Date
July 12, 2025, 11:09 a.m.
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 14.497993] ================================================================== [ 14.498478] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 14.498799] Read of size 1 at addr ffff888103bb7c4a by task kunit_try_catch/271 [ 14.499469] [ 14.499563] CPU: 1 UID: 0 PID: 271 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.499610] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.499621] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.499643] Call Trace: [ 14.499668] <TASK> [ 14.499683] dump_stack_lvl+0x73/0xb0 [ 14.499713] print_report+0xd1/0x650 [ 14.499736] ? __virt_addr_valid+0x1db/0x2d0 [ 14.499773] ? kasan_alloca_oob_right+0x329/0x390 [ 14.499795] ? kasan_addr_to_slab+0x11/0xa0 [ 14.499816] ? kasan_alloca_oob_right+0x329/0x390 [ 14.499840] kasan_report+0x141/0x180 [ 14.499861] ? kasan_alloca_oob_right+0x329/0x390 [ 14.499889] __asan_report_load1_noabort+0x18/0x20 [ 14.499915] kasan_alloca_oob_right+0x329/0x390 [ 14.499937] ? __kasan_check_write+0x18/0x20 [ 14.499957] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.499980] ? finish_task_switch.isra.0+0x153/0x700 [ 14.500003] ? __schedule+0x202e/0x2b60 [ 14.500024] ? trace_hardirqs_on+0x37/0xe0 [ 14.500050] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 14.500077] ? __schedule+0x10cc/0x2b60 [ 14.500098] ? __pfx_read_tsc+0x10/0x10 [ 14.500118] ? ktime_get_ts64+0x86/0x230 [ 14.500141] kunit_try_run_case+0x1a5/0x480 [ 14.500165] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.500188] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.500212] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.500236] ? __kthread_parkme+0x82/0x180 [ 14.500257] ? preempt_count_sub+0x50/0x80 [ 14.500280] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.500305] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.500330] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.500355] kthread+0x337/0x6f0 [ 14.500374] ? trace_preempt_on+0x20/0xc0 [ 14.500396] ? __pfx_kthread+0x10/0x10 [ 14.500417] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.500438] ? calculate_sigpending+0x7b/0xa0 [ 14.500463] ? __pfx_kthread+0x10/0x10 [ 14.500493] ret_from_fork+0x116/0x1d0 [ 14.500511] ? __pfx_kthread+0x10/0x10 [ 14.500541] ret_from_fork_asm+0x1a/0x30 [ 14.500573] </TASK> [ 14.500590] [ 14.509270] The buggy address belongs to stack of task kunit_try_catch/271 [ 14.509551] [ 14.509774] The buggy address belongs to the physical page: [ 14.510030] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103bb7 [ 14.510349] flags: 0x200000000000000(node=0|zone=2) [ 14.510773] raw: 0200000000000000 ffffea00040eedc8 ffffea00040eedc8 0000000000000000 [ 14.511124] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.511471] page dumped because: kasan: bad access detected [ 14.511840] [ 14.511955] Memory state around the buggy address: [ 14.512183] ffff888103bb7b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.512489] ffff888103bb7b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.513030] >ffff888103bb7c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 14.513313] ^ [ 14.513527] ffff888103bb7c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 14.514015] ffff888103bb7d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.514377] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 12.595947] ================================================================== [ 12.596437] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 12.596730] Read of size 1 at addr ffff888100a29200 by task kunit_try_catch/182 [ 12.597046] [ 12.597386] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.597432] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.597443] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.597463] Call Trace: [ 12.597474] <TASK> [ 12.597491] dump_stack_lvl+0x73/0xb0 [ 12.597524] print_report+0xd1/0x650 [ 12.597789] ? __virt_addr_valid+0x1db/0x2d0 [ 12.597815] ? krealloc_uaf+0x1b8/0x5e0 [ 12.597836] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.597886] ? krealloc_uaf+0x1b8/0x5e0 [ 12.597908] kasan_report+0x141/0x180 [ 12.597929] ? krealloc_uaf+0x1b8/0x5e0 [ 12.597953] ? krealloc_uaf+0x1b8/0x5e0 [ 12.597974] __kasan_check_byte+0x3d/0x50 [ 12.597995] krealloc_noprof+0x3f/0x340 [ 12.598018] krealloc_uaf+0x1b8/0x5e0 [ 12.598039] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.598060] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.598108] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.598133] kunit_try_run_case+0x1a5/0x480 [ 12.598159] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.598181] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.598206] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.598230] ? __kthread_parkme+0x82/0x180 [ 12.598250] ? preempt_count_sub+0x50/0x80 [ 12.598275] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.598299] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.598322] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.598347] kthread+0x337/0x6f0 [ 12.598373] ? trace_preempt_on+0x20/0xc0 [ 12.598396] ? __pfx_kthread+0x10/0x10 [ 12.598416] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.598437] ? calculate_sigpending+0x7b/0xa0 [ 12.598462] ? __pfx_kthread+0x10/0x10 [ 12.598483] ret_from_fork+0x116/0x1d0 [ 12.598503] ? __pfx_kthread+0x10/0x10 [ 12.598523] ret_from_fork_asm+0x1a/0x30 [ 12.598554] </TASK> [ 12.598564] [ 12.606681] Allocated by task 182: [ 12.607018] kasan_save_stack+0x45/0x70 [ 12.607209] kasan_save_track+0x18/0x40 [ 12.607347] kasan_save_alloc_info+0x3b/0x50 [ 12.607581] __kasan_kmalloc+0xb7/0xc0 [ 12.608040] __kmalloc_cache_noprof+0x189/0x420 [ 12.608262] krealloc_uaf+0xbb/0x5e0 [ 12.608457] kunit_try_run_case+0x1a5/0x480 [ 12.608641] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.608925] kthread+0x337/0x6f0 [ 12.609167] ret_from_fork+0x116/0x1d0 [ 12.609307] ret_from_fork_asm+0x1a/0x30 [ 12.609447] [ 12.609517] Freed by task 182: [ 12.609626] kasan_save_stack+0x45/0x70 [ 12.609844] kasan_save_track+0x18/0x40 [ 12.610060] kasan_save_free_info+0x3f/0x60 [ 12.610267] __kasan_slab_free+0x56/0x70 [ 12.610463] kfree+0x222/0x3f0 [ 12.610578] krealloc_uaf+0x13d/0x5e0 [ 12.610708] kunit_try_run_case+0x1a5/0x480 [ 12.611012] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.611299] kthread+0x337/0x6f0 [ 12.611469] ret_from_fork+0x116/0x1d0 [ 12.611841] ret_from_fork_asm+0x1a/0x30 [ 12.612053] [ 12.612172] The buggy address belongs to the object at ffff888100a29200 [ 12.612172] which belongs to the cache kmalloc-256 of size 256 [ 12.612605] The buggy address is located 0 bytes inside of [ 12.612605] freed 256-byte region [ffff888100a29200, ffff888100a29300) [ 12.613287] [ 12.613386] The buggy address belongs to the physical page: [ 12.613594] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a28 [ 12.614201] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.614452] flags: 0x200000000000040(head|node=0|zone=2) [ 12.614659] page_type: f5(slab) [ 12.614873] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.615219] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.615549] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.616062] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.616394] head: 0200000000000001 ffffea0004028a01 00000000ffffffff 00000000ffffffff [ 12.616624] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.616852] page dumped because: kasan: bad access detected [ 12.617191] [ 12.617290] Memory state around the buggy address: [ 12.617518] ffff888100a29100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.617854] ffff888100a29180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.618357] >ffff888100a29200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.618684] ^ [ 12.618805] ffff888100a29280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.619298] ffff888100a29300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.619608] ================================================================== [ 12.620134] ================================================================== [ 12.620454] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 12.620931] Read of size 1 at addr ffff888100a29200 by task kunit_try_catch/182 [ 12.621242] [ 12.621343] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.621409] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.621420] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.621438] Call Trace: [ 12.621451] <TASK> [ 12.621465] dump_stack_lvl+0x73/0xb0 [ 12.621494] print_report+0xd1/0x650 [ 12.621516] ? __virt_addr_valid+0x1db/0x2d0 [ 12.621538] ? krealloc_uaf+0x53c/0x5e0 [ 12.621559] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.621582] ? krealloc_uaf+0x53c/0x5e0 [ 12.621603] kasan_report+0x141/0x180 [ 12.621624] ? krealloc_uaf+0x53c/0x5e0 [ 12.621665] __asan_report_load1_noabort+0x18/0x20 [ 12.621690] krealloc_uaf+0x53c/0x5e0 [ 12.621711] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.621732] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.621773] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.621799] kunit_try_run_case+0x1a5/0x480 [ 12.621823] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.621845] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.621868] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.621892] ? __kthread_parkme+0x82/0x180 [ 12.621912] ? preempt_count_sub+0x50/0x80 [ 12.621935] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.621959] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.621984] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.622009] kthread+0x337/0x6f0 [ 12.622028] ? trace_preempt_on+0x20/0xc0 [ 12.622050] ? __pfx_kthread+0x10/0x10 [ 12.622070] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.622092] ? calculate_sigpending+0x7b/0xa0 [ 12.622115] ? __pfx_kthread+0x10/0x10 [ 12.622136] ret_from_fork+0x116/0x1d0 [ 12.622154] ? __pfx_kthread+0x10/0x10 [ 12.622203] ret_from_fork_asm+0x1a/0x30 [ 12.622234] </TASK> [ 12.622252] [ 12.629408] Allocated by task 182: [ 12.629606] kasan_save_stack+0x45/0x70 [ 12.630061] kasan_save_track+0x18/0x40 [ 12.630230] kasan_save_alloc_info+0x3b/0x50 [ 12.630387] __kasan_kmalloc+0xb7/0xc0 [ 12.630519] __kmalloc_cache_noprof+0x189/0x420 [ 12.630728] krealloc_uaf+0xbb/0x5e0 [ 12.630922] kunit_try_run_case+0x1a5/0x480 [ 12.631348] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.631767] kthread+0x337/0x6f0 [ 12.631889] ret_from_fork+0x116/0x1d0 [ 12.632020] ret_from_fork_asm+0x1a/0x30 [ 12.632584] [ 12.632755] Freed by task 182: [ 12.632873] kasan_save_stack+0x45/0x70 [ 12.633014] kasan_save_track+0x18/0x40 [ 12.633272] kasan_save_free_info+0x3f/0x60 [ 12.633506] __kasan_slab_free+0x56/0x70 [ 12.633831] kfree+0x222/0x3f0 [ 12.634020] krealloc_uaf+0x13d/0x5e0 [ 12.634209] kunit_try_run_case+0x1a5/0x480 [ 12.634358] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.634540] kthread+0x337/0x6f0 [ 12.634659] ret_from_fork+0x116/0x1d0 [ 12.634877] ret_from_fork_asm+0x1a/0x30 [ 12.635079] [ 12.635193] The buggy address belongs to the object at ffff888100a29200 [ 12.635193] which belongs to the cache kmalloc-256 of size 256 [ 12.636048] The buggy address is located 0 bytes inside of [ 12.636048] freed 256-byte region [ffff888100a29200, ffff888100a29300) [ 12.636624] [ 12.636878] The buggy address belongs to the physical page: [ 12.637142] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a28 [ 12.637503] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.637756] flags: 0x200000000000040(head|node=0|zone=2) [ 12.638031] page_type: f5(slab) [ 12.638209] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.638578] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.638861] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.639208] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.639788] head: 0200000000000001 ffffea0004028a01 00000000ffffffff 00000000ffffffff [ 12.640020] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.640716] page dumped because: kasan: bad access detected [ 12.641280] [ 12.641388] Memory state around the buggy address: [ 12.641612] ffff888100a29100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.641948] ffff888100a29180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.642248] >ffff888100a29200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.642777] ^ [ 12.642947] ffff888100a29280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.643234] ffff888100a29300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.643546] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 12.572759] ================================================================== [ 12.573087] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 12.573442] Write of size 1 at addr ffff888102bba0eb by task kunit_try_catch/180 [ 12.573775] [ 12.573862] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.573902] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.573912] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.573931] Call Trace: [ 12.573945] <TASK> [ 12.573959] dump_stack_lvl+0x73/0xb0 [ 12.573984] print_report+0xd1/0x650 [ 12.574005] ? __virt_addr_valid+0x1db/0x2d0 [ 12.574027] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.574050] ? kasan_addr_to_slab+0x11/0xa0 [ 12.574071] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.574094] kasan_report+0x141/0x180 [ 12.574116] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.574144] __asan_report_store1_noabort+0x1b/0x30 [ 12.574169] krealloc_less_oob_helper+0xd47/0x11d0 [ 12.574195] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.574219] ? finish_task_switch.isra.0+0x153/0x700 [ 12.574241] ? __switch_to+0x47/0xf50 [ 12.574265] ? __schedule+0x10cc/0x2b60 [ 12.574286] ? __pfx_read_tsc+0x10/0x10 [ 12.574309] krealloc_large_less_oob+0x1c/0x30 [ 12.574332] kunit_try_run_case+0x1a5/0x480 [ 12.574356] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.574384] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.574407] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.574430] ? __kthread_parkme+0x82/0x180 [ 12.574450] ? preempt_count_sub+0x50/0x80 [ 12.574473] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.574497] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.574520] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.574545] kthread+0x337/0x6f0 [ 12.574563] ? trace_preempt_on+0x20/0xc0 [ 12.574586] ? __pfx_kthread+0x10/0x10 [ 12.574607] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.574628] ? calculate_sigpending+0x7b/0xa0 [ 12.574651] ? __pfx_kthread+0x10/0x10 [ 12.574672] ret_from_fork+0x116/0x1d0 [ 12.574690] ? __pfx_kthread+0x10/0x10 [ 12.574710] ret_from_fork_asm+0x1a/0x30 [ 12.574741] </TASK> [ 12.574760] [ 12.582599] The buggy address belongs to the physical page: [ 12.582985] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102bb8 [ 12.583360] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.583841] flags: 0x200000000000040(head|node=0|zone=2) [ 12.584063] page_type: f8(unknown) [ 12.584222] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.584452] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.584698] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.585066] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.585874] head: 0200000000000002 ffffea00040aee01 00000000ffffffff 00000000ffffffff [ 12.586238] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.586520] page dumped because: kasan: bad access detected [ 12.586714] [ 12.586835] Memory state around the buggy address: [ 12.587216] ffff888102bb9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.587461] ffff888102bba000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.587690] >ffff888102bba080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.588020] ^ [ 12.588422] ffff888102bba100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.588847] ffff888102bba180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.589146] ================================================================== [ 12.361020] ================================================================== [ 12.361346] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 12.361615] Write of size 1 at addr ffff888100a290da by task kunit_try_catch/176 [ 12.362040] [ 12.362169] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.362214] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.362226] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.362243] Call Trace: [ 12.362258] <TASK> [ 12.362275] dump_stack_lvl+0x73/0xb0 [ 12.362325] print_report+0xd1/0x650 [ 12.362347] ? __virt_addr_valid+0x1db/0x2d0 [ 12.362375] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.362399] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.362422] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.362447] kasan_report+0x141/0x180 [ 12.362486] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.362515] __asan_report_store1_noabort+0x1b/0x30 [ 12.362540] krealloc_less_oob_helper+0xec6/0x11d0 [ 12.362583] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.362608] ? finish_task_switch.isra.0+0x153/0x700 [ 12.362630] ? __switch_to+0x47/0xf50 [ 12.362714] ? __schedule+0x10cc/0x2b60 [ 12.362739] ? __pfx_read_tsc+0x10/0x10 [ 12.362774] krealloc_less_oob+0x1c/0x30 [ 12.362795] kunit_try_run_case+0x1a5/0x480 [ 12.362819] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.362841] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.362866] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.362889] ? __kthread_parkme+0x82/0x180 [ 12.362931] ? preempt_count_sub+0x50/0x80 [ 12.362954] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.362978] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.363017] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.363056] kthread+0x337/0x6f0 [ 12.363075] ? trace_preempt_on+0x20/0xc0 [ 12.363097] ? __pfx_kthread+0x10/0x10 [ 12.363118] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.363139] ? calculate_sigpending+0x7b/0xa0 [ 12.363163] ? __pfx_kthread+0x10/0x10 [ 12.363184] ret_from_fork+0x116/0x1d0 [ 12.363202] ? __pfx_kthread+0x10/0x10 [ 12.363221] ret_from_fork_asm+0x1a/0x30 [ 12.363251] </TASK> [ 12.363261] [ 12.371180] Allocated by task 176: [ 12.371305] kasan_save_stack+0x45/0x70 [ 12.371448] kasan_save_track+0x18/0x40 [ 12.371578] kasan_save_alloc_info+0x3b/0x50 [ 12.371876] __kasan_krealloc+0x190/0x1f0 [ 12.372107] krealloc_noprof+0xf3/0x340 [ 12.372320] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.372578] krealloc_less_oob+0x1c/0x30 [ 12.372786] kunit_try_run_case+0x1a5/0x480 [ 12.373098] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.373711] kthread+0x337/0x6f0 [ 12.373917] ret_from_fork+0x116/0x1d0 [ 12.374106] ret_from_fork_asm+0x1a/0x30 [ 12.374239] [ 12.374307] The buggy address belongs to the object at ffff888100a29000 [ 12.374307] which belongs to the cache kmalloc-256 of size 256 [ 12.374971] The buggy address is located 17 bytes to the right of [ 12.374971] allocated 201-byte region [ffff888100a29000, ffff888100a290c9) [ 12.376006] [ 12.376136] The buggy address belongs to the physical page: [ 12.376409] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a28 [ 12.376759] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.377093] flags: 0x200000000000040(head|node=0|zone=2) [ 12.377337] page_type: f5(slab) [ 12.377474] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.377695] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.377925] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.378290] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.378762] head: 0200000000000001 ffffea0004028a01 00000000ffffffff 00000000ffffffff [ 12.379364] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.379764] page dumped because: kasan: bad access detected [ 12.379986] [ 12.380054] Memory state around the buggy address: [ 12.380203] ffff888100a28f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.380483] ffff888100a29000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.381077] >ffff888100a29080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.381350] ^ [ 12.381606] ffff888100a29100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.381991] ffff888100a29180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.382280] ================================================================== [ 12.511385] ================================================================== [ 12.511617] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 12.511906] Write of size 1 at addr ffff888102bba0d0 by task kunit_try_catch/180 [ 12.512238] [ 12.512352] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.512393] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.512405] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.512423] Call Trace: [ 12.512435] <TASK> [ 12.512450] dump_stack_lvl+0x73/0xb0 [ 12.512477] print_report+0xd1/0x650 [ 12.512501] ? __virt_addr_valid+0x1db/0x2d0 [ 12.512524] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.512548] ? kasan_addr_to_slab+0x11/0xa0 [ 12.512569] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.512593] kasan_report+0x141/0x180 [ 12.512615] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.512719] __asan_report_store1_noabort+0x1b/0x30 [ 12.512758] krealloc_less_oob_helper+0xe23/0x11d0 [ 12.512785] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.512810] ? finish_task_switch.isra.0+0x153/0x700 [ 12.512834] ? __switch_to+0x47/0xf50 [ 12.512859] ? __schedule+0x10cc/0x2b60 [ 12.512882] ? __pfx_read_tsc+0x10/0x10 [ 12.512906] krealloc_large_less_oob+0x1c/0x30 [ 12.512929] kunit_try_run_case+0x1a5/0x480 [ 12.512955] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.512978] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.513002] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.513025] ? __kthread_parkme+0x82/0x180 [ 12.513045] ? preempt_count_sub+0x50/0x80 [ 12.513069] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.513093] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.513117] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.513142] kthread+0x337/0x6f0 [ 12.513160] ? trace_preempt_on+0x20/0xc0 [ 12.513183] ? __pfx_kthread+0x10/0x10 [ 12.513204] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.513226] ? calculate_sigpending+0x7b/0xa0 [ 12.513250] ? __pfx_kthread+0x10/0x10 [ 12.513271] ret_from_fork+0x116/0x1d0 [ 12.513290] ? __pfx_kthread+0x10/0x10 [ 12.513310] ret_from_fork_asm+0x1a/0x30 [ 12.513339] </TASK> [ 12.513350] [ 12.520883] The buggy address belongs to the physical page: [ 12.521143] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102bb8 [ 12.521494] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.522028] flags: 0x200000000000040(head|node=0|zone=2) [ 12.522245] page_type: f8(unknown) [ 12.522430] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.522830] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.523134] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.523443] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.523779] head: 0200000000000002 ffffea00040aee01 00000000ffffffff 00000000ffffffff [ 12.524131] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.524469] page dumped because: kasan: bad access detected [ 12.524702] [ 12.524798] Memory state around the buggy address: [ 12.525018] ffff888102bb9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.525338] ffff888102bba000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.525727] >ffff888102bba080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.525952] ^ [ 12.526131] ffff888102bba100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.526456] ffff888102bba180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.526997] ================================================================== [ 12.552531] ================================================================== [ 12.553022] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 12.553662] Write of size 1 at addr ffff888102bba0ea by task kunit_try_catch/180 [ 12.554446] [ 12.554617] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.554657] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.554668] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.554687] Call Trace: [ 12.554720] <TASK> [ 12.554735] dump_stack_lvl+0x73/0xb0 [ 12.554772] print_report+0xd1/0x650 [ 12.554795] ? __virt_addr_valid+0x1db/0x2d0 [ 12.554818] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.554842] ? kasan_addr_to_slab+0x11/0xa0 [ 12.554862] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.554887] kasan_report+0x141/0x180 [ 12.554909] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.554938] __asan_report_store1_noabort+0x1b/0x30 [ 12.554964] krealloc_less_oob_helper+0xe90/0x11d0 [ 12.554989] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.555014] ? finish_task_switch.isra.0+0x153/0x700 [ 12.555037] ? __switch_to+0x47/0xf50 [ 12.555062] ? __schedule+0x10cc/0x2b60 [ 12.555083] ? __pfx_read_tsc+0x10/0x10 [ 12.555106] krealloc_large_less_oob+0x1c/0x30 [ 12.555130] kunit_try_run_case+0x1a5/0x480 [ 12.555154] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.555177] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.555202] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.555229] ? __kthread_parkme+0x82/0x180 [ 12.555251] ? preempt_count_sub+0x50/0x80 [ 12.555275] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.555299] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.555323] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.555348] kthread+0x337/0x6f0 [ 12.555367] ? trace_preempt_on+0x20/0xc0 [ 12.555391] ? __pfx_kthread+0x10/0x10 [ 12.555411] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.555433] ? calculate_sigpending+0x7b/0xa0 [ 12.555456] ? __pfx_kthread+0x10/0x10 [ 12.555479] ret_from_fork+0x116/0x1d0 [ 12.555497] ? __pfx_kthread+0x10/0x10 [ 12.555517] ret_from_fork_asm+0x1a/0x30 [ 12.555547] </TASK> [ 12.555557] [ 12.565770] The buggy address belongs to the physical page: [ 12.565956] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102bb8 [ 12.566522] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.567183] flags: 0x200000000000040(head|node=0|zone=2) [ 12.567417] page_type: f8(unknown) [ 12.567543] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.568152] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.568407] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.568637] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.568978] head: 0200000000000002 ffffea00040aee01 00000000ffffffff 00000000ffffffff [ 12.569322] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.569866] page dumped because: kasan: bad access detected [ 12.570072] [ 12.570171] Memory state around the buggy address: [ 12.570350] ffff888102bb9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.570596] ffff888102bba000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.571275] >ffff888102bba080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.571539] ^ [ 12.571736] ffff888102bba100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.572038] ffff888102bba180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.572395] ================================================================== [ 12.382984] ================================================================== [ 12.383327] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 12.383688] Write of size 1 at addr ffff888100a290ea by task kunit_try_catch/176 [ 12.384048] [ 12.384150] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.384214] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.384225] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.384262] Call Trace: [ 12.384278] <TASK> [ 12.384293] dump_stack_lvl+0x73/0xb0 [ 12.384323] print_report+0xd1/0x650 [ 12.384361] ? __virt_addr_valid+0x1db/0x2d0 [ 12.384384] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.384408] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.384431] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.384455] kasan_report+0x141/0x180 [ 12.384476] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.384505] __asan_report_store1_noabort+0x1b/0x30 [ 12.384530] krealloc_less_oob_helper+0xe90/0x11d0 [ 12.384572] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.384597] ? finish_task_switch.isra.0+0x153/0x700 [ 12.384620] ? __switch_to+0x47/0xf50 [ 12.384722] ? __schedule+0x10cc/0x2b60 [ 12.384757] ? __pfx_read_tsc+0x10/0x10 [ 12.384781] krealloc_less_oob+0x1c/0x30 [ 12.384802] kunit_try_run_case+0x1a5/0x480 [ 12.384845] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.384868] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.384906] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.384943] ? __kthread_parkme+0x82/0x180 [ 12.384963] ? preempt_count_sub+0x50/0x80 [ 12.384986] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.385009] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.385033] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.385058] kthread+0x337/0x6f0 [ 12.385078] ? trace_preempt_on+0x20/0xc0 [ 12.385101] ? __pfx_kthread+0x10/0x10 [ 12.385121] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.385142] ? calculate_sigpending+0x7b/0xa0 [ 12.385166] ? __pfx_kthread+0x10/0x10 [ 12.385187] ret_from_fork+0x116/0x1d0 [ 12.385205] ? __pfx_kthread+0x10/0x10 [ 12.385225] ret_from_fork_asm+0x1a/0x30 [ 12.385255] </TASK> [ 12.385265] [ 12.393605] Allocated by task 176: [ 12.393895] kasan_save_stack+0x45/0x70 [ 12.394135] kasan_save_track+0x18/0x40 [ 12.394369] kasan_save_alloc_info+0x3b/0x50 [ 12.394574] __kasan_krealloc+0x190/0x1f0 [ 12.394780] krealloc_noprof+0xf3/0x340 [ 12.394968] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.395192] krealloc_less_oob+0x1c/0x30 [ 12.395618] kunit_try_run_case+0x1a5/0x480 [ 12.395957] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.396257] kthread+0x337/0x6f0 [ 12.396459] ret_from_fork+0x116/0x1d0 [ 12.396643] ret_from_fork_asm+0x1a/0x30 [ 12.396849] [ 12.396942] The buggy address belongs to the object at ffff888100a29000 [ 12.396942] which belongs to the cache kmalloc-256 of size 256 [ 12.397483] The buggy address is located 33 bytes to the right of [ 12.397483] allocated 201-byte region [ffff888100a29000, ffff888100a290c9) [ 12.397854] [ 12.397923] The buggy address belongs to the physical page: [ 12.398144] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a28 [ 12.398537] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.399167] flags: 0x200000000000040(head|node=0|zone=2) [ 12.399549] page_type: f5(slab) [ 12.399719] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.400239] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.400463] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.401049] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.401620] head: 0200000000000001 ffffea0004028a01 00000000ffffffff 00000000ffffffff [ 12.402000] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.402216] page dumped because: kasan: bad access detected [ 12.402386] [ 12.402561] Memory state around the buggy address: [ 12.402900] ffff888100a28f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.403209] ffff888100a29000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.403732] >ffff888100a29080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.404118] ^ [ 12.404351] ffff888100a29100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.404711] ffff888100a29180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.405153] ================================================================== [ 12.480389] ================================================================== [ 12.481160] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 12.481426] Write of size 1 at addr ffff888102bba0c9 by task kunit_try_catch/180 [ 12.481648] [ 12.481735] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.481802] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.481812] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.481832] Call Trace: [ 12.481845] <TASK> [ 12.481859] dump_stack_lvl+0x73/0xb0 [ 12.481886] print_report+0xd1/0x650 [ 12.481908] ? __virt_addr_valid+0x1db/0x2d0 [ 12.481930] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.481954] ? kasan_addr_to_slab+0x11/0xa0 [ 12.481974] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.481998] kasan_report+0x141/0x180 [ 12.482020] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.482048] __asan_report_store1_noabort+0x1b/0x30 [ 12.482151] krealloc_less_oob_helper+0xd70/0x11d0 [ 12.482181] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.482208] ? finish_task_switch.isra.0+0x153/0x700 [ 12.482231] ? __switch_to+0x47/0xf50 [ 12.482255] ? __schedule+0x10cc/0x2b60 [ 12.482276] ? __pfx_read_tsc+0x10/0x10 [ 12.482300] krealloc_large_less_oob+0x1c/0x30 [ 12.482324] kunit_try_run_case+0x1a5/0x480 [ 12.482347] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.482382] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.482405] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.482674] ? __kthread_parkme+0x82/0x180 [ 12.482779] ? preempt_count_sub+0x50/0x80 [ 12.482804] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.482829] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.482854] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.482879] kthread+0x337/0x6f0 [ 12.482898] ? trace_preempt_on+0x20/0xc0 [ 12.482922] ? __pfx_kthread+0x10/0x10 [ 12.482943] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.482964] ? calculate_sigpending+0x7b/0xa0 [ 12.482988] ? __pfx_kthread+0x10/0x10 [ 12.483009] ret_from_fork+0x116/0x1d0 [ 12.483027] ? __pfx_kthread+0x10/0x10 [ 12.483047] ret_from_fork_asm+0x1a/0x30 [ 12.483077] </TASK> [ 12.483088] [ 12.499352] The buggy address belongs to the physical page: [ 12.499815] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102bb8 [ 12.500311] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.500548] flags: 0x200000000000040(head|node=0|zone=2) [ 12.500811] page_type: f8(unknown) [ 12.501431] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.502487] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.503516] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.504556] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.505394] head: 0200000000000002 ffffea00040aee01 00000000ffffffff 00000000ffffffff [ 12.505629] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.506547] page dumped because: kasan: bad access detected [ 12.507062] [ 12.507338] Memory state around the buggy address: [ 12.508026] ffff888102bb9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.508541] ffff888102bba000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.509254] >ffff888102bba080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.510055] ^ [ 12.510533] ffff888102bba100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.510773] ffff888102bba180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.510991] ================================================================== [ 12.527780] ================================================================== [ 12.528143] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 12.528439] Write of size 1 at addr ffff888102bba0da by task kunit_try_catch/180 [ 12.528743] [ 12.529036] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.529077] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.529088] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.529105] Call Trace: [ 12.529116] <TASK> [ 12.529129] dump_stack_lvl+0x73/0xb0 [ 12.529156] print_report+0xd1/0x650 [ 12.529179] ? __virt_addr_valid+0x1db/0x2d0 [ 12.529201] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.529225] ? kasan_addr_to_slab+0x11/0xa0 [ 12.529245] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.529269] kasan_report+0x141/0x180 [ 12.529291] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.529319] __asan_report_store1_noabort+0x1b/0x30 [ 12.529344] krealloc_less_oob_helper+0xec6/0x11d0 [ 12.529370] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.529396] ? finish_task_switch.isra.0+0x153/0x700 [ 12.529418] ? __switch_to+0x47/0xf50 [ 12.529442] ? __schedule+0x10cc/0x2b60 [ 12.529463] ? __pfx_read_tsc+0x10/0x10 [ 12.529487] krealloc_large_less_oob+0x1c/0x30 [ 12.529509] kunit_try_run_case+0x1a5/0x480 [ 12.529534] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.529557] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.529579] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.529603] ? __kthread_parkme+0x82/0x180 [ 12.529623] ? preempt_count_sub+0x50/0x80 [ 12.529722] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.529758] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.529783] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.529809] kthread+0x337/0x6f0 [ 12.529828] ? trace_preempt_on+0x20/0xc0 [ 12.529850] ? __pfx_kthread+0x10/0x10 [ 12.529870] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.529892] ? calculate_sigpending+0x7b/0xa0 [ 12.529916] ? __pfx_kthread+0x10/0x10 [ 12.529938] ret_from_fork+0x116/0x1d0 [ 12.529958] ? __pfx_kthread+0x10/0x10 [ 12.529982] ret_from_fork_asm+0x1a/0x30 [ 12.530014] </TASK> [ 12.530023] [ 12.541875] The buggy address belongs to the physical page: [ 12.542364] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102bb8 [ 12.543311] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.544008] flags: 0x200000000000040(head|node=0|zone=2) [ 12.544589] page_type: f8(unknown) [ 12.544866] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.545497] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.545834] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.546063] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.546292] head: 0200000000000002 ffffea00040aee01 00000000ffffffff 00000000ffffffff [ 12.546527] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.547062] page dumped because: kasan: bad access detected [ 12.547626] [ 12.547791] Memory state around the buggy address: [ 12.548259] ffff888102bb9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.549032] ffff888102bba000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.549637] >ffff888102bba080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.550436] ^ [ 12.551084] ffff888102bba100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.551860] ffff888102bba180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.552243] ================================================================== [ 12.405603] ================================================================== [ 12.406028] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 12.406373] Write of size 1 at addr ffff888100a290eb by task kunit_try_catch/176 [ 12.406599] [ 12.406857] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.406902] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.406912] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.407031] Call Trace: [ 12.407049] <TASK> [ 12.407064] dump_stack_lvl+0x73/0xb0 [ 12.407092] print_report+0xd1/0x650 [ 12.407114] ? __virt_addr_valid+0x1db/0x2d0 [ 12.407136] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.407160] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.407182] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.407206] kasan_report+0x141/0x180 [ 12.407228] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.407286] __asan_report_store1_noabort+0x1b/0x30 [ 12.407312] krealloc_less_oob_helper+0xd47/0x11d0 [ 12.407338] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.407363] ? finish_task_switch.isra.0+0x153/0x700 [ 12.407385] ? __switch_to+0x47/0xf50 [ 12.407408] ? __schedule+0x10cc/0x2b60 [ 12.407430] ? __pfx_read_tsc+0x10/0x10 [ 12.407454] krealloc_less_oob+0x1c/0x30 [ 12.407475] kunit_try_run_case+0x1a5/0x480 [ 12.407498] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.407521] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.407544] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.407586] ? __kthread_parkme+0x82/0x180 [ 12.407605] ? preempt_count_sub+0x50/0x80 [ 12.407628] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.407666] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.407691] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.407715] kthread+0x337/0x6f0 [ 12.407734] ? trace_preempt_on+0x20/0xc0 [ 12.407767] ? __pfx_kthread+0x10/0x10 [ 12.407861] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.407888] ? calculate_sigpending+0x7b/0xa0 [ 12.407912] ? __pfx_kthread+0x10/0x10 [ 12.407934] ret_from_fork+0x116/0x1d0 [ 12.407952] ? __pfx_kthread+0x10/0x10 [ 12.407972] ret_from_fork_asm+0x1a/0x30 [ 12.408021] </TASK> [ 12.408031] [ 12.416417] Allocated by task 176: [ 12.416622] kasan_save_stack+0x45/0x70 [ 12.416918] kasan_save_track+0x18/0x40 [ 12.417106] kasan_save_alloc_info+0x3b/0x50 [ 12.417360] __kasan_krealloc+0x190/0x1f0 [ 12.417559] krealloc_noprof+0xf3/0x340 [ 12.417840] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.418002] krealloc_less_oob+0x1c/0x30 [ 12.418195] kunit_try_run_case+0x1a5/0x480 [ 12.418434] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.418870] kthread+0x337/0x6f0 [ 12.419020] ret_from_fork+0x116/0x1d0 [ 12.419148] ret_from_fork_asm+0x1a/0x30 [ 12.419344] [ 12.419439] The buggy address belongs to the object at ffff888100a29000 [ 12.419439] which belongs to the cache kmalloc-256 of size 256 [ 12.420282] The buggy address is located 34 bytes to the right of [ 12.420282] allocated 201-byte region [ffff888100a29000, ffff888100a290c9) [ 12.420896] [ 12.420993] The buggy address belongs to the physical page: [ 12.421273] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a28 [ 12.421541] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.421768] flags: 0x200000000000040(head|node=0|zone=2) [ 12.421936] page_type: f5(slab) [ 12.422102] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.422562] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.423240] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.423528] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.424015] head: 0200000000000001 ffffea0004028a01 00000000ffffffff 00000000ffffffff [ 12.424526] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.425036] page dumped because: kasan: bad access detected [ 12.425222] [ 12.425289] Memory state around the buggy address: [ 12.425447] ffff888100a28f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.425958] ffff888100a29000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.426293] >ffff888100a29080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.426635] ^ [ 12.426858] ffff888100a29100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.427153] ffff888100a29180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.427573] ================================================================== [ 12.299296] ================================================================== [ 12.300611] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 12.301534] Write of size 1 at addr ffff888100a290c9 by task kunit_try_catch/176 [ 12.302800] [ 12.303120] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.303168] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.303179] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.303199] Call Trace: [ 12.303211] <TASK> [ 12.303226] dump_stack_lvl+0x73/0xb0 [ 12.303257] print_report+0xd1/0x650 [ 12.303279] ? __virt_addr_valid+0x1db/0x2d0 [ 12.303302] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.303325] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.303348] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.303372] kasan_report+0x141/0x180 [ 12.303393] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.303421] __asan_report_store1_noabort+0x1b/0x30 [ 12.303446] krealloc_less_oob_helper+0xd70/0x11d0 [ 12.303472] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.303498] ? finish_task_switch.isra.0+0x153/0x700 [ 12.303521] ? __switch_to+0x47/0xf50 [ 12.303548] ? __schedule+0x10cc/0x2b60 [ 12.303573] ? __pfx_read_tsc+0x10/0x10 [ 12.303597] krealloc_less_oob+0x1c/0x30 [ 12.303620] kunit_try_run_case+0x1a5/0x480 [ 12.303761] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.303792] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.303819] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.303843] ? __kthread_parkme+0x82/0x180 [ 12.303863] ? preempt_count_sub+0x50/0x80 [ 12.303886] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.303943] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.303968] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.303993] kthread+0x337/0x6f0 [ 12.304012] ? trace_preempt_on+0x20/0xc0 [ 12.304035] ? __pfx_kthread+0x10/0x10 [ 12.304055] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.304077] ? calculate_sigpending+0x7b/0xa0 [ 12.304100] ? __pfx_kthread+0x10/0x10 [ 12.304121] ret_from_fork+0x116/0x1d0 [ 12.304139] ? __pfx_kthread+0x10/0x10 [ 12.304158] ret_from_fork_asm+0x1a/0x30 [ 12.304188] </TASK> [ 12.304199] [ 12.317695] Allocated by task 176: [ 12.318030] kasan_save_stack+0x45/0x70 [ 12.318417] kasan_save_track+0x18/0x40 [ 12.318960] kasan_save_alloc_info+0x3b/0x50 [ 12.319376] __kasan_krealloc+0x190/0x1f0 [ 12.319824] krealloc_noprof+0xf3/0x340 [ 12.320265] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.320710] krealloc_less_oob+0x1c/0x30 [ 12.321266] kunit_try_run_case+0x1a5/0x480 [ 12.321706] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.322048] kthread+0x337/0x6f0 [ 12.322175] ret_from_fork+0x116/0x1d0 [ 12.322307] ret_from_fork_asm+0x1a/0x30 [ 12.322451] [ 12.322522] The buggy address belongs to the object at ffff888100a29000 [ 12.322522] which belongs to the cache kmalloc-256 of size 256 [ 12.323461] The buggy address is located 0 bytes to the right of [ 12.323461] allocated 201-byte region [ffff888100a29000, ffff888100a290c9) [ 12.324719] [ 12.324928] The buggy address belongs to the physical page: [ 12.325421] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a28 [ 12.326235] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.327042] flags: 0x200000000000040(head|node=0|zone=2) [ 12.327229] page_type: f5(slab) [ 12.327351] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.327579] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.328173] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.329088] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.330030] head: 0200000000000001 ffffea0004028a01 00000000ffffffff 00000000ffffffff [ 12.331045] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.331821] page dumped because: kasan: bad access detected [ 12.332257] [ 12.332329] Memory state around the buggy address: [ 12.332491] ffff888100a28f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.332739] ffff888100a29000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.333550] >ffff888100a29080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.334331] ^ [ 12.335001] ffff888100a29100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.335611] ffff888100a29180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.336045] ================================================================== [ 12.336979] ================================================================== [ 12.337795] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 12.338489] Write of size 1 at addr ffff888100a290d0 by task kunit_try_catch/176 [ 12.339292] [ 12.339488] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.339531] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.339541] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.339561] Call Trace: [ 12.339574] <TASK> [ 12.339589] dump_stack_lvl+0x73/0xb0 [ 12.339618] print_report+0xd1/0x650 [ 12.339640] ? __virt_addr_valid+0x1db/0x2d0 [ 12.339684] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.339708] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.339731] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.339766] kasan_report+0x141/0x180 [ 12.339787] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.339816] __asan_report_store1_noabort+0x1b/0x30 [ 12.339840] krealloc_less_oob_helper+0xe23/0x11d0 [ 12.339866] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.339891] ? finish_task_switch.isra.0+0x153/0x700 [ 12.339914] ? __switch_to+0x47/0xf50 [ 12.339938] ? __schedule+0x10cc/0x2b60 [ 12.339959] ? __pfx_read_tsc+0x10/0x10 [ 12.339982] krealloc_less_oob+0x1c/0x30 [ 12.340004] kunit_try_run_case+0x1a5/0x480 [ 12.340027] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.340049] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.340073] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.340096] ? __kthread_parkme+0x82/0x180 [ 12.340116] ? preempt_count_sub+0x50/0x80 [ 12.340138] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.340162] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.340186] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.340211] kthread+0x337/0x6f0 [ 12.340229] ? trace_preempt_on+0x20/0xc0 [ 12.340252] ? __pfx_kthread+0x10/0x10 [ 12.340272] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.340293] ? calculate_sigpending+0x7b/0xa0 [ 12.340317] ? __pfx_kthread+0x10/0x10 [ 12.340337] ret_from_fork+0x116/0x1d0 [ 12.340355] ? __pfx_kthread+0x10/0x10 [ 12.340375] ret_from_fork_asm+0x1a/0x30 [ 12.340405] </TASK> [ 12.340415] [ 12.349587] Allocated by task 176: [ 12.349879] kasan_save_stack+0x45/0x70 [ 12.350069] kasan_save_track+0x18/0x40 [ 12.350216] kasan_save_alloc_info+0x3b/0x50 [ 12.350456] __kasan_krealloc+0x190/0x1f0 [ 12.350720] krealloc_noprof+0xf3/0x340 [ 12.350912] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.351243] krealloc_less_oob+0x1c/0x30 [ 12.351430] kunit_try_run_case+0x1a5/0x480 [ 12.351792] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.352043] kthread+0x337/0x6f0 [ 12.352233] ret_from_fork+0x116/0x1d0 [ 12.352388] ret_from_fork_asm+0x1a/0x30 [ 12.352574] [ 12.352801] The buggy address belongs to the object at ffff888100a29000 [ 12.352801] which belongs to the cache kmalloc-256 of size 256 [ 12.353304] The buggy address is located 7 bytes to the right of [ 12.353304] allocated 201-byte region [ffff888100a29000, ffff888100a290c9) [ 12.353840] [ 12.353995] The buggy address belongs to the physical page: [ 12.354248] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a28 [ 12.354634] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.355016] flags: 0x200000000000040(head|node=0|zone=2) [ 12.355361] page_type: f5(slab) [ 12.355555] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.355900] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.356118] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.356338] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.356993] head: 0200000000000001 ffffea0004028a01 00000000ffffffff 00000000ffffffff [ 12.357371] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.357873] page dumped because: kasan: bad access detected [ 12.358154] [ 12.358248] Memory state around the buggy address: [ 12.358408] ffff888100a28f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.358702] ffff888100a29000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.359062] >ffff888100a29080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.359374] ^ [ 12.359637] ffff888100a29100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.359984] ffff888100a29180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.360308] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 12.239918] ================================================================== [ 12.240317] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 12.240562] Write of size 1 at addr ffff88810034b4eb by task kunit_try_catch/174 [ 12.240935] [ 12.241065] CPU: 0 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.241109] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.241120] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.241140] Call Trace: [ 12.241152] <TASK> [ 12.241167] dump_stack_lvl+0x73/0xb0 [ 12.241195] print_report+0xd1/0x650 [ 12.241217] ? __virt_addr_valid+0x1db/0x2d0 [ 12.241241] ? krealloc_more_oob_helper+0x821/0x930 [ 12.241266] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.241289] ? krealloc_more_oob_helper+0x821/0x930 [ 12.241313] kasan_report+0x141/0x180 [ 12.241335] ? krealloc_more_oob_helper+0x821/0x930 [ 12.241364] __asan_report_store1_noabort+0x1b/0x30 [ 12.241390] krealloc_more_oob_helper+0x821/0x930 [ 12.241412] ? __schedule+0x10cc/0x2b60 [ 12.241434] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.241459] ? finish_task_switch.isra.0+0x153/0x700 [ 12.241483] ? __switch_to+0x47/0xf50 [ 12.241509] ? __schedule+0x10cc/0x2b60 [ 12.241530] ? __pfx_read_tsc+0x10/0x10 [ 12.241600] krealloc_more_oob+0x1c/0x30 [ 12.241622] kunit_try_run_case+0x1a5/0x480 [ 12.241946] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.241973] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.241998] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.242022] ? __kthread_parkme+0x82/0x180 [ 12.242043] ? preempt_count_sub+0x50/0x80 [ 12.242066] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.242091] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.242115] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.242140] kthread+0x337/0x6f0 [ 12.242159] ? trace_preempt_on+0x20/0xc0 [ 12.242184] ? __pfx_kthread+0x10/0x10 [ 12.242204] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.242226] ? calculate_sigpending+0x7b/0xa0 [ 12.242250] ? __pfx_kthread+0x10/0x10 [ 12.242271] ret_from_fork+0x116/0x1d0 [ 12.242289] ? __pfx_kthread+0x10/0x10 [ 12.242310] ret_from_fork_asm+0x1a/0x30 [ 12.242340] </TASK> [ 12.242351] [ 12.254758] Allocated by task 174: [ 12.255325] kasan_save_stack+0x45/0x70 [ 12.255520] kasan_save_track+0x18/0x40 [ 12.255942] kasan_save_alloc_info+0x3b/0x50 [ 12.256148] __kasan_krealloc+0x190/0x1f0 [ 12.256292] krealloc_noprof+0xf3/0x340 [ 12.256492] krealloc_more_oob_helper+0x1a9/0x930 [ 12.256703] krealloc_more_oob+0x1c/0x30 [ 12.257210] kunit_try_run_case+0x1a5/0x480 [ 12.257398] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.257876] kthread+0x337/0x6f0 [ 12.258125] ret_from_fork+0x116/0x1d0 [ 12.258320] ret_from_fork_asm+0x1a/0x30 [ 12.258610] [ 12.258789] The buggy address belongs to the object at ffff88810034b400 [ 12.258789] which belongs to the cache kmalloc-256 of size 256 [ 12.259399] The buggy address is located 0 bytes to the right of [ 12.259399] allocated 235-byte region [ffff88810034b400, ffff88810034b4eb) [ 12.260165] [ 12.260440] The buggy address belongs to the physical page: [ 12.260671] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10034a [ 12.261319] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.261658] flags: 0x200000000000040(head|node=0|zone=2) [ 12.261968] page_type: f5(slab) [ 12.262209] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.262521] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.262835] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.263236] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.263622] head: 0200000000000001 ffffea000400d281 00000000ffffffff 00000000ffffffff [ 12.264201] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.264512] page dumped because: kasan: bad access detected [ 12.264952] [ 12.265053] Memory state around the buggy address: [ 12.265248] ffff88810034b380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.265560] ffff88810034b400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.266154] >ffff88810034b480: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 12.266407] ^ [ 12.266730] ffff88810034b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.267377] ffff88810034b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.267908] ================================================================== [ 12.268638] ================================================================== [ 12.269395] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 12.269851] Write of size 1 at addr ffff88810034b4f0 by task kunit_try_catch/174 [ 12.270144] [ 12.270251] CPU: 0 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.270290] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.270300] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.270318] Call Trace: [ 12.270329] <TASK> [ 12.270344] dump_stack_lvl+0x73/0xb0 [ 12.270377] print_report+0xd1/0x650 [ 12.270399] ? __virt_addr_valid+0x1db/0x2d0 [ 12.270422] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.270445] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.270468] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.270493] kasan_report+0x141/0x180 [ 12.270515] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.270543] __asan_report_store1_noabort+0x1b/0x30 [ 12.270568] krealloc_more_oob_helper+0x7eb/0x930 [ 12.270591] ? __schedule+0x10cc/0x2b60 [ 12.270613] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.270638] ? finish_task_switch.isra.0+0x153/0x700 [ 12.270971] ? __switch_to+0x47/0xf50 [ 12.270998] ? __schedule+0x10cc/0x2b60 [ 12.271020] ? __pfx_read_tsc+0x10/0x10 [ 12.271045] krealloc_more_oob+0x1c/0x30 [ 12.271067] kunit_try_run_case+0x1a5/0x480 [ 12.271092] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.271115] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.271139] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.271162] ? __kthread_parkme+0x82/0x180 [ 12.271183] ? preempt_count_sub+0x50/0x80 [ 12.271206] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.271230] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.271254] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.271278] kthread+0x337/0x6f0 [ 12.271298] ? trace_preempt_on+0x20/0xc0 [ 12.271320] ? __pfx_kthread+0x10/0x10 [ 12.271341] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.271362] ? calculate_sigpending+0x7b/0xa0 [ 12.271386] ? __pfx_kthread+0x10/0x10 [ 12.271407] ret_from_fork+0x116/0x1d0 [ 12.271425] ? __pfx_kthread+0x10/0x10 [ 12.271445] ret_from_fork_asm+0x1a/0x30 [ 12.271476] </TASK> [ 12.271487] [ 12.281894] Allocated by task 174: [ 12.282025] kasan_save_stack+0x45/0x70 [ 12.282170] kasan_save_track+0x18/0x40 [ 12.282366] kasan_save_alloc_info+0x3b/0x50 [ 12.282576] __kasan_krealloc+0x190/0x1f0 [ 12.282770] krealloc_noprof+0xf3/0x340 [ 12.282903] krealloc_more_oob_helper+0x1a9/0x930 [ 12.283646] krealloc_more_oob+0x1c/0x30 [ 12.283883] kunit_try_run_case+0x1a5/0x480 [ 12.284073] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.284280] kthread+0x337/0x6f0 [ 12.284439] ret_from_fork+0x116/0x1d0 [ 12.284615] ret_from_fork_asm+0x1a/0x30 [ 12.285268] [ 12.285369] The buggy address belongs to the object at ffff88810034b400 [ 12.285369] which belongs to the cache kmalloc-256 of size 256 [ 12.286323] The buggy address is located 5 bytes to the right of [ 12.286323] allocated 235-byte region [ffff88810034b400, ffff88810034b4eb) [ 12.287540] [ 12.287720] The buggy address belongs to the physical page: [ 12.287974] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10034a [ 12.288295] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.288598] flags: 0x200000000000040(head|node=0|zone=2) [ 12.289265] page_type: f5(slab) [ 12.289564] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.290009] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.290324] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.290618] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.291006] head: 0200000000000001 ffffea000400d281 00000000ffffffff 00000000ffffffff [ 12.291248] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.291476] page dumped because: kasan: bad access detected [ 12.291655] [ 12.291728] Memory state around the buggy address: [ 12.292311] ffff88810034b380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.293194] ffff88810034b400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.293418] >ffff88810034b480: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 12.293629] ^ [ 12.294375] ffff88810034b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.295252] ffff88810034b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.296113] ================================================================== [ 12.435944] ================================================================== [ 12.436396] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 12.436893] Write of size 1 at addr ffff8881029520eb by task kunit_try_catch/178 [ 12.437183] [ 12.437311] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.437353] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.437364] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.437382] Call Trace: [ 12.437394] <TASK> [ 12.437408] dump_stack_lvl+0x73/0xb0 [ 12.437438] print_report+0xd1/0x650 [ 12.437461] ? __virt_addr_valid+0x1db/0x2d0 [ 12.437485] ? krealloc_more_oob_helper+0x821/0x930 [ 12.437509] ? kasan_addr_to_slab+0x11/0xa0 [ 12.437529] ? krealloc_more_oob_helper+0x821/0x930 [ 12.437573] kasan_report+0x141/0x180 [ 12.437608] ? krealloc_more_oob_helper+0x821/0x930 [ 12.437637] __asan_report_store1_noabort+0x1b/0x30 [ 12.437900] krealloc_more_oob_helper+0x821/0x930 [ 12.437925] ? __schedule+0x10cc/0x2b60 [ 12.437948] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.437974] ? finish_task_switch.isra.0+0x153/0x700 [ 12.437997] ? __switch_to+0x47/0xf50 [ 12.438021] ? __schedule+0x10cc/0x2b60 [ 12.438042] ? __pfx_read_tsc+0x10/0x10 [ 12.438066] krealloc_large_more_oob+0x1c/0x30 [ 12.438090] kunit_try_run_case+0x1a5/0x480 [ 12.438114] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.438137] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.438161] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.438184] ? __kthread_parkme+0x82/0x180 [ 12.438205] ? preempt_count_sub+0x50/0x80 [ 12.438228] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.438252] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.438276] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.438301] kthread+0x337/0x6f0 [ 12.438320] ? trace_preempt_on+0x20/0xc0 [ 12.438343] ? __pfx_kthread+0x10/0x10 [ 12.438369] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.438391] ? calculate_sigpending+0x7b/0xa0 [ 12.438415] ? __pfx_kthread+0x10/0x10 [ 12.438436] ret_from_fork+0x116/0x1d0 [ 12.438455] ? __pfx_kthread+0x10/0x10 [ 12.438475] ret_from_fork_asm+0x1a/0x30 [ 12.438505] </TASK> [ 12.438516] [ 12.447111] The buggy address belongs to the physical page: [ 12.447293] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102950 [ 12.447636] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.447979] flags: 0x200000000000040(head|node=0|zone=2) [ 12.448222] page_type: f8(unknown) [ 12.448396] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.448900] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.449340] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.449843] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.450328] head: 0200000000000002 ffffea00040a5401 00000000ffffffff 00000000ffffffff [ 12.450563] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.451248] page dumped because: kasan: bad access detected [ 12.451530] [ 12.451642] Memory state around the buggy address: [ 12.451986] ffff888102951f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.452330] ffff888102952000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.452593] >ffff888102952080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 12.453120] ^ [ 12.453405] ffff888102952100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.453928] ffff888102952180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.454218] ================================================================== [ 12.454856] ================================================================== [ 12.455226] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 12.455900] Write of size 1 at addr ffff8881029520f0 by task kunit_try_catch/178 [ 12.456171] [ 12.456285] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.456326] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.456336] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.456355] Call Trace: [ 12.456367] <TASK> [ 12.456382] dump_stack_lvl+0x73/0xb0 [ 12.456433] print_report+0xd1/0x650 [ 12.456455] ? __virt_addr_valid+0x1db/0x2d0 [ 12.456479] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.456502] ? kasan_addr_to_slab+0x11/0xa0 [ 12.456522] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.456546] kasan_report+0x141/0x180 [ 12.456583] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.456613] __asan_report_store1_noabort+0x1b/0x30 [ 12.456652] krealloc_more_oob_helper+0x7eb/0x930 [ 12.456675] ? __schedule+0x10cc/0x2b60 [ 12.456711] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.456736] ? finish_task_switch.isra.0+0x153/0x700 [ 12.456787] ? __switch_to+0x47/0xf50 [ 12.456812] ? __schedule+0x10cc/0x2b60 [ 12.456847] ? __pfx_read_tsc+0x10/0x10 [ 12.456884] krealloc_large_more_oob+0x1c/0x30 [ 12.456921] kunit_try_run_case+0x1a5/0x480 [ 12.456945] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.457027] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.457052] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.457076] ? __kthread_parkme+0x82/0x180 [ 12.457096] ? preempt_count_sub+0x50/0x80 [ 12.457119] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.457143] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.457167] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.457192] kthread+0x337/0x6f0 [ 12.457211] ? trace_preempt_on+0x20/0xc0 [ 12.457234] ? __pfx_kthread+0x10/0x10 [ 12.457254] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.457276] ? calculate_sigpending+0x7b/0xa0 [ 12.457300] ? __pfx_kthread+0x10/0x10 [ 12.457321] ret_from_fork+0x116/0x1d0 [ 12.457339] ? __pfx_kthread+0x10/0x10 [ 12.457359] ret_from_fork_asm+0x1a/0x30 [ 12.457390] </TASK> [ 12.457400] [ 12.468373] The buggy address belongs to the physical page: [ 12.468790] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102950 [ 12.469139] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.469599] flags: 0x200000000000040(head|node=0|zone=2) [ 12.470228] page_type: f8(unknown) [ 12.470507] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.471055] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.471400] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.472075] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.472483] head: 0200000000000002 ffffea00040a5401 00000000ffffffff 00000000ffffffff [ 12.473023] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.473469] page dumped because: kasan: bad access detected [ 12.474046] [ 12.474151] Memory state around the buggy address: [ 12.474342] ffff888102951f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.474856] ffff888102952000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.475173] >ffff888102952080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 12.475487] ^ [ 12.476033] ffff888102952100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.476279] ffff888102952180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.476711] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 51.185613] ================================================================== [ 51.186040] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 51.186040] [ 51.186561] Use-after-free read at 0x(____ptrval____) (in kfence-#147): [ 51.187162] test_krealloc+0x6fc/0xbe0 [ 51.187358] kunit_try_run_case+0x1a5/0x480 [ 51.187553] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 51.188084] kthread+0x337/0x6f0 [ 51.188247] ret_from_fork+0x116/0x1d0 [ 51.188587] ret_from_fork_asm+0x1a/0x30 [ 51.188961] [ 51.189203] kfence-#147: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 51.189203] [ 51.189606] allocated by task 355 on cpu 1 at 51.185026s (0.004579s ago): [ 51.190166] test_alloc+0x364/0x10f0 [ 51.190451] test_krealloc+0xad/0xbe0 [ 51.190768] kunit_try_run_case+0x1a5/0x480 [ 51.191056] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 51.191298] kthread+0x337/0x6f0 [ 51.191454] ret_from_fork+0x116/0x1d0 [ 51.191626] ret_from_fork_asm+0x1a/0x30 [ 51.192056] [ 51.192154] freed by task 355 on cpu 1 at 51.185250s (0.006902s ago): [ 51.192535] krealloc_noprof+0x108/0x340 [ 51.192848] test_krealloc+0x226/0xbe0 [ 51.193138] kunit_try_run_case+0x1a5/0x480 [ 51.193429] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 51.193789] kthread+0x337/0x6f0 [ 51.194097] ret_from_fork+0x116/0x1d0 [ 51.194278] ret_from_fork_asm+0x1a/0x30 [ 51.194553] [ 51.194657] CPU: 1 UID: 0 PID: 355 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 51.195281] Tainted: [B]=BAD_PAGE, [N]=TEST [ 51.195575] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 51.196083] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 51.092057] ================================================================== [ 51.092471] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 51.092471] [ 51.092943] Use-after-free read at 0x(____ptrval____) (in kfence-#146): [ 51.093997] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 51.095107] kunit_try_run_case+0x1a5/0x480 [ 51.095286] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 51.095466] kthread+0x337/0x6f0 [ 51.095591] ret_from_fork+0x116/0x1d0 [ 51.096175] ret_from_fork_asm+0x1a/0x30 [ 51.096708] [ 51.096943] kfence-#146: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 51.096943] [ 51.097240] allocated by task 353 on cpu 1 at 51.081031s (0.016206s ago): [ 51.097475] test_alloc+0x2a6/0x10f0 [ 51.097609] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 51.097830] kunit_try_run_case+0x1a5/0x480 [ 51.098184] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 51.098477] kthread+0x337/0x6f0 [ 51.098636] ret_from_fork+0x116/0x1d0 [ 51.099047] ret_from_fork_asm+0x1a/0x30 [ 51.099229] [ 51.099306] freed by task 353 on cpu 1 at 51.081130s (0.018174s ago): [ 51.099786] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 51.100119] kunit_try_run_case+0x1a5/0x480 [ 51.100269] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 51.100448] kthread+0x337/0x6f0 [ 51.100569] ret_from_fork+0x116/0x1d0 [ 51.100720] ret_from_fork_asm+0x1a/0x30 [ 51.101071] [ 51.101177] CPU: 1 UID: 0 PID: 353 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 51.101503] Tainted: [B]=BAD_PAGE, [N]=TEST [ 51.101646] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 51.102164] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 25.926005] ================================================================== [ 25.926521] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 25.926521] [ 25.927326] Invalid read at 0x(____ptrval____): [ 25.927591] test_invalid_access+0xf0/0x210 [ 25.928089] kunit_try_run_case+0x1a5/0x480 [ 25.928297] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.928626] kthread+0x337/0x6f0 [ 25.928844] ret_from_fork+0x116/0x1d0 [ 25.929003] ret_from_fork_asm+0x1a/0x30 [ 25.929312] [ 25.929428] CPU: 0 UID: 0 PID: 349 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 25.930287] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.930491] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.931254] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 25.705260] ================================================================== [ 25.705665] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 25.705665] [ 25.706069] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#142): [ 25.706773] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 25.706997] kunit_try_run_case+0x1a5/0x480 [ 25.707211] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.707430] kthread+0x337/0x6f0 [ 25.707627] ret_from_fork+0x116/0x1d0 [ 25.707889] ret_from_fork_asm+0x1a/0x30 [ 25.708071] [ 25.708145] kfence-#142: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 25.708145] [ 25.708550] allocated by task 343 on cpu 1 at 25.705005s (0.003543s ago): [ 25.708894] test_alloc+0x364/0x10f0 [ 25.709066] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 25.709282] kunit_try_run_case+0x1a5/0x480 [ 25.709517] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.709773] kthread+0x337/0x6f0 [ 25.709933] ret_from_fork+0x116/0x1d0 [ 25.710077] ret_from_fork_asm+0x1a/0x30 [ 25.710213] [ 25.710309] freed by task 343 on cpu 1 at 25.705143s (0.005164s ago): [ 25.710630] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 25.710977] kunit_try_run_case+0x1a5/0x480 [ 25.711165] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.711387] kthread+0x337/0x6f0 [ 25.711576] ret_from_fork+0x116/0x1d0 [ 25.711798] ret_from_fork_asm+0x1a/0x30 [ 25.711983] [ 25.712133] CPU: 1 UID: 0 PID: 343 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 25.712626] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.712842] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.713095] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 25.289111] ================================================================== [ 25.289510] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 25.289510] [ 25.289919] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#138): [ 25.290283] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 25.290517] kunit_try_run_case+0x1a5/0x480 [ 25.290734] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.290950] kthread+0x337/0x6f0 [ 25.291130] ret_from_fork+0x116/0x1d0 [ 25.291331] ret_from_fork_asm+0x1a/0x30 [ 25.291498] [ 25.291573] kfence-#138: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 25.291573] [ 25.292191] allocated by task 341 on cpu 0 at 25.288891s (0.003298s ago): [ 25.292485] test_alloc+0x364/0x10f0 [ 25.292665] test_kmalloc_aligned_oob_read+0x105/0x560 [ 25.292888] kunit_try_run_case+0x1a5/0x480 [ 25.293099] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.293318] kthread+0x337/0x6f0 [ 25.293475] ret_from_fork+0x116/0x1d0 [ 25.293673] ret_from_fork_asm+0x1a/0x30 [ 25.293854] [ 25.293979] CPU: 0 UID: 0 PID: 341 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 25.294395] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.294581] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.294890] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 19.569104] ================================================================== [ 19.569488] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 19.569488] [ 19.569915] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#83): [ 19.570460] test_corruption+0x131/0x3e0 [ 19.570678] kunit_try_run_case+0x1a5/0x480 [ 19.570905] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.571144] kthread+0x337/0x6f0 [ 19.571318] ret_from_fork+0x116/0x1d0 [ 19.571488] ret_from_fork_asm+0x1a/0x30 [ 19.571633] [ 19.571716] kfence-#83: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.571716] [ 19.572148] allocated by task 331 on cpu 0 at 19.568978s (0.003169s ago): [ 19.572510] test_alloc+0x2a6/0x10f0 [ 19.572681] test_corruption+0xe6/0x3e0 [ 19.572830] kunit_try_run_case+0x1a5/0x480 [ 19.573034] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.573300] kthread+0x337/0x6f0 [ 19.573514] ret_from_fork+0x116/0x1d0 [ 19.573727] ret_from_fork_asm+0x1a/0x30 [ 19.573889] [ 19.573988] freed by task 331 on cpu 0 at 19.569032s (0.004954s ago): [ 19.574259] test_corruption+0x131/0x3e0 [ 19.574421] kunit_try_run_case+0x1a5/0x480 [ 19.574635] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.574916] kthread+0x337/0x6f0 [ 19.575052] ret_from_fork+0x116/0x1d0 [ 19.575229] ret_from_fork_asm+0x1a/0x30 [ 19.575371] [ 19.575465] CPU: 0 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 19.575940] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.576148] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.576485] ================================================================== [ 19.049186] ================================================================== [ 19.049577] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 19.049577] [ 19.050036] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#78): [ 19.050651] test_corruption+0x2d2/0x3e0 [ 19.050861] kunit_try_run_case+0x1a5/0x480 [ 19.051027] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.051282] kthread+0x337/0x6f0 [ 19.051429] ret_from_fork+0x116/0x1d0 [ 19.051605] ret_from_fork_asm+0x1a/0x30 [ 19.051798] [ 19.051870] kfence-#78: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 19.051870] [ 19.052264] allocated by task 329 on cpu 0 at 19.049015s (0.003246s ago): [ 19.052505] test_alloc+0x364/0x10f0 [ 19.052664] test_corruption+0xe6/0x3e0 [ 19.052877] kunit_try_run_case+0x1a5/0x480 [ 19.053094] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.053315] kthread+0x337/0x6f0 [ 19.053477] ret_from_fork+0x116/0x1d0 [ 19.053636] ret_from_fork_asm+0x1a/0x30 [ 19.053867] [ 19.053954] freed by task 329 on cpu 0 at 19.049112s (0.004839s ago): [ 19.054231] test_corruption+0x2d2/0x3e0 [ 19.054429] kunit_try_run_case+0x1a5/0x480 [ 19.054600] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.054881] kthread+0x337/0x6f0 [ 19.055006] ret_from_fork+0x116/0x1d0 [ 19.055140] ret_from_fork_asm+0x1a/0x30 [ 19.055453] [ 19.055572] CPU: 0 UID: 0 PID: 329 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 19.056197] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.056337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.056720] ================================================================== [ 19.154269] ================================================================== [ 19.154650] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 19.154650] [ 19.155003] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#79): [ 19.155319] test_corruption+0x2df/0x3e0 [ 19.155472] kunit_try_run_case+0x1a5/0x480 [ 19.155623] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.155811] kthread+0x337/0x6f0 [ 19.155938] ret_from_fork+0x116/0x1d0 [ 19.156073] ret_from_fork_asm+0x1a/0x30 [ 19.156216] [ 19.156288] kfence-#79: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 19.156288] [ 19.156570] allocated by task 329 on cpu 0 at 19.153944s (0.002624s ago): [ 19.156855] test_alloc+0x364/0x10f0 [ 19.156992] test_corruption+0x1cb/0x3e0 [ 19.157137] kunit_try_run_case+0x1a5/0x480 [ 19.157288] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.157659] kthread+0x337/0x6f0 [ 19.157846] ret_from_fork+0x116/0x1d0 [ 19.158040] ret_from_fork_asm+0x1a/0x30 [ 19.158242] [ 19.158337] freed by task 329 on cpu 0 at 19.154117s (0.004218s ago): [ 19.158655] test_corruption+0x2df/0x3e0 [ 19.158875] kunit_try_run_case+0x1a5/0x480 [ 19.159088] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.159299] kthread+0x337/0x6f0 [ 19.159460] ret_from_fork+0x116/0x1d0 [ 19.159592] ret_from_fork_asm+0x1a/0x30 [ 19.159909] [ 19.160032] CPU: 0 UID: 0 PID: 329 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 19.160451] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.160624] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.161010] ================================================================== [ 20.505271] ================================================================== [ 20.505680] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 20.505680] [ 20.506021] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#92): [ 20.506402] test_corruption+0x216/0x3e0 [ 20.506709] kunit_try_run_case+0x1a5/0x480 [ 20.506885] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.507114] kthread+0x337/0x6f0 [ 20.507239] ret_from_fork+0x116/0x1d0 [ 20.507413] ret_from_fork_asm+0x1a/0x30 [ 20.507618] [ 20.507766] kfence-#92: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 20.507766] [ 20.508070] allocated by task 331 on cpu 0 at 20.505165s (0.002903s ago): [ 20.508482] test_alloc+0x2a6/0x10f0 [ 20.508665] test_corruption+0x1cb/0x3e0 [ 20.508849] kunit_try_run_case+0x1a5/0x480 [ 20.509025] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.509244] kthread+0x337/0x6f0 [ 20.509408] ret_from_fork+0x116/0x1d0 [ 20.509545] ret_from_fork_asm+0x1a/0x30 [ 20.509686] [ 20.509793] freed by task 331 on cpu 0 at 20.505196s (0.004595s ago): [ 20.510105] test_corruption+0x216/0x3e0 [ 20.510353] kunit_try_run_case+0x1a5/0x480 [ 20.510550] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.510831] kthread+0x337/0x6f0 [ 20.510971] ret_from_fork+0x116/0x1d0 [ 20.511104] ret_from_fork_asm+0x1a/0x30 [ 20.511244] [ 20.511346] CPU: 0 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 20.511994] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.512201] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.512468] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 18.945098] ================================================================== [ 18.945489] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 18.945489] [ 18.945866] Invalid free of 0x(____ptrval____) (in kfence-#77): [ 18.946490] test_invalid_addr_free+0xfb/0x260 [ 18.946742] kunit_try_run_case+0x1a5/0x480 [ 18.946931] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.947170] kthread+0x337/0x6f0 [ 18.947353] ret_from_fork+0x116/0x1d0 [ 18.947542] ret_from_fork_asm+0x1a/0x30 [ 18.948115] [ 18.948213] kfence-#77: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.948213] [ 18.948689] allocated by task 327 on cpu 1 at 18.944995s (0.003692s ago): [ 18.949135] test_alloc+0x2a6/0x10f0 [ 18.949281] test_invalid_addr_free+0xdb/0x260 [ 18.949611] kunit_try_run_case+0x1a5/0x480 [ 18.949872] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.950241] kthread+0x337/0x6f0 [ 18.950473] ret_from_fork+0x116/0x1d0 [ 18.950654] ret_from_fork_asm+0x1a/0x30 [ 18.951000] [ 18.951112] CPU: 1 UID: 0 PID: 327 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.951548] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.951716] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.952074] ================================================================== [ 18.841119] ================================================================== [ 18.841579] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 18.841579] [ 18.841950] Invalid free of 0x(____ptrval____) (in kfence-#76): [ 18.842828] test_invalid_addr_free+0x1e1/0x260 [ 18.843159] kunit_try_run_case+0x1a5/0x480 [ 18.843458] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.843839] kthread+0x337/0x6f0 [ 18.844107] ret_from_fork+0x116/0x1d0 [ 18.844373] ret_from_fork_asm+0x1a/0x30 [ 18.844552] [ 18.844785] kfence-#76: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.844785] [ 18.845168] allocated by task 325 on cpu 1 at 18.840984s (0.004183s ago): [ 18.845406] test_alloc+0x364/0x10f0 [ 18.845603] test_invalid_addr_free+0xdb/0x260 [ 18.845785] kunit_try_run_case+0x1a5/0x480 [ 18.846075] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.846401] kthread+0x337/0x6f0 [ 18.846582] ret_from_fork+0x116/0x1d0 [ 18.846874] ret_from_fork_asm+0x1a/0x30 [ 18.847098] [ 18.847237] CPU: 1 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.847683] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.847990] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.848386] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 18.737091] ================================================================== [ 18.737479] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 18.737479] [ 18.737766] Invalid free of 0x(____ptrval____) (in kfence-#75): [ 18.738088] test_double_free+0x112/0x260 [ 18.738276] kunit_try_run_case+0x1a5/0x480 [ 18.738473] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.738693] kthread+0x337/0x6f0 [ 18.738884] ret_from_fork+0x116/0x1d0 [ 18.739074] ret_from_fork_asm+0x1a/0x30 [ 18.739218] [ 18.739301] kfence-#75: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.739301] [ 18.739646] allocated by task 323 on cpu 0 at 18.736920s (0.002723s ago): [ 18.739946] test_alloc+0x2a6/0x10f0 [ 18.740136] test_double_free+0xdb/0x260 [ 18.740334] kunit_try_run_case+0x1a5/0x480 [ 18.740549] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.740731] kthread+0x337/0x6f0 [ 18.740862] ret_from_fork+0x116/0x1d0 [ 18.741040] ret_from_fork_asm+0x1a/0x30 [ 18.741237] [ 18.741366] freed by task 323 on cpu 0 at 18.736971s (0.004393s ago): [ 18.741675] test_double_free+0xfa/0x260 [ 18.741833] kunit_try_run_case+0x1a5/0x480 [ 18.741984] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.742243] kthread+0x337/0x6f0 [ 18.742420] ret_from_fork+0x116/0x1d0 [ 18.742610] ret_from_fork_asm+0x1a/0x30 [ 18.742805] [ 18.742900] CPU: 0 UID: 0 PID: 323 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.743311] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.743493] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.743811] ================================================================== [ 18.633182] ================================================================== [ 18.633585] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 18.633585] [ 18.633972] Invalid free of 0x(____ptrval____) (in kfence-#74): [ 18.634881] test_double_free+0x1d3/0x260 [ 18.635237] kunit_try_run_case+0x1a5/0x480 [ 18.635545] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.635842] kthread+0x337/0x6f0 [ 18.636158] ret_from_fork+0x116/0x1d0 [ 18.636427] ret_from_fork_asm+0x1a/0x30 [ 18.636729] [ 18.636869] kfence-#74: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.636869] [ 18.637416] allocated by task 321 on cpu 1 at 18.633002s (0.004412s ago): [ 18.637882] test_alloc+0x364/0x10f0 [ 18.638060] test_double_free+0xdb/0x260 [ 18.638248] kunit_try_run_case+0x1a5/0x480 [ 18.638450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.638987] kthread+0x337/0x6f0 [ 18.639161] ret_from_fork+0x116/0x1d0 [ 18.639330] ret_from_fork_asm+0x1a/0x30 [ 18.639662] [ 18.639779] freed by task 321 on cpu 1 at 18.633068s (0.006708s ago): [ 18.640207] test_double_free+0x1e0/0x260 [ 18.640480] kunit_try_run_case+0x1a5/0x480 [ 18.640782] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.641012] kthread+0x337/0x6f0 [ 18.641264] ret_from_fork+0x116/0x1d0 [ 18.641623] ret_from_fork_asm+0x1a/0x30 [ 18.641877] [ 18.642131] CPU: 1 UID: 0 PID: 321 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.642671] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.642898] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.643396] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 18.217084] ================================================================== [ 18.217468] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 18.217468] [ 18.217972] Use-after-free read at 0x(____ptrval____) (in kfence-#70): [ 18.219040] test_use_after_free_read+0x129/0x270 [ 18.219275] kunit_try_run_case+0x1a5/0x480 [ 18.219480] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.220025] kthread+0x337/0x6f0 [ 18.220197] ret_from_fork+0x116/0x1d0 [ 18.220535] ret_from_fork_asm+0x1a/0x30 [ 18.220857] [ 18.220955] kfence-#70: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.220955] [ 18.221468] allocated by task 313 on cpu 1 at 18.216902s (0.004563s ago): [ 18.221953] test_alloc+0x364/0x10f0 [ 18.222222] test_use_after_free_read+0xdc/0x270 [ 18.222459] kunit_try_run_case+0x1a5/0x480 [ 18.222890] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.223231] kthread+0x337/0x6f0 [ 18.223489] ret_from_fork+0x116/0x1d0 [ 18.223674] ret_from_fork_asm+0x1a/0x30 [ 18.223887] [ 18.223961] freed by task 313 on cpu 1 at 18.216970s (0.006988s ago): [ 18.224259] test_use_after_free_read+0x1e7/0x270 [ 18.224464] kunit_try_run_case+0x1a5/0x480 [ 18.225036] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.225288] kthread+0x337/0x6f0 [ 18.225531] ret_from_fork+0x116/0x1d0 [ 18.225857] ret_from_fork_asm+0x1a/0x30 [ 18.226145] [ 18.226292] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.226912] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.227199] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.227582] ================================================================== [ 18.321139] ================================================================== [ 18.321595] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 18.321595] [ 18.322029] Use-after-free read at 0x(____ptrval____) (in kfence-#71): [ 18.322305] test_use_after_free_read+0x129/0x270 [ 18.322477] kunit_try_run_case+0x1a5/0x480 [ 18.322691] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.323058] kthread+0x337/0x6f0 [ 18.323244] ret_from_fork+0x116/0x1d0 [ 18.323414] ret_from_fork_asm+0x1a/0x30 [ 18.323605] [ 18.323758] kfence-#71: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.323758] [ 18.324040] allocated by task 315 on cpu 0 at 18.320994s (0.003044s ago): [ 18.324367] test_alloc+0x2a6/0x10f0 [ 18.324553] test_use_after_free_read+0xdc/0x270 [ 18.324939] kunit_try_run_case+0x1a5/0x480 [ 18.325103] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.325324] kthread+0x337/0x6f0 [ 18.325448] ret_from_fork+0x116/0x1d0 [ 18.325605] ret_from_fork_asm+0x1a/0x30 [ 18.325830] [ 18.325927] freed by task 315 on cpu 0 at 18.321051s (0.004874s ago): [ 18.326247] test_use_after_free_read+0xfb/0x270 [ 18.326415] kunit_try_run_case+0x1a5/0x480 [ 18.326629] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.326913] kthread+0x337/0x6f0 [ 18.327079] ret_from_fork+0x116/0x1d0 [ 18.327244] ret_from_fork_asm+0x1a/0x30 [ 18.327395] [ 18.327520] CPU: 0 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.327918] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.328056] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.328816] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 18.113031] ================================================================== [ 18.113421] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 18.113421] [ 18.113842] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#69): [ 18.114121] test_out_of_bounds_write+0x10d/0x260 [ 18.114289] kunit_try_run_case+0x1a5/0x480 [ 18.114516] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.114946] kthread+0x337/0x6f0 [ 18.115087] ret_from_fork+0x116/0x1d0 [ 18.115282] ret_from_fork_asm+0x1a/0x30 [ 18.115479] [ 18.115555] kfence-#69: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.115555] [ 18.115988] allocated by task 311 on cpu 0 at 18.112972s (0.003014s ago): [ 18.116301] test_alloc+0x2a6/0x10f0 [ 18.116452] test_out_of_bounds_write+0xd4/0x260 [ 18.116660] kunit_try_run_case+0x1a5/0x480 [ 18.116856] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.117091] kthread+0x337/0x6f0 [ 18.117234] ret_from_fork+0x116/0x1d0 [ 18.117424] ret_from_fork_asm+0x1a/0x30 [ 18.117606] [ 18.117712] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.118092] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.118233] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.118602] ================================================================== [ 17.905083] ================================================================== [ 17.905475] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 17.905475] [ 17.906143] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#67): [ 17.906448] test_out_of_bounds_write+0x10d/0x260 [ 17.907013] kunit_try_run_case+0x1a5/0x480 [ 17.907231] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.907579] kthread+0x337/0x6f0 [ 17.907899] ret_from_fork+0x116/0x1d0 [ 17.908189] ret_from_fork_asm+0x1a/0x30 [ 17.908396] [ 17.908621] kfence-#67: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.908621] [ 17.909204] allocated by task 309 on cpu 1 at 17.904957s (0.004245s ago): [ 17.909686] test_alloc+0x364/0x10f0 [ 17.909912] test_out_of_bounds_write+0xd4/0x260 [ 17.910267] kunit_try_run_case+0x1a5/0x480 [ 17.910562] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.910924] kthread+0x337/0x6f0 [ 17.911100] ret_from_fork+0x116/0x1d0 [ 17.911320] ret_from_fork_asm+0x1a/0x30 [ 17.911651] [ 17.911829] CPU: 1 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.912432] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.912631] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.913107] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 17.178145] ================================================================== [ 17.178655] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 17.178655] [ 17.179615] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#60): [ 17.180146] test_out_of_bounds_read+0x126/0x4e0 [ 17.180490] kunit_try_run_case+0x1a5/0x480 [ 17.180835] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.181181] kthread+0x337/0x6f0 [ 17.181434] ret_from_fork+0x116/0x1d0 [ 17.181685] ret_from_fork_asm+0x1a/0x30 [ 17.181981] [ 17.182087] kfence-#60: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.182087] [ 17.182479] allocated by task 305 on cpu 1 at 17.177862s (0.004615s ago): [ 17.183018] test_alloc+0x364/0x10f0 [ 17.183166] test_out_of_bounds_read+0xed/0x4e0 [ 17.183514] kunit_try_run_case+0x1a5/0x480 [ 17.183743] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.184138] kthread+0x337/0x6f0 [ 17.184300] ret_from_fork+0x116/0x1d0 [ 17.184578] ret_from_fork_asm+0x1a/0x30 [ 17.184924] [ 17.185052] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.185483] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.185878] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.186262] ================================================================== [ 17.697069] ================================================================== [ 17.697478] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 17.697478] [ 17.697918] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#65): [ 17.698230] test_out_of_bounds_read+0x126/0x4e0 [ 17.698445] kunit_try_run_case+0x1a5/0x480 [ 17.698600] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.698993] kthread+0x337/0x6f0 [ 17.699304] ret_from_fork+0x116/0x1d0 [ 17.699489] ret_from_fork_asm+0x1a/0x30 [ 17.699637] [ 17.699717] kfence-#65: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.699717] [ 17.700132] allocated by task 307 on cpu 0 at 17.697006s (0.003124s ago): [ 17.700392] test_alloc+0x2a6/0x10f0 [ 17.700587] test_out_of_bounds_read+0xed/0x4e0 [ 17.701004] kunit_try_run_case+0x1a5/0x480 [ 17.701200] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.701450] kthread+0x337/0x6f0 [ 17.701626] ret_from_fork+0x116/0x1d0 [ 17.701893] ret_from_fork_asm+0x1a/0x30 [ 17.702106] [ 17.702234] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.702672] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.702895] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.703245] ================================================================== [ 17.801019] ================================================================== [ 17.801392] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 17.801392] [ 17.801793] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#66): [ 17.802150] test_out_of_bounds_read+0x216/0x4e0 [ 17.802321] kunit_try_run_case+0x1a5/0x480 [ 17.802512] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.802842] kthread+0x337/0x6f0 [ 17.803080] ret_from_fork+0x116/0x1d0 [ 17.803267] ret_from_fork_asm+0x1a/0x30 [ 17.803409] [ 17.803505] kfence-#66: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.803505] [ 17.803873] allocated by task 307 on cpu 0 at 17.800967s (0.002904s ago): [ 17.804184] test_alloc+0x2a6/0x10f0 [ 17.804364] test_out_of_bounds_read+0x1e2/0x4e0 [ 17.804566] kunit_try_run_case+0x1a5/0x480 [ 17.804809] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.805023] kthread+0x337/0x6f0 [ 17.805200] ret_from_fork+0x116/0x1d0 [ 17.805383] ret_from_fork_asm+0x1a/0x30 [ 17.805576] [ 17.805688] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.806058] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.806264] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.806635] ================================================================== [ 17.281180] ================================================================== [ 17.281572] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 17.281572] [ 17.282023] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#61): [ 17.282670] test_out_of_bounds_read+0x216/0x4e0 [ 17.282939] kunit_try_run_case+0x1a5/0x480 [ 17.283136] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.283399] kthread+0x337/0x6f0 [ 17.283579] ret_from_fork+0x116/0x1d0 [ 17.284254] ret_from_fork_asm+0x1a/0x30 [ 17.284426] [ 17.284532] kfence-#61: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.284532] [ 17.285255] allocated by task 305 on cpu 1 at 17.280983s (0.004270s ago): [ 17.285773] test_alloc+0x364/0x10f0 [ 17.285957] test_out_of_bounds_read+0x1e2/0x4e0 [ 17.286232] kunit_try_run_case+0x1a5/0x480 [ 17.286433] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.286881] kthread+0x337/0x6f0 [ 17.287054] ret_from_fork+0x116/0x1d0 [ 17.287235] ret_from_fork_asm+0x1a/0x30 [ 17.287413] [ 17.287518] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.288200] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.288396] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.288996] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 12.217741] ================================================================== [ 12.218419] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 12.218682] Read of size 1 at addr ffff888103b00000 by task kunit_try_catch/172 [ 12.219086] [ 12.219205] CPU: 1 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.219247] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.219258] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.219278] Call Trace: [ 12.219290] <TASK> [ 12.219306] dump_stack_lvl+0x73/0xb0 [ 12.219337] print_report+0xd1/0x650 [ 12.219359] ? __virt_addr_valid+0x1db/0x2d0 [ 12.219383] ? page_alloc_uaf+0x356/0x3d0 [ 12.219405] ? kasan_addr_to_slab+0x11/0xa0 [ 12.219425] ? page_alloc_uaf+0x356/0x3d0 [ 12.219447] kasan_report+0x141/0x180 [ 12.219469] ? page_alloc_uaf+0x356/0x3d0 [ 12.219495] __asan_report_load1_noabort+0x18/0x20 [ 12.219520] page_alloc_uaf+0x356/0x3d0 [ 12.219541] ? __pfx_page_alloc_uaf+0x10/0x10 [ 12.219565] ? __schedule+0x10cc/0x2b60 [ 12.219587] ? __pfx_read_tsc+0x10/0x10 [ 12.219609] ? ktime_get_ts64+0x86/0x230 [ 12.219634] kunit_try_run_case+0x1a5/0x480 [ 12.219860] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.219890] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.219915] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.219940] ? __kthread_parkme+0x82/0x180 [ 12.219961] ? preempt_count_sub+0x50/0x80 [ 12.219985] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.220009] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.220034] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.220059] kthread+0x337/0x6f0 [ 12.220710] ? trace_preempt_on+0x20/0xc0 [ 12.220739] ? __pfx_kthread+0x10/0x10 [ 12.220784] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.220808] ? calculate_sigpending+0x7b/0xa0 [ 12.220832] ? __pfx_kthread+0x10/0x10 [ 12.220854] ret_from_fork+0x116/0x1d0 [ 12.220873] ? __pfx_kthread+0x10/0x10 [ 12.220895] ret_from_fork_asm+0x1a/0x30 [ 12.220929] </TASK> [ 12.220942] [ 12.231620] The buggy address belongs to the physical page: [ 12.231894] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b00 [ 12.232392] flags: 0x200000000000000(node=0|zone=2) [ 12.232899] page_type: f0(buddy) [ 12.233202] raw: 0200000000000000 ffff88817fffc580 ffff88817fffc580 0000000000000000 [ 12.233964] raw: 0000000000000000 0000000000000008 00000000f0000000 0000000000000000 [ 12.234381] page dumped because: kasan: bad access detected [ 12.234554] [ 12.234625] Memory state around the buggy address: [ 12.234805] ffff888103afff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.235108] ffff888103afff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.235391] >ffff888103b00000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.235672] ^ [ 12.236135] ffff888103b00080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.236443] ffff888103b00100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.236807] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-kfree_sensitive
[ 12.979596] ================================================================== [ 12.980062] BUG: KFENCE: invalid free in kfree_sensitive+0x67/0x90 [ 12.980062] [ 12.980436] Invalid free of 0x(____ptrval____) (in kfence-#40): [ 12.980879] kfree_sensitive+0x67/0x90 [ 12.981047] kmalloc_double_kzfree+0x19c/0x350 [ 12.981258] kunit_try_run_case+0x1a5/0x480 [ 12.981454] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.981714] kthread+0x337/0x6f0 [ 12.981934] ret_from_fork+0x116/0x1d0 [ 12.982126] ret_from_fork_asm+0x1a/0x30 [ 12.982288] [ 12.982388] kfence-#40: 0x(____ptrval____)-0x(____ptrval____), size=16, cache=kmalloc-16 [ 12.982388] [ 12.982710] allocated by task 210 on cpu 1 at 12.969119s (0.013590s ago): [ 12.983210] kmalloc_double_kzfree+0xa9/0x350 [ 12.983449] kunit_try_run_case+0x1a5/0x480 [ 12.983696] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.983906] kthread+0x337/0x6f0 [ 12.984028] ret_from_fork+0x116/0x1d0 [ 12.984158] ret_from_fork_asm+0x1a/0x30 [ 12.984353] [ 12.984445] freed by task 210 on cpu 1 at 12.969196s (0.015247s ago): [ 12.984979] kfree_sensitive+0x67/0x90 [ 12.985184] kmalloc_double_kzfree+0x12b/0x350 [ 12.985365] kunit_try_run_case+0x1a5/0x480 [ 12.985572] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.985912] kthread+0x337/0x6f0 [ 12.986081] ret_from_fork+0x116/0x1d0 [ 12.986224] ret_from_fork_asm+0x1a/0x30 [ 12.986369] [ 12.986484] CPU: 1 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.987045] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.987233] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.987552] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-write-in-memset_orig
[ 12.970159] ================================================================== [ 12.970908] BUG: KFENCE: use-after-free write in memset_orig+0x72/0xb0 [ 12.970908] [ 12.971310] Use-after-free write at 0x(____ptrval____) (in kfence-#40): [ 12.971557] memset_orig+0x72/0xb0 [ 12.971880] kmalloc_double_kzfree+0x19c/0x350 [ 12.972051] kunit_try_run_case+0x1a5/0x480 [ 12.972259] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.972461] kthread+0x337/0x6f0 [ 12.972628] ret_from_fork+0x116/0x1d0 [ 12.973033] ret_from_fork_asm+0x1a/0x30 [ 12.973204] [ 12.973299] kfence-#40: 0x(____ptrval____)-0x(____ptrval____), size=16, cache=kmalloc-16 [ 12.973299] [ 12.973670] allocated by task 210 on cpu 1 at 12.969119s (0.004549s ago): [ 12.974144] kmalloc_double_kzfree+0xa9/0x350 [ 12.974317] kunit_try_run_case+0x1a5/0x480 [ 12.974534] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.974855] kthread+0x337/0x6f0 [ 12.975029] ret_from_fork+0x116/0x1d0 [ 12.975204] ret_from_fork_asm+0x1a/0x30 [ 12.975344] [ 12.975428] freed by task 210 on cpu 1 at 12.969196s (0.006230s ago): [ 12.975788] kfree_sensitive+0x67/0x90 [ 12.976082] kmalloc_double_kzfree+0x12b/0x350 [ 12.976237] kunit_try_run_case+0x1a5/0x480 [ 12.976460] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.976950] kthread+0x337/0x6f0 [ 12.977160] ret_from_fork+0x116/0x1d0 [ 12.977336] ret_from_fork_asm+0x1a/0x30 [ 12.977475] [ 12.977571] CPU: 1 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.978196] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.978406] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.978770] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-kmalloc_oob_memset_4
[ 12.750033] ================================================================== [ 12.753124] BUG: KFENCE: memory corruption in kmalloc_oob_memset_4+0x187/0x330 [ 12.753124] [ 12.755265] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#38): [ 12.756798] kmalloc_oob_memset_4+0x187/0x330 [ 12.757061] kunit_try_run_case+0x1a5/0x480 [ 12.757282] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.757518] kthread+0x337/0x6f0 [ 12.757722] ret_from_fork+0x116/0x1d0 [ 12.757905] ret_from_fork_asm+0x1a/0x30 [ 12.758083] [ 12.758324] kfence-#38: 0x(____ptrval____)-0x(____ptrval____), size=120, cache=kmalloc-128 [ 12.758324] [ 12.758877] allocated by task 192 on cpu 0 at 12.747278s (0.011541s ago): [ 12.759256] kmalloc_oob_memset_4+0xac/0x330 [ 12.759462] kunit_try_run_case+0x1a5/0x480 [ 12.759669] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.759918] kthread+0x337/0x6f0 [ 12.760063] ret_from_fork+0x116/0x1d0 [ 12.760218] ret_from_fork_asm+0x1a/0x30 [ 12.760438] [ 12.760631] freed by task 192 on cpu 0 at 12.749549s (0.011012s ago): [ 12.760945] kmalloc_oob_memset_4+0x187/0x330 [ 12.761154] kunit_try_run_case+0x1a5/0x480 [ 12.761300] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.761488] kthread+0x337/0x6f0 [ 12.761653] ret_from_fork+0x116/0x1d0 [ 12.761860] ret_from_fork_asm+0x1a/0x30 [ 12.762081] [ 12.762222] CPU: 0 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.762647] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.762859] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.763206] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 16.930614] ================================================================== [ 16.930946] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 16.931279] Write of size 121 at addr ffff888103ad9000 by task kunit_try_catch/303 [ 16.931617] [ 16.931762] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.931807] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.931818] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.931840] Call Trace: [ 16.931857] <TASK> [ 16.931873] dump_stack_lvl+0x73/0xb0 [ 16.931903] print_report+0xd1/0x650 [ 16.931927] ? __virt_addr_valid+0x1db/0x2d0 [ 16.931950] ? strncpy_from_user+0x2e/0x1d0 [ 16.931975] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.931999] ? strncpy_from_user+0x2e/0x1d0 [ 16.932024] kasan_report+0x141/0x180 [ 16.932047] ? strncpy_from_user+0x2e/0x1d0 [ 16.932076] kasan_check_range+0x10c/0x1c0 [ 16.932101] __kasan_check_write+0x18/0x20 [ 16.932121] strncpy_from_user+0x2e/0x1d0 [ 16.932145] ? __kasan_check_read+0x15/0x20 [ 16.932167] copy_user_test_oob+0x760/0x10f0 [ 16.932195] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.932219] ? finish_task_switch.isra.0+0x153/0x700 [ 16.932244] ? __switch_to+0x47/0xf50 [ 16.932270] ? __schedule+0x10cc/0x2b60 [ 16.932293] ? __pfx_read_tsc+0x10/0x10 [ 16.932314] ? ktime_get_ts64+0x86/0x230 [ 16.932339] kunit_try_run_case+0x1a5/0x480 [ 16.932364] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.932389] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.932414] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.932440] ? __kthread_parkme+0x82/0x180 [ 16.932461] ? preempt_count_sub+0x50/0x80 [ 16.932486] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.932512] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.932537] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.932565] kthread+0x337/0x6f0 [ 16.932585] ? trace_preempt_on+0x20/0xc0 [ 16.932609] ? __pfx_kthread+0x10/0x10 [ 16.932632] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.932676] ? calculate_sigpending+0x7b/0xa0 [ 16.932700] ? __pfx_kthread+0x10/0x10 [ 16.932723] ret_from_fork+0x116/0x1d0 [ 16.932742] ? __pfx_kthread+0x10/0x10 [ 16.932771] ret_from_fork_asm+0x1a/0x30 [ 16.932803] </TASK> [ 16.932815] [ 16.939906] Allocated by task 303: [ 16.940084] kasan_save_stack+0x45/0x70 [ 16.940276] kasan_save_track+0x18/0x40 [ 16.940463] kasan_save_alloc_info+0x3b/0x50 [ 16.940692] __kasan_kmalloc+0xb7/0xc0 [ 16.940881] __kmalloc_noprof+0x1c9/0x500 [ 16.941057] kunit_kmalloc_array+0x25/0x60 [ 16.941199] copy_user_test_oob+0xab/0x10f0 [ 16.941343] kunit_try_run_case+0x1a5/0x480 [ 16.941486] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.941729] kthread+0x337/0x6f0 [ 16.941912] ret_from_fork+0x116/0x1d0 [ 16.942092] ret_from_fork_asm+0x1a/0x30 [ 16.942293] [ 16.942391] The buggy address belongs to the object at ffff888103ad9000 [ 16.942391] which belongs to the cache kmalloc-128 of size 128 [ 16.942846] The buggy address is located 0 bytes inside of [ 16.942846] allocated 120-byte region [ffff888103ad9000, ffff888103ad9078) [ 16.943190] [ 16.943275] The buggy address belongs to the physical page: [ 16.943518] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad9 [ 16.943895] flags: 0x200000000000000(node=0|zone=2) [ 16.944123] page_type: f5(slab) [ 16.944291] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.944626] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.944879] page dumped because: kasan: bad access detected [ 16.945049] [ 16.945116] Memory state around the buggy address: [ 16.945313] ffff888103ad8f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.945628] ffff888103ad8f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.945976] >ffff888103ad9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.946296] ^ [ 16.946599] ffff888103ad9080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.946867] ffff888103ad9100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.947086] ================================================================== [ 16.947736] ================================================================== [ 16.948088] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 16.948474] Write of size 1 at addr ffff888103ad9078 by task kunit_try_catch/303 [ 16.948854] [ 16.948950] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.948991] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.949003] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.949024] Call Trace: [ 16.949040] <TASK> [ 16.949056] dump_stack_lvl+0x73/0xb0 [ 16.949084] print_report+0xd1/0x650 [ 16.949107] ? __virt_addr_valid+0x1db/0x2d0 [ 16.949133] ? strncpy_from_user+0x1a5/0x1d0 [ 16.949158] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.949182] ? strncpy_from_user+0x1a5/0x1d0 [ 16.949207] kasan_report+0x141/0x180 [ 16.949230] ? strncpy_from_user+0x1a5/0x1d0 [ 16.949259] __asan_report_store1_noabort+0x1b/0x30 [ 16.949285] strncpy_from_user+0x1a5/0x1d0 [ 16.949312] copy_user_test_oob+0x760/0x10f0 [ 16.949339] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.949364] ? finish_task_switch.isra.0+0x153/0x700 [ 16.949388] ? __switch_to+0x47/0xf50 [ 16.949414] ? __schedule+0x10cc/0x2b60 [ 16.949437] ? __pfx_read_tsc+0x10/0x10 [ 16.949458] ? ktime_get_ts64+0x86/0x230 [ 16.949483] kunit_try_run_case+0x1a5/0x480 [ 16.949509] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.949533] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.949559] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.949584] ? __kthread_parkme+0x82/0x180 [ 16.949605] ? preempt_count_sub+0x50/0x80 [ 16.949630] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.949679] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.949705] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.949732] kthread+0x337/0x6f0 [ 16.949762] ? trace_preempt_on+0x20/0xc0 [ 16.949787] ? __pfx_kthread+0x10/0x10 [ 16.949809] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.949832] ? calculate_sigpending+0x7b/0xa0 [ 16.949857] ? __pfx_kthread+0x10/0x10 [ 16.949879] ret_from_fork+0x116/0x1d0 [ 16.949899] ? __pfx_kthread+0x10/0x10 [ 16.949920] ret_from_fork_asm+0x1a/0x30 [ 16.949952] </TASK> [ 16.949963] [ 16.956825] Allocated by task 303: [ 16.956952] kasan_save_stack+0x45/0x70 [ 16.957093] kasan_save_track+0x18/0x40 [ 16.957227] kasan_save_alloc_info+0x3b/0x50 [ 16.957374] __kasan_kmalloc+0xb7/0xc0 [ 16.957505] __kmalloc_noprof+0x1c9/0x500 [ 16.957663] kunit_kmalloc_array+0x25/0x60 [ 16.957913] copy_user_test_oob+0xab/0x10f0 [ 16.958114] kunit_try_run_case+0x1a5/0x480 [ 16.958308] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.958548] kthread+0x337/0x6f0 [ 16.958735] ret_from_fork+0x116/0x1d0 [ 16.958926] ret_from_fork_asm+0x1a/0x30 [ 16.959113] [ 16.959209] The buggy address belongs to the object at ffff888103ad9000 [ 16.959209] which belongs to the cache kmalloc-128 of size 128 [ 16.959756] The buggy address is located 0 bytes to the right of [ 16.959756] allocated 120-byte region [ffff888103ad9000, ffff888103ad9078) [ 16.960307] [ 16.960400] The buggy address belongs to the physical page: [ 16.960674] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad9 [ 16.961068] flags: 0x200000000000000(node=0|zone=2) [ 16.961302] page_type: f5(slab) [ 16.961472] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.961696] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.961918] page dumped because: kasan: bad access detected [ 16.962078] [ 16.962143] Memory state around the buggy address: [ 16.962286] ffff888103ad8f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.962512] ffff888103ad8f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.962869] >ffff888103ad9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.963211] ^ [ 16.963559] ffff888103ad9080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.963933] ffff888103ad9100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.964284] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 16.887316] ================================================================== [ 16.888115] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 16.888410] Write of size 121 at addr ffff888103ad9000 by task kunit_try_catch/303 [ 16.889035] [ 16.889248] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.889391] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.889427] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.889508] Call Trace: [ 16.889525] <TASK> [ 16.889541] dump_stack_lvl+0x73/0xb0 [ 16.889574] print_report+0xd1/0x650 [ 16.889599] ? __virt_addr_valid+0x1db/0x2d0 [ 16.889623] ? copy_user_test_oob+0x557/0x10f0 [ 16.889671] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.889696] ? copy_user_test_oob+0x557/0x10f0 [ 16.889873] kasan_report+0x141/0x180 [ 16.889901] ? copy_user_test_oob+0x557/0x10f0 [ 16.889931] kasan_check_range+0x10c/0x1c0 [ 16.889956] __kasan_check_write+0x18/0x20 [ 16.889978] copy_user_test_oob+0x557/0x10f0 [ 16.890004] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.890029] ? finish_task_switch.isra.0+0x153/0x700 [ 16.890055] ? __switch_to+0x47/0xf50 [ 16.890083] ? __schedule+0x10cc/0x2b60 [ 16.890107] ? __pfx_read_tsc+0x10/0x10 [ 16.890130] ? ktime_get_ts64+0x86/0x230 [ 16.890155] kunit_try_run_case+0x1a5/0x480 [ 16.890181] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.890206] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.890232] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.890258] ? __kthread_parkme+0x82/0x180 [ 16.890280] ? preempt_count_sub+0x50/0x80 [ 16.890305] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.890332] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.890358] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.890391] kthread+0x337/0x6f0 [ 16.890412] ? trace_preempt_on+0x20/0xc0 [ 16.890436] ? __pfx_kthread+0x10/0x10 [ 16.890457] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.890481] ? calculate_sigpending+0x7b/0xa0 [ 16.890507] ? __pfx_kthread+0x10/0x10 [ 16.890530] ret_from_fork+0x116/0x1d0 [ 16.890550] ? __pfx_kthread+0x10/0x10 [ 16.890572] ret_from_fork_asm+0x1a/0x30 [ 16.890603] </TASK> [ 16.890614] [ 16.900504] Allocated by task 303: [ 16.900687] kasan_save_stack+0x45/0x70 [ 16.900925] kasan_save_track+0x18/0x40 [ 16.901214] kasan_save_alloc_info+0x3b/0x50 [ 16.901423] __kasan_kmalloc+0xb7/0xc0 [ 16.901610] __kmalloc_noprof+0x1c9/0x500 [ 16.901853] kunit_kmalloc_array+0x25/0x60 [ 16.902158] copy_user_test_oob+0xab/0x10f0 [ 16.902366] kunit_try_run_case+0x1a5/0x480 [ 16.902592] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.902845] kthread+0x337/0x6f0 [ 16.903032] ret_from_fork+0x116/0x1d0 [ 16.903223] ret_from_fork_asm+0x1a/0x30 [ 16.903441] [ 16.903581] The buggy address belongs to the object at ffff888103ad9000 [ 16.903581] which belongs to the cache kmalloc-128 of size 128 [ 16.904715] The buggy address is located 0 bytes inside of [ 16.904715] allocated 120-byte region [ffff888103ad9000, ffff888103ad9078) [ 16.905120] [ 16.905225] The buggy address belongs to the physical page: [ 16.905479] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad9 [ 16.906039] flags: 0x200000000000000(node=0|zone=2) [ 16.906262] page_type: f5(slab) [ 16.906388] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.906714] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.906948] page dumped because: kasan: bad access detected [ 16.907119] [ 16.907188] Memory state around the buggy address: [ 16.907340] ffff888103ad8f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.907552] ffff888103ad8f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.907776] >ffff888103ad9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.907986] ^ [ 16.908274] ffff888103ad9080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.908604] ffff888103ad9100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.908950] ================================================================== [ 16.846132] ================================================================== [ 16.846477] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 16.846763] Write of size 121 at addr ffff888103ad9000 by task kunit_try_catch/303 [ 16.847178] [ 16.847278] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.847322] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.847335] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.847356] Call Trace: [ 16.847371] <TASK> [ 16.847388] dump_stack_lvl+0x73/0xb0 [ 16.847418] print_report+0xd1/0x650 [ 16.847442] ? __virt_addr_valid+0x1db/0x2d0 [ 16.847465] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.847491] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.847516] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.847541] kasan_report+0x141/0x180 [ 16.847565] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.847594] kasan_check_range+0x10c/0x1c0 [ 16.847619] __kasan_check_write+0x18/0x20 [ 16.847640] copy_user_test_oob+0x3fd/0x10f0 [ 16.847667] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.847703] ? finish_task_switch.isra.0+0x153/0x700 [ 16.847728] ? __switch_to+0x47/0xf50 [ 16.847766] ? __schedule+0x10cc/0x2b60 [ 16.847789] ? __pfx_read_tsc+0x10/0x10 [ 16.847811] ? ktime_get_ts64+0x86/0x230 [ 16.847836] kunit_try_run_case+0x1a5/0x480 [ 16.847861] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.847886] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.847911] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.847938] ? __kthread_parkme+0x82/0x180 [ 16.847960] ? preempt_count_sub+0x50/0x80 [ 16.847985] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.848012] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.848038] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.848065] kthread+0x337/0x6f0 [ 16.848085] ? trace_preempt_on+0x20/0xc0 [ 16.848110] ? __pfx_kthread+0x10/0x10 [ 16.848132] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.848155] ? calculate_sigpending+0x7b/0xa0 [ 16.848181] ? __pfx_kthread+0x10/0x10 [ 16.848204] ret_from_fork+0x116/0x1d0 [ 16.848224] ? __pfx_kthread+0x10/0x10 [ 16.848246] ret_from_fork_asm+0x1a/0x30 [ 16.848277] </TASK> [ 16.848289] [ 16.855282] Allocated by task 303: [ 16.855454] kasan_save_stack+0x45/0x70 [ 16.855596] kasan_save_track+0x18/0x40 [ 16.855913] kasan_save_alloc_info+0x3b/0x50 [ 16.856125] __kasan_kmalloc+0xb7/0xc0 [ 16.856280] __kmalloc_noprof+0x1c9/0x500 [ 16.856421] kunit_kmalloc_array+0x25/0x60 [ 16.856576] copy_user_test_oob+0xab/0x10f0 [ 16.856916] kunit_try_run_case+0x1a5/0x480 [ 16.857131] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.857388] kthread+0x337/0x6f0 [ 16.857560] ret_from_fork+0x116/0x1d0 [ 16.857760] ret_from_fork_asm+0x1a/0x30 [ 16.857953] [ 16.858044] The buggy address belongs to the object at ffff888103ad9000 [ 16.858044] which belongs to the cache kmalloc-128 of size 128 [ 16.858492] The buggy address is located 0 bytes inside of [ 16.858492] allocated 120-byte region [ffff888103ad9000, ffff888103ad9078) [ 16.858966] [ 16.859037] The buggy address belongs to the physical page: [ 16.859208] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad9 [ 16.859450] flags: 0x200000000000000(node=0|zone=2) [ 16.859665] page_type: f5(slab) [ 16.859844] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.860186] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.860524] page dumped because: kasan: bad access detected [ 16.860700] [ 16.860782] Memory state around the buggy address: [ 16.860938] ffff888103ad8f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.861156] ffff888103ad8f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.861657] >ffff888103ad9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.861991] ^ [ 16.862321] ffff888103ad9080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.862657] ffff888103ad9100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.863101] ================================================================== [ 16.909481] ================================================================== [ 16.909713] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 16.910175] Read of size 121 at addr ffff888103ad9000 by task kunit_try_catch/303 [ 16.910766] [ 16.910891] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.910937] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.910950] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.910972] Call Trace: [ 16.910985] <TASK> [ 16.911000] dump_stack_lvl+0x73/0xb0 [ 16.911051] print_report+0xd1/0x650 [ 16.911076] ? __virt_addr_valid+0x1db/0x2d0 [ 16.911115] ? copy_user_test_oob+0x604/0x10f0 [ 16.911155] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.911208] ? copy_user_test_oob+0x604/0x10f0 [ 16.911246] kasan_report+0x141/0x180 [ 16.911282] ? copy_user_test_oob+0x604/0x10f0 [ 16.911312] kasan_check_range+0x10c/0x1c0 [ 16.911350] __kasan_check_read+0x15/0x20 [ 16.911370] copy_user_test_oob+0x604/0x10f0 [ 16.911397] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.911421] ? finish_task_switch.isra.0+0x153/0x700 [ 16.911446] ? __switch_to+0x47/0xf50 [ 16.911472] ? __schedule+0x10cc/0x2b60 [ 16.911495] ? __pfx_read_tsc+0x10/0x10 [ 16.911517] ? ktime_get_ts64+0x86/0x230 [ 16.911541] kunit_try_run_case+0x1a5/0x480 [ 16.911567] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.911591] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.911616] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.911642] ? __kthread_parkme+0x82/0x180 [ 16.911664] ? preempt_count_sub+0x50/0x80 [ 16.911723] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.911759] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.911786] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.911812] kthread+0x337/0x6f0 [ 16.911833] ? trace_preempt_on+0x20/0xc0 [ 16.911858] ? __pfx_kthread+0x10/0x10 [ 16.911880] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.911903] ? calculate_sigpending+0x7b/0xa0 [ 16.911928] ? __pfx_kthread+0x10/0x10 [ 16.911952] ret_from_fork+0x116/0x1d0 [ 16.911971] ? __pfx_kthread+0x10/0x10 [ 16.911992] ret_from_fork_asm+0x1a/0x30 [ 16.912024] </TASK> [ 16.912035] [ 16.922237] Allocated by task 303: [ 16.922467] kasan_save_stack+0x45/0x70 [ 16.922630] kasan_save_track+0x18/0x40 [ 16.922780] kasan_save_alloc_info+0x3b/0x50 [ 16.922931] __kasan_kmalloc+0xb7/0xc0 [ 16.923119] __kmalloc_noprof+0x1c9/0x500 [ 16.923321] kunit_kmalloc_array+0x25/0x60 [ 16.923564] copy_user_test_oob+0xab/0x10f0 [ 16.923922] kunit_try_run_case+0x1a5/0x480 [ 16.924151] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.924358] kthread+0x337/0x6f0 [ 16.924477] ret_from_fork+0x116/0x1d0 [ 16.924608] ret_from_fork_asm+0x1a/0x30 [ 16.924763] [ 16.924834] The buggy address belongs to the object at ffff888103ad9000 [ 16.924834] which belongs to the cache kmalloc-128 of size 128 [ 16.925182] The buggy address is located 0 bytes inside of [ 16.925182] allocated 120-byte region [ffff888103ad9000, ffff888103ad9078) [ 16.925734] [ 16.925865] The buggy address belongs to the physical page: [ 16.926163] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad9 [ 16.926570] flags: 0x200000000000000(node=0|zone=2) [ 16.926842] page_type: f5(slab) [ 16.927052] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.927398] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.927743] page dumped because: kasan: bad access detected [ 16.928018] [ 16.928109] Memory state around the buggy address: [ 16.928293] ffff888103ad8f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.928541] ffff888103ad8f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.928886] >ffff888103ad9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.929125] ^ [ 16.929422] ffff888103ad9080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.929695] ffff888103ad9100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.930019] ================================================================== [ 16.863728] ================================================================== [ 16.865199] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 16.865523] Read of size 121 at addr ffff888103ad9000 by task kunit_try_catch/303 [ 16.866436] [ 16.866766] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.866816] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.866830] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.866851] Call Trace: [ 16.866867] <TASK> [ 16.866884] dump_stack_lvl+0x73/0xb0 [ 16.866924] print_report+0xd1/0x650 [ 16.866948] ? __virt_addr_valid+0x1db/0x2d0 [ 16.866972] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.866997] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.867022] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.867047] kasan_report+0x141/0x180 [ 16.867071] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.867100] kasan_check_range+0x10c/0x1c0 [ 16.867125] __kasan_check_read+0x15/0x20 [ 16.867146] copy_user_test_oob+0x4aa/0x10f0 [ 16.867174] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.867200] ? finish_task_switch.isra.0+0x153/0x700 [ 16.867224] ? __switch_to+0x47/0xf50 [ 16.867251] ? __schedule+0x10cc/0x2b60 [ 16.867277] ? __pfx_read_tsc+0x10/0x10 [ 16.867301] ? ktime_get_ts64+0x86/0x230 [ 16.867326] kunit_try_run_case+0x1a5/0x480 [ 16.867352] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.867377] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.867404] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.867429] ? __kthread_parkme+0x82/0x180 [ 16.867451] ? preempt_count_sub+0x50/0x80 [ 16.867476] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.867503] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.867529] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.867556] kthread+0x337/0x6f0 [ 16.867577] ? trace_preempt_on+0x20/0xc0 [ 16.867602] ? __pfx_kthread+0x10/0x10 [ 16.867624] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.867647] ? calculate_sigpending+0x7b/0xa0 [ 16.867672] ? __pfx_kthread+0x10/0x10 [ 16.867695] ret_from_fork+0x116/0x1d0 [ 16.867715] ? __pfx_kthread+0x10/0x10 [ 16.867736] ret_from_fork_asm+0x1a/0x30 [ 16.867777] </TASK> [ 16.867789] [ 16.874979] Allocated by task 303: [ 16.875106] kasan_save_stack+0x45/0x70 [ 16.875283] kasan_save_track+0x18/0x40 [ 16.875496] kasan_save_alloc_info+0x3b/0x50 [ 16.875860] __kasan_kmalloc+0xb7/0xc0 [ 16.876303] __kmalloc_noprof+0x1c9/0x500 [ 16.876582] kunit_kmalloc_array+0x25/0x60 [ 16.877244] copy_user_test_oob+0xab/0x10f0 [ 16.878141] kunit_try_run_case+0x1a5/0x480 [ 16.878322] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.878602] kthread+0x337/0x6f0 [ 16.878828] ret_from_fork+0x116/0x1d0 [ 16.879035] ret_from_fork_asm+0x1a/0x30 [ 16.879512] [ 16.879589] The buggy address belongs to the object at ffff888103ad9000 [ 16.879589] which belongs to the cache kmalloc-128 of size 128 [ 16.880492] The buggy address is located 0 bytes inside of [ 16.880492] allocated 120-byte region [ffff888103ad9000, ffff888103ad9078) [ 16.881242] [ 16.881324] The buggy address belongs to the physical page: [ 16.881581] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad9 [ 16.882135] flags: 0x200000000000000(node=0|zone=2) [ 16.882389] page_type: f5(slab) [ 16.882663] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.883126] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.883429] page dumped because: kasan: bad access detected [ 16.883863] [ 16.883986] Memory state around the buggy address: [ 16.884315] ffff888103ad8f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.884614] ffff888103ad8f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.885057] >ffff888103ad9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.885437] ^ [ 16.885828] ffff888103ad9080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.886135] ffff888103ad9100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.886449] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 16.821707] ================================================================== [ 16.822346] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x3c/0x70 [ 16.823059] Read of size 121 at addr ffff888103ad9000 by task kunit_try_catch/303 [ 16.823795] [ 16.823973] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.824017] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.824030] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.824051] Call Trace: [ 16.824065] <TASK> [ 16.824082] dump_stack_lvl+0x73/0xb0 [ 16.824113] print_report+0xd1/0x650 [ 16.824137] ? __virt_addr_valid+0x1db/0x2d0 [ 16.824162] ? _copy_to_user+0x3c/0x70 [ 16.824182] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.824206] ? _copy_to_user+0x3c/0x70 [ 16.824227] kasan_report+0x141/0x180 [ 16.824251] ? _copy_to_user+0x3c/0x70 [ 16.824276] kasan_check_range+0x10c/0x1c0 [ 16.824301] __kasan_check_read+0x15/0x20 [ 16.824321] _copy_to_user+0x3c/0x70 [ 16.824342] copy_user_test_oob+0x364/0x10f0 [ 16.824370] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.824394] ? finish_task_switch.isra.0+0x153/0x700 [ 16.824419] ? __switch_to+0x47/0xf50 [ 16.824445] ? __schedule+0x10cc/0x2b60 [ 16.824470] ? __pfx_read_tsc+0x10/0x10 [ 16.824491] ? ktime_get_ts64+0x86/0x230 [ 16.824516] kunit_try_run_case+0x1a5/0x480 [ 16.824542] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.824567] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.824593] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.824618] ? __kthread_parkme+0x82/0x180 [ 16.824639] ? preempt_count_sub+0x50/0x80 [ 16.824674] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.824700] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.824727] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.824764] kthread+0x337/0x6f0 [ 16.824784] ? trace_preempt_on+0x20/0xc0 [ 16.824810] ? __pfx_kthread+0x10/0x10 [ 16.824832] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.824855] ? calculate_sigpending+0x7b/0xa0 [ 16.824881] ? __pfx_kthread+0x10/0x10 [ 16.824903] ret_from_fork+0x116/0x1d0 [ 16.824923] ? __pfx_kthread+0x10/0x10 [ 16.824945] ret_from_fork_asm+0x1a/0x30 [ 16.824976] </TASK> [ 16.824988] [ 16.834079] Allocated by task 303: [ 16.834406] kasan_save_stack+0x45/0x70 [ 16.834804] kasan_save_track+0x18/0x40 [ 16.835152] kasan_save_alloc_info+0x3b/0x50 [ 16.835306] __kasan_kmalloc+0xb7/0xc0 [ 16.835446] __kmalloc_noprof+0x1c9/0x500 [ 16.835592] kunit_kmalloc_array+0x25/0x60 [ 16.835777] copy_user_test_oob+0xab/0x10f0 [ 16.835935] kunit_try_run_case+0x1a5/0x480 [ 16.836146] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.836404] kthread+0x337/0x6f0 [ 16.836526] ret_from_fork+0x116/0x1d0 [ 16.836784] ret_from_fork_asm+0x1a/0x30 [ 16.836957] [ 16.837059] The buggy address belongs to the object at ffff888103ad9000 [ 16.837059] which belongs to the cache kmalloc-128 of size 128 [ 16.837523] The buggy address is located 0 bytes inside of [ 16.837523] allocated 120-byte region [ffff888103ad9000, ffff888103ad9078) [ 16.837936] [ 16.838024] The buggy address belongs to the physical page: [ 16.838281] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad9 [ 16.838644] flags: 0x200000000000000(node=0|zone=2) [ 16.838895] page_type: f5(slab) [ 16.839017] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.839358] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.839673] page dumped because: kasan: bad access detected [ 16.839892] [ 16.839988] Memory state around the buggy address: [ 16.840169] ffff888103ad8f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.840469] ffff888103ad8f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.840807] >ffff888103ad9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.841073] ^ [ 16.841369] ffff888103ad9080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.841581] ffff888103ad9100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.841858] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 16.789324] ================================================================== [ 16.790601] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 16.791062] Write of size 121 at addr ffff888103ad9000 by task kunit_try_catch/303 [ 16.791299] [ 16.791394] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.791442] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.791456] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.791479] Call Trace: [ 16.791494] <TASK> [ 16.791517] dump_stack_lvl+0x73/0xb0 [ 16.791549] print_report+0xd1/0x650 [ 16.791575] ? __virt_addr_valid+0x1db/0x2d0 [ 16.791601] ? _copy_from_user+0x32/0x90 [ 16.791622] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.791647] ? _copy_from_user+0x32/0x90 [ 16.791681] kasan_report+0x141/0x180 [ 16.791704] ? _copy_from_user+0x32/0x90 [ 16.791729] kasan_check_range+0x10c/0x1c0 [ 16.791766] __kasan_check_write+0x18/0x20 [ 16.791786] _copy_from_user+0x32/0x90 [ 16.791809] copy_user_test_oob+0x2be/0x10f0 [ 16.791836] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.791861] ? finish_task_switch.isra.0+0x153/0x700 [ 16.791886] ? __switch_to+0x47/0xf50 [ 16.791915] ? __schedule+0x10cc/0x2b60 [ 16.791938] ? __pfx_read_tsc+0x10/0x10 [ 16.791961] ? ktime_get_ts64+0x86/0x230 [ 16.791988] kunit_try_run_case+0x1a5/0x480 [ 16.792013] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.792038] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.792064] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.792089] ? __kthread_parkme+0x82/0x180 [ 16.792111] ? preempt_count_sub+0x50/0x80 [ 16.792136] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.792163] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.792189] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.792217] kthread+0x337/0x6f0 [ 16.792237] ? trace_preempt_on+0x20/0xc0 [ 16.792263] ? __pfx_kthread+0x10/0x10 [ 16.792285] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.792308] ? calculate_sigpending+0x7b/0xa0 [ 16.792335] ? __pfx_kthread+0x10/0x10 [ 16.792357] ret_from_fork+0x116/0x1d0 [ 16.792378] ? __pfx_kthread+0x10/0x10 [ 16.792400] ret_from_fork_asm+0x1a/0x30 [ 16.792433] </TASK> [ 16.792446] [ 16.806409] Allocated by task 303: [ 16.806848] kasan_save_stack+0x45/0x70 [ 16.807274] kasan_save_track+0x18/0x40 [ 16.807702] kasan_save_alloc_info+0x3b/0x50 [ 16.807975] __kasan_kmalloc+0xb7/0xc0 [ 16.808111] __kmalloc_noprof+0x1c9/0x500 [ 16.808260] kunit_kmalloc_array+0x25/0x60 [ 16.808408] copy_user_test_oob+0xab/0x10f0 [ 16.808559] kunit_try_run_case+0x1a5/0x480 [ 16.808710] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.809169] kthread+0x337/0x6f0 [ 16.809464] ret_from_fork+0x116/0x1d0 [ 16.809807] ret_from_fork_asm+0x1a/0x30 [ 16.810231] [ 16.810396] The buggy address belongs to the object at ffff888103ad9000 [ 16.810396] which belongs to the cache kmalloc-128 of size 128 [ 16.811548] The buggy address is located 0 bytes inside of [ 16.811548] allocated 120-byte region [ffff888103ad9000, ffff888103ad9078) [ 16.812613] [ 16.812832] The buggy address belongs to the physical page: [ 16.813301] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad9 [ 16.813586] flags: 0x200000000000000(node=0|zone=2) [ 16.813963] page_type: f5(slab) [ 16.814273] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.815006] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.815606] page dumped because: kasan: bad access detected [ 16.816070] [ 16.816230] Memory state around the buggy address: [ 16.816484] ffff888103ad8f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.816732] ffff888103ad8f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.816958] >ffff888103ad9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.817172] ^ [ 16.817385] ffff888103ad9080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.817599] ffff888103ad9100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.818109] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 16.717210] ================================================================== [ 16.718563] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 16.719356] Read of size 8 at addr ffff888102b92f78 by task kunit_try_catch/299 [ 16.720224] [ 16.720529] CPU: 0 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.720591] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.720604] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.720627] Call Trace: [ 16.720642] <TASK> [ 16.720663] dump_stack_lvl+0x73/0xb0 [ 16.720819] print_report+0xd1/0x650 [ 16.720855] ? __virt_addr_valid+0x1db/0x2d0 [ 16.720882] ? copy_to_kernel_nofault+0x225/0x260 [ 16.720909] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.720934] ? copy_to_kernel_nofault+0x225/0x260 [ 16.720968] kasan_report+0x141/0x180 [ 16.720991] ? copy_to_kernel_nofault+0x225/0x260 [ 16.721021] __asan_report_load8_noabort+0x18/0x20 [ 16.721048] copy_to_kernel_nofault+0x225/0x260 [ 16.721075] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 16.721100] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.721125] ? finish_task_switch.isra.0+0x153/0x700 [ 16.721152] ? __schedule+0x10cc/0x2b60 [ 16.721176] ? trace_hardirqs_on+0x37/0xe0 [ 16.721210] ? __pfx_read_tsc+0x10/0x10 [ 16.721234] ? ktime_get_ts64+0x86/0x230 [ 16.721260] kunit_try_run_case+0x1a5/0x480 [ 16.721288] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.721313] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.721339] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.721365] ? __kthread_parkme+0x82/0x180 [ 16.721388] ? preempt_count_sub+0x50/0x80 [ 16.721412] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.721438] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.721464] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.721492] kthread+0x337/0x6f0 [ 16.721513] ? trace_preempt_on+0x20/0xc0 [ 16.721537] ? __pfx_kthread+0x10/0x10 [ 16.721559] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.721582] ? calculate_sigpending+0x7b/0xa0 [ 16.721608] ? __pfx_kthread+0x10/0x10 [ 16.721631] ret_from_fork+0x116/0x1d0 [ 16.721683] ? __pfx_kthread+0x10/0x10 [ 16.721721] ret_from_fork_asm+0x1a/0x30 [ 16.721765] </TASK> [ 16.721777] [ 16.736137] Allocated by task 299: [ 16.736465] kasan_save_stack+0x45/0x70 [ 16.736822] kasan_save_track+0x18/0x40 [ 16.737041] kasan_save_alloc_info+0x3b/0x50 [ 16.737273] __kasan_kmalloc+0xb7/0xc0 [ 16.737406] __kmalloc_cache_noprof+0x189/0x420 [ 16.737564] copy_to_kernel_nofault_oob+0x12f/0x560 [ 16.737797] kunit_try_run_case+0x1a5/0x480 [ 16.738057] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.738441] kthread+0x337/0x6f0 [ 16.738762] ret_from_fork+0x116/0x1d0 [ 16.738931] ret_from_fork_asm+0x1a/0x30 [ 16.739076] [ 16.739149] The buggy address belongs to the object at ffff888102b92f00 [ 16.739149] which belongs to the cache kmalloc-128 of size 128 [ 16.739630] The buggy address is located 0 bytes to the right of [ 16.739630] allocated 120-byte region [ffff888102b92f00, ffff888102b92f78) [ 16.740144] [ 16.740219] The buggy address belongs to the physical page: [ 16.740391] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b92 [ 16.741042] flags: 0x200000000000000(node=0|zone=2) [ 16.741307] page_type: f5(slab) [ 16.741473] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.741885] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.742148] page dumped because: kasan: bad access detected [ 16.742461] [ 16.742579] Memory state around the buggy address: [ 16.742985] ffff888102b92e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.743319] ffff888102b92e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.743532] >ffff888102b92f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.744009] ^ [ 16.744295] ffff888102b92f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.744557] ffff888102b93000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.744999] ================================================================== [ 16.745449] ================================================================== [ 16.745808] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 16.746230] Write of size 8 at addr ffff888102b92f78 by task kunit_try_catch/299 [ 16.746570] [ 16.746657] CPU: 0 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.746707] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.746720] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.746741] Call Trace: [ 16.746764] <TASK> [ 16.746781] dump_stack_lvl+0x73/0xb0 [ 16.746810] print_report+0xd1/0x650 [ 16.746834] ? __virt_addr_valid+0x1db/0x2d0 [ 16.746857] ? copy_to_kernel_nofault+0x99/0x260 [ 16.746883] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.746907] ? copy_to_kernel_nofault+0x99/0x260 [ 16.746932] kasan_report+0x141/0x180 [ 16.746955] ? copy_to_kernel_nofault+0x99/0x260 [ 16.746985] kasan_check_range+0x10c/0x1c0 [ 16.747018] __kasan_check_write+0x18/0x20 [ 16.747039] copy_to_kernel_nofault+0x99/0x260 [ 16.747065] copy_to_kernel_nofault_oob+0x288/0x560 [ 16.747091] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.747116] ? finish_task_switch.isra.0+0x153/0x700 [ 16.747151] ? __schedule+0x10cc/0x2b60 [ 16.747173] ? trace_hardirqs_on+0x37/0xe0 [ 16.747217] ? __pfx_read_tsc+0x10/0x10 [ 16.747238] ? ktime_get_ts64+0x86/0x230 [ 16.747262] kunit_try_run_case+0x1a5/0x480 [ 16.747287] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.747312] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.747337] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.747372] ? __kthread_parkme+0x82/0x180 [ 16.747393] ? preempt_count_sub+0x50/0x80 [ 16.747418] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.747455] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.747481] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.747509] kthread+0x337/0x6f0 [ 16.747529] ? trace_preempt_on+0x20/0xc0 [ 16.747552] ? __pfx_kthread+0x10/0x10 [ 16.747574] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.747597] ? calculate_sigpending+0x7b/0xa0 [ 16.747622] ? __pfx_kthread+0x10/0x10 [ 16.747658] ret_from_fork+0x116/0x1d0 [ 16.747678] ? __pfx_kthread+0x10/0x10 [ 16.747699] ret_from_fork_asm+0x1a/0x30 [ 16.747731] </TASK> [ 16.747741] [ 16.758379] Allocated by task 299: [ 16.758518] kasan_save_stack+0x45/0x70 [ 16.758844] kasan_save_track+0x18/0x40 [ 16.759229] kasan_save_alloc_info+0x3b/0x50 [ 16.759766] __kasan_kmalloc+0xb7/0xc0 [ 16.760137] __kmalloc_cache_noprof+0x189/0x420 [ 16.760555] copy_to_kernel_nofault_oob+0x12f/0x560 [ 16.761077] kunit_try_run_case+0x1a5/0x480 [ 16.761232] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.761403] kthread+0x337/0x6f0 [ 16.761521] ret_from_fork+0x116/0x1d0 [ 16.761769] ret_from_fork_asm+0x1a/0x30 [ 16.762151] [ 16.762313] The buggy address belongs to the object at ffff888102b92f00 [ 16.762313] which belongs to the cache kmalloc-128 of size 128 [ 16.763711] The buggy address is located 0 bytes to the right of [ 16.763711] allocated 120-byte region [ffff888102b92f00, ffff888102b92f78) [ 16.764816] [ 16.764892] The buggy address belongs to the physical page: [ 16.765062] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b92 [ 16.765295] flags: 0x200000000000000(node=0|zone=2) [ 16.765454] page_type: f5(slab) [ 16.765571] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.766244] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.767015] page dumped because: kasan: bad access detected [ 16.767507] [ 16.767738] Memory state around the buggy address: [ 16.768182] ffff888102b92e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.769028] ffff888102b92e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.769766] >ffff888102b92f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.770144] ^ [ 16.770353] ffff888102b92f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.770566] ffff888102b93000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.771181] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 15.524110] ================================================================== [ 15.524508] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 15.525040] Write of size 4 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 15.525522] [ 15.525672] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.525715] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.525739] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.525769] Call Trace: [ 15.525782] <TASK> [ 15.525799] dump_stack_lvl+0x73/0xb0 [ 15.525859] print_report+0xd1/0x650 [ 15.525884] ? __virt_addr_valid+0x1db/0x2d0 [ 15.525908] ? kasan_atomics_helper+0x992/0x5450 [ 15.525943] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.525967] ? kasan_atomics_helper+0x992/0x5450 [ 15.525991] kasan_report+0x141/0x180 [ 15.526049] ? kasan_atomics_helper+0x992/0x5450 [ 15.526077] kasan_check_range+0x10c/0x1c0 [ 15.526101] __kasan_check_write+0x18/0x20 [ 15.526132] kasan_atomics_helper+0x992/0x5450 [ 15.526157] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.526181] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.526207] ? kasan_atomics+0x152/0x310 [ 15.526234] kasan_atomics+0x1dc/0x310 [ 15.526284] ? __pfx_kasan_atomics+0x10/0x10 [ 15.526310] ? __pfx_read_tsc+0x10/0x10 [ 15.526332] ? ktime_get_ts64+0x86/0x230 [ 15.526375] kunit_try_run_case+0x1a5/0x480 [ 15.526400] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.526452] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.526477] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.526503] ? __kthread_parkme+0x82/0x180 [ 15.526535] ? preempt_count_sub+0x50/0x80 [ 15.526560] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.526586] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.526613] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.526639] kthread+0x337/0x6f0 [ 15.526671] ? trace_preempt_on+0x20/0xc0 [ 15.526696] ? __pfx_kthread+0x10/0x10 [ 15.526718] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.526742] ? calculate_sigpending+0x7b/0xa0 [ 15.526776] ? __pfx_kthread+0x10/0x10 [ 15.526799] ret_from_fork+0x116/0x1d0 [ 15.526819] ? __pfx_kthread+0x10/0x10 [ 15.526841] ret_from_fork_asm+0x1a/0x30 [ 15.526873] </TASK> [ 15.526884] [ 15.535660] Allocated by task 283: [ 15.535877] kasan_save_stack+0x45/0x70 [ 15.536147] kasan_save_track+0x18/0x40 [ 15.536359] kasan_save_alloc_info+0x3b/0x50 [ 15.536589] __kasan_kmalloc+0xb7/0xc0 [ 15.536791] __kmalloc_cache_noprof+0x189/0x420 [ 15.537069] kasan_atomics+0x95/0x310 [ 15.537324] kunit_try_run_case+0x1a5/0x480 [ 15.537534] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.537775] kthread+0x337/0x6f0 [ 15.537908] ret_from_fork+0x116/0x1d0 [ 15.538097] ret_from_fork_asm+0x1a/0x30 [ 15.538347] [ 15.538486] The buggy address belongs to the object at ffff888103ad1980 [ 15.538486] which belongs to the cache kmalloc-64 of size 64 [ 15.539009] The buggy address is located 0 bytes to the right of [ 15.539009] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 15.539376] [ 15.539447] The buggy address belongs to the physical page: [ 15.539694] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 15.540153] flags: 0x200000000000000(node=0|zone=2) [ 15.540426] page_type: f5(slab) [ 15.540619] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.540962] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.541188] page dumped because: kasan: bad access detected [ 15.541394] [ 15.541487] Memory state around the buggy address: [ 15.541787] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.542206] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.542560] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.542884] ^ [ 15.543067] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.543436] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.544112] ================================================================== [ 15.545621] ================================================================== [ 15.546239] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 15.546616] Write of size 4 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 15.547237] [ 15.547501] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.547549] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.547562] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.547585] Call Trace: [ 15.547599] <TASK> [ 15.547614] dump_stack_lvl+0x73/0xb0 [ 15.547646] print_report+0xd1/0x650 [ 15.547679] ? __virt_addr_valid+0x1db/0x2d0 [ 15.547704] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.547726] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.547765] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.547788] kasan_report+0x141/0x180 [ 15.547812] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.547839] kasan_check_range+0x10c/0x1c0 [ 15.547865] __kasan_check_write+0x18/0x20 [ 15.547886] kasan_atomics_helper+0xa2b/0x5450 [ 15.547909] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.547934] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.547962] ? kasan_atomics+0x152/0x310 [ 15.547991] kasan_atomics+0x1dc/0x310 [ 15.548014] ? __pfx_kasan_atomics+0x10/0x10 [ 15.548040] ? __pfx_read_tsc+0x10/0x10 [ 15.548062] ? ktime_get_ts64+0x86/0x230 [ 15.548088] kunit_try_run_case+0x1a5/0x480 [ 15.548115] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.548139] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.548166] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.548191] ? __kthread_parkme+0x82/0x180 [ 15.548214] ? preempt_count_sub+0x50/0x80 [ 15.548238] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.548263] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.548290] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.548317] kthread+0x337/0x6f0 [ 15.548336] ? trace_preempt_on+0x20/0xc0 [ 15.548361] ? __pfx_kthread+0x10/0x10 [ 15.548383] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.548406] ? calculate_sigpending+0x7b/0xa0 [ 15.548431] ? __pfx_kthread+0x10/0x10 [ 15.548453] ret_from_fork+0x116/0x1d0 [ 15.548472] ? __pfx_kthread+0x10/0x10 [ 15.548494] ret_from_fork_asm+0x1a/0x30 [ 15.548526] </TASK> [ 15.548538] [ 15.559814] Allocated by task 283: [ 15.560325] kasan_save_stack+0x45/0x70 [ 15.560517] kasan_save_track+0x18/0x40 [ 15.560901] kasan_save_alloc_info+0x3b/0x50 [ 15.561210] __kasan_kmalloc+0xb7/0xc0 [ 15.561521] __kmalloc_cache_noprof+0x189/0x420 [ 15.561916] kasan_atomics+0x95/0x310 [ 15.562209] kunit_try_run_case+0x1a5/0x480 [ 15.562510] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.562910] kthread+0x337/0x6f0 [ 15.563209] ret_from_fork+0x116/0x1d0 [ 15.563440] ret_from_fork_asm+0x1a/0x30 [ 15.563608] [ 15.563704] The buggy address belongs to the object at ffff888103ad1980 [ 15.563704] which belongs to the cache kmalloc-64 of size 64 [ 15.564514] The buggy address is located 0 bytes to the right of [ 15.564514] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 15.565322] [ 15.565410] The buggy address belongs to the physical page: [ 15.565910] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 15.566340] flags: 0x200000000000000(node=0|zone=2) [ 15.566660] page_type: f5(slab) [ 15.566865] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.567339] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.567798] page dumped because: kasan: bad access detected [ 15.568149] [ 15.568251] Memory state around the buggy address: [ 15.568469] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.568785] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.569303] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.569785] ^ [ 15.570115] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.570538] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.570950] ================================================================== [ 16.277948] ================================================================== [ 16.278279] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 16.278627] Write of size 8 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 16.279180] [ 16.279284] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.279425] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.279440] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.279461] Call Trace: [ 16.279478] <TASK> [ 16.279495] dump_stack_lvl+0x73/0xb0 [ 16.279526] print_report+0xd1/0x650 [ 16.279550] ? __virt_addr_valid+0x1db/0x2d0 [ 16.279575] ? kasan_atomics_helper+0x1a7f/0x5450 [ 16.279597] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.279622] ? kasan_atomics_helper+0x1a7f/0x5450 [ 16.279645] kasan_report+0x141/0x180 [ 16.279736] ? kasan_atomics_helper+0x1a7f/0x5450 [ 16.279778] kasan_check_range+0x10c/0x1c0 [ 16.279803] __kasan_check_write+0x18/0x20 [ 16.279824] kasan_atomics_helper+0x1a7f/0x5450 [ 16.279848] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.279872] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.279898] ? kasan_atomics+0x152/0x310 [ 16.279926] kasan_atomics+0x1dc/0x310 [ 16.279950] ? __pfx_kasan_atomics+0x10/0x10 [ 16.279979] ? __pfx_read_tsc+0x10/0x10 [ 16.280001] ? ktime_get_ts64+0x86/0x230 [ 16.280027] kunit_try_run_case+0x1a5/0x480 [ 16.280054] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.280081] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.280107] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.280133] ? __kthread_parkme+0x82/0x180 [ 16.280155] ? preempt_count_sub+0x50/0x80 [ 16.280181] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.280207] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.280233] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.280259] kthread+0x337/0x6f0 [ 16.280280] ? trace_preempt_on+0x20/0xc0 [ 16.280306] ? __pfx_kthread+0x10/0x10 [ 16.280328] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.280351] ? calculate_sigpending+0x7b/0xa0 [ 16.280376] ? __pfx_kthread+0x10/0x10 [ 16.280398] ret_from_fork+0x116/0x1d0 [ 16.280418] ? __pfx_kthread+0x10/0x10 [ 16.280439] ret_from_fork_asm+0x1a/0x30 [ 16.280471] </TASK> [ 16.280483] [ 16.290736] Allocated by task 283: [ 16.291090] kasan_save_stack+0x45/0x70 [ 16.291301] kasan_save_track+0x18/0x40 [ 16.291499] kasan_save_alloc_info+0x3b/0x50 [ 16.291991] __kasan_kmalloc+0xb7/0xc0 [ 16.292174] __kmalloc_cache_noprof+0x189/0x420 [ 16.292479] kasan_atomics+0x95/0x310 [ 16.292655] kunit_try_run_case+0x1a5/0x480 [ 16.292994] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.293324] kthread+0x337/0x6f0 [ 16.293451] ret_from_fork+0x116/0x1d0 [ 16.293792] ret_from_fork_asm+0x1a/0x30 [ 16.294062] [ 16.294141] The buggy address belongs to the object at ffff888103ad1980 [ 16.294141] which belongs to the cache kmalloc-64 of size 64 [ 16.294638] The buggy address is located 0 bytes to the right of [ 16.294638] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 16.295150] [ 16.295231] The buggy address belongs to the physical page: [ 16.295464] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 16.296178] flags: 0x200000000000000(node=0|zone=2) [ 16.296499] page_type: f5(slab) [ 16.296644] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.297082] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.297467] page dumped because: kasan: bad access detected [ 16.297873] [ 16.297966] Memory state around the buggy address: [ 16.298337] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.298697] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.299099] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.299383] ^ [ 16.299576] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.300078] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.300456] ================================================================== [ 15.269689] ================================================================== [ 15.270383] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 15.270853] Write of size 4 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 15.271524] [ 15.271892] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.271940] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.271953] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.271975] Call Trace: [ 15.272011] <TASK> [ 15.272028] dump_stack_lvl+0x73/0xb0 [ 15.272058] print_report+0xd1/0x650 [ 15.272082] ? __virt_addr_valid+0x1db/0x2d0 [ 15.272106] ? kasan_atomics_helper+0x4a0/0x5450 [ 15.272128] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.272153] ? kasan_atomics_helper+0x4a0/0x5450 [ 15.272176] kasan_report+0x141/0x180 [ 15.272199] ? kasan_atomics_helper+0x4a0/0x5450 [ 15.272226] kasan_check_range+0x10c/0x1c0 [ 15.272252] __kasan_check_write+0x18/0x20 [ 15.272273] kasan_atomics_helper+0x4a0/0x5450 [ 15.272298] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.272322] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.272349] ? kasan_atomics+0x152/0x310 [ 15.272376] kasan_atomics+0x1dc/0x310 [ 15.272400] ? __pfx_kasan_atomics+0x10/0x10 [ 15.272426] ? __pfx_read_tsc+0x10/0x10 [ 15.272447] ? ktime_get_ts64+0x86/0x230 [ 15.272473] kunit_try_run_case+0x1a5/0x480 [ 15.272499] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.272523] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.272549] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.272574] ? __kthread_parkme+0x82/0x180 [ 15.272596] ? preempt_count_sub+0x50/0x80 [ 15.272621] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.272763] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.272799] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.272827] kthread+0x337/0x6f0 [ 15.272849] ? trace_preempt_on+0x20/0xc0 [ 15.272875] ? __pfx_kthread+0x10/0x10 [ 15.272897] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.272921] ? calculate_sigpending+0x7b/0xa0 [ 15.272947] ? __pfx_kthread+0x10/0x10 [ 15.272970] ret_from_fork+0x116/0x1d0 [ 15.272990] ? __pfx_kthread+0x10/0x10 [ 15.273012] ret_from_fork_asm+0x1a/0x30 [ 15.273044] </TASK> [ 15.273055] [ 15.284867] Allocated by task 283: [ 15.285023] kasan_save_stack+0x45/0x70 [ 15.285231] kasan_save_track+0x18/0x40 [ 15.285420] kasan_save_alloc_info+0x3b/0x50 [ 15.285626] __kasan_kmalloc+0xb7/0xc0 [ 15.286459] __kmalloc_cache_noprof+0x189/0x420 [ 15.286653] kasan_atomics+0x95/0x310 [ 15.286897] kunit_try_run_case+0x1a5/0x480 [ 15.287109] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.287359] kthread+0x337/0x6f0 [ 15.287535] ret_from_fork+0x116/0x1d0 [ 15.288065] ret_from_fork_asm+0x1a/0x30 [ 15.288277] [ 15.288580] The buggy address belongs to the object at ffff888103ad1980 [ 15.288580] which belongs to the cache kmalloc-64 of size 64 [ 15.289330] The buggy address is located 0 bytes to the right of [ 15.289330] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 15.290048] [ 15.290368] The buggy address belongs to the physical page: [ 15.290784] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 15.291377] flags: 0x200000000000000(node=0|zone=2) [ 15.291596] page_type: f5(slab) [ 15.291820] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.292569] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.293080] page dumped because: kasan: bad access detected [ 15.293449] [ 15.293674] Memory state around the buggy address: [ 15.294119] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.294446] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.295028] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.295419] ^ [ 15.295768] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.296387] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.296928] ================================================================== [ 15.792597] ================================================================== [ 15.793123] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 15.793432] Read of size 4 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 15.793729] [ 15.793851] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.793915] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.793928] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.793948] Call Trace: [ 15.793964] <TASK> [ 15.793981] dump_stack_lvl+0x73/0xb0 [ 15.794010] print_report+0xd1/0x650 [ 15.794032] ? __virt_addr_valid+0x1db/0x2d0 [ 15.794056] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.794079] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.794103] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.794143] kasan_report+0x141/0x180 [ 15.794167] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.794195] __asan_report_load4_noabort+0x18/0x20 [ 15.794221] kasan_atomics_helper+0x4a36/0x5450 [ 15.794245] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.794269] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.794295] ? kasan_atomics+0x152/0x310 [ 15.794322] kasan_atomics+0x1dc/0x310 [ 15.794347] ? __pfx_kasan_atomics+0x10/0x10 [ 15.794377] ? __pfx_read_tsc+0x10/0x10 [ 15.794400] ? ktime_get_ts64+0x86/0x230 [ 15.794425] kunit_try_run_case+0x1a5/0x480 [ 15.794451] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.794476] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.794501] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.794527] ? __kthread_parkme+0x82/0x180 [ 15.794549] ? preempt_count_sub+0x50/0x80 [ 15.794573] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.794599] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.794625] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.794651] kthread+0x337/0x6f0 [ 15.794671] ? trace_preempt_on+0x20/0xc0 [ 15.794716] ? __pfx_kthread+0x10/0x10 [ 15.794738] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.794779] ? calculate_sigpending+0x7b/0xa0 [ 15.794805] ? __pfx_kthread+0x10/0x10 [ 15.794827] ret_from_fork+0x116/0x1d0 [ 15.794847] ? __pfx_kthread+0x10/0x10 [ 15.794868] ret_from_fork_asm+0x1a/0x30 [ 15.794901] </TASK> [ 15.794912] [ 15.802183] Allocated by task 283: [ 15.802968] kasan_save_stack+0x45/0x70 [ 15.803170] kasan_save_track+0x18/0x40 [ 15.803411] kasan_save_alloc_info+0x3b/0x50 [ 15.803631] __kasan_kmalloc+0xb7/0xc0 [ 15.803837] __kmalloc_cache_noprof+0x189/0x420 [ 15.804022] kasan_atomics+0x95/0x310 [ 15.804204] kunit_try_run_case+0x1a5/0x480 [ 15.804387] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.804612] kthread+0x337/0x6f0 [ 15.804833] ret_from_fork+0x116/0x1d0 [ 15.805055] ret_from_fork_asm+0x1a/0x30 [ 15.805202] [ 15.805270] The buggy address belongs to the object at ffff888103ad1980 [ 15.805270] which belongs to the cache kmalloc-64 of size 64 [ 15.805604] The buggy address is located 0 bytes to the right of [ 15.805604] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 15.806207] [ 15.806308] The buggy address belongs to the physical page: [ 15.806570] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 15.806962] flags: 0x200000000000000(node=0|zone=2) [ 15.807189] page_type: f5(slab) [ 15.807335] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.807734] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.808027] page dumped because: kasan: bad access detected [ 15.808202] [ 15.808272] Memory state around the buggy address: [ 15.808475] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.808874] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.809201] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.809522] ^ [ 15.809759] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.810104] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.810358] ================================================================== [ 15.181173] ================================================================== [ 15.181495] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 15.182031] Write of size 4 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 15.182611] [ 15.182767] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.182817] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.183018] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.183046] Call Trace: [ 15.183061] <TASK> [ 15.183077] dump_stack_lvl+0x73/0xb0 [ 15.183109] print_report+0xd1/0x650 [ 15.183131] ? __virt_addr_valid+0x1db/0x2d0 [ 15.183156] ? kasan_atomics_helper+0x4b6e/0x5450 [ 15.183177] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.183201] ? kasan_atomics_helper+0x4b6e/0x5450 [ 15.183223] kasan_report+0x141/0x180 [ 15.183244] ? kasan_atomics_helper+0x4b6e/0x5450 [ 15.183271] __asan_report_store4_noabort+0x1b/0x30 [ 15.183296] kasan_atomics_helper+0x4b6e/0x5450 [ 15.183320] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.183344] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.183369] ? kasan_atomics+0x152/0x310 [ 15.183395] kasan_atomics+0x1dc/0x310 [ 15.183418] ? __pfx_kasan_atomics+0x10/0x10 [ 15.183443] ? __pfx_read_tsc+0x10/0x10 [ 15.183463] ? ktime_get_ts64+0x86/0x230 [ 15.183487] kunit_try_run_case+0x1a5/0x480 [ 15.183511] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.183534] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.183558] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.183583] ? __kthread_parkme+0x82/0x180 [ 15.183603] ? preempt_count_sub+0x50/0x80 [ 15.183628] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.183667] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.183716] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.183743] kthread+0x337/0x6f0 [ 15.183777] ? trace_preempt_on+0x20/0xc0 [ 15.183802] ? __pfx_kthread+0x10/0x10 [ 15.183824] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.183846] ? calculate_sigpending+0x7b/0xa0 [ 15.183870] ? __pfx_kthread+0x10/0x10 [ 15.183892] ret_from_fork+0x116/0x1d0 [ 15.183910] ? __pfx_kthread+0x10/0x10 [ 15.183931] ret_from_fork_asm+0x1a/0x30 [ 15.183961] </TASK> [ 15.183971] [ 15.197503] Allocated by task 283: [ 15.197656] kasan_save_stack+0x45/0x70 [ 15.197820] kasan_save_track+0x18/0x40 [ 15.197957] kasan_save_alloc_info+0x3b/0x50 [ 15.198105] __kasan_kmalloc+0xb7/0xc0 [ 15.198237] __kmalloc_cache_noprof+0x189/0x420 [ 15.198399] kasan_atomics+0x95/0x310 [ 15.198532] kunit_try_run_case+0x1a5/0x480 [ 15.198676] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.199162] kthread+0x337/0x6f0 [ 15.199457] ret_from_fork+0x116/0x1d0 [ 15.199873] ret_from_fork_asm+0x1a/0x30 [ 15.200223] [ 15.200378] The buggy address belongs to the object at ffff888103ad1980 [ 15.200378] which belongs to the cache kmalloc-64 of size 64 [ 15.201581] The buggy address is located 0 bytes to the right of [ 15.201581] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 15.202797] [ 15.202963] The buggy address belongs to the physical page: [ 15.203432] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 15.204158] flags: 0x200000000000000(node=0|zone=2) [ 15.204583] page_type: f5(slab) [ 15.204956] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.205597] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.206330] page dumped because: kasan: bad access detected [ 15.206520] [ 15.206591] Memory state around the buggy address: [ 15.207068] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.207774] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.208370] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.208595] ^ [ 15.209083] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.209755] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.209978] ================================================================== [ 16.253402] ================================================================== [ 16.254131] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 16.254467] Write of size 8 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 16.255057] [ 16.255183] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.255229] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.255242] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.255263] Call Trace: [ 16.255279] <TASK> [ 16.255296] dump_stack_lvl+0x73/0xb0 [ 16.255326] print_report+0xd1/0x650 [ 16.255349] ? __virt_addr_valid+0x1db/0x2d0 [ 16.255373] ? kasan_atomics_helper+0x19e3/0x5450 [ 16.255396] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.255422] ? kasan_atomics_helper+0x19e3/0x5450 [ 16.255445] kasan_report+0x141/0x180 [ 16.255468] ? kasan_atomics_helper+0x19e3/0x5450 [ 16.255496] kasan_check_range+0x10c/0x1c0 [ 16.255521] __kasan_check_write+0x18/0x20 [ 16.255542] kasan_atomics_helper+0x19e3/0x5450 [ 16.255566] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.255590] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.255618] ? kasan_atomics+0x152/0x310 [ 16.255645] kasan_atomics+0x1dc/0x310 [ 16.255830] ? __pfx_kasan_atomics+0x10/0x10 [ 16.255858] ? __pfx_read_tsc+0x10/0x10 [ 16.255879] ? ktime_get_ts64+0x86/0x230 [ 16.255905] kunit_try_run_case+0x1a5/0x480 [ 16.255931] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.255956] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.255982] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.256008] ? __kthread_parkme+0x82/0x180 [ 16.256029] ? preempt_count_sub+0x50/0x80 [ 16.256055] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.256082] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.256107] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.256134] kthread+0x337/0x6f0 [ 16.256154] ? trace_preempt_on+0x20/0xc0 [ 16.256178] ? __pfx_kthread+0x10/0x10 [ 16.256200] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.256224] ? calculate_sigpending+0x7b/0xa0 [ 16.256248] ? __pfx_kthread+0x10/0x10 [ 16.256271] ret_from_fork+0x116/0x1d0 [ 16.256290] ? __pfx_kthread+0x10/0x10 [ 16.256313] ret_from_fork_asm+0x1a/0x30 [ 16.256344] </TASK> [ 16.256355] [ 16.266738] Allocated by task 283: [ 16.267007] kasan_save_stack+0x45/0x70 [ 16.267308] kasan_save_track+0x18/0x40 [ 16.267502] kasan_save_alloc_info+0x3b/0x50 [ 16.267778] __kasan_kmalloc+0xb7/0xc0 [ 16.268102] __kmalloc_cache_noprof+0x189/0x420 [ 16.268384] kasan_atomics+0x95/0x310 [ 16.268579] kunit_try_run_case+0x1a5/0x480 [ 16.268964] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.269216] kthread+0x337/0x6f0 [ 16.269365] ret_from_fork+0x116/0x1d0 [ 16.269542] ret_from_fork_asm+0x1a/0x30 [ 16.270011] [ 16.270121] The buggy address belongs to the object at ffff888103ad1980 [ 16.270121] which belongs to the cache kmalloc-64 of size 64 [ 16.270722] The buggy address is located 0 bytes to the right of [ 16.270722] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 16.271384] [ 16.271463] The buggy address belongs to the physical page: [ 16.271967] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 16.272408] flags: 0x200000000000000(node=0|zone=2) [ 16.272639] page_type: f5(slab) [ 16.272975] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.273377] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.273855] page dumped because: kasan: bad access detected [ 16.274080] [ 16.274317] Memory state around the buggy address: [ 16.274525] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.275034] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.275401] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.275787] ^ [ 16.276026] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.276482] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.276908] ================================================================== [ 15.297584] ================================================================== [ 15.298316] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 15.299012] Write of size 4 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 15.299726] [ 15.299850] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.300100] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.300119] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.300141] Call Trace: [ 15.300157] <TASK> [ 15.300174] dump_stack_lvl+0x73/0xb0 [ 15.300206] print_report+0xd1/0x650 [ 15.300229] ? __virt_addr_valid+0x1db/0x2d0 [ 15.300252] ? kasan_atomics_helper+0x4b3a/0x5450 [ 15.300275] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.300299] ? kasan_atomics_helper+0x4b3a/0x5450 [ 15.300323] kasan_report+0x141/0x180 [ 15.300346] ? kasan_atomics_helper+0x4b3a/0x5450 [ 15.300374] __asan_report_store4_noabort+0x1b/0x30 [ 15.300401] kasan_atomics_helper+0x4b3a/0x5450 [ 15.300425] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.300449] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.300476] ? kasan_atomics+0x152/0x310 [ 15.300503] kasan_atomics+0x1dc/0x310 [ 15.300529] ? __pfx_kasan_atomics+0x10/0x10 [ 15.300554] ? __pfx_read_tsc+0x10/0x10 [ 15.300577] ? ktime_get_ts64+0x86/0x230 [ 15.300603] kunit_try_run_case+0x1a5/0x480 [ 15.300630] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.300715] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.300755] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.300782] ? __kthread_parkme+0x82/0x180 [ 15.300804] ? preempt_count_sub+0x50/0x80 [ 15.300829] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.300855] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.300881] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.300909] kthread+0x337/0x6f0 [ 15.300929] ? trace_preempt_on+0x20/0xc0 [ 15.300953] ? __pfx_kthread+0x10/0x10 [ 15.300975] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.300999] ? calculate_sigpending+0x7b/0xa0 [ 15.301024] ? __pfx_kthread+0x10/0x10 [ 15.301047] ret_from_fork+0x116/0x1d0 [ 15.301067] ? __pfx_kthread+0x10/0x10 [ 15.301090] ret_from_fork_asm+0x1a/0x30 [ 15.301122] </TASK> [ 15.301133] [ 15.314343] Allocated by task 283: [ 15.314696] kasan_save_stack+0x45/0x70 [ 15.315137] kasan_save_track+0x18/0x40 [ 15.315517] kasan_save_alloc_info+0x3b/0x50 [ 15.315986] __kasan_kmalloc+0xb7/0xc0 [ 15.316243] __kmalloc_cache_noprof+0x189/0x420 [ 15.316401] kasan_atomics+0x95/0x310 [ 15.316535] kunit_try_run_case+0x1a5/0x480 [ 15.316690] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.316898] kthread+0x337/0x6f0 [ 15.317061] ret_from_fork+0x116/0x1d0 [ 15.317234] ret_from_fork_asm+0x1a/0x30 [ 15.317411] [ 15.317483] The buggy address belongs to the object at ffff888103ad1980 [ 15.317483] which belongs to the cache kmalloc-64 of size 64 [ 15.318089] The buggy address is located 0 bytes to the right of [ 15.318089] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 15.318686] [ 15.318870] The buggy address belongs to the physical page: [ 15.319097] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 15.319370] flags: 0x200000000000000(node=0|zone=2) [ 15.319619] page_type: f5(slab) [ 15.319817] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.320222] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.320525] page dumped because: kasan: bad access detected [ 15.320813] [ 15.320910] Memory state around the buggy address: [ 15.321127] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.321430] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.321767] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.321979] ^ [ 15.322189] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.322516] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.322811] ================================================================== [ 16.477849] ================================================================== [ 16.478178] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 16.478469] Read of size 8 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 16.478871] [ 16.478982] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.479025] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.479048] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.479068] Call Trace: [ 16.479081] <TASK> [ 16.479096] dump_stack_lvl+0x73/0xb0 [ 16.479138] print_report+0xd1/0x650 [ 16.479160] ? __virt_addr_valid+0x1db/0x2d0 [ 16.479184] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.479207] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.479231] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.479254] kasan_report+0x141/0x180 [ 16.479278] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.479306] __asan_report_load8_noabort+0x18/0x20 [ 16.479332] kasan_atomics_helper+0x4f71/0x5450 [ 16.479356] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.479381] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.479408] ? kasan_atomics+0x152/0x310 [ 16.479435] kasan_atomics+0x1dc/0x310 [ 16.479458] ? __pfx_kasan_atomics+0x10/0x10 [ 16.479484] ? __pfx_read_tsc+0x10/0x10 [ 16.479506] ? ktime_get_ts64+0x86/0x230 [ 16.479530] kunit_try_run_case+0x1a5/0x480 [ 16.479555] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.479580] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.479604] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.479630] ? __kthread_parkme+0x82/0x180 [ 16.479651] ? preempt_count_sub+0x50/0x80 [ 16.479697] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.479723] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.479766] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.479793] kthread+0x337/0x6f0 [ 16.479814] ? trace_preempt_on+0x20/0xc0 [ 16.479839] ? __pfx_kthread+0x10/0x10 [ 16.479860] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.479883] ? calculate_sigpending+0x7b/0xa0 [ 16.479909] ? __pfx_kthread+0x10/0x10 [ 16.479932] ret_from_fork+0x116/0x1d0 [ 16.479953] ? __pfx_kthread+0x10/0x10 [ 16.479974] ret_from_fork_asm+0x1a/0x30 [ 16.480005] </TASK> [ 16.480016] [ 16.487461] Allocated by task 283: [ 16.487636] kasan_save_stack+0x45/0x70 [ 16.487844] kasan_save_track+0x18/0x40 [ 16.488039] kasan_save_alloc_info+0x3b/0x50 [ 16.488245] __kasan_kmalloc+0xb7/0xc0 [ 16.488443] __kmalloc_cache_noprof+0x189/0x420 [ 16.488675] kasan_atomics+0x95/0x310 [ 16.488892] kunit_try_run_case+0x1a5/0x480 [ 16.489080] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.489304] kthread+0x337/0x6f0 [ 16.489425] ret_from_fork+0x116/0x1d0 [ 16.489558] ret_from_fork_asm+0x1a/0x30 [ 16.489797] [ 16.489892] The buggy address belongs to the object at ffff888103ad1980 [ 16.489892] which belongs to the cache kmalloc-64 of size 64 [ 16.490456] The buggy address is located 0 bytes to the right of [ 16.490456] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 16.491009] [ 16.491081] The buggy address belongs to the physical page: [ 16.491253] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 16.491640] flags: 0x200000000000000(node=0|zone=2) [ 16.492076] page_type: f5(slab) [ 16.492259] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.492546] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.493047] page dumped because: kasan: bad access detected [ 16.493247] [ 16.493362] Memory state around the buggy address: [ 16.493549] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.493922] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.494235] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.494532] ^ [ 16.494808] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.495118] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.495421] ================================================================== [ 15.682622] ================================================================== [ 15.682967] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 15.683269] Write of size 4 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 15.683492] [ 15.683575] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.683615] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.683628] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.683649] Call Trace: [ 15.683663] <TASK> [ 15.683678] dump_stack_lvl+0x73/0xb0 [ 15.683705] print_report+0xd1/0x650 [ 15.683729] ? __virt_addr_valid+0x1db/0x2d0 [ 15.683764] ? kasan_atomics_helper+0xde0/0x5450 [ 15.683788] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.683811] ? kasan_atomics_helper+0xde0/0x5450 [ 15.683835] kasan_report+0x141/0x180 [ 15.683858] ? kasan_atomics_helper+0xde0/0x5450 [ 15.683885] kasan_check_range+0x10c/0x1c0 [ 15.683910] __kasan_check_write+0x18/0x20 [ 15.683931] kasan_atomics_helper+0xde0/0x5450 [ 15.683955] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.683980] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.684007] ? kasan_atomics+0x152/0x310 [ 15.684035] kasan_atomics+0x1dc/0x310 [ 15.684059] ? __pfx_kasan_atomics+0x10/0x10 [ 15.684085] ? __pfx_read_tsc+0x10/0x10 [ 15.684106] ? ktime_get_ts64+0x86/0x230 [ 15.684133] kunit_try_run_case+0x1a5/0x480 [ 15.684158] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.684182] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.684207] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.684244] ? __kthread_parkme+0x82/0x180 [ 15.684265] ? preempt_count_sub+0x50/0x80 [ 15.684290] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.684317] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.684342] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.684369] kthread+0x337/0x6f0 [ 15.684389] ? trace_preempt_on+0x20/0xc0 [ 15.684415] ? __pfx_kthread+0x10/0x10 [ 15.684437] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.684460] ? calculate_sigpending+0x7b/0xa0 [ 15.684485] ? __pfx_kthread+0x10/0x10 [ 15.684508] ret_from_fork+0x116/0x1d0 [ 15.684526] ? __pfx_kthread+0x10/0x10 [ 15.684548] ret_from_fork_asm+0x1a/0x30 [ 15.684580] </TASK> [ 15.684590] [ 15.691762] Allocated by task 283: [ 15.692055] kasan_save_stack+0x45/0x70 [ 15.692261] kasan_save_track+0x18/0x40 [ 15.692462] kasan_save_alloc_info+0x3b/0x50 [ 15.692742] __kasan_kmalloc+0xb7/0xc0 [ 15.693348] __kmalloc_cache_noprof+0x189/0x420 [ 15.693522] kasan_atomics+0x95/0x310 [ 15.693658] kunit_try_run_case+0x1a5/0x480 [ 15.695161] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.695739] kthread+0x337/0x6f0 [ 15.696177] ret_from_fork+0x116/0x1d0 [ 15.696324] ret_from_fork_asm+0x1a/0x30 [ 15.696468] [ 15.696541] The buggy address belongs to the object at ffff888103ad1980 [ 15.696541] which belongs to the cache kmalloc-64 of size 64 [ 15.698171] The buggy address is located 0 bytes to the right of [ 15.698171] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 15.699617] [ 15.700011] The buggy address belongs to the physical page: [ 15.700666] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 15.701100] flags: 0x200000000000000(node=0|zone=2) [ 15.701275] page_type: f5(slab) [ 15.701398] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.701630] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.702840] page dumped because: kasan: bad access detected [ 15.703485] [ 15.703839] Memory state around the buggy address: [ 15.704410] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.705369] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.705885] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.706518] ^ [ 15.706914] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.707644] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.708205] ================================================================== [ 15.766608] ================================================================== [ 15.767367] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 15.767987] Write of size 4 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 15.768215] [ 15.768302] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.768344] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.768357] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.768379] Call Trace: [ 15.768396] <TASK> [ 15.768412] dump_stack_lvl+0x73/0xb0 [ 15.768441] print_report+0xd1/0x650 [ 15.768464] ? __virt_addr_valid+0x1db/0x2d0 [ 15.768489] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.768510] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.768535] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.768558] kasan_report+0x141/0x180 [ 15.768581] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.768608] kasan_check_range+0x10c/0x1c0 [ 15.768633] __kasan_check_write+0x18/0x20 [ 15.768663] kasan_atomics_helper+0xfa9/0x5450 [ 15.768688] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.768711] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.768737] ? kasan_atomics+0x152/0x310 [ 15.768777] kasan_atomics+0x1dc/0x310 [ 15.768801] ? __pfx_kasan_atomics+0x10/0x10 [ 15.768826] ? __pfx_read_tsc+0x10/0x10 [ 15.768848] ? ktime_get_ts64+0x86/0x230 [ 15.768873] kunit_try_run_case+0x1a5/0x480 [ 15.768897] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.768922] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.768948] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.768974] ? __kthread_parkme+0x82/0x180 [ 15.768994] ? preempt_count_sub+0x50/0x80 [ 15.769019] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.769045] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.769071] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.769098] kthread+0x337/0x6f0 [ 15.769119] ? trace_preempt_on+0x20/0xc0 [ 15.769144] ? __pfx_kthread+0x10/0x10 [ 15.769165] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.769188] ? calculate_sigpending+0x7b/0xa0 [ 15.769213] ? __pfx_kthread+0x10/0x10 [ 15.769235] ret_from_fork+0x116/0x1d0 [ 15.769255] ? __pfx_kthread+0x10/0x10 [ 15.769276] ret_from_fork_asm+0x1a/0x30 [ 15.769308] </TASK> [ 15.769319] [ 15.781397] Allocated by task 283: [ 15.781536] kasan_save_stack+0x45/0x70 [ 15.781740] kasan_save_track+0x18/0x40 [ 15.782085] kasan_save_alloc_info+0x3b/0x50 [ 15.782474] __kasan_kmalloc+0xb7/0xc0 [ 15.782852] __kmalloc_cache_noprof+0x189/0x420 [ 15.783292] kasan_atomics+0x95/0x310 [ 15.783662] kunit_try_run_case+0x1a5/0x480 [ 15.784059] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.784533] kthread+0x337/0x6f0 [ 15.784932] ret_from_fork+0x116/0x1d0 [ 15.785287] ret_from_fork_asm+0x1a/0x30 [ 15.785661] [ 15.785827] The buggy address belongs to the object at ffff888103ad1980 [ 15.785827] which belongs to the cache kmalloc-64 of size 64 [ 15.786869] The buggy address is located 0 bytes to the right of [ 15.786869] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 15.788061] [ 15.788218] The buggy address belongs to the physical page: [ 15.788711] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 15.789021] flags: 0x200000000000000(node=0|zone=2) [ 15.789188] page_type: f5(slab) [ 15.789309] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.789544] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.789900] page dumped because: kasan: bad access detected [ 15.790148] [ 15.790253] Memory state around the buggy address: [ 15.790436] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.790691] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.791037] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.791273] ^ [ 15.791494] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.791847] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.792104] ================================================================== [ 15.347498] ================================================================== [ 15.347778] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 15.349319] Write of size 4 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 15.350689] [ 15.351001] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.351103] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.351116] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.351139] Call Trace: [ 15.351248] <TASK> [ 15.351267] dump_stack_lvl+0x73/0xb0 [ 15.351301] print_report+0xd1/0x650 [ 15.351326] ? __virt_addr_valid+0x1db/0x2d0 [ 15.351350] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.351373] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.351398] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.351420] kasan_report+0x141/0x180 [ 15.351443] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.351471] kasan_check_range+0x10c/0x1c0 [ 15.351497] __kasan_check_write+0x18/0x20 [ 15.351518] kasan_atomics_helper+0x5fe/0x5450 [ 15.351542] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.351566] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.351593] ? kasan_atomics+0x152/0x310 [ 15.351620] kasan_atomics+0x1dc/0x310 [ 15.351713] ? __pfx_kasan_atomics+0x10/0x10 [ 15.351742] ? __pfx_read_tsc+0x10/0x10 [ 15.351777] ? ktime_get_ts64+0x86/0x230 [ 15.351802] kunit_try_run_case+0x1a5/0x480 [ 15.351828] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.351852] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.351879] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.351904] ? __kthread_parkme+0x82/0x180 [ 15.351925] ? preempt_count_sub+0x50/0x80 [ 15.351951] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.351977] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.352002] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.352029] kthread+0x337/0x6f0 [ 15.352050] ? trace_preempt_on+0x20/0xc0 [ 15.352075] ? __pfx_kthread+0x10/0x10 [ 15.352097] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.352120] ? calculate_sigpending+0x7b/0xa0 [ 15.352144] ? __pfx_kthread+0x10/0x10 [ 15.352167] ret_from_fork+0x116/0x1d0 [ 15.352186] ? __pfx_kthread+0x10/0x10 [ 15.352208] ret_from_fork_asm+0x1a/0x30 [ 15.352240] </TASK> [ 15.352252] [ 15.367933] Allocated by task 283: [ 15.368292] kasan_save_stack+0x45/0x70 [ 15.368533] kasan_save_track+0x18/0x40 [ 15.368867] kasan_save_alloc_info+0x3b/0x50 [ 15.369372] __kasan_kmalloc+0xb7/0xc0 [ 15.369782] __kmalloc_cache_noprof+0x189/0x420 [ 15.370139] kasan_atomics+0x95/0x310 [ 15.370282] kunit_try_run_case+0x1a5/0x480 [ 15.370445] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.370624] kthread+0x337/0x6f0 [ 15.371044] ret_from_fork+0x116/0x1d0 [ 15.371413] ret_from_fork_asm+0x1a/0x30 [ 15.371871] [ 15.372034] The buggy address belongs to the object at ffff888103ad1980 [ 15.372034] which belongs to the cache kmalloc-64 of size 64 [ 15.373138] The buggy address is located 0 bytes to the right of [ 15.373138] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 15.374319] [ 15.374408] The buggy address belongs to the physical page: [ 15.374586] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 15.375304] flags: 0x200000000000000(node=0|zone=2) [ 15.375822] page_type: f5(slab) [ 15.376187] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.377003] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.377663] page dumped because: kasan: bad access detected [ 15.378165] [ 15.378240] Memory state around the buggy address: [ 15.378402] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.378618] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.379454] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.380156] ^ [ 15.380587] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.381305] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.381943] ================================================================== [ 16.047409] ================================================================== [ 16.047843] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 16.048212] Write of size 8 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 16.048523] [ 16.048615] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.048665] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.048677] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.048697] Call Trace: [ 16.048711] <TASK> [ 16.048726] dump_stack_lvl+0x73/0xb0 [ 16.048767] print_report+0xd1/0x650 [ 16.048790] ? __virt_addr_valid+0x1db/0x2d0 [ 16.048814] ? kasan_atomics_helper+0x50d4/0x5450 [ 16.048836] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.048861] ? kasan_atomics_helper+0x50d4/0x5450 [ 16.048883] kasan_report+0x141/0x180 [ 16.048907] ? kasan_atomics_helper+0x50d4/0x5450 [ 16.048934] __asan_report_store8_noabort+0x1b/0x30 [ 16.048961] kasan_atomics_helper+0x50d4/0x5450 [ 16.048984] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.049009] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.049036] ? kasan_atomics+0x152/0x310 [ 16.049063] kasan_atomics+0x1dc/0x310 [ 16.049086] ? __pfx_kasan_atomics+0x10/0x10 [ 16.049112] ? __pfx_read_tsc+0x10/0x10 [ 16.049133] ? ktime_get_ts64+0x86/0x230 [ 16.049160] kunit_try_run_case+0x1a5/0x480 [ 16.049187] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.049211] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.049236] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.049262] ? __kthread_parkme+0x82/0x180 [ 16.049283] ? preempt_count_sub+0x50/0x80 [ 16.049308] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.049333] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.049358] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.049386] kthread+0x337/0x6f0 [ 16.049406] ? trace_preempt_on+0x20/0xc0 [ 16.049431] ? __pfx_kthread+0x10/0x10 [ 16.049453] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.049476] ? calculate_sigpending+0x7b/0xa0 [ 16.049501] ? __pfx_kthread+0x10/0x10 [ 16.049524] ret_from_fork+0x116/0x1d0 [ 16.049543] ? __pfx_kthread+0x10/0x10 [ 16.049565] ret_from_fork_asm+0x1a/0x30 [ 16.049596] </TASK> [ 16.049608] [ 16.056770] Allocated by task 283: [ 16.056897] kasan_save_stack+0x45/0x70 [ 16.057039] kasan_save_track+0x18/0x40 [ 16.057174] kasan_save_alloc_info+0x3b/0x50 [ 16.057321] __kasan_kmalloc+0xb7/0xc0 [ 16.057454] __kmalloc_cache_noprof+0x189/0x420 [ 16.057610] kasan_atomics+0x95/0x310 [ 16.057741] kunit_try_run_case+0x1a5/0x480 [ 16.057959] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.058213] kthread+0x337/0x6f0 [ 16.058403] ret_from_fork+0x116/0x1d0 [ 16.058591] ret_from_fork_asm+0x1a/0x30 [ 16.058978] [ 16.059073] The buggy address belongs to the object at ffff888103ad1980 [ 16.059073] which belongs to the cache kmalloc-64 of size 64 [ 16.059597] The buggy address is located 0 bytes to the right of [ 16.059597] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 16.060463] [ 16.060535] The buggy address belongs to the physical page: [ 16.060705] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 16.060951] flags: 0x200000000000000(node=0|zone=2) [ 16.061111] page_type: f5(slab) [ 16.061230] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.061458] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.061879] page dumped because: kasan: bad access detected [ 16.062136] [ 16.062231] Memory state around the buggy address: [ 16.062468] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.062964] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.063290] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.063609] ^ [ 16.063890] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.064177] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.064419] ================================================================== [ 15.849403] ================================================================== [ 15.849773] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 15.850117] Write of size 4 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 15.850458] [ 15.850569] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.850691] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.850705] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.850726] Call Trace: [ 15.850741] <TASK> [ 15.850771] dump_stack_lvl+0x73/0xb0 [ 15.850801] print_report+0xd1/0x650 [ 15.850824] ? __virt_addr_valid+0x1db/0x2d0 [ 15.850849] ? kasan_atomics_helper+0x1148/0x5450 [ 15.850871] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.850896] ? kasan_atomics_helper+0x1148/0x5450 [ 15.850951] kasan_report+0x141/0x180 [ 15.850996] ? kasan_atomics_helper+0x1148/0x5450 [ 15.851025] kasan_check_range+0x10c/0x1c0 [ 15.851051] __kasan_check_write+0x18/0x20 [ 15.851072] kasan_atomics_helper+0x1148/0x5450 [ 15.851097] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.851121] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.851148] ? kasan_atomics+0x152/0x310 [ 15.851176] kasan_atomics+0x1dc/0x310 [ 15.851200] ? __pfx_kasan_atomics+0x10/0x10 [ 15.851226] ? __pfx_read_tsc+0x10/0x10 [ 15.851247] ? ktime_get_ts64+0x86/0x230 [ 15.851273] kunit_try_run_case+0x1a5/0x480 [ 15.851298] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.851323] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.851348] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.851374] ? __kthread_parkme+0x82/0x180 [ 15.851397] ? preempt_count_sub+0x50/0x80 [ 15.851422] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.851448] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.851473] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.851501] kthread+0x337/0x6f0 [ 15.851521] ? trace_preempt_on+0x20/0xc0 [ 15.851546] ? __pfx_kthread+0x10/0x10 [ 15.851568] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.851591] ? calculate_sigpending+0x7b/0xa0 [ 15.851617] ? __pfx_kthread+0x10/0x10 [ 15.851660] ret_from_fork+0x116/0x1d0 [ 15.851680] ? __pfx_kthread+0x10/0x10 [ 15.851701] ret_from_fork_asm+0x1a/0x30 [ 15.851733] </TASK> [ 15.851755] [ 15.859774] Allocated by task 283: [ 15.859962] kasan_save_stack+0x45/0x70 [ 15.860166] kasan_save_track+0x18/0x40 [ 15.860439] kasan_save_alloc_info+0x3b/0x50 [ 15.860769] __kasan_kmalloc+0xb7/0xc0 [ 15.860914] __kmalloc_cache_noprof+0x189/0x420 [ 15.861185] kasan_atomics+0x95/0x310 [ 15.861452] kunit_try_run_case+0x1a5/0x480 [ 15.861771] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.861992] kthread+0x337/0x6f0 [ 15.862152] ret_from_fork+0x116/0x1d0 [ 15.862322] ret_from_fork_asm+0x1a/0x30 [ 15.862469] [ 15.862567] The buggy address belongs to the object at ffff888103ad1980 [ 15.862567] which belongs to the cache kmalloc-64 of size 64 [ 15.863837] The buggy address is located 0 bytes to the right of [ 15.863837] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 15.864282] [ 15.864359] The buggy address belongs to the physical page: [ 15.864531] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 15.866683] flags: 0x200000000000000(node=0|zone=2) [ 15.868195] page_type: f5(slab) [ 15.869119] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.871171] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.872216] page dumped because: kasan: bad access detected [ 15.872409] [ 15.872482] Memory state around the buggy address: [ 15.872939] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.873780] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.874588] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.875477] ^ [ 15.875804] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.876030] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.876244] ================================================================== [ 16.176445] ================================================================== [ 16.176737] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 16.177321] Write of size 8 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 16.177970] [ 16.178074] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.178121] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.178135] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.178159] Call Trace: [ 16.178176] <TASK> [ 16.178195] dump_stack_lvl+0x73/0xb0 [ 16.178225] print_report+0xd1/0x650 [ 16.178251] ? __virt_addr_valid+0x1db/0x2d0 [ 16.178276] ? kasan_atomics_helper+0x1818/0x5450 [ 16.178300] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.178326] ? kasan_atomics_helper+0x1818/0x5450 [ 16.178350] kasan_report+0x141/0x180 [ 16.178379] ? kasan_atomics_helper+0x1818/0x5450 [ 16.178407] kasan_check_range+0x10c/0x1c0 [ 16.178434] __kasan_check_write+0x18/0x20 [ 16.178457] kasan_atomics_helper+0x1818/0x5450 [ 16.178482] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.178507] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.178534] ? kasan_atomics+0x152/0x310 [ 16.178561] kasan_atomics+0x1dc/0x310 [ 16.178586] ? __pfx_kasan_atomics+0x10/0x10 [ 16.178612] ? __pfx_read_tsc+0x10/0x10 [ 16.178633] ? ktime_get_ts64+0x86/0x230 [ 16.178881] kunit_try_run_case+0x1a5/0x480 [ 16.178914] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.178941] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.178968] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.178994] ? __kthread_parkme+0x82/0x180 [ 16.179016] ? preempt_count_sub+0x50/0x80 [ 16.179042] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.179069] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.179097] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.179203] kthread+0x337/0x6f0 [ 16.179229] ? trace_preempt_on+0x20/0xc0 [ 16.179255] ? __pfx_kthread+0x10/0x10 [ 16.179279] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.179305] ? calculate_sigpending+0x7b/0xa0 [ 16.179331] ? __pfx_kthread+0x10/0x10 [ 16.179354] ret_from_fork+0x116/0x1d0 [ 16.179374] ? __pfx_kthread+0x10/0x10 [ 16.179397] ret_from_fork_asm+0x1a/0x30 [ 16.179431] </TASK> [ 16.179444] [ 16.190589] Allocated by task 283: [ 16.190960] kasan_save_stack+0x45/0x70 [ 16.191257] kasan_save_track+0x18/0x40 [ 16.191567] kasan_save_alloc_info+0x3b/0x50 [ 16.191892] __kasan_kmalloc+0xb7/0xc0 [ 16.192090] __kmalloc_cache_noprof+0x189/0x420 [ 16.192309] kasan_atomics+0x95/0x310 [ 16.192485] kunit_try_run_case+0x1a5/0x480 [ 16.192664] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.193278] kthread+0x337/0x6f0 [ 16.193428] ret_from_fork+0x116/0x1d0 [ 16.193948] ret_from_fork_asm+0x1a/0x30 [ 16.194233] [ 16.194338] The buggy address belongs to the object at ffff888103ad1980 [ 16.194338] which belongs to the cache kmalloc-64 of size 64 [ 16.195194] The buggy address is located 0 bytes to the right of [ 16.195194] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 16.195997] [ 16.196220] The buggy address belongs to the physical page: [ 16.196535] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 16.197092] flags: 0x200000000000000(node=0|zone=2) [ 16.197431] page_type: f5(slab) [ 16.197757] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.198193] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.198625] page dumped because: kasan: bad access detected [ 16.198996] [ 16.199198] Memory state around the buggy address: [ 16.199472] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.199838] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.200157] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.200465] ^ [ 16.200946] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.201349] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.201797] ================================================================== [ 15.501126] ================================================================== [ 15.501415] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 15.501941] Write of size 4 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 15.502299] [ 15.502455] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.502500] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.502513] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.502549] Call Trace: [ 15.502579] <TASK> [ 15.502595] dump_stack_lvl+0x73/0xb0 [ 15.502639] print_report+0xd1/0x650 [ 15.502682] ? __virt_addr_valid+0x1db/0x2d0 [ 15.502708] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.502732] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.502828] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.502853] kasan_report+0x141/0x180 [ 15.502877] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.502904] kasan_check_range+0x10c/0x1c0 [ 15.502929] __kasan_check_write+0x18/0x20 [ 15.502958] kasan_atomics_helper+0x8f9/0x5450 [ 15.503014] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.503038] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.503065] ? kasan_atomics+0x152/0x310 [ 15.503104] kasan_atomics+0x1dc/0x310 [ 15.503127] ? __pfx_kasan_atomics+0x10/0x10 [ 15.503152] ? __pfx_read_tsc+0x10/0x10 [ 15.503175] ? ktime_get_ts64+0x86/0x230 [ 15.503200] kunit_try_run_case+0x1a5/0x480 [ 15.503252] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.503279] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.503305] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.503341] ? __kthread_parkme+0x82/0x180 [ 15.503363] ? preempt_count_sub+0x50/0x80 [ 15.503414] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.503440] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.503467] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.503504] kthread+0x337/0x6f0 [ 15.503525] ? trace_preempt_on+0x20/0xc0 [ 15.503550] ? __pfx_kthread+0x10/0x10 [ 15.503572] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.503596] ? calculate_sigpending+0x7b/0xa0 [ 15.503621] ? __pfx_kthread+0x10/0x10 [ 15.503644] ret_from_fork+0x116/0x1d0 [ 15.503680] ? __pfx_kthread+0x10/0x10 [ 15.503702] ret_from_fork_asm+0x1a/0x30 [ 15.503734] </TASK> [ 15.503755] [ 15.513249] Allocated by task 283: [ 15.513719] kasan_save_stack+0x45/0x70 [ 15.514000] kasan_save_track+0x18/0x40 [ 15.514145] kasan_save_alloc_info+0x3b/0x50 [ 15.514357] __kasan_kmalloc+0xb7/0xc0 [ 15.514556] __kmalloc_cache_noprof+0x189/0x420 [ 15.514898] kasan_atomics+0x95/0x310 [ 15.515141] kunit_try_run_case+0x1a5/0x480 [ 15.515376] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.515651] kthread+0x337/0x6f0 [ 15.515911] ret_from_fork+0x116/0x1d0 [ 15.516125] ret_from_fork_asm+0x1a/0x30 [ 15.516349] [ 15.516460] The buggy address belongs to the object at ffff888103ad1980 [ 15.516460] which belongs to the cache kmalloc-64 of size 64 [ 15.517180] The buggy address is located 0 bytes to the right of [ 15.517180] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 15.518203] [ 15.518374] The buggy address belongs to the physical page: [ 15.518672] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 15.519126] flags: 0x200000000000000(node=0|zone=2) [ 15.519386] page_type: f5(slab) [ 15.519510] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.520056] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.520502] page dumped because: kasan: bad access detected [ 15.520820] [ 15.520894] Memory state around the buggy address: [ 15.521108] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.521436] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.521870] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.522157] ^ [ 15.522313] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.522640] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.523211] ================================================================== [ 16.203025] ================================================================== [ 16.203345] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 16.203929] Write of size 8 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 16.204479] [ 16.204711] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.204881] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.204898] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.204920] Call Trace: [ 16.204938] <TASK> [ 16.204956] dump_stack_lvl+0x73/0xb0 [ 16.204988] print_report+0xd1/0x650 [ 16.205012] ? __virt_addr_valid+0x1db/0x2d0 [ 16.205037] ? kasan_atomics_helper+0x18b1/0x5450 [ 16.205060] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.205086] ? kasan_atomics_helper+0x18b1/0x5450 [ 16.205110] kasan_report+0x141/0x180 [ 16.205134] ? kasan_atomics_helper+0x18b1/0x5450 [ 16.205161] kasan_check_range+0x10c/0x1c0 [ 16.205187] __kasan_check_write+0x18/0x20 [ 16.205208] kasan_atomics_helper+0x18b1/0x5450 [ 16.205233] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.205258] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.205284] ? kasan_atomics+0x152/0x310 [ 16.205312] kasan_atomics+0x1dc/0x310 [ 16.205335] ? __pfx_kasan_atomics+0x10/0x10 [ 16.205361] ? __pfx_read_tsc+0x10/0x10 [ 16.205384] ? ktime_get_ts64+0x86/0x230 [ 16.205410] kunit_try_run_case+0x1a5/0x480 [ 16.205436] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.205460] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.205487] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.205513] ? __kthread_parkme+0x82/0x180 [ 16.205534] ? preempt_count_sub+0x50/0x80 [ 16.205560] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.205586] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.205612] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.205639] kthread+0x337/0x6f0 [ 16.205673] ? trace_preempt_on+0x20/0xc0 [ 16.205698] ? __pfx_kthread+0x10/0x10 [ 16.205720] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.205743] ? calculate_sigpending+0x7b/0xa0 [ 16.205781] ? __pfx_kthread+0x10/0x10 [ 16.205804] ret_from_fork+0x116/0x1d0 [ 16.205823] ? __pfx_kthread+0x10/0x10 [ 16.205845] ret_from_fork_asm+0x1a/0x30 [ 16.205877] </TASK> [ 16.205889] [ 16.216727] Allocated by task 283: [ 16.217143] kasan_save_stack+0x45/0x70 [ 16.217425] kasan_save_track+0x18/0x40 [ 16.217755] kasan_save_alloc_info+0x3b/0x50 [ 16.218075] __kasan_kmalloc+0xb7/0xc0 [ 16.218355] __kmalloc_cache_noprof+0x189/0x420 [ 16.218596] kasan_atomics+0x95/0x310 [ 16.218974] kunit_try_run_case+0x1a5/0x480 [ 16.219284] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.219626] kthread+0x337/0x6f0 [ 16.219893] ret_from_fork+0x116/0x1d0 [ 16.220107] ret_from_fork_asm+0x1a/0x30 [ 16.220288] [ 16.220378] The buggy address belongs to the object at ffff888103ad1980 [ 16.220378] which belongs to the cache kmalloc-64 of size 64 [ 16.221355] The buggy address is located 0 bytes to the right of [ 16.221355] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 16.222056] [ 16.222339] The buggy address belongs to the physical page: [ 16.222603] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 16.223051] flags: 0x200000000000000(node=0|zone=2) [ 16.223368] page_type: f5(slab) [ 16.223619] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.224139] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.224554] page dumped because: kasan: bad access detected [ 16.224965] [ 16.225044] Memory state around the buggy address: [ 16.225405] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.225860] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.226173] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.226478] ^ [ 16.227014] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.227304] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.227728] ================================================================== [ 15.647002] ================================================================== [ 15.647553] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 15.648209] Read of size 4 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 15.648540] [ 15.648650] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.648695] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.648708] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.648728] Call Trace: [ 15.648742] <TASK> [ 15.648769] dump_stack_lvl+0x73/0xb0 [ 15.648801] print_report+0xd1/0x650 [ 15.648825] ? __virt_addr_valid+0x1db/0x2d0 [ 15.648849] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.648872] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.648896] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.648920] kasan_report+0x141/0x180 [ 15.648942] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.648970] __asan_report_load4_noabort+0x18/0x20 [ 15.648996] kasan_atomics_helper+0x4a84/0x5450 [ 15.649020] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.649044] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.649071] ? kasan_atomics+0x152/0x310 [ 15.649098] kasan_atomics+0x1dc/0x310 [ 15.649121] ? __pfx_kasan_atomics+0x10/0x10 [ 15.649147] ? __pfx_read_tsc+0x10/0x10 [ 15.649168] ? ktime_get_ts64+0x86/0x230 [ 15.649194] kunit_try_run_case+0x1a5/0x480 [ 15.649219] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.649243] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.649268] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.649293] ? __kthread_parkme+0x82/0x180 [ 15.649314] ? preempt_count_sub+0x50/0x80 [ 15.649339] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.649365] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.649391] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.649418] kthread+0x337/0x6f0 [ 15.649437] ? trace_preempt_on+0x20/0xc0 [ 15.649462] ? __pfx_kthread+0x10/0x10 [ 15.649484] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.649508] ? calculate_sigpending+0x7b/0xa0 [ 15.649532] ? __pfx_kthread+0x10/0x10 [ 15.649555] ret_from_fork+0x116/0x1d0 [ 15.649575] ? __pfx_kthread+0x10/0x10 [ 15.649596] ret_from_fork_asm+0x1a/0x30 [ 15.649628] </TASK> [ 15.649639] [ 15.656801] Allocated by task 283: [ 15.656975] kasan_save_stack+0x45/0x70 [ 15.657152] kasan_save_track+0x18/0x40 [ 15.657289] kasan_save_alloc_info+0x3b/0x50 [ 15.657486] __kasan_kmalloc+0xb7/0xc0 [ 15.657701] __kmalloc_cache_noprof+0x189/0x420 [ 15.657941] kasan_atomics+0x95/0x310 [ 15.658115] kunit_try_run_case+0x1a5/0x480 [ 15.658268] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.658524] kthread+0x337/0x6f0 [ 15.658664] ret_from_fork+0x116/0x1d0 [ 15.658877] ret_from_fork_asm+0x1a/0x30 [ 15.659049] [ 15.659151] The buggy address belongs to the object at ffff888103ad1980 [ 15.659151] which belongs to the cache kmalloc-64 of size 64 [ 15.659596] The buggy address is located 0 bytes to the right of [ 15.659596] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 15.660269] [ 15.660372] The buggy address belongs to the physical page: [ 15.660598] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 15.660918] flags: 0x200000000000000(node=0|zone=2) [ 15.661091] page_type: f5(slab) [ 15.661214] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.661446] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.661769] page dumped because: kasan: bad access detected [ 15.662115] [ 15.662209] Memory state around the buggy address: [ 15.662435] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.662868] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.663111] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.663324] ^ [ 15.663478] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.663693] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.664254] ================================================================== [ 16.617734] ================================================================== [ 16.618121] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 16.618575] Read of size 8 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 16.619225] [ 16.619450] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.619511] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.619629] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.619655] Call Trace: [ 16.619673] <TASK> [ 16.619690] dump_stack_lvl+0x73/0xb0 [ 16.619737] print_report+0xd1/0x650 [ 16.619773] ? __virt_addr_valid+0x1db/0x2d0 [ 16.619796] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.619819] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.619844] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.619867] kasan_report+0x141/0x180 [ 16.619890] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.619918] __asan_report_load8_noabort+0x18/0x20 [ 16.619947] kasan_atomics_helper+0x4fa5/0x5450 [ 16.619971] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.619995] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.620022] ? kasan_atomics+0x152/0x310 [ 16.620048] kasan_atomics+0x1dc/0x310 [ 16.620073] ? __pfx_kasan_atomics+0x10/0x10 [ 16.620099] ? __pfx_read_tsc+0x10/0x10 [ 16.620121] ? ktime_get_ts64+0x86/0x230 [ 16.620148] kunit_try_run_case+0x1a5/0x480 [ 16.620173] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.620197] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.620223] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.620249] ? __kthread_parkme+0x82/0x180 [ 16.620270] ? preempt_count_sub+0x50/0x80 [ 16.620296] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.620321] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.620347] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.620373] kthread+0x337/0x6f0 [ 16.620394] ? trace_preempt_on+0x20/0xc0 [ 16.620419] ? __pfx_kthread+0x10/0x10 [ 16.620440] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.620463] ? calculate_sigpending+0x7b/0xa0 [ 16.620489] ? __pfx_kthread+0x10/0x10 [ 16.620512] ret_from_fork+0x116/0x1d0 [ 16.620531] ? __pfx_kthread+0x10/0x10 [ 16.620552] ret_from_fork_asm+0x1a/0x30 [ 16.620585] </TASK> [ 16.620597] [ 16.632839] Allocated by task 283: [ 16.633009] kasan_save_stack+0x45/0x70 [ 16.633197] kasan_save_track+0x18/0x40 [ 16.633374] kasan_save_alloc_info+0x3b/0x50 [ 16.633570] __kasan_kmalloc+0xb7/0xc0 [ 16.634107] __kmalloc_cache_noprof+0x189/0x420 [ 16.634459] kasan_atomics+0x95/0x310 [ 16.635030] kunit_try_run_case+0x1a5/0x480 [ 16.635367] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.636003] kthread+0x337/0x6f0 [ 16.636251] ret_from_fork+0x116/0x1d0 [ 16.636440] ret_from_fork_asm+0x1a/0x30 [ 16.636626] [ 16.637037] The buggy address belongs to the object at ffff888103ad1980 [ 16.637037] which belongs to the cache kmalloc-64 of size 64 [ 16.637531] The buggy address is located 0 bytes to the right of [ 16.637531] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 16.638675] [ 16.638910] The buggy address belongs to the physical page: [ 16.639348] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 16.639896] flags: 0x200000000000000(node=0|zone=2) [ 16.640321] page_type: f5(slab) [ 16.640624] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.641103] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.641423] page dumped because: kasan: bad access detected [ 16.641656] [ 16.641993] Memory state around the buggy address: [ 16.642204] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.642469] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.642685] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.643006] ^ [ 16.643160] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.643375] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.643583] ================================================================== [ 15.618241] ================================================================== [ 15.619102] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 15.619379] Write of size 4 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 15.619609] [ 15.619931] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.620192] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.620210] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.620233] Call Trace: [ 15.620252] <TASK> [ 15.620270] dump_stack_lvl+0x73/0xb0 [ 15.620301] print_report+0xd1/0x650 [ 15.620335] ? __virt_addr_valid+0x1db/0x2d0 [ 15.620359] ? kasan_atomics_helper+0xc70/0x5450 [ 15.620381] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.620406] ? kasan_atomics_helper+0xc70/0x5450 [ 15.620430] kasan_report+0x141/0x180 [ 15.620453] ? kasan_atomics_helper+0xc70/0x5450 [ 15.620480] kasan_check_range+0x10c/0x1c0 [ 15.620505] __kasan_check_write+0x18/0x20 [ 15.620526] kasan_atomics_helper+0xc70/0x5450 [ 15.620550] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.620574] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.620601] ? kasan_atomics+0x152/0x310 [ 15.620628] kasan_atomics+0x1dc/0x310 [ 15.620678] ? __pfx_kasan_atomics+0x10/0x10 [ 15.620705] ? __pfx_read_tsc+0x10/0x10 [ 15.620728] ? ktime_get_ts64+0x86/0x230 [ 15.620764] kunit_try_run_case+0x1a5/0x480 [ 15.620790] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.620814] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.620840] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.620866] ? __kthread_parkme+0x82/0x180 [ 15.620888] ? preempt_count_sub+0x50/0x80 [ 15.620913] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.620939] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.620965] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.620992] kthread+0x337/0x6f0 [ 15.621011] ? trace_preempt_on+0x20/0xc0 [ 15.621036] ? __pfx_kthread+0x10/0x10 [ 15.621058] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.621081] ? calculate_sigpending+0x7b/0xa0 [ 15.621106] ? __pfx_kthread+0x10/0x10 [ 15.621129] ret_from_fork+0x116/0x1d0 [ 15.621149] ? __pfx_kthread+0x10/0x10 [ 15.621171] ret_from_fork_asm+0x1a/0x30 [ 15.621203] </TASK> [ 15.621215] [ 15.634279] Allocated by task 283: [ 15.634679] kasan_save_stack+0x45/0x70 [ 15.634950] kasan_save_track+0x18/0x40 [ 15.635243] kasan_save_alloc_info+0x3b/0x50 [ 15.635592] __kasan_kmalloc+0xb7/0xc0 [ 15.635948] __kmalloc_cache_noprof+0x189/0x420 [ 15.636278] kasan_atomics+0x95/0x310 [ 15.636461] kunit_try_run_case+0x1a5/0x480 [ 15.636853] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.637138] kthread+0x337/0x6f0 [ 15.637417] ret_from_fork+0x116/0x1d0 [ 15.637609] ret_from_fork_asm+0x1a/0x30 [ 15.638143] [ 15.638231] The buggy address belongs to the object at ffff888103ad1980 [ 15.638231] which belongs to the cache kmalloc-64 of size 64 [ 15.639314] The buggy address is located 0 bytes to the right of [ 15.639314] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 15.640093] [ 15.640204] The buggy address belongs to the physical page: [ 15.640445] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 15.640946] flags: 0x200000000000000(node=0|zone=2) [ 15.641350] page_type: f5(slab) [ 15.641641] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.641978] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.642289] page dumped because: kasan: bad access detected [ 15.642528] [ 15.642617] Memory state around the buggy address: [ 15.643179] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.643669] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.644170] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.644643] ^ [ 15.645000] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.645304] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.645597] ================================================================== [ 16.100791] ================================================================== [ 16.101140] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 16.101482] Write of size 8 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 16.101945] [ 16.102031] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.102073] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.102085] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.102106] Call Trace: [ 16.102120] <TASK> [ 16.102135] dump_stack_lvl+0x73/0xb0 [ 16.102163] print_report+0xd1/0x650 [ 16.102187] ? __virt_addr_valid+0x1db/0x2d0 [ 16.102211] ? kasan_atomics_helper+0x164f/0x5450 [ 16.102234] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.102258] ? kasan_atomics_helper+0x164f/0x5450 [ 16.102282] kasan_report+0x141/0x180 [ 16.102304] ? kasan_atomics_helper+0x164f/0x5450 [ 16.102332] kasan_check_range+0x10c/0x1c0 [ 16.102356] __kasan_check_write+0x18/0x20 [ 16.102384] kasan_atomics_helper+0x164f/0x5450 [ 16.102407] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.102431] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.102458] ? kasan_atomics+0x152/0x310 [ 16.102486] kasan_atomics+0x1dc/0x310 [ 16.102509] ? __pfx_kasan_atomics+0x10/0x10 [ 16.102534] ? __pfx_read_tsc+0x10/0x10 [ 16.102556] ? ktime_get_ts64+0x86/0x230 [ 16.102582] kunit_try_run_case+0x1a5/0x480 [ 16.102607] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.102631] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.102658] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.102683] ? __kthread_parkme+0x82/0x180 [ 16.102704] ? preempt_count_sub+0x50/0x80 [ 16.102730] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.102767] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.102793] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.102819] kthread+0x337/0x6f0 [ 16.102849] ? trace_preempt_on+0x20/0xc0 [ 16.102873] ? __pfx_kthread+0x10/0x10 [ 16.102895] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.102918] ? calculate_sigpending+0x7b/0xa0 [ 16.102942] ? __pfx_kthread+0x10/0x10 [ 16.102965] ret_from_fork+0x116/0x1d0 [ 16.102984] ? __pfx_kthread+0x10/0x10 [ 16.103005] ret_from_fork_asm+0x1a/0x30 [ 16.103037] </TASK> [ 16.103049] [ 16.110773] Allocated by task 283: [ 16.110931] kasan_save_stack+0x45/0x70 [ 16.111099] kasan_save_track+0x18/0x40 [ 16.111235] kasan_save_alloc_info+0x3b/0x50 [ 16.111448] __kasan_kmalloc+0xb7/0xc0 [ 16.111635] __kmalloc_cache_noprof+0x189/0x420 [ 16.111862] kasan_atomics+0x95/0x310 [ 16.112026] kunit_try_run_case+0x1a5/0x480 [ 16.112174] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.112357] kthread+0x337/0x6f0 [ 16.112513] ret_from_fork+0x116/0x1d0 [ 16.112698] ret_from_fork_asm+0x1a/0x30 [ 16.112904] [ 16.112997] The buggy address belongs to the object at ffff888103ad1980 [ 16.112997] which belongs to the cache kmalloc-64 of size 64 [ 16.113490] The buggy address is located 0 bytes to the right of [ 16.113490] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 16.113892] [ 16.113989] The buggy address belongs to the physical page: [ 16.114244] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 16.114600] flags: 0x200000000000000(node=0|zone=2) [ 16.114914] page_type: f5(slab) [ 16.115313] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.115954] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.116195] page dumped because: kasan: bad access detected [ 16.116363] [ 16.116432] Memory state around the buggy address: [ 16.116581] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.118357] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.118666] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.118999] ^ [ 16.119220] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.119586] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.121457] ================================================================== [ 16.514163] ================================================================== [ 16.514540] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 16.514908] Read of size 8 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 16.515139] [ 16.515223] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.515265] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.515277] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.515298] Call Trace: [ 16.515315] <TASK> [ 16.515331] dump_stack_lvl+0x73/0xb0 [ 16.515369] print_report+0xd1/0x650 [ 16.515393] ? __virt_addr_valid+0x1db/0x2d0 [ 16.515416] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.515451] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.515474] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.515498] kasan_report+0x141/0x180 [ 16.515520] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.515548] __asan_report_load8_noabort+0x18/0x20 [ 16.515574] kasan_atomics_helper+0x4f98/0x5450 [ 16.515598] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.515622] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.515648] ? kasan_atomics+0x152/0x310 [ 16.515675] kasan_atomics+0x1dc/0x310 [ 16.515698] ? __pfx_kasan_atomics+0x10/0x10 [ 16.515724] ? __pfx_read_tsc+0x10/0x10 [ 16.515754] ? ktime_get_ts64+0x86/0x230 [ 16.515779] kunit_try_run_case+0x1a5/0x480 [ 16.515804] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.515828] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.515853] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.515878] ? __kthread_parkme+0x82/0x180 [ 16.515899] ? preempt_count_sub+0x50/0x80 [ 16.515923] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.515949] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.515976] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.516002] kthread+0x337/0x6f0 [ 16.516029] ? trace_preempt_on+0x20/0xc0 [ 16.516063] ? __pfx_kthread+0x10/0x10 [ 16.516084] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.516107] ? calculate_sigpending+0x7b/0xa0 [ 16.516143] ? __pfx_kthread+0x10/0x10 [ 16.516165] ret_from_fork+0x116/0x1d0 [ 16.516184] ? __pfx_kthread+0x10/0x10 [ 16.516206] ret_from_fork_asm+0x1a/0x30 [ 16.516237] </TASK> [ 16.516249] [ 16.524277] Allocated by task 283: [ 16.524449] kasan_save_stack+0x45/0x70 [ 16.524632] kasan_save_track+0x18/0x40 [ 16.524893] kasan_save_alloc_info+0x3b/0x50 [ 16.525134] __kasan_kmalloc+0xb7/0xc0 [ 16.525312] __kmalloc_cache_noprof+0x189/0x420 [ 16.525639] kasan_atomics+0x95/0x310 [ 16.525815] kunit_try_run_case+0x1a5/0x480 [ 16.526026] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.526346] kthread+0x337/0x6f0 [ 16.526517] ret_from_fork+0x116/0x1d0 [ 16.526715] ret_from_fork_asm+0x1a/0x30 [ 16.526931] [ 16.527046] The buggy address belongs to the object at ffff888103ad1980 [ 16.527046] which belongs to the cache kmalloc-64 of size 64 [ 16.527588] The buggy address is located 0 bytes to the right of [ 16.527588] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 16.528027] [ 16.528098] The buggy address belongs to the physical page: [ 16.528263] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 16.528491] flags: 0x200000000000000(node=0|zone=2) [ 16.528644] page_type: f5(slab) [ 16.528784] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.529133] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.529486] page dumped because: kasan: bad access detected [ 16.529832] [ 16.529925] Memory state around the buggy address: [ 16.530144] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.530463] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.530822] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.531032] ^ [ 16.531180] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.531386] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.531588] ================================================================== [ 16.349315] ================================================================== [ 16.349610] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 16.350709] Read of size 8 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 16.351034] [ 16.351148] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.351347] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.351361] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.351383] Call Trace: [ 16.351401] <TASK> [ 16.351417] dump_stack_lvl+0x73/0xb0 [ 16.351447] print_report+0xd1/0x650 [ 16.351471] ? __virt_addr_valid+0x1db/0x2d0 [ 16.351496] ? kasan_atomics_helper+0x4f30/0x5450 [ 16.351519] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.351543] ? kasan_atomics_helper+0x4f30/0x5450 [ 16.351566] kasan_report+0x141/0x180 [ 16.351590] ? kasan_atomics_helper+0x4f30/0x5450 [ 16.351617] __asan_report_load8_noabort+0x18/0x20 [ 16.351644] kasan_atomics_helper+0x4f30/0x5450 [ 16.351681] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.351706] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.351733] ? kasan_atomics+0x152/0x310 [ 16.351773] kasan_atomics+0x1dc/0x310 [ 16.351796] ? __pfx_kasan_atomics+0x10/0x10 [ 16.351822] ? __pfx_read_tsc+0x10/0x10 [ 16.351844] ? ktime_get_ts64+0x86/0x230 [ 16.351869] kunit_try_run_case+0x1a5/0x480 [ 16.351895] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.351920] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.351946] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.351972] ? __kthread_parkme+0x82/0x180 [ 16.351993] ? preempt_count_sub+0x50/0x80 [ 16.352019] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.352045] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.352071] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.352098] kthread+0x337/0x6f0 [ 16.352118] ? trace_preempt_on+0x20/0xc0 [ 16.352143] ? __pfx_kthread+0x10/0x10 [ 16.352165] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.352188] ? calculate_sigpending+0x7b/0xa0 [ 16.352212] ? __pfx_kthread+0x10/0x10 [ 16.352235] ret_from_fork+0x116/0x1d0 [ 16.352254] ? __pfx_kthread+0x10/0x10 [ 16.352275] ret_from_fork_asm+0x1a/0x30 [ 16.352308] </TASK> [ 16.352319] [ 16.362249] Allocated by task 283: [ 16.362411] kasan_save_stack+0x45/0x70 [ 16.362617] kasan_save_track+0x18/0x40 [ 16.363127] kasan_save_alloc_info+0x3b/0x50 [ 16.363319] __kasan_kmalloc+0xb7/0xc0 [ 16.363640] __kmalloc_cache_noprof+0x189/0x420 [ 16.363948] kasan_atomics+0x95/0x310 [ 16.364235] kunit_try_run_case+0x1a5/0x480 [ 16.364430] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.364802] kthread+0x337/0x6f0 [ 16.364984] ret_from_fork+0x116/0x1d0 [ 16.365162] ret_from_fork_asm+0x1a/0x30 [ 16.365351] [ 16.365441] The buggy address belongs to the object at ffff888103ad1980 [ 16.365441] which belongs to the cache kmalloc-64 of size 64 [ 16.366207] The buggy address is located 0 bytes to the right of [ 16.366207] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 16.367030] [ 16.367134] The buggy address belongs to the physical page: [ 16.367508] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 16.367933] flags: 0x200000000000000(node=0|zone=2) [ 16.368251] page_type: f5(slab) [ 16.368425] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.368879] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.369258] page dumped because: kasan: bad access detected [ 16.369493] [ 16.369574] Memory state around the buggy address: [ 16.370038] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.370441] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.370902] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.371275] ^ [ 16.371559] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.372038] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.372333] ================================================================== [ 15.445868] ================================================================== [ 15.446128] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 15.446826] Write of size 4 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 15.447471] [ 15.447561] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.447605] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.447617] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.447638] Call Trace: [ 15.447667] <TASK> [ 15.447686] dump_stack_lvl+0x73/0xb0 [ 15.447718] print_report+0xd1/0x650 [ 15.447742] ? __virt_addr_valid+0x1db/0x2d0 [ 15.447779] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.447803] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.447828] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.447851] kasan_report+0x141/0x180 [ 15.447874] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.447903] kasan_check_range+0x10c/0x1c0 [ 15.447930] __kasan_check_write+0x18/0x20 [ 15.447951] kasan_atomics_helper+0x7c7/0x5450 [ 15.447975] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.447999] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.448026] ? kasan_atomics+0x152/0x310 [ 15.448054] kasan_atomics+0x1dc/0x310 [ 15.448078] ? __pfx_kasan_atomics+0x10/0x10 [ 15.448103] ? __pfx_read_tsc+0x10/0x10 [ 15.448126] ? ktime_get_ts64+0x86/0x230 [ 15.448152] kunit_try_run_case+0x1a5/0x480 [ 15.448178] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.448203] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.448229] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.448268] ? __kthread_parkme+0x82/0x180 [ 15.448298] ? preempt_count_sub+0x50/0x80 [ 15.448345] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.448371] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.448397] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.448424] kthread+0x337/0x6f0 [ 15.448444] ? trace_preempt_on+0x20/0xc0 [ 15.448470] ? __pfx_kthread+0x10/0x10 [ 15.448491] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.448514] ? calculate_sigpending+0x7b/0xa0 [ 15.448540] ? __pfx_kthread+0x10/0x10 [ 15.448563] ret_from_fork+0x116/0x1d0 [ 15.448583] ? __pfx_kthread+0x10/0x10 [ 15.448605] ret_from_fork_asm+0x1a/0x30 [ 15.448638] </TASK> [ 15.448659] [ 15.462146] Allocated by task 283: [ 15.462278] kasan_save_stack+0x45/0x70 [ 15.462429] kasan_save_track+0x18/0x40 [ 15.462563] kasan_save_alloc_info+0x3b/0x50 [ 15.462982] __kasan_kmalloc+0xb7/0xc0 [ 15.463407] __kmalloc_cache_noprof+0x189/0x420 [ 15.463903] kasan_atomics+0x95/0x310 [ 15.464407] kunit_try_run_case+0x1a5/0x480 [ 15.464906] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.465418] kthread+0x337/0x6f0 [ 15.465766] ret_from_fork+0x116/0x1d0 [ 15.466235] ret_from_fork_asm+0x1a/0x30 [ 15.466837] [ 15.467062] The buggy address belongs to the object at ffff888103ad1980 [ 15.467062] which belongs to the cache kmalloc-64 of size 64 [ 15.467596] The buggy address is located 0 bytes to the right of [ 15.467596] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 15.468841] [ 15.469117] The buggy address belongs to the physical page: [ 15.469466] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 15.469948] flags: 0x200000000000000(node=0|zone=2) [ 15.470423] page_type: f5(slab) [ 15.470793] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.471379] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.471607] page dumped because: kasan: bad access detected [ 15.472321] [ 15.472485] Memory state around the buggy address: [ 15.473039] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.473678] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.474205] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.474423] ^ [ 15.474574] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.475192] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.475907] ================================================================== [ 16.012136] ================================================================== [ 16.012535] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 16.012892] Read of size 8 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 16.014045] [ 16.014130] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.014174] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.014187] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.014208] Call Trace: [ 16.014224] <TASK> [ 16.014240] dump_stack_lvl+0x73/0xb0 [ 16.014268] print_report+0xd1/0x650 [ 16.014290] ? __virt_addr_valid+0x1db/0x2d0 [ 16.014314] ? kasan_atomics_helper+0x4eae/0x5450 [ 16.014337] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.014366] ? kasan_atomics_helper+0x4eae/0x5450 [ 16.014390] kasan_report+0x141/0x180 [ 16.014413] ? kasan_atomics_helper+0x4eae/0x5450 [ 16.014441] __asan_report_load8_noabort+0x18/0x20 [ 16.014467] kasan_atomics_helper+0x4eae/0x5450 [ 16.014492] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.014516] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.014544] ? kasan_atomics+0x152/0x310 [ 16.014574] kasan_atomics+0x1dc/0x310 [ 16.014597] ? __pfx_kasan_atomics+0x10/0x10 [ 16.014623] ? __pfx_read_tsc+0x10/0x10 [ 16.014645] ? ktime_get_ts64+0x86/0x230 [ 16.014683] kunit_try_run_case+0x1a5/0x480 [ 16.014708] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.014733] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.014770] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.014794] ? __kthread_parkme+0x82/0x180 [ 16.014816] ? preempt_count_sub+0x50/0x80 [ 16.014841] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.014866] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.014892] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.014918] kthread+0x337/0x6f0 [ 16.014937] ? trace_preempt_on+0x20/0xc0 [ 16.014962] ? __pfx_kthread+0x10/0x10 [ 16.014984] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.015006] ? calculate_sigpending+0x7b/0xa0 [ 16.015031] ? __pfx_kthread+0x10/0x10 [ 16.015053] ret_from_fork+0x116/0x1d0 [ 16.015073] ? __pfx_kthread+0x10/0x10 [ 16.015094] ret_from_fork_asm+0x1a/0x30 [ 16.015126] </TASK> [ 16.015137] [ 16.022757] Allocated by task 283: [ 16.022930] kasan_save_stack+0x45/0x70 [ 16.023073] kasan_save_track+0x18/0x40 [ 16.023207] kasan_save_alloc_info+0x3b/0x50 [ 16.023357] __kasan_kmalloc+0xb7/0xc0 [ 16.023526] __kmalloc_cache_noprof+0x189/0x420 [ 16.023715] kasan_atomics+0x95/0x310 [ 16.023905] kunit_try_run_case+0x1a5/0x480 [ 16.024117] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.024301] kthread+0x337/0x6f0 [ 16.024425] ret_from_fork+0x116/0x1d0 [ 16.024558] ret_from_fork_asm+0x1a/0x30 [ 16.024758] [ 16.024855] The buggy address belongs to the object at ffff888103ad1980 [ 16.024855] which belongs to the cache kmalloc-64 of size 64 [ 16.025390] The buggy address is located 0 bytes to the right of [ 16.025390] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 16.025890] [ 16.025964] The buggy address belongs to the physical page: [ 16.026167] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 16.026536] flags: 0x200000000000000(node=0|zone=2) [ 16.026939] page_type: f5(slab) [ 16.027109] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.027417] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.027762] page dumped because: kasan: bad access detected [ 16.027972] [ 16.028042] Memory state around the buggy address: [ 16.028196] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.028435] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.028765] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.029141] ^ [ 16.029298] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.029512] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.029805] ================================================================== [ 15.737599] ================================================================== [ 15.738731] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 15.739192] Write of size 4 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 15.739776] [ 15.740002] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.740049] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.740061] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.740082] Call Trace: [ 15.740097] <TASK> [ 15.740112] dump_stack_lvl+0x73/0xb0 [ 15.740143] print_report+0xd1/0x650 [ 15.740166] ? __virt_addr_valid+0x1db/0x2d0 [ 15.740210] ? kasan_atomics_helper+0xf10/0x5450 [ 15.740233] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.740258] ? kasan_atomics_helper+0xf10/0x5450 [ 15.740281] kasan_report+0x141/0x180 [ 15.740303] ? kasan_atomics_helper+0xf10/0x5450 [ 15.740330] kasan_check_range+0x10c/0x1c0 [ 15.740355] __kasan_check_write+0x18/0x20 [ 15.740376] kasan_atomics_helper+0xf10/0x5450 [ 15.740400] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.740424] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.740450] ? kasan_atomics+0x152/0x310 [ 15.740477] kasan_atomics+0x1dc/0x310 [ 15.740501] ? __pfx_kasan_atomics+0x10/0x10 [ 15.740526] ? __pfx_read_tsc+0x10/0x10 [ 15.740548] ? ktime_get_ts64+0x86/0x230 [ 15.740573] kunit_try_run_case+0x1a5/0x480 [ 15.740598] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.740622] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.740662] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.740688] ? __kthread_parkme+0x82/0x180 [ 15.740709] ? preempt_count_sub+0x50/0x80 [ 15.740734] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.740771] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.740796] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.740823] kthread+0x337/0x6f0 [ 15.740843] ? trace_preempt_on+0x20/0xc0 [ 15.740868] ? __pfx_kthread+0x10/0x10 [ 15.740889] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.740912] ? calculate_sigpending+0x7b/0xa0 [ 15.740937] ? __pfx_kthread+0x10/0x10 [ 15.740959] ret_from_fork+0x116/0x1d0 [ 15.740978] ? __pfx_kthread+0x10/0x10 [ 15.741001] ret_from_fork_asm+0x1a/0x30 [ 15.741033] </TASK> [ 15.741044] [ 15.753647] Allocated by task 283: [ 15.753986] kasan_save_stack+0x45/0x70 [ 15.754191] kasan_save_track+0x18/0x40 [ 15.754329] kasan_save_alloc_info+0x3b/0x50 [ 15.754486] __kasan_kmalloc+0xb7/0xc0 [ 15.754623] __kmalloc_cache_noprof+0x189/0x420 [ 15.755047] kasan_atomics+0x95/0x310 [ 15.755374] kunit_try_run_case+0x1a5/0x480 [ 15.755798] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.756278] kthread+0x337/0x6f0 [ 15.756569] ret_from_fork+0x116/0x1d0 [ 15.756935] ret_from_fork_asm+0x1a/0x30 [ 15.757295] [ 15.757456] The buggy address belongs to the object at ffff888103ad1980 [ 15.757456] which belongs to the cache kmalloc-64 of size 64 [ 15.758322] The buggy address is located 0 bytes to the right of [ 15.758322] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 15.758718] [ 15.758886] The buggy address belongs to the physical page: [ 15.759355] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 15.760255] flags: 0x200000000000000(node=0|zone=2) [ 15.760830] page_type: f5(slab) [ 15.761121] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.761788] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.762120] page dumped because: kasan: bad access detected [ 15.762294] [ 15.762368] Memory state around the buggy address: [ 15.762523] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.762834] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.763430] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.764104] ^ [ 15.764514] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.765149] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.765767] ================================================================== [ 15.571889] ================================================================== [ 15.572419] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 15.572871] Write of size 4 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 15.573394] [ 15.573554] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.573713] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.573729] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.573759] Call Trace: [ 15.573774] <TASK> [ 15.573790] dump_stack_lvl+0x73/0xb0 [ 15.573821] print_report+0xd1/0x650 [ 15.573845] ? __virt_addr_valid+0x1db/0x2d0 [ 15.573869] ? kasan_atomics_helper+0xac7/0x5450 [ 15.573891] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.573916] ? kasan_atomics_helper+0xac7/0x5450 [ 15.573939] kasan_report+0x141/0x180 [ 15.573962] ? kasan_atomics_helper+0xac7/0x5450 [ 15.573989] kasan_check_range+0x10c/0x1c0 [ 15.574014] __kasan_check_write+0x18/0x20 [ 15.574035] kasan_atomics_helper+0xac7/0x5450 [ 15.574059] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.574083] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.574110] ? kasan_atomics+0x152/0x310 [ 15.574137] kasan_atomics+0x1dc/0x310 [ 15.574160] ? __pfx_kasan_atomics+0x10/0x10 [ 15.574187] ? __pfx_read_tsc+0x10/0x10 [ 15.574210] ? ktime_get_ts64+0x86/0x230 [ 15.574235] kunit_try_run_case+0x1a5/0x480 [ 15.574261] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.574286] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.574311] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.574337] ? __kthread_parkme+0x82/0x180 [ 15.574358] ? preempt_count_sub+0x50/0x80 [ 15.574390] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.574416] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.574442] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.574470] kthread+0x337/0x6f0 [ 15.574490] ? trace_preempt_on+0x20/0xc0 [ 15.574516] ? __pfx_kthread+0x10/0x10 [ 15.574538] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.574562] ? calculate_sigpending+0x7b/0xa0 [ 15.574587] ? __pfx_kthread+0x10/0x10 [ 15.574609] ret_from_fork+0x116/0x1d0 [ 15.574629] ? __pfx_kthread+0x10/0x10 [ 15.574652] ret_from_fork_asm+0x1a/0x30 [ 15.574687] </TASK> [ 15.574699] [ 15.582606] Allocated by task 283: [ 15.582740] kasan_save_stack+0x45/0x70 [ 15.582891] kasan_save_track+0x18/0x40 [ 15.583063] kasan_save_alloc_info+0x3b/0x50 [ 15.583278] __kasan_kmalloc+0xb7/0xc0 [ 15.583469] __kmalloc_cache_noprof+0x189/0x420 [ 15.583848] kasan_atomics+0x95/0x310 [ 15.584049] kunit_try_run_case+0x1a5/0x480 [ 15.584256] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.584497] kthread+0x337/0x6f0 [ 15.584661] ret_from_fork+0x116/0x1d0 [ 15.584864] ret_from_fork_asm+0x1a/0x30 [ 15.585107] [ 15.585203] The buggy address belongs to the object at ffff888103ad1980 [ 15.585203] which belongs to the cache kmalloc-64 of size 64 [ 15.585765] The buggy address is located 0 bytes to the right of [ 15.585765] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 15.586343] [ 15.586506] The buggy address belongs to the physical page: [ 15.586818] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 15.587175] flags: 0x200000000000000(node=0|zone=2) [ 15.587486] page_type: f5(slab) [ 15.587660] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.588029] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.588291] page dumped because: kasan: bad access detected [ 15.588533] [ 15.588674] Memory state around the buggy address: [ 15.588940] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.589302] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.589649] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.589915] ^ [ 15.590178] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.590537] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.590965] ================================================================== [ 15.210345] ================================================================== [ 15.210583] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 15.211422] Read of size 4 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 15.212128] [ 15.212304] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.212347] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.212359] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.212379] Call Trace: [ 15.212395] <TASK> [ 15.212410] dump_stack_lvl+0x73/0xb0 [ 15.212440] print_report+0xd1/0x650 [ 15.212463] ? __virt_addr_valid+0x1db/0x2d0 [ 15.212486] ? kasan_atomics_helper+0x3df/0x5450 [ 15.212507] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.212530] ? kasan_atomics_helper+0x3df/0x5450 [ 15.212552] kasan_report+0x141/0x180 [ 15.212574] ? kasan_atomics_helper+0x3df/0x5450 [ 15.212600] kasan_check_range+0x10c/0x1c0 [ 15.212624] __kasan_check_read+0x15/0x20 [ 15.212722] kasan_atomics_helper+0x3df/0x5450 [ 15.212756] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.212780] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.212806] ? kasan_atomics+0x152/0x310 [ 15.212833] kasan_atomics+0x1dc/0x310 [ 15.212856] ? __pfx_kasan_atomics+0x10/0x10 [ 15.212881] ? __pfx_read_tsc+0x10/0x10 [ 15.212901] ? ktime_get_ts64+0x86/0x230 [ 15.212926] kunit_try_run_case+0x1a5/0x480 [ 15.212951] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.212974] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.213000] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.213024] ? __kthread_parkme+0x82/0x180 [ 15.213045] ? preempt_count_sub+0x50/0x80 [ 15.213069] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.213094] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.213119] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.213146] kthread+0x337/0x6f0 [ 15.213165] ? trace_preempt_on+0x20/0xc0 [ 15.213189] ? __pfx_kthread+0x10/0x10 [ 15.213209] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.213231] ? calculate_sigpending+0x7b/0xa0 [ 15.213256] ? __pfx_kthread+0x10/0x10 [ 15.213278] ret_from_fork+0x116/0x1d0 [ 15.213297] ? __pfx_kthread+0x10/0x10 [ 15.213317] ret_from_fork_asm+0x1a/0x30 [ 15.213348] </TASK> [ 15.213358] [ 15.226219] Allocated by task 283: [ 15.226536] kasan_save_stack+0x45/0x70 [ 15.226987] kasan_save_track+0x18/0x40 [ 15.227333] kasan_save_alloc_info+0x3b/0x50 [ 15.227793] __kasan_kmalloc+0xb7/0xc0 [ 15.228138] __kmalloc_cache_noprof+0x189/0x420 [ 15.228358] kasan_atomics+0x95/0x310 [ 15.228492] kunit_try_run_case+0x1a5/0x480 [ 15.228707] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.229196] kthread+0x337/0x6f0 [ 15.229490] ret_from_fork+0x116/0x1d0 [ 15.229898] ret_from_fork_asm+0x1a/0x30 [ 15.230259] [ 15.230416] The buggy address belongs to the object at ffff888103ad1980 [ 15.230416] which belongs to the cache kmalloc-64 of size 64 [ 15.231193] The buggy address is located 0 bytes to the right of [ 15.231193] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 15.231565] [ 15.231718] The buggy address belongs to the physical page: [ 15.232326] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 15.233075] flags: 0x200000000000000(node=0|zone=2) [ 15.233537] page_type: f5(slab) [ 15.233970] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.234243] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.234477] page dumped because: kasan: bad access detected [ 15.234768] [ 15.234926] Memory state around the buggy address: [ 15.235341] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.236166] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.236867] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.237465] ^ [ 15.237889] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.238109] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.238322] ================================================================== [ 15.323282] ================================================================== [ 15.323577] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 15.323880] Write of size 4 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 15.324221] [ 15.324401] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.324463] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.324475] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.324496] Call Trace: [ 15.324510] <TASK> [ 15.324526] dump_stack_lvl+0x73/0xb0 [ 15.324554] print_report+0xd1/0x650 [ 15.324578] ? __virt_addr_valid+0x1db/0x2d0 [ 15.324601] ? kasan_atomics_helper+0x565/0x5450 [ 15.324624] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.324673] ? kasan_atomics_helper+0x565/0x5450 [ 15.324697] kasan_report+0x141/0x180 [ 15.324722] ? kasan_atomics_helper+0x565/0x5450 [ 15.324763] kasan_check_range+0x10c/0x1c0 [ 15.324789] __kasan_check_write+0x18/0x20 [ 15.324809] kasan_atomics_helper+0x565/0x5450 [ 15.324834] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.324872] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.324926] ? kasan_atomics+0x152/0x310 [ 15.324953] kasan_atomics+0x1dc/0x310 [ 15.324977] ? __pfx_kasan_atomics+0x10/0x10 [ 15.325005] ? __pfx_read_tsc+0x10/0x10 [ 15.325027] ? ktime_get_ts64+0x86/0x230 [ 15.325054] kunit_try_run_case+0x1a5/0x480 [ 15.325079] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.325104] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.325129] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.325155] ? __kthread_parkme+0x82/0x180 [ 15.325176] ? preempt_count_sub+0x50/0x80 [ 15.325201] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.325227] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.325253] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.325280] kthread+0x337/0x6f0 [ 15.325300] ? trace_preempt_on+0x20/0xc0 [ 15.325325] ? __pfx_kthread+0x10/0x10 [ 15.325347] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.325370] ? calculate_sigpending+0x7b/0xa0 [ 15.325395] ? __pfx_kthread+0x10/0x10 [ 15.325419] ret_from_fork+0x116/0x1d0 [ 15.325440] ? __pfx_kthread+0x10/0x10 [ 15.325464] ret_from_fork_asm+0x1a/0x30 [ 15.325495] </TASK> [ 15.325506] [ 15.333718] Allocated by task 283: [ 15.333858] kasan_save_stack+0x45/0x70 [ 15.334170] kasan_save_track+0x18/0x40 [ 15.334370] kasan_save_alloc_info+0x3b/0x50 [ 15.334522] __kasan_kmalloc+0xb7/0xc0 [ 15.334681] __kmalloc_cache_noprof+0x189/0x420 [ 15.334850] kasan_atomics+0x95/0x310 [ 15.335011] kunit_try_run_case+0x1a5/0x480 [ 15.335217] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.335471] kthread+0x337/0x6f0 [ 15.335654] ret_from_fork+0x116/0x1d0 [ 15.336062] ret_from_fork_asm+0x1a/0x30 [ 15.336280] [ 15.336353] The buggy address belongs to the object at ffff888103ad1980 [ 15.336353] which belongs to the cache kmalloc-64 of size 64 [ 15.336887] The buggy address is located 0 bytes to the right of [ 15.336887] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 15.337566] [ 15.337679] The buggy address belongs to the physical page: [ 15.337898] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 15.338141] flags: 0x200000000000000(node=0|zone=2) [ 15.338365] page_type: f5(slab) [ 15.338510] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.338777] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.339003] page dumped because: kasan: bad access detected [ 15.339220] [ 15.339315] Memory state around the buggy address: [ 15.339541] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.342214] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.343905] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.344454] ^ [ 15.344622] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.346337] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.347117] ================================================================== [ 15.414285] ================================================================== [ 15.415059] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 15.415769] Write of size 4 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 15.416416] [ 15.416624] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.416669] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.416681] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.416703] Call Trace: [ 15.416719] <TASK> [ 15.416753] dump_stack_lvl+0x73/0xb0 [ 15.416884] print_report+0xd1/0x650 [ 15.416907] ? __virt_addr_valid+0x1db/0x2d0 [ 15.416931] ? kasan_atomics_helper+0x72f/0x5450 [ 15.416954] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.416978] ? kasan_atomics_helper+0x72f/0x5450 [ 15.417002] kasan_report+0x141/0x180 [ 15.417025] ? kasan_atomics_helper+0x72f/0x5450 [ 15.417052] kasan_check_range+0x10c/0x1c0 [ 15.417078] __kasan_check_write+0x18/0x20 [ 15.417099] kasan_atomics_helper+0x72f/0x5450 [ 15.417124] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.417148] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.417174] ? kasan_atomics+0x152/0x310 [ 15.417202] kasan_atomics+0x1dc/0x310 [ 15.417226] ? __pfx_kasan_atomics+0x10/0x10 [ 15.417251] ? __pfx_read_tsc+0x10/0x10 [ 15.417272] ? ktime_get_ts64+0x86/0x230 [ 15.417297] kunit_try_run_case+0x1a5/0x480 [ 15.417322] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.417347] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.417372] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.417398] ? __kthread_parkme+0x82/0x180 [ 15.417420] ? preempt_count_sub+0x50/0x80 [ 15.417445] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.417470] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.417496] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.417523] kthread+0x337/0x6f0 [ 15.417543] ? trace_preempt_on+0x20/0xc0 [ 15.417567] ? __pfx_kthread+0x10/0x10 [ 15.417589] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.417613] ? calculate_sigpending+0x7b/0xa0 [ 15.417637] ? __pfx_kthread+0x10/0x10 [ 15.417705] ret_from_fork+0x116/0x1d0 [ 15.417725] ? __pfx_kthread+0x10/0x10 [ 15.417758] ret_from_fork_asm+0x1a/0x30 [ 15.417790] </TASK> [ 15.417801] [ 15.431024] Allocated by task 283: [ 15.431349] kasan_save_stack+0x45/0x70 [ 15.431729] kasan_save_track+0x18/0x40 [ 15.431908] kasan_save_alloc_info+0x3b/0x50 [ 15.432335] __kasan_kmalloc+0xb7/0xc0 [ 15.432646] __kmalloc_cache_noprof+0x189/0x420 [ 15.433077] kasan_atomics+0x95/0x310 [ 15.433224] kunit_try_run_case+0x1a5/0x480 [ 15.433376] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.433554] kthread+0x337/0x6f0 [ 15.433985] ret_from_fork+0x116/0x1d0 [ 15.434459] ret_from_fork_asm+0x1a/0x30 [ 15.434960] [ 15.435124] The buggy address belongs to the object at ffff888103ad1980 [ 15.435124] which belongs to the cache kmalloc-64 of size 64 [ 15.436361] The buggy address is located 0 bytes to the right of [ 15.436361] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 15.437590] [ 15.437782] The buggy address belongs to the physical page: [ 15.438255] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 15.438541] flags: 0x200000000000000(node=0|zone=2) [ 15.438922] page_type: f5(slab) [ 15.439250] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.439973] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.440807] page dumped because: kasan: bad access detected [ 15.441254] [ 15.441339] Memory state around the buggy address: [ 15.441499] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.441949] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.442731] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.443364] ^ [ 15.443859] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.444471] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.445122] ================================================================== [ 16.672727] ================================================================== [ 16.673119] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 16.673553] Read of size 8 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 16.674246] [ 16.674350] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.674612] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.674628] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.674650] Call Trace: [ 16.674667] <TASK> [ 16.674684] dump_stack_lvl+0x73/0xb0 [ 16.674715] print_report+0xd1/0x650 [ 16.674782] ? __virt_addr_valid+0x1db/0x2d0 [ 16.674806] ? kasan_atomics_helper+0x5115/0x5450 [ 16.674829] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.674854] ? kasan_atomics_helper+0x5115/0x5450 [ 16.674879] kasan_report+0x141/0x180 [ 16.674902] ? kasan_atomics_helper+0x5115/0x5450 [ 16.674929] __asan_report_load8_noabort+0x18/0x20 [ 16.674956] kasan_atomics_helper+0x5115/0x5450 [ 16.674979] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.675003] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.675029] ? kasan_atomics+0x152/0x310 [ 16.675057] kasan_atomics+0x1dc/0x310 [ 16.675080] ? __pfx_kasan_atomics+0x10/0x10 [ 16.675106] ? __pfx_read_tsc+0x10/0x10 [ 16.675127] ? ktime_get_ts64+0x86/0x230 [ 16.675151] kunit_try_run_case+0x1a5/0x480 [ 16.675176] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.675201] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.675226] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.675252] ? __kthread_parkme+0x82/0x180 [ 16.675273] ? preempt_count_sub+0x50/0x80 [ 16.675298] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.675324] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.675350] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.675377] kthread+0x337/0x6f0 [ 16.675399] ? trace_preempt_on+0x20/0xc0 [ 16.675424] ? __pfx_kthread+0x10/0x10 [ 16.675446] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.675468] ? calculate_sigpending+0x7b/0xa0 [ 16.675493] ? __pfx_kthread+0x10/0x10 [ 16.675516] ret_from_fork+0x116/0x1d0 [ 16.675535] ? __pfx_kthread+0x10/0x10 [ 16.675557] ret_from_fork_asm+0x1a/0x30 [ 16.675588] </TASK> [ 16.675599] [ 16.687570] Allocated by task 283: [ 16.687860] kasan_save_stack+0x45/0x70 [ 16.688269] kasan_save_track+0x18/0x40 [ 16.688642] kasan_save_alloc_info+0x3b/0x50 [ 16.688959] __kasan_kmalloc+0xb7/0xc0 [ 16.689339] __kmalloc_cache_noprof+0x189/0x420 [ 16.689577] kasan_atomics+0x95/0x310 [ 16.689906] kunit_try_run_case+0x1a5/0x480 [ 16.690323] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.690788] kthread+0x337/0x6f0 [ 16.690916] ret_from_fork+0x116/0x1d0 [ 16.691052] ret_from_fork_asm+0x1a/0x30 [ 16.691194] [ 16.691265] The buggy address belongs to the object at ffff888103ad1980 [ 16.691265] which belongs to the cache kmalloc-64 of size 64 [ 16.691618] The buggy address is located 0 bytes to the right of [ 16.691618] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 16.692789] [ 16.692956] The buggy address belongs to the physical page: [ 16.693486] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 16.694246] flags: 0x200000000000000(node=0|zone=2) [ 16.694787] page_type: f5(slab) [ 16.695104] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.695818] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.696468] page dumped because: kasan: bad access detected [ 16.696815] [ 16.696901] Memory state around the buggy address: [ 16.697220] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.697438] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.697668] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.697892] ^ [ 16.698048] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.698267] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.698586] ================================================================== [ 15.664815] ================================================================== [ 15.665163] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 15.665783] Write of size 4 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 15.666141] [ 15.666250] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.666291] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.666303] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.666323] Call Trace: [ 15.666339] <TASK> [ 15.666354] dump_stack_lvl+0x73/0xb0 [ 15.666391] print_report+0xd1/0x650 [ 15.666414] ? __virt_addr_valid+0x1db/0x2d0 [ 15.666439] ? kasan_atomics_helper+0xd47/0x5450 [ 15.666461] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.666485] ? kasan_atomics_helper+0xd47/0x5450 [ 15.666508] kasan_report+0x141/0x180 [ 15.666531] ? kasan_atomics_helper+0xd47/0x5450 [ 15.666559] kasan_check_range+0x10c/0x1c0 [ 15.666584] __kasan_check_write+0x18/0x20 [ 15.666604] kasan_atomics_helper+0xd47/0x5450 [ 15.666628] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.666653] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.666679] ? kasan_atomics+0x152/0x310 [ 15.666706] kasan_atomics+0x1dc/0x310 [ 15.666730] ? __pfx_kasan_atomics+0x10/0x10 [ 15.666767] ? __pfx_read_tsc+0x10/0x10 [ 15.666789] ? ktime_get_ts64+0x86/0x230 [ 15.666814] kunit_try_run_case+0x1a5/0x480 [ 15.666839] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.666863] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.666897] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.666922] ? __kthread_parkme+0x82/0x180 [ 15.666943] ? preempt_count_sub+0x50/0x80 [ 15.666968] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.666994] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.667020] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.667046] kthread+0x337/0x6f0 [ 15.667066] ? trace_preempt_on+0x20/0xc0 [ 15.667091] ? __pfx_kthread+0x10/0x10 [ 15.667113] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.667136] ? calculate_sigpending+0x7b/0xa0 [ 15.667160] ? __pfx_kthread+0x10/0x10 [ 15.667183] ret_from_fork+0x116/0x1d0 [ 15.667203] ? __pfx_kthread+0x10/0x10 [ 15.667225] ret_from_fork_asm+0x1a/0x30 [ 15.667256] </TASK> [ 15.667267] [ 15.674443] Allocated by task 283: [ 15.674574] kasan_save_stack+0x45/0x70 [ 15.674763] kasan_save_track+0x18/0x40 [ 15.674954] kasan_save_alloc_info+0x3b/0x50 [ 15.675167] __kasan_kmalloc+0xb7/0xc0 [ 15.675355] __kmalloc_cache_noprof+0x189/0x420 [ 15.675577] kasan_atomics+0x95/0x310 [ 15.675932] kunit_try_run_case+0x1a5/0x480 [ 15.676162] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.676416] kthread+0x337/0x6f0 [ 15.676538] ret_from_fork+0x116/0x1d0 [ 15.676689] ret_from_fork_asm+0x1a/0x30 [ 15.676904] [ 15.677001] The buggy address belongs to the object at ffff888103ad1980 [ 15.677001] which belongs to the cache kmalloc-64 of size 64 [ 15.677503] The buggy address is located 0 bytes to the right of [ 15.677503] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 15.678017] [ 15.678116] The buggy address belongs to the physical page: [ 15.678323] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 15.678608] flags: 0x200000000000000(node=0|zone=2) [ 15.679010] page_type: f5(slab) [ 15.679132] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.679361] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.679595] page dumped because: kasan: bad access detected [ 15.680042] [ 15.680136] Memory state around the buggy address: [ 15.680360] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.680685] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.681027] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.681280] ^ [ 15.681495] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.681855] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.682152] ================================================================== [ 15.090281] ================================================================== [ 15.091503] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 15.092015] Read of size 4 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 15.093230] [ 15.093461] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.093512] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.093524] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.093547] Call Trace: [ 15.093561] <TASK> [ 15.093577] dump_stack_lvl+0x73/0xb0 [ 15.093608] print_report+0xd1/0x650 [ 15.093631] ? __virt_addr_valid+0x1db/0x2d0 [ 15.093840] ? kasan_atomics_helper+0x4bbc/0x5450 [ 15.093868] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.093893] ? kasan_atomics_helper+0x4bbc/0x5450 [ 15.093915] kasan_report+0x141/0x180 [ 15.093938] ? kasan_atomics_helper+0x4bbc/0x5450 [ 15.093964] __asan_report_load4_noabort+0x18/0x20 [ 15.093989] kasan_atomics_helper+0x4bbc/0x5450 [ 15.094012] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.094036] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.094062] ? kasan_atomics+0x152/0x310 [ 15.094089] kasan_atomics+0x1dc/0x310 [ 15.094111] ? __pfx_kasan_atomics+0x10/0x10 [ 15.094136] ? __pfx_read_tsc+0x10/0x10 [ 15.094157] ? ktime_get_ts64+0x86/0x230 [ 15.094181] kunit_try_run_case+0x1a5/0x480 [ 15.094206] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.094229] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.094254] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.094278] ? __kthread_parkme+0x82/0x180 [ 15.094298] ? preempt_count_sub+0x50/0x80 [ 15.094323] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.094348] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.094379] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.094404] kthread+0x337/0x6f0 [ 15.094424] ? trace_preempt_on+0x20/0xc0 [ 15.094448] ? __pfx_kthread+0x10/0x10 [ 15.094468] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.094491] ? calculate_sigpending+0x7b/0xa0 [ 15.094515] ? __pfx_kthread+0x10/0x10 [ 15.094536] ret_from_fork+0x116/0x1d0 [ 15.094554] ? __pfx_kthread+0x10/0x10 [ 15.094574] ret_from_fork_asm+0x1a/0x30 [ 15.094605] </TASK> [ 15.094616] [ 15.112028] Allocated by task 283: [ 15.112175] kasan_save_stack+0x45/0x70 [ 15.112334] kasan_save_track+0x18/0x40 [ 15.112467] kasan_save_alloc_info+0x3b/0x50 [ 15.112611] __kasan_kmalloc+0xb7/0xc0 [ 15.113318] __kmalloc_cache_noprof+0x189/0x420 [ 15.113791] kasan_atomics+0x95/0x310 [ 15.114238] kunit_try_run_case+0x1a5/0x480 [ 15.114673] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.115292] kthread+0x337/0x6f0 [ 15.115623] ret_from_fork+0x116/0x1d0 [ 15.116123] ret_from_fork_asm+0x1a/0x30 [ 15.116276] [ 15.116349] The buggy address belongs to the object at ffff888103ad1980 [ 15.116349] which belongs to the cache kmalloc-64 of size 64 [ 15.116721] The buggy address is located 0 bytes to the right of [ 15.116721] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 15.117480] [ 15.117559] The buggy address belongs to the physical page: [ 15.118372] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 15.119501] flags: 0x200000000000000(node=0|zone=2) [ 15.120000] page_type: f5(slab) [ 15.120131] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.120361] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.120586] page dumped because: kasan: bad access detected [ 15.120783] [ 15.120852] Memory state around the buggy address: [ 15.121397] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.121985] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.122406] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.122864] ^ [ 15.123128] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.123376] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.123688] ================================================================== [ 16.590901] ================================================================== [ 16.591218] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 16.591534] Write of size 8 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 16.592419] [ 16.592544] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.592591] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.592605] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.592626] Call Trace: [ 16.592642] <TASK> [ 16.592823] dump_stack_lvl+0x73/0xb0 [ 16.592872] print_report+0xd1/0x650 [ 16.592897] ? __virt_addr_valid+0x1db/0x2d0 [ 16.592921] ? kasan_atomics_helper+0x218a/0x5450 [ 16.592943] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.592983] ? kasan_atomics_helper+0x218a/0x5450 [ 16.593007] kasan_report+0x141/0x180 [ 16.593064] ? kasan_atomics_helper+0x218a/0x5450 [ 16.593095] kasan_check_range+0x10c/0x1c0 [ 16.593133] __kasan_check_write+0x18/0x20 [ 16.593154] kasan_atomics_helper+0x218a/0x5450 [ 16.593179] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.593215] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.593242] ? kasan_atomics+0x152/0x310 [ 16.593280] kasan_atomics+0x1dc/0x310 [ 16.593304] ? __pfx_kasan_atomics+0x10/0x10 [ 16.593330] ? __pfx_read_tsc+0x10/0x10 [ 16.593364] ? ktime_get_ts64+0x86/0x230 [ 16.593390] kunit_try_run_case+0x1a5/0x480 [ 16.593415] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.593450] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.593475] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.593512] ? __kthread_parkme+0x82/0x180 [ 16.593535] ? preempt_count_sub+0x50/0x80 [ 16.593560] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.593597] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.593624] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.593674] kthread+0x337/0x6f0 [ 16.593696] ? trace_preempt_on+0x20/0xc0 [ 16.593722] ? __pfx_kthread+0x10/0x10 [ 16.593766] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.593790] ? calculate_sigpending+0x7b/0xa0 [ 16.593814] ? __pfx_kthread+0x10/0x10 [ 16.593849] ret_from_fork+0x116/0x1d0 [ 16.593869] ? __pfx_kthread+0x10/0x10 [ 16.593890] ret_from_fork_asm+0x1a/0x30 [ 16.593933] </TASK> [ 16.593945] [ 16.605460] Allocated by task 283: [ 16.605641] kasan_save_stack+0x45/0x70 [ 16.606089] kasan_save_track+0x18/0x40 [ 16.606272] kasan_save_alloc_info+0x3b/0x50 [ 16.606478] __kasan_kmalloc+0xb7/0xc0 [ 16.606655] __kmalloc_cache_noprof+0x189/0x420 [ 16.607153] kasan_atomics+0x95/0x310 [ 16.607331] kunit_try_run_case+0x1a5/0x480 [ 16.607525] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.608040] kthread+0x337/0x6f0 [ 16.608464] ret_from_fork+0x116/0x1d0 [ 16.608853] ret_from_fork_asm+0x1a/0x30 [ 16.609082] [ 16.609174] The buggy address belongs to the object at ffff888103ad1980 [ 16.609174] which belongs to the cache kmalloc-64 of size 64 [ 16.609910] The buggy address is located 0 bytes to the right of [ 16.609910] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 16.610498] [ 16.610597] The buggy address belongs to the physical page: [ 16.611136] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 16.611807] flags: 0x200000000000000(node=0|zone=2) [ 16.612112] page_type: f5(slab) [ 16.612537] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.613002] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.613314] page dumped because: kasan: bad access detected [ 16.613548] [ 16.613639] Memory state around the buggy address: [ 16.614155] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.614597] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.615171] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.615618] ^ [ 16.615849] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.616138] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.616426] ================================================================== [ 16.064940] ================================================================== [ 16.065240] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 16.065960] Write of size 8 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 16.066226] [ 16.066387] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.066463] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.066474] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.066495] Call Trace: [ 16.066508] <TASK> [ 16.066522] dump_stack_lvl+0x73/0xb0 [ 16.066550] print_report+0xd1/0x650 [ 16.066573] ? __virt_addr_valid+0x1db/0x2d0 [ 16.066596] ? kasan_atomics_helper+0x151d/0x5450 [ 16.066619] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.066654] ? kasan_atomics_helper+0x151d/0x5450 [ 16.066677] kasan_report+0x141/0x180 [ 16.066851] ? kasan_atomics_helper+0x151d/0x5450 [ 16.066895] kasan_check_range+0x10c/0x1c0 [ 16.066920] __kasan_check_write+0x18/0x20 [ 16.066941] kasan_atomics_helper+0x151d/0x5450 [ 16.066965] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.066989] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.067016] ? kasan_atomics+0x152/0x310 [ 16.067043] kasan_atomics+0x1dc/0x310 [ 16.067067] ? __pfx_kasan_atomics+0x10/0x10 [ 16.067093] ? __pfx_read_tsc+0x10/0x10 [ 16.067113] ? ktime_get_ts64+0x86/0x230 [ 16.067138] kunit_try_run_case+0x1a5/0x480 [ 16.067165] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.067189] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.067215] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.067240] ? __kthread_parkme+0x82/0x180 [ 16.067261] ? preempt_count_sub+0x50/0x80 [ 16.067288] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.067315] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.067341] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.067367] kthread+0x337/0x6f0 [ 16.067388] ? trace_preempt_on+0x20/0xc0 [ 16.067412] ? __pfx_kthread+0x10/0x10 [ 16.067434] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.067457] ? calculate_sigpending+0x7b/0xa0 [ 16.067481] ? __pfx_kthread+0x10/0x10 [ 16.067505] ret_from_fork+0x116/0x1d0 [ 16.067524] ? __pfx_kthread+0x10/0x10 [ 16.067546] ret_from_fork_asm+0x1a/0x30 [ 16.067577] </TASK> [ 16.067588] [ 16.075235] Allocated by task 283: [ 16.075370] kasan_save_stack+0x45/0x70 [ 16.075514] kasan_save_track+0x18/0x40 [ 16.075651] kasan_save_alloc_info+0x3b/0x50 [ 16.075890] __kasan_kmalloc+0xb7/0xc0 [ 16.076080] __kmalloc_cache_noprof+0x189/0x420 [ 16.076302] kasan_atomics+0x95/0x310 [ 16.076489] kunit_try_run_case+0x1a5/0x480 [ 16.076701] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.076900] kthread+0x337/0x6f0 [ 16.077073] ret_from_fork+0x116/0x1d0 [ 16.077262] ret_from_fork_asm+0x1a/0x30 [ 16.077426] [ 16.077522] The buggy address belongs to the object at ffff888103ad1980 [ 16.077522] which belongs to the cache kmalloc-64 of size 64 [ 16.078018] The buggy address is located 0 bytes to the right of [ 16.078018] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 16.078521] [ 16.078618] The buggy address belongs to the physical page: [ 16.078906] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 16.079155] flags: 0x200000000000000(node=0|zone=2) [ 16.079318] page_type: f5(slab) [ 16.079439] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.079688] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.080045] page dumped because: kasan: bad access detected [ 16.080302] [ 16.080398] Memory state around the buggy address: [ 16.080611] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.080982] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.081221] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.081431] ^ [ 16.081614] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.082247] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.082541] ================================================================== [ 16.030381] ================================================================== [ 16.030809] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 16.031158] Write of size 8 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 16.031454] [ 16.031534] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.031575] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.031588] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.031608] Call Trace: [ 16.031624] <TASK> [ 16.031639] dump_stack_lvl+0x73/0xb0 [ 16.031675] print_report+0xd1/0x650 [ 16.031699] ? __virt_addr_valid+0x1db/0x2d0 [ 16.031723] ? kasan_atomics_helper+0x1467/0x5450 [ 16.031757] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.031782] ? kasan_atomics_helper+0x1467/0x5450 [ 16.031806] kasan_report+0x141/0x180 [ 16.031829] ? kasan_atomics_helper+0x1467/0x5450 [ 16.031858] kasan_check_range+0x10c/0x1c0 [ 16.031883] __kasan_check_write+0x18/0x20 [ 16.031904] kasan_atomics_helper+0x1467/0x5450 [ 16.031928] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.031952] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.031978] ? kasan_atomics+0x152/0x310 [ 16.032005] kasan_atomics+0x1dc/0x310 [ 16.032029] ? __pfx_kasan_atomics+0x10/0x10 [ 16.032054] ? __pfx_read_tsc+0x10/0x10 [ 16.032076] ? ktime_get_ts64+0x86/0x230 [ 16.032101] kunit_try_run_case+0x1a5/0x480 [ 16.032127] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.032153] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.032180] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.032204] ? __kthread_parkme+0x82/0x180 [ 16.032226] ? preempt_count_sub+0x50/0x80 [ 16.032250] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.032275] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.032302] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.032328] kthread+0x337/0x6f0 [ 16.032348] ? trace_preempt_on+0x20/0xc0 [ 16.032373] ? __pfx_kthread+0x10/0x10 [ 16.032395] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.032418] ? calculate_sigpending+0x7b/0xa0 [ 16.032444] ? __pfx_kthread+0x10/0x10 [ 16.032466] ret_from_fork+0x116/0x1d0 [ 16.032487] ? __pfx_kthread+0x10/0x10 [ 16.032508] ret_from_fork_asm+0x1a/0x30 [ 16.032540] </TASK> [ 16.032551] [ 16.039826] Allocated by task 283: [ 16.040008] kasan_save_stack+0x45/0x70 [ 16.040207] kasan_save_track+0x18/0x40 [ 16.040382] kasan_save_alloc_info+0x3b/0x50 [ 16.040574] __kasan_kmalloc+0xb7/0xc0 [ 16.040783] __kmalloc_cache_noprof+0x189/0x420 [ 16.040993] kasan_atomics+0x95/0x310 [ 16.041158] kunit_try_run_case+0x1a5/0x480 [ 16.041306] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.041482] kthread+0x337/0x6f0 [ 16.041603] ret_from_fork+0x116/0x1d0 [ 16.041736] ret_from_fork_asm+0x1a/0x30 [ 16.041886] [ 16.041956] The buggy address belongs to the object at ffff888103ad1980 [ 16.041956] which belongs to the cache kmalloc-64 of size 64 [ 16.042443] The buggy address is located 0 bytes to the right of [ 16.042443] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 16.043161] [ 16.043239] The buggy address belongs to the physical page: [ 16.043411] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 16.043656] flags: 0x200000000000000(node=0|zone=2) [ 16.043901] page_type: f5(slab) [ 16.044068] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.044407] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.044760] page dumped because: kasan: bad access detected [ 16.044954] [ 16.045023] Memory state around the buggy address: [ 16.045178] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.045393] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.045798] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.046121] ^ [ 16.046353] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.046724] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.047039] ================================================================== [ 15.990905] ================================================================== [ 15.991633] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 15.992444] Read of size 8 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 15.993181] [ 15.993355] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.993418] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.993432] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.993453] Call Trace: [ 15.993466] <TASK> [ 15.993480] dump_stack_lvl+0x73/0xb0 [ 15.993510] print_report+0xd1/0x650 [ 15.993534] ? __virt_addr_valid+0x1db/0x2d0 [ 15.993557] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.993579] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.993603] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.993627] kasan_report+0x141/0x180 [ 15.993660] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.993689] kasan_check_range+0x10c/0x1c0 [ 15.993714] __kasan_check_read+0x15/0x20 [ 15.993735] kasan_atomics_helper+0x13b5/0x5450 [ 15.993770] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.993794] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.993822] ? kasan_atomics+0x152/0x310 [ 15.993850] kasan_atomics+0x1dc/0x310 [ 15.993873] ? __pfx_kasan_atomics+0x10/0x10 [ 15.993899] ? __pfx_read_tsc+0x10/0x10 [ 15.993921] ? ktime_get_ts64+0x86/0x230 [ 15.993945] kunit_try_run_case+0x1a5/0x480 [ 15.993970] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.993995] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.994020] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.994045] ? __kthread_parkme+0x82/0x180 [ 15.994066] ? preempt_count_sub+0x50/0x80 [ 15.994092] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.994118] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.994144] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.994170] kthread+0x337/0x6f0 [ 15.994191] ? trace_preempt_on+0x20/0xc0 [ 15.994215] ? __pfx_kthread+0x10/0x10 [ 15.994237] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.994261] ? calculate_sigpending+0x7b/0xa0 [ 15.994287] ? __pfx_kthread+0x10/0x10 [ 15.994309] ret_from_fork+0x116/0x1d0 [ 15.994330] ? __pfx_kthread+0x10/0x10 [ 15.994352] ret_from_fork_asm+0x1a/0x30 [ 15.994392] </TASK> [ 15.994402] [ 16.004220] Allocated by task 283: [ 16.004370] kasan_save_stack+0x45/0x70 [ 16.004511] kasan_save_track+0x18/0x40 [ 16.004644] kasan_save_alloc_info+0x3b/0x50 [ 16.004912] __kasan_kmalloc+0xb7/0xc0 [ 16.005124] __kmalloc_cache_noprof+0x189/0x420 [ 16.005346] kasan_atomics+0x95/0x310 [ 16.005520] kunit_try_run_case+0x1a5/0x480 [ 16.005693] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.005879] kthread+0x337/0x6f0 [ 16.005996] ret_from_fork+0x116/0x1d0 [ 16.006182] ret_from_fork_asm+0x1a/0x30 [ 16.006384] [ 16.006482] The buggy address belongs to the object at ffff888103ad1980 [ 16.006482] which belongs to the cache kmalloc-64 of size 64 [ 16.006979] The buggy address is located 0 bytes to the right of [ 16.006979] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 16.007339] [ 16.007516] The buggy address belongs to the physical page: [ 16.007845] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 16.008215] flags: 0x200000000000000(node=0|zone=2) [ 16.008451] page_type: f5(slab) [ 16.008618] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.008971] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.009264] page dumped because: kasan: bad access detected [ 16.009493] [ 16.009596] Memory state around the buggy address: [ 16.009841] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.010126] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.010423] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.010737] ^ [ 16.010976] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.011284] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.011584] ================================================================== [ 16.122204] ================================================================== [ 16.122567] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 16.122949] Write of size 8 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 16.124307] [ 16.124414] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.124461] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.124474] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.124496] Call Trace: [ 16.124514] <TASK> [ 16.124532] dump_stack_lvl+0x73/0xb0 [ 16.124562] print_report+0xd1/0x650 [ 16.124587] ? __virt_addr_valid+0x1db/0x2d0 [ 16.124610] ? kasan_atomics_helper+0x16e7/0x5450 [ 16.124642] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.124668] ? kasan_atomics_helper+0x16e7/0x5450 [ 16.124690] kasan_report+0x141/0x180 [ 16.124713] ? kasan_atomics_helper+0x16e7/0x5450 [ 16.124740] kasan_check_range+0x10c/0x1c0 [ 16.124775] __kasan_check_write+0x18/0x20 [ 16.124796] kasan_atomics_helper+0x16e7/0x5450 [ 16.124820] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.124844] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.124870] ? kasan_atomics+0x152/0x310 [ 16.124897] kasan_atomics+0x1dc/0x310 [ 16.124922] ? __pfx_kasan_atomics+0x10/0x10 [ 16.124948] ? __pfx_read_tsc+0x10/0x10 [ 16.124970] ? ktime_get_ts64+0x86/0x230 [ 16.124997] kunit_try_run_case+0x1a5/0x480 [ 16.125021] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.125046] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.125072] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.125097] ? __kthread_parkme+0x82/0x180 [ 16.125118] ? preempt_count_sub+0x50/0x80 [ 16.125142] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.125168] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.125193] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.125220] kthread+0x337/0x6f0 [ 16.125239] ? trace_preempt_on+0x20/0xc0 [ 16.125264] ? __pfx_kthread+0x10/0x10 [ 16.125285] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.125308] ? calculate_sigpending+0x7b/0xa0 [ 16.125333] ? __pfx_kthread+0x10/0x10 [ 16.125356] ret_from_fork+0x116/0x1d0 [ 16.125374] ? __pfx_kthread+0x10/0x10 [ 16.125396] ret_from_fork_asm+0x1a/0x30 [ 16.125428] </TASK> [ 16.125440] [ 16.139111] Allocated by task 283: [ 16.139361] kasan_save_stack+0x45/0x70 [ 16.139557] kasan_save_track+0x18/0x40 [ 16.140017] kasan_save_alloc_info+0x3b/0x50 [ 16.140197] __kasan_kmalloc+0xb7/0xc0 [ 16.140518] __kmalloc_cache_noprof+0x189/0x420 [ 16.140811] kasan_atomics+0x95/0x310 [ 16.141154] kunit_try_run_case+0x1a5/0x480 [ 16.141473] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.141830] kthread+0x337/0x6f0 [ 16.141982] ret_from_fork+0x116/0x1d0 [ 16.142294] ret_from_fork_asm+0x1a/0x30 [ 16.142569] [ 16.142719] The buggy address belongs to the object at ffff888103ad1980 [ 16.142719] which belongs to the cache kmalloc-64 of size 64 [ 16.143331] The buggy address is located 0 bytes to the right of [ 16.143331] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 16.144120] [ 16.144242] The buggy address belongs to the physical page: [ 16.144641] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 16.145133] flags: 0x200000000000000(node=0|zone=2) [ 16.145403] page_type: f5(slab) [ 16.145722] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.146093] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.146416] page dumped because: kasan: bad access detected [ 16.146756] [ 16.147003] Memory state around the buggy address: [ 16.147187] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.147708] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.148175] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.148579] ^ [ 16.148912] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.149258] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.149678] ================================================================== [ 16.301606] ================================================================== [ 16.302325] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 16.302796] Write of size 8 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 16.303175] [ 16.303502] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.303551] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.303565] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.303585] Call Trace: [ 16.303601] <TASK> [ 16.303616] dump_stack_lvl+0x73/0xb0 [ 16.303647] print_report+0xd1/0x650 [ 16.303671] ? __virt_addr_valid+0x1db/0x2d0 [ 16.303695] ? kasan_atomics_helper+0x1b22/0x5450 [ 16.303717] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.303742] ? kasan_atomics_helper+0x1b22/0x5450 [ 16.303779] kasan_report+0x141/0x180 [ 16.303802] ? kasan_atomics_helper+0x1b22/0x5450 [ 16.303830] kasan_check_range+0x10c/0x1c0 [ 16.303854] __kasan_check_write+0x18/0x20 [ 16.303875] kasan_atomics_helper+0x1b22/0x5450 [ 16.303899] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.303923] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.303951] ? kasan_atomics+0x152/0x310 [ 16.303979] kasan_atomics+0x1dc/0x310 [ 16.304002] ? __pfx_kasan_atomics+0x10/0x10 [ 16.304028] ? __pfx_read_tsc+0x10/0x10 [ 16.304050] ? ktime_get_ts64+0x86/0x230 [ 16.304077] kunit_try_run_case+0x1a5/0x480 [ 16.304103] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.304127] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.304153] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.304179] ? __kthread_parkme+0x82/0x180 [ 16.304201] ? preempt_count_sub+0x50/0x80 [ 16.304225] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.304252] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.304279] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.304305] kthread+0x337/0x6f0 [ 16.304325] ? trace_preempt_on+0x20/0xc0 [ 16.304349] ? __pfx_kthread+0x10/0x10 [ 16.304371] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.304393] ? calculate_sigpending+0x7b/0xa0 [ 16.304420] ? __pfx_kthread+0x10/0x10 [ 16.304442] ret_from_fork+0x116/0x1d0 [ 16.304461] ? __pfx_kthread+0x10/0x10 [ 16.304483] ret_from_fork_asm+0x1a/0x30 [ 16.304514] </TASK> [ 16.304525] [ 16.314776] Allocated by task 283: [ 16.315037] kasan_save_stack+0x45/0x70 [ 16.315225] kasan_save_track+0x18/0x40 [ 16.315413] kasan_save_alloc_info+0x3b/0x50 [ 16.315610] __kasan_kmalloc+0xb7/0xc0 [ 16.315828] __kmalloc_cache_noprof+0x189/0x420 [ 16.316344] kasan_atomics+0x95/0x310 [ 16.316609] kunit_try_run_case+0x1a5/0x480 [ 16.316807] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.317221] kthread+0x337/0x6f0 [ 16.317462] ret_from_fork+0x116/0x1d0 [ 16.317807] ret_from_fork_asm+0x1a/0x30 [ 16.318076] [ 16.318170] The buggy address belongs to the object at ffff888103ad1980 [ 16.318170] which belongs to the cache kmalloc-64 of size 64 [ 16.318960] The buggy address is located 0 bytes to the right of [ 16.318960] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 16.319537] [ 16.319628] The buggy address belongs to the physical page: [ 16.319864] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 16.320403] flags: 0x200000000000000(node=0|zone=2) [ 16.320618] page_type: f5(slab) [ 16.320935] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.321329] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.321801] page dumped because: kasan: bad access detected [ 16.322133] [ 16.322217] Memory state around the buggy address: [ 16.322523] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.322992] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.323354] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.323618] ^ [ 16.323978] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.324430] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.324762] ================================================================== [ 16.325469] ================================================================== [ 16.326236] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 16.326709] Write of size 8 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 16.327234] [ 16.327349] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.327394] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.327406] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.327577] Call Trace: [ 16.327595] <TASK> [ 16.327610] dump_stack_lvl+0x73/0xb0 [ 16.327642] print_report+0xd1/0x650 [ 16.327682] ? __virt_addr_valid+0x1db/0x2d0 [ 16.327706] ? kasan_atomics_helper+0x1c18/0x5450 [ 16.327729] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.327765] ? kasan_atomics_helper+0x1c18/0x5450 [ 16.327789] kasan_report+0x141/0x180 [ 16.327812] ? kasan_atomics_helper+0x1c18/0x5450 [ 16.327838] kasan_check_range+0x10c/0x1c0 [ 16.327865] __kasan_check_write+0x18/0x20 [ 16.327886] kasan_atomics_helper+0x1c18/0x5450 [ 16.327910] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.327933] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.327960] ? kasan_atomics+0x152/0x310 [ 16.327987] kasan_atomics+0x1dc/0x310 [ 16.328011] ? __pfx_kasan_atomics+0x10/0x10 [ 16.328037] ? __pfx_read_tsc+0x10/0x10 [ 16.328059] ? ktime_get_ts64+0x86/0x230 [ 16.328084] kunit_try_run_case+0x1a5/0x480 [ 16.328110] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.328134] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.328159] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.328185] ? __kthread_parkme+0x82/0x180 [ 16.328206] ? preempt_count_sub+0x50/0x80 [ 16.328231] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.328257] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.328283] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.328311] kthread+0x337/0x6f0 [ 16.328331] ? trace_preempt_on+0x20/0xc0 [ 16.328355] ? __pfx_kthread+0x10/0x10 [ 16.328377] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.328400] ? calculate_sigpending+0x7b/0xa0 [ 16.328425] ? __pfx_kthread+0x10/0x10 [ 16.328447] ret_from_fork+0x116/0x1d0 [ 16.328467] ? __pfx_kthread+0x10/0x10 [ 16.328488] ret_from_fork_asm+0x1a/0x30 [ 16.328519] </TASK> [ 16.328531] [ 16.338889] Allocated by task 283: [ 16.339081] kasan_save_stack+0x45/0x70 [ 16.339287] kasan_save_track+0x18/0x40 [ 16.339472] kasan_save_alloc_info+0x3b/0x50 [ 16.339680] __kasan_kmalloc+0xb7/0xc0 [ 16.340118] __kmalloc_cache_noprof+0x189/0x420 [ 16.340291] kasan_atomics+0x95/0x310 [ 16.340603] kunit_try_run_case+0x1a5/0x480 [ 16.340964] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.341312] kthread+0x337/0x6f0 [ 16.341473] ret_from_fork+0x116/0x1d0 [ 16.341788] ret_from_fork_asm+0x1a/0x30 [ 16.342135] [ 16.342220] The buggy address belongs to the object at ffff888103ad1980 [ 16.342220] which belongs to the cache kmalloc-64 of size 64 [ 16.342890] The buggy address is located 0 bytes to the right of [ 16.342890] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 16.343381] [ 16.343478] The buggy address belongs to the physical page: [ 16.343702] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 16.344037] flags: 0x200000000000000(node=0|zone=2) [ 16.344251] page_type: f5(slab) [ 16.344405] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.345198] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.345484] page dumped because: kasan: bad access detected [ 16.345823] [ 16.345999] Memory state around the buggy address: [ 16.346210] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.346654] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.347155] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.347556] ^ [ 16.347820] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.348264] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.348617] ================================================================== [ 15.151791] ================================================================== [ 15.152116] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 15.153198] Read of size 4 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 15.153514] [ 15.153798] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.154004] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.154019] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.154040] Call Trace: [ 15.154053] <TASK> [ 15.154068] dump_stack_lvl+0x73/0xb0 [ 15.154099] print_report+0xd1/0x650 [ 15.154122] ? __virt_addr_valid+0x1db/0x2d0 [ 15.154146] ? kasan_atomics_helper+0x4b88/0x5450 [ 15.154168] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.154191] ? kasan_atomics_helper+0x4b88/0x5450 [ 15.154214] kasan_report+0x141/0x180 [ 15.154236] ? kasan_atomics_helper+0x4b88/0x5450 [ 15.154262] __asan_report_load4_noabort+0x18/0x20 [ 15.154288] kasan_atomics_helper+0x4b88/0x5450 [ 15.154311] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.154334] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.154366] ? kasan_atomics+0x152/0x310 [ 15.154393] kasan_atomics+0x1dc/0x310 [ 15.154415] ? __pfx_kasan_atomics+0x10/0x10 [ 15.154439] ? __pfx_read_tsc+0x10/0x10 [ 15.154460] ? ktime_get_ts64+0x86/0x230 [ 15.154484] kunit_try_run_case+0x1a5/0x480 [ 15.154509] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.154532] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.154556] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.154581] ? __kthread_parkme+0x82/0x180 [ 15.154601] ? preempt_count_sub+0x50/0x80 [ 15.154625] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.154702] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.154729] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.154766] kthread+0x337/0x6f0 [ 15.154786] ? trace_preempt_on+0x20/0xc0 [ 15.154810] ? __pfx_kthread+0x10/0x10 [ 15.154831] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.154855] ? calculate_sigpending+0x7b/0xa0 [ 15.154879] ? __pfx_kthread+0x10/0x10 [ 15.154901] ret_from_fork+0x116/0x1d0 [ 15.154919] ? __pfx_kthread+0x10/0x10 [ 15.154941] ret_from_fork_asm+0x1a/0x30 [ 15.154971] </TASK> [ 15.154982] [ 15.167418] Allocated by task 283: [ 15.167903] kasan_save_stack+0x45/0x70 [ 15.168420] kasan_save_track+0x18/0x40 [ 15.168764] kasan_save_alloc_info+0x3b/0x50 [ 15.169139] __kasan_kmalloc+0xb7/0xc0 [ 15.169443] __kmalloc_cache_noprof+0x189/0x420 [ 15.169865] kasan_atomics+0x95/0x310 [ 15.170024] kunit_try_run_case+0x1a5/0x480 [ 15.170355] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.170629] kthread+0x337/0x6f0 [ 15.171129] ret_from_fork+0x116/0x1d0 [ 15.171308] ret_from_fork_asm+0x1a/0x30 [ 15.171653] [ 15.171905] The buggy address belongs to the object at ffff888103ad1980 [ 15.171905] which belongs to the cache kmalloc-64 of size 64 [ 15.172984] The buggy address is located 0 bytes to the right of [ 15.172984] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 15.173583] [ 15.173831] The buggy address belongs to the physical page: [ 15.174066] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 15.174392] flags: 0x200000000000000(node=0|zone=2) [ 15.174623] page_type: f5(slab) [ 15.175108] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.175499] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.176103] page dumped because: kasan: bad access detected [ 15.176494] [ 15.176604] Memory state around the buggy address: [ 15.177194] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.177497] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.177974] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.178449] ^ [ 15.179097] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.179396] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.179924] ================================================================== [ 15.970797] ================================================================== [ 15.971117] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 15.971483] Read of size 4 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 15.971847] [ 15.971978] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.972020] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.972031] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.972051] Call Trace: [ 15.972066] <TASK> [ 15.972080] dump_stack_lvl+0x73/0xb0 [ 15.972109] print_report+0xd1/0x650 [ 15.972132] ? __virt_addr_valid+0x1db/0x2d0 [ 15.972157] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.972179] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.972205] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.972228] kasan_report+0x141/0x180 [ 15.972251] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.972278] __asan_report_load4_noabort+0x18/0x20 [ 15.972303] kasan_atomics_helper+0x49ce/0x5450 [ 15.972327] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.972351] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.972378] ? kasan_atomics+0x152/0x310 [ 15.972405] kasan_atomics+0x1dc/0x310 [ 15.972428] ? __pfx_kasan_atomics+0x10/0x10 [ 15.972454] ? __pfx_read_tsc+0x10/0x10 [ 15.972476] ? ktime_get_ts64+0x86/0x230 [ 15.972501] kunit_try_run_case+0x1a5/0x480 [ 15.972526] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.972551] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.972576] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.972622] ? __kthread_parkme+0x82/0x180 [ 15.972645] ? preempt_count_sub+0x50/0x80 [ 15.972677] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.972703] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.972729] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.972767] kthread+0x337/0x6f0 [ 15.972787] ? trace_preempt_on+0x20/0xc0 [ 15.972812] ? __pfx_kthread+0x10/0x10 [ 15.972834] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.972857] ? calculate_sigpending+0x7b/0xa0 [ 15.972882] ? __pfx_kthread+0x10/0x10 [ 15.972905] ret_from_fork+0x116/0x1d0 [ 15.972925] ? __pfx_kthread+0x10/0x10 [ 15.972946] ret_from_fork_asm+0x1a/0x30 [ 15.972976] </TASK> [ 15.972987] [ 15.980199] Allocated by task 283: [ 15.980357] kasan_save_stack+0x45/0x70 [ 15.980558] kasan_save_track+0x18/0x40 [ 15.980861] kasan_save_alloc_info+0x3b/0x50 [ 15.981116] __kasan_kmalloc+0xb7/0xc0 [ 15.981318] __kmalloc_cache_noprof+0x189/0x420 [ 15.981538] kasan_atomics+0x95/0x310 [ 15.981700] kunit_try_run_case+0x1a5/0x480 [ 15.981924] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.982120] kthread+0x337/0x6f0 [ 15.982347] ret_from_fork+0x116/0x1d0 [ 15.982520] ret_from_fork_asm+0x1a/0x30 [ 15.982700] [ 15.982880] The buggy address belongs to the object at ffff888103ad1980 [ 15.982880] which belongs to the cache kmalloc-64 of size 64 [ 15.983941] The buggy address is located 0 bytes to the right of [ 15.983941] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 15.985029] [ 15.985155] The buggy address belongs to the physical page: [ 15.985417] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 15.985664] flags: 0x200000000000000(node=0|zone=2) [ 15.986020] page_type: f5(slab) [ 15.986274] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.986504] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.986741] page dumped because: kasan: bad access detected [ 15.987175] [ 15.987346] Memory state around the buggy address: [ 15.987799] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.988072] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.988290] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.988501] ^ [ 15.988678] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.989323] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.990062] ================================================================== [ 16.083045] ================================================================== [ 16.083375] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 16.083833] Write of size 8 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 16.084122] [ 16.084231] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.084271] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.084283] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.084304] Call Trace: [ 16.084319] <TASK> [ 16.084333] dump_stack_lvl+0x73/0xb0 [ 16.084362] print_report+0xd1/0x650 [ 16.084384] ? __virt_addr_valid+0x1db/0x2d0 [ 16.084407] ? kasan_atomics_helper+0x15b6/0x5450 [ 16.084430] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.084454] ? kasan_atomics_helper+0x15b6/0x5450 [ 16.084477] kasan_report+0x141/0x180 [ 16.084500] ? kasan_atomics_helper+0x15b6/0x5450 [ 16.084527] kasan_check_range+0x10c/0x1c0 [ 16.084551] __kasan_check_write+0x18/0x20 [ 16.084572] kasan_atomics_helper+0x15b6/0x5450 [ 16.084595] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.084618] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.084644] ? kasan_atomics+0x152/0x310 [ 16.084687] kasan_atomics+0x1dc/0x310 [ 16.084710] ? __pfx_kasan_atomics+0x10/0x10 [ 16.084735] ? __pfx_read_tsc+0x10/0x10 [ 16.084768] ? ktime_get_ts64+0x86/0x230 [ 16.084793] kunit_try_run_case+0x1a5/0x480 [ 16.084818] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.084842] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.084868] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.084894] ? __kthread_parkme+0x82/0x180 [ 16.084915] ? preempt_count_sub+0x50/0x80 [ 16.084940] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.084965] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.084991] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.085018] kthread+0x337/0x6f0 [ 16.085039] ? trace_preempt_on+0x20/0xc0 [ 16.085063] ? __pfx_kthread+0x10/0x10 [ 16.085085] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.085108] ? calculate_sigpending+0x7b/0xa0 [ 16.085133] ? __pfx_kthread+0x10/0x10 [ 16.085155] ret_from_fork+0x116/0x1d0 [ 16.085175] ? __pfx_kthread+0x10/0x10 [ 16.085197] ret_from_fork_asm+0x1a/0x30 [ 16.085229] </TASK> [ 16.085239] [ 16.092731] Allocated by task 283: [ 16.092901] kasan_save_stack+0x45/0x70 [ 16.093089] kasan_save_track+0x18/0x40 [ 16.093270] kasan_save_alloc_info+0x3b/0x50 [ 16.093447] __kasan_kmalloc+0xb7/0xc0 [ 16.093581] __kmalloc_cache_noprof+0x189/0x420 [ 16.093953] kasan_atomics+0x95/0x310 [ 16.094144] kunit_try_run_case+0x1a5/0x480 [ 16.094338] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.094564] kthread+0x337/0x6f0 [ 16.094758] ret_from_fork+0x116/0x1d0 [ 16.094899] ret_from_fork_asm+0x1a/0x30 [ 16.095038] [ 16.095108] The buggy address belongs to the object at ffff888103ad1980 [ 16.095108] which belongs to the cache kmalloc-64 of size 64 [ 16.095466] The buggy address is located 0 bytes to the right of [ 16.095466] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 16.096059] [ 16.096156] The buggy address belongs to the physical page: [ 16.096411] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 16.096776] flags: 0x200000000000000(node=0|zone=2) [ 16.097100] page_type: f5(slab) [ 16.097270] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.097578] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.098034] page dumped because: kasan: bad access detected [ 16.098247] [ 16.098340] Memory state around the buggy address: [ 16.098521] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.098849] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.099237] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.099536] ^ [ 16.099779] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.100000] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.100213] ================================================================== [ 15.811078] ================================================================== [ 15.811475] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 15.811916] Write of size 4 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 15.812254] [ 15.812375] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.812420] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.812433] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.812453] Call Trace: [ 15.812468] <TASK> [ 15.812483] dump_stack_lvl+0x73/0xb0 [ 15.812546] print_report+0xd1/0x650 [ 15.812593] ? __virt_addr_valid+0x1db/0x2d0 [ 15.812665] ? kasan_atomics_helper+0x1079/0x5450 [ 15.812691] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.812727] ? kasan_atomics_helper+0x1079/0x5450 [ 15.812759] kasan_report+0x141/0x180 [ 15.812782] ? kasan_atomics_helper+0x1079/0x5450 [ 15.812810] kasan_check_range+0x10c/0x1c0 [ 15.812835] __kasan_check_write+0x18/0x20 [ 15.812855] kasan_atomics_helper+0x1079/0x5450 [ 15.812879] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.812904] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.812931] ? kasan_atomics+0x152/0x310 [ 15.812958] kasan_atomics+0x1dc/0x310 [ 15.812982] ? __pfx_kasan_atomics+0x10/0x10 [ 15.813009] ? __pfx_read_tsc+0x10/0x10 [ 15.813031] ? ktime_get_ts64+0x86/0x230 [ 15.813055] kunit_try_run_case+0x1a5/0x480 [ 15.813112] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.813137] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.813201] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.813227] ? __kthread_parkme+0x82/0x180 [ 15.813259] ? preempt_count_sub+0x50/0x80 [ 15.813284] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.813310] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.813336] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.813363] kthread+0x337/0x6f0 [ 15.813383] ? trace_preempt_on+0x20/0xc0 [ 15.813407] ? __pfx_kthread+0x10/0x10 [ 15.813428] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.813451] ? calculate_sigpending+0x7b/0xa0 [ 15.813477] ? __pfx_kthread+0x10/0x10 [ 15.813499] ret_from_fork+0x116/0x1d0 [ 15.813518] ? __pfx_kthread+0x10/0x10 [ 15.813539] ret_from_fork_asm+0x1a/0x30 [ 15.813571] </TASK> [ 15.813582] [ 15.821512] Allocated by task 283: [ 15.821722] kasan_save_stack+0x45/0x70 [ 15.821976] kasan_save_track+0x18/0x40 [ 15.822255] kasan_save_alloc_info+0x3b/0x50 [ 15.822506] __kasan_kmalloc+0xb7/0xc0 [ 15.822661] __kmalloc_cache_noprof+0x189/0x420 [ 15.822925] kasan_atomics+0x95/0x310 [ 15.823135] kunit_try_run_case+0x1a5/0x480 [ 15.823401] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.823584] kthread+0x337/0x6f0 [ 15.823804] ret_from_fork+0x116/0x1d0 [ 15.824059] ret_from_fork_asm+0x1a/0x30 [ 15.824308] [ 15.824401] The buggy address belongs to the object at ffff888103ad1980 [ 15.824401] which belongs to the cache kmalloc-64 of size 64 [ 15.824975] The buggy address is located 0 bytes to the right of [ 15.824975] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 15.825469] [ 15.825566] The buggy address belongs to the physical page: [ 15.825851] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 15.826239] flags: 0x200000000000000(node=0|zone=2) [ 15.826498] page_type: f5(slab) [ 15.826725] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.827058] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.827288] page dumped because: kasan: bad access detected [ 15.827540] [ 15.827632] Memory state around the buggy address: [ 15.827921] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.828246] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.828527] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.828877] ^ [ 15.829038] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.829354] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.829754] ================================================================== [ 16.150329] ================================================================== [ 16.151082] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 16.151404] Write of size 8 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 16.151842] [ 16.151941] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.152023] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.152036] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.152057] Call Trace: [ 16.152084] <TASK> [ 16.152101] dump_stack_lvl+0x73/0xb0 [ 16.152134] print_report+0xd1/0x650 [ 16.152376] ? __virt_addr_valid+0x1db/0x2d0 [ 16.152411] ? kasan_atomics_helper+0x177f/0x5450 [ 16.152435] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.152461] ? kasan_atomics_helper+0x177f/0x5450 [ 16.152485] kasan_report+0x141/0x180 [ 16.152509] ? kasan_atomics_helper+0x177f/0x5450 [ 16.152538] kasan_check_range+0x10c/0x1c0 [ 16.152563] __kasan_check_write+0x18/0x20 [ 16.152585] kasan_atomics_helper+0x177f/0x5450 [ 16.152610] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.152636] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.152678] ? kasan_atomics+0x152/0x310 [ 16.152706] kasan_atomics+0x1dc/0x310 [ 16.152730] ? __pfx_kasan_atomics+0x10/0x10 [ 16.152768] ? __pfx_read_tsc+0x10/0x10 [ 16.152790] ? ktime_get_ts64+0x86/0x230 [ 16.152816] kunit_try_run_case+0x1a5/0x480 [ 16.152842] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.152867] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.152892] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.152918] ? __kthread_parkme+0x82/0x180 [ 16.152941] ? preempt_count_sub+0x50/0x80 [ 16.152966] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.152992] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.153018] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.153046] kthread+0x337/0x6f0 [ 16.153067] ? trace_preempt_on+0x20/0xc0 [ 16.153092] ? __pfx_kthread+0x10/0x10 [ 16.153115] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.153139] ? calculate_sigpending+0x7b/0xa0 [ 16.153164] ? __pfx_kthread+0x10/0x10 [ 16.153187] ret_from_fork+0x116/0x1d0 [ 16.153206] ? __pfx_kthread+0x10/0x10 [ 16.153229] ret_from_fork_asm+0x1a/0x30 [ 16.153260] </TASK> [ 16.153272] [ 16.164539] Allocated by task 283: [ 16.164932] kasan_save_stack+0x45/0x70 [ 16.165234] kasan_save_track+0x18/0x40 [ 16.165437] kasan_save_alloc_info+0x3b/0x50 [ 16.165630] __kasan_kmalloc+0xb7/0xc0 [ 16.166109] __kmalloc_cache_noprof+0x189/0x420 [ 16.166324] kasan_atomics+0x95/0x310 [ 16.166595] kunit_try_run_case+0x1a5/0x480 [ 16.166935] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.167259] kthread+0x337/0x6f0 [ 16.167523] ret_from_fork+0x116/0x1d0 [ 16.167899] ret_from_fork_asm+0x1a/0x30 [ 16.168180] [ 16.168283] The buggy address belongs to the object at ffff888103ad1980 [ 16.168283] which belongs to the cache kmalloc-64 of size 64 [ 16.169004] The buggy address is located 0 bytes to the right of [ 16.169004] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 16.169712] [ 16.169933] The buggy address belongs to the physical page: [ 16.170174] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 16.170497] flags: 0x200000000000000(node=0|zone=2) [ 16.170932] page_type: f5(slab) [ 16.171211] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.171636] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.172132] page dumped because: kasan: bad access detected [ 16.172478] [ 16.172671] Memory state around the buggy address: [ 16.173029] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.173437] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.173890] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.174239] ^ [ 16.174650] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.174996] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.175389] ================================================================== [ 16.495892] ================================================================== [ 16.496124] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 16.496354] Write of size 8 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 16.496576] [ 16.496658] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.496721] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.496734] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.496774] Call Trace: [ 16.496787] <TASK> [ 16.496801] dump_stack_lvl+0x73/0xb0 [ 16.496828] print_report+0xd1/0x650 [ 16.496851] ? __virt_addr_valid+0x1db/0x2d0 [ 16.496873] ? kasan_atomics_helper+0x2006/0x5450 [ 16.496896] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.496920] ? kasan_atomics_helper+0x2006/0x5450 [ 16.496943] kasan_report+0x141/0x180 [ 16.496966] ? kasan_atomics_helper+0x2006/0x5450 [ 16.496994] kasan_check_range+0x10c/0x1c0 [ 16.497019] __kasan_check_write+0x18/0x20 [ 16.497039] kasan_atomics_helper+0x2006/0x5450 [ 16.497064] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.497088] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.497114] ? kasan_atomics+0x152/0x310 [ 16.497143] kasan_atomics+0x1dc/0x310 [ 16.497167] ? __pfx_kasan_atomics+0x10/0x10 [ 16.497192] ? __pfx_read_tsc+0x10/0x10 [ 16.497214] ? ktime_get_ts64+0x86/0x230 [ 16.497238] kunit_try_run_case+0x1a5/0x480 [ 16.497263] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.497287] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.497312] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.497337] ? __kthread_parkme+0x82/0x180 [ 16.497359] ? preempt_count_sub+0x50/0x80 [ 16.497383] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.497409] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.497435] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.497462] kthread+0x337/0x6f0 [ 16.497482] ? trace_preempt_on+0x20/0xc0 [ 16.497506] ? __pfx_kthread+0x10/0x10 [ 16.497528] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.497551] ? calculate_sigpending+0x7b/0xa0 [ 16.497577] ? __pfx_kthread+0x10/0x10 [ 16.497601] ret_from_fork+0x116/0x1d0 [ 16.497622] ? __pfx_kthread+0x10/0x10 [ 16.497644] ret_from_fork_asm+0x1a/0x30 [ 16.497699] </TASK> [ 16.497710] [ 16.505488] Allocated by task 283: [ 16.505632] kasan_save_stack+0x45/0x70 [ 16.505854] kasan_save_track+0x18/0x40 [ 16.506154] kasan_save_alloc_info+0x3b/0x50 [ 16.506304] __kasan_kmalloc+0xb7/0xc0 [ 16.506443] __kmalloc_cache_noprof+0x189/0x420 [ 16.506599] kasan_atomics+0x95/0x310 [ 16.506731] kunit_try_run_case+0x1a5/0x480 [ 16.507196] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.507480] kthread+0x337/0x6f0 [ 16.507653] ret_from_fork+0x116/0x1d0 [ 16.507975] ret_from_fork_asm+0x1a/0x30 [ 16.508198] [ 16.508317] The buggy address belongs to the object at ffff888103ad1980 [ 16.508317] which belongs to the cache kmalloc-64 of size 64 [ 16.508892] The buggy address is located 0 bytes to the right of [ 16.508892] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 16.509392] [ 16.509480] The buggy address belongs to the physical page: [ 16.509763] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 16.510110] flags: 0x200000000000000(node=0|zone=2) [ 16.510332] page_type: f5(slab) [ 16.510484] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.510869] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.511195] page dumped because: kasan: bad access detected [ 16.511450] [ 16.511544] Memory state around the buggy address: [ 16.511791] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.512120] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.512437] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.512814] ^ [ 16.513042] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.513347] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.513559] ================================================================== [ 16.562975] ================================================================== [ 16.563562] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 16.564298] Read of size 8 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 16.564998] [ 16.565230] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.565294] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.565308] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.565329] Call Trace: [ 16.565350] <TASK> [ 16.565368] dump_stack_lvl+0x73/0xb0 [ 16.565400] print_report+0xd1/0x650 [ 16.565423] ? __virt_addr_valid+0x1db/0x2d0 [ 16.565447] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.565471] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.565495] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.565519] kasan_report+0x141/0x180 [ 16.565541] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.565569] __asan_report_load8_noabort+0x18/0x20 [ 16.565595] kasan_atomics_helper+0x4fb2/0x5450 [ 16.565619] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.565643] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.565702] ? kasan_atomics+0x152/0x310 [ 16.565731] kasan_atomics+0x1dc/0x310 [ 16.565765] ? __pfx_kasan_atomics+0x10/0x10 [ 16.565790] ? __pfx_read_tsc+0x10/0x10 [ 16.565812] ? ktime_get_ts64+0x86/0x230 [ 16.565837] kunit_try_run_case+0x1a5/0x480 [ 16.565862] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.565887] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.565913] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.565938] ? __kthread_parkme+0x82/0x180 [ 16.565960] ? preempt_count_sub+0x50/0x80 [ 16.565984] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.566010] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.566036] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.566063] kthread+0x337/0x6f0 [ 16.566083] ? trace_preempt_on+0x20/0xc0 [ 16.566107] ? __pfx_kthread+0x10/0x10 [ 16.566129] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.566153] ? calculate_sigpending+0x7b/0xa0 [ 16.566178] ? __pfx_kthread+0x10/0x10 [ 16.566200] ret_from_fork+0x116/0x1d0 [ 16.566219] ? __pfx_kthread+0x10/0x10 [ 16.566241] ret_from_fork_asm+0x1a/0x30 [ 16.566273] </TASK> [ 16.566284] [ 16.577564] Allocated by task 283: [ 16.577943] kasan_save_stack+0x45/0x70 [ 16.578265] kasan_save_track+0x18/0x40 [ 16.578662] kasan_save_alloc_info+0x3b/0x50 [ 16.579002] __kasan_kmalloc+0xb7/0xc0 [ 16.579200] __kmalloc_cache_noprof+0x189/0x420 [ 16.579404] kasan_atomics+0x95/0x310 [ 16.579578] kunit_try_run_case+0x1a5/0x480 [ 16.580090] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.580465] kthread+0x337/0x6f0 [ 16.580629] ret_from_fork+0x116/0x1d0 [ 16.581059] ret_from_fork_asm+0x1a/0x30 [ 16.581376] [ 16.581597] The buggy address belongs to the object at ffff888103ad1980 [ 16.581597] which belongs to the cache kmalloc-64 of size 64 [ 16.582134] The buggy address is located 0 bytes to the right of [ 16.582134] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 16.582643] [ 16.583034] The buggy address belongs to the physical page: [ 16.583475] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 16.584117] flags: 0x200000000000000(node=0|zone=2) [ 16.584536] page_type: f5(slab) [ 16.584987] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.585454] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.586224] page dumped because: kasan: bad access detected [ 16.586680] [ 16.586797] Memory state around the buggy address: [ 16.587159] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.587461] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.588117] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.588546] ^ [ 16.589069] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.589462] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.589956] ================================================================== [ 16.644914] ================================================================== [ 16.645458] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 16.646123] Write of size 8 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 16.646566] [ 16.646661] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.646708] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.646721] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.646741] Call Trace: [ 16.646767] <TASK> [ 16.646784] dump_stack_lvl+0x73/0xb0 [ 16.646816] print_report+0xd1/0x650 [ 16.646839] ? __virt_addr_valid+0x1db/0x2d0 [ 16.646864] ? kasan_atomics_helper+0x224c/0x5450 [ 16.646886] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.646911] ? kasan_atomics_helper+0x224c/0x5450 [ 16.646933] kasan_report+0x141/0x180 [ 16.646957] ? kasan_atomics_helper+0x224c/0x5450 [ 16.646984] kasan_check_range+0x10c/0x1c0 [ 16.647009] __kasan_check_write+0x18/0x20 [ 16.647030] kasan_atomics_helper+0x224c/0x5450 [ 16.647054] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.647078] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.647105] ? kasan_atomics+0x152/0x310 [ 16.647133] kasan_atomics+0x1dc/0x310 [ 16.647158] ? __pfx_kasan_atomics+0x10/0x10 [ 16.647183] ? __pfx_read_tsc+0x10/0x10 [ 16.647205] ? ktime_get_ts64+0x86/0x230 [ 16.647230] kunit_try_run_case+0x1a5/0x480 [ 16.647255] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.647454] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.647499] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.647525] ? __kthread_parkme+0x82/0x180 [ 16.647548] ? preempt_count_sub+0x50/0x80 [ 16.647602] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.647630] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.647657] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.647684] kthread+0x337/0x6f0 [ 16.647705] ? trace_preempt_on+0x20/0xc0 [ 16.647731] ? __pfx_kthread+0x10/0x10 [ 16.647768] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.647791] ? calculate_sigpending+0x7b/0xa0 [ 16.647816] ? __pfx_kthread+0x10/0x10 [ 16.647839] ret_from_fork+0x116/0x1d0 [ 16.647859] ? __pfx_kthread+0x10/0x10 [ 16.647881] ret_from_fork_asm+0x1a/0x30 [ 16.647913] </TASK> [ 16.647924] [ 16.659058] Allocated by task 283: [ 16.659245] kasan_save_stack+0x45/0x70 [ 16.659450] kasan_save_track+0x18/0x40 [ 16.659644] kasan_save_alloc_info+0x3b/0x50 [ 16.660170] __kasan_kmalloc+0xb7/0xc0 [ 16.660539] __kmalloc_cache_noprof+0x189/0x420 [ 16.661024] kasan_atomics+0x95/0x310 [ 16.661270] kunit_try_run_case+0x1a5/0x480 [ 16.661477] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.661984] kthread+0x337/0x6f0 [ 16.662210] ret_from_fork+0x116/0x1d0 [ 16.662528] ret_from_fork_asm+0x1a/0x30 [ 16.662970] [ 16.663085] The buggy address belongs to the object at ffff888103ad1980 [ 16.663085] which belongs to the cache kmalloc-64 of size 64 [ 16.663575] The buggy address is located 0 bytes to the right of [ 16.663575] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 16.664803] [ 16.664891] The buggy address belongs to the physical page: [ 16.665316] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 16.666004] flags: 0x200000000000000(node=0|zone=2) [ 16.666470] page_type: f5(slab) [ 16.666729] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.667238] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.667881] page dumped because: kasan: bad access detected [ 16.668138] [ 16.668229] Memory state around the buggy address: [ 16.668438] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.668952] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.669468] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.670087] ^ [ 16.670317] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.670617] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.671393] ================================================================== [ 15.476683] ================================================================== [ 15.477521] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 15.478092] Write of size 4 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 15.479099] [ 15.479377] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.479423] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.479466] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.479487] Call Trace: [ 15.479503] <TASK> [ 15.479520] dump_stack_lvl+0x73/0xb0 [ 15.479563] print_report+0xd1/0x650 [ 15.479586] ? __virt_addr_valid+0x1db/0x2d0 [ 15.479611] ? kasan_atomics_helper+0x860/0x5450 [ 15.479633] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.479672] ? kasan_atomics_helper+0x860/0x5450 [ 15.479696] kasan_report+0x141/0x180 [ 15.479719] ? kasan_atomics_helper+0x860/0x5450 [ 15.479756] kasan_check_range+0x10c/0x1c0 [ 15.479782] __kasan_check_write+0x18/0x20 [ 15.479803] kasan_atomics_helper+0x860/0x5450 [ 15.479826] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.479851] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.479878] ? kasan_atomics+0x152/0x310 [ 15.479905] kasan_atomics+0x1dc/0x310 [ 15.479929] ? __pfx_kasan_atomics+0x10/0x10 [ 15.479955] ? __pfx_read_tsc+0x10/0x10 [ 15.479977] ? ktime_get_ts64+0x86/0x230 [ 15.480003] kunit_try_run_case+0x1a5/0x480 [ 15.480028] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.480053] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.480079] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.480105] ? __kthread_parkme+0x82/0x180 [ 15.480127] ? preempt_count_sub+0x50/0x80 [ 15.480152] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.480178] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.480204] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.480231] kthread+0x337/0x6f0 [ 15.480252] ? trace_preempt_on+0x20/0xc0 [ 15.480277] ? __pfx_kthread+0x10/0x10 [ 15.480298] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.480322] ? calculate_sigpending+0x7b/0xa0 [ 15.480347] ? __pfx_kthread+0x10/0x10 [ 15.480370] ret_from_fork+0x116/0x1d0 [ 15.480390] ? __pfx_kthread+0x10/0x10 [ 15.480411] ret_from_fork_asm+0x1a/0x30 [ 15.480443] </TASK> [ 15.480454] [ 15.490951] Allocated by task 283: [ 15.491095] kasan_save_stack+0x45/0x70 [ 15.491260] kasan_save_track+0x18/0x40 [ 15.491462] kasan_save_alloc_info+0x3b/0x50 [ 15.491684] __kasan_kmalloc+0xb7/0xc0 [ 15.491955] __kmalloc_cache_noprof+0x189/0x420 [ 15.492158] kasan_atomics+0x95/0x310 [ 15.492463] kunit_try_run_case+0x1a5/0x480 [ 15.492810] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.493089] kthread+0x337/0x6f0 [ 15.493305] ret_from_fork+0x116/0x1d0 [ 15.493462] ret_from_fork_asm+0x1a/0x30 [ 15.493600] [ 15.493766] The buggy address belongs to the object at ffff888103ad1980 [ 15.493766] which belongs to the cache kmalloc-64 of size 64 [ 15.494397] The buggy address is located 0 bytes to the right of [ 15.494397] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 15.495145] [ 15.495284] The buggy address belongs to the physical page: [ 15.495916] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 15.496301] flags: 0x200000000000000(node=0|zone=2) [ 15.496528] page_type: f5(slab) [ 15.496794] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.497108] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.497330] page dumped because: kasan: bad access detected [ 15.497497] [ 15.497593] Memory state around the buggy address: [ 15.497966] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.498337] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.498794] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.499106] ^ [ 15.499365] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.500060] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.500416] ================================================================== [ 16.534085] ================================================================== [ 16.534858] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 16.535365] Write of size 8 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 16.536434] [ 16.536608] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.536670] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.536683] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.536703] Call Trace: [ 16.536850] <TASK> [ 16.536871] dump_stack_lvl+0x73/0xb0 [ 16.536906] print_report+0xd1/0x650 [ 16.536946] ? __virt_addr_valid+0x1db/0x2d0 [ 16.536977] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.537000] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.537026] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.537050] kasan_report+0x141/0x180 [ 16.537073] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.537100] kasan_check_range+0x10c/0x1c0 [ 16.537126] __kasan_check_write+0x18/0x20 [ 16.537146] kasan_atomics_helper+0x20c8/0x5450 [ 16.537170] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.537194] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.537220] ? kasan_atomics+0x152/0x310 [ 16.537247] kasan_atomics+0x1dc/0x310 [ 16.537270] ? __pfx_kasan_atomics+0x10/0x10 [ 16.537295] ? __pfx_read_tsc+0x10/0x10 [ 16.537318] ? ktime_get_ts64+0x86/0x230 [ 16.537345] kunit_try_run_case+0x1a5/0x480 [ 16.537370] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.537395] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.537421] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.537446] ? __kthread_parkme+0x82/0x180 [ 16.537467] ? preempt_count_sub+0x50/0x80 [ 16.537492] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.537518] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.537544] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.537571] kthread+0x337/0x6f0 [ 16.537591] ? trace_preempt_on+0x20/0xc0 [ 16.537616] ? __pfx_kthread+0x10/0x10 [ 16.537637] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.537689] ? calculate_sigpending+0x7b/0xa0 [ 16.537716] ? __pfx_kthread+0x10/0x10 [ 16.537739] ret_from_fork+0x116/0x1d0 [ 16.537769] ? __pfx_kthread+0x10/0x10 [ 16.537790] ret_from_fork_asm+0x1a/0x30 [ 16.537823] </TASK> [ 16.537835] [ 16.549783] Allocated by task 283: [ 16.549965] kasan_save_stack+0x45/0x70 [ 16.550154] kasan_save_track+0x18/0x40 [ 16.550329] kasan_save_alloc_info+0x3b/0x50 [ 16.550528] __kasan_kmalloc+0xb7/0xc0 [ 16.551008] __kmalloc_cache_noprof+0x189/0x420 [ 16.551363] kasan_atomics+0x95/0x310 [ 16.551545] kunit_try_run_case+0x1a5/0x480 [ 16.552003] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.552436] kthread+0x337/0x6f0 [ 16.552838] ret_from_fork+0x116/0x1d0 [ 16.553287] ret_from_fork_asm+0x1a/0x30 [ 16.553569] [ 16.553824] The buggy address belongs to the object at ffff888103ad1980 [ 16.553824] which belongs to the cache kmalloc-64 of size 64 [ 16.554731] The buggy address is located 0 bytes to the right of [ 16.554731] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 16.555631] [ 16.556018] The buggy address belongs to the physical page: [ 16.556283] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 16.556615] flags: 0x200000000000000(node=0|zone=2) [ 16.557079] page_type: f5(slab) [ 16.557399] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.557998] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.558414] page dumped because: kasan: bad access detected [ 16.558834] [ 16.558943] Memory state around the buggy address: [ 16.559152] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.559437] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.560004] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.560523] ^ [ 16.560964] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.561402] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.561944] ================================================================== [ 15.905959] ================================================================== [ 15.906282] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 15.906616] Write of size 4 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 15.907691] [ 15.907895] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.908059] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.908074] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.908096] Call Trace: [ 15.908111] <TASK> [ 15.908127] dump_stack_lvl+0x73/0xb0 [ 15.908159] print_report+0xd1/0x650 [ 15.908183] ? __virt_addr_valid+0x1db/0x2d0 [ 15.908207] ? kasan_atomics_helper+0x1217/0x5450 [ 15.908230] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.908254] ? kasan_atomics_helper+0x1217/0x5450 [ 15.908278] kasan_report+0x141/0x180 [ 15.908301] ? kasan_atomics_helper+0x1217/0x5450 [ 15.908328] kasan_check_range+0x10c/0x1c0 [ 15.908353] __kasan_check_write+0x18/0x20 [ 15.908374] kasan_atomics_helper+0x1217/0x5450 [ 15.908399] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.908423] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.908450] ? kasan_atomics+0x152/0x310 [ 15.908477] kasan_atomics+0x1dc/0x310 [ 15.908501] ? __pfx_kasan_atomics+0x10/0x10 [ 15.908527] ? __pfx_read_tsc+0x10/0x10 [ 15.908550] ? ktime_get_ts64+0x86/0x230 [ 15.908575] kunit_try_run_case+0x1a5/0x480 [ 15.908601] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.908625] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.908803] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.908835] ? __kthread_parkme+0x82/0x180 [ 15.908857] ? preempt_count_sub+0x50/0x80 [ 15.908882] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.908908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.908935] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.908963] kthread+0x337/0x6f0 [ 15.908985] ? trace_preempt_on+0x20/0xc0 [ 15.909010] ? __pfx_kthread+0x10/0x10 [ 15.909032] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.909055] ? calculate_sigpending+0x7b/0xa0 [ 15.909080] ? __pfx_kthread+0x10/0x10 [ 15.909102] ret_from_fork+0x116/0x1d0 [ 15.909122] ? __pfx_kthread+0x10/0x10 [ 15.909144] ret_from_fork_asm+0x1a/0x30 [ 15.909175] </TASK> [ 15.909187] [ 15.920477] Allocated by task 283: [ 15.920827] kasan_save_stack+0x45/0x70 [ 15.921267] kasan_save_track+0x18/0x40 [ 15.921619] kasan_save_alloc_info+0x3b/0x50 [ 15.921929] __kasan_kmalloc+0xb7/0xc0 [ 15.922061] __kmalloc_cache_noprof+0x189/0x420 [ 15.922212] kasan_atomics+0x95/0x310 [ 15.922342] kunit_try_run_case+0x1a5/0x480 [ 15.922491] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.922684] kthread+0x337/0x6f0 [ 15.923005] ret_from_fork+0x116/0x1d0 [ 15.923339] ret_from_fork_asm+0x1a/0x30 [ 15.923730] [ 15.923897] The buggy address belongs to the object at ffff888103ad1980 [ 15.923897] which belongs to the cache kmalloc-64 of size 64 [ 15.925048] The buggy address is located 0 bytes to the right of [ 15.925048] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 15.926315] [ 15.926518] The buggy address belongs to the physical page: [ 15.927047] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 15.927670] flags: 0x200000000000000(node=0|zone=2) [ 15.928124] page_type: f5(slab) [ 15.928246] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.928469] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.928779] page dumped because: kasan: bad access detected [ 15.929255] [ 15.929410] Memory state around the buggy address: [ 15.929834] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.930511] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.931335] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.932074] ^ [ 15.932406] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.932613] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.933187] ================================================================== [ 15.708658] ================================================================== [ 15.709486] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 15.710230] Write of size 4 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 15.710936] [ 15.711112] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.711157] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.711170] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.711190] Call Trace: [ 15.711207] <TASK> [ 15.711225] dump_stack_lvl+0x73/0xb0 [ 15.711254] print_report+0xd1/0x650 [ 15.711278] ? __virt_addr_valid+0x1db/0x2d0 [ 15.711302] ? kasan_atomics_helper+0xe78/0x5450 [ 15.711323] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.711348] ? kasan_atomics_helper+0xe78/0x5450 [ 15.711371] kasan_report+0x141/0x180 [ 15.711393] ? kasan_atomics_helper+0xe78/0x5450 [ 15.711421] kasan_check_range+0x10c/0x1c0 [ 15.711445] __kasan_check_write+0x18/0x20 [ 15.711466] kasan_atomics_helper+0xe78/0x5450 [ 15.711489] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.711513] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.711541] ? kasan_atomics+0x152/0x310 [ 15.711567] kasan_atomics+0x1dc/0x310 [ 15.711591] ? __pfx_kasan_atomics+0x10/0x10 [ 15.711616] ? __pfx_read_tsc+0x10/0x10 [ 15.711638] ? ktime_get_ts64+0x86/0x230 [ 15.711686] kunit_try_run_case+0x1a5/0x480 [ 15.711711] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.711766] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.711794] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.711820] ? __kthread_parkme+0x82/0x180 [ 15.711841] ? preempt_count_sub+0x50/0x80 [ 15.711866] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.711892] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.711917] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.711944] kthread+0x337/0x6f0 [ 15.711964] ? trace_preempt_on+0x20/0xc0 [ 15.711988] ? __pfx_kthread+0x10/0x10 [ 15.712010] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.712033] ? calculate_sigpending+0x7b/0xa0 [ 15.712058] ? __pfx_kthread+0x10/0x10 [ 15.712081] ret_from_fork+0x116/0x1d0 [ 15.712100] ? __pfx_kthread+0x10/0x10 [ 15.712121] ret_from_fork_asm+0x1a/0x30 [ 15.712153] </TASK> [ 15.712164] [ 15.724942] Allocated by task 283: [ 15.725235] kasan_save_stack+0x45/0x70 [ 15.725379] kasan_save_track+0x18/0x40 [ 15.725511] kasan_save_alloc_info+0x3b/0x50 [ 15.725683] __kasan_kmalloc+0xb7/0xc0 [ 15.726058] __kmalloc_cache_noprof+0x189/0x420 [ 15.726502] kasan_atomics+0x95/0x310 [ 15.726896] kunit_try_run_case+0x1a5/0x480 [ 15.727296] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.727781] kthread+0x337/0x6f0 [ 15.728178] ret_from_fork+0x116/0x1d0 [ 15.728459] ret_from_fork_asm+0x1a/0x30 [ 15.728597] [ 15.728685] The buggy address belongs to the object at ffff888103ad1980 [ 15.728685] which belongs to the cache kmalloc-64 of size 64 [ 15.729282] The buggy address is located 0 bytes to the right of [ 15.729282] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 15.729636] [ 15.729844] The buggy address belongs to the physical page: [ 15.730364] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 15.731124] flags: 0x200000000000000(node=0|zone=2) [ 15.731572] page_type: f5(slab) [ 15.731933] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.732592] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.733182] page dumped because: kasan: bad access detected [ 15.733712] [ 15.733843] Memory state around the buggy address: [ 15.734115] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.734536] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.734782] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.735287] ^ [ 15.735440] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.735677] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.736327] ================================================================== [ 16.441786] ================================================================== [ 16.442130] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 16.442356] Write of size 8 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 16.442584] [ 16.442677] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.442718] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.442731] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.442764] Call Trace: [ 16.442780] <TASK> [ 16.442795] dump_stack_lvl+0x73/0xb0 [ 16.442823] print_report+0xd1/0x650 [ 16.442848] ? __virt_addr_valid+0x1db/0x2d0 [ 16.442875] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.442898] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.442923] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.442947] kasan_report+0x141/0x180 [ 16.442983] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.443012] kasan_check_range+0x10c/0x1c0 [ 16.443037] __kasan_check_write+0x18/0x20 [ 16.443068] kasan_atomics_helper+0x1eaa/0x5450 [ 16.443093] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.443118] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.443145] ? kasan_atomics+0x152/0x310 [ 16.443172] kasan_atomics+0x1dc/0x310 [ 16.443196] ? __pfx_kasan_atomics+0x10/0x10 [ 16.443222] ? __pfx_read_tsc+0x10/0x10 [ 16.443243] ? ktime_get_ts64+0x86/0x230 [ 16.443277] kunit_try_run_case+0x1a5/0x480 [ 16.443302] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.443337] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.443363] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.443388] ? __kthread_parkme+0x82/0x180 [ 16.443410] ? preempt_count_sub+0x50/0x80 [ 16.443435] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.443460] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.443486] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.443522] kthread+0x337/0x6f0 [ 16.443543] ? trace_preempt_on+0x20/0xc0 [ 16.443568] ? __pfx_kthread+0x10/0x10 [ 16.443601] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.443624] ? calculate_sigpending+0x7b/0xa0 [ 16.443650] ? __pfx_kthread+0x10/0x10 [ 16.443675] ret_from_fork+0x116/0x1d0 [ 16.443696] ? __pfx_kthread+0x10/0x10 [ 16.443726] ret_from_fork_asm+0x1a/0x30 [ 16.443772] </TASK> [ 16.443785] [ 16.451702] Allocated by task 283: [ 16.451863] kasan_save_stack+0x45/0x70 [ 16.452069] kasan_save_track+0x18/0x40 [ 16.452200] kasan_save_alloc_info+0x3b/0x50 [ 16.452417] __kasan_kmalloc+0xb7/0xc0 [ 16.452547] __kmalloc_cache_noprof+0x189/0x420 [ 16.452934] kasan_atomics+0x95/0x310 [ 16.453097] kunit_try_run_case+0x1a5/0x480 [ 16.453321] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.453531] kthread+0x337/0x6f0 [ 16.453647] ret_from_fork+0x116/0x1d0 [ 16.453853] ret_from_fork_asm+0x1a/0x30 [ 16.454050] [ 16.454165] The buggy address belongs to the object at ffff888103ad1980 [ 16.454165] which belongs to the cache kmalloc-64 of size 64 [ 16.454662] The buggy address is located 0 bytes to the right of [ 16.454662] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 16.455139] [ 16.455238] The buggy address belongs to the physical page: [ 16.455490] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 16.455922] flags: 0x200000000000000(node=0|zone=2) [ 16.456149] page_type: f5(slab) [ 16.456265] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.456586] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.456940] page dumped because: kasan: bad access detected [ 16.457108] [ 16.457175] Memory state around the buggy address: [ 16.457325] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.457532] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.457795] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.458202] ^ [ 16.458461] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.458833] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.459105] ================================================================== [ 15.124478] ================================================================== [ 15.125048] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 15.125483] Write of size 4 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 15.125956] [ 15.126341] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.126396] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.126410] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.126429] Call Trace: [ 15.126445] <TASK> [ 15.126462] dump_stack_lvl+0x73/0xb0 [ 15.126493] print_report+0xd1/0x650 [ 15.126516] ? __virt_addr_valid+0x1db/0x2d0 [ 15.126539] ? kasan_atomics_helper+0x4ba2/0x5450 [ 15.126561] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.126585] ? kasan_atomics_helper+0x4ba2/0x5450 [ 15.126607] kasan_report+0x141/0x180 [ 15.126629] ? kasan_atomics_helper+0x4ba2/0x5450 [ 15.126656] __asan_report_store4_noabort+0x1b/0x30 [ 15.126801] kasan_atomics_helper+0x4ba2/0x5450 [ 15.126828] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.126852] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.126880] ? kasan_atomics+0x152/0x310 [ 15.126907] kasan_atomics+0x1dc/0x310 [ 15.126930] ? __pfx_kasan_atomics+0x10/0x10 [ 15.126954] ? __pfx_read_tsc+0x10/0x10 [ 15.126975] ? ktime_get_ts64+0x86/0x230 [ 15.127001] kunit_try_run_case+0x1a5/0x480 [ 15.127026] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.127050] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.127076] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.127100] ? __kthread_parkme+0x82/0x180 [ 15.127122] ? preempt_count_sub+0x50/0x80 [ 15.127146] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.127171] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.127196] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.127222] kthread+0x337/0x6f0 [ 15.127242] ? trace_preempt_on+0x20/0xc0 [ 15.127265] ? __pfx_kthread+0x10/0x10 [ 15.127286] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.127308] ? calculate_sigpending+0x7b/0xa0 [ 15.127333] ? __pfx_kthread+0x10/0x10 [ 15.127355] ret_from_fork+0x116/0x1d0 [ 15.127373] ? __pfx_kthread+0x10/0x10 [ 15.127394] ret_from_fork_asm+0x1a/0x30 [ 15.127425] </TASK> [ 15.127436] [ 15.139239] Allocated by task 283: [ 15.139598] kasan_save_stack+0x45/0x70 [ 15.139822] kasan_save_track+0x18/0x40 [ 15.140133] kasan_save_alloc_info+0x3b/0x50 [ 15.140316] __kasan_kmalloc+0xb7/0xc0 [ 15.140505] __kmalloc_cache_noprof+0x189/0x420 [ 15.140692] kasan_atomics+0x95/0x310 [ 15.141214] kunit_try_run_case+0x1a5/0x480 [ 15.141475] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.141853] kthread+0x337/0x6f0 [ 15.142231] ret_from_fork+0x116/0x1d0 [ 15.142548] ret_from_fork_asm+0x1a/0x30 [ 15.142866] [ 15.142969] The buggy address belongs to the object at ffff888103ad1980 [ 15.142969] which belongs to the cache kmalloc-64 of size 64 [ 15.143656] The buggy address is located 0 bytes to the right of [ 15.143656] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 15.144390] [ 15.144659] The buggy address belongs to the physical page: [ 15.144947] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 15.145400] flags: 0x200000000000000(node=0|zone=2) [ 15.145686] page_type: f5(slab) [ 15.146034] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.146365] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.146937] page dumped because: kasan: bad access detected [ 15.147265] [ 15.147363] Memory state around the buggy address: [ 15.147621] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.148165] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.148551] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.149116] ^ [ 15.149413] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.149847] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.150168] ================================================================== [ 16.423729] ================================================================== [ 16.424149] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 16.424385] Write of size 8 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 16.424634] [ 16.424743] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.424795] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.424807] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.424829] Call Trace: [ 16.424845] <TASK> [ 16.424861] dump_stack_lvl+0x73/0xb0 [ 16.424888] print_report+0xd1/0x650 [ 16.424910] ? __virt_addr_valid+0x1db/0x2d0 [ 16.424932] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.424988] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.425014] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.425037] kasan_report+0x141/0x180 [ 16.425072] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.425099] kasan_check_range+0x10c/0x1c0 [ 16.425124] __kasan_check_write+0x18/0x20 [ 16.425145] kasan_atomics_helper+0x1e12/0x5450 [ 16.425169] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.425193] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.425220] ? kasan_atomics+0x152/0x310 [ 16.425247] kasan_atomics+0x1dc/0x310 [ 16.425270] ? __pfx_kasan_atomics+0x10/0x10 [ 16.425296] ? __pfx_read_tsc+0x10/0x10 [ 16.425317] ? ktime_get_ts64+0x86/0x230 [ 16.425342] kunit_try_run_case+0x1a5/0x480 [ 16.425367] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.425392] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.425418] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.425443] ? __kthread_parkme+0x82/0x180 [ 16.425464] ? preempt_count_sub+0x50/0x80 [ 16.425489] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.425515] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.425541] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.425578] kthread+0x337/0x6f0 [ 16.425599] ? trace_preempt_on+0x20/0xc0 [ 16.425624] ? __pfx_kthread+0x10/0x10 [ 16.425664] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.425687] ? calculate_sigpending+0x7b/0xa0 [ 16.425712] ? __pfx_kthread+0x10/0x10 [ 16.425742] ret_from_fork+0x116/0x1d0 [ 16.425775] ? __pfx_kthread+0x10/0x10 [ 16.425798] ret_from_fork_asm+0x1a/0x30 [ 16.425830] </TASK> [ 16.425841] [ 16.433523] Allocated by task 283: [ 16.433678] kasan_save_stack+0x45/0x70 [ 16.433904] kasan_save_track+0x18/0x40 [ 16.434106] kasan_save_alloc_info+0x3b/0x50 [ 16.434314] __kasan_kmalloc+0xb7/0xc0 [ 16.434491] __kmalloc_cache_noprof+0x189/0x420 [ 16.434650] kasan_atomics+0x95/0x310 [ 16.434794] kunit_try_run_case+0x1a5/0x480 [ 16.434983] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.435251] kthread+0x337/0x6f0 [ 16.435420] ret_from_fork+0x116/0x1d0 [ 16.435606] ret_from_fork_asm+0x1a/0x30 [ 16.435813] [ 16.435927] The buggy address belongs to the object at ffff888103ad1980 [ 16.435927] which belongs to the cache kmalloc-64 of size 64 [ 16.436336] The buggy address is located 0 bytes to the right of [ 16.436336] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 16.436985] [ 16.437081] The buggy address belongs to the physical page: [ 16.437331] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 16.437724] flags: 0x200000000000000(node=0|zone=2) [ 16.437928] page_type: f5(slab) [ 16.438116] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.438428] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.438779] page dumped because: kasan: bad access detected [ 16.439018] [ 16.439138] Memory state around the buggy address: [ 16.439297] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.439506] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.439710] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.439927] ^ [ 16.440074] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.440603] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.441221] ================================================================== [ 15.591783] ================================================================== [ 15.592164] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 15.592554] Write of size 4 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 15.592987] [ 15.593127] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.593171] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.593184] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.593216] Call Trace: [ 15.593233] <TASK> [ 15.593275] dump_stack_lvl+0x73/0xb0 [ 15.593306] print_report+0xd1/0x650 [ 15.593329] ? __virt_addr_valid+0x1db/0x2d0 [ 15.593363] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.593402] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.593436] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.593459] kasan_report+0x141/0x180 [ 15.593492] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.593519] kasan_check_range+0x10c/0x1c0 [ 15.593544] __kasan_check_write+0x18/0x20 [ 15.593565] kasan_atomics_helper+0xb6a/0x5450 [ 15.593589] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.593612] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.593639] ? kasan_atomics+0x152/0x310 [ 15.593673] kasan_atomics+0x1dc/0x310 [ 15.593697] ? __pfx_kasan_atomics+0x10/0x10 [ 15.593764] ? __pfx_read_tsc+0x10/0x10 [ 15.593786] ? ktime_get_ts64+0x86/0x230 [ 15.593811] kunit_try_run_case+0x1a5/0x480 [ 15.593837] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.593861] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.593914] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.593939] ? __kthread_parkme+0x82/0x180 [ 15.593988] ? preempt_count_sub+0x50/0x80 [ 15.594028] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.594067] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.594118] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.594158] kthread+0x337/0x6f0 [ 15.594179] ? trace_preempt_on+0x20/0xc0 [ 15.594203] ? __pfx_kthread+0x10/0x10 [ 15.594225] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.594248] ? calculate_sigpending+0x7b/0xa0 [ 15.594282] ? __pfx_kthread+0x10/0x10 [ 15.594305] ret_from_fork+0x116/0x1d0 [ 15.594325] ? __pfx_kthread+0x10/0x10 [ 15.594356] ret_from_fork_asm+0x1a/0x30 [ 15.594392] </TASK> [ 15.594403] [ 15.601206] Allocated by task 283: [ 15.601330] kasan_save_stack+0x45/0x70 [ 15.601471] kasan_save_track+0x18/0x40 [ 15.601772] kasan_save_alloc_info+0x3b/0x50 [ 15.601977] __kasan_kmalloc+0xb7/0xc0 [ 15.602178] __kmalloc_cache_noprof+0x189/0x420 [ 15.602394] kasan_atomics+0x95/0x310 [ 15.602565] kunit_try_run_case+0x1a5/0x480 [ 15.602851] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.603212] kthread+0x337/0x6f0 [ 15.603432] ret_from_fork+0x116/0x1d0 [ 15.603628] ret_from_fork_asm+0x1a/0x30 [ 15.603851] [ 15.604017] The buggy address belongs to the object at ffff888103ad1980 [ 15.604017] which belongs to the cache kmalloc-64 of size 64 [ 15.604595] The buggy address is located 0 bytes to the right of [ 15.604595] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 15.605438] [ 15.605551] The buggy address belongs to the physical page: [ 15.606793] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 15.607319] flags: 0x200000000000000(node=0|zone=2) [ 15.607481] page_type: f5(slab) [ 15.607600] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.608685] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.609028] page dumped because: kasan: bad access detected [ 15.609208] [ 15.609279] Memory state around the buggy address: [ 15.609500] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.613075] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.613996] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.614709] ^ [ 15.615377] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.616237] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.616540] ================================================================== [ 16.373441] ================================================================== [ 16.373828] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 16.374130] Write of size 8 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 16.374442] [ 16.374538] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.374580] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.374594] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.374614] Call Trace: [ 16.374631] <TASK> [ 16.374648] dump_stack_lvl+0x73/0xb0 [ 16.374677] print_report+0xd1/0x650 [ 16.374701] ? __virt_addr_valid+0x1db/0x2d0 [ 16.374724] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.374759] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.374783] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.374806] kasan_report+0x141/0x180 [ 16.374830] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.374857] kasan_check_range+0x10c/0x1c0 [ 16.374882] __kasan_check_write+0x18/0x20 [ 16.374903] kasan_atomics_helper+0x1ce1/0x5450 [ 16.374926] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.374951] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.374977] ? kasan_atomics+0x152/0x310 [ 16.375005] kasan_atomics+0x1dc/0x310 [ 16.375028] ? __pfx_kasan_atomics+0x10/0x10 [ 16.375054] ? __pfx_read_tsc+0x10/0x10 [ 16.375076] ? ktime_get_ts64+0x86/0x230 [ 16.375103] kunit_try_run_case+0x1a5/0x480 [ 16.375128] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.375154] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.375180] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.375205] ? __kthread_parkme+0x82/0x180 [ 16.375226] ? preempt_count_sub+0x50/0x80 [ 16.375251] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.375277] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.375303] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.375330] kthread+0x337/0x6f0 [ 16.375350] ? trace_preempt_on+0x20/0xc0 [ 16.375374] ? __pfx_kthread+0x10/0x10 [ 16.375396] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.375420] ? calculate_sigpending+0x7b/0xa0 [ 16.375445] ? __pfx_kthread+0x10/0x10 [ 16.375467] ret_from_fork+0x116/0x1d0 [ 16.375486] ? __pfx_kthread+0x10/0x10 [ 16.375507] ret_from_fork_asm+0x1a/0x30 [ 16.375538] </TASK> [ 16.375550] [ 16.383853] Allocated by task 283: [ 16.383981] kasan_save_stack+0x45/0x70 [ 16.384122] kasan_save_track+0x18/0x40 [ 16.384253] kasan_save_alloc_info+0x3b/0x50 [ 16.384399] __kasan_kmalloc+0xb7/0xc0 [ 16.384532] __kmalloc_cache_noprof+0x189/0x420 [ 16.384684] kasan_atomics+0x95/0x310 [ 16.384827] kunit_try_run_case+0x1a5/0x480 [ 16.384972] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.385142] kthread+0x337/0x6f0 [ 16.385261] ret_from_fork+0x116/0x1d0 [ 16.385967] ret_from_fork_asm+0x1a/0x30 [ 16.386180] [ 16.386277] The buggy address belongs to the object at ffff888103ad1980 [ 16.386277] which belongs to the cache kmalloc-64 of size 64 [ 16.386835] The buggy address is located 0 bytes to the right of [ 16.386835] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 16.387235] [ 16.387327] The buggy address belongs to the physical page: [ 16.387568] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 16.390553] flags: 0x200000000000000(node=0|zone=2) [ 16.390811] page_type: f5(slab) [ 16.391066] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.391851] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.392099] page dumped because: kasan: bad access detected [ 16.392274] [ 16.392347] Memory state around the buggy address: [ 16.392502] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.392724] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.393739] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.394797] ^ [ 16.395498] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.396394] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.397068] ================================================================== [ 16.398321] ================================================================== [ 16.398570] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 16.399986] Write of size 8 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 16.400806] [ 16.401117] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.401173] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.401187] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.401208] Call Trace: [ 16.401223] <TASK> [ 16.401240] dump_stack_lvl+0x73/0xb0 [ 16.401271] print_report+0xd1/0x650 [ 16.401294] ? __virt_addr_valid+0x1db/0x2d0 [ 16.401320] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.401343] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.401368] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.401391] kasan_report+0x141/0x180 [ 16.401414] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.401442] kasan_check_range+0x10c/0x1c0 [ 16.401467] __kasan_check_write+0x18/0x20 [ 16.401488] kasan_atomics_helper+0x1d7a/0x5450 [ 16.401512] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.401536] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.401562] ? kasan_atomics+0x152/0x310 [ 16.401589] kasan_atomics+0x1dc/0x310 [ 16.401613] ? __pfx_kasan_atomics+0x10/0x10 [ 16.401639] ? __pfx_read_tsc+0x10/0x10 [ 16.401793] ? ktime_get_ts64+0x86/0x230 [ 16.401824] kunit_try_run_case+0x1a5/0x480 [ 16.401888] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.401914] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.401940] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.401967] ? __kthread_parkme+0x82/0x180 [ 16.401988] ? preempt_count_sub+0x50/0x80 [ 16.402014] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.402040] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.402066] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.402093] kthread+0x337/0x6f0 [ 16.402114] ? trace_preempt_on+0x20/0xc0 [ 16.402138] ? __pfx_kthread+0x10/0x10 [ 16.402159] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.402183] ? calculate_sigpending+0x7b/0xa0 [ 16.402208] ? __pfx_kthread+0x10/0x10 [ 16.402231] ret_from_fork+0x116/0x1d0 [ 16.402250] ? __pfx_kthread+0x10/0x10 [ 16.402272] ret_from_fork_asm+0x1a/0x30 [ 16.402302] </TASK> [ 16.402314] [ 16.415183] Allocated by task 283: [ 16.415379] kasan_save_stack+0x45/0x70 [ 16.415548] kasan_save_track+0x18/0x40 [ 16.415804] kasan_save_alloc_info+0x3b/0x50 [ 16.415959] __kasan_kmalloc+0xb7/0xc0 [ 16.416117] __kmalloc_cache_noprof+0x189/0x420 [ 16.416341] kasan_atomics+0x95/0x310 [ 16.416533] kunit_try_run_case+0x1a5/0x480 [ 16.416776] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.416995] kthread+0x337/0x6f0 [ 16.417117] ret_from_fork+0x116/0x1d0 [ 16.417301] ret_from_fork_asm+0x1a/0x30 [ 16.417501] [ 16.417599] The buggy address belongs to the object at ffff888103ad1980 [ 16.417599] which belongs to the cache kmalloc-64 of size 64 [ 16.418197] The buggy address is located 0 bytes to the right of [ 16.418197] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 16.418647] [ 16.418721] The buggy address belongs to the physical page: [ 16.418969] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 16.419313] flags: 0x200000000000000(node=0|zone=2) [ 16.419478] page_type: f5(slab) [ 16.419614] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.420359] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.420673] page dumped because: kasan: bad access detected [ 16.420939] [ 16.421025] Memory state around the buggy address: [ 16.421250] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.421552] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.421869] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.422168] ^ [ 16.422384] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.422758] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.423048] ================================================================== [ 16.459491] ================================================================== [ 16.459783] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 16.460278] Write of size 8 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 16.460609] [ 16.460741] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.460800] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.460812] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.460832] Call Trace: [ 16.460847] <TASK> [ 16.460863] dump_stack_lvl+0x73/0xb0 [ 16.460891] print_report+0xd1/0x650 [ 16.460914] ? __virt_addr_valid+0x1db/0x2d0 [ 16.460937] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.460970] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.460994] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.461017] kasan_report+0x141/0x180 [ 16.461051] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.461078] kasan_check_range+0x10c/0x1c0 [ 16.461103] __kasan_check_write+0x18/0x20 [ 16.461124] kasan_atomics_helper+0x1f43/0x5450 [ 16.461148] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.461172] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.461198] ? kasan_atomics+0x152/0x310 [ 16.461225] kasan_atomics+0x1dc/0x310 [ 16.461249] ? __pfx_kasan_atomics+0x10/0x10 [ 16.461274] ? __pfx_read_tsc+0x10/0x10 [ 16.461296] ? ktime_get_ts64+0x86/0x230 [ 16.461322] kunit_try_run_case+0x1a5/0x480 [ 16.461347] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.461371] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.461397] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.461422] ? __kthread_parkme+0x82/0x180 [ 16.461443] ? preempt_count_sub+0x50/0x80 [ 16.461468] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.461494] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.461520] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.461547] kthread+0x337/0x6f0 [ 16.461568] ? trace_preempt_on+0x20/0xc0 [ 16.461592] ? __pfx_kthread+0x10/0x10 [ 16.461614] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.461637] ? calculate_sigpending+0x7b/0xa0 [ 16.461672] ? __pfx_kthread+0x10/0x10 [ 16.461694] ret_from_fork+0x116/0x1d0 [ 16.461714] ? __pfx_kthread+0x10/0x10 [ 16.461736] ret_from_fork_asm+0x1a/0x30 [ 16.461777] </TASK> [ 16.461788] [ 16.469176] Allocated by task 283: [ 16.469303] kasan_save_stack+0x45/0x70 [ 16.469444] kasan_save_track+0x18/0x40 [ 16.469581] kasan_save_alloc_info+0x3b/0x50 [ 16.469945] __kasan_kmalloc+0xb7/0xc0 [ 16.470137] __kmalloc_cache_noprof+0x189/0x420 [ 16.470385] kasan_atomics+0x95/0x310 [ 16.470574] kunit_try_run_case+0x1a5/0x480 [ 16.470945] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.471119] kthread+0x337/0x6f0 [ 16.471239] ret_from_fork+0x116/0x1d0 [ 16.471370] ret_from_fork_asm+0x1a/0x30 [ 16.471507] [ 16.471575] The buggy address belongs to the object at ffff888103ad1980 [ 16.471575] which belongs to the cache kmalloc-64 of size 64 [ 16.472409] The buggy address is located 0 bytes to the right of [ 16.472409] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 16.473016] [ 16.473130] The buggy address belongs to the physical page: [ 16.473439] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 16.473841] flags: 0x200000000000000(node=0|zone=2) [ 16.474102] page_type: f5(slab) [ 16.474244] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.474482] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.474972] page dumped because: kasan: bad access detected [ 16.475228] [ 16.475345] Memory state around the buggy address: [ 16.475549] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.475889] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.476197] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.476494] ^ [ 16.476730] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.477035] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.477331] ================================================================== [ 15.830484] ================================================================== [ 15.830799] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 15.831291] Read of size 4 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 15.831630] [ 15.831771] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.831847] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.831860] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.831881] Call Trace: [ 15.831898] <TASK> [ 15.831924] dump_stack_lvl+0x73/0xb0 [ 15.831953] print_report+0xd1/0x650 [ 15.831977] ? __virt_addr_valid+0x1db/0x2d0 [ 15.832000] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.832023] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.832047] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.832070] kasan_report+0x141/0x180 [ 15.832093] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.832121] __asan_report_load4_noabort+0x18/0x20 [ 15.832147] kasan_atomics_helper+0x4a1c/0x5450 [ 15.832171] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.832195] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.832222] ? kasan_atomics+0x152/0x310 [ 15.832249] kasan_atomics+0x1dc/0x310 [ 15.832273] ? __pfx_kasan_atomics+0x10/0x10 [ 15.832299] ? __pfx_read_tsc+0x10/0x10 [ 15.832321] ? ktime_get_ts64+0x86/0x230 [ 15.832345] kunit_try_run_case+0x1a5/0x480 [ 15.832370] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.832395] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.832419] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.832445] ? __kthread_parkme+0x82/0x180 [ 15.832466] ? preempt_count_sub+0x50/0x80 [ 15.832491] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.832516] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.832542] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.832568] kthread+0x337/0x6f0 [ 15.832588] ? trace_preempt_on+0x20/0xc0 [ 15.832613] ? __pfx_kthread+0x10/0x10 [ 15.832679] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.832705] ? calculate_sigpending+0x7b/0xa0 [ 15.832730] ? __pfx_kthread+0x10/0x10 [ 15.832768] ret_from_fork+0x116/0x1d0 [ 15.832787] ? __pfx_kthread+0x10/0x10 [ 15.832809] ret_from_fork_asm+0x1a/0x30 [ 15.832841] </TASK> [ 15.832852] [ 15.840421] Allocated by task 283: [ 15.840718] kasan_save_stack+0x45/0x70 [ 15.840984] kasan_save_track+0x18/0x40 [ 15.841154] kasan_save_alloc_info+0x3b/0x50 [ 15.841304] __kasan_kmalloc+0xb7/0xc0 [ 15.841479] __kmalloc_cache_noprof+0x189/0x420 [ 15.841774] kasan_atomics+0x95/0x310 [ 15.841989] kunit_try_run_case+0x1a5/0x480 [ 15.842183] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.842407] kthread+0x337/0x6f0 [ 15.842580] ret_from_fork+0x116/0x1d0 [ 15.842765] ret_from_fork_asm+0x1a/0x30 [ 15.842933] [ 15.843028] The buggy address belongs to the object at ffff888103ad1980 [ 15.843028] which belongs to the cache kmalloc-64 of size 64 [ 15.843495] The buggy address is located 0 bytes to the right of [ 15.843495] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 15.844109] [ 15.844226] The buggy address belongs to the physical page: [ 15.844480] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 15.844871] flags: 0x200000000000000(node=0|zone=2) [ 15.845038] page_type: f5(slab) [ 15.845158] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.845389] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.845740] page dumped because: kasan: bad access detected [ 15.846051] [ 15.846147] Memory state around the buggy address: [ 15.846379] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.846729] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.847060] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.847348] ^ [ 15.847576] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.847899] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.848116] ================================================================== [ 15.239877] ================================================================== [ 15.240517] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 15.241237] Read of size 4 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 15.242625] [ 15.242837] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.243161] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.243180] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.243203] Call Trace: [ 15.243219] <TASK> [ 15.243238] dump_stack_lvl+0x73/0xb0 [ 15.243270] print_report+0xd1/0x650 [ 15.243293] ? __virt_addr_valid+0x1db/0x2d0 [ 15.243318] ? kasan_atomics_helper+0x4b54/0x5450 [ 15.243341] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.243365] ? kasan_atomics_helper+0x4b54/0x5450 [ 15.243389] kasan_report+0x141/0x180 [ 15.243412] ? kasan_atomics_helper+0x4b54/0x5450 [ 15.243439] __asan_report_load4_noabort+0x18/0x20 [ 15.243465] kasan_atomics_helper+0x4b54/0x5450 [ 15.243489] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.243513] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.243539] ? kasan_atomics+0x152/0x310 [ 15.243567] kasan_atomics+0x1dc/0x310 [ 15.243590] ? __pfx_kasan_atomics+0x10/0x10 [ 15.243615] ? __pfx_read_tsc+0x10/0x10 [ 15.243636] ? ktime_get_ts64+0x86/0x230 [ 15.243687] kunit_try_run_case+0x1a5/0x480 [ 15.243712] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.243737] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.243774] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.243799] ? __kthread_parkme+0x82/0x180 [ 15.243821] ? preempt_count_sub+0x50/0x80 [ 15.243847] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.243873] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.243900] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.243926] kthread+0x337/0x6f0 [ 15.243947] ? trace_preempt_on+0x20/0xc0 [ 15.243973] ? __pfx_kthread+0x10/0x10 [ 15.243994] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.244017] ? calculate_sigpending+0x7b/0xa0 [ 15.244042] ? __pfx_kthread+0x10/0x10 [ 15.244064] ret_from_fork+0x116/0x1d0 [ 15.244084] ? __pfx_kthread+0x10/0x10 [ 15.244105] ret_from_fork_asm+0x1a/0x30 [ 15.244137] </TASK> [ 15.244148] [ 15.257981] Allocated by task 283: [ 15.258149] kasan_save_stack+0x45/0x70 [ 15.258346] kasan_save_track+0x18/0x40 [ 15.258530] kasan_save_alloc_info+0x3b/0x50 [ 15.259087] __kasan_kmalloc+0xb7/0xc0 [ 15.259264] __kmalloc_cache_noprof+0x189/0x420 [ 15.259428] kasan_atomics+0x95/0x310 [ 15.259938] kunit_try_run_case+0x1a5/0x480 [ 15.260266] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.260488] kthread+0x337/0x6f0 [ 15.260858] ret_from_fork+0x116/0x1d0 [ 15.261203] ret_from_fork_asm+0x1a/0x30 [ 15.261477] [ 15.261580] The buggy address belongs to the object at ffff888103ad1980 [ 15.261580] which belongs to the cache kmalloc-64 of size 64 [ 15.262275] The buggy address is located 0 bytes to the right of [ 15.262275] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 15.263125] [ 15.263209] The buggy address belongs to the physical page: [ 15.263454] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 15.264114] flags: 0x200000000000000(node=0|zone=2) [ 15.264482] page_type: f5(slab) [ 15.264627] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.265324] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.265782] page dumped because: kasan: bad access detected [ 15.266029] [ 15.266120] Memory state around the buggy address: [ 15.266336] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.266663] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.267380] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.267922] ^ [ 15.268148] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.268452] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.269003] ================================================================== [ 15.382588] ================================================================== [ 15.383458] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 15.384213] Write of size 4 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 15.384936] [ 15.385034] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.385092] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.385105] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.385137] Call Trace: [ 15.385154] <TASK> [ 15.385171] dump_stack_lvl+0x73/0xb0 [ 15.385202] print_report+0xd1/0x650 [ 15.385235] ? __virt_addr_valid+0x1db/0x2d0 [ 15.385260] ? kasan_atomics_helper+0x697/0x5450 [ 15.385283] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.385319] ? kasan_atomics_helper+0x697/0x5450 [ 15.385342] kasan_report+0x141/0x180 [ 15.385366] ? kasan_atomics_helper+0x697/0x5450 [ 15.385404] kasan_check_range+0x10c/0x1c0 [ 15.385429] __kasan_check_write+0x18/0x20 [ 15.385450] kasan_atomics_helper+0x697/0x5450 [ 15.385474] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.385497] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.385534] ? kasan_atomics+0x152/0x310 [ 15.385562] kasan_atomics+0x1dc/0x310 [ 15.385596] ? __pfx_kasan_atomics+0x10/0x10 [ 15.385622] ? __pfx_read_tsc+0x10/0x10 [ 15.385644] ? ktime_get_ts64+0x86/0x230 [ 15.385670] kunit_try_run_case+0x1a5/0x480 [ 15.385703] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.385727] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.385770] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.385796] ? __kthread_parkme+0x82/0x180 [ 15.385819] ? preempt_count_sub+0x50/0x80 [ 15.385844] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.385870] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.385896] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.385981] kthread+0x337/0x6f0 [ 15.386004] ? trace_preempt_on+0x20/0xc0 [ 15.386029] ? __pfx_kthread+0x10/0x10 [ 15.386050] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.386074] ? calculate_sigpending+0x7b/0xa0 [ 15.386099] ? __pfx_kthread+0x10/0x10 [ 15.386121] ret_from_fork+0x116/0x1d0 [ 15.386141] ? __pfx_kthread+0x10/0x10 [ 15.386163] ret_from_fork_asm+0x1a/0x30 [ 15.386194] </TASK> [ 15.386206] [ 15.400293] Allocated by task 283: [ 15.400631] kasan_save_stack+0x45/0x70 [ 15.400995] kasan_save_track+0x18/0x40 [ 15.401137] kasan_save_alloc_info+0x3b/0x50 [ 15.401558] __kasan_kmalloc+0xb7/0xc0 [ 15.401975] __kmalloc_cache_noprof+0x189/0x420 [ 15.402236] kasan_atomics+0x95/0x310 [ 15.402375] kunit_try_run_case+0x1a5/0x480 [ 15.402523] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.402997] kthread+0x337/0x6f0 [ 15.403402] ret_from_fork+0x116/0x1d0 [ 15.403821] ret_from_fork_asm+0x1a/0x30 [ 15.404307] [ 15.404519] The buggy address belongs to the object at ffff888103ad1980 [ 15.404519] which belongs to the cache kmalloc-64 of size 64 [ 15.405842] The buggy address is located 0 bytes to the right of [ 15.405842] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 15.406401] [ 15.406476] The buggy address belongs to the physical page: [ 15.406651] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 15.406902] flags: 0x200000000000000(node=0|zone=2) [ 15.407067] page_type: f5(slab) [ 15.407188] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.407427] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.407713] page dumped because: kasan: bad access detected [ 15.408232] [ 15.408388] Memory state around the buggy address: [ 15.408938] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.409586] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.410493] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.411387] ^ [ 15.411848] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.412689] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.413452] ================================================================== [ 16.228423] ================================================================== [ 16.229179] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 16.229610] Write of size 8 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 16.230281] [ 16.230417] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.230569] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.230583] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.230604] Call Trace: [ 16.230618] <TASK> [ 16.230634] dump_stack_lvl+0x73/0xb0 [ 16.230666] print_report+0xd1/0x650 [ 16.230690] ? __virt_addr_valid+0x1db/0x2d0 [ 16.230715] ? kasan_atomics_helper+0x194a/0x5450 [ 16.230737] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.230774] ? kasan_atomics_helper+0x194a/0x5450 [ 16.230797] kasan_report+0x141/0x180 [ 16.230820] ? kasan_atomics_helper+0x194a/0x5450 [ 16.230848] kasan_check_range+0x10c/0x1c0 [ 16.230873] __kasan_check_write+0x18/0x20 [ 16.230893] kasan_atomics_helper+0x194a/0x5450 [ 16.230918] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.230943] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.230969] ? kasan_atomics+0x152/0x310 [ 16.230996] kasan_atomics+0x1dc/0x310 [ 16.231020] ? __pfx_kasan_atomics+0x10/0x10 [ 16.231045] ? __pfx_read_tsc+0x10/0x10 [ 16.231067] ? ktime_get_ts64+0x86/0x230 [ 16.231092] kunit_try_run_case+0x1a5/0x480 [ 16.231117] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.231142] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.231167] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.231192] ? __kthread_parkme+0x82/0x180 [ 16.231214] ? preempt_count_sub+0x50/0x80 [ 16.231239] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.231264] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.231290] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.231316] kthread+0x337/0x6f0 [ 16.231337] ? trace_preempt_on+0x20/0xc0 [ 16.231361] ? __pfx_kthread+0x10/0x10 [ 16.231383] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.231406] ? calculate_sigpending+0x7b/0xa0 [ 16.231431] ? __pfx_kthread+0x10/0x10 [ 16.231454] ret_from_fork+0x116/0x1d0 [ 16.231474] ? __pfx_kthread+0x10/0x10 [ 16.231495] ret_from_fork_asm+0x1a/0x30 [ 16.231526] </TASK> [ 16.231537] [ 16.242332] Allocated by task 283: [ 16.242619] kasan_save_stack+0x45/0x70 [ 16.242941] kasan_save_track+0x18/0x40 [ 16.243201] kasan_save_alloc_info+0x3b/0x50 [ 16.243468] __kasan_kmalloc+0xb7/0xc0 [ 16.243796] __kmalloc_cache_noprof+0x189/0x420 [ 16.244041] kasan_atomics+0x95/0x310 [ 16.244203] kunit_try_run_case+0x1a5/0x480 [ 16.244397] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.244640] kthread+0x337/0x6f0 [ 16.245097] ret_from_fork+0x116/0x1d0 [ 16.245260] ret_from_fork_asm+0x1a/0x30 [ 16.245565] [ 16.245683] The buggy address belongs to the object at ffff888103ad1980 [ 16.245683] which belongs to the cache kmalloc-64 of size 64 [ 16.246414] The buggy address is located 0 bytes to the right of [ 16.246414] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 16.247164] [ 16.247252] The buggy address belongs to the physical page: [ 16.247491] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 16.248064] flags: 0x200000000000000(node=0|zone=2) [ 16.248393] page_type: f5(slab) [ 16.248575] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.249176] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.249568] page dumped because: kasan: bad access detected [ 16.249946] [ 16.250050] Memory state around the buggy address: [ 16.250396] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.250881] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.251250] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.251557] ^ [ 16.251787] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.252280] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.252643] ================================================================== [ 15.934072] ================================================================== [ 15.934713] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 15.935417] Read of size 4 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 15.936042] [ 15.936213] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.936257] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.936270] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.936291] Call Trace: [ 15.936309] <TASK> [ 15.936325] dump_stack_lvl+0x73/0xb0 [ 15.936355] print_report+0xd1/0x650 [ 15.936379] ? __virt_addr_valid+0x1db/0x2d0 [ 15.936428] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.936451] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.936477] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.936500] kasan_report+0x141/0x180 [ 15.936523] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.936550] __asan_report_load4_noabort+0x18/0x20 [ 15.936599] kasan_atomics_helper+0x49e8/0x5450 [ 15.936623] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.936649] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.936684] ? kasan_atomics+0x152/0x310 [ 15.936712] kasan_atomics+0x1dc/0x310 [ 15.936736] ? __pfx_kasan_atomics+0x10/0x10 [ 15.936772] ? __pfx_read_tsc+0x10/0x10 [ 15.936793] ? ktime_get_ts64+0x86/0x230 [ 15.936818] kunit_try_run_case+0x1a5/0x480 [ 15.936844] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.936869] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.936896] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.936921] ? __kthread_parkme+0x82/0x180 [ 15.936942] ? preempt_count_sub+0x50/0x80 [ 15.936967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.936993] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.937018] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.937046] kthread+0x337/0x6f0 [ 15.937066] ? trace_preempt_on+0x20/0xc0 [ 15.937091] ? __pfx_kthread+0x10/0x10 [ 15.937113] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.937137] ? calculate_sigpending+0x7b/0xa0 [ 15.937162] ? __pfx_kthread+0x10/0x10 [ 15.937184] ret_from_fork+0x116/0x1d0 [ 15.937203] ? __pfx_kthread+0x10/0x10 [ 15.937225] ret_from_fork_asm+0x1a/0x30 [ 15.937256] </TASK> [ 15.937267] [ 15.944586] Allocated by task 283: [ 15.944769] kasan_save_stack+0x45/0x70 [ 15.944909] kasan_save_track+0x18/0x40 [ 15.945042] kasan_save_alloc_info+0x3b/0x50 [ 15.945186] __kasan_kmalloc+0xb7/0xc0 [ 15.945390] __kmalloc_cache_noprof+0x189/0x420 [ 15.945608] kasan_atomics+0x95/0x310 [ 15.945953] kunit_try_run_case+0x1a5/0x480 [ 15.946135] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.946305] kthread+0x337/0x6f0 [ 15.946427] ret_from_fork+0x116/0x1d0 [ 15.946609] ret_from_fork_asm+0x1a/0x30 [ 15.946812] [ 15.946905] The buggy address belongs to the object at ffff888103ad1980 [ 15.946905] which belongs to the cache kmalloc-64 of size 64 [ 15.947464] The buggy address is located 0 bytes to the right of [ 15.947464] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 15.947954] [ 15.948025] The buggy address belongs to the physical page: [ 15.948190] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 15.948432] flags: 0x200000000000000(node=0|zone=2) [ 15.948677] page_type: f5(slab) [ 15.948884] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.949234] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.949595] page dumped because: kasan: bad access detected [ 15.949910] [ 15.949978] Memory state around the buggy address: [ 15.950128] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.950481] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.950767] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.950975] ^ [ 15.951128] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.951536] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.951848] ================================================================== [ 15.877463] ================================================================== [ 15.878228] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 15.879196] Read of size 4 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 15.879978] [ 15.880262] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.880319] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.880333] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.880353] Call Trace: [ 15.880371] <TASK> [ 15.880390] dump_stack_lvl+0x73/0xb0 [ 15.880422] print_report+0xd1/0x650 [ 15.880447] ? __virt_addr_valid+0x1db/0x2d0 [ 15.880472] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.880495] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.880520] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.880543] kasan_report+0x141/0x180 [ 15.880566] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.880595] __asan_report_load4_noabort+0x18/0x20 [ 15.880623] kasan_atomics_helper+0x4a02/0x5450 [ 15.880655] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.880679] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.880707] ? kasan_atomics+0x152/0x310 [ 15.880734] kasan_atomics+0x1dc/0x310 [ 15.880766] ? __pfx_kasan_atomics+0x10/0x10 [ 15.880791] ? __pfx_read_tsc+0x10/0x10 [ 15.880814] ? ktime_get_ts64+0x86/0x230 [ 15.880841] kunit_try_run_case+0x1a5/0x480 [ 15.880867] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.880892] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.880919] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.880944] ? __kthread_parkme+0x82/0x180 [ 15.880966] ? preempt_count_sub+0x50/0x80 [ 15.880991] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.881018] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.881043] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.881069] kthread+0x337/0x6f0 [ 15.881090] ? trace_preempt_on+0x20/0xc0 [ 15.881115] ? __pfx_kthread+0x10/0x10 [ 15.881136] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.881159] ? calculate_sigpending+0x7b/0xa0 [ 15.881184] ? __pfx_kthread+0x10/0x10 [ 15.881207] ret_from_fork+0x116/0x1d0 [ 15.881226] ? __pfx_kthread+0x10/0x10 [ 15.881248] ret_from_fork_asm+0x1a/0x30 [ 15.881281] </TASK> [ 15.881292] [ 15.895264] Allocated by task 283: [ 15.895397] kasan_save_stack+0x45/0x70 [ 15.895543] kasan_save_track+0x18/0x40 [ 15.895690] kasan_save_alloc_info+0x3b/0x50 [ 15.895976] __kasan_kmalloc+0xb7/0xc0 [ 15.896110] __kmalloc_cache_noprof+0x189/0x420 [ 15.896288] kasan_atomics+0x95/0x310 [ 15.896474] kunit_try_run_case+0x1a5/0x480 [ 15.896695] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.897106] kthread+0x337/0x6f0 [ 15.897276] ret_from_fork+0x116/0x1d0 [ 15.897455] ret_from_fork_asm+0x1a/0x30 [ 15.897641] [ 15.898077] The buggy address belongs to the object at ffff888103ad1980 [ 15.898077] which belongs to the cache kmalloc-64 of size 64 [ 15.899008] The buggy address is located 0 bytes to the right of [ 15.899008] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 15.899819] [ 15.899928] The buggy address belongs to the physical page: [ 15.900277] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 15.900613] flags: 0x200000000000000(node=0|zone=2) [ 15.901070] page_type: f5(slab) [ 15.901362] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.901998] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.902397] page dumped because: kasan: bad access detected [ 15.902634] [ 15.902909] Memory state around the buggy address: [ 15.903365] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.903843] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.904159] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.904447] ^ [ 15.904801] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.905273] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.905501] ================================================================== [ 15.952315] ================================================================== [ 15.952949] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 15.953444] Write of size 4 at addr ffff888103ad19b0 by task kunit_try_catch/283 [ 15.953826] [ 15.953959] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.954002] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.954014] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.954035] Call Trace: [ 15.954051] <TASK> [ 15.954068] dump_stack_lvl+0x73/0xb0 [ 15.954096] print_report+0xd1/0x650 [ 15.954119] ? __virt_addr_valid+0x1db/0x2d0 [ 15.954143] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.954167] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.954199] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.954222] kasan_report+0x141/0x180 [ 15.954245] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.954272] kasan_check_range+0x10c/0x1c0 [ 15.954297] __kasan_check_write+0x18/0x20 [ 15.954318] kasan_atomics_helper+0x12e6/0x5450 [ 15.954342] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.954372] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.954398] ? kasan_atomics+0x152/0x310 [ 15.954426] kasan_atomics+0x1dc/0x310 [ 15.954449] ? __pfx_kasan_atomics+0x10/0x10 [ 15.954475] ? __pfx_read_tsc+0x10/0x10 [ 15.954497] ? ktime_get_ts64+0x86/0x230 [ 15.954523] kunit_try_run_case+0x1a5/0x480 [ 15.954548] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.954572] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.954598] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.954623] ? __kthread_parkme+0x82/0x180 [ 15.954644] ? preempt_count_sub+0x50/0x80 [ 15.954696] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.954723] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.954760] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.954787] kthread+0x337/0x6f0 [ 15.954808] ? trace_preempt_on+0x20/0xc0 [ 15.954832] ? __pfx_kthread+0x10/0x10 [ 15.954854] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.954876] ? calculate_sigpending+0x7b/0xa0 [ 15.954902] ? __pfx_kthread+0x10/0x10 [ 15.954924] ret_from_fork+0x116/0x1d0 [ 15.954943] ? __pfx_kthread+0x10/0x10 [ 15.954965] ret_from_fork_asm+0x1a/0x30 [ 15.955018] </TASK> [ 15.955029] [ 15.962410] Allocated by task 283: [ 15.962589] kasan_save_stack+0x45/0x70 [ 15.962911] kasan_save_track+0x18/0x40 [ 15.963193] kasan_save_alloc_info+0x3b/0x50 [ 15.963387] __kasan_kmalloc+0xb7/0xc0 [ 15.963566] __kmalloc_cache_noprof+0x189/0x420 [ 15.963854] kasan_atomics+0x95/0x310 [ 15.964060] kunit_try_run_case+0x1a5/0x480 [ 15.964272] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.964509] kthread+0x337/0x6f0 [ 15.964632] ret_from_fork+0x116/0x1d0 [ 15.964776] ret_from_fork_asm+0x1a/0x30 [ 15.964917] [ 15.964988] The buggy address belongs to the object at ffff888103ad1980 [ 15.964988] which belongs to the cache kmalloc-64 of size 64 [ 15.965451] The buggy address is located 0 bytes to the right of [ 15.965451] allocated 48-byte region [ffff888103ad1980, ffff888103ad19b0) [ 15.966011] [ 15.966106] The buggy address belongs to the physical page: [ 15.966398] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad1 [ 15.966811] flags: 0x200000000000000(node=0|zone=2) [ 15.966973] page_type: f5(slab) [ 15.967093] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.967324] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.967598] page dumped because: kasan: bad access detected [ 15.968116] [ 15.968211] Memory state around the buggy address: [ 15.968459] ffff888103ad1880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.968871] ffff888103ad1900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.969194] >ffff888103ad1980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.969452] ^ [ 15.969613] ffff888103ad1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.969994] ffff888103ad1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.970329] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 14.913537] ================================================================== [ 14.914215] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.914689] Write of size 8 at addr ffff888102894308 by task kunit_try_catch/279 [ 14.915344] [ 14.915573] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.915622] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.915634] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.915821] Call Trace: [ 14.915842] <TASK> [ 14.915857] dump_stack_lvl+0x73/0xb0 [ 14.915887] print_report+0xd1/0x650 [ 14.915909] ? __virt_addr_valid+0x1db/0x2d0 [ 14.915932] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.915961] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.915985] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.916014] kasan_report+0x141/0x180 [ 14.916035] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.916069] kasan_check_range+0x10c/0x1c0 [ 14.916093] __kasan_check_write+0x18/0x20 [ 14.916112] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.916141] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.916172] ? kasan_save_alloc_info+0x3b/0x50 [ 14.916196] ? kasan_save_stack+0x45/0x70 [ 14.916220] kasan_bitops_generic+0x121/0x1c0 [ 14.916244] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.916270] ? __pfx_read_tsc+0x10/0x10 [ 14.916290] ? ktime_get_ts64+0x86/0x230 [ 14.916314] kunit_try_run_case+0x1a5/0x480 [ 14.916337] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.916360] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.916384] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.916408] ? __kthread_parkme+0x82/0x180 [ 14.916428] ? preempt_count_sub+0x50/0x80 [ 14.916451] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.916476] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.916500] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.916525] kthread+0x337/0x6f0 [ 14.916544] ? trace_preempt_on+0x20/0xc0 [ 14.916568] ? __pfx_kthread+0x10/0x10 [ 14.916588] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.916611] ? calculate_sigpending+0x7b/0xa0 [ 14.916634] ? __pfx_kthread+0x10/0x10 [ 14.916675] ret_from_fork+0x116/0x1d0 [ 14.916696] ? __pfx_kthread+0x10/0x10 [ 14.916717] ret_from_fork_asm+0x1a/0x30 [ 14.916759] </TASK> [ 14.916768] [ 14.929766] Allocated by task 279: [ 14.930373] kasan_save_stack+0x45/0x70 [ 14.930735] kasan_save_track+0x18/0x40 [ 14.930918] kasan_save_alloc_info+0x3b/0x50 [ 14.931319] __kasan_kmalloc+0xb7/0xc0 [ 14.931504] __kmalloc_cache_noprof+0x189/0x420 [ 14.932002] kasan_bitops_generic+0x92/0x1c0 [ 14.932220] kunit_try_run_case+0x1a5/0x480 [ 14.932501] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.932992] kthread+0x337/0x6f0 [ 14.933278] ret_from_fork+0x116/0x1d0 [ 14.933556] ret_from_fork_asm+0x1a/0x30 [ 14.933970] [ 14.934162] The buggy address belongs to the object at ffff888102894300 [ 14.934162] which belongs to the cache kmalloc-16 of size 16 [ 14.935140] The buggy address is located 8 bytes inside of [ 14.935140] allocated 9-byte region [ffff888102894300, ffff888102894309) [ 14.935620] [ 14.935967] The buggy address belongs to the physical page: [ 14.936218] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102894 [ 14.936531] flags: 0x200000000000000(node=0|zone=2) [ 14.937035] page_type: f5(slab) [ 14.937297] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.937900] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.938251] page dumped because: kasan: bad access detected [ 14.938575] [ 14.938856] Memory state around the buggy address: [ 14.939073] ffff888102894200: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 14.939471] ffff888102894280: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.940124] >ffff888102894300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.940524] ^ [ 14.940911] ffff888102894380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.941322] ffff888102894400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.941718] ================================================================== [ 14.857265] ================================================================== [ 14.857577] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.858075] Write of size 8 at addr ffff888102894308 by task kunit_try_catch/279 [ 14.859008] [ 14.859315] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.859362] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.859375] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.859395] Call Trace: [ 14.859413] <TASK> [ 14.859429] dump_stack_lvl+0x73/0xb0 [ 14.859461] print_report+0xd1/0x650 [ 14.859485] ? __virt_addr_valid+0x1db/0x2d0 [ 14.859508] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.859537] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.859562] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.859591] kasan_report+0x141/0x180 [ 14.859613] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.859666] kasan_check_range+0x10c/0x1c0 [ 14.859691] __kasan_check_write+0x18/0x20 [ 14.859711] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.859740] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.859785] ? kasan_save_alloc_info+0x3b/0x50 [ 14.859809] ? kasan_save_stack+0x45/0x70 [ 14.859833] kasan_bitops_generic+0x121/0x1c0 [ 14.859858] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.859884] ? __pfx_read_tsc+0x10/0x10 [ 14.859905] ? ktime_get_ts64+0x86/0x230 [ 14.859930] kunit_try_run_case+0x1a5/0x480 [ 14.859954] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.859977] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.860002] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.860027] ? __kthread_parkme+0x82/0x180 [ 14.860047] ? preempt_count_sub+0x50/0x80 [ 14.860070] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.860095] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.860120] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.860144] kthread+0x337/0x6f0 [ 14.860164] ? trace_preempt_on+0x20/0xc0 [ 14.860188] ? __pfx_kthread+0x10/0x10 [ 14.860210] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.860232] ? calculate_sigpending+0x7b/0xa0 [ 14.860257] ? __pfx_kthread+0x10/0x10 [ 14.860279] ret_from_fork+0x116/0x1d0 [ 14.860297] ? __pfx_kthread+0x10/0x10 [ 14.860318] ret_from_fork_asm+0x1a/0x30 [ 14.860349] </TASK> [ 14.860360] [ 14.873483] Allocated by task 279: [ 14.873625] kasan_save_stack+0x45/0x70 [ 14.874100] kasan_save_track+0x18/0x40 [ 14.874373] kasan_save_alloc_info+0x3b/0x50 [ 14.874672] __kasan_kmalloc+0xb7/0xc0 [ 14.875046] __kmalloc_cache_noprof+0x189/0x420 [ 14.875353] kasan_bitops_generic+0x92/0x1c0 [ 14.875558] kunit_try_run_case+0x1a5/0x480 [ 14.876092] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.876336] kthread+0x337/0x6f0 [ 14.876601] ret_from_fork+0x116/0x1d0 [ 14.877047] ret_from_fork_asm+0x1a/0x30 [ 14.877251] [ 14.877346] The buggy address belongs to the object at ffff888102894300 [ 14.877346] which belongs to the cache kmalloc-16 of size 16 [ 14.878282] The buggy address is located 8 bytes inside of [ 14.878282] allocated 9-byte region [ffff888102894300, ffff888102894309) [ 14.879125] [ 14.879232] The buggy address belongs to the physical page: [ 14.879439] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102894 [ 14.880002] flags: 0x200000000000000(node=0|zone=2) [ 14.880334] page_type: f5(slab) [ 14.880590] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.881223] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.881732] page dumped because: kasan: bad access detected [ 14.881942] [ 14.882215] Memory state around the buggy address: [ 14.882553] ffff888102894200: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 14.882970] ffff888102894280: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.883278] >ffff888102894300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.883842] ^ [ 14.884145] ffff888102894380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.884475] ffff888102894400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.884869] ================================================================== [ 15.051178] ================================================================== [ 15.051623] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.052118] Read of size 8 at addr ffff888102894308 by task kunit_try_catch/279 [ 15.052403] [ 15.052527] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.052579] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.052591] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.052611] Call Trace: [ 15.052704] <TASK> [ 15.052725] dump_stack_lvl+0x73/0xb0 [ 15.052767] print_report+0xd1/0x650 [ 15.052790] ? __virt_addr_valid+0x1db/0x2d0 [ 15.052813] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.052843] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.052868] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.052897] kasan_report+0x141/0x180 [ 15.052929] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.052962] __asan_report_load8_noabort+0x18/0x20 [ 15.052999] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.053037] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.053069] ? kasan_save_alloc_info+0x3b/0x50 [ 15.053103] ? kasan_save_stack+0x45/0x70 [ 15.053127] kasan_bitops_generic+0x121/0x1c0 [ 15.053150] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.053176] ? __pfx_read_tsc+0x10/0x10 [ 15.053197] ? ktime_get_ts64+0x86/0x230 [ 15.053223] kunit_try_run_case+0x1a5/0x480 [ 15.053257] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.053281] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.053307] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.053342] ? __kthread_parkme+0x82/0x180 [ 15.053362] ? preempt_count_sub+0x50/0x80 [ 15.053386] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.053410] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.053435] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.053469] kthread+0x337/0x6f0 [ 15.053488] ? trace_preempt_on+0x20/0xc0 [ 15.053512] ? __pfx_kthread+0x10/0x10 [ 15.053543] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.053565] ? calculate_sigpending+0x7b/0xa0 [ 15.053589] ? __pfx_kthread+0x10/0x10 [ 15.053610] ret_from_fork+0x116/0x1d0 [ 15.053689] ? __pfx_kthread+0x10/0x10 [ 15.053714] ret_from_fork_asm+0x1a/0x30 [ 15.053756] </TASK> [ 15.053767] [ 15.066980] Allocated by task 279: [ 15.067309] kasan_save_stack+0x45/0x70 [ 15.067696] kasan_save_track+0x18/0x40 [ 15.068182] kasan_save_alloc_info+0x3b/0x50 [ 15.068697] __kasan_kmalloc+0xb7/0xc0 [ 15.069093] __kmalloc_cache_noprof+0x189/0x420 [ 15.069280] kasan_bitops_generic+0x92/0x1c0 [ 15.069762] kunit_try_run_case+0x1a5/0x480 [ 15.070150] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.070332] kthread+0x337/0x6f0 [ 15.070625] ret_from_fork+0x116/0x1d0 [ 15.071067] ret_from_fork_asm+0x1a/0x30 [ 15.071548] [ 15.071762] The buggy address belongs to the object at ffff888102894300 [ 15.071762] which belongs to the cache kmalloc-16 of size 16 [ 15.072317] The buggy address is located 8 bytes inside of [ 15.072317] allocated 9-byte region [ffff888102894300, ffff888102894309) [ 15.072692] [ 15.072787] The buggy address belongs to the physical page: [ 15.073384] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102894 [ 15.073733] flags: 0x200000000000000(node=0|zone=2) [ 15.074158] page_type: f5(slab) [ 15.074353] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.074666] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.075042] page dumped because: kasan: bad access detected [ 15.075349] [ 15.075442] Memory state around the buggy address: [ 15.075667] ffff888102894200: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 15.076110] ffff888102894280: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.076392] >ffff888102894300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.076906] ^ [ 15.077088] ffff888102894380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.077477] ffff888102894400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.077920] ================================================================== [ 14.885501] ================================================================== [ 14.886230] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.886646] Write of size 8 at addr ffff888102894308 by task kunit_try_catch/279 [ 14.887369] [ 14.887591] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.887805] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.887824] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.887844] Call Trace: [ 14.887859] <TASK> [ 14.887875] dump_stack_lvl+0x73/0xb0 [ 14.887906] print_report+0xd1/0x650 [ 14.887927] ? __virt_addr_valid+0x1db/0x2d0 [ 14.887951] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.887981] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.888005] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.888035] kasan_report+0x141/0x180 [ 14.888056] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.888090] kasan_check_range+0x10c/0x1c0 [ 14.888114] __kasan_check_write+0x18/0x20 [ 14.888133] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.888162] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.888195] ? kasan_save_alloc_info+0x3b/0x50 [ 14.888218] ? kasan_save_stack+0x45/0x70 [ 14.888242] kasan_bitops_generic+0x121/0x1c0 [ 14.888265] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.888291] ? __pfx_read_tsc+0x10/0x10 [ 14.888311] ? ktime_get_ts64+0x86/0x230 [ 14.888336] kunit_try_run_case+0x1a5/0x480 [ 14.888359] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.888383] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.888407] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.888431] ? __kthread_parkme+0x82/0x180 [ 14.888451] ? preempt_count_sub+0x50/0x80 [ 14.888475] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.888500] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.888524] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.888550] kthread+0x337/0x6f0 [ 14.888569] ? trace_preempt_on+0x20/0xc0 [ 14.888592] ? __pfx_kthread+0x10/0x10 [ 14.888613] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.888634] ? calculate_sigpending+0x7b/0xa0 [ 14.888722] ? __pfx_kthread+0x10/0x10 [ 14.888743] ret_from_fork+0x116/0x1d0 [ 14.888774] ? __pfx_kthread+0x10/0x10 [ 14.888794] ret_from_fork_asm+0x1a/0x30 [ 14.888825] </TASK> [ 14.888836] [ 14.901205] Allocated by task 279: [ 14.901526] kasan_save_stack+0x45/0x70 [ 14.901951] kasan_save_track+0x18/0x40 [ 14.902262] kasan_save_alloc_info+0x3b/0x50 [ 14.902482] __kasan_kmalloc+0xb7/0xc0 [ 14.903144] __kmalloc_cache_noprof+0x189/0x420 [ 14.903361] kasan_bitops_generic+0x92/0x1c0 [ 14.903645] kunit_try_run_case+0x1a5/0x480 [ 14.903979] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.904235] kthread+0x337/0x6f0 [ 14.904395] ret_from_fork+0x116/0x1d0 [ 14.904533] ret_from_fork_asm+0x1a/0x30 [ 14.905118] [ 14.905218] The buggy address belongs to the object at ffff888102894300 [ 14.905218] which belongs to the cache kmalloc-16 of size 16 [ 14.906066] The buggy address is located 8 bytes inside of [ 14.906066] allocated 9-byte region [ffff888102894300, ffff888102894309) [ 14.906945] [ 14.907058] The buggy address belongs to the physical page: [ 14.907263] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102894 [ 14.907868] flags: 0x200000000000000(node=0|zone=2) [ 14.908264] page_type: f5(slab) [ 14.908466] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.909138] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.909611] page dumped because: kasan: bad access detected [ 14.910002] [ 14.910107] Memory state around the buggy address: [ 14.910326] ffff888102894200: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 14.910595] ffff888102894280: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.911203] >ffff888102894300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.911568] ^ [ 14.912048] ffff888102894380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.912375] ffff888102894400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.912664] ================================================================== [ 14.970557] ================================================================== [ 14.970809] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.972350] Write of size 8 at addr ffff888102894308 by task kunit_try_catch/279 [ 14.972596] [ 14.972693] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.972738] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.972761] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.972781] Call Trace: [ 14.972796] <TASK> [ 14.973280] dump_stack_lvl+0x73/0xb0 [ 14.973321] print_report+0xd1/0x650 [ 14.973352] ? __virt_addr_valid+0x1db/0x2d0 [ 14.973375] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.973416] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.973456] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.973485] kasan_report+0x141/0x180 [ 14.973507] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.973541] kasan_check_range+0x10c/0x1c0 [ 14.973566] __kasan_check_write+0x18/0x20 [ 14.973585] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.973614] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.973655] ? kasan_save_alloc_info+0x3b/0x50 [ 14.973696] ? kasan_save_stack+0x45/0x70 [ 14.973719] kasan_bitops_generic+0x121/0x1c0 [ 14.973743] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.973778] ? __pfx_read_tsc+0x10/0x10 [ 14.973799] ? ktime_get_ts64+0x86/0x230 [ 14.973823] kunit_try_run_case+0x1a5/0x480 [ 14.973847] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.973870] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.973894] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.973918] ? __kthread_parkme+0x82/0x180 [ 14.973939] ? preempt_count_sub+0x50/0x80 [ 14.973962] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.973987] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.974011] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.974036] kthread+0x337/0x6f0 [ 14.974055] ? trace_preempt_on+0x20/0xc0 [ 14.974078] ? __pfx_kthread+0x10/0x10 [ 14.974099] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.974121] ? calculate_sigpending+0x7b/0xa0 [ 14.974145] ? __pfx_kthread+0x10/0x10 [ 14.974166] ret_from_fork+0x116/0x1d0 [ 14.974184] ? __pfx_kthread+0x10/0x10 [ 14.974205] ret_from_fork_asm+0x1a/0x30 [ 14.974234] </TASK> [ 14.974245] [ 14.983644] Allocated by task 279: [ 14.983831] kasan_save_stack+0x45/0x70 [ 14.984032] kasan_save_track+0x18/0x40 [ 14.984226] kasan_save_alloc_info+0x3b/0x50 [ 14.984425] __kasan_kmalloc+0xb7/0xc0 [ 14.984594] __kmalloc_cache_noprof+0x189/0x420 [ 14.984831] kasan_bitops_generic+0x92/0x1c0 [ 14.985029] kunit_try_run_case+0x1a5/0x480 [ 14.985175] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.985350] kthread+0x337/0x6f0 [ 14.985494] ret_from_fork+0x116/0x1d0 [ 14.985694] ret_from_fork_asm+0x1a/0x30 [ 14.986124] [ 14.986244] The buggy address belongs to the object at ffff888102894300 [ 14.986244] which belongs to the cache kmalloc-16 of size 16 [ 14.986642] The buggy address is located 8 bytes inside of [ 14.986642] allocated 9-byte region [ffff888102894300, ffff888102894309) [ 14.987208] [ 14.987294] The buggy address belongs to the physical page: [ 14.987524] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102894 [ 14.987917] flags: 0x200000000000000(node=0|zone=2) [ 14.988126] page_type: f5(slab) [ 14.988248] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.988528] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.989184] page dumped because: kasan: bad access detected [ 14.989448] [ 14.989545] Memory state around the buggy address: [ 14.989879] ffff888102894200: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 14.990190] ffff888102894280: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.990472] >ffff888102894300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.990840] ^ [ 14.990968] ffff888102894380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.991186] ffff888102894400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.991400] ================================================================== [ 14.992029] ================================================================== [ 14.992374] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.992885] Write of size 8 at addr ffff888102894308 by task kunit_try_catch/279 [ 14.993114] [ 14.993197] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.993238] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.993250] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.993269] Call Trace: [ 14.993284] <TASK> [ 14.993298] dump_stack_lvl+0x73/0xb0 [ 14.993326] print_report+0xd1/0x650 [ 14.993349] ? __virt_addr_valid+0x1db/0x2d0 [ 14.993371] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.993401] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.993425] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.993455] kasan_report+0x141/0x180 [ 14.993478] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.993512] kasan_check_range+0x10c/0x1c0 [ 14.993535] __kasan_check_write+0x18/0x20 [ 14.993555] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.993584] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.993615] ? kasan_save_alloc_info+0x3b/0x50 [ 14.993638] ? kasan_save_stack+0x45/0x70 [ 14.993718] kasan_bitops_generic+0x121/0x1c0 [ 14.993757] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.993783] ? __pfx_read_tsc+0x10/0x10 [ 14.993803] ? ktime_get_ts64+0x86/0x230 [ 14.993827] kunit_try_run_case+0x1a5/0x480 [ 14.993851] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.993873] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.993898] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.993921] ? __kthread_parkme+0x82/0x180 [ 14.993941] ? preempt_count_sub+0x50/0x80 [ 14.993965] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.993989] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.994014] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.994040] kthread+0x337/0x6f0 [ 14.994059] ? trace_preempt_on+0x20/0xc0 [ 14.994082] ? __pfx_kthread+0x10/0x10 [ 14.994103] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.994124] ? calculate_sigpending+0x7b/0xa0 [ 14.994147] ? __pfx_kthread+0x10/0x10 [ 14.994168] ret_from_fork+0x116/0x1d0 [ 14.994186] ? __pfx_kthread+0x10/0x10 [ 14.994207] ret_from_fork_asm+0x1a/0x30 [ 14.994236] </TASK> [ 14.994247] [ 15.002473] Allocated by task 279: [ 15.002640] kasan_save_stack+0x45/0x70 [ 15.002875] kasan_save_track+0x18/0x40 [ 15.003069] kasan_save_alloc_info+0x3b/0x50 [ 15.003285] __kasan_kmalloc+0xb7/0xc0 [ 15.003454] __kmalloc_cache_noprof+0x189/0x420 [ 15.003708] kasan_bitops_generic+0x92/0x1c0 [ 15.003917] kunit_try_run_case+0x1a5/0x480 [ 15.004086] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.004344] kthread+0x337/0x6f0 [ 15.004487] ret_from_fork+0x116/0x1d0 [ 15.004719] ret_from_fork_asm+0x1a/0x30 [ 15.004994] [ 15.005080] The buggy address belongs to the object at ffff888102894300 [ 15.005080] which belongs to the cache kmalloc-16 of size 16 [ 15.005487] The buggy address is located 8 bytes inside of [ 15.005487] allocated 9-byte region [ffff888102894300, ffff888102894309) [ 15.006052] [ 15.006121] The buggy address belongs to the physical page: [ 15.006289] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102894 [ 15.006529] flags: 0x200000000000000(node=0|zone=2) [ 15.006687] page_type: f5(slab) [ 15.006911] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.007254] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.007586] page dumped because: kasan: bad access detected [ 15.008054] [ 15.008147] Memory state around the buggy address: [ 15.008827] ffff888102894200: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 15.009070] ffff888102894280: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.009285] >ffff888102894300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.009496] ^ [ 15.009714] ffff888102894380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.010051] ffff888102894400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.010372] ================================================================== [ 14.942227] ================================================================== [ 14.942468] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.943529] Write of size 8 at addr ffff888102894308 by task kunit_try_catch/279 [ 14.944098] [ 14.944412] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.944463] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.944475] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.944495] Call Trace: [ 14.944512] <TASK> [ 14.944528] dump_stack_lvl+0x73/0xb0 [ 14.944558] print_report+0xd1/0x650 [ 14.944582] ? __virt_addr_valid+0x1db/0x2d0 [ 14.944606] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.944635] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.944725] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.944768] kasan_report+0x141/0x180 [ 14.944792] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.944826] kasan_check_range+0x10c/0x1c0 [ 14.944849] __kasan_check_write+0x18/0x20 [ 14.944869] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.944898] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.944930] ? kasan_save_alloc_info+0x3b/0x50 [ 14.944954] ? kasan_save_stack+0x45/0x70 [ 14.944977] kasan_bitops_generic+0x121/0x1c0 [ 14.945001] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.945027] ? __pfx_read_tsc+0x10/0x10 [ 14.945048] ? ktime_get_ts64+0x86/0x230 [ 14.945074] kunit_try_run_case+0x1a5/0x480 [ 14.945098] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.945122] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.945148] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.945173] ? __kthread_parkme+0x82/0x180 [ 14.945192] ? preempt_count_sub+0x50/0x80 [ 14.945216] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.945241] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.945266] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.945293] kthread+0x337/0x6f0 [ 14.945312] ? trace_preempt_on+0x20/0xc0 [ 14.945336] ? __pfx_kthread+0x10/0x10 [ 14.945357] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.945379] ? calculate_sigpending+0x7b/0xa0 [ 14.945403] ? __pfx_kthread+0x10/0x10 [ 14.945425] ret_from_fork+0x116/0x1d0 [ 14.945444] ? __pfx_kthread+0x10/0x10 [ 14.945464] ret_from_fork_asm+0x1a/0x30 [ 14.945495] </TASK> [ 14.945506] [ 14.958178] Allocated by task 279: [ 14.958364] kasan_save_stack+0x45/0x70 [ 14.958568] kasan_save_track+0x18/0x40 [ 14.959169] kasan_save_alloc_info+0x3b/0x50 [ 14.959375] __kasan_kmalloc+0xb7/0xc0 [ 14.959632] __kmalloc_cache_noprof+0x189/0x420 [ 14.960100] kasan_bitops_generic+0x92/0x1c0 [ 14.960538] kunit_try_run_case+0x1a5/0x480 [ 14.960891] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.961224] kthread+0x337/0x6f0 [ 14.961389] ret_from_fork+0x116/0x1d0 [ 14.961564] ret_from_fork_asm+0x1a/0x30 [ 14.961801] [ 14.962282] The buggy address belongs to the object at ffff888102894300 [ 14.962282] which belongs to the cache kmalloc-16 of size 16 [ 14.962973] The buggy address is located 8 bytes inside of [ 14.962973] allocated 9-byte region [ffff888102894300, ffff888102894309) [ 14.963780] [ 14.963889] The buggy address belongs to the physical page: [ 14.964123] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102894 [ 14.964435] flags: 0x200000000000000(node=0|zone=2) [ 14.964668] page_type: f5(slab) [ 14.965261] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.965578] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.966248] page dumped because: kasan: bad access detected [ 14.966613] [ 14.966876] Memory state around the buggy address: [ 14.967199] ffff888102894200: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 14.967611] ffff888102894280: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.968254] >ffff888102894300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.968623] ^ [ 14.969086] ffff888102894380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.969515] ffff888102894400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.970087] ================================================================== [ 15.030100] ================================================================== [ 15.030445] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.031317] Read of size 8 at addr ffff888102894308 by task kunit_try_catch/279 [ 15.031726] [ 15.031839] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.031879] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.031890] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.031910] Call Trace: [ 15.031925] <TASK> [ 15.031940] dump_stack_lvl+0x73/0xb0 [ 15.031969] print_report+0xd1/0x650 [ 15.031991] ? __virt_addr_valid+0x1db/0x2d0 [ 15.032013] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.032043] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.032066] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.032096] kasan_report+0x141/0x180 [ 15.032118] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.032152] kasan_check_range+0x10c/0x1c0 [ 15.032176] __kasan_check_read+0x15/0x20 [ 15.032195] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.032224] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.032255] ? kasan_save_alloc_info+0x3b/0x50 [ 15.032278] ? kasan_save_stack+0x45/0x70 [ 15.032301] kasan_bitops_generic+0x121/0x1c0 [ 15.032326] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.032351] ? __pfx_read_tsc+0x10/0x10 [ 15.032372] ? ktime_get_ts64+0x86/0x230 [ 15.032397] kunit_try_run_case+0x1a5/0x480 [ 15.032421] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.032444] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.032468] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.032493] ? __kthread_parkme+0x82/0x180 [ 15.032513] ? preempt_count_sub+0x50/0x80 [ 15.032535] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.032560] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.032585] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.032610] kthread+0x337/0x6f0 [ 15.032629] ? trace_preempt_on+0x20/0xc0 [ 15.032714] ? __pfx_kthread+0x10/0x10 [ 15.032735] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.032770] ? calculate_sigpending+0x7b/0xa0 [ 15.032795] ? __pfx_kthread+0x10/0x10 [ 15.032815] ret_from_fork+0x116/0x1d0 [ 15.032834] ? __pfx_kthread+0x10/0x10 [ 15.032855] ret_from_fork_asm+0x1a/0x30 [ 15.032885] </TASK> [ 15.032895] [ 15.041489] Allocated by task 279: [ 15.041710] kasan_save_stack+0x45/0x70 [ 15.041892] kasan_save_track+0x18/0x40 [ 15.042052] kasan_save_alloc_info+0x3b/0x50 [ 15.042255] __kasan_kmalloc+0xb7/0xc0 [ 15.042438] __kmalloc_cache_noprof+0x189/0x420 [ 15.042614] kasan_bitops_generic+0x92/0x1c0 [ 15.042771] kunit_try_run_case+0x1a5/0x480 [ 15.042918] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.043093] kthread+0x337/0x6f0 [ 15.043213] ret_from_fork+0x116/0x1d0 [ 15.043344] ret_from_fork_asm+0x1a/0x30 [ 15.043481] [ 15.043549] The buggy address belongs to the object at ffff888102894300 [ 15.043549] which belongs to the cache kmalloc-16 of size 16 [ 15.044493] The buggy address is located 8 bytes inside of [ 15.044493] allocated 9-byte region [ffff888102894300, ffff888102894309) [ 15.045019] [ 15.045112] The buggy address belongs to the physical page: [ 15.045320] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102894 [ 15.045553] flags: 0x200000000000000(node=0|zone=2) [ 15.045710] page_type: f5(slab) [ 15.047035] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.047426] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.047835] page dumped because: kasan: bad access detected [ 15.048086] [ 15.048183] Memory state around the buggy address: [ 15.048376] ffff888102894200: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 15.048603] ffff888102894280: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.049017] >ffff888102894300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.049327] ^ [ 15.049476] ffff888102894380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.049857] ffff888102894400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.050172] ================================================================== [ 15.010976] ================================================================== [ 15.011292] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.011592] Write of size 8 at addr ffff888102894308 by task kunit_try_catch/279 [ 15.012125] [ 15.012211] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.012253] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.012265] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.012285] Call Trace: [ 15.012298] <TASK> [ 15.012312] dump_stack_lvl+0x73/0xb0 [ 15.012341] print_report+0xd1/0x650 [ 15.012364] ? __virt_addr_valid+0x1db/0x2d0 [ 15.012388] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.012417] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.012441] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.012471] kasan_report+0x141/0x180 [ 15.012493] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.012526] kasan_check_range+0x10c/0x1c0 [ 15.012550] __kasan_check_write+0x18/0x20 [ 15.012569] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.012598] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.012630] ? kasan_save_alloc_info+0x3b/0x50 [ 15.012653] ? kasan_save_stack+0x45/0x70 [ 15.012677] kasan_bitops_generic+0x121/0x1c0 [ 15.012701] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.012726] ? __pfx_read_tsc+0x10/0x10 [ 15.012759] ? ktime_get_ts64+0x86/0x230 [ 15.012837] kunit_try_run_case+0x1a5/0x480 [ 15.012863] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.012887] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.012912] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.012938] ? __kthread_parkme+0x82/0x180 [ 15.012958] ? preempt_count_sub+0x50/0x80 [ 15.012984] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.013008] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.013032] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.013058] kthread+0x337/0x6f0 [ 15.013077] ? trace_preempt_on+0x20/0xc0 [ 15.013101] ? __pfx_kthread+0x10/0x10 [ 15.013121] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.013143] ? calculate_sigpending+0x7b/0xa0 [ 15.013166] ? __pfx_kthread+0x10/0x10 [ 15.013188] ret_from_fork+0x116/0x1d0 [ 15.013206] ? __pfx_kthread+0x10/0x10 [ 15.013227] ret_from_fork_asm+0x1a/0x30 [ 15.013257] </TASK> [ 15.013267] [ 15.021620] Allocated by task 279: [ 15.021825] kasan_save_stack+0x45/0x70 [ 15.022028] kasan_save_track+0x18/0x40 [ 15.022220] kasan_save_alloc_info+0x3b/0x50 [ 15.022435] __kasan_kmalloc+0xb7/0xc0 [ 15.022758] __kmalloc_cache_noprof+0x189/0x420 [ 15.022921] kasan_bitops_generic+0x92/0x1c0 [ 15.023096] kunit_try_run_case+0x1a5/0x480 [ 15.023308] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.023571] kthread+0x337/0x6f0 [ 15.023893] ret_from_fork+0x116/0x1d0 [ 15.024062] ret_from_fork_asm+0x1a/0x30 [ 15.024225] [ 15.024295] The buggy address belongs to the object at ffff888102894300 [ 15.024295] which belongs to the cache kmalloc-16 of size 16 [ 15.024991] The buggy address is located 8 bytes inside of [ 15.024991] allocated 9-byte region [ffff888102894300, ffff888102894309) [ 15.025487] [ 15.025573] The buggy address belongs to the physical page: [ 15.025934] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102894 [ 15.026305] flags: 0x200000000000000(node=0|zone=2) [ 15.026603] page_type: f5(slab) [ 15.026757] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.027226] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.027539] page dumped because: kasan: bad access detected [ 15.027834] [ 15.027938] Memory state around the buggy address: [ 15.028129] ffff888102894200: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 15.028411] ffff888102894280: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.028819] >ffff888102894300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.029034] ^ [ 15.029156] ffff888102894380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.029371] ffff888102894400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.029581] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 14.744060] ================================================================== [ 14.744356] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.744763] Write of size 8 at addr ffff888102894308 by task kunit_try_catch/279 [ 14.745046] [ 14.745152] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.745193] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.745205] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.745225] Call Trace: [ 14.745239] <TASK> [ 14.745254] dump_stack_lvl+0x73/0xb0 [ 14.745281] print_report+0xd1/0x650 [ 14.745302] ? __virt_addr_valid+0x1db/0x2d0 [ 14.745325] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.745351] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.745375] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.745402] kasan_report+0x141/0x180 [ 14.745424] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.745457] kasan_check_range+0x10c/0x1c0 [ 14.745482] __kasan_check_write+0x18/0x20 [ 14.745502] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.745529] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.745558] ? kasan_save_alloc_info+0x3b/0x50 [ 14.745582] ? kasan_save_stack+0x45/0x70 [ 14.745606] kasan_bitops_generic+0x116/0x1c0 [ 14.745630] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.745671] ? __pfx_read_tsc+0x10/0x10 [ 14.745692] ? ktime_get_ts64+0x86/0x230 [ 14.745715] kunit_try_run_case+0x1a5/0x480 [ 14.745739] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.745774] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.745798] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.745822] ? __kthread_parkme+0x82/0x180 [ 14.745842] ? preempt_count_sub+0x50/0x80 [ 14.745866] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.745891] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.745916] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.745942] kthread+0x337/0x6f0 [ 14.745961] ? trace_preempt_on+0x20/0xc0 [ 14.745985] ? __pfx_kthread+0x10/0x10 [ 14.746008] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.746029] ? calculate_sigpending+0x7b/0xa0 [ 14.746053] ? __pfx_kthread+0x10/0x10 [ 14.746074] ret_from_fork+0x116/0x1d0 [ 14.746094] ? __pfx_kthread+0x10/0x10 [ 14.746115] ret_from_fork_asm+0x1a/0x30 [ 14.746145] </TASK> [ 14.746154] [ 14.754078] Allocated by task 279: [ 14.754247] kasan_save_stack+0x45/0x70 [ 14.754455] kasan_save_track+0x18/0x40 [ 14.754619] kasan_save_alloc_info+0x3b/0x50 [ 14.754877] __kasan_kmalloc+0xb7/0xc0 [ 14.755063] __kmalloc_cache_noprof+0x189/0x420 [ 14.755260] kasan_bitops_generic+0x92/0x1c0 [ 14.755446] kunit_try_run_case+0x1a5/0x480 [ 14.755591] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.755872] kthread+0x337/0x6f0 [ 14.756104] ret_from_fork+0x116/0x1d0 [ 14.756608] ret_from_fork_asm+0x1a/0x30 [ 14.756812] [ 14.756885] The buggy address belongs to the object at ffff888102894300 [ 14.756885] which belongs to the cache kmalloc-16 of size 16 [ 14.757235] The buggy address is located 8 bytes inside of [ 14.757235] allocated 9-byte region [ffff888102894300, ffff888102894309) [ 14.757581] [ 14.757650] The buggy address belongs to the physical page: [ 14.757905] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102894 [ 14.758645] flags: 0x200000000000000(node=0|zone=2) [ 14.759048] page_type: f5(slab) [ 14.759170] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.759398] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.759620] page dumped because: kasan: bad access detected [ 14.759800] [ 14.759868] Memory state around the buggy address: [ 14.760022] ffff888102894200: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 14.760594] ffff888102894280: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.761330] >ffff888102894300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.761651] ^ [ 14.762167] ffff888102894380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.762518] ffff888102894400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.762859] ================================================================== [ 14.763341] ================================================================== [ 14.763836] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.764097] Write of size 8 at addr ffff888102894308 by task kunit_try_catch/279 [ 14.764428] [ 14.764536] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.764576] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.764587] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.764607] Call Trace: [ 14.764621] <TASK> [ 14.764634] dump_stack_lvl+0x73/0xb0 [ 14.764680] print_report+0xd1/0x650 [ 14.764703] ? __virt_addr_valid+0x1db/0x2d0 [ 14.764726] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.764764] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.764788] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.764814] kasan_report+0x141/0x180 [ 14.764836] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.764867] kasan_check_range+0x10c/0x1c0 [ 14.764891] __kasan_check_write+0x18/0x20 [ 14.764911] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.764937] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.764966] ? kasan_save_alloc_info+0x3b/0x50 [ 14.764990] ? kasan_save_stack+0x45/0x70 [ 14.765014] kasan_bitops_generic+0x116/0x1c0 [ 14.765039] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.765064] ? __pfx_read_tsc+0x10/0x10 [ 14.765086] ? ktime_get_ts64+0x86/0x230 [ 14.765113] kunit_try_run_case+0x1a5/0x480 [ 14.765140] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.765163] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.765188] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.765213] ? __kthread_parkme+0x82/0x180 [ 14.765235] ? preempt_count_sub+0x50/0x80 [ 14.765259] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.765283] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.765308] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.765333] kthread+0x337/0x6f0 [ 14.765353] ? trace_preempt_on+0x20/0xc0 [ 14.765378] ? __pfx_kthread+0x10/0x10 [ 14.765398] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.765420] ? calculate_sigpending+0x7b/0xa0 [ 14.765444] ? __pfx_kthread+0x10/0x10 [ 14.765466] ret_from_fork+0x116/0x1d0 [ 14.765485] ? __pfx_kthread+0x10/0x10 [ 14.765506] ret_from_fork_asm+0x1a/0x30 [ 14.765536] </TASK> [ 14.765546] [ 14.773498] Allocated by task 279: [ 14.773710] kasan_save_stack+0x45/0x70 [ 14.773933] kasan_save_track+0x18/0x40 [ 14.774075] kasan_save_alloc_info+0x3b/0x50 [ 14.774288] __kasan_kmalloc+0xb7/0xc0 [ 14.774442] __kmalloc_cache_noprof+0x189/0x420 [ 14.774600] kasan_bitops_generic+0x92/0x1c0 [ 14.775073] kunit_try_run_case+0x1a5/0x480 [ 14.775298] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.775510] kthread+0x337/0x6f0 [ 14.775630] ret_from_fork+0x116/0x1d0 [ 14.775885] ret_from_fork_asm+0x1a/0x30 [ 14.776090] [ 14.776186] The buggy address belongs to the object at ffff888102894300 [ 14.776186] which belongs to the cache kmalloc-16 of size 16 [ 14.776941] The buggy address is located 8 bytes inside of [ 14.776941] allocated 9-byte region [ffff888102894300, ffff888102894309) [ 14.777317] [ 14.777389] The buggy address belongs to the physical page: [ 14.777589] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102894 [ 14.778351] flags: 0x200000000000000(node=0|zone=2) [ 14.778523] page_type: f5(slab) [ 14.778641] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.778968] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.779317] page dumped because: kasan: bad access detected [ 14.779574] [ 14.779718] Memory state around the buggy address: [ 14.779966] ffff888102894200: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 14.780302] ffff888102894280: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.780609] >ffff888102894300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.780923] ^ [ 14.781048] ffff888102894380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.781261] ffff888102894400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.781469] ================================================================== [ 14.724656] ================================================================== [ 14.725477] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.725881] Write of size 8 at addr ffff888102894308 by task kunit_try_catch/279 [ 14.726177] [ 14.726327] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.726377] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.726388] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.726407] Call Trace: [ 14.726423] <TASK> [ 14.726436] dump_stack_lvl+0x73/0xb0 [ 14.726465] print_report+0xd1/0x650 [ 14.726487] ? __virt_addr_valid+0x1db/0x2d0 [ 14.726510] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.726537] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.726561] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.726588] kasan_report+0x141/0x180 [ 14.726610] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.726641] kasan_check_range+0x10c/0x1c0 [ 14.726717] __kasan_check_write+0x18/0x20 [ 14.726737] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.726774] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.726805] ? kasan_save_alloc_info+0x3b/0x50 [ 14.726829] ? kasan_save_stack+0x45/0x70 [ 14.726853] kasan_bitops_generic+0x116/0x1c0 [ 14.726877] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.726902] ? __pfx_read_tsc+0x10/0x10 [ 14.726923] ? ktime_get_ts64+0x86/0x230 [ 14.726948] kunit_try_run_case+0x1a5/0x480 [ 14.726973] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.726997] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.727021] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.727046] ? __kthread_parkme+0x82/0x180 [ 14.727067] ? preempt_count_sub+0x50/0x80 [ 14.727091] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.727116] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.727141] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.727166] kthread+0x337/0x6f0 [ 14.727186] ? trace_preempt_on+0x20/0xc0 [ 14.727210] ? __pfx_kthread+0x10/0x10 [ 14.727230] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.727253] ? calculate_sigpending+0x7b/0xa0 [ 14.727276] ? __pfx_kthread+0x10/0x10 [ 14.727297] ret_from_fork+0x116/0x1d0 [ 14.727316] ? __pfx_kthread+0x10/0x10 [ 14.727336] ret_from_fork_asm+0x1a/0x30 [ 14.727366] </TASK> [ 14.727375] [ 14.735458] Allocated by task 279: [ 14.735756] kasan_save_stack+0x45/0x70 [ 14.735974] kasan_save_track+0x18/0x40 [ 14.736169] kasan_save_alloc_info+0x3b/0x50 [ 14.736391] __kasan_kmalloc+0xb7/0xc0 [ 14.736587] __kmalloc_cache_noprof+0x189/0x420 [ 14.737004] kasan_bitops_generic+0x92/0x1c0 [ 14.737212] kunit_try_run_case+0x1a5/0x480 [ 14.737389] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.737630] kthread+0x337/0x6f0 [ 14.737868] ret_from_fork+0x116/0x1d0 [ 14.738033] ret_from_fork_asm+0x1a/0x30 [ 14.738201] [ 14.738304] The buggy address belongs to the object at ffff888102894300 [ 14.738304] which belongs to the cache kmalloc-16 of size 16 [ 14.738685] The buggy address is located 8 bytes inside of [ 14.738685] allocated 9-byte region [ffff888102894300, ffff888102894309) [ 14.739041] [ 14.739131] The buggy address belongs to the physical page: [ 14.739789] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102894 [ 14.740156] flags: 0x200000000000000(node=0|zone=2) [ 14.740625] page_type: f5(slab) [ 14.740773] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.741004] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.741307] page dumped because: kasan: bad access detected [ 14.741560] [ 14.741651] Memory state around the buggy address: [ 14.741935] ffff888102894200: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 14.742246] ffff888102894280: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.742512] >ffff888102894300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.742842] ^ [ 14.742981] ffff888102894380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.743304] ffff888102894400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.743595] ================================================================== [ 14.829043] ================================================================== [ 14.829613] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.830278] Write of size 8 at addr ffff888102894308 by task kunit_try_catch/279 [ 14.831151] [ 14.831441] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.831490] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.831501] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.831523] Call Trace: [ 14.831536] <TASK> [ 14.831552] dump_stack_lvl+0x73/0xb0 [ 14.831583] print_report+0xd1/0x650 [ 14.831606] ? __virt_addr_valid+0x1db/0x2d0 [ 14.831629] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.831689] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.831713] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.831741] kasan_report+0x141/0x180 [ 14.831776] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.831807] kasan_check_range+0x10c/0x1c0 [ 14.831831] __kasan_check_write+0x18/0x20 [ 14.831850] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.831877] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.831906] ? kasan_save_alloc_info+0x3b/0x50 [ 14.831930] ? kasan_save_stack+0x45/0x70 [ 14.831954] kasan_bitops_generic+0x116/0x1c0 [ 14.831978] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.832004] ? __pfx_read_tsc+0x10/0x10 [ 14.832024] ? ktime_get_ts64+0x86/0x230 [ 14.832048] kunit_try_run_case+0x1a5/0x480 [ 14.832072] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.832096] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.832120] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.832144] ? __kthread_parkme+0x82/0x180 [ 14.832164] ? preempt_count_sub+0x50/0x80 [ 14.832188] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.832213] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.832238] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.832263] kthread+0x337/0x6f0 [ 14.832282] ? trace_preempt_on+0x20/0xc0 [ 14.832305] ? __pfx_kthread+0x10/0x10 [ 14.832326] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.832347] ? calculate_sigpending+0x7b/0xa0 [ 14.832371] ? __pfx_kthread+0x10/0x10 [ 14.832393] ret_from_fork+0x116/0x1d0 [ 14.832411] ? __pfx_kthread+0x10/0x10 [ 14.832431] ret_from_fork_asm+0x1a/0x30 [ 14.832461] </TASK> [ 14.832471] [ 14.844709] Allocated by task 279: [ 14.844899] kasan_save_stack+0x45/0x70 [ 14.845188] kasan_save_track+0x18/0x40 [ 14.845463] kasan_save_alloc_info+0x3b/0x50 [ 14.845940] __kasan_kmalloc+0xb7/0xc0 [ 14.846131] __kmalloc_cache_noprof+0x189/0x420 [ 14.846429] kasan_bitops_generic+0x92/0x1c0 [ 14.846841] kunit_try_run_case+0x1a5/0x480 [ 14.847180] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.847533] kthread+0x337/0x6f0 [ 14.848060] ret_from_fork+0x116/0x1d0 [ 14.848205] ret_from_fork_asm+0x1a/0x30 [ 14.848414] [ 14.848511] The buggy address belongs to the object at ffff888102894300 [ 14.848511] which belongs to the cache kmalloc-16 of size 16 [ 14.849475] The buggy address is located 8 bytes inside of [ 14.849475] allocated 9-byte region [ffff888102894300, ffff888102894309) [ 14.850443] [ 14.850656] The buggy address belongs to the physical page: [ 14.851124] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102894 [ 14.851579] flags: 0x200000000000000(node=0|zone=2) [ 14.851915] page_type: f5(slab) [ 14.852093] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.852377] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.852999] page dumped because: kasan: bad access detected [ 14.853223] [ 14.853494] Memory state around the buggy address: [ 14.853902] ffff888102894200: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 14.854390] ffff888102894280: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.855051] >ffff888102894300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.855343] ^ [ 14.855764] ffff888102894380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.856063] ffff888102894400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.856489] ================================================================== [ 14.702176] ================================================================== [ 14.702910] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.703278] Write of size 8 at addr ffff888102894308 by task kunit_try_catch/279 [ 14.703507] [ 14.703593] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.703637] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.703692] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.703713] Call Trace: [ 14.703725] <TASK> [ 14.703741] dump_stack_lvl+0x73/0xb0 [ 14.703787] print_report+0xd1/0x650 [ 14.703810] ? __virt_addr_valid+0x1db/0x2d0 [ 14.703835] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.703862] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.703896] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.703924] kasan_report+0x141/0x180 [ 14.703946] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.703978] kasan_check_range+0x10c/0x1c0 [ 14.704002] __kasan_check_write+0x18/0x20 [ 14.704021] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.704049] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.704079] ? kasan_save_alloc_info+0x3b/0x50 [ 14.704103] ? kasan_save_stack+0x45/0x70 [ 14.704127] kasan_bitops_generic+0x116/0x1c0 [ 14.704151] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.704176] ? __pfx_read_tsc+0x10/0x10 [ 14.704199] ? ktime_get_ts64+0x86/0x230 [ 14.704225] kunit_try_run_case+0x1a5/0x480 [ 14.704251] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.704274] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.704299] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.704324] ? __kthread_parkme+0x82/0x180 [ 14.704346] ? preempt_count_sub+0x50/0x80 [ 14.704372] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.704397] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.704421] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.704447] kthread+0x337/0x6f0 [ 14.704467] ? trace_preempt_on+0x20/0xc0 [ 14.704492] ? __pfx_kthread+0x10/0x10 [ 14.704512] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.704534] ? calculate_sigpending+0x7b/0xa0 [ 14.704559] ? __pfx_kthread+0x10/0x10 [ 14.704581] ret_from_fork+0x116/0x1d0 [ 14.704599] ? __pfx_kthread+0x10/0x10 [ 14.704620] ret_from_fork_asm+0x1a/0x30 [ 14.704671] </TASK> [ 14.704683] [ 14.716060] Allocated by task 279: [ 14.716242] kasan_save_stack+0x45/0x70 [ 14.716443] kasan_save_track+0x18/0x40 [ 14.716641] kasan_save_alloc_info+0x3b/0x50 [ 14.716905] __kasan_kmalloc+0xb7/0xc0 [ 14.717186] __kmalloc_cache_noprof+0x189/0x420 [ 14.717352] kasan_bitops_generic+0x92/0x1c0 [ 14.717502] kunit_try_run_case+0x1a5/0x480 [ 14.717831] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.718102] kthread+0x337/0x6f0 [ 14.718275] ret_from_fork+0x116/0x1d0 [ 14.718456] ret_from_fork_asm+0x1a/0x30 [ 14.718647] [ 14.718717] The buggy address belongs to the object at ffff888102894300 [ 14.718717] which belongs to the cache kmalloc-16 of size 16 [ 14.719338] The buggy address is located 8 bytes inside of [ 14.719338] allocated 9-byte region [ffff888102894300, ffff888102894309) [ 14.720201] [ 14.720306] The buggy address belongs to the physical page: [ 14.720567] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102894 [ 14.720991] flags: 0x200000000000000(node=0|zone=2) [ 14.721162] page_type: f5(slab) [ 14.721283] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.721611] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.721955] page dumped because: kasan: bad access detected [ 14.722304] [ 14.722381] Memory state around the buggy address: [ 14.722543] ffff888102894200: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 14.722946] ffff888102894280: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.723268] >ffff888102894300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.723547] ^ [ 14.723705] ffff888102894380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.724017] ffff888102894400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.724228] ================================================================== [ 14.670871] ================================================================== [ 14.671906] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.672175] Write of size 8 at addr ffff888102894308 by task kunit_try_catch/279 [ 14.672399] [ 14.672491] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.672535] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.672546] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.672568] Call Trace: [ 14.672581] <TASK> [ 14.672598] dump_stack_lvl+0x73/0xb0 [ 14.672627] print_report+0xd1/0x650 [ 14.672936] ? __virt_addr_valid+0x1db/0x2d0 [ 14.672967] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.672995] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.673020] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.673048] kasan_report+0x141/0x180 [ 14.673246] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.673283] kasan_check_range+0x10c/0x1c0 [ 14.673308] __kasan_check_write+0x18/0x20 [ 14.673331] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.673359] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.673390] ? kasan_save_alloc_info+0x3b/0x50 [ 14.673414] ? kasan_save_stack+0x45/0x70 [ 14.673439] kasan_bitops_generic+0x116/0x1c0 [ 14.673463] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.673489] ? __pfx_read_tsc+0x10/0x10 [ 14.673510] ? ktime_get_ts64+0x86/0x230 [ 14.673534] kunit_try_run_case+0x1a5/0x480 [ 14.673559] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.673582] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.673606] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.673631] ? __kthread_parkme+0x82/0x180 [ 14.673670] ? preempt_count_sub+0x50/0x80 [ 14.673704] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.673743] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.673779] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.673804] kthread+0x337/0x6f0 [ 14.673823] ? trace_preempt_on+0x20/0xc0 [ 14.673849] ? __pfx_kthread+0x10/0x10 [ 14.673870] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.673893] ? calculate_sigpending+0x7b/0xa0 [ 14.673918] ? __pfx_kthread+0x10/0x10 [ 14.673939] ret_from_fork+0x116/0x1d0 [ 14.673957] ? __pfx_kthread+0x10/0x10 [ 14.673978] ret_from_fork_asm+0x1a/0x30 [ 14.674008] </TASK> [ 14.674020] [ 14.688975] Allocated by task 279: [ 14.689310] kasan_save_stack+0x45/0x70 [ 14.689600] kasan_save_track+0x18/0x40 [ 14.689954] kasan_save_alloc_info+0x3b/0x50 [ 14.690410] __kasan_kmalloc+0xb7/0xc0 [ 14.690671] __kmalloc_cache_noprof+0x189/0x420 [ 14.691110] kasan_bitops_generic+0x92/0x1c0 [ 14.691261] kunit_try_run_case+0x1a5/0x480 [ 14.691455] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.691741] kthread+0x337/0x6f0 [ 14.692130] ret_from_fork+0x116/0x1d0 [ 14.692559] ret_from_fork_asm+0x1a/0x30 [ 14.692959] [ 14.693128] The buggy address belongs to the object at ffff888102894300 [ 14.693128] which belongs to the cache kmalloc-16 of size 16 [ 14.693493] The buggy address is located 8 bytes inside of [ 14.693493] allocated 9-byte region [ffff888102894300, ffff888102894309) [ 14.694135] [ 14.694209] The buggy address belongs to the physical page: [ 14.694389] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102894 [ 14.694630] flags: 0x200000000000000(node=0|zone=2) [ 14.695194] page_type: f5(slab) [ 14.695483] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.696364] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.697175] page dumped because: kasan: bad access detected [ 14.697805] [ 14.697999] Memory state around the buggy address: [ 14.698422] ffff888102894200: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 14.699084] ffff888102894280: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.699860] >ffff888102894300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.700239] ^ [ 14.700363] ffff888102894380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.700577] ffff888102894400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.701238] ================================================================== [ 14.782213] ================================================================== [ 14.782572] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.783177] Write of size 8 at addr ffff888102894308 by task kunit_try_catch/279 [ 14.783514] [ 14.783596] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.783635] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.783684] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.783705] Call Trace: [ 14.783720] <TASK> [ 14.783735] dump_stack_lvl+0x73/0xb0 [ 14.783775] print_report+0xd1/0x650 [ 14.783797] ? __virt_addr_valid+0x1db/0x2d0 [ 14.783820] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.783847] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.783870] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.783897] kasan_report+0x141/0x180 [ 14.783919] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.783949] kasan_check_range+0x10c/0x1c0 [ 14.783973] __kasan_check_write+0x18/0x20 [ 14.783994] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.784020] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.784049] ? kasan_save_alloc_info+0x3b/0x50 [ 14.784074] ? kasan_save_stack+0x45/0x70 [ 14.784097] kasan_bitops_generic+0x116/0x1c0 [ 14.784121] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.784147] ? __pfx_read_tsc+0x10/0x10 [ 14.784167] ? ktime_get_ts64+0x86/0x230 [ 14.784192] kunit_try_run_case+0x1a5/0x480 [ 14.784216] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.784239] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.784264] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.784288] ? __kthread_parkme+0x82/0x180 [ 14.784309] ? preempt_count_sub+0x50/0x80 [ 14.784333] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.784358] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.784383] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.784408] kthread+0x337/0x6f0 [ 14.784428] ? trace_preempt_on+0x20/0xc0 [ 14.784450] ? __pfx_kthread+0x10/0x10 [ 14.784471] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.784493] ? calculate_sigpending+0x7b/0xa0 [ 14.784517] ? __pfx_kthread+0x10/0x10 [ 14.784539] ret_from_fork+0x116/0x1d0 [ 14.784557] ? __pfx_kthread+0x10/0x10 [ 14.784578] ret_from_fork_asm+0x1a/0x30 [ 14.784608] </TASK> [ 14.784618] [ 14.795743] Allocated by task 279: [ 14.795932] kasan_save_stack+0x45/0x70 [ 14.796122] kasan_save_track+0x18/0x40 [ 14.796301] kasan_save_alloc_info+0x3b/0x50 [ 14.796500] __kasan_kmalloc+0xb7/0xc0 [ 14.797292] __kmalloc_cache_noprof+0x189/0x420 [ 14.797487] kasan_bitops_generic+0x92/0x1c0 [ 14.797755] kunit_try_run_case+0x1a5/0x480 [ 14.797959] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.798191] kthread+0x337/0x6f0 [ 14.798350] ret_from_fork+0x116/0x1d0 [ 14.798523] ret_from_fork_asm+0x1a/0x30 [ 14.798793] [ 14.798887] The buggy address belongs to the object at ffff888102894300 [ 14.798887] which belongs to the cache kmalloc-16 of size 16 [ 14.799353] The buggy address is located 8 bytes inside of [ 14.799353] allocated 9-byte region [ffff888102894300, ffff888102894309) [ 14.800586] [ 14.800675] The buggy address belongs to the physical page: [ 14.800990] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102894 [ 14.801267] flags: 0x200000000000000(node=0|zone=2) [ 14.801483] page_type: f5(slab) [ 14.801636] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.802099] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.802427] page dumped because: kasan: bad access detected [ 14.802652] [ 14.802805] Memory state around the buggy address: [ 14.802964] ffff888102894200: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 14.803301] ffff888102894280: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.803615] >ffff888102894300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.803972] ^ [ 14.804123] ffff888102894380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.804364] ffff888102894400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.804737] ================================================================== [ 14.805227] ================================================================== [ 14.805555] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.805986] Write of size 8 at addr ffff888102894308 by task kunit_try_catch/279 [ 14.806293] [ 14.806408] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.806449] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.806461] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.806479] Call Trace: [ 14.806491] <TASK> [ 14.806507] dump_stack_lvl+0x73/0xb0 [ 14.806536] print_report+0xd1/0x650 [ 14.806559] ? __virt_addr_valid+0x1db/0x2d0 [ 14.806582] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.806609] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.806632] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.806715] kasan_report+0x141/0x180 [ 14.806737] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.806782] kasan_check_range+0x10c/0x1c0 [ 14.806806] __kasan_check_write+0x18/0x20 [ 14.806826] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.806852] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.806882] ? kasan_save_alloc_info+0x3b/0x50 [ 14.806905] ? kasan_save_stack+0x45/0x70 [ 14.806930] kasan_bitops_generic+0x116/0x1c0 [ 14.806953] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.806979] ? __pfx_read_tsc+0x10/0x10 [ 14.806999] ? ktime_get_ts64+0x86/0x230 [ 14.807024] kunit_try_run_case+0x1a5/0x480 [ 14.807048] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.807071] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.807095] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.807119] ? __kthread_parkme+0x82/0x180 [ 14.807140] ? preempt_count_sub+0x50/0x80 [ 14.807163] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.807187] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.807211] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.807237] kthread+0x337/0x6f0 [ 14.807256] ? trace_preempt_on+0x20/0xc0 [ 14.807279] ? __pfx_kthread+0x10/0x10 [ 14.807300] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.807322] ? calculate_sigpending+0x7b/0xa0 [ 14.807346] ? __pfx_kthread+0x10/0x10 [ 14.807367] ret_from_fork+0x116/0x1d0 [ 14.807386] ? __pfx_kthread+0x10/0x10 [ 14.807406] ret_from_fork_asm+0x1a/0x30 [ 14.807437] </TASK> [ 14.807447] [ 14.815468] Allocated by task 279: [ 14.815653] kasan_save_stack+0x45/0x70 [ 14.815845] kasan_save_track+0x18/0x40 [ 14.815999] kasan_save_alloc_info+0x3b/0x50 [ 14.816215] __kasan_kmalloc+0xb7/0xc0 [ 14.816403] __kmalloc_cache_noprof+0x189/0x420 [ 14.816628] kasan_bitops_generic+0x92/0x1c0 [ 14.816867] kunit_try_run_case+0x1a5/0x480 [ 14.817016] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.817192] kthread+0x337/0x6f0 [ 14.817362] ret_from_fork+0x116/0x1d0 [ 14.817550] ret_from_fork_asm+0x1a/0x30 [ 14.817770] [ 14.817849] The buggy address belongs to the object at ffff888102894300 [ 14.817849] which belongs to the cache kmalloc-16 of size 16 [ 14.818199] The buggy address is located 8 bytes inside of [ 14.818199] allocated 9-byte region [ffff888102894300, ffff888102894309) [ 14.818688] [ 14.820040] The buggy address belongs to the physical page: [ 14.820228] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102894 [ 14.820475] flags: 0x200000000000000(node=0|zone=2) [ 14.820637] page_type: f5(slab) [ 14.821954] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.822210] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.822506] page dumped because: kasan: bad access detected [ 14.823365] [ 14.824455] Memory state around the buggy address: [ 14.824622] ffff888102894200: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 14.825317] ffff888102894280: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.825537] >ffff888102894300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.826066] ^ [ 14.826806] ffff888102894380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.827039] ffff888102894400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.827252] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 14.645806] ================================================================== [ 14.646228] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 14.646486] Read of size 1 at addr ffff888103acf910 by task kunit_try_catch/277 [ 14.647227] [ 14.647347] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.647390] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.647402] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.647422] Call Trace: [ 14.647437] <TASK> [ 14.647452] dump_stack_lvl+0x73/0xb0 [ 14.647480] print_report+0xd1/0x650 [ 14.647502] ? __virt_addr_valid+0x1db/0x2d0 [ 14.647525] ? strnlen+0x73/0x80 [ 14.647542] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.647566] ? strnlen+0x73/0x80 [ 14.647584] kasan_report+0x141/0x180 [ 14.647606] ? strnlen+0x73/0x80 [ 14.647628] __asan_report_load1_noabort+0x18/0x20 [ 14.647653] strnlen+0x73/0x80 [ 14.647686] kasan_strings+0x615/0xe80 [ 14.647706] ? trace_hardirqs_on+0x37/0xe0 [ 14.647730] ? __pfx_kasan_strings+0x10/0x10 [ 14.647763] ? finish_task_switch.isra.0+0x153/0x700 [ 14.647785] ? __switch_to+0x47/0xf50 [ 14.647811] ? __schedule+0x10cc/0x2b60 [ 14.647832] ? __pfx_read_tsc+0x10/0x10 [ 14.647853] ? ktime_get_ts64+0x86/0x230 [ 14.647877] kunit_try_run_case+0x1a5/0x480 [ 14.647901] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.647925] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.647948] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.647972] ? __kthread_parkme+0x82/0x180 [ 14.647991] ? preempt_count_sub+0x50/0x80 [ 14.648014] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.648039] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.648064] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.648090] kthread+0x337/0x6f0 [ 14.648108] ? trace_preempt_on+0x20/0xc0 [ 14.648130] ? __pfx_kthread+0x10/0x10 [ 14.648150] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.648172] ? calculate_sigpending+0x7b/0xa0 [ 14.648196] ? __pfx_kthread+0x10/0x10 [ 14.648217] ret_from_fork+0x116/0x1d0 [ 14.648235] ? __pfx_kthread+0x10/0x10 [ 14.648255] ret_from_fork_asm+0x1a/0x30 [ 14.648285] </TASK> [ 14.648294] [ 14.656256] Allocated by task 277: [ 14.656449] kasan_save_stack+0x45/0x70 [ 14.656656] kasan_save_track+0x18/0x40 [ 14.656912] kasan_save_alloc_info+0x3b/0x50 [ 14.657167] __kasan_kmalloc+0xb7/0xc0 [ 14.657357] __kmalloc_cache_noprof+0x189/0x420 [ 14.657582] kasan_strings+0xc0/0xe80 [ 14.657833] kunit_try_run_case+0x1a5/0x480 [ 14.658020] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.658256] kthread+0x337/0x6f0 [ 14.658392] ret_from_fork+0x116/0x1d0 [ 14.658524] ret_from_fork_asm+0x1a/0x30 [ 14.658822] [ 14.658923] Freed by task 277: [ 14.659081] kasan_save_stack+0x45/0x70 [ 14.659277] kasan_save_track+0x18/0x40 [ 14.659458] kasan_save_free_info+0x3f/0x60 [ 14.659870] __kasan_slab_free+0x56/0x70 [ 14.660034] kfree+0x222/0x3f0 [ 14.660152] kasan_strings+0x2aa/0xe80 [ 14.660285] kunit_try_run_case+0x1a5/0x480 [ 14.660430] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.660673] kthread+0x337/0x6f0 [ 14.661031] ret_from_fork+0x116/0x1d0 [ 14.661223] ret_from_fork_asm+0x1a/0x30 [ 14.661418] [ 14.661510] The buggy address belongs to the object at ffff888103acf900 [ 14.661510] which belongs to the cache kmalloc-32 of size 32 [ 14.662156] The buggy address is located 16 bytes inside of [ 14.662156] freed 32-byte region [ffff888103acf900, ffff888103acf920) [ 14.662575] [ 14.662646] The buggy address belongs to the physical page: [ 14.662955] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103acf [ 14.663293] flags: 0x200000000000000(node=0|zone=2) [ 14.663511] page_type: f5(slab) [ 14.663710] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.664023] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.664272] page dumped because: kasan: bad access detected [ 14.664459] [ 14.664550] Memory state around the buggy address: [ 14.665031] ffff888103acf800: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.665381] ffff888103acf880: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.665729] >ffff888103acf900: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.665956] ^ [ 14.666133] ffff888103acf980: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.666457] ffff888103acfa00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.666779] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 14.619558] ================================================================== [ 14.620249] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 14.620975] Read of size 1 at addr ffff888103acf910 by task kunit_try_catch/277 [ 14.621536] [ 14.621622] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.621673] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.621685] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.621705] Call Trace: [ 14.621723] <TASK> [ 14.621826] dump_stack_lvl+0x73/0xb0 [ 14.621859] print_report+0xd1/0x650 [ 14.621883] ? __virt_addr_valid+0x1db/0x2d0 [ 14.621906] ? strlen+0x8f/0xb0 [ 14.621923] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.621947] ? strlen+0x8f/0xb0 [ 14.621965] kasan_report+0x141/0x180 [ 14.621987] ? strlen+0x8f/0xb0 [ 14.622008] __asan_report_load1_noabort+0x18/0x20 [ 14.622034] strlen+0x8f/0xb0 [ 14.622052] kasan_strings+0x57b/0xe80 [ 14.622071] ? trace_hardirqs_on+0x37/0xe0 [ 14.622095] ? __pfx_kasan_strings+0x10/0x10 [ 14.622115] ? finish_task_switch.isra.0+0x153/0x700 [ 14.622138] ? __switch_to+0x47/0xf50 [ 14.622163] ? __schedule+0x10cc/0x2b60 [ 14.622185] ? __pfx_read_tsc+0x10/0x10 [ 14.622207] ? ktime_get_ts64+0x86/0x230 [ 14.622231] kunit_try_run_case+0x1a5/0x480 [ 14.622255] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.622279] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.622303] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.622326] ? __kthread_parkme+0x82/0x180 [ 14.622348] ? preempt_count_sub+0x50/0x80 [ 14.622377] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.622401] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.622425] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.622451] kthread+0x337/0x6f0 [ 14.622470] ? trace_preempt_on+0x20/0xc0 [ 14.622492] ? __pfx_kthread+0x10/0x10 [ 14.622512] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.622533] ? calculate_sigpending+0x7b/0xa0 [ 14.622558] ? __pfx_kthread+0x10/0x10 [ 14.622580] ret_from_fork+0x116/0x1d0 [ 14.622598] ? __pfx_kthread+0x10/0x10 [ 14.622619] ret_from_fork_asm+0x1a/0x30 [ 14.622649] </TASK> [ 14.622658] [ 14.634523] Allocated by task 277: [ 14.634696] kasan_save_stack+0x45/0x70 [ 14.635141] kasan_save_track+0x18/0x40 [ 14.635480] kasan_save_alloc_info+0x3b/0x50 [ 14.635879] __kasan_kmalloc+0xb7/0xc0 [ 14.636452] __kmalloc_cache_noprof+0x189/0x420 [ 14.636874] kasan_strings+0xc0/0xe80 [ 14.637012] kunit_try_run_case+0x1a5/0x480 [ 14.637159] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.637336] kthread+0x337/0x6f0 [ 14.637455] ret_from_fork+0x116/0x1d0 [ 14.637586] ret_from_fork_asm+0x1a/0x30 [ 14.637778] [ 14.637847] Freed by task 277: [ 14.637957] kasan_save_stack+0x45/0x70 [ 14.638297] kasan_save_track+0x18/0x40 [ 14.638500] kasan_save_free_info+0x3f/0x60 [ 14.638740] __kasan_slab_free+0x56/0x70 [ 14.638895] kfree+0x222/0x3f0 [ 14.639012] kasan_strings+0x2aa/0xe80 [ 14.639185] kunit_try_run_case+0x1a5/0x480 [ 14.639394] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.639709] kthread+0x337/0x6f0 [ 14.639892] ret_from_fork+0x116/0x1d0 [ 14.640082] ret_from_fork_asm+0x1a/0x30 [ 14.640243] [ 14.640339] The buggy address belongs to the object at ffff888103acf900 [ 14.640339] which belongs to the cache kmalloc-32 of size 32 [ 14.640711] The buggy address is located 16 bytes inside of [ 14.640711] freed 32-byte region [ffff888103acf900, ffff888103acf920) [ 14.641194] [ 14.641285] The buggy address belongs to the physical page: [ 14.641734] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103acf [ 14.642016] flags: 0x200000000000000(node=0|zone=2) [ 14.642195] page_type: f5(slab) [ 14.642371] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.642832] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.643154] page dumped because: kasan: bad access detected [ 14.643381] [ 14.643476] Memory state around the buggy address: [ 14.643740] ffff888103acf800: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.644020] ffff888103acf880: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.644289] >ffff888103acf900: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.644500] ^ [ 14.644645] ffff888103acf980: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.644985] ffff888103acfa00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.645297] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 14.582271] ================================================================== [ 14.583335] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 14.583560] Read of size 1 at addr ffff888103acf910 by task kunit_try_catch/277 [ 14.584025] [ 14.584203] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.584248] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.584260] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.584282] Call Trace: [ 14.584300] <TASK> [ 14.584317] dump_stack_lvl+0x73/0xb0 [ 14.584345] print_report+0xd1/0x650 [ 14.584367] ? __virt_addr_valid+0x1db/0x2d0 [ 14.584389] ? kasan_strings+0xcbc/0xe80 [ 14.584410] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.584433] ? kasan_strings+0xcbc/0xe80 [ 14.584454] kasan_report+0x141/0x180 [ 14.584477] ? kasan_strings+0xcbc/0xe80 [ 14.584502] __asan_report_load1_noabort+0x18/0x20 [ 14.584528] kasan_strings+0xcbc/0xe80 [ 14.584547] ? trace_hardirqs_on+0x37/0xe0 [ 14.584571] ? __pfx_kasan_strings+0x10/0x10 [ 14.584592] ? finish_task_switch.isra.0+0x153/0x700 [ 14.584615] ? __switch_to+0x47/0xf50 [ 14.584640] ? __schedule+0x10cc/0x2b60 [ 14.584694] ? __pfx_read_tsc+0x10/0x10 [ 14.584714] ? ktime_get_ts64+0x86/0x230 [ 14.584738] kunit_try_run_case+0x1a5/0x480 [ 14.584771] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.584795] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.584817] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.584842] ? __kthread_parkme+0x82/0x180 [ 14.584862] ? preempt_count_sub+0x50/0x80 [ 14.584886] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.584910] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.584935] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.584961] kthread+0x337/0x6f0 [ 14.584979] ? trace_preempt_on+0x20/0xc0 [ 14.585002] ? __pfx_kthread+0x10/0x10 [ 14.585022] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.585044] ? calculate_sigpending+0x7b/0xa0 [ 14.585067] ? __pfx_kthread+0x10/0x10 [ 14.585089] ret_from_fork+0x116/0x1d0 [ 14.585107] ? __pfx_kthread+0x10/0x10 [ 14.585128] ret_from_fork_asm+0x1a/0x30 [ 14.585157] </TASK> [ 14.585167] [ 14.599868] Allocated by task 277: [ 14.600006] kasan_save_stack+0x45/0x70 [ 14.600148] kasan_save_track+0x18/0x40 [ 14.600278] kasan_save_alloc_info+0x3b/0x50 [ 14.600424] __kasan_kmalloc+0xb7/0xc0 [ 14.600551] __kmalloc_cache_noprof+0x189/0x420 [ 14.600719] kasan_strings+0xc0/0xe80 [ 14.601618] kunit_try_run_case+0x1a5/0x480 [ 14.602099] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.602776] kthread+0x337/0x6f0 [ 14.603390] ret_from_fork+0x116/0x1d0 [ 14.603831] ret_from_fork_asm+0x1a/0x30 [ 14.604414] [ 14.604720] Freed by task 277: [ 14.605316] kasan_save_stack+0x45/0x70 [ 14.605818] kasan_save_track+0x18/0x40 [ 14.606376] kasan_save_free_info+0x3f/0x60 [ 14.607005] __kasan_slab_free+0x56/0x70 [ 14.607439] kfree+0x222/0x3f0 [ 14.607562] kasan_strings+0x2aa/0xe80 [ 14.607722] kunit_try_run_case+0x1a5/0x480 [ 14.608396] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.608956] kthread+0x337/0x6f0 [ 14.609142] ret_from_fork+0x116/0x1d0 [ 14.609361] ret_from_fork_asm+0x1a/0x30 [ 14.609553] [ 14.609646] The buggy address belongs to the object at ffff888103acf900 [ 14.609646] which belongs to the cache kmalloc-32 of size 32 [ 14.610710] The buggy address is located 16 bytes inside of [ 14.610710] freed 32-byte region [ffff888103acf900, ffff888103acf920) [ 14.611220] [ 14.611293] The buggy address belongs to the physical page: [ 14.611460] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103acf [ 14.611962] flags: 0x200000000000000(node=0|zone=2) [ 14.612416] page_type: f5(slab) [ 14.612771] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.613593] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.614587] page dumped because: kasan: bad access detected [ 14.615332] [ 14.615541] Memory state around the buggy address: [ 14.615964] ffff888103acf800: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.616324] ffff888103acf880: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.616533] >ffff888103acf900: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.616823] ^ [ 14.617322] ffff888103acf980: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.618044] ffff888103acfa00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.618724] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 14.547078] ================================================================== [ 14.548158] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 14.548415] Read of size 1 at addr ffff888103acf910 by task kunit_try_catch/277 [ 14.548832] [ 14.548923] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.548968] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.549004] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.549025] Call Trace: [ 14.549037] <TASK> [ 14.549054] dump_stack_lvl+0x73/0xb0 [ 14.549082] print_report+0xd1/0x650 [ 14.549107] ? __virt_addr_valid+0x1db/0x2d0 [ 14.549132] ? strcmp+0xb0/0xc0 [ 14.549166] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.549191] ? strcmp+0xb0/0xc0 [ 14.549209] kasan_report+0x141/0x180 [ 14.549231] ? strcmp+0xb0/0xc0 [ 14.549252] __asan_report_load1_noabort+0x18/0x20 [ 14.549279] strcmp+0xb0/0xc0 [ 14.549298] kasan_strings+0x431/0xe80 [ 14.549319] ? trace_hardirqs_on+0x37/0xe0 [ 14.549342] ? __pfx_kasan_strings+0x10/0x10 [ 14.549363] ? finish_task_switch.isra.0+0x153/0x700 [ 14.549404] ? __switch_to+0x47/0xf50 [ 14.549444] ? __schedule+0x10cc/0x2b60 [ 14.549467] ? __pfx_read_tsc+0x10/0x10 [ 14.549489] ? ktime_get_ts64+0x86/0x230 [ 14.549513] kunit_try_run_case+0x1a5/0x480 [ 14.549539] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.549562] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.549588] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.549612] ? __kthread_parkme+0x82/0x180 [ 14.549633] ? preempt_count_sub+0x50/0x80 [ 14.549675] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.549700] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.549725] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.549762] kthread+0x337/0x6f0 [ 14.549782] ? trace_preempt_on+0x20/0xc0 [ 14.549804] ? __pfx_kthread+0x10/0x10 [ 14.549824] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.549846] ? calculate_sigpending+0x7b/0xa0 [ 14.549871] ? __pfx_kthread+0x10/0x10 [ 14.549894] ret_from_fork+0x116/0x1d0 [ 14.549913] ? __pfx_kthread+0x10/0x10 [ 14.549934] ret_from_fork_asm+0x1a/0x30 [ 14.549965] </TASK> [ 14.549976] [ 14.558531] Allocated by task 277: [ 14.558665] kasan_save_stack+0x45/0x70 [ 14.559737] kasan_save_track+0x18/0x40 [ 14.559912] kasan_save_alloc_info+0x3b/0x50 [ 14.560061] __kasan_kmalloc+0xb7/0xc0 [ 14.560193] __kmalloc_cache_noprof+0x189/0x420 [ 14.560348] kasan_strings+0xc0/0xe80 [ 14.560509] kunit_try_run_case+0x1a5/0x480 [ 14.560778] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.561035] kthread+0x337/0x6f0 [ 14.561207] ret_from_fork+0x116/0x1d0 [ 14.561407] ret_from_fork_asm+0x1a/0x30 [ 14.561605] [ 14.561882] Freed by task 277: [ 14.562050] kasan_save_stack+0x45/0x70 [ 14.562250] kasan_save_track+0x18/0x40 [ 14.562445] kasan_save_free_info+0x3f/0x60 [ 14.563736] __kasan_slab_free+0x56/0x70 [ 14.564951] kfree+0x222/0x3f0 [ 14.565090] kasan_strings+0x2aa/0xe80 [ 14.565223] kunit_try_run_case+0x1a5/0x480 [ 14.565367] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.565537] kthread+0x337/0x6f0 [ 14.565667] ret_from_fork+0x116/0x1d0 [ 14.566207] ret_from_fork_asm+0x1a/0x30 [ 14.566731] [ 14.567921] The buggy address belongs to the object at ffff888103acf900 [ 14.567921] which belongs to the cache kmalloc-32 of size 32 [ 14.569825] The buggy address is located 16 bytes inside of [ 14.569825] freed 32-byte region [ffff888103acf900, ffff888103acf920) [ 14.571585] [ 14.571980] The buggy address belongs to the physical page: [ 14.572725] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103acf [ 14.573207] flags: 0x200000000000000(node=0|zone=2) [ 14.573385] page_type: f5(slab) [ 14.573509] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.574547] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.575553] page dumped because: kasan: bad access detected [ 14.576340] [ 14.576761] Memory state around the buggy address: [ 14.577328] ffff888103acf800: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.578222] ffff888103acf880: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.578563] >ffff888103acf900: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.579532] ^ [ 14.580171] ffff888103acf980: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.580502] ffff888103acfa00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.581146] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 14.521330] ================================================================== [ 14.521824] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 14.522354] Read of size 1 at addr ffff88810266e2d8 by task kunit_try_catch/275 [ 14.522763] [ 14.522894] CPU: 1 UID: 0 PID: 275 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.522959] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.522971] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.522991] Call Trace: [ 14.523017] <TASK> [ 14.523033] dump_stack_lvl+0x73/0xb0 [ 14.523063] print_report+0xd1/0x650 [ 14.523088] ? __virt_addr_valid+0x1db/0x2d0 [ 14.523111] ? memcmp+0x1b4/0x1d0 [ 14.523129] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.523153] ? memcmp+0x1b4/0x1d0 [ 14.523172] kasan_report+0x141/0x180 [ 14.523194] ? memcmp+0x1b4/0x1d0 [ 14.523217] __asan_report_load1_noabort+0x18/0x20 [ 14.523241] memcmp+0x1b4/0x1d0 [ 14.523261] kasan_memcmp+0x18f/0x390 [ 14.523281] ? trace_hardirqs_on+0x37/0xe0 [ 14.523305] ? __pfx_kasan_memcmp+0x10/0x10 [ 14.523345] ? finish_task_switch.isra.0+0x153/0x700 [ 14.523369] ? __switch_to+0x47/0xf50 [ 14.523397] ? __pfx_read_tsc+0x10/0x10 [ 14.523418] ? ktime_get_ts64+0x86/0x230 [ 14.523442] kunit_try_run_case+0x1a5/0x480 [ 14.523467] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.523490] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.523529] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.523553] ? __kthread_parkme+0x82/0x180 [ 14.523574] ? preempt_count_sub+0x50/0x80 [ 14.523597] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.523622] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.523711] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.523741] kthread+0x337/0x6f0 [ 14.523775] ? trace_preempt_on+0x20/0xc0 [ 14.523797] ? __pfx_kthread+0x10/0x10 [ 14.523819] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.523840] ? calculate_sigpending+0x7b/0xa0 [ 14.523865] ? __pfx_kthread+0x10/0x10 [ 14.523886] ret_from_fork+0x116/0x1d0 [ 14.523905] ? __pfx_kthread+0x10/0x10 [ 14.523926] ret_from_fork_asm+0x1a/0x30 [ 14.523956] </TASK> [ 14.523967] [ 14.532451] Allocated by task 275: [ 14.532649] kasan_save_stack+0x45/0x70 [ 14.532894] kasan_save_track+0x18/0x40 [ 14.533136] kasan_save_alloc_info+0x3b/0x50 [ 14.533353] __kasan_kmalloc+0xb7/0xc0 [ 14.533529] __kmalloc_cache_noprof+0x189/0x420 [ 14.533842] kasan_memcmp+0xb7/0x390 [ 14.534131] kunit_try_run_case+0x1a5/0x480 [ 14.534366] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.534607] kthread+0x337/0x6f0 [ 14.534937] ret_from_fork+0x116/0x1d0 [ 14.535141] ret_from_fork_asm+0x1a/0x30 [ 14.535326] [ 14.535444] The buggy address belongs to the object at ffff88810266e2c0 [ 14.535444] which belongs to the cache kmalloc-32 of size 32 [ 14.536037] The buggy address is located 0 bytes to the right of [ 14.536037] allocated 24-byte region [ffff88810266e2c0, ffff88810266e2d8) [ 14.536559] [ 14.536673] The buggy address belongs to the physical page: [ 14.536967] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10266e [ 14.537315] flags: 0x200000000000000(node=0|zone=2) [ 14.537544] page_type: f5(slab) [ 14.537702] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.538077] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.538459] page dumped because: kasan: bad access detected [ 14.538710] [ 14.538988] Memory state around the buggy address: [ 14.539320] ffff88810266e180: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.539738] ffff88810266e200: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc [ 14.539966] >ffff88810266e280: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.540176] ^ [ 14.540798] ffff88810266e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.541148] ffff88810266e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.541510] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 14.472958] ================================================================== [ 14.473402] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 14.473993] Read of size 1 at addr ffff888103bb7c3f by task kunit_try_catch/269 [ 14.474412] [ 14.474553] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.474597] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.474619] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.474639] Call Trace: [ 14.474650] <TASK> [ 14.474666] dump_stack_lvl+0x73/0xb0 [ 14.474697] print_report+0xd1/0x650 [ 14.474773] ? __virt_addr_valid+0x1db/0x2d0 [ 14.474798] ? kasan_alloca_oob_left+0x320/0x380 [ 14.474897] ? kasan_addr_to_slab+0x11/0xa0 [ 14.474918] ? kasan_alloca_oob_left+0x320/0x380 [ 14.474975] kasan_report+0x141/0x180 [ 14.474997] ? kasan_alloca_oob_left+0x320/0x380 [ 14.475036] __asan_report_load1_noabort+0x18/0x20 [ 14.475061] kasan_alloca_oob_left+0x320/0x380 [ 14.475111] ? irqentry_exit+0x2a/0x60 [ 14.475134] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.475159] ? trace_hardirqs_on+0x37/0xe0 [ 14.475197] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 14.475225] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 14.475253] kunit_try_run_case+0x1a5/0x480 [ 14.475276] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.475301] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.475324] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.475348] ? __kthread_parkme+0x82/0x180 [ 14.475369] ? preempt_count_sub+0x50/0x80 [ 14.475392] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.475417] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.475442] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.475469] kthread+0x337/0x6f0 [ 14.475487] ? trace_preempt_on+0x20/0xc0 [ 14.475510] ? __pfx_kthread+0x10/0x10 [ 14.475531] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.475553] ? calculate_sigpending+0x7b/0xa0 [ 14.475577] ? __pfx_kthread+0x10/0x10 [ 14.475599] ret_from_fork+0x116/0x1d0 [ 14.475618] ? __pfx_kthread+0x10/0x10 [ 14.475639] ret_from_fork_asm+0x1a/0x30 [ 14.475688] </TASK> [ 14.475699] [ 14.484741] The buggy address belongs to stack of task kunit_try_catch/269 [ 14.485148] [ 14.485265] The buggy address belongs to the physical page: [ 14.485556] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103bb7 [ 14.485990] flags: 0x200000000000000(node=0|zone=2) [ 14.486285] raw: 0200000000000000 ffffea00040eedc8 ffffea00040eedc8 0000000000000000 [ 14.486988] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.487338] page dumped because: kasan: bad access detected [ 14.487614] [ 14.487812] Memory state around the buggy address: [ 14.488067] ffff888103bb7b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.488397] ffff888103bb7b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.488623] >ffff888103bb7c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 14.489207] ^ [ 14.489428] ffff888103bb7c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 14.489845] ffff888103bb7d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.490199] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 14.452944] ================================================================== [ 14.453598] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 14.454213] Read of size 1 at addr ffff888103b57d02 by task kunit_try_catch/267 [ 14.454490] [ 14.454695] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.454741] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.454764] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.454784] Call Trace: [ 14.454796] <TASK> [ 14.454812] dump_stack_lvl+0x73/0xb0 [ 14.454928] print_report+0xd1/0x650 [ 14.454953] ? __virt_addr_valid+0x1db/0x2d0 [ 14.454978] ? kasan_stack_oob+0x2b5/0x300 [ 14.454997] ? kasan_addr_to_slab+0x11/0xa0 [ 14.455018] ? kasan_stack_oob+0x2b5/0x300 [ 14.455039] kasan_report+0x141/0x180 [ 14.455061] ? kasan_stack_oob+0x2b5/0x300 [ 14.455094] __asan_report_load1_noabort+0x18/0x20 [ 14.455120] kasan_stack_oob+0x2b5/0x300 [ 14.455141] ? __pfx_kasan_stack_oob+0x10/0x10 [ 14.455160] ? finish_task_switch.isra.0+0x153/0x700 [ 14.455184] ? __switch_to+0x47/0xf50 [ 14.455211] ? __schedule+0x10cc/0x2b60 [ 14.455234] ? __pfx_read_tsc+0x10/0x10 [ 14.455256] ? ktime_get_ts64+0x86/0x230 [ 14.455282] kunit_try_run_case+0x1a5/0x480 [ 14.455310] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.455333] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.455357] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.455382] ? __kthread_parkme+0x82/0x180 [ 14.455403] ? preempt_count_sub+0x50/0x80 [ 14.455426] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.455451] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.455476] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.455501] kthread+0x337/0x6f0 [ 14.455521] ? trace_preempt_on+0x20/0xc0 [ 14.455545] ? __pfx_kthread+0x10/0x10 [ 14.455565] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.455588] ? calculate_sigpending+0x7b/0xa0 [ 14.455613] ? __pfx_kthread+0x10/0x10 [ 14.455634] ret_from_fork+0x116/0x1d0 [ 14.455694] ? __pfx_kthread+0x10/0x10 [ 14.455716] ret_from_fork_asm+0x1a/0x30 [ 14.455760] </TASK> [ 14.455771] [ 14.463761] The buggy address belongs to stack of task kunit_try_catch/267 [ 14.464073] and is located at offset 138 in frame: [ 14.464424] kasan_stack_oob+0x0/0x300 [ 14.464735] [ 14.464872] This frame has 4 objects: [ 14.465129] [48, 49) '__assertion' [ 14.465149] [64, 72) 'array' [ 14.465331] [96, 112) '__assertion' [ 14.465500] [128, 138) 'stack_array' [ 14.465796] [ 14.466051] The buggy address belongs to the physical page: [ 14.466322] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b57 [ 14.466806] flags: 0x200000000000000(node=0|zone=2) [ 14.467080] raw: 0200000000000000 ffffea00040ed5c8 ffffea00040ed5c8 0000000000000000 [ 14.467443] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.467834] page dumped because: kasan: bad access detected [ 14.468185] [ 14.468320] Memory state around the buggy address: [ 14.468541] ffff888103b57c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.469054] ffff888103b57c80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 14.469407] >ffff888103b57d00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.469799] ^ [ 14.470019] ffff888103b57d80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 14.470335] ffff888103b57e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.470674] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 14.424281] ================================================================== [ 14.424996] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 14.425551] Read of size 1 at addr ffffffff89a63e8d by task kunit_try_catch/263 [ 14.425932] [ 14.426277] CPU: 0 UID: 0 PID: 263 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.426330] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.426499] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.426522] Call Trace: [ 14.426534] <TASK> [ 14.426562] dump_stack_lvl+0x73/0xb0 [ 14.426593] print_report+0xd1/0x650 [ 14.426615] ? __virt_addr_valid+0x1db/0x2d0 [ 14.426670] ? kasan_global_oob_right+0x286/0x2d0 [ 14.426692] ? kasan_addr_to_slab+0x11/0xa0 [ 14.426713] ? kasan_global_oob_right+0x286/0x2d0 [ 14.426737] kasan_report+0x141/0x180 [ 14.426771] ? kasan_global_oob_right+0x286/0x2d0 [ 14.426798] __asan_report_load1_noabort+0x18/0x20 [ 14.426824] kasan_global_oob_right+0x286/0x2d0 [ 14.426845] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 14.426872] ? __schedule+0x10cc/0x2b60 [ 14.426896] ? __pfx_read_tsc+0x10/0x10 [ 14.426917] ? ktime_get_ts64+0x86/0x230 [ 14.426943] kunit_try_run_case+0x1a5/0x480 [ 14.426967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.426991] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.427013] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.427038] ? __kthread_parkme+0x82/0x180 [ 14.427059] ? preempt_count_sub+0x50/0x80 [ 14.427083] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.427108] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.427133] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.427159] kthread+0x337/0x6f0 [ 14.427178] ? trace_preempt_on+0x20/0xc0 [ 14.427202] ? __pfx_kthread+0x10/0x10 [ 14.427224] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.427245] ? calculate_sigpending+0x7b/0xa0 [ 14.427270] ? __pfx_kthread+0x10/0x10 [ 14.427292] ret_from_fork+0x116/0x1d0 [ 14.427311] ? __pfx_kthread+0x10/0x10 [ 14.427332] ret_from_fork_asm+0x1a/0x30 [ 14.427363] </TASK> [ 14.427373] [ 14.435457] The buggy address belongs to the variable: [ 14.435678] global_array+0xd/0x40 [ 14.435837] [ 14.435926] The buggy address belongs to the physical page: [ 14.436134] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x13ea63 [ 14.436702] flags: 0x200000000002000(reserved|node=0|zone=2) [ 14.436917] raw: 0200000000002000 ffffea0004fa98c8 ffffea0004fa98c8 0000000000000000 [ 14.437146] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.437932] page dumped because: kasan: bad access detected [ 14.438171] [ 14.438356] Memory state around the buggy address: [ 14.438580] ffffffff89a63d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.439177] ffffffff89a63e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.439486] >ffffffff89a63e80: 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 14.439704] ^ [ 14.439907] ffffffff89a63f00: 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 [ 14.440395] ffffffff89a63f80: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 14.440877] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 14.363091] ================================================================== [ 14.363795] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.364343] Free of addr ffff88810266c001 by task kunit_try_catch/259 [ 14.364621] [ 14.364766] CPU: 1 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.364809] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.364820] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.364860] Call Trace: [ 14.364873] <TASK> [ 14.364888] dump_stack_lvl+0x73/0xb0 [ 14.364988] print_report+0xd1/0x650 [ 14.365013] ? __virt_addr_valid+0x1db/0x2d0 [ 14.365039] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.365063] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.365090] kasan_report_invalid_free+0x10a/0x130 [ 14.365116] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.365145] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.365172] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.365198] check_slab_allocation+0x11f/0x130 [ 14.365243] __kasan_mempool_poison_object+0x91/0x1d0 [ 14.365268] mempool_free+0x2ec/0x380 [ 14.365313] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.365340] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 14.365369] ? __kasan_check_write+0x18/0x20 [ 14.365389] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.365412] ? finish_task_switch.isra.0+0x153/0x700 [ 14.365439] mempool_kmalloc_invalid_free+0xed/0x140 [ 14.365464] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 14.365492] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.365515] ? __pfx_mempool_kfree+0x10/0x10 [ 14.365540] ? __pfx_read_tsc+0x10/0x10 [ 14.365563] ? ktime_get_ts64+0x86/0x230 [ 14.365588] kunit_try_run_case+0x1a5/0x480 [ 14.365614] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.365637] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.365703] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.365728] ? __kthread_parkme+0x82/0x180 [ 14.365762] ? preempt_count_sub+0x50/0x80 [ 14.365786] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.365811] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.365836] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.365862] kthread+0x337/0x6f0 [ 14.365881] ? trace_preempt_on+0x20/0xc0 [ 14.365904] ? __pfx_kthread+0x10/0x10 [ 14.365925] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.365947] ? calculate_sigpending+0x7b/0xa0 [ 14.365973] ? __pfx_kthread+0x10/0x10 [ 14.365995] ret_from_fork+0x116/0x1d0 [ 14.366015] ? __pfx_kthread+0x10/0x10 [ 14.366035] ret_from_fork_asm+0x1a/0x30 [ 14.366067] </TASK> [ 14.366077] [ 14.378269] Allocated by task 259: [ 14.378452] kasan_save_stack+0x45/0x70 [ 14.378642] kasan_save_track+0x18/0x40 [ 14.379567] kasan_save_alloc_info+0x3b/0x50 [ 14.379969] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.380221] remove_element+0x11e/0x190 [ 14.380411] mempool_alloc_preallocated+0x4d/0x90 [ 14.380628] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 14.381246] mempool_kmalloc_invalid_free+0xed/0x140 [ 14.381873] kunit_try_run_case+0x1a5/0x480 [ 14.382163] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.382421] kthread+0x337/0x6f0 [ 14.382584] ret_from_fork+0x116/0x1d0 [ 14.383166] ret_from_fork_asm+0x1a/0x30 [ 14.383375] [ 14.383469] The buggy address belongs to the object at ffff88810266c000 [ 14.383469] which belongs to the cache kmalloc-128 of size 128 [ 14.384644] The buggy address is located 1 bytes inside of [ 14.384644] 128-byte region [ffff88810266c000, ffff88810266c080) [ 14.385298] [ 14.385395] The buggy address belongs to the physical page: [ 14.385633] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10266c [ 14.386345] flags: 0x200000000000000(node=0|zone=2) [ 14.386782] page_type: f5(slab) [ 14.386948] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.387264] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.387571] page dumped because: kasan: bad access detected [ 14.388197] [ 14.388390] Memory state around the buggy address: [ 14.388924] ffff88810266bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.389449] ffff88810266bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.390336] >ffff88810266c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.390824] ^ [ 14.391086] ffff88810266c080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.391608] ffff88810266c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.392121] ================================================================== [ 14.395098] ================================================================== [ 14.395912] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.396393] Free of addr ffff888103b74001 by task kunit_try_catch/261 [ 14.396825] [ 14.397156] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.397210] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.397222] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.397244] Call Trace: [ 14.397257] <TASK> [ 14.397275] dump_stack_lvl+0x73/0xb0 [ 14.397344] print_report+0xd1/0x650 [ 14.397367] ? __virt_addr_valid+0x1db/0x2d0 [ 14.397392] ? kasan_addr_to_slab+0x11/0xa0 [ 14.397413] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.397440] kasan_report_invalid_free+0x10a/0x130 [ 14.397465] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.397494] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.397520] __kasan_mempool_poison_object+0x102/0x1d0 [ 14.397546] mempool_free+0x2ec/0x380 [ 14.397572] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.397599] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 14.397630] ? finish_task_switch.isra.0+0x153/0x700 [ 14.397673] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 14.397700] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 14.397729] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.397764] ? __pfx_mempool_kfree+0x10/0x10 [ 14.397790] ? __pfx_read_tsc+0x10/0x10 [ 14.397812] ? ktime_get_ts64+0x86/0x230 [ 14.397836] kunit_try_run_case+0x1a5/0x480 [ 14.397860] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.397883] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.397907] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.397932] ? __kthread_parkme+0x82/0x180 [ 14.397952] ? preempt_count_sub+0x50/0x80 [ 14.397975] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.398000] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.398025] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.398050] kthread+0x337/0x6f0 [ 14.398069] ? trace_preempt_on+0x20/0xc0 [ 14.398093] ? __pfx_kthread+0x10/0x10 [ 14.398113] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.398134] ? calculate_sigpending+0x7b/0xa0 [ 14.398158] ? __pfx_kthread+0x10/0x10 [ 14.398179] ret_from_fork+0x116/0x1d0 [ 14.398198] ? __pfx_kthread+0x10/0x10 [ 14.398219] ret_from_fork_asm+0x1a/0x30 [ 14.398248] </TASK> [ 14.398259] [ 14.410402] The buggy address belongs to the physical page: [ 14.410859] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b74 [ 14.411281] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.411597] flags: 0x200000000000040(head|node=0|zone=2) [ 14.412062] page_type: f8(unknown) [ 14.412247] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.412564] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.413473] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.414088] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.414551] head: 0200000000000002 ffffea00040edd01 00000000ffffffff 00000000ffffffff [ 14.415055] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.415614] page dumped because: kasan: bad access detected [ 14.416128] [ 14.416235] Memory state around the buggy address: [ 14.416454] ffff888103b73f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.417073] ffff888103b73f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.417495] >ffff888103b74000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.418214] ^ [ 14.418472] ffff888103b74080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.419024] ffff888103b74100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.419327] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 14.269244] ================================================================== [ 14.270479] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.271204] Free of addr ffff888102655c00 by task kunit_try_catch/253 [ 14.272080] [ 14.272338] CPU: 1 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.272384] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.272396] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.272417] Call Trace: [ 14.272430] <TASK> [ 14.272450] dump_stack_lvl+0x73/0xb0 [ 14.272483] print_report+0xd1/0x650 [ 14.272507] ? __virt_addr_valid+0x1db/0x2d0 [ 14.272533] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.272557] ? mempool_double_free_helper+0x184/0x370 [ 14.272583] kasan_report_invalid_free+0x10a/0x130 [ 14.272609] ? mempool_double_free_helper+0x184/0x370 [ 14.272636] ? mempool_double_free_helper+0x184/0x370 [ 14.272672] ? mempool_double_free_helper+0x184/0x370 [ 14.272697] check_slab_allocation+0x101/0x130 [ 14.272721] __kasan_mempool_poison_object+0x91/0x1d0 [ 14.272812] mempool_free+0x2ec/0x380 [ 14.272842] mempool_double_free_helper+0x184/0x370 [ 14.272867] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.272892] ? update_load_avg+0x1be/0x21b0 [ 14.272922] ? finish_task_switch.isra.0+0x153/0x700 [ 14.272950] mempool_kmalloc_double_free+0xed/0x140 [ 14.272975] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 14.273004] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.273027] ? __pfx_mempool_kfree+0x10/0x10 [ 14.273053] ? __pfx_read_tsc+0x10/0x10 [ 14.273076] ? ktime_get_ts64+0x86/0x230 [ 14.273102] kunit_try_run_case+0x1a5/0x480 [ 14.273129] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.273152] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.273178] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.273203] ? __kthread_parkme+0x82/0x180 [ 14.273225] ? preempt_count_sub+0x50/0x80 [ 14.273249] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.273277] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.273303] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.273331] kthread+0x337/0x6f0 [ 14.273350] ? trace_preempt_on+0x20/0xc0 [ 14.273374] ? __pfx_kthread+0x10/0x10 [ 14.273395] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.273418] ? calculate_sigpending+0x7b/0xa0 [ 14.273443] ? __pfx_kthread+0x10/0x10 [ 14.273466] ret_from_fork+0x116/0x1d0 [ 14.273485] ? __pfx_kthread+0x10/0x10 [ 14.273506] ret_from_fork_asm+0x1a/0x30 [ 14.273540] </TASK> [ 14.273551] [ 14.288896] Allocated by task 253: [ 14.289350] kasan_save_stack+0x45/0x70 [ 14.289783] kasan_save_track+0x18/0x40 [ 14.290165] kasan_save_alloc_info+0x3b/0x50 [ 14.290519] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.290710] remove_element+0x11e/0x190 [ 14.291237] mempool_alloc_preallocated+0x4d/0x90 [ 14.291535] mempool_double_free_helper+0x8a/0x370 [ 14.291880] mempool_kmalloc_double_free+0xed/0x140 [ 14.292119] kunit_try_run_case+0x1a5/0x480 [ 14.292268] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.292445] kthread+0x337/0x6f0 [ 14.292565] ret_from_fork+0x116/0x1d0 [ 14.292812] ret_from_fork_asm+0x1a/0x30 [ 14.293186] [ 14.293419] Freed by task 253: [ 14.293801] kasan_save_stack+0x45/0x70 [ 14.294176] kasan_save_track+0x18/0x40 [ 14.294540] kasan_save_free_info+0x3f/0x60 [ 14.294997] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.295543] mempool_free+0x2ec/0x380 [ 14.296935] mempool_double_free_helper+0x109/0x370 [ 14.297199] mempool_kmalloc_double_free+0xed/0x140 [ 14.297440] kunit_try_run_case+0x1a5/0x480 [ 14.297641] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.297830] kthread+0x337/0x6f0 [ 14.297950] ret_from_fork+0x116/0x1d0 [ 14.298081] ret_from_fork_asm+0x1a/0x30 [ 14.298219] [ 14.298292] The buggy address belongs to the object at ffff888102655c00 [ 14.298292] which belongs to the cache kmalloc-128 of size 128 [ 14.298667] The buggy address is located 0 bytes inside of [ 14.298667] 128-byte region [ffff888102655c00, ffff888102655c80) [ 14.301284] [ 14.301874] The buggy address belongs to the physical page: [ 14.302592] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102655 [ 14.303579] flags: 0x200000000000000(node=0|zone=2) [ 14.304384] page_type: f5(slab) [ 14.304592] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.305509] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.306042] page dumped because: kasan: bad access detected [ 14.306224] [ 14.306295] Memory state around the buggy address: [ 14.306458] ffff888102655b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.306691] ffff888102655b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.307280] >ffff888102655c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.308044] ^ [ 14.308360] ffff888102655c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.309154] ffff888102655d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.309458] ================================================================== [ 14.338802] ================================================================== [ 14.340068] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.340488] Free of addr ffff888102bd0000 by task kunit_try_catch/257 [ 14.340927] [ 14.341049] CPU: 0 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.341094] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.341106] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.341127] Call Trace: [ 14.341140] <TASK> [ 14.341180] dump_stack_lvl+0x73/0xb0 [ 14.341213] print_report+0xd1/0x650 [ 14.341236] ? __virt_addr_valid+0x1db/0x2d0 [ 14.341280] ? kasan_addr_to_slab+0x11/0xa0 [ 14.341301] ? mempool_double_free_helper+0x184/0x370 [ 14.341326] kasan_report_invalid_free+0x10a/0x130 [ 14.341351] ? mempool_double_free_helper+0x184/0x370 [ 14.341378] ? mempool_double_free_helper+0x184/0x370 [ 14.341403] __kasan_mempool_poison_pages+0x115/0x130 [ 14.341428] mempool_free+0x290/0x380 [ 14.341456] mempool_double_free_helper+0x184/0x370 [ 14.341482] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.341509] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.341533] ? finish_task_switch.isra.0+0x153/0x700 [ 14.341559] mempool_page_alloc_double_free+0xe8/0x140 [ 14.341585] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 14.341615] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 14.341639] ? __pfx_mempool_free_pages+0x10/0x10 [ 14.341683] ? __pfx_read_tsc+0x10/0x10 [ 14.341706] ? ktime_get_ts64+0x86/0x230 [ 14.341731] kunit_try_run_case+0x1a5/0x480 [ 14.341789] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.341989] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.342018] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.342043] ? __kthread_parkme+0x82/0x180 [ 14.342065] ? preempt_count_sub+0x50/0x80 [ 14.342088] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.342113] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.342140] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.342165] kthread+0x337/0x6f0 [ 14.342184] ? trace_preempt_on+0x20/0xc0 [ 14.342209] ? __pfx_kthread+0x10/0x10 [ 14.342230] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.342251] ? calculate_sigpending+0x7b/0xa0 [ 14.342276] ? __pfx_kthread+0x10/0x10 [ 14.342297] ret_from_fork+0x116/0x1d0 [ 14.342316] ? __pfx_kthread+0x10/0x10 [ 14.342336] ret_from_fork_asm+0x1a/0x30 [ 14.342374] </TASK> [ 14.342385] [ 14.352779] The buggy address belongs to the physical page: [ 14.353041] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102bd0 [ 14.353434] flags: 0x200000000000000(node=0|zone=2) [ 14.353679] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 14.354517] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.355077] page dumped because: kasan: bad access detected [ 14.355318] [ 14.355386] Memory state around the buggy address: [ 14.355609] ffff888102bcff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.356018] ffff888102bcff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.356324] >ffff888102bd0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.356649] ^ [ 14.356920] ffff888102bd0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.357298] ffff888102bd0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.357771] ================================================================== [ 14.312603] ================================================================== [ 14.313862] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.314560] Free of addr ffff888103b74000 by task kunit_try_catch/255 [ 14.315012] [ 14.315106] CPU: 1 UID: 0 PID: 255 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.315149] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.315161] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.315182] Call Trace: [ 14.315196] <TASK> [ 14.315211] dump_stack_lvl+0x73/0xb0 [ 14.315241] print_report+0xd1/0x650 [ 14.315264] ? __virt_addr_valid+0x1db/0x2d0 [ 14.315288] ? kasan_addr_to_slab+0x11/0xa0 [ 14.315308] ? mempool_double_free_helper+0x184/0x370 [ 14.315334] kasan_report_invalid_free+0x10a/0x130 [ 14.315359] ? mempool_double_free_helper+0x184/0x370 [ 14.315386] ? mempool_double_free_helper+0x184/0x370 [ 14.315410] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 14.315435] mempool_free+0x2ec/0x380 [ 14.315462] mempool_double_free_helper+0x184/0x370 [ 14.315487] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.315515] ? finish_task_switch.isra.0+0x153/0x700 [ 14.315542] mempool_kmalloc_large_double_free+0xed/0x140 [ 14.315567] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 14.315597] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.315620] ? __pfx_mempool_kfree+0x10/0x10 [ 14.315693] ? __pfx_read_tsc+0x10/0x10 [ 14.315717] ? ktime_get_ts64+0x86/0x230 [ 14.315776] kunit_try_run_case+0x1a5/0x480 [ 14.315802] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.315825] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.315884] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.315907] ? __kthread_parkme+0x82/0x180 [ 14.315928] ? preempt_count_sub+0x50/0x80 [ 14.315952] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.315977] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.316001] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.316026] kthread+0x337/0x6f0 [ 14.316045] ? trace_preempt_on+0x20/0xc0 [ 14.316069] ? __pfx_kthread+0x10/0x10 [ 14.316090] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.316112] ? calculate_sigpending+0x7b/0xa0 [ 14.316136] ? __pfx_kthread+0x10/0x10 [ 14.316158] ret_from_fork+0x116/0x1d0 [ 14.316176] ? __pfx_kthread+0x10/0x10 [ 14.316197] ret_from_fork_asm+0x1a/0x30 [ 14.316227] </TASK> [ 14.316237] [ 14.328476] The buggy address belongs to the physical page: [ 14.328663] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b74 [ 14.329269] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.329613] flags: 0x200000000000040(head|node=0|zone=2) [ 14.330002] page_type: f8(unknown) [ 14.330131] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.330521] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.330859] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.331203] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.331496] head: 0200000000000002 ffffea00040edd01 00000000ffffffff 00000000ffffffff [ 14.331981] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.332346] page dumped because: kasan: bad access detected [ 14.332546] [ 14.332640] Memory state around the buggy address: [ 14.333051] ffff888103b73f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.333472] ffff888103b73f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.333938] >ffff888103b74000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.334295] ^ [ 14.334449] ffff888103b74080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.334926] ffff888103b74100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.335260] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 14.169736] ================================================================== [ 14.170367] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.170644] Read of size 1 at addr ffff888103b74000 by task kunit_try_catch/247 [ 14.171771] [ 14.171895] CPU: 1 UID: 0 PID: 247 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.171941] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.171952] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.171974] Call Trace: [ 14.171986] <TASK> [ 14.172000] dump_stack_lvl+0x73/0xb0 [ 14.172031] print_report+0xd1/0x650 [ 14.172053] ? __virt_addr_valid+0x1db/0x2d0 [ 14.172077] ? mempool_uaf_helper+0x392/0x400 [ 14.172099] ? kasan_addr_to_slab+0x11/0xa0 [ 14.172119] ? mempool_uaf_helper+0x392/0x400 [ 14.172142] kasan_report+0x141/0x180 [ 14.172164] ? mempool_uaf_helper+0x392/0x400 [ 14.172190] __asan_report_load1_noabort+0x18/0x20 [ 14.172215] mempool_uaf_helper+0x392/0x400 [ 14.172254] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.172282] ? mempool_alloc_preallocated+0x5b/0x90 [ 14.172314] mempool_kmalloc_large_uaf+0xef/0x140 [ 14.172338] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 14.172375] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.172398] ? __pfx_mempool_kfree+0x10/0x10 [ 14.172423] ? __pfx_read_tsc+0x10/0x10 [ 14.172444] ? ktime_get_ts64+0x86/0x230 [ 14.172467] kunit_try_run_case+0x1a5/0x480 [ 14.172491] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.172514] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.172539] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.172563] ? __kthread_parkme+0x82/0x180 [ 14.172584] ? preempt_count_sub+0x50/0x80 [ 14.172610] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.172633] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.172674] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.172723] kthread+0x337/0x6f0 [ 14.172742] ? trace_preempt_on+0x20/0xc0 [ 14.172777] ? __pfx_kthread+0x10/0x10 [ 14.172798] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.172819] ? calculate_sigpending+0x7b/0xa0 [ 14.172843] ? __pfx_kthread+0x10/0x10 [ 14.172865] ret_from_fork+0x116/0x1d0 [ 14.172883] ? __pfx_kthread+0x10/0x10 [ 14.172904] ret_from_fork_asm+0x1a/0x30 [ 14.172934] </TASK> [ 14.172945] [ 14.186322] The buggy address belongs to the physical page: [ 14.186883] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b74 [ 14.187774] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.188096] flags: 0x200000000000040(head|node=0|zone=2) [ 14.188278] page_type: f8(unknown) [ 14.188405] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.188635] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.189448] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.190260] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.191142] head: 0200000000000002 ffffea00040edd01 00000000ffffffff 00000000ffffffff [ 14.191903] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.192563] page dumped because: kasan: bad access detected [ 14.193088] [ 14.193162] Memory state around the buggy address: [ 14.193319] ffff888103b73f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.193536] ffff888103b73f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.193782] >ffff888103b74000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.194185] ^ [ 14.194341] ffff888103b74080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.194587] ffff888103b74100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.194899] ================================================================== [ 14.241740] ================================================================== [ 14.242171] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.242404] Read of size 1 at addr ffff888103b74000 by task kunit_try_catch/251 [ 14.242626] [ 14.243367] CPU: 1 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.243419] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.243433] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.243456] Call Trace: [ 14.243469] <TASK> [ 14.243486] dump_stack_lvl+0x73/0xb0 [ 14.243518] print_report+0xd1/0x650 [ 14.243541] ? __virt_addr_valid+0x1db/0x2d0 [ 14.243564] ? mempool_uaf_helper+0x392/0x400 [ 14.243587] ? kasan_addr_to_slab+0x11/0xa0 [ 14.243607] ? mempool_uaf_helper+0x392/0x400 [ 14.243630] kasan_report+0x141/0x180 [ 14.243810] ? mempool_uaf_helper+0x392/0x400 [ 14.243848] __asan_report_load1_noabort+0x18/0x20 [ 14.243916] mempool_uaf_helper+0x392/0x400 [ 14.243941] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.243966] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.243991] ? finish_task_switch.isra.0+0x153/0x700 [ 14.244018] mempool_page_alloc_uaf+0xed/0x140 [ 14.244041] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 14.244069] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 14.244096] ? __pfx_mempool_free_pages+0x10/0x10 [ 14.244123] ? __pfx_read_tsc+0x10/0x10 [ 14.244144] ? ktime_get_ts64+0x86/0x230 [ 14.244169] kunit_try_run_case+0x1a5/0x480 [ 14.244195] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.244218] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.244243] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.244267] ? __kthread_parkme+0x82/0x180 [ 14.244288] ? preempt_count_sub+0x50/0x80 [ 14.244311] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.244335] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.244360] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.244386] kthread+0x337/0x6f0 [ 14.244405] ? trace_preempt_on+0x20/0xc0 [ 14.244429] ? __pfx_kthread+0x10/0x10 [ 14.244449] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.244470] ? calculate_sigpending+0x7b/0xa0 [ 14.244494] ? __pfx_kthread+0x10/0x10 [ 14.244516] ret_from_fork+0x116/0x1d0 [ 14.244535] ? __pfx_kthread+0x10/0x10 [ 14.244556] ret_from_fork_asm+0x1a/0x30 [ 14.244586] </TASK> [ 14.244596] [ 14.259552] The buggy address belongs to the physical page: [ 14.260240] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b74 [ 14.260630] flags: 0x200000000000000(node=0|zone=2) [ 14.260821] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 14.261048] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.261266] page dumped because: kasan: bad access detected [ 14.261434] [ 14.261502] Memory state around the buggy address: [ 14.261665] ffff888103b73f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.262291] ffff888103b73f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.263011] >ffff888103b74000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.263677] ^ [ 14.264043] ffff888103b74080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.264668] ffff888103b74100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.265288] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 14.130192] ================================================================== [ 14.130626] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.131713] Read of size 1 at addr ffff888102b92b00 by task kunit_try_catch/245 [ 14.132580] [ 14.132927] CPU: 0 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.132977] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.132989] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.133008] Call Trace: [ 14.133022] <TASK> [ 14.133039] dump_stack_lvl+0x73/0xb0 [ 14.133071] print_report+0xd1/0x650 [ 14.133093] ? __virt_addr_valid+0x1db/0x2d0 [ 14.133117] ? mempool_uaf_helper+0x392/0x400 [ 14.133139] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.133162] ? mempool_uaf_helper+0x392/0x400 [ 14.133185] kasan_report+0x141/0x180 [ 14.133206] ? mempool_uaf_helper+0x392/0x400 [ 14.133234] __asan_report_load1_noabort+0x18/0x20 [ 14.133259] mempool_uaf_helper+0x392/0x400 [ 14.133282] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.133304] ? update_load_avg+0x1be/0x21b0 [ 14.133328] ? dequeue_entities+0x27e/0x1740 [ 14.133354] ? finish_task_switch.isra.0+0x153/0x700 [ 14.133381] mempool_kmalloc_uaf+0xef/0x140 [ 14.133403] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 14.133428] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.133452] ? __pfx_mempool_kfree+0x10/0x10 [ 14.133478] ? __pfx_read_tsc+0x10/0x10 [ 14.133499] ? ktime_get_ts64+0x86/0x230 [ 14.133523] kunit_try_run_case+0x1a5/0x480 [ 14.133548] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.133572] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.133596] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.133620] ? __kthread_parkme+0x82/0x180 [ 14.133641] ? preempt_count_sub+0x50/0x80 [ 14.133785] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.133812] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.133838] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.133865] kthread+0x337/0x6f0 [ 14.133884] ? trace_preempt_on+0x20/0xc0 [ 14.133943] ? __pfx_kthread+0x10/0x10 [ 14.133965] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.133986] ? calculate_sigpending+0x7b/0xa0 [ 14.134011] ? __pfx_kthread+0x10/0x10 [ 14.134033] ret_from_fork+0x116/0x1d0 [ 14.134052] ? __pfx_kthread+0x10/0x10 [ 14.134073] ret_from_fork_asm+0x1a/0x30 [ 14.134105] </TASK> [ 14.134116] [ 14.149480] Allocated by task 245: [ 14.149884] kasan_save_stack+0x45/0x70 [ 14.150268] kasan_save_track+0x18/0x40 [ 14.150638] kasan_save_alloc_info+0x3b/0x50 [ 14.151134] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.151599] remove_element+0x11e/0x190 [ 14.152015] mempool_alloc_preallocated+0x4d/0x90 [ 14.152429] mempool_uaf_helper+0x96/0x400 [ 14.152848] mempool_kmalloc_uaf+0xef/0x140 [ 14.153212] kunit_try_run_case+0x1a5/0x480 [ 14.153583] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.153904] kthread+0x337/0x6f0 [ 14.154024] ret_from_fork+0x116/0x1d0 [ 14.154154] ret_from_fork_asm+0x1a/0x30 [ 14.154291] [ 14.154365] Freed by task 245: [ 14.154475] kasan_save_stack+0x45/0x70 [ 14.154610] kasan_save_track+0x18/0x40 [ 14.154792] kasan_save_free_info+0x3f/0x60 [ 14.154992] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.155316] mempool_free+0x2ec/0x380 [ 14.155447] mempool_uaf_helper+0x11a/0x400 [ 14.155588] mempool_kmalloc_uaf+0xef/0x140 [ 14.155730] kunit_try_run_case+0x1a5/0x480 [ 14.155903] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.156362] kthread+0x337/0x6f0 [ 14.156658] ret_from_fork+0x116/0x1d0 [ 14.157003] ret_from_fork_asm+0x1a/0x30 [ 14.157348] [ 14.157511] The buggy address belongs to the object at ffff888102b92b00 [ 14.157511] which belongs to the cache kmalloc-128 of size 128 [ 14.158596] The buggy address is located 0 bytes inside of [ 14.158596] freed 128-byte region [ffff888102b92b00, ffff888102b92b80) [ 14.159770] [ 14.159848] The buggy address belongs to the physical page: [ 14.160020] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b92 [ 14.160256] flags: 0x200000000000000(node=0|zone=2) [ 14.160420] page_type: f5(slab) [ 14.160541] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.160794] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.161163] page dumped because: kasan: bad access detected [ 14.161408] [ 14.161480] Memory state around the buggy address: [ 14.161637] ffff888102b92a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.161971] ffff888102b92a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.162237] >ffff888102b92b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.162529] ^ [ 14.162683] ffff888102b92b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.162968] ffff888102b92c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.163177] ================================================================== [ 14.198729] ================================================================== [ 14.200290] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.200601] Read of size 1 at addr ffff88810266b240 by task kunit_try_catch/249 [ 14.201731] [ 14.202226] CPU: 1 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.202276] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.202288] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.202308] Call Trace: [ 14.202319] <TASK> [ 14.202335] dump_stack_lvl+0x73/0xb0 [ 14.202373] print_report+0xd1/0x650 [ 14.202395] ? __virt_addr_valid+0x1db/0x2d0 [ 14.202418] ? mempool_uaf_helper+0x392/0x400 [ 14.202440] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.202464] ? mempool_uaf_helper+0x392/0x400 [ 14.202486] kasan_report+0x141/0x180 [ 14.202508] ? mempool_uaf_helper+0x392/0x400 [ 14.202535] __asan_report_load1_noabort+0x18/0x20 [ 14.202560] mempool_uaf_helper+0x392/0x400 [ 14.202583] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.202613] mempool_slab_uaf+0xea/0x140 [ 14.202636] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 14.202693] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 14.202719] ? __pfx_mempool_free_slab+0x10/0x10 [ 14.202760] ? __pfx_read_tsc+0x10/0x10 [ 14.202782] ? ktime_get_ts64+0x86/0x230 [ 14.202806] kunit_try_run_case+0x1a5/0x480 [ 14.202833] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.202855] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.202879] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.202903] ? __kthread_parkme+0x82/0x180 [ 14.202924] ? preempt_count_sub+0x50/0x80 [ 14.202948] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.202972] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.202996] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.203022] kthread+0x337/0x6f0 [ 14.203041] ? trace_preempt_on+0x20/0xc0 [ 14.203064] ? __pfx_kthread+0x10/0x10 [ 14.203085] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.203107] ? calculate_sigpending+0x7b/0xa0 [ 14.203132] ? __pfx_kthread+0x10/0x10 [ 14.203153] ret_from_fork+0x116/0x1d0 [ 14.203172] ? __pfx_kthread+0x10/0x10 [ 14.203192] ret_from_fork_asm+0x1a/0x30 [ 14.203222] </TASK> [ 14.203232] [ 14.217797] Allocated by task 249: [ 14.217931] kasan_save_stack+0x45/0x70 [ 14.218454] kasan_save_track+0x18/0x40 [ 14.219018] kasan_save_alloc_info+0x3b/0x50 [ 14.219278] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 14.219510] remove_element+0x11e/0x190 [ 14.220014] mempool_alloc_preallocated+0x4d/0x90 [ 14.220247] mempool_uaf_helper+0x96/0x400 [ 14.220531] mempool_slab_uaf+0xea/0x140 [ 14.220834] kunit_try_run_case+0x1a5/0x480 [ 14.221187] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.221524] kthread+0x337/0x6f0 [ 14.221720] ret_from_fork+0x116/0x1d0 [ 14.221907] ret_from_fork_asm+0x1a/0x30 [ 14.222095] [ 14.222185] Freed by task 249: [ 14.222332] kasan_save_stack+0x45/0x70 [ 14.222528] kasan_save_track+0x18/0x40 [ 14.223273] kasan_save_free_info+0x3f/0x60 [ 14.223494] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.223892] mempool_free+0x2ec/0x380 [ 14.224242] mempool_uaf_helper+0x11a/0x400 [ 14.224454] mempool_slab_uaf+0xea/0x140 [ 14.224814] kunit_try_run_case+0x1a5/0x480 [ 14.225023] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.225269] kthread+0x337/0x6f0 [ 14.225445] ret_from_fork+0x116/0x1d0 [ 14.225622] ret_from_fork_asm+0x1a/0x30 [ 14.226224] [ 14.226322] The buggy address belongs to the object at ffff88810266b240 [ 14.226322] which belongs to the cache test_cache of size 123 [ 14.227319] The buggy address is located 0 bytes inside of [ 14.227319] freed 123-byte region [ffff88810266b240, ffff88810266b2bb) [ 14.227869] [ 14.228235] The buggy address belongs to the physical page: [ 14.228572] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10266b [ 14.229141] flags: 0x200000000000000(node=0|zone=2) [ 14.229446] page_type: f5(slab) [ 14.229578] raw: 0200000000000000 ffff888101020b40 dead000000000122 0000000000000000 [ 14.229993] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 14.230331] page dumped because: kasan: bad access detected [ 14.230584] [ 14.230671] Memory state around the buggy address: [ 14.231293] ffff88810266b100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.231928] ffff88810266b180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.232224] >ffff88810266b200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 14.232540] ^ [ 14.233085] ffff88810266b280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.233452] ffff88810266b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.233905] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 14.056500] ================================================================== [ 14.057071] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 14.057426] Read of size 1 at addr ffff888103b72001 by task kunit_try_catch/241 [ 14.058352] [ 14.058584] CPU: 1 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.058654] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.058817] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.058840] Call Trace: [ 14.058853] <TASK> [ 14.058869] dump_stack_lvl+0x73/0xb0 [ 14.058901] print_report+0xd1/0x650 [ 14.058923] ? __virt_addr_valid+0x1db/0x2d0 [ 14.058947] ? mempool_oob_right_helper+0x318/0x380 [ 14.058970] ? kasan_addr_to_slab+0x11/0xa0 [ 14.058991] ? mempool_oob_right_helper+0x318/0x380 [ 14.059015] kasan_report+0x141/0x180 [ 14.059037] ? mempool_oob_right_helper+0x318/0x380 [ 14.059065] __asan_report_load1_noabort+0x18/0x20 [ 14.059090] mempool_oob_right_helper+0x318/0x380 [ 14.059115] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 14.059141] ? __kasan_check_write+0x18/0x20 [ 14.059161] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.059184] ? finish_task_switch.isra.0+0x153/0x700 [ 14.059211] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 14.059237] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 14.059265] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.059290] ? __pfx_mempool_kfree+0x10/0x10 [ 14.059315] ? __pfx_read_tsc+0x10/0x10 [ 14.059336] ? ktime_get_ts64+0x86/0x230 [ 14.059360] kunit_try_run_case+0x1a5/0x480 [ 14.059384] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.059407] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.059431] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.059455] ? __kthread_parkme+0x82/0x180 [ 14.059476] ? preempt_count_sub+0x50/0x80 [ 14.059499] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.059523] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.059547] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.059573] kthread+0x337/0x6f0 [ 14.059591] ? trace_preempt_on+0x20/0xc0 [ 14.059615] ? __pfx_kthread+0x10/0x10 [ 14.059636] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.059716] ? calculate_sigpending+0x7b/0xa0 [ 14.059741] ? __pfx_kthread+0x10/0x10 [ 14.059773] ret_from_fork+0x116/0x1d0 [ 14.059792] ? __pfx_kthread+0x10/0x10 [ 14.059812] ret_from_fork_asm+0x1a/0x30 [ 14.059843] </TASK> [ 14.059854] [ 14.071970] The buggy address belongs to the physical page: [ 14.072595] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b70 [ 14.073086] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.073370] flags: 0x200000000000040(head|node=0|zone=2) [ 14.073607] page_type: f8(unknown) [ 14.073818] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.074487] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.074935] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.075405] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.075824] head: 0200000000000002 ffffea00040edc01 00000000ffffffff 00000000ffffffff [ 14.076143] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.076675] page dumped because: kasan: bad access detected [ 14.077082] [ 14.077292] Memory state around the buggy address: [ 14.077493] ffff888103b71f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.078009] ffff888103b71f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.078426] >ffff888103b72000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.078925] ^ [ 14.079100] ffff888103b72080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.079549] ffff888103b72100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.080105] ================================================================== [ 14.023233] ================================================================== [ 14.023890] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 14.024230] Read of size 1 at addr ffff888102655873 by task kunit_try_catch/239 [ 14.024447] [ 14.024591] CPU: 1 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.024640] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.024776] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.024804] Call Trace: [ 14.024818] <TASK> [ 14.024837] dump_stack_lvl+0x73/0xb0 [ 14.024872] print_report+0xd1/0x650 [ 14.024896] ? __virt_addr_valid+0x1db/0x2d0 [ 14.024922] ? mempool_oob_right_helper+0x318/0x380 [ 14.024946] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.024969] ? mempool_oob_right_helper+0x318/0x380 [ 14.024994] kasan_report+0x141/0x180 [ 14.025015] ? mempool_oob_right_helper+0x318/0x380 [ 14.025043] __asan_report_load1_noabort+0x18/0x20 [ 14.025068] mempool_oob_right_helper+0x318/0x380 [ 14.025094] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 14.025119] ? __kasan_check_write+0x18/0x20 [ 14.025139] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.025163] ? finish_task_switch.isra.0+0x153/0x700 [ 14.025190] mempool_kmalloc_oob_right+0xf2/0x150 [ 14.025213] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 14.025241] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.025267] ? __pfx_mempool_kfree+0x10/0x10 [ 14.025292] ? __pfx_read_tsc+0x10/0x10 [ 14.025314] ? ktime_get_ts64+0x86/0x230 [ 14.025339] kunit_try_run_case+0x1a5/0x480 [ 14.025366] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.025388] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.025414] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.025439] ? __kthread_parkme+0x82/0x180 [ 14.025460] ? preempt_count_sub+0x50/0x80 [ 14.025483] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.025508] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.025533] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.025558] kthread+0x337/0x6f0 [ 14.025578] ? trace_preempt_on+0x20/0xc0 [ 14.025602] ? __pfx_kthread+0x10/0x10 [ 14.025622] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.025687] ? calculate_sigpending+0x7b/0xa0 [ 14.025714] ? __pfx_kthread+0x10/0x10 [ 14.025735] ret_from_fork+0x116/0x1d0 [ 14.025765] ? __pfx_kthread+0x10/0x10 [ 14.025786] ret_from_fork_asm+0x1a/0x30 [ 14.025819] </TASK> [ 14.025830] [ 14.040187] Allocated by task 239: [ 14.040330] kasan_save_stack+0x45/0x70 [ 14.040479] kasan_save_track+0x18/0x40 [ 14.040617] kasan_save_alloc_info+0x3b/0x50 [ 14.041092] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.041555] remove_element+0x11e/0x190 [ 14.041989] mempool_alloc_preallocated+0x4d/0x90 [ 14.042678] mempool_oob_right_helper+0x8a/0x380 [ 14.043634] mempool_kmalloc_oob_right+0xf2/0x150 [ 14.044458] kunit_try_run_case+0x1a5/0x480 [ 14.044930] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.045197] kthread+0x337/0x6f0 [ 14.045723] ret_from_fork+0x116/0x1d0 [ 14.046078] ret_from_fork_asm+0x1a/0x30 [ 14.046226] [ 14.046298] The buggy address belongs to the object at ffff888102655800 [ 14.046298] which belongs to the cache kmalloc-128 of size 128 [ 14.046870] The buggy address is located 0 bytes to the right of [ 14.046870] allocated 115-byte region [ffff888102655800, ffff888102655873) [ 14.047827] [ 14.047958] The buggy address belongs to the physical page: [ 14.048197] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102655 [ 14.048532] flags: 0x200000000000000(node=0|zone=2) [ 14.048808] page_type: f5(slab) [ 14.048945] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.049345] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.049706] page dumped because: kasan: bad access detected [ 14.049995] [ 14.050086] Memory state around the buggy address: [ 14.050307] ffff888102655700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.050591] ffff888102655780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.050941] >ffff888102655800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.051333] ^ [ 14.051730] ffff888102655880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.052150] ffff888102655900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.052600] ================================================================== [ 14.084525] ================================================================== [ 14.085849] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 14.086449] Read of size 1 at addr ffff888103ace2bb by task kunit_try_catch/243 [ 14.087072] [ 14.087367] CPU: 0 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.087417] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.087429] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.087451] Call Trace: [ 14.087465] <TASK> [ 14.087482] dump_stack_lvl+0x73/0xb0 [ 14.087515] print_report+0xd1/0x650 [ 14.087539] ? __virt_addr_valid+0x1db/0x2d0 [ 14.087564] ? mempool_oob_right_helper+0x318/0x380 [ 14.087589] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.087612] ? mempool_oob_right_helper+0x318/0x380 [ 14.087636] kasan_report+0x141/0x180 [ 14.087808] ? mempool_oob_right_helper+0x318/0x380 [ 14.087839] __asan_report_load1_noabort+0x18/0x20 [ 14.087865] mempool_oob_right_helper+0x318/0x380 [ 14.087937] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 14.087967] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.087992] ? finish_task_switch.isra.0+0x153/0x700 [ 14.088019] mempool_slab_oob_right+0xed/0x140 [ 14.088044] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 14.088073] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 14.088100] ? __pfx_mempool_free_slab+0x10/0x10 [ 14.088126] ? __pfx_read_tsc+0x10/0x10 [ 14.088149] ? ktime_get_ts64+0x86/0x230 [ 14.088173] kunit_try_run_case+0x1a5/0x480 [ 14.088199] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.088222] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.088248] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.088271] ? __kthread_parkme+0x82/0x180 [ 14.088292] ? preempt_count_sub+0x50/0x80 [ 14.088316] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.088340] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.088365] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.088390] kthread+0x337/0x6f0 [ 14.088410] ? trace_preempt_on+0x20/0xc0 [ 14.088434] ? __pfx_kthread+0x10/0x10 [ 14.088454] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.088476] ? calculate_sigpending+0x7b/0xa0 [ 14.088501] ? __pfx_kthread+0x10/0x10 [ 14.088522] ret_from_fork+0x116/0x1d0 [ 14.088541] ? __pfx_kthread+0x10/0x10 [ 14.088561] ret_from_fork_asm+0x1a/0x30 [ 14.088593] </TASK> [ 14.088604] [ 14.106499] Allocated by task 243: [ 14.106645] kasan_save_stack+0x45/0x70 [ 14.107409] kasan_save_track+0x18/0x40 [ 14.108069] kasan_save_alloc_info+0x3b/0x50 [ 14.108592] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 14.109388] remove_element+0x11e/0x190 [ 14.109996] mempool_alloc_preallocated+0x4d/0x90 [ 14.110280] mempool_oob_right_helper+0x8a/0x380 [ 14.110567] mempool_slab_oob_right+0xed/0x140 [ 14.111255] kunit_try_run_case+0x1a5/0x480 [ 14.111467] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.111998] kthread+0x337/0x6f0 [ 14.112426] ret_from_fork+0x116/0x1d0 [ 14.112616] ret_from_fork_asm+0x1a/0x30 [ 14.113077] [ 14.113228] The buggy address belongs to the object at ffff888103ace240 [ 14.113228] which belongs to the cache test_cache of size 123 [ 14.114183] The buggy address is located 0 bytes to the right of [ 14.114183] allocated 123-byte region [ffff888103ace240, ffff888103ace2bb) [ 14.115071] [ 14.115194] The buggy address belongs to the physical page: [ 14.115410] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ace [ 14.116394] flags: 0x200000000000000(node=0|zone=2) [ 14.116604] page_type: f5(slab) [ 14.116797] raw: 0200000000000000 ffff888101342780 dead000000000122 0000000000000000 [ 14.117508] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 14.118050] page dumped because: kasan: bad access detected [ 14.118421] [ 14.118717] Memory state around the buggy address: [ 14.119164] ffff888103ace180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.119609] ffff888103ace200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 14.120019] >ffff888103ace280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 14.120342] ^ [ 14.120565] ffff888103ace300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.121393] ffff888103ace380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.121835] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 13.460086] ================================================================== [ 13.460553] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 13.460928] Read of size 1 at addr ffff888101020a00 by task kunit_try_catch/233 [ 13.461203] [ 13.461344] CPU: 1 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.461390] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.461401] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.461434] Call Trace: [ 13.461447] <TASK> [ 13.461466] dump_stack_lvl+0x73/0xb0 [ 13.461498] print_report+0xd1/0x650 [ 13.461531] ? __virt_addr_valid+0x1db/0x2d0 [ 13.461556] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.461581] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.461604] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.461629] kasan_report+0x141/0x180 [ 13.461683] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.461711] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.461737] __kasan_check_byte+0x3d/0x50 [ 13.461770] kmem_cache_destroy+0x25/0x1d0 [ 13.461794] kmem_cache_double_destroy+0x1bf/0x380 [ 13.461820] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 13.461845] ? finish_task_switch.isra.0+0x153/0x700 [ 13.461868] ? __switch_to+0x47/0xf50 [ 13.461896] ? __pfx_read_tsc+0x10/0x10 [ 13.461937] ? ktime_get_ts64+0x86/0x230 [ 13.461962] kunit_try_run_case+0x1a5/0x480 [ 13.461988] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.462011] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.462036] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.462060] ? __kthread_parkme+0x82/0x180 [ 13.462081] ? preempt_count_sub+0x50/0x80 [ 13.462124] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.462148] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.462172] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.462197] kthread+0x337/0x6f0 [ 13.462216] ? trace_preempt_on+0x20/0xc0 [ 13.462240] ? __pfx_kthread+0x10/0x10 [ 13.462260] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.462281] ? calculate_sigpending+0x7b/0xa0 [ 13.462306] ? __pfx_kthread+0x10/0x10 [ 13.462327] ret_from_fork+0x116/0x1d0 [ 13.462346] ? __pfx_kthread+0x10/0x10 [ 13.462370] ret_from_fork_asm+0x1a/0x30 [ 13.462401] </TASK> [ 13.462412] [ 13.471120] Allocated by task 233: [ 13.471330] kasan_save_stack+0x45/0x70 [ 13.471521] kasan_save_track+0x18/0x40 [ 13.471736] kasan_save_alloc_info+0x3b/0x50 [ 13.471981] __kasan_slab_alloc+0x91/0xa0 [ 13.472173] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.472433] __kmem_cache_create_args+0x169/0x240 [ 13.472733] kmem_cache_double_destroy+0xd5/0x380 [ 13.473050] kunit_try_run_case+0x1a5/0x480 [ 13.473255] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.473425] kthread+0x337/0x6f0 [ 13.473542] ret_from_fork+0x116/0x1d0 [ 13.473939] ret_from_fork_asm+0x1a/0x30 [ 13.474166] [ 13.474315] Freed by task 233: [ 13.474503] kasan_save_stack+0x45/0x70 [ 13.474776] kasan_save_track+0x18/0x40 [ 13.475039] kasan_save_free_info+0x3f/0x60 [ 13.475269] __kasan_slab_free+0x56/0x70 [ 13.475425] kmem_cache_free+0x249/0x420 [ 13.475608] slab_kmem_cache_release+0x2e/0x40 [ 13.475852] kmem_cache_release+0x16/0x20 [ 13.476050] kobject_put+0x181/0x450 [ 13.476236] sysfs_slab_release+0x16/0x20 [ 13.476496] kmem_cache_destroy+0xf0/0x1d0 [ 13.476635] kmem_cache_double_destroy+0x14e/0x380 [ 13.476976] kunit_try_run_case+0x1a5/0x480 [ 13.477385] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.477581] kthread+0x337/0x6f0 [ 13.477824] ret_from_fork+0x116/0x1d0 [ 13.478023] ret_from_fork_asm+0x1a/0x30 [ 13.478457] [ 13.478530] The buggy address belongs to the object at ffff888101020a00 [ 13.478530] which belongs to the cache kmem_cache of size 208 [ 13.479441] The buggy address is located 0 bytes inside of [ 13.479441] freed 208-byte region [ffff888101020a00, ffff888101020ad0) [ 13.479964] [ 13.480045] The buggy address belongs to the physical page: [ 13.480214] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101020 [ 13.480591] flags: 0x200000000000000(node=0|zone=2) [ 13.480975] page_type: f5(slab) [ 13.481094] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 13.481587] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 13.481874] page dumped because: kasan: bad access detected [ 13.482126] [ 13.482212] Memory state around the buggy address: [ 13.482408] ffff888101020900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.482618] ffff888101020980: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.482967] >ffff888101020a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.483517] ^ [ 13.483743] ffff888101020a80: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 13.484040] ffff888101020b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.484321] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 13.401964] ================================================================== [ 13.402447] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.402865] Read of size 1 at addr ffff888103ac6000 by task kunit_try_catch/231 [ 13.403121] [ 13.403240] CPU: 0 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.403286] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.403298] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.403319] Call Trace: [ 13.403331] <TASK> [ 13.403348] dump_stack_lvl+0x73/0xb0 [ 13.403498] print_report+0xd1/0x650 [ 13.403520] ? __virt_addr_valid+0x1db/0x2d0 [ 13.403544] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.403567] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.403590] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.403613] kasan_report+0x141/0x180 [ 13.403642] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.403669] __asan_report_load1_noabort+0x18/0x20 [ 13.403694] kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.403717] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 13.403739] ? finish_task_switch.isra.0+0x153/0x700 [ 13.403773] ? __switch_to+0x47/0xf50 [ 13.403801] ? __pfx_read_tsc+0x10/0x10 [ 13.403823] ? ktime_get_ts64+0x86/0x230 [ 13.403847] kunit_try_run_case+0x1a5/0x480 [ 13.403872] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.403895] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.403921] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.403944] ? __kthread_parkme+0x82/0x180 [ 13.403965] ? preempt_count_sub+0x50/0x80 [ 13.403988] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.404042] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.404077] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.404102] kthread+0x337/0x6f0 [ 13.404121] ? trace_preempt_on+0x20/0xc0 [ 13.404145] ? __pfx_kthread+0x10/0x10 [ 13.404165] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.404186] ? calculate_sigpending+0x7b/0xa0 [ 13.404210] ? __pfx_kthread+0x10/0x10 [ 13.404231] ret_from_fork+0x116/0x1d0 [ 13.404249] ? __pfx_kthread+0x10/0x10 [ 13.404269] ret_from_fork_asm+0x1a/0x30 [ 13.404300] </TASK> [ 13.404311] [ 13.412988] Allocated by task 231: [ 13.413164] kasan_save_stack+0x45/0x70 [ 13.413356] kasan_save_track+0x18/0x40 [ 13.413537] kasan_save_alloc_info+0x3b/0x50 [ 13.413806] __kasan_slab_alloc+0x91/0xa0 [ 13.413994] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.414205] kmem_cache_rcu_uaf+0x155/0x510 [ 13.414410] kunit_try_run_case+0x1a5/0x480 [ 13.414599] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.414890] kthread+0x337/0x6f0 [ 13.415047] ret_from_fork+0x116/0x1d0 [ 13.415217] ret_from_fork_asm+0x1a/0x30 [ 13.415396] [ 13.415481] Freed by task 0: [ 13.415617] kasan_save_stack+0x45/0x70 [ 13.416732] kasan_save_track+0x18/0x40 [ 13.416897] kasan_save_free_info+0x3f/0x60 [ 13.417044] __kasan_slab_free+0x56/0x70 [ 13.417182] slab_free_after_rcu_debug+0xe4/0x310 [ 13.417338] rcu_core+0x66f/0x1c40 [ 13.417733] rcu_core_si+0x12/0x20 [ 13.417919] handle_softirqs+0x209/0x730 [ 13.418102] __irq_exit_rcu+0xc9/0x110 [ 13.418275] irq_exit_rcu+0x12/0x20 [ 13.418445] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.418706] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.418942] [ 13.419029] Last potentially related work creation: [ 13.419231] kasan_save_stack+0x45/0x70 [ 13.419404] kasan_record_aux_stack+0xb2/0xc0 [ 13.419593] kmem_cache_free+0x131/0x420 [ 13.419897] kmem_cache_rcu_uaf+0x194/0x510 [ 13.420093] kunit_try_run_case+0x1a5/0x480 [ 13.420280] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.420510] kthread+0x337/0x6f0 [ 13.420847] ret_from_fork+0x116/0x1d0 [ 13.421035] ret_from_fork_asm+0x1a/0x30 [ 13.421225] [ 13.421319] The buggy address belongs to the object at ffff888103ac6000 [ 13.421319] which belongs to the cache test_cache of size 200 [ 13.421899] The buggy address is located 0 bytes inside of [ 13.421899] freed 200-byte region [ffff888103ac6000, ffff888103ac60c8) [ 13.422374] [ 13.422464] The buggy address belongs to the physical page: [ 13.422754] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ac6 [ 13.423089] flags: 0x200000000000000(node=0|zone=2) [ 13.423313] page_type: f5(slab) [ 13.423471] raw: 0200000000000000 ffff8881013423c0 dead000000000122 0000000000000000 [ 13.423885] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.424202] page dumped because: kasan: bad access detected [ 13.424428] [ 13.424512] Memory state around the buggy address: [ 13.424922] ffff888103ac5f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.425220] ffff888103ac5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.425510] >ffff888103ac6000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.425924] ^ [ 13.426075] ffff888103ac6080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 13.426368] ffff888103ac6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.426684] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 13.343957] ================================================================== [ 13.344484] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 13.344795] Free of addr ffff888102667001 by task kunit_try_catch/229 [ 13.345166] [ 13.345263] CPU: 1 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.345306] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.345316] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.345336] Call Trace: [ 13.345349] <TASK> [ 13.345366] dump_stack_lvl+0x73/0xb0 [ 13.345396] print_report+0xd1/0x650 [ 13.345418] ? __virt_addr_valid+0x1db/0x2d0 [ 13.345443] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.345465] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.345491] kasan_report_invalid_free+0x10a/0x130 [ 13.345515] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.345541] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.345567] check_slab_allocation+0x11f/0x130 [ 13.345589] __kasan_slab_pre_free+0x28/0x40 [ 13.345609] kmem_cache_free+0xed/0x420 [ 13.345629] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.345659] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.345687] kmem_cache_invalid_free+0x1d8/0x460 [ 13.345711] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 13.345736] ? finish_task_switch.isra.0+0x153/0x700 [ 13.345771] ? __switch_to+0x47/0xf50 [ 13.345800] ? __pfx_read_tsc+0x10/0x10 [ 13.345821] ? ktime_get_ts64+0x86/0x230 [ 13.345844] kunit_try_run_case+0x1a5/0x480 [ 13.345869] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.345892] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.345916] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.345940] ? __kthread_parkme+0x82/0x180 [ 13.345960] ? preempt_count_sub+0x50/0x80 [ 13.345982] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.346006] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.346030] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.346055] kthread+0x337/0x6f0 [ 13.346073] ? trace_preempt_on+0x20/0xc0 [ 13.346097] ? __pfx_kthread+0x10/0x10 [ 13.346117] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.346139] ? calculate_sigpending+0x7b/0xa0 [ 13.346162] ? __pfx_kthread+0x10/0x10 [ 13.346183] ret_from_fork+0x116/0x1d0 [ 13.346202] ? __pfx_kthread+0x10/0x10 [ 13.346222] ret_from_fork_asm+0x1a/0x30 [ 13.346252] </TASK> [ 13.346262] [ 13.357938] Allocated by task 229: [ 13.358110] kasan_save_stack+0x45/0x70 [ 13.358309] kasan_save_track+0x18/0x40 [ 13.358463] kasan_save_alloc_info+0x3b/0x50 [ 13.358667] __kasan_slab_alloc+0x91/0xa0 [ 13.358818] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.359133] kmem_cache_invalid_free+0x157/0x460 [ 13.359343] kunit_try_run_case+0x1a5/0x480 [ 13.359489] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.359711] kthread+0x337/0x6f0 [ 13.359897] ret_from_fork+0x116/0x1d0 [ 13.360085] ret_from_fork_asm+0x1a/0x30 [ 13.360273] [ 13.360358] The buggy address belongs to the object at ffff888102667000 [ 13.360358] which belongs to the cache test_cache of size 200 [ 13.360739] The buggy address is located 1 bytes inside of [ 13.360739] 200-byte region [ffff888102667000, ffff8881026670c8) [ 13.361368] [ 13.361465] The buggy address belongs to the physical page: [ 13.361665] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102667 [ 13.361914] flags: 0x200000000000000(node=0|zone=2) [ 13.362304] page_type: f5(slab) [ 13.362478] raw: 0200000000000000 ffff8881010208c0 dead000000000122 0000000000000000 [ 13.362854] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.363180] page dumped because: kasan: bad access detected [ 13.363350] [ 13.363419] Memory state around the buggy address: [ 13.363571] ffff888102666f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.364211] ffff888102666f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.364510] >ffff888102667000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.364794] ^ [ 13.365025] ffff888102667080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 13.365246] ffff888102667100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.365555] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 13.302607] ================================================================== [ 13.303463] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 13.303918] Free of addr ffff888102665000 by task kunit_try_catch/227 [ 13.304204] [ 13.304359] CPU: 1 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.304404] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.304415] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.304435] Call Trace: [ 13.304447] <TASK> [ 13.304464] dump_stack_lvl+0x73/0xb0 [ 13.304495] print_report+0xd1/0x650 [ 13.304517] ? __virt_addr_valid+0x1db/0x2d0 [ 13.304542] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.304565] ? kmem_cache_double_free+0x1e5/0x480 [ 13.304591] kasan_report_invalid_free+0x10a/0x130 [ 13.304615] ? kmem_cache_double_free+0x1e5/0x480 [ 13.304642] ? kmem_cache_double_free+0x1e5/0x480 [ 13.304774] check_slab_allocation+0x101/0x130 [ 13.304798] __kasan_slab_pre_free+0x28/0x40 [ 13.304819] kmem_cache_free+0xed/0x420 [ 13.304839] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.304860] ? kmem_cache_double_free+0x1e5/0x480 [ 13.304888] kmem_cache_double_free+0x1e5/0x480 [ 13.304912] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 13.304959] ? finish_task_switch.isra.0+0x153/0x700 [ 13.304984] ? __switch_to+0x47/0xf50 [ 13.305013] ? __pfx_read_tsc+0x10/0x10 [ 13.305034] ? ktime_get_ts64+0x86/0x230 [ 13.305059] kunit_try_run_case+0x1a5/0x480 [ 13.305084] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.305106] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.305130] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.305154] ? __kthread_parkme+0x82/0x180 [ 13.305174] ? preempt_count_sub+0x50/0x80 [ 13.305197] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.305221] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.305245] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.305269] kthread+0x337/0x6f0 [ 13.305288] ? trace_preempt_on+0x20/0xc0 [ 13.305311] ? __pfx_kthread+0x10/0x10 [ 13.305331] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.305352] ? calculate_sigpending+0x7b/0xa0 [ 13.305377] ? __pfx_kthread+0x10/0x10 [ 13.305398] ret_from_fork+0x116/0x1d0 [ 13.305416] ? __pfx_kthread+0x10/0x10 [ 13.305436] ret_from_fork_asm+0x1a/0x30 [ 13.305467] </TASK> [ 13.305477] [ 13.315331] Allocated by task 227: [ 13.315515] kasan_save_stack+0x45/0x70 [ 13.315861] kasan_save_track+0x18/0x40 [ 13.316052] kasan_save_alloc_info+0x3b/0x50 [ 13.316250] __kasan_slab_alloc+0x91/0xa0 [ 13.316435] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.316635] kmem_cache_double_free+0x14f/0x480 [ 13.317334] kunit_try_run_case+0x1a5/0x480 [ 13.317543] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.317911] kthread+0x337/0x6f0 [ 13.318075] ret_from_fork+0x116/0x1d0 [ 13.318244] ret_from_fork_asm+0x1a/0x30 [ 13.318433] [ 13.318521] Freed by task 227: [ 13.318717] kasan_save_stack+0x45/0x70 [ 13.318904] kasan_save_track+0x18/0x40 [ 13.319074] kasan_save_free_info+0x3f/0x60 [ 13.319255] __kasan_slab_free+0x56/0x70 [ 13.319426] kmem_cache_free+0x249/0x420 [ 13.319598] kmem_cache_double_free+0x16a/0x480 [ 13.320656] kunit_try_run_case+0x1a5/0x480 [ 13.320841] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.321270] kthread+0x337/0x6f0 [ 13.321411] ret_from_fork+0x116/0x1d0 [ 13.321583] ret_from_fork_asm+0x1a/0x30 [ 13.321959] [ 13.322058] The buggy address belongs to the object at ffff888102665000 [ 13.322058] which belongs to the cache test_cache of size 200 [ 13.322556] The buggy address is located 0 bytes inside of [ 13.322556] 200-byte region [ffff888102665000, ffff8881026650c8) [ 13.323247] [ 13.323344] The buggy address belongs to the physical page: [ 13.323573] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102665 [ 13.324311] flags: 0x200000000000000(node=0|zone=2) [ 13.324540] page_type: f5(slab) [ 13.324829] raw: 0200000000000000 ffff888101020780 dead000000000122 0000000000000000 [ 13.325117] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.325453] page dumped because: kasan: bad access detected [ 13.325723] [ 13.325839] Memory state around the buggy address: [ 13.326014] ffff888102664f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.326327] ffff888102664f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.326610] >ffff888102665000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.326876] ^ [ 13.326992] ffff888102665080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 13.327214] ffff888102665100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.327634] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 13.257833] ================================================================== [ 13.258273] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 13.258553] Read of size 1 at addr ffff888103ac30c8 by task kunit_try_catch/225 [ 13.258923] [ 13.259055] CPU: 0 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.259145] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.259156] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.259176] Call Trace: [ 13.259188] <TASK> [ 13.259204] dump_stack_lvl+0x73/0xb0 [ 13.259232] print_report+0xd1/0x650 [ 13.259254] ? __virt_addr_valid+0x1db/0x2d0 [ 13.259278] ? kmem_cache_oob+0x402/0x530 [ 13.259300] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.259323] ? kmem_cache_oob+0x402/0x530 [ 13.259345] kasan_report+0x141/0x180 [ 13.259366] ? kmem_cache_oob+0x402/0x530 [ 13.259393] __asan_report_load1_noabort+0x18/0x20 [ 13.259418] kmem_cache_oob+0x402/0x530 [ 13.259452] ? __pfx_kmem_cache_oob+0x10/0x10 [ 13.259474] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.259503] ? __pfx_kmem_cache_oob+0x10/0x10 [ 13.259530] kunit_try_run_case+0x1a5/0x480 [ 13.259554] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.259577] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.259600] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.259624] ? __kthread_parkme+0x82/0x180 [ 13.259656] ? preempt_count_sub+0x50/0x80 [ 13.259681] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.259705] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.259729] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.259765] kthread+0x337/0x6f0 [ 13.259784] ? trace_preempt_on+0x20/0xc0 [ 13.259808] ? __pfx_kthread+0x10/0x10 [ 13.259829] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.259850] ? calculate_sigpending+0x7b/0xa0 [ 13.259873] ? __pfx_kthread+0x10/0x10 [ 13.259894] ret_from_fork+0x116/0x1d0 [ 13.259913] ? __pfx_kthread+0x10/0x10 [ 13.259933] ret_from_fork_asm+0x1a/0x30 [ 13.259963] </TASK> [ 13.259974] [ 13.274206] Allocated by task 225: [ 13.274393] kasan_save_stack+0x45/0x70 [ 13.274539] kasan_save_track+0x18/0x40 [ 13.274742] kasan_save_alloc_info+0x3b/0x50 [ 13.275156] __kasan_slab_alloc+0x91/0xa0 [ 13.275536] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.276103] kmem_cache_oob+0x157/0x530 [ 13.276460] kunit_try_run_case+0x1a5/0x480 [ 13.276888] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.277085] kthread+0x337/0x6f0 [ 13.277203] ret_from_fork+0x116/0x1d0 [ 13.277333] ret_from_fork_asm+0x1a/0x30 [ 13.277467] [ 13.277535] The buggy address belongs to the object at ffff888103ac3000 [ 13.277535] which belongs to the cache test_cache of size 200 [ 13.278460] The buggy address is located 0 bytes to the right of [ 13.278460] allocated 200-byte region [ffff888103ac3000, ffff888103ac30c8) [ 13.279843] [ 13.280006] The buggy address belongs to the physical page: [ 13.280473] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ac3 [ 13.281242] flags: 0x200000000000000(node=0|zone=2) [ 13.281575] page_type: f5(slab) [ 13.281941] raw: 0200000000000000 ffff888101342280 dead000000000122 0000000000000000 [ 13.282533] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.283069] page dumped because: kasan: bad access detected [ 13.283558] [ 13.283727] Memory state around the buggy address: [ 13.284226] ffff888103ac2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.284958] ffff888103ac3000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.285176] >ffff888103ac3080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 13.285381] ^ [ 13.285545] ffff888103ac3100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.285778] ffff888103ac3180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.286198] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 13.217696] ================================================================== [ 13.218270] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 13.218670] Read of size 8 at addr ffff888103abf200 by task kunit_try_catch/218 [ 13.219116] [ 13.219305] CPU: 0 UID: 0 PID: 218 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.219411] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.219423] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.219442] Call Trace: [ 13.219455] <TASK> [ 13.219470] dump_stack_lvl+0x73/0xb0 [ 13.219602] print_report+0xd1/0x650 [ 13.219629] ? __virt_addr_valid+0x1db/0x2d0 [ 13.219664] ? workqueue_uaf+0x4d6/0x560 [ 13.219685] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.219707] ? workqueue_uaf+0x4d6/0x560 [ 13.219728] kasan_report+0x141/0x180 [ 13.219762] ? workqueue_uaf+0x4d6/0x560 [ 13.219788] __asan_report_load8_noabort+0x18/0x20 [ 13.219812] workqueue_uaf+0x4d6/0x560 [ 13.219834] ? __pfx_workqueue_uaf+0x10/0x10 [ 13.219856] ? __schedule+0x10cc/0x2b60 [ 13.219877] ? __pfx_read_tsc+0x10/0x10 [ 13.219897] ? ktime_get_ts64+0x86/0x230 [ 13.219921] kunit_try_run_case+0x1a5/0x480 [ 13.219945] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.219968] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.219991] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.220015] ? __kthread_parkme+0x82/0x180 [ 13.220035] ? preempt_count_sub+0x50/0x80 [ 13.220058] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.220083] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.220107] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.220133] kthread+0x337/0x6f0 [ 13.220152] ? trace_preempt_on+0x20/0xc0 [ 13.220176] ? __pfx_kthread+0x10/0x10 [ 13.220196] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.220217] ? calculate_sigpending+0x7b/0xa0 [ 13.220241] ? __pfx_kthread+0x10/0x10 [ 13.220262] ret_from_fork+0x116/0x1d0 [ 13.220280] ? __pfx_kthread+0x10/0x10 [ 13.220300] ret_from_fork_asm+0x1a/0x30 [ 13.220331] </TASK> [ 13.220341] [ 13.229964] Allocated by task 218: [ 13.230137] kasan_save_stack+0x45/0x70 [ 13.230334] kasan_save_track+0x18/0x40 [ 13.230520] kasan_save_alloc_info+0x3b/0x50 [ 13.230935] __kasan_kmalloc+0xb7/0xc0 [ 13.231179] __kmalloc_cache_noprof+0x189/0x420 [ 13.231354] workqueue_uaf+0x152/0x560 [ 13.231667] kunit_try_run_case+0x1a5/0x480 [ 13.231977] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.232328] kthread+0x337/0x6f0 [ 13.232498] ret_from_fork+0x116/0x1d0 [ 13.232795] ret_from_fork_asm+0x1a/0x30 [ 13.232983] [ 13.233083] Freed by task 9: [ 13.233228] kasan_save_stack+0x45/0x70 [ 13.233411] kasan_save_track+0x18/0x40 [ 13.233579] kasan_save_free_info+0x3f/0x60 [ 13.233803] __kasan_slab_free+0x56/0x70 [ 13.234403] kfree+0x222/0x3f0 [ 13.234530] workqueue_uaf_work+0x12/0x20 [ 13.234840] process_one_work+0x5ee/0xf60 [ 13.235287] worker_thread+0x758/0x1220 [ 13.235482] kthread+0x337/0x6f0 [ 13.235758] ret_from_fork+0x116/0x1d0 [ 13.236160] ret_from_fork_asm+0x1a/0x30 [ 13.236423] [ 13.236514] Last potentially related work creation: [ 13.236696] kasan_save_stack+0x45/0x70 [ 13.237148] kasan_record_aux_stack+0xb2/0xc0 [ 13.237320] __queue_work+0x626/0xeb0 [ 13.237512] queue_work_on+0xb6/0xc0 [ 13.237680] workqueue_uaf+0x26d/0x560 [ 13.238123] kunit_try_run_case+0x1a5/0x480 [ 13.238312] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.238657] kthread+0x337/0x6f0 [ 13.238997] ret_from_fork+0x116/0x1d0 [ 13.239156] ret_from_fork_asm+0x1a/0x30 [ 13.239361] [ 13.239436] The buggy address belongs to the object at ffff888103abf200 [ 13.239436] which belongs to the cache kmalloc-32 of size 32 [ 13.240253] The buggy address is located 0 bytes inside of [ 13.240253] freed 32-byte region [ffff888103abf200, ffff888103abf220) [ 13.240915] [ 13.241024] The buggy address belongs to the physical page: [ 13.241248] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103abf [ 13.241728] flags: 0x200000000000000(node=0|zone=2) [ 13.242076] page_type: f5(slab) [ 13.242256] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.242893] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.243326] page dumped because: kasan: bad access detected [ 13.243706] [ 13.243831] Memory state around the buggy address: [ 13.244145] ffff888103abf100: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.244403] ffff888103abf180: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.244928] >ffff888103abf200: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 13.245235] ^ [ 13.245377] ffff888103abf280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.245814] ffff888103abf300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.246294] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 13.178777] ================================================================== [ 13.179374] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 13.179598] Read of size 4 at addr ffff888103abf140 by task swapper/0/0 [ 13.179852] [ 13.180081] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.180125] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.180136] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.180156] Call Trace: [ 13.180185] <IRQ> [ 13.180200] dump_stack_lvl+0x73/0xb0 [ 13.180230] print_report+0xd1/0x650 [ 13.180253] ? __virt_addr_valid+0x1db/0x2d0 [ 13.180276] ? rcu_uaf_reclaim+0x50/0x60 [ 13.180297] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.180321] ? rcu_uaf_reclaim+0x50/0x60 [ 13.180341] kasan_report+0x141/0x180 [ 13.180363] ? rcu_uaf_reclaim+0x50/0x60 [ 13.180388] __asan_report_load4_noabort+0x18/0x20 [ 13.180413] rcu_uaf_reclaim+0x50/0x60 [ 13.180434] rcu_core+0x66f/0x1c40 [ 13.180462] ? __pfx_rcu_core+0x10/0x10 [ 13.180483] ? ktime_get+0x6b/0x150 [ 13.180504] ? handle_softirqs+0x18e/0x730 [ 13.180529] rcu_core_si+0x12/0x20 [ 13.180548] handle_softirqs+0x209/0x730 [ 13.180568] ? hrtimer_interrupt+0x2fe/0x780 [ 13.180618] ? __pfx_handle_softirqs+0x10/0x10 [ 13.180644] __irq_exit_rcu+0xc9/0x110 [ 13.180664] irq_exit_rcu+0x12/0x20 [ 13.180683] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.180709] </IRQ> [ 13.180734] <TASK> [ 13.180756] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.180848] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 13.181086] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d e3 71 21 00 fb f4 <c3> cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 13.181167] RSP: 0000:ffffffff88607dd8 EFLAGS: 00010202 [ 13.181258] RAX: ffff8881d1672000 RBX: ffffffff8861cac0 RCX: ffffffff87475105 [ 13.181303] RDX: ffffed102b60618b RSI: 0000000000000004 RDI: 0000000000005ed4 [ 13.181344] RBP: ffffffff88607de0 R08: 0000000000000001 R09: ffffed102b60618a [ 13.181384] R10: ffff88815b030c53 R11: 000000000001a800 R12: 0000000000000000 [ 13.181426] R13: fffffbfff10c3958 R14: ffffffff891b1490 R15: 0000000000000000 [ 13.181481] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 13.181536] ? default_idle+0xd/0x20 [ 13.181558] arch_cpu_idle+0xd/0x20 [ 13.181579] default_idle_call+0x48/0x80 [ 13.181599] do_idle+0x379/0x4f0 [ 13.181625] ? __pfx_do_idle+0x10/0x10 [ 13.181656] ? trace_preempt_on+0x20/0xc0 [ 13.181680] ? schedule+0x86/0x2e0 [ 13.181699] ? preempt_count_sub+0x50/0x80 [ 13.181723] cpu_startup_entry+0x5c/0x70 [ 13.181742] rest_init+0x11a/0x140 [ 13.181769] ? acpi_subsystem_init+0x5d/0x150 [ 13.181794] start_kernel+0x330/0x410 [ 13.181819] x86_64_start_reservations+0x1c/0x30 [ 13.181845] x86_64_start_kernel+0x10d/0x120 [ 13.181869] common_startup_64+0x13e/0x148 [ 13.181900] </TASK> [ 13.181911] [ 13.197741] Allocated by task 216: [ 13.198006] kasan_save_stack+0x45/0x70 [ 13.198327] kasan_save_track+0x18/0x40 [ 13.198500] kasan_save_alloc_info+0x3b/0x50 [ 13.198721] __kasan_kmalloc+0xb7/0xc0 [ 13.199094] __kmalloc_cache_noprof+0x189/0x420 [ 13.199372] rcu_uaf+0xb0/0x330 [ 13.199503] kunit_try_run_case+0x1a5/0x480 [ 13.199882] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.200201] kthread+0x337/0x6f0 [ 13.200335] ret_from_fork+0x116/0x1d0 [ 13.200531] ret_from_fork_asm+0x1a/0x30 [ 13.200860] [ 13.200948] Freed by task 0: [ 13.201075] kasan_save_stack+0x45/0x70 [ 13.201267] kasan_save_track+0x18/0x40 [ 13.201443] kasan_save_free_info+0x3f/0x60 [ 13.201639] __kasan_slab_free+0x56/0x70 [ 13.202159] kfree+0x222/0x3f0 [ 13.202281] rcu_uaf_reclaim+0x1f/0x60 [ 13.202550] rcu_core+0x66f/0x1c40 [ 13.202869] rcu_core_si+0x12/0x20 [ 13.203006] handle_softirqs+0x209/0x730 [ 13.203304] __irq_exit_rcu+0xc9/0x110 [ 13.203555] irq_exit_rcu+0x12/0x20 [ 13.203806] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.204040] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.204264] [ 13.204370] Last potentially related work creation: [ 13.204598] kasan_save_stack+0x45/0x70 [ 13.205053] kasan_record_aux_stack+0xb2/0xc0 [ 13.205242] __call_rcu_common.constprop.0+0x7b/0x9e0 [ 13.205479] call_rcu+0x12/0x20 [ 13.205822] rcu_uaf+0x168/0x330 [ 13.205997] kunit_try_run_case+0x1a5/0x480 [ 13.206292] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.206584] kthread+0x337/0x6f0 [ 13.206784] ret_from_fork+0x116/0x1d0 [ 13.207070] ret_from_fork_asm+0x1a/0x30 [ 13.207275] [ 13.207384] The buggy address belongs to the object at ffff888103abf140 [ 13.207384] which belongs to the cache kmalloc-32 of size 32 [ 13.208102] The buggy address is located 0 bytes inside of [ 13.208102] freed 32-byte region [ffff888103abf140, ffff888103abf160) [ 13.208602] [ 13.208702] The buggy address belongs to the physical page: [ 13.209131] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103abf [ 13.209509] flags: 0x200000000000000(node=0|zone=2) [ 13.209729] page_type: f5(slab) [ 13.209995] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.210432] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.210840] page dumped because: kasan: bad access detected [ 13.211078] [ 13.211168] Memory state around the buggy address: [ 13.211362] ffff888103abf000: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 13.211643] ffff888103abf080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.212249] >ffff888103abf100: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.212546] ^ [ 13.212939] ffff888103abf180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.213200] ffff888103abf200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.213584] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 13.138286] ================================================================== [ 13.139071] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 13.139291] Read of size 1 at addr ffff888102655578 by task kunit_try_catch/214 [ 13.139513] [ 13.139601] CPU: 1 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.139642] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.139653] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.139672] Call Trace: [ 13.139685] <TASK> [ 13.139700] dump_stack_lvl+0x73/0xb0 [ 13.139728] print_report+0xd1/0x650 [ 13.139764] ? __virt_addr_valid+0x1db/0x2d0 [ 13.139787] ? ksize_uaf+0x5e4/0x6c0 [ 13.139807] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.139830] ? ksize_uaf+0x5e4/0x6c0 [ 13.139851] kasan_report+0x141/0x180 [ 13.139872] ? ksize_uaf+0x5e4/0x6c0 [ 13.139897] __asan_report_load1_noabort+0x18/0x20 [ 13.139921] ksize_uaf+0x5e4/0x6c0 [ 13.139941] ? __pfx_ksize_uaf+0x10/0x10 [ 13.139962] ? __schedule+0x10cc/0x2b60 [ 13.140200] ? __pfx_read_tsc+0x10/0x10 [ 13.140225] ? ktime_get_ts64+0x86/0x230 [ 13.140250] kunit_try_run_case+0x1a5/0x480 [ 13.140273] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.140296] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.140320] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.140344] ? __kthread_parkme+0x82/0x180 [ 13.140364] ? preempt_count_sub+0x50/0x80 [ 13.140387] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.140411] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.140435] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.140460] kthread+0x337/0x6f0 [ 13.140479] ? trace_preempt_on+0x20/0xc0 [ 13.140502] ? __pfx_kthread+0x10/0x10 [ 13.140522] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.140543] ? calculate_sigpending+0x7b/0xa0 [ 13.140567] ? __pfx_kthread+0x10/0x10 [ 13.140588] ret_from_fork+0x116/0x1d0 [ 13.140605] ? __pfx_kthread+0x10/0x10 [ 13.140626] ret_from_fork_asm+0x1a/0x30 [ 13.140765] </TASK> [ 13.140777] [ 13.150628] Allocated by task 214: [ 13.151252] kasan_save_stack+0x45/0x70 [ 13.151461] kasan_save_track+0x18/0x40 [ 13.151638] kasan_save_alloc_info+0x3b/0x50 [ 13.152085] __kasan_kmalloc+0xb7/0xc0 [ 13.152270] __kmalloc_cache_noprof+0x189/0x420 [ 13.152478] ksize_uaf+0xaa/0x6c0 [ 13.152638] kunit_try_run_case+0x1a5/0x480 [ 13.153160] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.153485] kthread+0x337/0x6f0 [ 13.153634] ret_from_fork+0x116/0x1d0 [ 13.154090] ret_from_fork_asm+0x1a/0x30 [ 13.154236] [ 13.154334] Freed by task 214: [ 13.154495] kasan_save_stack+0x45/0x70 [ 13.154661] kasan_save_track+0x18/0x40 [ 13.155336] kasan_save_free_info+0x3f/0x60 [ 13.155547] __kasan_slab_free+0x56/0x70 [ 13.155933] kfree+0x222/0x3f0 [ 13.156107] ksize_uaf+0x12c/0x6c0 [ 13.156255] kunit_try_run_case+0x1a5/0x480 [ 13.156469] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.156972] kthread+0x337/0x6f0 [ 13.157233] ret_from_fork+0x116/0x1d0 [ 13.157419] ret_from_fork_asm+0x1a/0x30 [ 13.157859] [ 13.157946] The buggy address belongs to the object at ffff888102655500 [ 13.157946] which belongs to the cache kmalloc-128 of size 128 [ 13.158578] The buggy address is located 120 bytes inside of [ 13.158578] freed 128-byte region [ffff888102655500, ffff888102655580) [ 13.159296] [ 13.159394] The buggy address belongs to the physical page: [ 13.159636] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102655 [ 13.159978] flags: 0x200000000000000(node=0|zone=2) [ 13.160208] page_type: f5(slab) [ 13.160357] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.160650] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.161600] page dumped because: kasan: bad access detected [ 13.162075] [ 13.162153] Memory state around the buggy address: [ 13.162468] ffff888102655400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.163019] ffff888102655480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.163420] >ffff888102655500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.163895] ^ [ 13.164183] ffff888102655580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.164473] ffff888102655600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.165148] ================================================================== [ 13.107001] ================================================================== [ 13.107556] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 13.107965] Read of size 1 at addr ffff888102655500 by task kunit_try_catch/214 [ 13.108292] [ 13.108383] CPU: 1 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.108427] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.108438] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.108459] Call Trace: [ 13.108472] <TASK> [ 13.108489] dump_stack_lvl+0x73/0xb0 [ 13.108519] print_report+0xd1/0x650 [ 13.108542] ? __virt_addr_valid+0x1db/0x2d0 [ 13.108566] ? ksize_uaf+0x5fe/0x6c0 [ 13.108585] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.108608] ? ksize_uaf+0x5fe/0x6c0 [ 13.108628] kasan_report+0x141/0x180 [ 13.108649] ? ksize_uaf+0x5fe/0x6c0 [ 13.109092] __asan_report_load1_noabort+0x18/0x20 [ 13.109120] ksize_uaf+0x5fe/0x6c0 [ 13.109140] ? __pfx_ksize_uaf+0x10/0x10 [ 13.109162] ? __schedule+0x10cc/0x2b60 [ 13.109184] ? __pfx_read_tsc+0x10/0x10 [ 13.109205] ? ktime_get_ts64+0x86/0x230 [ 13.109230] kunit_try_run_case+0x1a5/0x480 [ 13.109255] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.109277] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.109301] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.109325] ? __kthread_parkme+0x82/0x180 [ 13.109345] ? preempt_count_sub+0x50/0x80 [ 13.109370] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.109394] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.109418] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.109443] kthread+0x337/0x6f0 [ 13.109461] ? trace_preempt_on+0x20/0xc0 [ 13.109485] ? __pfx_kthread+0x10/0x10 [ 13.109505] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.109526] ? calculate_sigpending+0x7b/0xa0 [ 13.109550] ? __pfx_kthread+0x10/0x10 [ 13.109571] ret_from_fork+0x116/0x1d0 [ 13.109589] ? __pfx_kthread+0x10/0x10 [ 13.109609] ret_from_fork_asm+0x1a/0x30 [ 13.109640] </TASK> [ 13.109650] [ 13.119109] Allocated by task 214: [ 13.119270] kasan_save_stack+0x45/0x70 [ 13.119470] kasan_save_track+0x18/0x40 [ 13.119901] kasan_save_alloc_info+0x3b/0x50 [ 13.120116] __kasan_kmalloc+0xb7/0xc0 [ 13.120275] __kmalloc_cache_noprof+0x189/0x420 [ 13.120625] ksize_uaf+0xaa/0x6c0 [ 13.121078] kunit_try_run_case+0x1a5/0x480 [ 13.121388] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.121623] kthread+0x337/0x6f0 [ 13.121966] ret_from_fork+0x116/0x1d0 [ 13.122270] ret_from_fork_asm+0x1a/0x30 [ 13.122473] [ 13.122557] Freed by task 214: [ 13.123011] kasan_save_stack+0x45/0x70 [ 13.123160] kasan_save_track+0x18/0x40 [ 13.123296] kasan_save_free_info+0x3f/0x60 [ 13.123452] __kasan_slab_free+0x56/0x70 [ 13.123900] kfree+0x222/0x3f0 [ 13.124027] ksize_uaf+0x12c/0x6c0 [ 13.124171] kunit_try_run_case+0x1a5/0x480 [ 13.124823] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.125457] kthread+0x337/0x6f0 [ 13.125883] ret_from_fork+0x116/0x1d0 [ 13.126384] ret_from_fork_asm+0x1a/0x30 [ 13.126917] [ 13.127133] The buggy address belongs to the object at ffff888102655500 [ 13.127133] which belongs to the cache kmalloc-128 of size 128 [ 13.127971] The buggy address is located 0 bytes inside of [ 13.127971] freed 128-byte region [ffff888102655500, ffff888102655580) [ 13.129226] [ 13.129307] The buggy address belongs to the physical page: [ 13.129482] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102655 [ 13.129821] flags: 0x200000000000000(node=0|zone=2) [ 13.130549] page_type: f5(slab) [ 13.130896] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.131742] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.132512] page dumped because: kasan: bad access detected [ 13.133298] [ 13.133393] Memory state around the buggy address: [ 13.133551] ffff888102655400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.134111] ffff888102655480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.135046] >ffff888102655500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.135795] ^ [ 13.136284] ffff888102655580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.136545] ffff888102655600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.137327] ================================================================== [ 13.079008] ================================================================== [ 13.079862] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 13.080167] Read of size 1 at addr ffff888102655500 by task kunit_try_catch/214 [ 13.080558] [ 13.080655] CPU: 1 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.081168] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.081182] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.081203] Call Trace: [ 13.081215] <TASK> [ 13.081232] dump_stack_lvl+0x73/0xb0 [ 13.081265] print_report+0xd1/0x650 [ 13.081288] ? __virt_addr_valid+0x1db/0x2d0 [ 13.081312] ? ksize_uaf+0x19d/0x6c0 [ 13.081332] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.081354] ? ksize_uaf+0x19d/0x6c0 [ 13.081375] kasan_report+0x141/0x180 [ 13.081396] ? ksize_uaf+0x19d/0x6c0 [ 13.081419] ? ksize_uaf+0x19d/0x6c0 [ 13.081439] __kasan_check_byte+0x3d/0x50 [ 13.081461] ksize+0x20/0x60 [ 13.081481] ksize_uaf+0x19d/0x6c0 [ 13.081501] ? __pfx_ksize_uaf+0x10/0x10 [ 13.081522] ? __schedule+0x10cc/0x2b60 [ 13.081545] ? __pfx_read_tsc+0x10/0x10 [ 13.081565] ? ktime_get_ts64+0x86/0x230 [ 13.081589] kunit_try_run_case+0x1a5/0x480 [ 13.081614] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.081637] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.081692] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.081715] ? __kthread_parkme+0x82/0x180 [ 13.081736] ? preempt_count_sub+0x50/0x80 [ 13.081772] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.081796] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.081820] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.081845] kthread+0x337/0x6f0 [ 13.081864] ? trace_preempt_on+0x20/0xc0 [ 13.081887] ? __pfx_kthread+0x10/0x10 [ 13.081907] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.081929] ? calculate_sigpending+0x7b/0xa0 [ 13.081953] ? __pfx_kthread+0x10/0x10 [ 13.081974] ret_from_fork+0x116/0x1d0 [ 13.081992] ? __pfx_kthread+0x10/0x10 [ 13.082012] ret_from_fork_asm+0x1a/0x30 [ 13.082043] </TASK> [ 13.082054] [ 13.092353] Allocated by task 214: [ 13.092542] kasan_save_stack+0x45/0x70 [ 13.092913] kasan_save_track+0x18/0x40 [ 13.093076] kasan_save_alloc_info+0x3b/0x50 [ 13.093271] __kasan_kmalloc+0xb7/0xc0 [ 13.093451] __kmalloc_cache_noprof+0x189/0x420 [ 13.093652] ksize_uaf+0xaa/0x6c0 [ 13.094282] kunit_try_run_case+0x1a5/0x480 [ 13.094484] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.094763] kthread+0x337/0x6f0 [ 13.095174] ret_from_fork+0x116/0x1d0 [ 13.095336] ret_from_fork_asm+0x1a/0x30 [ 13.095542] [ 13.095640] Freed by task 214: [ 13.096046] kasan_save_stack+0x45/0x70 [ 13.096313] kasan_save_track+0x18/0x40 [ 13.096833] kasan_save_free_info+0x3f/0x60 [ 13.097143] __kasan_slab_free+0x56/0x70 [ 13.097333] kfree+0x222/0x3f0 [ 13.097486] ksize_uaf+0x12c/0x6c0 [ 13.097899] kunit_try_run_case+0x1a5/0x480 [ 13.098117] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.098332] kthread+0x337/0x6f0 [ 13.098497] ret_from_fork+0x116/0x1d0 [ 13.098660] ret_from_fork_asm+0x1a/0x30 [ 13.099136] [ 13.099219] The buggy address belongs to the object at ffff888102655500 [ 13.099219] which belongs to the cache kmalloc-128 of size 128 [ 13.100050] The buggy address is located 0 bytes inside of [ 13.100050] freed 128-byte region [ffff888102655500, ffff888102655580) [ 13.100514] [ 13.100621] The buggy address belongs to the physical page: [ 13.100942] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102655 [ 13.101312] flags: 0x200000000000000(node=0|zone=2) [ 13.101534] page_type: f5(slab) [ 13.101689] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.102433] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.102866] page dumped because: kasan: bad access detected [ 13.103280] [ 13.103357] Memory state around the buggy address: [ 13.103583] ffff888102655400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.104327] ffff888102655480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.104944] >ffff888102655500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.105249] ^ [ 13.105401] ffff888102655580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.105885] ffff888102655600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.106167] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 12.996125] ================================================================== [ 12.996614] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 12.996966] Read of size 1 at addr ffff888102b92873 by task kunit_try_catch/212 [ 12.997942] [ 12.998070] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.998118] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.998129] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.998151] Call Trace: [ 12.998164] <TASK> [ 12.998185] dump_stack_lvl+0x73/0xb0 [ 12.998217] print_report+0xd1/0x650 [ 12.998240] ? __virt_addr_valid+0x1db/0x2d0 [ 12.998264] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.998286] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.998309] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.998332] kasan_report+0x141/0x180 [ 12.998353] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.998387] __asan_report_load1_noabort+0x18/0x20 [ 12.998411] ksize_unpoisons_memory+0x81c/0x9b0 [ 12.998435] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.998457] ? finish_task_switch.isra.0+0x153/0x700 [ 12.998481] ? __switch_to+0x47/0xf50 [ 12.998506] ? __schedule+0x10cc/0x2b60 [ 12.998528] ? __pfx_read_tsc+0x10/0x10 [ 12.998549] ? ktime_get_ts64+0x86/0x230 [ 12.998572] kunit_try_run_case+0x1a5/0x480 [ 12.998597] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.998619] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.998643] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.998937] ? __kthread_parkme+0x82/0x180 [ 12.998960] ? preempt_count_sub+0x50/0x80 [ 12.998983] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.999007] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.999032] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.999057] kthread+0x337/0x6f0 [ 12.999076] ? trace_preempt_on+0x20/0xc0 [ 12.999100] ? __pfx_kthread+0x10/0x10 [ 12.999121] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.999142] ? calculate_sigpending+0x7b/0xa0 [ 12.999167] ? __pfx_kthread+0x10/0x10 [ 12.999187] ret_from_fork+0x116/0x1d0 [ 12.999206] ? __pfx_kthread+0x10/0x10 [ 12.999226] ret_from_fork_asm+0x1a/0x30 [ 12.999256] </TASK> [ 12.999269] [ 13.011353] Allocated by task 212: [ 13.012268] kasan_save_stack+0x45/0x70 [ 13.012627] kasan_save_track+0x18/0x40 [ 13.013007] kasan_save_alloc_info+0x3b/0x50 [ 13.013309] __kasan_kmalloc+0xb7/0xc0 [ 13.013517] __kmalloc_cache_noprof+0x189/0x420 [ 13.013965] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.014246] kunit_try_run_case+0x1a5/0x480 [ 13.014440] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.014953] kthread+0x337/0x6f0 [ 13.015096] ret_from_fork+0x116/0x1d0 [ 13.015522] ret_from_fork_asm+0x1a/0x30 [ 13.015787] [ 13.015884] The buggy address belongs to the object at ffff888102b92800 [ 13.015884] which belongs to the cache kmalloc-128 of size 128 [ 13.016648] The buggy address is located 0 bytes to the right of [ 13.016648] allocated 115-byte region [ffff888102b92800, ffff888102b92873) [ 13.017454] [ 13.017549] The buggy address belongs to the physical page: [ 13.018000] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b92 [ 13.018287] flags: 0x200000000000000(node=0|zone=2) [ 13.018527] page_type: f5(slab) [ 13.018664] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.019296] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.019762] page dumped because: kasan: bad access detected [ 13.019980] [ 13.020212] Memory state around the buggy address: [ 13.020391] ffff888102b92700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.020923] ffff888102b92780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.021180] >ffff888102b92800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.021597] ^ [ 13.022105] ffff888102b92880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.022401] ffff888102b92900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.022699] ================================================================== [ 13.023763] ================================================================== [ 13.024590] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.025249] Read of size 1 at addr ffff888102b92878 by task kunit_try_catch/212 [ 13.026060] [ 13.026169] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.026211] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.026222] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.026356] Call Trace: [ 13.026379] <TASK> [ 13.026394] dump_stack_lvl+0x73/0xb0 [ 13.026423] print_report+0xd1/0x650 [ 13.026445] ? __virt_addr_valid+0x1db/0x2d0 [ 13.026468] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.026490] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.026512] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.026536] kasan_report+0x141/0x180 [ 13.026557] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.026585] __asan_report_load1_noabort+0x18/0x20 [ 13.026610] ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.026635] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.026797] ? finish_task_switch.isra.0+0x153/0x700 [ 13.026821] ? __switch_to+0x47/0xf50 [ 13.026846] ? __schedule+0x10cc/0x2b60 [ 13.026868] ? __pfx_read_tsc+0x10/0x10 [ 13.026888] ? ktime_get_ts64+0x86/0x230 [ 13.026912] kunit_try_run_case+0x1a5/0x480 [ 13.026936] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.026959] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.026983] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.027007] ? __kthread_parkme+0x82/0x180 [ 13.027027] ? preempt_count_sub+0x50/0x80 [ 13.027049] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.027074] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.027097] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.027122] kthread+0x337/0x6f0 [ 13.027141] ? trace_preempt_on+0x20/0xc0 [ 13.027163] ? __pfx_kthread+0x10/0x10 [ 13.027183] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.027204] ? calculate_sigpending+0x7b/0xa0 [ 13.027229] ? __pfx_kthread+0x10/0x10 [ 13.027249] ret_from_fork+0x116/0x1d0 [ 13.027268] ? __pfx_kthread+0x10/0x10 [ 13.027287] ret_from_fork_asm+0x1a/0x30 [ 13.027317] </TASK> [ 13.027327] [ 13.037961] Allocated by task 212: [ 13.038113] kasan_save_stack+0x45/0x70 [ 13.038323] kasan_save_track+0x18/0x40 [ 13.038512] kasan_save_alloc_info+0x3b/0x50 [ 13.039122] __kasan_kmalloc+0xb7/0xc0 [ 13.039304] __kmalloc_cache_noprof+0x189/0x420 [ 13.039583] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.039977] kunit_try_run_case+0x1a5/0x480 [ 13.040204] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.040534] kthread+0x337/0x6f0 [ 13.040926] ret_from_fork+0x116/0x1d0 [ 13.041110] ret_from_fork_asm+0x1a/0x30 [ 13.041309] [ 13.041399] The buggy address belongs to the object at ffff888102b92800 [ 13.041399] which belongs to the cache kmalloc-128 of size 128 [ 13.042483] The buggy address is located 5 bytes to the right of [ 13.042483] allocated 115-byte region [ffff888102b92800, ffff888102b92873) [ 13.043357] [ 13.043450] The buggy address belongs to the physical page: [ 13.043876] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b92 [ 13.044311] flags: 0x200000000000000(node=0|zone=2) [ 13.044622] page_type: f5(slab) [ 13.045022] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.045436] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.045884] page dumped because: kasan: bad access detected [ 13.046186] [ 13.046436] Memory state around the buggy address: [ 13.046789] ffff888102b92700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.047096] ffff888102b92780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.047389] >ffff888102b92800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.048087] ^ [ 13.048373] ffff888102b92880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.048897] ffff888102b92900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.049320] ================================================================== [ 13.050041] ================================================================== [ 13.050609] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.051170] Read of size 1 at addr ffff888102b9287f by task kunit_try_catch/212 [ 13.051637] [ 13.051777] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.051819] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.051830] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.051849] Call Trace: [ 13.051862] <TASK> [ 13.051877] dump_stack_lvl+0x73/0xb0 [ 13.051904] print_report+0xd1/0x650 [ 13.051926] ? __virt_addr_valid+0x1db/0x2d0 [ 13.051948] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.051971] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.051995] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.052018] kasan_report+0x141/0x180 [ 13.052039] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.052067] __asan_report_load1_noabort+0x18/0x20 [ 13.052091] ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.052114] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.052137] ? finish_task_switch.isra.0+0x153/0x700 [ 13.052159] ? __switch_to+0x47/0xf50 [ 13.052183] ? __schedule+0x10cc/0x2b60 [ 13.052204] ? __pfx_read_tsc+0x10/0x10 [ 13.052224] ? ktime_get_ts64+0x86/0x230 [ 13.052247] kunit_try_run_case+0x1a5/0x480 [ 13.052271] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.052293] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.052316] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.052339] ? __kthread_parkme+0x82/0x180 [ 13.052359] ? preempt_count_sub+0x50/0x80 [ 13.052382] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.052405] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.052429] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.052454] kthread+0x337/0x6f0 [ 13.052472] ? trace_preempt_on+0x20/0xc0 [ 13.052495] ? __pfx_kthread+0x10/0x10 [ 13.052515] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.052536] ? calculate_sigpending+0x7b/0xa0 [ 13.052559] ? __pfx_kthread+0x10/0x10 [ 13.052580] ret_from_fork+0x116/0x1d0 [ 13.052597] ? __pfx_kthread+0x10/0x10 [ 13.052617] ret_from_fork_asm+0x1a/0x30 [ 13.052647] </TASK> [ 13.052842] [ 13.063097] Allocated by task 212: [ 13.063447] kasan_save_stack+0x45/0x70 [ 13.063839] kasan_save_track+0x18/0x40 [ 13.064102] kasan_save_alloc_info+0x3b/0x50 [ 13.064288] __kasan_kmalloc+0xb7/0xc0 [ 13.064463] __kmalloc_cache_noprof+0x189/0x420 [ 13.064885] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.065096] kunit_try_run_case+0x1a5/0x480 [ 13.065289] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.065522] kthread+0x337/0x6f0 [ 13.065673] ret_from_fork+0x116/0x1d0 [ 13.066157] ret_from_fork_asm+0x1a/0x30 [ 13.066327] [ 13.066498] The buggy address belongs to the object at ffff888102b92800 [ 13.066498] which belongs to the cache kmalloc-128 of size 128 [ 13.067310] The buggy address is located 12 bytes to the right of [ 13.067310] allocated 115-byte region [ffff888102b92800, ffff888102b92873) [ 13.068061] [ 13.068154] The buggy address belongs to the physical page: [ 13.068381] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b92 [ 13.068947] flags: 0x200000000000000(node=0|zone=2) [ 13.069145] page_type: f5(slab) [ 13.069308] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.069823] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.070139] page dumped because: kasan: bad access detected [ 13.070370] [ 13.070450] Memory state around the buggy address: [ 13.070648] ffff888102b92700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.070948] ffff888102b92780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.071256] >ffff888102b92800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.071545] ^ [ 13.072285] ffff888102b92880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.072547] ffff888102b92900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.073045] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 12.920761] ================================================================== [ 12.921511] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 12.922247] Read of size 1 at addr ffff888102b9bb28 by task kunit_try_catch/206 [ 12.922980] [ 12.923076] CPU: 0 UID: 0 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.923121] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.923132] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.923153] Call Trace: [ 12.923164] <TASK> [ 12.923180] dump_stack_lvl+0x73/0xb0 [ 12.923210] print_report+0xd1/0x650 [ 12.923232] ? __virt_addr_valid+0x1db/0x2d0 [ 12.923255] ? kmalloc_uaf2+0x4a8/0x520 [ 12.923274] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.923297] ? kmalloc_uaf2+0x4a8/0x520 [ 12.923317] kasan_report+0x141/0x180 [ 12.923338] ? kmalloc_uaf2+0x4a8/0x520 [ 12.923362] __asan_report_load1_noabort+0x18/0x20 [ 12.923387] kmalloc_uaf2+0x4a8/0x520 [ 12.923406] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 12.923426] ? finish_task_switch.isra.0+0x153/0x700 [ 12.923449] ? __switch_to+0x47/0xf50 [ 12.923476] ? __schedule+0x10cc/0x2b60 [ 12.923497] ? __pfx_read_tsc+0x10/0x10 [ 12.923517] ? ktime_get_ts64+0x86/0x230 [ 12.923540] kunit_try_run_case+0x1a5/0x480 [ 12.923564] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.923586] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.923609] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.923632] ? __kthread_parkme+0x82/0x180 [ 12.923664] ? preempt_count_sub+0x50/0x80 [ 12.923687] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.923711] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.923734] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.923771] kthread+0x337/0x6f0 [ 12.923805] ? trace_preempt_on+0x20/0xc0 [ 12.923830] ? __pfx_kthread+0x10/0x10 [ 12.923851] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.923872] ? calculate_sigpending+0x7b/0xa0 [ 12.923985] ? __pfx_kthread+0x10/0x10 [ 12.924008] ret_from_fork+0x116/0x1d0 [ 12.924027] ? __pfx_kthread+0x10/0x10 [ 12.924047] ret_from_fork_asm+0x1a/0x30 [ 12.924078] </TASK> [ 12.924089] [ 12.940973] Allocated by task 206: [ 12.941237] kasan_save_stack+0x45/0x70 [ 12.941657] kasan_save_track+0x18/0x40 [ 12.942110] kasan_save_alloc_info+0x3b/0x50 [ 12.942601] __kasan_kmalloc+0xb7/0xc0 [ 12.942854] __kmalloc_cache_noprof+0x189/0x420 [ 12.943401] kmalloc_uaf2+0xc6/0x520 [ 12.943838] kunit_try_run_case+0x1a5/0x480 [ 12.944363] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.944930] kthread+0x337/0x6f0 [ 12.945210] ret_from_fork+0x116/0x1d0 [ 12.945633] ret_from_fork_asm+0x1a/0x30 [ 12.946122] [ 12.946220] Freed by task 206: [ 12.946416] kasan_save_stack+0x45/0x70 [ 12.946890] kasan_save_track+0x18/0x40 [ 12.947300] kasan_save_free_info+0x3f/0x60 [ 12.947818] __kasan_slab_free+0x56/0x70 [ 12.948176] kfree+0x222/0x3f0 [ 12.948409] kmalloc_uaf2+0x14c/0x520 [ 12.948576] kunit_try_run_case+0x1a5/0x480 [ 12.948985] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.949601] kthread+0x337/0x6f0 [ 12.949992] ret_from_fork+0x116/0x1d0 [ 12.950399] ret_from_fork_asm+0x1a/0x30 [ 12.950889] [ 12.951078] The buggy address belongs to the object at ffff888102b9bb00 [ 12.951078] which belongs to the cache kmalloc-64 of size 64 [ 12.952161] The buggy address is located 40 bytes inside of [ 12.952161] freed 64-byte region [ffff888102b9bb00, ffff888102b9bb40) [ 12.953032] [ 12.953274] The buggy address belongs to the physical page: [ 12.953867] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b9b [ 12.954472] flags: 0x200000000000000(node=0|zone=2) [ 12.954841] page_type: f5(slab) [ 12.955048] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.955310] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.955596] page dumped because: kasan: bad access detected [ 12.956183] [ 12.956409] Memory state around the buggy address: [ 12.957027] ffff888102b9ba00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.957847] ffff888102b9ba80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.958601] >ffff888102b9bb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.959370] ^ [ 12.959874] ffff888102b9bb80: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 12.960622] ffff888102b9bc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.963921] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 12.893063] ================================================================== [ 12.893499] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 12.893862] Write of size 33 at addr ffff888102658d80 by task kunit_try_catch/204 [ 12.894191] [ 12.894301] CPU: 1 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.894343] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.894354] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.894378] Call Trace: [ 12.894389] <TASK> [ 12.894403] dump_stack_lvl+0x73/0xb0 [ 12.894431] print_report+0xd1/0x650 [ 12.894452] ? __virt_addr_valid+0x1db/0x2d0 [ 12.894474] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.894495] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.894517] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.894538] kasan_report+0x141/0x180 [ 12.894560] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.894585] kasan_check_range+0x10c/0x1c0 [ 12.894608] __asan_memset+0x27/0x50 [ 12.894627] kmalloc_uaf_memset+0x1a3/0x360 [ 12.894648] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 12.894670] ? __schedule+0x10cc/0x2b60 [ 12.894691] ? __pfx_read_tsc+0x10/0x10 [ 12.894711] ? ktime_get_ts64+0x86/0x230 [ 12.894734] kunit_try_run_case+0x1a5/0x480 [ 12.894770] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.894800] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.894823] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.894847] ? __kthread_parkme+0x82/0x180 [ 12.894874] ? preempt_count_sub+0x50/0x80 [ 12.894898] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.894921] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.894947] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.894971] kthread+0x337/0x6f0 [ 12.894990] ? trace_preempt_on+0x20/0xc0 [ 12.895012] ? __pfx_kthread+0x10/0x10 [ 12.895032] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.895053] ? calculate_sigpending+0x7b/0xa0 [ 12.895077] ? __pfx_kthread+0x10/0x10 [ 12.895098] ret_from_fork+0x116/0x1d0 [ 12.895116] ? __pfx_kthread+0x10/0x10 [ 12.895136] ret_from_fork_asm+0x1a/0x30 [ 12.895166] </TASK> [ 12.895176] [ 12.903613] Allocated by task 204: [ 12.904023] kasan_save_stack+0x45/0x70 [ 12.904224] kasan_save_track+0x18/0x40 [ 12.904416] kasan_save_alloc_info+0x3b/0x50 [ 12.904622] __kasan_kmalloc+0xb7/0xc0 [ 12.905115] __kmalloc_cache_noprof+0x189/0x420 [ 12.905297] kmalloc_uaf_memset+0xa9/0x360 [ 12.905672] kunit_try_run_case+0x1a5/0x480 [ 12.906078] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.906315] kthread+0x337/0x6f0 [ 12.906634] ret_from_fork+0x116/0x1d0 [ 12.906821] ret_from_fork_asm+0x1a/0x30 [ 12.907034] [ 12.907104] Freed by task 204: [ 12.907389] kasan_save_stack+0x45/0x70 [ 12.907840] kasan_save_track+0x18/0x40 [ 12.908220] kasan_save_free_info+0x3f/0x60 [ 12.908401] __kasan_slab_free+0x56/0x70 [ 12.908600] kfree+0x222/0x3f0 [ 12.908881] kmalloc_uaf_memset+0x12b/0x360 [ 12.909196] kunit_try_run_case+0x1a5/0x480 [ 12.909557] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.910057] kthread+0x337/0x6f0 [ 12.910416] ret_from_fork+0x116/0x1d0 [ 12.910608] ret_from_fork_asm+0x1a/0x30 [ 12.910871] [ 12.910988] The buggy address belongs to the object at ffff888102658d80 [ 12.910988] which belongs to the cache kmalloc-64 of size 64 [ 12.911857] The buggy address is located 0 bytes inside of [ 12.911857] freed 64-byte region [ffff888102658d80, ffff888102658dc0) [ 12.912534] [ 12.912628] The buggy address belongs to the physical page: [ 12.912874] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102658 [ 12.913333] flags: 0x200000000000000(node=0|zone=2) [ 12.913575] page_type: f5(slab) [ 12.914017] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.914302] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.914866] page dumped because: kasan: bad access detected [ 12.915088] [ 12.915183] Memory state around the buggy address: [ 12.915380] ffff888102658c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.915693] ffff888102658d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.916285] >ffff888102658d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.916653] ^ [ 12.916845] ffff888102658e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.917176] ffff888102658e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.917618] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 12.867202] ================================================================== [ 12.867758] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 12.868089] Read of size 1 at addr ffff888101c05d08 by task kunit_try_catch/202 [ 12.868338] [ 12.868448] CPU: 1 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.868489] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.868499] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.868518] Call Trace: [ 12.868529] <TASK> [ 12.868543] dump_stack_lvl+0x73/0xb0 [ 12.868571] print_report+0xd1/0x650 [ 12.868594] ? __virt_addr_valid+0x1db/0x2d0 [ 12.868616] ? kmalloc_uaf+0x320/0x380 [ 12.868635] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.868951] ? kmalloc_uaf+0x320/0x380 [ 12.868976] kasan_report+0x141/0x180 [ 12.868998] ? kmalloc_uaf+0x320/0x380 [ 12.869022] __asan_report_load1_noabort+0x18/0x20 [ 12.869048] kmalloc_uaf+0x320/0x380 [ 12.869067] ? __pfx_kmalloc_uaf+0x10/0x10 [ 12.869088] ? __schedule+0x10cc/0x2b60 [ 12.869111] ? __pfx_read_tsc+0x10/0x10 [ 12.869132] ? ktime_get_ts64+0x86/0x230 [ 12.869156] kunit_try_run_case+0x1a5/0x480 [ 12.869181] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.869203] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.869227] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.869251] ? __kthread_parkme+0x82/0x180 [ 12.869271] ? preempt_count_sub+0x50/0x80 [ 12.869295] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.869319] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.869343] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.869368] kthread+0x337/0x6f0 [ 12.869387] ? trace_preempt_on+0x20/0xc0 [ 12.869409] ? __pfx_kthread+0x10/0x10 [ 12.869430] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.869451] ? calculate_sigpending+0x7b/0xa0 [ 12.869476] ? __pfx_kthread+0x10/0x10 [ 12.869497] ret_from_fork+0x116/0x1d0 [ 12.869514] ? __pfx_kthread+0x10/0x10 [ 12.869534] ret_from_fork_asm+0x1a/0x30 [ 12.869566] </TASK> [ 12.869576] [ 12.877158] Allocated by task 202: [ 12.877287] kasan_save_stack+0x45/0x70 [ 12.877430] kasan_save_track+0x18/0x40 [ 12.877622] kasan_save_alloc_info+0x3b/0x50 [ 12.877890] __kasan_kmalloc+0xb7/0xc0 [ 12.878077] __kmalloc_cache_noprof+0x189/0x420 [ 12.878300] kmalloc_uaf+0xaa/0x380 [ 12.878479] kunit_try_run_case+0x1a5/0x480 [ 12.878680] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.878911] kthread+0x337/0x6f0 [ 12.879249] ret_from_fork+0x116/0x1d0 [ 12.879451] ret_from_fork_asm+0x1a/0x30 [ 12.879639] [ 12.879800] Freed by task 202: [ 12.879939] kasan_save_stack+0x45/0x70 [ 12.880141] kasan_save_track+0x18/0x40 [ 12.880292] kasan_save_free_info+0x3f/0x60 [ 12.880501] __kasan_slab_free+0x56/0x70 [ 12.880637] kfree+0x222/0x3f0 [ 12.880764] kmalloc_uaf+0x12c/0x380 [ 12.880892] kunit_try_run_case+0x1a5/0x480 [ 12.881046] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.881293] kthread+0x337/0x6f0 [ 12.881558] ret_from_fork+0x116/0x1d0 [ 12.881942] ret_from_fork_asm+0x1a/0x30 [ 12.882143] [ 12.882236] The buggy address belongs to the object at ffff888101c05d00 [ 12.882236] which belongs to the cache kmalloc-16 of size 16 [ 12.882610] The buggy address is located 8 bytes inside of [ 12.882610] freed 16-byte region [ffff888101c05d00, ffff888101c05d10) [ 12.884007] [ 12.884113] The buggy address belongs to the physical page: [ 12.884366] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c05 [ 12.885281] flags: 0x200000000000000(node=0|zone=2) [ 12.885513] page_type: f5(slab) [ 12.885777] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.886294] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.886967] page dumped because: kasan: bad access detected [ 12.887307] [ 12.887402] Memory state around the buggy address: [ 12.887615] ffff888101c05c00: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 12.888220] ffff888101c05c80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.888781] >ffff888101c05d00: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.889080] ^ [ 12.889245] ffff888101c05d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.889532] ffff888101c05e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.890212] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 12.839956] ================================================================== [ 12.840470] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.841074] Read of size 64 at addr ffff888102658b04 by task kunit_try_catch/200 [ 12.841360] [ 12.841469] CPU: 1 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.841511] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.841522] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.841540] Call Trace: [ 12.841553] <TASK> [ 12.841567] dump_stack_lvl+0x73/0xb0 [ 12.841596] print_report+0xd1/0x650 [ 12.841619] ? __virt_addr_valid+0x1db/0x2d0 [ 12.841642] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.841667] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.841690] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.841715] kasan_report+0x141/0x180 [ 12.841736] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.841779] kasan_check_range+0x10c/0x1c0 [ 12.842037] __asan_memmove+0x27/0x70 [ 12.842064] kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.842090] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 12.842117] ? __schedule+0x10cc/0x2b60 [ 12.842140] ? __pfx_read_tsc+0x10/0x10 [ 12.842161] ? ktime_get_ts64+0x86/0x230 [ 12.842184] kunit_try_run_case+0x1a5/0x480 [ 12.842208] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.842231] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.842254] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.842278] ? __kthread_parkme+0x82/0x180 [ 12.842298] ? preempt_count_sub+0x50/0x80 [ 12.842322] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.842346] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.842376] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.842401] kthread+0x337/0x6f0 [ 12.842420] ? trace_preempt_on+0x20/0xc0 [ 12.842443] ? __pfx_kthread+0x10/0x10 [ 12.842463] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.842485] ? calculate_sigpending+0x7b/0xa0 [ 12.842509] ? __pfx_kthread+0x10/0x10 [ 12.842530] ret_from_fork+0x116/0x1d0 [ 12.842548] ? __pfx_kthread+0x10/0x10 [ 12.842569] ret_from_fork_asm+0x1a/0x30 [ 12.842598] </TASK> [ 12.842609] [ 12.850312] Allocated by task 200: [ 12.850468] kasan_save_stack+0x45/0x70 [ 12.850665] kasan_save_track+0x18/0x40 [ 12.850866] kasan_save_alloc_info+0x3b/0x50 [ 12.851246] __kasan_kmalloc+0xb7/0xc0 [ 12.851402] __kmalloc_cache_noprof+0x189/0x420 [ 12.851614] kmalloc_memmove_invalid_size+0xac/0x330 [ 12.851811] kunit_try_run_case+0x1a5/0x480 [ 12.852029] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.852281] kthread+0x337/0x6f0 [ 12.852447] ret_from_fork+0x116/0x1d0 [ 12.852580] ret_from_fork_asm+0x1a/0x30 [ 12.852719] [ 12.852797] The buggy address belongs to the object at ffff888102658b00 [ 12.852797] which belongs to the cache kmalloc-64 of size 64 [ 12.853267] The buggy address is located 4 bytes inside of [ 12.853267] allocated 64-byte region [ffff888102658b00, ffff888102658b40) [ 12.853832] [ 12.853906] The buggy address belongs to the physical page: [ 12.854078] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102658 [ 12.854317] flags: 0x200000000000000(node=0|zone=2) [ 12.854553] page_type: f5(slab) [ 12.854947] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.855304] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.855640] page dumped because: kasan: bad access detected [ 12.855908] [ 12.856002] Memory state around the buggy address: [ 12.856225] ffff888102658a00: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 12.856533] ffff888102658a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.856921] >ffff888102658b00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 12.857184] ^ [ 12.857425] ffff888102658b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.857775] ffff888102658c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.858041] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 12.815742] ================================================================== [ 12.816276] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 12.816580] Read of size 18446744073709551614 at addr ffff888102658984 by task kunit_try_catch/198 [ 12.817101] [ 12.817545] CPU: 1 UID: 0 PID: 198 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.817592] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.817603] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.817623] Call Trace: [ 12.817635] <TASK> [ 12.817856] dump_stack_lvl+0x73/0xb0 [ 12.817892] print_report+0xd1/0x650 [ 12.817915] ? __virt_addr_valid+0x1db/0x2d0 [ 12.817938] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.817963] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.817986] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.818036] kasan_report+0x141/0x180 [ 12.818058] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.818088] kasan_check_range+0x10c/0x1c0 [ 12.818111] __asan_memmove+0x27/0x70 [ 12.818131] kmalloc_memmove_negative_size+0x171/0x330 [ 12.818156] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 12.818183] ? __schedule+0x10cc/0x2b60 [ 12.818205] ? __pfx_read_tsc+0x10/0x10 [ 12.818225] ? ktime_get_ts64+0x86/0x230 [ 12.818249] kunit_try_run_case+0x1a5/0x480 [ 12.818273] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.818295] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.818318] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.818342] ? __kthread_parkme+0x82/0x180 [ 12.818368] ? preempt_count_sub+0x50/0x80 [ 12.818392] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.818416] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.818441] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.818466] kthread+0x337/0x6f0 [ 12.818485] ? trace_preempt_on+0x20/0xc0 [ 12.818508] ? __pfx_kthread+0x10/0x10 [ 12.818528] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.818549] ? calculate_sigpending+0x7b/0xa0 [ 12.818573] ? __pfx_kthread+0x10/0x10 [ 12.818594] ret_from_fork+0x116/0x1d0 [ 12.818613] ? __pfx_kthread+0x10/0x10 [ 12.818633] ret_from_fork_asm+0x1a/0x30 [ 12.818812] </TASK> [ 12.818825] [ 12.826825] Allocated by task 198: [ 12.827027] kasan_save_stack+0x45/0x70 [ 12.827231] kasan_save_track+0x18/0x40 [ 12.827423] kasan_save_alloc_info+0x3b/0x50 [ 12.827615] __kasan_kmalloc+0xb7/0xc0 [ 12.827855] __kmalloc_cache_noprof+0x189/0x420 [ 12.828018] kmalloc_memmove_negative_size+0xac/0x330 [ 12.828219] kunit_try_run_case+0x1a5/0x480 [ 12.828429] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.828681] kthread+0x337/0x6f0 [ 12.829041] ret_from_fork+0x116/0x1d0 [ 12.829200] ret_from_fork_asm+0x1a/0x30 [ 12.829392] [ 12.829462] The buggy address belongs to the object at ffff888102658980 [ 12.829462] which belongs to the cache kmalloc-64 of size 64 [ 12.829979] The buggy address is located 4 bytes inside of [ 12.829979] 64-byte region [ffff888102658980, ffff8881026589c0) [ 12.830465] [ 12.830553] The buggy address belongs to the physical page: [ 12.830778] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102658 [ 12.831074] flags: 0x200000000000000(node=0|zone=2) [ 12.831291] page_type: f5(slab) [ 12.831460] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.831815] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.832042] page dumped because: kasan: bad access detected [ 12.832212] [ 12.832279] Memory state around the buggy address: [ 12.832434] ffff888102658880: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 12.832754] ffff888102658900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.833180] >ffff888102658980: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 12.833488] ^ [ 12.833696] ffff888102658a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.834201] ffff888102658a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.834431] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 12.795920] ================================================================== [ 12.796380] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 12.796683] Write of size 16 at addr ffff888102b92769 by task kunit_try_catch/196 [ 12.797016] [ 12.797131] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.797174] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.797184] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.797203] Call Trace: [ 12.797214] <TASK> [ 12.797230] dump_stack_lvl+0x73/0xb0 [ 12.797260] print_report+0xd1/0x650 [ 12.797281] ? __virt_addr_valid+0x1db/0x2d0 [ 12.797305] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.797326] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.797349] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.797371] kasan_report+0x141/0x180 [ 12.797392] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.797418] kasan_check_range+0x10c/0x1c0 [ 12.797441] __asan_memset+0x27/0x50 [ 12.797460] kmalloc_oob_memset_16+0x166/0x330 [ 12.797483] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 12.797506] ? __schedule+0x10cc/0x2b60 [ 12.797528] ? __pfx_read_tsc+0x10/0x10 [ 12.797549] ? ktime_get_ts64+0x86/0x230 [ 12.797574] kunit_try_run_case+0x1a5/0x480 [ 12.797598] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.797621] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.797644] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.797668] ? __kthread_parkme+0x82/0x180 [ 12.797688] ? preempt_count_sub+0x50/0x80 [ 12.797712] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.797736] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.797772] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.797958] kthread+0x337/0x6f0 [ 12.797978] ? trace_preempt_on+0x20/0xc0 [ 12.798004] ? __pfx_kthread+0x10/0x10 [ 12.798024] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.798045] ? calculate_sigpending+0x7b/0xa0 [ 12.798069] ? __pfx_kthread+0x10/0x10 [ 12.798090] ret_from_fork+0x116/0x1d0 [ 12.798109] ? __pfx_kthread+0x10/0x10 [ 12.798129] ret_from_fork_asm+0x1a/0x30 [ 12.798160] </TASK> [ 12.798170] [ 12.805502] Allocated by task 196: [ 12.805650] kasan_save_stack+0x45/0x70 [ 12.805807] kasan_save_track+0x18/0x40 [ 12.805942] kasan_save_alloc_info+0x3b/0x50 [ 12.806130] __kasan_kmalloc+0xb7/0xc0 [ 12.806323] __kmalloc_cache_noprof+0x189/0x420 [ 12.806555] kmalloc_oob_memset_16+0xac/0x330 [ 12.807141] kunit_try_run_case+0x1a5/0x480 [ 12.807365] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.807623] kthread+0x337/0x6f0 [ 12.807859] ret_from_fork+0x116/0x1d0 [ 12.807996] ret_from_fork_asm+0x1a/0x30 [ 12.808168] [ 12.808269] The buggy address belongs to the object at ffff888102b92700 [ 12.808269] which belongs to the cache kmalloc-128 of size 128 [ 12.808938] The buggy address is located 105 bytes inside of [ 12.808938] allocated 120-byte region [ffff888102b92700, ffff888102b92778) [ 12.809415] [ 12.809513] The buggy address belongs to the physical page: [ 12.809847] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b92 [ 12.810178] flags: 0x200000000000000(node=0|zone=2) [ 12.810350] page_type: f5(slab) [ 12.810477] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.810736] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.811085] page dumped because: kasan: bad access detected [ 12.811333] [ 12.811421] Memory state around the buggy address: [ 12.811640] ffff888102b92600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.811984] ffff888102b92680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.812248] >ffff888102b92700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.812567] ^ [ 12.812924] ffff888102b92780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.813213] ffff888102b92800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.813483] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 12.768616] ================================================================== [ 12.769250] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 12.769546] Write of size 8 at addr ffff888102655371 by task kunit_try_catch/194 [ 12.769894] [ 12.770251] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.770298] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.770309] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.770327] Call Trace: [ 12.770340] <TASK> [ 12.770355] dump_stack_lvl+0x73/0xb0 [ 12.770393] print_report+0xd1/0x650 [ 12.770416] ? __virt_addr_valid+0x1db/0x2d0 [ 12.770439] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.770460] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.770483] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.770505] kasan_report+0x141/0x180 [ 12.770526] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.770552] kasan_check_range+0x10c/0x1c0 [ 12.770576] __asan_memset+0x27/0x50 [ 12.770595] kmalloc_oob_memset_8+0x166/0x330 [ 12.770617] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 12.770640] ? __schedule+0x10cc/0x2b60 [ 12.770663] ? __pfx_read_tsc+0x10/0x10 [ 12.770683] ? ktime_get_ts64+0x86/0x230 [ 12.770708] kunit_try_run_case+0x1a5/0x480 [ 12.770731] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.770777] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.770802] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.770826] ? __kthread_parkme+0x82/0x180 [ 12.770846] ? preempt_count_sub+0x50/0x80 [ 12.770870] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.770894] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.770918] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.770943] kthread+0x337/0x6f0 [ 12.770962] ? trace_preempt_on+0x20/0xc0 [ 12.770985] ? __pfx_kthread+0x10/0x10 [ 12.771005] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.771027] ? calculate_sigpending+0x7b/0xa0 [ 12.771051] ? __pfx_kthread+0x10/0x10 [ 12.771072] ret_from_fork+0x116/0x1d0 [ 12.771090] ? __pfx_kthread+0x10/0x10 [ 12.771110] ret_from_fork_asm+0x1a/0x30 [ 12.771141] </TASK> [ 12.771151] [ 12.778437] Allocated by task 194: [ 12.778595] kasan_save_stack+0x45/0x70 [ 12.779066] kasan_save_track+0x18/0x40 [ 12.779276] kasan_save_alloc_info+0x3b/0x50 [ 12.779494] __kasan_kmalloc+0xb7/0xc0 [ 12.779784] __kmalloc_cache_noprof+0x189/0x420 [ 12.780022] kmalloc_oob_memset_8+0xac/0x330 [ 12.780272] kunit_try_run_case+0x1a5/0x480 [ 12.780442] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.780617] kthread+0x337/0x6f0 [ 12.780775] ret_from_fork+0x116/0x1d0 [ 12.781001] ret_from_fork_asm+0x1a/0x30 [ 12.781217] [ 12.781489] The buggy address belongs to the object at ffff888102655300 [ 12.781489] which belongs to the cache kmalloc-128 of size 128 [ 12.782404] The buggy address is located 113 bytes inside of [ 12.782404] allocated 120-byte region [ffff888102655300, ffff888102655378) [ 12.783766] [ 12.783951] The buggy address belongs to the physical page: [ 12.784427] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102655 [ 12.785123] flags: 0x200000000000000(node=0|zone=2) [ 12.785355] page_type: f5(slab) [ 12.785516] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.786083] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.786404] page dumped because: kasan: bad access detected [ 12.786641] [ 12.787137] Memory state around the buggy address: [ 12.787565] ffff888102655200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.788266] ffff888102655280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.788567] >ffff888102655300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.789359] ^ [ 12.789998] ffff888102655380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.790504] ffff888102655400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.791065] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 12.717231] ================================================================== [ 12.717726] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 12.718028] Write of size 2 at addr ffff888102b92677 by task kunit_try_catch/190 [ 12.718341] [ 12.718442] CPU: 0 UID: 0 PID: 190 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.718487] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.718498] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.718517] Call Trace: [ 12.718529] <TASK> [ 12.718543] dump_stack_lvl+0x73/0xb0 [ 12.719214] print_report+0xd1/0x650 [ 12.719260] ? __virt_addr_valid+0x1db/0x2d0 [ 12.719284] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.719307] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.719330] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.719352] kasan_report+0x141/0x180 [ 12.719373] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.719400] kasan_check_range+0x10c/0x1c0 [ 12.719424] __asan_memset+0x27/0x50 [ 12.719445] kmalloc_oob_memset_2+0x166/0x330 [ 12.719468] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 12.719491] ? __schedule+0x10cc/0x2b60 [ 12.719512] ? __pfx_read_tsc+0x10/0x10 [ 12.719533] ? ktime_get_ts64+0x86/0x230 [ 12.719557] kunit_try_run_case+0x1a5/0x480 [ 12.719580] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.719604] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.719627] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.719668] ? __kthread_parkme+0x82/0x180 [ 12.719700] ? preempt_count_sub+0x50/0x80 [ 12.719724] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.719756] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.719780] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.719805] kthread+0x337/0x6f0 [ 12.719833] ? trace_preempt_on+0x20/0xc0 [ 12.719857] ? __pfx_kthread+0x10/0x10 [ 12.719877] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.719899] ? calculate_sigpending+0x7b/0xa0 [ 12.719922] ? __pfx_kthread+0x10/0x10 [ 12.719943] ret_from_fork+0x116/0x1d0 [ 12.719961] ? __pfx_kthread+0x10/0x10 [ 12.719982] ret_from_fork_asm+0x1a/0x30 [ 12.720011] </TASK> [ 12.720022] [ 12.729720] Allocated by task 190: [ 12.729882] kasan_save_stack+0x45/0x70 [ 12.730222] kasan_save_track+0x18/0x40 [ 12.730514] kasan_save_alloc_info+0x3b/0x50 [ 12.730803] __kasan_kmalloc+0xb7/0xc0 [ 12.731136] __kmalloc_cache_noprof+0x189/0x420 [ 12.731313] kmalloc_oob_memset_2+0xac/0x330 [ 12.731884] kunit_try_run_case+0x1a5/0x480 [ 12.732093] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.732294] kthread+0x337/0x6f0 [ 12.732459] ret_from_fork+0x116/0x1d0 [ 12.732621] ret_from_fork_asm+0x1a/0x30 [ 12.732908] [ 12.733446] The buggy address belongs to the object at ffff888102b92600 [ 12.733446] which belongs to the cache kmalloc-128 of size 128 [ 12.734081] The buggy address is located 119 bytes inside of [ 12.734081] allocated 120-byte region [ffff888102b92600, ffff888102b92678) [ 12.734580] [ 12.735061] The buggy address belongs to the physical page: [ 12.735289] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b92 [ 12.735979] flags: 0x200000000000000(node=0|zone=2) [ 12.736208] page_type: f5(slab) [ 12.736339] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.736854] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.737169] page dumped because: kasan: bad access detected [ 12.737413] [ 12.737502] Memory state around the buggy address: [ 12.737709] ffff888102b92500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.739015] ffff888102b92580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.739836] >ffff888102b92600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.740069] ^ [ 12.740285] ffff888102b92680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.740497] ffff888102b92700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.740705] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 12.694330] ================================================================== [ 12.695031] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 12.695379] Write of size 128 at addr ffff888102b92500 by task kunit_try_catch/188 [ 12.695828] [ 12.695914] CPU: 0 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.695956] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.695967] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.695986] Call Trace: [ 12.695998] <TASK> [ 12.696012] dump_stack_lvl+0x73/0xb0 [ 12.696068] print_report+0xd1/0x650 [ 12.696090] ? __virt_addr_valid+0x1db/0x2d0 [ 12.696114] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.696136] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.696159] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.696181] kasan_report+0x141/0x180 [ 12.696203] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.696229] kasan_check_range+0x10c/0x1c0 [ 12.696253] __asan_memset+0x27/0x50 [ 12.696272] kmalloc_oob_in_memset+0x15f/0x320 [ 12.696296] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 12.696320] ? __schedule+0x10cc/0x2b60 [ 12.696356] ? __pfx_read_tsc+0x10/0x10 [ 12.696380] ? ktime_get_ts64+0x86/0x230 [ 12.696405] kunit_try_run_case+0x1a5/0x480 [ 12.696430] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.696453] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.696476] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.696500] ? __kthread_parkme+0x82/0x180 [ 12.696521] ? preempt_count_sub+0x50/0x80 [ 12.696545] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.696569] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.696593] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.696618] kthread+0x337/0x6f0 [ 12.696655] ? trace_preempt_on+0x20/0xc0 [ 12.696688] ? __pfx_kthread+0x10/0x10 [ 12.696708] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.696729] ? calculate_sigpending+0x7b/0xa0 [ 12.696763] ? __pfx_kthread+0x10/0x10 [ 12.696785] ret_from_fork+0x116/0x1d0 [ 12.696803] ? __pfx_kthread+0x10/0x10 [ 12.696823] ret_from_fork_asm+0x1a/0x30 [ 12.696854] </TASK> [ 12.696864] [ 12.704920] Allocated by task 188: [ 12.705098] kasan_save_stack+0x45/0x70 [ 12.705313] kasan_save_track+0x18/0x40 [ 12.705448] kasan_save_alloc_info+0x3b/0x50 [ 12.705596] __kasan_kmalloc+0xb7/0xc0 [ 12.705926] __kmalloc_cache_noprof+0x189/0x420 [ 12.706321] kmalloc_oob_in_memset+0xac/0x320 [ 12.706579] kunit_try_run_case+0x1a5/0x480 [ 12.706796] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.706970] kthread+0x337/0x6f0 [ 12.707087] ret_from_fork+0x116/0x1d0 [ 12.707216] ret_from_fork_asm+0x1a/0x30 [ 12.707374] [ 12.707469] The buggy address belongs to the object at ffff888102b92500 [ 12.707469] which belongs to the cache kmalloc-128 of size 128 [ 12.708188] The buggy address is located 0 bytes inside of [ 12.708188] allocated 120-byte region [ffff888102b92500, ffff888102b92578) [ 12.708722] [ 12.708912] The buggy address belongs to the physical page: [ 12.709134] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b92 [ 12.709456] flags: 0x200000000000000(node=0|zone=2) [ 12.709618] page_type: f5(slab) [ 12.709737] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.710338] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.710570] page dumped because: kasan: bad access detected [ 12.710740] [ 12.710817] Memory state around the buggy address: [ 12.710970] ffff888102b92400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.711263] ffff888102b92480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.711932] >ffff888102b92500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.712247] ^ [ 12.712772] ffff888102b92580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.713041] ffff888102b92600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.713253] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 12.667779] ================================================================== [ 12.668234] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 12.668541] Read of size 16 at addr ffff888101c05ce0 by task kunit_try_catch/186 [ 12.669016] [ 12.669130] CPU: 1 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.669172] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.669183] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.669202] Call Trace: [ 12.669215] <TASK> [ 12.669230] dump_stack_lvl+0x73/0xb0 [ 12.669258] print_report+0xd1/0x650 [ 12.669280] ? __virt_addr_valid+0x1db/0x2d0 [ 12.669303] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.669347] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.669371] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.669392] kasan_report+0x141/0x180 [ 12.669414] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.669460] __asan_report_load16_noabort+0x18/0x20 [ 12.669499] kmalloc_uaf_16+0x47b/0x4c0 [ 12.669520] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 12.669542] ? __schedule+0x10cc/0x2b60 [ 12.669564] ? __pfx_read_tsc+0x10/0x10 [ 12.669585] ? ktime_get_ts64+0x86/0x230 [ 12.669627] kunit_try_run_case+0x1a5/0x480 [ 12.669651] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.669673] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.669697] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.669928] ? __kthread_parkme+0x82/0x180 [ 12.669949] ? preempt_count_sub+0x50/0x80 [ 12.669984] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.670028] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.670053] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.670078] kthread+0x337/0x6f0 [ 12.670097] ? trace_preempt_on+0x20/0xc0 [ 12.670120] ? __pfx_kthread+0x10/0x10 [ 12.670140] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.670173] ? calculate_sigpending+0x7b/0xa0 [ 12.670197] ? __pfx_kthread+0x10/0x10 [ 12.670218] ret_from_fork+0x116/0x1d0 [ 12.670236] ? __pfx_kthread+0x10/0x10 [ 12.670256] ret_from_fork_asm+0x1a/0x30 [ 12.670286] </TASK> [ 12.670296] [ 12.678087] Allocated by task 186: [ 12.678407] kasan_save_stack+0x45/0x70 [ 12.678575] kasan_save_track+0x18/0x40 [ 12.678972] kasan_save_alloc_info+0x3b/0x50 [ 12.679160] __kasan_kmalloc+0xb7/0xc0 [ 12.679399] __kmalloc_cache_noprof+0x189/0x420 [ 12.679638] kmalloc_uaf_16+0x15b/0x4c0 [ 12.679803] kunit_try_run_case+0x1a5/0x480 [ 12.679952] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.680248] kthread+0x337/0x6f0 [ 12.680507] ret_from_fork+0x116/0x1d0 [ 12.680687] ret_from_fork_asm+0x1a/0x30 [ 12.681076] [ 12.681157] Freed by task 186: [ 12.681291] kasan_save_stack+0x45/0x70 [ 12.681512] kasan_save_track+0x18/0x40 [ 12.681759] kasan_save_free_info+0x3f/0x60 [ 12.681915] __kasan_slab_free+0x56/0x70 [ 12.682053] kfree+0x222/0x3f0 [ 12.682169] kmalloc_uaf_16+0x1d6/0x4c0 [ 12.682382] kunit_try_run_case+0x1a5/0x480 [ 12.682595] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.683037] kthread+0x337/0x6f0 [ 12.683333] ret_from_fork+0x116/0x1d0 [ 12.683518] ret_from_fork_asm+0x1a/0x30 [ 12.683805] [ 12.683878] The buggy address belongs to the object at ffff888101c05ce0 [ 12.683878] which belongs to the cache kmalloc-16 of size 16 [ 12.684359] The buggy address is located 0 bytes inside of [ 12.684359] freed 16-byte region [ffff888101c05ce0, ffff888101c05cf0) [ 12.684833] [ 12.684905] The buggy address belongs to the physical page: [ 12.685073] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c05 [ 12.685437] flags: 0x200000000000000(node=0|zone=2) [ 12.685936] page_type: f5(slab) [ 12.686190] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.686530] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.686874] page dumped because: kasan: bad access detected [ 12.687216] [ 12.687286] Memory state around the buggy address: [ 12.687531] ffff888101c05b80: 00 04 fc fc 00 04 fc fc 00 00 fc fc fa fb fc fc [ 12.687857] ffff888101c05c00: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 12.688153] >ffff888101c05c80: fa fb fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 12.688455] ^ [ 12.688781] ffff888101c05d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.688995] ffff888101c05d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.689482] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 12.646796] ================================================================== [ 12.647237] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 12.647529] Write of size 16 at addr ffff888101c05c80 by task kunit_try_catch/184 [ 12.647975] [ 12.648069] CPU: 1 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.648112] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.648123] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.648143] Call Trace: [ 12.648155] <TASK> [ 12.648170] dump_stack_lvl+0x73/0xb0 [ 12.648200] print_report+0xd1/0x650 [ 12.648233] ? __virt_addr_valid+0x1db/0x2d0 [ 12.648257] ? kmalloc_oob_16+0x452/0x4a0 [ 12.648323] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.648346] ? kmalloc_oob_16+0x452/0x4a0 [ 12.648366] kasan_report+0x141/0x180 [ 12.648388] ? kmalloc_oob_16+0x452/0x4a0 [ 12.648413] __asan_report_store16_noabort+0x1b/0x30 [ 12.648439] kmalloc_oob_16+0x452/0x4a0 [ 12.648459] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 12.648481] ? __schedule+0x10cc/0x2b60 [ 12.648504] ? __pfx_read_tsc+0x10/0x10 [ 12.648525] ? ktime_get_ts64+0x86/0x230 [ 12.648550] kunit_try_run_case+0x1a5/0x480 [ 12.648574] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.648597] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.648620] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.648653] ? __kthread_parkme+0x82/0x180 [ 12.648673] ? preempt_count_sub+0x50/0x80 [ 12.648883] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.648908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.648933] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.648958] kthread+0x337/0x6f0 [ 12.648977] ? trace_preempt_on+0x20/0xc0 [ 12.649000] ? __pfx_kthread+0x10/0x10 [ 12.649020] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.649042] ? calculate_sigpending+0x7b/0xa0 [ 12.649065] ? __pfx_kthread+0x10/0x10 [ 12.649087] ret_from_fork+0x116/0x1d0 [ 12.649105] ? __pfx_kthread+0x10/0x10 [ 12.649125] ret_from_fork_asm+0x1a/0x30 [ 12.649155] </TASK> [ 12.649165] [ 12.655672] Allocated by task 184: [ 12.655872] kasan_save_stack+0x45/0x70 [ 12.656106] kasan_save_track+0x18/0x40 [ 12.656307] kasan_save_alloc_info+0x3b/0x50 [ 12.656523] __kasan_kmalloc+0xb7/0xc0 [ 12.656765] __kmalloc_cache_noprof+0x189/0x420 [ 12.657029] kmalloc_oob_16+0xa8/0x4a0 [ 12.657226] kunit_try_run_case+0x1a5/0x480 [ 12.657376] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.657546] kthread+0x337/0x6f0 [ 12.657832] ret_from_fork+0x116/0x1d0 [ 12.658184] ret_from_fork_asm+0x1a/0x30 [ 12.658335] [ 12.658440] The buggy address belongs to the object at ffff888101c05c80 [ 12.658440] which belongs to the cache kmalloc-16 of size 16 [ 12.658974] The buggy address is located 0 bytes inside of [ 12.658974] allocated 13-byte region [ffff888101c05c80, ffff888101c05c8d) [ 12.659514] [ 12.659709] The buggy address belongs to the physical page: [ 12.659941] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c05 [ 12.660269] flags: 0x200000000000000(node=0|zone=2) [ 12.660485] page_type: f5(slab) [ 12.660734] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.661033] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.661249] page dumped because: kasan: bad access detected [ 12.661412] [ 12.661479] Memory state around the buggy address: [ 12.661627] ffff888101c05b80: 00 04 fc fc 00 04 fc fc 00 00 fc fc fa fb fc fc [ 12.662149] ffff888101c05c00: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 12.662632] >ffff888101c05c80: 00 05 fc fc 00 00 fc fc fc fc fc fc fc fc fc fc [ 12.662861] ^ [ 12.662977] ffff888101c05d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.663182] ffff888101c05d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.663385] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 12.191350] ================================================================== [ 12.191895] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 12.192183] Free of addr ffff88810294c001 by task kunit_try_catch/168 [ 12.192696] [ 12.192915] CPU: 1 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.192957] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.192969] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.192987] Call Trace: [ 12.192999] <TASK> [ 12.193012] dump_stack_lvl+0x73/0xb0 [ 12.193041] print_report+0xd1/0x650 [ 12.193064] ? __virt_addr_valid+0x1db/0x2d0 [ 12.193088] ? kasan_addr_to_slab+0x11/0xa0 [ 12.193107] ? kfree+0x274/0x3f0 [ 12.193128] kasan_report_invalid_free+0x10a/0x130 [ 12.193153] ? kfree+0x274/0x3f0 [ 12.193176] ? kfree+0x274/0x3f0 [ 12.193196] __kasan_kfree_large+0x86/0xd0 [ 12.193217] free_large_kmalloc+0x4b/0x110 [ 12.193240] kfree+0x274/0x3f0 [ 12.193264] kmalloc_large_invalid_free+0x120/0x2b0 [ 12.193287] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 12.193312] ? __schedule+0x10cc/0x2b60 [ 12.193333] ? __pfx_read_tsc+0x10/0x10 [ 12.193354] ? ktime_get_ts64+0x86/0x230 [ 12.193378] kunit_try_run_case+0x1a5/0x480 [ 12.193402] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.193425] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.193449] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.193472] ? __kthread_parkme+0x82/0x180 [ 12.193493] ? preempt_count_sub+0x50/0x80 [ 12.193516] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.193540] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.193564] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.193589] kthread+0x337/0x6f0 [ 12.193608] ? trace_preempt_on+0x20/0xc0 [ 12.193630] ? __pfx_kthread+0x10/0x10 [ 12.193650] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.193693] ? calculate_sigpending+0x7b/0xa0 [ 12.193717] ? __pfx_kthread+0x10/0x10 [ 12.193739] ret_from_fork+0x116/0x1d0 [ 12.193768] ? __pfx_kthread+0x10/0x10 [ 12.193788] ret_from_fork_asm+0x1a/0x30 [ 12.193819] </TASK> [ 12.193828] [ 12.200975] The buggy address belongs to the physical page: [ 12.201247] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294c [ 12.201551] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.202178] flags: 0x200000000000040(head|node=0|zone=2) [ 12.202426] page_type: f8(unknown) [ 12.202605] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.202989] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.203248] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.203519] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.203868] head: 0200000000000002 ffffea00040a5301 00000000ffffffff 00000000ffffffff [ 12.204277] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.204520] page dumped because: kasan: bad access detected [ 12.204977] [ 12.205076] Memory state around the buggy address: [ 12.205306] ffff88810294bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.205591] ffff88810294bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.206030] >ffff88810294c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.206298] ^ [ 12.206433] ffff88810294c080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.206952] ffff88810294c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.207266] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 12.170966] ================================================================== [ 12.171443] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 12.171774] Read of size 1 at addr ffff888102bb4000 by task kunit_try_catch/166 [ 12.172092] [ 12.172179] CPU: 0 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.172218] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.172229] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.172248] Call Trace: [ 12.172259] <TASK> [ 12.172272] dump_stack_lvl+0x73/0xb0 [ 12.172298] print_report+0xd1/0x650 [ 12.172320] ? __virt_addr_valid+0x1db/0x2d0 [ 12.172342] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.172361] ? kasan_addr_to_slab+0x11/0xa0 [ 12.172380] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.172400] kasan_report+0x141/0x180 [ 12.172421] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.172446] __asan_report_load1_noabort+0x18/0x20 [ 12.172469] kmalloc_large_uaf+0x2f1/0x340 [ 12.172489] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 12.172509] ? __schedule+0x10cc/0x2b60 [ 12.172530] ? __pfx_read_tsc+0x10/0x10 [ 12.172550] ? ktime_get_ts64+0x86/0x230 [ 12.172573] kunit_try_run_case+0x1a5/0x480 [ 12.172596] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.172617] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.172639] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.172661] ? __kthread_parkme+0x82/0x180 [ 12.172681] ? preempt_count_sub+0x50/0x80 [ 12.172704] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.172727] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.172928] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.172961] kthread+0x337/0x6f0 [ 12.172981] ? trace_preempt_on+0x20/0xc0 [ 12.173006] ? __pfx_kthread+0x10/0x10 [ 12.173027] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.173048] ? calculate_sigpending+0x7b/0xa0 [ 12.173072] ? __pfx_kthread+0x10/0x10 [ 12.173094] ret_from_fork+0x116/0x1d0 [ 12.173112] ? __pfx_kthread+0x10/0x10 [ 12.173132] ret_from_fork_asm+0x1a/0x30 [ 12.173162] </TASK> [ 12.173173] [ 12.180332] The buggy address belongs to the physical page: [ 12.180595] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102bb4 [ 12.181025] flags: 0x200000000000000(node=0|zone=2) [ 12.181264] raw: 0200000000000000 ffffea00040aee08 ffff88815b039f80 0000000000000000 [ 12.181501] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 12.181918] page dumped because: kasan: bad access detected [ 12.182172] [ 12.182268] Memory state around the buggy address: [ 12.182467] ffff888102bb3f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.182975] ffff888102bb3f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.183259] >ffff888102bb4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.183534] ^ [ 12.183777] ffff888102bb4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.184071] ffff888102bb4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.184357] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 12.146060] ================================================================== [ 12.146609] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 12.146961] Write of size 1 at addr ffff88810294e00a by task kunit_try_catch/164 [ 12.147479] [ 12.147588] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.147631] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.147641] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.147662] Call Trace: [ 12.147674] <TASK> [ 12.147688] dump_stack_lvl+0x73/0xb0 [ 12.147718] print_report+0xd1/0x650 [ 12.147740] ? __virt_addr_valid+0x1db/0x2d0 [ 12.147776] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.147946] ? kasan_addr_to_slab+0x11/0xa0 [ 12.147974] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.147997] kasan_report+0x141/0x180 [ 12.148020] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.148047] __asan_report_store1_noabort+0x1b/0x30 [ 12.148072] kmalloc_large_oob_right+0x2e9/0x330 [ 12.148095] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 12.148119] ? __schedule+0x10cc/0x2b60 [ 12.148141] ? __pfx_read_tsc+0x10/0x10 [ 12.148161] ? ktime_get_ts64+0x86/0x230 [ 12.148185] kunit_try_run_case+0x1a5/0x480 [ 12.148210] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.148232] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.148255] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.148279] ? __kthread_parkme+0x82/0x180 [ 12.148299] ? preempt_count_sub+0x50/0x80 [ 12.148323] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.148348] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.148372] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.148397] kthread+0x337/0x6f0 [ 12.148418] ? trace_preempt_on+0x20/0xc0 [ 12.148442] ? __pfx_kthread+0x10/0x10 [ 12.148463] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.148484] ? calculate_sigpending+0x7b/0xa0 [ 12.148508] ? __pfx_kthread+0x10/0x10 [ 12.148529] ret_from_fork+0x116/0x1d0 [ 12.148548] ? __pfx_kthread+0x10/0x10 [ 12.148569] ret_from_fork_asm+0x1a/0x30 [ 12.148599] </TASK> [ 12.148609] [ 12.155873] The buggy address belongs to the physical page: [ 12.156142] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294c [ 12.156497] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.157016] flags: 0x200000000000040(head|node=0|zone=2) [ 12.157217] page_type: f8(unknown) [ 12.157400] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.157909] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.158220] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.158496] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.158941] head: 0200000000000002 ffffea00040a5301 00000000ffffffff 00000000ffffffff [ 12.159175] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.159467] page dumped because: kasan: bad access detected [ 12.159814] [ 12.159960] Memory state around the buggy address: [ 12.160185] ffff88810294df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.160444] ffff88810294df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.160855] >ffff88810294e000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.161199] ^ [ 12.161374] ffff88810294e080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.161755] ffff88810294e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.161983] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 12.124558] ================================================================== [ 12.125281] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 12.125604] Write of size 1 at addr ffff888102bfdf00 by task kunit_try_catch/162 [ 12.126473] [ 12.126583] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.126628] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.126639] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.126659] Call Trace: [ 12.126683] <TASK> [ 12.126699] dump_stack_lvl+0x73/0xb0 [ 12.126730] print_report+0xd1/0x650 [ 12.126763] ? __virt_addr_valid+0x1db/0x2d0 [ 12.126787] ? kmalloc_big_oob_right+0x316/0x370 [ 12.126809] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.126831] ? kmalloc_big_oob_right+0x316/0x370 [ 12.126854] kasan_report+0x141/0x180 [ 12.126875] ? kmalloc_big_oob_right+0x316/0x370 [ 12.126902] __asan_report_store1_noabort+0x1b/0x30 [ 12.126927] kmalloc_big_oob_right+0x316/0x370 [ 12.126950] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 12.126973] ? __schedule+0x10cc/0x2b60 [ 12.126995] ? __pfx_read_tsc+0x10/0x10 [ 12.127015] ? ktime_get_ts64+0x86/0x230 [ 12.127039] kunit_try_run_case+0x1a5/0x480 [ 12.127063] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.127085] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.127108] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.127131] ? __kthread_parkme+0x82/0x180 [ 12.127151] ? preempt_count_sub+0x50/0x80 [ 12.127175] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.127199] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.127223] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.127248] kthread+0x337/0x6f0 [ 12.127266] ? trace_preempt_on+0x20/0xc0 [ 12.127290] ? __pfx_kthread+0x10/0x10 [ 12.127311] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.127332] ? calculate_sigpending+0x7b/0xa0 [ 12.127355] ? __pfx_kthread+0x10/0x10 [ 12.127376] ret_from_fork+0x116/0x1d0 [ 12.127394] ? __pfx_kthread+0x10/0x10 [ 12.127414] ret_from_fork_asm+0x1a/0x30 [ 12.127445] </TASK> [ 12.127455] [ 12.134893] Allocated by task 162: [ 12.135071] kasan_save_stack+0x45/0x70 [ 12.135265] kasan_save_track+0x18/0x40 [ 12.135425] kasan_save_alloc_info+0x3b/0x50 [ 12.135613] __kasan_kmalloc+0xb7/0xc0 [ 12.135868] __kmalloc_cache_noprof+0x189/0x420 [ 12.136103] kmalloc_big_oob_right+0xa9/0x370 [ 12.136289] kunit_try_run_case+0x1a5/0x480 [ 12.136455] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.136718] kthread+0x337/0x6f0 [ 12.136902] ret_from_fork+0x116/0x1d0 [ 12.137055] ret_from_fork_asm+0x1a/0x30 [ 12.137258] [ 12.137350] The buggy address belongs to the object at ffff888102bfc000 [ 12.137350] which belongs to the cache kmalloc-8k of size 8192 [ 12.138043] The buggy address is located 0 bytes to the right of [ 12.138043] allocated 7936-byte region [ffff888102bfc000, ffff888102bfdf00) [ 12.138566] [ 12.138648] The buggy address belongs to the physical page: [ 12.138863] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102bf8 [ 12.139093] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.139307] flags: 0x200000000000040(head|node=0|zone=2) [ 12.139521] page_type: f5(slab) [ 12.139680] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 12.140038] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 12.140327] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 12.140546] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 12.141048] head: 0200000000000003 ffffea00040afe01 00000000ffffffff 00000000ffffffff [ 12.141391] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 12.141658] page dumped because: kasan: bad access detected [ 12.141919] [ 12.142005] Memory state around the buggy address: [ 12.142192] ffff888102bfde00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.142466] ffff888102bfde80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.142759] >ffff888102bfdf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.143052] ^ [ 12.143196] ffff888102bfdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.143444] ffff888102bfe000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.143646] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 12.065475] ================================================================== [ 12.066024] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.066372] Write of size 1 at addr ffff888102655178 by task kunit_try_catch/160 [ 12.066662] [ 12.067286] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.067336] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.067348] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.067368] Call Trace: [ 12.067382] <TASK> [ 12.067398] dump_stack_lvl+0x73/0xb0 [ 12.067428] print_report+0xd1/0x650 [ 12.067450] ? __virt_addr_valid+0x1db/0x2d0 [ 12.067473] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.067498] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.067521] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.067547] kasan_report+0x141/0x180 [ 12.067568] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.067599] __asan_report_store1_noabort+0x1b/0x30 [ 12.067624] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.067661] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 12.067706] ? __schedule+0x10cc/0x2b60 [ 12.067730] ? __pfx_read_tsc+0x10/0x10 [ 12.067763] ? ktime_get_ts64+0x86/0x230 [ 12.067788] kunit_try_run_case+0x1a5/0x480 [ 12.067813] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.067836] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.067859] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.067883] ? __kthread_parkme+0x82/0x180 [ 12.067903] ? preempt_count_sub+0x50/0x80 [ 12.067927] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.067951] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.067975] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.068000] kthread+0x337/0x6f0 [ 12.068019] ? trace_preempt_on+0x20/0xc0 [ 12.068042] ? __pfx_kthread+0x10/0x10 [ 12.068062] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.068083] ? calculate_sigpending+0x7b/0xa0 [ 12.068107] ? __pfx_kthread+0x10/0x10 [ 12.068128] ret_from_fork+0x116/0x1d0 [ 12.068146] ? __pfx_kthread+0x10/0x10 [ 12.068167] ret_from_fork_asm+0x1a/0x30 [ 12.068197] </TASK> [ 12.068207] [ 12.079827] Allocated by task 160: [ 12.080000] kasan_save_stack+0x45/0x70 [ 12.080365] kasan_save_track+0x18/0x40 [ 12.080699] kasan_save_alloc_info+0x3b/0x50 [ 12.080956] __kasan_kmalloc+0xb7/0xc0 [ 12.081134] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 12.081365] kmalloc_track_caller_oob_right+0x99/0x520 [ 12.081610] kunit_try_run_case+0x1a5/0x480 [ 12.082160] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.082472] kthread+0x337/0x6f0 [ 12.082856] ret_from_fork+0x116/0x1d0 [ 12.083154] ret_from_fork_asm+0x1a/0x30 [ 12.083449] [ 12.083634] The buggy address belongs to the object at ffff888102655100 [ 12.083634] which belongs to the cache kmalloc-128 of size 128 [ 12.084506] The buggy address is located 0 bytes to the right of [ 12.084506] allocated 120-byte region [ffff888102655100, ffff888102655178) [ 12.085560] [ 12.085789] The buggy address belongs to the physical page: [ 12.086044] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102655 [ 12.086344] flags: 0x200000000000000(node=0|zone=2) [ 12.086588] page_type: f5(slab) [ 12.087179] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.087487] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.088167] page dumped because: kasan: bad access detected [ 12.088551] [ 12.088627] Memory state around the buggy address: [ 12.089121] ffff888102655000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.089544] ffff888102655080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.090032] >ffff888102655100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.090438] ^ [ 12.090955] ffff888102655180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.091361] ffff888102655200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.091970] ================================================================== [ 12.092840] ================================================================== [ 12.093763] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.094115] Write of size 1 at addr ffff888102655278 by task kunit_try_catch/160 [ 12.094433] [ 12.094522] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.094562] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.094572] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.094591] Call Trace: [ 12.094601] <TASK> [ 12.094616] dump_stack_lvl+0x73/0xb0 [ 12.094642] print_report+0xd1/0x650 [ 12.095247] ? __virt_addr_valid+0x1db/0x2d0 [ 12.095272] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.095297] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.095320] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.095346] kasan_report+0x141/0x180 [ 12.095367] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.095398] __asan_report_store1_noabort+0x1b/0x30 [ 12.095422] kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.095448] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 12.095474] ? __schedule+0x10cc/0x2b60 [ 12.095496] ? __pfx_read_tsc+0x10/0x10 [ 12.095517] ? ktime_get_ts64+0x86/0x230 [ 12.095541] kunit_try_run_case+0x1a5/0x480 [ 12.095564] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.095587] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.095610] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.095633] ? __kthread_parkme+0x82/0x180 [ 12.095666] ? preempt_count_sub+0x50/0x80 [ 12.095689] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.095713] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.095737] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.095773] kthread+0x337/0x6f0 [ 12.095792] ? trace_preempt_on+0x20/0xc0 [ 12.095815] ? __pfx_kthread+0x10/0x10 [ 12.095835] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.095856] ? calculate_sigpending+0x7b/0xa0 [ 12.095880] ? __pfx_kthread+0x10/0x10 [ 12.095901] ret_from_fork+0x116/0x1d0 [ 12.095919] ? __pfx_kthread+0x10/0x10 [ 12.095939] ret_from_fork_asm+0x1a/0x30 [ 12.095969] </TASK> [ 12.095979] [ 12.107361] Allocated by task 160: [ 12.107783] kasan_save_stack+0x45/0x70 [ 12.108057] kasan_save_track+0x18/0x40 [ 12.108400] kasan_save_alloc_info+0x3b/0x50 [ 12.108695] __kasan_kmalloc+0xb7/0xc0 [ 12.109120] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 12.109525] kmalloc_track_caller_oob_right+0x19a/0x520 [ 12.109868] kunit_try_run_case+0x1a5/0x480 [ 12.110225] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.110491] kthread+0x337/0x6f0 [ 12.110933] ret_from_fork+0x116/0x1d0 [ 12.111124] ret_from_fork_asm+0x1a/0x30 [ 12.111370] [ 12.111473] The buggy address belongs to the object at ffff888102655200 [ 12.111473] which belongs to the cache kmalloc-128 of size 128 [ 12.112235] The buggy address is located 0 bytes to the right of [ 12.112235] allocated 120-byte region [ffff888102655200, ffff888102655278) [ 12.112791] [ 12.112875] The buggy address belongs to the physical page: [ 12.113621] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102655 [ 12.114130] flags: 0x200000000000000(node=0|zone=2) [ 12.114455] page_type: f5(slab) [ 12.114640] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.115200] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.115555] page dumped because: kasan: bad access detected [ 12.116105] [ 12.116317] Memory state around the buggy address: [ 12.116557] ffff888102655100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.117222] ffff888102655180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.117645] >ffff888102655200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.118093] ^ [ 12.118410] ffff888102655280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.118967] ffff888102655300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.119223] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 12.031486] ================================================================== [ 12.034047] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 12.034551] Read of size 1 at addr ffff8881029cd000 by task kunit_try_catch/158 [ 12.035129] [ 12.035236] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.035392] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.035407] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.035426] Call Trace: [ 12.035439] <TASK> [ 12.035662] dump_stack_lvl+0x73/0xb0 [ 12.035694] print_report+0xd1/0x650 [ 12.035716] ? __virt_addr_valid+0x1db/0x2d0 [ 12.035740] ? kmalloc_node_oob_right+0x369/0x3c0 [ 12.035778] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.035824] ? kmalloc_node_oob_right+0x369/0x3c0 [ 12.035849] kasan_report+0x141/0x180 [ 12.035870] ? kmalloc_node_oob_right+0x369/0x3c0 [ 12.035898] __asan_report_load1_noabort+0x18/0x20 [ 12.035922] kmalloc_node_oob_right+0x369/0x3c0 [ 12.035946] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 12.035981] ? __schedule+0x10cc/0x2b60 [ 12.036002] ? __pfx_read_tsc+0x10/0x10 [ 12.036022] ? ktime_get_ts64+0x86/0x230 [ 12.036046] kunit_try_run_case+0x1a5/0x480 [ 12.036070] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.036093] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.036116] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.036139] ? __kthread_parkme+0x82/0x180 [ 12.036165] ? preempt_count_sub+0x50/0x80 [ 12.036188] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.036212] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.036236] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.036260] kthread+0x337/0x6f0 [ 12.036279] ? trace_preempt_on+0x20/0xc0 [ 12.036302] ? __pfx_kthread+0x10/0x10 [ 12.036326] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.036347] ? calculate_sigpending+0x7b/0xa0 [ 12.036370] ? __pfx_kthread+0x10/0x10 [ 12.036391] ret_from_fork+0x116/0x1d0 [ 12.036409] ? __pfx_kthread+0x10/0x10 [ 12.036429] ret_from_fork_asm+0x1a/0x30 [ 12.036458] </TASK> [ 12.036469] [ 12.046583] Allocated by task 158: [ 12.046797] kasan_save_stack+0x45/0x70 [ 12.047448] kasan_save_track+0x18/0x40 [ 12.047614] kasan_save_alloc_info+0x3b/0x50 [ 12.048119] __kasan_kmalloc+0xb7/0xc0 [ 12.048396] __kmalloc_cache_node_noprof+0x188/0x420 [ 12.048862] kmalloc_node_oob_right+0xab/0x3c0 [ 12.049210] kunit_try_run_case+0x1a5/0x480 [ 12.049515] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.049890] kthread+0x337/0x6f0 [ 12.050067] ret_from_fork+0x116/0x1d0 [ 12.050251] ret_from_fork_asm+0x1a/0x30 [ 12.050448] [ 12.050534] The buggy address belongs to the object at ffff8881029cc000 [ 12.050534] which belongs to the cache kmalloc-4k of size 4096 [ 12.051798] The buggy address is located 0 bytes to the right of [ 12.051798] allocated 4096-byte region [ffff8881029cc000, ffff8881029cd000) [ 12.052406] [ 12.052622] The buggy address belongs to the physical page: [ 12.053360] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029c8 [ 12.054066] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.054400] flags: 0x200000000000040(head|node=0|zone=2) [ 12.055054] page_type: f5(slab) [ 12.055227] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 12.055624] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 12.056289] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 12.056880] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 12.057327] head: 0200000000000003 ffffea00040a7201 00000000ffffffff 00000000ffffffff [ 12.057803] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 12.058358] page dumped because: kasan: bad access detected [ 12.058626] [ 12.059077] Memory state around the buggy address: [ 12.059300] ffff8881029ccf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.059646] ffff8881029ccf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.060269] >ffff8881029cd000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.060828] ^ [ 12.061111] ffff8881029cd080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.061453] ffff8881029cd100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.062027] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 12.003866] ================================================================== [ 12.004408] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 12.004728] Read of size 1 at addr ffff8881028942df by task kunit_try_catch/156 [ 12.005283] [ 12.005395] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.005437] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.005448] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.005468] Call Trace: [ 12.005480] <TASK> [ 12.005496] dump_stack_lvl+0x73/0xb0 [ 12.005529] print_report+0xd1/0x650 [ 12.005551] ? __virt_addr_valid+0x1db/0x2d0 [ 12.005576] ? kmalloc_oob_left+0x361/0x3c0 [ 12.005597] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.005620] ? kmalloc_oob_left+0x361/0x3c0 [ 12.005887] kasan_report+0x141/0x180 [ 12.005914] ? kmalloc_oob_left+0x361/0x3c0 [ 12.005941] __asan_report_load1_noabort+0x18/0x20 [ 12.005966] kmalloc_oob_left+0x361/0x3c0 [ 12.005988] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 12.006010] ? __schedule+0x10cc/0x2b60 [ 12.006033] ? __pfx_read_tsc+0x10/0x10 [ 12.006055] ? ktime_get_ts64+0x86/0x230 [ 12.006080] kunit_try_run_case+0x1a5/0x480 [ 12.006105] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.006128] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.006154] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.006178] ? __kthread_parkme+0x82/0x180 [ 12.006198] ? preempt_count_sub+0x50/0x80 [ 12.006222] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.006246] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.006270] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.006295] kthread+0x337/0x6f0 [ 12.006315] ? trace_preempt_on+0x20/0xc0 [ 12.006339] ? __pfx_kthread+0x10/0x10 [ 12.006364] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.006386] ? calculate_sigpending+0x7b/0xa0 [ 12.006411] ? __pfx_kthread+0x10/0x10 [ 12.006432] ret_from_fork+0x116/0x1d0 [ 12.006450] ? __pfx_kthread+0x10/0x10 [ 12.006470] ret_from_fork_asm+0x1a/0x30 [ 12.006502] </TASK> [ 12.006513] [ 12.013976] Allocated by task 1: [ 12.014154] kasan_save_stack+0x45/0x70 [ 12.014331] kasan_save_track+0x18/0x40 [ 12.014524] kasan_save_alloc_info+0x3b/0x50 [ 12.014804] __kasan_kmalloc+0xb7/0xc0 [ 12.014993] __kmalloc_noprof+0x1c9/0x500 [ 12.015133] x509_fabricate_name.isra.0+0x3c2/0x830 [ 12.015358] x509_note_subject+0x9b/0xf0 [ 12.015557] asn1_ber_decoder+0xe13/0x1c60 [ 12.015870] x509_cert_parse+0x1be/0x830 [ 12.016044] x509_key_preparse+0x68/0x8a0 [ 12.016242] asymmetric_key_preparse+0xb1/0x160 [ 12.016439] __key_create_or_update+0x43d/0xcc0 [ 12.016845] key_create_or_update+0x17/0x20 [ 12.017067] x509_load_certificate_list+0x174/0x200 [ 12.017281] regulatory_init_db+0xee/0x3a0 [ 12.017429] do_one_initcall+0xd8/0x370 [ 12.017563] kernel_init_freeable+0x420/0x6f0 [ 12.017852] kernel_init+0x23/0x1e0 [ 12.018034] ret_from_fork+0x116/0x1d0 [ 12.018222] ret_from_fork_asm+0x1a/0x30 [ 12.018419] [ 12.018530] Freed by task 1: [ 12.018789] kasan_save_stack+0x45/0x70 [ 12.018966] kasan_save_track+0x18/0x40 [ 12.019163] kasan_save_free_info+0x3f/0x60 [ 12.019329] __kasan_slab_free+0x56/0x70 [ 12.019519] kfree+0x222/0x3f0 [ 12.019774] x509_free_certificate.part.0+0xa9/0x140 [ 12.020020] x509_free_certificate+0x17/0x30 [ 12.020172] x509_key_preparse+0x5c9/0x8a0 [ 12.020314] asymmetric_key_preparse+0xb1/0x160 [ 12.020483] __key_create_or_update+0x43d/0xcc0 [ 12.020898] key_create_or_update+0x17/0x20 [ 12.021118] x509_load_certificate_list+0x174/0x200 [ 12.021354] regulatory_init_db+0xee/0x3a0 [ 12.021555] do_one_initcall+0xd8/0x370 [ 12.021837] kernel_init_freeable+0x420/0x6f0 [ 12.022064] kernel_init+0x23/0x1e0 [ 12.022194] ret_from_fork+0x116/0x1d0 [ 12.022390] ret_from_fork_asm+0x1a/0x30 [ 12.022583] [ 12.022776] The buggy address belongs to the object at ffff8881028942c0 [ 12.022776] which belongs to the cache kmalloc-16 of size 16 [ 12.023210] The buggy address is located 15 bytes to the right of [ 12.023210] allocated 16-byte region [ffff8881028942c0, ffff8881028942d0) [ 12.023768] [ 12.023869] The buggy address belongs to the physical page: [ 12.024123] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102894 [ 12.024473] flags: 0x200000000000000(node=0|zone=2) [ 12.024904] page_type: f5(slab) [ 12.025034] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.025262] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.025601] page dumped because: kasan: bad access detected [ 12.025960] [ 12.026060] Memory state around the buggy address: [ 12.026285] ffff888102894180: 00 02 fc fc 00 03 fc fc fa fb fc fc 00 02 fc fc [ 12.026614] ffff888102894200: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 12.026980] >ffff888102894280: 00 02 fc fc fa fb fc fc fa fb fc fc 00 07 fc fc [ 12.027298] ^ [ 12.027539] ffff888102894300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.027870] ffff888102894380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.028159] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 11.984047] ================================================================== [ 11.984539] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 11.984953] Read of size 1 at addr ffff888102655080 by task kunit_try_catch/154 [ 11.985261] [ 11.985370] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 11.985410] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.985421] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.985441] Call Trace: [ 11.985453] <TASK> [ 11.985468] dump_stack_lvl+0x73/0xb0 [ 11.985493] print_report+0xd1/0x650 [ 11.985515] ? __virt_addr_valid+0x1db/0x2d0 [ 11.985536] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.985557] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.985580] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.985601] kasan_report+0x141/0x180 [ 11.985622] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.985647] __asan_report_load1_noabort+0x18/0x20 [ 11.985719] kmalloc_oob_right+0x68a/0x7f0 [ 11.985741] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.985773] ? __schedule+0x10cc/0x2b60 [ 11.985794] ? __pfx_read_tsc+0x10/0x10 [ 11.985814] ? ktime_get_ts64+0x86/0x230 [ 11.985837] kunit_try_run_case+0x1a5/0x480 [ 11.985861] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.985883] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.985905] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.985929] ? __kthread_parkme+0x82/0x180 [ 11.985948] ? preempt_count_sub+0x50/0x80 [ 11.985971] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.985995] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.986018] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.986043] kthread+0x337/0x6f0 [ 11.986061] ? trace_preempt_on+0x20/0xc0 [ 11.986083] ? __pfx_kthread+0x10/0x10 [ 11.986104] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.986124] ? calculate_sigpending+0x7b/0xa0 [ 11.986147] ? __pfx_kthread+0x10/0x10 [ 11.986168] ret_from_fork+0x116/0x1d0 [ 11.986186] ? __pfx_kthread+0x10/0x10 [ 11.986206] ret_from_fork_asm+0x1a/0x30 [ 11.986235] </TASK> [ 11.986245] [ 11.993427] Allocated by task 154: [ 11.993553] kasan_save_stack+0x45/0x70 [ 11.993700] kasan_save_track+0x18/0x40 [ 11.993926] kasan_save_alloc_info+0x3b/0x50 [ 11.994140] __kasan_kmalloc+0xb7/0xc0 [ 11.994332] __kmalloc_cache_noprof+0x189/0x420 [ 11.994562] kmalloc_oob_right+0xa9/0x7f0 [ 11.994774] kunit_try_run_case+0x1a5/0x480 [ 11.994989] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.995333] kthread+0x337/0x6f0 [ 11.995481] ret_from_fork+0x116/0x1d0 [ 11.995612] ret_from_fork_asm+0x1a/0x30 [ 11.995775] [ 11.995866] The buggy address belongs to the object at ffff888102655000 [ 11.995866] which belongs to the cache kmalloc-128 of size 128 [ 11.996875] The buggy address is located 13 bytes to the right of [ 11.996875] allocated 115-byte region [ffff888102655000, ffff888102655073) [ 11.997259] [ 11.997330] The buggy address belongs to the physical page: [ 11.997523] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102655 [ 11.997887] flags: 0x200000000000000(node=0|zone=2) [ 11.998122] page_type: f5(slab) [ 11.998288] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.998912] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.999186] page dumped because: kasan: bad access detected [ 11.999356] [ 11.999423] Memory state around the buggy address: [ 11.999575] ffff888102654f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.999802] ffff888102655000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.000065] >ffff888102655080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.000380] ^ [ 12.000541] ffff888102655100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.000876] ffff888102655180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.001195] ================================================================== [ 11.961589] ================================================================== [ 11.961873] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 11.963159] Write of size 1 at addr ffff888102655078 by task kunit_try_catch/154 [ 11.963396] [ 11.963485] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 11.963528] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.963539] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.963560] Call Trace: [ 11.963573] <TASK> [ 11.963587] dump_stack_lvl+0x73/0xb0 [ 11.963616] print_report+0xd1/0x650 [ 11.963646] ? __virt_addr_valid+0x1db/0x2d0 [ 11.963669] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.963690] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.963712] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.963734] kasan_report+0x141/0x180 [ 11.963764] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.963791] __asan_report_store1_noabort+0x1b/0x30 [ 11.963816] kmalloc_oob_right+0x6bd/0x7f0 [ 11.963838] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.963860] ? __schedule+0x10cc/0x2b60 [ 11.963881] ? __pfx_read_tsc+0x10/0x10 [ 11.963901] ? ktime_get_ts64+0x86/0x230 [ 11.963924] kunit_try_run_case+0x1a5/0x480 [ 11.963947] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.963969] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.963992] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.964015] ? __kthread_parkme+0x82/0x180 [ 11.964035] ? preempt_count_sub+0x50/0x80 [ 11.964057] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.964081] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.964105] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.964130] kthread+0x337/0x6f0 [ 11.964148] ? trace_preempt_on+0x20/0xc0 [ 11.964171] ? __pfx_kthread+0x10/0x10 [ 11.964190] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.964211] ? calculate_sigpending+0x7b/0xa0 [ 11.964234] ? __pfx_kthread+0x10/0x10 [ 11.964255] ret_from_fork+0x116/0x1d0 [ 11.964273] ? __pfx_kthread+0x10/0x10 [ 11.964293] ret_from_fork_asm+0x1a/0x30 [ 11.964323] </TASK> [ 11.964332] [ 11.975614] Allocated by task 154: [ 11.975968] kasan_save_stack+0x45/0x70 [ 11.976150] kasan_save_track+0x18/0x40 [ 11.976338] kasan_save_alloc_info+0x3b/0x50 [ 11.976510] __kasan_kmalloc+0xb7/0xc0 [ 11.976803] __kmalloc_cache_noprof+0x189/0x420 [ 11.976996] kmalloc_oob_right+0xa9/0x7f0 [ 11.977182] kunit_try_run_case+0x1a5/0x480 [ 11.977329] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.977506] kthread+0x337/0x6f0 [ 11.977625] ret_from_fork+0x116/0x1d0 [ 11.977902] ret_from_fork_asm+0x1a/0x30 [ 11.978105] [ 11.978199] The buggy address belongs to the object at ffff888102655000 [ 11.978199] which belongs to the cache kmalloc-128 of size 128 [ 11.978891] The buggy address is located 5 bytes to the right of [ 11.978891] allocated 115-byte region [ffff888102655000, ffff888102655073) [ 11.979389] [ 11.979461] The buggy address belongs to the physical page: [ 11.979632] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102655 [ 11.979902] flags: 0x200000000000000(node=0|zone=2) [ 11.980144] page_type: f5(slab) [ 11.980312] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.980669] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.981029] page dumped because: kasan: bad access detected [ 11.981359] [ 11.981457] Memory state around the buggy address: [ 11.981722] ffff888102654f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.981969] ffff888102654f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.982183] >ffff888102655000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.982398] ^ [ 11.982708] ffff888102655080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.983033] ffff888102655100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.983352] ================================================================== [ 11.933302] ================================================================== [ 11.933908] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 11.934758] Write of size 1 at addr ffff888102655073 by task kunit_try_catch/154 [ 11.935236] [ 11.936589] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 11.936954] Tainted: [N]=TEST [ 11.936986] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.937194] Call Trace: [ 11.937257] <TASK> [ 11.937398] dump_stack_lvl+0x73/0xb0 [ 11.937486] print_report+0xd1/0x650 [ 11.937515] ? __virt_addr_valid+0x1db/0x2d0 [ 11.937541] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.937562] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.937585] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.937607] kasan_report+0x141/0x180 [ 11.937628] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.937673] __asan_report_store1_noabort+0x1b/0x30 [ 11.937698] kmalloc_oob_right+0x6f0/0x7f0 [ 11.937720] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.937764] ? __schedule+0x10cc/0x2b60 [ 11.937787] ? __pfx_read_tsc+0x10/0x10 [ 11.937823] ? ktime_get_ts64+0x86/0x230 [ 11.937848] kunit_try_run_case+0x1a5/0x480 [ 11.937876] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.937899] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.937924] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.937947] ? __kthread_parkme+0x82/0x180 [ 11.937969] ? preempt_count_sub+0x50/0x80 [ 11.937994] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.938018] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.938042] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.938067] kthread+0x337/0x6f0 [ 11.938086] ? trace_preempt_on+0x20/0xc0 [ 11.938111] ? __pfx_kthread+0x10/0x10 [ 11.938131] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.938153] ? calculate_sigpending+0x7b/0xa0 [ 11.938178] ? __pfx_kthread+0x10/0x10 [ 11.938199] ret_from_fork+0x116/0x1d0 [ 11.938218] ? __pfx_kthread+0x10/0x10 [ 11.938238] ret_from_fork_asm+0x1a/0x30 [ 11.938295] </TASK> [ 11.938365] [ 11.948715] Allocated by task 154: [ 11.949040] kasan_save_stack+0x45/0x70 [ 11.949355] kasan_save_track+0x18/0x40 [ 11.949537] kasan_save_alloc_info+0x3b/0x50 [ 11.949926] __kasan_kmalloc+0xb7/0xc0 [ 11.950069] __kmalloc_cache_noprof+0x189/0x420 [ 11.950460] kmalloc_oob_right+0xa9/0x7f0 [ 11.950812] kunit_try_run_case+0x1a5/0x480 [ 11.951265] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.951554] kthread+0x337/0x6f0 [ 11.951972] ret_from_fork+0x116/0x1d0 [ 11.952145] ret_from_fork_asm+0x1a/0x30 [ 11.952358] [ 11.952505] The buggy address belongs to the object at ffff888102655000 [ 11.952505] which belongs to the cache kmalloc-128 of size 128 [ 11.953288] The buggy address is located 0 bytes to the right of [ 11.953288] allocated 115-byte region [ffff888102655000, ffff888102655073) [ 11.954023] [ 11.954259] The buggy address belongs to the physical page: [ 11.954876] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102655 [ 11.955414] flags: 0x200000000000000(node=0|zone=2) [ 11.956152] page_type: f5(slab) [ 11.956600] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.957104] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.957522] page dumped because: kasan: bad access detected [ 11.957729] [ 11.957861] Memory state around the buggy address: [ 11.958306] ffff888102654f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.958601] ffff888102654f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.958961] >ffff888102655000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.959309] ^ [ 11.959737] ffff888102655080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.960162] ffff888102655100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.960447] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 143.677396] WARNING: CPU: 1 PID: 2764 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 143.677946] Modules linked in: [ 143.678134] CPU: 1 UID: 0 PID: 2764 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 143.678562] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 143.678903] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 143.679324] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 143.679541] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 143.680553] RSP: 0000:ffff88810bdffc78 EFLAGS: 00010286 [ 143.681178] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 143.681483] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff87a33b7c [ 143.681810] RBP: ffff88810bdffca0 R08: 0000000000000000 R09: ffffed1020ee88e0 [ 143.682365] R10: ffff888107744707 R11: 0000000000000000 R12: ffffffff87a33b68 [ 143.683098] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810bdffd38 [ 143.683376] FS: 0000000000000000(0000) GS:ffff8881d1772000(0000) knlGS:0000000000000000 [ 143.683736] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.684170] CR2: 00007ffff7ffe000 CR3: 000000013d6bc000 CR4: 00000000000006f0 [ 143.684479] DR0: ffffffff89a52440 DR1: ffffffff89a52441 DR2: ffffffff89a52443 [ 143.684801] DR3: ffffffff89a52445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 143.685423] Call Trace: [ 143.685554] <TASK> [ 143.685936] drm_test_rect_calc_vscale+0x108/0x270 [ 143.686143] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 143.686532] ? __schedule+0x10cc/0x2b60 [ 143.686882] ? __pfx_read_tsc+0x10/0x10 [ 143.687197] ? ktime_get_ts64+0x86/0x230 [ 143.687377] kunit_try_run_case+0x1a5/0x480 [ 143.687901] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.688128] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 143.688358] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 143.688675] ? __kthread_parkme+0x82/0x180 [ 143.688952] ? preempt_count_sub+0x50/0x80 [ 143.689148] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.689368] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 143.689605] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 143.690234] kthread+0x337/0x6f0 [ 143.690541] ? trace_preempt_on+0x20/0xc0 [ 143.690907] ? __pfx_kthread+0x10/0x10 [ 143.691206] ? _raw_spin_unlock_irq+0x47/0x80 [ 143.691492] ? calculate_sigpending+0x7b/0xa0 [ 143.691946] ? __pfx_kthread+0x10/0x10 [ 143.692138] ret_from_fork+0x116/0x1d0 [ 143.692558] ? __pfx_kthread+0x10/0x10 [ 143.692946] ret_from_fork_asm+0x1a/0x30 [ 143.693272] </TASK> [ 143.693419] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 143.696879] WARNING: CPU: 0 PID: 2766 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 143.697410] Modules linked in: [ 143.697565] CPU: 0 UID: 0 PID: 2766 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 143.699140] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 143.699793] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 143.701098] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 143.701463] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 143.703234] RSP: 0000:ffff88810be77c78 EFLAGS: 00010286 [ 143.703922] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 143.704405] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff87a33bb4 [ 143.704641] RBP: ffff88810be77ca0 R08: 0000000000000000 R09: ffffed1020ee8920 [ 143.705001] R10: ffff888107744907 R11: 0000000000000000 R12: ffffffff87a33ba0 [ 143.705537] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810be77d38 [ 143.706191] FS: 0000000000000000(0000) GS:ffff8881d1672000(0000) knlGS:0000000000000000 [ 143.706875] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.707259] CR2: 00007ffff7ffe000 CR3: 000000013d6bc000 CR4: 00000000000006f0 [ 143.707470] DR0: ffffffff89a52440 DR1: ffffffff89a52441 DR2: ffffffff89a52442 [ 143.708081] DR3: ffffffff89a52443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 143.708856] Call Trace: [ 143.709125] <TASK> [ 143.709369] drm_test_rect_calc_vscale+0x108/0x270 [ 143.709779] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 143.710172] ? __schedule+0x10cc/0x2b60 [ 143.710323] ? __pfx_read_tsc+0x10/0x10 [ 143.710473] ? ktime_get_ts64+0x86/0x230 [ 143.710619] kunit_try_run_case+0x1a5/0x480 [ 143.711200] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.711766] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 143.712364] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 143.713053] ? __kthread_parkme+0x82/0x180 [ 143.713377] ? preempt_count_sub+0x50/0x80 [ 143.713534] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.713973] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 143.714502] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 143.715056] kthread+0x337/0x6f0 [ 143.715372] ? trace_preempt_on+0x20/0xc0 [ 143.715523] ? __pfx_kthread+0x10/0x10 [ 143.715668] ? _raw_spin_unlock_irq+0x47/0x80 [ 143.716177] ? calculate_sigpending+0x7b/0xa0 [ 143.716637] ? __pfx_kthread+0x10/0x10 [ 143.717123] ret_from_fork+0x116/0x1d0 [ 143.717489] ? __pfx_kthread+0x10/0x10 [ 143.717863] ret_from_fork_asm+0x1a/0x30 [ 143.718026] </TASK> [ 143.718118] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 143.597536] WARNING: CPU: 1 PID: 2752 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 143.598317] Modules linked in: [ 143.598771] CPU: 1 UID: 0 PID: 2752 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 143.599599] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 143.600318] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 143.601108] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 143.601301] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 5b d2 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 143.601812] RSP: 0000:ffff88810bdffc78 EFLAGS: 00010286 [ 143.601996] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 143.602207] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff87a33b80 [ 143.602420] RBP: ffff88810bdffca0 R08: 0000000000000000 R09: ffffed10214c4ce0 [ 143.602632] R10: ffff88810a626707 R11: 0000000000000000 R12: ffffffff87a33b68 [ 143.603202] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810bdffd38 [ 143.603961] FS: 0000000000000000(0000) GS:ffff8881d1772000(0000) knlGS:0000000000000000 [ 143.604747] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.605284] CR2: 00007ffff7ffe000 CR3: 000000013d6bc000 CR4: 00000000000006f0 [ 143.606174] DR0: ffffffff89a52440 DR1: ffffffff89a52441 DR2: ffffffff89a52443 [ 143.607018] DR3: ffffffff89a52445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 143.607695] Call Trace: [ 143.607999] <TASK> [ 143.608277] drm_test_rect_calc_hscale+0x108/0x270 [ 143.608792] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 143.609340] ? __schedule+0x10cc/0x2b60 [ 143.609873] ? __pfx_read_tsc+0x10/0x10 [ 143.610309] ? ktime_get_ts64+0x86/0x230 [ 143.610768] kunit_try_run_case+0x1a5/0x480 [ 143.611176] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.611615] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 143.612187] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 143.612409] ? __kthread_parkme+0x82/0x180 [ 143.613017] ? preempt_count_sub+0x50/0x80 [ 143.613336] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.613504] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 143.613782] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 143.614331] kthread+0x337/0x6f0 [ 143.614659] ? trace_preempt_on+0x20/0xc0 [ 143.615205] ? __pfx_kthread+0x10/0x10 [ 143.615582] ? _raw_spin_unlock_irq+0x47/0x80 [ 143.616130] ? calculate_sigpending+0x7b/0xa0 [ 143.616552] ? __pfx_kthread+0x10/0x10 [ 143.616824] ret_from_fork+0x116/0x1d0 [ 143.617189] ? __pfx_kthread+0x10/0x10 [ 143.617571] ret_from_fork_asm+0x1a/0x30 [ 143.618048] </TASK> [ 143.618146] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 143.621131] WARNING: CPU: 0 PID: 2754 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 143.621433] Modules linked in: [ 143.621575] CPU: 0 UID: 0 PID: 2754 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 143.622052] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 143.622425] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 143.623018] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 143.623270] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 5b d2 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 143.623923] RSP: 0000:ffff88810bcffc78 EFLAGS: 00010286 [ 143.624352] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 143.624845] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff87a33bb8 [ 143.625196] RBP: ffff88810bcffca0 R08: 0000000000000000 R09: ffffed1020ee8840 [ 143.625947] R10: ffff888107744207 R11: 0000000000000000 R12: ffffffff87a33ba0 [ 143.626327] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810bcffd38 [ 143.626658] FS: 0000000000000000(0000) GS:ffff8881d1672000(0000) knlGS:0000000000000000 [ 143.627212] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.627458] CR2: 00007ffff7ffe000 CR3: 000000013d6bc000 CR4: 00000000000006f0 [ 143.627943] DR0: ffffffff89a52440 DR1: ffffffff89a52441 DR2: ffffffff89a52442 [ 143.628405] DR3: ffffffff89a52443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 143.628937] Call Trace: [ 143.629100] <TASK> [ 143.629324] drm_test_rect_calc_hscale+0x108/0x270 [ 143.629902] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 143.630167] ? __schedule+0x10cc/0x2b60 [ 143.630552] ? __pfx_read_tsc+0x10/0x10 [ 143.631078] ? ktime_get_ts64+0x86/0x230 [ 143.631311] kunit_try_run_case+0x1a5/0x480 [ 143.631873] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.632108] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 143.632340] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 143.632717] ? __kthread_parkme+0x82/0x180 [ 143.633135] ? preempt_count_sub+0x50/0x80 [ 143.633544] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.633905] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 143.634169] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 143.634578] kthread+0x337/0x6f0 [ 143.635092] ? trace_preempt_on+0x20/0xc0 [ 143.635296] ? __pfx_kthread+0x10/0x10 [ 143.635476] ? _raw_spin_unlock_irq+0x47/0x80 [ 143.635648] ? calculate_sigpending+0x7b/0xa0 [ 143.636350] ? __pfx_kthread+0x10/0x10 [ 143.636539] ret_from_fork+0x116/0x1d0 [ 143.636815] ? __pfx_kthread+0x10/0x10 [ 143.637020] ret_from_fork_asm+0x1a/0x30 [ 143.637374] </TASK> [ 143.637533] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_gem_shmem_test_get_pages_sgtdrm-kunit-mock-device-drm-drm_warn_onrefcount_readshmem-pages_pin_count
------------[ cut here ]------------ [ 142.947660] drm-kunit-mock-device drm_gem_shmem_test_get_pages_sgt.drm-kunit-mock-device: [drm] drm_WARN_ON(refcount_read(&shmem->pages_pin_count)) [ 142.947953] WARNING: CPU: 0 PID: 2569 at drivers/gpu/drm/drm_gem_shmem_helper.c:180 drm_gem_shmem_free+0x3ed/0x6c0 [ 142.949423] Modules linked in: [ 142.949880] CPU: 0 UID: 0 PID: 2569 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 142.950551] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 142.951071] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 142.951436] RIP: 0010:drm_gem_shmem_free+0x3ed/0x6c0 [ 142.951759] Code: 85 f6 0f 84 ba 01 00 00 4c 89 e7 e8 ad 1d 80 00 48 c7 c1 60 8a 9e 87 4c 89 f2 48 c7 c7 20 87 9e 87 48 89 c6 e8 f4 b4 77 fe 90 <0f> 0b 90 90 e9 09 ff ff ff 90 48 b8 00 00 00 00 00 fc ff df 48 8d [ 142.952583] RSP: 0000:ffff88810b74fd18 EFLAGS: 00010286 [ 142.952902] RAX: 0000000000000000 RBX: ffff888102ffd800 RCX: 1ffffffff10e4ce8 [ 142.953149] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 142.953467] RBP: ffff88810b74fd48 R08: 0000000000000000 R09: fffffbfff10e4ce8 [ 142.953961] R10: 0000000000000003 R11: 0000000000037090 R12: ffff88810b562800 [ 142.954402] R13: ffff888102ffd8f8 R14: ffff8881034d9a00 R15: ffff88810039fb40 [ 142.954738] FS: 0000000000000000(0000) GS:ffff8881d1672000(0000) knlGS:0000000000000000 [ 142.955260] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.955493] CR2: 00007ffff7ffe000 CR3: 000000013d6bc000 CR4: 00000000000006f0 [ 142.955857] DR0: ffffffff89a52440 DR1: ffffffff89a52441 DR2: ffffffff89a52442 [ 142.956282] DR3: ffffffff89a52443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 142.956575] Call Trace: [ 142.956856] <TASK> [ 142.956983] ? trace_preempt_on+0x20/0xc0 [ 142.957208] ? __pfx_drm_gem_shmem_free_wrapper+0x10/0x10 [ 142.957474] drm_gem_shmem_free_wrapper+0x12/0x20 [ 142.957708] __kunit_action_free+0x57/0x70 [ 142.957986] kunit_remove_resource+0x133/0x200 [ 142.958206] ? preempt_count_sub+0x50/0x80 [ 142.958682] kunit_cleanup+0x7a/0x120 [ 142.958917] kunit_try_run_case_cleanup+0xbd/0xf0 [ 142.959238] ? __pfx_kunit_try_run_case_cleanup+0x10/0x10 [ 142.959536] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 142.959797] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 142.960328] kthread+0x337/0x6f0 [ 142.960790] ? trace_preempt_on+0x20/0xc0 [ 142.961099] ? __pfx_kthread+0x10/0x10 [ 142.961428] ? _raw_spin_unlock_irq+0x47/0x80 [ 142.961800] ? calculate_sigpending+0x7b/0xa0 [ 142.962261] ? __pfx_kthread+0x10/0x10 [ 142.962486] ret_from_fork+0x116/0x1d0 [ 142.962646] ? __pfx_kthread+0x10/0x10 [ 142.962980] ret_from_fork_asm+0x1a/0x30 [ 142.963253] </TASK> [ 142.963478] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 142.800057] WARNING: CPU: 1 PID: 2550 at drivers/gpu/drm/drm_framebuffer.c:869 drm_framebuffer_init+0x49/0x8d0 [ 142.800476] Modules linked in: [ 142.800673] CPU: 1 UID: 0 PID: 2550 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 142.801309] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 142.801569] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 142.801908] RIP: 0010:drm_framebuffer_init+0x49/0x8d0 [ 142.802214] Code: 89 e5 41 57 41 56 41 55 41 54 53 48 89 f3 48 83 ec 28 80 3c 11 00 48 89 7d c8 0f 85 1c 07 00 00 48 8b 75 c8 48 39 33 74 20 90 <0f> 0b 90 41 bf ea ff ff ff 48 83 c4 28 44 89 f8 5b 41 5c 41 5d 41 [ 142.803537] RSP: 0000:ffff88810b967b20 EFLAGS: 00010246 [ 142.804306] RAX: ffff88810b967ba8 RBX: ffff88810b967c28 RCX: 1ffff1102172cf8e [ 142.804925] RDX: dffffc0000000000 RSI: ffff88810b5bf000 RDI: ffff88810b5bf000 [ 142.805265] RBP: ffff88810b967b70 R08: ffff88810b5bf000 R09: ffffffff879d8da0 [ 142.805560] R10: 0000000000000003 R11: 00000000da35284b R12: 1ffff1102172cf71 [ 142.806356] R13: ffff88810b967c70 R14: ffff88810b967db8 R15: 0000000000000000 [ 142.807158] FS: 0000000000000000(0000) GS:ffff8881d1772000(0000) knlGS:0000000000000000 [ 142.807937] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.808264] CR2: 00007ffff7ffe000 CR3: 000000013d6bc000 CR4: 00000000000006f0 [ 142.809075] DR0: ffffffff89a52440 DR1: ffffffff89a52441 DR2: ffffffff89a52443 [ 142.809393] DR3: ffffffff89a52445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 142.809921] Call Trace: [ 142.810159] <TASK> [ 142.810341] ? trace_preempt_on+0x20/0xc0 [ 142.810842] ? add_dr+0xc1/0x1d0 [ 142.811045] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 142.811306] ? add_dr+0x148/0x1d0 [ 142.811472] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 142.812146] ? __drmm_add_action+0x1a4/0x280 [ 142.812400] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 142.812999] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 142.813410] ? __drmm_add_action_or_reset+0x22/0x50 [ 142.813962] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 142.814315] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 142.814581] kunit_try_run_case+0x1a5/0x480 [ 142.815154] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.815445] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 142.815917] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 142.816312] ? __kthread_parkme+0x82/0x180 [ 142.816513] ? preempt_count_sub+0x50/0x80 [ 142.816934] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.817327] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 142.817737] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 142.818263] kthread+0x337/0x6f0 [ 142.818418] ? trace_preempt_on+0x20/0xc0 [ 142.818636] ? __pfx_kthread+0x10/0x10 [ 142.818903] ? _raw_spin_unlock_irq+0x47/0x80 [ 142.819119] ? calculate_sigpending+0x7b/0xa0 [ 142.819360] ? __pfx_kthread+0x10/0x10 [ 142.819695] ret_from_fork+0x116/0x1d0 [ 142.820088] ? __pfx_kthread+0x10/0x10 [ 142.820480] ret_from_fork_asm+0x1a/0x30 [ 142.820951] </TASK> [ 142.821054] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 142.760168] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 142.760289] WARNING: CPU: 0 PID: 2546 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 142.761324] Modules linked in: [ 142.761536] CPU: 0 UID: 0 PID: 2546 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 142.762376] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 142.762626] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 142.763324] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 142.763555] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 2b 44 87 00 48 c7 c1 40 38 9d 87 4c 89 fa 48 c7 c7 a0 38 9d 87 48 89 c6 e8 72 db 7e fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 142.764577] RSP: 0000:ffff88810b8e7b68 EFLAGS: 00010282 [ 142.764950] RAX: 0000000000000000 RBX: ffff88810b8e7c40 RCX: 1ffffffff10e4ce8 [ 142.765260] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 142.765540] RBP: ffff88810b8e7b90 R08: 0000000000000000 R09: fffffbfff10e4ce8 [ 142.765920] R10: 0000000000000003 R11: 0000000000035720 R12: ffff88810b8e7c18 [ 142.766204] R13: ffff88810b8f3800 R14: ffff88810b923000 R15: ffff8881077d0e00 [ 142.766473] FS: 0000000000000000(0000) GS:ffff8881d1672000(0000) knlGS:0000000000000000 [ 142.766855] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.767323] CR2: 00007ffff7ffe000 CR3: 000000013d6bc000 CR4: 00000000000006f0 [ 142.767864] DR0: ffffffff89a52440 DR1: ffffffff89a52441 DR2: ffffffff89a52442 [ 142.768131] DR3: ffffffff89a52443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 142.768600] Call Trace: [ 142.768807] <TASK> [ 142.769083] drm_test_framebuffer_free+0x1ab/0x610 [ 142.769313] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 142.769546] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 142.770052] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 142.770386] ? __drmm_add_action_or_reset+0x22/0x50 [ 142.770885] ? __schedule+0x10cc/0x2b60 [ 142.771098] ? __pfx_read_tsc+0x10/0x10 [ 142.771258] ? ktime_get_ts64+0x86/0x230 [ 142.771589] kunit_try_run_case+0x1a5/0x480 [ 142.772047] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.772686] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 142.772879] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 142.773050] ? __kthread_parkme+0x82/0x180 [ 142.773199] ? preempt_count_sub+0x50/0x80 [ 142.773349] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.773510] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 142.773687] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 142.773983] kthread+0x337/0x6f0 [ 142.774111] ? trace_preempt_on+0x20/0xc0 [ 142.774255] ? __pfx_kthread+0x10/0x10 [ 142.774411] ? _raw_spin_unlock_irq+0x47/0x80 [ 142.774565] ? calculate_sigpending+0x7b/0xa0 [ 142.774723] ? __pfx_kthread+0x10/0x10 [ 142.775088] ret_from_fork+0x116/0x1d0 [ 142.775281] ? __pfx_kthread+0x10/0x10 [ 142.775483] ret_from_fork_asm+0x1a/0x30 [ 142.775987] </TASK> [ 142.776132] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 141.445377] WARNING: CPU: 1 PID: 1984 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 141.446690] Modules linked in: [ 141.447045] CPU: 1 UID: 0 PID: 1984 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 141.447596] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.448067] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.448453] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 141.448945] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 42 23 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 141.449657] RSP: 0000:ffff88810a8bfc90 EFLAGS: 00010246 [ 141.450237] RAX: dffffc0000000000 RBX: ffff88810a93a000 RCX: 0000000000000000 [ 141.450622] RDX: 1ffff11021527432 RSI: ffffffff84c06b08 RDI: ffff88810a93a190 [ 141.451132] RBP: ffff88810a8bfca0 R08: 1ffff11020073f69 R09: ffffed1021517f65 [ 141.451436] R10: 0000000000000003 R11: ffffffff84185b48 R12: 0000000000000000 [ 141.451937] R13: ffff88810a8bfd38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 141.452247] FS: 0000000000000000(0000) GS:ffff8881d1772000(0000) knlGS:0000000000000000 [ 141.452616] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.453027] CR2: 00007ffff7ffe000 CR3: 000000013d6bc000 CR4: 00000000000006f0 [ 141.453341] DR0: ffffffff89a52440 DR1: ffffffff89a52441 DR2: ffffffff89a52443 [ 141.453637] DR3: ffffffff89a52445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.454249] Call Trace: [ 141.454439] <TASK> [ 141.454556] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 141.455015] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 141.455439] ? __schedule+0x10cc/0x2b60 [ 141.455673] ? __pfx_read_tsc+0x10/0x10 [ 141.456059] ? ktime_get_ts64+0x86/0x230 [ 141.456307] kunit_try_run_case+0x1a5/0x480 [ 141.456529] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.457072] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.457300] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.457573] ? __kthread_parkme+0x82/0x180 [ 141.457874] ? preempt_count_sub+0x50/0x80 [ 141.458177] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.458394] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.458637] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.459110] kthread+0x337/0x6f0 [ 141.459352] ? trace_preempt_on+0x20/0xc0 [ 141.459566] ? __pfx_kthread+0x10/0x10 [ 141.459768] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.460314] ? calculate_sigpending+0x7b/0xa0 [ 141.460545] ? __pfx_kthread+0x10/0x10 [ 141.461113] ret_from_fork+0x116/0x1d0 [ 141.461277] ? __pfx_kthread+0x10/0x10 [ 141.461636] ret_from_fork_asm+0x1a/0x30 [ 141.462082] </TASK> [ 141.462216] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 141.358968] WARNING: CPU: 0 PID: 1976 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 141.359355] Modules linked in: [ 141.359559] CPU: 0 UID: 0 PID: 1976 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 141.360801] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.361047] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.361537] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 141.362113] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 42 23 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 141.363079] RSP: 0000:ffff88810a657c90 EFLAGS: 00010246 [ 141.363454] RAX: dffffc0000000000 RBX: ffff88810ab02000 RCX: 0000000000000000 [ 141.363939] RDX: 1ffff11021560432 RSI: ffffffff84c06b08 RDI: ffff88810ab02190 [ 141.364244] RBP: ffff88810a657ca0 R08: 1ffff11020073f69 R09: ffffed10214caf65 [ 141.364865] R10: 0000000000000003 R11: ffffffff84185b48 R12: 0000000000000000 [ 141.365293] R13: ffff88810a657d38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 141.365735] FS: 0000000000000000(0000) GS:ffff8881d1672000(0000) knlGS:0000000000000000 [ 141.366335] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.366612] CR2: 00007ffff7ffe000 CR3: 000000013d6bc000 CR4: 00000000000006f0 [ 141.367258] DR0: ffffffff89a52440 DR1: ffffffff89a52441 DR2: ffffffff89a52442 [ 141.367828] DR3: ffffffff89a52443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.368121] Call Trace: [ 141.368243] <TASK> [ 141.368380] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 141.369019] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 141.369347] ? __schedule+0x10cc/0x2b60 [ 141.369727] ? __pfx_read_tsc+0x10/0x10 [ 141.370033] ? ktime_get_ts64+0x86/0x230 [ 141.370201] kunit_try_run_case+0x1a5/0x480 [ 141.370535] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.371030] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.371339] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.371618] ? __kthread_parkme+0x82/0x180 [ 141.372022] ? preempt_count_sub+0x50/0x80 [ 141.372218] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.372425] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.372644] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.373198] kthread+0x337/0x6f0 [ 141.373449] ? trace_preempt_on+0x20/0xc0 [ 141.373746] ? __pfx_kthread+0x10/0x10 [ 141.373955] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.374108] ? calculate_sigpending+0x7b/0xa0 [ 141.374327] ? __pfx_kthread+0x10/0x10 [ 141.374530] ret_from_fork+0x116/0x1d0 [ 141.374688] ? __pfx_kthread+0x10/0x10 [ 141.374958] ret_from_fork_asm+0x1a/0x30 [ 141.375119] </TASK> [ 141.375210] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 110.852376] WARNING: CPU: 0 PID: 674 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 110.852717] Modules linked in: [ 110.852921] CPU: 0 UID: 0 PID: 674 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 110.853370] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 110.853635] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 110.854394] RIP: 0010:intlog10+0x2a/0x40 [ 110.855081] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 110.856588] RSP: 0000:ffff888104397cb0 EFLAGS: 00010246 [ 110.857264] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff11020872fb4 [ 110.857786] RDX: 1ffffffff0f12db4 RSI: 1ffff11020872fb3 RDI: 0000000000000000 [ 110.858307] RBP: ffff888104397d60 R08: 0000000000000000 R09: ffffed1020569d00 [ 110.858528] R10: ffff888102b4e807 R11: 0000000000000000 R12: 1ffff11020872f97 [ 110.859123] R13: ffffffff87896da0 R14: 0000000000000000 R15: ffff888104397d38 [ 110.859953] FS: 0000000000000000(0000) GS:ffff8881d1672000(0000) knlGS:0000000000000000 [ 110.860913] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.861343] CR2: ffff88815a80000a CR3: 000000013d6bc000 CR4: 00000000000006f0 [ 110.861914] DR0: ffffffff89a52440 DR1: ffffffff89a52441 DR2: ffffffff89a52442 [ 110.862368] DR3: ffffffff89a52443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 110.863013] Call Trace: [ 110.863186] <TASK> [ 110.863277] ? intlog10_test+0xf2/0x220 [ 110.863634] ? __pfx_intlog10_test+0x10/0x10 [ 110.864193] ? __schedule+0x10cc/0x2b60 [ 110.864594] ? __pfx_read_tsc+0x10/0x10 [ 110.864981] ? ktime_get_ts64+0x86/0x230 [ 110.865136] kunit_try_run_case+0x1a5/0x480 [ 110.865291] ? __pfx_kunit_try_run_case+0x10/0x10 [ 110.865452] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 110.865613] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 110.866164] ? __kthread_parkme+0x82/0x180 [ 110.866564] ? preempt_count_sub+0x50/0x80 [ 110.867054] ? __pfx_kunit_try_run_case+0x10/0x10 [ 110.867717] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 110.868381] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 110.869033] kthread+0x337/0x6f0 [ 110.869444] ? trace_preempt_on+0x20/0xc0 [ 110.869908] ? __pfx_kthread+0x10/0x10 [ 110.870302] ? _raw_spin_unlock_irq+0x47/0x80 [ 110.870647] ? calculate_sigpending+0x7b/0xa0 [ 110.871080] ? __pfx_kthread+0x10/0x10 [ 110.871231] ret_from_fork+0x116/0x1d0 [ 110.871368] ? __pfx_kthread+0x10/0x10 [ 110.871506] ret_from_fork_asm+0x1a/0x30 [ 110.871744] </TASK> [ 110.872192] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 110.808032] WARNING: CPU: 0 PID: 656 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 110.808378] Modules linked in: [ 110.808634] CPU: 0 UID: 0 PID: 656 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 110.809272] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 110.809507] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 110.810123] RIP: 0010:intlog2+0xdf/0x110 [ 110.810368] Code: 89 87 c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d c3 cc cc cc cc 90 <0f> 0b 90 31 c0 e9 57 a7 86 02 89 45 e4 e8 ef d6 55 ff 8b 45 e4 eb [ 110.811378] RSP: 0000:ffff888104397cb0 EFLAGS: 00010246 [ 110.811900] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff11020872fb4 [ 110.812209] RDX: 1ffffffff0f12e08 RSI: 1ffff11020872fb3 RDI: 0000000000000000 [ 110.812497] RBP: ffff888104397d60 R08: 0000000000000000 R09: ffffed10204611e0 [ 110.813094] R10: ffff888102308f07 R11: 0000000000000000 R12: 1ffff11020872f97 [ 110.813472] R13: ffffffff87897040 R14: 0000000000000000 R15: ffff888104397d38 [ 110.813995] FS: 0000000000000000(0000) GS:ffff8881d1672000(0000) knlGS:0000000000000000 [ 110.814434] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.814669] CR2: ffff88815a80000a CR3: 000000013d6bc000 CR4: 00000000000006f0 [ 110.815268] DR0: ffffffff89a52440 DR1: ffffffff89a52441 DR2: ffffffff89a52442 [ 110.815581] DR3: ffffffff89a52443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 110.816150] Call Trace: [ 110.816351] <TASK> [ 110.816482] ? intlog2_test+0xf2/0x220 [ 110.816994] ? __pfx_intlog2_test+0x10/0x10 [ 110.817190] ? __schedule+0x10cc/0x2b60 [ 110.817355] ? __pfx_read_tsc+0x10/0x10 [ 110.817860] ? ktime_get_ts64+0x86/0x230 [ 110.818126] kunit_try_run_case+0x1a5/0x480 [ 110.818322] ? __pfx_kunit_try_run_case+0x10/0x10 [ 110.818528] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 110.818769] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 110.819305] ? __kthread_parkme+0x82/0x180 [ 110.819585] ? preempt_count_sub+0x50/0x80 [ 110.819861] ? __pfx_kunit_try_run_case+0x10/0x10 [ 110.820231] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 110.820469] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 110.820982] kthread+0x337/0x6f0 [ 110.821379] ? trace_preempt_on+0x20/0xc0 [ 110.821555] ? __pfx_kthread+0x10/0x10 [ 110.822045] ? _raw_spin_unlock_irq+0x47/0x80 [ 110.822348] ? calculate_sigpending+0x7b/0xa0 [ 110.822569] ? __pfx_kthread+0x10/0x10 [ 110.823072] ret_from_fork+0x116/0x1d0 [ 110.823280] ? __pfx_kthread+0x10/0x10 [ 110.823428] ret_from_fork_asm+0x1a/0x30 [ 110.823645] </TASK> [ 110.823872] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
KNOWN ISSUE - qemu-x86_64: Oops: general protection fault, probably for non-canonical address - KASAN: null-ptr-deref - kunit_test_null_dereference
[ 110.230552] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI