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 12.664206] ffff888102c61f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.665215] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 12.615484] ================================================================== [ 12.616429] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 12.616764] Write of size 33 at addr ffff8881029fe880 by task kunit_try_catch/203 [ 12.617104] [ 12.617267] CPU: 1 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.617308] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.617319] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.617338] Call Trace: [ 12.617349] <TASK> [ 12.617363] dump_stack_lvl+0x73/0xb0 [ 12.617390] print_report+0xd1/0x650 [ 12.617412] ? __virt_addr_valid+0x1db/0x2d0 [ 12.617434] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.617454] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.617477] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.617498] kasan_report+0x141/0x180 [ 12.617520] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.617546] kasan_check_range+0x10c/0x1c0 [ 12.617569] __asan_memset+0x27/0x50 [ 12.617588] kmalloc_uaf_memset+0x1a3/0x360 [ 12.617609] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 12.617632] ? __schedule+0x10cc/0x2b60 [ 12.617653] ? __pfx_read_tsc+0x10/0x10 [ 12.617673] ? ktime_get_ts64+0x86/0x230 [ 12.617697] kunit_try_run_case+0x1a5/0x480 [ 12.617720] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.617742] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.617819] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.617843] ? __kthread_parkme+0x82/0x180 [ 12.617863] ? preempt_count_sub+0x50/0x80 [ 12.617887] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.617911] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.617946] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.617970] kthread+0x337/0x6f0 [ 12.617989] ? trace_preempt_on+0x20/0xc0 [ 12.618012] ? __pfx_kthread+0x10/0x10 [ 12.618032] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.618053] ? calculate_sigpending+0x7b/0xa0 [ 12.618076] ? __pfx_kthread+0x10/0x10 [ 12.618097] ret_from_fork+0x116/0x1d0 [ 12.618115] ? __pfx_kthread+0x10/0x10 [ 12.618135] ret_from_fork_asm+0x1a/0x30 [ 12.618167] </TASK> [ 12.618176] [ 12.625824] Allocated by task 203: [ 12.625966] kasan_save_stack+0x45/0x70 [ 12.626107] kasan_save_track+0x18/0x40 [ 12.626411] kasan_save_alloc_info+0x3b/0x50 [ 12.626623] __kasan_kmalloc+0xb7/0xc0 [ 12.626951] __kmalloc_cache_noprof+0x189/0x420 [ 12.627332] kmalloc_uaf_memset+0xa9/0x360 [ 12.627479] kunit_try_run_case+0x1a5/0x480 [ 12.627625] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.627871] kthread+0x337/0x6f0 [ 12.628054] ret_from_fork+0x116/0x1d0 [ 12.628286] ret_from_fork_asm+0x1a/0x30 [ 12.628609] [ 12.628677] Freed by task 203: [ 12.628786] kasan_save_stack+0x45/0x70 [ 12.628930] kasan_save_track+0x18/0x40 [ 12.629063] kasan_save_free_info+0x3f/0x60 [ 12.629219] __kasan_slab_free+0x56/0x70 [ 12.629414] kfree+0x222/0x3f0 [ 12.629575] kmalloc_uaf_memset+0x12b/0x360 [ 12.629782] kunit_try_run_case+0x1a5/0x480 [ 12.630006] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.630270] kthread+0x337/0x6f0 [ 12.630442] ret_from_fork+0x116/0x1d0 [ 12.630685] ret_from_fork_asm+0x1a/0x30 [ 12.630883] [ 12.630979] The buggy address belongs to the object at ffff8881029fe880 [ 12.630979] which belongs to the cache kmalloc-64 of size 64 [ 12.631481] The buggy address is located 0 bytes inside of [ 12.631481] freed 64-byte region [ffff8881029fe880, ffff8881029fe8c0) [ 12.631824] [ 12.631893] The buggy address belongs to the physical page: [ 12.632412] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029fe [ 12.632786] flags: 0x200000000000000(node=0|zone=2) [ 12.633034] page_type: f5(slab) [ 12.633208] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.633620] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.633848] page dumped because: kasan: bad access detected [ 12.634118] [ 12.634230] Memory state around the buggy address: [ 12.634459] ffff8881029fe780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.634746] ffff8881029fe800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.635025] >ffff8881029fe880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.635304] ^ [ 12.635423] ffff8881029fe900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.635638] ffff8881029fe980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.635849] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 12.593364] ================================================================== [ 12.593844] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 12.594131] Read of size 1 at addr ffff888100a6e188 by task kunit_try_catch/201 [ 12.594711] [ 12.594827] CPU: 0 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.594869] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.594880] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.594899] Call Trace: [ 12.594910] <TASK> [ 12.594936] dump_stack_lvl+0x73/0xb0 [ 12.594968] print_report+0xd1/0x650 [ 12.594990] ? __virt_addr_valid+0x1db/0x2d0 [ 12.595012] ? kmalloc_uaf+0x320/0x380 [ 12.595031] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.595054] ? kmalloc_uaf+0x320/0x380 [ 12.595074] kasan_report+0x141/0x180 [ 12.595171] ? kmalloc_uaf+0x320/0x380 [ 12.595196] __asan_report_load1_noabort+0x18/0x20 [ 12.595221] kmalloc_uaf+0x320/0x380 [ 12.595240] ? __pfx_kmalloc_uaf+0x10/0x10 [ 12.595260] ? __schedule+0x10cc/0x2b60 [ 12.595282] ? __pfx_read_tsc+0x10/0x10 [ 12.595302] ? ktime_get_ts64+0x86/0x230 [ 12.595326] kunit_try_run_case+0x1a5/0x480 [ 12.595350] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.595372] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.595395] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.595419] ? __kthread_parkme+0x82/0x180 [ 12.595438] ? preempt_count_sub+0x50/0x80 [ 12.595462] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.595486] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.595512] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.595536] kthread+0x337/0x6f0 [ 12.595554] ? trace_preempt_on+0x20/0xc0 [ 12.595577] ? __pfx_kthread+0x10/0x10 [ 12.595597] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.595618] ? calculate_sigpending+0x7b/0xa0 [ 12.595641] ? __pfx_kthread+0x10/0x10 [ 12.595662] ret_from_fork+0x116/0x1d0 [ 12.595680] ? __pfx_kthread+0x10/0x10 [ 12.595700] ret_from_fork_asm+0x1a/0x30 [ 12.595731] </TASK> [ 12.595740] [ 12.603122] Allocated by task 201: [ 12.603318] kasan_save_stack+0x45/0x70 [ 12.603512] kasan_save_track+0x18/0x40 [ 12.603647] kasan_save_alloc_info+0x3b/0x50 [ 12.603809] __kasan_kmalloc+0xb7/0xc0 [ 12.604092] __kmalloc_cache_noprof+0x189/0x420 [ 12.604323] kmalloc_uaf+0xaa/0x380 [ 12.604504] kunit_try_run_case+0x1a5/0x480 [ 12.604723] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.604944] kthread+0x337/0x6f0 [ 12.605320] ret_from_fork+0x116/0x1d0 [ 12.605466] ret_from_fork_asm+0x1a/0x30 [ 12.605661] [ 12.605752] Freed by task 201: [ 12.605905] kasan_save_stack+0x45/0x70 [ 12.606054] kasan_save_track+0x18/0x40 [ 12.606188] kasan_save_free_info+0x3f/0x60 [ 12.606367] __kasan_slab_free+0x56/0x70 [ 12.606578] kfree+0x222/0x3f0 [ 12.606981] kmalloc_uaf+0x12c/0x380 [ 12.607238] kunit_try_run_case+0x1a5/0x480 [ 12.607405] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.607580] kthread+0x337/0x6f0 [ 12.607699] ret_from_fork+0x116/0x1d0 [ 12.607830] ret_from_fork_asm+0x1a/0x30 [ 12.608032] [ 12.608128] The buggy address belongs to the object at ffff888100a6e180 [ 12.608128] which belongs to the cache kmalloc-16 of size 16 [ 12.608658] The buggy address is located 8 bytes inside of [ 12.608658] freed 16-byte region [ffff888100a6e180, ffff888100a6e190) [ 12.609319] [ 12.609396] The buggy address belongs to the physical page: [ 12.609566] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a6e [ 12.609933] flags: 0x200000000000000(node=0|zone=2) [ 12.610324] page_type: f5(slab) [ 12.610498] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.610753] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.610990] page dumped because: kasan: bad access detected [ 12.611160] [ 12.611331] Memory state around the buggy address: [ 12.611559] ffff888100a6e080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.611876] ffff888100a6e100: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.612175] >ffff888100a6e180: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.612550] ^ [ 12.612725] ffff888100a6e200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.612963] ffff888100a6e280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.613272] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 12.571347] ================================================================== [ 12.571842] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.572170] Read of size 64 at addr ffff8881029fe704 by task kunit_try_catch/199 [ 12.572550] [ 12.572670] CPU: 1 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.572712] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.572724] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.572743] Call Trace: [ 12.572766] <TASK> [ 12.572782] dump_stack_lvl+0x73/0xb0 [ 12.572812] print_report+0xd1/0x650 [ 12.572834] ? __virt_addr_valid+0x1db/0x2d0 [ 12.572857] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.572881] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.572904] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.572940] kasan_report+0x141/0x180 [ 12.572962] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.572992] kasan_check_range+0x10c/0x1c0 [ 12.573058] __asan_memmove+0x27/0x70 [ 12.573080] kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.573105] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 12.573132] ? __schedule+0x10cc/0x2b60 [ 12.573154] ? __pfx_read_tsc+0x10/0x10 [ 12.573175] ? ktime_get_ts64+0x86/0x230 [ 12.573200] kunit_try_run_case+0x1a5/0x480 [ 12.573224] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.573247] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.573270] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.573293] ? __kthread_parkme+0x82/0x180 [ 12.573313] ? preempt_count_sub+0x50/0x80 [ 12.573338] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.573362] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.573386] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.573411] kthread+0x337/0x6f0 [ 12.573429] ? trace_preempt_on+0x20/0xc0 [ 12.573452] ? __pfx_kthread+0x10/0x10 [ 12.573472] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.573493] ? calculate_sigpending+0x7b/0xa0 [ 12.573517] ? __pfx_kthread+0x10/0x10 [ 12.573538] ret_from_fork+0x116/0x1d0 [ 12.573556] ? __pfx_kthread+0x10/0x10 [ 12.573575] ret_from_fork_asm+0x1a/0x30 [ 12.573607] </TASK> [ 12.573616] [ 12.582261] Allocated by task 199: [ 12.582493] kasan_save_stack+0x45/0x70 [ 12.582701] kasan_save_track+0x18/0x40 [ 12.582977] kasan_save_alloc_info+0x3b/0x50 [ 12.583129] __kasan_kmalloc+0xb7/0xc0 [ 12.583313] __kmalloc_cache_noprof+0x189/0x420 [ 12.583553] kmalloc_memmove_invalid_size+0xac/0x330 [ 12.584108] kunit_try_run_case+0x1a5/0x480 [ 12.584297] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.584549] kthread+0x337/0x6f0 [ 12.584706] ret_from_fork+0x116/0x1d0 [ 12.584904] ret_from_fork_asm+0x1a/0x30 [ 12.585178] [ 12.585251] The buggy address belongs to the object at ffff8881029fe700 [ 12.585251] which belongs to the cache kmalloc-64 of size 64 [ 12.585699] The buggy address is located 4 bytes inside of [ 12.585699] allocated 64-byte region [ffff8881029fe700, ffff8881029fe740) [ 12.586109] [ 12.586330] The buggy address belongs to the physical page: [ 12.586596] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029fe [ 12.586945] flags: 0x200000000000000(node=0|zone=2) [ 12.587182] page_type: f5(slab) [ 12.587400] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.587709] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.588049] page dumped because: kasan: bad access detected [ 12.588307] [ 12.588401] Memory state around the buggy address: [ 12.588554] ffff8881029fe600: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 12.588793] ffff8881029fe680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.589139] >ffff8881029fe700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 12.589453] ^ [ 12.589644] ffff8881029fe780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.590011] ffff8881029fe800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.590487] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 12.550161] ================================================================== [ 12.550668] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 12.551008] Read of size 18446744073709551614 at addr ffff888102c61b84 by task kunit_try_catch/197 [ 12.551464] [ 12.551558] CPU: 0 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.551598] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.551609] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.551627] Call Trace: [ 12.551638] <TASK> [ 12.551652] dump_stack_lvl+0x73/0xb0 [ 12.551681] print_report+0xd1/0x650 [ 12.551703] ? __virt_addr_valid+0x1db/0x2d0 [ 12.551725] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.551750] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.551773] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.551798] kasan_report+0x141/0x180 [ 12.551820] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.551850] kasan_check_range+0x10c/0x1c0 [ 12.551873] __asan_memmove+0x27/0x70 [ 12.551979] kmalloc_memmove_negative_size+0x171/0x330 [ 12.552005] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 12.552066] ? __schedule+0x10cc/0x2b60 [ 12.552089] ? __pfx_read_tsc+0x10/0x10 [ 12.552110] ? ktime_get_ts64+0x86/0x230 [ 12.552134] kunit_try_run_case+0x1a5/0x480 [ 12.552158] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.552180] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.552204] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.552227] ? __kthread_parkme+0x82/0x180 [ 12.552247] ? preempt_count_sub+0x50/0x80 [ 12.552270] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.552294] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.552318] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.552342] kthread+0x337/0x6f0 [ 12.552360] ? trace_preempt_on+0x20/0xc0 [ 12.552383] ? __pfx_kthread+0x10/0x10 [ 12.552403] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.552424] ? calculate_sigpending+0x7b/0xa0 [ 12.552448] ? __pfx_kthread+0x10/0x10 [ 12.552469] ret_from_fork+0x116/0x1d0 [ 12.552486] ? __pfx_kthread+0x10/0x10 [ 12.552506] ret_from_fork_asm+0x1a/0x30 [ 12.552537] </TASK> [ 12.552547] [ 12.560095] Allocated by task 197: [ 12.560227] kasan_save_stack+0x45/0x70 [ 12.560371] kasan_save_track+0x18/0x40 [ 12.560563] kasan_save_alloc_info+0x3b/0x50 [ 12.560775] __kasan_kmalloc+0xb7/0xc0 [ 12.560984] __kmalloc_cache_noprof+0x189/0x420 [ 12.561392] kmalloc_memmove_negative_size+0xac/0x330 [ 12.561567] kunit_try_run_case+0x1a5/0x480 [ 12.561714] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.562266] kthread+0x337/0x6f0 [ 12.562547] ret_from_fork+0x116/0x1d0 [ 12.562719] ret_from_fork_asm+0x1a/0x30 [ 12.562900] [ 12.563017] The buggy address belongs to the object at ffff888102c61b80 [ 12.563017] which belongs to the cache kmalloc-64 of size 64 [ 12.563561] The buggy address is located 4 bytes inside of [ 12.563561] 64-byte region [ffff888102c61b80, ffff888102c61bc0) [ 12.564031] [ 12.564157] The buggy address belongs to the physical page: [ 12.564443] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c61 [ 12.564788] flags: 0x200000000000000(node=0|zone=2) [ 12.564987] page_type: f5(slab) [ 12.565107] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.565339] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.565616] page dumped because: kasan: bad access detected [ 12.566111] [ 12.566207] Memory state around the buggy address: [ 12.566407] ffff888102c61a80: 00 00 00 00 05 fc fc fc fc fc fc fc fc fc fc fc [ 12.566626] ffff888102c61b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.567066] >ffff888102c61b80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 12.567392] ^ [ 12.567557] ffff888102c61c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.567872] ffff888102c61c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.568324] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 12.506765] ================================================================== [ 12.507398] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 12.507718] Write of size 8 at addr ffff8881029f2d71 by task kunit_try_catch/193 [ 12.508051] [ 12.508199] CPU: 1 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.508241] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.508252] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.508271] Call Trace: [ 12.508282] <TASK> [ 12.508297] dump_stack_lvl+0x73/0xb0 [ 12.508326] print_report+0xd1/0x650 [ 12.508346] ? __virt_addr_valid+0x1db/0x2d0 [ 12.508369] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.508390] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.508413] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.508436] kasan_report+0x141/0x180 [ 12.508458] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.508485] kasan_check_range+0x10c/0x1c0 [ 12.508509] __asan_memset+0x27/0x50 [ 12.508530] kmalloc_oob_memset_8+0x166/0x330 [ 12.508553] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 12.508578] ? __schedule+0x10cc/0x2b60 [ 12.508600] ? __pfx_read_tsc+0x10/0x10 [ 12.508621] ? ktime_get_ts64+0x86/0x230 [ 12.508645] kunit_try_run_case+0x1a5/0x480 [ 12.508668] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.508691] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.508714] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.508737] ? __kthread_parkme+0x82/0x180 [ 12.508757] ? preempt_count_sub+0x50/0x80 [ 12.508781] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.509015] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.509090] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.509116] kthread+0x337/0x6f0 [ 12.509135] ? trace_preempt_on+0x20/0xc0 [ 12.509158] ? __pfx_kthread+0x10/0x10 [ 12.509178] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.509199] ? calculate_sigpending+0x7b/0xa0 [ 12.509224] ? __pfx_kthread+0x10/0x10 [ 12.509245] ret_from_fork+0x116/0x1d0 [ 12.509263] ? __pfx_kthread+0x10/0x10 [ 12.509283] ret_from_fork_asm+0x1a/0x30 [ 12.509314] </TASK> [ 12.509324] [ 12.519521] Allocated by task 193: [ 12.520139] kasan_save_stack+0x45/0x70 [ 12.520698] kasan_save_track+0x18/0x40 [ 12.521349] kasan_save_alloc_info+0x3b/0x50 [ 12.521949] __kasan_kmalloc+0xb7/0xc0 [ 12.522563] __kmalloc_cache_noprof+0x189/0x420 [ 12.523436] kmalloc_oob_memset_8+0xac/0x330 [ 12.524035] kunit_try_run_case+0x1a5/0x480 [ 12.524453] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.524642] kthread+0x337/0x6f0 [ 12.524772] ret_from_fork+0x116/0x1d0 [ 12.524905] ret_from_fork_asm+0x1a/0x30 [ 12.525118] [ 12.525214] The buggy address belongs to the object at ffff8881029f2d00 [ 12.525214] which belongs to the cache kmalloc-128 of size 128 [ 12.525752] The buggy address is located 113 bytes inside of [ 12.525752] allocated 120-byte region [ffff8881029f2d00, ffff8881029f2d78) [ 12.526372] [ 12.526448] The buggy address belongs to the physical page: [ 12.526722] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f2 [ 12.527191] flags: 0x200000000000000(node=0|zone=2) [ 12.527360] page_type: f5(slab) [ 12.527554] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.527974] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.528448] page dumped because: kasan: bad access detected [ 12.528731] [ 12.528847] Memory state around the buggy address: [ 12.529152] ffff8881029f2c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.529486] ffff8881029f2c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.529822] >ffff8881029f2d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.530208] ^ [ 12.530544] ffff8881029f2d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.530868] ffff8881029f2e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.531264] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 12.482935] ================================================================== [ 12.483458] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 12.483756] Write of size 4 at addr ffff888100a73f75 by task kunit_try_catch/191 [ 12.484390] [ 12.484501] CPU: 0 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.484543] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.484554] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.484573] Call Trace: [ 12.484584] <TASK> [ 12.484598] dump_stack_lvl+0x73/0xb0 [ 12.484627] print_report+0xd1/0x650 [ 12.484649] ? __virt_addr_valid+0x1db/0x2d0 [ 12.484672] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.484693] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.484716] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.484738] kasan_report+0x141/0x180 [ 12.484760] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.484787] kasan_check_range+0x10c/0x1c0 [ 12.484810] __asan_memset+0x27/0x50 [ 12.484830] kmalloc_oob_memset_4+0x166/0x330 [ 12.484851] ? __kasan_check_write+0x18/0x20 [ 12.484870] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 12.484892] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.484944] ? trace_hardirqs_on+0x37/0xe0 [ 12.484968] ? __pfx_read_tsc+0x10/0x10 [ 12.484988] ? ktime_get_ts64+0x86/0x230 [ 12.485013] kunit_try_run_case+0x1a5/0x480 [ 12.485037] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.485062] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.485086] ? __kthread_parkme+0x82/0x180 [ 12.485191] ? preempt_count_sub+0x50/0x80 [ 12.485215] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.485239] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.485263] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.485288] kthread+0x337/0x6f0 [ 12.485306] ? trace_preempt_on+0x20/0xc0 [ 12.485328] ? __pfx_kthread+0x10/0x10 [ 12.485348] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.485370] ? calculate_sigpending+0x7b/0xa0 [ 12.485394] ? __pfx_kthread+0x10/0x10 [ 12.485415] ret_from_fork+0x116/0x1d0 [ 12.485433] ? __pfx_kthread+0x10/0x10 [ 12.485453] ret_from_fork_asm+0x1a/0x30 [ 12.485484] </TASK> [ 12.485494] [ 12.493439] Allocated by task 191: [ 12.493569] kasan_save_stack+0x45/0x70 [ 12.493847] kasan_save_track+0x18/0x40 [ 12.494053] kasan_save_alloc_info+0x3b/0x50 [ 12.494339] __kasan_kmalloc+0xb7/0xc0 [ 12.494530] __kmalloc_cache_noprof+0x189/0x420 [ 12.494693] kmalloc_oob_memset_4+0xac/0x330 [ 12.495291] kunit_try_run_case+0x1a5/0x480 [ 12.495486] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.495663] kthread+0x337/0x6f0 [ 12.495783] ret_from_fork+0x116/0x1d0 [ 12.495982] ret_from_fork_asm+0x1a/0x30 [ 12.496186] [ 12.496394] The buggy address belongs to the object at ffff888100a73f00 [ 12.496394] which belongs to the cache kmalloc-128 of size 128 [ 12.496847] The buggy address is located 117 bytes inside of [ 12.496847] allocated 120-byte region [ffff888100a73f00, ffff888100a73f78) [ 12.497582] [ 12.497665] The buggy address belongs to the physical page: [ 12.497943] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a73 [ 12.498261] flags: 0x200000000000000(node=0|zone=2) [ 12.498425] page_type: f5(slab) [ 12.498594] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.498947] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.499370] page dumped because: kasan: bad access detected [ 12.499849] [ 12.499952] Memory state around the buggy address: [ 12.500217] ffff888100a73e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.500489] ffff888100a73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.500810] >ffff888100a73f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.501217] ^ [ 12.501512] ffff888100a73f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.501817] ffff888100a74000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.502060] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 12.460456] ================================================================== [ 12.460963] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 12.461371] Write of size 2 at addr ffff8881029f2c77 by task kunit_try_catch/189 [ 12.461657] [ 12.461764] CPU: 1 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.461802] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.461813] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.461832] Call Trace: [ 12.461842] <TASK> [ 12.461855] dump_stack_lvl+0x73/0xb0 [ 12.461883] print_report+0xd1/0x650 [ 12.461904] ? __virt_addr_valid+0x1db/0x2d0 [ 12.461996] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.462019] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.462041] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.462063] kasan_report+0x141/0x180 [ 12.462135] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.462165] kasan_check_range+0x10c/0x1c0 [ 12.462189] __asan_memset+0x27/0x50 [ 12.462208] kmalloc_oob_memset_2+0x166/0x330 [ 12.462233] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 12.462256] ? __schedule+0x10cc/0x2b60 [ 12.462277] ? __pfx_read_tsc+0x10/0x10 [ 12.462299] ? ktime_get_ts64+0x86/0x230 [ 12.462324] kunit_try_run_case+0x1a5/0x480 [ 12.462350] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.462372] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.462395] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.462419] ? __kthread_parkme+0x82/0x180 [ 12.462438] ? preempt_count_sub+0x50/0x80 [ 12.462461] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.462485] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.462513] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.462538] kthread+0x337/0x6f0 [ 12.462556] ? trace_preempt_on+0x20/0xc0 [ 12.462579] ? __pfx_kthread+0x10/0x10 [ 12.462599] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.462620] ? calculate_sigpending+0x7b/0xa0 [ 12.462643] ? __pfx_kthread+0x10/0x10 [ 12.462664] ret_from_fork+0x116/0x1d0 [ 12.462681] ? __pfx_kthread+0x10/0x10 [ 12.462701] ret_from_fork_asm+0x1a/0x30 [ 12.462733] </TASK> [ 12.462742] [ 12.469896] Allocated by task 189: [ 12.470090] kasan_save_stack+0x45/0x70 [ 12.470459] kasan_save_track+0x18/0x40 [ 12.470658] kasan_save_alloc_info+0x3b/0x50 [ 12.470943] __kasan_kmalloc+0xb7/0xc0 [ 12.471177] __kmalloc_cache_noprof+0x189/0x420 [ 12.471389] kmalloc_oob_memset_2+0xac/0x330 [ 12.471561] kunit_try_run_case+0x1a5/0x480 [ 12.471767] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.472016] kthread+0x337/0x6f0 [ 12.472167] ret_from_fork+0x116/0x1d0 [ 12.472426] ret_from_fork_asm+0x1a/0x30 [ 12.472627] [ 12.472709] The buggy address belongs to the object at ffff8881029f2c00 [ 12.472709] which belongs to the cache kmalloc-128 of size 128 [ 12.473349] The buggy address is located 119 bytes inside of [ 12.473349] allocated 120-byte region [ffff8881029f2c00, ffff8881029f2c78) [ 12.473771] [ 12.473867] The buggy address belongs to the physical page: [ 12.474123] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f2 [ 12.474458] flags: 0x200000000000000(node=0|zone=2) [ 12.474687] page_type: f5(slab) [ 12.474822] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.475060] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.475281] page dumped because: kasan: bad access detected [ 12.475449] [ 12.475592] Memory state around the buggy address: [ 12.475875] ffff8881029f2b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.476223] ffff8881029f2b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.476530] >ffff8881029f2c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.476740] ^ [ 12.477043] ffff8881029f2c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.477366] ffff8881029f2d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.477688] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 12.439225] ================================================================== [ 12.439664] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 12.440352] Write of size 128 at addr ffff888100a73e00 by task kunit_try_catch/187 [ 12.440760] [ 12.440863] CPU: 0 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.440906] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.440917] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.440961] Call Trace: [ 12.440973] <TASK> [ 12.440989] dump_stack_lvl+0x73/0xb0 [ 12.441020] print_report+0xd1/0x650 [ 12.441041] ? __virt_addr_valid+0x1db/0x2d0 [ 12.441076] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.441098] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.441120] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.441143] kasan_report+0x141/0x180 [ 12.441164] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.441191] kasan_check_range+0x10c/0x1c0 [ 12.441214] __asan_memset+0x27/0x50 [ 12.441233] kmalloc_oob_in_memset+0x15f/0x320 [ 12.441255] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 12.441280] ? __schedule+0x10cc/0x2b60 [ 12.441301] ? __pfx_read_tsc+0x10/0x10 [ 12.441322] ? ktime_get_ts64+0x86/0x230 [ 12.441346] kunit_try_run_case+0x1a5/0x480 [ 12.441371] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.441393] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.441416] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.441439] ? __kthread_parkme+0x82/0x180 [ 12.441460] ? preempt_count_sub+0x50/0x80 [ 12.441483] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.441507] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.441531] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.441556] kthread+0x337/0x6f0 [ 12.441582] ? trace_preempt_on+0x20/0xc0 [ 12.441605] ? __pfx_kthread+0x10/0x10 [ 12.441625] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.441646] ? calculate_sigpending+0x7b/0xa0 [ 12.441670] ? __pfx_kthread+0x10/0x10 [ 12.441691] ret_from_fork+0x116/0x1d0 [ 12.441709] ? __pfx_kthread+0x10/0x10 [ 12.441728] ret_from_fork_asm+0x1a/0x30 [ 12.441760] </TASK> [ 12.441769] [ 12.449172] Allocated by task 187: [ 12.449300] kasan_save_stack+0x45/0x70 [ 12.449440] kasan_save_track+0x18/0x40 [ 12.449721] kasan_save_alloc_info+0x3b/0x50 [ 12.449955] __kasan_kmalloc+0xb7/0xc0 [ 12.450143] __kmalloc_cache_noprof+0x189/0x420 [ 12.450335] kmalloc_oob_in_memset+0xac/0x320 [ 12.450484] kunit_try_run_case+0x1a5/0x480 [ 12.450631] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.450896] kthread+0x337/0x6f0 [ 12.451283] ret_from_fork+0x116/0x1d0 [ 12.451491] ret_from_fork_asm+0x1a/0x30 [ 12.451693] [ 12.451820] The buggy address belongs to the object at ffff888100a73e00 [ 12.451820] which belongs to the cache kmalloc-128 of size 128 [ 12.452506] The buggy address is located 0 bytes inside of [ 12.452506] allocated 120-byte region [ffff888100a73e00, ffff888100a73e78) [ 12.452985] [ 12.453058] The buggy address belongs to the physical page: [ 12.453231] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a73 [ 12.453576] flags: 0x200000000000000(node=0|zone=2) [ 12.453888] page_type: f5(slab) [ 12.454165] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.454444] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.454673] page dumped because: kasan: bad access detected [ 12.454870] [ 12.455005] Memory state around the buggy address: [ 12.455339] ffff888100a73d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.455656] ffff888100a73d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.456165] >ffff888100a73e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.456477] ^ [ 12.456744] ffff888100a73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.456999] ffff888100a73f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.457244] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 12.415333] ================================================================== [ 12.415782] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 12.416090] Read of size 16 at addr ffff888102321e60 by task kunit_try_catch/185 [ 12.416501] [ 12.416604] CPU: 1 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.416646] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.416657] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.416676] Call Trace: [ 12.416687] <TASK> [ 12.416701] dump_stack_lvl+0x73/0xb0 [ 12.416731] print_report+0xd1/0x650 [ 12.416765] ? __virt_addr_valid+0x1db/0x2d0 [ 12.416788] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.416808] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.416831] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.416852] kasan_report+0x141/0x180 [ 12.416873] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.416899] __asan_report_load16_noabort+0x18/0x20 [ 12.416935] kmalloc_uaf_16+0x47b/0x4c0 [ 12.416956] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 12.416978] ? __schedule+0x10cc/0x2b60 [ 12.416999] ? __pfx_read_tsc+0x10/0x10 [ 12.417019] ? ktime_get_ts64+0x86/0x230 [ 12.417043] kunit_try_run_case+0x1a5/0x480 [ 12.417067] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.417137] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.417161] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.417185] ? __kthread_parkme+0x82/0x180 [ 12.417205] ? preempt_count_sub+0x50/0x80 [ 12.417229] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.417253] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.417278] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.417303] kthread+0x337/0x6f0 [ 12.417321] ? trace_preempt_on+0x20/0xc0 [ 12.417343] ? __pfx_kthread+0x10/0x10 [ 12.417364] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.417385] ? calculate_sigpending+0x7b/0xa0 [ 12.417408] ? __pfx_kthread+0x10/0x10 [ 12.417429] ret_from_fork+0x116/0x1d0 [ 12.417446] ? __pfx_kthread+0x10/0x10 [ 12.417466] ret_from_fork_asm+0x1a/0x30 [ 12.417498] </TASK> [ 12.417507] [ 12.424569] Allocated by task 185: [ 12.424801] kasan_save_stack+0x45/0x70 [ 12.425058] kasan_save_track+0x18/0x40 [ 12.425259] kasan_save_alloc_info+0x3b/0x50 [ 12.425473] __kasan_kmalloc+0xb7/0xc0 [ 12.425655] __kmalloc_cache_noprof+0x189/0x420 [ 12.425895] kmalloc_uaf_16+0x15b/0x4c0 [ 12.426152] kunit_try_run_case+0x1a5/0x480 [ 12.426338] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.426562] kthread+0x337/0x6f0 [ 12.426712] ret_from_fork+0x116/0x1d0 [ 12.426953] ret_from_fork_asm+0x1a/0x30 [ 12.427093] [ 12.427161] Freed by task 185: [ 12.427320] kasan_save_stack+0x45/0x70 [ 12.427518] kasan_save_track+0x18/0x40 [ 12.428086] kasan_save_free_info+0x3f/0x60 [ 12.428306] __kasan_slab_free+0x56/0x70 [ 12.428488] kfree+0x222/0x3f0 [ 12.428605] kmalloc_uaf_16+0x1d6/0x4c0 [ 12.428833] kunit_try_run_case+0x1a5/0x480 [ 12.429073] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.429330] kthread+0x337/0x6f0 [ 12.429478] ret_from_fork+0x116/0x1d0 [ 12.429635] ret_from_fork_asm+0x1a/0x30 [ 12.429899] [ 12.429990] The buggy address belongs to the object at ffff888102321e60 [ 12.429990] which belongs to the cache kmalloc-16 of size 16 [ 12.430511] The buggy address is located 0 bytes inside of [ 12.430511] freed 16-byte region [ffff888102321e60, ffff888102321e70) [ 12.431005] [ 12.431077] The buggy address belongs to the physical page: [ 12.431247] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102321 [ 12.431484] flags: 0x200000000000000(node=0|zone=2) [ 12.431684] page_type: f5(slab) [ 12.431850] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.432480] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.432870] page dumped because: kasan: bad access detected [ 12.433049] [ 12.433117] Memory state around the buggy address: [ 12.433269] ffff888102321d00: 00 05 fc fc 00 02 fc fc 00 03 fc fc fa fb fc fc [ 12.433480] ffff888102321d80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 12.434035] >ffff888102321e00: 00 02 fc fc 00 02 fc fc 00 00 fc fc fa fb fc fc [ 12.434363] ^ [ 12.434656] ffff888102321e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.435110] ffff888102321f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.435639] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 12.394286] ================================================================== [ 12.394764] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 12.395267] Write of size 16 at addr ffff888100a6e140 by task kunit_try_catch/183 [ 12.395550] [ 12.395658] CPU: 0 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.395699] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.395964] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.395987] Call Trace: [ 12.395998] <TASK> [ 12.396013] dump_stack_lvl+0x73/0xb0 [ 12.396098] print_report+0xd1/0x650 [ 12.396120] ? __virt_addr_valid+0x1db/0x2d0 [ 12.396144] ? kmalloc_oob_16+0x452/0x4a0 [ 12.396164] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.396187] ? kmalloc_oob_16+0x452/0x4a0 [ 12.396208] kasan_report+0x141/0x180 [ 12.396229] ? kmalloc_oob_16+0x452/0x4a0 [ 12.396255] __asan_report_store16_noabort+0x1b/0x30 [ 12.396280] kmalloc_oob_16+0x452/0x4a0 [ 12.396300] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 12.396322] ? irqentry_exit+0x2a/0x60 [ 12.396345] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.396370] ? __pfx_read_tsc+0x10/0x10 [ 12.396391] ? ktime_get_ts64+0x86/0x230 [ 12.396416] kunit_try_run_case+0x1a5/0x480 [ 12.396441] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.396467] ? __kthread_parkme+0x8f/0x180 [ 12.396535] ? __kthread_parkme+0xfa/0x180 [ 12.396556] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.396583] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.396608] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.396633] kthread+0x337/0x6f0 [ 12.396651] ? trace_preempt_on+0x20/0xc0 [ 12.396674] ? __pfx_kthread+0x10/0x10 [ 12.396694] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.396717] ? calculate_sigpending+0x7b/0xa0 [ 12.396741] ? __pfx_kthread+0x10/0x10 [ 12.396781] ret_from_fork+0x116/0x1d0 [ 12.396798] ? __pfx_kthread+0x10/0x10 [ 12.396819] ret_from_fork_asm+0x1a/0x30 [ 12.396850] </TASK> [ 12.396860] [ 12.403579] Allocated by task 183: [ 12.403710] kasan_save_stack+0x45/0x70 [ 12.403903] kasan_save_track+0x18/0x40 [ 12.404102] kasan_save_alloc_info+0x3b/0x50 [ 12.404312] __kasan_kmalloc+0xb7/0xc0 [ 12.404516] __kmalloc_cache_noprof+0x189/0x420 [ 12.404737] kmalloc_oob_16+0xa8/0x4a0 [ 12.405222] kunit_try_run_case+0x1a5/0x480 [ 12.405417] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.405621] kthread+0x337/0x6f0 [ 12.405741] ret_from_fork+0x116/0x1d0 [ 12.405872] ret_from_fork_asm+0x1a/0x30 [ 12.406230] [ 12.406332] The buggy address belongs to the object at ffff888100a6e140 [ 12.406332] which belongs to the cache kmalloc-16 of size 16 [ 12.406848] The buggy address is located 0 bytes inside of [ 12.406848] allocated 13-byte region [ffff888100a6e140, ffff888100a6e14d) [ 12.407513] [ 12.407588] The buggy address belongs to the physical page: [ 12.407758] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a6e [ 12.408262] flags: 0x200000000000000(node=0|zone=2) [ 12.408507] page_type: f5(slab) [ 12.408685] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.409157] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.409446] page dumped because: kasan: bad access detected [ 12.409662] [ 12.409757] Memory state around the buggy address: [ 12.409958] ffff888100a6e000: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.410444] ffff888100a6e080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.410722] >ffff888100a6e100: 00 05 fc fc fa fb fc fc 00 05 fc fc 00 00 fc fc [ 12.411119] ^ [ 12.411317] ffff888100a6e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.411616] ffff888100a6e200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.411887] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 12.337055] ================================================================== [ 12.337483] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 12.337710] Read of size 1 at addr ffff888102244400 by task kunit_try_catch/181 [ 12.337945] [ 12.338034] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.338076] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.338087] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.338107] Call Trace: [ 12.338119] <TASK> [ 12.338135] dump_stack_lvl+0x73/0xb0 [ 12.338165] print_report+0xd1/0x650 [ 12.338186] ? __virt_addr_valid+0x1db/0x2d0 [ 12.338209] ? krealloc_uaf+0x1b8/0x5e0 [ 12.338228] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.338250] ? krealloc_uaf+0x1b8/0x5e0 [ 12.338270] kasan_report+0x141/0x180 [ 12.338290] ? krealloc_uaf+0x1b8/0x5e0 [ 12.338313] ? krealloc_uaf+0x1b8/0x5e0 [ 12.338333] __kasan_check_byte+0x3d/0x50 [ 12.338354] krealloc_noprof+0x3f/0x340 [ 12.338376] krealloc_uaf+0x1b8/0x5e0 [ 12.338396] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.338416] ? finish_task_switch.isra.0+0x153/0x700 [ 12.338438] ? __switch_to+0x47/0xf50 [ 12.338463] ? __schedule+0x10cc/0x2b60 [ 12.338484] ? __pfx_read_tsc+0x10/0x10 [ 12.338511] ? ktime_get_ts64+0x86/0x230 [ 12.338535] kunit_try_run_case+0x1a5/0x480 [ 12.338559] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.338580] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.338602] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.338624] ? __kthread_parkme+0x82/0x180 [ 12.338644] ? preempt_count_sub+0x50/0x80 [ 12.338665] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.338688] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.338710] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.338732] kthread+0x337/0x6f0 [ 12.338750] ? trace_preempt_on+0x20/0xc0 [ 12.338772] ? __pfx_kthread+0x10/0x10 [ 12.338791] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.338811] ? calculate_sigpending+0x7b/0xa0 [ 12.338833] ? __pfx_kthread+0x10/0x10 [ 12.338853] ret_from_fork+0x116/0x1d0 [ 12.338870] ? __pfx_kthread+0x10/0x10 [ 12.338889] ret_from_fork_asm+0x1a/0x30 [ 12.339283] </TASK> [ 12.339303] [ 12.355390] Allocated by task 181: [ 12.355534] kasan_save_stack+0x45/0x70 [ 12.355724] kasan_save_track+0x18/0x40 [ 12.355940] kasan_save_alloc_info+0x3b/0x50 [ 12.356236] __kasan_kmalloc+0xb7/0xc0 [ 12.356441] __kmalloc_cache_noprof+0x189/0x420 [ 12.356619] krealloc_uaf+0xbb/0x5e0 [ 12.356800] kunit_try_run_case+0x1a5/0x480 [ 12.357024] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.357223] kthread+0x337/0x6f0 [ 12.357351] ret_from_fork+0x116/0x1d0 [ 12.357536] ret_from_fork_asm+0x1a/0x30 [ 12.357731] [ 12.357858] Freed by task 181: [ 12.358056] kasan_save_stack+0x45/0x70 [ 12.358206] kasan_save_track+0x18/0x40 [ 12.358340] kasan_save_free_info+0x3f/0x60 [ 12.358548] __kasan_slab_free+0x56/0x70 [ 12.358739] kfree+0x222/0x3f0 [ 12.358932] krealloc_uaf+0x13d/0x5e0 [ 12.359102] kunit_try_run_case+0x1a5/0x480 [ 12.359246] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.359482] kthread+0x337/0x6f0 [ 12.359649] ret_from_fork+0x116/0x1d0 [ 12.359832] ret_from_fork_asm+0x1a/0x30 [ 12.360071] [ 12.360155] The buggy address belongs to the object at ffff888102244400 [ 12.360155] which belongs to the cache kmalloc-256 of size 256 [ 12.360680] The buggy address is located 0 bytes inside of [ 12.360680] freed 256-byte region [ffff888102244400, ffff888102244500) [ 12.361075] [ 12.361147] The buggy address belongs to the physical page: [ 12.361397] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102244 [ 12.361970] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.362213] flags: 0x200000000000040(head|node=0|zone=2) [ 12.362388] page_type: f5(slab) [ 12.362547] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.363023] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.363352] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.363604] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.364167] head: 0200000000000001 ffffea0004089101 00000000ffffffff 00000000ffffffff [ 12.364401] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.364681] page dumped because: kasan: bad access detected [ 12.365170] [ 12.365263] Memory state around the buggy address: [ 12.365472] ffff888102244300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.365820] ffff888102244380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.366053] >ffff888102244400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.366612] ^ [ 12.366729] ffff888102244480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.367310] ffff888102244500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.367562] ================================================================== [ 12.368565] ================================================================== [ 12.369141] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 12.369393] Read of size 1 at addr ffff888102244400 by task kunit_try_catch/181 [ 12.369690] [ 12.369796] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.369836] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.369846] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.369864] Call Trace: [ 12.369875] <TASK> [ 12.369890] dump_stack_lvl+0x73/0xb0 [ 12.369917] print_report+0xd1/0x650 [ 12.369951] ? __virt_addr_valid+0x1db/0x2d0 [ 12.369973] ? krealloc_uaf+0x53c/0x5e0 [ 12.369994] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.370018] ? krealloc_uaf+0x53c/0x5e0 [ 12.370039] kasan_report+0x141/0x180 [ 12.370060] ? krealloc_uaf+0x53c/0x5e0 [ 12.370086] __asan_report_load1_noabort+0x18/0x20 [ 12.370111] krealloc_uaf+0x53c/0x5e0 [ 12.370132] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.370152] ? finish_task_switch.isra.0+0x153/0x700 [ 12.370186] ? __switch_to+0x47/0xf50 [ 12.370211] ? __schedule+0x10cc/0x2b60 [ 12.370232] ? __pfx_read_tsc+0x10/0x10 [ 12.370252] ? ktime_get_ts64+0x86/0x230 [ 12.370275] kunit_try_run_case+0x1a5/0x480 [ 12.370298] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.370321] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.370344] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.370367] ? __kthread_parkme+0x82/0x180 [ 12.370387] ? preempt_count_sub+0x50/0x80 [ 12.370409] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.370434] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.370457] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.370484] kthread+0x337/0x6f0 [ 12.370506] ? trace_preempt_on+0x20/0xc0 [ 12.370529] ? __pfx_kthread+0x10/0x10 [ 12.370549] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.370570] ? calculate_sigpending+0x7b/0xa0 [ 12.370593] ? __pfx_kthread+0x10/0x10 [ 12.370614] ret_from_fork+0x116/0x1d0 [ 12.370632] ? __pfx_kthread+0x10/0x10 [ 12.370651] ret_from_fork_asm+0x1a/0x30 [ 12.370683] </TASK> [ 12.370692] [ 12.378264] Allocated by task 181: [ 12.378444] kasan_save_stack+0x45/0x70 [ 12.378653] kasan_save_track+0x18/0x40 [ 12.378868] kasan_save_alloc_info+0x3b/0x50 [ 12.379158] __kasan_kmalloc+0xb7/0xc0 [ 12.379354] __kmalloc_cache_noprof+0x189/0x420 [ 12.379531] krealloc_uaf+0xbb/0x5e0 [ 12.379700] kunit_try_run_case+0x1a5/0x480 [ 12.379990] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.380236] kthread+0x337/0x6f0 [ 12.380357] ret_from_fork+0x116/0x1d0 [ 12.380487] ret_from_fork_asm+0x1a/0x30 [ 12.380625] [ 12.380718] Freed by task 181: [ 12.380967] kasan_save_stack+0x45/0x70 [ 12.381161] kasan_save_track+0x18/0x40 [ 12.381351] kasan_save_free_info+0x3f/0x60 [ 12.381792] __kasan_slab_free+0x56/0x70 [ 12.381976] kfree+0x222/0x3f0 [ 12.382209] krealloc_uaf+0x13d/0x5e0 [ 12.382344] kunit_try_run_case+0x1a5/0x480 [ 12.382490] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.382677] kthread+0x337/0x6f0 [ 12.382840] ret_from_fork+0x116/0x1d0 [ 12.383037] ret_from_fork_asm+0x1a/0x30 [ 12.383330] [ 12.383426] The buggy address belongs to the object at ffff888102244400 [ 12.383426] which belongs to the cache kmalloc-256 of size 256 [ 12.384128] The buggy address is located 0 bytes inside of [ 12.384128] freed 256-byte region [ffff888102244400, ffff888102244500) [ 12.384474] [ 12.384544] The buggy address belongs to the physical page: [ 12.384740] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102244 [ 12.385245] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.385583] flags: 0x200000000000040(head|node=0|zone=2) [ 12.385954] page_type: f5(slab) [ 12.386179] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.386667] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.387009] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.387329] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.387597] head: 0200000000000001 ffffea0004089101 00000000ffffffff 00000000ffffffff [ 12.388143] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.388514] page dumped because: kasan: bad access detected [ 12.388731] [ 12.388879] Memory state around the buggy address: [ 12.389105] ffff888102244300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.389377] ffff888102244380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.389669] >ffff888102244400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.389995] ^ [ 12.390170] ffff888102244480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.390426] ffff888102244500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.390746] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 12.054991] ================================================================== [ 12.055422] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 12.055671] Write of size 1 at addr ffff8881003300c9 by task kunit_try_catch/175 [ 12.055902] [ 12.055995] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.056036] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.056046] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.056066] Call Trace: [ 12.056078] <TASK> [ 12.056092] dump_stack_lvl+0x73/0xb0 [ 12.056119] print_report+0xd1/0x650 [ 12.056141] ? __virt_addr_valid+0x1db/0x2d0 [ 12.056163] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.056187] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.056209] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.056234] kasan_report+0x141/0x180 [ 12.056256] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.056285] __asan_report_store1_noabort+0x1b/0x30 [ 12.056312] krealloc_less_oob_helper+0xd70/0x11d0 [ 12.056338] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.056365] ? finish_task_switch.isra.0+0x153/0x700 [ 12.056388] ? __switch_to+0x47/0xf50 [ 12.056413] ? __schedule+0x10cc/0x2b60 [ 12.056434] ? __pfx_read_tsc+0x10/0x10 [ 12.056458] krealloc_less_oob+0x1c/0x30 [ 12.056480] kunit_try_run_case+0x1a5/0x480 [ 12.056503] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.056525] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.056549] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.056572] ? __kthread_parkme+0x82/0x180 [ 12.056591] ? preempt_count_sub+0x50/0x80 [ 12.056614] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.056637] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.056661] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.056685] kthread+0x337/0x6f0 [ 12.056703] ? trace_preempt_on+0x20/0xc0 [ 12.056727] ? __pfx_kthread+0x10/0x10 [ 12.056746] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.056767] ? calculate_sigpending+0x7b/0xa0 [ 12.056791] ? __pfx_kthread+0x10/0x10 [ 12.056812] ret_from_fork+0x116/0x1d0 [ 12.056829] ? __pfx_kthread+0x10/0x10 [ 12.056849] ret_from_fork_asm+0x1a/0x30 [ 12.056880] </TASK> [ 12.056889] [ 12.079692] Allocated by task 175: [ 12.079843] kasan_save_stack+0x45/0x70 [ 12.080012] kasan_save_track+0x18/0x40 [ 12.080149] kasan_save_alloc_info+0x3b/0x50 [ 12.080299] __kasan_krealloc+0x190/0x1f0 [ 12.080438] krealloc_noprof+0xf3/0x340 [ 12.080571] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.080732] krealloc_less_oob+0x1c/0x30 [ 12.080870] kunit_try_run_case+0x1a5/0x480 [ 12.081894] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.082703] kthread+0x337/0x6f0 [ 12.083372] ret_from_fork+0x116/0x1d0 [ 12.084025] ret_from_fork_asm+0x1a/0x30 [ 12.084862] [ 12.085157] The buggy address belongs to the object at ffff888100330000 [ 12.085157] which belongs to the cache kmalloc-256 of size 256 [ 12.086940] The buggy address is located 0 bytes to the right of [ 12.086940] allocated 201-byte region [ffff888100330000, ffff8881003300c9) [ 12.087579] [ 12.087657] The buggy address belongs to the physical page: [ 12.087993] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100330 [ 12.088743] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.089450] flags: 0x200000000000040(head|node=0|zone=2) [ 12.090108] page_type: f5(slab) [ 12.090267] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.090498] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.090732] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.091464] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.092315] head: 0200000000000001 ffffea000400cc01 00000000ffffffff 00000000ffffffff [ 12.093005] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.093685] page dumped because: kasan: bad access detected [ 12.094108] [ 12.094190] Memory state around the buggy address: [ 12.094346] ffff88810032ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.094571] ffff888100330000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.094815] >ffff888100330080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.095103] ^ [ 12.095305] ffff888100330100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.095599] ffff888100330180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.095955] ================================================================== [ 12.249747] ================================================================== [ 12.249998] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 12.250407] Write of size 1 at addr ffff888102a3e0d0 by task kunit_try_catch/179 [ 12.250756] [ 12.250865] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.250905] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.250915] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.250946] Call Trace: [ 12.250960] <TASK> [ 12.250974] dump_stack_lvl+0x73/0xb0 [ 12.251002] print_report+0xd1/0x650 [ 12.251023] ? __virt_addr_valid+0x1db/0x2d0 [ 12.251045] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.251069] ? kasan_addr_to_slab+0x11/0xa0 [ 12.251089] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.251113] kasan_report+0x141/0x180 [ 12.251134] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.251163] __asan_report_store1_noabort+0x1b/0x30 [ 12.251188] krealloc_less_oob_helper+0xe23/0x11d0 [ 12.251213] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.251238] ? finish_task_switch.isra.0+0x153/0x700 [ 12.251260] ? __switch_to+0x47/0xf50 [ 12.251284] ? __schedule+0x10cc/0x2b60 [ 12.251306] ? __pfx_read_tsc+0x10/0x10 [ 12.251329] krealloc_large_less_oob+0x1c/0x30 [ 12.251352] kunit_try_run_case+0x1a5/0x480 [ 12.251376] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.251398] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.251421] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.251444] ? __kthread_parkme+0x82/0x180 [ 12.251464] ? preempt_count_sub+0x50/0x80 [ 12.251487] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.251511] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.251534] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.251559] kthread+0x337/0x6f0 [ 12.251577] ? trace_preempt_on+0x20/0xc0 [ 12.251599] ? __pfx_kthread+0x10/0x10 [ 12.251619] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.251640] ? calculate_sigpending+0x7b/0xa0 [ 12.251663] ? __pfx_kthread+0x10/0x10 [ 12.251684] ret_from_fork+0x116/0x1d0 [ 12.251702] ? __pfx_kthread+0x10/0x10 [ 12.251721] ret_from_fork_asm+0x1a/0x30 [ 12.251753] </TASK> [ 12.251763] [ 12.259529] The buggy address belongs to the physical page: [ 12.259716] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a3c [ 12.260056] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.260399] flags: 0x200000000000040(head|node=0|zone=2) [ 12.260644] page_type: f8(unknown) [ 12.260817] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.261814] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.262107] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.262358] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.262601] head: 0200000000000002 ffffea00040a8f01 00000000ffffffff 00000000ffffffff [ 12.262832] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.264215] page dumped because: kasan: bad access detected [ 12.264906] [ 12.265491] Memory state around the buggy address: [ 12.266233] ffff888102a3df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.267314] ffff888102a3e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.267996] >ffff888102a3e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.268854] ^ [ 12.269061] ffff888102a3e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.269277] ffff888102a3e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.269490] ================================================================== [ 12.150244] ================================================================== [ 12.150595] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 12.150945] Write of size 1 at addr ffff8881003300ea by task kunit_try_catch/175 [ 12.151327] [ 12.151426] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.151467] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.151478] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.151497] Call Trace: [ 12.151512] <TASK> [ 12.151528] dump_stack_lvl+0x73/0xb0 [ 12.151555] print_report+0xd1/0x650 [ 12.151575] ? __virt_addr_valid+0x1db/0x2d0 [ 12.151598] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.151621] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.151643] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.151667] kasan_report+0x141/0x180 [ 12.151688] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.151717] __asan_report_store1_noabort+0x1b/0x30 [ 12.151741] krealloc_less_oob_helper+0xe90/0x11d0 [ 12.151767] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.151811] ? finish_task_switch.isra.0+0x153/0x700 [ 12.151833] ? __switch_to+0x47/0xf50 [ 12.151857] ? __schedule+0x10cc/0x2b60 [ 12.151878] ? __pfx_read_tsc+0x10/0x10 [ 12.151901] krealloc_less_oob+0x1c/0x30 [ 12.151930] kunit_try_run_case+0x1a5/0x480 [ 12.151954] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.151976] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.152062] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.152090] ? __kthread_parkme+0x82/0x180 [ 12.152109] ? preempt_count_sub+0x50/0x80 [ 12.152132] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.152156] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.152180] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.152204] kthread+0x337/0x6f0 [ 12.152222] ? trace_preempt_on+0x20/0xc0 [ 12.152245] ? __pfx_kthread+0x10/0x10 [ 12.152265] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.152286] ? calculate_sigpending+0x7b/0xa0 [ 12.152309] ? __pfx_kthread+0x10/0x10 [ 12.152330] ret_from_fork+0x116/0x1d0 [ 12.152348] ? __pfx_kthread+0x10/0x10 [ 12.152368] ret_from_fork_asm+0x1a/0x30 [ 12.152399] </TASK> [ 12.152408] [ 12.160160] Allocated by task 175: [ 12.160336] kasan_save_stack+0x45/0x70 [ 12.160519] kasan_save_track+0x18/0x40 [ 12.160698] kasan_save_alloc_info+0x3b/0x50 [ 12.160888] __kasan_krealloc+0x190/0x1f0 [ 12.161249] krealloc_noprof+0xf3/0x340 [ 12.161433] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.161656] krealloc_less_oob+0x1c/0x30 [ 12.161827] kunit_try_run_case+0x1a5/0x480 [ 12.162147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.162346] kthread+0x337/0x6f0 [ 12.162466] ret_from_fork+0x116/0x1d0 [ 12.162601] ret_from_fork_asm+0x1a/0x30 [ 12.162739] [ 12.162832] The buggy address belongs to the object at ffff888100330000 [ 12.162832] which belongs to the cache kmalloc-256 of size 256 [ 12.163453] The buggy address is located 33 bytes to the right of [ 12.163453] allocated 201-byte region [ffff888100330000, ffff8881003300c9) [ 12.164109] [ 12.164206] The buggy address belongs to the physical page: [ 12.164463] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100330 [ 12.164807] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.165263] flags: 0x200000000000040(head|node=0|zone=2) [ 12.165521] page_type: f5(slab) [ 12.165682] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.165983] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.166306] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.166566] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.166941] head: 0200000000000001 ffffea000400cc01 00000000ffffffff 00000000ffffffff [ 12.167377] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.167726] page dumped because: kasan: bad access detected [ 12.168787] [ 12.168933] Memory state around the buggy address: [ 12.169488] ffff88810032ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.169768] ffff888100330000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.170354] >ffff888100330080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.170626] ^ [ 12.171172] ffff888100330100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.171477] ffff888100330180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.171769] ================================================================== [ 12.232822] ================================================================== [ 12.233454] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 12.233769] Write of size 1 at addr ffff888102a3e0c9 by task kunit_try_catch/179 [ 12.234092] [ 12.234249] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.234291] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.234301] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.234320] Call Trace: [ 12.234331] <TASK> [ 12.234345] dump_stack_lvl+0x73/0xb0 [ 12.234373] print_report+0xd1/0x650 [ 12.234394] ? __virt_addr_valid+0x1db/0x2d0 [ 12.234416] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.234440] ? kasan_addr_to_slab+0x11/0xa0 [ 12.234460] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.234484] kasan_report+0x141/0x180 [ 12.234510] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.234542] __asan_report_store1_noabort+0x1b/0x30 [ 12.234567] krealloc_less_oob_helper+0xd70/0x11d0 [ 12.234593] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.234619] ? finish_task_switch.isra.0+0x153/0x700 [ 12.234642] ? __switch_to+0x47/0xf50 [ 12.234666] ? __schedule+0x10cc/0x2b60 [ 12.234688] ? __pfx_read_tsc+0x10/0x10 [ 12.234711] krealloc_large_less_oob+0x1c/0x30 [ 12.234734] kunit_try_run_case+0x1a5/0x480 [ 12.234758] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.234781] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.234818] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.234842] ? __kthread_parkme+0x82/0x180 [ 12.234861] ? preempt_count_sub+0x50/0x80 [ 12.234884] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.234908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.234942] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.234966] kthread+0x337/0x6f0 [ 12.234984] ? trace_preempt_on+0x20/0xc0 [ 12.235007] ? __pfx_kthread+0x10/0x10 [ 12.235027] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.235049] ? calculate_sigpending+0x7b/0xa0 [ 12.235072] ? __pfx_kthread+0x10/0x10 [ 12.235094] ret_from_fork+0x116/0x1d0 [ 12.235111] ? __pfx_kthread+0x10/0x10 [ 12.235131] ret_from_fork_asm+0x1a/0x30 [ 12.235163] </TASK> [ 12.235172] [ 12.243124] The buggy address belongs to the physical page: [ 12.243306] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a3c [ 12.243663] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.244090] flags: 0x200000000000040(head|node=0|zone=2) [ 12.244294] page_type: f8(unknown) [ 12.244466] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.244712] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.245191] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.245499] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.245798] head: 0200000000000002 ffffea00040a8f01 00000000ffffffff 00000000ffffffff [ 12.246242] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.246471] page dumped because: kasan: bad access detected [ 12.246837] [ 12.246946] Memory state around the buggy address: [ 12.247169] ffff888102a3df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.247556] ffff888102a3e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.247773] >ffff888102a3e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.247996] ^ [ 12.248210] ffff888102a3e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.249017] ffff888102a3e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.249449] ================================================================== [ 12.096847] ================================================================== [ 12.097270] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 12.097989] Write of size 1 at addr ffff8881003300d0 by task kunit_try_catch/175 [ 12.098546] [ 12.098662] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.098706] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.098717] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.098736] Call Trace: [ 12.098753] <TASK> [ 12.098769] dump_stack_lvl+0x73/0xb0 [ 12.098800] print_report+0xd1/0x650 [ 12.098821] ? __virt_addr_valid+0x1db/0x2d0 [ 12.098844] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.098892] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.098915] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.098949] kasan_report+0x141/0x180 [ 12.098970] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.098999] __asan_report_store1_noabort+0x1b/0x30 [ 12.099090] krealloc_less_oob_helper+0xe23/0x11d0 [ 12.099120] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.099144] ? finish_task_switch.isra.0+0x153/0x700 [ 12.099167] ? __switch_to+0x47/0xf50 [ 12.099191] ? __schedule+0x10cc/0x2b60 [ 12.099213] ? __pfx_read_tsc+0x10/0x10 [ 12.099236] krealloc_less_oob+0x1c/0x30 [ 12.099257] kunit_try_run_case+0x1a5/0x480 [ 12.099306] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.099328] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.099352] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.099375] ? __kthread_parkme+0x82/0x180 [ 12.099396] ? preempt_count_sub+0x50/0x80 [ 12.099418] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.099442] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.099484] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.099509] kthread+0x337/0x6f0 [ 12.099527] ? trace_preempt_on+0x20/0xc0 [ 12.099549] ? __pfx_kthread+0x10/0x10 [ 12.099569] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.099590] ? calculate_sigpending+0x7b/0xa0 [ 12.099613] ? __pfx_kthread+0x10/0x10 [ 12.099634] ret_from_fork+0x116/0x1d0 [ 12.099652] ? __pfx_kthread+0x10/0x10 [ 12.099672] ret_from_fork_asm+0x1a/0x30 [ 12.099703] </TASK> [ 12.099713] [ 12.107780] Allocated by task 175: [ 12.107910] kasan_save_stack+0x45/0x70 [ 12.108121] kasan_save_track+0x18/0x40 [ 12.108460] kasan_save_alloc_info+0x3b/0x50 [ 12.108703] __kasan_krealloc+0x190/0x1f0 [ 12.108903] krealloc_noprof+0xf3/0x340 [ 12.109055] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.109376] krealloc_less_oob+0x1c/0x30 [ 12.109704] kunit_try_run_case+0x1a5/0x480 [ 12.110219] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.110428] kthread+0x337/0x6f0 [ 12.110592] ret_from_fork+0x116/0x1d0 [ 12.110819] ret_from_fork_asm+0x1a/0x30 [ 12.111028] [ 12.111102] The buggy address belongs to the object at ffff888100330000 [ 12.111102] which belongs to the cache kmalloc-256 of size 256 [ 12.111567] The buggy address is located 7 bytes to the right of [ 12.111567] allocated 201-byte region [ffff888100330000, ffff8881003300c9) [ 12.112405] [ 12.112526] The buggy address belongs to the physical page: [ 12.112724] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100330 [ 12.113178] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.113441] flags: 0x200000000000040(head|node=0|zone=2) [ 12.113669] page_type: f5(slab) [ 12.113833] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.114239] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.114739] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.115163] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.115534] head: 0200000000000001 ffffea000400cc01 00000000ffffffff 00000000ffffffff [ 12.115820] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.116290] page dumped because: kasan: bad access detected [ 12.116518] [ 12.116586] Memory state around the buggy address: [ 12.116823] ffff88810032ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.117289] ffff888100330000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.117575] >ffff888100330080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.117951] ^ [ 12.118411] ffff888100330100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.118707] ffff888100330180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.119186] ================================================================== [ 12.172576] ================================================================== [ 12.172833] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 12.173473] Write of size 1 at addr ffff8881003300eb by task kunit_try_catch/175 [ 12.173772] [ 12.173862] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.173901] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.173912] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.173941] Call Trace: [ 12.173955] <TASK> [ 12.173969] dump_stack_lvl+0x73/0xb0 [ 12.173997] print_report+0xd1/0x650 [ 12.174017] ? __virt_addr_valid+0x1db/0x2d0 [ 12.174040] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.174063] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.174086] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.174115] kasan_report+0x141/0x180 [ 12.174136] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.174165] __asan_report_store1_noabort+0x1b/0x30 [ 12.174189] krealloc_less_oob_helper+0xd47/0x11d0 [ 12.174215] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.174240] ? finish_task_switch.isra.0+0x153/0x700 [ 12.174262] ? __switch_to+0x47/0xf50 [ 12.174287] ? __schedule+0x10cc/0x2b60 [ 12.174308] ? __pfx_read_tsc+0x10/0x10 [ 12.174331] krealloc_less_oob+0x1c/0x30 [ 12.174352] kunit_try_run_case+0x1a5/0x480 [ 12.174375] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.174397] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.174420] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.174444] ? __kthread_parkme+0x82/0x180 [ 12.174463] ? preempt_count_sub+0x50/0x80 [ 12.174486] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.174515] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.174539] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.174564] kthread+0x337/0x6f0 [ 12.174582] ? trace_preempt_on+0x20/0xc0 [ 12.174604] ? __pfx_kthread+0x10/0x10 [ 12.174624] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.174645] ? calculate_sigpending+0x7b/0xa0 [ 12.174668] ? __pfx_kthread+0x10/0x10 [ 12.174689] ret_from_fork+0x116/0x1d0 [ 12.174706] ? __pfx_kthread+0x10/0x10 [ 12.174726] ret_from_fork_asm+0x1a/0x30 [ 12.174757] </TASK> [ 12.174766] [ 12.182786] Allocated by task 175: [ 12.182934] kasan_save_stack+0x45/0x70 [ 12.183082] kasan_save_track+0x18/0x40 [ 12.183509] kasan_save_alloc_info+0x3b/0x50 [ 12.183726] __kasan_krealloc+0x190/0x1f0 [ 12.183948] krealloc_noprof+0xf3/0x340 [ 12.184233] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.184440] krealloc_less_oob+0x1c/0x30 [ 12.184579] kunit_try_run_case+0x1a5/0x480 [ 12.184722] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.184958] kthread+0x337/0x6f0 [ 12.185132] ret_from_fork+0x116/0x1d0 [ 12.185324] ret_from_fork_asm+0x1a/0x30 [ 12.185522] [ 12.185842] The buggy address belongs to the object at ffff888100330000 [ 12.185842] which belongs to the cache kmalloc-256 of size 256 [ 12.186404] The buggy address is located 34 bytes to the right of [ 12.186404] allocated 201-byte region [ffff888100330000, ffff8881003300c9) [ 12.186808] [ 12.186983] The buggy address belongs to the physical page: [ 12.187373] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100330 [ 12.187906] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.188293] flags: 0x200000000000040(head|node=0|zone=2) [ 12.188470] page_type: f5(slab) [ 12.188596] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.188935] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.189270] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.189809] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.190209] head: 0200000000000001 ffffea000400cc01 00000000ffffffff 00000000ffffffff [ 12.190533] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.190759] page dumped because: kasan: bad access detected [ 12.190963] [ 12.191058] Memory state around the buggy address: [ 12.191278] ffff88810032ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.191719] ffff888100330000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.192019] >ffff888100330080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.192362] ^ [ 12.192606] ffff888100330100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.192928] ffff888100330180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.193157] ================================================================== [ 12.269789] ================================================================== [ 12.270652] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 12.271518] Write of size 1 at addr ffff888102a3e0da by task kunit_try_catch/179 [ 12.272946] [ 12.273310] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.273356] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.273367] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.273386] Call Trace: [ 12.273401] <TASK> [ 12.273424] dump_stack_lvl+0x73/0xb0 [ 12.273454] print_report+0xd1/0x650 [ 12.273683] ? __virt_addr_valid+0x1db/0x2d0 [ 12.273707] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.273731] ? kasan_addr_to_slab+0x11/0xa0 [ 12.273762] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.273786] kasan_report+0x141/0x180 [ 12.273807] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.273836] __asan_report_store1_noabort+0x1b/0x30 [ 12.273860] krealloc_less_oob_helper+0xec6/0x11d0 [ 12.273886] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.273911] ? finish_task_switch.isra.0+0x153/0x700 [ 12.273944] ? __switch_to+0x47/0xf50 [ 12.273968] ? __schedule+0x10cc/0x2b60 [ 12.273990] ? __pfx_read_tsc+0x10/0x10 [ 12.274013] krealloc_large_less_oob+0x1c/0x30 [ 12.274036] kunit_try_run_case+0x1a5/0x480 [ 12.274060] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.274082] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.274105] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.274128] ? __kthread_parkme+0x82/0x180 [ 12.274148] ? preempt_count_sub+0x50/0x80 [ 12.274170] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.274194] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.274218] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.274242] kthread+0x337/0x6f0 [ 12.274261] ? trace_preempt_on+0x20/0xc0 [ 12.274284] ? __pfx_kthread+0x10/0x10 [ 12.274304] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.274325] ? calculate_sigpending+0x7b/0xa0 [ 12.274348] ? __pfx_kthread+0x10/0x10 [ 12.274369] ret_from_fork+0x116/0x1d0 [ 12.274386] ? __pfx_kthread+0x10/0x10 [ 12.274406] ret_from_fork_asm+0x1a/0x30 [ 12.274438] </TASK> [ 12.274447] [ 12.287181] The buggy address belongs to the physical page: [ 12.287431] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a3c [ 12.287954] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.288529] flags: 0x200000000000040(head|node=0|zone=2) [ 12.288949] page_type: f8(unknown) [ 12.289147] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.289659] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.290426] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.290750] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.291314] head: 0200000000000002 ffffea00040a8f01 00000000ffffffff 00000000ffffffff [ 12.291783] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.292237] page dumped because: kasan: bad access detected [ 12.292458] [ 12.292554] Memory state around the buggy address: [ 12.293145] ffff888102a3df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.293447] ffff888102a3e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.293988] >ffff888102a3e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.294593] ^ [ 12.294979] ffff888102a3e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.295518] ffff888102a3e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.296153] ================================================================== [ 12.120998] ================================================================== [ 12.121433] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 12.121679] Write of size 1 at addr ffff8881003300da by task kunit_try_catch/175 [ 12.122367] [ 12.122731] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.122773] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.122784] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.122803] Call Trace: [ 12.122814] <TASK> [ 12.122828] dump_stack_lvl+0x73/0xb0 [ 12.122872] print_report+0xd1/0x650 [ 12.122902] ? __virt_addr_valid+0x1db/0x2d0 [ 12.122938] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.122961] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.122983] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.123007] kasan_report+0x141/0x180 [ 12.123030] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.123059] __asan_report_store1_noabort+0x1b/0x30 [ 12.123084] krealloc_less_oob_helper+0xec6/0x11d0 [ 12.123110] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.123134] ? finish_task_switch.isra.0+0x153/0x700 [ 12.123155] ? __switch_to+0x47/0xf50 [ 12.123180] ? __schedule+0x10cc/0x2b60 [ 12.123202] ? __pfx_read_tsc+0x10/0x10 [ 12.123225] krealloc_less_oob+0x1c/0x30 [ 12.123246] kunit_try_run_case+0x1a5/0x480 [ 12.123269] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.123291] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.123313] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.123336] ? __kthread_parkme+0x82/0x180 [ 12.123355] ? preempt_count_sub+0x50/0x80 [ 12.123378] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.123402] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.123426] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.123450] kthread+0x337/0x6f0 [ 12.123468] ? trace_preempt_on+0x20/0xc0 [ 12.123490] ? __pfx_kthread+0x10/0x10 [ 12.123510] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.123531] ? calculate_sigpending+0x7b/0xa0 [ 12.123556] ? __pfx_kthread+0x10/0x10 [ 12.123580] ret_from_fork+0x116/0x1d0 [ 12.123597] ? __pfx_kthread+0x10/0x10 [ 12.123617] ret_from_fork_asm+0x1a/0x30 [ 12.123648] </TASK> [ 12.123657] [ 12.138342] Allocated by task 175: [ 12.138534] kasan_save_stack+0x45/0x70 [ 12.139130] kasan_save_track+0x18/0x40 [ 12.139495] kasan_save_alloc_info+0x3b/0x50 [ 12.139710] __kasan_krealloc+0x190/0x1f0 [ 12.140004] krealloc_noprof+0xf3/0x340 [ 12.140205] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.140561] krealloc_less_oob+0x1c/0x30 [ 12.140789] kunit_try_run_case+0x1a5/0x480 [ 12.141238] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.141548] kthread+0x337/0x6f0 [ 12.141716] ret_from_fork+0x116/0x1d0 [ 12.141905] ret_from_fork_asm+0x1a/0x30 [ 12.142089] [ 12.142185] The buggy address belongs to the object at ffff888100330000 [ 12.142185] which belongs to the cache kmalloc-256 of size 256 [ 12.142705] The buggy address is located 17 bytes to the right of [ 12.142705] allocated 201-byte region [ffff888100330000, ffff8881003300c9) [ 12.143387] [ 12.143488] The buggy address belongs to the physical page: [ 12.143714] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100330 [ 12.143980] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.144388] flags: 0x200000000000040(head|node=0|zone=2) [ 12.144647] page_type: f5(slab) [ 12.144844] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.145365] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.145673] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.145995] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.146436] head: 0200000000000001 ffffea000400cc01 00000000ffffffff 00000000ffffffff [ 12.146749] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.147181] page dumped because: kasan: bad access detected [ 12.147397] [ 12.147491] Memory state around the buggy address: [ 12.147663] ffff88810032ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.148086] ffff888100330000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.148352] >ffff888100330080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.148666] ^ [ 12.148908] ffff888100330100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.149420] ffff888100330180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.149694] ================================================================== [ 12.296598] ================================================================== [ 12.297232] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 12.297776] Write of size 1 at addr ffff888102a3e0ea by task kunit_try_catch/179 [ 12.298287] [ 12.298616] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.298662] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.298674] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.298693] Call Trace: [ 12.298705] <TASK> [ 12.298717] dump_stack_lvl+0x73/0xb0 [ 12.298746] print_report+0xd1/0x650 [ 12.298769] ? __virt_addr_valid+0x1db/0x2d0 [ 12.298791] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.298815] ? kasan_addr_to_slab+0x11/0xa0 [ 12.298836] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.298860] kasan_report+0x141/0x180 [ 12.298882] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.298912] __asan_report_store1_noabort+0x1b/0x30 [ 12.298949] krealloc_less_oob_helper+0xe90/0x11d0 [ 12.298975] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.298999] ? finish_task_switch.isra.0+0x153/0x700 [ 12.299160] ? __switch_to+0x47/0xf50 [ 12.299186] ? __schedule+0x10cc/0x2b60 [ 12.299208] ? __pfx_read_tsc+0x10/0x10 [ 12.299232] krealloc_large_less_oob+0x1c/0x30 [ 12.299255] kunit_try_run_case+0x1a5/0x480 [ 12.299278] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.299301] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.299324] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.299348] ? __kthread_parkme+0x82/0x180 [ 12.299367] ? preempt_count_sub+0x50/0x80 [ 12.299390] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.299414] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.299437] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.299462] kthread+0x337/0x6f0 [ 12.299480] ? trace_preempt_on+0x20/0xc0 [ 12.299502] ? __pfx_kthread+0x10/0x10 [ 12.299522] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.299543] ? calculate_sigpending+0x7b/0xa0 [ 12.299566] ? __pfx_kthread+0x10/0x10 [ 12.299587] ret_from_fork+0x116/0x1d0 [ 12.299605] ? __pfx_kthread+0x10/0x10 [ 12.299625] ret_from_fork_asm+0x1a/0x30 [ 12.299656] </TASK> [ 12.299666] [ 12.308559] The buggy address belongs to the physical page: [ 12.308785] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a3c [ 12.309084] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.309315] flags: 0x200000000000040(head|node=0|zone=2) [ 12.309561] page_type: f8(unknown) [ 12.309764] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.310333] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.310636] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.310866] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.311226] head: 0200000000000002 ffffea00040a8f01 00000000ffffffff 00000000ffffffff [ 12.311570] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.311844] page dumped because: kasan: bad access detected [ 12.312194] [ 12.312291] Memory state around the buggy address: [ 12.312503] ffff888102a3df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.312716] ffff888102a3e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.313051] >ffff888102a3e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.313372] ^ [ 12.313728] ffff888102a3e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.314054] ffff888102a3e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.314358] ================================================================== [ 12.314659] ================================================================== [ 12.315117] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 12.315525] Write of size 1 at addr ffff888102a3e0eb by task kunit_try_catch/179 [ 12.316041] [ 12.316227] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.316269] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.316279] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.316297] Call Trace: [ 12.316311] <TASK> [ 12.316325] dump_stack_lvl+0x73/0xb0 [ 12.316353] print_report+0xd1/0x650 [ 12.316374] ? __virt_addr_valid+0x1db/0x2d0 [ 12.316397] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.316422] ? kasan_addr_to_slab+0x11/0xa0 [ 12.316442] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.316466] kasan_report+0x141/0x180 [ 12.316487] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.316516] __asan_report_store1_noabort+0x1b/0x30 [ 12.316540] krealloc_less_oob_helper+0xd47/0x11d0 [ 12.316566] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.316590] ? finish_task_switch.isra.0+0x153/0x700 [ 12.316612] ? __switch_to+0x47/0xf50 [ 12.316636] ? __schedule+0x10cc/0x2b60 [ 12.316657] ? __pfx_read_tsc+0x10/0x10 [ 12.316680] krealloc_large_less_oob+0x1c/0x30 [ 12.316703] kunit_try_run_case+0x1a5/0x480 [ 12.316727] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.316749] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.316771] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.316794] ? __kthread_parkme+0x82/0x180 [ 12.316814] ? preempt_count_sub+0x50/0x80 [ 12.316836] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.316860] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.316884] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.316908] kthread+0x337/0x6f0 [ 12.316939] ? trace_preempt_on+0x20/0xc0 [ 12.316975] ? __pfx_kthread+0x10/0x10 [ 12.316995] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.317016] ? calculate_sigpending+0x7b/0xa0 [ 12.317040] ? __pfx_kthread+0x10/0x10 [ 12.317060] ret_from_fork+0x116/0x1d0 [ 12.317078] ? __pfx_kthread+0x10/0x10 [ 12.317109] ret_from_fork_asm+0x1a/0x30 [ 12.317141] </TASK> [ 12.317150] [ 12.325226] The buggy address belongs to the physical page: [ 12.325458] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a3c [ 12.325789] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.326907] flags: 0x200000000000040(head|node=0|zone=2) [ 12.327512] page_type: f8(unknown) [ 12.327666] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.328180] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.328519] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.328973] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.329300] head: 0200000000000002 ffffea00040a8f01 00000000ffffffff 00000000ffffffff [ 12.329640] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.330128] page dumped because: kasan: bad access detected [ 12.330463] [ 12.330567] Memory state around the buggy address: [ 12.330771] ffff888102a3df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.331272] ffff888102a3e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.331574] >ffff888102a3e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.332019] ^ [ 12.332306] ffff888102a3e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.332709] ffff888102a3e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.333215] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 12.212653] ================================================================== [ 12.213306] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 12.213639] Write of size 1 at addr ffff888102a3e0f0 by task kunit_try_catch/177 [ 12.213941] [ 12.214022] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.214060] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.214071] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.214089] Call Trace: [ 12.214101] <TASK> [ 12.214113] dump_stack_lvl+0x73/0xb0 [ 12.214140] print_report+0xd1/0x650 [ 12.214162] ? __virt_addr_valid+0x1db/0x2d0 [ 12.214184] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.214208] ? kasan_addr_to_slab+0x11/0xa0 [ 12.214228] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.214252] kasan_report+0x141/0x180 [ 12.214322] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.214354] __asan_report_store1_noabort+0x1b/0x30 [ 12.214379] krealloc_more_oob_helper+0x7eb/0x930 [ 12.214402] ? __schedule+0x10cc/0x2b60 [ 12.214424] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.214449] ? finish_task_switch.isra.0+0x153/0x700 [ 12.214471] ? __switch_to+0x47/0xf50 [ 12.214496] ? __schedule+0x10cc/0x2b60 [ 12.214525] ? __pfx_read_tsc+0x10/0x10 [ 12.214549] krealloc_large_more_oob+0x1c/0x30 [ 12.214572] kunit_try_run_case+0x1a5/0x480 [ 12.214596] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.214619] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.214644] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.214667] ? __kthread_parkme+0x82/0x180 [ 12.214687] ? preempt_count_sub+0x50/0x80 [ 12.214711] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.214737] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.214763] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.214789] kthread+0x337/0x6f0 [ 12.214808] ? trace_preempt_on+0x20/0xc0 [ 12.214830] ? __pfx_kthread+0x10/0x10 [ 12.214851] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.214872] ? calculate_sigpending+0x7b/0xa0 [ 12.214908] ? __pfx_kthread+0x10/0x10 [ 12.214939] ret_from_fork+0x116/0x1d0 [ 12.214957] ? __pfx_kthread+0x10/0x10 [ 12.214977] ret_from_fork_asm+0x1a/0x30 [ 12.215009] </TASK> [ 12.215019] [ 12.222808] The buggy address belongs to the physical page: [ 12.223002] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a3c [ 12.223755] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.224331] flags: 0x200000000000040(head|node=0|zone=2) [ 12.224598] page_type: f8(unknown) [ 12.224775] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.225080] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.225315] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.225667] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.226400] head: 0200000000000002 ffffea00040a8f01 00000000ffffffff 00000000ffffffff [ 12.226751] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.226993] page dumped because: kasan: bad access detected [ 12.227266] [ 12.227367] Memory state around the buggy address: [ 12.227584] ffff888102a3df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.227948] ffff888102a3e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.228351] >ffff888102a3e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 12.228635] ^ [ 12.228914] ffff888102a3e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.229504] ffff888102a3e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.229825] ================================================================== [ 12.019123] ================================================================== [ 12.019366] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 12.019607] Write of size 1 at addr ffff88810032def0 by task kunit_try_catch/173 [ 12.019995] [ 12.020170] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.020210] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.020221] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.020239] Call Trace: [ 12.020255] <TASK> [ 12.020270] dump_stack_lvl+0x73/0xb0 [ 12.020297] print_report+0xd1/0x650 [ 12.020317] ? __virt_addr_valid+0x1db/0x2d0 [ 12.020338] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.020375] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.020398] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.020422] kasan_report+0x141/0x180 [ 12.020444] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.020472] __asan_report_store1_noabort+0x1b/0x30 [ 12.020497] krealloc_more_oob_helper+0x7eb/0x930 [ 12.020519] ? __schedule+0x10cc/0x2b60 [ 12.020541] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.020566] ? finish_task_switch.isra.0+0x153/0x700 [ 12.020589] ? __switch_to+0x47/0xf50 [ 12.020614] ? __schedule+0x10cc/0x2b60 [ 12.020635] ? __pfx_read_tsc+0x10/0x10 [ 12.020660] krealloc_more_oob+0x1c/0x30 [ 12.020683] kunit_try_run_case+0x1a5/0x480 [ 12.020709] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.020733] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.020766] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.020789] ? __kthread_parkme+0x82/0x180 [ 12.020809] ? preempt_count_sub+0x50/0x80 [ 12.020832] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.020856] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.020880] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.020904] kthread+0x337/0x6f0 [ 12.020933] ? trace_preempt_on+0x20/0xc0 [ 12.020956] ? __pfx_kthread+0x10/0x10 [ 12.020976] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.020997] ? calculate_sigpending+0x7b/0xa0 [ 12.021031] ? __pfx_kthread+0x10/0x10 [ 12.021053] ret_from_fork+0x116/0x1d0 [ 12.021070] ? __pfx_kthread+0x10/0x10 [ 12.021090] ret_from_fork_asm+0x1a/0x30 [ 12.021122] </TASK> [ 12.021131] [ 12.035047] Allocated by task 173: [ 12.035483] kasan_save_stack+0x45/0x70 [ 12.035830] kasan_save_track+0x18/0x40 [ 12.036238] kasan_save_alloc_info+0x3b/0x50 [ 12.036726] __kasan_krealloc+0x190/0x1f0 [ 12.037131] krealloc_noprof+0xf3/0x340 [ 12.037310] krealloc_more_oob_helper+0x1a9/0x930 [ 12.037472] krealloc_more_oob+0x1c/0x30 [ 12.037608] kunit_try_run_case+0x1a5/0x480 [ 12.037762] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.038240] kthread+0x337/0x6f0 [ 12.038605] ret_from_fork+0x116/0x1d0 [ 12.038995] ret_from_fork_asm+0x1a/0x30 [ 12.039539] [ 12.039706] The buggy address belongs to the object at ffff88810032de00 [ 12.039706] which belongs to the cache kmalloc-256 of size 256 [ 12.040974] The buggy address is located 5 bytes to the right of [ 12.040974] allocated 235-byte region [ffff88810032de00, ffff88810032deeb) [ 12.041646] [ 12.041720] The buggy address belongs to the physical page: [ 12.042201] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10032c [ 12.042988] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.043852] flags: 0x200000000000040(head|node=0|zone=2) [ 12.044205] page_type: f5(slab) [ 12.044498] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.044837] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.045112] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.045787] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.046601] head: 0200000000000001 ffffea000400cb01 00000000ffffffff 00000000ffffffff [ 12.047344] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.047581] page dumped because: kasan: bad access detected [ 12.047761] [ 12.047913] Memory state around the buggy address: [ 12.048333] ffff88810032dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.049053] ffff88810032de00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.049659] >ffff88810032de80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 12.050456] ^ [ 12.050837] ffff88810032df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.051297] ffff88810032df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.051957] ================================================================== [ 12.195699] ================================================================== [ 12.196718] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 12.197065] Write of size 1 at addr ffff888102a3e0eb by task kunit_try_catch/177 [ 12.197407] [ 12.197613] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.197658] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.197669] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.197689] Call Trace: [ 12.197702] <TASK> [ 12.197718] dump_stack_lvl+0x73/0xb0 [ 12.197749] print_report+0xd1/0x650 [ 12.197771] ? __virt_addr_valid+0x1db/0x2d0 [ 12.197795] ? krealloc_more_oob_helper+0x821/0x930 [ 12.197819] ? kasan_addr_to_slab+0x11/0xa0 [ 12.197840] ? krealloc_more_oob_helper+0x821/0x930 [ 12.197864] kasan_report+0x141/0x180 [ 12.197887] ? krealloc_more_oob_helper+0x821/0x930 [ 12.197916] __asan_report_store1_noabort+0x1b/0x30 [ 12.197954] krealloc_more_oob_helper+0x821/0x930 [ 12.197977] ? __schedule+0x10cc/0x2b60 [ 12.197999] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.198024] ? finish_task_switch.isra.0+0x153/0x700 [ 12.198047] ? __switch_to+0x47/0xf50 [ 12.198085] ? __schedule+0x10cc/0x2b60 [ 12.198107] ? __pfx_read_tsc+0x10/0x10 [ 12.198132] krealloc_large_more_oob+0x1c/0x30 [ 12.198155] kunit_try_run_case+0x1a5/0x480 [ 12.198180] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.198202] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.198226] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.198250] ? __kthread_parkme+0x82/0x180 [ 12.198270] ? preempt_count_sub+0x50/0x80 [ 12.198295] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.198319] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.198343] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.198368] kthread+0x337/0x6f0 [ 12.198386] ? trace_preempt_on+0x20/0xc0 [ 12.198409] ? __pfx_kthread+0x10/0x10 [ 12.198430] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.198451] ? calculate_sigpending+0x7b/0xa0 [ 12.198475] ? __pfx_kthread+0x10/0x10 [ 12.198496] ret_from_fork+0x116/0x1d0 [ 12.198523] ? __pfx_kthread+0x10/0x10 [ 12.198543] ret_from_fork_asm+0x1a/0x30 [ 12.198576] </TASK> [ 12.198586] [ 12.206514] The buggy address belongs to the physical page: [ 12.206742] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a3c [ 12.207104] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.207462] flags: 0x200000000000040(head|node=0|zone=2) [ 12.207663] page_type: f8(unknown) [ 12.207888] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.208162] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.208423] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.208780] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.209138] head: 0200000000000002 ffffea00040a8f01 00000000ffffffff 00000000ffffffff [ 12.209409] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.209745] page dumped because: kasan: bad access detected [ 12.210118] [ 12.210198] Memory state around the buggy address: [ 12.210377] ffff888102a3df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.210690] ffff888102a3e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.211065] >ffff888102a3e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 12.211343] ^ [ 12.211613] ffff888102a3e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.211910] ffff888102a3e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.212222] ================================================================== [ 11.986247] ================================================================== [ 11.987343] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 11.987613] Write of size 1 at addr ffff88810032deeb by task kunit_try_catch/173 [ 11.987836] [ 11.987936] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 11.987979] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.987990] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.988010] Call Trace: [ 11.988022] <TASK> [ 11.988038] dump_stack_lvl+0x73/0xb0 [ 11.988069] print_report+0xd1/0x650 [ 11.988091] ? __virt_addr_valid+0x1db/0x2d0 [ 11.988115] ? krealloc_more_oob_helper+0x821/0x930 [ 11.988138] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.988160] ? krealloc_more_oob_helper+0x821/0x930 [ 11.988184] kasan_report+0x141/0x180 [ 11.988205] ? krealloc_more_oob_helper+0x821/0x930 [ 11.988234] __asan_report_store1_noabort+0x1b/0x30 [ 11.988258] krealloc_more_oob_helper+0x821/0x930 [ 11.988281] ? __schedule+0x10cc/0x2b60 [ 11.988303] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.988327] ? finish_task_switch.isra.0+0x153/0x700 [ 11.988350] ? __switch_to+0x47/0xf50 [ 11.988377] ? __schedule+0x10cc/0x2b60 [ 11.988397] ? __pfx_read_tsc+0x10/0x10 [ 11.988421] krealloc_more_oob+0x1c/0x30 [ 11.988442] kunit_try_run_case+0x1a5/0x480 [ 11.988467] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.988489] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.988512] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.988535] ? __kthread_parkme+0x82/0x180 [ 11.988555] ? preempt_count_sub+0x50/0x80 [ 11.988578] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.988603] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.988626] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.988651] kthread+0x337/0x6f0 [ 11.988669] ? trace_preempt_on+0x20/0xc0 [ 11.988691] ? __pfx_kthread+0x10/0x10 [ 11.988711] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.988732] ? calculate_sigpending+0x7b/0xa0 [ 11.988757] ? __pfx_kthread+0x10/0x10 [ 11.988778] ret_from_fork+0x116/0x1d0 [ 11.988796] ? __pfx_kthread+0x10/0x10 [ 11.988816] ret_from_fork_asm+0x1a/0x30 [ 11.988848] </TASK> [ 11.988858] [ 12.003548] Allocated by task 173: [ 12.003742] kasan_save_stack+0x45/0x70 [ 12.004076] kasan_save_track+0x18/0x40 [ 12.004481] kasan_save_alloc_info+0x3b/0x50 [ 12.004684] __kasan_krealloc+0x190/0x1f0 [ 12.004964] krealloc_noprof+0xf3/0x340 [ 12.005268] krealloc_more_oob_helper+0x1a9/0x930 [ 12.005562] krealloc_more_oob+0x1c/0x30 [ 12.005742] kunit_try_run_case+0x1a5/0x480 [ 12.006147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.006370] kthread+0x337/0x6f0 [ 12.006616] ret_from_fork+0x116/0x1d0 [ 12.006792] ret_from_fork_asm+0x1a/0x30 [ 12.007196] [ 12.007282] The buggy address belongs to the object at ffff88810032de00 [ 12.007282] which belongs to the cache kmalloc-256 of size 256 [ 12.007747] The buggy address is located 0 bytes to the right of [ 12.007747] allocated 235-byte region [ffff88810032de00, ffff88810032deeb) [ 12.008509] [ 12.008609] The buggy address belongs to the physical page: [ 12.009052] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10032c [ 12.009555] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.009975] flags: 0x200000000000040(head|node=0|zone=2) [ 12.010321] page_type: f5(slab) [ 12.010506] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.010954] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.011458] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.012019] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.012819] head: 0200000000000001 ffffea000400cb01 00000000ffffffff 00000000ffffffff [ 12.013429] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.013664] page dumped because: kasan: bad access detected [ 12.014158] [ 12.014361] Memory state around the buggy address: [ 12.015007] ffff88810032dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.015867] ffff88810032de00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.016575] >ffff88810032de80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 12.016830] ^ [ 12.017055] ffff88810032df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.017706] ffff88810032df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.018331] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 11.964422] ================================================================== [ 11.965043] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 11.965355] Read of size 1 at addr ffff888103980000 by task kunit_try_catch/171 [ 11.965646] [ 11.965758] CPU: 1 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 11.965799] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.965810] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.965829] Call Trace: [ 11.965841] <TASK> [ 11.965854] dump_stack_lvl+0x73/0xb0 [ 11.965882] print_report+0xd1/0x650 [ 11.965903] ? __virt_addr_valid+0x1db/0x2d0 [ 11.965937] ? page_alloc_uaf+0x356/0x3d0 [ 11.965958] ? kasan_addr_to_slab+0x11/0xa0 [ 11.965978] ? page_alloc_uaf+0x356/0x3d0 [ 11.965999] kasan_report+0x141/0x180 [ 11.966074] ? page_alloc_uaf+0x356/0x3d0 [ 11.966102] __asan_report_load1_noabort+0x18/0x20 [ 11.966127] page_alloc_uaf+0x356/0x3d0 [ 11.966148] ? __pfx_page_alloc_uaf+0x10/0x10 [ 11.966170] ? __schedule+0x10cc/0x2b60 [ 11.966192] ? __pfx_read_tsc+0x10/0x10 [ 11.966213] ? ktime_get_ts64+0x86/0x230 [ 11.966237] kunit_try_run_case+0x1a5/0x480 [ 11.966261] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.966283] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.966307] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.966331] ? __kthread_parkme+0x82/0x180 [ 11.966351] ? preempt_count_sub+0x50/0x80 [ 11.966374] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.966398] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.966422] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.966446] kthread+0x337/0x6f0 [ 11.966464] ? trace_preempt_on+0x20/0xc0 [ 11.966488] ? __pfx_kthread+0x10/0x10 [ 11.966513] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.966534] ? calculate_sigpending+0x7b/0xa0 [ 11.966558] ? __pfx_kthread+0x10/0x10 [ 11.966579] ret_from_fork+0x116/0x1d0 [ 11.966596] ? __pfx_kthread+0x10/0x10 [ 11.966616] ret_from_fork_asm+0x1a/0x30 [ 11.966648] </TASK> [ 11.966657] [ 11.976228] The buggy address belongs to the physical page: [ 11.976679] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103980 [ 11.977409] flags: 0x200000000000000(node=0|zone=2) [ 11.977976] page_type: f0(buddy) [ 11.978329] raw: 0200000000000000 ffff88817fffb538 ffff88817fffb538 0000000000000000 [ 11.978568] raw: 0000000000000000 0000000000000007 00000000f0000000 0000000000000000 [ 11.978968] page dumped because: kasan: bad access detected [ 11.979509] [ 11.979727] Memory state around the buggy address: [ 11.980227] ffff88810397ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.980944] ffff88810397ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.981391] >ffff888103980000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.981607] ^ [ 11.981725] ffff888103980080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.982411] ffff888103980100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.983138] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 11.926725] ================================================================== [ 11.928068] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 11.928418] Free of addr ffff888102948001 by task kunit_try_catch/167 [ 11.928634] [ 11.928719] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 11.928759] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.928771] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.928789] Call Trace: [ 11.928801] <TASK> [ 11.928816] dump_stack_lvl+0x73/0xb0 [ 11.928843] print_report+0xd1/0x650 [ 11.928864] ? __virt_addr_valid+0x1db/0x2d0 [ 11.928887] ? kasan_addr_to_slab+0x11/0xa0 [ 11.928906] ? kfree+0x274/0x3f0 [ 11.928939] kasan_report_invalid_free+0x10a/0x130 [ 11.928963] ? kfree+0x274/0x3f0 [ 11.928986] ? kfree+0x274/0x3f0 [ 11.929005] __kasan_kfree_large+0x86/0xd0 [ 11.929026] free_large_kmalloc+0x4b/0x110 [ 11.929049] kfree+0x274/0x3f0 [ 11.929074] kmalloc_large_invalid_free+0x120/0x2b0 [ 11.929096] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 11.929120] ? __schedule+0x10cc/0x2b60 [ 11.929141] ? __pfx_read_tsc+0x10/0x10 [ 11.929161] ? ktime_get_ts64+0x86/0x230 [ 11.929185] kunit_try_run_case+0x1a5/0x480 [ 11.929209] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.929254] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.929279] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.929303] ? __kthread_parkme+0x82/0x180 [ 11.929322] ? preempt_count_sub+0x50/0x80 [ 11.929346] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.929369] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.929393] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.929417] kthread+0x337/0x6f0 [ 11.929435] ? trace_preempt_on+0x20/0xc0 [ 11.929457] ? __pfx_kthread+0x10/0x10 [ 11.929495] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.929516] ? calculate_sigpending+0x7b/0xa0 [ 11.929554] ? __pfx_kthread+0x10/0x10 [ 11.929575] ret_from_fork+0x116/0x1d0 [ 11.929593] ? __pfx_kthread+0x10/0x10 [ 11.929612] ret_from_fork_asm+0x1a/0x30 [ 11.929643] </TASK> [ 11.929652] [ 11.946208] The buggy address belongs to the physical page: [ 11.946915] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102948 [ 11.947636] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.948225] flags: 0x200000000000040(head|node=0|zone=2) [ 11.948861] page_type: f8(unknown) [ 11.949329] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.949635] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.950401] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.951289] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.951528] head: 0200000000000002 ffffea00040a5201 00000000ffffffff 00000000ffffffff [ 11.951768] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.952494] page dumped because: kasan: bad access detected [ 11.953181] [ 11.953369] Memory state around the buggy address: [ 11.953798] ffff888102947f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.954499] ffff888102947f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.954889] >ffff888102948000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.955257] ^ [ 11.955563] ffff888102948080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.956294] ffff888102948100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.957074] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 11.910334] ================================================================== [ 11.910931] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 11.911279] Read of size 1 at addr ffff888102a38000 by task kunit_try_catch/165 [ 11.911549] [ 11.911632] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 11.911689] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.911700] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.911718] Call Trace: [ 11.911729] <TASK> [ 11.911743] dump_stack_lvl+0x73/0xb0 [ 11.911771] print_report+0xd1/0x650 [ 11.911807] ? __virt_addr_valid+0x1db/0x2d0 [ 11.911830] ? kmalloc_large_uaf+0x2f1/0x340 [ 11.911850] ? kasan_addr_to_slab+0x11/0xa0 [ 11.911881] ? kmalloc_large_uaf+0x2f1/0x340 [ 11.911902] kasan_report+0x141/0x180 [ 11.911941] ? kmalloc_large_uaf+0x2f1/0x340 [ 11.911967] __asan_report_load1_noabort+0x18/0x20 [ 11.911991] kmalloc_large_uaf+0x2f1/0x340 [ 11.912023] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 11.912045] ? __schedule+0x10cc/0x2b60 [ 11.912066] ? __pfx_read_tsc+0x10/0x10 [ 11.912098] ? ktime_get_ts64+0x86/0x230 [ 11.912121] kunit_try_run_case+0x1a5/0x480 [ 11.912145] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.912179] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.912201] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.912225] ? __kthread_parkme+0x82/0x180 [ 11.912271] ? preempt_count_sub+0x50/0x80 [ 11.912295] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.912330] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.912354] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.912378] kthread+0x337/0x6f0 [ 11.912396] ? trace_preempt_on+0x20/0xc0 [ 11.912419] ? __pfx_kthread+0x10/0x10 [ 11.912439] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.912460] ? calculate_sigpending+0x7b/0xa0 [ 11.912483] ? __pfx_kthread+0x10/0x10 [ 11.912504] ret_from_fork+0x116/0x1d0 [ 11.912522] ? __pfx_kthread+0x10/0x10 [ 11.912541] ret_from_fork_asm+0x1a/0x30 [ 11.912572] </TASK> [ 11.912581] [ 11.919582] The buggy address belongs to the physical page: [ 11.919962] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a38 [ 11.920318] flags: 0x200000000000000(node=0|zone=2) [ 11.920549] raw: 0200000000000000 ffffea00040a8f08 ffff88815b139f80 0000000000000000 [ 11.920777] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 11.921024] page dumped because: kasan: bad access detected [ 11.921308] [ 11.921421] Memory state around the buggy address: [ 11.921728] ffff888102a37f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.922070] ffff888102a37f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.922422] >ffff888102a38000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.922695] ^ [ 11.922980] ffff888102a38080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.923357] ffff888102a38100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.923736] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 11.888023] ================================================================== [ 11.888499] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 11.888979] Write of size 1 at addr ffff888102a3a00a by task kunit_try_catch/163 [ 11.889213] [ 11.889323] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 11.889364] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.889375] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.889394] Call Trace: [ 11.889471] <TASK> [ 11.889486] dump_stack_lvl+0x73/0xb0 [ 11.889530] print_report+0xd1/0x650 [ 11.889552] ? __virt_addr_valid+0x1db/0x2d0 [ 11.889575] ? kmalloc_large_oob_right+0x2e9/0x330 [ 11.889597] ? kasan_addr_to_slab+0x11/0xa0 [ 11.889618] ? kmalloc_large_oob_right+0x2e9/0x330 [ 11.889641] kasan_report+0x141/0x180 [ 11.889664] ? kmalloc_large_oob_right+0x2e9/0x330 [ 11.889694] __asan_report_store1_noabort+0x1b/0x30 [ 11.889719] kmalloc_large_oob_right+0x2e9/0x330 [ 11.889742] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 11.889767] ? __schedule+0x10cc/0x2b60 [ 11.889789] ? __pfx_read_tsc+0x10/0x10 [ 11.889810] ? ktime_get_ts64+0x86/0x230 [ 11.889834] kunit_try_run_case+0x1a5/0x480 [ 11.889858] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.889880] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.889903] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.889936] ? __kthread_parkme+0x82/0x180 [ 11.889955] ? preempt_count_sub+0x50/0x80 [ 11.889979] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.890003] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.890063] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.890088] kthread+0x337/0x6f0 [ 11.890107] ? trace_preempt_on+0x20/0xc0 [ 11.890130] ? __pfx_kthread+0x10/0x10 [ 11.890150] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.890171] ? calculate_sigpending+0x7b/0xa0 [ 11.890195] ? __pfx_kthread+0x10/0x10 [ 11.890216] ret_from_fork+0x116/0x1d0 [ 11.890234] ? __pfx_kthread+0x10/0x10 [ 11.890254] ret_from_fork_asm+0x1a/0x30 [ 11.890286] </TASK> [ 11.890295] [ 11.898730] The buggy address belongs to the physical page: [ 11.898958] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a38 [ 11.899298] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.899730] flags: 0x200000000000040(head|node=0|zone=2) [ 11.900078] page_type: f8(unknown) [ 11.900322] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.900544] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.901032] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.901382] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.901685] head: 0200000000000002 ffffea00040a8e01 00000000ffffffff 00000000ffffffff [ 11.902222] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.902473] page dumped because: kasan: bad access detected [ 11.902708] [ 11.902883] Memory state around the buggy address: [ 11.903295] ffff888102a39f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.903574] ffff888102a39f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.903961] >ffff888102a3a000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.904272] ^ [ 11.904394] ffff888102a3a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.904737] ffff888102a3a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.905093] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 11.849838] ================================================================== [ 11.850749] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 11.851014] Write of size 1 at addr ffff888102a75f00 by task kunit_try_catch/161 [ 11.852208] [ 11.852587] CPU: 0 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 11.852634] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.852794] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.852820] Call Trace: [ 11.852834] <TASK> [ 11.852891] dump_stack_lvl+0x73/0xb0 [ 11.852939] print_report+0xd1/0x650 [ 11.852962] ? __virt_addr_valid+0x1db/0x2d0 [ 11.852986] ? kmalloc_big_oob_right+0x316/0x370 [ 11.853008] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.853045] ? kmalloc_big_oob_right+0x316/0x370 [ 11.853067] kasan_report+0x141/0x180 [ 11.853088] ? kmalloc_big_oob_right+0x316/0x370 [ 11.853115] __asan_report_store1_noabort+0x1b/0x30 [ 11.853140] kmalloc_big_oob_right+0x316/0x370 [ 11.853163] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 11.853186] ? __schedule+0x10cc/0x2b60 [ 11.853208] ? __pfx_read_tsc+0x10/0x10 [ 11.853228] ? ktime_get_ts64+0x86/0x230 [ 11.853253] kunit_try_run_case+0x1a5/0x480 [ 11.853277] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.853299] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.853322] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.853345] ? __kthread_parkme+0x82/0x180 [ 11.853365] ? preempt_count_sub+0x50/0x80 [ 11.853389] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.853412] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.853436] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.853461] kthread+0x337/0x6f0 [ 11.853479] ? trace_preempt_on+0x20/0xc0 [ 11.853502] ? __pfx_kthread+0x10/0x10 [ 11.853521] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.853542] ? calculate_sigpending+0x7b/0xa0 [ 11.853565] ? __pfx_kthread+0x10/0x10 [ 11.853586] ret_from_fork+0x116/0x1d0 [ 11.853604] ? __pfx_kthread+0x10/0x10 [ 11.853624] ret_from_fork_asm+0x1a/0x30 [ 11.853657] </TASK> [ 11.853666] [ 11.868561] Allocated by task 161: [ 11.868898] kasan_save_stack+0x45/0x70 [ 11.869297] kasan_save_track+0x18/0x40 [ 11.869434] kasan_save_alloc_info+0x3b/0x50 [ 11.869582] __kasan_kmalloc+0xb7/0xc0 [ 11.869712] __kmalloc_cache_noprof+0x189/0x420 [ 11.870161] kmalloc_big_oob_right+0xa9/0x370 [ 11.870712] kunit_try_run_case+0x1a5/0x480 [ 11.871259] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.871813] kthread+0x337/0x6f0 [ 11.872274] ret_from_fork+0x116/0x1d0 [ 11.872649] ret_from_fork_asm+0x1a/0x30 [ 11.873068] [ 11.873357] The buggy address belongs to the object at ffff888102a74000 [ 11.873357] which belongs to the cache kmalloc-8k of size 8192 [ 11.873718] The buggy address is located 0 bytes to the right of [ 11.873718] allocated 7936-byte region [ffff888102a74000, ffff888102a75f00) [ 11.875100] [ 11.875270] The buggy address belongs to the physical page: [ 11.875765] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a70 [ 11.876339] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.876567] flags: 0x200000000000040(head|node=0|zone=2) [ 11.876743] page_type: f5(slab) [ 11.876864] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 11.877493] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 11.878004] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 11.878655] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 11.879271] head: 0200000000000003 ffffea00040a9c01 00000000ffffffff 00000000ffffffff [ 11.879849] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 11.880158] page dumped because: kasan: bad access detected [ 11.880683] [ 11.880881] Memory state around the buggy address: [ 11.881402] ffff888102a75e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.881974] ffff888102a75e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.882483] >ffff888102a75f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.882703] ^ [ 11.882844] ffff888102a75f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.883594] ffff888102a76000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.884439] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 11.825537] ================================================================== [ 11.826195] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.826530] Write of size 1 at addr ffff8881029f2b78 by task kunit_try_catch/159 [ 11.827008] [ 11.827103] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 11.827144] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.827154] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.827173] Call Trace: [ 11.827300] <TASK> [ 11.827317] dump_stack_lvl+0x73/0xb0 [ 11.827347] print_report+0xd1/0x650 [ 11.827368] ? __virt_addr_valid+0x1db/0x2d0 [ 11.827391] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.827416] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.827440] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.827466] kasan_report+0x141/0x180 [ 11.827487] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.827518] __asan_report_store1_noabort+0x1b/0x30 [ 11.827543] kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.827568] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 11.827595] ? __schedule+0x10cc/0x2b60 [ 11.827616] ? __pfx_read_tsc+0x10/0x10 [ 11.827636] ? ktime_get_ts64+0x86/0x230 [ 11.827659] kunit_try_run_case+0x1a5/0x480 [ 11.827682] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.827705] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.827727] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.827843] ? __kthread_parkme+0x82/0x180 [ 11.827865] ? preempt_count_sub+0x50/0x80 [ 11.827889] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.827913] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.827948] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.827973] kthread+0x337/0x6f0 [ 11.827991] ? trace_preempt_on+0x20/0xc0 [ 11.828014] ? __pfx_kthread+0x10/0x10 [ 11.828034] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.828055] ? calculate_sigpending+0x7b/0xa0 [ 11.828079] ? __pfx_kthread+0x10/0x10 [ 11.828100] ret_from_fork+0x116/0x1d0 [ 11.828118] ? __pfx_kthread+0x10/0x10 [ 11.828138] ret_from_fork_asm+0x1a/0x30 [ 11.828169] </TASK> [ 11.828179] [ 11.836997] Allocated by task 159: [ 11.837226] kasan_save_stack+0x45/0x70 [ 11.837550] kasan_save_track+0x18/0x40 [ 11.837884] kasan_save_alloc_info+0x3b/0x50 [ 11.838098] __kasan_kmalloc+0xb7/0xc0 [ 11.838265] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 11.838505] kmalloc_track_caller_oob_right+0x19a/0x520 [ 11.838735] kunit_try_run_case+0x1a5/0x480 [ 11.839249] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.839547] kthread+0x337/0x6f0 [ 11.839775] ret_from_fork+0x116/0x1d0 [ 11.840035] ret_from_fork_asm+0x1a/0x30 [ 11.840297] [ 11.840386] The buggy address belongs to the object at ffff8881029f2b00 [ 11.840386] which belongs to the cache kmalloc-128 of size 128 [ 11.840995] The buggy address is located 0 bytes to the right of [ 11.840995] allocated 120-byte region [ffff8881029f2b00, ffff8881029f2b78) [ 11.841622] [ 11.841867] The buggy address belongs to the physical page: [ 11.842096] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f2 [ 11.842425] flags: 0x200000000000000(node=0|zone=2) [ 11.842658] page_type: f5(slab) [ 11.843059] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.843365] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.843741] page dumped because: kasan: bad access detected [ 11.844095] [ 11.844166] Memory state around the buggy address: [ 11.844525] ffff8881029f2a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.844948] ffff8881029f2a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.845310] >ffff8881029f2b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.845588] ^ [ 11.846012] ffff8881029f2b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.846268] ffff8881029f2c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.846659] ================================================================== [ 11.802153] ================================================================== [ 11.802619] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.803290] Write of size 1 at addr ffff8881029f2a78 by task kunit_try_catch/159 [ 11.803672] [ 11.803775] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 11.803814] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.803825] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.803844] Call Trace: [ 11.803855] <TASK> [ 11.803868] dump_stack_lvl+0x73/0xb0 [ 11.803896] print_report+0xd1/0x650 [ 11.803931] ? __virt_addr_valid+0x1db/0x2d0 [ 11.803953] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.803978] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.804001] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.804255] kasan_report+0x141/0x180 [ 11.804281] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.804312] __asan_report_store1_noabort+0x1b/0x30 [ 11.804337] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.804362] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 11.804389] ? __schedule+0x10cc/0x2b60 [ 11.804412] ? __pfx_read_tsc+0x10/0x10 [ 11.804432] ? ktime_get_ts64+0x86/0x230 [ 11.804457] kunit_try_run_case+0x1a5/0x480 [ 11.804480] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.804503] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.804526] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.804549] ? __kthread_parkme+0x82/0x180 [ 11.804568] ? preempt_count_sub+0x50/0x80 [ 11.804592] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.804616] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.804640] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.804666] kthread+0x337/0x6f0 [ 11.804684] ? trace_preempt_on+0x20/0xc0 [ 11.804707] ? __pfx_kthread+0x10/0x10 [ 11.804728] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.804757] ? calculate_sigpending+0x7b/0xa0 [ 11.804781] ? __pfx_kthread+0x10/0x10 [ 11.804802] ret_from_fork+0x116/0x1d0 [ 11.804820] ? __pfx_kthread+0x10/0x10 [ 11.804840] ret_from_fork_asm+0x1a/0x30 [ 11.804871] </TASK> [ 11.804880] [ 11.814525] Allocated by task 159: [ 11.814819] kasan_save_stack+0x45/0x70 [ 11.815118] kasan_save_track+0x18/0x40 [ 11.815360] kasan_save_alloc_info+0x3b/0x50 [ 11.815572] __kasan_kmalloc+0xb7/0xc0 [ 11.815744] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 11.816177] kmalloc_track_caller_oob_right+0x99/0x520 [ 11.816474] kunit_try_run_case+0x1a5/0x480 [ 11.816761] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.817240] kthread+0x337/0x6f0 [ 11.817495] ret_from_fork+0x116/0x1d0 [ 11.817638] ret_from_fork_asm+0x1a/0x30 [ 11.818062] [ 11.818174] The buggy address belongs to the object at ffff8881029f2a00 [ 11.818174] which belongs to the cache kmalloc-128 of size 128 [ 11.818692] The buggy address is located 0 bytes to the right of [ 11.818692] allocated 120-byte region [ffff8881029f2a00, ffff8881029f2a78) [ 11.819458] [ 11.819562] The buggy address belongs to the physical page: [ 11.819973] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f2 [ 11.820434] flags: 0x200000000000000(node=0|zone=2) [ 11.820611] page_type: f5(slab) [ 11.820956] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.821344] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.821701] page dumped because: kasan: bad access detected [ 11.822016] [ 11.822103] Memory state around the buggy address: [ 11.822303] ffff8881029f2900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.822605] ffff8881029f2980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.823136] >ffff8881029f2a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.823503] ^ [ 11.823763] ffff8881029f2a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.824191] ffff8881029f2b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.824560] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 11.777766] ================================================================== [ 11.778338] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 11.778641] Read of size 1 at addr ffff8881037a3000 by task kunit_try_catch/157 [ 11.778941] [ 11.779083] CPU: 1 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 11.779126] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.779137] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.779156] Call Trace: [ 11.779167] <TASK> [ 11.779195] dump_stack_lvl+0x73/0xb0 [ 11.779223] print_report+0xd1/0x650 [ 11.779244] ? __virt_addr_valid+0x1db/0x2d0 [ 11.779266] ? kmalloc_node_oob_right+0x369/0x3c0 [ 11.779289] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.779311] ? kmalloc_node_oob_right+0x369/0x3c0 [ 11.779335] kasan_report+0x141/0x180 [ 11.779356] ? kmalloc_node_oob_right+0x369/0x3c0 [ 11.779385] __asan_report_load1_noabort+0x18/0x20 [ 11.779409] kmalloc_node_oob_right+0x369/0x3c0 [ 11.779433] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 11.779457] ? __schedule+0x10cc/0x2b60 [ 11.779478] ? __pfx_read_tsc+0x10/0x10 [ 11.779498] ? ktime_get_ts64+0x86/0x230 [ 11.779521] kunit_try_run_case+0x1a5/0x480 [ 11.779545] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.779567] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.779589] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.779612] ? __kthread_parkme+0x82/0x180 [ 11.779632] ? preempt_count_sub+0x50/0x80 [ 11.779655] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.779679] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.779702] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.779727] kthread+0x337/0x6f0 [ 11.779746] ? trace_preempt_on+0x20/0xc0 [ 11.779776] ? __pfx_kthread+0x10/0x10 [ 11.779796] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.779817] ? calculate_sigpending+0x7b/0xa0 [ 11.779840] ? __pfx_kthread+0x10/0x10 [ 11.779861] ret_from_fork+0x116/0x1d0 [ 11.779878] ? __pfx_kthread+0x10/0x10 [ 11.779898] ret_from_fork_asm+0x1a/0x30 [ 11.779941] </TASK> [ 11.779949] [ 11.787381] Allocated by task 157: [ 11.787610] kasan_save_stack+0x45/0x70 [ 11.787804] kasan_save_track+0x18/0x40 [ 11.788020] kasan_save_alloc_info+0x3b/0x50 [ 11.788233] __kasan_kmalloc+0xb7/0xc0 [ 11.788519] __kmalloc_cache_node_noprof+0x188/0x420 [ 11.788703] kmalloc_node_oob_right+0xab/0x3c0 [ 11.789070] kunit_try_run_case+0x1a5/0x480 [ 11.789310] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.789558] kthread+0x337/0x6f0 [ 11.789704] ret_from_fork+0x116/0x1d0 [ 11.789883] ret_from_fork_asm+0x1a/0x30 [ 11.790168] [ 11.790274] The buggy address belongs to the object at ffff8881037a2000 [ 11.790274] which belongs to the cache kmalloc-4k of size 4096 [ 11.790685] The buggy address is located 0 bytes to the right of [ 11.790685] allocated 4096-byte region [ffff8881037a2000, ffff8881037a3000) [ 11.791259] [ 11.791341] The buggy address belongs to the physical page: [ 11.791670] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1037a0 [ 11.792173] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.792409] flags: 0x200000000000040(head|node=0|zone=2) [ 11.792655] page_type: f5(slab) [ 11.793007] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 11.793461] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 11.793815] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 11.794148] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 11.794379] head: 0200000000000003 ffffea00040de801 00000000ffffffff 00000000ffffffff [ 11.794615] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 11.795109] page dumped because: kasan: bad access detected [ 11.795362] [ 11.795476] Memory state around the buggy address: [ 11.795698] ffff8881037a2f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.796052] ffff8881037a2f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.796411] >ffff8881037a3000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.796649] ^ [ 11.796941] ffff8881037a3080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.797192] ffff8881037a3100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.797642] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 11.754320] ================================================================== [ 11.754805] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 11.755145] Read of size 1 at addr ffff888100a6e11f by task kunit_try_catch/155 [ 11.755481] [ 11.755593] CPU: 0 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 11.755637] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.755649] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.755670] Call Trace: [ 11.755683] <TASK> [ 11.755700] dump_stack_lvl+0x73/0xb0 [ 11.755740] print_report+0xd1/0x650 [ 11.755762] ? __virt_addr_valid+0x1db/0x2d0 [ 11.755786] ? kmalloc_oob_left+0x361/0x3c0 [ 11.755806] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.755829] ? kmalloc_oob_left+0x361/0x3c0 [ 11.755849] kasan_report+0x141/0x180 [ 11.755870] ? kmalloc_oob_left+0x361/0x3c0 [ 11.755896] __asan_report_load1_noabort+0x18/0x20 [ 11.755930] kmalloc_oob_left+0x361/0x3c0 [ 11.755952] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 11.755974] ? __schedule+0x10cc/0x2b60 [ 11.755996] ? __pfx_read_tsc+0x10/0x10 [ 11.756018] ? ktime_get_ts64+0x86/0x230 [ 11.756042] kunit_try_run_case+0x1a5/0x480 [ 11.756067] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.756089] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.756112] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.756136] ? __kthread_parkme+0x82/0x180 [ 11.756157] ? preempt_count_sub+0x50/0x80 [ 11.756181] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.756205] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.756231] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.756257] kthread+0x337/0x6f0 [ 11.756278] ? trace_preempt_on+0x20/0xc0 [ 11.756301] ? __pfx_kthread+0x10/0x10 [ 11.756321] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.756342] ? calculate_sigpending+0x7b/0xa0 [ 11.756365] ? __pfx_kthread+0x10/0x10 [ 11.756386] ret_from_fork+0x116/0x1d0 [ 11.756404] ? __pfx_kthread+0x10/0x10 [ 11.756423] ret_from_fork_asm+0x1a/0x30 [ 11.756454] </TASK> [ 11.756465] [ 11.763273] Allocated by task 1: [ 11.763451] kasan_save_stack+0x45/0x70 [ 11.763684] kasan_save_track+0x18/0x40 [ 11.763955] kasan_save_alloc_info+0x3b/0x50 [ 11.764122] __kasan_kmalloc+0xb7/0xc0 [ 11.764256] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 11.764436] kvasprintf+0xc5/0x150 [ 11.764560] __kthread_create_on_node+0x18b/0x3a0 [ 11.764856] kthread_create_on_node+0xab/0xe0 [ 11.765185] create_worker+0x3e5/0x7b0 [ 11.765375] alloc_unbound_pwq+0x8ea/0xdb0 [ 11.765580] apply_wqattrs_prepare+0x332/0xd20 [ 11.765819] apply_workqueue_attrs_locked+0x4d/0xa0 [ 11.766135] alloc_workqueue+0xcc7/0x1ad0 [ 11.766336] latency_fsnotify_init+0x1b/0x50 [ 11.766523] do_one_initcall+0xd8/0x370 [ 11.766683] kernel_init_freeable+0x420/0x6f0 [ 11.766885] kernel_init+0x23/0x1e0 [ 11.767021] ret_from_fork+0x116/0x1d0 [ 11.767165] ret_from_fork_asm+0x1a/0x30 [ 11.767359] [ 11.767451] The buggy address belongs to the object at ffff888100a6e100 [ 11.767451] which belongs to the cache kmalloc-16 of size 16 [ 11.767960] The buggy address is located 18 bytes to the right of [ 11.767960] allocated 13-byte region [ffff888100a6e100, ffff888100a6e10d) [ 11.768424] [ 11.768523] The buggy address belongs to the physical page: [ 11.768757] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a6e [ 11.769050] flags: 0x200000000000000(node=0|zone=2) [ 11.769220] page_type: f5(slab) [ 11.769340] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.769569] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.769917] page dumped because: kasan: bad access detected [ 11.770381] [ 11.770542] Memory state around the buggy address: [ 11.770706] ffff888100a6e000: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 11.770950] ffff888100a6e080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 11.771191] >ffff888100a6e100: 00 05 fc fc 00 07 fc fc fc fc fc fc fc fc fc fc [ 11.771402] ^ [ 11.771533] ffff888100a6e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.771992] ffff888100a6e200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.772382] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 11.676520] ================================================================== [ 11.677387] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 11.678800] Write of size 1 at addr ffff8881029f2973 by task kunit_try_catch/153 [ 11.679342] [ 11.680504] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 11.680843] Tainted: [N]=TEST [ 11.680873] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.681174] Call Trace: [ 11.681245] <TASK> [ 11.681386] dump_stack_lvl+0x73/0xb0 [ 11.681476] print_report+0xd1/0x650 [ 11.681504] ? __virt_addr_valid+0x1db/0x2d0 [ 11.681530] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.681551] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.681574] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.681596] kasan_report+0x141/0x180 [ 11.681618] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.681646] __asan_report_store1_noabort+0x1b/0x30 [ 11.681671] kmalloc_oob_right+0x6f0/0x7f0 [ 11.681695] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.681717] ? __schedule+0x10cc/0x2b60 [ 11.681741] ? __pfx_read_tsc+0x10/0x10 [ 11.681764] ? ktime_get_ts64+0x86/0x230 [ 11.681793] kunit_try_run_case+0x1a5/0x480 [ 11.681819] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.681842] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.681867] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.681890] ? __kthread_parkme+0x82/0x180 [ 11.681912] ? preempt_count_sub+0x50/0x80 [ 11.681951] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.681976] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.682000] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.682025] kthread+0x337/0x6f0 [ 11.682044] ? trace_preempt_on+0x20/0xc0 [ 11.682068] ? __pfx_kthread+0x10/0x10 [ 11.682089] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.682111] ? calculate_sigpending+0x7b/0xa0 [ 11.682135] ? __pfx_kthread+0x10/0x10 [ 11.682157] ret_from_fork+0x116/0x1d0 [ 11.682175] ? __pfx_kthread+0x10/0x10 [ 11.682196] ret_from_fork_asm+0x1a/0x30 [ 11.682253] </TASK> [ 11.682316] [ 11.693851] Allocated by task 153: [ 11.694374] kasan_save_stack+0x45/0x70 [ 11.694602] kasan_save_track+0x18/0x40 [ 11.694810] kasan_save_alloc_info+0x3b/0x50 [ 11.695229] __kasan_kmalloc+0xb7/0xc0 [ 11.695436] __kmalloc_cache_noprof+0x189/0x420 [ 11.695882] kmalloc_oob_right+0xa9/0x7f0 [ 11.696316] kunit_try_run_case+0x1a5/0x480 [ 11.696618] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.697096] kthread+0x337/0x6f0 [ 11.697351] ret_from_fork+0x116/0x1d0 [ 11.697587] ret_from_fork_asm+0x1a/0x30 [ 11.697977] [ 11.698373] The buggy address belongs to the object at ffff8881029f2900 [ 11.698373] which belongs to the cache kmalloc-128 of size 128 [ 11.699258] The buggy address is located 0 bytes to the right of [ 11.699258] allocated 115-byte region [ffff8881029f2900, ffff8881029f2973) [ 11.700098] [ 11.700356] The buggy address belongs to the physical page: [ 11.700763] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f2 [ 11.701331] flags: 0x200000000000000(node=0|zone=2) [ 11.701957] page_type: f5(slab) [ 11.702435] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.702762] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.703244] page dumped because: kasan: bad access detected [ 11.703486] [ 11.703567] Memory state around the buggy address: [ 11.704022] ffff8881029f2800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.704464] ffff8881029f2880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.704792] >ffff8881029f2900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.705216] ^ [ 11.705539] ffff8881029f2980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.705801] ffff8881029f2a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.706347] ================================================================== [ 11.707397] ================================================================== [ 11.707625] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 11.707842] Write of size 1 at addr ffff8881029f2978 by task kunit_try_catch/153 [ 11.708078] [ 11.708159] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 11.708198] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.708209] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.708228] Call Trace: [ 11.708243] <TASK> [ 11.708257] dump_stack_lvl+0x73/0xb0 [ 11.708283] print_report+0xd1/0x650 [ 11.708305] ? __virt_addr_valid+0x1db/0x2d0 [ 11.708326] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.708346] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.708368] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.708389] kasan_report+0x141/0x180 [ 11.708410] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.708436] __asan_report_store1_noabort+0x1b/0x30 [ 11.708460] kmalloc_oob_right+0x6bd/0x7f0 [ 11.708481] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.708503] ? __schedule+0x10cc/0x2b60 [ 11.708524] ? __pfx_read_tsc+0x10/0x10 [ 11.708544] ? ktime_get_ts64+0x86/0x230 [ 11.708567] kunit_try_run_case+0x1a5/0x480 [ 11.708590] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.708611] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.708633] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.708656] ? __kthread_parkme+0x82/0x180 [ 11.708675] ? preempt_count_sub+0x50/0x80 [ 11.708697] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.708721] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.708743] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.708766] kthread+0x337/0x6f0 [ 11.708785] ? trace_preempt_on+0x20/0xc0 [ 11.708807] ? __pfx_kthread+0x10/0x10 [ 11.708827] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.708915] ? calculate_sigpending+0x7b/0xa0 [ 11.708952] ? __pfx_kthread+0x10/0x10 [ 11.708974] ret_from_fork+0x116/0x1d0 [ 11.708993] ? __pfx_kthread+0x10/0x10 [ 11.709050] ret_from_fork_asm+0x1a/0x30 [ 11.709082] </TASK> [ 11.709091] [ 11.716678] Allocated by task 153: [ 11.716807] kasan_save_stack+0x45/0x70 [ 11.717067] kasan_save_track+0x18/0x40 [ 11.717274] kasan_save_alloc_info+0x3b/0x50 [ 11.717490] __kasan_kmalloc+0xb7/0xc0 [ 11.717680] __kmalloc_cache_noprof+0x189/0x420 [ 11.717890] kmalloc_oob_right+0xa9/0x7f0 [ 11.718268] kunit_try_run_case+0x1a5/0x480 [ 11.718425] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.718610] kthread+0x337/0x6f0 [ 11.718730] ret_from_fork+0x116/0x1d0 [ 11.718860] ret_from_fork_asm+0x1a/0x30 [ 11.719015] [ 11.719108] The buggy address belongs to the object at ffff8881029f2900 [ 11.719108] which belongs to the cache kmalloc-128 of size 128 [ 11.719632] The buggy address is located 5 bytes to the right of [ 11.719632] allocated 115-byte region [ffff8881029f2900, ffff8881029f2973) [ 11.720460] [ 11.720533] The buggy address belongs to the physical page: [ 11.720702] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f2 [ 11.721503] flags: 0x200000000000000(node=0|zone=2) [ 11.721719] page_type: f5(slab) [ 11.721930] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.722491] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.722755] page dumped because: kasan: bad access detected [ 11.722938] [ 11.723007] Memory state around the buggy address: [ 11.723160] ffff8881029f2800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.723476] ffff8881029f2880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.723707] >ffff8881029f2900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.724037] ^ [ 11.724805] ffff8881029f2980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.725351] ffff8881029f2a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.725674] ================================================================== [ 11.726338] ================================================================== [ 11.726663] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 11.726885] Read of size 1 at addr ffff8881029f2980 by task kunit_try_catch/153 [ 11.729012] [ 11.729132] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 11.729173] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.729185] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.729204] Call Trace: [ 11.729218] <TASK> [ 11.729234] dump_stack_lvl+0x73/0xb0 [ 11.729265] print_report+0xd1/0x650 [ 11.729286] ? __virt_addr_valid+0x1db/0x2d0 [ 11.729308] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.729328] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.729349] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.729370] kasan_report+0x141/0x180 [ 11.729391] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.729417] __asan_report_load1_noabort+0x18/0x20 [ 11.729440] kmalloc_oob_right+0x68a/0x7f0 [ 11.729462] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.729484] ? __schedule+0x10cc/0x2b60 [ 11.729505] ? __pfx_read_tsc+0x10/0x10 [ 11.729524] ? ktime_get_ts64+0x86/0x230 [ 11.729547] kunit_try_run_case+0x1a5/0x480 [ 11.729571] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.729592] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.729614] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.729637] ? __kthread_parkme+0x82/0x180 [ 11.729655] ? preempt_count_sub+0x50/0x80 [ 11.729679] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.729702] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.729725] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.729748] kthread+0x337/0x6f0 [ 11.729766] ? trace_preempt_on+0x20/0xc0 [ 11.729788] ? __pfx_kthread+0x10/0x10 [ 11.729808] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.729829] ? calculate_sigpending+0x7b/0xa0 [ 11.729852] ? __pfx_kthread+0x10/0x10 [ 11.729873] ret_from_fork+0x116/0x1d0 [ 11.729891] ? __pfx_kthread+0x10/0x10 [ 11.729910] ret_from_fork_asm+0x1a/0x30 [ 11.729955] </TASK> [ 11.729964] [ 11.741782] Allocated by task 153: [ 11.741972] kasan_save_stack+0x45/0x70 [ 11.742246] kasan_save_track+0x18/0x40 [ 11.742408] kasan_save_alloc_info+0x3b/0x50 [ 11.742563] __kasan_kmalloc+0xb7/0xc0 [ 11.742736] __kmalloc_cache_noprof+0x189/0x420 [ 11.742997] kmalloc_oob_right+0xa9/0x7f0 [ 11.743354] kunit_try_run_case+0x1a5/0x480 [ 11.743555] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.743769] kthread+0x337/0x6f0 [ 11.743955] ret_from_fork+0x116/0x1d0 [ 11.744257] ret_from_fork_asm+0x1a/0x30 [ 11.744458] [ 11.744529] The buggy address belongs to the object at ffff8881029f2900 [ 11.744529] which belongs to the cache kmalloc-128 of size 128 [ 11.745117] The buggy address is located 13 bytes to the right of [ 11.745117] allocated 115-byte region [ffff8881029f2900, ffff8881029f2973) [ 11.745631] [ 11.745703] The buggy address belongs to the physical page: [ 11.745888] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f2 [ 11.746229] flags: 0x200000000000000(node=0|zone=2) [ 11.746463] page_type: f5(slab) [ 11.747436] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.747799] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.748156] page dumped because: kasan: bad access detected [ 11.748414] [ 11.748510] Memory state around the buggy address: [ 11.748755] ffff8881029f2880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.749101] ffff8881029f2900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.749435] >ffff8881029f2980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.749664] ^ [ 11.749797] ffff8881029f2a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.750197] ffff8881029f2a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.750522] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 141.475192] WARNING: CPU: 1 PID: 2763 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 141.475897] Modules linked in: [ 141.476103] CPU: 1 UID: 0 PID: 2763 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 141.477212] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.477780] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.478420] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 141.478989] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 141.480159] RSP: 0000:ffff888102197c78 EFLAGS: 00010286 [ 141.480684] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 141.481557] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffb96337bc [ 141.481956] RBP: ffff888102197ca0 R08: 0000000000000000 R09: ffffed1020d9f940 [ 141.482512] R10: ffff888106cfca07 R11: 0000000000000000 R12: ffffffffb96337a8 [ 141.483382] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888102197d38 [ 141.483967] FS: 0000000000000000(0000) GS:ffff88819fb72000(0000) knlGS:0000000000000000 [ 141.484534] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.484714] CR2: 00007ffff7ffe000 CR3: 0000000067cbc000 CR4: 00000000000006f0 [ 141.484930] DR0: ffffffffbb652440 DR1: ffffffffbb652441 DR2: ffffffffbb652443 [ 141.485491] DR3: ffffffffbb652445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.486227] Call Trace: [ 141.486642] <TASK> [ 141.486927] drm_test_rect_calc_vscale+0x108/0x270 [ 141.487531] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 141.488141] ? __schedule+0x10cc/0x2b60 [ 141.488297] ? __pfx_read_tsc+0x10/0x10 [ 141.488440] ? ktime_get_ts64+0x86/0x230 [ 141.488585] kunit_try_run_case+0x1a5/0x480 [ 141.488736] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.488976] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.489139] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.489386] ? __kthread_parkme+0x82/0x180 [ 141.489558] ? preempt_count_sub+0x50/0x80 [ 141.489820] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.490102] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.490552] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.490927] kthread+0x337/0x6f0 [ 141.491054] ? trace_preempt_on+0x20/0xc0 [ 141.491219] ? __pfx_kthread+0x10/0x10 [ 141.491462] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.491988] ? calculate_sigpending+0x7b/0xa0 [ 141.492267] ? __pfx_kthread+0x10/0x10 [ 141.492430] ret_from_fork+0x116/0x1d0 [ 141.492710] ? __pfx_kthread+0x10/0x10 [ 141.492918] ret_from_fork_asm+0x1a/0x30 [ 141.493161] </TASK> [ 141.493443] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 141.500150] WARNING: CPU: 0 PID: 2765 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 141.500438] Modules linked in: [ 141.500573] CPU: 0 UID: 0 PID: 2765 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 141.502086] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.502279] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.502547] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 141.502732] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 141.503232] RSP: 0000:ffff888108847c78 EFLAGS: 00010286 [ 141.503411] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 141.503620] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffb96337f4 [ 141.503830] RBP: ffff888108847ca0 R08: 0000000000000000 R09: ffffed1020c3d0c0 [ 141.505858] R10: ffff8881061e8607 R11: 0000000000000000 R12: ffffffffb96337e0 [ 141.507166] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888108847d38 [ 141.507963] FS: 0000000000000000(0000) GS:ffff88819fa72000(0000) knlGS:0000000000000000 [ 141.509272] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.510258] CR2: 00007ffff7ffe000 CR3: 0000000067cbc000 CR4: 00000000000006f0 [ 141.511468] DR0: ffffffffbb652440 DR1: ffffffffbb652441 DR2: ffffffffbb652442 [ 141.512556] DR3: ffffffffbb652443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.513701] Call Trace: [ 141.514422] <TASK> [ 141.515061] drm_test_rect_calc_vscale+0x108/0x270 [ 141.515854] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 141.517421] ? __schedule+0x10cc/0x2b60 [ 141.518200] ? __pfx_read_tsc+0x10/0x10 [ 141.518452] ? ktime_get_ts64+0x86/0x230 [ 141.519369] kunit_try_run_case+0x1a5/0x480 [ 141.519976] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.520870] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.521277] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.521523] ? __kthread_parkme+0x82/0x180 [ 141.521728] ? preempt_count_sub+0x50/0x80 [ 141.521919] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.522293] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.522541] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.522822] kthread+0x337/0x6f0 [ 141.522995] ? trace_preempt_on+0x20/0xc0 [ 141.523334] ? __pfx_kthread+0x10/0x10 [ 141.523506] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.523683] ? calculate_sigpending+0x7b/0xa0 [ 141.524092] ? __pfx_kthread+0x10/0x10 [ 141.524276] ret_from_fork+0x116/0x1d0 [ 141.524457] ? __pfx_kthread+0x10/0x10 [ 141.524626] ret_from_fork_asm+0x1a/0x30 [ 141.524831] </TASK> [ 141.524970] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 141.428694] WARNING: CPU: 0 PID: 2751 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 141.429996] Modules linked in: [ 141.430336] CPU: 0 UID: 0 PID: 2751 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 141.430677] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.431072] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.431453] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 141.431694] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 1b de 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 141.432370] RSP: 0000:ffff888100ff7c78 EFLAGS: 00010286 [ 141.432802] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 141.433155] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffb96337c0 [ 141.433483] RBP: ffff888100ff7ca0 R08: 0000000000000000 R09: ffffed1020c3d000 [ 141.434180] R10: ffff8881061e8007 R11: 0000000000000000 R12: ffffffffb96337a8 [ 141.434604] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888100ff7d38 [ 141.435168] FS: 0000000000000000(0000) GS:ffff88819fa72000(0000) knlGS:0000000000000000 [ 141.435653] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.436141] CR2: 00007ffff7ffe000 CR3: 0000000067cbc000 CR4: 00000000000006f0 [ 141.436729] DR0: ffffffffbb652440 DR1: ffffffffbb652441 DR2: ffffffffbb652442 [ 141.437128] DR3: ffffffffbb652443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.437420] Call Trace: [ 141.437595] <TASK> [ 141.437750] drm_test_rect_calc_hscale+0x108/0x270 [ 141.437951] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 141.438418] ? __schedule+0x10cc/0x2b60 [ 141.438679] ? __pfx_read_tsc+0x10/0x10 [ 141.438935] ? ktime_get_ts64+0x86/0x230 [ 141.439220] kunit_try_run_case+0x1a5/0x480 [ 141.439422] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.439726] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.440293] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.440517] ? __kthread_parkme+0x82/0x180 [ 141.440668] ? preempt_count_sub+0x50/0x80 [ 141.440920] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.441271] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.441475] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.441801] kthread+0x337/0x6f0 [ 141.441964] ? trace_preempt_on+0x20/0xc0 [ 141.442195] ? __pfx_kthread+0x10/0x10 [ 141.442467] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.442697] ? calculate_sigpending+0x7b/0xa0 [ 141.442975] ? __pfx_kthread+0x10/0x10 [ 141.443321] ret_from_fork+0x116/0x1d0 [ 141.443463] ? __pfx_kthread+0x10/0x10 [ 141.443694] ret_from_fork_asm+0x1a/0x30 [ 141.443921] </TASK> [ 141.444028] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 141.447456] WARNING: CPU: 0 PID: 2753 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 141.448030] Modules linked in: [ 141.448217] CPU: 0 UID: 0 PID: 2753 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 141.449245] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.449493] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.449888] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 141.450168] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 1b de 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 141.451199] RSP: 0000:ffff88810425fc78 EFLAGS: 00010286 [ 141.451452] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 141.451737] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffb96337f8 [ 141.452148] RBP: ffff88810425fca0 R08: 0000000000000000 R09: ffffed1020c3d020 [ 141.452459] R10: ffff8881061e8107 R11: 0000000000000000 R12: ffffffffb96337e0 [ 141.452763] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810425fd38 [ 141.453074] FS: 0000000000000000(0000) GS:ffff88819fa72000(0000) knlGS:0000000000000000 [ 141.453499] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.453770] CR2: 00007ffff7ffe000 CR3: 0000000067cbc000 CR4: 00000000000006f0 [ 141.454139] DR0: ffffffffbb652440 DR1: ffffffffbb652441 DR2: ffffffffbb652442 [ 141.454466] DR3: ffffffffbb652443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.454803] Call Trace: [ 141.454952] <TASK> [ 141.455135] drm_test_rect_calc_hscale+0x108/0x270 [ 141.455355] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 141.455818] ? __schedule+0x10cc/0x2b60 [ 141.456024] ? __pfx_read_tsc+0x10/0x10 [ 141.456243] ? ktime_get_ts64+0x86/0x230 [ 141.456601] kunit_try_run_case+0x1a5/0x480 [ 141.456785] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.457129] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.457364] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.457594] ? __kthread_parkme+0x82/0x180 [ 141.457825] ? preempt_count_sub+0x50/0x80 [ 141.458040] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.458325] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.458661] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.459028] kthread+0x337/0x6f0 [ 141.459360] ? trace_preempt_on+0x20/0xc0 [ 141.459611] ? __pfx_kthread+0x10/0x10 [ 141.459754] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.459977] ? calculate_sigpending+0x7b/0xa0 [ 141.460207] ? __pfx_kthread+0x10/0x10 [ 141.460506] ret_from_fork+0x116/0x1d0 [ 141.460714] ? __pfx_kthread+0x10/0x10 [ 141.460915] ret_from_fork_asm+0x1a/0x30 [ 141.461101] </TASK> [ 141.461311] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_gem_shmem_test_get_pages_sgtdrm-kunit-mock-device-drm-drm_warn_onrefcount_readshmem-pages_pin_count
------------[ cut here ]------------ [ 140.793992] drm-kunit-mock-device drm_gem_shmem_test_get_pages_sgt.drm-kunit-mock-device: [drm] drm_WARN_ON(refcount_read(&shmem->pages_pin_count)) [ 140.794096] WARNING: CPU: 1 PID: 2568 at drivers/gpu/drm/drm_gem_shmem_helper.c:180 drm_gem_shmem_free+0x3ed/0x6c0 [ 140.796484] Modules linked in: [ 140.796845] CPU: 1 UID: 0 PID: 2568 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 140.797651] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.798315] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.798738] RIP: 0010:drm_gem_shmem_free+0x3ed/0x6c0 [ 140.799280] Code: 85 f6 0f 84 ba 01 00 00 4c 89 e7 e8 6d 1d 80 00 48 c7 c1 a0 86 5e b9 4c 89 f2 48 c7 c7 60 83 5e b9 48 89 c6 e8 b4 d0 77 fe 90 <0f> 0b 90 90 e9 09 ff ff ff 90 48 b8 00 00 00 00 00 fc ff df 48 8d [ 140.800175] RSP: 0000:ffff8881015afd18 EFLAGS: 00010286 [ 140.800648] RAX: 0000000000000000 RBX: ffff888106e68000 RCX: 1ffffffff7464ce8 [ 140.801332] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 140.801758] RBP: ffff8881015afd48 R08: 0000000000000000 R09: fffffbfff7464ce8 [ 140.801985] R10: 0000000000000003 R11: 0000000000038760 R12: ffff8881020d4000 [ 140.802638] R13: ffff888106e680f8 R14: ffff888106caa300 R15: ffff88810039fb40 [ 140.803335] FS: 0000000000000000(0000) GS:ffff88819fb72000(0000) knlGS:0000000000000000 [ 140.804075] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.804347] CR2: 00007ffff7ffe000 CR3: 0000000067cbc000 CR4: 00000000000006f0 [ 140.804564] DR0: ffffffffbb652440 DR1: ffffffffbb652441 DR2: ffffffffbb652443 [ 140.804826] DR3: ffffffffbb652445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.805527] Call Trace: [ 140.805764] <TASK> [ 140.806042] ? trace_preempt_on+0x20/0xc0 [ 140.806574] ? __pfx_drm_gem_shmem_free_wrapper+0x10/0x10 [ 140.807187] drm_gem_shmem_free_wrapper+0x12/0x20 [ 140.807655] __kunit_action_free+0x57/0x70 [ 140.807974] kunit_remove_resource+0x133/0x200 [ 140.808403] ? preempt_count_sub+0x50/0x80 [ 140.808563] kunit_cleanup+0x7a/0x120 [ 140.808704] kunit_try_run_case_cleanup+0xbd/0xf0 [ 140.809161] ? __pfx_kunit_try_run_case_cleanup+0x10/0x10 [ 140.809786] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.810370] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.810968] kthread+0x337/0x6f0 [ 140.811209] ? trace_preempt_on+0x20/0xc0 [ 140.811573] ? __pfx_kthread+0x10/0x10 [ 140.811970] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.812374] ? calculate_sigpending+0x7b/0xa0 [ 140.812654] ? __pfx_kthread+0x10/0x10 [ 140.812814] ret_from_fork+0x116/0x1d0 [ 140.812970] ? __pfx_kthread+0x10/0x10 [ 140.813367] ret_from_fork_asm+0x1a/0x30 [ 140.813730] </TASK> [ 140.813953] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 140.657296] WARNING: CPU: 1 PID: 2549 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 140.658149] Modules linked in: [ 140.658349] CPU: 1 UID: 0 PID: 2549 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 140.658926] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.659386] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.660158] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 140.660506] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 140.661719] RSP: 0000:ffff888102287b30 EFLAGS: 00010246 [ 140.662332] RAX: dffffc0000000000 RBX: ffff888102287c28 RCX: 0000000000000000 [ 140.662933] RDX: 1ffff11020450f8e RSI: ffff888102287c28 RDI: ffff888102287c70 [ 140.663350] RBP: ffff888102287b70 R08: ffff8881020bd000 R09: ffffffffb95d89e0 [ 140.663566] R10: 0000000000000003 R11: 00000000fa7e0d61 R12: ffff8881020bd000 [ 140.663790] R13: ffff88810039fae8 R14: ffff888102287ba8 R15: 0000000000000000 [ 140.664415] FS: 0000000000000000(0000) GS:ffff88819fb72000(0000) knlGS:0000000000000000 [ 140.664657] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.664970] CR2: 00007ffff7ffe000 CR3: 0000000067cbc000 CR4: 00000000000006f0 [ 140.665731] DR0: ffffffffbb652440 DR1: ffffffffbb652441 DR2: ffffffffbb652443 [ 140.666546] DR3: ffffffffbb652445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.667381] Call Trace: [ 140.667489] <TASK> [ 140.667579] ? add_dr+0xc1/0x1d0 [ 140.667722] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 140.667922] ? add_dr+0x148/0x1d0 [ 140.668094] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 140.668476] ? __drmm_add_action+0x1a4/0x280 [ 140.668691] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.668950] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.669164] ? __drmm_add_action_or_reset+0x22/0x50 [ 140.669721] ? __schedule+0x10cc/0x2b60 [ 140.669876] ? __pfx_read_tsc+0x10/0x10 [ 140.670183] ? ktime_get_ts64+0x86/0x230 [ 140.670438] kunit_try_run_case+0x1a5/0x480 [ 140.670683] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.671008] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.671439] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.671617] ? __kthread_parkme+0x82/0x180 [ 140.671830] ? preempt_count_sub+0x50/0x80 [ 140.672425] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.672695] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.672884] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.673354] kthread+0x337/0x6f0 [ 140.673549] ? trace_preempt_on+0x20/0xc0 [ 140.673757] ? __pfx_kthread+0x10/0x10 [ 140.673964] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.674275] ? calculate_sigpending+0x7b/0xa0 [ 140.674606] ? __pfx_kthread+0x10/0x10 [ 140.674827] ret_from_fork+0x116/0x1d0 [ 140.675048] ? __pfx_kthread+0x10/0x10 [ 140.675384] ret_from_fork_asm+0x1a/0x30 [ 140.675596] </TASK> [ 140.675689] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 140.616703] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 140.616832] WARNING: CPU: 1 PID: 2545 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 140.619522] Modules linked in: [ 140.620105] CPU: 1 UID: 0 PID: 2545 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 140.621072] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.621265] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.621532] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 140.621715] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 3b 3a 87 00 48 c7 c1 c0 38 5d b9 4c 89 fa 48 c7 c7 20 39 5d b9 48 89 c6 e8 82 ed 7e fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 140.623281] RSP: 0000:ffff8881021d7b68 EFLAGS: 00010282 [ 140.623894] RAX: 0000000000000000 RBX: ffff8881021d7c40 RCX: 1ffffffff7464ce8 [ 140.625162] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 140.625795] RBP: ffff8881021d7b90 R08: 0000000000000000 R09: fffffbfff7464ce8 [ 140.626561] R10: 0000000000000003 R11: 0000000000036d30 R12: ffff8881021d7c18 [ 140.626968] R13: ffff888101746000 R14: ffff8881020bb000 R15: ffff888106c8f580 [ 140.627934] FS: 0000000000000000(0000) GS:ffff88819fb72000(0000) knlGS:0000000000000000 [ 140.628932] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.629389] CR2: 00007ffff7ffe000 CR3: 0000000067cbc000 CR4: 00000000000006f0 [ 140.629983] DR0: ffffffffbb652440 DR1: ffffffffbb652441 DR2: ffffffffbb652443 [ 140.630695] DR3: ffffffffbb652445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.631256] Call Trace: [ 140.631402] <TASK> [ 140.631536] drm_test_framebuffer_free+0x1ab/0x610 [ 140.631792] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 140.632344] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.632783] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.633311] ? __drmm_add_action_or_reset+0x22/0x50 [ 140.633736] ? __schedule+0x10cc/0x2b60 [ 140.634098] ? __pfx_read_tsc+0x10/0x10 [ 140.634305] ? ktime_get_ts64+0x86/0x230 [ 140.634501] kunit_try_run_case+0x1a5/0x480 [ 140.634702] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.635193] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.635610] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.636078] ? __kthread_parkme+0x82/0x180 [ 140.636429] ? preempt_count_sub+0x50/0x80 [ 140.636639] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.637308] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.637756] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.638139] kthread+0x337/0x6f0 [ 140.638445] ? trace_preempt_on+0x20/0xc0 [ 140.638666] ? __pfx_kthread+0x10/0x10 [ 140.639022] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.639429] ? calculate_sigpending+0x7b/0xa0 [ 140.639639] ? __pfx_kthread+0x10/0x10 [ 140.639943] ret_from_fork+0x116/0x1d0 [ 140.640495] ? __pfx_kthread+0x10/0x10 [ 140.640935] ret_from_fork_asm+0x1a/0x30 [ 140.641803] </TASK> [ 140.641975] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 139.314310] WARNING: CPU: 1 PID: 1975 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 139.315688] Modules linked in: [ 139.315858] CPU: 1 UID: 0 PID: 1975 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 139.316188] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 139.316360] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.317205] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 139.317607] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 c2 26 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 139.319125] RSP: 0000:ffff888102b4fc90 EFLAGS: 00010246 [ 139.319485] RAX: dffffc0000000000 RBX: ffff8881036be000 RCX: 0000000000000000 [ 139.319700] RDX: 1ffff110206d7c32 RSI: ffffffffb6805798 RDI: ffff8881036be190 [ 139.320532] RBP: ffff888102b4fca0 R08: 1ffff11020073f69 R09: ffffed1020569f65 [ 139.321256] R10: 0000000000000003 R11: ffffffffb5d85b48 R12: 0000000000000000 [ 139.321466] R13: ffff888102b4fd38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 139.321670] FS: 0000000000000000(0000) GS:ffff88819fb72000(0000) knlGS:0000000000000000 [ 139.321963] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.322338] CR2: 00007ffff7ffe000 CR3: 0000000067cbc000 CR4: 00000000000006f0 [ 139.322665] DR0: ffffffffbb652440 DR1: ffffffffbb652441 DR2: ffffffffbb652443 [ 139.323044] DR3: ffffffffbb652445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 139.323422] Call Trace: [ 139.323568] <TASK> [ 139.323702] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 139.324277] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 139.324589] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 139.325158] kunit_try_run_case+0x1a5/0x480 [ 139.325361] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.325608] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 139.325875] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 139.326175] ? __kthread_parkme+0x82/0x180 [ 139.326549] ? preempt_count_sub+0x50/0x80 [ 139.326789] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.327064] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 139.327740] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 139.328274] kthread+0x337/0x6f0 [ 139.328440] ? trace_preempt_on+0x20/0xc0 [ 139.328679] ? __pfx_kthread+0x10/0x10 [ 139.328841] ? _raw_spin_unlock_irq+0x47/0x80 [ 139.329240] ? calculate_sigpending+0x7b/0xa0 [ 139.329479] ? __pfx_kthread+0x10/0x10 [ 139.329746] ret_from_fork+0x116/0x1d0 [ 139.329919] ? __pfx_kthread+0x10/0x10 [ 139.330314] ret_from_fork_asm+0x1a/0x30 [ 139.330536] </TASK> [ 139.330661] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 139.391513] WARNING: CPU: 0 PID: 1983 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 139.392104] Modules linked in: [ 139.392393] CPU: 0 UID: 0 PID: 1983 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 139.392852] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 139.393272] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.393687] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 139.393989] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 c2 26 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 139.395070] RSP: 0000:ffff888103657c90 EFLAGS: 00010246 [ 139.395293] RAX: dffffc0000000000 RBX: ffff8881035b2000 RCX: 0000000000000000 [ 139.395592] RDX: 1ffff110206b6432 RSI: ffffffffb6805798 RDI: ffff8881035b2190 [ 139.395849] RBP: ffff888103657ca0 R08: 1ffff11020073f69 R09: ffffed10206caf65 [ 139.396346] R10: 0000000000000003 R11: ffffffffb5d85b48 R12: 0000000000000000 [ 139.396606] R13: ffff888103657d38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 139.396898] FS: 0000000000000000(0000) GS:ffff88819fa72000(0000) knlGS:0000000000000000 [ 139.397314] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.397616] CR2: 00007ffff7ffe000 CR3: 0000000067cbc000 CR4: 00000000000006f0 [ 139.397927] DR0: ffffffffbb652440 DR1: ffffffffbb652441 DR2: ffffffffbb652442 [ 139.398262] DR3: ffffffffbb652443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 139.399079] Call Trace: [ 139.399403] <TASK> [ 139.399557] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 139.399950] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 139.400353] ? __schedule+0x10cc/0x2b60 [ 139.400701] ? __pfx_read_tsc+0x10/0x10 [ 139.400901] ? ktime_get_ts64+0x86/0x230 [ 139.401308] kunit_try_run_case+0x1a5/0x480 [ 139.401518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.401747] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 139.402048] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 139.402348] ? __kthread_parkme+0x82/0x180 [ 139.402592] ? preempt_count_sub+0x50/0x80 [ 139.402772] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.403015] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 139.403502] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 139.403763] kthread+0x337/0x6f0 [ 139.403996] ? trace_preempt_on+0x20/0xc0 [ 139.404297] ? __pfx_kthread+0x10/0x10 [ 139.404522] ? _raw_spin_unlock_irq+0x47/0x80 [ 139.404695] ? calculate_sigpending+0x7b/0xa0 [ 139.404968] ? __pfx_kthread+0x10/0x10 [ 139.405121] ret_from_fork+0x116/0x1d0 [ 139.405402] ? __pfx_kthread+0x10/0x10 [ 139.405562] ret_from_fork_asm+0x1a/0x30 [ 139.405775] </TASK> [ 139.405973] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 108.982425] WARNING: CPU: 1 PID: 673 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 108.982749] Modules linked in: [ 108.982975] CPU: 1 UID: 0 PID: 673 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 108.983378] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 108.984200] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 108.984573] RIP: 0010:intlog10+0x2a/0x40 [ 108.984731] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 108.985530] RSP: 0000:ffff888109867cb0 EFLAGS: 00010246 [ 108.985846] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff1102130cfb4 [ 108.986262] RDX: 1ffffffff7292db4 RSI: 1ffff1102130cfb3 RDI: 0000000000000000 [ 108.986537] RBP: ffff888109867d60 R08: 0000000000000000 R09: ffffed10207b7e60 [ 108.986821] R10: ffff888103dbf307 R11: 0000000000000000 R12: 1ffff1102130cf97 [ 108.987287] R13: ffffffffb9496da0 R14: 0000000000000000 R15: ffff888109867d38 [ 108.987569] FS: 0000000000000000(0000) GS:ffff88819fb72000(0000) knlGS:0000000000000000 [ 108.987806] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.987996] CR2: ffff88815a91a000 CR3: 0000000067cbc000 CR4: 00000000000006f0 [ 108.988205] DR0: ffffffffbb652440 DR1: ffffffffbb652441 DR2: ffffffffbb652443 [ 108.988412] DR3: ffffffffbb652445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 108.988619] Call Trace: [ 108.988715] <TASK> [ 108.988802] ? intlog10_test+0xf2/0x220 [ 108.989121] ? __pfx_intlog10_test+0x10/0x10 [ 108.989299] ? __schedule+0x10cc/0x2b60 [ 108.989450] ? __pfx_read_tsc+0x10/0x10 [ 108.989596] ? ktime_get_ts64+0x86/0x230 [ 108.989834] kunit_try_run_case+0x1a5/0x480 [ 108.990066] ? __pfx_kunit_try_run_case+0x10/0x10 [ 108.990342] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 108.990614] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 108.990973] ? __kthread_parkme+0x82/0x180 [ 108.991442] ? preempt_count_sub+0x50/0x80 [ 108.991677] ? __pfx_kunit_try_run_case+0x10/0x10 [ 108.991933] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 108.992205] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 108.992544] kthread+0x337/0x6f0 [ 108.992733] ? trace_preempt_on+0x20/0xc0 [ 108.992985] ? __pfx_kthread+0x10/0x10 [ 108.993217] ? _raw_spin_unlock_irq+0x47/0x80 [ 108.993424] ? calculate_sigpending+0x7b/0xa0 [ 108.993613] ? __pfx_kthread+0x10/0x10 [ 108.993814] ret_from_fork+0x116/0x1d0 [ 108.994112] ? __pfx_kthread+0x10/0x10 [ 108.994294] ret_from_fork_asm+0x1a/0x30 [ 108.994472] </TASK> [ 108.994573] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 108.943800] WARNING: CPU: 1 PID: 655 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 108.944471] Modules linked in: [ 108.944881] CPU: 1 UID: 0 PID: 655 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 108.945732] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 108.946285] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 108.946661] RIP: 0010:intlog2+0xdf/0x110 [ 108.947425] Code: 49 b9 c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d e9 d2 aa 86 02 90 <0f> 0b 90 31 c0 e9 c7 aa 86 02 89 45 e4 e8 5f ea 55 ff 8b 45 e4 eb [ 108.948701] RSP: 0000:ffff888109befcb0 EFLAGS: 00010246 [ 108.948896] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff1102137dfb4 [ 108.949245] RDX: 1ffffffff7292e08 RSI: 1ffff1102137dfb3 RDI: 0000000000000000 [ 108.949579] RBP: ffff888109befd60 R08: 0000000000000000 R09: ffffed10207e4aa0 [ 108.949882] R10: ffff888103f25507 R11: 0000000000000000 R12: 1ffff1102137df97 [ 108.950150] R13: ffffffffb9497040 R14: 0000000000000000 R15: ffff888109befd38 [ 108.950481] FS: 0000000000000000(0000) GS:ffff88819fb72000(0000) knlGS:0000000000000000 [ 108.951048] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.951304] CR2: ffff88815a91a000 CR3: 0000000067cbc000 CR4: 00000000000006f0 [ 108.951588] DR0: ffffffffbb652440 DR1: ffffffffbb652441 DR2: ffffffffbb652443 [ 108.952294] DR3: ffffffffbb652445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 108.952576] Call Trace: [ 108.952702] <TASK> [ 108.952860] ? intlog2_test+0xf2/0x220 [ 108.953111] ? __pfx_intlog2_test+0x10/0x10 [ 108.953351] ? __schedule+0x10cc/0x2b60 [ 108.953525] ? __pfx_read_tsc+0x10/0x10 [ 108.953714] ? ktime_get_ts64+0x86/0x230 [ 108.953925] kunit_try_run_case+0x1a5/0x480 [ 108.954252] ? __pfx_kunit_try_run_case+0x10/0x10 [ 108.954534] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 108.954735] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 108.954972] ? __kthread_parkme+0x82/0x180 [ 108.955244] ? preempt_count_sub+0x50/0x80 [ 108.955432] ? __pfx_kunit_try_run_case+0x10/0x10 [ 108.955807] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 108.956141] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 108.956408] kthread+0x337/0x6f0 [ 108.956587] ? trace_preempt_on+0x20/0xc0 [ 108.956754] ? __pfx_kthread+0x10/0x10 [ 108.956962] ? _raw_spin_unlock_irq+0x47/0x80 [ 108.957256] ? calculate_sigpending+0x7b/0xa0 [ 108.957444] ? __pfx_kthread+0x10/0x10 [ 108.957629] ret_from_fork+0x116/0x1d0 [ 108.957858] ? __pfx_kthread+0x10/0x10 [ 108.958082] ret_from_fork_asm+0x1a/0x30 [ 108.958320] </TASK> [ 108.958451] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
KNOWN ISSUE - qemu-x86_64: Oops: general protection fault, probably for non-canonical address - KASAN: null-ptr-deref - kunit_test_null_dereference
[ 108.363629] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI